On Mon, Jul 09, 2007 at 12:06:40AM -0700, David Miller wrote: > > That works, but isn't optimal when you have an isolation-capable > > IOMMU and you want the full isolation properties of the IOMMU. If > > you only flush the IOTLB when the allocator wraps around, a stale > > entry in the IOTLB can allow a DMA to go through for an IO entry > > that has already been unmapped. One way to mitigate that and still > > retain full isolation is to make sure no one else gets to use the > > frames that are the targets of the DMA until the translation has > > been flushed out of the IOTLB, but that requires pretty deep > > surgery. > > Virtualization sucks doesn't it? :-)
no comment :-) FWIW isolation capable IOMMUs are also useful to catch DMA errors when drivers program devices to DMA where they shouldn't. Sure, drivers can trash the kernel in other ways, but a printk beats random memory corruption any day of the week. > It's one of the worst aspects of all of this virtualization > business. In my view it makes no sense to split up the physical > hardware. Just give control nodes complete access to everything and > instead of playing games partializing real hardware, just give > virtual instances to everybody and be done with all of this > complexity. Virtual instances have a non-negligible performance cost and development cost - you need a virtual driver for any device or class of devices out there. Not to say that they aren't useful, just that direct access (aka "passthrough") has its uses too. > Anyways, hypervisors et al. have already decided to do this > braindamage so you will need to find some way to make it go fast now > won't you? :) Working on it :-) Cheers, Muli - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
