On 09/26/2018 06:22 PM, Andrew Cooper wrote: > On 26/09/18 17:47, George Dunlap wrote: >> From: Isaila Alexandru <aisa...@bitdefender.com> >> >> This patch adds access control for NPT mode. >> >> There aren’t enough extra bits to store the access rights in the NPT p2m >> table, so we add a radix tree to store extra information. > > I'm sorry to re-open this argument, but why? > > ISTR there being some argument based on pagetable sharing with the > IOMMU, but that doesn't work at the moment and can't reasonably be made > to work. For one, attempting to use pt sharing will break as soon as > you try and DMA to a mapped grant. > > I'm disinclined to let a broken vestigial feature get in the way of real > improvements. > > Beyond that, an NPT PTE has basically the same number of software > available bits as an EPT PTE. > > Am I missing anything?
Wow -- looks like IOMMU/p2m sharing has been disabled unconditionally since 2014. If nobody has complained since then, that seems like a good enough reason to me to rip it out. Suravee / Brian / Boris -- any opinions? The main reason to go with the 'extra bits' solution rather than the 'rip out iommu/p2m sharing' solution is because people have been prognosticating for years that we would be running out of bits and need more at some point in the future. I thought Paul, for instance, might have a use for the extra bits. But I'm happy to wait until such time as we need it and then fish this patch out of the mail archives. -George _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel
