rpm/xen
SHA256
1
0
Fork 0
forked from pool/xen
Code Pull Requests Activity

- bnc#745880 - cpuid setting is not preserved across xend restarts

Browse Source 
xend-cpuid.patch

- Rename 2XXXX-vif-bridge.patch -> vif-bridge-tap-fix.patch

- bnc#747331 - XEN: standard "newburn" kernel QA stress test on guest
  (+ smartd on Dom0?) freezes the guest
  24883-x86-guest-walk-not-present.patch
- bnc#745367 - MCE bank handling during migration
  24781-x86-vmce-mcg_ctl.patch
  24886-x86-vmce-mcg_ctl-default.patch
  24887-x86-vmce-sr.patch
- bnc#744771 - L3: VM with passed through PCI card fails to reboot
  under dom0 load
  24888-pci-release-devices.patch
- Upstream patches from Jan
  24517-VT-d-fault-softirq.patch
  24527-AMD-Vi-fault-softirq.patch
  24535-x86-vMSI-misc.patch
  24615-VESA-lfb-flush.patch
  24690-x86-PCI-SERR-no-deadlock.patch
  24701-gnttab-map-grant-ref-recovery.patch
  24742-gnttab-misc.patch
  24780-x86-paging-use-clear_guest.patch
  24805-x86-MSI-X-dom0-ro.patch
  ioemu-9869-MSI-X-init.patch
  ioemu-9873-MSI-X-fix-unregister_iomem.patch

- bnc#745005 - Update vif configuration examples in xmexample*
  Updated xen-xmexample.diff

OBS-URL: https://build.opensuse.org/package/show/Virtualization/xen?expand=0&rev=172
This commit is contained in:
Charles Arnold 2012-03-05 20:59:08 +00:00 committed by Git OBS Bridge
parent c7e936769c
commit 7f6bd728fd
26 changed files with 2525 additions and 191 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

89
24517-VT-d-fault-softirq.patch Normal file
View File

@ -0,0 +1,89 @@
References: bnc#712051, CVE-2011-3131
# HG changeset patch
# User Dario Faggioli <dario.faggioli@citrix.com>
# Date 1326798686 0
# Node ID a7ae457c327cd790704643e0ed4def3e717b47b3
# Parent 2913ccc6d70f15ffcc15c7e066c9269b15a30a09
Move IOMMU faults handling into softirq for VT-d.
Dealing with interrupts from VT-d IOMMU(s) is deferred to a
softirq-tasklet, raised by the actual IRQ handler. Since a new
interrupt is not generated, even if further faults occur, until we
cleared all the pending ones, there's no need of disabling IRQs, as
the hardware does it by its own. Notice that this may cause the log
to overflow, but none of the existing entry will be overwritten.
Signed-off-by: Dario Faggioli <dario.faggioli@citrix.com>
Committed-by: Keir Fraser <keir@xen.org>
--- a/xen/drivers/passthrough/vtd/iommu.c
+++ b/xen/drivers/passthrough/vtd/iommu.c
@@ -53,6 +53,8 @@ bool_t __read_mostly untrusted_msi;
int nr_iommus;
+static struct tasklet vtd_fault_tasklet;
+
static void setup_dom0_devices(struct domain *d);
static void setup_dom0_rmrr(struct domain *d);
@@ -866,10 +868,8 @@ static void iommu_fault_status(u32 fault
}
#define PRIMARY_FAULT_REG_LEN (16)
-static void iommu_page_fault(int irq, void *dev_id,
- struct cpu_user_regs *regs)
+static void __do_iommu_page_fault(struct iommu *iommu)
{
- struct iommu *iommu = dev_id;
int reg, fault_index;
u32 fault_status;
unsigned long flags;
@@ -943,6 +943,37 @@ clear_overflow:
}
}
+static void do_iommu_page_fault(unsigned long data)
+{
+ struct acpi_drhd_unit *drhd;
+
+ if ( list_empty(&acpi_drhd_units) )
+ {
+ INTEL_IOMMU_DEBUG("no device found, something must be very wrong!\n");
+ return;
+ }
+
+ /*
+ * No matter from whom the interrupt came from, check all the
+ * IOMMUs present in the system. This allows for having just one
+ * tasklet (instead of one per each IOMMUs) and should be more than
+ * fine, considering how rare the event of a fault should be.
+ */
+ for_each_drhd_unit ( drhd )
+ __do_iommu_page_fault(drhd->iommu);
+}
+
+static void iommu_page_fault(int irq, void *dev_id,
+ struct cpu_user_regs *regs)
+{
+ /*
+ * Just flag the tasklet as runnable. This is fine, according to VT-d
+ * specs since a new interrupt won't be generated until we clear all
+ * the faults that caused this one to happen.
+ */
+ tasklet_schedule(&vtd_fault_tasklet);
+}
+
static void dma_msi_unmask(unsigned int irq)
{
struct iommu *iommu = irq_to_iommu[irq];
@@ -2083,6 +2114,8 @@ int __init intel_vtd_setup(void)
iommu_hap_pt_share = FALSE;
}
+ softirq_tasklet_init(&vtd_fault_tasklet, do_iommu_page_fault, 0);
+
if ( !iommu_qinval && iommu_intremap )
{
iommu_intremap = 0;

124
24527-AMD-Vi-fault-softirq.patch Normal file
View File

@ -0,0 +1,124 @@
References: bnc#712051, CVE-2011-3131
# HG changeset patch
# User Dario Faggioli <dario.faggioli@citrix.com>
# Date 1327054832 0
# Node ID 028230eb2359f33da48b3b7f85173a1b49b9c7d6
# Parent d600a3d7faeeee3cf947bf1658b873e966fc0f16
iommu: Move IOMMU faults handling into softirq for AMD-Vi.
Dealing with interrupts from AMD-Vi IOMMU(s) is deferred to a
softirq-tasklet, raised by the actual IRQ handler. To avoid more
interrupts being generated (because of further faults), they must be
masked in the IOMMU within the low level IRQ handler and enabled back
in the tasklet body. Notice that this may cause the log to overflow,
but none of the existing entry will be overwritten.
Signed-off-by: Dario Faggioli <dario.faggioli@citrix.com>
Committed-by: Keir Fraser <keir@xen.org>
--- a/xen/drivers/passthrough/amd/iommu_init.c
+++ b/xen/drivers/passthrough/amd/iommu_init.c
@@ -33,6 +33,8 @@ static int nr_amd_iommus;
static long amd_iommu_cmd_buffer_entries = IOMMU_CMD_BUFFER_DEFAULT_ENTRIES;
static long amd_iommu_event_log_entries = IOMMU_EVENT_LOG_DEFAULT_ENTRIES;
+static struct tasklet amd_iommu_irq_tasklet;
+
unsigned short ivrs_bdf_entries;
struct ivrs_mappings *ivrs_mappings;
struct list_head amd_iommu_head;
@@ -517,34 +519,70 @@ static void parse_event_log_entry(u32 en
}
}
+static void do_amd_iommu_irq(unsigned long data)
+{
+ struct amd_iommu *iommu;
+
+ if ( !iommu_found() )
+ {
+ AMD_IOMMU_DEBUG("no device found, something must be very wrong!\n");
+ return;
+ }
+
+ /*
+ * No matter from where the interrupt came from, check all the
+ * IOMMUs present in the system. This allows for having just one
+ * tasklet (instead of one per each IOMMUs).
+ */
+ for_each_amd_iommu ( iommu )
+ {
+ u32 entry;
+ unsigned long flags;
+ int of;
+
+ spin_lock_irqsave(&iommu->lock, flags);
+ amd_iommu_read_event_log(iommu);
+
+ /* check event overflow */
+ entry = readl(iommu->mmio_base + IOMMU_STATUS_MMIO_OFFSET);
+ of = get_field_from_reg_u32(entry,
+ IOMMU_STATUS_EVENT_OVERFLOW_MASK,
+ IOMMU_STATUS_EVENT_OVERFLOW_SHIFT);
+
+ /* reset event log if event overflow */
+ if ( of )
+ amd_iommu_reset_event_log(iommu);
+
+ /* reset interrupt status bit */
+ entry = readl(iommu->mmio_base + IOMMU_STATUS_MMIO_OFFSET);
+ set_field_in_reg_u32(IOMMU_CONTROL_ENABLED, entry,
+ IOMMU_STATUS_EVENT_LOG_INT_MASK,
+ IOMMU_STATUS_EVENT_LOG_INT_SHIFT, &entry);
+ writel(entry, iommu->mmio_base+IOMMU_STATUS_MMIO_OFFSET);
+ spin_unlock_irqrestore(&iommu->lock, flags);
+ }
+}
+
static void amd_iommu_page_fault(int irq, void *dev_id,
struct cpu_user_regs *regs)
{
u32 entry;
unsigned long flags;
- int of;
struct amd_iommu *iommu = dev_id;
spin_lock_irqsave(&iommu->lock, flags);
- amd_iommu_read_event_log(iommu);
- /*check event overflow */
+ /* Silence interrupts from both event logging */
entry = readl(iommu->mmio_base + IOMMU_STATUS_MMIO_OFFSET);
- of = get_field_from_reg_u32(entry,
- IOMMU_STATUS_EVENT_OVERFLOW_MASK,
- IOMMU_STATUS_EVENT_OVERFLOW_SHIFT);
-
- /* reset event log if event overflow */
- if ( of )
- amd_iommu_reset_event_log(iommu);
-
- /* reset interrupt status bit */
- entry = readl(iommu->mmio_base + IOMMU_STATUS_MMIO_OFFSET);
- set_field_in_reg_u32(IOMMU_CONTROL_ENABLED, entry,
+ set_field_in_reg_u32(IOMMU_CONTROL_DISABLED, entry,
IOMMU_STATUS_EVENT_LOG_INT_MASK,
IOMMU_STATUS_EVENT_LOG_INT_SHIFT, &entry);
writel(entry, iommu->mmio_base+IOMMU_STATUS_MMIO_OFFSET);
+
spin_unlock_irqrestore(&iommu->lock, flags);
+
+ /* It is the tasklet that will clear the logs and re-enable interrupts */
+ tasklet_schedule(&amd_iommu_irq_tasklet);
}
static int set_iommu_interrupt_handler(struct amd_iommu *iommu)
@@ -689,6 +727,8 @@ static int __init amd_iommu_init_one(str
printk("AMD-Vi: IOMMU %d Enabled.\n", nr_amd_iommus );
nr_amd_iommus++;
+ softirq_tasklet_init(&amd_iommu_irq_tasklet, do_amd_iommu_irq, 0);
+
return 0;
error_out:

208
24535-x86-vMSI-misc.patch Normal file
View File

@ -0,0 +1,208 @@
# HG changeset patch
# User Jan Beulich <jbeulich@suse.com>
# Date 1327311317 0
# Node ID fb81b807c1540eb5797b3daa4bddff99363b20ef
# Parent eca719b621a1201528bfec25fb1786ec21c0c9d3
x86/vMSI: miscellaneous fixes
This addresses a number of problems in msixtbl_{read,write}():
- address alignment was not checked, allowing for memory corruption in
the hypervisor (write case) or returning of hypervisor private data
to the guest (read case)
- the interrupt mask bit was permitted to be written by the guest
(while Xen's interrupt flow control routines need to control it)
- MAX_MSIX_TABLE_{ENTRIES,PAGES} were pointlessly defined to plain
numbers (making it unobvious why they have these values, and making
the latter non-portable)
- MAX_MSIX_TABLE_PAGES was also off by one (failing to account for a
non-zero table offset); this was also affecting host MSI-X code
- struct msixtbl_entry's table_flags[] was one element larger than
necessary due to improper open-coding of BITS_TO_LONGS()
- msixtbl_read() unconditionally accessed the physical table, even
though the data was only needed in a quarter of all cases
- various calculations were done unnecessarily for both of the rather
distinct code paths in msixtbl_read()
Additionally it is unclear on what basis MAX_MSIX_ACC_ENTRIES was
chosen to be 3.
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Committed-by: Keir Fraser <keir@xen.org>
--- a/xen/arch/x86/hvm/vmsi.c
+++ b/xen/arch/x86/hvm/vmsi.c
@@ -158,7 +158,7 @@ struct msixtbl_entry
struct pci_dev *pdev;
unsigned long gtable; /* gpa of msix table */
unsigned long table_len;
- unsigned long table_flags[MAX_MSIX_TABLE_ENTRIES / BITS_PER_LONG + 1];
+ unsigned long table_flags[BITS_TO_LONGS(MAX_MSIX_TABLE_ENTRIES)];
#define MAX_MSIX_ACC_ENTRIES 3
struct {
uint32_t msi_ad[3]; /* Shadow of address low, high and data */
@@ -185,17 +185,14 @@ static struct msixtbl_entry *msixtbl_fin
static void __iomem *msixtbl_addr_to_virt(
struct msixtbl_entry *entry, unsigned long addr)
{
- int idx, nr_page;
+ unsigned int idx, nr_page;
- if ( !entry )
+ if ( !entry || !entry->pdev )
return NULL;
nr_page = (addr >> PAGE_SHIFT) -
(entry->gtable >> PAGE_SHIFT);
- if ( !entry->pdev )
- return NULL;
-
idx = entry->pdev->msix_table_idx[nr_page];
if ( !idx )
return NULL;
@@ -208,37 +205,34 @@ static int msixtbl_read(
struct vcpu *v, unsigned long address,
unsigned long len, unsigned long *pval)
{
- unsigned long offset, val;
+ unsigned long offset;
struct msixtbl_entry *entry;
void *virt;
- int nr_entry, index;
+ unsigned int nr_entry, index;
int r = X86EMUL_UNHANDLEABLE;
- rcu_read_lock(&msixtbl_rcu_lock);
+ if ( len != 4 || (address & 3) )
+ return r;
- if ( len != 4 )
- goto out;
+ rcu_read_lock(&msixtbl_rcu_lock);
entry = msixtbl_find_entry(v, address);
- virt = msixtbl_addr_to_virt(entry, address);
- if ( !virt )
- goto out;
-
- nr_entry = (address - entry->gtable) / PCI_MSIX_ENTRY_SIZE;
offset = address & (PCI_MSIX_ENTRY_SIZE - 1);
- if ( nr_entry >= MAX_MSIX_ACC_ENTRIES &&
- offset != PCI_MSIX_ENTRY_VECTOR_CTRL_OFFSET )
- goto out;
- val = readl(virt);
if ( offset != PCI_MSIX_ENTRY_VECTOR_CTRL_OFFSET )
{
+ nr_entry = (address - entry->gtable) / PCI_MSIX_ENTRY_SIZE;
+ if ( nr_entry >= MAX_MSIX_ACC_ENTRIES )
+ goto out;
index = offset / sizeof(uint32_t);
*pval = entry->gentries[nr_entry].msi_ad[index];
}
else
{
- *pval = val;
+ virt = msixtbl_addr_to_virt(entry, address);
+ if ( !virt )
+ goto out;
+ *pval = readl(virt);
}
r = X86EMUL_OKAY;
@@ -253,13 +247,13 @@ static int msixtbl_write(struct vcpu *v,
unsigned long offset;
struct msixtbl_entry *entry;
void *virt;
- int nr_entry, index;
+ unsigned int nr_entry, index;
int r = X86EMUL_UNHANDLEABLE;
- rcu_read_lock(&msixtbl_rcu_lock);
+ if ( len != 4 || (address & 3) )
+ return r;
- if ( len != 4 )
- goto out;
+ rcu_read_lock(&msixtbl_rcu_lock);
entry = msixtbl_find_entry(v, address);
nr_entry = (address - entry->gtable) / PCI_MSIX_ENTRY_SIZE;
@@ -284,9 +278,22 @@ static int msixtbl_write(struct vcpu *v,
if ( !virt )
goto out;
+ /* Do not allow the mask bit to be changed. */
+#if 0 /* XXX
+ * As the mask bit is the only defined bit in the word, and as the
+ * host MSI-X code doesn't preserve the other bits anyway, doing
+ * this is pointless. So for now just discard the write (also
+ * saving us from having to determine the matching irq_desc).
+ */
+ spin_lock_irqsave(&desc->lock, flags);
+ orig = readl(virt);
+ val &= ~PCI_MSIX_VECTOR_BITMASK;
+ val |= orig & PCI_MSIX_VECTOR_BITMASK;
writel(val, virt);
- r = X86EMUL_OKAY;
+ spin_unlock_irqrestore(&desc->lock, flags);
+#endif
+ r = X86EMUL_OKAY;
out:
rcu_read_unlock(&msixtbl_rcu_lock);
return r;
--- a/xen/include/asm-x86/msi.h
+++ b/xen/include/asm-x86/msi.h
@@ -119,12 +119,6 @@ int msi_free_irq(struct msi_desc *entry)
extern const struct hw_interrupt_type pci_msi_type;
-#define PCI_MSIX_ENTRY_SIZE 16
-#define PCI_MSIX_ENTRY_LOWER_ADDR_OFFSET 0
-#define PCI_MSIX_ENTRY_UPPER_ADDR_OFFSET 4
-#define PCI_MSIX_ENTRY_DATA_OFFSET 8
-#define PCI_MSIX_ENTRY_VECTOR_CTRL_OFFSET 12
-
#define msi_control_reg(base) (base + PCI_MSI_FLAGS)
#define msi_lower_address_reg(base) (base + PCI_MSI_ADDRESS_LO)
#define msi_upper_address_reg(base) (base + PCI_MSI_ADDRESS_HI)
--- a/xen/include/xen/pci.h
+++ b/xen/include/xen/pci.h
@@ -12,6 +12,8 @@
#include <xen/list.h>
#include <xen/spinlock.h>
#include <xen/irq.h>
+#include <xen/pci_regs.h>
+#include <xen/pfn.h>
/*
* The PCI interface treats multi-function devices as independent
@@ -30,8 +32,10 @@
#define PCI_BDF(b,d,f) ((((b) & 0xff) << 8) | PCI_DEVFN(d,f))
#define PCI_BDF2(b,df) ((((b) & 0xff) << 8) | ((df) & 0xff))
-#define MAX_MSIX_TABLE_ENTRIES 2048
-#define MAX_MSIX_TABLE_PAGES 8
+#define MAX_MSIX_TABLE_ENTRIES (PCI_MSIX_FLAGS_QSIZE + 1)
+#define MAX_MSIX_TABLE_PAGES PFN_UP(MAX_MSIX_TABLE_ENTRIES * \
+ PCI_MSIX_ENTRY_SIZE + \
+ (~PCI_MSIX_BIRMASK & (PAGE_SIZE - 1)))
struct pci_dev_info {
unsigned is_extfn;
unsigned is_virtfn;
--- a/xen/include/xen/pci_regs.h
+++ b/xen/include/xen/pci_regs.h
@@ -305,6 +305,12 @@
#define PCI_MSIX_PBA 8
#define PCI_MSIX_BIRMASK (7 << 0)
+#define PCI_MSIX_ENTRY_SIZE 16
+#define PCI_MSIX_ENTRY_LOWER_ADDR_OFFSET 0
+#define PCI_MSIX_ENTRY_UPPER_ADDR_OFFSET 4
+#define PCI_MSIX_ENTRY_DATA_OFFSET 8
+#define PCI_MSIX_ENTRY_VECTOR_CTRL_OFFSET 12
+
#define PCI_MSIX_VECTOR_BITMASK (1 << 0)
/* CompactPCI Hotswap Register */

75
24615-VESA-lfb-flush.patch Normal file
View File

@ -0,0 +1,75 @@
# HG changeset patch
# User Andrew Cooper <andrew.cooper3@citrix.com>
# Date 1327758145 0
# Node ID ac9f32525376922fdf5b9efac7a1fe0ff866cc76
# Parent f8c2cf24a26cc6cdaaad9140e4b1dfc54f07bab3
vesa: flush lfb after zeroing
If Xen is going to relinquish the VGA console, flush the linear frame
buffer after zeroing it in vesa_endboot().
Failing to do so in some circumstances leads to the actual linear
framebuffer on the graphics card still containing the output of the
Xen boot console can lead to ugly graphics output when dom0 is setting
up the graphics card for its own use.
While the patch is quite large, it is mostly just code motion to
prevent having to forward declare lfb_flush(). The only functional
change to vesa_endboot() is to insert a call to lbf_flush().
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Committed-by: Keir Fraser <keir@xen.org>
--- a/xen/drivers/video/vesa.c
+++ b/xen/drivers/video/vesa.c
@@ -153,24 +153,6 @@ void __init vesa_init(void)
xfree(line_len);
}
-void __init vesa_endboot(bool_t keep)
-{
- if ( keep )
- {
- xpos = 0;
- vga_puts = vesa_scroll_puts;
- }
- else
- {
- unsigned int i, bpp = (vlfb_info.bits_per_pixel + 7) >> 3;
- for ( i = 0; i < vlfb_info.height; i++ )
- memset(lfb + i * vlfb_info.bytes_per_line, 0,
- vlfb_info.width * bpp);
- }
-
- xfree(line_len);
-}
-
#if defined(CONFIG_X86)
#include <asm/mtrr.h>
@@ -217,6 +199,25 @@ static void lfb_flush(void)
#endif
+void __init vesa_endboot(bool_t keep)
+{
+ if ( keep )
+ {
+ xpos = 0;
+ vga_puts = vesa_scroll_puts;
+ }
+ else
+ {
+ unsigned int i, bpp = (vlfb_info.bits_per_pixel + 7) >> 3;
+ for ( i = 0; i < vlfb_info.height; i++ )
+ memset(lfb + i * vlfb_info.bytes_per_line, 0,
+ vlfb_info.width * bpp);
+ lfb_flush();
+ }
+
+ xfree(line_len);
+}
+
/* Render one line of text to given linear framebuffer line. */
static void vesa_show_line(
const unsigned char *text_line,

67
24690-x86-PCI-SERR-no-deadlock.patch Normal file
View File

@ -0,0 +1,67 @@
# HG changeset patch
# User David Vrabel <david.vrabel@citrix.com>
# Date 1328196538 0
# Node ID dcc6d57e4c07728693c685a2cfa7f094ef726267
# Parent 7091b2e4cc2cff07ad1bf24ba7b9506bae071fa8
x86: avoid deadlock after a PCI SERR NMI
If a PCI System Error (SERR) is asserted it causes an NMI. If this NMI
occurs while the CPU is in printk() then Xen may deadlock as
pci_serr_error() calls console_force_unlock() which screws up the
console lock.
printk() isn't safe to call from NMI context so defer the diagnostic
message to a softirq.
Signed-off-by: David Vrabel <david.vrabel@citrix.com>
Tested-by: George Dunlap <george.dunlap@eu.citrix.com>
Committed-by: Keir Fraser <keir@xen.org>
--- a/xen/arch/x86/traps.c
+++ b/xen/arch/x86/traps.c
@@ -3137,6 +3137,11 @@ static void nmi_mce_softirq(void)
st->vcpu = NULL;
}
+static void pci_serr_softirq(void)
+{
+ printk("\n\nNMI - PCI system error (SERR)\n");
+}
+
void async_exception_cleanup(struct vcpu *curr)
{
int trap;
@@ -3223,10 +3228,11 @@ static void nmi_dom0_report(unsigned int
static void pci_serr_error(struct cpu_user_regs *regs)
{
- console_force_unlock();
- printk("\n\nNMI - PCI system error (SERR)\n");
-
outb((inb(0x61) & 0x0f) | 0x04, 0x61); /* clear-and-disable the PCI SERR error line. */
+
+ /* Would like to print a diagnostic here but can't call printk()
+ from NMI context -- raise a softirq instead. */
+ raise_softirq(PCI_SERR_SOFTIRQ);
}
static void io_check_error(struct cpu_user_regs *regs)
@@ -3529,6 +3535,7 @@ void __init trap_init(void)
cpu_init();
open_softirq(NMI_MCE_SOFTIRQ, nmi_mce_softirq);
+ open_softirq(PCI_SERR_SOFTIRQ, pci_serr_softirq);
}
long register_guest_nmi_callback(unsigned long address)
--- a/xen/include/asm-x86/softirq.h
+++ b/xen/include/asm-x86/softirq.h
@@ -6,6 +6,7 @@
#define VCPU_KICK_SOFTIRQ (NR_COMMON_SOFTIRQS + 2)
#define MACHINE_CHECK_SOFTIRQ (NR_COMMON_SOFTIRQS + 3)
-#define NR_ARCH_SOFTIRQS 4
+#define PCI_SERR_SOFTIRQ (NR_COMMON_SOFTIRQS + 4)
+#define NR_ARCH_SOFTIRQS 5
#endif /* __ASM_SOFTIRQ_H__ */

37
24701-gnttab-map-grant-ref-recovery.patch Normal file
View File

@ -0,0 +1,37 @@
# HG changeset patch
# User Haoyu Zhang <haoyu.zhang@huawei.com>
# Date 1328563421 28800
# Node ID 3574f4d67843733ccaabab5f8ebb859c99d7314a
# Parent 5bd5830dea13f2a80a1b9728d3e61c34661fe764
Fix error recovery path in __gnttab_map_grant_ref
In file grant_table.c function __gnttab_map_grant_ref, if
__get_paged_frame failed, the effect of _set_status previously
called should be rollback, so the flag GTF_reading and _GTF_writing
will be recovered.
Signed-off-by: Haoyu Zhang <haoyu.zhang@huawei.com>
Signed-off-by: Liang Wang <hzwangliang.wang@huawei.com>
Acked-by: Andres Lagar-Cavilla <andres@lagarcavilla.org>
Committed-by: Keir Fraser <keir@xen.org>
--- a/xen/common/grant_table.c
+++ b/xen/common/grant_table.c
@@ -566,7 +566,7 @@ __gnttab_map_grant_ref(
gfn = sha1 ? sha1->frame : sha2->full_page.frame;
rc = __get_paged_frame(gfn, &frame, !!(op->flags & GNTMAP_readonly), rd);
if ( rc != GNTST_okay )
- goto unlock_out;
+ goto unlock_out_clear;
act->gfn = gfn;
act->domid = ld->domain_id;
act->frame = frame;
@@ -722,6 +722,7 @@ __gnttab_map_grant_ref(
act->pin -= (op->flags & GNTMAP_readonly) ?
GNTPIN_hstr_inc : GNTPIN_hstw_inc;
+ unlock_out_clear:
if ( !(op->flags & GNTMAP_readonly) &&
!(act->pin & (GNTPIN_hstw_mask|GNTPIN_devw_mask)) )
gnttab_clear_flag(_GTF_writing, status);

97
24742-gnttab-misc.patch Normal file
View File

@ -0,0 +1,97 @@
# HG changeset patch
# User Jan Beulich <jbeulich@suse.com>
# Date 1328801956 -3600
# Node ID 9fc810bb814558bc5c8f9d086af7576516e07244
# Parent fb71a97fe339282965d584663236ce71a2400659
gnttab: miscellaneous fixes
- _GTF_* constants name bit positions, so binary arithmetic on them is
wrong
- gnttab_clear_flag() cannot (on x86 and ia64 at least) simply use
clear_bit(), as that may access more than the two bytes that are
intended to be accessed
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Keir Fraser <keir@xen.org>
--- a/xen/common/grant_table.c
+++ b/xen/common/grant_table.c
@@ -389,7 +389,8 @@ static int _set_status_v2(domid_t domid
(id != domid) ||
(!readonly && (flags & GTF_readonly)) )
{
- gnttab_clear_flag(_GTF_reading | _GTF_writing, status);
+ gnttab_clear_flag(_GTF_writing, status);
+ gnttab_clear_flag(_GTF_reading, status);
PIN_FAIL(done, GNTST_general_error,
"Unstable flags (%x) or dom (%d). (expected dom %d) "
"(r/w: %d)\n",
@@ -1704,14 +1705,14 @@ __release_grant_for_copy(
under the domain's grant table lock. */
/* Only safe on transitive grants. Even then, note that we don't
attempt to drop any pin on the referent grant. */
-static void __fixup_status_for_pin(struct active_grant_entry *act,
+static void __fixup_status_for_pin(const struct active_grant_entry *act,
uint16_t *status)
{
if ( !(act->pin & GNTPIN_hstw_mask) )
- *status &= ~_GTF_writing;
+ *status &= ~GTF_writing;
if ( !(act->pin & GNTPIN_hstr_mask) )
- *status &= ~_GTF_reading;
+ *status &= ~GTF_reading;
}
/* Grab a frame number from a grant entry and update the flags and pin
--- a/xen/include/asm-ia64/grant_table.h
+++ b/xen/include/asm-ia64/grant_table.h
@@ -5,6 +5,8 @@
#ifndef __ASM_GRANT_TABLE_H__
#define __ASM_GRANT_TABLE_H__
+#include <asm/intrinsics.h>
+
#define INITIAL_NR_GRANT_FRAMES 1
// for grant map/unmap
@@ -82,9 +84,19 @@ int guest_physmap_add_page(struct domain
#define gnttab_mark_dirty(d, f) ((void)f)
-static inline void gnttab_clear_flag(unsigned long nr, uint16_t *addr)
+static inline void gnttab_clear_flag(unsigned int nr, volatile uint16_t *st)
{
- clear_bit(nr, addr);
+ /*
+ * Note that this cannot be clear_bit(), as the access must be
+ * confined to the specified 2 bytes.
+ */
+ uint16_t mask = ~(1 << nr), old;
+ CMPXCHG_BUGCHECK_DECL
+
+ do {
+ CMPXCHG_BUGCHECK(st);
+ old = *st;
+ } while (cmpxchg_rel(st, old, old & mask) != old);
}
#define gnttab_host_mapping_get_page_type(op, ld, rd) \
--- a/xen/include/asm-x86/grant_table.h
+++ b/xen/include/asm-x86/grant_table.h
@@ -48,9 +48,13 @@ int replace_grant_host_mapping(
#define gnttab_mark_dirty(d, f) paging_mark_dirty((d), (f))
-static inline void gnttab_clear_flag(unsigned long nr, uint16_t *addr)
+static inline void gnttab_clear_flag(unsigned int nr, uint16_t *st)
{
- clear_bit(nr, (unsigned long *)addr);
+ /*
+ * Note that this cannot be clear_bit(), as the access must be
+ * confined to the specified 2 bytes.
+ */
+ asm volatile ("lock btrw %1,%0" : "=m" (*st) : "Ir" (nr), "m" (*st));
}
/* Foreign mappings of HHVM-guest pages do not modify the type count. */

382
24780-x86-paging-use-clear_guest.patch Normal file
View File

@ -0,0 +1,382 @@
# HG changeset patch
# User Jan Beulich <jbeulich@suse.com>
# Date 1329134942 -3600
# Node ID e953d536d3c6e344cf310f63ead9feda87cc67b0
# Parent 9ad1e42c341bc78463b6f6610a6300f75b535fbb
x86/paging: use clear_guest() for zero-filling guest buffers
While static arrays of all zeros may be tolerable (but are simply
inefficient now that we have the necessary infrastructure), using on-
stack arrays for this purpose (particularly when their size doesn't
have an upper limit enforced) is calling for eventual problems (even
if the code can be reached via administrative interfaces only).
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Tim Deegan <tim@xen.org>
(Include necessary prerequisite bits from 24543:d6cdbc4fe078
"Introduce clear_user and clear_guest".)
--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
@@ -2163,6 +2163,86 @@ static enum hvm_copy_result __hvm_copy(
return HVMCOPY_okay;
}
+static enum hvm_copy_result __hvm_clear(paddr_t addr, int size)
+{
+ struct vcpu *curr = current;
+ struct p2m_domain *p2m = p2m_get_hostp2m(curr->domain);
+ unsigned long gfn, mfn;
+ p2m_type_t p2mt;
+ char *p;
+ int count, todo = size;
+ uint32_t pfec = PFEC_page_present | PFEC_write_access;
+
+ /*
+ * XXX Disable for 4.1.0: PV-on-HVM drivers will do grant-table ops
+ * such as query_size. Grant-table code currently does copy_to/from_guest
+ * accesses under the big per-domain lock, which this test would disallow.
+ * The test is not needed until we implement sleeping-on-waitqueue when
+ * we access a paged-out frame, and that's post 4.1.0 now.
+ */
+#if 0
+ /*
+ * If the required guest memory is paged out, this function may sleep.
+ * Hence we bail immediately if called from atomic context.
+ */
+ if ( in_atomic() )
+ return HVMCOPY_unhandleable;
+#endif
+
+ while ( todo > 0 )
+ {
+ count = min_t(int, PAGE_SIZE - (addr & ~PAGE_MASK), todo);
+
+ gfn = paging_gva_to_gfn(curr, addr, &pfec);
+ if ( gfn == INVALID_GFN )
+ {
+ if ( pfec == PFEC_page_paged )
+ return HVMCOPY_gfn_paged_out;
+ if ( pfec == PFEC_page_shared )
+ return HVMCOPY_gfn_shared;
+ return HVMCOPY_bad_gva_to_gfn;
+ }
+
+ mfn = mfn_x(gfn_to_mfn_unshare(p2m, gfn, &p2mt, 0));
+
+ if ( p2m_is_paging(p2mt) )
+ {
+ p2m_mem_paging_populate(p2m, gfn);
+ return HVMCOPY_gfn_paged_out;
+ }
+ if ( p2m_is_shared(p2mt) )
+ return HVMCOPY_gfn_shared;
+ if ( p2m_is_grant(p2mt) )
+ return HVMCOPY_unhandleable;
+ if ( !p2m_is_ram(p2mt) )
+ return HVMCOPY_bad_gfn_to_mfn;
+ ASSERT(mfn_valid(mfn));
+
+ p = (char *)map_domain_page(mfn) + (addr & ~PAGE_MASK);
+
+ if ( p2mt == p2m_ram_ro )
+ {
+ static unsigned long lastpage;
+ if ( xchg(&lastpage, gfn) != gfn )
+ gdprintk(XENLOG_DEBUG, "guest attempted write to read-only"
+ " memory page. gfn=%#lx, mfn=%#lx\n",
+ gfn, mfn);
+ }
+ else
+ {
+ memset(p, 0x00, count);
+ paging_mark_dirty(curr->domain, mfn);
+ }
+
+ unmap_domain_page(p);
+
+ addr += count;
+ todo -= count;
+ }
+
+ return HVMCOPY_okay;
+}
+
enum hvm_copy_result hvm_copy_to_guest_phys(
paddr_t paddr, void *buf, int size)
{
@@ -2249,6 +2329,23 @@ unsigned long copy_to_user_hvm(void *to,
return rc ? len : 0; /* fake a copy_to_user() return code */
}
+unsigned long clear_user_hvm(void *to, unsigned int len)
+{
+ int rc;
+
+#ifdef __x86_64__
+ if ( !current->arch.hvm_vcpu.hcall_64bit &&
+ is_compat_arg_xlat_range(to, len) )
+ {
+ memset(to, 0x00, len);
+ return 0;
+ }
+#endif
+
+ rc = __hvm_clear((unsigned long)to, len);
+ return rc ? len : 0; /* fake a copy_to_user() return code */
+}
+
unsigned long copy_from_user_hvm(void *to, const void *from, unsigned len)
{
int rc;
--- a/xen/arch/x86/mm/paging.c
+++ b/xen/arch/x86/mm/paging.c
@@ -21,11 +21,11 @@
*/
#include <xen/init.h>
+#include <xen/guest_access.h>
#include <asm/paging.h>
#include <asm/shadow.h>
#include <asm/p2m.h>
#include <asm/hap.h>
-#include <asm/guest_access.h>
#include <xen/numa.h>
#include <xsm/xsm.h>
@@ -450,26 +450,30 @@ int paging_log_dirty_op(struct domain *d
(pages < sc->pages) && (i2 < LOGDIRTY_NODE_ENTRIES);
i2++ )
{
- static unsigned long zeroes[PAGE_SIZE/BYTES_PER_LONG];
unsigned int bytes = PAGE_SIZE;
l1 = ((l2 && mfn_valid(l2[i2])) ?
- map_domain_page(mfn_x(l2[i2])) : zeroes);
+ map_domain_page(mfn_x(l2[i2])) : NULL);
if ( unlikely(((sc->pages - pages + 7) >> 3) < bytes) )
bytes = (unsigned int)((sc->pages - pages + 7) >> 3);
if ( likely(peek) )
{
- if ( copy_to_guest_offset(sc->dirty_bitmap, pages >> 3,
- (uint8_t *)l1, bytes) != 0 )
+ if ( (l1 ? copy_to_guest_offset(sc->dirty_bitmap,
+ pages >> 3, (uint8_t *)l1,
+ bytes)
+ : clear_guest_offset(sc->dirty_bitmap,
+ pages >> 3, bytes)) != 0 )
{
rv = -EFAULT;
goto out;
}
}
- if ( clean && l1 != zeroes )
- clear_page(l1);
pages += bytes << 3;
- if ( l1 != zeroes )
+ if ( l1 )
+ {
+ if ( clean )
+ clear_page(l1);
unmap_domain_page(l1);
+ }
}
if ( l2 )
unmap_domain_page(l2);
@@ -529,12 +533,9 @@ int paging_log_dirty_range(struct domain
if ( !d->arch.paging.log_dirty.fault_count &&
!d->arch.paging.log_dirty.dirty_count ) {
- int size = (nr + BITS_PER_LONG - 1) / BITS_PER_LONG;
- unsigned long zeroes[size];
- memset(zeroes, 0x00, size * BYTES_PER_LONG);
- rv = 0;
- if ( copy_to_guest_offset(dirty_bitmap, 0, (uint8_t *) zeroes,
- size * BYTES_PER_LONG) != 0 )
+ unsigned int size = BITS_TO_LONGS(nr);
+
+ if ( clear_guest(dirty_bitmap, size * BYTES_PER_LONG) != 0 )
rv = -EFAULT;
goto out;
}
@@ -562,11 +563,10 @@ int paging_log_dirty_range(struct domain
(pages < nr) && (i2 < LOGDIRTY_NODE_ENTRIES);
i2++ )
{
- static unsigned long zeroes[PAGE_SIZE/BYTES_PER_LONG];
unsigned int bytes = PAGE_SIZE;
uint8_t *s;
l1 = ((l2 && mfn_valid(l2[i2])) ?
- map_domain_page(mfn_x(l2[i2])) : zeroes);
+ map_domain_page(mfn_x(l2[i2])) : NULL);
s = ((uint8_t*)l1) + (b1 >> 3);
bytes -= b1 >> 3;
@@ -574,9 +574,18 @@ int paging_log_dirty_range(struct domain
if ( likely(((nr - pages + 7) >> 3) < bytes) )
bytes = (unsigned int)((nr - pages + 7) >> 3);
+ if ( !l1 )
+ {
+ if ( clear_guest_offset(dirty_bitmap, pages >> 3,
+ bytes) != 0 )
+ {
+ rv = -EFAULT;
+ goto out;
+ }
+ }
/* begin_pfn is not 32K aligned, hence we have to bit
* shift the bitmap */
- if ( b1 & 0x7 )
+ else if ( b1 & 0x7 )
{
int i, j;
uint32_t *l = (uint32_t*) s;
@@ -620,11 +629,12 @@ int paging_log_dirty_range(struct domain
}
}
- if ( l1 != zeroes )
- clear_page(l1);
pages += bytes << 3;
- if ( l1 != zeroes )
+ if ( l1 )
+ {
+ clear_page(l1);
unmap_domain_page(l1);
+ }
b1 = b1 & 0x7;
}
b2 = 0;
--- a/xen/arch/x86/usercopy.c
+++ b/xen/arch/x86/usercopy.c
@@ -110,6 +110,42 @@ copy_to_user(void __user *to, const void
return n;
}
+#define __do_clear_user(addr,size) \
+do { \
+ long __d0; \
+ __asm__ __volatile__( \
+ "0: rep; stosl\n" \
+ " movl %2,%0\n" \
+ "1: rep; stosb\n" \
+ "2:\n" \
+ ".section .fixup,\"ax\"\n" \
+ "3: lea 0(%2,%0,4),%0\n" \
+ " jmp 2b\n" \
+ ".previous\n" \
+ _ASM_EXTABLE(0b,3b) \
+ _ASM_EXTABLE(1b,2b) \
+ : "=&c"(size), "=&D" (__d0) \
+ : "r"(size & 3), "0"(size / 4), "1"((long)addr), "a"(0)); \
+} while (0)
+
+/**
+ * clear_user: - Zero a block of memory in user space.
+ * @to: Destination address, in user space.
+ * @n: Number of bytes to zero.
+ *
+ * Zero a block of memory in user space.
+ *
+ * Returns number of bytes that could not be cleared.
+ * On success, this will be zero.
+ */
+unsigned long
+clear_user(void __user *to, unsigned n)
+{
+ if ( access_ok(to, n) )
+ __do_clear_user(to, n);
+ return n;
+}
+
/**
* copy_from_user: - Copy a block of data from user space.
* @to: Destination address, in kernel space.
--- a/xen/include/asm-x86/guest_access.h
+++ b/xen/include/asm-x86/guest_access.h
@@ -21,6 +21,10 @@
(is_hvm_vcpu(current) ? \
copy_from_user_hvm((dst), (src), (len)) : \
copy_from_user((dst), (src), (len)))
+#define raw_clear_guest(dst, len) \
+ (is_hvm_vcpu(current) ? \
+ clear_user_hvm((dst), (len)) : \
+ clear_user((dst), (len)))
#define __raw_copy_to_guest(dst, src, len) \
(is_hvm_vcpu(current) ? \
copy_to_user_hvm((dst), (src), (len)) : \
@@ -29,6 +33,10 @@
(is_hvm_vcpu(current) ? \
copy_from_user_hvm((dst), (src), (len)) : \
__copy_from_user((dst), (src), (len)))
+#define __raw_clear_guest(dst, len) \
+ (is_hvm_vcpu(current) ? \
+ clear_user_hvm((dst), (len)) : \
+ clear_user((dst), (len)))
/* Is the guest handle a NULL reference? */
#define guest_handle_is_null(hnd) ((hnd).p == NULL)
@@ -69,6 +77,11 @@
raw_copy_from_guest(_d, _s+(off), sizeof(*_d)*(nr));\
})
+#define clear_guest_offset(hnd, off, nr) ({ \
+ void *_d = (hnd).p; \
+ raw_clear_guest(_d+(off), nr); \
+})
+
/* Copy sub-field of a structure to guest context via a guest handle. */
#define copy_field_to_guest(hnd, ptr, field) ({ \
const typeof(&(ptr)->field) _s = &(ptr)->field; \
@@ -110,6 +123,11 @@
__raw_copy_from_guest(_d, _s+(off), sizeof(*_d)*(nr));\
})
+#define __clear_guest_offset(hnd, off, nr) ({ \
+ void *_d = (hnd).p; \
+ __raw_clear_guest(_d+(off), nr); \
+})
+
#define __copy_field_to_guest(hnd, ptr, field) ({ \
const typeof(&(ptr)->field) _s = &(ptr)->field; \
void *_d = &(hnd).p->field; \
--- a/xen/include/asm-x86/hvm/guest_access.h
+++ b/xen/include/asm-x86/hvm/guest_access.h
@@ -2,6 +2,7 @@
#define __ASM_X86_HVM_GUEST_ACCESS_H__
unsigned long copy_to_user_hvm(void *to, const void *from, unsigned len);
+unsigned long clear_user_hvm(void *to, unsigned int len);
unsigned long copy_from_user_hvm(void *to, const void *from, unsigned len);
#endif /* __ASM_X86_HVM_GUEST_ACCESS_H__ */
--- a/xen/include/asm-x86/uaccess.h
+++ b/xen/include/asm-x86/uaccess.h
@@ -16,6 +16,7 @@
#endif
unsigned long copy_to_user(void *to, const void *from, unsigned len);
+unsigned long clear_user(void *to, unsigned len);
unsigned long copy_from_user(void *to, const void *from, unsigned len);
/* Handles exceptions in both to and from, but doesn't do access_ok */
unsigned long __copy_to_user_ll(void *to, const void *from, unsigned n);
--- a/xen/include/xen/guest_access.h
+++ b/xen/include/xen/guest_access.h
@@ -15,10 +15,16 @@
#define copy_from_guest(ptr, hnd, nr) \
copy_from_guest_offset(ptr, hnd, 0, nr)
+#define clear_guest(hnd, nr) \
+ clear_guest_offset(hnd, 0, nr)
+
#define __copy_to_guest(hnd, ptr, nr) \
__copy_to_guest_offset(hnd, 0, ptr, nr)
#define __copy_from_guest(ptr, hnd, nr) \
__copy_from_guest_offset(ptr, hnd, 0, nr)
+#define __clear_guest(hnd, nr) \
+ __clear_guest_offset(hnd, 0, nr)
+
#endif /* __XEN_GUEST_ACCESS_H__ */

