x86: don't allow Dom0 access to ELCR ports

Much like the other PIC ports, Dom0 has no business touching these. Even
our own uses are somewhat questionable, as the corresponding IO-APIC
code in Linux is enclosed in a CONFIG_EISA conditional; I don't think
there are any x86-64 EISA systems.

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Roger Pau Monné <roger.pau@citrix.com>

diff --git a/xen/arch/x86/dom0_build.c b/xen/arch/x86/dom0_build.c
index e734622400ce0962f351e07462df6971392a3ffe..0276924ba2c773551574ac4392f83c833bb55410 100644 (file)
--- a/xen/arch/x86/dom0_build.c
+++ b/xen/arch/x86/dom0_build.c
@@ -484,6 +484,10 @@ int __init dom0_setup_permissions(struct domain *d)
     rc |= ioports_deny_access(d, 0x20, 0x21);
     /* Slave Interrupt Controller (PIC). */
     rc |= ioports_deny_access(d, 0xA0, 0xA1);
+
+    /* ELCR of both PICs. */
+    rc |= ioports_deny_access(d, 0x4D0, 0x4D1);
+
     /* Interval Timer (PIT). */
     rc |= ioports_deny_access(d, 0x40, 0x43);
     /* PIT Channel 2 / PC Speaker Control. */