From: "Roger Pau Monné" <roger.pau@citrix.com>
To: Stewart Hildebrand <stewart.hildebrand@amd.com>
Cc: Volodymyr Babchuk <Volodymyr_Babchuk@epam.com>,
"xen-devel@lists.xenproject.org" <xen-devel@lists.xenproject.org>
Subject: Re: [PATCH v9 15/16] xen/arm: vpci: check guest range
Date: Tue, 26 Sep 2023 10:07:17 +0200 [thread overview]
Message-ID: <ZRKRNcypuvP26luu@MacBookPdeRoger> (raw)
In-Reply-To: <0a1bc845-28b7-4af8-d6d9-cd5fc7bb4d74@amd.com>
On Mon, Sep 25, 2023 at 05:49:00PM -0400, Stewart Hildebrand wrote:
> On 9/22/23 04:44, Roger Pau Monné wrote:
> > On Tue, Aug 29, 2023 at 11:19:47PM +0000, Volodymyr Babchuk wrote:
> >> From: Stewart Hildebrand <stewart.hildebrand@amd.com>
> >>
> >> Skip mapping the BAR if it is not in a valid range.
> >>
> >> Signed-off-by: Stewart Hildebrand <stewart.hildebrand@amd.com>
> >> ---
> >> xen/drivers/vpci/header.c | 9 +++++++++
> >> 1 file changed, 9 insertions(+)
> >>
> >> diff --git a/xen/drivers/vpci/header.c b/xen/drivers/vpci/header.c
> >> index 1d243eeaf9..dbabdcbed2 100644
> >> --- a/xen/drivers/vpci/header.c
> >> +++ b/xen/drivers/vpci/header.c
> >> @@ -345,6 +345,15 @@ static int modify_bars(const struct pci_dev *pdev, uint16_t cmd, bool rom_only)
> >> bar->enabled == !!(cmd & PCI_COMMAND_MEMORY) )
> >> continue;
> >>
> >> +#ifdef CONFIG_ARM
> >> + if ( !is_hardware_domain(pdev->domain) )
> >> + {
> >> + if ( (start_guest < PFN_DOWN(GUEST_VPCI_MEM_ADDR)) ||
> >> + (end_guest >= PFN_DOWN(GUEST_VPCI_MEM_ADDR + GUEST_VPCI_MEM_SIZE)) )
> >> + continue;
> >> + }
> >> +#endif
> >
> > Hm, I think this should be in a hook similar to pci_check_bar() that
> > can be implemented per-arch.
> >
> > IIRC at least on x86 we allow the guest to place the BARs whenever it
> > wants, would such placement cause issues to the hypervisor on Arm?
>
> Hm. I wrote this patch in a hurry to make v9 of this series work on ARM. In my haste I also forgot about the prefetchable range starting at GUEST_VPCI_PREFETCH_MEM_ADDR, but that won't matter as we can probably throw this patch out.
>
> Now that I've had some more time to investigate, I believe the check in this patch is more or less redundant to the existing check in map_range() added in baa6ea700386 ("vpci: add permission checks to map_range()").
>
> The issue is that during initialization bar->guest_addr is zeroed, and this initial value of bar->guest_addr will fail the permissions check in map_range() and crash the domain. When the guest writes a new valid BAR, the old invalid address remains in the rangeset to be mapped. If we simply remove the old invalid BAR from the rangeset, that seems to fix the issue. So something like this:
It does seem to me we are missing a proper cleanup of the rangeset
contents in some paths then. In the above paragraph you mention "the
old invalid address remains in the rangeset to be mapped", how does it
get in there in the first place, and why is the rangeset not emptied
if the mapping failed?
Thanks, Roger.
