> From: Jan Beulich [mailto:jbeul...@suse.com] > Sent: Wednesday, December 10, 2014 6:36 PM > > >>> On 10.12.14 at 02:14, <kevin.t...@intel.com> wrote: > >> From: Tim Deegan [mailto:t...@xen.org] > >> It's been suggested before that we should revive this hypercall, and I > >> don't think it's a good idea. Whenever a domain needs to know the > >> actual MFN of another domain's memory it's usually because the > >> security model is problematic. In particular, finding the MFN is > >> usually followed by a brute-force mapping from a dom0 process, or by > >> passing the MFN to a device for unprotected DMA. > > > > In our case it's not because the security model is problematic. It's > > because GPU virtualization is done in Dom0 while the memory virtualization > > is done in hypervisor. > > Which by itself is a questionable design decision. >
I don't think we want to put a ~20K LOC device model in hypervisor. Thanks Kevin _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel
