Re: [PATCH v4 3/9] xen/arm: temporarily elevate idle_domain privileged during create_domUs

[Julien Grall <julien@xxxxxxx>]

Hi,

On 01/04/2022 01:38, Stefano Stabellini wrote:
> From: Stefano Stabellini <stefano.stabellini@xxxxxxxxxx>
>
> create_domUs might call functions that perform XSM checks on the current
> domain, which is idle_domain at this time. Temporarily elevate
> idle_domain privileges in create_domUs.
>
> Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxx>
> ---
>   xen/arch/arm/domain_build.c | 5 +++++
>   1 file changed, 5 insertions(+)
>
> diff --git a/xen/arch/arm/domain_build.c b/xen/arch/arm/domain_build.c
> index b6189b935d..100a4959a8 100644
> --- a/xen/arch/arm/domain_build.c
> +++ b/xen/arch/arm/domain_build.c
> @@ -27,6 +27,7 @@
>   #include <asm/setup.h>
>   #include <asm/cpufeature.h>
>   #include <asm/domain_build.h>
> +#include <xsm/xsm.h>
>   
>   #include <xen/irq.h>
>   #include <xen/grant_table.h>
> @@ -3210,6 +3211,8 @@ void __init create_domUs(void)
>       struct dt_device_node *node;
>       const struct dt_device_node *chosen = dt_find_node_by_path("/chosen");
>   
> +    xsm_elevate_priv(current->domain);
Please check the return of this function and...

> +
>       BUG_ON(chosen == NULL);
>       dt_for_each_child_node(chosen, node)
>       {
> @@ -3291,6 +3294,8 @@ void __init create_domUs(void)
>           if ( construct_domU(d, node) != 0 )
>               panic("Could not set up domain %s\n", dt_node_name(node));
>       }
> +
> +    xsm_demote_priv(current->domain);
... this. For us, it should hopefully be 0. But it is a good practice to 
confirm.
Cheers,

--
Julien Grall