[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH 7/7] x86: don't allow Dom0 access to ELCR ports


  • To: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Thu, 11 May 2023 14:08:09 +0200
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=G+zqZGPqfnT5MVrIi37WQFaIf6fuLMsYpLckidDxeS8=; b=j8PqPPaOhWr9n9lovQd0CVjd0QwrMmCRNxnOLj7+qF//i8k7Lj/923RH+TuGwzWNOHRcnHSDyAqr3N23gv1F9h5eoyE23VhESUvQMoCorGZv3HPzjI6O6dY558MvmJruEWC1v64IEyRcI3IQqa89EE7hikq0dwqAWKR6JW07yDktb3o3JIjMp7Dz0gcNhE0INtRJDwEdApiaxAuRfHxSuKJTLZs3E74THuK4qA3vE7UT1Q20t2fQmb/bk0D4I0goo+shSDkQSaItFwwLursLwDhxWvo7jEPGVjRByaJbZL6+Gv3t8hPDQlJHnICBcNXhirkf5nd3KHAQrnZXOubN8w==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=GRsdVBXLWggBdeJz9wDXs/c0bpNMEwVxqf8eD7b4kYCdKfyYjJWtNgah0v7RcR+bMpp0KdpJch5HhN2wEUtIxbfbdy1WoObqG2oCiPbCijkScVfqdjRrFUbtIcKYlNb0UeMulNIr7GGwP/omCd7VuhkSBbCqx0dWX3YdJStlIIJntzS/sp2GEtbXX0AUMaCcHqyhazEYU+BQ7rtBoKLjxwNyQV1iyoTzo/Jp4VUw/Lp1dNF/sVQNW4T4Trsa0EdA10DGCAFpF77VTwosQeNAKmGDuoU6K1mPkHlvWNeIQuU/SCr/YSuUwkZlg7vRtHQyKnqmwDayj4XPPbgXNnM96g==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
  • Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • Delivery-date: Thu, 11 May 2023 12:08:16 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Much like the other PIC ports, Dom0 has no business touching these. Even
our own uses are somewhat questionable, as the corresponding IO-APIC
code in Linux is enclosed in a CONFIG_EISA conditional; I don't think
there are any x86-64 EISA systems.

Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
---
RFC: For Linux'es (matching our) construct_default_ioirq_mptable() we
     may need to permit read access at least for PVH, if such default
     table construction is assumed to be sensible there in the first
     place (we assume ACPI and no PIC for PVH Dom0, after all).

RFC: Linux further has ACPI boot code accessing ELCR
     (acpi_pic_sci_set_trigger() and acpi_register_gsi_pic()), which we
     have no equivalent of.

Taken together, perhaps the hiding needs to be limited to PVH Dom0?

--- a/xen/arch/x86/dom0_build.c
+++ b/xen/arch/x86/dom0_build.c
@@ -503,6 +503,9 @@ int __init dom0_setup_permissions(struct
         rc |= ioports_deny_access(d, 0xA0 + offs, 0xA1 + offs);
     }
 
+    /* ELCR of both PICs. */
+    rc |= ioports_deny_access(d, 0x4D0, 0x4D1);
+
     /* Interval Timer (PIT). */
     for ( offs = 0, i = pit_alias_mask & -pit_alias_mask ?: 4;
           offs <= pit_alias_mask; offs += i )




 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.