From mboxrd@z Thu Jan  1 00:00:00 1970
From: Eduard - Gabriel Munteanu <eduard.munteanu@linux360.ro>
Subject: Re: [Qemu-devel] Re: Status update
Date: Fri, 2 Jul 2010 20:17:43 +0300
Message-ID: <20100702171743.GB6809@localhost>
References: <20100629172522.GA8227@localhost>
 <AANLkTimZRp6xusr_o2W58_avpbhrgxDHbEp0gjYUY8jp@mail.gmail.com>
 <20100701193034.GA7421@localhost>
 <AANLkTinZ6TlNB71KTH9CjhH3wTn4TuAZ5wbceg-Kue4-@mail.gmail.com>
 <20100702094155.GC16712@valinux.co.jp>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Cc: Stefan Hajnoczi <stefanha@gmail.com>, qemu-devel@nongnu.org,
	joro@8bytes.org, paul@codesourcery.com, kvm@vger.kernel.org,
	avi@redhat.com
To: Isaku Yamahata <yamahata@valinux.co.jp>
Return-path: <kvm-owner@vger.kernel.org>
Received: from mail-bw0-f46.google.com ([209.85.214.46]:49378 "EHLO
	mail-bw0-f46.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1759311Ab0GBRSo (ORCPT <rfc822;kvm@vger.kernel.org>);
	Fri, 2 Jul 2010 13:18:44 -0400
Received: by bwz1 with SMTP id 1so1713486bwz.19
        for <kvm@vger.kernel.org>; Fri, 02 Jul 2010 10:18:42 -0700 (PDT)
Content-Disposition: inline
In-Reply-To: <20100702094155.GC16712@valinux.co.jp>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

On Fri, Jul 02, 2010 at 06:41:55PM +0900, Isaku Yamahata wrote:
> On Fri, Jul 02, 2010 at 09:03:39AM +0100, Stefan Hajnoczi wrote:
> > On Thu, Jul 1, 2010 at 8:30 PM, Eduard - Gabriel Munteanu
> > <eduard.munteanu@linux360.ro> wrote:
> > > But suddenly the guest OS changes mappings and expects the IOMMU to
> > > enforce them as soon as invalidation commands are completed. The guest
> > > then reclaims the old space for other uses. This leaves an opportunity
> > > for those processes to corrupt or read sensitive data.
> 
> In such a case, OS should put device into quiescence by reset like
> pci bus reset or pcie function level reset.
> pci bus reset patch hasn't been merged yet, though.
> It needs clean up/generalization.
> 
> -- 
> yamahata

I wouldn't count on that. When the IOMMU notifies software of command
completion, then that notification should be correct. So if we count on
'pci bus reset' we either don't execute INVALIDATE_* and COMPLETION_WAIT
commands, or we issue bogus notifications (e.g. they'd be nops). That
goes against the specs, and I'm not sure there's any good reason a
non-KVM/QEMU-aware OS would reset the device in _all_ cases.

For some background on this, mappings updates are followed by
INVALIDATE_* commands and then a COMPLETION_WAIT (to wait for
invalidation to finish).


	Eduard