Re: [Xen-devel] Xen ARM Dom0less passthrough without IOMMU

[Julien Grall <julien@xxxxxxx>]

On 16/12/2019 23:05, Stefano Stabellini wrote:
> On Mon, 16 Dec 2019, Julien Grall wrote:
> > On 16/12/2019 18:02, Andrei Cherechesu wrote:
> > But even with this patch, RAM in DomU is not direct mapped (i.e Guest Physical
> > Address == Host Physical Address). This means that DMA-capable device would
> > not work properly in DomU.
> >
> > We could theoritically map DomU direct mapped, but this would break the
> > isolation provided by the hypervisor.
> Yes, being able to map the DomU memory 1:1 can be pretty useful for some
> very embedded dom0less configurations, in fact I was surprised that a
> couple of Xilinx users asked me for that recently. Typically, the users
> are aware of the consequences but they still find them better than the
> alternative (i.e. the lack of isolation is bad but is tolerable in their
> configuration.)
This does not make much sense... The whole point of a hypervisor is to 
isolate guest between each other... So if you are happy with the lack of 
isolation, then why are you using an hypervisor at the first place?
>  From an implementation perspective, it should be a matter of calling
> allocate_memory_11 instead of allocate_memory from construct_domU. I
> wanted to experiment with it myself but I haven't had the time. If
> nothing else, it would be useful to have a patch around to do it if
> needed.
This is not that simple. You at least also need to:
    - Update the code to generate the DT based on the new 1:1 address
    - Modify the various emulation in Xen because they rely on Xen 
guest memory layout
    - Modify is_domain_direct_mapped() to deal with guest

I probably missed other bits. Anyway, this is not something I am willing 
to accept upstream as this break the core idea of an hypervisor.
Cheers,

--
Julien Grall

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel