[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 6/7] x86: don't allow Dom0 (direct) access to port F0

  • To: Jan Beulich <jbeulich@xxxxxxxx>
  • From: Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • Date: Thu, 26 Oct 2023 12:48:15 +0200
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=NJ9MrFxpLi0rarvr8vqPhkrCuy0WR1S2kP4oihlnK08=; b=gDbi+pjRisnUrnYhNLCILGwf5LkHNzsDB6aRXMlrV+arNfRuHZ6b2bzAJvY+k06SEDn2nPV6G7C6KGKpxxKajAfLX27BkGWUwuInHO8TpEishzsfTlo0Jj5NJexqdj2aYJ4kFhl+yhBhM/rT4RaA40yvtRcNvgOUsGbYY4bUOshVx9pQa+omLhreX+fSNFk2WVwIZOScNCs8iui/YZdfC2XyLh8XoIUyxL4OO9kmxTJi5diTC+N9bEBNemFBr1vJ8vagNTZh7lE1rEvEXbVGLPaerkjP88TtZfvBmV6vTU6bHcze0YtxjWKFcu3XXxgBuOIoTTJb3W+D9BAqnUQL2w==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=A93V5OcWpSHcd7xma0/T4uzcYttPppohFfjnn4A08OZKWEbP6cwNhzg34em3FVysxIqXZW7GWuaWH/3LLZX7PObYjF9TsOusOlyx1XLMHkRsQA97vWwxhOBCWlSODqBhugFn2JiMEqA/+oHRz2VVMW4MHTQPDk7hEQFVclDp+otf/0v7IwrvLl4yK5kbhmmXNvjKZzn5mqXwiti1sChX1MXSDAS2+GZ2003jSeHZF3v5bHrenTuCdZw9sdb1lU9/RGwnAfvAnwmK9Ig/rp+f+uoMNLjRJlmln6gPejvdALX+w3nnEllfwTIx3muz3xxKiHdSepE3HEegsSK/r0FyJw==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
  • Cc: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>
  • Delivery-date: Thu, 26 Oct 2023 10:48:43 +0000
  • Ironport-data: A9a23:JtnGEqkxIG5yyKonhhL+Hs/o5gynJ0RdPkR7XQ2eYbSJt1+Wr1Gzt xIYUDuGaPmNYGT9fYp0b4ix8UMD78SAm4c3Sws9rn9hFiMWpZLJC+rCIxarNUt+DCFhoGFPt JxCN4aafKjYaleG+39B55C49SEUOZmgH+e6UKicfHkpGWeIcQ954Tp7gek1n4V0ttawBgKJq LvartbWfVSowFaYCEpNg064gE0p5K+aVA8w5ARkPqkT5gGGzhH5MbpETU2PByqgKmVrNrbSq 9brlNmR4m7f9hExPdKp+p6TnpoiG+O60aCm0xK6aoD66vRwjnVaPpUTbZLwXXx/mTSR9+2d/ f0W3XCGpaXFCYWX8AgVe0Ew/yiTpsSq8pefSZS0mZT7I0Er7xIAahihZa07FdRwxwp5PY1B3 cUhCyAdbBuGu+2r/rP4aeZm2d8KI9a+aevzulk4pd3YJdAPZMmbBoD1v5pf1jp2gd1SF/HDY cZfcSBocBnLfxxIPBEQFY46m+CrwHL4dlW0qnrM/fZxvzeVkVE3ieC1WDbWUoXiqcF9hEGXq 3iA523kKhobKMae2XyO9XfEaurnxHmmCd5CSeHpnhJsqASq6HQWJTE8blGYgPmetRaBAdFtO XVBr0LCqoB3riRHVOLVXRe1vXqFtR40QMdLHqsx7wTl4rrZ5UOVC3YJShZFacc6r4kmSDoyz FiLktj1Qzt1v9W9Vna15rqS6zSoNkAowXQqYCYFSU4A/IPlqYRq1hbXFI87SOiyk8H/Hiz2z 3aSti8iir4PjMkNkaKm4VTAhDHqrZ/MJuIo2jjqsquexlsRTOaYi0aAsDA3Md4owF6lc2S8
  • Ironport-hdrordr: A9a23:vom30KgGbVbo9wReozpjkzW0e3BQX7123DAbv31ZSRFFG/FwyP rCoB1L73XJYWgqM03I+eruBEBPewK4yXdQ2/hoAV7EZnichILIFvAa0WKG+VHd8kLFltK1uZ 0QEJSWTeeAd2SS7vyKnzVQcexQp+VvmZrA7Ym+854ud3ANV0gJ1XYENu/xKDwTeOApP+taKH LKjfA32gZINE5nJ/hSQRI+Lpv+juyOsKijTQ8NBhYh5gXLpTS06ITiGxzd8gYCXyhJybIC93 GAtwDi/K2sv9yy1xeZjgbontlrseqk7uEGKN2Hi8ATJDmpogG0ZL55U7nHkCEprPqp4FMKls CJhxs7Jcx8517YY2nwixrw3AvL1ioo9hbZuBWlqEqmhfa8aCMxCsJHi44cWhzF63A4tNU59K 5QxWqWu7deEBuFxU3GlpP1fiAvsnDxjWspkOYVgXAaeYwCaIVJpYha2E9OCp8PEA/z9YhiOu hzC8P34upQbDqhHjjkl1gq5ObpcmU4Hx+ATERHksuJ0wJOlHQ89EcczNx3pAZ1yLsND71/o8 jUOKVhk79DCuUMa7hmOesHScyrTkTQXBPlKgupUBXaPZBCH0iIh4/84b0z6u3vUocP1oEOlJ PIV04dnXIuenjpFdaF0PRwg17wqV2GLHfQI/xlltpEUuWWfsuvDcTDciFgryKYmYRePiWBMM zDfK6/AJfYXB7T8MhyrkrDsqJpWAkjuf0uy6gGsm2107P2w63Rx5vmmaXoVczQOAdhfF/DKV 0+exW2DPl8zymQKw3FaV7qKj/QRnA=
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On Thu, May 11, 2023 at 02:07:40PM +0200, Jan Beulich wrote:
> This controls the driving of IGNNE# (if such emulation is enabled in
> hardware), and hence would need proper handling in the hypervisor to be
> safe to use by Dom0 (and fully emulating for PVH/HVM DomU-s).
> 
> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>

Acked-by: Roger Pau Monné <roger.pau@xxxxxxxxxx>

> ---
> RFC: Really this disabling of access would want to be conditional upon
>      the functionality actually being enabled. For AMD this looks to be
>      uniformly HWCR[8], but for Intel this is chipset-specific.

I'm afraid I'm not able to find much information about this, I've
found something in the Intel PCH datasheets, but I don't have a clear
picture of whether this port could be used by other functionality.

>From my reading of the spec, the initial value in 0xF0 (COPROC_ERR)
will inhibit the generation of an IRQ13, and hence if the behavior
that most modern OSes rely on?

Mostly wanted to check which kind of logic and OS would use to figure
out whether 0xF0 exists and control IGNNE#

Thanks, Roger.

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.