[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [xen staging-4.13] x86/P2M: relax guarding of MMIO entries
commit 3bac7235971f8d3469cba8eac7b32f00f540abad Author: Jan Beulich <jbeulich@xxxxxxxx> AuthorDate: Wed Sep 8 14:56:16 2021 +0200 Commit: Jan Beulich <jbeulich@xxxxxxxx> CommitDate: Wed Sep 8 14:56:16 2021 +0200 x86/P2M: relax guarding of MMIO entries One of the changes comprising the fixes for XSA-378 disallows replacing MMIO mappings by code paths not intended for this purpose. At least in the case of PVH Dom0 hitting an RMRR covered by an E820 ACPI region, this is too strict. Generally short-circuit requests establishing the same kind of mapping (mfn, type), but allow permissions to differ. While there, also add a log message to the other domain_crash() invocation that did prevent PVH Dom0 from coming up after the XSA-378 changes. Fixes: 753cb68e6530 ("x86/p2m: guard (in particular) identity mapping entries") Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Acked-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> master commit: 111469cc7b3f586c2335e70205320ed3c828b89e master date: 2021-09-07 09:39:38 +0200 --- xen/arch/x86/mm/p2m.c | 29 ++++++++++++++++++++++++----- 1 file changed, 24 insertions(+), 5 deletions(-) diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c index 2e4d6e52a2..a68b4fe526 100644 --- a/xen/arch/x86/mm/p2m.c +++ b/xen/arch/x86/mm/p2m.c @@ -938,9 +938,13 @@ guest_physmap_add_entry(struct domain *d, gfn_t gfn, mfn_t mfn, if ( p2m_is_special(ot) ) { /* Don't permit unmapping grant/foreign/direct-MMIO this way. */ - domain_crash(d); p2m_unlock(p2m); - + printk(XENLOG_G_ERR + "%pd: GFN %#lx (%#lx,%u,%u) -> (%#lx,%u,%u) not permitted\n", + d, gfn_x(gfn) + i, + mfn_x(omfn), ot, a, + mfn_x(mfn) + i, t, p2m->default_access); + domain_crash(d); return -EPERM; } else if ( p2m_is_ram(ot) && !p2m_is_paged(ot) ) @@ -1284,9 +1288,24 @@ static int set_typed_p2m_entry(struct domain *d, unsigned long gfn_l, } if ( p2m_is_special(ot) ) { - gfn_unlock(p2m, gfn, order); - domain_crash(d); - return -EPERM; + /* Special-case (almost) identical mappings. */ + if ( !mfn_eq(mfn, omfn) || gfn_p2mt != ot ) + { + gfn_unlock(p2m, gfn, order); + printk(XENLOG_G_ERR + "%pd: GFN %#lx (%#lx,%u,%u,%u) -> (%#lx,%u,%u,%u) not permitted\n", + d, gfn_l, + mfn_x(omfn), cur_order, ot, a, + mfn_x(mfn), order, gfn_p2mt, access); + domain_crash(d); + return -EPERM; + } + + if ( access == a ) + { + gfn_unlock(p2m, gfn, order); + return 0; + } } else if ( p2m_is_ram(ot) ) { -- generated by git-patchbot for /home/xen/git/xen.git#staging-4.13
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |