Skip to content
Commit ae21ee65 authored by Allen Kay's avatar Allen Kay Committed by Jesse Barnes
Browse files

PCI: acs p2p upsteram forwarding enabling



Note: dom0 checking in v4 has been separated out into 2/2.

This patch enables P2P upstream forwarding in ACS capable PCIe switches.
It solves two potential problems in virtualization environment where a PCIe
device is assigned to a guest domain using a HW iommu such as VT-d:

1) Unintentional failure caused by guest physical address programmed
   into the device's DMA that happens to match the memory address range
   of other downstream ports in the same PCIe switch.  This causes the PCI
   transaction to go to the matching downstream port instead of go to the
   root complex to get translated by VT-d as it should be.

2) Malicious guest software intentionally attacks another downstream
   PCIe device by programming the DMA address into the assigned device
   that matches memory address range of the downstream PCIe port.

We are in process of implementing device filtering software in KVM/XEN
management software to allow device assignment of PCIe devices behind a PCIe
switch only if it has ACS capability and with the P2P upstream forwarding bits
enabled.  This patch is intended to work for both KVM and Xen environments.

Signed-off-by: default avatarAllen Kay <allen.m.kay@intel.com>
Reviewed-by: default avatarMathew Wilcox <willy@linux.intel.com>
Reviewed-by: default avatarChris Wright <chris@sous-sol.org>
Signed-off-by: default avatarJesse Barnes <jbarnes@virtuousgeek.org>
parent 1ccbf534
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment