Hello, Joan Lledó, on dim. 03 déc. 2017 11:21:53 +0100, wrote: > This is a new version of the PCI arbiter.
Nice work :D > I tried to run netdde as non-root but gave up because it seemed non-trivial > for > me and the time for my thesis is running out. Next are some issues I found: > > - Some network drivers poke IO ports by themselves (See #hurd, 2017-11-23 > [1]). Yes. Thinking about it, Mach actually provides a way to give a task the right for a given range of I/O ports (i386_io_perm_cerate), so one could use that. > - check_kernel() in check_kernel.c[2] is calling get_privileged_ports(). We could make this just return if it's not privileged. Longterm-wise we want to just drop kernel network drivers anyway. > Besides, the pci server lacks some features required to run netdde as > non-root: > > - Provide some way for the client to map device's regions and rom into its > space. read() + mmap() could be enough for read-only spaces, but probably > making the server act as a pager is the only good solution. > (See #hurd, 2017-10-27 [3]). Possibly yes. Virtual memory hackers, any opinion on this? > - Provide libpciaccess and pciutils with a way to poke IO ports as non-root. > Adding new routines to the PCI interface is an option, or even creating a > new interface, since poking IO ports is not necessarily related to PCI. Well, as mentioned above the interface already exists actually :) But there doesn't exist any arbiter for it in general. I don't think we want to spend time on doing it for legacy ports, and we should just work on support in the PCI arbiter: an RPC operation which just returns a port created with i386_io_perm_create, so the caller can then enable/disable I/O access to the ranges of ports at will. Samuel