Xen project Mailing List

Re: [PATCH v9 1/3] xsm: create idle domain privileged and demote after setup

To: "Daniel P. Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>

From: Roger Pau Monné <roger.pau@xxxxxxxxxx>

Date: Thu, 30 Jun 2022 11:24:25 +0200

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=GbJ8Qf4Cz0NR+IFV7ooSMyOSpWKGmIw2FnsULdrGdfY=; b=i42+m2FJ9kFrRJCEwo5nLDtZ7E11RPFahejk+IpomR0tPChUa5baO1mpglcKQlpCnmqhqnR956h9yKlYx5CoHEtghuG5RAGgvW/3BRLnzmJxTBWCTMTb1bO71lHOrnLwAwlxuvSvv1zqaiVnB9ukmRmdjCUxyJPc9RFQXhfnUoYh32FUHBZW4ZfcWSg/dtMgab5mJn0C9OHpkD/NrbufIINNawwpsvNnpnMBG+K2okVP8ddb1Gh78fQ8cG5PVkPdY6PhhZXOfQJ3mXABe1wJJjsSp5/HEdQ/3QuglAR5Lnxk5phZ23JPGUevkc9Ikd2eW5kHc1NSD1jLsY+dnrMNqA==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=aLhNguCvSlg4xYLP4nd7kJxirzUf6qFhPFm6ktvmRWCq65yx6vR0d0ZWffZHDpP7CegLeAklP5wc+0tEsw8N3RQhpLd5wWAOhaU535QqB0PifZZjua+ZNiRLmV5Q+vqQ14yVuKW+qGXt5IYOYy2SOUOwHUIMnSfTSOnUAC0dVDp1VP4YlmhvckxxSThHPfhJfKoa2b/lNNOLLW0ton/0V834mgjsbzIfGnjNYCnE+CaaDlZ+zExo1w5M/pz5Si63k4xpUqjiVWlAgJzrxtPhqHQN8twwJ0SeM4XAmxSvRuNqbeN+ExYMEuGhOHFXr8nwvgBph/Mm3wB+4PJOmyqMeQ==

Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;

Cc: xen-devel@xxxxxxxxxxxxxxxxxxxx, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>, Wei Liu <wl@xxxxxxx>, scott.davis@xxxxxxxxxx, jandryuk@xxxxxxxxx, christopher.clark@xxxxxxxxxx, Luca Fancellu <luca.fancellu@xxxxxxx>, Julien Grall <jgrall@xxxxxxxxxx>, Rahul Singh <rahul.singh@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Bertrand Marquis <bertrand.marquis@xxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Dario Faggioli <dfaggioli@xxxxxxxx>, Daniel De Graaf <dgdegra@xxxxxxxxxxxxx>

Delivery-date: Thu, 30 Jun 2022 09:24:46 +0000

Ironport-data: A9a23:2NmS0ag48lP2E24C/R1A0dzTX161RBAKZh0ujC45NGQN5FlHY01je htvWWvTO6yKN2ajKYwlYIzko0MFsZ/cyoNqTANr+C09Fy4b9cadCdqndUqhZCn6wu8v7a5EA 2fyTvGacajYm1eF/k/F3oDJ9CU6jefSLlbFILas1hpZHGeIcw98z0M58wIFqtQw24LhXVjV4 YqaT/D3YzdJ5RYlagr41IrbwP9flKyaVOQw5wFWiVhj5TcyplFNZH4tDfjZw0jQG+G4KtWSV efbpIxVy0uCl/sb5nFJpZ6gGqECaua60QFjERO6UYD66vRJjnRaPqrWqJPwwKqY4tmEt4kZ9 TlDiXC/YRh0PJPwkvwFaChFOAs9JPVg6Jn/PUHq5KR/z2WeG5ft69NHKRhueKE9pKNwC2wI8 uEEIjcQaBzFn/ix3L+wVuhrgIIkMdXvO4Qc/HpnyFk1D95/GcyFH/qMuI8ehW9h7ixNNa+2i 84xcz1gYQ6GexRSElwWFIg/jKGjgXyXnzhw9w/M9PVuuTm7IApZiqO9EfHHa82zWOJS3QWRr UPsoXvjK0RPXDCY4X/fmp62vcfDhTj+WZ4SPLSg++R2nUaIwWgOFBwRU0D9qv684mauVtQaJ 0EK9y4Gqakp6FftXtT7Rwe/onOPolgbQdU4O9M97AaB26/F+TGzD2IPTiNCQNE+vcpwTjsvv neWm/v5CDopt6eaIVqG/bCIsXW+MDYUNkcZeSYeSQIPpdjkyKkxhxTDVMd+E4a6i9T0HXf7x DXihCM+nbQIkckT16ihu1vDiiivjoPVRxQx7w+RX2XNxgdkb4fjaYWu4lXf6etoJZycCFKGu RAsmceE5eQKJZiInT6KRqMGG7TBz+yMMCDYx0VuGZYh3z23/jioeoU4yCplOE5jP8IAeDnoS EzeowVc4NlUJnTCRa1qZ4O8Dew6wK6mEs7qPtjeY8BSeJF3eEmC9Tt3eE+L92n3lQ4nlqRXE ZWRfNuoDH0aIb961zfwTOAYuZcnyCkxymLUQZHT1Am83PyVY3v9YbsKPFaBdOkR8LKPoAKT9 c1WccSN1X1ivPbWZyDW9csfKA4MJH1iXZTu8ZUPJ6iEPxZsH3wnB7nJ27Q9dod5nqNT0ODV4 nW6XUwew1367ZHaFTi3hrlYQOuHdf5CQbgTZETA4X7AN6AfXLuS

Ironport-hdrordr: A9a23:ISQf/q8HXXsBi+ZlW3Juk+FDdb1zdoMgy1knxilNoENuH/Bwxv rFoB1E73TJYVYqN03IV+rwXZVoZUmsjaKdhrNhRotKPTOWwVdASbsP0WKM+V3d8kHFh41gPO JbAtJD4b7LfCdHZKTBkW6F+r8bqbHokZxAx92uqUuFJTsaF52IhD0JbjpzfHcGJjWvUvECZe ehD4d81kydUEVSSv7+KmgOXuDFqdGOvJX6YSQeDxpizAWVlzun5JPzDhDdh34lInty6IZn1V KAvx3y562lvf3+4hjA11XL55ATvNf60NNMCOGFl8BQADTxjQSDYphnRtS5zXkIidDqzGxvvM jHoh8mMcg2w3TNflutqR+o4AXk2CZG0Q6W9XaoxV/Y5eDpTjMzDMRMwahDdAHC1kYmtNZglI pWwmOwrfNsfF/9tRW4w+KNewBhl0Kyr3Znu/UUlWZjXYwXb6IUhZAD/XlSDIwLEEvBmc0a+d FVfY/hDcttABKnhyizhBgu/DXsZAV4Iv6+eDlMhiTPuAIm30yQzCMjtb4idzk7hdAAoqJ/lp X525RT5c9zp/AtHNJA7cc6ML+K4z/2MGXxGVPXB2jbP4c6HF+Ig6LLwdwOlZKXkdozvdAPpK g=

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Wed, Jun 29, 2022 at 10:21:08PM -0400, Daniel P. Smith wrote: > There are new capabilities, dom0less and hyperlaunch, that introduce internal > hypervisor logic, which needs to make resource allocation calls that are > protected by XSM access checks. The need for these resource allocations are > necessary for dom0less and hyperlaunch when they are constructing the initial > domain(s). This creates an issue as a subset of the hypervisor code is > executed under a system domain, the idle domain, that is represented by a > per-CPU non-privileged struct domain. To enable these new capabilities to > function correctly but in a controlled manner, this commit changes the idle > system domain to be created as a privileged domain under the default policy > and > demoted before transitioning to running. A new XSM hook, > xsm_set_system_active(), is introduced to allow each XSM policy type to demote > the idle domain appropriately for that policy type. In the case of SILO, it > inherits the default policy's hook for xsm_set_system_active(). > > For flask, a stub is added to ensure that flask policy system will function > correctly with this patch until flask is extended with support for starting > the > idle domain privileged and properly demoting it on the call to > xsm_set_system_active(). > > Signed-off-by: Daniel P. Smith <dpsmith@xxxxxxxxxxxxxxxxxxxx> > Reviewed-by: Jason Andryuk <jandryuk@xxxxxxxxx> > Reviewed-by: Luca Fancellu <luca.fancellu@xxxxxxx> > Acked-by: Julien Grall <jgrall@xxxxxxxxxx> # arm > Reviewed-by: Rahul Singh <rahul.singh@xxxxxxx> > Tested-by: Rahul Singh <rahul.singh@xxxxxxx> LGTM: Acked-by: Roger Pau Monné <roger.pau@xxxxxxxxxx> Thanks, Roger.

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.