direct-io.hg

changeset 11388:50aea0ec406b

Merge with xenppc-unstable-merge.hg.
author kaf24@firebug.cl.cam.ac.uk
date Wed Aug 30 22:36:18 2006 +0100 (2006-08-30)
parents e01441c9a607 74db626d2fcf
children 11626efd003c 4fdf5151b187
files
line diff
     1.1 --- a/linux-2.6-xen-sparse/arch/ia64/dig/setup.c	Wed Aug 30 14:09:31 2006 -0500
     1.2 +++ b/linux-2.6-xen-sparse/arch/ia64/dig/setup.c	Wed Aug 30 22:36:18 2006 +0100
     1.3 @@ -69,7 +69,7 @@ dig_setup (char **cmdline_p)
     1.4  	screen_info.orig_video_isVGA = 1;	/* XXX fake */
     1.5  	screen_info.orig_video_ega_bx = 3;	/* XXX fake */
     1.6  #ifdef CONFIG_XEN
     1.7 -	if (!is_running_on_xen())
     1.8 +	if (!is_running_on_xen() || !is_initial_xendomain())
     1.9  		return;
    1.10  
    1.11  	if (xen_start_info->console.dom0.info_size >=
     2.1 --- a/linux-2.6-xen-sparse/arch/ia64/kernel/setup.c	Wed Aug 30 14:09:31 2006 -0500
     2.2 +++ b/linux-2.6-xen-sparse/arch/ia64/kernel/setup.c	Wed Aug 30 22:36:18 2006 +0100
     2.3 @@ -560,7 +560,9 @@ setup_arch (char **cmdline_p)
     2.4  
     2.5  	platform_setup(cmdline_p);
     2.6  	paging_init();
     2.7 +#ifdef CONFIG_XEN
     2.8  	contiguous_bitmap_init(max_pfn);
     2.9 +#endif
    2.10  }
    2.11  
    2.12  /*
     3.1 --- a/linux-2.6-xen-sparse/arch/ia64/xen/hypervisor.c	Wed Aug 30 14:09:31 2006 -0500
     3.2 +++ b/linux-2.6-xen-sparse/arch/ia64/xen/hypervisor.c	Wed Aug 30 22:36:18 2006 +0100
     3.3 @@ -371,6 +371,8 @@ gnttab_map_grant_ref_pre(struct gnttab_m
     3.4  int
     3.5  HYPERVISOR_grant_table_op(unsigned int cmd, void *uop, unsigned int count)
     3.6  {
     3.7 +	__u64 va1, va2, pa1, pa2;
     3.8 +
     3.9  	if (cmd == GNTTABOP_map_grant_ref) {
    3.10  		unsigned int i;
    3.11  		for (i = 0; i < count; i++) {
    3.12 @@ -378,8 +380,29 @@ HYPERVISOR_grant_table_op(unsigned int c
    3.13  				(struct gnttab_map_grant_ref*)uop + i);
    3.14  		}
    3.15  	}
    3.16 -
    3.17 -	return ____HYPERVISOR_grant_table_op(cmd, uop, count);
    3.18 +	va1 = (__u64)uop & PAGE_MASK;
    3.19 +	pa1 = pa2 = 0;
    3.20 +	if ((REGION_NUMBER(va1) == 5) &&
    3.21 +	    ((va1 - KERNEL_START) >= KERNEL_TR_PAGE_SIZE)) {
    3.22 +		pa1 = ia64_tpa(va1);
    3.23 +		if (cmd <= GNTTABOP_transfer) {
    3.24 +			static uint32_t uop_size[GNTTABOP_transfer + 1] = {
    3.25 +				sizeof(struct gnttab_map_grant_ref),
    3.26 +				sizeof(struct gnttab_unmap_grant_ref),
    3.27 +				sizeof(struct gnttab_setup_table),
    3.28 +				sizeof(struct gnttab_dump_table),
    3.29 +				sizeof(struct gnttab_transfer),
    3.30 +			};
    3.31 +			va2 = (__u64)uop + (uop_size[cmd] * count) - 1;
    3.32 +			va2 &= PAGE_MASK;
    3.33 +			if (va1 != va2) {
    3.34 +				/* maximum size of uop is 2pages */
    3.35 +				BUG_ON(va2 > va1 + PAGE_SIZE);
    3.36 +				pa2 = ia64_tpa(va2);
    3.37 +			}
    3.38 +		}
    3.39 +	}
    3.40 +	return ____HYPERVISOR_grant_table_op(cmd, uop, count, pa1, pa2);
    3.41  }
    3.42  EXPORT_SYMBOL(HYPERVISOR_grant_table_op);
    3.43  
     4.1 --- a/linux-2.6-xen-sparse/arch/x86_64/kernel/setup-xen.c	Wed Aug 30 14:09:31 2006 -0500
     4.2 +++ b/linux-2.6-xen-sparse/arch/x86_64/kernel/setup-xen.c	Wed Aug 30 22:36:18 2006 +0100
     4.3 @@ -846,7 +846,7 @@ void __init setup_arch(char **cmdline_p)
     4.4  
     4.5  		if (!xen_feature(XENFEAT_auto_translated_physmap)) {
     4.6  			/* Make sure we have a large enough P->M table. */
     4.7 -			phys_to_machine_mapping = alloc_bootmem(
     4.8 +			phys_to_machine_mapping = alloc_bootmem_pages(
     4.9  				end_pfn * sizeof(unsigned long));
    4.10  			memset(phys_to_machine_mapping, ~0,
    4.11  			       end_pfn * sizeof(unsigned long));
    4.12 @@ -863,7 +863,7 @@ void __init setup_arch(char **cmdline_p)
    4.13  			 * list of frames that make up the p2m table. Used by
    4.14                           * save/restore.
    4.15  			 */
    4.16 -			pfn_to_mfn_frame_list_list = alloc_bootmem(PAGE_SIZE);
    4.17 +			pfn_to_mfn_frame_list_list = alloc_bootmem_pages(PAGE_SIZE);
    4.18  			HYPERVISOR_shared_info->arch.pfn_to_mfn_frame_list_list =
    4.19  				virt_to_mfn(pfn_to_mfn_frame_list_list);
    4.20  
    4.21 @@ -873,7 +873,7 @@ void __init setup_arch(char **cmdline_p)
    4.22  					k++;
    4.23  					BUG_ON(k>=fpp);
    4.24  					pfn_to_mfn_frame_list[k] =
    4.25 -						alloc_bootmem(PAGE_SIZE);
    4.26 +						alloc_bootmem_pages(PAGE_SIZE);
    4.27  					pfn_to_mfn_frame_list_list[k] =
    4.28  						virt_to_mfn(pfn_to_mfn_frame_list[k]);
    4.29  					j=0;
     5.1 --- a/linux-2.6-xen-sparse/drivers/xen/netfront/netfront.c	Wed Aug 30 14:09:31 2006 -0500
     5.2 +++ b/linux-2.6-xen-sparse/drivers/xen/netfront/netfront.c	Wed Aug 30 22:36:18 2006 +0100
     5.3 @@ -193,6 +193,7 @@ static void netfront_closing(struct xenb
     5.4  
     5.5  static void end_access(int, void *);
     5.6  static void netif_disconnect_backend(struct netfront_info *);
     5.7 +static int open_netdev(struct netfront_info *);
     5.8  static void close_netdev(struct netfront_info *);
     5.9  static void netif_free(struct netfront_info *);
    5.10  
    5.11 @@ -263,15 +264,22 @@ static int __devinit netfront_probe(stru
    5.12  	dev->dev.driver_data = info;
    5.13  
    5.14  	err = talk_to_backend(dev, info);
    5.15 -	if (err) {
    5.16 -		xennet_sysfs_delif(info->netdev);
    5.17 -		unregister_netdev(netdev);
    5.18 -		free_netdev(netdev);
    5.19 -		dev->dev.driver_data = NULL;
    5.20 -		return err;
    5.21 -	}
    5.22 +	if (err)
    5.23 +		goto fail_backend;
    5.24 +
    5.25 +	err = open_netdev(info);
    5.26 +	if (err)
    5.27 +		goto fail_open;
    5.28  
    5.29  	return 0;
    5.30 +
    5.31 + fail_open:
    5.32 +	xennet_sysfs_delif(info->netdev);
    5.33 +	unregister_netdev(netdev);
    5.34 + fail_backend:
    5.35 +	free_netdev(netdev);
    5.36 +	dev->dev.driver_data = NULL;
    5.37 +	return err;
    5.38  }
    5.39  
    5.40  
    5.41 @@ -1887,27 +1895,9 @@ create_netdev(int handle, int copying_re
    5.42  	SET_MODULE_OWNER(netdev);
    5.43  	SET_NETDEV_DEV(netdev, &dev->dev);
    5.44  
    5.45 -	err = register_netdev(netdev);
    5.46 -	if (err) {
    5.47 -		printk(KERN_WARNING "%s> register_netdev err=%d\n",
    5.48 -		       __FUNCTION__, err);
    5.49 -		goto exit_free_rx;
    5.50 -	}
    5.51 -
    5.52 -	err = xennet_sysfs_addif(netdev);
    5.53 -	if (err) {
    5.54 -		/* This can be non-fatal: it only means no tuning parameters */
    5.55 -		printk(KERN_WARNING "%s> add sysfs failed err=%d\n",
    5.56 -		       __FUNCTION__, err);
    5.57 -	}
    5.58 -
    5.59  	np->netdev = netdev;
    5.60 -
    5.61  	return netdev;
    5.62  
    5.63 -
    5.64 - exit_free_rx:
    5.65 -	gnttab_free_grant_references(np->gref_rx_head);
    5.66   exit_free_tx:
    5.67  	gnttab_free_grant_references(np->gref_tx_head);
    5.68   exit:
    5.69 @@ -1967,6 +1957,26 @@ static int __devexit netfront_remove(str
    5.70  }
    5.71  
    5.72  
    5.73 +static int open_netdev(struct netfront_info *info)
    5.74 +{
    5.75 +	int err;
    5.76 +	
    5.77 +	err = register_netdev(info->netdev);
    5.78 +	if (err) {
    5.79 +		printk(KERN_WARNING "%s: register_netdev err=%d\n",
    5.80 +		       __FUNCTION__, err);
    5.81 +		return err;
    5.82 +	}
    5.83 +
    5.84 +	err = xennet_sysfs_addif(info->netdev);
    5.85 +	if (err) {
    5.86 +		/* This can be non-fatal: it only means no tuning parameters */
    5.87 +		printk(KERN_WARNING "%s: add sysfs failed err=%d\n",
    5.88 +		       __FUNCTION__, err);
    5.89 +	}
    5.90 +	return 0;
    5.91 +}
    5.92 +
    5.93  static void close_netdev(struct netfront_info *info)
    5.94  {
    5.95  	del_timer_sync(&info->rx_refill_timer);
     6.1 --- a/linux-2.6-xen-sparse/include/asm-ia64/agp.h	Wed Aug 30 14:09:31 2006 -0500
     6.2 +++ b/linux-2.6-xen-sparse/include/asm-ia64/agp.h	Wed Aug 30 22:36:18 2006 +0100
     6.3 @@ -19,10 +19,21 @@
     6.4  #define flush_agp_cache()		mb()
     6.5  
     6.6  /* Convert a physical address to an address suitable for the GART. */
     6.7 +#ifndef CONFIG_XEN
     6.8 +#define phys_to_gart(x) (x)
     6.9 +#define gart_to_phys(x) (x)
    6.10 +#else
    6.11  #define phys_to_gart(x) phys_to_machine_for_dma(x)
    6.12  #define gart_to_phys(x) machine_to_phys_for_dma(x)
    6.13 +#endif
    6.14  
    6.15  /* GATT allocation. Returns/accepts GATT kernel virtual address. */
    6.16 +#ifndef CONFIG_XEN
    6.17 +#define alloc_gatt_pages(order)		\
    6.18 +	((char *)__get_free_pages(GFP_KERNEL, (order)))
    6.19 +#define free_gatt_pages(table, order)	\
    6.20 +	free_pages((unsigned long)(table), (order))
    6.21 +#else
    6.22  #include <asm/hypervisor.h>
    6.23  static inline char*
    6.24  alloc_gatt_pages(unsigned int order)
    6.25 @@ -46,5 +57,6 @@ free_gatt_pages(void* table, unsigned in
    6.26  	xen_destroy_contiguous_region((unsigned long)table, order);
    6.27  	free_pages((unsigned long)table, order);
    6.28  }
    6.29 +#endif /* CONFIG_XEN */
    6.30  
    6.31  #endif /* _ASM_IA64_AGP_H */
     7.1 --- a/linux-2.6-xen-sparse/include/asm-ia64/dma-mapping.h	Wed Aug 30 14:09:31 2006 -0500
     7.2 +++ b/linux-2.6-xen-sparse/include/asm-ia64/dma-mapping.h	Wed Aug 30 22:36:18 2006 +0100
     7.3 @@ -7,11 +7,28 @@
     7.4   */
     7.5  #include <linux/config.h>
     7.6  #include <asm/machvec.h>
     7.7 +#ifdef CONFIG_XEN
     7.8  /* Needed for arch/i386/kernel/swiotlb.c and arch/i386/kernel/pci-dma-xen.c */
     7.9  #include <asm/hypervisor.h>
    7.10  /* Needed for arch/i386/kernel/swiotlb.c */
    7.11  #include <asm-i386/mach-xen/asm/swiotlb.h>
    7.12 +#endif
    7.13  
    7.14 +#ifndef CONFIG_XEN
    7.15 +#define dma_alloc_coherent	platform_dma_alloc_coherent
    7.16 +#define dma_alloc_noncoherent	platform_dma_alloc_coherent	/* coherent mem. is cheap */
    7.17 +#define dma_free_coherent	platform_dma_free_coherent
    7.18 +#define dma_free_noncoherent	platform_dma_free_coherent
    7.19 +#define dma_map_single		platform_dma_map_single
    7.20 +#define dma_map_sg		platform_dma_map_sg
    7.21 +#define dma_unmap_single	platform_dma_unmap_single
    7.22 +#define dma_unmap_sg		platform_dma_unmap_sg
    7.23 +#define dma_sync_single_for_cpu	platform_dma_sync_single_for_cpu
    7.24 +#define dma_sync_sg_for_cpu	platform_dma_sync_sg_for_cpu
    7.25 +#define dma_sync_single_for_device platform_dma_sync_single_for_device
    7.26 +#define dma_sync_sg_for_device	platform_dma_sync_sg_for_device
    7.27 +#define dma_mapping_error	platform_dma_mapping_error
    7.28 +#else
    7.29  int dma_map_sg(struct device *hwdev, struct scatterlist *sg, int nents,
    7.30                 enum dma_data_direction direction);
    7.31  void dma_unmap_sg(struct device *hwdev, struct scatterlist *sg, int nents,
    7.32 @@ -50,6 +67,7 @@ dma_sync_sg_for_device(struct device *de
    7.33  		swiotlb_sync_sg_for_device(dev,sg,nelems,direction);
    7.34  	flush_write_buffers();
    7.35  }
    7.36 +#endif
    7.37  
    7.38  #define dma_map_page(dev, pg, off, size, dir)				\
    7.39  	dma_map_single(dev, page_address(pg) + (off), (size), (dir))
    7.40 @@ -91,6 +109,7 @@ dma_cache_sync (void *vaddr, size_t size
    7.41  
    7.42  #define dma_is_consistent(dma_handle)	(1)	/* all we do is coherent memory... */
    7.43  
    7.44 +#ifdef CONFIG_XEN
    7.45  /* arch/i386/kernel/swiotlb.o requires */
    7.46  void contiguous_bitmap_init(unsigned long end_pfn);
    7.47  
    7.48 @@ -111,5 +130,6 @@ range_straddles_page_boundary(void *p, s
    7.49  	return (((((unsigned long)p & ~PAGE_MASK) + size) > PAGE_SIZE) &&
    7.50  	        !test_bit(__pa(p) >> PAGE_SHIFT, contiguous_bitmap));
    7.51  }
    7.52 +#endif
    7.53  
    7.54  #endif /* _ASM_IA64_DMA_MAPPING_H */
     8.1 --- a/linux-2.6-xen-sparse/include/asm-ia64/hypercall.h	Wed Aug 30 14:09:31 2006 -0500
     8.2 +++ b/linux-2.6-xen-sparse/include/asm-ia64/hypercall.h	Wed Aug 30 22:36:18 2006 +0100
     8.3 @@ -51,7 +51,7 @@
     8.4  			      "break 0x1000 ;;\n"		\
     8.5  			      "mov %0=r8 ;;\n"			\
     8.6  			      : "=r" (__res)			\
     8.7 -			      : "i" (__HYPERVISOR_##name)	\
     8.8 +			      : "J" (__HYPERVISOR_##name)	\
     8.9  			      : "r2","r8",			\
    8.10  			        "memory" );			\
    8.11  	(type)__res;						\
    8.12 @@ -66,8 +66,8 @@
    8.13  			      "break 0x1000 ;;\n"		\
    8.14  			      "mov %0=r8 ;;\n"			\
    8.15  			      : "=r" (__res)			\
    8.16 -			      : "i" (__HYPERVISOR_##name),	\
    8.17 -				"r" ((unsigned long)(a1))	\
    8.18 +			      : "J" (__HYPERVISOR_##name),	\
    8.19 +				"rI" ((unsigned long)(a1))	\
    8.20  			      : "r14","r2","r8",		\
    8.21  				"memory" );			\
    8.22  	(type)__res;						\
    8.23 @@ -83,9 +83,9 @@
    8.24  			      "break 0x1000 ;;\n"		\
    8.25  			      "mov %0=r8 ;;\n"			\
    8.26  			      : "=r" (__res)			\
    8.27 -			      : "i" (__HYPERVISOR_##name),	\
    8.28 -				"r" ((unsigned long)(a1)),	\
    8.29 -				"r" ((unsigned long)(a2))	\
    8.30 +			      : "J" (__HYPERVISOR_##name),	\
    8.31 +				"rI" ((unsigned long)(a1)),	\
    8.32 +				"rI" ((unsigned long)(a2))	\
    8.33  			      : "r14","r15","r2","r8",		\
    8.34  				"memory" );			\
    8.35  	(type)__res;						\
    8.36 @@ -102,10 +102,10 @@
    8.37  			      "break 0x1000 ;;\n"               \
    8.38  			      "mov %0=r8 ;;\n"                  \
    8.39  			      : "=r" (__res)                    \
    8.40 -			      : "i" (__HYPERVISOR_##name),      \
    8.41 -				"r" ((unsigned long)(a1)),	\
    8.42 -				"r" ((unsigned long)(a2)),	\
    8.43 -				"r" ((unsigned long)(a3))	\
    8.44 +			      : "J" (__HYPERVISOR_##name),      \
    8.45 +				"rI" ((unsigned long)(a1)),     \
    8.46 +				"rI" ((unsigned long)(a2)),     \
    8.47 +				"rI" ((unsigned long)(a3))      \
    8.48  			      : "r14","r15","r16","r2","r8",	\
    8.49  			        "memory" );                     \
    8.50  	(type)__res;                                            \
    8.51 @@ -123,11 +123,11 @@
    8.52  			      "break 0x1000 ;;\n"               \
    8.53  			      "mov %0=r8 ;;\n"                  \
    8.54  			      : "=r" (__res)                    \
    8.55 -			      : "i" (__HYPERVISOR_##name),      \
    8.56 -				"r" ((unsigned long)(a1)),	\
    8.57 -				"r" ((unsigned long)(a2)),	\
    8.58 -				"r" ((unsigned long)(a3)),	\
    8.59 -				"r" ((unsigned long)(a4))       \
    8.60 +			      : "J" (__HYPERVISOR_##name),      \
    8.61 +				"rI" ((unsigned long)(a1)),     \
    8.62 +				"rI" ((unsigned long)(a2)),     \
    8.63 +				"rI" ((unsigned long)(a3)),     \
    8.64 +				"rI" ((unsigned long)(a4))      \
    8.65  			      : "r14","r15","r16","r2","r8",	\
    8.66  			        "r17","memory" );               \
    8.67  	(type)__res;                                            \
    8.68 @@ -146,12 +146,12 @@
    8.69  			      "break 0x1000 ;;\n"               \
    8.70  			      "mov %0=r8 ;;\n"                  \
    8.71  			      : "=r" (__res)                    \
    8.72 -			      : "i" (__HYPERVISOR_##name),      \
    8.73 -				"r" ((unsigned long)(a1)),	\
    8.74 -				"r" ((unsigned long)(a2)),	\
    8.75 -				"r" ((unsigned long)(a3)),	\
    8.76 -				"r" ((unsigned long)(a4)),	\
    8.77 -				"r" ((unsigned long)(a5))       \
    8.78 +			      : "J" (__HYPERVISOR_##name),      \
    8.79 +				"rI" ((unsigned long)(a1)),     \
    8.80 +				"rI" ((unsigned long)(a2)),     \
    8.81 +				"rI" ((unsigned long)(a3)),     \
    8.82 +				"rI" ((unsigned long)(a4)),     \
    8.83 +				"rI" ((unsigned long)(a5))      \
    8.84  			      : "r14","r15","r16","r2","r8",	\
    8.85  			        "r17","r18","memory" );         \
    8.86  	(type)__res;                                            \
    8.87 @@ -275,9 +275,10 @@ HYPERVISOR_physdev_op(
    8.88  //XXX __HYPERVISOR_grant_table_op is used for this hypercall constant.
    8.89  static inline int
    8.90  ____HYPERVISOR_grant_table_op(
    8.91 -    unsigned int cmd, void *uop, unsigned int count)
    8.92 +    unsigned int cmd, void *uop, unsigned int count,
    8.93 +    unsigned long pa1, unsigned long pa2)
    8.94  {
    8.95 -    return _hypercall3(int, grant_table_op, cmd, uop, count);
    8.96 +    return _hypercall5(int, grant_table_op, cmd, uop, count, pa1, pa2);
    8.97  }
    8.98  
    8.99  int HYPERVISOR_grant_table_op(unsigned int cmd, void *uop, unsigned int count);
   8.100 @@ -291,6 +292,13 @@ HYPERVISOR_vcpu_op(
   8.101  
   8.102  extern int HYPERVISOR_suspend(unsigned long srec);
   8.103  
   8.104 +static inline unsigned long
   8.105 +HYPERVISOR_hvm_op(
   8.106 +	int cmd, void *arg)
   8.107 +{
   8.108 +	return _hypercall2(unsigned long, hvm_op, cmd, arg);
   8.109 +}
   8.110 +
   8.111  static inline int
   8.112  HYPERVISOR_callback_op(
   8.113  	int cmd, void *arg)
   8.114 @@ -307,99 +315,15 @@ static inline void exit_idle(void) {}
   8.115  })
   8.116  
   8.117  #include <linux/err.h>
   8.118 +#ifdef CONFIG_XEN
   8.119  #include <asm/xen/privop.h>
   8.120 -
   8.121 -#define _hypercall_imm1(type, name, imm, a1)			\
   8.122 -({								\
   8.123 -	long __res;						\
   8.124 -	__asm__ __volatile__ (";;\n"				\
   8.125 -			      "mov r14=%2\n"			\
   8.126 -			      "mov r15=%3\n"			\
   8.127 -			      "mov r2=%1\n"			\
   8.128 -			      "break 0x1000 ;;\n"		\
   8.129 -			      "mov %0=r8 ;;\n"			\
   8.130 -			      : "=r" (__res)			\
   8.131 -			      : "i" (__HYPERVISOR_##name),	\
   8.132 -				"i" (imm),			\
   8.133 -				"r" ((unsigned long)(a1))	\
   8.134 -			      : "r14","r15","r2","r8",		\
   8.135 -				"memory" );			\
   8.136 -	(type)__res;						\
   8.137 -})
   8.138 -
   8.139 -#define _hypercall_imm2(type, name, imm, a1, a2)		\
   8.140 -({								\
   8.141 -	long __res;						\
   8.142 -	__asm__ __volatile__ (";;\n"				\
   8.143 -			      "mov r14=%2\n"			\
   8.144 -			      "mov r15=%3\n"			\
   8.145 -			      "mov r16=%4\n"			\
   8.146 -			      "mov r2=%1\n"			\
   8.147 -			      "break 0x1000 ;;\n"		\
   8.148 -			      "mov %0=r8 ;;\n"			\
   8.149 -			      : "=r" (__res)			\
   8.150 -			      : "i" (__HYPERVISOR_##name),	\
   8.151 -				"i" (imm),			\
   8.152 -				"r" ((unsigned long)(a1)),	\
   8.153 -				"r" ((unsigned long)(a2))	\
   8.154 -			      : "r14","r15","r16","r2","r8",	\
   8.155 -				"memory" );			\
   8.156 -	(type)__res;						\
   8.157 -})
   8.158 -
   8.159 -#define _hypercall_imm3(type, name, imm, a1, a2, a3)		\
   8.160 -({								\
   8.161 -	long __res;						\
   8.162 -	__asm__ __volatile__ (";;\n"				\
   8.163 -			      "mov r14=%2\n"			\
   8.164 -			      "mov r15=%3\n"			\
   8.165 -			      "mov r16=%4\n"			\
   8.166 -			      "mov r17=%5\n"			\
   8.167 -			      "mov r2=%1\n"			\
   8.168 -			      "break 0x1000 ;;\n"		\
   8.169 -			      "mov %0=r8 ;;\n"			\
   8.170 -			      : "=r" (__res)			\
   8.171 -			      : "i" (__HYPERVISOR_##name),	\
   8.172 -				"i" (imm),			\
   8.173 -				"r" ((unsigned long)(a1)),	\
   8.174 -				"r" ((unsigned long)(a2)),	\
   8.175 -				"r" ((unsigned long)(a3))	\
   8.176 -			      : "r14","r15","r16","r17",	\
   8.177 -				"r2","r8",			\
   8.178 -				"memory" );			\
   8.179 -	(type)__res;						\
   8.180 -})
   8.181 -
   8.182 -#define _hypercall_imm4(type, name, imm, a1, a2, a3, a4)	\
   8.183 -({								\
   8.184 -	long __res;						\
   8.185 -	__asm__ __volatile__ (";;\n"				\
   8.186 -			      "mov r14=%2\n"			\
   8.187 -			      "mov r15=%3\n"			\
   8.188 -			      "mov r16=%4\n"			\
   8.189 -			      "mov r17=%5\n"			\
   8.190 -			      "mov r18=%6\n"			\
   8.191 -			      "mov r2=%1\n"			\
   8.192 -			      "break 0x1000 ;;\n"		\
   8.193 -			      "mov %0=r8 ;;\n"			\
   8.194 -			      : "=r" (__res)			\
   8.195 -			      : "i" (__HYPERVISOR_##name),	\
   8.196 -				"i" (imm),			\
   8.197 -				"r" ((unsigned long)(a1)),	\
   8.198 -				"r" ((unsigned long)(a2)),	\
   8.199 -				"r" ((unsigned long)(a3)),	\
   8.200 -				"r" ((unsigned long)(a4))	\
   8.201 -			      : "r14","r15","r16","r17","r18",	\
   8.202 -				"r2","r8",			\
   8.203 -				"memory" );			\
   8.204 -	(type)__res;						\
   8.205 -})
   8.206 +#endif /* CONFIG_XEN */
   8.207  
   8.208  static inline unsigned long
   8.209  __HYPERVISOR_ioremap(unsigned long ioaddr, unsigned long size)
   8.210  {
   8.211 -	return _hypercall_imm2(unsigned long, ia64_dom0vp_op,
   8.212 -			       IA64_DOM0VP_ioremap, ioaddr, size);
   8.213 +	return _hypercall3(unsigned long, ia64_dom0vp_op,
   8.214 +	                   IA64_DOM0VP_ioremap, ioaddr, size);
   8.215  }
   8.216  
   8.217  static inline unsigned long
   8.218 @@ -421,8 +345,8 @@ HYPERVISOR_ioremap(unsigned long ioaddr,
   8.219  static inline unsigned long
   8.220  __HYPERVISOR_phystomach(unsigned long gpfn)
   8.221  {
   8.222 -	return _hypercall_imm1(unsigned long, ia64_dom0vp_op,
   8.223 -			       IA64_DOM0VP_phystomach, gpfn);
   8.224 +	return _hypercall2(unsigned long, ia64_dom0vp_op,
   8.225 +	                   IA64_DOM0VP_phystomach, gpfn);
   8.226  }
   8.227  
   8.228  static inline unsigned long
   8.229 @@ -438,8 +362,8 @@ HYPERVISOR_phystomach(unsigned long gpfn
   8.230  static inline unsigned long
   8.231  __HYPERVISOR_machtophys(unsigned long mfn)
   8.232  {
   8.233 -	return _hypercall_imm1(unsigned long, ia64_dom0vp_op,
   8.234 -			       IA64_DOM0VP_machtophys, mfn);
   8.235 +	return _hypercall2(unsigned long, ia64_dom0vp_op,
   8.236 +	                   IA64_DOM0VP_machtophys, mfn);
   8.237  }
   8.238  
   8.239  static inline unsigned long
   8.240 @@ -455,8 +379,8 @@ HYPERVISOR_machtophys(unsigned long mfn)
   8.241  static inline unsigned long
   8.242  __HYPERVISOR_zap_physmap(unsigned long gpfn, unsigned int extent_order)
   8.243  {
   8.244 -	return _hypercall_imm2(unsigned long, ia64_dom0vp_op,
   8.245 -			       IA64_DOM0VP_zap_physmap, gpfn, extent_order);
   8.246 +	return _hypercall3(unsigned long, ia64_dom0vp_op,
   8.247 +	                   IA64_DOM0VP_zap_physmap, gpfn, extent_order);
   8.248  }
   8.249  
   8.250  static inline unsigned long
   8.251 @@ -473,9 +397,8 @@ static inline unsigned long
   8.252  __HYPERVISOR_add_physmap(unsigned long gpfn, unsigned long mfn,
   8.253  			 unsigned long flags, domid_t domid)
   8.254  {
   8.255 -	return _hypercall_imm4(unsigned long, ia64_dom0vp_op,
   8.256 -			       IA64_DOM0VP_add_physmap, gpfn, mfn, flags,
   8.257 -			       domid);
   8.258 +	return _hypercall5(unsigned long, ia64_dom0vp_op,
   8.259 +	                   IA64_DOM0VP_add_physmap, gpfn, mfn, flags, domid);
   8.260  }
   8.261  
   8.262  static inline unsigned long
     9.1 --- a/linux-2.6-xen-sparse/include/asm-ia64/hypervisor.h	Wed Aug 30 14:09:31 2006 -0500
     9.2 +++ b/linux-2.6-xen-sparse/include/asm-ia64/hypervisor.h	Wed Aug 30 22:36:18 2006 +0100
     9.3 @@ -33,7 +33,7 @@
     9.4  #ifndef __HYPERVISOR_H__
     9.5  #define __HYPERVISOR_H__
     9.6  
     9.7 -#ifndef CONFIG_XEN
     9.8 +#if !defined(CONFIG_XEN) && !defined(CONFIG_VMX_GUEST)
     9.9  #define is_running_on_xen()			(0)
    9.10  #define HYPERVISOR_ioremap(offset, size)	(offset)
    9.11  #else
    9.12 @@ -41,7 +41,7 @@ extern int running_on_xen;
    9.13  #define is_running_on_xen()			(running_on_xen)
    9.14  #endif
    9.15  
    9.16 -#ifdef CONFIG_XEN
    9.17 +#if defined(CONFIG_XEN) || defined(CONFIG_VMX_GUEST)
    9.18  #include <linux/config.h>
    9.19  #include <linux/types.h>
    9.20  #include <linux/kernel.h>
    9.21 @@ -59,10 +59,9 @@ extern int running_on_xen;
    9.22  extern shared_info_t *HYPERVISOR_shared_info;
    9.23  extern start_info_t *xen_start_info;
    9.24  
    9.25 -#define is_initial_xendomain() (xen_start_info->flags & SIF_INITDOMAIN)
    9.26 -
    9.27  void force_evtchn_callback(void);
    9.28  
    9.29 +#ifndef CONFIG_VMX_GUEST
    9.30  /* Turn jiffies into Xen system time. XXX Implement me. */
    9.31  #define jiffies_to_st(j)	0
    9.32  
    9.33 @@ -145,10 +144,14 @@ int privcmd_mmap(struct file * file, str
    9.34  #define scrub_pages(_p,_n) ((void)0)
    9.35  #endif
    9.36  #define	pte_mfn(_x)	pte_pfn(_x)
    9.37 -#define __pte_ma(_x)	((pte_t) {(_x)})
    9.38  #define phys_to_machine_mapping_valid(_x)	(1)
    9.39 -#define pfn_pte_ma(_x,_y)	__pte_ma(0)
    9.40 +
    9.41 +#endif /* !CONFIG_VMX_GUEST */
    9.42  
    9.43 +#define __pte_ma(_x)	((pte_t) {(_x)})        /* unmodified use */
    9.44 +#define pfn_pte_ma(_x,_y)	__pte_ma(0)     /* unmodified use */
    9.45 +
    9.46 +#ifndef CONFIG_VMX_GUEST
    9.47  int __xen_create_contiguous_region(unsigned long vstart, unsigned int order, unsigned int address_bits);
    9.48  static inline int
    9.49  xen_create_contiguous_region(unsigned long vstart,
    9.50 @@ -170,6 +173,8 @@ xen_destroy_contiguous_region(unsigned l
    9.51  		__xen_destroy_contiguous_region(vstart, order);
    9.52  }
    9.53  
    9.54 +#endif /* !CONFIG_VMX_GUEST */
    9.55 +
    9.56  // for netfront.c, netback.c
    9.57  #define MULTI_UVMFLAGS_INDEX 0 //XXX any value
    9.58  
    9.59 @@ -182,10 +187,27 @@ MULTI_update_va_mapping(
    9.60  	mcl->result = 0;
    9.61  }
    9.62  
    9.63 +static inline void
    9.64 +MULTI_grant_table_op(multicall_entry_t *mcl, unsigned int cmd,
    9.65 +	void *uop, unsigned int count)
    9.66 +{
    9.67 +	mcl->op = __HYPERVISOR_grant_table_op;
    9.68 +	mcl->args[0] = cmd;
    9.69 +	mcl->args[1] = (unsigned long)uop;
    9.70 +	mcl->args[2] = count;
    9.71 +}
    9.72 +
    9.73  // for debug
    9.74  asmlinkage int xprintk(const char *fmt, ...);
    9.75  #define xprintd(fmt, ...)	xprintk("%s:%d " fmt, __func__, __LINE__, \
    9.76  					##__VA_ARGS__)
    9.77 -#endif /* CONFIG_XEN */
    9.78 +
    9.79 +#endif /* CONFIG_XEN || CONFIG_VMX_GUEST */
    9.80 +
    9.81 +#ifdef CONFIG_XEN_PRIVILEGED_GUEST
    9.82 +#define is_initial_xendomain() (xen_start_info->flags & SIF_INITDOMAIN)
    9.83 +#else
    9.84 +#define is_initial_xendomain() 0
    9.85 +#endif
    9.86  
    9.87  #endif /* __HYPERVISOR_H__ */
    10.1 --- a/linux-2.6-xen-sparse/include/asm-ia64/io.h	Wed Aug 30 14:09:31 2006 -0500
    10.2 +++ b/linux-2.6-xen-sparse/include/asm-ia64/io.h	Wed Aug 30 22:36:18 2006 +0100
    10.3 @@ -97,6 +97,11 @@ extern int valid_mmap_phys_addr_range (u
    10.4   * The following two macros are deprecated and scheduled for removal.
    10.5   * Please use the PCI-DMA interface defined in <asm/pci.h> instead.
    10.6   */
    10.7 +#ifndef CONFIG_XEN
    10.8 +#define bus_to_virt	phys_to_virt
    10.9 +#define virt_to_bus	virt_to_phys
   10.10 +#define page_to_bus	page_to_phys
   10.11 +#else
   10.12  #define bus_to_virt(bus)	\
   10.13  	phys_to_virt(machine_to_phys_for_dma(bus))
   10.14  #define virt_to_bus(virt)	\
   10.15 @@ -124,6 +129,7 @@ extern int valid_mmap_phys_addr_range (u
   10.16  	(((bvec_to_bus((vec1)) + (vec1)->bv_len) == bvec_to_bus((vec2))) && \
   10.17  	 ((bvec_to_pseudophys((vec1)) + (vec1)->bv_len) ==		\
   10.18  	  bvec_to_pseudophys((vec2))))
   10.19 +#endif /* CONFIG_XEN */
   10.20  
   10.21  # endif /* KERNEL */
   10.22  
    11.1 --- a/linux-2.6-xen-sparse/include/asm-ia64/machvec.h	Wed Aug 30 14:09:31 2006 -0500
    11.2 +++ b/linux-2.6-xen-sparse/include/asm-ia64/machvec.h	Wed Aug 30 22:36:18 2006 +0100
    11.3 @@ -247,6 +247,7 @@ extern void machvec_init (const char *na
    11.4  #  error Unknown configuration.  Update asm-ia64/machvec.h.
    11.5  # endif /* CONFIG_IA64_GENERIC */
    11.6  
    11.7 +#ifdef CONFIG_XEN
    11.8  # define platform_dma_map_sg		dma_map_sg
    11.9  # define platform_dma_unmap_sg		dma_unmap_sg
   11.10  # define platform_dma_mapping_error	dma_mapping_error
   11.11 @@ -259,6 +260,7 @@ extern void machvec_init (const char *na
   11.12  					dma_sync_single_for_cpu
   11.13  # define platform_dma_sync_single_for_device \
   11.14  					dma_sync_single_for_device
   11.15 +#endif
   11.16  
   11.17  /*
   11.18   * Declare default routines which aren't declared anywhere else:
    12.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    12.2 +++ b/linux-2.6-xen-sparse/include/asm-ia64/maddr.h	Wed Aug 30 22:36:18 2006 +0100
    12.3 @@ -0,0 +1,88 @@
    12.4 +#ifndef _ASM_IA64_MADDR_H
    12.5 +#define _ASM_IA64_MADDR_H
    12.6 +
    12.7 +#include <linux/kernel.h>
    12.8 +#include <asm/hypervisor.h>
    12.9 +#include <xen/features.h>
   12.10 +#include <xen/interface/xen.h>
   12.11 +
   12.12 +#ifdef CONFIG_XEN
   12.13 +
   12.14 +#define INVALID_P2M_ENTRY       (~0UL)
   12.15 +
   12.16 +/* XXX xen page size != page size */
   12.17 +static inline unsigned long
   12.18 +pfn_to_mfn_for_dma(unsigned long pfn)
   12.19 +{
   12.20 +	unsigned long mfn;
   12.21 +	mfn = HYPERVISOR_phystomach(pfn);
   12.22 +	BUG_ON(mfn == 0); // XXX
   12.23 +	BUG_ON(mfn == INVALID_P2M_ENTRY); // XXX
   12.24 +	BUG_ON(mfn == INVALID_MFN);
   12.25 +	return mfn;
   12.26 +}
   12.27 +
   12.28 +static inline unsigned long
   12.29 +phys_to_machine_for_dma(unsigned long phys)
   12.30 +{
   12.31 +	unsigned long machine =
   12.32 +	              pfn_to_mfn_for_dma(phys >> PAGE_SHIFT) << PAGE_SHIFT;
   12.33 +	machine |= (phys & ~PAGE_MASK);
   12.34 +	return machine;
   12.35 +}
   12.36 +
   12.37 +static inline unsigned long
   12.38 +mfn_to_pfn_for_dma(unsigned long mfn)
   12.39 +{
   12.40 +	unsigned long pfn;
   12.41 +	pfn = HYPERVISOR_machtophys(mfn);
   12.42 +	BUG_ON(pfn == 0);
   12.43 +	//BUG_ON(pfn == INVALID_M2P_ENTRY);
   12.44 +	return pfn;
   12.45 +}
   12.46 +
   12.47 +static inline unsigned long
   12.48 +machine_to_phys_for_dma(unsigned long machine)
   12.49 +{
   12.50 +	unsigned long phys =
   12.51 +	              mfn_to_pfn_for_dma(machine >> PAGE_SHIFT) << PAGE_SHIFT;
   12.52 +	phys |= (machine & ~PAGE_MASK);
   12.53 +	return phys;
   12.54 +}
   12.55 +
   12.56 +static inline unsigned long
   12.57 +mfn_to_local_pfn(unsigned long mfn)
   12.58 +{
   12.59 +	extern unsigned long max_mapnr;
   12.60 +	unsigned long pfn = mfn_to_pfn_for_dma(mfn);
   12.61 +	if (!pfn_valid(pfn))
   12.62 +		return INVALID_P2M_ENTRY;
   12.63 +	return pfn;
   12.64 +}
   12.65 +
   12.66 +#else /* !CONFIG_XEN */
   12.67 +
   12.68 +#define pfn_to_mfn_for_dma(pfn) (pfn)
   12.69 +#define mfn_to_pfn_for_dma(mfn) (mfn)
   12.70 +#define phys_to_machine_for_dma(phys) (phys)
   12.71 +#define machine_to_phys_for_dma(machine) (machine)
   12.72 +#define mfn_to_local_pfn(mfn) (mfn)
   12.73 +
   12.74 +#endif /* !CONFIG_XEN */
   12.75 +
   12.76 +/* XXX to compile set_phys_to_machine(vaddr, FOREIGN_FRAME(m)) */
   12.77 +#define FOREIGN_FRAME(m)        (INVALID_P2M_ENTRY)
   12.78 +
   12.79 +#define mfn_to_pfn(mfn) (mfn)
   12.80 +#define pfn_to_mfn(pfn) (pfn)
   12.81 +
   12.82 +#define mfn_to_virt(mfn) (__va((mfn) << PAGE_SHIFT))
   12.83 +#define virt_to_mfn(virt) (__pa(virt) >> PAGE_SHIFT)
   12.84 +#define virt_to_machine(virt) __pa(virt) // for tpmfront.c
   12.85 +
   12.86 +#define set_phys_to_machine(pfn, mfn) do { } while (0)
   12.87 +#define xen_machphys_update(mfn, pfn) do { } while (0)
   12.88 +
   12.89 +typedef unsigned long maddr_t;	// to compile netback, netfront
   12.90 +
   12.91 +#endif /* _ASM_IA64_MADDR_H */
    13.1 --- a/linux-2.6-xen-sparse/include/asm-ia64/page.h	Wed Aug 30 14:09:31 2006 -0500
    13.2 +++ b/linux-2.6-xen-sparse/include/asm-ia64/page.h	Wed Aug 30 22:36:18 2006 +0100
    13.3 @@ -117,6 +117,9 @@ extern unsigned long max_low_pfn;
    13.4  # define pfn_to_page(pfn)	(vmem_map + (pfn))
    13.5  #endif
    13.6  
    13.7 +#ifndef CONFIG_XEN
    13.8 +#define page_to_phys(page)	(page_to_pfn(page) << PAGE_SHIFT)
    13.9 +#endif
   13.10  #define virt_to_page(kaddr)	pfn_to_page(__pa(kaddr) >> PAGE_SHIFT)
   13.11  #define pfn_to_kaddr(pfn)	__va((pfn) << PAGE_SHIFT)
   13.12  
   13.13 @@ -221,12 +224,9 @@ get_order (unsigned long size)
   13.14  #ifndef __ASSEMBLY__
   13.15  #ifdef CONFIG_XEN
   13.16  
   13.17 -#define INVALID_P2M_ENTRY	(~0UL)
   13.18 -
   13.19  #include <linux/kernel.h>
   13.20  #include <asm/hypervisor.h>
   13.21  #include <xen/features.h>	// to compile netback, netfront
   13.22 -typedef unsigned long maddr_t;	// to compile netback, netfront
   13.23  
   13.24  /*
   13.25   * XXX hack!
   13.26 @@ -265,68 +265,7 @@ extern struct address_space xen_ia64_for
   13.27  })
   13.28  #define HAVE_ARCH_FREE_PAGE
   13.29  
   13.30 -/* XXX xen page size != page size */
   13.31 -
   13.32 -static inline unsigned long
   13.33 -pfn_to_mfn_for_dma(unsigned long pfn)
   13.34 -{
   13.35 -	unsigned long mfn;
   13.36 -	mfn = HYPERVISOR_phystomach(pfn);
   13.37 -	BUG_ON(mfn == 0); // XXX
   13.38 -	BUG_ON(mfn == INVALID_P2M_ENTRY); // XXX
   13.39 -	BUG_ON(mfn == INVALID_MFN);
   13.40 -	return mfn;
   13.41 -}
   13.42 -
   13.43 -static inline unsigned long
   13.44 -phys_to_machine_for_dma(unsigned long phys)
   13.45 -{
   13.46 -	unsigned long machine =
   13.47 -	              pfn_to_mfn_for_dma(phys >> PAGE_SHIFT) << PAGE_SHIFT;
   13.48 -	machine |= (phys & ~PAGE_MASK);
   13.49 -	return machine;
   13.50 -}
   13.51 -
   13.52 -static inline unsigned long
   13.53 -mfn_to_pfn_for_dma(unsigned long mfn)
   13.54 -{
   13.55 -	unsigned long pfn;
   13.56 -	pfn = HYPERVISOR_machtophys(mfn);
   13.57 -	BUG_ON(pfn == 0);
   13.58 -	//BUG_ON(pfn == INVALID_M2P_ENTRY);
   13.59 -	return pfn;
   13.60 -}
   13.61 -
   13.62 -static inline unsigned long
   13.63 -machine_to_phys_for_dma(unsigned long machine)
   13.64 -{
   13.65 -	unsigned long phys =
   13.66 -	              mfn_to_pfn_for_dma(machine >> PAGE_SHIFT) << PAGE_SHIFT;
   13.67 -	phys |= (machine & ~PAGE_MASK);
   13.68 -	return phys;
   13.69 -}
   13.70 -
   13.71 -#define set_phys_to_machine(pfn, mfn) do { } while (0)
   13.72 -#define xen_machphys_update(mfn, pfn) do { } while (0)
   13.73 -
   13.74 -/* XXX to compile set_phys_to_machine(vaddr, FOREIGN_FRAME(m)) */
   13.75 -#define FOREIGN_FRAME(m)        (INVALID_P2M_ENTRY)
   13.76 -
   13.77 -#define mfn_to_pfn(mfn)			(mfn)
   13.78 -#define mfn_to_virt(mfn)		(__va((mfn) << PAGE_SHIFT))
   13.79 -#define pfn_to_mfn(pfn)			(pfn)
   13.80 -#define virt_to_mfn(virt)		(__pa(virt) >> PAGE_SHIFT)
   13.81 -#define virt_to_machine(virt)		__pa(virt) // for tpmfront.c
   13.82 -
   13.83 -static inline unsigned long
   13.84 -mfn_to_local_pfn(unsigned long mfn)
   13.85 -{
   13.86 -	extern unsigned long max_mapnr;
   13.87 -	unsigned long pfn = mfn_to_pfn_for_dma(mfn);
   13.88 -	if (!pfn_valid(pfn))
   13.89 -		return INVALID_P2M_ENTRY;
   13.90 -	return pfn;
   13.91 -}
   13.92 +#include <asm/maddr.h>
   13.93  
   13.94  #endif /* CONFIG_XEN */
   13.95  #endif /* __ASSEMBLY__ */
    14.1 --- a/linux-2.6-xen-sparse/include/asm-ia64/pgalloc.h	Wed Aug 30 14:09:31 2006 -0500
    14.2 +++ b/linux-2.6-xen-sparse/include/asm-ia64/pgalloc.h	Wed Aug 30 22:36:18 2006 +0100
    14.3 @@ -126,7 +126,11 @@ static inline void pmd_free(pmd_t * pmd)
    14.4  static inline void
    14.5  pmd_populate(struct mm_struct *mm, pmd_t * pmd_entry, struct page *pte)
    14.6  {
    14.7 +#ifndef CONFIG_XEN
    14.8 +	pmd_val(*pmd_entry) = page_to_phys(pte);
    14.9 +#else
   14.10  	pmd_val(*pmd_entry) = page_to_pseudophys(pte);
   14.11 +#endif
   14.12  }
   14.13  
   14.14  static inline void
    15.1 --- a/tools/debugger/gdb/gdbbuild	Wed Aug 30 14:09:31 2006 -0500
    15.2 +++ b/tools/debugger/gdb/gdbbuild	Wed Aug 30 22:36:18 2006 +0100
    15.3 @@ -18,7 +18,7 @@ cd gdb-6.2.1-linux-i386-xen
    15.4  if [ "$MAKE" ]; then
    15.5      $MAKE
    15.6  elif which gmake ; then
    15.7 -    gmake -j4
    15.8 +    gmake -j4 CFLAGS=-D__XEN_TOOLS__
    15.9  else
   15.10 -    make -j4
   15.11 +    make -j4 CFLAGS=-D__XEN_TOOLS__
   15.12  fi
    16.1 --- a/tools/examples/xmexample.vti	Wed Aug 30 14:09:31 2006 -0500
    16.2 +++ b/tools/examples/xmexample.vti	Wed Aug 30 22:36:18 2006 +0100
    16.3 @@ -37,11 +37,9 @@ name = "ExampleVTIDomain"
    16.4  
    16.5  # Optionally define mac and/or bridge for the network interfaces.
    16.6  # Random MACs are assigned if not given.
    16.7 -#vif = [ 'type=ioemu, mac=00:16:3e:00:00:11, bridge=xenbr0' ]
    16.8 +#vif = [ 'type=ioemu, mac=00:16:3e:00:00:11, bridge=xenbr0, model=ne2k_pci' ]
    16.9  # type=ioemu specify the NIC is an ioemu device not netfront
   16.10  vif = [ 'type=ioemu, bridge=xenbr0' ]
   16.11 -# for multiple NICs in device model, 3 in this example
   16.12 -#vif = [ 'type=ioemu, bridge=xenbr0', 'type=ioemu', 'type=ioemu']
   16.13  
   16.14  #----------------------------------------------------------------------------
   16.15  # Define the disk devices you want the domain to have access to, and
   16.16 @@ -51,7 +49,7 @@ vif = [ 'type=ioemu, bridge=xenbr0' ]
   16.17  # and MODE is r for read-only, w for read-write.
   16.18  
   16.19  #disk = [ 'phy:hda1,hda1,r' ]
   16.20 -disk = [ 'file:/var/images/xenia64.img,ioemu:hda,w' ]
   16.21 +disk = [ 'file:/var/images/xenia64.img,hda,w', ',hdc:cdrom,r' ]
   16.22  
   16.23  #----------------------------------------------------------------------------
   16.24  # Set according to whether you want the domain restarted when it exits.
   16.25 @@ -66,13 +64,6 @@ disk = [ 'file:/var/images/xenia64.img,i
   16.26  # New stuff
   16.27  device_model = '/usr/' + arch_libdir + '/xen/bin/qemu-dm'
   16.28  
   16.29 -# Advanced users only. Don't touch if you don't know what you're doing
   16.30 -memmap = '/usr/lib/xen/boot/mem-map.sxp'
   16.31 -
   16.32 -#-----------------------------------------------------------------------------
   16.33 -# Disk image for 
   16.34 -#cdrom=
   16.35 -
   16.36  #-----------------------------------------------------------------------------
   16.37  # boot on floppy (a), hard disk (c) or CD-ROM (d) 
   16.38  # default: hard disk, cd-rom, floppy
   16.39 @@ -91,8 +82,17 @@ sdl=1
   16.40  vnc=0
   16.41  
   16.42  #----------------------------------------------------------------------------
   16.43 -# enable spawning vncviewer(only valid when vnc=1), default = 1
   16.44 -vncviewer=0
   16.45 +# set VNC display number, default = domid
   16.46 +#vncdisplay=1
   16.47 +
   16.48 +#----------------------------------------------------------------------------
   16.49 +# try to find an unused port for the VNC server, default = 1
   16.50 +#vncunused=1
   16.51 +
   16.52 +#----------------------------------------------------------------------------
   16.53 +# enable spawning vncviewer for domain's console
   16.54 +# (only valid when vnc=1), default = 0
   16.55 +#vncconsole=0
   16.56  
   16.57  #----------------------------------------------------------------------------
   16.58  # no graphics, use serial port
   16.59 @@ -108,15 +108,13 @@ stdvga=0
   16.60  serial='pty'
   16.61  
   16.62  #-----------------------------------------------------------------------------
   16.63 -#   enable audio support
   16.64 -#enable-audio=1
   16.65 -
   16.66 +#   enable sound card support, [sb16|es1370|all|..,..], default none
   16.67 +#soundhw='sb16'
   16.68  
   16.69  #-----------------------------------------------------------------------------
   16.70  #    set the real time clock to local time [default=0 i.e. set to utc]
   16.71  #localtime=1
   16.72  
   16.73 -
   16.74  #-----------------------------------------------------------------------------
   16.75  #    start in full screen
   16.76  #full-screen=1   diff -r 42cab8724273 tools/libxc/xc_ia64_stubs.c
    17.1 --- a/tools/libxc/ia64/xc_ia64_hvm_build.c	Wed Aug 30 14:09:31 2006 -0500
    17.2 +++ b/tools/libxc/ia64/xc_ia64_hvm_build.c	Wed Aug 30 22:36:18 2006 +0100
    17.3 @@ -553,7 +553,6 @@ setup_guest(int xc_handle, uint32_t dom,
    17.4  {
    17.5      unsigned long page_array[2];
    17.6      shared_iopage_t *sp;
    17.7 -    int i;
    17.8      unsigned long dom_memsize = (memsize << 20);
    17.9      DECLARE_DOMCTL;
   17.10  
   17.11 @@ -604,18 +603,6 @@ setup_guest(int xc_handle, uint32_t dom,
   17.12          goto error_out;
   17.13  
   17.14      memset(sp, 0, PAGE_SIZE);
   17.15 -
   17.16 -    for (i = 0; i < vcpus; i++) {
   17.17 -        uint32_t vp_eport;
   17.18 -
   17.19 -        vp_eport = xc_evtchn_alloc_unbound(xc_handle, dom, 0);
   17.20 -        if (vp_eport < 0) {
   17.21 -            DPRINTF("Couldn't get unbound port from VMX guest.\n");
   17.22 -            goto error_out;
   17.23 -        }
   17.24 -        sp->vcpu_iodata[i].vp_eport = vp_eport;
   17.25 -    }
   17.26 -
   17.27      munmap(sp, PAGE_SIZE);
   17.28  
   17.29      return 0;
    18.1 --- a/tools/libxc/ia64/xc_ia64_linux_save.c	Wed Aug 30 14:09:31 2006 -0500
    18.2 +++ b/tools/libxc/ia64/xc_ia64_linux_save.c	Wed Aug 30 22:36:18 2006 +0100
    18.3 @@ -79,7 +79,7 @@ static int xc_ia64_shadow_control(int xc
    18.4      }
    18.5  
    18.6      return xc_shadow_control(xc_handle, domid, sop,
    18.7 -                             dirty_bitmap, pages, stats);
    18.8 +                             dirty_bitmap, pages, NULL, 0, stats);
    18.9  }
   18.10  
   18.11  static inline ssize_t
    19.1 --- a/tools/libxc/ia64/xc_ia64_stubs.c	Wed Aug 30 14:09:31 2006 -0500
    19.2 +++ b/tools/libxc/ia64/xc_ia64_stubs.c	Wed Aug 30 22:36:18 2006 +0100
    19.3 @@ -36,7 +36,6 @@ xc_ia64_get_pfn_list(int xc_handle, uint
    19.4      struct xen_domctl domctl;
    19.5      int num_pfns,ret;
    19.6      unsigned int __start_page, __nr_pages;
    19.7 -    unsigned long max_pfns;
    19.8      xen_pfn_t *__pfn_buf;
    19.9  
   19.10      __start_page = start_page;
   19.11 @@ -44,27 +43,22 @@ xc_ia64_get_pfn_list(int xc_handle, uint
   19.12      __pfn_buf = pfn_buf;
   19.13    
   19.14      while (__nr_pages) {
   19.15 -        max_pfns = ((unsigned long)__start_page << 32) | __nr_pages;
   19.16          domctl.cmd = XEN_DOMCTL_getmemlist;
   19.17 -        domctl.domain   = (domid_t)domid;
   19.18 -        domctl.u.getmemlist.max_pfns = max_pfns;
   19.19 +        domctl.domain = (domid_t)domid;
   19.20 +        domctl.u.getmemlist.max_pfns = __nr_pages;
   19.21 +        domctl.u.getmemlist.start_pfn =__start_page;
   19.22          domctl.u.getmemlist.num_pfns = 0;
   19.23          set_xen_guest_handle(domctl.u.getmemlist.buffer, __pfn_buf);
   19.24  
   19.25 -        if ((max_pfns != -1UL)
   19.26 -            && mlock(__pfn_buf, __nr_pages * sizeof(xen_pfn_t)) != 0) {
   19.27 +        if (mlock(__pfn_buf, __nr_pages * sizeof(xen_pfn_t)) != 0) {
   19.28              PERROR("Could not lock pfn list buffer");
   19.29              return -1;
   19.30          }
   19.31  
   19.32          ret = do_domctl(xc_handle, &domctl);
   19.33  
   19.34 -        if (max_pfns != -1UL)
   19.35 -            (void)munlock(__pfn_buf, __nr_pages * sizeof(xen_pfn_t));
   19.36 +        (void)munlock(__pfn_buf, __nr_pages * sizeof(xen_pfn_t));
   19.37  
   19.38 -        if (max_pfns == -1UL)
   19.39 -            return 0;
   19.40 -        
   19.41          num_pfns = domctl.u.getmemlist.num_pfns;
   19.42          __start_page += num_pfns;
   19.43          __nr_pages -= num_pfns;
    20.1 --- a/xen/arch/ia64/asm-offsets.c	Wed Aug 30 14:09:31 2006 -0500
    20.2 +++ b/xen/arch/ia64/asm-offsets.c	Wed Aug 30 22:36:18 2006 +0100
    20.3 @@ -31,7 +31,6 @@ void foo(void)
    20.4  	DEFINE(IA64_SWITCH_STACK_SIZE, sizeof (struct switch_stack));
    20.5  	DEFINE(IA64_CPU_SIZE, sizeof (struct cpuinfo_ia64));
    20.6  	DEFINE(UNW_FRAME_INFO_SIZE, sizeof (struct unw_frame_info));
    20.7 -	DEFINE(SHARED_INFO_SIZE, sizeof (struct shared_info));
    20.8  	DEFINE(MAPPED_REGS_T_SIZE, sizeof (mapped_regs_t));
    20.9  
   20.10  	BLANK();
    21.1 --- a/xen/arch/ia64/linux-xen/efi.c	Wed Aug 30 14:09:31 2006 -0500
    21.2 +++ b/xen/arch/ia64/linux-xen/efi.c	Wed Aug 30 22:36:18 2006 +0100
    21.3 @@ -292,28 +292,6 @@ efi_memmap_walk_uc (efi_freemem_callback
    21.4  	walk(callback, arg, EFI_MEMORY_UC);
    21.5  }
    21.6  
    21.7 -#ifdef XEN
    21.8 -void
    21.9 -efi_memmap_walk_type(u32 type, efi_walk_type_callback_t callback, void *arg)
   21.10 -{
   21.11 -	void *efi_map_start, *efi_map_end, *p;
   21.12 -	efi_memory_desc_t *md;
   21.13 -	u64 efi_desc_size;
   21.14 -
   21.15 -	efi_map_start = __va(ia64_boot_param->efi_memmap);
   21.16 -	efi_map_end = efi_map_start + ia64_boot_param->efi_memmap_size;
   21.17 -	efi_desc_size = ia64_boot_param->efi_memdesc_size;
   21.18 -
   21.19 -	for (p = efi_map_start; p < efi_map_end; p += efi_desc_size) {
   21.20 -		md = p;
   21.21 -		if (md->type == type) {
   21.22 -			if ((*callback)(md, arg) < 0)
   21.23 -				return;
   21.24 -		}
   21.25 -	}
   21.26 -}
   21.27 -#endif
   21.28 -
   21.29  /*
   21.30   * Look for the PAL_CODE region reported by EFI and maps it using an
   21.31   * ITR to enable safe PAL calls in virtual mode.  See IA-64 Processor
    22.1 --- a/xen/arch/ia64/linux-xen/iosapic.c	Wed Aug 30 14:09:31 2006 -0500
    22.2 +++ b/xen/arch/ia64/linux-xen/iosapic.c	Wed Aug 30 22:36:18 2006 +0100
    22.3 @@ -77,6 +77,8 @@
    22.4  #include <linux/list.h>
    22.5  #ifndef XEN
    22.6  #include <linux/pci.h>
    22.7 +#else
    22.8 +#include <xen/errno.h>
    22.9  #endif
   22.10  #include <linux/smp.h>
   22.11  #include <linux/smp_lock.h>
    23.1 --- a/xen/arch/ia64/linux-xen/irq_ia64.c	Wed Aug 30 14:09:31 2006 -0500
    23.2 +++ b/xen/arch/ia64/linux-xen/irq_ia64.c	Wed Aug 30 22:36:18 2006 +0100
    23.3 @@ -40,6 +40,10 @@
    23.4  #include <asm/pgtable.h>
    23.5  #include <asm/system.h>
    23.6  
    23.7 +#ifdef XEN
    23.8 +#include <xen/perfc.h>
    23.9 +#endif
   23.10 +
   23.11  #ifdef CONFIG_PERFMON
   23.12  # include <asm/perfmon.h>
   23.13  #endif
   23.14 @@ -108,6 +112,9 @@ ia64_handle_irq (ia64_vector vector, str
   23.15  {
   23.16  	unsigned long saved_tpr;
   23.17  
   23.18 +#ifdef XEN
   23.19 +	perfc_incrc(irqs);
   23.20 +#endif
   23.21  #if IRQ_DEBUG
   23.22  #ifdef XEN
   23.23  	xen_debug_irq(vector, regs);
   23.24 @@ -290,8 +297,5 @@ ia64_send_ipi (int cpu, int vector, int 
   23.25  	ipi_data = (delivery_mode << 8) | (vector & 0xff);
   23.26  	ipi_addr = ipi_base_addr + ((phys_cpu_id << 4) | ((redirect & 1) << 3));
   23.27  
   23.28 -#ifdef XEN
   23.29 -	//printf ("send_ipi to %d (%x)\n", cpu, phys_cpu_id);
   23.30 -#endif
   23.31  	writeq(ipi_data, ipi_addr);
   23.32  }
    24.1 --- a/xen/arch/ia64/linux-xen/mca.c	Wed Aug 30 14:09:31 2006 -0500
    24.2 +++ b/xen/arch/ia64/linux-xen/mca.c	Wed Aug 30 22:36:18 2006 +0100
    24.3 @@ -79,6 +79,7 @@
    24.4  
    24.5  #ifdef XEN
    24.6  #include <xen/symbols.h>
    24.7 +#include <xen/mm.h>
    24.8  #endif
    24.9  
   24.10  #if defined(IA64_MCA_DEBUG_INFO)
    25.1 --- a/xen/arch/ia64/linux-xen/process-linux-xen.c	Wed Aug 30 14:09:31 2006 -0500
    25.2 +++ b/xen/arch/ia64/linux-xen/process-linux-xen.c	Wed Aug 30 22:36:18 2006 +0100
    25.3 @@ -10,6 +10,7 @@
    25.4  #include <xen/lib.h>
    25.5  #include <xen/symbols.h>
    25.6  #include <xen/smp.h>
    25.7 +#include <xen/sched.h>
    25.8  #include <asm/uaccess.h>
    25.9  #include <asm/processor.h>
   25.10  #include <asm/ptrace.h>
   25.11 @@ -166,6 +167,7 @@ show_regs (struct pt_regs *regs)
   25.12  	printk("r26 : %016lx r27 : %016lx r28 : %016lx\n", regs->r26, regs->r27, regs->r28);
   25.13  	printk("r29 : %016lx r30 : %016lx r31 : %016lx\n", regs->r29, regs->r30, regs->r31);
   25.14  
   25.15 +#ifndef XEN
   25.16  	if (user_mode(regs)) {
   25.17  		/* print the stacked registers */
   25.18  		unsigned long val, *bsp, ndirty;
   25.19 @@ -180,6 +182,7 @@ show_regs (struct pt_regs *regs)
   25.20  			       ((i == sof - 1) || (i % 3) == 2) ? "\n" : " ");
   25.21  		}
   25.22  	} else
   25.23 +#endif
   25.24  		show_stack(NULL, NULL);
   25.25  }
   25.26  
   25.27 @@ -807,6 +810,7 @@ get_wchan (struct task_struct *p)
   25.28  	} while (count++ < 16);
   25.29  	return 0;
   25.30  }
   25.31 +#endif // !XEN
   25.32  
   25.33  void
   25.34  cpu_halt (void)
   25.35 @@ -831,6 +835,7 @@ cpu_halt (void)
   25.36  		ia64_pal_halt(min_power_state);
   25.37  }
   25.38  
   25.39 +#ifndef XEN
   25.40  void
   25.41  machine_restart (char *restart_cmd)
   25.42  {
    26.1 --- a/xen/arch/ia64/linux-xen/smp.c	Wed Aug 30 14:09:31 2006 -0500
    26.2 +++ b/xen/arch/ia64/linux-xen/smp.c	Wed Aug 30 22:36:18 2006 +0100
    26.3 @@ -48,6 +48,7 @@
    26.4  #include <asm/unistd.h>
    26.5  #include <asm/mca.h>
    26.6  #ifdef XEN
    26.7 +#include <xen/errno.h>
    26.8  #include <asm/vhpt.h>
    26.9  #include <asm/hw_irq.h>
   26.10  #endif
   26.11 @@ -146,6 +147,9 @@ handle_IPI (int irq, void *dev_id, struc
   26.12  	unsigned long *pending_ipis = &__ia64_per_cpu_var(ipi_operation);
   26.13  	unsigned long ops;
   26.14  
   26.15 +#ifdef XEN
   26.16 +	perfc_incrc(ipis);
   26.17 +#endif
   26.18  	mb();	/* Order interrupt and bit testing. */
   26.19  	while ((ops = xchg(pending_ipis, 0)) != 0) {
   26.20  		mb();	/* Order bit clearing and data access. */
    27.1 --- a/xen/arch/ia64/linux-xen/unwind.c	Wed Aug 30 14:09:31 2006 -0500
    27.2 +++ b/xen/arch/ia64/linux-xen/unwind.c	Wed Aug 30 22:36:18 2006 +0100
    27.3 @@ -33,6 +33,7 @@
    27.4  #include <xen/sched.h>
    27.5  #include <xen/xmalloc.h>
    27.6  #include <xen/spinlock.h>
    27.7 +#include <xen/errno.h>
    27.8  
    27.9  // work around
   27.10  #ifdef CONFIG_SMP
   27.11 @@ -2315,6 +2316,7 @@ unw_init (void)
   27.12  			  __start_unwind, __end_unwind);
   27.13  }
   27.14  
   27.15 +#ifndef XEN
   27.16  /*
   27.17   * DEPRECATED DEPRECATED DEPRECATED DEPRECATED DEPRECATED DEPRECATED DEPRECATED
   27.18   *
   27.19 @@ -2353,3 +2355,4 @@ sys_getunwind (void __user *buf, size_t 
   27.20  			return -EFAULT;
   27.21  	return unw.gate_table_size;
   27.22  }
   27.23 +#endif
    28.1 --- a/xen/arch/ia64/vmx/Makefile	Wed Aug 30 14:09:31 2006 -0500
    28.2 +++ b/xen/arch/ia64/vmx/Makefile	Wed Aug 30 22:36:18 2006 +0100
    28.3 @@ -1,5 +1,5 @@
    28.4  obj-y += hvm_vioapic.o
    28.5 -obj-y += mm.o
    28.6 +#obj-y += mm.o
    28.7  obj-y += mmio.o
    28.8  obj-y += pal_emul.o
    28.9  obj-y += vlsapic.o
    29.1 --- a/xen/arch/ia64/vmx/mmio.c	Wed Aug 30 14:09:31 2006 -0500
    29.2 +++ b/xen/arch/ia64/vmx/mmio.c	Wed Aug 30 22:36:18 2006 +0100
    29.3 @@ -22,6 +22,7 @@
    29.4   */
    29.5  
    29.6  #include <linux/sched.h>
    29.7 +#include <xen/mm.h>
    29.8  #include <asm/tlb.h>
    29.9  #include <asm/vmx_mm_def.h>
   29.10  #include <asm/gcc_intrin.h>
   29.11 @@ -30,7 +31,6 @@
   29.12  #include <asm/bundle.h>
   29.13  #include <asm/types.h>
   29.14  #include <public/hvm/ioreq.h>
   29.15 -#include <asm/mm.h>
   29.16  #include <asm/vmx.h>
   29.17  #include <public/event_channel.h>
   29.18  #include <public/xen.h>
   29.19 @@ -155,10 +155,9 @@ static void low_mmio_access(VCPU *vcpu, 
   29.20      p->type = 1;
   29.21      p->df = 0;
   29.22  
   29.23 -    set_bit(ARCH_VMX_IO_WAIT, &v->arch.arch_vmx.flags);
   29.24 -    p->state = STATE_IOREQ_READY;
   29.25 -    evtchn_send(iopacket_port(v));
   29.26 -    vmx_wait_io();
   29.27 +    p->io_count++;
   29.28 +
   29.29 +    vmx_send_assist_req(v);
   29.30      if(dir==IOREQ_READ){ //read
   29.31          *val=p->u.data;
   29.32      }
   29.33 @@ -187,11 +186,9 @@ static void legacy_io_access(VCPU *vcpu,
   29.34      p->type = 0;
   29.35      p->df = 0;
   29.36  
   29.37 -    set_bit(ARCH_VMX_IO_WAIT, &v->arch.arch_vmx.flags);
   29.38 -    p->state = STATE_IOREQ_READY;
   29.39 -    evtchn_send(iopacket_port(v));
   29.40 +    p->io_count++;
   29.41  
   29.42 -    vmx_wait_io();
   29.43 +    vmx_send_assist_req(v);
   29.44      if(dir==IOREQ_READ){ //read
   29.45          *val=p->u.data;
   29.46      }
    30.1 --- a/xen/arch/ia64/vmx/vmmu.c	Wed Aug 30 14:09:31 2006 -0500
    30.2 +++ b/xen/arch/ia64/vmx/vmmu.c	Wed Aug 30 22:36:18 2006 +0100
    30.3 @@ -33,6 +33,7 @@
    30.4  #include <asm/kregs.h>
    30.5  #include <asm/vcpu.h>
    30.6  #include <xen/irq.h>
    30.7 +#include <xen/errno.h>
    30.8  
    30.9  /*
   30.10   * Get the machine page frame number in 16KB unit
    31.1 --- a/xen/arch/ia64/vmx/vmx_hypercall.c	Wed Aug 30 14:09:31 2006 -0500
    31.2 +++ b/xen/arch/ia64/vmx/vmx_hypercall.c	Wed Aug 30 22:36:18 2006 +0100
    31.3 @@ -59,21 +59,23 @@ do_hvm_op(unsigned long op, XEN_GUEST_HA
    31.4          }
    31.5          else if (IS_PRIV(current->domain)) {
    31.6              d = find_domain_by_id(a.domid);
    31.7 -            if (!d)
    31.8 +            if (d == NULL)
    31.9                  return -ESRCH;
   31.10          }
   31.11          else
   31.12              return -EPERM;
   31.13  
   31.14          if (op == HVMOP_set_param) {
   31.15 +            d->arch.hvm_domain.params[a.index] = a.value;
   31.16              rc = 0;
   31.17 -            d->arch.hvm_domain.params[a.index] = a.value;
   31.18          }
   31.19 -        else
   31.20 -            rc = d->arch.hvm_domain.params[a.index];
   31.21 +        else {
   31.22 +            a.value = d->arch.hvm_domain.params[a.index];
   31.23 +            rc = copy_to_guest(arg, &a, 1) ? -EFAULT : 0;
   31.24 +        }
   31.25  
   31.26          put_domain(d);
   31.27 -        return rc;
   31.28 +        break;
   31.29      }
   31.30  
   31.31      default:
    32.1 --- a/xen/arch/ia64/vmx/vmx_init.c	Wed Aug 30 14:09:31 2006 -0500
    32.2 +++ b/xen/arch/ia64/vmx/vmx_init.c	Wed Aug 30 22:36:18 2006 +0100
    32.3 @@ -206,7 +206,7 @@ vmx_create_vp(struct vcpu *v)
    32.4  	u64 ret;
    32.5  	vpd_t *vpd = (vpd_t *)v->arch.privregs;
    32.6  	u64 ivt_base;
    32.7 -    extern char vmx_ia64_ivt;
    32.8 +	extern char vmx_ia64_ivt;
    32.9  	/* ia64_ivt is function pointer, so need this tranlation */
   32.10  	ivt_base = (u64) &vmx_ia64_ivt;
   32.11  	printk("ivt_base: 0x%lx\n", ivt_base);
   32.12 @@ -265,6 +265,29 @@ vmx_load_state(struct vcpu *v)
   32.13  	 * anchored in vcpu */
   32.14  }
   32.15  
   32.16 +static void vmx_create_event_channels(struct vcpu *v)
   32.17 +{
   32.18 +	vcpu_iodata_t *p;
   32.19 +	struct vcpu *o;
   32.20 +
   32.21 +	if (v->vcpu_id == 0) {
   32.22 +		/* Ugly: create event channels for every vcpu when vcpu 0
   32.23 +		   starts, so that they're available for ioemu to bind to. */
   32.24 +		for_each_vcpu(v->domain, o) {
   32.25 +			p = get_vio(v->domain, o->vcpu_id);
   32.26 +			o->arch.arch_vmx.xen_port = p->vp_eport =
   32.27 +			                alloc_unbound_xen_event_channel(o, 0);
   32.28 +			DPRINTK("Allocated port %d for hvm.\n",
   32.29 +			        o->arch.arch_vmx.xen_port);
   32.30 +		}
   32.31 +	}
   32.32 +}
   32.33 +
   32.34 +static void vmx_release_assist_channel(struct vcpu *v)
   32.35 +{
   32.36 +	free_xen_event_channel(v, v->arch.arch_vmx.xen_port);
   32.37 +}
   32.38 +
   32.39  /*
   32.40   * Initialize VMX envirenment for guest. Only the 1st vp/vcpu
   32.41   * is registered here.
   32.42 @@ -286,6 +309,8 @@ vmx_final_setup_guest(struct vcpu *v)
   32.43  #ifndef HASH_VHPT     
   32.44          init_domain_tlb(v);
   32.45  #endif
   32.46 +	vmx_create_event_channels(v);
   32.47 +
   32.48  	/* v->arch.schedule_tail = arch_vmx_do_launch; */
   32.49  	vmx_create_vp(v);
   32.50  
   32.51 @@ -304,6 +329,15 @@ vmx_final_setup_guest(struct vcpu *v)
   32.52  }
   32.53  
   32.54  void
   32.55 +vmx_relinquish_guest_resources(struct domain *d)
   32.56 +{
   32.57 +	struct vcpu *v;
   32.58 +
   32.59 +	for_each_vcpu(d, v)
   32.60 +		vmx_release_assist_channel(v);
   32.61 +}
   32.62 +
   32.63 +void
   32.64  vmx_relinquish_vcpu_resources(struct vcpu *v)
   32.65  {
   32.66  	vtime_t *vtm = &(v->arch.arch_vmx.vtm);
   32.67 @@ -411,6 +445,9 @@ void vmx_setup_platform(struct domain *d
   32.68  	memset(&d->shared_info->evtchn_mask[0], 0xff,
   32.69  	    sizeof(d->shared_info->evtchn_mask));
   32.70  
   32.71 +	/* initiate spinlock for pass virq */
   32.72 +	spin_lock_init(&d->arch.arch_vmx.virq_assist_lock);
   32.73 +
   32.74  	/* Initialize the virtual interrupt lines */
   32.75  	vmx_virq_line_init(d);
   32.76  
   32.77 @@ -420,13 +457,5 @@ void vmx_setup_platform(struct domain *d
   32.78  
   32.79  void vmx_do_launch(struct vcpu *v)
   32.80  {
   32.81 -	if (evtchn_bind_vcpu(iopacket_port(v), v->vcpu_id) < 0) {
   32.82 -	    printk("VMX domain bind port %d to vcpu %d failed!\n",
   32.83 -		iopacket_port(v), v->vcpu_id);
   32.84 -	    domain_crash_synchronous();
   32.85 -	}
   32.86 -
   32.87 -	clear_bit(iopacket_port(v), &v->domain->shared_info->evtchn_mask[0]);
   32.88 -
   32.89  	vmx_load_all_rr(v);
   32.90  }
    33.1 --- a/xen/arch/ia64/vmx/vmx_phy_mode.c	Wed Aug 30 14:09:31 2006 -0500
    33.2 +++ b/xen/arch/ia64/vmx/vmx_phy_mode.c	Wed Aug 30 22:36:18 2006 +0100
    33.3 @@ -195,7 +195,8 @@ vmx_load_all_rr(VCPU *vcpu)
    33.4  			(void *)vcpu->domain->shared_info,
    33.5  			(void *)vcpu->arch.privregs,
    33.6  			(void *)vcpu->arch.vhpt.hash, pal_vaddr );
    33.7 -	ia64_set_pta(vcpu->arch.arch_vmx.mpta);
    33.8 +	ia64_set_pta(VMX(vcpu, mpta));
    33.9 +	ia64_set_dcr(VMX(vcpu, mdcr));
   33.10  
   33.11  	ia64_srlz_d();
   33.12  	ia64_set_psr(psr);
    34.1 --- a/xen/arch/ia64/vmx/vmx_process.c	Wed Aug 30 14:09:31 2006 -0500
    34.2 +++ b/xen/arch/ia64/vmx/vmx_process.c	Wed Aug 30 22:36:18 2006 +0100
    34.3 @@ -186,6 +186,7 @@ void leave_hypervisor_tail(struct pt_reg
    34.4  {
    34.5      struct domain *d = current->domain;
    34.6      struct vcpu *v = current;
    34.7 +    int callback_irq;
    34.8      // FIXME: Will this work properly if doing an RFI???
    34.9      if (!is_idle_domain(d) ) {	// always comes from guest
   34.10  //        struct pt_regs *user_regs = vcpu_regs(current);
   34.11 @@ -213,6 +214,13 @@ void leave_hypervisor_tail(struct pt_reg
   34.12  //           v->arch.irq_new_pending = 1;
   34.13  //       }
   34.14  
   34.15 +        callback_irq = d->arch.hvm_domain.params[HVM_PARAM_CALLBACK_IRQ];
   34.16 +        if (callback_irq != 0 && local_events_need_delivery()) {
   34.17 +            /*inject para-device call back irq*/
   34.18 +            v->vcpu_info->evtchn_upcall_mask = 1;
   34.19 +            vmx_vcpu_pend_interrupt(v, callback_irq);
   34.20 +        }
   34.21 +
   34.22          if ( v->arch.irq_new_pending ) {
   34.23              v->arch.irq_new_pending = 0;
   34.24              v->arch.irq_new_condition = 0;
    35.1 --- a/xen/arch/ia64/vmx/vmx_support.c	Wed Aug 30 14:09:31 2006 -0500
    35.2 +++ b/xen/arch/ia64/vmx/vmx_support.c	Wed Aug 30 22:36:18 2006 +0100
    35.3 @@ -1,4 +1,3 @@
    35.4 -
    35.5  /* -*-  Mode:C; c-basic-offset:4; tab-width:4; indent-tabs-mode:nil -*- */
    35.6  /*
    35.7   * vmx_support.c: vmx specific support interface.
    35.8 @@ -22,47 +21,13 @@
    35.9  #include <xen/config.h>
   35.10  #include <xen/sched.h>
   35.11  #include <xen/hypercall.h>
   35.12 +#include <xen/event.h>
   35.13  #include <public/sched.h>
   35.14  #include <public/hvm/ioreq.h>
   35.15  #include <asm/vmx.h>
   35.16  #include <asm/vmx_vcpu.h>
   35.17  
   35.18  /*
   35.19 - * I/O emulation should be atomic from domain point of view. However,
   35.20 - * when emulation code is waiting for I/O completion by blocking,
   35.21 - * other events like DM interrupt, VBD, etc. may come and unblock
   35.22 - * current exection flow. So we have to prepare for re-block if unblocked
   35.23 - * by non I/O completion event. After io emulation is done, re-enable
   35.24 - * pending indicaion if other ports are pending
   35.25 - */
   35.26 -void vmx_wait_io(void)
   35.27 -{
   35.28 -    struct vcpu *v = current;
   35.29 -    struct domain *d = v->domain;
   35.30 -    int port = iopacket_port(v);
   35.31 -
   35.32 -    for (;;) {
   35.33 -        if (test_and_clear_bit(0, &v->vcpu_info->evtchn_upcall_pending) &&
   35.34 -            test_and_clear_bit(port / BITS_PER_LONG,
   35.35 -                                     &v->vcpu_info->evtchn_pending_sel) &&
   35.36 -            test_and_clear_bit(port, &d->shared_info->evtchn_pending[0]))
   35.37 -            vmx_io_assist(v);
   35.38 -
   35.39 -        if (!test_bit(ARCH_VMX_IO_WAIT, &v->arch.arch_vmx.flags))
   35.40 -            break;
   35.41 -
   35.42 -        do_sched_op_compat(SCHEDOP_block, 0);
   35.43 -    }
   35.44 -
   35.45 -    /* re-enable indication if other pending events */
   35.46 -    if (d->shared_info->evtchn_pending[port / BITS_PER_LONG])
   35.47 -        set_bit(port / BITS_PER_LONG, &v->vcpu_info->evtchn_pending_sel);
   35.48 -
   35.49 -    if (v->vcpu_info->evtchn_pending_sel)
   35.50 -        set_bit(0, &v->vcpu_info->evtchn_upcall_pending);
   35.51 -}
   35.52 -
   35.53 -/*
   35.54   * Only place to call vmx_io_assist is mmio/legacy_io emulation.
   35.55   * Since I/O emulation is synchronous, it shouldn't be called in
   35.56   * other places. This is not like x86, since IA-64 implements a
   35.57 @@ -83,17 +48,15 @@ void vmx_io_assist(struct vcpu *v)
   35.58  
   35.59      p = &vio->vp_ioreq;
   35.60  
   35.61 -    if (test_bit(ARCH_VMX_IO_WAIT, &v->arch.arch_vmx.flags)) {
   35.62 -	if (p->state != STATE_IORESP_READY) {
   35.63 -	    /* Can't block here, for the same reason as other places to
   35.64 -	     * use vmx_wait_io. Simple return is safe since vmx_wait_io will
   35.65 -	     * try to block again
   35.66 -	     */
   35.67 -	    return; 
   35.68 -	} else
   35.69 -	    p->state = STATE_INVALID;
   35.70 -
   35.71 -	clear_bit(ARCH_VMX_IO_WAIT, &v->arch.arch_vmx.flags);
   35.72 +    if (p->state == STATE_IORESP_READY) {
   35.73 +        p->state = STATE_INVALID;
   35.74 +    }
   35.75 +    else {
   35.76 +        /* Can't block here, for the same reason as other places to
   35.77 +         * use vmx_wait_io. Simple return is safe since vmx_wait_io will
   35.78 +         * try to block again
   35.79 +         */
   35.80 +        return;
   35.81      }
   35.82  }
   35.83  
   35.84 @@ -108,35 +71,62 @@ void vmx_io_assist(struct vcpu *v)
   35.85   */
   35.86  void vmx_intr_assist(struct vcpu *v)
   35.87  {
   35.88 -    vcpu_iodata_t *vio;
   35.89 -    struct domain *d = v->domain;
   35.90 -    extern void vmx_vcpu_pend_batch_interrupt(VCPU *vcpu,
   35.91 -					unsigned long *pend_irr);
   35.92 -    int port = iopacket_port(v);
   35.93 -
   35.94 -    if (test_bit(port, &d->shared_info->evtchn_pending[0]) ||
   35.95 -	test_bit(ARCH_VMX_IO_WAIT, &v->arch.arch_vmx.flags))
   35.96 -	vmx_wait_io();
   35.97 -
   35.98 -    /* I/O emulation is atomic, so it's impossible to see execution flow
   35.99 -     * out of vmx_wait_io, when guest is still waiting for response.
  35.100 -     */
  35.101 -    if (test_bit(ARCH_VMX_IO_WAIT, &v->arch.arch_vmx.flags))
  35.102 -	panic_domain(vcpu_regs(v),"!!!Bad resume to guest before I/O emulation is done.\n");
  35.103 -
  35.104 -    /* Even without event pending, we still need to sync pending bits
  35.105 -     * between DM and vlsapic. The reason is that interrupt delivery
  35.106 -     * shares same event channel as I/O emulation, with corresponding
  35.107 -     * indicator possibly cleared when vmx_wait_io().
  35.108 -     */
  35.109 -    vio = get_vio(v->domain, v->vcpu_id);
  35.110 -    if (!vio)
  35.111 -	panic_domain(vcpu_regs(v),"Corruption: bad shared page: %lx\n", (unsigned long)vio);
  35.112 -
  35.113  #ifdef V_IOSAPIC_READY
  35.114      /* Confirm virtual interrupt line signals, and set pending bits in vpd */
  35.115 -    if(v->vcpu_id==0)
  35.116 +    if (spin_trylock(&v->domain->arch.arch_vmx.virq_assist_lock)) {
  35.117          vmx_virq_line_assist(v);
  35.118 +        spin_unlock(&v->domain->arch.arch_vmx.virq_assist_lock);
  35.119 +    }
  35.120  #endif
  35.121      return;
  35.122  }
  35.123 +
  35.124 +void vmx_send_assist_req(struct vcpu *v)
  35.125 +{
  35.126 +    ioreq_t *p;
  35.127 +
  35.128 +    p = &get_vio(v->domain, v->vcpu_id)->vp_ioreq;
  35.129 +    if (unlikely(p->state != STATE_INVALID)) {
  35.130 +        /* This indicates a bug in the device model.  Crash the
  35.131 +           domain. */
  35.132 +        printk("Device model set bad IO state %d.\n", p->state);
  35.133 +        domain_crash(v->domain);
  35.134 +        return;
  35.135 +    }
  35.136 +    wmb();
  35.137 +    p->state = STATE_IOREQ_READY;
  35.138 +    notify_via_xen_event_channel(v->arch.arch_vmx.xen_port);
  35.139 +
  35.140 +    /*
  35.141 +     * Waiting for MMIO completion
  35.142 +     *   like the wait_on_xen_event_channel() macro like...
  35.143 +     *   but, we can't call do_softirq() at this point..
  35.144 +     */
  35.145 +    for (;;) {
  35.146 +        if (p->state != STATE_IOREQ_READY &&
  35.147 +            p->state != STATE_IOREQ_INPROCESS)
  35.148 +            break;
  35.149 +
  35.150 +        set_bit(_VCPUF_blocked_in_xen, &current->vcpu_flags);
  35.151 +        mb(); /* set blocked status /then/ re-evaluate condition */
  35.152 +        if (p->state != STATE_IOREQ_READY &&
  35.153 +            p->state != STATE_IOREQ_INPROCESS)
  35.154 +        {
  35.155 +            clear_bit(_VCPUF_blocked_in_xen, &current->vcpu_flags);
  35.156 +            break;
  35.157 +        }
  35.158 +
  35.159 +        /* I want to call __enter_scheduler() only */
  35.160 +        do_sched_op_compat(SCHEDOP_yield, 0);
  35.161 +        mb();
  35.162 +    }
  35.163 +
  35.164 +    /* the code under this line is completer phase... */
  35.165 +    vmx_io_assist(v);
  35.166 +}
  35.167 +
  35.168 +/* Wake up a vcpu whihc is waiting for interrupts to come in */
  35.169 +void vmx_prod_vcpu(struct vcpu *v)
  35.170 +{
  35.171 +    vcpu_unblock(v);
  35.172 +}
    36.1 --- a/xen/arch/ia64/vmx/vtlb.c	Wed Aug 30 14:09:31 2006 -0500
    36.2 +++ b/xen/arch/ia64/vmx/vtlb.c	Wed Aug 30 22:36:18 2006 +0100
    36.3 @@ -23,7 +23,7 @@
    36.4  
    36.5  #include <linux/sched.h>
    36.6  #include <asm/tlb.h>
    36.7 -#include <asm/mm.h>
    36.8 +#include <xen/mm.h>
    36.9  #include <asm/vmx_mm_def.h>
   36.10  #include <asm/gcc_intrin.h>
   36.11  #include <linux/interrupt.h>
   36.12 @@ -148,13 +148,17 @@ static void vmx_vhpt_insert(thash_cb_t *
   36.13      rr.rrval = ia64_get_rr(ifa);
   36.14      head = (thash_data_t *)ia64_thash(ifa);
   36.15      tag = ia64_ttag(ifa);
   36.16 -    if( INVALID_VHPT(head) ) {
   36.17 -        len = head->len;
   36.18 -        head->page_flags = pte;
   36.19 -        head->len = len;
   36.20 -        head->itir = rr.ps << 2;
   36.21 -        head->etag = tag;
   36.22 -        return;
   36.23 +    cch = head;
   36.24 +    while (cch) {    
   36.25 +        if (INVALID_VHPT(cch)) {
   36.26 +            len = cch->len;
   36.27 +            cch->page_flags = pte;
   36.28 +            cch->len = len;
   36.29 +            cch->itir = rr.ps << 2;
   36.30 +            cch->etag = tag;
   36.31 +            return;
   36.32 +        }
   36.33 +        cch = cch->next;
   36.34      }
   36.35  
   36.36      if(head->len>=MAX_CCN_DEPTH){
   36.37 @@ -214,12 +218,22 @@ u64 guest_vhpt_lookup(u64 iha, u64 *pte)
   36.38  {
   36.39      u64 ret;
   36.40      thash_data_t * data;
   36.41 +    PTA vpta;
   36.42 +
   36.43      data = vhpt_lookup(iha);
   36.44      if (data == NULL) {
   36.45          data = vtlb_lookup(current, iha, DSIDE_TLB);
   36.46          if (data != NULL)
   36.47              thash_vhpt_insert(current, data->page_flags, data->itir ,iha);
   36.48      }
   36.49 +
   36.50 +    /* VHPT long format is not read.  */
   36.51 +    vmx_vcpu_get_pta(current, &vpta.val);
   36.52 +    if (vpta.vf == 1) {
   36.53 +        *pte = 0;
   36.54 +        return 0;
   36.55 +    }
   36.56 +
   36.57      asm volatile ("rsm psr.ic|psr.i;;"
   36.58                    "srlz.d;;"
   36.59                    "ld8.s r9=[%1];;"
   36.60 @@ -231,11 +245,10 @@ u64 guest_vhpt_lookup(u64 iha, u64 *pte)
   36.61                    "ssm psr.ic;;"
   36.62                    "srlz.d;;"
   36.63                    "ssm psr.i;;"
   36.64 -             : "=r"(ret) : "r"(iha), "r"(pte):"memory");
   36.65 +                  : "=r"(ret) : "r"(iha), "r"(pte):"memory");
   36.66      return ret;
   36.67  }
   36.68  
   36.69 -
   36.70  /*
   36.71   *  purge software guest tlb
   36.72   */
   36.73 @@ -243,28 +256,29 @@ u64 guest_vhpt_lookup(u64 iha, u64 *pte)
   36.74  void vtlb_purge(VCPU *v, u64 va, u64 ps)
   36.75  {
   36.76      thash_data_t *cur;
   36.77 -    u64 start, end, curadr, size, psbits, tag, def_size;
   36.78 +    u64 start, curadr, size, psbits, tag, rr_ps, num;
   36.79      ia64_rr vrr;
   36.80      thash_cb_t *hcb = &v->arch.vtlb;
   36.81 +
   36.82      vcpu_get_rr(v, va, &vrr.rrval);
   36.83      psbits = VMX(v, psbits[(va >> 61)]);
   36.84 -    size = PSIZE(ps);
   36.85 -    start = va & (-size);
   36.86 -    end = start + size;
   36.87 +    start = va & ~((1UL << ps) - 1);
   36.88      while (psbits) {
   36.89          curadr = start;
   36.90 -        ps = __ffs(psbits);
   36.91 -        psbits &= ~(1UL << ps);
   36.92 -        def_size = PSIZE(ps);
   36.93 -        vrr.ps = ps;
   36.94 -        while (curadr < end) {
   36.95 +        rr_ps = __ffs(psbits);
   36.96 +        psbits &= ~(1UL << rr_ps);
   36.97 +        num = 1UL << ((ps < rr_ps) ? 0 : (ps - rr_ps));
   36.98 +        size = PSIZE(rr_ps);
   36.99 +        vrr.ps = rr_ps;
  36.100 +        while (num) {
  36.101              cur = vsa_thash(hcb->pta, curadr, vrr.rrval, &tag);
  36.102              while (cur) {
  36.103 -                if (cur->etag == tag && cur->ps == ps)
  36.104 +                if (cur->etag == tag && cur->ps == rr_ps)
  36.105                      cur->etag = 1UL << 63;
  36.106                  cur = cur->next;
  36.107              }
  36.108 -            curadr += def_size;
  36.109 +            curadr += size;
  36.110 +            num--;
  36.111          }
  36.112      }
  36.113  }
  36.114 @@ -277,14 +291,14 @@ static void vhpt_purge(VCPU *v, u64 va, 
  36.115  {
  36.116      //thash_cb_t *hcb = &v->arch.vhpt;
  36.117      thash_data_t *cur;
  36.118 -    u64 start, end, size, tag;
  36.119 +    u64 start, size, tag, num;
  36.120      ia64_rr rr;
  36.121 -    size = PSIZE(ps);
  36.122 -    start = va & (-size);
  36.123 -    end = start + size;
  36.124 -    rr.rrval = ia64_get_rr(va);
  36.125 -    size = PSIZE(rr.ps);    
  36.126 -    while(start < end){
  36.127 +    
  36.128 +    start = va & ~((1UL << ps) - 1);
  36.129 +    rr.rrval = ia64_get_rr(va);  
  36.130 +    size = PSIZE(rr.ps);
  36.131 +    num = 1UL << ((ps < rr.ps) ? 0 : (ps - rr.ps));
  36.132 +    while (num) {
  36.133          cur = (thash_data_t *)ia64_thash(start);
  36.134          tag = ia64_ttag(start);
  36.135          while (cur) {
  36.136 @@ -293,6 +307,7 @@ static void vhpt_purge(VCPU *v, u64 va, 
  36.137              cur = cur->next;
  36.138          }
  36.139          start += size;
  36.140 +        num--;
  36.141      }
  36.142      machine_tlb_purge(va, ps);
  36.143  }
  36.144 @@ -347,24 +362,20 @@ void vtlb_insert(VCPU *v, u64 pte, u64 i
  36.145      u64 tag, len;
  36.146      thash_cb_t *hcb = &v->arch.vtlb;
  36.147      vcpu_get_rr(v, va, &vrr.rrval);
  36.148 -#ifdef VTLB_DEBUG    
  36.149 -    if (vrr.ps != itir_ps(itir)) {
  36.150 -//        machine_tlb_insert(hcb->vcpu, entry);
  36.151 -        panic_domain(NULL, "not preferred ps with va: 0x%lx vrr.ps=%d ps=%ld\n",
  36.152 -             va, vrr.ps, itir_ps(itir));
  36.153 -        return;
  36.154 -    }
  36.155 -#endif
  36.156      vrr.ps = itir_ps(itir);
  36.157      VMX(v, psbits[va >> 61]) |= (1UL << vrr.ps);
  36.158      hash_table = vsa_thash(hcb->pta, va, vrr.rrval, &tag);
  36.159 -    if( INVALID_TLB(hash_table) ) {
  36.160 -        len = hash_table->len;
  36.161 -        hash_table->page_flags = pte;
  36.162 -        hash_table->len = len;
  36.163 -        hash_table->itir=itir;
  36.164 -        hash_table->etag=tag;
  36.165 -        return;
  36.166 +    cch = hash_table;
  36.167 +    while (cch) {
  36.168 +        if (INVALID_TLB(cch)) {
  36.169 +            len = cch->len;
  36.170 +            cch->page_flags = pte;
  36.171 +            cch->len = len;
  36.172 +            cch->itir=itir;
  36.173 +            cch->etag=tag;
  36.174 +            return;
  36.175 +        }
  36.176 +        cch = cch->next;
  36.177      }
  36.178      if (hash_table->len>=MAX_CCN_DEPTH){
  36.179          thash_recycle_cch(hcb, hash_table);
  36.180 @@ -458,10 +469,6 @@ void thash_purge_and_insert(VCPU *v, u64
  36.181      ps = itir_ps(itir);
  36.182      vcpu_get_rr(current, ifa, &vrr.rrval);
  36.183      mrr.rrval = ia64_get_rr(ifa);
  36.184 -//    if (vrr.ps != itir_ps(itir)) {
  36.185 -//        printf("not preferred ps with va: 0x%lx vrr.ps=%d ps=%ld\n",
  36.186 -//               ifa, vrr.ps, itir_ps(itir));
  36.187 -//    }
  36.188      if(VMX_DOMAIN(v)){
  36.189          /* Ensure WB attribute if pte is related to a normal mem page,
  36.190           * which is required by vga acceleration since qemu maps shared
    37.1 --- a/xen/arch/ia64/xen/acpi.c	Wed Aug 30 14:09:31 2006 -0500
    37.2 +++ b/xen/arch/ia64/xen/acpi.c	Wed Aug 30 22:36:18 2006 +0100
    37.3 @@ -51,6 +51,9 @@
    37.4  #include <asm/numa.h>
    37.5  #include <asm/sal.h>
    37.6  #include <asm/hw_irq.h>
    37.7 +#ifdef XEN
    37.8 +#include <xen/errno.h>
    37.9 +#endif
   37.10  
   37.11  #define BAD_MADT_ENTRY(entry, end) (                                        \
   37.12  		(!entry) || (unsigned long)entry + sizeof(*entry) > end ||  \
    38.1 --- a/xen/arch/ia64/xen/dom0_ops.c	Wed Aug 30 14:09:31 2006 -0500
    38.2 +++ b/xen/arch/ia64/xen/dom0_ops.c	Wed Aug 30 22:36:18 2006 +0100
    38.3 @@ -21,6 +21,7 @@
    38.4  #include <asm/vmx.h>
    38.5  #include <asm/dom_fw.h>
    38.6  #include <xen/iocap.h>
    38.7 +#include <xen/errno.h>
    38.8  
    38.9  void build_physmap_table(struct domain *d);
   38.10  
   38.11 @@ -39,8 +40,8 @@ long arch_do_domctl(xen_domctl_t *op, XE
   38.12      {
   38.13          unsigned long i;
   38.14          struct domain *d = find_domain_by_id(op->domain);
   38.15 -        unsigned long start_page = op->u.getmemlist.max_pfns >> 32;
   38.16 -        unsigned long nr_pages = op->u.getmemlist.max_pfns & 0xffffffff;
   38.17 +        unsigned long start_page = op->u.getmemlist.start_pfn;
   38.18 +        unsigned long nr_pages = op->u.getmemlist.max_pfns;
   38.19          unsigned long mfn;
   38.20  
   38.21          if ( d == NULL ) {
    39.1 --- a/xen/arch/ia64/xen/dom_fw.c	Wed Aug 30 14:09:31 2006 -0500
    39.2 +++ b/xen/arch/ia64/xen/dom_fw.c	Wed Aug 30 22:36:18 2006 +0100
    39.3 @@ -21,28 +21,23 @@
    39.4  #include <asm/fpswa.h>
    39.5  #include <xen/version.h>
    39.6  #include <xen/acpi.h>
    39.7 +#include <xen/errno.h>
    39.8  
    39.9  #include <asm/dom_fw.h>
   39.10  #include <asm/bundle.h>
   39.11  
   39.12 -static void dom_fw_init (struct domain *d, struct ia64_boot_param *bp, char *fw_mem, int fw_mem_size, unsigned long maxmem);
   39.13 -
   39.14 -extern struct domain *dom0;
   39.15 +#define ONE_MB (1UL << 20)
   39.16  
   39.17  extern unsigned long running_on_sim;
   39.18  
   39.19 -/* Note: two domains cannot be created simulteanously!  */
   39.20 -static unsigned long dom_fw_base_mpa = -1;
   39.21 -static unsigned long imva_fw_base = -1;
   39.22 -
   39.23  #define FW_VENDOR "X\0e\0n\0/\0i\0a\0\066\0\064\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
   39.24  
   39.25 -#define MAKE_MD(typ, attr, start, end, abs) 				\
   39.26 +#define MAKE_MD(typ, attr, start, end) 					\
   39.27  	do {								\
   39.28 -		md = efi_memmap + i++;					\
   39.29 +		md = tables->efi_memmap + i++;				\
   39.30  		md->type = typ;						\
   39.31  		md->pad = 0;						\
   39.32 -		md->phys_addr = abs ? start : start_mpaddr + start;	\
   39.33 +		md->phys_addr = start;					\
   39.34  		md->virt_addr = 0;					\
   39.35  		md->num_pages = (end - start) >> EFI_PAGE_SHIFT;	\
   39.36  		md->attribute = attr;					\
   39.37 @@ -51,44 +46,31 @@ static unsigned long imva_fw_base = -1;
   39.38  #define EFI_HYPERCALL_PATCH(tgt, call)					\
   39.39  	do {								\
   39.40  		dom_efi_hypercall_patch(d, FW_HYPERCALL_##call##_PADDR,	\
   39.41 -		                        FW_HYPERCALL_##call);		\
   39.42 -		tgt = dom_pa((unsigned long) pfn);			\
   39.43 -		*pfn++ = FW_HYPERCALL_##call##_PADDR + start_mpaddr;	\
   39.44 -		*pfn++ = 0;						\
   39.45 +		                 FW_HYPERCALL_##call, hypercalls_imva);	\
   39.46 +		/* Descriptor address.  */                              \
   39.47 +		tables->efi_runtime.tgt =                               \
   39.48 +		                    FW_FIELD_MPA(func_ptrs) + 8 * pfn;  \
   39.49 +		/* Descriptor.  */                                      \
   39.50 +		tables->func_ptrs[pfn++] = FW_HYPERCALL_##call##_PADDR;	\
   39.51 +		tables->func_ptrs[pfn++] = 0;                     	\
   39.52  	} while (0)
   39.53  
   39.54 -// return domain (meta)physical address for a given imva
   39.55 -// this function is a call-back from dom_fw_init
   39.56 -static unsigned long
   39.57 -dom_pa(unsigned long imva)
   39.58 -{
   39.59 -	if (dom_fw_base_mpa == -1 || imva_fw_base == -1) {
   39.60 -		printf("dom_pa: uninitialized! (spinning...)\n");
   39.61 -		while(1);
   39.62 -	}
   39.63 -	if (imva - imva_fw_base > PAGE_SIZE) {
   39.64 -		printf("dom_pa: bad offset! imva=0x%lx, imva_fw_base=0x%lx (spinning...)\n",
   39.65 -			imva, imva_fw_base);
   39.66 -		while(1);
   39.67 -	}
   39.68 -	return dom_fw_base_mpa + (imva - imva_fw_base);
   39.69 -}
   39.70 -
   39.71  // allocate a page for fw
   39.72  // build_physmap_table() which is called by new_thread()
   39.73  // does for domU.
