[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] x86/msi: Validate the guest-identified PCI devices in pci_prepare_msix()

To: "Andrew Cooper" <andrew.cooper3@xxxxxxxxxx>, "Konrad Rzeszutek Wilk" <konrad.wilk@xxxxxxxxxx>
From: "Jan Beulich" <JBeulich@xxxxxxxx>
Date: Wed, 22 Jan 2014 12:08:42 +0000
Cc: George Dunlap <george.dunlap@xxxxxxxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxx>
Delivery-date: Wed, 22 Jan 2014 12:08:57 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

>>> On 22.01.14 at 11:28, Andrew Cooper <andrew.cooper3@xxxxxxxxxx> wrote:
> On 22/01/14 09:49, Jan Beulich wrote:
>>>>> On 22.01.14 at 05:31, Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> 
>>>>> wrote:
>>> See attached (and relevant part inlined).
>>> ...
>>> (XEN) [2014-01-22 12:27:07] Xen call trace:
>>> (XEN) [2014-01-22 12:27:07]    [<ffff82d0801683a2>] 
> msix_capability_init+0x1dc/0x603
>>> (XEN) [2014-01-22 12:27:07]    [<ffff82d080168987>] 
>>> pci_enable_msi+0x1be/0x4d7
>>> (XEN) [2014-01-22 12:27:07]    [<ffff82d08016c65c>] 
>>> map_domain_pirq+0x222/0x5ad
>>> (XEN) [2014-01-22 12:27:07]    [<ffff82d08017f104>] 
>>> physdev_map_pirq+0x507/0x5d1
>>> (XEN) [2014-01-22 12:27:07]    [<ffff82d08017f814>] 
>>> do_physdev_op+0x646/0x119e
>>> (XEN) [2014-01-22 12:27:07]    [<ffff82d08022231b>] syscall_enter+0xeb/0x145
>>> (XEN) [2014-01-22 12:27:07] 
>>> (XEN) [2014-01-22 12:27:07] Pagetable walk from 0000000000000004:
>> Considering the similarity, this is surely another incarnation of
>> the same issue. Which gets me to ask first of all - is the device
>> being acted upon an MSI-X capable one? If not, why is the call
>> being made? If so (and Xen thinks differently) that's what
>> needs fixing.
>>
>> On that basis I'm also going to ignore your patch for the first
>> problem, Andrew: It's either incomplete or unnecessary or
>> fixing the wrong thing.
> 
> I am going to go with incomplete - it is certainly not unnecessary.  The
> PCI device parameters to pci_prepare_msix() are completely guest
> controlled; There is no validation of the SBDF at all.

"Fixing the wrong thing" presumably, after taking a closer look at
Konrad's second crash: The device in question really appears to
be MSI-X capable, yet alloc_pdev() didn't recognize it as such. I
wonder whether the capability gets displayed/hidden dynamically
based on some other enabling the driver may be doing on the
device. In which case we'd need to allocate the structure on
demand.

But of course I'd like to first have confirmation that that's really
what is happening here.

Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH] x86/msi: Validate the guest-identified PCI devices in pci_prepare_msix()
  - From: Konrad Rzeszutek Wilk

References:
- Re: [Xen-devel] Regression compared to Xen 4.3, Xen 4.4-rc2 - pci_prepare_msix+0xb1/0x12 - BOOM
  - From: Andrew Cooper
- [Xen-devel] [PATCH] x86/msi: Validate the guest-identified PCI devices in pci_prepare_msix()
  - From: Andrew Cooper
- Re: [Xen-devel] [PATCH] x86/msi: Validate the guest-identified PCI devices in pci_prepare_msix()
  - From: Konrad Rzeszutek Wilk
- Re: [Xen-devel] [PATCH] x86/msi: Validate the guest-identified PCI devices in pci_prepare_msix()
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH] x86/msi: Validate the guest-identified PCI devices in pci_prepare_msix()
  - From: Andrew Cooper

Prev by Date: Re: [Xen-devel] [PATCH OSSTEST 00/17] refactor and clean up make-flight
Next by Date: Re: [Xen-devel] Project idea: make QEMU more flexible
Previous by thread: Re: [Xen-devel] [PATCH] x86/msi: Validate the guest-identified PCI devices in pci_prepare_msix()
Next by thread: Re: [Xen-devel] [PATCH] x86/msi: Validate the guest-identified PCI devices in pci_prepare_msix()
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.