|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH 0/2] AMD IOMMU: XSA-36 follow ups
>>> On 08.02.13 at 15:29, Boris Ostrovsky <boris.ostrovsky@xxxxxxxxxx> wrote: > ----- JBeulich@xxxxxxxx wrote: > >> >>> On 06.02.13 at 14:04, "Jan Beulich" <JBeulich@xxxxxxxx> wrote: >> > A regression was reported on a class of broken firmware that c/s >> > 26517:601139e2b0db didn't consider, leading to a boot time crash. >> >> After some more thought on this and the comments we got >> regarding disabling the IOMMU in this situation altogether making >> things worse instead of better, I came to the conclusion that we >> can actually restrict the action in affected cases to just disabling >> interrupt remapping. That doesn't make the situation worse than >> prior to the XSA-36 fixes (where interrupt remapping didn't really >> protect domains from one another), but allows at least DMA >> isolation to still be utilized. Patch 3/2 below/attached. > > But now users who don't examine log messages may not realize > that interupt remapping is disabled and therefore the system can be > affected by XSA-36. Yes. We need to balance these against one another - I see pros and cons in both (and I don't mind dropping this additional patch if we collectively come to the conclusion that the way it is now - with the one earlier fix - is the better state). So I'm really interested in others' opinions. > With current code (boot option to use global remapping table) users > are explicitly agreeing to allow for possibility of cross-domain interrupt > attack. > > Also, I think it may not be a bad idea to have AMD folks test you earlier > patch on multi-IOMMU system (and simulate bad IVRS) to see how it behaves > there. That would indeed be very desirable. Jan _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |