IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues

ISSUE DESCRIPTION

Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, “RMRR”) for Intel VT-d or Unity Mapping ranges for AMD-Vi. These are typically used for platform tasks such as legacy USB emulation.
Since the precise purpose of these regions is unknown, once a device associated with such a region is active, the mappings of these regions need to remain continuouly accessible by the device. This requirement has been violated.
Subsequent DMA or interrupts from the device may have unpredictable behaviour, ranging from IOMMU faults to memory corruption.

IMPACT

The precise impact is system specific, but would likely be a Denial of Service (DoS) affecting the entire host. Privilege escalation and information leaks cannot be ruled out.

VULNERABLE SYSTEMS

All Xen versions supporting PCI passthrough are affected.
Only x86 systems with IOMMU hardware are vulnerable. Arm systems as well as x86 systems without IOMMU hardware or without any IOMMUs in use are not vulnerable.
Only x86 guests which have physical devices passed through to them, and only when any such device has an associated RMRR or unity map, can leverage the vulnerability. (Whether a device is associated with an RMRR or unity map is not easy to discern.)