On 10/13/2023 7:24 PM, Keith Busch wrote: > On Fri, Oct 13, 2023 at 03:44:38PM +0530, Kanchan Joshi wrote: >> On 10/13/2023 10:56 AM, Christoph Hellwig wrote: >>> On Fri, Oct 13, 2023 at 10:44:58AM +0530, Kanchan Joshi wrote: >>>> Changes since v3: >>>> - Block only unprivileged user >>> >>> That's not really what at least I had in mind. I'd much rather >>> completely disable unprivileged passthrough for now as an easy >>> backportable patch. And then only re-enable it later in a way >>> where it does require using SGLs for all data transfers. >>> >> >> I did not get how forcing SGLs can solve the issue at hand. >> The problem happened because (i) user specified short buffer/len, and >> (ii) kernel allocated buffer. Whether the buffer is fed to device using >> PRP or SGL does not seem to solve the large DMA problem. > > The problem is a disconnect between the buffer size provided and the > implied size of the command. The idea with SGL is that it requires an > explicit buffer size, so the device will know the buffer is short and > return an appropriate error. Thanks for clearing this up. It seems we will have two limitations with this approach - (i) sgl for the external metadata buffer, and (ii) using sgl for data-transfer will reduce the speed of passthrough io, perhaps more than what can happen using the checks. And if we make the sgl opt-in, that means leaving the hole for the case when this was not chosen.
