[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2 07/17] xsm/dummy: Allow HVMOP_get_param for control domain

  • To: Jan Beulich <jbeulich@xxxxxxxx>
  • From: Jason Andryuk <jason.andryuk@xxxxxxx>
  • Date: Wed, 30 Jul 2025 17:16:35 -0400
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=suse.com smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0)
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=HQnoHP9IuN/X3JsDGX2vc23Pg9J3WfCD3RF88NSdH2w=; b=HNj+PmmgFpAnT+a/1RhZY1SQ4JzwpYnzP5yZc/kbTTwFKO28rEZjI9K0VWyTFYdmwTRLnOujoHk/yWl8U53ua5lvWI3jPgy4nzoGgR62CVyLSBk5wRdftB9lZ3VOrIOYWkD/ewQVyhsCFIo46NtrJAMCog30OkZ60OuUbvLYtQrlS7x9Onwjy9rxqo6D6Mej+Dtul+DxVLVYZ500L0jZ5GmariSidBHHaPYgGPL4Ait6aHwcpE57sXWdW8LmVlcI0qH6ADSIa2hKzstRC4sLgr6Zm0BFcFp85wX9n3vT3kuw2eHDK43BV1O/6YEsev145bh4WEuVmp8ygfGkS13TNw==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=gkehDnYPbTxDQ9UFOWFU4FYw+r3mZvNrj47CXMqb0zXxXBRFIgw6S4W6L6fiT+avz2/YBmXv/aON5U2jz7h0RX5Zxi3wEEtvTtbGu5otkHrwMgH91s2QKIJVHk7K1UgXkWpUFP3ycU/HAR2hMGUoKla3UwZVNNcsOfuNH1zQnsfkiOOWBfgbNZ9K3lm1e6JMK2Jj0MWqm0qp64LWctgVpjze1ctZyoUE6CqIXyasebBWcfh5T0fvU9bZD5sCbmCx6rcwLM+F2DClfsl9EMUjRURe1yZKaTxI8cvs2JluORAuuN+AbB70p9/2Fa5gKYbka1tiBwdccq+y39i8gOBKTA==
  • Cc: "Daniel P. Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>, <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Wed, 30 Jul 2025 21:16:50 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 2025-07-30 11:21, Jan Beulich wrote:

On 16.07.2025 23:14, Jason Andryuk wrote:

The Control domain is denied access to an untargetable domain.  However
init-dom0less wants to read the xenstore event channel HVM param to
determine if xenstore should be set up.

This is a read operation, so it is not modifying the domain.  Special
case the HVMOP_get_param operation for is_control_domain().  It is done
in xsm_hvm_param() because xsm_default_action() is too complicated.
HVMOP_get_param should be allowed for a domain itself (XSM_TARGET) and
its device model - src->target or is_dm_domain().  It should otherwise
be denied for untargetable domains.  xsm_default_action() doesn't have
sufficient information to identify the particular operation, so put it
in xsm_hvm_param().

Signed-off-by: Jason Andryuk <jason.andryuk@xxxxxxx>
---
It's messy, but I couldn't think of a better way.


Fits well with my remarks on earlier patches. The granularity you want
simply can't be had this way, unless you use such undesirable "overrides".
Following Stefano's suggestion, this patch can be dropped. With xenstored auto-introducing predefined domains, init-dom0less can use the introduced state to determine which domains to handle. 

Regards,
Jason

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.