Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp469993pxj; Thu, 3 Jun 2021 11:04:06 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzIuN248SSu9VIQ1RWCnzdF5Y7cYdIZk7xpcQcOHo2KpyGAyQcfvE8DGStkTfw5eGj9Ke18 X-Received: by 2002:a17:907:101c:: with SMTP id ox28mr573500ejb.322.1622743446090; Thu, 03 Jun 2021 11:04:06 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1622743446; cv=none; d=google.com; s=arc-20160816; b=oZ35MgNUDrmihxakEgvAN2/NNEi9LkDmgxr5wwoIuLC4R3/1uRhgHybOufhMINHR+x K7BkqfHka8Sp0cRqB1SFdKuoiPriNfiN6IjdI9MOiRKZB9s9SJBKp666Zsa5c512WkEs OZnZLM7TS2uLPsyl4oRHCqtHW0I5wcMhWI2CcNgFJg/nJ/ZszS1YK3+0DjtVD5dGrS+C tWoO8It1mSla3BW05LAHvjAvpn3EfvL8vAX4XvccpZJA0O2ojaE032ZXu9/qgV1dJJMT mRtHvCYej99HYSx4uXXXOCuwQ3gbJ4PPWJRqN7tPJQvFa9ms/BOZs2uTqB7ckTlhV9zN mL8g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-language:content-transfer-encoding :in-reply-to:mime-version:user-agent:date:message-id:from:references :cc:to:subject:ironport-sdr:ironport-sdr; bh=nmCBNl4W2/k7LXYxL2rQ+MQL/szVd64A4DbCFSsOh9k=; b=o39tHB8F9Tg17CofeD70XRhbyqnzVO6AdDLZMQpJLa3IEGTZUrzXUaG+3B2hz5sAcf sCkJM27Aj7IloSQ5xRx9lQwvqu+S9nLS1qSyXcHnUsL25pFuoRPnLmSgfKVHN3PIwj6F k4tDXhTnvIUa/jWT6f3qtN6xl3AuxltQ8WEddrVMxI/W/85W5ev8pSvLAaJQrmV9+whN DzGaSj+IZNlzDOiC7M/rahprK83z/lDBPRCu5QbnbjUGiLq7irGsYN77ZR9D9ivgtruL 26Toq1XdkdyVCpWsubhmx4FwxIrtIZvqjZHLwMzVjO2x8/eqzTgB+LwJCska0eJClqh7 pJQg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id m9si3127081ejj.645.2021.06.03.11.03.39; Thu, 03 Jun 2021 11:04:06 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230062AbhFCSDm (ORCPT + 99 others); Thu, 3 Jun 2021 14:03:42 -0400 Received: from mga02.intel.com ([134.134.136.20]:4287 "EHLO mga02.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229973AbhFCSDl (ORCPT ); Thu, 3 Jun 2021 14:03:41 -0400 IronPort-SDR: oL7hzVOXAmKP/jHPbl+YWvyt0sLXGgIT3isq4ZyhOBKxGvoJZAU+uSG1ohEb7I3VnNiLl7MDS2 Ksb/pZkhTfkA== X-IronPort-AV: E=McAfee;i="6200,9189,10004"; a="191216405" X-IronPort-AV: E=Sophos;i="5.83,246,1616482800"; d="scan'208";a="191216405" Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 03 Jun 2021 11:00:51 -0700 IronPort-SDR: zWl9IAVAqjS/nU7br8N4D0lZd7U38PTrXKOJDam1wiKAadNjauAH+/i6mcx4J0u5MOYtULc7BU orc5GUV+Jo2Q== X-IronPort-AV: E=Sophos;i="5.83,246,1616482800"; d="scan'208";a="550787338" Received: from akleen-mobl1.amr.corp.intel.com (HELO [10.209.7.237]) ([10.209.7.237]) by fmsmga001-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 03 Jun 2021 11:00:48 -0700 Subject: Re: [PATCH v1 1/8] virtio: Force only split mode with protected guest To: Andy Lutomirski , mst@redhat.com Cc: jasowang@redhat.com, virtualization@lists.linux-foundation.org, hch@lst.de, m.szyprowski@samsung.com, robin.murphy@arm.com, iommu@lists.linux-foundation.org, x86@kernel.org, sathyanarayanan.kuppuswamy@linux.intel.com, jpoimboe@redhat.com, linux-kernel@vger.kernel.org References: <20210603004133.4079390-1-ak@linux.intel.com> <20210603004133.4079390-2-ak@linux.intel.com> From: Andi Kleen Message-ID: Date: Thu, 3 Jun 2021 11:00:47 -0700 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.10.2 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Content-Language: en-US Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 6/3/2021 10:33 AM, Andy Lutomirski wrote: > On 6/2/21 5:41 PM, Andi Kleen wrote: >> Only allow split mode when in a protected guest. Followon >> patches harden the split mode code paths, and we don't want >> an malicious host to force anything else. Also disallow >> indirect mode for similar reasons. > I read this as "the virtio driver is buggy. Let's disable most of the > buggy code in one special case in which we need a driver without bugs. > In all the other cases (e.g. hardware virtio device connected over > USB-C), driver bugs are still allowed." My understanding is most of the other modes (except for split with separate descriptors) are obsolete and just there for compatibility. As long as they're deprecated they won't harm anyone. -Andi