aboutsummaryrefslogtreecommitdiff
path: root/hw/xen/xen_pt_config_init.c
diff options
context:
space:
mode:
authorJan Beulich <jbeulich@suse.com>2015-06-02 15:07:00 +0000
committerStefano Stabellini <stefano.stabellini@eu.citrix.com>2015-06-02 15:07:00 +0000
commitb38ec5ee7a581776bbce0bdaecb397632c3c4791 (patch)
treeecac4ebce0950d80b1ab6664eeccbd3e5c036f26 /hw/xen/xen_pt_config_init.c
parent7611dae8a69f0f1775ba1a9a942961c2aa10d88e (diff)
xen/MSI-X: limit error messages
Limit error messages resulting from bad guest behavior to avoid allowing the guest to cause the control domain's disk to fill. The first message in pci_msix_write() can simply be deleted, as this is indeed bad guest behavior, but such out of bounds writes don't really need to be logged. The second one is more problematic, as there guest behavior may only appear to be wrong: For one, the old logic didn't take the mask-all bit into account. And then this shouldn't depend on host device state (i.e. the host may have masked the entry without the guest having done so). Plus these writes shouldn't be dropped even when an entry is unmasked. Instead, if they can't be made take effect right away, they should take effect on the next unmasking or enabling operation - the specification explicitly describes such caching behavior. Until we can validly drop the message (implementing such caching/latching behavior), issue the message just once per MSI-X table entry. Note that the log message in pci_msix_read() similar to the one being removed here is not an issue: "addr" being of unsigned type, and the maximum size of the MSI-X table being 32k, entry_nr simply can't be negative and hence the conditonal guarding issuing of the message will never be true. This is XSA-130. Signed-off-by: Jan Beulich <jbeulich@suse.com> Reviewed-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Diffstat (limited to 'hw/xen/xen_pt_config_init.c')
0 files changed, 0 insertions, 0 deletions