Received: by 2002:a05:6a11:4021:0:0:0:0 with SMTP id ky33csp3773798pxb; Mon, 27 Sep 2021 02:09:55 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyiT0qu4p10mXPk40yoRefX1R1H+8KJhuw6rbldIBvyMmPEdtOI8JYG9AMKlo4pxtadm8qS X-Received: by 2002:a50:e0cf:: with SMTP id j15mr22220162edl.23.1632733795125; Mon, 27 Sep 2021 02:09:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1632733795; cv=none; d=google.com; s=arc-20160816; b=K+Rq5U0O0QnUSNpEZQwLucjA3FIGilyw6YXpp+Me9WwzluUScitgWo2rT6pFHPrL/E Msxknvz4DfPzFCYKlhpUeCdPuzOYdEC4236XrwlOAfZ1gYtKmKL95C26htYn9NXgSBSX n6QDTKBrRokNMrcb6AlPpLFp8Pr/acOy9CZKSAT+jNcc6iqKiEVI/QFN7trw10/DQKRP TxB7mQ9ipu40Jwb0poDnlu87Phz/6AVKKtTmOjfdn4miPdi084zL9JVYmJL+1907v3Bw XjDG6ki1SveeSZzSPERuWvzcLsV/G8nAvkPXk2TP6RCmm4/pbnrVYUBbEWGll7r4/1Ip TTIA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=KVP7Xe4ufaNCXcd20wpSSrMBsG9usYiBh4tpjUVxTUI=; b=Gn1E2yrJRTsFPTb8SdoEoxdyPbozS6m3n83ELKkJcmPcmrLar3laH3HhXskJRHUhll hNGcJlGKnEJQv/B2eNAeKsNsZR9sepvAiZ0zTXn7gELwMgaZbemOsbEv+M6tVMP/ezyU S5OOB4tALnR56XNH+DC0IMy/39KJfXAvWzEsDrrn3hYNquSjnnuLTftyauWO98vDtPtV LG07yt1RyafYvKCZpvlnbibUUh5dgmAd9VKoI1RgM2qS7fI0RxpW+5LwmOzWnqbVegDx ndkbJAE531fV6zoXkIxtpzRSBAjUze+z2EKPQUeeNP5bXy2IMPsrlIZ2fvHzmyP5MhiU TUlg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=A87jVk+o; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id l17si18332632ejh.84.2021.09.27.02.09.30; Mon, 27 Sep 2021 02:09:55 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=A87jVk+o; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233610AbhI0JJc (ORCPT + 99 others); Mon, 27 Sep 2021 05:09:32 -0400 Received: from us-smtp-delivery-124.mimecast.com ([216.205.24.124]:57061 "EHLO us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233587AbhI0JJb (ORCPT ); Mon, 27 Sep 2021 05:09:31 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1632733673; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=KVP7Xe4ufaNCXcd20wpSSrMBsG9usYiBh4tpjUVxTUI=; b=A87jVk+oepUAxtpitt31u+xGVoIIAZhHvRG1ytMIxJ+Evgb5oKfi/FAAY/t0EhtGY2B8lu GsmusM22kaoZRJikJg9TYi0PoN98zEYTRM/R/2H1BcIJJCkx8JRF3r39x/pYwXMPCOrKZ5 1Co2wrNmMfgPWkUPO8PgrqhlcK68OmY= Received: from mail-wr1-f70.google.com (mail-wr1-f70.google.com [209.85.221.70]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-509-OUF5rTFiPlqyS57ZZuM8hg-1; Mon, 27 Sep 2021 05:07:52 -0400 X-MC-Unique: OUF5rTFiPlqyS57ZZuM8hg-1 Received: by mail-wr1-f70.google.com with SMTP id x7-20020a5d6507000000b0015dada209b1so13701689wru.15 for ; Mon, 27 Sep 2021 02:07:51 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=KVP7Xe4ufaNCXcd20wpSSrMBsG9usYiBh4tpjUVxTUI=; b=NMOWnoCev5fSCaju6fN4ljcOoxa3sBuPY4OHZyOTcw6ehsdxn4ebjNDa6orZZn6BPV vAXD02tvs5QDqyhupe8iUMN3fZX8YIaNjBJK2T0HJnwAWzI6r8bo5bs6tjSeP6EElQsp ON8W7tdFc5ShJS0Eu4ksQ7eq5/4AEdi8JTYx+QIrZaZttUS5Z119jko7qEEYk6BoyHCo 6i5C2bDIA0sS+pZUoLqgwJMh89e7QQKomH6jhDNg8793M4cWMmiHexVTy76Nhamj8fjV 9FSw4/GvrP8HhuC0N2wpp6wsZAo1gHn3KIewZN5Wzb1Z5PnN0zw5TK2WipstHpciCmlq IT0A== X-Gm-Message-State: AOAM530eEMqAEXSv7wa7E2TjF+RYH5SWyXX7rXPzWHjIq81+5WVsDote 2C65nYcWwZum/X9kEyt0QlBXVvyKbU0DdVtsbuDHvAyTemtTs4UzgUPOZLNKlyaU7jrZr/3mf/e fT3zQMhA3su2uZ0YVxOVKlKZX X-Received: by 2002:a5d:608e:: with SMTP id