[Xen-changelog] [xen-unstable] xend: passthrough: add an option pci-passthrough-strict-check

[Xen patchbot-unstable <patchbot-unstable@xxxxxxxxxxxxxxxxxxx>]

# HG changeset patch
# User Keir Fraser <keir.fraser@xxxxxxxxxx>
# Date 1252327968 -3600
# Node ID f3076870465ff9953697aa2c9c1440e8058bc4e2
# Parent  7c8a33ed6decd74ef7de1e9e7941ac353e51aa0b
xend: passthrough: add an option pci-passthrough-strict-check

Currently when assigning device to HVM guest, we use the strict check
for HVM guest by default.(For PV guest we use loose check
automatically if necessary.)

When we assign device to HVM guest, if we meet with the co-assignment
issues or the ACS issue (see changeset 20081: 4a517458406f), we could
try changing the option to 'no' -- however, we have to realize this
may incur security issue and we can't make sure the device assignment
could really work properly even after we do this.

The option is located in /etc/xen/xend-config.sxp:
(pci-passthrough-strict-check yes)

Signed-off-by: Dexuan Cui <dexuan.cui@xxxxxxxxx>
---
 tools/examples/xend-config.sxp          |    7 +++++++
 tools/python/xen/util/pci.py            |    6 +++++-
 tools/python/xen/xend/XendDomainInfo.py |    5 ++++-
 tools/python/xen/xend/XendOptions.py    |    7 +++++++
 tools/python/xen/xend/server/pciif.py   |   14 ++++++++++++--
 5 files changed, 35 insertions(+), 4 deletions(-)

diff -r 7c8a33ed6dec -r f3076870465f tools/examples/xend-config.sxp
--- a/tools/examples/xend-config.sxp    Mon Sep 07 13:52:17 2009 +0100
+++ b/tools/examples/xend-config.sxp    Mon Sep 07 13:52:48 2009 +0100
@@ -260,3 +260,10 @@
 #(device-create-timeout 100)
 #(device-destroy-timeout 100)
 
+# When assigning device to HVM guest, we use the strict check for HVM guest by
+# default. (For PV guest, we use loose check automatically if necessary.)
+# When we assign device to HVM guest, if we meet with the co-assignment
+# issues or the ACS issue, we could try changing the option to 'no' -- however,
+# we have to realize this may incur security issue and we can't make sure the
+# device assignment could really work properly even after we do this.
+#(pci-passthrough-strict-check yes)
diff -r 7c8a33ed6dec -r f3076870465f tools/python/xen/util/pci.py
--- a/tools/python/xen/util/pci.py      Mon Sep 07 13:52:17 2009 +0100
+++ b/tools/python/xen/util/pci.py      Mon Sep 07 13:52:48 2009 +0100
@@ -1065,7 +1065,7 @@ class PciDevice:
                 ', but it is not owned by pciback or pci-stub.'
             raise PciDeviceAssignmentError(err_msg % (pci_dev, self.name))
 
-    def do_FLR(self, is_hvm):
+    def do_FLR(self, is_hvm, strict_check):
         """ Perform FLR (Functional Level Reset) for the device.
         """
         if self.dev_type == DEV_TYPE_PCIe_ENDPOINT:
@@ -1084,6 +1084,8 @@ class PciDevice:
                     funcs = self.find_all_the_multi_functions()
 
                     if not is_hvm and (len(funcs) > 1):
+                        return
+                    if is_hvm and not strict_check:
                         return
 
                     self.devs_check_driver(funcs)
@@ -1112,6 +1114,8 @@ class PciDevice:
                     del devs[0]
 
                     if not is_hvm and (len(devs) > 1):
+                        return
+                    if is_hvm and not strict_check:
                         return
 
                     self.devs_check_driver(devs)
diff -r 7c8a33ed6dec -r f3076870465f tools/python/xen/xend/XendDomainInfo.py
--- a/tools/python/xen/xend/XendDomainInfo.py   Mon Sep 07 13:52:17 2009 +0100
+++ b/tools/python/xen/xend/XendDomainInfo.py   Mon Sep 07 13:52:48 2009 +0100
@@ -311,7 +311,7 @@ def do_FLR(domid, is_hvm):
         except Exception, e:
             raise VmError("pci: failed to locate device and "+
                     "parse it's resources - "+str(e))
-        dev.do_FLR(is_hvm)
+        dev.do_FLR(is_hvm, xoptions.get_pci_dev_assign_strict_check())
 
 class XendDomainInfo:
     """An object represents a domain.
@@ -709,6 +709,9 @@ class XendDomainInfo:
 
