Xen project Mailing List

Re: [XEN PATCH v12 2/7] x86/pvh: Allow (un)map_pirq when dom0 is PVH

To: Roger Pau Monné <roger.pau@xxxxxxxxxx>

Date: Wed, 31 Jul 2024 11:02:01 +0200

Autocrypt: addr=jbeulich@xxxxxxxx; keydata= xsDiBFk3nEQRBADAEaSw6zC/EJkiwGPXbWtPxl2xCdSoeepS07jW8UgcHNurfHvUzogEq5xk hu507c3BarVjyWCJOylMNR98Yd8VqD9UfmX0Hb8/BrA+Hl6/DB/eqGptrf4BSRwcZQM32aZK 7Pj2XbGWIUrZrd70x1eAP9QE3P79Y2oLrsCgbZJfEwCgvz9JjGmQqQkRiTVzlZVCJYcyGGsD /0tbFCzD2h20ahe8rC1gbb3K3qk+LpBtvjBu1RY9drYk0NymiGbJWZgab6t1jM7sk2vuf0Py O9Hf9XBmK0uE9IgMaiCpc32XV9oASz6UJebwkX+zF2jG5I1BfnO9g7KlotcA/v5ClMjgo6Gl MDY4HxoSRu3i1cqqSDtVlt+AOVBJBACrZcnHAUSuCXBPy0jOlBhxPqRWv6ND4c9PH1xjQ3NP nxJuMBS8rnNg22uyfAgmBKNLpLgAGVRMZGaGoJObGf72s6TeIqKJo/LtggAS9qAUiuKVnygo 3wjfkS9A3DRO+SpU7JqWdsveeIQyeyEJ/8PTowmSQLakF+3fote9ybzd880fSmFuIEJldWxp Y2ggPGpiZXVsaWNoQHN1c2UuY29tPsJgBBMRAgAgBQJZN5xEAhsDBgsJCAcDAgQVAggDBBYC AwECHgECF4AACgkQoDSui/t3IH4J+wCfQ5jHdEjCRHj23O/5ttg9r9OIruwAn3103WUITZee e7Sbg12UgcQ5lv7SzsFNBFk3nEQQCACCuTjCjFOUdi5Nm244F+78kLghRcin/awv+IrTcIWF hUpSs1Y91iQQ7KItirz5uwCPlwejSJDQJLIS+QtJHaXDXeV6NI0Uef1hP20+y8qydDiVkv6l IreXjTb7DvksRgJNvCkWtYnlS3mYvQ9NzS9PhyALWbXnH6sIJd2O9lKS1Mrfq+y0IXCP10eS FFGg+Av3IQeFatkJAyju0PPthyTqxSI4lZYuJVPknzgaeuJv/2NccrPvmeDg6Coe7ZIeQ8Yj t0ARxu2xytAkkLCel1Lz1WLmwLstV30g80nkgZf/wr+/BXJW/oIvRlonUkxv+IbBM3dX2OV8 AmRv1ySWPTP7AAMFB/9PQK/VtlNUJvg8GXj9ootzrteGfVZVVT4XBJkfwBcpC/XcPzldjv+3 HYudvpdNK3lLujXeA5fLOH+Z/G9WBc5pFVSMocI71I8bT8lIAzreg0WvkWg5V2WZsUMlnDL9 mpwIGFhlbM3gfDMs7MPMu8YQRFVdUvtSpaAs8OFfGQ0ia3LGZcjA6Ik2+xcqscEJzNH+qh8V m5jjp28yZgaqTaRbg3M/+MTbMpicpZuqF4rnB0AQD12/3BNWDR6bmh+EkYSMcEIpQmBM51qM EKYTQGybRCjpnKHGOxG0rfFY1085mBDZCH5Kx0cl0HVJuQKC+dV2ZY5AqjcKwAxpE75MLFkr wkkEGBECAAkFAlk3nEQCGwwACgkQoDSui/t3IH7nnwCfcJWUDUFKdCsBH/E5d+0ZnMQi+G0A nAuWpQkjM1ASeQwSHEeAWPgskBQL

Cc: xen-devel@xxxxxxxxxxxxxxxxxxxx, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, George Dunlap <gwd@xxxxxxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Anthony PERARD <anthony@xxxxxxxxxxxxxx>, Juergen Gross <jgross@xxxxxxxx>, "Daniel P . Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>, Stewart Hildebrand <Stewart.Hildebrand@xxxxxxx>, Huang Rui <ray.huang@xxxxxxx>, Jiqian Chen <Jiqian.Chen@xxxxxxx>

Delivery-date: Wed, 31 Jul 2024 09:02:12 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 31.07.2024 10:51, Roger Pau Monné wrote: > On Wed, Jul 31, 2024 at 10:40:46AM +0200, Jan Beulich wrote: >> On 31.07.2024 10:24, Roger Pau Monné wrote: >>> On Wed, Jul 31, 2024 at 09:58:28AM +0200, Jan Beulich wrote: >>>> On 31.07.2024 09:50, Roger Pau Monné wrote: >>>>> On Mon, Jul 08, 2024 at 07:41:19PM +0800, Jiqian Chen wrote: >>>>>> --- a/xen/arch/x86/physdev.c >>>>>> +++ b/xen/arch/x86/physdev.c >>>>>> @@ -323,7 +323,11 @@ ret_t do_physdev_op(int cmd, >>>>>> XEN_GUEST_HANDLE_PARAM(void) arg) >>>>>> if ( !d ) >>>>>> break; >>>>>> >>>>>> - ret = physdev_map_pirq(d, map.type, &map.index, &map.pirq, >>>>>> &msi); >>>>>> + /* Only mapping when the subject domain has a notion of PIRQ */ >>>>>> + if ( !is_hvm_domain(d) || has_pirq(d) ) >>>>> >>>>> I'm afraid this is not true. It's fine to map interrupts to HVM >>>>> domains that don't have XENFEAT_hvm_pirqs enabled. has_pirq() simply >>>>> allow HVM domains to route interrupts from devices (either emulated or >>>>> passed through) over event channels. >>>>> >>>>> It might have worked in the past (when using a version of Xen < 4.19) >>>>> because XENFEAT_hvm_pirqs was enabled by default for HVM guests. >>>>> >>>>> physdev_map_pirq() will work fine when used against domains that don't >>>>> have XENFEAT_hvm_pirqs enabled, and it needs to be kept this way. >>>>> >>>>> I think you want to allow PHYSDEVOP_{,un}map_pirq for HVM domains, but >>>>> keep the code in do_physdev_op() as-is. You will have to check >>>>> whether the current paths in do_physdev_op() are not making >>>>> assumptions about XENFEAT_hvm_pirqs being enabled when the calling >>>>> domain is of HVM type. I don't think that's the case, but better >>>>> check. >>>> >>>> Yet the goal is to disallow mapping into PVH domains. The use of >>>> has_pirq() was aiming at that. If that predicate can't be used (anymore) >>>> for this purpose, which one is appropriate now? >>> >>> Why do you want to add such restriction now, when it's not currently >>> present? >>> >>> It was already the case that a PV dom0 could issue >>> PHYSDEVOP_{,un}map_pirq operations against a PVH domU, whatever the >>> result of such operation be. >> >> Because (a) that was wrong and (b) we'd suddenly permit a PVH DomU to >> issue such for itself. > > Regarding (b) a PVH domU issuing such operations would fail at the > xsm_map_domain_pirq() check in physdev_map_pirq(). Hmm, yes, fair point. > I agree with (a), but I don't think enabling PVH dom0 usage of the > hypercalls should be gated on this. As said a PV dom0 is already > capable of issuing PHYSDEVOP_{,un}map_pirq operations against a PVH > domU. Okay, I can accept that as an intermediate position. We ought to deny such requests at some point though for PVH domains, the latest in the course of making vPCI work there. Jan

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.