xen-devel.lists.xenproject.org archive mirror
 help / color / mirror / Atom feed
From: Shannon Zhao <zhaoshenglong@huawei.com>
To: xen-devel@lists.xen.org
Cc: julien.grall@arm.com, zhaoshenglong@huawei.com,
	stefano.stabellini@citrix.com, shannon.zhao@linaro.org,
	peter.huangpeng@huawei.com
Subject: [PATCH v6 18/22] arm/acpi: Permit MMIO access of Xen unused devices for Dom0
Date: Thu, 17 Mar 2016 17:41:04 +0800	[thread overview]
Message-ID: <1458207668-12012-19-git-send-email-zhaoshenglong@huawei.com> (raw)
In-Reply-To: <1458207668-12012-1-git-send-email-zhaoshenglong@huawei.com>

From: Shannon Zhao <shannon.zhao@linaro.org>

Firstly it permits full MMIO capabilities for Dom0. Then deny MMIO
access of Xen used devices, such as UART, GIC, SMMU. Currently, it only
denies the MMIO access of UART and GIC regions. For other Xen used
devices it could be added later when they are supported.

Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org>
Reviewed-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
---
 xen/arch/arm/domain_build.c | 36 ++++++++++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)

diff --git a/xen/arch/arm/domain_build.c b/xen/arch/arm/domain_build.c
index 1e5ee0e..a4abf28 100644
--- a/xen/arch/arm/domain_build.c
+++ b/xen/arch/arm/domain_build.c
@@ -1359,6 +1359,38 @@ static int prepare_dtb(struct domain *d, struct kernel_info *kinfo)
 #ifdef CONFIG_ACPI
 #define ACPI_DOM0_FDT_MIN_SIZE 4096
 
+static int acpi_iomem_deny_access(struct domain *d)
+{
+    acpi_status status;
+    struct acpi_table_spcr *spcr = NULL;
+    unsigned long gfn;
+    int rc;
+
+    /* Firstly permit full MMIO capabilities. */
+    rc = iomem_permit_access(d, 0UL, ~0UL);
+    if ( rc )
+        return rc;
+
+    /* TODO: Deny MMIO access for SMMU, GIC ITS */
+    status = acpi_get_table(ACPI_SIG_SPCR, 0,
+                            (struct acpi_table_header **)&spcr);
+
+    if ( ACPI_FAILURE(status) )
+    {
+        printk("Failed to get SPCR table\n");
+        return -EINVAL;
+    }
+
+    gfn = spcr->serial_port.address >> PAGE_SHIFT;
+    /* Deny MMIO access for UART */
+    rc = iomem_deny_access(d, gfn, gfn + 1);
+    if ( rc )
+        return rc;
+
+    /* Deny MMIO access for GIC regions */
+    return gic_iomem_deny_access(d);
+}
+
 static int acpi_permit_spi_access(struct domain *d)
 {
     int i, res;
@@ -1880,6 +1912,10 @@ static int prepare_acpi(struct domain *d, struct kernel_info *kinfo)
     if ( rc != 0 )
         return rc;
 
+    rc = acpi_iomem_deny_access(d);
+    if ( rc != 0 )
+        return rc;
+
     return 0;
 }
 #else
-- 
2.0.4



_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel

  parent reply	other threads:[~2016-03-17  9:41 UTC|newest]

