xenbits.xensource.com Git - xen.git/commit

author	Jason Andryuk <jason.andryuk@amd.com>
	Wed, 16 Apr 2025 21:29:08 +0000 (17:29 -0400)
committer	Stefano Stabellini <stefano.stabellini@amd.com>
	Fri, 18 Apr 2025 20:41:29 +0000 (13:41 -0700)
commit	7fc8120a2a857b43087c316d38e010da2d1cacf2
tree	286b83a29debd507aed40f9e7fbaea53a77f7d73	tree
parent	379a23677e1af54abc473fbe782b563967099296	commit \| diff

xen/arm: dom0less seed xenstore grant table entry

xenstored maps other domains' xenstore pages.  Currently this relies on
init-dom0less or xl to seed the grants from Dom0.  With split
hardware/control/xenstore domains, this is problematic since we don't
want the hardware domain to be able to map other domains' resources
without their permission.  Instead have the hypervisor seed the grant
table entry for every dom0less domain.  The grant is then accessible as
normal.

C xenstored uses grants, so it can map the xenstore pages from a
non-dom0 xenstore domain.  OCaml xenstored uses foreign mappings, so it
can only run from a privileged domain (dom0).

Add a define to indicate the late alloc xsentore PFN, to better indicate
what is being checked.  Use UINT64_MAX instead of ~0ULL as the HVM_PARAM
field is a uint64_t.  UINT64_MAX is not defined, so add it.

Signed-off-by: Jason Andryuk <jason.andryuk@amd.com>
Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>

xen/arch/arm/dom0less-build.c		diff \| blob \| blame \| history
xen/common/grant_table.c		diff \| blob \| blame \| history
xen/include/xen/grant_table.h		diff \| blob \| blame \| history
xen/include/xen/types.h		diff \| blob \| blame \| history