pool/xen
SHA256
3
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

checked in

Browse Source 
OBS-URL: https://build.opensuse.org/package/show/Virtualization/xen?expand=0&rev=15
This commit is contained in:
OBS User autobuild 2009-08-31 19:24:21 +00:00 committed by Git OBS Bridge
parent 3c0f458b06
commit 3880feee3b
11 changed files with 9 additions and 726 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

106
19614-x86-emul-lldt-ltr.patch
View File

@ -1,106 +0,0 @@
# HG changeset patch
# User Keir Fraser <keir.fraser@citrix.com>
# Date 1250693891 -3600
# Node ID bea861fb0f20671d41e467557bfdffb67b42f5e7
# Parent aa9f0b39c021f9c6e2c5cdb225564dd554a727f5
x86_emulate: Emulate LLDT and LTR instructions.
Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
xen-unstable changeset: 19614:e421fd04e150
xen-unstable date: Tue May 19 02:09:36 2009 +0100
Index: xen-3.4.1-testing/xen/arch/x86/x86_emulate/x86_emulate.c
===================================================================
--- xen-3.4.1-testing.orig/xen/arch/x86/x86_emulate/x86_emulate.c
+++ xen-3.4.1-testing/xen/arch/x86/x86_emulate/x86_emulate.c
@@ -172,7 +172,7 @@ static uint8_t opcode_table[256] = {
static uint8_t twobyte_table[256] = {
/* 0x00 - 0x07 */
- 0, ImplicitOps|ModRM, 0, 0, 0, 0, ImplicitOps, 0,
+ SrcMem16|ModRM, ImplicitOps|ModRM, 0, 0, 0, 0, ImplicitOps, 0,
/* 0x08 - 0x0F */
ImplicitOps, ImplicitOps, 0, 0, 0, ImplicitOps|ModRM, 0, 0,
/* 0x10 - 0x17 */
@@ -971,8 +971,8 @@ protmode_load_seg(
struct { uint32_t a, b; } desc;
unsigned long val;
uint8_t dpl, rpl, cpl;
- uint32_t new_desc_b;
- int rc, fault_type = EXC_TS;
+ uint32_t new_desc_b, a_flag = 0x100;
+ int rc, fault_type = EXC_GP;
/* NULL selector? */
if ( (sel & 0xfffc) == 0 )
@@ -983,8 +983,8 @@ protmode_load_seg(
return ops->write_segment(seg, &segr, ctxt);
}
- /* LDT descriptor must be in the GDT. */
- if ( (seg == x86_seg_ldtr) && (sel & 4) )
+ /* System segment descriptors must reside in the GDT. */
+ if ( !is_x86_user_segment(seg) && (sel & 4) )
goto raise_exn;
if ( (rc = ops->read_segment(x86_seg_ss, &ss, ctxt)) ||
@@ -1013,8 +1013,8 @@ protmode_load_seg(
goto raise_exn;
}
- /* LDT descriptor is a system segment. All others are code/data. */
- if ( (desc.b & (1u<<12)) == ((seg == x86_seg_ldtr) << 12) )
+ /* System segments must have the system flag (S) set. */
+ if ( (desc.b & (1u<<12)) == (!is_x86_user_segment(seg) << 12) )
goto raise_exn;
dpl = (desc.b >> 13) & 3;
@@ -1043,6 +1043,12 @@ protmode_load_seg(
if ( (desc.b & (15u<<8)) != (2u<<8) )
goto raise_exn;
goto skip_accessed_flag;
+ case x86_seg_tr:
+ /* Available TSS system segment? */
+ if ( (desc.b & (15u<<8)) != (9u<<8) )
+ goto raise_exn;
+ a_flag = 0x200; /* busy flag */
+ break;
default:
/* Readable code or data segment? */
if ( (desc.b & (5u<<9)) == (4u<<9) )
@@ -1055,8 +1061,8 @@ protmode_load_seg(
}
/* Ensure Accessed flag is set. */
- new_desc_b = desc.b | 0x100;
- rc = ((desc.b & 0x100) ? X86EMUL_OKAY :
+ new_desc_b = desc.b | a_flag;
+ rc = ((desc.b & a_flag) ? X86EMUL_OKAY :
ops->cmpxchg(
x86_seg_none, desctab.base + (sel & 0xfff8) + 4,
&desc.b, &new_desc_b, 4, ctxt));
@@ -1066,7 +1072,7 @@ protmode_load_seg(
return rc;
/* Force the Accessed flag in our local copy. */
- desc.b |= 0x100;
+ desc.b |= a_flag;
skip_accessed_flag:
segr.base = (((desc.b << 0) & 0xff000000u) |
@@ -3440,6 +3446,15 @@ x86_emulate(
twobyte_insn:
switch ( b )
{
+ case 0x00: /* Grp6 */
+ fail_if((modrm_reg & 6) != 2);
+ generate_exception_if(!in_protmode(ctxt, ops), EXC_UD, -1);
+ generate_exception_if(!mode_ring0(), EXC_GP, 0);
+ if ( (rc = load_seg((modrm_reg & 1) ? x86_seg_tr : x86_seg_ldtr,
+ src.val, ctxt, ops)) != 0 )
+ goto done;
+ break;
+
case 0x01: /* Grp7 */ {
struct segment_register reg;
unsigned long base, limit, cr0, cr0w;

