Xen devel - Oct 2006 - Address check restriction

Keir,

   I''d like to restrict the address check in the code snipped below so
that addresses in the range 0xFED4 0000 to 0xFED4 5000 do not end up in
the domain_crash() function. I have a virtual device (qemu device model)
that uses addresses in this range. Can I just open up that window with a
check like this or can the window even be further open onto higher
addresses?

    if ( !hvm_apic_support(d) && 
         (((gpa >= 0xFEC00000) && (gpa < FED40000)) ||
           (gpa >= 0xFED45000)  ))


The device is a TPM TIS interface. Specs at:

https://www.trustedcomputinggroup.org/groups/pc_client/TCG_PCClientTPMSpecification_1-20_1-00_FINAL.pdf

Page 27 shows the address range.


from xen/arch/x86/mm/shadow/multi.c:

 mmio:
    perfc_incrc(shadow_fault_mmio);
    if ( !hvm_apic_support(d) && (gpa >= 0xFEC00000) )
    {
        /* Need to deal with these disabled-APIC accesses, as
         * handle_mmio() apparently does not currently do that. */
        /* TJD: What about it, then?   For now, I''m turning this BUG()
         * into a domain_crash() since we don''t want to kill Xen. */
        SHADOW_ERROR("disabled-APIC access: not supported\n.");
        domain_crash(d);
    }



  Stefan



_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

On 19/10/06 8:37 pm, "Stefan Berger" <stefanb@us.ibm.com> wrote:
>     if ( !hvm_apic_support(d) &&
>          (((gpa >= 0xFEC00000) && (gpa < FED40000)) ||
>            (gpa >= 0xFED45000)  ))
The test should be removed entirely and handle_mmio() should be extended to
deal appropriately with accesses to unused addresses, if it doesn''t
already.

 -- Keir



_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel

Keir Fraser <Keir.Fraser@cl.cam.ac.uk> wrote on 10/19/2006 04:47:21 PM:
> On 19/10/06 8:37 pm, "Stefan Berger" <stefanb@us.ibm.com>
wrote:
> 
> >     if ( !hvm_apic_support(d) &&
> >          (((gpa >= 0xFEC00000) && (gpa < FED40000)) ||
> >            (gpa >= 0xFED45000)  ))
> 
> The test should be removed entirely and handle_mmio() should be extended 
to
> deal appropriately with accesses to unused addresses, if it
doesn''t
already.

It handles the MMIO addresses correctly - at least from what I can see.
It''s probably easier for you to cut those few lines, so I
won''t send a
patch.

   Stefan
> 
>  -- Keir
> 
> 

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel