[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 08/23] xen/arm: dom0less seed xenstore grant table entry


  • To: Stefano Stabellini <sstabellini@xxxxxxxxxx>
  • From: Jason Andryuk <jason.andryuk@xxxxxxx>
  • Date: Fri, 7 Mar 2025 13:34:24 -0500
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=kernel.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0)
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=seKkujC0nE67B6XURNIfxyizCZTe4rYHhb47ttCs0mo=; b=lanpnsP8EQ6f/Tbi/ABW4ck3x1rZOfBjicesZNm5lbjZmBNPybITAv91i/UTLA7sxjsR6e0UVYbWNwWBGUvPNV4J+t76igFjDno/zAzGnmNpoA/F3g5urfFykRLyKBpNOVassFmvFsThafjY1AzuaLu8vdylDJoaOSkXvJjKii0ezoo8M2C0zG4pNvtmubp7Ci+bc3+FcAANs/FQEtaJetKGTgbyQW6xDgJK9sdsa9Tv2ZLWVzCfDG32+JY2NPQyW4jZS9NPgCBLMjv8dXzkhC2vSXTRneB1j0RdgJ4OGq7q5L9Q9IO9j8SMpdGNsvKh/nF9lHusjaysXe0zagD/7w==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=rI2oEv8RBh0otq4G24T0b8FxU73iTNf4ySzJfGAg3XTCaU4A3t9FlLt6IehN7b1btc3BxYVt+88xubT+vwuDGrcEgV2GPUbant4HJeiC7YfvtDD/q2OaltJ9YXOepC/YSYLXe7L9pO5GKO4+XCgWUj/RAGLvfDGFKBwEfFI6vqFq00n9o4PVp/qqI7Bd78ANMIFfif28+3zjnXun9G8vJmTBb7kjyx/YRsRJ7ZIKshUPZv3yk6PiwxvtaOC696fnqFTh24aGsTDXduvi4PKYyLdnRFB10FqjNrkma0JGY22iS9Qm5gZQyZu9KrdZASP0sQDnVo72Z6Z4mnUK37VXqw==
  • Cc: <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, "Bertrand Marquis" <bertrand.marquis@xxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>, "Jan Beulich" <jbeulich@xxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • Delivery-date: Fri, 07 Mar 2025 18:35:08 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 2025-03-06 20:47, Stefano Stabellini wrote:
On Thu, 6 Mar 2025, Jason Andryuk wrote:
With a split hardware and control domain, the control domain may still
want and xenstore access.  Currently this relies on init-dom0less to
seed the grants.  This is problematic since we don't want hardware
domain to be able to map the control domain's resources.  Instead have
the hypervisor see the grant table entry.  The grant is then accessible
as normal.

This is also useful with a xenstore stubdom to setup the xenbus page
much earlier.

Reading the patch, it seems that what is doing is letting the xenstore
domain map the domU's grant table page. Is that correct?

The end result is everything is setup for xenstored to map GNTTAB_RESERVED_XENSTORE at some time later.

If so, I would suggest to update the commit message as follows:

With split hardware/control/xenstore domains, the xenstore domain may
still want to access other domains' xenstore page. Currently this relies
on init-dom0less to seed the grants from Dom0.  This is problematic
since we don't want the hardware domain to be able to map other domains'
resources without their permission.  Instead have the hypervisor seed
the grant table entry for every dom0less domain.  The grant is then
accessible as normal.

I'll go with a tweaked version of yours:
xenstored maps other domains' xenstore pages.  Currently this relies
on init-dom0less or xl to seed the grants from Dom0. With split hardware/control/xenstore domains, this is problematic since we don't want the hardware domain to be able to map other domains' resources without their permission. Instead have the hypervisor seed the grant table entry for every dom0less domain. The grant is then accessible as normal.

Regards,
Jason



 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.