On Thu, 21 Jun 2018 13:02:34 +0200 Martin Drašar <dra...@ics.muni.cz> wrote:
> Dne 21.6.2018 v 7:58 Avi Cohen (A) napsal(a): > > Look at this > > https://stackoverflow.com/questions/8213671/mmap-operation-not-permitted > > Hello Avi, > > thank you for chiming in. Neither iomem runtime parameter or allowing > mmap on 0 page helped me. As for the latter, DPDK correctly maps to PCI > region, so that is not the problem. > > Looking at the mmap source, there are basically only two points that > result in EPERM error. First one is related to incorrect flag > combination (not a DPDK case) the second is related to the file > descriptor of the resource being locked (should not be, but it is the > only possibility). > > That lock may have to do something with Secure boot being on, as almost > the same system without secure boot is working ok. I built a custom > kernel with CONFIG_STRICT_DEVMEM turned off, but it's going to take me > some time to hammer it into the system, mainly because I am leaving for > a vacation today. > > But it would be great if anyone, who has experience running DPDK on > secure booted systems, could share their experience. Secure boot disables direct access to memory which is required for DPDK via uio. This is by design since UIO would allow userspace (as root) to read or write any location in memory. Secure boot should work with VFIO. As long as you have an IOMMU, VFIO is a much better solution.
