diff options
| author | Jan Beulich <jbeulich@suse.com> | 2015-06-02 15:07:01 +0000 |
|---|---|---|
| committer | Stefano Stabellini <stefano.stabellini@eu.citrix.com> | 2015-06-02 15:07:01 +0000 |
| commit | c25bbf1545a53ac051f9e51d4140e397660c10ae (patch) | |
| tree | 432c6332cb6fc1f64ebbf1210218cdfc060bc63f /hw/xen/xen_pt_config_init.c | |
| parent | a88a3f887181605f4487a22bdfb7d87ffafde5d9 (diff) | |
| download | focaccia-qemu-c25bbf1545a53ac051f9e51d4140e397660c10ae.tar.gz focaccia-qemu-c25bbf1545a53ac051f9e51d4140e397660c10ae.zip | |
xen/pt: unknown PCI config space fields should be read-only
... by default. Add a per-device "permissive" mode similar to pciback's to allow restoring previous behavior (and hence break security again, i.e. should be used only for trusted guests). This is part of XSA-131. Signed-off-by: Jan Beulich <jbeulich@suse.com> Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Reviewed-by: Anthony PERARD <anthony.perard@citrix.com>)
Diffstat (limited to 'hw/xen/xen_pt_config_init.c')
| -rw-r--r-- | hw/xen/xen_pt_config_init.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/hw/xen/xen_pt_config_init.c b/hw/xen/xen_pt_config_init.c index 19f926b2cc..f3cf069b60 100644 --- a/hw/xen/xen_pt_config_init.c +++ b/hw/xen/xen_pt_config_init.c @@ -101,6 +101,10 @@ static uint32_t get_throughable_mask(const XenPCIPassthroughState *s, { uint32_t throughable_mask = ~(reg->emu_mask | reg->ro_mask); + if (!s->permissive) { + throughable_mask &= ~reg->res_mask; + } + return throughable_mask & valid_mask; } |