11
20013-xend-memleak.patch
View File

@ -18,11 +18,10 @@ free these objects.
Signed-off-by: juergen.gross@ts.fujitsu.com
Index: xen-3.4.1-testing/tools/python/xen/xend/XendStateStore.py
===================================================================
--- xen-3.4.1-testing.orig/tools/python/xen/xend/XendStateStore.py
+++ xen-3.4.1-testing/tools/python/xen/xend/XendStateStore.py
@@ -147,6 +147,7 @@ class XendStateStore:
diff -r 3242351f9c67 -r e41d42ef4cd2 tools/python/xen/xend/XendStateStore.py
--- a/tools/python/xen/xend/XendStateStore.py Wed Aug 05 12:03:53 2009 +0100
+++ b/tools/python/xen/xend/XendStateStore.py Wed Aug 05 12:04:39 2009 +0100
@@ -147,6 +147,7 @@
cls_dict[val_name] = bool(int(val_text))
state[uuid] = cls_dict
@ -30,7 +29,7 @@ Index: xen-3.4.1-testing/tools/python/xen/xend/XendStateStore.py
return state
def save_state(self, cls, state):
@@ -226,5 +227,5 @@ class XendStateStore:
@@ -226,5 +227,5 @@
node.appendChild(val_node)
open(xml_path, 'w').write(doc.toprettyxml())

