On 01.08.2023 22:20, Daniel P. Smith wrote: > --- a/xen/common/domain.c > +++ b/xen/common/domain.c > @@ -340,6 +340,14 @@ static int late_hwdom_init(struct domain *d) > setup_io_bitmap(dom0); > #endif > > + /* > + * "dom0" may have been created under the unbounded role, demote it from > + * that role, reducing it to the control domain role and any other roles > it > + * may have been given. > + */ > + dom0->role &= ~(ROLE_UNBOUNDED_DOMAIN & ROLE_HARDWARE_DOMAIN);
This doesn't look to remove anything, when taking into account ... > --- a/xen/include/xen/sched.h > +++ b/xen/include/xen/sched.h > @@ -467,8 +467,10 @@ struct domain > #endif > /* is node-affinity automatically computed? */ > bool auto_node_affinity; > - /* Is this guest fully privileged (aka dom0)? */ > - bool is_privileged; > +#define ROLE_UNBOUNDED_DOMAIN (1U<<0) > +#define ROLE_CONTROL_DOMAIN (1U<<1) > +#define ROLE_HARDWARE_DOMAIN (1U<<2) ... that each of the constants has just a single bit set. Seeing the & there I was expecting something like #define ROLE_UNBOUNDED_DOMAIN (ROLE_CONTROL_DOMAIN | ROLE_HARDWARE_DOMAIN) instead. Jan
