[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH v4 6/6] x86/P2M: relax permissions of PVH Dom0's MMIO entries
- To: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
- From: Jan Beulich <jbeulich@xxxxxxxx>
- Date: Wed, 29 Sep 2021 15:15:48 +0200
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=289UvYu1z6hhybJctb/uHf8lFebZQ7uBwKVUfRIW7tA=; b=UpuLwH+Px761mS2wamIljFLDTjk6ivaXUPQUcEyEOmv0gq7qc3pQf4EqofHho/yTQf5k/5guaQunxloNhPBe3Usl0C5W1jnlLRanMGpmRIBquPfWuxsnTgqBCFo3uZS8zFKcUEg57sGJUYcL5+1MVQLVaEv+KS3qfVDvUGszO44nrziYRLwTdLqIs51ICajnmEp83zQb/vLxzrwe3HVxZ6LpmUSflx7WXYqTPxMzLAzhIxxkWtuUaCFl/blWsSvS9GQAVxTCzhRcZzf4GgBRad2on2zHwwKNEc78Df9tj4iF01K62fWfY1v7ohHVIQODwvtEPJYGgnkfZo1eM7dMdg==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=WZTQ2Qo/kf5nIVak7nvHSIiGkONhIf6lO7Vfr/kFAPJ3sZL3H+wRrupGfpfuXQCHpeEK96ULyFMbaCtxcmoSRd7Q4dBUacBprvqiegLaGY9GRhM9ivNk2Of5qcgJHMlktJKgan41WprcINwANoqJ0We2xCNu7g1D1+Io0sW8Zuc0Ej6vIpl/688A3/ynQBbiI1r3OxMPk+Ref3t0XXHgzSAmFNXSYhDEla/Gx1dmQrPYaavCTNJ1iGPFmEvr5inx/XHw444JDE6CDEYLw7CmS5fD5yX19xkTWqkJ8vPpgVUr/Y067YCrJjtLcyhP4YRDHDc9Y0Qa0Stlx2vuiZ4RNw==
- Authentication-results: citrix.com; dkim=none (message not signed) header.d=none;citrix.com; dmarc=none action=none header.from=suse.com;
- Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>
- Delivery-date: Wed, 29 Sep 2021 13:15:56 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
To become independent of the sequence of mapping operations, permit
"access" to accumulate for Dom0, noting that there's not going to be an
introspection agent for it which this might interfere with. While e.g.
ideally only ROM regions would get mapped with X set, getting there is
quite a bit of work. Plus the use of p2m_access_* here is abusive in the
first place.
Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
---
v3: Move last in series, for being controversial.
v2: Split off from original patch. Accumulate all of R, W, and X.
--- a/xen/arch/x86/mm/p2m.c
+++ b/xen/arch/x86/mm/p2m.c
@@ -1319,6 +1319,18 @@ static int set_typed_p2m_entry(struct do
return -EPERM;
}
+ /*
+ * Gross bodge, to go away again rather sooner than later:
+ *
+ * For MMIO allow access permissions to accumulate, but only for Dom0.
+ * Since set_identity_p2m_entry() and set_mmio_p2m_entry() differ in
+ * the way they specify "access", this will allow the ultimate result
+ * to be independent of the sequence of operations.
+ */
+ if ( is_hardware_domain(d) && gfn_p2mt == p2m_mmio_direct &&
+ access <= p2m_access_rwx && a <= p2m_access_rwx )
+ access |= a;
+
if ( access == a )
{
gfn_unlock(p2m, gfn, order);
|