Xen project Mailing List

[RFC PATCH v6 10/43] altp2m: Add ARM support to do_altp2m_op

From: Rose Spangler <Rose.Spangler@xxxxxxxxxxxxxx>

Date: Mon, 20 Apr 2026 17:31:33 -0400

Arc-authentication-results: i=2; mx.microsoft.com 1; spf=pass (sender ip is 40.93.12.1) smtp.rcpttodomain=amd.com smtp.mailfrom=elektrobit.com; dmarc=pass (p=quarantine sp=none pct=100) action=none header.from=elektrobit.com; dkim=pass (signature was verified) header.d=elektrobit.com; arc=pass (0 oda=1 ltdi=1 spf=[1,1,smtp.mailfrom=elektrobit.com] dmarc=[1,1,header.from=elektrobit.com])

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 213.95.148.172) smtp.rcpttodomain=lists.xenproject.org smtp.mailfrom=elektrobit.com; dmarc=pass (p=quarantine sp=none pct=100) action=none header.from=elektrobit.com; dkim=none (message not signed); arc=none (0)

Arc-message-signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=920CLmPnDOg9eeLN7pE/1x+mVKc67Ab1k7o15fr+MnY=; b=rDVlNmxozvjcFfzGiXWOEg03MQx+FxFYFO75js8+YfzYRkHBKr/BOva6mu1LoI34ELpP/xHpx0Ze/SOL9rVe8PqXw7W1gNsKlt9BlbfZ4+Kp+xmXZ2VMWX2iKV0/IW36HgrpMTSB1UV9clbzb7VdlUyBRWE3ucPnIpSQ9jcaXUhVZMeGfrN3ldsNDliXm2g/bCwsWrJBv7Hbc4S6CDfZQUXmC1jn6P8vdq0DVGTy8n+VgAzJZj0C7LTy9NahJLPopILv2+nwEu7eCe0DkN9EmTiszn0/eRVIPQqxAhfeaaRaFvduSOa+rYlIeDuJ/L269mFi/qM/FnsmWnLxgEF5og==

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=920CLmPnDOg9eeLN7pE/1x+mVKc67Ab1k7o15fr+MnY=; b=I+6212nDc5/GMI4iMb3rV/S7kelOltMzLg578Z8GTp/zZdMmE7NikHzWJfeiY0zvW5pmQqZL6z5uoV7CMnYQ2JA8/H7cVMl6bTITTvjZMBWS7l/MpP5J9ZjuiR3/cDDlW+ztVujwoeSvijuOIQQ22uaO9l7IND3scNxWLddUTXcy/TeVUudNNDyBff8A4nzQAChPZiVi3P58w48S2/rZG2YEeAnyZJD1d1mRzVffvmOJy3GgQhjnEnbrXMpfRND6t5eaGgL1IfyBHrH4AWv4WQSqyLCjmL2O48kK+diX7ghufWFyy+iYPzLODiJOcU6OaviBsRtZfN5PfJ8Y5foAKQ==

Arc-seal: i=2; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=pass; b=m9eGN9MfZY4jzJW/Q1ya/Nqo4V+fD3/3Psh6avzXkYjiduiAHjKwQpk0CDBDKvf41uGrHUPEdMe6Af7BRG5e+Z6m4xdmzIE7MaBq6gyjtjPQz0nzQi4XOX5HAPhlCQi8mx+AjVyU34iV05BbKQb5XiQE2afPjD2oRpeAz7fzhdOXhCpJZMTooWUJUvakMoYZff9Br8ZReZU2M3E9XI+Qgll6Faxut1as9FK/GN9xnCXfDTApxdtUbRRwiTVbwcgRgl388lNugsbeFeWzM7M4MVBrTjlFpoevaD6BTqUqJFbOkf7YR0S1+BUEQPci0Zr6APTfewW+jUD/+sH+ekW49w==

Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=cFEGWW0wI9qQpB06cFpDqlShSGVnu2fRPELpc2L0ydiaTYkUHL2P5l9VY6xo37qlGMLIbPKyoNLpQw9R5j0U8Le/7EhTQRPlXtgsdldehssu7jBXm6z+DturYKUh0o4aA37DOke1nhoXMe6sCOtx6m5sAyofn9lL3Jiy/YK2zumoaeApdcJs4c9QzVdKOtf/8RgSRfmFvCMI6ADI/cm9627VBBcERFL4C1jzdd5WGOsyRXDi6X+AXAVWFYWX6zaULK2XBOJf3rmyAaLMjMugA1khvzIRY4zZh918GNaaMRYRQQlvh/Il7WoWgSCJTmDRNQ+9N6eAzPnnSq4L0Vylqg==

Authentication-results: eu.smtp.expurgate.cloud; dkim=pass header.s=selector1 header.d=elektrobit.com header.i="@elektrobit.com" header.h="From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck"; dkim=pass header.s=selector1 header.d=elektrobit.com header.i="@elektrobit.com" header.h="From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck"

