From mboxrd@z Thu Jan 1 00:00:00 1970 From: lists-xen@pimb.org Subject: [PATCH 1/4] ioports: disable ioports in dom0 at boot-time Date: Sun, 6 Nov 2005 02:43:25 +0100 Message-ID: <20051106014325.GA12698@pimb.org> References: <20051106014026.GN5268@pimb.org> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="EVF5PPMfhYS0aIcm" Return-path: Content-Disposition: inline In-Reply-To: <20051106014026.GN5268@pimb.org> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xensource.com Errors-To: xen-devel-bounces@lists.xensource.com To: xen-devel@lists.xensource.com List-Id: xen-devel@lists.xenproject.org --EVF5PPMfhYS0aIcm Content-Type: text/plain; charset=us-ascii Content-Disposition: inline 1/3 -- Jody Belka knew (at) pimb (dot) org --EVF5PPMfhYS0aIcm Content-Type: text/plain; charset=us-ascii Content-Disposition: inline; filename="ioport-1.patch" # HG changeset patch # User jmb@artemis.home.pimb.org # Node ID 9e1a127dc366ec3359471feffb7e12a46bd16687 # Parent 0cae0c6436f5fa49ab42f72ea90373cc5884d93a Add boot-time support for disabling ioport ranges in dom0 This patch adds a new boot parameter, dom0_ioports_disable, which accepts a comma seperated list of hex ioports and/or ioport ranges (eg. dom0_ioports_disable=02f8-02ff,03f8-03ff), and applies them to dom0. Signed-off-by: Jody Belka diff -r 0cae0c6436f5 -r 9e1a127dc366 xen/arch/x86/domain_build.c --- a/xen/arch/x86/domain_build.c Sat Nov 5 10:30:01 2005 +++ b/xen/arch/x86/domain_build.c Sun Nov 6 01:13:42 2005 @@ -56,6 +56,9 @@ static unsigned int opt_dom0_translate = 0; boolean_param("dom0_translate", opt_dom0_translate); +static char opt_dom0_ioports_disable[200] = ""; +string_param("dom0_ioports_disable", opt_dom0_ioports_disable); + #if defined(__i386__) /* No ring-3 access in initial leaf page tables. */ #define L1_PROT (_PAGE_PRESENT|_PAGE_RW|_PAGE_ACCESSED) @@ -89,6 +92,51 @@ if ( order-- == 0 ) break; return page; +} + +static void process_dom0_ioports_disable() +{ + unsigned long io_from, io_to, io_nr; + char *t, *u, *s = opt_dom0_ioports_disable; + + if (*s == '\0') return; + for (; (t = strsep(&s, ",")) != NULL;) + { + if ( *t == '\n' ) continue; + + io_from = simple_strtoul(t, &u, 16); + if ( u == t || *u != '-' ) + { + printk("Invalid ioport range <%s> " + "in dom0_ioports_disable, skipping\n", t); + continue; + } + + if ( u == s - 1 ) + io_to = io_from; + else + io_to = simple_strtoul(u + 1, &u, 16); + + if ( *u != '\0' || io_to < io_from ) + { + printk("Invalid ioport range <%s> " + "in dom0_ioports_disable, skipping\n", t); + continue; + } + + if ( (io_from + io_to) >= 65536 ) + { + printk("Invalid ioport range <%s> " + "in dom0_ioports_disable, skipping\n", t); + continue; + } + + printk("Disabling access to ioport range %04lx-%04lx from dom0\n", + io_from, io_to); + + io_nr = io_to - io_from + 1; + physdev_modify_ioport_access_range(dom0, 0, io_from, io_nr); + } } int construct_dom0(struct domain *d, @@ -716,6 +764,8 @@ physdev_modify_ioport_access_range(dom0, 0, 0x40, 4); /* PIT Channel 2 / PC Speaker Control. */ physdev_modify_ioport_access_range(dom0, 0, 0x61, 1); + /* Command-line passed i/o ranges */ + process_dom0_ioports_disable(); return 0; } --EVF5PPMfhYS0aIcm Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel --EVF5PPMfhYS0aIcm--