* [PATCH] don't allow Dom0 access to IOMMUs' MMIO pages
@ 2014-10-02 13:34 Jan Beulich
2014-10-02 17:53 ` Andrew Cooper
2014-10-03 21:09 ` Tian, Kevin
0 siblings, 2 replies; 3+ messages in thread
From: Jan Beulich @ 2014-10-02 13:34 UTC (permalink / raw)
To: xen-devel
Cc: Yang Z Zhang, Kevin Tian, Aravind Gopalakrishnan,
suravee.suthikulpanit
[-- Attachment #1: Type: text/plain, Size: 1865 bytes --]
Just like for LAPIC, IO-APIC, MSI, and HT we shouldn't be granting Dom0
access to these. This implicitly results in these pages also getting
marked reserved in the machine memory map Dom0 uses to determine the
ranges where PCI devices can have their MMIO ranges placed.
Signed-off-by: Jan Beulich <jbeulich@suse.com>
--- a/xen/drivers/passthrough/amd/pci_amd_iommu.c
+++ b/xen/drivers/passthrough/amd/pci_amd_iommu.c
@@ -19,6 +19,7 @@
*/
#include <xen/sched.h>
+#include <xen/iocap.h>
#include <xen/pci.h>
#include <xen/pci_regs.h>
#include <xen/paging.h>
@@ -283,6 +284,7 @@ static int amd_iommu_domain_init(struct
static void __hwdom_init amd_iommu_hwdom_init(struct domain *d)
{
unsigned long i;
+ const struct amd_iommu *iommu;
if ( !iommu_passthrough && !need_iommu(d) )
{
@@ -304,6 +306,12 @@ static void __hwdom_init amd_iommu_hwdom
}
}
+ for_each_amd_iommu ( iommu )
+ if ( iomem_deny_access(d, PFN_DOWN(iommu->mmio_base_phys),
+ PFN_DOWN(iommu->mmio_base_phys +
+ IOMMU_MMIO_REGION_LENGTH - 1)) )
+ BUG();
+
setup_hwdom_pci_devices(d, amd_iommu_setup_hwdom_device);
}
--- a/xen/drivers/passthrough/vtd/iommu.c
+++ b/xen/drivers/passthrough/vtd/iommu.c
@@ -23,6 +23,7 @@
#include <xen/sched.h>
#include <xen/xmalloc.h>
#include <xen/domain_page.h>
+#include <xen/iocap.h>
#include <xen/iommu.h>
#include <asm/hvm/iommu.h>
#include <xen/numa.h>
@@ -1258,6 +1259,9 @@ static void __hwdom_init intel_iommu_hwd
for_each_drhd_unit ( drhd )
{
+ if ( iomem_deny_access(d, PFN_DOWN(drhd->address),
+ PFN_DOWN(drhd->address)) )
+ BUG();
iommu_enable_translation(drhd);
}
}
[-- Attachment #2: IOMMU-hide-MMIO-from-Dom0.patch --]
[-- Type: text/plain, Size: 1908 bytes --]
don't allow Dom0 access to IOMMUs' MMIO pages
Just like for LAPIC, IO-APIC, MSI, and HT we shouldn't be granting Dom0
access to these. This implicitly results in these pages also getting
marked reserved in the machine memory map Dom0 uses to determine the
ranges where PCI devices can have their MMIO ranges placed.
Signed-off-by: Jan Beulich <jbeulich@suse.com>
--- a/xen/drivers/passthrough/amd/pci_amd_iommu.c
+++ b/xen/drivers/passthrough/amd/pci_amd_iommu.c
@@ -19,6 +19,7 @@
*/
#include <xen/sched.h>
+#include <xen/iocap.h>
#include <xen/pci.h>
#include <xen/pci_regs.h>
#include <xen/paging.h>
@@ -283,6 +284,7 @@ static int amd_iommu_domain_init(struct
static void __hwdom_init amd_iommu_hwdom_init(struct domain *d)
{
unsigned long i;
+ const struct amd_iommu *iommu;
if ( !iommu_passthrough && !need_iommu(d) )
{
@@ -304,6 +306,12 @@ static void __hwdom_init amd_iommu_hwdom
}
}
+ for_each_amd_iommu ( iommu )
+ if ( iomem_deny_access(d, PFN_DOWN(iommu->mmio_base_phys),
+ PFN_DOWN(iommu->mmio_base_phys +
+ IOMMU_MMIO_REGION_LENGTH - 1)) )
+ BUG();
+
setup_hwdom_pci_devices(d, amd_iommu_setup_hwdom_device);
}
--- a/xen/drivers/passthrough/vtd/iommu.c
+++ b/xen/drivers/passthrough/vtd/iommu.c
@@ -23,6 +23,7 @@
#include <xen/sched.h>
#include <xen/xmalloc.h>
#include <xen/domain_page.h>
+#include <xen/iocap.h>
#include <xen/iommu.h>
#include <asm/hvm/iommu.h>
#include <xen/numa.h>
@@ -1258,6 +1259,9 @@ static void __hwdom_init intel_iommu_hwd
for_each_drhd_unit ( drhd )
{
+ if ( iomem_deny_access(d, PFN_DOWN(drhd->address),
+ PFN_DOWN(drhd->address)) )
+ BUG();
iommu_enable_translation(drhd);
}
}
[-- Attachment #3: Type: text/plain, Size: 126 bytes --]
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 3+ messages in thread* Re: [PATCH] don't allow Dom0 access to IOMMUs' MMIO pages
2014-10-02 13:34 [PATCH] don't allow Dom0 access to IOMMUs' MMIO pages Jan Beulich
@ 2014-10-02 17:53 ` Andrew Cooper
2014-10-03 21:09 ` Tian, Kevin
1 sibling, 0 replies; 3+ messages in thread
From: Andrew Cooper @ 2014-10-02 17:53 UTC (permalink / raw)
To: Jan Beulich, xen-devel
Cc: Yang Z Zhang, Kevin Tian, Aravind Gopalakrishnan,
suravee.suthikulpanit
[-- Attachment #1.1: Type: text/plain, Size: 2155 bytes --]
On 02/10/14 14:34, Jan Beulich wrote:
> Just like for LAPIC, IO-APIC, MSI, and HT we shouldn't be granting Dom0
> access to these. This implicitly results in these pages also getting
> marked reserved in the machine memory map Dom0 uses to determine the
> ranges where PCI devices can have their MMIO ranges placed.
>
> Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
>
> --- a/xen/drivers/passthrough/amd/pci_amd_iommu.c
> +++ b/xen/drivers/passthrough/amd/pci_amd_iommu.c
> @@ -19,6 +19,7 @@
> */
>
> #include <xen/sched.h>
> +#include <xen/iocap.h>
> #include <xen/pci.h>
> #include <xen/pci_regs.h>
> #include <xen/paging.h>
> @@ -283,6 +284,7 @@ static int amd_iommu_domain_init(struct
> static void __hwdom_init amd_iommu_hwdom_init(struct domain *d)
> {
> unsigned long i;
> + const struct amd_iommu *iommu;
>
> if ( !iommu_passthrough && !need_iommu(d) )
> {
> @@ -304,6 +306,12 @@ static void __hwdom_init amd_iommu_hwdom
> }
> }
>
> + for_each_amd_iommu ( iommu )
> + if ( iomem_deny_access(d, PFN_DOWN(iommu->mmio_base_phys),
> + PFN_DOWN(iommu->mmio_base_phys +
> + IOMMU_MMIO_REGION_LENGTH - 1)) )
> + BUG();
> +
> setup_hwdom_pci_devices(d, amd_iommu_setup_hwdom_device);
> }
>
> --- a/xen/drivers/passthrough/vtd/iommu.c
> +++ b/xen/drivers/passthrough/vtd/iommu.c
> @@ -23,6 +23,7 @@
> #include <xen/sched.h>
