Xen project Mailing List

[PATCH v3 28/28] xen/domctl: wrap common/domctl.c with CONFIG_MGMT_HYPERCALLS

From: Penny Zheng <Penny.Zheng@xxxxxxx>

Date: Mon, 13 Oct 2025 18:15:40 +0800

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=lists.xenproject.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0)

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=N2aSf4g6NxpM8zBIw6QU7YTARrV403WNSPl9azppxQs=; b=HqWfdoWR5A28I570WIqg1AlJ288IbF7iY8DG+1NlalKzG7/XK2VGbgr9hSYYnS8sMo+HyWCEKhvHjD3pvDtgp2py2XAS4lhvepuyhSxXXmfT0CEi/VK32uUdJSz1ItfGbB49q1dQtUxNIpxgd1LVrcqFIEc8YZs1EuNXUPUGZ23bKTDlHQ+l7GSouVFqwyhnMJxEBPx3a8yNNOyUEyKEjqRQ3LNRbv4yeApESFKoLEPTNRs17zizPvXvXCo/lsvwrnq3U6vljAf7KfzCYqaEwd3WwNGuFG7rY9zdKlM0MgkEqABGvN5KMsEpduNV1tSYh8utuPApSw6r+mFmMk5g6g==

Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=Jb0SN2xp7vNHSMh0x4rv7zCmYonyyWrGsBDD7HodkKKFlAOZ6eEbO4p83J5iLO/lGrQ36r5AuUnlxJrI0HUILXnUFBs/rhXklKbCG2SXbfdtZ0wdhXd5tgVj4Xzw5AljJUg60FRsLYKYmcLtvTSts6Byoai4EpdNOEkplnir3Lt8muasyBSqJKvZe/x2icJnJxE4G3b0S/T2tuR85XVTxUcdkugPzKmvqWpQbTSTn/uTMMpNLjPFJsMuVhv7tZ/TakAM1ob5mwateh3b5aVkb8WCgZfnkiiHhWdgHcA+Wg38rDcuwUhn6p1SnDd0+QoXMhwbRz5PCHv2UG+JnkngMw==

Cc: <ray.huang@xxxxxxx>, <oleksii.kurochko@xxxxxxxxx>, Penny Zheng <Penny.Zheng@xxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, "Anthony PERARD" <anthony.perard@xxxxxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, "Jan Beulich" <jbeulich@xxxxxxxx>, Julien Grall <julien@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, "Stefano Stabellini" <sstabellini@xxxxxxxxxx>

Delivery-date: Mon, 13 Oct 2025 10:26:52 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Wrap domctl hypercall def and domctl.o with CONFIG_MGMT_HYPERCALLS. Signed-off-by: Penny Zheng <Penny.Zheng@xxxxxxx> --- v1 -> v2: - remove stub in common/domctl.c - combine the original commit of "xen/domctl: provide stub for domctl_lock_{acquire,release}" - adapt to changes of "unify DOMCTL to MGMT_HYPERCALLS" --- v2 -> v3: - add pitfall warnning in Kconfig help --- xen/common/Kconfig | 6 ++++-- xen/common/Makefile | 2 +- xen/include/hypercall-defs.c | 4 ++-- 3 files changed, 7 insertions(+), 5 deletions(-) diff --git a/xen/common/Kconfig b/xen/common/Kconfig index 309d262386..efbe97c54a 100644 --- a/xen/common/Kconfig +++ b/xen/common/Kconfig @@ -646,11 +646,13 @@ config SYSTEM_SUSPEND If unsure, say N. config MGMT_HYPERCALLS - def_bool y + bool "Enable privileged hypercalls for system management" help This option shall only be disabled on some dom0less systems, or PV shim on x86, to reduce Xen footprint via managing unnessary - hypercalls, like sysctl, etc. + hypercalls, like sysctl, domctl, etc. + Be cautious to disable it, as users will face missing a few basic + hypercalls like listdomains, getdomaininfo, etc. config PM_OP bool "Enable Performance Management Operation" diff --git a/xen/common/Makefile b/xen/common/Makefile index fdf826f218..45c0bda000 100644 --- a/xen/common/Makefile +++ b/xen/common/Makefile @@ -11,7 +11,7 @@ obj-$(filter-out $(CONFIG_X86),$(CONFIG_ACPI)) += device.o obj-$(CONFIG_DEVICE_TREE_PARSE) += device-tree/ obj-$(CONFIG_IOREQ_SERVER) += dm.o obj-y += domain.o -obj-y += domctl.o +obj-$(CONFIG_MGMT_HYPERCALLS) += domctl.o obj-y += domid.o obj-y += event_2l.o obj-y += event_channel.o diff --git a/xen/include/hypercall-defs.c b/xen/include/hypercall-defs.c index 02d7b93e80..c243edc460 100644 --- a/xen/include/hypercall-defs.c +++ b/xen/include/hypercall-defs.c @@ -196,11 +196,11 @@ dm_op(domid_t domid, unsigned int nr_bufs, xen_dm_op_buf_t *bufs) #endif #ifdef CONFIG_MGMT_HYPERCALLS sysctl(xen_sysctl_t *u_sysctl) +domctl(xen_domctl_t *u_domctl) #endif #if defined(CONFIG_X86) && defined(CONFIG_PAGING) && defined(CONFIG_MGMT_HYPERCALLS) paging_domctl_cont(xen_domctl_t *u_domctl) #endif -domctl(xen_domctl_t *u_domctl) #ifndef CONFIG_PV_SHIM_EXCLUSIVE platform_op(xen_platform_op_t *u_xenpf_op) #endif @@ -279,8 +279,8 @@ hvm_op do do do do do #endif #ifdef CONFIG_MGMT_HYPERCALLS sysctl do do do do do -#endif domctl do do do do do +#endif #ifdef CONFIG_KEXEC kexec_op compat do - - - #endif -- 2.34.1

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.