[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] vpci: don't allow access to devices not assigned to the domain

To: Roger Pau Monne <roger.pau@xxxxxxxxxx>, Kevin Tian <kevin.tian@xxxxxxxxx>
From: Jan Beulich <jbeulich@xxxxxxxx>
Date: Mon, 2 Sep 2019 13:58:07 +0200
Cc: Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>, George Dunlap <George.Dunlap@xxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Ian Jackson <ian.jackson@xxxxxxxxxxxxx>, TimDeegan <tim@xxxxxxx>, Julien Grall <julien.grall@xxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
Delivery-date: Mon, 02 Sep 2019 11:58:09 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 02.09.2019 13:30, Roger Pau Monne wrote:
> Don't allow the hardware domain to access the PCI config space of
> devices not assigned to it. Ie: the config space of iommu devices
> in use by Xen should not be accessible to the hardware domain.

Well, I agree with what you say above, but the code change disallows
much more than this. In particular Dom0 (and maybe stub domains too)
need to be able to access the config space of devices assigned to
guests, e.g. for qemu to control MSI and/or MSI-X.

> --- a/xen/drivers/vpci/vpci.c
> +++ b/xen/drivers/vpci/vpci.c
> @@ -319,7 +319,21 @@ uint32_t vpci_read(pci_sbdf_t sbdf, unsigned int reg, 
> unsigned int size)
>      /* Find the PCI dev matching the address. */
>      pdev = pci_get_pdev_by_domain(d, sbdf.seg, sbdf.bus, sbdf.devfn);
>      if ( !pdev )
> +    {
> +        pcidevs_lock();
> +        pdev = pci_get_pdev(sbdf.seg, sbdf.bus, sbdf.devfn);
> +        pcidevs_unlock();

The locking here points out a pre-existing issue: While
pci_get_pdev_by_domain() doesn't check that the pcidevs lock is
being held, it really should. It not doing so is (I guess) because
VT-d code too looks to be violating this. Kevin - thoughts?

Jan

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH] vpci: don't allow access to devices not assigned to the domain
  - From: Tian, Kevin
- Re: [Xen-devel] [PATCH] vpci: don't allow access to devices not assigned to the domain
  - From: Roger Pau Monné

References:
- [Xen-devel] [PATCH] vpci: don't allow access to devices not assigned to the domain
  - From: Roger Pau Monne

Prev by Date: Re: [Xen-devel] [PATCH] x86/xen/efi: Fix EFI variable 'name' type conversion
Next by Date: Re: [Xen-devel] Ping: [PATCH 1/6] x86emul: generalize wbinvd() hook
Previous by thread: [Xen-devel] [PATCH] vpci: don't allow access to devices not assigned to the domain
Next by thread: Re: [Xen-devel] [PATCH] vpci: don't allow access to devices not assigned to the domain
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.