[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH 2/2] VT-d: extend error report masking workaround to newer chipsets
Thanks, Acked-by: Xiantao Zhang <xiantao.zhang@xxxxxxxxx> Xiantao. > -----Original Message----- > From: Jan Beulich [mailto:JBeulich@xxxxxxxx] > Sent: Monday, April 28, 2014 4:02 PM > To: xen-devel > Cc: Dugger, Donald D; Zhang, Xiantao > Subject: [PATCH 2/2] VT-d: extend error report masking workaround to newer > chipsets > > Add two more PCI IDs to the set that has been taken care of with a different > workaround long before XSA-59, and (for constency with the newer > workarounds) log a message here too. > > Also move the function wide comment to the cases it applies to; this should > really have been done by d061d200 ("VT-d: suppress UR signaling for server > chipsets"). > > This is CVE-2013-3495 / XSA-59. > > Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> > > --- a/xen/drivers/passthrough/vtd/quirks.c > +++ b/xen/drivers/passthrough/vtd/quirks.c > @@ -379,12 +379,6 @@ void me_wifi_quirk(struct domain *domain > } > } > > -/* > - * Mask reporting Intel VT-d faults to IOH core logic: > - * - Some platform escalates VT-d faults to platform errors > - * - This can cause system failure upon non-fatal VT-d faults > - * - Potential security issue if malicious guest trigger VT-d faults > - */ > void pci_vtd_quirk(const struct pci_dev *pdev) { > int seg = pdev->seg; > @@ -402,10 +396,20 @@ void pci_vtd_quirk(const struct pci_dev > > switch ( pci_conf_read16(seg, bus, dev, func, PCI_DEVICE_ID) ) > { > + /* > + * Mask reporting Intel VT-d faults to IOH core logic: > + * - Some platform escalates VT-d faults to platform errors. > + * - This can cause system failure upon non-fatal VT-d faults. > + * - Potential security issue if malicious guest trigger VT-d faults. > + */ > + case 0x0e28: /* Xeon-E5v2 (IvyBridge) */ > case 0x342e: /* Tylersburg chipset (Nehalem / Westmere systems) */ > + case 0x3728: /* Xeon C5500/C3500 (JasperForest) */ > case 0x3c28: /* Sandybridge */ > val = pci_conf_read32(seg, bus, dev, func, 0x1AC); > pci_conf_write32(seg, bus, dev, func, 0x1AC, val | (1 << 31)); > + printk(XENLOG_INFO "Masked VT-d error signaling > on %04x:%02x:%02x.%u\n", > + seg, bus, dev, func); > break; > > /* Tylersburg (EP)/Boxboro (MP) chipsets (NHM-EP/EX, WSM-EP/EX) */ > > _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |