Re: [virtio-dev] Re: [RFC] Virtio RDMA

[Yongji Xie <xieyongji@bytedance.com>]

On Wed, Feb 16, 2022 at 11:42 PM Doug Ledford <dledford@redhat.com> wrote:
>
> On Wed, Feb 16, 2022 at 9:08 AM Yongji Xie <xieyongji@bytedance.com> wrote:
>>
>> On Wed, Feb 16, 2022 at 8:06 PM Leon Romanovsky <leon@kernel.org> wrote:
>> >
>> > On Wed, Feb 16, 2022 at 06:03:29PM +0800, Junji Wei wrote:
>> > >
>> > > > On Feb 16, 2022, at 5:48 PM, Leon Romanovsky <leon@kernel.org> wrote:
>> > > >
>> > > > On Wed, Feb 16, 2022 at 04:00:53PM +0800, Junji Wei wrote:
>> > > >
>> > > > <...>
>> > > >
>> > > >>>
>> > > >>> What is the use case for this virtio-rdma? Especially in context of RXE.
>> > > >>
>> > > >> Hmm... yes, we didnât find one. In passthrough case we can use RXE directly.
>> > > >
>> > > > It doesn't sound like a good sales pitch.
>> > >
>> > > Maybe I misunderstanded what you mean. We mean we didnât find a user case
>> > > for virtio-rdma with passthrough net device. Do you want to know the user
>> > > case for our virtio-rdma(RoCE) proposal?
>> >
>> > Yes, please.
>> >
>>
>> I think one point is: when running RDMA accelerated applications in
>> VM, the virtio-rdma solution should get better performance than RXE
>> since it has a shorter data path (guest app -> host dpdk, bypass guest
>> kernel).
>
>
> What's the security model?  Native RDMA has security on a per QP basis.  DPDK requires root/CAP_NET_RAW access and allows anything.  How are you ensuring that rogue apps can't do bad things with this?
>

Should this be already protected at the virtio level? I think
virtio-net would meet the same problem if we have a malicious guest.
And DPDK is under our control, I think we can do some validation if
the app violates the RDMA semantics.

Thanks,
Yongji