ia64/xen-unstable

changeset 8739:5d9f4e6c9519

Blacklist memory-mapped APIC-register pages in the domain0
iomem capability list.

Signed-off-by: Keir Fraser <keir@xensource.com>
author kaf24@firebug.cl.cam.ac.uk
date Thu Feb 02 15:10:27 2006 +0100 (2006-02-02)
parents 03382076472c
children 3d7ea7972b39
files xen/arch/x86/domain_build.c
line diff
     1.1 --- a/xen/arch/x86/domain_build.c	Thu Feb 02 15:09:39 2006 +0100
     1.2 +++ b/xen/arch/x86/domain_build.c	Thu Feb 02 15:10:27 2006 +0100
     1.3 @@ -755,28 +755,45 @@ int construct_dom0(struct domain *d,
     1.4          printk("dom0: shadow setup done\n");
     1.5      }
     1.6  
     1.7 -    i = 0;
     1.8 +    rc = 0;
     1.9  
    1.10      /* DOM0 is permitted full I/O capabilities. */
    1.11 -    i |= ioports_permit_access(dom0, 0, 0xFFFF);
    1.12 -    i |= iomem_permit_access(dom0, 0UL, ~0UL);
    1.13 -    i |= irqs_permit_access(dom0, 0, NR_PIRQS-1);
    1.14 +    rc |= ioports_permit_access(dom0, 0, 0xFFFF);
    1.15 +    rc |= iomem_permit_access(dom0, 0UL, ~0UL);
    1.16 +    rc |= irqs_permit_access(dom0, 0, NR_PIRQS-1);
    1.17  
    1.18      /*
    1.19       * Modify I/O port access permissions.
    1.20       */
    1.21      /* Master Interrupt Controller (PIC). */
    1.22 -    i |= ioports_deny_access(dom0, 0x20, 0x21);
    1.23 +    rc |= ioports_deny_access(dom0, 0x20, 0x21);
    1.24      /* Slave Interrupt Controller (PIC). */
    1.25 -    i |= ioports_deny_access(dom0, 0xA0, 0xA1);
    1.26 +    rc |= ioports_deny_access(dom0, 0xA0, 0xA1);
    1.27      /* Interval Timer (PIT). */
    1.28 -    i |= ioports_deny_access(dom0, 0x40, 0x43);
    1.29 +    rc |= ioports_deny_access(dom0, 0x40, 0x43);
    1.30      /* PIT Channel 2 / PC Speaker Control. */
    1.31 -    i |= ioports_deny_access(dom0, 0x61, 0x61);
    1.32 +    rc |= ioports_deny_access(dom0, 0x61, 0x61);
    1.33      /* Command-line I/O ranges. */
    1.34      process_dom0_ioports_disable();
    1.35  
    1.36 -    BUG_ON(i != 0);
    1.37 +    /*
    1.38 +     * Modify I/O memory access permissions.
    1.39 +     */
    1.40 +    /* Local APIC. */
    1.41 +    if ( mp_lapic_addr != 0 )
    1.42 +    {
    1.43 +        mfn = paddr_to_pfn(mp_lapic_addr);
    1.44 +        rc |= iomem_deny_access(dom0, mfn, mfn);
    1.45 +    }
    1.46 +    /* I/O APICs. */
    1.47 +    for ( i = 0; i < nr_ioapics; i++ )
    1.48 +    {
    1.49 +        mfn = paddr_to_pfn(mp_ioapics[i].mpc_apicaddr);
    1.50 +        if ( smp_found_config )
    1.51 +            rc |= iomem_deny_access(dom0, mfn, mfn);
    1.52 +    }
    1.53 +
    1.54 +    BUG_ON(rc != 0);
    1.55  
    1.56      return 0;
    1.57  }