Xen project Mailing List

[PATCH 06/23] xen/domctl: Expose privileged and hardware capabilities

From: Jason Andryuk <jason.andryuk@xxxxxxx>

Date: Thu, 6 Mar 2025 17:03:26 -0500

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=lists.xenproject.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0)

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=gxRTK5sPthCjce7F1tIG5rxl4Y3DZmkzwFsUXndn8/c=; b=n3zxn8/UkaQ0WSdgCx4GfmlgF1oCDQISXhLiBA+BxIgK1EZQvps8Lu2lPyM/ByRyXp2rTT7UvEcVs8qbEj7kaTnuPTcqH37rfCt5o66zoG6RbYaansvayXmSUnFe+komby/4RHmyCvGclhaUbSJKCAdrO4SatrLXjAwMPa/2kNgiij0Kdl0qzm/o6MKrJJi0/szk0hkKfbVtBhue5Hfm4XTp3uPwj2Ua7TUp1FGWXBWHHfe76fG0F+hIwjfYjTxcotMipI+eWEY4GDWONjnGEBbjsJNplWOcpJo6qm3itxEWrqUyEybuUr902XetyhPbEbXQ8VMS5LzIYNv4pnGKew==

Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=jCdpWR6pP4yjaOBZgGwDtmjnJPrwj/1WPNQTOYRUvNuSXKxdXjs/I8SStc3S5i3f2JuSOgAq/+tOE3HMZpei3RLxufvBB2LzT4S/YczS0ZmFCHx2y5eWpuiyl4oZpk7jA8xflRKLAkpQmjAO2gtNA0GDo1v+sdWB3cttiW0ybVAB725E1aMqY+lKhTrTAvLamHFfD09Pe1SDF+nmy8eCuVCY/KOcSdCBFxn7trVcD3y/r4prFXANux+6kFgbJrSyDFA6jcAEO/ujhvYpcz2WAmv6t6g1f43HbaegW7coX0rkdo/KDYiDQrPPJ5KVkxA0bpvN0xlwbMmVqv/OdsUqUQ==

Cc: Jason Andryuk <jason.andryuk@xxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, "Julien Grall" <julien@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>

Delivery-date: Thu, 06 Mar 2025 22:04:08 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

There isn't currently a way to determine if a domain is the hardware domain or a privilged (control) domain. Add new domain info flags to indicate these properties. This is useful for a hyperlaunch-ed xenstore domain to determine which domains are privileged. Signed-off-by: Jason Andryuk <jason.andryuk@xxxxxxx> --- xen/common/domctl.c | 2 ++ xen/include/public/domctl.h | 6 ++++++ 2 files changed, 8 insertions(+) diff --git a/xen/common/domctl.c b/xen/common/domctl.c index 05abb581a0..3c6dcfed87 100644 --- a/xen/common/domctl.c +++ b/xen/common/domctl.c @@ -103,6 +103,8 @@ void getdomaininfo(struct domain *d, struct xen_domctl_getdomaininfo *info) (d->debugger_attached ? XEN_DOMINF_debugged : 0) | (is_xenstore_domain(d) ? XEN_DOMINF_xs_domain : 0) | (is_hvm_domain(d) ? XEN_DOMINF_hvm_guest : 0) | + (is_hardware_domain(d) ? XEN_DOMINF_hardware : 0) | + (is_control_domain(d) ? XEN_DOMINF_priv : 0) | d->shutdown_code << XEN_DOMINF_shutdownshift; xsm_security_domaininfo(d, info); diff --git a/xen/include/public/domctl.h b/xen/include/public/domctl.h index e2d392d1e5..84c2af6a09 100644 --- a/xen/include/public/domctl.h +++ b/xen/include/public/domctl.h @@ -155,6 +155,12 @@ struct xen_domctl_getdomaininfo { /* domain has hardware assisted paging */ #define _XEN_DOMINF_hap 8 #define XEN_DOMINF_hap (1U<<_XEN_DOMINF_hap) +/* domain is hardware domain */ +#define _XEN_DOMINF_hardware 9 +#define XEN_DOMINF_hardware (1U<<_XEN_DOMINF_hardware) +/* domain is privileged */ +#define _XEN_DOMINF_priv 10 +#define XEN_DOMINF_priv (1U<<_XEN_DOMINF_priv) /* XEN_DOMINF_shutdown guest-supplied code. */ #define XEN_DOMINF_shutdownmask 255 #define XEN_DOMINF_shutdownshift 16 -- 2.48.1

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.