|
xen-devel
Re: [Xen-devel] [PATCH] VT-d: improve RMRR validity checking
|
To: |
Alex Williamson <alex.williamson@xxxxxx> |
|
Subject: |
Re: [Xen-devel] [PATCH] VT-d: improve RMRR validity checking |
|
From: |
Weidong Han <weidong.han@xxxxxxxxx> |
|
Date: |
Wed, 10 Mar 2010 10:40:51 +0800 |
|
Cc: |
"xen-devel@xxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxx>, Noboru Iwamatsu <n_iwamatsu@xxxxxxxxxxxxxx>, "Cihula, Joseph" <joseph.cihula@xxxxxxxxx>, "Kay, Allen M" <allen.m.kay@xxxxxxxxx>, "linux@xxxxxxxxxxxxxx" <linux@xxxxxxxxxxxxxx>, "keir.fraser@xxxxxxxxxxxxx" <keir.fraser@xxxxxxxxxxxxx> |
|
Delivery-date: |
Tue, 09 Mar 2010 18:41:33 -0800 |
|
Envelope-to: |
www-data@xxxxxxxxxxxxxxxxxxx |
|
In-reply-to: |
<7162ab21003091339i4adb8669safd5e074607386a2@xxxxxxxxxxxxxx> |
|
List-help: |
<mailto:xen-devel-request@lists.xensource.com?subject=help> |
|
List-id: |
Xen developer discussion <xen-devel.lists.xensource.com> |
|
List-post: |
<mailto:xen-devel@lists.xensource.com> |
|
List-subscribe: |
<http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe> |
|
List-unsubscribe: |
<http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe> |
|
References: |
<C77E162B.6FE6%keir.fraser@xxxxxxxxxxxxx> <4B59098B.6000108@xxxxxxxxx> <4B590FA4.4000008@xxxxxxxxxxxxxx> <4B59132B.40607@xxxxxxxxx> <4B59188C.50901@xxxxxxxxxxxxxx> <4B59660F.4000909@xxxxxxxxx> <7162ab21003091339i4adb8669safd5e074607386a2@xxxxxxxxxxxxxx> |
|
Sender: |
xen-devel-bounces@xxxxxxxxxxxxxxxxxxx |
|
User-agent: |
Thunderbird 2.0.0.21 (Windows/20090302) |
Alex Williamson wrote:
On Fri, Jan 22, 2010 at 1:47 AM, Weidong Han <weidong.han@xxxxxxxxx> wrote:
I implemented a patch and attached.
patch description:
In order to make Xen more defensive to VT-d related BIOS issue, this patch
ignores a DRHD if all devices under its scope are not pci discoverable, and
regards a DRHD as invalid and then disable whole VT-d if some devices under
its scope are not pci discoverable. But if iommu=force is set, it will
enable all DRHDs reported by BIOS, to avoid any security vulnerability with
malicious s/s re-enabling "supposed disabled" devices. Pls note that we
don't know the devices under the "Include_all" DRHD are existent or not,
because the scope of "Include_all" DRHD won't enumerate common pci device,
it only enumerates I/OxAPIC and HPET devices.
Hi All,
I have a system with what I consider to be a valid DRHD that's getting
tripped up on this patch. The problem is that the DRHD includes an
IOAPIC scope, where the IOAPIC is not materialized on the PCI bus. I
think Xen is being overzealous in it's validity checking and that this
is a valid configuration. What do others think? Are IOAPICs a
special case that we can allow to be non-existent on the PCI bus?
Yes, IOAPIC can be not pci-discoverable. IOAPICs are only reported in
the "Include_all" DRHD, and our patch won't check if the device is
pci-discoverable or not for the "Include_all" DRHD. So I think the patch
is no problem unless IOAPIC is not included in the "Include_all" DRHD.
Can you post your boot logs?
Regards,
Weidong
Thanks,
Alex
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
|
|
|
Home