From mboxrd@z Thu Jan  1 00:00:00 1970
From: Avi Kivity <avi@scylladb.com>
Subject: Re: Having troubles binding an SR-IOV VF to
 uio_pci_generic on Amazon instance
Date: Thu, 1 Oct 2015 18:19:33 +0300
Message-ID: <560D4F05.5040105@scylladb.com>
References: <20151001120027-mutt-send-email-mst@redhat.com>
 <560CFB66.5050904@scylladb.com>
 <20151001124211-mutt-send-email-mst@redhat.com>
 <560D0413.5080401@scylladb.com>
 <20151001131754-mutt-send-email-mst@redhat.com>
 <560D0FE2.7010905@scylladb.com>
 <20151001135054-mutt-send-email-mst@redhat.com> <560D1705.30300@scylladb.com>
 <20151001142640-mutt-send-email-mst@redhat.com>
 <560D19C3.4060206@scylladb.com> <20151001151154.GA24549@redhat.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
Cc: "dev@dpdk.org" <dev@dpdk.org>
To: "Michael S. Tsirkin" <mst@redhat.com>
Return-path: <dev-bounces@dpdk.org>
Received: from mail-wi0-f169.google.com (mail-wi0-f169.google.com
 [209.85.212.169]) by dpdk.org (Postfix) with ESMTP id AB7C17E23
 for <dev@dpdk.org>; Thu,  1 Oct 2015 17:19:36 +0200 (CEST)
Received: by wicgb1 with SMTP id gb1so34761898wic.1
 for <dev@dpdk.org>; Thu, 01 Oct 2015 08:19:36 -0700 (PDT)
In-Reply-To: <20151001151154.GA24549@redhat.com>
List-Id: patches and discussions about DPDK <dev.dpdk.org>
List-Unsubscribe: <http://dpdk.org/ml/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://dpdk.org/ml/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <http://dpdk.org/ml/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

On 10/01/2015 06:11 PM, Michael S. Tsirkin wrote:
> On Thu, Oct 01, 2015 at 02:32:19PM +0300, Avi Kivity wrote:
>>>   We already agreed this kernel
>>> is going to be tainted, and unsupportable.
>> Yes.  So your only motivation in rejecting the patch is to get the author to
>> write the ring translation patch and port it to all relevant drivers
>> instead?
> Not only that.
>
> To make sure users are aware they are doing insecure
> things when using software poking at device BARs in sysfs.

I don't think you need to worry about that.  People who program DMA are 
aware of the damage is can cause.  If you want to be extra sure, have 
uio taint the kernel when bus mastering is enabled.

> To avoid giving virtualization a bad name for security.

There is no security issue here.  Those VMs run a single application, 
and cannot attack the host or other VMs.

> To get people to work on safe, maintainable solutions.

That's a great goal but I don't think it can be achieved without 
sacrificing performance, which is the only reason for dpdk's existence.  
If safe and maintainable were the only requirements, people would not 
bypass the kernel.

The only thing you are really achieving by blocking this is causing pain.