From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <stable-bounces@dpdk.org>
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 95AB7A034F
	for <public@inbox.dpdk.org>; Sat,  9 Oct 2021 04:03:40 +0200 (CEST)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 63C7840142;
	Sat,  9 Oct 2021 04:03:40 +0200 (CEST)
Received: from mail-pj1-f41.google.com (mail-pj1-f41.google.com
 [209.85.216.41]) by mails.dpdk.org (Postfix) with ESMTP id 2703F40142
 for <stable@dpdk.org>; Sat,  9 Oct 2021 04:03:39 +0200 (CEST)
Received: by mail-pj1-f41.google.com with SMTP id
 pf6-20020a17090b1d8600b0019fa884ab85so10564691pjb.5
 for <stable@dpdk.org>; Fri, 08 Oct 2021 19:03:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=networkplumber-org.20210112.gappssmtp.com; s=20210112;
 h=date:from:to:cc:subject:message-id:in-reply-to:references
 :mime-version:content-transfer-encoding;
 bh=bZyRqz27s2zSrR9mhbPPno9TG907F+N2NgL3qlx3v8Q=;
 b=pQKVoH185rw1l1gsQUXV/K1suFo64EAZJPVbF1OPUEvNS7TFObhewYFPaaY0QbDC3c
 cywSAzJ1xFClbrDCWm4mXiJ467o89UNw0PLbwsJGIzovphxKLKBrDIVxZ8firA6M135G
 qzBVFOE1SNimYhLYVnXgpu41Sh9HoqQ36x7YknUs/FV0W8P2qPAUquE8lhfzuuIukr7x
 PIT3+4sMscd0zgKAfdXMNdOus6IGp7m6PSsERuWoUSdQUxVqbgrIPAiHCUwOdaiUKVlV
 LXdeiNNg2oFBYisuDT0w7fiTRVS97Ihp/lcxdr9m/Q9ciEerJjrfpRsgEPIXqZx9Eypu
 tMzQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=x-gm-message-state:date:from:to:cc:subject:message-id:in-reply-to
 :references:mime-version:content-transfer-encoding;
 bh=bZyRqz27s2zSrR9mhbPPno9TG907F+N2NgL3qlx3v8Q=;
 b=AqnlGzV2W4T4F42YlpbcbVzVLwkfWS2Z/F93OORO6LaUDSPetAA8WFzkzbVT5Yt0VO
 JYK86ZkM8QoJdlYH1lL5+5FETkUUe81SkT5tFjuR04CiP2BVH8JQFbXa836BO3wHDlbq
 v/MDCNvGV0R2zsg2Bo4+3oVxqkSaCw5KebqE+AhsfQS+JADnfc/XRWznc6sQ8OphkAxV
 Gb8fA4UEmzh5ljDHAfapwb6itaARWMfW83HN7R7W6p8rixD1nok8JtTKfLXonx5lKrYD
 xykPCbhcUc5fYgI1rtqFcV0XBjpq1WKPfH5JiFJ/FffJl9j5OfsJCGG/ZX1xtZsmrXYK
 NrwQ==
X-Gm-Message-State: AOAM533qUxfVj+YyndBIIy7shrq4lZ/w5k0sVSSvChLEccwMX1VI7qcc
 B3AfhaX0FxhpUhcWecmzGNpKPw==
X-Google-Smtp-Source: ABdhPJz6+KKtWwmgJ9qRldV7iDPflRBBGzksfSRUH6Qj0XwfgVo9iqJq8ImdZHNj/ZXYbqhFj8Mwuw==
X-Received: by 2002:a17:902:7b98:b0:138:c171:c1af with SMTP id
 w24-20020a1709027b9800b00138c171c1afmr12445122pll.70.1633745018234; 
 Fri, 08 Oct 2021 19:03:38 -0700 (PDT)
Received: from hermes.local (204-195-33-123.wavecable.com. [204.195.33.123])
 by smtp.gmail.com with ESMTPSA id 127sm523185pfw.10.2021.10.08.19.03.37
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 08 Oct 2021 19:03:37 -0700 (PDT)
Date: Fri, 8 Oct 2021 19:03:35 -0700
From: Stephen Hemminger <stephen@networkplumber.org>
To: Ferruh Yigit <ferruh.yigit@intel.com>
Cc: Elad Nachman <eladv6@gmail.com>, dev@dpdk.org, stable@dpdk.org, Igor
 Ryzhov <iryzhov@nfware.com>, Eric Christian <erclists@gmail.com>
Message-ID: <20211008190335.1fdc8f4a@hermes.local>
In-Reply-To: <20211008235830.127167-1-ferruh.yigit@intel.com>
References: <20211008235830.127167-1-ferruh.yigit@intel.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Subject: Re: [dpdk-stable] [PATCH] kni: restrict bifurcated device support
X-BeenThere: stable@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: patches for DPDK stable branches <stable.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/stable>,
 <mailto:stable-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/stable/>
List-Post: <mailto:stable@dpdk.org>
List-Help: <mailto:stable-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/stable>,
 <mailto:stable-request@dpdk.org?subject=subscribe>
Errors-To: stable-bounces@dpdk.org
Sender: "stable" <stable-bounces@dpdk.org>

On Sat,  9 Oct 2021 00:58:30 +0100
Ferruh Yigit <ferruh.yigit@intel.com> wrote:

> To enable bifurcated device support, rtnl_lock is released before calling
> userspace callbacks and asynchronous requests are enabled.
> 
> But these changes caused more issues, like bug #809, #816. To reduce the
> scope of the problems, the bifurcated device support related changes are
> only enabled when it is requested explicitly with new 'enable_bifurcated'
> module parameter.
> And bifurcated device support is disabled by default.
> 
> So the bifurcated device related problems are isolated and they can be
> fixed without impacting all use cases.
> 
> Bugzilla ID: 816
> Fixes: 631217c76135 ("kni: fix kernel deadlock with bifurcated device")
> Cc: stable@dpdk.org
> 
> Signed-off-by: Ferruh Yigit <ferruh.yigit@intel.com>

Calling userspace with semaphore held is still risky and buggy.
There is no guarantee that the userspace DPDK application will be well behaved.
And if it is not, the spinning holding RTNL would break any other network management
functions in the kernel.

These are the kind of problems that make me think it there should be a
big "DO NOT USE THIS" onto KNI. Maybe make it print a big nasty message
(see kernel VFIO without IOMMU description) or mark kernel as tainted??

See: https://fedoraproject.org/wiki/KernelStagingPolicy

Something like:

diff --git a/kernel/linux/kni/kni_net.c b/kernel/linux/kni/kni_net.c
index 611719b5ee27..d47fc6133cbe 100644
--- a/kernel/linux/kni/kni_net.c
+++ b/kernel/linux/kni/kni_net.c
@@ -838,6 +838,14 @@ kni_net_init(struct net_device *dev)
 	dev->header_ops      = &kni_net_header_ops;
 	dev->ethtool_ops     = &kni_net_ethtool_ops;
 	dev->watchdog_timeo = WD_TIMEOUT;
+
+	/*
+	 * KNI is unsafe since it requires calling userspace to do
+	 * control operations. And the overall quality according to
+	 * kernel standards is the same as devices in staging.
+	 */
+	add_taint(TAINT_CRAP, LOCKDEP_STILL_OK);
+	netdev_warn(dev, "Adding kernel taint for KNI because it is not safe\n");
 }
 
 void