[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH] xen/pciback: Don't disable PCI_COMMAND on PCI device reset.

From: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>

This was submitted in 2015 here


and has been included in Fedora builds ever since.  No issues have been
reported with the patch.



There is no need for this at all. Worst it means that if
the guest tries to write to BARs it could lead (on certain
platforms) to PCI SERR errors.

Please note that with af6fc858a35b90e89ea7a7ee58e66628c55c776b
"xen-pciback: limit guest control of command register"
a guest is still allowed to enable those control bits (safely), but
is not allowed to disable them and that therefore a well behaved
frontend which enables things before using them will still
function correctly.

This is done via an write to the configuration register 0x4 which
triggers on the backend side:
  \- pci_enable_device
     \- pci_enable_device_flags
        \- do_pci_enable_device
           \- pcibios_enable_device
                [which enables the PCI_COMMAND_MEMORY|PCI_COMMAND_IO]

However guests (and drivers) which don't do this could cause
problems, including the security issues which XSA-120 sought
to address.

Reported-by: Jan Beulich <jbeulich@xxxxxxxx>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>
Reviewed-by: Prarit Bhargava <prarit@xxxxxxxxxx>
Cc: Juergen Gross <jgross@xxxxxxxx>
 drivers/xen/xen-pciback/pciback_ops.c | 2 --
 1 file changed, 2 deletions(-)

diff --git a/drivers/xen/xen-pciback/pciback_ops.c 
index ea4a08b83fa0..787966f44589 100644
--- a/drivers/xen/xen-pciback/pciback_ops.c
+++ b/drivers/xen/xen-pciback/pciback_ops.c
@@ -127,8 +127,6 @@ void xen_pcibk_reset_device(struct pci_dev *dev)
                if (pci_is_enabled(dev))
-               pci_write_config_word(dev, PCI_COMMAND, 0);
                dev->is_busmaster = 0;
        } else {
                pci_read_config_word(dev, PCI_COMMAND, &cmd);

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.