[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [v8][PATCH 16/17] xen/vtd: group assigned device with RMRR
On Mon, Dec 01, 2014 at 05:24:34PM +0800, Tiejun Chen wrote: > Sometimes different devices may share RMRR range so in this s/Sometimes// s/range/ranges/ > case we shouldn't assign these devices into different VMs > since they may have potential leakage even damage between VMs. s/potential leak../corrupt each other/? I am actually not sure what they would leak? Security data? > > So we need to group all devices as RMRR range to make sure they s/So// s/range/ranges/ > are just assigned into the same VM. > > Here we introduce two field, gid and domid, in struct, > acpi_rmrr_unit: > gid: indicate which group this device owns. "0" is invalid so > just start from "1". > domid: indicate which domain this device owns currently. Firstly > the hardware domain should own it. > > Signed-off-by: Tiejun Chen <tiejun.chen@xxxxxxxxx> > --- > xen/drivers/passthrough/vtd/dmar.c | 28 ++++++++++++++- > xen/drivers/passthrough/vtd/dmar.h | 2 ++ > xen/drivers/passthrough/vtd/iommu.c | 68 > +++++++++++++++++++++++++++++++++---- > 3 files changed, 91 insertions(+), 7 deletions(-) > > diff --git a/xen/drivers/passthrough/vtd/dmar.c > b/xen/drivers/passthrough/vtd/dmar.c > index c5bc8d6..8d3406f 100644 > --- a/xen/drivers/passthrough/vtd/dmar.c > +++ b/xen/drivers/passthrough/vtd/dmar.c > @@ -572,10 +572,11 @@ acpi_parse_one_rmrr(struct acpi_dmar_header *header) > { > struct acpi_dmar_reserved_memory *rmrr = > container_of(header, struct acpi_dmar_reserved_memory, header); > - struct acpi_rmrr_unit *rmrru; > + struct acpi_rmrr_unit *rmrru, *cur_rmrr; > void *dev_scope_start, *dev_scope_end; > u64 base_addr = rmrr->base_address, end_addr = rmrr->end_address; > int ret; > + static unsigned int group_id = 0; > > if ( (ret = acpi_dmar_check_length(header, sizeof(*rmrr))) != 0 ) > return ret; > @@ -611,6 +612,8 @@ acpi_parse_one_rmrr(struct acpi_dmar_header *header) > rmrru->base_address = base_addr; > rmrru->end_address = end_addr; > rmrru->segment = rmrr->segment; > + /* "0" is an invalid group id. */ > + rmrru->gid = 0; > > dev_scope_start = (void *)(rmrr + 1); > dev_scope_end = ((void *)rmrr) + header->length; > @@ -682,7 +685,30 @@ acpi_parse_one_rmrr(struct acpi_dmar_header *header) > "So please set pci_rdmforce to reserve these ranges" > " if you need such a device in hotplug case.\n"); > > + list_for_each_entry(cur_rmrr, &acpi_rmrr_units, list) > + { > + /* > + * Any same or overlap range mean they should be > + * at same group. Same or overlap ranges must be in the same group. > + */ > + if ( ((base_addr >= cur_rmrr->base_address) && > + (end_addr <= cur_rmrr->end_address)) || > + ((base_addr <= cur_rmrr->base_address) && > + (end_addr >= cur_rmrr->end_address)) ) > + { > + rmrru->gid = cur_rmrr->gid; > + continue; > + } > + } > + > acpi_register_rmrr_unit(rmrru); > + > + /* Allocate group id from gid:1. */ > + if ( !rmrru->gid ) > + { > + group_id++; > + rmrru->gid = group_id; > + } > } > } > > diff --git a/xen/drivers/passthrough/vtd/dmar.h > b/xen/drivers/passthrough/vtd/dmar.h > index af1feef..a57c0d4 100644 > --- a/xen/drivers/passthrough/vtd/dmar.h > +++ b/xen/drivers/passthrough/vtd/dmar.h > @@ -76,6 +76,8 @@ struct acpi_rmrr_unit { > u64 end_address; > u16 segment; > u8 allow_all:1; > + int gid; unsigned int? > + domid_t domid; > }; > > struct acpi_atsr_unit { > diff --git a/xen/drivers/passthrough/vtd/iommu.c > b/xen/drivers/passthrough/vtd/iommu.c > index a54c6eb..ba40209 100644 > --- a/xen/drivers/passthrough/vtd/iommu.c > +++ b/xen/drivers/passthrough/vtd/iommu.c > @@ -1882,9 +1882,9 @@ static int rmrr_identity_mapping(struct domain *d, > bool_t map, > > static int intel_iommu_add_device(u8 devfn, struct pci_dev *pdev) > { > - struct acpi_rmrr_unit *rmrr; > - u16 bdf; > - int ret, i; > + struct acpi_rmrr_unit *rmrr, *g_rmrr; > + u16 bdf, g_bdf; > + int ret, i, j; > > ASSERT(spin_is_locked(&pcidevs_lock)); > > @@ -1905,6 +1905,32 @@ static int intel_iommu_add_device(u8 devfn, struct > pci_dev *pdev) > PCI_BUS(bdf) == pdev->bus && > PCI_DEVFN2(bdf) == devfn ) > { > + if ( rmrr->domid == hardware_domain->domain_id ) > + { > + for_each_rmrr_device ( g_rmrr, g_bdf, j ) > + { > + if ( g_rmrr->gid == rmrr->gid ) > + { > + if ( g_rmrr->domid == hardware_domain->domain_id ) > + g_rmrr->domid = pdev->domain->domain_id; > + else if ( g_rmrr->domid != pdev->domain->domain_id ) > + { > + rmrr->domid = g_rmrr->domid; > + continue; > + } > + } > + } > + } > + > + if ( rmrr->domid != pdev->domain->domain_id ) > + { > + domain_context_unmap(pdev->domain, devfn, pdev); > + dprintk(XENLOG_ERR VTDPREFIX, "d%d: this is a group device > owned by d%d\n", > + pdev->domain->domain_id, rmrr->domid); > + rmrr->domid = 0; > + return -EINVAL; > + } > + > ret = rmrr_identity_mapping(pdev->domain, 1, rmrr); > if ( ret ) > dprintk(XENLOG_ERR VTDPREFIX, "d%d: RMRR mapping failed\n", > @@ -1946,6 +1972,8 @@ static int intel_iommu_remove_device(u8 devfn, struct > pci_dev *pdev) > PCI_DEVFN2(bdf) != devfn ) > continue; > > + /* Just release to hardware domain. */ > + rmrr->domid = hardware_domain->domain_id; > rmrr_identity_mapping(pdev->domain, 0, rmrr); > } > > @@ -2104,6 +2132,8 @@ static void __hwdom_init setup_hwdom_rmrr(struct domain > *d) > spin_lock(&pcidevs_lock); > for_each_rmrr_device ( rmrr, bdf, i ) > { > + /* hwdom should own all devices at first. */ > + rmrr->domid = d->domain_id; > ret = rmrr_identity_mapping(d, 1, rmrr); > if ( ret ) > dprintk(XENLOG_ERR VTDPREFIX, > @@ -2273,9 +2303,9 @@ static int reassign_device_ownership( > static int intel_iommu_assign_device( > struct domain *d, u8 devfn, struct pci_dev *pdev) > { > - struct acpi_rmrr_unit *rmrr; > - int ret = 0, i; > - u16 bdf, seg; > + struct acpi_rmrr_unit *rmrr, *g_rmrr; > + int ret = 0, i, j; > + u16 bdf, seg, g_bdf; > u8 bus; > > if ( list_empty(&acpi_drhd_units) ) > @@ -2300,6 +2330,32 @@ static int intel_iommu_assign_device( > PCI_BUS(bdf) == bus && > PCI_DEVFN2(bdf) == devfn ) > { > + if ( rmrr->domid == hardware_domain->domain_id ) > + { > + for_each_rmrr_device ( g_rmrr, g_bdf, j ) > + { > + if ( g_rmrr->gid == rmrr->gid ) > + { > + if ( g_rmrr->domid == hardware_domain->domain_id ) > + g_rmrr->domid = pdev->domain->domain_id; > + else if ( g_rmrr->domid != pdev->domain->domain_id ) > + { > + rmrr->domid = g_rmrr->domid; > + continue; > + } > + } > + } > + } > + > + if ( rmrr->domid != pdev->domain->domain_id ) > + { > + domain_context_unmap(pdev->domain, devfn, pdev); > + dprintk(XENLOG_ERR VTDPREFIX, "d%d: this is a group device > owned by d%d\n", > + pdev->domain->domain_id, rmrr->domid); > + rmrr->domid = 0; > + return -EINVAL; > + } > + Please make this a function. > ret = rmrr_identity_mapping(d, 1, rmrr); > if ( ret ) > { > -- > 1.9.1 > _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |