[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [Hackathon minutes] PV network improvements

On Mon, 2013-05-20 at 19:33 +0100, Wei Liu wrote:
> On Mon, May 20, 2013 at 03:49:32PM +0100, George Dunlap wrote:
> [...]
> > > J) Map the whole physical memory of the machine in dom0
> > > If mapping/unmapping or copying slows us down, could we just keep the
> > > whole physical memory of the machine mapped in dom0 (with corresponding
> > > IOMMU entries)?
> > > At that point the frontend could just pass mfn numbers to the backend,
> > > and the backend would already have them mapped.
> > > >From a security perspective it doesn't change anything when running
> > > the backend in dom0, because dom0 is already capable of mapping random
> > > pages of any guests. QEMU instances do that all the time.
> > > But it would take away one of the benefits of deploying driver domains:
> > > we wouldn't be able to run the backends at a lower privilege level.
> > > However it might still be worth considering as an option? The backend is
> > > still trusted and protected from the frontend, but the frontend wouldn't
> > > be protected from the backend.
> > 
> > What's missing from this was my side of the discussion:
> > 
> > I was saying that if TLB flushes from grant-unmap is indeed the
> > problem, then maybe we could have the *front-end* in charge of
> > requesting a TLB flush for its pages.  The strict TLB flushing is to
> > protect a frontend from rogue back-ends from reading sensitive data;
> > if the front-end were willing to just not use the pages for a short
> > amount of time, and issue a flush say every second or so, that would
> > reduce the TLB flushes greatly while maintaining the safety advantages
> > of driver domains.
> > 
> I'm not sure I get what you mean here. Are you saying DomU flushes
> Dom0's TLB entries?

The gnt_unmap made by dom0 needs to flush the TLB of any physical
processor which may have seen the mapping, which means approximately all
dom0 vcpus.

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.