On 04/05/2020 17:31, Roger Pau Monne wrote: > PVHv1 dom0 was given access to all PHYSDEVOP hypercalls, and such > restriction was not removed when PVHv1 code was removed. As a result > the switch in hvm_physdev_op was more complicated than required, and > relied on PVHv2 dom0 not having PIRQ support in order to prevent > access to some PV specific PHYSDEVOPs. > > Fix this by moving the default case to the bottom of the switch, since > there's no need for any fall through now. Also remove the hardware > domain check, as all the not explicitly listed PHYSDEVOPs are > forbidden for HVM domains. > > Finally tighten the condition to allow usage of > PHYSDEVOP_pci_mmcfg_reserved: apart from having vPCI enabled it should > only be used by the hardware domain. Note that the code in > do_physdev_op is already restricting the call to privileged domains > only, but it can be further restricted to the hardware domain only, as > other privileged domains don't have access to MMCFG regions anyway. > > Overall no functional change should arise from this change. > > Reported-by: Julien Grall <[email protected]> > Signed-off-by: Roger Pau Monné <[email protected]>
Acked-by: Andrew Cooper <[email protected]>
