lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAHP4M8VxL3GJx0Ofhk4_AToD-J0X+_20QmfZpq06DuN4CKc15w@mail.gmail.com>
Date: Mon, 18 Nov 2024 23:30:32 +0530
From: Ajay Garg <ajaygargnsit@...il.com>
To: Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, iommu@...ts.linux-foundation.org, 
	kvm@...r.kernel.org, Linux Memory Management List <linux-mm@...ck.org>
Subject: Queries regarding consolidated picture of virtualization and SPT/EPT/IOMMU/DMAR/PT

Hi everyone.

I understand in a para-virtualization environment, VMM maintains a
shadow-page-table (SPT) per process per guest, for GVA => HPA
translation. The hardware/MMU is passed a single pointer to this
shadow-page-table. The guest is aware that it is running in a
virtualization environment, and communicates with VMM to help maintain
the shadow-page-table.

In full-virtualization/HVM virtualization, the guest is unaware that
it is running in a virtualized environment, and all GVA => GPA are
private. The VMM is obviously aware of all HVA => HPA mappings; plus
GPA => HVA is trivial as it's only an offset difference (Extended Page
Table, EPT). The hardware/MMU is passed three things :

        * Pointer to guest page-table, for GVA => GPA.
        * Offset, for GPA => HVA.
        * Pointer to host page-table, for HVA => HPA.

In both the above cases, DMA is a challenge (without IOMMU), as
device-addresses would need to be physically-contiguous. This would in
turn mean that all of  GPA needs to be physically-contiguous, which in
turn means that the host would need to spawn guest-process with all of
memory (HVA) which is physically-contiguous - very hard to meet
generally.

*_Kindly correct me if I have made a mistake so far at conceptual level._*


Now, enters IOMMU, providing the ability to DMA with non-contiguous
device-addresses.
Now, my queries are simple :

*
Is IOMMU DMA-Remapping mode (DMAR) analogous to a para-virtualization
environment (as per previous brief context)?

*
Is IOMMU Pass-through (PT) mode analogous to a HVM environment (as per
previous brief context)?


Many thanks in advance for your time; hopefully I have not been a
complete idiot ..


Thanks and Regards,
Ajay

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