kvm PCI assignment & VFIO ramblings
Joerg Roedel
joro at 8bytes.org
Fri Aug 5 22:57:09 EST 2011
On Fri, Aug 05, 2011 at 08:26:11PM +1000, Benjamin Herrenschmidt wrote:
> On Thu, 2011-08-04 at 12:41 +0200, Joerg Roedel wrote:
> > On Mon, Aug 01, 2011 at 02:27:36PM -0600, Alex Williamson wrote:
> > > It's not clear to me how we could skip it. With VT-d, we'd have to
> > > implement an emulated interrupt remapper and hope that the guest picks
> > > unused indexes in the host interrupt remapping table before it could do
> > > anything useful with direct access to the MSI-X table. Maybe AMD IOMMU
> > > makes this easier?
> >
> > AMD IOMMU provides remapping tables per-device, and not a global one.
> > But that does not make direct guest-access to the MSI-X table safe. The
> > table contains the table contains the interrupt-type and the vector
> > which is used as an index into the remapping table by the IOMMU. So when
> > the guest writes into its MSI-X table the remapping-table in the host
> > needs to be updated too.
>
> Right, you need paravirt to avoid filtering :-)
Or a shadow MSI-X table like done on x86. How to handle this seems to be
platform specific. As you indicate there is a standardized paravirt
interface for that on Power.
> IE the problem is two fold:
>
> - Getting the right value in the table / remapper so things work
> (paravirt)
>
> - Protecting against the guest somewhat managing to change the value in
> the table (either directly or via a backdoor access to its own config
> space).
>
> The later for us comes from the HW PE filtering of the MSI transactions.
Right. The second part of the problem can be avoided with
interrupt-remapping/filtering hardware in the IOMMUs.
Joerg
More information about the Linuxppc-dev
mailing list