On 29.04.20 12:20, Michael S. Tsirkin wrote:
On Wed, Apr 29, 2020 at 03:39:53PM +0530, Srivatsa Vaddagiri wrote:
That would still not work I think where swiotlb is used for pass-thr devices
(when private memory is fine) as well as virtio devices (when shared memory is
required).
So that is a separate question. When there are multiple untrusted
devices, at the moment it looks like a single bounce buffer is used.
Which to me seems like a security problem, I think we should protect
untrusted devices from each other.
Definitely. That's the model we have for ivshmem-virtio as well.
Jan
--
Siemens AG, Corporate Technology, CT RDA IOT SES-DE
Corporate Competence Center Embedded Linux
_______________________________________________
Virtualization mailing list
Virtualization@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/virtualization
