|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH] VT-d: fix RMRR handling
>>> On 01.03.14 at 08:03, "Zhang, Xiantao" <xiantao.zhang@xxxxxxxxx> wrote: > Jan, my comments embedded, thanks! > >> Removing mapped RMRR tracking structures in dma_pte_clear_one() is wrong >> for two reasons: First, these regions may cover more than a single page. And >> second, multiple devices (and hence multiple devices assigned to any >> particular guest) may share a single RMRR (whether assigning such devices to >> distinct guests is a safe thing to do is another question). > > Agree, this is a real issue as you described > >> Therefore move the removal of the tracking structures into the counterpart >> function to the one doing the insertion - intel_iommu_remove_device(), and >> add a reference count to the tracking structure. > > Adding a reference count is a good idea, but from the logic, seems you are > adding a global counter for each rmrr? I don't think so: mapped_rmrrs is rooted in struct hvm_iommu, which is a per-domain thing. > In theory, one rmrr may be mapped for multiple devices in multiple domains, > global counter for once rmrr is not enough. > Maybe we need to per-domain counter there ? And even if it was, I wouldn't think so, for security reasons: Sharing an RMRR across domains is insecure afaict, so if anything we ought to suppress assigning devices sharing an RMRR to different guests (e.g. via intel_iommu_group_id() or a second, similar mechanism), at least in "iommu=force" mode. Jan _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |