Xen project Mailing List

[RFC PATCH v6 10/43] altp2m: Add ARM support to do_altp2m_op

From: Rose Spangler <Rose.Spangler@xxxxxxxxxxxxxx>

Date: Mon, 20 Apr 2026 17:26:15 -0400

Arc-authentication-results: i=2; mx.microsoft.com 1; spf=pass (sender ip is 40.93.4.3) smtp.rcpttodomain=amd.com smtp.mailfrom=elektrobit.com; dmarc=pass (p=quarantine sp=none pct=100) action=none header.from=elektrobit.com; dkim=pass (signature was verified) header.d=elektrobit.com; arc=pass (0 oda=1 ltdi=1 spf=[1,1,smtp.mailfrom=elektrobit.com] dmarc=[1,1,header.from=elektrobit.com])

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 213.95.148.172) smtp.rcpttodomain=lists.xenproject.org smtp.mailfrom=elektrobit.com; dmarc=pass (p=quarantine sp=none pct=100) action=none header.from=elektrobit.com; dkim=none (message not signed); arc=none (0)

Arc-message-signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=920CLmPnDOg9eeLN7pE/1x+mVKc67Ab1k7o15fr+MnY=; b=PAJVAGPXvGbciP4AZZNubJAINwgT18VIyRXc9FLzS3wZ4W2C7OtdPRgEGTX+o3w9COgM3XKULTRf/1PZjD1WuUKGINP0m3dZpCSpUnSzBdYbTi4ZNJCYdpLXmPoluOFjU9h0JZXWI+KYgUzIes/2dly1QHOIbCaz2svxn9vc5LRhKgyc4tWCV7BZLHJE/odJxTTY/7QMeyewRAdcyp77uuz03MPbnwMo/IEUXJ9Nv6vnAI6bGYSzPef4o6fTv7mTvcvUf5tIyOkcf+5zxockO9czAnxj+JQUYgTdG4U9nZaprairjqcPAzrDMrZzXBVXksqamME+4/eIRQSyOVVz/w==

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=920CLmPnDOg9eeLN7pE/1x+mVKc67Ab1k7o15fr+MnY=; b=LT4wrDwLre0VqyLc8K3NRA0sjpcWmtCwgMLh+8lsCgJFWy2TDPian5b2X8/gJVHs9AWeFQbQExQRv+o6eogiL5udPdwgL2nGTwI/D1OsDJ6Hbn2HPgT1sjI0NhwBlGUu3iPCJ7GqGvnFEEgkCcjEilVI0sbmSTL9WqugmJYiBOe+5cjZZQNYFtOk+isI5HvhdCu+8pQmnvV0vRhH77Twu5yo3IFDJsXycr4vzr5uOcmmkQJ4nu1chdNQFiOiXegY1ValxkTO6XnNvGaljdsvLdp/VtbefXPlXS0PjYtxwv8qYbHbO5NZEC9XF95ezzaDTBkbYwAvs1u9T90bxc4qFQ==

Arc-seal: i=2; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=pass; b=IGcvlCg/6bmwvTYkvkrXICCkUsnzcj0Iq7bxNOhb+yC7YH3eSWqbJiN+tDg/dr2QJ7OHE/KdW5OYALdA0frM4ZxtrPJsfSEtTukXVzTjppbz5kEfJG/uR9xVt5JCpOuVzRyq117HucpeUPyg3AJReazCiTfDmQYEc2F3qGwerpJOvFP4Gl5IcihLr3TSJ/Y4/IA4UXjRjWI8X40YwHFhJV3J9KEJo6B5Yncus3k4SoOG1u5/0BmHOELuqHh7uQNvSIDgup4SxPxj1hQD+HBOu7uu2LbaziijVwlX07rXbv9h18ryKhUPnez5K58yuGHOGDZDYjKPhggf5hAN5F7RFg==

Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=l0dD9CwtMig8TKBIs51+Kbx+Y4T9jJ+1Vdgl9fhIPu7Cf6pBsxmNfMYaDMXcex4xFii/MpAHyXyWcQyZFNs/oA/Tjjf62vuHL/x6y/kiucC1DxJQI1NyZgo3vbJfT3ZfGBgX05ZvKrfvLNg++tnHq9QAh/2icBdDTUMisy0T6iAOXaUKQyCjObKo1TYY3WYcQDWa6Kl+fLAPsgVfsuxmU89+7TcWAir2TGHi127Mhjew4cDdXThbwTXJx0fcNwTNl3sqHqJpt46P/V2Bkr9IqHCQRkn0ec6/JCETuzihnCb6VrEV+K4HvY4Y/eccqc3J84mHEBjLQHPEXjib0pqFWA==

Authentication-results: eu.smtp.expurgate.cloud; dkim=pass header.s=selector1 header.d=elektrobit.com header.i="@elektrobit.com" header.h="From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck"; dkim=pass header.s=selector1 header.d=elektrobit.com header.i="@elektrobit.com" header.h="From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck"

Cc: Rose Spangler <Rose.Spangler@xxxxxxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Bertrand Marquis <bertrand.marquis@xxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, "Volodymyr Babchuk" <Volodymyr_Babchuk@xxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>, "Jan Beulich" <jbeulich@xxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Sergej Proskurin <proskurin@xxxxxxxxxxxxx>

Delivery-date: Mon, 20 Apr 2026 21:27:41 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

This commit makes the minimum required changes necessary for do_altp2m_op to compile on ARM. All altp2m commands in the switch statement are gated by CONFIG_X86, with a default case of returning EOPNOTSUPP. This allows future commits to move the #ifdef CONFIG_X86 down as support for ARM is added. Additionally, a call to do_altp2m_op is added in the ARM HVMOP code. This is commit 2/2 of the common do_altp2m_op phase. Signed-off-by: Rose Spangler <Rose.Spangler@xxxxxxxxxxxxxx> Signed-off-by: Sergej Proskurin <proskurin@xxxxxxxxxxxxx> --- v6: Replaced patches 2 and 3 from v4/v5 patch set with this patch. Made HVM_PARAM_ALTP2M read-only, following the change to the x86 implementation in commit 0291089f6ea8. The DOMCTL to enable altp2m on ARM is implemented in a later commit in this patch series. --- xen/arch/arm/hvm.c | 9 +++++++++ xen/common/altp2m.c | 29 ++++++++++++++--------------- 2 files changed, 23 insertions(+), 15 deletions(-) diff --git a/xen/arch/arm/hvm.c b/xen/arch/arm/hvm.c index 86e49bf47403..7c778795a280 100644 --- a/xen/arch/arm/hvm.c +++ b/xen/arch/arm/hvm.c @@ -5,6 +5,7 @@ * Arch-specific hardware virtual machine abstractions. */ +#include <xen/altp2m.h> #include <xen/init.h> #include <xen/lib.h> #include <xen/errno.h> @@ -23,6 +24,10 @@ static int hvm_allow_set_param(const struct domain *d, unsigned int param) { switch ( param ) { + /* The following parameters are read-only. */ + case HVM_PARAM_ALTP2M: + return -EEXIST; + /* * The following parameters are intended for toolstack usage only. * They may not be set by the domain. @@ -123,6 +128,10 @@ long do_hvm_op(unsigned long op, XEN_GUEST_HANDLE_PARAM(void) arg) rc = -EINVAL; break; + case HVMOP_altp2m: + rc = do_altp2m_op(arg); + break; + default: { gdprintk(XENLOG_DEBUG, "HVMOP op=%lu: not implemented\n", op); diff --git a/xen/common/altp2m.c b/xen/common/altp2m.c index a43b3a3e34b3..6481fae1ed12 100644 --- a/xen/common/altp2m.c +++ b/xen/common/altp2m.c @@ -9,8 +9,10 @@ #include <xsm/xsm.h> -#ifdef CONFIG_X86 +#if defined(CONFIG_X86) && defined(CONFIG_HVM) #include <asm/hvm/nestedhvm.h> +#endif + /* * altp2m operations are envisioned as being used in several different * modes: @@ -18,13 +20,13 @@ * - external: All control and decisions are made by an external agent * running domain 0. * - * - internal: altp2m operations are used exclusively by an in-guest - * agent to protect itself from the guest kernel and in-guest - * attackers. + * - internal (x86 only): altp2m operations are used exclusively by an + * in-guest agent to protect itself from the guest kernel and + * in-guest attackers. * - * - coordinated: An in-guest agent handles #VE and VMFUNCs locally, - * but makes requests of an agent running outside the domain for - * bigger changes (such as modifying altp2m entires). + * - coordinated (x86 only): An in-guest agent handles #VE and VMFUNCs + * locally, but makes requests of an agent running outside the + * domain for bigger changes (such as modifying altp2m entires). * * This corresponds to the three values for HVM_PARAM_ALTP2M * (external, mixed, limited). All three models have advantages and @@ -97,7 +99,7 @@ int do_altp2m_op( if ( (a.cmd != HVMOP_altp2m_get_domain_state) && (a.cmd != HVMOP_altp2m_set_domain_state) && - !d->altp2m_active ) + !altp2m_active(d) ) { rc = -EOPNOTSUPP; goto out; @@ -122,6 +124,7 @@ int do_altp2m_op( switch ( a.cmd ) { +#ifdef CONFIG_X86 case HVMOP_altp2m_get_domain_state: a.u.domain_state.state = altp2m_active(d); rc = __copy_to_guest(arg, &a, 1) ? -EFAULT : 0; @@ -394,9 +397,12 @@ int do_altp2m_op( rc = altp2m_set_view_visibility(d, idx, a.u.set_visibility.visible); break; } +#endif /* CONFIG_X86 */ default: +#ifdef CONFIG_X86 ASSERT_UNREACHABLE(); +#endif rc = -EOPNOTSUPP; break; } @@ -406,13 +412,6 @@ int do_altp2m_op( return rc; } -#else -int do_altp2m_op( - XEN_GUEST_HANDLE_PARAM(void) arg) -{ - return -EOPNOTSUPP; -} -#endif /* * Local variables: -- 2.34.1

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.