[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Dealing with non-existent BDF devices in VT-d and in the hardware.

Jan Beulich wrote on 2014-03-20:
>>>> On 20.03.14 at 01:48, "Zhang, Yang Z" <yang.z.zhang@xxxxxxxxx> wrote:
>> fake a device is a solution. But I am thinking (maybe I am wrong) why
>> not setup all VT-d entries under a bridge if passing a PCI device under
>> a bridge. Because when passing a PCI device under a bridge, all devices
>> under bridge should be assigned to the guest too. What current Xen dose
>> is only set the entry which has device, so why not extend it to setup
>> all entries? In this case, there is no user input is required.
> You'd have to prove that this doesn't impact isolation/security.

Yes, this need more deeply think. 

BTW, do you see any potential issue with doing this?

> Just look at xend: It checks that all devices in a group are owned by
> pciback/pci-stub, but it doesn't enforce assignment of all of them.
> This might be intentional (namely for any intermediate bridges).
> But yes, I think this would address Konrad's problem.
> Jan

Best regards,

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.