| Message ID | 20210526210147.1287-1-dmitry.kozliuk@gmail.com (mailing list archive) |
|---|---|
| Headers |
Return-Path: <dev-bounces@dpdk.org> X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 53A87A0546; Wed, 26 May 2021 23:01:58 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id D20B74067C; Wed, 26 May 2021 23:01:57 +0200 (CEST) Received: from mail-lj1-f180.google.com (mail-lj1-f180.google.com [209.85.208.180]) by mails.dpdk.org (Postfix) with ESMTP id BF0EF40143 for <dev@dpdk.org>; Wed, 26 May 2021 23:01:55 +0200 (CEST) Received: by mail-lj1-f180.google.com with SMTP id e11so3464304ljn.13 for <dev@dpdk.org>; Wed, 26 May 2021 14:01:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=wSgvgQ2NF7m0wdpTiHVD4l0NSZIeMr2YDq/8H1u2Cj4=; b=ak/vftjQnYmyl8mkjiYGN0+3OnD7xk4RgLRJDTeHVf8YjK9ew/icdygJchLLKSMn/i XmwAoKVx3l+gXYsy1oBa0jiXaDvWlJbAZfeN4Qz7342c13U9nKfYMTgOF6S9/DChMOVj 51DsVMYFKaJaiV+UAdwsIbCywRCVebh/mMFkY4vmjozeieJjMYLRh1GwqxBqsQl+Txko YcSPmdkOXYlVoFVaM9Qcb+eBQYQXpRdLizQgNU3nXI+FWDTIWOvDNeMu0BPaAbKCVt8h XgNZrDxyyFgRY+2irkb9jSeJ9OLO2yhjQsvzEgSK+4Y2WruNLzGRISlgsRsg+DXcK4AH 9hCA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=wSgvgQ2NF7m0wdpTiHVD4l0NSZIeMr2YDq/8H1u2Cj4=; b=pzE8l2LKCOkuGaaQPss8nlsWQ10pd5s12WwItFcedA/HVD/rnqg+Y/ZW9PlDJuQkK0 qCkFxuueb9iaqH2Fs3PR6/bcxnut6wPTmuMiuR5HZaLi9mInK8sx6Cuyuua6e0tg+Qr9 IsBlK/c57PhYR7JcoPGqOk0c8R3PT9CdqZAutCpRQH0wwt/M/cp83lrv62//Z/3/+D8F jVaoil4r7cIjIcEuzNUc975ehx+ZKmr90uJM66+dKGvC1i/q4XZSKMQccoU7xGiMV6zK 32d42LONquoQ0fMVunEA7vXVC9xGwQjN6J2wyYCQfLUeTjWDWLTWUQQuMWH8eGdGsdYk bZog== X-Gm-Message-State: AOAM531FWazEGxH5AblMAGoANqmuS4wU3wK9iZNWw+IOuD4yE/IvXTPh nRsLDz8v9bsIOmky6XYDEBEyPlvlmPImSw== X-Google-Smtp-Source: ABdhPJyp8PQkEiAa5TgeUIzMhlmflLo9kXDHg6OsTJ1s/QbhsahGz+ndFpdLjdADi8mzYZt+BlBAXA== X-Received: by 2002:a2e:8e66:: with SMTP id t6mr3687164ljk.481.1622062914899; Wed, 26 May 2021 14:01:54 -0700 (PDT) Received: from localhost.localdomain (broadband-37-110-65-23.ip.moscow.rt.ru. [37.110.65.23]) by smtp.gmail.com with ESMTPSA id u28sm13205lfk.172.2021.05.26.14.01.53 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 26 May 2021 14:01:54 -0700 (PDT) From: Dmitry Kozlyuk <dmitry.kozliuk@gmail.com> To: dev@dpdk.org Cc: Dmitry Malloy <dmitrym@microsoft.com>, Narcisa Ana Maria Vasile <navasile@linux.microsoft.com>, Pallavi Kadam <pallavi.kadam@intel.com>, Tyler Retzlaff <roretzla@linux.microsoft.com>, Nick Connolly <nick.connolly@mayadata.io>, Dmitry Kozlyuk <dmitry.kozliuk@gmail.com> Date: Thu, 27 May 2021 00:01:43 +0300 Message-Id: <20210526210147.1287-1-dmitry.kozliuk@gmail.com> X-Mailer: git-send-email 2.29.3 In-Reply-To: <20210501171837.13282-1-dmitry.kozliuk@gmail.com> References: <20210501171837.13282-1-dmitry.kozliuk@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: [dpdk-dev] [kmods PATCH v2 0/4] windows/virt2phys: fix paging issue X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions <dev.dpdk.org> List-Unsubscribe: <https://mails.dpdk.org/options/dev>, <mailto:dev-request@dpdk.org?subject=unsubscribe> List-Archive: <http://mails.dpdk.org/archives/dev/> List-Post: <mailto:dev@dpdk.org> List-Help: <mailto:dev-request@dpdk.org?subject=help> List-Subscribe: <https://mails.dpdk.org/listinfo/dev>, <mailto:dev-request@dpdk.org?subject=subscribe> Errors-To: dev-bounces@dpdk.org Sender: "dev" <dev-bounces@dpdk.org> |
| Series |
windows/virt2phys: fix paging issue
|
|
Message
Dmitry Kozlyuk
May 26, 2021, 9:01 p.m. UTC
Physical addresses exposed by virt2phys driver could become pageable.
