|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH v4 5/6] xen/x86: add PHYSDEVOP_msi_set_enable
>>> Roger Pau Monné <roger.pau@xxxxxxxxxx> 03/04/19 11:19 AM >>>
>On Sun, Mar 03, 2019 at 02:10:24AM +0100, Marek Marczykowski wrote:
>> On Thu, Feb 28, 2019 at 01:25:50PM +0100, Marek Marczykowski wrote:
>> > On Thu, Feb 28, 2019 at 03:58:37AM -0700, Jan Beulich wrote:
>> > > Another thing: You're also bypassing the MSI{,-X}-already-enabled
>> > > checks that __pci_enable_msi{,x}() do, yet allowing to enable both
>> > > on a device would be a security issue.
>> >
>> > Ok.
>>
>> Hmm, could you explain more? Is that only the case when interrupt
>> remapping is missing?
>
>I think what Jan mentions is that the hypercall to enable MSI(-X)
>should make sure PCI INTx is disabled, and prevent enabling both MSI
>and MSI-X on the same device.
>
>The device model that manages the passthrough device should already
>make sure of that, but Xen should also protect itself against
>bad-behaved device models when possible.
Right, and specifically in the case where the device model itself runs with
limited privileges.
Jan
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |