[v4,13/13] x86/hyperlaunch: add capabilities to boot domain

Message ID	20250417124844.11143-14-agarciav@amd.com (mailing list archive)
State	New
Headers	show Return-Path: <xen-devel-bounces@lists.xenproject.org> Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org> Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C From: Alejandro Vallejo <agarciav@amd.com> To: <xen-devel@lists.xenproject.org> CC: "Daniel P. Smith" <dpsmith@apertussolutions.com>, Jan Beulich <jbeulich@suse.com>, Andrew Cooper <andrew.cooper3@citrix.com>, =?utf-8?q?Roger_Pau_Monn=C3=A9?= <roger.pau@citrix.com>, Anthony PERARD <anthony.perard@vates.tech>, Michal Orzel <michal.orzel@amd.com>, "Julien Grall" <julien@xen.org>, Stefano Stabellini <sstabellini@kernel.org>, "Jason Andryuk" <jason.andryuk@amd.com>, Alejandro Vallejo <agarciav@amd.com> Subject: [PATCH v4 13/13] x86/hyperlaunch: add capabilities to boot domain Date: Thu, 17 Apr 2025 13:48:35 +0100 Message-ID: <20250417124844.11143-14-agarciav@amd.com> In-Reply-To: <20250417124844.11143-1-agarciav@amd.com> References: <20250417124844.11143-1-agarciav@amd.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain
Series	Hyperlaunch device tree for dom0 \| expand [v4,00/13] Hyperlaunch device tree for dom0 [v4,01/13] x86/boot: add cmdline to struct boot_domain [v4,02/13] kconfig: introduce domain builder config options [v4,03/13] common/hyperlaunch: introduce the domain builder [v4,04/13] x86/hyperlaunch: initial support for hyperlaunch device tree [v4,05/13] x86/hyperlaunch: Add helpers to locate multiboot modules [v4,06/13] x86/hyperlaunch: locate dom0 kernel with hyperlaunch [v4,07/13] x86/hyperlaunch: obtain cmdline from device tree [v4,08/13] x86/hyperlaunch: locate dom0 initrd with hyperlaunch [v4,09/13] x86/hyperlaunch: add domain id parsing to domain config [v4,10/13] x86/hyperlaunch: specify dom0 mode with device tree [v4,11/13] x86/hyperlaunch: add memory parsing to domain config [v4,12/13] x86/hyperlaunch: add max vcpu parsing of hyperlaunch device tree [v4,13/13] x86/hyperlaunch: add capabilities to boot domain

Message ID

20250417124844.11143-14-agarciav@amd.com (mailing list archive)

State

New

Headers

Errors-To: xen-devel-bounces@lists.xenproject.org
Precedence: list
Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>
Received-SPF: Pass (protection.outlook.com: domain of amd.com designates
 165.204.84.17 as permitted sender) receiver=protection.outlook.com;
 client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C
From: Alejandro Vallejo <agarciav@amd.com>
To: <xen-devel@lists.xenproject.org>
CC: "Daniel P. Smith" <dpsmith@apertussolutions.com>,
 Jan Beulich <jbeulich@suse.com>, Andrew Cooper <andrew.cooper3@citrix.com>,
	=?utf-8?q?Roger_Pau_Monn=C3=A9?= <roger.pau@citrix.com>,
 Anthony PERARD <anthony.perard@vates.tech>,
 Michal Orzel <michal.orzel@amd.com>, "Julien Grall" <julien@xen.org>,
 Stefano Stabellini <sstabellini@kernel.org>,
 "Jason Andryuk" <jason.andryuk@amd.com>, Alejandro Vallejo <agarciav@amd.com>
Subject: [PATCH v4 13/13] x86/hyperlaunch: add capabilities to boot domain
Date: Thu, 17 Apr 2025 13:48:35 +0100
Message-ID: <20250417124844.11143-14-agarciav@amd.com>
In-Reply-To: <20250417124844.11143-1-agarciav@amd.com>
References: <20250417124844.11143-1-agarciav@amd.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Apr 2025 12:49:30.0838
 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 f117c596-c7ab-4ac6-5e14-08dd7dae4b88
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: 
 TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com]
X-MS-Exchange-CrossTenant-AuthSource: 
	CH2PEPF00000142.namprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR12MB4039

Series

Hyperlaunch device tree for dom0 | expand

Commit Message

Alejandro Vallejo April 17, 2025, 12:48 p.m. UTC

From: "Daniel P. Smith" <dpsmith@apertussolutions.com>

Introduce the ability to assign capabilities to a domain via its definition in
device tree. The first capability enabled to select is the control domain
capability. The capability property is a bitfield in both the device tree and
`struct boot_domain`.

Signed-off-by: Daniel P. Smith <dpsmith@apertussolutions.com>
Signed-off-by: Jason Andryuk <jason.andryuk@amd.com>
Signed-off-by: Alejandro Vallejo <agarciav@amd.com>
---
v4:
  * Dropped Jason's R-by.
  * Refactored caps printinng logic
    * It just wasn't xenlog-compatible as it was.
  * Moved pv_shim check to builder_init, so the capability is just not given.
    * And inlined the create_flags variable now that's tractable.
  * Validated input capabilities after coming out of the DT.
---
 xen/arch/x86/include/asm/boot-domain.h |  5 +++++
 xen/arch/x86/setup.c                   |  3 ++-
 xen/common/domain-builder/core.c       |  2 ++
 xen/common/domain-builder/fdt.c        | 20 ++++++++++++++++++++
 4 files changed, 29 insertions(+), 1 deletion(-)

Comments

Denis Mukhin April 18, 2025, 11:24 p.m. UTC | #1

On Thu, Apr 17, 2025 at 01:48:35PM +0100, Alejandro Vallejo wrote:
> From: "Daniel P. Smith" <dpsmith@apertussolutions.com>
> 
> Introduce the ability to assign capabilities to a domain via its definition in
> device tree. The first capability enabled to select is the control domain
> capability. The capability property is a bitfield in both the device tree and
> `struct boot_domain`.
> 
> Signed-off-by: Daniel P. Smith <dpsmith@apertussolutions.com>
> Signed-off-by: Jason Andryuk <jason.andryuk@amd.com>
> Signed-off-by: Alejandro Vallejo <agarciav@amd.com>

Reviewed-by: Denis Mukhin <dmukhin@ford.com>

> ---
> v4:
>   * Dropped Jason's R-by.
>   * Refactored caps printinng logic
>     * It just wasn't xenlog-compatible as it was.
>   * Moved pv_shim check to builder_init, so the capability is just not given.
>     * And inlined the create_flags variable now that's tractable.
>   * Validated input capabilities after coming out of the DT.
> ---
>  xen/arch/x86/include/asm/boot-domain.h |  5 +++++
>  xen/arch/x86/setup.c                   |  3 ++-
>  xen/common/domain-builder/core.c       |  2 ++
>  xen/common/domain-builder/fdt.c        | 20 ++++++++++++++++++++
>  4 files changed, 29 insertions(+), 1 deletion(-)
> 
> diff --git a/xen/arch/x86/include/asm/boot-domain.h b/xen/arch/x86/include/asm/boot-domain.h
> index 969c02a6ea..5c143d82af 100644
> --- a/xen/arch/x86/include/asm/boot-domain.h
> +++ b/xen/arch/x86/include/asm/boot-domain.h
> @@ -13,6 +13,11 @@
>  struct boot_domain {
>      domid_t domid;
> 
> +#define BUILD_CAPS_NONE          (0U)
> +#define BUILD_CAPS_CONTROL       (1U << 0)
> +#define BUILD_CAPS__ALL          BUILD_CAPS_CONTROL
> +    uint32_t capabilities;
> +
>                                            /* On     | Off    */
>  #define BUILD_MODE_PARAVIRT      (1 << 0) /* PV     | PVH/HVM */
>  #define BUILD_MODE_ENABLE_DM     (1 << 1) /* HVM    | PVH     */
> diff --git a/xen/arch/x86/setup.c b/xen/arch/x86/setup.c
> index 455dad454c..3cdd8bc2f9 100644
> --- a/xen/arch/x86/setup.c
> +++ b/xen/arch/x86/setup.c
> @@ -1040,7 +1040,8 @@ static struct domain *__init create_dom0(struct boot_info *bi)
>      if ( bd->domid == DOMID_INVALID )
>          /* Create initial domain.  Not d0 for pvshim. */
>          bd->domid = get_initial_domain_id();
> -    d = domain_create(bd->domid, &dom0_cfg, pv_shim ? 0 : CDF_privileged);
> +    d = domain_create(bd->domid, &dom0_cfg,
> +            (bd->capabilities & BUILD_CAPS_CONTROL) ? CDF_privileged : 0);
>      if ( IS_ERR(d) )
>          panic("Error creating d%u: %ld\n", bd->domid, PTR_ERR(d));
> 
> diff --git a/xen/common/domain-builder/core.c b/xen/common/domain-builder/core.c
> index 4b4230f2ff..d1a5d6125e 100644
> --- a/xen/common/domain-builder/core.c
> +++ b/xen/common/domain-builder/core.c
> @@ -8,6 +8,7 @@
>  #include <xen/lib.h>
> 
>  #include <asm/bootinfo.h>
> +#include <asm/pv/shim.h>
>  #include <asm/setup.h>
> 
>  #include "fdt.h"
> @@ -93,6 +94,7 @@ void __init builder_init(struct boot_info *bi)
> 
>          bi->mods[i].type = BOOTMOD_KERNEL;
>          bi->domains[0].kernel = &bi->mods[i];
> +        bi->domains[0].capabilities |= pv_shim ? 0 : BUILD_CAPS_CONTROL;
>          bi->nr_domains = 1;
>      }
>  }
> diff --git a/xen/common/domain-builder/fdt.c b/xen/common/domain-builder/fdt.c
> index 295ab6e8b3..3e3a84e2d0 100644
> --- a/xen/common/domain-builder/fdt.c
> +++ b/xen/common/domain-builder/fdt.c
> @@ -293,6 +293,26 @@ static int __init process_domain_node(
>              bd->max_vcpus = val;
>              printk(XENLOG_INFO "  cpus: %d\n", bd->max_vcpus);
>          }
> +        else if ( !strncmp(prop_name, "capabilities", name_len) )
> +        {
> +            if ( (rc = fdt_prop_as_u32(prop, &bd->capabilities)) )
> +            {
> +                printk(XENLOG_ERR
> +                       "  bad \"capabilities\" on domain %s\n", name);
> +                return rc;
> +            }
> +
> +            if ( bd->capabilities & ~BUILD_CAPS__ALL )
> +            {
> +                printk(XENLOG_WARNING "  unknown capabilities: %#x\n",
> +                       bd->capabilities & ~BUILD_CAPS__ALL);
> +
> +                bd->capabilities &= BUILD_CAPS__ALL;
> +            }
> +
> +            printk(XENLOG_INFO "  caps: %s\n",
> +                   bd->capabilities & BUILD_CAPS_CONTROL ? "c" : "");
> +        }
>      }
> 
>      fdt_for_each_subnode(node, fdt, dom_node)
> --
> 2.43.0
> 
>

diff --git a/xen/arch/x86/include/asm/boot-domain.h b/xen/arch/x86/include/asm/boot-domain.h
index 969c02a6ea..5c143d82af 100644
--- a/xen/arch/x86/include/asm/boot-domain.h
+++ b/xen/arch/x86/include/asm/boot-domain.h
@@ -13,6 +13,11 @@ 
 struct boot_domain {
     domid_t domid;
 
+#define BUILD_CAPS_NONE          (0U)
+#define BUILD_CAPS_CONTROL       (1U << 0)
+#define BUILD_CAPS__ALL          BUILD_CAPS_CONTROL
+    uint32_t capabilities;
+
                                           /* On     | Off    */
 #define BUILD_MODE_PARAVIRT      (1 << 0) /* PV     | PVH/HVM */
 #define BUILD_MODE_ENABLE_DM     (1 << 1) /* HVM    | PVH     */
diff --git a/xen/arch/x86/setup.c b/xen/arch/x86/setup.c
index 455dad454c..3cdd8bc2f9 100644
--- a/xen/arch/x86/setup.c
+++ b/xen/arch/x86/setup.c
@@ -1040,7 +1040,8 @@  static struct domain *__init create_dom0(struct boot_info *bi)
     if ( bd->domid == DOMID_INVALID )
         /* Create initial domain.  Not d0 for pvshim. */
         bd->domid = get_initial_domain_id();
-    d = domain_create(bd->domid, &dom0_cfg, pv_shim ? 0 : CDF_privileged);
+    d = domain_create(bd->domid, &dom0_cfg,
+            (bd->capabilities & BUILD_CAPS_CONTROL) ? CDF_privileged : 0);
     if ( IS_ERR(d) )
         panic("Error creating d%u: %ld\n", bd->domid, PTR_ERR(d));
 
diff --git a/xen/common/domain-builder/core.c b/xen/common/domain-builder/core.c
index 4b4230f2ff..d1a5d6125e 100644
--- a/xen/common/domain-builder/core.c
+++ b/xen/common/domain-builder/core.c
@@ -8,6 +8,7 @@ 
 #include <xen/lib.h>
 
 #include <asm/bootinfo.h>
+#include <asm/pv/shim.h>
 #include <asm/setup.h>
 
 #include "fdt.h"
@@ -93,6 +94,7 @@  void __init builder_init(struct boot_info *bi)
 
         bi->mods[i].type = BOOTMOD_KERNEL;
         bi->domains[0].kernel = &bi->mods[i];
+        bi->domains[0].capabilities |= pv_shim ? 0 : BUILD_CAPS_CONTROL;
         bi->nr_domains = 1;
     }
 }
diff --git a/xen/common/domain-builder/fdt.c b/xen/common/domain-builder/fdt.c
index 295ab6e8b3..3e3a84e2d0 100644
--- a/xen/common/domain-builder/fdt.c
+++ b/xen/common/domain-builder/fdt.c
@@ -293,6 +293,26 @@  static int __init process_domain_node(
             bd->max_vcpus = val;
             printk(XENLOG_INFO "  cpus: %d\n", bd->max_vcpus);
         }
+        else if ( !strncmp(prop_name, "capabilities", name_len) )
+        {
+            if ( (rc = fdt_prop_as_u32(prop, &bd->capabilities)) )
+            {
+                printk(XENLOG_ERR
+                       "  bad \"capabilities\" on domain %s\n", name);
+                return rc;
+            }
+
+            if ( bd->capabilities & ~BUILD_CAPS__ALL )
+            {
+                printk(XENLOG_WARNING "  unknown capabilities: %#x\n",
+                       bd->capabilities & ~BUILD_CAPS__ALL);
+
+                bd->capabilities &= BUILD_CAPS__ALL;
+            }
+
+            printk(XENLOG_INFO "  caps: %s\n",
+                   bd->capabilities & BUILD_CAPS_CONTROL ? "c" : "");
+        }
     }
 
     fdt_for_each_subnode(node, fdt, dom_node)

[v4,13/13] x86/hyperlaunch: add capabilities to boot domain

Commit Message

Comments

Patch