From mboxrd@z Thu Jan  1 00:00:00 1970
From: Weidong Han <weidong.han@intel.com>
Subject: Re: [PATCH] VT-d: improve RMRR validity checking
Date: Wed, 10 Mar 2010 10:40:51 +0800
Message-ID: <4B9706B3.3050903@intel.com>
References: <C77E162B.6FE6%keir.fraser@eu.citrix.com>	
	<4B59098B.6000108@intel.com> <4B590FA4.4000008@jp.fujitsu.com>	
	<4B59132B.40607@intel.com> <4B59188C.50901@jp.fujitsu.com>	
	<4B59660F.4000909@intel.com>
	<7162ab21003091339i4adb8669safd5e074607386a2@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xensource.com>
In-Reply-To: <7162ab21003091339i4adb8669safd5e074607386a2@mail.gmail.com>
List-Unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xensource.com>
List-Help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-Subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
Sender: xen-devel-bounces@lists.xensource.com
Errors-To: xen-devel-bounces@lists.xensource.com
To: Alex Williamson <alex.williamson@hp.com>
Cc: "xen-devel@lists.xensource.com" <xen-devel@lists.xensource.com>, Noboru Iwamatsu <n_iwamatsu@jp.fujitsu.com>, "Cihula,
	Joseph" <joseph.cihula@intel.com>, "Kay, Allen M" <allen.m.kay@intel.com>, "linux@eikelenboom.it" <linux@eikelenboom.it>, "keir.fraser@eu.citrix.com" <keir.fraser@eu.citrix.com>
List-Id: xen-devel@lists.xenproject.org

Alex Williamson wrote:
> On Fri, Jan 22, 2010 at 1:47 AM, Weidong Han <weidong.han@intel.com> wrote:
>   
>> I implemented a patch and attached.
>>
>> patch description:
>>   In order to make Xen more defensive to VT-d related BIOS issue, this patch
>> ignores a DRHD if all devices under its scope are not pci discoverable, and
>> regards a DRHD as invalid and then disable whole VT-d if some devices under
>> its scope are not pci discoverable. But if iommu=force is set, it will
>> enable all DRHDs reported by BIOS, to avoid any security vulnerability with
>> malicious s/s re-enabling "supposed disabled" devices.  Pls note that we
>> don't know the devices under the "Include_all" DRHD are existent or not,
>> because the scope of "Include_all" DRHD  won't enumerate common pci device,
>> it only enumerates I/OxAPIC and HPET devices.
>>     
>
> Hi All,
>
> I have a system with what I consider to be a valid DRHD that's getting
> tripped up on this patch.  The problem is that the DRHD includes an
> IOAPIC scope, where the IOAPIC is not materialized on the PCI bus.  I
> think Xen is being overzealous in it's validity checking and that this
> is a valid configuration.  What do others think?  Are IOAPICs a
> special case that we can allow to be non-existent on the PCI bus?
>   
Yes, IOAPIC can be not pci-discoverable. IOAPICs are only reported in 
the "Include_all" DRHD, and our patch won't check if the device is 
pci-discoverable or not for the "Include_all" DRHD. So I think the patch 
is no problem unless IOAPIC is not included in the "Include_all" DRHD. 
Can you post your boot logs?

Regards,
Weidong
> Thanks,
>
> Alex
>