[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [Xen-devel] [RFC PATCH 0/4] Qemu: Add Xen vIOMMU suppor

From: Roger Pau Monné
Subject: Re: [Qemu-devel] [Xen-devel] [RFC PATCH 0/4] Qemu: Add Xen vIOMMU support
Date: Mon, 20 Mar 2017 14:17:27 +0000
User-agent: NeoMutt/20170306 (1.8.0)

On Mon, Mar 20, 2017 at 12:38:41PM +0100, Paolo Bonzini wrote:
> On 20/03/2017 03:40, Lan Tianyu wrote:
> >>> Xen only supports emulated I440 and so we enable vIOMMU with emulated
> >>> I440 chipset. This works on Linux and Windows guest.
> >> Any plans to change this?  Why is Xen not able to use Q35 with Intel
> >> IOMMU, with only special hooks for interrupt remapping?
> >>
> >> Paolo
> >>
> > Hi Paolo:
> > Thanks for review. For Xen side, we won't reuse Intel IOMMU device model
> > in Qemu and create counterpart in Xen hypervisor. The reasons are
> >  1) Avoid round trips between Qemu and Xen hypervisor
> >  2) Ease of integration with the rest part of the hypervisor(vIOAPIC,
> > vMSI and so on).
> Fair enough, though I'd be worried about increasing the attack surface
> of the hypervisor.  For KVM, for example, IOMMU emulation requires using
> the "split irqchip" feature to move the PIC and IOAPIC out of the kernel
> and back to QEMU.

Yes, that's right, we are increasing the surface of attack. But Xen also needs
it in order to support APIC IDs > 255 on PVH guests (that have a local APIC but
no QEMU).


reply via email to

[Prev in Thread] Current Thread [Next in Thread]