[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH 3/3] xen: expose that grant table mappings update the IOMMU
On Tue, 2014-04-08 at 10:53 +0100, Jan Beulich wrote: > >>> On 08.04.14 at 10:58, <Ian.Campbell@xxxxxxxxxx> wrote: > > On Tue, 2014-04-08 at 09:56 +0100, Jan Beulich wrote: > >> >>> On 08.04.14 at 10:34, <Ian.Campbell@xxxxxxxxxx> wrote: > >> > On Mon, 2014-04-07 at 18:02 +0200, Roger Pau Monne wrote: > >> >> Add a new XENFEAT_hvm_gntmap_supports_iommu that is used to check > >> >> whether the hypervisor properly updates the IOMMU on auto-translated > >> >> guests when doing a grant table map/unmap operation. > >> > > >> > Is it the case on x86 that all devices are behind the IOMMU? > > > > I suppose I should have said "all DMA capable devices" or some such. > > > >> All PCI ones are. If someone passes through a device through > >> raw MMIO/PIO/PIRQ ranges, then the IOMMU may or may not > >> be involved. But I don't think we formally consider this model > >> valid/supported/secure for HVM guests (and for PV guests it's > >> insecure anyway, due to not requiring an IOMMU in the first > >> place). > > > > I was thinking of PVH dom0 here, which is the closest analogue to the > > ARM model. > > > > Sounds like it might suffer from the same shortcomings as ARM has to > > deal with. > > Except that on x86 there are hardly many DMA-capable non-PCI > devices, Sure. > and even less one may want to consider passing through > to a guest. Again, PVH dom0 is my concern here. By default you would expect dom0 to get given almost everything in the platform, including things which you might not normally pass through to a guest. Ian. _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |