From mboxrd@z Thu Jan 1 00:00:00 1970 From: Vlad Zolotarov Subject: Re: [dpdk-dev] [PATCH 2/2] uio: new driver to support PCI MSI-X Date: Tue, 6 Oct 2015 17:49:21 +0300 Message-ID: <5613DF71.7090207@cloudius-systems.com> References: <1443652138-31782-1-git-send-email-stephen@networkplumber.org> <1443652138-31782-3-git-send-email-stephen@networkplumber.org> <20151001104505-mutt-send-email-mst@redhat.com> <20151005215455.GA7608@redhat.com> <20151006013000-mutt-send-email-mst@redhat.com> <561384EF.8020100@cloudius-systems.com> <20151006164259-mutt-send-email-mst@redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit Cc: hjk@hansjkoch.de, dev@dpdk.org, gregkh@linux-foundation.org, Stephen Hemminger , linux-kernel@vger.kernel.org To: "Michael S. Tsirkin" Return-path: In-Reply-To: <20151006164259-mutt-send-email-mst@redhat.com> Sender: linux-kernel-owner@vger.kernel.org List-Id: dev.dpdk.org On 10/06/15 16:58, Michael S. Tsirkin wrote: > On Tue, Oct 06, 2015 at 11:23:11AM +0300, Vlad Zolotarov wrote: >> Michael, how this or any other related patch is related to the problem u r >> describing? >> The above ability is there for years and if memory serves me >> well it was u who wrote uio_pci_generic with this "security flaw". ;) > I answered all this already. > > This patch enables bus mastering, enables MSI or MSI-X This may be done from the user space right now without this patch... > , and requires > userspace to map the MSI-X table Hmmm... I must have missed this requirement. Could u, pls., clarify? From what I see, MSI/MSI-X table is configured completely in the kernel here... > and read/write the config space. > This means that a single userspace bug is enough to corrupt kernel > memory. Could u, pls., provide and example of this simple bug? Because it's absolutely not obvious... > > uio_pci_generic does not enable bus mastering or MSI, and > it might be a good idea to have uio_pci_generic block > access to MSI/MSI-X config. Since device bars may be mapped bypassing the UIO/uio_pci_generic - this won't solve any issue.