[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH 1/6] xen: Add support for hiding and unhiding pcie passthrough devices
>>> On 07.07.17 at 20:11, <venu.busireddy@xxxxxxxxxx> wrote: > On 2017-07-06 02:45:18 -0600, Jan Beulich wrote: >> I think so, but I may be missing parts of your reasoning as to why >> hiding the device may be a good thing. > > Here is the rationale behind hiding the erring device. > > If a device is misbehaving, one of the following two things could be > happening: > > a) The error is caused by the misconfiguration of the guest driver or > the firmware. This may not be a big problem. > > b) The error is caused by the owner of the domain re-flashing the firmware > of the device and inserting a rogue firmware. This is a big problem. > > And the problem is that we can't differentiate between a) and b). > > If it is case b), then we certainly need to investigate and make sure > that the firmware is the correct version and/or reload a new firmware to > over-write the old one (just to be safe). Either way, the device needs to > be unassignable until the root cause is investigated. Hiding the device > is the safest way to ensure that the device is unassignable. Otherwise, > the administrator may inadvertently reboot the domain to which the > device was assigned, or, the domain itself may reboot upon errors, and in > either case, the device gets reassigned to the domain upon reboot! Hiding > the device prevents this. > > However, if you think that all of this is too much paranoia, I am fine > with not hiding the device, and we simply de-assign the device from the > domain. I leave the decision to you. Well, what if the firmware being installed is rogue, but doesn't cause behavior that would result in us noticing right away? Passing through non-SR-IOV devices isn't entirely secure anyway, and I don't think SR-IOV VFs would permit firmware updates (I'd expect that to be possible via the PF only). So I'm afraid hiding the devices won't buy us much. Jan _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx https://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |