From: Denis Mukhin <dmuk...@ford.com> Add new flag to domain structure for marking permission to intercept the physical console input by the domain.
Update console input switch logic accordingly. No functional change intended. Signed-off-by: Denis Mukhin <dmuk...@ford.com> --- Changes since v2: - rebased - Link to v2: https://lore.kernel.org/xen-devel/20250331230508.440198-2-dmuk...@ford.com/ --- xen/arch/arm/vpl011.c | 2 ++ xen/arch/x86/pv/shim.c | 2 ++ xen/common/domain.c | 2 ++ xen/drivers/char/console.c | 18 +++++++++++++++++- xen/include/xen/sched.h | 8 +++++++- 5 files changed, 30 insertions(+), 2 deletions(-) diff --git a/xen/arch/arm/vpl011.c b/xen/arch/arm/vpl011.c index 0f58b2c900..d0e5504e9e 100644 --- a/xen/arch/arm/vpl011.c +++ b/xen/arch/arm/vpl011.c @@ -734,6 +734,8 @@ int domain_vpl011_init(struct domain *d, struct vpl011_init_info *info) register_mmio_handler(d, &vpl011_mmio_handler, vpl011->base_addr, GUEST_PL011_SIZE, NULL); + d->console.input_allowed = true; + return 0; out1: diff --git a/xen/arch/x86/pv/shim.c b/xen/arch/x86/pv/shim.c index c506cc0bec..bc2a7dd5fa 100644 --- a/xen/arch/x86/pv/shim.c +++ b/xen/arch/x86/pv/shim.c @@ -238,6 +238,8 @@ void __init pv_shim_setup_dom(struct domain *d, l4_pgentry_t *l4start, * guest from depleting the shim memory pool. */ d->max_pages = domain_tot_pages(d); + + d->console.input_allowed = true; } static void write_start_info(struct domain *d) diff --git a/xen/common/domain.c b/xen/common/domain.c index cb05156ff5..6a6cdd991b 100644 --- a/xen/common/domain.c +++ b/xen/common/domain.c @@ -836,6 +836,8 @@ struct domain *domain_create(domid_t domid, flags |= CDF_hardware; if ( old_hwdom ) old_hwdom->cdf &= ~CDF_hardware; + + d->console.input_allowed = true; } /* Holding CDF_* internal flags. */ diff --git a/xen/drivers/char/console.c b/xen/drivers/char/console.c index 86fd0b427d..ccecda6523 100644 --- a/xen/drivers/char/console.c +++ b/xen/drivers/char/console.c @@ -476,9 +476,21 @@ static unsigned int __read_mostly console_rx = 0; static struct domain *console_get_domain(void) { + struct domain *d; + if ( console_rx == 0 ) return NULL; - return rcu_lock_domain_by_id(console_rx - 1); + + d = rcu_lock_domain_by_id(console_rx - 1); + if ( !d ) + return NULL; + + if ( d->console.input_allowed ) + return d; + + rcu_unlock_domain(d); + + return NULL; } static void console_put_domain(struct domain *d) @@ -522,6 +534,10 @@ static void console_switch_input(void) if ( d ) { rcu_unlock_domain(d); + + if ( !d->console.input_allowed ) + break; + console_rx = next_rx; printk("*** Serial input to DOM%u", domid); break; diff --git a/xen/include/xen/sched.h b/xen/include/xen/sched.h index 559d201e0c..e91c99a8f3 100644 --- a/xen/include/xen/sched.h +++ b/xen/include/xen/sched.h @@ -512,7 +512,7 @@ struct domain bool auto_node_affinity; /* Is this guest fully privileged (aka dom0)? */ bool is_privileged; - /* Can this guest access the Xen console? */ + /* XSM: permission to use HYPERCALL_console_io hypercall */ bool is_console; /* Is this guest being debugged by dom0? */ bool debugger_attached; @@ -651,6 +651,12 @@ struct domain unsigned int num_llc_colors; const unsigned int *llc_colors; #endif + + /* Console settings. */ + struct { + /* Permission to take ownership of the physical console input. */ + bool input_allowed; + } console; } __aligned(PAGE_SIZE); static inline struct page_list_head *page_to_list( -- 2.34.1