   39.74 -#define ASSIGN_NEW_DOMAIN_PAGE_IF_DOM0(d, mpaddr)   \
   39.75 -    do {                                            \
   39.76 -        if ((d) == dom0) {                          \
   39.77 -            assign_new_domain0_page((d), (mpaddr)); \
   39.78 -        }                                           \
   39.79 -    } while (0)
   39.80 +static inline void
   39.81 +assign_new_domain_page_if_dom0(struct domain *d, unsigned long mpaddr)
   39.82 +{
   39.83 +        if (d == dom0)
   39.84 +            assign_new_domain0_page(d, mpaddr);
   39.85 +}
   39.86  
   39.87  /**************************************************************************
   39.88  Hypercall bundle creation
   39.89  **************************************************************************/
   39.90  
   39.91 -static void build_hypercall_bundle(UINT64 *imva, UINT64 brkimm, UINT64 hypnum, UINT64 ret)
   39.92 +static void
   39.93 +build_hypercall_bundle(u64 *imva, u64 brkimm, u64 hypnum, u64 ret)
   39.94  {
   39.95  	INST64_A5 slot0;
   39.96  	INST64_I19 slot1;
   39.97 @@ -104,8 +86,8 @@ static void build_hypercall_bundle(UINT6
   39.98  	slot1.inst = 0;
   39.99  	slot1.qp = 0; slot1.x6 = 0; slot1.x3 = 0; slot1.major = 0x0;
  39.100  	slot1.imm20 = brkimm; slot1.i = brkimm >> 20;
  39.101 -	// if ret slot2: br.ret.sptk.many rp
  39.102 -	// else slot2: br.cond.sptk.many rp
  39.103 +	// if ret slot2:  br.ret.sptk.many rp
  39.104 +	// else   slot2:  br.cond.sptk.many rp
  39.105  	slot2.inst = 0; slot2.qp = 0; slot2.p = 1; slot2.b2 = 0;
  39.106  	slot2.wh = 0; slot2.d = 0; slot2.major = 0x0;
  39.107  	if (ret) {
  39.108 @@ -125,7 +107,8 @@ static void build_hypercall_bundle(UINT6
  39.109  	ia64_fc(imva + 1);
  39.110  }
  39.111  
  39.112 -static void build_pal_hypercall_bundles(UINT64 *imva, UINT64 brkimm, UINT64 hypnum)
  39.113 +static void
  39.114 +build_pal_hypercall_bundles(u64 *imva, u64 brkimm, u64 hypnum)
  39.115  {
  39.116  	extern unsigned long pal_call_stub[];
  39.117  	IA64_BUNDLE bundle;
  39.118 @@ -162,76 +145,68 @@ static void build_pal_hypercall_bundles(
  39.119  }
  39.120  
  39.121  // builds a hypercall bundle at domain physical address
  39.122 -static void dom_fpswa_hypercall_patch(struct domain *d)
  39.123 +static void
  39.124 +dom_fpswa_hypercall_patch(struct domain *d, unsigned long imva)
  39.125  {
  39.126  	unsigned long *entry_imva, *patch_imva;
  39.127 -	unsigned long entry_paddr = FW_HYPERCALL_FPSWA_ENTRY_PADDR;
  39.128 -	unsigned long patch_paddr = FW_HYPERCALL_FPSWA_PATCH_PADDR;
  39.129 +	const unsigned long entry_paddr = FW_HYPERCALL_FPSWA_ENTRY_PADDR;
  39.130 +	const unsigned long patch_paddr = FW_HYPERCALL_FPSWA_PATCH_PADDR;
  39.131  
  39.132 -	ASSIGN_NEW_DOMAIN_PAGE_IF_DOM0(d, entry_paddr);
  39.133 -	ASSIGN_NEW_DOMAIN_PAGE_IF_DOM0(d, patch_paddr);
  39.134 -	entry_imva = domain_mpa_to_imva(d, entry_paddr);
  39.135 -	patch_imva = domain_mpa_to_imva(d, patch_paddr);
  39.136 +	entry_imva = (unsigned long *)(imva + entry_paddr -
  39.137 +	                               FW_HYPERCALL_BASE_PADDR);
  39.138 +	patch_imva = (unsigned long *)(imva + patch_paddr -
  39.139 +	                               FW_HYPERCALL_BASE_PADDR);
  39.140  
  39.141 +	/* Descriptor.  */
  39.142  	*entry_imva++ = patch_paddr;
  39.143  	*entry_imva   = 0;
  39.144 -	build_hypercall_bundle(patch_imva, d->arch.breakimm, FW_HYPERCALL_FPSWA, 1);
  39.145 -}
  39.146  
  39.147 -// builds a hypercall bundle at domain physical address
  39.148 -static void dom_efi_hypercall_patch(struct domain *d, unsigned long paddr, unsigned long hypercall)
  39.149 -{
  39.150 -	unsigned long *imva;
  39.151 -
  39.152 -	ASSIGN_NEW_DOMAIN_PAGE_IF_DOM0(d, paddr);
  39.153 -	imva = domain_mpa_to_imva(d, paddr);
  39.154 -	build_hypercall_bundle(imva, d->arch.breakimm, hypercall, 1);
  39.155 +	build_hypercall_bundle(patch_imva, d->arch.breakimm,
  39.156 +	                       FW_HYPERCALL_FPSWA, 1);
  39.157  }
  39.158  
  39.159  // builds a hypercall bundle at domain physical address
  39.160 -static void dom_fw_hypercall_patch(struct domain *d, unsigned long paddr, unsigned long hypercall,unsigned long ret)
  39.161 +static void
  39.162 +dom_efi_hypercall_patch(struct domain *d, unsigned long paddr,
  39.163 +                        unsigned long hypercall, unsigned long imva)
  39.164  {
  39.165 -	unsigned long *imva;
  39.166 -
  39.167 -	ASSIGN_NEW_DOMAIN_PAGE_IF_DOM0(d, paddr);
  39.168 -	imva = domain_mpa_to_imva(d, paddr);
  39.169 -	build_hypercall_bundle(imva, d->arch.breakimm, hypercall, ret);
  39.170 -}
  39.171 -
  39.172 -static void dom_fw_pal_hypercall_patch(struct domain *d, unsigned long paddr)
  39.173 -{
  39.174 -	unsigned long *imva;
  39.175 -
  39.176 -	ASSIGN_NEW_DOMAIN_PAGE_IF_DOM0(d, paddr);
  39.177 -	imva = domain_mpa_to_imva(d, paddr);
  39.178 -	build_pal_hypercall_bundles(imva, d->arch.breakimm, FW_HYPERCALL_PAL_CALL);
  39.179 +	build_hypercall_bundle((u64 *)(imva + paddr - FW_HYPERCALL_BASE_PADDR),
  39.180 +	                       d->arch.breakimm, hypercall, 1);
  39.181  }
  39.182  
  39.183 -
  39.184 -void dom_fw_setup(struct domain *d, unsigned long bp_mpa, unsigned long maxmem)
  39.185 +// builds a hypercall bundle at domain physical address
  39.186 +static void
  39.187 +dom_fw_hypercall_patch(struct domain *d, unsigned long paddr,
  39.188 +                       unsigned long hypercall,unsigned long ret,
  39.189 +                       unsigned long imva)
  39.190  {
  39.191 -	struct ia64_boot_param *bp;
  39.192 -
  39.193 -	dom_fw_base_mpa = 0;
  39.194 -	ASSIGN_NEW_DOMAIN_PAGE_IF_DOM0(d, dom_fw_base_mpa);
  39.195 -	imva_fw_base = (unsigned long) domain_mpa_to_imva(d, dom_fw_base_mpa);
  39.196 -	ASSIGN_NEW_DOMAIN_PAGE_IF_DOM0(d, bp_mpa);
  39.197 -	bp = domain_mpa_to_imva(d, bp_mpa);
  39.198 -	dom_fw_init(d, bp, (char *) imva_fw_base, PAGE_SIZE, maxmem);
  39.199 +	build_hypercall_bundle((u64 *)(imva + paddr - FW_HYPERCALL_BASE_PADDR),
  39.200 +	                       d->arch.breakimm, hypercall, ret);
  39.201  }
  39.202  
  39.203 -
  39.204 -/* the following heavily leveraged from linux/arch/ia64/hp/sim/fw-emu.c */
  39.205 -
  39.206 -#define NFUNCPTRS 20
  39.207 +static void
  39.208 +dom_fw_pal_hypercall_patch(struct domain *d, unsigned long paddr,
  39.209 +                           unsigned long imva)
  39.210 +{
  39.211 +	build_pal_hypercall_bundles((u64*)(imva + paddr -
  39.212 +	                            FW_HYPERCALL_BASE_PADDR),
  39.213 +	                            d->arch.breakimm, FW_HYPERCALL_PAL_CALL);
  39.214 +}
  39.215  
  39.216  static inline void
  39.217  print_md(efi_memory_desc_t *md)
  39.218  {
  39.219 -	printk("domain mem: type=%2u, attr=0x%016lx, range=[0x%016lx-0x%016lx) (%luMB)\n",
  39.220 -		md->type, md->attribute, md->phys_addr,
  39.221 -		md->phys_addr + (md->num_pages << EFI_PAGE_SHIFT),
  39.222 -		md->num_pages >> (20 - EFI_PAGE_SHIFT));
  39.223 +	u64 size;
  39.224 +	
  39.225 +	printk("dom mem: type=%2u, attr=0x%016lx, range=[0x%016lx-0x%016lx) ",
  39.226 +	       md->type, md->attribute, md->phys_addr,
  39.227 +	       md->phys_addr + (md->num_pages << EFI_PAGE_SHIFT));
  39.228 +
  39.229 +	size = md->num_pages << EFI_PAGE_SHIFT;
  39.230 +	if (size > ONE_MB)
  39.231 +		printf ("(%luMB)\n", size >> 20);
  39.232 +	else
  39.233 +		printf ("(%luKB)\n", size >> 10);
  39.234  }
  39.235  
  39.236  static u32 lsapic_nbr;
  39.237 @@ -316,6 +291,8 @@ struct fake_acpi_tables {
  39.238  	u8 pm1a_cnt_blk[1];
  39.239  	u8 pm_tmr_blk[4];
  39.240  };
  39.241 +#define ACPI_TABLE_MPA(field) \
  39.242 +  FW_ACPI_BASE_PADDR + offsetof(struct fake_acpi_tables, field);
  39.243  
  39.244  /* Create enough of an ACPI structure to make the guest OS ACPI happy. */
  39.245  static void
  39.246 @@ -345,8 +322,8 @@ dom_fw_fake_acpi(struct domain *d, struc
  39.247  	xsdt->asl_compiler_revision = (xen_major_version() << 16) |
  39.248  		xen_minor_version();
  39.249  
  39.250 -	xsdt->table_offset_entry[0] = dom_pa((unsigned long) fadt);
  39.251 -	tables->madt_ptr = dom_pa((unsigned long) madt);
  39.252 +	xsdt->table_offset_entry[0] = ACPI_TABLE_MPA(fadt);
  39.253 +	tables->madt_ptr = ACPI_TABLE_MPA(madt);
  39.254  
  39.255  	xsdt->checksum = generate_acpi_checksum(xsdt, xsdt->length);
  39.256  
  39.257 @@ -364,8 +341,8 @@ dom_fw_fake_acpi(struct domain *d, struc
  39.258  	facs->version = 1;
  39.259  	facs->length = sizeof(struct facs_descriptor_rev2);
  39.260  
  39.261 -	fadt->xfirmware_ctrl = dom_pa((unsigned long) facs);
  39.262 -	fadt->Xdsdt = dom_pa((unsigned long) dsdt);
  39.263 +	fadt->xfirmware_ctrl = ACPI_TABLE_MPA(facs);
  39.264 +	fadt->Xdsdt = ACPI_TABLE_MPA(dsdt);
  39.265  
  39.266  	/*
  39.267  	 * All of the below FADT entries are filled it to prevent warnings
  39.268 @@ -375,15 +352,15 @@ dom_fw_fake_acpi(struct domain *d, struc
  39.269  	fadt->pm1_evt_len = 4;
  39.270  	fadt->xpm1a_evt_blk.address_space_id = ACPI_ADR_SPACE_SYSTEM_MEMORY;
  39.271  	fadt->xpm1a_evt_blk.register_bit_width = 8;
  39.272 -	fadt->xpm1a_evt_blk.address = dom_pa((unsigned long) &tables->pm1a_evt_blk);
  39.273 +	fadt->xpm1a_evt_blk.address = ACPI_TABLE_MPA(pm1a_evt_blk);
  39.274  	fadt->pm1_cnt_len = 1;
  39.275  	fadt->xpm1a_cnt_blk.address_space_id = ACPI_ADR_SPACE_SYSTEM_MEMORY;
  39.276  	fadt->xpm1a_cnt_blk.register_bit_width = 8;
  39.277 -	fadt->xpm1a_cnt_blk.address = dom_pa((unsigned long) &tables->pm1a_cnt_blk);
  39.278 +	fadt->xpm1a_cnt_blk.address = ACPI_TABLE_MPA(pm1a_cnt_blk);
  39.279  	fadt->pm_tm_len = 4;
  39.280  	fadt->xpm_tmr_blk.address_space_id = ACPI_ADR_SPACE_SYSTEM_MEMORY;
  39.281  	fadt->xpm_tmr_blk.register_bit_width = 8;
  39.282 -	fadt->xpm_tmr_blk.address = dom_pa((unsigned long) &tables->pm_tmr_blk);
  39.283 +	fadt->xpm_tmr_blk.address = ACPI_TABLE_MPA(pm_tmr_blk);
  39.284  
  39.285  	fadt->checksum = generate_acpi_checksum(fadt, fadt->length);
  39.286  
  39.287 @@ -392,7 +369,7 @@ dom_fw_fake_acpi(struct domain *d, struc
  39.288  	strcpy(rsdp->oem_id, "XEN");
  39.289  	rsdp->revision = 2; /* ACPI 2.0 includes XSDT */
  39.290  	rsdp->length = sizeof(struct acpi20_table_rsdp);
  39.291 -	rsdp->xsdt_address = dom_pa((unsigned long) xsdt);
  39.292 +	rsdp->xsdt_address = ACPI_TABLE_MPA(xsdt);
  39.293  
  39.294  	rsdp->checksum = generate_acpi_checksum(rsdp,
  39.295  	                                        ACPI_RSDP_CHECKSUM_LENGTH);
  39.296 @@ -467,115 +444,6 @@ dom_fw_fake_acpi(struct domain *d, struc
  39.297  	return;
  39.298  }
  39.299  
  39.300 -#define NUM_EFI_SYS_TABLES 6
  39.301 -#define NUM_MEM_DESCS	64 //large enough
  39.302 -
  39.303 -struct dom0_passthrough_arg {
  39.304 -    struct domain*      d;
  39.305 -    int                 flags;
  39.306 -    efi_memory_desc_t *md;
  39.307 -    int*                i;
  39.308 -};
  39.309 -
  39.310 -static int
  39.311 -dom_fw_dom0_passthrough(efi_memory_desc_t *md, void *arg__)
  39.312 -{
  39.313 -    struct dom0_passthrough_arg* arg = (struct dom0_passthrough_arg*)arg__;
  39.314 -    unsigned long paddr;
  39.315 -    struct domain* d = arg->d;
  39.316 -    u64 start = md->phys_addr;
  39.317 -    u64 size = md->num_pages << EFI_PAGE_SHIFT;
  39.318 -
  39.319 -    if (md->type == EFI_MEMORY_MAPPED_IO ||
  39.320 -        md->type == EFI_MEMORY_MAPPED_IO_PORT_SPACE) {
  39.321 -
  39.322 -        //XXX some machine has large mmio area whose size is about several TB.
  39.323 -        //    It requires impractical memory to map such a huge region
  39.324 -        //    to a domain.
  39.325 -        //    For now we don't map it, but later we must fix this.
  39.326 -        if (md->type == EFI_MEMORY_MAPPED_IO && (size > 0x100000000UL))
  39.327 -            return 0;
  39.328 -
  39.329 -        paddr = assign_domain_mmio_page(d, start, size);
  39.330 -    } else
  39.331 -        paddr = assign_domain_mach_page(d, start, size, arg->flags);
  39.332 -
  39.333 -    BUG_ON(md->type != EFI_RUNTIME_SERVICES_CODE &&
  39.334 -           md->type != EFI_RUNTIME_SERVICES_DATA &&
  39.335 -           md->type != EFI_ACPI_RECLAIM_MEMORY &&
  39.336 -           md->type != EFI_ACPI_MEMORY_NVS &&
  39.337 -           md->type != EFI_RESERVED_TYPE &&
  39.338 -           md->type != EFI_MEMORY_MAPPED_IO &&
  39.339 -           md->type != EFI_MEMORY_MAPPED_IO_PORT_SPACE);
  39.340 -
  39.341 -    arg->md->type = md->type;
  39.342 -    arg->md->pad = 0;
  39.343 -    arg->md->phys_addr = paddr;
  39.344 -    arg->md->virt_addr = 0;
  39.345 -    arg->md->num_pages = md->num_pages;
  39.346 -    arg->md->attribute = md->attribute;
  39.347 -
  39.348 -    (*arg->i)++;
  39.349 -    arg->md++;
  39.350 -    return 0;
  39.351 -}
  39.352 -
  39.353 -/*
  39.354 - * Create dom0 MDT entries for conventional memory below 1MB.  Without
  39.355 - * this Linux will assume VGA is present because 0xA0000 will always
  39.356 - * be either a hole in the MDT or an I/O region via the passthrough.
  39.357 - */
  39.358 -static int
  39.359 -dom_fw_dom0_lowmem(efi_memory_desc_t *md, void *arg__)
  39.360 -{
  39.361 -    struct dom0_passthrough_arg* arg = (struct dom0_passthrough_arg*)arg__;
  39.362 -    u64 end = min(HYPERCALL_START,
  39.363 -                  md->phys_addr + (md->num_pages << EFI_PAGE_SHIFT));
  39.364 -
  39.365 -    BUG_ON(md->type != EFI_CONVENTIONAL_MEMORY);
  39.366 -
  39.367 -    /* avoid hypercall area */
  39.368 -    if (md->phys_addr >= HYPERCALL_START)
  39.369 -        return 0;
  39.370 -
  39.371 -    /* avoid firmware base area */
  39.372 -    if (md->phys_addr < dom_pa(imva_fw_base))
  39.373 -        end = min(end, dom_pa(imva_fw_base));
  39.374 -    else if (md->phys_addr < dom_pa(imva_fw_base + PAGE_SIZE)) {
  39.375 -        if (end < dom_pa(imva_fw_base + PAGE_SIZE))
  39.376 -            return 0;
  39.377 -        md->phys_addr = dom_pa(imva_fw_base + PAGE_SIZE);
  39.378 -    }
  39.379 -
  39.380 -    arg->md->type = md->type;
  39.381 -    arg->md->pad = 0;
  39.382 -    arg->md->phys_addr = md->phys_addr;
  39.383 -    arg->md->virt_addr = 0;
  39.384 -    arg->md->num_pages = (end - md->phys_addr) >> EFI_PAGE_SHIFT;
  39.385 -    arg->md->attribute = md->attribute;
  39.386 -
  39.387 -    (*arg->i)++;
  39.388 -    arg->md++;
  39.389 -
  39.390 -    /* if firmware area spliced the md, add the upper part here */
  39.391 -    if (end == dom_pa(imva_fw_base)) {
  39.392 -        end = min(HYPERCALL_START,
  39.393 -                  md->phys_addr + (md->num_pages << EFI_PAGE_SHIFT));
  39.394 -	if (end > dom_pa(imva_fw_base + PAGE_SIZE)) {
  39.395 -            arg->md->type = md->type;
  39.396 -            arg->md->pad = 0;
  39.397 -            arg->md->phys_addr = dom_pa(imva_fw_base + PAGE_SIZE);
  39.398 -            arg->md->virt_addr = 0;
  39.399 -            arg->md->num_pages = (end - arg->md->phys_addr) >> EFI_PAGE_SHIFT;
  39.400 -            arg->md->attribute = md->attribute;
  39.401 -
  39.402 -            (*arg->i)++;
  39.403 -            arg->md++;
  39.404 -        }
  39.405 -    }
  39.406 -    return 0;
  39.407 -}
  39.408 -
  39.409  static int
  39.410  efi_mdt_cmp(const void *a, const void *b)
  39.411  {
  39.412 @@ -595,279 +463,403 @@ efi_mdt_cmp(const void *a, const void *b
  39.413  	return 0;
  39.414  }
  39.415  
  39.416 -static void
  39.417 -dom_fw_init (struct domain *d, struct ia64_boot_param *bp, char *fw_mem, int fw_mem_size, unsigned long maxmem)
  39.418 +#define NFUNCPTRS 16
  39.419 +#define NUM_EFI_SYS_TABLES 6
  39.420 +#define NUM_MEM_DESCS 64 //large enough
  39.421 +
  39.422 +struct fw_tables {
  39.423 +	efi_system_table_t efi_systab;
  39.424 +	efi_runtime_services_t efi_runtime;
  39.425 +	efi_config_table_t efi_tables[NUM_EFI_SYS_TABLES];
  39.426 +
  39.427 +	struct ia64_sal_systab sal_systab;
  39.428 +	struct ia64_sal_desc_entry_point sal_ed;
  39.429 +	struct ia64_sal_desc_ap_wakeup sal_wakeup;
  39.430 +	/* End of SAL descriptors.  Do not forget to update checkum bound.  */
  39.431 +
  39.432 +	fpswa_interface_t fpswa_inf;
  39.433 +	efi_memory_desc_t efi_memmap[NUM_MEM_DESCS];
  39.434 +	unsigned long func_ptrs[2*NFUNCPTRS];
  39.435 + 	struct xen_sal_data sal_data;
  39.436 +	unsigned char fw_vendor[sizeof(FW_VENDOR)];
  39.437 +};
  39.438 +#define FW_FIELD_MPA(field) \
  39.439 +   FW_TABLES_BASE_PADDR + offsetof(struct fw_tables, field)
  39.440 +
  39.441 +/* Complete the dom0 memmap.  */
  39.442 +static int
  39.443 +complete_dom0_memmap(struct domain *d,
  39.444 +                     struct fw_tables *tables,
  39.445 +                     unsigned long maxmem,
  39.446 +                     int num_mds)
  39.447  {
  39.448 -	efi_system_table_t *efi_systab;
  39.449 -	efi_runtime_services_t *efi_runtime;
  39.450 -	efi_config_table_t *efi_tables;
  39.451 -	struct ia64_sal_systab *sal_systab;
  39.452 -	struct ia64_sal_desc_entry_point *sal_ed;
  39.453 -	struct ia64_sal_desc_ap_wakeup *sal_wakeup;
  39.454 -	fpswa_interface_t *fpswa_inf;
  39.455 -	efi_memory_desc_t *efi_memmap, *md;
  39.456 - 	struct xen_sal_data *sal_data;
  39.457 -	unsigned long *pfn;
  39.458 -	unsigned char checksum = 0;
  39.459 -	char *cp, *fw_vendor;
  39.460 -	int num_mds, j, i = 0;
  39.461 -	const unsigned long start_mpaddr = 0;
  39.462 +	efi_memory_desc_t *md;
  39.463 +	u64 addr;
  39.464 +	int j;
  39.465 +	void *efi_map_start, *efi_map_end, *p;
  39.466 +	u64 efi_desc_size;
  39.467 +	int i;
  39.468 +
  39.469 +	/* Walk through all MDT entries.
  39.470 +	   Copy all interesting entries.  */
  39.471 +	efi_map_start = __va(ia64_boot_param->efi_memmap);
  39.472 +	efi_map_end = efi_map_start + ia64_boot_param->efi_memmap_size;
  39.473 +	efi_desc_size = ia64_boot_param->efi_memdesc_size;
  39.474 +
  39.475 +	for (p = efi_map_start; p < efi_map_end; p += efi_desc_size) {
  39.476 +		const efi_memory_desc_t *md = p;
  39.477 +		efi_memory_desc_t *dom_md = &tables->efi_memmap[num_mds];
  39.478 +		u64 start = md->phys_addr;
  39.479 +		u64 size = md->num_pages << EFI_PAGE_SHIFT;
  39.480 +		u64 end = start + size;
  39.481 +
  39.482 +		switch (md->type) {
  39.483 +		case EFI_RUNTIME_SERVICES_CODE:
  39.484 +		case EFI_RUNTIME_SERVICES_DATA:
  39.485 +		case EFI_ACPI_RECLAIM_MEMORY:
  39.486 +		case EFI_ACPI_MEMORY_NVS:
  39.487 +		case EFI_RESERVED_TYPE:
  39.488 +			/* Map into dom0 - All these are writable.  */
  39.489 +			assign_domain_mach_page(d, start, size,
  39.490 +			                        ASSIGN_writable);
  39.491 +			/* Fall-through.  */
  39.492 +		case EFI_MEMORY_MAPPED_IO:
  39.493 +			/* Will be mapped with ioremap.  */
  39.494 +			/* Copy descriptor.  */
  39.495 +			*dom_md = *md;
  39.496 +			dom_md->virt_addr = 0;
  39.497 +			num_mds++;
  39.498 +			break;
  39.499 +
  39.500 +		case EFI_MEMORY_MAPPED_IO_PORT_SPACE:
  39.501 +			/* Map into dom0.  */
  39.502 +			assign_domain_mmio_page(d, start, size);
  39.503 +			/* Copy descriptor.  */
  39.504 +			*dom_md = *md;
  39.505 +			dom_md->virt_addr = 0;
  39.506 +			num_mds++;
  39.507 +			break;
  39.508 +
  39.509 +		case EFI_CONVENTIONAL_MEMORY:
  39.510 +		case EFI_LOADER_CODE:
  39.511 +		case EFI_LOADER_DATA:
  39.512 +		case EFI_BOOT_SERVICES_CODE:
  39.513 +		case EFI_BOOT_SERVICES_DATA:
  39.514 +			/* Create dom0 MDT entries for conventional memory
  39.515 +			   below 1MB.  Without this Linux will assume VGA is
  39.516 +			   present because 0xA0000 will always be either a hole
  39.517 +			   in the MDT or an I/O region via the passthrough.  */
  39.518 +
  39.519 +			end = min(ONE_MB, end);
  39.520 +
  39.521 +			/* Avoid firmware and hypercall area.
  39.522 +			   We know they are 0-based.  */
  39.523 +			if (end < FW_END_PADDR || start >= ONE_MB)
  39.524 +				break;
  39.525 +			if (start < FW_END_PADDR)
  39.526 +				start = FW_END_PADDR;
  39.527 +			
  39.528 +			dom_md->type = EFI_CONVENTIONAL_MEMORY;
  39.529 +			dom_md->phys_addr = start;
  39.530 +			dom_md->virt_addr = 0;
  39.531 +			dom_md->num_pages = (end - start) >> EFI_PAGE_SHIFT;
  39.532 +			dom_md->attribute = md->attribute;
  39.533 +			num_mds++;
  39.534 +			break;
  39.535 +
  39.536 +		case EFI_UNUSABLE_MEMORY:
  39.537 +		case EFI_PAL_CODE:
  39.538 +			/* Discard.  */
  39.539 +			break;
  39.540  
  39.541 -/* FIXME: should check size but for now we have a whole MB to play with.
  39.542 -   And if stealing code from fw-emu.c, watch out for new fw_vendor on the end!
  39.543 -	if (fw_mem_size < sizeof(fw_mem_proto)) {
  39.544 -		printf("sys_fw_init: insufficient space for fw_mem\n");
  39.545 -		return 0;
  39.546 +		default:
  39.547 +			/* Print a warning but continue.  */
  39.548 +			printf("complete_dom0_memmap: warning: "
  39.549 +			       "unhandled MDT entry type %u\n", md->type);
  39.550 +		}
  39.551  	}
  39.552 -*/
  39.553 -	memset(fw_mem, 0, fw_mem_size);
  39.554 +	BUG_ON(num_mds > NUM_MEM_DESCS);
  39.555 +	
  39.556 +	sort(tables->efi_memmap, num_mds, sizeof(efi_memory_desc_t),
  39.557 +	     efi_mdt_cmp, NULL);
  39.558 +
  39.559 +	/* find gaps and fill them with conventional memory */
  39.560 +	i = num_mds;
  39.561 +	for (j = 0; j < num_mds; j++) {
  39.562 +		unsigned long end;
  39.563 +		unsigned long next_start;
  39.564 +		
  39.565 +		md = &tables->efi_memmap[j];
  39.566 +		end = md->phys_addr + (md->num_pages << EFI_PAGE_SHIFT);
  39.567 +		
  39.568 +		if (j + 1 < num_mds) {
  39.569 +			efi_memory_desc_t* next_md;
  39.570 +			next_md = &tables->efi_memmap[j + 1];
  39.571 +			next_start = next_md->phys_addr;
  39.572 +			
  39.573 +			/* Have just been sorted.  */
  39.574 +			BUG_ON(end > next_start);
  39.575 +			
  39.576 +			/* No room for memory!  */
  39.577 +			if (end == next_start)
  39.578 +				continue;
  39.579 +			
  39.580 +			if (next_start > maxmem)
  39.581 +				next_start = maxmem;
  39.582 +		}
  39.583 +		else
  39.584 +			next_start = maxmem;
  39.585 +		
  39.586 +		/* Avoid "legacy" low memory addresses 
  39.587 +		   and the HYPERCALL area.  */
  39.588 +		if (end < ONE_MB)
  39.589 +			end = ONE_MB;
  39.590 +						      
  39.591 +		// clip the range and align to PAGE_SIZE
  39.592 +		next_start = next_start & PAGE_MASK;
  39.593 +		end = PAGE_ALIGN(end);
  39.594 +		
  39.595 +		/* No room for memory.  */
  39.596 +		if (end >= next_start)
  39.597 +			continue;
  39.598 +		
  39.599 +		MAKE_MD(EFI_CONVENTIONAL_MEMORY, EFI_MEMORY_WB,
  39.600 +		        end, next_start);
  39.601  
  39.602 -	cp = fw_mem;
  39.603 -	efi_systab  = (void *) cp; cp += sizeof(*efi_systab);
  39.604 -	efi_runtime = (void *) cp; cp += sizeof(*efi_runtime);
  39.605 -	efi_tables  = (void *) cp; cp += NUM_EFI_SYS_TABLES * sizeof(*efi_tables);
  39.606 -	sal_systab  = (void *) cp; cp += sizeof(*sal_systab);
  39.607 -	sal_ed      = (void *) cp; cp += sizeof(*sal_ed);
  39.608 -	sal_wakeup  = (void *) cp; cp += sizeof(*sal_wakeup);
  39.609 -	fpswa_inf   = (void *) cp; cp += sizeof(*fpswa_inf);
  39.610 -	efi_memmap  = (void *) cp; cp += NUM_MEM_DESCS*sizeof(*efi_memmap);
  39.611 -	pfn         = (void *) cp; cp += NFUNCPTRS * 2 * sizeof(pfn);
  39.612 -	sal_data    = (void *) cp; cp += sizeof(*sal_data);
  39.613 +		if (next_start >= maxmem)
  39.614 +			break;
  39.615 +	}
  39.616 +	num_mds = i;
  39.617 +	BUG_ON(num_mds > NUM_MEM_DESCS);
  39.618 +	sort(tables->efi_memmap, num_mds, sizeof(efi_memory_desc_t),
  39.619 +	     efi_mdt_cmp, NULL);
  39.620 +
  39.621 +	// dom0 doesn't need build_physmap_table()
  39.622 +	// see arch_set_info_guest()
  39.623 +	// instead we allocate pages manually.
