From mboxrd@z Thu Jan  1 00:00:00 1970
From: Vlad Zolotarov <vladz@cloudius-systems.com>
Subject: Re: [PATCH 2/2] uio: new driver to support PCI MSI-X
Date: Tue, 6 Oct 2015 11:23:11 +0300
Message-ID: <561384EF.8020100@cloudius-systems.com>
References: <1443652138-31782-1-git-send-email-stephen@networkplumber.org>
 <1443652138-31782-3-git-send-email-stephen@networkplumber.org>
 <20151001104505-mutt-send-email-mst@redhat.com>
 <20151005215455.GA7608@redhat.com>
 <CAOYyTHZHdS4Hr7Qq5FOdDMtooAKiAb26efAJ=NaxyMVqkYqiHQ@mail.gmail.com>
 <20151006013000-mutt-send-email-mst@redhat.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
Cc: dev@dpdk.org, hjk@hansjkoch.de, gregkh@linux-foundation.org,
 linux-kernel@vger.kernel.org
To: "Michael S. Tsirkin" <mst@redhat.com>
Return-path: <dev-bounces@dpdk.org>
Received: from mail-wi0-f170.google.com (mail-wi0-f170.google.com
 [209.85.212.170]) by dpdk.org (Postfix) with ESMTP id 8736F5921
 for <dev@dpdk.org>; Tue,  6 Oct 2015 10:23:14 +0200 (CEST)
Received: by wicgb1 with SMTP id gb1so153700238wic.1
 for <dev@dpdk.org>; Tue, 06 Oct 2015 01:23:14 -0700 (PDT)
In-Reply-To: <20151006013000-mutt-send-email-mst@redhat.com>
List-Id: patches and discussions about DPDK <dev.dpdk.org>
List-Unsubscribe: <http://dpdk.org/ml/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://dpdk.org/ml/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <http://dpdk.org/ml/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>



On 10/06/15 01:49, Michael S. Tsirkin wrote:
> On Tue, Oct 06, 2015 at 01:09:55AM +0300, Vladislav Zolotarov wrote:
>> How about instead of trying to invent the wheel just go and attack the problem
>> directly just like i've proposed already a few times in the last days: instead
>> of limiting the UIO limit the users that are allowed to use UIO to privileged
>> users only (e.g. root). This would solve all clearly unresolvable issues u are
>> raising here all together, wouldn't it?
> No - root or no root, if the user can modify the addresses in the MSI-X
> table and make the chip corrupt random memory, this is IMHO a non-starter.

Michael, how this or any other related patch is related to the problem u 
r describing? The above ability is there for years and if memory serves 
me well it was u who wrote uio_pci_generic with this "security flaw".  ;)

This patch in general only adds the ability to receive notifications per 
MSI-X interrupt and it has nothing to do with the ability to reprogram 
the MSI-X related registers from the user space which was always there.

>
> And tainting kernel is not a solution - your patch adds a pile of
> code that either goes completely unused or taints the kernel.
> Not just that - it's a dedicated userspace API that either
> goes completely unused or taints the kernel.
>
>>> --
>>> MST