[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] [PATCH] don't allow Dom0 access to IOMMUs' MMIO pages
Just like for LAPIC, IO-APIC, MSI, and HT we shouldn't be granting Dom0 access to these. This implicitly results in these pages also getting marked reserved in the machine memory map Dom0 uses to determine the ranges where PCI devices can have their MMIO ranges placed. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> --- a/xen/drivers/passthrough/amd/pci_amd_iommu.c +++ b/xen/drivers/passthrough/amd/pci_amd_iommu.c @@ -19,6 +19,7 @@ */ #include <xen/sched.h> +#include <xen/iocap.h> #include <xen/pci.h> #include <xen/pci_regs.h> #include <xen/paging.h> @@ -283,6 +284,7 @@ static int amd_iommu_domain_init(struct static void __hwdom_init amd_iommu_hwdom_init(struct domain *d) { unsigned long i; + const struct amd_iommu *iommu; if ( !iommu_passthrough && !need_iommu(d) ) { @@ -304,6 +306,12 @@ static void __hwdom_init amd_iommu_hwdom } } + for_each_amd_iommu ( iommu ) + if ( iomem_deny_access(d, PFN_DOWN(iommu->mmio_base_phys), + PFN_DOWN(iommu->mmio_base_phys + + IOMMU_MMIO_REGION_LENGTH - 1)) ) + BUG(); + setup_hwdom_pci_devices(d, amd_iommu_setup_hwdom_device); } --- a/xen/drivers/passthrough/vtd/iommu.c +++ b/xen/drivers/passthrough/vtd/iommu.c @@ -23,6 +23,7 @@ #include <xen/sched.h> #include <xen/xmalloc.h> #include <xen/domain_page.h> +#include <xen/iocap.h> #include <xen/iommu.h> #include <asm/hvm/iommu.h> #include <xen/numa.h> @@ -1258,6 +1259,9 @@ static void __hwdom_init intel_iommu_hwd for_each_drhd_unit ( drhd ) { + if ( iomem_deny_access(d, PFN_DOWN(drhd->address), + PFN_DOWN(drhd->address)) ) + BUG(); iommu_enable_translation(drhd); } } Attachment:
IOMMU-hide-MMIO-from-Dom0.patch _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |