|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH] x86/MSI: add mechanism to protect MSI-X table from PV guest accesses
>>> On 06.02.13 at 17:50, "Jan Beulich" <JBeulich@xxxxxxxx> wrote: > This adds two new physdev operations for Dom0 to invoke when resource > allocation for devices is known to be complete, so that the hypervisor > can arrange for the respective MMIO ranges to be marked read-only > before an eventual guest getting such a device assigned even gets > started, such that it won't be able to set up writable mappings for > these MMIO ranges before Xen has a chance to protect them. I should probably mention the alternatives: 1) Brute force scan of the (PV) guest's L1 page tables, locating eventual mappings of the questionable MMIO pages, and converting those mappings to R/O ones. 2) Snoop BAR modifications (via xen/arch/x86/traps.c: guest_io_write(), taking note of which BAR(s) are relevant at the point where the device gets first detected/reported), perhaps along with snoops of the PCI_COMMAND_MEMORY bit. Jan _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |