On 23/02/2016 06:44, Tian, Kevin wrote: >> From: Song, Jike >> Sent: Tuesday, February 23, 2016 11:02 AM >> >> +Kevin >> >> On 02/22/2016 06:05 PM, Xiao Guangrong wrote: >>> >>> On 02/19/2016 08:00 PM, Paolo Bonzini wrote: >>>> >>>> I still have a doubt: how are you going to handle invalidation of GPU >>>> shadow page tables if a device (emulated in QEMU or even vhost) does DMA >>>> to the PPGTT? >>> >>> I think Jike is the better one to answer this question, Jike, could you >>> please clarify it? :) >>> >> >> Sure :) >> >> Actually in guest PPGTT is manipulated by CPU rather than GPU. The >> PPGTT page table itself are plain memory, composed & modified by the >> GPU driver, i.e. by CPU in Non-Root mode. >> >> Given that, we write-protected guest PPGTT, when VM writes PPGTT, EPT >> violation rather than DMA fault happens. > > 'DMA to PPGTT' is NOT SUPPORTED on our vGPU device model. Today > Intel gfx driver doesn't use this method, and we explicitly list it as a > guest driver requirement to support a vGPU. If a malicious driver does > program DMA to modify PPGTT, it can only modify guest PPGTT instead > of shadow PPGTT (being guest invisible). So there is no security issue > either. Ok, thanks for confirming. Paolo -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
