[dpdk-dev] [PATCH v3] igb_uio: fail and log if kernel lock down is enabled

Neil Horman nhorman at tuxdriver.com
Thu May 17 13:34:06 CEST 2018

Previous message: [dpdk-dev] [PATCH v3] igb_uio: fail and log if kernel lock down is enabled
Next message: [dpdk-dev] [PATCH v3] igb_uio: fail and log if kernel lock down is enabled
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, May 16, 2018 at 03:42:20PM +0100, Ferruh Yigit wrote:
> When EFI secure boot is enabled, it is possible to lock down kernel and
> prevent accessing device BARs and this makes igb_uio unusable.
> 
> Lock down patches are not part of the vanilla kernel but they are
> applied and used by some distros already [1].
> 
> It is not possible to fix this issue, but intention of this patch is to
> detect and log if kernel lock down enabled and don't insert the module
> for that case.
> 
> The challenge is since this feature enabled by distros, they have
> different config options and APIs for it. This patch is done based on
> Fedora and Ubuntu kernel source, may needs to add more distro specific
> support.
> 
I still need to ask, what exactly is the error you're seeing with inserting the
uio module?  The lockdown patch set restricts BAR address changes, but via paths
acessible from user space, igbuio should still insert and initalize just fine
(or so it would seem to me).  Why not fix this by detecting the problem during
the user space library initalization, where you can do so via a standard method
that works accross distributions?

Neil

Previous message: [dpdk-dev] [PATCH v3] igb_uio: fail and log if kernel lock down is enabled
Next message: [dpdk-dev] [PATCH v3] igb_uio: fail and log if kernel lock down is enabled
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list