From patchwork Thu May 11 12:08:09 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: Jan Beulich <JBeulich@suse.com>
X-Patchwork-Id: 13237835
Return-Path: <xen-devel-bounces@lists.xenproject.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.lore.kernel.org (Postfix) with ESMTPS id A72B0C77B7C
	for <xen-devel@archiver.kernel.org>; Thu, 11 May 2023 12:08:24 +0000 (UTC)
Received: from list by lists.xenproject.org with
 outflank-mailman.533340.829911 (Exim 4.92)
	(envelope-from <xen-devel-bounces@lists.xenproject.org>)
	id 1px55j-0002ma-9S; Thu, 11 May 2023 12:08:15 +0000
X-Outflank-Mailman: Message body and most headers restored to incoming version
Received: by outflank-mailman (output) from mailman id 533340.829911;
 Thu, 11 May 2023 12:08:15 +0000
Received: from localhost ([127.0.0.1] helo=lists.xenproject.org)
	by lists.xenproject.org with esmtp (Exim 4.92)
	(envelope-from <xen-devel-bounces@lists.xenproject.org>)
	id 1px55j-0002mT-5g; Thu, 11 May 2023 12:08:15 +0000
Received: by outflank-mailman (input) for mailman id 533340;
 Thu, 11 May 2023 12:08:13 +0000
Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254]
 helo=se1-gles-sth1.inumbo.com)
 by lists.xenproject.org with esmtp (Exim 4.92)
 (envelope-from
 <SRS0=CrlD=BA=suse.com=JBeulich@srs-se1.protection.inumbo.net>)
 id 1px55h-0002N3-Df
 for xen-devel@lists.xenproject.org; Thu, 11 May 2023 12:08:13 +0000
Received: from EUR05-DB8-obe.outbound.protection.outlook.com
 (mail-db8eur05on2060b.outbound.protection.outlook.com
 [2a01:111:f400:7e1a::60b])
 by se1-gles-sth1.inumbo.com (Halon) with ESMTPS
 id 80769162-eff4-11ed-b229-6b7b168915f2;
 Thu, 11 May 2023 14:08:12 +0200 (CEST)
Received: from VE1PR04MB6560.eurprd04.prod.outlook.com (2603:10a6:803:122::25)
 by DB9PR04MB9500.eurprd04.prod.outlook.com (2603:10a6:10:361::5) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6363.33; Thu, 11 May
 2023 12:08:11 +0000
Received: from VE1PR04MB6560.eurprd04.prod.outlook.com
 ([fe80::8e41:82b6:a27f:2e0c]) by VE1PR04MB6560.eurprd04.prod.outlook.com
 ([fe80::8e41:82b6:a27f:2e0c%4]) with mapi id 15.20.6363.033; Thu, 11 May 2023
 12:08:11 +0000
X-BeenThere: xen-devel@lists.xenproject.org
List-Id: Xen developer discussion <xen-devel.lists.xenproject.org>
List-Unsubscribe: <https://lists.xenproject.org/mailman/options/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xenproject.org>
List-Help: <mailto:xen-devel-request@lists.xenproject.org?subject=help>
List-Subscribe: <https://lists.xenproject.org/mailman/listinfo/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=subscribe>
Errors-To: xen-devel-bounces@lists.xenproject.org
Precedence: list
Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>
X-Inumbo-ID: 80769162-eff4-11ed-b229-6b7b168915f2
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=GRsdVBXLWggBdeJz9wDXs/c0bpNMEwVxqf8eD7b4kYCdKfyYjJWtNgah0v7RcR+bMpp0KdpJch5HhN2wEUtIxbfbdy1WoObqG2oCiPbCijkScVfqdjRrFUbtIcKYlNb0UeMulNIr7GGwP/omCd7VuhkSBbCqx0dWX3YdJStlIIJntzS/sp2GEtbXX0AUMaCcHqyhazEYU+BQ7rtBoKLjxwNyQV1iyoTzo/Jp4VUw/Lp1dNF/sVQNW4T4Trsa0EdA10DGCAFpF77VTwosQeNAKmGDuoU6K1mPkHlvWNeIQuU/SCr/YSuUwkZlg7vRtHQyKnqmwDayj4XPPbgXNnM96g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=G+zqZGPqfnT5MVrIi37WQFaIf6fuLMsYpLckidDxeS8=;
 b=j8PqPPaOhWr9n9lovQd0CVjd0QwrMmCRNxnOLj7+qF//i8k7Lj/923RH+TuGwzWNOHRcnHSDyAqr3N23gv1F9h5eoyE23VhESUvQMoCorGZv3HPzjI6O6dY558MvmJruEWC1v64IEyRcI3IQqa89EE7hikq0dwqAWKR6JW07yDktb3o3JIjMp7Dz0gcNhE0INtRJDwEdApiaxAuRfHxSuKJTLZs3E74THuK4qA3vE7UT1Q20t2fQmb/bk0D4I0goo+shSDkQSaItFwwLursLwDhxWvo7jEPGVjRByaJbZL6+Gv3t8hPDQlJHnICBcNXhirkf5nd3KHAQrnZXOubN8w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com;
 dkim=pass header.d=suse.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=G+zqZGPqfnT5MVrIi37WQFaIf6fuLMsYpLckidDxeS8=;
 b=X/eaUmwPTaHbbav2G5Q7c8e2osiyFc8R2cVrI3PwdMf6VG8+RvbAwQOJiXjIxJgSgoVtkde8jRWO2Yj4aKTgjaIGvUDqBOAYT8NXxPCE8wPvt8xv0MtcS2ejxs3Dg0H0dRNeE+3UZOjEMLD3LuMlLIj5bskjDzcwB0z03Zy8kAaPfY0Amt/9pLs5SAsTEE3hNTNa76ivuhxeqbQykN6zFbJSzdk8OCQf2Lp3hhFGUnjiuwvrdPl7FWcpiiHjWw5gT/4cN4WSqBt2FJF0W7ilMQkusc2YEfgObqEtJTcm9vdZ8xlTQ/G8HbiSBmteYIK7RyoH3mHD9W5dixWgaNSqYg==
Authentication-Results: dkim=none (message not signed)
 header.d=none;dmarc=none action=none header.from=suse.com;
Message-ID: <118fa3e5-e1ac-ab3e-8b86-1ec751513434@suse.com>
Date: Thu, 11 May 2023 14:08:09 +0200
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101
 Thunderbird/102.10.1
Subject: [PATCH 7/7] x86: don't allow Dom0 access to ELCR ports
Content-Language: en-US
From: Jan Beulich <jbeulich@suse.com>
To: "xen-devel@lists.xenproject.org" <xen-devel@lists.xenproject.org>
Cc: Andrew Cooper <andrew.cooper3@citrix.com>, Wei Liu <wl@xen.org>,
	=?utf-8?q?Roger_Pau_Monn=C3=A9?= <roger.pau@citrix.com>
References: <95129c04-f37c-9e26-e65d-786a1db2f003@suse.com>
In-Reply-To: <95129c04-f37c-9e26-e65d-786a1db2f003@suse.com>
X-ClientProxiedBy: FR0P281CA0102.DEUP281.PROD.OUTLOOK.COM
 (2603:10a6:d10:a9::18) To VE1PR04MB6560.eurprd04.prod.outlook.com
 (2603:10a6:803:122::25)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: VE1PR04MB6560:EE_|DB9PR04MB9500:EE_
X-MS-Office365-Filtering-Correlation-Id: 473e6907-3e34-46d4-d0cb-08db521863e6
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 
	cOZvflC5zg2EVPAOnJ36A7aTTo+8zh2mLLhgqvwgKH5bbUJZTTMJxxDyxukYqHUKmZ4mWfK3VWvu7697nS/3JUpz8dhgjH6eWXXWiQvQR/NCvq/z53tj42Bt3Crq6U1i84KSsM+og4RsN9hzAmddkZMLNHgbqk9YDAbGDOwuox3Uc0cuEPM7elksG32O0UrVzC0dimyC5OiZ83tVnn6Wc5C9O7r2U6m9nqU+WcNgphEVdUBORLig/oyKi1GkoocMsIZQdp+S0HhlwCdyp/KtT7vba8rXkdA7eR/Pts7vigsS5wo8CY+nZAJM4V6wWeP4ahjBIu4DFucmCj96Wsj4I9AqGrvRpjbxLF5A1TWLBnQ6eTlC/xnidjmtcn9WjUoCBfM+O+GuOcB7aETOyHpcjYjWSWgXZGB9BP4Ua9pR8RUIWncCV7Y8x0lGRQyTM0ZupuSX0LUc1aEb2HS83G4IhBp0EBOaRVTbkBiVk00WRIqXdFlMYLo/jc1Fuv73PjdgjDJvYEoTfv1VAHy6OVJ38xyxvjS0xY7V+0SjszYup0Pgl75+hBblsTiyRaMCoE66DIeRJtY4HGS9R9eM1qBwyvWwHd7xN658p8RBCt2AWavGpIqWcszBotGqAEF7pcqjUJt8kaStU58y7KCxgTRP1g==
X-Forefront-Antispam-Report: 
	CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:VE1PR04MB6560.eurprd04.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(366004)(396003)(346002)(136003)(39860400002)(376002)(451199021)(31686004)(6486002)(86362001)(41300700001)(2906002)(31696002)(36756003)(38100700002)(8936002)(8676002)(5660300002)(83380400001)(478600001)(66946007)(4326008)(6916009)(26005)(316002)(2616005)(66476007)(6506007)(54906003)(6512007)(186003)(66556008)(43740500002)(45980500001);DIR:OUT;SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?q?IHSJQX4XoKgnfFwC+6bwo0/OzDZo?=
	=?utf-8?q?1cLjQBfMlmU3uiD4QPUrZpW93yroDzWtf2SOg0IcFwrGKNORQNp0EXz5J5DGuiQRa?=
	=?utf-8?q?1aSf/e64WcbyDnBQFfK6RsA0DZLGzgUqcoyDs3+YHzZXEb23ds4WmeQyhrVvaWVPZ?=
	=?utf-8?q?cMfpba4UgRawpQ+yFaOZx1gz3/bHdPdvswqlKTlUiiUd0oVwapZeuVcN4bRxOLwQf?=
	=?utf-8?q?ovvFL4S/7Lh4FMlW6uhLcnSXkdS8enPnMRPlATphdzRlOaXWuu1L3YU+CAQDABUBk?=
	=?utf-8?q?xWTrgHuv+NQBspurmZZ67IJVc5eESQZKuDMTaY31ndVYh7f9E+irLnfOPRHBOTGLP?=
	=?utf-8?q?TzYXz4P3pf8UDef8VLi9UIPeOwOT363Y1OF/dXuQQU8uKAvdU6gut0N9ETW1Blrs3?=
	=?utf-8?q?/If7qEBJRtnEyMcolIpOBMunveSN5VD0rdEWOh0Tk6HanQ0HwltKCygUplsrWxKVA?=
	=?utf-8?q?QT9x4RewLHAIkzrZbUiQ5IDxR43Tszb69zwlLoFN9fZgCVOJTyGBiYbT8DGzFs7Ac?=
	=?utf-8?q?NBTbFmXx0gXkoPSTQ1Pp71JxFjrvER1Wf/uxWFklBGKT4A+zM4OKoghFOXCBF65No?=
	=?utf-8?q?9AFbfqi2l9fIQDZlxHRMR4QH7+AUknaoY0n9fkN05meMopg9Pv1VnfUI6jiRr3VGU?=
	=?utf-8?q?wXTtjVIHgreWQ7QElSV5IZa3gcumGscxgvYJuJ4X/iGcHsMe8n6Ew/FGGRkNH+jmJ?=
	=?utf-8?q?/ZSUywADT6qVl9xdcV+d5FaPgQa3xD+SdpLHgOigIlWLV+ZrTefek+GhEGibu8hfN?=
	=?utf-8?q?pbpVt1d90sD8zagjtwhv5m57RbnUYPMytjM/n93+6/JlCsGZlV7dB0ms6m9Yyr06x?=
	=?utf-8?q?c/tZspvUHrN9R7dXsOdPHTnRum6CDpeXWBTsjWC+8/sZ0fUk8eNh8rnFqKyVm0Uhm?=
	=?utf-8?q?X+o6CR1L57u2+Hs/Y9ie1YkblJ9js0yIBKplc49UpqjONnGJc/KjGBkdmyRUPDzZk?=
