From 343014b3095462dbec20efe456cbb945d4844b4e Mon Sep 17 00:00:00 2001
From: Nick Bofferding <bofferdn@us.ibm.com>
Date: Mon, 2 Mar 2015 18:04:05 -0600
Subject: Prevent out-of-order data access to FSP mailbox memory area

- Added system call to map FSP mailbox memory with guard permission
- Call new mapping in DMA area init
- Propagate guard permission down to MMIO map
- Apply guard permission in page fault handler
- Updated debug tools to support extra bit in MMIO struct

Change-Id: I8335ac7d3ef57e46d4c8b6c2b2a42b8a0bf7c4b0
Backport: release-fips830
Backport: release-fips820
CQ: SW295345
Reviewed-on: http://gfw160.aus.stglabs.ibm.com:8080/gerrit/16307
Tested-by: Jenkins Server
Reviewed-by: Brian H. Horton <brianh@linux.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Reviewed-by: A. Patrick Williams III <iawillia@us.ibm.com>
---
 src/kernel/vmmmgr.C | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

(limited to 'src/kernel/vmmmgr.C')

diff --git a/src/kernel/vmmmgr.C b/src/kernel/vmmmgr.C
index 98d752bbb..48675c398 100644
--- a/src/kernel/vmmmgr.C
+++ b/src/kernel/vmmmgr.C
@@ -5,7 +5,9 @@
 /*                                                                        */
 /* OpenPOWER HostBoot Project                                             */
 /*                                                                        */
-/* COPYRIGHT International Business Machines Corp. 2010,2014              */
+/* Contributors Listed Below - COPYRIGHT 2010,2015                        */
+/* [+] International Business Machines Corp.                              */
+/*                                                                        */
 /*                                                                        */
 /* Licensed under the Apache License, Version 2.0 (the "License");        */
 /* you may not use this file except in compliance with the License.       */
@@ -86,10 +88,11 @@ void VmmManager::flushPageTable( void )
     Singleton<VmmManager>::instance()._flushPageTable();
 }
 
-void* VmmManager::devMap(void* ra, uint64_t i_devDataSize, bool i_nonCI)
+void* VmmManager::devMap(void* ra, uint64_t i_devDataSize, bool i_nonCI,
+    bool i_guarded)
 {
     return Singleton<VmmManager>::instance()._devMap(ra, i_devDataSize,
-                                                     i_nonCI);
+                                                     i_nonCI, i_guarded);
 }
 
 int VmmManager::devUnmap(void* ea)
@@ -222,12 +225,13 @@ int VmmManager::_mmExtend(void)
     return rc;
 }
 
-void* VmmManager::_devMap(void* ra, uint64_t i_devDataSize, bool i_nonCI)
+void* VmmManager::_devMap(void* ra, uint64_t i_devDataSize, bool i_nonCI,
+    bool i_guarded)
 {
     void* ea = NULL;
 
     lock.lock();
-    ea = SegmentManager::devMap(ra, i_devDataSize, i_nonCI);
+    ea = SegmentManager::devMap(ra, i_devDataSize, i_nonCI, i_guarded);
     lock.unlock();
 
     return ea;
-- 
cgit v1.2.3