pool/xen
SHA256
3
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- fate#309893: Add Xen support for AMD family 15h processors

Browse Source 
- fate#309901: Add Xen support for SVM TSC scaling in AMD family 
  15h
- fate#311951: Ivy Bridge: XEN support for Supervisor Mode 
  Execution Protection (SMEP) 
  23437-amd-fam15-TSC-scaling.patch
  23462-libxc-cpu-feature.patch
  23481-x86-SMEP.patch
  23504-x86-SMEP-hvm.patch
  23505-x86-cpu-add-arg-check.patch
  23508-vmx-proc-based-ctls-probe.patch
  23510-hvm-cpuid-DRNG.patch
  23511-amd-fam15-no-flush-for-C3.patch
  23516-cpuid-ERMS.patch
  23538-hvm-pio-emul-no-host-crash.patch
  23539-hvm-cpuid-FSGSBASE.patch
  23543-x86_64-maddr_to_virt-assertion.patch
  23546-fucomip.patch

- Fix libxc reentrancy issues
  23383-libxc-rm-static-vars.patch

OBS-URL: https://build.opensuse.org/package/show/Virtualization/xen?expand=0&rev=128
This commit is contained in:
Charles Arnold 2011-06-17 16:45:46 +00:00 committed by Git OBS Bridge
parent 3f0ae384b4
commit 1b78387def
19 changed files with 1400 additions and 250 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
23338-vtd-force-intremap.patch
View File

@ -1,38 +0,0 @@
# HG changeset patch
# User Keir Fraser <keir@xen.org>
# Date 1305214920 -3600
# Node ID 9751bc49639ec4e34837545cdc982d0768e46d94
# Parent cc91832a02c7cb6b09729ca8e9fc497e5cb2ba4d
vt-d: [CVE-2011-1898] Ensure that "iommu=required" enables interrupt remapping.
Ensure that when Xen boots with "iommu=required" it will also insist
that interrupt remapping is supported and enabled. It arranges that
booting with that option on vulnerable hardware will fail, rather than
appearing to succeed but actually being vulnerable to guests.
From: Allen Kay <allen.m.kay@intel.com>
Signed-off-by: Keir Fraser <keir@xen.org>
Index: xen-4.1.1-testing/xen/drivers/passthrough/vtd/iommu.c
===================================================================
--- xen-4.1.1-testing.orig/xen/drivers/passthrough/vtd/iommu.c
+++ xen-4.1.1-testing/xen/drivers/passthrough/vtd/iommu.c
@@ -1985,6 +1985,8 @@ static int init_vtd_hw(void)
"ioapic_to_iommu: ioapic 0x%x (id: 0x%x) is NULL! "
"Will not try to enable Interrupt Remapping.\n",
apic, IO_APIC_ID(apic));
+ if ( force_iommu )
+ panic("intremap remapping failed to enable with iommu=required/force in grub\n");
break;
}
}
@@ -1999,6 +2001,9 @@ static int init_vtd_hw(void)
iommu_intremap = 0;
dprintk(XENLOG_WARNING VTDPREFIX,
"Interrupt Remapping not enabled\n");
+
+ if ( force_iommu && platform_supports_intremap() )
+ panic("intremap remapping failed to enable with iommu=required/force in grub\n");
break;
}
}

78
23383-libxc-rm-static-vars.patch Normal file
View File

@ -0,0 +1,78 @@
# HG changeset patch
# User Ian Campbell <ian.campbell@citrix.com>
# Date 1306228450 -3600
# Node ID 23b423a3955785c9a8679c3a877c3472066a2e1f
# Parent ba8da39c67298b19c2c277e5794981b7f23bedf2
libxc: save/restore: remove static context variables
20544:ad9d75d74bd5 and 20545:cc7d66ba0dad seemingly intended to change these
global static variables into stack variables but didn't remove the static
qualifier.
Also zero the entire struct once with memset rather than clearing fields
piecemeal in two different places.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Ian Jackson <ian.jackson.citrix.com>
Committed-by: Ian Jackson <ian.jackson.citrix.com>
Acked-by: Vincent Hanquez <vincent.hanquez@eu.citrix.com>
Index: xen-4.1.1-testing/tools/libxc/xc_domain_restore.c
===================================================================
--- xen-4.1.1-testing.orig/tools/libxc/xc_domain_restore.c
+++ xen-4.1.1-testing/tools/libxc/xc_domain_restore.c
@@ -1134,23 +1134,19 @@ int xc_domain_restore(xc_interface *xch,
int orig_io_fd_flags;
- static struct restore_ctx _ctx = {
- .live_p2m = NULL,
- .p2m = NULL,
- };
- static struct restore_ctx *ctx = &_ctx;
+ struct restore_ctx _ctx;
+ struct restore_ctx *ctx = &_ctx;
struct domain_info_context *dinfo = &ctx->dinfo;
pagebuf_init(&pagebuf);
memset(&tailbuf, 0, sizeof(tailbuf));
tailbuf.ishvm = hvm;
- /* For info only */
- ctx->nr_pfns = 0;
-
if ( superpages )
return 1;
+ memset(ctx, 0, sizeof(*ctx));
+
ctxt = xc_hypercall_buffer_alloc(xch, ctxt, sizeof(*ctxt));
if ( ctxt == NULL )
Index: xen-4.1.1-testing/tools/libxc/xc_domain_save.c
===================================================================
--- xen-4.1.1-testing.orig/tools/libxc/xc_domain_save.c
+++ xen-4.1.1-testing/tools/libxc/xc_domain_save.c
@@ -958,11 +958,8 @@ int xc_domain_save(xc_interface *xch, in
unsigned long mfn;
struct outbuf ob;
- static struct save_ctx _ctx = {
- .live_p2m = NULL,
- .live_m2p = NULL,
- };
- static struct save_ctx *ctx = &_ctx;
+ struct save_ctx _ctx;
+ struct save_ctx *ctx = &_ctx;
struct domain_info_context *dinfo = &ctx->dinfo;
int completed = 0;
@@ -976,6 +973,8 @@ int xc_domain_save(xc_interface *xch, in
outbuf_init(xch, &ob, OUTBUF_SIZE);
+ memset(ctx, 0, sizeof(*ctx));
+
/* If no explicit control parameters given, use defaults */
max_iters = max_iters ? : DEF_MAX_ITERS;
max_factor = max_factor ? : DEF_MAX_FACTOR;

125
23437-amd-fam15-TSC-scaling.patch Normal file
View File

@ -0,0 +1,125 @@
References: FATE#309901
# HG changeset patch
# User Wei Huang <wei.huang2@amd.com>
# Date 1306569488 -3600
# Node ID d7c755c25bb9d6ed77d64cb6736b6c4f339db1bf
# Parent f6ce871e568949f5817470f6c7bab6ed1f8f6c13
HVM/SVM: enable tsc scaling ratio for SVM
Future AMD CPUs support TSC scaling. It allows guests to have a
different TSC frequency from host system using this formula: guest_tsc
= host_tsc * tsc_ratio + vmcb_offset. The tsc_ratio is a 64bit MSR
contains a fixed-point number in 8.32 format (8 bits for integer part
and 32bits for fractional part). For instance 0x00000003_80000000
means tsc_ratio=3.5.
This patch enables TSC scaling ratio for SVM. With it, guest VMs don't
need take #VMEXIT to calculate a translated TSC value when it is
running under TSC emulation mode. This can substancially reduce the
rdtsc overhead.
Signed-off-by: Wei Huang <wei.huang2@amd.com>
--- a/xen/arch/x86/hvm/svm/svm.c
+++ b/xen/arch/x86/hvm/svm/svm.c
@@ -588,6 +588,22 @@ static void svm_set_segment_register(str
static void svm_set_tsc_offset(struct vcpu *v, u64 offset)
{
struct vmcb_struct *vmcb = v->arch.hvm_svm.vmcb;
+ struct domain *d = v->domain;
+
+ /* Re-adjust the offset value when TSC_RATIO is available */
+ if ( cpu_has_tsc_ratio && d->arch.vtsc )
+ {
+ uint64_t host_tsc, guest_tsc;
+
+ rdtscll(host_tsc);
+ guest_tsc = hvm_get_guest_tsc(v);
+
+ /* calculate hi,lo parts in 64bits to prevent overflow */
+ offset = (((host_tsc >> 32) * d->arch.tsc_khz / cpu_khz) << 32) +
+ (host_tsc & 0xffffffffULL) * d->arch.tsc_khz / cpu_khz;
+ offset = guest_tsc - offset;
+ }
+
vmcb_set_tsc_offset(vmcb, offset);
}
@@ -638,6 +654,19 @@ static void svm_init_hypercall_page(stru
*(u16 *)(hypercall_page + (__HYPERVISOR_iret * 32)) = 0x0b0f; /* ud2 */
}
+static inline void svm_tsc_ratio_save(struct vcpu *v)
+{
+ /* Other vcpus might not have vtsc enabled. So disable TSC_RATIO here. */
+ if ( cpu_has_tsc_ratio && v->domain->arch.vtsc )
+ wrmsrl(MSR_AMD64_TSC_RATIO, DEFAULT_TSC_RATIO);
+}
+
+static inline void svm_tsc_ratio_load(struct vcpu *v)
+{
+ if ( cpu_has_tsc_ratio && v->domain->arch.vtsc )
+ wrmsrl(MSR_AMD64_TSC_RATIO, vcpu_tsc_ratio(v));
+}
+
static void svm_ctxt_switch_from(struct vcpu *v)
{
int cpu = smp_processor_id();
@@ -646,6 +675,7 @@ static void svm_ctxt_switch_from(struct
svm_save_dr(v);
vpmu_save(v);
+ svm_tsc_ratio_save(v);
svm_sync_vmcb(v);
svm_vmload(per_cpu(root_vmcb, cpu));
@@ -689,6 +719,7 @@ static void svm_ctxt_switch_to(struct vc
svm_vmload(vmcb);
vmcb->cleanbits.bytes = 0;
vpmu_load(v);
+ svm_tsc_ratio_load(v);
if ( cpu_has_rdtscp )
wrmsrl(MSR_TSC_AUX, hvm_msr_tsc_aux(v));
--- a/xen/arch/x86/hvm/svm/vmcb.c
+++ b/xen/arch/x86/hvm/svm/vmcb.c
@@ -165,7 +165,9 @@ static int construct_vmcb(struct vcpu *v
/* TSC. */
vmcb->_tsc_offset = 0;
- if ( v->domain->arch.vtsc )
+
+ /* Don't need to intercept RDTSC if CPU supports TSC rate scaling */
+ if ( v->domain->arch.vtsc && !cpu_has_tsc_ratio )
{
vmcb->_general1_intercepts |= GENERAL1_INTERCEPT_RDTSC;
vmcb->_general2_intercepts |= GENERAL2_INTERCEPT_RDTSCP;
--- a/xen/include/asm-x86/hvm/svm/svm.h
+++ b/xen/include/asm-x86/hvm/svm/svm.h
@@ -91,5 +91,13 @@ extern u32 svm_feature_flags;
#define cpu_has_svm_cleanbits cpu_has_svm_feature(SVM_FEATURE_VMCBCLEAN)
#define cpu_has_svm_decode cpu_has_svm_feature(SVM_FEATURE_DECODEASSISTS)
#define cpu_has_pause_filter cpu_has_svm_feature(SVM_FEATURE_PAUSEFILTER)
+#define cpu_has_tsc_ratio cpu_has_svm_feature(SVM_FEATURE_TSCRATEMSR)
+
+/* TSC rate */
+#define DEFAULT_TSC_RATIO 0x0000000100000000ULL
+#define TSC_RATIO_RSVD_BITS 0xffffff0000000000ULL
+#define TSC_RATIO(g_khz, h_khz) ( (((u64)(g_khz)<<32)/(u64)(h_khz)) & \
+ ~TSC_RATIO_RSVD_BITS )
+#define vcpu_tsc_ratio(v) TSC_RATIO((v)->domain->arch.tsc_khz, cpu_khz)
#endif /* __ASM_X86_HVM_SVM_H__ */
--- a/xen/include/asm-x86/msr-index.h
+++ b/xen/include/asm-x86/msr-index.h
@@ -266,6 +266,9 @@
#define MSR_AMD_PATCHLEVEL 0x0000008b
#define MSR_AMD_PATCHLOADER 0xc0010020
+/* AMD TSC RATE MSR */
+#define MSR_AMD64_TSC_RATIO 0xc0000104
+
/* AMD OS Visible Workaround MSRs */
#define MSR_AMD_OSVW_ID_LENGTH 0xc0010140
#define MSR_AMD_OSVW_STATUS 0xc0010141

277
23462-libxc-cpu-feature.patch Normal file
View File

@ -0,0 +1,277 @@
References: FATE#311951
# HG changeset patch
# User Keir Fraser <keir@xen.org>
# Date 1307023264 -3600
# Node ID 4804af7048cafecfc014c30cfea374eb0a0360e8
# Parent 5839e797a1307fceffcd0b9ad35ed31644378b47
libxc: Simplify and clean up xc_cpufeature.h
* Remove Linux-private defns with no direct relation to CPUID
* Remove word offsets into Linux-defined cpu_caps array
* Hard tabs -> soft tabs
Signed-off-by: Keir Fraser <keir@xen.org>
# HG changeset patch
# User Keir Fraser <keir@xen.org>
# Date 1307118421 -3600
# Node ID bcd2476c2e2d00dc6371e52fbff66fe3178b7944
# Parent 55c5eff9bf84d4c5f3463c01f038edc1c46f30bc
libxc: Don't refer to meaningless 'word offsets' in xc_cpufeature.h
Signed-off-by: Keir Fraser <keir@xen.org>
--- a/tools/libxc/xc_cpufeature.h
+++ b/tools/libxc/xc_cpufeature.h
@@ -17,131 +17,112 @@
#ifndef __LIBXC_CPUFEATURE_H
#define __LIBXC_CPUFEATURE_H
-/* Intel-defined CPU features, CPUID level 0x00000001 (edx), word 0 */
-#define X86_FEATURE_FPU (0*32+ 0) /* Onboard FPU */
-#define X86_FEATURE_VME (0*32+ 1) /* Virtual Mode Extensions */
-#define X86_FEATURE_DE (0*32+ 2) /* Debugging Extensions */
-#define X86_FEATURE_PSE (0*32+ 3) /* Page Size Extensions */
-#define X86_FEATURE_TSC (0*32+ 4) /* Time Stamp Counter */
-#define X86_FEATURE_MSR (0*32+ 5) /* Model-Specific Registers, RDMSR, WRMSR */
-#define X86_FEATURE_PAE (0*32+ 6) /* Physical Address Extensions */
-#define X86_FEATURE_MCE (0*32+ 7) /* Machine Check Architecture */
-#define X86_FEATURE_CX8 (0*32+ 8) /* CMPXCHG8 instruction */
-#define X86_FEATURE_APIC (0*32+ 9) /* Onboard APIC */
-#define X86_FEATURE_SEP (0*32+11) /* SYSENTER/SYSEXIT */
-#define X86_FEATURE_MTRR (0*32+12) /* Memory Type Range Registers */
-#define X86_FEATURE_PGE (0*32+13) /* Page Global Enable */
-#define X86_FEATURE_MCA (0*32+14) /* Machine Check Architecture */
-#define X86_FEATURE_CMOV (0*32+15) /* CMOV instruction (FCMOVCC and FCOMI too if FPU present) */
-#define X86_FEATURE_PAT (0*32+16) /* Page Attribute Table */
-#define X86_FEATURE_PSE36 (0*32+17) /* 36-bit PSEs */
-#define X86_FEATURE_PN (0*32+18) /* Processor serial number */
-#define X86_FEATURE_CLFLSH (0*32+19) /* Supports the CLFLUSH instruction */
-#define X86_FEATURE_DS (0*32+21) /* Debug Store */
-#define X86_FEATURE_ACPI (0*32+22) /* ACPI via MSR */
-#define X86_FEATURE_MMX (0*32+23) /* Multimedia Extensions */
-#define X86_FEATURE_FXSR (0*32+24) /* FXSAVE and FXRSTOR instructions (fast save and restore */
- /* of FPU context), and CR4.OSFXSR available */
-#define X86_FEATURE_XMM (0*32+25) /* Streaming SIMD Extensions */
-#define X86_FEATURE_XMM2 (0*32+26) /* Streaming SIMD Extensions-2 */
-#define X86_FEATURE_SELFSNOOP (0*32+27) /* CPU self snoop */
-#define X86_FEATURE_HT (0*32+28) /* Hyper-Threading */
-#define X86_FEATURE_ACC (0*32+29) /* Automatic clock control */
-#define X86_FEATURE_IA64 (0*32+30) /* IA-64 processor */
-#define X86_FEATURE_PBE (0*32+31) /* Pending Break Enable */
+/* Intel-defined CPU features, CPUID level 0x00000001 (edx) */
+#define X86_FEATURE_FPU 0 /* Onboard FPU */
+#define X86_FEATURE_VME 1 /* Virtual Mode Extensions */
+#define X86_FEATURE_DE 2 /* Debugging Extensions */
+#define X86_FEATURE_PSE 3 /* Page Size Extensions */
+#define X86_FEATURE_TSC 4 /* Time Stamp Counter */
+#define X86_FEATURE_MSR 5 /* Model-Specific Registers, RDMSR, WRMSR */
+#define X86_FEATURE_PAE 6 /* Physical Address Extensions */
+#define X86_FEATURE_MCE 7 /* Machine Check Architecture */
+#define X86_FEATURE_CX8 8 /* CMPXCHG8 instruction */
+#define X86_FEATURE_APIC 9 /* Onboard APIC */
+#define X86_FEATURE_SEP 11 /* SYSENTER/SYSEXIT */
+#define X86_FEATURE_MTRR 12 /* Memory Type Range Registers */
+#define X86_FEATURE_PGE 13 /* Page Global Enable */
+#define X86_FEATURE_MCA 14 /* Machine Check Architecture */
+#define X86_FEATURE_CMOV 15 /* CMOV instruction */
+#define X86_FEATURE_PAT 16 /* Page Attribute Table */
+#define X86_FEATURE_PSE36 17 /* 36-bit PSEs */
+#define X86_FEATURE_PN 18 /* Processor serial number */
+#define X86_FEATURE_CLFLSH 19 /* Supports the CLFLUSH instruction */
+#define X86_FEATURE_DS 21 /* Debug Store */
+#define X86_FEATURE_ACPI 22 /* ACPI via MSR */
+#define X86_FEATURE_MMX 23 /* Multimedia Extensions */
+#define X86_FEATURE_FXSR 24 /* FXSAVE and FXRSTOR instructions */
+#define X86_FEATURE_XMM 25 /* Streaming SIMD Extensions */
+#define X86_FEATURE_XMM2 26 /* Streaming SIMD Extensions-2 */
+#define X86_FEATURE_SELFSNOOP 27 /* CPU self snoop */
+#define X86_FEATURE_HT 28 /* Hyper-Threading */
+#define X86_FEATURE_ACC 29 /* Automatic clock control */
+#define X86_FEATURE_IA64 30 /* IA-64 processor */
+#define X86_FEATURE_PBE 31 /* Pending Break Enable */
-/* AMD-defined CPU features, CPUID level 0x80000001, word 1 */
+/* AMD-defined CPU features, CPUID level 0x80000001 */
/* Don't duplicate feature flags which are redundant with Intel! */
-#define X86_FEATURE_SYSCALL (1*32+11) /* SYSCALL/SYSRET */
-#define X86_FEATURE_MP (1*32+19) /* MP Capable. */
-#define X86_FEATURE_NX (1*32+20) /* Execute Disable */
-#define X86_FEATURE_MMXEXT (1*32+22) /* AMD MMX extensions */
-#define X86_FEATURE_FFXSR (1*32+25) /* FFXSR instruction optimizations */
-#define X86_FEATURE_PAGE1GB (1*32+26) /* 1Gb large page support */
-#define X86_FEATURE_RDTSCP (1*32+27) /* RDTSCP */
-#define X86_FEATURE_LM (1*32+29) /* Long Mode (x86-64) */
-#define X86_FEATURE_3DNOWEXT (1*32+30) /* AMD 3DNow! extensions */
-#define X86_FEATURE_3DNOW (1*32+31) /* 3DNow! */
-
-/* Transmeta-defined CPU features, CPUID level 0x80860001, word 2 */
-#define X86_FEATURE_RECOVERY (2*32+ 0) /* CPU in recovery mode */
-#define X86_FEATURE_LONGRUN (2*32+ 1) /* Longrun power control */
-#define X86_FEATURE_LRTI (2*32+ 3) /* LongRun table interface */
-
-/* Other features, Linux-defined mapping, word 3 */
-/* This range is used for feature bits which conflict or are synthesized */
-#define X86_FEATURE_CXMMX (3*32+ 0) /* Cyrix MMX extensions */
-#define X86_FEATURE_K6_MTRR (3*32+ 1) /* AMD K6 nonstandard MTRRs */
-#define X86_FEATURE_CYRIX_ARR (3*32+ 2) /* Cyrix ARRs (= MTRRs) */
-#define X86_FEATURE_CENTAUR_MCR (3*32+ 3) /* Centaur MCRs (= MTRRs) */
-/* cpu types for specific tunings: */
-#define X86_FEATURE_K8 (3*32+ 4) /* Opteron, Athlon64 */
-#define X86_FEATURE_K7 (3*32+ 5) /* Athlon */
-#define X86_FEATURE_P3 (3*32+ 6) /* P3 */
-#define X86_FEATURE_P4 (3*32+ 7) /* P4 */
-#define X86_FEATURE_CONSTANT_TSC (3*32+ 8) /* TSC ticks at a constant rate */
-
-/* Intel-defined CPU features, CPUID level 0x00000001 (ecx), word 4 */
-#define X86_FEATURE_XMM3 (4*32+ 0) /* Streaming SIMD Extensions-3 */
-#define X86_FEATURE_PCLMULQDQ (4*32+ 1) /* Carry-less multiplication */
-#define X86_FEATURE_DTES64 (4*32+ 2) /* 64-bit Debug Store */
-#define X86_FEATURE_MWAIT (4*32+ 3) /* Monitor/Mwait support */
-#define X86_FEATURE_DSCPL (4*32+ 4) /* CPL Qualified Debug Store */
-#define X86_FEATURE_VMXE (4*32+ 5) /* Virtual Machine Extensions */
-#define X86_FEATURE_SMXE (4*32+ 6) /* Safer Mode Extensions */
-#define X86_FEATURE_EST (4*32+ 7) /* Enhanced SpeedStep */
-#define X86_FEATURE_TM2 (4*32+ 8) /* Thermal Monitor 2 */
-#define X86_FEATURE_SSSE3 (4*32+ 9) /* Supplemental Streaming SIMD Extensions-3 */
-#define X86_FEATURE_CID (4*32+10) /* Context ID */
-#define X86_FEATURE_CX16 (4*32+13) /* CMPXCHG16B */
-#define X86_FEATURE_XTPR (4*32+14) /* Send Task Priority Messages */
-#define X86_FEATURE_PDCM (4*32+15) /* Perf/Debug Capability MSR */
-#define X86_FEATURE_DCA (4*32+18) /* Direct Cache Access */
-#define X86_FEATURE_SSE4_1 (4*32+19) /* Streaming SIMD Extensions 4.1 */
-#define X86_FEATURE_SSE4_2 (4*32+20) /* Streaming SIMD Extensions 4.2 */
-#define X86_FEATURE_X2APIC (4*32+21) /* x2APIC */
-#define X86_FEATURE_POPCNT (4*32+23) /* POPCNT instruction */
-#define X86_FEATURE_TSC_DEADLINE (4*32+24) /* "tdt" TSC Deadline Timer */
-#define X86_FEATURE_AES (4*32+25) /* AES acceleration instructions */
-#define X86_FEATURE_XSAVE (4*32+26) /* XSAVE/XRSTOR/XSETBV/XGETBV */
-#define X86_FEATURE_AVX (4*32+28) /* Advanced Vector Extensions */
-#define X86_FEATURE_F16C (4*32+29) /* Half-precision convert instruction */
-#define X86_FEATURE_HYPERVISOR (4*32+31) /* Running under some hypervisor */
-
-/* VIA/Cyrix/Centaur-defined CPU features, CPUID level 0xC0000001, word 5 */
-#define X86_FEATURE_XSTORE (5*32+ 2) /* on-CPU RNG present (xstore insn) */
-#define X86_FEATURE_XSTORE_EN (5*32+ 3) /* on-CPU RNG enabled */
-#define X86_FEATURE_XCRYPT (5*32+ 6) /* on-CPU crypto (xcrypt insn) */
-#define X86_FEATURE_XCRYPT_EN (5*32+ 7) /* on-CPU crypto enabled */
-#define X86_FEATURE_ACE2 (5*32+ 8) /* Advanced Cryptography Engine v2 */
-#define X86_FEATURE_ACE2_EN (5*32+ 9) /* ACE v2 enabled */
-#define X86_FEATURE_PHE (5*32+ 10) /* PadLock Hash Engine */
-#define X86_FEATURE_PHE_EN (5*32+ 11) /* PHE enabled */
-#define X86_FEATURE_PMM (5*32+ 12) /* PadLock Montgomery Multiplier */
-#define X86_FEATURE_PMM_EN (5*32+ 13) /* PMM enabled */
-
-/* More extended AMD flags: CPUID level 0x80000001, ecx, word 6 */
-#define X86_FEATURE_LAHF_LM (6*32+ 0) /* LAHF/SAHF in long mode */
-#define X86_FEATURE_CMP_LEGACY (6*32+ 1) /* If yes HyperThreading not valid */
-#define X86_FEATURE_SVM (6*32+ 2) /* Secure virtual machine */
-#define X86_FEATURE_EXTAPIC (6*32+ 3) /* Extended APIC space */
-#define X86_FEATURE_CR8_LEGACY (6*32+ 4) /* CR8 in 32-bit mode */
-#define X86_FEATURE_ABM (6*32+ 5) /* Advanced bit manipulation */
-#define X86_FEATURE_SSE4A (6*32+ 6) /* SSE-4A */
-#define X86_FEATURE_MISALIGNSSE (6*32+ 7) /* Misaligned SSE mode */
-#define X86_FEATURE_3DNOWPREFETCH (6*32+ 8) /* 3DNow prefetch instructions */
-#define X86_FEATURE_OSVW (6*32+ 9) /* OS Visible Workaround */
-#define X86_FEATURE_IBS (6*32+10) /* Instruction Based Sampling */
-#define X86_FEATURE_XOP (6*32+11) /* extended AVX instructions */
-#define X86_FEATURE_SKINIT (6*32+12) /* SKINIT/STGI instructions */
-#define X86_FEATURE_WDT (6*32+13) /* Watchdog timer */
-#define X86_FEATURE_LWP (6*32+15) /* Light Weight Profiling */
-#define X86_FEATURE_FMA4 (6*32+16) /* 4 operands MAC instructions */
-#define X86_FEATURE_NODEID_MSR (6*32+19) /* NodeId MSR */
-#define X86_FEATURE_TBM (6*32+21) /* trailing bit manipulations */
-#define X86_FEATURE_TOPOEXT (6*32+22) /* topology extensions CPUID leafs */
+#define X86_FEATURE_SYSCALL 11 /* SYSCALL/SYSRET */
+#define X86_FEATURE_MP 19 /* MP Capable. */
+#define X86_FEATURE_NX 20 /* Execute Disable */
+#define X86_FEATURE_MMXEXT 22 /* AMD MMX extensions */
+#define X86_FEATURE_FFXSR 25 /* FFXSR instruction optimizations */
+#define X86_FEATURE_PAGE1GB 26 /* 1Gb large page support */
+#define X86_FEATURE_RDTSCP 27 /* RDTSCP */
+#define X86_FEATURE_LM 29 /* Long Mode (x86-64) */
+#define X86_FEATURE_3DNOWEXT 30 /* AMD 3DNow! extensions */
+#define X86_FEATURE_3DNOW 31 /* 3DNow! */
+
+/* Intel-defined CPU features, CPUID level 0x00000001 (ecx) */
+#define X86_FEATURE_XMM3 0 /* Streaming SIMD Extensions-3 */
+#define X86_FEATURE_PCLMULQDQ 1 /* Carry-less multiplication */
+#define X86_FEATURE_DTES64 2 /* 64-bit Debug Store */
+#define X86_FEATURE_MWAIT 3 /* Monitor/Mwait support */
+#define X86_FEATURE_DSCPL 4 /* CPL Qualified Debug Store */
+#define X86_FEATURE_VMXE 5 /* Virtual Machine Extensions */
+#define X86_FEATURE_SMXE 6 /* Safer Mode Extensions */
+#define X86_FEATURE_EST 7 /* Enhanced SpeedStep */
+#define X86_FEATURE_TM2 8 /* Thermal Monitor 2 */
+#define X86_FEATURE_SSSE3 9 /* Supplemental Streaming SIMD Exts-3 */
+#define X86_FEATURE_CID 10 /* Context ID */
+#define X86_FEATURE_CX16 13 /* CMPXCHG16B */
+#define X86_FEATURE_XTPR 14 /* Send Task Priority Messages */
+#define X86_FEATURE_PDCM 15 /* Perf/Debug Capability MSR */
+#define X86_FEATURE_DCA 18 /* Direct Cache Access */
+#define X86_FEATURE_SSE4_1 19 /* Streaming SIMD Extensions 4.1 */
+#define X86_FEATURE_SSE4_2 20 /* Streaming SIMD Extensions 4.2 */
+#define X86_FEATURE_X2APIC 21 /* x2APIC */
+#define X86_FEATURE_POPCNT 23 /* POPCNT instruction */
+#define X86_FEATURE_TSC_DEADLINE 24 /* "tdt" TSC Deadline Timer */
+#define X86_FEATURE_AES 25 /* AES acceleration instructions */
+#define X86_FEATURE_XSAVE 26 /* XSAVE/XRSTOR/XSETBV/XGETBV */
+#define X86_FEATURE_AVX 28 /* Advanced Vector Extensions */
+#define X86_FEATURE_F16C 29 /* Half-precision convert instruction */
+#define X86_FEATURE_HYPERVISOR 31 /* Running under some hypervisor */
+
+/* VIA/Cyrix/Centaur-defined CPU features, CPUID level 0xC0000001 */
+#define X86_FEATURE_XSTORE 2 /* on-CPU RNG present (xstore insn) */
+#define X86_FEATURE_XSTORE_EN 3 /* on-CPU RNG enabled */
+#define X86_FEATURE_XCRYPT 6 /* on-CPU crypto (xcrypt insn) */
+#define X86_FEATURE_XCRYPT_EN 7 /* on-CPU crypto enabled */
+#define X86_FEATURE_ACE2 8 /* Advanced Cryptography Engine v2 */
+#define X86_FEATURE_ACE2_EN 9 /* ACE v2 enabled */
+#define X86_FEATURE_PHE 10 /* PadLock Hash Engine */
+#define X86_FEATURE_PHE_EN 11 /* PHE enabled */
+#define X86_FEATURE_PMM 12 /* PadLock Montgomery Multiplier */
+#define X86_FEATURE_PMM_EN 13 /* PMM enabled */
+
+/* More extended AMD flags: CPUID level 0x80000001, ecx */
+#define X86_FEATURE_LAHF_LM 0 /* LAHF/SAHF in long mode */
+#define X86_FEATURE_CMP_LEGACY 1 /* If yes HyperThreading not valid */
+#define X86_FEATURE_SVM 2 /* Secure virtual machine */
+#define X86_FEATURE_EXTAPIC 3 /* Extended APIC space */
+#define X86_FEATURE_CR8_LEGACY 4 /* CR8 in 32-bit mode */
+#define X86_FEATURE_ABM 5 /* Advanced bit manipulation */
+#define X86_FEATURE_SSE4A 6 /* SSE-4A */
+#define X86_FEATURE_MISALIGNSSE 7 /* Misaligned SSE mode */
+#define X86_FEATURE_3DNOWPREFETCH 8 /* 3DNow prefetch instructions */
+#define X86_FEATURE_OSVW 9 /* OS Visible Workaround */
+#define X86_FEATURE_IBS 10 /* Instruction Based Sampling */
+#define X86_FEATURE_XOP 11 /* extended AVX instructions */
+#define X86_FEATURE_SKINIT 12 /* SKINIT/STGI instructions */
+#define X86_FEATURE_WDT 13 /* Watchdog timer */
+#define X86_FEATURE_LWP 15 /* Light Weight Profiling */
+#define X86_FEATURE_FMA4 16 /* 4 operands MAC instructions */
+#define X86_FEATURE_NODEID_MSR 19 /* NodeId MSR */
+#define X86_FEATURE_TBM 21 /* trailing bit manipulations */
+#define X86_FEATURE_TOPOEXT 22 /* topology extensions CPUID leafs */
-/* Intel-defined CPU features, CPUID level 0x00000007:0 (ebx), word 9 */
-#define X86_FEATURE_FSGSBASE (7*32+ 0) /* {RD,WR}{FS,GS}BASE instructions */
+/* Intel-defined CPU features, CPUID level 0x00000007:0 (ebx) */
+#define X86_FEATURE_FSGSBASE 0 /* {RD,WR}{FS,GS}BASE instructions */
#endif /* __LIBXC_CPUFEATURE_H */
--- a/tools/libxc/xc_cpuid_x86.c
+++ b/tools/libxc/xc_cpuid_x86.c
@@ -25,9 +25,9 @@
#include "xc_cpufeature.h"
#include <xen/hvm/params.h>
-#define bitmaskof(idx) (1u << ((idx) & 31))
-#define clear_bit(idx, dst) ((dst) &= ~(1u << ((idx) & 31)))
-#define set_bit(idx, dst) ((dst) |= (1u << ((idx) & 31)))
+#define bitmaskof(idx) (1u << (idx))
+#define clear_bit(idx, dst) ((dst) &= ~(1u << (idx)))
+#define set_bit(idx, dst) ((dst) |= (1u << (idx)))
#define DEF_MAX_BASE 0x0000000du
#define DEF_MAX_EXT 0x80000008u

284
23481-x86-SMEP.patch Normal file
View File

@ -0,0 +1,284 @@
References: FATE#311951
# HG changeset patch
# User Keir Fraser <keir@xen.org>
# Date 1307133540 -3600
# Node ID 0c0884fd8b494932a4b707e339cbe1b881d09103
# Parent bcd2476c2e2d00dc6371e52fbff66fe3178b7944
x86: Enable Supervisor Mode Execution Protection (SMEP)
Intel new CPU supports SMEP (Supervisor Mode Execution
Protection). SMEP prevents software operating with CPL < 3 (supervisor
mode) from fetching instructions from any linear address with a valid
translation for which the U/S flag (bit 2) is 1 in every
paging-structure entry controlling the translation for the linear
address.
This patch enables SMEP in Xen to protect Xen hypervisor from
executing pv guest instructions, whose translation paging-structure
entries' U/S flags are all set.
Signed-off-by: Yang Wei <wei.y.yang@intel.com>
Signed-off-by: Shan Haitao <haitao.shan@intel.com>
Signed-off-by: Li Xin <xin.li@intel.com>
Signed-off-by: Keir Fraser <keir@xen.org>
--- a/xen/arch/x86/setup.c
+++ b/xen/arch/x86/setup.c
@@ -61,6 +61,10 @@ integer_param("maxcpus", max_cpus);
static bool_t __initdata opt_watchdog;
boolean_param("watchdog", opt_watchdog);
+/* smep: Enable/disable Supervisor Mode Execution Protection (default on). */
+static bool_t __initdata disable_smep;
+invbool_param("smep", disable_smep);
+
/* **** Linux config option: propagated to domain0. */
/* "acpi=off": Sisables both ACPI table parsing and interpreter. */
/* "acpi=force": Override the disable blacklist. */
@@ -1204,11 +1208,17 @@ void __init __start_xen(unsigned long mb
arch_init_memory();
identify_cpu(&boot_cpu_data);
+
if ( cpu_has_fxsr )
set_in_cr4(X86_CR4_OSFXSR);
if ( cpu_has_xmm )
set_in_cr4(X86_CR4_OSXMMEXCPT);
+ if ( disable_smep )
+ setup_clear_cpu_cap(X86_FEATURE_SMEP);
+ if ( cpu_has_smep )
+ set_in_cr4(X86_CR4_SMEP);
+
local_irq_enable();
#ifdef CONFIG_X86_64
--- a/xen/arch/x86/traps.c
+++ b/xen/arch/x86/traps.c
@@ -1136,7 +1136,13 @@ static int handle_gdt_ldt_mapping_fault(
(((va) >= HYPERVISOR_VIRT_START))
#endif
-static int __spurious_page_fault(
+enum pf_type {
+ real_fault,
+ smep_fault,
+ spurious_fault
+};
+
+static enum pf_type __page_fault_type(
unsigned long addr, unsigned int error_code)
{
unsigned long mfn, cr3 = read_cr3();
@@ -1148,7 +1154,7 @@ static int __spurious_page_fault(
#endif
l2_pgentry_t l2e, *l2t;
l1_pgentry_t l1e, *l1t;
- unsigned int required_flags, disallowed_flags;
+ unsigned int required_flags, disallowed_flags, page_user;
/*
* We do not take spurious page faults in IRQ handlers as we do not
@@ -1156,11 +1162,11 @@ static int __spurious_page_fault(
* map_domain_page() is not IRQ-safe.
*/
if ( in_irq() )
- return 0;
+ return real_fault;
/* Reserved bit violations are never spurious faults. */
if ( error_code & PFEC_reserved_bit )
- return 0;
+ return real_fault;
required_flags = _PAGE_PRESENT;
if ( error_code & PFEC_write_access )
@@ -1172,6 +1178,8 @@ static int __spurious_page_fault(
if ( error_code & PFEC_insn_fetch )
disallowed_flags |= _PAGE_NX;
+ page_user = _PAGE_USER;
+
mfn = cr3 >> PAGE_SHIFT;
#if CONFIG_PAGING_LEVELS >= 4
@@ -1181,7 +1189,8 @@ static int __spurious_page_fault(
unmap_domain_page(l4t);
if ( ((l4e_get_flags(l4e) & required_flags) != required_flags) ||
(l4e_get_flags(l4e) & disallowed_flags) )
- return 0;
+ return real_fault;
+ page_user &= l4e_get_flags(l4e);
#endif
#if CONFIG_PAGING_LEVELS >= 3
@@ -1194,13 +1203,14 @@ static int __spurious_page_fault(
unmap_domain_page(l3t);
#if CONFIG_PAGING_LEVELS == 3
if ( !(l3e_get_flags(l3e) & _PAGE_PRESENT) )
- return 0;
+ return real_fault;
#else
if ( ((l3e_get_flags(l3e) & required_flags) != required_flags) ||
(l3e_get_flags(l3e) & disallowed_flags) )
- return 0;
+ return real_fault;
+ page_user &= l3e_get_flags(l3e);
if ( l3e_get_flags(l3e) & _PAGE_PSE )
- return 1;
+ goto leaf;
#endif
#endif
@@ -1210,9 +1220,10 @@ static int __spurious_page_fault(
unmap_domain_page(l2t);
if ( ((l2e_get_flags(l2e) & required_flags) != required_flags) ||
(l2e_get_flags(l2e) & disallowed_flags) )
- return 0;
+ return real_fault;
+ page_user &= l2e_get_flags(l2e);
if ( l2e_get_flags(l2e) & _PAGE_PSE )
- return 1;
+ goto leaf;
l1t = map_domain_page(mfn);
l1e = l1e_read_atomic(&l1t[l1_table_offset(addr)]);
@@ -1220,26 +1231,36 @@ static int __spurious_page_fault(
unmap_domain_page(l1t);
if ( ((l1e_get_flags(l1e) & required_flags) != required_flags) ||
(l1e_get_flags(l1e) & disallowed_flags) )
- return 0;
+ return real_fault;
+ page_user &= l1e_get_flags(l1e);
- return 1;
+leaf:
+ /*
+ * Supervisor Mode Execution Protection (SMEP):
+ * Disallow supervisor execution from user-accessible mappings
+ */
+ if ( (read_cr4() & X86_CR4_SMEP) && page_user &&
+ ((error_code & (PFEC_insn_fetch|PFEC_user_mode)) == PFEC_insn_fetch) )
+ return smep_fault;
+
+ return spurious_fault;
}
-static int spurious_page_fault(
+static enum pf_type spurious_page_fault(
unsigned long addr, unsigned int error_code)
{
unsigned long flags;
- int is_spurious;
+ enum pf_type pf_type;
/*
* Disabling interrupts prevents TLB flushing, and hence prevents
* page tables from becoming invalid under our feet during the walk.
*/
local_irq_save(flags);
- is_spurious = __spurious_page_fault(addr, error_code);
+ pf_type = __page_fault_type(addr, error_code);
local_irq_restore(flags);
- return is_spurious;
+ return pf_type;
}
static int fixup_page_fault(unsigned long addr, struct cpu_user_regs *regs)
@@ -1314,6 +1335,7 @@ asmlinkage void do_page_fault(struct cpu
{
unsigned long addr, fixup;
unsigned int error_code;
+ enum pf_type pf_type;
addr = read_cr2();
@@ -1329,7 +1351,9 @@ asmlinkage void do_page_fault(struct cpu
if ( unlikely(!guest_mode(regs)) )
{
- if ( spurious_page_fault(addr, error_code) )
+ pf_type = spurious_page_fault(addr, error_code);
+ BUG_ON(pf_type == smep_fault);
+ if ( pf_type != real_fault )
return;
if ( likely((fixup = search_exception_table(regs->eip)) != 0) )
@@ -1351,9 +1375,17 @@ asmlinkage void do_page_fault(struct cpu
error_code, _p(addr));
}
- if ( unlikely(current->domain->arch.suppress_spurious_page_faults
- && spurious_page_fault(addr, error_code)) )
- return;
+ if ( unlikely(current->domain->arch.suppress_spurious_page_faults) )
+ {
+ pf_type = spurious_page_fault(addr, error_code);
+ if ( pf_type == smep_fault )
+ {
+ gdprintk(XENLOG_ERR, "Fatal SMEP fault\n");
+ domain_crash(current->domain);
+ }
+ if ( pf_type != real_fault )
+ return;
+ }
propagate_page_fault(addr, regs->error_code);
}
--- a/xen/include/asm-x86/cpufeature.h
+++ b/xen/include/asm-x86/cpufeature.h
@@ -140,8 +140,9 @@
#define X86_FEATURE_TBM (6*32+21) /* trailing bit manipulations */
#define X86_FEATURE_TOPOEXT (6*32+22) /* topology extensions CPUID leafs */
-/* Intel-defined CPU features, CPUID level 0x00000007:0 (ebx), word 9 */
+/* Intel-defined CPU features, CPUID level 0x00000007:0 (ebx), word 7 */
#define X86_FEATURE_FSGSBASE (7*32+ 0) /* {RD,WR}{FS,GS}BASE instructions */
+#define X86_FEATURE_SMEP (7*32+ 7) /* Supervisor Mode Execution Protection */
#define cpu_has(c, bit) test_bit(bit, (c)->x86_capability)
#define boot_cpu_has(bit) test_bit(bit, boot_cpu_data.x86_capability)
@@ -201,6 +202,8 @@
#define cpu_has_fsgsbase boot_cpu_has(X86_FEATURE_FSGSBASE)
#endif
+#define cpu_has_smep boot_cpu_has(X86_FEATURE_SMEP)
+
#define cpu_has_ffxsr ((boot_cpu_data.x86_vendor == X86_VENDOR_AMD) \
&& boot_cpu_has(X86_FEATURE_FFXSR))
--- a/xen/include/asm-x86/domain.h
+++ b/xen/include/asm-x86/domain.h
@@ -462,12 +462,14 @@ unsigned long pv_guest_cr4_fixup(const s
/* Convert between guest-visible and real CR4 values. */
#define pv_guest_cr4_to_real_cr4(v) \
(((v)->arch.guest_context.ctrlreg[4] \
- | (mmu_cr4_features & (X86_CR4_PGE | X86_CR4_PSE)) \
- | ((v)->domain->arch.vtsc ? X86_CR4_TSD : 0) \
- | ((xsave_enabled(v))? X86_CR4_OSXSAVE : 0)) \
- & ~X86_CR4_DE)
-#define real_cr4_to_pv_guest_cr4(c) \
- ((c) & ~(X86_CR4_PGE | X86_CR4_PSE | X86_CR4_TSD | X86_CR4_OSXSAVE))
+ | (mmu_cr4_features \
+ & (X86_CR4_PGE | X86_CR4_PSE | X86_CR4_SMEP)) \
+ | ((v)->domain->arch.vtsc ? X86_CR4_TSD : 0) \
+ | ((xsave_enabled(v))? X86_CR4_OSXSAVE : 0)) \
+ & ~X86_CR4_DE)
+#define real_cr4_to_pv_guest_cr4(c) \
+ ((c) & ~(X86_CR4_PGE | X86_CR4_PSE | X86_CR4_TSD \
+ | X86_CR4_OSXSAVE | X86_CR4_SMEP))
void domain_cpuid(struct domain *d,
unsigned int input,
--- a/xen/include/asm-x86/processor.h
+++ b/xen/include/asm-x86/processor.h
@@ -85,6 +85,7 @@
#define X86_CR4_SMXE 0x4000 /* enable SMX */
#define X86_CR4_FSGSBASE 0x10000 /* enable {rd,wr}{fs,gs}base */
#define X86_CR4_OSXSAVE 0x40000 /* enable XSAVE/XRSTOR */
+#define X86_CR4_SMEP 0x100000/* enable SMEP */
/*
* Trap/fault mnemonics.

148
23504-x86-SMEP-hvm.patch Normal file
View File

@ -0,0 +1,148 @@
References: FATE#311951
# HG changeset patch
# User Tim Deegan <Tim.Deegan@citrix.com>
# Date 1307364408 -3600
# Node ID c34604d5a29336d902837542b915d3b09b27a361
# Parent 664c419b55681feb233b33e0028d0f0af371bedd
x86/hvm: add SMEP support to HVM guest
Intel new CPU supports SMEP (Supervisor Mode Execution Protection). SMEP
prevents software operating with CPL < 3 (supervisor mode) from fetching
instructions from any linear address with a valid translation for which the U/S
flag (bit 2) is 1 in every paging-structure entry controlling the translation
for the linear address.
This patch adds SMEP support to HVM guest.
Signed-off-by: Yang Wei <wei.y.yang@intel.com>
Signed-off-by: Shan Haitao <haitao.shan@intel.com>
Signed-off-by: Li Xin <xin.li@intel.com>
Signed-off-by: Tim Deegan <Tim.Deegan@citrix.com>
--- a/tools/libxc/xc_cpufeature.h
+++ b/tools/libxc/xc_cpufeature.h
@@ -124,5 +124,6 @@
/* Intel-defined CPU features, CPUID level 0x00000007:0 (ebx) */
#define X86_FEATURE_FSGSBASE 0 /* {RD,WR}{FS,GS}BASE instructions */
+#define X86_FEATURE_SMEP 7 /* Supervisor Mode Execution Protection */
#endif /* __LIBXC_CPUFEATURE_H */
--- a/tools/libxc/xc_cpuid_x86.c
+++ b/tools/libxc/xc_cpuid_x86.c
@@ -300,6 +300,14 @@ static void xc_cpuid_hvm_policy(
clear_bit(X86_FEATURE_PAE, regs[3]);
break;
+ case 0x00000007: /* Intel-defined CPU features */
+ if ( input[1] == 0 ) {
+ regs[1] &= bitmaskof(X86_FEATURE_SMEP);
+ } else
+ regs[1] = 0;
+ regs[0] = regs[2] = regs[3] = 0;
+ break;
+
case 0x0000000d:
xc_cpuid_config_xsave(xch, domid, xfeature_mask, input, regs);
break;
--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
@@ -1553,8 +1553,9 @@ int hvm_set_cr4(unsigned long value)
v->arch.hvm_vcpu.guest_cr[4] = value;
hvm_update_guest_cr(v, 4);
- /* Modifying CR4.{PSE,PAE,PGE} invalidates all TLB entries, inc. Global. */
- if ( (old_cr ^ value) & (X86_CR4_PSE | X86_CR4_PGE | X86_CR4_PAE) )
+ /* Modifying CR4.{PSE,PAE,PGE,SMEP} invalidates all TLB entries. */
+ if ( (old_cr ^ value) & (X86_CR4_PSE | X86_CR4_PGE |
+ X86_CR4_PAE | X86_CR4_SMEP) )
paging_update_paging_modes(v);
return X86EMUL_OKAY;
@@ -2196,7 +2197,7 @@ enum hvm_copy_result hvm_copy_from_guest
enum hvm_copy_result hvm_fetch_from_guest_virt(
void *buf, unsigned long vaddr, int size, uint32_t pfec)
{
- if ( hvm_nx_enabled(current) )
+ if ( hvm_nx_enabled(current) || hvm_smep_enabled(current) )
pfec |= PFEC_insn_fetch;
return __hvm_copy(buf, vaddr, size,
HVMCOPY_from_guest | HVMCOPY_fault | HVMCOPY_virt,
@@ -2222,7 +2223,7 @@ enum hvm_copy_result hvm_copy_from_guest
enum hvm_copy_result hvm_fetch_from_guest_virt_nofault(
void *buf, unsigned long vaddr, int size, uint32_t pfec)
{
- if ( hvm_nx_enabled(current) )
+ if ( hvm_nx_enabled(current) || hvm_smep_enabled(current) )
pfec |= PFEC_insn_fetch;
return __hvm_copy(buf, vaddr, size,
HVMCOPY_from_guest | HVMCOPY_no_fault | HVMCOPY_virt,
@@ -2292,6 +2293,10 @@ void hvm_cpuid(unsigned int input, unsig
*ecx |= (v->arch.hvm_vcpu.guest_cr[4] & X86_CR4_OSXSAVE) ?
cpufeat_mask(X86_FEATURE_OSXSAVE) : 0;
break;
+ case 0x7:
+ if ( (count == 0) && !cpu_has_smep )
+ *ebx &= ~cpufeat_mask(X86_FEATURE_SMEP);
+ break;
case 0xb:
/* Fix the x2APIC identifier. */
*edx = v->vcpu_id * 2;
--- a/xen/arch/x86/mm/guest_walk.c
+++ b/xen/arch/x86/mm/guest_walk.c
@@ -132,7 +132,7 @@ guest_walk_tables(struct vcpu *v, struct
guest_l4e_t *l4p;
#endif
uint32_t gflags, mflags, iflags, rc = 0;
- int pse;
+ int pse, smep;
perfc_incr(guest_walk);
memset(gw, 0, sizeof(*gw));
@@ -145,6 +145,15 @@ guest_walk_tables(struct vcpu *v, struct
mflags = mandatory_flags(v, pfec);
iflags = (_PAGE_NX_BIT | _PAGE_INVALID_BITS);
+ /* SMEP: kernel-mode instruction fetches from user-mode mappings
+ * should fault. Unlike NX or invalid bits, we're looking for _all_
+ * entries in the walk to have _PAGE_USER set, so we need to do the
+ * whole walk as if it were a user-mode one and then invert the answer. */
+ smep = (is_hvm_vcpu(v) && hvm_smep_enabled(v)
+ && (pfec & PFEC_insn_fetch) && !(pfec & PFEC_user_mode) );
+ if ( smep )
+ mflags |= _PAGE_USER;
+
#if GUEST_PAGING_LEVELS >= 3 /* PAE or 64... */
#if GUEST_PAGING_LEVELS >= 4 /* 64-bit only... */
@@ -271,6 +280,10 @@ guest_walk_tables(struct vcpu *v, struct
rc |= ((gflags & mflags) ^ mflags);
}
+ /* Now re-invert the user-mode requirement for SMEP. */
+ if ( smep )
+ rc ^= _PAGE_USER;
+
/* Go back and set accessed and dirty bits only if the walk was a
* success. Although the PRMs say higher-level _PAGE_ACCESSED bits
* get set whenever a lower-level PT is used, at least some hardware
--- a/xen/include/asm-x86/hvm/hvm.h
+++ b/xen/include/asm-x86/hvm/hvm.h
@@ -181,6 +181,8 @@ int hvm_girq_dest_2_vcpu_id(struct domai
(!!((v)->arch.hvm_vcpu.guest_cr[0] & X86_CR0_WP))
#define hvm_pae_enabled(v) \
(hvm_paging_enabled(v) && ((v)->arch.hvm_vcpu.guest_cr[4] & X86_CR4_PAE))
+#define hvm_smep_enabled(v) \
+ (hvm_paging_enabled(v) && ((v)->arch.hvm_vcpu.guest_cr[4] & X86_CR4_SMEP))
#define hvm_nx_enabled(v) \
(!!((v)->arch.hvm_vcpu.guest_efer & EFER_NX))
@@ -294,6 +296,7 @@ static inline int hvm_do_pmu_interrupt(s
X86_CR4_DE | X86_CR4_PSE | X86_CR4_PAE | \
X86_CR4_MCE | X86_CR4_PGE | X86_CR4_PCE | \
X86_CR4_OSFXSR | X86_CR4_OSXMMEXCPT | \
+ (cpu_has_smep ? X86_CR4_SMEP : 0) | \
(xsave_enabled(_v) ? X86_CR4_OSXSAVE : 0))))
/* These exceptions must always be intercepted. */

24
23505-x86-cpu-add-arg-check.patch Normal file
View File

@ -0,0 +1,24 @@
# HG changeset patch
# User Keir Fraser <keir@xen.org>
# Date 1307689724 -3600
# Node ID 5a557fda70a99d287735b53957e865c8dac0e351
# Parent c34604d5a29336d902837542b915d3b09b27a361
x86: Fix argument checking in (privileged) function cpu_add().
Thanks to John McDermott <john.mcdermott@nrl.navy.mil> for spotting.
Signed-off-by: Keir Fraser <keir@xen.org>
--- a/xen/arch/x86/smpboot.c
+++ b/xen/arch/x86/smpboot.c
@@ -899,7 +899,9 @@ int cpu_add(uint32_t apic_id, uint32_t a
dprintk(XENLOG_DEBUG, "cpu_add apic_id %x acpi_id %x pxm %x\n",
apic_id, acpi_id, pxm);
- if ( acpi_id > MAX_MADT_ENTRIES || apic_id > MAX_APICS || pxm > 256 )
+ if ( (acpi_id >= MAX_MADT_ENTRIES) ||
+ (apic_id >= MAX_APICS) ||
+ (pxm >= 256) )
return -EINVAL;
if ( !cpu_hotplug_begin() )

45
23508-vmx-proc-based-ctls-probe.patch Normal file
View File

@ -0,0 +1,45 @@
# HG changeset patch
# User Keir Fraser <keir@xen.org>
# Date 1307691167 -3600
# Node ID 2ef6bbee50371e1135236035ed1a9a7b8748e09f
# Parent 0a29c8c3ddf7395ea8e68c5f4cd8633023490022
x86/vmx: Small fixes to MSR_IA32_VMX_PROCBASED_CTLS feature probing.
Should check for VIRTUAL_INTR_PENDING as we unconditionally make use
of it. Also check for CR8 exiting unconditionally on x86/64, as this
is of use to nestedvmx, and every 64-bit cpu should support it.
Signed-off-by: Eddie Dong <eddie.dong@intel.com>
Signed-off-by: Keir Fraser <keir@xen.org>
--- a/xen/arch/x86/hvm/vmx/vmcs.c
+++ b/xen/arch/x86/hvm/vmx/vmcs.c
@@ -147,6 +147,11 @@ static int vmx_init_vmcs_config(void)
MSR_IA32_VMX_PINBASED_CTLS, &mismatch);
min = (CPU_BASED_HLT_EXITING |
+ CPU_BASED_VIRTUAL_INTR_PENDING |
+#ifdef __x86_64__
+ CPU_BASED_CR8_LOAD_EXITING |
+ CPU_BASED_CR8_STORE_EXITING |
+#endif
CPU_BASED_INVLPG_EXITING |
CPU_BASED_CR3_LOAD_EXITING |
CPU_BASED_CR3_STORE_EXITING |
@@ -165,13 +170,9 @@ static int vmx_init_vmcs_config(void)
MSR_IA32_VMX_PROCBASED_CTLS, &mismatch);
_vmx_cpu_based_exec_control &= ~CPU_BASED_RDTSC_EXITING;
#ifdef __x86_64__
- if ( !(_vmx_cpu_based_exec_control & CPU_BASED_TPR_SHADOW) )
- {
- min |= CPU_BASED_CR8_LOAD_EXITING | CPU_BASED_CR8_STORE_EXITING;
- _vmx_cpu_based_exec_control = adjust_vmx_controls(
- "CPU-Based Exec Control", min, opt,
- MSR_IA32_VMX_PROCBASED_CTLS, &mismatch);
- }
+ if ( _vmx_cpu_based_exec_control & CPU_BASED_TPR_SHADOW )
+ _vmx_cpu_based_exec_control &=
+ ~(CPU_BASED_CR8_LOAD_EXITING | CPU_BASED_CR8_STORE_EXITING);
#endif
if ( _vmx_cpu_based_exec_control & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS )

44
23510-hvm-cpuid-DRNG.patch Normal file
View File

@ -0,0 +1,44 @@
# HG changeset patch
# User Yang, Wei <wei.y.yang@intel.com>
# Date 1308051888 -3600
# Node ID 864a3dd1d9b4664f1ece44c9eaf390969253b7a8
# Parent 782bc7b2661a3921af21130f34f599f68911f2ce
x86/hvm: Make DRNG feature visible in CPUID
This patch exposes DRNG feature to HVM guests.
The RDRAND instruction can provide software with sequences of
random numbers generated from white noise.
Signed-off-by: Yang, Wei <wei.y.yang@intel.com>
--- a/tools/libxc/xc_cpufeature.h
+++ b/tools/libxc/xc_cpufeature.h
@@ -87,6 +87,7 @@
#define X86_FEATURE_XSAVE 26 /* XSAVE/XRSTOR/XSETBV/XGETBV */
#define X86_FEATURE_AVX 28 /* Advanced Vector Extensions */
#define X86_FEATURE_F16C 29 /* Half-precision convert instruction */
+#define X86_FEATURE_RDRAND 30 /* Digital Random Number Generator */
#define X86_FEATURE_HYPERVISOR 31 /* Running under some hypervisor */
/* VIA/Cyrix/Centaur-defined CPU features, CPUID level 0xC0000001 */
--- a/tools/libxc/xc_cpuid_x86.c
+++ b/tools/libxc/xc_cpuid_x86.c
@@ -262,6 +262,7 @@ static void xc_cpuid_hvm_policy(
bitmaskof(X86_FEATURE_POPCNT) |
bitmaskof(X86_FEATURE_AES) |
bitmaskof(X86_FEATURE_F16C) |
+ bitmaskof(X86_FEATURE_RDRAND) |
((xfeature_mask != 0) ?
(bitmaskof(X86_FEATURE_AVX) |
bitmaskof(X86_FEATURE_XSAVE)) : 0));
--- a/xen/include/asm-x86/cpufeature.h
+++ b/xen/include/asm-x86/cpufeature.h
@@ -105,6 +105,7 @@
#define X86_FEATURE_OSXSAVE (4*32+27) /* OSXSAVE */
#define X86_FEATURE_AVX (4*32+28) /* Advanced Vector Extensions */
#define X86_FEATURE_F16C (4*32+29) /* Half-precision convert instruction */
+#define X86_FEATURE_RDRAND (4*32+30) /* Digital Random Number Generator */
#define X86_FEATURE_HYPERVISOR (4*32+31) /* Running under some hypervisor */
/* VIA/Cyrix/Centaur-defined CPU features, CPUID level 0xC0000001, word 5 */

28
23511-amd-fam15-no-flush-for-C3.patch Normal file
View File

@ -0,0 +1,28 @@
References: FATE#309893
# HG changeset patch
# User Mark Langsdorf <mark.langsdorf@amd.com>
# Date 1308051989 -3600
# Node ID 450f1d198e1e299b69489d513f591f0301cc5166
# Parent 864a3dd1d9b4664f1ece44c9eaf390969253b7a8
x86/amd: Eliminate cache flushing when entering C3 on select AMD processors
AMD Fam15h processors have a shared cache. It does not need
to be be flushed when entering C3 and doing so causes reduces
performance. Modify acpi_processor_power_init_bm_check to
prevent these processors from flushing when entering C3.
Signed-off-by: Mark Langsdorf <mark.langsdorf@amd.com>
--- a/xen/arch/x86/acpi/cpu_idle.c
+++ b/xen/arch/x86/acpi/cpu_idle.c
@@ -680,7 +680,8 @@ static void acpi_processor_power_init_bm
flags->bm_check = 0;
if ( num_online_cpus() == 1 )
flags->bm_check = 1;
- else if ( c->x86_vendor == X86_VENDOR_INTEL )
+ else if ( (c->x86_vendor == X86_VENDOR_INTEL) ||
+ ((c->x86_vendor == X86_VENDOR_AMD) && (c->x86 == 0x15)) )
{
/*
* Today all MP CPUs that support C3 share cache.

67
23516-cpuid-ERMS.patch Normal file
View File

@ -0,0 +1,67 @@
# HG changeset patch
# User Yang, Wei <wei.y.yang@intel.com>
# Date 1308053598 -3600
# Node ID f4a47275aebf383cf565e0a265a56a8c1110d45e
# Parent 337520d94cba906e64dbd3089d65cda8cf97d1d0
x86: Pass through ERMS CPUID feature for HVM and PV guests
This patch exposes ERMS feature to HVM and PV guests.
The REP MOVSB/STOSB instruction can enhance fast strings attempts to
move as much of the data with larger size load/stores as possible.
Signed-off-by: Yang, Wei <wei.y.yang@intel.com>
--- a/tools/libxc/xc_cpufeature.h
+++ b/tools/libxc/xc_cpufeature.h
@@ -126,5 +126,6 @@
/* Intel-defined CPU features, CPUID level 0x00000007:0 (ebx) */
#define X86_FEATURE_FSGSBASE 0 /* {RD,WR}{FS,GS}BASE instructions */
#define X86_FEATURE_SMEP 7 /* Supervisor Mode Execution Protection */
+#define X86_FEATURE_ERMS 9 /* Enhanced REP MOVSB/STOSB */
#endif /* __LIBXC_CPUFEATURE_H */
--- a/tools/libxc/xc_cpuid_x86.c
+++ b/tools/libxc/xc_cpuid_x86.c
@@ -303,7 +303,8 @@ static void xc_cpuid_hvm_policy(
case 0x00000007: /* Intel-defined CPU features */
if ( input[1] == 0 ) {
- regs[1] &= bitmaskof(X86_FEATURE_SMEP);
+ regs[1] &= (bitmaskof(X86_FEATURE_SMEP) |
+ bitmaskof(X86_FEATURE_ERMS));
} else
regs[1] = 0;
regs[0] = regs[2] = regs[3] = 0;
@@ -425,7 +426,8 @@ static void xc_cpuid_pv_policy(
case 7:
if ( input[1] == 0 )
- regs[1] &= bitmaskof(X86_FEATURE_FSGSBASE);
+ regs[1] &= (bitmaskof(X86_FEATURE_FSGSBASE) |
+ bitmaskof(X86_FEATURE_ERMS));
else
regs[1] = 0;
regs[0] = regs[2] = regs[3] = 0;
--- a/xen/arch/x86/traps.c
+++ b/xen/arch/x86/traps.c
@@ -812,7 +812,8 @@ static void pv_cpuid(struct cpu_user_reg
break;
case 7:
if ( regs->ecx == 0 )
- b &= cpufeat_mask(X86_FEATURE_FSGSBASE);
+ b &= (cpufeat_mask(X86_FEATURE_FSGSBASE) |
+ cpufeat_mask(X86_FEATURE_ERMS));
else
b = 0;
a = c = d = 0;
--- a/xen/include/asm-x86/cpufeature.h
+++ b/xen/include/asm-x86/cpufeature.h
@@ -144,6 +144,7 @@
/* Intel-defined CPU features, CPUID level 0x00000007:0 (ebx), word 7 */
#define X86_FEATURE_FSGSBASE (7*32+ 0) /* {RD,WR}{FS,GS}BASE instructions */
#define X86_FEATURE_SMEP (7*32+ 7) /* Supervisor Mode Execution Protection */
+#define X86_FEATURE_ERMS (7*32+ 9) /* Enhanced REP MOVSB/STOSB */
#define cpu_has(c, bit) test_bit(bit, (c)->x86_capability)
#define boot_cpu_has(bit) test_bit(bit, boot_cpu_data.x86_capability)

33
23538-hvm-pio-emul-no-host-crash.patch Normal file
View File

@ -0,0 +1,33 @@
# HG changeset patch
# User George Dunlap <george.dunlap@eu.citrix.com>
# Date 1308150314 -3600
# Node ID 35b4220c98bc89b7162d19ed6c858e027fabff69
# Parent cac82bc1ea23bc213ece4c84db2703dd46df7f25
x86/hvm: Crash domain rather than guest on unexpected PIO IO state
Under certain conditions, if an IO gets into an unexpected state,
hvmemul_do_io can return X86EMUL_UNHANDLEABLE. Unfortunately,
handle_pio() does not expect this state, and calls BUG() if it sees
it, crashing the host.
Other HVM io-related code crashes the guest in this case. This patch
makes handle_pio() do the same.
The crash was seen when executing crash_guest in dom0 to forcibly
crash the guest.
Signed-off-by: George Dunlap <george.dunlap@eu.citrix.com>
--- a/xen/arch/x86/hvm/io.c
+++ b/xen/arch/x86/hvm/io.c
@@ -239,7 +239,9 @@ int handle_pio(uint16_t port, int size,
curr->arch.hvm_vcpu.io_state = HVMIO_handle_pio_awaiting_completion;
break;
default:
- BUG();
+ gdprintk(XENLOG_ERR, "Weird HVM ioemulation status %d.\n", rc);
+ domain_crash(curr->domain);
+ break;
}
return 1;

34
23539-hvm-cpuid-FSGSBASE.patch Normal file
View File

@ -0,0 +1,34 @@
# HG changeset patch
# User Yang, Wei <wei.y.yang@intel.com>
# Date 1308150408 -3600
# Node ID 8c75f35d55f60cb2f374e3b5c7c520f8633d733f
# Parent 35b4220c98bc89b7162d19ed6c858e027fabff69
Enable RDWRGSFS feature support for HVM guests
Write/read FS/GS base instructions enable user level code to
read/write FS & GS segment base registers for thread local storage.
Signed-off-by: Yang, Wei <wei.y.yang@intel.com>
--- a/tools/libxc/xc_cpuid_x86.c
+++ b/tools/libxc/xc_cpuid_x86.c
@@ -304,7 +304,8 @@ static void xc_cpuid_hvm_policy(
case 0x00000007: /* Intel-defined CPU features */
if ( input[1] == 0 ) {
regs[1] &= (bitmaskof(X86_FEATURE_SMEP) |
- bitmaskof(X86_FEATURE_ERMS));
+ bitmaskof(X86_FEATURE_ERMS) |
+ bitmaskof(X86_FEATURE_FSGSBASE));
} else
regs[1] = 0;
regs[0] = regs[2] = regs[3] = 0;
--- a/xen/include/asm-x86/hvm/hvm.h
+++ b/xen/include/asm-x86/hvm/hvm.h
@@ -297,6 +297,7 @@ static inline int hvm_do_pmu_interrupt(s
X86_CR4_MCE | X86_CR4_PGE | X86_CR4_PCE | \
X86_CR4_OSFXSR | X86_CR4_OSXMMEXCPT | \
(cpu_has_smep ? X86_CR4_SMEP : 0) | \
+ (cpu_has_fsgsbase ? X86_CR4_FSGSBASE : 0) | \
(xsave_enabled(_v) ? X86_CR4_OSXSAVE : 0))))
/* These exceptions must always be intercepted. */

24
23543-x86_64-maddr_to_virt-assertion.patch Normal file
View File

@ -0,0 +1,24 @@
# HG changeset patch
# User Jan Beulich <jbeulich@novell.com>
# Date 1308165849 -3600
# Node ID a8edfacd4b5e2cecb78d2ff93e57e7efa1bf2db2
# Parent 23c068b109236657ededa3e3b7f180346a5cd9f9
x86-64: fix incorrect assertion in __maddr_to_virt()
When memory map sparseness reduction is in use, machine address ranges
can't validly be compared directly against the total size of the
direct mapping range.
Signed-off-by: Jan Beulich <jbeulich@novell.com>
--- a/xen/include/asm-x86/x86_64/page.h
+++ b/xen/include/asm-x86/x86_64/page.h
@@ -95,7 +95,7 @@ static inline unsigned long __virt_to_ma
static inline void *__maddr_to_virt(unsigned long ma)
{
- ASSERT(ma < DIRECTMAP_VIRT_END - DIRECTMAP_VIRT_START);
+ ASSERT(pfn_to_pdx(ma >> PAGE_SHIFT) < (DIRECTMAP_SIZE >> PAGE_SHIFT));
return (void *)(DIRECTMAP_VIRT_START +
((ma & ma_va_bottom_mask) |
((ma & ma_top_mask) >> pfn_pdx_hole_shift)));

23
23546-fucomip.patch Normal file
View File

@ -0,0 +1,23 @@
# HG changeset patch
# User Keir Fraser <keir@xen.org>
# Date 1308167438 -3600
# Node ID b58c4ec2f6939b31d56307599b517b5bcfc90279
# Parent 649372e3d46a795040a358075869336b15b6b627
x86_emulate: Fix decode of FUCOMIP %stN.
Signed-off-by: Keir Fraser <keir@xen.org>
xen-unstable changeset: 23546:d25f2c114ace
xen-unstable date: Wed Jun 15 20:33:58 2011 +0100
--- a/xen/arch/x86/x86_emulate/x86_emulate.c
+++ b/xen/arch/x86/x86_emulate/x86_emulate.c
@@ -2936,8 +2936,8 @@ x86_emulate(
dst.reg = (unsigned long *)&_regs.eax;
emulate_fpu_insn_memdst("fnstsw", dst.val);
break;
+ case 0xe8 ... 0xef: /* fucomip %stN */
case 0xf0 ... 0xf7: /* fcomip %stN */
- case 0xf8 ... 0xff: /* fucomip %stN */
emulate_fpu_insn_stub(0xdf, modrm);
break;
default:

44
x86-show-page-walk-early.patch
View File

@ -1,7 +1,5 @@
Index: xen-4.1.1-testing/xen/arch/x86/mm.c
===================================================================
--- xen-4.1.1-testing.orig/xen/arch/x86/mm.c
+++ xen-4.1.1-testing/xen/arch/x86/mm.c
--- a/xen/arch/x86/mm.c
+++ b/xen/arch/x86/mm.c
@@ -160,6 +160,8 @@ static int get_superpage(unsigned long m
#endif
static void put_superpage(unsigned long mfn);
@ -11,11 +9,9 @@ Index: xen-4.1.1-testing/xen/arch/x86/mm.c
#define l1_disallow_mask(d) \
((d != dom_io) && \
(rangeset_is_empty((d)->iomem_caps) && \
Index: xen-4.1.1-testing/xen/arch/x86/traps.c
===================================================================
--- xen-4.1.1-testing.orig/xen/arch/x86/traps.c
+++ xen-4.1.1-testing/xen/arch/x86/traps.c
@@ -1386,6 +1386,7 @@ asmlinkage void __init do_early_page_fau
--- a/xen/arch/x86/traps.c
+++ b/xen/arch/x86/traps.c
@@ -1419,6 +1419,7 @@ asmlinkage void __init do_early_page_fau
unsigned long *stk = (unsigned long *)regs;
printk("Early fatal page fault at %04x:%p (cr2=%p, ec=%04x)\n",
regs->cs, _p(regs->eip), _p(cr2), regs->error_code);
@ -23,10 +19,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/traps.c
printk("Stack dump: ");
while ( ((long)stk & ((PAGE_SIZE - 1) & ~(BYTES_PER_LONG - 1))) != 0 )
printk("%p ", _p(*stk++));
Index: xen-4.1.1-testing/xen/arch/x86/x86_32/mm.c
===================================================================
--- xen-4.1.1-testing.orig/xen/arch/x86/x86_32/mm.c
+++ xen-4.1.1-testing/xen/arch/x86/x86_32/mm.c
--- a/xen/arch/x86/x86_32/mm.c
+++ b/xen/arch/x86/x86_32/mm.c
@@ -123,6 +123,8 @@ void __init paging_init(void)
#undef CNT
#undef MFN
@ -36,10 +30,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/x86_32/mm.c
/* Create page tables for ioremap()/map_domain_page_global(). */
for ( i = 0; i < (IOREMAP_MBYTES >> (L2_PAGETABLE_SHIFT - 20)); i++ )
{
Index: xen-4.1.1-testing/xen/arch/x86/x86_32/traps.c
===================================================================
--- xen-4.1.1-testing.orig/xen/arch/x86/x86_32/traps.c
+++ xen-4.1.1-testing/xen/arch/x86/x86_32/traps.c
--- a/xen/arch/x86/x86_32/traps.c
+++ b/xen/arch/x86/x86_32/traps.c
@@ -164,7 +164,8 @@ void show_page_walk(unsigned long addr)
l3t += (cr3 & 0xFE0UL) >> 3;
l3e = l3t[l3_table_offset(addr)];
@ -70,10 +62,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/x86_32/traps.c
printk(" L1[0x%03lx] = %"PRIpte" %08lx\n",
l1_table_offset(addr), l1e_get_intpte(l1e), pfn);
unmap_domain_page(l1t);
Index: xen-4.1.1-testing/xen/arch/x86/x86_64/mm.c
===================================================================
--- xen-4.1.1-testing.orig/xen/arch/x86/x86_64/mm.c
+++ xen-4.1.1-testing/xen/arch/x86/x86_64/mm.c
--- a/xen/arch/x86/x86_64/mm.c
+++ b/xen/arch/x86/x86_64/mm.c
@@ -750,6 +750,8 @@ void __init paging_init(void)
#undef CNT
#undef MFN
@ -83,10 +73,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/x86_64/mm.c
/* Create user-accessible L2 directory to map the MPT for compat guests. */
BUILD_BUG_ON(l4_table_offset(RDWR_MPT_VIRT_START) !=
l4_table_offset(HIRO_COMPAT_MPT_VIRT_START));
Index: xen-4.1.1-testing/xen/arch/x86/x86_64/traps.c
===================================================================
--- xen-4.1.1-testing.orig/xen/arch/x86/x86_64/traps.c
+++ xen-4.1.1-testing/xen/arch/x86/x86_64/traps.c
--- a/xen/arch/x86/x86_64/traps.c
+++ b/xen/arch/x86/x86_64/traps.c
@@ -176,7 +176,8 @@ void show_page_walk(unsigned long addr)
l4t = mfn_to_virt(mfn);
l4e = l4t[l4_table_offset(addr)];
@ -127,10 +115,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/x86_64/traps.c
printk(" L1[0x%03lx] = %"PRIpte" %016lx\n",
l1_table_offset(addr), l1e_get_intpte(l1e), pfn);
}
Index: xen-4.1.1-testing/xen/include/asm-x86/mm.h
===================================================================
--- xen-4.1.1-testing.orig/xen/include/asm-x86/mm.h
+++ xen-4.1.1-testing/xen/include/asm-x86/mm.h
--- a/xen/include/asm-x86/mm.h
+++ b/xen/include/asm-x86/mm.h
@@ -467,6 +467,8 @@ TYPE_SAFE(unsigned long,mfn);
#define SHARED_M2P_ENTRY (~0UL - 1UL)
#define SHARED_M2P(_e) ((_e) == SHARED_M2P_ENTRY)

278
xen-warnings-unused.diff
View File

@ -1,7 +1,5 @@
Index: xen-4.1.1-testing/tools/libxc/xc_tmem.c
===================================================================
--- xen-4.1.1-testing.orig/tools/libxc/xc_tmem.c
+++ xen-4.1.1-testing/tools/libxc/xc_tmem.c
--- a/tools/libxc/xc_tmem.c
+++ b/tools/libxc/xc_tmem.c
@@ -390,7 +390,8 @@ static int xc_tmem_restore_new_pool(
int xc_tmem_restore(xc_interface *xch, int dom, int io_fd)
@ -12,10 +10,8 @@ Index: xen-4.1.1-testing/tools/libxc/xc_tmem.c
uint32_t this_max_pools, this_version;
uint32_t pool_id;
uint32_t minusone;
Index: xen-4.1.1-testing/tools/libxc/xc_domain_restore.c
===================================================================
--- xen-4.1.1-testing.orig/tools/libxc/xc_domain_restore.c
+++ xen-4.1.1-testing/tools/libxc/xc_domain_restore.c
--- a/tools/libxc/xc_domain_restore.c
+++ b/tools/libxc/xc_domain_restore.c
@@ -1087,7 +1087,6 @@ int xc_domain_restore(xc_interface *xch,
int vcpuextstate = 0;
uint32_t vcpuextstate_size = 0;
@ -24,7 +20,7 @@ Index: xen-4.1.1-testing/tools/libxc/xc_domain_restore.c
int nraces = 0;
/* The new domain's shared-info frame number. */
@@ -1255,7 +1254,6 @@ int xc_domain_restore(xc_interface *xch,
@@ -1251,7 +1250,6 @@ int xc_domain_restore(xc_interface *xch,
* Now simply read each saved frame into its new machine frame.
* We uncanonicalise page tables as we go.
*/
@ -32,10 +28,8 @@ Index: xen-4.1.1-testing/tools/libxc/xc_domain_restore.c
n = m = 0;
loadpages:
Index: xen-4.1.1-testing/tools/misc/gtraceview.c
===================================================================
--- xen-4.1.1-testing.orig/tools/misc/gtraceview.c
+++ xen-4.1.1-testing/tools/misc/gtraceview.c
--- a/tools/misc/gtraceview.c
+++ b/tools/misc/gtraceview.c
@@ -622,7 +622,8 @@ void crt_init(void)
void nr_addch(int nr, int ch)
{
@ -46,10 +40,8 @@ Index: xen-4.1.1-testing/tools/misc/gtraceview.c
getyx(stdscr, y, x);
for (i = 0; i < nr; i++) {
if (x == COLS-1)
Index: xen-4.1.1-testing/tools/xcutils/xc_restore.c
===================================================================
--- xen-4.1.1-testing.orig/tools/xcutils/xc_restore.c
+++ xen-4.1.1-testing/tools/xcutils/xc_restore.c
--- a/tools/xcutils/xc_restore.c
+++ b/tools/xcutils/xc_restore.c
@@ -19,7 +19,8 @@ int
main(int argc, char **argv)
{
@ -60,10 +52,8 @@ Index: xen-4.1.1-testing/tools/xcutils/xc_restore.c
xc_interface *xch;
int io_fd, ret;
int superpages;
Index: xen-4.1.1-testing/tools/firmware/rombios/32bit/tcgbios/tcgbios.c
===================================================================
--- xen-4.1.1-testing.orig/tools/firmware/rombios/32bit/tcgbios/tcgbios.c
+++ xen-4.1.1-testing/tools/firmware/rombios/32bit/tcgbios/tcgbios.c
--- a/tools/firmware/rombios/32bit/tcgbios/tcgbios.c
+++ b/tools/firmware/rombios/32bit/tcgbios/tcgbios.c
@@ -1064,7 +1064,7 @@ uint32_t HashLogEvent32(struct hlei *hle
uint32_t rc = 0;
uint16_t size;
@ -73,10 +63,8 @@ Index: xen-4.1.1-testing/tools/firmware/rombios/32bit/tcgbios/tcgbios.c
uint32_t hashdataptr;
uint32_t hashdatalen;
Index: xen-4.1.1-testing/tools/console/client/main.c
===================================================================
--- xen-4.1.1-testing.orig/tools/console/client/main.c
+++ xen-4.1.1-testing/tools/console/client/main.c
--- a/tools/console/client/main.c
+++ b/tools/console/client/main.c
@@ -277,7 +277,8 @@ int main(int argc, char **argv)
};
@ -87,10 +75,8 @@ Index: xen-4.1.1-testing/tools/console/client/main.c
struct xs_handle *xs;
char *end;
console_type type = CONSOLE_INVAL;
Index: xen-4.1.1-testing/tools/xenstat/xentop/xentop.c
===================================================================
--- xen-4.1.1-testing.orig/tools/xenstat/xentop/xentop.c
+++ xen-4.1.1-testing/tools/xenstat/xentop/xentop.c
--- a/tools/xenstat/xentop/xentop.c
+++ b/tools/xenstat/xentop/xentop.c
@@ -272,7 +272,8 @@ static void fail(const char *str)
/* Return the row containing the cursor. */
static int current_row(void)
@ -111,11 +97,9 @@ Index: xen-4.1.1-testing/tools/xenstat/xentop/xentop.c
getmaxyx(stdscr, y, x);
return y;
}
Index: xen-4.1.1-testing/tools/libxl/libxlu_cfg.c
===================================================================
--- xen-4.1.1-testing.orig/tools/libxl/libxlu_cfg.c
+++ xen-4.1.1-testing/tools/libxl/libxlu_cfg.c
@@ -348,7 +348,7 @@ char *xlu__cfgl_dequote(CfgParseContext
--- a/tools/libxl/libxlu_cfg.c
+++ b/tools/libxl/libxlu_cfg.c
@@ -348,7 +348,7 @@ char *xlu__cfgl_dequote(CfgParseContext
#define NUMERIC_CHAR(minlen,maxlen,base,basetext) do{ \
char numbuf[(maxlen)+1], *ep; \
@ -124,11 +108,9 @@ Index: xen-4.1.1-testing/tools/libxl/libxlu_cfg.c
\
strncpy(numbuf,p,(maxlen)); \
numbuf[(maxlen)]= 0; \
Index: xen-4.1.1-testing/tools/libxl/libxl.c
===================================================================
--- xen-4.1.1-testing.orig/tools/libxl/libxl.c
+++ xen-4.1.1-testing/tools/libxl/libxl.c
@@ -221,7 +221,7 @@ int libxl_domain_rename(libxl_ctx *ctx,
--- a/tools/libxl/libxl.c
+++ b/tools/libxl/libxl.c
@@ -221,7 +221,7 @@ int libxl_domain_rename(libxl_ctx *ctx,
int libxl_domain_resume(libxl_ctx *ctx, uint32_t domid)
{
libxl__gc gc = LIBXL_INIT_GC(ctx);
@ -155,10 +137,8 @@ Index: xen-4.1.1-testing/tools/libxl/libxl.c
libxl__sprintf(&gc, "%s/device/vif", dompath), &nb_nics);
if (!l)
goto err;
Index: xen-4.1.1-testing/tools/libxl/libxl_pci.c
===================================================================
--- xen-4.1.1-testing.orig/tools/libxl/libxl_pci.c
+++ xen-4.1.1-testing/tools/libxl/libxl_pci.c
--- a/tools/libxl/libxl_pci.c
+++ b/tools/libxl/libxl_pci.c
@@ -240,7 +240,7 @@ static int libxl_create_pci_backend(libx
flexarray_t *front = NULL;
flexarray_t *back = NULL;
@ -177,10 +157,8 @@ Index: xen-4.1.1-testing/tools/libxl/libxl_pci.c
LIBXL__LOG(ctx, LIBXL__LOG_DEBUG, "Creating pci backend");
/* add pci device */
Index: xen-4.1.1-testing/tools/libxl/libxl_dom.c
===================================================================
--- xen-4.1.1-testing.orig/tools/libxl/libxl_dom.c
+++ xen-4.1.1-testing/tools/libxl/libxl_dom.c
--- a/tools/libxl/libxl_dom.c
+++ b/tools/libxl/libxl_dom.c
@@ -265,14 +265,13 @@ int libxl__build_hvm(libxl_ctx *ctx, uin
libxl_domain_build_info *info, libxl_domain_build_state *state)
{
@ -205,10 +183,8 @@ Index: xen-4.1.1-testing/tools/libxl/libxl_dom.c
out:
libxl__free_all(&gc);
return 0;
Index: xen-4.1.1-testing/tools/libxl/libxl_utils.c
===================================================================
--- xen-4.1.1-testing.orig/tools/libxl/libxl_utils.c
+++ xen-4.1.1-testing/tools/libxl/libxl_utils.c
--- a/tools/libxl/libxl_utils.c
+++ b/tools/libxl/libxl_utils.c
@@ -531,7 +531,7 @@ int libxl_devid_to_device_disk(libxl_ctx
libxl__gc gc = LIBXL_INIT_GC(ctx);
char *endptr, *val;
@ -218,10 +194,8 @@ Index: xen-4.1.1-testing/tools/libxl/libxl_utils.c
int rc = ERROR_INVAL;
devid_n = strtoul(devid, &endptr, 10);
Index: xen-4.1.1-testing/tools/libxl/xl_cmdimpl.c
===================================================================
--- xen-4.1.1-testing.orig/tools/libxl/xl_cmdimpl.c
+++ xen-4.1.1-testing/tools/libxl/xl_cmdimpl.c
--- a/tools/libxl/xl_cmdimpl.c
+++ b/tools/libxl/xl_cmdimpl.c
@@ -5448,7 +5448,7 @@ int main_cpupoollist(int argc, char **ar
{"cpus", 0, 0, 'c'},
{0, 0, 0, 0}
@ -231,10 +205,8 @@ Index: xen-4.1.1-testing/tools/libxl/xl_cmdimpl.c
int opt_cpus = 0;
const char *pool = NULL;
libxl_cpupoolinfo *poolinfo;
Index: xen-4.1.1-testing/tools/debugger/gdbsx/gx/gx_comm.c
===================================================================
--- xen-4.1.1-testing.orig/tools/debugger/gdbsx/gx/gx_comm.c
+++ xen-4.1.1-testing/tools/debugger/gdbsx/gx/gx_comm.c
--- a/tools/debugger/gdbsx/gx/gx_comm.c
+++ b/tools/debugger/gdbsx/gx/gx_comm.c
@@ -163,7 +163,7 @@ readchar(void)
static char buf[BUFSIZ];
static int bufcnt = 0;
@ -244,10 +216,8 @@ Index: xen-4.1.1-testing/tools/debugger/gdbsx/gx/gx_comm.c
if (bufcnt-- > 0)
return *bufp++ & 0x7f;
Index: xen-4.1.1-testing/tools/python/xen/lowlevel/checkpoint/libcheckpoint.c
===================================================================
--- xen-4.1.1-testing.orig/tools/python/xen/lowlevel/checkpoint/libcheckpoint.c
+++ xen-4.1.1-testing/tools/python/xen/lowlevel/checkpoint/libcheckpoint.c
--- a/tools/python/xen/lowlevel/checkpoint/libcheckpoint.c
+++ b/tools/python/xen/lowlevel/checkpoint/libcheckpoint.c
@@ -820,7 +820,7 @@ static int create_suspend_thread(checkpo
static void stop_suspend_thread(checkpoint_state* s)
@ -257,10 +227,8 @@ Index: xen-4.1.1-testing/tools/python/xen/lowlevel/checkpoint/libcheckpoint.c
s->done = 1;
Index: xen-4.1.1-testing/tools/python/xen/lowlevel/netlink/libnetlink.c
===================================================================
--- xen-4.1.1-testing.orig/tools/python/xen/lowlevel/netlink/libnetlink.c
+++ xen-4.1.1-testing/tools/python/xen/lowlevel/netlink/libnetlink.c
--- a/tools/python/xen/lowlevel/netlink/libnetlink.c
+++ b/tools/python/xen/lowlevel/netlink/libnetlink.c
@@ -433,7 +433,8 @@ int rtnl_from_file(FILE *rtnl, rtnl_filt
nladdr.nl_groups = 0;
@ -271,10 +239,8 @@ Index: xen-4.1.1-testing/tools/python/xen/lowlevel/netlink/libnetlink.c
int l;
status = fread(&buf, 1, sizeof(*h), rtnl);
Index: xen-4.1.1-testing/xen/arch/x86/msi.c
===================================================================
--- xen-4.1.1-testing.orig/xen/arch/x86/msi.c
+++ xen-4.1.1-testing/xen/arch/x86/msi.c
--- a/xen/arch/x86/msi.c
+++ b/xen/arch/x86/msi.c
@@ -745,7 +745,7 @@ static void __pci_disable_msi(struct msi
{
struct pci_dev *dev;
@ -284,10 +250,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/msi.c
u8 bus, slot, func;
dev = entry->dev;
Index: xen-4.1.1-testing/xen/arch/x86/microcode_amd.c
===================================================================
--- xen-4.1.1-testing.orig/xen/arch/x86/microcode_amd.c
+++ xen-4.1.1-testing/xen/arch/x86/microcode_amd.c
--- a/xen/arch/x86/microcode_amd.c
+++ b/xen/arch/x86/microcode_amd.c
@@ -164,7 +164,7 @@ static int apply_microcode(int cpu)
static int get_next_ucode_from_buffer_amd(void *mc, const void *buf,
size_t size, unsigned long *offset)
@ -297,10 +261,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/microcode_amd.c
size_t total_size;
const uint8_t *bufp = buf;
unsigned long off;
Index: xen-4.1.1-testing/xen/common/cpupool.c
===================================================================
--- xen-4.1.1-testing.orig/xen/common/cpupool.c
+++ xen-4.1.1-testing/xen/common/cpupool.c
--- a/xen/common/cpupool.c
+++ b/xen/common/cpupool.c
@@ -356,7 +356,7 @@ int cpupool_add_domain(struct domain *d,
{
struct cpupool *c;
@ -321,10 +283,8 @@ Index: xen-4.1.1-testing/xen/common/cpupool.c
if ( d->cpupool == NULL )
return;
Index: xen-4.1.1-testing/xen/common/grant_table.c
===================================================================
--- xen-4.1.1-testing.orig/xen/common/grant_table.c
+++ xen-4.1.1-testing/xen/common/grant_table.c
--- a/xen/common/grant_table.c
+++ b/xen/common/grant_table.c
@@ -765,7 +765,7 @@ __gnttab_unmap_common(
struct domain *ld, *rd;
struct active_grant_entry *act;
@ -334,10 +294,8 @@ Index: xen-4.1.1-testing/xen/common/grant_table.c
ld = current->domain;
Index: xen-4.1.1-testing/xen/common/kexec.c
===================================================================
--- xen-4.1.1-testing.orig/xen/common/kexec.c
+++ xen-4.1.1-testing/xen/common/kexec.c
--- a/xen/common/kexec.c
+++ b/xen/common/kexec.c
@@ -563,7 +563,8 @@ static int kexec_exec(XEN_GUEST_HANDLE(v
{
xen_kexec_exec_t exec;
@ -348,10 +306,8 @@ Index: xen-4.1.1-testing/xen/common/kexec.c
if ( unlikely(copy_from_guest(&exec, uarg, 1)) )
return -EFAULT;
Index: xen-4.1.1-testing/xen/drivers/passthrough/vtd/intremap.c
===================================================================
--- xen-4.1.1-testing.orig/xen/drivers/passthrough/vtd/intremap.c
+++ xen-4.1.1-testing/xen/drivers/passthrough/vtd/intremap.c
--- a/xen/drivers/passthrough/vtd/intremap.c
+++ b/xen/drivers/passthrough/vtd/intremap.c
@@ -367,7 +367,7 @@ unsigned int io_apic_read_remap_rte(
unsigned int ioapic_pin = (reg - 0x10) / 2;
int index;
@ -370,10 +326,8 @@ Index: xen-4.1.1-testing/xen/drivers/passthrough/vtd/intremap.c
iommu = drhd->iommu;
qi_ctrl = iommu_qi_ctrl(iommu);
Index: xen-4.1.1-testing/xen/common/sched_credit2.c
===================================================================
--- xen-4.1.1-testing.orig/xen/common/sched_credit2.c
+++ xen-4.1.1-testing/xen/common/sched_credit2.c
--- a/xen/common/sched_credit2.c
+++ b/xen/common/sched_credit2.c
@@ -1854,7 +1854,8 @@ static void deactivate_runqueue(struct c
static void init_pcpu(const struct scheduler *ops, int cpu)
@ -384,11 +338,9 @@ Index: xen-4.1.1-testing/xen/common/sched_credit2.c
struct csched_private *prv = CSCHED_PRIV(ops);
struct csched_runqueue_data *rqd;
spinlock_t *old_lock;
Index: xen-4.1.1-testing/xen/common/unlzo.c
===================================================================
--- xen-4.1.1-testing.orig/xen/common/unlzo.c
+++ xen-4.1.1-testing/xen/common/unlzo.c
@@ -68,7 +68,7 @@ static int INIT parse_header(u8 *input,
--- a/xen/common/unlzo.c
+++ b/xen/common/unlzo.c
@@ -68,7 +68,7 @@ static int INIT parse_header(u8 *input,
{
int l;
u8 *parse = input;
@ -397,10 +349,8 @@ Index: xen-4.1.1-testing/xen/common/unlzo.c
u16 version;
/* read magic: 9 first bits */
Index: xen-4.1.1-testing/xen/arch/x86/time.c
===================================================================
--- xen-4.1.1-testing.orig/xen/arch/x86/time.c
+++ xen-4.1.1-testing/xen/arch/x86/time.c
--- a/xen/arch/x86/time.c
+++ b/xen/arch/x86/time.c
@@ -1001,7 +1001,8 @@ static void local_time_calibration(void)
* System timestamps, extrapolated from local and master oscillators,
* taken during this calibration and the previous calibration.
@ -411,10 +361,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/time.c
s_time_t prev_master_stime, curr_master_stime;
/* TSC timestamps taken during this calibration and prev calibration. */
Index: xen-4.1.1-testing/xen/arch/x86/cpu/amd.c
===================================================================
--- xen-4.1.1-testing.orig/xen/arch/x86/cpu/amd.c
+++ xen-4.1.1-testing/xen/arch/x86/cpu/amd.c
--- a/xen/arch/x86/cpu/amd.c
+++ b/xen/arch/x86/cpu/amd.c
@@ -348,7 +348,7 @@ static void __devinit init_amd(struct cp
{
u32 l, h;
@ -424,11 +372,9 @@ Index: xen-4.1.1-testing/xen/arch/x86/cpu/amd.c
#ifdef CONFIG_SMP
unsigned long long value;
Index: xen-4.1.1-testing/xen/arch/x86/mm/p2m.c
===================================================================
--- xen-4.1.1-testing.orig/xen/arch/x86/mm/p2m.c
+++ xen-4.1.1-testing/xen/arch/x86/mm/p2m.c
@@ -2338,7 +2338,7 @@ p2m_remove_page(struct p2m_domain *p2m,
--- a/xen/arch/x86/mm/p2m.c
+++ b/xen/arch/x86/mm/p2m.c
@@ -2338,7 +2338,7 @@ p2m_remove_page(struct p2m_domain *p2m,
unsigned int page_order)
{
unsigned long i;
@ -446,10 +392,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/mm/p2m.c
int pod_count = 0;
int rc = 0;
Index: xen-4.1.1-testing/xen/arch/x86/hvm/emulate.c
===================================================================
--- xen-4.1.1-testing.orig/xen/arch/x86/hvm/emulate.c
+++ xen-4.1.1-testing/xen/arch/x86/hvm/emulate.c
--- a/xen/arch/x86/hvm/emulate.c
+++ b/xen/arch/x86/hvm/emulate.c
@@ -59,7 +59,7 @@ static int hvmemul_do_io(
ioreq_t *p = get_ioreq(curr);
unsigned long ram_gfn = paddr_to_pfn(ram_gpa);
@ -459,10 +403,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/hvm/emulate.c
int rc;
/* Check for paged out page */
Index: xen-4.1.1-testing/xen/arch/x86/hvm/hvm.c
===================================================================
--- xen-4.1.1-testing.orig/xen/arch/x86/hvm/hvm.c
+++ xen-4.1.1-testing/xen/arch/x86/hvm/hvm.c
--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
@@ -253,7 +253,8 @@ void hvm_migrate_timers(struct vcpu *v)
void hvm_migrate_pirqs(struct vcpu *v)
@ -473,7 +415,7 @@ Index: xen-4.1.1-testing/xen/arch/x86/hvm/hvm.c
struct irq_desc *desc;
struct domain *d = v->domain;
struct hvm_irq_dpci *hvm_irq_dpci = d->arch.hvm_domain.irq.dpci;
@@ -3583,7 +3584,7 @@ long do_hvm_op(unsigned long op, XEN_GUE
@@ -3588,7 +3589,7 @@ long do_hvm_op(unsigned long op, XEN_GUE
{
p2m_type_t t;
p2m_type_t nt;
@ -482,10 +424,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/hvm/hvm.c
mfn = gfn_to_mfn_unshare(p2m, pfn, &t, 0);
if ( p2m_is_paging(t) )
{
Index: xen-4.1.1-testing/xen/arch/x86/acpi/cpu_idle.c
===================================================================
--- xen-4.1.1-testing.orig/xen/arch/x86/acpi/cpu_idle.c
+++ xen-4.1.1-testing/xen/arch/x86/acpi/cpu_idle.c
--- a/xen/arch/x86/acpi/cpu_idle.c
+++ b/xen/arch/x86/acpi/cpu_idle.c
@@ -273,7 +273,7 @@ static void acpi_processor_ffh_cstate_en
static void acpi_idle_do_entry(struct acpi_processor_cx *cx)
@ -495,10 +435,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/acpi/cpu_idle.c
switch ( cx->entry_method )
{
Index: xen-4.1.1-testing/xen/arch/x86/cpu/intel.c
===================================================================
--- xen-4.1.1-testing.orig/xen/arch/x86/cpu/intel.c
+++ xen-4.1.1-testing/xen/arch/x86/cpu/intel.c
--- a/xen/arch/x86/cpu/intel.c
+++ b/xen/arch/x86/cpu/intel.c
@@ -35,7 +35,7 @@ struct movsl_mask movsl_mask __read_most
*/
static void __devinit set_cpuidmask(const struct cpuinfo_x86 *c)
@ -508,10 +446,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/cpu/intel.c
if (!~(opt_cpuid_mask_ecx & opt_cpuid_mask_edx &
opt_cpuid_mask_ext_ecx & opt_cpuid_mask_ext_edx))
Index: xen-4.1.1-testing/xen/arch/x86/cpu/intel_cacheinfo.c
===================================================================
--- xen-4.1.1-testing.orig/xen/arch/x86/cpu/intel_cacheinfo.c
+++ xen-4.1.1-testing/xen/arch/x86/cpu/intel_cacheinfo.c
--- a/xen/arch/x86/cpu/intel_cacheinfo.c
+++ b/xen/arch/x86/cpu/intel_cacheinfo.c
@@ -170,7 +170,8 @@ unsigned int __cpuinit init_intel_cachei
unsigned int trace = 0, l1i = 0, l1d = 0, l2 = 0, l3 = 0; /* Cache sizes */
unsigned int new_l1d = 0, new_l1i = 0; /* Cache sizes from cpuid(4) */
@ -522,11 +458,9 @@ Index: xen-4.1.1-testing/xen/arch/x86/cpu/intel_cacheinfo.c
if (c->cpuid_level > 3) {
static int is_initialized;
Index: xen-4.1.1-testing/xen/arch/x86/mm/mem_sharing.c
===================================================================
--- xen-4.1.1-testing.orig/xen/arch/x86/mm/mem_sharing.c
+++ xen-4.1.1-testing/xen/arch/x86/mm/mem_sharing.c
@@ -376,7 +376,7 @@ int mem_sharing_debug_gfn(struct domain
--- a/xen/arch/x86/mm/mem_sharing.c
+++ b/xen/arch/x86/mm/mem_sharing.c
@@ -376,7 +376,7 @@ int mem_sharing_debug_gfn(struct domain
{
p2m_type_t p2mt;
mfn_t mfn;
@ -535,10 +469,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/mm/mem_sharing.c
mfn = gfn_to_mfn(p2m_get_hostp2m(d), gfn, &p2mt);
page = mfn_to_page(mfn);
Index: xen-4.1.1-testing/xen/arch/x86/hvm/viridian.c
===================================================================
--- xen-4.1.1-testing.orig/xen/arch/x86/hvm/viridian.c
+++ xen-4.1.1-testing/xen/arch/x86/hvm/viridian.c
--- a/xen/arch/x86/hvm/viridian.c
+++ b/xen/arch/x86/hvm/viridian.c
@@ -270,7 +270,7 @@ int rdmsr_viridian_regs(uint32_t idx, ui
int viridian_hypercall(struct cpu_user_regs *regs)
{
@ -548,10 +480,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/hvm/viridian.c
uint16_t status = HV_STATUS_SUCCESS;
union hypercall_input {
Index: xen-4.1.1-testing/xen/arch/x86/mm.c
===================================================================
--- xen-4.1.1-testing.orig/xen/arch/x86/mm.c
+++ xen-4.1.1-testing/xen/arch/x86/mm.c
--- a/xen/arch/x86/mm.c
+++ b/xen/arch/x86/mm.c
@@ -4900,7 +4900,7 @@ static int ptwr_emulated_update(
{
unsigned long mfn;
@ -561,10 +491,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/mm.c
l1_pgentry_t pte, ol1e, nl1e, *pl1e;
struct vcpu *v = current;
struct domain *d = v->domain;
Index: xen-4.1.1-testing/xen/arch/x86/x86_64/mm.c
===================================================================
--- xen-4.1.1-testing.orig/xen/arch/x86/x86_64/mm.c
+++ xen-4.1.1-testing/xen/arch/x86/x86_64/mm.c
--- a/xen/arch/x86/x86_64/mm.c
+++ b/xen/arch/x86/x86_64/mm.c
@@ -435,7 +435,8 @@ void destroy_m2p_mapping(struct mem_hota
static int setup_compat_m2p_table(struct mem_hotadd_info *info)
{
@ -575,10 +503,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/x86_64/mm.c
l3_pgentry_t *l3_ro_mpt = NULL;
l2_pgentry_t *l2_ro_mpt = NULL;
struct page_info *l1_pg;
Index: xen-4.1.1-testing/xen/arch/x86/cpu/mcheck/mce.c
===================================================================
--- xen-4.1.1-testing.orig/xen/arch/x86/cpu/mcheck/mce.c
+++ xen-4.1.1-testing/xen/arch/x86/cpu/mcheck/mce.c
--- a/xen/arch/x86/cpu/mcheck/mce.c
+++ b/xen/arch/x86/cpu/mcheck/mce.c
@@ -151,7 +151,6 @@ static struct mcinfo_bank *mca_init_bank
struct mc_info *mi, int bank)
{
@ -595,7 +521,7 @@ Index: xen-4.1.1-testing/xen/arch/x86/cpu/mcheck/mce.c
if (mib->mc_status & MCi_STATUS_MISCV)
mib->mc_misc = mca_rdmsr(MSR_IA32_MCx_MISC(bank));
@@ -281,7 +279,7 @@ mctelem_cookie_t mcheck_mca_logout(enum
@@ -281,7 +279,7 @@ mctelem_cookie_t mcheck_mca_logout(enum
recover = (mc_recoverable_scan)? 1: 0;
for (i = 0; i < 32 && i < nr_mce_banks; i++) {
@ -613,10 +539,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/cpu/mcheck/mce.c
uint64_t hwcr = 0;
int intpose;
int i;
Index: xen-4.1.1-testing/xen/common/tmem.c
===================================================================
--- xen-4.1.1-testing.orig/xen/common/tmem.c
+++ xen-4.1.1-testing/xen/common/tmem.c
--- a/xen/common/tmem.c
+++ b/xen/common/tmem.c
@@ -1351,7 +1351,8 @@ obj_unlock:
static int tmem_evict(void)
{
@ -637,10 +561,8 @@ Index: xen-4.1.1-testing/xen/common/tmem.c
client_t *client = pool->client;
int ret = client->frozen ? -EFROZEN : -ENOMEM;
Index: xen-4.1.1-testing/xen/common/tmem_xen.c
===================================================================
--- xen-4.1.1-testing.orig/xen/common/tmem_xen.c
+++ xen-4.1.1-testing/xen/common/tmem_xen.c
--- a/xen/common/tmem_xen.c
+++ b/xen/common/tmem_xen.c
@@ -177,7 +177,7 @@ EXPORT int tmh_copy_from_client(pfp_t *p
EXPORT int tmh_compress_from_client(tmem_cli_mfn_t cmfn,
void **out_va, size_t *out_len, void *cli_va)
@ -678,10 +600,8 @@ Index: xen-4.1.1-testing/xen/common/tmem_xen.c
tmh->persistent_pool = xmem_pool_create(name, tmh_persistent_pool_page_get,
tmh_persistent_pool_page_put, PAGE_SIZE, 0, PAGE_SIZE);
if ( tmh->persistent_pool == NULL )
Index: xen-4.1.1-testing/xen/arch/x86/cpu/mcheck/vmce.c
===================================================================
--- xen-4.1.1-testing.orig/xen/arch/x86/cpu/mcheck/vmce.c
+++ xen-4.1.1-testing/xen/arch/x86/cpu/mcheck/vmce.c
--- a/xen/arch/x86/cpu/mcheck/vmce.c
+++ b/xen/arch/x86/cpu/mcheck/vmce.c
@@ -574,7 +574,7 @@ int is_vmce_ready(struct mcinfo_bank *ba
*/
int unmmap_broken_page(struct domain *d, mfn_t mfn, unsigned long gfn)
@ -691,11 +611,9 @@ Index: xen-4.1.1-testing/xen/arch/x86/cpu/mcheck/vmce.c
struct p2m_domain *p2m;
p2m_type_t pt;
Index: xen-4.1.1-testing/xen/arch/x86/mm/shadow/multi.c
===================================================================
--- xen-4.1.1-testing.orig/xen/arch/x86/mm/shadow/multi.c
+++ xen-4.1.1-testing/xen/arch/x86/mm/shadow/multi.c
@@ -124,7 +124,7 @@ set_shadow_status(struct vcpu *v, mfn_t
--- a/xen/arch/x86/mm/shadow/multi.c
+++ b/xen/arch/x86/mm/shadow/multi.c
@@ -124,7 +124,7 @@ set_shadow_status(struct vcpu *v, mfn_t
/* Put a shadow into the hash table */
{
struct domain *d = v->domain;
@ -713,10 +631,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/mm/shadow/multi.c
shadow_l1e_t *sl1p, sl1e;
struct page_info *sp;
Index: xen-4.1.1-testing/xen/arch/x86/domain_build.c
===================================================================
--- xen-4.1.1-testing.orig/xen/arch/x86/domain_build.c
+++ xen-4.1.1-testing/xen/arch/x86/domain_build.c
--- a/xen/arch/x86/domain_build.c
+++ b/xen/arch/x86/domain_build.c
@@ -375,8 +375,7 @@ int __init construct_dom0(
return rc;
@ -727,11 +643,9 @@ Index: xen-4.1.1-testing/xen/arch/x86/domain_build.c
machine = elf_uval(&elf, elf.ehdr, e_machine);
switch (CONFIG_PAGING_LEVELS) {
case 3: /* x86_32p */
Index: xen-4.1.1-testing/xen/arch/x86/traps.c
===================================================================
--- xen-4.1.1-testing.orig/xen/arch/x86/traps.c
+++ xen-4.1.1-testing/xen/arch/x86/traps.c
@@ -1751,7 +1751,11 @@ static int emulate_privileged_op(struct
--- a/xen/arch/x86/traps.c
+++ b/xen/arch/x86/traps.c
@@ -1784,7 +1784,11 @@ static int emulate_privileged_op(struct
struct vcpu *v = current;
unsigned long *reg, eip = regs->eip;
u8 opcode, modrm_reg = 0, modrm_rm = 0, rep_prefix = 0, lock = 0, rex = 0;

28
xen.changes
View File

@ -1,3 +1,31 @@
-------------------------------------------------------------------
Fri Jun 17 06:37:36 MDT 2011 - carnold@novell.com
- fate#309893: Add Xen support for AMD family 15h processors
- fate#309901: Add Xen support for SVM TSC scaling in AMD family
15h
- fate#311951: Ivy Bridge: XEN support for Supervisor Mode
Execution Protection (SMEP)
23437-amd-fam15-TSC-scaling.patch
23462-libxc-cpu-feature.patch
23481-x86-SMEP.patch
23504-x86-SMEP-hvm.patch
23505-x86-cpu-add-arg-check.patch
23508-vmx-proc-based-ctls-probe.patch
23510-hvm-cpuid-DRNG.patch
23511-amd-fam15-no-flush-for-C3.patch
23516-cpuid-ERMS.patch
23538-hvm-pio-emul-no-host-crash.patch
23539-hvm-cpuid-FSGSBASE.patch
23543-x86_64-maddr_to_virt-assertion.patch
23546-fucomip.patch
-------------------------------------------------------------------
Wed Jun 15 15:31:17 MDT 2011 - jfehlig@novell.com
- Fix libxc reentrancy issues
23383-libxc-rm-static-vars.patch
-------------------------------------------------------------------
Wed Jun 15 08:09:53 MDT 2011 - carnold@novell.com

28
xen.spec
View File

@ -141,7 +141,20 @@ Patch15: 23304-amd-oprofile-strings.patch
Patch16: 23305-amd-fam15-xenoprof.patch
Patch17: 23306-amd-fam15-vpmu.patch
Patch18: 23334-amd-fam12+14-vpmu.patch
Patch19: 23338-vtd-force-intremap.patch
Patch19: 23383-libxc-rm-static-vars.patch
Patch20: 23437-amd-fam15-TSC-scaling.patch
Patch21: 23462-libxc-cpu-feature.patch
Patch22: 23481-x86-SMEP.patch
Patch23: 23504-x86-SMEP-hvm.patch
Patch24: 23505-x86-cpu-add-arg-check.patch
Patch25: 23508-vmx-proc-based-ctls-probe.patch
Patch26: 23510-hvm-cpuid-DRNG.patch
Patch27: 23511-amd-fam15-no-flush-for-C3.patch
Patch28: 23516-cpuid-ERMS.patch
Patch29: 23538-hvm-pio-emul-no-host-crash.patch
Patch30: 23539-hvm-cpuid-FSGSBASE.patch
Patch31: 23543-x86_64-maddr_to_virt-assertion.patch
Patch32: 23546-fucomip.patch
# Upstream qemu patches
# Our patches
Patch300: xen-config.diff
@ -632,6 +645,19 @@ tar xfj %{SOURCE2} -C $RPM_BUILD_DIR/%{xen_build_dir}/tools
%patch17 -p1
%patch18 -p1
%patch19 -p1
%patch20 -p1
%patch21 -p1
%patch22 -p1
%patch23 -p1
%patch24 -p1
%patch25 -p1
%patch26 -p1
%patch27 -p1
%patch28 -p1
%patch29 -p1
%patch30 -p1
%patch31 -p1
%patch32 -p1
%patch300 -p1
%patch301 -p1
%patch302 -p1