[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v5 18/22] arm/acpi: Permit MMIO access of Xen unused devices for Dom0

To: Shannon Zhao <zhaoshenglong@xxxxxxxxxx>
From: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>
Date: Fri, 4 Mar 2016 12:01:25 +0000
Cc: hangaohuai@xxxxxxxxxx, stefano.stabellini@xxxxxxxxxx, shannon.zhao@xxxxxxxxxx, xen-devel@xxxxxxxxxxxxx
Delivery-date: Fri, 04 Mar 2016 12:02:36 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

On Fri, 4 Mar 2016, Shannon Zhao wrote:
> From: Shannon Zhao <shannon.zhao@xxxxxxxxxx>
> 
> Firstly it permits full MMIO capabilities for Dom0. Then deny MMIO
> access of Xen used devices, such as UART, GIC, SMMU. Currently, it only
> denies the MMIO access of UART and GIC regions. For other Xen used
> devices it could be added later when they are supported.
> 
> Signed-off-by: Shannon Zhao <shannon.zhao@xxxxxxxxxx>
> ---
> v5: deny access to GIC regions

Thank you!

Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>


>  xen/arch/arm/domain_build.c | 36 ++++++++++++++++++++++++++++++++++++
>  1 file changed, 36 insertions(+)
> 
> diff --git a/xen/arch/arm/domain_build.c b/xen/arch/arm/domain_build.c
> index 1e5ee0e..a4abf28 100644
> --- a/xen/arch/arm/domain_build.c
> +++ b/xen/arch/arm/domain_build.c
> @@ -1359,6 +1359,38 @@ static int prepare_dtb(struct domain *d, struct 
> kernel_info *kinfo)
>  #ifdef CONFIG_ACPI
>  #define ACPI_DOM0_FDT_MIN_SIZE 4096
>  
> +static int acpi_iomem_deny_access(struct domain *d)
> +{
> +    acpi_status status;
> +    struct acpi_table_spcr *spcr = NULL;
> +    unsigned long gfn;
> +    int rc;
> +
> +    /* Firstly permit full MMIO capabilities. */
> +    rc = iomem_permit_access(d, 0UL, ~0UL);
> +    if ( rc )
> +        return rc;
> +
> +    /* TODO: Deny MMIO access for SMMU, GIC ITS */
> +    status = acpi_get_table(ACPI_SIG_SPCR, 0,
> +                            (struct acpi_table_header **)&spcr);
> +
> +    if ( ACPI_FAILURE(status) )
> +    {
> +        printk("Failed to get SPCR table\n");
> +        return -EINVAL;
> +    }
> +
> +    gfn = spcr->serial_port.address >> PAGE_SHIFT;
> +    /* Deny MMIO access for UART */
> +    rc = iomem_deny_access(d, gfn, gfn + 1);
> +    if ( rc )
> +        return rc;
> +
> +    /* Deny MMIO access for GIC regions */
> +    return gic_iomem_deny_access(d);
> +}
> +
>  static int acpi_permit_spi_access(struct domain *d)
>  {
>      int i, res;
> @@ -1880,6 +1912,10 @@ static int prepare_acpi(struct domain *d, struct 
> kernel_info *kinfo)
>      if ( rc != 0 )
>          return rc;
>  
> +    rc = acpi_iomem_deny_access(d);
> +    if ( rc != 0 )
> +        return rc;
> +
>      return 0;
>  }
>  #else
> -- 
> 2.0.4
> 
> 

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

References:
- [Xen-devel] [PATCH v5 00/22] Prepare UEFI and ACPI tables for Dom0 on ARM64
  - From: Shannon Zhao
- [Xen-devel] [PATCH v5 18/22] arm/acpi: Permit MMIO access of Xen unused devices for Dom0
  - From: Shannon Zhao

Prev by Date: Re: [Xen-devel] [PATCH v5 17/22] arm/gic: Add a new callback to deny Dom0 access to GIC regions
Next by Date: Re: [Xen-devel] [PATCH v5 19/22] hvm/params: Add a new delivery type for event-channel in HVM_PARAM_CALLBACK_IRQ
Previous by thread: [Xen-devel] [PATCH v5 18/22] arm/acpi: Permit MMIO access of Xen unused devices for Dom0
Next by thread: [Xen-devel] [PATCH v5 10/22] arm/acpi: Map all other tables for Dom0
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.