From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) by dpdk.org (Postfix) with ESMTP id E3D651F5 for ; Mon, 24 Jul 2017 15:44:52 +0200 (CEST) Received: from orsmga001.jf.intel.com ([10.7.209.18]) by fmsmga101.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 24 Jul 2017 06:44:51 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.40,407,1496127600"; d="scan'208";a="1154718450" Received: from bricha3-mobl3.ger.corp.intel.com ([10.237.221.72]) by orsmga001.jf.intel.com with SMTP; 24 Jul 2017 06:44:48 -0700 Received: by (sSMTP sendmail emulation); Mon, 24 Jul 2017 14:44:48 +0100 Date: Mon, 24 Jul 2017 14:44:47 +0100 From: Bruce Richardson To: Sagi Grimberg Cc: Shahaf Shuler , =?iso-8859-1?Q?N=E9lio?= Laranjeiro , "dev@dpdk.org" , Yongseok Koh , Roy Shterman , Alexander Solganik , Leon Romanovsky Message-ID: <20170724134447.GB2848@bricha3-MOBL3.ger.corp.intel.com> References: <75d08202-1882-7660-924c-b6dbb4455b88@grimberg.me> <20170717210222.j4dwxiujqdlqhlp2@shalom> <85c0b1d9-bbf3-c6ab-727f-f508c5e5f584@grimberg.me> <20170720135548.qlkjnmzthd2vep5e@shalom> <957f84fe-199a-e016-c21c-ab54a732e561@grimberg.me> <67476089-ba6e-905c-0fdd-3a1551de97d4@grimberg.me> <0874aa20-27c1-190e-ebba-7fa075eaac7a@grimberg.me> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <0874aa20-27c1-190e-ebba-7fa075eaac7a@grimberg.me> Organization: Intel Research and =?iso-8859-1?Q?De=ACvel?= =?iso-8859-1?Q?opment?= Ireland Ltd. User-Agent: Mutt/1.8.3 (2017-05-23) Subject: Re: [dpdk-dev] Question on mlx5 PMD txq memory registration X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Jul 2017 13:44:53 -0000 On Sun, Jul 23, 2017 at 12:03:41PM +0300, Sagi Grimberg wrote: > > > > I don't understand the security argument. Its completely private to the > > > driver. anything under librte is equivalent to an OS wrt networking, so I fail to > > > see what is the security feature your talking about. > > > > You are correct that as a root you are able to do whatever you want on the server. > > The security I refer to is to protect against badly written code. > > > > The fact the PMD only registers the mempools, and use the device engine to translate the VA, provide some protection. > > For example, one DPDK process will not be able to access the memory of other DPDK process *by mistake*. > > Well, this is a fair argument, but without a *complete* solution for all > of dpdk peripherals, it has very little merit (if at all). A badly > written code can just as easily crash a server by passing a mbuf to > a crypto device or another network device that co-exists with mlx5. > > So, while I understand the argument, I think its value is not worth the > hassle that mlx5_pmd needs to take to achieve it. Did this come from a > real requirement (from a real implementation)? > Would using VFIO (and the IOMMU) not allow us to provide an equivalent level of security to what is provided by the current scheme? From what I see on-list there are a few folks already looking into that area, and taking advantage of the IOMMU should improve security of all devices in DPDK. /Bruce