[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] c/s 24425:053a44894279 (xsm: add checks on PCI configuration access)



On 06/21/2012 09:20 AM, Jan Beulich wrote:
> The mmconfig part of this is seriously broken: These operations,
> even when carried out by Dom0, are MMIO accesses, and hence
> are invisible to the hypervisor without extra handling. Putting
> the checks into pci_mmcfg_{read,write}() has the effect of
> potentially denying the _hypervisor_ access. So I think at least
> that part needs to be reverted.

I agree - the XSM checks are intended to be done only when the hypervisor
is accessing on behalf of the domain, which looks to be covered by the
traps part of the patch. These checks are currently intended to deny a
domain with IS_PRIV but without full hardware access - in particular,
without access to the PCI configuration MMIO area - from using legacy 
register access to reconfigure PCI devices.

While it may be useful to extend this access check to include the PCI 
configuration MMIO pages, this would require emulating both reads and
writes to any page that has entries that a particular domain does not
have access to. The existing pciback/pcifront configuration access model
already handles these issues without changes to the hypervisor.

> Even the I/O port base logic isn't fully correct - AMD's extension
> to access extended config space isn't being taken care of (i.e.
> wrong register values might get passed to the xsm callback).

Looks like a trivial one-line fix, I'll send a patch momentarily. I wasn't
aware of that extension when I was writing the cf8 decoding.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.