[Xen-devel] [PATCH 1/4] ioports: disable ioports in dom0 at boot-time

[lists-xen@xxxxxxxx]

1/3

-- 
Jody Belka
knew (at) pimb (dot) org

# HG changeset patch
# User jmb@xxxxxxxxxxxxxxxxxxxxx
# Node ID 9e1a127dc366ec3359471feffb7e12a46bd16687
# Parent  0cae0c6436f5fa49ab42f72ea90373cc5884d93a
Add boot-time support for disabling ioport ranges in dom0

This patch adds a new boot parameter, dom0_ioports_disable, which
accepts a comma seperated list of hex ioports and/or ioport ranges
(eg. dom0_ioports_disable=02f8-02ff,03f8-03ff), and applies them to dom0.

Signed-off-by: Jody Belka <knew (at) pimb (dot) org>

diff -r 0cae0c6436f5 -r 9e1a127dc366 xen/arch/x86/domain_build.c
--- a/xen/arch/x86/domain_build.c       Sat Nov  5 10:30:01 2005
+++ b/xen/arch/x86/domain_build.c       Sun Nov  6 01:13:42 2005
@@ -56,6 +56,9 @@
 static unsigned int opt_dom0_translate = 0;
 boolean_param("dom0_translate", opt_dom0_translate);
 
+static char opt_dom0_ioports_disable[200] = "";
+string_param("dom0_ioports_disable", opt_dom0_ioports_disable);
+
 #if defined(__i386__)
 /* No ring-3 access in initial leaf page tables. */
 #define L1_PROT (_PAGE_PRESENT|_PAGE_RW|_PAGE_ACCESSED)
@@ -89,6 +92,51 @@
         if ( order-- == 0 )
             break;
     return page;
+}
+
+static void process_dom0_ioports_disable()
+{
+    unsigned long io_from, io_to, io_nr;
+    char *t, *u, *s = opt_dom0_ioports_disable;
+
+    if (*s == '\0') return;
+    for (; (t = strsep(&s, ",")) != NULL;)
+    {
+        if ( *t == '\n' ) continue;
+       
+        io_from = simple_strtoul(t, &u, 16);
+        if ( u == t || *u != '-' )
+        {
+            printk("Invalid ioport range <%s> "
+                   "in dom0_ioports_disable, skipping\n", t);
+            continue;
+        }
+       
+        if ( u == s - 1 )
+            io_to = io_from;
+        else
+            io_to = simple_strtoul(u + 1, &u, 16);
+       
+        if ( *u != '\0' || io_to < io_from )
+        {
+            printk("Invalid ioport range <%s> "
+                   "in dom0_ioports_disable, skipping\n", t);
+            continue;
+        }
+       
+        if ( (io_from + io_to) >= 65536 )
+        {
+            printk("Invalid ioport range <%s> "
+                   "in dom0_ioports_disable, skipping\n", t);
+            continue;
+        }
+       
+        printk("Disabling access to ioport range %04lx-%04lx from dom0\n",
+            io_from, io_to);
+       
+        io_nr = io_to - io_from + 1;
+        physdev_modify_ioport_access_range(dom0, 0, io_from, io_nr);
+    }
 }
 
 int construct_dom0(struct domain *d,
@@ -716,6 +764,8 @@
     physdev_modify_ioport_access_range(dom0, 0, 0x40, 4);
     /* PIT Channel 2 / PC Speaker Control. */
     physdev_modify_ioport_access_range(dom0, 0, 0x61, 1);
+    /* Command-line passed i/o ranges */
+    process_dom0_ioports_disable();
 
     return 0;
 }

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel