On 01/10/2025 9:01 pm, Milan Djokic wrote:
> Signed-off-by: Milan Djokic <[email protected]>
>
> ---
> XEN_DOMCTL_get_address_size hypercall is not implemented for arm (only for
> x86)
> It would be useful to have this hypercall supported for arm64, in order to get
> current guest addressing mode and also to verify that
> XEN_DOMCTL_set_address_size
> performs switch to target addressing mode (instead of relying on its returned
> error code only).
Please don't copy this misfeature of x86 PV guests into ARM.
Letting domains be of variable bitness after domain create leads to a
whole lot of bugs, many security relevant.
32bit vs 64bit should be an input to domain_create(), not something that
is edited after the domain has been constructed.
> diff --git a/xen/arch/arm/arm64/domctl.c b/xen/arch/arm/arm64/domctl.c
> index 8720d126c9..f227309e06 100644
> --- a/xen/arch/arm/arm64/domctl.c
> +++ b/xen/arch/arm/arm64/domctl.c
> @@ -33,6 +34,37 @@ static long switch_mode(struct domain *d, enum domain_type
> type)
> return 0;
> }
>
> +static long get_address_size(struct domain *d, uint32_t *address_size)
> +{
> + long rc = 0;
> + struct vcpu *v;
> + /* Check invalid arguments */
> + if ( d == NULL || address_size == NULL) {
> + rc = -EINVAL;
> + }
> + /* Domain structure type field and actual vcpu mode must be aligned */
> + if(rc == 0) {
> + for_each_vcpu(d, v) {
> + if(vcpu_get_mode(v) != d->arch.type) {
> + rc = -EFAULT;
> + }
> + }
This is deeply suspicious.
Under what circumstances can the vCPU setting be different from the
domain setting?
~Andrew
