diff --git a/23338-vtd-force-intremap.patch b/23338-vtd-force-intremap.patch deleted file mode 100644 index 8631c70..0000000 --- a/23338-vtd-force-intremap.patch +++ /dev/null @@ -1,38 +0,0 @@ -# HG changeset patch -# User Keir Fraser -# Date 1305214920 -3600 -# Node ID 9751bc49639ec4e34837545cdc982d0768e46d94 -# Parent cc91832a02c7cb6b09729ca8e9fc497e5cb2ba4d -vt-d: [CVE-2011-1898] Ensure that "iommu=required" enables interrupt remapping. - -Ensure that when Xen boots with "iommu=required" it will also insist -that interrupt remapping is supported and enabled. It arranges that -booting with that option on vulnerable hardware will fail, rather than -appearing to succeed but actually being vulnerable to guests. - -From: Allen Kay -Signed-off-by: Keir Fraser - -Index: xen-4.1.1-testing/xen/drivers/passthrough/vtd/iommu.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/drivers/passthrough/vtd/iommu.c -+++ xen-4.1.1-testing/xen/drivers/passthrough/vtd/iommu.c -@@ -1985,6 +1985,8 @@ static int init_vtd_hw(void) - "ioapic_to_iommu: ioapic 0x%x (id: 0x%x) is NULL! " - "Will not try to enable Interrupt Remapping.\n", - apic, IO_APIC_ID(apic)); -+ if ( force_iommu ) -+ panic("intremap remapping failed to enable with iommu=required/force in grub\n"); - break; - } - } -@@ -1999,6 +2001,9 @@ static int init_vtd_hw(void) - iommu_intremap = 0; - dprintk(XENLOG_WARNING VTDPREFIX, - "Interrupt Remapping not enabled\n"); -+ -+ if ( force_iommu && platform_supports_intremap() ) -+ panic("intremap remapping failed to enable with iommu=required/force in grub\n"); - break; - } - } diff --git a/23383-libxc-rm-static-vars.patch b/23383-libxc-rm-static-vars.patch new file mode 100644 index 0000000..5b0b663 --- /dev/null +++ b/23383-libxc-rm-static-vars.patch @@ -0,0 +1,78 @@ +# HG changeset patch +# User Ian Campbell +# Date 1306228450 -3600 +# Node ID 23b423a3955785c9a8679c3a877c3472066a2e1f +# Parent ba8da39c67298b19c2c277e5794981b7f23bedf2 +libxc: save/restore: remove static context variables + +20544:ad9d75d74bd5 and 20545:cc7d66ba0dad seemingly intended to change these +global static variables into stack variables but didn't remove the static +qualifier. + +Also zero the entire struct once with memset rather than clearing fields +piecemeal in two different places. + +Signed-off-by: Ian Campbell +Acked-by: Ian Jackson +Committed-by: Ian Jackson +Acked-by: Vincent Hanquez + +Index: xen-4.1.1-testing/tools/libxc/xc_domain_restore.c +=================================================================== +--- xen-4.1.1-testing.orig/tools/libxc/xc_domain_restore.c ++++ xen-4.1.1-testing/tools/libxc/xc_domain_restore.c +@@ -1134,23 +1134,19 @@ int xc_domain_restore(xc_interface *xch, + + int orig_io_fd_flags; + +- static struct restore_ctx _ctx = { +- .live_p2m = NULL, +- .p2m = NULL, +- }; +- static struct restore_ctx *ctx = &_ctx; ++ struct restore_ctx _ctx; ++ struct restore_ctx *ctx = &_ctx; + struct domain_info_context *dinfo = &ctx->dinfo; + + pagebuf_init(&pagebuf); + memset(&tailbuf, 0, sizeof(tailbuf)); + tailbuf.ishvm = hvm; + +- /* For info only */ +- ctx->nr_pfns = 0; +- + if ( superpages ) + return 1; + ++ memset(ctx, 0, sizeof(*ctx)); ++ + ctxt = xc_hypercall_buffer_alloc(xch, ctxt, sizeof(*ctxt)); + + if ( ctxt == NULL ) +Index: xen-4.1.1-testing/tools/libxc/xc_domain_save.c +=================================================================== +--- xen-4.1.1-testing.orig/tools/libxc/xc_domain_save.c ++++ xen-4.1.1-testing/tools/libxc/xc_domain_save.c +@@ -958,11 +958,8 @@ int xc_domain_save(xc_interface *xch, in + unsigned long mfn; + + struct outbuf ob; +- static struct save_ctx _ctx = { +- .live_p2m = NULL, +- .live_m2p = NULL, +- }; +- static struct save_ctx *ctx = &_ctx; ++ struct save_ctx _ctx; ++ struct save_ctx *ctx = &_ctx; + struct domain_info_context *dinfo = &ctx->dinfo; + + int completed = 0; +@@ -976,6 +973,8 @@ int xc_domain_save(xc_interface *xch, in + + outbuf_init(xch, &ob, OUTBUF_SIZE); + ++ memset(ctx, 0, sizeof(*ctx)); ++ + /* If no explicit control parameters given, use defaults */ + max_iters = max_iters ? : DEF_MAX_ITERS; + max_factor = max_factor ? : DEF_MAX_FACTOR; diff --git a/23437-amd-fam15-TSC-scaling.patch b/23437-amd-fam15-TSC-scaling.patch new file mode 100644 index 0000000..7b8a74b --- /dev/null +++ b/23437-amd-fam15-TSC-scaling.patch @@ -0,0 +1,125 @@ +References: FATE#309901 + +# HG changeset patch +# User Wei Huang +# Date 1306569488 -3600 +# Node ID d7c755c25bb9d6ed77d64cb6736b6c4f339db1bf +# Parent f6ce871e568949f5817470f6c7bab6ed1f8f6c13 +HVM/SVM: enable tsc scaling ratio for SVM + +Future AMD CPUs support TSC scaling. It allows guests to have a +different TSC frequency from host system using this formula: guest_tsc += host_tsc * tsc_ratio + vmcb_offset. The tsc_ratio is a 64bit MSR +contains a fixed-point number in 8.32 format (8 bits for integer part +and 32bits for fractional part). For instance 0x00000003_80000000 +means tsc_ratio=3.5. + +This patch enables TSC scaling ratio for SVM. With it, guest VMs don't +need take #VMEXIT to calculate a translated TSC value when it is +running under TSC emulation mode. This can substancially reduce the +rdtsc overhead. + +Signed-off-by: Wei Huang + +--- a/xen/arch/x86/hvm/svm/svm.c ++++ b/xen/arch/x86/hvm/svm/svm.c +@@ -588,6 +588,22 @@ static void svm_set_segment_register(str + static void svm_set_tsc_offset(struct vcpu *v, u64 offset) + { + struct vmcb_struct *vmcb = v->arch.hvm_svm.vmcb; ++ struct domain *d = v->domain; ++ ++ /* Re-adjust the offset value when TSC_RATIO is available */ ++ if ( cpu_has_tsc_ratio && d->arch.vtsc ) ++ { ++ uint64_t host_tsc, guest_tsc; ++ ++ rdtscll(host_tsc); ++ guest_tsc = hvm_get_guest_tsc(v); ++ ++ /* calculate hi,lo parts in 64bits to prevent overflow */ ++ offset = (((host_tsc >> 32) * d->arch.tsc_khz / cpu_khz) << 32) + ++ (host_tsc & 0xffffffffULL) * d->arch.tsc_khz / cpu_khz; ++ offset = guest_tsc - offset; ++ } ++ + vmcb_set_tsc_offset(vmcb, offset); + } + +@@ -638,6 +654,19 @@ static void svm_init_hypercall_page(stru + *(u16 *)(hypercall_page + (__HYPERVISOR_iret * 32)) = 0x0b0f; /* ud2 */ + } + ++static inline void svm_tsc_ratio_save(struct vcpu *v) ++{ ++ /* Other vcpus might not have vtsc enabled. So disable TSC_RATIO here. */ ++ if ( cpu_has_tsc_ratio && v->domain->arch.vtsc ) ++ wrmsrl(MSR_AMD64_TSC_RATIO, DEFAULT_TSC_RATIO); ++} ++ ++static inline void svm_tsc_ratio_load(struct vcpu *v) ++{ ++ if ( cpu_has_tsc_ratio && v->domain->arch.vtsc ) ++ wrmsrl(MSR_AMD64_TSC_RATIO, vcpu_tsc_ratio(v)); ++} ++ + static void svm_ctxt_switch_from(struct vcpu *v) + { + int cpu = smp_processor_id(); +@@ -646,6 +675,7 @@ static void svm_ctxt_switch_from(struct + + svm_save_dr(v); + vpmu_save(v); ++ svm_tsc_ratio_save(v); + + svm_sync_vmcb(v); + svm_vmload(per_cpu(root_vmcb, cpu)); +@@ -689,6 +719,7 @@ static void svm_ctxt_switch_to(struct vc + svm_vmload(vmcb); + vmcb->cleanbits.bytes = 0; + vpmu_load(v); ++ svm_tsc_ratio_load(v); + + if ( cpu_has_rdtscp ) + wrmsrl(MSR_TSC_AUX, hvm_msr_tsc_aux(v)); +--- a/xen/arch/x86/hvm/svm/vmcb.c ++++ b/xen/arch/x86/hvm/svm/vmcb.c +@@ -165,7 +165,9 @@ static int construct_vmcb(struct vcpu *v + + /* TSC. */ + vmcb->_tsc_offset = 0; +- if ( v->domain->arch.vtsc ) ++ ++ /* Don't need to intercept RDTSC if CPU supports TSC rate scaling */ ++ if ( v->domain->arch.vtsc && !cpu_has_tsc_ratio ) + { + vmcb->_general1_intercepts |= GENERAL1_INTERCEPT_RDTSC; + vmcb->_general2_intercepts |= GENERAL2_INTERCEPT_RDTSCP; +--- a/xen/include/asm-x86/hvm/svm/svm.h ++++ b/xen/include/asm-x86/hvm/svm/svm.h +@@ -91,5 +91,13 @@ extern u32 svm_feature_flags; + #define cpu_has_svm_cleanbits cpu_has_svm_feature(SVM_FEATURE_VMCBCLEAN) + #define cpu_has_svm_decode cpu_has_svm_feature(SVM_FEATURE_DECODEASSISTS) + #define cpu_has_pause_filter cpu_has_svm_feature(SVM_FEATURE_PAUSEFILTER) ++#define cpu_has_tsc_ratio cpu_has_svm_feature(SVM_FEATURE_TSCRATEMSR) ++ ++/* TSC rate */ ++#define DEFAULT_TSC_RATIO 0x0000000100000000ULL ++#define TSC_RATIO_RSVD_BITS 0xffffff0000000000ULL ++#define TSC_RATIO(g_khz, h_khz) ( (((u64)(g_khz)<<32)/(u64)(h_khz)) & \ ++ ~TSC_RATIO_RSVD_BITS ) ++#define vcpu_tsc_ratio(v) TSC_RATIO((v)->domain->arch.tsc_khz, cpu_khz) + + #endif /* __ASM_X86_HVM_SVM_H__ */ +--- a/xen/include/asm-x86/msr-index.h ++++ b/xen/include/asm-x86/msr-index.h +@@ -266,6 +266,9 @@ + #define MSR_AMD_PATCHLEVEL 0x0000008b + #define MSR_AMD_PATCHLOADER 0xc0010020 + ++/* AMD TSC RATE MSR */ ++#define MSR_AMD64_TSC_RATIO 0xc0000104 ++ + /* AMD OS Visible Workaround MSRs */ + #define MSR_AMD_OSVW_ID_LENGTH 0xc0010140 + #define MSR_AMD_OSVW_STATUS 0xc0010141 diff --git a/23462-libxc-cpu-feature.patch b/23462-libxc-cpu-feature.patch new file mode 100644 index 0000000..c2566fd --- /dev/null +++ b/23462-libxc-cpu-feature.patch @@ -0,0 +1,277 @@ +References: FATE#311951 + +# HG changeset patch +# User Keir Fraser +# Date 1307023264 -3600 +# Node ID 4804af7048cafecfc014c30cfea374eb0a0360e8 +# Parent 5839e797a1307fceffcd0b9ad35ed31644378b47 +libxc: Simplify and clean up xc_cpufeature.h + + * Remove Linux-private defns with no direct relation to CPUID + * Remove word offsets into Linux-defined cpu_caps array + * Hard tabs -> soft tabs + +Signed-off-by: Keir Fraser + +# HG changeset patch +# User Keir Fraser +# Date 1307118421 -3600 +# Node ID bcd2476c2e2d00dc6371e52fbff66fe3178b7944 +# Parent 55c5eff9bf84d4c5f3463c01f038edc1c46f30bc +libxc: Don't refer to meaningless 'word offsets' in xc_cpufeature.h + +Signed-off-by: Keir Fraser + +--- a/tools/libxc/xc_cpufeature.h ++++ b/tools/libxc/xc_cpufeature.h +@@ -17,131 +17,112 @@ + #ifndef __LIBXC_CPUFEATURE_H + #define __LIBXC_CPUFEATURE_H + +-/* Intel-defined CPU features, CPUID level 0x00000001 (edx), word 0 */ +-#define X86_FEATURE_FPU (0*32+ 0) /* Onboard FPU */ +-#define X86_FEATURE_VME (0*32+ 1) /* Virtual Mode Extensions */ +-#define X86_FEATURE_DE (0*32+ 2) /* Debugging Extensions */ +-#define X86_FEATURE_PSE (0*32+ 3) /* Page Size Extensions */ +-#define X86_FEATURE_TSC (0*32+ 4) /* Time Stamp Counter */ +-#define X86_FEATURE_MSR (0*32+ 5) /* Model-Specific Registers, RDMSR, WRMSR */ +-#define X86_FEATURE_PAE (0*32+ 6) /* Physical Address Extensions */ +-#define X86_FEATURE_MCE (0*32+ 7) /* Machine