[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Xen-unstable: AMD-Vi: update_paging_mode Try to access pdev_list without aquiring pcidevs_lock.

To: Sander Eikelenboom <linux@xxxxxxxxxxxxxx>
From: Jan Beulich <jbeulich@xxxxxxxx>
Date: Tue, 12 Nov 2019 12:05:26 +0100
Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Paul Durrant <paul@xxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
Delivery-date: Tue, 12 Nov 2019 11:05:34 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 11.11.2019 22:38, Sander Eikelenboom wrote:
> When supplying "pci=nomsi" to the guest kernel, the device works fine,
> and I don't get the "INVALID_DEV_REQUEST".
> 
> After reverting 1b00c16bdf, the device works fine 
> and I don't get the INVALID_DEV_REQUEST, 

Could you give the patch below a try? That commit took care of only
securing ourselves, but not of relaxing things again when a device
gets handed to a guest for actual use.

Jan

AMD/IOMMU: restore DTE fields in amd_iommu_setup_domain_device()

Commit 1b00c16bdf ("AMD/IOMMU: pre-fill all DTEs right after table
allocation") moved ourselves into a more secure default state, but
didn't take sufficient care to also undo the effects when handing a
previously disabled device back to a(nother) domain. Put the fields
that may have been changed elsewhere back to their intended values
(some fields amd_iommu_disable_domain_device() touches don't
currently get written anywhere else, and hence don't need modifying
here).

Reported-by: Sander Eikelenboom <linux@xxxxxxxxxxxxxx>
Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>

--- unstable.orig/xen/drivers/passthrough/amd/pci_amd_iommu.c
+++ unstable/xen/drivers/passthrough/amd/pci_amd_iommu.c
@@ -114,11 +114,21 @@ static void amd_iommu_setup_domain_devic
 
     if ( !dte->v || !dte->tv )
     {
+        const struct ivrs_mappings *ivrs_dev;
+
         /* bind DTE to domain page-tables */
         amd_iommu_set_root_page_table(
             dte, page_to_maddr(hd->arch.root_table), domain->domain_id,
             hd->arch.paging_mode, valid);
 
+        /* Undo what amd_iommu_disable_domain_device() may have done. */
+        ivrs_dev = &get_ivrs_mappings(iommu->seg)[req_id];
+        if ( dte->it_root )
+            dte->int_ctl = IOMMU_DEV_TABLE_INT_CONTROL_TRANSLATED;
+        dte->iv = iommu_intremap;
+        dte->ex = ivrs_dev->dte_allow_exclusion;
+        dte->sys_mgt = MASK_EXTR(ivrs_dev->device_flags, 
ACPI_IVHD_SYSTEM_MGMT);
+
         if ( pci_ats_device(iommu->seg, bus, pdev->devfn) &&
              iommu_has_cap(iommu, PCI_CAP_IOTLB_SHIFT) )
             dte->i = ats_enabled;


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

Follow-Ups:
- Re: [Xen-devel] Xen-unstable: AMD-Vi: update_paging_mode Try to access pdev_list without aquiring pcidevs_lock.
  - From: Sander Eikelenboom

References:
- Re: [Xen-devel] Xen-unstable: AMD-Vi: update_paging_mode Try to access pdev_list without aquiring pcidevs_lock.
  - From: Jan Beulich
- Re: [Xen-devel] Xen-unstable: AMD-Vi: update_paging_mode Try to access pdev_list without aquiring pcidevs_lock.
  - From: Sander Eikelenboom

Prev by Date: [Xen-devel] [xen-4.11-testing test] 144025: tolerable FAIL - PUSHED
Next by Date: Re: [Xen-devel] [PATCH] Introduce a description of a new optional tag for Backports
Previous by thread: Re: [Xen-devel] Xen-unstable: AMD-Vi: update_paging_mode Try to access pdev_list without aquiring pcidevs_lock.
Next by thread: Re: [Xen-devel] Xen-unstable: AMD-Vi: update_paging_mode Try to access pdev_list without aquiring pcidevs_lock.
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.