On 01/08/18 10:59, Jan Beulich wrote: >>>> On 01.08.18 at 11:20, <[email protected]> wrote: >> On 01/08/2018 10:10, Jan Beulich wrote: >>>> Furthermore, on by default is the only reasonable option. Dom0 is >>>> specifically given cpu mappings of the reserved regions, therefore it >>>> should have matching IOMMU mappings. >>> I don't think I can uniformly agree with this: There are reserved >>> regions which specifically would better not have IOMMU mappings: >>> LAPIC, IO-APIC, MMCFG just to name things I can immediately >>> think of. >> Right, but that's not what I said. >> >> For any CPU mapping, we should have a matching IOMMU mapping. This is >> how hardware behaves in a native system, and is how all operating >> systems are written to behave. Breaking this expectation will break >> software in unexpected ways. > Well, LAPIC is a clear exception to this rule, as from devices' point > of view the 0xFEExxxxx range has a completely different meaning.
And furthermore is magic anyway when it comes to DMA's hitting that region. > >> For the items you list there, we don't give dom0 CPU mappings (because >> restricting them is indeed a sensible thing), and the "matching" mapping >> in the IOMMU is also not present. > Not exactly: We still emulate those ranges for CPU side accesses, > while we don't emulate IOMMU / device side ones. So there's a > difference to native hardware anyway. We can't emulate the IOMMU side at all, nor would we want to in the context of disallowing dom0 access to those bits of real hardware. ~Andrew _______________________________________________ Xen-devel mailing list [email protected] https://lists.xenproject.org/mailman/listinfo/xen-devel
