Message ID | 20190725133920.40673-7-paul.durrant@citrix.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | stash domain create flags and then use them | expand |
On 25.07.2019 15:39, Paul Durrant wrote: > The flag is not needed since the domain 'options' can now be tested > directly. > > Signed-off-by: Paul Durrant <paul.durrant@citrix.com> > Reviewed-by: "Roger Pau Monné" <roger.pau@citrix.com> I may be asking a little much, as it's not directly related to what you want to do here, but since TBOOT has a separate config option, rejecting bogus use of CDF_s3_integrity again in arch_sanitise_domain_config() would be a useful augmentation here. If you don't want to do so, then feel free to add Reviewed-by: Jan Beulich <jbeulich@suse.com> on the patch as in its current shape. Jan
> -----Original Message----- > From: Jan Beulich <JBeulich@suse.com> > Sent: 29 July 2019 16:21 > To: Paul Durrant <Paul.Durrant@citrix.com> > Cc: xen-devel@lists.xenproject.org; Andrew Cooper <Andrew.Cooper3@citrix.com>; Roger Pau Monne > <roger.pau@citrix.com>; Gang Wei <gang.wei@intel.com>; Shane Wang <shane.wang@intel.com>; Wei Liu > <wl@xen.org> > Subject: Re: [PATCH v2 6/6] x86/domain: remove the 's3_integrity' flag > > On 25.07.2019 15:39, Paul Durrant wrote: > > The flag is not needed since the domain 'options' can now be tested > > directly. > > > > Signed-off-by: Paul Durrant <paul.durrant@citrix.com> > > Reviewed-by: "Roger Pau Monné" <roger.pau@citrix.com> > > I may be asking a little much, as it's not directly related to > what you want to do here, but since TBOOT has a separate config > option, rejecting bogus use of CDF_s3_integrity again in > arch_sanitise_domain_config() would be a useful augmentation > here. If you don't want to do so, then feel free to add > Reviewed-by: Jan Beulich <jbeulich@suse.com> > on the patch as in its current shape. Ok, I'll take a look at doing that while I'm re-working the others. Paul > > Jan
diff --git a/xen/arch/x86/domain.c b/xen/arch/x86/domain.c index 65f47a7627..2203882445 100644 --- a/xen/arch/x86/domain.c +++ b/xen/arch/x86/domain.c @@ -538,8 +538,6 @@ int arch_domain_create(struct domain *d, d->domain_id); } - d->arch.s3_integrity = config->flags & XEN_DOMCTL_CDF_s3_integrity; - emflags = config->arch.emulation_flags; if ( is_hardware_domain(d) && is_pv_domain(d) ) diff --git a/xen/arch/x86/tboot.c b/xen/arch/x86/tboot.c index f3fdee4d39..3db8a8a8d8 100644 --- a/xen/arch/x86/tboot.c +++ b/xen/arch/x86/tboot.c @@ -212,7 +212,7 @@ static void tboot_gen_domain_integrity(const uint8_t key[TB_KEY_SIZE], vmac_set_key((uint8_t *)key, &ctx); for_each_domain( d ) { - if ( !d->arch.s3_integrity ) + if ( !(d->options & XEN_DOMCTL_CDF_s3_integrity) ) continue; printk("MACing Domain %u\n", d->domain_id); diff --git a/xen/include/asm-x86/domain.h b/xen/include/asm-x86/domain.h index 5f9899469c..5c038a1065 100644 --- a/xen/include/asm-x86/domain.h +++ b/xen/include/asm-x86/domain.h @@ -295,8 +295,6 @@ struct arch_domain uint32_t pci_cf8; uint8_t cmos_idx; - bool_t s3_integrity; - union { struct pv_domain pv; struct hvm_domain hvm;