Message ID | 1458913735-2678-18-git-send-email-shannon.zhao@linaro.org (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
On Fri, 25 Mar 2016, Shannon Zhao wrote: > Add a new member in gic_hw_operations which is used to deny Dom0 access > to GIC regions. > > Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org> Reviewed-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com> > v7: move them out of CONFIG_ACPI > --- > xen/arch/arm/gic-v2.c | 27 +++++++++++++++++++++++++++ > xen/arch/arm/gic-v3.c | 41 +++++++++++++++++++++++++++++++++++++++++ > xen/arch/arm/gic.c | 5 +++++ > xen/include/asm-arm/gic.h | 3 +++ > 4 files changed, 76 insertions(+) > > diff --git a/xen/arch/arm/gic-v2.c b/xen/arch/arm/gic-v2.c > index 38e3216..450755f 100644 > --- a/xen/arch/arm/gic-v2.c > +++ b/xen/arch/arm/gic-v2.c > @@ -22,6 +22,7 @@ > #include <xen/init.h> > #include <xen/mm.h> > #include <xen/irq.h> > +#include <xen/iocap.h> > #include <xen/sched.h> > #include <xen/errno.h> > #include <xen/softirq.h> > @@ -684,6 +685,31 @@ static void __init gicv2_dt_init(void) > csize, vsize); > } > > +static int gicv2_iomem_deny_access(const struct domain *d) > +{ > + int rc; > + unsigned long gfn, nr; > + > + gfn = dbase >> PAGE_SHIFT; > + rc = iomem_deny_access(d, gfn, gfn + 1); > + if ( rc ) > + return rc; > + > + gfn = hbase >> PAGE_SHIFT; > + rc = iomem_deny_access(d, gfn, gfn + 1); > + if ( rc ) > + return rc; > + > + gfn = cbase >> PAGE_SHIFT; > + nr = DIV_ROUND_UP(csize, PAGE_SIZE); > + rc = iomem_deny_access(d, gfn, gfn + nr); > + if ( rc ) > + return rc; > + > + gfn = vbase >> PAGE_SHIFT; > + return iomem_deny_access(d, gfn, gfn + nr); > +} > + > #ifdef CONFIG_ACPI > static int gicv2_make_hwdom_madt(const struct domain *d, u32 offset) > { > @@ -910,6 +936,7 @@ const static struct gic_hw_operations gicv2_ops = { > .read_apr = gicv2_read_apr, > .make_hwdom_dt_node = gicv2_make_hwdom_dt_node, > .make_hwdom_madt = gicv2_make_hwdom_madt, > + .iomem_deny_access = gicv2_iomem_deny_access, > }; > > /* Set up the GIC */ > diff --git a/xen/arch/arm/gic-v3.c b/xen/arch/arm/gic-v3.c > index 52ee23c..a095064 100644 > --- a/xen/arch/arm/gic-v3.c > +++ b/xen/arch/arm/gic-v3.c > @@ -27,6 +27,7 @@ > #include <xen/cpu.h> > #include <xen/mm.h> > #include <xen/irq.h> > +#include <xen/iocap.h> > #include <xen/sched.h> > #include <xen/errno.h> > #include <xen/delay.h> > @@ -1235,6 +1236,45 @@ static void __init gicv3_dt_init(void) > &vbase, &vsize); > } > > +static int gicv3_iomem_deny_access(const struct domain *d) > +{ > + int rc, i; > + unsigned long gfn, nr; > + > + gfn = dbase >> PAGE_SHIFT; > + nr = DIV_ROUND_UP(SZ_64K, PAGE_SIZE); > + rc = iomem_deny_access(d, gfn, gfn + nr); > + if ( rc ) > + return rc; > + > + for ( i = 0; i < gicv3.rdist_count; i++ ) > + { > + gfn = gicv3.rdist_regions[i].base >> PAGE_SHIFT; > + nr = DIV_ROUND_UP(gicv3.rdist_regions[i].size, PAGE_SIZE); > + rc = iomem_deny_access(d, gfn, gfn + nr); > + if ( rc ) > + return rc; > + } > + > + if ( cbase != INVALID_PADDR ) > + { > + gfn = cbase >> PAGE_SHIFT; > + nr = DIV_ROUND_UP(csize, PAGE_SIZE); > + rc = iomem_deny_access(d, gfn, gfn + nr); > + if ( rc ) > + return rc; > + } > + > + if ( vbase != INVALID_PADDR ) > + { > + gfn = vbase >> PAGE_SHIFT; > + nr = DIV_ROUND_UP(csize, PAGE_SIZE); > + return iomem_deny_access(d, gfn, gfn + nr); > + } > + > + return 0; > +} > + > #ifdef CONFIG_ACPI > static int gicv3_make_hwdom_madt(const struct domain *d, u32 offset) > { > @@ -1530,6 +1570,7 @@ static const struct gic_hw_operations gicv3_ops = { > .secondary_init = gicv3_secondary_cpu_init, > .make_hwdom_dt_node = gicv3_make_hwdom_dt_node, > .make_hwdom_madt = gicv3_make_hwdom_madt, > + .iomem_deny_access = gicv3_iomem_deny_access, > }; > > static int __init gicv3_dt_preinit(struct dt_device_node *node, const void *data) > diff --git a/xen/arch/arm/gic.c b/xen/arch/arm/gic.c > index b3c1eb3..2bfe4de 100644 > --- a/xen/arch/arm/gic.c > +++ b/xen/arch/arm/gic.c > @@ -744,6 +744,11 @@ int gic_make_hwdom_madt(const struct domain *d, u32 offset) > return gic_hw_ops->make_hwdom_madt(d, offset); > } > > +int gic_iomem_deny_access(const struct domain *d) > +{ > + return gic_hw_ops->iomem_deny_access(d); > +} > + > /* > * Local variables: > * mode: C > diff --git a/xen/include/asm-arm/gic.h b/xen/include/asm-arm/gic.h > index 8130136..cd97bb2 100644 > --- a/xen/include/asm-arm/gic.h > +++ b/xen/include/asm-arm/gic.h > @@ -360,6 +360,8 @@ struct gic_hw_operations { > const struct dt_device_node *gic, void *fdt); > /* Create MADT table for the hardware domain */ > int (*make_hwdom_madt)(const struct domain *d, u32 offset); > + /* Deny access to GIC regions */ > + int (*iomem_deny_access)(const struct domain *d); > }; > > void register_gic_ops(const struct gic_hw_operations *ops); > @@ -367,6 +369,7 @@ int gic_make_hwdom_dt_node(const struct domain *d, > const struct dt_device_node *gic, > void *fdt); > int gic_make_hwdom_madt(const struct domain *d, u32 offset); > +int gic_iomem_deny_access(const struct domain *d); > > #endif /* __ASSEMBLY__ */ > #endif > -- > 2.1.4 >
Hi Shannon, On 25/03/16 13:48, Shannon Zhao wrote: > Add a new member in gic_hw_operations which is used to deny Dom0 access > to GIC regions. > > Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org> Acked-by: Julien Grall <julien.grall@arm.com> Regards,
diff --git a/xen/arch/arm/gic-v2.c b/xen/arch/arm/gic-v2.c index 38e3216..450755f 100644 --- a/xen/arch/arm/gic-v2.c +++ b/xen/arch/arm/gic-v2.c @@ -22,6 +22,7 @@ #include <xen/init.h> #include <xen/mm.h> #include <xen/irq.h> +#include <xen/iocap.h> #include <xen/sched.h> #include <xen/errno.h> #include <xen/softirq.h> @@ -684,6 +685,31 @@ static void __init gicv2_dt_init(void) csize, vsize); } +static int gicv2_iomem_deny_access(const struct domain *d) +{ + int rc; + unsigned long gfn, nr; + + gfn = dbase >> PAGE_SHIFT; + rc = iomem_deny_access(d, gfn, gfn + 1); + if ( rc ) + return rc; + + gfn = hbase >> PAGE_SHIFT; + rc = iomem_deny_access(d, gfn, gfn + 1); + if ( rc ) + return rc; + + gfn = cbase >> PAGE_SHIFT; + nr = DIV_ROUND_UP(csize, PAGE_SIZE); + rc = iomem_deny_access(d, gfn, gfn + nr); + if ( rc ) + return rc; + + gfn = vbase >> PAGE_SHIFT; + return iomem_deny_access(d, gfn, gfn + nr); +} + #ifdef CONFIG_ACPI static int gicv2_make_hwdom_madt(const struct domain *d, u32 offset) { @@ -910,6 +936,7 @@ const static struct gic_hw_operations gicv2_ops = { .read_apr = gicv2_read_apr, .make_hwdom_dt_node = gicv2_make_hwdom_dt_node, .make_hwdom_madt = gicv2_make_hwdom_madt, + .iomem_deny_access = gicv2_iomem_deny_access, }; /* Set up the GIC */ diff --git a/xen/arch/arm/gic-v3.c b/xen/arch/arm/gic-v3.c index 52ee23c..a095064 100644 --- a/xen/arch/arm/gic-v3.c +++ b/xen/arch/arm/gic-v3.c @@ -27,6 +27,7 @@ #include <xen/cpu.h> #include <xen/mm.h> #include <xen/irq.h> +#include <xen/iocap.h> #include <xen/sched.h> #include <xen/errno.h> #include <xen/delay.h> @@ -1235,6 +1236,45 @@ static void __init gicv3_dt_init(void) &vbase, &vsize); } +static int gicv3_iomem_deny_access(const struct domain *d) +{ + int rc, i; + unsigned long gfn, nr; + + gfn = dbase >> PAGE_SHIFT; + nr = DIV_ROUND_UP(SZ_64K, PAGE_SIZE); + rc = iomem_deny_access(d, gfn, gfn + nr); + if ( rc ) + return rc; + + for ( i = 0; i < gicv3.rdist_count; i++ ) + { + gfn = gicv3.rdist_regions[i].base >> PAGE_SHIFT; + nr = DIV_ROUND_UP(gicv3.rdist_regions[i].size, PAGE_SIZE); + rc = iomem_deny_access(d, gfn, gfn + nr); + if ( rc ) + return rc; + } + + if ( cbase != INVALID_PADDR ) + { + gfn = cbase >> PAGE_SHIFT; + nr = DIV_ROUND_UP(csize, PAGE_SIZE); + rc = iomem_deny_access(d, gfn, gfn + nr); + if ( rc ) + return rc; + } + + if ( vbase != INVALID_PADDR ) + { + gfn = vbase >> PAGE_SHIFT; + nr = DIV_ROUND_UP(csize, PAGE_SIZE); + return iomem_deny_access(d, gfn, gfn + nr); + } + + return 0; +} + #ifdef CONFIG_ACPI static int gicv3_make_hwdom_madt(const struct domain *d, u32 offset) { @@ -1530,6 +1570,7 @@ static const struct gic_hw_operations gicv3_ops = { .secondary_init = gicv3_secondary_cpu_init, .make_hwdom_dt_node = gicv3_make_hwdom_dt_node, .make_hwdom_madt = gicv3_make_hwdom_madt, + .iomem_deny_access = gicv3_iomem_deny_access, }; static int __init gicv3_dt_preinit(struct dt_device_node *node, const void *data) diff --git a/xen/arch/arm/gic.c b/xen/arch/arm/gic.c index b3c1eb3..2bfe4de 100644 --- a/xen/arch/arm/gic.c +++ b/xen/arch/arm/gic.c @@ -744,6 +744,11 @@ int gic_make_hwdom_madt(const struct domain *d, u32 offset) return gic_hw_ops->make_hwdom_madt(d, offset); } +int gic_iomem_deny_access(const struct domain *d) +{ + return gic_hw_ops->iomem_deny_access(d); +} + /* * Local variables: * mode: C diff --git a/xen/include/asm-arm/gic.h b/xen/include/asm-arm/gic.h index 8130136..cd97bb2 100644 --- a/xen/include/asm-arm/gic.h +++ b/xen/include/asm-arm/gic.h @@ -360,6 +360,8 @@ struct gic_hw_operations { const struct dt_device_node *gic, void *fdt); /* Create MADT table for the hardware domain */ int (*make_hwdom_madt)(const struct domain *d, u32 offset); + /* Deny access to GIC regions */ + int (*iomem_deny_access)(const struct domain *d); }; void register_gic_ops(const struct gic_hw_operations *ops); @@ -367,6 +369,7 @@ int gic_make_hwdom_dt_node(const struct domain *d, const struct dt_device_node *gic, void *fdt); int gic_make_hwdom_madt(const struct domain *d, u32 offset); +int gic_iomem_deny_access(const struct domain *d); #endif /* __ASSEMBLY__ */ #endif
Add a new member in gic_hw_operations which is used to deny Dom0 access to GIC regions. Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org> --- v7: move them out of CONFIG_ACPI --- xen/arch/arm/gic-v2.c | 27 +++++++++++++++++++++++++++ xen/arch/arm/gic-v3.c | 41 +++++++++++++++++++++++++++++++++++++++++ xen/arch/arm/gic.c | 5 +++++ xen/include/asm-arm/gic.h | 3 +++ 4 files changed, 76 insertions(+)