diff --git a/23127-vtd-bios-settings.patch b/23127-vtd-bios-settings.patch index 75d6e38..c807ee3 100644 --- a/23127-vtd-bios-settings.patch +++ b/23127-vtd-bios-settings.patch @@ -167,9 +167,9 @@ Index: xen-4.1.1-testing/xen/drivers/passthrough/vtd/iommu.c =================================================================== --- xen-4.1.1-testing.orig/xen/drivers/passthrough/vtd/iommu.c +++ xen-4.1.1-testing/xen/drivers/passthrough/vtd/iommu.c -@@ -1997,7 +1997,7 @@ static int init_vtd_hw(void) - if ( enable_intremap(iommu, 0) != 0 ) +@@ -1998,7 +1998,7 @@ static int init_vtd_hw(void) { + iommu_intremap = 0; dprintk(XENLOG_WARNING VTDPREFIX, - "Failed to enable Interrupt Remapping!\n"); + "Interrupt Remapping not enabled\n"); diff --git a/23233-hvm-cr-access.patch b/23233-hvm-cr-access.patch index 21e3679..8fe5707 100644 --- a/23233-hvm-cr-access.patch +++ b/23233-hvm-cr-access.patch @@ -109,7 +109,7 @@ Index: xen-4.1.1-testing/xen/arch/x86/hvm/vmx/vmx.c =================================================================== --- xen-4.1.1-testing.orig/xen/arch/x86/hvm/vmx/vmx.c +++ xen-4.1.1-testing/xen/arch/x86/hvm/vmx/vmx.c -@@ -1546,182 +1546,42 @@ static void vmx_invlpg_intercept(unsigne +@@ -1545,182 +1545,42 @@ static void vmx_invlpg_intercept(unsigne vpid_sync_vcpu_gva(curr, vaddr); } @@ -315,7 +315,7 @@ Index: xen-4.1.1-testing/xen/arch/x86/hvm/vmx/vmx.c } static const struct lbr_info { -@@ -2526,7 +2386,7 @@ asmlinkage void vmx_vmexit_handler(struc +@@ -2525,7 +2385,7 @@ asmlinkage void vmx_vmexit_handler(struc case EXIT_REASON_CR_ACCESS: { exit_qualification = __vmread(EXIT_QUALIFICATION); diff --git a/23235-svm-decode-assist-crs.patch b/23235-svm-decode-assist-crs.patch index 59fb07b..2ba02fc 100644 --- a/23235-svm-decode-assist-crs.patch +++ b/23235-svm-decode-assist-crs.patch @@ -19,7 +19,7 @@ Index: xen-4.1.1-testing/xen/arch/x86/hvm/svm/svm.c =================================================================== --- xen-4.1.1-testing.orig/xen/arch/x86/hvm/svm/svm.c +++ xen-4.1.1-testing/xen/arch/x86/hvm/svm/svm.c -@@ -1040,6 +1040,22 @@ static void svm_vmexit_do_cpuid(struct c +@@ -1039,6 +1039,22 @@ static void svm_vmexit_do_cpuid(struct c __update_guest_eip(regs, inst_len); } @@ -42,7 +42,7 @@ Index: xen-4.1.1-testing/xen/arch/x86/hvm/svm/svm.c static void svm_dr_access(struct vcpu *v, struct cpu_user_regs *regs) { HVMTRACE_0D(DR_WRITE); -@@ -1621,11 +1637,19 @@ asmlinkage void svm_vmexit_handler(struc +@@ -1620,11 +1636,19 @@ asmlinkage void svm_vmexit_handler(struc int dir = (vmcb->exitinfo1 & 1) ? IOREQ_READ : IOREQ_WRITE; if ( handle_pio(port, bytes, dir) ) __update_guest_eip(regs, vmcb->exitinfo2 - vmcb->rip); diff --git a/23236-svm-decode-assist-invlpg.patch b/23236-svm-decode-assist-invlpg.patch index 69edab1..c0549d4 100644 --- a/23236-svm-decode-assist-invlpg.patch +++ b/23236-svm-decode-assist-invlpg.patch @@ -58,7 +58,7 @@ Index: xen-4.1.1-testing/xen/arch/x86/hvm/svm/svm.c =================================================================== --- xen-4.1.1-testing.orig/xen/arch/x86/hvm/svm/svm.c +++ xen-4.1.1-testing/xen/arch/x86/hvm/svm/svm.c -@@ -1651,11 +1651,22 @@ asmlinkage void svm_vmexit_handler(struc +@@ -1650,11 +1650,22 @@ asmlinkage void svm_vmexit_handler(struc break; case VMEXIT_INVLPG: diff --git a/23238-svm-decode-assist-insn-fetch.patch b/23238-svm-decode-assist-insn-fetch.patch index bb2dd16..6ce5740 100644 --- a/23238-svm-decode-assist-insn-fetch.patch +++ b/23238-svm-decode-assist-insn-fetch.patch @@ -58,7 +58,7 @@ Index: xen-4.1.1-testing/xen/arch/x86/hvm/svm/svm.c static void svm_init_hypercall_page(struct domain *d, void *hypercall_page) { char *p; -@@ -1449,7 +1464,8 @@ static struct hvm_function_table __read_ +@@ -1448,7 +1463,8 @@ static struct hvm_function_table __read_ .msr_read_intercept = svm_msr_read_intercept, .msr_write_intercept = svm_msr_write_intercept, .invlpg_intercept = svm_invlpg_intercept, @@ -68,7 +68,7 @@ Index: xen-4.1.1-testing/xen/arch/x86/hvm/svm/svm.c }; asmlinkage void svm_vmexit_handler(struct cpu_user_regs *regs) -@@ -1555,7 +1571,12 @@ asmlinkage void svm_vmexit_handler(struc +@@ -1554,7 +1570,12 @@ asmlinkage void svm_vmexit_handler(struc (unsigned long)regs->ecx, (unsigned long)regs->edx, (unsigned long)regs->esi, (unsigned long)regs->edi); @@ -82,7 +82,7 @@ Index: xen-4.1.1-testing/xen/arch/x86/hvm/svm/svm.c { if ( trace_will_trace_event(TRC_SHADOW) ) break; -@@ -1721,7 +1742,10 @@ asmlinkage void svm_vmexit_handler(struc +@@ -1720,7 +1741,10 @@ asmlinkage void svm_vmexit_handler(struc case VMEXIT_NPF: perfc_incra(svmexits, VMEXIT_NPF_PERFC); regs->error_code = vmcb->exitinfo1; diff --git a/23306-amd-fam15-vpmu.patch b/23306-amd-fam15-vpmu.patch index 391f74f..9d7b0e8 100644 --- a/23306-amd-fam15-vpmu.patch +++ b/23306-amd-fam15-vpmu.patch @@ -17,7 +17,7 @@ Index: xen-4.1.1-testing/xen/arch/x86/hvm/svm/svm.c =================================================================== --- xen-4.1.1-testing.orig/xen/arch/x86/hvm/svm/svm.c +++ xen-4.1.1-testing/xen/arch/x86/hvm/svm/svm.c -@@ -1143,6 +1143,18 @@ static int svm_msr_read_intercept(unsign +@@ -1142,6 +1142,18 @@ static int svm_msr_read_intercept(unsign case MSR_K7_EVNTSEL1: case MSR_K7_EVNTSEL2: case MSR_K7_EVNTSEL3: @@ -36,7 +36,7 @@ Index: xen-4.1.1-testing/xen/arch/x86/hvm/svm/svm.c vpmu_do_rdmsr(msr, msr_content); break; -@@ -1238,6 +1250,18 @@ static int svm_msr_write_intercept(unsig +@@ -1237,6 +1249,18 @@ static int svm_msr_write_intercept(unsig case MSR_K7_EVNTSEL1: case MSR_K7_EVNTSEL2: case MSR_K7_EVNTSEL3: diff --git a/23338-vtd-force-intremap.patch b/23338-vtd-force-intremap.patch deleted file mode 100644 index 490c8e4..0000000 --- a/23338-vtd-force-intremap.patch +++ /dev/null @@ -1,38 +0,0 @@ -# HG changeset patch -# User Keir Fraser -# Date 1305214920 -3600 -# Node ID 9751bc49639ec4e34837545cdc982d0768e46d94 -# Parent cc91832a02c7cb6b09729ca8e9fc497e5cb2ba4d -vt-d: [CVE-2011-1898] Ensure that "iommu=required" enables interrupt remapping. - -Ensure that when Xen boots with "iommu=required" it will also insist -that interrupt remapping is supported and enabled. It arranges that -booting with that option on vulnerable hardware will fail, rather than -appearing to succeed but actually being vulnerable to guests. - -From: Allen Kay -Signed-off-by: Keir Fraser - -Index: xen-4.1.1-testing/xen/drivers/passthrough/vtd/iommu.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/drivers/passthrough/vtd/iommu.c -+++ xen-4.1.1-testing/xen/drivers/passthrough/vtd/iommu.c -@@ -1985,6 +1985,8 @@ static int init_vtd_hw(void) - "ioapic_to_iommu: ioapic 0x%x (id: 0x%x) is NULL! " - "Will not try to enable Interrupt Remapping.\n", - apic, IO_APIC_ID(apic)); -+ if ( force_iommu ) -+ panic("intremap remapping failed to enable with iommu=required/force in grub\n"); - break; - } - } -@@ -1998,6 +2000,9 @@ static int init_vtd_hw(void) - { - dprintk(XENLOG_WARNING VTDPREFIX, - "Interrupt Remapping not enabled\n"); -+ -+ if ( force_iommu && platform_supports_intremap() ) -+ panic("intremap remapping failed to enable with iommu=required/force in grub\n"); - break; - } - } diff --git a/23383-libxc-rm-static-vars.patch b/23383-libxc-rm-static-vars.patch new file mode 100644 index 0000000..5b0b663 --- /dev/null +++ b/23383-libxc-rm-static-vars.patch @@ -0,0 +1,78 @@ +# HG changeset patch +# User Ian Campbell +# Date 1306228450 -3600 +# Node ID 23b423a3955785c9a8679c3a877c3472066a2e1f +# Parent ba8da39c67298b19c2c277e5794981b7f23bedf2 +libxc: save/restore: remove static context variables + +20544:ad9d75d74bd5 and 20545:cc7d66ba0dad seemingly intended to change these +global static variables into stack variables but didn't remove the static +qualifier. + +Also zero the entire struct once with memset rather than clearing fields +piecemeal in two different places. + +Signed-off-by: Ian Campbell +Acked-by: Ian Jackson +Committed-by: Ian Jackson +Acked-by: Vincent Hanquez + +Index: xen-4.1.1-testing/tools/libxc/xc_domain_restore.c +=================================================================== +--- xen-4.1.1-testing.orig/tools/libxc/xc_domain_restore.c ++++ xen-4.1.1-testing/tools/libxc/xc_domain_restore.c +@@ -1134,23 +1134,19 @@ int xc_domain_restore(xc_interface *xch, + + int orig_io_fd_flags; + +- static struct restore_ctx _ctx = { +- .live_p2m = NULL, +- .p2m = NULL, +- }; +- static struct restore_ctx *ctx = &_ctx; ++ struct restore_ctx _ctx; ++ struct restore_ctx *ctx = &_ctx; + struct domain_info_context *dinfo = &ctx->dinfo; + + pagebuf_init(&pagebuf); + memset(&tailbuf, 0, sizeof(tailbuf)); + tailbuf.ishvm = hvm; + +- /* For info only */ +- ctx->nr_pfns = 0; +- + if ( superpages ) + return 1; + ++ memset(ctx, 0, sizeof(*ctx)); ++ + ctxt = xc_hypercall_buffer_alloc(xch, ctxt, sizeof(*ctxt)); + + if ( ctxt == NULL ) +Index: xen-4.1.1-testing/tools/libxc/xc_domain_save.c +=================================================================== +--- xen-4.1.1-testing.orig/tools/libxc/xc_domain_save.c ++++ xen-4.1.1-testing/tools/libxc/xc_domain_save.c +@@ -958,11 +958,8 @@ int xc_domain_save(xc_interface *xch, in + unsigned long mfn; + + struct outbuf ob; +- static struct save_ctx _ctx = { +- .live_p2m = NULL, +- .live_m2p = NULL, +- }; +- static struct save_ctx *ctx = &_ctx; ++ struct save_ctx _ctx; ++ struct save_ctx *ctx = &_ctx; + struct domain_info_context *dinfo = &ctx->dinfo; + + int completed = 0; +@@ -976,6 +973,8 @@ int xc_domain_save(xc_interface *xch, in + + outbuf_init(xch, &ob, OUTBUF_SIZE); + ++ memset(ctx, 0, sizeof(*ctx)); ++ + /* If no explicit control parameters given, use defaults */ + max_iters = max_iters ? : DEF_MAX_ITERS; + max_factor = max_factor ? : DEF_MAX_FACTOR; diff --git a/23437-amd-fam15-TSC-scaling.patch b/23437-amd-fam15-TSC-scaling.patch new file mode 100644 index 0000000..7b8a74b --- /dev/null +++ b/23437-amd-fam15-TSC-scaling.patch @@ -0,0 +1,125 @@ +References: FATE#309901 + +# HG changeset patch +# User Wei Huang +# Date 1306569488 -3600 +# Node ID d7c755c25bb9d6ed77d64cb6736b6c4f339db1bf +# Parent f6ce871e568949f5817470f6c7bab6ed1f8f6c13 +HVM/SVM: enable tsc scaling ratio for SVM + +Future AMD CPUs support TSC scaling. It allows guests to have a +different TSC frequency from host system using this formula: guest_tsc += host_tsc * tsc_ratio + vmcb_offset. The tsc_ratio is a 64bit MSR +contains a fixed-point number in 8.32 format (8 bits for integer part +and 32bits for fractional part). For instance 0x00000003_80000000 +means tsc_ratio=3.5. + +This patch enables TSC scaling ratio for SVM. With it, guest VMs don't +need take #VMEXIT to calculate a translated TSC value when it is +running under TSC emulation mode. This can substancially reduce the +rdtsc overhead. + +Signed-off-by: Wei Huang + +--- a/xen/arch/x86/hvm/svm/svm.c ++++ b/xen/arch/x86/hvm/svm/svm.c +@@ -588,6 +588,22 @@ static void svm_set_segment_register(str + static void svm_set_tsc_offset(struct vcpu *v, u64 offset) + { + struct vmcb_struct *vmcb = v->arch.hvm_svm.vmcb; ++ struct domain *d = v->domain; ++ ++ /* Re-adjust the offset value when TSC_RATIO is available */ ++ if ( cpu_has_tsc_ratio && d->arch.vtsc ) ++ { ++ uint64_t host_tsc, guest_tsc; ++ ++ rdtscll(host_tsc); ++ guest_tsc = hvm_get_guest_tsc(v); ++ ++ /* calculate hi,lo parts in 64bits to prevent overflow */ ++ offset = (((host_tsc >> 32) * d->arch.tsc_khz / cpu_khz) << 32) + ++ (host_tsc & 0xffffffffULL) * d->arch.tsc_khz / cpu_khz; ++ offset = guest_tsc - offset; ++ } ++ + vmcb_set_tsc_offset(vmcb, offset); + } + +@@ -638,6 +654,19 @@ static void svm_init_hypercall_page(stru + *(u16 *)(hypercall_page + (__HYPERVISOR_iret * 32)) = 0x0b0f; /* ud2 */ + } + ++static inline void svm_tsc_ratio_save(struct vcpu *v) ++{ ++ /* Other vcpus might not have vtsc enabled. So disable TSC_RATIO here. */ ++ if ( cpu_has_tsc_ratio && v->domain->arch.vtsc ) ++ wrmsrl(MSR_AMD64_TSC_RATIO, DEFAULT_TSC_RATIO); ++} ++ ++static inline void svm_tsc_ratio_load(struct vcpu *v) ++{ ++ if ( cpu_has_tsc_ratio && v->domain->arch.vtsc ) ++ wrmsrl(MSR_AMD64_TSC_RATIO, vcpu_tsc_ratio(v)); ++} ++ + static void svm_ctxt_switch_from(struct vcpu *v) + { + int cpu = smp_processor_id(); +@@ -646,6 +675,7 @@ static void svm_ctxt_switch_from(struct + + svm_save_dr(v); + vpmu_save(v); ++ svm_tsc_ratio_save(v); + + svm_sync_vmcb(v); + svm_vmload(per_cpu(root_vmcb, cpu)); +@@ -689,6 +719,7 @@ static void svm_ctxt_switch_to(struct vc + svm_vmload(vmcb); + vmcb->cleanbits.bytes = 0; + vpmu_load(v); ++ svm_tsc_ratio_load(v); + + if ( cpu_has_rdtscp ) + wrmsrl(MSR_TSC_AUX, hvm_msr_tsc_aux(v)); +--- a/xen/arch/x86/hvm/svm/vmcb.c ++++ b/xen/arch/x86/hvm/svm/vmcb.c +@@ -165,7 +165,9 @@ static int construct_vmcb(struct vcpu *v + + /* TSC. */ + vmcb->_tsc_offset = 0; +- if ( v->domain->arch.vtsc ) ++ ++ /* Don't need to intercept RDTSC if CPU supports TSC rate scaling */ ++ if ( v->domain->arch.vtsc && !cpu_has_tsc_ratio ) + { + vmcb->_general1_intercepts |= GENERAL1_INTERCEPT_RDTSC; + vmcb->_general2_intercepts |= GENERAL2_INTERCEPT_RDTSCP; +--- a/xen/include/asm-x86/hvm/svm/svm.h ++++ b/xen/include/asm-x86/hvm/svm/svm.h +@@ -91,5 +91,13 @@ extern u32 svm_feature_flags; + #define cpu_has_svm_cleanbits cpu_has_svm_feature(SVM_FEATURE_VMCBCLEAN) + #define cpu_has_svm_decode cpu_has_svm_feature(SVM_FEATURE_DECODEASSISTS) + #define cpu_has_pause_filter cpu_has_svm_feature(SVM_FEATURE_PAUSEFILTER) ++#define cpu_has_tsc_ratio cpu_has_svm_feature(SVM_FEATURE_TSCRATEMSR) ++ ++/* TSC rate */ ++#define DEFAULT_TSC_RATIO 0x0000000100000000ULL ++#define TSC_RATIO_RSVD_BITS 0xffffff0000000000ULL ++#define TSC_RATIO(g_khz, h_khz) ( (((u64)(g_khz)<<32)/(u64)(h_khz)) & \ ++ ~TSC_RATIO_RSVD_BITS ) ++#define vcpu_tsc_ratio(v) TSC_RATIO((v)->domain->arch.tsc_khz, cpu_khz) + + #endif /* __ASM_X86_HVM_SVM_H__ */ +--- a/xen/include/asm-x86/msr-index.h ++++ b/xen/include/asm-x86/msr-index.h +@@ -266,6 +266,9 @@ + #define MSR_AMD_PATCHLEVEL 0x0000008b + #define MSR_AMD_PATCHLOADER 0xc0010020 + ++/* AMD TSC RATE MSR */ ++#define MSR_AMD64_TSC_RATIO 0xc0000104 ++ + /* AMD OS Visible Workaround MSRs */ + #define MSR_AMD_OSVW_ID_LENGTH 0xc0010140 + #define MSR_AMD_OSVW_STATUS 0xc0010141 diff --git a/23462-libxc-cpu-feature.patch b/23462-libxc-cpu-feature.patch new file mode 100644 index 0000000..c2566fd --- /dev/null +++ b/23462-libxc-cpu-feature.patch @@ -0,0 +1,277 @@ +References: FATE#311951 + +# HG changeset patch +# User Keir Fraser +# Date 1307023264 -3600 +# Node ID 4804af7048cafecfc014c30cfea374eb0a0360e8 +# Parent 5839e797a1307fceffcd0b9ad35ed31644378b47 +libxc: Simplify and clean up xc_cpufeature.h + + * Remove Linux-private defns with no direct relation to CPUID + * Remove word offsets into Linux-defined cpu_caps array + * Hard tabs -> soft tabs + +Signed-off-by: Keir Fraser + +# HG changeset patch +# User Keir Fraser +# Date 1307118421 -3600 +# Node ID bcd2476c2e2d00dc6371e52fbff66fe3178b7944 +# Parent 55c5eff9bf84d4c5f3463c01f038edc1c46f30bc +libxc: Don't refer to meaningless 'word offsets' in xc_cpufeature.h + +Signed-off-by: Keir Fraser + +--- a/tools/libxc/xc_cpufeature.h ++++ b/tools/libxc/xc_cpufeature.h +@@ -17,131 +17,112 @@ + #ifndef __LIBXC_CPUFEATURE_H + #define __LIBXC_CPUFEATURE_H + +-/* Intel-defined CPU features, CPUID level 0x00000001 (edx), word 0 */ +-#define X86_FEATURE_FPU (0*32+ 0) /* Onboard FPU */ +-#define X86_FEATURE_VME (0*32+ 1) /* Virtual Mode Extensions */ +-#define X86_FEATURE_DE (0*32+ 2) /* Debugging Extensions */ +-#define X86_FEATURE_PSE (0*32+ 3) /* Page Size Extensions */ +-#define X86_FEATURE_TSC (0*32+ 4) /* Time Stamp Counter */ +-#define X86_FEATURE_MSR (0*32+ 5) /* Model-Specific Registers, RDMSR, WRMSR */ +-#define X86_FEATURE_PAE (0*32+ 6) /* Physical Address Extensions */ +-#define X86_FEATURE_MCE (0*32+ 7) /* Machine Check Architecture */ +-#define X86_FEATURE_CX8 (0*32+ 8) /* CMPXCHG8 instruction */ +-#define X86_FEATURE_APIC (0*32+ 9) /* Onboard APIC */ +-#define X86_FEATURE_SEP (0*32+11) /* SYSENTER/SYSEXIT */ +-#define X86_FEATURE_MTRR (0*32+12) /* Memory Type Range Registers */ +-#define X86_FEATURE_PGE (0*32+13) /* Page Global Enable */ +-#define X86_FEATURE_MCA (0*32+14) /* Machine Check Architecture */ +-#define X86_FEATURE_CMOV (0*32+15) /* CMOV instruction (FCMOVCC and FCOMI too if FPU present) */ +-#define X86_FEATURE_PAT (0*32+16) /* Page Attribute Table */ +-#define X86_FEATURE_PSE36 (0*32+17) /* 36-bit PSEs */ +-#define X86_FEATURE_PN (0*32+18) /* Processor serial number */ +-#define X86_FEATURE_CLFLSH (0*32+19) /* Supports the CLFLUSH instruction */ +-#define X86_FEATURE_DS (0*32+21) /* Debug Store */ +-#define X86_FEATURE_ACPI (0*32+22) /* ACPI via MSR */ +-#define X86_FEATURE_MMX (0*32+23) /* Multimedia Extensions */ +-#define X86_FEATURE_FXSR (0*32+24) /* FXSAVE and FXRSTOR instructions (fast save and restore */ +- /* of FPU context), and CR4.OSFXSR available */ +-#define X86_FEATURE_XMM (0*32+25) /* Streaming SIMD Extensions */ +-#define X86_FEATURE_XMM2 (0*32+26) /* Streaming SIMD Extensions-2 */ +-#define X86_FEATURE_SELFSNOOP (0*32+27) /* CPU self snoop */ +-#define X86_FEATURE_HT (0*32+28) /* Hyper-Threading */ +-#define X86_FEATURE_ACC (0*32+29) /* Automatic clock control */ +-#define X86_FEATURE_IA64 (0*32+30) /* IA-64 processor */ +-#define X86_FEATURE_PBE (0*32+31) /* Pending Break Enable */ ++/* Intel-defined CPU features, CPUID level 0x00000001 (edx) */ ++#define X86_FEATURE_FPU 0 /* Onboard FPU */ ++#define X86_FEATURE_VME 1 /* Virtual Mode Extensions */ ++#define X86_FEATURE_DE 2 /* Debugging Extensions */ ++#define X86_FEATURE_PSE 3 /* Page Size Extensions */ ++#define X86_FEATURE_TSC 4 /* Time Stamp Counter */ ++#define X86_FEATURE_MSR 5 /* Model-Specific Registers, RDMSR, WRMSR */ ++#define X86_FEATURE_PAE 6 /* Physical Address Extensions */ ++#define X86_FEATURE_MCE 7 /* Machine Check Architecture */ ++#define X86_FEATURE_CX8 8 /* CMPXCHG8 instruction */ ++#define X86_FEATURE_APIC 9 /* Onboard APIC */ ++#define X86_FEATURE_SEP 11 /* SYSENTER/SYSEXIT */ ++#define X86_FEATURE_MTRR 12 /* Memory Type Range Registers */ ++#define X86_FEATURE_PGE 13 /* Page Global Enable */ ++#define X86_FEATURE_MCA 14 /* Machine Check Architecture */ ++#define X86_FEATURE_CMOV 15 /* CMOV instruction */ ++#define X86_FEATURE_PAT 16 /* Page Attribute Table */ ++#define X86_FEATURE_PSE36 17 /* 36-bit PSEs */ ++#define X86_FEATURE_PN 18 /* Processor serial number */ ++#define X86_FEATURE_CLFLSH 19 /* Supports the CLFLUSH instruction */ ++#define X86_FEATURE_DS 21 /* Debug Store */ ++#define X86_FEATURE_ACPI 22 /* ACPI via MSR */ ++#define X86_FEATURE_MMX 23 /* Multimedia Extensions */ ++#define X86_FEATURE_FXSR 24 /* FXSAVE and FXRSTOR instructions */ ++#define X86_FEATURE_XMM 25 /* Streaming SIMD Extensions */ ++#define X86_FEATURE_XMM2 26 /* Streaming SIMD Extensions-2 */ ++#define X86_FEATURE_SELFSNOOP 27 /* CPU self snoop */ ++#define X86_FEATURE_HT 28 /* Hyper-Threading */ ++#define X86_FEATURE_ACC 29 /* Automatic clock control */ ++#define X86_FEATURE_IA64 30 /* IA-64 processor */ ++#define X86_FEATURE_PBE 31 /* Pending Break Enable */ + +-/* AMD-defined CPU features, CPUID level 0x80000001, word 1 */ ++/* AMD-defined CPU features, CPUID level 0x80000001 */ + /* Don't duplicate feature flags which are redundant with Intel! */ +-#define X86_FEATURE_SYSCALL (1*32+11) /* SYSCALL/SYSRET */ +-#define X86_FEATURE_MP (1*32+19) /* MP Capable. */ +-#define X86_FEATURE_NX (1*32+20) /* Execute Disable */ +-#define X86_FEATURE_MMXEXT (1*32+22) /* AMD MMX extensions */ +-#define X86_FEATURE_FFXSR (1*32+25) /* FFXSR instruction optimizations */ +-#define X86_FEATURE_PAGE1GB (1*32+26) /* 1Gb large page support */ +-#define X86_FEATURE_RDTSCP (1*32+27) /* RDTSCP */ +-#define X86_FEATURE_LM (1*32+29) /* Long Mode (x86-64) */ +-#define X86_FEATURE_3DNOWEXT (1*32+30) /* AMD 3DNow! extensions */ +-#define X86_FEATURE_3DNOW (1*32+31) /* 3DNow! */ +- +-/* Transmeta-defined CPU features, CPUID level 0x80860001, word 2 */ +-#define X86_FEATURE_RECOVERY (2*32+ 0) /* CPU in recovery mode */ +-#define X86_FEATURE_LONGRUN (2*32+ 1) /* Longrun power control */ +-#define X86_FEATURE_LRTI (2*32+ 3) /* LongRun table interface */ +- +-/* Other features, Linux-defined mapping, word 3 */ +-/* This range is used for feature bits which conflict or are synthesized */ +-#define X86_FEATURE_CXMMX (3*32+ 0) /* Cyrix MMX extensions */ +-#define X86_FEATURE_K6_MTRR (3*32+ 1) /* AMD K6 nonstandard MTRRs */ +-#define X86_FEATURE_CYRIX_ARR (3*32+ 2) /* Cyrix ARRs (= MTRRs) */ +-#define X86_FEATURE_CENTAUR_MCR (3*32+ 3) /* Centaur MCRs (= MTRRs) */ +-/* cpu types for specific tunings: */ +-#define X86_FEATURE_K8 (3*32+ 4) /* Opteron, Athlon64 */ +-#define X86_FEATURE_K7 (3*32+ 5) /* Athlon */ +-#define X86_FEATURE_P3 (3*32+ 6) /* P3 */ +-#define X86_FEATURE_P4 (3*32+ 7) /* P4 */ +-#define X86_FEATURE_CONSTANT_TSC (3*32+ 8) /* TSC ticks at a constant rate */ +- +-/* Intel-defined CPU features, CPUID level 0x00000001 (ecx), word 4 */ +-#define X86_FEATURE_XMM3 (4*32+ 0) /* Streaming SIMD Extensions-3 */ +-#define X86_FEATURE_PCLMULQDQ (4*32+ 1) /* Carry-less multiplication */ +-#define X86_FEATURE_DTES64 (4*32+ 2) /* 64-bit Debug Store */ +-#define X86_FEATURE_MWAIT (4*32+ 3) /* Monitor/Mwait support */ +-#define X86_FEATURE_DSCPL (4*32+ 4) /* CPL Qualified Debug Store */ +-#define X86_FEATURE_VMXE (4*32+ 5) /* Virtual Machine Extensions */ +-#define X86_FEATURE_SMXE (4*32+ 6) /* Safer Mode Extensions */ +-#define X86_FEATURE_EST (4*32+ 7) /* Enhanced SpeedStep */ +-#define X86_FEATURE_TM2 (4*32+ 8) /* Thermal Monitor 2 */ +-#define X86_FEATURE_SSSE3 (4*32+ 9) /* Supplemental Streaming SIMD Extensions-3 */ +-#define X86_FEATURE_CID (4*32+10) /* Context ID */ +-#define X86_FEATURE_CX16 (4*32+13) /* CMPXCHG16B */ +-#define X86_FEATURE_XTPR (4*32+14) /* Send Task Priority Messages */ +-#define X86_FEATURE_PDCM (4*32+15) /* Perf/Debug Capability MSR */ +-#define X86_FEATURE_DCA (4*32+18) /* Direct Cache Access */ +-#define X86_FEATURE_SSE4_1 (4*32+19) /* Streaming SIMD Extensions 4.1 */ +-#define X86_FEATURE_SSE4_2 (4*32+20) /* Streaming SIMD Extensions 4.2 */ +-#define X86_FEATURE_X2APIC (4*32+21) /* x2APIC */ +-#define X86_FEATURE_POPCNT (4*32+23) /* POPCNT instruction */ +-#define X86_FEATURE_TSC_DEADLINE (4*32+24) /* "tdt" TSC Deadline Timer */ +-#define X86_FEATURE_AES (4*32+25) /* AES acceleration instructions */ +-#define X86_FEATURE_XSAVE (4*32+26) /* XSAVE/XRSTOR/XSETBV/XGETBV */ +-#define X86_FEATURE_AVX (4*32+28) /* Advanced Vector Extensions */ +-#define X86_FEATURE_F16C (4*32+29) /* Half-precision convert instruction */ +-#define X86_FEATURE_HYPERVISOR (4*32+31) /* Running under some hypervisor */ +- +-/* VIA/Cyrix/Centaur-defined CPU features, CPUID level 0xC0000001, word 5 */ +-#define X86_FEATURE_XSTORE (5*32+ 2) /* on-CPU RNG present (xstore insn) */ +-#define X86_FEATURE_XSTORE_EN (5*32+ 3) /* on-CPU RNG enabled */ +-#define X86_FEATURE_XCRYPT (5*32+ 6) /* on-CPU crypto (xcrypt insn) */ +-#define X86_FEATURE_XCRYPT_EN (5*32+ 7) /* on-CPU crypto enabled */ +-#define X86_FEATURE_ACE2 (5*32+ 8) /* Advanced Cryptography Engine v2 */ +-#define X86_FEATURE_ACE2_EN (5*32+ 9) /* ACE v2 enabled */ +-#define X86_FEATURE_PHE (5*32+ 10) /* PadLock Hash Engine */ +-#define X86_FEATURE_PHE_EN (5*32+ 11) /* PHE enabled */ +-#define X86_FEATURE_PMM (5*32+ 12) /* PadLock Montgomery Multiplier */ +-#define X86_FEATURE_PMM_EN (5*32+ 13) /* PMM enabled */ +- +-/* More extended AMD flags: CPUID level 0x80000001, ecx, word 6 */ +-#define X86_FEATURE_LAHF_LM (6*32+ 0) /* LAHF/SAHF in long mode */ +-#define X86_FEATURE_CMP_LEGACY (6*32+ 1) /* If yes HyperThreading not valid */ +-#define X86_FEATURE_SVM (6*32+ 2) /* Secure virtual machine */ +-#define X86_FEATURE_EXTAPIC (6*32+ 3) /* Extended APIC space */ +-#define X86_FEATURE_CR8_LEGACY (6*32+ 4) /* CR8 in 32-bit mode */ +-#define X86_FEATURE_ABM (6*32+ 5) /* Advanced bit manipulation */ +-#define X86_FEATURE_SSE4A (6*32+ 6) /* SSE-4A */ +-#define X86_FEATURE_MISALIGNSSE (6*32+ 7) /* Misaligned SSE mode */ +-#define X86_FEATURE_3DNOWPREFETCH (6*32+ 8) /* 3DNow prefetch instructions */ +-#define X86_FEATURE_OSVW (6*32+ 9) /* OS Visible Workaround */ +-#define X86_FEATURE_IBS (6*32+10) /* Instruction Based Sampling */ +-#define X86_FEATURE_XOP (6*32+11) /* extended AVX instructions */ +-#define X86_FEATURE_SKINIT (6*32+12) /* SKINIT/STGI instructions */ +-#define X86_FEATURE_WDT (6*32+13) /* Watchdog timer */ +-#define X86_FEATURE_LWP (6*32+15) /* Light Weight Profiling */ +-#define X86_FEATURE_FMA4 (6*32+16) /* 4 operands MAC instructions */ +-#define X86_FEATURE_NODEID_MSR (6*32+19) /* NodeId MSR */ +-#define X86_FEATURE_TBM (6*32+21) /* trailing bit manipulations */ +-#define X86_FEATURE_TOPOEXT (6*32+22) /* topology extensions CPUID leafs */ ++#define X86_FEATURE_SYSCALL 11 /* SYSCALL/SYSRET */ ++#define X86_FEATURE_MP 19 /* MP Capable. */ ++#define X86_FEATURE_NX 20 /* Execute Disable */ ++#define X86_FEATURE_MMXEXT 22 /* AMD MMX extensions */ ++#define X86_FEATURE_FFXSR 25 /* FFXSR instruction optimizations */ ++#define X86_FEATURE_PAGE1GB 26 /* 1Gb large page support */ ++#define X86_FEATURE_RDTSCP 27 /* RDTSCP */ ++#define X86_FEATURE_LM 29 /* Long Mode (x86-64) */ ++#define X86_FEATURE_3DNOWEXT 30 /* AMD 3DNow! extensions */ ++#define X86_FEATURE_3DNOW 31 /* 3DNow! */ ++ ++/* Intel-defined CPU features, CPUID level 0x00000001 (ecx) */ ++#define X86_FEATURE_XMM3 0 /* Streaming SIMD Extensions-3 */ ++#define X86_FEATURE_PCLMULQDQ 1 /* Carry-less multiplication */ ++#define X86_FEATURE_DTES64 2 /* 64-bit Debug Store */ ++#define X86_FEATURE_MWAIT 3 /* Monitor/Mwait support */ ++#define X86_FEATURE_DSCPL 4 /* CPL Qualified Debug Store */ ++#define X86_FEATURE_VMXE 5 /* Virtual Machine Extensions */ ++#define X86_FEATURE_SMXE 6 /* Safer Mode Extensions */ ++#define X86_FEATURE_EST 7 /* Enhanced SpeedStep */ ++#define X86_FEATURE_TM2 8 /* Thermal Monitor 2 */ ++#define X86_FEATURE_SSSE3 9 /* Supplemental Streaming SIMD Exts-3 */ ++#define X86_FEATURE_CID 10 /* Context ID */ ++#define X86_FEATURE_CX16 13 /* CMPXCHG16B */ ++#define X86_FEATURE_XTPR 14 /* Send Task Priority Messages */ ++#define X86_FEATURE_PDCM 15 /* Perf/Debug Capability MSR */ ++#define X86_FEATURE_DCA 18 /* Direct Cache Access */ ++#define X86_FEATURE_SSE4_1 19 /* Streaming SIMD Extensions 4.1 */ ++#define X86_FEATURE_SSE4_2 20 /* Streaming SIMD Extensions 4.2 */ ++#define X86_FEATURE_X2APIC 21 /* x2APIC */ ++#define X86_FEATURE_POPCNT 23 /* POPCNT instruction */ ++#define X86_FEATURE_TSC_DEADLINE 24 /* "tdt" TSC Deadline Timer */ ++#define X86_FEATURE_AES 25 /* AES acceleration instructions */ ++#define X86_FEATURE_XSAVE 26 /* XSAVE/XRSTOR/XSETBV/XGETBV */ ++#define X86_FEATURE_AVX 28 /* Advanced Vector Extensions */ ++#define X86_FEATURE_F16C 29 /* Half-precision convert instruction */ ++#define X86_FEATURE_HYPERVISOR 31 /* Running under some hypervisor */ ++ ++/* VIA/Cyrix/Centaur-defined CPU features, CPUID level 0xC0000001 */ ++#define X86_FEATURE_XSTORE 2 /* on-CPU RNG present (xstore insn) */ ++#define X86_FEATURE_XSTORE_EN 3 /* on-CPU RNG enabled */ ++#define X86_FEATURE_XCRYPT 6 /* on-CPU crypto (xcrypt insn) */ ++#define X86_FEATURE_XCRYPT_EN 7 /* on-CPU crypto enabled */ ++#define X86_FEATURE_ACE2 8 /* Advanced Cryptography Engine v2 */ ++#define X86_FEATURE_ACE2_EN 9 /* ACE v2 enabled */ ++#define X86_FEATURE_PHE 10 /* PadLock Hash Engine */ ++#define X86_FEATURE_PHE_EN 11 /* PHE enabled */ ++#define X86_FEATURE_PMM 12 /* PadLock Montgomery Multiplier */ ++#define X86_FEATURE_PMM_EN 13 /* PMM enabled */ ++ ++/* More extended AMD flags: CPUID level 0x80000001, ecx */ ++#define X86_FEATURE_LAHF_LM 0 /* LAHF/SAHF in long mode */ ++#define X86_FEATURE_CMP_LEGACY 1 /* If yes HyperThreading not valid */ ++#define X86_FEATURE_SVM 2 /* Secure virtual machine */ ++#define X86_FEATURE_EXTAPIC 3 /* Extended APIC space */ ++#define X86_FEATURE_CR8_LEGACY 4 /* CR8 in 32-bit mode */ ++#define X86_FEATURE_ABM 5 /* Advanced bit manipulation */ ++#define X86_FEATURE_SSE4A 6 /* SSE-4A */ ++#define X86_FEATURE_MISALIGNSSE 7 /* Misaligned SSE mode */ ++#define X86_FEATURE_3DNOWPREFETCH 8 /* 3DNow prefetch instructions */ ++#define X86_FEATURE_OSVW 9 /* OS Visible Workaround */ ++#define X86_FEATURE_IBS 10 /* Instruction Based Sampling */ ++#define X86_FEATURE_XOP 11 /* extended AVX instructions */ ++#define X86_FEATURE_SKINIT 12 /* SKINIT/STGI instructions */ ++#define X86_FEATURE_WDT 13 /* Watchdog timer */ ++#define X86_FEATURE_LWP 15 /* Light Weight Profiling */ ++#define X86_FEATURE_FMA4 16 /* 4 operands MAC instructions */ ++#define X86_FEATURE_NODEID_MSR 19 /* NodeId MSR */ ++#define X86_FEATURE_TBM 21 /* trailing bit manipulations */ ++#define X86_FEATURE_TOPOEXT 22 /* topology extensions CPUID leafs */ + +-/* Intel-defined CPU features, CPUID level 0x00000007:0 (ebx), word 9 */ +-#define X86_FEATURE_FSGSBASE (7*32+ 0) /* {RD,WR}{FS,GS}BASE instructions */ ++/* Intel-defined CPU features, CPUID level 0x00000007:0 (ebx) */ ++#define X86_FEATURE_FSGSBASE 0 /* {RD,WR}{FS,GS}BASE instructions */ + + #endif /* __LIBXC_CPUFEATURE_H */ +--- a/tools/libxc/xc_cpuid_x86.c ++++ b/tools/libxc/xc_cpuid_x86.c +@@ -25,9 +25,9 @@ + #include "xc_cpufeature.h" + #include + +-#define bitmaskof(idx) (1u << ((idx) & 31)) +-#define clear_bit(idx, dst) ((dst) &= ~(1u << ((idx) & 31))) +-#define set_bit(idx, dst) ((dst) |= (1u << ((idx) & 31))) ++#define bitmaskof(idx) (1u << (idx)) ++#define clear_bit(idx, dst) ((dst) &= ~(1u << (idx))) ++#define set_bit(idx, dst) ((dst) |= (1u << (idx))) + + #define DEF_MAX_BASE 0x0000000du + #define DEF_MAX_EXT 0x80000008u diff --git a/23481-x86-SMEP.patch b/23481-x86-SMEP.patch new file mode 100644 index 0000000..6297f7c --- /dev/null +++ b/23481-x86-SMEP.patch @@ -0,0 +1,284 @@ +References: FATE#311951 + +# HG changeset patch +# User Keir Fraser +# Date 1307133540 -3600 +# Node ID 0c0884fd8b494932a4b707e339cbe1b881d09103 +# Parent bcd2476c2e2d00dc6371e52fbff66fe3178b7944 +x86: Enable Supervisor Mode Execution Protection (SMEP) + +Intel new CPU supports SMEP (Supervisor Mode Execution +Protection). SMEP prevents software operating with CPL < 3 (supervisor +mode) from fetching instructions from any linear address with a valid +translation for which the U/S flag (bit 2) is 1 in every +paging-structure entry controlling the translation for the linear +address. + +This patch enables SMEP in Xen to protect Xen hypervisor from +executing pv guest instructions, whose translation paging-structure +entries' U/S flags are all set. + +Signed-off-by: Yang Wei +Signed-off-by: Shan Haitao +Signed-off-by: Li Xin +Signed-off-by: Keir Fraser + +--- a/xen/arch/x86/setup.c ++++ b/xen/arch/x86/setup.c +@@ -61,6 +61,10 @@ integer_param("maxcpus", max_cpus); + static bool_t __initdata opt_watchdog; + boolean_param("watchdog", opt_watchdog); + ++/* smep: Enable/disable Supervisor Mode Execution Protection (default on). */ ++static bool_t __initdata disable_smep; ++invbool_param("smep", disable_smep); ++ + /* **** Linux config option: propagated to domain0. */ + /* "acpi=off": Sisables both ACPI table parsing and interpreter. */ + /* "acpi=force": Override the disable blacklist. */ +@@ -1204,11 +1208,17 @@ void __init __start_xen(unsigned long mb + arch_init_memory(); + + identify_cpu(&boot_cpu_data); ++ + if ( cpu_has_fxsr ) + set_in_cr4(X86_CR4_OSFXSR); + if ( cpu_has_xmm ) + set_in_cr4(X86_CR4_OSXMMEXCPT); + ++ if ( disable_smep ) ++ setup_clear_cpu_cap(X86_FEATURE_SMEP); ++ if ( cpu_has_smep ) ++ set_in_cr4(X86_CR4_SMEP); ++ + local_irq_enable(); + + #ifdef CONFIG_X86_64 +--- a/xen/arch/x86/traps.c ++++ b/xen/arch/x86/traps.c +@@ -1136,7 +1136,13 @@ static int handle_gdt_ldt_mapping_fault( + (((va) >= HYPERVISOR_VIRT_START)) + #endif + +-static int __spurious_page_fault( ++enum pf_type { ++ real_fault, ++ smep_fault, ++ spurious_fault ++}; ++ ++static enum pf_type __page_fault_type( + unsigned long addr, unsigned int error_code) + { + unsigned long mfn, cr3 = read_cr3(); +@@ -1148,7 +1154,7 @@ static int __spurious_page_fault( + #endif + l2_pgentry_t l2e, *l2t; + l1_pgentry_t l1e, *l1t; +- unsigned int required_flags, disallowed_flags; ++ unsigned int required_flags, disallowed_flags, page_user; + + /* + * We do not take spurious page faults in IRQ handlers as we do not +@@ -1156,11 +1162,11 @@ static int __spurious_page_fault( + * map_domain_page() is not IRQ-safe. + */ + if ( in_irq() ) +- return 0; ++ return real_fault; + + /* Reserved bit violations are never spurious faults. */ + if ( error_code & PFEC_reserved_bit ) +- return 0; ++ return real_fault; + + required_flags = _PAGE_PRESENT; + if ( error_code & PFEC_write_access ) +@@ -1172,6 +1178,8 @@ static int __spurious_page_fault( + if ( error_code & PFEC_insn_fetch ) + disallowed_flags |= _PAGE_NX; + ++ page_user = _PAGE_USER; ++ + mfn = cr3 >> PAGE_SHIFT; + + #if CONFIG_PAGING_LEVELS >= 4 +@@ -1181,7 +1189,8 @@ static int __spurious_page_fault( + unmap_domain_page(l4t); + if ( ((l4e_get_flags(l4e) & required_flags) != required_flags) || + (l4e_get_flags(l4e) & disallowed_flags) ) +- return 0; ++ return real_fault; ++ page_user &= l4e_get_flags(l4e); + #endif + + #if CONFIG_PAGING_LEVELS >= 3 +@@ -1194,13 +1203,14 @@ static int __spurious_page_fault( + unmap_domain_page(l3t); + #if CONFIG_PAGING_LEVELS == 3 + if ( !(l3e_get_flags(l3e) & _PAGE_PRESENT) ) +- return 0; ++ return real_fault; + #else + if ( ((l3e_get_flags(l3e) & required_flags) != required_flags) || + (l3e_get_flags(l3e) & disallowed_flags) ) +- return 0; ++ return real_fault; ++ page_user &= l3e_get_flags(l3e); + if ( l3e_get_flags(l3e) & _PAGE_PSE ) +- return 1; ++ goto leaf; + #endif + #endif + +@@ -1210,9 +1220,10 @@ static int __spurious_page_fault( + unmap_domain_page(l2t); + if ( ((l2e_get_flags(l2e) & required_flags) != required_flags) || + (l2e_get_flags(l2e) & disallowed_flags) ) +- return 0; ++ return real_fault; ++ page_user &= l2e_get_flags(l2e); + if ( l2e_get_flags(l2e) & _PAGE_PSE ) +- return 1; ++ goto leaf; + + l1t = map_domain_page(mfn); + l1e = l1e_read_atomic(&l1t[l1_table_offset(addr)]); +@@ -1220,26 +1231,36 @@ static int __spurious_page_fault( + unmap_domain_page(l1t); + if ( ((l1e_get_flags(l1e) & required_flags) != required_flags) || + (l1e_get_flags(l1e) & disallowed_flags) ) +- return 0; ++ return real_fault; ++ page_user &= l1e_get_flags(l1e); + +- return 1; ++leaf: ++ /* ++ * Supervisor Mode Execution Protection (SMEP): ++ * Disallow supervisor execution from user-accessible mappings ++ */ ++ if ( (read_cr4() & X86_CR4_SMEP) && page_user && ++ ((error_code & (PFEC_insn_fetch|PFEC_user_mode)) == PFEC_insn_fetch) ) ++ return smep_fault; ++ ++ return spurious_fault; + } + +-static int spurious_page_fault( ++static enum pf_type spurious_page_fault( + unsigned long addr, unsigned int error_code) + { + unsigned long flags; +- int is_spurious; ++ enum pf_type pf_type; + + /* + * Disabling interrupts prevents TLB flushing, and hence prevents + * page tables from becoming invalid under our feet during the walk. + */ + local_irq_save(flags); +- is_spurious = __spurious_page_fault(addr, error_code); ++ pf_type = __page_fault_type(addr, error_code); + local_irq_restore(flags); + +- return is_spurious; ++ return pf_type; + } + + static int fixup_page_fault(unsigned long addr, struct cpu_user_regs *regs) +@@ -1314,6 +1335,7 @@ asmlinkage void do_page_fault(struct cpu + { + unsigned long addr, fixup; + unsigned int error_code; ++ enum pf_type pf_type; + + addr = read_cr2(); + +@@ -1329,7 +1351,9 @@ asmlinkage void do_page_fault(struct cpu + + if ( unlikely(!guest_mode(regs)) ) + { +- if ( spurious_page_fault(addr, error_code) ) ++ pf_type = spurious_page_fault(addr, error_code); ++ BUG_ON(pf_type == smep_fault); ++ if ( pf_type != real_fault ) + return; + + if ( likely((fixup = search_exception_table(regs->eip)) != 0) ) +@@ -1351,9 +1375,17 @@ asmlinkage void do_page_fault(struct cpu + error_code, _p(addr)); + } + +- if ( unlikely(current->domain->arch.suppress_spurious_page_faults +- && spurious_page_fault(addr, error_code)) ) +- return; ++ if ( unlikely(current->domain->arch.suppress_spurious_page_faults) ) ++ { ++ pf_type = spurious_page_fault(addr, error_code); ++ if ( pf_type == smep_fault ) ++ { ++ gdprintk(XENLOG_ERR, "Fatal SMEP fault\n"); ++ domain_crash(current->domain); ++ } ++ if ( pf_type != real_fault ) ++ return; ++ } + + propagate_page_fault(addr, regs->error_code); + } +--- a/xen/include/asm-x86/cpufeature.h ++++ b/xen/include/asm-x86/cpufeature.h +@@ -140,8 +140,9 @@ + #define X86_FEATURE_TBM (6*32+21) /* trailing bit manipulations */ + #define X86_FEATURE_TOPOEXT (6*32+22) /* topology extensions CPUID leafs */ + +-/* Intel-defined CPU features, CPUID level 0x00000007:0 (ebx), word 9 */ ++/* Intel-defined CPU features, CPUID level 0x00000007:0 (ebx), word 7 */ + #define X86_FEATURE_FSGSBASE (7*32+ 0) /* {RD,WR}{FS,GS}BASE instructions */ ++#define X86_FEATURE_SMEP (7*32+ 7) /* Supervisor Mode Execution Protection */ + + #define cpu_has(c, bit) test_bit(bit, (c)->x86_capability) + #define boot_cpu_has(bit) test_bit(bit, boot_cpu_data.x86_capability) +@@ -201,6 +202,8 @@ + #define cpu_has_fsgsbase boot_cpu_has(X86_FEATURE_FSGSBASE) + #endif + ++#define cpu_has_smep boot_cpu_has(X86_FEATURE_SMEP) ++ + #define cpu_has_ffxsr ((boot_cpu_data.x86_vendor == X86_VENDOR_AMD) \ + && boot_cpu_has(X86_FEATURE_FFXSR)) + +--- a/xen/include/asm-x86/domain.h ++++ b/xen/include/asm-x86/domain.h +@@ -462,12 +462,14 @@ unsigned long pv_guest_cr4_fixup(const s + /* Convert between guest-visible and real CR4 values. */ + #define pv_guest_cr4_to_real_cr4(v) \ + (((v)->arch.guest_context.ctrlreg[4] \ +- | (mmu_cr4_features & (X86_CR4_PGE | X86_CR4_PSE)) \ +- | ((v)->domain->arch.vtsc ? X86_CR4_TSD : 0) \ +- | ((xsave_enabled(v))? X86_CR4_OSXSAVE : 0)) \ +- & ~X86_CR4_DE) +-#define real_cr4_to_pv_guest_cr4(c) \ +- ((c) & ~(X86_CR4_PGE | X86_CR4_PSE | X86_CR4_TSD | X86_CR4_OSXSAVE)) ++ | (mmu_cr4_features \ ++ & (X86_CR4_PGE | X86_CR4_PSE | X86_CR4_SMEP)) \ ++ | ((v)->domain->arch.vtsc ? X86_CR4_TSD : 0) \ ++ | ((xsave_enabled(v))? X86_CR4_OSXSAVE : 0)) \ ++ & ~X86_CR4_DE) ++#define real_cr4_to_pv_guest_cr4(c) \ ++ ((c) & ~(X86_CR4_PGE | X86_CR4_PSE | X86_CR4_TSD \ ++ | X86_CR4_OSXSAVE | X86_CR4_SMEP)) + + void domain_cpuid(struct domain *d, + unsigned int input, +--- a/xen/include/asm-x86/processor.h ++++ b/xen/include/asm-x86/processor.h +@@ -85,6 +85,7 @@ + #define X86_CR4_SMXE 0x4000 /* enable SMX */ + #define X86_CR4_FSGSBASE 0x10000 /* enable {rd,wr}{fs,gs}base */ + #define X86_CR4_OSXSAVE 0x40000 /* enable XSAVE/XRSTOR */ ++#define X86_CR4_SMEP 0x100000/* enable SMEP */ + + /* + * Trap/fault mnemonics. diff --git a/23504-x86-SMEP-hvm.patch b/23504-x86-SMEP-hvm.patch new file mode 100644 index 0000000..5861b3b --- /dev/null +++ b/23504-x86-SMEP-hvm.patch @@ -0,0 +1,148 @@ +References: FATE#311951 + +# HG changeset patch +# User Tim Deegan +# Date 1307364408 -3600 +# Node ID c34604d5a29336d902837542b915d3b09b27a361 +# Parent 664c419b55681feb233b33e0028d0f0af371bedd +x86/hvm: add SMEP support to HVM guest + +Intel new CPU supports SMEP (Supervisor Mode Execution Protection). SMEP +prevents software operating with CPL < 3 (supervisor mode) from fetching +instructions from any linear address with a valid translation for which the U/S +flag (bit 2) is 1 in every paging-structure entry controlling the translation +for the linear address. + +This patch adds SMEP support to HVM guest. + +Signed-off-by: Yang Wei +Signed-off-by: Shan Haitao +Signed-off-by: Li Xin +Signed-off-by: Tim Deegan + +--- a/tools/libxc/xc_cpufeature.h ++++ b/tools/libxc/xc_cpufeature.h +@@ -124,5 +124,6 @@ + + /* Intel-defined CPU features, CPUID level 0x00000007:0 (ebx) */ + #define X86_FEATURE_FSGSBASE 0 /* {RD,WR}{FS,GS}BASE instructions */ ++#define X86_FEATURE_SMEP 7 /* Supervisor Mode Execution Protection */ + + #endif /* __LIBXC_CPUFEATURE_H */ +--- a/tools/libxc/xc_cpuid_x86.c ++++ b/tools/libxc/xc_cpuid_x86.c +@@ -300,6 +300,14 @@ static void xc_cpuid_hvm_policy( + clear_bit(X86_FEATURE_PAE, regs[3]); + break; + ++ case 0x00000007: /* Intel-defined CPU features */ ++ if ( input[1] == 0 ) { ++ regs[1] &= bitmaskof(X86_FEATURE_SMEP); ++ } else ++ regs[1] = 0; ++ regs[0] = regs[2] = regs[3] = 0; ++ break; ++ + case 0x0000000d: + xc_cpuid_config_xsave(xch, domid, xfeature_mask, input, regs); + break; +--- a/xen/arch/x86/hvm/hvm.c ++++ b/xen/arch/x86/hvm/hvm.c +@@ -1553,8 +1553,9 @@ int hvm_set_cr4(unsigned long value) + v->arch.hvm_vcpu.guest_cr[4] = value; + hvm_update_guest_cr(v, 4); + +- /* Modifying CR4.{PSE,PAE,PGE} invalidates all TLB entries, inc. Global. */ +- if ( (old_cr ^ value) & (X86_CR4_PSE | X86_CR4_PGE | X86_CR4_PAE) ) ++ /* Modifying CR4.{PSE,PAE,PGE,SMEP} invalidates all TLB entries. */ ++ if ( (old_cr ^ value) & (X86_CR4_PSE | X86_CR4_PGE | ++ X86_CR4_PAE | X86_CR4_SMEP) ) + paging_update_paging_modes(v); + + return X86EMUL_OKAY; +@@ -2196,7 +2197,7 @@ enum hvm_copy_result hvm_copy_from_guest + enum hvm_copy_result hvm_fetch_from_guest_virt( + void *buf, unsigned long vaddr, int size, uint32_t pfec) + { +- if ( hvm_nx_enabled(current) ) ++ if ( hvm_nx_enabled(current) || hvm_smep_enabled(current) ) + pfec |= PFEC_insn_fetch; + return __hvm_copy(buf, vaddr, size, + HVMCOPY_from_guest | HVMCOPY_fault | HVMCOPY_virt, +@@ -2222,7 +2223,7 @@ enum hvm_copy_result hvm_copy_from_guest + enum hvm_copy_result hvm_fetch_from_guest_virt_nofault( + void *buf, unsigned long vaddr, int size, uint32_t pfec) + { +- if ( hvm_nx_enabled(current) ) ++ if ( hvm_nx_enabled(current) || hvm_smep_enabled(current) ) + pfec |= PFEC_insn_fetch; + return __hvm_copy(buf, vaddr, size, + HVMCOPY_from_guest | HVMCOPY_no_fault | HVMCOPY_virt, +@@ -2292,6 +2293,10 @@ void hvm_cpuid(unsigned int input, unsig + *ecx |= (v->arch.hvm_vcpu.guest_cr[4] & X86_CR4_OSXSAVE) ? + cpufeat_mask(X86_FEATURE_OSXSAVE) : 0; + break; ++ case 0x7: ++ if ( (count == 0) && !cpu_has_smep ) ++ *ebx &= ~cpufeat_mask(X86_FEATURE_SMEP); ++ break; + case 0xb: + /* Fix the x2APIC identifier. */ + *edx = v->vcpu_id * 2; +--- a/xen/arch/x86/mm/guest_walk.c ++++ b/xen/arch/x86/mm/guest_walk.c +@@ -132,7 +132,7 @@ guest_walk_tables(struct vcpu *v, struct + guest_l4e_t *l4p; + #endif + uint32_t gflags, mflags, iflags, rc = 0; +- int pse; ++ int pse, smep; + + perfc_incr(guest_walk); + memset(gw, 0, sizeof(*gw)); +@@ -145,6 +145,15 @@ guest_walk_tables(struct vcpu *v, struct + mflags = mandatory_flags(v, pfec); + iflags = (_PAGE_NX_BIT | _PAGE_INVALID_BITS); + ++ /* SMEP: kernel-mode instruction fetches from user-mode mappings ++ * should fault. Unlike NX or invalid bits, we're looking for _all_ ++ * entries in the walk to have _PAGE_USER set, so we need to do the ++ * whole walk as if it were a user-mode one and then invert the answer. */ ++ smep = (is_hvm_vcpu(v) && hvm_smep_enabled(v) ++ && (pfec & PFEC_insn_fetch) && !(pfec & PFEC_user_mode) ); ++ if ( smep ) ++ mflags |= _PAGE_USER; ++ + #if GUEST_PAGING_LEVELS >= 3 /* PAE or 64... */ + #if GUEST_PAGING_LEVELS >= 4 /* 64-bit only... */ + +@@ -271,6 +280,10 @@ guest_walk_tables(struct vcpu *v, struct + rc |= ((gflags & mflags) ^ mflags); + } + ++ /* Now re-invert the user-mode requirement for SMEP. */ ++ if ( smep ) ++ rc ^= _PAGE_USER; ++ + /* Go back and set accessed and dirty bits only if the walk was a + * success. Although the PRMs say higher-level _PAGE_ACCESSED bits + * get set whenever a lower-level PT is used, at least some hardware +--- a/xen/include/asm-x86/hvm/hvm.h ++++ b/xen/include/asm-x86/hvm/hvm.h +@@ -181,6 +181,8 @@ int hvm_girq_dest_2_vcpu_id(struct domai + (!!((v)->arch.hvm_vcpu.guest_cr[0] & X86_CR0_WP)) + #define hvm_pae_enabled(v) \ + (hvm_paging_enabled(v) && ((v)->arch.hvm_vcpu.guest_cr[4] & X86_CR4_PAE)) ++#define hvm_smep_enabled(v) \ ++ (hvm_paging_enabled(v) && ((v)->arch.hvm_vcpu.guest_cr[4] & X86_CR4_SMEP)) + #define hvm_nx_enabled(v) \ + (!!((v)->arch.hvm_vcpu.guest_efer & EFER_NX)) + +@@ -294,6 +296,7 @@ static inline int hvm_do_pmu_interrupt(s + X86_CR4_DE | X86_CR4_PSE | X86_CR4_PAE | \ + X86_CR4_MCE | X86_CR4_PGE | X86_CR4_PCE | \ + X86_CR4_OSFXSR | X86_CR4_OSXMMEXCPT | \ ++ (cpu_has_smep ? X86_CR4_SMEP : 0) | \ + (xsave_enabled(_v) ? X86_CR4_OSXSAVE : 0)))) + + /* These exceptions must always be intercepted. */ diff --git a/23505-x86-cpu-add-arg-check.patch b/23505-x86-cpu-add-arg-check.patch new file mode 100644 index 0000000..c452b54 --- /dev/null +++ b/23505-x86-cpu-add-arg-check.patch @@ -0,0 +1,24 @@ +# HG changeset patch +# User Keir Fraser +# Date 1307689724 -3600 +# Node ID 5a557fda70a99d287735b53957e865c8dac0e351 +# Parent c34604d5a29336d902837542b915d3b09b27a361 +x86: Fix argument checking in (privileged) function cpu_add(). + +Thanks to John McDermott for spotting. + +Signed-off-by: Keir Fraser + +--- a/xen/arch/x86/smpboot.c ++++ b/xen/arch/x86/smpboot.c +@@ -899,7 +899,9 @@ int cpu_add(uint32_t apic_id, uint32_t a + dprintk(XENLOG_DEBUG, "cpu_add apic_id %x acpi_id %x pxm %x\n", + apic_id, acpi_id, pxm); + +- if ( acpi_id > MAX_MADT_ENTRIES || apic_id > MAX_APICS || pxm > 256 ) ++ if ( (acpi_id >= MAX_MADT_ENTRIES) || ++ (apic_id >= MAX_APICS) || ++ (pxm >= 256) ) + return -EINVAL; + + if ( !cpu_hotplug_begin() ) diff --git a/23508-vmx-proc-based-ctls-probe.patch b/23508-vmx-proc-based-ctls-probe.patch new file mode 100644 index 0000000..8f728c4 --- /dev/null +++ b/23508-vmx-proc-based-ctls-probe.patch @@ -0,0 +1,45 @@ +# HG changeset patch +# User Keir Fraser +# Date 1307691167 -3600 +# Node ID 2ef6bbee50371e1135236035ed1a9a7b8748e09f +# Parent 0a29c8c3ddf7395ea8e68c5f4cd8633023490022 +x86/vmx: Small fixes to MSR_IA32_VMX_PROCBASED_CTLS feature probing. + +Should check for VIRTUAL_INTR_PENDING as we unconditionally make use +of it. Also check for CR8 exiting unconditionally on x86/64, as this +is of use to nestedvmx, and every 64-bit cpu should support it. + +Signed-off-by: Eddie Dong +Signed-off-by: Keir Fraser + +--- a/xen/arch/x86/hvm/vmx/vmcs.c ++++ b/xen/arch/x86/hvm/vmx/vmcs.c +@@ -147,6 +147,11 @@ static int vmx_init_vmcs_config(void) + MSR_IA32_VMX_PINBASED_CTLS, &mismatch); + + min = (CPU_BASED_HLT_EXITING | ++ CPU_BASED_VIRTUAL_INTR_PENDING | ++#ifdef __x86_64__ ++ CPU_BASED_CR8_LOAD_EXITING | ++ CPU_BASED_CR8_STORE_EXITING | ++#endif + CPU_BASED_INVLPG_EXITING | + CPU_BASED_CR3_LOAD_EXITING | + CPU_BASED_CR3_STORE_EXITING | +@@ -165,13 +170,9 @@ static int vmx_init_vmcs_config(void) + MSR_IA32_VMX_PROCBASED_CTLS, &mismatch); + _vmx_cpu_based_exec_control &= ~CPU_BASED_RDTSC_EXITING; + #ifdef __x86_64__ +- if ( !(_vmx_cpu_based_exec_control & CPU_BASED_TPR_SHADOW) ) +- { +- min |= CPU_BASED_CR8_LOAD_EXITING | CPU_BASED_CR8_STORE_EXITING; +- _vmx_cpu_based_exec_control = adjust_vmx_controls( +- "CPU-Based Exec Control", min, opt, +- MSR_IA32_VMX_PROCBASED_CTLS, &mismatch); +- } ++ if ( _vmx_cpu_based_exec_control & CPU_BASED_TPR_SHADOW ) ++ _vmx_cpu_based_exec_control &= ++ ~(CPU_BASED_CR8_LOAD_EXITING | CPU_BASED_CR8_STORE_EXITING); + #endif + + if ( _vmx_cpu_based_exec_control & CPU_BASED_ACTIVATE_SECONDARY_CONTROLS ) diff --git a/23510-hvm-cpuid-DRNG.patch b/23510-hvm-cpuid-DRNG.patch new file mode 100644 index 0000000..9961cd9 --- /dev/null +++ b/23510-hvm-cpuid-DRNG.patch @@ -0,0 +1,44 @@ +# HG changeset patch +# User Yang, Wei +# Date 1308051888 -3600 +# Node ID 864a3dd1d9b4664f1ece44c9eaf390969253b7a8 +# Parent 782bc7b2661a3921af21130f34f599f68911f2ce +x86/hvm: Make DRNG feature visible in CPUID + +This patch exposes DRNG feature to HVM guests. + +The RDRAND instruction can provide software with sequences of +random numbers generated from white noise. + +Signed-off-by: Yang, Wei + +--- a/tools/libxc/xc_cpufeature.h ++++ b/tools/libxc/xc_cpufeature.h +@@ -87,6 +87,7 @@ + #define X86_FEATURE_XSAVE 26 /* XSAVE/XRSTOR/XSETBV/XGETBV */ + #define X86_FEATURE_AVX 28 /* Advanced Vector Extensions */ + #define X86_FEATURE_F16C 29 /* Half-precision convert instruction */ ++#define X86_FEATURE_RDRAND 30 /* Digital Random Number Generator */ + #define X86_FEATURE_HYPERVISOR 31 /* Running under some hypervisor */ + + /* VIA/Cyrix/Centaur-defined CPU features, CPUID level 0xC0000001 */ +--- a/tools/libxc/xc_cpuid_x86.c ++++ b/tools/libxc/xc_cpuid_x86.c +@@ -262,6 +262,7 @@ static void xc_cpuid_hvm_policy( + bitmaskof(X86_FEATURE_POPCNT) | + bitmaskof(X86_FEATURE_AES) | + bitmaskof(X86_FEATURE_F16C) | ++ bitmaskof(X86_FEATURE_RDRAND) | + ((xfeature_mask != 0) ? + (bitmaskof(X86_FEATURE_AVX) | + bitmaskof(X86_FEATURE_XSAVE)) : 0)); +--- a/xen/include/asm-x86/cpufeature.h ++++ b/xen/include/asm-x86/cpufeature.h +@@ -105,6 +105,7 @@ + #define X86_FEATURE_OSXSAVE (4*32+27) /* OSXSAVE */ + #define X86_FEATURE_AVX (4*32+28) /* Advanced Vector Extensions */ + #define X86_FEATURE_F16C (4*32+29) /* Half-precision convert instruction */ ++#define X86_FEATURE_RDRAND (4*32+30) /* Digital Random Number Generator */ + #define X86_FEATURE_HYPERVISOR (4*32+31) /* Running under some hypervisor */ + + /* VIA/Cyrix/Centaur-defined CPU features, CPUID level 0xC0000001, word 5 */ diff --git a/23511-amd-fam15-no-flush-for-C3.patch b/23511-amd-fam15-no-flush-for-C3.patch new file mode 100644 index 0000000..4c4d56f --- /dev/null +++ b/23511-amd-fam15-no-flush-for-C3.patch @@ -0,0 +1,28 @@ +References: FATE#309893 + +# HG changeset patch +# User Mark Langsdorf +# Date 1308051989 -3600 +# Node ID 450f1d198e1e299b69489d513f591f0301cc5166 +# Parent 864a3dd1d9b4664f1ece44c9eaf390969253b7a8 +x86/amd: Eliminate cache flushing when entering C3 on select AMD processors + +AMD Fam15h processors have a shared cache. It does not need +to be be flushed when entering C3 and doing so causes reduces +performance. Modify acpi_processor_power_init_bm_check to +prevent these processors from flushing when entering C3. + +Signed-off-by: Mark Langsdorf + +--- a/xen/arch/x86/acpi/cpu_idle.c ++++ b/xen/arch/x86/acpi/cpu_idle.c +@@ -680,7 +680,8 @@ static void acpi_processor_power_init_bm + flags->bm_check = 0; + if ( num_online_cpus() == 1 ) + flags->bm_check = 1; +- else if ( c->x86_vendor == X86_VENDOR_INTEL ) ++ else if ( (c->x86_vendor == X86_VENDOR_INTEL) || ++ ((c->x86_vendor == X86_VENDOR_AMD) && (c->x86 == 0x15)) ) + { + /* + * Today all MP CPUs that support C3 share cache. diff --git a/23516-cpuid-ERMS.patch b/23516-cpuid-ERMS.patch new file mode 100644 index 0000000..81fe65f --- /dev/null +++ b/23516-cpuid-ERMS.patch @@ -0,0 +1,67 @@ +# HG changeset patch +# User Yang, Wei +# Date 1308053598 -3600 +# Node ID f4a47275aebf383cf565e0a265a56a8c1110d45e +# Parent 337520d94cba906e64dbd3089d65cda8cf97d1d0 +x86: Pass through ERMS CPUID feature for HVM and PV guests + +This patch exposes ERMS feature to HVM and PV guests. + +The REP MOVSB/STOSB instruction can enhance fast strings attempts to +move as much of the data with larger size load/stores as possible. + +Signed-off-by: Yang, Wei + +--- a/tools/libxc/xc_cpufeature.h ++++ b/tools/libxc/xc_cpufeature.h +@@ -126,5 +126,6 @@ + /* Intel-defined CPU features, CPUID level 0x00000007:0 (ebx) */ + #define X86_FEATURE_FSGSBASE 0 /* {RD,WR}{FS,GS}BASE instructions */ + #define X86_FEATURE_SMEP 7 /* Supervisor Mode Execution Protection */ ++#define X86_FEATURE_ERMS 9 /* Enhanced REP MOVSB/STOSB */ + + #endif /* __LIBXC_CPUFEATURE_H */ +--- a/tools/libxc/xc_cpuid_x86.c ++++ b/tools/libxc/xc_cpuid_x86.c +@@ -303,7 +303,8 @@ static void xc_cpuid_hvm_policy( + + case 0x00000007: /* Intel-defined CPU features */ + if ( input[1] == 0 ) { +- regs[1] &= bitmaskof(X86_FEATURE_SMEP); ++ regs[1] &= (bitmaskof(X86_FEATURE_SMEP) | ++ bitmaskof(X86_FEATURE_ERMS)); + } else + regs[1] = 0; + regs[0] = regs[2] = regs[3] = 0; +@@ -425,7 +426,8 @@ static void xc_cpuid_pv_policy( + + case 7: + if ( input[1] == 0 ) +- regs[1] &= bitmaskof(X86_FEATURE_FSGSBASE); ++ regs[1] &= (bitmaskof(X86_FEATURE_FSGSBASE) | ++ bitmaskof(X86_FEATURE_ERMS)); + else + regs[1] = 0; + regs[0] = regs[2] = regs[3] = 0; +--- a/xen/arch/x86/traps.c ++++ b/xen/arch/x86/traps.c +@@ -812,7 +812,8 @@ static void pv_cpuid(struct cpu_user_reg + break; + case 7: + if ( regs->ecx == 0 ) +- b &= cpufeat_mask(X86_FEATURE_FSGSBASE); ++ b &= (cpufeat_mask(X86_FEATURE_FSGSBASE) | ++ cpufeat_mask(X86_FEATURE_ERMS)); + else + b = 0; + a = c = d = 0; +--- a/xen/include/asm-x86/cpufeature.h ++++ b/xen/include/asm-x86/cpufeature.h +@@ -144,6 +144,7 @@ + /* Intel-defined CPU features, CPUID level 0x00000007:0 (ebx), word 7 */ + #define X86_FEATURE_FSGSBASE (7*32+ 0) /* {RD,WR}{FS,GS}BASE instructions */ + #define X86_FEATURE_SMEP (7*32+ 7) /* Supervisor Mode Execution Protection */ ++#define X86_FEATURE_ERMS (7*32+ 9) /* Enhanced REP MOVSB/STOSB */ + + #define cpu_has(c, bit) test_bit(bit, (c)->x86_capability) + #define boot_cpu_has(bit) test_bit(bit, boot_cpu_data.x86_capability) diff --git a/23538-hvm-pio-emul-no-host-crash.patch b/23538-hvm-pio-emul-no-host-crash.patch new file mode 100644 index 0000000..e7f3f59 --- /dev/null +++ b/23538-hvm-pio-emul-no-host-crash.patch @@ -0,0 +1,33 @@ +# HG changeset patch +# User George Dunlap +# Date 1308150314 -3600 +# Node ID 35b4220c98bc89b7162d19ed6c858e027fabff69 +# Parent cac82bc1ea23bc213ece4c84db2703dd46df7f25 +x86/hvm: Crash domain rather than guest on unexpected PIO IO state + +Under certain conditions, if an IO gets into an unexpected state, +hvmemul_do_io can return X86EMUL_UNHANDLEABLE. Unfortunately, +handle_pio() does not expect this state, and calls BUG() if it sees +it, crashing the host. + +Other HVM io-related code crashes the guest in this case. This patch +makes handle_pio() do the same. + +The crash was seen when executing crash_guest in dom0 to forcibly +crash the guest. + +Signed-off-by: George Dunlap + +--- a/xen/arch/x86/hvm/io.c ++++ b/xen/arch/x86/hvm/io.c +@@ -239,7 +239,9 @@ int handle_pio(uint16_t port, int size, + curr->arch.hvm_vcpu.io_state = HVMIO_handle_pio_awaiting_completion; + break; + default: +- BUG(); ++ gdprintk(XENLOG_ERR, "Weird HVM ioemulation status %d.\n", rc); ++ domain_crash(curr->domain); ++ break; + } + + return 1; diff --git a/23539-hvm-cpuid-FSGSBASE.patch b/23539-hvm-cpuid-FSGSBASE.patch new file mode 100644 index 0000000..eb070d8 --- /dev/null +++ b/23539-hvm-cpuid-FSGSBASE.patch @@ -0,0 +1,34 @@ +# HG changeset patch +# User Yang, Wei +# Date 1308150408 -3600 +# Node ID 8c75f35d55f60cb2f374e3b5c7c520f8633d733f +# Parent 35b4220c98bc89b7162d19ed6c858e027fabff69 +Enable RDWRGSFS feature support for HVM guests + +Write/read FS/GS base instructions enable user level code to +read/write FS & GS segment base registers for thread local storage. + +Signed-off-by: Yang, Wei + +--- a/tools/libxc/xc_cpuid_x86.c ++++ b/tools/libxc/xc_cpuid_x86.c +@@ -304,7 +304,8 @@ static void xc_cpuid_hvm_policy( + case 0x00000007: /* Intel-defined CPU features */ + if ( input[1] == 0 ) { + regs[1] &= (bitmaskof(X86_FEATURE_SMEP) | +- bitmaskof(X86_FEATURE_ERMS)); ++ bitmaskof(X86_FEATURE_ERMS) | ++ bitmaskof(X86_FEATURE_FSGSBASE)); + } else + regs[1] = 0; + regs[0] = regs[2] = regs[3] = 0; +--- a/xen/include/asm-x86/hvm/hvm.h ++++ b/xen/include/asm-x86/hvm/hvm.h +@@ -297,6 +297,7 @@ static inline int hvm_do_pmu_interrupt(s + X86_CR4_MCE | X86_CR4_PGE | X86_CR4_PCE | \ + X86_CR4_OSFXSR | X86_CR4_OSXMMEXCPT | \ + (cpu_has_smep ? X86_CR4_SMEP : 0) | \ ++ (cpu_has_fsgsbase ? X86_CR4_FSGSBASE : 0) | \ + (xsave_enabled(_v) ? X86_CR4_OSXSAVE : 0)))) + + /* These exceptions must always be intercepted. */ diff --git a/23543-x86_64-maddr_to_virt-assertion.patch b/23543-x86_64-maddr_to_virt-assertion.patch new file mode 100644 index 0000000..76df278 --- /dev/null +++ b/23543-x86_64-maddr_to_virt-assertion.patch @@ -0,0 +1,24 @@ +# HG changeset patch +# User Jan Beulich +# Date 1308165849 -3600 +# Node ID a8edfacd4b5e2cecb78d2ff93e57e7efa1bf2db2 +# Parent 23c068b109236657ededa3e3b7f180346a5cd9f9 +x86-64: fix incorrect assertion in __maddr_to_virt() + +When memory map sparseness reduction is in use, machine address ranges +can't validly be compared directly against the total size of the +direct mapping range. + +Signed-off-by: Jan Beulich + +--- a/xen/include/asm-x86/x86_64/page.h ++++ b/xen/include/asm-x86/x86_64/page.h +@@ -95,7 +95,7 @@ static inline unsigned long __virt_to_ma + + static inline void *__maddr_to_virt(unsigned long ma) + { +- ASSERT(ma < DIRECTMAP_VIRT_END - DIRECTMAP_VIRT_START); ++ ASSERT(pfn_to_pdx(ma >> PAGE_SHIFT) < (DIRECTMAP_SIZE >> PAGE_SHIFT)); + return (void *)(DIRECTMAP_VIRT_START + + ((ma & ma_va_bottom_mask) | + ((ma & ma_top_mask) >> pfn_pdx_hole_shift))); diff --git a/23546-fucomip.patch b/23546-fucomip.patch new file mode 100644 index 0000000..8536986 --- /dev/null +++ b/23546-fucomip.patch @@ -0,0 +1,23 @@ +# HG changeset patch +# User Keir Fraser +# Date 1308167438 -3600 +# Node ID b58c4ec2f6939b31d56307599b517b5bcfc90279 +# Parent 649372e3d46a795040a358075869336b15b6b627 +x86_emulate: Fix decode of FUCOMIP %stN. + +Signed-off-by: Keir Fraser +xen-unstable changeset: 23546:d25f2c114ace +xen-unstable date: Wed Jun 15 20:33:58 2011 +0100 + +--- a/xen/arch/x86/x86_emulate/x86_emulate.c ++++ b/xen/arch/x86/x86_emulate/x86_emulate.c +@@ -2936,8 +2936,8 @@ x86_emulate( + dst.reg = (unsigned long *)&_regs.eax; + emulate_fpu_insn_memdst("fnstsw", dst.val); + break; ++ case 0xe8 ... 0xef: /* fucomip %stN */ + case 0xf0 ... 0xf7: /* fcomip %stN */ +- case 0xf8 ... 0xff: /* fucomip %stN */ + emulate_fpu_insn_stub(0xdf, modrm); + break; + default: diff --git a/x86-show-page-walk-early.patch b/x86-show-page-walk-early.patch index c50013a..6784654 100644 --- a/x86-show-page-walk-early.patch +++ b/x86-show-page-walk-early.patch @@ -1,7 +1,5 @@ -Index: xen-4.1.1-testing/xen/arch/x86/mm.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/mm.c -+++ xen-4.1.1-testing/xen/arch/x86/mm.c +--- a/xen/arch/x86/mm.c ++++ b/xen/arch/x86/mm.c @@ -160,6 +160,8 @@ static int get_superpage(unsigned long m #endif static void put_superpage(unsigned long mfn); @@ -11,11 +9,9 @@ Index: xen-4.1.1-testing/xen/arch/x86/mm.c #define l1_disallow_mask(d) \ ((d != dom_io) && \ (rangeset_is_empty((d)->iomem_caps) && \ -Index: xen-4.1.1-testing/xen/arch/x86/traps.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/traps.c -+++ xen-4.1.1-testing/xen/arch/x86/traps.c -@@ -1377,6 +1377,7 @@ asmlinkage void __init do_early_page_fau +--- a/xen/arch/x86/traps.c ++++ b/xen/arch/x86/traps.c +@@ -1419,6 +1419,7 @@ asmlinkage void __init do_early_page_fau unsigned long *stk = (unsigned long *)regs; printk("Early fatal page fault at %04x:%p (cr2=%p, ec=%04x)\n", regs->cs, _p(regs->eip), _p(cr2), regs->error_code); @@ -23,10 +19,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/traps.c printk("Stack dump: "); while ( ((long)stk & ((PAGE_SIZE - 1) & ~(BYTES_PER_LONG - 1))) != 0 ) printk("%p ", _p(*stk++)); -Index: xen-4.1.1-testing/xen/arch/x86/x86_32/mm.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/x86_32/mm.c -+++ xen-4.1.1-testing/xen/arch/x86/x86_32/mm.c +--- a/xen/arch/x86/x86_32/mm.c ++++ b/xen/arch/x86/x86_32/mm.c @@ -123,6 +123,8 @@ void __init paging_init(void) #undef CNT #undef MFN @@ -36,10 +30,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/x86_32/mm.c /* Create page tables for ioremap()/map_domain_page_global(). */ for ( i = 0; i < (IOREMAP_MBYTES >> (L2_PAGETABLE_SHIFT - 20)); i++ ) { -Index: xen-4.1.1-testing/xen/arch/x86/x86_32/traps.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/x86_32/traps.c -+++ xen-4.1.1-testing/xen/arch/x86/x86_32/traps.c +--- a/xen/arch/x86/x86_32/traps.c ++++ b/xen/arch/x86/x86_32/traps.c @@ -164,7 +164,8 @@ void show_page_walk(unsigned long addr) l3t += (cr3 & 0xFE0UL) >> 3; l3e = l3t[l3_table_offset(addr)]; @@ -70,10 +62,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/x86_32/traps.c printk(" L1[0x%03lx] = %"PRIpte" %08lx\n", l1_table_offset(addr), l1e_get_intpte(l1e), pfn); unmap_domain_page(l1t); -Index: xen-4.1.1-testing/xen/arch/x86/x86_64/mm.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/x86_64/mm.c -+++ xen-4.1.1-testing/xen/arch/x86/x86_64/mm.c +--- a/xen/arch/x86/x86_64/mm.c ++++ b/xen/arch/x86/x86_64/mm.c @@ -750,6 +750,8 @@ void __init paging_init(void) #undef CNT #undef MFN @@ -83,10 +73,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/x86_64/mm.c /* Create user-accessible L2 directory to map the MPT for compat guests. */ BUILD_BUG_ON(l4_table_offset(RDWR_MPT_VIRT_START) != l4_table_offset(HIRO_COMPAT_MPT_VIRT_START)); -Index: xen-4.1.1-testing/xen/arch/x86/x86_64/traps.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/x86_64/traps.c -+++ xen-4.1.1-testing/xen/arch/x86/x86_64/traps.c +--- a/xen/arch/x86/x86_64/traps.c ++++ b/xen/arch/x86/x86_64/traps.c @@ -176,7 +176,8 @@ void show_page_walk(unsigned long addr) l4t = mfn_to_virt(mfn); l4e = l4t[l4_table_offset(addr)]; @@ -127,10 +115,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/x86_64/traps.c printk(" L1[0x%03lx] = %"PRIpte" %016lx\n", l1_table_offset(addr), l1e_get_intpte(l1e), pfn); } -Index: xen-4.1.1-testing/xen/include/asm-x86/mm.h -=================================================================== ---- xen-4.1.1-testing.orig/xen/include/asm-x86/mm.h -+++ xen-4.1.1-testing/xen/include/asm-x86/mm.h +--- a/xen/include/asm-x86/mm.h ++++ b/xen/include/asm-x86/mm.h @@ -467,6 +467,8 @@ TYPE_SAFE(unsigned long,mfn); #define SHARED_M2P_ENTRY (~0UL - 1UL) #define SHARED_M2P(_e) ((_e) == SHARED_M2P_ENTRY) diff --git a/xen-4.1.1-testing-src.tar.bz2 b/xen-4.1.1-testing-src.tar.bz2 index a76a1a4..99b64b2 100644 --- a/xen-4.1.1-testing-src.tar.bz2 +++ b/xen-4.1.1-testing-src.tar.bz2 @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:fe402be2467f4d333366ed3cccb584f55bea31d72f2c8ed9bc90d1ae32d77dfc -size 10774044 +oid sha256:2bd99e6fdffe8c32e01470118ad565da9e519f35d9191d01ea29cdba996093f0 +size 10774385 diff --git a/xen-config.diff b/xen-config.diff index 24aa8bb..7596707 100644 --- a/xen-config.diff +++ b/xen-config.diff @@ -9,9 +9,9 @@ Index: xen-4.1.1-testing/Config.mk -CONFIG_QEMU ?= $(QEMU_REMOTE) +CONFIG_QEMU ?= ioemu-qemu-xen - QEMU_TAG := xen-4.1.1-rc1 + QEMU_TAG := xen-4.1.1 #QEMU_TAG ?= e073e69457b4d99b6da0b6536296e3498f7f6599 -@@ -204,7 +204,7 @@ QEMU_TAG := xen-4.1.1-rc1 +@@ -204,7 +204,7 @@ QEMU_TAG := xen-4.1.1 # Optional components XENSTAT_XENTOP ?= y VTPM_TOOLS ?