Xen project Mailing List

Re: [XEN PATCH v12 4/7] x86/domctl: Add hypercall to set the access of x86 gsi

To: "Daniel P . Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>

From: "Chen, Jiqian" <Jiqian.Chen@xxxxxxx>

Date: Fri, 26 Jul 2024 06:55:38 +0000

Accept-language: en-US

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=R3okgs+vnu5UpMrw79mfnD0nXqMC6u1i1DU6eXaeei8=; b=vPshsjBhRWenLe00zOvN46tOxV7Alq/fSneirTN26okkaI/xFirJJXPpOG8HD54q934fyX5Py8lwK0f4mxhv/xI9Lu3GoWlmqMKzBHq/sJa/Bh21MWYhkBkGoxQduumzlkuuMd6FMPMXF0NQuefvdj101TO/Z+yxcAMZWVv8fFtaJU1C/mwDvhMuuDn5qi1SczVJQiUSBVALb74HduI2Dv5FJEpGvIFRLRt44NjznBOsYsSi99Mvr6hD4SE/3b7hIsa3ItO1X97RDFb0xnB7A+BXpLlJpNQWMErEzqONfR+J62Z0Kuii+VnGsscWEo8jNjVlaAMmQIYQUbkfhKi7xA==

Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=Mx0IeizKAABzbTN1paQ08nRuYhbcj1KAUiR5hD8Nkd9NB2XzesWWSSYO9+arJ69XYOhYyKDouK4HoI4DLjkTDaH/8LbmoF+Zv9RrcITIErvtMx8P2j7UpOl8yvxV6tOYWgvAp1gLiqeoEKODgkDM9vM1Wlk+M/DACU3LKdi2G1akSpGa2/T8XDZEQ9vhRTg1MlGQIvlD3nsp4536ZqO5dy2A/7wVVmcLUl5+4JFCSUsfSLWqpoDiunhzlV2jVtk9igfmLBuD7qAtC2CMTxZ7iiTwLxUKpQKPCl9+pGVjSS4CE3kPCd79Kb1Tf59VpY4Ebr7Q9iYaU6x0x7K+OQtOgQ==

Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=amd.com;

Cc: Jan Beulich <jbeulich@xxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Julien Grall <julien@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Anthony PERARD <anthony@xxxxxxxxxxxxxx>, Juergen Gross <jgross@xxxxxxxx>, "Hildebrand, Stewart" <Stewart.Hildebrand@xxxxxxx>, "Huang, Ray" <Ray.Huang@xxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, "Chen, Jiqian" <Jiqian.Chen@xxxxxxx>

Delivery-date: Fri, 26 Jul 2024 06:55:45 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Thread-index: AQHa0SvYL4tONjoIyEuzfSK6fk2TK7HuX7kAgBrVMQA=

Thread-topic: [XEN PATCH v12 4/7] x86/domctl: Add hypercall to set the access of x86 gsi

Hi Daniel, On 2024/7/9 21:08, Jan Beulich wrote: > On 08.07.2024 13:41, Jiqian Chen wrote: >> Some type of domains don't have PIRQs, like PVH, it doesn't do >> PHYSDEVOP_map_pirq for each gsi. When passthrough a device >> to guest base on PVH dom0, callstack >> pci_add_dm_done->XEN_DOMCTL_irq_permission will fail at function >> domain_pirq_to_irq, because PVH has no mapping of gsi, pirq and >> irq on Xen side. >> What's more, current hypercall XEN_DOMCTL_irq_permission requires >> passing in pirq to set the access of irq, it is not suitable for >> dom0 that doesn't have PIRQs. >> >> So, add a new hypercall XEN_DOMCTL_gsi_permission to grant/deny >> the permission of irq(translate from x86 gsi) to dumU when dom0 >> has no PIRQs. >> >> Signed-off-by: Jiqian Chen <Jiqian.Chen@xxxxxxx> >> Signed-off-by: Huang Rui <ray.huang@xxxxxxx> >> Signed-off-by: Jiqian Chen <Jiqian.Chen@xxxxxxx> >> --- >> CC: Daniel P . Smith <dpsmith@xxxxxxxxxxxxxxxxxxxx> >> Remaining comment @Daniel P . Smith: >> + ret = -EPERM; >> + if ( !irq_access_permitted(currd, irq) || >> + xsm_irq_permission(XSM_HOOK, d, irq, access_flag) ) >> + goto gsi_permission_out; >> Is it okay to issue the XSM check using the translated value, >> not the one that was originally passed into the hypercall? Need your input. > > As long as the answer to this is going to be "Yes": > Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx> > > Daniel, awaiting your input. > > Jan -- Best regards, Jiqian Chen.

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.