	=?utf-8?q?VxeRlk0as3rO05wBPVsNheNFAY67DMoGJNHnrubSYqtZyCmR8fiosJdLG3cvpyq+9?=
	=?utf-8?q?Cflq0oCIjFTs1nuFHkr0QLxfolDM5FbhXc0yLnopBFvne3YubLBz+qthilq2AqIF9?=
	=?utf-8?q?uM9+J7zX+ZldKeLpBGeHoExQqDtmAGoXg+oEuGqPyLxRIvNoiWMv/NCJfv4MbzYVH?=
	=?utf-8?q?I2Gjgwr9VPXKUx+x++APYVomOQM9eOBqg5OSZyiT0b9hDPrfKzJZmVNgr9jzO05Z1?=
	=?utf-8?q?EQQV8HJ6ihvG0Q53RJnux4ZuhEhk/CGz9oOnP5rtLcstzzmSo4r6gLkJPvASkINx7?=
	=?utf-8?q?i5chvevJ3AURR3GHH4onPgk8MKSY2ySQkteQQxQOQxB5KOamZEwJY2NVxRZsInmZW?=
	=?utf-8?q?SjwByK1kTpaKbs8JVDTxob2sIF1Ae2xFzHcA9Fr1VKAvc6+vWCuNcMw5qDR0MPHWS?=
	=?utf-8?q?BH9XAhw9IcPzSaLdvHlgL87P7FxKkMCGCIIX2f0S5K5Yhktn8C8+xZIkOlP441heM?=
	=?utf-8?q?8rBKEV8C2tC4wp8ojb5bbh8gkPFG+QljUViOXMtOgcgPsHBxRUAfCo6AAniq/G28Z?=
	=?utf-8?q?TPT/sY/smwmZ?=
X-OriginatorOrg: suse.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 473e6907-3e34-46d4-d0cb-08db521863e6
X-MS-Exchange-CrossTenant-AuthSource: VE1PR04MB6560.eurprd04.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 11 May 2023 12:08:11.3268
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: f7a17af6-1c5c-4a36-aa8b-f5be247aa4ba
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 e8g8PXSXfiaE2KZ+sCDJ+yxYt1jxPbZ9xkNcJHErPsuF80VIhnqxJz7LP0HovPSvZk6CaIWDxs8us17YoRRmAw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB9PR04MB9500

Much like the other PIC ports, Dom0 has no business touching these. Even
our own uses are somewhat questionable, as the corresponding IO-APIC
code in Linux is enclosed in a CONFIG_EISA conditional; I don't think
there are any x86-64 EISA systems.

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Roger Pau Monné <roger.pau@citrix.com>
---
RFC: For Linux'es (matching our) construct_default_ioirq_mptable() we
     may need to permit read access at least for PVH, if such default
     table construction is assumed to be sensible there in the first
     place (we assume ACPI and no PIC for PVH Dom0, after all).

RFC: Linux further has ACPI boot code accessing ELCR
     (acpi_pic_sci_set_trigger() and acpi_register_gsi_pic()), which we
     have no equivalent of.

Taken together, perhaps the hiding needs to be limited to PVH Dom0?

--- a/xen/arch/x86/dom0_build.c
+++ b/xen/arch/x86/dom0_build.c
@@ -503,6 +503,9 @@ int __init dom0_setup_permissions(struct
         rc |= ioports_deny_access(d, 0xA0 + offs, 0xA1 + offs);
     }
 
+    /* ELCR of both PICs. */
+    rc |= ioports_deny_access(d, 0x4D0, 0x4D1);
+
     /* Interval Timer (PIT). */
     for ( offs = 0, i = pit_alias_mask & -pit_alias_mask ?: 4;
           offs <= pit_alias_mask; offs += i )