[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [RFC XEN PATCH v9 5/5] domctl: Add XEN_DOMCTL_gsi_permission to grant gsi


  • To: "Daniel P . Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>
  • From: "Chen, Jiqian" <Jiqian.Chen@xxxxxxx>
  • Date: Fri, 14 Jun 2024 04:01:26 +0000
  • Accept-language: en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=06MsgDEZiAwmFJ2UuVfXnsegMPTTzvj5G+vfGBEw5E0=; b=FaO7HoXxWP3Eo8T3OAfYP1Nv2fM/1dKg70YYq84q+csw2IOiMktECqWvyvi2yBm1V1lDHi6UJgvdGYKWKFxrnem1oHH1TRYAlUnI9q2PpbPY3o19fZ0WxECpnHN3j0i8I+QB3Wmg/u6R5+3nnBlDqkYoBNR6uY/WVXywoDBFxX+wM7eVSQkjnWwPlfpVBKSqFkrzYtL+It0tPrxb2hESRvqn2dJH0a+JMEFYWGSgJDrt81snOMPJPDN6xLCHHk+iwYAKPmA0VoI5OZ5HHcU79WlCeceRN51neuk5LSg89XTN5uPGNGNy3eJCRry837gXxkVWGVR40YCrywsdHDKsSg==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=asEC24kCQp7g+PznBUZQQ39JzNW1c4ERXkxCHzSjEdxorS7KtAVUAvYlryDapFJj5mbZ7HRZwebEFTIyJjsUcdnuoqYW6R2te7+42tbI7fPKWN5JuKkly+oN7ySPyin3jI9ZEY0cVxEw5odLOgxk8l0+okpeG60MAEU7nFSLYFu500x7PNmXRJjsLdxlteaFoLD6yAE5Ka1E8sQDAJ8NjRKH66sY/OodjsfTAoFiBDa0p3XLlarFK1L/waIkehI/9neKOQxyruYMn1Ce0pVlrc4bZjpBfTkNY4vOXQ1olj117ufNTJAHTBCO+RhJxSrLaXV3ulaPzwCmmt2iu5l5ew==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=amd.com;
  • Cc: Jan Beulich <jbeulich@xxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Anthony PERARD <anthony@xxxxxxxxxxxxxx>, Juergen Gross <jgross@xxxxxxxx>, "Hildebrand, Stewart" <Stewart.Hildebrand@xxxxxxx>, "Huang, Ray" <Ray.Huang@xxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, "Chen, Jiqian" <Jiqian.Chen@xxxxxxx>
  • Delivery-date: Fri, 14 Jun 2024 04:01:40 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Thread-index: AQHauLJn3FT0TCW9KkmRq1iRWqwBt7HCqQ8AgASJ3oA=
  • Thread-topic: [RFC XEN PATCH v9 5/5] domctl: Add XEN_DOMCTL_gsi_permission to grant gsi

Hi Daniel,

On 2024/6/11 22:39, Jan Beulich wrote:
> On 07.06.2024 10:11, Jiqian Chen wrote: 
>> +    case XEN_DOMCTL_gsi_permission:
>> +    {
>> +        unsigned int gsi = domctl->u.gsi_permission.gsi;
>> +        int irq = gsi_2_irq(gsi); 
>> +        bool allow = domctl->u.gsi_permission.allow_access; 
>> +        /*
>> +         * If current domain is PV or it has PIRQ flag, it has a mapping
>> +         * of gsi, pirq and irq, so it should use XEN_DOMCTL_irq_permission
>> +         * to grant irq permission.
>> +         */
>> +        if ( is_pv_domain(current->domain) || has_pirq(current->domain) ) 
>> +        {
>> +            ret = -EOPNOTSUPP;
>> +            break;
>> +        }
>> +
>> +        if ( gsi >= nr_irqs_gsi || irq < 0 )
>> +        {
>> +            ret = -EINVAL;
>> +            break;
>> +        }
>> +
>> +        if ( !irq_access_permitted(current->domain, irq) ||
>> +             xsm_irq_permission(XSM_HOOK, d, irq, allow) )
> 
> Daniel, is it okay to issue the XSM check using the translated value, not
> the one that was originally passed into the hypercall?
Is it okay?

> 
> Jan

-- 
Best regards,
Jiqian Chen.

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.