From mboxrd@z Thu Jan  1 00:00:00 1970
From: Wei Liu <wei.liu2@citrix.com>
Subject: Re: [PATCH] xen/vtd/iommu: permit group devices to
 passthrough in relaxed mode
Date: Tue, 8 Sep 2015 10:44:45 +0100
Message-ID: <20150908094445.GD11097@zion.uk.xensource.com>
References: <1441673834-22891-1-git-send-email-tiejun.chen@intel.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
Content-Disposition: inline
In-Reply-To: <1441673834-22891-1-git-send-email-tiejun.chen@intel.com>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: Tiejun Chen <tiejun.chen@intel.com>
Cc: Yang Zhang <yang.z.zhang@intel.com>, Kevin Tian <kevin.tian@intel.com>, wei.liu2@citrix.com, Jan Beulich <JBeulich@suse.com>, xen-devel@lists.xen.org
List-Id: xen-devel@lists.xenproject.org

On Tue, Sep 08, 2015 at 08:57:14AM +0800, Tiejun Chen wrote:
> Currently we don't allow passing through any group devices which are
> sharing same RMRR entry since it would break security among VMs. And
> indeed, we expect we can figure out a better way to handle this kind
> of case completely.
> 
> But before the group assignment gets implemented, we might make this
> permission dependent on our RMRR policy. So, now it would be allowed
> in the relaxed mode.
> 

Is this targeting 4.6? I think so.

> CC: Yang Zhang <yang.z.zhang@intel.com>
> CC: Kevin Tian <kevin.tian@intel.com>
> CC: Jan Beulich <JBeulich@suse.com>
> Signed-off-by: Tiejun Chen <tiejun.chen@intel.com>
> ---
>  xen/drivers/passthrough/vtd/iommu.c | 8 ++++++--
>  1 file changed, 6 insertions(+), 2 deletions(-)
> 
> diff --git a/xen/drivers/passthrough/vtd/iommu.c b/xen/drivers/passthrough/vtd/iommu.c
> index 836aed5..4249cfa 100644
> --- a/xen/drivers/passthrough/vtd/iommu.c
> +++ b/xen/drivers/passthrough/vtd/iommu.c
> @@ -2310,12 +2310,16 @@ static int intel_iommu_assign_device(


FWIW the comment before this hunk also needs to be updated.

>               PCI_DEVFN2(bdf) == devfn &&
>               rmrr->scope.devices_cnt > 1 )
>          {
> +            u32 relaxed = flag & XEN_DOMCTL_DEV_RDM_RELAXED;
> +
>              printk(XENLOG_G_ERR VTDPREFIX
> -                   " cannot assign %04x:%02x:%02x.%u"
> +                   " Currently its %s to assign %04x:%02x:%02x.%u"

"it's" or "it is"

>                     " with shared RMRR at %"PRIx64" for Dom%d.\n",
> +                   relaxed ? "risky" : "disallowed",
>                     seg, bus, PCI_SLOT(devfn), PCI_FUNC(devfn),
>                     rmrr->base_address, d->domain_id);
> -            return -EPERM;
> +            if ( !relaxed )
> +                return -EPERM;
>          }
>      }
>  
> -- 
> 1.9.1
> 
> 
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xen.org
> http://lists.xen.org/xen-devel