[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] vpci: don't allow access to devices not assigned to the domain

To: Roger Pau Monné <roger.pau@xxxxxxxxxx>
From: Jan Beulich <jbeulich@xxxxxxxx>
Date: Mon, 2 Sep 2019 16:15:02 +0200
Cc: Kevin Tian <kevin.tian@xxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>, George Dunlap <George.Dunlap@xxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Ian Jackson <ian.jackson@xxxxxxxxxxxxx>, TimDeegan <tim@xxxxxxx>, Julien Grall <julien.grall@xxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
Delivery-date: Mon, 02 Sep 2019 14:15:14 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 02.09.2019 15:58, Roger Pau Monné  wrote:
> On Mon, Sep 02, 2019 at 01:58:07PM +0200, Jan Beulich wrote:
>> On 02.09.2019 13:30, Roger Pau Monne wrote:
>>> Don't allow the hardware domain to access the PCI config space of
>>> devices not assigned to it. Ie: the config space of iommu devices
>>> in use by Xen should not be accessible to the hardware domain.
>>
>> Well, I agree with what you say above, but the code change disallows
>> much more than this. In particular Dom0 (and maybe stub domains too)
>> need to be able to access the config space of devices assigned to
>> guests, e.g. for qemu to control MSI and/or MSI-X.
> 
> Right, I was overlooking the fact that a domain using vPCI itself
> should be able to handle passthrough backends for other domains.
> 
> I think the condition should instead check if the device is assigned
> to dom_xen, and don't allow domains access to devices assigned to
> dom_xen.

Even that goes too far imo: We deliberately allow read access to
r/o devices, in order to avoid anomalies in bus enumeration in
Dom0. And I'd very much hope write attempts already honor the
pseg->ro_map bit for a device.

Jan

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH] vpci: don't allow access to devices not assigned to the domain
  - From: Roger Pau Monné

References:
- [Xen-devel] [PATCH] vpci: don't allow access to devices not assigned to the domain
  - From: Roger Pau Monne
- Re: [Xen-devel] [PATCH] vpci: don't allow access to devices not assigned to the domain
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH] vpci: don't allow access to devices not assigned to the domain
  - From: Roger Pau Monné

Prev by Date: Re: [Xen-devel] [PATCH v7 1/6] x86/domain: remove the 'oos_off' flag
Next by Date: Re: [Xen-devel] [PATCH 2/2] x86/AMD: Fix handling of x87 exception pointers on Fam17h hardware
Previous by thread: Re: [Xen-devel] [PATCH] vpci: don't allow access to devices not assigned to the domain
Next by thread: Re: [Xen-devel] [PATCH] vpci: don't allow access to devices not assigned to the domain
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.