[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v2 1/4] x86/dom0: prevent access to MMCFG areas for PVH Dom0

To: "Roger Pau Monne" <roger.pau@xxxxxxxxxx>
From: "Jan Beulich" <JBeulich@xxxxxxxx>
Date: Fri, 25 Aug 2017 06:25:36 -0600
Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Kevin Tian <kevin.tian@xxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
Delivery-date: Fri, 25 Aug 2017 12:25:42 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

>>> On 25.08.17 at 14:15, <roger.pau@xxxxxxxxxx> wrote:
> On Wed, Aug 23, 2017 at 02:16:38AM -0600, Jan Beulich wrote:
>> >>> On 22.08.17 at 15:54, <roger.pau@xxxxxxxxxx> wrote:
>> > On Tue, Aug 22, 2017 at 06:26:23AM -0600, Jan Beulich wrote:
>> >> >>> On 11.08.17 at 18:43, <roger.pau@xxxxxxxxxx> wrote:
>> >> > --- a/xen/arch/x86/dom0_build.c
>> >> > +++ b/xen/arch/x86/dom0_build.c
>> >> > @@ -440,6 +440,10 @@ int __init dom0_setup_permissions(struct domain *d)
>> >> >              rc |= rangeset_add_singleton(mmio_ro_ranges, mfn);
>> >> >      }
>> >> >  
>> >> > +    /* For PVH prevent access to the MMCFG areas. */
>> >> > +    if ( dom0_pvh )
>> >> > +        rc |= pci_mmcfg_set_domain_permissions(d);
>> >> 
>> >> What about ones reported by Dom0 later on? Which then raises the
>> >> question whether ...
>> > 
>> > This should be dealt with in the PHYSDEVOP_pci_mmcfg_reserved handler.
>> > But since you propose to do white listing, I guess it doesn't matter
>> > that much anymore.
>> 
>> Well, a fundamental question is whether white listing would work in
>> the first place. I could see room for severe problems e.g. with ACPI
>> methods wanting to access MMIO that's not described by any PCI
>> devices' BARs. Typically that would be regions in the chipset which
>> firmware is responsible for configuring/managing, the addresses of
>> which can be found/set in custom config space registers.
> 
> The question would also be what would Xen allow in such white-listing.
> Obviously you can get to map the same using both white-list and
> black-listing (see below).

Not really - what you've said there regarding MMCFG regions is
a clear indication that we should _not_ map reserved regions, i.e.
it would need to be full white listing with perhaps just the PCI
device BARs being handled automatically.

Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH v2 1/4] x86/dom0: prevent access to MMCFG areas for PVH Dom0
  - From: Roger Pau Monne

References:
- [Xen-devel] [PATCH v2 0/4] x86/pvh: implement iommu_inclusive_mapping for PVH Dom0
  - From: Roger Pau Monne
- [Xen-devel] [PATCH v2 1/4] x86/dom0: prevent access to MMCFG areas for PVH Dom0
  - From: Roger Pau Monne
- Re: [Xen-devel] [PATCH v2 1/4] x86/dom0: prevent access to MMCFG areas for PVH Dom0
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH v2 1/4] x86/dom0: prevent access to MMCFG areas for PVH Dom0
  - From: Roger Pau Monne
- Re: [Xen-devel] [PATCH v2 1/4] x86/dom0: prevent access to MMCFG areas for PVH Dom0
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH v2 1/4] x86/dom0: prevent access to MMCFG areas for PVH Dom0
  - From: Roger Pau Monne

Prev by Date: [Xen-devel] [xen-4.9-testing test] 112862: regressions - trouble: blocked/broken/fail/pass
Next by Date: Re: [Xen-devel] [PATCH] common/gnttab: Introduce command line feature controls
Previous by thread: Re: [Xen-devel] [PATCH v2 1/4] x86/dom0: prevent access to MMCFG areas for PVH Dom0
Next by thread: Re: [Xen-devel] [PATCH v2 1/4] x86/dom0: prevent access to MMCFG areas for PVH Dom0
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.