From: Grygorii Strashko Date: Tue, 18 Feb 2025 11:22:52 +0000 (+0200) Subject: xen/arm: fix iomem permissions cfg in map_range_to_domain() X-Git-Url: http://xenbits.xensource.com/gitweb?a=commitdiff_plain;h=9568ceb2877dae593dbac29a1154f63bdea65c20;p=people%2Froyger%2Fxen.git xen/arm: fix iomem permissions cfg in map_range_to_domain() Now the following code in map_range_to_domain() res = iomem_permit_access(d, paddr_to_pfn(addr), paddr_to_pfn(PAGE_ALIGN(addr + len - 1))); calculates the iomem range end address by rounding it up to the next Xen page with incorrect assumption that iomem range end address passed to iomem_permit_access() is exclusive, while it is expected to be inclusive. It gives Control domain (Dom0) access to manage incorrect MMIO range with one additional page. For example, if requested range is [00e6140000:00e6141004] then it expected to add [e6140:e6141] range (num_pages=2) to the domain iomem_caps rangeset, but will add [e6140:e6142] (num_pages=3) instead. To fix it, drop PAGE_ALIGN() from the iomem range end address calculation formula. Fixes: 33233c2758345 ("arch/arm: domain build: let dom0 access I/O memory of mapped devices") Signed-off-by: Grygorii Strashko Reviewed-by: Julien Grall --- diff --git a/xen/arch/arm/device.c b/xen/arch/arm/device.c index 5610cddcba..97e613e06a 100644 --- a/xen/arch/arm/device.c +++ b/xen/arch/arm/device.c @@ -71,7 +71,7 @@ int map_range_to_domain(const struct dt_device_node *dev, strlen("/reserved-memory/")) != 0 ) { res = iomem_permit_access(d, paddr_to_pfn(addr), - paddr_to_pfn(PAGE_ALIGN(addr + len - 1))); + paddr_to_pfn(addr + len - 1)); if ( res ) { printk(XENLOG_ERR "Unable to permit to dom%d access to"