kvm PCI assignment & VFIO ramblings
Benjamin Herrenschmidt
benh at kernel.crashing.org
Fri Aug 5 20:26:11 EST 2011
On Thu, 2011-08-04 at 12:41 +0200, Joerg Roedel wrote:
> On Mon, Aug 01, 2011 at 02:27:36PM -0600, Alex Williamson wrote:
> > It's not clear to me how we could skip it. With VT-d, we'd have to
> > implement an emulated interrupt remapper and hope that the guest picks
> > unused indexes in the host interrupt remapping table before it could do
> > anything useful with direct access to the MSI-X table. Maybe AMD IOMMU
> > makes this easier?
>
> AMD IOMMU provides remapping tables per-device, and not a global one.
> But that does not make direct guest-access to the MSI-X table safe. The
> table contains the table contains the interrupt-type and the vector
> which is used as an index into the remapping table by the IOMMU. So when
> the guest writes into its MSI-X table the remapping-table in the host
> needs to be updated too.
Right, you need paravirt to avoid filtering :-)
IE the problem is two fold:
- Getting the right value in the table / remapper so things work
(paravirt)
- Protecting against the guest somewhat managing to change the value in
the table (either directly or via a backdoor access to its own config
space).
The later for us comes from the HW PE filtering of the MSI transactions.
Cheers,
Ben.
More information about the Linuxppc-dev
mailing list