x86/hvm: add length to mmio check op

author Paul Durrant <paul.durrant@citrix.com>

Thu, 9 Jul 2015 17:04:00 +0000 (19:04 +0200)

committer Jan Beulich <jbeulich@suse.com>

Fri, 10 Jul 2015 07:45:29 +0000 (09:45 +0200)
author Paul Durrant <paul.durrant@citrix.com>
Thu, 9 Jul 2015 17:04:00 +0000 (19:04 +0200)
committer Jan Beulich <jbeulich@suse.com>
Fri, 10 Jul 2015 07:45:29 +0000 (09:45 +0200)
diff --git a/xen/arch/x86/hvm/intercept.c b/xen/arch/x86/hvm/intercept.c

index f97ee52ec6d3f7cfafe3bfde02e8269844ea2b11..f4dbf17f31536717cc93a3456a0b1b2a3603cfc0 100644 (file)
--- a/xen/arch/x86/hvm/intercept.c
+++ b/xen/arch/x86/hvm/intercept.c
@@ -35,9 +35,20 @@
  static bool_t hvm_mmio_accept(const struct hvm_io_handler *handler,
                                const ioreq_t *p)
  {
+    paddr_t first = hvm_mmio_first_byte(p);
+    paddr_t last = hvm_mmio_last_byte(p);
+
      BUG_ON(handler->type != IOREQ_TYPE_COPY);
  
-    return handler->mmio.ops->check(current, p->addr);
+    if ( !handler->mmio.ops->check(current, first) )
+        return 0;
+
+    /* Make sure the handler will accept the whole access */
+    if ( p->size > 1 &&
+         !handler->mmio.ops->check(current, last) )
+        domain_crash(current->domain);
+
+    return 1;
  }
  
  static int hvm_mmio_read(const struct hvm_io_handler *handler,
@@ -106,7 +117,8 @@ static const struct hvm_io_ops portio_ops = {
  int hvm_process_io_intercept(const struct hvm_io_handler *handler,
                               ioreq_t *p)
  {
-    struct hvm_vcpu_io *vio = &current->arch.hvm_vcpu.hvm_io;
+    struct vcpu *curr = current;
+    struct hvm_vcpu_io *vio = &curr->arch.hvm_vcpu.hvm_io;
      const struct hvm_io_ops *ops = (p->type == IOREQ_TYPE_COPY) ?
                                     &mmio_ops : &portio_ops;
      int rc = X86EMUL_OKAY, i, step = p->df ? -p->size : p->size;
@@ -215,6 +227,9 @@ int hvm_process_io_intercept(const struct hvm_io_handler *handler,
  
      if ( i != 0 )
      {
+        if ( rc == X86EMUL_UNHANDLEABLE )
+            domain_crash(curr->domain);
+
          p->count = i;
          rc = X86EMUL_OKAY;
      }
@@ -331,7 +346,9 @@ bool_t hvm_mmio_internal(paddr_t gpa)
  {
      ioreq_t p = {
          .type = IOREQ_TYPE_COPY,
-        .addr = gpa
+        .addr = gpa,
+        .count = 1,
+        .size = 1,
      };
  
      return hvm_find_io_handler(&p) != NULL;
diff --git a/xen/include/asm-x86/hvm/io.h b/xen/include/asm-x86/hvm/io.h

index 4594e9128449af95208ad2362d4116e440979555..2b22b50eb2602222bab3506f7bee32be48a7867a 100644 (file)
--- a/xen/include/asm-x86/hvm/io.h
+++ b/xen/include/asm-x86/hvm/io.h
@@ -43,6 +43,22 @@ struct hvm_mmio_ops {
      hvm_mmio_write_t write;
  };
  
+static inline paddr_t hvm_mmio_first_byte(const ioreq_t *p)
+{
+    return p->df ?
+           p->addr - (p->count - 1ul) * p->size :
+           p->addr;
+}
+
+static inline paddr_t hvm_mmio_last_byte(const ioreq_t *p)
+{
+    unsigned long count = p->count;
+
+    return p->df ?
+           p->addr + p->size - 1:
+           p->addr + (count * p->size) - 1;
+}
+
  typedef int (*portio_action_t)(
      int dir, unsigned int port, unsigned int bytes, uint32_t *val);
author	Paul Durrant <paul.durrant@citrix.com>
	Thu, 9 Jul 2015 17:04:00 +0000 (19:04 +0200)
committer	Jan Beulich <jbeulich@suse.com>
	Fri, 10 Jul 2015 07:45:29 +0000 (09:45 +0200)
xen/arch/x86/hvm/intercept.c		patch \| blob \| history
xen/include/asm-x86/hvm/io.h		patch \| blob \| history