Xen project Mailing List

Re: [Xen-devel] [PATCH 09/28] ARM: GICv3 ITS: map device and LPIs to the ITS on physdev_op hypercall

To: Andre Przywara <andre.przywara@xxxxxxx>

From: Stefano Stabellini <sstabellini@xxxxxxxxxx>

Date: Tue, 14 Feb 2017 12:11:53 -0800 (PST)

Cc: xen-devel@xxxxxxxxxxxxxxxxxxxx, Julien Grall <julien.grall@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Vijay Kilari <vijay.kilari@xxxxxxxxx>

Delivery-date: Tue, 14 Feb 2017 20:12:10 +0000

List-id: Xen developer discussion <xen-devel.lists.xen.org>

On Mon, 30 Jan 2017, Andre Przywara wrote: > To get MSIs from devices forwarded to a CPU, we need to name the device > and its MSIs by mapping them to an ITS. > Since this involves queueing commands to the ITS command queue, we can't > really afford to do this during the guest's runtime, as this would open > up a denial-of-service attack vector. > So we require every device with MSI interrupts to be mapped explicitly by > Dom0. For Dom0 itself we can just use the existing PCI physdev_op > hypercalls, which the existing Linux kernel issues already. > So upon receipt of this hypercall we map the device to the hardware ITS > and prepare it to be later mapped by the virtual ITS by using the very > same device ID (for Dom0 only). > Also we ask for mapping 32 LPIs to cover 32 MSIs that the device may > use. > > Signed-off-by: Andre Przywara <andre.przywara@xxxxxxx> > --- > xen/arch/arm/physdev.c | 21 +++++++++++++++++++++ > 1 file changed, 21 insertions(+) > > diff --git a/xen/arch/arm/physdev.c b/xen/arch/arm/physdev.c > index 27bbbda..6e02de4 100644 > --- a/xen/arch/arm/physdev.c > +++ b/xen/arch/arm/physdev.c > @@ -9,11 +9,32 @@ > #include <xen/lib.h> > #include <xen/errno.h> > #include <xen/sched.h> > +#include <xen/guest_access.h> > +#include <asm/gic_v3_its.h> > #include <asm/hypercall.h> > > > int do_physdev_op(int cmd, XEN_GUEST_HANDLE_PARAM(void) arg) > { > + struct physdev_manage_pci manage; > + u32 devid; > + int ret; > + > + switch (cmd) > + { > + case PHYSDEVOP_manage_pci_add: > + case PHYSDEVOP_manage_pci_remove: > + if ( copy_from_guest(&manage, arg, 1) != 0 ) > + return -EFAULT; You need to check that current is the hardware domain first. > + devid = manage.bus << 8 | manage.devfn; > + /* Allocate an ITS device table with space for 32 MSIs */ Please explain why 32 > + ret = gicv3_its_map_guest_device(hardware_domain, devid, devid, > 5, > + cmd == > PHYSDEVOP_manage_pci_add); > + > + return ret; > + } > + > gdprintk(XENLOG_DEBUG, "PHYSDEVOP cmd=%d: not implemented\n", cmd); > return -ENOSYS; > } > -- > 2.9.0 > _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx https://lists.xen.org/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.