From mboxrd@z Thu Jan 1 00:00:00 1970 From: Andrew Cooper Subject: Re: [PATCH] don't allow Dom0 access to IOMMUs' MMIO pages Date: Thu, 2 Oct 2014 18:53:13 +0100 Message-ID: <542D9109.3020304@citrix.com> References: <542D70A0020000780003BFE3@mail.emea.novell.com> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="===============7494520369064184548==" Return-path: Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1XZkZ4-0001WN-Li for xen-devel@lists.xenproject.org; Thu, 02 Oct 2014 17:53:18 +0000 In-Reply-To: <542D70A0020000780003BFE3@mail.emea.novell.com> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org To: Jan Beulich , xen-devel Cc: Yang Z Zhang , Kevin Tian , Aravind Gopalakrishnan , suravee.suthikulpanit@amd.com List-Id: xen-devel@lists.xenproject.org --===============7494520369064184548== Content-Type: multipart/alternative; boundary="------------060400010705040308030201" --------------060400010705040308030201 Content-Type: text/plain; charset="ISO-8859-1" Content-Transfer-Encoding: 7bit On 02/10/14 14:34, Jan Beulich wrote: > Just like for LAPIC, IO-APIC, MSI, and HT we shouldn't be granting Dom0 > access to these. This implicitly results in these pages also getting > marked reserved in the machine memory map Dom0 uses to determine the > ranges where PCI devices can have their MMIO ranges placed. > > Signed-off-by: Jan Beulich Reviewed-by: Andrew Cooper > > --- a/xen/drivers/passthrough/amd/pci_amd_iommu.c > +++ b/xen/drivers/passthrough/amd/pci_amd_iommu.c > @@ -19,6 +19,7 @@ > */ > > #include > +#include > #include > #include > #include > @@ -283,6 +284,7 @@ static int amd_iommu_domain_init(struct > static void __hwdom_init amd_iommu_hwdom_init(struct domain *d) > { > unsigned long i; > + const struct amd_iommu *iommu; > > if ( !iommu_passthrough && !need_iommu(d) ) > { > @@ -304,6 +306,12 @@ static void __hwdom_init amd_iommu_hwdom > } > } > > + for_each_amd_iommu ( iommu ) > + if ( iomem_deny_access(d, PFN_DOWN(iommu->mmio_base_phys), > + PFN_DOWN(iommu->mmio_base_phys + > + IOMMU_MMIO_REGION_LENGTH - 1)) ) > + BUG(); > + > setup_hwdom_pci_devices(d, amd_iommu_setup_hwdom_device); > } > > --- a/xen/drivers/passthrough/vtd/iommu.c > +++ b/xen/drivers/passthrough/vtd/iommu.c > @@ -23,6 +23,7 @@ > #include > #include > #include > +#include > #include > #include > #include > @@ -1258,6 +1259,9 @@ static void __hwdom_init intel_iommu_hwd > > for_each_drhd_unit ( drhd ) > { > + if ( iomem_deny_access(d, PFN_DOWN(drhd->address), > + PFN_DOWN(drhd->address)) ) > + BUG(); > iommu_enable_translation(drhd); > } > } > > > > > > _______________________________________________ > Xen-devel mailing list > Xen-devel@lists.xen.org > http://lists.xen.org/xen-devel --------------060400010705040308030201 Content-Type: text/html; charset="ISO-8859-1" Content-Transfer-Encoding: 7bit
On 02/10/14 14:34, Jan Beulich wrote:
Just like for LAPIC, IO-APIC, MSI, and HT we shouldn't be granting Dom0
access to these. This implicitly results in these pages also getting
marked reserved in the machine memory map Dom0 uses to determine the
ranges where PCI devices can have their MMIO ranges placed.

Signed-off-by: Jan Beulich <jbeulich@suse.com>

Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>


--- a/xen/drivers/passthrough/amd/pci_amd_iommu.c
+++ b/xen/drivers/passthrough/amd/pci_amd_iommu.c
@@ -19,6 +19,7 @@
  */
 
 #include <xen/sched.h>
+#include <xen/iocap.h>
 #include <xen/pci.h>
 #include <xen/pci_regs.h>
 #include <xen/paging.h>
@@ -283,6 +284,7 @@ static int amd_iommu_domain_init(struct 
 static void __hwdom_init amd_iommu_hwdom_init(struct domain *d)
 {
     unsigned long i; 
+    const struct amd_iommu *iommu;
 
     if ( !iommu_passthrough && !need_iommu(d) )
     {
@@ -304,6 +306,12 @@ static void __hwdom_init amd_iommu_hwdom
         }
     }
 
+    for_each_amd_iommu ( iommu )
+        if ( iomem_deny_access(d, PFN_DOWN(iommu->mmio_base_phys),
+                               PFN_DOWN(iommu->mmio_base_phys +
+                                        IOMMU_MMIO_REGION_LENGTH - 1)) )
+            BUG();
+
     setup_hwdom_pci_devices(d, amd_iommu_setup_hwdom_device);
 }
 
--- a/xen/drivers/passthrough/vtd/iommu.c
+++ b/xen/drivers/passthrough/vtd/iommu.c
@@ -23,6 +23,7 @@
 #include <xen/sched.h>
 #include <xen/xmalloc.h>
 #include <xen/domain_page.h>
+#include <xen/iocap.h>
 #include <xen/iommu.h>
 #include <asm/hvm/iommu.h>
 #include <xen/numa.h>
@@ -1258,6 +1259,9 @@ static void __hwdom_init intel_iommu_hwd
 
     for_each_drhd_unit ( drhd )
     {
+        if ( iomem_deny_access(d, PFN_DOWN(drhd->address),
+                               PFN_DOWN(drhd->address)) )
+            BUG();
         iommu_enable_translation(drhd);
     }
 }






_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel

--------------060400010705040308030201-- --===============7494520369064184548== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel --===============7494520369064184548==--