From owner-freebsd-virtualization@freebsd.org Thu Mar 19 06:16:38 2020 Return-Path: Delivered-To: freebsd-virtualization@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 56EFB27C3F6 for ; Thu, 19 Mar 2020 06:16:38 +0000 (UTC) (envelope-from wanpengqian@gmail.com) Received: from mail-qv1-xf36.google.com (mail-qv1-xf36.google.com [IPv6:2607:f8b0:4864:20::f36]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 48jc9w63vmz4B9T for ; Thu, 19 Mar 2020 06:16:36 +0000 (UTC) (envelope-from wanpengqian@gmail.com) Received: by mail-qv1-xf36.google.com with SMTP id v38so426520qvf.6 for ; Wed, 18 Mar 2020 23:16:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=xGklhA7JXM50xV8fpieUUckeH+CXLS7Y4rGrK0Z1q18=; b=AEkCAzJwgDEdBmvemyUstGaLOOJx05jt1ZvEYTqjhHUno0FlAJsO2PAuces9kW34G0 8cukkfTj8hyQkXAkRrij6PGZ+YI9A0s+P1jD9BcmzYA+keT6+DdRQiM1/6d2T6FUXavb olF6nW0qz+wwVdOe5nTQ6c02P0/3DDKPCgOYxn2k8EFQkMBgo9WH6OKoju53bamb8EZN IioEA03qdhz5X5xNUxCTP11v9EypRRCrnWGNPtuIH8QHsgAZJ1YJK63fbcFfTSpfrIQP eD/oXC+eufUqShHM2DkmESuFjJA1R/t9EfDKhoIwTzKeaV1vNPfmzDxhpvv1Cw3JA5Xe MoOQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=xGklhA7JXM50xV8fpieUUckeH+CXLS7Y4rGrK0Z1q18=; b=RGDo38ZwnfqQnDy1LVfM1kkd5j3aTZtel9c1xBm22zkB1ZHJlYn7VJCwHwYpWf5hF3 P9YksJnDbJXzIP9AkYZpCbL0R2aZqBrIMGsysme1vkeC+/Ja3f7LwEsjIsJ1+bnIcXup rcvZZFOySJrQkK05i3Ja0mCMFmLrPlwuwq5zVNRIFMNBD4Um1XnyC9CaSkR6GGG03Mu1 nAQLX4GtVtvVBXUMg71YpYU1QmVEphZh1qviO19jBVsjVXBU7iojWnNYXmYKtRr56Sxi e+vT2GCMr1nGzDeQPDjE/IvACvaDJFaD6C5ga05eKjQ0LbIH0BccncSyvzMfEGKFTt7U yrNQ== X-Gm-Message-State: ANhLgQ02ZdSoTEgY6YCoBYmkRJtNB0pX98fB5wn1S+t+sLhMQKZ4o1hr DptszAZLEQtimK8cXpPv1xrU5Ng6+GWj1e6i9NWr9nDe X-Google-Smtp-Source: ADFU+vvcSbZbQf7i9RxeupaOprFFvo9JpN5CJFeEocA1txVzadEWKz1NcVepzqkyx0sZhLnFDFW3waU19Nsxp90aVFY= X-Received: by 2002:a0c:c28c:: with SMTP id b12mr1513552qvi.26.1584598595125; Wed, 18 Mar 2020 23:16:35 -0700 (PDT) MIME-Version: 1.0 References: <20200318175901.GI4213@funkthat.com> In-Reply-To: From: Wanpeng Qian Date: Thu, 19 Mar 2020 15:16:15 +0900 Message-ID: Subject: Re: bhyve: passthrough SMART info from host nvme controller To: Jason Tubnor Cc: John-Mark Gurney , FreeBSD virtualization Content-Type: text/plain; charset="UTF-8" X-Rspamd-Queue-Id: 48jc9w63vmz4B9T X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=AEkCAzJw; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of wanpengqian@gmail.com designates 2607:f8b0:4864:20::f36 as permitted sender) smtp.mailfrom=wanpengqian@gmail.com X-Spamd-Result: default: False [-3.00 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; FREEMAIL_FROM(0.00)[gmail.com]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-virtualization@freebsd.org]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; IP_SCORE_FREEMAIL(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; RCVD_IN_DNSWL_NONE(0.00)[6.3.f.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.b.8.f.7.0.6.2.list.dnswl.org : 127.0.5.0]; IP_SCORE(0.00)[ip: (-6.87), ipnet: 2607:f8b0::/32(-1.85), asn: 15169(-1.65), country: US(-0.05)]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com.dwl.dnswl.org : 127.0.5.0] X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Mar 2020 06:16:38 -0000 I dont think that is insecure. as bhyve can passthrough real device to VM. as your point, that make more insecure, right? Such configuration will not enable by default. if user intend to do it, system has this ability instead of not implement. Simple is best, less is secure. I know that. but real world has all kinds of requirements. if you provide more, more people using it. On Thu, Mar 19, 2020 at 12:58 PM Jason Tubnor wrote: > > > > On Thu, 19 Mar 2020 at 14:09, Wanpeng Qian wrote: >> >> > Can't you do what something like pci_passthru.c does in passthru_init, >> > and open /dev/nvme0 in pci_nvme_init? >> >> Yes, you are correct. but that will make /dev/nvme0 keep open all the time. >> I just thinking when guest fire a logpage command, open the /dev/nvme0 >> and get the SMART info. then close /dev/nvme0. > > > So are you implying that it is safe for a guest to send such a call at anytime? For those that use bhyve for isolation, this sort of facility would be problematic not to mention insecure.