From: David Miller <davem@davemloft.net>
To: danny.zhou@intel.com
Cc: willemb@google.com, john.fastabend@gmail.com,
dborkman@redhat.com, fw@strlen.de, gerlitz.or@gmail.com,
hannes@stressinduktion.org, netdev@vger.kernel.org,
john.ronciak@intel.com, amirv@mellanox.com,
eric.dumazet@gmail.com
Subject: Re: [net-next PATCH v1 1/3] net: sched: af_packet support for direct ring access
Date: Tue, 07 Oct 2014 12:05:34 -0400 (EDT) [thread overview]
Message-ID: <20141007.120534.1798634446901746809.davem@davemloft.net> (raw)
In-Reply-To: <DFDF335405C17848924A094BC35766CF0A953308@SHSMSX104.ccr.corp.intel.com>
From: "Zhou, Danny" <danny.zhou@intel.com>
Date: Tue, 7 Oct 2014 15:21:15 +0000
> Once qpairs split-off is done, the user space driver, as a slave
> driver, will re-initialize those queues completely in user space by
> using paddr(in the case of DPDK, vaddr of DPDK used huge pages are
> translated to paddr) to fill in the packet descriptors. As of
> security concern raised in previous discussion, the reason we
> think(BTW, correct me if I am wrong) af_packet is most suitable is
> because only user application with root permission is allowed to
> successfully split-off queue pairs and mmap a small window of PCIe
> I/O space to user space, so concern regarding "device can DMA
> from/to any arbitrary physical memory." is not that big. As all user
> space device drivers based on UIO mechanism has the same concern
> issue, VFIO adds protection but it is based on IOMMU which is
> specific to Intel silicons.
Wait a second.
If there is no memory protection performed I'm not merging this.
I thought the user has to associate a fixed pool of memory to the
queueus, the kernel attaches that memory, and then the user cannot
modify the addresses _AT_ _ALL_.
If the user can modify the addresses in the descriptors and make
the chip crap on random memory, this is a non-starter.
Sorry.
next prev parent reply other threads:[~2014-10-07 16:05 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-10-06 0:06 [net-next PATCH v1 1/3] net: sched: af_packet support for direct ring access John Fastabend
2014-10-06 0:07 ` [net-next PATCH v1 2/3] net: sched: add direct ring acces via af_packet to ixgbe John Fastabend
2014-10-06 0:07 ` [net-next PATCH v1 3/3] net: packet: Document PACKET_DEV_QPAIR_SPLIT and friends John Fastabend
2014-10-06 0:29 ` [net-next PATCH v1 1/3] net: sched: af_packet support for direct ring access Florian Westphal
2014-10-06 1:09 ` David Miller
2014-10-06 1:18 ` John Fastabend
2014-10-06 1:12 ` John Fastabend
2014-10-06 9:49 ` Daniel Borkmann
2014-10-06 15:01 ` John Fastabend
2014-10-06 16:35 ` Jesper Dangaard Brouer
2014-10-06 17:03 ` Hannes Frederic Sowa
2014-10-06 20:37 ` John Fastabend
2014-10-06 23:26 ` Hannes Frederic Sowa
2014-10-07 18:59 ` Neil Horman
2014-10-08 17:20 ` John Fastabend
2014-10-09 13:36 ` [PATCH] af_packet: Add Doorbell transmit mode to AF_PACKET sockets Neil Horman
2014-10-09 15:01 ` John Fastabend
2014-10-09 16:05 ` Neil Horman
2014-10-06 16:55 ` [net-next PATCH v1 1/3] net: sched: af_packet support for direct ring access Stephen Hemminger
2014-10-06 20:42 ` John Fastabend
2014-10-06 21:42 ` David Miller
2014-10-07 4:25 ` John Fastabend
2014-10-07 4:24 ` Willem de Bruijn
2014-10-07 9:27 ` David Laight
2014-10-07 15:43 ` David Miller
2014-10-07 15:59 ` David Laight
2014-10-07 16:08 ` David Miller
2014-10-07 15:21 ` Zhou, Danny
2014-10-07 15:46 ` Willem de Bruijn
2014-10-07 15:55 ` John Fastabend
2014-10-07 16:06 ` Zhou, Danny
2014-10-07 16:05 ` David Miller [this message]
2014-10-10 3:49 ` Zhou, Danny
-- strict thread matches above, loose matches on Subject: below --
2014-10-07 16:33 Alexei Starovoitov
2014-10-07 16:46 ` Zhou, Danny
2014-10-07 17:01 ` David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20141007.120534.1798634446901746809.davem@davemloft.net \
--to=davem@davemloft.net \
--cc=amirv@mellanox.com \
--cc=danny.zhou@intel.com \
--cc=dborkman@redhat.com \
--cc=eric.dumazet@gmail.com \
--cc=fw@strlen.de \
--cc=gerlitz.or@gmail.com \
--cc=hannes@stressinduktion.org \
--cc=john.fastabend@gmail.com \
--cc=john.ronciak@intel.com \
--cc=netdev@vger.kernel.org \
--cc=willemb@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).