From: Alex Williamson <alex.williamson@redhat.com>
To: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jike Song <jike.song@intel.com>,
Yang Zhang <yang.zhang.wz@gmail.com>,
"igvt-g@lists.01.org" <igvt-g@ml01.01.org>,
qemu-devel <qemu-devel@nongnu.org>,
"kvm@vger.kernel.org" <kvm@vger.kernel.org>,
Paolo Bonzini <pbonzini@redhat.com>
Subject: Re: [iGVT-g] VFIO based vGPU(was Re: [Announcement] 2015-Q3 release of XenGT - a Mediated ...)
Date: Mon, 01 Feb 2016 14:44:55 -0700 [thread overview]
Message-ID: <1454363095.10542.10.camel@redhat.com> (raw)
In-Reply-To: <1454332246.10168.47.camel@redhat.com>
On Mon, 2016-02-01 at 14:10 +0100, Gerd Hoffmann wrote:
> Hi,
>
> > > Unfortunately it's not the only one. Another example is, device-model
> > > may want to write-protect a gfn (RAM). In case that this request goes
> > > to VFIO .. how it is supposed to reach KVM MMU?
> >
> > Well, let's work through the problem. How is the GFN related to the
> > device? Is this some sort of page table for device mappings with a base
> > register in the vgpu hardware?
>
> IIRC this is needed to make sure the guest can't bypass execbuffer
> verification and works like this:
>
> (1) guest submits execbuffer.
> (2) host makes execbuffer readonly for the guest
> (3) verify the buffer (make sure it only accesses resources owned by
> the vm).
> (4) pass on execbuffer to the hardware.
> (5) when the gpu is done with it make the execbuffer writable again.
Ok, so are there opportunities to do those page protections outside of
KVM? We should be able to get the vma for the buffer, can we do
something with that to make it read-only. Alternatively can the vgpu
driver copy it to a private buffer and hardware can execute from that?
I'm not a virtual memory expert, but it doesn't seem like an
insurmountable problem. Thanks,
Alex
WARNING: multiple messages have this Message-ID (diff)
From: Alex Williamson <alex.williamson@redhat.com>
To: Gerd Hoffmann <kraxel@redhat.com>
Cc: Yang Zhang <yang.zhang.wz@gmail.com>,
"igvt-g@lists.01.org" <igvt-g@ml01.01.org>,
Jike Song <jike.song@intel.com>,
"kvm@vger.kernel.org" <kvm@vger.kernel.org>,
qemu-devel <qemu-devel@nongnu.org>,
Paolo Bonzini <pbonzini@redhat.com>
Subject: Re: [Qemu-devel] [iGVT-g] VFIO based vGPU(was Re: [Announcement] 2015-Q3 release of XenGT - a Mediated ...)
Date: Mon, 01 Feb 2016 14:44:55 -0700 [thread overview]
Message-ID: <1454363095.10542.10.camel@redhat.com> (raw)
In-Reply-To: <1454332246.10168.47.camel@redhat.com>
On Mon, 2016-02-01 at 14:10 +0100, Gerd Hoffmann wrote:
> Hi,
>
> > > Unfortunately it's not the only one. Another example is, device-model
> > > may want to write-protect a gfn (RAM). In case that this request goes
> > > to VFIO .. how it is supposed to reach KVM MMU?
> >
> > Well, let's work through the problem. How is the GFN related to the
> > device? Is this some sort of page table for device mappings with a base
> > register in the vgpu hardware?
>
> IIRC this is needed to make sure the guest can't bypass execbuffer
> verification and works like this:
>
> (1) guest submits execbuffer.
> (2) host makes execbuffer readonly for the guest
> (3) verify the buffer (make sure it only accesses resources owned by
> the vm).
> (4) pass on execbuffer to the hardware.
> (5) when the gpu is done with it make the execbuffer writable again.
Ok, so are there opportunities to do those page protections outside of
KVM? We should be able to get the vma for the buffer, can we do
something with that to make it read-only. Alternatively can the vgpu
driver copy it to a private buffer and hardware can execute from that?
