From: Roger Pau Monne <roger.pau@citrix.com>
To: xen-devel@lists.xenproject.org, boris.ostrovsky@oracle.com,
konrad.wilk@oracle.com
Cc: Andrew Cooper <andrew.cooper3@citrix.com>,
Jan Beulich <jbeulich@suse.com>,
Roger Pau Monne <roger.pau@citrix.com>
Subject: [PATCH v3.1 06/15] xen/x86: split the setup of Dom0 permissions to a function
Date: Sat, 29 Oct 2016 10:59:52 +0200 [thread overview]
Message-ID: <1477731601-10926-7-git-send-email-roger.pau@citrix.com> (raw)
In-Reply-To: <1477731601-10926-1-git-send-email-roger.pau@citrix.com>
So that it can also be used by the PVH-specific domain builder. This is just
code motion, it should not introduce any functional change.
Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>
---
Cc: Jan Beulich <jbeulich@suse.com>
Cc: Andrew Cooper <andrew.cooper3@citrix.com>
---
Changes since v2:
- Fix comment style.
- Convert i to unsigned int.
- Restore previous BUG_ON in case of failure (instead of panic).
- Remove unneeded rc initializer.
---
xen/arch/x86/domain_build.c | 160 +++++++++++++++++++++++---------------------
1 file changed, 83 insertions(+), 77 deletions(-)
diff --git a/xen/arch/x86/domain_build.c b/xen/arch/x86/domain_build.c
index 17f8e91..1e557b9 100644
--- a/xen/arch/x86/domain_build.c
+++ b/xen/arch/x86/domain_build.c
@@ -869,6 +869,88 @@ static __init void setup_pv_physmap(struct domain *d, unsigned long pgtbl_pfn,
unmap_domain_page(l4start);
}
+static int __init setup_permissions(struct domain *d)
+{
+ unsigned long mfn;
+ unsigned int i;
+ int rc;
+
+ /* The hardware domain is initially permitted full I/O capabilities. */
+ rc = ioports_permit_access(d, 0, 0xFFFF);
+ rc |= iomem_permit_access(d, 0UL, (1UL << (paddr_bits - PAGE_SHIFT)) - 1);
+ rc |= irqs_permit_access(d, 1, nr_irqs_gsi - 1);
+
+ /* Modify I/O port access permissions. */
+
+ /* Master Interrupt Controller (PIC). */
+ rc |= ioports_deny_access(d, 0x20, 0x21);
+ /* Slave Interrupt Controller (PIC). */
+ rc |= ioports_deny_access(d, 0xA0, 0xA1);
+ /* Interval Timer (PIT). */
+ rc |= ioports_deny_access(d, 0x40, 0x43);
+ /* PIT Channel 2 / PC Speaker Control. */
+ rc |= ioports_deny_access(d, 0x61, 0x61);
+ /* ACPI PM Timer. */
+ if ( pmtmr_ioport )
+ rc |= ioports_deny_access(d, pmtmr_ioport, pmtmr_ioport + 3);
+ /* PCI configuration space (NB. 0xcf8 has special treatment). */
+ rc |= ioports_deny_access(d, 0xcfc, 0xcff);
+ /* Command-line I/O ranges. */
+ process_dom0_ioports_disable(d);
+
+ /* Modify I/O memory access permissions. */
+
+ /* Local APIC. */
+ if ( mp_lapic_addr != 0 )
+ {
+ mfn = paddr_to_pfn(mp_lapic_addr);
+ rc |= iomem_deny_access(d, mfn, mfn);
+ }
+ /* I/O APICs. */
+ for ( i = 0; i < nr_ioapics; i++ )
+ {
+ mfn = paddr_to_pfn(mp_ioapics[i].mpc_apicaddr);
+ if ( !rangeset_contains_singleton(mmio_ro_ranges, mfn) )
+ rc |= iomem_deny_access(d, mfn, mfn);
+ }
+ /* MSI range. */
+ rc |= iomem_deny_access(d, paddr_to_pfn(MSI_ADDR_BASE_LO),
+ paddr_to_pfn(MSI_ADDR_BASE_LO +
+ MSI_ADDR_DEST_ID_MASK));
+ /* HyperTransport range. */
+ if ( boot_cpu_data.x86_vendor == X86_VENDOR_AMD )
+ rc |= iomem_deny_access(d, paddr_to_pfn(0xfdULL << 32),
+ paddr_to_pfn((1ULL << 40) - 1));
+
+ /* Remove access to E820_UNUSABLE I/O regions above 1MB. */
+ for ( i = 0; i < e820.nr_map; i++ )
+ {
+ unsigned long sfn, efn;
+ sfn = max_t(unsigned long, paddr_to_pfn(e820.map[i].addr), 0x100ul);
+ efn = paddr_to_pfn(e820.map[i].addr + e820.map[i].size - 1);
+ if ( (e820.map[i].type == E820_UNUSABLE) &&
+ (e820.map[i].size != 0) &&
+ (sfn <= efn) )
+ rc |= iomem_deny_access(d, sfn, efn);
+ }
+
+ /* Prevent access to HPET */
+ if ( hpet_address )
+ {
+ u8 prot_flags = hpet_flags & ACPI_HPET_PAGE_PROTECT_MASK;
+
+ mfn = paddr_to_pfn(hpet_address);
+ if ( prot_flags == ACPI_HPET_PAGE_PROTECT4 )
+ rc |= iomem_deny_access(d, mfn, mfn);
+ else if ( prot_flags == ACPI_HPET_PAGE_PROTECT64 )
+ rc |= iomem_deny_access(d, mfn, mfn + 15);
+ else if ( ro_hpet )
+ rc |= rangeset_add_singleton(mmio_ro_ranges, mfn);
+ }
+
+ return rc;
+}
+
int __init construct_dom0(
struct domain *d,
const module_t *image, unsigned long image_headroom,
@@ -1539,83 +1621,7 @@ int __init construct_dom0(
if ( test_bit(XENFEAT_supervisor_mode_kernel, parms.f_required) )
panic("Dom0 requires supervisor-mode execution");
- rc = 0;
-
- /* The hardware domain is initially permitted full I/O capabilities. */
- rc |= ioports_permit_access(d, 0, 0xFFFF);
- rc |= iomem_permit_access(d, 0UL, (1UL << (paddr_bits - PAGE_SHIFT)) - 1);
- rc |= irqs_permit_access(d, 1, nr_irqs_gsi - 1);
-
- /*
- * Modify I/O port access permissions.
- */
- /* Master Interrupt Controller (PIC). */
- rc |= ioports_deny_access(d, 0x20, 0x21);
- /* Slave Interrupt Controller (PIC). */
- rc |= ioports_deny_access(d, 0xA0, 0xA1);
- /* Interval Timer (PIT). */
- rc |= ioports_deny_access(d, 0x40, 0x43);
- /* PIT Channel 2 / PC Speaker Control. */
- rc |= ioports_deny_access(d, 0x61, 0x61);
- /* ACPI PM Timer. */
- if ( pmtmr_ioport )
- rc |= ioports_deny_access(d, pmtmr_ioport, pmtmr_ioport + 3);
- /* PCI configuration space (NB. 0xcf8 has special treatment). */
- rc |= ioports_deny_access(d, 0xcfc, 0xcff);
- /* Command-line I/O ranges. */
- process_dom0_ioports_disable(d);
-
- /*
- * Modify I/O memory access permissions.
- */
- /* Local APIC. */
- if ( mp_lapic_addr != 0 )
- {
- mfn = paddr_to_pfn(mp_lapic_addr);
- rc |= iomem_deny_access(d, mfn, mfn);
- }
- /* I/O APICs. */
- for ( i = 0; i < nr_ioapics; i++ )
- {
- mfn = paddr_to_pfn(mp_ioapics[i].mpc_apicaddr);
- if ( !rangeset_contains_singleton(mmio_ro_ranges, mfn) )
- rc |= iomem_deny_access(d, mfn, mfn);
- }
- /* MSI range. */
- rc |= iomem_deny_access(d, paddr_to_pfn(MSI_ADDR_BASE_LO),
- paddr_to_pfn(MSI_ADDR_BASE_LO +
- MSI_ADDR_DEST_ID_MASK));
- /* HyperTransport range. */
- if ( boot_cpu_data.x86_vendor == X86_VENDOR_AMD )
- rc |= iomem_deny_access(d, paddr_to_pfn(0xfdULL << 32),
- paddr_to_pfn((1ULL << 40) - 1));
-
- /* Remove access to E820_UNUSABLE I/O regions above 1MB. */
- for ( i = 0; i < e820.nr_map; i++ )
- {
- unsigned long sfn, efn;
- sfn = max_t(unsigned long, paddr_to_pfn(e820.map[i].addr), 0x100ul);
- efn = paddr_to_pfn(e820.map[i].addr + e820.map[i].size - 1);
- if ( (e820.map[i].type == E820_UNUSABLE) &&
- (e820.map[i].size != 0) &&
- (sfn <= efn) )
- rc |= iomem_deny_access(d, sfn, efn);
- }
-
- /* Prevent access to HPET */
- if ( hpet_address )
- {
- u8 prot_flags = hpet_flags & ACPI_HPET_PAGE_PROTECT_MASK;
-
- mfn = paddr_to_pfn(hpet_address);
- if ( prot_flags == ACPI_HPET_PAGE_PROTECT4 )
- rc |= iomem_deny_access(d, mfn, mfn);
- else if ( prot_flags == ACPI_HPET_PAGE_PROTECT64 )
- rc |= iomem_deny_access(d, mfn, mfn + 15);
- else if ( ro_hpet )
- rc |= rangeset_add_singleton(mmio_ro_ranges, mfn);
- }
-
+ rc = setup_permissions(d);
BUG_ON(rc != 0);
if ( elf_check_broken(&elf) )
--
2.7.4 (Apple Git-66)
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
next prev parent reply other threads:[~2016-10-29 9:00 UTC|newest]
Thread overview: 89+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-10-29 8:59 [PATCH v3.1 00/15] Initial PVHv2 Dom0 support Roger Pau Monne
2016-10-29 8:59 ` [PATCH v3.1 01/15] xen/x86: remove XENFEAT_hvm_pirqs for PVHv2 guests Roger Pau Monne
2016-10-31 16:32 ` Jan Beulich
2016-11-03 12:35 ` Roger Pau Monne
2016-11-03 12:52 ` Jan Beulich
2016-11-03 14:25 ` Konrad Rzeszutek Wilk
2016-11-03 15:05 ` Roger Pau Monne
2016-11-03 14:22 ` Konrad Rzeszutek Wilk
2016-11-03 15:01 ` Roger Pau Monne
2016-11-03 15:43 ` Roger Pau Monne
2016-10-29 8:59 ` [PATCH v3.1 02/15] xen/x86: fix return value of *_set_allocation functions Roger Pau Monne
2016-10-29 22:11 ` Tim Deegan
2016-10-29 8:59 ` [PATCH v3.1 03/15] xen/x86: allow calling {sh/hap}_set_allocation with the idle domain Roger Pau Monne
2016-10-31 16:34 ` Jan Beulich
2016-11-01 10:45 ` Tim Deegan
2016-11-02 17:14 ` Roger Pau Monne
2016-11-03 10:20 ` Roger Pau Monne
2016-11-03 10:33 ` Tim Deegan
2016-11-03 11:31 ` Jan Beulich
2016-10-29 8:59 ` [PATCH v3.1 04/15] xen/x86: assert that local_events_need_delivery is not called by " Roger Pau Monne
2016-10-31 16:37 ` Jan Beulich
2016-10-29 8:59 ` [PATCH v3.1 05/15] x86/paging: introduce paging_set_allocation Roger Pau Monne
2016-10-31 16:42 ` Jan Beulich
2016-11-01 10:29 ` Tim Deegan
2016-10-29 8:59 ` Roger Pau Monne [this message]
