Re: [Xen-devel] [PATCH v2 2/4] x86/dom0: prevent PVH Dom0 from mapping read-only the IO APIC area
> From: Roger Pau Monne [mailto:roger@citrix.com] > Sent: Thursday, August 17, 2017 5:35 PM > > On Thu, Aug 17, 2017 at 03:12:45AM +, Tian, Kevin wrote: > > > From: Roger Pau Monne > > > Sent: Saturday, August 12, 2017 12:43 AM > > > > > > This is emulated by Xen and must not be mapped into PVH Dom0 p2m. > > > > same comment as previous one. please send it separately. > > This will only be mapped once iommu_inclusive_mapping is available for > PVH Dom0, which is what patch #3 does. It's not a bugfix because the > bug it would be fix doesn't exist yet. > Similarly please add more explanation why it's only includsive mapping specific. For people not familiar with PVH specifics, it's hard to get that feeling simply looking at the current patch description and actual patch which looks like a general change. e.g. you may want to explain why PVH dom0 doesn't require iomem_deny_access so far while it becomes necessary later... Thanks kevin ___ Xen-devel mailing list Xen-devel@lists.xen.org https://lists.xen.org/xen-devel
Re: [Xen-devel] [PATCH v2 2/4] x86/dom0: prevent PVH Dom0 from mapping read-only the IO APIC area
>>> On 11.08.17 at 18:43, wrote: > This is emulated by Xen and must not be mapped into PVH Dom0 p2m. > > Signed-off-by: Roger Pau Monné If we stay with black listing MMIO ranges Acked-by: Jan Beulich Jan ___ Xen-devel mailing list Xen-devel@lists.xen.org https://lists.xen.org/xen-devel
Re: [Xen-devel] [PATCH v2 2/4] x86/dom0: prevent PVH Dom0 from mapping read-only the IO APIC area
On Thu, Aug 17, 2017 at 03:12:45AM +, Tian, Kevin wrote: > > From: Roger Pau Monne > > Sent: Saturday, August 12, 2017 12:43 AM > > > > This is emulated by Xen and must not be mapped into PVH Dom0 p2m. > > same comment as previous one. please send it separately. This will only be mapped once iommu_inclusive_mapping is available for PVH Dom0, which is what patch #3 does. It's not a bugfix because the bug it would be fix doesn't exist yet. Roger. ___ Xen-devel mailing list Xen-devel@lists.xen.org https://lists.xen.org/xen-devel
Re: [Xen-devel] [PATCH v2 2/4] x86/dom0: prevent PVH Dom0 from mapping read-only the IO APIC area
> From: Roger Pau Monne
> Sent: Saturday, August 12, 2017 12:43 AM
>
> This is emulated by Xen and must not be mapped into PVH Dom0 p2m.
same comment as previous one. please send it separately.
>
> Signed-off-by: Roger Pau Monné
> ---
> Cc: Jan Beulich
> Cc: Andrew Cooper
> ---
> xen/arch/x86/dom0_build.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/xen/arch/x86/dom0_build.c b/xen/arch/x86/dom0_build.c
> index 3e0910d779..804efee1a9 100644
> --- a/xen/arch/x86/dom0_build.c
> +++ b/xen/arch/x86/dom0_build.c
> @@ -402,7 +402,7 @@ int __init dom0_setup_permissions(struct domain
> *d)
> for ( i = 0; i < nr_ioapics; i++ )
> {
> mfn = paddr_to_pfn(mp_ioapics[i].mpc_apicaddr);
> -if ( !rangeset_contains_singleton(mmio_ro_ranges, mfn) )
> +if ( dom0_pvh || !rangeset_contains_singleton(mmio_ro_ranges,
> mfn) )
> rc |= iomem_deny_access(d, mfn, mfn);
> }
> /* MSI range. */
> --
> 2.11.0 (Apple Git-81)
>
>
> ___
> Xen-devel mailing list
> Xen-devel@lists.xen.org
> https://lists.xen.org/xen-devel
___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
[Xen-devel] [PATCH v2 2/4] x86/dom0: prevent PVH Dom0 from mapping read-only the IO APIC area
This is emulated by Xen and must not be mapped into PVH Dom0 p2m.
Signed-off-by: Roger Pau Monné
---
Cc: Jan Beulich
Cc: Andrew Cooper
---
xen/arch/x86/dom0_build.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/xen/arch/x86/dom0_build.c b/xen/arch/x86/dom0_build.c
index 3e0910d779..804efee1a9 100644
--- a/xen/arch/x86/dom0_build.c
+++ b/xen/arch/x86/dom0_build.c
@@ -402,7 +402,7 @@ int __init dom0_setup_permissions(struct domain *d)
for ( i = 0; i < nr_ioapics; i++ )
{
mfn = paddr_to_pfn(mp_ioapics[i].mpc_apicaddr);
-if ( !rangeset_contains_singleton(mmio_ro_ranges, mfn) )
+if ( dom0_pvh || !rangeset_contains_singleton(mmio_ro_ranges, mfn) )
rc |= iomem_deny_access(d, mfn, mfn);
}
/* MSI range. */
--
2.11.0 (Apple Git-81)
___
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
