[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v3 3/5] ARM: ITS: Deny hardware domain access to ITS

On 07/09/17 17:57, Andre Przywara wrote:


On 05/09/17 18:14, mjaggi@xxxxxxxxxxxxxxxxxx wrote:
From: Manish Jaggi <mjaggi@xxxxxxxxxx>

This patch extends the gicv3_iomem_deny_access functionality by adding
support for ITS region as well. Add function gicv3_its_deny_access.

Signed-off-by: Manish Jaggi <mjaggi@xxxxxxxxxx>
  xen/arch/arm/gic-v3-its.c        | 22 ++++++++++++++++++++++
  xen/arch/arm/gic-v3.c            |  3 +++
  xen/include/asm-arm/gic_v3_its.h |  9 +++++++++
  3 files changed, 34 insertions(+)

diff --git a/xen/arch/arm/gic-v3-its.c b/xen/arch/arm/gic-v3-its.c
index 536b48d..0ab1466 100644
--- a/xen/arch/arm/gic-v3-its.c
+++ b/xen/arch/arm/gic-v3-its.c
@@ -20,6 +20,7 @@
#include <xen/lib.h>
  #include <xen/delay.h>
+#include <xen/iocap.h>
  #include <xen/libfdt/libfdt.h>
  #include <xen/mm.h>
  #include <xen/rbtree.h>
@@ -906,6 +907,27 @@ struct pending_irq *gicv3_assign_guest_event(struct domain 
      return pirq;
+int gicv3_its_deny_access(const struct domain *d)
+    int rc = 0;
+    unsigned long mfn, nr;
+    const struct host_its *its_data;
+    list_for_each_entry( its_data, &host_its_list, entry )
+    {
+        mfn = paddr_to_pfn(its_data->addr);
+        nr = PFN_UP(ACPI_GICV3_ITS_MEM_SIZE);

Shouldn't this not only cover the ITS register frame, but also the
following 64K page containing the doorbell address? Otherwise we leave
the doorbell address open, which seems to be asking for trouble ...

I think you are right. We don't want to allow the hardware domain to map the doorbell itself. This should only be done by Xen.


Julien Grall

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.