qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 1/3] intel-iommu: don't warn guest errors when getting rid2pa

From: Peter Xu
Subject: Re: [PATCH 1/3] intel-iommu: don't warn guest errors when getting rid2pasid entry
Date: Thu, 13 Jan 2022 14:32:48 +0800 
On Thu, Jan 13, 2022 at 02:16:35PM +0800, Jason Wang wrote:
> On Thu, Jan 13, 2022 at 11:35 AM Peter Xu <peterx@redhat.com> wrote:
> >
> > On Wed, Jan 05, 2022 at 12:19:43PM +0800, Jason Wang wrote:
> > > We use to warn on wrong rid2pasid entry. But this error could be
> > > triggered by the guest and could happens during initialization. So
> > > let's don't warn in this case.
> > >
> > > Signed-off-by: Jason Wang <jasowang@redhat.com>
> > > ---
> > >  hw/i386/intel_iommu.c | 6 ++++--
> > >  1 file changed, 4 insertions(+), 2 deletions(-)
> > >
> > > diff --git a/hw/i386/intel_iommu.c b/hw/i386/intel_iommu.c
> > > index 4c6c016388..f2c7a23712 100644
> > > --- a/hw/i386/intel_iommu.c
> > > +++ b/hw/i386/intel_iommu.c
> > > @@ -1524,8 +1524,10 @@ static bool vtd_dev_pt_enabled(IntelIOMMUState *s, 
> > > VTDContextEntry *ce)
> > >      if (s->root_scalable) {
> > >          ret = vtd_ce_get_rid2pasid_entry(s, ce, &pe);
> > >          if (ret) {
> > > -            error_report_once("%s: vtd_ce_get_rid2pasid_entry error: 
> > > %"PRId32,
> > > -                              __func__, ret);
> > > +            /*
> > > +             * This error is guest triggerable. We should assumt PT
> > > +             * not enabled for safety.
> > > +             */
> > >              return false;
> > >          }
> > >          return (VTD_PE_GET_TYPE(&pe) == VTD_SM_PASID_ENTRY_PT);
> > > --
> > > 2.25.1
> > >
> >
> > No strong opinion, but the thing is mostly all error_report_once() in this 
> > file
> > is guest triggerable.  If we remove this one then it's debatable on whether 
> > we
> > want to remove all.
> >
> > IMHO we used the _once() variant just for this: it won't go into any form of
> > DoS, meanwhile we'll still get some information (as hypervisor) that the 
> > guest
> > OS may not be trustworthy.
> >
> > So from that pov it's still useful?  Or is this error very special in some 
> > way?
> 
> I want to be consistent with vtd_as_pt_enabled() where we don't even
> have error_report_once().

According to the comments (which, I think, left over by myself..) in
vtd_as_pt_enabled() - maybe indeed it could be triggered during guest boot.
Then I assume this can indeed a special case.

Acked-by: Peter Xu <peterx@redhat.com>

Thanks.

-- 
Peter Xu
reply via email to
[Prev in Thread] Current Thread [Next in Thread]