Skip to content
Permalink
Browse files

x86: pio: use a whitelist instead of a permission bitmap

Whitelist-based permissions align better with the Jailhouse philosophy.

This patch switches the permission bitmap (which basically was (almost) a
duplicate of the final io_bitmap) to a structure that whitelists a port range,
given a base port and a length.

As a side effect, this patch drastically reduces the size of config files:
8404  -> 224   apic-demo.cell
8488  -> 312   e1000-demo.cell
11450 -> 3290  f2a88xm-hd3.cell
11634 -> 3474  imb-a180.cell
8424  -> 252   ioapic-demo.cell
8480  -> 296   ivshmem-demo.cell
8788  -> 608   linux-x86-demo.cell
8488  -> 308   pci-demo.cell
9730  -> 1586  qemu-x86.cell
8392  -> 212   smp-demo.cell
8404  -> 224   tiny-demo.cell

If no whitelist is given, all PIO access will be denied. Additionally, increase
the config file revision header.

Signed-off-by: Ralf Ramsauer <ralf.ramsauer@oth-regensburg.de>
[Jan: renamed for_each_pio -> for_each_pio_region]
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
  • Loading branch information...
rralf authored and jan-kiszka committed Jul 26, 2019
1 parent cb4dee3 commit 654594bc0be786ae1e495abef7b322e9024f8daa
@@ -20,7 +20,7 @@ struct {
__u64 cpus[1];
struct jailhouse_memory mem_regions[2];
struct jailhouse_cache cache_regions[1];
__u8 pio_bitmap[0x2000];
struct jailhouse_pio pio_regions[3];
} __attribute__((packed)) config = {
.cell = {
.signature = JAILHOUSE_CELL_DESC_SIGNATURE,
@@ -32,7 +32,7 @@ struct {
.num_memory_regions = ARRAY_SIZE(config.mem_regions),
.num_cache_regions = ARRAY_SIZE(config.cache_regions),
.num_irqchips = 0,
.pio_bitmap_size = ARRAY_SIZE(config.pio_bitmap),
.num_pio_regions = ARRAY_SIZE(config.pio_regions),
.num_pci_devices = 0,

.console = {
@@ -70,13 +70,9 @@ struct {
},
},

.pio_bitmap = {
[ 0/8 ... 0x2f7/8] = -1,
[ 0x2f8/8 ... 0x2ff/8] = 0, /* serial2 */
[ 0x300/8 ... 0x3f7/8] = -1,
[ 0x3f8/8 ... 0x3ff/8] = 0, /* serial1 */
[ 0x400/8 ... 0xe00f/8] = -1,
[0xe010/8 ... 0xe017/8] = 0, /* OXPCIe952 serial1 */
[0xe018/8 ... 0xffff/8] = -1,
.pio_regions = {
PIO_RANGE(0x2f8, 8), /* serial 2 */
PIO_RANGE(0x3f8, 8), /* serial 1 */
PIO_RANGE(0xe010, 8), /* OXPCIe952 serial */
},
};
@@ -20,7 +20,7 @@ struct {
struct jailhouse_cell_desc cell;
__u64 cpus[1];
struct jailhouse_memory mem_regions[3];
__u8 pio_bitmap[0x2000];
struct jailhouse_pio pio_regions[4];
struct jailhouse_pci_device pci_devices[1];
struct jailhouse_pci_capability pci_caps[1];
} __attribute__((packed)) config = {
@@ -34,7 +34,7 @@ struct {
.cpu_set_size = sizeof(config.cpus),
.num_memory_regions = ARRAY_SIZE(config.mem_regions),
.num_irqchips = 0,
.pio_bitmap_size = ARRAY_SIZE(config.pio_bitmap),
.num_pio_regions = ARRAY_SIZE(config.pio_regions),
.num_pci_devices = ARRAY_SIZE(config.pci_devices),
.num_pci_caps = ARRAY_SIZE(config.pci_caps),

@@ -72,16 +72,11 @@ struct {
},
},

.pio_bitmap = {
[ 0/8 ... 0x2f7/8] = -1,
[ 0x2f8/8 ... 0x2ff/8] = 0, /* serial2 */
[ 0x300/8 ... 0x3f7/8] = -1,
[ 0x3f8/8 ... 0x3ff/8] = 0, /* serial1 */
[ 0x400/8 ... 0xbfff/8] = -1,
[0xc000/8 ... 0xc03f/8] = 0, /* e1000 */
[0xc040/8 ... 0xdfff/8] = -1,
[0xe000/8 ... 0xe007/8] = 0, /* OXPCIe952 serial2 */
[0xe008/8 ... 0xffff/8] = -1,
.pio_regions = {
PIO_RANGE(0x2f8, 8), /* serial 2 */
PIO_RANGE(0x3f8, 8), /* serial 1 */
PIO_RANGE(0xc000, 0x3f), /* e1000 */
PIO_RANGE(0xe000, 8), /* OXPCIe952 serial 2 */
},

.pci_devices = {
@@ -25,7 +25,7 @@ struct {
__u64 cpus[1];
struct jailhouse_memory mem_regions[35];
struct jailhouse_irqchip irqchips[2];
__u8 pio_bitmap[0x2000];
struct jailhouse_pio pio_regions[8];
struct jailhouse_pci_device pci_devices[26];
struct jailhouse_pci_capability pci_caps[27];
} __attribute__((packed)) config = {
@@ -65,7 +65,7 @@ struct {
.cpu_set_size = sizeof(config.cpus),
.num_memory_regions = ARRAY_SIZE(config.mem_regions),
.num_irqchips = ARRAY_SIZE(config.irqchips),
.pio_bitmap_size = ARRAY_SIZE(config.pio_bitmap),
.num_pio_regions = ARRAY_SIZE(config.pio_regions),
.num_pci_devices = ARRAY_SIZE(config.pci_devices),
.num_pci_caps = ARRAY_SIZE(config.pci_caps),
},
@@ -352,20 +352,15 @@ struct {
},
},

.pio_bitmap = {
[ 0/8 ... 0x1f/8] = -1,
[ 0x20/8 ... 0x27/8] = 0xfc, /* HACK: PIC */
[ 0x28/8 ... 0x3f/8] = -1,
[ 0x40/8 ... 0x47/8] = 0xf0, /* PIT */
[ 0x48/8 ... 0x5f/8] = -1,
[ 0x60/8 ... 0x67/8] = 0xec, /* HACK: NMI status/control */
[ 0x68/8 ... 0x6f/8] = -1,
[ 0x70/8 ... 0x77/8] = 0xfc, /* RTC */
[ 0x78/8 ... 0x3af/8] = -1,
[ 0x3b0/8 ... 0x3df/8] = 0x00, /* VGA */
[ 0x3e0/8 ... 0xcf7/8] = 0, /* HACK: PCI bus */
[ 0xcf8/8 ... 0xcff/8] = -1,
[ 0xd00/8 ... 0xffff/8] = 0, /* HACK: PCI bus */
.pio_regions = {
PIO_RANGE(0x20, 8), /* HACK: PIC */
PIO_RANGE(0x40, 4), /* PIT */
PIO_RANGE(0x60, 2), /* HACK: NMI status/control */
PIO_RANGE(0x64, 1), /* i8042 */
PIO_RANGE(0x70, 2), /* RTC */
PIO_RANGE(0x3b0, 0x30), /* VGA */
PIO_RANGE(0x3e0, 0x918), /* HACK: PCI bus */
PIO_RANGE(0xd00, 0xf300), /* HACK: PCI bus */
},

.pci_devices = {
@@ -24,7 +24,7 @@ struct {
__u64 cpus[1];
struct jailhouse_memory mem_regions[42];
struct jailhouse_irqchip irqchips[1];
__u8 pio_bitmap[0x2000];
struct jailhouse_pio pio_regions[8];
struct jailhouse_pci_device pci_devices[26];
struct jailhouse_pci_capability pci_caps[26];
} __attribute__((packed)) config = {
@@ -54,7 +54,7 @@ struct {
.cpu_set_size = sizeof(config.cpus),
.num_memory_regions = ARRAY_SIZE(config.mem_regions),
.num_irqchips = ARRAY_SIZE(config.irqchips),
.pio_bitmap_size = ARRAY_SIZE(config.pio_bitmap),
.num_pio_regions = ARRAY_SIZE(config.pio_regions),
.num_pci_devices = ARRAY_SIZE(config.pci_devices),
.num_pci_caps = ARRAY_SIZE(config.pci_caps),
},
@@ -382,20 +382,15 @@ struct {
},
},

