| Message ID | 20160905101401.7003-6-temkink@ainfosec.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On Mon, Sep 05, 2016 at 06:14:00AM -0400, Kyle Temkin wrote: > From: "Kyle J. Temkin" <temkink@ainfosec.com> > > The addition of new IRQ-related platform hooks now allow platforms to > perform platform-specific interrupt logic; allowing e.g. virtualization > of platform-specific interrupt controller hardware. > > This commit adds the ability to for the platform to identify the domain > a given IRQ routes to, allowing platform logic to e.g. deny access to > registers associated with a given IRQ unless the requesting domain > 'owns' the IRQ. This will be used on Tegra platforms, where the hardware > domain needs access to its legacy interrupt controller, but should not > be able to control registers that correspond to other domains' IRQs, or > sections associated with IRQs routed to Xen. > > Signed-off-by: Kyle Temkin <temkink@ainfosec.com> > --- > xen/arch/arm/irq.c | 10 ++++++++++ > xen/include/asm-arm/irq.h | 2 ++ > 2 files changed, 12 insertions(+) > > diff --git a/xen/arch/arm/irq.c b/xen/arch/arm/irq.c > index dc42817..c6e1a24 100644 > --- a/xen/arch/arm/irq.c > +++ b/xen/arch/arm/irq.c > @@ -144,6 +144,16 @@ static inline struct domain *irq_get_domain(struct irq_desc *desc) > return irq_get_guest_info(desc)->d; > } > > +domid_t irq_get_domain_id(struct irq_desc *desc) > +{ > + // If this domain isn't routed to a guest, return DOMID_XEN. So that is some odd style > + if(!test_bit(_IRQ_GUEST, &desc->status)) Ditto here? I think your v1 should have at least these fixed.. > + return DOMID_XEN; > + > + // Otherise, get the guest domain's information. > + return irq_get_domain(desc)->domain_id; > +} > + > void irq_set_affinity(struct irq_desc *desc, const cpumask_t *cpu_mask) > { > if ( desc != NULL ) > diff --git a/xen/include/asm-arm/irq.h b/xen/include/asm-arm/irq.h > index 8f7a167..55300a8 100644 > --- a/xen/include/asm-arm/irq.h > +++ b/xen/include/asm-arm/irq.h > @@ -45,6 +45,8 @@ int route_irq_to_guest(struct domain *d, unsigned int virq, > unsigned int irq, const char *devname); > int release_guest_irq(struct domain *d, unsigned int irq); > > +domid_t irq_get_domain_id(struct irq_desc *desc); > + > void arch_move_irqs(struct vcpu *v); > > #define arch_evtchn_bind_pirq(d, pirq) ((void)((d) + (pirq))) > -- > 2.9.2 > > > _______________________________________________ > Xen-devel mailing list > Xen-devel@lists.xen.org > https://lists.xen.org/xen-devel
On Fri, 16 Sep 2016, Konrad Rzeszutek Wilk wrote: > On Mon, Sep 05, 2016 at 06:14:00AM -0400, Kyle Temkin wrote: > > From: "Kyle J. Temkin" <temkink@ainfosec.com> > > > > The addition of new IRQ-related platform hooks now allow platforms to > > perform platform-specific interrupt logic; allowing e.g. virtualization > > of platform-specific interrupt controller hardware. > > > > This commit adds the ability to for the platform to identify the domain > > a given IRQ routes to, allowing platform logic to e.g. deny access to > > registers associated with a given IRQ unless the requesting domain > > 'owns' the IRQ. This will be used on Tegra platforms, where the hardware > > domain needs access to its legacy interrupt controller, but should not > > be able to control registers that correspond to other domains' IRQs, or > > sections associated with IRQs routed to Xen. > > > > Signed-off-by: Kyle Temkin <temkink@ainfosec.com> > > --- > > xen/arch/arm/irq.c | 10 ++++++++++ > > xen/include/asm-arm/irq.h | 2 ++ > > 2 files changed, 12 insertions(+) > > > > diff --git a/xen/arch/arm/irq.c b/xen/arch/arm/irq.c > > index dc42817..c6e1a24 100644 > > --- a/xen/arch/arm/irq.c > > +++ b/xen/arch/arm/irq.c > > @@ -144,6 +144,16 @@ static inline struct domain *irq_get_domain(struct irq_desc *desc) > > return irq_get_guest_info(desc)->d; > > } > > > > +domid_t irq_get_domain_id(struct irq_desc *desc) > > +{ > > + // If this domain isn't routed to a guest, return DOMID_XEN. > > So that is some odd style > > + if(!test_bit(_IRQ_GUEST, &desc->status)) > > Ditto here? > > I think your v1 should have at least these fixed.. Didn't we have checkpatch.pl somewhere for Xen? Anyway, with these two small issues fixed: Reviewed-by: Stefano Stabellini <sstabellini@kernel.org> > > + return DOMID_XEN; > > + > > + // Otherise, get the guest domain's information. > > + return irq_get_domain(desc)->domain_id; > > +} > > + > > void irq_set_affinity(struct irq_desc *desc, const cpumask_t *cpu_mask) > > { > > if ( desc != NULL ) > > diff --git a/xen/include/asm-arm/irq.h b/xen/include/asm-arm/irq.h > > index 8f7a167..55300a8 100644 > > --- a/xen/include/asm-arm/irq.h > > +++ b/xen/include/asm-arm/irq.h > > @@ -45,6 +45,8 @@ int route_irq_to_guest(struct domain *d, unsigned int virq, > > unsigned int irq, const char *devname); > > int release_guest_irq(struct domain *d, unsigned int irq); > > > > +domid_t irq_get_domain_id(struct irq_desc *desc); > > + > > void arch_move_irqs(struct vcpu *v); > > > > #define arch_evtchn_bind_pirq(d, pirq) ((void)((d) + (pirq))) > > -- > > 2.9.2 > > > > > > _______________________________________________ > > Xen-devel mailing list > > Xen-devel@lists.xen.org > > https://lists.xen.org/xen-devel >
diff --git a/xen/arch/arm/irq.c b/xen/arch/arm/irq.c index dc42817..c6e1a24 100644 --- a/xen/arch/arm/irq.c +++ b/xen/arch/arm/irq.c @@ -144,6 +144,16 @@ static inline struct domain *irq_get_domain(struct irq_desc *desc) return irq_get_guest_info(desc)->d; } +domid_t irq_get_domain_id(struct irq_desc *desc) +{ + // If this domain isn't routed to a guest, return DOMID_XEN. + if(!test_bit(_IRQ_GUEST, &desc->status)) + return DOMID_XEN; + + // Otherise, get the guest domain's information. + return irq_get_domain(desc)->domain_id; +} + void irq_set_affinity(struct irq_desc *desc, const cpumask_t *cpu_mask) { if ( desc != NULL ) diff --git a/xen/include/asm-arm/irq.h b/xen/include/asm-arm/irq.h index 8f7a167..55300a8 100644 --- a/xen/include/asm-arm/irq.h +++ b/xen/include/asm-arm/irq.h @@ -45,6 +45,8 @@ int route_irq_to_guest(struct domain *d, unsigned int virq, unsigned int irq, const char *devname); int release_guest_irq(struct domain *d, unsigned int irq); +domid_t irq_get_domain_id(struct irq_desc *desc); + void arch_move_irqs(struct vcpu *v); #define arch_evtchn_bind_pirq(d, pirq) ((void)((d) + (pirq)))