Re: [Xen-users] PCI Passthrough
-----BEGIN PGP SIGNED MESSAGE-----
Am 25.05.2008 um 02:22 schrieb Mark Williamson:
I have already heard about IOMMU being implemented in Intel CPUs (or
probably the North Bridge, because as I hear that is where the Memory
Controller is located) only, however, as far as I can see AMD isn't
quiet there yet (I hear they postponed it to 2009 again, almost
reminds me of GNU/Hurd). However, that is one of the main problems I
am facing: Intel does not offer a suitable basis for low power
systems with desktop performance.
How low do you need the power consumption to be? Intel's recent
as scarily "hungrier than everything else" as they were back in the
Pentium 4 days, although I guess the "normal" power consumption has
since then too...
Thats a good question, as low as possible. For the platform I am
currently working on that means something around 50W, 70W at the most
when "idling" (might sound a little too enthusiastic, but its the
general target). I assume that most of the tasks I give it will leave
the machine more or less idling (below 10% on the CPU), even
virtualized, which only works with a CPU with enough power, so it can
clock down if the full speed isn't needed. The low power requirement
practically disqualifies anything without onboard graphics, since the
system has to deal with at least 2 HDDs and the network and wifi
hardware, not to mention the TV tuner card. I had a look at the X3500
IGP on Intels new chipset, but it seems like it still is no
alternative to the AMD 780G and I strongly suspect the nForce780a
chipset to not support VT-d (besides it being not available for Intel
CPUs at the moment). The requirements for extension slots practically
dismiss all the available mainboards for mobile Intel CPUs, since
those are either MicroATX or ITX too. I would really have prefered an
Intel CPU, but the current situation doesnt offer much of a choice.
I'd also note that there are now tiny motherboards based on Intel's
for very low power applications, although they won't give you the
performance you want. You might want to consider splitting some of
functionality of this system off onto a minimal box like that so the
powerful, hungry desktop hardware can be powered off completely
And there is the problem, I want one box that can handle it all,
because first of all, two boxes are more expensive and second of all,
if I need the desktops power over night, it will still have to run,
ultimately leaving me with two maschines worth of power drawn and
noise produced. In my opinion, for this case a single system can meet
the requirements perfectly well and scales better for this kind of
Intel's Atom CPU is out of the question though, It will probably not
be able to handle all the services I would require from the platform
at peek times. That includes HDTV decoding and reencoding for
possible MythTV clients (3 at the moment), which alone would more or
less kill the whole system. Having this part handled by the Desktop
system is impractical too, because whomever wants to use the MythTV
server over network would have to turn on the Desktop first (and the
current server provides resources for people outside my apartment
too... and sucks power like crazy doing it because of a defect, which
is why its going to be replaced).
I already looked far and wide for a
suitable CPU + Mainboard combination with low power consumption and
onboard 3D graphics that are worth something and I'm sorry to say,
but Intel's are definitively not (compared to the AMD 4x50e CPUs with
AMD780G chipsets at least). So I am basically bound to AMD for this
OK. Well if you have a particularly compelling need for AMD then
but it is going to be a problem for the security of PCI passthrough...
I rather wouldn't, but the alternatives in form of performance
combined with low power consumption are less compelling and if it
comes down to it, it is supposed to be a multimedia and home server.
However, if possible, I would still like to close security holes,
especially for the Firewall and Access Point VM (which is probably
the most critical part).
I already looked around for clues on a software IOMMU implementation
too, but the only thing I could find was SWIOTLB. As I understand it,
this solution merely allows 32bit devices to use more than 4gb of
RAM, or is there a way to use it as a software IOMMU in the sense of
Intel VT-d too? If not, is there another way to emulate IOMMU or at
least protect the system from a potentially compromised privileged
DomU until AMD CPUs supporting this feature are available?
I'm afraid there's no practical way of doing untrusted PCI passthrough
securely without having an IOMMU in hardware. Without special
enforce memory access controls, a domain with direct access to a
I'm afraid the "solution" to running untrusted operating systems is to
virtualise the devices too - using virtual network, graphics, etc
it's possible to provide more stringent controls on what they can /
than if you've given a guest *real* hardware. Unfortunately, this
seem to be a particularly good fit for most of what you want to do :-(
And am I
correct to assume that a possible feature for AMD CPUs will possibly
not need support from the chipset, because the Memory Controller is
located on the CPU?
That sounds sane but I don't know enough about the AMD platform
corporate plans!) to answer that one reliably.
I know what you mean, I am only guessing here too. And I will
probably have to stake a whole system on that guess unless another
solution pops up. It will be a real pain to secure the VMs though.
I hope someone can help me out of my confusion,
I hope that clears things up a bit. Sorry if it's not really the
for you though.
It does, and don't worry, I wasn't looking for an ideal answer
anyways. If that would exist, the whole project wouldn't interest me
at all :) . Besides, if there were a simple way, we would have linux
distros for sandboxed multimedia systems already. It really wouldn't
be fun that way.
Public Key: http://solaris-net.dyndns.org/keys/key_avlex.asc
"Making mistakes is human,
but to really fuck things up you need Computers"
Push Me Pull You - Distributed SCM tool (http://www.cl.cam.ac.uk/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)
-----END PGP SIGNATURE-----
Xen-users mailing list