.pio_bitmap = {
[ 0/8 ... 0x1f/8] = -1,
[ 0x20/8 ... 0x27/8] = 0xfc, /* HACK: PIC */
[ 0x28/8 ... 0x3f/8] = -1,
[ 0x40/8 ... 0x47/8] = 0xf0, /* PIT */
[ 0x48/8 ... 0x5f/8] = -1,
[ 0x60/8 ... 0x67/8] = 0xec, /* HACK: NMI status/control */
[ 0x68/8 ... 0x6f/8] = -1,
[ 0x70/8 ... 0x77/8] = 0xfc, /* RTC */
[ 0x78/8 ... 0x3af/8] = -1,
[ 0x3b0/8 ... 0x3df/8] = 0x00, /* VGA */
[ 0x3e0/8 ... 0xcf7/8] = 0, /* HACK: PCI bus */
[ 0xcf8/8 ... 0xcff/8] = -1,
[ 0xd00/8 ... 0xffff/8] = 0, /* HACK: PCI bus */
.pio_regions = {
PIO_RANGE(0x20, 2), /* HACK: PIC */
PIO_RANGE(0x40, 4), /* PIT */
PIO_RANGE(0x60, 2), /* HACK: NMI status/control */
PIO_RANGE(0x64, 1), /* i8042 */
PIO_RANGE(0x70, 2), /* RTC */
PIO_RANGE(0x3b0, 0x30), /* VGA */
PIO_RANGE(0x3e0, 0x918), /* HACK: PCI bus */
PIO_RANGE(0xd00, 0xf300), /* HACK: PCI bus */
},

.pci_devices = {
@@ -21,7 +21,7 @@ struct {
__u64 cpus[1];
struct jailhouse_memory mem_regions[2];
struct jailhouse_irqchip irqchips[1];
__u8 pio_bitmap[0x2000];
struct jailhouse_pio pio_regions[5];
} __attribute__((packed)) config = {
.cell = {
.signature = JAILHOUSE_CELL_DESC_SIGNATURE,
@@ -33,7 +33,7 @@ struct {
.cpu_set_size = sizeof(config.cpus),
.num_memory_regions = ARRAY_SIZE(config.mem_regions),
.num_irqchips = ARRAY_SIZE(config.irqchips),
.pio_bitmap_size = ARRAY_SIZE(config.pio_bitmap),
.num_pio_regions = ARRAY_SIZE(config.pio_regions),
.num_pci_devices = 0,

.console = {
@@ -73,17 +73,11 @@ struct {
},
},

.pio_bitmap = {
[ 0/8 ... 0x2f7/8] = -1,
[ 0x2f8/8 ... 0x2ff/8] = 0, /* serial2 */
[ 0x300/8 ... 0x3f7/8] = -1,
[ 0x3f8/8 ... 0x3ff/8] = 0, /* serial1 */
[ 0x400/8 ... 0x5ff/8] = -1,
[ 0x600/8 ... 0x607/8] = 0xf0, /* acpi-evt */
[ 0x608/8 ... 0x7ff/8] = -1,
[ 0x800/8 ... 0x807/8] = 0xf0 /* apci-pm1a */,
[ 0x808/8 ... 0xdfff/8] = -1,
[0xe000/8 ... 0xe007/8] = 0, /* OXPCIe952 serial2 */
[0xe008/8 ... 0xffff/8] = -1,
.pio_regions = {
PIO_RANGE(0x2f8, 8), /* serial 2 */
PIO_RANGE(0x3f8, 8), /* serial 1 */
PIO_RANGE(0x600, 4), /* acpi-evt */
PIO_RANGE(0x800, 4), /* apci-pm1a */
PIO_RANGE(0xe010, 8), /* OXPCIe952 serial2 */
},
};
@@ -20,7 +20,7 @@ struct {
struct jailhouse_cell_desc cell;
__u64 cpus[1];
struct jailhouse_memory mem_regions[3];
__u8 pio_bitmap[0x2000];
struct jailhouse_pio pio_regions[2];
struct jailhouse_pci_device pci_devices[1];
struct jailhouse_pci_capability pci_caps[0];
} __attribute__((packed)) config = {
@@ -34,7 +34,7 @@ struct {
.cpu_set_size = sizeof(config.cpus),
.num_memory_regions = ARRAY_SIZE(config.mem_regions),
.num_irqchips = 0,
.pio_bitmap_size = ARRAY_SIZE(config.pio_bitmap),
.num_pio_regions = ARRAY_SIZE(config.pio_regions),
.num_pci_devices = ARRAY_SIZE(config.pci_devices),
.num_pci_caps = ARRAY_SIZE(config.pci_caps),

@@ -73,12 +73,9 @@ struct {
},
},

.pio_bitmap = {
[ 0/8 ... 0x2f7/8] = -1,
[ 0x2f8/8 ... 0x2ff/8] = 0, /* serial2 */
[ 0x300/8 ... 0x3f7/8] = -1,
[ 0x3f8/8 ... 0x3ff/8] = 0, /* serial1 */
[ 0x400/8 ... 0xffff/8] = -1,
.pio_regions = {
PIO_RANGE(0x2f8, 8), /* serial 2 */
PIO_RANGE(0x3f8, 8), /* serial 1 */
},

.pci_devices = {
@@ -25,7 +25,7 @@ struct {
#endif
struct jailhouse_cache cache_regions[1];
struct jailhouse_irqchip irqchips[1];
__u8 pio_bitmap[0x2000];
struct jailhouse_pio pio_regions[3];
#ifdef CONFIG_QEMU_E1000E_ASSIGNMENT
struct jailhouse_pci_device pci_devices[2];
#else
@@ -44,7 +44,7 @@ struct {
.num_memory_regions = ARRAY_SIZE(config.mem_regions),
.num_cache_regions = ARRAY_SIZE(config.cache_regions),
.num_irqchips = ARRAY_SIZE(config.irqchips),
.pio_bitmap_size = ARRAY_SIZE(config.pio_bitmap),
.num_pio_regions = ARRAY_SIZE(config.pio_regions),
.num_pci_devices = ARRAY_SIZE(config.pci_devices),
.num_pci_caps = ARRAY_SIZE(config.pci_caps),
},
@@ -134,14 +134,10 @@ struct {
},
},

.pio_bitmap = {
[ 0/8 ... 0x2f7/8] = -1,
[ 0x2f8/8 ... 0x2ff/8] = 0, /* serial2 */
[ 0x300/8 ... 0x3f7/8] = -1,
[ 0x3f8/8 ... 0x3ff/8] = 0, /* serial1 */
[ 0x400/8 ... 0xe00f/8] = -1,
[0xe010/8 ... 0xe017/8] = 0, /* OXPCIe952 serial1 */
[0xe018/8 ... 0xffff/8] = -1,
.pio_regions = {
PIO_RANGE(0x2f8, 8), /* serial 2 */
PIO_RANGE(0x3f8, 8), /* serial 1 */
PIO_RANGE(0xe010, 8), /* OXPCIe952 serial1 */
},

.pci_devices = {
@@ -20,7 +20,7 @@ struct {
struct jailhouse_cell_desc cell;
__u64 cpus[1];
struct jailhouse_memory mem_regions[3];
__u8 pio_bitmap[0x2000];
struct jailhouse_pio pio_regions[3];
struct jailhouse_pci_device pci_devices[1];
struct jailhouse_pci_capability pci_caps[1];
} __attribute__((packed)) config = {
@@ -34,7 +34,7 @@ struct {
.cpu_set_size = sizeof(config.cpus),
.num_memory_regions = ARRAY_SIZE(config.mem_regions),
.num_irqchips = 0,
.pio_bitmap_size = ARRAY_SIZE(config.pio_bitmap),
.num_pio_regions = ARRAY_SIZE(config.pio_regions),
.num_pci_devices = ARRAY_SIZE(config.pci_devices),
.num_pci_caps = ARRAY_SIZE(config.pci_caps),

