@@ -675,12 +675,16 @@ Controls for how dom0 is constructed on x86 systems.
selected mode.
* For a PVH dom0, the hardware must have VT-x/SVM extensions available.
-* The `shadow` boolean is only applicable when dom0 is constructed as a PVH
- guest, and controls whether dom0 uses hardware assisted paging, or shadow
- paging. The default is HAP when available, and shadow otherwise.
+* The `shadow` boolean allows dom0 to be explicitly constructed using shadow
+ paging. This option is unavailable when `CONFIG_SHADOW_PAGING` is
+ disabled.
- This option is unavailable when `CONFIG_SHADOW_PAGING` is disabled. Such
- builds of Xen require HAP-capable hardware to use a PVH dom0.
+ For PVH, dom0 defaults to using HAP on capable hardware, and falls back to
+ shadow paging otherwise. A PVH dom0 cannot be used if Xen is compiled
+ without paging support, and the hardware lacks HAP support.
+
+ For PV, the use of dom0 shadow mode is only for development purposes. PV
+ guests do no require any paging support by default.
* The `verbose` boolean is intended for diagnostics, and prints out extra
information during the dom0 build. It defaults to false.
@@ -588,14 +588,6 @@ int __init construct_dom0(struct domain *d, const module_t *image,
process_pending_softirqs();
-#ifdef CONFIG_SHADOW_PAGING
- if ( opt_dom0_shadow && !dom0_pvh )
- {
- opt_dom0_shadow = false;
- printk(XENLOG_WARNING "Shadow Dom0 requires PVH. Option ignored.\n");
- }
-#endif
-
if ( is_hvm_domain(d) )
rc = dom0_construct_pvh(d, image, image_headroom, initrd, cmdline);
else if ( is_pv_domain(d) )
@@ -906,6 +906,15 @@ int __init dom0_construct_pv(struct domain *d,
if ( d->domain_id == hardware_domid )
iommu_hwdom_init(d);
+ /* Activate shadow mode, if requested. Reuse the pv_l1tf tasklet. */
+#ifdef CONFIG_SHADOW_PAGING
+ if ( opt_dom0_shadow )
+ {
+ printk("Switching dom0 to using shadow paging\n");
+ tasklet_schedule(&d->arch.paging.shadow.pv_l1tf_tasklet);
+ }
+#endif
+
v->is_initialised = 1;
clear_bit(_VPF_down, &v->pause_flags);
This would have been very handy when debugging some pv-l1tf issues. As there is no cost to supporting it, wire it up. Due to the way dom0 is constructed, switching into shadow mode must be done after the pagetables are written, and because of partially being in dom0 context, shadow_enable() doesn't like the state it finds. Reuse the pv_l1tf tasklet for convenience, which will switch dom0 into shadow mode just before it starts executing. Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> --- CC: Jan Beulich <JBeulich@suse.com> CC: Wei Liu <wei.liu2@citrix.com> CC: Roger Pau Monné <roger.pau@citrix.com> --- docs/misc/xen-command-line.pandoc | 14 +++++++++----- xen/arch/x86/dom0_build.c | 8 -------- xen/arch/x86/pv/dom0_build.c | 9 +++++++++ 3 files changed, 18 insertions(+), 13 deletions(-)