From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S935678AbeCABml (ORCPT ); Wed, 28 Feb 2018 20:42:41 -0500 Received: from mail.kernel.org ([198.145.29.99]:43708 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932134AbeCABmk (ORCPT ); Wed, 28 Feb 2018 20:42:40 -0500 DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org B52E021748 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=kernel.org Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=sstabellini@kernel.org Date: Wed, 28 Feb 2018 17:42:38 -0800 (PST) From: Stefano Stabellini X-X-Sender: sstabellini@sstabellini-ThinkPad-X260 To: Julien Grall cc: Oleksandr Andrushchenko , xen-devel@lists.xenproject.org, "linux-kernel@vger.kernel.org" , dri-devel@lists.freedesktop.org, airlied@linux.ie, daniel.vetter@intel.com, seanpaul@chromium.org, gustavo@padovan.org, Juergen Gross , boris.ostrovsky@oracle.com, konrad.wilk@oracle.com, Oleksandr Andrushchenko , Stefano Stabellini , Wei Liu Subject: Re: [Xen-devel] [PATCH 0/9] drm/xen-front: Add support for Xen PV display frontend In-Reply-To: <4628e34f-5e7d-c2e6-d132-c1f4c1c25efd@arm.com> Message-ID: References: <1519200222-20623-1-git-send-email-andr2000@gmail.com> <4c7e6f65-1787-3815-22b5-f9495e388c06@gmail.com> <7e265c53-db9a-0946-6b1c-b946bcbb4100@gmail.com> <4628e34f-5e7d-c2e6-d132-c1f4c1c25efd@arm.com> User-Agent: Alpine 2.10 (DEB 1266 2009-07-14) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, 28 Feb 2018, Julien Grall wrote: > (+ Stefano and Wei) > > Hi, > > On 02/27/2018 12:40 PM, Oleksandr Andrushchenko wrote: > > Please find some more clarifications on VirtIO use with Xen > > (I would like to thank Xen community for helping with this) > > > > 1. Possible security issues - VirtIO devices are PCI bus masters, thus > > allowing real device (running, for example, in untrusted driver domain) > > to get control over guest's memory by writing to its memory > > > > 2. VirtIO currently uses GFNs written into the shared ring, without Xen > > grants support. This will require generic grant-mapping/sharing layer > > to be added to VirtIO. This is important. VirtIO doesn't allow for driver domains (running the backend inside a virtual machine). > > 3. VirtIO requires QEMU PCI emulation for setting up a device. Xen PV (and > > PVH) > > domains don't use QEMU for platform emulation in order to reduce attack > > surface. > > (PVH is in the process of gaining PCI config space emulation though, but it > > is > > optional, not a requirement) > I don't think the support of PCI configuration space emulation for PVH would > help there. The plan is to emulate in Xen, QEMU is still out of the equation > there. Right: there is no infrastructure to run IO emulation in userspace for PV, PVH and ARM guests. We do have a QEMU instance running for PV, PVH and ARM guests but only to implement PV backends, such as the vdispl backend for example, which are