xen-devel.lists.xenproject.org archive mirror
 help / color / mirror / Atom feed
From: Stefano Stabellini <sstabellini@kernel.org>
To: xen-devel@lists.xenproject.org
Cc: Stefano Stabellini <stefanos@xilinx.com>,
	julien.grall@arm.com, sstabellini@kernel.org,
	Volodymyr_Babchuk@epam.com
Subject: [Xen-devel] [PATCH v6 7/8] xen/arm: don't iomem_permit_access for reserved-memory regions
Date: Thu, 15 Aug 2019 16:36:17 -0700	[thread overview]
Message-ID: <20190815233618.31630-7-sstabellini@kernel.org> (raw)
In-Reply-To: <alpine.DEB.2.21.1908151634170.8737@sstabellini-ThinkPad-T480s>

Don't allow reserved-memory regions to be remapped into any unprivileged
guests, until reserved-memory regions are properly supported in Xen. For
now, do not call iomem_permit_access on them, because giving
iomem_permit_access to dom0 means that the toolstack will be able to
assign the region to a domU.

Signed-off-by: Stefano Stabellini <stefanos@xilinx.com>
---

Changes in v6:
- compare against "/reserved-memory/"

Changes in v5:
- fix check condition
- use strnicmp
- return error
- improve commit message

Changes in v4:
- compare the parent name with reserved-memory
- use dt_node_cmp

Changes in v3:
- new patch
---
 xen/arch/arm/domain_build.c | 24 ++++++++++++++++--------
 1 file changed, 16 insertions(+), 8 deletions(-)

diff --git a/xen/arch/arm/domain_build.c b/xen/arch/arm/domain_build.c
index 4c8404155a..673ffa453f 100644
--- a/xen/arch/arm/domain_build.c
+++ b/xen/arch/arm/domain_build.c
@@ -1155,15 +1155,23 @@ static int __init map_range_to_domain(const struct dt_device_node *dev,
     bool need_mapping = !dt_device_for_passthrough(dev);
     int res;
 
-    res = iomem_permit_access(d, paddr_to_pfn(addr),
-                              paddr_to_pfn(PAGE_ALIGN(addr + len - 1)));
-    if ( res )
+    /*
+     * Don't give iomem permissions for reserved-memory ranges to domUs
+     * until reserved-memory support is complete.
+     */
+    if ( strnicmp(dt_node_full_name(dev), "/reserved-memory/",
+         strlen("/reserved-memory/")) != 0 )
     {
-        printk(XENLOG_ERR "Unable to permit to dom%d access to"
-               " 0x%"PRIx64" - 0x%"PRIx64"\n",
-               d->domain_id,
-               addr & PAGE_MASK, PAGE_ALIGN(addr + len) - 1);
-        return res;
+        res = iomem_permit_access(d, paddr_to_pfn(addr),
+                paddr_to_pfn(PAGE_ALIGN(addr + len - 1)));
+        if ( res )
+        {
+            printk(XENLOG_ERR "Unable to permit to dom%d access to"
+                    " 0x%"PRIx64" - 0x%"PRIx64"\n",
+                    d->domain_id,
+                    addr & PAGE_MASK, PAGE_ALIGN(addr + len) - 1);
+            return res;
+        }
     }
 
     if ( need_mapping )
-- 
2.17.1


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel

  parent reply	other threads:[~2019-08-15 23:36 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-08-15 23:36 [Xen-devel] [PATCH v6 0/8] reserved-memory in dom0 Stefano Stabellini
2019-08-15 23:36 ` [Xen-devel] [PATCH v6 1/8] xen/arm: pass node to device_tree_for_each_node Stefano Stabellini
2019-08-16  9:06   ` Julien Grall
2019-08-17  0:29     ` Stefano Stabellini
2019-08-19  9:51       ` Julien Grall
2019-08-19 17:06         ` Stefano Stabellini
2019-08-15 23:36 ` [Xen-devel] [PATCH v6 2/8] xen/arm: make process_memory_node a device_tree_node_func Stefano Stabellini
2019-08-16  9:17   ` Julien Grall
2019-08-17  0:48     ` Stefano Stabellini
2019-08-19  9:54       ` Julien Grall
2019-08-15 23:36 ` [Xen-devel] [PATCH v6 3/8] xen/arm: keep track of reserved-memory regions Stefano Stabellini
2019-08-15 23:36 ` [Xen-devel] [PATCH v6 4/8] xen/arm: fix indentation in early_print_info Stefano Stabellini
2019-08-16  9:18   ` Julien Grall
2019-08-15 23:36 ` [Xen-devel] [PATCH v6 5/8] xen/arm: early_print_info print reserved_mem Stefano Stabellini
2019-08-15 23:36 ` [Xen-devel] [PATCH v6 6/8] xen/arm: handle reserved-memory in consider_modules and dt_unreserved_regions Stefano Stabellini
2019-08-15 23:36 ` Stefano Stabellini [this message]
2019-08-16  9:42   ` [Xen-devel] [PATCH v6 7/8] xen/arm: don't iomem_permit_access for reserved-memory regions Julien Grall
2019-08-16 23:56     ` Stefano Stabellini
2019-08-15 23:36 ` [Xen-devel] [PATCH v6 8/8] xen/arm: add reserved-memory regions to the dom0 memory node Stefano Stabellini

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20190815233618.31630-7-sstabellini@kernel.org \
    --to=sstabellini@kernel.org \
    --cc=Volodymyr_Babchuk@epam.com \
    --cc=julien.grall@arm.com \
    --cc=stefanos@xilinx.com \
    --cc=xen-devel@lists.xenproject.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).