[Intel-gfx] [PATCH v8 10/24] vfio: Make vfio_device_open() single open for device cdev path
Jason Gunthorpe
jgg at nvidia.com
Thu Mar 30 23:52:28 UTC 2023
On Mon, Mar 27, 2023 at 02:40:33AM -0700, Yi Liu wrote:
> VFIO group has historically allowed multi-open of the device FD. This
> was made secure because the "open" was executed via an ioctl to the
> group FD which is itself only single open.
>
> However, no known use of multiple device FDs today. It is kind of a
> strange thing to do because new device FDs can naturally be created
> via dup().
>
> When we implement the new device uAPI (only used in cdev path) there is
> no natural way to allow the device itself from being multi-opened in a
> secure manner. Without the group FD we cannot prove the security context
> of the opener.
>
> Thus, when moving to the new uAPI we block the ability of opening
> a device multiple times. Given old group path still allows it we store
> a vfio_group pointer in struct vfio_device_file to differentiate.
>
> Reviewed-by: Kevin Tian <kevin.tian at intel.com>
> Tested-by: Terrence Xu <terrence.xu at intel.com>
> Signed-off-by: Yi Liu <yi.l.liu at intel.com>
> ---
> drivers/vfio/group.c | 2 ++
> drivers/vfio/vfio.h | 2 ++
> drivers/vfio/vfio_main.c | 7 +++++++
> 3 files changed, 11 insertions(+)
Reviewed-by: Jason Gunthorpe <jgg at nvidia.com>
Jason
More information about the Intel-gfx
mailing list