From: "David Woodhouse" <dwmw2@infradead.org>
To: "Michael S. Tsirkin" <mst@redhat.com>
Cc: linux-s390 <linux-s390@vger.kernel.org>,
KVM <kvm@vger.kernel.org>, Marcel Apfelbaum <marcel.a@redhat.com>,
Benjamin Herrenschmidt <benh@kernel.crashing.org>,
Sebastian Ott <sebott@linux.vnet.ibm.com>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
Andy Lutomirski <luto@amacapital.net>,
Christian Borntraeger <borntraeger@de.ibm.com>,
Joerg Roedel <jroedel@suse.de>,
Martin Schwidefsky <schwidefsky@de.ibm.com>,
Paolo Bonzini <pbonzini@redhat.com>,
Linux Virtualization <virtualization@lists.linux-foundation.org>,
David Woodhouse <dwmw2@infradead.org>,
Christoph Hellwig <hch@lst.de>
Subject: Re: [PATCH v3 0/3] virtio DMA API core stuff
Date: Sun, 22 Nov 2015 22:21:34 -0000 [thread overview]
Message-ID: <adab330424e9faea591560c4097fc644.squirrel@twosheds.infradead.org> (raw)
In-Reply-To: <20151122231622-mutt-send-email-mst@redhat.com>
> There's that, and there's an "I care about security, but
> do not want to burn up cycles on fake protections that
> do not work" case.
It would seem to make most sense for this use case simply *not* to expose
virtio devices to guests as being behind an IOMMU at all. Sure, there are
esoteric use cases where the guest actually nests and runs further guests
inside itself and wants to pass through the virtio devices from the real
hardware host. But presumably those configurations will have multiple
virtio devices assigned by the host anyway, and further tweaking the
configuration to put them behind an IOMMU shouldn't be hard.
--
dwmw2
next prev parent reply other threads:[~2015-11-22 22:21 UTC|newest]
Thread overview: 55+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <cover.1446014204.git.luto@kernel.org>
2015-10-28 6:38 ` [PATCH v3 1/3] virtio_net: Stop doing DMA from the stack Andy Lutomirski
2015-10-28 6:38 ` [PATCH v3 2/3] virtio_ring: Support DMA APIs Andy Lutomirski
2015-10-28 6:39 ` [PATCH v3 3/3] virtio_pci: Use the DMA API Andy Lutomirski
2015-10-28 6:53 ` [PATCH v3 0/3] virtio DMA API core stuff David Woodhouse
2015-10-28 7:09 ` Andy Lutomirski
[not found] ` <a2b5cd8102594565dca91e9ed665ae2fff5367bb.1446014204.git.luto@kernel.org>
2015-10-28 7:08 ` [PATCH v3 1/3] virtio_net: Stop doing DMA from the stack Michael S. Tsirkin
2015-10-28 7:17 ` [PATCH v3 0/3] virtio DMA API core stuff Michael S. Tsirkin
2015-10-28 7:40 ` Christian Borntraeger
2015-10-28 8:09 ` David Woodhouse
2015-10-28 11:35 ` Michael S. Tsirkin
2015-10-28 13:35 ` David Woodhouse
2015-10-28 14:05 ` Michael S. Tsirkin
2015-10-28 14:13 ` David Woodhouse
2015-10-28 14:22 ` Michael S. Tsirkin
2015-10-28 14:32 ` David Woodhouse
2015-10-28 16:12 ` Michael S. Tsirkin
[not found] ` <20151028175136-mutt-send-email-mst@redhat.com>
2015-10-28 22:51 ` Andy Lutomirski
2015-10-29 9:01 ` Michael S. Tsirkin
2015-10-29 16:18 ` David Woodhouse
2015-11-08 10:37 ` Michael S. Tsirkin
2015-11-08 11:49 ` Joerg Roedel
2015-11-10 15:02 ` Michael S. Tsirkin
2015-11-10 18:54 ` Andy Lutomirski
2015-11-11 10:05 ` Michael S. Tsirkin
2015-11-11 15:56 ` Andy Lutomirski
[not found] ` <CALCETrWmZaQxS3-r9jsUb3BPhdLRbRrdZWok2geHnYKaWC4YKA@mail.gmail.com>
2015-11-11 22:30 ` David Woodhouse
[not found] ` <1447281027.3513.11.camel@infradead.org>
2015-11-12 11:09 ` Michael S. Tsirkin
2015-11-12 12:18 ` David Woodhouse
2015-11-22 13:06 ` Marcel Apfelbaum
2015-11-22 15:54 ` David Woodhouse
2015-11-22 17:04 ` Marcel Apfelbaum
2015-11-22 22:11 ` Michael S. Tsirkin
2015-11-08 12:00 ` David Woodhouse
2015-10-30 15:16 ` Joerg Roedel
2015-10-30 16:54 ` David Woodhouse
2015-11-03 10:24 ` Paolo Bonzini
[not found] ` <20151030151612.GB2704@suse.de>
2015-11-11 9:11 ` Michael S. Tsirkin
2015-10-28 8:36 ` Benjamin Herrenschmidt
2015-10-28 11:23 ` Michael S. Tsirkin
2015-10-28 13:37 ` David Woodhouse
2015-10-28 14:07 ` Michael S. Tsirkin
2015-11-19 13:45 ` Michael S. Tsirkin
[not found] ` <20151119153821-mutt-send-email-mst@redhat.com>
2015-11-19 21:59 ` Andy Lutomirski
2015-11-19 23:38 ` David Woodhouse
2015-11-20 2:56 ` Benjamin Herrenschmidt
2015-11-20 8:34 ` Michael S. Tsirkin
2015-11-20 8:21 ` Michael S. Tsirkin
2015-11-22 15:58 ` David Woodhouse
[not found] ` <1448207908.89124.54.camel@infradead.org>
2015-11-22 21:52 ` Michael S. Tsirkin
[not found] ` <20151122231622-mutt-send-email-mst@redhat.com>
2015-11-22 22:21 ` David Woodhouse [this message]
2015-11-23 7:56 ` Michael S. Tsirkin
2015-11-22 22:21 ` David Woodhouse
2015-11-20 6:56 ` Michael S. Tsirkin
2015-11-20 7:47 ` Michael S. Tsirkin
2015-10-28 6:38 Andy Lutomirski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=adab330424e9faea591560c4097fc644.squirrel@twosheds.infradead.org \
--to=dwmw2@infradead.org \
--cc=benh@kernel.crashing.org \
--cc=borntraeger@de.ibm.com \
--cc=hch@lst.de \
--cc=jroedel@suse.de \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-s390@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=marcel.a@redhat.com \
--cc=mst@redhat.com \
--cc=pbonzini@redhat.com \
--cc=schwidefsky@de.ibm.com \
--cc=sebott@linux.vnet.ibm.com \
--cc=virtualization@lists.linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).