| Message ID | 20210408094818.8173-2-luca.fancellu@arm.com (mailing list archive) |
|---|---|
| State | Superseded |
| Headers | show |
| Series | xen/arm: Prevent Dom0 to be loaded when using dom0less | expand |
Hi Luca, On 08/04/2021 10:48, Luca Fancellu wrote: > Move dom0 creation and start from setup.c to domain_build.c > on a dedicate function. > > Signed-off-by: Luca Fancellu <luca.fancellu@arm.com> > --- > xen/arch/arm/domain_build.c | 36 ++++++++++++++++++++++++++++++++++++ > xen/arch/arm/setup.c | 29 +---------------------------- > xen/include/asm-arm/setup.h | 1 + > 3 files changed, 38 insertions(+), 28 deletions(-) > > diff --git a/xen/arch/arm/domain_build.c b/xen/arch/arm/domain_build.c > index 374bf655ee..d7c9c7f4d1 100644 > --- a/xen/arch/arm/domain_build.c > +++ b/xen/arch/arm/domain_build.c > @@ -21,6 +21,7 @@ > #include <asm/device.h> > #include <asm/kernel.h> > #include <asm/setup.h> > +#include <asm/tee/tee.h> > #include <asm/platform.h> > #include <asm/psci.h> > #include <asm/setup.h> > @@ -2520,6 +2521,41 @@ void __init create_domUs(void) > } > } > > +struct domain* __init create_dom0(void) > +{ > + struct domain *dom0; > + struct xen_domctl_createdomain dom0_cfg = { > + .flags = XEN_DOMCTL_CDF_hvm | XEN_DOMCTL_CDF_hap, > + .max_evtchn_port = -1, > + .max_grant_frames = gnttab_dom0_frames(), > + .max_maptrack_frames = -1, > + }; > + > + /* The vGIC for DOM0 is exactly emulating the hardware GIC */ > + dom0_cfg.arch.gic_version = XEN_DOMCTL_CONFIG_GIC_NATIVE; > + /* > + * Xen vGIC supports a maximum of 992 interrupt lines. > + * 32 are substracted to cover local IRQs. > + */ > + dom0_cfg.arch.nr_spis = min(gic_number_lines(), (unsigned int) 992) - 32; > + if ( gic_number_lines() > 992 ) > + printk(XENLOG_WARNING "Maximum number of vGIC IRQs exceeded.\n"); > + dom0_cfg.arch.tee_type = tee_get_type(); > + dom0_cfg.max_vcpus = dom0_max_vcpus(); > + > + if ( iommu_enabled ) > + dom0_cfg.flags |= XEN_DOMCTL_CDF_iommu; > + > + dom0 = domain_create(0, &dom0_cfg, true); > + if ( IS_ERR(dom0) || (alloc_dom0_vcpu0(dom0) == NULL) ) > + panic("Error creating domain 0\n"); > + > + if ( construct_dom0(dom0) != 0) > + panic("Could not set up DOM0 guest OS\n"); > + > + return dom0; > +} > + I would move the function after... > int __init construct_dom0(struct domain *d) ... this function so we can mark construct_dom0() static as create_dom0() is the only caller. > { > struct kernel_info kinfo = {}; > diff --git a/xen/arch/arm/setup.c b/xen/arch/arm/setup.c > index 2532ec9739..b405f58996 100644 > --- a/xen/arch/arm/setup.c > +++ b/xen/arch/arm/setup.c > @@ -51,7 +51,6 @@ > #include <asm/platform.h> > #include <asm/procinfo.h> > #include <asm/setup.h> > -#include <asm/tee/tee.h> > #include <xsm/xsm.h> > #include <asm/acpi.h> > > @@ -805,12 +804,6 @@ void __init start_xen(unsigned long boot_phys_offset, > const char *cmdline; > struct bootmodule *xen_bootmodule; > struct domain *dom0; > - struct xen_domctl_createdomain dom0_cfg = { > - .flags = XEN_DOMCTL_CDF_hvm | XEN_DOMCTL_CDF_hap, > - .max_evtchn_port = -1, > - .max_grant_frames = gnttab_dom0_frames(), > - .max_maptrack_frames = -1, > - }; > int rc; > > dcache_line_bytes = read_dcache_line_bytes(); > @@ -965,27 +958,7 @@ void __init start_xen(unsigned long boot_phys_offset, > enable_errata_workarounds(); > > /* Create initial domain 0. */ > - /* The vGIC for DOM0 is exactly emulating the hardware GIC */ > - dom0_cfg.arch.gic_version = XEN_DOMCTL_CONFIG_GIC_NATIVE; > - /* > - * Xen vGIC supports a maximum of 992 interrupt lines. > - * 32 are substracted to cover local IRQs. > - */ > - dom0_cfg.arch.nr_spis = min(gic_number_lines(), (unsigned int) 992) - 32; > - if ( gic_number_lines() > 992 ) > - printk(XENLOG_WARNING "Maximum number of vGIC IRQs exceeded.\n"); > - dom0_cfg.arch.tee_type = tee_get_type(); > - dom0_cfg.max_vcpus = dom0_max_vcpus(); > - > - if ( iommu_enabled ) > - dom0_cfg.flags |= XEN_DOMCTL_CDF_iommu; > - > - dom0 = domain_create(0, &dom0_cfg, true); > - if ( IS_ERR(dom0) || (alloc_dom0_vcpu0(dom0) == NULL) ) > - panic("Error creating domain 0\n"); > - > - if ( construct_dom0(dom0) != 0) > - panic("Could not set up DOM0 guest OS\n"); > + dom0 = create_dom0(); > > heap_init_late(); > > diff --git a/xen/include/asm-arm/setup.h b/xen/include/asm-arm/setup.h > index 28bf622aa1..e5f5c7ebc6 100644 > --- a/xen/include/asm-arm/setup.h > +++ b/xen/include/asm-arm/setup.h > @@ -95,6 +95,7 @@ int acpi_make_efi_nodes(void *fdt, struct membank tbl_add[]); > > int construct_dom0(struct domain *d); > void create_domUs(void); > +struct domain* create_dom0(void); > > void discard_initial_modules(void); > void fw_unreserved_regions(paddr_t s, paddr_t e, > Cheers,
> On 9 Apr 2021, at 09:30, Julien Grall <julien@xen.org> wrote: > > Hi Luca, > > On 08/04/2021 10:48, Luca Fancellu wrote: >> Move dom0 creation and start from setup.c to domain_build.c >> on a dedicate function. >> Signed-off-by: Luca Fancellu <luca.fancellu@arm.com> >> --- >> xen/arch/arm/domain_build.c | 36 ++++++++++++++++++++++++++++++++++++ >> xen/arch/arm/setup.c | 29 +---------------------------- >> xen/include/asm-arm/setup.h | 1 + >> 3 files changed, 38 insertions(+), 28 deletions(-) >> diff --git a/xen/arch/arm/domain_build.c b/xen/arch/arm/domain_build.c >> index 374bf655ee..d7c9c7f4d1 100644 >> --- a/xen/arch/arm/domain_build.c >> +++ b/xen/arch/arm/domain_build.c >> @@ -21,6 +21,7 @@ >> #include <asm/device.h> >> #include <asm/kernel.h> >> #include <asm/setup.h> >> +#include <asm/tee/tee.h> >> #include <asm/platform.h> >> #include <asm/psci.h> >> #include <asm/setup.h> >> @@ -2520,6 +2521,41 @@ void __init create_domUs(void) >> } >> } >> +struct domain* __init create_dom0(void) >> +{ >> + struct domain *dom0; >> + struct xen_domctl_createdomain dom0_cfg = { >> + .flags = XEN_DOMCTL_CDF_hvm | XEN_DOMCTL_CDF_hap, >> + .max_evtchn_port = -1, >> + .max_grant_frames = gnttab_dom0_frames(), >> + .max_maptrack_frames = -1, >> + }; >> + >> + /* The vGIC for DOM0 is exactly emulating the hardware GIC */ >> + dom0_cfg.arch.gic_version = XEN_DOMCTL_CONFIG_GIC_NATIVE; >> + /* >> + * Xen vGIC supports a maximum of 992 interrupt lines. >> + * 32 are substracted to cover local IRQs. >> + */ >> + dom0_cfg.arch.nr_spis = min(gic_number_lines(), (unsigned int) 992) - 32; >> + if ( gic_number_lines() > 992 ) >> + printk(XENLOG_WARNING "Maximum number of vGIC IRQs exceeded.\n"); >> + dom0_cfg.arch.tee_type = tee_get_type(); >> + dom0_cfg.max_vcpus = dom0_max_vcpus(); >> + >> + if ( iommu_enabled ) >> + dom0_cfg.flags |= XEN_DOMCTL_CDF_iommu; >> + >> + dom0 = domain_create(0, &dom0_cfg, true); >> + if ( IS_ERR(dom0) || (alloc_dom0_vcpu0(dom0) == NULL) ) >> + panic("Error creating domain 0\n"); >> + >> + if ( construct_dom0(dom0) != 0) >> + panic("Could not set up DOM0 guest OS\n"); >> + >> + return dom0; >> +} >> + > > I would move the function after... > >> int __init construct_dom0(struct domain *d) > > ... this function so we can mark construct_dom0() static as create_dom0() is the only caller. Yes, I’ll modify it in the v3. Cheers, Luca > >> { >> struct kernel_info kinfo = {}; >> diff --git a/xen/arch/arm/setup.c b/xen/arch/arm/setup.c >> index 2532ec9739..b405f58996 100644 >> --- a/xen/arch/arm/setup.c >> +++ b/xen/arch/arm/setup.c >> @@ -51,7 +51,6 @@ >> #include <asm/platform.h> >> #include <asm/procinfo.h> >> #include <asm/setup.h> >> -#include <asm/tee/tee.h> >> #include <xsm/xsm.h> >> #include <asm/acpi.h> >> @@ -805,12 +804,6 @@ void __init start_xen(unsigned long boot_phys_offset, >> const char *cmdline; >> struct bootmodule *xen_bootmodule; >> struct domain *dom0; >> - struct xen_domctl_createdomain dom0_cfg = { >> - .flags = XEN_DOMCTL_CDF_hvm | XEN_DOMCTL_CDF_hap, >> - .max_evtchn_port = -1, >> - .max_grant_frames = gnttab_dom0_frames(), >> - .max_maptrack_frames = -1, >> - }; >> int rc; >> dcache_line_bytes = read_dcache_line_bytes(); >> @@ -965,27 +958,7 @@ void __init start_xen(unsigned long boot_phys_offset, >> enable_errata_workarounds(); >> /* Create initial domain 0. */ >> - /* The vGIC for DOM0 is exactly emulating the hardware GIC */ >> - dom0_cfg.arch.gic_version = XEN_DOMCTL_CONFIG_GIC_NATIVE; >> - /* >> - * Xen vGIC supports a maximum of 992 interrupt lines. >> - * 32 are substracted to cover local IRQs. >> - */ >> - dom0_cfg.arch.nr_spis = min(gic_number_lines(), (unsigned int) 992) - 32; >> - if ( gic_number_lines() > 992 ) >> - printk(XENLOG_WARNING "Maximum number of vGIC IRQs exceeded.\n"); >> - dom0_cfg.arch.tee_type = tee_get_type(); >> - dom0_cfg.max_vcpus = dom0_max_vcpus(); >> - >> - if ( iommu_enabled ) >> - dom0_cfg.flags |= XEN_DOMCTL_CDF_iommu; >> - >> - dom0 = domain_create(0, &dom0_cfg, true); >> - if ( IS_ERR(dom0) || (alloc_dom0_vcpu0(dom0) == NULL) ) >> - panic("Error creating domain 0\n"); >> - >> - if ( construct_dom0(dom0) != 0) >> - panic("Could not set up DOM0 guest OS\n"); >> + dom0 = create_dom0(); >> heap_init_late(); >> diff --git a/xen/include/asm-arm/setup.h b/xen/include/asm-arm/setup.h >> index 28bf622aa1..e5f5c7ebc6 100644 >> --- a/xen/include/asm-arm/setup.h >> +++ b/xen/include/asm-arm/setup.h >> @@ -95,6 +95,7 @@ int acpi_make_efi_nodes(void *fdt, struct membank tbl_add[]); >> int construct_dom0(struct domain *d); >> void create_domUs(void); >> +struct domain* create_dom0(void); >> void discard_initial_modules(void); >> void fw_unreserved_regions(paddr_t s, paddr_t e, > > Cheers, > > -- > Julien Grall
diff --git a/xen/arch/arm/domain_build.c b/xen/arch/arm/domain_build.c index 374bf655ee..d7c9c7f4d1 100644 --- a/xen/arch/arm/domain_build.c +++ b/xen/arch/arm/domain_build.c @@ -21,6 +21,7 @@ #include <asm/device.h> #include <asm/kernel.h> #include <asm/setup.h> +#include <asm/tee/tee.h> #include <asm/platform.h> #include <asm/psci.h> #include <asm/setup.h> @@ -2520,6 +2521,41 @@ void __init create_domUs(void) } } +struct domain* __init create_dom0(void) +{ + struct domain *dom0; + struct xen_domctl_createdomain dom0_cfg = { + .flags = XEN_DOMCTL_CDF_hvm | XEN_DOMCTL_CDF_hap, + .max_evtchn_port = -1, + .max_grant_frames = gnttab_dom0_frames(), + .max_maptrack_frames = -1, + }; + + /* The vGIC for DOM0 is exactly emulating the hardware GIC */ + dom0_cfg.arch.gic_version = XEN_DOMCTL_CONFIG_GIC_NATIVE; + /* + * Xen vGIC supports a maximum of 992 interrupt lines. + * 32 are substracted to cover local IRQs. + */ + dom0_cfg.arch.nr_spis = min(gic_number_lines(), (unsigned int) 992) - 32; + if ( gic_number_lines() > 992 ) + printk(XENLOG_WARNING "Maximum number of vGIC IRQs exceeded.\n"); + dom0_cfg.arch.tee_type = tee_get_type(); + dom0_cfg.max_vcpus = dom0_max_vcpus(); + + if ( iommu_enabled ) + dom0_cfg.flags |= XEN_DOMCTL_CDF_iommu; + + dom0 = domain_create(0, &dom0_cfg, true); + if ( IS_ERR(dom0) || (alloc_dom0_vcpu0(dom0) == NULL) ) + panic("Error creating domain 0\n"); + + if ( construct_dom0(dom0) != 0) + panic("Could not set up DOM0 guest OS\n"); + + return dom0; +} + int __init construct_dom0(struct domain *d) { struct kernel_info kinfo = {}; diff --git a/xen/arch/arm/setup.c b/xen/arch/arm/setup.c index 2532ec9739..b405f58996 100644 --- a/xen/arch/arm/setup.c +++ b/xen/arch/arm/setup.c @@ -51,7 +51,6 @@ #include <asm/platform.h> #include <asm/procinfo.h> #include <asm/setup.h> -#include <asm/tee/tee.h> #include <xsm/xsm.h> #include <asm/acpi.h> @@ -805,12 +804,6 @@ void __init start_xen(unsigned long boot_phys_offset, const char *cmdline; struct bootmodule *xen_bootmodule; struct domain *dom0; - struct xen_domctl_createdomain dom0_cfg = { - .flags = XEN_DOMCTL_CDF_hvm | XEN_DOMCTL_CDF_hap, - .max_evtchn_port = -1, - .max_grant_frames = gnttab_dom0_frames(), - .max_maptrack_frames = -1, - }; int rc; dcache_line_bytes = read_dcache_line_bytes(); @@ -965,27 +958,7 @@ void __init start_xen(unsigned long boot_phys_offset, enable_errata_workarounds(); /* Create initial domain 0. */ - /* The vGIC for DOM0 is exactly emulating the hardware GIC */ - dom0_cfg.arch.gic_version = XEN_DOMCTL_CONFIG_GIC_NATIVE; - /* - * Xen vGIC supports a maximum of 992 interrupt lines. - * 32 are substracted to cover local IRQs. - */ - dom0_cfg.arch.nr_spis = min(gic_number_lines(), (unsigned int) 992) - 32; - if ( gic_number_lines() > 992 ) - printk(XENLOG_WARNING "Maximum number of vGIC IRQs exceeded.\n"); - dom0_cfg.arch.tee_type = tee_get_type(); - dom0_cfg.max_vcpus = dom0_max_vcpus(); - - if ( iommu_enabled ) - dom0_cfg.flags |= XEN_DOMCTL_CDF_iommu; - - dom0 = domain_create(0, &dom0_cfg, true); - if ( IS_ERR(dom0) || (alloc_dom0_vcpu0(dom0) == NULL) ) - panic("Error creating domain 0\n"); - - if ( construct_dom0(dom0) != 0) - panic("Could not set up DOM0 guest OS\n"); + dom0 = create_dom0(); heap_init_late(); diff --git a/xen/include/asm-arm/setup.h b/xen/include/asm-arm/setup.h index 28bf622aa1..e5f5c7ebc6 100644 --- a/xen/include/asm-arm/setup.h +++ b/xen/include/asm-arm/setup.h @@ -95,6 +95,7 @@ int acpi_make_efi_nodes(void *fdt, struct membank tbl_add[]); int construct_dom0(struct domain *d); void create_domUs(void); +struct domain* create_dom0(void); void discard_initial_modules(void); void fw_unreserved_regions(paddr_t s, paddr_t e,
Move dom0 creation and start from setup.c to domain_build.c on a dedicate function. Signed-off-by: Luca Fancellu <luca.fancellu@arm.com> --- xen/arch/arm/domain_build.c | 36 ++++++++++++++++++++++++++++++++++++ xen/arch/arm/setup.c | 29 +---------------------------- xen/include/asm-arm/setup.h | 1 + 3 files changed, 38 insertions(+), 28 deletions(-)