* [PATCH] xen/pciback: Don't disable PCI_COMMAND on PCI device reset.
@ 2019-02-13 23:21 Prarit Bhargava
2019-02-15 16:41 ` Konrad Rzeszutek Wilk
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Prarit Bhargava @ 2019-02-13 23:21 UTC (permalink / raw)
To: xen-devel; +Cc: Juergen Gross, jbeulich, Konrad Rzeszutek Wilk
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
This was submitted in 2015 here
https://marc.info/?l=linux-kernel&m=142807132515973&w=2
and has been included in Fedora builds ever since. No issues have been
reported with the patch.
P.
----8<----
There is no need for this at all. Worst it means that if
the guest tries to write to BARs it could lead (on certain
platforms) to PCI SERR errors.
Please note that with af6fc858a35b90e89ea7a7ee58e66628c55c776b
"xen-pciback: limit guest control of command register"
a guest is still allowed to enable those control bits (safely), but
is not allowed to disable them and that therefore a well behaved
frontend which enables things before using them will still
function correctly.
This is done via an write to the configuration register 0x4 which
triggers on the backend side:
command_write
\- pci_enable_device
\- pci_enable_device_flags
\- do_pci_enable_device
\- pcibios_enable_device
\-pci_enable_resourcess
[which enables the PCI_COMMAND_MEMORY|PCI_COMMAND_IO]
However guests (and drivers) which don't do this could cause
problems, including the security issues which XSA-120 sought
to address.
Reported-by: Jan Beulich <jbeulich@suse.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Prarit Bhargava <prarit@redhat.com>
Cc: Juergen Gross <jgross@suse.com>
---
drivers/xen/xen-pciback/pciback_ops.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/drivers/xen/xen-pciback/pciback_ops.c b/drivers/xen/xen-pciback/pciback_ops.c
index ea4a08b83fa0..787966f44589 100644
--- a/drivers/xen/xen-pciback/pciback_ops.c
+++ b/drivers/xen/xen-pciback/pciback_ops.c
@@ -127,8 +127,6 @@ void xen_pcibk_reset_device(struct pci_dev *dev)
if (pci_is_enabled(dev))
pci_disable_device(dev);
- pci_write_config_word(dev, PCI_COMMAND, 0);
-
dev->is_busmaster = 0;
} else {
pci_read_config_word(dev, PCI_COMMAND, &cmd);
--
2.18.1
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] xen/pciback: Don't disable PCI_COMMAND on PCI device reset.
2019-02-13 23:21 [PATCH] xen/pciback: Don't disable PCI_COMMAND on PCI device reset Prarit Bhargava
2019-02-15 16:41 ` Konrad Rzeszutek Wilk
@ 2019-02-15 16:41 ` Konrad Rzeszutek Wilk
2019-02-17 10:38 ` Juergen Gross
2 siblings, 0 replies; 4+ messages in thread
From: Konrad Rzeszutek Wilk @ 2019-02-15 16:41 UTC (permalink / raw)
To: Prarit Bhargava, linux-kernel; +Cc: xen-devel, jbeulich, Juergen Gross
On Wed, Feb 13, 2019 at 06:21:31PM -0500, Prarit Bhargava wrote:
> From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
>
+LKML
> This was submitted in 2015 here
>
> https://marc.info/?l=linux-kernel&m=142807132515973&w=2
>
> and has been included in Fedora builds ever since. No issues have been
> reported with the patch.
>
> P.
>
> ----8<----
>
> There is no need for this at all. Worst it means that if
> the guest tries to write to BARs it could lead (on certain
> platforms) to PCI SERR errors.
>
> Please note that with af6fc858a35b90e89ea7a7ee58e66628c55c776b
> "xen-pciback: limit guest control of command register"
> a guest is still allowed to enable those control bits (safely), but
> is not allowed to disable them and that therefore a well behaved
> frontend which enables things before using them will still
> function correctly.
>
> This is done via an write to the configuration register 0x4 which
> triggers on the backend side:
> command_write
> \- pci_enable_device
> \- pci_enable_device_flags
> \- do_pci_enable_device
> \- pcibios_enable_device
> \-pci_enable_resourcess
> [which enables the PCI_COMMAND_MEMORY|PCI_COMMAND_IO]
>
> However guests (and drivers) which don't do this could cause
> problems, including the security issues which XSA-120 sought
> to address.
>
> Reported-by: Jan Beulich <jbeulich@suse.com>
> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
> Reviewed-by: Prarit Bhargava <prarit@redhat.com>
> Cc: Juergen Gross <jgross@suse.com>
> ---
> drivers/xen/xen-pciback/pciback_ops.c | 2 --
> 1 file changed, 2 deletions(-)
>
> diff --git a/drivers/xen/xen-pciback/pciback_ops.c b/drivers/xen/xen-pciback/pciback_ops.c
> index ea4a08b83fa0..787966f44589 100644
> --- a/drivers/xen/xen-pciback/pciback_ops.c
> +++ b/drivers/xen/xen-pciback/pciback_ops.c
> @@ -127,8 +127,6 @@ void xen_pcibk_reset_device(struct pci_dev *dev)
> if (pci_is_enabled(dev))
> pci_disable_device(dev);
>
> - pci_write_config_word(dev, PCI_COMMAND, 0);
> -
> dev->is_busmaster = 0;
> } else {
> pci_read_config_word(dev, PCI_COMMAND, &cmd);
> --
> 2.18.1
>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] xen/pciback: Don't disable PCI_COMMAND on PCI device reset.