98
24781-x86-vmce-mcg_ctl.patch Normal file
View File

@ -0,0 +1,98 @@
References: bnc#745367
# HG changeset patch
# User Jan Beulich <jbeulich@suse.com>
# Date 1329135150 -3600
# Node ID 6ae5506e49abbe07b3b84c56cda114f59beb7ebe
# Parent e953d536d3c6e344cf310f63ead9feda87cc67b0
x86/vMCE: MC{G,i}_CTL handling adjustments
- g_mcg_cap was read to determine whether MCG_CTL exists before it got
initialized
- h_mci_ctrl[] and dom_vmce()->mci_ctl[] both got initialized via
memset() with an inappropriate size (hence causing a [minor?]
information leak)
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Keir Fraser <keir@xen.org>
--- a/xen/arch/x86/cpu/mcheck/mce.c
+++ b/xen/arch/x86/cpu/mcheck/mce.c
@@ -29,7 +29,7 @@ invbool_param("mce", mce_disabled);
bool_t __read_mostly mce_broadcast = 0;
bool_t is_mc_panic;
unsigned int __read_mostly nr_mce_banks;
-int __read_mostly firstbank;
+unsigned int __read_mostly firstbank;
static void intpose_init(void);
static void mcinfo_clear(struct mc_info *);
@@ -646,7 +646,7 @@ int mce_available(struct cpuinfo_x86 *c)
* Check if bank 0 is usable for MCE. It isn't for AMD K7,
* and Intel P6 family before model 0x1a.
*/
-int mce_firstbank(struct cpuinfo_x86 *c)
+unsigned int mce_firstbank(struct cpuinfo_x86 *c)
{
if (c->x86 == 6) {
if (c->x86_vendor == X86_VENDOR_AMD)
--- a/xen/arch/x86/cpu/mcheck/mce.h
+++ b/xen/arch/x86/cpu/mcheck/mce.h
@@ -52,13 +52,13 @@ int is_vmce_ready(struct mcinfo_bank *ba
int unmmap_broken_page(struct domain *d, mfn_t mfn, unsigned long gfn);
u64 mce_cap_init(void);
-extern int firstbank;
+extern unsigned int firstbank;
int intel_mce_rdmsr(uint32_t msr, uint64_t *val);
int intel_mce_wrmsr(uint32_t msr, uint64_t val);
int mce_available(struct cpuinfo_x86 *c);
-int mce_firstbank(struct cpuinfo_x86 *c);
+unsigned int mce_firstbank(struct cpuinfo_x86 *c);
/* Helper functions used for collecting error telemetry */
struct mc_info *x86_mcinfo_getptr(void);
void mc_panic(char *s);
--- a/xen/arch/x86/cpu/mcheck/vmce.c
+++ b/xen/arch/x86/cpu/mcheck/vmce.c
@@ -39,7 +39,7 @@ int vmce_init_msr(struct domain *d)
return -ENOMEM;
}
memset(dom_vmce(d)->mci_ctl, ~0,
- sizeof(dom_vmce(d)->mci_ctl));
+ nr_mce_banks * sizeof(*dom_vmce(d)->mci_ctl));
dom_vmce(d)->mcg_status = 0x0;
dom_vmce(d)->mcg_cap = g_mcg_cap;
@@ -437,7 +437,7 @@ int vmce_domain_inject(
int vmce_init(struct cpuinfo_x86 *c)
{
u64 value;
- int i;
+ unsigned int i;
if ( !h_mci_ctrl )
{
@@ -448,17 +448,17 @@ int vmce_init(struct cpuinfo_x86 *c)
return -ENOMEM;
}
/* Don't care banks before firstbank */
- memset(h_mci_ctrl, 0xff, sizeof(h_mci_ctrl));
+ memset(h_mci_ctrl, ~0,
+ min(firstbank, nr_mce_banks) * sizeof(*h_mci_ctrl));
for (i = firstbank; i < nr_mce_banks; i++)
rdmsrl(MSR_IA32_MCx_CTL(i), h_mci_ctrl[i]);
}
- if (g_mcg_cap & MCG_CTL_P)
- rdmsrl(MSR_IA32_MCG_CTL, h_mcg_ctl);
-
rdmsrl(MSR_IA32_MCG_CAP, value);
/* For Guest vMCE usage */
g_mcg_cap = value & ~MCG_CMCI_P;
+ if (value & MCG_CTL_P)
+ rdmsrl(MSR_IA32_MCG_CTL, h_mcg_ctl);
return 0;
}

30
24805-x86-MSI-X-dom0-ro.patch Normal file
View File

@ -0,0 +1,30 @@
# HG changeset patch
# User Jan Beulich <jbeulich@suse.com>
# Date 1329303884 -3600
# Node ID 618cbd27bac06fe39b1c6f28ded6d4d7f444e7bd
# Parent 0ba87b95e80bae059fe70b4b117dcc409f2471ef
x86: don't allow Dom0 to map MSI-X table writably
With the traditional qemu tree fixed to not use PROT_WRITE anymore in
the mmap() call for this region, and with the upstream qemu tree not
being capable of handling passthrough, yet, there's no need to treat
Dom specially here anymore.
This continues to leave unaddressed the case where PV guests map the
MSI-X table page(s) before setting up the first MSI-X interrupt (see
the original c/s 22182:68cc3c514a0a description for options).
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Keir Fraser <keir@xen.org>
--- a/xen/arch/x86/mm.c
+++ b/xen/arch/x86/mm.c
@@ -835,7 +835,7 @@ get_page_from_l1e(
return -EINVAL;
}
- if ( !(l1f & _PAGE_RW) || IS_PRIV(pg_owner) ||
+ if ( !(l1f & _PAGE_RW) ||
!rangeset_contains_singleton(mmio_ro_ranges, mfn) )
return 0;
dprintk(XENLOG_G_WARNING,

70
24883-x86-guest-walk-not-present.patch Normal file
View File

@ -0,0 +1,70 @@
References: bnc#747331
# HG changeset patch
# User Tim Deegan <tim@xen.org>
# Date 1329992967 0
# Node ID adcd6ab160fae996d53c6843da0c5728ca8a8bd3
# Parent 3d4955cbcb67a1c41e6b71af783b0921a3f7b081
x86/mm: Don't check for invalid bits in non-present PTEs.
If _PAGE_PRESENT is clean in a pagetable entry, any pattern of bits
is valid in the rest of the entry. OSes that special-case
PFEC_invalid_bits (since it should never happen) will be confused
by our setting it in this way.
Signed-off-by: Tim Deegan <tim@xen.org>
--- a/xen/arch/x86/mm/guest_walk.c
+++ b/xen/arch/x86/mm/guest_walk.c
@@ -162,8 +162,11 @@ guest_walk_tables(struct vcpu *v, struct
l4p = (guest_l4e_t *) top_map;
gw->l4e = l4p[guest_l4_table_offset(va)];
gflags = guest_l4e_get_flags(gw->l4e) ^ iflags;
+ if ( !(gflags & _PAGE_PRESENT) ) {
+ rc |= _PAGE_PRESENT;
+ goto out;
+ }
rc |= ((gflags & mflags) ^ mflags);
- if ( rc & _PAGE_PRESENT ) goto out;
/* Map the l3 table */
l3p = map_domain_gfn(p2m,
@@ -176,9 +179,11 @@ guest_walk_tables(struct vcpu *v, struct
/* Get the l3e and check its flags*/
gw->l3e = l3p[guest_l3_table_offset(va)];
gflags = guest_l3e_get_flags(gw->l3e) ^ iflags;
- rc |= ((gflags & mflags) ^ mflags);
- if ( rc & _PAGE_PRESENT )
+ if ( !(gflags & _PAGE_PRESENT) ) {
+ rc |= _PAGE_PRESENT;
goto out;
+ }
+ rc |= ((gflags & mflags) ^ mflags);
#else /* PAE only... */
@@ -213,9 +218,11 @@ guest_walk_tables(struct vcpu *v, struct
#endif /* All levels... */
gflags = guest_l2e_get_flags(gw->l2e) ^ iflags;
- rc |= ((gflags & mflags) ^ mflags);
- if ( rc & _PAGE_PRESENT )
+ if ( !(gflags & _PAGE_PRESENT) ) {
+ rc |= _PAGE_PRESENT;
goto out;
+ }
+ rc |= ((gflags & mflags) ^ mflags);
pse = (guest_supports_superpages(v) &&
(guest_l2e_get_flags(gw->l2e) & _PAGE_PSE));
@@ -277,6 +284,10 @@ guest_walk_tables(struct vcpu *v, struct
goto out;
gw->l1e = l1p[guest_l1_table_offset(va)];
gflags = guest_l1e_get_flags(gw->l1e) ^ iflags;
+ if ( !(gflags & _PAGE_PRESENT) ) {
+ rc |= _PAGE_PRESENT;
+ goto out;
+ }
rc |= ((gflags & mflags) ^ mflags);
}

49
24886-x86-vmce-mcg_ctl-default.patch Normal file
View File

@ -0,0 +1,49 @@
References: bnc#745367
# HG changeset patch
# User Jan Beulich <jbeulich@suse.com>
# Date 1330070623 -3600
# Node ID e80b0bb4470b944a5b52a91c0ec85a1d65d18c55
# Parent 0c3d19f40ab145d101de84051c3e00eef17fa1cb
x86/vMCE: don't advertise features we don't support
... or even know of. Apart from CMCI, which was masked off already,
this now also suppresses the advertising of extended state registers
(reading of which would likely be meaningless in a guest and represent
an information leak).
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Keir Fraser <keir@xen.org>
--- a/xen/arch/x86/cpu/mcheck/vmce.c
+++ b/xen/arch/x86/cpu/mcheck/vmce.c
@@ -456,7 +456,7 @@ int vmce_init(struct cpuinfo_x86 *c)
rdmsrl(MSR_IA32_MCG_CAP, value);
/* For Guest vMCE usage */
- g_mcg_cap = value & ~MCG_CMCI_P;
+ g_mcg_cap = value & (MCG_CAP_COUNT | MCG_CTL_P | MCG_TES_P | MCG_SER_P);
if (value & MCG_CTL_P)
rdmsrl(MSR_IA32_MCG_CTL, h_mcg_ctl);
--- a/xen/arch/x86/cpu/mcheck/x86_mca.h
+++ b/xen/arch/x86/cpu/mcheck/x86_mca.h
@@ -30,12 +30,13 @@
/* Bitfield of the MSR_IA32_MCG_CAP register */
-#define MCG_SER_P (1UL<<24)
#define MCG_CAP_COUNT 0x00000000000000ffULL
-#define MCG_CTL_P 0x0000000000000100ULL
-#define MCG_EXT_P (1UL<<9)
-#define MCG_EXT_CNT (16)
-#define MCG_CMCI_P (1UL<<10)
+#define MCG_CTL_P (1ULL<<8)
+#define MCG_EXT_P (1ULL<<9)
+#define MCG_CMCI_P (1ULL<<10)
+#define MCG_TES_P (1ULL<<11)
+#define MCG_EXT_CNT 16
+#define MCG_SER_P (1ULL<<24)
/* Other bits are reserved */
/* Bitfield of the MSR_IA32_MCG_STATUS register */

