[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [v8][PATCH 11/17] xen/x86/p2m: reject populating for reserved device memory mapping
> From: Chen, Tiejun > Sent: Monday, December 01, 2014 5:24 PM > > We need to reject to populate reserved device memory mapping, and > then make sure all reserved device memory can't be accessed by any > !iommu approach. > > Signed-off-by: Tiejun Chen <tiejun.chen@xxxxxxxxx> > --- > xen/arch/x86/mm/p2m.c | 59 > +++++++++++++++++++++++++++++++++++++++++++++-- > xen/include/asm-x86/p2m.h | 9 ++++++++ > 2 files changed, 66 insertions(+), 2 deletions(-) > > diff --git a/xen/arch/x86/mm/p2m.c b/xen/arch/x86/mm/p2m.c > index efa49dd..607ecd0 100644 > --- a/xen/arch/x86/mm/p2m.c > +++ b/xen/arch/x86/mm/p2m.c > @@ -556,6 +556,40 @@ guest_physmap_remove_page(struct domain *d, > unsigned long gfn, > gfn_unlock(p2m, gfn, page_order); > } > > +/* Check if we are accessing rdm. */ > +int p2m_check_reserved_device_memory(xen_pfn_t start, xen_ulong_t nr, > + u32 id, void *ctxt) > +{ > + xen_pfn_t end = start + nr; > + unsigned int i; > + u32 sbdf; > + struct p2m_get_reserved_device_memory *pgrdm = ctxt; > + struct domain *d = pgrdm->domain; > + > + if ( d->arch.hvm_domain.pci_force ) > + { > + if ( pgrdm->gfn >= start && pgrdm->gfn < end ) > + return 1; > + } > + else > + { > + for ( i = 0; i < d->arch.hvm_domain.num_pcidevs; i++ ) > + { > + sbdf = PCI_SBDF2(d->arch.hvm_domain.pcidevs[i].seg, > + d->arch.hvm_domain.pcidevs[i].bus, > + d->arch.hvm_domain.pcidevs[i].devfn); > + > + if ( sbdf == id ) > + { > + if ( pgrdm->gfn >= start && pgrdm->gfn < end ) > + return 1; > + } > + } > + } > + > + return 0; > +} > + > int > guest_physmap_add_entry(struct domain *d, unsigned long gfn, > unsigned long mfn, unsigned int page_order, > @@ -568,6 +602,7 @@ guest_physmap_add_entry(struct domain *d, unsigned > long gfn, > mfn_t omfn; > int pod_count = 0; > int rc = 0; > + struct p2m_get_reserved_device_memory pgrdm; > > if ( !paging_mode_translate(d) ) > { > @@ -686,8 +721,28 @@ guest_physmap_add_entry(struct domain *d, > unsigned long gfn, > /* Now, actually do the two-way mapping */ > if ( mfn_valid(_mfn(mfn)) ) > { > - rc = p2m_set_entry(p2m, gfn, _mfn(mfn), page_order, t, > - p2m->default_access); > + pgrdm.gfn = gfn; > + pgrdm.domain = d; > + if ( !is_hardware_domain(d) && iommu_use_hap_pt(d) ) why is this check only for shared case? > + { > + rc = > iommu_get_reserved_device_memory(p2m_check_reserved_device_memory, > + &pgrdm); > + /* We always avoid populating reserved device memory. */ > + if ( rc == 1 ) > + { > + rc = -EBUSY; > + goto out; > + } > + else if ( rc < 0 ) > + { > + printk(XENLOG_G_WARNING > + "Can't check reserved device memory for > Dom%d.\n", > + d->domain_id); > + goto out; > + } > + } > + > + rc = p2m_set_entry(p2m, gfn, _mfn(mfn), page_order, t, > p2m->default_access); > if ( rc ) > goto out; /* Failed to update p2m, bail without updating m2p. > */ > > diff --git a/xen/include/asm-x86/p2m.h b/xen/include/asm-x86/p2m.h > index 5f7fe71..99f7fb7 100644 > --- a/xen/include/asm-x86/p2m.h > +++ b/xen/include/asm-x86/p2m.h > @@ -709,6 +709,15 @@ static inline unsigned int > p2m_get_iommu_flags(p2m_type_t p2mt) > return flags; > } > > +struct p2m_get_reserved_device_memory { > + unsigned long gfn; > + struct domain *domain; > +}; > + > +/* Check if we are accessing rdm. */ > +extern int p2m_check_reserved_device_memory(xen_pfn_t start, > xen_ulong_t nr, > + u32 id, void *ctxt); > + > #endif /* _XEN_P2M_H */ > > /* > -- > 1.9.1 _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |