From mboxrd@z Thu Jan 1 00:00:00 1970 From: Weidong Han Subject: Re: [PATCH] VT-d: improve RMRR validity checking Date: Thu, 21 Jan 2010 20:38:54 +0800 Message-ID: <4B584ADE.1050609@intel.com> References: <60E426D47DE8EA47AA104E65008A100D14458756F3@shzsmsx501.ccr.corp.intel.com> <4B580F8C.5090807@jp.fujitsu.com> <60E426D47DE8EA47AA104E65008A100D14458759D3@shzsmsx501.ccr.corp.intel.com> <4B582665.300@jp.fujitsu.com> <4B5828BB.1080006@intel.com> <4B5843DC.9020100@jp.fujitsu.com> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <4B5843DC.9020100@jp.fujitsu.com> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xensource.com Errors-To: xen-devel-bounces@lists.xensource.com To: Noboru Iwamatsu Cc: "xen-devel@lists.xensource.com" List-Id: xen-devel@lists.xenproject.org Seems you inserted a discrete gfx card, then the IGD is disabled. right? can you provide the platform info and BIOS version? Regards, Weidong Noboru Iwamatsu wrote: > Hi Weidong, > > Here is the log. > Xen version is: > xen-unstable c/s 20829 + return.patch + rmrr.patch > > Regards, > Noboru > > >> Noboru Iwamatsu wrote: >> >>> Hi, >>> >>> After registered invalid DRHDs, Xen hangs in boot time. >>> >> Can you post the logs? >> >> Regards, >> Weidong >> >>> About RMRR, I understood the logic. >>> In my mainboard, unfortunately, RMRR has non-existent device under >>> its scope, and to make matters worse, the RMRR range is invalid. >>> So, I think RMRR that has no-existent device is valid. >>> >>> How do you think about these? >>> >>> >>>> Hi Noboru, >>>> >>>> You should not ignore DRHD even if devices under its scope are not >>>> pci discoverable. For the sake of security, we still enable these >>>> DRHDs but don't set any context mappings. In that case, any DMA that >>>> comes from these "supposedly disabled" devices will get blocked by >>>> VT-d, and hence avoid any security vulnerability with malicious s/w >>>> re-enabling these devices. >>>> >>>> You RMRR validity fixing is wrong. My RMRR patch is no problem. Pls >>>> note that the RMRR checking logic is: >>>> If all devices under RMRR's scope are not pci discoverable >>>> Ignore the RMRR >>>> Else if base_address> end_address >>>> Return error >>>> Else >>>> Register RMRR >>>> >>>> Regards, >>>> Weidong >>>> >>>> >>>> -----Original Message----- >>>> From: Noboru Iwamatsu [mailto:n_iwamatsu@jp.fujitsu.com] >>>> Sent: Thursday, January 21, 2010 4:26 PM >>>> To: Han, Weidong >>>> Cc: xen-devel@lists.xensource.com; keir.fraser@eu.citrix.com >>>> Subject: Re: [Xen-devel] [PATCH] VT-d: improve RMRR validity checking >>>> >>>> Hi, >>>> >>>> Some Q35 mainboard that has buggy BIOS, I have one of this, reports >>>> invalid DRHD in addition to the invalid RMRR. >>>> >>>> Attached patch fixes this DRHD issue in the same way as RMRR. >>>> And also, I fixed RMRR validity checking loop. >>>> >>>> Noboru. >>>> >>>> Signed-off-by: Noboru Iwamatsu >>>> >>>> >>>> -------- Original Message -------- >>>> Subject: [Xen-devel] [PATCH] VT-d: improve RMRR validity checking >>>> From: Han, Weidong >>>> To: xen-devel@lists.xensource.com >>>> Date: Thu Jan 21 2010 11:46:12 GMT+0900 >>>> >>>> >>>>> Currently, Xen checks RMRR range and disables VT-d if RMRR range is >>>>> set incorrectly in BIOS rigorously. But, actually we can ignore the >>>>> RMRR if the device under its scope are not pci discoverable, because >>>>> the RMRR won't be used by non-existed or disabled devices. >>>>> >>>>> This patch ignores the RMRR if the device under its scope are not >>>>> pci discoverable, and only checks the validity of RMRRs that are >>>>> actually used. In order to avoid duplicate pci device detection >>>>> code, this patch defines a function pci_device_detect for it. >>>>> >>>>> Signed-off-by: Weidong Han >>>>> >>>>> >>>>> >>>>> _______________________________________________ >>>>> Xen-devel mailing list >>>>> Xen-devel@lists.xensource.com >>>>> http://lists.xensource.com/xen-devel >>>>> >>> > >