|
|
|
|
|
|
|
|
|
|
xen-devel
Re: [Xen-devel] [PATCH][VTD] enabling PCI ACS P2P upstream forwarding
On Tue, Nov 17, 2009 at 01:49:09PM -0800, Kay, Allen M wrote:
> This patch enables P2P upstream forwarding in ACS capable PCIe switches. The
> enabling is conditioned on iommu_enabled variable. This code solves two
> potential problems in virtualization environment where a PCIe device is
> assigned to a guest domain using a HW iommu such as VT-d:
>
> 1) Unintentional failure caused by guest physical address programmed into the
> device's DMA that happens to match the memory address range of other
> downstream ports in the same PCIe switch. This causes the PCI transaction to
> go to the matching downstream port instead of go to the root complex to get
> translated by VT-d as it should be.
>
> 2) Malicious guest software intentionally attacks another downstream PCIe
> device by programming the DMA address into the assigned device that matches
> memory address range of the downstream PCIe port.
>
> Corresponding ACS filtering code is already in upstream control panel code
> that do not allow PCI device passthrough to guests if it is behind a PCIe
> switch that does not have ACS capability or with ACS capability but is not
> enabled.
Based on your description it sounds like the function should be called:
pci_reset_acs.
Should there be a corresponding function to disable the P2P upstream forwarding?
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
|
|
|
|
|