On 12/18/24 05:04, Sergiy Kibrik wrote:
18.12.24 03:17, Daniel P. Smith:
On 17/12/2024 11:47, Sergiy Kibrik wrote:
Allow to build ARM configuration with support for initializing
hardware domain.
On ARM it is only possible to start hardware domain in multiboot
mode, so
dom0less support is required. This is reflected by dependency on
DOM0LESS_BOOT
instead of directly depending on ARM config option.
Just to make sure my assumption is correct, you are looking to do a
multi-domain construction at boot time, with at least two domains. One
of those two domains is the "control domain" and one is the "hardware
domain", aka late hwdom except it's not constructed "late".
yes, you're correct
If you want such a configuration, I would highly recommend you first
enable setting flask labels via dom0less (assuming it is not there)
before lighting this feature up. This is because the dummy/base policy
has no support for differentiating between a "control domain" and a
"hardware domain". What you really would end up with is two control
domains, with one also having control over hardware.
will check this out, thank you for suggestion!
Apologies, one minor correction. You would get a control domain and a
domU with the hardware mapped into its address space, not two control
domains. I was not thinking about the fact that dom0less builds a single
dom0, if defined, and all the domain definitions are built as domU.
v/r,
dps
