From patchwork Thu Oct 11 13:27:01 2012 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Avi Kivity X-Patchwork-Id: 190913 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by ozlabs.org (Postfix) with ESMTPS id BFBA82C0084 for ; Fri, 12 Oct 2012 00:58:24 +1100 (EST) Received: from localhost ([::1]:54575 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1TMIoe-0001ko-Gr for incoming@patchwork.ozlabs.org; Thu, 11 Oct 2012 09:28:44 -0400 Received: from eggs.gnu.org ([208.118.235.92]:34876) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1TMInW-00073Y-DL for qemu-devel@nongnu.org; Thu, 11 Oct 2012 09:27:44 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1TMInQ-0008Td-8k for qemu-devel@nongnu.org; Thu, 11 Oct 2012 09:27:34 -0400 Received: from mx1.redhat.com ([209.132.183.28]:4730) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1TMInQ-0008TZ-08 for qemu-devel@nongnu.org; Thu, 11 Oct 2012 09:27:28 -0400 Received: from int-mx11.intmail.prod.int.phx2.redhat.com (int-mx11.intmail.prod.int.phx2.redhat.com [10.5.11.24]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id q9BDRPQe024072 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 11 Oct 2012 09:27:25 -0400 Received: from s01.tlv.redhat.com (s01.tlv.redhat.com [10.35.255.8]) by int-mx11.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id q9BDR72q003602; Thu, 11 Oct 2012 09:27:23 -0400 From: Avi Kivity To: qemu-devel@nongnu.org, Blue Swirl , Anthony Liguori , "Michael S. Tsirkin" , Alex Williamson , liu ping fan , Paolo Bonzini Date: Thu, 11 Oct 2012 15:27:01 +0200 Message-Id: <1349962023-560-6-git-send-email-avi@redhat.com> In-Reply-To: <1349962023-560-1-git-send-email-avi@redhat.com> References: <1349962023-560-1-git-send-email-avi@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.24 X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [RFC v1 5/7] i440fx: add an iommu X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org This iommu encrypts addresses on the device bus to avoid divuling information to hackers equipped with bus analyzers. Following 3DES, addresses are encrypted multiple times. A XOR cypher is employed for efficiency. Signed-off-by: Avi Kivity --- hw/piix_pci.c | 74 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 74 insertions(+) diff --git a/hw/piix_pci.c b/hw/piix_pci.c index 537fc19..33c2587 100644 --- a/hw/piix_pci.c +++ b/hw/piix_pci.c @@ -30,6 +30,7 @@ #include "sysbus.h" #include "range.h" #include "xen.h" +#include "exec-memory.h" /* * I440FX chipset data sheet. @@ -252,6 +253,78 @@ static int i440fx_initfn(PCIDevice *dev) return 0; } +typedef struct SillyIOMMU SillyIOMMU; + +struct SillyIOMMU { + MemoryRegion l1; + MemoryRegion l2; + target_phys_addr_t mask; + target_phys_addr_t secret; +}; + +static IOMMUTLBEntry silly_l1_translate(MemoryRegion *l1, target_phys_addr_t addr, + bool is_write) +{ + SillyIOMMU *s = container_of(l1, SillyIOMMU, l1); + target_phys_addr_t xlat = addr ^ s->secret; + + printf("l1: %" TARGET_PRIxPHYS " -> %" TARGET_PRIxPHYS "\n", addr, xlat); + + return (IOMMUTLBEntry) { + .device_addr = addr & ~s->mask, + .translated_addr = xlat & ~s->mask, + .addr_mask = s->mask, + .valid = true, + }; +} + +static MemoryRegionIOMMUOps silly_l1_iommu_ops = { + .translate = silly_l1_translate, +}; + +static IOMMUTLBEntry silly_l2_translate(MemoryRegion *l2, target_phys_addr_t addr, + bool is_write) +{ + SillyIOMMU *s = container_of(l2, SillyIOMMU, l2); + target_phys_addr_t xlat = addr ^ s->secret; + + printf("l2: %" TARGET_PRIxPHYS " -> %" TARGET_PRIxPHYS "\n", addr, xlat); + + return (IOMMUTLBEntry) { + .device_addr = addr & ~s->mask, + .translated_addr = xlat & ~s->mask, + .addr_mask = s->mask, + .valid = true, + }; +} + +static MemoryRegionIOMMUOps silly_l2_iommu_ops = { + .translate = silly_l2_translate, +}; + +static MemoryRegion *silly_iommu_new(PCIBus *bus, void *opaque, int devfn) +{ + SillyIOMMU *s = g_new(SillyIOMMU, 1); + MemoryRegion *sysmem = get_system_memory(); + + s->mask = (0x1000 << (devfn >> 3)) - 1; + s->secret = (((devfn << 24) | 0x00aabbccdd) & ~s->mask) * (devfn >= 3 * 8); + memory_region_init_iommu(&s->l2, &silly_l2_iommu_ops, sysmem, "silly-l2", INT64_MAX); + memory_region_init_iommu(&s->l1, &silly_l1_iommu_ops, &s->l2, "silly-l1", INT64_MAX); + return &s->l1; +} + +static void silly_iommu_del(MemoryRegion *l1) +{ + SillyIOMMU *s = container_of(l1, SillyIOMMU, l1); + + memory_region_del_subregion(&s->l2, get_system_memory()); + memory_region_del_subregion(&s->l1, &s->l2); + memory_region_destroy(&s->l2); + memory_region_destroy(&s->l1); + g_free(s); +} + static PCIBus *i440fx_common_init(const char *device_name, PCII440FXState **pi440fx_state, int *piix3_devfn, @@ -278,6 +351,7 @@ static PCIBus *i440fx_common_init(const char *device_name, s->address_space = address_space_mem; b = pci_bus_new(dev, NULL, pci_address_space, address_space_io, 0); + pci_setup_iommu(b, silly_iommu_new, silly_iommu_del, NULL); s->bus = b; object_property_add_child(qdev_get_machine(), "i440fx", OBJECT(dev), NULL); qdev_init_nofail(dev);