Xen project Mailing List

Re: [PATCH] x86: Don't allow HVM alongside PV_SHIM_EXCLUSIVE

To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, <xen-devel@xxxxxxxxxxxxxxxxxxxx>

From: Alejandro Vallejo <alejandro.garciavallejo@xxxxxxx>

Date: Fri, 18 Jul 2025 18:12:54 +0200

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=citrix.com smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0)

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=zrvjKRv4T0g0fU/sGoHvJfgh2za7p88k7obZYahpJt0=; b=XIZ1yySJoAUQtqx4+6VBEs9K9MlZUUg7C3YtjM0vO2ZJztQHUeYhXA5r9gnd1ybI/hc68FVkYGpFS+Swfwx15hmVeq47H87OxIBwWvFXmdwOKg6J7cU2vlWZUHRRwovibZOaop6vKqAAvuXyLywGzgQ+XFPZQezZkbsgpT8o2S4nCgbifS0sqdJTwMzgUA24CVvMlVt51x/wllPcCCjdQGx+zT4BKcD7TUC/MIURT26LIHHxqU32mIYX7d1zAZw282stiRYDqnatU9ngEidC/HHL/nYBei7WKDonanrlQL27zNFX6va6Swe+s/Ai6QQmB0bvCCn9jX0yiZ/x2g3l/w==

Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=noEokQ9JVaX2Kb/cYlB9Nh1cHgT8LK6GatPUcBogiCM+Bxh8JquK7NHwF7egVW3f4FA/Gh1AUkTiXnd52kXakOWGWeyRgckqkT9uVTXj9GWF38a+liQe5ijoIfBPVEFD7GWafCi4VDMM4KPyKtuZ3AzI8UapCPMtSA8Js4OHAC1WMCJTPvRzryJ7MWBS2GQxfGkffAV3YDABqPPiseIxQaHQ88KM+DLYO0f5Uwbwa6RtfdV7pevxw6U9mMCqNYwS8hu9Tn5l/xfGqtXEUQ+c21rrGxPnEf/bH34VjUl1+oE2H7RJ+GOAPjDd3l2cYn5C8hPd4gBNkuxvL6nIHDDD8Q==

Cc: Jan Beulich <jbeulich@xxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>

Delivery-date: Fri, 18 Jul 2025 16:13:20 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Fri Jul 18, 2025 at 5:41 PM CEST, Andrew Cooper wrote: > On 18/07/2025 4:12 pm, Alejandro Vallejo wrote: >> Otherwise compile-time errors ensue. It's a nonsensical configuration, >> but it's supriously triggered in randconfig jobs. >> >> Fixes: 8b5b49ceb3d9("x86: don't include domctl and alike in shim-excl...") >> Signed-off-by: Alejandro Vallejo <alejandro.garciavallejo@xxxxxxx> >> --- >> xen/arch/x86/hvm/Kconfig | 1 + >> 1 file changed, 1 insertion(+) >> >> diff --git a/xen/arch/x86/hvm/Kconfig b/xen/arch/x86/hvm/Kconfig >> index b903764bda..f57a87bca3 100644 >> --- a/xen/arch/x86/hvm/Kconfig >> +++ b/xen/arch/x86/hvm/Kconfig >> @@ -1,6 +1,7 @@ >> menuconfig HVM >> bool "HVM support" >> default !PV_SHIM >> + depends on !PV_SHIM_EXCLUSIVE >> select COMPAT >> select IOREQ_SERVER >> select MEM_ACCESS_ALWAYS_ON > > I deeply regret not nacking this originally and blocking the patch you > listed as fixed. > > This depends was explicitly reverted in 568f806cba4c because it breaks a > lot of things, notably `make allyesconfig`. > > We're going to need to find a different way to fix RANDCONFIG. > > ~Andrew It can be done the other way around. PV_SHIM_EXCLUSIVE depending on !CONFIG_HVM, but that won't help with allyesconfig. PV_SHIM_EXCLUSIVE could be replaced by a PVSHIM_BOOT Kconfig. Combined with DOM0LESS_BOOT and DOM0_BOOT this gives the full freedom of booting in shim mode, in dom0 mode, or in dom0less/hlaunch mode; and is compatible with allyesconfig. PV_SHIM_EXCLUSIVE would be unsetting DOM0_BOOT and DOM0LESS_BOOT. Not that I want to do it right now. But it sounds like a nicer solution than the current mess. Cheers, Alejandro

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.