[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [v8][PATCH 11/17] xen/x86/p2m: reject populating for reserved device memory mapping



We need to reject to populate reserved device memory mapping, and
then make sure all reserved device memory can't be accessed by any
!iommu approach.

Signed-off-by: Tiejun Chen <tiejun.chen@xxxxxxxxx>
---
 xen/arch/x86/mm/p2m.c     | 59 +++++++++++++++++++++++++++++++++++++++++++++--
 xen/include/asm-x86/p2m.h |  9 ++++++++
 2 files changed, 66 insertions(+), 2 deletions(-)

diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c
index efa49dd..607ecd0 100644
--- a/xen/arch/x86/mm/p2m.c
+++ b/xen/arch/x86/mm/p2m.c
@@ -556,6 +556,40 @@ guest_physmap_remove_page(struct domain *d, unsigned long 
gfn,
     gfn_unlock(p2m, gfn, page_order);
 }
 
+/* Check if we are accessing rdm. */
+int p2m_check_reserved_device_memory(xen_pfn_t start, xen_ulong_t nr,
+                                     u32 id, void *ctxt)
+{
+    xen_pfn_t end = start + nr;
+    unsigned int i;
+    u32 sbdf;
+    struct p2m_get_reserved_device_memory *pgrdm = ctxt;
+    struct domain *d = pgrdm->domain;
+
+    if ( d->arch.hvm_domain.pci_force )
+    {
+        if ( pgrdm->gfn >= start && pgrdm->gfn < end )
+            return 1;
+    }
+    else
+    {
+        for ( i = 0; i < d->arch.hvm_domain.num_pcidevs; i++ )
+        {
+            sbdf = PCI_SBDF2(d->arch.hvm_domain.pcidevs[i].seg,
+                             d->arch.hvm_domain.pcidevs[i].bus,
+                             d->arch.hvm_domain.pcidevs[i].devfn);
+
+            if ( sbdf == id )
+            {
+                if ( pgrdm->gfn >= start && pgrdm->gfn < end )
+                    return 1;
+            }
+        }
+    }
+
+    return 0;
+}
+
 int
 guest_physmap_add_entry(struct domain *d, unsigned long gfn,
                         unsigned long mfn, unsigned int page_order, 
@@ -568,6 +602,7 @@ guest_physmap_add_entry(struct domain *d, unsigned long gfn,
     mfn_t omfn;
     int pod_count = 0;
     int rc = 0;
+    struct p2m_get_reserved_device_memory pgrdm;
 
     if ( !paging_mode_translate(d) )
     {
@@ -686,8 +721,28 @@ guest_physmap_add_entry(struct domain *d, unsigned long 
gfn,
     /* Now, actually do the two-way mapping */
     if ( mfn_valid(_mfn(mfn)) ) 
     {
-        rc = p2m_set_entry(p2m, gfn, _mfn(mfn), page_order, t,
-                           p2m->default_access);
+        pgrdm.gfn = gfn;
+        pgrdm.domain = d;
+        if ( !is_hardware_domain(d) && iommu_use_hap_pt(d) )
+        {
+            rc = 
iommu_get_reserved_device_memory(p2m_check_reserved_device_memory,
+                                                  &pgrdm);
+            /* We always avoid populating reserved device memory. */
+            if ( rc == 1 )
+            {
+                rc = -EBUSY;
+                goto out;
+            }
+            else if ( rc < 0 )
+            {
+                printk(XENLOG_G_WARNING
+                       "Can't check reserved device memory for Dom%d.\n",
+                       d->domain_id);
+                goto out;
+            }
+        }
+
+        rc = p2m_set_entry(p2m, gfn, _mfn(mfn), page_order, t, 
p2m->default_access);
         if ( rc )
             goto out; /* Failed to update p2m, bail without updating m2p. */
 
diff --git a/xen/include/asm-x86/p2m.h b/xen/include/asm-x86/p2m.h
index 5f7fe71..99f7fb7 100644
--- a/xen/include/asm-x86/p2m.h
+++ b/xen/include/asm-x86/p2m.h
@@ -709,6 +709,15 @@ static inline unsigned int p2m_get_iommu_flags(p2m_type_t 
p2mt)
     return flags;
 }
 
+struct p2m_get_reserved_device_memory {
+    unsigned long gfn;
+    struct domain *domain;
+};
+
+/* Check if we are accessing rdm. */
+extern int p2m_check_reserved_device_memory(xen_pfn_t start, xen_ulong_t nr,
+                                            u32 id, void *ctxt);
+
 #endif /* _XEN_P2M_H */
 
 /*
-- 
1.9.1


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.