Re: [Xen-devel] Xen security advisory CVE-2011-1898 - VT-d (PCI

To:	Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>, Ian Campbell <Ian.Campbell@xxxxxxxxxxxxx>
Subject:	Re: [Xen-devel] Xen security advisory CVE-2011-1898 - VT-d (PCI passthrough) MSI
From:	Keir Fraser <keir@xxxxxxx>
Date:	Tue, 24 May 2011 16:57:27 +0100
Cc:	Tim Deegan <Tim.Deegan@xxxxxxxxxxxxx>, "Cihula, Joseph" <joseph.cihula@xxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxx>
Delivery-date:	Tue, 24 May 2011 09:12:08 -0700
Dkim-signature:	v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:sender:user-agent:date:subject:from:to:cc :message-id:thread-topic:thread-index:in-reply-to:mime-version :content-type:content-transfer-encoding; bh=UFQylJtnD/h9exGNViXRNZcM5Ie427FqnCBzesCRgSA=; b=kXG6FgNPuZ4WSTHkbRArLg3zKnmVZJ4uTJKYevYm711RqlbgncQ6q8+IRUg0ntpNhk B11STHQtgHsRvU0Six0DKRqDGJnnaYRLZMiFNkbQwIgdCLun7iTUoeaWD03oXvAQyjmT MRow4Mp/FWy9mCyECTYhluMbVmUZMxb9ET++8=
Domainkey-signature:	a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=sender:user-agent:date:subject:from:to:cc:message-id:thread-topic :thread-index:in-reply-to:mime-version:content-type :content-transfer-encoding; b=PrpZs34YQGzgV1gX9zjzbl9zMXVXYc1zpiiENCxZEOFRjDj9P/hs02nCsqNeXlseca kad6zjUWYP2mwVAbqsLsnoiL0N9nhAhjQdbGq0zPWHdjIrxGY73w0FVG0GhhcToijBSZ KfN3uGzsZ6eHLgqm9/uJfYu7HhGkJvxn7sN3s=
Envelope-to:	www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to:	<19931.52091.713851.292632@xxxxxxxxxxxxxxxxxxxxxxxx>
List-help:	<mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id:	Xen developer discussion <xen-devel.lists.xensource.com>
List-post:	<mailto:xen-devel@lists.xensource.com>
List-subscribe:	<http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe:	<http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender:	xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index:	AcwaK0dbB1td/JIyDE+h2p2VVYx4Zg==
Thread-topic:	[Xen-devel] Xen security advisory CVE-2011-1898 - VT-d (PCI passthrough) MSI
User-agent:	Microsoft-Entourage/12.29.0.110113

On 24/05/2011 16:15, "Ian Jackson" <Ian.Jackson@xxxxxxxxxxxxx> wrote:

> Ian Campbell writes ("Re: [Xen-devel] Xen security advisory CVE-2011-1898 -
> VT-d (PCI passthrough) MSI"):
>> IOMMU: Fail if intremap is not available and iommu=required/force.
>> 
>> Rather than sprinkling panic()s throughout the setup code hoist the check up
>> into common code.
>> 
>> Signed-off-by: Ian Campbell <ian.campbell@xxxxxxxxxx>
> 
> Acked-by: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>
> 
> Keir, do you think we should apply this then ?

<sigh> take your pick really. Majority opinion is on the side of this
revised patch, however Intel are the primary maintainers of this code and
they clearly do not like it. If I have a casting vote here, I would be
inclined to plump in favour of the revised patch -- we already have iommu=on
as a best-effort option, and I believe iommu=force could be stronger than it
is. However Joseph's claim that the non-DoS vulns may all now be handled is
not as unconvincing as some seem to believe (and I was in that camp for a
while) -- I can't really see how the attack vector can be successfully
exploited now my mitigation patch is in the tree. So I'm not strongly
inclined one way or the other really.

 -- Keir

> Ian.
> 
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-devel

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

WARNING - OLD ARCHIVES

xen-devel

Re: [Xen-devel] Xen security advisory CVE-2011-1898 - VT-d (PCI passthro