Xen hypervisor: What does the acronym RMRR mean in "(XEN) [VT-D] It's risky to assign" ... "with shared RMRR at"? What are the risks?

pefu

7/2/23, 9:07 AM

I'm running Qubes-OS 4.1.0 While looking through the /var/log/xen/console/hypervisor.log I stumbled over the following messages:

...
(XEN) [VT-D] It's risky to assign 0000:00:14.0 with shared RMRR at c9f42000 for Dom40.
(XEN) [VT-D] It's risky to assign 0000:00:1d.0 with shared RMRR at c9f42000 for Dom40.

In my case those PCI devices in question are USB controllers. They are handled by a VM called sys-usb in order to protect the bare metal carrier system from the risks of any malicious USB device being plugged in.

My questions are: What is the meaning of the acronym RMRR in this context? And what are the risks involved with this so called "shared RMRR"?

0 + 0

security

xen

usb

fedora-32

Håkan Lindqvist

7/2/23, 12:02 PM

"Reserved Memory Region Reporting". https://groups.google.com/g/qubes-users/c/gS1XTal8XYs/m/6ACnyN7WCAAJ is probably relevant, even though old and the settings are a bit different. (I think it basically comes down to Xen warning as soon as you start assigning devices that are grouped in a single RMRR, because you could assign them in some impossible way that will break things)

pefu

7/2/23, 12:08 PM

Hi Håkan, Thank you for this hint and link. I will now try to learn about this "Reserved Memory Region Reporting". However I fear I have to live with the risks involved anyway because I use an USB keyboard since this machine is lacking the good old PS2 keyboard socket from the past. :-)

Håkan Lindqvist

7/2/23, 12:10 PM

No problem, I feel that I don't know the details enough myself to write a proper answer. But to my knowledge, if you are assigning all those devices to the same domain, that is a non-issue.

pefu

7/2/23, 3:01 PM

In my case I've three USB host controllers. One of these three controllers is assigned to my administrative domain dom0 because the keyboard is connected to this controller. The other two USB host controllers are assigned to the before mentioned less privileged special domain `sys-usb`. This domain is considered less trust worthy in Qubes-OS because a malicious USB device might sometime somehow intrude und conquer this particular domain. more info: https://www.cvedetails.com/cve/CVE-2021-28702/ and ...

pefu

7/2/23, 3:04 PM

... continued: http://www.intel.com/content/dam/www/public/us/en/documents/product-specifications/vt-directed-io-spec.pdf This nearly 300 page document contains a section 8.4 explaining the term Reserved Memory Region Reporting and the data structure used.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Xen hypervisor: What does the acronym RMRR mean in "(XEN) [VT-D] It's risky to assign" ... "with shared RMRR at"? What are the risks?

TH: Xen hypervisor: ตัวย่อ RMRR หมายถึงอะไรใน "(XEN) [VT-D] การกำหนด" ... "โดยใช้ RMRR ร่วมกันที่" มีความเสี่ยง ความเสี่ยงคืออะไร?

RO: Hypervisor Xen: Ce înseamnă acronimul RMRR în „(XEN) [VT-D] Este riscant să atribui” ... „cu RMRR partajat la”? Care sunt riscurile?

RU: Гипервизор Xen: что означает аббревиатура RMRR в «(XEN) [VT-D] рискованно назначать» ... «с общим RMRR at»? Каковы риски?

VI: Xen hypervisor: Từ viết tắt RMRR có nghĩa là gì trong "(XEN) [VT-D] Thật rủi ro khi chỉ định" ... "với RMRR được chia sẻ tại"? những rủi ro là gì?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.