Prevent Dom0 from accessing HPET MMIO region by adding the HPET mfn to the
list of read-only memory regions.
Signed-off-by: Roger Pau Monné <roger....@citrix.com>
Cc: Jan Beulich <jbeul...@suse.com>
Cc: Andrew Cooper <andrew.coop...@citrix.com>
---
Changes since v1:
- Instead of completely blocking access to the HPET mfn, set it as
read-only.
---
xen/arch/x86/domain_build.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/xen/arch/x86/domain_build.c b/xen/arch/x86/domain_build.c
index 41d2541..4c62bb8 100644
--- a/xen/arch/x86/domain_build.c
+++ b/xen/arch/x86/domain_build.c
@@ -36,6 +36,7 @@
#include <asm/bzimage.h> /* for bzimage_parse */
#include <asm/io_apic.h>
#include <asm/hap.h>
+#include <asm/hpet.h> /* for hpet_address */
#include <public/version.h>
@@ -1494,6 +1495,13 @@ int __init construct_dom0(
rc |= iomem_deny_access(d, sfn, efn);
}
+ /* Prevent access to HPET */
+ if ( hpet_address != 0 )
+ {
+ mfn = paddr_to_pfn(hpet_address);
+ rc |= rangeset_add_singleton(mmio_ro_ranges, mfn);
+ }
+
BUG_ON(rc != 0);
if ( elf_check_broken(&elf) )
--
1.9.3 (Apple Git-50)
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
