[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH 3/3][4.16?] VT-d: don't needlessly engage the untrusted-MSI workaround

  • To: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Tue, 9 Nov 2021 15:58:17 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=pI2I0oSjXvpskejeIS7I4+Eo2D0UJGIdxq3pdjMmjqA=; b=TLrn4DBjymBTTld1gTKKWVFLDQR+yuXmyZHToeUEIQBKNWFqFlVvKqyNOy+oMF7xJSiCwnzYV+Fi9nlCj92p73oOUyfnNQvVhNtPikacDRP0Dp8JmXyJ8L/BWjDAEz1M0l/aBA3VYPvlGmY1JJFo3ZiHg5lgQSfuH5X0K8edo/tI0xjAuE2zERiGRxuH1iSwrx5K4TElvRl4rsYnM6w1eM7xUn8r/YHnbVLbmf8PWNysLAXNDpva8cU5BWybg8tg7SRr5IZrptQp0IXS7Bh1DvCZmA7wi8q2XswRgZL9BErjMG/jFeUwsrx6+hoAZqyAGsA8IKOV0nrq7Lw0PhKvHQ==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ld9ccBFHjmzCx77rMxovZKtzR2YSMOV4DyDpimUnrTR4eY8M5slkCrM7CmaB0N2InWitY5FtOKgi51FcnnEYsnkzNQRFr273N6Hq2n0XpTJfYu4iVvO5E1wwTEXo6mwXMmJx/ht9Jr4ZMTcZUsF5FL9ryciIqyz/QcE4OxW8kFXrCLOWlfYHrnHKpC9Out09JDwDW6MlVypVBEyGIEfqH1GNIwfd0LjaUoTyTqJei56nxaR2JRjw101GJo8Z/jCrTO/qxusb6AeEQO+oML/R69iCvMffx+AfaUBbP0DXtKC0XHpvTch/NKx7M240hryXd9KUK2cqrGPhXx9xtM603g==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
  • Cc: Kevin Tian <kevin.tian@xxxxxxxxx>, Paul Durrant <paul@xxxxxxx>, Ian Jackson <ian.jackson@xxxxxxxxxx>
  • Delivery-date: Tue, 09 Nov 2021 14:58:36 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
The quarantine domain doesn't count as a DomU, as it won't itself
trigger any bad behavior. The workaround only needs enabling when an
actual DomU is about to gain control of a device. This then also means
enabling of the workaround can be deferred until immediately ahead of
the call to domain_context_mapping(). While there also stop open-coding
is_hardware_domain().

Fixes: 319f9a0ba94c ("passthrough: quarantine PCI devices")
Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>

--- a/xen/drivers/passthrough/vtd/iommu.c
+++ b/xen/drivers/passthrough/vtd/iommu.c
@@ -2404,14 +2404,6 @@ static int reassign_device_ownership(
     int ret;
 
     /*
-     * Devices assigned to untrusted domains (here assumed to be any domU)
-     * can attempt to send arbitrary LAPIC/MSI messages. We are unprotected
-     * by the root complex unless interrupt remapping is enabled.
-     */
-    if ( (target != hardware_domain) && !iommu_intremap )
-        untrusted_msi = true;
-
-    /*
      * If the device belongs to the hardware domain, and it has RMRR, don't
      * remove it from the hardware domain, because BIOS may use RMRR at
      * booting time.
@@ -2455,6 +2447,15 @@ static int reassign_device_ownership(
     if ( !has_arch_pdevs(target) )
         vmx_pi_hooks_assign(target);
 
+    /*
+     * Devices assigned to untrusted domains (here assumed to be any domU)
+     * can attempt to send arbitrary LAPIC/MSI messages. We are unprotected
+     * by the root complex unless interrupt remapping is enabled.
+     */
+    if ( !iommu_intremap && !is_hardware_domain(target) &&
+         !is_system_domain(target) )
+        untrusted_msi = true;
+
     ret = domain_context_mapping(target, devfn, pdev);
     if ( ret )
     {

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.