From mboxrd@z Thu Jan  1 00:00:00 1970
From: "Michael S. Tsirkin" <mst@redhat.com>
Subject: Re: [dpdk-dev] [PATCH 2/2] uio: new driver to support PCI MSI-X
Date: Tue, 6 Oct 2015 17:07:17 +0300
Message-ID: <20151006170037-mutt-send-email-mst@redhat.com>
References: <1443652138-31782-1-git-send-email-stephen@networkplumber.org>
 <1443652138-31782-3-git-send-email-stephen@networkplumber.org>
 <20151001104505-mutt-send-email-mst@redhat.com>
 <20151005215455.GA7608@redhat.com>
 <CAOYyTHZHdS4Hr7Qq5FOdDMtooAKiAb26efAJ=NaxyMVqkYqiHQ@mail.gmail.com>
 <20151006013000-mutt-send-email-mst@redhat.com>
 <20151006083356.3da3defa@uryu.home.lan>
 <5613BB7D.3060202@scylladb.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Cc: Stephen Hemminger <stephen@networkplumber.org>, dev@dpdk.org,
	hjk@hansjkoch.de, gregkh@linux-foundation.org,
	linux-kernel@vger.kernel.org
To: Avi Kivity <avi@scylladb.com>
Return-path: <linux-kernel-owner@vger.kernel.org>
Content-Disposition: inline
In-Reply-To: <5613BB7D.3060202@scylladb.com>
Sender: linux-kernel-owner@vger.kernel.org
List-Id: dev.dpdk.org

On Tue, Oct 06, 2015 at 03:15:57PM +0300, Avi Kivity wrote:
> btw, (2) doesn't really add any insecurity.  The user could already poke at
> the msix tables (as well as perform DMA); they just couldn't get a useful
> interrupt out of them.

Poking at msix tables won't cause memory corruption unless msix and bus
mastering is enabled.  It's true root can enable msix and bus mastering
through sysfs - but that's easy to block or detect. Even if you don't
buy a security story, it seems less likely to trigger as a result
of a userspace bug.

-- 
MST