[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Having a DOM-U guest with 1:1 mapping in the second stage MMU.

To: Jorge Pereira <jorge.pereira@xxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Andrei Cherechesu <andrei.cherechesu@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>
From: Julien Grall <julien@xxxxxxx>
Date: Wed, 15 Jan 2020 11:07:25 +0000
Delivery-date: Wed, 15 Jan 2020 11:07:39 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>



On 14/01/2020 21:39, Jorge Pereira wrote:

Hi Guys,


Hello,

I’m currently using XEN in order to run side-by-side a DOM-0 with aDOM-U guest. My use-case scenario requires in the DOM-U direct access tosome dma-capable devices such ethernet and some GPUs.
Since our target platform (i.MX8MM) does not support IOMMU, we can’tassign dma-capable devices to the DOM-U guest because XEN does notcreate 1:1 mapping for that guest in the 2^nd stage MMU. So,guest-virtual addresses are different than the physical ones.

Bear in mind this setup is going to be insecure unless you have anotherway to prevent your passthrough-ed device to access memory it should not(e.g an MPU).

Is it possible to have 1:1 mapping for DOM-U guests?

It is not possible at the moment. There are been various effort to tryto do it, but I have always push back as this is actively defeating thepurposing of an hypervisor.


This would be a different story if we had support for MPU in Xen.

If not, I’minterested to know what would be the estimated effort to support thisfeature?

I think you have someone else in NXP looking at 1:1 mapping for Xen (inCC). I provided to Andrei some tips how to get 1:1 mapping for DomUusing dom0less in December (see [1]). So you may want to sync-up withhim here.

If you are looking at 1:1 DomU using xl, then it is going to requiremore work as the hypercall allocating memory is based on guest framenumber. There was a thread on the ML a few years ago, I can try to digit down if you are interested.


Cheers,

[1]https://lists.xenproject.org/archives/html/xen-devel/2019-12/msg01364.html


Thanks in advance,

Cheers,

Jorge


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel


--
Julien Grall

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

Follow-Ups:
- Re: [Xen-devel] Having a DOM-U guest with 1:1 mapping in the second stage MMU.
  - From: Stefano Stabellini

References:
- [Xen-devel] Having a DOM-U guest with 1:1 mapping in the second stage MMU.
  - From: Jorge Pereira

Prev by Date: Re: [Xen-devel] [PATCH v1 4/4] xen/netback: Fix grant copy across page boundary with KASAN
Next by Date: Re: [Xen-devel] [PATCH v1 1/4] kasan: introduce set_pmd_early_shadow()
Previous by thread: [Xen-devel] Having a DOM-U guest with 1:1 mapping in the second stage MMU.
Next by thread: Re: [Xen-devel] Having a DOM-U guest with 1:1 mapping in the second stage MMU.
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.