  39.624 +	for (i = 0; i < num_mds; i++) {
  39.625 +		md = &tables->efi_memmap[i];
  39.626 +		if (md->phys_addr > maxmem)
  39.627 +			break;
  39.628 +		
  39.629 +		if (md->type == EFI_LOADER_DATA ||
  39.630 +		    md->type == EFI_PAL_CODE ||
  39.631 +		    md->type == EFI_CONVENTIONAL_MEMORY) {
  39.632 +			unsigned long start = md->phys_addr & PAGE_MASK;
  39.633 +			unsigned long end = md->phys_addr +
  39.634 +				(md->num_pages << EFI_PAGE_SHIFT);
  39.635 +
  39.636 +			if (end == start) {
  39.637 +				/* md->num_pages = 0 is allowed. */
  39.638 +				continue;
  39.639 +			}
  39.640 +			if (end > (max_page << PAGE_SHIFT))
  39.641 +				end = (max_page << PAGE_SHIFT);
  39.642 +			
  39.643 +			for (addr = start; addr < end; addr += PAGE_SIZE)
  39.644 +				assign_new_domain0_page(d, addr);
  39.645 +		}
  39.646 +	}
  39.647 +	// Map low-memory holes & unmapped MMIO for legacy drivers
  39.648 +	for (addr = 0; addr < ONE_MB; addr += PAGE_SIZE) {
  39.649 +		if (domain_page_mapped(d, addr))
  39.650 +			continue;
  39.651 +		
  39.652 +		if (efi_mmio(addr, PAGE_SIZE))
  39.653 +			assign_domain_mmio_page(d, addr, PAGE_SIZE);
  39.654 +	}
  39.655 +	return num_mds;
  39.656 +}
  39.657 +	
  39.658 +static void
  39.659 +dom_fw_init(struct domain *d,
  39.660 +            struct ia64_boot_param *bp,
  39.661 +            struct fw_tables *tables,
  39.662 +            unsigned long hypercalls_imva,
  39.663 +            unsigned long maxmem)
  39.664 +{
  39.665 +	efi_memory_desc_t *md;
  39.666 +	unsigned long pfn;
  39.667 +	unsigned char checksum;
  39.668 +	char *cp;
  39.669 +	int num_mds, i;
  39.670 +
  39.671 +	memset(tables, 0, sizeof(struct fw_tables));
  39.672  
  39.673  	/* Initialise for EFI_SET_VIRTUAL_ADDRESS_MAP emulation */
  39.674 -	d->arch.efi_runtime = efi_runtime;
  39.675 -	d->arch.fpswa_inf   = fpswa_inf;
  39.676 -	d->arch.sal_data    = sal_data;
  39.677 +	d->arch.efi_runtime = &tables->efi_runtime;
  39.678 +	d->arch.fpswa_inf   = &tables->fpswa_inf;
  39.679 +	d->arch.sal_data    = &tables->sal_data;
  39.680  
  39.681 -	memset(efi_systab, 0, sizeof(efi_systab));
  39.682 -	efi_systab->hdr.signature = EFI_SYSTEM_TABLE_SIGNATURE;
  39.683 -	efi_systab->hdr.revision  = EFI_SYSTEM_TABLE_REVISION;
  39.684 -	efi_systab->hdr.headersize = sizeof(efi_systab->hdr);
  39.685 -	fw_vendor = cp;
  39.686 -	cp += sizeof(FW_VENDOR) + (8-((unsigned long)cp & 7)); // round to 64-bit boundary
  39.687 +	/* EFI systab.  */
  39.688 +	tables->efi_systab.hdr.signature = EFI_SYSTEM_TABLE_SIGNATURE;
  39.689 +	tables->efi_systab.hdr.revision  = EFI_SYSTEM_TABLE_REVISION;
  39.690 +	tables->efi_systab.hdr.headersize = sizeof(tables->efi_systab.hdr);
  39.691  
  39.692 -	memcpy(fw_vendor,FW_VENDOR,sizeof(FW_VENDOR));
  39.693 -	efi_systab->fw_vendor = dom_pa((unsigned long) fw_vendor);
  39.694 -	efi_systab->fw_revision = 1;
  39.695 -	efi_systab->runtime = (void *) dom_pa((unsigned long) efi_runtime);
  39.696 -	efi_systab->nr_tables = NUM_EFI_SYS_TABLES;
  39.697 -	efi_systab->tables = dom_pa((unsigned long) efi_tables);
  39.698 +	memcpy(tables->fw_vendor,FW_VENDOR,sizeof(FW_VENDOR));
  39.699 +	tables->efi_systab.fw_vendor = FW_FIELD_MPA(fw_vendor);
  39.700 +	tables->efi_systab.fw_revision = 1;
  39.701 +	tables->efi_systab.runtime = (void *)FW_FIELD_MPA(efi_runtime);
  39.702 +	tables->efi_systab.nr_tables = NUM_EFI_SYS_TABLES;
  39.703 +	tables->efi_systab.tables = FW_FIELD_MPA(efi_tables);
  39.704  
  39.705 -	efi_runtime->hdr.signature = EFI_RUNTIME_SERVICES_SIGNATURE;
  39.706 -	efi_runtime->hdr.revision = EFI_RUNTIME_SERVICES_REVISION;
  39.707 -	efi_runtime->hdr.headersize = sizeof(efi_runtime->hdr);
  39.708 +	/* EFI runtime.  */
  39.709 +	tables->efi_runtime.hdr.signature = EFI_RUNTIME_SERVICES_SIGNATURE;
  39.710 +	tables->efi_runtime.hdr.revision = EFI_RUNTIME_SERVICES_REVISION;
  39.711 +	tables->efi_runtime.hdr.headersize = sizeof(tables->efi_runtime.hdr);
  39.712  
  39.713 -	EFI_HYPERCALL_PATCH(efi_runtime->get_time,EFI_GET_TIME);
  39.714 -	EFI_HYPERCALL_PATCH(efi_runtime->set_time,EFI_SET_TIME);
  39.715 -	EFI_HYPERCALL_PATCH(efi_runtime->get_wakeup_time,EFI_GET_WAKEUP_TIME);
  39.716 -	EFI_HYPERCALL_PATCH(efi_runtime->set_wakeup_time,EFI_SET_WAKEUP_TIME);
  39.717 -	EFI_HYPERCALL_PATCH(efi_runtime->set_virtual_address_map,EFI_SET_VIRTUAL_ADDRESS_MAP);
  39.718 -	EFI_HYPERCALL_PATCH(efi_runtime->get_variable,EFI_GET_VARIABLE);
  39.719 -	EFI_HYPERCALL_PATCH(efi_runtime->get_next_variable,EFI_GET_NEXT_VARIABLE);
  39.720 -	EFI_HYPERCALL_PATCH(efi_runtime->set_variable,EFI_SET_VARIABLE);
  39.721 -	EFI_HYPERCALL_PATCH(efi_runtime->get_next_high_mono_count,EFI_GET_NEXT_HIGH_MONO_COUNT);
  39.722 -	EFI_HYPERCALL_PATCH(efi_runtime->reset_system,EFI_RESET_SYSTEM);
  39.723 +	pfn = 0;
  39.724 +	EFI_HYPERCALL_PATCH(get_time,EFI_GET_TIME);
  39.725 +	EFI_HYPERCALL_PATCH(set_time,EFI_SET_TIME);
  39.726 +	EFI_HYPERCALL_PATCH(get_wakeup_time,EFI_GET_WAKEUP_TIME);
  39.727 +	EFI_HYPERCALL_PATCH(set_wakeup_time,EFI_SET_WAKEUP_TIME);
  39.728 +	EFI_HYPERCALL_PATCH(set_virtual_address_map,
  39.729 +	                    EFI_SET_VIRTUAL_ADDRESS_MAP);
  39.730 +	EFI_HYPERCALL_PATCH(get_variable,EFI_GET_VARIABLE);
  39.731 +	EFI_HYPERCALL_PATCH(get_next_variable,EFI_GET_NEXT_VARIABLE);
  39.732 +	EFI_HYPERCALL_PATCH(set_variable,EFI_SET_VARIABLE);
  39.733 +	EFI_HYPERCALL_PATCH(get_next_high_mono_count,
  39.734 +	                    EFI_GET_NEXT_HIGH_MONO_COUNT);
  39.735 +	EFI_HYPERCALL_PATCH(reset_system,EFI_RESET_SYSTEM);
  39.736  
  39.737 -	efi_tables[0].guid = SAL_SYSTEM_TABLE_GUID;
  39.738 -	efi_tables[0].table = dom_pa((unsigned long) sal_systab);
  39.739 +	/* System tables.  */
  39.740 +	tables->efi_tables[0].guid = SAL_SYSTEM_TABLE_GUID;
  39.741 +	tables->efi_tables[0].table = FW_FIELD_MPA(sal_systab);
  39.742  	for (i = 1; i < NUM_EFI_SYS_TABLES; i++) {
  39.743 -		efi_tables[i].guid = NULL_GUID;
  39.744 -		efi_tables[i].table = 0;
  39.745 +		tables->efi_tables[i].guid = NULL_GUID;
  39.746 +		tables->efi_tables[i].table = 0;
  39.747  	}
  39.748 +	i = 1;
  39.749  	if (d == dom0) {
  39.750 +		/* Write messages to the console.  */
  39.751 +		touch_acpi_table();
  39.752 +
  39.753  		printf("Domain0 EFI passthrough:");
  39.754 -		i = 1;
  39.755  		if (efi.mps) {
  39.756 -			efi_tables[i].guid = MPS_TABLE_GUID;
  39.757 -			efi_tables[i].table = __pa(efi.mps);
  39.758 -			printf(" MPS=0x%lx",efi_tables[i].table);
  39.759 +			tables->efi_tables[i].guid = MPS_TABLE_GUID;
  39.760 +			tables->efi_tables[i].table = __pa(efi.mps);
  39.761 +			printf(" MPS=0x%lx",tables->efi_tables[i].table);
  39.762  			i++;
  39.763  		}
  39.764  
  39.765 -		touch_acpi_table();
  39.766 -
  39.767  		if (efi.acpi20) {
  39.768 -			efi_tables[i].guid = ACPI_20_TABLE_GUID;
  39.769 -			efi_tables[i].table = __pa(efi.acpi20);
  39.770 -			printf(" ACPI 2.0=0x%lx",efi_tables[i].table);
  39.771 +			tables->efi_tables[i].guid = ACPI_20_TABLE_GUID;
  39.772 +			tables->efi_tables[i].table = __pa(efi.acpi20);
  39.773 +			printf(" ACPI 2.0=0x%lx",tables->efi_tables[i].table);
  39.774  			i++;
  39.775  		}
  39.776  		if (efi.acpi) {
  39.777 -			efi_tables[i].guid = ACPI_TABLE_GUID;
  39.778 -			efi_tables[i].table = __pa(efi.acpi);
  39.779 -			printf(" ACPI=0x%lx",efi_tables[i].table);
  39.780 +			tables->efi_tables[i].guid = ACPI_TABLE_GUID;
  39.781 +			tables->efi_tables[i].table = __pa(efi.acpi);
  39.782 +			printf(" ACPI=0x%lx",tables->efi_tables[i].table);
  39.783  			i++;
  39.784  		}
  39.785  		if (efi.smbios) {
  39.786 -			efi_tables[i].guid = SMBIOS_TABLE_GUID;
  39.787 -			efi_tables[i].table = __pa(efi.smbios);
  39.788 -			printf(" SMBIOS=0x%lx",efi_tables[i].table);
  39.789 +			tables->efi_tables[i].guid = SMBIOS_TABLE_GUID;
  39.790 +			tables->efi_tables[i].table = __pa(efi.smbios);
  39.791 +			printf(" SMBIOS=0x%lx",tables->efi_tables[i].table);
  39.792  			i++;
  39.793  		}
  39.794  		if (efi.hcdp) {
  39.795 -			efi_tables[i].guid = HCDP_TABLE_GUID;
  39.796 -			efi_tables[i].table = __pa(efi.hcdp);
  39.797 -			printf(" HCDP=0x%lx",efi_tables[i].table);
  39.798 +			tables->efi_tables[i].guid = HCDP_TABLE_GUID;
  39.799 +			tables->efi_tables[i].table = __pa(efi.hcdp);
  39.800 +			printf(" HCDP=0x%lx",tables->efi_tables[i].table);
  39.801  			i++;
  39.802  		}
  39.803  		printf("\n");
  39.804  	} else {
  39.805  		printf("DomainU EFI build up:");
  39.806 -		i = 1;
  39.807  
  39.808 -		if ((unsigned long)fw_mem + fw_mem_size - (unsigned long)cp >=
  39.809 -		    sizeof(struct fake_acpi_tables)) {
  39.810 -			struct fake_acpi_tables *acpi_tables;
  39.811 -
  39.812 -			acpi_tables = (void *)cp;
  39.813 -			cp += sizeof(struct fake_acpi_tables);
  39.814 -			dom_fw_fake_acpi(d, acpi_tables);
  39.815 -
  39.816 -			efi_tables[i].guid = ACPI_20_TABLE_GUID;
  39.817 -			efi_tables[i].table = dom_pa((unsigned long) acpi_tables);
  39.818 -			printf(" ACPI 2.0=0x%lx",efi_tables[i].table);
  39.819 -			i++;
  39.820 -		}
  39.821 +		tables->efi_tables[i].guid = ACPI_20_TABLE_GUID;
  39.822 +		tables->efi_tables[i].table = FW_ACPI_BASE_PADDR;
  39.823 +		printf(" ACPI 2.0=0x%lx",tables->efi_tables[i].table);
  39.824 +		i++;
  39.825  		printf("\n");
  39.826  	}
  39.827  
  39.828  	/* fill in the SAL system table: */
  39.829 -	memcpy(sal_systab->signature, "SST_", 4);
  39.830 -	sal_systab->size = sizeof(*sal_systab);
  39.831 -	sal_systab->sal_rev_minor = 1;
  39.832 -	sal_systab->sal_rev_major = 0;
  39.833 -	sal_systab->entry_count = 2;
  39.834 +	memcpy(tables->sal_systab.signature, "SST_", 4);
  39.835 +	tables->sal_systab.size = sizeof(tables->sal_systab);
  39.836 +	tables->sal_systab.sal_rev_minor = 1;
  39.837 +	tables->sal_systab.sal_rev_major = 0;
  39.838 +	tables->sal_systab.entry_count = 2;
  39.839 +
  39.840 +	strcpy((char *)tables->sal_systab.oem_id, "Xen/ia64");
  39.841 +	strcpy((char *)tables->sal_systab.product_id, "Xen/ia64");
  39.842  
  39.843 -	strcpy((char *)sal_systab->oem_id, "Xen/ia64");
  39.844 -	strcpy((char *)sal_systab->product_id, "Xen/ia64");
  39.845 -
  39.846 -	/* fill in an entry point: */
  39.847 -	sal_ed->type = SAL_DESC_ENTRY_POINT;
  39.848 -	sal_ed->pal_proc = FW_HYPERCALL_PAL_CALL_PADDR + start_mpaddr;
  39.849 -	dom_fw_pal_hypercall_patch (d, sal_ed->pal_proc);
  39.850 -	sal_ed->sal_proc = FW_HYPERCALL_SAL_CALL_PADDR + start_mpaddr;
  39.851 -	dom_fw_hypercall_patch (d, sal_ed->sal_proc, FW_HYPERCALL_SAL_CALL, 1);
  39.852 -	sal_ed->gp = 0;  // will be ignored
  39.853 +	/* PAL entry point: */
  39.854 +	tables->sal_ed.type = SAL_DESC_ENTRY_POINT;
  39.855 +	tables->sal_ed.pal_proc = FW_HYPERCALL_PAL_CALL_PADDR;
  39.856 +	dom_fw_pal_hypercall_patch(d, tables->sal_ed.pal_proc, 
  39.857 +	                           hypercalls_imva);
  39.858 +	/* SAL entry point.  */
  39.859 +	tables->sal_ed.sal_proc = FW_HYPERCALL_SAL_CALL_PADDR;
  39.860 +	dom_fw_hypercall_patch(d, tables->sal_ed.sal_proc,
  39.861 +	                       FW_HYPERCALL_SAL_CALL, 1, hypercalls_imva);
  39.862 +	tables->sal_ed.gp = 0;  /* will be ignored */
  39.863  
  39.864  	/* Fill an AP wakeup descriptor.  */
  39.865 -	sal_wakeup->type = SAL_DESC_AP_WAKEUP;
  39.866 -	sal_wakeup->mechanism = IA64_SAL_AP_EXTERNAL_INT;
  39.867 -	sal_wakeup->vector = XEN_SAL_BOOT_RENDEZ_VEC;
  39.868 +	tables->sal_wakeup.type = SAL_DESC_AP_WAKEUP;
  39.869 +	tables->sal_wakeup.mechanism = IA64_SAL_AP_EXTERNAL_INT;
  39.870 +	tables->sal_wakeup.vector = XEN_SAL_BOOT_RENDEZ_VEC;
  39.871  
  39.872  	/* Compute checksum.  */
  39.873 -	for (cp = (char *) sal_systab; cp < (char *) efi_memmap; ++cp)
  39.874 +	checksum = 0;
  39.875 +	for (cp = (char *)&tables->sal_systab;
  39.876 +	     cp < (char *)&tables->fpswa_inf;
  39.877 +	     ++cp)
  39.878  		checksum += *cp;
  39.879 -	sal_systab->checksum = -checksum;
  39.880 +	tables->sal_systab.checksum = -checksum;
  39.881  
  39.882  	/* SAL return point.  */
  39.883 -	d->arch.sal_return_addr = FW_HYPERCALL_SAL_RETURN_PADDR + start_mpaddr;
  39.884 -	dom_fw_hypercall_patch (d, d->arch.sal_return_addr,
  39.885 -				FW_HYPERCALL_SAL_RETURN, 0);
  39.886 +	dom_fw_hypercall_patch(d, FW_HYPERCALL_SAL_RETURN_PADDR,
  39.887 +	                       FW_HYPERCALL_SAL_RETURN, 0, hypercalls_imva);
  39.888  
  39.889  	/* Fill in the FPSWA interface: */
  39.890 -	fpswa_inf->revision = fpswa_interface->revision;
  39.891 -	dom_fpswa_hypercall_patch(d);
  39.892 -	fpswa_inf->fpswa = (void *) FW_HYPERCALL_FPSWA_ENTRY_PADDR + start_mpaddr;
  39.893 +	tables->fpswa_inf.revision = fpswa_interface->revision;
  39.894 +	dom_fpswa_hypercall_patch(d, hypercalls_imva);
  39.895 +	tables->fpswa_inf.fpswa = (void *)FW_HYPERCALL_FPSWA_ENTRY_PADDR;
  39.896  
  39.897  	i = 0; /* Used by MAKE_MD */
  39.898  
  39.899 -	/* Create dom0/domu md entry for fw_mem area */
  39.900 -	MAKE_MD(EFI_ACPI_RECLAIM_MEMORY, EFI_MEMORY_WB | EFI_MEMORY_RUNTIME,
  39.901 -	        dom_pa((unsigned long)fw_mem),
  39.902 -	        dom_pa((unsigned long)fw_mem + fw_mem_size), 1);
  39.903 -
  39.904 -	if (d == dom0) {
  39.905 -		/* hypercall patches live here, masquerade as reserved PAL memory */
  39.906 -		MAKE_MD(EFI_PAL_CODE,EFI_MEMORY_WB|EFI_MEMORY_RUNTIME,HYPERCALL_START,HYPERCALL_END, 0);
  39.907 +	/* hypercall patches live here, masquerade as reserved PAL memory */
  39.908 +	MAKE_MD(EFI_PAL_CODE,EFI_MEMORY_WB|EFI_MEMORY_RUNTIME,
  39.909 +	        FW_HYPERCALL_BASE_PADDR, FW_HYPERCALL_END_PADDR);
  39.910  
  39.911 -		/* pass through the I/O port space */
  39.912 -		if (!running_on_sim) {
  39.913 -			struct dom0_passthrough_arg arg;
  39.914 -			arg.md = &efi_memmap[i];
  39.915 -			arg.i = &i;
  39.916 -			arg.d = d;
  39.917 -			arg.flags = ASSIGN_writable;
  39.918 -			//XXX Is this needed?
  39.919 -			efi_memmap_walk_type(EFI_RUNTIME_SERVICES_CODE,
  39.920 -			                     dom_fw_dom0_passthrough, &arg);
  39.921 -			// for ACPI table.
  39.922 -			arg.flags = ASSIGN_readonly;
  39.923 -			efi_memmap_walk_type(EFI_RUNTIME_SERVICES_DATA,
  39.924 -			                     dom_fw_dom0_passthrough, &arg);
  39.925 -			arg.flags = ASSIGN_writable;
  39.926 -			efi_memmap_walk_type(EFI_ACPI_RECLAIM_MEMORY,
  39.927 -			                     dom_fw_dom0_passthrough, &arg);
  39.928 -			efi_memmap_walk_type(EFI_ACPI_MEMORY_NVS,
  39.929 -			                     dom_fw_dom0_passthrough, &arg);
  39.930 -			efi_memmap_walk_type(EFI_RESERVED_TYPE,
  39.931 -			                     dom_fw_dom0_passthrough, &arg);
  39.932 -			efi_memmap_walk_type(EFI_MEMORY_MAPPED_IO,
  39.933 -			                     dom_fw_dom0_passthrough, &arg);
  39.934 -			efi_memmap_walk_type(EFI_MEMORY_MAPPED_IO_PORT_SPACE,
  39.935 -			                     dom_fw_dom0_passthrough, &arg);
  39.936 -			efi_memmap_walk_type(EFI_CONVENTIONAL_MEMORY,
  39.937 -			                     dom_fw_dom0_lowmem, &arg);
  39.938 -		}
  39.939 -		else MAKE_MD(EFI_RESERVED_TYPE,0,0,0,0);
  39.940 -	} else {
  39.941 -		/* hypercall patches live here, masquerade as reserved
  39.942 -		   PAL memory */
  39.943 -		MAKE_MD(EFI_PAL_CODE, EFI_MEMORY_WB | EFI_MEMORY_RUNTIME,
  39.944 -			HYPERCALL_START, HYPERCALL_END, 1);
  39.945 +	/* Create dom0/domu md entry for fw and cpi tables area.  */
  39.946 +	MAKE_MD(EFI_ACPI_MEMORY_NVS, EFI_MEMORY_WB | EFI_MEMORY_RUNTIME,
  39.947 +	        FW_ACPI_BASE_PADDR, FW_ACPI_END_PADDR);
  39.948 +	MAKE_MD(EFI_RUNTIME_SERVICES_DATA, EFI_MEMORY_WB | EFI_MEMORY_RUNTIME,
  39.949 +	        FW_TABLES_BASE_PADDR, FW_TABLES_END_PADDR);
  39.950 +
  39.951 +	if (d != dom0 || running_on_sim) {
  39.952 +		/* DomU (or hp-ski).
  39.953 +		   Create a continuous memory area.  */
  39.954 +		/* Memory.  */
  39.955 +		MAKE_MD(EFI_CONVENTIONAL_MEMORY, EFI_MEMORY_WB,
  39.956 +		        FW_END_PADDR, maxmem);
  39.957 +		
  39.958  		/* Create an entry for IO ports.  */
  39.959  		MAKE_MD(EFI_MEMORY_MAPPED_IO_PORT_SPACE, EFI_MEMORY_UC,
  39.960 -			IO_PORTS_PADDR, IO_PORTS_PADDR + IO_PORTS_SIZE, 1);
  39.961 -		MAKE_MD(EFI_RESERVED_TYPE,0,0,0,0);
  39.962 +		        IO_PORTS_PADDR, IO_PORTS_PADDR + IO_PORTS_SIZE);
  39.963 +
  39.964 +		num_mds = i;
  39.965 +	}
  39.966 +	else {
  39.967 +		/* Dom0.
  39.968 +		   We must preserve ACPI data from real machine,
  39.969 +		   as well as IO areas.  */
  39.970 +		num_mds = complete_dom0_memmap(d, tables, maxmem, i);
  39.971  	}
  39.972  
  39.973 -	// simple
  39.974 -	// MAKE_MD(EFI_CONVENTIONAL_MEMORY, EFI_MEMORY_WB,
  39.975 -	//         HYPERCALL_END, maxmem, 0);
  39.976 -	// is not good. Check overlap.
  39.977 -	sort(efi_memmap, i, sizeof(efi_memory_desc_t),
  39.978 -	     efi_mdt_cmp, NULL);
  39.979 -
  39.980 -	// find gap and fill it with conventional memory
  39.981 -	num_mds = i;
  39.982 -	for (j = 0; j < num_mds; j++) {
  39.983 -		unsigned long end;
  39.984 -		unsigned long next_start;
  39.985 -
  39.986 -		md = &efi_memmap[j];
  39.987 -		end = md->phys_addr + (md->num_pages << EFI_PAGE_SHIFT);
  39.988 +	/* Display memmap.  */
  39.989 +	for (i = 0 ; i < num_mds; i++)
  39.990 +		print_md(&tables->efi_memmap[i]);
  39.991  
  39.992 -		next_start = maxmem;
  39.993 -		if (j + 1 < num_mds) {
  39.994 -			efi_memory_desc_t* next_md = &efi_memmap[j + 1];
  39.995 -			next_start = next_md->phys_addr;
  39.996 -			BUG_ON(end > next_start);
  39.997 -			if (end == next_md->phys_addr)
  39.998 -				continue;
  39.999 -		}
 39.1000 -
 39.1001 -		// clip the range and align to PAGE_SIZE
 39.1002 -		// Avoid "legacy" low memory addresses and the
 39.1003 -		// HYPERCALL patch area.      
 39.1004 -		if (end < HYPERCALL_END)
 39.1005 -			end = HYPERCALL_END;
 39.1006 -		if (next_start > maxmem)
 39.1007 -			next_start = maxmem;
 39.1008 -		end = PAGE_ALIGN(end);
 39.1009 -		next_start = next_start & PAGE_MASK;
 39.1010 -		if (end >= next_start)
 39.1011 -			continue;
 39.1012 -
 39.1013 -		MAKE_MD(EFI_CONVENTIONAL_MEMORY, EFI_MEMORY_WB,
 39.1014 -		        end, next_start, 0);
 39.1015 -		if (next_start >= maxmem)
 39.1016 -			break;
 39.1017 -	}
 39.1018 -	sort(efi_memmap, i, sizeof(efi_memory_desc_t), efi_mdt_cmp, NULL);
 39.1019 -
 39.1020 -	bp->efi_systab = dom_pa((unsigned long) fw_mem);
 39.1021 -	bp->efi_memmap = dom_pa((unsigned long) efi_memmap);
 39.1022 -	BUG_ON(i > NUM_MEM_DESCS);
 39.1023 -	bp->efi_memmap_size = i * sizeof(efi_memory_desc_t);
 39.1024 +	/* Fill boot_param  */
 39.1025 +	bp->efi_systab = FW_FIELD_MPA(efi_systab);
 39.1026 +	bp->efi_memmap = FW_FIELD_MPA(efi_memmap);
 39.1027 +	bp->efi_memmap_size = num_mds * sizeof(efi_memory_desc_t);
 39.1028  	bp->efi_memdesc_size = sizeof(efi_memory_desc_t);
 39.1029  	bp->efi_memdesc_version = EFI_MEMDESC_VERSION;
 39.1030  	bp->command_line = 0;
 39.1031 @@ -875,49 +867,44 @@ dom_fw_init (struct domain *d, struct ia
 39.1032  	bp->console_info.num_rows = 25;
 39.1033  	bp->console_info.orig_x = 0;
 39.1034  	bp->console_info.orig_y = 24;
 39.1035 -	bp->fpswa = dom_pa((unsigned long) fpswa_inf);
 39.1036 -	if (d == dom0) {
 39.1037 -		int j;
 39.1038 -		u64 addr;
 39.1039 +	bp->fpswa = FW_FIELD_MPA(fpswa_inf);
 39.1040 +}
 39.1041 +
 39.1042 +void dom_fw_setup(struct domain *d, unsigned long bp_mpa, unsigned long maxmem)
 39.1043 +{
 39.1044 +	struct ia64_boot_param *bp;
 39.1045 +	unsigned long imva_tables_base;
 39.1046 +	unsigned long imva_hypercall_base;
 39.1047  
 39.1048 -		// dom0 doesn't need build_physmap_table()
 39.1049 -		// see arch_set_info_guest()
 39.1050 -		// instead we allocate pages manually.
 39.1051 -		for (j = 0; j < i; j++) {
 39.1052 -			md = &efi_memmap[j];
 39.1053 -			if (md->phys_addr > maxmem)
 39.1054 -				break;
 39.1055 +	BUILD_BUG_ON(sizeof(struct fw_tables) >
 39.1056 +	             (FW_TABLES_END_PADDR - FW_TABLES_BASE_PADDR));
 39.1057  
 39.1058 -			if (md->type == EFI_LOADER_DATA ||
 39.1059 -			    md->type == EFI_PAL_CODE ||
 39.1060 -			    md->type == EFI_CONVENTIONAL_MEMORY) {
 39.1061 -				unsigned long start = md->phys_addr & PAGE_MASK;
 39.1062 -				unsigned long end = md->phys_addr +
 39.1063 -				              (md->num_pages << EFI_PAGE_SHIFT);
 39.1064 +	BUILD_BUG_ON(sizeof(struct fake_acpi_tables) >
 39.1065 +	             (FW_ACPI_END_PADDR - FW_ACPI_BASE_PADDR));
 39.1066 +
 39.1067 +	/* Create page for hypercalls.  */
 39.1068 +	assign_new_domain_page_if_dom0(d, FW_HYPERCALL_BASE_PADDR);
 39.1069 +	imva_hypercall_base = (unsigned long)domain_mpa_to_imva
 39.1070 +	                                     (d, FW_HYPERCALL_BASE_PADDR);
 39.1071  
 39.1072 -				if (end == start) {
 39.1073 -					// md->num_pages = 0 is allowed.
 39.1074 -					end += PAGE_SIZE;
 39.1075 -				}
 39.1076 -				if (end > (max_page << PAGE_SHIFT))
 39.1077 -					end = (max_page << PAGE_SHIFT);
 39.1078 +	/* Create page for acpi tables.  */
 39.1079 +	if (d != dom0) {
 39.1080 +		void *imva;
 39.1081 +
 39.1082 +		assign_new_domain_page_if_dom0(d, FW_ACPI_BASE_PADDR);
 39.1083 +		imva = domain_mpa_to_imva (d, FW_ACPI_BASE_PADDR);
 39.1084 +		dom_fw_fake_acpi(d, (struct fake_acpi_tables *)imva);
 39.1085 +	}
 39.1086  
 39.1087 -				for (addr = start; addr < end; addr += PAGE_SIZE) {
 39.1088 -					assign_new_domain0_page(d, addr);
 39.1089 -				}
 39.1090 -			}
 39.1091 -		}
 39.1092 -		// Map low-memory holes & unmapped MMIO for legacy drivers
 39.1093 -		for (addr = 0; addr < 1*MB; addr += PAGE_SIZE) {
 39.1094 -			if (domain_page_mapped(d, addr))
 39.1095 -				continue;
 39.1096 -					
 39.1097 -			if (efi_mmio(addr, PAGE_SIZE))
 39.1098 -				assign_domain_mmio_page(d, addr, PAGE_SIZE);
 39.1099 -		}
 39.1100 -	}
 39.1101 -	for (i = 0 ; i < bp->efi_memmap_size/sizeof(efi_memory_desc_t) ; i++) {
 39.1102 -		md = efi_memmap + i;
 39.1103 -		print_md(md);
 39.1104 -	}
 39.1105 +	/* Create page for FW tables.  */
 39.1106 +	assign_new_domain_page_if_dom0(d, FW_TABLES_BASE_PADDR);
 39.1107 +	imva_tables_base = (unsigned long)domain_mpa_to_imva
 39.1108 +	                                  (d, FW_TABLES_BASE_PADDR);
 39.1109 +
 39.1110 +	/* Create page for boot_param.  */
 39.1111 +	assign_new_domain_page_if_dom0(d, bp_mpa);
 39.1112 +	bp = domain_mpa_to_imva(d, bp_mpa);
 39.1113 +
 39.1114 +	dom_fw_init(d, bp, (struct fw_tables *)imva_tables_base,
 39.1115 +	            imva_hypercall_base, maxmem);
 39.1116  }
    40.1 --- a/xen/arch/ia64/xen/domain.c	Wed Aug 30 14:09:31 2006 -0500
    40.2 +++ b/xen/arch/ia64/xen/domain.c	Wed Aug 30 22:36:18 2006 +0100
    40.3 @@ -46,7 +46,6 @@
    40.4  #include <asm/regionreg.h>
    40.5  #include <asm/dom_fw.h>
    40.6  #include <asm/shadow.h>
    40.7 -#include <asm/privop_stat.h>
    40.8  
    40.9  unsigned long dom0_size = 512*1024*1024;
   40.10  unsigned long dom0_align = 64*1024*1024;
   40.11 @@ -111,6 +110,8 @@ void schedule_tail(struct vcpu *prev)
   40.12  
   40.13  	if (VMX_DOMAIN(current)) {
   40.14  		vmx_do_launch(current);
   40.15 +		migrate_timer(&current->arch.arch_vmx.vtm.vtm_timer,
   40.16 +		              current->processor);
   40.17  	} else {
   40.18  		ia64_set_iva(&ia64_ivt);
   40.19          	ia64_set_pta(VHPT_ADDR | (1 << 8) | (VHPT_SIZE_LOG2 << 2) |
   40.20 @@ -121,6 +122,7 @@ void schedule_tail(struct vcpu *prev)
   40.21  		  shared_info->vcpu_info[current->vcpu_id].evtchn_upcall_mask;
   40.22  		__ia64_per_cpu_var(current_psr_ic_addr) = (int *)
   40.23  		  (current->domain->arch.shared_info_va + XSI_PSR_IC_OFS);
   40.24 +		migrate_timer(&current->arch.hlt_timer, current->processor);
   40.25  	}
   40.26  	flush_vtlb_for_context_switch(current);
   40.27  }
   40.28 @@ -134,10 +136,18 @@ void context_switch(struct vcpu *prev, s
   40.29  
   40.30      __ia64_save_fpu(prev->arch._thread.fph);
   40.31      __ia64_load_fpu(next->arch._thread.fph);
   40.32 -    if (VMX_DOMAIN(prev))
   40.33 -	    vmx_save_state(prev);
   40.34 +    if (VMX_DOMAIN(prev)) {
   40.35 +	vmx_save_state(prev);
   40.36 +	if (!VMX_DOMAIN(next)) {
   40.37 +	    /* VMX domains can change the physical cr.dcr.
   40.38 +	     * Restore default to prevent leakage. */
   40.39 +	    ia64_setreg(_IA64_REG_CR_DCR, (IA64_DCR_DP | IA64_DCR_DK
   40.40 +	                   | IA64_DCR_DX | IA64_DCR_DR | IA64_DCR_PP
   40.41 +	                   | IA64_DCR_DA | IA64_DCR_DD | IA64_DCR_LC));
   40.42 +	}
   40.43 +    }
   40.44      if (VMX_DOMAIN(next))
   40.45 -	    vmx_load_state(next);
   40.46 +	vmx_load_state(next);
   40.47      /*ia64_psr(ia64_task_regs(next))->dfh = !ia64_is_local_fpu_owner(next);*/
   40.48      prev = ia64_switch_to(next);
   40.49  
   40.50 @@ -147,6 +157,8 @@ void context_switch(struct vcpu *prev, s
   40.51   
   40.52      if (VMX_DOMAIN(current)){
   40.53  	vmx_load_all_rr(current);
   40.54 +	migrate_timer(&current->arch.arch_vmx.vtm.vtm_timer,
   40.55 +	              current->processor);
   40.56      } else {
   40.57  	struct domain *nd;
   40.58      	extern char ia64_ivt;
   40.59 @@ -228,6 +240,12 @@ void startup_cpu_idle_loop(void)
   40.60  # error "XMAPPEDREGS_SHIFT doesn't match sizeof(mapped_regs_t)."
   40.61  #endif
   40.62  
   40.63 +void hlt_timer_fn(void *data)
   40.64 +{
   40.65 +	struct vcpu *v = data;
   40.66 +	vcpu_unblock(v);
   40.67 +}
   40.68 +
   40.69  struct vcpu *alloc_vcpu_struct(struct domain *d, unsigned int vcpu_id)
   40.70  {
   40.71  	struct vcpu *v;
   40.72 @@ -287,6 +305,10 @@ struct vcpu *alloc_vcpu_struct(struct do
   40.73  	    v->arch.breakimm = d->arch.breakimm;
   40.74  	    v->arch.last_processor = INVALID_PROCESSOR;
   40.75  	}
   40.76 +	if (!VMX_DOMAIN(v)){
   40.77 +		init_timer(&v->arch.hlt_timer, hlt_timer_fn, v,
   40.78 +		           first_cpu(cpu_online_map));
   40.79 +	}
   40.80  
   40.81  	return v;
   40.82  }
   40.83 @@ -298,6 +320,7 @@ void relinquish_vcpu_resources(struct vc
   40.84                             get_order_from_shift(XMAPPEDREGS_SHIFT));
   40.85          v->arch.privregs = NULL;
   40.86      }
   40.87 +    kill_timer(&v->arch.hlt_timer);
   40.88  }
   40.89  
   40.90  void free_vcpu_struct(struct vcpu *v)
   40.91 @@ -532,6 +555,9 @@ void domain_relinquish_resources(struct 
   40.92      // relase page traversing d->arch.mm.
   40.93      relinquish_mm(d);
   40.94  
   40.95 +    if (d->vcpu[0] && VMX_DOMAIN(d->vcpu[0]))
   40.96 +	    vmx_relinquish_guest_resources(d);
   40.97 +
   40.98      relinquish_memory(d, &d->xenpage_list);
   40.99      relinquish_memory(d, &d->page_list);
  40.100  
  40.101 @@ -591,7 +617,7 @@ domain_set_shared_info_va (unsigned long
  40.102  /* Transfer and clear the shadow bitmap in 1kB chunks for L1 cache. */
  40.103  #define SHADOW_COPY_CHUNK (1024 / sizeof (unsigned long))
  40.104  
  40.105 -int shadow_mode_control(struct domain *d, xen_domctl_shadow_ops_t *sc)
  40.106 +int shadow_mode_control(struct domain *d, xen_domctl_shadow_op_t *sc)
  40.107  {
  40.108  	unsigned int op = sc->op;
  40.109  	int          rc = 0;
  40.110 @@ -716,6 +742,15 @@ int shadow_mode_control(struct domain *d
  40.111  		}
  40.112  		break;
  40.113  	}
  40.114 +	case XEN_DOMCTL_SHADOW_OP_GET_ALLOCATION:
  40.115 +		sc->mb = 0;
  40.116 +		break;
  40.117 +	case XEN_DOMCTL_SHADOW_OP_SET_ALLOCATION:
  40.118 +		if (sc->mb > 0) {
  40.119 +			BUG();
  40.120 +			rc = -ENOMEM;
  40.121 +		}
  40.122 +		break;
  40.123  	default:
  40.124  		rc = -EINVAL;
  40.125  		break;
  40.126 @@ -1082,13 +1117,15 @@ void machine_restart(char * __unused)
  40.127  	while(1);
  40.128  }
  40.129  
  40.130 +extern void cpu_halt(void);
  40.131 +
  40.132  void machine_halt(void)
  40.133  {
  40.134  	console_start_sync();
  40.135  	if (running_on_sim)
  40.136  		printf ("machine_halt called.  spinning...\n");
  40.137  	else
  40.138 -		(*efi.reset_system)(EFI_RESET_SHUTDOWN,0,0,NULL);
  40.139 +		cpu_halt();
  40.140  	while(1);
  40.141  }
  40.142  
    41.1 --- a/xen/arch/ia64/xen/faults.c	Wed Aug 30 14:09:31 2006 -0500
    41.2 +++ b/xen/arch/ia64/xen/faults.c	Wed Aug 30 22:36:18 2006 +0100
    41.3 @@ -13,6 +13,8 @@
    41.4  #include <xen/smp.h>
    41.5  #include <asm/ptrace.h>
    41.6  #include <xen/delay.h>
    41.7 +#include <xen/perfc.h>
    41.8 +#include <xen/mm.h>
    41.9  
   41.10  #include <asm/system.h>
   41.11  #include <asm/processor.h>
   41.12 @@ -26,9 +28,9 @@
   41.13  #include <asm/debugger.h>
   41.14  #include <asm/fpswa.h>
   41.15  #include <asm/bundle.h>
   41.16 -#include <asm/privop_stat.h>
   41.17  #include <asm/asm-xsi-offsets.h>
   41.18  #include <asm/shadow.h>
   41.19 +#include <asm/uaccess.h>
   41.20  
   41.21  extern void die_if_kernel(char *str, struct pt_regs *regs, long err);
   41.22  /* FIXME: where these declarations shold be there ? */
   41.23 @@ -516,7 +518,8 @@ ia64_handle_break (unsigned long ifa, st
   41.24  		debugger_trap_fatal(0 /* don't care */, regs);
   41.25  	} 
   41.26  #endif
   41.27 -	else if (iim == d->arch.breakimm) {
   41.28 +	else if (iim == d->arch.breakimm &&
   41.29 +	         ia64_get_cpl(regs->cr_ipsr) == 2) {
   41.30  		/* by default, do not continue */
   41.31  		v->arch.hypercall_continuation = 0;
   41.32  
    42.1 --- a/xen/arch/ia64/xen/flushd.S	Wed Aug 30 14:09:31 2006 -0500
    42.2 +++ b/xen/arch/ia64/xen/flushd.S	Wed Aug 30 22:36:18 2006 +0100
    42.3 @@ -16,8 +16,9 @@
    42.4  	 *
    42.5  	 *	Flush cache.
    42.6  	 *
    42.7 -	 *	Must deal with range from start to end-1 but nothing else (need to
    42.8 -	 *	be careful not to touch addresses that may be unmapped).
    42.9 +	 *	Must deal with range from start to end-1 but nothing else 
   42.10 +	 *	(need to be careful not to touch addresses that may be 
   42.11 +	 *	unmapped).
   42.12  	 *
   42.13  	 *	Note: "in0" and "in1" are preserved for debugging purposes.
   42.14  	 */
   42.15 @@ -37,7 +38,8 @@ GLOBAL_ENTRY(flush_dcache_range)
   42.16  	;;
   42.17  	sub	r8=r22,r23		// number of strides - 1
   42.18  	shl	r24=r23,r20		// r24: addresses for "fc" =
   42.19 -					//	"start" rounded down to stride boundary
   42.20 +					//	"start" rounded down to stride 
   42.21 +					//	boundary
   42.22  	.save	ar.lc,r3
   42.23  	mov	r3=ar.lc		// save ar.lc
   42.24  	;;
   42.25 @@ -49,7 +51,8 @@ GLOBAL_ENTRY(flush_dcache_range)
   42.26  	 * 32 byte aligned loop, even number of (actually 2) bundles
   42.27  	 */
   42.28  .Loop:	fc	r24			// issuable on M0 only
   42.29 -	add	r24=r21,r24		// we flush "stride size" bytes per iteration
   42.30 +	add	r24=r21,r24		// we flush "stride size" bytes per
   42.31 +					//   iteration
   42.32  	nop.i	0
   42.33  	br.cloop.sptk.few .Loop
   42.34  	;;
    43.1 --- a/xen/arch/ia64/xen/fw_emul.c	Wed Aug 30 14:09:31 2006 -0500
    43.2 +++ b/xen/arch/ia64/xen/fw_emul.c	Wed Aug 30 22:36:18 2006 +0100
    43.3 @@ -28,6 +28,7 @@
    43.4  #include "hpsim_ssc.h"
    43.5  #include <asm/vcpu.h>
    43.6  #include <asm/dom_fw.h>
    43.7 +#include <asm/uaccess.h>
    43.8  
    43.9  extern unsigned long running_on_sim;
   43.10  
   43.11 @@ -420,6 +421,141 @@ efi_emulate_get_time(
   43.12  }
   43.13  
   43.14  static efi_status_t
   43.15 +efi_emulate_get_variable(
   43.16 +	unsigned long name_addr, unsigned long vendor_addr,
   43.17 +	unsigned long attr_addr, unsigned long data_size_addr,
   43.18 +	unsigned long data_addr, IA64FAULT *fault)
   43.19 +{
   43.20 +	unsigned long name, vendor, attr = 0, data_size, data;
   43.21 +	struct page_info *name_page = NULL, *vendor_page = NULL,
   43.22 +	                 *attr_page = NULL, *data_size_page = NULL,
   43.23 +	                 *data_page = NULL;
   43.24 +	efi_status_t status = 0;
   43.25 +
   43.26 +	if (current->domain != dom0)
   43.27 +		return EFI_UNSUPPORTED;
   43.28 +
   43.29 +	name = efi_translate_domain_addr(name_addr, fault, &name_page);
   43.30 +	if (*fault != IA64_NO_FAULT)
   43.31 +		goto errout;
   43.32 +	vendor = efi_translate_domain_addr(vendor_addr, fault, &vendor_page);
   43.33 +	if (*fault != IA64_NO_FAULT)
   43.34 +		goto errout;
   43.35 +	data_size = efi_translate_domain_addr(data_size_addr, fault,
   43.36 +	                                      &data_size_page);
   43.37 +	if (*fault != IA64_NO_FAULT)
   43.38 +		goto errout;
   43.39 +	data = efi_translate_domain_addr(data_addr, fault, &data_page);
   43.40 +	if (*fault != IA64_NO_FAULT)
   43.41 +		goto errout;
   43.42 +	if (attr_addr) {
   43.43 +		attr = efi_translate_domain_addr(attr_addr, fault, &attr_page);
   43.44 +		if (*fault != IA64_NO_FAULT)
   43.45 +			goto errout;
   43.46 +	}
   43.47 +
   43.48 +	status = (*efi.get_variable)((efi_char16_t *)name,
   43.49 +	                             (efi_guid_t *)vendor,
   43.50 +	                             (u32 *)attr,
   43.51 +	                             (unsigned long *)data_size,
   43.52 +	                             (void *)data);
   43.53 +
   43.54 +errout:
   43.55 +	if (name_page != NULL)
   43.56 +		put_page(name_page);
   43.57 +	if (vendor_page != NULL)
   43.58 +		put_page(vendor_page);
   43.59 +	if (attr_page != NULL)
   43.60 +		put_page(attr_page);
   43.61 +	if (data_size_page != NULL)
   43.62 +		put_page(data_size_page);
   43.63 +	if (data_page != NULL)
   43.64 +		put_page(data_page);
   43.65 +
   43.66 +	return status;
   43.67 +}
   43.68 +
   43.69 +static efi_status_t
   43.70 +efi_emulate_get_next_variable(
   43.71 +	unsigned long name_size_addr, unsigned long name_addr,
   43.72 +	unsigned long vendor_addr, IA64FAULT *fault)
   43.73 +{
   43.74 +	unsigned long name_size, name, vendor;
   43.75 +	struct page_info *name_size_page = NULL, *name_page = NULL,
   43.76 +	                 *vendor_page = NULL;
   43.77 +	efi_status_t status = 0;
   43.78 +
   43.79 +	if (current->domain != dom0)
   43.80 +		return EFI_UNSUPPORTED;
   43.81 +
   43.82 +	name_size = efi_translate_domain_addr(name_size_addr, fault,
   43.83 +	                                      &name_size_page);
   43.84 +	if (*fault != IA64_NO_FAULT)
   43.85 +		goto errout;
   43.86 +	name = efi_translate_domain_addr(name_addr, fault, &name_page);
   43.87 +	if (*fault != IA64_NO_FAULT)
   43.88 +		goto errout;
   43.89 +	vendor = efi_translate_domain_addr(vendor_addr, fault, &vendor_page);
   43.90 +	if (*fault != IA64_NO_FAULT)
   43.91 +		goto errout;
   43.92 +
   43.93 +	status = (*efi.get_next_variable)((unsigned long *)name_size,
   43.94 +	                                  (efi_char16_t *)name,
   43.95 +	                                  (efi_guid_t *)vendor);
   43.96 +
   43.97 +errout:
   43.98 +	if (name_size_page != NULL)
   43.99 +		put_page(name_size_page);
  43.100 +	if (name_page != NULL)
  43.101 +		put_page(name_page);
  43.102 +	if (vendor_page != NULL)
  43.103 +		put_page(vendor_page);
  43.104 +
  43.105 +	return status;
  43.106 +}
  43.107 +
  43.108 +static efi_status_t
  43.109 +efi_emulate_set_variable(
  43.110 +	unsigned long name_addr, unsigned long vendor_addr, 
  43.111 +	unsigned long attr, unsigned long data_size, 
  43.112 +	unsigned long data_addr, IA64FAULT *fault)
  43.113 +{
  43.114 +	unsigned long name, vendor, data;
  43.115 +	struct page_info *name_page = NULL, *vendor_page = NULL,
  43.116 +	                 *data_page = NULL;
  43.117 +	efi_status_t status = 0;
  43.118 +
  43.119 +	if (current->domain != dom0)
  43.120 +		return EFI_UNSUPPORTED;
  43.121 +
  43.122 +	name = efi_translate_domain_addr(name_addr, fault, &name_page);
  43.123 +	if (*fault != IA64_NO_FAULT)
  43.124 +		goto errout;
  43.125 +	vendor = efi_translate_domain_addr(vendor_addr, fault, &vendor_page);
  43.126 +	if (*fault != IA64_NO_FAULT)
  43.127 +		goto errout;
  43.128 +	data = efi_translate_domain_addr(data_addr, fault, &data_page);
  43.129 +	if (*fault != IA64_NO_FAULT)
  43.130 +		goto errout;
  43.131 +
  43.132 +	status = (*efi.set_variable)((efi_char16_t *)name,
  43.133 +	                             (efi_guid_t *)vendor,
  43.134 +	                             attr,
  43.135 +	                             data_size,
  43.136 +	                             (void *)data);
  43.137 +
  43.138 +errout:
  43.139 +	if (name_page != NULL)
  43.140 +		put_page(name_page);
  43.141 +	if (vendor_page != NULL)
  43.142 +		put_page(vendor_page);
  43.143 +	if (data_page != NULL)
  43.144 +		put_page(data_page);
  43.145 +
  43.146 +	return status;
  43.147 +}
  43.148 +
  43.149 +static efi_status_t
  43.150  efi_emulate_set_virtual_address_map(
  43.151  	unsigned long memory_map_size, unsigned long descriptor_size,
  43.152  	u32 descriptor_version, efi_memory_desc_t *virtual_map)
  43.153 @@ -527,6 +663,31 @@ efi_emulator (struct pt_regs *regs, IA64
  43.154  				vcpu_get_gr(v,33),
  43.155  				fault);
  43.156  		break;
  43.157 +	    case FW_HYPERCALL_EFI_GET_VARIABLE:
  43.158 +		status = efi_emulate_get_variable (
  43.159 +				vcpu_get_gr(v,32),
  43.160 +				vcpu_get_gr(v,33),
  43.161 +				vcpu_get_gr(v,34),
  43.162 +				vcpu_get_gr(v,35),
  43.163 +				vcpu_get_gr(v,36),
  43.164 +				fault);
  43.165 +		break;
  43.166 +	    case FW_HYPERCALL_EFI_GET_NEXT_VARIABLE:
  43.167 +		status = efi_emulate_get_next_variable (
  43.168 +				vcpu_get_gr(v,32),
  43.169 +				vcpu_get_gr(v,33),
  43.170 +				vcpu_get_gr(v,34),
  43.171 +				fault);
  43.172 +		break;
  43.173 +	    case FW_HYPERCALL_EFI_SET_VARIABLE:
  43.174 +		status = efi_emulate_set_variable (
  43.175 +				vcpu_get_gr(v,32),
  43.176 +				vcpu_get_gr(v,33),
  43.177 +				vcpu_get_gr(v,34),
  43.178 +				vcpu_get_gr(v,35),
  43.179 +				vcpu_get_gr(v,36),
  43.180 +				fault);
  43.181 +		break;
  43.182  	    case FW_HYPERCALL_EFI_SET_VIRTUAL_ADDRESS_MAP:
  43.183  		status = efi_emulate_set_virtual_address_map (
  43.184  				vcpu_get_gr(v,32),
  43.185 @@ -538,10 +699,6 @@ efi_emulator (struct pt_regs *regs, IA64
  43.186  	    case FW_HYPERCALL_EFI_GET_WAKEUP_TIME:
  43.187  	    case FW_HYPERCALL_EFI_SET_WAKEUP_TIME:
  43.188  		// FIXME: need fixes in efi.h from 2.6.9
  43.189 -	    case FW_HYPERCALL_EFI_GET_VARIABLE:
  43.190 -		// FIXME: need fixes in efi.h from 2.6.9
  43.191 -	    case FW_HYPERCALL_EFI_GET_NEXT_VARIABLE:
  43.192 -	    case FW_HYPERCALL_EFI_SET_VARIABLE:
  43.193  	    case FW_HYPERCALL_EFI_GET_NEXT_HIGH_MONO_COUNT:
  43.194  		// FIXME: need fixes in efi.h from 2.6.9
  43.195  		status = EFI_UNSUPPORTED;
    44.1 --- a/xen/arch/ia64/xen/hypercall.c	Wed Aug 30 14:09:31 2006 -0500
    44.2 +++ b/xen/arch/ia64/xen/hypercall.c	Wed Aug 30 22:36:18 2006 +0100
    44.3 @@ -11,6 +11,7 @@
    44.4  #include <xen/hypercall.h>
    44.5  #include <xen/multicall.h>
    44.6  #include <xen/guest_access.h>
    44.7 +#include <xen/mm.h>
    44.8  
    44.9  #include <linux/efi.h>	/* FOR EFI_UNIMPLEMENTED */
   44.10  #include <asm/sal.h>	/* FOR struct ia64_sal_retval */
   44.11 @@ -29,45 +30,45 @@
   44.12  #include <xen/domain.h>
   44.13  #include <public/callback.h>
   44.14  #include <xen/event.h>
   44.15 -#include <asm/privop_stat.h>
   44.16 +#include <xen/perfc.h>
   44.17  
   44.18  static long do_physdev_op_compat(XEN_GUEST_HANDLE(physdev_op_t) uop);
   44.19  static long do_physdev_op(int cmd, XEN_GUEST_HANDLE(void) arg);
   44.20  static long do_callback_op(int cmd, XEN_GUEST_HANDLE(void) arg);
   44.21  
   44.22 -hypercall_t ia64_hypercall_table[] =
   44.23 -	{
   44.24 -	(hypercall_t)do_ni_hypercall,		/* do_set_trap_table */		/*  0 */
   44.25 +const hypercall_t ia64_hypercall_table[NR_hypercalls] =
   44.26 +{
   44.27 +	(hypercall_t)do_ni_hypercall,		/* do_set_trap_table *//*  0 */
   44.28  	(hypercall_t)do_ni_hypercall,		/* do_mmu_update */
   44.29  	(hypercall_t)do_ni_hypercall,		/* do_set_gdt */
   44.30  	(hypercall_t)do_ni_hypercall,		/* do_stack_switch */
   44.31  	(hypercall_t)do_ni_hypercall,		/* do_set_callbacks */
   44.32 -	(hypercall_t)do_ni_hypercall,		/* do_fpu_taskswitch */		/*  5 */
   44.33 +	(hypercall_t)do_ni_hypercall,		/* do_fpu_taskswitch *//*  5 */
   44.34  	(hypercall_t)do_sched_op_compat,
   44.35  	(hypercall_t)do_ni_hypercall,
   44.36  	(hypercall_t)do_ni_hypercall,		/* do_set_debugreg */
   44.37  	(hypercall_t)do_ni_hypercall,		/* do_get_debugreg */
   44.38 -	(hypercall_t)do_ni_hypercall,		/* do_update_descriptor */	/* 10 */
   44.39 +	(hypercall_t)do_ni_hypercall,		/* do_update_descriptor * 10 */
   44.40  	(hypercall_t)do_ni_hypercall,		/* do_ni_hypercall */
   44.41  	(hypercall_t)do_memory_op,
   44.42  	(hypercall_t)do_multicall,
   44.43  	(hypercall_t)do_ni_hypercall,		/* do_update_va_mapping */
   44.44 -	(hypercall_t)do_ni_hypercall,		/* do_set_timer_op */		/* 15 */
   44.45 +	(hypercall_t)do_ni_hypercall,		/* do_set_timer_op */  /* 15 */
   44.46  	(hypercall_t)do_event_channel_op_compat,
   44.47  	(hypercall_t)do_xen_version,
   44.48  	(hypercall_t)do_console_io,
   44.49  	(hypercall_t)do_physdev_op_compat,
   44.50 -	(hypercall_t)do_grant_table_op,						/* 20 */
   44.51 +	(hypercall_t)do_grant_table_op,				       /* 20 */
   44.52  	(hypercall_t)do_ni_hypercall,		/* do_vm_assist */
   44.53 -	(hypercall_t)do_ni_hypercall,		/* do_update_va_mapping_otherdomain */
   44.54 +	(hypercall_t)do_ni_hypercall,		/* do_update_va_mapping_othe */
   44.55  	(hypercall_t)do_ni_hypercall,		/* (x86 only) */
   44.56  	(hypercall_t)do_ni_hypercall,		/* do_vcpu_op */
   44.57 -	(hypercall_t)do_ni_hypercall,		/* (x86_64 only) */		/* 25 */
   44.58 +	(hypercall_t)do_ni_hypercall,		/* (x86_64 only) */    /* 25 */
   44.59  	(hypercall_t)do_ni_hypercall,		/* do_mmuext_op */
   44.60  	(hypercall_t)do_ni_hypercall,		/* do_acm_op */
   44.61  	(hypercall_t)do_ni_hypercall,		/* do_nmi_op */
   44.62  	(hypercall_t)do_sched_op,
   44.63 -	(hypercall_t)do_callback_op,		/*  */			/* 30 */
   44.64 +	(hypercall_t)do_callback_op,		/*  */                 /* 30 */
   44.65  	(hypercall_t)do_ni_hypercall,		/*  */
   44.66  	(hypercall_t)do_event_channel_op,
   44.67  	(hypercall_t)do_physdev_op,
   44.68 @@ -77,33 +78,52 @@ hypercall_t ia64_hypercall_table[] =
   44.69  	(hypercall_t)do_ni_hypercall,		/*  */
   44.70  	(hypercall_t)do_ni_hypercall,		/*  */
   44.71  	(hypercall_t)do_ni_hypercall,		/*  */
   44.72 -	(hypercall_t)do_ni_hypercall,		/*  */                  /* 40 */
   44.73 +	(hypercall_t)do_ni_hypercall,		/*  */                 /* 40 */
   44.74  	(hypercall_t)do_ni_hypercall,		/*  */
   44.75  	(hypercall_t)do_ni_hypercall,		/*  */
   44.76  	(hypercall_t)do_ni_hypercall,		/*  */
   44.77  	(hypercall_t)do_ni_hypercall,		/*  */
   44.78 -	(hypercall_t)do_ni_hypercall,		/*  */                  /* 45 */
   44.79 +	(hypercall_t)do_ni_hypercall,		/*  */                 /* 45 */
   44.80  	(hypercall_t)do_ni_hypercall,		/*  */
   44.81  	(hypercall_t)do_ni_hypercall,		/*  */
   44.82 -	(hypercall_t)do_dom0vp_op,			/* dom0vp_op */
   44.83 +	(hypercall_t)do_dom0vp_op,              /* dom0vp_op */
   44.84  	(hypercall_t)do_ni_hypercall,		/* arch_1 */
   44.85 -	(hypercall_t)do_ni_hypercall,		/* arch_2 */            /* 50 */
   44.86 +	(hypercall_t)do_ni_hypercall,		/* arch_2 */           /* 50 */
   44.87  	(hypercall_t)do_ni_hypercall,		/* arch_3 */
   44.88  	(hypercall_t)do_ni_hypercall,		/* arch_4 */
   44.89  	(hypercall_t)do_ni_hypercall,		/* arch_5 */
   44.90  	(hypercall_t)do_ni_hypercall,		/* arch_6 */
   44.91 -	(hypercall_t)do_ni_hypercall		/* arch_7 */            /* 55 */
   44.92 -	};
   44.93 -
   44.94 -uint32_t nr_hypercalls =
   44.95 -	sizeof(ia64_hypercall_table) / sizeof(hypercall_t);
   44.96 +	(hypercall_t)do_ni_hypercall,		/* arch_7 */           /* 55 */
   44.97 +	(hypercall_t)do_ni_hypercall,
   44.98 +	(hypercall_t)do_ni_hypercall,
   44.99 +	(hypercall_t)do_ni_hypercall,
  44.100 +	(hypercall_t)do_ni_hypercall,
  44.101 +	(hypercall_t)do_ni_hypercall,                                  /* 60 */
  44.102 +	(hypercall_t)do_ni_hypercall,
  44.103 +	(hypercall_t)do_ni_hypercall,
  44.104 +	(hypercall_t)do_ni_hypercall
  44.105 +};
  44.106  
  44.107  static IA64FAULT
  44.108  xen_hypercall (struct pt_regs *regs)
  44.109  {
  44.110  	uint32_t cmd = (uint32_t)regs->r2;
  44.111 +	struct vcpu *v = current;
  44.112  
  44.113 -	if (cmd < nr_hypercalls)
  44.114 +	if (cmd == __HYPERVISOR_grant_table_op) {
  44.115 +		XEN_GUEST_HANDLE(void) uop;
  44.116 +
  44.117 +		v->arch.hypercall_param.va = regs->r15;
  44.118 +		v->arch.hypercall_param.pa1 = regs->r17;
  44.119 +		v->arch.hypercall_param.pa2 = regs->r18;
  44.120 +		set_xen_guest_handle(uop, (void *)regs->r15);
  44.121 +		regs->r8 = do_grant_table_op(regs->r14, uop, regs->r16);
  44.122 +		v->arch.hypercall_param.va = 0;
  44.123 +		return IA64_NO_FAULT;
  44.124 +	}
  44.125 +
  44.126 +	if (cmd < NR_hypercalls) {
  44.127 +		perfc_incra(hypercalls, cmd);
  44.128  		regs->r8 = (*ia64_hypercall_table[cmd])(
  44.129  			regs->r14,
  44.130  			regs->r15,
  44.131 @@ -111,13 +131,12 @@ xen_hypercall (struct pt_regs *regs)
  44.132  			regs->r17,
  44.133  			regs->r18,
  44.134  			regs->r19);
  44.135 -	else
  44.136 +	} else
  44.137  		regs->r8 = -ENOSYS;
  44.138  
  44.139  	return IA64_NO_FAULT;
  44.140  }
  44.141  
  44.142 -
  44.143  static void
  44.144  fw_hypercall_ipi (struct pt_regs *regs)
  44.145  {
  44.146 @@ -153,7 +172,7 @@ fw_hypercall_ipi (struct pt_regs *regs)
  44.147  		vcpu_init_regs (targ);
  44.148  		vcpu_regs (targ)->cr_iip = d->arch.sal_data->boot_rdv_ip;
  44.149  		vcpu_regs (targ)->r1 = d->arch.sal_data->boot_rdv_r1;
  44.150 -		vcpu_regs (targ)->b0 = d->arch.sal_return_addr;
  44.151 +		vcpu_regs (targ)->b0 = FW_HYPERCALL_SAL_RETURN_PADDR;
  44.152  
  44.153  		if (test_and_clear_bit(_VCPUF_down,
  44.154  				       &targ->vcpu_flags)) {
  44.155 @@ -217,7 +236,12 @@ fw_hypercall (struct pt_regs *regs)
  44.156  			}
  44.157  			else {
  44.158  				perfc_incrc(pal_halt_light);
  44.159 -				do_sched_op_compat(SCHEDOP_yield, 0);
  44.160 +				migrate_timer(&v->arch.hlt_timer,
  44.161 +				              v->processor);
  44.162 +				set_timer(&v->arch.hlt_timer,
  44.163 +				          vcpu_get_next_timer_ns(v));
  44.164 +				do_sched_op_compat(SCHEDOP_block, 0);
  44.165 +				stop_timer(&v->arch.hlt_timer);
  44.166  			}
  44.167  			regs->r8 = 0;
  44.168  			regs->r9 = 0;
  44.169 @@ -276,52 +300,10 @@ fw_hypercall (struct pt_regs *regs)
  44.170  	return IA64_NO_FAULT;
  44.171  }
  44.172  
  44.173 -/* opt_unsafe_hypercall: If true, unsafe debugging hypercalls are allowed.
  44.174 -   These can create security hole.  */
  44.175 -static int opt_unsafe_hypercall = 0;
  44.176 -boolean_param("unsafe_hypercall", opt_unsafe_hypercall);
  44.177 -
  44.178  IA64FAULT
  44.179  ia64_hypercall (struct pt_regs *regs)
  44.180  {
  44.181 -	struct vcpu *v = current;
  44.182  	unsigned long index = regs->r2;
  44.183 -	int privlvl = (regs->cr_ipsr & IA64_PSR_CPL) >> IA64_PSR_CPL0_BIT;
  44.184 -
  44.185 -	if (index >= FW_HYPERCALL_FIRST_USER) {
  44.186 -	    /* Note: user hypercalls are not safe, since Xen doesn't
  44.187 -	       check memory access privilege: Xen does not deny reading
  44.188 -	       or writing to kernel memory.  */
  44.189 -	    if (!opt_unsafe_hypercall) {
  44.190 -		printf("user xen/ia64 hypercalls disabled\n");
  44.191 -		regs->r8 = -1;
  44.192 -	    }
  44.193 -	    else switch (index) {
  44.194 -		case 0xffff:
  44.195 -			regs->r8 = dump_privop_counts_to_user(
  44.196 -				(char *) vcpu_get_gr(v,32),
  44.197 -				(int) vcpu_get_gr(v,33));
  44.198 -			break;
  44.199 -		case 0xfffe:
  44.200 -			regs->r8 = zero_privop_counts_to_user(
  44.201 -				(char *) vcpu_get_gr(v,32),
  44.202 -				(int) vcpu_get_gr(v,33));
  44.203 -			break;
  44.204 -		default:
  44.205 -			printf("unknown user xen/ia64 hypercall %lx\n", index);
  44.206 -			regs->r8 = do_ni_hypercall();
  44.207 -	    }
  44.208 -	    return IA64_NO_FAULT;
  44.209 -	}
  44.210 -
  44.211 -	/* Hypercalls are only allowed by kernel.
  44.212 -	   Kernel checks memory accesses.  */
  44.213 -	if (VMX_DOMAIN(v) ? (privlvl != 0) : (privlvl != 2)) {
  44.214 -	    /* FIXME: Return a better error value ?
  44.215 -	       Reflection ? Illegal operation ?  */
  44.216 -	    regs->r8 = -1;
  44.217 -	    return IA64_NO_FAULT;
  44.218 -	}
  44.219  
  44.220  	if (index >= FW_HYPERCALL_FIRST_ARCH)
  44.221  	    return fw_hypercall (regs);
    45.1 --- a/xen/arch/ia64/xen/hyperprivop.S	Wed Aug 30 14:09:31 2006 -0500
    45.2 +++ b/xen/arch/ia64/xen/hyperprivop.S	Wed Aug 30 22:36:18 2006 +0100
    45.3 @@ -18,7 +18,8 @@
    45.4  
    45.5  
    45.6  #define	_PAGE_PPN_MASK	0x0003fffffffff000 //asm/pgtable.h doesn't do assembly
    45.7 -#define PAGE_PHYS	0x0010000000000761 //__pgprot(__DIRTY_BITS|_PAGE_PL_2|_PAGE_AR_RWX)
    45.8 +#define PAGE_PHYS	0x0010000000000761 //__pgprot(__DIRTY_BITS|
    45.9 +					   //         _PAGE_PL_2|_PAGE_AR_RWX)
   45.10  #define _PAGE_PL_2	(2<<7)
   45.11  
   45.12  #if 1	 // change to 0 to turn off all fast paths
   45.13 @@ -32,10 +33,10 @@
   45.14  	
   45.15  //#define FAST_TICK // mostly working (unat problems) but default off for now
   45.16  //#define FAST_TLB_MISS_REFLECT	// mostly working but default off for now
   45.17 -# undef FAST_ITC	//XXX TODO fast_itc doesn't suport dom0 vp yet.
   45.18 +# undef FAST_ITC		//XXX TODO fast_itc doesn't support dom0 vp yet
   45.19  # define FAST_BREAK
   45.20 -# undef FAST_ACCESS_REFLECT //XXX TODO fast_access_reflect
   45.21 -                            //    doesn't support dom0 vp yet.
   45.22 +# undef FAST_ACCESS_REFLECT 	//XXX TODO fast_access_reflect
   45.23 +                            	//    doesn't support dom0 vp yet.
   45.24  # define FAST_RFI
   45.25  # define FAST_SSM_I
   45.26  # define FAST_PTC_GA
   45.27 @@ -104,79 +105,100 @@ GLOBAL_ENTRY(fast_hyperprivop)
   45.28  1:	// when we get to here r20=~=interrupts pending
   45.29  	// Check pending event indication
   45.30  (p7)	movl r20=THIS_CPU(current_psr_i_addr);;
   45.31 -(p7)	ld8 r20=[r20];;
   45.32 -(p7)	adds r20=-1,r20;;	/* evtchn_upcall_pending */
   45.33 -(p7)	ld1 r20=[r20];;
   45.34 +(p7)	ld8 r20=[r20]
   45.35 +	;;
   45.36 +(p7)	adds r20=-1,r20				// evtchn_upcall_pending
   45.37 +	;;
   45.38 +(p7)	ld1 r20=[r20]
   45.39 +	;;
   45.40  
   45.41  	// HYPERPRIVOP_RFI?
   45.42  	cmp.eq p7,p6=HYPERPRIVOP_RFI,r17
   45.43 -(p7)	br.sptk.many hyper_rfi;;
   45.44 +(p7)	br.sptk.many hyper_rfi
   45.45 +	;;
   45.46  
   45.47  	// HYPERPRIVOP_GET_IVR?
   45.48  	cmp.eq p7,p6=HYPERPRIVOP_GET_IVR,r17
   45.49 -(p7)	br.sptk.many hyper_get_ivr;;
   45.50 +(p7)	br.sptk.many hyper_get_ivr
   45.51 +	;;
   45.52  
   45.53  	cmp.ne p7,p0=r20,r0
   45.54 -(p7)	br.spnt.many dispatch_break_fault ;;
   45.55 +(p7)	br.spnt.many dispatch_break_fault
   45.56 +	;;
   45.57  
   45.58  	// HYPERPRIVOP_COVER?
   45.59  	cmp.eq p7,p6=HYPERPRIVOP_COVER,r17
   45.60 -(p7)	br.sptk.many hyper_cover;;
   45.61 +(p7)	br.sptk.many hyper_cover
   45.62 +	;;
   45.63  
   45.64  	// HYPERPRIVOP_SSM_DT?
   45.65  	cmp.eq p7,p6=HYPERPRIVOP_SSM_DT,r17
   45.66 -(p7)	br.sptk.many hyper_ssm_dt;;
   45.67 +(p7)	br.sptk.many hyper_ssm_dt
   45.68 +	;;
   45.69  
   45.70  	// HYPERPRIVOP_RSM_DT?
   45.71  	cmp.eq p7,p6=HYPERPRIVOP_RSM_DT,r17
   45.72 -(p7)	br.sptk.many hyper_rsm_dt;;
   45.73 +(p7)	br.sptk.many hyper_rsm_dt
   45.74 +	;;
   45.75  
   45.76  	// HYPERPRIVOP_GET_TPR?
   45.77  	cmp.eq p7,p6=HYPERPRIVOP_GET_TPR,r17
   45.78 -(p7)	br.sptk.many hyper_get_tpr;;
   45.79 +(p7)	br.sptk.many hyper_get_tpr
   45.80 +	;;
   45.81  
   45.82  	// HYPERPRIVOP_SET_TPR?
   45.83  	cmp.eq p7,p6=HYPERPRIVOP_SET_TPR,r17
   45.84 -(p7)	br.sptk.many hyper_set_tpr;;
   45.85 +(p7)	br.sptk.many hyper_set_tpr
   45.86 +	;;
   45.87  
   45.88  	// HYPERPRIVOP_EOI?
   45.89  	cmp.eq p7,p6=HYPERPRIVOP_EOI,r17
   45.90 -(p7)	br.sptk.many hyper_eoi;;
   45.91 +(p7)	br.sptk.many hyper_eoi
   45.92 +	;;
   45.93  
   45.94  	// HYPERPRIVOP_SET_ITM?
   45.95  	cmp.eq p7,p6=HYPERPRIVOP_SET_ITM,r17
   45.96 -(p7)	br.sptk.many hyper_set_itm;;
   45.97 +(p7)	br.sptk.many hyper_set_itm
   45.98 +	;;
   45.99  
  45.100  	// HYPERPRIVOP_SET_RR?
  45.101  	cmp.eq p7,p6=HYPERPRIVOP_SET_RR,r17
  45.102 -(p7)	br.sptk.many hyper_set_rr;;
  45.103 +(p7)	br.sptk.many hyper_set_rr
  45.104 +	;;
  45.105  
  45.106  	// HYPERPRIVOP_GET_RR?
  45.107  	cmp.eq p7,p6=HYPERPRIVOP_GET_RR,r17
  45.108 -(p7)	br.sptk.many hyper_get_rr;;
  45.109 +(p7)	br.sptk.many hyper_get_rr
  45.110 +	;;
  45.111  
  45.112  	// HYPERPRIVOP_PTC_GA?
  45.113  	cmp.eq p7,p6=HYPERPRIVOP_PTC_GA,r17
  45.114 -(p7)	br.sptk.many hyper_ptc_ga;;
  45.115 +(p7)	br.sptk.many hyper_ptc_ga
  45.116 +	;;
  45.117  
  45.118  	// HYPERPRIVOP_ITC_D?
  45.119  	cmp.eq p7,p6=HYPERPRIVOP_ITC_D,r17
  45.120 -(p7)	br.sptk.many hyper_itc_d;;
  45.121 +(p7)	br.sptk.many hyper_itc_d
  45.122 +	;;
  45.123  
  45.124  	// HYPERPRIVOP_ITC_I?
  45.125  	cmp.eq p7,p6=HYPERPRIVOP_ITC_I,r17
  45.126 -(p7)	br.sptk.many hyper_itc_i;;
  45.127 +(p7)	br.sptk.many hyper_itc_i
  45.128 +	;;
  45.129  
  45.130  	// HYPERPRIVOP_THASH?
  45.131  	cmp.eq p7,p6=HYPERPRIVOP_THASH,r17
  45.132 -(p7)	br.sptk.many hyper_thash;;
  45.133 +(p7)	br.sptk.many hyper_thash
  45.134 +	;;
  45.135  
  45.136  	// HYPERPRIVOP_SET_KR?
  45.137  	cmp.eq p7,p6=HYPERPRIVOP_SET_KR,r17
  45.138 -(p7)	br.sptk.many hyper_set_kr;;
  45.139 +(p7)	br.sptk.many hyper_set_kr
  45.140 +	;;
  45.141  
  45.142  	// if not one of the above, give up for now and do it the slow way
  45.143 -	br.sptk.many dispatch_break_fault ;;
  45.144 +	br.sptk.many dispatch_break_fault
  45.145 +	;;
  45.146  END(fast_hyperprivop)
  45.147  
  45.148  // give up for now if: ipsr.be==1, ipsr.pp==1
  45.149 @@ -701,9 +723,9 @@ ENTRY(fast_reflect)
  45.150  	.mem.offset 0,0; st8.spill [r2]=r30,16;
  45.151  	.mem.offset 8,0; st8.spill [r3]=r31,16 ;;
  45.152  #ifdef HANDLE_AR_UNAT
  45.153 -	// r16~r23 are preserved regsin bank0 regs, we need to restore them,
  45.154 -    // r24~r31 are scratch regs, we don't need to handle NaT bit,
  45.155 -    // because OS handler must assign it before access it
  45.156 +	// r16~r23 are preserved regs in bank0 regs, we need to restore them,
  45.157 +	// r24~r31 are scratch regs, we don't need to handle NaT bit,
  45.158 +	// because OS handler must assign it before access it
  45.159  	ld8 r16=[r2],16;
  45.160  	ld8 r17=[r3],16;;
  45.161  	ld8 r18=[r2],16;
  45.162 @@ -1114,7 +1136,8 @@ just_do_rfi:
  45.163  (p7)	st4 [r18]=r19;;
  45.164  (p6)	st4 [r18]=r0;;
  45.165  	// force on psr.ic, i, dt, rt, it, bn
  45.166 -	movl r20=(IA64_PSR_I|IA64_PSR_IC|IA64_PSR_DT|IA64_PSR_RT|IA64_PSR_IT|IA64_PSR_BN)
  45.167 +	movl r20=(IA64_PSR_I|IA64_PSR_IC|IA64_PSR_DT|IA64_PSR_RT| \
  45.168 +	          IA64_PSR_IT|IA64_PSR_BN)
  45.169  	;;
  45.170  	or r21=r21,r20
  45.171  	;;
    46.1 --- a/xen/arch/ia64/xen/irq.c	Wed Aug 30 14:09:31 2006 -0500
    46.2 +++ b/xen/arch/ia64/xen/irq.c	Wed Aug 30 22:36:18 2006 +0100
    46.3 @@ -40,7 +40,6 @@
    46.4  #include <asm/smp.h>
    46.5  #include <asm/system.h>
    46.6  #include <asm/bitops.h>
    46.7 -#include <asm/uaccess.h>
    46.8  #include <asm/pgalloc.h>
    46.9  #include <asm/delay.h>
   46.10  #include <xen/irq.h>
   46.11 @@ -236,9 +235,6 @@ int setup_vector(unsigned int irq, struc
   46.12  	struct irqaction *old, **p;
   46.13  	irq_desc_t *desc = irq_descp(irq);
   46.14  
   46.15 -	printf ("setup_vector(%d): handler=%p, flags=%x\n",
   46.16 -		irq, desc->handler, desc->status);
   46.17 -
   46.18  	/*
   46.19  	 * The following block of code has to be executed atomically
   46.20  	 */
    47.1 --- a/xen/arch/ia64/xen/ivt.S	Wed Aug 30 14:09:31 2006 -0500
    47.2 +++ b/xen/arch/ia64/xen/ivt.S	Wed Aug 30 22:36:18 2006 +0100
    47.3 @@ -15,7 +15,8 @@
    47.4   *      Fenghua Yu <fenghua.yu@intel.com>
    47.5   *
    47.6   * 00/08/23 Asit Mallick <asit.k.mallick@intel.com> TLB handling for SMP
    47.7 - * 00/12/20 David Mosberger-Tang <davidm@hpl.hp.com> DTLB/ITLB handler now uses virtual PT.
    47.8 + * 00/12/20 David Mosberger-Tang <davidm@hpl.hp.com> DTLB/ITLB handler now
    47.9 + * uses virtual PT.
   47.10   */
   47.11  /*
   47.12   * This file defines the interruption vector table used by the CPU.
   47.13 @@ -69,10 +70,14 @@
   47.14  
   47.15  #if 0
   47.16    /*
   47.17 -   * This lets you track the last eight faults that occurred on the CPU.  Make sure ar.k2 isn't
   47.18 -   * needed for something else before enabling this...
   47.19 +   * This lets you track the last eight faults that occurred on the CPU.
   47.20 +   * Make sure ar.k2 isn't needed for something else before enabling this...
   47.21     */
   47.22 -# define DBG_FAULT(i)	mov r16=ar.k2;;	shl r16=r16,8;;	add r16=(i),r16;;mov ar.k2=r16
   47.23 +# define DBG_FAULT(i)		\
   47.24 +	mov r16=ar.k2;;		\
   47.25 +	shl r16=r16,8;;		\
   47.26 +	add r16=(i),r16;;	\
   47.27 +	mov ar.k2=r16
   47.28  #else
   47.29  # define DBG_FAULT(i)
   47.30  #endif
   47.31 @@ -80,18 +85,18 @@
   47.32  #define MINSTATE_VIRT	/* needed by minstate.h */
   47.33  #include "minstate.h"
   47.34  
   47.35 -#define FAULT(n)									\
   47.36 -	mov r19=n;			/* prepare to save predicates */		\
   47.37 -	mov r31=pr;									\
   47.38 +#define FAULT(n)							\
   47.39 +	mov r19=n;		/* prepare to save predicates */	\
   47.40 +	mov r31=pr;							\
   47.41  	br.sptk.many dispatch_to_fault_handler
   47.42  
   47.43 -#define FAULT_OR_REFLECT(n)								\
   47.44 -	mov r20=cr.ipsr;								\
   47.45 -	mov r19=n;	/* prepare to save predicates */				\
   47.46 -	mov r31=pr;;	 	 							\
   47.47 -	extr.u r20=r20,IA64_PSR_CPL0_BIT,2;;   						\
   47.48 -	cmp.ne p6,p0=r0,r20; 	/* cpl != 0?*/						\
   47.49 -(p6)	br.dptk.many dispatch_reflection;						\
   47.50 +#define FAULT_OR_REFLECT(n)						\
   47.51 +	mov r20=cr.ipsr;						\
   47.52 +	mov r19=n;		/* prepare to save predicates */	\
   47.53 +	mov r31=pr;;	 	 					\
   47.54 +	extr.u r20=r20,IA64_PSR_CPL0_BIT,2;;   				\
   47.55 +	cmp.ne p6,p0=r0,r20; 	/* cpl != 0?*/				\
   47.56 +(p6)	br.dptk.many dispatch_reflection;				\
   47.57  	br.sptk.few dispatch_to_fault_handler
   47.58  
   47.59  	.section .text.ivt,"ax"
   47.60 @@ -99,7 +104,7 @@
   47.61  	.align 32768	// align on 32KB boundary
   47.62  	.global ia64_ivt
   47.63  ia64_ivt:
   47.64 -/////////////////////////////////////////////////////////////////////////////////////////
   47.65 +//////////////////////////////////////////////////////////////////////////
   47.66  // 0x0000 Entry 0 (size 64 bundles) VHPT Translation (8,20,47)
   47.67  ENTRY(vhpt_miss)
   47.68  	DBG_FAULT(0)
   47.69 @@ -107,33 +112,34 @@ ENTRY(vhpt_miss)
   47.70  	FAULT(0)
   47.71  #else
   47.72  	/*
   47.73 -	 * The VHPT vector is invoked when the TLB entry for the virtual page table
   47.74 -	 * is missing.  This happens only as a result of a previous
   47.75 -	 * (the "original") TLB miss, which may either be caused by an instruction
   47.76 -	 * fetch or a data access (or non-access).
   47.77 +	 * The VHPT vector is invoked when the TLB entry for the virtual
   47.78 +	 * page table is missing.  This happens only as a result of a 
   47.79 +	 * previous (the "original") TLB miss, which may either be caused
   47.80 +	 * by an instruction fetch or a data access (or non-access).
   47.81  	 *
   47.82 -	 * What we do here is normal TLB miss handing for the _original_ miss, followed
   47.83 -	 * by inserting the TLB entry for the virtual page table page that the VHPT
   47.84 -	 * walker was attempting to access.  The latter gets inserted as long
   47.85 -	 * as both L1 and L2 have valid mappings for the faulting address.
   47.86 -	 * The TLB entry for the original miss gets inserted only if
   47.87 -	 * the L3 entry indicates that the page is present.
   47.88 +	 * What we do here is normal TLB miss handing for the _original_ 
   47.89 +	 * miss, followed by inserting the TLB entry for the virtual page
   47.90 +	 * table page that the VHPT walker was attempting to access.  The
   47.91 +	 * latter gets inserted as long as both L1 and L2 have valid 
   47.92 +	 * mappings for the faulting address.  The TLB entry for the 
   47.93 +	 * original miss gets inserted only if the L3 entry indicates
   47.94 +	 * that the page is present.
   47.95  	 *
   47.96  	 * do_page_fault gets invoked in the following cases:
   47.97  	 *	- the faulting virtual address uses unimplemented address bits
   47.98  	 *	- the faulting virtual address has no L1, L2, or L3 mapping
   47.99  	 */
  47.100 -	mov r16=cr.ifa				// get address that caused the TLB miss
  47.101 +	mov r16=cr.ifa			// get address that caused the TLB miss
  47.102  #ifdef CONFIG_HUGETLB_PAGE
  47.103  	movl r18=PAGE_SHIFT
  47.104  	mov r25=cr.itir
  47.105  #endif
  47.106  	;;
  47.107 -	rsm psr.dt				// use physical addressing for data
  47.108 -	mov r31=pr				// save the predicate registers
  47.109 -	mov r19=IA64_KR(PT_BASE)		// get page table base address
  47.110 -	shl r21=r16,3				// shift bit 60 into sign bit
  47.111 -	shr.u r17=r16,61			// get the region number into r17
  47.112 +	rsm psr.dt			// use physical addressing for data
  47.113 +	mov r31=pr			// save the predicate registers
  47.114 +	mov r19=IA64_KR(PT_BASE)	// get page table base address
  47.115 +	shl r21=r16,3			// shift bit 60 into sign bit
  47.116 +	shr.u r17=r16,61		// get the region number into r17
  47.117  	;;
  47.118  	shr r22=r21,3
  47.119  #ifdef CONFIG_HUGETLB_PAGE
  47.120 @@ -146,56 +152,68 @@ ENTRY(vhpt_miss)
  47.121  (p8)	shr r22=r22,r27
  47.122  #endif
  47.123  	;;
  47.124 -	cmp.eq p6,p7=5,r17			// is IFA pointing into to region 5?
  47.125 -	shr.u r18=r22,PGDIR_SHIFT		// get bits 33-63 of the faulting address
  47.126 +	cmp.eq p6,p7=5,r17		// is IFA pointing into to region 5?
  47.127 +	shr.u r18=r22,PGDIR_SHIFT	// get bits 33-63 of faulting address
  47.128  	;;
  47.129 -(p7)	dep r17=r17,r19,(PAGE_SHIFT-3),3	// put region number bits in place
  47.130 +(p7)	dep r17=r17,r19,(PAGE_SHIFT-3),3  // put region number bits in place
  47.131  
  47.132  	srlz.d
  47.133 -	LOAD_PHYSICAL(p6, r19, swapper_pg_dir)	// region 5 is rooted at swapper_pg_dir
  47.134 +	LOAD_PHYSICAL(p6, r19, swapper_pg_dir)	// region 5 is rooted at 
  47.135 +						//   swapper_pg_dir
  47.136  
  47.137  	.pred.rel "mutex", p6, p7
  47.138  (p6)	shr.u r21=r21,PGDIR_SHIFT+PAGE_SHIFT
  47.139  (p7)	shr.u r21=r21,PGDIR_SHIFT+PAGE_SHIFT-3
  47.140  	;;
  47.141  (p6)	dep r17=r18,r19,3,(PAGE_SHIFT-3)	// r17=PTA + IFA(33,42)*8
  47.142 -(p7)	dep r17=r18,r17,3,(PAGE_SHIFT-6)	// r17=PTA + (((IFA(61,63) << 7) | IFA(33,39))*8)
  47.143 -	cmp.eq p7,p6=0,r21			// unused address bits all zeroes?
  47.144 +(p7)	dep r17=r18,r17,3,(PAGE_SHIFT-6)	// r17=PTA + 
  47.145 +						//     (((IFA(61,63) << 7) |
  47.146 +						//      IFA(33,39))*8)
  47.147 +	cmp.eq p7,p6=0,r21			// unused address bits all zero?
  47.148  	shr.u r18=r22,PMD_SHIFT			// shift L2 index into position
  47.149  	;;
  47.150  	ld8 r17=[r17]				// fetch the L1 entry (may be 0)
  47.151  	;;
  47.152  (p7)	cmp.eq p6,p7=r17,r0			// was L1 entry NULL?
  47.153 -	dep r17=r18,r17,3,(PAGE_SHIFT-3)	// compute address of L2 page table entry
  47.154 +	dep r17=r18,r17,3,(PAGE_SHIFT-3)	// compute address of L2 page
  47.155 +						//   table entry
  47.156  	;;
  47.157  (p7)	ld8 r20=[r17]				// fetch the L2 entry (may be 0)
  47.158  	shr.u r19=r22,PAGE_SHIFT		// shift L3 index into position
  47.159  	;;
  47.160  (p7)	cmp.eq.or.andcm p6,p7=r20,r0		// was L2 entry NULL?
  47.161 -	dep r21=r19,r20,3,(PAGE_SHIFT-3)	// compute address of L3 page table entry
  47.162 +	dep r21=r19,r20,3,(PAGE_SHIFT-3)	// compute address of L3 page
  47.163 +						//   table entry
  47.164  	;;
  47.165  (p7)	ld8 r18=[r21]				// read the L3 PTE
  47.166 -	mov r19=cr.isr				// cr.isr bit 0 tells us if this is an insn miss
  47.167 +	mov r19=cr.isr				// cr.isr bit 0 tells us if
  47.168 +						//   this is an insn miss
  47.169  	;;
  47.170  (p7)	tbit.z p6,p7=r18,_PAGE_P_BIT		// page present bit cleared?
  47.171 -	mov r22=cr.iha				// get the VHPT address that caused the TLB miss
  47.172 +	mov r22=cr.iha				// get the VHPT address that
  47.173 +						//   caused the TLB miss
  47.174  	;;					// avoid RAW on p7
  47.175 -(p7)	tbit.nz.unc p10,p11=r19,32		// is it an instruction TLB miss?
  47.176 -	dep r23=0,r20,0,PAGE_SHIFT		// clear low bits to get page address
  47.177 +(p7)	tbit.nz.unc p10,p11=r19,32		// is it an instruction TLB
  47.178 +						//   miss?
  47.179 +	dep r23=0,r20,0,PAGE_SHIFT		// clear low bits to get page
  47.180 +						//   address
  47.181  	;;
  47.182 -(p10)	itc.i r18				// insert the instruction TLB entry
  47.183 +(p10)	itc.i r18				// insert the instruction TLB
  47.184 +						//   entry
  47.185  (p11)	itc.d r18				// insert the data TLB entry
  47.186 -(p6)	br.cond.spnt.many page_fault		// handle bad address/page not present (page fault)
  47.187 +(p6)	br.cond.spnt.many page_fault		// handle bad address/page not
  47.188 +						//   present (page fault)
  47.189  	mov cr.ifa=r22
  47.190  
  47.191  #ifdef CONFIG_HUGETLB_PAGE
  47.192 -(p8)	mov cr.itir=r25				// change to default page-size for VHPT
  47.193 +(p8)	mov cr.itir=r25				// change to default page-size
  47.194 +						//   for VHPT
  47.195  #endif
  47.196  
  47.197  	/*
  47.198 -	 * Now compute and insert the TLB entry for the virtual page table.  We never
  47.199 -	 * execute in a page table page so there is no need to set the exception deferral
  47.200 -	 * bit.
  47.201 +	 * Now compute and insert the TLB entry for the virtual page table.
  47.202 +	 * We never execute in a page table page so there is no need to set
  47.203 +	 * the exception deferral bit.
  47.204  	 */
  47.205  	adds r24=__DIRTY_BITS_NO_ED|_PAGE_PL_0|_PAGE_AR_RW,r23
  47.206  	;;
  47.207 @@ -203,15 +221,15 @@ ENTRY(vhpt_miss)
  47.208  	;;
  47.209  #ifdef CONFIG_SMP
  47.210  	/*
  47.211 -	 * Tell the assemblers dependency-violation checker that the above "itc" instructions
  47.212 -	 * cannot possibly affect the following loads:
  47.213 +	 * Tell the assemblers dependency-violation checker that the above
  47.214 +	 * "itc" instructions cannot possibly affect the following loads:
  47.215  	 */
  47.216  	dv_serialize_data
  47.217  
  47.218  	/*
  47.219 -	 * Re-check L2 and L3 pagetable.  If they changed, we may have received a ptc.g
  47.220 -	 * between reading the pagetable and the "itc".  If so, flush the entry we
  47.221 -	 * inserted and retry.
  47.222 +	 * Re-check L2 and L3 pagetable.  If they changed, we may have 
  47.223 +	 * received a ptc.g between reading the pagetable and the "itc".
  47.224 +	 * If so, flush the entry we inserted and retry.
  47.225  	 */
  47.226  	ld8 r25=[r21]				// read L3 PTE again
  47.227  	ld8 r26=[r17]				// read L2 entry again
  47.228 @@ -231,7 +249,7 @@ ENTRY(vhpt_miss)
  47.229  END(vhpt_miss)
  47.230  
  47.231  	.org ia64_ivt+0x400
  47.232 -/////////////////////////////////////////////////////////////////////////////////////////
  47.233 +//////////////////////////////////////////////////////////////////////////
  47.234  // 0x0400 Entry 1 (size 64 bundles) ITLB (21)
  47.235  ENTRY(itlb_miss)
  47.236  	DBG_FAULT(1)
  47.237 @@ -266,7 +284,8 @@ ENTRY(itlb_miss)
  47.238  	mov r31=pr				// save predicates
  47.239  .itlb_fault:
  47.240  	mov r17=cr.iha				// get virtual address of L3 PTE
  47.241 -	movl r30=1f				// load nested fault continuation point
  47.242 +	movl r30=1f				// load nested fault 
  47.243 +						//   continuation point
  47.244  	;;
  47.245  1:	ld8 r18=[r17]				// read L3 PTE
  47.246  	;;
  47.247 @@ -278,13 +297,13 @@ 1:	ld8 r18=[r17]				// read L3 PTE
  47.248  	;;
  47.249  #ifdef CONFIG_SMP
  47.250  	/*
  47.251 -	 * Tell the assemblers dependency-violation checker that the above "itc" instructions
  47.252 -	 * cannot possibly affect the following loads:
  47.253 +	 * Tell the assemblers dependency-violation checker that the above
  47.254 +	 * "itc" instructions cannot possibly affect the following loads:
  47.255  	 */
  47.256  	dv_serialize_data
  47.257  
  47.258 -	ld8 r19=[r17]				// read L3 PTE again and see if same
  47.259 -	mov r20=PAGE_SHIFT<<2			// setup page size for purge
  47.260 +	ld8 r19=[r17]			// read L3 PTE again and see if same
  47.261 +	mov r20=PAGE_SHIFT<<2		// setup page size for purge
  47.262  	;;
  47.263  	cmp.ne p7,p0=r18,r19
  47.264  	;;
  47.265 @@ -295,26 +314,25 @@ 1:	ld8 r18=[r17]				// read L3 PTE
  47.266  END(itlb_miss)
  47.267  
  47.268  	.org ia64_ivt+0x0800
  47.269 -/////////////////////////////////////////////////////////////////////////////////////////
  47.270 +//////////////////////////////////////////////////////////////////////////
  47.271  // 0x0800 Entry 2 (size 64 bundles) DTLB (9,48)
  47.272  ENTRY(dtlb_miss)
  47.273  	DBG_FAULT(2)
  47.274  #ifdef XEN
  47.275 -	mov r16=cr.ifa				// get virtual address
  47.276 +	mov r16=cr.ifa			// get virtual address
  47.277  	mov r31=pr
  47.278  	;;
  47.279  	extr.u r17=r16,59,5
  47.280  	;;
  47.281 -	/* If address belongs to VMM, go to alt tlb handler */
  47.282 -	cmp.eq p6,p0=0x1e,r17
  47.283 +	cmp.eq p6,p0=0x1e,r17		// if the address belongs to VMM, go
  47.284 +					//   to the alternate tlb handler
  47.285  (p6)	br.cond.spnt	late_alt_dtlb_miss
  47.286  	;;
  47.287  	cmp.eq p6,p0=0x1d,r17
  47.288  (p6)	br.cond.spnt	late_alt_dtlb_miss
  47.289  	;;
  47.290  #if VHPT_ENABLED
  47.291 -	// XXX TODO optimization
  47.292 -	mov r30=cr.ipsr
  47.293 +	mov r30=cr.ipsr			// XXX TODO optimization
  47.294  	mov r28=cr.iip			
  47.295  	mov r17=cr.isr
  47.296  	;;
  47.297 @@ -324,15 +342,14 @@ ENTRY(dtlb_miss)
  47.298  	cmp.ne p6, p0 = r0, r18			// cpl == 0?
  47.299  (p6)	br.cond.sptk 2f
  47.300  
  47.301 -	// is speculation bit on?
  47.302 -	tbit.nz p7,p0=r17,IA64_ISR_SP_BIT	
  47.303 +	tbit.nz p7,p0=r17,IA64_ISR_SP_BIT	// is speculation bit on?
  47.304  	;; 
  47.305  (p7)	br.cond.spnt 2f
  47.306  
  47.307 -	// Is the faulted iip in vmm area?
  47.308 -	// check [59:58] bit
  47.309 -	// 00, 11: guest
  47.310 -	// 01, 10: vmm
  47.311 +	// Is the faulted iip in the vmm area?
  47.312 +	//    -- check [59:58] bit
  47.313 +	//    -- if 00, 11: guest
  47.314 +	//    -- if 01, 10: vmm
  47.315  	extr.u r19 = r28, 58, 2
  47.316  	;; 
  47.317  	cmp.eq p10, p0 = 0x0, r19
  47.318 @@ -341,17 +358,16 @@ ENTRY(dtlb_miss)
  47.319  (p11)	br.cond.sptk 2f
  47.320  
  47.321  	// Is the faulted address is in the identity mapping area?
  47.322 -	// 0xf000... or 0xe8000...
  47.323 +	// must be either 0xf000... or 0xe8000...
  47.324  	extr.u r20 = r16, 59, 5
  47.325  	;; 
  47.326 -	cmp.eq p12, p0 = 0x1e, r20 // (0xf0 >> 3) = 0x1e
  47.327 +	cmp.eq p12, p0 = 0x1e, r20 	// (0xf0 >> 3) = 0x1e
  47.328  (p12)	br.cond.spnt 1f
  47.329 -	cmp.eq p0, p13 = 0x1d, r20 // (0xe8 >> 3) = 0x1d
  47.330 +	cmp.eq p0, p13 = 0x1d, r20 	// (0xe8 >> 3) = 0x1d
  47.331  (p13)	br.cond.sptk 2f
  47.332  
  47.333  1:
  47.334 -	// xen identity mappin area.
  47.335 -	movl r24=PAGE_KERNEL
  47.336 +	movl r24=PAGE_KERNEL 		// xen identity mapping area.
  47.337  	movl r25=(((1 << IA64_MAX_PHYS_BITS) - 1) & ~0xfff)
  47.338  	;;
  47.339  	shr.u r26=r16,55	// move address bit 59 to bit 4
  47.340 @@ -361,7 +377,8 @@ 1:
  47.341  	;; 
  47.342  	or r25=r25,r24		// insert PTE control bits into r25
  47.343  	;;
  47.344 -	or r25=r25,r26		// set bit 4 (uncached) if the access was to region 6
  47.345 +	or r25=r25,r26		// set bit 4 (uncached) if the access was to
  47.346 +				//   region 6
  47.347  	;;
  47.348  	itc.d r25		// insert the TLB entry
  47.349  	mov pr=r31,-1
  47.350 @@ -388,7 +405,8 @@ 2:
  47.351  #endif
  47.352  dtlb_fault:
  47.353  	mov r17=cr.iha				// get virtual address of L3 PTE
  47.354 -	movl r30=1f				// load nested fault continuation point
  47.355 +	movl r30=1f				// load nested fault 
  47.356 +						//   continuation point
  47.357  	;;
  47.358  1:	ld8 r18=[r17]				// read L3 PTE
  47.359  	;;
  47.360 @@ -400,13 +418,13 @@ 1:	ld8 r18=[r17]				// read L3 PTE
  47.361  	;;
  47.362  #ifdef CONFIG_SMP
  47.363  	/*
  47.364 -	 * Tell the assemblers dependency-violation checker that the above "itc" instructions
  47.365 -	 * cannot possibly affect the following loads:
  47.366 +	 * Tell the assemblers dependency-violation checker that the above
  47.367 +	 * "itc" instructions cannot possibly affect the following loads:
  47.368  	 */
  47.369  	dv_serialize_data
  47.370  
  47.371 -	ld8 r19=[r17]				// read L3 PTE again and see if same
  47.372 -	mov r20=PAGE_SHIFT<<2			// setup page size for purge
  47.373 +	ld8 r19=[r17]			// read L3 PTE again and see if same
  47.374 +	mov r20=PAGE_SHIFT<<2		// setup page size for purge
  47.375  	;;
  47.376  	cmp.ne p7,p0=r18,r19
  47.377  	;;
  47.378 @@ -417,7 +435,7 @@ 1:	ld8 r18=[r17]				// read L3 PTE
  47.379  END(dtlb_miss)
  47.380  
  47.381  	.org ia64_ivt+0x0c00
  47.382 -/////////////////////////////////////////////////////////////////////////////////////////
  47.383 +//////////////////////////////////////////////////////////////////////////
  47.384  // 0x0c00 Entry 3 (size 64 bundles) Alt ITLB (19)
  47.385  ENTRY(alt_itlb_miss)
  47.386  	DBG_FAULT(3)
  47.387 @@ -439,14 +457,14 @@ late_alt_itlb_miss:
  47.388  	;;
  47.389  #endif
  47.390  #ifdef CONFIG_DISABLE_VHPT
  47.391 -	shr.u r22=r16,61			// get the region number into r21
  47.392 +	shr.u r22=r16,61		// get the region number into r21
  47.393  	;;
  47.394 -	cmp.gt p8,p0=6,r22			// user mode
  47.395 +	cmp.gt p8,p0=6,r22		// user mode
  47.396  	;;
  47.397  (p8)	thash r17=r16
  47.398  	;;
  47.399  (p8)	mov cr.iha=r17
  47.400 -(p8)	mov r29=b0				// save b0
  47.401 +(p8)	mov r29=b0			// save b0
  47.402  (p8)	br.cond.dptk .itlb_fault
  47.403  #endif
  47.404  	extr.u r23=r21,IA64_PSR_CPL0_BIT,2	// extract psr.cpl
  47.405 @@ -463,7 +481,8 @@ late_alt_itlb_miss:
  47.406  	cmp.ne p8,p0=r0,r23	// psr.cpl != 0?
  47.407  	or r19=r17,r19		// insert PTE control bits into r19
  47.408  	;;
  47.409 -	or r19=r19,r18		// set bit 4 (uncached) if the access was to region 6
  47.410 +	or r19=r19,r18		// set bit 4 (uncached) if the access was to
  47.411 +				//   region 6
  47.412  (p8)	br.cond.spnt page_fault
  47.413  	;;
  47.414  	itc.i r19		// insert the TLB entry
  47.415 @@ -472,7 +491,7 @@ late_alt_itlb_miss:
  47.416  END(alt_itlb_miss)
  47.417  
  47.418  	.org ia64_ivt+0x1000
  47.419 -/////////////////////////////////////////////////////////////////////////////////////////
  47.420 +//////////////////////////////////////////////////////////////////////////
  47.421  // 0x1000 Entry 4 (size 64 bundles) Alt DTLB (7,46)
  47.422  ENTRY(alt_dtlb_miss)
  47.423  	DBG_FAULT(4)
  47.424 @@ -503,13 +522,15 @@ late_alt_dtlb_miss:
  47.425  	tbit.nz p6,p7=r20,IA64_ISR_SP_BIT	// is speculation bit on?
  47.426  #ifdef XEN
  47.427  	shr.u r18=r16,55			// move address bit 59 to bit 4
  47.428 -	and r19=r19,r16				// clear ed, reserved bits, and PTE control bits
  47.429 +	and r19=r19,r16				// clear ed, reserved bits, and
  47.430 +						//   PTE control bits
  47.431  	tbit.nz p9,p0=r20,IA64_ISR_NA_BIT	// is non-access bit on?
  47.432  	;;
  47.433  	and r18=0x10,r18	// bit 4=address-bit(59)
  47.434  #else
  47.435  	shr.u r18=r16,57			// move address bit 61 to bit 4
  47.436 -	and r19=r19,r16				// clear ed, reserved bits, and PTE control bits
  47.437 +	and r19=r19,r16				// clear ed, reserved bits, and
  47.438 +						//   PTE control bits
  47.439  	tbit.nz p9,p0=r20,IA64_ISR_NA_BIT	// is non-access bit on?
  47.440  	;;
  47.441  	andcm r18=0x10,r18	// bit 4=~address-bit(61)
  47.442 @@ -520,36 +541,41 @@ late_alt_dtlb_miss:
  47.443  #ifdef XEN
  47.444  	;;
  47.445  #ifdef CONFIG_VIRTUAL_FRAME_TABLE
  47.446 -	// Test for the address of virtual frame_table
  47.447 -	shr r22=r16,56;;
  47.448 +	shr r22=r16,56	 	// Test for the address of virtual frame_table
  47.449 +	;;
  47.450  	cmp.eq p8,p0=((VIRT_FRAME_TABLE_ADDR>>56)&0xff)-0x100,r22
  47.451  (p8)	br.cond.sptk frametable_miss ;;
  47.452  #endif
  47.453 -	// Test for Xen address, if not handle via page_fault
  47.454 -	// note that 0xf000 (cached) and 0xe800 (uncached) addresses
  47.455 +	// If it is not a Xen address, handle it via page_fault.
  47.456 +	// Note that 0xf000 (cached) and 0xe800 (uncached) addresses
  47.457  	// should be OK.
  47.458 -	extr.u r22=r16,59,5;;
  47.459 +	extr.u r22=r16,59,5
  47.460 +	;;
  47.461  	cmp.eq p8,p0=0x1e,r22
  47.462 -(p8)	br.cond.spnt 1f;;
  47.463 +(p8)	br.cond.spnt 1f
  47.464 +	;;
  47.465  	cmp.ne p8,p0=0x1d,r22
  47.466 -(p8)	br.cond.sptk page_fault ;;
  47.467 +(p8)	br.cond.sptk page_fault
  47.468 +	;;
  47.469  1:
  47.470  #endif
  47.471  
  47.472  	dep r21=-1,r21,IA64_PSR_ED_BIT,1
  47.473  	or r19=r19,r17		// insert PTE control bits into r19
  47.474  	;;
  47.475 -	or r19=r19,r18		// set bit 4 (uncached) if the access was to region 6
  47.476 +	or r19=r19,r18		// set bit 4 (uncached) if the access was to
  47.477 +				//   region 6
  47.478  (p6)	mov cr.ipsr=r21
  47.479  	;;
  47.480  (p7)	itc.d r19		// insert the TLB entry
  47.481  	mov pr=r31,-1
  47.482  	rfi
  47.483  END(alt_dtlb_miss)
  47.484 +
  47.485  #ifdef CONFIG_VIRTUAL_FRAME_TABLE	
  47.486  GLOBAL_ENTRY(frametable_miss)
  47.487  	rsm psr.dt		// switch to using physical data addressing
  47.488 -	movl r24=(frametable_pg_dir-PAGE_OFFSET)	// r24=__pa(frametable_pg_dir)
  47.489 +	movl r24=(frametable_pg_dir-PAGE_OFFSET)  // r24=__pa(frametable_pg_dir)
  47.490  	;;
  47.491  	srlz.d
  47.492  	extr.u r17=r16,PGDIR_SHIFT,(PAGE_SHIFT-3)
  47.493 @@ -583,6 +609,7 @@ GLOBAL_ENTRY(frametable_miss)
  47.494  	mov pr=r31,-1		// restore predicate registers
  47.495  	rfi
  47.496  END(frametable_miss)
  47.497 +
  47.498  ENTRY(frametable_fault)
  47.499  	ssm psr.dt		// switch to using virtual data addressing
  47.500  	mov r18=cr.iip
  47.501 @@ -590,7 +617,8 @@ ENTRY(frametable_fault)
  47.502  	;;
  47.503  	cmp.eq p6,p7=r18,r19	// is faulting addrress ia64_frametable_probe?
  47.504  	mov r8=0		// assumes that 'probe.r' uses r8
  47.505 -	dep r21=-1,r21,IA64_PSR_RI_BIT+1,1 // return to next instrucition in bundle 2
  47.506 +	dep r21=-1,r21,IA64_PSR_RI_BIT+1,1 // return to next instruction in
  47.507 +					   //   bundle 2
  47.508  	;;
  47.509  (p6)	mov cr.ipsr=r21
  47.510  	mov r19=4		// FAULT(4)
  47.511 @@ -599,6 +627,7 @@ ENTRY(frametable_fault)
  47.512  	mov pr=r31,-1
  47.513  	rfi
  47.514  END(frametable_fault)
  47.515 +
  47.516  GLOBAL_ENTRY(ia64_frametable_probe)
  47.517  	{
  47.518  	probe.r	r8=r32,0	// destination register must be r8
  47.519 @@ -615,18 +644,19 @@ ENTRY(nested_dtlb_miss)
  47.520  	DBG_FAULT(5)
  47.521  #ifdef XEN
  47.522  	mov b0=r30
  47.523 -	br.sptk.many b0				// return to continuation point
  47.524 +	br.sptk.many b0			// return to the continuation point
  47.525  	;;
  47.526  #else
  47.527  	/*
  47.528 -	 * In the absence of kernel bugs, we get here when the virtually mapped linear
  47.529 -	 * page table is accessed non-speculatively (e.g., in the Dirty-bit, Instruction
  47.530 -	 * Access-bit, or Data Access-bit faults).  If the DTLB entry for the virtual page
  47.531 -	 * table is missing, a nested TLB miss fault is triggered and control is
  47.532 -	 * transferred to this point.  When this happens, we lookup the pte for the
  47.533 -	 * faulting address by walking the page table in physical mode and return to the
  47.534 -	 * continuation point passed in register r30 (or call page_fault if the address is
  47.535 -	 * not mapped).
  47.536 +	 * In the absence of kernel bugs, we get here when the virtually
  47.537 +	 * mapped linear page table is accessed non-speculatively (e.g.,
  47.538 +	 * in the Dirty-bit, Instruction Access-bit, or Data Access-bit 
  47.539 +	 * faults).  If the DTLB entry for the virtual page table is missing,
  47.540 +	 * a nested TLB miss fault is triggered and control is transferred 
  47.541 +	 * to this point.  When this happens, we lookup the pte for the
  47.542 +	 * faulting address by walking the page table in physical mode
  47.543 +	 * and return to the continuation point passed in register r30
  47.544 +	 * (or call page_fault if the address is not mapped).
  47.545  	 *
  47.546  	 * Input:	r16:	faulting address
  47.547  	 *		r29:	saved b0
  47.548 @@ -640,47 +670,52 @@ ENTRY(nested_dtlb_miss)
  47.549  	 *
  47.550  	 * Clobbered:	b0, r18, r19, r21, psr.dt (cleared)
  47.551  	 */
  47.552 -	rsm psr.dt				// switch to using physical data addressing
  47.553 -	mov r19=IA64_KR(PT_BASE)		// get the page table base address
  47.554 -	shl r21=r16,3				// shift bit 60 into sign bit
  47.555 +	rsm psr.dt			// switch to using physical data 
  47.556 +					//   addressing
  47.557 +	mov r19=IA64_KR(PT_BASE)	// get the page table base address
  47.558 +	shl r21=r16,3			// shift bit 60 into sign bit
  47.559  	;;
  47.560 -	shr.u r17=r16,61			// get the region number into r17
  47.561 +	shr.u r17=r16,61		// get the region number into r17
  47.562  	;;
  47.563 -	cmp.eq p6,p7=5,r17			// is faulting address in region 5?
  47.564 -	shr.u r18=r16,PGDIR_SHIFT		// get bits 33-63 of faulting address
  47.565 +	cmp.eq p6,p7=5,r17		// is faulting address in region 5?
  47.566 +	shr.u r18=r16,PGDIR_SHIFT	// get bits 33-63 of faulting address
  47.567  	;;
  47.568 -(p7)	dep r17=r17,r19,(PAGE_SHIFT-3),3	// put region number bits in place
  47.569 +(p7)	dep r17=r17,r19,(PAGE_SHIFT-3),3  // put region number bits in place
  47.570  
  47.571  	srlz.d
  47.572 -	LOAD_PHYSICAL(p6, r19, swapper_pg_dir)	// region 5 is rooted at swapper_pg_dir
  47.573 +	LOAD_PHYSICAL(p6, r19, swapper_pg_dir)	// region 5 is rooted at 
  47.574 +						//   swapper_pg_dir
  47.575  
  47.576  	.pred.rel "mutex", p6, p7
  47.577  (p6)	shr.u r21=r21,PGDIR_SHIFT+PAGE_SHIFT
  47.578  (p7)	shr.u r21=r21,PGDIR_SHIFT+PAGE_SHIFT-3
  47.579  	;;
  47.580 -(p6)	dep r17=r18,r19,3,(PAGE_SHIFT-3)	// r17=PTA + IFA(33,42)*8
  47.581 -(p7)	dep r17=r18,r17,3,(PAGE_SHIFT-6)	// r17=PTA + (((IFA(61,63) << 7) | IFA(33,39))*8)
  47.582 -	cmp.eq p7,p6=0,r21			// unused address bits all zeroes?
  47.583 -	shr.u r18=r16,PMD_SHIFT			// shift L2 index into position
  47.584 +(p6)	dep r17=r18,r19,3,(PAGE_SHIFT-3)  // r17=PTA + IFA(33,42)*8
  47.585 +(p7)	dep r17=r18,r17,3,(PAGE_SHIFT-6)  // r17=PTA + (((IFA(61,63) << 7) |
  47.586 +					  //            IFA(33,39))*8)
  47.587 +	cmp.eq p7,p6=0,r21		// unused address bits all zeroes?
  47.588 +	shr.u r18=r16,PMD_SHIFT		// shift L2 index into position
  47.589  	;;
  47.590 -	ld8 r17=[r17]				// fetch the L1 entry (may be 0)
  47.591 +	ld8 r17=[r17]			// fetch the L1 entry (may be 0)
  47.592  	;;
  47.593 -(p7)	cmp.eq p6,p7=r17,r0			// was L1 entry NULL?
  47.594 -	dep r17=r18,r17,3,(PAGE_SHIFT-3)	// compute address of L2 page table entry
  47.595 +(p7)	cmp.eq p6,p7=r17,r0		// was L1 entry NULL?
  47.596 +	dep r17=r18,r17,3,(PAGE_SHIFT-3)  // compute address of L2 page table
  47.597 +					  //   entry
  47.598  	;;
  47.599 -(p7)	ld8 r17=[r17]				// fetch the L2 entry (may be 0)
  47.600 -	shr.u r19=r16,PAGE_SHIFT		// shift L3 index into position
  47.601 +(p7)	ld8 r17=[r17]			// fetch the L2 entry (may be 0)
  47.602 +	shr.u r19=r16,PAGE_SHIFT	// shift L3 index into position
  47.603  	;;
  47.604 -(p7)	cmp.eq.or.andcm p6,p7=r17,r0		// was L2 entry NULL?
  47.605 -	dep r17=r19,r17,3,(PAGE_SHIFT-3)	// compute address of L3 page table entry
  47.606 +(p7)	cmp.eq.or.andcm p6,p7=r17,r0	// was L2 entry NULL?
  47.607 +	dep r17=r19,r17,3,(PAGE_SHIFT-3)  // compute address of L3 page table
  47.608 +					  //   entry
  47.609  (p6)	br.cond.spnt page_fault
  47.610  	mov b0=r30
  47.611 -	br.sptk.many b0				// return to continuation point
  47.612 +	br.sptk.many b0			// return to continuation point
  47.613  #endif
  47.614  END(nested_dtlb_miss)
  47.615  
  47.616  	.org ia64_ivt+0x1800
  47.617 -/////////////////////////////////////////////////////////////////////////////////////////
  47.618 +//////////////////////////////////////////////////////////////////////////
  47.619  // 0x1800 Entry 6 (size 64 bundles) Instruction Key Miss (24)
  47.620  ENTRY(ikey_miss)
  47.621  	DBG_FAULT(6)
  47.622 @@ -691,8 +726,9 @@ ENTRY(ikey_miss)
  47.623  #endif
  47.624  END(ikey_miss)
  47.625  
  47.626 -	//-----------------------------------------------------------------------------------
  47.627 -	// call do_page_fault (predicates are in r31, psr.dt may be off, r16 is faulting address)
  47.628 +	//----------------------------------------------------------------
  47.629 +	// call do_page_fault (predicates are in r31, psr.dt may be off, 
  47.630 +	// r16 is faulting address)
  47.631  #ifdef XEN
  47.632  GLOBAL_ENTRY(page_fault)
  47.633  #else
  47.634 @@ -713,24 +749,25 @@ ENTRY(page_fault)
  47.635  	mov out0=cr.ifa
  47.636  	mov out1=cr.isr
  47.637  #endif
  47.638 -	adds r3=8,r2				// set up second base pointer
  47.639 +	adds r3=8,r2			// set up second base pointer
  47.640  	;;
  47.641  	ssm psr.ic | PSR_DEFAULT_BITS
  47.642  	;;
  47.643 -	srlz.i					// guarantee that interruption collectin is on
  47.644 +	srlz.i				// guarantee that interruption 
  47.645 +					//   collection is on
  47.646  	;;
  47.647 -(p15)	ssm psr.i				// restore psr.i
  47.648 +(p15)	ssm psr.i			// restore psr.i
  47.649  	movl r14=ia64_leave_kernel
  47.650  	;;
  47.651  	SAVE_REST
  47.652  	mov rp=r14
  47.653  	;;
  47.654 -	adds out2=16,r12			// out2 = pointer to pt_regs
  47.655 +	adds out2=16,r12		// out2 = pointer to pt_regs
  47.656  	br.call.sptk.many b6=ia64_do_page_fault	// ignore return address
  47.657  END(page_fault)
  47.658  
  47.659  	.org ia64_ivt+0x1c00
  47.660 -/////////////////////////////////////////////////////////////////////////////////////////
  47.661 +//////////////////////////////////////////////////////////////////////////
  47.662  // 0x1c00 Entry 7 (size 64 bundles) Data Key Miss (12,51)
  47.663  ENTRY(dkey_miss)
  47.664  	DBG_FAULT(7)
  47.665 @@ -742,32 +779,33 @@ ENTRY(dkey_miss)
  47.666  END(dkey_miss)
  47.667  
  47.668  	.org ia64_ivt+0x2000
  47.669 -/////////////////////////////////////////////////////////////////////////////////////////
  47.670 +//////////////////////////////////////////////////////////////////////////
  47.671  // 0x2000 Entry 8 (size 64 bundles) Dirty-bit (54)
  47.672  ENTRY(dirty_bit)
  47.673  	DBG_FAULT(8)
  47.674  #ifdef XEN
  47.675  	mov r20=cr.ipsr
  47.676 -	mov r31=pr;;
  47.677 -	extr.u r20=r20,IA64_PSR_CPL0_BIT,2;;
  47.678 -	mov r19=8	/* prepare to save predicates */
  47.679 -	cmp.eq p6,p0=r0,r20 	/* cpl == 0?*/
  47.680 +	mov r31=pr
  47.681 +	;;
  47.682 +	extr.u r20=r20,IA64_PSR_CPL0_BIT,2
  47.683 +	;;
  47.684 +	mov r19=8			// prepare to save predicates
  47.685 +	cmp.eq p6,p0=r0,r20 		// cpl == 0?
  47.686  (p6)	br.sptk.few dispatch_to_fault_handler
  47.687 -	/* If shadow mode is not enabled, reflect the fault.  */
  47.688 +	// If shadow mode is not enabled, reflect the fault.
  47.689  	movl r22=THIS_CPU(cpu_kr)+IA64_KR_CURRENT_OFFSET
  47.690  	;;
  47.691  	ld8 r22=[r22]
  47.692  	;;
  47.693  	add r22=IA64_VCPU_DOMAIN_OFFSET,r22
  47.694  	;;
  47.695 -	/* Read domain.  */
  47.696 -	ld8 r22=[r22]
  47.697 +	ld8 r22=[r22]			// read domain
  47.698  	;;
  47.699  	add r22=IA64_DOMAIN_SHADOW_BITMAP_OFFSET,r22
  47.700  	;;
  47.701  	ld8 r22=[r22]
  47.702  	;;
  47.703 -	cmp.eq p6,p0=r0,r22 	/* !shadow_bitmap ?*/
  47.704 +	cmp.eq p6,p0=r0,r22 		// !shadow_bitmap ?
  47.705  (p6)	br.dptk.many dispatch_reflection
  47.706  
  47.707  	SAVE_MIN_WITH_COVER
  47.708 @@ -779,10 +817,11 @@ ENTRY(dirty_bit)
  47.709  
  47.710  	ssm psr.ic | PSR_DEFAULT_BITS
  47.711  	;;
  47.712 -	srlz.i					// guarantee that interruption collection is on
  47.713 +	srlz.i				// guarantee that interruption 
  47.714 +					//   collection is on
  47.715  	;;
  47.716 -(p15)	ssm psr.i				// restore psr.i
  47.717 -	adds r3=8,r2				// set up second base pointer
  47.718 +(p15)	ssm psr.i			// restore psr.i
  47.719 +	adds r3=8,r2			// set up second base pointer
  47.720  	;;
  47.721  	SAVE_REST
  47.722  	movl r14=ia64_leave_kernel
  47.723 @@ -791,65 +830,69 @@ ENTRY(dirty_bit)
  47.724  	br.call.sptk.many b6=ia64_shadow_fault
  47.725  #else
  47.726  	/*
  47.727 -	 * What we do here is to simply turn on the dirty bit in the PTE.  We need to
  47.728 -	 * update both the page-table and the TLB entry.  To efficiently access the PTE,
  47.729 -	 * we address it through the virtual page table.  Most likely, the TLB entry for
  47.730 -	 * the relevant virtual page table page is still present in the TLB so we can
  47.731 -	 * normally do this without additional TLB misses.  In case the necessary virtual
  47.732 -	 * page table TLB entry isn't present, we take a nested TLB miss hit where we look
  47.733 -	 * up the physical address of the L3 PTE and then continue at label 1 below.
  47.734 +	 * What we do here is to simply turn on the dirty bit in the PTE.
  47.735 +	 * We need to update both the page-table and the TLB entry.  To 
  47.736 +	 * efficiently access the PTE, we address it through the virtual
  47.737 +	 * page table.  Most likely, the TLB entry for the relevant virtual
  47.738 +	 * page table page is still present in the TLB so we can normally 
  47.739 +	 * do this without additional TLB misses.  In case the necessary 
  47.740 +	 * virtual page table TLB entry isn't present, we take a nested 
  47.741 +	 * TLB miss hit where we look up the physical address of the L3
  47.742 +	 * PTE and then continue at label 1 below.
  47.743  	 */
  47.744 -	mov r16=cr.ifa				// get the address that caused the fault
  47.745 -	movl r30=1f				// load continuation point in case of nested fault
  47.746 +	mov r16=cr.ifa			// get the address that caused the 
  47.747 +					//   fault
  47.748 +	movl r30=1f			// load continuation point in case 
  47.749 +					//   of nested fault
  47.750  	;;
  47.751 -	thash r17=r16				// compute virtual address of L3 PTE
  47.752 -	mov r29=b0				// save b0 in case of nested fault
  47.753 -	mov r31=pr				// save pr
  47.754 +	thash r17=r16			// compute virtual address of L3 PTE
  47.755 +	mov r29=b0			// save b0 in case of nested fault
  47.756 +	mov r31=pr			// save pr
  47.757  #ifdef CONFIG_SMP
  47.758 -	mov r28=ar.ccv				// save ar.ccv
  47.759 +	mov r28=ar.ccv			// save ar.ccv
  47.760  	;;
  47.761  1:	ld8 r18=[r17]
  47.762 -	;;					// avoid RAW on r18
  47.763 -	mov ar.ccv=r18				// set compare value for cmpxchg
  47.764 -	or r25=_PAGE_D|_PAGE_A,r18		// set the dirty and accessed bits
  47.765 +	;;				// avoid RAW on r18
  47.766 +	mov ar.ccv=r18			// set compare value for cmpxchg
  47.767 +	or r25=_PAGE_D|_PAGE_A,r18	// set the dirty and accessed bits
  47.768  	;;
  47.769  	cmpxchg8.acq r26=[r17],r25,ar.ccv
  47.770  	mov r24=PAGE_SHIFT<<2
  47.771  	;;
  47.772  	cmp.eq p6,p7=r26,r18
  47.773  	;;
  47.774 -(p6)	itc.d r25				// install updated PTE
  47.775 +(p6)	itc.d r25			// install updated PTE
  47.776  	;;
  47.777  	/*
  47.778 -	 * Tell the assemblers dependency-violation checker that the above "itc" instructions
  47.779 -	 * cannot possibly affect the following loads:
  47.780 +	 * Tell the assemblers dependency-violation checker that the above
  47.781 +	 * "itc" instructions cannot possibly affect the following loads:
  47.782  	 */
  47.783  	dv_serialize_data
  47.784  
  47.785 -	ld8 r18=[r17]				// read PTE again
  47.786 +	ld8 r18=[r17]			// read PTE again
  47.787  	;;
  47.788 -	cmp.eq p6,p7=r18,r25			// is it same as the newly installed
  47.789 +	cmp.eq p6,p7=r18,r25		// is it same as the newly installed
  47.790  	;;
  47.791  (p7)	ptc.l r16,r24
  47.792 -	mov b0=r29				// restore b0
  47.793 +	mov b0=r29			// restore b0
  47.794  	mov ar.ccv=r28
  47.795  #else
  47.796  	;;
  47.797  1:	ld8 r18=[r17]
  47.798 -	;;					// avoid RAW on r18
  47.799 -	or r18=_PAGE_D|_PAGE_A,r18		// set the dirty and accessed bits
  47.800 -	mov b0=r29				// restore b0
  47.801 +	;;				// avoid RAW on r18
  47.802 +	or r18=_PAGE_D|_PAGE_A,r18	// set the dirty and accessed bits
  47.803 +	mov b0=r29			// restore b0
  47.804  	;;
  47.805 -	st8 [r17]=r18				// store back updated PTE
  47.806 -	itc.d r18				// install updated PTE
  47.807 +	st8 [r17]=r18			// store back updated PTE
  47.808 +	itc.d r18			// install updated PTE
  47.809  #endif
  47.810 -	mov pr=r31,-1				// restore pr
  47.811 +	mov pr=r31,-1			// restore pr
  47.812  	rfi
  47.813  #endif
  47.814  END(dirty_bit)
  47.815  
  47.816  	.org ia64_ivt+0x2400
  47.817 -/////////////////////////////////////////////////////////////////////////////////////////
  47.818 +//////////////////////////////////////////////////////////////////////////
  47.819  // 0x2400 Entry 9 (size 64 bundles) Instruction Access-bit (27)
  47.820  ENTRY(iaccess_bit)
  47.821  	DBG_FAULT(9)
  47.822 @@ -862,9 +905,11 @@ ENTRY(iaccess_bit)
  47.823  	br.sptk.many fast_access_reflect;;
  47.824  #else
  47.825  	// Like Entry 8, except for instruction access
  47.826 -	mov r16=cr.ifa				// get the address that caused the fault
  47.827 -	movl r30=1f				// load continuation point in case of nested fault
  47.828 -	mov r31=pr				// save predicates
  47.829 +	mov r16=cr.ifa			// get the address that caused the
  47.830 +					//   fault
  47.831 +	movl r30=1f			// load continuation point in case 
  47.832 +					//   of nested fault
  47.833 +	mov r31=pr			// save predicates
  47.834  #ifdef CONFIG_ITANIUM
  47.835  	/*
  47.836  	 * Erratum 10 (IFA may contain incorrect address) has "NoFix" status.
  47.837 @@ -872,50 +917,50 @@ ENTRY(iaccess_bit)
  47.838  	mov r17=cr.ipsr
  47.839  	;;
  47.840  	mov r18=cr.iip
  47.841 -	tbit.z p6,p0=r17,IA64_PSR_IS_BIT	// IA64 instruction set?
  47.842 +	tbit.z p6,p0=r17,IA64_PSR_IS_BIT  // IA64 instruction set?
  47.843  	;;
  47.844 -(p6)	mov r16=r18				// if so, use cr.iip instead of cr.ifa
  47.845 +(p6)	mov r16=r18			// if so, use cr.iip instead of cr.ifa
  47.846  #endif /* CONFIG_ITANIUM */
  47.847  	;;
  47.848 -	thash r17=r16				// compute virtual address of L3 PTE
  47.849 -	mov r29=b0				// save b0 in case of nested fault)
  47.850 +	thash r17=r16			// compute virtual address of L3 PTE
  47.851 +	mov r29=b0			// save b0 in case of nested fault)
  47.852  #ifdef CONFIG_SMP
  47.853 -	mov r28=ar.ccv				// save ar.ccv
  47.854 +	mov r28=ar.ccv			// save ar.ccv
  47.855  	;;
  47.856  1:	ld8 r18=[r17]
  47.857  	;;
  47.858 -	mov ar.ccv=r18				// set compare value for cmpxchg
  47.859 -	or r25=_PAGE_A,r18			// set the accessed bit
  47.860 +	mov ar.ccv=r18			// set compare value for cmpxchg
  47.861 +	or r25=_PAGE_A,r18		// set the accessed bit
  47.862  	;;
  47.863  	cmpxchg8.acq r26=[r17],r25,ar.ccv
  47.864  	mov r24=PAGE_SHIFT<<2
  47.865  	;;
  47.866  	cmp.eq p6,p7=r26,r18
  47.867  	;;
  47.868 -(p6)	itc.i r25				// install updated PTE
  47.869 +(p6)	itc.i r25			// install updated PTE
  47.870  	;;
  47.871  	/*
  47.872 -	 * Tell the assemblers dependency-violation checker that the above "itc" instructions
  47.873 -	 * cannot possibly affect the following loads:
  47.874 +	 * Tell the assemblers dependency-violation checker that the above
  47.875 +	 * "itc" instructions cannot possibly affect the following loads:
  47.876  	 */
  47.877  	dv_serialize_data
  47.878  
  47.879 -	ld8 r18=[r17]				// read PTE again
  47.880 +	ld8 r18=[r17]			// read PTE again
  47.881  	;;
  47.882 -	cmp.eq p6,p7=r18,r25			// is it same as the newly installed
  47.883 +	cmp.eq p6,p7=r18,r25		// is it same as the newly installed
  47.884  	;;
  47.885  (p7)	ptc.l r16,r24
  47.886 -	mov b0=r29				// restore b0
  47.887 +	mov b0=r29			// restore b0
  47.888  	mov ar.ccv=r28
  47.889  #else /* !CONFIG_SMP */
  47.890  	;;
  47.891  1:	ld8 r18=[r17]
  47.892  	;;
  47.893 -	or r18=_PAGE_A,r18			// set the accessed bit
  47.894 -	mov b0=r29				// restore b0
  47.895 +	or r18=_PAGE_A,r18		// set the accessed bit
  47.896 +	mov b0=r29			// restore b0
  47.897  	;;
  47.898 -	st8 [r17]=r18				// store back updated PTE
  47.899 -	itc.i r18				// install updated PTE
  47.900 +	st8 [r17]=r18			// store back updated PTE
  47.901 +	itc.i r18			// install updated PTE
  47.902  #endif /* !CONFIG_SMP */
  47.903  	mov pr=r31,-1
  47.904  	rfi
  47.905 @@ -923,7 +968,7 @@ 1:	ld8 r18=[r17]
  47.906  END(iaccess_bit)
  47.907  
  47.908  	.org ia64_ivt+0x2800
  47.909 -/////////////////////////////////////////////////////////////////////////////////////////
  47.910 +//////////////////////////////////////////////////////////////////////////
  47.911  // 0x2800 Entry 10 (size 64 bundles) Data Access-bit (15,55)
  47.912  ENTRY(daccess_bit)
  47.913  	DBG_FAULT(10)
  47.914 @@ -933,74 +978,80 @@ ENTRY(daccess_bit)
  47.915  	mov r31=pr
  47.916  	mov r19=10
  47.917  	mov r20=0x2800
  47.918 -	br.sptk.many fast_access_reflect;;
  47.919 +	br.sptk.many fast_access_reflect
  47.920 +	;;
  47.921  #else
  47.922  	// Like Entry 8, except for data access
  47.923 -	mov r16=cr.ifa				// get the address that caused the fault
  47.924 -	movl r30=1f				// load continuation point in case of nested fault
  47.925 +	mov r16=cr.ifa			// get the address that caused the
  47.926 +					//   fault
  47.927 +	movl r30=1f			// load continuation point in case
  47.928 +					//   of nested fault
  47.929  	;;
  47.930 -	thash r17=r16				// compute virtual address of L3 PTE
  47.931 +	thash r17=r16			// compute virtual address of L3 PTE
  47.932  	mov r31=pr
  47.933 -	mov r29=b0				// save b0 in case of nested fault)
  47.934 +	mov r29=b0			// save b0 in case of nested fault)
  47.935  #ifdef CONFIG_SMP
  47.936 -	mov r28=ar.ccv				// save ar.ccv
  47.937 +	mov r28=ar.ccv			// save ar.ccv
  47.938  	;;
  47.939  1:	ld8 r18=[r17]
  47.940 -	;;					// avoid RAW on r18
  47.941 -	mov ar.ccv=r18				// set compare value for cmpxchg
  47.942 -	or r25=_PAGE_A,r18			// set the dirty bit
  47.943 +	;;				// avoid RAW on r18
  47.944 +	mov ar.ccv=r18			// set compare value for cmpxchg
  47.945 +	or r25=_PAGE_A,r18		// set the dirty bit
  47.946  	;;
  47.947  	cmpxchg8.acq r26=[r17],r25,ar.ccv
  47.948  	mov r24=PAGE_SHIFT<<2
  47.949  	;;
  47.950  	cmp.eq p6,p7=r26,r18
  47.951  	;;
  47.952 -(p6)	itc.d r25				// install updated PTE
  47.953 +(p6)	itc.d r25			// install updated PTE
  47.954  	/*
  47.955 -	 * Tell the assemblers dependency-violation checker that the above "itc" instructions
  47.956 -	 * cannot possibly affect the following loads:
  47.957 +	 * Tell the assemblers dependency-violation checker that the above
  47.958 +	 * "itc" instructions cannot possibly affect the following loads:
  47.959  	 */
  47.960  	dv_serialize_data
  47.961  	;;
  47.962 -	ld8 r18=[r17]				// read PTE again
  47.963 +	ld8 r18=[r17]			// read PTE again
  47.964  	;;
  47.965 -	cmp.eq p6,p7=r18,r25			// is it same as the newly installed
  47.966 +	cmp.eq p6,p7=r18,r25		// is it same as the newly installed
  47.967  	;;
  47.968  (p7)	ptc.l r16,r24
  47.969  	mov ar.ccv=r28
  47.970  #else
  47.971  	;;
  47.972  1:	ld8 r18=[r17]
  47.973 -	;;					// avoid RAW on r18
  47.974 -	or r18=_PAGE_A,r18			// set the accessed bit
  47.975 +	;;				// avoid RAW on r18
  47.976 +	or r18=_PAGE_A,r18		// set the accessed bit
  47.977  	;;
  47.978 -	st8 [r17]=r18				// store back updated PTE
  47.979 -	itc.d r18				// install updated PTE
  47.980 +	st8 [r17]=r18			// store back updated PTE
  47.981 +	itc.d r18			// install updated PTE
  47.982  #endif
  47.983 -	mov b0=r29				// restore b0
  47.984 +	mov b0=r29			// restore b0
  47.985  	mov pr=r31,-1
  47.986  	rfi
  47.987  #endif
  47.988  END(daccess_bit)
  47.989  
  47.990  	.org ia64_ivt+0x2c00
  47.991 -/////////////////////////////////////////////////////////////////////////////////////////
  47.992 +//////////////////////////////////////////////////////////////////////////
  47.993  // 0x2c00 Entry 11 (size 64 bundles) Break instruction (33)
  47.994  ENTRY(break_fault)
  47.995  	/*
  47.996 -	 * The streamlined system call entry/exit paths only save/restore the initial part
  47.997 -	 * of pt_regs.  This implies that the callers of system-calls must adhere to the
  47.998 -	 * normal procedure calling conventions.
  47.999 +	 * The streamlined system call entry/exit paths only save/restore 
 47.1000 +	 * the initial part of pt_regs.  This implies that the callers of
 47.1001 +	 * system-calls must adhere to the normal procedure calling 
 47.1002 +	 * conventions.
 47.1003  	 *
 47.1004  	 *   Registers to be saved & restored:
 47.1005  	 *	CR registers: cr.ipsr, cr.iip, cr.ifs
 47.1006 -	 *	AR registers: ar.unat, ar.pfs, ar.rsc, ar.rnat, ar.bspstore, ar.fpsr
 47.1007 +	 *	AR registers: ar.unat, ar.pfs, ar.rsc, ar.rnat, ar.bspstore,
 47.1008 +	 *		      ar.fpsr
 47.1009  	 * 	others: pr, b0, b6, loadrs, r1, r11, r12, r13, r15
 47.1010  	 *   Registers to be restored only:
 47.1011  	 * 	r8-r11: output value from the system call.
 47.1012  	 *
 47.1013 -	 * During system call exit, scratch registers (including r15) are modified/cleared
 47.1014 -	 * to prevent leaking bits from kernel to user level.
 47.1015 +	 * During system call exit, scratch registers (including r15) are
 47.1016 +	 * modified/cleared to prevent leaking bits from kernel to user 
 47.1017 +	 * level.
 47.1018  	 */
 47.1019  	DBG_FAULT(11)
 47.1020  #ifdef XEN
 47.1021 @@ -1009,13 +1060,17 @@ ENTRY(break_fault)
 47.1022  	mov r31=pr
 47.1023  	;;
 47.1024  	cmp.eq p7,p0=r17,r0
 47.1025 -(p7)	br.spnt.few dispatch_break_fault ;;
 47.1026 +(p7)	br.spnt.few dispatch_break_fault
 47.1027 +	;;
 47.1028  #ifdef CRASH_DEBUG
 47.1029 -        // panic can occur before domain0 is created.
 47.1030 -        // in such case referencing XSI_PSR_IC causes nested_dtlb_miss
 47.1031 -        movl r18=CDB_BREAK_NUM ;;
 47.1032 -        cmp.eq p7,p0=r17,r18 ;; 
 47.1033 -(p7)    br.spnt.few dispatch_break_fault ;;
 47.1034 +        // A panic can occur before domain0 is created.  In such cases, 
 47.1035 +	// referencing XSI_PSR_IC causes nested_dtlb_miss.
 47.1036 +        movl r18=CDB_BREAK_NUM
 47.1037 +	;;
 47.1038 +        cmp.eq p7,p0=r17,r18
 47.1039 +	;; 
 47.1040 +(p7)    br.spnt.few dispatch_break_fault
 47.1041 +	;;
 47.1042  #endif
 47.1043  	movl r18=THIS_CPU(current_psr_ic_addr)
 47.1044  	;;
 47.1045 @@ -1026,17 +1081,19 @@ ENTRY(break_fault)
 47.1046  	cmp.eq p7,p0=r0,r17			// is this a psuedo-cover?
 47.1047  (p7)	br.spnt.many dispatch_privop_fault
 47.1048  	;;
 47.1049 -	// if vpsr.ic is off, we have a hyperprivop
 47.1050 -	// A hyperprivop is hand-coded assembly with psr.ic off
 47.1051 -	// which means no calls, no use of r1-r15 and no memory accesses
 47.1052 -	// except to pinned addresses!
 47.1053 +	// If vpsr.ic is off, we have a hyperprivop.  A hyperprivop is
 47.1054 +	// hand-coded assembly with psr.ic off which means it can make
 47.1055 +	// no calls, cannot use r1-r15, and it can have no memory accesses
 47.1056 +	// unless they are to pinned addresses!
 47.1057  	cmp4.eq p7,p0=r0,r19
 47.1058  (p7)	br.sptk.many fast_hyperprivop
 47.1059  	;;
 47.1060 -	movl r22=THIS_CPU(cpu_kr)+IA64_KR_CURRENT_OFFSET;;
 47.1061 +	movl r22=THIS_CPU(cpu_kr)+IA64_KR_CURRENT_OFFSET
 47.1062 +	;;
 47.1063  	ld8 r22 = [r22]
 47.1064  	;;
 47.1065 -	adds r22=IA64_VCPU_BREAKIMM_OFFSET,r22;;
 47.1066 +	adds r22=IA64_VCPU_BREAKIMM_OFFSET,r22
 47.1067 +	;;
 47.1068  	ld4 r23=[r22];;
 47.1069  	cmp4.eq p6,p7=r23,r17			// Xen-reserved breakimm?
 47.1070  (p6)	br.spnt.many dispatch_break_fault
 47.1071 @@ -1056,78 +1113,86 @@ ENTRY(break_fault)
 47.1072  	mov r26=ar.pfs
 47.1073  	mov r28=cr.iip
 47.1074  #ifndef XEN
 47.1075 -	mov r31=pr				// prepare to save predicates
 47.1076 +	mov r31=pr			// prepare to save predicates
 47.1077  #endif
 47.1078  	mov r20=r1
 47.1079  	;;
 47.1080  	adds r16=IA64_TASK_THREAD_ON_USTACK_OFFSET,r16
 47.1081 -	cmp.eq p0,p7=r18,r17			// is this a system call? (p7 <- false, if so)
 47.1082 +	cmp.eq p0,p7=r18,r17		// is this a system call? 
 47.1083 +					//   (p7 <- false, if so)
 47.1084  (p7)	br.cond.spnt non_syscall
 47.1085  	;;
 47.1086 -	ld1 r17=[r16]				// load current->thread.on_ustack flag
 47.1087 -	st1 [r16]=r0				// clear current->thread.on_ustack flag
 47.1088 -	add r1=-IA64_TASK_THREAD_ON_USTACK_OFFSET,r16	// set r1 for MINSTATE_START_SAVE_MIN_VIRT
 47.1089 +	ld1 r17=[r16]			// load current->thread.on_ustack flag
 47.1090 +	st1 [r16]=r0			// clear current->thread.on_ustack flag
 47.1091 +	add r1=-IA64_TASK_THREAD_ON_USTACK_OFFSET,r16
 47.1092 +					// set r1 for 
 47.1093 +					//   MINSTATE_START_SAVE_MIN_VIRT
 47.1094  	;;
 47.1095  	invala
 47.1096  
 47.1097  	/* adjust return address so we skip over the break instruction: */
 47.1098  
 47.1099 -	extr.u r8=r29,41,2			// extract ei field from cr.ipsr
 47.1100 +	extr.u r8=r29,41,2		// extract ei field from cr.ipsr
 47.1101  	;;
 47.1102 -	cmp.eq p6,p7=2,r8			// isr.ei==2?
 47.1103 -	mov r2=r1				// setup r2 for ia64_syscall_setup
 47.1104 +	cmp.eq p6,p7=2,r8		// isr.ei==2?
 47.1105 +	mov r2=r1			// setup r2 for ia64_syscall_setup
 47.1106  	;;
 47.1107 -(p6)	mov r8=0				// clear ei to 0
 47.1108 -(p6)	adds r28=16,r28				// switch cr.iip to next bundle cr.ipsr.ei wrapped
 47.1109 -(p7)	adds r8=1,r8				// increment ei to next slot
 47.1110 +(p6)	mov r8=0			// clear ei to 0
 47.1111 +(p6)	adds r28=16,r28			// switch cr.iip to next bundle 
 47.1112 +					//   cr.ipsr.ei wrapped
 47.1113 +(p7)	adds r8=1,r8			// increment ei to next slot
 47.1114  	;;
 47.1115 -	cmp.eq pKStk,pUStk=r0,r17		// are we in kernel mode already?
 47.1116 -	dep r29=r8,r29,41,2			// insert new ei into cr.ipsr
 47.1117 +	cmp.eq pKStk,pUStk=r0,r17	// are we in kernel mode already?
 47.1118 +	dep r29=r8,r29,41,2		// insert new ei into cr.ipsr
 47.1119  	;;
 47.1120  
 47.1121  	// switch from user to kernel RBS:
 47.1122  	MINSTATE_START_SAVE_MIN_VIRT
 47.1123  	br.call.sptk.many b7=ia64_syscall_setup
 47.1124  	;;
 47.1125 -	MINSTATE_END_SAVE_MIN_VIRT		// switch to bank 1
 47.1126 +	MINSTATE_END_SAVE_MIN_VIRT	// switch to bank 1
 47.1127  	ssm psr.ic | PSR_DEFAULT_BITS
 47.1128  	;;
 47.1129 -	srlz.i					// guarantee that interruption collection is on
 47.1130 +	srlz.i				// guarantee that interruption 
 47.1131 +					//   collection is on
 47.1132  	mov r3=NR_syscalls - 1
 47.1133  	;;
 47.1134 -(p15)	ssm psr.i				// restore psr.i
 47.1135 +(p15)	ssm psr.i			// restore psr.i
 47.1136  	// p10==true means out registers are more than 8 or r15's Nat is true
 47.1137  (p10)	br.cond.spnt.many ia64_ret_from_syscall
 47.1138  	;;
 47.1139  	movl r16=sys_call_table
 47.1140  
 47.1141 -	adds r15=-1024,r15			// r15 contains the syscall number---subtract 1024
 47.1142 +	adds r15=-1024,r15		// r15 contains the syscall number --
 47.1143 +					//   subtract 1024 from it
 47.1144  	movl r2=ia64_ret_from_syscall
 47.1145  	;;
 47.1146 -	shladd r20=r15,3,r16			// r20 = sys_call_table + 8*(syscall-1024)
 47.1147 -	cmp.leu p6,p7=r15,r3			// (syscall > 0 && syscall < 1024 + NR_syscalls) ?
 47.1148 -	mov rp=r2				// set the real return addr
 47.1149 +	shladd r20=r15,3,r16		// r20 = sys_call_table + 
 47.1150 +					//       8*(syscall-1024)
 47.1151 +	cmp.leu p6,p7=r15,r3		// (syscall > 0 && syscall < 1024 +
 47.1152 +					//  NR_syscalls) ?
 47.1153 +	mov rp=r2			// set the real return addr
 47.1154  	;;
 47.1155 -(p6)	ld8 r20=[r20]				// load address of syscall entry point
 47.1156 +(p6)	ld8 r20=[r20]			// load address of syscall entry point
 47.1157  (p7)	movl r20=sys_ni_syscall
 47.1158  
 47.1159  	add r2=TI_FLAGS+IA64_TASK_SIZE,r13
 47.1160  	;;
 47.1161 -	ld4 r2=[r2]				// r2 = current_thread_info()->flags
 47.1162 +	ld4 r2=[r2]			// r2 = current_thread_info()->flags
 47.1163  	;;
 47.1164 -	and r2=_TIF_SYSCALL_TRACEAUDIT,r2	// mask trace or audit
 47.1165 +	and r2=_TIF_SYSCALL_TRACEAUDIT,r2  // mask trace or audit
 47.1166  	;;
 47.1167  	cmp.eq p8,p0=r2,r0
 47.1168  	mov b6=r20
 47.1169  	;;
 47.1170 -(p8)	br.call.sptk.many b6=b6			// ignore this return addr
 47.1171 +(p8)	br.call.sptk.many b6=b6		// ignore this return addr
 47.1172  	br.cond.sptk ia64_trace_syscall
 47.1173  	// NOT REACHED
 47.1174  #endif
 47.1175  END(break_fault)
 47.1176  
 47.1177  	.org ia64_ivt+0x3000
 47.1178 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1179 +//////////////////////////////////////////////////////////////////////////
 47.1180  // 0x3000 Entry 12 (size 64 bundles) External Interrupt (4)
 47.1181  ENTRY(interrupt)
 47.1182  	DBG_FAULT(12)
 47.1183 @@ -1138,11 +1203,16 @@ ENTRY(interrupt)
 47.1184  	// FIXME: this is a hack... use cpuinfo.ksoftirqd because its
 47.1185  	// not used anywhere else and we need a place to stash ivr and
 47.1186  	// there's no registers available unused by SAVE_MIN/REST
 47.1187 -	movl r29=THIS_CPU(cpu_info)+IA64_CPUINFO_KSOFTIRQD_OFFSET;;
 47.1188 -	st8 [r29]=r30;;
 47.1189 -	movl r28=slow_interrupt;;
 47.1190 -	mov r29=rp;;
 47.1191 -	mov rp=r28;;
 47.1192 +	movl r29=THIS_CPU(cpu_info)+IA64_CPUINFO_KSOFTIRQD_OFFSET
 47.1193 +	;;
 47.1194 +	st8 [r29]=r30
 47.1195 +	;;
 47.1196 +	movl r28=slow_interrupt
 47.1197 +	;;
 47.1198 +	mov r29=rp
 47.1199 +	;;
 47.1200 +	mov rp=r28
 47.1201 +	;;
 47.1202  	br.cond.sptk.many fast_tick_reflect
 47.1203  	;;
 47.1204  slow_interrupt:
 47.1205 @@ -1175,16 +1245,16 @@ slow_interrupt:
 47.1206  END(interrupt)
 47.1207  
 47.1208  	.org ia64_ivt+0x3400
 47.1209 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1210 +//////////////////////////////////////////////////////////////////////////
 47.1211  // 0x3400 Entry 13 (size 64 bundles) Reserved
 47.1212  	DBG_FAULT(13)
 47.1213  	FAULT(13)
 47.1214  
 47.1215  #ifdef XEN
 47.1216 -	// There is no particular reason for this code to be here, other than that
 47.1217 -	// there happens to be space here that would go unused otherwise.  If this
 47.1218 -	// fault ever gets "unreserved", simply moved the following code to a more
 47.1219 -	// suitable spot...
 47.1220 +	// There is no particular reason for this code to be here, other
 47.1221 +	// than that there happens to be space here that would go unused 
 47.1222 +	// otherwise.  If this fault ever gets "unreserved", simply move
 47.1223 +	// the following code to a more suitable spot...
