Re: [Xen-devel] [PATCH v1 for-4.6 2/2] xen: prevent access to HPET from Dom0
Hello, El 18/12/14 a les 19.51, Andrew Cooper ha escrit: On 18/12/14 18:27, Roger Pau Monne wrote: Prevent Dom0 from accessing HPET MMIO region by adding it to the list of denied memory regions. Signed-off-by: Roger Pau Monné roger@citrix.com Cc: Jan Beulich jbeul...@suse.com Cc: Andrew Cooper andrew.coop...@citrix.com Apologies that this reply is split between patch 0 and 2 - I replied to your cover letter before reading this patch. Denying access is only valid if acpi_table_hpet.flags ACPI_HPET_PAGE_PROTECT4 is true. Thanks, if ACPI_HPET_PAGE_PROTECT4 is set then we can prevent access to the full page and if ACPI_HPET_PAGE_PROTECT64 is set we can prevent access to this page and the adjacent 60KB (15 pages). Will send an updated version. Roger. ___ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel
Re: [Xen-devel] [PATCH v1 for-4.6 2/2] xen: prevent access to HPET from Dom0
On 18.12.14 at 19:27, roger@citrix.com wrote: --- a/xen/arch/x86/domain_build.c +++ b/xen/arch/x86/domain_build.c @@ -36,6 +36,9 @@ #include asm/bzimage.h /* for bzimage_parse */ #include asm/io_apic.h #include asm/hap.h +#ifdef CONFIG_HPET_TIMER +#include asm/hpet.h /* for hpet_address */ +#endif When you update the patch according to Andrew's comments, please also drop these stray #ifdef-s - if anything we should delete eventual other references to CONFIG_HPET_TIMER. Jan ___ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel
Re: [Xen-devel] [PATCH v1 for-4.6 2/2] xen: prevent access to HPET from Dom0
On 18.12.14 at 19:51, andrew.coop...@citrix.com wrote: On 18/12/14 18:27, Roger Pau Monne wrote: Prevent Dom0 from accessing HPET MMIO region by adding it to the list of denied memory regions. Signed-off-by: Roger Pau Monné roger@citrix.com Cc: Jan Beulich jbeul...@suse.com Cc: Andrew Cooper andrew.coop...@citrix.com Apologies that this reply is split between patch 0 and 2 - I replied to your cover letter before reading this patch. Denying access is only valid if acpi_table_hpet.flags ACPI_HPET_PAGE_PROTECT4 is true. Somehow the existence of this indication slipped my attention so far; I had always wanted to hide the HPET page from Dom0 if possible. Jan ___ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel
Re: [Xen-devel] [PATCH v1 for-4.6 2/2] xen: prevent access to HPET from Dom0
On 18.12.14 at 19:51, andrew.coop...@citrix.com wrote: On 18/12/14 18:27, Roger Pau Monne wrote: Prevent Dom0 from accessing HPET MMIO region by adding it to the list of denied memory regions. Signed-off-by: Roger Pau Monné roger@citrix.com Cc: Jan Beulich jbeul...@suse.com Cc: Andrew Cooper andrew.coop...@citrix.com Apologies that this reply is split between patch 0 and 2 - I replied to your cover letter before reading this patch. Denying access is only valid if acpi_table_hpet.flags ACPI_HPET_PAGE_PROTECT4 is true. Having just checked (as an example) the most modern Intel box I have direct access to, I wonder how many systems actually supply other than 0 here. Perhaps we ought to at once add a command line option to trigger the denial? Jan ___ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel
Re: [Xen-devel] [PATCH v1 for-4.6 2/2] xen: prevent access to HPET from Dom0
On 19/12/14 08:04, Roger Pau Monné wrote: Hello, El 18/12/14 a les 19.51, Andrew Cooper ha escrit: On 18/12/14 18:27, Roger Pau Monne wrote: Prevent Dom0 from accessing HPET MMIO region by adding it to the list of denied memory regions. Signed-off-by: Roger Pau Monné roger@citrix.com Cc: Jan Beulich jbeul...@suse.com Cc: Andrew Cooper andrew.coop...@citrix.com Apologies that this reply is split between patch 0 and 2 - I replied to your cover letter before reading this patch. Denying access is only valid if acpi_table_hpet.flags ACPI_HPET_PAGE_PROTECT4 is true. Thanks, if ACPI_HPET_PAGE_PROTECT4 is set then we can prevent access to the full page and if ACPI_HPET_PAGE_PROTECT64 is set we can prevent access to this page and the adjacent 60KB (15 pages). Will send an updated version. Roger. ACPI_HPET_PAGE_PROTECT64 stems from ia64 land, where pages can be 64k. I believe it can safely be ignored for x86, or perhaps used to imply ACPI_HPET_PAGE_PROTECT4 ~Andrew ___ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel
Re: [Xen-devel] [PATCH v1 for-4.6 2/2] xen: prevent access to HPET from Dom0
On 19/12/14 09:11, Jan Beulich wrote: On 18.12.14 at 19:51, andrew.coop...@citrix.com wrote: On 18/12/14 18:27, Roger Pau Monne wrote: Prevent Dom0 from accessing HPET MMIO region by adding it to the list of denied memory regions. Signed-off-by: Roger Pau Monné roger@citrix.com Cc: Jan Beulich jbeul...@suse.com Cc: Andrew Cooper andrew.coop...@citrix.com Apologies that this reply is split between patch 0 and 2 - I replied to your cover letter before reading this patch. Denying access is only valid if acpi_table_hpet.flags ACPI_HPET_PAGE_PROTECT4 is true. Having just checked (as an example) the most modern Intel box I have direct access to, I wonder how many systems actually supply other than 0 here. Perhaps we ought to at once add a command line option to trigger the denial? I also can't find a server which sets this flag. I wonder how many systems actually have other things sitting in the remainder of the page. ~Andrew ___ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel
Re: [Xen-devel] [PATCH v1 for-4.6 2/2] xen: prevent access to HPET from Dom0
On 19.12.14 at 12:32, andrew.coop...@citrix.com wrote: On 19/12/14 09:11, Jan Beulich wrote: On 18.12.14 at 19:51, andrew.coop...@citrix.com wrote: On 18/12/14 18:27, Roger Pau Monne wrote: Prevent Dom0 from accessing HPET MMIO region by adding it to the list of denied memory regions. Signed-off-by: Roger Pau Monné roger@citrix.com Cc: Jan Beulich jbeul...@suse.com Cc: Andrew Cooper andrew.coop...@citrix.com Apologies that this reply is split between patch 0 and 2 - I replied to your cover letter before reading this patch. Denying access is only valid if acpi_table_hpet.flags ACPI_HPET_PAGE_PROTECT4 is true. Having just checked (as an example) the most modern Intel box I have direct access to, I wonder how many systems actually supply other than 0 here. Perhaps we ought to at once add a command line option to trigger the denial? I also can't find a server which sets this flag. I wonder how many systems actually have other things sitting in the remainder of the page. One would think (or should I say hope) that there's at least nothing with read side effects anywhere, or else Linux'es exposing of the page to user mode would be a security problem. Perhaps we should also limit Dom0 mappings to r/o when we can't hide the page altogether. Jan ___ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel
[Xen-devel] [PATCH v1 for-4.6 2/2] xen: prevent access to HPET from Dom0
Prevent Dom0 from accessing HPET MMIO region by adding it to the list of
denied memory regions.
Signed-off-by: Roger Pau Monné roger@citrix.com
Cc: Jan Beulich jbeul...@suse.com
Cc: Andrew Cooper andrew.coop...@citrix.com
---
xen/arch/x86/domain_build.c | 12
1 file changed, 12 insertions(+)
diff --git a/xen/arch/x86/domain_build.c b/xen/arch/x86/domain_build.c
index aa3bf0f..788f7db 100644
--- a/xen/arch/x86/domain_build.c
+++ b/xen/arch/x86/domain_build.c
@@ -36,6 +36,9 @@
#include asm/bzimage.h /* for bzimage_parse */
#include asm/io_apic.h
#include asm/hap.h
+#ifdef CONFIG_HPET_TIMER
+#include asm/hpet.h /* for hpet_address */
+#endif
#include public/version.h
@@ -1516,6 +1519,15 @@ int __init construct_dom0(
rc |= iomem_deny_access(d, sfn, efn);
}
+#ifdef CONFIG_HPET_TIMER
+/* Prevent access to HPET */
+if ( hpet_address != 0 )
+{
+mfn = paddr_to_pfn(hpet_address);
+rc |= iomem_deny_access(d, mfn, mfn);
+}
+#endif
+
BUG_ON(rc != 0);
if ( elf_check_broken(elf) )
--
1.9.3 (Apple Git-50)
___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
Re: [Xen-devel] [PATCH v1 for-4.6 2/2] xen: prevent access to HPET from Dom0
On 18/12/14 18:27, Roger Pau Monne wrote:
Prevent Dom0 from accessing HPET MMIO region by adding it to the list of
denied memory regions.
Signed-off-by: Roger Pau Monné roger@citrix.com
Cc: Jan Beulich jbeul...@suse.com
Cc: Andrew Cooper andrew.coop...@citrix.com
Apologies that this reply is split between patch 0 and 2 - I replied to
your cover letter before reading this patch.
Denying access is only valid if acpi_table_hpet.flags
ACPI_HPET_PAGE_PROTECT4 is true.
~Andrew
---
xen/arch/x86/domain_build.c | 12
1 file changed, 12 insertions(+)
diff --git a/xen/arch/x86/domain_build.c b/xen/arch/x86/domain_build.c
index aa3bf0f..788f7db 100644
--- a/xen/arch/x86/domain_build.c
+++ b/xen/arch/x86/domain_build.c
@@ -36,6 +36,9 @@
#include asm/bzimage.h /* for bzimage_parse */
#include asm/io_apic.h
#include asm/hap.h
+#ifdef CONFIG_HPET_TIMER
+#include asm/hpet.h /* for hpet_address */
+#endif
#include public/version.h
@@ -1516,6 +1519,15 @@ int __init construct_dom0(
rc |= iomem_deny_access(d, sfn, efn);
}
+#ifdef CONFIG_HPET_TIMER
+/* Prevent access to HPET */
+if ( hpet_address != 0 )
+{
+mfn = paddr_to_pfn(hpet_address);
+rc |= iomem_deny_access(d, mfn, mfn);
+}
+#endif
+
BUG_ON(rc != 0);
if ( elf_check_broken(elf) )
___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
