[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [XEN PATCH v1] arm: introduce kconfig options to disable hypercalls
- To: Jan Beulich <jbeulich@xxxxxxxx>
- From: Sergiy Kibrik <sergiy_kibrik@xxxxxxxx>
- Date: Wed, 18 Dec 2024 11:04:43 +0200
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=epam.com; dmarc=pass action=none header.from=epam.com; dkim=pass header.d=epam.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=joj87V4dVBXCPzIgqm8KkspSGXIaqaxBIO9gnzwpP2A=; b=p421KYIr44nUGqOpOZPyOCuvk1LKvSBHnhhGVb010c26PC9mP5PhyeYShERQ5AwR3ooIBeUyAk13YOL30TP+5rgnw39105DGeRm+Bw14OwqP3M8pCSu3qHzo/ZvPnpyhDmETG9i89vzvGn8rhsxjlWbyUS08otPeOqHCHOjAjwum7wa/jU5Ed3FpxMCRRARJLXY4Lmg58LG4tTWYVWtmy0lqCZZqELuuDXWP0s6lSZf8hgFtNajSj4gWJvZnHgRX89VqlzZnNywefNvEIfMoOVLxZY+duMtD8PSEhnsi+wrV/swzm7M8VlTGF4hGibcCCp08vDjUlTPQbnUGtLZomQ==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=CxqLOaWRt4Z3dLzjIX16zByUcSBt7/4f2jQX4pd0lx4J4JnJCWL3ufgFAxMyTY67r/mAddXab0tcDo7TXz0uq1Pr280WzUepOMB3d9taBU3pWQuvkbRLlNvD5T5THlDxD3RigLR0iinNNeD4u9ACr5uVYiH4ztjz6SpCEL2xrgQRO0c4F+FGOT1G2FW+gWnXscBIV3YP7A7NrAEHuVlT1Z+hQGr5H6ksJDaOqccGYIzyM7mLvLdTpcznz6PdvMnY0XBrsBC95CByRVNuNtbSmF/p+JLxZ4bHFJXvBZbY39cwSojHDY3j7xRio5wASo4IO0HiTBdhriZpFKxLa740+A==
- Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=epam.com;
- Cc: Stefano Stabellini <stefano.stabellini@xxxxxxx>, Julien Grall <julien@xxxxxxx>, Bertrand Marquis <bertrand.marquis@xxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
- Delivery-date: Wed, 18 Dec 2024 09:05:00 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
17.12.24 15:00, Jan Beulich:
On 16.12.2024 12:43, Sergiy Kibrik wrote:
--- a/xen/common/Kconfig
+++ b/xen/common/Kconfig
@@ -516,4 +516,31 @@ config TRACEBUFFER
to be collected at run time for debugging or performance analysis.
Memory and execution overhead when not active is minimal.
+menu "Supported hypercall interfaces"
+ visible if DOM0LESS_BOOT && EXPERT
+
+config SYSCTL
+ bool "Enable sysctl hypercall"
+ default y
+
+config DOMCTL
+ bool "Enable domctl hypercalls"
+ default y
+
+config HVM_OP
+ bool "Enable HVM hypercalls"
+ depends on HVM
+ default y
+
+config PLATFORM_HYP
+ bool "Enable platform hypercalls"
+ depends on !PV_SHIM_EXCLUSIVE
Any reason you don't do the shim related conversion also for domctl and
sysctl?
you're right, I'll do it in v2
Much like you have HVM_OP, may I suggest PLATFORM_OP here and ...
+ default y
+
+config PHYSDEVOP
+ bool "Enable physdev hypercall"
+ default y
... PHYSDEV_OP here?
yes, sure
--- a/xen/common/domain.c
+++ b/xen/common/domain.c
@@ -1053,7 +1053,9 @@ int domain_kill(struct domain *d)
d->is_dying = DOMDYING_dying;
rspin_barrier(&d->domain_lock);
argo_destroy(d);
+#ifdef CONFIG_DOMCTL
vnuma_destroy(d->vnuma);
+#endif
There is a stub already for this, just that right now it's shim-specific.
>> --- a/xen/include/hypercall-defs.c
+++ b/xen/include/hypercall-defs.c
@@ -234,7 +234,7 @@ stack_switch do:2 do:2 -
- -
set_callbacks compat do - - -
fpu_taskswitch do do - - -
sched_op_compat do do - - dep
-#ifndef CONFIG_PV_SHIM_EXCLUSIVE
+#if defined(CONFIG_PLATFORM_HYP)
Nit: Why not #ifdef, like it was, and like you have it ...
@@ -247,7 +247,9 @@ set_timer_op compat do compat
do -
event_channel_op_compat do do - - dep
xen_version do do do do do
console_io do do do do do
+#ifdef CONFIG_PHYSDEV
physdev_op_compat compat do - - dep
+#endif
#if defined(CONFIG_GRANT_TABLE)
grant_table_op compat do hvm hvm do
#elif defined(CONFIG_PV_SHIM)
@@ -269,14 +271,20 @@ callback_op compat do -
- -
xenoprof_op compat do - - -
#endif
event_channel_op do do do:1 do:1 do:1
+#ifdef CONFIG_PHYSDEVOP
physdev_op compat do hvm hvm do_arm
-#ifdef CONFIG_HVM
+#endif
+#ifdef CONFIG_HVM_OP
hvm_op do do do do do
#endif
#ifndef CONFIG_PV_SHIM_EXCLUSIVE
+#ifdef CONFIG_SYSCTL
sysctl do do do do do
+#endif
+#ifdef CONFIG_DOMCTL
domctl do do do do do
#endif
+#endif
#ifdef CONFIG_KEXEC
kexec_op compat do - - -
#endif
@@ -293,7 +301,9 @@ hypfs_op do do do
do do
#endif
mca do do - - -
#ifndef CONFIG_PV_SHIM_EXCLUSIVE
+#ifdef CONFIG_DOMCTL
paging_domctl_cont do do do do -
#endif
+#endif
... everywhere else?
yes, will fix that
--- a/xen/include/xen/hypercall.h
+++ b/xen/include/xen/hypercall.h
@@ -24,6 +24,18 @@
/* Needs to be after asm/hypercall.h. */
#include <xen/hypercall-defs.h>
+#if !defined(CONFIG_DOMCTL) && !defined(CONFIG_DOM0LESS_BOOT)
+#error "domctl and dom0less can't be disabled simultaneously"
+#endif
+
+#if !defined(CONFIG_PHYSDEVOP) && !defined(CONFIG_DOM0LESS_BOOT)
+#error "physdevop and dom0less can't be disabled simultaneously"
+#endif
+
+#if !defined(CONFIG_SYSCTL) && !defined(CONFIG_DOM0LESS_BOOT)
+#error "sysctl and dom0less can't be disabled simultaneously"
+#endif
I'm puzzled by this: It covers only 3 of the 5, and it really only
re-checks what Kconfig already enforces.
At some point I wasn't sure that kconfig will enforce this, because
somehow I made kconfig produce configuration with both DOMCTL &
DOM0LESS_BOOT being off. Anyway I can't reproduce it now, so will drop
these checks in v2.
-Sergiy
|