161
20031-x86-pmode-load-seg-retry.patch
View File

@ -1,161 +0,0 @@
# HG changeset patch
# User Keir Fraser <keir.fraser@citrix.com>
# Date 1250693923 -3600
# Node ID 44d852862374dff2e734070ac60399f6875f6cd5
# Parent bea861fb0f20671d41e467557bfdffb67b42f5e7
x86_emulate: Remove cmpxchg retry loop from protmode_load_seg().
It is safer to retry in a loop via the caller.
Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
xen-unstable changeset: 20031:34bdb5a29963
xen-unstable date: Thu Aug 06 09:54:22 2009 +0100
Index: xen-3.4.1-testing/xen/arch/x86/x86_emulate/x86_emulate.c
===================================================================
--- xen-3.4.1-testing.orig/xen/arch/x86/x86_emulate/x86_emulate.c
+++ xen-3.4.1-testing/xen/arch/x86/x86_emulate/x86_emulate.c
@@ -996,79 +996,75 @@ protmode_load_seg(
if ( ((sel & 0xfff8) + 7) > desctab.limit )
goto raise_exn;
- do {
- if ( (rc = read_ulong(x86_seg_none, desctab.base + (sel & 0xfff8),
- &val, 4, ctxt, ops)) )
- return rc;
- desc.a = val;
- if ( (rc = read_ulong(x86_seg_none, desctab.base + (sel & 0xfff8) + 4,
- &val, 4, ctxt, ops)) )
- return rc;
- desc.b = val;
+ if ( (rc = read_ulong(x86_seg_none, desctab.base + (sel & 0xfff8),
+ &val, 4, ctxt, ops)) )
+ return rc;
+ desc.a = val;
+ if ( (rc = read_ulong(x86_seg_none, desctab.base + (sel & 0xfff8) + 4,
+ &val, 4, ctxt, ops)) )
+ return rc;
+ desc.b = val;
- /* Segment present in memory? */
- if ( !(desc.b & (1u<<15)) )
- {
- fault_type = EXC_NP;
- goto raise_exn;
- }
+ /* Segment present in memory? */
+ if ( !(desc.b & (1u<<15)) )
+ {
+ fault_type = EXC_NP;
+ goto raise_exn;
+ }
- /* System segments must have the system flag (S) set. */
- if ( (desc.b & (1u<<12)) == (!is_x86_user_segment(seg) << 12) )
- goto raise_exn;
+ /* System segments must have the system flag (S) set. */
+ if ( (desc.b & (1u<<12)) == (!is_x86_user_segment(seg) << 12) )
+ goto raise_exn;
- dpl = (desc.b >> 13) & 3;
- rpl = sel & 3;
- cpl = ss.attr.fields.dpl;
-
- switch ( seg )
- {
- case x86_seg_cs:
- /* Code segment? */
- if ( !(desc.b & (1u<<11)) )
- goto raise_exn;
- /* Non-conforming segment: check DPL against RPL. */
- if ( ((desc.b & (6u<<9)) != (6u<<9)) && (dpl != rpl) )
- goto raise_exn;
- break;
- case x86_seg_ss:
- /* Writable data segment? */
- if ( (desc.b & (5u<<9)) != (1u<<9) )
- goto raise_exn;
- if ( (dpl != cpl) || (dpl != rpl) )
- goto raise_exn;
- break;
- case x86_seg_ldtr:
- /* LDT system segment? */
- if ( (desc.b & (15u<<8)) != (2u<<8) )
- goto raise_exn;
- goto skip_accessed_flag;
- case x86_seg_tr:
- /* Available TSS system segment? */
- if ( (desc.b & (15u<<8)) != (9u<<8) )
- goto raise_exn;
- a_flag = 0x200; /* busy flag */
- break;
- default:
- /* Readable code or data segment? */
- if ( (desc.b & (5u<<9)) == (4u<<9) )
- goto raise_exn;
- /* Non-conforming segment: check DPL against RPL and CPL. */
- if ( ((desc.b & (6u<<9)) != (6u<<9)) &&
- ((dpl < cpl) || (dpl < rpl)) )
- goto raise_exn;
- break;
- }
+ dpl = (desc.b >> 13) & 3;
+ rpl = sel & 3;
+ cpl = ss.attr.fields.dpl;
- /* Ensure Accessed flag is set. */
- new_desc_b = desc.b | a_flag;
- rc = ((desc.b & a_flag) ? X86EMUL_OKAY :
- ops->cmpxchg(
- x86_seg_none, desctab.base + (sel & 0xfff8) + 4,
- &desc.b, &new_desc_b, 4, ctxt));
- } while ( rc == X86EMUL_CMPXCHG_FAILED );
+ switch ( seg )
+ {
+ case x86_seg_cs:
+ /* Code segment? */
+ if ( !(desc.b & (1u<<11)) )
+ goto raise_exn;
+ /* Non-conforming segment: check DPL against RPL. */
+ if ( ((desc.b & (6u<<9)) != (6u<<9)) && (dpl != rpl) )
+ goto raise_exn;
+ break;
+ case x86_seg_ss:
+ /* Writable data segment? */
+ if ( (desc.b & (5u<<9)) != (1u<<9) )
+ goto raise_exn;
+ if ( (dpl != cpl) || (dpl != rpl) )
+ goto raise_exn;
+ break;
+ case x86_seg_ldtr:
+ /* LDT system segment? */
+ if ( (desc.b & (15u<<8)) != (2u<<8) )
+ goto raise_exn;
+ goto skip_accessed_flag;
+ case x86_seg_tr:
+ /* Available TSS system segment? */
+ if ( (desc.b & (15u<<8)) != (9u<<8) )
+ goto raise_exn;
+ a_flag = 0x200; /* busy flag */
+ break;
+ default:
+ /* Readable code or data segment? */
+ if ( (desc.b & (5u<<9)) == (4u<<9) )
+ goto raise_exn;
+ /* Non-conforming segment: check DPL against RPL and CPL. */
+ if ( ((desc.b & (6u<<9)) != (6u<<9)) &&
+ ((dpl < cpl) || (dpl < rpl)) )
+ goto raise_exn;
+ break;
+ }
- if ( rc )
+ /* Ensure Accessed flag is set. */
+ new_desc_b = desc.b | a_flag;
+ if ( !(desc.b & a_flag) &&
+ ((rc = ops->cmpxchg(
+ x86_seg_none, desctab.base + (sel & 0xfff8) + 4,
+ &desc.b, &new_desc_b, 4, ctxt)) != 0) )
return rc;
/* Force the Accessed flag in our local copy. */

