[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] Ping: [PATCH] x86/MSI: add mechanism to protect MSI-X table from PV guest accesses
>>> On 28.02.13 at 13:30, Andrew Cooper <andrew.cooper3@xxxxxxxxxx> wrote: > For what it is worth, I think the principle is good. One query I have > is whether it is sensible to restrict this to dom0, as the comments > indicate, or whether it should be permitted to be used by any domain > with appropriate permissions to manage PCI passthrough. No, I think this indeed ought to be restricted to Dom0 as the original owner of all devices. If Dom0 decides to had some devices for management to a second domain, the resource assignment nevertheless needs to be coordinated by Dom0, and hence the notification should also come from there. > How do you see dom0 attempting to use these hypercalls in an example of > passing a PCI device through to an untrusted domain? Right now my plan is to have pciback issue the hypercall right after having called pci_enable_device(), pending confirmation that resources won't change after that point anymore (see the mail I sent to Bjorn Helgaas earlier today, xen-devel Cc-ed). Jan _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |