From: Vijay Kilari <vijay.kilari@gmail.com>
To: Julien Grall <julien.grall@citrix.com>
Cc: Ian Campbell <Ian.Campbell@citrix.com>,
Stefano Stabellini <stefano.stabellini@eu.citrix.com>,
Prasun Kapoor <Prasun.Kapoor@caviumnetworks.com>,
Vijaya Kumar K <Vijaya.Kumar@caviumnetworks.com>,
Tim Deegan <tim@xen.org>,
"xen-devel@lists.xen.org" <xen-devel@lists.xen.org>,
Stefano Stabellini <stefano.stabellini@citrix.com>,
manish.jaggi@caviumnetworks.com
Subject: Re: [PATCH v4 07/17] xen/arm: ITS: Add virtual ITS commands support
Date: Fri, 17 Jul 2015 19:42:59 +0530 [thread overview]
Message-ID: <CALicx6vRC_1TxmBEbzyZdY9EdOvJzdYQsK6WGiAKzPwmnc3AfQ@mail.gmail.com> (raw)
In-Reply-To: <55A658A5.4000605@citrix.com>
Hi Julien,
On Wed, Jul 15, 2015 at 6:27 PM, Julien Grall <julien.grall@citrix.com> wrote:
> Hi Vijay,
>
> On 10/07/2015 09:42, vijay.kilari@gmail.com wrote:
>>
>> From: Vijaya Kumar K <Vijaya.Kumar@caviumnetworks.com>
>>
>> Add Virtual ITS command processing support to Virtual ITS driver
>>
>> Signed-off-by: Vijaya Kumar K <Vijaya.Kumar@caviumnetworks.com>
>>
>> ---
>> v4: - Use helper function to read from command queue
>> - Add MOVALL
>> - Removed check for entry in device in domain RB-tree
>> ---
[..]
>> +
>> +static int vgic_its_process_mapvi(struct vcpu *v, struct vgic_its *vits,
>> + its_cmd_block *virt_cmd)
>> +{
>> + struct vitt entry;
>> + struct domain *d = v->domain;
>> + uint8_t vcol_id, cmd;
>> + uint32_t vid, dev_id, event;
>> +
>> + vcol_id = virt_cmd->mapvi.col;
>> + vid = virt_cmd->mapvi.phy_id;
>> + cmd = virt_cmd->mapvi.cmd;
>> + dev_id = virt_cmd->mapvi.devid;
>> +
>> + DPRINTK("%pv: vITS: MAPVI: dev_id 0x%x vcol_id %d vid %d \n",
>> + v, dev_id, vcol_id, vid);
>> +
>> + if ( vcol_id > (d->max_vcpus + 1) || vid > its_get_nr_events() )
>> + return -EINVAL;
>
>
> As said on v3, checking the validity is pointless as a malicious guest can
> rewrite the
> ITT. We only need to check it when the LPI is effectively injected.
>
> If you think this is necessary please explain why...
vcol_id is read from ITS command but not from guest memory.
So command values are validated here instead of doing at time time
of LPI injection.
If not done here, then we still allow malicious guest to run and during
LPI injection if invalid col_id is found in ITT we just drop LPI.
>
> Furthermore, its_get_nr_events is for the hardware and not the virtual ITS.
> I would prefer to see a field in the vits structure which contains the
> number of event ID bits for a given domain.
Why do we need to restrict number of LPIs to domain?
[...]
>> +
>> + if ( vits_get_vitt_entry(d, dev_id, event, &vitt_entry) )
>> + return -EINVAL;
>> +
>> + if ( !vitt_entry.valid )
>> + {
>> + dprintk(XENLOG_G_ERR,
>> + "%pv: vITS: INT CMD invalid event %d for dev 0x%x\n",
>> + v, event, dev_id);
>> + return -EINVAL;
>> + }
>> +
>> + col_id = vitt_entry.vcollection;
>> + if ( col_id < d->max_vcpus )
>> + {
>> + dprintk(XENLOG_G_ERR,
>> + "%pv: vITS: INT CMD invalid col_id %d for dev 0x%x\n",
>> + v, col_id, dev_id);
>> + return -EINVAL;
>> + }
>> +
>> + vgic_vcpu_inject_irq(d->vcpu[col_id], vitt_entry.vlpi);
>
>
> As said on v3, the design document [1] suggested to implement the INT
> command using vgic_vcpu_inject_lpi. Is there any issue to do it?
