[PATCH v3 28/28] xen/domctl: wrap common/domctl.c with CONFIG_MGMT_HYPERCALLS

Sat, 18 Oct 2025 03:19:58 -0700 

Wrap domctl hypercall def and domctl.o with CONFIG_MGMT_HYPERCALLS.

Signed-off-by: Penny Zheng <[email protected]>
---
v1 -> v2:
- remove stub in common/domctl.c
- combine the original commit of "xen/domctl: provide stub for
 domctl_lock_{acquire,release}"
- adapt to changes of "unify DOMCTL to MGMT_HYPERCALLS"
---
v2 -> v3:
- add pitfall warnning in Kconfig help
---
 xen/common/Kconfig           | 6 ++++--
 xen/common/Makefile          | 2 +-
 xen/include/hypercall-defs.c | 4 ++--
 3 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/xen/common/Kconfig b/xen/common/Kconfig
index 309d262386..efbe97c54a 100644
--- a/xen/common/Kconfig
+++ b/xen/common/Kconfig
@@ -646,11 +646,13 @@ config SYSTEM_SUSPEND
          If unsure, say N.
 
 config MGMT_HYPERCALLS
-       def_bool y
+       bool "Enable privileged hypercalls for system management"
        help
          This option shall only be disabled on some dom0less systems, or
          PV shim on x86, to reduce Xen footprint via managing unnessary
-         hypercalls, like sysctl, etc.
+         hypercalls, like sysctl, domctl, etc.
+         Be cautious to disable it, as users will face missing a few basic
+         hypercalls like listdomains, getdomaininfo, etc.
 
 config PM_OP
        bool "Enable Performance Management Operation"
diff --git a/xen/common/Makefile b/xen/common/Makefile
index fdf826f218..45c0bda000 100644
--- a/xen/common/Makefile
+++ b/xen/common/Makefile
@@ -11,7 +11,7 @@ obj-$(filter-out $(CONFIG_X86),$(CONFIG_ACPI)) += device.o
 obj-$(CONFIG_DEVICE_TREE_PARSE) += device-tree/
 obj-$(CONFIG_IOREQ_SERVER) += dm.o
 obj-y += domain.o
-obj-y += domctl.o
+obj-$(CONFIG_MGMT_HYPERCALLS) += domctl.o
 obj-y += domid.o
 obj-y += event_2l.o
 obj-y += event_channel.o
diff --git a/xen/include/hypercall-defs.c b/xen/include/hypercall-defs.c
index 02d7b93e80..c243edc460 100644
--- a/xen/include/hypercall-defs.c
+++ b/xen/include/hypercall-defs.c
@@ -196,11 +196,11 @@ dm_op(domid_t domid, unsigned int nr_bufs, 
xen_dm_op_buf_t *bufs)
 #endif
 #ifdef CONFIG_MGMT_HYPERCALLS
 sysctl(xen_sysctl_t *u_sysctl)
+domctl(xen_domctl_t *u_domctl)
 #endif
 #if defined(CONFIG_X86) && defined(CONFIG_PAGING) && 
defined(CONFIG_MGMT_HYPERCALLS)
 paging_domctl_cont(xen_domctl_t *u_domctl)
 #endif
-domctl(xen_domctl_t *u_domctl)
 #ifndef CONFIG_PV_SHIM_EXCLUSIVE
 platform_op(xen_platform_op_t *u_xenpf_op)
 #endif
@@ -279,8 +279,8 @@ hvm_op                             do       do       do     
  do       do
 #endif
 #ifdef CONFIG_MGMT_HYPERCALLS
 sysctl                             do       do       do       do       do
-#endif
 domctl                             do       do       do       do       do
+#endif
 #ifdef CONFIG_KEXEC
 kexec_op                           compat   do       -        -        -
 #endif
-- 
2.34.1

Reply via email to