35
20035-x86-load-sreg-adjust.patch
View File

@ -1,35 +0,0 @@
# HG changeset patch
# User Keir Fraser <keir.fraser@citrix.com>
# Date 1250694095 -3600
# Node ID 090e394202d0bb0089abc5e5276ed7fda283567d
# Parent daf1ff2c7dbd59b2ab31e6427be58ffdc14e10fd
x86_emulate: Fixes for 'mov rm16,sreg'
1. Memory reads should be 16 bits only
2. Attempt to load %cs should result in #UD
Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
xen-unstable changeset: 20035:3fe64f43944f
xen-unstable date: Fri Aug 07 10:53:22 2009 +0100
Index: xen-3.4.1-testing/xen/arch/x86/x86_emulate/x86_emulate.c
===================================================================
--- xen-3.4.1-testing.orig/xen/arch/x86/x86_emulate/x86_emulate.c
+++ xen-3.4.1-testing/xen/arch/x86/x86_emulate/x86_emulate.c
@@ -113,7 +113,7 @@ static uint8_t opcode_table[256] = {
ByteOp|DstMem|SrcReg|ModRM|Mov, DstMem|SrcReg|ModRM|Mov,
ByteOp|DstReg|SrcMem|ModRM|Mov, DstReg|SrcMem|ModRM|Mov,
DstMem|SrcReg|ModRM|Mov, DstReg|SrcNone|ModRM,
- DstReg|SrcMem|ModRM|Mov, DstMem|SrcNone|ModRM|Mov,
+ DstReg|SrcMem16|ModRM|Mov, DstMem|SrcNone|ModRM|Mov,
/* 0x90 - 0x97 */
ImplicitOps, ImplicitOps, ImplicitOps, ImplicitOps,
ImplicitOps, ImplicitOps, ImplicitOps, ImplicitOps,
@@ -2008,6 +2008,7 @@ x86_emulate(
case 0x8e: /* mov r/m,Sreg */ {
enum x86_segment seg = decode_segment(modrm_reg);
generate_exception_if(seg == decode_segment_failed, EXC_UD, -1);
+ generate_exception_if(seg == x86_seg_cs, EXC_UD, -1);
if ( (rc = load_seg(seg, (uint16_t)src.val, ctxt, ops)) != 0 )
goto done;
if ( seg == x86_seg_ss )

77
20059-vmx-nmi-handling.patch
View File

@ -1,77 +0,0 @@
# HG changeset patch
# User Keir Fraser <keir.fraser@citrix.com>
# Date 1250696034 -3600
# Node ID 4af92eee8be497964912cda863c956691b3a3f89
# Parent 2d6c4cc6a2a9e48218fe31d443f8937a3a88bf3f
VMX: issue an NMI rather than just calling the NMI handler
when the VMEXIT code indicates that an NMI has been raised.
Otherwise we might hit a real NMI while in the handler.
Signed-off-by: Tim Deegan <Tim.Deegan@citrix.com>
xen-unstable changeset: 20059:76a65bf2aa4d
xen-unstable date: Fri Aug 14 10:58:32 2009 +0100
Index: xen-3.4.1-testing/xen/arch/x86/hvm/vmx/vmx.c
===================================================================
--- xen-3.4.1-testing.orig/xen/arch/x86/hvm/vmx/vmx.c
+++ xen-3.4.1-testing/xen/arch/x86/hvm/vmx/vmx.c
@@ -936,8 +936,6 @@ static void vmx_set_tsc_offset(struct vc
vmx_vmcs_exit(v);
}
-void do_nmi(struct cpu_user_regs *);
-
static void vmx_init_hypercall_page(struct domain *d, void *hypercall_page)
{
char *p;
@@ -2416,7 +2414,7 @@ asmlinkage void vmx_vmexit_handler(struc
(X86_EVENTTYPE_NMI << 8) )
goto exit_and_crash;
HVMTRACE_0D(NMI);
- do_nmi(regs); /* Real NMI, vector 2: normal processing. */
+ self_nmi(); /* Real NMI, vector 2: normal processing. */
break;
case TRAP_machine_check:
HVMTRACE_0D(MCE);
Index: xen-3.4.1-testing/xen/arch/x86/nmi.c
===================================================================
--- xen-3.4.1-testing.orig/xen/arch/x86/nmi.c
+++ xen-3.4.1-testing/xen/arch/x86/nmi.c
@@ -441,18 +441,21 @@ void nmi_watchdog_tick(struct cpu_user_r
* 8-3 and 8-4 in IA32 Reference Manual Volume 3. We send the IPI to
* our own APIC ID explicitly which is valid.
*/
-static void do_nmi_trigger(unsigned char key)
+void self_nmi(void)
{
u32 id = get_apic_id();
-
- printk("Triggering NMI on APIC ID %x\n", id);
-
local_irq_disable();
apic_wait_icr_idle();
apic_icr_write(APIC_DM_NMI | APIC_DEST_PHYSICAL, id);
local_irq_enable();
}
+static void do_nmi_trigger(unsigned char key)
+{
+ printk("Triggering NMI on APIC ID %x\n", get_apic_id());
+ self_nmi();
+}
+
static void do_nmi_stats(unsigned char key)
{
int i;
Index: xen-3.4.1-testing/xen/include/asm-x86/apic.h
===================================================================
--- xen-3.4.1-testing.orig/xen/include/asm-x86/apic.h
+++ xen-3.4.1-testing/xen/include/asm-x86/apic.h
@@ -196,6 +196,7 @@ extern void setup_secondary_APIC_clock (
extern void setup_apic_nmi_watchdog (void);
extern int reserve_lapic_nmi(void);
extern void release_lapic_nmi(void);
+extern void self_nmi(void);
extern void disable_timer_nmi_watchdog(void);
extern void enable_timer_nmi_watchdog(void);
extern void nmi_watchdog_tick (struct cpu_user_regs *regs);

