On Tue, Sep 29, 2015 at 07:41:09PM +0300, Vlad Zolotarov wrote: > The security breach motivation u brought in "[RFC PATCH] uio: > uio_pci_generic: Add support for MSI interrupts" thread seems a bit weak > since one u let the userland access to the bar it may do any funny thing > using the DMA engine of the device. This kind of stuff should be prevented > using the iommu and if it's enabled then any funny tricks using MSI/MSI-X > configuration will be prevented too. > > I'm about to send the patch to main Linux mailing list. Let's continue this > discussion there. >
Basically UIO shouldn't be used with devices capable of DMA. Use VFIO for that (yes, this implies an emulated or PV IOMMU). I don't think this can change. > > > >I think that DPDK should be fixed to not require uio_pci_generic > >for VF devices (or any devices without INT#x). > > > >If DPDK requires a place-holder driver, the pci-stub driver should > >do this adequately. See ./drivers/pci/pci-stub.c > >