Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Question about isolation of DMA masters between domains
Hello, we have been using the DornerWorks MPSoC Xen distribution for a few weeks now and have had a very good experience so far.  I do have one question about isolation of DMA masters between domains as follows.  We have been able to configure a pass-through serial port using an analogous procedure to what you describe in the "Xen Zynq Distribution (XZD) UART Pass Through How To Guide":
What I haven't seen any reference to in your documentation is how to restrict the physical memory to which a DMA-capable peripheral has access.  I would expect Xen to use the SMMU to prohibit a DMA-capable peripheral from being able to access any memory except what is assigned to the domU VM that is controlling the peripheral.  Or perhaps a better system would configure the SMMU whenever a driver allocates a DMA buffer, such that the peripheral can only access specific buffers that are allocated by the guest OS.  However, I haven't been able to find any documentation online describing how to do this.  Is this possible, and if so how?
Thanks very much in advance for your help with this question!

When a guest is passed through a device that is DMA-capable, Xen configures the SMMU to use the guest's stage-2 translation tables for that device, restricting that device's DMA access to that guest's intermediate physical address range.

We welcome any follow-up questions you might have to help flesh out this answer.


Hi Jarvis:

Thank you very much for the quick reply!  This definitely answers my question.  Could you point me to a particular function in the Xen source that sets up the stage 2 mapping in the SMMU when a domain is created?  I'd like to educate myself a little bit more about how this process works.


Probably the best place to look is in the Xen SMMU driver.  It can be found in the Xen source folder in your Petalinux project (Should be named Xilinx-ZynqMP by default) here:

This file is fairly well commented and borrows heavily from the Linux SMMU/IOMMU driver, so if you've worked with it in Linux, it should look pretty familiar.  There's some Xen specific code toward the beginning and then it's mostly Linux code with various comments throughout describing changes made for Xen, and then around ~ line 2531 the Xen specific code starts up again.  It's that latter code that deals primarily with setting up the SMMU for domU's.

As a heads up, note some terminology overlap that can make things confusing: Xen uses the word "domain" to describe a guest virtual machine, but in the driver there are also "SMMU domains" (check out the ARM documentation on the SMMU for more info on that if you're interested) which are not the same thing.  What's worse is occasionally, particularly in the Linux code portion, they use just the word "domain" to refer to an "SMMU domain" which further confuses things.

Hope that helps.

- Josh
Hi Josh:

Thank you very much for the information!  Your notes about the Xen versus Linux division of the driver and the domain nomenclature are very helpful.  Not being very familiar with the Linux memory management architecture, I have also been looking for general overviews such as this one:

If you have any other useful links they would be much appreciated.  Otherwise, I will continue digging through the code to educate myself.

Take care,

Forum Jump:

Users browsing this thread: 1 Guest(s)