| Message ID | 1376687156-6737-21-git-send-email-julien.grall@linaro.org |
|---|---|
| State | Superseded, archived |
| Headers | show |
On Fri, 2013-08-16 at 22:05 +0100, Julien Grall wrote: > Each platform code will list the device that must not pass-through to a guest. > Theses devices are used for: power management, timer,... > > When theses devices are given to DOM0, it can controls the hardware and then > break the whole platform. This will do for now. Eventually I think we will want to derive this from the set of devices used by Xen following the links specified in the clock and PM bindings etc. We will also eventually want to implement some per-device MMIO filtering to allow dom0 to continue to control devices which it owns which happen to share e.g. a clk controller with Xen. (could expound on this in the commit message for context perhaps?) > > Signed-off-by: Julien Grall <julien.grall@linaro.org> > --- > xen/arch/arm/domain_build.c | 2 +- > xen/arch/arm/platform.c | 10 ++++++++++ > xen/include/asm-arm/platform.h | 7 +++++++ > 3 files changed, 18 insertions(+), 1 deletion(-) > > diff --git a/xen/arch/arm/domain_build.c b/xen/arch/arm/domain_build.c > index d8d67a6..93f77c6 100644 > --- a/xen/arch/arm/domain_build.c > +++ b/xen/arch/arm/domain_build.c > @@ -419,7 +419,7 @@ static int handle_node(struct domain *d, struct kernel_info *kinfo, > DPRINT("handle %s\n", dt_node_full_name(np)); > > /* Skip theses nodes and the sub-nodes */ > - if ( dt_match_node(skip_matches, np ) ) > + if ( dt_match_node(skip_matches, np ) || platform_device_is_blacklist(np) ) > return 0; > > if ( dt_device_used_by(np) != DOMID_XEN && > diff --git a/xen/arch/arm/platform.c b/xen/arch/arm/platform.c > index afda302..cae0580 100644 > --- a/xen/arch/arm/platform.c > +++ b/xen/arch/arm/platform.c > @@ -127,6 +127,16 @@ bool_t platform_has_quirk(uint32_t quirk) > return !!(quirks & quirk); > } > > +bool_t platform_device_is_blacklist(const struct dt_device_node *node) ...._is_blacklisted. > +{ > + const struct dt_device_match *blacklist = NULL; > + > + if ( platform && platform->blacklist_dev ) > + blacklist = platform->blacklist_dev; > + > + return dt_match_node(blacklist, node); > +} > + > /* > * Local variables: > * mode: C > diff --git a/xen/include/asm-arm/platform.h b/xen/include/asm-arm/platform.h > index f460e9c..4b511ed 100644 > --- a/xen/include/asm-arm/platform.h > +++ b/xen/include/asm-arm/platform.h > @@ -4,6 +4,7 @@ > #include <xen/init.h> > #include <xen/sched.h> > #include <xen/mm.h> > +#include <xen/device_tree.h> > > /* Describe specific operation for a board */ > struct platform_desc { > @@ -26,6 +27,11 @@ struct platform_desc { > * board with different quirk on each > */ > uint32_t (*quirks)(void); > + /* > + * Platform blacklist devices "Blacklisted platform devices" > + * List of devices which must not pass-through to a guest > + */ > + const struct dt_device_match *blacklist_dev; Either "blacklisted_devs" or just "blacklist" I think. The former sounds a bit better to me. > }; > > /* > @@ -40,6 +46,7 @@ int __init platform_specific_mapping(struct domain *d); > void platform_reset(void); > void platform_poweroff(void); > bool_t platform_has_quirk(uint32_t quirk); > +bool_t platform_device_is_blacklist(const struct dt_device_node *node); > > #define PLATFORM_START(_name, _namestr) \ > static const struct platform_desc __plat_desc_##_name __used \
diff --git a/xen/arch/arm/domain_build.c b/xen/arch/arm/domain_build.c index d8d67a6..93f77c6 100644 --- a/xen/arch/arm/domain_build.c +++ b/xen/arch/arm/domain_build.c @@ -419,7 +419,7 @@ static int handle_node(struct domain *d, struct kernel_info *kinfo, DPRINT("handle %s\n", dt_node_full_name(np)); /* Skip theses nodes and the sub-nodes */ - if ( dt_match_node(skip_matches, np ) ) + if ( dt_match_node(skip_matches, np ) || platform_device_is_blacklist(np) ) return 0; if ( dt_device_used_by(np) != DOMID_XEN && diff --git a/xen/arch/arm/platform.c b/xen/arch/arm/platform.c index afda302..cae0580 100644 --- a/xen/arch/arm/platform.c +++ b/xen/arch/arm/platform.c @@ -127,6 +127,16 @@ bool_t platform_has_quirk(uint32_t quirk) return !!(quirks & quirk); } +bool_t platform_device_is_blacklist(const struct dt_device_node *node) +{ + const struct dt_device_match *blacklist = NULL; + + if ( platform && platform->blacklist_dev ) + blacklist = platform->blacklist_dev; + + return dt_match_node(blacklist, node); +} + /* * Local variables: * mode: C diff --git a/xen/include/asm-arm/platform.h b/xen/include/asm-arm/platform.h index f460e9c..4b511ed 100644 --- a/xen/include/asm-arm/platform.h +++ b/xen/include/asm-arm/platform.h @@ -4,6 +4,7 @@ #include <xen/init.h> #include <xen/sched.h> #include <xen/mm.h> +#include <xen/device_tree.h> /* Describe specific operation for a board */ struct platform_desc { @@ -26,6 +27,11 @@ struct platform_desc { * board with different quirk on each */ uint32_t (*quirks)(void); + /* + * Platform blacklist devices + * List of devices which must not pass-through to a guest + */ + const struct dt_device_match *blacklist_dev; }; /* @@ -40,6 +46,7 @@ int __init platform_specific_mapping(struct domain *d); void platform_reset(void); void platform_poweroff(void); bool_t platform_has_quirk(uint32_t quirk); +bool_t platform_device_is_blacklist(const struct dt_device_node *node); #define PLATFORM_START(_name, _namestr) \ static const struct platform_desc __plat_desc_##_name __used \
Each platform code will list the device that must not pass-through to a guest. Theses devices are used for: power management, timer,... When theses devices are given to DOM0, it can controls the hardware and then break the whole platform. Signed-off-by: Julien Grall <julien.grall@linaro.org> --- xen/arch/arm/domain_build.c | 2 +- xen/arch/arm/platform.c | 10 ++++++++++ xen/include/asm-arm/platform.h | 7 +++++++ 3 files changed, 18 insertions(+), 1 deletion(-)