From: Andrew Cooper <andrew.cooper3@citrix.com>
To: Paul Durrant <paul.durrant@citrix.com>, xen-devel@lists.xenproject.org
Cc: Keir Fraser <keir@xen.org>, Jan Beulich <jbeulich@suse.com>
Subject: Re: [PATCH v5 06/16] x86/hvm: add length to mmio check op
Date: Thu, 2 Jul 2015 17:37:30 +0100 [thread overview]
Message-ID: <559568CA.2060406@citrix.com> (raw)
In-Reply-To: <1435669558-5421-7-git-send-email-paul.durrant@citrix.com>
On 30/06/15 14:05, Paul Durrant wrote:
> When memory mapped I/O is range checked by internal handlers, the length
> of the access should be taken into account.
>
> Signed-off-by: Paul Durrant <paul.durrant@citrix.com>
> Cc: Keir Fraser <keir@xen.org>
> Cc: Jan Beulich <jbeulich@suse.com>
> Cc: Andrew Cooper <andrew.cooper3@citrix.com>
> ---
> xen/arch/x86/hvm/intercept.c | 22 +++++++++++++++++++---
> xen/include/asm-x86/hvm/io.h | 16 ++++++++++++++++
> 2 files changed, 35 insertions(+), 3 deletions(-)
>
> diff --git a/xen/arch/x86/hvm/intercept.c b/xen/arch/x86/hvm/intercept.c
> index 7d36785..42050f4 100644
> --- a/xen/arch/x86/hvm/intercept.c
> +++ b/xen/arch/x86/hvm/intercept.c
> @@ -35,9 +35,19 @@
> static bool_t hvm_mmio_accept(const struct hvm_io_handler *handler,
> const ioreq_t *p)
> {
> + paddr_t first = hvm_mmio_first_byte(p);
> + paddr_t last = hvm_mmio_last_byte(p);
> +
> BUG_ON(handler->type != IOREQ_TYPE_COPY);
>
> - return handler->mmio.ops->check(current, p->addr);
> + if ( !handler->mmio.ops->check(current, first) )
> + return 0;
> +
I would put a comment here about an IO access straddling an MMIO handler
boundary, so that someone investigating this domain crash gets some clue
as to why.
> + if ( p->size > 1 &&
> + !handler->mmio.ops->check(current, last) )
> + domain_crash(current->domain);
> +
> + return 1;
> }
>
> static int hvm_mmio_read(const struct hvm_io_handler *handler,
> @@ -112,7 +122,8 @@ static const struct hvm_io_ops portio_ops = {
> static int hvm_process_io_intercept(const struct hvm_io_handler *handler,
> ioreq_t *p)
> {
> - struct hvm_vcpu_io *vio = ¤t->arch.hvm_vcpu.hvm_io;
> + struct vcpu *curr = current;
> + struct hvm_vcpu_io *vio = &curr->arch.hvm_vcpu.hvm_io;
> const struct hvm_io_ops *ops =
> (p->type == IOREQ_TYPE_COPY) ?
> &mmio_ops :
> @@ -223,6 +234,9 @@ static int hvm_process_io_intercept(const struct hvm_io_handler *handler,
>
> if ( i != 0 )
> {
> + if ( rc == X86EMUL_UNHANDLEABLE )
> + domain_crash(curr->domain);
> +
> p->count = i;
> rc = X86EMUL_OKAY;
> }
> @@ -342,7 +356,9 @@ bool_t hvm_mmio_internal(paddr_t gpa)
> {
> ioreq_t p = {
> .type = IOREQ_TYPE_COPY,
> - .addr = gpa
> + .addr = gpa,
As a general note, many compilers (gcc includes) permit having a comma
as the final token before the } which avoids a diff which looks like
this when adding a subsequent member.
Otherwise, Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
next prev parent reply other threads:[~2015-07-02 16:37 UTC|newest]
Thread overview: 46+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-06-30 13:05 [PATCH v5 00/16] x86/hvm: I/O emulation cleanup and fix Paul Durrant
2015-06-30 13:05 ` [PATCH v5 01/16] x86/hvm: make sure emulation is retried if domain is shutting down Paul Durrant
2015-06-30 13:45 ` Andrew Cooper
2015-06-30 16:14 ` Don Slutz
2015-06-30 16:29 ` Paul Durrant
2015-06-30 13:05 ` [PATCH v5 02/16] x86/hvm: remove multiple open coded 'chunking' loops Paul Durrant
2015-07-02 15:37 ` Andrew Cooper
2015-07-02 15:55 ` Paul Durrant
2015-07-02 16:03 ` Andrew Cooper
2015-06-30 13:05 ` [PATCH v5 03/16] x86/hvm: change hvm_mmio_read_t and hvm_mmio_write_t length argument Paul Durrant
2015-07-02 15:39 ` Andrew Cooper
2015-06-30 13:05 ` [PATCH v5 04/16] x86/hvm: restrict port numbers to uint16_t and sizes to unsigned int Paul Durrant
2015-07-02 15:54 ` Andrew Cooper
2015-07-02 15:56 ` Paul Durrant
2015-06-30 13:05 ` [PATCH v5 05/16] x86/hvm: unify internal portio and mmio intercepts Paul Durrant
2015-07-02 14:52 ` Roger Pau Monné
2015-07-02 15:02 ` Paul Durrant
2015-07-02 15:12 ` Roger Pau Monné
2015-07-02 15:12 ` Paul Durrant
2015-07-02 16:29 ` Andrew Cooper
2015-06-30 13:05 ` [PATCH v5 06/16] x86/hvm: add length to mmio check op Paul Durrant
2015-07-02 16:37 ` Andrew Cooper [this message]
2015-06-30 13:05 ` [PATCH v5 07/16] x86/hvm: unify dpci portio intercept with standard portio intercept Paul Durrant
2015-07-02 16:50 ` Andrew Cooper
2015-06-30 13:05 ` [PATCH v5 08/16] x86/hvm: unify stdvga mmio intercept with standard mmio intercept Paul Durrant
2015-07-02 16:55 ` Andrew Cooper
2015-06-30 13:05 ` [PATCH v5 09/16] x86/hvm: limit reps to avoid the need to handle retry Paul Durrant
2015-07-02 17:10 ` Andrew Cooper
2015-07-02 17:14 ` Paul Durrant
2015-07-02 17:31 ` Andrew Cooper
2015-06-30 13:05 ` [PATCH v5 10/16] x86/hvm: only call hvm_io_assist() from hvm_wait_for_io() Paul Durrant
2015-07-03 15:03 ` Andrew Cooper
2015-06-30 13:05 ` [PATCH v5 11/16] x86/hvm: split I/O completion handling from state model Paul Durrant
2015-07-03 15:08 ` Andrew Cooper
2015-06-30 13:05 ` [PATCH v5 12/16] x86/hvm: remove HVMIO_dispatched I/O state Paul Durrant
2015-07-03 15:12 ` Andrew Cooper
2015-06-30 13:05 ` [PATCH v5 13/16] x86/hvm: remove hvm_io_state enumeration Paul Durrant
2015-07-03 15:13 ` Andrew Cooper
2015-06-30 13:05 ` [PATCH v5 14/16] x86/hvm: use ioreq_t to track in-flight state Paul Durrant
2015-07-03 15:15 ` Andrew Cooper
2015-06-30 13:05 ` [PATCH v5 15/16] x86/hvm: always re-emulate I/O from a buffer Paul Durrant
2015-07-03 15:26 ` Andrew Cooper
2015-06-30 13:05 ` [PATCH v5 16/16] x86/hvm: track large memory mapped accesses by buffer offset Paul Durrant
2015-07-03 15:26 ` Andrew Cooper
2015-06-30 14:48 ` [PATCH v5 00/16] x86/hvm: I/O emulation cleanup and fix Fabio Fantoni
2015-07-07 11:19 ` Fabio Fantoni
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=559568CA.2060406@citrix.com \
--to=andrew.cooper3@citrix.com \
--cc=jbeulich@suse.com \
--cc=keir@xen.org \
--cc=paul.durrant@citrix.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).