[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 3/3] xen: expose that grant table mappings update the IOMMU



On Tue, 2014-04-08 at 09:56 +0100, Jan Beulich wrote:
> >>> On 08.04.14 at 10:34, <Ian.Campbell@xxxxxxxxxx> wrote:
> > On Mon, 2014-04-07 at 18:02 +0200, Roger Pau Monne wrote:
> >> Add a new XENFEAT_hvm_gntmap_supports_iommu that is used to check
> >> whether the hypervisor properly updates the IOMMU on auto-translated
> >> guests when doing a grant table map/unmap operation.
> > 
> > Is it the case on x86 that all devices are behind the IOMMU?

I suppose I should have said "all DMA capable devices" or some such.

> All PCI ones are. If someone passes through a device through
> raw MMIO/PIO/PIRQ ranges, then the IOMMU may or may not
> be involved. But I don't think we formally consider this model
> valid/supported/secure for HVM guests (and for PV guests it's
> insecure anyway, due to not requiring an IOMMU in the first
> place).

I was thinking of PVH dom0 here, which is the closest analogue to the
ARM model.

Sounds like it might suffer from the same shortcomings as ARM has to
deal with.

Ian.



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.