RE: [Xen-devel] [PATCH 0/5] VT-d support for PV guests

["Ian Pratt" <Ian.Pratt@xxxxxxxxxxxxx>]

> The patchset does, as you guessed, enable isolation for PV guests with
> direct hardware access.  If you assign a PCI device to a guest you are
> guaranteed that the assigned device can't access the memory of other
> guests or Xen itself.  The patchseet allows the device to access all
> its own memory which it has write access to, and memory which is
> granted to it.

Not that I particularly think it matters, but does the patch configure
the IOMMU to distinguish between read-only and read-write access to a
guest's own memory or granted memory? If not, we should at least clearly
document that we're being a little more permissive. 

Have you got any with-and-without performance results with a decent
high-throughput device (e.g. a HBA or 10Gb/s NIC)? 

It would be good if you could provide a bit more detail on when the
patch populates IOMMU entries, and how it keeps them in sync. For
example, does the IOMMU map all the guest's memory, or just that which
will soon be the subject of a DMA? How synchronous is the patch in
removing mappings, e.g. due to page type changes (pagetable pages,
balloon driver) or due to unmapping grants?  

There's been a lot of discussion at various xen summits about different
IOMMU optimizations (e.g. for IBM Summit, Power etc) and I'd like to
understand exactly what tradeoffs your implementation makes. Anyhow,
good stuff, thanks!

Thanks,
Ian
 
 



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel