From patchwork Mon Aug 12 22:28:43 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefano Stabellini X-Patchwork-Id: 11091293 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id A9437112C for ; Tue, 13 Aug 2019 06:54:18 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9A94327F60 for ; Tue, 13 Aug 2019 06:54:18 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 8F27427FE4; Tue, 13 Aug 2019 06:54:18 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.0 required=2.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 365C52859E for ; Tue, 13 Aug 2019 06:54:18 +0000 (UTC) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1hxQgc-00025p-HU; Tue, 13 Aug 2019 06:53:38 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1hxQgb-000258-2o for xen-devel@lists.xenproject.org; Tue, 13 Aug 2019 06:53:37 +0000 X-Inumbo-ID: 8ddb8072-bd50-11e9-a84e-ebac4160b3f6 Received: from mail.kernel.org (unknown [198.145.29.99]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id 8ddb8072-bd50-11e9-a84e-ebac4160b3f6; Mon, 12 Aug 2019 22:28:49 +0000 (UTC) Received: from sstabellini-ThinkPad-T480s.xilinx.com (c-67-164-102-47.hsd1.ca.comcast.net [67.164.102.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 37255208C2; Mon, 12 Aug 2019 22:28:48 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1565648928; bh=YqKn8gmGY2dQjIORe3HXpvRI5Usi/ROP9j2EUde90d8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=Oy5Hjrgx/ZBjk1flDZWZVYxubXVc2qRJUTkwuIa5I53oe/XLq5M3gRGy5GvQzDXtD 2MehBW9WBuKQTl5dLWflfxvPR8TPb7h9u5Bl79TguWzQ18VbI3rTprkhdaEwDS1L+S qwzzikybUOCxi/sK9vqM9sRz5H5KZsfFJeH2Pd3k= From: Stefano Stabellini To: xen-devel@lists.xenproject.org Date: Mon, 12 Aug 2019 15:28:43 -0700 Message-Id: <20190812222844.9636-6-sstabellini@kernel.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: References: Subject: [Xen-devel] [PATCH v5 6/7] xen/arm: don't iomem_permit_access for reserved-memory regions X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Stefano Stabellini , julien.grall@arm.com, sstabellini@kernel.org, Volodymyr_Babchuk@epam.com MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" X-Virus-Scanned: ClamAV using ClamSMTP Don't allow reserved-memory regions to be remapped into any unprivileged guests, until reserved-memory regions are properly supported in Xen. For now, do not call iomem_permit_access on them, because giving iomem_permit_access to dom0 means that the toolstack will be able to assign the region to a domU. Signed-off-by: Stefano Stabellini --- Changes in v5: - fix check condition - use strnicmp - return error - improve commit message Changes in v4: - compare the parent name with reserved-memory - use dt_node_cmp Changes in v3: - new patch --- xen/arch/arm/domain_build.c | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/xen/arch/arm/domain_build.c b/xen/arch/arm/domain_build.c index 4c8404155a..e0c0c01c88 100644 --- a/xen/arch/arm/domain_build.c +++ b/xen/arch/arm/domain_build.c @@ -1155,15 +1155,23 @@ static int __init map_range_to_domain(const struct dt_device_node *dev, bool need_mapping = !dt_device_for_passthrough(dev); int res; - res = iomem_permit_access(d, paddr_to_pfn(addr), - paddr_to_pfn(PAGE_ALIGN(addr + len - 1))); - if ( res ) + /* + * Don't give iomem permissions for reserved-memory ranges to domUs + * until reserved-memory support is complete. + */ + if ( strnicmp(dt_node_full_name(dev), "/reserved-memory", + strlen("/reserved-memory")) != 0 ) { - printk(XENLOG_ERR "Unable to permit to dom%d access to" - " 0x%"PRIx64" - 0x%"PRIx64"\n", - d->domain_id, - addr & PAGE_MASK, PAGE_ALIGN(addr + len) - 1); - return res; + res = iomem_permit_access(d, paddr_to_pfn(addr), + paddr_to_pfn(PAGE_ALIGN(addr + len - 1))); + if ( res ) + { + printk(XENLOG_ERR "Unable to permit to dom%d access to" + " 0x%"PRIx64" - 0x%"PRIx64"\n", + d->domain_id, + addr & PAGE_MASK, PAGE_ALIGN(addr + len) - 1); + return res; + } } if ( need_mapping )