This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


Re: [Xen-devel] [PATCH][VTD] enabling PCI ACS P2P upstream forwarding

To: "Kay, Allen M" <allen.m.kay@xxxxxxxxx>
Subject: Re: [Xen-devel] [PATCH][VTD] enabling PCI ACS P2P upstream forwarding
From: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>
Date: Wed, 18 Nov 2009 09:53:36 -0500
Cc: "'xen-devel@xxxxxxxxxxxxxxxxxxx'" <xen-devel@xxxxxxxxxxxxxxxxxxx>, Jan Beulich <JBeulich@xxxxxxxxxx>, "Dugger, Donald D" <donald.d.dugger@xxxxxxxxx>, "'keir.fraser@xxxxxxxxxxxxx'" <keir.fraser@xxxxxxxxxxxxx>
Delivery-date: Wed, 18 Nov 2009 06:55:24 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <57C9024A16AD2D4C97DC78E552063EA3E3876DEA@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <57C9024A16AD2D4C97DC78E552063EA3E3876DEA@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mutt/1.5.19 (2009-01-05)
On Tue, Nov 17, 2009 at 01:49:09PM -0800, Kay, Allen M wrote:
> This patch enables P2P upstream forwarding in ACS capable PCIe switches.  The 
> enabling is conditioned on iommu_enabled variable.  This code solves two 
> potential problems in virtualization environment where a PCIe device is 
> assigned to a guest domain using a HW iommu such as VT-d:
> 1) Unintentional failure caused by guest physical address programmed into the 
> device's DMA that happens to match the memory address range of other 
> downstream ports in the same PCIe switch.  This causes the PCI transaction to 
> go to the matching downstream port instead of go to the root complex to get 
> translated by VT-d as it should be.
> 2) Malicious guest software intentionally attacks another downstream PCIe 
> device by programming the DMA address into the assigned device that matches 
> memory address range of the downstream PCIe port.
> Corresponding ACS filtering code is already in upstream control panel code 
> that do not allow PCI device passthrough to guests if it is behind a PCIe 
> switch that does not have ACS capability or with ACS capability but is not 
> enabled. 

Based on your description it sounds like the function should be called: 
Should there be a corresponding function to disable the P2P upstream forwarding?

Xen-devel mailing list

<Prev in Thread] Current Thread [Next in Thread>