projects / xen.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c0e19d7) | patch
AMD/IOMMU: re-arrange/complete re-assignment handling
authorJan Beulich <jbeulich@suse.com>
Wed, 25 Aug 2021 12:16:26 +0000 (14:16 +0200)
committerJan Beulich <jbeulich@suse.com>
Wed, 25 Aug 2021 12:16:26 +0000 (14:16 +0200)
commit899272539cbe1acda736a850015416fff653a1b6
treeed7383218535d7fc7bfa2b2b54f91e428dd0f836tree | snapshot
parentc0e19d7c6c42f0bfccccd96b4f7b03b5515e10fccommit | diff
AMD/IOMMU: re-arrange/complete re-assignment handling

Prior to the assignment step having completed successfully, devices
should not get associated with their new owner. Hand the device to DomIO
(perhaps temporarily), until after the de-assignment step has completed.

De-assignment of a device (from other than Dom0) as well as failure of
reassign_device() during assignment should result in unity mappings
getting torn down. This in turn requires switching to a refcounted
mapping approach, as was already used by VT-d for its RMRRs, to prevent
unmapping a region used by multiple devices.

This is CVE-2021-28696 / part of XSA-378.

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Paul Durrant <paul@xen.org>
xen/drivers/passthrough/amd/iommu.h diff | blob | history
xen/drivers/passthrough/amd/iommu_map.c diff | blob | history
xen/drivers/passthrough/amd/pci_amd_iommu.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.