On 18.06.19 18:23, Andrej Utz wrote:
On 18.06.19 18:04, Jan Kiszka wrote:
On 18.06.19 17:55, Andrej Utz wrote:
Hi Jan,
On 07.06.19 09:23, Jan Kiszka wrote:
On 05.06.19 18:17, Andrej Utz wrote:
This replaces the old static port list with actual port regions from
'/proc/ioports'. The static regions from said list are kept and override
the data in case of region overlap to retain compability.
The generated port list is virtually identicall to the old one but eases
manual configuration.
IOW, the whole PCI IO space remains accessible, is now just partitioned in
order to ease manual disabling? I wonder if we could not go one step further
and only allow known regions.
But isn't this the same as the static regions ...
Signed-off-by: Andrej Utz <[email protected]>
---
pyjailhouse/sysfs_parser.py | 135 ++++++++++++++++++++++++++++++++++
tools/jailhouse-config-create | 14 +---
tools/root-cell-config.c.tmpl | 15 ++--
3 files changed, 142 insertions(+), 22 deletions(-)
diff --git a/pyjailhouse/sysfs_parser.py b/pyjailhouse/sysfs_parser.py
index 56265fb5..d06a476a 100644
--- a/pyjailhouse/sysfs_parser.py
+++ b/pyjailhouse/sysfs_parser.py
@@ -142,6 +142,57 @@ def parse_iomem(pcidevices):
return ret, dmar_regions
+def parse_ioports():
+ regions = IOMapTree.parse_ioports_tree(
+ IOMapTree.parse_iomap_file('/proc/ioports', PortRegion))
+
+ tmp = [
+ # static regions
+ PortRegion(0x0, 0x3f, ''),
+ PortRegion(0x40, 0x43, 'PIT', allowed=True),
+ PortRegion(0x60, 0x61, 'NMI', allowed=True), # NMI status/control
... do here? Or how do you define "known regions"?
There are a number of known platform regions in the lower IO range, like the
above. And then there are the IO regions of PCI devices, according to their
BAR settings. Currently, we permit access to the whole PCI range to the root
cell.
Does that also mean we need to read the PCI config space to whitelist port
regions?
If so, I'd like it to be another commit on top of this patch.
Yes, this is likely a topic for follow-up patches: We either need to parse
/proc/ioports more sophistically than what we do in parse_ioports so far, or we
actually need to read the config space and interpret the BAR content.
Jan
--
Siemens AG, Corporate Technology, CT RDA IOT SES-DE
Corporate Competence Center Embedded Linux
--
You received this message because you are subscribed to the Google Groups
"Jailhouse" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/jailhouse-dev/1a72db02-28a1-3072-60fb-5ea164b982ce%40siemens.com.
For more options, visit https://groups.google.com/d/optout.
