From: Jan Beulich <jbeulich@suse.com>
To: "xen-devel@lists.xenproject.org" <xen-devel@lists.xenproject.org>
Cc: Kevin Tian <kevin.tian@intel.com>
Subject: [Xen-devel] [PATCH v2] VT-d: don't pass bridge devices to domain_context_mapping_one()
Date: Mon, 20 Jan 2020 16:42:22 +0100 [thread overview]
Message-ID: <620f37b6-43f2-030e-b259-84a4e9ceb7fc@suse.com> (raw)
When passed a non-NULL pdev, the function does an owner check when it
finds an already existing context mapping. Bridges, however, don't get
passed through to guests, and hence their owner is always going to be
Dom0, leading to the assigment of all but one of the function of multi-
function PCI devices behind bridges to fail.
Reported-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
Signed-off-by: Jan Beulich <jbeulich@suse.com>
---
v2: Add comments.
---
Note: This was reported as an apparent regression from XSA-302 / -306.
So far I haven't been able to figure out how the code would have
worked before, i.e. to me it looks like a pre-existing problem.
This leaves the risk of the change here papering over another
issue.
--- a/xen/drivers/passthrough/vtd/iommu.c
+++ b/xen/drivers/passthrough/vtd/iommu.c
@@ -1493,18 +1493,28 @@ static int domain_context_mapping(struct
if ( find_upstream_bridge(seg, &bus, &devfn, &secbus) < 1 )
break;
+ /*
+ * Mapping a bridge should, if anything, pass the struct pci_dev of
+ * that bridge. Since bridges don't normally get assigned to guests,
+ * their owner would be the wrong one. Pass NULL instead.
+ */
ret = domain_context_mapping_one(domain, drhd->iommu, bus, devfn,
- pci_get_pdev(seg, bus, devfn));
+ NULL);
/*
* Devices behind PCIe-to-PCI/PCIx bridge may generate different
* requester-id. It may originate from devfn=0 on the secondary bus
* behind the bridge. Map that id as well if we didn't already.
+ *
+ * Somewhat similar as for bridges, we don't want to pass a struct
+ * pci_dev here - there may not even exist one for this (secbus,0,0)
+ * tuple. If there is one, without properly working device groups it
+ * may again not have the correct owner.
*/
if ( !ret && pdev_type(seg, bus, devfn) == DEV_TYPE_PCIe2PCI_BRIDGE &&
(secbus != pdev->bus || pdev->devfn != 0) )
ret = domain_context_mapping_one(domain, drhd->iommu, secbus, 0,
- pci_get_pdev(seg, secbus, 0));
+ NULL);
break;
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
next reply other threads:[~2020-01-20 15:42 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-01-20 15:42 Jan Beulich [this message]
2020-01-20 16:07 ` [Xen-devel] [PATCH v2] VT-d: don't pass bridge devices to domain_context_mapping_one() Roger Pau Monné
2020-01-20 16:15 ` Jan Beulich
2020-01-20 16:37 ` Roger Pau Monné
2020-01-20 16:41 ` Jan Beulich
2020-01-20 17:06 ` Roger Pau Monné
2020-01-21 6:28 ` Tian, Kevin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=620f37b6-43f2-030e-b259-84a4e9ceb7fc@suse.com \
--to=jbeulich@suse.com \
--cc=kevin.tian@intel.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.