[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 8/9] vpci/header: Reset the command register when adding devices

  • To: Oleksandr Andrushchenko <Oleksandr_Andrushchenko@xxxxxxxx>, Oleksandr Andrushchenko <andr2000@xxxxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Tue, 7 Sep 2021 11:19:18 +0200
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=AfkubQ/XUUoMzWb4P1EI2bnBghkZcRYqwXc3h2OW3OA=; b=IhGbeBi7cOP3SKgUw7wqyvgpb40L93xtaPgw4WapCflni583Wg7jOv6IlV0t1JYELj3kfVykM0JCFBPayDdYa2ANMHEbtOPmgX3MO8BC9C9dUGQIxotfgDjMQw/a5ihBIT7pusWIuWivMBS7uj1oZqu2vdVskADi4GNFTBRY7+ioPaUtelEo3IhR7p39rs5HIap+T7eVKO2UhBJUYOH0y/sanzTszxtNYD/vJ+sJy5stFiW08/DfAh1UQE+BHfRhxi5IZngi4nS5aAxu0Hz2oQpZWxHSsFzXScASYzz8EtoqEgeYXnNZe2fu3JxK03Q8NA0bqW06WcBC3nBSmUvuYA==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=O4eV2BFg8QDjioBXGlM5Vy2DM1xW+mlurUUvHt85SNQfbFXjHyACG7r1Alu6ZhymIBZQvtX8V0yepjUKuUHKmjrD4Cw/mvq7gI4b5mpzFldZrRfArZ2xOzP5TH+IeN8hIix4yKLmbPBT+hYCxJ4dH8JKMAQhghZunPNIZeiH2QkF112rCT+NxuluI8XinayV0wyly6XUzyBL9pBHyU3f+eBE6Dq3/49MbQNAA3i+UpnFtFYJxcgKSKKAz8olK4fa8UXEGmEZLDcp6MqYTA0fxahOZIX1xh8Wr1B4/Tex7T+iGXEwNSlmWHebzhuhhdl7NnXh+9fGkcbQYD6txH9bkw==
  • Authentication-results: lists.xenproject.org; dkim=none (message not signed) header.d=none;lists.xenproject.org; dmarc=none action=none header.from=suse.com;
  • Cc: "julien@xxxxxxx" <julien@xxxxxxx>, "sstabellini@xxxxxxxxxx" <sstabellini@xxxxxxxxxx>, Oleksandr Tyshchenko <Oleksandr_Tyshchenko@xxxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>, Artem Mygaiev <Artem_Mygaiev@xxxxxxxx>, "roger.pau@xxxxxxxxxx" <roger.pau@xxxxxxxxxx>, Bertrand Marquis <bertrand.marquis@xxxxxxx>, Rahul Singh <rahul.singh@xxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Tue, 07 Sep 2021 09:19:27 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 07.09.2021 11:07, Oleksandr Andrushchenko wrote:
> On 07.09.21 11:49, Jan Beulich wrote:
>> On 07.09.2021 10:18, Oleksandr Andrushchenko wrote:
>>> So, if we have a hidden PCI device which can be assigned to a guest and it 
>>> is literally untouched
>>> (not enabled in Dom0) then I think there will be no such reference as "host 
>>> assigned values" as
>>> most probably the command register will remain in its after reset state.
>> What meaning of "hidden" do you imply here? Devices passed to
>> pci_{hide,ro}_device() may not be assigned to guests ...
> You are completely right here.
>> For any other meaning of "hidden", even if the device is completely
>> ignored by Dom0,
> Dom0less is such a case when a device is assigned to the guest
> without Dom0 at all?

In this case it is entirely unclear to me what entity it is to have
a global view on the PCI subsystem.

>>   certain of the properties still cannot be allowed
>> to be DomU-controlled.
> The list is not that big, could you please name a few you think cannot
> be controlled by a guest? I can think of PCI_COMMAND_SPECIAL(?),
> be aligned with the "host reference" values, e.g. we only allow those bits
> to be set as they are in Dom0.

Well, you've compile a list already, and I did say so before as well:
Everything except I/O and memory decoding as well as bus mastering
needs at least closely looking at. INTX_DISABLE, for example, is
something I don't think a guest should be able to directly control.
It may still be the case that the host permits it control, but then
only indirectly, allowing the host to appropriately adjust its

Note that even for I/O and memory decoding as well as bus mastering
it may be necessary to limit guest control: In case the host wants
to disable any of these (perhaps transiently) despite the guest
wanting them enabled.




Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.