From nobody Thu May 2 16:08:25 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org ARC-Seal: i=1; a=rsa-sha256; t=1567423930; cv=none; d=zoho.com; s=zohoarc; b=bjL0oRWzYykEYt2EQ4CxtJC2DgaO0HIGjQmb5aKvaBZJHGy5+ioHlAGy4XAhvE7M/iihgJZu/GlAjnN1b7tmcuah+QdFSu4B5LHZGrTwR98Ljy4Ec7Gvxk42lcJHCHU5jFaEImCrjP7lkMlcZtbwzRVevxGQcZTCDbHcBtkpMXo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1567423930; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Sender:Subject:To:ARC-Authentication-Results; bh=bTQkR1FeFZdcBKMeNs9bU+0S0gD960lNv2RV4NApkwc=; b=D3LH9mQ7rl9Zh3ja8kUucnIlWUTvaFJXlfYOwGmTQ/dm0pu/b0Tglqdt+nfNxfaVsUMJUnSZu3S0oj+FJqqZgsc+9NOFY1Mz/NZkHHCu4a1msfvZndzxuOYGYbnR2WcIP/5HVnMSw5JpO79KrZuHLrg69RMadmtECVI6sXo1JyU= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=fail; spf=none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1567423930563600.9785083965302; Mon, 2 Sep 2019 04:32:10 -0700 (PDT) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1i4kY1-0003eO-C3; Mon, 02 Sep 2019 11:31:01 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1i4kY0-0003eJ-1s for xen-devel@lists.xenproject.org; Mon, 02 Sep 2019 11:31:00 +0000 Received: from esa2.hc3370-68.iphmx.com (unknown [216.71.145.153]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id 22790540-cd75-11e9-8980-bc764e2007e4; Mon, 02 Sep 2019 11:30:59 +0000 (UTC) X-Inumbo-ID: 22790540-cd75-11e9-8980-bc764e2007e4 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=citrix.com; s=securemail; t=1567423860; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=51ZoHPRQdGdNcn8Opfutro16d0vGfJT/U86v6S9oUUw=; b=grPQhwTtU/gnIZg2A+F6/4MQxZ/166L3PdxhLbUPml/+RgM6n8HCm+hV UUuiSC1H9qO9A/R94Li85C0vVmtCoQo43XvPsFgJMTe9qg3wKMObPMqAy BwiiHr5WiLI54dnG77gw9auVLLCCr44iurZLpmbrTixQ49JnM4JVNj9X0 c=; Authentication-Results: esa2.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none; spf=None smtp.pra=roger.pau@citrix.com; spf=Pass smtp.mailfrom=roger.pau@citrix.com; spf=None smtp.helo=postmaster@mail.citrix.com Received-SPF: none (zoho.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Received-SPF: None (esa2.hc3370-68.iphmx.com: no sender authenticity information available from domain of roger.pau@citrix.com) identity=pra; client-ip=162.221.158.21; receiver=esa2.hc3370-68.iphmx.com; envelope-from="roger.pau@citrix.com"; x-sender="roger.pau@citrix.com"; x-conformance=sidf_compatible Received-SPF: Pass (esa2.hc3370-68.iphmx.com: domain of roger.pau@citrix.com designates 162.221.158.21 as permitted sender) identity=mailfrom; client-ip=162.221.158.21; receiver=esa2.hc3370-68.iphmx.com; envelope-from="roger.pau@citrix.com"; x-sender="roger.pau@citrix.com"; x-conformance=sidf_compatible; x-record-type="v=spf1"; x-record-text="v=spf1 ip4:209.167.231.154 ip4:178.63.86.133 ip4:195.66.111.40/30 ip4:85.115.9.32/28 ip4:199.102.83.4 ip4:192.28.146.160 ip4:192.28.146.107 ip4:216.52.6.88 ip4:216.52.6.188 ip4:162.221.158.21 ip4:162.221.156.83 ~all" Received-SPF: None (esa2.hc3370-68.iphmx.com: no sender authenticity information available from domain of