On 19.03.2025 00:36, dm...@proton.me wrote:
> @@ -564,10 +586,25 @@ static void __serial_rx(char c)
> /* Deliver input to the PV shim console. */
> rc = consoled_guest_tx(c);
>
> - if ( rc )
> + switch ( rc )
> + {
> + case 0:
> + break;
> +
> + case -EBUSY: /* Loopback mode */
> + case -ENOSPC: /* FIFO is full */
> guest_printk(d,
> XENLOG_WARNING "failed to process console input: %d\n",
> rc);
> + break;
> +
> + default:
> + d->console.input_allowed = false;
This aspect isn't mentioned / justified in the description, and I also
can't deduce why you would do so. Or to put it differently, why you'd
then not also take away input focus from this domain, for it no longer
being eligible to have focus.
> --- a/xen/include/xen/sched.h
> +++ b/xen/include/xen/sched.h
> @@ -512,7 +512,7 @@ struct domain
> bool auto_node_affinity;
> /* Is this guest fully privileged (aka dom0)? */
> bool is_privileged;
> - /* Can this guest access the Xen console? */
> + /* XSM: permission to use HYPERCALL_console_io hypercall */
> bool is_console;
> /* Is this guest being debugged by dom0? */
> bool debugger_attached;
> @@ -651,6 +651,12 @@ struct domain
> unsigned int num_llc_colors;
> const unsigned int *llc_colors;
> #endif
> +
> + /* Console settings. */
> + struct {
> + /* Permission to own physical console input. */
> + bool input_allowed;
> + } console;
Are further fields going to be added to this sub-struct? If not, is having
a sub-struct here actually worth it?
Jan
