x86/pass-through: documents as security-unsupported when sharing resources

When multiple devices share resources and one of them is to be passed
through to a guest, security of the entire system and of respective
guests individually cannot really be guaranteed without knowing
internals of any of the involved guests.  Therefore such a configuration
cannot really be security-supported, yet making that explicit was so far
missing.

This is XSA-461 / CVE-2024-31146.

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Juergen Gross <jgross@suse.com>
master commit: 9c94eda1e3790820699a6de3f6a7c959ecf30600
master date: 2024-08-13 16:37:25 +0200

diff --git a/SUPPORT.md b/SUPPORT.md
index 30ca5b15ed2b6ba9b6f98ceae3a15ecf00d6e3ca..b4715a65b509dc3a022f665f4697e9dfccb13af1 100644 (file)
--- a/SUPPORT.md
+++ b/SUPPORT.md
@@ -804,6 +804,11 @@ This feature is not security supported: see https://xenbits.xen.org/xsa/advisory
 
 Only systems using IOMMUs are supported.
 
+Passing through of devices sharing resources with another device is not
+security supported.  Such sharing could e.g. be the same line interrupt being
+used by multiple devices, one of which is to be passed through, or two such
+devices having memory BARs within the same 4k page.
+
 Not compatible with migration, populate-on-demand, altp2m,
 introspection, memory sharing, or memory paging.