projects / xen.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 893feaf)
Blacklist memory-mapped APIC-register pages in the domain0
authorkaf24@firebug.cl.cam.ac.uk <kaf24@firebug.cl.cam.ac.uk>
Thu, 2 Feb 2006 14:10:27 +0000 (15:10 +0100)
committerkaf24@firebug.cl.cam.ac.uk <kaf24@firebug.cl.cam.ac.uk>
Thu, 2 Feb 2006 14:10:27 +0000 (15:10 +0100)
iomem capability list.

Signed-off-by: Keir Fraser <keir@xensource.com>
xen/arch/x86/domain_build.c patch | blob | history

diff --git a/xen/arch/x86/domain_build.c b/xen/arch/x86/domain_build.c
index 843baa9827c0665312cea9261ba50fd6b35ec173..90497f19cd3268ff5c3ad77f8e33f4d59f81b8e7 100644 (file)
--- a/xen/arch/x86/domain_build.c
+++ b/xen/arch/x86/domain_build.c
@@ -755,28 +755,45 @@ int construct_dom0(struct domain *d,
         printk("dom0: shadow setup done\n");
     }
 
-    i = 0;
+    rc = 0;
 
     /* DOM0 is permitted full I/O capabilities. */
-    i |= ioports_permit_access(dom0, 0, 0xFFFF);
-    i |= iomem_permit_access(dom0, 0UL, ~0UL);
-    i |= irqs_permit_access(dom0, 0, NR_PIRQS-1);
+    rc |= ioports_permit_access(dom0, 0, 0xFFFF);
+    rc |= iomem_permit_access(dom0, 0UL, ~0UL);
+    rc |= irqs_permit_access(dom0, 0, NR_PIRQS-1);
 
     /*
      * Modify I/O port access permissions.
      */
     /* Master Interrupt Controller (PIC). */
-    i |= ioports_deny_access(dom0, 0x20, 0x21);
+    rc |= ioports_deny_access(dom0, 0x20, 0x21);
     /* Slave Interrupt Controller (PIC). */
-    i |= ioports_deny_access(dom0, 0xA0, 0xA1);
+    rc |= ioports_deny_access(dom0, 0xA0, 0xA1);
     /* Interval Timer (PIT). */
-    i |= ioports_deny_access(dom0, 0x40, 0x43);
+    rc |= ioports_deny_access(dom0, 0x40, 0x43);
     /* PIT Channel 2 / PC Speaker Control. */
-    i |= ioports_deny_access(dom0, 0x61, 0x61);
+    rc |= ioports_deny_access(dom0, 0x61, 0x61);
     /* Command-line I/O ranges. */
     process_dom0_ioports_disable();
 
-    BUG_ON(i != 0);
+    /*
+     * Modify I/O memory access permissions.
+     */
+    /* Local APIC. */
+    if ( mp_lapic_addr != 0 )
+    {
+        mfn = paddr_to_pfn(mp_lapic_addr);
+        rc |= iomem_deny_access(dom0, mfn, mfn);
+    }
+    /* I/O APICs. */
+    for ( i = 0; i < nr_ioapics; i++ )
+    {
+        mfn = paddr_to_pfn(mp_ioapics[i].mpc_apicaddr);
+        if ( smp_found_config )
+            rc |= iomem_deny_access(dom0, mfn, mfn);
+    }
+
+    BUG_ON(rc != 0);
 
     return 0;
 }
Unnamed repository; edit this file 'description' to name the repository.