[dpdk-dev] Running DPDK with Docker

The uio drivers are not secured by an iommu. Therefore, you could misuse the NIC to DMA read/write into any part of memory, e.g. reading or writing to memory of the host or other containers. This is a security breach if you enable a container to do this by giving it access via uio, because you hav

[dpdk-dev] VFIO in setup.sh

g if it belongs to > this or that IOMMU group. iommu groups already exist before vfio-pci is loaded. The whole setup process as described in the VFIO documentation, where a PCIe device shares an iommu group with other devices, can therefore be automated. Some time ago I wrote a ruby script

[dpdk-dev] VFIO in setup.sh

I think the whole process of VFIO binding maybe needs at least a second thought regarding corner cases and security. 1) in the setup process, there currently is no mechanism that checks if the Device to be used has other devices in the same iommu group that need to be bound to VFIO too. Otherwise

[dpdk-dev] [PATCH 1/1] tools: Fix some strings and functions regarding VFIO support

naming and string inside function. - Exchange a forgotten "igb_uio" with "vfio-pci" in a comment. Signed-off-by: Andre Richter --- tools/setup.sh | 12 ++-- 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/tools/setup.sh b/tools/setup.sh index ac4

[dpdk-dev] [PATCH] tools: Fix some strings and functions regarding VFIO support

> > Thanks > > 2015-03-18 16:05, Andre Richter: > > This patch fixes several minor issues in setup.sh: > > > > - show_nics() would not display the current Ethernet settings if > >the user only loads the vfio-pci module, b/c it only checks for > >

[dpdk-dev] [PATCH] tools: Fix some strings and functions regarding VFIO support

This patch fixes several minor issues in setup.sh: - show_nics() would not display the current Ethernet settings if the user only loads the vfio-pci module, b/c it only checks for presence of igb_uio. Fix this by adding a check for vfio-pci. - unbind_nics(): Fix option nam

[dpdk-dev] DPDK on EC2?

Be sure to get an instance with SR-IOV, which is "enhanced networking" in Amazon speak. http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/enhanced-networking.html Cheers Andre Jeff Wang schrieb am Mo., 16. M?rz 2015 um 21:08: > Hi, > > I'm trying to deploy DPDK and ovs on an AWS EC2 instance w

[dpdk-dev] [PATCH] tools: remove chmod absolute path in setup.sh

setup.sh uses /usr/bin/chmod, but depending on distribution, it is not always there. For example, Ubuntu has /bin/chmod. Fix this by removing the absolute path, like it is done e.g. with grep. --- tools/setup.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tools/setu