I'm not a virtual memory expert, but it doesn't seem like an
insurmountable problem. Thanks,
Alex
next prev parent reply other threads:[~2016-02-01 21:44 UTC|newest]
Thread overview: 118+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-01-18 2:39 VFIO based vGPU(was Re: [Announcement] 2015-Q3 release of XenGT - a Mediated ...) Jike Song
2016-01-18 2:39 ` [Qemu-devel] " Jike Song
2016-01-18 4:47 ` Alex Williamson
2016-01-18 4:47 ` [Qemu-devel] " Alex Williamson
2016-01-18 8:56 ` Jike Song
2016-01-18 8:56 ` [Qemu-devel] " Jike Song
2016-01-18 19:05 ` Alex Williamson
2016-01-18 19:05 ` [Qemu-devel] " Alex Williamson
2016-01-20 8:59 ` Jike Song
2016-01-20 8:59 ` [Qemu-devel] " Jike Song
2016-01-20 9:05 ` Tian, Kevin
2016-01-20 9:05 ` [Qemu-devel] " Tian, Kevin
2016-01-25 11:34 ` Jike Song
2016-01-25 11:34 ` [Qemu-devel] " Jike Song
2016-01-25 21:30 ` Alex Williamson
2016-01-25 21:30 ` [Qemu-devel] " Alex Williamson
2016-01-25 21:45 ` Tian, Kevin
2016-01-25 21:45 ` [Qemu-devel] " Tian, Kevin
2016-01-25 21:48 ` Tian, Kevin
2016-01-25 21:48 ` [Qemu-devel] " Tian, Kevin
2016-01-26 9:48 ` Neo Jia
2016-01-26 9:48 ` [Qemu-devel] " Neo Jia
2016-01-26 10:20 ` Neo Jia
2016-01-26 10:20 ` [Qemu-devel] " Neo Jia
2016-01-26 19:24 ` Tian, Kevin
2016-01-26 19:24 ` [Qemu-devel] " Tian, Kevin
2016-01-26 19:29 ` Neo Jia
2016-01-26 19:29 ` [Qemu-devel] " Neo Jia
2016-01-26 20:06 ` Alex Williamson
2016-01-26 20:06 ` [Qemu-devel] " Alex Williamson
2016-01-26 21:38 ` Tian, Kevin
2016-01-26 21:38 ` [Qemu-devel] " Tian, Kevin
2016-01-26 22:28 ` Neo Jia
2016-01-26 22:28 ` [Qemu-devel] " Neo Jia
2016-01-26 23:30 ` Alex Williamson
2016-01-26 23:30 ` [Qemu-devel] " Alex Williamson
2016-01-27 9:14 ` Neo Jia
2016-01-27 9:14 ` [Qemu-devel] " Neo Jia
2016-01-27 16:10 ` Alex Williamson
2016-01-27 16:10 ` [Qemu-devel] " Alex Williamson
2016-01-27 21:48 ` Neo Jia
2016-01-27 21:48 ` [Qemu-devel] " Neo Jia
2016-01-27 8:06 ` Kirti Wankhede
2016-01-27 8:06 ` [Qemu-devel] " Kirti Wankhede
2016-01-27 16:00 ` Alex Williamson
2016-01-27 16:00 ` [Qemu-devel] " Alex Williamson
2016-01-27 20:55 ` Kirti Wankhede
2016-01-27 20:55 ` [Qemu-devel] " Kirti Wankhede
2016-01-27 21:58 ` Alex Williamson
2016-01-27 21:58 ` [Qemu-devel] " Alex Williamson
2016-01-28 3:01 ` Kirti Wankhede
2016-01-28 3:01 ` [Qemu-devel] " Kirti Wankhede
2016-01-26 7:41 ` Jike Song
2016-01-26 7:41 ` [Qemu-devel] " Jike Song
2016-01-26 14:05 ` Yang Zhang
2016-01-26 14:05 ` [Qemu-devel] " Yang Zhang
2016-01-26 16:37 ` Alex Williamson
2016-01-26 16:37 ` [Qemu-devel] " Alex Williamson
2016-01-26 21:21 ` Tian, Kevin
2016-01-26 21:21 ` [Qemu-devel] " Tian, Kevin