IIRC, INT command contains vlpi which does not have its_device because irq_desc
is not reserved for this. Hence it is handled similar to event_ch int.
>
> Also, you have to translate the col_id into to a VCPU ID.
This is virtual collection id which itself is vcpu id. isn't it?
Regards
Vijay
next prev parent reply other threads:[~2015-07-17 14:12 UTC|newest]
Thread overview: 113+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-07-10 7:42 [PATCH v4 00/17] Add ITS support vijay.kilari
2015-07-10 7:42 ` [PATCH v4 01/17] xen/arm: Add bitmap_find_next_zero_area helper function vijay.kilari
2015-07-10 9:01 ` Jan Beulich
2015-07-10 9:28 ` Vijay Kilari
2015-07-10 9:30 ` Vijay Kilari
2015-07-10 9:45 ` Vijay Kilari
2015-07-10 10:07 ` Jan Beulich
2015-07-10 7:42 ` [PATCH v4 02/17] xen: Add log2 functionality vijay.kilari
2015-07-10 7:42 ` [PATCH v4 03/17] xen/arm: ITS: Port ITS driver to Xen vijay.kilari
2015-07-10 13:01 ` Ian Campbell
2015-07-15 10:23 ` Julien Grall
2015-07-10 7:42 ` [PATCH v4 04/17] xen/arm: ITS: Add helper functions to manage its_devices vijay.kilari
2015-07-10 13:05 ` Ian Campbell
2015-07-15 10:37 ` Julien Grall
2015-07-15 14:21 ` Vijay Kilari
2015-07-15 14:28 ` Julien Grall
2015-07-10 7:42 ` [PATCH v4 05/17] xen/arm: ITS: implement hw_irq_controller for LPIs vijay.kilari
2015-07-10 13:46 ` Ian Campbell
2015-07-11 14:40 ` Vijay Kilari
2015-07-11 18:08 ` Julien Grall
2015-07-13 9:17 ` Ian Campbell
2015-07-13 21:18 ` Julien Grall
2015-07-15 7:16 ` Vijay Kilari
2015-07-15 8:26 ` Julien Grall
2015-07-15 9:32 ` Ian Campbell
2015-07-15 9:49 ` Julien Grall
2015-07-15 10:01 ` Ian Campbell
2015-07-15 14:15 ` Vijay Kilari
2015-07-15 14:22 ` Julien Grall
2015-07-15 14:28 ` Ian Campbell
2015-07-15 17:01 ` Vijay Kilari
2015-07-16 14:49 ` Ian Campbell
2015-07-16 15:21 ` Marc Zyngier
2015-07-16 16:18 ` Ian Campbell
2015-07-16 16:27 ` Marc Zyngier
2015-07-16 16:37 ` Ian Campbell
2015-07-18 10:13 ` Julien Grall
2015-07-20 11:52 ` Ian Campbell
2015-07-20 12:22 ` Ian Campbell
2015-07-15 18:19 ` Julien Grall
2015-07-10 7:42 ` [PATCH v4 06/17] xen/arm: ITS: Add virtual ITS driver vijay.kilari
2015-07-10 13:54 ` Ian Campbell
2015-07-11 14:48 ` Vijay Kilari
2015-07-13 9:27 ` Ian Campbell
2015-07-10 14:15 ` Ian Campbell
2015-07-11 14:48 ` Vijay Kilari
2015-07-13 9:25 ` Ian Campbell
2015-07-15 12:17 ` Julien Grall
2015-07-10 7:42 ` [PATCH v4 07/17] xen/arm: ITS: Add virtual ITS commands support vijay.kilari
2015-07-10 14:35 ` Ian Campbell
2015-07-11 14:49 ` Vijay Kilari
2015-07-13 9:22 ` Ian Campbell
2015-07-13 11:15 ` Vijay Kilari
2015-07-13 11:37 ` Ian Campbell
2015-07-17 15:01 ` Vijay Kilari
2015-07-15 13:02 ` Julien Grall
2015-07-15 13:56 ` Ian Campbell
2015-07-15 12:57 ` Julien Grall
2015-07-17 14:12 ` Vijay Kilari [this message]
2015-07-17 15:15 ` Julien Grall
