On Tue, 16 Nov 2021, Penny Zheng wrote:
> Cases where domU needs direct-map memory map:
> * IOMMU not present in the system.
> * IOMMU disabled if it doesn't cover a specific device and all the guests
> are trusted. Thinking a mixed scenario, where a few devices with IOMMU and
> a few without,
On 16.11.2021 10:44, Julien Grall wrote:
> On 16/11/2021 07:49, Jan Beulich wrote:
>> On 16.11.2021 07:31, Penny Zheng wrote:
>>> v3 changes:
>>> - move flag XEN_DOMCTL_CDF_INTERNAL_directmap back to
>>> xen/include/xen/domain.h,
>>> to let it be only available for domain created by XEN.
>>> - nam
Hi Jan,
On 16/11/2021 07:49, Jan Beulich wrote:
On 16.11.2021 07:31, Penny Zheng wrote:
v3 changes:
- move flag XEN_DOMCTL_CDF_INTERNAL_directmap back to xen/include/xen/domain.h,
to let it be only available for domain created by XEN.
- name it with extra "INTERNAL" and add comments to warn dev
On 16.11.2021 07:31, Penny Zheng wrote:
> v3 changes:
> - move flag XEN_DOMCTL_CDF_INTERNAL_directmap back to
> xen/include/xen/domain.h,
> to let it be only available for domain created by XEN.
> - name it with extra "INTERNAL" and add comments to warn developers not
> to accidently use its bitfi
Cases where domU needs direct-map memory map:
* IOMMU not present in the system.
* IOMMU disabled if it doesn't cover a specific device and all the guests
are trusted. Thinking a mixed scenario, where a few devices with IOMMU and
a few without, then guest DMA security still could not be totally