This presents stability and security issues that prevent Microsoft
from signing virt2phys, because a signed driver would be trusted
by all end-user machines.
Ensure that memory for which physical addresses are exposed by
virt2phys is non-pageable at least for the lifetime of the process.
As virt2phys code grows, make its development and debugging easier.
There are other known issues that come from using PA and accessing DMA
from userspace. They are not related to virt2phys par se. It is planned
to address them later by enabling the use of IOMMU for DPDK on Windows.
v2:
* Following ofline review by DmitryM:
- Add comment explaining tracking approach for validation team.
- Replace deprecated allocation API calls.
- Check properties of locked memory (see docs in patch 3/4).
- Add configurable limits for tracked processes and memory.
* Add end-user documentation.
* Drop patch for Inf2Cat settings UseLocalTime=true:
the issue it resolves originated from development VM.
* Add PnpLockdown=1 patch.
Dmitry Kozlyuk (4):
windows/virt2phys: add PnpLockdown directive
windows/virt2phys: do not expose pageable physical addresses
windows/virt2phys: add limits against resource exhaustion
windows/virt2phys: add tracing
windows/virt2phys/README.md | 38 ++
windows/virt2phys/virt2phys.c | 173 ++++++--
windows/virt2phys/virt2phys.inf | 1 +
windows/virt2phys/virt2phys.vcxproj | 7 +-
windows/virt2phys/virt2phys.vcxproj.filters | 9 +
windows/virt2phys/virt2phys_logic.c | 415 ++++++++++++++++++++
windows/virt2phys/virt2phys_logic.h | 39 ++
windows/virt2phys/virt2phys_trace.h | 50 +++
8 files changed, 701 insertions(+), 31 deletions(-)
create mode 100644 windows/virt2phys/README.md
create mode 100644 windows/virt2phys/virt2phys_logic.c
create mode 100644 windows/virt2phys/virt2phys_logic.h
create mode 100644 windows/virt2phys/virt2phys_trace.h
Comments
26/05/2021 23:01, Dmitry Kozlyuk: > v2: > * Following ofline review by DmitryM: > - Add comment explaining tracking approach for validation team. > - Replace deprecated allocation API calls. > - Check properties of locked memory (see docs in patch 3/4). > - Add configurable limits for tracked processes and memory. > * Add end-user documentation. > * Drop patch for Inf2Cat settings UseLocalTime=true: > the issue it resolves originated from development VM. > * Add PnpLockdown=1 patch. > > Dmitry Kozlyuk (4): > windows/virt2phys: add PnpLockdown directive > windows/virt2phys: do not expose pageable physical addresses > windows/virt2phys: add limits against resource exhaustion > windows/virt2phys: add tracing Waiting for reviews, especially from Microsoft experts.
23/06/2021 09:13, Thomas Monjalon: > 26/05/2021 23:01, Dmitry Kozlyuk: > > v2: > > * Following ofline review by DmitryM: > > - Add comment explaining tracking approach for validation team. > > - Replace deprecated allocation API calls. > > - Check properties of locked memory (see docs in patch 3/4). > > - Add configurable limits for tracked processes and memory. > > * Add end-user documentation. > > * Drop patch for Inf2Cat settings UseLocalTime=true: > > the issue it resolves originated from development VM. > > * Add PnpLockdown=1 patch. > > > > Dmitry Kozlyuk (4): > > windows/virt2phys: add PnpLockdown directive > > windows/virt2phys: do not expose pageable physical addresses > > windows/virt2phys: add limits against resource exhaustion > > windows/virt2phys: add tracing > > Waiting for reviews, especially from Microsoft experts. Why is it taking so long?
2021-09-30 22:24 (UTC+0200), Thomas Monjalon: > 23/06/2021 09:13, Thomas Monjalon: > > 26/05/2021 23:01, Dmitry Kozlyuk: > > > v2: > > > * Following ofline review by DmitryM: > > > - Add comment explaining tracking approach for validation team. > > > - Replace deprecated allocation API calls. > > > - Check properties of locked memory (see docs in patch 3/4). > > > - Add configurable limits for tracked processes and memory. > > > * Add end-user documentation. > > > * Drop patch for Inf2Cat settings UseLocalTime=true: > > > the issue it resolves originated from development VM. > > > * Add PnpLockdown=1 patch. > > > > > > Dmitry Kozlyuk (4): > > > windows/virt2phys: add PnpLockdown directive > > > windows/virt2phys: do not expose pageable physical addresses > > > windows/virt2phys: add limits against resource exhaustion > > > windows/virt2phys: add tracing > > > > Waiting for reviews, especially from Microsoft experts. > > Why is it taking so long? DmitryM, Microsoft expert who suggested this improvement, has been unavailable until recently. It is expected that he will review this series shortly now.