From mboxrd@z Thu Jan  1 00:00:00 1970
From: Julien Grall <julien.grall@linaro.org>
Subject: Re: [PATCH v3 2/2] xen/arm: support irq delivery to
 vcpu > 0
Date: Wed, 04 Jun 2014 15:46:51 +0100
Message-ID: <538F315B.2030506@linaro.org>
References: <alpine.DEB.2.02.1406041531160.2526@kaball.uk.xensource.com>
	<1401892553-20150-2-git-send-email-stefano.stabellini@eu.citrix.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
In-Reply-To: <1401892553-20150-2-git-send-email-stefano.stabellini@eu.citrix.com>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: Stefano Stabellini <stefano.stabellini@eu.citrix.com>, xen-devel@lists.xensource.com
Cc: julien.grall@citrix.com, Ian.Campbell@citrix.com
List-Id: xen-devel@lists.xenproject.org

Hi Stefano,

You removed the bits to make ITARGET read-only. Why? With this patch
series, Xen doesn't validate ITARGET and a malicious guest could crash
Xen...

On 06/04/2014 03:35 PM, Stefano Stabellini wrote:
> Export vgic_get_target_vcpu.
> Use vgic_get_target_vcpu to retrieve the target vcpu from do_IRQ.
> Route guest irqs to vcpu0 initially.
> Remove in-code comments about missing implementation of SGI delivery to
> vcpus other than 0.
> 
> Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
> ---
>  xen/arch/arm/gic.c        |    3 +--
>  xen/arch/arm/irq.c        |    7 +++----
>  xen/arch/arm/vgic.c       |    2 +-
>  xen/include/asm-arm/gic.h |    2 ++
>  4 files changed, 7 insertions(+), 7 deletions(-)
> 
> diff --git a/xen/arch/arm/gic.c b/xen/arch/arm/gic.c
> index 08ae23b..125ff36 100644
> --- a/xen/arch/arm/gic.c
> +++ b/xen/arch/arm/gic.c
> @@ -287,8 +287,7 @@ void gic_route_irq_to_guest(struct domain *d, struct irq_desc *desc,
>      gic_set_irq_properties(desc->irq, level, cpumask_of(smp_processor_id()),
>                             GIC_PRI_IRQ);
>  
> -    /* TODO: do not assume delivery to vcpu0 */
> -    p = irq_to_pending(d->vcpu[0], desc->irq);
> +    p = irq_to_pending(d->vcpu[cpumask_first(cpu_mask)], desc->irq);

Hrmmm... you misused the mask here. cpumask contains a list a physical
CPU not Virtual CPU...

[..]

> @@ -342,8 +341,8 @@ int route_dt_irq_to_guest(struct domain *d, const struct dt_irq *irq,
>          goto out;
>  
>      level = dt_irq_is_level_triggered(irq);
> -    gic_route_irq_to_guest(d, desc, level, cpumask_of(smp_processor_id()),
> -                           GIC_PRI_IRQ);
> +    /* route to vcpu0 initially */
> +    gic_route_irq_to_guest(d, desc, level, cpumask_of(0), GIC_PRI_IRQ);

That makes the comment here wrong.

Regards,

-- 
Julien Grall