Xen project Mailing List

Re: [PATCH] x86/hvm: short-circuit HVM shadow guest creation earlier

To: Alejandro Vallejo <alejandro.garciavallejo@xxxxxxx>

From: Roger Pau Monné <roger.pau@xxxxxxxxxx>

Date: Tue, 10 Feb 2026 08:54:13 +0100

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=IScWUnGK8f5DidLI0ViOf/3bCFiDMjuKwWd7MGWjGl4=; b=AXrkBn5OdGt4/vwElXwXVuLFdQvb096lZ+qBizzFBYxX1bQR1DXp0p/8hl6A87C3vFW0TcfmwSSMao6GxtdxGrEzPzNTzvqaETNh7INU2LsSVYZUdAHUVEwN+Yi3YaPoNgqRSk42CaqvqY88rfi04uO/sx0DyvEbDSfH+yvt54NgZaLeZdIn8tkIINdjg49/xrsO03allkxiE+9k0OBvCxu3IGR1MKT0iSN/s0Ru7n37egfs6bZRhRqAPZJZxSTG/wqs2+mmU5rl/chNKrAgCngSSLfrGDacUfHbgVglRlhJujL3XtUqdfgEjPvLpZeFvlPA9RyPWTgusTfffD7B8Q==

Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=dD9asLIROkRL8ESyZD7z2kSUDEdzMdLEVu2ZBRgKNHOOJmemH7KR3qtVfbFaOMvu3swpHiTajxRmzyxfogFeEQTXgNgWiNqlz42BDVeSfrleT7IIJDVUYaGb3YOfis8FKv0W+O1yhZTksPhPqrY0Gf6n1iWOmXQkbmK34/0DObKBYeeyeHK3xJpAcbgy+13fB8+RRL8iyiTlJPm1PbTP6YCmG6alTvpcSVNkbcQybpk7+vqU7yCEpLtMnBtE3yJElbJ19uwTBVPftJTNnsfi+dD+B7BP8g4I4s10TbFdCEklOLgHHayYytSlGO0ABpPAL1NtBAUZ+PZhMvylQpMCbg==

Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;

Cc: xen-devel@xxxxxxxxxxxxxxxxxxxx, Jan Beulich <jbeulich@xxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Xen-devel <xen-devel-bounces@xxxxxxxxxxxxxxxxxxxx>

Delivery-date: Tue, 10 Feb 2026 07:54:32 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Mon, Feb 09, 2026 at 05:26:54PM +0100, Alejandro Vallejo wrote: > On Mon Feb 9, 2026 at 5:11 PM CET, Roger Pau Monné wrote: > > On Mon, Feb 09, 2026 at 05:02:26PM +0100, Alejandro Vallejo wrote: > >> On Mon Feb 9, 2026 at 3:40 PM CET, Roger Pau Monne wrote: > >> > If shadow paging has been compiled out short circuit the creation of HVM > >> > guests that attempt to use shadow paging at > >> > arch_sanitise_domain_config(). > >> > There's no need to further build the domain when creation is doomed to > >> > fail > >> > later on. > >> > > >> > Signed-off-by: Roger Pau Monné <roger.pau@xxxxxxxxxx> > >> > --- > >> > xen/arch/x86/domain.c | 6 ++++++ > >> > 1 file changed, 6 insertions(+) > >> > > >> > diff --git a/xen/arch/x86/domain.c b/xen/arch/x86/domain.c > >> > index 8b2f33f1a06c..8eb1509782ef 100644 > >> > --- a/xen/arch/x86/domain.c > >> > +++ b/xen/arch/x86/domain.c > >> > @@ -627,6 +627,12 @@ int arch_sanitise_domain_config(struct > >> > xen_domctl_createdomain *config) > >> > return -EINVAL; > >> > } > >> > > >> > + if ( hvm && !hap && !IS_ENABLED(CONFIG_SHADOW_PAGING) ) > >> > + { > >> > + dprintk(XENLOG_INFO, "Shadow paging requested but not > >> > available\n"); > >> > >> nit: s/requested/required/, maybe? > > > > The wording matches the rest of the messages in > > arch_sanitise_domain_config(). I'm not saying that makes it correct, > > but if we word this differently we should also change the others > > IMO. > > My point is rather that HAP, or relaxed MSRs, or other settings are actively > requested via createdomain flags. Shadow is instead the consequence of not > setting HAP. You don't request shadow, you either requested something else or > you hit the error. > > It's not terrible wording, just imprecise. Hm, I see. I've always considered not requesting HAP equivalent to requesting shadow. IOW: not setting XEN_DOMCTL_CDF_hap doesn't mean "pick any possible option" but rather it's an explicit request to use shadow paging on HVM. The interface would possibly be cleaner if we had both a HAP and Shadow flags, and lack of any being selected could mean for Xen to pick the default one. Thanks, Roger.

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.