|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH] x86: protect MSI-X table and pending bit array from guest writes
>>> On 21.09.10 at 17:17, Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> wrote: > On Mon, Sep 20, 2010 at 02:23:51PM +0100, Jan Beulich wrote: >> These structures are used by Xen, and hence guests must not be able >> to fiddle with them. >> >> qemu-dm currently plays with the MSI-X table, requiring Dom0 to >> still have write access. This is broken (explicitly allowing the guest >> write access to the mask bit) and should be fixed in qemu-dm, at which >> time Dom0 won't need any special casing anymore. >> >> The changes are made under the assumption that p2m_mmio_direct will >> only ever be used for order 0 pages. >> >> An open question is whether dealing with pv guests (including the >> IOMMU-less case) is necessary, as handling mappings a domain may >> already have in place at the time the first interrupt gets set up >> would require scanning all of the guest's L1 page table pages. > > When the PCI passthrough is utilized for PV guests we utilize > the xc_domain_iomem_permission, xc_domain_ioport_permission, and > xc_physdev_map_pirq before we even start the guest. > With your patch, will the MFN regions that are specified by the > iomem_permission still be visible to the PV domain? Yes, just that the page(s) containing MSI-X table and PBA won't be writeable anymore (if the guest tries to map them so, they'll get mapped read-only). And yes, the MSI-X table should be ignored by pv guests altogether, and the PBA (afaict) isn't being used by Linux up to now. Jan _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |