From 300bb048ca313da7edbf0cef8e6998ca3be5dc2c Mon Sep 17 00:00:00 2001 From: Jan Beulich Date: Thu, 3 Dec 2015 15:32:30 +0100 Subject: [PATCH] x86/PCI: make all config space writes subject to XSM checking Now that we intercept them all, there's no reason not to also uniformly hand them to XSM. Reads (which are expected to be of less interest) get handled as before (MMCFG accesses un-audited). Signed-off-by: Jan Beulich Acked-by: Daniel De Graaf Acked-by: Andrew Cooper --- xen/arch/x86/pci.c | 8 +++++++- xen/arch/x86/traps.c | 8 +++----- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/xen/arch/x86/pci.c b/xen/arch/x86/pci.c index 5bcecbb5ce..4b87cab75c 100644 --- a/xen/arch/x86/pci.c +++ b/xen/arch/x86/pci.c @@ -7,6 +7,7 @@ #include #include #include +#include static DEFINE_SPINLOCK(pci_config_lock); @@ -73,7 +74,12 @@ int pci_conf_write_intercept(unsigned int seg, unsigned int bdf, uint32_t *data) { struct pci_dev *pdev; - int rc = 0; + int rc = xsm_pci_config_permission(XSM_HOOK, current->domain, bdf, + reg, reg + size - 1, 1); + + if ( rc < 0 ) + return rc; + ASSERT(!rc); /* * Avoid expensive operations when no hook is going to do anything diff --git a/xen/arch/x86/traps.c b/xen/arch/x86/traps.c index e1038349c9..e105b953c6 100644 --- a/xen/arch/x86/traps.c +++ b/xen/arch/x86/traps.c @@ -1812,11 +1812,9 @@ static bool_t pci_cfg_ok(struct domain *currd, unsigned int start, start |= CF8_ADDR_HI(currd->arch.pci_cf8); } - if ( xsm_pci_config_permission(XSM_HOOK, currd, machine_bdf, - start, start + size - 1, !!write) != 0 ) - return 0; - - return !write || + return !write ? + xsm_pci_config_permission(XSM_HOOK, currd, machine_bdf, + start, start + size - 1, 0) == 0 : pci_conf_write_intercept(0, machine_bdf, start, size, write) >= 0; } -- 2.30.2