On 31.05.2022 17:19, Daniel P. Smith wrote: > > On 5/31/22 11:16, Jan Beulich wrote: >> On 31.05.2022 16:56, Daniel P. Smith wrote: >>> There are new capabilities, dom0less and hyperlaunch, that introduce >>> internal >>> hypervisor logic, which needs to make resource allocation calls that are >>> protected by XSM access checks. The need for these resource allocations are >>> necessary for dom0less and hyperlaunch when they are constructing the >>> initial >>> domain(s). This creates an issue as a subset of the hypervisor code is >>> executed under a system domain, the idle domain, that is represented by a >>> per-CPU non-privileged struct domain. To enable these new capabilities to >>> function correctly but in a controlled manner, this commit changes the idle >>> system domain to be created as a privileged domain under the default policy >>> and >>> demoted before transitioning to running. A new XSM hook, >>> xsm_set_system_active(), is introduced to allow each XSM policy type to >>> demote >>> the idle domain appropriately for that policy type. In the case of SILO, it >>> inherits the default policy's hook for xsm_set_system_active(). >>> >>> For flask, a stub is added to ensure that flask policy system will function >>> correctly with this patch until flask is extended with support for starting >>> the >>> idle domain privileged and properly demoting it on the call to >>> xsm_set_system_active(). >>> >>> Signed-off-by: Daniel P. Smith <[email protected]> >>> Reviewed-by: Jason Andryuk <[email protected]> >>> Reviewed-by: Luca Fancellu <[email protected]> >>> Acked-by: Julien Grall <[email protected]> # arm >> >> Hmm, here and on patch 2 you've lost Rahul's R-b and T-b, afaict. > > erg, you are right, my apologies. Would you like me to respin as v9 to > get it in there, so it is not lost?
Not sure; much depends on who would commit this if this ends up being the final version. (If you re-send, I'd suggest v8.1 rather than v9.) Jan