Check Architecture */ +-#define X86_FEATURE_CX8 (0*32+ 8) /* CMPXCHG8 instruction */ +-#define X86_FEATURE_APIC (0*32+ 9) /* Onboard APIC */ +-#define X86_FEATURE_SEP (0*32+11) /* SYSENTER/SYSEXIT */ +-#define X86_FEATURE_MTRR (0*32+12) /* Memory Type Range Registers */ +-#define X86_FEATURE_PGE (0*32+13) /* Page Global Enable */ +-#define X86_FEATURE_MCA (0*32+14) /* Machine Check Architecture */ +-#define X86_FEATURE_CMOV (0*32+15) /* CMOV instruction (FCMOVCC and FCOMI too if FPU present) */ +-#define X86_FEATURE_PAT (0*32+16) /* Page Attribute Table */ +-#define X86_FEATURE_PSE36 (0*32+17) /* 36-bit PSEs */ +-#define X86_FEATURE_PN (0*32+18) /* Processor serial number */ +-#define X86_FEATURE_CLFLSH (0*32+19) /* Supports the CLFLUSH instruction */ +-#define X86_FEATURE_DS (0*32+21) /* Debug Store */ +-#define X86_FEATURE_ACPI (0*32+22) /* ACPI via MSR */ +-#define X86_FEATURE_MMX (0*32+23) /* Multimedia Extensions */ +-#define X86_FEATURE_FXSR (0*32+24) /* FXSAVE and FXRSTOR instructions (fast save and restore */ +- /* of FPU context), and CR4.OSFXSR available */ +-#define X86_FEATURE_XMM (0*32+25) /* Streaming SIMD Extensions */ +-#define X86_FEATURE_XMM2 (0*32+26) /* Streaming SIMD Extensions-2 */ +-#define X86_FEATURE_SELFSNOOP (0*32+27) /* CPU self snoop */ +-#define X86_FEATURE_HT (0*32+28) /* Hyper-Threading */ +-#define X86_FEATURE_ACC (0*32+29) /* Automatic clock control */ +-#define X86_FEATURE_IA64 (0*32+30) /* IA-64 processor */ +-#define X86_FEATURE_PBE (0*32+31) /* Pending Break Enable */ ++/* Intel-defined CPU features, CPUID level 0x00000001 (edx) */ ++#define X86_FEATURE_FPU 0 /* Onboard FPU */ ++#define X86_FEATURE_VME 1 /* Virtual Mode Extensions */ ++#define X86_FEATURE_DE 2 /* Debugging Extensions */ ++#define X86_FEATURE_PSE 3 /* Page Size Extensions */ ++#define X86_FEATURE_TSC 4 /* Time Stamp Counter */ ++#define X86_FEATURE_MSR 5 /* Model-Specific Registers, RDMSR, WRMSR */ ++#define X86_FEATURE_PAE 6 /* Physical Address Extensions */ ++#define X86_FEATURE_MCE 7 /* Machine Check Architecture */ ++#define X86_FEATURE_CX8 8 /* CMPXCHG8 instruction */ ++#define X86_FEATURE_APIC 9 /* Onboard APIC */ ++#define X86_FEATURE_SEP 11 /* SYSENTER/SYSEXIT */ ++#define X86_FEATURE_MTRR 12 /* Memory Type Range Registers */ ++#define X86_FEATURE_PGE 13 /* Page Global Enable */ ++#define X86_FEATURE_MCA 14 /* Machine Check Architecture */ ++#define X86_FEATURE_CMOV 15 /* CMOV instruction */ ++#define X86_FEATURE_PAT 16 /* Page Attribute Table */ ++#define X86_FEATURE_PSE36 17 /* 36-bit PSEs */ ++#define X86_FEATURE_PN 18 /* Processor serial number */ ++#define X86_FEATURE_CLFLSH 19 /* Supports the CLFLUSH instruction */ ++#define X86_FEATURE_DS 21 /* Debug Store */ ++#define X86_FEATURE_ACPI 22 /* ACPI via MSR */ ++#define X86_FEATURE_MMX 23 /* Multimedia Extensions */ ++#define X86_FEATURE_FXSR 24 /* FXSAVE and FXRSTOR instructions */ ++#define X86_FEATURE_XMM 25 /* Streaming SIMD Extensions */ ++#define X86_FEATURE_XMM2 26 /* Streaming SIMD Extensions-2 */ ++#define X86_FEATURE_SELFSNOOP 27 /* CPU self snoop */ ++#define X86_FEATURE_HT 28 /* Hyper-Threading */ ++#define X86_FEATURE_ACC 29 /* Automatic clock control */ ++#define X86_FEATURE_IA64 30 /* IA-64 processor */ ++#define X86_FEATURE_PBE 31 /* Pending Break Enable */ + +-/* AMD-defined CPU features, CPUID level 0x80000001, word 1 */ ++/* AMD-defined CPU features, CPUID level 0x80000001 */ + /* Don't duplicate feature flags which are redundant with Intel! */ +-#define X86_FEATURE_SYSCALL (1*32+11) /* SYSCALL/SYSRET */ +-#define X86_FEATURE_MP (1*32+19) /* MP Capable. */ +-#define X86_FEATURE_NX (1*32+20) /* Execute Disable */ +-#define X86_FEATURE_MMXEXT (1*32+22) /* AMD MMX extensions */ +-#define X86_FEATURE_FFXSR (1*32+25) /* FFXSR instruction optimizations */ +-#define X86_FEATURE_PAGE1GB (1*32+26) /* 1Gb large page support */ +-#define X86_FEATURE_RDTSCP (1*32+27) /* RDTSCP */ +-#define X86_FEATURE_LM (1*32+29) /* Long Mode (x86-64) */ +-#define X86_FEATURE_3DNOWEXT (1*32+30) /* AMD 3DNow! extensions */ +-#define X86_FEATURE_3DNOW (1*32+31) /* 3DNow! */ +- +-/* Transmeta-defined CPU features, CPUID level 0x80860001, word 2 */ +-#define X86_FEATURE_RECOVERY (2*32+ 0) /* CPU in recovery mode */ +-#define X86_FEATURE_LONGRUN (2*32+ 1) /* Longrun power control */ +-#define X86_FEATURE_LRTI (2*32+ 3) /* LongRun table interface */ +- +-/* Other features, Linux-defined mapping, word 3 */ +-/* This range is used for feature bits which conflict or are synthesized */ +-#define X86_FEATURE_CXMMX (3*32+ 0) /* Cyrix MMX extensions */ +-#define X86_FEATURE_K6_MTRR (3*32+ 1) /* AMD K6 nonstandard MTRRs */ +-#define X86_FEATURE_CYRIX_ARR (3*32+ 2) /* Cyrix ARRs (= MTRRs) */ +-#define X86_FEATURE_CENTAUR_MCR (3*32+ 3) /* Centaur MCRs (= MTRRs) */ +-/* cpu types for specific tunings: */ +-#define X86_FEATURE_K8 (3*32+ 4) /* Opteron, Athlon64 */ +-#define X86_FEATURE_K7 (3*32+ 5) /* Athlon */ +-#define X86_FEATURE_P3 (3*32+ 6) /* P3 */ +-#define X86_FEATURE_P4 (3*32+ 7) /* P4 */ +-#define X86_FEATURE_CONSTANT_TSC (3*32+ 8) /* TSC ticks at a constant rate */ +- +-/* Intel-defined CPU features, CPUID level 0x00000001 (ecx), word 4 */ +-#define X86_FEATURE_XMM3 (4*32+ 0) /* Streaming SIMD Extensions-3 */ +-#define X86_FEATURE_PCLMULQDQ (4*32+ 1) /* Carry-less multiplication */ +-#define X86_FEATURE_DTES64 (4*32+ 2) /* 64-bit Debug Store */ +-#define X86_FEATURE_MWAIT (4*32+ 3) /* Monitor/Mwait support */ +-#define X86_FEATURE_DSCPL (4*32+ 4) /* CPL Qualified Debug Store */ +-#define X86_FEATURE_VMXE (4*32+ 5) /* Virtual Machine Extensions */ +-#define X86_FEATURE_SMXE (4*32+ 6) /* Safer Mode Extensions */ +-#define X86_FEATURE_EST (4*32+ 7) /* Enhanced SpeedStep */ +-#define X86_FEATURE_TM2 (4*32+ 8) /* Thermal Monitor 2 */ +-#define X86_FEATURE_SSSE3 (4*32+ 9) /* Supplemental Streaming SIMD Extensions-3 */ +-#define X86_FEATURE_CID (4*32+10) /* Context ID */ +-#define X86_FEATURE_CX16 (4*32+13) /* CMPXCHG16B */ +-#define X86_FEATURE_XTPR (4*32+14) /* Send Task Priority Messages */ +-#define X86_FEATURE_PDCM (4*32+15) /* Perf/Debug Capability MSR */ +-#define X86_FEATURE_DCA (4*32+18) /* Direct Cache Access */ +-#define X86_FEATURE_SSE4_1 (4*32+19) /* Streaming SIMD Extensions 4.1 */ +-#define X86_FEATURE_SSE4_2 (4*32+20) /* Streaming SIMD Extensions 4.2 */ +-#define X86_FEATURE_X2APIC (4*32+21) /* x2APIC */ +-#define X86_FEATURE_POPCNT (4*32+23) /* POPCNT instruction */ +-#define X86_FEATURE_TSC_DEADLINE (4*32+24) /* "tdt" TSC Deadline Timer */ +-#define X86_FEATURE_AES (4*32+25) /* AES acceleration instructions */ +-#define X86_FEATURE_XSAVE (4*32+26) /* XSAVE/XRSTOR/XSETBV/XGETBV */ +-#define X86_FEATURE_AVX (4*32+28) /* Advanced Vector Extensions */ +-#define X86_FEATURE_F16C (4*32+29) /* Half-precision convert instruction */ +-#define X86_FEATURE_HYPERVISOR (4*32+31) /* Running under some hypervisor */ +- +-/* VIA/Cyrix/Centaur-defined CPU features, CPUID level 0xC0000001, word 5 */ +-#define X86_FEATURE_XSTORE (5*32+ 2) /* on-CPU RNG present (xstore insn) */ +-#define X86_FEATURE_XSTORE_EN (5*32+ 3) /* on-CPU RNG enabled */ +-#define X86_FEATURE_XCRYPT (5*32+ 6) /* on-CPU crypto (xcrypt insn) */ +-#define X86_FEATURE_XCRYPT_EN (5*32+ 7) /* on-CPU crypto enabled */ +-#define X86_FEATURE_ACE2 (5*32+ 8) /* Advanced Cryptography Engine v2 */ +-#define X86_FEATURE_ACE2_EN (5*32+ 9) /* ACE v2 enabled */ +-#define X86_FEATURE_PHE (5*32+ 10) /* PadLock Hash Engine */ +-#define X86_FEATURE_PHE_EN (5*32+ 11) /* PHE enabled */ +-#define X86_FEATURE_PMM (5*32+ 12) /* PadLock Montgomery Multiplier */ +-#define X86_FEATURE_PMM_EN (5*32+ 13) /* PMM enabled */ +- +-/* More extended AMD flags: CPUID level 0x80000001, ecx, word 6 */ +-#define X86_FEATURE_LAHF_LM (6*32+ 0) /* LAHF/SAHF in long mode */ +-#define X86_FEATURE_CMP_LEGACY (6*32+ 1) /* If yes HyperThreading not valid */ +-#define X86_FEATURE_SVM (6*32+ 2) /* Secure virtual machine */ +-#define X86_FEATURE_EXTAPIC (6*32+ 3) /* Extended APIC space */ +-#define X86_FEATURE_CR8_LEGACY (6*32+ 4) /* CR8 in 32-bit mode */ +-#define X86_FEATURE_ABM (6*32+ 5) /* Advanced bit manipulation */ +-#define X86_FEATURE_SSE4A (6*32+ 6) /* SSE-4A */ +-#define X86_FEATURE_MISALIGNSSE (6*32+ 7) /* Misaligned SSE mode */ +-#define X86_FEATURE_3DNOWPREFETCH (6*32+ 8) /* 3DNow prefetch instructions */ +-#define X86_FEATURE_OSVW (6*32+ 9) /* OS Visible Workaround */ +-#define X86_FEATURE_IBS (6*32+10) /* Instruction Based Sampling */ +-#define X86_FEATURE_XOP (6*32+11) /* extended AVX instructions */ +-#define X86_FEATURE_SKINIT (6*32+12) /* SKINIT/STGI instructions */ +-#define X86_FEATURE_WDT (6*32+13) /* Watchdog timer */ +-#define X86_FEATURE_LWP (6*32+15) /* Light Weight Profiling */ +-#define X86_FEATURE_FMA4 (6*32+16) /* 4 operands MAC instructions */ +-#define X86_FEATURE_NODEID_MSR (6*32+19) /* NodeId MSR */ +-#define X86_FEATURE_TBM (6*32+21) /* trailing bit manipulations */ +-#define X86_FEATURE_TOPOEXT (6*32+22) /* topology extensions CPUID leafs */ ++#define X86_FEATURE_SYSCALL 11 /* SYSCALL/SYSRET */ ++#define X86_FEATURE_MP 19 /* MP Capable. */ ++#define X86_FEATURE_NX 20 /* Execute Disable */ ++#define X86_FEATURE_MMXEXT 22 /* AMD MMX extensions */ ++#define X86_FEATURE_FFXSR 25 /* FFXSR instruction optimizations */ ++#define X86_FEATURE_PAGE1GB 26 /* 1Gb large page support */ ++#define X86_FEATURE_RDTSCP 27 /* RDTSCP */ ++#define X86_FEATURE_LM 29 /* Long Mode (x86-64) */ ++#define X86_FEATURE_3DNOWEXT 30 /* AMD 3DNow! extensions */ ++#define X86_FEATURE_3DNOW 31 /* 3DNow! */ ++ ++/* Intel-defined CPU features, CPUID level 0x00000001 (ecx) */ ++#define X86_FEATURE_XMM3 0 /* Streaming SIMD Extensions-3 */ ++#define X86_FEATURE_PCLMULQDQ 1 /* Carry-less multiplication */ ++#define X86_FEATURE_DTES64 2 /* 64-bit Debug Store */ ++#define X86_FEATURE_MWAIT 3 /* Monitor/Mwait support */ ++#define X86_FEATURE_DSCPL 4 /* CPL Qualified Debug Store */ ++#define X86_FEATURE_VMXE 5 /* Virtual Machine Extensions */ ++#define X86_FEATURE_SMXE 6 /* Safer Mode Extensions */ ++#define X86_FEATURE_EST 7 /* Enhanced SpeedStep */ ++#define X86_FEATURE_TM2 8 /* Thermal Monitor 2 */ ++#define X86_FEATURE_SSSE3 9 /* Supplemental Streaming SIMD Exts-3 */ ++#define X86_FEATURE_CID 10 /* Context ID */ ++#define X86_FEATURE_CX16 13 /* CMPXCHG16B */ ++#define X86_FEATURE_XTPR 14 /* Send Task Priority Messages */ ++#define X86_FEATURE_PDCM 15 /* Perf/Debug Capability MSR */ ++#define X86_FEATURE_DCA 18 /* Direct Cache Access */ ++#define X86_FEATURE_SSE4_1 19 /* Streaming SIMD Extensions 4.1 */ ++#define X86_FEATURE_SSE4_2 20 /* Streaming SIMD Extensions 4.2 */ ++#define X86_FEATURE_X2APIC 21 /* x2APIC */ ++#define X86_FEATURE_POPCNT 23 /* POPCNT instruction */ ++#define X86_FEATURE_TSC_DEADLINE 24 /* "tdt" TSC Deadline Timer */ ++#define X86_FEATURE_AES 25 /* AES acceleration instructions */ ++#define X86_FEATURE_XSAVE 26 /* XSAVE/XRSTOR/XSETBV/XGETBV */ ++#define X86_FEATURE_AVX 28 /* Advanced Vector Extensions */ ++#define X86_FEATURE_F16C 29 /* Half-precision convert instruction */ ++#define X86_FEATURE_HYPERVISOR 31 /* Running under some hypervisor */ ++ ++/* VIA/Cyrix/Centaur-defined CPU features, CPUID level 0xC0000001 */ ++#define X86_FEATURE_XSTORE 2 /* on-CPU RNG present (xstore insn) */ ++#define X86_FEATURE_XSTORE_EN 3 /* on-CPU RNG enabled */ ++#define X86_FEATURE_XCRYPT 6 /* on-CPU crypto (xcrypt insn) */ ++#define X86_FEATURE_XCRYPT_EN 7 /* on-CPU crypto enabled */ ++#define X86_FEATURE_ACE2 8 /* Advanced Cryptography Engine v2 */ ++#define X86_FEATURE_ACE2_EN 9 /* ACE v2 enabled */ ++#define X86_FEATURE_PHE 10 /* PadLock Hash Engine */ ++#define X86_FEATURE_PHE_EN 11 /* PHE enabled */ ++#define X86_FEATURE_PMM 12 /* PadLock Montgomery Multiplier */ ++#define X86_FEATURE_PMM_EN 13 /* PMM enabled */ ++ ++/* More extended AMD flags: CPUID level 0x80000001, ecx */ ++#define X86_FEATURE_LAHF_LM 0 /* LAHF/SAHF in long mode */ ++#define X86_FEATURE_CMP_LEGACY 1 /* If yes HyperThreading not valid */ ++#define X86_FEATURE_SVM 2 /* Secure virtual machine */ ++#define X86_FEATURE_EXTAPIC 3 /* Extended APIC space */ ++#define X86_FEATURE_CR8_LEGACY 4 /* CR8 in 32-bit mode */ ++#define X86_FEATURE_ABM 5 /* Advanced bit manipulation */ ++#define X86_FEATURE_SSE4A 6 /* SSE-4A */ ++#define X86_FEATURE_MISALIGNSSE 7 /* Misaligned SSE mode */ ++#define X86_FEATURE_3DNOWPREFETCH 8 /* 3DNow prefetch instructions */ ++#define X86_FEATURE_OSVW 9 /* OS Visible Workaround */ ++#define X86_FEATURE_IBS 10 /* Instruction Based Sampling */ ++#define X86_FEATURE_XOP 11 /* extended AVX instructions */ ++#define X86_FEATURE_SKINIT 12 /* SKINIT/STGI instructions */ ++#define X86_FEATURE_WDT 13 /* Watchdog timer */ ++#define X86_FEATURE_LWP 15 /* Light Weight Profiling */ ++#define X86_FEATURE_FMA4 16 /* 4 operands MAC instructions */ ++#define X86_FEATURE_NODEID_MSR 19 /* NodeId MSR */ ++#define X86_FEATURE_TBM 21 /* trailing bit manipulations */ ++#define X86_FEATURE_TOPOEXT 22 /* topology extensions CPUID leafs */ + +-/* Intel-defined CPU features, CPUID level 0x00000007:0 (ebx), word 9 */ +-#define X86_FEATURE_FSGSBASE (7*32+ 0) /* {RD,WR}{FS,GS}BASE instructions */ ++/* Intel-defined CPU features, CPUID level 0x00000007:0 (ebx) */ ++#define X86_FEATURE_FSGSBASE 0 /* {RD,WR}{FS,GS}BASE instructions */ + + #endif /* __LIBXC_CPUFEATURE_H */ +--- a/tools/libxc/xc_cpuid_x86.c ++++ b/tools/libxc/xc_cpuid_x86.c +@@ -25,9 +25,9 @@ + #include "xc_cpufeature.h" + #include + +-#define bitmaskof(idx) (1u << ((idx) & 31)) +-#define clear_bit(idx, dst) ((dst) &= ~(1u << ((idx) & 31))) +-#define set_bit(idx, dst) ((dst) |= (1u << ((idx) & 31))) ++#define bitmaskof(idx) (1u << (idx)) ++#define clear_bit(idx, dst) ((dst) &= ~(1u << (idx))) ++#define set_bit(idx, dst) ((dst) |= (1u << (idx))) + + #define DEF_MAX_BASE 0x0000000du + #define DEF_MAX_EXT 0x80000008u diff --git a/23481-x86-SMEP.patch b/23481-x86-SMEP.patch new file mode 100644 index 0000000..6297f7c --- /dev/null +++ b/23481-x86-SMEP.patch @@ -0,0 +1,284 @@ +References: FATE#311951 + +# HG changeset patch +# User Keir Fraser +# Date 1307133540 -3600 +# Node ID 0c0884fd8b494932a4b707e339cbe1b881d09103 +# Parent bcd2476c2e2d00dc6371e52fbff66fe3178b7944 +x86: Enable Supervisor Mode Execution Protection (SMEP) + +Intel new CPU supports SMEP (Supervisor Mode Execution +Protection). SMEP prevents software operating with CPL < 3 (supervisor +mode) from fetching instructions from any linear address with a valid +translation for which the U/S flag (bit 2) is 1 in every +paging-structure entry controlling the translation for the linear +address. + +This patch enables SMEP in Xen to protect Xen hypervisor from +executing pv guest instructions, whose translation paging-structure +entries' U/S flags are all set. + +Signed-off-by: Yang Wei +Signed-off-by: Shan Haitao +Signed-off-by: Li Xin +Signed-off-by: Keir Fraser + +--- a/xen/arch/x86/setup.c ++++ b/xen/arch/x86/setup.c +@@ -61,6 +61,10 @@ integer_param("maxcpus", max_cpus); + static bool_t __initdata opt_watchdog; + boolean_param("watchdog", opt_watchdog); + ++/* smep: Enable/disable Supervisor Mode Execution Protection (default on). */ ++static bool_t __initdata disable_smep; ++invbool_param("smep", disable_smep); ++ + /* **** Linux config option: propagated to domain0. */ + /* "acpi=off": Sisables both ACPI table parsing and interpreter. */ + /* "acpi=force": Override the disable blacklist. */ +@@ -1204,11 +1208,17 @@ void __init __start_xen(unsigned long mb + arch_init_memory(); + + identify_cpu(&boot_cpu_data); ++ + if ( cpu_has_fxsr ) + set_in_cr4(X86_CR4_OSFXSR); + if ( cpu_has_xmm ) + set_in_cr4(X86_CR4_OSXMMEXCPT); + ++ if ( disable_smep ) ++ setup_clear_cpu_cap(X86_FEATURE_SMEP); ++ if ( cpu_has_smep ) ++ set_in_cr4(X86_CR4_SMEP); ++ + local_irq_enable(); + + #ifdef CONFIG_X86_64 +--- a/xen/arch/x86/traps.c ++++ b/xen/arch/x86/traps.c +@@ -1136,7 +1136,13 @@ static int handle_gdt_ldt_mapping_fault( + (((va) >= HYPERVISOR_VIRT_START)) + #endif + +-static int __spurious_page_fault( ++enum pf_type { ++ real_fault, ++ smep_fault, ++ spurious_fault ++}; ++ ++static enum pf_type __page_fault_type( + unsigned long addr, unsigned int error_code) + { + unsigned long mfn, cr3 = read_cr3(); +@@ -1148,7 +1154,7 @@ static int __spurious_page_fault( + #endif + l2_pgentry_t l2e, *l2t; + l1_pgentry_t l1e, *l1t; +- unsigned int required_flags, disallowed_flags; ++ unsigned int required_flags, disallowed_flags, page_user; + + /* + * We do not take spurious page faults in IRQ handlers as we do not +@@ -1156,11 +1162,11 @@ static int __spurious_page_fault( + * map_domain_page() is not IRQ-safe. + */ + if ( in_irq() ) +- return 0; ++ return real_fault; + + /* Reserved bit violations are never spurious faults. */ + if ( error_code & PFEC_reserved_bit ) +- return 0; ++ return real_fault; + + required_flags = _PAGE_PRESENT; + if ( error_code & PFEC_write_access ) +@@ -1172,6 +1178,8 @@ static int __spurious_page_fault( + if ( error_code & PFEC_insn_fetch ) + disallowed_flags |= _PAGE_NX; + ++ page_user = _PAGE_USER; ++ + mfn = cr3 >> PAGE_SHIFT; + + #if CONFIG_PAGING_LEVELS >= 4 +@@ -1181,7 +1189,8 @@ static int __spurious_page_fault( + unmap_domain_page(l4t); + if ( ((l4e_get_flags(l4e) & required_flags) != required_flags) || + (l4e_get_flags(l4e) & disallowed_flags) ) +- return 0; ++ return real_fault; ++ page_user &= l4e_get_flags(l4e); + #endif + + #if CONFIG_PAGING_LEVELS >= 3 +@@ -1194,13 +1203,14 @@ static int __spurious_page_fault( + unmap_domain_page(l3t); + #if CONFIG_PAGING_LEVELS == 3 + if ( !(l3e_get_flags(l3e) & _PAGE_PRESENT) ) +- return 0; ++ return real_fault; + #else + if ( ((l3e_get_flags(l3e) & required_flags) != required_flags) || + (l3e_get_flags(l3e) & disallowed_flags) ) +- return 0; ++ return real_fault; ++ page_user &= l3e_get_flags(l3e); + if ( l3e_get_flags(l3e) & _PAGE_PSE ) +- return 1; ++ goto leaf; + #endif + #endif + +@@ -1210,9 +1220,10 @@ static int __spurious_page_fault( + unmap_domain_page(l2t); + if ( ((l2e_get_flags(l2e) & required_flags) != required_flags) || + (l2e_get_flags(l2e) & disallowed_flags) ) +- return 0; ++ return real_fault; ++ page_user &= l2e_get_flags(l2e); + if ( l2e_get_flags(l2e) & _PAGE_PSE ) +- return 1; ++ goto leaf; + + l1t = map_domain_page(mfn); + l1e = l1e_read_atomic(&l1t[l1_table_offset(addr)]); +@@ -1220,26 +1231,36 @@ static int __spurious_page_fault( + unmap_domain_page(l1t); + if ( ((l1e_get_flags(l1e) & required_flags) != required_flags) || + (l1e_get_flags(l1e) & disallowed_flags) ) +- return 0; ++ return real_fault; ++ page_user &= l1e_get_flags(l1e); + +- return 1; ++leaf: ++ /* ++ * Supervisor Mode Execution Protection (SMEP): ++ * Disallow supervisor execution from user-accessible mappings ++ */ ++ if ( (read_cr4() & X86_CR4_SMEP) && page_user && ++ ((error_code & (PFEC_insn_fetch|PFEC_user_mode)) == PFEC_insn_fetch) ) ++ return smep_fault; ++ ++ return spurious_fault; + } + +-static int spurious_page_fault( ++static enum pf_type spurious_page_fault( + unsigned long addr, unsigned int error_code) + { + unsigned long flags; +- int is_spurious; ++ enum pf_type pf_type; + + /* + * Disabling interrupts prevents TLB flushing, and hence prevents + * page tables from becoming invalid under our feet during the walk. + */ + local_irq_save(flags); +- is_spurious = __spurious_page_fault(addr, error_code); ++ pf_type = __page_fault_type(addr, error_code); + local_irq_restore(flags); + +- return is_spurious; ++ return pf_type; + } + + static int fixup_page_fault(unsigned long addr, struct cpu_user_regs *regs) +@@ -1314,6 +1335,7 @@ asmlinkage void do_page_fault(struct cpu + { + unsigned long addr, fixup; + unsigned int error_code; ++ enum pf_type pf_type; + + addr = read_cr2(); + +@@ -1329,7 +1351,9 @@ asmlinkage void do_page_fault(struct cpu + + if ( unlikely(!guest_mode(regs)) ) + { +- if ( spurious_page_fault(addr, error_code) ) ++ pf_type = spurious_page_fault(addr, error_code); ++ BUG_ON(pf_type == smep_fault); ++ if ( pf_type != real_fault ) + return; + + if ( likely((fixup = search_exception_table(regs->eip)) != 0) ) +@@ -1351,9 +1375,17 @@ asmlinkage void do_page_fault(struct cpu + error_code, _p(addr)); + } + +- if ( unlikely(current->domain->arch.suppress_spurious_page_faults +- && spurious_page_fault(addr, error_code)) ) +- return; ++ if ( unlikely(current->domain->arch.suppress_spurious_page_faults) ) ++ { ++ pf_type = spurious_page_fault(addr, error_code); ++ if ( pf_type == smep_fault ) ++ { ++ gdprintk(XENLOG_ERR, "Fatal SMEP fault\n"); ++ domain_crash(current->domain); ++ } ++ if ( pf_type != real_fault ) ++ return; ++ } + + propagate_page_fault(addr, regs->error_code); + } +--- a/xen/include/asm-x86/cpufeature.h ++++ b/xen/include/asm-x86/cpufeature.h +@@ -140,8 +140,9 @@ + #define X86_FEATURE_TBM (6*32+21) /* trailing bit manipulations */ + #define X86_FEATURE_TOPOEXT (6*32+22) /* topology extensions CPUID leafs */ + +-/* Intel-defined CPU features, CPUID level 0x00000007:0 (ebx), word 9 */ ++/* Intel-defined CPU features, CPUID level 0x00000007:0 (ebx), word 7 */ + #define X86_FEATURE_FSGSBASE (7*32+ 0) /* {RD,WR}{FS,GS}BASE instructions */ ++#define X86_FEATURE_SMEP (7*32+ 7) /* Supervisor Mode Execution Protection */ + + #define cpu_has(c, bit) test_bit(bit, (c)->x86_capability) + #define boot_cpu_has(bit) test_bit(bit, boot_cpu_data.x86_capability) +@@ -201,6 +202,8 @@ + #define cpu_has_fsgsbase boot_cpu_has(X86_FEATURE_FSGSBASE) + #endif + ++#define cpu_has_smep boot_cpu_has(X86_FEATURE_SMEP) ++ + #define cpu_has_ffxsr ((boot_cpu_data.x86_vendor == X86_VENDOR_AMD) \ + && boot_cpu_has(X86_FEATURE_FFXSR)) + +--- a/xen/include/asm-x86/domain.h ++++ b/xen/include/asm-x86/domain.h +@@ -462,12 +462,14 @@ unsigned long pv_guest_cr4_fixup(const s + /* Convert between guest-visible and real CR4 values. */ + #define pv_guest_cr4_to_real_cr4(v) \ + (((v)->arch.guest_context.ctrlreg[4] \ +- | (mmu_cr4_features & (X86_CR4_PGE | X86_CR4_PSE)) \ +- | ((v)->domain->arch.vtsc ? X86_CR4_TSD : 0) \ +- | ((xsave_enabled(v))? X86_CR4_OSXSAVE : 0)) \ +- & ~X86_CR4_DE) +-#define real_cr4_to_pv_guest_cr4(c) \ +- ((c) & ~(X86_CR4_PGE | X86_CR4_PSE | X86_CR4_TSD | X86_CR4_OSXSAVE)) ++ | (mmu_cr4_features \ ++ & (X86_CR4_PGE | X86_CR4_PSE | X86_CR4_SMEP)) \ ++ | ((v)->domain->arch.vtsc ? X86_CR4_TSD : 0) \ ++ | ((xsave_enabled(v))? X86_CR4_OSXSAVE : 0)) \ ++ & ~X86_CR4_DE) ++#define real_cr4_to_pv_guest_cr4(c) \ ++ ((c) & ~(X86_CR4_PGE | X86_CR4_PSE | X86_CR4_TSD \ ++ | X86_CR4_OSXSAVE | X86_CR4_SMEP)) + + void domain_cpuid(struct domain *d, + unsigned int input, +--- a/xen/include/asm-x86/processor.h ++++ b/xen/include/asm-x86/processor.h +@@ -85,6 +85,7 @@ + #define X86_CR4_SMXE 0x4000 /* enable SMX */ + #define X86_CR4_FSGSBASE 0x10000 /* enable {rd,wr}{fs,gs}base */ + #define X86_CR4_OSXSAVE 0x40000 /* enable XSAVE/XRSTOR */ ++#define X86_CR4_SMEP 0x100000/* enable SMEP */ + + /* + * Trap/fault mnemonics. diff --git a/23504-x86-SMEP-hvm.patch b/23504-x86-SMEP-hvm.patch new file mode 100644 index 0000000..5861b3b --- /dev/null +++ b/23504-x86-SMEP-hvm.patch @@ -0,0 +1,148 @@ +References: FATE#311951 + +# HG changeset patch +# User Tim Deegan +# Date 1307364408 -3600 +# Node ID c34604d5a29336d902837542b915d3b09b27a361 +# Parent 664c419b55681feb233b33e0028d0f0af371bedd +x86/hvm: add SMEP support to HVM guest + +Intel new CPU supports SMEP (Supervisor Mode Execution Protection). SMEP +prevents software operating with CPL < 3 (supervisor mode) from fetching +instructions from any linear address with a valid translation for which the U/S +flag (bit 2) is 1 in every paging-structure entry controlling the translation +for the linear address. + +This patch adds SMEP support to HVM guest. + +Signed-off-by: Yang Wei +Signed-off-by: Shan Haitao +Signed-off-by: Li Xin +Signed-off-by: Tim Deegan + +--- a/tools/libxc/xc_cpufeature.h ++++ b/tools/libxc/xc_cpufeature.h +@@ -124,5 +124,6 @@ + + /* Intel-defined CPU features, CPUID level 0x00000007:0 (ebx) */ + #define X86_FEATURE_FSGSBASE 0 /* {RD,WR}{FS,GS}BASE instructions */ ++#define X86_FEATURE_SMEP 7 /* Supervisor Mode Execution Protection */ + + #endif /* __LIBXC_CPUFEATURE_H */ +--- a/tools/libxc/xc_cpuid_x86.c ++++ b/tools/libxc/xc_cpuid_x86.c +@@ -300,6 +300,14 @@ static void xc_cpuid_hvm_policy( + clear_bit(X86_FEATURE_PAE, regs[3]); + break; + ++ case 0x00000007: /* Intel-defined CPU features */ ++ if ( input[1] == 0 ) { ++ regs[1] &= bitmaskof(X86_FEATURE_SMEP); ++ } else ++ regs[1] = 0; ++ regs[0] = regs[2] = regs[3] = 0; ++ break; ++ + case 0x0000000d: + xc_cpuid_config_xsave(xch, domid, xfeature_mask, input, regs); + break; +--- a/xen/arch/x86/hvm/hvm.c ++++ b/xen/arch/x86/hvm/hvm.c +@@ -1553,8 +1553,9 @@ int hvm_set_cr4(unsigned long value) + v->arch.hvm_vcpu.guest_cr[4] = value; + hvm_update_guest_cr(v, 4); + +- /* Modifying CR4.{PSE,PAE,PGE} invalidates all TLB entries, inc. Global. */ +- if ( (old_cr ^ value) & (X86_CR4_PSE | X86_CR4_PGE | X86_CR4_PAE) ) ++ /* Modifying CR4.{PSE,PAE,PGE,SMEP} invalidates all TLB entries. */ ++ if ( (old_cr ^ value) & (X86_CR4_PSE | X86_CR4_PGE | ++ X86_CR4_PAE | X86_CR4_SMEP) ) + paging_update_paging_modes(v); + + return X86EMUL_OKAY; +@@ -2196,7 +2197,7 @@ enum hvm_copy_result hvm_copy_from_guest + enum hvm_copy_result hvm_fetch_from_guest_virt( + void *buf, unsigned long vaddr, int size, uint32_t pfec) + { +- if ( hvm_nx_enabled(current) ) ++ if ( hvm_nx_enabled(current) || hvm_smep_enabled(current) ) + pfec |= PFEC_insn_fetch; + return __hvm_copy(buf, vaddr, size, + HVMCOPY_from_guest | HVMCOPY_fault | HVMCOPY_virt, +@@ -2222,7 +2223,7 @@ enum hvm_copy_result hvm_copy_from_guest + enum hvm_copy_result hvm_fetch_from_guest_virt_nofault( + void *buf, unsigned long vaddr, int size, uint32_t pfec) + { +- if ( hvm_nx_enabled(current) ) ++ if ( hvm_nx_enabled(current) || hvm_smep_enabled(current) ) + pfec |= PFEC_insn_fetch; + return __hvm_copy(buf, vaddr, size, + HVMCOPY_from_guest | HVMCOPY_no_fault | HVMCOPY_virt, +@@ -2292,6 +2293,10 @@ void hvm_cpuid(unsigned int input, unsig + *ecx |= (v->arch.hvm_vcpu.guest_cr[4] & X86_CR4_OSXSAVE) ? + cpufeat_mask(X86_FEATURE_OSXSAVE) : 0; + break; ++ case 0x7: ++ if ( (count == 0) && !cpu_has_smep ) ++ *ebx &= ~cpufeat_mask(X86_FEATURE_SMEP); ++ break; + case 0xb: + /* Fix the x2APIC identifier. */ + *edx = v->vcpu_id * 2; +--- a/xen/arch/x86/mm/guest_walk.c ++++ b/xen/arch/x86/mm/guest_walk.c +@@ -132,7 +132,7 @@ guest_walk_tables(struct vcpu *v, struct + guest_l4e_t *l4p; + #endif + uint32_t gflags, mflags, iflags, rc = 0; +- int pse; ++ int pse, smep; + + perfc_incr(guest_walk); + memset(gw, 0, sizeof(*gw)); +@@ -145,6 +145,15 @@ guest_walk_tables(struct vcpu *v, struct + mflags = mandatory_flags(v, pfec); + iflags = (_PAGE_NX_BIT | _PAGE_INVALID_BITS); + ++ /* SMEP: kernel-mode instruction fetches from user-mode mappings ++ * should fault. Unlike NX or invalid bits, we're looking for _all_ ++ * entries in the walk to have _PAGE_USER set, so we need to do the ++ * whole walk as if it were a user-mode one and then invert the answer. */ ++ smep = (is_hvm_vcpu(v) && hvm_smep_enabled(v) ++ && (pfec & PFEC_insn_fetch) && !(pfec & PFEC_user_mode) ); ++ if ( smep ) ++ mflags |= _PAGE_USER; ++ + #if GUEST_PAGING_LEVELS >= 3 /* PAE or 64... */ + #if GUEST_PAGING_LEVELS >= 4 /* 64-bit only... */ + +@@ -271,6 +280,10 @@ guest_walk_tables(struct vcpu *v, struct + rc |= ((gflags & mflags) ^ mflags); + } + ++ /* Now re-invert the user-mode requirement for SMEP. */ ++ if ( smep ) ++ rc ^= _PAGE_USER; ++ + /* Go back and set accessed and dirty bits only if the walk was a + * success. Although the PRMs say higher-level _PAGE_ACCESSED bits + * get set whenever a lower-level PT is used, at least some hardware +--- a/xen/include/asm-x86/hvm/hvm.h ++++ b/xen/include/asm-x86/hvm/hvm.h +@@ -181,6 +181,8 @@ int hvm_girq_dest_2_vcpu_id(struct domai + (!!((v)->arch.hvm_vcpu.guest_cr[0] & X86_CR0_WP)) + #define hvm_pae_enabled(v) \ + (hvm_paging_enabled(v) && ((v)->arch.hvm_vcpu.guest_cr[4] & X86_CR4_PAE)) ++#define hvm_smep_enabled(v) \ ++ (hvm_paging_enabled(v) && ((v)->arch.hvm_vcpu.guest_cr[4] & X86_CR4_SMEP)) + #define hvm_nx_enabled(v) \ + (!!((v)->arch.hvm_vcpu.guest_efer & EFER_NX)) + +@@ -294,6 +296,7 @@ static inline int hvm_do_pmu_interrupt(s + X86_CR4_DE | X86_CR4_PSE | X86_CR4_PAE | \ + X86_CR4_MCE | X86_CR4_PGE | X86_CR4_PCE | \ + X86_CR4_OSFXSR | X86_CR4_OSXMMEXCPT | \ ++ (cpu_has_smep ? X86_CR4_SMEP : 0) | \ + (xsave_enabled(_v) ? X86_CR4_OSXSAVE : 0)))) + + /* These exceptions must always be intercepted. */ diff --git a/23505-x86-cpu-add-arg-check.patch b/23505-x86-cpu-add-arg-check.patch new file mode 100644 index 0000000..c452b54 --- /dev/null +++ b/23505-x86-cpu-add-arg-check.patch @@ -0,0 +1,24 @@ +# HG changeset patch +# User Keir Fraser +# Date 1307689724 -3600 +# Node ID 5a557fda70a99d287735b53957e865c8dac0e351 +# Parent c34604d5a29336d902837542b915d3b09b27a361 +x86: Fix argument checking in (privileged) function cpu_add(). + +Thanks to John McDermott for spotting. + +Signed-off-by: Keir Fraser + +--- a/xen/arch/x86/smpboot.c ++++ b/xen/arch/x86/smpboot.c +@@ -899,7 +899,9 @@ int cpu_add(uint32_t apic_id, uint32_t a + dprintk(XENLOG_DEBUG, "cpu_add apic_id %x acpi_id %x pxm %x\n", + apic_id, acpi_id, pxm); + +- if ( acpi_id > MAX_MADT_ENTRIES || apic_id > MAX_APICS || pxm > 256 ) ++ if ( (acpi_id >= MAX_MADT_ENTRIES) || ++ (apic_id >= MAX_APICS) || ++ (pxm >= 256) ) + return -EINVAL; + + if ( !cpu_hotplug_begin() ) diff --git a/23508-vmx-proc-based-ctls-probe.patch b/23508-vmx-proc-based-ctls-probe.patch new file mode 100644 index 0000000..8f728c4 --- /dev/null +++ b/23508-vmx-proc-based-ctls-probe.patch @@ -0,0 +1,45 @@ +# HG changeset patch +# User Keir Fraser +# Date 1307691167 -3600 +# Node ID 2ef6bbee50371e1135236035ed1a9a7b8748e09f +# Parent 0a29c8c3ddf7395ea8e68c5f4cd8633023490022 +x86/vmx: Small fixes to MSR_IA32_VMX_PROCBASED_CTLS feature probing. + +Should check for VIRTUAL_INTR_PENDING as we unconditionally make use +of it. Also check for CR8 exiting unconditionally on x86/64, as this +is of use to nestedvmx, and every 64-bit cpu should support it. + +Signed-off-by: Eddie Dong +Signed-off-by: Keir Fraser + +--- a/xen/arch/x86/hvm/vmx/vmcs.c ++++ b/xen/arch/x86/hvm/vmx/vmcs.c +@@ -147,6 +147,11 @@ static int vmx_init_vmcs_config(void) + MSR_IA32_VMX_PINBASED_CTLS, &mismatch); + + min = (CPU_BASED_HLT_EXITING | ++ CPU_BASED_VIRTUAL_INTR_PENDING | ++#ifdef __x86_64__ ++ CPU_BASED_CR8_LOAD_EXITING | ++ CPU_BASED_CR8_STORE_EXITING | ++#endif + CPU_BASED_INVLPG_EXITING | + CPU_BASED_CR3_LOAD_EXITING | + CPU_BASED_CR3_STORE_EXITING | +@@ -165,13 +170,9 @@ static int vmx_init_vmcs_config(void) + MSR_IA32_VMX_PROCBASED_CTLS, &mismatch); + _vmx_cpu_based_exec_control &= ~CPU_BASED_RDTSC_EXITING; + #ifdef __x86_64__ +- if ( !(_vmx_cpu_based_exec_control & CPU_BASED_TPR_SHADOW) ) +- { +- min |= CPU_BASED_CR8_LOAD_EXITING | CPU_BASED_CR8_STORE_EXITING; +- _vmx_cpu_based_exec_control = adjust_vmx_controls( +- "CPU-Based Exec Control", min, opt, +- MSR_IA32_VMX_PROCBASED_CTLS, &mismatch); +- } ++ if ( _vmx_cpu_based_exec_control & CPU_BASED_TPR_SHADOW ) ++ _vmx_cpu_based_exec_control &= ++ ~(CPU_BASED_CR8_LOAD_EXITING | CPU_BASED_CR8_STORE_EXITING); + #endif + + if ( _vmx_cpu_based_exec_control & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS ) diff --git a/23510-hvm-cpuid-DRNG.patch b/23510-hvm-cpuid-DRNG.patch new file mode 100644 index 0000000..9961cd9 --- /dev/null +++ b/23510-hvm-cpuid-DRNG.patch @@ -0,0 +1,44 @@ +# HG changeset patch +# User Yang, Wei +# Date 1308051888 -3600 +# Node ID 864a3dd1d9b4664f1ece44c9eaf390969253b7a8 +# Parent 782bc7b2661a3921af21130f34f599f68911f2ce +x86/hvm: Make DRNG feature visible in CPUID + +This patch exposes DRNG feature to HVM guests. + +The RDRAND instruction can provide software with sequences of +random numbers generated from white noise. + +Signed-off-by: Yang, Wei + +--- a/tools/libxc/xc_cpufeature.h ++++ b/tools/libxc/xc_cpufeature.h +@@ -87,6 +87,7 @@ + #define X86_FEATURE_XSAVE 26 /* XSAVE/XRSTOR/XSETBV/XGETBV */ + #define X86_FEATURE_AVX 28 /* Advanced Vector Extensions */ + #define X86_FEATURE_F16C 29 /* Half-precision convert instruction */ ++#define X86_FEATURE_RDRAND 30 /* Digital Random Number Generator */ + #define X86_FEATURE_HYPERVISOR 31 /* Running under some hypervisor */ + + /* VIA/Cyrix/Centaur-defined CPU features, CPUID level 0xC0000001 */ +--- a/tools/libxc/xc_cpuid_x86.c ++++ b/tools/libxc/xc_cpuid_x86.c +@@ -262,6 +262,7 @@ static void xc_cpuid_hvm_policy( + bitmaskof(X86_FEATURE_POPCNT) | + bitmaskof(X86_FEATURE_AES) | + bitmaskof(X86_FEATURE_F16C) | ++ bitmaskof(X86_FEATURE_RDRAND) | + ((xfeature_mask != 0) ? + (bitmaskof(X86_FEATURE_AVX) | + bitmaskof(X86_FEATURE_XSAVE)) : 0)); +--- a/xen/include/asm-x86/cpufeature.h ++++ b/xen/include/asm-x86/cpufeature.h +@@ -105,6 +105,7 @@ + #define X86_FEATURE_OSXSAVE (4*32+27) /* OSXSAVE */ + #define X86_FEATURE_AVX (4*32+28) /* Advanced Vector Extensions */ + #define X86_FEATURE_F16C (4*32+29) /* Half-precision convert instruction */ ++#define X86_FEATURE_RDRAND (4*32+30) /* Digital Random Number Generator */ + #define X86_FEATURE_HYPERVISOR (4*32+31) /* Running under some hypervisor */ + + /* VIA/Cyrix/Centaur-defined CPU features, CPUID level 0xC0000001, word 5 */ diff --git a/23511-amd-fam15-no-flush-for-C3.patch b/23511-amd-fam15-no-flush-for-C3.patch new file mode 100644 index 0000000..4c4d56f --- /dev/null +++ b/23511-amd-fam15-no-flush-for-C3.patch @@ -0,0 +1,28 @@ +References: FATE#309893 + +# HG changeset patch +# User Mark Langsdorf +# Date 1308051989 -3600 +# Node ID 450f1d198e1e299b69489d513f591f0301cc5166 +# Parent 864a3dd1d9b4664f1ece44c9eaf390969253b7a8 +x86/amd: Eliminate cache flushing when entering C3 on select AMD processors + +AMD Fam15h processors have a shared cache. It does not need +to be be flushed when entering C3 and doing so causes reduces +performance. Modify acpi_processor_power_init_bm_check to +prevent these processors from flushing when entering C3. + +Signed-off-by: Mark Langsdorf + +--- a/xen/arch/x86/acpi/cpu_idle.c ++++ b/xen/arch/x86/acpi/cpu_idle.c +@@ -680,7 +680,8 @@ static void acpi_processor_power_init_bm + flags->bm_check = 0; + if ( num_online_cpus() == 1 ) + flags->bm_check = 1; +- else if ( c->x86_vendor == X86_VENDOR_INTEL ) ++ else if ( (c->x86_vendor == X86_VENDOR_INTEL) || ++ ((c->x86_vendor == X86_VENDOR_AMD) && (c->x86 == 0x15)) ) + { + /* + * Today all MP CPUs that support C3 share cache. diff --git a/23516-cpuid-ERMS.patch b/23516-cpuid-ERMS.patch new file mode 100644 index 0000000..81fe65f --- /dev/null +++ b/23516-cpuid-ERMS.patch @@ -0,0 +1,67 @@ +# HG changeset patch +# User Yang, Wei +# Date 1308053598 -3600 +# Node ID f4a47275aebf383cf565e0a265a56a8c1110d45e +# Parent 337520d94cba906e64dbd3089d65cda8cf97d1d0 +x86: Pass through ERMS CPUID feature for HVM and PV guests + +This patch exposes ERMS feature to HVM and PV guests. + +The REP MOVSB/STOSB instruction can enhance fast strings attempts to +move as much of the data with larger size load/stores as possible. + +Signed-off-by: Yang, Wei + +--- a/tools/libxc/xc_cpufeature.h ++++ b/tools/libxc/xc_cpufeature.h +@@ -126,5 +126,6 @@ + /* Intel-defined CPU features, CPUID level 0x00000007:0 (ebx) */ + #define X86_FEATURE_FSGSBASE 0 /* {RD,WR}{FS,GS}BASE instructions */ + #define X86_FEATURE_SMEP 7 /* Supervisor Mode Execution Protection */ ++#define X86_FEATURE_ERMS 9 /* Enhanced REP MOVSB/STOSB */ + + #endif /* __LIBXC_CPUFEATURE_H */ +--- a/tools/libxc/xc_cpuid_x86.c ++++ b/tools/libxc/xc_cpuid_x86.c +@@ -303,7 +303,8 @@ static void xc_cpuid_hvm_policy( + + case 0x00000007: /* Intel-defined CPU features */ + if ( input[1] == 0 ) { +- regs[1] &= bitmaskof(X86_FEATURE_SMEP); ++ regs[1] &= (bitmaskof(X86_FEATURE_SMEP) | ++ bitmaskof(X86_FEATURE_ERMS)); + } else + regs[1] = 0; + regs[0] = regs[2] = regs[3] = 0; +@@ -425,7 +426,8 @@ static void xc_cpuid_pv_policy( + + case 7: + if ( input[1] == 0 ) +- regs[1] &= bitmaskof(X86_FEATURE_FSGSBASE); ++ regs[1] &= (bitmaskof(X86_FEATURE_FSGSBASE) | ++ bitmaskof(X86_FEATURE_ERMS)); + else + regs[1] = 0; + regs[0] = regs[2] = regs[3] = 0; +--- a/xen/arch/x86/traps.c ++++ b/xen/arch/x86/traps.c +@@ -812,7 +812,8 @@ static void pv_cpuid(struct cpu_user_reg + break; + case 7: + if ( regs->ecx == 0 ) +- b &= cpufeat_mask(X86_FEATURE_FSGSBASE); ++ b &= (cpufeat_mask(X86_FEATURE_FSGSBASE) | ++ cpufeat_mask(X86_FEATURE_ERMS)); + else + b = 0; + a = c = d = 0; +--- a/xen/include/asm-x86/cpufeature.h ++++ b/xen/include/asm-x86/cpufeature.h +@@ -144,6 +144,7 @@ + /* Intel-defined CPU features, CPUID level 0x00000007:0 (ebx), word 7 */ + #define X86_FEATURE_FSGSBASE (7*32+ 0) /* {RD,WR}{FS,GS}BASE instructions */ + #define X86_FEATURE_SMEP (7*32+ 7) /* Supervisor Mode Execution Protection */ ++#define X86_FEATURE_ERMS (7*32+ 9) /* Enhanced REP MOVSB/STOSB */ + + #define cpu_has(c, bit) test_bit(bit, (c)->x86_capability) + #define boot_cpu_has(bit) test_bit(bit, boot_cpu_data.x86_capability) diff --git a/23538-hvm-pio-emul-no-host-crash.patch b/23538-hvm-pio-emul-no-host-crash.patch new file mode 100644 index 0000000..e7f3f59 --- /dev/null +++ b/23538-hvm-pio-emul-no-host-crash.patch @@ -0,0 +1,33 @@ +# HG changeset patch +# User George Dunlap +# Date 1308150314 -3600 +# Node ID 35b4220c98bc89b7162d19ed6c858e027fabff69 +# Parent cac82bc1ea23bc213ece4c84db2703dd46df7f25 +x86/hvm: Crash domain rather than guest on unexpected PIO IO state + +Under certain conditions, if an IO gets into an unexpected state, +hvmemul_do_io can return X86EMUL_UNHANDLEABLE. Unfortunately, +handle_pio() does not expect this state, and calls BUG() if it sees +it, crashing the host. + +Other HVM io-related code crashes the guest in this case. This patch +makes handle_pio() do the same. + +The crash was seen when executing crash_guest in dom0 to forcibly +crash the guest. + +Signed-off-by: George Dunlap + +--- a/xen/arch/x86/hvm/io.c ++++ b/xen/arch/x86/hvm/io.c +@@ -239,7 +239,9 @@ int handle_pio(uint16_t port, int size, + curr->arch.hvm_vcpu.io_state = HVMIO_handle_pio_awaiting_completion; + break; + default: +- BUG(); ++ gdprintk(XENLOG_ERR, "Weird HVM ioemulation status %d.\n", rc); ++ domain_crash(curr->domain); ++ break; + } + + return 1; diff --git a/23539-hvm-cpuid-FSGSBASE.patch b/23539-hvm-cpuid-FSGSBASE.patch new file mode 100644 index 0000000..eb070d8 --- /dev/null +++ b/23539-hvm-cpuid-FSGSBASE.patch @@ -0,0 +1,34 @@ +# HG changeset patch +# User Yang, Wei +# Date 1308150408 -3600 +# Node ID 8c75f35d55f60cb2f374e3b5c7c520f8633d733f +# Parent 35b4220c98bc89b7162d19ed6c858e027fabff69 +Enable RDWRGSFS feature support for HVM guests + +Write/read FS/GS base instructions enable user level code to +read/write FS & GS segment base registers for thread local storage. + +Signed-off-by: Yang, Wei + +--- a/tools/libxc/xc_cpuid_x86.c ++++ b/tools/libxc/xc_cpuid_x86.c +@@ -304,7 +304,8 @@ static void xc_cpuid_hvm_policy( + case 0x00000007: /* Intel-defined CPU features */ + if ( input[1] == 0 ) { + regs[1] &= (bitmaskof(X86_FEATURE_SMEP) | +- bitmaskof(X86_FEATURE_ERMS)); ++ bitmaskof(X86_FEATURE_ERMS) | ++ bitmaskof(X86_FEATURE_FSGSBASE)); + } else + regs[1] = 0; + regs[0] = regs[2] = regs[3] = 0; +--- a/xen/include/asm-x86/hvm/hvm.h ++++ b/xen/include/asm-x86/hvm/hvm.h +@@ -297,6 +297,7 @@ static inline int hvm_do_pmu_interrupt(s + X86_CR4_MCE | X86_CR4_PGE | X86_CR4_PCE | \ + X86_CR4_OSFXSR | X86_CR4_OSXMMEXCPT | \ + (cpu_has_smep ? X86_CR4_SMEP : 0) | \ ++ (cpu_has_fsgsbase ? X86_CR4_FSGSBASE : 0) | \ + (xsave_enabled(_v) ? X86_CR4_OSXSAVE : 0)))) + + /* These exceptions must always be intercepted. */ diff --git a/23543-x86_64-maddr_to_virt-assertion.patch b/23543-x86_64-maddr_to_virt-assertion.patch new file mode 100644 index 0000000..76df278 --- /dev/null +++ b/23543-x86_64-maddr_to_virt-assertion.patch @@ -0,0 +1,24 @@ +# HG changeset patch +# User Jan Beulich +# Date 1308165849 -3600 +# Node ID a8edfacd4b5e2cecb78d2ff93e57e7efa1bf2db2 +# Parent 23c068b109236657ededa3e3b7f180346a5cd9f9 +x86-64: fix incorrect assertion in __maddr_to_virt() + +When memory map sparseness reduction is in use, machine address ranges +can't validly be compared directly against the total size of the +direct mapping range. + +Signed-off-by: Jan Beulich + +--- a/xen/include/asm-x86/x86_64/page.h ++++ b/xen/include/asm-x86/x86_64/page.h +@@ -95,7 +95,7 @@ static inline unsigned long __virt_to_ma + + static inline void *__maddr_to_virt(unsigned long ma) + { +- ASSERT(ma < DIRECTMAP_VIRT_END - DIRECTMAP_VIRT_START); ++ ASSERT(pfn_to_pdx(ma >> PAGE_SHIFT) < (DIRECTMAP_SIZE >> PAGE_SHIFT)); + return (void *)(DIRECTMAP_VIRT_START + + ((ma & ma_va_bottom_mask) | + ((ma & ma_top_mask) >> pfn_pdx_hole_shift))); diff --git a/23546-fucomip.patch b/23546-fucomip.patch new file mode 100644 index 0000000..8536986 --- /dev/null +++ b/23546-fucomip.patch @@ -0,0 +1,23 @@ +# HG changeset patch +# User Keir Fraser +# Date 1308167438 -3600 +# Node ID b58c4ec2f6939b31d56307599b517b5bcfc90279 +# Parent 649372e3d46a795040a358075869336b15b6b627 +x86_emulate: Fix decode of FUCOMIP %stN. + +Signed-off-by: Keir Fraser +xen-unstable changeset: 23546:d25f2c114ace +xen-unstable date: Wed Jun 15 20:33:58 2011 +0100 + +--- a/xen/arch/x86/x86_emulate/x86_emulate.c ++++ b/xen/arch/x86/x86_emulate/x86_emulate.c +@@ -2936,8 +2936,8 @@ x86_emulate( + dst.reg = (unsigned long *)&_regs.eax; + emulate_fpu_insn_memdst("fnstsw", dst.val); + break; ++ case 0xe8 ... 