> #include <xen/xmalloc.h>
> #include <xen/domain_page.h>
> +#include <xen/iocap.h>
> #include <xen/iommu.h>
> #include <asm/hvm/iommu.h>
> #include <xen/numa.h>
> @@ -1258,6 +1259,9 @@ static void __hwdom_init intel_iommu_hwd
>
> for_each_drhd_unit ( drhd )
> {
> + if ( iomem_deny_access(d, PFN_DOWN(drhd->address),
> + PFN_DOWN(drhd->address)) )
> + BUG();
> iommu_enable_translation(drhd);
> }
> }
>
>
>
>
>
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xen.org
> http://lists.xen.org/xen-devel
[-- Attachment #1.2: Type: text/html, Size: 3055 bytes --]
[-- Attachment #2: Type: text/plain, Size: 126 bytes --]
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 3+ messages in thread* Re: [PATCH] don't allow Dom0 access to IOMMUs' MMIO pages
2014-10-02 13:34 [PATCH] don't allow Dom0 access to IOMMUs' MMIO pages Jan Beulich
2014-10-02 17:53 ` Andrew Cooper
@ 2014-10-03 21:09 ` Tian, Kevin
1 sibling, 0 replies; 3+ messages in thread
From: Tian, Kevin @ 2014-10-03 21:09 UTC (permalink / raw)
To: Jan Beulich, xen-devel
Cc: Zhang, Yang Z, Aravind Gopalakrishnan,
suravee.suthikulpanit@amd.com
> From: Jan Beulich [mailto:JBeulich@suse.com]
> Sent: Thursday, October 02, 2014 6:35 AM
>
> Just like for LAPIC, IO-APIC, MSI, and HT we shouldn't be granting Dom0
> access to these. This implicitly results in these pages also getting
> marked reserved in the machine memory map Dom0 uses to determine the
> ranges where PCI devices can have their MMIO ranges placed.
>
> Signed-off-by: Jan Beulich <jbeulich@suse.com>
>
Acked-by: Kevin Tian <kevin.tian@intel.com>
> --- a/xen/drivers/passthrough/amd/pci_amd_iommu.c
> +++ b/xen/drivers/passthrough/amd/pci_amd_iommu.c
> @@ -19,6 +19,7 @@
> */
>
> #include <xen/sched.h>
> +#include <xen/iocap.h>
> #include <xen/pci.h>
> #include <xen/pci_regs.h>
> #include <xen/paging.h>
> @@ -283,6 +284,7 @@ static int amd_iommu_domain_init(struct
> static void __hwdom_init amd_iommu_hwdom_init(struct domain *d)
> {
> unsigned long i;
> + const struct amd_iommu *iommu;
>
> if ( !iommu_passthrough && !need_iommu(d) )
> {
> @@ -304,6 +306,12 @@ static void __hwdom_init amd_iommu_hwdom
> }
> }
>
> + for_each_amd_iommu ( iommu )
> + if ( iomem_deny_access(d,
> PFN_DOWN(iommu->mmio_base_phys),
> + PFN_DOWN(iommu->mmio_base_phys
> +
> +
> IOMMU_MMIO_REGION_LENGTH - 1)) )
> + BUG();
> +
> setup_hwdom_pci_devices(d, amd_iommu_setup_hwdom_device);
> }
>
> --- a/xen/drivers/passthrough/vtd/iommu.c
> +++ b/xen/drivers/passthrough/vtd/iommu.c
> @@ -23,6 +23,7 @@
> #include <xen/sched.h>
> #include <xen/xmalloc.h>
> #include <xen/domain_page.h>
> +#include <xen/iocap.h>
> #include <xen/iommu.h>
> #include <asm/hvm/iommu.h>
> #include <xen/numa.h>
> @@ -1258,6 +1259,9 @@ static void __hwdom_init intel_iommu_hwd
>
> for_each_drhd_unit ( drhd )
> {
> + if ( iomem_deny_access(d, PFN_DOWN(drhd->address),
> + PFN_DOWN(drhd->address)) )
> + BUG();
> iommu_enable_translation(drhd);
> }
> }
>
>
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2014-10-03 21:10 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-10-02 13:34 [PATCH] don't allow Dom0 access to IOMMUs' MMIO pages Jan Beulich
2014-10-02 17:53 ` Andrew Cooper
2014-10-03 21:09 ` Tian, Kevin
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).