Xen project Mailing List

Re: [Xen-devel] [PATCH v2] x86 / iommu: set up a scratch page in the quarantine domain

To: Jürgen Groß <jgross@xxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

Date: Tue, 3 Dec 2019 10:36:17 +0100

Cc: xen-devel@xxxxxxxxxxxxxxxxxxxx, Paul Durrant <pdurrant@xxxxxxxxxx>, Kevin Tian <kevin.tian@xxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>

Delivery-date: Tue, 03 Dec 2019 09:36:22 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 28.11.2019 12:32, Jürgen Groß wrote: > On 28.11.19 12:17, Jan Beulich wrote: >> On 27.11.2019 18:11, Paul Durrant wrote: >>> This patch introduces a new iommu_op to facilitate a per-implementation >>> quarantine set up, and then further code for x86 implementations >>> (amd and vtd) to set up a read-only scratch page to serve as the source >>> for DMA reads whilst a device is assigned to dom_io. DMA writes will >>> continue to fault as before. >>> >>> The reason for doing this is that some hardware may continue to re-try >>> DMA (despite FLR) in the event of an error, or even BME being cleared, and >>> will fail to deal with DMA read faults gracefully. Having a scratch page >>> mapped will allow pending DMA reads to complete and thus such buggy >>> hardware will eventually be quiesced. >>> >>> NOTE: These modifications are restricted to x86 implementations only as >>> the buggy h/w I am aware of is only used with Xen in an x86 >>> environment. ARM may require similar code but, since I am not >>> aware of the need, this patch does not modify any ARM implementation. >>> >>> Signed-off-by: Paul Durrant <pdurrant@xxxxxxxxxx> >> >> Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx> >> >>> There is still the open question of whether use of a scratch page ought >>> to be gated on something, either are run-time or compile-time. >> >> I have no clear opinion either way here. The workaround seems low >> overhead enough that there may not be a need to have an admin (or >> build time) control for this. >> >> As to 4.13: The quarantining as a whole is pretty fresh. While it >> has been backported to security maintained trees, I'd still consider >> it a new feature in 4.13, and hence this workaround at least eligible >> for consideration. > > I agree. > > Release-acked-by: Juergen Gross <jgross@xxxxxxxx> I notice this has been committed meanwhile. I had specifically not done so due to the still missing VT-d ack, seeing that this wasn't an entirely "trivial" change. Jan _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.