From mboxrd@z Thu Jan 1 00:00:00 1970 From: Noboru Iwamatsu Subject: Re: [PATCH] VT-d: improve RMRR validity checking Date: Thu, 21 Jan 2010 19:08:09 +0900 Message-ID: <4B582789.8070907@jp.fujitsu.com> References: <60E426D47DE8EA47AA104E65008A100D14458756F3@shzsmsx501.ccr.corp.intel.com> <4B580F8C.5090807@jp.fujitsu.com> <60E426D47DE8EA47AA104E65008A100D14458759D3@shzsmsx501.ccr.corp.intel.com> <4B582665.300@jp.fujitsu.com> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <4B582665.300@jp.fujitsu.com> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xensource.com Errors-To: xen-devel-bounces@lists.xensource.com To: weidong.han@intel.com Cc: xen-devel@lists.xensource.com List-Id: xen-devel@lists.xenproject.org > So, I think RMRR that has no-existent device is valid. Sorry this is typo. I mean: So, I think RMRR that has no-existent device is "invalid" and whole RMRR should be ignored. Noboru. > Hi, > > After registered invalid DRHDs, Xen hangs in boot time. > > About RMRR, I understood the logic. > In my mainboard, unfortunately, RMRR has non-existent device under > its scope, and to make matters worse, the RMRR range is invalid. > So, I think RMRR that has no-existent device is valid. > > How do you think about these? > >> Hi Noboru, >> >> You should not ignore DRHD even if devices under its scope are not pci >> discoverable. For the sake of security, we still enable these DRHDs >> but don't set any context mappings. In that case, any DMA that comes >> from these "supposedly disabled" devices will get blocked by VT-d, and >> hence avoid any security vulnerability with malicious s/w re-enabling >> these devices. >> >> You RMRR validity fixing is wrong. My RMRR patch is no problem. Pls >> note that the RMRR checking logic is: >> If all devices under RMRR's scope are not pci discoverable >> Ignore the RMRR >> Else if base_address> end_address >> Return error >> Else >> Register RMRR >> >> Regards, >> Weidong >> >> >> -----Original Message----- >> From: Noboru Iwamatsu [mailto:n_iwamatsu@jp.fujitsu.com] >> Sent: Thursday, January 21, 2010 4:26 PM >> To: Han, Weidong >> Cc: xen-devel@lists.xensource.com; keir.fraser@eu.citrix.com >> Subject: Re: [Xen-devel] [PATCH] VT-d: improve RMRR validity checking >> >> Hi, >> >> Some Q35 mainboard that has buggy BIOS, I have one of this, reports >> invalid DRHD in addition to the invalid RMRR. >> >> Attached patch fixes this DRHD issue in the same way as RMRR. >> And also, I fixed RMRR validity checking loop. >> >> Noboru. >> >> Signed-off-by: Noboru Iwamatsu >> >> >> -------- Original Message -------- >> Subject: [Xen-devel] [PATCH] VT-d: improve RMRR validity checking >> From: Han, Weidong >> To: xen-devel@lists.xensource.com >> Date: Thu Jan 21 2010 11:46:12 GMT+0900 >> >>> Currently, Xen checks RMRR range and disables VT-d if RMRR range is >>> set incorrectly in BIOS rigorously. But, actually we can ignore the >>> RMRR if the device under its scope are not pci discoverable, because >>> the RMRR won't be used by non-existed or disabled devices. >>> >>> This patch ignores the RMRR if the device under its scope are not pci >>> discoverable, and only checks the validity of RMRRs that are actually >>> used. In order to avoid duplicate pci device detection code, this >>> patch defines a function pci_device_detect for it. >>> >>> Signed-off-by: Weidong Han >>> >>> >>> >>> _______________________________________________ >>> Xen-devel mailing list >>> Xen-devel@lists.xensource.com >>> http://lists.xensource.com/xen-devel >> > > > > _______________________________________________ > Xen-devel mailing list > Xen-devel@lists.xensource.com > http://lists.xensource.com/xen-devel