[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2] vpci: add permission checks to map_range()

  • To: Jan Beulich <jbeulich@xxxxxxxx>, Roger Pau Monne <roger.pau@xxxxxxxxxx>
  • From: "Daniel P. Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>
  • Date: Thu, 27 Jul 2023 07:07:46 -0400
  • Arc-authentication-results: i=1; mx.zohomail.com; dkim=pass header.i=apertussolutions.com; spf=pass smtp.mailfrom=dpsmith@xxxxxxxxxxxxxxxxxxxx; dmarc=pass header.from=<dpsmith@xxxxxxxxxxxxxxxxxxxx>
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1690456072; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:To; bh=lpKA5PHRg3WWL504PILmYBYaZ5GD8vX74mjfOTcAdGQ=; b=YAvA8/J48pgHcLArErgPtZAAYXJ6Wlybjim/4y2a4/jbdYXnIWZGwZgUpvEZhijGLSfLzftJ1VFAuk7E0NUshx1ENibwTIfbi25DP36EAOc3x1xnVqmWi2niCp7siNtjJooP3UPkC/vIKqu37uKaxCPWw/CqaULFBt/2cfNhPww=
  • Arc-seal: i=1; a=rsa-sha256; t=1690456072; cv=none; d=zohomail.com; s=zohoarc; b=cqZ9HDVq8rctYo2627CbbrKdDZdThT5NAa+ZwxyxNxsaNJBJlP8RcARyFA3BZpFZ+PUMkYQ4c681YIwujGuoAYB9spM3iuCa58XdAAXNtbm63i30d0hjWPBCHWmDdorma5WwKjDsj4Lyex/tNk2+cgO5Zrv+YbuuUlp1R77Yn4Q=
  • Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
  • Delivery-date: Thu, 27 Jul 2023 11:08:07 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>


On 7/27/23 03:56, Jan Beulich wrote:

On 26.07.2023 16:01, Roger Pau Monne wrote:

Just like it's done for the XEN_DOMCTL_memory_mapping hypercall, add
the permissions checks to vPCI map_range(), which is used to map the
BARs into the domain p2m.

Adding those checks requires that for x86 PVH hardware domain builder
the permissions are set before initializing the IOMMU, or else
attempts to initialize vPCI done as part of IOMMU device setup will
fail due to missing permissions to create the BAR mappings.

While moving the call to dom0_setup_permissions() convert the panic()
used for error handling to a printk, the caller will already panic if
required.

Fixes: 9c244fdef7e7 ('vpci: add header handlers')
Signed-off-by: Roger Pau Monné <roger.pau@xxxxxxxxxx>


I've committed this, but despite the Fixes: tag I'm not sure this
wants backporting. Thoughts?

Jan
From a cursory review thus far, since this introduced a new XSM hook site, shouldn't this have at least had an Rb by an XSM reviewer/maintainer? I would have replied sooner, but have been on holiday for last two weeks. 

V/r,
Daniel P. Smith

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.