Xen project Mailing List

[PATCH v4 13/13] x86/hyperlaunch: add capabilities to boot domain

From: Alejandro Vallejo <agarciav@xxxxxxx>

Date: Thu, 17 Apr 2025 13:48:35 +0100

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=lists.xenproject.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0)

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=m2nnxNvapsA9yUyBZa5Q7RA8+C8ztd0XPgOdNnop0rE=; b=Jki6TgJ4RLsmvfpLE23ZazzmYtlrsWVy2xLSI7e/EcbTQrn9IT1bYOQLL1f4PFMgImb0e70Y5kx7GjuugkWpt6O7a9Miz2gYSIKlz/VOYm8P5AxHhNKcD2qDR+YG1rvFqjoNSOW0w1/LiHTzEgkdIvacd0WszMjco1lKPQqs7x9OW7KfJrwhBMNhyy81PtkwGYyD5wtxg5L36StdT+wb0jnONKy9M8zXSMZBiNUNZe6mYgO0waKKNttyuTRw9pAx/LuQTwtFLAaxgvCF/oyy/odNaIyct4SN9xr3SmgWVyYqQAA/Cg+k+m/HqOVbCd5P/YKuAYr0DCPKwQlrV0aodw==

Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=wVQc2Aeg9jbdv4EX449XO2GYgknC7hJ0/9ccEQBvUq8/bkyO7kFLFTwcFiqo9AduS39bLU2iMBwamfSPK+EU7YQP/We8C35mr02sMNqVgAKGmjWDWgm158UTGr4cAtcE7U2Prk41Pgxt7PIzWFremFqncq63x6wOoxRc0xP1yAuNG6HrrLeE+6FFveFDhd7yM462W1g1N0j7rD+seV90ZN2hWfPLrYMGaSmHHkvNjZDDM2m0AVKgFVUqWiFYtlQkYpLIjOuUJS7v9w1t5j3cX61oEoayiY3Ba+PhsqLp3g3XKmTMLnwA5awNF/KL/85QCJ1cZsJhgyCjyJ1jL9C0+A==

Cc: "Daniel P. Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, "Julien Grall" <julien@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, "Jason Andryuk" <jason.andryuk@xxxxxxx>, Alejandro Vallejo <agarciav@xxxxxxx>

Delivery-date: Thu, 17 Apr 2025 12:52:13 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

From: "Daniel P. Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx> Introduce the ability to assign capabilities to a domain via its definition in device tree. The first capability enabled to select is the control domain capability. The capability property is a bitfield in both the device tree and `struct boot_domain`. Signed-off-by: Daniel P. Smith <dpsmith@xxxxxxxxxxxxxxxxxxxx> Signed-off-by: Jason Andryuk <jason.andryuk@xxxxxxx> Signed-off-by: Alejandro Vallejo <agarciav@xxxxxxx> --- v4: * Dropped Jason's R-by. * Refactored caps printinng logic * It just wasn't xenlog-compatible as it was. * Moved pv_shim check to builder_init, so the capability is just not given. * And inlined the create_flags variable now that's tractable. * Validated input capabilities after coming out of the DT. --- xen/arch/x86/include/asm/boot-domain.h | 5 +++++ xen/arch/x86/setup.c | 3 ++- xen/common/domain-builder/core.c | 2 ++ xen/common/domain-builder/fdt.c | 20 ++++++++++++++++++++ 4 files changed, 29 insertions(+), 1 deletion(-) diff --git a/xen/arch/x86/include/asm/boot-domain.h b/xen/arch/x86/include/asm/boot-domain.h index 969c02a6ea..5c143d82af 100644 --- a/xen/arch/x86/include/asm/boot-domain.h +++ b/xen/arch/x86/include/asm/boot-domain.h @@ -13,6 +13,11 @@ struct boot_domain { domid_t domid; +#define BUILD_CAPS_NONE (0U) +#define BUILD_CAPS_CONTROL (1U << 0) +#define BUILD_CAPS__ALL BUILD_CAPS_CONTROL + uint32_t capabilities; + /* On | Off */ #define BUILD_MODE_PARAVIRT (1 << 0) /* PV | PVH/HVM */ #define BUILD_MODE_ENABLE_DM (1 << 1) /* HVM | PVH */ diff --git a/xen/arch/x86/setup.c b/xen/arch/x86/setup.c index 455dad454c..3cdd8bc2f9 100644 --- a/xen/arch/x86/setup.c +++ b/xen/arch/x86/setup.c @@ -1040,7 +1040,8 @@ static struct domain *__init create_dom0(struct boot_info *bi) if ( bd->domid == DOMID_INVALID ) /* Create initial domain. Not d0 for pvshim. */ bd->domid = get_initial_domain_id(); - d = domain_create(bd->domid, &dom0_cfg, pv_shim ? 0 : CDF_privileged); + d = domain_create(bd->domid, &dom0_cfg, + (bd->capabilities & BUILD_CAPS_CONTROL) ? CDF_privileged : 0); if ( IS_ERR(d) ) panic("Error creating d%u: %ld\n", bd->domid, PTR_ERR(d)); diff --git a/xen/common/domain-builder/core.c b/xen/common/domain-builder/core.c index 4b4230f2ff..d1a5d6125e 100644 --- a/xen/common/domain-builder/core.c +++ b/xen/common/domain-builder/core.c @@ -8,6 +8,7 @@ #include <xen/lib.h> #include <asm/bootinfo.h> +#include <asm/pv/shim.h> #include <asm/setup.h> #include "fdt.h" @@ -93,6 +94,7 @@ void __init builder_init(struct boot_info *bi) bi->mods[i].type = BOOTMOD_KERNEL; bi->domains[0].kernel = &bi->mods[i]; + bi->domains[0].capabilities |= pv_shim ? 0 : BUILD_CAPS_CONTROL; bi->nr_domains = 1; } } diff --git a/xen/common/domain-builder/fdt.c b/xen/common/domain-builder/fdt.c index 295ab6e8b3..3e3a84e2d0 100644 --- a/xen/common/domain-builder/fdt.c +++ b/xen/common/domain-builder/fdt.c @@ -293,6 +293,26 @@ static int __init process_domain_node( bd->max_vcpus = val; printk(XENLOG_INFO " cpus: %d\n", bd->max_vcpus); } + else if ( !strncmp(prop_name, "capabilities", name_len) ) + { + if ( (rc = fdt_prop_as_u32(prop, &bd->capabilities)) ) + { + printk(XENLOG_ERR + " bad \"capabilities\" on domain %s\n", name); + return rc; + } + + if ( bd->capabilities & ~BUILD_CAPS__ALL ) + { + printk(XENLOG_WARNING " unknown capabilities: %#x\n", + bd->capabilities & ~BUILD_CAPS__ALL); + + bd->capabilities &= BUILD_CAPS__ALL; + } + + printk(XENLOG_INFO " caps: %s\n", + bd->capabilities & BUILD_CAPS_CONTROL ? "c" : ""); + } } fdt_for_each_subnode(node, fdt, dom_node) -- 2.43.0

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.