Xen project Mailing List

RE: [Xen-devel] [PATCH 0/5] VT-d support for PV guests

To: "Keir Fraser" <keir.fraser@xxxxxxxxxxxxx>

From: "Yang, Xiaowei" <xiaowei.yang@xxxxxxxxx>

Date: Tue, 20 May 2008 15:58:20 +0800

Cc: xen-devel@xxxxxxxxxxxxxxxxxxx, espen.skoglund@xxxxxxxxxxxxx

Delivery-date: Tue, 20 May 2008 00:59:49 -0700

List-id: Xen developer discussion <xen-devel.lists.xensource.com>

Thread-index: Aci6TpSp9NOVRdSbQiKTlE1e5lE3aAAABbYgAAADOMA=

Thread-topic: RE: [Xen-devel] [PATCH 0/5] VT-d support for PV guests

>-----Original Message----- >From: Yang, Xiaowei >Sent: Tuesday, May 20, 2008 3:54 PM >To: Yang, Xiaowei >Subject: FW: [Xen-devel] [PATCH 0/5] VT-d support for PV guests > > > >Thanks, >Xiaowei >________________________________________ >From: Yang Xiaowei [mailto:xiaowei.yang@xxxxxxxxx] >Sent: Tuesday, May 20, 2008 3:53 PM >To: Yang, Xiaowei >Subject: Fwd: [Xen-devel] [PATCH 0/5] VT-d support for PV guests > > >---------- Forwarded message ---------- >From: Keir Fraser <keir.fraser@xxxxxxxxxxxxx> >Date: Tue, May 20, 2008 at 3:39 PM >Subject: Re: [Xen-devel] [PATCH 0/5] VT-d support for PV guests >To: Espen Skoglund <espen.skoglund@xxxxxxxxxxxxx>, >xen-devel@xxxxxxxxxxxxxxxxxxx > >On 19/5/08 21:27, "Espen Skoglund" <espen.skoglund@xxxxxxxxxxxxx> wrote: > >> I've added some preliminary support for VT-d for paravirtualized >> guests. This must be enabled using an 'iommu_pv' boot parameter >> (disabled by default). >> >> I've added some python bindigs to allow xend to assign PCI devices to >> IOMMU for PV guests. For HVM guests this is handled in ioemu. Not >> sure if it makes sense to handle both cases in one place. >> >> The changes currently hook into get_page_type() in xen/arch/x86/mm.c >> to map/unmap IOMMU pages when the page types change. This might >> not be the apropriate place to hook these calls. >What functionality does this patchset enable, Espen? Is this a security >enhancement (isolation/containment) for PV guests with direct hardware >access? For example: can access all its own memory except that which has >pagetable/GDT type, and only foreign memory which is granted to it? > Yes to me. VTd support for PV guest can prevent one domain from accessing other domains' pages without permission. Thanks, Xiaowei _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.