WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-devel] [PATCH] add privileged/unprivileged kernel feature indic

from [Ian Campbell] [Permanent Link][Original]
To: Jan Beulich <JBeulich@xxxxxxxxxx>
Subject: Re: [Xen-devel] [PATCH] add privileged/unprivileged kernel feature indication
From: Ian Campbell <Ian.Campbell@xxxxxxxxxx>
Date: Tue, 5 Jul 2011 14:55:59 +0100
Cc: "xen-devel@xxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxx>
Delivery-date: Tue, 05 Jul 2011 06:56:29 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <4E132450020000780004C297@xxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Organization: Citrix Systems, Inc.
References: <4E132450020000780004C297@xxxxxxxxxxxxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx 
On Tue, 2011-07-05 at 13:48 +0100, Jan Beulich wrote:
> With our switching away from supporting 32-bit Dom0 operation, users
> complained that attempts (perhaps due to lack of knowledge of that
> change) to boot the no longer privileged kernel in Dom0 resulted in
> apparently silent failure. To make the mismatch explicit and visible,
> add feature flags that the kernel can set to indicate operation in
> what modes it supports. For backward compatibility, absence of both
> feature flags is taken to indicate a kernel that may be capable of
> operating in both modes.

While I agree that this is a useful change I think you should also try
and ensure that your bootloader configuration tool tries not to add
invalid combinations to the configuration. For example grub2's
"update-grub" command checks for CONFIG_XEN_PRIVILEGED_GUEST=y before
creating a dom0 style entry. IIRC grub1 did the same (although that may
have been Debian specific).

Ian.

> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxxxx>
> 
> --- a/tools/libxc/xc_dom_elfloader.c
> +++ b/tools/libxc/xc_dom_elfloader.c
> @@ -286,6 +286,15 @@ static int xc_dom_parse_elf_kernel(struc
>      if ( (rc = elf_xen_parse(elf, &dom->parms)) != 0 )
>          return rc;
>  
> +    if ( elf_xen_feature_get(XENFEAT_privileged, dom->parms.f_required) ||
> +         (elf_xen_feature_get(XENFEAT_privileged, dom->parms.f_supported) &&
> +          !elf_xen_feature_get(XENFEAT_unprivileged, 
> dom->parms.f_supported)) )
> +    {
> +        xc_dom_panic(dom->xch, XC_INVALID_KERNEL, "%s: Kernel does not"
> +                     " support unprivileged (DomU) operation", __FUNCTION__);
> +        return -EINVAL;
> +    }
> +
>      /* find kernel segment */
>      dom->kernel_seg.vstart = dom->parms.virt_kstart;
>      dom->kernel_seg.vend   = dom->parms.virt_kend;
> --- a/xen/arch/ia64/xen/domain.c
> +++ b/xen/arch/ia64/xen/domain.c
> @@ -2164,6 +2164,14 @@ int __init construct_dom0(struct domain 
>               return -1;
>       }
>  
> +     if (test_bit(XENFEAT_unprivileged, parms.f_required) ||
> +         (test_bit(XENFEAT_unprivileged, parms.f_supported) &&
> +          !test_bit(XENFEAT_privileged, parms.f_supported)))
> +     {
> +             printk("Kernel does not support Dom0 operation\n");
> +             return -1;
> +     }
> +
>       p_start = parms.virt_base;
>       pkern_start = parms.virt_kstart;
>       pkern_end = parms.virt_kend;
> --- a/xen/arch/x86/domain_build.c
> +++ b/xen/arch/x86/domain_build.c
> @@ -415,6 +415,14 @@ int __init construct_dom0(
>          return -EINVAL;
>      }
>  
> +    if ( test_bit(XENFEAT_unprivileged, parms.f_required) ||
> +         (test_bit(XENFEAT_unprivileged, parms.f_supported) &&
> +          !test_bit(XENFEAT_privileged, parms.f_supported)) )
> +    {
> +        printk("Kernel does not support Dom0 operation\n");
> +        return -EINVAL;
> +    }
> +
>  #if defined(__x86_64__)
>      if ( compat32 )
>      {
> --- a/xen/common/kernel.c
> +++ b/xen/common/kernel.c
> @@ -278,7 +278,8 @@ DO(xen_version)(int cmd, XEN_GUEST_HANDL
>          switch ( fi.submap_idx )
>          {
>          case 0:
> -            fi.submap = 0;
> +            fi.submap = 1U << (IS_PRIV(current->domain) ?
> +                               XENFEAT_privileged : XENFEAT_unprivileged);
>              if ( VM_ASSIST(d, VMASST_TYPE_pae_extended_cr3) )
>                  fi.submap |= (1U << XENFEAT_pae_pgdir_above_4gb);
>              if ( paging_mode_translate(current->domain) )
> --- a/xen/common/libelf/libelf-dominfo.c
> +++ b/xen/common/libelf/libelf-dominfo.c
> @@ -26,7 +26,9 @@ static const char *const elf_xen_feature
>      [XENFEAT_writable_descriptor_tables] = "writable_descriptor_tables",
>      [XENFEAT_auto_translated_physmap] = "auto_translated_physmap",
>      [XENFEAT_supervisor_mode_kernel] = "supervisor_mode_kernel",
> -    [XENFEAT_pae_pgdir_above_4gb] = "pae_pgdir_above_4gb"
> +    [XENFEAT_pae_pgdir_above_4gb] = "pae_pgdir_above_4gb",
> +    [XENFEAT_privileged] = "privileged",
> +    [XENFEAT_unprivileged] = "unprivileged"
>  };
>  static const int elf_xen_features =
>  sizeof(elf_xen_feature_names) / sizeof(elf_xen_feature_names[0]);
> --- a/xen/include/public/features.h
> +++ b/xen/include/public/features.h
> @@ -75,7 +75,13 @@
>  #define XENFEAT_hvm_safe_pvclock           9
>  
>  /* x86: pirq can be used by HVM guests */
> -#define XENFEAT_hvm_pirqs           10
> +#define XENFEAT_hvm_pirqs                 10
> +
> +/* privileged operation is supported */
> +#define XENFEAT_privileged                11
> +
> +/* un-privileged operation is supported */
> +#define XENFEAT_unprivileged              12
>  
>  #define XENFEAT_NR_SUBMAPS 1
>  
> 
> 



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-devel] Xen4.1.0 and Fedora15 Block device bug?, Konrad Rzeszutek Wilk
Next by Date:  [Xen-devel] Re: [PATCH] Modpost section mismatch fix, Konrad Rzeszutek Wilk
Previous by Thread:  Re: [Xen-devel] [PATCH] add privileged/unprivileged kernel feature indication, Jan Beulich
Next by Thread:  Re: [Xen-devel] [PATCH] add privileged/unprivileged kernel feature indication, Jan Beulich
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy