[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] xen/arm: Prevent Dom0 to be loaded when using dom0less


  • To: Julien Grall <julien@xxxxxxx>
  • From: Luca Fancellu <luca.fancellu@xxxxxxx>
  • Date: Thu, 18 Mar 2021 11:57:26 +0000
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=59GxXDnR8AYB0nQcvHH9zOhiO9jslDGqXyWUrvSuISU=; b=L6gqrGsFy6npIx2WJbITo/m+/x5zlhmJ7DXZ+88f45KxiAH1rtFxNg5VU5VjnsMfl6Ba2gCys+8KVx7mQC07If2Dd/hPeHy6aqanWc+cEx0Dg4MNVZWuVjCTtzwFbn/lxcYykJHLy4WfkzdoFo55M4htQMDR2HB3kyozygbcFG9rVVqwsrZd7PUMDD5/VL8mQ5TuXJ5xebOhW6A5J847Q+CBN7O11LopuNg/kSGZWSbdTU4cKIKGXmfWlolJ3qG2Ky16MdIxBkl7VEA2ZoCFjOisyt5DQv4arfmJpia3pgI+EDoWMgTJq5GhinMnqRVUYD8Em9BOaN88VXaHVpU4IA==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=H6rHw/5l4Qa3f2FJ2X36MsGGiiT5yax2Fgvzeol0InWG6/GfzfYU2oOT/jC+I9wKA/hfJAZeWwvJx3g1PWU26Src5YtKItsbe4b9sQrvC/1z/HVfpkmGC5FvWYrfRhLNko66zW+3V+wAK+8O6NTtahTLn8Iy2t5bBlaNIiwiMfaZ8O2EBdkaMFaDnvsTcCnjKzVFNyXOBphvwraX1ivYVhKQ4NPDPDYCGTXYyalwv1te2g1WyaZKk6h9X8zESeSlo1uNNklAqIy7C0E+UJDFWR916Q96a3nf3t/oNfYc2Qn6Rl7VVkcx6PqvRHr0oMzTtWfy8DaNCnx1/rYGwrYLzQ==
  • Authentication-results-original: xen.org; dkim=none (message not signed) header.d=none;xen.org; dmarc=none action=none header.from=arm.com;
  • Cc: Stefano Stabellini <sstabellini@xxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>, Bertrand Marquis <bertrand.marquis@xxxxxxx>, wei.chen@xxxxxxx
  • Delivery-date: Thu, 18 Mar 2021 11:58:07 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Nodisclaimer: true
  • Original-authentication-results: xen.org; dkim=none (message not signed) header.d=none;xen.org; dmarc=none action=none header.from=arm.com;

Hi Julien,

I will create a new serie with all the improvements we have discussed.

Thank you for your time.

Cheers,

Luca

> On 18 Mar 2021, at 11:13, Julien Grall <julien@xxxxxxx> wrote:
> 
> 
> 
> On 17/03/2021 17:04, Luca Fancellu wrote:
>> Hi,
> 
> Hi Luca,
> 
>> I’ve checked the common code and the arm part, I can confirm that the domid 
>> 0 is never allocated even if the domain 0 is not present, here the only 
>> places where domain_create(…) is called using a variable value:
> 
> Thanks for checking it!
> 
> 
>> 1) xen/arch/arm/domain_build.c
>> d = domain_create(++max_init_domid, &d_cfg, false);
>> Where max_init_domid has value 0 and it is defined in setup.c
> 
> We might want to add a comment on top of this code to explain why the '++a' 
> rather than 'a++'.
> 
>> 2) xen/common/domctl.c
>> d = domain_create(dom, &op->u.createdomain, false);
>> For me seems that the dom variable won’t take the 0 value, if someone could 
>> give another feedback it would be great.
>> On every other part where domain_create(…) is used, it is called with a 
>> constant value different from 0.
> 
> I agree with the analysis. However, I feel this is fragile because we rely on 
> the caller to never pass 0. But it looks like domain_create() doesn't check 
> if the ID is already used. So it would already be possible to overwrite 
> hardware_domain.
> 
> Therefore, this can probably be deffered.
> 
>> For the hardware_domain being NULL and not handled in some situation, it 
>> seems that it’s not directly related to this patch, but I can handle it on a 
>> next serie, from a quick look it seems that many cases can be handled by 
>> checking if the domain is NULL in is_hardware_domain(…).
> 
> Before this series, it is not possible to have hardware_domain == NULL at 
> runtime because dom0 is always created.
> 
> Cheers,
> 
> -- 
> Julien Grall




 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.