> On 3 May 2022, at 12:17, Daniel P. Smith <dpsm...@apertussolutions.com> wrote:
>
> There are new capabilities, dom0less and hyperlaunch, that introduce internal
> hypervisor logic which needs to make resource allocation calls that are
> protected by XSM access checks. This creates an issue as a subset of the
> hypervisor code is executed under a system domain, the idle domain, that is
> represented by a per-CPU non-privileged struct domain. To enable these new
> capabilities to function correctly but in a controlled manner, this commit
> changes the idle system domain to be created as a privileged domain under the
> default policy and demoted before transitioning to running. A new XSM hook,
> xsm_set_system_active(), is introduced to allow each XSM policy type to demote
> the idle domain appropriately for that policy type. In the case of SILO, it
> inherits the default policy's hook for xsm_set_system_active().
>
> For flask a stub is added to ensure that flask policy system will function
> correctly with this patch until flask is extended with support for starting
> the
> idle domain privileged and properly demoting it on the call to
> xsm_set_system_active().
>
> Signed-off-by: Daniel P. Smith <dpsm...@apertussolutions.com>
> Reviewed-by: Jason Andryuk <jandr...@gmail.com>
Reviewed-by: Luca Fancellu <luca.fance...@arm.com>
Cheers,
Luca
