xen-4.3.0 XSM bug fix

error code ：Map 1 (fed40, ...) at 0x1006000 failed ：-1

ref xen patch : http://xenbits.xen.org/gitweb/?p=xen.git;a=blobdiff;f=xen/include/xsm/dummy.h;h=052f3e011181332b8342c1648ecd050327c74aa1;hp=cc0a5a8301248f05a341fbf920644c896af30bef;hb=07344c0f33be13bf9232a113681ef9087557f706;hpb=f12c1f0b09205cdf18a2c4a615fdc3e7357ce704

When the permission checks for memory mapping were moved from get_pg_owner to xsm_mmu_update in aaba7a677, the exception for DOMID_IO was not taken into account. This will cause IO memory mappings by PV domains (mini-os in particular) to fail when XSM/FLASK is not being used. This patch reintroduces the exception for DOMID_IO; the actual 

restrictions on IO memory mappings have always been checked separately using iomem_access_permitted, so this change should not break existing access control.

diff --git a/xen/include/xsm/dummy.h b/xen/include/xsm/dummy.h

index cc0a5a8..052f3e0 100644 (file)

--- a/xen/include/xsm/dummy.h

+++ b/xen/include/xsm/dummy.h

@@ -567,9 +567,10 @@ static XSM_INLINE int xsm_domain_memory_map(XSM_DEFAULT_ARG struct domain *d)

 static XSM_INLINE int xsm_mmu_update(XSM_DEFAULT_ARG struct domain *d, struct domain *t,

                                      struct domain *f, uint32_t flags)

 {

- int rc;

+ int rc = 0;

     XSM_ASSERT_ACTION(XSM_TARGET);

- rc = xsm_default_action(action, d, f);

+ if ( f != dom_io )

+ rc = xsm_default_action(action, d, f);

     if ( t && !rc )

         rc = xsm_default_action(action, d, t);

     return rc;

}