95
20077-x86-runstate-cswitch-out.patch
View File

@ -1,95 +0,0 @@
# HG changeset patch
# User Keir Fraser <keir.fraser@citrix.com>
# Date 1250683301 -3600
# Node ID 456b4ec002443227f6d97f79b213dc4b2d281f9e
# Parent 2b8b6ee95c939089a0a7182286c9a21f0acce8fe
x86: extend runstate area updates
In order to give guests a hint at whether their vCPU-s are currently
scheduled (so they can e.g. adapt their behavior in spin loops),
update
the run state area (if registered) also when de-scheduling a vCPU.
Also fix an oversight in the compat mode implementation of
VCPUOP_register_runstate_memory_area.
Signed-off-by: Jan Beulich <jbeulich@novell.com>
Index: xen-3.4.1-testing/xen/arch/x86/domain.c
===================================================================
--- xen-3.4.1-testing.orig/xen/arch/x86/domain.c
+++ xen-3.4.1-testing/xen/arch/x86/domain.c
@@ -1219,6 +1219,26 @@ static void paravirt_ctxt_switch_to(stru
}
}
+/* Update per-VCPU guest runstate shared memory area (if registered). */
+static void update_runstate_area(struct vcpu *v)
+{
+ if ( guest_handle_is_null(runstate_guest(v)) )
+ return;
+
+#ifdef CONFIG_COMPAT
+ if ( is_pv_32on64_domain(v->domain) )
+ {
+ struct compat_vcpu_runstate_info info;
+
+ XLAT_vcpu_runstate_info(&info, &v->runstate);
+ __copy_to_guest(v->runstate_guest.compat, &info, 1);
+ return;
+ }
+#endif
+
+ __copy_to_guest(runstate_guest(v), &v->runstate, 1);
+}
+
static inline int need_full_gdt(struct vcpu *v)
{
return (!is_hvm_vcpu(v) && !is_idle_vcpu(v));
@@ -1311,6 +1331,9 @@ void context_switch(struct vcpu *prev, s
flush_tlb_mask(dirty_mask);
}
+ if (prev != next)
+ update_runstate_area(prev);
+
if ( is_hvm_vcpu(prev) && !list_empty(&prev->arch.hvm_vcpu.tm_list) )
pt_save_timer(prev);
@@ -1350,21 +1373,8 @@ void context_switch(struct vcpu *prev, s
context_saved(prev);
- /* Update per-VCPU guest runstate shared memory area (if registered). */
- if ( !guest_handle_is_null(runstate_guest(next)) )
- {
- if ( !is_pv_32on64_domain(next->domain) )
- __copy_to_guest(runstate_guest(next), &next->runstate, 1);
-#ifdef CONFIG_COMPAT
- else
- {
- struct compat_vcpu_runstate_info info;
-
- XLAT_vcpu_runstate_info(&info, &next->runstate);
- __copy_to_guest(next->runstate_guest.compat, &info, 1);
- }
-#endif
- }
+ if (prev != next)
+ update_runstate_area(next);
schedule_tail(next);
BUG();
Index: xen-3.4.1-testing/xen/arch/x86/x86_64/domain.c
===================================================================
--- xen-3.4.1-testing.orig/xen/arch/x86/x86_64/domain.c
+++ xen-3.4.1-testing/xen/arch/x86/x86_64/domain.c
@@ -56,7 +56,7 @@ arch_compat_vcpu_op(
struct vcpu_runstate_info runstate;
vcpu_runstate_get(v, &runstate);
- XLAT_vcpu_runstate_info(&info, &v->runstate);
+ XLAT_vcpu_runstate_info(&info, &runstate);
}
__copy_to_guest(v->runstate_guest.compat, &info, 1);

137
20078-x86_64-branch-emulation.patch
View File

@ -1,137 +0,0 @@
# HG changeset patch
# User Keir Fraser <keir.fraser@citrix.com>
# Date 1250696281 -3600
# Node ID 68ea3be8b6c14d6de5d7c87fc00e27a596d2a00d
# Parent ca4db4ff9101f51d89a3de9e756b8a2f90a2baf2
x86-64: adjust emulation of control transfers
While Intel and AMD implementations differ in various respects when
it comes to non-default operand sizes of control transfer instructions
and segment register loads (lfs, lgs, lss), it seems to make senss to
(a) match their behavior if they agree and (b) prefer the more
permissive behavior if they don't agree:
- honor operand size overrides on near brances (AMD does, Intel
doesn't)
- honor operand size overrides on far branches (both Intel and AMD do)
- honor REX.W on far branches (Intel does, AMD doesn't except on far
returns)
- honor REX.W on lfs, lgs, and lss (Intel does, AMD doesn't)
Also, do not permit emulation of pushing/popping segment registers
other than fs and gs as well as that of les and lds (the latter are
particularly important due to the re-use of the respective opcodes as
VEX prefixes in AVX).
Signed-off-by: Jan Beulich <jbeulich@novell.com>
xen-unstable changeset: 20078:429ef4f4fe37
xen-unstable date: Wed Aug 19 13:02:04 2009 +0100
Index: xen-3.4.1-testing/xen/arch/x86/x86_emulate/x86_emulate.c
===================================================================
--- xen-3.4.1-testing.orig/xen/arch/x86/x86_emulate/x86_emulate.c
+++ xen-3.4.1-testing/xen/arch/x86/x86_emulate/x86_emulate.c
@@ -561,9 +561,10 @@ do {
do { \
int _rel = (int)(rel); \
_regs.eip += _rel; \
- if ( !mode_64bit() ) \
- _regs.eip = ((op_bytes == 2) \
- ? (uint16_t)_regs.eip : (uint32_t)_regs.eip); \
+ if ( op_bytes == 2 ) \
+ _regs.eip = (uint16_t)_regs.eip; \
+ else if ( !mode_64bit() ) \
+ _regs.eip = (uint32_t)_regs.eip; \
} while (0)
struct fpu_insn_ctxt {
@@ -1614,6 +1615,7 @@ x86_emulate(
struct segment_register reg;
src.val = x86_seg_es;
push_seg:
+ generate_exception_if(mode_64bit() && !twobyte, EXC_UD, -1);
fail_if(ops->read_segment == NULL);
if ( (rc = ops->read_segment(src.val, &reg, ctxt)) != 0 )
return rc;
@@ -1629,6 +1631,7 @@ x86_emulate(
case 0x07: /* pop %%es */
src.val = x86_seg_es;
pop_seg:
+ generate_exception_if(mode_64bit() && !twobyte, EXC_UD, -1);
fail_if(ops->write_segment == NULL);
/* 64-bit mode: POP defaults to a 64-bit operand. */
if ( mode_64bit() && (op_bytes == 4) )
@@ -2074,8 +2077,8 @@ x86_emulate(
uint16_t sel;
uint32_t eip;
- fail_if(ops->read_segment == NULL);
generate_exception_if(mode_64bit(), EXC_UD, -1);
+ fail_if(ops->read_segment == NULL);
eip = insn_fetch_bytes(op_bytes);
sel = insn_fetch_type(uint16_t);
@@ -2293,7 +2296,7 @@ x86_emulate(
case 0xc2: /* ret imm16 (near) */
case 0xc3: /* ret (near) */ {
int offset = (b == 0xc2) ? insn_fetch_type(uint16_t) : 0;
- op_bytes = mode_64bit() ? 8 : op_bytes;
+ op_bytes = ((op_bytes == 4) && mode_64bit()) ? 8 : op_bytes;
if ( (rc = read_ulong(x86_seg_ss, sp_post_inc(op_bytes + offset),
&dst.val, op_bytes, ctxt, ops)) != 0 )
goto done;
@@ -2305,6 +2308,7 @@ x86_emulate(
unsigned long sel;
dst.val = x86_seg_es;
les: /* dst.val identifies the segment */
+ generate_exception_if(mode_64bit() && !twobyte, EXC_UD, -1);
generate_exception_if(src.type != OP_MEM, EXC_UD, -1);
if ( (rc = read_ulong(src.mem.seg, src.mem.off + src.bytes,
&sel, 2, ctxt, ops)) != 0 )
@@ -2379,7 +2383,6 @@ x86_emulate(
case 0xca: /* ret imm16 (far) */
case 0xcb: /* ret (far) */ {
int offset = (b == 0xca) ? insn_fetch_type(uint16_t) : 0;
- op_bytes = mode_64bit() ? 8 : op_bytes;
if ( (rc = read_ulong(x86_seg_ss, sp_post_inc(op_bytes),
&dst.val, op_bytes, ctxt, ops)) ||
(rc = read_ulong(x86_seg_ss, sp_post_inc(op_bytes + offset),
@@ -3032,17 +3035,17 @@ x86_emulate(
}
case 0xe8: /* call (near) */ {
- int rel = (((op_bytes == 2) && !mode_64bit())
+ int rel = ((op_bytes == 2)
? (int32_t)insn_fetch_type(int16_t)
: insn_fetch_type(int32_t));
- op_bytes = mode_64bit() ? 8 : op_bytes;
+ op_bytes = ((op_bytes == 4) && mode_64bit()) ? 8 : op_bytes;
src.val = _regs.eip;
jmp_rel(rel);
goto push;
}
case 0xe9: /* jmp (near) */ {
- int rel = (((op_bytes == 2) && !mode_64bit())
+ int rel = ((op_bytes == 2)
? (int32_t)insn_fetch_type(int16_t)
: insn_fetch_type(int32_t));
jmp_rel(rel);
@@ -3330,7 +3333,7 @@ x86_emulate(
break;
case 2: /* call (near) */
case 4: /* jmp (near) */
- if ( (dst.bytes != 8) && mode_64bit() )
+ if ( (dst.bytes == 4) && mode_64bit() )
{
dst.bytes = op_bytes = 8;
if ( dst.type == OP_REG )
@@ -3683,7 +3686,7 @@ x86_emulate(
}
case 0x80 ... 0x8f: /* jcc (near) */ {
- int rel = (((op_bytes == 2) && !mode_64bit())
+ int rel = ((op_bytes == 2)
? (int32_t)insn_fetch_type(int16_t)
: insn_fetch_type(int32_t));
if ( test_cc(b, _regs.eflags) )

