On 09/14/2014 03:57 PM, Ard Biesheuvel wrote: > > Never mind. I read the whole thread this time. > > So, in summary, there is a concern that a malicious guest may request > a cachable mapping for a device range, in an attempt to manipulate the > VGIC or other device memory of another VM. > I think that concern only applies to writable mappings, so perhaps we > should just change > > if (kvm_is_mmio_pfn(pfn)) > > to > > if (kvm_is_mmio_pfn(pfn) && writable) Hi Ard, What if the device passed through is read-only like maybe IPMI sensors. > > and be done with it (which is coincidentally the very first naive fix > I suggested for the issue i was seeing) > That way, we never map read-only MMIO regions writable, and rely on > the MT_DEVICE trumps MT_NORMAL rule to ensure the guest reads to those > regions are uncached. > (Wouldn't hurt to add a comment to explain it, I suppose) > _______________________________________________ kvmarm mailing list kvmarm@xxxxxxxxxxxxxxxxxxxxx https://lists.cs.columbia.edu/mailman/listinfo/kvmarm
