From: Tian, Kevin
> Sent: 05 May 2016 10:37
...
> > Acutually, we are not aimed at accessing MSI-X table from
> > guest. So I think it's safe to passthrough MSI-X table if we
> > can make sure guest kernel would not touch MSI-X table in
> > normal code path such as para-virtualized guest kernel on PPC64.
> >
>
> Then how do you prevent malicious guest kernel accessing it?
Or a malicious guest driver for an ethernet card setting up
the receive buffer ring to contain a single word entry that
contains the address associated with an MSI-X interrupt and
then using a loopback mode to cause a specific packet be
received that writes the required word through that address.
Remember the PCIe cycle for an interrupt is a normal memory write
cycle.
David
��.n��������+%�������w��{.n�����{���"�)���jg���������ݢj�����G��������j:+v���w�m������w�������h�����٥
