WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-changelog

[Xen-changelog] [xen-3.2-testing] VT-d: remove Xen and tboot range from

To: xen-changelog@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-changelog] [xen-3.2-testing] VT-d: remove Xen and tboot range from dom0's VT-d table
From: "Xen patchbot-3.2-testing" <patchbot-3.2-testing@xxxxxxxxxxxxxxxxxxx>
Date: Wed, 23 Jul 2008 08:51:15 -0700
Delivery-date: Wed, 23 Jul 2008 08:53:49 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-changelog-request@lists.xensource.com?subject=help>
List-id: BK change log <xen-changelog.lists.xensource.com>
List-post: <mailto:xen-changelog@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=unsubscribe>
Reply-to: xen-devel@xxxxxxxxxxxxxxxxxxx
Sender: xen-changelog-bounces@xxxxxxxxxxxxxxxxxxx
# HG changeset patch
# User Keir Fraser <keir.fraser@xxxxxxxxxx>
# Date 1216376969 -3600
# Node ID f3eb066168077c721d40a9d7966a8b6e74d379c1
# Parent  d6a15d8605c36d483d6a2599c899b48c9478a75a
VT-d: remove Xen and tboot range from dom0's VT-d table

This a step forward to fix the security hole introduced by dom0's 1:1
mapping VT-d table: remove the critical code and data from it. The
more flexible solution is to update dom0's VT-d table on demand as
what will be done for other PV domains. However, there could bring a
performance issue even with software optimization. Iotlb flush of some
hardware is time-consuming.

Signed-off-by: Yang, Xiaowei <xiaowei.yang@xxxxxxxxx>
xen-unstable changeset 17725:c0c0f4fa88509b6f5e4fa9bf0687c7a6df53eeb8
xen-unstable date: Mon May 26 08:24:55 2008 +0100

----------------------------------------------------------------------

Fix 17725:c0c0f4fa8850: use type paddr_t instead of unsigned long for
physcial memory address Otherwise, the address overflows on PAE system
with memory size > 4G.

Signed-off-by: Yang, Xiaowei <xiaowei.yang@xxxxxxxxx>
xen-unstable changeset 17734:e265878e8f657ca532ebe98b5bac233f395f2814
xen-unstable date: Tue May 27 10:35:10 2008 +0100
---
 xen/arch/x86/hvm/vmx/vtd/intel-iommu.c |   16 ++++++++++++++--
 xen/arch/x86/setup.c                   |    8 ++++++++
 xen/arch/x86/tboot.c                   |   12 ++++++++++++
 3 files changed, 34 insertions(+), 2 deletions(-)

diff -r d6a15d8605c3 -r f3eb06616807 xen/arch/x86/hvm/vmx/vtd/intel-iommu.c
--- a/xen/arch/x86/hvm/vmx/vtd/intel-iommu.c    Fri Jul 18 11:28:58 2008 +0100
+++ b/xen/arch/x86/hvm/vmx/vtd/intel-iommu.c    Fri Jul 18 11:29:29 2008 +0100
@@ -1788,7 +1788,7 @@ int iommu_setup(void)
     struct hvm_iommu *hd  = domain_hvm_iommu(dom0);
     struct acpi_drhd_unit *drhd;
     struct iommu *iommu;
-    unsigned long i;
+    u64 i;
 
     if ( !vtd_enabled )
         return 0;
@@ -1814,9 +1814,21 @@ int iommu_setup(void)
     memset(domid_bitmap, 0, domid_bitmap_size / 8);
     set_bit(0, domid_bitmap);
 
-    /* setup 1:1 page table for dom0 */
+    /*
+     * Set up 1:1 page table for dom0 except the critical segments
+     * like Xen and tboot.
+     */
     for ( i = 0; i < max_page; i++ )
+    {
+        extern int xen_in_range(paddr_t start, paddr_t end);
+        extern int tboot_in_range(paddr_t start, paddr_t end);
+
+        if ( xen_in_range(i << PAGE_SHIFT_4K, (i + 1) << PAGE_SHIFT_4K) ||
+            tboot_in_range(i << PAGE_SHIFT_4K, (i + 1) << PAGE_SHIFT_4K) )
+            continue;
+
         iommu_map_page(dom0, i, i);
+    }
 
     if ( init_vtd_hw() )
         goto error;
diff -r d6a15d8605c3 -r f3eb06616807 xen/arch/x86/setup.c
--- a/xen/arch/x86/setup.c      Fri Jul 18 11:28:58 2008 +0100
+++ b/xen/arch/x86/setup.c      Fri Jul 18 11:29:29 2008 +0100
@@ -1082,6 +1082,14 @@ void arch_get_xen_caps(xen_capabilities_
 #endif
 }
 
+int xen_in_range(paddr_t start, paddr_t end)
+{
+    start = max_t(paddr_t, start, xenheap_phys_start);
+    end = min_t(paddr_t, end, xenheap_phys_end);
+ 
+    return start < end; 
+}
+
 /*
  * Local variables:
  * mode: C
diff -r d6a15d8605c3 -r f3eb06616807 xen/arch/x86/tboot.c
--- a/xen/arch/x86/tboot.c      Fri Jul 18 11:28:58 2008 +0100
+++ b/xen/arch/x86/tboot.c      Fri Jul 18 11:29:29 2008 +0100
@@ -96,6 +96,18 @@ int tboot_in_measured_env(void)
     return (g_tboot_shared != NULL);
 }
 
+int tboot_in_range(paddr_t start, paddr_t end)
+{
+    if ( g_tboot_shared == NULL || g_tboot_shared->version < 0x02 )
+        return 0;
+
+    start = max_t(paddr_t, start, g_tboot_shared->tboot_base);
+    end = min_t(paddr_t, end, 
+                g_tboot_shared->tboot_base + g_tboot_shared->tboot_size);
+ 
+    return start < end; 
+}
+
 /*
  * Local variables:
  * mode: C

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog

<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-changelog] [xen-3.2-testing] VT-d: remove Xen and tboot range from dom0's VT-d table, Xen patchbot-3.2-testing <=