xen/26519-AMD-IOMMU-perdev-intremap-default.patch

References: CVE-2013-0153 XSA-36 bnc#800275

# HG changeset patch
# User Boris Ostrovsky <boris.ostrovsky@amd.com>
# Date 1360074131 -3600
# Node ID 1af531e7bc2fc518f16d8d1461083c528e1517cf
# Parent  e379a23b04655e9e43dc50944a5c9d1e59d8bee9
AMD,IOMMU: Make per-device interrupt remapping table default

Using global interrupt remapping table may be insecure, as
described by XSA-36. This patch makes per-device mode default.

This is XSA-36 / CVE-2013-0153.

Signed-off-by: Boris Ostrovsky <boris.ostrovsky@amd.com>

Moved warning in amd_iov_detect() to location covering all cases.

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Committed-by: Jan Beulich <jbeulich@suse.com>

--- a/xen/arch/x86/irq.c
+++ b/xen/arch/x86/irq.c
@@ -1942,9 +1942,6 @@ int map_domain_pirq(
         spin_lock_irqsave(&desc->lock, flags);
         set_domain_irq_pirq(d, irq, info);
         spin_unlock_irqrestore(&desc->lock, flags);
-
-        if ( opt_irq_vector_map == OPT_IRQ_VECTOR_MAP_PERDEV )
-            printk(XENLOG_INFO "Per-device vector maps for GSIs not implemented yet.\n");
     }
 
 done:
--- a/xen/drivers/passthrough/amd/pci_amd_iommu.c
+++ b/xen/drivers/passthrough/amd/pci_amd_iommu.c
@@ -204,6 +204,8 @@ int __init amd_iov_detect(void)
     {
         printk("AMD-Vi: Not overriding irq_vector_map setting\n");
     }
+    if ( !amd_iommu_perdev_intremap )
+        printk(XENLOG_WARNING "AMD-Vi: Using global interrupt remap table is not recommended (see XSA-36)!\n");
     return scan_pci_devices();
 }
 
--- a/xen/drivers/passthrough/iommu.c
+++ b/xen/drivers/passthrough/iommu.c
@@ -52,7 +52,7 @@ bool_t __read_mostly iommu_qinval = 1;
 bool_t __read_mostly iommu_intremap = 1;
 bool_t __read_mostly iommu_hap_pt_share = 1;
 bool_t __read_mostly iommu_debug;
-bool_t __read_mostly amd_iommu_perdev_intremap;
+bool_t __read_mostly amd_iommu_perdev_intremap = 1;
 
 DEFINE_PER_CPU(bool_t, iommu_dont_flush_iotlb);
- Add upstream patch to fix vfb/vkb initialization in libxl 26369-libxl-devid.patch - fate##313584: pass bios information to XEN HVM guest 26554-hvm-firmware-passthrough.patch 26555-hvm-firmware-passthrough.patch 26556-hvm-firmware-passthrough.patch - Upstream patches from Jan 26516-ACPI-parse-table-retval.patch (Replaces CVE-2013-0153-xsa36.patch) 26517-AMD-IOMMU-clear-irtes.patch (Replaces CVE-2013-0153-xsa36.patch) 26518-AMD-IOMMU-disable-if-SATA-combined-mode.patch (Replaces CVE-2013-0153-xsa36.patch) 26519-AMD-IOMMU-perdev-intremap-default.patch (Replaces CVE-2013-0153-xsa36.patch) 26526-pvdrv-no-devinit.patch 26529-gcc48-build-fix.patch 26531-AMD-IOMMU-IVHD-special-missing.patch (Replaces CVE-2013-0153-xsa36.patch) 26532-AMD-IOMMU-phantom-MSI.patch 26536-xenoprof-div-by-0.patch 26576-x86-APICV-migration.patch 26577-x86-APICV-x2APIC.patch 26578-AMD-IOMMU-replace-BUG_ON.patch - bnc#797014 - no way to control live migrations 26547-tools-xc_fix_logic_error_in_stdiostream_progress.patch 26548-tools-xc_handle_tty_output_differently_in_stdiostream_progress.patch 26549-tools-xc_turn_XCFLAGS_*_into_shifts.patch 26550-tools-xc_restore_logging_in_xc_save.patch 26551-tools-xc_log_pid_in_xc_save-xc_restore_output.patch - PVonHVM: __devinit was removed in linux-3.8 OBS-URL: https://build.opensuse.org/package/show/Virtualization/xen?expand=0&rev=229 2013-02-22 22:42:01 +01:00			`References: CVE-2013-0153 XSA-36 bnc#800275`

			`# HG changeset patch`
			`# User Boris Ostrovsky <boris.ostrovsky@amd.com>`
			`# Date 1360074131 -3600`
			`# Node ID 1af531e7bc2fc518f16d8d1461083c528e1517cf`
			`# Parent e379a23b04655e9e43dc50944a5c9d1e59d8bee9`
			`AMD,IOMMU: Make per-device interrupt remapping table default`

			`Using global interrupt remapping table may be insecure, as`
			`described by XSA-36. This patch makes per-device mode default.`

			`This is XSA-36 / CVE-2013-0153.`

			`Signed-off-by: Boris Ostrovsky <boris.ostrovsky@amd.com>`

			`Moved warning in amd_iov_detect() to location covering all cases.`

			`Signed-off-by: Jan Beulich <jbeulich@suse.com>`
			`Committed-by: Jan Beulich <jbeulich@suse.com>`

			`--- a/xen/arch/x86/irq.c`
			`+++ b/xen/arch/x86/irq.c`
			`@@ -1942,9 +1942,6 @@ int map_domain_pirq(`
			`spin_lock_irqsave(&desc->lock, flags);`
			`set_domain_irq_pirq(d, irq, info);`
			`spin_unlock_irqrestore(&desc->lock, flags);`
			`-`
			`- if ( opt_irq_vector_map == OPT_IRQ_VECTOR_MAP_PERDEV )`
			`- printk(XENLOG_INFO "Per-device vector maps for GSIs not implemented yet.\n");`
			`}`

			`done:`
			`--- a/xen/drivers/passthrough/amd/pci_amd_iommu.c`
			`+++ b/xen/drivers/passthrough/amd/pci_amd_iommu.c`
			`@@ -204,6 +204,8 @@ int __init amd_iov_detect(void)`
			`{`
			`printk("AMD-Vi: Not overriding irq_vector_map setting\n");`
			`}`
			`+ if ( !amd_iommu_perdev_intremap )`
			`+ printk(XENLOG_WARNING "AMD-Vi: Using global interrupt remap table is not recommended (see XSA-36)!\n");`
			`return scan_pci_devices();`
			`}`

			`--- a/xen/drivers/passthrough/iommu.c`
			`+++ b/xen/drivers/passthrough/iommu.c`
			`@@ -52,7 +52,7 @@ bool_t __read_mostly iommu_qinval = 1;`
			`bool_t __read_mostly iommu_intremap = 1;`
			`bool_t __read_mostly iommu_hap_pt_share = 1;`
			`bool_t __read_mostly iommu_debug;`
			`-bool_t __read_mostly amd_iommu_perdev_intremap;`
			`+bool_t __read_mostly amd_iommu_perdev_intremap = 1;`

			`DEFINE_PER_CPU(bool_t, iommu_dont_flush_iotlb);`