On Tue, May 20, 2025 at 12:34 PM Chathura Rajapaksha <[email protected]> wrote: > On Fri, May 16, 2025 at 4:41 PM Paul Moore <[email protected]> wrote: > > > In the commit description you talk about a general PCIe device issue > > in the first paragraph before going into the specifics of the VFIO > > driver. That's all well and good, but it makes me wonder if this > > audit code above is better done as a generic PCI function that other > > PCI drivers could use if they had similar concerns? Please correct > > me if I'm wrong, but other than symbol naming I don't see anyting > > above which is specific to VFIO. Thoughts? > > While the issue is independent of VFIO, the security and availability > concerns arise when guests are able to write to unassigned PCI config > regions on devices passed through using VFIO. That's why we thought it > would be better to audit these accesses in the VFIO driver. Given this > context, do you think it would be more appropriate to audit these > accesses through a generic PCI function instead?
I would suggest a generic PCI function, e.g. pci_audit_access(...), that lives in the general PCI code and would be suitable for callers other than VFIO, that you can call from within vfio_config_do_rw() when Bad Things happen. Does that make sense? -- paul-moore.com
