[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [xen-4.2-testing] AMD, IOMMU: Make per-device interrupt remapping table default

  • To: xen-changelog@xxxxxxxxxxxxxxxxxxx
  • From: Xen patchbot-4.2-testing <patchbot@xxxxxxx>
  • Date: Wed, 06 Feb 2013 18:55:19 +0000
  • Delivery-date: Wed, 06 Feb 2013 18:55:28 +0000
  • List-id: "Change log for Mercurial \(receive only\)" <xen-changelog.lists.xen.org>
# HG changeset patch
# User Boris Ostrovsky <boris.ostrovsky@xxxxxxx>
# Date 1360074659 -3600
# Node ID b8a523d9f14c41ad3171a4b599cb78f9a76892cf
# Parent  43308c02c07dc5e161a2ff84c7c2d0d9e637a7c7
AMD,IOMMU: Make per-device interrupt remapping table default

Using global interrupt remapping table may be insecure, as
described by XSA-36. This patch makes per-device mode default.

This is XSA-36 / CVE-2013-0153.

Signed-off-by: Boris Ostrovsky <boris.ostrovsky@xxxxxxx>

Moved warning in amd_iov_detect() to location covering all cases.

Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
xen-unstable changeset: 26519:1af531e7bc2f
xen-unstable date: Tue Feb  5 14:22:11 UTC 2013
---


diff -r 43308c02c07d -r b8a523d9f14c xen/arch/x86/irq.c
--- a/xen/arch/x86/irq.c        Tue Feb 05 15:30:31 2013 +0100
+++ b/xen/arch/x86/irq.c        Tue Feb 05 15:30:59 2013 +0100
@@ -1942,9 +1942,6 @@ int map_domain_pirq(
         spin_lock_irqsave(&desc->lock, flags);
         set_domain_irq_pirq(d, irq, info);
         spin_unlock_irqrestore(&desc->lock, flags);
-
-        if ( opt_irq_vector_map == OPT_IRQ_VECTOR_MAP_PERDEV )
-            printk(XENLOG_INFO "Per-device vector maps for GSIs not 
implemented yet.\n");
     }
 
 done:
diff -r 43308c02c07d -r b8a523d9f14c xen/drivers/passthrough/amd/pci_amd_iommu.c
--- a/xen/drivers/passthrough/amd/pci_amd_iommu.c       Tue Feb 05 15:30:31 
2013 +0100
+++ b/xen/drivers/passthrough/amd/pci_amd_iommu.c       Tue Feb 05 15:30:59 
2013 +0100
@@ -205,6 +205,8 @@ int __init amd_iov_detect(void)
     {
         printk("AMD-Vi: Not overriding irq_vector_map setting\n");
     }
+    if ( !amd_iommu_perdev_intremap )
+        printk(XENLOG_WARNING "AMD-Vi: Using global interrupt remap table is 
not recommended (see XSA-36)!\n");
     return scan_pci_devices();
 }
 
diff -r 43308c02c07d -r b8a523d9f14c xen/drivers/passthrough/iommu.c
--- a/xen/drivers/passthrough/iommu.c   Tue Feb 05 15:30:31 2013 +0100
+++ b/xen/drivers/passthrough/iommu.c   Tue Feb 05 15:30:59 2013 +0100
@@ -52,7 +52,7 @@ bool_t __read_mostly iommu_qinval = 1;
 bool_t __read_mostly iommu_intremap = 1;
 bool_t __read_mostly iommu_hap_pt_share = 1;
 bool_t __read_mostly iommu_debug;
-bool_t __read_mostly amd_iommu_perdev_intremap;
+bool_t __read_mostly amd_iommu_perdev_intremap = 1;
 
 DEFINE_PER_CPU(bool_t, iommu_dont_flush_iotlb);
 

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.