[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] feature suggestion: DMAR table emulation for Xen

On 14/05/2010 11:58, "Joanna Rutkowska" <joanna@xxxxxxxxxxxxxxxxxxxxxx>

> Well, we don't do graphics passthrough in Qubes, mostly for two reasons:
> 1) We believe users prefer seamless integration of all apps onto one
> desktop (and that requires only one domain, e.g. Dom0, to have access to
> the graphics card),
> 2) Giving a potentially untrusted domain full access to the graphics
> device creates a potential security risk. In fact, you cannot make such
> an architecture secure without using TXT (yes, TXT in addition to VT-d).
> Do you do IGD passthrough in Xen Client?

Yes, particularly necessary to get decent 3D performance (e.g., Windows
Aero). There are tricks to get security and performance (doing a mix of
emulation and passthrough).

 -- Keir

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.