[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [PATCH v2 18/26] xen/domctl: wrap xsm_getdomaininfo() with CONFIG_MGMT_HYPERCALLS

  • To: Jan Beulich <jbeulich@xxxxxxxx>
  • From: "Penny, Zheng" <penny.zheng@xxxxxxx>
  • Date: Fri, 26 Sep 2025 06:57:31 +0000
  • Accept-language: en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=UsWE8zRfk+e3Px7//gF/wZR5IUFDweX/byn1Tiau7Vg=; b=Z9TYKzp2kALYMF8Kyi/bVRPYjGPEFJAIF5eiDXjQPLkpW8isELVQpKt4fyzV5x69N1Hp8XNVtfaGA0ZkvUuwNcoBAguKovMWoTZ8yS40smFwtOPPjx0TXrjFGa1nNDUJZ3kuwfNAPb5GT4VNCKHYI2UsvImN1ZmN2jMW2JWoRGAoCxu11rIr3SyIAPTIYA/ZcnSpbskueR8YLbKnI7BTELFOuLtsZuU74k5Sn2UsP5eZVL51CkeTD6MW02tDkvnDz75ggozWufy+lKrFM4ufAcTZurGwIO4BA5cuh6vBkcHYo22KrQl9eOcQnMRCygtHlNnYt+WYYFDaBaC5nsmuQQ==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=HmrTGq3Y7t8H8tYEs/Y/05HwEBoDwNM4eFj5LitfHikIBtR8Y0/jT+TE8JLOd6A3YW3igzelDjrcjMbDSEF6H3SBP1yvw8593KUudR2jARaGh0NLip9RcOhEwFO7yatLUmDCHZB8tnS3OWW+IZShmB9CIH5jEu9kuqxU3sBMVhPOj+HkVwt4Sf3XTNY5z8ifNxGaT9ae4HofVqZCI6HdGNqzTwh94nMZ90xGry6NO2QWtPxlY/IfhRXC1lWpwA1NVHpP7jQjX8o+s3hKdZu5xilJSsD3wnCGNPto3KkQ8/4Qap9j5zvpkobul5zNGE1jxDvTPNVNwWE2oM2ppHGXzg==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=amd.com;
  • Cc: "Huang, Ray" <Ray.Huang@xxxxxxx>, "Daniel P. Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, "Stabellini, Stefano" <stefano.stabellini@xxxxxxx>, "Andryuk, Jason" <Jason.Andryuk@xxxxxxx>
  • Delivery-date: Fri, 26 Sep 2025 06:57:44 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Msip_labels: MSIP_Label_f265efc6-e181-49d6-80f4-fae95cf838a0_Enabled=True;MSIP_Label_f265efc6-e181-49d6-80f4-fae95cf838a0_SiteId=3dd8961f-e488-4e60-8e11-a82d994e183d;MSIP_Label_f265efc6-e181-49d6-80f4-fae95cf838a0_SetDate=2025-09-26T06:57:24.0000000Z;MSIP_Label_f265efc6-e181-49d6-80f4-fae95cf838a0_Name=Open Source;MSIP_Label_f265efc6-e181-49d6-80f4-fae95cf838a0_ContentBits=3;MSIP_Label_f265efc6-e181-49d6-80f4-fae95cf838a0_Method=Privileged
  • Thread-index: AQHcIiYYEaVyPVCsmkah0K573htVM7SN/BaAgBWuJICAAGLSAIAA6DCQgAAq/ICAAADyQA==
  • Thread-topic: [PATCH v2 18/26] xen/domctl: wrap xsm_getdomaininfo() with CONFIG_MGMT_HYPERCALLS
[Public]

> -----Original Message-----
> From: Jan Beulich <jbeulich@xxxxxxxx>
> Sent: Friday, September 26, 2025 2:53 PM
> To: Penny, Zheng <penny.zheng@xxxxxxx>
> Cc: Huang, Ray <Ray.Huang@xxxxxxx>; Daniel P. Smith
> <dpsmith@xxxxxxxxxxxxxxxxxxxx>; xen-devel@xxxxxxxxxxxxxxxxxxxx; Stabellini,
> Stefano <stefano.stabellini@xxxxxxx>; Andryuk, Jason
> <Jason.Andryuk@xxxxxxx>
> Subject: Re: [PATCH v2 18/26] xen/domctl: wrap xsm_getdomaininfo() with
> CONFIG_MGMT_HYPERCALLS
>
> On 26.09.2025 06:41, Penny, Zheng wrote:
> >> -----Original Message-----
> >> From: Jan Beulich <jbeulich@xxxxxxxx>
> >> Sent: Thursday, September 25, 2025 10:29 PM
> >>
> >> On 25.09.2025 11:41, Penny, Zheng wrote:
> >>>> -----Original Message-----
> >>>> From: Jan Beulich <jbeulich@xxxxxxxx>
> >>>> Sent: Thursday, September 11, 2025 9:30 PM
> >>>>
> >>>> On 10.09.2025 09:38, Penny Zheng wrote:
> >>>>> --- a/xen/include/xsm/xsm.h
> >>>>> +++ b/xen/include/xsm/xsm.h
> >>>>> @@ -55,8 +55,8 @@ struct xsm_ops {
> >>>>>      void (*security_domaininfo)(struct domain *d,
> >>>>>                                  struct xen_domctl_getdomaininfo *info);
> >>>>>      int (*domain_create)(struct domain *d, uint32_t ssidref);
> >>>>> -    int (*getdomaininfo)(struct domain *d);
> >>>>>  #ifdef CONFIG_MGMT_HYPERCALLS
> >>>>> +    int (*getdomaininfo)(struct domain *d);
> >>>>>      int (*domctl_scheduler_op)(struct domain *d, int op);
> >>>>>      int (*sysctl_scheduler_op)(int op);
> >>>>>      int (*set_target)(struct domain *d, struct domain *e); @@
> >>>>> -234,7
> >>>>> +234,11 @@ static inline int xsm_domain_create(
> >>>>>
> >>>>>  static inline int xsm_getdomaininfo(xsm_default_t def, struct
> >>>>> domain
> >>>>> *d)  {
> >>>>> +#ifdef CONFIG_MGMT_HYPERCALLS
> >>>>>      return alternative_call(xsm_ops.getdomaininfo, d);
> >>>>> +#else
> >>>>> +    return -EOPNOTSUPP;
> >>>>> +#endif
> >>>>>  }
> >>>>
> >>>> This is in use by a Xenstore sysctl and a Xenstore domctl. The
> >>>> sysctl is hence already broken with the earlier series. Now the
> >>>> domctl is also being screwed up. I don't think MGMT_HYPERCALLS
> >>>> really ought to extend to any operations available to other than the core
> toolstack.
> >>>> That's the Xenstore ones here, but also the ones used by qemu
> >>>> (whether run in
> >> Dom0 or a stubdom).
> >>>
> >>> Maybe not only limited to the core toolstack. In
> >>> dom0less/hyperlaunched
> >> scenarios, hypercalls are strictly limited. QEMU is also limited to
> >> pvh machine type and with very restricted functionality(, only acting
> >> as a few virtio-pci devices backend). @Andryuk, Jason @Stabellini,
> >> Stefano Am I understanding correctly and thoroughly about our scenario 
> >> here for
> upstream?
> >>> Tracking the codes, if Xenstore is created as a stub domain, it
> >>> requires
> >> getdomaininfo-domctl to acquire related info.  Sorry, I haven't found
> >> how it was called in QEMU...
> >>
> >> It's not "it"; it's different ones. First and foremost I was thinking
> >> of
> >>  * XEN_DOMCTL_ioport_mapping
> >>  * XEN_DOMCTL_memory_mapping
> >>  * XEN_DOMCTL_bind_pt_irq
> >>  * XEN_DOMCTL_unbind_pt_irq
> >> but there may be others (albeit per the dummy xsm_domctl() this is
> >> the full set). As a general criteria, anything using XSM_DM_PRIV
> >> checking can in principle be called by qemu.
> >>
> >
> > Understood.
> > I assume that they are all for device passthrough. We are not accepting 
> > device
> passthrough via core toolstack in dom0less/hyperlaunch-ed scenarios. Jason has
> developed device passthrough through device tree to only accept "static
> configured" passthrough in dom0less/hyperlaunch-ed scenario, while it is still
> internal , it may be the only accept way to do device passthrough in
> dom0less/hyperlaunch-ed scenario.
>
> Right, but no matter what your goals, the upstream contributions need to be 
> self-
> consistent. I.e. not (risk to) break other functionality. (Really the four 
> domctl-s
> mentioned above might better have been put elsewhere, e.g. as dm-ops. Moving
> them may be an option here.)

Understood.
I'll move them all to the dm-ops

>
> Jan

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.