= n diff --git a/xen-utils-0.1.tar.bz2 b/xen-utils-0.1.tar.bz2 index c4e0360..96576f8 100644 --- a/xen-utils-0.1.tar.bz2 +++ b/xen-utils-0.1.tar.bz2 @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:fd14ba8dac0acc960105eed40d9b4044f2ec551a976a5709d363fb5ac0027353 -size 6812 +oid sha256:3a4144a91d26495e1307de8e03c3a077f2f23a38e794bd601f92a20de759bdb6 +size 8368 diff --git a/xen-warnings-unused.diff b/xen-warnings-unused.diff index 9080395..8b0d170 100644 --- a/xen-warnings-unused.diff +++ b/xen-warnings-unused.diff @@ -1,7 +1,5 @@ -Index: xen-4.1.1-testing/tools/libxc/xc_tmem.c -=================================================================== ---- xen-4.1.1-testing.orig/tools/libxc/xc_tmem.c -+++ xen-4.1.1-testing/tools/libxc/xc_tmem.c +--- a/tools/libxc/xc_tmem.c ++++ b/tools/libxc/xc_tmem.c @@ -390,7 +390,8 @@ static int xc_tmem_restore_new_pool( int xc_tmem_restore(xc_interface *xch, int dom, int io_fd) @@ -12,10 +10,8 @@ Index: xen-4.1.1-testing/tools/libxc/xc_tmem.c uint32_t this_max_pools, this_version; uint32_t pool_id; uint32_t minusone; -Index: xen-4.1.1-testing/tools/libxc/xc_domain_restore.c -=================================================================== ---- xen-4.1.1-testing.orig/tools/libxc/xc_domain_restore.c -+++ xen-4.1.1-testing/tools/libxc/xc_domain_restore.c +--- a/tools/libxc/xc_domain_restore.c ++++ b/tools/libxc/xc_domain_restore.c @@ -1087,7 +1087,6 @@ int xc_domain_restore(xc_interface *xch, int vcpuextstate = 0; uint32_t vcpuextstate_size = 0; @@ -24,7 +20,7 @@ Index: xen-4.1.1-testing/tools/libxc/xc_domain_restore.c int nraces = 0; /* The new domain's shared-info frame number. */ -@@ -1255,7 +1254,6 @@ int xc_domain_restore(xc_interface *xch, +@@ -1251,7 +1250,6 @@ int xc_domain_restore(xc_interface *xch, * Now simply read each saved frame into its new machine frame. * We uncanonicalise page tables as we go. */ @@ -32,10 +28,8 @@ Index: xen-4.1.1-testing/tools/libxc/xc_domain_restore.c n = m = 0; loadpages: -Index: xen-4.1.1-testing/tools/misc/gtraceview.c -=================================================================== ---- xen-4.1.1-testing.orig/tools/misc/gtraceview.c -+++ xen-4.1.1-testing/tools/misc/gtraceview.c +--- a/tools/misc/gtraceview.c ++++ b/tools/misc/gtraceview.c @@ -622,7 +622,8 @@ void crt_init(void) void nr_addch(int nr, int ch) { @@ -46,10 +40,8 @@ Index: xen-4.1.1-testing/tools/misc/gtraceview.c getyx(stdscr, y, x); for (i = 0; i < nr; i++) { if (x == COLS-1) -Index: xen-4.1.1-testing/tools/xcutils/xc_restore.c -=================================================================== ---- xen-4.1.1-testing.orig/tools/xcutils/xc_restore.c -+++ xen-4.1.1-testing/tools/xcutils/xc_restore.c +--- a/tools/xcutils/xc_restore.c ++++ b/tools/xcutils/xc_restore.c @@ -19,7 +19,8 @@ int main(int argc, char **argv) { @@ -60,10 +52,8 @@ Index: xen-4.1.1-testing/tools/xcutils/xc_restore.c xc_interface *xch; int io_fd, ret; int superpages; -Index: xen-4.1.1-testing/tools/firmware/rombios/32bit/tcgbios/tcgbios.c -=================================================================== ---- xen-4.1.1-testing.orig/tools/firmware/rombios/32bit/tcgbios/tcgbios.c -+++ xen-4.1.1-testing/tools/firmware/rombios/32bit/tcgbios/tcgbios.c +--- a/tools/firmware/rombios/32bit/tcgbios/tcgbios.c ++++ b/tools/firmware/rombios/32bit/tcgbios/tcgbios.c @@ -1064,7 +1064,7 @@ uint32_t HashLogEvent32(struct hlei *hle uint32_t rc = 0; uint16_t size; @@ -73,10 +63,8 @@ Index: xen-4.1.1-testing/tools/firmware/rombios/32bit/tcgbios/tcgbios.c uint32_t hashdataptr; uint32_t hashdatalen; -Index: xen-4.1.1-testing/tools/console/client/main.c -=================================================================== ---- xen-4.1.1-testing.orig/tools/console/client/main.c -+++ xen-4.1.1-testing/tools/console/client/main.c +--- a/tools/console/client/main.c ++++ b/tools/console/client/main.c @@ -277,7 +277,8 @@ int main(int argc, char **argv) }; @@ -87,10 +75,8 @@ Index: xen-4.1.1-testing/tools/console/client/main.c struct xs_handle *xs; char *end; console_type type = CONSOLE_INVAL; -Index: xen-4.1.1-testing/tools/xenstat/xentop/xentop.c -=================================================================== ---- xen-4.1.1-testing.orig/tools/xenstat/xentop/xentop.c -+++ xen-4.1.1-testing/tools/xenstat/xentop/xentop.c +--- a/tools/xenstat/xentop/xentop.c ++++ b/tools/xenstat/xentop/xentop.c @@ -272,7 +272,8 @@ static void fail(const char *str) /* Return the row containing the cursor. */ static int current_row(void) @@ -111,11 +97,9 @@ Index: xen-4.1.1-testing/tools/xenstat/xentop/xentop.c getmaxyx(stdscr, y, x); return y; } -Index: xen-4.1.1-testing/tools/libxl/libxlu_cfg.c -=================================================================== ---- xen-4.1.1-testing.orig/tools/libxl/libxlu_cfg.c -+++ xen-4.1.1-testing/tools/libxl/libxlu_cfg.c -@@ -348,7 +348,7 @@ char *xlu__cfgl_dequote(CfgParseContext +--- a/tools/libxl/libxlu_cfg.c ++++ b/tools/libxl/libxlu_cfg.c +@@ -348,7 +348,7 @@ char *xlu__cfgl_dequote(CfgParseContext #define NUMERIC_CHAR(minlen,maxlen,base,basetext) do{ \ char numbuf[(maxlen)+1], *ep; \ @@ -124,11 +108,9 @@ Index: xen-4.1.1-testing/tools/libxl/libxlu_cfg.c \ strncpy(numbuf,p,(maxlen)); \ numbuf[(maxlen)]= 0; \ -Index: xen-4.1.1-testing/tools/libxl/libxl.c -=================================================================== ---- xen-4.1.1-testing.orig/tools/libxl/libxl.c -+++ xen-4.1.1-testing/tools/libxl/libxl.c -@@ -221,7 +221,7 @@ int libxl_domain_rename(libxl_ctx *ctx, +--- a/tools/libxl/libxl.c ++++ b/tools/libxl/libxl.c +@@ -221,7 +221,7 @@ int libxl_domain_rename(libxl_ctx *ctx, int libxl_domain_resume(libxl_ctx *ctx, uint32_t domid) { libxl__gc gc = LIBXL_INIT_GC(ctx); @@ -155,10 +137,8 @@ Index: xen-4.1.1-testing/tools/libxl/libxl.c libxl__sprintf(&gc, "%s/device/vif", dompath), &nb_nics); if (!l) goto err; -Index: xen-4.1.1-testing/tools/libxl/libxl_pci.c -=================================================================== ---- xen-4.1.1-testing.orig/tools/libxl/libxl_pci.c -+++ xen-4.1.1-testing/tools/libxl/libxl_pci.c +--- a/tools/libxl/libxl_pci.c ++++ b/tools/libxl/libxl_pci.c @@ -240,7 +240,7 @@ static int libxl_create_pci_backend(libx flexarray_t *front = NULL; flexarray_t *back = NULL; @@ -177,10 +157,8 @@ Index: xen-4.1.1-testing/tools/libxl/libxl_pci.c LIBXL__LOG(ctx, LIBXL__LOG_DEBUG, "Creating pci backend"); /* add pci device */ -Index: xen-4.1.1-testing/tools/libxl/libxl_dom.c -=================================================================== ---- xen-4.1.1-testing.orig/tools/libxl/libxl_dom.c -+++ xen-4.1.1-testing/tools/libxl/libxl_dom.c +--- a/tools/libxl/libxl_dom.c ++++ b/tools/libxl/libxl_dom.c @@ -265,14 +265,13 @@ int libxl__build_hvm(libxl_ctx *ctx, uin libxl_domain_build_info *info, libxl_domain_build_state *state) { @@ -205,10 +183,8 @@ Index: xen-4.1.1-testing/tools/libxl/libxl_dom.c out: libxl__free_all(&gc); return 0; -Index: xen-4.1.1-testing/tools/libxl/libxl_utils.c -=================================================================== ---- xen-4.1.1-testing.orig/tools/libxl/libxl_utils.c -+++ xen-4.1.1-testing/tools/libxl/libxl_utils.c +--- a/tools/libxl/libxl_utils.c ++++ b/tools/libxl/libxl_utils.c @@ -531,7 +531,7 @@ int libxl_devid_to_device_disk(libxl_ctx libxl__gc gc = LIBXL_INIT_GC(ctx); char *endptr, *val; @@ -218,10 +194,8 @@ Index: xen-4.1.1-testing/tools/libxl/libxl_utils.c int rc = ERROR_INVAL; devid_n = strtoul(devid, &endptr, 10); -Index: xen-4.1.1-testing/tools/libxl/xl_cmdimpl.c -=================================================================== ---- xen-4.1.1-testing.orig/tools/libxl/xl_cmdimpl.c -+++ xen-4.1.1-testing/tools/libxl/xl_cmdimpl.c +--- a/tools/libxl/xl_cmdimpl.c ++++ b/tools/libxl/xl_cmdimpl.c @@ -5448,7 +5448,7 @@ int main_cpupoollist(int argc, char **ar {"cpus", 0, 0, 'c'}, {0, 0, 0, 0} @@ -231,10 +205,8 @@ Index: xen-4.1.1-testing/tools/libxl/xl_cmdimpl.c int opt_cpus = 0; const char *pool = NULL; libxl_cpupoolinfo *poolinfo; -Index: xen-4.1.1-testing/tools/debugger/gdbsx/gx/gx_comm.c -=================================================================== ---- xen-4.1.1-testing.orig/tools/debugger/gdbsx/gx/gx_comm.c -+++ xen-4.1.1-testing/tools/debugger/gdbsx/gx/gx_comm.c +--- a/tools/debugger/gdbsx/gx/gx_comm.c ++++ b/tools/debugger/gdbsx/gx/gx_comm.c @@ -163,7 +163,7 @@ readchar(void) static char buf[BUFSIZ]; static int bufcnt = 0; @@ -244,10 +216,8 @@ Index: xen-4.1.1-testing/tools/debugger/gdbsx/gx/gx_comm.c if (bufcnt-- > 0) return *bufp++ & 0x7f; -Index: xen-4.1.1-testing/tools/python/xen/lowlevel/checkpoint/libcheckpoint.c -=================================================================== ---- xen-4.1.1-testing.orig/tools/python/xen/lowlevel/checkpoint/libcheckpoint.c -+++ xen-4.1.1-testing/tools/python/xen/lowlevel/checkpoint/libcheckpoint.c +--- a/tools/python/xen/lowlevel/checkpoint/libcheckpoint.c ++++ b/tools/python/xen/lowlevel/checkpoint/libcheckpoint.c @@ -820,7 +820,7 @@ static int create_suspend_thread(checkpo static void stop_suspend_thread(checkpoint_state* s) @@ -257,10 +227,8 @@ Index: xen-4.1.1-testing/tools/python/xen/lowlevel/checkpoint/libcheckpoint.c s->done = 1; -Index: xen-4.1.1-testing/tools/python/xen/lowlevel/netlink/libnetlink.c -=================================================================== ---- xen-4.1.1-testing.orig/tools/python/xen/lowlevel/netlink/libnetlink.c -+++ xen-4.1.1-testing/tools/python/xen/lowlevel/netlink/libnetlink.c +--- a/tools/python/xen/lowlevel/netlink/libnetlink.c ++++ b/tools/python/xen/lowlevel/netlink/libnetlink.c @@ -433,7 +433,8 @@ int rtnl_from_file(FILE *rtnl, rtnl_filt nladdr.nl_groups = 0; @@ -271,10 +239,8 @@ Index: xen-4.1.1-testing/tools/python/xen/lowlevel/netlink/libnetlink.c int l; status = fread(&buf, 1, sizeof(*h), rtnl); -Index: xen-4.1.1-testing/xen/arch/x86/msi.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/msi.c -+++ xen-4.1.1-testing/xen/arch/x86/msi.c +--- a/xen/arch/x86/msi.c ++++ b/xen/arch/x86/msi.c @@ -745,7 +745,7 @@ static void __pci_disable_msi(struct msi { struct pci_dev *dev; @@ -284,10 +250,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/msi.c u8 bus, slot, func; dev = entry->dev; -Index: xen-4.1.1-testing/xen/arch/x86/microcode_amd.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/microcode_amd.c -+++ xen-4.1.1-testing/xen/arch/x86/microcode_amd.c +--- a/xen/arch/x86/microcode_amd.c ++++ b/xen/arch/x86/microcode_amd.c @@ -164,7 +164,7 @@ static int apply_microcode(int cpu) static int get_next_ucode_from_buffer_amd(void *mc, const void *buf, size_t size, unsigned long *offset) @@ -297,10 +261,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/microcode_amd.c size_t total_size; const uint8_t *bufp = buf; unsigned long off; -Index: xen-4.1.1-testing/xen/common/cpupool.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/common/cpupool.c -+++ xen-4.1.1-testing/xen/common/cpupool.c +--- a/xen/common/cpupool.c ++++ b/xen/common/cpupool.c @@ -356,7 +356,7 @@ int cpupool_add_domain(struct domain *d, { struct cpupool *c; @@ -321,10 +283,8 @@ Index: xen-4.1.1-testing/xen/common/cpupool.c if ( d->cpupool == NULL ) return; -Index: xen-4.1.1-testing/xen/common/grant_table.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/common/grant_table.c -+++ xen-4.1.1-testing/xen/common/grant_table.c +--- a/xen/common/grant_table.c ++++ b/xen/common/grant_table.c @@ -765,7 +765,7 @@ __gnttab_unmap_common( struct domain *ld, *rd; struct active_grant_entry *act; @@ -334,10 +294,8 @@ Index: xen-4.1.1-testing/xen/common/grant_table.c ld = current->domain; -Index: xen-4.1.1-testing/xen/common/kexec.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/common/kexec.c -+++ xen-4.1.1-testing/xen/common/kexec.c +--- a/xen/common/kexec.c ++++ b/xen/common/kexec.c @@ -563,7 +563,8 @@ static int kexec_exec(XEN_GUEST_HANDLE(v { xen_kexec_exec_t exec; @@ -348,10 +306,8 @@ Index: xen-4.1.1-testing/xen/common/kexec.c if ( unlikely(copy_from_guest(&exec, uarg, 1)) ) return -EFAULT; -Index: xen-4.1.1-testing/xen/drivers/passthrough/vtd/intremap.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/drivers/passthrough/vtd/intremap.c -+++ xen-4.1.1-testing/xen/drivers/passthrough/vtd/intremap.c +--- a/xen/drivers/passthrough/vtd/intremap.c ++++ b/xen/drivers/passthrough/vtd/intremap.c @@ -367,7 +367,7 @@ unsigned int io_apic_read_remap_rte( unsigned int ioapic_pin = (reg - 0x10) / 2; int index; @@ -370,10 +326,8 @@ Index: xen-4.1.1-testing/xen/drivers/passthrough/vtd/intremap.c iommu = drhd->iommu; qi_ctrl = iommu_qi_ctrl(iommu); -Index: xen-4.1.1-testing/xen/common/sched_credit2.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/common/sched_credit2.c -+++ xen-4.1.1-testing/xen/common/sched_credit2.c +--- a/xen/common/sched_credit2.c ++++ b/xen/common/sched_credit2.c @@ -1854,7 +1854,8 @@ static void deactivate_runqueue(struct c static void init_pcpu(const struct scheduler *ops, int cpu) @@ -384,11 +338,9 @@ Index: xen-4.1.1-testing/xen/common/sched_credit2.c struct csched_private *prv = CSCHED_PRIV(ops); struct csched_runqueue_data *rqd; spinlock_t *old_lock; -Index: xen-4.1.1-testing/xen/common/unlzo.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/common/unlzo.c -+++ xen-4.1.1-testing/xen/common/unlzo.c -@@ -68,7 +68,7 @@ static int INIT parse_header(u8 *input, +--- a/xen/common/unlzo.c ++++ b/xen/common/unlzo.c +@@ -68,7 +68,7 @@ static int INIT parse_header(u8 *input, { int l; u8 *parse = input; @@ -397,10 +349,8 @@ Index: xen-4.1.1-testing/xen/common/unlzo.c u16 version; /* read magic: 9 first bits */ -Index: xen-4.1.1-testing/xen/arch/x86/time.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/time.c -+++ xen-4.1.1-testing/xen/arch/x86/time.c +--- a/xen/arch/x86/time.c ++++ b/xen/arch/x86/time.c @@ -1001,7 +1001,8 @@ static void local_time_calibration(void) * System timestamps, extrapolated from local and master oscillators, * taken during this calibration and the previous calibration. @@ -411,10 +361,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/time.c s_time_t prev_master_stime, curr_master_stime; /* TSC timestamps taken during this calibration and prev calibration. */ -Index: xen-4.1.1-testing/xen/arch/x86/cpu/amd.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/cpu/amd.c -+++ xen-4.1.1-testing/xen/arch/x86/cpu/amd.c +--- a/xen/arch/x86/cpu/amd.c ++++ b/xen/arch/x86/cpu/amd.c @@ -348,7 +348,7 @@ static void __devinit init_amd(struct cp { u32 l, h; @@ -424,11 +372,9 @@ Index: xen-4.1.1-testing/xen/arch/x86/cpu/amd.c #ifdef CONFIG_SMP unsigned long long value; -Index: xen-4.1.1-testing/xen/arch/x86/mm/p2m.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/mm/p2m.c -+++ xen-4.1.1-testing/xen/arch/x86/mm/p2m.c -@@ -2338,7 +2338,7 @@ p2m_remove_page(struct p2m_domain *p2m, +--- a/xen/arch/x86/mm/p2m.c ++++ b/xen/arch/x86/mm/p2m.c +@@ -2338,7 +2338,7 @@ p2m_remove_page(struct p2m_domain *p2m, unsigned int page_order) { unsigned long i; @@ -446,10 +392,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/mm/p2m.c int pod_count = 0; int rc = 0; -Index: xen-4.1.1-testing/xen/arch/x86/hvm/emulate.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/hvm/emulate.c -+++ xen-4.1.1-testing/xen/arch/x86/hvm/emulate.c +--- a/xen/arch/x86/hvm/emulate.c ++++ b/xen/arch/x86/hvm/emulate.c @@ -59,7 +59,7 @@ static int hvmemul_do_io( ioreq_t *p = get_ioreq(curr); unsigned long ram_gfn = paddr_to_pfn(ram_gpa); @@ -459,10 +403,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/hvm/emulate.c int rc; /* Check for paged out page */ -Index: xen-4.1.1-testing/xen/arch/x86/hvm/hvm.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/hvm/hvm.c -+++ xen-4.1.1-testing/xen/arch/x86/hvm/hvm.c +--- a/xen/arch/x86/hvm/hvm.c ++++ b/xen/arch/x86/hvm/hvm.c @@ -253,7 +253,8 @@ void hvm_migrate_timers(struct vcpu *v) void hvm_migrate_pirqs(struct vcpu *v) @@ -473,7 +415,7 @@ Index: xen-4.1.1-testing/xen/arch/x86/hvm/hvm.c struct irq_desc *desc; struct domain *d = v->domain; struct hvm_irq_dpci *hvm_irq_dpci = d->arch.hvm_domain.irq.dpci; -@@ -3582,7 +3583,7 @@ long do_hvm_op(unsigned long op, XEN_GUE +@@ -3588,7 +3589,7 @@ long do_hvm_op(unsigned long op, XEN_GUE { p2m_type_t t; p2m_type_t nt; @@ -482,10 +424,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/hvm/hvm.c mfn = gfn_to_mfn_unshare(p2m, pfn, &t, 0); if ( p2m_is_paging(t) ) { -Index: xen-4.1.1-testing/xen/arch/x86/acpi/cpu_idle.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/acpi/cpu_idle.c -+++ xen-4.1.1-testing/xen/arch/x86/acpi/cpu_idle.c +--- a/xen/arch/x86/acpi/cpu_idle.c ++++ b/xen/arch/x86/acpi/cpu_idle.c @@ -273,7 +273,7 @@ static void acpi_processor_ffh_cstate_en static void acpi_idle_do_entry(struct acpi_processor_cx *cx) @@ -495,10 +435,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/acpi/cpu_idle.c switch ( cx->entry_method ) { -Index: xen-4.1.1-testing/xen/arch/x86/cpu/intel.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/cpu/intel.c -+++ xen-4.1.1-testing/xen/arch/x86/cpu/intel.c +--- a/xen/arch/x86/cpu/intel.c ++++ b/xen/arch/x86/cpu/intel.c @@ -35,7 +35,7 @@ struct movsl_mask movsl_mask __read_most */ static void __devinit set_cpuidmask(const struct cpuinfo_x86 *c) @@ -508,10 +446,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/cpu/intel.c if (!~(opt_cpuid_mask_ecx & opt_cpuid_mask_edx & opt_cpuid_mask_ext_ecx & opt_cpuid_mask_ext_edx)) -Index: xen-4.1.1-testing/xen/arch/x86/cpu/intel_cacheinfo.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/cpu/intel_cacheinfo.c -+++ xen-4.1.1-testing/xen/arch/x86/cpu/intel_cacheinfo.c +--- a/xen/arch/x86/cpu/intel_cacheinfo.c ++++ b/xen/arch/x86/cpu/intel_cacheinfo.c @@ -170,7 +170,8 @@ unsigned int __cpuinit init_intel_cachei unsigned int trace = 0, l1i = 0, l1d = 0, l2 = 0, l3 = 0; /* Cache sizes */ unsigned int new_l1d = 0, new_l1i = 0; /* Cache sizes from cpuid(4) */ @@ -522,11 +458,9 @@ Index: xen-4.1.1-testing/xen/arch/x86/cpu/intel_cacheinfo.c if (c->cpuid_level > 3) { static int is_initialized; -Index: xen-4.1.1-testing/xen/arch/x86/mm/mem_sharing.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/mm/mem_sharing.c -+++ xen-4.1.1-testing/xen/arch/x86/mm/mem_sharing.c -@@ -376,7 +376,7 @@ int mem_sharing_debug_gfn(struct domain +--- a/xen/arch/x86/mm/mem_sharing.c ++++ b/xen/arch/x86/mm/mem_sharing.c +@@ -376,7 +376,7 @@ int mem_sharing_debug_gfn(struct domain { p2m_type_t p2mt; mfn_t mfn; @@ -535,10 +469,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/mm/mem_sharing.c mfn = gfn_to_mfn(p2m_get_hostp2m(d), gfn, &p2mt); page = mfn_to_page(mfn); -Index: xen-4.1.1-testing/xen/arch/x86/hvm/viridian.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/hvm/viridian.c -+++ xen-4.1.1-testing/xen/arch/x86/hvm/viridian.c +--- a/xen/arch/x86/hvm/viridian.c ++++ b/xen/arch/x86/hvm/viridian.c @@ -270,7 +270,7 @@ int rdmsr_viridian_regs(uint32_t idx, ui int viridian_hypercall(struct cpu_user_regs *regs) { @@ -548,10 +480,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/hvm/viridian.c uint16_t status = HV_STATUS_SUCCESS; union hypercall_input { -Index: xen-4.1.1-testing/xen/arch/x86/mm.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/mm.c -+++ xen-4.1.1-testing/xen/arch/x86/mm.c +--- a/xen/arch/x86/mm.c ++++ b/xen/arch/x86/mm.c @@ -4900,7 +4900,7 @@ static int ptwr_emulated_update( { unsigned long mfn; @@ -561,10 +491,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/mm.c l1_pgentry_t pte, ol1e, nl1e, *pl1e; struct vcpu *v = current; struct domain *d = v->domain; -Index: xen-4.1.1-testing/xen/arch/x86/x86_64/mm.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/x86_64/mm.c -+++ xen-4.1.1-testing/xen/arch/x86/x86_64/mm.c +--- a/xen/arch/x86/x86_64/mm.c ++++ b/xen/arch/x86/x86_64/mm.c @@ -435,7 +435,8 @@ void destroy_m2p_mapping(struct mem_hota static int setup_compat_m2p_table(struct mem_hotadd_info *info) { @@ -575,10 +503,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/x86_64/mm.c l3_pgentry_t *l3_ro_mpt = NULL; l2_pgentry_t *l2_ro_mpt = NULL; struct page_info *l1_pg; -Index: xen-4.1.1-testing/xen/arch/x86/cpu/mcheck/mce.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/cpu/mcheck/mce.c -+++ xen-4.1.1-testing/xen/arch/x86/cpu/mcheck/mce.c +--- a/xen/arch/x86/cpu/mcheck/mce.c ++++ b/xen/arch/x86/cpu/mcheck/mce.c @@ -151,7 +151,6 @@ static struct mcinfo_bank *mca_init_bank struct mc_info *mi, int bank) { @@ -595,7 +521,7 @@ Index: xen-4.1.1-testing/xen/arch/x86/cpu/mcheck/mce.c if (mib->mc_status & MCi_STATUS_MISCV) mib->mc_misc = mca_rdmsr(MSR_IA32_MCx_MISC(bank)); -@@ -281,7 +279,7 @@ mctelem_cookie_t mcheck_mca_logout(enum +@@ -281,7 +279,7 @@ mctelem_cookie_t mcheck_mca_logout(enum recover = (mc_recoverable_scan)? 1: 0; for (i = 0; i < 32 && i < nr_mce_banks; i++) { @@ -613,10 +539,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/cpu/mcheck/mce.c uint64_t hwcr = 0; int intpose; int i; -Index: xen-4.1.1-testing/xen/common/tmem.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/common/tmem.c -+++ xen-4.1.1-testing/xen/common/tmem.c +--- a/xen/common/tmem.c ++++ b/xen/common/tmem.c @@ -1351,7 +1351,8 @@ obj_unlock: static int tmem_evict(void) { @@ -637,10 +561,8 @@ Index: xen-4.1.1-testing/xen/common/tmem.c client_t *client = pool->client; int ret = client->frozen ? -EFROZEN : -ENOMEM; -Index: xen-4.1.1-testing/xen/common/tmem_xen.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/common/tmem_xen.c -+++ xen-4.1.1-testing/xen/common/tmem_xen.c +--- a/xen/common/tmem_xen.c ++++ b/xen/common/tmem_xen.c @@ -177,7 +177,7 @@ EXPORT int tmh_copy_from_client(pfp_t *p EXPORT int tmh_compress_from_client(tmem_cli_mfn_t cmfn, void **out_va, size_t *out_len, void *cli_va) @@ -678,10 +600,8 @@ Index: xen-4.1.1-testing/xen/common/tmem_xen.c tmh->persistent_pool = xmem_pool_create(name, tmh_persistent_pool_page_get, tmh_persistent_pool_page_put, PAGE_SIZE, 0, PAGE_SIZE); if ( tmh->persistent_pool == NULL ) -Index: xen-4.1.1-testing/xen/arch/x86/cpu/mcheck/vmce.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/cpu/mcheck/vmce.c -+++ xen-4.1.1-testing/xen/arch/x86/cpu/mcheck/vmce.c +--- a/xen/arch/x86/cpu/mcheck/vmce.c ++++ b/xen/arch/x86/cpu/mcheck/vmce.c @@ -574,7 +574,7 @@ int is_vmce_ready(struct mcinfo_bank *ba */ int unmmap_broken_page(struct domain *d, mfn_t mfn, unsigned long gfn) @@ -691,11 +611,9 @@ Index: xen-4.1.1-testing/xen/arch/x86/cpu/mcheck/vmce.c struct p2m_domain *p2m; p2m_type_t pt; -Index: xen-4.1.1-testing/xen/arch/x86/mm/shadow/multi.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/mm/shadow/multi.c -+++ xen-4.1.1-testing/xen/arch/x86/mm/shadow/multi.c -@@ -124,7 +124,7 @@ set_shadow_status(struct vcpu *v, mfn_t +--- a/xen/arch/x86/mm/shadow/multi.c ++++ b/xen/arch/x86/mm/shadow/multi.c +@@ -124,7 +124,7 @@ set_shadow_status(struct vcpu *v, mfn_t /* Put a shadow into the hash table */ { struct domain *d = v->domain; @@ -713,10 +631,8 @@ Index: xen-4.1.1-testing/xen/arch/x86/mm/shadow/multi.c shadow_l1e_t *sl1p, sl1e; struct page_info *sp; -Index: xen-4.1.1-testing/xen/arch/x86/domain_build.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/domain_build.c -+++ xen-4.1.1-testing/xen/arch/x86/domain_build.c +--- a/xen/arch/x86/domain_build.c ++++ b/xen/arch/x86/domain_build.c @@ -375,8 +375,7 @@ int __init construct_dom0( return rc; @@ -727,11 +643,9 @@ Index: xen-4.1.1-testing/xen/arch/x86/domain_build.c machine = elf_uval(&elf, elf.ehdr, e_machine); switch (CONFIG_PAGING_LEVELS) { case 3: /* x86_32p */ -Index: xen-4.1.1-testing/xen/arch/x86/traps.c -=================================================================== ---- xen-4.1.1-testing.orig/xen/arch/x86/traps.c -+++ xen-4.1.1-testing/xen/arch/x86/traps.c -@@ -1742,7 +1742,11 @@ static int emulate_privileged_op(struct +--- a/xen/arch/x86/traps.c ++++ b/xen/arch/x86/traps.c +@@ -1784,7 +1784,11 @@ static int emulate_privileged_op(struct struct vcpu *v = current; unsigned long *reg, eip = regs->eip; u8 opcode, modrm_reg = 0, modrm_rm = 0, rep_prefix = 0, lock = 0, rex = 0; diff --git a/xen.changes b/xen.changes index 4f6192a..ef78797 100644 --- a/xen.changes +++ b/xen.changes @@ -1,3 +1,56 @@ +------------------------------------------------------------------- +Fri Jun 17 06:37:36 MDT 2011 - carnold@novell.com + +- fate#309893: Add Xen support for AMD family 15h processors +- fate#309901: Add Xen support for SVM TSC scaling in AMD family + 15h +- fate#311951: Ivy Bridge: XEN support for Supervisor Mode + Execution Protection (SMEP) + 23437-amd-fam15-TSC-scaling.patch + 23462-libxc-cpu-feature.patch + 23481-x86-SMEP.patch + 23504-x86-SMEP-hvm.patch + 23505-x86-cpu-add-arg-check.patch + 23508-vmx-proc-based-ctls-probe.patch + 23510-hvm-cpuid-DRNG.patch + 23511-amd-fam15-no-flush-for-C3.patch + 23516-cpuid-ERMS.patch + 23538-hvm-pio-emul-no-host-crash.patch + 23539-hvm-cpuid-FSGSBASE.patch + 23543-x86_64-maddr_to_virt-assertion.patch + 23546-fucomip.patch + +------------------------------------------------------------------- +Wed Jun 15 15:31:17 MDT 2011 - jfehlig@novell.com + +- Fix libxc reentrancy issues + 23383-libxc-rm-static-vars.patch + +------------------------------------------------------------------- +Wed Jun 15 08:09:53 MDT 2011 - carnold@novell.com + +- fate#310957 - Update to Xen 4.1.1 FCS c/s 23079 + +------------------------------------------------------------------- +Tue Jun 14 11:26:30 CST 2011 - lidongyang@novell.com + +- fate#311000 - Extend Xen domain lock framework to support + more alternative + xend-domain-lock-sfex.patch + +------------------------------------------------------------------- +Mon Jun 13 14:50:32 CST 2011 - lidongyang@novell.com + +- fate#311371 - Enhance yast to configure live migration for + Xen and KVM + add firewall service file for xen-tools + +------------------------------------------------------------------- +Fri Jun 10 09:14:07 MDT 2011 - jfehlig@novell.com + +- Add man page for xen-list utility + updated xen-utils-0.1.tar.bz2 + ------------------------------------------------------------------- Thu May 26 06:36:49 MDT 2011 - carnold@novell.com diff --git a/xen.spec b/xen.spec index 4820733..d8f6005 100644 --- a/xen.spec +++ b/xen.spec @@ -22,10 +22,11 @@ Name: xen ExclusiveArch: %ix86 x86_64 %define xvers 4.1 %define xvermaj 4 -%define changeset 23064 +%define changeset 23079 %define xen_build_dir xen-4.1.1-testing %define with_kmp 1 %define with_stubdom 0 +%define _fwdefdir /etc/sysconfig/SuSEfirewall2.d/services %if %suse_version > 1140 %define with_xend 0 %else @@ -116,6 +117,8 @@ Source23: etc_pam.d_xen-api Source24: xenapiusers # sysconfig hook script for Xen Source25: xen-updown.sh +# Firewall service file for xend relocation server +Source26: xend-relocation-server.fw Source99: baselibs.conf # http://xenbits.xensource.com/ext/xenalyze Source20000: xenalyze.hg.tar.bz2 @@ -138,7 +141,20 @@ Patch15: 23304-amd-oprofile-strings.patch Patch16: 23305-amd-fam15-xenoprof.patch Patch17: 23306-amd-fam15-vpmu.patch Patch18: 23334-amd-fam12+14-vpmu.patch -Patch19: 23338-vtd-force-intremap.patch +Patch19: 23383-libxc-rm-static-vars.patch +Patch20: 23437-amd-fam15-TSC-scaling.patch +Patch21: 23462-libxc-cpu-feature.patch +Patch22: 23481-x86-SMEP.patch +Patch23: 23504-x86-SMEP-hvm.patch +Patch24: 23505-x86-cpu-add-arg-check.patch +Patch25: 23508-vmx-proc-based-ctls-probe.patch +Patch26: 23510-hvm-cpuid-DRNG.patch +Patch27: 23511-amd-fam15-no-flush-for-C3.patch +Patch28: 23516-cpuid-ERMS.patch +Patch29: 23538-hvm-pio-emul-no-host-crash.patch +Patch30: 23539-hvm-cpuid-FSGSBASE.patch +Patch31: 23543-x86_64-maddr_to_virt-assertion.patch +Patch32: 23546-fucomip.patch # Upstream qemu patches # Our patches Patch300: xen-config.diff @@ -232,6 +248,7 @@ Patch446: xend-disable-internal-logrotate.patch Patch447: xend-config-enable-dump-comment.patch # Jim's domain lock patch Patch450: xend-domain-lock.patch +Patch451: xend-domain-lock-sfex.patch # Hypervisor and PV driver Patches Patch500: 32on64-extra-mem.patch Patch501: x86-ioapic-ack-default.patch @@ -628,6 +645,19 @@ tar xfj %{SOURCE2} -C $RPM_BUILD_DIR/%{xen_build_dir}/tools %patch17 -p1 %patch18 -p1 %patch19 -p1 +%patch20 -p1 +%patch21 -p1 +%patch22 -p1 +%patch23 -p1 +%patch24 -p1 +%patch25 -p1 +%patch26 -p1 +%patch27 -p1 +%patch28 -p1 +%patch29 -p1 +%patch30 -p1 +%patch31 -p1 +%patch32 -p1 %patch300 -p1 %patch301 -p1 %patch302 -p1 @@ -714,6 +744,7 @@ tar xfj %{SOURCE2} -C $RPM_BUILD_DIR/%{xen_build_dir}/tools %patch446 -p1 %patch447 -p1 %patch450 -p1 +%patch451 -p1 %patch500 -p1 %patch501 -p1 %patch502 -p1 @@ -933,6 +964,10 @@ rm -f $RPM_BUILD_ROOT/%{_bindir}/qemu-nbd-xen # This is necessary because of the build of libconfig for libxl #rm -rf $RPM_BUILD_ROOT/$RPM_BUILD_ROOT rm -rf $RPM_BUILD_ROOT/%{_libdir}/debug +#install firewall definitions format is described here: +#/usr/share/SuSEfirewall2/services/TEMPLATE +mkdir -p $RPM_BUILD_ROOT/%{_fwdefdir} +install -m 644 %{S:26} $RPM_BUILD_ROOT/%{_fwdefdir}/xend-relocation-server %files %defattr(-,root,root) @@ -1088,6 +1123,7 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/debug /usr/lib/xen/boot/pv-grub-x86_64.gz %endif %endif +%config %{_fwdefdir}/xend-relocation-server %files tools-domU %defattr(-,root,root) diff --git a/xend-domain-lock-sfex.patch b/xend-domain-lock-sfex.patch new file mode 100644 index 0000000..f1c4ed3 --- /dev/null +++ b/xend-domain-lock-sfex.patch @@ -0,0 +1,351 @@ +Index: xen-4.1.1-testing/tools/examples/xend-config.sxp +=================================================================== +--- xen-4.1.1-testing.orig/tools/examples/xend-config.sxp ++++ xen-4.1.1-testing/tools/examples/xend-config.sxp +@@ -357,7 +357,7 @@ + # path // + # Return 0 on success, non-zero on error. + # +-# lock-util [-s] path" ++# lock-util [-s] -i path" + # -s Lock status. If lock is acquired, print any contents + # on stdout and return 0. Return non-zero if lock is + # available. +@@ -383,6 +383,11 @@ + # + #(xend-domain-lock-utility domain-lock) + ++# Some locking mechanism provide cluster wide locking service like sfex. ++# And that requires a shared locking device. ++#(xend-domain-lock-utility domain-lock-sfex) ++#(xend-domain-lock-device "/dev/iwmvg/hbdevice") ++ + # If we have a very big scsi device configuration, start of xend is slow, + # because xend scans all the device paths to build its internal PSCSI device + # list. If we need only a few devices for assigning to a guest, we can reduce +Index: xen-4.1.1-testing/tools/hotplug/Linux/Makefile +=================================================================== +--- xen-4.1.1-testing.orig/tools/hotplug/Linux/Makefile ++++ xen-4.1.1-testing/tools/hotplug/Linux/Makefile +@@ -23,6 +23,7 @@ XEN_SCRIPTS += xen-hotplug-cleanup + XEN_SCRIPTS += external-device-migrate + XEN_SCRIPTS += vscsi + XEN_SCRIPTS += domain-lock vm-monitor ++XEN_SCRIPTS += domain-lock-sfex + XEN_SCRIPT_DATA = xen-script-common.sh locking.sh logging.sh + XEN_SCRIPT_DATA += xen-hotplug-common.sh xen-network-common.sh vif-common.sh + XEN_SCRIPT_DATA += block-common.sh vtpm-common.sh vtpm-hotplug-common.sh +Index: xen-4.1.1-testing/tools/hotplug/Linux/domain-lock +=================================================================== +--- xen-4.1.1-testing.orig/tools/hotplug/Linux/domain-lock ++++ xen-4.1.1-testing/tools/hotplug/Linux/domain-lock +@@ -4,7 +4,7 @@ basedir=$(dirname "$0") + + usage() { + echo "usage: domain-lock [-l|-u] -n -i -p path" +- echo "usage: domain-lock [-s] path" ++ echo "usage: domain-lock [-s] -i path" + echo "" + echo "-l lock" + echo "-u unlock" +Index: xen-4.1.1-testing/tools/hotplug/Linux/domain-lock-sfex +=================================================================== +--- /dev/null ++++ xen-4.1.1-testing/tools/hotplug/Linux/domain-lock-sfex +@@ -0,0 +1,166 @@ ++#!/bin/bash ++ ++# pre-condition ++# 1. device is ready: logical volume activated if used ++# 2. device already initialized ++# 3. index is assigned correctly ++ ++#error code: ++# 0: success ++# 1: error ++ ++if [ `uname -m` = "x86_64" ]; then ++ SFEX_DAEMON=/usr/lib64/heartbeat/sfex_daemon ++else ++ SFEX_DAEMON=/usr/lib/heartbeat/sfex_daemon ++fi ++SFEX_INIT=/usr/sbin/sfex_init ++COLLISION_TIMEOUT=1 ++LOCK_TIMEOUT=3 ++MONITOR_INTERVAL=2 ++LOCAL_LOCK_FILE=/var/lock/sfex ++ ++usage() { ++ echo "usage: domain-lock-sfex [-l|-u|-s] -i -x " ++ echo "" ++ echo "-l lock" ++ echo "-u unlock" ++ echo "-s status (default)" ++ echo "-i Virtual Machine Id or UUID" ++ echo "-x SFEX device which used for sfex lock" ++ exit 1 ++} ++ ++get_lock_host() { ++ local rscname=$1 ++ local device=$2 ++ r=`$SFEX_DAEMON -s -u $rscname $device` ++ echo $r ++} ++ ++get_status() { ++ local rscname=$1 ++ if /usr/bin/pgrep -f "$SFEX_DAEMON .* ${rscname} " > /dev/null 2>&1; then ++ return 0 ++ else ++ return 1 ++ fi ++} ++ ++acquire_lock() { ++ local rscname=$1 ++ local device=$2 ++ get_status $rscname ++ ## We assume xend will take care to avoid starting same VM twice on the same machine. ++ if [ $? -eq 0 ]; then ++ return 0 ++ fi ++ $SFEX_DAEMON -c $COLLISION_TIMEOUT -t $LOCK_TIMEOUT -m $MONITOR_INTERVAL -u $rscname $device ++ rc=$? ++ if [ $rc -ne 0 ]; then ++ return $rc ++ fi ++ sleep 4 ++ get_status $rscname ++ if [ $? -eq 0 ]; then ++ return 0 ++ fi ++ return 1 ++} ++ ++# release has to success ++release_lock(){ ++ local rscname=$1 ++ ++ ## If the lock is already released ++ get_status $rscname ++ if [ $? -ne 0 ]; then ++ return 0 ++ fi ++ ++ pid=`/usr/bin/pgrep -f "$SFEX_DAEMON .* ${rscname} "` ++ /bin/kill $pid ++ ++ count=0 ++ while [ $count -lt 10 ] ++ do ++ get_status $rscname ++ if [ $? -eq 1 ]; then ++ return 0 ++ fi ++ count=`expr $count + 1` ++ sleep 1 ++ done ++ ++ /bin/kill -9 $pid ++ while : ++ do ++ get_status $rscname ++ if [ $? -eq 1 ]; then ++ break; ++ fi ++ sleep 1 ++ done ++ ++ return 0 ++} ++ ++mode="status" ++ ++while getopts ":lusn:i:p:x:" opt; do ++case $opt in ++l ) ++mode="lock" ++;; ++u ) ++mode="unlock" ++;; ++s ) ++mode="status" ++;; ++n ) ++vm_name=$OPTARG ++;; ++i ) ++vm_uuid=$OPTARG ++;; ++p ) ++vm_host=$OPTARG ++;; ++x ) ++vm_sfex_device=$OPTARG ++;; ++\? ) ++usage ++;; ++esac ++done ++ ++shift $(($OPTIND - 1)) ++[ -z $vm_uuid ] && usage ++[ -z $vm_sfex_device ] && usage ++ ++case $mode in ++lock ) ++ ( ++ flock -x 200 ++ acquire_lock $vm_uuid $vm_sfex_device ++ rc=$? ++ flock -u 200 ++ exit $rc ++ ) 200>$LOCAL_LOCK_FILE-$vm_uuid ++;; ++unlock ) ++ ( ++ flock -x 200 ++ release_lock $vm_uuid ++ rc=$? ++ flock -u 200 ++ exit $rc ++ ) 200>$LOCAL_LOCK_FILE-$vm_uuid ++;; ++status ) ++ get_lock_host $vm_uuid $vm_sfex_device ++;; ++esac ++ +Index: xen-4.1.1-testing/tools/python/xen/xend/XendDomainInfo.py +=================================================================== +--- xen-4.1.1-testing.orig/tools/python/xen/xend/XendDomainInfo.py ++++ xen-4.1.1-testing/tools/python/xen/xend/XendDomainInfo.py +@@ -4499,8 +4499,14 @@ class XendDomainInfo: + + # Return name of host contained in lock file. + def get_lock_host(self, path): +- fin = os.popen(xoptions.get_xend_domain_lock_utility() + \ +- ' -s ' + path, 'r') ++ lock_cmd = '%s -s -i %s ' % \ ++ (xoptions.get_xend_domain_lock_utility(), \ ++ self.info['uuid']) ++ lock_dev = xoptions.get_xend_domain_lock_device() ++ if lock_dev: ++ lock_cmd += '-x %d ' % lock_dev ++ lock_cmd += path ++ fin = os.popen(lock_cmd, 'r') + hostname = "unknown" + + try: +@@ -4522,6 +4528,16 @@ class XendDomainInfo: + path = xoptions.get_xend_domain_lock_path() + path = os.path.join(path, self.get_uuid()) + ++ lock_cmd = '%s -l -p %s -n %s -i %s ' % \ ++ (xoptions.get_xend_domain_lock_utility(), \ ++ XendNode.instance().get_name(), \ ++ self.info['name_label'], \ ++ self.info['uuid']) ++ lock_dev = xoptions.get_xend_domain_lock_device() ++ if lock_dev: ++ lock_cmd += '-x %d ' % lock_dev ++ lock_cmd += path ++ + try: + if not os.path.exists(path): + mkdir.parents(path, stat.S_IRWXU) +@@ -4529,12 +4545,7 @@ class XendDomainInfo: + log.exception("%s could not be created." % path) + raise XendError("%s could not be created." % path) + +- status = os.system('%s -l -p %s -n %s -i %s %s' % \ +- (xoptions.get_xend_domain_lock_utility(), \ +- XendNode.instance().get_name(), \ +- self.info['name_label'], \ +- self.info['uuid'], \ +- path)) ++ status = os.system(lock_cmd) >> 8 + if status != 0: + log.debug("Failed to aqcuire lock: status = %d" % status) + raise XendError("The VM is locked and appears to be running on host %s." % self.get_lock_host(path)) +@@ -4551,12 +4562,18 @@ class XendDomainInfo: + + path = xoptions.get_xend_domain_lock_path() + path = os.path.join(path, self.get_uuid()) +- status = os.system('%s -u -p %s -n %s -i %s %s' % \ +- (xoptions.get_xend_domain_lock_utility(), \ +- XendNode.instance().get_name(), \ +- dom_name, \ +- self.info['uuid'], \ +- path)) ++ ++ lock_cmd = '%s -u -p %s -n %s -i %s ' % \ ++ (xoptions.get_xend_domain_lock_utility(), \ ++ XendNode.instance().get_name(), \ ++ dom_name, \ ++ self.info['uuid']) ++ lock_dev = xoptions.get_xend_domain_lock_device() ++ if lock_dev: ++ lock_cmd += '-x %d ' % lock_dev ++ lock_cmd += path ++ ++ status = os.system(lock_cmd) >> 8 + if status != 0: + log.exception("Failed to release lock: status = %s" % status) + try: +Index: xen-4.1.1-testing/tools/python/xen/xend/XendNode.py +=================================================================== +--- xen-4.1.1-testing.orig/tools/python/xen/xend/XendNode.py ++++ xen-4.1.1-testing/tools/python/xen/xend/XendNode.py +@@ -162,6 +162,7 @@ class XendNode: + + self._init_cpu_pools() + ++ self._init_lock_devices() + + def _init_networks(self): + # Initialise networks +@@ -382,6 +383,17 @@ class XendNode: + XendCPUPool.recreate_active_pools() + + ++ def _init_lock_devices(self): ++ if xendoptions().get_xend_domain_lock(): ++ if xendoptions().get_xend_domain_lock_utility().endswith("domain-lock-sfex"): ++ lock_device = xendoptions().get_xend_domain_lock_device() ++ if not lock_device: ++ raise XendError("The block device for sfex is not properly configured") ++ status = os.system("lvchange -ay %s" % lock_device) >> 8 ++ if status != 0: ++ raise XendError("The block device for sfex could not be initialized") ++ ++ + def add_network(self, interface): + # TODO + log.debug("add_network(): Not implemented.") +Index: xen-4.1.1-testing/tools/python/xen/xend/XendOptions.py +=================================================================== +--- xen-4.1.1-testing.orig/tools/python/xen/xend/XendOptions.py ++++ xen-4.1.1-testing/tools/python/xen/xend/XendOptions.py +@@ -164,6 +164,9 @@ class XendOptions: + """Default script to acquire/release domain lock""" + xend_domain_lock_utility = auxbin.scripts_dir() + "/domain-lock" + ++ """Default block device for lock service""" ++ xend_domain_lock_device = "" ++ + + def __init__(self): + self.configure() +@@ -430,6 +433,8 @@ class XendOptions: + else: + return self.xend_domain_lock_utility + ++ def get_xend_domain_lock_device(self): ++ return self.get_config_string('xend-domain-lock-device', self.xend_domain_lock_device) + + def get_vnc_tls(self): + return self.get_config_string('vnc-tls', self.xend_vnc_tls) diff --git a/xend-relocation-server.fw b/xend-relocation-server.fw new file mode 100644 index 0000000..ab934d8 --- /dev/null +++ b/xend-relocation-server.fw @@ -0,0 +1,4 @@ +## Name: Xend Relocation Server +## Description: Enables xend relocation service + +TCP="8002 8003"