xen-devel
[Xen-devel] [PATCH][VTD] enabling PCI ACS P2P upstream forwarding
This patch enables P2P upstream forwarding in ACS capable PCIe switches. The
enabling is conditioned on iommu_enabled variable. This code solves two
potential problems in virtualization environment where a PCIe device is
assigned to a guest domain using a HW iommu such as VT-d:
1) Unintentional failure caused by guest physical address programmed into the
device's DMA that happens to match the memory address range of other downstream
ports in the same PCIe switch. This causes the PCI transaction to go to the
matching downstream port instead of go to the root complex to get translated by
VT-d as it should be.
2) Malicious guest software intentionally attacks another downstream PCIe
device by programming the DMA address into the assigned device that matches
memory address range of the downstream PCIe port.
Corresponding ACS filtering code is already in upstream control panel code that
do not allow PCI device passthrough to guests if it is behind a PCIe switch
that does not have ACS capability or with ACS capability but is not enabled.
Signed-off-by: Allen Kay allen.m.kay@xxxxxxxxx
acs_xen1117.patch
Description: acs_xen1117.patch
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
|
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- [Xen-devel] [PATCH][VTD] enabling PCI ACS P2P upstream forwarding,
Kay, Allen M <=
|
|
|