On 07/12/17 21:56, Alex Williamson wrote: [...] >> Seems like VFIO should enforce this quota, since the IOMMU layer doesn't >> know which device is assigned to which VM. If it's the IOMMU that enforces >> quotas per device and a VM has 15 devices assigned, then the guest can >> still DoS the IOMMU. > > VFIO also doesn't know about VMs. We know that devices attached to the > same container are probably used by the same user, but once we add > viommu, each device(group) uses its own container and we have no idea > they're associated. So, no to VM based accounting, and it seems like > an IOMMU problem, X number of outstanding requests per device. Thanks,
Ok. It's not clear anyway how the architecture and implementations expect us to virtualize stall, I'll try to clarify it. Thanks, Jean _______________________________________________ iommu mailing list [email protected] https://lists.linuxfoundation.org/mailman/listinfo/iommu
