Xen project Mailing List

Re: [XEN][PATCH 0/5] x86: pvh: allow to disable 32-bit (COMPAT) interface support

To: "Grygorii Strashko" <grygorii_strashko@xxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx

From: "Teddy Astie" <teddy.astie@xxxxxxxxxx>

Date: Wed, 12 Nov 2025 10:58:35 +0000

Cc: "Jan Beulich" <jbeulich@xxxxxxxx>, "Andrew Cooper" <andrew.cooper3@xxxxxxxxxx>, "Roger Pau Monné" <roger.pau@xxxxxxxxxx>, "Anthony PERARD" <anthony.perard@xxxxxxxxxx>, "Michal Orzel" <michal.orzel@xxxxxxx>, "Julien Grall" <julien@xxxxxxx>, "Stefano Stabellini" <sstabellini@xxxxxxxxxx>, "Alejandro Vallejo" <alejandro.garciavallejo@xxxxxxx>, "Jason Andryuk" <jason.andryuk@xxxxxxx>

Delivery-date: Wed, 12 Nov 2025 10:58:38 +0000

Feedback-id: 30504962:30504962.20251112:md

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Le 11/11/2025 à 18:55, Grygorii Strashko a écrit : > From: Grygorii Strashko <grygorii_strashko@xxxxxxxx> > > Hi > > This series introduces possibility to disable 32-bit (COMPAT) interface > support > in the following cases: > - Only PVH domains are used I assume this one is mostly due to hvmloader being today running in protected mode 32-bits rather than a limitation "HVM" itself. I don't think of anything else preventing HVM (with 64-bits guests or 32-bits ones without Xen support) from working with COMPAT disabled. > - Guests (OS) are started by using direct Direct Kernel Boot > - Guests (OS) are 64-bit and Guest early boot code, which is running > not > in 64-bit mode, does not access Xen interfaces > (hypercalls, shared_info, ..) > > If above criterias are met the COMPAT HVM interface become unreachable and > can be disabled. > Coverage reports analyze and adding guard (debug) exceptions in > hvm_hypercall/hvm_do_multicall_call > and hvm_latch_shinfo_size() confirm that COMPAT HVM interface is unused for > safety use-case. > > Grygorii Strashko (5): > x86: hvm: dm: factor out compat code under ifdefs > x86: hvm: compat: introduce vcpu_is_hcall_compat() helper > x86: hvm: factor out compat code under ifdefs > x86: pvh: allow to disable 32-bit interface support > x86: constify has_32bit_shinfo() if !CONFIG_COMPAT > > xen/arch/x86/hvm/Kconfig | 19 +++++++++++++++- > xen/arch/x86/hvm/dm.c | 2 ++ > xen/arch/x86/hvm/hvm.c | 22 +++++++++++++----- > xen/arch/x86/hvm/hypercall.c | 37 +++++++++++++++++++++++-------- > xen/arch/x86/hypercall.c | 6 +---- > xen/arch/x86/include/asm/domain.h | 3 ++- > xen/common/kernel.c | 2 +- > xen/include/xen/sched.h | 9 ++++++++ > 8 files changed, 78 insertions(+), 22 deletions(-) > Teddy -- Teddy Astie | Vates XCP-ng Developer XCP-ng & Xen Orchestra - Vates solutions web: https://vates.tech

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.