 47.1224  
 47.1225  GLOBAL_ENTRY(dispatch_break_fault)
 47.1226  	SAVE_MIN_WITH_COVER
 47.1227 @@ -1198,32 +1268,32 @@ dispatch_break_fault_post_save:
 47.1228  
 47.1229  	ssm psr.ic | PSR_DEFAULT_BITS
 47.1230  	;;
 47.1231 -	srlz.i					// guarantee that interruption collection is on
 47.1232 +	srlz.i			// guarantee that interruption collection is on
 47.1233  	;;
 47.1234 -(p15)	ssm psr.i				// restore psr.i
 47.1235 -	adds r3=8,r2				// set up second base pointer
 47.1236 +(p15)	ssm psr.i		// restore psr.i
 47.1237 +	adds r3=8,r2		// set up second base pointer
 47.1238  	;;
 47.1239  	SAVE_REST
 47.1240  	movl r14=ia64_leave_kernel
 47.1241  	;;
 47.1242  	mov rp=r14
 47.1243 -//	br.sptk.many ia64_prepare_handle_break
 47.1244 -    br.call.sptk.many b6=ia64_handle_break
 47.1245 +//	br.sptk.many ia64_prepare_handle_break	// TODO: why commented out?
 47.1246 +    	br.call.sptk.many b6=ia64_handle_break
 47.1247  END(dispatch_break_fault)
 47.1248  #endif
 47.1249  
 47.1250  	.org ia64_ivt+0x3800
 47.1251 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1252 +//////////////////////////////////////////////////////////////////////////
 47.1253  // 0x3800 Entry 14 (size 64 bundles) Reserved
 47.1254  	DBG_FAULT(14)
 47.1255  	FAULT(14)
 47.1256  
 47.1257  #ifndef XEN
 47.1258  	/*
 47.1259 -	 * There is no particular reason for this code to be here, other than that
 47.1260 -	 * there happens to be space here that would go unused otherwise.  If this
 47.1261 -	 * fault ever gets "unreserved", simply moved the following code to a more
 47.1262 -	 * suitable spot...
 47.1263 +	 * There is no particular reason for this code to be here, other 
 47.1264 +	 * than that there happens to be space here that would go unused 
 47.1265 +	 * otherwise.  If this fault ever gets "unreserved", simply move
 47.1266 +	 * the following code to a more suitable spot...
 47.1267  	 *
 47.1268  	 * ia64_syscall_setup() is a separate subroutine so that it can
 47.1269  	 *	allocate stacked registers so it can safely demine any
 47.1270 @@ -1271,11 +1341,11 @@ GLOBAL_ENTRY(ia64_syscall_setup)
 47.1271  # error This code assumes that b6 is the first field in pt_regs.
 47.1272  #endif
 47.1273  #endif
 47.1274 -	st8 [r1]=r19				// save b6
 47.1275 -	add r16=PT(CR_IPSR),r1			// initialize first base pointer
 47.1276 -	add r17=PT(R11),r1			// initialize second base pointer
 47.1277 +	st8 [r1]=r19			// save b6
 47.1278 +	add r16=PT(CR_IPSR),r1		// initialize first base pointer
 47.1279 +	add r17=PT(R11),r1		// initialize second base pointer
 47.1280  	;;
 47.1281 -	alloc r19=ar.pfs,8,0,0,0		// ensure in0-in7 are writable
 47.1282 +	alloc r19=ar.pfs,8,0,0,0	// ensure in0-in7 are writable
 47.1283  	st8 [r16]=r29,PT(AR_PFS)-PT(CR_IPSR)	// save cr.ipsr
 47.1284  	tnat.nz p8,p0=in0
 47.1285  
 47.1286 @@ -1312,18 +1382,20 @@ GLOBAL_ENTRY(ia64_syscall_setup)
 47.1287  	tnat.nz p11,p0=in3
 47.1288  	;;
 47.1289  (p10)	mov in2=-1
 47.1290 -	tnat.nz p12,p0=in4				// [I0]
 47.1291 +	tnat.nz p12,p0=in4			// [I0]
 47.1292  (p11)	mov in3=-1
 47.1293  	;;
 47.1294  (pUStk) st8 [r16]=r24,PT(PR)-PT(AR_RNAT)	// save ar.rnat
 47.1295  (pUStk) st8 [r17]=r23,PT(B0)-PT(AR_BSPSTORE)	// save ar.bspstore
 47.1296 -	shl r18=r18,16				// compute ar.rsc to be used for "loadrs"
 47.1297 +	shl r18=r18,16				// compute ar.rsc to be used
 47.1298 +						//   for "loadrs"
 47.1299  	;;
 47.1300  	st8 [r16]=r31,PT(LOADRS)-PT(PR)		// save predicates
 47.1301  	st8 [r17]=r28,PT(R1)-PT(B0)		// save b0
 47.1302 -	tnat.nz p13,p0=in5				// [I0]
 47.1303 +	tnat.nz p13,p0=in5			// [I0]
 47.1304  	;;
 47.1305 -	st8 [r16]=r18,PT(R12)-PT(LOADRS)	// save ar.rsc value for "loadrs"
 47.1306 +	st8 [r16]=r18,PT(R12)-PT(LOADRS)	// save ar.rsc value for
 47.1307 +						//   "loadrs"
 47.1308  	st8.spill [r17]=r20,PT(R13)-PT(R1)	// save original r1
 47.1309  (p12)	mov in4=-1
 47.1310  	;;
 47.1311 @@ -1336,32 +1408,34 @@ GLOBAL_ENTRY(ia64_syscall_setup)
 47.1312  	tnat.nz p14,p0=in6
 47.1313  	cmp.lt p10,p9=r11,r8	// frame size can't be more than local+8
 47.1314  	;;
 47.1315 -	stf8 [r16]=f1		// ensure pt_regs.r8 != 0 (see handle_syscall_error)
 47.1316 +	stf8 [r16]=f1		// ensure pt_regs.r8 != 0 
 47.1317 +				//   (see handle_syscall_error)
 47.1318  (p9)	tnat.nz p10,p0=r15
 47.1319 -	adds r12=-16,r1		// switch to kernel memory stack (with 16 bytes of scratch)
 47.1320 +	adds r12=-16,r1		// switch to kernel memory stack (with 16 
 47.1321 +				//   bytes of scratch)
 47.1322  
 47.1323 -	st8.spill [r17]=r15			// save r15
 47.1324 +	st8.spill [r17]=r15	// save r15
 47.1325  	tnat.nz p8,p0=in7
 47.1326  	nop.i 0
 47.1327  
 47.1328 -	mov r13=r2				// establish `current'
 47.1329 -	movl r1=__gp				// establish kernel global pointer
 47.1330 +	mov r13=r2		// establish `current'
 47.1331 +	movl r1=__gp		// establish kernel global pointer
 47.1332  	;;
 47.1333  (p14)	mov in6=-1
 47.1334  (p8)	mov in7=-1
 47.1335  	nop.i 0
 47.1336  
 47.1337 -	cmp.eq pSys,pNonSys=r0,r0		// set pSys=1, pNonSys=0
 47.1338 +	cmp.eq pSys,pNonSys=r0,r0	// set pSys=1, pNonSys=0
 47.1339  	movl r17=FPSR_DEFAULT
 47.1340  	;;
 47.1341 -	mov.m ar.fpsr=r17			// set ar.fpsr to kernel default value
 47.1342 +	mov.m ar.fpsr=r17		// set ar.fpsr to kernel default value
 47.1343  (p10)	mov r8=-EINVAL
 47.1344  	br.ret.sptk.many b7
 47.1345  END(ia64_syscall_setup)
 47.1346  #endif /* XEN */
 47.1347  	
 47.1348  	.org ia64_ivt+0x3c00
 47.1349 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1350 +//////////////////////////////////////////////////////////////////////////
 47.1351  // 0x3c00 Entry 15 (size 64 bundles) Reserved
 47.1352  	DBG_FAULT(15)
 47.1353  	FAULT(15)
 47.1354 @@ -1370,11 +1444,12 @@ END(ia64_syscall_setup)
 47.1355  	/*
 47.1356  	 * Squatting in this space ...
 47.1357  	 *
 47.1358 -	 * This special case dispatcher for illegal operation faults allows preserved
 47.1359 -	 * registers to be modified through a callback function (asm only) that is handed
 47.1360 -	 * back from the fault handler in r8. Up to three arguments can be passed to the
 47.1361 -	 * callback function by returning an aggregate with the callback as its first
 47.1362 -	 * element, followed by the arguments.
 47.1363 +	 * This special case dispatcher for illegal operation faults 
 47.1364 +	 * allows preserved registers to be modified through a callback
 47.1365 +	 * function (asm only) that is handed back from the fault handler
 47.1366 +	 * in r8.  Up to three arguments can be passed to the callback
 47.1367 +	 * function by returning an aggregate with the callback as its 
 47.1368 +	 * first element, followed by the arguments.
 47.1369  	 */
 47.1370  ENTRY(dispatch_illegal_op_fault)
 47.1371  	SAVE_MIN_WITH_COVER
 47.1372 @@ -1408,21 +1483,22 @@ END(dispatch_illegal_op_fault)
 47.1373  #endif
 47.1374  
 47.1375  	.org ia64_ivt+0x4000
 47.1376 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1377 +//////////////////////////////////////////////////////////////////////////
 47.1378  // 0x4000 Entry 16 (size 64 bundles) Reserved
 47.1379  	DBG_FAULT(16)
 47.1380  	FAULT(16)
 47.1381  
 47.1382  #ifdef XEN
 47.1383 -	// There is no particular reason for this code to be here, other than that
 47.1384 -	// there happens to be space here that would go unused otherwise.  If this
 47.1385 -	// fault ever gets "unreserved", simply moved the following code to a more
 47.1386 -	// suitable spot...
 47.1387 +	// There is no particular reason for this code to be here, other
 47.1388 +	// than that there happens to be space here that would go unused 
 47.1389 +	// otherwise.  If this fault ever gets "unreserved", simply move
 47.1390 +	// the following code to a more suitable spot...
 47.1391  
 47.1392  ENTRY(dispatch_privop_fault)
 47.1393  	SAVE_MIN_WITH_COVER
 47.1394  	;;
 47.1395 -	alloc r14=ar.pfs,0,0,4,0		// now it's safe (must be first in insn group!)
 47.1396 +	alloc r14=ar.pfs,0,0,4,0	// now it's safe (must be first in
 47.1397 +					//   insn group!)
 47.1398  	mov out0=cr.ifa
 47.1399  	adds out1=16,sp
 47.1400  	mov out2=cr.isr		// FIXME: pity to make this slow access twice
 47.1401 @@ -1430,23 +1506,24 @@ ENTRY(dispatch_privop_fault)
 47.1402  
 47.1403  	ssm psr.ic | PSR_DEFAULT_BITS
 47.1404  	;;
 47.1405 -	srlz.i					// guarantee that interruption collection is on
 47.1406 +	srlz.i				// guarantee that interruption 
 47.1407 +					//   collection is on
 47.1408  	;;
 47.1409 -(p15)	ssm psr.i				// restore psr.i
 47.1410 -	adds r3=8,r2				// set up second base pointer
 47.1411 +(p15)	ssm psr.i			// restore psr.i
 47.1412 +	adds r3=8,r2			// set up second base pointer
 47.1413  	;;
 47.1414  	SAVE_REST
 47.1415  	movl r14=ia64_leave_kernel
 47.1416  	;;
 47.1417  	mov rp=r14
 47.1418 -//	br.sptk.many ia64_prepare_handle_privop
 47.1419 -     br.call.sptk.many b6=ia64_handle_privop
 47.1420 +//	br.sptk.many ia64_prepare_handle_privop  // TODO: why commented out?
 47.1421 +     	br.call.sptk.many b6=ia64_handle_privop
 47.1422  END(dispatch_privop_fault)
 47.1423  #endif
 47.1424  
 47.1425  
 47.1426  	.org ia64_ivt+0x4400
 47.1427 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1428 +//////////////////////////////////////////////////////////////////////////
 47.1429  // 0x4400 Entry 17 (size 64 bundles) Reserved
 47.1430  	DBG_FAULT(17)
 47.1431  	FAULT(17)
 47.1432 @@ -1455,77 +1532,80 @@ END(dispatch_privop_fault)
 47.1433  ENTRY(non_syscall)
 47.1434  	SAVE_MIN_WITH_COVER
 47.1435  
 47.1436 -	// There is no particular reason for this code to be here, other than that
 47.1437 -	// there happens to be space here that would go unused otherwise.  If this
 47.1438 -	// fault ever gets "unreserved", simply moved the following code to a more
 47.1439 -	// suitable spot...
 47.1440 +	// There is no particular reason for this code to be here, other
 47.1441 +	// than that there happens to be space here that would go unused 
 47.1442 +	// otherwise.  If this fault ever gets "unreserved", simply move
 47.1443 +	// the following code to a more suitable spot...
 47.1444  
 47.1445  	alloc r14=ar.pfs,0,0,2,0
 47.1446  	mov out0=cr.iim
 47.1447  	add out1=16,sp
 47.1448 -	adds r3=8,r2			// set up second base pointer for SAVE_REST
 47.1449 +	adds r3=8,r2		// set up second base pointer for SAVE_REST
 47.1450  
 47.1451  	ssm psr.ic | PSR_DEFAULT_BITS
 47.1452  	;;
 47.1453 -	srlz.i				// guarantee that interruption collection is on
 47.1454 +	srlz.i			// guarantee that interruption collection is on
 47.1455  	;;
 47.1456 -(p15)	ssm psr.i			// restore psr.i
 47.1457 +(p15)	ssm psr.i		// restore psr.i
 47.1458  	movl r15=ia64_leave_kernel
 47.1459  	;;
 47.1460  	SAVE_REST
 47.1461  	mov rp=r15
 47.1462  	;;
 47.1463 -	br.call.sptk.many b6=ia64_bad_break	// avoid WAW on CFM and ignore return addr
 47.1464 +	br.call.sptk.many b6=ia64_bad_break	// avoid WAW on CFM and 
 47.1465 +						//   ignore return addr
 47.1466  END(non_syscall)
 47.1467  #endif
 47.1468  
 47.1469  	.org ia64_ivt+0x4800
 47.1470 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1471 +//////////////////////////////////////////////////////////////////////////
 47.1472  // 0x4800 Entry 18 (size 64 bundles) Reserved
 47.1473  	DBG_FAULT(18)
 47.1474  	FAULT(18)
 47.1475  
 47.1476  #ifndef XEN
 47.1477  	/*
 47.1478 -	 * There is no particular reason for this code to be here, other than that
 47.1479 -	 * there happens to be space here that would go unused otherwise.  If this
 47.1480 -	 * fault ever gets "unreserved", simply moved the following code to a more
 47.1481 -	 * suitable spot...
 47.1482 +	 * There is no particular reason for this code to be here, other
 47.1483 +	 * than that there happens to be space here that would go unused 
 47.1484 +	 * otherwise.  If this fault ever gets "unreserved", simply move
 47.1485 +	 * the following code to a more suitable spot...
 47.1486  	 */
 47.1487  ENTRY(dispatch_unaligned_handler)
 47.1488  	SAVE_MIN_WITH_COVER
 47.1489  	;;
 47.1490 -	alloc r14=ar.pfs,0,0,2,0		// now it's safe (must be first in insn group!)
 47.1491 +	alloc r14=ar.pfs,0,0,2,0	// now it's safe (must be first in
 47.1492 +					//   insn group!)
 47.1493  	mov out0=cr.ifa
 47.1494  	adds out1=16,sp
 47.1495  
 47.1496  	ssm psr.ic | PSR_DEFAULT_BITS
 47.1497  	;;
 47.1498 -	srlz.i					// guarantee that interruption collection is on
 47.1499 +	srlz.i				// guarantee that interruption 
 47.1500 +					//   collection is on
 47.1501  	;;
 47.1502 -(p15)	ssm psr.i				// restore psr.i
 47.1503 -	adds r3=8,r2				// set up second base pointer
 47.1504 +(p15)	ssm psr.i			// restore psr.i
 47.1505 +	adds r3=8,r2			// set up second base pointer
 47.1506  	;;
 47.1507  	SAVE_REST
 47.1508  	movl r14=ia64_leave_kernel
 47.1509  	;;
 47.1510  	mov rp=r14
 47.1511 -//	br.sptk.many ia64_prepare_handle_unaligned
 47.1512 -    br.call.sptk.many b6=ia64_handle_unaligned
 47.1513 +//	br.sptk.many ia64_prepare_handle_unaligned // TODO: why commented out?
 47.1514 +    	br.call.sptk.many b6=ia64_handle_unaligned
 47.1515  END(dispatch_unaligned_handler)
 47.1516  #endif
 47.1517  
 47.1518  	.org ia64_ivt+0x4c00
 47.1519 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1520 +//////////////////////////////////////////////////////////////////////////
 47.1521  // 0x4c00 Entry 19 (size 64 bundles) Reserved
 47.1522  	DBG_FAULT(19)
 47.1523  	FAULT(19)
 47.1524  
 47.1525  	/*
 47.1526 -	 * There is no particular reason for this code to be here, other than that
 47.1527 -	 * there happens to be space here that would go unused otherwise.  If this
 47.1528 -	 * fault ever gets "unreserved", simply moved the following code to a more
 47.1529 -	 * suitable spot...
 47.1530 +	 * There is no particular reason for this code to be here, other 
 47.1531 +	 * than that there happens to be space here that would go unused 
 47.1532 +	 * otherwise.  If this fault ever gets "unreserved", simply move
 47.1533 +	 * the following code to a more suitable spot...
 47.1534  	 */
 47.1535  
 47.1536  GLOBAL_ENTRY(dispatch_to_fault_handler)
 47.1537 @@ -1545,10 +1625,12 @@ GLOBAL_ENTRY(dispatch_to_fault_handler)
 47.1538  	;;
 47.1539  	ssm psr.ic | PSR_DEFAULT_BITS
 47.1540  	;;
 47.1541 -	srlz.i					// guarantee that interruption collection is on
 47.1542 +	srlz.i				// guarantee that interruption 
 47.1543 +					//   collection is on
 47.1544  	;;
 47.1545 -(p15)	ssm psr.i				// restore psr.i
 47.1546 -	adds r3=8,r2				// set up second base pointer for SAVE_REST
 47.1547 +(p15)	ssm psr.i			// restore psr.i
 47.1548 +	adds r3=8,r2			// set up second base pointer for
 47.1549 +					//   SAVE_REST
 47.1550  	;;
 47.1551  	SAVE_REST
 47.1552  	movl r14=ia64_leave_kernel
 47.1553 @@ -1562,7 +1644,7 @@ END(dispatch_to_fault_handler)
 47.1554  //
 47.1555  
 47.1556  	.org ia64_ivt+0x5000
 47.1557 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1558 +//////////////////////////////////////////////////////////////////////////
 47.1559  // 0x5000 Entry 20 (size 16 bundles) Page Not Present (10,22,49)
 47.1560  ENTRY(page_not_present)
 47.1561  	DBG_FAULT(20)
 47.1562 @@ -1572,8 +1654,9 @@ ENTRY(page_not_present)
 47.1563  	mov r16=cr.ifa
 47.1564  	rsm psr.dt
 47.1565  	/*
 47.1566 -	 * The Linux page fault handler doesn't expect non-present pages to be in
 47.1567 -	 * the TLB.  Flush the existing entry now, so we meet that expectation.
 47.1568 +	 * The Linux page fault handler doesn't expect non-present pages
 47.1569 +	 * to be in the TLB.  Flush the existing entry now, so we meet 
 47.1570 +	 * that expectation.
 47.1571  	 */
 47.1572  	mov r17=PAGE_SHIFT<<2
 47.1573  	;;
 47.1574 @@ -1586,7 +1669,7 @@ ENTRY(page_not_present)
 47.1575  END(page_not_present)
 47.1576  
 47.1577  	.org ia64_ivt+0x5100
 47.1578 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1579 +//////////////////////////////////////////////////////////////////////////
 47.1580  // 0x5100 Entry 21 (size 16 bundles) Key Permission (13,25,52)
 47.1581  ENTRY(key_permission)
 47.1582  	DBG_FAULT(21)
 47.1583 @@ -1603,7 +1686,7 @@ ENTRY(key_permission)
 47.1584  END(key_permission)
 47.1585  
 47.1586  	.org ia64_ivt+0x5200
 47.1587 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1588 +//////////////////////////////////////////////////////////////////////////
 47.1589  // 0x5200 Entry 22 (size 16 bundles) Instruction Access Rights (26)
 47.1590  ENTRY(iaccess_rights)
 47.1591  	DBG_FAULT(22)
 47.1592 @@ -1620,17 +1703,19 @@ ENTRY(iaccess_rights)
 47.1593  END(iaccess_rights)
 47.1594  
 47.1595  	.org ia64_ivt+0x5300
 47.1596 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1597 +//////////////////////////////////////////////////////////////////////////
 47.1598  // 0x5300 Entry 23 (size 16 bundles) Data Access Rights (14,53)
 47.1599  ENTRY(daccess_rights)
 47.1600  	DBG_FAULT(23)
 47.1601  #ifdef XEN
 47.1602 -	mov r31=pr;
 47.1603 +	mov r31=pr
 47.1604 +	;;
 47.1605  	mov r16=cr.isr
 47.1606  	mov r17=cr.ifa
 47.1607  	mov r19=23
 47.1608  	movl r20=0x5300
 47.1609 -	br.sptk.many fast_access_reflect;;
 47.1610 +	br.sptk.many fast_access_reflect
 47.1611 +	;;
 47.1612  #else
 47.1613  	mov r16=cr.ifa
 47.1614  	rsm psr.dt
 47.1615 @@ -1642,7 +1727,7 @@ ENTRY(daccess_rights)
 47.1616  END(daccess_rights)
 47.1617  
 47.1618  	.org ia64_ivt+0x5400
 47.1619 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1620 +//////////////////////////////////////////////////////////////////////////
 47.1621  // 0x5400 Entry 24 (size 16 bundles) General Exception (5,32,34,36,38,39)
 47.1622  ENTRY(general_exception)
 47.1623  	DBG_FAULT(24)
 47.1624 @@ -1662,12 +1747,12 @@ ENTRY(general_exception)
 47.1625  END(general_exception)
 47.1626  
 47.1627  	.org ia64_ivt+0x5500
 47.1628 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1629 +//////////////////////////////////////////////////////////////////////////
 47.1630  // 0x5500 Entry 25 (size 16 bundles) Disabled FP-Register (35)
 47.1631  ENTRY(disabled_fp_reg)
 47.1632  	DBG_FAULT(25)
 47.1633  #ifdef XEN
 47.1634 -#if 0
 47.1635 +#if 0				// TODO: can this be removed?
 47.1636  	mov r20=pr
 47.1637  	movl r16=0x2000000000000000
 47.1638  	movl r17=0x2000000000176b60
 47.1639 @@ -1686,7 +1771,7 @@ ENTRY(disabled_fp_reg)
 47.1640  	;;
 47.1641  #endif
 47.1642  	FAULT_OR_REFLECT(25)
 47.1643 -//floating_panic:
 47.1644 +//floating_panic:		// TODO: can this be removed?
 47.1645  //	br.sptk.many floating_panic
 47.1646  	;;
 47.1647  #endif
 47.1648 @@ -1699,7 +1784,7 @@ ENTRY(disabled_fp_reg)
 47.1649  END(disabled_fp_reg)
 47.1650  
 47.1651  	.org ia64_ivt+0x5600
 47.1652 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1653 +//////////////////////////////////////////////////////////////////////////
 47.1654  // 0x5600 Entry 26 (size 16 bundles) Nat Consumption (11,23,37,50)
 47.1655  ENTRY(nat_consumption)
 47.1656  	DBG_FAULT(26)
 47.1657 @@ -1711,7 +1796,7 @@ ENTRY(nat_consumption)
 47.1658  END(nat_consumption)
 47.1659  
 47.1660  	.org ia64_ivt+0x5700
 47.1661 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1662 +//////////////////////////////////////////////////////////////////////////
 47.1663  // 0x5700 Entry 27 (size 16 bundles) Speculation (40)
 47.1664  ENTRY(speculation_vector)
 47.1665  	DBG_FAULT(27)
 47.1666 @@ -1720,12 +1805,13 @@ ENTRY(speculation_vector)
 47.1667  	FAULT_OR_REFLECT(27)
 47.1668  #else
 47.1669  	/*
 47.1670 -	 * A [f]chk.[as] instruction needs to take the branch to the recovery code but
 47.1671 -	 * this part of the architecture is not implemented in hardware on some CPUs, such
 47.1672 -	 * as Itanium.  Thus, in general we need to emulate the behavior.  IIM contains
 47.1673 -	 * the relative target (not yet sign extended).  So after sign extending it we
 47.1674 -	 * simply add it to IIP.  We also need to reset the EI field of the IPSR to zero,
 47.1675 -	 * i.e., the slot to restart into.
 47.1676 +	 * A [f]chk.[as] instruction needs to take the branch to the
 47.1677 +	 * recovery code but this part of the architecture is not 
 47.1678 +	 * implemented in hardware on some CPUs, such as Itanium.  Thus,
 47.1679 +	 * in general we need to emulate the behavior.  IIM contains the
 47.1680 +	 * relative target (not yet sign extended).  So after sign extending 
 47.1681 +	 * it we simply add it to IIP.  We also need to reset the EI field
 47.1682 +	 * of the IPSR to zero, i.e., the slot to restart into.
 47.1683  	 *
 47.1684  	 * cr.imm contains zero_ext(imm21)
 47.1685  	 */
 47.1686 @@ -1753,13 +1839,13 @@ ENTRY(speculation_vector)
 47.1687  END(speculation_vector)
 47.1688  
 47.1689  	.org ia64_ivt+0x5800
 47.1690 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1691 +//////////////////////////////////////////////////////////////////////////
 47.1692  // 0x5800 Entry 28 (size 16 bundles) Reserved
 47.1693  	DBG_FAULT(28)
 47.1694  	FAULT(28)
 47.1695  
 47.1696  	.org ia64_ivt+0x5900
 47.1697 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1698 +//////////////////////////////////////////////////////////////////////////
 47.1699  // 0x5900 Entry 29 (size 16 bundles) Debug (16,28,56)
 47.1700  ENTRY(debug_vector)
 47.1701  	DBG_FAULT(29)
 47.1702 @@ -1771,7 +1857,7 @@ ENTRY(debug_vector)
 47.1703  END(debug_vector)
 47.1704  
 47.1705  	.org ia64_ivt+0x5a00
 47.1706 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1707 +//////////////////////////////////////////////////////////////////////////
 47.1708  // 0x5a00 Entry 30 (size 16 bundles) Unaligned Reference (57)
 47.1709  ENTRY(unaligned_access)
 47.1710  	DBG_FAULT(30)
 47.1711 @@ -1786,7 +1872,7 @@ ENTRY(unaligned_access)
 47.1712  END(unaligned_access)
 47.1713  
 47.1714  	.org ia64_ivt+0x5b00
 47.1715 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1716 +//////////////////////////////////////////////////////////////////////////
 47.1717  // 0x5b00 Entry 31 (size 16 bundles) Unsupported Data Reference (57)
 47.1718  ENTRY(unsupported_data_reference)
 47.1719  	DBG_FAULT(31)
 47.1720 @@ -1798,7 +1884,7 @@ ENTRY(unsupported_data_reference)
 47.1721  END(unsupported_data_reference)
 47.1722  
 47.1723  	.org ia64_ivt+0x5c00
 47.1724 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1725 +//////////////////////////////////////////////////////////////////////////
 47.1726  // 0x5c00 Entry 32 (size 16 bundles) Floating-Point Fault (64)
 47.1727  ENTRY(floating_point_fault)
 47.1728  	DBG_FAULT(32)
 47.1729 @@ -1810,7 +1896,7 @@ ENTRY(floating_point_fault)
 47.1730  END(floating_point_fault)
 47.1731  
 47.1732  	.org ia64_ivt+0x5d00
 47.1733 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1734 +//////////////////////////////////////////////////////////////////////////
 47.1735  // 0x5d00 Entry 33 (size 16 bundles) Floating Point Trap (66)
 47.1736  ENTRY(floating_point_trap)
 47.1737  	DBG_FAULT(33)
 47.1738 @@ -1822,7 +1908,7 @@ ENTRY(floating_point_trap)
 47.1739  END(floating_point_trap)
 47.1740  
 47.1741  	.org ia64_ivt+0x5e00
 47.1742 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1743 +//////////////////////////////////////////////////////////////////////////
 47.1744  // 0x5e00 Entry 34 (size 16 bundles) Lower Privilege Transfer Trap (66)
 47.1745  ENTRY(lower_privilege_trap)
 47.1746  	DBG_FAULT(34)
 47.1747 @@ -1834,7 +1920,7 @@ ENTRY(lower_privilege_trap)
 47.1748  END(lower_privilege_trap)
 47.1749  
 47.1750  	.org ia64_ivt+0x5f00
 47.1751 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1752 +//////////////////////////////////////////////////////////////////////////
 47.1753  // 0x5f00 Entry 35 (size 16 bundles) Taken Branch Trap (68)
 47.1754  ENTRY(taken_branch_trap)
 47.1755  	DBG_FAULT(35)
 47.1756 @@ -1846,7 +1932,7 @@ ENTRY(taken_branch_trap)
 47.1757  END(taken_branch_trap)
 47.1758  
 47.1759  	.org ia64_ivt+0x6000
 47.1760 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1761 +//////////////////////////////////////////////////////////////////////////
 47.1762  // 0x6000 Entry 36 (size 16 bundles) Single Step Trap (69)
 47.1763  ENTRY(single_step_trap)
 47.1764  	DBG_FAULT(36)
 47.1765 @@ -1858,56 +1944,58 @@ ENTRY(single_step_trap)
 47.1766  END(single_step_trap)
 47.1767  
 47.1768  	.org ia64_ivt+0x6100
 47.1769 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1770 +//////////////////////////////////////////////////////////////////////////
 47.1771  // 0x6100 Entry 37 (size 16 bundles) Reserved
 47.1772  	DBG_FAULT(37)
 47.1773  	FAULT(37)
 47.1774  
 47.1775  	.org ia64_ivt+0x6200
 47.1776 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1777 +//////////////////////////////////////////////////////////////////////////
 47.1778  // 0x6200 Entry 38 (size 16 bundles) Reserved
 47.1779  	DBG_FAULT(38)
 47.1780  	FAULT(38)
 47.1781  
 47.1782  	.org ia64_ivt+0x6300
 47.1783 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1784 +//////////////////////////////////////////////////////////////////////////
 47.1785  // 0x6300 Entry 39 (size 16 bundles) Reserved
 47.1786  	DBG_FAULT(39)
 47.1787  	FAULT(39)
 47.1788  
 47.1789  	.org ia64_ivt+0x6400
 47.1790 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1791 +//////////////////////////////////////////////////////////////////////////
 47.1792  // 0x6400 Entry 40 (size 16 bundles) Reserved
 47.1793  	DBG_FAULT(40)
 47.1794  	FAULT(40)
 47.1795  
 47.1796  	.org ia64_ivt+0x6500
 47.1797 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1798 +//////////////////////////////////////////////////////////////////////////
 47.1799  // 0x6500 Entry 41 (size 16 bundles) Reserved
 47.1800  	DBG_FAULT(41)
 47.1801  	FAULT(41)
 47.1802  
 47.1803  	.org ia64_ivt+0x6600
 47.1804 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1805 +//////////////////////////////////////////////////////////////////////////
 47.1806  // 0x6600 Entry 42 (size 16 bundles) Reserved
 47.1807  	DBG_FAULT(42)
 47.1808  	FAULT(42)
 47.1809  
 47.1810  	.org ia64_ivt+0x6700
 47.1811 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1812 +//////////////////////////////////////////////////////////////////////////
 47.1813  // 0x6700 Entry 43 (size 16 bundles) Reserved
 47.1814  	DBG_FAULT(43)
 47.1815  	FAULT(43)
 47.1816  
 47.1817  	.org ia64_ivt+0x6800
 47.1818 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1819 +//////////////////////////////////////////////////////////////////////////
 47.1820  // 0x6800 Entry 44 (size 16 bundles) Reserved
 47.1821  	DBG_FAULT(44)
 47.1822  	FAULT(44)
 47.1823  
 47.1824  	.org ia64_ivt+0x6900
 47.1825 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1826 -// 0x6900 Entry 45 (size 16 bundles) IA-32 Exeception (17,18,29,41,42,43,44,58,60,61,62,72,73,75,76,77)
 47.1827 +//////////////////////////////////////////////////////////////////////////
 47.1828 +// 0x6900 Entry 45 (size 16 bundles) IA-32 Exeception (17,18,29,41,42,43,
 47.1829 +//						       44,58,60,61,62,72,
 47.1830 +//						       73,75,76,77)
 47.1831  ENTRY(ia32_exception)
 47.1832  	DBG_FAULT(45)
 47.1833  #ifdef XEN
 47.1834 @@ -1918,7 +2006,7 @@ ENTRY(ia32_exception)
 47.1835  END(ia32_exception)
 47.1836  
 47.1837  	.org ia64_ivt+0x6a00
 47.1838 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1839 +//////////////////////////////////////////////////////////////////////////
 47.1840  // 0x6a00 Entry 46 (size 16 bundles) IA-32 Intercept  (30,31,59,70,71)
 47.1841  ENTRY(ia32_intercept)
 47.1842  	DBG_FAULT(46)
 47.1843 @@ -1952,7 +2040,7 @@ 1:
 47.1844  END(ia32_intercept)
 47.1845  
 47.1846  	.org ia64_ivt+0x6b00
 47.1847 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1848 +//////////////////////////////////////////////////////////////////////////
 47.1849  // 0x6b00 Entry 47 (size 16 bundles) IA-32 Interrupt  (74)
 47.1850  ENTRY(ia32_interrupt)
 47.1851  	DBG_FAULT(47)
 47.1852 @@ -1969,121 +2057,121 @@ ENTRY(ia32_interrupt)
 47.1853  END(ia32_interrupt)
 47.1854  
 47.1855  	.org ia64_ivt+0x6c00
 47.1856 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1857 +//////////////////////////////////////////////////////////////////////////
 47.1858  // 0x6c00 Entry 48 (size 16 bundles) Reserved
 47.1859  	DBG_FAULT(48)
 47.1860  	FAULT(48)
 47.1861  
 47.1862  	.org ia64_ivt+0x6d00
 47.1863 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1864 +//////////////////////////////////////////////////////////////////////////
 47.1865  // 0x6d00 Entry 49 (size 16 bundles) Reserved
 47.1866  	DBG_FAULT(49)
 47.1867  	FAULT(49)
 47.1868  
 47.1869  	.org ia64_ivt+0x6e00
 47.1870 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1871 +//////////////////////////////////////////////////////////////////////////
 47.1872  // 0x6e00 Entry 50 (size 16 bundles) Reserved
 47.1873  	DBG_FAULT(50)
 47.1874  	FAULT(50)
 47.1875  
 47.1876  	.org ia64_ivt+0x6f00
 47.1877 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1878 +//////////////////////////////////////////////////////////////////////////
 47.1879  // 0x6f00 Entry 51 (size 16 bundles) Reserved
 47.1880  	DBG_FAULT(51)
 47.1881  	FAULT(51)
 47.1882  
 47.1883  	.org ia64_ivt+0x7000
 47.1884 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1885 +//////////////////////////////////////////////////////////////////////////
 47.1886  // 0x7000 Entry 52 (size 16 bundles) Reserved
 47.1887  	DBG_FAULT(52)
 47.1888  	FAULT(52)
 47.1889  
 47.1890  	.org ia64_ivt+0x7100
 47.1891 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1892 +//////////////////////////////////////////////////////////////////////////
 47.1893  // 0x7100 Entry 53 (size 16 bundles) Reserved
 47.1894  	DBG_FAULT(53)
 47.1895  	FAULT(53)
 47.1896  
 47.1897  	.org ia64_ivt+0x7200
 47.1898 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1899 +//////////////////////////////////////////////////////////////////////////
 47.1900  // 0x7200 Entry 54 (size 16 bundles) Reserved
 47.1901  	DBG_FAULT(54)
 47.1902  	FAULT(54)
 47.1903  
 47.1904  	.org ia64_ivt+0x7300
 47.1905 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1906 +//////////////////////////////////////////////////////////////////////////
 47.1907  // 0x7300 Entry 55 (size 16 bundles) Reserved
 47.1908  	DBG_FAULT(55)
 47.1909  	FAULT(55)
 47.1910  
 47.1911  	.org ia64_ivt+0x7400
 47.1912 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1913 +//////////////////////////////////////////////////////////////////////////
 47.1914  // 0x7400 Entry 56 (size 16 bundles) Reserved
 47.1915  	DBG_FAULT(56)
 47.1916  	FAULT(56)
 47.1917  
 47.1918  	.org ia64_ivt+0x7500
 47.1919 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1920 +//////////////////////////////////////////////////////////////////////////
 47.1921  // 0x7500 Entry 57 (size 16 bundles) Reserved
 47.1922  	DBG_FAULT(57)
 47.1923  	FAULT(57)
 47.1924  
 47.1925  	.org ia64_ivt+0x7600
 47.1926 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1927 +//////////////////////////////////////////////////////////////////////////
 47.1928  // 0x7600 Entry 58 (size 16 bundles) Reserved
 47.1929  	DBG_FAULT(58)
 47.1930  	FAULT(58)
 47.1931  
 47.1932  	.org ia64_ivt+0x7700
 47.1933 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1934 +//////////////////////////////////////////////////////////////////////////
 47.1935  // 0x7700 Entry 59 (size 16 bundles) Reserved
 47.1936  	DBG_FAULT(59)
 47.1937  	FAULT(59)
 47.1938  
 47.1939  	.org ia64_ivt+0x7800
 47.1940 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1941 +//////////////////////////////////////////////////////////////////////////
 47.1942  // 0x7800 Entry 60 (size 16 bundles) Reserved
 47.1943  	DBG_FAULT(60)
 47.1944  	FAULT(60)
 47.1945  
 47.1946  	.org ia64_ivt+0x7900
 47.1947 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1948 +//////////////////////////////////////////////////////////////////////////
 47.1949  // 0x7900 Entry 61 (size 16 bundles) Reserved
 47.1950  	DBG_FAULT(61)
 47.1951  	FAULT(61)
 47.1952  
 47.1953  	.org ia64_ivt+0x7a00
 47.1954 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1955 +//////////////////////////////////////////////////////////////////////////
 47.1956  // 0x7a00 Entry 62 (size 16 bundles) Reserved
 47.1957  	DBG_FAULT(62)
 47.1958  	FAULT(62)
 47.1959  
 47.1960  	.org ia64_ivt+0x7b00
 47.1961 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1962 +//////////////////////////////////////////////////////////////////////////
 47.1963  // 0x7b00 Entry 63 (size 16 bundles) Reserved
 47.1964  	DBG_FAULT(63)
 47.1965  	FAULT(63)
 47.1966  
 47.1967  	.org ia64_ivt+0x7c00
 47.1968 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1969 +//////////////////////////////////////////////////////////////////////////
 47.1970  // 0x7c00 Entry 64 (size 16 bundles) Reserved
 47.1971  	DBG_FAULT(64)
 47.1972  	FAULT(64)
 47.1973  
 47.1974  	.org ia64_ivt+0x7d00
 47.1975 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1976 +//////////////////////////////////////////////////////////////////////////
 47.1977  // 0x7d00 Entry 65 (size 16 bundles) Reserved
 47.1978  	DBG_FAULT(65)
 47.1979  	FAULT(65)
 47.1980  
 47.1981  	.org ia64_ivt+0x7e00
 47.1982 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1983 +//////////////////////////////////////////////////////////////////////////
 47.1984  // 0x7e00 Entry 66 (size 16 bundles) Reserved
 47.1985  	DBG_FAULT(66)
 47.1986  	FAULT(66)
 47.1987  
 47.1988  	.org ia64_ivt+0x7f00
 47.1989 -/////////////////////////////////////////////////////////////////////////////////////////
 47.1990 +//////////////////////////////////////////////////////////////////////////
 47.1991  // 0x7f00 Entry 67 (size 16 bundles) Reserved
 47.1992  	DBG_FAULT(67)
 47.1993  	FAULT(67)
 47.1994 @@ -2104,21 +2192,22 @@ GLOBAL_ENTRY(dispatch_reflection)
 47.1995  	adds out1=16,sp
 47.1996  	mov out2=cr.isr
 47.1997  	mov out3=cr.iim
 47.1998 -//	mov out3=cr.itir
 47.1999 +//	mov out3=cr.itir		// TODO: why commented out?
 47.2000  
 47.2001  	ssm psr.ic | PSR_DEFAULT_BITS
 47.2002  	;;
 47.2003 -	srlz.i					// guarantee that interruption collection is on
 47.2004 +	srlz.i				// guarantee that interruption 
 47.2005 +					//   collection is on
 47.2006  	;;
 47.2007 -(p15)	ssm psr.i				// restore psr.i
 47.2008 -	adds r3=8,r2				// set up second base pointer
 47.2009 +(p15)	ssm psr.i			// restore psr.i
 47.2010 +	adds r3=8,r2			// set up second base pointer
 47.2011  	;;
 47.2012  	SAVE_REST
 47.2013  	movl r14=ia64_leave_kernel
 47.2014  	;;
 47.2015  	mov rp=r14
 47.2016 -//	br.sptk.many ia64_prepare_handle_reflection
 47.2017 -    br.call.sptk.many b6=ia64_handle_reflection
 47.2018 +//	br.sptk.many ia64_prepare_handle_reflection // TODO: why commented out?
 47.2019 +    	br.call.sptk.many b6=ia64_handle_reflection
 47.2020  END(dispatch_reflection)
 47.2021  
 47.2022  #define SAVE_MIN_COVER_DONE	DO_SAVE_MIN(,mov r30=cr.ifs,)
 47.2023 @@ -2134,10 +2223,10 @@ END(dispatch_slow_hyperprivop)
 47.2024  #ifdef CONFIG_IA32_SUPPORT
 47.2025  
 47.2026  	/*
 47.2027 -	 * There is no particular reason for this code to be here, other than that
 47.2028 -	 * there happens to be space here that would go unused otherwise.  If this
 47.2029 -	 * fault ever gets "unreserved", simply moved the following code to a more
 47.2030 -	 * suitable spot...
 47.2031 +	 * There is no particular reason for this code to be here, other 
 47.2032 +	 * than that there happens to be space here that would go unused 
 47.2033 +	 * otherwise.  If this fault ever gets "unreserved", simply move
 47.2034 +	 * the following code to a more suitable spot...
 47.2035  	 */
 47.2036  
 47.2037  	// IA32 interrupt entry point
 47.2038 @@ -2148,7 +2237,7 @@ ENTRY(dispatch_to_ia32_handler)
 47.2039  	mov r14=cr.isr
 47.2040  	ssm psr.ic | PSR_DEFAULT_BITS
 47.2041  	;;
 47.2042 -	srlz.i					// guarantee that interruption collection is on
 47.2043 +	srlz.i			// guarantee that interruption collection is on
 47.2044  	;;
 47.2045  (p15)	ssm psr.i
 47.2046  	adds r3=8,r2		// Base pointer for SAVE_REST
 47.2047 @@ -2161,15 +2250,17 @@ ENTRY(dispatch_to_ia32_handler)
 47.2048  	cmp.ne p6,p0=r14,r15
 47.2049  (p6)	br.call.dpnt.many b6=non_ia32_syscall
 47.2050  
 47.2051 -	adds r14=IA64_PT_REGS_R8_OFFSET + 16,sp	// 16 byte hole per SW conventions
 47.2052 +	adds r14=IA64_PT_REGS_R8_OFFSET + 16,sp	// 16 byte hole per SW 
 47.2053 +						//   conventions
 47.2054  	adds r15=IA64_PT_REGS_R1_OFFSET + 16,sp
 47.2055  	;;
 47.2056  	cmp.eq pSys,pNonSys=r0,r0 // set pSys=1, pNonSys=0
 47.2057  	ld8 r8=[r14]		// get r8
 47.2058  	;;
 47.2059 -	st8 [r15]=r8		// save original EAX in r1 (IA32 procs don't use the GP)
 47.2060 +	st8 [r15]=r8		// save original EAX in r1 (IA32 procs 
 47.2061 +				//   don't use the GP)
 47.2062  	;;
 47.2063 -	alloc r15=ar.pfs,0,0,6,0	// must first in an insn group
 47.2064 +	alloc r15=ar.pfs,0,0,6,0	// must be first in an insn group
 47.2065  	;;
 47.2066  	ld4 r8=[r14],8		// r8 == eax (syscall number)
 47.2067  	mov r15=IA32_NR_syscalls
 47.2068 @@ -2208,7 +2299,7 @@ non_ia32_syscall:
 47.2069  	alloc r15=ar.pfs,0,0,2,0
 47.2070  	mov out0=r14				// interrupt #
 47.2071  	add out1=16,sp				// pointer to pt_regs
 47.2072 -	;;			// avoid WAW on CFM
 47.2073 +	;;					// avoid WAW on CFM
 47.2074  	br.call.sptk.many rp=ia32_bad_interrupt
 47.2075  .ret1:	movl r15=ia64_leave_kernel
 47.2076  	;;
    48.1 --- a/xen/arch/ia64/xen/mm.c	Wed Aug 30 14:09:31 2006 -0500
    48.2 +++ b/xen/arch/ia64/xen/mm.c	Wed Aug 30 22:36:18 2006 +0100
    48.3 @@ -166,7 +166,8 @@
    48.4  #include <xen/sched.h>
    48.5  #include <xen/domain.h>
    48.6  #include <asm/xentypes.h>
    48.7 -#include <asm/mm.h>
    48.8 +#include <xen/mm.h>
    48.9 +#include <xen/errno.h>
   48.10  #include <asm/pgalloc.h>
   48.11  #include <asm/vhpt.h>
   48.12  #include <asm/vcpu.h>
   48.13 @@ -948,8 +949,6 @@ efi_mmio(unsigned long physaddr, unsigne
   48.14                  return 1;
   48.15              }
   48.16  
   48.17 -            DPRINTK("%s:%d physaddr 0x%lx size = 0x%lx\n",
   48.18 -                    __func__, __LINE__, physaddr, size);
   48.19              return 0;
   48.20          }
   48.21  
   48.22 @@ -970,8 +969,10 @@ assign_domain_mmio_page(struct domain *d
   48.23                  __func__, d, mpaddr, size);
   48.24      }
   48.25      if (!efi_mmio(mpaddr, size)) {
   48.26 +#ifndef NDEBUG
   48.27          DPRINTK("%s:%d domain %p mpaddr 0x%lx size = 0x%lx\n",
   48.28                  __func__, __LINE__, d, mpaddr, size);
   48.29 +#endif
   48.30          return -EINVAL;
   48.31      }
   48.32      assign_domain_same_page(d, mpaddr, size, ASSIGN_writable | ASSIGN_nocache);
    49.1 --- a/xen/arch/ia64/xen/pcdp.c	Wed Aug 30 14:09:31 2006 -0500
    49.2 +++ b/xen/arch/ia64/xen/pcdp.c	Wed Aug 30 22:36:18 2006 +0100
    49.3 @@ -18,6 +18,7 @@
    49.4  #ifdef XEN
    49.5  #include <linux/efi.h>
    49.6  #include <linux/errno.h>
    49.7 +#include <asm/io.h>
    49.8  #include <asm/iosapic.h>
    49.9  #include <asm/system.h>
   49.10  #include <acpi/acpi.h>
    50.1 --- a/xen/arch/ia64/xen/privop.c	Wed Aug 30 14:09:31 2006 -0500
    50.2 +++ b/xen/arch/ia64/xen/privop.c	Wed Aug 30 22:36:18 2006 +0100
    50.3 @@ -13,7 +13,7 @@
    50.4  #include <asm/dom_fw.h>
    50.5  #include <asm/vhpt.h>
    50.6  #include <asm/bundle.h>
    50.7 -#include <asm/privop_stat.h>
    50.8 +#include <xen/perfc.h>
    50.9  
   50.10  long priv_verbose=0;
   50.11  unsigned long privop_trace = 0;
   50.12 @@ -682,7 +682,7 @@ priv_emulate(VCPU *vcpu, REGS *regs, UIN
   50.13  		return IA64_ILLOP_FAULT;
   50.14  	}
   50.15  	//if (isrcode != 1 && isrcode != 2) return 0;
   50.16 -	privlvl = (ipsr & IA64_PSR_CPL) >> IA64_PSR_CPL0_BIT;
   50.17 +	privlvl = ia64_get_cpl(ipsr);
   50.18  	// its OK for a privified-cover to be executed in user-land
   50.19  	fault = priv_handle_op(vcpu,regs,privlvl);
   50.20  	if ((fault == IA64_NO_FAULT) || (fault == IA64_EXTINT_VECTOR)) { // success!!
