RE: [Xen-devel] [PATCH 0/5] VT-d support for PV guests

["Ian Pratt" <Ian.Pratt@xxxxxxxxxxxxx>]

> >For ballooned frames, Xen should be able to put them on a
> >'pending' list
> >awaiting completion of a flush (hence the flush is typically not
> >synchronous).
> 
> It seems so. Just one security concern: it's possible to have
decreased
> frames allocated to another VM before completion of async flush. In
> this case, the IOMMU still caches old mapping and thus it leaks a
window
> for mallicious domain/device to touch those frames...
> 
> But we may force a delayed completion check when a free page is
> allocated to a new VM or inserted to other p2m table. Then I agree
upon
> page's specific usage, async flush is possible. :-)

Yep, that's the purpose of the 'pending' list(s): pages don't graduate
to the free list until synchronized against flush completion.

> >Frames that transition to pagetable frames are more problematic. It's
> >probably better to modify the guest to create a separate quicklist
for
> >pagetable frames, so they get recycled and remain out of the
> >IOMMU until
> >they return to the free list.
> >
> 
> So you're already talking about one more step from current
> implentation, to selectively insert mapping as device really requires.
Create a PV
> iommu interface may serve this purpose more accurately.

Linux 2.4 had a concept of a quicklist that was used to recycle
pagetable pages rather than just returning them to the free list. It got
removed in 2.6, but reinstating something similar would help Xen,
particularly in the case with an IOMMU. 

Ian 




_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel