On Tue, 18 Dec 2018, Julien Grall wrote: > Hi, > > On 12/17/18 10:10 PM, Stefano Stabellini wrote: > > + /* These calls are safe and always allowed. */ > > + case EEMI_FID(ZYNQMP_SIP_SVC_CALL_COUNT): > > + case EEMI_FID(ZYNQMP_SIP_SVC_UID): > > + case EEMI_FID(ZYNQMP_SIP_SVC_VERSION): > > + case EEMI_FID(PM_GET_TRUSTZONE_VERSION): > > + case EEMI_FID(PM_GET_API_VERSION): > > Above you say the call to PM_GET_API_VERSION are safe and always allowed. But > looking at the ATF implementation the first call to PM_GET_API_VERSION will > enable IPI IRQ. > > AFAICT, Dom0 will be the only domain to access IPI. So what happen if, in the > Dom0less case, the guest is booting before and calling PM_GET_API_VERSION? > > I haven't looked in depth the other SIP functions to see whether there are > other potential issue.
On Xilinx MPSoC, the power management handler runs on a separate processor (a Microblaze processor). Xilinx calls it "PMU". The IPI IRQ enabled by ATF is for it to communicate with the PMU, it should not be exposed to virtual machines. Nothing to do on our side here. _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel
