Re: [PATCH 3/9] add frontend implementation for the IOMMU API

From: FUJITA Tomonori
Date: Mon Dec 01 2008 - 10:59:34 EST

On Mon, 01 Dec 2008 16:33:11 +0200
Avi Kivity <avi@xxxxxxxxxx> wrote:

> Joerg Roedel wrote:
> > Hmm, is there any hardware IOMMU with which we can't emulate domains by
> > partitioning the IO address space? This concept works for GART and
> > Calgary.
> >
> >
> Is partitioning secure? Domain X's user could program its hardware to
> dma to domain Y's addresses, zapping away Domain Y's user's memory.

It can't be secure. So what's the point to emulate the domain
partitioning in many traditional hardware IOMMUs that doesn't support

The emulated domain support with the DMA mapping debugging feature
might be useful to debug drivers but it doesn't mean that we need to
add the emulated domain support to every hardware IOMMU. If you add it
to swiotlb, everyone can enjoy the debugging.
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at