2015-07-17 15:34 ` Ian Campbell
2015-07-17 15:44 ` Julien Grall
2015-07-10 7:42 ` [PATCH v4 08/17] xen/arm: ITS: Add APIs to add and assign device vijay.kilari
2015-07-10 14:52 ` Ian Campbell
2015-07-15 13:14 ` Julien Grall
2015-07-16 13:40 ` Vijay Kilari
2015-07-16 14:38 ` Julien Grall
2015-07-15 14:15 ` Julien Grall
2015-07-18 9:44 ` Vijay Kilari
2015-07-18 10:06 ` Julien Grall
2015-07-10 7:42 ` [PATCH v4 09/17] xen/arm: ITS: Add GITS registers emulation vijay.kilari
2015-07-10 14:56 ` Ian Campbell
2015-07-15 16:13 ` Julien Grall
2015-07-10 7:42 ` [PATCH v4 10/17] xen/arm: ITS: Enable physical and virtual ITS driver compilation vijay.kilari
2015-07-15 16:16 ` Julien Grall
2015-07-10 7:42 ` [PATCH v4 11/17] xen/arm: ITS: Add GICR register emulation vijay.kilari
2015-07-10 15:10 ` Ian Campbell
2015-07-11 18:25 ` Julien Grall
2015-07-13 9:28 ` Ian Campbell
2015-07-13 9:53 ` Ian Campbell
2015-07-13 16:53 ` Stefano Stabellini
2015-07-15 17:32 ` Julien Grall
2015-07-16 14:15 ` Vijay Kilari
2015-07-16 14:41 ` Julien Grall
2015-07-16 14:46 ` Vijay Kilari
2015-07-16 14:58 ` Julien Grall
2015-07-10 7:42 ` [PATCH v4 12/17] xen/arm: ITS: Initialize LPI irq descriptors and route vijay.kilari
2015-07-10 15:30 ` Ian Campbell
2015-07-20 13:07 ` Vijay Kilari
2015-07-20 13:25 ` Julien Grall
2015-07-22 13:31 ` Vijay Kilari
2015-07-22 13:39 ` Julien Grall
2015-07-22 14:17 ` Julien Grall
2015-07-13 17:03 ` Stefano Stabellini
2015-07-13 17:13 ` Stefano Stabellini
2015-07-13 17:36 ` Julien Grall
2015-07-15 18:13 ` Julien Grall
2015-07-16 8:06 ` Julien Grall
2015-07-16 8:37 ` Julien Grall
2015-07-10 7:42 ` [PATCH v4 13/17] xen/arm: ITS: Initialize physical ITS vijay.kilari
2015-07-13 17:06 ` Stefano Stabellini
2015-07-10 7:42 ` [PATCH v4 14/17] xen/arm: ITS: Add domain specific ITS initialization vijay.kilari
2015-07-10 15:41 ` Ian Campbell
2015-07-15 17:41 ` Julien Grall
2015-07-10 7:42 ` [PATCH v4 15/17] xen/arm: ITS: Map ITS translation space vijay.kilari
2015-07-10 15:43 ` Ian Campbell
2015-07-15 9:01 ` Julien Grall
2015-07-10 7:42 ` [PATCH v4 16/17] xen/arm: ITS: Generate ITS node for Dom0 vijay.kilari
2015-07-13 16:32 ` Stefano Stabellini
2015-07-13 17:31 ` Julien Grall
2015-07-13 17:36 ` Stefano Stabellini
2015-07-10 7:42 ` [PATCH v4 17/17] xen/arm: ITS: Add pci devices in ThunderX vijay.kilari
2015-07-10 15:45 ` Ian Campbell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CALicx6vRC_1TxmBEbzyZdY9EdOvJzdYQsK6WGiAKzPwmnc3AfQ@mail.gmail.com \
--to=vijay.kilari@gmail.com \
--cc=Ian.Campbell@citrix.com \
--cc=Prasun.Kapoor@caviumnetworks.com \
--cc=Vijaya.Kumar@caviumnetworks.com \
--cc=julien.grall@citrix.com \
--cc=manish.jaggi@caviumnetworks.com \
--cc=stefano.stabellini@citrix.com \
--cc=stefano.stabellini@eu.citrix.com \
--cc=tim@xen.org \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.