@@ -71,14 +71,10 @@ struct {
},
},

.pio_bitmap = {
[ 0/8 ... 0x2f7/8] = -1,
[ 0x2f8/8 ... 0x2ff/8] = 0, /* serial2 */
[ 0x300/8 ... 0x3f7/8] = -1,
[ 0x3f8/8 ... 0x3ff/8] = 0, /* serial1 */
[ 0x400/8 ... 0xdfff/8] = -1,
[0xe000/8 ... 0xe007/8] = 0, /* OXPCIe952 serial2 */
[0xe008/8 ... 0xffff/8] = -1,
.pio_regions = {
PIO_RANGE(0x2f8, 8), /* serial 2 */
PIO_RANGE(0x3f8, 8), /* serial 1 */
PIO_RANGE(0xe010, 8), /* OXPCIe952 serial2 */
},

.pci_devices = {
@@ -24,7 +24,7 @@ struct {
__u64 cpus[1];
struct jailhouse_memory mem_regions[16];
struct jailhouse_irqchip irqchips[1];
__u8 pio_bitmap[0x2000];
struct jailhouse_pio pio_regions[12];
struct jailhouse_pci_device pci_devices[9];
struct jailhouse_pci_capability pci_caps[11];
} __attribute__((packed)) config = {
@@ -62,7 +62,7 @@ struct {
.cpu_set_size = sizeof(config.cpus),
.num_memory_regions = ARRAY_SIZE(config.mem_regions),
.num_irqchips = ARRAY_SIZE(config.irqchips),
.pio_bitmap_size = ARRAY_SIZE(config.pio_bitmap),
.num_pio_regions = ARRAY_SIZE(config.pio_regions),
.num_pci_devices = ARRAY_SIZE(config.pci_devices),
.num_pci_caps = ARRAY_SIZE(config.pci_caps),
},
@@ -196,30 +196,19 @@ struct {
},
},

.pio_bitmap = {
[ 0/8 ... 0x1f/8] = 0, /* floppy DMA controller */
[ 0x20/8 ... 0x3f/8] = -1,
[ 0x40/8 ... 0x47/8] = 0xf0, /* PIT */
[ 0x48/8 ... 0x5f/8] = -1,
[ 0x60/8 ... 0x67/8] = 0xec, /* HACK: NMI status/control */
[ 0x68/8 ... 0x6f/8] = -1,
[ 0x70/8 ... 0x77/8] = 0xfc, /* rtc */
[ 0x78/8 ... 0x1c7/8] = -1,
[ 0x1c8/8 ... 0x1cf/8] = 0x3f, /* vbe */
[ 0x1d0/8 ... 0x1d7/8] = 0xfe, /* vbe */
[ 0x1d8/8 ... 0x2f7/8] = -1,
[ 0x2f8/8 ... 0x2ff/8] = 0, /* serial2 */
[ 0x300/8 ... 0x3af/8] = -1,
[ 0x3b0/8 ... 0x3df/8] = 0, /* VGA */
[ 0x3e0/8 ... 0x3ef/8] = -1,
[ 0x3f0/8 ... 0x3f7/8] = 0, /* floppy */
[ 0x3f8/8 ... 0x3ff/8] = -1,
[ 0x400/8 ... 0x407/8] = 0xfb, /* invalid but accessed by X */
[ 0x408/8 ... 0x5657/8] = -1,
[0x5658/8 ... 0x565f/8] = 0xf0, /* vmport */
[0x5660/8 ... 0xbfff/8] = -1,
[0xc000/8 ... 0xc0ff/8] = 0, /* PCI devices */
[0xc100/8 ... 0xffff/8] = -1,
.pio_regions = {
PIO_RANGE(0x0, 0x1f), /* floppy DMA controller */
PIO_RANGE(0x40, 0x4), /* PIT */
PIO_RANGE(0x60, 0x2), /* HACK: NMI status/control */
PIO_RANGE(0x64, 0x1), /* i8042 */
PIO_RANGE(0x70, 0x2), /* rtc */
PIO_RANGE(0x1ce, 0x3), /* vbe */
PIO_RANGE(0x2f8, 0x8), /* serial2 */
PIO_RANGE(0x3b0, 0x8), /* VGA */
PIO_RANGE(0x3f0, 0x8), /* floppy */
PIO_RANGE(0x402, 0x1), /* invalid but accessed by X */
PIO_RANGE(0x5658, 0x4), /* vmport */
PIO_RANGE(0xc000, 0xff), /* PCI devices */
},

.pci_devices = {

0 comments on commit 654594b

Please sign in to comment.
You can’t perform that action at this time.