[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH v3 00/28] Disable domctl-op via CONFIG_MGMT_HYPERCALLS

To: <xen-devel@xxxxxxxxxxxxxxxxxxxx>, <xen-devel@xxxxxxxxxxxxxxx>
From: Penny Zheng <Penny.Zheng@xxxxxxx>
Date: Mon, 13 Oct 2025 18:15:12 +0800
Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=lists.xenproject.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0)
Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=S+5AW20V7RtR9dVUbX/WTQLNzCzr9zOZDFXOjm6Y8QI=; b=cmUTKGlOZsF7T2inoXN7RuYKlz4/S9HO3HjfIJGJJ9NPPCQnkq5GcD8Ftjdqp96u4Vycz+Gj2cByveX9KqOJJqW2JIm7PFoiYVDwI1i1C8gZdPnhMgap51RYjCARBqeGO8NNdC5XRAISRUtJeIuozTatPtNHQzOSGWv49e4ojmMAk5+cSV7qY99h1ZSsIp22Rp9ZX2APwahRC5l4t7W3wMQfBPkeggHuuW4RT+oYnQmSF8lGi3SLuTXA2LzQlRSF4jhQs0DtSbP4vgdSGe1JNC8sASGXVEFDed/cWvtRuVugChJPmWjAdPquQHWedtAjNc0Jvmc0vqDqB/ubU2iBIg==
Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=LB+Glpvaz8j/5LgT54CfEe1JoG5gOMO628yBGZCdk6BLG2kqioNvFZhm5Dh0b9d2U7vXarjOtwPTwwBf/YUxRq11TH5OGXX5GeRuQVgYiV/i01CSlVTaMnZ+6YmqNnaoF9mopIoMrnpCTxoRGnhkY2wNzz2ewpPWKKVr0/itwzO2/f9eoFfqTfdu8jRRt89ilThQt1zV/q2ZD9nOIrlcZ9kZrWd0b68zTEMs538b+KqwnvZZmQ3laAH6FzKW5/nHskMQuoRG7unqd61nAzVind5FZKvedCAbuDFXeU6dUhDB62ZDBptAudvDzGP5k3kkrctgjiRo5MMe8JIpW7lz4w==
Cc: <ray.huang@xxxxxxx>, <oleksii.kurochko@xxxxxxxxx>, Penny Zheng <Penny.Zheng@xxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, "Anthony PERARD" <anthony.perard@xxxxxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, "Jan Beulich" <jbeulich@xxxxxxxx>, Julien Grall <julien@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, "Stefano Stabellini" <sstabellini@xxxxxxxxxx>, Stewart Hildebrand <stewart.hildebrand@xxxxxxx>, "Daniel P. Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>, Dario Faggioli <dfaggioli@xxxxxxxx>, "Juergen Gross" <jgross@xxxxxxxx>, George Dunlap <gwd@xxxxxxxxxxxxxx>, Bertrand Marquis <bertrand.marquis@xxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>, Alistair Francis <alistair.francis@xxxxxxx>, Bob Eshleman <bobbyeshleman@xxxxxxxxx>, Connor Davis <connojdavis@xxxxxxxxx>, "Nathan Studer" <nathan.studer@xxxxxxxxxxxxxxx>, Stewart Hildebrand <stewart@xxxxxxx>, Tamas K Lengyel <tamas@xxxxxxxxxxxxx>, Alexandru Isaila <aisaila@xxxxxxxxxxxxxxx>, Petre Pircalabu <ppircalabu@xxxxxxxxxxxxxxx>, Shawn Anastasio <sanastasio@xxxxxxxxxxxxxxxxxxxxx>, Christopher Clark <christopher.w.clark@xxxxxxxxx>, Meng Xu <mengxu@xxxxxxxxxxxxx>, Rahul Singh <rahul.singh@xxxxxxx>
Delivery-date: Mon, 13 Oct 2025 10:16:43 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

It can be beneficial for some dom0less systems to further reduce Xen footprint
via disabling some hypercalls handling code, which may not to be used &
required in such systems.
We are introducing a new single Kconfig CONFIG_MGMT_HYPERCALLS to manage
such hypercalls.

We are trying to disable hypercalls in the following aspects:
- sysctl
- domctl
- hvm
- physdev
- platform
This patch serie is only focusing on domctl-op. Different aspects will be
covered in different patch serie.

Features, like VM event, or paging log-dirty support, which fully rely on
domctl-op, will be wrapped with CONFIG_MGMT_HYPERCALLS, to reduce Xen
footprint as much as possible.

It is derived from Stefano Stabellini's commit "xen: introduce kconfig options
to disable hypercalls"(
https://lore.kernel.org/xen-devel/20241219092917.3006174-1-Sergiy_Kibrik@xxxxxxxx)

Penny Zheng (28):
  xen/xsm: remove redundant xsm_iomem_mapping()
  xen/mem_sharing: wrap hvm_copy_context_and_params() with
    CONFIG_MEM_SHARING
  xen/altp2m: move p2m_set_suppress_ve_multi() forward
  xen/sched: remove vcpu_set_soft_affinity()
  xen/sysctl: replace CONFIG_SYSCTL with CONFIG_MGMT_DOMCTL
  xen/x86: move domctl.o out of PV_SHIM_EXCLUSIVE
  xen/domctl: make MGMT_HYPERCALLS transiently def_bool
  xen/vm_event: introduce vm_event_is_enabled()
  xen/vm_event: consolidate CONFIG_VM_EVENT
  xen/vm_event: make VM_EVENT depend on CONFIG_MGMT_HYPERCALLS
  xen/xsm: wrap xsm_vm_event_control() with CONFIG_VM_EVENT
  xen/domctl: wrap domain_pause_by_systemcontroller() with
    MGMT_HYPERCALLS
  xen/domctl: wrap domain_soft_reset() with CONFIG_MGMT_HYPERCALLS
  xen/domctl: wrap domain_resume() with CONFIG_MGMT_HYPERCALLS
  xen/domctl: wrap domain_kill() with CONFIG_MGMT_HYPERCALLS
  xen/domctl: wrap domain_set_node_affinity() with
    CONFIG_MGMT_HYPERCALLS
  xen/domctl: wrap vcpu_affinity_domctl() with CONFIG_MGMT_HYPERCALLS
  xen/domctl: wrap sched_adjust() with CONFIG_MGMT_HYPERCALLS
  xen/domctl: wrap xsm_irq_permission with CONFIG_MGMT_HYPERCALLS
  xen/domctl: wrap arch-specific domain_set_time_offset() with
    CONFIG_MGMT_HYPERCALLS
  xen/domctl: wrap xsm_set_target() with CONFIG_MGMT_HYPERCALLS
  xen/domctl: wrap iommu-related domctl op with CONFIG_MGMT_HYPERCALLS
  xen/domctl: wrap arch_{get,set}_paging_mempool_size() with
    CONFIG_MGMT_HYPERCALLS
  xen/domctl: make CONFIG_X86_PSR depend on CONFIG_MGMT_HYPERCALLS
  xen/domctl: avoid unreachable codes when both MGMT_HYPERCALLS and
    MEM_SHARING unset
  xen/domctl: wrap arch-specific domctl-op with CONFIG_MGMT_HYPERCALLS
  xen/domctl: make HVM_PARAM_IDENT_PT conditional upon
    CONFIG_MGMT_HYPERCALLS
  xen/domctl: wrap common/domctl.c with CONFIG_MGMT_HYPERCALLS

 xen/Kconfig.debug                           |   4 +-
 xen/arch/arm/Kconfig                        |   2 +-
 xen/arch/arm/Makefile                       |   4 +-
 xen/arch/arm/arm32/Makefile                 |   2 +-
 xen/arch/arm/arm64/Makefile                 |   2 +-
 xen/arch/arm/domain.c                       |   5 +
 xen/arch/arm/include/asm/tee/tee.h          |   2 +
 xen/arch/arm/mmu/p2m.c                      |   8 +
 xen/arch/arm/mpu/p2m.c                      |   2 +
 xen/arch/arm/tee/ffa.c                      |   4 +
 xen/arch/arm/tee/optee.c                    |   4 +
 xen/arch/arm/tee/tee.c                      |   2 +
 xen/arch/arm/time.c                         |   2 +
 xen/arch/ppc/stubs.c                        |   4 +
 xen/arch/riscv/stubs.c                      |  10 +-
 xen/arch/x86/Kconfig                        |   1 +
 xen/arch/x86/Makefile                       |   6 +-
 xen/arch/x86/configs/pvshim_defconfig       |   2 +-
 xen/arch/x86/domain.c                       |   4 +
 xen/arch/x86/emul-i8254.c                   |   2 +
 xen/arch/x86/hvm/Kconfig                    |   1 -
 xen/arch/x86/hvm/Makefile                   |   4 +-
 xen/arch/x86/hvm/emulate.c                  |  67 +++++----
 xen/arch/x86/hvm/hvm.c                      |  57 +++++++-
 xen/arch/x86/hvm/pmtimer.c                  |   2 +
 xen/arch/x86/hvm/save.c                     | 154 ++++++++++----------
 xen/arch/x86/hvm/svm/intr.c                 |   2 +-
 xen/arch/x86/hvm/svm/svm.c                  |  66 +++++----
 xen/arch/x86/hvm/vmx/intr.c                 |   2 +-
 xen/arch/x86/hvm/vmx/vmx.c                  |  80 ++++++----
 xen/arch/x86/include/asm/hvm/hvm.h          |  17 ++-
 xen/arch/x86/include/asm/mem_access.h       |   9 ++
 xen/arch/x86/include/asm/monitor.h          |   9 ++
 xen/arch/x86/include/asm/p2m.h              |   2 +-
 xen/arch/x86/include/asm/paging.h           |   2 +-
 xen/arch/x86/include/asm/vm_event.h         |   9 ++
 xen/arch/x86/mm/altp2m.c                    |  34 ++---
 xen/arch/x86/mm/mem_sharing.c               |   7 +
 xen/arch/x86/mm/p2m-pod.c                   |   2 +
 xen/arch/x86/mm/p2m.c                       |   2 +
 xen/arch/x86/mm/paging.c                    |   4 +
 xen/arch/x86/psr.c                          |  18 ---
 xen/arch/x86/time.c                         |   2 +
 xen/common/Kconfig                          |  32 ++--
 xen/common/Makefile                         |   7 +-
 xen/common/argo.c                           |   2 +
 xen/common/device-tree/device-tree.c        |   2 +
 xen/common/domain.c                         |  10 ++
 xen/common/domctl.c                         |   2 +-
 xen/common/grant_table.c                    |   2 +
 xen/common/page_alloc.c                     |   8 +-
 xen/common/perfc.c                          |   4 +-
 xen/common/sched/arinc653.c                 |  11 +-
 xen/common/sched/core.c                     |  18 +--
 xen/common/sched/cpupool.c                  |  16 +-
 xen/common/sched/credit.c                   |  10 +-
 xen/common/sched/credit2.c                  |  10 +-
 xen/common/sched/private.h                  |  10 +-
 xen/common/sched/rt.c                       |   4 +
 xen/common/spinlock.c                       |   4 +-
 xen/drivers/char/console.c                  |   4 +-
 xen/drivers/passthrough/amd/pci_amd_iommu.c |   8 +
 xen/drivers/passthrough/arm/ipmmu-vmsa.c    |   8 +
 xen/drivers/passthrough/arm/smmu-v3.c       |   4 +
 xen/drivers/passthrough/arm/smmu.c          |  10 ++
 xen/drivers/passthrough/device_tree.c       |   8 +
 xen/drivers/passthrough/iommu.c             |   2 +
 xen/drivers/passthrough/pci.c               |   6 +
 xen/drivers/passthrough/vtd/iommu.c         |   6 +
 xen/drivers/vpci/header.c                   |   2 +-
 xen/include/hypercall-defs.c                |  12 +-
 xen/include/xen/domain.h                    |   4 -
 xen/include/xen/mem_access.h                |  10 ++
 xen/include/xen/vm_event.h                  |   7 +
 xen/include/xsm/dummy.h                     |  33 +++--
 xen/include/xsm/xsm.h                       |  65 ++++-----
 xen/lib/x86/Makefile                        |   4 +-
 xen/xsm/dummy.c                             |  23 +--
 xen/xsm/flask/hooks.c                       |  58 ++++----
 79 files changed, 655 insertions(+), 395 deletions(-)

-- 
2.34.1

Follow-Ups:
- [PATCH v3 19/28] xen/domctl: wrap xsm_irq_permission with CONFIG_MGMT_HYPERCALLS
  - From: Penny Zheng
- [PATCH v3 18/28] xen/domctl: wrap sched_adjust() with CONFIG_MGMT_HYPERCALLS
  - From: Penny Zheng
- [PATCH v3 15/28] xen/domctl: wrap domain_kill() with CONFIG_MGMT_HYPERCALLS
  - From: Penny Zheng
- [PATCH v3 21/28] xen/domctl: wrap xsm_set_target() with CONFIG_MGMT_HYPERCALLS
  - From: Penny Zheng
- [PATCH v3 25/28] xen/domctl: avoid unreachable codes when both MGMT_HYPERCALLS and MEM_SHARING unset
  - From: Penny Zheng
- [PATCH v3 22/28] xen/domctl: wrap iommu-related domctl op with CONFIG_MGMT_HYPERCALLS
  - From: Penny Zheng
- [PATCH v3 13/28] xen/domctl: wrap domain_soft_reset() with CONFIG_MGMT_HYPERCALLS
  - From: Penny Zheng
- [PATCH v3 17/28] xen/domctl: wrap vcpu_affinity_domctl() with CONFIG_MGMT_HYPERCALLS
  - From: Penny Zheng
- [PATCH v3 14/28] xen/domctl: wrap domain_resume() with CONFIG_MGMT_HYPERCALLS
  - From: Penny Zheng
- [PATCH v3 24/28] xen/domctl: make CONFIG_X86_PSR depend on CONFIG_MGMT_HYPERCALLS
  - From: Penny Zheng
- [PATCH v3 12/28] xen/domctl: wrap domain_pause_by_systemcontroller() with MGMT_HYPERCALLS
  - From: Penny Zheng
- [PATCH v3 20/28] xen/domctl: wrap arch-specific domain_set_time_offset() with CONFIG_MGMT_HYPERCALLS
  - From: Penny Zheng
- [PATCH v3 11/28] xen/xsm: wrap xsm_vm_event_control() with CONFIG_VM_EVENT
  - From: Penny Zheng
- [PATCH v3 28/28] xen/domctl: wrap common/domctl.c with CONFIG_MGMT_HYPERCALLS
  - From: Penny Zheng
- [PATCH v3 16/28] xen/domctl: wrap domain_set_node_affinity() with CONFIG_MGMT_HYPERCALLS
  - From: Penny Zheng
- [PATCH v3 26/28] xen/domctl: wrap arch-specific domctl-op with CONFIG_MGMT_HYPERCALLS
  - From: Penny Zheng
- [PATCH v3 27/28] xen/domctl: make HVM_PARAM_IDENT_PT conditional upon CONFIG_MGMT_HYPERCALLS
  - From: Penny Zheng
- [PATCH v3 23/28] xen/domctl: wrap arch_{get,set}_paging_mempool_size() with CONFIG_MGMT_HYPERCALLS
  - From: Penny Zheng
- [PATCH v3 09/28] xen/vm_event: consolidate CONFIG_VM_EVENT
  - From: Penny Zheng
- [PATCH v3 10/28] xen/vm_event: make VM_EVENT depend on CONFIG_MGMT_HYPERCALLS
  - From: Penny Zheng
- [PATCH v3 07/28] xen/domctl: make MGMT_HYPERCALLS transiently def_bool
  - From: Penny Zheng
- [PATCH v3 06/28] xen/x86: move domctl.o out of PV_SHIM_EXCLUSIVE
  - From: Penny Zheng
- [PATCH v3 05/28] xen/sysctl: replace CONFIG_SYSCTL with CONFIG_MGMT_DOMCTL
  - From: Penny Zheng
- [PATCH v3 04/28] xen/sched: remove vcpu_set_soft_affinity()
  - From: Penny Zheng
- [PATCH v3 03/28] xen/altp2m: move p2m_set_suppress_ve_multi() forward
  - From: Penny Zheng
- [PATCH v3 01/28] xen/xsm: remove redundant xsm_iomem_mapping()
  - From: Penny Zheng
- [PATCH v3 02/28] xen/mem_sharing: wrap hvm_copy_context_and_params() with CONFIG_MEM_SHARING
  - From: Penny Zheng

Prev by Date: [PATCH v3 02/28] xen/mem_sharing: wrap hvm_copy_context_and_params() with CONFIG_MEM_SHARING
Next by Date: [PATCH v3 01/28] xen/xsm: remove redundant xsm_iomem_mapping()
Previous by thread: RE: [PATCH v10 7/8] xen/cpufreq: Adapt SET/GET_CPUFREQ_CPPC xen_sysctl_pm_op for amd-cppc driver
Next by thread: [PATCH v3 02/28] xen/mem_sharing: wrap hvm_copy_context_and_params() with CONFIG_MEM_SHARING
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.