next prev parent reply other threads:[~2023-09-26 8:08 UTC|newest]
Thread overview: 60+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-29 23:19 [PATCH v9 00/16] PCI devices passthrough on Arm, part 3 Volodymyr Babchuk
2023-08-29 23:19 ` [PATCH v9 02/16] vpci: use per-domain PCI lock to protect vpci structure Volodymyr Babchuk
2023-09-19 15:39 ` Roger Pau Monné
2023-09-19 15:55 ` Jan Beulich
2023-09-20 8:12 ` Roger Pau Monné
2023-09-19 16:20 ` Stewart Hildebrand
2023-09-20 8:09 ` Roger Pau Monné
2023-09-20 13:56 ` Stewart Hildebrand
2023-09-21 7:42 ` Jan Beulich
2023-09-21 9:00 ` Roger Pau Monné
2023-09-20 19:16 ` Stewart Hildebrand
2023-09-21 9:41 ` Roger Pau Monné
2023-09-25 23:03 ` Volodymyr Babchuk
2023-08-29 23:19 ` [PATCH v9 03/16] vpci: restrict unhandled read/write operations for guests Volodymyr Babchuk
2023-08-29 23:19 ` [PATCH v9 01/16] pci: introduce per-domain PCI rwlock Volodymyr Babchuk
2023-09-19 14:09 ` Roger Pau Monné
2023-09-25 22:44 ` Volodymyr Babchuk
2023-08-29 23:19 ` [PATCH v9 05/16] vpci/header: rework exit path in init_bars Volodymyr Babchuk
2023-09-20 8:49 ` Roger Pau Monné
2023-08-29 23:19 ` [PATCH v9 06/16] vpci/header: implement guest BAR register handlers Volodymyr Babchuk
2023-09-01 5:25 ` Stewart Hildebrand
2023-09-20 9:49 ` Roger Pau Monné
2023-09-20 14:18 ` Stewart Hildebrand
2023-08-29 23:19 ` [PATCH v9 07/16] rangeset: add RANGESETF_no_print flag Volodymyr Babchuk
2023-08-29 23:19 ` [PATCH v9 04/16] vpci: add hooks for PCI device assign/de-assign Volodymyr Babchuk
2023-09-12 9:37 ` Jan Beulich
2023-09-12 23:41 ` Volodymyr Babchuk
2023-09-13 5:58 ` Jan Beulich
2023-09-13 23:53 ` Volodymyr Babchuk
2023-09-20 8:41 ` Roger Pau Monné
2023-09-20 8:39 ` Roger Pau Monné
2023-08-29 23:19 ` [PATCH v9 08/16] vpci/header: handle p2m range sets per BAR Volodymyr Babchuk
2023-09-20 11:35 ` Roger Pau Monné
2023-09-27 18:18 ` Stewart Hildebrand
2023-08-29 23:19 ` [PATCH v9 09/16] vpci/header: program p2m with guest BAR view Volodymyr Babchuk
2023-09-21 10:34 ` Roger Pau Monné
2023-08-29 23:19 ` [PATCH v9 10/16] vpci/header: emulate PCI_COMMAND register for guests Volodymyr Babchuk
2023-09-01 5:23 ` Stewart Hildebrand
2023-09-21 13:18 ` Roger Pau Monné
2023-08-29 23:19 ` [PATCH v9 11/16] vpci/header: reset the command register when adding devices Volodymyr Babchuk
2023-09-21 13:30 ` Roger Pau Monné
2023-08-29 23:19 ` [PATCH v9 14/16] xen/arm: account IO handlers for emulated PCI MSI-X Volodymyr Babchuk
2023-08-29 23:19 ` [PATCH v9 13/16] xen/arm: translate virtual PCI bus topology for guests Volodymyr Babchuk
2023-09-22 8:32 ` Roger Pau Monné
2023-08-29 23:19 ` [PATCH v9 12/16] vpci: add initial support for virtual PCI bus topology Volodymyr Babchuk
2023-08-30 7:37 ` Jan Beulich
2023-08-31 21:12 ` Volodymyr Babchuk
2023-09-21 16:03 ` Roger Pau Monné
2023-08-29 23:19 ` [PATCH v9 16/16] xen/arm: vpci: permit access to guest vpci space Volodymyr Babchuk
2023-09-26 0:12 ` Stewart Hildebrand
2023-08-29 23:19 ` [PATCH v9 15/16] xen/arm: vpci: check guest range Volodymyr Babchuk
2023-09-22 8:44 ` Roger Pau Monné
2023-09-25 21:49 ` Stewart Hildebrand
2023-09-26 8:07 ` Roger Pau Monné [this message]
2023-09-26 15:27 ` Stewart Hildebrand
2023-09-26 15:48 ` Roger Pau Monné
2023-09-27 18:03 ` Stewart Hildebrand
2023-09-28 8:28 ` Roger Pau Monné
2023-09-28 18:28 ` Stewart Hildebrand
2023-10-02 11:49 ` Roger Pau Monné
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZRKRNcypuvP26luu@MacBookPdeRoger \
--to=roger.pau@citrix.com \
--cc=Volodymyr_Babchuk@epam.com \
--cc=stewart.hildebrand@amd.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.