[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Xen security advisory CVE-2011-1898 - VT-d (PCI passthrough) MSI

Tim Deegan writes ("Re: [Xen-devel] Xen security advisory CVE-2011-1898 - VT-d 
(PCI passthrough) MSI"):
> At 21:48 +0100 on 19 May (1305841716), Cihula, Joseph wrote:
> > So how would the user (or installation SW) specify to use the best
> > (IOMMU) security available on the platform?
> 
> iommu=on.  That pretty much lines up with the current meaining. 
> 
> Only iommu=force requires a fully secure IOMMU, and you can
> overide that with iommu=force,nointremap.  

I think this is the best behaviour.  Do we have a patch that
implements it ?  If I'm not confused, the patch further upthread
crashes on lack of intremap even with iommu=on.

Ian.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.