[dpdk-dev] Having troubles binding an SR-IOV VF to uio_pci_generic on Amazon instance

Avi Kivity avi at scylladb.com
Thu Oct 1 11:15:49 CEST 2015

Previous message: [dpdk-dev] Having troubles binding an SR-IOV VF to uio_pci_generic on Amazon instance
Next message: [dpdk-dev] Having troubles binding an SR-IOV VF to uio_pci_generic on Amazon instance
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]


On 10/01/2015 11:52 AM, Avi Kivity wrote:
>
>
> On 10/01/2015 11:44 AM, Michael S. Tsirkin wrote:
>> On Wed, Sep 30, 2015 at 11:40:16PM +0300, Michael S. Tsirkin wrote:
>>>> And for what, to prevent
>>>> root from touching memory via dma that they can access in a million other
>>>> ways?
>>> So one can be reasonably sure a kernel oops is not a result of a
>>> userspace bug.
>> Actually, I thought about this overnight, and  it should be possible to
>> drive it securely from userspace, without hypervisor changes.
>
> Also without the performance that was the whole reason from doing it 
> in userspace in the first place.
>
> I still don't understand your objection to the patch:
>
>> MSI messages are memory writes so any generic device capable
>> of MSI is capable of corrupting kernel memory.
>> This means that a bug in userspace will lead to kernel memory corruption
>> and crashes.  This is something distributions can't support.
>

And this:

> What userspace can't be allowed to do:
>
> 	access BAR
> 	write rings
>

It can access the BAR by mmap()ing the resourceN files under sysfs. 
You're not denying userspace the ability to oops the kernel, just the 
ability to do useful things with hardware.

Previous message: [dpdk-dev] Having troubles binding an SR-IOV VF to uio_pci_generic on Amazon instance
Next message: [dpdk-dev] Having troubles binding an SR-IOV VF to uio_pci_generic on Amazon instance
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list