From mboxrd@z Thu Jan  1 00:00:00 1970
From: Manish Jaggi <mjaggi@caviumnetworks.com>
Subject: Re: [RFC PATCH v2 13/22] xen/arm: its: Add virtual ITS
 command support
Date: Wed, 29 Apr 2015 18:03:43 +0530
Message-ID: <5540CFA7.6080203@caviumnetworks.com>
References: <1426775889-29442-1-git-send-email-vijay.kilari@gmail.com>	<1426775889-29442-14-git-send-email-vijay.kilari@gmail.com>	<55114EFA.9050304@linaro.org>	<CALicx6saxGyht=m28Z+K0fy6LBCxwpguDS7VRBQUbbEPe54LBQ@mail.gmail.com>	<55197005.7090408@linaro.org>	<1427888815.2115.279.camel@citrix.com>	<551BDE4C.9030109@citrix.com>	<1427966007.4037.14.camel@citrix.com>	<551D2298.2060302@citrix.com>	<1427973539.4037.52.camel@citrix.com>	<551D4888.1020309@gmail.com>	<CALicx6u7-gHT+v9j16D1zS3QE+A6_dAV8fgXDNka3CicMUf9LQ@mail.gmail.com>	<alpine.DEB.2.02.1504281054490.2640@kaball.uk.xensource.com>	<553F6271.4010308@citrix.com>	<CALicx6vgbre5DX2nmfog2Lzgkx5_Viw397JqUMsfmstK1tLRSg@mail.gmail.com>	<553FB23F.7090200@citrix.com>	<CALicx6teBqnjTrov0TcZQW12C=W0rqLDmcqV-J-PfiAH3n0bHg@mail.gmail.com>	<5540C6D
 5.9020400@citrix.com>
	<5540CA9B.6020102@caviumnetworks.com> <5540CCB7.7050105@citrix.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
In-Reply-To: <5540CCB7.7050105@citrix.com>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: Julien Grall <julien.grall@citrix.com>, Vijay Kilari <vijay.kilari@gmail.com>
Cc: Ian Campbell <ian.campbell@citrix.com>, Stefano Stabellini <stefano.stabellini@eu.citrix.com>, Prasun Kapoor <Prasun.Kapoor@caviumnetworks.com>, Vijaya Kumar K <vijaya.kumar@caviumnetworks.com>, Julien Grall <julien.grall@linaro.org>, Tim Deegan <tim@xen.org>, "xen-devel@lists.xen.org" <xen-devel@lists.xen.org>, Stefano Stabellini <stefano.stabellini@citrix.com>, manish.jaggi@caviumnetworks.com
List-Id: xen-devel@lists.xenproject.org



On Wednesday 29 April 2015 05:51 PM, Julien Grall wrote:
> On 29/04/15 13:12, Manish Jaggi wrote:
>>>> and that too ITS is not in critical path. It is only used when 
>>>> configuring interrupts of the device? 
>>> You need to think about security... Even though the ITS should only 
>>> be used for configuring interrupts, a malicious guest could try to 
>>> exploit weakness in the emulation. 
>> Can you describe the scenario ? 
> I already wrote several times the possible security impacts of the 
> polling solution... Please read again the previous mails.
I see your comment "The vITS emulates hardware for a specific domain. A 
malicious guest could send request to a not own device"
This scenario cannot happen as guest sbdf is converted to physical sbdf 
based on the domain. So if it does not own a device it would be treated 
as invalid command.

Do you have any other security concern ?


> Regards,