xen/22693-fam10-mmio-conf-base-protect.patch

# HG changeset patch
# User Keir Fraser <keir@xen.org>
# Date 1294648952 0
# Node ID 08bb0eefe87107c30a9bdc6d72f26b20c55ae687
# Parent  66e8062894641e5622aa6adc54297d5700b1cea3
x86-64: don't allow wrmsr to MSR_FAM10H_MMIO_CONF_BASE when Xen itself is using it

Signed-off-by: Jan Beulich <jbeulich@novell.com>

# HG changeset patch
# User Keir Fraser <keir@xen.org>
# Date 1294741846 0
# Node ID a2dcebb88bc4571d64b3f30c1fbb33cfe4f6e2c5
# Parent  1ae74f060a39ae1305b3a434d0faa1a19853fdab
x86-64: refine access permission check for wrmsr to MSR_FAM10H_MMIO_CONF_BASE

We really don't want the mmconf window to move/disappear whenever we
use is ourselves, not only when we enabled it.

Signed-off-by: Jan Beulich <jbeulich@novell.com>

--- a/xen/arch/x86/traps.c
+++ b/xen/arch/x86/traps.c
@@ -1704,6 +1704,10 @@ static int is_cpufreq_controller(struct 
             (d->domain_id == 0));
 }
 
+#ifdef CONFIG_X86_64
+#include "x86_64/mmconfig.h"
+#endif
+
 static int emulate_privileged_op(struct cpu_user_regs *regs)
 {
     struct vcpu *v = current;
@@ -2263,7 +2267,13 @@ static int emulate_privileged_op(struct 
                 goto fail;
             if ( !IS_PRIV(v->domain) )
                 break;
-            if ( (rdmsr_safe(MSR_FAM10H_MMIO_CONF_BASE, l, h) != 0) ||
+            if ( (rdmsr_safe(MSR_FAM10H_MMIO_CONF_BASE, l, h) != 0) )
+                goto fail;
+            if (
+#ifdef CONFIG_X86_64
+                 (pci_probe & PCI_PROBE_MASK) == PCI_PROBE_MMCONF ?
+                 eax != l || edx != h :
+#endif
                  (((((u64)h << 32) | l) ^ val) &
                   ~( FAM10H_MMIO_CONF_ENABLE |
                     (FAM10H_MMIO_CONF_BUSRANGE_MASK <<
--- a/xen/arch/x86/x86_64/mmconfig.h
+++ b/xen/arch/x86/x86_64/mmconfig.h
@@ -34,6 +34,8 @@
 
 #define PCI_VENDOR_ID_NVIDIA       0x10de
 
+extern unsigned int pci_probe;
+
 /*
  * AMD Fam10h CPUs are buggy, and cannot access MMIO config space
  * on their northbrige except through the * %eax register. As such, you MUST
--- a/xen/arch/x86/x86_64/mmconfig-shared.c
+++ b/xen/arch/x86/x86_64/mmconfig-shared.c
@@ -24,7 +24,7 @@
 #include "mmconfig.h"
 
 static int __initdata known_bridge;
-static unsigned int pci_probe = PCI_PROBE_CONF1 | PCI_PROBE_MMCONF;
+unsigned int pci_probe = PCI_PROBE_CONF1 | PCI_PROBE_MMCONF;
 
 static void __init parse_mmcfg(char *s)
 {
- bnc#658704 - SLES11 SP1 Xen boot panic in x2apic mode 22707-x2apic-preenabled-check.patch - bnc#641419 - L3: Xen: qemu-dm reports "xc_map_foreign_batch: mmap failed: Cannot allocate memory" 7434-qemu-rlimit-as.patch - Additional or upstream patches from Jan 22693-fam10-mmio-conf-base-protect.patch 22694-x86_64-no-weak.patch 22708-xenctx-misc.patch 21432-4.0-cpu-boot-failure.patch 22645-amd-flush-filter.patch qemu-fix-7433.patch - Maintain compatibility with the extid flag even though it is deprecated for both legacy and sxp config files. hv_extid_compatibility.patch - bnc#649209-improve suspend eventchn lock suspend_evtchn_lock.patch - Removed the hyper-v shim patches in favor of using the upstream version. - bnc#641419 - L3: Xen: qemu-dm reports "xc_map_foreign_batch: mmap failed: Cannot allocate memory" qemu-rlimit-as.patch - Upstream c/s 7433 to replace qemu_altgr_more.patch 7433-qemu-altgr.patch OBS-URL: https://build.opensuse.org/package/show/Virtualization/xen?expand=0&rev=90 2011-01-14 19:24:51 +01:00			`# HG changeset patch`
			`# User Keir Fraser <keir@xen.org>`
			`# Date 1294648952 0`
			`# Node ID 08bb0eefe87107c30a9bdc6d72f26b20c55ae687`
			`# Parent 66e8062894641e5622aa6adc54297d5700b1cea3`
			`x86-64: don't allow wrmsr to MSR_FAM10H_MMIO_CONF_BASE when Xen itself is using it`

			`Signed-off-by: Jan Beulich <jbeulich@novell.com>`

			`# HG changeset patch`
			`# User Keir Fraser <keir@xen.org>`
			`# Date 1294741846 0`
			`# Node ID a2dcebb88bc4571d64b3f30c1fbb33cfe4f6e2c5`
			`# Parent 1ae74f060a39ae1305b3a434d0faa1a19853fdab`
			`x86-64: refine access permission check for wrmsr to MSR_FAM10H_MMIO_CONF_BASE`

			`We really don't want the mmconf window to move/disappear whenever we`
			`use is ourselves, not only when we enabled it.`

			`Signed-off-by: Jan Beulich <jbeulich@novell.com>`

			`--- a/xen/arch/x86/traps.c`
			`+++ b/xen/arch/x86/traps.c`
			`@@ -1704,6 +1704,10 @@ static int is_cpufreq_controller(struct`
			`(d->domain_id == 0));`
			`}`

			`+#ifdef CONFIG_X86_64`
			`+#include "x86_64/mmconfig.h"`
			`+#endif`
			`+`
			`static int emulate_privileged_op(struct cpu_user_regs *regs)`
			`{`
			`struct vcpu *v = current;`
			`@@ -2263,7 +2267,13 @@ static int emulate_privileged_op(struct`
			`goto fail;`
			`if ( !IS_PRIV(v->domain) )`
			`break;`
			`- if ( (rdmsr_safe(MSR_FAM10H_MMIO_CONF_BASE, l, h) != 0) \|\|`
			`+ if ( (rdmsr_safe(MSR_FAM10H_MMIO_CONF_BASE, l, h) != 0) )`
			`+ goto fail;`
			`+ if (`
			`+#ifdef CONFIG_X86_64`
			`+ (pci_probe & PCI_PROBE_MASK) == PCI_PROBE_MMCONF ?`
			`+ eax != l \|\| edx != h :`
			`+#endif`
			`(((((u64)h << 32) \| l) ^ val) &`
			`~( FAM10H_MMIO_CONF_ENABLE \|`
			`(FAM10H_MMIO_CONF_BUSRANGE_MASK <<`
			`--- a/xen/arch/x86/x86_64/mmconfig.h`
			`+++ b/xen/arch/x86/x86_64/mmconfig.h`
			`@@ -34,6 +34,8 @@`

			`#define PCI_VENDOR_ID_NVIDIA 0x10de`

			`+extern unsigned int pci_probe;`
			`+`
			`/*`
			`* AMD Fam10h CPUs are buggy, and cannot access MMIO config space`
			`* on their northbrige except through the * %eax register. As such, you MUST`
			`--- a/xen/arch/x86/x86_64/mmconfig-shared.c`
			`+++ b/xen/arch/x86/x86_64/mmconfig-shared.c`
			`@@ -24,7 +24,7 @@`
			`#include "mmconfig.h"`

			`static int __initdata known_bridge;`
			`-static unsigned int pci_probe = PCI_PROBE_CONF1 \| PCI_PROBE_MMCONF;`
			`+unsigned int pci_probe = PCI_PROBE_CONF1 \| PCI_PROBE_MMCONF;`

			`static void __init parse_mmcfg(char *s)`
			`{`