[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [XEN][PATCH] xen/domctl: add XEN_DOMCTL_CDF_ALL mask

  • To: Grygorii Strashko <grygorii_strashko@xxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
  • Date: Mon, 22 Dec 2025 15:45:59 +0000
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=zrXCpehgFdGcefb/Fwzjhb8ry+80hg3Zje1HgxPMH1I=; b=peJKGtea8kT90Y0MlEmmg6RTFPoxcY1TGimAENQADWAJNiihBMHaSrYJv5vznwl3r4W3V+3aYcSuidl7oKVyjlRX6GCqwd4tYiDDKGIjOfQMRr/nNdBodDLWSe5PPWiH65bUXwfoDuv05ef9v2XqLgTExU/myx1jC/nJaoKYwU6SiSL8haF90egFeDZXLfyFGEcwUIAknMlT0JxSNFRj14EdQerh5TMo9yYIEjCUQaL3ujTl0SKDeIayKHEBL80HU3Y0acqLFggwRfu/9Nq8/gLkFjWg4lDMjyCZcthqceFvPLToF0KKK1vuZ8nJMBFoFsTzi9iM6P8QFiMqu9rN6A==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=o4O6ipPvBMqg8wjex1FoTcqmGm5oVQl7ikI5IP4uli+erw7Bv71dS66bJ/DAuFu8pZVtCtKW12upL3cu5OREH4/llqzHuK1l0EoYOwKWJtEOlrXHlq5yiWtlVi+9u4Lv4UcFoEjGRHwKbSrgHa/YKiZ6rgDAlO/WtQ8F4GlHXixzscLKKEan2799jk727YpTLVwyu4ReSqJFAqF9ZNH2Oycctoo/Kmwc79nJvIdbNTJRUhT0enoWn9MkJCQjHwQ3Xhk7RhGH2zhc1JyOLvT2p38WO8t6jc0aI/P6kFZ8MhPE6Qg6VKAYrbXf3LAel+TtBoOwNin+UVQeDDdzFnOBCA==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
  • Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Julien Grall <julien@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>
  • Delivery-date: Mon, 22 Dec 2025 15:46:28 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 11/11/2025 8:16 pm, Grygorii Strashko wrote:
> From: Grygorii Strashko <grygorii_strashko@xxxxxxxx>
>
> Every XEN_DOMCTL_CDF_x flag:
> - is defined in public/domctl.h
> - explicitly listed in sanitise_domain_config() (common/domain.c) to form
> mask containing all supported DOMCTL_CDF flags for "Unknown CDF flags"
> check.
>
> So, it is required to modify two files every time XEN_DOMCTL_CDF_x flags
> set is modified.
>
> Simplify the things by introducing XEN_DOMCTL_CDF_ALL mask, so
> sanitise_domain_config() no need to be modified any more.
>
> Signed-off-by: Grygorii Strashko <grygorii_strashko@xxxxxxxx>
> ---
>  xen/common/domain.c         | 7 +------
>  xen/include/public/domctl.h | 7 +++++++
>  2 files changed, 8 insertions(+), 6 deletions(-)
>
> diff --git a/xen/common/domain.c b/xen/common/domain.c
> index 775c33928585..4f91316ad93e 100644
> --- a/xen/common/domain.c
> +++ b/xen/common/domain.c
> @@ -730,12 +730,7 @@ static int sanitise_domain_config(struct 
> xen_domctl_createdomain *config)
>      bool iommu = config->flags & XEN_DOMCTL_CDF_iommu;
>      bool vpmu = config->flags & XEN_DOMCTL_CDF_vpmu;
>  
> -    if ( config->flags &
> -         ~(XEN_DOMCTL_CDF_hvm | XEN_DOMCTL_CDF_hap |
> -           XEN_DOMCTL_CDF_s3_integrity | XEN_DOMCTL_CDF_oos_off |
> -           XEN_DOMCTL_CDF_xs_domain | XEN_DOMCTL_CDF_iommu |
> -           XEN_DOMCTL_CDF_nested_virt | XEN_DOMCTL_CDF_vpmu |
> -           XEN_DOMCTL_CDF_trap_unmapped_accesses) )
> +    if ( config->flags & ~XEN_DOMCTL_CDF_ALL )
>      {
>          dprintk(XENLOG_INFO, "Unknown CDF flags %#x\n", config->flags);
>          return -EINVAL;
> diff --git a/xen/include/public/domctl.h b/xen/include/public/domctl.h
> index 8f6708c0a7cd..94a8e3042cbf 100644
> --- a/xen/include/public/domctl.h
> +++ b/xen/include/public/domctl.h
> @@ -72,6 +72,13 @@ struct xen_domctl_createdomain {
>  /* Max XEN_DOMCTL_CDF_* constant.  Used for ABI checking. */
>  #define XEN_DOMCTL_CDF_MAX XEN_DOMCTL_CDF_trap_unmapped_accesses
>  
> +#define XEN_DOMCTL_CDF_ALL                                                   
>   \
> +        (XEN_DOMCTL_CDF_hvm | XEN_DOMCTL_CDF_hap |                           
>   \
> +         XEN_DOMCTL_CDF_s3_integrity | XEN_DOMCTL_CDF_oos_off |              
>   \
> +         XEN_DOMCTL_CDF_xs_domain | XEN_DOMCTL_CDF_iommu |                   
>   \
> +         XEN_DOMCTL_CDF_nested_virt | XEN_DOMCTL_CDF_vpmu |                  
>   \
> +         XEN_DOMCTL_CDF_trap_unmapped_accesses)
> +
>      uint32_t flags;

The problem with this is that now userspace has a constant called
XEN_DOMCTL_CDF_ALL in scope which is unsafe to use.

If the new constant was within #ifdef __XEN__ then at least it couldn't
be misused by userspace.

~Andrew

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.