[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH v4 3/3] xen: prevent access to HPET from Dom0

Prevent Dom0 from accessing HPET MMIO region by adding the HPET mfn to the
list of forbiden memory regions (if ACPI_HPET_PAGE_PROTECT4 or
ACPI_HPET_PAGE_PROTECT64 flag is set) or to the list of read-only regions.

Also provide an option that prevents adding the HPET to the read-only memory
regions called ro-hpet, in case there are systems that put other stuff in
the HPET page.

Signed-off-by: Roger Pau Monnà <roger.pau@xxxxxxxxxx>
Cc: Jan Beulich <jbeulich@xxxxxxxx>
Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
---
Changes since v3:
 - Correctly check for page protect values.
 - Remove stale comment in include.

Changes since v2:
 - Don't map the HPET page at all if ACPI_HPET_PAGE_PROTECT4 is found.
 - Provide an option (ro-hpet) that prevents adding the HPET page to the
   list of read-only memory regions.

Changes since v1:
 - Instead of completely blocking access to the HPET mfn, set it as
   read-only.
---
 docs/misc/xen-command-line.markdown |  8 ++++++++
 xen/arch/x86/acpi/boot.c            |  1 +
 xen/arch/x86/domain_build.c         | 18 ++++++++++++++++++
 xen/arch/x86/hpet.c                 |  1 +
 xen/include/asm-x86/hpet.h          |  1 +
 5 files changed, 29 insertions(+)

diff --git a/docs/misc/xen-command-line.markdown 
b/docs/misc/xen-command-line.markdown
index a061aa4..e87eef4 100644
--- a/docs/misc/xen-command-line.markdown
+++ b/docs/misc/xen-command-line.markdown
@@ -1380,3 +1380,11 @@ Use the x2apic physical apic driver.  The alternative is 
the x2apic cluster driv
 > Default: `true`
 
 Permit use of the `xsave/xrstor` instructions.
+
+### ro-hpet
+> `= <boolean>`
+
+> Default: `true`
+
+Map the HPET page as read only in Dom0. If disabled the page will be mapped
+with read and write permissions.
diff --git a/xen/arch/x86/acpi/boot.c b/xen/arch/x86/acpi/boot.c
index 903830b..9a8904b 100644
--- a/xen/arch/x86/acpi/boot.c
+++ b/xen/arch/x86/acpi/boot.c
@@ -309,6 +309,7 @@ static int __init acpi_parse_hpet(struct acpi_table_header 
*table)
 
        hpet_address = hpet_tbl->address.address;
        hpet_blockid = hpet_tbl->sequence;
+       hpet_flags = hpet_tbl->flags;
        printk(KERN_INFO PREFIX "HPET id: %#x base: %#lx\n",
               hpet_tbl->id, hpet_address);
 
diff --git a/xen/arch/x86/domain_build.c b/xen/arch/x86/domain_build.c
index 2f9aaf9..8d767a4 100644
--- a/xen/arch/x86/domain_build.c
+++ b/xen/arch/x86/domain_build.c
@@ -36,6 +36,7 @@
 #include <asm/bzimage.h> /* for bzimage_parse */
 #include <asm/io_apic.h>
 #include <asm/hap.h>
+#include <asm/hpet.h>
 
 #include <public/version.h>
 
@@ -134,6 +135,9 @@ boolean_param("dom0_shadow", opt_dom0_shadow);
 static char __initdata opt_dom0_ioports_disable[200] = "";
 string_param("dom0_ioports_disable", opt_dom0_ioports_disable);
 
+static bool_t __initdata ro_hpet = 1;
+boolean_param("ro-hpet", ro_hpet);
+
 /* Allow ring-3 access in long mode as guest cannot use ring 1 ... */
 #define BASE_PROT (_PAGE_PRESENT|_PAGE_RW|_PAGE_ACCESSED|_PAGE_USER)
 #define L1_PROT (BASE_PROT|_PAGE_GUEST_KERNEL)
@@ -1495,6 +1499,20 @@ int __init construct_dom0(
             rc |= iomem_deny_access(d, sfn, efn);
     }
 
+    /* Prevent access to HPET */
+    if ( hpet_address != 0 )
+    {
+        u8 prot_flags = hpet_flags & ACPI_HPET_PAGE_PROTECT_MASK;
+        mfn = paddr_to_pfn(hpet_address);
+        if ( prot_flags == ACPI_HPET_PAGE_PROTECT4 )
+            rc |= iomem_deny_access(d, mfn, mfn);
+        else if ( prot_flags == ACPI_HPET_PAGE_PROTECT64 )
+            for ( i = 0; i < 16; i++ )
+                rc |= iomem_deny_access(d, mfn + i, mfn + i);
+        else if ( ro_hpet )
+            rc |= rangeset_add_singleton(mmio_ro_ranges, mfn);
+    }
+
     BUG_ON(rc != 0);
 
     if ( elf_check_broken(&elf) )
diff --git a/xen/arch/x86/hpet.c b/xen/arch/x86/hpet.c
index 0b13f52..7aa740f 100644
--- a/xen/arch/x86/hpet.c
+++ b/xen/arch/x86/hpet.c
@@ -52,6 +52,7 @@ DEFINE_PER_CPU(struct hpet_event_channel *, cpu_bc_channel);
 
 unsigned long __initdata hpet_address;
 u8 __initdata hpet_blockid;
+u8 __initdata hpet_flags;
 
 /*
  * force_hpet_broadcast: by default legacy hpet broadcast will be stopped
diff --git a/xen/include/asm-x86/hpet.h b/xen/include/asm-x86/hpet.h
index 875f1de..10c4a56 100644
--- a/xen/include/asm-x86/hpet.h
+++ b/xen/include/asm-x86/hpet.h
@@ -52,6 +52,7 @@
 
 extern unsigned long hpet_address;
 extern u8 hpet_blockid;
+extern u8 hpet_flags;
 
 /*
  * Detect and initialise HPET hardware: return counter update frequency.
-- 
1.9.3 (Apple Git-50)


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.