On Thu, Oct 01, 2015 at 02:20:37PM +0300, Avi Kivity wrote: > > > On 10/01/2015 02:09 PM, Michael S. Tsirkin wrote: > >On Thu, Oct 01, 2015 at 01:50:10PM +0300, Avi Kivity wrote: > >>>>It's not just the lack of system calls, of course, the architecture is > >>>>completely different. > >>>Absolutely - I'm not saying move all of DPDK into kernel. > >>>We just need to protect the RX rings so hardware does > >>>not corrupt kernel memory. > >>> > >>> > >>>Thinking about it some more, many devices > >>>have separate rings for DMA: TX (device reads memory) > >>>and RX (device writes memory). > >>>With such devices, a mode where userspace can write TX ring > >>>but not RX ring might make sense. > >>I'm sure you can cause havoc just by reading, if you read from I/O memory. > >Not talking about I/O memory here. These are device rings in RAM. > > Right. But you program them with DMA addresses, so the device can read > another device's memory.
It can't if host has limited it to only DMA into guest RAM, which is pretty common. -- MST