handling asynchronous requests from frontends using the traditional grant table maps/unmaps. > > 4. Most of the PV drivers a guest uses at the moment are Xen PV drivers, > > e.g. net, > > block, console, so only virtio-gpu will require QEMU to run. > > Although this use case would work on x86 it will require additional changes > > to get this running on ARM, which is my target platform. > > All type of guests but x86 HVM are not using QEMU for device emulation. > > I would even be stronger here. Using QEMU would require a significant amount > of engineering to make it work and increase the cost of safety certification > for automotive use cases. So IHMO, the Xen PV display solution is the best. > > The protocol was accepted and merged in Xen 4.9. This the standard way to have > para-virtualized display for guests on Xen. Having the driver merged in Linux > would help user to get out-of-box display in guest. That's right. I don't think it really makes sense to introduce virtio support in Xen on ARM as it is today. From mboxrd@z Thu Jan 1 00:00:00 1970 From: Stefano Stabellini Subject: Re: [Xen-devel] [PATCH 0/9] drm/xen-front: Add support for Xen PV display frontend Date: Wed, 28 Feb 2018 17:42:38 -0800 (PST) Message-ID: References: <1519200222-20623-1-git-send-email-andr2000@gmail.com> <4c7e6f65-1787-3815-22b5-f9495e388c06@gmail.com> <7e265c53-db9a-0946-6b1c-b946bcbb4100@gmail.com> <4628e34f-5e7d-c2e6-d132-c1f4c1c25efd@arm.com> Mime-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Return-path: Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by gabe.freedesktop.org (Postfix) with ESMTPS id 933506EBCA for ; Thu, 1 Mar 2018 01:42:40 +0000 (UTC) In-Reply-To: <4628e34f-5e7d-c2e6-d132-c1f4c1c25efd@arm.com> List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dri-devel-bounces@lists.freedesktop.org Sender: "dri-devel" To: Julien Grall Cc: Juergen Gross , Stefano Stabellini , Wei Liu , konrad.wilk@oracle.com, Oleksandr Andrushchenko , Oleksandr Andrushchenko , "linux-kernel@vger.kernel.org" , dri-devel@lists.freedesktop.org, airlied@linux.ie, daniel.vetter@intel.com, xen-devel@lists.xenproject.org, boris.ostrovsky@oracle.com List-Id: dri-devel@lists.freedesktop.org T24gV2VkLCAyOCBGZWIgMjAxOCwgSnVsaWVuIEdyYWxsIHdyb3RlOgo+ICgrIFN0ZWZhbm8gYW5k IFdlaSkKPiAKPiBIaSwKPiAKPiBPbiAwMi8yNy8yMDE4IDEyOjQwIFBNLCBPbGVrc2FuZHIgQW5k cnVzaGNoZW5rbyB3cm90ZToKPiA+IFBsZWFzZSBmaW5kIHNvbWUgbW9yZSBjbGFyaWZpY2F0aW9u cyBvbiBWaXJ0SU8gdXNlIHdpdGggWGVuCj4gPiAoSSB3b3VsZCBsaWtlIHRvIHRoYW5rIFhlbiBj b21tdW5pdHkgZm9yIGhlbHBpbmcgd2l0aCB0aGlzKQo+ID4gCj4gPiAxLiBQb3NzaWJsZSBzZWN1 cml0eSBpc3N1ZXMgLSBWaXJ0SU8gZGV2aWNlcyBhcmUgUENJIGJ1cyBtYXN0ZXJzLCB0aHVzCj4g PiBhbGxvd2luZyByZWFsIGRldmljZSAocnVubmluZywgZm9yIGV4YW1wbGUsIGluIHVudHJ1c3Rl ZCBkcml2ZXIgZG9tYWluKQo+ID4gdG8gZ2V0IGNvbnRyb2wgb3ZlciBndWVzdCdzIG1lbW9yeSBi eSB3cml0aW5nIHRvIGl0cyBtZW1vcnkKPiA+IAo+ID4gMi4gVmlydElPIGN1cnJlbnRseSB1c2Vz