2019-02-13 23:21 [PATCH] xen/pciback: Don't disable PCI_COMMAND on PCI device reset Prarit Bhargava
@ 2019-02-15 16:41 ` Konrad Rzeszutek Wilk
2019-02-15 16:41 ` Konrad Rzeszutek Wilk
2019-02-17 10:38 ` Juergen Gross
2 siblings, 0 replies; 4+ messages in thread
From: Konrad Rzeszutek Wilk @ 2019-02-15 16:41 UTC (permalink / raw)
To: Prarit Bhargava, linux-kernel; +Cc: Juergen Gross, xen-devel, jbeulich
On Wed, Feb 13, 2019 at 06:21:31PM -0500, Prarit Bhargava wrote:
> From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
>
+LKML
> This was submitted in 2015 here
>
> https://marc.info/?l=linux-kernel&m=142807132515973&w=2
>
> and has been included in Fedora builds ever since. No issues have been
> reported with the patch.
>
> P.
>
> ----8<----
>
> There is no need for this at all. Worst it means that if
> the guest tries to write to BARs it could lead (on certain
> platforms) to PCI SERR errors.
>
> Please note that with af6fc858a35b90e89ea7a7ee58e66628c55c776b
> "xen-pciback: limit guest control of command register"
> a guest is still allowed to enable those control bits (safely), but
> is not allowed to disable them and that therefore a well behaved
> frontend which enables things before using them will still
> function correctly.
>
> This is done via an write to the configuration register 0x4 which
> triggers on the backend side:
> command_write
> \- pci_enable_device
> \- pci_enable_device_flags
> \- do_pci_enable_device
> \- pcibios_enable_device
> \-pci_enable_resourcess
> [which enables the PCI_COMMAND_MEMORY|PCI_COMMAND_IO]
>
> However guests (and drivers) which don't do this could cause
> problems, including the security issues which XSA-120 sought
> to address.
>
> Reported-by: Jan Beulich <jbeulich@suse.com>
> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
> Reviewed-by: Prarit Bhargava <prarit@redhat.com>
> Cc: Juergen Gross <jgross@suse.com>
> ---
> drivers/xen/xen-pciback/pciback_ops.c | 2 --
> 1 file changed, 2 deletions(-)
>
> diff --git a/drivers/xen/xen-pciback/pciback_ops.c b/drivers/xen/xen-pciback/pciback_ops.c
> index ea4a08b83fa0..787966f44589 100644
> --- a/drivers/xen/xen-pciback/pciback_ops.c
> +++ b/drivers/xen/xen-pciback/pciback_ops.c
> @@ -127,8 +127,6 @@ void xen_pcibk_reset_device(struct pci_dev *dev)
> if (pci_is_enabled(dev))
> pci_disable_device(dev);
>
> - pci_write_config_word(dev, PCI_COMMAND, 0);
> -
> dev->is_busmaster = 0;
> } else {
> pci_read_config_word(dev, PCI_COMMAND, &cmd);
> --
> 2.18.1
>
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] xen/pciback: Don't disable PCI_COMMAND on PCI device reset.
2019-02-13 23:21 [PATCH] xen/pciback: Don't disable PCI_COMMAND on PCI device reset Prarit Bhargava
2019-02-15 16:41 ` Konrad Rzeszutek Wilk
2019-02-15 16:41 ` Konrad Rzeszutek Wilk
@ 2019-02-17 10:38 ` Juergen Gross
2 siblings, 0 replies; 4+ messages in thread
From: Juergen Gross @ 2019-02-17 10:38 UTC (permalink / raw)
To: Prarit Bhargava, xen-devel; +Cc: jbeulich, Konrad Rzeszutek Wilk
On 14/02/2019 00:21, Prarit Bhargava wrote:
> From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
>
> This was submitted in 2015 here
>
> https://marc.info/?l=linux-kernel&m=142807132515973&w=2
>
> and has been included in Fedora builds ever since. No issues have been
> reported with the patch.
>
> P.
>
> ----8<----
>
> There is no need for this at all. Worst it means that if
> the guest tries to write to BARs it could lead (on certain
> platforms) to PCI SERR errors.
>
> Please note that with af6fc858a35b90e89ea7a7ee58e66628c55c776b
> "xen-pciback: limit guest control of command register"
> a guest is still allowed to enable those control bits (safely), but
> is not allowed to disable them and that therefore a well behaved
> frontend which enables things before using them will still
> function correctly.
>
> This is done via an write to the configuration register 0x4 which
> triggers on the backend side:
> command_write
> \- pci_enable_device
> \- pci_enable_device_flags
> \- do_pci_enable_device
> \- pcibios_enable_device
> \-pci_enable_resourcess
> [which enables the PCI_COMMAND_MEMORY|PCI_COMMAND_IO]
>
> However guests (and drivers) which don't do this could cause
> problems, including the security issues which XSA-120 sought
> to address.
>
> Reported-by: Jan Beulich <jbeulich@suse.com>
> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
> Reviewed-by: Prarit Bhargava <prarit@redhat.com>
> Cc: Juergen Gross <jgross@suse.com>
Applied to xen/tip.git for-linus-5.1
Juergen
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2019-02-17 10:39 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-02-13 23:21 [PATCH] xen/pciback: Don't disable PCI_COMMAND on PCI device reset Prarit Bhargava
2019-02-15 16:41 ` Konrad Rzeszutek Wilk
2019-02-15 16:41 ` Konrad Rzeszutek Wilk
2019-02-17 10:38 ` Juergen Gross
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.