lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 20 Nov 2008 08:51:39 +0100
From:	Ingo Molnar <mingo@...e.hu>
To:	FUJITA Tomonori <fujita.tomonori@....ntt.co.jp>
Cc:	muli@...ibm.com, joerg.roedel@....com,
	iommu@...ts.linux-foundation.org, mingo@...hat.com,
	linux-kernel@...r.kernel.org
Subject: Re: [GIT PULL] AMD IOMMU updates for 2.6.28-rc5


* FUJITA Tomonori <fujita.tomonori@....ntt.co.jp> wrote:

> > > It had been the default option for AMD IOMMU until you hit the 
> > > bugs. IIRC, VT-d also shares a protection domain by default. It 
> > > would be nice to avoid surprising users if the two 
> > > virtualization IOMMUs works in the similar way.
> > 
> > Calgary has a per-bus protection domain, both on x86 and PPC.
> 
> I see. Then it might be better to change VT-d to use a separate 
> protection domain by default.

yes, agreed, and that should be the sane default for any IOMMU driver 
- unless the performance impact is prohibitive.

Note that this widens the positive impact of the IOMMU code: not only 
does it enable transparent support of DMA to/from devices that have a 
limited DMA range, not only does it help isolation in virtualization - 
it also acts as a daily debug helper for _native_ drivers.

Note that people will prefer to run with an IOMMU enabled even if all 
devices support the full memory range - just due to the DMA protection 
features. Just like people prefer to run an OS with paging protections 
enabled ;-)

It also puts pressure on the hw design side to treat IOMMUs not just 
as some fringe feature for compatibility with older transports or 
virtualization, but also as a prime-time native IO feature.

	Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