xen/arch/arm/Makefile | 10 +++++----- xen/common/Kconfig | 26 ++++++++++++++++++++++++++ xen/common/Makefile | 4 ++++ xen/common/domain.c | 2 ++ xen/include/hypercall-defs.c | 14 +++++++++++++- xen/include/xen/hypercall.h | 20 ++++++++++++++++++++ 6 files changed, 70 insertions(+), 6 deletions(-)
From: Stefano Stabellini <stefano.stabellini@amd.com>
It can be beneficial for some dom0less systems to further reduce Xen footprint
and disable some hypercalls handling code, which isn't going to be used in
such systems. Each hypercall has a separate option to keep configuration
flexible.
Options to disable hypercalls:
- domctl, sysctl
- hvm
- physdev
- platform
Options are forced to be configurable only when DOM0LESS is enabled, so that
system won't become accidentally un-bootable when any hypercall is disabled.
Signed-off-by: Stefano Stabellini <stefano.stabellini@amd.com>
Signed-off-by: Sergiy Kibrik <Sergiy_Kibrik@epam.com>
---
xen/arch/arm/Makefile | 10 +++++-----
xen/common/Kconfig | 26 ++++++++++++++++++++++++++
xen/common/Makefile | 4 ++++
xen/common/domain.c | 2 ++
xen/include/hypercall-defs.c | 14 +++++++++++++-
xen/include/xen/hypercall.h | 20 ++++++++++++++++++++
6 files changed, 70 insertions(+), 6 deletions(-)
diff --git a/xen/arch/arm/Makefile b/xen/arch/arm/Makefile
index 7792bff597..09fffa7002 100644
--- a/xen/arch/arm/Makefile
+++ b/xen/arch/arm/Makefile
@@ -18,7 +18,7 @@ obj-$(CONFIG_IOREQ_SERVER) += dm.o
obj-$(CONFIG_DOM0LESS_BOOT) += dom0less-build.init.o
obj-y += domain.o
obj-y += domain_build.init.o
-obj-y += domctl.o
+obj-$(CONFIG_DOMCTL) += domctl.o
obj-$(CONFIG_EARLY_PRINTK) += early_printk.o
obj-y += efi/
obj-y += gic.o
@@ -29,7 +29,7 @@ obj-$(CONFIG_HAS_ITS) += gic-v3-lpi.o
obj-y += guestcopy.o
obj-y += guest_atomics.o
obj-y += guest_walk.o
-obj-y += hvm.o
+obj-$(CONFIG_HVM_OP) += hvm.o
obj-y += io.o
obj-$(CONFIG_IOREQ_SERVER) += ioreq.o
obj-y += irq.o
@@ -41,8 +41,8 @@ obj-y += monitor.o
obj-y += p2m.o
obj-y += percpu.o
obj-y += platform.o
-obj-y += platform_hypercall.o
-obj-y += physdev.o
+obj-$(CONFIG_PLATFORM_HYP) += platform_hypercall.o
+obj-$(CONFIG_PHYSDEVOP) += physdev.o
obj-y += processor.o
obj-y += psci.o
obj-y += setup.o
@@ -52,7 +52,7 @@ obj-y += smpboot.o
obj-$(CONFIG_STATIC_EVTCHN) += static-evtchn.init.o
obj-$(CONFIG_STATIC_MEMORY) += static-memory.init.o
obj-$(CONFIG_STATIC_SHM) += static-shmem.init.o
-obj-y += sysctl.o
+obj-$(CONFIG_SYSCTL) += sysctl.o
obj-y += time.o
obj-y += traps.o
obj-y += vcpreg.o
diff --git a/xen/common/Kconfig b/xen/common/Kconfig
index 90268d9249..7e4f51958d 100644
--- a/xen/common/Kconfig
+++ b/xen/common/Kconfig
@@ -516,4 +516,30 @@ config TRACEBUFFER
to be collected at run time for debugging or performance analysis.
Memory and execution overhead when not active is minimal.
+menu "Supported hypercall interfaces"
+ visible if DOM0LESS_BOOT && EXPERT
+
+config SYSCTL
+ bool "Enable sysctl hypercall"
+ default y
+
+config DOMCTL
+ bool "Enable domctl hypercalls"
+ default y
+
+config HVM_OP
+ bool "Enable HVM hypercalls"
+ depends on HVM
+ default y
+
+config PLATFORM_HYP
+ bool "Enable platform hypercalls"
+ default y
+
+config PHYSDEVOP
+ bool "Enable physdev hypercall"
+ default y
+
+endmenu
+
endmenu
diff --git a/xen/common/Makefile b/xen/common/Makefile
index fc52e0857d..ea0557aee5 100644
--- a/xen/common/Makefile
+++ b/xen/common/Makefile
@@ -64,10 +64,14 @@ obj-bin-$(CONFIG_X86) += $(foreach n,decompress bunzip2 unxz unlzma lzo unlzo un
obj-$(CONFIG_COMPAT) += $(addprefix compat/,domain.o memory.o multicall.o xlat.o)
ifneq ($(CONFIG_PV_SHIM_EXCLUSIVE),y)
+ifeq ($(CONFIG_DOMCTL),y)
obj-y += domctl.o
+endif
obj-y += monitor.o
+ifeq ($(CONFIG_SYSCTL),y)
obj-y += sysctl.o
endif
+endif
extra-y := symbols-dummy.o
diff --git a/xen/common/domain.c b/xen/common/domain.c
index 92263a4fbd..77d15a317f 100644
--- a/xen/common/domain.c
+++ b/xen/common/domain.c
@@ -1053,7 +1053,9 @@ int domain_kill(struct domain *d)
d->is_dying = DOMDYING_dying;
rspin_barrier(&d->domain_lock);
argo_destroy(d);
+#ifdef CONFIG_DOMCTL
vnuma_destroy(d->vnuma);
+#endif
domain_set_outstanding_pages(d, 0);
/* fallthrough */
case DOMDYING_dying:
diff --git a/xen/include/hypercall-defs.c b/xen/include/hypercall-defs.c
index 47c093acc8..93b4f5a1e3 100644
--- a/xen/include/hypercall-defs.c
+++ b/xen/include/hypercall-defs.c
@@ -235,8 +235,10 @@ set_callbacks compat do - - -
fpu_taskswitch do do - - -
sched_op_compat do do - - dep
#ifndef CONFIG_PV_SHIM_EXCLUSIVE
+#ifdef CONFIG_PLATFORM_HYP
platform_op compat do compat do do
#endif
+#endif
set_debugreg do do - - -
get_debugreg do do - - -
update_descriptor compat do - - -
@@ -247,7 +249,9 @@ set_timer_op compat do compat do -
event_channel_op_compat do do - - dep
xen_version do do do do do
console_io do do do do do
+#ifdef CONFIG_PHYSDEV
physdev_op_compat compat do - - dep
+#endif
#if defined(CONFIG_GRANT_TABLE)
grant_table_op compat do hvm hvm do
#elif defined(CONFIG_PV_SHIM)
@@ -269,14 +273,20 @@ callback_op compat do - - -
xenoprof_op compat do - - -
#endif
event_channel_op do do do:1 do:1 do:1
+#ifdef CONFIG_PHYSDEVOP
physdev_op compat do hvm hvm do_arm
-#ifdef CONFIG_HVM
+#endif
+#ifdef CONFIG_HVM_OP
hvm_op do do do do do
#endif
#ifndef CONFIG_PV_SHIM_EXCLUSIVE
+#ifdef CONFIG_SYSCTL
sysctl do do do do do
+#endif
+#ifdef CONFIG_DOMCTL
domctl do do do do do
#endif
+#endif
#ifdef CONFIG_KEXEC
kexec_op compat do - - -
#endif
@@ -293,7 +303,9 @@ hypfs_op do do do do do
#endif
mca do do - - -
#ifndef CONFIG_PV_SHIM_EXCLUSIVE
+#ifdef CONFIG_DOMCTL
paging_domctl_cont do do do do -
#endif
+#endif
#endif /* !CPPCHECK */
diff --git a/xen/include/xen/hypercall.h b/xen/include/xen/hypercall.h
index f307dfb597..10d551c751 100644
--- a/xen/include/xen/hypercall.h
+++ b/xen/include/xen/hypercall.h
@@ -24,6 +24,26 @@
/* Needs to be after asm/hypercall.h. */
#include <xen/hypercall-defs.h>
+#if !defined(CONFIG_DOMCTL) && !defined(CONFIG_DOM0LESS_BOOT)
+#error "domctl and dom0less can't be disabled simultaneously"
+#endif
+
+#if !defined(CONFIG_HVM_OP) && !defined(CONFIG_DOM0LESS_BOOT)
+#error "hvm_op and dom0less can't be disabled simultaneously"
+#endif
+
+#if !defined(CONFIG_PHYSDEVOP) && !defined(CONFIG_DOM0LESS_BOOT)
+#error "physdevop and dom0less can't be disabled simultaneously"
+#endif
+
+#if !defined(CONFIG_PLATFORM_HYP) && !defined(CONFIG_DOM0LESS_BOOT)
+#error "platform hypercalls and dom0less can't be disabled simultaneously"
+#endif
+
+#if !defined(CONFIG_SYSCTL) && !defined(CONFIG_DOM0LESS_BOOT)
+#error "sysctl and dom0less can't be disabled simultaneously"
+#endif
+
extern long
arch_do_domctl(
struct xen_domctl *domctl, struct domain *d,
--
2.25.1
On 26/09/2024 10:58 am, Sergiy Kibrik wrote: > diff --git a/xen/common/Makefile b/xen/common/Makefile > index fc52e0857d..ea0557aee5 100644 > --- a/xen/common/Makefile > +++ b/xen/common/Makefile > @@ -64,10 +64,14 @@ obj-bin-$(CONFIG_X86) += $(foreach n,decompress bunzip2 unxz unlzma lzo unlzo un > obj-$(CONFIG_COMPAT) += $(addprefix compat/,domain.o memory.o multicall.o xlat.o) > > ifneq ($(CONFIG_PV_SHIM_EXCLUSIVE),y) > +ifeq ($(CONFIG_DOMCTL),y) > obj-y += domctl.o > +endif > obj-y += monitor.o > +ifeq ($(CONFIG_SYSCTL),y) > obj-y += sysctl.o > endif > +endif This patch is tagged ARM, but as you can see from this bodge, it's already used on x86 for SHIM_EXCLUSIVE mode. (I came very close to insisting that it was done like this originally, but alas.) Please incorporate PV_SHIM_EXCLUSIVE at the Kconfig level, and turn these into simple obj-$(...) += foo.o ~Andrew
On 26.09.2024 14:36, Andrew Cooper wrote: > On 26/09/2024 10:58 am, Sergiy Kibrik wrote: >> diff --git a/xen/common/Makefile b/xen/common/Makefile >> index fc52e0857d..ea0557aee5 100644 >> --- a/xen/common/Makefile >> +++ b/xen/common/Makefile >> @@ -64,10 +64,14 @@ obj-bin-$(CONFIG_X86) += $(foreach n,decompress bunzip2 unxz unlzma lzo unlzo un >> obj-$(CONFIG_COMPAT) += $(addprefix compat/,domain.o memory.o multicall.o xlat.o) >> >> ifneq ($(CONFIG_PV_SHIM_EXCLUSIVE),y) >> +ifeq ($(CONFIG_DOMCTL),y) >> obj-y += domctl.o >> +endif >> obj-y += monitor.o >> +ifeq ($(CONFIG_SYSCTL),y) >> obj-y += sysctl.o >> endif >> +endif > > This patch is tagged ARM, but as you can see from this bodge, it's > already used on x86 for SHIM_EXCLUSIVE mode. > > (I came very close to insisting that it was done like this originally, > but alas.) > > Please incorporate PV_SHIM_EXCLUSIVE at the Kconfig level, and turn > these into simple obj-$(...) += foo.o Which in turn may want first dealing with the inverted sense of PV_SHIM_EXCLUSIVE that you've been voicing concern about when used in "depends on". A patch to deal with that has been pending for over a year and a half: https://lists.xen.org/archives/html/xen-devel/2023-03/msg00040.html Naming there of course is subject to better suggestions. Jan
© 2016 - 2024 Red Hat, Inc.