[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v6 04/13] vpci: restrict unhandled read/write operations for guests
- To: Oleksandr Andrushchenko <andr2000@xxxxxxxxx>
- From: Jan Beulich <jbeulich@xxxxxxxx>
- Date: Fri, 4 Feb 2022 15:11:05 +0100
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=pXqhIx2/MHFJxsI/48OJ7e6xGK/hEy/VZK/YNYBaj2E=; b=jI/oiVd804xd9Fix1OTQBzP4p2GJ6uNJq6PaELPTP9YUCsjRfnFTf9vIY2LynJkn7CWBP4YaGzN5c+NwEuINDQQqzfQBs7mXjYY/GS4Te8c3kdmpebcXVWMXokOkQ3bC0mzkD867a8jnboHo25ntRI/UuQKA2XPXFwScGaboJrHQreBeC0Lnk3O6okHvzZX5pbG7Qs+41oaqSrfDRCIzYWOsidqKUaD6sWa1SyJ9dqOLqDs/8PNgzuK3CQqILYneG1hFwcVrZeHMciT1q9TNe6ojRTTqpkf/7nJKy8gQERnfU2y3/FUS9ry8VcrE1Gj6/KFpBJpSxgqybMl3gxjqHQ==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=WOTdsBDW0fmjGxh30NUYg5Fotka5Cq97UuijY2a/1dapSADmS9L4l+MSWR0CZOCw78fE0Shd02Pvm+laGGBDBPzz4Fr6xQj1n4rz6P9RVLIYS5I4Mvn8QfFkg1HFPBbYWLHHyHopiZTAyL/Gk0gRacrNo77bM5406fRFiSjREkmeQujXeF9SHAm1osiOi/Bt0OuvxMhd2u1YRFylq4yu+O2TVnf6BM+fVqwjtMcknM8ehYOHOtyx7QIyxu8kirTxTIiZ5ynBu8grfXAVPItUoTbDjLbO3lDztc/u4QP/ODkrEMUITxGWY0/ra7JpDmrH46F1AZHynvnlvqM/HigE/g==
- Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
- Cc: julien@xxxxxxx, sstabellini@xxxxxxxxxx, oleksandr_tyshchenko@xxxxxxxx, volodymyr_babchuk@xxxxxxxx, artem_mygaiev@xxxxxxxx, roger.pau@xxxxxxxxxx, andrew.cooper3@xxxxxxxxxx, george.dunlap@xxxxxxxxxx, paul@xxxxxxx, bertrand.marquis@xxxxxxx, rahul.singh@xxxxxxx, Oleksandr Andrushchenko <oleksandr_andrushchenko@xxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
- Delivery-date: Fri, 04 Feb 2022 14:11:17 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 04.02.2022 07:34, Oleksandr Andrushchenko wrote:
> A guest can read and write those registers which are not emulated and
> have no respective vPCI handlers, so it can access the HW directly.
I don't think this describes the present situation. Or did I miss where
devices can actually be exposed to guests already, despite much of the
support logic still missing?
> In order to prevent a guest from reads and writes from/to the unhandled
> registers make sure only hardware domain can access HW directly and restrict
> guests from doing so.
Tangential question: Going over the titles of the remaining patches I
notice patch 6 is going to deal with BAR accesses. But (going just
from the titles) I can't spot anywhere that vendor and device IDs
would be exposed to guests. Yet that's the first thing guests will need
in order to actually recognize devices. As said before, allowing guests
access to such r/o fields is quite likely going to be fine.
> --- a/xen/drivers/vpci/vpci.c
> +++ b/xen/drivers/vpci/vpci.c
> @@ -215,11 +215,15 @@ int vpci_remove_register(struct vpci *vpci, unsigned
> int offset,
> }
>
> /* Wrappers for performing reads/writes to the underlying hardware. */
> -static uint32_t vpci_read_hw(pci_sbdf_t sbdf, unsigned int reg,
> +static uint32_t vpci_read_hw(bool is_hwdom, pci_sbdf_t sbdf, unsigned int
> reg,
> unsigned int size)
Was the passing around of a boolean the consensus which was reached?
Personally I'd fine it more natural if the two functions checked
current->domain themselves.
Jan
|
