From mboxrd@z Thu Jan 1 00:00:00 1970 From: Thomas Monjalon Subject: Re: Running DPDK as an unprivileged user Date: Wed, 04 Jan 2017 11:11:32 +0100 Message-ID: <3821624.b18tgR1uvW@xps13> References: <1483044080.11975.1.camel@intel.com> <20170102114709.0a2f5546@xeon-e3> <1483483821.5643.4.camel@intel.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7Bit Cc: stephen@networkplumber.org, dev@dpdk.org To: "Walker, Benjamin" Return-path: Received: from mail-wj0-f176.google.com (mail-wj0-f176.google.com [209.85.210.176]) by dpdk.org (Postfix) with ESMTP id 9BD203777 for ; Wed, 4 Jan 2017 11:11:35 +0100 (CET) Received: by mail-wj0-f176.google.com with SMTP id i20so6151603wjn.2 for ; Wed, 04 Jan 2017 02:11:35 -0800 (PST) In-Reply-To: <1483483821.5643.4.camel@intel.com> List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" 2017-01-03 22:50, Walker, Benjamin: > 1) Physical addresses cannot be exposed to unprivileged users due to security > concerns (the fallout of rowhammer). Therefore, systems without an IOMMU can > only support privileged users. I think this is probably fine. > 2) The IOCTL from vfio to pin the memory is tied to specifying the DMA address > and programming the IOMMU. This is unfortunate - systems without an IOMMU still > want to do the pinning, but they need to be given the physical address instead > of specifying a DMA address. > 3) Not all device types, particularly in virtualization environments, support > vfio today. These devices have no way to explicitly pin memory. In VM we can use VFIO-noiommu. Is it helping for mapping?