On Wed, 2018-09-26 at 12:42 -0600, Jason Gunthorpe wrote: > This isn't even the right description, CONFIG_STRICT_IO_DEVMEM has to > do with /dev/mem, not resourceX - resourceX is blocked off these days > because of secure boot, and the reason is to prevent tampering with > the kernel ie via user controlled DMAs. I did misspell the option. It should have been CONFIG_IO_STRICT_DEVMEM. Sorry about that. I will correct the commit message. However, according to commits by Arjan van de Ven [1] and Dan Williams [2], the option CONFIG_IO_STRICT_DEVMEM also affects sysfs resources besides /dev/mem. Currently, the upstream kernel defaults CONFIG_IO_STRICT_DEVMEM to off due to other issues reported [3]. However, some distributions have started turning that on. Diagnostics tools do need access to the device BAR. The use of resourceX was implemented on the request of this mailing list (previously, HFI driver had a private device for that). However, now even resourceX is not available if the driver is loaded due to resource exclusivity. This, effectively, renders our diagnostic tools useless. We would be happy to implement whatever interface is deemed correct but the requirement is that the 'root' user has full access to the device BAR and the driver can remain loaded at the same time. Currently, I am not aware of such a method that does not involve turning off CONFIG_IO_STRICT_DEVMEM, booting the kernel with 'iomem=relaxed' (which, basically, turns off CONFIG_IO_STRICT_DEVMEM) or a debugfs interface like this one. [1] https://lwn.net/Articles/302048/ [2] https://patchwork.kernel.org/patch/7675321/ [3] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/pa tch/?id=19a3dd7621af01b7e44a70d16beab59326c38824 -- Thank you, - Mitko
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
