[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v4] x86: detect CMOS aliasing on ports other than 0x70/0x71

  • To: Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Thu, 23 Mar 2023 15:26:19 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=rVsgWoRr3DjXO6JZR+yG18J1JlhWeVsNBbGMBDTyyd8=; b=QGL6CM/UiXr9vWEE4Y4Jbbu6VZof0CrtiqzEHR3IXf9E3y2EmWSwlIJr/qeYskOJeQ+NWeDlYgMhbnx+zhBxRneQi8EArxWsZ0SAatmWjQO/ckFVt4wJm3f43g00DyaoKqLEhcwfRlJ1mzYaximLBVcK25ZQXUCyvqkuQtLakgtKNPu9JMc6clpETmQTwFZzcQpe+b4Z+3TdVd1xRcWSnce6+A2drExzm/nL4pWjVuhVc3zGi0aMwCdLKRDHOdCu/U8qJDzEpeRuHWLGBdd5XF1mWQNEEYemMqO3ZyBnKTeDqbr+DBNreDamb6xNEAI0O0TZ/9iVBjQ5LrR/aL5Kzg==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=BY/qwqSpapkW/47cDEVzLcA5Fq9P6ssdkpEXAOzLeUQv//P0GECvc5+9QqWkjVfnsCJEwrJrMlVYg7W1WGa+hg2skmaF6zAHtXKCf0qeTzg4avBOMylLuGkETIUicTCzZdUcx1NUGTlf3RhkR7q4/QjqmQzBxA27z/am9DeUrFQzJKLbXjO6zQSE4TLk8MnSXMzGoAX1Crg/yfdf4KryTI/jjg2oVexZQ4oDmUkxWHYZ3mGWxBzej/HV+qdtQ3D0UHTZANdy1sMcMveSfQmlqFOUjjgqvZajM5VBDomEJDYybGzksflEOezsW7cyfb8Nf1pbcDWf/kfQvR8LzkDfCg==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
  • Cc: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Paul Durrant <paul@xxxxxxx>, Wei Liu <wl@xxxxxxx>
  • Delivery-date: Thu, 23 Mar 2023 14:26:34 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 23.03.2023 13:29, Roger Pau Monné wrote:
> On Wed, Mar 22, 2023 at 10:55:42AM +0100, Jan Beulich wrote:
>> On 21.03.2023 15:12, Roger Pau Monné wrote:
>>> On Mon, Mar 20, 2023 at 09:32:26AM +0100, Jan Beulich wrote:
>>>> ... in order to also intercept Dom0 accesses through the alias ports.
>>>
>>> I'm trying to get some documentation about this aliasing, but so far I
>>> haven't been able to find any.  Do you have any references of where I
>>> might be able to find it?
>>
>> I think several ICH datasheet documents mention this. Right now I'm
>> looking at the ICH10 one (319973-003), section 13.6.1 ("I/O Register
>> Address Map" under "Real Time Clock Registers").
> 
> Thanks, I had to fetch this from elsewhere as I haven't been able to
> find it on the Intel documentation site, maybe it's too old?
> 
>> But such aliasing (really: lack of decoding) has been present on
>> various of the low 1024 ports from the very early days of x86. So we
>> may want to take care of such elsewhere as well, e.g. for the PIC
>> (where aforementioned doc also explicitly mentions the aliases).
> 
> I wonder how relevant those aliases are for OSes, do we know of any OS
> that uses them?
> 
> For example we don't seem to provide them to HVM guests at all, and we
> seem to get away with it.

There are two aspects here: One is the functionality that becomes available
specifically via using the aliases here (and I'm not 100% certain this isn't
chipset dependent in the first place), allowing access to the full 256 bytes
of CMOS storage (i.e. no parts clipped off for the RTC registers). The other
aspect is simply disallowing access to ports we mean Dom0 to not have access
to. That would be the sole purpose e.g. for the PIC port ranges. Otherwise
there's little point disallowing access to the base ranges, imo.

>>>> Also stop intercepting accesses to the CMOS ports if we won't ourselves
>>>> use the CMOS RTC.
>>>
>>> Could this create any concerns with the ability to disable NMIs if we
>>> no longer filter accesses to the RTC?
>>
>> Hmm, that's a valid concern, but I'm not sure in how far we need to
>> be worried about giving Dom0 this level of control. As long as we
>> don't use it ourselves of course (I'm unaware of us using this
>> anywhere). If we're worried, we could continue to intercept port
>> 0x70 alone, just to mask off the top bit for writes.
> 
> I would be mostly worried about dom0 disabling NMI and thus causing
> the Xen watchdog to trigger for example.  I don't think we should
> allow dom0 to disable NMIs at all.

I'll see what I can do, preferably without keeping the intercepts fully
engaged.

Jan

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.