[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v3 2/3] arm/mpu: Introduce `v8r_el1_msa` device tree property for domains
- To: Luca Fancellu <luca.fancellu@xxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
- From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
- Date: Wed, 8 Apr 2026 16:40:59 +0100
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Tr/Y0Gz3chxWgm4AMzCiZ9/xFQowDOJyVT6SkDajFLo=; b=BoLTdmcpWp1hFfCOzNZUDQN1XS7jU2cbGYf+p7BZjr/3vWIyL4wjCrvwFjpha71tH/AJf1mU97j13/camsZ1aP88xICT8bfoXO8S4Ov4EmqH4tSXhQiS1EVIIOyS67+t8KKuQ4/L2lvpBAD+Q24nE5PI/s0DfZJU3WN1eq6iTtDfidOepbX6+QELcKFiHJ6jpX78+heFrCjPFN+0ygs9Z6rTiG2KEwqtgS2KrNddqUEiBnNJohpwyJDM+svOseqs4CfVyznH44byCJi6VvmYpZsn62Z0e35svQWRD78Z2mdJEiFHXf7IdY0tp+itig2FVOmm5yhU3KCrgsfz8inORA==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=DohrcPqqATpazM++c4pI1eO/W9X53qRry2FXpOVkibc6tc9XwHVeZxAER5GnOqa+ciIcDDKyOFXF2oz9IYfdJ4yIf9et2MEjHajQFeOWu6rrj5zjFoNkX7Ud1AHFIDaYA2C770/5QK8obNorVRa+SOWofmve7qXsM1bNFAjXOkqY6q+sKmh8zoRCTcdh6pvcDuoOqGQ4gRz1lvRg5RowKLrDyFxKCvSUk/BMFbEDXH8e8hGametjO+y609qZ6IRFJ1bLjMBnbWpUe6t2+g/nESRgSCWfgvxkjn29bodAgJ7lzLZTJafHecs1LA7j8nUkHR+u69RZ/6GAZRpo6P5X+g==
- Authentication-results: eu.smtp.expurgate.cloud; dkim=pass header.s=selector1 header.d=citrix.com header.i="@citrix.com" header.h="From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck"
- Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
- Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Harry Ramsey <harry.ramsey@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Bertrand Marquis <bertrand.marquis@xxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>
- Delivery-date: Wed, 08 Apr 2026 15:41:17 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 08/04/2026 2:55 pm, Luca Fancellu wrote:
> diff --git a/xen/include/public/arch-arm.h b/xen/include/public/arch-arm.h
> index cd563cf70684..23df2f24cb09 100644
> --- a/xen/include/public/arch-arm.h
> +++ b/xen/include/public/arch-arm.h
> @@ -355,6 +355,8 @@ struct xen_arch_domainconfig {
> uint32_t clock_frequency;
> /* IN */
> uint8_t arm_sci_type;
> + /* IN */
> + uint8_t v8r_el1_msa;
> };
> #endif /* __XEN__ || __XEN_TOOLS__ */
>
This isn't ok as the singular change to the public headers. (Also, I
haven't had time to fix the other API abuses that have crept into ARM's
arch domain config)
You're introducing a new hypercall input parameter (which is fine), but
has no defines (ones private to xen/arch/arm/include/asm/domain.h are
not permitted for use in the public API), and for which there is no
input validation. Userspace can currently pass any arbitrary byte here
which will be copied into d->arch.v8r_el1_msa, not that there's any
consumer of this field I can see in the series.
Frankly, I think this series is chopped up too much. You really must
not be introducing new hypercall parameters like this without the whole
series which lets you `xl create` such a VM.
~Andrew
|
