On Thu, 2011-08-04 at 12:41 +0200, Joerg Roedel wrote: > On Mon, Aug 01, 2011 at 02:27:36PM -0600, Alex Williamson wrote: > > It's not clear to me how we could skip it. With VT-d, we'd have to > > implement an emulated interrupt remapper and hope that the guest picks > > unused indexes in the host interrupt remapping table before it could do > > anything useful with direct access to the MSI-X table. Maybe AMD IOMMU > > makes this easier? > > AMD IOMMU provides remapping tables per-device, and not a global one. > But that does not make direct guest-access to the MSI-X table safe. The > table contains the table contains the interrupt-type and the vector > which is used as an index into the remapping table by the IOMMU. So when > the guest writes into its MSI-X table the remapping-table in the host > needs to be updated too. Right, you need paravirt to avoid filtering :-) IE the problem is two fold: - Getting the right value in the table / remapper so things work (paravirt) - Protecting against the guest somewhat managing to change the value in the table (either directly or via a backdoor access to its own config space). The later for us comes from the HW PE filtering of the MSI transactions. Cheers, Ben. -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