2016-01-26 21:30 ` Neo Jia
2016-01-26 21:30 ` [Qemu-devel] " Neo Jia
2016-01-26 21:43 ` Tian, Kevin
2016-01-26 21:43 ` [Qemu-devel] " Tian, Kevin
2016-01-26 21:43 ` Alex Williamson
2016-01-26 21:43 ` [Qemu-devel] " Alex Williamson
2016-01-26 21:50 ` Tian, Kevin
2016-01-26 21:50 ` [Qemu-devel] " Tian, Kevin
2016-01-26 22:07 ` Alex Williamson
2016-01-26 22:07 ` [Qemu-devel] " Alex Williamson
2016-01-26 22:15 ` Tian, Kevin
2016-01-26 22:15 ` [Qemu-devel] " Tian, Kevin
2016-01-26 22:27 ` Alex Williamson
2016-01-26 22:27 ` [Qemu-devel] " Alex Williamson
2016-01-26 22:39 ` Tian, Kevin
2016-01-26 22:39 ` [Qemu-devel] " Tian, Kevin
2016-01-26 22:56 ` Alex Williamson
2016-01-26 22:56 ` [Qemu-devel] " Alex Williamson
2016-01-27 1:47 ` Jike Song
2016-01-27 1:47 ` [Qemu-devel] " Jike Song
2016-01-27 3:07 ` Alex Williamson
2016-01-27 3:07 ` [Qemu-devel] " Alex Williamson
2016-01-27 5:43 ` Jike Song
2016-01-27 5:43 ` [Qemu-devel] " Jike Song
2016-01-27 16:19 ` Alex Williamson
2016-01-27 16:19 ` [Qemu-devel] " Alex Williamson
2016-01-28 6:00 ` Jike Song
2016-01-28 6:00 ` [Qemu-devel] " Jike Song
2016-01-28 15:23 ` Alex Williamson
2016-01-28 15:23 ` [Qemu-devel] " Alex Williamson
2016-01-29 7:20 ` Jike Song
2016-01-29 7:20 ` [Qemu-devel] " Jike Song
2016-01-29 8:49 ` [iGVT-g] " Jike Song
2016-01-29 8:49 ` [Qemu-devel] " Jike Song
2016-01-29 18:50 ` Alex Williamson
2016-01-29 18:50 ` [Qemu-devel] " Alex Williamson
2016-02-01 13:10 ` Gerd Hoffmann
2016-02-01 13:10 ` [Qemu-devel] " Gerd Hoffmann
2016-02-01 21:44 ` Alex Williamson [this message]
2016-02-01 21:44 ` Alex Williamson
2016-02-02 7:28 ` Gerd Hoffmann
2016-02-02 7:28 ` [Qemu-devel] " Gerd Hoffmann
2016-02-02 7:35 ` Zhiyuan Lv
2016-02-02 7:35 ` [Qemu-devel] " Zhiyuan Lv
2016-01-27 1:52 ` Yang Zhang
2016-01-27 1:52 ` [Qemu-devel] " Yang Zhang
2016-01-27 3:37 ` Alex Williamson
2016-01-27 3:37 ` [Qemu-devel] " Alex Williamson
2016-01-27 0:06 ` Jike Song
2016-01-27 0:06 ` [Qemu-devel] " Jike Song
2016-01-27 1:34 ` Yang Zhang
2016-01-27 1:34 ` [Qemu-devel] " Yang Zhang
2016-01-27 1:51 ` Jike Song
2016-01-27 1:51 ` [Qemu-devel] " Jike Song
2016-01-26 16:12 ` Alex Williamson
2016-01-26 16:12 ` [Qemu-devel] " Alex Williamson
2016-01-26 21:57 ` Tian, Kevin
2016-01-26 21:57 ` [Qemu-devel] " Tian, Kevin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1454363095.10542.10.camel@redhat.com \
--to=alex.williamson@redhat.com \
--cc=igvt-g@ml01.01.org \
--cc=jike.song@intel.com \
--cc=kraxel@redhat.com \
--cc=kvm@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=yang.zhang.wz@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.