         # PV guest has less checkings.
         if not self.info.is_hvm():
+            return
+
+        if not xoptions.get_pci_dev_assign_strict_check():
             return
 
         # Check if there is intermediate PCIe switch bewteen the device and
diff -r 7c8a33ed6dec -r f3076870465f tools/python/xen/xend/XendOptions.py
--- a/tools/python/xen/xend/XendOptions.py      Mon Sep 07 13:52:17 2009 +0100
+++ b/tools/python/xen/xend/XendOptions.py      Mon Sep 07 13:52:48 2009 +0100
@@ -148,6 +148,10 @@ class XendOptions:
     """Default timeout for device destruction."""
     device_destroy_timeout_default = 100
 
+    """By default, we use the strict check for HVM guest. (For PV guest, we
+    use loose check automatically if necessary."""
+    pci_dev_assign_strict_check_default = True
+
     def __init__(self):
         self.configure()
 
@@ -413,6 +417,9 @@ class XendOptions:
         return self.get_config_int("device-destroy-timeout",
                                    self.device_destroy_timeout_default)
 
+    def get_pci_dev_assign_strict_check(self):
+        return self.get_config_bool("pci-passthrough-strict-check",
+                                    self.pci_dev_assign_strict_check_default)
 
 class XendOptionsFile(XendOptions):
 
diff -r 7c8a33ed6dec -r f3076870465f tools/python/xen/xend/server/pciif.py
--- a/tools/python/xen/xend/server/pciif.py     Mon Sep 07 13:52:17 2009 +0100
+++ b/tools/python/xen/xend/server/pciif.py     Mon Sep 07 13:52:48 2009 +0100
@@ -21,6 +21,9 @@ import time
 import time
 
 from xen.xend import sxp
+from xen.xend import XendOptions
+xoptions = XendOptions.instance()
+
 from xen.xend import arch
 from xen.xend.XendError import VmError
 from xen.xend.XendLogging import log
@@ -356,6 +359,7 @@ class PciController(DevController):
         if len(pci_str_list) != len(set(pci_str_list)):
             raise VmError('pci: duplicate devices specified in guest config?')
 
+        strict_check = xoptions.get_pci_dev_assign_strict_check()
         for pci_dev in pci_dev_list:
             try:
                 dev = PciDevice(pci_dev)
@@ -365,7 +369,8 @@ class PciController(DevController):
 
             # Check if there is intermediate PCIe switch bewteen the device and
             # Root Complex.
-            if self.vm.info.is_hvm() and dev.is_behind_switch_lacking_acs():
+            if self.vm.info.is_hvm() and dev.is_behind_switch_lacking_acs() \
+                and strict_check:
                 err_msg = 'pci: to avoid potential security issue, %s is not'+\
                         ' allowed to be assigned to guest since it is behind'+\
                         ' PCIe switch that does not support or enable ACS.'
@@ -381,6 +386,8 @@ class PciController(DevController):
                     log.warn(err_msg % dev.name)
                 else:
                     if not self.vm.info.is_hvm():
+                        continue
+                    if not strict_check:
                         continue
 
                     funcs = dev.find_all_the_multi_functions()
@@ -405,6 +412,8 @@ class PciController(DevController):
                 else:
                     if not self.vm.info.is_hvm():
                         continue
+                    if not strict_check:
+                        continue
 
                     # All devices behind the uppermost PCI/PCI-X bridge must 
be\
                     # co-assigned to the same guest.
@@ -466,7 +475,8 @@ class PciController(DevController):
 
         # Need to do FLR here before deassign device in order to terminate
         # DMA transaction, etc
-        dev.do_FLR(self.vm.info.is_hvm())
+        dev.do_FLR(self.vm.info.is_hvm(),
+            xoptions.get_pci_dev_assign_strict_check())
 
         bdf = xc.deassign_device(fe_domid, pci_dict_to_xc_str(pci_dev))
         pci_str = pci_dict_to_bdf_str(pci_dev)

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog