From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 78F47C433F5 for ; Fri, 24 Sep 2021 23:59:41 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 04504610F7 for ; Fri, 24 Sep 2021 23:59:40 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 04504610F7 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=invisiblethingslab.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=lists.xenproject.org Received: from list by lists.xenproject.org with outflank-mailman.195730.348567 (Exim 4.92) (envelope-from ) id 1mTv6J-0000NA-MC; Fri, 24 Sep 2021 23:59:31 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 195730.348567; Fri, 24 Sep 2021 23:59:31 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1mTv6J-0000N3-Io; Fri, 24 Sep 2021 23:59:31 +0000 Received: by outflank-mailman (input) for mailman id 195730; Fri, 24 Sep 2021 23:59:30 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1mTv6I-0000Mv-Gm for xen-devel@lists.xenproject.org; Fri, 24 Sep 2021 23:59:30 +0000 Received: from new1-smtp.messagingengine.com (unknown [66.111.4.221]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id f726a939-066d-47d4-b114-0ea74bd941e5; Fri, 24 Sep 2021 23:59:29 +0000 (UTC) Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailnew.nyi.internal (Postfix) with ESMTP id 4251A580E9D; Fri, 24 Sep 2021 19:59:29 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute3.internal (MEProxy); Fri, 24 Sep 2021 19:59:29 -0400 Received: by mail.messagingengine.com (Postfix) with ESMTPA; Fri, 24 Sep 2021 19:59:26 -0400 (EDT) X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: f726a939-066d-47d4-b114-0ea74bd941e5 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; bh=D3+aV5 pdnNgiVBKhSk9fIgGRiazPjnt4ThMKaQG4k6Y=; b=SpyX4SqT3VyudFwA/TLXma xC6kmBiBViHTKXLD6n2o9iABbnceZyRegDybfOXiazh3LawiM2lPS2oxcgqyaYTH akHqSgmeG6AVcR96mxERYS2DlbpOrkg0YLwGposQIm4u04sk4uEMBkmS3HcYrP9G ZYAT5c670xxVbSi0SGq+DrfOma/RD0rFWFOpvuRDjja+yqb12SNxLIx9bpVwG7h/ gaII18IwQKs8PwOnjVnzVPgs0moy1B3+kjdxMO7WYWwUeSzrPqjxEjKfC7qsmAyS cqgSGHb1dnI+ANP8FrHqGtKw+aJwM+LRjbJ+Wcbv4qkzhl/zb6NEadwvZY96GM/Q == X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvtddrudejvddgvdekucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepfffhvffukfhfgggtuggjsehgtderredttdejnecuhfhrohhmpeforghrvghk ucforghrtgiihihkohifshhkihdqifpkrhgvtghkihcuoehmrghrmhgrrhgvkhesihhnvh hishhisghlvghthhhinhhgshhlrggsrdgtohhmqeenucggtffrrghtthgvrhhnpeegudfg hfegfeeigfegtdetgefghfekgfeihfduhefhleeuvddvvdetiedvudeltdenucffohhmrg hinheprghtlhgrshhsihgrnhdrnhgvthdpgigvnhhprhhojhgvtghtrdhorhhgnecuvehl uhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepmhgrrhhmrghrvg hksehinhhvihhsihgslhgvthhhihhnghhslhgrsgdrtghomh X-ME-Proxy: Date: Sat, 25 Sep 2021 01:59:23 +0200 From: Marek =?utf-8?Q?Marczykowski-G=C3=B3recki?= To: Alex =?utf-8?Q?Benn=C3=A9e?= Cc: Stratos Mailing List , Mike Holmes , Mathieu Poirier , Viresh Kumar , Peter Griffin , xen-devel@lists.xenproject.org, wl@xen.org, Artem Mygaiev , Andrew Cooper , Stefano Stabellini , Doug Goldstein , Oleksandr Tyshchenko , Rust-VMM Mailing List , Sergio Lopez , Stefan Hajnoczi , David Woodhouse Subject: Re: Xen Rust VirtIO demos work breakdown for Project Stratos Message-ID: References: <87pmsylywy.fsf@linaro.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="AHnRrpNF9QyKNyZE" Content-Disposition: inline In-Reply-To: <87pmsylywy.fsf@linaro.org> --AHnRrpNF9QyKNyZE Content-Type: text/plain; protected-headers=v1; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Date: Sat, 25 Sep 2021 01:59:23 +0200 From: Marek =?utf-8?Q?Marczykowski-G=C3=B3recki?= To: Alex =?utf-8?Q?Benn=C3=A9e?= Cc: Stratos Mailing List , Mike Holmes , Mathieu Poirier , Viresh Kumar , Peter Griffin , xen-devel@lists.xenproject.org, wl@xen.org, Artem Mygaiev , Andrew Cooper , Stefano Stabellini , Doug Goldstein , Oleksandr Tyshchenko , Rust-VMM Mailing List , Sergio Lopez , Stefan Hajnoczi , David Woodhouse Subject: Re: Xen Rust VirtIO demos work breakdown for Project Stratos On Fri, Sep 24, 2021 at 05:02:46PM +0100, Alex Benn=C3=A9e wrote: > Hi, Hi, > 2.1 Stable ABI for foreignmemory mapping to non-dom0 ([STR-57]) > =E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80= =E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2= =94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94= =80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80= =E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2= =94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94= =80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80= =E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80 >=20 > Currently the foreign memory mapping support only works for dom0 due > to reference counting issues. If we are to support backends running in > their own domains this will need to get fixed. >=20 > Estimate: 8w >=20 >=20 > [STR-57] I'm pretty sure it was discussed before, but I can't find relevant (part of) thread right now: does your model assumes the backend (running outside of dom0) will gain ability to map (or access in other way) _arbitrary_ memory page of a frontend domain? Or worse: any domain? That is a significant regression in terms of security model Xen provides. It would give the backend domain _a lot more_ control over the system that it normally has with Xen PV drivers - negating significant part of security benefits of using driver domains. So, does the above require frontend agreeing (explicitly or implicitly) for accessing specific pages by the backend? There were several approaches to that discussed, including using grant tables (as PV drivers do), vIOMMU(?), or even drastically different model with no shared memory at all (Argo). Can you clarify which (if any) approach your attempt of VirtIO on Xen will use? A more general idea: can we collect info on various VirtIO on Xen approaches (since there is more than one) in a single place, including: - key characteristics, differences - who is involved - status - links to relevant threads, maybe I'd propose to revive https://wiki.xenproject.org/wiki/Virtio_On_Xen --=20 Best Regards, Marek Marczykowski-G=C3=B3recki Invisible Things Lab --AHnRrpNF9QyKNyZE Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAmFOZlsACgkQ24/THMrX 1yznCgf+PxWtKZFIkMoii7nrqq1zsVOOz1nD0JyDJ6nL66bRTK2L2IH4kZkZaCZF hSwGSjPU2ulafdtyDwNbMkezDqREjfQ2QfNwZ9s/d/J7i+kujFlWrbNyf8EOvADy BFTafXlE6wv0BwLHu5qNx9QrJ1rhK1pFFqWXr8+bgTlkyJ1XdYg6QCbK8+Z2lGFD IMhLIfUOkzYJzCjSgQrDUh0GIejgEs5XtZGJkJOg+5oto3sGk941Ypf1f0137HE+ KQEi8PB949kdDq6AiSQ6WohylBu4crSYqDjKSqB8mdmC06JWEzDumfPsx18TU/TM JWvdlcY04hj37zcN+MEmA1La+B/Rbw== =hcgf -----END PGP SIGNATURE----- --AHnRrpNF9QyKNyZE--