559
24887-x86-vmce-sr.patch Normal file
View File

@ -0,0 +1,559 @@
References: bnc#745367
# HG changeset patch
# User Jan Beulich <jbeulich@suse.com>
# Date 1330070874 -3600
# Node ID 35d855e520038bf5814f53d105dc4adf58a670f2
# Parent e80b0bb4470b944a5b52a91c0ec85a1d65d18c55
x86/vMCE: save/restore MCA capabilities
This allows migration to a host with less MCA banks than the source
host had, while without this patch accesses to the excess banks' MSRs
caused #GP-s in the guest after migration (and it depended on the guest
kernel whether this would be fatal).
A fundamental question is whether we should also save/restore MCG_CTL
and MCi_CTL, as the HVM save record would better be defined to the
complete state that needs saving from the beginning (I'm unsure whether
the save/restore logic allows for future extension of an existing
record).
Of course, this change is expected to make migration from new to older
Xen impossible (again I'm unsure what the save/restore logic does with
records it doesn't even know about).
The (trivial) tools side change may seem unrelated, but the code should
have been that way from the beginning to allow the hypervisor to look
at currently unused ext_vcpucontext fields without risking to read
garbage when those fields get a meaning assigned in the future. This
isn't being enforced here - should it be? (Obviously, for backwards
compatibility, the hypervisor must assume these fields to be clear only
when the extended context's size exceeds the old original one.)
A future addition to this change might be to allow configuration of the
number of banks and other MCA capabilities for a guest before it starts
(i.e. to not inherits the values seen on the first host it runs on).
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Keir Fraser <keir@xen.org>
--- a/tools/libxc/xc_domain_save.c
+++ b/tools/libxc/xc_domain_save.c
@@ -1766,6 +1766,7 @@ int xc_domain_save(xc_interface *xch, in
domctl.cmd = XEN_DOMCTL_get_ext_vcpucontext;
domctl.domain = dom;
+ memset(&domctl.u, 0, sizeof(domctl.u));
domctl.u.ext_vcpucontext.vcpu = i;
if ( xc_domctl(xch, &domctl) < 0 )
{
--- a/tools/misc/xen-hvmctx.c
+++ b/tools/misc/xen-hvmctx.c
@@ -375,6 +375,13 @@ static void dump_viridian(void)
(unsigned long long) p.guest_os_id);
}
+static void dump_vmce_vcpu(void)
+{
+ HVM_SAVE_TYPE(VMCE_VCPU) p;
+ READ(p);
+ printf(" VMCE_VCPU: caps %" PRIx64 "\n", p.caps);
+}
+
int main(int argc, char **argv)
{
int entry, domid;
@@ -440,6 +447,7 @@ int main(int argc, char **argv)
case HVM_SAVE_CODE(PMTIMER): dump_pmtimer(); break;
case HVM_SAVE_CODE(MTRR): dump_mtrr(); break;
case HVM_SAVE_CODE(VIRIDIAN): dump_viridian(); break;
+ case HVM_SAVE_CODE(VMCE_VCPU): dump_vmce_vcpu(); break;
case HVM_SAVE_CODE(END): break;
default:
printf(" ** Don't understand type %u: skipping\n",
--- a/xen/arch/x86/cpu/mcheck/mce.h
+++ b/xen/arch/x86/cpu/mcheck/mce.h
@@ -3,6 +3,7 @@
#define _MCE_H
#include <xen/init.h>
+#include <xen/sched.h>
#include <xen/smp.h>
#include <asm/types.h>
#include <asm/traps.h>
@@ -54,8 +55,8 @@ int unmmap_broken_page(struct domain *d,
u64 mce_cap_init(void);
extern unsigned int firstbank;
-int intel_mce_rdmsr(uint32_t msr, uint64_t *val);
-int intel_mce_wrmsr(uint32_t msr, uint64_t val);
+int intel_mce_rdmsr(const struct vcpu *, uint32_t msr, uint64_t *val);
+int intel_mce_wrmsr(struct vcpu *, uint32_t msr, uint64_t val);
int mce_available(struct cpuinfo_x86 *c);
unsigned int mce_firstbank(struct cpuinfo_x86 *c);
@@ -169,18 +170,20 @@ int vmce_domain_inject(struct mcinfo_ban
extern int vmce_init(struct cpuinfo_x86 *c);
-static inline int mce_vendor_bank_msr(uint32_t msr)
+static inline int mce_vendor_bank_msr(const struct vcpu *v, uint32_t msr)
{
if ( boot_cpu_data.x86_vendor == X86_VENDOR_INTEL &&
- msr >= MSR_IA32_MC0_CTL2 && msr < (MSR_IA32_MC0_CTL2 + nr_mce_banks) )
+ msr >= MSR_IA32_MC0_CTL2 &&
+ msr < MSR_IA32_MCx_CTL2(v->arch.mcg_cap & MCG_CAP_COUNT) )
return 1;
return 0;
}
-static inline int mce_bank_msr(uint32_t msr)
+static inline int mce_bank_msr(const struct vcpu *v, uint32_t msr)
{
- if ( (msr >= MSR_IA32_MC0_CTL && msr < MSR_IA32_MCx_CTL(nr_mce_banks)) ||
- mce_vendor_bank_msr(msr) )
+ if ( (msr >= MSR_IA32_MC0_CTL &&
+ msr < MSR_IA32_MCx_CTL(v->arch.mcg_cap & MCG_CAP_COUNT)) ||
+ mce_vendor_bank_msr(v, msr) )
return 1;
return 0;
}
--- a/xen/arch/x86/cpu/mcheck/mce_intel.c
+++ b/xen/arch/x86/cpu/mcheck/mce_intel.c
@@ -1322,11 +1322,12 @@ enum mcheck_type intel_mcheck_init(struc
}
/* intel specific MCA MSR */
-int intel_mce_wrmsr(uint32_t msr, uint64_t val)
+int intel_mce_wrmsr(struct vcpu *v, uint32_t msr, uint64_t val)
{
int ret = 0;
- if (msr >= MSR_IA32_MC0_CTL2 && msr < (MSR_IA32_MC0_CTL2 + nr_mce_banks))
+ if ( msr >= MSR_IA32_MC0_CTL2 &&
+ msr < MSR_IA32_MCx_CTL2(v->arch.mcg_cap & MCG_CAP_COUNT) )
{
mce_printk(MCE_QUIET, "We have disabled CMCI capability, "
"Guest should not write this MSR!\n");
@@ -1336,11 +1337,12 @@ int intel_mce_wrmsr(uint32_t msr, uint64
return ret;
}
-int intel_mce_rdmsr(uint32_t msr, uint64_t *val)
+int intel_mce_rdmsr(const struct vcpu *v, uint32_t msr, uint64_t *val)
{
int ret = 0;
- if (msr >= MSR_IA32_MC0_CTL2 && msr < (MSR_IA32_MC0_CTL2 + nr_mce_banks))
+ if ( msr >= MSR_IA32_MC0_CTL2 &&
+ msr < MSR_IA32_MCx_CTL2(v->arch.mcg_cap & MCG_CAP_COUNT) )
{
mce_printk(MCE_QUIET, "We have disabled CMCI capability, "
"Guest should not read this MSR!\n");
--- a/xen/arch/x86/cpu/mcheck/vmce.c
+++ b/xen/arch/x86/cpu/mcheck/vmce.c
@@ -10,6 +10,7 @@
#include <xen/delay.h>
#include <xen/smp.h>
#include <xen/mm.h>
+#include <xen/hvm/save.h>
#include <asm/processor.h>
#include <public/sysctl.h>
#include <asm/system.h>
@@ -42,7 +43,6 @@ int vmce_init_msr(struct domain *d)
nr_mce_banks * sizeof(*dom_vmce(d)->mci_ctl));
dom_vmce(d)->mcg_status = 0x0;
- dom_vmce(d)->mcg_cap = g_mcg_cap;
dom_vmce(d)->mcg_ctl = ~(uint64_t)0x0;
dom_vmce(d)->nr_injection = 0;
@@ -61,21 +61,41 @@ void vmce_destroy_msr(struct domain *d)
dom_vmce(d) = NULL;
}
-static int bank_mce_rdmsr(struct domain *d, uint32_t msr, uint64_t *val)
+void vmce_init_vcpu(struct vcpu *v)
{
- int bank, ret = 1;
- struct domain_mca_msrs *vmce = dom_vmce(d);
+ v->arch.mcg_cap = g_mcg_cap;
+}
+
+int vmce_restore_vcpu(struct vcpu *v, uint64_t caps)
+{
+ if ( caps & ~g_mcg_cap & ~MCG_CAP_COUNT & ~MCG_CTL_P )
+ {
+ dprintk(XENLOG_G_ERR, "%s restore: unsupported MCA capabilities"
+ " %#" PRIx64 " for d%d:v%u (supported: %#Lx)\n",
+ is_hvm_vcpu(v) ? "HVM" : "PV", caps, v->domain->domain_id,
+ v->vcpu_id, g_mcg_cap & ~MCG_CAP_COUNT);
+ return -EPERM;
+ }
+
+ v->arch.mcg_cap = caps;
+ return 0;
+}
+
+static int bank_mce_rdmsr(const struct vcpu *v, uint32_t msr, uint64_t *val)
+{
+ int ret = 1;
+ unsigned int bank = (msr - MSR_IA32_MC0_CTL) / 4;
+ struct domain_mca_msrs *vmce = dom_vmce(v->domain);
struct bank_entry *entry;
- bank = (msr - MSR_IA32_MC0_CTL) / 4;
- if ( bank >= nr_mce_banks )
- return -1;
+ *val = 0;
switch ( msr & (MSR_IA32_MC0_CTL | 3) )
{
case MSR_IA32_MC0_CTL:
- *val = vmce->mci_ctl[bank] &
- (h_mci_ctrl ? h_mci_ctrl[bank] : ~0UL);
+ if ( bank < nr_mce_banks )
+ *val = vmce->mci_ctl[bank] &
+ (h_mci_ctrl ? h_mci_ctrl[bank] : ~0UL);
mce_printk(MCE_VERBOSE, "MCE: rdmsr MC%u_CTL 0x%"PRIx64"\n",
bank, *val);
break;
@@ -126,7 +146,7 @@ static int bank_mce_rdmsr(struct domain
switch ( boot_cpu_data.x86_vendor )
{
case X86_VENDOR_INTEL:
- ret = intel_mce_rdmsr(msr, val);
+ ret = intel_mce_rdmsr(v, msr, val);
break;
default:
ret = 0;
@@ -145,13 +165,13 @@ static int bank_mce_rdmsr(struct domain
*/
int vmce_rdmsr(uint32_t msr, uint64_t *val)
{
- struct domain *d = current->domain;
- struct domain_mca_msrs *vmce = dom_vmce(d);
+ const struct vcpu *cur = current;
+ struct domain_mca_msrs *vmce = dom_vmce(cur->domain);
int ret = 1;
*val = 0;
- spin_lock(&dom_vmce(d)->lock);
+ spin_lock(&vmce->lock);
switch ( msr )
{
@@ -162,39 +182,38 @@ int vmce_rdmsr(uint32_t msr, uint64_t *v
"MCE: rdmsr MCG_STATUS 0x%"PRIx64"\n", *val);
break;
case MSR_IA32_MCG_CAP:
- *val = vmce->mcg_cap;
+ *val = cur->arch.mcg_cap;
mce_printk(MCE_VERBOSE, "MCE: rdmsr MCG_CAP 0x%"PRIx64"\n",
*val);
break;
case MSR_IA32_MCG_CTL:
/* Always 0 if no CTL support */
- *val = vmce->mcg_ctl & h_mcg_ctl;
+ if ( cur->arch.mcg_cap & MCG_CTL_P )
+ *val = vmce->mcg_ctl & h_mcg_ctl;
mce_printk(MCE_VERBOSE, "MCE: rdmsr MCG_CTL 0x%"PRIx64"\n",
*val);
break;
default:
- ret = mce_bank_msr(msr) ? bank_mce_rdmsr(d, msr, val) : 0;
+ ret = mce_bank_msr(cur, msr) ? bank_mce_rdmsr(cur, msr, val) : 0;
break;
}
- spin_unlock(&dom_vmce(d)->lock);
+ spin_unlock(&vmce->lock);
return ret;
}
-static int bank_mce_wrmsr(struct domain *d, u32 msr, u64 val)
+static int bank_mce_wrmsr(struct vcpu *v, u32 msr, u64 val)
{
- int bank, ret = 1;
- struct domain_mca_msrs *vmce = dom_vmce(d);
+ int ret = 1;
+ unsigned int bank = (msr - MSR_IA32_MC0_CTL) / 4;
+ struct domain_mca_msrs *vmce = dom_vmce(v->domain);
struct bank_entry *entry = NULL;
- bank = (msr - MSR_IA32_MC0_CTL) / 4;
- if ( bank >= nr_mce_banks )
- return -EINVAL;
-
switch ( msr & (MSR_IA32_MC0_CTL | 3) )
{
case MSR_IA32_MC0_CTL:
- vmce->mci_ctl[bank] = val;
+ if ( bank < nr_mce_banks )
+ vmce->mci_ctl[bank] = val;
break;
case MSR_IA32_MC0_STATUS:
/* Give the first entry of the list, it corresponds to current
@@ -202,9 +221,9 @@ static int bank_mce_wrmsr(struct domain
* the guest, this node will be deleted.
* Only error bank is written. Non-error banks simply return.
*/
- if ( !list_empty(&dom_vmce(d)->impact_header) )
+ if ( !list_empty(&vmce->impact_header) )
{
- entry = list_entry(dom_vmce(d)->impact_header.next,
+ entry = list_entry(vmce->impact_header.next,
struct bank_entry, list);
if ( entry->bank == bank )
entry->mci_status = val;
@@ -228,7 +247,7 @@ static int bank_mce_wrmsr(struct domain
switch ( boot_cpu_data.x86_vendor )
{
case X86_VENDOR_INTEL:
- ret = intel_mce_wrmsr(msr, val);
+ ret = intel_mce_wrmsr(v, msr, val);
break;
default:
ret = 0;
@@ -247,9 +266,9 @@ static int bank_mce_wrmsr(struct domain
*/
int vmce_wrmsr(u32 msr, u64 val)
{
- struct domain *d = current->domain;
+ struct vcpu *cur = current;
struct bank_entry *entry = NULL;
- struct domain_mca_msrs *vmce = dom_vmce(d);
+ struct domain_mca_msrs *vmce = dom_vmce(cur->domain);
int ret = 1;
if ( !g_mcg_cap )
@@ -266,7 +285,7 @@ int vmce_wrmsr(u32 msr, u64 val)
vmce->mcg_status = val;
mce_printk(MCE_VERBOSE, "MCE: wrmsr MCG_STATUS %"PRIx64"\n", val);
/* For HVM guest, this is the point for deleting vMCE injection node */
- if ( d->is_hvm && (vmce->nr_injection > 0) )
+ if ( is_hvm_vcpu(cur) && (vmce->nr_injection > 0) )
{
vmce->nr_injection--; /* Should be 0 */
if ( !list_empty(&vmce->impact_header) )
@@ -293,7 +312,7 @@ int vmce_wrmsr(u32 msr, u64 val)
ret = -1;
break;
default:
- ret = mce_bank_msr(msr) ? bank_mce_wrmsr(d, msr, val) : 0;
+ ret = mce_bank_msr(cur, msr) ? bank_mce_wrmsr(cur, msr, val) : 0;
break;
}
@@ -301,6 +320,46 @@ int vmce_wrmsr(u32 msr, u64 val)
return ret;
}
+static int vmce_save_vcpu_ctxt(struct domain *d, hvm_domain_context_t *h)
+{
+ struct vcpu *v;
+ int err = 0;
+
+ for_each_vcpu( d, v ) {
+ struct hvm_vmce_vcpu ctxt = {
+ .caps = v->arch.mcg_cap
+ };
+
+ err = hvm_save_entry(VMCE_VCPU, v->vcpu_id, h, &ctxt);
+ if ( err )
+ break;
+ }
+
+ return err;
+}
+
+static int vmce_load_vcpu_ctxt(struct domain *d, hvm_domain_context_t *h)
+{
+ unsigned int vcpuid = hvm_load_instance(h);
+ struct vcpu *v;
+ struct hvm_vmce_vcpu ctxt;
+ int err;
+
+ if ( vcpuid >= d->max_vcpus || (v = d->vcpu[vcpuid]) == NULL )
+ {
+ dprintk(XENLOG_G_ERR, "HVM restore: dom%d has no vcpu%u\n",
+ d->domain_id, vcpuid);
+ err = -EINVAL;
+ }
+ else
+ err = hvm_load_entry(VMCE_VCPU, h, &ctxt);
+
+ return err ?: vmce_restore_vcpu(v, ctxt.caps);
+}
+
+HVM_REGISTER_SAVE_RESTORE(VMCE_VCPU, vmce_save_vcpu_ctxt,
+ vmce_load_vcpu_ctxt, 1, HVMSR_PER_VCPU);
+
int inject_vmce(struct domain *d)
{
int cpu = smp_processor_id();
--- a/xen/arch/x86/domain.c
+++ b/xen/arch/x86/domain.c
@@ -376,6 +376,8 @@ int vcpu_initialise(struct vcpu *v)
if ( (rc = xsave_alloc_save_area(v)) != 0 )
return rc;
+ vmce_init_vcpu(v);
+
if ( is_hvm_domain(d) )
{
if ( (rc = hvm_vcpu_initialise(v)) != 0 )
--- a/xen/arch/x86/domctl.c
+++ b/xen/arch/x86/domctl.c
@@ -1137,11 +1137,12 @@ long arch_do_domctl(
evc->syscall32_callback_eip = 0;
evc->syscall32_disables_events = 0;
#endif
+ evc->mcg_cap = v->arch.mcg_cap;
}
else
{
ret = -EINVAL;
- if ( evc->size != sizeof(*evc) )
+ if ( evc->size < offsetof(typeof(*evc), mcg_cap) )
goto ext_vcpucontext_out;
#ifdef __x86_64__
fixup_guest_code_selector(d, evc->sysenter_callback_cs);
@@ -1160,6 +1161,9 @@ long arch_do_domctl(
evc->syscall32_callback_eip )
goto ext_vcpucontext_out;
#endif
+ if ( evc->size >= offsetof(typeof(*evc), mcg_cap) +
+ sizeof(evc->mcg_cap) )
+ ret = vmce_restore_vcpu(v, evc->mcg_cap);
}
ret = 0;
--- a/xen/include/asm-x86/domain.h
+++ b/xen/include/asm-x86/domain.h
@@ -425,6 +425,8 @@ struct arch_vcpu
*/
uint64_t xcr0_accum;
+ uint64_t mcg_cap;
+
/* Current LDT details. */
unsigned long shadow_ldt_mapcnt;
spinlock_t shadow_ldt_lock;
--- a/xen/include/asm-x86/mce.h
+++ b/xen/include/asm-x86/mce.h
@@ -16,7 +16,6 @@ struct bank_entry {
struct domain_mca_msrs
{
/* Guest should not change below values after DOM boot up */
- uint64_t mcg_cap;
uint64_t mcg_ctl;
uint64_t mcg_status;
uint64_t *mci_ctl;
@@ -28,6 +27,8 @@ struct domain_mca_msrs
/* Guest vMCE MSRs virtualization */
extern int vmce_init_msr(struct domain *d);
extern void vmce_destroy_msr(struct domain *d);
+extern void vmce_init_vcpu(struct vcpu *);
+extern int vmce_restore_vcpu(struct vcpu *, uint64_t caps);
extern int vmce_wrmsr(uint32_t msr, uint64_t val);
extern int vmce_rdmsr(uint32_t msr, uint64_t *val);
#endif
--- a/xen/include/asm-x86/msr-index.h
+++ b/xen/include/asm-x86/msr-index.h
@@ -101,48 +101,40 @@
#define MSR_AMD64_MC0_MASK 0xc0010044
#define MSR_IA32_MC1_CTL 0x00000404
-#define MSR_IA32_MC1_CTL2 0x00000281
#define MSR_IA32_MC1_STATUS 0x00000405
#define MSR_IA32_MC1_ADDR 0x00000406
#define MSR_IA32_MC1_MISC 0x00000407
#define MSR_IA32_MC2_CTL 0x00000408
-#define MSR_IA32_MC2_CTL2 0x00000282
#define MSR_IA32_MC2_STATUS 0x00000409
#define MSR_IA32_MC2_ADDR 0x0000040A
#define MSR_IA32_MC2_MISC 0x0000040B
-#define MSR_IA32_MC3_CTL2 0x00000283
#define MSR_IA32_MC3_CTL 0x0000040C
#define MSR_IA32_MC3_STATUS 0x0000040D
#define MSR_IA32_MC3_ADDR 0x0000040E
#define MSR_IA32_MC3_MISC 0x0000040F
-#define MSR_IA32_MC4_CTL2 0x00000284
#define MSR_IA32_MC4_CTL 0x00000410
#define MSR_IA32_MC4_STATUS 0x00000411
#define MSR_IA32_MC4_ADDR 0x00000412
#define MSR_IA32_MC4_MISC 0x00000413
-#define MSR_IA32_MC5_CTL2 0x00000285
#define MSR_IA32_MC5_CTL 0x00000414
#define MSR_IA32_MC5_STATUS 0x00000415
#define MSR_IA32_MC5_ADDR 0x00000416
#define MSR_IA32_MC5_MISC 0x00000417
-#define MSR_IA32_MC6_CTL2 0x00000286
#define MSR_IA32_MC6_CTL 0x00000418
#define MSR_IA32_MC6_STATUS 0x00000419
#define MSR_IA32_MC6_ADDR 0x0000041A
#define MSR_IA32_MC6_MISC 0x0000041B
-#define MSR_IA32_MC7_CTL2 0x00000287
#define MSR_IA32_MC7_CTL 0x0000041C
#define MSR_IA32_MC7_STATUS 0x0000041D
#define MSR_IA32_MC7_ADDR 0x0000041E
#define MSR_IA32_MC7_MISC 0x0000041F
-#define MSR_IA32_MC8_CTL2 0x00000288
#define MSR_IA32_MC8_CTL 0x00000420
#define MSR_IA32_MC8_STATUS 0x00000421
#define MSR_IA32_MC8_ADDR 0x00000422
@@ -152,6 +144,7 @@
#define MSR_IA32_MCx_STATUS(x) (MSR_IA32_MC0_STATUS + 4*(x))
#define MSR_IA32_MCx_ADDR(x) (MSR_IA32_MC0_ADDR + 4*(x))
#define MSR_IA32_MCx_MISC(x) (MSR_IA32_MC0_MISC + 4*(x))
+#define MSR_IA32_MCx_CTL2(x) (MSR_IA32_MC0_CTL2 + (x))
#define MSR_AMD64_MCx_MASK(x) (MSR_AMD64_MC0_MASK + (x))
--- a/xen/include/public/arch-x86/hvm/save.h
+++ b/xen/include/public/arch-x86/hvm/save.h
@@ -580,9 +580,15 @@ struct hvm_hw_cpu_xsave {
#define CPU_XSAVE_CODE 16
+struct hvm_vmce_vcpu {
+ uint64_t caps;
+};
+
+DECLARE_HVM_SAVE_TYPE(VMCE_VCPU, 18, struct hvm_vmce_vcpu);
+
/*
* Largest type-code in use
*/
-#define HVM_SAVE_CODE_MAX 16
+#define HVM_SAVE_CODE_MAX 18
#endif /* __XEN_PUBLIC_HVM_SAVE_X86_H__ */
--- a/xen/include/public/domctl.h
+++ b/xen/include/public/domctl.h
@@ -558,7 +558,7 @@ struct xen_domctl_ext_vcpucontext {
uint32_t vcpu;
/*
* SET: Size of struct (IN)
- * GET: Size of struct (OUT)
+ * GET: Size of struct (OUT, up to 128 bytes)
*/
uint32_t size;
#if defined(__i386__) || defined(__x86_64__)
@@ -570,6 +570,7 @@ struct xen_domctl_ext_vcpucontext {
uint16_t sysenter_callback_cs;
uint8_t syscall32_disables_events;
uint8_t sysenter_disables_events;
+ uint64_aligned_t mcg_cap;
#endif
};
typedef struct xen_domctl_ext_vcpucontext xen_domctl_ext_vcpucontext_t;

84
24888-pci-release-devices.patch Normal file
View File

@ -0,0 +1,84 @@
References: bnc#744771
# HG changeset patch
# User Jan Beulich <jbeulich@suse.com>
# Date 1330080392 -3600
# Node ID 71159fb049f253030c3820c260d092d4aec6b166
# Parent 35d855e520038bf5814f53d105dc4adf58a670f2
passthrough: release assigned PCI devices earlier during domain shutdown
At least with xend, where there's not even a tool stack side attempt to
de-assign devices during domain shutdown, this allows immediate re-
starts of a domain to work reliably. (There's no apparent reason why
c/s 18010:c1577f094ae4 chose to put this in the asynchronous part of
domain destruction).
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Keir Fraser <keir@xen.org>
--- a/xen/arch/ia64/xen/dom0_ops.c
+++ b/xen/arch/ia64/xen/dom0_ops.c
@@ -330,7 +330,8 @@ long arch_do_domctl(xen_domctl_t *op, XE
break;
ret = -EINVAL;
- if ( unlikely((d = get_domain_by_id(op->domain)) == NULL) )
+ if ( unlikely((d = get_domain_by_id(op->domain)) == NULL) ||
+ unlikely(d->is_dying) )
{
gdprintk(XENLOG_ERR,
"XEN_DOMCTL_assign_device: get_domain_by_id() failed\n");
--- a/xen/arch/ia64/xen/domain.c
+++ b/xen/arch/ia64/xen/domain.c
@@ -671,10 +671,8 @@ void arch_domain_destroy(struct domain *
free_xenheap_pages(d->shared_info,
get_order_from_shift(XSI_SHIFT));
- if ( iommu_enabled && need_iommu(d) ) {
- pci_release_devices(d);
+ if ( iommu_enabled && need_iommu(d) )
iommu_domain_destroy(d);
- }
tlb_track_destroy(d);
@@ -1719,6 +1717,8 @@ int domain_relinquish_resources(struct d
switch (d->arch.relres) {
case RELRES_not_started:
+ pci_release_devices(d);
+
/* Relinquish guest resources for VT-i domain. */
if (is_hvm_domain(d))
vmx_relinquish_guest_resources(d);
--- a/xen/arch/x86/domain.c
+++ b/xen/arch/x86/domain.c
@@ -607,7 +607,6 @@ void arch_domain_destroy(struct domain *
hvm_domain_destroy(d);
vmce_destroy_msr(d);
- pci_release_devices(d);
free_domain_pirqs(d);
if ( !is_idle_domain(d) )
iommu_domain_destroy(d);
@@ -1956,6 +1955,8 @@ int domain_relinquish_resources(struct d
switch ( d->arch.relmem )
{
case RELMEM_not_started:
+ pci_release_devices(d);
+
/* Tear down paging-assistance stuff. */
paging_teardown(d);
--- a/xen/arch/x86/domctl.c
+++ b/xen/arch/x86/domctl.c
@@ -828,7 +828,8 @@ long arch_do_domctl(
break;
ret = -EINVAL;
- if ( unlikely((d = get_domain_by_id(domctl->domain)) == NULL) )
+ if ( unlikely((d = get_domain_by_id(domctl->domain)) == NULL) ||
+ unlikely(d->is_dying) )
{
gdprintk(XENLOG_ERR,
"XEN_DOMCTL_assign_device: get_domain_by_id() failed\n");

12
blktap-disable-debug-printf.patch
View File

@ -1,7 +1,7 @@
Index: xen-4.0.2-testing/tools/blktap/drivers/blktapctrl.c
Index: xen-4.1.2-testing/tools/blktap/drivers/blktapctrl.c
===================================================================
--- xen-4.0.2-testing.orig/tools/blktap/drivers/blktapctrl.c
+++ xen-4.0.2-testing/tools/blktap/drivers/blktapctrl.c
--- xen-4.1.2-testing.orig/tools/blktap/drivers/blktapctrl.c
+++ xen-4.1.2-testing/tools/blktap/drivers/blktapctrl.c
@@ -59,6 +59,9 @@
#include "list.h"
#include "xs_api.h" /* for xs_fire_next_watch() */
@ -12,10 +12,10 @@ Index: xen-4.0.2-testing/tools/blktap/drivers/blktapctrl.c
#define PIDFILE "/var/run/blktapctrl.pid"
#define NUM_POLL_FDS 2
Index: xen-4.0.2-testing/tools/ioemu-qemu-xen/hw/xen_blktap.c
Index: xen-4.1.2-testing/tools/ioemu-qemu-xen/hw/xen_blktap.c
===================================================================
--- xen-4.0.2-testing.orig/tools/ioemu-qemu-xen/hw/xen_blktap.c
+++ xen-4.0.2-testing/tools/ioemu-qemu-xen/hw/xen_blktap.c
--- xen-4.1.2-testing.orig/tools/ioemu-qemu-xen/hw/xen_blktap.c
+++ xen-4.1.2-testing/tools/ioemu-qemu-xen/hw/xen_blktap.c
@@ -48,7 +48,7 @@
#define BLKTAP_CTRL_DIR "/var/run/tap"

53
ioemu-9869-MSI-X-init.patch Normal file
View File

@ -0,0 +1,53 @@
# HG changeset patch
# User Jan Beulich <jbeulich@suse.com>
# Date 1325783746 0
# Node ID db6c7b83d4165ada5498339b87031a09f5b79d8a
# Parent 11ca857d983420a9f54e4d0e6919f8e6bd5fca48
qemu-xen: fix sequence of operations in pt_msix_init()
Checking the return value of mmap() must be done before adjusting the
value, otherwise failure may not be detected.
Closing the file handle, on the other hand, can be done before checking
the return value.
Finally, printing the errno value without knowing whether the previous
function actually failed is bogus (and superfluous since a subsequent
message prints the strerror() representaton anyway).
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
committer: Ian Jackson <Ian.Jackson@eu.citrix.com>
--- a/tools/ioemu-qemu-xen/hw/pt-msi.c
+++ b/tools/ioemu-qemu-xen/hw/pt-msi.c
@@ -537,7 +537,6 @@ int pt_msix_init(struct pt_dev *dev, int
int i, total_entries, table_off, bar_index;
struct pci_dev *pd = dev->pci_dev;
int fd;
- int err;
id = pci_read_byte(pd, pos + PCI_CAP_LIST_ID);
@@ -585,17 +584,14 @@ int pt_msix_init(struct pt_dev *dev, int
dev->msix->phys_iomem_base = mmap(0, total_entries * 16 + dev->msix->table_offset_adjust,
PROT_READ, MAP_SHARED | MAP_LOCKED,
fd, dev->msix->table_base + table_off - dev->msix->table_offset_adjust);
- dev->msix->phys_iomem_base = (void *)((char *)dev->msix->phys_iomem_base +
- dev->msix->table_offset_adjust);
- err = errno;
- PT_LOG("errno = %d\n",err);
+ close(fd);
if ( dev->msix->phys_iomem_base == MAP_FAILED )
{
PT_LOG("Error: Can't map physical MSI-X table: %s\n", strerror(errno));
- close(fd);
goto error_out;
}
- close(fd);
+
+ dev->msix->phys_iomem_base += dev->msix->table_offset_adjust;
PT_LOG("mapping physical MSI-X table to %lx\n",
(unsigned long)dev->msix->phys_iomem_base);

0
ioemu-MSI-X-fix-unregister_iomem.patch → ioemu-9873-MSI-X-fix-unregister_iomem.patch
View File

19
2XXXX-vif-bridge.patch → vif-bridge-tap-fix.patch
View File

@ -10,20 +10,21 @@ it from adding user-created taps to bridges.
Signed-off-by: Jim Fehlig <jfehlig@suse.com>
diff -r 6c583d35d76d -r 74da2a3a1db1 tools/hotplug/Linux/vif-bridge
--- a/tools/hotplug/Linux/vif-bridge Thu Oct 20 15:36:01 2011 +0100
+++ b/tools/hotplug/Linux/vif-bridge Tue Oct 25 16:32:32 2011 -0600
@@ -31,6 +31,13 @@
Index: xen-4.1.2-testing/tools/hotplug/Linux/vif-bridge
===================================================================
--- xen-4.1.2-testing.orig/tools/hotplug/Linux/vif-bridge
+++ xen-4.1.2-testing/tools/hotplug/Linux/vif-bridge
@@ -32,6 +32,13 @@
dir=$(dirname "$0")
. "$dir/vif-common.sh"
+
+domu=$(xenstore_read_default "$XENBUS_PATH/domain" "")
+if [ -z "$domu" ]
+mac=$(xenstore_read_default "$XENBUS_PATH/mac" "")
+if [ -z "$mac" ]
+then
+ log debug "No device details in $XENBUS_PATH, exiting."
+ exit 0
+fi
+
bridge=${bridge:-}
bridge=$(xenstore_read_default "$XENBUS_PATH/bridge" "$bridge")

272
xen-warnings-unused.diff
View File

@ -1,5 +1,7 @@
--- a/tools/libxc/xc_tmem.c
+++ b/tools/libxc/xc_tmem.c
Index: xen-4.1.2-testing/tools/libxc/xc_tmem.c
===================================================================
--- xen-4.1.2-testing.orig/tools/libxc/xc_tmem.c
+++ xen-4.1.2-testing/tools/libxc/xc_tmem.c
@@ -390,7 +390,8 @@ static int xc_tmem_restore_new_pool(
int xc_tmem_restore(xc_interface *xch, int dom, int io_fd)
@ -10,8 +12,10 @@
uint32_t this_max_pools, this_version;
uint32_t pool_id;
uint32_t minusone;
--- a/tools/libxc/xc_domain_restore.c
+++ b/tools/libxc/xc_domain_restore.c
Index: xen-4.1.2-testing/tools/libxc/xc_domain_restore.c
===================================================================
--- xen-4.1.2-testing.orig/tools/libxc/xc_domain_restore.c
+++ xen-4.1.2-testing/tools/libxc/xc_domain_restore.c
@@ -1087,7 +1087,6 @@ int xc_domain_restore(xc_interface *xch,
int vcpuextstate = 0;
uint32_t vcpuextstate_size = 0;
@ -28,8 +32,10 @@
n = m = 0;
loadpages:
--- a/tools/misc/gtraceview.c
+++ b/tools/misc/gtraceview.c
Index: xen-4.1.2-testing/tools/misc/gtraceview.c
===================================================================
--- xen-4.1.2-testing.orig/tools/misc/gtraceview.c
+++ xen-4.1.2-testing/tools/misc/gtraceview.c
@@ -622,7 +622,8 @@ void crt_init(void)
void nr_addch(int nr, int ch)
{
@ -40,8 +46,10 @@
getyx(stdscr, y, x);
for (i = 0; i < nr; i++) {
if (x == COLS-1)
--- a/tools/xcutils/xc_restore.c
+++ b/tools/xcutils/xc_restore.c
Index: xen-4.1.2-testing/tools/xcutils/xc_restore.c
===================================================================
--- xen-4.1.2-testing.orig/tools/xcutils/xc_restore.c
+++ xen-4.1.2-testing/tools/xcutils/xc_restore.c
@@ -19,7 +19,8 @@ int
main(int argc, char **argv)
{
@ -52,8 +60,10 @@
xc_interface *xch;
int io_fd, ret;
int superpages;
--- a/tools/firmware/rombios/32bit/tcgbios/tcgbios.c
+++ b/tools/firmware/rombios/32bit/tcgbios/tcgbios.c
Index: xen-4.1.2-testing/tools/firmware/rombios/32bit/tcgbios/tcgbios.c
===================================================================
--- xen-4.1.2-testing.orig/tools/firmware/rombios/32bit/tcgbios/tcgbios.c
+++ xen-4.1.2-testing/tools/firmware/rombios/32bit/tcgbios/tcgbios.c
@@ -1064,7 +1064,7 @@ uint32_t HashLogEvent32(struct hlei *hle
uint32_t rc = 0;
uint16_t size;
@ -63,8 +73,10 @@
uint32_t hashdataptr;
uint32_t hashdatalen;
--- a/tools/console/client/main.c
+++ b/tools/console/client/main.c
Index: xen-4.1.2-testing/tools/console/client/main.c
===================================================================
--- xen-4.1.2-testing.orig/tools/console/client/main.c
+++ xen-4.1.2-testing/tools/console/client/main.c
@@ -277,7 +277,8 @@ int main(int argc, char **argv)
};
@ -75,8 +87,10 @@
struct xs_handle *xs;
char *end;
console_type type = CONSOLE_INVAL;
--- a/tools/xenstat/xentop/xentop.c
+++ b/tools/xenstat/xentop/xentop.c
Index: xen-4.1.2-testing/tools/xenstat/xentop/xentop.c
===================================================================
--- xen-4.1.2-testing.orig/tools/xenstat/xentop/xentop.c
+++ xen-4.1.2-testing/tools/xenstat/xentop/xentop.c
@@ -272,7 +272,8 @@ static void fail(const char *str)
/* Return the row containing the cursor. */
static int current_row(void)
@ -97,9 +111,11 @@
getmaxyx(stdscr, y, x);
return y;
}
--- a/tools/libxl/libxlu_cfg.c
+++ b/tools/libxl/libxlu_cfg.c
@@ -348,7 +348,7 @@ char *xlu__cfgl_dequote(CfgParseContext
Index: xen-4.1.2-testing/tools/libxl/libxlu_cfg.c
===================================================================
--- xen-4.1.2-testing.orig/tools/libxl/libxlu_cfg.c
+++ xen-4.1.2-testing/tools/libxl/libxlu_cfg.c
@@ -348,7 +348,7 @@ char *xlu__cfgl_dequote(CfgParseContext
#define NUMERIC_CHAR(minlen,maxlen,base,basetext) do{ \
char numbuf[(maxlen)+1], *ep; \
@ -108,9 +124,11 @@
\
strncpy(numbuf,p,(maxlen)); \
numbuf[(maxlen)]= 0; \
--- a/tools/libxl/libxl.c
+++ b/tools/libxl/libxl.c
@@ -221,7 +221,7 @@ int libxl_domain_rename(libxl_ctx *ctx,
Index: xen-4.1.2-testing/tools/libxl/libxl.c
===================================================================
--- xen-4.1.2-testing.orig/tools/libxl/libxl.c
+++ xen-4.1.2-testing/tools/libxl/libxl.c
@@ -221,7 +221,7 @@ int libxl_domain_rename(libxl_ctx *ctx,
int libxl_domain_resume(libxl_ctx *ctx, uint32_t domid)
{
libxl__gc gc = LIBXL_INIT_GC(ctx);
@ -119,7 +137,7 @@
if (libxl__domain_is_hvm(ctx, domid)) {
LIBXL__LOG(ctx, LIBXL__LOG_DEBUG, "Called domain_resume on "
@@ -1291,7 +1291,7 @@ libxl_nicinfo *libxl_list_nics(libxl_ctx
@@ -1297,7 +1297,7 @@ libxl_nicinfo *libxl_list_nics(libxl_ctx
{
libxl__gc gc = LIBXL_INIT_GC(ctx);
char *dompath, *nic_path_fe;
@ -128,7 +146,7 @@
char *val, *tok;
unsigned int nb_nics, i;
libxl_nicinfo *res, *nics;
@@ -1299,7 +1299,7 @@ libxl_nicinfo *libxl_list_nics(libxl_ctx
@@ -1305,7 +1305,7 @@ libxl_nicinfo *libxl_list_nics(libxl_ctx
dompath = libxl__xs_get_dompath(&gc, domid);
if (!dompath)
goto err;
@ -137,8 +155,10 @@
libxl__sprintf(&gc, "%s/device/vif", dompath), &nb_nics);
if (!l)
goto err;
--- a/tools/libxl/libxl_pci.c
+++ b/tools/libxl/libxl_pci.c
Index: xen-4.1.2-testing/tools/libxl/libxl_pci.c
===================================================================
--- xen-4.1.2-testing.orig/tools/libxl/libxl_pci.c
+++ xen-4.1.2-testing/tools/libxl/libxl_pci.c
@@ -240,7 +240,7 @@ static int libxl_create_pci_backend(libx
flexarray_t *front = NULL;
flexarray_t *back = NULL;
@ -157,8 +177,10 @@
LIBXL__LOG(ctx, LIBXL__LOG_DEBUG, "Creating pci backend");
/* add pci device */
--- a/tools/libxl/libxl_dom.c
+++ b/tools/libxl/libxl_dom.c
Index: xen-4.1.2-testing/tools/libxl/libxl_dom.c
===================================================================
--- xen-4.1.2-testing.orig/tools/libxl/libxl_dom.c
+++ xen-4.1.2-testing/tools/libxl/libxl_dom.c
@@ -265,14 +265,13 @@ int libxl__build_hvm(libxl_ctx *ctx, uin
libxl_domain_build_info *info, libxl_domain_build_state *state)
{
@ -183,8 +205,10 @@
out:
libxl__free_all(&gc);
return 0;
--- a/tools/libxl/libxl_utils.c
+++ b/tools/libxl/libxl_utils.c
Index: xen-4.1.2-testing/tools/libxl/libxl_utils.c
===================================================================
--- xen-4.1.2-testing.orig/tools/libxl/libxl_utils.c
+++ xen-4.1.2-testing/tools/libxl/libxl_utils.c
@@ -531,7 +531,7 @@ int libxl_devid_to_device_disk(libxl_ctx
libxl__gc gc = LIBXL_INIT_GC(ctx);
char *val;
@ -194,8 +218,10 @@
int rc = ERROR_INVAL;
devid_n = libxl__device_disk_dev_number(devid);
--- a/tools/libxl/xl_cmdimpl.c
+++ b/tools/libxl/xl_cmdimpl.c
Index: xen-4.1.2-testing/tools/libxl/xl_cmdimpl.c
===================================================================
--- xen-4.1.2-testing.orig/tools/libxl/xl_cmdimpl.c
+++ xen-4.1.2-testing/tools/libxl/xl_cmdimpl.c
@@ -5448,7 +5448,7 @@ int main_cpupoollist(int argc, char **ar
{"cpus", 0, 0, 'c'},
{0, 0, 0, 0}
@ -205,8 +231,10 @@
int opt_cpus = 0;
const char *pool = NULL;
libxl_cpupoolinfo *poolinfo;
--- a/tools/debugger/gdbsx/gx/gx_comm.c
+++ b/tools/debugger/gdbsx/gx/gx_comm.c
Index: xen-4.1.2-testing/tools/debugger/gdbsx/gx/gx_comm.c
===================================================================
--- xen-4.1.2-testing.orig/tools/debugger/gdbsx/gx/gx_comm.c
+++ xen-4.1.2-testing/tools/debugger/gdbsx/gx/gx_comm.c
@@ -163,7 +163,7 @@ readchar(void)
static char buf[BUFSIZ];
static int bufcnt = 0;
@ -216,8 +244,10 @@
if (bufcnt-- > 0)
return *bufp++ & 0x7f;
--- a/tools/python/xen/lowlevel/checkpoint/libcheckpoint.c
+++ b/tools/python/xen/lowlevel/checkpoint/libcheckpoint.c
Index: xen-4.1.2-testing/tools/python/xen/lowlevel/checkpoint/libcheckpoint.c
===================================================================
--- xen-4.1.2-testing.orig/tools/python/xen/lowlevel/checkpoint/libcheckpoint.c
+++ xen-4.1.2-testing/tools/python/xen/lowlevel/checkpoint/libcheckpoint.c
@@ -820,7 +820,7 @@ static int create_suspend_thread(checkpo
static void stop_suspend_thread(checkpoint_state* s)
@ -227,8 +257,10 @@
s->done = 1;
--- a/tools/python/xen/lowlevel/netlink/libnetlink.c
+++ b/tools/python/xen/lowlevel/netlink/libnetlink.c
Index: xen-4.1.2-testing/tools/python/xen/lowlevel/netlink/libnetlink.c
===================================================================
--- xen-4.1.2-testing.orig/tools/python/xen/lowlevel/netlink/libnetlink.c
+++ xen-4.1.2-testing/tools/python/xen/lowlevel/netlink/libnetlink.c
@@ -433,7 +433,8 @@ int rtnl_from_file(FILE *rtnl, rtnl_filt
nladdr.nl_groups = 0;
@ -239,8 +271,10 @@
int l;
status = fread(&buf, 1, sizeof(*h), rtnl);
--- a/xen/arch/x86/msi.c
+++ b/xen/arch/x86/msi.c
Index: xen-4.1.2-testing/xen/arch/x86/msi.c
===================================================================
--- xen-4.1.2-testing.orig/xen/arch/x86/msi.c
+++ xen-4.1.2-testing/xen/arch/x86/msi.c
@@ -799,7 +799,7 @@ static void __pci_disable_msi(struct msi
{
struct pci_dev *dev;
@ -250,8 +284,10 @@
u8 bus, slot, func;
dev = entry->dev;
--- a/xen/common/cpupool.c
+++ b/xen/common/cpupool.c
Index: xen-4.1.2-testing/xen/common/cpupool.c
===================================================================
--- xen-4.1.2-testing.orig/xen/common/cpupool.c
+++ xen-4.1.2-testing/xen/common/cpupool.c
@@ -356,7 +356,7 @@ int cpupool_add_domain(struct domain *d,
{
struct cpupool *c;
@ -272,9 +308,11 @@
if ( d->cpupool == NULL )
return;
--- a/xen/common/grant_table.c
+++ b/xen/common/grant_table.c
@@ -765,7 +765,7 @@ __gnttab_unmap_common(
Index: xen-4.1.2-testing/xen/common/grant_table.c
===================================================================
--- xen-4.1.2-testing.orig/xen/common/grant_table.c
+++ xen-4.1.2-testing/xen/common/grant_table.c
@@ -767,7 +767,7 @@ __gnttab_unmap_common(
struct domain *ld, *rd;
struct active_grant_entry *act;
s16 rc = 0;
@ -283,8 +321,10 @@
ld = current->domain;
--- a/xen/common/kexec.c
+++ b/xen/common/kexec.c
Index: xen-4.1.2-testing/xen/common/kexec.c
===================================================================
--- xen-4.1.2-testing.orig/xen/common/kexec.c
+++ xen-4.1.2-testing/xen/common/kexec.c
@@ -573,7 +573,8 @@ static int kexec_exec(XEN_GUEST_HANDLE(v
{
xen_kexec_exec_t exec;
@ -295,8 +335,10 @@
if ( unlikely(copy_from_guest(&exec, uarg, 1)) )
return -EFAULT;
--- a/xen/drivers/passthrough/vtd/intremap.c
+++ b/xen/drivers/passthrough/vtd/intremap.c
Index: xen-4.1.2-testing/xen/drivers/passthrough/vtd/intremap.c
===================================================================
--- xen-4.1.2-testing.orig/xen/drivers/passthrough/vtd/intremap.c
+++ xen-4.1.2-testing/xen/drivers/passthrough/vtd/intremap.c
@@ -367,7 +367,7 @@ unsigned int io_apic_read_remap_rte(
unsigned int ioapic_pin = (reg - 0x10) / 2;
int index;
@ -315,8 +357,10 @@
iommu = drhd->iommu;
qi_ctrl = iommu_qi_ctrl(iommu);
--- a/xen/common/sched_credit2.c
+++ b/xen/common/sched_credit2.c
Index: xen-4.1.2-testing/xen/common/sched_credit2.c
===================================================================
--- xen-4.1.2-testing.orig/xen/common/sched_credit2.c
+++ xen-4.1.2-testing/xen/common/sched_credit2.c
@@ -1854,7 +1854,8 @@ static void deactivate_runqueue(struct c
static void init_pcpu(const struct scheduler *ops, int cpu)
@ -327,9 +371,11 @@
struct csched_private *prv = CSCHED_PRIV(ops);
struct csched_runqueue_data *rqd;
spinlock_t *old_lock;
--- a/xen/common/unlzo.c
+++ b/xen/common/unlzo.c
@@ -68,7 +68,7 @@ static int INIT parse_header(u8 *input,
Index: xen-4.1.2-testing/xen/common/unlzo.c
===================================================================
--- xen-4.1.2-testing.orig/xen/common/unlzo.c
+++ xen-4.1.2-testing/xen/common/unlzo.c
@@ -68,7 +68,7 @@ static int INIT parse_header(u8 *input,
{
int l;
u8 *parse = input;
@ -338,8 +384,10 @@
u16 version;
/* read magic: 9 first bits */
--- a/xen/arch/x86/time.c
+++ b/xen/arch/x86/time.c
Index: xen-4.1.2-testing/xen/arch/x86/time.c
===================================================================
--- xen-4.1.2-testing.orig/xen/arch/x86/time.c
+++ xen-4.1.2-testing/xen/arch/x86/time.c
@@ -1009,7 +1009,8 @@ static void local_time_calibration(void)
* System timestamps, extrapolated from local and master oscillators,
* taken during this calibration and the previous calibration.
@ -350,8 +398,10 @@
s_time_t prev_master_stime, curr_master_stime;
/* TSC timestamps taken during this calibration and prev calibration. */
--- a/xen/arch/x86/cpu/amd.c
+++ b/xen/arch/x86/cpu/amd.c
Index: xen-4.1.2-testing/xen/arch/x86/cpu/amd.c
===================================================================
--- xen-4.1.2-testing.orig/xen/arch/x86/cpu/amd.c
+++ xen-4.1.2-testing/xen/arch/x86/cpu/amd.c
@@ -391,7 +391,7 @@ static void __devinit init_amd(struct cp
{
u32 l, h;
@ -361,9 +411,11 @@
#ifdef CONFIG_SMP
unsigned long long value;
--- a/xen/arch/x86/mm/p2m.c
+++ b/xen/arch/x86/mm/p2m.c
@@ -2339,7 +2339,7 @@ p2m_remove_page(struct p2m_domain *p2m,
Index: xen-4.1.2-testing/xen/arch/x86/mm/p2m.c
===================================================================
--- xen-4.1.2-testing.orig/xen/arch/x86/mm/p2m.c
+++ xen-4.1.2-testing/xen/arch/x86/mm/p2m.c
@@ -2339,7 +2339,7 @@ p2m_remove_page(struct p2m_domain *p2m,
unsigned int page_order)
{
unsigned long i;
@ -381,8 +433,10 @@
int pod_count = 0;
int rc = 0;
--- a/xen/arch/x86/hvm/emulate.c
+++ b/xen/arch/x86/hvm/emulate.c
Index: xen-4.1.2-testing/xen/arch/x86/hvm/emulate.c
===================================================================
--- xen-4.1.2-testing.orig/xen/arch/x86/hvm/emulate.c
+++ xen-4.1.2-testing/xen/arch/x86/hvm/emulate.c
@@ -59,7 +59,7 @@ static int hvmemul_do_io(
ioreq_t *p = get_ioreq(curr);
unsigned long ram_gfn = paddr_to_pfn(ram_gpa);
@ -392,8 +446,10 @@
int rc;
/* Check for paged out page */
--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
Index: xen-4.1.2-testing/xen/arch/x86/hvm/hvm.c
===================================================================
--- xen-4.1.2-testing.orig/xen/arch/x86/hvm/hvm.c
+++ xen-4.1.2-testing/xen/arch/x86/hvm/hvm.c
@@ -253,7 +253,8 @@ void hvm_migrate_timers(struct vcpu *v)
void hvm_migrate_pirqs(struct vcpu *v)
@ -404,7 +460,7 @@
struct irq_desc *desc;
struct domain *d = v->domain;
struct hvm_irq_dpci *hvm_irq_dpci = d->arch.hvm_domain.irq.dpci;
@@ -3589,7 +3590,7 @@ long do_hvm_op(unsigned long op, XEN_GUE
@@ -3686,7 +3687,7 @@ long do_hvm_op(unsigned long op, XEN_GUE
{
p2m_type_t t;
p2m_type_t nt;
@ -413,8 +469,10 @@
mfn = gfn_to_mfn_unshare(p2m, pfn, &t, 0);
if ( p2m_is_paging(t) )
{
--- a/xen/arch/x86/acpi/cpu_idle.c
+++ b/xen/arch/x86/acpi/cpu_idle.c
Index: xen-4.1.2-testing/xen/arch/x86/acpi/cpu_idle.c
===================================================================
--- xen-4.1.2-testing.orig/xen/arch/x86/acpi/cpu_idle.c
+++ xen-4.1.2-testing/xen/arch/x86/acpi/cpu_idle.c
@@ -276,7 +276,7 @@ static void acpi_processor_ffh_cstate_en
static void acpi_idle_do_entry(struct acpi_processor_cx *cx)
@ -424,8 +482,10 @@
switch ( cx->entry_method )
{
--- a/xen/arch/x86/cpu/intel_cacheinfo.c
+++ b/xen/arch/x86/cpu/intel_cacheinfo.c
Index: xen-4.1.2-testing/xen/arch/x86/cpu/intel_cacheinfo.c
===================================================================
--- xen-4.1.2-testing.orig/xen/arch/x86/cpu/intel_cacheinfo.c
+++ xen-4.1.2-testing/xen/arch/x86/cpu/intel_cacheinfo.c
@@ -170,7 +170,8 @@ unsigned int __cpuinit init_intel_cachei
unsigned int trace = 0, l1i = 0, l1d = 0, l2 = 0, l3 = 0; /* Cache sizes */
unsigned int new_l1d = 0, new_l1i = 0; /* Cache sizes from cpuid(4) */
@ -436,9 +496,11 @@
if (c->cpuid_level > 3) {
static int is_initialized;
--- a/xen/arch/x86/mm/mem_sharing.c
+++ b/xen/arch/x86/mm/mem_sharing.c
@@ -375,7 +375,7 @@ int mem_sharing_debug_gfn(struct domain
Index: xen-4.1.2-testing/xen/arch/x86/mm/mem_sharing.c
===================================================================
--- xen-4.1.2-testing.orig/xen/arch/x86/mm/mem_sharing.c
+++ xen-4.1.2-testing/xen/arch/x86/mm/mem_sharing.c
@@ -375,7 +375,7 @@ int mem_sharing_debug_gfn(struct domain
{
p2m_type_t p2mt;
mfn_t mfn;
@ -447,8 +509,10 @@
mfn = gfn_to_mfn(p2m_get_hostp2m(d), gfn, &p2mt);
page = mfn_to_page(mfn);
--- a/xen/arch/x86/hvm/viridian.c
+++ b/xen/arch/x86/hvm/viridian.c
Index: xen-4.1.2-testing/xen/arch/x86/hvm/viridian.c
===================================================================
--- xen-4.1.2-testing.orig/xen/arch/x86/hvm/viridian.c
+++ xen-4.1.2-testing/xen/arch/x86/hvm/viridian.c
@@ -270,7 +270,7 @@ int rdmsr_viridian_regs(uint32_t idx, ui
int viridian_hypercall(struct cpu_user_regs *regs)
{
@ -458,8 +522,10 @@
uint16_t status = HV_STATUS_SUCCESS;
union hypercall_input {
--- a/xen/arch/x86/mm.c
+++ b/xen/arch/x86/mm.c
Index: xen-4.1.2-testing/xen/arch/x86/mm.c
===================================================================
--- xen-4.1.2-testing.orig/xen/arch/x86/mm.c
+++ xen-4.1.2-testing/xen/arch/x86/mm.c
@@ -4914,7 +4914,7 @@ static int ptwr_emulated_update(
{
unsigned long mfn;
@ -469,8 +535,10 @@
l1_pgentry_t pte, ol1e, nl1e, *pl1e;
struct vcpu *v = current;
struct domain *d = v->domain;
--- a/xen/arch/x86/x86_64/mm.c
+++ b/xen/arch/x86/x86_64/mm.c
Index: xen-4.1.2-testing/xen/arch/x86/x86_64/mm.c
===================================================================
--- xen-4.1.2-testing.orig/xen/arch/x86/x86_64/mm.c
+++ xen-4.1.2-testing/xen/arch/x86/x86_64/mm.c
@@ -436,7 +436,8 @@ void destroy_m2p_mapping(struct mem_hota
static int setup_compat_m2p_table(struct mem_hotadd_info *info)
{
@ -481,8 +549,10 @@
l3_pgentry_t *l3_ro_mpt = NULL;
l2_pgentry_t *l2_ro_mpt = NULL;
struct page_info *l1_pg;
--- a/xen/arch/x86/cpu/mcheck/mce.c
+++ b/xen/arch/x86/cpu/mcheck/mce.c
Index: xen-4.1.2-testing/xen/arch/x86/cpu/mcheck/mce.c
===================================================================
--- xen-4.1.2-testing.orig/xen/arch/x86/cpu/mcheck/mce.c
+++ xen-4.1.2-testing/xen/arch/x86/cpu/mcheck/mce.c
@@ -151,7 +151,6 @@ static struct mcinfo_bank *mca_init_bank
struct mc_info *mi, int bank)
{
@ -499,7 +569,7 @@
if (mib->mc_status & MCi_STATUS_MISCV)
mib->mc_misc = mca_rdmsr(MSR_IA32_MCx_MISC(bank));
@@ -281,7 +279,7 @@ mctelem_cookie_t mcheck_mca_logout(enum
@@ -281,7 +279,7 @@ mctelem_cookie_t mcheck_mca_logout(enum
recover = (mc_recoverable_scan)? 1: 0;
for (i = 0; i < 32 && i < nr_mce_banks; i++) {
@ -517,8 +587,10 @@
uint64_t hwcr = 0;
int intpose;
int i;
--- a/xen/common/tmem.c
+++ b/xen/common/tmem.c
Index: xen-4.1.2-testing/xen/common/tmem.c
===================================================================
--- xen-4.1.2-testing.orig/xen/common/tmem.c
+++ xen-4.1.2-testing/xen/common/tmem.c
@@ -1351,7 +1351,8 @@ obj_unlock:
static int tmem_evict(void)
{
@ -539,8 +611,10 @@
client_t *client = pool->client;
int ret = client->frozen ? -EFROZEN : -ENOMEM;
--- a/xen/common/tmem_xen.c
+++ b/xen/common/tmem_xen.c
Index: xen-4.1.2-testing/xen/common/tmem_xen.c
===================================================================
--- xen-4.1.2-testing.orig/xen/common/tmem_xen.c
+++ xen-4.1.2-testing/xen/common/tmem_xen.c
@@ -177,7 +177,7 @@ EXPORT int tmh_copy_from_client(pfp_t *p
EXPORT int tmh_compress_from_client(tmem_cli_mfn_t cmfn,
void **out_va, size_t *out_len, void *cli_va)
@ -578,9 +652,11 @@
tmh->persistent_pool = xmem_pool_create(name, tmh_persistent_pool_page_get,
tmh_persistent_pool_page_put, PAGE_SIZE, 0, PAGE_SIZE);
if ( tmh->persistent_pool == NULL )
--- a/xen/arch/x86/cpu/mcheck/vmce.c
+++ b/xen/arch/x86/cpu/mcheck/vmce.c
@@ -571,7 +571,7 @@ int is_vmce_ready(struct mcinfo_bank *ba
Index: xen-4.1.2-testing/xen/arch/x86/cpu/mcheck/vmce.c
===================================================================
--- xen-4.1.2-testing.orig/xen/arch/x86/cpu/mcheck/vmce.c
+++ xen-4.1.2-testing/xen/arch/x86/cpu/mcheck/vmce.c
@@ -630,7 +630,7 @@ int is_vmce_ready(struct mcinfo_bank *ba
*/
int unmmap_broken_page(struct domain *d, mfn_t mfn, unsigned long gfn)
{
@ -589,9 +665,11 @@
struct p2m_domain *p2m;
p2m_type_t pt;
--- a/xen/arch/x86/mm/shadow/multi.c
+++ b/xen/arch/x86/mm/shadow/multi.c
@@ -124,7 +124,7 @@ set_shadow_status(struct vcpu *v, mfn_t
Index: xen-4.1.2-testing/xen/arch/x86/mm/shadow/multi.c
===================================================================
--- xen-4.1.2-testing.orig/xen/arch/x86/mm/shadow/multi.c
+++ xen-4.1.2-testing/xen/arch/x86/mm/shadow/multi.c
@@ -124,7 +124,7 @@ set_shadow_status(struct vcpu *v, mfn_t
/* Put a shadow into the hash table */
{
struct domain *d = v->domain;
@ -609,8 +687,10 @@
shadow_l1e_t *sl1p, sl1e;
struct page_info *sp;
--- a/xen/arch/x86/domain_build.c
+++ b/xen/arch/x86/domain_build.c
Index: xen-4.1.2-testing/xen/arch/x86/domain_build.c
===================================================================
--- xen-4.1.2-testing.orig/xen/arch/x86/domain_build.c
+++ xen-4.1.2-testing/xen/arch/x86/domain_build.c
@@ -378,8 +378,7 @@ int __init construct_dom0(
return rc;
@ -621,9 +701,11 @@
machine = elf_uval(&elf, elf.ehdr, e_machine);
switch (CONFIG_PAGING_LEVELS) {
case 3: /* x86_32p */
--- a/xen/arch/x86/traps.c
+++ b/xen/arch/x86/traps.c
@@ -1858,7 +1858,11 @@ static int emulate_privileged_op(struct
Index: xen-4.1.2-testing/xen/arch/x86/traps.c
===================================================================
--- xen-4.1.2-testing.orig/xen/arch/x86/traps.c
+++ xen-4.1.2-testing/xen/arch/x86/traps.c
@@ -1858,7 +1858,11 @@ static int emulate_privileged_op(struct
struct vcpu *v = current;
unsigned long *reg, eip = regs->eip;
u8 opcode, modrm_reg = 0, modrm_rm = 0, rep_prefix = 0, lock = 0, rex = 0;

184
xen-xmexample.diff
View File

@ -4,7 +4,7 @@ Index: xen-4.1.2-testing/tools/examples/xmexample1
===================================================================
--- xen-4.1.2-testing.orig/tools/examples/xmexample1
+++ xen-4.1.2-testing/tools/examples/xmexample1
@@ -7,11 +7,13 @@
@@ -7,11 +7,17 @@
#============================================================================
#----------------------------------------------------------------------------
@ -17,13 +17,31 @@ Index: xen-4.1.2-testing/tools/examples/xmexample1
+kernel = "/boot/vmlinuz-xen"
+ramdisk = "/boot/initrd-xen"
+
+# Or use domUloader instead of kernel/ramdisk to get kernel from domU FS
+# Or use a bootloader instead of kernel/ramdisk to get the kernel from domU FS
+# domUloader bootloader example:
+#bootloader = "/usr/lib/xen/boot/domUloader.py"
+#bootentry = "hda2:/vmlinuz-xen,/initrd-xen"
+# pygrub bootloader example:
+#bootloader="/usr/bin/pygrub"
+#bootargs=""
# The domain build function. Default is 'linux'.
#builder='linux'
@@ -131,7 +133,7 @@ disk = [ 'phy:hda1,hda1,w' ]
@@ -49,11 +55,11 @@ name = "ExampleDomain"
#
# or optionally override backend, bridge, ip, mac, script, type, or vifname:
#
-# vif = [ 'mac=00:16:3e:00:00:11, bridge=xenbr0' ]
+# vif = [ 'mac=00:16:3e:00:00:11, bridge=br0' ]
#
# or more than one interface may be configured:
#
-# vif = [ '', 'bridge=xenbr1' ]
+# vif = [ '', 'bridge=br1' ]
vif = [ '' ]
@@ -131,7 +137,7 @@ disk = [ 'phy:hda1,hda1,w' ]
#hostname= "vm%d" % vmid
# Set root device.
@ -32,7 +50,7 @@ Index: xen-4.1.2-testing/tools/examples/xmexample1
# Root device for nfs.
#root = "/dev/nfs"
@@ -140,8 +142,8 @@ root = "/dev/hda1 ro"
@@ -140,8 +146,8 @@ root = "/dev/hda1 ro"
# Root directory on the nfs server.
#nfs_root = '/full/path/to/root/directory'
@ -47,7 +65,7 @@ Index: xen-4.1.2-testing/tools/examples/xmexample2
===================================================================
--- xen-4.1.2-testing.orig/tools/examples/xmexample2
+++ xen-4.1.2-testing/tools/examples/xmexample2
@@ -35,11 +35,13 @@ xm_vars.var('vmid',
@@ -35,11 +35,17 @@ xm_vars.var('vmid',
xm_vars.check()
#----------------------------------------------------------------------------
@ -60,13 +78,31 @@ Index: xen-4.1.2-testing/tools/examples/xmexample2
+kernel = "/boot/vmlinuz-xen"
+ramdisk = "/boot/initrd-xen"
+
+# Or use domUloader instead of kernel/ramdisk to get kernel from domU FS
+# Or use a bootloader instead of kernel/ramdisk to get the kernel from domU FS
+# domUloader bootloader example:
+#bootloader = "/usr/lib/xen/boot/domUloader.py"
+#bootentry = "hda2:/vmlinuz-xen,/initrd-xen"
+# pygrub bootloader example:
+#bootloader="/usr/bin/pygrub"
+#bootargs=""
# The domain build function. Default is 'linux'.
#builder='linux'
@@ -167,7 +169,7 @@ disk = [ 'phy:sda%d,sda1,w' % (7+vmid),
@@ -80,11 +86,11 @@ vcpus = 4 # make your domain a 4-way
#
# or optionally override backend, bridge, ip, mac, script, type, or vifname:
#
-# vif = [ 'mac=00:16:3e:00:00:11, bridge=xenbr0' ]
+# vif = [ 'mac=00:16:3e:00:00:11, bridge=br0' ]
#
# or more than one interface may be configured:
#
-# vif = [ '', 'bridge=xenbr1' ]
+# vif = [ '', 'bridge=br1' ]
vif = [ '' ]
@@ -167,7 +173,7 @@ disk = [ 'phy:sda%d,sda1,w' % (7+vmid),
#hostname= "vm%d" % vmid
# Set root device.
@ -75,7 +111,7 @@ Index: xen-4.1.2-testing/tools/examples/xmexample2
# Root device for nfs.
#root = "/dev/nfs"
@@ -176,8 +178,8 @@ root = "/dev/sda1 ro"
@@ -176,8 +182,8 @@ root = "/dev/sda1 ro"
# Root directory on the nfs server.
#nfs_root = '/full/path/to/root/directory'
@ -90,7 +126,7 @@ Index: xen-4.1.2-testing/tools/examples/xmexample3
===================================================================
--- xen-4.1.2-testing.orig/tools/examples/xmexample3
+++ xen-4.1.2-testing/tools/examples/xmexample3
@@ -35,11 +35,13 @@ xm_vars.var('vmid',
@@ -35,11 +35,17 @@ xm_vars.var('vmid',
xm_vars.check()
#----------------------------------------------------------------------------
@ -102,9 +138,13 @@ Index: xen-4.1.2-testing/tools/examples/xmexample3
-# Optional ramdisk.
-#ramdisk = "/boot/initrd.gz"
+# Or use domUloader instead of kernel/ramdisk to get kernel from domU FS
+# Or use a bootloader instead of kernel/ramdisk to get the kernel from domU FS
+# domUloader bootloader example:
+#bootloader = "/usr/lib/xen/boot/domUloader.py"
+#bootentry = "hda2:/vmlinuz-xen,/initrd-xen"
+# pygrub bootloader example:
+#bootloader="/usr/bin/pygrub"
+#bootargs=""
# The domain build function. Default is 'linux'.
#builder='linux'
@ -112,7 +152,39 @@ Index: xen-4.1.2-testing/tools/examples/xmexample.hvm
===================================================================
--- xen-4.1.2-testing.orig/tools/examples/xmexample.hvm
+++ xen-4.1.2-testing/tools/examples/xmexample.hvm
@@ -78,7 +78,7 @@ vif = [ 'type=ioemu, bridge=xenbr0' ]
@@ -64,11 +64,26 @@ name = "ExampleHVMDomain"
#cpus = "0-3,5,^1" # all vcpus run on cpus 0,2,3,5
#cpus = ["2", "3"] # VCPU0 runs on CPU2, VCPU1 runs on CPU3
-# Optionally define mac and/or bridge for the network interfaces.
-# Random MACs are assigned if not given.
-#vif = [ 'type=ioemu, mac=00:16:3e:00:00:11, bridge=xenbr0, model=ne2k_pci' ]
-# type=ioemu specify the NIC is an ioemu device not netfront
-vif = [ 'type=ioemu, bridge=xenbr0' ]
+#----------------------------------------------------------------------------
+# Define network interfaces.
+
+# By default, no network interfaces are configured. You may have one created
+# with sensible defaults using an empty vif clause:
+#
+# vif = [ '' ]
+#
+# or optionally override backend, bridge, ip, mac, script, type, model,
+# or vifname.
+#
+# An emulated RealTek 8139 network interface can be configured with:
+#
+# vif = [ 'mac=00:16:3e:00:00:11, type=ioemu, model=rtl8139, bridge=br0' ]
+#
+# A para-virtual network interface can be configured with:
+#
+# vif = [ 'mac=00:16:3e:00:00:11, type=netfront, bridge=br0' ]
+#
+vif = [ '' ]
#----------------------------------------------------------------------------
# Define the disk devices you want the domain to have access to, and
@@ -78,7 +93,7 @@ vif = [ 'type=ioemu, bridge=xenbr0' ]
# and MODE is r for read-only, w for read-write.
#disk = [ 'phy:hda1,hda1,r' ]
@ -175,3 +247,93 @@ Index: xen-4.1.2-testing/docs/man/xm.pod.1
name=ramdisk vif='' vcpus=1 \
memory=64 root=/dev/ram0
Index: xen-4.1.2-testing/tools/examples/xmexample.hvm-stubdom
===================================================================
--- xen-4.1.2-testing.orig/tools/examples/xmexample.hvm-stubdom
+++ xen-4.1.2-testing/tools/examples/xmexample.hvm-stubdom
@@ -55,11 +55,26 @@ name = "xmexample.hvm"
#cpus = "0-3,5,^1" # all vcpus run on cpus 0,2,3,5
#cpus = ["2", "3"] # VCPU0 runs on CPU2, VCPU1 runs on CPU3
-# Optionally define mac and/or bridge for the network interfaces.
-# Random MACs are assigned if not given.
-#vif = [ 'type=ioemu, mac=00:16:3e:00:00:11, bridge=xenbr0, model=ne2k_pci' ]
-# type=ioemu specify the NIC is an ioemu device not netfront
-vif = [ 'type=ioemu, bridge=xenbr0' ]
+#----------------------------------------------------------------------------
+# Define network interfaces.
+
+# By default, no network interfaces are configured. You may have one created
+# with sensible defaults using an empty vif clause:
+#
+# vif = [ '' ]
+#
+# or optionally override backend, bridge, ip, mac, script, type, model,
+# or vifname.
+#
+# An emulated RealTek 8139 network interface can be configured with:
+#
+# vif = [ 'mac=00:16:3e:00:00:11, type=ioemu, model=rtl8139, bridge=br0' ]
+#
+# A para-virtual network interface can be configured with:
+#
+# vif = [ 'mac=00:16:3e:00:00:11, type=netfront, bridge=br0' ]
+#
+vif = [ '' ]
#----------------------------------------------------------------------------
# Define the disk devices you want the domain to have access to, and
Index: xen-4.1.2-testing/tools/examples/xmexample.pv-grub
===================================================================
--- xen-4.1.2-testing.orig/tools/examples/xmexample.pv-grub
+++ xen-4.1.2-testing/tools/examples/xmexample.pv-grub
@@ -53,11 +53,11 @@ name = "ExampleDomain"
#
# or optionally override backend, bridge, ip, mac, script, type, or vifname:
#
-# vif = [ 'mac=00:16:3e:00:00:11, bridge=xenbr0' ]
+# vif = [ 'mac=00:16:3e:00:00:11, bridge=br0' ]
#
# or more than one interface may be configured:
#
-# vif = [ '', 'bridge=xenbr1' ]
+# vif = [ '', 'bridge=br1' ]
vif = [ '' ]
Index: xen-4.1.2-testing/tools/examples/xmexample.vti
===================================================================
--- xen-4.1.2-testing.orig/tools/examples/xmexample.vti
+++ xen-4.1.2-testing/tools/examples/xmexample.vti
@@ -40,11 +40,26 @@ name = "ExampleVTIDomain"
# In Windows OS, smaller size shows better performance.
#vhpt = 23
-# Optionally define mac and/or bridge for the network interfaces.
-# Random MACs are assigned if not given.
-#vif = [ 'type=ioemu, mac=00:16:3e:00:00:11, bridge=xenbr0, model=ne2k_pci' ]
-# type=ioemu specify the NIC is an ioemu device not netfront
-vif = [ 'type=ioemu, bridge=xenbr0' ]
+#----------------------------------------------------------------------------
+# Define network interfaces.
+
+# By default, no network interfaces are configured. You may have one created
+# with sensible defaults using an empty vif clause:
+#
+# vif = [ '' ]
+#
+# or optionally override backend, bridge, ip, mac, script, type, model,
+# or vifname.
+#
+# An emulated RealTek 8139 network interface can be configured with:
+#
+# vif = [ 'mac=00:16:3e:00:00:11, type=ioemu, model=rtl8139, bridge=br0' ]
+#
+# A para-virtual network interface can be configured with:
+#
+# vif = [ 'mac=00:16:3e:00:00:11, type=netfront, bridge=br0' ]
+#
+vif = [ '' ]
#----------------------------------------------------------------------------
# Define the disk devices you want the domain to have access to, and

43
xen.changes
View File

@ -1,3 +1,40 @@
-------------------------------------------------------------------
Mon Feb 27 16:05:19 MST 2012 - jfehlig@suse.com
- bnc#745880 - cpuid setting is not preserved across xend restarts
xend-cpuid.patch
-------------------------------------------------------------------
Mon Feb 27 15:40:02 MST 2012 - jfehlig@suse.com
- Rename 2XXXX-vif-bridge.patch -> vif-bridge-tap-fix.patch
-------------------------------------------------------------------
Mon Feb 27 08:16:43 MST 2012 - carnold@novell.com
- bnc#747331 - XEN: standard "newburn" kernel QA stress test on guest
(+ smartd on Dom0?) freezes the guest
24883-x86-guest-walk-not-present.patch
- bnc#745367 - MCE bank handling during migration
24781-x86-vmce-mcg_ctl.patch
24886-x86-vmce-mcg_ctl-default.patch
24887-x86-vmce-sr.patch
- bnc#744771 - L3: VM with passed through PCI card fails to reboot
under dom0 load
24888-pci-release-devices.patch
- Upstream patches from Jan
24517-VT-d-fault-softirq.patch
24527-AMD-Vi-fault-softirq.patch
24535-x86-vMSI-misc.patch
24615-VESA-lfb-flush.patch
24690-x86-PCI-SERR-no-deadlock.patch
24701-gnttab-map-grant-ref-recovery.patch
24742-gnttab-misc.patch
24780-x86-paging-use-clear_guest.patch
24805-x86-MSI-X-dom0-ro.patch
ioemu-9869-MSI-X-init.patch
ioemu-9873-MSI-X-fix-unregister_iomem.patch
-------------------------------------------------------------------
Sat Feb 25 21:55:42 CET 2012 - ohering@suse.de
@ -10,6 +47,12 @@ Tue Feb 14 09:23:35 MST 2012 - carnold@novell.com
install, when maxmem > memory
README.SuSE
-------------------------------------------------------------------
Wed Feb 8 10:16:59 MST 2012 - jfehlig@suse.com
- bnc#745005 - Update vif configuration examples in xmexample*
Updated xen-xmexample.diff
-------------------------------------------------------------------
Thu Feb 2 17:11:28 MST 2012 - jfehlig@suse.com

72
xen.spec
View File

@ -15,8 +15,6 @@
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
Name: xen
ExclusiveArch: %ix86 x86_64
%define xvers 4.1
@ -101,7 +99,7 @@ BuildRequires: kernel-syms
BuildRequires: module-init-tools
BuildRequires: xorg-x11
%endif
Version: 4.1.2_13
Version: 4.1.2_15
Release: 0
PreReq: %insserv_prereq %fillup_prereq
Summary: Xen Virtualization: Hypervisor (aka VMM aka Microkernel)
@ -345,14 +343,29 @@ Patch24456: 24456-x86-emul-lea.patch
Patch24459: 24459-libxl-vifname.patch
Patch24466: 24466-libxc_Only_retry_mapping_pages_when_ENOENT_is_returned.patch
Patch24478: 24478-libxl_add_feature_flag_to_xenstore_for_XS_RESET_WATCHES.patch
Patch24517: 24517-VT-d-fault-softirq.patch
Patch24527: 24527-AMD-Vi-fault-softirq.patch
Patch24535: 24535-x86-vMSI-misc.patch
Patch24566: 24566-tools-libxc_fix_error_handling_in_xc_mem_paging_load.patch
Patch24586: 24586-x86-mm_Properly_account_for_paged_out_pages.patch
Patch24609: 24609-tools-libxc_handle_fallback_in_linux_privcmd_map_foreign_bulk_properly.patch
Patch24610: 24610-xenpaging_make_file_op_largefile_aware.patch
Patch24615: 24615-VESA-lfb-flush.patch
Patch24690: 24690-x86-PCI-SERR-no-deadlock.patch
Patch24701: 24701-gnttab-map-grant-ref-recovery.patch
Patch24742: 24742-gnttab-misc.patch
Patch24780: 24780-x86-paging-use-clear_guest.patch
Patch24781: 24781-x86-vmce-mcg_ctl.patch
Patch24805: 24805-x86-MSI-X-dom0-ro.patch
Patch24883: 24883-x86-guest-walk-not-present.patch
Patch24886: 24886-x86-vmce-mcg_ctl-default.patch
Patch24887: 24887-x86-vmce-sr.patch
Patch24888: 24888-pci-release-devices.patch
# Upstream qemu patches
Patch100: ioemu-9868-MSI-X.patch
Patch101: ioemu-MSI-X-fix-unregister_iomem.patch
Patch102: cve-2012-0029-qemu-xen-unstable.patch
Patch101: ioemu-9869-MSI-X-init.patch
Patch102: ioemu-9873-MSI-X-fix-unregister_iomem.patch
Patch103: cve-2012-0029-qemu-xen-unstable.patch
# Our patches
Patch300: xen-config.diff
Patch301: xend-config.diff
@ -409,9 +422,9 @@ Patch377: suspend_evtchn_lock.patch
Patch378: log-guest-console.patch
Patch379: xend-migration-domname-fix.patch
Patch380: xm-create-maxmem.patch
# Sent upstream and tentatively ACK'ed, but not yet committed
Patch381: 2XXXX-vif-bridge.patch
Patch381: vif-bridge-tap-fix.patch
Patch382: xencommons-xenstored-root.patch
Patch383: xend-cpuid.patch
# Patches for snapshot support
Patch400: snapshot-ioemu-save.patch
Patch401: snapshot-ioemu-restore.patch
@ -519,7 +532,6 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-build
%suse_kernel_module_package -n xen um xen -f kmp_filelist
%endif
%description
Xen is a virtual machine monitor for x86 that supports execution of
multiple guest operating systems with unprecedented levels of
@ -579,7 +591,6 @@ Summary: Xen Virtualization: Libraries
Group: System/Kernel
#Requires: xen = %{version}
%description libs
Xen is a virtual machine monitor for x86 that supports execution of
multiple guest operating systems with unprecedented levels of
@ -625,7 +636,6 @@ Authors:
%if %{?with_dom0_support}0
%package tools
Summary: Xen Virtualization: Control tools for domain 0
Group: System/Kernel
@ -635,7 +645,6 @@ Requires: bridge-utils multipath-tools python python-curses python-openssl
Provides: xen-tools-ioemu = 3.2
Obsoletes: xen-tools-ioemu <= 3.2
%description tools
Xen is a virtual machine monitor for x86 that supports execution of
multiple guest operating systems with unprecedented levels of
@ -683,13 +692,11 @@ Authors:
Ian Pratt <ian.pratt@cl.cam.ac.uk>
%endif
%package tools-domU
Summary: Xen Virtualization: Control tools for domain U
Group: System/Kernel
Conflicts: xen-tools
%description tools-domU
Xen is a virtual machine monitor for x86 that supports execution of
multiple guest operating systems with unprecedented levels of
@ -709,7 +716,6 @@ Summary: Xen Virtualization: Headers and libraries for development
Group: System/Kernel
Requires: xen-libs = %{version}
%description devel
Xen is a virtual machine monitor for x86 that supports execution of
multiple guest operating systems with unprecedented levels of
@ -755,13 +761,11 @@ Authors:
%if %{?with_kmp}0
%package KMP
Summary: Xen para-virtual device drivers for fully virtualized guests
Group: System/Kernel
Conflicts: xen
%description KMP
Xen para-virtual device drivers for fully virtualized guests
@ -807,12 +811,10 @@ Xen, but is not available for release due to license restrictions.
%if %{?with_dom0_support}0
%package doc-html
Summary: Xen Virtualization: HTML documentation
Group: Documentation/HTML
%description doc-html
Xen is a virtual machine monitor for x86 that supports execution of
multiple guest operating systems with unprecedented levels of
@ -831,7 +833,6 @@ Authors:
Summary: Xen Virtualization: PDF documentation
Group: Documentation/Other
%description doc-pdf
Xen is a virtual machine monitor for x86 that supports execution of
multiple guest operating systems with unprecedented levels of
@ -848,7 +849,6 @@ Authors:
Ian Pratt <ian.pratt@cl.cam.ac.uk>
%endif
%prep
%setup -q -n %xen_build_dir -a 1 -a 20000
%patch20000 -p1
@ -1053,14 +1053,29 @@ tar xfj %{SOURCE2} -C $RPM_BUILD_DIR/%{xen_build_dir}/tools
%patch24459 -p1
%patch24466 -p1
%patch24478 -p1
%patch24517 -p1
%patch24527 -p1
%patch24535 -p1
%patch24566 -p1
%patch24586 -p1
%patch24609 -p1
%patch24610 -p1
%patch24615 -p1
%patch24690 -p1
%patch24701 -p1
%patch24742 -p1
%patch24780 -p1
%patch24781 -p1
%patch24805 -p1
%patch24883 -p1
%patch24886 -p1
%patch24887 -p1
%patch24888 -p1
# Qemu
%patch100 -p1
%patch101 -p1
%patch102 -p1
%patch103 -p1
# Our patches
%patch300 -p1
%patch301 -p1
@ -1118,6 +1133,7 @@ tar xfj %{SOURCE2} -C $RPM_BUILD_DIR/%{xen_build_dir}/tools
%patch380 -p1
%patch381 -p1
%patch382 -p1
%patch383 -p1
%patch400 -p1
%patch401 -p1
%patch402 -p1
@ -1212,7 +1228,6 @@ tar xfj %{SOURCE2} -C $RPM_BUILD_DIR/%{xen_build_dir}/tools
%patch99998 -p1
%patch99999 -p1
%build
XEN_EXTRAVERSION=%version-%release
XEN_EXTRAVERSION=${XEN_EXTRAVERSION#%{xvers}}
@ -1248,7 +1263,6 @@ for flavor in %flavors_to_build; do
done
%endif
%install
export CFLAGS="$RPM_OPT_FLAGS"
%if %{?with_dom0_support}0
@ -1451,7 +1465,6 @@ rm -f $RPM_BUILD_ROOT/%{_bindir}/xencons
%if %{?with_dom0_support}0
%files -f xen.files.txt
%defattr(-,root,root)
/boot/xen-%{version}-%{release}.gz
@ -1468,7 +1481,6 @@ rm -f $RPM_BUILD_ROOT/%{_bindir}/xencons
/boot/xen.gz
%endif
%files libs
%defattr(-,root,root)
%{_libdir}/fs/
@ -1476,7 +1488,6 @@ rm -f $RPM_BUILD_ROOT/%{_bindir}/xencons
%if %{?with_dom0_support}0
%files tools
%defattr(-,root,root)
/usr/bin/xenalyze
@ -1580,14 +1591,12 @@ rm -f $RPM_BUILD_ROOT/%{_bindir}/xencons
%config %{_fwdefdir}/xend-relocation-server
%endif
%files tools-domU
%defattr(-,root,root)
/usr/bin/xen-detect
/bin/domu-xenstore
/bin/xenstore-*
%files devel
%defattr(-,root,root)
%{_bindir}/serial-split
@ -1597,12 +1606,10 @@ rm -f $RPM_BUILD_ROOT/%{_bindir}/xencons
%if %{?with_dom0_support}0
%files doc-html
%defattr(-,root,root)
%{_defaultdocdir}/xen/html
%files doc-pdf
%defattr(-,root,root)
%{_defaultdocdir}/xen/pdf
@ -1610,7 +1617,6 @@ rm -f $RPM_BUILD_ROOT/%{_bindir}/xencons
%if %{?with_dom0_support}0
%post tools
%if %{?with_xend}0
# with_xend
@ -1656,11 +1662,9 @@ if [ -f /usr/bin/qemu-nbd ]; then
ln -s /usr/bin/qemu-nbd /usr/bin/qemu-nbd-xen
fi
%preun tools
%{stop_on_removal xendomains xend xencommons}
%postun tools
%if %{?with_xend}0
# with_xend
@ -1675,12 +1679,8 @@ if [ -f /usr/bin/qemu-nbd-xen ]; then
fi
%endif
%post libs -p /sbin/ldconfig
%postun libs -p /sbin/ldconfig
%changelog

26
xend-cpuid.patch Normal file
View File

@ -0,0 +1,26 @@
Only add cpuid and cpuid_check to sexpr once
When converting a XendConfig object to sexpr, cpuid and cpuid_check
were being emitted twice in the resulting sexpr. The first conversion
writes incorrect sexpr, causing parsing of the sexpr to fail when xend
is restarted and domain sexpr files in /var/lib/xend/domains/<dom-uuid>
are read and parsed.
This patch skips the first conversion, and uses only the custom
cpuid{_check} conversion methods called later. It is not pretty, but
is the least invasive fix in this complex code.
Index: xen-4.1.2-testing/tools/python/xen/xend/XendConfig.py
===================================================================
--- xen-4.1.2-testing.orig/tools/python/xen/xend/XendConfig.py
+++ xen-4.1.2-testing/tools/python/xen/xend/XendConfig.py
@@ -1125,6 +1125,10 @@ class XendConfig(dict):
else:
for name, typ in XENAPI_CFG_TYPES.items():
if name in self and self[name] not in (None, []):
+ # Skip cpuid and cpuid_check. Custom conversion
+ # methods for these are called below.
+ if name in ("cpuid", "cpuid_check"):
+ continue
if typ == dict:
s = self[name].items()
elif typ == list:

2
xenpaging.autostart.patch
View File

@ -49,7 +49,7 @@ Index: xen-4.1.2-testing/tools/examples/xmexample.hvm
===================================================================
--- xen-4.1.2-testing.orig/tools/examples/xmexample.hvm
+++ xen-4.1.2-testing/tools/examples/xmexample.hvm
@@ -127,6 +127,15 @@ disk = [ 'file:/var/lib/xen/images/disk.
@@ -142,6 +142,15 @@ disk = [ 'file:/var/lib/xen/images/disk.
# Device Model to be used
device_model = 'qemu-dm'

50
xenpaging.mem_event-use-wait_queue.patch
View File

@ -53,11 +53,9 @@ Signed-off-by: Olaf Hering <olaf@aepfle.de>
xen/include/xen/sched.h | 17 +++-
6 files changed, 179 insertions(+), 81 deletions(-)
Index: xen-4.1.2-testing/xen/arch/x86/hvm/hvm.c
===================================================================
--- xen-4.1.2-testing.orig/xen/arch/x86/hvm/hvm.c
+++ xen-4.1.2-testing/xen/arch/x86/hvm/hvm.c
@@ -3915,8 +3915,8 @@ static int hvm_memory_event_traps(long p
--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
@@ -4013,8 +4013,8 @@ static int hvm_memory_event_traps(long p
if ( (p & HVMPME_onchangeonly) && (value == old) )
return 1;
@ -68,10 +66,8 @@ Index: xen-4.1.2-testing/xen/arch/x86/hvm/hvm.c
return rc;
memset(&req, 0, sizeof(req));
Index: xen-4.1.2-testing/xen/arch/x86/mm/mem_event.c
===================================================================
--- xen-4.1.2-testing.orig/xen/arch/x86/mm/mem_event.c
+++ xen-4.1.2-testing/xen/arch/x86/mm/mem_event.c
--- a/xen/arch/x86/mm/mem_event.c
+++ b/xen/arch/x86/mm/mem_event.c
@@ -23,6 +23,7 @@
#include <asm/domain.h>
@ -324,10 +320,8 @@ Index: xen-4.1.2-testing/xen/arch/x86/mm/mem_event.c
}
break;
Index: xen-4.1.2-testing/xen/arch/x86/mm/mem_sharing.c
===================================================================
--- xen-4.1.2-testing.orig/xen/arch/x86/mm/mem_sharing.c
+++ xen-4.1.2-testing/xen/arch/x86/mm/mem_sharing.c
--- a/xen/arch/x86/mm/mem_sharing.c
+++ b/xen/arch/x86/mm/mem_sharing.c
@@ -292,44 +292,32 @@ static void mem_sharing_audit(void)
#endif
@ -349,15 +343,15 @@ Index: xen-4.1.2-testing/xen/arch/x86/mm/mem_sharing.c
- req.type = MEM_EVENT_TYPE_SHARED;
-
- if(must_succeed)
- {
+ if ( v->domain != d )
{
- /* We do not support 'must_succeed' any more. External operations such
- * as grant table mappings may fail with OOM condition!
- */
- BUG();
- }
- else
+ if ( v->domain != d )
{
- {
- /* All foreign attempts to unshare pages should be handled through
- * 'must_succeed' case. */
- ASSERT(v->domain->domain_id == d->domain_id);
@ -388,7 +382,7 @@ Index: xen-4.1.2-testing/xen/arch/x86/mm/mem_sharing.c
}
unsigned int mem_sharing_get_nr_saved_mfns(void)
@@ -692,14 +680,14 @@ gfn_found:
@@ -692,14 +680,14 @@ gfn_found:
if(ret == 0) goto private_page_found;
old_page = page;
@ -405,10 +399,8 @@ Index: xen-4.1.2-testing/xen/arch/x86/mm/mem_sharing.c
return -ENOMEM;
}
Index: xen-4.1.2-testing/xen/arch/x86/mm/p2m.c
===================================================================
--- xen-4.1.2-testing.orig/xen/arch/x86/mm/p2m.c
+++ xen-4.1.2-testing/xen/arch/x86/mm/p2m.c
--- a/xen/arch/x86/mm/p2m.c
+++ b/xen/arch/x86/mm/p2m.c
@@ -2988,21 +2988,13 @@ int p2m_mem_paging_evict(struct p2m_doma
*/
void p2m_mem_paging_drop_page(struct p2m_domain *p2m, unsigned long gfn)
@ -464,7 +456,7 @@ Index: xen-4.1.2-testing/xen/arch/x86/mm/p2m.c
}
void p2m_mem_access_check(unsigned long gpa, bool_t gla_valid, unsigned long gla,
@@ -3240,7 +3232,7 @@ void p2m_mem_access_check(unsigned long
@@ -3240,7 +3232,7 @@ void p2m_mem_access_check(unsigned long
p2m_unlock(p2m);
/* Otherwise, check if there is a memory event listener, and send the message along */
@ -473,7 +465,7 @@ Index: xen-4.1.2-testing/xen/arch/x86/mm/p2m.c
if ( res < 0 )
{
/* No listener */
@@ -3250,7 +3242,7 @@ void p2m_mem_access_check(unsigned long
@@ -3250,7 +3242,7 @@ void p2m_mem_access_check(unsigned long
"Memory access permissions failure, no mem_event listener: pausing VCPU %d, dom %d\n",
v->vcpu_id, d->domain_id);
@ -497,10 +489,8 @@ Index: xen-4.1.2-testing/xen/arch/x86/mm/p2m.c
}
#endif /* __x86_64__ */
Index: xen-4.1.2-testing/xen/include/asm-x86/mem_event.h
===================================================================
--- xen-4.1.2-testing.orig/xen/include/asm-x86/mem_event.h
+++ xen-4.1.2-testing/xen/include/asm-x86/mem_event.h
--- a/xen/include/asm-x86/mem_event.h
+++ b/xen/include/asm-x86/mem_event.h
@@ -24,13 +24,13 @@
#ifndef __MEM_EVENT_H__
#define __MEM_EVENT_H__
@ -520,10 +510,8 @@ Index: xen-4.1.2-testing/xen/include/asm-x86/mem_event.h
int mem_event_domctl(struct domain *d, xen_domctl_mem_event_op_t *mec,
XEN_GUEST_HANDLE(void) u_domctl);
Index: xen-4.1.2-testing/xen/include/xen/sched.h
===================================================================
--- xen-4.1.2-testing.orig/xen/include/xen/sched.h
+++ xen-4.1.2-testing/xen/include/xen/sched.h
--- a/xen/include/xen/sched.h
+++ b/xen/include/xen/sched.h
@@ -26,6 +26,7 @@
#include <xen/cpumask.h>
#include <xen/nodemask.h>

14
xenpaging.p2m_is_paged.patch
View File

@ -83,7 +83,17 @@ Signed-off-by: Olaf Hering <olaf@aepfle.de>
return HVMCOPY_gfn_paged_out;
}
if ( p2m_is_shared(p2mt) )
@@ -3497,7 +3500,8 @@ long do_hvm_op(unsigned long op, XEN_GUE
@@ -2208,7 +2211,8 @@ static enum hvm_copy_result __hvm_clear(
if ( p2m_is_paging(p2mt) )
{
- p2m_mem_paging_populate(p2m, gfn);
+ if ( p2m_do_populate(p2mt) )
+ p2m_mem_paging_populate(p2m, gfn);
return HVMCOPY_gfn_paged_out;
}
if ( p2m_is_shared(p2mt) )
@@ -3594,7 +3598,8 @@ long do_hvm_op(unsigned long op, XEN_GUE
mfn_t mfn = gfn_to_mfn(p2m, pfn, &t);
if ( p2m_is_paging(t) )
{
@ -93,7 +103,7 @@ Signed-off-by: Olaf Hering <olaf@aepfle.de>
rc = -EINVAL;
goto param_fail3;
@@ -3594,7 +3598,8 @@ long do_hvm_op(unsigned long op, XEN_GUE
@@ -3691,7 +3696,8 @@ long do_hvm_op(unsigned long op, XEN_GUE
mfn = gfn_to_mfn_unshare(p2m, pfn, &t, 0);
if ( p2m_is_paging(t) )
{