[vfio-users] VFIO for PCIe streaming from/to user space

Alex Williamson alex.williamson at redhat.com
Tue Jan 30 21:00:57 UTC 2018 

On Tue, 30 Jan 2018 21:41:30 +0100
Oliver Heid <oliver.heid at h-next.de> wrote:

> So the userspace -> IOVA mapping is not done automatically?

No, see the API, user provides an IOVA.

> How do I get 
> the MMU entries of user's pages from userspace and write them into the 
> IOMMU?

You don't need them, provide the virtual address to the mapping ioctl.
For instance if your buffer is mmap'd, provide the mmap pointer.

> Isn't it quite a security hazard to let any user program the IOMMU?

Any user cannot program the IOMMU, only users with permissions granted
to access the vfio group file and only up to the locked page limit
allowed for that user.  Thanks,

Alex

> ------------------------------------------------------------------------
> 
> *From:* Alex Williamson <mailto:alex.williamson at redhat.com>
> *Sent:* Tuesday, January 30, 2018 4:06PM
> *To:* Heid, Oliver <mailto:Oliver.Heid at h-next.de>
> *Cc:* Vfio-users <mailto:vfio-users at redhat.com>
> *Subject:* Re: [vfio-users] VFIO for PCIe streaming from/to user space
> 
> 
> On Tue, 30 Jan 2018 12:02:32 +0100
> Oliver Heid <Oliver.Heid at h-next.de> wrote:
> 
> > Hi,
> > I want to user VFIO for direct streaming between user space and a PCIe
> > device (FPGA). Device isolation works, but how do I re-assign the PCIe
> > BARs to my user space memory and handle the IOMMU TLB remapping? Or is
> > there some other/better way to do that?  
> 
> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/Documentation/vfio.txt
> 
> PCI BARs are exposed as regions within the device file descriptor, you
> can read/write to them via the file descriptor or mmap them into the
> user address space where supported.  DMA is configured via ioctls on
> the container, mapping a user virtual address to an IOVA.  Note that
> some IOMMUs do not support a full 64bit IOVA space, so don't expect to
> be able to identity map the IOVA to the virtual address.  We're working
> on an API to expose to the IOVA ranges to userspace.  Thanks,
> 
> Alex
> 
>

More information about the vfio-users mailing list