|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [PATCH v8] xen/domain: rewrite emulation_flags_ok()
On Tue, Jun 17, 2025 at 08:53:51AM +0200, Nicola Vetrini wrote:
> On 2025-06-17 08:19, Jan Beulich wrote:
> > On 17.06.2025 03:15, dmkhn@xxxxxxxxx wrote:
> > > --- a/xen/arch/x86/domain.c
> > > +++ b/xen/arch/x86/domain.c
> > > @@ -743,32 +743,75 @@ int arch_sanitise_domain_config(struct
> > > xen_domctl_createdomain *config)
> > > return 0;
> > > }
> > >
> > > +/*
> > > + * Verify that the domain's emulation flags resolve to a supported
> > > configuration.
> > > + *
> > > + * This ensures we only allow a known, safe subset of emulation
> > > combinations
> > > + * (for both functionality and security). Arbitrary mixes are
> > > likely to cause
> > > + * errors (e.g. null pointer dereferences).
> > > + *
> > > + * NB: use the internal X86_EMU_XXX symbols, not the public
> > > XEN_X86_EMU_XXX
> > > + * symbols, to take build-time config options (e.g. CONFIG_HVM)
> > > into account
> > > + * for short-circuited emulations.
> > > + */
> > > static bool emulation_flags_ok(const struct domain *d, uint32_t
> > > emflags)
> > > {
> > > + enum domain_capability {
> > > + CAP_PV = BIT(0, U),
> > > + CAP_HVM = BIT(1, U),
> > > + CAP_HWDOM = BIT(2, U),
> > > + CAP_DOMU = BIT(3, U),
> > > + };
> > > + static const struct {
> > > + enum domain_capability caps;
> > > + uint32_t min;
> > > + uint32_t opt;
> > > + } configs[] = {
> > > +#ifdef CONFIG_PV
> > > + /* PV dom0 and domU */
> > > + {
> > > + .caps = CAP_PV | CAP_HWDOM | CAP_DOMU,
> >
> > Just to double check - are we sure Misra / Eclair will like this (ab)use
> > of an enum?
> >
> > Jan
>
> Likely not, but x86_64 is build with CONFIG_PV=n
It's doing the same for HVM also, so it would trigger for the instance
below then. I will ack v7 then, which used an unsigned int instead.
Thanks, Roger.
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |