[PATCH] conf: Check IOMMU for unsupported attributes

Michal Privoznik <mprivozn@xxxxxxxxxx> · Mon, 8 Aug 2022 15:03:43 +0200

Currently, it's possible to pass various attributes to an IOMMU's
<driver/> element hoping that we enable them in underlying
hypervisor. However, depending on the IOMMU model, some of these
attributes can't be enabled and are simply ignored. This is
suboptimal and we should reject such configuration in the
validate phase.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2101633
Signed-off-by: Michal Privoznik <mprivozn@xxxxxxxxxx>
---
 src/conf/domain_validate.c | 26 +++++++++++++++++++++++++-
 1 file changed, 25 insertions(+), 1 deletion(-)

diff --git a/src/conf/domain_validate.c b/src/conf/domain_validate.c
index d4d72037d5..88205c64e0 100644
--- a/src/conf/domain_validate.c
+++ b/src/conf/domain_validate.c
@@ -2632,8 +2632,20 @@ static int
 virDomainIOMMUDefValidate(const virDomainIOMMUDef *iommu)
 {
     switch (iommu->model) {
-    case VIR_DOMAIN_IOMMU_MODEL_INTEL:
     case VIR_DOMAIN_IOMMU_MODEL_SMMUV3:
+        if (iommu->intremap != VIR_TRISTATE_SWITCH_ABSENT ||
+            iommu->caching_mode != VIR_TRISTATE_SWITCH_ABSENT ||
+            iommu->eim != VIR_TRISTATE_SWITCH_ABSENT ||
+            iommu->iotlb != VIR_TRISTATE_SWITCH_ABSENT ||
+            iommu->aw_bits != 0) {
+            virReportError(VIR_ERR_XML_ERROR,
+                           _("iommu model '%s' doesn't support additional attributes"),
+                           virDomainIOMMUModelTypeToString(iommu->model));
+            return -1;
+        }
+        G_GNUC_FALLTHROUGH;
+
+    case VIR_DOMAIN_IOMMU_MODEL_INTEL:
         if (iommu->info.type != VIR_DOMAIN_DEVICE_ADDRESS_TYPE_NONE) {
             virReportError(VIR_ERR_XML_ERROR,
                            _("iommu model '%s' can't have address"),
@@ -2643,6 +2655,18 @@ virDomainIOMMUDefValidate(const virDomainIOMMUDef *iommu)
         break;
 
     case VIR_DOMAIN_IOMMU_MODEL_VIRTIO:
+        if (iommu->intremap != VIR_TRISTATE_SWITCH_ABSENT ||
+            iommu->caching_mode != VIR_TRISTATE_SWITCH_ABSENT ||
+            iommu->eim != VIR_TRISTATE_SWITCH_ABSENT ||
+            iommu->iotlb != VIR_TRISTATE_SWITCH_ABSENT ||
+            iommu->aw_bits != 0) {
+            virReportError(VIR_ERR_XML_ERROR,
+                           _("iommu model '%s' doesn't support additional attributes"),
+                           virDomainIOMMUModelTypeToString(iommu->model));
+            return -1;
+        }
+        break;
+
     case VIR_DOMAIN_IOMMU_MODEL_LAST:
         break;
     }
-- 
2.35.1







