Xen project Mailing List

[Xen-devel] [PATCH v3 3/3] xen: prevent access to HPET from Dom0

From: Roger Pau Monne <roger.pau@xxxxxxxxxx>

Date: Thu, 22 Jan 2015 16:19:23 +0100

Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Roger Pau Monne <roger.pau@xxxxxxxxxx>

Delivery-date: Thu, 22 Jan 2015 15:19:33 +0000

List-id: Xen developer discussion <xen-devel.lists.xen.org>

Prevent Dom0 from accessing HPET MMIO region by adding the HPET mfn to the list of forbiden memory regions (if ACPI_HPET_PAGE_PROTECT4 flag is set) or to the list of read-only regions. Also provide an option that prevents adding the HPET to the read-only memory regions called ro-hpet, in case there are systems that put other stuff in the HPET page. Signed-off-by: Roger Pau MonnÃ <roger.pau@xxxxxxxxxx> Cc: Jan Beulich <jbeulich@xxxxxxxx> Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> --- Changes since v2: - Don't map the HPET page at all if ACPI_HPET_PAGE_PROTECT4 is found. - Provide an option (ro-hpet) that prevents adding the HPET page to the list of read-only memory regions. Changes since v1: - Instead of completely blocking access to the HPET mfn, set it as read-only. --- docs/misc/xen-command-line.markdown | 8 ++++++++ xen/arch/x86/acpi/boot.c | 1 + xen/arch/x86/domain_build.c | 14 ++++++++++++++ xen/arch/x86/hpet.c | 1 + xen/include/asm-x86/hpet.h | 1 + 5 files changed, 25 insertions(+) diff --git a/docs/misc/xen-command-line.markdown b/docs/misc/xen-command-line.markdown index a061aa4..e87eef4 100644 --- a/docs/misc/xen-command-line.markdown +++ b/docs/misc/xen-command-line.markdown @@ -1380,3 +1380,11 @@ Use the x2apic physical apic driver. The alternative is the x2apic cluster driv > Default: `true` Permit use of the `xsave/xrstor` instructions. + +### ro-hpet +> `= <boolean>` + +> Default: `true` + +Map the HPET page as read only in Dom0. If disabled the page will be mapped +with read and write permissions. diff --git a/xen/arch/x86/acpi/boot.c b/xen/arch/x86/acpi/boot.c index 903830b..9a8904b 100644 --- a/xen/arch/x86/acpi/boot.c +++ b/xen/arch/x86/acpi/boot.c @@ -309,6 +309,7 @@ static int __init acpi_parse_hpet(struct acpi_table_header *table) hpet_address = hpet_tbl->address.address; hpet_blockid = hpet_tbl->sequence; + hpet_flags = hpet_tbl->flags; printk(KERN_INFO PREFIX "HPET id: %#x base: %#lx\n", hpet_tbl->id, hpet_address); diff --git a/xen/arch/x86/domain_build.c b/xen/arch/x86/domain_build.c index 76722f7..85c47cc 100644 --- a/xen/arch/x86/domain_build.c +++ b/xen/arch/x86/domain_build.c @@ -36,6 +36,7 @@ #include <asm/bzimage.h> /* for bzimage_parse */ #include <asm/io_apic.h> #include <asm/hap.h> +#include <asm/hpet.h> /* for hpet_address */ #include <public/version.h> @@ -134,6 +135,9 @@ boolean_param("dom0_shadow", opt_dom0_shadow); static char __initdata opt_dom0_ioports_disable[200] = ""; string_param("dom0_ioports_disable", opt_dom0_ioports_disable); +static bool_t __initdata ro_hpet = 1; +boolean_param("ro-hpet", ro_hpet); + /* Allow ring-3 access in long mode as guest cannot use ring 1 ... */ #define BASE_PROT (_PAGE_PRESENT|_PAGE_RW|_PAGE_ACCESSED|_PAGE_USER) #define L1_PROT (BASE_PROT|_PAGE_GUEST_KERNEL) @@ -1495,6 +1499,16 @@ int __init construct_dom0( rc |= iomem_deny_access(d, sfn, efn); } + /* Prevent access to HPET */ + if ( hpet_address != 0 ) + { + mfn = paddr_to_pfn(hpet_address); + if ( hpet_flags & ACPI_HPET_PAGE_PROTECT4 ) + rc |= iomem_deny_access(d, mfn, mfn); + else if ( ro_hpet ) + rc |= rangeset_add_singleton(mmio_ro_ranges, mfn); + } + BUG_ON(rc != 0); if ( elf_check_broken(&elf) ) diff --git a/xen/arch/x86/hpet.c b/xen/arch/x86/hpet.c index 0b13f52..7aa740f 100644 --- a/xen/arch/x86/hpet.c +++ b/xen/arch/x86/hpet.c @@ -52,6 +52,7 @@ DEFINE_PER_CPU(struct hpet_event_channel *, cpu_bc_channel); unsigned long __initdata hpet_address; u8 __initdata hpet_blockid; +u8 __initdata hpet_flags; /* * force_hpet_broadcast: by default legacy hpet broadcast will be stopped diff --git a/xen/include/asm-x86/hpet.h b/xen/include/asm-x86/hpet.h index 875f1de..10c4a56 100644 --- a/xen/include/asm-x86/hpet.h +++ b/xen/include/asm-x86/hpet.h @@ -52,6 +52,7 @@ extern unsigned long hpet_address; extern u8 hpet_blockid; +extern u8 hpet_flags; /* * Detect and initialise HPET hardware: return counter update frequency. -- 1.9.3 (Apple Git-50) _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.