On Wed, Mar 22, 2023 at 03:05:29PM +0800, Cheng Xu wrote: > The current generation of erdma devices do not have this capability due to > implementation complexity. Without this HW capability, isolating the MMIO > space in software doesn't prevent the attack, because the malicious APPs > can map mmio itself, not through verbs interface. This doesn't meet the security model of Linux, verbs HW is expected to protect one process from another process. if this is the case we should consider restricting this HW to CAP_SYS_RAW_IO only. You should come with an explanation why this HW is safe enough to avoid this. Jason
