mirror of
https://github.com/projectacrn/acrn-hypervisor.git
synced 2025-05-03 14:06:54 +00:00
hv: refine the VMCS io bitmap handling when pass-thru PIO bar
In current design, when pass-thru dev, for the PIO bar, need to ensure the guest PIO start address equals to host PIO start address. Then set the VMCS io bitmap to pass-thru the corresponding port io to guest for performance. But malicious guest may reprogram the PIO bar, then hv will pass-thru the reprogramed PIO address to guest. This isn't safe behavior. Here only pass-thru the host physical device PIO to guest. If guest regrogram the PIO bar, just update the virtual bar only. Currently, we don't support PIO bar reprogramming, if guest reprogram the PIO bar, guest should take responsibility itself When init the pass-thru dev PIO bars, set the VMCS io bitmap. setup_io_bitmap is called before init pass-thru dev to initiailize the io bitmap, so don't need to call deny_guest_pio_access when deinit pass-thru dev. v1 -> v2: * set the VMCS io bitmap when init pass-thru devices to migrate redoing allow_guest_pio_access()/deny_guest_pio_access(). Tracked-On: #6508 Signed-off-by: Liu,Junming <junming.liu@intel.com>
This commit is contained in:
Liu,Junming
wenlingz
parent
7fe145051c
commit
ad5e1cca0e
@ -140,31 +140,12 @@ static void vdev_pt_allow_io_vbar(struct pci_vdev *vdev, uint32_t idx)
|
||||
/* For SOS, all port IO access is allowed by default, so skip SOS here */
|
||||
if (!is_sos_vm(vm)) {
|
||||
struct pci_vbar *vbar = &vdev->vbars[idx];
|
||||
if (vbar->base_gpa != 0UL) {
|
||||
allow_guest_pio_access(vm, (uint16_t)vbar->base_gpa, (uint32_t)(vbar->size));
|
||||
if (vbar->base_hpa != 0UL) {
|
||||
allow_guest_pio_access(vm, (uint16_t)vbar->base_hpa, (uint32_t)(vbar->size));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @brief Deny IO bar access
|
||||
* @pre vdev != NULL
|
||||
* @pre vdev->vpci != NULL
|
||||
*/
|
||||
static void vdev_pt_deny_io_vbar(struct pci_vdev *vdev, uint32_t idx)
|
||||
{
|
||||
struct acrn_vm *vm = vpci2vm(vdev->vpci);
|
||||
|
||||
/* For SOS, all port IO access is allowed by default, so skip SOS here */
|
||||
if (!is_sos_vm(vm)) {
|
||||
struct pci_vbar *vbar = &vdev->vbars[idx];
|
||||
if (vbar->base_gpa != 0UL) {
|
||||
deny_guest_pio_access(vm, (uint16_t)(vbar->base_gpa), (uint32_t)(vbar->size));
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @pre vdev != NULL
|
||||
*/
|
||||
@ -176,10 +157,8 @@ void vdev_pt_write_vbar(struct pci_vdev *vdev, uint32_t idx, uint32_t val)
|
||||
|
||||
switch (vbar->type) {
|
||||
case PCIBAR_IO_SPACE:
|
||||
vdev_pt_deny_io_vbar(vdev, update_idx);
|
||||
if (val != ~0U) {
|
||||
pci_vdev_write_vbar(vdev, idx, val);
|
||||
vdev_pt_allow_io_vbar(vdev, update_idx);
|
||||
} else {
|
||||
pci_vdev_write_vcfg(vdev, offset, 4U, val);
|
||||
vdev->vbars[update_idx].base_gpa = 0UL;
|
||||
@ -334,6 +313,10 @@ static void init_bars(struct pci_vdev *vdev, bool is_sriov_bar)
|
||||
if (!is_sriov_bar) {
|
||||
pci_vdev_write_vbar(vdev, idx, lo);
|
||||
}
|
||||
|
||||
if (type == PCIBAR_IO_SPACE) {
|
||||
vdev_pt_allow_io_vbar(vdev, idx);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user