| |
|
 |
|
 |
|
|
|
| |
|
|
xen-devel
Re: [Xen-devel] [PATCH] x86: protect MSI-X table and pending bit array f
On Mon, Sep 20, 2010 at 02:23:51PM +0100, Jan Beulich wrote:
> These structures are used by Xen, and hence guests must not be able
> to fiddle with them.
>
> qemu-dm currently plays with the MSI-X table, requiring Dom0 to
> still have write access. This is broken (explicitly allowing the guest
> write access to the mask bit) and should be fixed in qemu-dm, at which
> time Dom0 won't need any special casing anymore.
>
> The changes are made under the assumption that p2m_mmio_direct will
> only ever be used for order 0 pages.
>
> An open question is whether dealing with pv guests (including the
> IOMMU-less case) is necessary, as handling mappings a domain may
> already have in place at the time the first interrupt gets set up
> would require scanning all of the guest's L1 page table pages.
When the PCI passthrough is utilized for PV guests we utilize
the xc_domain_iomem_permission, xc_domain_ioport_permission, and
xc_physdev_map_pirq before we even start the guest.
With your patch, will the MFN regions that are specified by the
iomem_permission still be visible to the PV domain?
I think the answer is yes, and I think the MSI-X regions are
not of any importance to the PV guests as Dom0 is the one setting up
the MSI-X entries and passing on the vector value to the PV guest.
But I just want to be sure about this.
> Currently a hole still remains allowing PV guests to map these ranges
> before actually setting up any MSI-X vector for a device.
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
|
|
|
| |
|
Home