>>> On 07.05.15 at 16:54, <roger....@citrix.com> wrote:
> @@ -1548,6 +1549,8 @@ int __init construct_dom0(
> rc |= ioports_deny_access(d, pmtmr_ioport, pmtmr_ioport + 3);
> /* PCI configuration space (NB. 0xcf8 has special treatment). */
> rc |= ioports_deny_access(d, 0xcfc, 0xcff);
> + /* Never permit direct access to the RTC/CMOS registers. */
> + rc |= ioports_deny_access(d, RTC_PORT(0), RTC_PORT(1));
Looks like I prematurely committed this: Did you test that Dom0
still can access CMOS/RTC with that change? I ask because the
ioports_access_permitted() checks in guest_io_{read,write}()
now ought to fail for Dom0... (Apart from that on second thought
it looks wrong also conceptionally - we don't want to deny Dom0
access to these ports, we just don't want it to access them
directly.)
Jan
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