Cc: Rose Spangler <Rose.Spangler@xxxxxxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Bertrand Marquis <bertrand.marquis@xxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, "Volodymyr Babchuk" <Volodymyr_Babchuk@xxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>, "Jan Beulich" <jbeulich@xxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Sergej Proskurin <proskurin@xxxxxxxxxxxxx>

Delivery-date: Mon, 20 Apr 2026 21:33:01 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

This commit makes the minimum required changes necessary for do_altp2m_op to compile on ARM. All altp2m commands in the switch statement are gated by CONFIG_X86, with a default case of returning EOPNOTSUPP. This allows future commits to move the #ifdef CONFIG_X86 down as support for ARM is added. Additionally, a call to do_altp2m_op is added in the ARM HVMOP code. This is commit 2/2 of the common do_altp2m_op phase. Signed-off-by: Rose Spangler <Rose.Spangler@xxxxxxxxxxxxxx> Signed-off-by: Sergej Proskurin <proskurin@xxxxxxxxxxxxx> --- v6: Replaced patches 2 and 3 from v4/v5 patch set with this patch. Made HVM_PARAM_ALTP2M read-only, following the change to the x86 implementation in commit 0291089f6ea8. The DOMCTL to enable altp2m on ARM is implemented in a later commit in this patch series. --- xen/arch/arm/hvm.c | 9 +++++++++ xen/common/altp2m.c | 29 ++++++++++++++--------------- 2 files changed, 23 insertions(+), 15 deletions(-) diff --git a/xen/arch/arm/hvm.c b/xen/arch/arm/hvm.c index 86e49bf47403..7c778795a280 100644 --- a/xen/arch/arm/hvm.c +++ b/xen/arch/arm/hvm.c @@ -5,6 +5,7 @@ * Arch-specific hardware virtual machine abstractions. */ +#include <xen/altp2m.h> #include <xen/init.h> #include <xen/lib.h> #include <xen/errno.h> @@ -23,6 +24,10 @@ static int hvm_allow_set_param(const struct domain *d, unsigned int param) { switch ( param ) { + /* The following parameters are read-only. */ + case HVM_PARAM_ALTP2M: + return -EEXIST; + /* * The following parameters are intended for toolstack usage only. * They may not be set by the domain. @@ -123,6 +128,10 @@ long do_hvm_op(unsigned long op, XEN_GUEST_HANDLE_PARAM(void) arg) rc = -EINVAL; break; + case HVMOP_altp2m: + rc = do_altp2m_op(arg); + break; + default: { gdprintk(XENLOG_DEBUG, "HVMOP op=%lu: not implemented\n", op); diff --git a/xen/common/altp2m.c b/xen/common/altp2m.c index a43b3a3e34b3..6481fae1ed12 100644 --- a/xen/common/altp2m.c +++ b/xen/common/altp2m.c @@ -9,8 +9,10 @@ #include <xsm/xsm.h> -#ifdef CONFIG_X86 +#if defined(CONFIG_X86) && defined(CONFIG_HVM) #include <asm/hvm/nestedhvm.h> +#endif + /* * altp2m operations are envisioned as being used in several different * modes: @@ -18,13 +20,13 @@ * - external: All control and decisions are made by an external agent * running domain 0. * - * - internal: altp2m operations are used exclusively by an in-guest - * agent to protect itself from the guest kernel and in-guest - * attackers. + * - internal (x86 only): altp2m operations are used exclusively by an + * in-guest agent to protect itself from the guest kernel and + * in-guest attackers. * - * - coordinated: An in-guest agent handles #VE and VMFUNCs locally, - * but makes requests of an agent running outside the domain for - * bigger changes (such as modifying altp2m entires). + * - coordinated (x86 only): An in-guest agent handles #VE and VMFUNCs + * locally, but makes requests of an agent running outside the + * domain for bigger changes (such as modifying altp2m entires). * * This corresponds to the three values for HVM_PARAM_ALTP2M * (external, mixed, limited). All three models have advantages and @@ -97,7 +99,7 @@ int do_altp2m_op( if ( (a.cmd != HVMOP_altp2m_get_domain_state) && (a.cmd != HVMOP_altp2m_set_domain_state) && - !d->altp2m_active ) + !altp2m_active(d) ) { rc = -EOPNOTSUPP; goto out; @@ -122,6 +124,7 @@ int do_altp2m_op( switch ( a.cmd ) { +#ifdef CONFIG_X86 case HVMOP_altp2m_get_domain_state: a.u.domain_state.state = altp2m_active(d); rc = __copy_to_guest(arg, &a, 1) ? -EFAULT : 0; @@ -394,9 +397,12 @@ int do_altp2m_op( rc = altp2m_set_view_visibility(d, idx, a.u.set_visibility.visible); break; } +#endif /* CONFIG_X86 */ default: +#ifdef CONFIG_X86 ASSERT_UNREACHABLE(); +#endif rc = -EOPNOTSUPP; break; } @@ -406,13 +412,6 @@ int do_altp2m_op( return rc; } -#else -int do_altp2m_op( - XEN_GUEST_HANDLE_PARAM(void) arg) -{ - return -EOPNOTSUPP; -} -#endif /* * Local variables: -- 2.34.1

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.