Re: [PATCH v3 15/16] iommu: introduce page response function

From: Jean-Philippe Brucker
Date: Fri Dec 08 2017 - 08:48:20 EST

Next message: Jean-Philippe Brucker: "Re: [PATCH v3 15/16] iommu: introduce page response function"
Previous message: Daniel Lezcano: "Re: [PATCH v9 3/6] clocksource: stm32: only use 32 bits timers"
Next in thread: Jean-Philippe Brucker: "Re: [PATCH v3 15/16] iommu: introduce page response function"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 07/12/17 21:56, Alex Williamson wrote:
[...]
>> Seems like VFIO should enforce this quota, since the IOMMU layer doesn't
>> know which device is assigned to which VM. If it's the IOMMU that enforces
>> quotas per device and a VM has 15 devices assigned, then the guest can
>> still DoS the IOMMU.
>
> VFIO also doesn't know about VMs. We know that devices attached to the
> same container are probably used by the same user, but once we add
> viommu, each device(group) uses its own container and we have no idea
> they're associated. So, no to VM based accounting, and it seems like
> an IOMMU problem, X number of outstanding requests per device. Thanks,

Ok. It's not clear anyway how the architecture and implementations expect
us to virtualize stall, I'll try to clarify it.

Thanks,
Jean

Next message: Jean-Philippe Brucker: "Re: [PATCH v3 15/16] iommu: introduce page response function"
Previous message: Daniel Lezcano: "Re: [PATCH v9 3/6] clocksource: stm32: only use 32 bits timers"
Next in thread: Jean-Philippe Brucker: "Re: [PATCH v3 15/16] iommu: introduce page response function"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]