0xef: /* fucomip %stN */ + case 0xf0 ... 0xf7: /* fcomip %stN */ +- case 0xf8 ... 0xff: /* fucomip %stN */ + emulate_fpu_insn_stub(0xdf, modrm); + break; + default: diff --git a/x86-show-page-walk-early.patch b/x86-show-page-walk-early.patch index 471d779..6784654 100644 --- a/x86-show-page-walk-early.patch +++ b/x86-show-page-walk-early.patch @@ -1,7 +1,5 @@ -Index: xen-4.1.1-testing/xen/arch/x86/mm.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/mm.c -+++ xen-4.1.1-testing/xen/arch/x86/mm.c +--- a/xen/arch/x86/mm.c ++++ b/xen/arch/x86/mm.c @@ -160,6 +160,8 @@ static int get_superpage(unsigned long m #endif static void put_superpage(unsigned long mfn); @@ -11,11 +9,9 @@ Index: xen-4.1.1-testing/xen/arch/x86/mm.c #define l1_disallow_mask(d) \ ((d != dom_io) && \ (rangeset_is_empty((d)->iomem_caps) && \ -Index: xen-4.1.1-testing/xen/arch/x86/traps.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/traps.c -+++ xen-4.1.1-testing/xen/arch/x86/traps.c -@@ -1386,6 +1386,7 @@ asmlinkage void __init do_early_page_fau +--- a/xen/arch/x86/traps.c ++++ b/xen/arch/x86/traps.c +@@ -1419,6 +1419,7 @@ asmlinkage void __init do_early_page_fau unsigned long *stk = (unsigned long *)regs; printk("Early fatal page fault at %04x:%p (cr2=%p, ec=%04x)\n", regs->cs, _p(regs->eip), _p(cr2), regs->error_code); @@ -23,10 +19,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/traps.c printk("Stack dump: "); while ( ((long)stk & ((PAGE_SIZE - 1) & ~(BYTES_PER_LONG - 1))) != 0 ) printk("%p ", _p(*stk++)); -Index: xen-4.1.1-testing/xen/arch/x86/x86_32/mm.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/x86_32/mm.c -+++ xen-4.1.1-testing/xen/arch/x86/x86_32/mm.c +--- a/xen/arch/x86/x86_32/mm.c ++++ b/xen/arch/x86/x86_32/mm.c @@ -123,6 +123,8 @@ void __init paging_init(void) #undef CNT #undef MFN @@ -36,10 +30,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/x86_32/mm.c /* Create page tables for ioremap()/map_domain_page_global(). */ for ( i = 0; i < (IOREMAP_MBYTES >> (L2_PAGETABLE_SHIFT - 20)); i++ ) { -Index: xen-4.1.1-testing/xen/arch/x86/x86_32/traps.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/x86_32/traps.c -+++ xen-4.1.1-testing/xen/arch/x86/x86_32/traps.c +--- a/xen/arch/x86/x86_32/traps.c ++++ b/xen/arch/x86/x86_32/traps.c @@ -164,7 +164,8 @@ void show_page_walk(unsigned long addr) l3t += (cr3 & 0xFE0UL) >> 3; l3e = l3t[l3_table_offset(addr)]; @@ -70,10 +62,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/x86_32/traps.c printk(" L1[0x%03lx] = %"PRIpte" %08lx\n", l1_table_offset(addr), l1e_get_intpte(l1e), pfn); unmap_domain_page(l1t); -Index: xen-4.1.1-testing/xen/arch/x86/x86_64/mm.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/x86_64/mm.c -+++ xen-4.1.1-testing/xen/arch/x86/x86_64/mm.c +--- a/xen/arch/x86/x86_64/mm.c ++++ b/xen/arch/x86/x86_64/mm.c @@ -750,6 +750,8 @@ void __init paging_init(void) #undef CNT #undef MFN @@ -83,10 +73,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/x86_64/mm.c /* Create user-accessible L2 directory to map the MPT for compat guests. */ BUILD_BUG_ON(l4_table_offset(RDWR_MPT_VIRT_START) != l4_table_offset(HIRO_COMPAT_MPT_VIRT_START)); -Index: xen-4.1.1-testing/xen/arch/x86/x86_64/traps.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/x86_64/traps.c -+++ xen-4.1.1-testing/xen/arch/x86/x86_64/traps.c +--- a/xen/arch/x86/x86_64/traps.c ++++ b/xen/arch/x86/x86_64/traps.c @@ -176,7 +176,8 @@ void show_page_walk(unsigned long addr) l4t = mfn_to_virt(mfn); l4e = l4t[l4_table_offset(addr)]; @@ -127,10 +115,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/x86_64/traps.c printk(" L1[0x%03lx] = %"PRIpte" %016lx\n", l1_table_offset(addr), l1e_get_intpte(l1e), pfn); } -Index: xen-4.1.1-testing/xen/include/asm-x86/mm.h -=================================================================== ---- xen-4.1.1-testing.orig/xen/include/asm-x86/mm.h -+++ xen-4.1.1-testing/xen/include/asm-x86/mm.h +--- a/xen/include/asm-x86/mm.h ++++ b/xen/include/asm-x86/mm.h @@ -467,6 +467,8 @@ TYPE_SAFE(unsigned long,mfn); #define SHARED_M2P_ENTRY (~0UL - 1UL) #define SHARED_M2P(_e) ((_e) == SHARED_M2P_ENTRY) diff --git a/xen-warnings-unused.diff b/xen-warnings-unused.diff index 9dc38f4..8b0d170 100644 --- a/xen-warnings-unused.diff +++ b/xen-warnings-unused.diff @@ -1,7 +1,5 @@ -Index: xen-4.1.1-testing/tools/libxc/xc_tmem.c -=================================================================== ---- xen-4.1.1-testing.orig/tools/libxc/xc_tmem.c -+++ xen-4.1.1-testing/tools/libxc/xc_tmem.c +--- a/tools/libxc/xc_tmem.c ++++ b/tools/libxc/xc_tmem.c @@ -390,7 +390,8 @@ static int xc_tmem_restore_new_pool( int xc_tmem_restore(xc_interface *xch, int dom, int io_fd) @@ -12,10 +10,8 @@ Index: xen-4.1.1-testing/tools/libxc/xc_tmem.c uint32_t this_max_pools, this_version; uint32_t pool_id; uint32_t minusone; -Index: xen-4.1.1-testing/tools/libxc/xc_domain_restore.c -=================================================================== ---- xen-4.1.1-testing.orig/tools/libxc/xc_domain_restore.c -+++ xen-4.1.1-testing/tools/libxc/xc_domain_restore.c +--- a/tools/libxc/xc_domain_restore.c ++++ b/tools/libxc/xc_domain_restore.c @@ -1087,7 +1087,6 @@ int xc_domain_restore(xc_interface *xch, int vcpuextstate = 0; uint32_t vcpuextstate_size = 0; @@ -24,7 +20,7 @@ Index: xen-4.1.1-testing/tools/libxc/xc_domain_restore.c int nraces = 0; /* The new domain's shared-info frame number. */ -@@ -1255,7 +1254,6 @@ int xc_domain_restore(xc_interface *xch, +@@ -1251,7 +1250,6 @@ int xc_domain_restore(xc_interface *xch, * Now simply read each saved frame into its new machine frame. * We uncanonicalise page tables as we go. */ @@ -32,10 +28,8 @@ Index: xen-4.1.1-testing/tools/libxc/xc_domain_restore.c n = m = 0; loadpages: -Index: xen-4.1.1-testing/tools/misc/gtraceview.c -=================================================================== ---- xen-4.1.1-testing.orig/tools/misc/gtraceview.c -+++ xen-4.1.1-testing/tools/misc/gtraceview.c +--- a/tools/misc/gtraceview.c ++++ b/tools/misc/gtraceview.c @@ -622,7 +622,8 @@ void crt_init(void) void nr_addch(int nr, int ch) { @@ -46,10 +40,8 @@ Index: xen-4.1.1-testing/tools/misc/gtraceview.c getyx(stdscr, y, x); for (i = 0; i < nr; i++) { if (x == COLS-1) -Index: xen-4.1.1-testing/tools/xcutils/xc_restore.c -=================================================================== ---- xen-4.1.1-testing.orig/tools/xcutils/xc_restore.c -+++ xen-4.1.1-testing/tools/xcutils/xc_restore.c +--- a/tools/xcutils/xc_restore.c ++++ b/tools/xcutils/xc_restore.c @@ -19,7 +19,8 @@ int main(int argc, char **argv) { @@ -60,10 +52,8 @@ Index: xen-4.1.1-testing/tools/xcutils/xc_restore.c xc_interface *xch; int io_fd, ret; int superpages; -Index: xen-4.1.1-testing/tools/firmware/rombios/32bit/tcgbios/tcgbios.c -=================================================================== ---- xen-4.1.1-testing.orig/tools/firmware/rombios/32bit/tcgbios/tcgbios.c -+++ xen-4.1.1-testing/tools/firmware/rombios/32bit/tcgbios/tcgbios.c +--- a/tools/firmware/rombios/32bit/tcgbios/tcgbios.c ++++ b/tools/firmware/rombios/32bit/tcgbios/tcgbios.c @@ -1064,7 +1064,7 @@ uint32_t HashLogEvent32(struct hlei *hle uint32_t rc = 0; uint16_t size; @@ -73,10 +63,8 @@ Index: xen-4.1.1-testing/tools/firmware/rombios/32bit/tcgbios/tcgbios.c uint32_t hashdataptr; uint32_t hashdatalen; -Index: xen-4.1.1-testing/tools/console/client/main.c -=================================================================== ---- xen-4.1.1-testing.orig/tools/console/client/main.c -+++ xen-4.1.1-testing/tools/console/client/main.c +--- a/tools/console/client/main.c ++++ b/tools/console/client/main.c @@ -277,7 +277,8 @@ int main(int argc, char **argv) }; @@ -87,10 +75,8 @@ Index: xen-4.1.1-testing/tools/console/client/main.c struct xs_handle *xs; char *end; console_type type = CONSOLE_INVAL; -Index: xen-4.1.1-testing/tools/xenstat/xentop/xentop.c -=================================================================== ---- xen-4.1.1-testing.orig/tools/xenstat/xentop/xentop.c -+++ xen-4.1.1-testing/tools/xenstat/xentop/xentop.c +--- a/tools/xenstat/xentop/xentop.c ++++ b/tools/xenstat/xentop/xentop.c @@ -272,7 +272,8 @@ static void fail(const char *str) /* Return the row containing the cursor. */ static int current_row(void) @@ -111,11 +97,9 @@ Index: xen-4.1.1-testing/tools/xenstat/xentop/xentop.c getmaxyx(stdscr, y, x); return y; } -Index: xen-4.1.1-testing/tools/libxl/libxlu_cfg.c -=================================================================== ---- xen-4.1.1-testing.orig/tools/libxl/libxlu_cfg.c -+++ xen-4.1.1-testing/tools/libxl/libxlu_cfg.c -@@ -348,7 +348,7 @@ char *xlu__cfgl_dequote(CfgParseContext +--- a/tools/libxl/libxlu_cfg.c ++++ b/tools/libxl/libxlu_cfg.c +@@ -348,7 +348,7 @@ char *xlu__cfgl_dequote(CfgParseContext #define NUMERIC_CHAR(minlen,maxlen,base,basetext) do{ \ char numbuf[(maxlen)+1], *ep; \ @@ -124,11 +108,9 @@ Index: xen-4.1.1-testing/tools/libxl/libxlu_cfg.c \ strncpy(numbuf,p,(maxlen)); \ numbuf[(maxlen)]= 0; \ -Index: xen-4.1.1-testing/tools/libxl/libxl.c -=================================================================== ---- xen-4.1.1-testing.orig/tools/libxl/libxl.c -+++ xen-4.1.1-testing/tools/libxl/libxl.c -@@ -221,7 +221,7 @@ int libxl_domain_rename(libxl_ctx *ctx, +--- a/tools/libxl/libxl.c ++++ b/tools/libxl/libxl.c +@@ -221,7 +221,7 @@ int libxl_domain_rename(libxl_ctx *ctx, int libxl_domain_resume(libxl_ctx *ctx, uint32_t domid) { libxl__gc gc = LIBXL_INIT_GC(ctx); @@ -155,10 +137,8 @@ Index: xen-4.1.1-testing/tools/libxl/libxl.c libxl__sprintf(&gc, "%s/device/vif", dompath), &nb_nics); if (!l) goto err; -Index: xen-4.1.1-testing/tools/libxl/libxl_pci.c -=================================================================== ---- xen-4.1.1-testing.orig/tools/libxl/libxl_pci.c -+++ xen-4.1.1-testing/tools/libxl/libxl_pci.c +--- a/tools/libxl/libxl_pci.c ++++ b/tools/libxl/libxl_pci.c @@ -240,7 +240,7 @@ static int libxl_create_pci_backend(libx flexarray_t *front = NULL; flexarray_t *back = NULL; @@ -177,10 +157,8 @@ Index: xen-4.1.1-testing/tools/libxl/libxl_pci.c LIBXL__LOG(ctx, LIBXL__LOG_DEBUG, "Creating pci backend"); /* add pci device */ -Index: xen-4.1.1-testing/tools/libxl/libxl_dom.c -=================================================================== ---- xen-4.1.1-testing.orig/tools/libxl/libxl_dom.c -+++ xen-4.1.1-testing/tools/libxl/libxl_dom.c +--- a/tools/libxl/libxl_dom.c ++++ b/tools/libxl/libxl_dom.c @@ -265,14 +265,13 @@ int libxl__build_hvm(libxl_ctx *ctx, uin libxl_domain_build_info *info, libxl_domain_build_state *state) { @@ -205,10 +183,8 @@ Index: xen-4.1.1-testing/tools/libxl/libxl_dom.c out: libxl__free_all(&gc); return 0; -Index: xen-4.1.1-testing/tools/libxl/libxl_utils.c -=================================================================== ---- xen-4.1.1-testing.orig/tools/libxl/libxl_utils.c -+++ xen-4.1.1-testing/tools/libxl/libxl_utils.c +--- a/tools/libxl/libxl_utils.c ++++ b/tools/libxl/libxl_utils.c @@ -531,7 +531,7 @@ int libxl_devid_to_device_disk(libxl_ctx libxl__gc gc = LIBXL_INIT_GC(ctx); char *endptr, *val; @@ -218,10 +194,8 @@ Index: xen-4.1.1-testing/tools/libxl/libxl_utils.c int rc = ERROR_INVAL; devid_n = strtoul(devid, &endptr, 10); -Index: xen-4.1.1-testing/tools/libxl/xl_cmdimpl.c -=================================================================== ---- xen-4.1.1-testing.orig/tools/libxl/xl_cmdimpl.c -+++ xen-4.1.1-testing/tools/libxl/xl_cmdimpl.c +--- a/tools/libxl/xl_cmdimpl.c ++++ b/tools/libxl/xl_cmdimpl.c @@ -5448,7 +5448,7 @@ int main_cpupoollist(int argc, char **ar {"cpus", 0, 0, 'c'}, {0, 0, 0, 0} @@ -231,10 +205,8 @@ Index: xen-4.1.1-testing/tools/libxl/xl_cmdimpl.c int opt_cpus = 0; const char *pool = NULL; libxl_cpupoolinfo *poolinfo; -Index: xen-4.1.1-testing/tools/debugger/gdbsx/gx/gx_comm.c -=================================================================== ---- xen-4.1.1-testing.orig/tools/debugger/gdbsx/gx/gx_comm.c -+++ xen-4.1.1-testing/tools/debugger/gdbsx/gx/gx_comm.c +--- a/tools/debugger/gdbsx/gx/gx_comm.c ++++ b/tools/debugger/gdbsx/gx/gx_comm.c @@ -163,7 +163,7 @@ readchar(void) static char buf[BUFSIZ]; static int bufcnt = 0; @@ -244,10 +216,8 @@ Index: xen-4.1.1-testing/tools/debugger/gdbsx/gx/gx_comm.c if (bufcnt-- > 0) return *bufp++ & 0x7f; -Index: xen-4.1.1-testing/tools/python/xen/lowlevel/checkpoint/libcheckpoint.c -=================================================================== ---- xen-4.1.1-testing.orig/tools/python/xen/lowlevel/checkpoint/libcheckpoint.c -+++ xen-4.1.1-testing/tools/python/xen/lowlevel/checkpoint/libcheckpoint.c +--- a/tools/python/xen/lowlevel/checkpoint/libcheckpoint.c ++++ b/tools/python/xen/lowlevel/checkpoint/libcheckpoint.c @@ -820,7 +820,7 @@ static int create_suspend_thread(checkpo static void stop_suspend_thread(checkpoint_state* s) @@ -257,10 +227,8 @@ Index: xen-4.1.1-testing/tools/python/xen/lowlevel/checkpoint/libcheckpoint.c s->done = 1; -Index: xen-4.1.1-testing/tools/python/xen/lowlevel/netlink/libnetlink.c -=================================================================== ---- xen-4.1.1-testing.orig/tools/python/xen/lowlevel/netlink/libnetlink.c -+++ xen-4.1.1-testing/tools/python/xen/lowlevel/netlink/libnetlink.c +--- a/tools/python/xen/lowlevel/netlink/libnetlink.c ++++ b/tools/python/xen/lowlevel/netlink/libnetlink.c @@ -433,7 +433,8 @@ int rtnl_from_file(FILE *rtnl, rtnl_filt nladdr.nl_groups = 0; @@ -271,10 +239,8 @@ Index: xen-4.1.1-testing/tools/python/xen/lowlevel/netlink/libnetlink.c int l; status = fread(&buf, 1, sizeof(*h), rtnl); -Index: xen-4.1.1-testing/xen/arch/x86/msi.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/msi.c -+++ xen-4.1.1-testing/xen/arch/x86/msi.c +--- a/xen/arch/x86/msi.c ++++ b/xen/arch/x86/msi.c @@ -745,7 +745,7 @@ static void __pci_disable_msi(struct msi { struct pci_dev *dev; @@ -284,10 +250,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/msi.c u8 bus, slot, func; dev = entry->dev; -Index: xen-4.1.1-testing/xen/arch/x86/microcode_amd.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/microcode_amd.c -+++ xen-4.1.1-testing/xen/arch/x86/microcode_amd.c +--- a/xen/arch/x86/microcode_amd.c ++++ b/xen/arch/x86/microcode_amd.c @@ -164,7 +164,7 @@ static int apply_microcode(int cpu) static int get_next_ucode_from_buffer_amd(void *mc, const void *buf, size_t size, unsigned long *offset) @@ -297,10 +261,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/microcode_amd.c size_t total_size; const uint8_t *bufp = buf; unsigned long off; -Index: xen-4.1.1-testing/xen/common/cpupool.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/common/cpupool.c -+++ xen-4.1.1-testing/xen/common/cpupool.c +--- a/xen/common/cpupool.c ++++ b/xen/common/cpupool.c @@ -356,7 +356,7 @@ int cpupool_add_domain(struct domain *d, { struct cpupool *c; @@ -321,10 +283,8 @@ Index: xen-4.1.1-testing/xen/common/cpupool.c if ( d->cpupool == NULL ) return; -Index: xen-4.1.1-testing/xen/common/grant_table.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/common/grant_table.c -+++ xen-4.1.1-testing/xen/common/grant_table.c +--- a/xen/common/grant_table.c ++++ b/xen/common/grant_table.c @@ -765,7 +765,7 @@ __gnttab_unmap_common( struct domain *ld, *rd; struct active_grant_entry *act; @@ -334,10 +294,8 @@ Index: xen-4.1.1-testing/xen/common/grant_table.c ld = current->domain; -Index: xen-4.1.1-testing/xen/common/kexec.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/common/kexec.c -+++ xen-4.1.1-testing/xen/common/kexec.c +--- a/xen/common/kexec.c ++++ b/xen/common/kexec.c @@ -563,7 +563,8 @@ static int kexec_exec(XEN_GUEST_HANDLE(v { xen_kexec_exec_t exec; @@ -348,10 +306,8 @@ Index: xen-4.1.1-testing/xen/common/kexec.c if ( unlikely(copy_from_guest(&exec, uarg, 1)) ) return -EFAULT; -Index: xen-4.1.1-testing/xen/drivers/passthrough/vtd/intremap.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/drivers/passthrough/vtd/intremap.c -+++ xen-4.1.1-testing/xen/drivers/passthrough/vtd/intremap.c +--- a/xen/drivers/passthrough/vtd/intremap.c ++++ b/xen/drivers/passthrough/vtd/intremap.c @@ -367,7 +367,7 @@ unsigned int io_apic_read_remap_rte( unsigned int ioapic_pin = (reg - 0x10) / 2; int index; @@ -370,10 +326,8 @@ Index: xen-4.1.1-testing/xen/drivers/passthrough/vtd/intremap.c iommu = drhd->iommu; qi_ctrl = iommu_qi_ctrl(iommu); -Index: xen-4.1.1-testing/xen/common/sched_credit2.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/common/sched_credit2.c -+++ xen-4.1.1-testing/xen/common/sched_credit2.c +--- a/xen/common/sched_credit2.c ++++ b/xen/common/sched_credit2.c @@ -1854,7 +1854,8 @@ static void deactivate_runqueue(struct c static void init_pcpu(const struct scheduler *ops, int cpu) @@ -384,11 +338,9 @@ Index: xen-4.1.1-testing/xen/common/sched_credit2.c struct csched_private *prv = CSCHED_PRIV(ops); struct csched_runqueue_data *rqd; spinlock_t *old_lock; -Index: xen-4.1.1-testing/xen/common/unlzo.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/common/unlzo.c -+++ xen-4.1.1-testing/xen/common/unlzo.c -@@ -68,7 +68,7 @@ static int INIT parse_header(u8 *input, +--- a/xen/common/unlzo.c ++++ b/xen/common/unlzo.c +@@ -68,7 +68,7 @@ static int INIT parse_header(u8 *input, { int l; u8 *parse = input; @@ -397,10 +349,8 @@ Index: xen-4.1.1-testing/xen/common/unlzo.c u16 version; /* read magic: 9 first bits */ -Index: xen-4.1.1-testing/xen/arch/x86/time.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/time.c -+++ xen-4.1.1-testing/xen/arch/x86/time.c +--- a/xen/arch/x86/time.c ++++ b/xen/arch/x86/time.c @@ -1001,7 +1001,8 @@ static void local_time_calibration(void) * System timestamps, extrapolated from local and master oscillators, * taken during this calibration and the previous calibration. @@ -411,10 +361,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/time.c s_time_t prev_master_stime, curr_master_stime; /* TSC timestamps taken during this calibration and prev calibration. */ -Index: xen-4.1.1-testing/xen/arch/x86/cpu/amd.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/cpu/amd.c -+++ xen-4.1.1-testing/xen/arch/x86/cpu/amd.c +--- a/xen/arch/x86/cpu/amd.c ++++ b/xen/arch/x86/cpu/amd.c @@ -348,7 +348,7 @@ static void __devinit init_amd(struct cp { u32 l, h; @@ -424,11 +372,9 @@ Index: xen-4.1.1-testing/xen/arch/x86/cpu/amd.c #ifdef CONFIG_SMP unsigned long long value; -Index: xen-4.1.1-testing/xen/arch/x86/mm/p2m.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/mm/p2m.c -+++ xen-4.1.1-testing/xen/arch/x86/mm/p2m.c -@@ -2338,7 +2338,7 @@ p2m_remove_page(struct p2m_domain *p2m, +--- a/xen/arch/x86/mm/p2m.c ++++ b/xen/arch/x86/mm/p2m.c +@@ -2338,7 +2338,7 @@ p2m_remove_page(struct p2m_domain *p2m, unsigned int page_order) { unsigned long i; @@ -446,10 +392,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/mm/p2m.c int pod_count = 0; int rc = 0; -Index: xen-4.1.1-testing/xen/arch/x86/hvm/emulate.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/hvm/emulate.c -+++ xen-4.1.1-testing/xen/arch/x86/hvm/emulate.c +--- a/xen/arch/x86/hvm/emulate.c ++++ b/xen/arch/x86/hvm/emulate.c @@ -59,7 +59,7 @@ static int hvmemul_do_io( ioreq_t *p = get_ioreq(curr); unsigned long ram_gfn = paddr_to_pfn(ram_gpa); @@ -459,10 +403,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/hvm/emulate.c int rc; /* Check for paged out page */ -Index: xen-4.1.1-testing/xen/arch/x86/hvm/hvm.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/hvm/hvm.c -+++ xen-4.1.1-testing/xen/arch/x86/hvm/hvm.c +--- a/xen/arch/x86/hvm/hvm.c ++++ b/xen/arch/x86/hvm/hvm.c @@ -253,7 +253,8 @@ void hvm_migrate_timers(struct vcpu *v) void hvm_migrate_pirqs(struct vcpu *v) @@ -473,7 +415,7 @@ Index: xen-4.1.1-testing/xen/arch/x86/hvm/hvm.c struct irq_desc *desc; struct domain *d = v->domain; struct hvm_irq_dpci *hvm_irq_dpci = d->arch.hvm_domain.irq.dpci; -@@ -3583,7 +3584,7 @@ long do_hvm_op(unsigned long op, XEN_GUE +@@ -3588,7 +3589,7 @@ long do_hvm_op(unsigned long op, XEN_GUE { p2m_type_t t; p2m_type_t nt; @@ -482,10 +424,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/hvm/hvm.c mfn = gfn_to_mfn_unshare(p2m, pfn, &t, 0); if ( p2m_is_paging(t) ) { -Index: xen-4.1.1-testing/xen/arch/x86/acpi/cpu_idle.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/acpi/cpu_idle.c -+++ xen-4.1.1-testing/xen/arch/x86/acpi/cpu_idle.c +--- a/xen/arch/x86/acpi/cpu_idle.c ++++ b/xen/arch/x86/acpi/cpu_idle.c @@ -273,7 +273,7 @@ static void acpi_processor_ffh_cstate_en static void acpi_idle_do_entry(struct acpi_processor_cx *cx) @@ -495,10 +435,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/acpi/cpu_idle.c switch ( cx->entry_method ) { -Index: xen-4.1.1-testing/xen/arch/x86/cpu/intel.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/cpu/intel.c -+++ xen-4.1.1-testing/xen/arch/x86/cpu/intel.c +--- a/xen/arch/x86/cpu/intel.c ++++ b/xen/arch/x86/cpu/intel.c @@ -35,7 +35,7 @@ struct movsl_mask movsl_mask __read_most */ static void __devinit set_cpuidmask(const struct cpuinfo_x86 *c) @@ -508,10 +446,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/cpu/intel.c if (!~(opt_cpuid_mask_ecx & opt_cpuid_mask_edx & opt_cpuid_mask_ext_ecx & opt_cpuid_mask_ext_edx)) -Index: xen-4.1.1-testing/xen/arch/x86/cpu/intel_cacheinfo.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/cpu/intel_cacheinfo.c -+++ xen-4.1.1-testing/xen/arch/x86/cpu/intel_cacheinfo.c +--- a/xen/arch/x86/cpu/intel_cacheinfo.c ++++ b/xen/arch/x86/cpu/intel_cacheinfo.c @@ -170,7 +170,8 @@ unsigned int __cpuinit init_intel_cachei unsigned int trace = 0, l1i = 0, l1d = 0, l2 = 0, l3 = 0; /* Cache sizes */ unsigned int new_l1d = 0, new_l1i = 0; /* Cache sizes from cpuid(4) */ @@ -522,11 +458,9 @@ Index: xen-4.1.1-testing/xen/arch/x86/cpu/intel_cacheinfo.c if (c->cpuid_level > 3) { static int is_initialized; -Index: xen-4.1.1-testing/xen/arch/x86/mm/mem_sharing.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/mm/mem_sharing.c -+++ xen-4.1.1-testing/xen/arch/x86/mm/mem_sharing.c -@@ -376,7 +376,7 @@ int mem_sharing_debug_gfn(struct domain +--- a/xen/arch/x86/mm/mem_sharing.c ++++ b/xen/arch/x86/mm/mem_sharing.c +@@ -376,7 +376,7 @@ int mem_sharing_debug_gfn(struct domain { p2m_type_t p2mt; mfn_t mfn; @@ -535,10 +469,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/mm/mem_sharing.c mfn = gfn_to_mfn(p2m_get_hostp2m(d), gfn, &p2mt); page = mfn_to_page(mfn); -Index: xen-4.1.1-testing/xen/arch/x86/hvm/viridian.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/hvm/viridian.c -+++ xen-4.1.1-testing/xen/arch/x86/hvm/viridian.c +--- a/xen/arch/x86/hvm/viridian.c ++++ b/xen/arch/x86/hvm/viridian.c @@ -270,7 +270,7 @@ int rdmsr_viridian_regs(uint32_t idx, ui int viridian_hypercall(struct cpu_user_regs *regs) { @@ -548,10 +480,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/hvm/viridian.c uint16_t status = HV_STATUS_SUCCESS; union hypercall_input { -Index: xen-4.1.1-testing/xen/arch/x86/mm.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/mm.c -+++ xen-4.1.1-testing/xen/arch/x86/mm.c +--- a/xen/arch/x86/mm.c ++++ b/xen/arch/x86/mm.c @@ -4900,7 +4900,7 @@ static int ptwr_emulated_update( { unsigned long mfn; @@ -561,10 +491,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/mm.c l1_pgentry_t pte, ol1e, nl1e, *pl1e; struct vcpu *v = current; struct domain *d = v->domain; -Index: xen-4.1.1-testing/xen/arch/x86/x86_64/mm.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/x86_64/mm.c -+++ xen-4.1.1-testing/xen/arch/x86/x86_64/mm.c +--- a/xen/arch/x86/x86_64/mm.c ++++ b/xen/arch/x86/x86_64/mm.c @@ -435,7 +435,8 @@ void destroy_m2p_mapping(struct mem_hota static int setup_compat_m2p_table(struct mem_hotadd_info *info) { @@ -575,10 +503,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/x86_64/mm.c l3_pgentry_t *l3_ro_mpt = NULL; l2_pgentry_t *l2_ro_mpt = NULL; struct page_info *l1_pg; -Index: xen-4.1.1-testing/xen/arch/x86/cpu/mcheck/mce.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/cpu/mcheck/mce.c -+++ xen-4.1.1-testing/xen/arch/x86/cpu/mcheck/mce.c +--- a/xen/arch/x86/cpu/mcheck/mce.c ++++ b/xen/arch/x86/cpu/mcheck/mce.c @@ -151,7 +151,6 @@ static struct mcinfo_bank *mca_init_bank struct mc_info *mi, int bank) { @@ -595,7 +521,7 @@ Index: xen-4.1.1-testing/xen/arch/x86/cpu/mcheck/mce.c if (mib->mc_status & MCi_STATUS_MISCV) mib->mc_misc = mca_rdmsr(MSR_IA32_MCx_MISC(bank)); -@@ -281,7 +279,7 @@ mctelem_cookie_t mcheck_mca_logout(enum +@@ -281,7 +279,7 @@ mctelem_cookie_t mcheck_mca_logout(enum recover = (mc_recoverable_scan)? 1: 0; for (i = 0; i < 32 && i < nr_mce_banks; i++) { @@ -613,10 +539,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/cpu/mcheck/mce.c uint64_t hwcr = 0; int intpose; int i; -Index: xen-4.1.1-testing/xen/common/tmem.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/common/tmem.c -+++ xen-4.1.1-testing/xen/common/tmem.c +--- a/xen/common/tmem.c ++++ b/xen/common/tmem.c @@ -1351,7 +1351,8 @@ obj_unlock: static int tmem_evict(void) { @@ -637,10 +561,8 @@ Index: xen-4.1.1-testing/xen/common/tmem.c client_t *client = pool->client; int ret = client->frozen ? -EFROZEN : -ENOMEM; -Index: xen-4.1.1-testing/xen/common/tmem_xen.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/common/tmem_xen.c -+++ xen-4.1.1-testing/xen/common/tmem_xen.c +--- a/xen/common/tmem_xen.c ++++ b/xen/common/tmem_xen.c @@ -177,7 +177,7 @@ EXPORT int tmh_copy_from_client(pfp_t *p EXPORT int tmh_compress_from_client(tmem_cli_mfn_t cmfn, void **out_va, size_t *out_len, void *cli_va) @@ -678,10 +600,8 @@ Index: xen-4.1.1-testing/xen/common/tmem_xen.c tmh->persistent_pool = xmem_pool_create(name, tmh_persistent_pool_page_get, tmh_persistent_pool_page_put, PAGE_SIZE, 0, PAGE_SIZE); if ( tmh->persistent_pool == NULL ) -Index: xen-4.1.1-testing/xen/arch/x86/cpu/mcheck/vmce.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/cpu/mcheck/vmce.c -+++ xen-4.1.1-testing/xen/arch/x86/cpu/mcheck/vmce.c +--- a/xen/arch/x86/cpu/mcheck/vmce.c ++++ b/xen/arch/x86/cpu/mcheck/vmce.c @@ -574,7 +574,7 @@ int is_vmce_ready(struct mcinfo_bank *ba */ int unmmap_broken_page(struct domain *d, mfn_t mfn, unsigned long gfn) @@ -691,11 +611,9 @@ Index: xen-4.1.1-testing/xen/arch/x86/cpu/mcheck/vmce.c struct p2m_domain *p2m; p2m_type_t pt; -Index: xen-4.1.1-testing/xen/arch/x86/mm/shadow/multi.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/mm/shadow/multi.c -+++ xen-4.1.1-testing/xen/arch/x86/mm/shadow/multi.c -@@ -124,7 +124,7 @@ set_shadow_status(struct vcpu *v, mfn_t +--- a/xen/arch/x86/mm/shadow/multi.c ++++ b/xen/arch/x86/mm/shadow/multi.c +@@ -124,7 +124,7 @@ set_shadow_status(struct vcpu *v, mfn_t /* Put a shadow into the hash table */ { struct domain *d = v->domain; @@ -713,10 +631,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/mm/shadow/multi.c shadow_l1e_t *sl1p, sl1e; struct page_info *sp; -Index: xen-4.1.1-testing/xen/arch/x86/domain_build.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/domain_build.c -+++ xen-4.1.1-testing/xen/arch/x86/domain_build.c +--- a/xen/arch/x86/domain_build.c ++++ b/xen/arch/x86/domain_build.c @@ -375,8 +375,7 @@ int __init construct_dom0( return rc; @@ -727,11 +643,9 @@ Index: xen-4.1.1-testing/xen/arch/x86/domain_build.c machine = elf_uval(&elf, elf.ehdr, e_machine); switch (CONFIG_PAGING_LEVELS) { case 3: /* x86_32p */ -Index: xen-4.1.1-testing/xen/arch/x86/traps.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/traps.c -+++ xen-4.1.1-testing/xen/arch/x86/traps.c -@@ -1751,7 +1751,11 @@ static int emulate_privileged_op(struct +--- a/xen/arch/x86/traps.c ++++ b/xen/arch/x86/traps.c +@@ -1784,7 +1784,11 @@ static int emulate_privileged_op(struct struct vcpu *v = current; unsigned long *reg, eip = regs->eip; u8 opcode, modrm_reg = 0, modrm_rm = 0, rep_prefix = 0, lock = 0, rex = 0; diff --git a/xen.changes b/xen.changes index 8f59705..ef78797 100644 --- a/xen.changes +++ b/xen.changes @@ -1,3 +1,31 @@ +------------------------------------------------------------------- +Fri Jun 17 06:37:36 MDT 2011 - carnold@novell.com + +- fate#309893: Add Xen support for AMD family 15h processors +- fate#309901: Add Xen support for SVM TSC scaling in AMD family + 15h +- fate#311951: Ivy Bridge: XEN support for Supervisor Mode + Execution Protection (SMEP) + 23437-amd-fam15-TSC-scaling.patch + 23462-libxc-cpu-feature.patch + 23481-x86-SMEP.patch + 23504-x86-SMEP-hvm.patch + 23505-x86-cpu-add-arg-check.patch + 23508-vmx-proc-based-ctls-probe.patch + 23510-hvm-cpuid-DRNG.patch + 23511-amd-fam15-no-flush-for-C3.patch + 23516-cpuid-ERMS.patch + 23538-hvm-pio-emul-no-host-crash.patch + 23539-hvm-cpuid-FSGSBASE.patch + 23543-x86_64-maddr_to_virt-assertion.patch + 23546-fucomip.patch + +------------------------------------------------------------------- +Wed Jun 15 15:31:17 MDT 2011 - jfehlig@novell.com + +- Fix libxc reentrancy issues + 23383-libxc-rm-static-vars.patch + ------------------------------------------------------------------- Wed Jun 15 08:09:53 MDT 2011 - carnold@novell.com diff --git a/xen.spec b/xen.spec index 05fdc55..d8f6005 100644 --- a/xen.spec +++ b/xen.spec @@ -141,7 +141,20 @@ Patch15: 23304-amd-oprofile-strings.patch Patch16: 23305-amd-fam15-xenoprof.patch Patch17: 23306-amd-fam15-vpmu.patch Patch18: 23334-amd-fam12+14-vpmu.patch -Patch19: 23338-vtd-force-intremap.patch +Patch19: 23383-libxc-rm-static-vars.patch +Patch20: 23437-amd-fam15-TSC-scaling.patch +Patch21: 23462-libxc-cpu-feature.patch +Patch22: 23481-x86-SMEP.patch +Patch23: 23504-x86-SMEP-hvm.patch +Patch24: 23505-x86-cpu-add-arg-check.patch +Patch25: 23508-vmx-proc-based-ctls-probe.patch +Patch26: 23510-hvm-cpuid-DRNG.patch +Patch27: 23511-amd-fam15-no-flush-for-C3.patch +Patch28: 23516-cpuid-ERMS.patch +Patch29: 23538-hvm-pio-emul-no-host-crash.patch +Patch30: 23539-hvm-cpuid-FSGSBASE.patch +Patch31: 23543-x86_64-maddr_to_virt-assertion.patch +Patch32: 23546-fucomip.patch # Upstream qemu patches # Our patches Patch300: xen-config.diff @@ -632,6 +645,19 @@ tar xfj %{SOURCE2} -C $RPM_BUILD_DIR/%{xen_build_dir}/tools %patch17 -p1 %patch18 -p1 %patch19 -p1 +%patch20 -p1 +%patch21 -p1 +%patch22 -p1 +%patch23 -p1 +%patch24 -p1 +%patch25 -p1 +%patch26 -p1 +%patch27 -p1 +%patch28 -p1 +%patch29 -p1 +%patch30 -p1 +%patch31 -p1 +%patch32 -p1 %patch300 -p1 %patch301 -p1 %patch302 -p1