[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [RFC PATCH] xen/kconfig: allow LATE_HWDOM config for ARM

  • To: Julien Grall <julien@xxxxxxx>, Sergiy Kibrik <sergiy_kibrik@xxxxxxxx>, <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: Jason Andryuk <jason.andryuk@xxxxxxx>
  • Date: Thu, 2 Jan 2025 11:49:38 -0500
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=xen.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0)
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=lfGjee9kPrFZtrE6ncOKqMxGcUHSneHAi3J0TWa9F4A=; b=w96Nu1Aqxd6iF4GX/qtOBeqAxhQQyB1yEhGkxKsp5tSL3VH7mfX3kM25qixvSIB1ias868iCzGg7iRGeL0ZG2z9vNuhHYUFcKDp4NNKmfVWuP3i29MPnQhXCZzfp436rbOPx/CGdZ5cBNz/YkCdgQjjOgSSULq305rhipp9KZAfc2NBY5SevTPt1k21eXblxK/ddopipNmwyivkz0R0HS6+4i/v2VaCBlmH0Xu1OzHIUqUR/JEGZ4WnLVyH4EBURUv6xTMkjrlCvBIN54vxKUhklL//NZzSV6AMoA3Q9WCDbACYwE/y0Q2fYzIxZsQw4YhkzQUX6UMNqevaQzLFpzA==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=PKMSFT9ayQ8iRmwM9IiWe5J1rgcMOOfKPMB5/zLICI1JK/2135p/NC+ZPNfW5LVtWYdqWHwAlgbr3iWUwHaf5tP996kl1vTXmy0qug6GQc60GvKU2EKGuIa6Tj7KP9/bBoKRNB7hJiu9ZfJFJ1mnlBUFZJO7Ee0q0+FxHD8IdR58Cs1Qhl+Ewt4pV5McJvEDGHd5Sx8l8/p6t/C0/K1271Krs6JM6EOgkzHvPzXEgQgzGUVobh72Ha0d6wRPTf86fbfVz4efa8WHSHg+VsSzRQYRe8ZRSBGWTqswcgLjOTsiRJt1VxVu6xifZbxpwyto/EN+k+c/7V1/4PWRbwTQtA==
  • Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, "Daniel P. Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Thu, 02 Jan 2025 16:50:00 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 2024-12-24 08:54, Julien Grall wrote:

Hi,

Replying your last two replies in the same thread.


On 24/12/2024 03:41, Sergiy Kibrik wrote:

18.12.24 12:05, Julien Grall:


 > yes, I had to assign devices to hardware domain manually.
I think it would be easier for the user to say "This is my hardware domain" and let Xen assign all the devices, generate the device-tree & co. 


On 17/12/2024 11:47, Sergiy Kibrik wrote:
Allow to build ARM configuration with support for initializing hardware domain. On ARM it is only possible to start hardware domain in multiboot mode, so dom0less support is required. This is reflected by dependency on DOM0LESS_BOOT 
instead of directly depending on ARM config option.
I am a bit confused with the explanation. We already have an hardware domain on Arm. It is dom0. So what are you trying to achieve? Is this remove some permissions from the hardware domain? 

I agree, it should have better description.
This is to split dom0 permissions into control-only and hardware- only domains, much like it can be done in x86.
I don't believe you need the late_hwdom feature to do that on Arm. In the case of dom0less, you are creating the domains at boot, so at the point you can decide who does what.
I'm not sure which mechanism to use for this. Can it be done by XSM policy management?
For hyperlaunch, Christopher and Daniel proposed to specify the domain permissions (e.g. control domain, hardware domain) in the device-tree. I think we could re-use a similar approach. See docs/designs/launch/ hyperlaunch-devicetree.rst for more details. 

This document is not in sync with Dan's latest work ...
Indeed, in my case it works only because there's single domain description in DT. If there're many domains in DT, we can't be sure which domain ID each of them would receive at boot, right?
Correct. We don't (and should not) make any guarantee on the ordering. If the domid matters, then we would need to introduce a new property specifying the domain. 

... a more up to date one is here (though it could still change):
https://gitlab.com/xen-project/people/dpsmith/xen/-/commit/4387d0cdc9e0c667a764043fd1474687ee626fca

It includes:

"""
domid
::

  Identifies the domid requested to assign to the domain, Optional.

  Value is an integer.

capabilities
::
This identifies what system capabilities a domain will fulfill. Optional, with the default being none. 

  Value is a bit field, currently defined bits are:
    1 - Control domain
    2 - Hardware domain
    3 - Xenstore domain
.. note:: All three bits must be set to have a domain function as a traditional dom0. If no domain has the Xenstore domain bit set, then none of the domains constructed will have a Xenstore event channel and ring buffer allocated. The domain with the Hardware domain bit set will be the domain that all domains constructed will have their console event channel as the destination domain. 
"""
These are not parsed by Xen's dom0less code, but they seem straightforward to implement and would provide the needed configuration. 

Hmmm, looking at the text, the bits are wrong.  The code uses:
#define BUILD_CAPS_NONE          (0)
#define BUILD_CAPS_CONTROL       (1 << 0)
#define BUILD_CAPS_HARDWARE      (1 << 1)
#define BUILD_CAPS_XENSTORE      (1 << 2)

Regards,
Jason

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.