Displaying 5 results from an estimated 5 matches for "securoty".
Did you mean:
security
2020 Jun 29
2
[PATCH v3 1/1] s390: virtio: let arch accept devices without IOMMU feature
...VIRTIO_F_IOMMU_PLATFORM.
> Let's give a chance to the architecture to accept or not devices
> without VIRTIO_F_IOMMU_PLATFORM.
I agree it's a bit misleading. Protection is enforced by memory
encryption, you can't trust the hypervisor to report the bit correctly
so using that as a securoty measure would be pointless.
The real gain here is that broken configs are easier to
debug.
Here's an attempt at a better description:
On some architectures, guest knows that VIRTIO_F_IOMMU_PLATFORM is
required for virtio to function: e.g. this is the case on s390 protected
virt guests, sin...
2020 Jun 29
2
[PATCH v3 1/1] s390: virtio: let arch accept devices without IOMMU feature
...VIRTIO_F_IOMMU_PLATFORM.
> Let's give a chance to the architecture to accept or not devices
> without VIRTIO_F_IOMMU_PLATFORM.
I agree it's a bit misleading. Protection is enforced by memory
encryption, you can't trust the hypervisor to report the bit correctly
so using that as a securoty measure would be pointless.
The real gain here is that broken configs are easier to
debug.
Here's an attempt at a better description:
On some architectures, guest knows that VIRTIO_F_IOMMU_PLATFORM is
required for virtio to function: e.g. this is the case on s390 protected
virt guests, sin...
2020 Jun 29
1
[PATCH v3 1/1] s390: virtio: let arch accept devices without IOMMU feature
...nce to the architecture to accept or not devices
> > > without VIRTIO_F_IOMMU_PLATFORM.
> >
> > I agree it's a bit misleading. Protection is enforced by memory
> > encryption, you can't trust the hypervisor to report the bit correctly
> > so using that as a securoty measure would be pointless.
> > The real gain here is that broken configs are easier to
> > debug.
> >
> > Here's an attempt at a better description:
> >
> > On some architectures, guest knows that VIRTIO_F_IOMMU_PLATFORM is
> > required for virtio...
2020 Jun 29
0
[PATCH v3 1/1] s390: virtio: let arch accept devices without IOMMU feature
...;> Let's give a chance to the architecture to accept or not devices
>> without VIRTIO_F_IOMMU_PLATFORM.
>
> I agree it's a bit misleading. Protection is enforced by memory
> encryption, you can't trust the hypervisor to report the bit correctly
> so using that as a securoty measure would be pointless.
> The real gain here is that broken configs are easier to
> debug.
>
> Here's an attempt at a better description:
>
> On some architectures, guest knows that VIRTIO_F_IOMMU_PLATFORM is
> required for virtio to function: e.g. this is the case...
2020 Jun 17
6
[PATCH v3 0/1] s390: virtio: let arch choose to accept devices without IOMMU feature
An architecture protecting the guest memory against unauthorized host
access may want to enforce VIRTIO I/O device protection through the
use of VIRTIO_F_IOMMU_PLATFORM.
Let's give a chance to the architecture to accept or not devices
without VIRTIO_F_IOMMU_PLATFORM.
Pierre Morel (1):
s390: virtio: let arch accept devices without IOMMU feature
arch/s390/mm/init.c | 6 ++++++