26
20101-hvm-no-compat-virt-start.patch
View File

@ -1,26 +0,0 @@
# HG changeset patch
# User Keir Fraser <keir.fraser@citrix.com>
# Date 1250789251 -3600
# Node ID 100699877583818a54bc16360dfd5cf80daa5dc7
# Parent 280fff79f7371981bb0bbda34205414fff14737e
x86_64 hvm: Adjust COMPAT_VIRT_START for 32-bit HVM guests.
The PV limit should not apply as there is no M2P table mapped into an
HVM guest's virtual address space.
Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
Index: xen-3.4.1-testing/xen/arch/x86/domain.c
===================================================================
--- xen-3.4.1-testing.orig/xen/arch/x86/domain.c
+++ xen-3.4.1-testing/xen/arch/x86/domain.c
@@ -428,7 +428,8 @@ int arch_domain_create(struct domain *d,
#endif /* __x86_64__ */
#ifdef CONFIG_COMPAT
- HYPERVISOR_COMPAT_VIRT_START(d) = __HYPERVISOR_COMPAT_VIRT_START;
+ HYPERVISOR_COMPAT_VIRT_START(d) =
+ is_hvm_domain(d) ? ~0u : __HYPERVISOR_COMPAT_VIRT_START;
#endif
if ( (rc = paging_domain_init(d)) != 0 )

47
20112-x86-dom0-boot-run-timers.patch
View File

@ -1,47 +0,0 @@
References: bnc#491081
# HG changeset patch
# User Keir Fraser <keir.fraser@citrix.com>
# Date 1251097328 -3600
# Node ID 7e194320394244bc5028881b498d2e01574086cd
# Parent 9189afa1f1e6939fcda5525e225843cfd2325c42
x86: run timers when populating Dom0's P2M table
When booting Dom0 with huge amounts of memory, and/or memory accesses
being sufficiently slow (due to NUMA effects), and the ACPI PM timer
or a high frequency HPET being used, the time it takes to populate the
M2P table may significantly exceed the overflow time of the platform
timer, screwing up time management to the point where Dom0 boot fails.
Signed-off-by: Jan Beulich <jbeulich@novell.com>
Index: xen-3.4.1-testing/xen/arch/x86/domain_build.c
===================================================================
--- xen-3.4.1-testing.orig/xen/arch/x86/domain_build.c
+++ xen-3.4.1-testing/xen/arch/x86/domain_build.c
@@ -877,6 +877,8 @@ int __init construct_dom0(
else
((unsigned int *)vphysmap_start)[pfn] = mfn;
set_gpfn_from_mfn(mfn, pfn);
+ if (!(pfn & 0xfffff))
+ process_pending_timers();
}
si->first_p2m_pfn = pfn;
si->nr_p2m_frames = d->tot_pages - count;
@@ -895,6 +897,8 @@ int __init construct_dom0(
#ifndef NDEBUG
++alloc_epfn;
#endif
+ if (!(pfn & 0xfffff))
+ process_pending_timers();
}
}
BUG_ON(pfn != d->tot_pages);
@@ -915,6 +919,8 @@ int __init construct_dom0(
set_gpfn_from_mfn(mfn, pfn);
#undef pfn
page++; pfn++;
+ if (!(pfn & 0xfffff))
+ process_pending_timers();
}
}

15
xen.changes
View File

@ -1,18 +1,3 @@
-------------------------------------------------------------------
Mon Aug 24 10:31:36 MDT 2009 - carnold@novell.com
- bnc#491081 - Xen time goes backwards x3950M2
Patch for this bug plus additional upstream patches from Jan.
19614-x86-emul-lldt-ltr.patch
20026-ept-rwx-default.patch
20031-x86-pmode-load-seg-retry.patch
20035-x86-load-sreg-adjust.patch
20059-vmx-nmi-handling.patch
20077-x86-runstate-cswitch-out.patch
20078-x86_64-branch-emulation.patch
20101-hvm-no-compat-virt-start.patch
20112-x86-dom0-boot-run-timers.patch
-------------------------------------------------------------------
Fri Aug 14 13:00:48 MDT 2009 - carnold@novell.com

25
xen.spec
View File

@ -1,5 +1,5 @@
#
# spec file for package xen (Version 3.4.1_19718_02)
# spec file for package xen (Version 3.4.1_19718_01)
#
# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
@ -37,7 +37,7 @@ BuildRequires: glibc-32bit glibc-devel-32bit
%if %{?with_kmp}0
BuildRequires: kernel-source kernel-syms module-init-tools xorg-x11
%endif
Version: 3.4.1_19718_02
Version: 3.4.1_19718_01
Release: 2
License: GPL v2 only
Group: System/Kernel
@ -70,16 +70,7 @@ Source24: xenapiusers
# sysconfig hook script for Xen
Source25: xen-updown.sh
# Upstream patches
Patch0: 19614-x86-emul-lldt-ltr.patch
Patch1: 20013-xend-memleak.patch
Patch2: 20031-x86-pmode-load-seg-retry.patch
Patch3: 20035-x86-load-sreg-adjust.patch
Patch4: 20059-vmx-nmi-handling.patch
Patch5: 20077-x86-runstate-cswitch-out.patch
Patch6: 20078-x86_64-branch-emulation.patch
Patch7: 20101-hvm-no-compat-virt-start.patch
Patch8: 20112-x86-dom0-boot-run-timers.patch
Patch0: 20013-xend-memleak.patch
# Our patches
Patch100: xen-config.diff
Patch101: xend-config.diff
@ -177,7 +168,7 @@ Patch450: disable_emulated_device.diff
Patch500: hv_tools.patch
Patch501: hv_xen_base.patch
Patch502: hv_xen_extension.patch
Patch503: hv_win7_eoi_bug.patch
Patch503: hv_win7_eoi_bug.patch
Patch999: tmp_build.patch
Url: http://www.cl.cam.ac.uk/Research/SRG/netos/xen/
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@ -512,14 +503,6 @@ Authors:
%prep
%setup -q -n %xen_build_dir
%patch0 -p1
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
%patch8 -p1
%patch100 -p1
%patch101 -p1
%patch102 -p1