w14mr26547266wrt.18.1632733670881; Mon, 27 Sep 2021 02:07:50 -0700 (PDT) X-Received: by 2002:a5d:608e:: with SMTP id w14mr26547249wrt.18.1632733670649; Mon, 27 Sep 2021 02:07:50 -0700 (PDT) Received: from redhat.com ([2.55.16.138]) by smtp.gmail.com with ESMTPSA id i203sm20492120wma.7.2021.09.27.02.07.44 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 27 Sep 2021 02:07:49 -0700 (PDT) Date: Mon, 27 Sep 2021 05:07:42 -0400 From: "Michael S. Tsirkin" To: Andi Kleen Cc: Dan Williams , "Kuppuswamy, Sathyanarayanan" , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Peter Zijlstra , Andy Lutomirski , Bjorn Helgaas , Richard Henderson , Thomas Bogendoerfer , James E J Bottomley , Helge Deller , "David S . Miller" , Arnd Bergmann , Jonathan Corbet , Peter H Anvin , Dave Hansen , Tony Luck , Kirill Shutemov , Sean Christopherson , Kuppuswamy Sathyanarayanan , X86 ML , Linux Kernel Mailing List , Linux PCI , linux-alpha@vger.kernel.org, linux-mips@vger.kernel.org, linux-parisc@vger.kernel.org, sparclinux@vger.kernel.org, linux-arch , Linux Doc Mailing List , virtualization@lists.linux-foundation.org Subject: Re: [PATCH v4 11/15] pci: Add pci_iomap_shared{,_range} Message-ID: <20210927044738-mutt-send-email-mst@kernel.org> References: <20210829112105-mutt-send-email-mst@kernel.org> <09b340dd-c8a8-689c-4dad-4fe0e36d39ae@linux.intel.com> <20210829181635-mutt-send-email-mst@kernel.org> <3a88a255-a528-b00a-912b-e71198d5f58f@linux.intel.com> <20210830163723-mutt-send-email-mst@kernel.org> <69fc30f4-e3e2-add7-ec13-4db3b9cc0cbd@linux.intel.com> <20210910054044-mutt-send-email-mst@kernel.org> <20210911195006-mutt-send-email-mst@kernel.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Sep 24, 2021 at 03:43:40PM -0700, Andi Kleen wrote: > > > > Hmm, yes that's true. I guess we can make it default to opt-in for > > > pci_iomap. > > > > > > It only really matters for device less ioremaps. > > OK. And same thing for other things with device, such as > > devm_platform_ioremap_resource. > > If we agree on all that, this will basically remove virtio > > changes from the picture ;) > > Hi we revisited this now. One problem with removing the ioremap opt-in is > that it's still possible for drivers to get at devices without going through > probe. For example they can walk the PCI device list. Some drivers do that > for various reasons. So if we remove the opt-in we would need to audit and > possibly fix all that, which would be potentially a lot of churn. That's why > I think it's better to keep the opt-in. > > > -Andi > I've been thinking about why this still feels wrong to me. Here's what I came up with: at some point someone will want one of these modules (poking at devices in the initcall) in the encrypted environment, and will change ioremap to ioremap_shared. At that point the allowlist will be broken again, and by that time it will be set in stone and too late to fix. Isn't the problem that what is actually audited is modules, but you are trying to add devices to allow list? So why not have modules/initcalls in the allowlist then? For built-in modules, we already have initcall_blacklisted, right? This could be an extension ... no? -- MST