From patchwork Fri Mar 4 06:15:47 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Shannon Zhao X-Patchwork-Id: 63528 Delivered-To: patch@linaro.org Received: by 10.112.199.169 with SMTP id jl9csp293005lbc; Thu, 3 Mar 2016 22:22:56 -0800 (PST) X-Received: by 10.140.195.203 with SMTP id q194mr8507393qha.45.1457072576258; Thu, 03 Mar 2016 22:22:56 -0800 (PST) Return-Path: Received: from lists.xenproject.org (lists.xenproject.org. [192.237.175.120]) by mx.google.com with ESMTPS id q67si2318373qgd.110.2016.03.03.22.22.55 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 03 Mar 2016 22:22:56 -0800 (PST) Received-SPF: neutral (google.com: 192.237.175.120 is neither permitted nor denied by best guess record for domain of xen-devel-bounces@lists.xen.org) client-ip=192.237.175.120; Authentication-Results: mx.google.com; spf=neutral (google.com: 192.237.175.120 is neither permitted nor denied by best guess record for domain of xen-devel-bounces@lists.xen.org) smtp.mailfrom=xen-devel-bounces@lists.xen.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xen.org with esmtp (Exim 4.84) (envelope-from ) id 1abj7Q-0007ex-L9; Fri, 04 Mar 2016 06:21:44 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.84) (envelope-from ) id 1abj7P-0007eG-EU for xen-devel@lists.xen.org; Fri, 04 Mar 2016 06:21:43 +0000 Received: from [85.158.139.211] by server-1.bemta-5.messagelabs.com id 3B/13-29419-67929D65; Fri, 04 Mar 2016 06:21:42 +0000 X-Env-Sender: zhaoshenglong@huawei.com X-Msg-Ref: server-12.tower-206.messagelabs.com!1457072499!26773779!1 X-Originating-IP: [119.145.14.66] X-SpamReason: No, hits=0.0 required=7.0 tests=sa_preprocessor: VHJ1c3RlZCBJUDogMTE5LjE0NS4xNC42NiA9PiA4NTI3\n X-StarScan-Received: X-StarScan-Version: 8.11; banners=-,-,- X-VirusChecked: Checked Received: (qmail 33335 invoked from network); 4 Mar 2016 06:21:41 -0000 Received: from szxga03-in.huawei.com (HELO szxga03-in.huawei.com) (119.145.14.66) by server-12.tower-206.messagelabs.com with RC4-SHA encrypted SMTP; 4 Mar 2016 06:21:41 -0000 Received: from 172.24.1.48 (EHLO szxeml428-hub.china.huawei.com) ([172.24.1.48]) by szxrg03-dlp.huawei.com (MOS 4.4.3-GA FastPath queued) with ESMTP id BXG12475; Fri, 04 Mar 2016 14:18:24 +0800 (CST) Received: from HGHY1Z002260041.china.huawei.com (10.177.16.142) by szxeml428-hub.china.huawei.com (10.82.67.183) with Microsoft SMTP Server id 14.3.235.1; Fri, 4 Mar 2016 14:16:35 +0800 From: Shannon Zhao To: Date: Fri, 4 Mar 2016 14:15:47 +0800 Message-ID: <1457072152-16128-18-git-send-email-zhaoshenglong@huawei.com> X-Mailer: git-send-email 1.9.0.msysgit.0 In-Reply-To: <1457072152-16128-1-git-send-email-zhaoshenglong@huawei.com> References: <1457072152-16128-1-git-send-email-zhaoshenglong@huawei.com> MIME-Version: 1.0 X-Originating-IP: [10.177.16.142] X-CFilter-Loop: Reflected X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A090204.56D928B0.0093, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=0.0.0.0, so=2013-05-26 15:14:31, dmn=2013-03-21 17:37:32 X-Mirapoint-Loop-Id: 0a3270ebf580979c09fca34f8fa1f189 Cc: hangaohuai@huawei.com, stefano.stabellini@citrix.com, shannon.zhao@linaro.org, zhaoshenglong@huawei.com Subject: [Xen-devel] [PATCH v5 17/22] arm/gic: Add a new callback to deny Dom0 access to GIC regions X-BeenThere: xen-devel@lists.xen.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xen.org Sender: "Xen-devel" From: Shannon Zhao Add a new member in gic_hw_operations which is used to deny Dom0 access to GIC regions. Signed-off-by: Shannon Zhao --- xen/arch/arm/gic-v2.c | 31 +++++++++++++++++++++++++++++++ xen/arch/arm/gic-v3.c | 44 ++++++++++++++++++++++++++++++++++++++++++++ xen/arch/arm/gic.c | 5 +++++ xen/include/asm-arm/gic.h | 3 +++ 4 files changed, 83 insertions(+) diff --git a/xen/arch/arm/gic-v2.c b/xen/arch/arm/gic-v2.c index 02db5f2..186f944 100644 --- a/xen/arch/arm/gic-v2.c +++ b/xen/arch/arm/gic-v2.c @@ -22,6 +22,7 @@ #include #include #include +#include #include #include #include @@ -714,6 +715,31 @@ static u32 gicv2_make_hwdom_madt(const struct domain *d, u32 offset) return table_len; } +static int gicv2_iomem_deny_access(const struct domain *d) +{ + int rc; + unsigned long gfn, nr; + + gfn = dbase >> PAGE_SHIFT; + rc = iomem_deny_access(d, gfn, gfn + 1); + if ( rc ) + return rc; + + gfn = hbase >> PAGE_SHIFT; + rc = iomem_deny_access(d, gfn, gfn + 1); + if ( rc ) + return rc; + + gfn = cbase >> PAGE_SHIFT; + nr = DIV_ROUND_UP(csize, PAGE_SIZE); + rc = iomem_deny_access(d, gfn, gfn + nr); + if ( rc ) + return rc; + + gfn = vbase >> PAGE_SHIFT; + return iomem_deny_access(d, gfn, gfn + nr); +} + static int __init gic_acpi_parse_madt_cpu(struct acpi_subtable_header *header, const unsigned long end) @@ -809,6 +835,10 @@ static u32 gicv2_make_hwdom_madt(const struct domain *d, u32 offset) { return 0; } +static int gicv2_iomem_deny_access(const struct domain *d) +{ + return 0; +} #endif static int __init gicv2_init(void) @@ -902,6 +932,7 @@ const static struct gic_hw_operations gicv2_ops = { .read_apr = gicv2_read_apr, .make_hwdom_dt_node = gicv2_make_hwdom_dt_node, .make_hwdom_madt = gicv2_make_hwdom_madt, + .iomem_deny_access = gicv2_iomem_deny_access, }; /* Set up the GIC */ diff --git a/xen/arch/arm/gic-v3.c b/xen/arch/arm/gic-v3.c index d9fce4b..67797f2 100644 --- a/xen/arch/arm/gic-v3.c +++ b/xen/arch/arm/gic-v3.c @@ -27,6 +27,7 @@ #include #include #include +#include #include #include #include @@ -1278,6 +1279,44 @@ static u32 gicv3_make_hwdom_madt(const struct domain *d, u32 offset) return table_len; } +static int gicv3_iomem_deny_access(const struct domain *d) +{ + int rc, i; + unsigned long gfn, nr; + + gfn = dbase >> PAGE_SHIFT; + rc = iomem_deny_access(d, gfn, gfn + 1); + if ( rc ) + return rc; + + for ( i = 0; i < gicv3.rdist_count; i++ ) + { + gfn = gicv3.rdist_regions[i].base >> PAGE_SHIFT; + nr = DIV_ROUND_UP(gicv3.rdist_regions[i].size, PAGE_SIZE); + rc = iomem_deny_access(d, gfn, gfn + nr); + if ( rc ) + return rc; + } + + if ( cbase != INVALID_PADDR ) + { + gfn = cbase >> PAGE_SHIFT; + nr = DIV_ROUND_UP(csize, PAGE_SIZE); + rc = iomem_deny_access(d, gfn, gfn + nr); + if ( rc ) + return rc; + } + + if ( vbase != INVALID_PADDR ) + { + gfn = vbase >> PAGE_SHIFT; + nr = DIV_ROUND_UP(csize, PAGE_SIZE); + return iomem_deny_access(d, gfn, gfn + nr); + } + + return 0; +} + static int __init gic_acpi_parse_madt_cpu(struct acpi_subtable_header *header, const unsigned long end) @@ -1426,6 +1465,10 @@ static u32 gicv3_make_hwdom_madt(const struct domain *d, u32 offset) { return 0; } +static int gicv3_iomem_deny_access(const struct domain *d) +{ + return 0; +} #endif /* Set up the GIC */ @@ -1521,6 +1564,7 @@ static const struct gic_hw_operations gicv3_ops = { .secondary_init = gicv3_secondary_cpu_init, .make_hwdom_dt_node = gicv3_make_hwdom_dt_node, .make_hwdom_madt = gicv3_make_hwdom_madt, + .iomem_deny_access = gicv3_iomem_deny_access, }; static int __init gicv3_dt_preinit(struct dt_device_node *node, const void *data) diff --git a/xen/arch/arm/gic.c b/xen/arch/arm/gic.c index 6d32432..65022ee 100644 --- a/xen/arch/arm/gic.c +++ b/xen/arch/arm/gic.c @@ -744,6 +744,11 @@ u32 gic_make_hwdom_madt(const struct domain *d, u32 offset) return gic_hw_ops->make_hwdom_madt(d, offset); } +int gic_iomem_deny_access(const struct domain *d) +{ + return gic_hw_ops->iomem_deny_access(d); +} + /* * Local variables: * mode: C diff --git a/xen/include/asm-arm/gic.h b/xen/include/asm-arm/gic.h index 4cf003d..932fc02 100644 --- a/xen/include/asm-arm/gic.h +++ b/xen/include/asm-arm/gic.h @@ -360,6 +360,8 @@ struct gic_hw_operations { const struct dt_device_node *gic, void *fdt); /* Create MADT table for the hardware domain */ u32 (*make_hwdom_madt)(const struct domain *d, u32 offset); + /* Deny access to GIC regions */ + int (*iomem_deny_access)(const struct domain *d); }; void register_gic_ops(const struct gic_hw_operations *ops); @@ -367,6 +369,7 @@ int gic_make_hwdom_dt_node(const struct domain *d, const struct dt_device_node *gic, void *fdt); u32 gic_make_hwdom_madt(const struct domain *d, u32 offset); +int gic_iomem_deny_access(const struct domain *d); #endif /* __ASSEMBLY__ */ #endif