Re: [PATCH v1 for-4.6 1/2] xen: fixes for PVH Dom0 MMIO regions

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Andrew Cooper <andrew.cooper3@citrix.com>
To: Roger Pau Monne <roger.pau@citrix.com>, xen-devel@lists.xenproject.org
Subject: Re: [PATCH v1 for-4.6 1/2] xen: fixes for PVH Dom0 MMIO regions
Date: Thu, 18 Dec 2014 18:39:24 +0000	[thread overview]
Message-ID: <54931F5C.4000403@citrix.com> (raw)
In-Reply-To: <1418927225-60266-1-git-send-email-roger.pau@citrix.com>

On 18/12/14 18:27, Roger Pau Monne wrote:
> Hello,
>
> This series contains a bug-fix for PVH Dom0, that prevents Xen from adding 
> MMIO regions that should not be accesible to Dom0. The second patch also 
> prevents Dom0 from accessing the HPET, which AFAICT is used by Xen.
>
> I'm not sure if there's a reason why the HPET MMIO region wasn't added to 
> iomem_deny_access, but I don't think Dom0 should access it.

The HPET region is awkward.  It is only 1024 bytes wide.

Dom0 may legitimately need access to other MMIO which lives in the
remainder of page.

Having said that, the HPET ACPI table does have a flag indicating that
the HPET page has nothing else in the remainder of the page.  We
probably should deny dom0 access in the case that the BIOS has told us
it is safe to do so.

~Andrew

     prev parent reply	other threads:[~2014-12-18 18:41 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-12-18 18:27 [PATCH v1 for-4.6 1/2] xen: fixes for PVH Dom0 MMIO regions Roger Pau Monne
2014-12-18 18:27 ` [PATCH v1 for-4.6 1/2] xen/pvh: check permissions when adding " Roger Pau Monne
2014-12-18 19:05   ` Andrew Cooper
2014-12-19  9:06     ` Jan Beulich
2014-12-18 18:27 ` [PATCH v1 for-4.6 2/2] xen: prevent access to HPET from Dom0 Roger Pau Monne
2014-12-18 18:51   ` Andrew Cooper
2014-12-19  8:04     ` Roger Pau Monné
2014-12-19 11:25       ` Andrew Cooper
2014-12-19  9:02     ` Jan Beulich
2014-12-19  9:11     ` Jan Beulich
2014-12-19 11:32       ` Andrew Cooper
2014-12-19 13:08         ` Jan Beulich
2014-12-19  9:01   ` Jan Beulich
2014-12-18 18:39 ` Andrew Cooper [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=54931F5C.4000403@citrix.com \
    --to=andrew.cooper3@citrix.com \
    --cc=roger.pau@citrix.com \
    --cc=xen-devel@lists.xenproject.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.