Message ID | bae74b9b-eeb6-76d9-b4d4-55c9a4fb2835@suse.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | x86: follow-on to XSA-408 | expand |
On Tue, Dec 6, 2022 at 8:57 AM Jan Beulich <jbeulich@suse.com> wrote: > > First of all using is_idle_domain() on the subject domain in the body of > for_each_domain() is pointless. Replace that conditional by one checking > that a domain actually has IOMMU support enabled for it, and that we're > actually on a VT-d system (both are largely cosmetic / documentary with > how things work elsewhere, but still). > > Reported-by: Andrew Cooper <andrew.cooper3@citrix.com> > Signed-off-by: Jan Beulich <jbeulich@suse.com> Reviewed-by: Jason Andryuk <jandryuk@gmail.com>
On 06/12/2022 13:56, Jan Beulich wrote: > First of all using is_idle_domain() on the subject domain in the body of > for_each_domain() is pointless. Replace that conditional by one checking > that a domain actually has IOMMU support enabled for it, and that we're > actually on a VT-d system (both are largely cosmetic / documentary with > how things work elsewhere, but still). > > Reported-by: Andrew Cooper <andrew.cooper3@citrix.com> > Signed-off-by: Jan Beulich <jbeulich@suse.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
--- a/xen/arch/x86/tboot.c +++ b/xen/arch/x86/tboot.c @@ -31,6 +31,8 @@ static vmac_t frametable_mac; /* MAC for static uint64_t __initdata txt_heap_base, __initdata txt_heap_size; static uint64_t __initdata sinit_base, __initdata sinit_size; +static bool __ro_after_init is_vtd; + /* * TXT configuration registers (offsets from TXT_{PUB, PRIV}_CONFIG_REGS_BASE) */ @@ -201,7 +203,7 @@ static void tboot_gen_domain_integrity(c } spin_unlock(&d->page_alloc_lock); - if ( !is_idle_domain(d) ) + if ( is_iommu_enabled(d) && is_vtd ) { const struct domain_iommu *dio = dom_iommu(d); @@ -444,6 +446,8 @@ int __init cf_check tboot_parse_dmar_tab if ( txt_heap_base == 0 ) return 1; + is_vtd = true; + /* walk heap to SinitMleData */ pa = txt_heap_base; /* skip BiosData */
First of all using is_idle_domain() on the subject domain in the body of for_each_domain() is pointless. Replace that conditional by one checking that a domain actually has IOMMU support enabled for it, and that we're actually on a VT-d system (both are largely cosmetic / documentary with how things work elsewhere, but still). Reported-by: Andrew Cooper <andrew.cooper3@citrix.com> Signed-off-by: Jan Beulich <jbeulich@suse.com>