Re: [PATCH V2 06/12] virtio_pci: harden MSI-X interrupts

2021-10-20 Thread Michael S. Tsirkin
On Wed, Oct 20, 2021 at 09:33:49AM +0800, Jason Wang wrote: > > In my own opinion, the threat model is: > > > > Attacker: 'malicious' hypervisor > > > > Victim: VM with SEV/TDX/SGX > > > > The attacker should not be able to steal secure/private data from VM, when > > the > > hypervisor's action

Re: [PATCH V2 06/12] virtio_pci: harden MSI-X interrupts

2021-10-19 Thread Jason Wang
On Wed, Oct 20, 2021 at 1:02 AM Dongli Zhang wrote: > > > > On 10/18/21 6:33 PM, Jason Wang wrote: > > On Sat, Oct 16, 2021 at 1:27 AM Michael S. Tsirkin wrote: > >> > >> On Fri, Oct 15, 2021 at 05:09:38AM -0700, Dongli Zhang wrote: > >>> Hi Jason, > >>> > >>> On 10/11/21 11:52 PM, Jason Wang

Re: [PATCH V2 06/12] virtio_pci: harden MSI-X interrupts

2021-10-19 Thread Dongli Zhang
On 10/18/21 6:33 PM, Jason Wang wrote: > On Sat, Oct 16, 2021 at 1:27 AM Michael S. Tsirkin wrote: >> >> On Fri, Oct 15, 2021 at 05:09:38AM -0700, Dongli Zhang wrote: >>> Hi Jason, >>> >>> On 10/11/21 11:52 PM, Jason Wang wrote: We used to synchronize pending MSI-X irq handlers via

Re: [PATCH V2 06/12] virtio_pci: harden MSI-X interrupts

2021-10-18 Thread Jason Wang
On Sat, Oct 16, 2021 at 1:27 AM Michael S. Tsirkin wrote: > > On Fri, Oct 15, 2021 at 05:09:38AM -0700, Dongli Zhang wrote: > > Hi Jason, > > > > On 10/11/21 11:52 PM, Jason Wang wrote: > > > We used to synchronize pending MSI-X irq handlers via > > > synchronize_irq(), this may not work for the

Re: [PATCH V2 06/12] virtio_pci: harden MSI-X interrupts

2021-10-15 Thread Michael S. Tsirkin
On Fri, Oct 15, 2021 at 05:09:38AM -0700, Dongli Zhang wrote: > Hi Jason, > > On 10/11/21 11:52 PM, Jason Wang wrote: > > We used to synchronize pending MSI-X irq handlers via > > synchronize_irq(), this may not work for the untrusted device which > > may keep sending interrupts after reset which

Re: [PATCH V2 06/12] virtio_pci: harden MSI-X interrupts

2021-10-15 Thread Dongli Zhang
Hi Jason, On 10/11/21 11:52 PM, Jason Wang wrote: > We used to synchronize pending MSI-X irq handlers via > synchronize_irq(), this may not work for the untrusted device which > may keep sending interrupts after reset which may lead unexpected > results. Similarly, we should not enable MSI-X

Re: [PATCH V2 06/12] virtio_pci: harden MSI-X interrupts

2021-10-13 Thread Jason Wang
On Wed, Oct 13, 2021 at 5:59 PM Michael S. Tsirkin wrote: > > On Tue, Oct 12, 2021 at 02:52:21PM +0800, Jason Wang wrote: > > We used to synchronize pending MSI-X irq handlers via > > synchronize_irq(), this may not work for the untrusted device which > > may keep sending interrupts after reset

Re: [PATCH V2 06/12] virtio_pci: harden MSI-X interrupts

2021-10-13 Thread Michael S. Tsirkin
On Tue, Oct 12, 2021 at 02:52:21PM +0800, Jason Wang wrote: > We used to synchronize pending MSI-X irq handlers via > synchronize_irq(), this may not work for the untrusted device which > may keep sending interrupts after reset which may lead unexpected > results. Similarly, we should not enable