Xen project Mailing List

Re: [Xen-devel] [PATCH] xen/vtd/iommu: permit group devices to passthrough in relaxed mode

Date: Tue, 8 Sep 2015 10:44:45 +0100

Cc: Yang Zhang <yang.z.zhang@xxxxxxxxx>, Kevin Tian <kevin.tian@xxxxxxxxx>, wei.liu2@xxxxxxxxxx, Jan Beulich <JBeulich@xxxxxxxx>, xen-devel@xxxxxxxxxxxxx

Delivery-date: Tue, 08 Sep 2015 09:44:52 +0000

List-id: Xen developer discussion <xen-devel.lists.xen.org>

On Tue, Sep 08, 2015 at 08:57:14AM +0800, Tiejun Chen wrote: > Currently we don't allow passing through any group devices which are > sharing same RMRR entry since it would break security among VMs. And > indeed, we expect we can figure out a better way to handle this kind > of case completely. > > But before the group assignment gets implemented, we might make this > permission dependent on our RMRR policy. So, now it would be allowed > in the relaxed mode. > Is this targeting 4.6? I think so. > CC: Yang Zhang <yang.z.zhang@xxxxxxxxx> > CC: Kevin Tian <kevin.tian@xxxxxxxxx> > CC: Jan Beulich <JBeulich@xxxxxxxx> > Signed-off-by: Tiejun Chen <tiejun.chen@xxxxxxxxx> > --- > xen/drivers/passthrough/vtd/iommu.c | 8 ++++++-- > 1 file changed, 6 insertions(+), 2 deletions(-) > > diff --git a/xen/drivers/passthrough/vtd/iommu.c > b/xen/drivers/passthrough/vtd/iommu.c > index 836aed5..4249cfa 100644 > --- a/xen/drivers/passthrough/vtd/iommu.c > +++ b/xen/drivers/passthrough/vtd/iommu.c > @@ -2310,12 +2310,16 @@ static int intel_iommu_assign_device( FWIW the comment before this hunk also needs to be updated. > PCI_DEVFN2(bdf) == devfn && > rmrr->scope.devices_cnt > 1 ) > { > + u32 relaxed = flag & XEN_DOMCTL_DEV_RDM_RELAXED; > + > printk(XENLOG_G_ERR VTDPREFIX > - " cannot assign %04x:%02x:%02x.%u" > + " Currently its %s to assign %04x:%02x:%02x.%u" "it's" or "it is" > " with shared RMRR at %"PRIx64" for Dom%d.\n", > + relaxed ? "risky" : "disallowed", > seg, bus, PCI_SLOT(devfn), PCI_FUNC(devfn), > rmrr->base_address, d->domain_id); > - return -EPERM; > + if ( !relaxed ) > + return -EPERM; > } > } > > -- > 1.9.1 > > > _______________________________________________ > Xen-devel mailing list > Xen-devel@xxxxxxxxxxxxx > http://lists.xen.org/xen-devel _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.