Xen project Mailing List

Re: [PATCH v5] x86: make Viridian support optional

To: Grygorii Strashko <grygorii_strashko@xxxxxxxx>

From: Marek Marczykowski-Górecki <marmarek@xxxxxxxxxxxxxxxxxxxxxx>

Date: Fri, 17 Oct 2025 00:38:23 +0200

Cc: Roger Pau Monné <roger.pau@xxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Sergiy Kibrik <Sergiy_Kibrik@xxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Paul Durrant <paul@xxxxxxx>, Alejandro Vallejo <alejandro.garciavallejo@xxxxxxx>

Delivery-date: Thu, 16 Oct 2025 22:38:40 +0000

Feedback-id: i1568416f:Fastmail

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Fri, Oct 17, 2025 at 12:40:33AM +0300, Grygorii Strashko wrote: > > > On 15.10.25 11:00, Roger Pau Monné wrote: > > On Tue, Oct 14, 2025 at 06:48:23PM +0300, Grygorii Strashko wrote: > > > > > > > > > On 14.10.25 17:38, Roger Pau Monné wrote: > > > > On Tue, Oct 14, 2025 at 04:24:53PM +0300, Grygorii Strashko wrote: > > > > > On 13.10.25 15:17, Roger Pau Monné wrote: > > > > > > On Tue, Sep 30, 2025 at 12:52:16PM +0000, Grygorii Strashko wrote: > > > > > > > From: Sergiy Kibrik <Sergiy_Kibrik@xxxxxxxx> > > > > > > > + > > > > > > > + If unsure, say Y. > > > > > > > + > > > > > > > config MEM_PAGING > > > > > > > bool "Xen memory paging support (UNSUPPORTED)" if > > > > > > > UNSUPPORTED > > > > > > > depends on VM_EVENT > > > > > > > diff --git a/xen/arch/x86/hvm/Makefile b/xen/arch/x86/hvm/Makefile > > > > > > > index 6ec2c8f2db56..736eb3f966e9 100644 > > > > > > > --- a/xen/arch/x86/hvm/Makefile > > > > > > > +++ b/xen/arch/x86/hvm/Makefile > > > > > > > @@ -1,6 +1,6 @@ > > > > > > > obj-$(CONFIG_AMD_SVM) += svm/ > > > > > > > obj-$(CONFIG_INTEL_VMX) += vmx/ > > > > > > > -obj-y += viridian/ > > > > > > > +obj-$(CONFIG_VIRIDIAN) += viridian/ > > > > > > > obj-y += asid.o > > > > > > > obj-y += dm.o > > > > > > > diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c > > > > > > > index 23bd7f078a1d..95a80369b9b8 100644 > > > > > > > --- a/xen/arch/x86/hvm/hvm.c > > > > > > > +++ b/xen/arch/x86/hvm/hvm.c > > > > > > > @@ -701,9 +701,12 @@ int hvm_domain_initialise(struct domain *d, > > > > > > > if ( hvm_tsc_scaling_supported ) > > > > > > > d->arch.hvm.tsc_scaling_ratio = > > > > > > > hvm_default_tsc_scaling_ratio; > > > > > > > - rc = viridian_domain_init(d); > > > > > > > - if ( rc ) > > > > > > > - goto fail2; > > > > > > > + if ( is_viridian_domain(d) ) > > > > > > > + { > > > > > > > + rc = viridian_domain_init(d); > > > > > > > + if ( rc ) > > > > > > > + goto fail2; > > > > > > > + } > > > > > > > > > > > > Are you sure this works as expected? > > > > > > > > > > > > The viridian_feature_mask() check is implemented using an HVM param, > > > > > > and hence can only be possibly set after the domain object is > > > > > > created. > > > > > > AFAICT is_viridian_domain(d) will unconditionally return false when > > > > > > called from domain_create() context, because the HVM params cannot > > > > > > possibly be set ahead of the domain being created. > > > > > > > > > > You are right. Thanks for the this catch. > > > > > > > > > > Taking above into account above, it seems Jan's proposal to convert > > > > > below > > > > > viridian APIs into wrappers for VIRIDIAN=n case is right way to move > > > > > forward: > > > > > > > > > > int viridian_vcpu_init(struct vcpu *v); > > > > > int viridian_domain_init(struct domain *d); > > > > > void viridian_vcpu_deinit(struct vcpu *v); > > > > > void viridian_domain_deinit(struct domain *d); > > > > > > > > > > Right? > > > > > > > > Possibly. If you don't want to introduce a XEN_DOMCTL_createdomain > > > > flag you need to exclusively use the Kconfig option to decide whether > > > > the Viridian related structs must be allocated. IOW: you could also > > > > solve it by using IS_ENABLED(CONFIG_VIRIDIAN) instead of > > > > is_viridian_domain() for most of the calls here. > > > > > > > > The wrapper option might be better IMO, rather than adding > > > > IS_ENABLED(CONFIG_VIRIDIAN) around. > > > > > > I'll do wrappers - less if(s) in common HVM code. > > > > > > > > > > > > [1] https://patchwork.kernel.org/comment/26595213/ > > > > > > > > > > > > > > > > > If you want to do anything like this you will possibly need to > > > > > > introduce a new flag to XEN_DOMCTL_createdomain to signal whether > > > > > > the > > > > > > domain has Viridian extensions are enabled or not, so that it's know > > > > > > in the context where domain_create() gets called. > > > > > > > > > > In my opinion, it might be good not to go so far within this > > > > > submission. > > > > > - It's not intended to change existing behavior of neither Xen nor > > > > > toolstack > > > > > for VIRIDIAN=y (default) > > [1] > > > > > > - just optout Viridian support when not needed. > > > > > > > > OK, that's fine. > > > > > > > > On further request though: if Viridian is build-time disabled in > > > > Kconfig, setting or fetching HVM_PARAM_VIRIDIAN should return -ENODEV > > > > or similar error. I don't think this is done as part of this patch. > > > > Another bit I've noticed, you will need to adjust write_hvm_params() > > so it can tolerate xc_hvm_param_get() returning an error when > > HVM_PARAM_VIRIDIAN is not implemented by the hypervisor. > > > > Implementing the Viridian features using an HVM parameter was a bad > > approach probably. > > I've just realized how toolstack need to be modified and all consequences... > Have to try to push back a little bit: > > VIRIDIAN=n: Now HVM_PARAM_VIRIDIAN will be R/W with functionality NOP. > > I'd prefer avoid modifying toolstack if possible. IMHO trying to start a domain with Viridian enabled, while it's compiled out of the hypervisor, should fail. Not silently be ignored. > How about sanitizing HVM_PARAM_VIRIDIAN to be RAZ/WI for VIRIDIAN=n? > Or may be produce Xen XENLOG_WARNING"Viridian is disabled" if value!=0? > > This an EXPERT option and end-user can get Xen with VIRIDIAN=n only by > manually re-configuring and re-compiling Xen. In other words, the user > is an expert and knows what he is doing. > > Another point, assume change like this is to be done for HVM_PARAM_VIRIDIAN > - there are another HVM_PARAM_x which depend on build-time disabled features, > like: > HVM_PARAM_VM86_TSS_SIZED > HVM_PARAM_PAGING_RING_PFN, > HVM_PARAM_MONITOR_RING_PFN, > HVM_PARAM_SHARING_RING_PFN, > HVM_PARAM_IDENT_PT > ... > > if corresponding features are build-time disabled, above HVM_PARAM_x > become R/W with functionality NOP now. Are you sure? For me it looks like setting build-time disabled feature returns -ENOSYS. Or do you mean some other interface than xc_hvm_param_set(). -- Best Regards, Marek Marczykowski-Górecki Invisible Things Lab

Attachment: signature.asc
Description: PGP signature

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.