From: Grygorii Strashko <grygorii_strashko@epam.com>
Hi
This series introduces possibility to disable 32-bit (COMPAT) interface support
in the following case:
- Only PVH domains are used
- Guests (OS) are started by using direct Direct Kernel Boot
- Guests (OS) are 64-bit and Guest early boot code, which is running not
in 64-bit mode, does not access Xen interfaces
(hypercalls, shared_info, ..)
If above criterias are met the COMPAT HVM interface become unreachable and can be disabled.
Coverage reports analyze and adding guard (debug) exceptions in hvm_hypercall/hvm_do_multicall_call
and hvm_latch_shinfo_size() confirm that COMPAT HVM interface is unused for safety use-case.
Changes in v2 described in each patch:
- patch "x86: constify has_32bit_shinfo() if !CONFIG_COMPAT" squashed in patch 2.
v1:
https://patchwork.kernel.org/project/xen-devel/cover/20251111175413.3540690-1-grygorii_strashko@epam.com/
Grygorii Strashko (4):
x86: hvm: dm: factor out compat code under ifdefs
x86: hvm: compat: introduce is_hcall_compat() helper
x86: hvm: factor out COMPAT code under ifdefs
x86: pvh: allow to disable 32-bit interface support
xen/arch/x86/hvm/Kconfig | 19 ++++++++++++++++++-
xen/arch/x86/hvm/dm.c | 2 ++
xen/arch/x86/hvm/hvm.c | 24 ++++++++++++++++++++----
xen/arch/x86/hvm/hypercall.c | 22 +++++++++++++++++-----
xen/arch/x86/hypercall.c | 6 +-----
xen/arch/x86/include/asm/domain.h | 9 +++++++--
xen/common/kernel.c | 2 +-
xen/include/hypercall-defs.c | 9 +++++++--
xen/include/xen/sched.h | 9 +++++++++
9 files changed, 82 insertions(+), 20 deletions(-)
--
2.34.1