2016-10-31 16:44 ` [PATCH v3.1 06/15] xen/x86: split the setup of Dom0 permissions to a function Jan Beulich
2016-10-29 8:59 ` [PATCH v3.1 07/15] xen/x86: do the PCI scan unconditionally Roger Pau Monne
2016-10-31 16:47 ` Jan Beulich
2016-11-03 10:58 ` Roger Pau Monne
2016-11-03 11:35 ` Jan Beulich
2016-11-03 11:54 ` Boris Ostrovsky
2016-11-29 12:33 ` Roger Pau Monne
2016-11-29 12:47 ` Jan Beulich
2016-11-29 12:57 ` Roger Pau Monne
2016-11-30 5:53 ` Tian, Kevin
2016-11-30 9:02 ` Jan Beulich
2016-10-29 8:59 ` [PATCH v3.1 08/15] x86/vtd: fix mapping of RMRR regions Roger Pau Monne
2016-11-04 9:16 ` Jan Beulich
2016-11-04 9:45 ` Roger Pau Monne
2016-11-04 10:34 ` Jan Beulich
2016-11-04 12:25 ` Roger Pau Monne
2016-11-04 12:53 ` Jan Beulich
2016-11-04 13:03 ` Roger Pau Monne
2016-11-04 13:16 ` Jan Beulich
2016-11-04 15:33 ` Roger Pau Monne
2016-11-04 16:13 ` Jan Beulich
2016-11-04 16:19 ` Roger Pau Monne
2016-11-04 17:08 ` Jan Beulich
2016-11-04 17:25 ` Roger Pau Monne
2016-11-07 8:36 ` Jan Beulich
2016-10-29 8:59 ` [PATCH v3.1 09/15] xen/x86: allow the emulated APICs to be enabled for the hardware domain Roger Pau Monne
2016-11-04 9:19 ` Jan Beulich
2016-11-04 9:47 ` Roger Pau Monne
2016-11-04 10:21 ` Jan Beulich
2016-11-04 12:09 ` Roger Pau Monne
2016-11-04 12:50 ` Jan Beulich
2016-11-04 13:06 ` Roger Pau Monne
2016-10-29 8:59 ` [PATCH v3.1 10/15] xen/x86: split Dom0 build into PV and PVHv2 Roger Pau Monne
2016-11-11 16:53 ` Jan Beulich
2016-11-16 18:02 ` Roger Pau Monne
2016-11-17 10:49 ` Jan Beulich
2016-11-28 17:49 ` Roger Pau Monne
2016-11-29 9:34 ` Jan Beulich
2016-10-29 8:59 ` [PATCH v3.1 11/15] xen/mm: introduce a function to map large chunks of MMIO Roger Pau Monne
2016-11-11 16:58 ` Jan Beulich
2016-11-29 12:41 ` Roger Pau Monne
2016-11-29 13:00 ` Jan Beulich
2016-11-29 15:32 ` Roger Pau Monne
2016-11-11 20:17 ` Konrad Rzeszutek Wilk
2016-10-29 8:59 ` [PATCH v3.1 12/15] xen/x86: populate PVHv2 Dom0 physical memory map Roger Pau Monne
2016-11-11 17:16 ` Jan Beulich
2016-11-28 11:26 ` Roger Pau Monne
2016-11-28 11:41 ` Jan Beulich
2016-11-28 13:30 ` Roger Pau Monne
2016-11-28 13:49 ` Jan Beulich
2016-11-28 16:02 ` Roger Pau Monne
2016-10-29 8:59 ` [PATCH v3.1 13/15] xen/x86: parse Dom0 kernel for PVHv2 Roger Pau Monne
2016-11-11 20:30 ` Konrad Rzeszutek Wilk
2016-11-28 12:14 ` Roger Pau Monne
2016-10-29 9:00 ` [PATCH v3.1 14/15] xen/x86: hack to setup PVHv2 Dom0 CPUs Roger Pau Monne
2016-10-29 9:00 ` [PATCH v3.1 15/15] xen/x86: setup PVHv2 Dom0 ACPI tables Roger Pau Monne
2016-11-14 16:15 ` Jan Beulich
2016-11-30 12:40 ` Roger Pau Monne
2016-11-30 14:09 ` Jan Beulich
2016-11-30 14:23 ` Roger Pau Monne
2016-11-30 16:38 ` Jan Beulich
2016-10-31 14:35 ` [PATCH v3.1 00/15] Initial PVHv2 Dom0 support Boris Ostrovsky
2016-10-31 14:43 ` Andrew Cooper
2016-10-31 16:35 ` Roger Pau Monne
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1477731601-10926-7-git-send-email-roger.pau@citrix.com \
--to=roger.pau@citrix.com \
--cc=andrew.cooper3@citrix.com \
--cc=boris.ostrovsky@oracle.com \
--cc=jbeulich@suse.com \
--cc=konrad.wilk@oracle.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).