From mboxrd@z Thu Jan 1 00:00:00 1970 From: Joanna Rutkowska Subject: philosophically about IGD pass-through (was: feature suggestion: DMAR table emulation for Xen) Date: Fri, 14 May 2010 13:47:32 +0200 Message-ID: <4BED3854.9090801@invisiblethingslab.com> References: Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="===============0758093060==" Return-path: In-Reply-To: List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xensource.com Errors-To: xen-devel-bounces@lists.xensource.com To: Keir Fraser Cc: "Han, Weidong" , "Cihula, Joseph" , "Kay, Allen M" , "xen-devel@lists.xensource.com" List-Id: xen-devel@lists.xenproject.org This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --===============0758093060== Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enigDC97A8B71E2B4533627E0682" This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigDC97A8B71E2B4533627E0682 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On 05/14/2010 01:29 PM, Keir Fraser wrote: > On 14/05/2010 11:58, "Joanna Rutkowska" = > wrote: >=20 >> Well, we don't do graphics passthrough in Qubes, mostly for two reason= s: >> >> 1) We believe users prefer seamless integration of all apps onto one >> desktop (and that requires only one domain, e.g. Dom0, to have access = to >> the graphics card), >> >> 2) Giving a potentially untrusted domain full access to the graphics >> device creates a potential security risk. In fact, you cannot make suc= h >> an architecture secure without using TXT (yes, TXT in addition to VT-d= ). >> >> Do you do IGD passthrough in Xen Client? >=20 > Yes, particularly necessary to get decent 3D performance (e.g., Windows= > Aero). There are tricks to get security and performance (doing a mix of= > emulation and passthrough). >=20 It's good to distinguish 3D acceleration for the *Window Manager* vs. 3D acceleration for the *apps*. In Qubes we keep the Window Manager in Dom0, so, as long as the graphics driver is not broken, the Window Manager gets all the fancy 3D effects, just like on the native. The only(?) advantage you gain by using graphics passthorugh is for the apps. But is it really worth it? How many 3D-capable apps business users use today? Google Earth? Anything else? So, in order to support Google Earth, is it really worth to introduce potential VM escape attacks? joanna. --------------enigDC97A8B71E2B4533627E0682 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkvtOFUACgkQORdkotfEW86iPwCgn8+JR8zqo0/q8XQN5kteFP9E O+UAn0bBolivzx6n9e2omtvKYbECXPKN =escd -----END PGP SIGNATURE----- --------------enigDC97A8B71E2B4533627E0682-- --===============0758093060== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel --===============0758093060==--