[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [PATCH v5] IOMMU: make DMA containment of quarantined devices optional
On 26/05/2021 09:19, Jan Beulich wrote: IOMMU: make DMA containment of quarantined devices optional Containing still in flight DMA was introduced to work around certain devices / systems hanging hard upon hitting a "not-present" IOMMU fault. Passing through (such) devices (on such systems) is inherently insecure (as guests could easily arrange for IOMMU faults of any kind to occur). Defaulting to a mode where admins may not even become aware of issues with devices can be considered undesirable. Therefore convert this mode of operation to an optional one, not one enabled by default. This involves resurrecting code commit ea38867831da ("x86 / iommu: set up a scratch page in the quarantine domain") did remove, in a slightly extended and abstracted fashion. Here, instead of reintroducing a pretty pointless use of "goto" in domain_context_unmap(), and instead of making the function (at least temporarily) inconsistent, take the opportunity and replace the other similarly pointless "goto" as well. In order to key the re-instated bypasses off of there (not) being a root page table this further requires moving the allocate_domain_resources() invocation from reassign_device() to amd_iommu_setup_domain_device() (or else reassign_device() would allocate a root page table anyway); this is benign to the second caller of the latter function. In VT-d's domain_context_unmap(), instead of adding yet another "goto out" when all that's wanted is a "return", eliminate the "out" label at the same time. Take the opportunity and also limit the control to builds supporting PCI. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Reviewed-by: Paul Durrant <paul@xxxxxxx>
|
![]() |
Lists.xenproject.org is hosted with RackSpace, monitoring our |