[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[xen master] xen/arm: Create dom0less domUs earlier



commit 371347c5b64da699d9f5a0edda5dc496fd2b7a5c
Author:     Julien Grall <jgrall@xxxxxxxxxx>
AuthorDate: Mon May 17 17:47:13 2021 +0100
Commit:     Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
CommitDate: Tue Jun 8 17:43:06 2021 +0100

    xen/arm: Create dom0less domUs earlier
    
    In a follow-up patch we will need to unallocate the boot modules
    before heap_init_late() is called.
    
    The modules will contain the domUs kernel and initramfs. Therefore Xen
    will need to create extra domUs (used by dom0less) before heap_init_late().
    
    This has two consequences on dom0less:
        1) Domains will not be unpaused as soon as they are created but
        once all have been created. However, Xen doesn't guarantee an order
        to unpause, so this is not something one could rely on.
    
        2) The memory allocated for a domU will not be scrubbed anymore when an
        admin select bootscrub=on. This is not something we advertised, but if
        this is a concern we can introduce either force scrub for all domUs or
        a per-domain flag in the DT. The behavior for bootscrub=off and
        bootscrub=idle (default) has not changed.
    
    This is part of XSA-372 / CVE-2021-28693.
    
    Signed-off-by: Julien Grall <jgrall@xxxxxxxxxx>
    Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>
    Reviewed-by: Stefano Stabellini <sstabellini@xxxxxxxxxx>
    Tested-by: Stefano Stabellini <sstabellini@xxxxxxxxxx>
---
 xen/arch/arm/domain_build.c |  6 +-----
 xen/arch/arm/setup.c        | 14 +++++++-------
 xen/include/asm-arm/setup.h |  2 +-
 3 files changed, 9 insertions(+), 13 deletions(-)

diff --git a/xen/arch/arm/domain_build.c b/xen/arch/arm/domain_build.c
index 282416e74d..6c86d52781 100644
--- a/xen/arch/arm/domain_build.c
+++ b/xen/arch/arm/domain_build.c
@@ -2521,8 +2521,6 @@ void __init create_domUs(void)
 
         if ( construct_domU(d, node) != 0 )
             panic("Could not set up domain %s\n", dt_node_name(node));
-
-        domain_unpause_by_systemcontroller(d);
     }
 }
 
@@ -2584,7 +2582,7 @@ static int __init construct_dom0(struct domain *d)
     return construct_domain(d, &kinfo);
 }
 
-struct domain* __init create_dom0(void)
+void __init create_dom0(void)
 {
     struct domain *dom0;
     struct xen_domctl_createdomain dom0_cfg = {
@@ -2615,8 +2613,6 @@ struct domain* __init create_dom0(void)
 
     if ( construct_dom0(dom0) != 0)
         panic("Could not set up DOM0 guest OS\n");
-
-    return dom0;
 }
 
 /*
diff --git a/xen/arch/arm/setup.c b/xen/arch/arm/setup.c
index 00aad1c194..e17532c132 100644
--- a/xen/arch/arm/setup.c
+++ b/xen/arch/arm/setup.c
@@ -836,7 +836,7 @@ void __init start_xen(unsigned long boot_phys_offset,
     int cpus, i;
     const char *cmdline;
     struct bootmodule *xen_bootmodule;
-    struct domain *dom0 = NULL;
+    struct domain *d;
     int rc;
 
     dcache_line_bytes = read_dcache_line_bytes();
@@ -992,10 +992,13 @@ void __init start_xen(unsigned long boot_phys_offset,
 
     /* Create initial domain 0. */
     if ( !is_dom0less_mode() )
-        dom0 = create_dom0();
+        create_dom0();
     else
         printk(XENLOG_INFO "Xen dom0less mode detected\n");
 
+    if ( acpi_disabled )
+        create_domUs();
+
     heap_init_late();
 
     init_trace_bufs();
@@ -1009,11 +1012,8 @@ void __init start_xen(unsigned long boot_phys_offset,
 
     system_state = SYS_STATE_active;
 
-    if ( acpi_disabled )
-        create_domUs();
-
-    if ( dom0 )
-        domain_unpause_by_systemcontroller(dom0);
+    for_each_domain( d )
+        domain_unpause_by_systemcontroller(d);
 
     /* Switch on to the dynamically allocated stack for the idle vcpu
      * since the static one we're running on is about to be freed. */
diff --git a/xen/include/asm-arm/setup.h b/xen/include/asm-arm/setup.h
index 5283244015..c4b6af6029 100644
--- a/xen/include/asm-arm/setup.h
+++ b/xen/include/asm-arm/setup.h
@@ -94,7 +94,7 @@ void acpi_create_efi_mmap_table(struct domain *d,
 int acpi_make_efi_nodes(void *fdt, struct membank tbl_add[]);
 
 void create_domUs(void);
-struct domain* create_dom0(void);
+void create_dom0(void);
 
 void discard_initial_modules(void);
 void fw_unreserved_regions(paddr_t s, paddr_t e,
--
generated by git-patchbot for /home/xen/git/xen.git#master



 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.