WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

Re: [Xen-devel] pciback: question about the permissive flag

To: Ian Pratt <Ian.Pratt@xxxxxxxxxxxxx>
Subject: Re: [Xen-devel] pciback: question about the permissive flag
From: Joanna Rutkowska <joanna@xxxxxxxxxxxxxxxxxxxxxx>
Date: Wed, 07 Jul 2010 23:41:12 +0200
Cc: "xen-devel@xxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxx>, Keir Fraser <Keir.Fraser@xxxxxxxxxxxxx>
Delivery-date: Wed, 07 Jul 2010 14:41:55 -0700
Dkim-signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=messagingengine.com; h=message-id:date:from:mime-version:to:cc:subject:references:in-reply-to:content-type; s=smtpout; bh=mnGnvOBSn0EdxvxQ8XO4/+gcxVM=; b=G/dKsc16h7XK/H9QQAWr3I9SKW5+JIMVHa8N/P/OGZMaqjRYDpsfaYGB6w7Uz2XwHrqNVtbx+grD1lJGILkmjlD9nOA08bmv05NCchPKmzwHB/c1krZyiHDK/FdFzIzucYKGjF+MKeMLPAfbbVioj1pgf7feIirbtIz+7QUVI8o=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <4FA716B1526C7C4DB0375C6DADBC4EA37ACFC7A473@xxxxxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <4C33A217.3050006@xxxxxxxxxxxxxxxxxxxxxx> <C859DDFC.1996A%keir.fraser@xxxxxxxxxxxxx> <4FA716B1526C7C4DB0375C6DADBC4EA37ACFC7A459@xxxxxxxxxxxxxxxxxxxxxxxxx> <4C3489B8.7050800@xxxxxxxxxxxxxxxxxxxxxx> <4FA716B1526C7C4DB0375C6DADBC4EA37ACFC7A473@xxxxxxxxxxxxxxxxxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.10) Gecko/20100621 Fedora/3.0.5-1.fc13 Lightning/1.0b2pre Thunderbird/3.0.5
On 07/07/10 17:44, Ian Pratt wrote:
>> So, you're saying that, if we have a device that allows us to set
>> some of its PCI config register (some BAR) to tell where to
>> MMIO-map some of the device's additional config range, and if we
>> "asked it" to map it over, say, some physical addresses belonging
>> to the hypervisor, then the MCH would allow for that? And the CPU
>> would happily redirect access to those addresses over to the device
>> memory? Why would it? That would clearly be a CPU/chipset bug, as
>> we normally would have to mark this memory range as MMIOed in the
>> first place...
> 
> Mapping it over memory might be prevented by the MCH (would you want
> to rely on that?),

Well, we need to rely on the CPU and MCH anyway, so why not? :)

> but mapping it over another device is likely going
> to create system instability if not a vulnerability.
>
>> And even if we wanted to instruct the device to map its memory over
>> some already MMIOed memory in a hypervisor, shouldn't VT-d prevent
>> the read/write transactions going to this device?
> 
> VT-d only deals with DMAs coming from the device, not CPU MMIOs.
> 

So, we would have two devices on the PCIe bus that would be willing to
respond for a single PCI read request (for some address that both of the
devices map some of their memory). I guess which device would actually
answer would be implementation/race-condition specific.

Let assume the "bad" device answers the PCIe read request first, and
will send its data back (this is what the attacker hopes to achieve --
to feed unexpected data into the hypervisor/Dom0). Are you saying that
VT-d would not prevent this answer coming back to the CPU? Can somebody
from Intel comment on this? This is interesting.

>> As for the SMI generation: that stinks indeed. But, does it offer
>> any control over the generated #SMI, e.g. what we write into the
>> 0xb2 port, or something like that?
> 
> No idea. Discarding such config writes just seems like a good
> default.
> 

So far I've been aware that the southbridge can trigger #SMI in response
to certain conditions, e.g. wrong BDF address (which is apparently used
by OEMs to emulate PCI devices from within SMM, how crazy is this?!).
But what would be the reason to let IGD device to trigger #SMI?

Can Interrupt Remapping (apparently present in VT-d2) be used to prevent
a device from triggering an #SMI?

Thanks,
joanna.

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel