1. Patchew
  2. Xen
  3. View series

[XEN][PATCH v2 0/4] x86: pvh: allow to disable 32-bit (COMPAT) interface support

Grygorii Strashko posted 4 patches 2 months, 3 weeks ago
Failed in applying to current master (apply log)
xen/arch/x86/hvm/Kconfig          | 19 ++++++++++++++++++-
xen/arch/x86/hvm/dm.c             |  2 ++
xen/arch/x86/hvm/hvm.c            | 24 ++++++++++++++++++++----
xen/arch/x86/hvm/hypercall.c      | 22 +++++++++++++++++-----
xen/arch/x86/hypercall.c          |  6 +-----
xen/arch/x86/include/asm/domain.h |  9 +++++++--
xen/common/kernel.c               |  2 +-
xen/include/hypercall-defs.c      |  9 +++++++--
xen/include/xen/sched.h           |  9 +++++++++
9 files changed, 82 insertions(+), 20 deletions(-)
[XEN][PATCH v2 0/4] x86: pvh: allow to disable 32-bit (COMPAT) interface support
Posted by Grygorii Strashko 2 months, 3 weeks ago 
From: Grygorii Strashko <grygorii_strashko@epam.com>

Hi

This series introduces possibility to disable 32-bit (COMPAT) interface support
in the following case:
      - Only PVH domains are used
      - Guests (OS) are started by using direct Direct Kernel Boot
      - Guests (OS) are 64-bit and Guest early boot code, which is running not
        in 64-bit mode, does not access Xen interfaces
        (hypercalls, shared_info, ..)

If above criterias are met the COMPAT HVM interface become unreachable and can be disabled.
Coverage reports analyze and adding guard (debug) exceptions in hvm_hypercall/hvm_do_multicall_call
and hvm_latch_shinfo_size() confirm that COMPAT HVM interface is unused for safety use-case.

Changes in v2 described in each patch:
- patch "x86: constify has_32bit_shinfo() if !CONFIG_COMPAT" squashed in patch 2.

v1:
 https://patchwork.kernel.org/project/xen-devel/cover/20251111175413.3540690-1-grygorii_strashko@epam.com/

Grygorii Strashko (4):
  x86: hvm: dm: factor out compat code under ifdefs
  x86: hvm: compat: introduce is_hcall_compat() helper
  x86: hvm: factor out COMPAT code under ifdefs
  x86: pvh: allow to disable 32-bit interface support

 xen/arch/x86/hvm/Kconfig          | 19 ++++++++++++++++++-
 xen/arch/x86/hvm/dm.c             |  2 ++
 xen/arch/x86/hvm/hvm.c            | 24 ++++++++++++++++++++----
 xen/arch/x86/hvm/hypercall.c      | 22 +++++++++++++++++-----
 xen/arch/x86/hypercall.c          |  6 +-----
 xen/arch/x86/include/asm/domain.h |  9 +++++++--
 xen/common/kernel.c               |  2 +-
 xen/include/hypercall-defs.c      |  9 +++++++--
 xen/include/xen/sched.h           |  9 +++++++++
 9 files changed, 82 insertions(+), 20 deletions(-)

-- 
2.34.1
Re: [XEN][PATCH v2 0/4] x86: pvh: allow to disable 32-bit (COMPAT) interface support
Posted by Grygorii Strashko 1 month, 3 weeks ago 
Hi All,

I'm planning to send v3 - so would be appreciated for any other comments.

On 19.11.25 21:30, Grygorii Strashko wrote:
> From: Grygorii Strashko <grygorii_strashko@epam.com>
> 
> Hi
> 
> This series introduces possibility to disable 32-bit (COMPAT) interface support
> in the following case:
>        - Only PVH domains are used
>        - Guests (OS) are started by using direct Direct Kernel Boot
>        - Guests (OS) are 64-bit and Guest early boot code, which is running not
>          in 64-bit mode, does not access Xen interfaces
>          (hypercalls, shared_info, ..)
> 
> If above criterias are met the COMPAT HVM interface become unreachable and can be disabled.
> Coverage reports analyze and adding guard (debug) exceptions in hvm_hypercall/hvm_do_multicall_call
> and hvm_latch_shinfo_size() confirm that COMPAT HVM interface is unused for safety use-case.
> 
> Changes in v2 described in each patch:
> - patch "x86: constify has_32bit_shinfo() if !CONFIG_COMPAT" squashed in patch 2.
> 
> v1:
>   https://patchwork.kernel.org/project/xen-devel/cover/20251111175413.3540690-1-grygorii_strashko@epam.com/
> 
> Grygorii Strashko (4):
>    x86: hvm: dm: factor out compat code under ifdefs
>    x86: hvm: compat: introduce is_hcall_compat() helper
>    x86: hvm: factor out COMPAT code under ifdefs
>    x86: pvh: allow to disable 32-bit interface support
> 
>   xen/arch/x86/hvm/Kconfig          | 19 ++++++++++++++++++-
>   xen/arch/x86/hvm/dm.c             |  2 ++
>   xen/arch/x86/hvm/hvm.c            | 24 ++++++++++++++++++++----
>   xen/arch/x86/hvm/hypercall.c      | 22 +++++++++++++++++-----
>   xen/arch/x86/hypercall.c          |  6 +-----
>   xen/arch/x86/include/asm/domain.h |  9 +++++++--
>   xen/common/kernel.c               |  2 +-
>   xen/include/hypercall-defs.c      |  9 +++++++--
>   xen/include/xen/sched.h           |  9 +++++++++
>   9 files changed, 82 insertions(+), 20 deletions(-)
> 

-- 
Best regards,
-grygorii
Re: [XEN][PATCH v2 0/4] x86: pvh: allow to disable 32-bit (COMPAT) interface support
Posted by Jan Beulich 1 month, 3 weeks ago 
On 18.12.2025 17:20, Grygorii Strashko wrote:
> I'm planning to send v3 - so would be appreciated for any other comments.

Andrew,

could you please write down the outline of what you described verbally the
other day, to scope the extent to which we may want to take changes here?

Thanks, Jan

> On 19.11.25 21:30, Grygorii Strashko wrote:
>> From: Grygorii Strashko <grygorii_strashko@epam.com>
>>
>> Hi
>>
>> This series introduces possibility to disable 32-bit (COMPAT) interface support
>> in the following case:
>>        - Only PVH domains are used
>>        - Guests (OS) are started by using direct Direct Kernel Boot
>>        - Guests (OS) are 64-bit and Guest early boot code, which is running not
>>          in 64-bit mode, does not access Xen interfaces
>>          (hypercalls, shared_info, ..)
>>
>> If above criterias are met the COMPAT HVM interface become unreachable and can be disabled.
>> Coverage reports analyze and adding guard (debug) exceptions in hvm_hypercall/hvm_do_multicall_call
>> and hvm_latch_shinfo_size() confirm that COMPAT HVM interface is unused for safety use-case.
>>
>> Changes in v2 described in each patch:
>> - patch "x86: constify has_32bit_shinfo() if !CONFIG_COMPAT" squashed in patch 2.
>>
>> v1:
>>   https://patchwork.kernel.org/project/xen-devel/cover/20251111175413.3540690-1-grygorii_strashko@epam.com/
>>
>> Grygorii Strashko (4):
>>    x86: hvm: dm: factor out compat code under ifdefs
>>    x86: hvm: compat: introduce is_hcall_compat() helper
>>    x86: hvm: factor out COMPAT code under ifdefs
>>    x86: pvh: allow to disable 32-bit interface support
>>
>>   xen/arch/x86/hvm/Kconfig          | 19 ++++++++++++++++++-
>>   xen/arch/x86/hvm/dm.c             |  2 ++
>>   xen/arch/x86/hvm/hvm.c            | 24 ++++++++++++++++++++----
>>   xen/arch/x86/hvm/hypercall.c      | 22 +++++++++++++++++-----
>>   xen/arch/x86/hypercall.c          |  6 +-----
>>   xen/arch/x86/include/asm/domain.h |  9 +++++++--
>>   xen/common/kernel.c               |  2 +-
>>   xen/include/hypercall-defs.c      |  9 +++++++--
>>   xen/include/xen/sched.h           |  9 +++++++++
>>   9 files changed, 82 insertions(+), 20 deletions(-)
>>
>
Re: [XEN][PATCH v2 0/4] x86: pvh: allow to disable 32-bit (COMPAT) interface support
Posted by Stefano Stabellini 1 month, 3 weeks ago 
On Thu, 18 Dec 2025, Jan Beulich wrote:
> On 18.12.2025 17:20, Grygorii Strashko wrote:
> > I'm planning to send v3 - so would be appreciated for any other comments.
> 
> Andrew,
> 
> could you please write down the outline of what you described verbally the
> other day, to scope the extent to which we may want to take changes here?

I am not Andrew, but I just wanted to take the opportunity to write down
my recollection, letting Andrew chime in as needed of course.

We would make it possible to remove the compat code itself and compat
hypercall entries. This would be acceptable right away.

When it comes to 32-bit code intermixed with 64-bit code, we would have
to look at it on a case by case basis.


 
> > On 19.11.25 21:30, Grygorii Strashko wrote:
> >> From: Grygorii Strashko <grygorii_strashko@epam.com>
> >>
> >> Hi
> >>
> >> This series introduces possibility to disable 32-bit (COMPAT) interface support
> >> in the following case:
> >>        - Only PVH domains are used
> >>        - Guests (OS) are started by using direct Direct Kernel Boot
> >>        - Guests (OS) are 64-bit and Guest early boot code, which is running not
> >>          in 64-bit mode, does not access Xen interfaces
> >>          (hypercalls, shared_info, ..)
> >>
> >> If above criterias are met the COMPAT HVM interface become unreachable and can be disabled.
> >> Coverage reports analyze and adding guard (debug) exceptions in hvm_hypercall/hvm_do_multicall_call
> >> and hvm_latch_shinfo_size() confirm that COMPAT HVM interface is unused for safety use-case.
> >>
> >> Changes in v2 described in each patch:
> >> - patch "x86: constify has_32bit_shinfo() if !CONFIG_COMPAT" squashed in patch 2.
> >>
> >> v1:
> >>   https://patchwork.kernel.org/project/xen-devel/cover/20251111175413.3540690-1-grygorii_strashko@epam.com/
> >>
> >> Grygorii Strashko (4):
> >>    x86: hvm: dm: factor out compat code under ifdefs
> >>    x86: hvm: compat: introduce is_hcall_compat() helper
> >>    x86: hvm: factor out COMPAT code under ifdefs
> >>    x86: pvh: allow to disable 32-bit interface support
> >>
> >>   xen/arch/x86/hvm/Kconfig          | 19 ++++++++++++++++++-
> >>   xen/arch/x86/hvm/dm.c             |  2 ++
> >>   xen/arch/x86/hvm/hvm.c            | 24 ++++++++++++++++++++----
> >>   xen/arch/x86/hvm/hypercall.c      | 22 +++++++++++++++++-----
> >>   xen/arch/x86/hypercall.c          |  6 +-----
> >>   xen/arch/x86/include/asm/domain.h |  9 +++++++--
> >>   xen/common/kernel.c               |  2 +-
> >>   xen/include/hypercall-defs.c      |  9 +++++++--
> >>   xen/include/xen/sched.h           |  9 +++++++++
> >>   9 files changed, 82 insertions(+), 20 deletions(-)
> >>
> > 
>

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.