Xen project Mailing List

[Xen-changelog] Blacklist memory-mapped APIC-register pages in the domain0

From: Xen patchbot -unstable <patchbot-unstable@xxxxxxxxxxxxxxxxxxx>

Date: Fri, 03 Feb 2006 19:24:08 +0000

Delivery-date: Fri, 03 Feb 2006 19:35:48 +0000

List-id: BK change log <xen-changelog.lists.xensource.com>

# HG changeset patch # User kaf24@xxxxxxxxxxxxxxxxxxxx # Node ID 5d9f4e6c9519eb59467aceac665b0fe9fbbab190 # Parent 03382076472cb8bd9cd8e524abe7a49c85d2e70c Blacklist memory-mapped APIC-register pages in the domain0 iomem capability list. Signed-off-by: Keir Fraser <keir@xxxxxxxxxxxxx> diff -r 03382076472c -r 5d9f4e6c9519 xen/arch/x86/domain_build.c --- a/xen/arch/x86/domain_build.c Thu Feb 2 14:09:39 2006 +++ b/xen/arch/x86/domain_build.c Thu Feb 2 14:10:27 2006 @@ -755,28 +755,45 @@ printk("dom0: shadow setup done\n"); } - i = 0; + rc = 0; /* DOM0 is permitted full I/O capabilities. */ - i |= ioports_permit_access(dom0, 0, 0xFFFF); - i |= iomem_permit_access(dom0, 0UL, ~0UL); - i |= irqs_permit_access(dom0, 0, NR_PIRQS-1); + rc |= ioports_permit_access(dom0, 0, 0xFFFF); + rc |= iomem_permit_access(dom0, 0UL, ~0UL); + rc |= irqs_permit_access(dom0, 0, NR_PIRQS-1); /* * Modify I/O port access permissions. */ /* Master Interrupt Controller (PIC). */ - i |= ioports_deny_access(dom0, 0x20, 0x21); + rc |= ioports_deny_access(dom0, 0x20, 0x21); /* Slave Interrupt Controller (PIC). */ - i |= ioports_deny_access(dom0, 0xA0, 0xA1); + rc |= ioports_deny_access(dom0, 0xA0, 0xA1); /* Interval Timer (PIT). */ - i |= ioports_deny_access(dom0, 0x40, 0x43); + rc |= ioports_deny_access(dom0, 0x40, 0x43); /* PIT Channel 2 / PC Speaker Control. */ - i |= ioports_deny_access(dom0, 0x61, 0x61); + rc |= ioports_deny_access(dom0, 0x61, 0x61); /* Command-line I/O ranges. */ process_dom0_ioports_disable(); - BUG_ON(i != 0); + /* + * Modify I/O memory access permissions. + */ + /* Local APIC. */ + if ( mp_lapic_addr != 0 ) + { + mfn = paddr_to_pfn(mp_lapic_addr); + rc |= iomem_deny_access(dom0, mfn, mfn); + } + /* I/O APICs. */ + for ( i = 0; i < nr_ioapics; i++ ) + { + mfn = paddr_to_pfn(mp_ioapics[i].mpc_apicaddr); + if ( smp_found_config ) + rc |= iomem_deny_access(dom0, mfn, mfn); + } + + BUG_ON(rc != 0); return 0; } _______________________________________________ Xen-changelog mailing list Xen-changelog@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-changelog

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.