On Sun, Mar 03, 2019 at 02:10:24AM +0100, Marek Marczykowski wrote:
> On Thu, Feb 28, 2019 at 01:25:50PM +0100, Marek Marczykowski wrote:
> > On Thu, Feb 28, 2019 at 03:58:37AM -0700, Jan Beulich wrote:
> > > Another thing: You're also bypassing the MSI{,-X}-already-enabled
> > > checks that __pci_enable_msi{,x}() do, yet allowing to enable both
> > > on a device would be a security issue.
> >
> > Ok.
>
> Hmm, could you explain more? Is that only the case when interrupt
> remapping is missing?
I think what Jan mentions is that the hypercall to enable MSI(-X)
should make sure PCI INTx is disabled, and prevent enabling both MSI
and MSI-X on the same device.
The device model that manages the passthrough device should already
make sure of that, but Xen should also protect itself against
bad-behaved device models when possible.
Thanks, Roger.
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
