On Thu, May 13, 2021 at 10:08:28AM +0800, liulongfang wrote:
On 2021/5/12 20:10, Jason Gunthorpe wrote:
On Wed, May 12, 2021 at 04:39:43PM +0800, liulongfang wrote:
Therefore, this method of limiting the length of the BAR configuration space can prevent unsafe operations of the memory.
The issue is DMA controlled by the guest accessing the secure BAR area, not the guest CPU.
Jason .
This secure BAR area is not presented to the Guest, which makes it impossible for the Guest to obtain the secure BAR area when establishing the DMA mapping of the configuration space. If the DMA controller accesses the secure BAR area, the access will be blocked by the SMMU.
There are scenarios where this is not true.
At a minimum the mdev driver should refuse to work in those cases.
Jason