From: Jason Gunthorpe <jgg@nvidia.com>
To: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: "Andrew Davis" <afd@ti.com>,
"Christoph Hellwig" <hch@infradead.org>,
"Bastien Curutchet" <bastien.curutchet@bootlin.com>,
"Sumit Semwal" <sumit.semwal@linaro.org>,
"Christian König" <christian.koenig@amd.com>,
"Greg Kroah-Hartman" <gregkh@linuxfoundation.org>,
linux-media@vger.kernel.org, dri-devel@lists.freedesktop.org,
linaro-mm-sig@lists.linaro.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH 0/3] uio/dma-buf: Give UIO users access to DMA addresses.
Date: Tue, 22 Apr 2025 15:16:22 -0300 [thread overview]
Message-ID: <20250422181622.GA1648391@nvidia.com> (raw)
In-Reply-To: <20250414212125.4b3e6f33@windsurf>
On Mon, Apr 14, 2025 at 09:21:25PM +0200, Thomas Petazzoni wrote:
> > "UIO is a broken legacy mess, so let's add more broken things
> > to it as broken + broken => still broken, so no harm done", am I
> > getting that right?
>
> Who says UIO is a "broken legacy mess"? Only you says so. I don't see
> any indication anywhere in the kernel tree suggesting that UIO is
> considered a broken legacy mess.
Explain what the difference is between UIO and VFIO, especially VFIO
no-iommu mode?
I've always understood that UIO is for very simple devices that cannot
do DMA. So it's very simple operating model and simple security work
fine.
IMHO, if the can use DMA it should use VFIO. If you have no iommu then
you should use the VFIO unsafe no-iommu path. It still provides a
solid framework.
As to this series, I have seen a number of requests to improve the
VFIO no-iommu path to allow working with the existing IOAS scheme to
register memory but to allow the kernel the return the no-iommu
DMAable address of the IOAS pinned memory. This would replace the
hacky use of mlock and /proc/XX/pagemap that people use today.
If that were done, could you use VFIO no-iommu?
> Keep in mind that when you're running code as root, you can load a
> kernel module, which can do anything on the system security-wise. So
> letting UIO expose MMIO registers of devices to userspace applications
> running as root is not any worse than that.
That isn't fully true.. UIO isn't fitting into the security model by
allowing DMA capable devices to be exposed without checking for
CAP_SYS_RAW_IO first.
Jason
prev parent reply other threads:[~2025-04-22 18:16 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-04-10 14:53 [PATCH 0/3] uio/dma-buf: Give UIO users access to DMA addresses Bastien Curutchet
2025-04-10 14:53 ` [PATCH 1/3] dma-buf: Allow heap that doesn't provide map_buf/unmap_buf Bastien Curutchet
2025-04-10 14:53 ` [PATCH 2/3] dma-buf: Add DMA_BUF_IOCTL_GET_DMA_ADDR Bastien Curutchet
2025-04-11 18:34 ` Nicolas Dufresne
2025-04-29 6:39 ` Simona Vetter
2025-04-29 8:12 ` Christian König
2025-04-10 14:53 ` [PATCH 3/3] uio: Add UIO_DMABUF_HEAP Bastien Curutchet
2025-04-11 18:41 ` Nicolas Dufresne
2025-04-10 16:29 ` [PATCH 0/3] uio/dma-buf: Give UIO users access to DMA addresses Christian König
2025-04-10 19:43 ` Thomas Petazzoni
[not found] ` <b596c9af-c0e3-4557-b45a-462a33179235@amd.com>
2025-04-11 8:14 ` Bastien Curutchet
2025-04-11 12:41 ` Christian König
2025-04-14 8:17 ` Thomas Petazzoni
2025-04-14 8:59 ` Christian König
2025-04-14 5:55 ` Christoph Hellwig
2025-04-14 8:24 ` Thomas Petazzoni
2025-04-14 9:11 ` Christian König
2025-04-14 11:52 ` Thomas Petazzoni
2025-04-14 11:24 ` Christoph Hellwig
2025-04-14 11:48 ` Thomas Petazzoni
2025-04-14 17:08 ` Andrew Davis
2025-04-14 19:21 ` Thomas Petazzoni
2025-04-14 20:13 ` Andrew Davis
2025-04-22 18:16 ` Jason Gunthorpe [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250422181622.GA1648391@nvidia.com \
--to=jgg@nvidia.com \
--cc=afd@ti.com \
--cc=bastien.curutchet@bootlin.com \
--cc=christian.koenig@amd.com \
--cc=dri-devel@lists.freedesktop.org \
--cc=gregkh@linuxfoundation.org \
--cc=hch@infradead.org \
--cc=linaro-mm-sig@lists.linaro.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-media@vger.kernel.org \
--cc=sumit.semwal@linaro.org \
--cc=thomas.petazzoni@bootlin.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox