[Xen-devel] [xen-summit-2019] Virtio Design Session

xen-devel.lists.xenproject.org archive mirror
 help / color / mirror / Atom feed

* [Xen-devel] [xen-summit-2019] Virtio Design Session
       [not found] <8d0e9ac7-0b27-8690-a3a6-41900b4028a7@arm.com>
@ 2019-07-25 12:16 ` Julien Grall
  0 siblings, 0 replies; only message in thread
From: Julien Grall @ 2019-07-25 12:16 UTC (permalink / raw)
  To: xen-devel
  Cc: Artem Mygaiev, Juergen Gross, lars.kurth, Stefano Stabellini,
	Oleksandr Andrushchenko, Paul Durrant, Roger Pau Monné

Hi,

Sorry I forgot the CC xen-devel.

On 25/07/2019 13:15, Julien Grall wrote:
> Hi all,
> 
> I don't have the e-mail address of all the attendees. Feel free to CC/forward to 
> anyone that should be involved.
> 
> First all thank you Artem for taking the notes. I tried to summarize them below. 
> Please let me know if I missed anything or wrongly summarized.
> 
> There was some interest to get virtio running on Xen. The scope was HVM/PVH/ARM 
> guests so existing transport (MMIO/PCI) can be re-used.
> 
> The topics discussed were:
> 
>     * Restricting virtio backend for guest memory access
> 
> At the moment, virtio backend has full access to the guest memory. Some 
> stakeholders using Xen (or other hypervisors) are concern about the security 
> impact. Two solutions have been suggested here:
>        - Implement using grant-table (Suggested by Juergen Gross)
>        - Use Virtio-IOMMU or a Xen PV IOMMU
> Dave Woodhouse, would be interested to see a diagram for PV IOMMU to do 
> translation. The backend for PV IOMMU would have to reside in Xen.
> 
> A cross-hypervisor solution would be ideal. We need to involve people outside of 
> Xen (Genevi? Matti? Gunnar?) and virtio specialists from Linux kernel (Paolo 
> Bonzini? Michael Tsirkin?)
> 
>    * Virtio frontend in Linux by-passing the DMA API
> 
> In order to implement a virtual IOMMU, virtio would have to use DMA API. David 
> Woodhouse suggested this was fix in recent kernel. We need to check if this the 
> case or fix it.
> 
>    * Backend memory exhaustion (XSA-300)
> 
> While this is not virtio specific, this is a blocker for general usuability on 
> Arm and x86 PVH dom0.
> 
>    * State of Art
> 
> Xen x86 contains most of the pieces to be able to use basic virtio MMIO/PCI. The 
> remaining bits are tools support for the configuration
> 
> Xen Arm requires implementation to forward guest MMIO access to a device model 
> (aka IOREQ). Most of the code could be re-used from x86. I have a PoC for this 
> which has been shared privately with EPAM so far.
> 
> 
>    * Next Steps/Actions
> 
>       - Send out Arm IOREQ support
>      - Partial PCI emulator for Arm
>      - Xen tools support for configuration
>      - Start discussion on security side involving people outside Xen.
> 
> Cheers,
> 

-- 
Julien Grall

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2019-07-25 12:16 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
     [not found] <8d0e9ac7-0b27-8690-a3a6-41900b4028a7@arm.com>
2019-07-25 12:16 ` [Xen-devel] [xen-summit-2019] Virtio Design Session Julien Grall

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).