On 14-10-22, 15:25, Fenghua Yu wrote: > When the idxd_user_drv driver is bound to a Work Queue (WQ) device > without IOMMU or with IOMMU Passthrough without Shared Virtual > Addressing (SVA), the application gains direct access to physical > memory via the device by programming physical address to a submitted > descriptor. This allows direct userspace read and write access to > arbitrary physical memory. This is inconsistent with the security > goals of a good kernel API. > > Unlike vfio_pci driver, the IDXD char device driver does not provide any > ways to pin user pages and translate the address from user VA to IOVA or > PA without IOMMU SVA. Therefore the application has no way to instruct the > device to perform DMA function. This makes the char device not usable for > normal application usage. > > Since user type WQ without SVA cannot be used for normal application usage > and presents the security issue, bind idxd_user_drv driver and enable user > type WQ only when SVA is enabled (i.e. user PASID is enabled). Applied, thanks -- ~Vinod
