|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH 15/16] xen/vtd: prevent from assign the device with shared rmrr
>>> On 03.09.15 at 21:39, <tamas.k.lengyel@xxxxxxxxx> wrote:
> So this change in 4.6 prevents me from passing through devices that have
> worked previously with VT-d:
>
> (XEN) [VT-D] cannot assign 0000:00:1a.0 with shared RMRR at ae8a9000 for
> Dom30.
> (XEN) [VT-D] cannot assign 0000:00:1d.0 with shared RMRR at ae8a9000 for
> Dom31.
>
> The devices are the USB 2.0 devices on a DQ67SW motherboard:
>
> 00:1a.0 USB controller: Intel Corporation 6 Series/C200 Series Chipset
> Family USB Enhanced Host Controller #2 (rev 04)
> 00:1d.0 USB controller: Intel Corporation 6 Series/C200 Series Chipset
> Family USB Enhanced Host Controller #1 (rev 04)
Please don't top post. And I'm also puzzled by you sending this to
Ian rather than the author.
Technically - Tiejun, should this perhaps be permitted in relaxed
mode, at least until group assignment gets implemented? (Or
Tamas, do you actually mean to assign these to _different_
guests, considering the log fragment above?)
Jan
> On Wed, Jul 22, 2015 at 9:44 AM, Ian Jackson <ian.jackson@xxxxxxxxxxxxx>
> wrote:
>
>> From: Tiejun Chen <tiejun.chen@xxxxxxxxx>
>>
>> Currently we're intending to cover this kind of devices
>> with shared RMRR simply since the case of shared RMRR is
>> a rare case according to our previous experiences. But
>> late we can group these devices which shared rmrr, and
>> then allow all devices within a group to be assigned to
>> same domain.
>>
>> CC: Yang Zhang <yang.z.zhang@xxxxxxxxx>
>> CC: Kevin Tian <kevin.tian@xxxxxxxxx>
>> Signed-off-by: Tiejun Chen <tiejun.chen@xxxxxxxxx>
>> Acked-by: Kevin Tian <kevin.tian@xxxxxxxxx>
>> ---
>> xen/drivers/passthrough/vtd/iommu.c | 30 +++++++++++++++++++++++++++---
>> 1 file changed, 27 insertions(+), 3 deletions(-)
>>
>> diff --git a/xen/drivers/passthrough/vtd/iommu.c
>> b/xen/drivers/passthrough/vtd/iommu.c
>> index 8a8d763..ce5c295 100644
>> --- a/xen/drivers/passthrough/vtd/iommu.c
>> +++ b/xen/drivers/passthrough/vtd/iommu.c
>> @@ -2293,13 +2293,37 @@ static int intel_iommu_assign_device(
>> if ( list_empty(&acpi_drhd_units) )
>> return -ENODEV;
>>
>> + seg = pdev->seg;
>> + bus = pdev->bus;
>> + /*
>> + * In rare cases one given rmrr is shared by multiple devices but
>> + * obviously this would put the security of a system at risk. So
>> + * we should prevent from this sort of device assignment.
>> + *
>> + * TODO: in the future we can introduce group device assignment
>> + * interface to make sure devices sharing RMRR are assigned to the
>> + * same domain together.
>> + */
>> + for_each_rmrr_device( rmrr, bdf, i )
>> + {
>> + if ( rmrr->segment == seg &&
>> + PCI_BUS(bdf) == bus &&
>> + PCI_DEVFN2(bdf) == devfn &&
>> + rmrr->scope.devices_cnt > 1 )
>> + {
>> + printk(XENLOG_G_ERR VTDPREFIX
>> + " cannot assign %04x:%02x:%02x.%u"
>> + " with shared RMRR at %"PRIx64" for Dom%d.\n",
>> + seg, bus, PCI_SLOT(devfn), PCI_FUNC(devfn),
>> + rmrr->base_address, d->domain_id);
>> + return -EPERM;
>> + }
>> + }
>> +
>> ret = reassign_device_ownership(hardware_domain, d, devfn, pdev);
>> if ( ret )
>> return ret;
>>
>> - seg = pdev->seg;
>> - bus = pdev->bus;
>> -
>> /* Setup rmrr identity mapping */
>> for_each_rmrr_device( rmrr, bdf, i )
>> {
>> --
>> 1.7.10.4
>>
>>
>> _______________________________________________
>> Xen-devel mailing list
>> Xen-devel@xxxxxxxxxxxxx
>> http://lists.xen.org/xen-devel
>>
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |