Re: [Qemu-devel] [iGVT-g] VFIO based vGPU(was Re: [Announcement] 2015-Q3

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [iGVT-g] VFIO based vGPU(was Re: [Announcement] 2015-Q3

From:	Zhiyuan Lv
Subject:	Re: [Qemu-devel] [iGVT-g] VFIO based vGPU(was Re: [Announcement] 2015-Q3 release of XenGT - a Mediated ...)
Date:	Tue, 2 Feb 2016 15:35:10 +0800
User-agent:	Mutt/1.5.21 (2010-09-15)

Hi Gerd/Alex,

On Mon, Feb 01, 2016 at 02:44:55PM -0700, Alex Williamson wrote:
> On Mon, 2016-02-01 at 14:10 +0100, Gerd Hoffmann wrote:
> >   Hi,
> > 
> > > > Unfortunately it's not the only one. Another example is, device-model
> > > > may want to write-protect a gfn (RAM). In case that this request goes
> > > > to VFIO .. how it is supposed to reach KVM MMU?
> > > 
> > > Well, let's work through the problem.  How is the GFN related to the
> > > device?  Is this some sort of page table for device mappings with a base
> > > register in the vgpu hardware?
> > 
> > IIRC this is needed to make sure the guest can't bypass execbuffer
> > verification and works like this:
> > 
> >   (1) guest submits execbuffer.
> >   (2) host makes execbuffer readonly for the guest
> >   (3) verify the buffer (make sure it only accesses resources owned by
> >       the vm).
> >   (4) pass on execbuffer to the hardware.
> >   (5) when the gpu is done with it make the execbuffer writable again.
> 
> Ok, so are there opportunities to do those page protections outside of
> KVM?  We should be able to get the vma for the buffer, can we do
> something with that to make it read-only.  Alternatively can the vgpu
> driver copy it to a private buffer and hardware can execute from that?
> I'm not a virtual memory expert, but it doesn't seem like an
> insurmountable problem.  Thanks,

Originally iGVT-g used write-protection for privilege execbuffers, as Gerd
described. Now the latest implementation has removed wp to do buffer copy
instead, since the privilege command buffers are usually small. So that part
is fine.

But we need write-protection for graphics page table shadowing as well. Once
guest driver modifies gpu page table, we need to know that and manipulate
shadow page table accordingly. buffer copy cannot help here. Thanks!

Regards,
-Zhiyuan

> 
> Alex
> 
> _______________________________________________
> iGVT-g mailing list
> address@hidden
> https://lists.01.org/mailman/listinfo/igvt-g

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Qemu-devel] [iGVT-g] VFIO based vGPU(was Re: [Announcement] 2015-Q3 release of XenGT - a Mediated ...), Gerd Hoffmann, 2016/02/01
- Re: [Qemu-devel] [iGVT-g] VFIO based vGPU(was Re: [Announcement] 2015-Q3 release of XenGT - a Mediated ...), Alex Williamson, 2016/02/01
  - Re: [Qemu-devel] [iGVT-g] VFIO based vGPU(was Re: [Announcement] 2015-Q3 release of XenGT - a Mediated ...), Gerd Hoffmann, 2016/02/02
  - Re: [Qemu-devel] [iGVT-g] VFIO based vGPU(was Re: [Announcement] 2015-Q3 release of XenGT - a Mediated ...), Zhiyuan Lv <=

Prev by Date: Re: [Qemu-devel] [vfio-users] [PATCH v3 00/11] igd passthrough chipset tweaks
Next by Date: Re: [Qemu-devel] Strange monitor/stdout issue on qemu-system-sparc/qemu-system-ppc
Previous by thread: Re: [Qemu-devel] [iGVT-g] VFIO based vGPU(was Re: [Announcement] 2015-Q3 release of XenGT - a Mediated ...)
Next by thread: Re: [Qemu-devel] [PATCH v5 2/8] device_tree: introduce load_device_tree_from_sysfs
Index(es):
- Date
- Thread