Xen project Mailing List

Re: [PATCH] x86/hvm: short-circuit HVM shadow guest creation earlier

To: Roger Pau Monné <roger.pau@xxxxxxxxxx>

From: Alejandro Vallejo <alejandro.garciavallejo@xxxxxxx>

Date: Mon, 9 Feb 2026 17:26:54 +0100

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=citrix.com smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0)

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=I0lVqEgne2CCU604ZviDZqPCpqQufrPW3RonEOcw48o=; b=vlU2WPWNCCGdRv+QAREUPuQ6Wqcgfa6bZDCoqO+PIGDYIsQYqyoMEe/jQ9mrXaRPhM3DGx9JDUfUrkKgZnqvabKJCK7bEa7Q6vF2l4ZK+xR/6lhc7dW+0qSPDvollFcbWs1lMDAigVwsm7sZ7aGtt+j2TRuPJwnpHvSREb2/X7EQ/P3EbFeKFOFrCwxW2iZ/6Av8yqsbEx/zwk77snJjoMMdA5wlYgmk5c98wKzOw/VYYIUaACfrTASLTMIG+DuVTUpMTPPV86D6UUCHmeczKFx0xM+6hU3aXtAO0oKr/0cxxyEG5irW/dBeHNtqLOkdIp0BNa4xNv9W8cqqJlVqqg==

Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=VwuDeEBFjZD1jOoSSiwMO2yI/Q6CpT5O0yCBa2PkOYjViBp73QqXfvexCj0qrttrbdzGTcqSq38lq/zN06XEiMV4+CaI3kpTL862kH1CBiSc7ukQZwgbSa29utfaX1ywJoX//165OYpYCOyxEhRHOZw1+iU8CWFEDmCyvXi6O75pwVm6wWFuF2GNHOaPJbyKXPTmN0x1uG+h57zTt1+OwsrIba/GaQUwXmqK6/hVLr35gun2hBKa4uXQX2oQjnDT09bFXDijU6B6jxW8jmDLx6HleIJTkr1oLmhB0idLf0jdKAE907Vr79mxA4gjkbu+9/ztpWNDJ/P9RkzE3ZEtsg==

Cc: <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Xen-devel <xen-devel-bounces@xxxxxxxxxxxxxxxxxxxx>

Delivery-date: Mon, 09 Feb 2026 16:27:17 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Mon Feb 9, 2026 at 5:11 PM CET, Roger Pau Monné wrote: > On Mon, Feb 09, 2026 at 05:02:26PM +0100, Alejandro Vallejo wrote: >> On Mon Feb 9, 2026 at 3:40 PM CET, Roger Pau Monne wrote: >> > If shadow paging has been compiled out short circuit the creation of HVM >> > guests that attempt to use shadow paging at arch_sanitise_domain_config(). >> > There's no need to further build the domain when creation is doomed to fail >> > later on. >> > >> > Signed-off-by: Roger Pau Monné <roger.pau@xxxxxxxxxx> >> > --- >> > xen/arch/x86/domain.c | 6 ++++++ >> > 1 file changed, 6 insertions(+) >> > >> > diff --git a/xen/arch/x86/domain.c b/xen/arch/x86/domain.c >> > index 8b2f33f1a06c..8eb1509782ef 100644 >> > --- a/xen/arch/x86/domain.c >> > +++ b/xen/arch/x86/domain.c >> > @@ -627,6 +627,12 @@ int arch_sanitise_domain_config(struct >> > xen_domctl_createdomain *config) >> > return -EINVAL; >> > } >> > >> > + if ( hvm && !hap && !IS_ENABLED(CONFIG_SHADOW_PAGING) ) >> > + { >> > + dprintk(XENLOG_INFO, "Shadow paging requested but not >> > available\n"); >> >> nit: s/requested/required/, maybe? > > The wording matches the rest of the messages in > arch_sanitise_domain_config(). I'm not saying that makes it correct, > but if we word this differently we should also change the others > IMO. My point is rather that HAP, or relaxed MSRs, or other settings are actively requested via createdomain flags. Shadow is instead the consequence of not setting HAP. You don't request shadow, you either requested something else or you hit the error. It's not terrible wording, just imprecise. >> Also, with this in place can't we get rid of the panic in create_dom0() that >> checks an identical condition? > > Hm, I would possibly leave that one, as I think it's clearer for the > dom0 case. Otherwise someone using a build without HAP or shadow and > attempting to boot in PVH mode will get a message saying: "Shadow > paging requested but not available", which is IMO less clear than > getting a "Neither HAP nor Shadow available for PVH domain" error > message. > > Just my thinking, both checks achieve the same result, but the error > message in the create_dom0() instance is more helpful in the context > of dom0 creation. Fair enough. It doesn't matter much anyway. With or without the adjusted printk. Reviewed-by: Alejandro Vallejo <alejandro.garciavallejo@xxxxxxx> Cheers, Alejandro

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.