postmaster@mail.citrix.com) identity=helo; client-ip=162.221.158.21; receiver=esa2.hc3370-68.iphmx.com; envelope-from="roger.pau@citrix.com"; x-sender="postmaster@mail.citrix.com"; x-conformance=sidf_compatible IronPort-SDR: quvEcpl2OtjP5hNP/0Buy+YzHjBhLU+6B1wCdeiPj7RdzD21KEDynDV20dsOu4MkeqzE/ejIfm 76BomTIbdaW5emplpnm9RbXC20IRakPowchI44MIFVyran5pksmS7zOzblhSl9bzRhvmFHUdqi S72ic6TQfksuZaaPF0YhmsieK6TD3g5mGAFfXmvTd+duvfD+AzAuVbJtMkdbQ+vwX8o7tOWzkC e+VF0reRLoBbqqFXbhwA+eFhWycfGbcqzeS0QtGn5edY6i44QD64cFbMfX93EG18w7t5Y04KMV PRU= X-SBRS: 2.7 X-MesageID: 5013486 X-Ironport-Server: esa2.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.64,459,1559534400"; d="scan'208";a="5013486" From: Roger Pau Monne To: Date: Mon, 2 Sep 2019 13:30:34 +0200 Message-ID: <20190902113034.97934-1-roger.pau@citrix.com> X-Mailer: git-send-email 2.22.0 MIME-Version: 1.0 Subject: [Xen-devel] [PATCH] vpci: don't allow access to devices not assigned to the domain X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Stefano Stabellini , Wei Liu , Konrad Rzeszutek Wilk , George Dunlap , Andrew Cooper , Ian Jackson , Tim Deegan , Julien Grall , Jan Beulich , Roger Pau Monne Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) Don't allow the hardware domain to access the PCI config space of devices not assigned to it. Ie: the config space of iommu devices in use by Xen should not be accessible to the hardware domain. Note that access from the hardware domain to config space regions where Xen hasn't detected any devices is still allowed. Signed-off-by: Roger Pau Monn=C3=A9 --- xen/drivers/vpci/vpci.c | 31 +++++++++++++++++++++++++++---- 1 file changed, 27 insertions(+), 4 deletions(-) diff --git a/xen/drivers/vpci/vpci.c b/xen/drivers/vpci/vpci.c index 758d9420e7..761aa40f99 100644 --- a/xen/drivers/vpci/vpci.c +++ b/xen/drivers/vpci/vpci.c @@ -319,7 +319,21 @@ uint32_t vpci_read(pci_sbdf_t sbdf, unsigned int reg, = unsigned int size) /* Find the PCI dev matching the address. */ pdev =3D pci_get_pdev_by_domain(d, sbdf.seg, sbdf.bus, sbdf.devfn); if ( !pdev ) + { + pcidevs_lock(); + pdev =3D pci_get_pdev(sbdf.seg, sbdf.bus, sbdf.devfn); + pcidevs_unlock(); + if ( pdev ) + /* Drop reads to devices not assigned to the domain. */ + return data; + + /* + * Let the hardware domain access config space regions for non-exi= stent + * devices. + * TODO: revisit for domU support. + */ return vpci_read_hw(sbdf, reg, size); + } =20 spin_lock(&pdev->vpci->lock); =20 @@ -418,13 +432,22 @@ void vpci_write(pci_sbdf_t sbdf, unsigned int reg, un= signed int size, return; } =20 - /* - * Find the PCI dev matching the address. - * Passthrough everything that's not trapped. - */ + /* Find the PCI dev matching the address. */ pdev =3D pci_get_pdev_by_domain(d, sbdf.seg, sbdf.bus, sbdf.devfn); if ( !pdev ) { + pcidevs_lock(); + pdev =3D pci_get_pdev(sbdf.seg, sbdf.bus, sbdf.devfn); + pcidevs_unlock(); + if ( pdev ) + /* Ignore writes to devices not assigned to the domain. */ + return; + + /* + * Let the hardware domain access config space regions for non-exi= stent + * devices. + * TODO: revisit for domU support. + */ vpci_write_hw(sbdf, reg, size, data); return; } --=20 2.22.0 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel