[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] vpci: don't allow access to devices not assigned to the domain



On 02.09.2019 16:23, Roger Pau Monné  wrote:
> So the problem I found, and that I was trying to address with this
> patch is that a PVH dom0 on AMD hardware finds the iommus by scanning
> the PCI bus, and a Linux dom0 seems to immediately turn off the MSI
> enable control bit on any devices it finds, thus leaving the iommu
> without being able to generate interrupts.
> 
> I can implement the RO stuff, but it seems weird to me. AFAICT the
> only devices owned by Xen should be the serial console, the iommu and
> the HPET maybe. How can hiding those cause anomalies in bus
> enumeration?

Both the serial device and an IOMMU may in principle be func 0 of a
multi-function device. By fully hiding such devices, you also hide
funcs 1-7 afaict. Furthermore, from a tech support pov it seems
rather desirable to have e.g. lspci output in Dom0 to be as complete
as possible.

Jan

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.