WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

RE: [Xen-users] PCI Passthrough without VT-d

To: Pasi Kärkkäinen <pasik@xxxxxx>
Subject: RE: [Xen-users] PCI Passthrough without VT-d
From: Jan Češčut <Jan.Cescut@xxxxxx>
Date: Tue, 2 Mar 2010 14:42:29 +0100
Accept-language: sl-SI
Acceptlanguage: sl-SI
Cc: "xen-users@xxxxxxxxxxxxxxxxxxx" <xen-users@xxxxxxxxxxxxxxxxxxx>
Delivery-date: Tue, 02 Mar 2010 05:44:10 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <20100227130359.GY2761@xxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <D1F877379205CF48BF6935A4398DEA7C02C16E62A2B6@xxxxxxxxxxxxxxxxxxxxx> <20100227130359.GY2761@xxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index: Acq3rXpEebO86MHWTNiF0jUuvBsUcgCYGkrg
Thread-topic: [Xen-users] PCI Passthrough without VT-d
Thanks for thorough explanation.

Have a nice day,
Jan

-----Original Message-----
From: Pasi Kärkkäinen [mailto:pasik@xxxxxx]
Sent: 27. februar 2010 14:04
To: Jan Češčut
Cc: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-users] PCI Passthrough without VT-d

On Fri, Feb 26, 2010 at 11:29:22PM +0100, Jan ?eš?ut wrote:
>    As I read XEN supports assigning a pci device to an unprivileged domain
>    without hardware supporting it. Has anyone already tried it? Are there any
>    security risks? If I understand correctly how PCI passthrough works the
>    performance should be the same as using the pci device in native mode. Is
>    it so? I have a PCI video card which would like to use inside a VM running
>    Windows XP.
>

Xen supports PCI passthrough to _PV_ (paravirtual) guests without VT-d,
and has actually supported that for years. There are some potential security
risks in this, since the PV guest gets full DMA control of the PCI device
and could use it for malicious purposes.

Xen PCI passthrough to HVM guests (=Windows) requires VT-d hardware support.

Also, PCI passthrough of a VGA/video card is not as simple as PCI passthrough
of other cards (nic, disk controller, usb controller).

VGA has lots of legacy stuff related to it, some memory ranges, IO ports, VGA 
BIOS,
etc that have to be 'passed through' aswell, and emulated.

Xen 4.0.0 will have PCI passthrough support of primary VGA adapters, but it 
requires
VT-d support as stated already earlier.

-- Pasi

ps. There is actually a hack/patch available that allows PCI passthrough to HVM 
guest
without VT-d, but that only works for the _first_ started HVM guest, and it's 
experimental
and not supported in any way. iirc the patch is available in xen-devel archives.

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
<Prev in Thread] Current Thread [Next in Thread>