> -----Original Message----- > From: George Dunlap [mailto:george.dun...@citrix.com] > Sent: 27 September 2018 11:38 > To: Andrew Cooper <andrew.coop...@citrix.com>; xen- > de...@lists.xenproject.org > Cc: Isaila Alexandru <aisa...@bitdefender.com>; Jan Beulich > <jbeul...@suse.com>; Tim (Xen.org) <t...@xen.org>; Tamas K Lengyel > <tamas.leng...@zentific.com>; Paul Durrant <paul.durr...@citrix.com>; > Razvan Cojocaru <rcojoc...@bitdefender.com>; Suravee Suthikulpanit > <suravee.suthikulpa...@amd.com>; Brian Woods <brian.wo...@amd.com>; Boris > Ostrovsky <boris.ostrov...@oracle.com> > Subject: Re: [RFC PATCH 2/2] x86/mm: Add mem access rights to NPT > > On 09/26/2018 06:22 PM, Andrew Cooper wrote: > > On 26/09/18 17:47, George Dunlap wrote: > >> From: Isaila Alexandru <aisa...@bitdefender.com> > >> > >> This patch adds access control for NPT mode. > >> > >> There aren’t enough extra bits to store the access rights in the NPT > p2m > >> table, so we add a radix tree to store extra information. > > > > I'm sorry to re-open this argument, but why? > > > > ISTR there being some argument based on pagetable sharing with the > > IOMMU, but that doesn't work at the moment and can't reasonably be made > > to work. For one, attempting to use pt sharing will break as soon as > > you try and DMA to a mapped grant. > > > > I'm disinclined to let a broken vestigial feature get in the way of real > > improvements. > > > > Beyond that, an NPT PTE has basically the same number of software > > available bits as an EPT PTE. > > > > Am I missing anything? > > Wow -- looks like IOMMU/p2m sharing has been disabled unconditionally > since 2014. If nobody has complained since then, that seems like a good > enough reason to me to rip it out. > > Suravee / Brian / Boris -- any opinions? > > The main reason to go with the 'extra bits' solution rather than the > 'rip out iommu/p2m sharing' solution is because people have been > prognosticating for years that we would be running out of bits and need > more at some point in the future. I thought Paul, for instance, might > have a use for the extra bits. But I'm happy to wait until such time as > we need it and then fish this patch out of the mail archives. >
The main angle I had was to have a more generic page-to-type mapping such that it would be suitable to allow steering of accesses to certain pages to distinct IOREQ servers. Paul > -George _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel
