Xen project Mailing List

[PATCH 3/3] hvm/pirq: allow control domains usage of PHYSDEVOP_{un,}map_pirq

From: Roger Pau Monne <roger.pau@xxxxxxxxxx>

Date: Thu, 3 Mar 2022 11:30:57 +0100

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=vrDS53nrLLQmuLsxvZpPkLlor7GHN4Niyf5R3N6D0us=; b=ZAOSsL3/k3l1ERY4U5oB/bXhQEHzdIpxYZSdk7ULwgH7LGnQh5uOGM9nt+XcLXHHIuGK6MJUvbbQTCoOZ8Jpho96qpWMsMvxahA3c9YQkp8tUATIXvXtY3epBguvWi7h9kbCOsgkW5+wJbQNEBELV74VsEIf47gW2NjLUa8dKBaO0k95SwocCeVz6LZ3Rvi3T4WqTVkY9ItMuf1Of/DDMY5GizGHLujsm6G3nAuGRi/AdEOO/ydrwzI4Py/GqjZ7VQElA+NNC0jNH67C6WNOGBEWsC+kBHFas+UjrkwVOlNnNnrgj8LYg2XgrilT3ShZ9Rc+5iJT3EJDy+z8vNw4yg==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ZvwK6wCgl47O4ZB2XLNxdx9JFPlHy1IFkjp9jwBm0+U3+DWfhhr6VB39Q47S3klwd3mPn0E6FB20oz53JuUsSH0eD2yWqU4dS/JhsnxZ+pT5SlP+CgcCcwUJSOnAPc7kT6SuUrtyaPt1sJKKYK1MrhB14r6d4NxXUvQQaXqF+sHw79vL3y87hsKsPMQYuLHUhbiQi1OIVdmO7VZz9hmYFH3a3GPOGJ8oG4FjtaYl9I7DzOUXT6QTX70ORO5vgSYEUcKQQobBT/hPxE8lId92rsm4ybmgU8ZvHeojuPsH2jHqAAaznONp3HsG9zRVR3GwZrBpuCrqA0O1lY8lLiucBg==

Authentication-results: esa1.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com

Cc: Roger Pau Monne <roger.pau@xxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Alex Olson <this.is.a0lson@xxxxxxxxx>, Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>

Delivery-date: Thu, 03 Mar 2022 10:31:33 +0000

Ironport-data: A9a23:NE4+zq8zV1J7QPWF+NyrDrUDqH6TJUtcMsCJ2f8bNWPcYEJGY0x3z WpJXT3TbK3YNzamc950bYzl8EkCuZCHndQxGlBrpHg8E34SpcT7XtnIdU2Y0wF+jyHgoOCLy +1EN7Es+ehtFie0Si+Fa+Sn9T8mvU2xbuKU5NTsY0idfic5DnZ54f5fs7Rh2NQw2oDiW1rlV e7a+KUzBnf0g1aYDUpMg06zgEsHUCPa4W5wUvQWPJinjXeG/5UnJMt3yZKZdhMUdrJ8DO+iL 9sv+Znilo/vE7XBPfv++lrzWhVirrc/pmFigFIOM0SpqkAqSiDfTs/XnRfTAKtao2zhojx/9 DlCnZCiTBwnFfz1o/Q6cSUBHgthfp9q5rCSdBBTseTLp6HHW37lwvEoB0AqJ4wIvO1wBAmi9 9RBdmpLNErawbvrnvTrEYGAhex6RCXvFJkYtXx6iynQEN4tQIzZQrWM7thdtNs1rp4TQqaFP pZFAdZpRDrKWDESAWsqMqgdkOiugXr6XTQBj13A8MLb5ECMlVcsgdABKuH9ZdiiVchT2EGCq Qru42T4GVcbL5qWkT6e9XSEierGnCe9U4UXfJWo+/gvjFCNy2g7DBwNSUD9sfS/klS5Wd9UN woT4CVGhao4+VGvT9L9dwalu3PCtRkZM+e8CMVjtlvLkPCNpV/EWC5UFVatdeDKquc6Vzkx2 HTYpuj5Ih5T6bC/VjGv2qmb+Gba1TcuEUcOYioNTA0g6tbloZ0ugh+ncuuPAJJZnfWuR2iun mniQDwWwuxK0JVVj/nTEUXv3mr0zqUlWDLZ8ek+soiNygpiLLCoaIWzgbQwxaYRdd3JJrVtU ZVtpiR/0AzsJczV/MBuaL9UdF1M2xpjGGeG6bKIN8N8nwlBA1b5IehtDMhWfS+FyPosdz7ze 1P0sghM/pJVN3bCRfYpP9zrV5p2nPO/SI2NuhXogjxmOMIZmOivpnwGWKJt9zq1zBhEfV8XY /93jvpA/V5FUP86nVJats8W0KMxxzBW+I8gbcuT8vhT6pLHPCT9Ye5caDOmN7llhIvZ8FS92 4sObKOilkQAONASlwGKqOb/23hRdiNlbX03wuQKHtO+zv1OQzlwW6eMmup6I+SIXc19z4/1w 510YWcBoHLXjnzbMwSaLHdlbbLkR5FkqnwneycrOD6VN7ILO+5DMI93m0MLQIQa

Ironport-hdrordr: A9a23:Z1FbtK8iIdkrfKz020luk+E6db1zdoMgy1knxilNoENuHfBwxv rDoB1E73LJYVYqOU3Jmbi7Sc29qBTnhOJICOgqTMqftWzd1ldAQ7sSi7cKrweQeREWs9Qtrp uIEJIOeeEYb2IK9PoSiTPQe71LoKjlzEnrv5al854Ed3AVV0gK1XYfNu/0KDwSeOEQbqBJa6 Z0q/A37waISDAyVICWF3MFV+/Mq5nik4/nWwcPA1oC5BOVhT2lxbbmG1zAty1uGQ9n8PMHyy zoggb57qKsv7WSzQLd7Xba69BzlMH6wtVOKcSQgow+KynqiCyveIN9Mofy9wwdkaWK0hIHgd PMqxAvM4Ba7G7QRHi8pV/X1wzpwF8Vmgjf4G7dpUGmjd3yRTo8BcYEr5leaAHl500pu8w5+L 5X3kqC3qAnQi/orWDY3ZzlRhtqnk27rT4JiugIlUFSVoMYdft4sZEfxkVIC50NdRiKpLzPKN MeTf002cwmMW9zNxvizypSKZ2XLzkO9y69MwY/Upf/6UkVoJh7p3FosPD30E1wsa7VcKM0lN gsAp4Y5I2mcfVmH56VfN1xOfdfKla9Ny4kY1jiaGgOKsk8SgfwQtjMkfEI2N0=

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Control domains (including domains having control over a single other guest) need access to PHYSDEVOP_{un,}map_pirq in order to setup bindings of interrupts from devices assigned to the controlled guest. As such relax the check for HVM based guests and allow the usage of the hypercalls for any control domains. Note that further safety checks will be performed in order to assert that the current domain has the right permissions against the target of the hypercall. Reported-by: Alex Olson <this.is.a0lson@xxxxxxxxx> Reported-by: Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx> Signed-off-by: Roger Pau Monné <roger.pau@xxxxxxxxxx> --- xen/arch/x86/hvm/hypercall.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/xen/arch/x86/hvm/hypercall.c b/xen/arch/x86/hvm/hypercall.c index 030243810e..9128e4d025 100644 --- a/xen/arch/x86/hvm/hypercall.c +++ b/xen/arch/x86/hvm/hypercall.c @@ -87,6 +87,13 @@ static long hvm_physdev_op(int cmd, XEN_GUEST_HANDLE_PARAM(void) arg) { case PHYSDEVOP_map_pirq: case PHYSDEVOP_unmap_pirq: + /* + * Control domain (and domains controlling others) need to use + * PHYSDEVOP_{un,}map_pirq in order to setup interrupts for passthrough + * devices on behalf of other guests. + */ + if ( is_control_domain(currd) || currd->target ) + break; case PHYSDEVOP_eoi: case PHYSDEVOP_irq_status_query: case PHYSDEVOP_get_free_pirq: -- 2.34.1

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.