Thread overview: 79+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-03-17  9:40 [PATCH v6 00/22] Prepare UEFI and ACPI tables for Dom0 on ARM64 Shannon Zhao
2016-03-17  9:40 ` [PATCH v6 01/22] arm/acpi: Estimate memory required for acpi/efi tables Shannon Zhao
2016-03-18 18:44   ` Julien Grall
2016-03-21 13:01     ` Jan Beulich
2016-03-22 13:01     ` Shannon Zhao
2016-03-22  0:28   ` Julien Grall
2016-03-24 12:36   ` Stefano Stabellini
2016-03-17  9:40 ` [PATCH v6 02/22] arm/acpi: Add a helper function to get the acpi table offset Shannon Zhao
2016-03-21 12:16   ` Julien Grall
2016-03-24 12:32   ` Stefano Stabellini
2016-03-17  9:40 ` [PATCH v6 03/22] arm/acpi: Prepare FADT table for Dom0 Shannon Zhao
2016-03-21 12:25   ` Julien Grall
2016-03-17  9:40 ` [PATCH v6 04/22] arm/gic: Add a new callback for creating MADT " Shannon Zhao
2016-03-21 15:18   ` Julien Grall
2016-03-17  9:40 ` [PATCH v6 05/22] arm/acpi: Prepare " Shannon Zhao
2016-03-21 15:26   ` Julien Grall
2016-03-21 15:51     ` Jan Beulich
2016-03-17  9:40 ` [PATCH v6 06/22] arm/acpi: Prepare STAO " Shannon Zhao
2016-03-21 15:31   ` Julien Grall
2016-03-17  9:40 ` [PATCH v6 07/22] arm/acpi: Prepare XSDT " Shannon Zhao
2016-03-21 15:43   ` Julien Grall
2016-03-17  9:40 ` [PATCH v6 08/22] arm/acpi: Prepare RSDP " Shannon Zhao
2016-03-21 15:47   ` Julien Grall
2016-03-17  9:40 ` [PATCH v6 09/22] arm/p2m: Add helper functions to map memory regions Shannon Zhao
2016-03-21 15:52   ` Julien Grall
2016-03-22 13:05     ` Shannon Zhao
2016-03-22 15:59       ` Julien Grall
2016-03-17  9:40 ` [PATCH v6 10/22] arm/acpi: Map all other tables for Dom0 Shannon Zhao
2016-03-21 15:57   ` Julien Grall
2016-03-17  9:40 ` [PATCH v6 11/22] arm/acpi: Prepare EFI system table " Shannon Zhao
2016-03-21 16:10   ` Julien Grall
2016-03-22 13:06     ` Shannon Zhao
2016-03-22 13:24       ` Jan Beulich
2016-03-17  9:40 ` [PATCH v6 12/22] arm/acpi: Prepare EFI memory descriptor " Shannon Zhao
2016-03-21 16:51   ` Julien Grall
2016-03-22 13:16     ` Shannon Zhao
2016-03-22 16:04       ` Julien Grall
2016-03-24 15:06         ` Shannon Zhao
2016-03-24 15:23           ` Julien Grall
2016-03-24 12:39   ` Stefano Stabellini
2016-03-17  9:40 ` [PATCH v6 13/22] arm/acpi: Map the new created EFI and ACPI tables to Dom0 Shannon Zhao
2016-03-22  0:42   ` Julien Grall
2016-03-22 13:18     ` Shannon Zhao
2016-03-22 16:16       ` Julien Grall
2016-03-24 14:59         ` Shannon Zhao
2016-03-24 15:35           ` Julien Grall
2016-03-17  9:41 ` [PATCH v6 14/22] arm/acpi: Create min DT stub for Dom0 Shannon Zhao
2016-03-22  1:07   ` Julien Grall
2016-03-22 13:23     ` Shannon Zhao
2016-03-17  9:41 ` [PATCH v6 15/22] arm/acpi: Permit access all Xen unused SPIs " Shannon Zhao
2016-03-22 18:18   ` Julien Grall
2016-03-24 15:01     ` Shannon Zhao
2016-03-24 15:37       ` Julien Grall
2016-03-25  7:13         ` Shannon Zhao
2016-03-17  9:41 ` [PATCH v6 16/22] arm/acpi: Configure SPI interrupt type and route to Dom0 dynamically Shannon Zhao
2016-03-22 19:17   ` Julien Grall
2016-03-24 12:41   ` Stefano Stabellini
2016-03-17  9:41 ` [PATCH v6 17/22] arm/gic: Add a new callback to deny Dom0 access to GIC regions Shannon Zhao
2016-03-22 19:33   ` Julien Grall
2016-03-24 12:45     ` Stefano Stabellini
2016-03-24 15:03       ` Shannon Zhao
2016-03-24 15:39         ` Julien Grall
2016-03-17  9:41 ` Shannon Zhao [this message]
2016-03-23 11:50   ` [PATCH v6 18/22] arm/acpi: Permit MMIO access of Xen unused devices for Dom0 Julien Grall
2016-03-17  9:41 ` [PATCH v6 19/22] hvm/params: Add a new delivery type for event-channel in HVM_PARAM_CALLBACK_IRQ Shannon Zhao
2016-03-17 10:42   ` Jan Beulich
2016-03-17 11:04     ` Shannon Zhao
2016-03-17 11:29       ` Jan Beulich
2016-03-17 11:56         ` Shannon Zhao
2016-03-17 12:42           ` Jan Beulich
2016-03-17  9:41 ` [PATCH v6 20/22] xen/acpi: Fix event-channel interrupt when booting with ACPI Shannon Zhao
2016-03-23 12:15   ` Julien Grall
2016-03-17  9:41 ` [PATCH v6 21/22] xen/arm: Add a hypercall for device mmio mapping Shannon Zhao
2016-03-17  9:41 ` [PATCH v6 22/22] xen/arm64: Add ACPI support Shannon Zhao
2016-03-17 10:52   ` Jan Beulich
2016-03-17 11:03     ` Shannon Zhao
2016-03-17 11:31       ` Jan Beulich
2016-03-17 13:10         ` Shannon Zhao
2016-03-17 13:24           ` Jan Beulich

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1458207668-12012-19-git-send-email-zhaoshenglong@huawei.com \
    --to=zhaoshenglong@huawei.com \
    --cc=julien.grall@arm.com \
    --cc=peter.huangpeng@huawei.com \
    --cc=shannon.zhao@linaro.org \
    --cc=stefano.stabellini@citrix.com \
    --cc=xen-devel@lists.xen.org \
    --subject='Re: [PATCH v6 18/22] arm/acpi: Permit MMIO access of Xen unused devices for Dom0' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).