[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] S3 crash with VTD Queue Invalidation enabled



>>> On 14.06.13 at 20:27, Ben Guthro <ben@xxxxxxxxxx> wrote:
> I did a little more bisecting of our builds, and it appears I was not
> actually testing the version that I thought I was here, and once I did
> some bisection, I found it got inadvertently fixed by another change
> someone else committed to solve an unrelated problem.
> 
> The following changes
> 
> Revert:
> http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c7 
> 9c49826270b8b0061b2fca840fc3f013c8a78a
> 
> Apply:
> https://lkml.org/lkml/2012/2/10/229 
> 
> I don't have a good explanation as to why re-enabling PAT would change
> the behavior of this IOMMU feature...but I have a very reproducible
> test case showing that it, in fact does.

Now, while this is good news in terms of knowing at least something
that addresses (or more likely works around) the issue, this still
leaves Xen at the mercy of the kernel running in the domain owning
the IGD. I.e. still a latent security issue. We really need to find a
solution that's independent of the guest kernel.

Xiantao - we certainly will need your (Intel's) help with this, and a
first step might be understanding how the above mentioned kernel
side changes can result in masking the observed problem.

Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.