IEdGTnMgd3JpdHRlbiBpbnRvIHRoZSBzaGFyZWQgcmluZywgd2l0aG91dCBYZW4KPiA+IGdyYW50 cyBzdXBwb3J0LiBUaGlzIHdpbGwgcmVxdWlyZSBnZW5lcmljIGdyYW50LW1hcHBpbmcvc2hhcmlu ZyBsYXllcgo+ID4gdG8gYmUgYWRkZWQgdG8gVmlydElPLgoKVGhpcyBpcyBpbXBvcnRhbnQuIFZp cnRJTyBkb2Vzbid0IGFsbG93IGZvciBkcml2ZXIgZG9tYWlucyAocnVubmluZyB0aGUKYmFja2Vu ZCBpbnNpZGUgYSB2aXJ0dWFsIG1hY2hpbmUpLiAKCgo+ID4gMy4gVmlydElPIHJlcXVpcmVzIFFF TVUgUENJIGVtdWxhdGlvbiBmb3Igc2V0dGluZyB1cCBhIGRldmljZS4gWGVuIFBWIChhbmQKPiA+ IFBWSCkKPiA+IGRvbWFpbnMgZG9uJ3QgdXNlIFFFTVUgZm9yIHBsYXRmb3JtIGVtdWxhdGlvbiBp biBvcmRlciB0byByZWR1Y2UgYXR0YWNrCj4gPiBzdXJmYWNlLgo+ID4gKFBWSCBpcyBpbiB0aGUg cHJvY2VzcyBvZiBnYWluaW5nIFBDSSBjb25maWcgc3BhY2UgZW11bGF0aW9uIHRob3VnaCwgYnV0 IGl0Cj4gPiBpcwo+ID4gb3B0aW9uYWwsIG5vdCBhIHJlcXVpcmVtZW50KQo+IEkgZG9uJ3QgdGhp bmsgdGhlIHN1cHBvcnQgb2YgUENJIGNvbmZpZ3VyYXRpb24gc3BhY2UgZW11bGF0aW9uIGZvciBQ Vkggd291bGQKPiBoZWxwIHRoZXJlLiBUaGUgcGxhbiBpcyB0byBlbXVsYXRlIGluIFhlbiwgUUVN VSBpcyBzdGlsbCBvdXQgb2YgdGhlIGVxdWF0aW9uCj4gdGhlcmUuCgpSaWdodDogdGhlcmUgaXMg bm8gaW5mcmFzdHJ1Y3R1cmUgdG8gcnVuIElPIGVtdWxhdGlvbiBpbiB1c2Vyc3BhY2UgZm9yClBW LCBQVkggYW5kIEFSTSBndWVzdHMuIFdlIGRvIGhhdmUgYSBRRU1VIGluc3RhbmNlIHJ1bm5pbmcg Zm9yIFBWLCBQVkgKYW5kIEFSTSBndWVzdHMgYnV0IG9ubHkgdG8gaW1wbGVtZW50IFBWIGJhY2tl bmRzLCBzdWNoIGFzIHRoZSB2ZGlzcGwKYmFja2VuZCBmb3IgZXhhbXBsZSwgd2hpY2ggYXJlIGhh bmRsaW5nIGFzeW5jaHJvbm91cyByZXF1ZXN0cyBmcm9tCmZyb250ZW5kcyB1c2luZyB0aGUgdHJh ZGl0aW9uYWwgZ3JhbnQgdGFibGUgbWFwcy91bm1hcHMuCgoKPiA+IDQuIE1vc3Qgb2YgdGhlIFBW IGRyaXZlcnMgYSBndWVzdCB1c2VzIGF0IHRoZSBtb21lbnQgYXJlIFhlbiBQViBkcml2ZXJzLAo+ ID4gZS5nLiBuZXQsCj4gPiBibG9jaywgY29uc29sZSwgc28gb25seSB2aXJ0aW8tZ3B1IHdpbGwg cmVxdWlyZSBRRU1VIHRvIHJ1bi4KPiA+IEFsdGhvdWdoIHRoaXMgdXNlIGNhc2Ugd291bGQgd29y ayBvbiB4ODYgaXQgd2lsbCByZXF1aXJlIGFkZGl0aW9uYWwgY2hhbmdlcwo+ID4gdG8gZ2V0IHRo aXMgcnVubmluZyBvbiBBUk0sIHdoaWNoIGlzIG15IHRhcmdldCBwbGF0Zm9ybS4KPiAKPiBBbGwg dHlwZSBvZiBndWVzdHMgYnV0IHg4NiBIVk0gYXJlIG5vdCB1c2luZyBRRU1VIGZvciBkZXZpY2Ug ZW11bGF0aW9uLgo+IAo+IEkgd291bGQgZXZlbiBiZSBzdHJvbmdlciBoZXJlLiBVc2luZyBRRU1V IHdvdWxkIHJlcXVpcmUgYSBzaWduaWZpY2FudCBhbW91bnQKPiBvZiBlbmdpbmVlcmluZyB0byBt YWtlIGl0IHdvcmsgYW5kIGluY3JlYXNlIHRoZSBjb3N0IG9mIHNhZmV0eSBjZXJ0aWZpY2F0aW9u Cj4gZm9yIGF1dG9tb3RpdmUgdXNlIGNhc2VzLiBTbyBJSE1PLCB0aGUgWGVuIFBWIGRpc3BsYXkg c29sdXRpb24gaXMgdGhlIGJlc3QuCj4gCj4gVGhlIHByb3RvY29sIHdhcyBhY2NlcHRlZCBhbmQg bWVyZ2VkIGluIFhlbiA0LjkuIFRoaXMgdGhlIHN0YW5kYXJkIHdheSB0byBoYXZlCj4gcGFyYS12 aXJ0dWFsaXplZCBkaXNwbGF5IGZvciBndWVzdHMgb24gWGVuLiBIYXZpbmcgdGhlIGRyaXZlciBt ZXJnZWQgaW4gTGludXgKPiB3b3VsZCBoZWxwIHVzZXIgdG8gZ2V0IG91dC1vZi1ib3ggZGlzcGxh eSBpbiBndWVzdC4KClRoYXQncyByaWdodC4gSSBkb24ndCB0aGluayBpdCByZWFsbHkgbWFrZXMg c2Vuc2UgdG8gaW50cm9kdWNlIHZpcnRpbwpzdXBwb3J0IGluIFhlbiBvbiBBUk0gYXMgaXQgaXMg dG9kYXkuCl9fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fCmRy aS1kZXZlbCBtYWlsaW5nIGxpc3QKZHJpLWRldmVsQGxpc3RzLmZyZWVkZXNrdG9wLm9yZwpodHRw czovL2xpc3RzLmZyZWVkZXNrdG9wLm9yZy9tYWlsbWFuL2xpc3RpbmZvL2RyaS1kZXZlbAo=