From mboxrd@z Thu Jan  1 00:00:00 1970
From: Ben Guthro <ben@guthro.net>
Subject: Re: Ping: [PATCH] VT-d: protect against bogus
	information coming from BIOS
Date: Mon, 5 Aug 2013 09:10:21 -0400
Message-ID: <CAOvdn6W9n6VhvzMx3nU94CcBetezQKwAZohe8c8ZEW-CAH+GgQ@mail.gmail.com>
References: <51DD52EF02000078000E3CDE@nat28.tlf.novell.com>
	<51FFBF8B02000078000E94AC@nat28.tlf.novell.com>
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="===============9085685292917113283=="
Return-path: <xen-devel-bounces@lists.xen.org>
In-Reply-To: <51FFBF8B02000078000E94AC@nat28.tlf.novell.com>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: Jan Beulich <JBeulich@suse.com>
Cc: xiantao.zhang@intel.com, xen-devel <xen-devel@lists.xen.org>
List-Id: xen-devel@lists.xenproject.org

--===============9085685292917113283==
Content-Type: multipart/alternative; boundary=001a11c1e980daaf0204e333079d

--001a11c1e980daaf0204e333079d
Content-Type: text/plain; charset=ISO-8859-1

On Mon, Aug 5, 2013 at 9:06 AM, Jan Beulich <JBeulich@suse.com> wrote:

> Ping?
>
> >>> On 10.07.13 at 12:26, "Jan Beulich" <JBeulich@suse.com> wrote:
> > Add checks similar to those done by Linux: The DRHD address must not
> > be all zeros or all ones (Linux only checks for zero), and capabilities
> > as well as extended capabilities must not be all ones.
> >
> > Signed-off-by: Jan Beulich <jbeulich@suse.com>
> >
>

Looks OK to me, FWIW

You can add
Reviewed-by: Ben Guthro <benjamin.guthro@citrix.com>



> > --- a/xen/drivers/passthrough/vtd/dmar.c
> > +++ b/xen/drivers/passthrough/vtd/dmar.c
> > @@ -447,6 +447,9 @@ acpi_parse_one_drhd(struct acpi_dmar_hea
> >      if ( (ret = acpi_dmar_check_length(header, sizeof(*drhd))) != 0 )
> >          return ret;
> >
> > +    if ( !drhd->address || !(drhd->address + 1) )
> > +        return -ENODEV;
> > +
> >      dmaru = xzalloc(struct acpi_drhd_unit);
> >      if ( !dmaru )
> >          return -ENOMEM;
> > --- a/xen/drivers/passthrough/vtd/iommu.c
> > +++ b/xen/drivers/passthrough/vtd/iommu.c
> > @@ -1159,6 +1159,9 @@ int __init iommu_alloc(struct acpi_drhd_
> >          dprintk(VTDPREFIX,
> >                  "cap = %"PRIx64" ecap = %"PRIx64"\n", iommu->cap,
> iommu->ecap);
> >      }
> > +    if ( !(iommu->cap + 1) || !(iommu->ecap + 1) )
> > +        return -ENODEV;
> > +
> >      if ( cap_fault_reg_offset(iommu->cap) +
> >           cap_num_fault_regs(iommu->cap) * PRIMARY_FAULT_REG_LEN >=
> PAGE_SIZE
> > ||
> >           ecap_iotlb_offset(iommu->ecap) >= PAGE_SIZE )
>
>
>
>

--001a11c1e980daaf0204e333079d
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

<br><div class=3D"gmail_quote">On Mon, Aug 5, 2013 at 9:06 AM, Jan Beulich =
<span dir=3D"ltr">&lt;<a href=3D"mailto:JBeulich@suse.com" target=3D"_blank=
">JBeulich@suse.com</a>&gt;</span> wrote:<br><blockquote class=3D"gmail_quo=
te" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"=
>
Ping?<br>
<br>
&gt;&gt;&gt; On 10.07.13 at 12:26, &quot;Jan Beulich&quot; &lt;<a href=3D"m=
ailto:JBeulich@suse.com">JBeulich@suse.com</a>&gt; wrote:<br>
&gt; Add checks similar to those done by Linux: The DRHD address must not<b=
r>
&gt; be all zeros or all ones (Linux only checks for zero), and capabilitie=
s<br>
&gt; as well as extended capabilities must not be all ones.<br>
&gt;<br>
&gt; Signed-off-by: Jan Beulich &lt;<a href=3D"mailto:jbeulich@suse.com">jb=
eulich@suse.com</a>&gt;<br>
&gt;<br></blockquote><div><br></div><div>Looks OK to me, FWIW</div><div><br=
></div><div>You can add</div><div>Reviewed-by: Ben Guthro &lt;<a href=3D"ma=
ilto:benjamin.guthro@citrix.com">benjamin.guthro@citrix.com</a>&gt;</div>
<div><br></div><div>=A0</div><blockquote class=3D"gmail_quote" style=3D"mar=
gin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
&gt; --- a/xen/drivers/passthrough/vtd/dmar.c<br>
&gt; +++ b/xen/drivers/passthrough/vtd/dmar.c<br>
&gt; @@ -447,6 +447,9 @@ acpi_parse_one_drhd(struct acpi_dmar_hea<br>
&gt; =A0 =A0 =A0if ( (ret =3D acpi_dmar_check_length(header, sizeof(*drhd))=
) !=3D 0 )<br>
&gt; =A0 =A0 =A0 =A0 =A0return ret;<br>
&gt;<br>
&gt; + =A0 =A0if ( !drhd-&gt;address || !(drhd-&gt;address + 1) )<br>
&gt; + =A0 =A0 =A0 =A0return -ENODEV;<br>
&gt; +<br>
&gt; =A0 =A0 =A0dmaru =3D xzalloc(struct acpi_drhd_unit);<br>
&gt; =A0 =A0 =A0if ( !dmaru )<br>
&gt; =A0 =A0 =A0 =A0 =A0return -ENOMEM;<br>
&gt; --- a/xen/drivers/passthrough/vtd/iommu.c<br>
&gt; +++ b/xen/drivers/passthrough/vtd/iommu.c<br>
&gt; @@ -1159,6 +1159,9 @@ int __init iommu_alloc(struct acpi_drhd_<br>
&gt; =A0 =A0 =A0 =A0 =A0dprintk(VTDPREFIX,<br>
&gt; =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0&quot;cap =3D %&quot;PRIx64&quot; e=
cap =3D %&quot;PRIx64&quot;\n&quot;, iommu-&gt;cap, iommu-&gt;ecap);<br>
&gt; =A0 =A0 =A0}<br>
&gt; + =A0 =A0if ( !(iommu-&gt;cap + 1) || !(iommu-&gt;ecap + 1) )<br>
&gt; + =A0 =A0 =A0 =A0return -ENODEV;<br>
&gt; +<br>
&gt; =A0 =A0 =A0if ( cap_fault_reg_offset(iommu-&gt;cap) +<br>
&gt; =A0 =A0 =A0 =A0 =A0 cap_num_fault_regs(iommu-&gt;cap) * PRIMARY_FAULT_=
REG_LEN &gt;=3D PAGE_SIZE<br>
&gt; ||<br>
&gt; =A0 =A0 =A0 =A0 =A0 ecap_iotlb_offset(iommu-&gt;ecap) &gt;=3D PAGE_SIZ=
E )<br>
<br>
<br>
<br>
</blockquote></div><br>

--001a11c1e980daaf0204e333079d--


--===============9085685292917113283==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel

--===============9085685292917113283==--