[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH 3/7] x86/PVH: deny Dom0 access to the ISA DMA controller

  • To: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Thu, 11 May 2023 14:06:25 +0200
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=tKCZe8aIk+i5ppy7aKMs7dwLZsehuRpn4OGEOjQsCn8=; b=VP0tD1NzrJa8S6aWmgsv/IJZj5kG0/rQ3LkhxYSLZ3RABWGyBqpazCta2KweHVmHklcOf5jw5uBzwRXFko5vlbr1GT0zeg1DLDYTGDkTovPETsSxclUfa9TEPlzDTTHJaUJdImimJNlrrabzMIIsFbF2mVoa8saYmdlqQO/VESQrqrUjeWO52mSPMdH6Lhj0hbZWDyCfy694ukj1KixHmnZRJVPWa5ZD70KJm95h+bJbJolHyzr50TFcHNqAFzuUSjMAHtcP/9F3HLeaqP4zcp9eY2wOdMmop3WCZD5955oh4Q55W2gi9O/XTMLuYgrQtS8d4kVmaJ1ID1Oc80NyvA==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=M9rNuV6oyWbE2uBeBsPkTsuA1LQEhfWPJGlfDdTG+eCc4nFJ9IvPLhcjAyF9hOdhwjxn+NG1VLa8NvE4YyNAtD396e3nBBDGkXgDcPzrse7LzbcRk8/1NgzVSy8cX+L8zXbvMbhNJ0VPxSjk3bOTht9crGPsxjket+YvozCZav5xMzfSyOMZKoJTCi82lqOzukmKIGyliK8SbA+NjuMaNgOsWUujjVrrrvqv2Vq0ssj8wtZYEzu3ijpSYklIXwIwhXHJxIdtRHLf0b5PZdiOFqJ6GQadFluIrXLoM4cY50wK94dvB1g9hfMrqYIbGVz0so8YcRyw9cU0QO5X8FZDjw==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
  • Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • Delivery-date: Thu, 11 May 2023 12:06:35 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
Unlike PV, a PVH Dom0 has no sensible way of driving the address and
page registers correctly, as it would need to translate guest physical
addresses to host ones. Rather than allowing data corruption to occur
from e.g. the use of a legacy floppy drive, disallow access altogether.

Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
---
The possible aliases of the page registers (90-9F, except 92) aren't
covered. Unlike the possible alias range 10-1F, which I think is okay
to include here blindly, I guess we'd better probe for aliasing of these
if we wanted to deny access there as well. This is first and foremost
because the range having had wider use on PS/2, and who knows what's
been re-used in that range beyond port 92.

--- a/xen/arch/x86/dom0_build.c
+++ b/xen/arch/x86/dom0_build.c
@@ -517,6 +517,13 @@ int __init dom0_setup_permissions(struct
 #ifdef CONFIG_HVM
     if ( is_hvm_domain(d) )
     {
+        /* ISA DMA controller, channels 0-3 (incl possible aliases). */
+        rc |= ioports_deny_access(d, 0x00, 0x1F);
+        /* ISA DMA controller, page registers (incl various reserved ones). */
+        rc |= ioports_deny_access(d, 0x80 + !!hvm_port80_allowed, 0x8F);
+        /* ISA DMA controller, channels 4-7 (incl usual aliases). */
+        rc |= ioports_deny_access(d, 0xC0, 0xDF);
+
         /* HVM debug console IO port. */
         rc |= ioports_deny_access(d, XEN_HVM_DEBUGCONS_IOPORT,
                                   XEN_HVM_DEBUGCONS_IOPORT);

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.