Xen project Mailing List

[Xen-devel] [Notes for xen summit 2018 design session] PCI pass-through with de-privileged QEMU

To: xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>

From: Lars Kurth <lars.kurth@xxxxxxxxxx>

Date: Mon, 2 Jul 2018 14:04:45 +0000

Accept-language: en-GB, en-US

Cc: "Xin Li \(Talons\)" <xin.li@xxxxxxxxxx>, Paul Durrant <Paul.Durrant@xxxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>, Doug Goldstein <cardoe@xxxxxxxxxx>, "committers@xxxxxxxxxxxxxx" <committers@xxxxxxxxxxxxxx>

Delivery-date: Mon, 02 Jul 2018 14:05:18 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Thread-index: AQHUEg2hodO2fkEDHku0xY2DZQZrMQ==

Thread-topic: [Notes for xen summit 2018 design session] PCI pass-through with de-privileged QEMU

This is a session hosted by Xin Li from Citrix on PCI-passthrough in a deprivleged QEMU. (Went over key points of QEMU de-priv talk - see https://www.slideshare.net/xen_com_mgr/xpdds18-qemu-and-xen-reducing-the-attack-surface-paul-durrant-citrix) Problem is syses nodes need to be opened. Doug: Can we use Linux namespaces as an improvement? Paul: Can we use add-fd to pass FDs to QEMU? X: Yes. That's possible. Doug: KVM just passes through vfio. Just one file to do everything to pass resources. Paul: We don't have vfio yet. X: XAPI needs the whole of sysfs George: why in XAPI you passes all sysfs? It is just the current design. Part of the directory is already used by USB passthru, so it needs to get the permission G: xl already does USB passthrough P: That has been working for a long time. D: Can we not pass through the whole sysfs. X: You can only get first 64 bytes out, which is not enough X: Intel dev says to use polling mode to verify is masked is done. G: Can we just take a bunch of stuff out of QEMU? P: when Roger's stuff's done, should be OK. For now QEMU needs to work. G: Does accessing 64 bytes make it able to do harm. P: To a degree. D: vfio, there is one file that is passthrough, which has a bunch of ioctl. That can be looked at. Linux already has done a bunch for work to avoid QEMU touching stuff. It has probably reached those sysfs nodes. G: vfio work in dom0? P: Nothing prevents you from turning it on. G: We can try, it is a stopgap before PVH anyway. P: We can have a look. QEMU passthrough code is Xen specific. P: Intel hooked in GVT-g to make it looks like sr-iov device. It probably works because all ios are handled by QEMU. To make it work with Xen more work is needed: Xen's handler is inside Dom0. G: Can we just use the one in QEMU? P: Worth investigating. Check out vfio before adding new dmops. Xin will investigate vfio after the session. _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.