From: David Marchand <david.marchand@redhat.com>
To: dev@dpdk.org
Subject: [dpdk-dev] [PATCH v2 1/2] bus/pci: check IO permissions for UIO only
Date: Sun, 20 Oct 2019 14:29:58 +0200 [thread overview]
Message-ID: <1571574599-25022-2-git-send-email-david.marchand@redhat.com> (raw)
In-Reply-To: <1571574599-25022-1-git-send-email-david.marchand@redhat.com>
On x86, calling inb/outb special instructions (used in UIO ioport
read/write parts) is only possible if the right IO permissions has been
granted.
The only user of this API (the net/virtio pmd) checks this
unconditionnaly but this should be hidden by the rte_pci_ioport API
itself and only checked when the device is bound to a UIO driver.
Signed-off-by: David Marchand <david.marchand@redhat.com>
---
Changelog since v1:
- change log message level from DEBUG to ERR,
- add device name in log message,
---
drivers/bus/pci/bsd/pci.c | 5 +++++
drivers/bus/pci/linux/pci.c | 10 ++++++++++
2 files changed, 15 insertions(+)
diff --git a/drivers/bus/pci/bsd/pci.c b/drivers/bus/pci/bsd/pci.c
index 7777179..ebbfeb1 100644
--- a/drivers/bus/pci/bsd/pci.c
+++ b/drivers/bus/pci/bsd/pci.c
@@ -539,6 +539,11 @@ rte_pci_ioport_map(struct rte_pci_device *dev, int bar,
switch (dev->kdrv) {
#if defined(RTE_ARCH_X86)
case RTE_KDRV_NIC_UIO:
+ if (rte_eal_iopl_init() != 0) {
+ RTE_LOG(ERR, EAL, "%s(): insufficient ioport permissions for PCI device %s\n",
+ __func__, dev->name);
+ return -1;
+ }
if ((uintptr_t) dev->mem_resource[bar].addr <= UINT16_MAX) {
p->base = (uintptr_t)dev->mem_resource[bar].addr;
ret = 0;
diff --git a/drivers/bus/pci/linux/pci.c b/drivers/bus/pci/linux/pci.c
index 318db19..7b46fe1 100644
--- a/drivers/bus/pci/linux/pci.c
+++ b/drivers/bus/pci/linux/pci.c
@@ -661,6 +661,12 @@ pci_ioport_map(struct rte_pci_device *dev, int bar __rte_unused,
dev->addr.domain, dev->addr.bus,
dev->addr.devid, dev->addr.function);
+ if (rte_eal_iopl_init() != 0) {
+ RTE_LOG(ERR, EAL, "%s(): insufficient ioport permissions for PCI device %s\n",
+ __func__, dev->name);
+ return -1;
+ }
+
fp = fopen("/proc/ioports", "r");
if (fp == NULL) {
RTE_LOG(ERR, EAL, "%s(): can't open ioports\n", __func__);
@@ -718,7 +724,11 @@ rte_pci_ioport_map(struct rte_pci_device *dev, int bar,
break;
#endif
case RTE_KDRV_IGB_UIO:
+#if defined(RTE_ARCH_X86)
+ ret = pci_ioport_map(dev, bar, p);
+#else
ret = pci_uio_ioport_map(dev, bar, p);
+#endif
break;
case RTE_KDRV_UIO_GENERIC:
#if defined(RTE_ARCH_X86)
--
1.8.3.1
next prev parent reply other threads:[~2019-10-20 12:30 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-17 11:56 [dpdk-dev] [PATCH 0/2] Using virtio ethdev ports as non-root David Marchand
2019-10-17 11:56 ` [dpdk-dev] [PATCH 1/2] bus/pci: check IO permissions for UIO only David Marchand
2019-10-17 11:56 ` [dpdk-dev] [PATCH 2/2] net/virtio: do not require IO permissions David Marchand
2019-10-18 8:16 ` Tiwei Bie
2019-10-18 8:33 ` David Marchand
2019-10-18 10:05 ` Tiwei Bie
2019-10-20 12:29 ` [dpdk-dev] [PATCH v2 0/2] Using virtio ethdev ports as non-root David Marchand
2019-10-20 12:29 ` David Marchand [this message]
2019-10-20 12:29 ` [dpdk-dev] [PATCH v2 2/2] net/virtio: do not require IO permissions David Marchand
2019-10-21 13:10 ` [dpdk-dev] [PATCH v2 0/2] Using virtio ethdev ports as non-root Maxime Coquelin
2019-10-22 8:21 ` [dpdk-dev] [PATCH v3 " David Marchand
2019-10-22 8:21 ` [dpdk-dev] [PATCH v3 1/2] bus/pci: check IO permissions for UIO only David Marchand
2019-10-24 9:55 ` Maxime Coquelin
2019-10-22 8:21 ` [dpdk-dev] [PATCH v3 2/2] net/virtio: do not require IO permissions David Marchand
2019-10-23 4:56 ` Tiwei Bie
2019-10-25 10:11 ` [dpdk-dev] [PATCH v3 0/2] Using virtio ethdev ports as non-root David Marchand
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1571574599-25022-2-git-send-email-david.marchand@redhat.com \
--to=david.marchand@redhat.com \
--cc=dev@dpdk.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).