[EMAIL PROTECTED] wrote:
On Wednesday 13 June 2007, Caitlin Bestler wrote:
It can be done, but you'd also need a passthrough for the IOMMU in
that case, and you get a potential security hole: if a malicious
guest is smart enough to figure out IOMMU mappings from the device
to memory owned
On Thursday 14 June 2007, Caitlin Bestler wrote:
Why not simply adopt the policy that if the IOMMU does not meet
the security requirements of the Hypervisor then it is not an
IOMMU as far as the Hypervisor is concerned?
More specificially, the Hypervisor should enable direct access
by a
On Sun, Jun 10, 2007 at 10:33:57AM +0300, Avi Kivity wrote:
It is worthwhile, when designing virtio, to keep in mind as many
possible users as possible. In addition to block and net, I see at
least the following:
- vmgl (paravirtualized 3D graphics)
Muli Ben-Yehuda wrote:
On Sun, Jun 10, 2007 at 10:33:57AM +0300, Avi Kivity wrote:
It is worthwhile, when designing virtio, to keep in mind as many
possible users as possible. In addition to block and net, I see at
least the following:
- vmgl (paravirtualized 3D graphics)
On Sunday 10 June 2007, Avi Kivity wrote:
- PCI (or your favorite HW bus) passthrough, for your favorite oddball
device (e.g., crypto-accelerators).
Won't all high-bandwidth traffic be through dma, bypassing virtio?
It can be done, but you'd also need a passthrough for the IOMMU
in
[EMAIL PROTECTED] wrote:
On Sunday 10 June 2007, Avi Kivity wrote:
- PCI (or your favorite HW bus) passthrough, for your favorite
oddball device (e.g., crypto-accelerators).
Won't all high-bandwidth traffic be through dma, bypassing virtio?
It can be done, but you'd also need a
On Wednesday 13 June 2007, Caitlin Bestler wrote:
It can be done, but you'd also need a passthrough for the
IOMMU in that case, and you get a potential security hole: if
a malicious guest is smart enough to figure out IOMMU
mappings from the device to memory owned by the host.
If it
On Wed, Jun 13, 2007 at 01:54:26AM +0200, Arnd Bergmann wrote:
On Wednesday 13 June 2007, Caitlin Bestler wrote:
It can be done, but you'd also need a passthrough for the
IOMMU in that case, and you get a potential security hole: if
a malicious guest is smart enough to figure out