[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v3 56/62] arm/acpi: Deny MMIO access of UART

On Tue, 17 Nov 2015, Shannon Zhao wrote:
> On 2015/11/17 20:04, Julien Grall wrote:
> > On 17/11/15 09:40, shannon.zhao@xxxxxxxxxx wrote:
> >> From: Shannon Zhao <shannon.zhao@xxxxxxxxxx>
> >>
> >> Firstly it permits full MMIO capabilities for Dom0. Then deny MMIO
> >> access of UART device.
> > 
> > I'm nearly sure we want to deny other MMIO such as the GIC regions and SMMU.
> > 
> But Dom0 will not know the real GIC hardware MMIO space, how would it
> map these regions? In case of wrong use?

It could try regions at random or by mistake.
I know that Dom0 is "trusted", but the less we trust it, the better.

> Regarding SMMU, since it doesn't support now, so I didn't add it but it
> could be added later.

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.