 Home |
Products |
Support |
Community |
News |
xen-devel
[Xen-devel] [PATCH] Patchset to protect guest ROM areas from R/W access.
| To: | xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxx>, "Keir Fraser" <keir.fraser@xxxxxxxxxxxxx> |
|---|---|
| Subject: | [Xen-devel] [PATCH] Patchset to protect guest ROM areas from R/W access. |
| From: | "Trolle Selander" <trolle.selander@xxxxxxxxx> |
| Date: | Thu, 10 Jul 2008 14:40:33 +0100 |
| Cc: | |
| Delivery-date: | Thu, 10 Jul 2008 06:41:03 -0700 |
| Dkim-signature: | v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:mime-version:content-type; bh=v+tU/6VANQHkDI5k1foSh7+kSxXGp2JhShNozn5ypI0=; b=LtXxbMA1AERHeOBBI5aTc3MGhFblK/kM8pgnMXIjvbTXgOU949l+uKMgJC1PWJT74r /MxYicIUInN+pNimIPLCTgzFlTXQQACzyIOo08+mHaHQM1cZTLYVzegMiVC9wiFD40aT kn6iOswBfNoZQMXiJY749KcFHe2F1tfx04Xig= |
| Domainkey-signature: | a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:mime-version:content-type; b=dZoRScisK17qhoyViAv5fJ1muarEMQGBvDJnS2dsHdMD3m0qgyWhYGOR1JRgsDyyzY hfjkx+bFdWzUUJ63kpMH5qi1n8wp0vnsNFCrMFpuLfRDC+SD4vSdtryctT1Zqsi8xeBT 5FcTae0sXwOl3Y/TS4iip4bcYE5xu7NxNM15I= |
| Envelope-to: | www-data@xxxxxxxxxxxxxxxxxxx |
| List-help: | <mailto:xen-devel-request@lists.xensource.com?subject=help> |
| List-id: | Xen developer discussion <xen-devel.lists.xensource.com> |
| List-post: | <mailto:xen-devel@lists.xensource.com> |
| List-subscribe: | <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe> |
| List-unsubscribe: | <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe> |
| Sender: | xen-devel-bounces@xxxxxxxxxxxxxxxxxxx |
|
This is a set of patches to protect guest ROM areas by making them actually be read-only. xen_handle_p2m_type_ro.patch: This makes writes to pages with p2m_ram_ro stop falling through to the device model, and instead writes get logged but discarded. xen_hvmop_set_mem_type.patch: This adds a new command, "set_mem_type" to the hvmop hypercall which allows marking ram page ranges as ro, rw, or mmio_dm. ioemu_xen_platform.patch This adds functionality to the xen platform device to enable a guest to set/unset the RO state of ROM. A guest can enable or disable RW access to the ROM range ( 0xc0000-0xfffff ) by writing to the lowermost io port of the xen platform device. This port now provides access to a flags register, which currently only has one flag bit, namely bit 0, to set/clear write access to the ROM range. This patch should apply to both the old ioemu tree or the new upstream-merged git tree. xen_firmware_make_ROM_ro.patch This adds changes to hvmloader and rombios to make use of the above platform_device functionality to write-protect ROM areas. This is somewhat ugly, but unfortunately the virtual bios has grown to rely on being able to self-modify. At a later stage, I'm going to try to remove any self-modifying bits on the rombios and move any such post-load modifications into hvmloader, so that hvmloader can handle the ROM locking, which would be cleaner. Signed-off-by: Trolle Selander <trolle.selander@xxxxxxxxxxxxx>
_______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | RE: [Xen-devel] ioemu build failure with GCC > 4.3, Ross Philipson |
|---|---|
| Next by Date: | [Xen-devel] [PATCH] stubdom: Fixes for gcc 4.2.4 32bit, Samuel Thibault |
| Previous by Thread: | [Xen-devel] [PATCH] PV-GRUB: xfs support, Samuel Thibault |
| Next by Thread: | [Xen-devel] Re: [PATCH] Patchset to protect guest ROM areas from R/W access., Trolle Selander |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
