[dpdk-dev] Having troubles binding an SR-IOV VF to uio_pci_generic on Amazon instance

Stephen Hemminger stephen at networkplumber.org
Tue Sep 29 23:46:16 CEST 2015

Previous message: [dpdk-dev] Having troubles binding an SR-IOV VF to uio_pci_generic on Amazon instance
Next message: [dpdk-dev] Having troubles binding an SR-IOV VF to uio_pci_generic on Amazon instance
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 29 Sep 2015 23:54:54 +0300
"Michael S. Tsirkin" <mst at redhat.com> wrote:

> On Tue, Sep 29, 2015 at 07:41:09PM +0300, Vlad Zolotarov wrote:
> > The security breach motivation u brought in "[RFC PATCH] uio:
> > uio_pci_generic: Add support for MSI interrupts" thread seems a bit weak
> > since one u let the userland access to the bar it may do any funny thing
> > using the DMA engine of the device. This kind of stuff should be prevented
> > using the iommu and if it's enabled then any funny tricks using MSI/MSI-X
> > configuration will be prevented too.
> > 
> > I'm about to send the patch to main Linux mailing list. Let's continue this
> > discussion there.
> >   
> 
> Basically UIO shouldn't be used with devices capable of DMA.
> Use VFIO for that (yes, this implies an emulated or PV IOMMU).
> I don't think this can change.

Given there is no PV IOMMU and even if there was it would be too slow for DPDK
use, I can't accept that.

Previous message: [dpdk-dev] Having troubles binding an SR-IOV VF to uio_pci_generic on Amazon instance
Next message: [dpdk-dev] Having troubles binding an SR-IOV VF to uio_pci_generic on Amazon instance
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list