    51.1 --- a/xen/arch/ia64/xen/privop_stat.c	Wed Aug 30 14:09:31 2006 -0500
    51.2 +++ b/xen/arch/ia64/xen/privop_stat.c	Wed Aug 30 22:36:18 2006 +0100
    51.3 @@ -1,26 +1,55 @@
    51.4 +#include <xen/lib.h>
    51.5 +#include <public/xen.h>
    51.6 +#include <xen/perfc.h>
    51.7 +#include <asm/atomic.h>
    51.8  #include <asm/privop_stat.h>
    51.9 -#include <asm/vhpt.h>
   51.10 -#include <xen/lib.h>
   51.11 -#include <asm/uaccess.h>
   51.12  
   51.13 -#ifdef PRIVOP_ADDR_COUNT
   51.14 -#define PRIVOP_COUNT_NINSTS 2
   51.15 -#define PRIVOP_COUNT_NADDRS 30
   51.16 +#ifdef CONFIG_PRIVOP_ADDRS
   51.17  
   51.18  struct privop_addr_count {
   51.19 -	const char *instname;
   51.20  	unsigned long addr[PRIVOP_COUNT_NADDRS];
   51.21 -	unsigned long count[PRIVOP_COUNT_NADDRS];
   51.22 -	unsigned long overflow;
   51.23 +	unsigned int count[PRIVOP_COUNT_NADDRS];
   51.24 +	unsigned int overflow;
   51.25 +	atomic_t *perfc_addr;
   51.26 +	atomic_t *perfc_count;
   51.27 +	atomic_t *perfc_overflow;
   51.28  };
   51.29  
   51.30 +#undef  PERFCOUNTER
   51.31 +#define PERFCOUNTER(var, name)
   51.32  
   51.33 -static struct privop_addr_count privop_addr_counter[PRIVOP_COUNT_NINSTS] = {
   51.34 -	[_GET_IFA] = { "=ifa",  { 0 }, { 0 }, 0 },
   51.35 -	[_THASH] = { "thash", { 0 }, { 0 }, 0 }
   51.36 +#undef  PERFCOUNTER_CPU
   51.37 +#define PERFCOUNTER_CPU(var, name)
   51.38 +
   51.39 +#undef  PERFCOUNTER_ARRAY
   51.40 +#define PERFCOUNTER_ARRAY(var, name, size)
   51.41 +
   51.42 +#undef  PERFSTATUS
   51.43 +#define PERFSTATUS(var, name)
   51.44 +
   51.45 +#undef  PERFSTATUS_CPU
   51.46 +#define PERFSTATUS_CPU(var, name)
   51.47 +
   51.48 +#undef  PERFSTATUS_ARRAY
   51.49 +#define PERFSTATUS_ARRAY(var, name, size)
   51.50 +
   51.51 +#undef PERFPRIVOPADDR
   51.52 +#define PERFPRIVOPADDR(name)                        \
   51.53 +    {                                               \
   51.54 +        { 0 }, { 0 }, 0,                            \
   51.55 +        perfcounters.privop_addr_##name##_addr,     \
   51.56 +        perfcounters.privop_addr_##name##_count,    \
   51.57 +        perfcounters.privop_addr_##name##_overflow  \
   51.58 +    },
   51.59 +
   51.60 +static struct privop_addr_count privop_addr_counter[] = {
   51.61 +#include <asm/perfc_defn.h>
   51.62  };
   51.63  
   51.64 -void privop_count_addr(unsigned long iip, int inst)
   51.65 +#define PRIVOP_COUNT_NINSTS \
   51.66 +        (sizeof(privop_addr_counter) / sizeof(privop_addr_counter[0]))
   51.67 +
   51.68 +void privop_count_addr(unsigned long iip, enum privop_inst inst)
   51.69  {
   51.70  	struct privop_addr_count *v = &privop_addr_counter[inst];
   51.71  	int i;
   51.72 @@ -41,29 +70,28 @@ void privop_count_addr(unsigned long iip
   51.73  	v->overflow++;;
   51.74  }
   51.75  
   51.76 -static int dump_privop_addrs(char *buf)
   51.77 +void gather_privop_addrs(void)
   51.78  {
   51.79  	int i, j;
   51.80 -	char *s = buf;
   51.81 -	s += sprintf(s, "Privop addresses:\n");
   51.82 +	atomic_t *v;
   51.83  	for (i = 0; i < PRIVOP_COUNT_NINSTS; i++) {
   51.84 -		struct privop_addr_count *v = &privop_addr_counter[i];
   51.85 -		s += sprintf(s, "%s:\n", v->instname);
   51.86 -		for (j = 0; j < PRIVOP_COUNT_NADDRS; j++) {
   51.87 -			if (!v->addr[j])
   51.88 -				break;
   51.89 -			s += sprintf(s, " at 0x%lx #%ld\n",
   51.90 -			             v->addr[j], v->count[j]);
   51.91 -		}
   51.92 -		if (v->overflow) 
   51.93 -			s += sprintf(s, " other #%ld\n", v->overflow);
   51.94 +		/* Note: addresses are truncated!  */
   51.95 +		v = privop_addr_counter[i].perfc_addr;
   51.96 +		for (j = 0; j < PRIVOP_COUNT_NADDRS; j++)
   51.97 +			atomic_set(&v[j], privop_addr_counter[i].addr[j]);
   51.98 +
   51.99 +		v = privop_addr_counter[i].perfc_count;
  51.100 +		for (j = 0; j < PRIVOP_COUNT_NADDRS; j++)
  51.101 +			atomic_set(&v[j], privop_addr_counter[i].count[j]);
  51.102 +		
  51.103 +		atomic_set(privop_addr_counter[i].perfc_overflow,
  51.104 +		           privop_addr_counter[i].overflow);
  51.105  	}
  51.106 -	return s - buf;
  51.107  }
  51.108  
  51.109 -static void zero_privop_addrs(void)
  51.110 +void reset_privop_addrs(void)
  51.111  {
  51.112 -	int i,j;
  51.113 +	int i, j;
  51.114  	for (i = 0; i < PRIVOP_COUNT_NINSTS; i++) {
  51.115  		struct privop_addr_count *v = &privop_addr_counter[i];
  51.116  		for (j = 0; j < PRIVOP_COUNT_NADDRS; j++)
  51.117 @@ -119,30 +147,3 @@ static const char * const hyperpriv_str[
  51.118  	"=rr", "rr=", "kr=", "fc", "=cpuid", "=pmd", "=ar.eflg", "ar.eflg="
  51.119  };
  51.120  #endif
  51.121 -
  51.122 -#define TMPBUFLEN 8*1024
  51.123 -int dump_privop_counts_to_user(char __user *ubuf, int len)
  51.124 -{
  51.125 -	char buf[TMPBUFLEN];
  51.126 -	int n;
  51.127 -
  51.128 -	if (len < TMPBUFLEN)
  51.129 -		return -1;
  51.130 -
  51.131 -	n = 0;
  51.132 -#ifdef PRIVOP_ADDR_COUNT
  51.133 -	n += dump_privop_addrs(buf + n);
  51.134 -#endif
  51.135 -	n += dump_vhpt_stats(buf + n);
  51.136 -	if (__copy_to_user(ubuf,buf,n))
  51.137 -		return -1;
  51.138 -	return n;
  51.139 -}
  51.140 -
  51.141 -int zero_privop_counts_to_user(char __user *ubuf, int len)
  51.142 -{
  51.143 -#ifdef PRIVOP_ADDR_COUNT
  51.144 -	zero_privop_addrs();
  51.145 -#endif
  51.146 -	return 0;
  51.147 -}
    52.1 --- a/xen/arch/ia64/xen/vcpu.c	Wed Aug 30 14:09:31 2006 -0500
    52.2 +++ b/xen/arch/ia64/xen/vcpu.c	Wed Aug 30 22:36:18 2006 +0100
    52.3 @@ -8,6 +8,7 @@
    52.4  
    52.5  #include <linux/sched.h>
    52.6  #include <public/xen.h>
    52.7 +#include <xen/mm.h>
    52.8  #include <asm/ia64_int.h>
    52.9  #include <asm/vcpu.h>
   52.10  #include <asm/regionreg.h>
   52.11 @@ -22,6 +23,7 @@
   52.12  #include <asm/vmx_phy_mode.h>
   52.13  #include <asm/bundle.h>
   52.14  #include <asm/privop_stat.h>
   52.15 +#include <asm/uaccess.h>
   52.16  
   52.17  /* FIXME: where these declarations should be there ? */
   52.18  extern void getreg(unsigned long regnum, unsigned long *val, int *nat, struct pt_regs *regs);
   52.19 @@ -473,7 +475,7 @@ IA64FAULT vcpu_get_iip(VCPU *vcpu, UINT6
   52.20  
   52.21  IA64FAULT vcpu_get_ifa(VCPU *vcpu, UINT64 *pval)
   52.22  {
   52.23 -	PRIVOP_COUNT_ADDR(vcpu_regs(vcpu),_GET_IFA);
   52.24 +	PRIVOP_COUNT_ADDR(vcpu_regs(vcpu), privop_inst_get_ifa);
   52.25  	*pval = PSCB(vcpu,ifa);
   52.26  	return (IA64_NO_FAULT);
   52.27  }
   52.28 @@ -540,7 +542,7 @@ IA64FAULT vcpu_get_iim(VCPU *vcpu, UINT6
   52.29  
   52.30  IA64FAULT vcpu_get_iha(VCPU *vcpu, UINT64 *pval)
   52.31  {
   52.32 -	PRIVOP_COUNT_ADDR(vcpu_regs(vcpu),_THASH);
   52.33 +	PRIVOP_COUNT_ADDR(vcpu_regs(vcpu), privop_inst_thash);
   52.34  	*pval = PSCB(vcpu,iha);
   52.35  	return (IA64_NO_FAULT);
   52.36  }
   52.37 @@ -2215,3 +2217,28 @@ IA64FAULT vcpu_ptr_i(VCPU *vcpu,UINT64 v
   52.38  
   52.39  	return IA64_NO_FAULT;
   52.40  }
   52.41 +
   52.42 +int ia64_map_hypercall_param(void)
   52.43 +{
   52.44 +	struct vcpu *v = current;
   52.45 +	struct domain *d = current->domain;
   52.46 +	u64 vaddr = v->arch.hypercall_param.va & PAGE_MASK;
   52.47 +	volatile pte_t* pte;
   52.48 +
   52.49 +	if (v->arch.hypercall_param.va == 0)
   52.50 +		return FALSE;
   52.51 +	pte = lookup_noalloc_domain_pte(d, v->arch.hypercall_param.pa1);
   52.52 +	if (!pte || !pte_present(*pte))
   52.53 +		return FALSE;
   52.54 +	vcpu_itc_no_srlz(v, 2, vaddr, pte_val(*pte), -1UL, PAGE_SHIFT);
   52.55 +	if (v->arch.hypercall_param.pa2) {
   52.56 +		vaddr += PAGE_SIZE;
   52.57 +		pte = lookup_noalloc_domain_pte(d, v->arch.hypercall_param.pa2);
   52.58 +		if (pte && pte_present(*pte)) {
   52.59 +			vcpu_itc_no_srlz(v, 2, vaddr, pte_val(*pte),
   52.60 +			                 -1UL, PAGE_SHIFT);
   52.61 +		}
   52.62 +	}
   52.63 +	ia64_srlz_d();
   52.64 +	return TRUE;
   52.65 +}
    53.1 --- a/xen/arch/ia64/xen/vhpt.c	Wed Aug 30 14:09:31 2006 -0500
    53.2 +++ b/xen/arch/ia64/xen/vhpt.c	Wed Aug 30 22:36:18 2006 +0100
    53.3 @@ -261,13 +261,12 @@ void flush_tlb_mask(cpumask_t mask)
    53.4              (cpu, (void (*)(void *))flush_tlb_vhpt_all, NULL, 1, 1);
    53.5  }
    53.6  
    53.7 -int dump_vhpt_stats(char *buf)
    53.8 +#ifdef PERF_COUNTERS
    53.9 +void gather_vhpt_stats(void)
   53.10  {
   53.11  	int i, cpu;
   53.12 -	char *s = buf;
   53.13  
   53.14 -	s += sprintf(s,"VHPT usage (%ld entries):\n",
   53.15 -		     (unsigned long) VHPT_NUM_ENTRIES);
   53.16 +	perfc_set(vhpt_nbr_entries, VHPT_NUM_ENTRIES);
   53.17  
   53.18  	for_each_present_cpu (cpu) {
   53.19  		struct vhpt_lf_entry *v = __va(per_cpu(vhpt_paddr, cpu));
   53.20 @@ -276,8 +275,7 @@ int dump_vhpt_stats(char *buf)
   53.21  		for (i = 0; i < VHPT_NUM_ENTRIES; i++, v++)
   53.22  			if (!(v->ti_tag & INVALID_TI_TAG))
   53.23  				vhpt_valid++;
   53.24 -		s += sprintf(s,"  cpu %d: %ld\n", cpu, vhpt_valid);
   53.25 +		perfc_seta(vhpt_valid_entries, cpu, vhpt_valid);
   53.26  	}
   53.27 -
   53.28 -	return s - buf;
   53.29  }
   53.30 +#endif
    54.1 --- a/xen/arch/ia64/xen/xen.lds.S	Wed Aug 30 14:09:31 2006 -0500
    54.2 +++ b/xen/arch/ia64/xen/xen.lds.S	Wed Aug 30 22:36:18 2006 +0100
    54.3 @@ -169,7 +169,9 @@ SECTIONS
    54.4  	  *(.data.gate)
    54.5  	  __stop_gate_section = .;
    54.6  	}
    54.7 -  . = ALIGN(PAGE_SIZE);		/* make sure the gate page doesn't expose kernel data */
    54.8 +  . = ALIGN(PAGE_SIZE);		/* make sure the gate page doesn't expose
    54.9 +  				 * kernel data
   54.10 +				 */
   54.11  
   54.12    .data.cacheline_aligned : AT(ADDR(.data.cacheline_aligned) - LOAD_OFFSET)
   54.13          { *(.data.cacheline_aligned) }
   54.14 @@ -184,7 +186,9 @@ SECTIONS
   54.15  		*(.data.percpu)
   54.16  		__per_cpu_end = .;
   54.17  	}
   54.18 -  . = __phys_per_cpu_start + PERCPU_PAGE_SIZE;	/* ensure percpu data fits into percpu page size */
   54.19 +  . = __phys_per_cpu_start + PERCPU_PAGE_SIZE;	/* ensure percpu data fits
   54.20 +  					         * into percpu page size
   54.21 +						 */
   54.22  
   54.23    data : { } :data
   54.24    .data : AT(ADDR(.data) - LOAD_OFFSET)
    55.1 --- a/xen/arch/ia64/xen/xenasm.S	Wed Aug 30 14:09:31 2006 -0500
    55.2 +++ b/xen/arch/ia64/xen/xenasm.S	Wed Aug 30 22:36:18 2006 +0100
    55.3 @@ -31,7 +31,7 @@
    55.4  //  loc0=rp, loc1=ar.pfs, loc2=percpu_paddr, loc3=psr, loc4=ar.rse
    55.5  //  loc5=pal_vaddr, loc6=xen_paddr, loc7=shared_archinfo_paddr,
    55.6  GLOBAL_ENTRY(ia64_new_rr7)
    55.7 -	// not sure this unwind statement is correct...
    55.8 +	// FIXME? not sure this unwind statement is correct...
    55.9  	.prologue ASM_UNW_PRLG_RP|ASM_UNW_PRLG_PFS, ASM_UNW_PRLG_GRSAVE(1)
   55.10  	alloc loc1 = ar.pfs, 5, 8, 0, 0
   55.11  	movl loc2=PERCPU_ADDR
   55.12 @@ -162,7 +162,7 @@ 1:
   55.13  	dep r25=0,loc5,60,4		// convert pal vaddr to paddr
   55.14  	;;
   55.15  	ptr.i	loc5,r23
   55.16 -	or r25=r25,r26		// construct PA | page properties
   55.17 +	or r25=r25,r26			// construct PA | page properties
   55.18  	mov cr.itir=r23
   55.19  	mov cr.ifa=loc5
   55.20  	;;
   55.21 @@ -191,10 +191,10 @@ GLOBAL_ENTRY(ia64_prepare_handle_privop)
   55.22  	 */
   55.23  	mov r16=r0
   55.24  	DO_SAVE_SWITCH_STACK
   55.25 -	br.call.sptk.many rp=ia64_handle_privop		// stack frame setup in ivt
   55.26 +	br.call.sptk.many rp=ia64_handle_privop	// stack frame setup in ivt
   55.27  .ret22:	.body
   55.28  	DO_LOAD_SWITCH_STACK
   55.29 -	br.cond.sptk.many rp				// goes to ia64_leave_kernel
   55.30 +	br.cond.sptk.many rp			// goes to ia64_leave_kernel
   55.31  END(ia64_prepare_handle_privop)
   55.32  
   55.33  GLOBAL_ENTRY(ia64_prepare_handle_break)
   55.34 @@ -217,7 +217,7 @@ GLOBAL_ENTRY(ia64_prepare_handle_reflect
   55.35  	 */
   55.36  	mov r16=r0
   55.37  	DO_SAVE_SWITCH_STACK
   55.38 -	br.call.sptk.many rp=ia64_handle_reflection	// stack frame setup in ivt
   55.39 +	br.call.sptk.many rp=ia64_handle_reflection // stack frame setup in ivt
   55.40  .ret24:	.body
   55.41  	DO_LOAD_SWITCH_STACK
   55.42  	br.cond.sptk.many rp			// goes to ia64_leave_kernel
   55.43 @@ -301,7 +301,7 @@ 1:	cmp.eq p7,p8=1,r32		/* PAL_CACHE_FLUS
   55.44  (p8)	br.cond.sptk.few 1f
   55.45  #if 0
   55.46  	mov r9=ar.lc
   55.47 -	movl r8=524288			/* flush 512k million cache lines (16MB) */
   55.48 +	movl r8=524288		/* flush 512k million cache lines (16MB) */
   55.49  	;;
   55.50  	mov ar.lc=r8
   55.51  	movl r8=0xe000000000000000
   55.52 @@ -319,7 +319,9 @@ 1:	cmp.eq p7,p8=1,r32		/* PAL_CACHE_FLUS
   55.53  1:	cmp.eq p7,p8=15,r32		/* PAL_PERF_MON_INFO */
   55.54  (p8)	br.cond.sptk.few 1f
   55.55  	mov r8=0			/* status = 0 */
   55.56 -	movl r9 =0x08122f04		/* generic=4 width=47 retired=8 cycles=18 */
   55.57 +	movl r9 =0x08122f04		/* generic=4 width=47 retired=8 
   55.58 +					 * cycles=18
   55.59 +					 */
   55.60  	mov r10=0			/* reserved */
   55.61  	mov r11=0			/* reserved */
   55.62  	mov r16=0xffff			/* implemented PMC */
   55.63 @@ -361,8 +363,8 @@ stacked:
   55.64  END(pal_emulator_static)
   55.65  
   55.66  //  These instructions are copied in the domains.
   55.67 -//  This is the virtual PAL, which simply does an hypercall.
   55.68 -//  The size is 2 bunldes (32 Bytes).  It handles both static and stacked
   55.69 +//  This is the virtual PAL, which simply does a hypercall.
   55.70 +//  The size is 2 bundles (32 Bytes).  It handles both static and stacked
   55.71  //    convention.
   55.72  //  If you modify this code, you have to modify dom_fw.h (for the size) and
   55.73  //   dom_fw_pal_hypercall_patch.
   55.74 @@ -376,7 +378,7 @@ GLOBAL_ENTRY(pal_call_stub)
   55.75  	}
   55.76  	{
   55.77  	 .mbb
   55.78 -	break 0x1000	//  Hypercall vector (Value is patched).
   55.79 +	break 0x1000		//  Hypercall vector (Value is patched).
   55.80  (p7)	br.cond.sptk.few rp
   55.81  (p8)	br.ret.sptk.few rp
   55.82  	}
    56.1 --- a/xen/arch/ia64/xen/xensetup.c	Wed Aug 30 14:09:31 2006 -0500
    56.2 +++ b/xen/arch/ia64/xen/xensetup.c	Wed Aug 30 22:36:18 2006 +0100
    56.3 @@ -26,11 +26,6 @@
    56.4  #include <linux/efi.h>
    56.5  #include <asm/iosapic.h>
    56.6  
    56.7 -/* Be sure the struct shared_info size is <= XSI_SIZE.  */
    56.8 -#if SHARED_INFO_SIZE > XSI_SIZE
    56.9 -#error "struct shared_info bigger than XSI_SIZE"
   56.10 -#endif
   56.11 -
   56.12  unsigned long xenheap_phys_end, total_pages;
   56.13  
   56.14  char saved_command_line[COMMAND_LINE_SIZE];
   56.15 @@ -258,6 +253,9 @@ void start_kernel(void)
   56.16      int i;
   56.17  #endif
   56.18  
   56.19 +    /* Be sure the struct shared_info size is <= XSI_SIZE.  */
   56.20 +    BUILD_BUG_ON(sizeof(struct shared_info) > XSI_SIZE);
   56.21 +
   56.22      running_on_sim = is_platform_hp_ski();
   56.23      /* Kernel may be relocated by EFI loader */
   56.24      xen_pstart = ia64_tpa(KERNEL_START);
   56.25 @@ -289,6 +287,7 @@ void start_kernel(void)
   56.26          ia64_boot_param->initrd_size = 0;
   56.27      }
   56.28  
   56.29 +    printk("Xen command line: %s\n", saved_command_line);
   56.30      /* xenheap should be in same TR-covered range with xen image */
   56.31      xenheap_phys_end = xen_pstart + xenheap_size;
   56.32      printk("xen image pstart: 0x%lx, xenheap pend: 0x%lx\n",
   56.33 @@ -518,9 +517,6 @@ printk("num_online_cpus=%d, max_cpus=%d\
   56.34    			0) != 0)
   56.35          panic("Could not set up DOM0 guest OS\n");
   56.36  
   56.37 -    /* PIN domain0 on CPU 0.  */
   56.38 -    dom0->vcpu[0]->cpu_affinity = cpumask_of_cpu(0);
   56.39 -
   56.40      if (!running_on_sim)  // slow on ski and pages are pre-initialized to zero
   56.41  	scrub_heap_pages();
   56.42  
    57.1 --- a/xen/arch/ia64/xen/xentime.c	Wed Aug 30 14:09:31 2006 -0500
    57.2 +++ b/xen/arch/ia64/xen/xentime.c	Wed Aug 30 22:36:18 2006 +0100
    57.3 @@ -109,6 +109,7 @@ void
    57.4  xen_timer_interrupt (int irq, void *dev_id, struct pt_regs *regs)
    57.5  {
    57.6  	unsigned long new_itm, old_itc;
    57.7 +	int f_setitm = 0;
    57.8  
    57.9  #if 0
   57.10  #define HEARTBEAT_FREQ 16	// period in seconds
   57.11 @@ -129,11 +130,12 @@ xen_timer_interrupt (int irq, void *dev_
   57.12  			vcpu_pend_timer(current);
   57.13  			// ensure another timer interrupt happens even if domain doesn't
   57.14  			vcpu_set_next_timer(current);
   57.15 +			f_setitm = 1;
   57.16  		}
   57.17  
   57.18  	new_itm = local_cpu_data->itm_next;
   57.19  
   57.20 -	if (!VMX_DOMAIN(current) && !time_after(ia64_get_itc(), new_itm))
   57.21 +	if (f_setitm && !time_after(ia64_get_itc(), new_itm)) 
   57.22  		return;
   57.23  
   57.24  	while (1) {
    58.1 --- a/xen/arch/x86/physdev.c	Wed Aug 30 14:09:31 2006 -0500
    58.2 +++ b/xen/arch/x86/physdev.c	Wed Aug 30 22:36:18 2006 +0100
    58.3 @@ -96,10 +96,11 @@ long do_physdev_op(int cmd, XEN_GUEST_HA
    58.4          if ( !IS_PRIV(current->domain) )
    58.5              break;
    58.6  
    58.7 +        irq = irq_op.irq;
    58.8          ret = -EINVAL;
    58.9 -        if ( (irq = irq_op.irq) >= NR_IRQS )
   58.10 +        if ( (irq < 0) || (irq >= NR_IRQS) )
   58.11              break;
   58.12 -        
   58.13 +
   58.14          irq_op.vector = assign_irq_vector(irq);
   58.15          ret = copy_to_guest(arg, &irq_op, 1) ? -EFAULT : 0;
   58.16          break;
    59.1 --- a/xen/include/asm-ia64/config.h	Wed Aug 30 14:09:31 2006 -0500
    59.2 +++ b/xen/include/asm-ia64/config.h	Wed Aug 30 22:36:18 2006 +0100
    59.3 @@ -37,6 +37,12 @@
    59.4  
    59.5  #define MAX_DMADOM_PFN (0x7FFFFFFFUL >> PAGE_SHIFT) /* 31 addressable bits */
    59.6  
    59.7 +/* If PERFC is used, include privop maps.  */
    59.8 +#ifdef PERF_COUNTERS
    59.9 +#define CONFIG_PRIVOP_ADDRS
   59.10 +#define PRIVOP_COUNT_NADDRS 30
   59.11 +#endif
   59.12 +
   59.13  #define CONFIG_VGA 1
   59.14  
   59.15  #ifndef __ASSEMBLY__
    60.1 --- a/xen/include/asm-ia64/dom_fw.h	Wed Aug 30 14:09:31 2006 -0500
    60.2 +++ b/xen/include/asm-ia64/dom_fw.h	Wed Aug 30 22:36:18 2006 +0100
    60.3 @@ -7,19 +7,32 @@
    60.4  
    60.5  #include <linux/efi.h>
    60.6  
    60.7 -#ifndef MB
    60.8 -#define MB (1024*1024)
    60.9 -#endif
   60.10 +/* Portion of guest physical memory space reserved for PAL/SAL/EFI/ACPI
   60.11 +   data and code.  */
   60.12 +#define FW_BASE_PADDR		0x0000UL
   60.13 +#define FW_END_PADDR		0x3000UL
   60.14  
   60.15  /* This is used to determined the portion of a domain's metaphysical memory
   60.16     space reserved for the hypercall patch table. */
   60.17 -//FIXME: experiment with smaller sizes
   60.18 -#define HYPERCALL_START	1UL*MB
   60.19 -#define HYPERCALL_END	2UL*MB
   60.20 +/* Map:
   60.21 +   Index           Addr
   60.22 +   0x0000-0x000f   0x0000-0x00ff  : unused
   60.23 +   0x0010-0x001f   0x0100-0x01ff  : EFI
   60.24 +   0x0080-0x008f   0x0800-0x08ff  : PAL/SAL
   60.25 +   0x0090-0x009f   0x0900-0x09ff  : FPSWA
   60.26 +*/
   60.27 +#define	FW_HYPERCALL_BASE_PADDR 0x0000UL
   60.28 +#define	FW_HYPERCALL_END_PADDR  0X1000UL
   60.29 +#define	FW_HYPERCALL_PADDR(index) (FW_HYPERCALL_BASE_PADDR + (16UL * index))
   60.30  
   60.31 -#define FW_HYPERCALL_BASE_PADDR HYPERCALL_START
   60.32 -#define	FW_HYPERCALL_END_PADDR HYPERCALL_END
   60.33 -#define	FW_HYPERCALL_PADDR(index) (FW_HYPERCALL_BASE_PADDR + (16UL * index))
   60.34 +/* Base and end guest physical address of ACPI tables.  */
   60.35 +#define FW_ACPI_BASE_PADDR	0x1000UL
   60.36 +#define FW_ACPI_END_PADDR	0x2000UL
   60.37 +
   60.38 +/* Base and end guest physical address of EFI and SAL (non-ACPI) tables.  */
   60.39 +#define FW_TABLES_BASE_PADDR	0x2000UL
   60.40 +#define FW_TABLES_END_PADDR	0x3000UL
   60.41 +
   60.42  
   60.43  /* Hypercalls number have a low part and a high part.
   60.44     The high part is the class (xen/pal/sal/efi).  */
   60.45 @@ -91,16 +104,16 @@
   60.46   */
   60.47  
   60.48  /* these are indexes into the runtime services table */
   60.49 -#define FW_HYPERCALL_EFI_GET_TIME_INDEX			0UL
   60.50 -#define FW_HYPERCALL_EFI_SET_TIME_INDEX			1UL
   60.51 -#define FW_HYPERCALL_EFI_GET_WAKEUP_TIME_INDEX		2UL
   60.52 -#define FW_HYPERCALL_EFI_SET_WAKEUP_TIME_INDEX		3UL
   60.53 -#define FW_HYPERCALL_EFI_SET_VIRTUAL_ADDRESS_MAP_INDEX	4UL
   60.54 -#define FW_HYPERCALL_EFI_GET_VARIABLE_INDEX		5UL
   60.55 -#define FW_HYPERCALL_EFI_GET_NEXT_VARIABLE_INDEX	6UL
   60.56 -#define FW_HYPERCALL_EFI_SET_VARIABLE_INDEX		7UL
   60.57 -#define FW_HYPERCALL_EFI_GET_NEXT_HIGH_MONO_COUNT_INDEX	8UL
   60.58 -#define FW_HYPERCALL_EFI_RESET_SYSTEM_INDEX		9UL
   60.59 +#define FW_HYPERCALL_EFI_GET_TIME_INDEX			0x10UL
   60.60 +#define FW_HYPERCALL_EFI_SET_TIME_INDEX			0x11UL
   60.61 +#define FW_HYPERCALL_EFI_GET_WAKEUP_TIME_INDEX		0x12UL
   60.62 +#define FW_HYPERCALL_EFI_SET_WAKEUP_TIME_INDEX		0x13UL
   60.63 +#define FW_HYPERCALL_EFI_SET_VIRTUAL_ADDRESS_MAP_INDEX	0x14UL
   60.64 +#define FW_HYPERCALL_EFI_GET_VARIABLE_INDEX		0x15UL
   60.65 +#define FW_HYPERCALL_EFI_GET_NEXT_VARIABLE_INDEX	0x16UL
   60.66 +#define FW_HYPERCALL_EFI_SET_VARIABLE_INDEX		0x17UL
   60.67 +#define FW_HYPERCALL_EFI_GET_NEXT_HIGH_MONO_COUNT_INDEX	0x18UL
   60.68 +#define FW_HYPERCALL_EFI_RESET_SYSTEM_INDEX		0x19UL
   60.69  
   60.70  /* these are hypercall numbers */
   60.71  #define FW_HYPERCALL_EFI_CALL				0x300UL
   60.72 @@ -150,14 +163,11 @@
   60.73  
   60.74  /* Hypercalls index bellow _FIRST_ARCH are reserved by Xen, while those above
   60.75     are for the architecture.
   60.76 -   Note: this limit was defined by Xen/ia64 (and not by Xen).²
   60.77 +   Note: this limit was defined by Xen/ia64 (and not by Xen).
   60.78       This can be renumbered safely.
   60.79  */
   60.80  #define FW_HYPERCALL_FIRST_ARCH		0x300UL
   60.81  
   60.82 -/* Xen/ia64 user hypercalls.  Only used for debugging.  */
   60.83 -#define FW_HYPERCALL_FIRST_USER		0xff00UL
   60.84 -
   60.85  /* Interrupt vector used for os boot rendez vous.  */
   60.86  #define XEN_SAL_BOOT_RENDEZ_VEC	0xF3
   60.87  
    61.1 --- a/xen/include/asm-ia64/domain.h	Wed Aug 30 14:09:31 2006 -0500
    61.2 +++ b/xen/include/asm-ia64/domain.h	Wed Aug 30 22:36:18 2006 +0100
    61.3 @@ -118,8 +118,6 @@ struct arch_domain {
    61.4   
    61.5      /* Address of SAL emulator data  */
    61.6      struct xen_sal_data *sal_data;
    61.7 -    /* SAL return point.  */
    61.8 -    unsigned long sal_return_addr;
    61.9  
   61.10      /* Address of efi_runtime_services_t (placed in domain memory)  */
   61.11      void *efi_runtime;
   61.12 @@ -137,11 +135,19 @@ struct arch_domain {
   61.13      atomic64_t shadow_fault_count;
   61.14  
   61.15      struct last_vcpu last_vcpu[NR_CPUS];
   61.16 +
   61.17 +    struct arch_vmx_domain arch_vmx; /* Virtual Machine Extensions */
   61.18  };
   61.19  #define INT_ENABLE_OFFSET(v) 		  \
   61.20      (sizeof(vcpu_info_t) * (v)->vcpu_id + \
   61.21      offsetof(vcpu_info_t, evtchn_upcall_mask))
   61.22  
   61.23 +struct hypercall_param {
   61.24 +    unsigned long va;
   61.25 +    unsigned long pa1;
   61.26 +    unsigned long pa2;
   61.27 +};
   61.28 +
   61.29  struct arch_vcpu {
   61.30      /* Save the state of vcpu.
   61.31         This is the first entry to speed up accesses.  */
   61.32 @@ -185,10 +191,14 @@ struct arch_vcpu {
   61.33      char irq_new_pending;
   61.34      char irq_new_condition;    // vpsr.i/vtpr change, check for pending VHPI
   61.35      char hypercall_continuation;
   61.36 +
   61.37 +    struct hypercall_param hypercall_param;  // used to remap a hypercall param
   61.38 +
   61.39      //for phycial  emulation
   61.40      unsigned long old_rsc;
   61.41      int mode_flags;
   61.42      fpswa_ret_t fpswa_ret;	/* save return values of FPSWA emulation */
   61.43 +    struct timer hlt_timer;
   61.44      struct arch_vmx_struct arch_vmx; /* Virtual Machine Extensions */
   61.45  
   61.46  #define INVALID_PROCESSOR       INT_MAX
    62.1 --- a/xen/include/asm-ia64/grant_table.h	Wed Aug 30 14:09:31 2006 -0500
    62.2 +++ b/xen/include/asm-ia64/grant_table.h	Wed Aug 30 22:36:18 2006 +0100
    62.3 @@ -35,7 +35,7 @@ void guest_physmap_add_page(struct domai
    62.4                            gnttab_shared_maddr((d), (t), (i)));          \
    62.5          (IA64_GRANT_TABLE_PADDR >> PAGE_SHIFT) + (i);})
    62.6  
    62.7 -#define gnttab_log_dirty(d, f) ((void)0)
    62.8 +#define gnttab_mark_dirty(d, f) ((void)f)
    62.9  
   62.10  static inline void gnttab_clear_flag(unsigned long nr, uint16_t *addr)
   62.11  {
    63.1 --- a/xen/include/asm-ia64/linux-xen/asm/processor.h	Wed Aug 30 14:09:31 2006 -0500
    63.2 +++ b/xen/include/asm-ia64/linux-xen/asm/processor.h	Wed Aug 30 22:36:18 2006 +0100
    63.3 @@ -717,6 +717,14 @@ prefetchw (const void *x)
    63.4  
    63.5  extern unsigned long boot_option_idle_override;
    63.6  
    63.7 +#ifdef XEN
    63.8 +static inline unsigned int
    63.9 +ia64_get_cpl(unsigned long psr)
   63.10 +{
   63.11 +  return (psr & IA64_PSR_CPL) >> IA64_PSR_CPL0_BIT;
   63.12 +}
   63.13 +#endif
   63.14 +
   63.15  #endif /* !__ASSEMBLY__ */
   63.16  
   63.17  #endif /* _ASM_IA64_PROCESSOR_H */
    64.1 --- a/xen/include/asm-ia64/linux-xen/linux/efi.h	Wed Aug 30 14:09:31 2006 -0500
    64.2 +++ b/xen/include/asm-ia64/linux-xen/linux/efi.h	Wed Aug 30 22:36:18 2006 +0100
    64.3 @@ -293,10 +293,6 @@ extern void *efi_get_pal_addr (void);
    64.4  extern void efi_map_pal_code (void);
    64.5  extern void efi_map_memmap(void);
    64.6  extern void efi_memmap_walk (efi_freemem_callback_t callback, void *arg);
    64.7 -#ifdef XEN
    64.8 -typedef int (*efi_walk_type_callback_t)(efi_memory_desc_t *md, void *arg);
    64.9 -extern void efi_memmap_walk_type(u32 type, efi_walk_type_callback_t callback, void *arg);
   64.10 -#endif
   64.11  extern void efi_gettimeofday (struct timespec *ts);
   64.12  extern void efi_enter_virtual_mode (void);	/* switch EFI to virtual mode, if possible */
   64.13  extern u64 efi_get_iobase (void);
    65.1 --- a/xen/include/asm-ia64/multicall.h	Wed Aug 30 14:09:31 2006 -0500
    65.2 +++ b/xen/include/asm-ia64/multicall.h	Wed Aug 30 22:36:18 2006 +0100
    65.3 @@ -2,6 +2,7 @@
    65.4  #define __ASM_IA64_MULTICALL_H__
    65.5  
    65.6  #include <public/xen.h>
    65.7 +#include <xen/errno.h>
    65.8  
    65.9  typedef unsigned long (*hypercall_t)(
   65.10  			unsigned long arg0,
   65.11 @@ -11,17 +12,20 @@ typedef unsigned long (*hypercall_t)(
   65.12  			unsigned long arg4,
   65.13  			unsigned long arg5);
   65.14  
   65.15 -extern hypercall_t ia64_hypercall_table[];
   65.16 +extern const hypercall_t ia64_hypercall_table[];
   65.17  
   65.18  static inline void do_multicall_call(multicall_entry_t *call)
   65.19  {
   65.20 -	call->result = (*ia64_hypercall_table[call->op])(
   65.21 +	if (call->op < NR_hypercalls)
   65.22 +		call->result = (*ia64_hypercall_table[call->op])(
   65.23  			call->args[0],
   65.24  			call->args[1],
   65.25  			call->args[2],
   65.26  			call->args[3],
   65.27  			call->args[4],
   65.28  			call->args[5]);
   65.29 +	else
   65.30 +		call->result = -ENOSYS;
   65.31  }
   65.32  
   65.33  #endif /* __ASM_IA64_MULTICALL_H__ */
    66.1 --- a/xen/include/asm-ia64/perfc.h	Wed Aug 30 14:09:31 2006 -0500
    66.2 +++ b/xen/include/asm-ia64/perfc.h	Wed Aug 30 22:36:18 2006 +0100
    66.3 @@ -1,16 +1,22 @@
    66.4  #ifndef __ASM_PERFC_H__
    66.5  #define __ASM_PERFC_H__
    66.6  
    66.7 -static inline void arch_perfc_printall (void)
    66.8 +#include <asm/vhpt.h>
    66.9 +#include <asm/privop_stat.h>
   66.10 +
   66.11 +static inline void arch_perfc_printall(void)
   66.12  {
   66.13  }
   66.14  
   66.15 -static inline void arch_perfc_reset (void)
   66.16 +static inline void arch_perfc_reset(void)
   66.17  {
   66.18 +  reset_privop_addrs();
   66.19  }
   66.20  
   66.21 -static inline void arch_perfc_gather (void)
   66.22 +static inline void arch_perfc_gather(void)
   66.23  {
   66.24 +  gather_vhpt_stats();
   66.25 +  gather_privop_addrs();
   66.26  }
   66.27  
   66.28  #endif
    67.1 --- a/xen/include/asm-ia64/perfc_defn.h	Wed Aug 30 14:09:31 2006 -0500
    67.2 +++ b/xen/include/asm-ia64/perfc_defn.h	Wed Aug 30 22:36:18 2006 +0100
    67.3 @@ -40,3 +40,20 @@ PERFCOUNTER_ARRAY(fast_hyperprivop,   "f
    67.4  
    67.5  PERFCOUNTER_ARRAY(slow_reflect,       "slow reflection", 0x80)
    67.6  PERFCOUNTER_ARRAY(fast_reflect,       "fast reflection", 0x80)
    67.7 +
    67.8 +PERFSTATUS(vhpt_nbr_entries,          "nbr of entries per VHPT")
    67.9 +PERFSTATUS_CPU(vhpt_valid_entries,    "nbr of valid entries in VHPT")
   67.10 +
   67.11 +#ifdef CONFIG_PRIVOP_ADDRS
   67.12 +#ifndef PERFPRIVOPADDR
   67.13 +#define PERFPRIVOPADDR(name) \
   67.14 +PERFSTATUS_ARRAY(privop_addr_##name##_addr, "privop-addrs addr " #name, \
   67.15 +                 PRIVOP_COUNT_NADDRS) \
   67.16 +PERFSTATUS_ARRAY(privop_addr_##name##_count, "privop-addrs count " #name, \
   67.17 +                 PRIVOP_COUNT_NADDRS) \
   67.18 +PERFSTATUS(privop_addr_##name##_overflow, "privop-addrs overflow " #name)
   67.19 +#endif
   67.20 +
   67.21 +PERFPRIVOPADDR(get_ifa)
   67.22 +PERFPRIVOPADDR(thash)
   67.23 +#endif
    68.1 --- a/xen/include/asm-ia64/privop_stat.h	Wed Aug 30 14:09:31 2006 -0500
    68.2 +++ b/xen/include/asm-ia64/privop_stat.h	Wed Aug 30 22:36:18 2006 +0100
    68.3 @@ -1,23 +1,48 @@
    68.4  #ifndef _XEN_UA64_PRIVOP_STAT_H
    68.5  #define _XEN_UA64_PRIVOP_STAT_H
    68.6 +#include <asm/config.h>
    68.7  #include <xen/types.h>
    68.8  #include <public/xen.h>
    68.9  
   68.10 -extern int dump_privop_counts_to_user(char *, int);
   68.11 -extern int zero_privop_counts_to_user(char *, int);
   68.12 +#ifdef CONFIG_PRIVOP_ADDRS
   68.13 +
   68.14 +extern void gather_privop_addrs(void);
   68.15 +extern void reset_privop_addrs(void);
   68.16 +
   68.17 +#undef  PERFCOUNTER
   68.18 +#define PERFCOUNTER(var, name)
   68.19  
   68.20 -#define PRIVOP_ADDR_COUNT
   68.21 +#undef  PERFCOUNTER_CPU
   68.22 +#define PERFCOUNTER_CPU(var, name)
   68.23 +
   68.24 +#undef  PERFCOUNTER_ARRAY
   68.25 +#define PERFCOUNTER_ARRAY(var, name, size)
   68.26 +
   68.27 +#undef  PERFSTATUS
   68.28 +#define PERFSTATUS(var, name)
   68.29  
   68.30 -#ifdef PRIVOP_ADDR_COUNT
   68.31 +#undef  PERFSTATUS_CPU
   68.32 +#define PERFSTATUS_CPU(var, name)
   68.33 +
   68.34 +#undef  PERFSTATUS_ARRAY
   68.35 +#define PERFSTATUS_ARRAY(var, name, size)
   68.36 +
   68.37 +#undef  PERFPRIVOPADDR
   68.38 +#define PERFPRIVOPADDR(name) privop_inst_##name,
   68.39  
   68.40 -/* INST argument of PRIVOP_COUNT_ADDR.  */
   68.41 -#define _GET_IFA 0
   68.42 -#define _THASH 1
   68.43 +enum privop_inst {
   68.44 +#include <asm/perfc_defn.h>
   68.45 +};
   68.46 +
   68.47 +#undef PERFPRIVOPADDR
   68.48 +
   68.49  #define	PRIVOP_COUNT_ADDR(regs,inst) privop_count_addr(regs->cr_iip,inst)
   68.50 -extern void privop_count_addr(unsigned long addr, int inst);
   68.51 +extern void privop_count_addr(unsigned long addr, enum privop_inst inst);
   68.52  
   68.53  #else
   68.54 -#define	PRIVOP_COUNT_ADDR(x,y) do {} while (0)
   68.55 +#define PRIVOP_COUNT_ADDR(x,y) do {} while (0)
   68.56 +#define gather_privop_addrs() do {} while (0)
   68.57 +#define reset_privop_addrs() do {} while (0)
   68.58  #endif
   68.59  
   68.60  #endif /* _XEN_UA64_PRIVOP_STAT_H */
    69.1 --- a/xen/include/asm-ia64/uaccess.h	Wed Aug 30 14:09:31 2006 -0500
    69.2 +++ b/xen/include/asm-ia64/uaccess.h	Wed Aug 30 22:36:18 2006 +0100
    69.3 @@ -211,16 +211,30 @@ extern void __put_user_unknown (void);
    69.4  extern unsigned long __must_check __copy_user (void __user *to, const void __user *from,
    69.5  					       unsigned long count);
    69.6  
    69.7 +extern int ia64_map_hypercall_param(void);
    69.8 +
    69.9  static inline unsigned long
   69.10  __copy_to_user (void __user *to, const void *from, unsigned long count)
   69.11  {
   69.12 -	return __copy_user(to, (void __user *) from, count);
   69.13 +	unsigned long len;
   69.14 +	len = __copy_user(to, (void __user *)from, count);
   69.15 +	if (len == 0)
   69.16 +		return 0;
   69.17 +	if (ia64_map_hypercall_param())
   69.18 +		len = __copy_user(to, (void __user *)from, count); /* retry */
   69.19 +	return len;
   69.20  }
   69.21  
   69.22  static inline unsigned long
   69.23  __copy_from_user (void *to, const void __user *from, unsigned long count)
   69.24  {
   69.25 -	return __copy_user((void __user *) to, from, count);
   69.26 +	unsigned long len;
   69.27 +	len = __copy_user((void __user *)to, from, count);
   69.28 +	if (len == 0)
   69.29 +		return 0;
   69.30 +	if (ia64_map_hypercall_param())
   69.31 +		len = __copy_user((void __user *) to, from, count); /* retry */
   69.32 +	return len;
   69.33  }
   69.34  
   69.35  #define __copy_to_user_inatomic		__copy_to_user
    70.1 --- a/xen/include/asm-ia64/vcpu.h	Wed Aug 30 14:09:31 2006 -0500
    70.2 +++ b/xen/include/asm-ia64/vcpu.h	Wed Aug 30 22:36:18 2006 +0100
    70.3 @@ -4,6 +4,7 @@
    70.4  // TODO: Many (or perhaps most) of these should eventually be
    70.5  // static inline functions
    70.6  
    70.7 +#include <asm/delay.h>
    70.8  #include <asm/fpu.h>
    70.9  #include <asm/tlb.h>
   70.10  #include <asm/ia64_int.h>
   70.11 @@ -15,6 +16,7 @@ typedef	int BOOLEAN;
   70.12  struct vcpu;
   70.13  typedef	struct vcpu VCPU;
   70.14  typedef cpu_user_regs_t REGS;
   70.15 +extern u64 cycle_to_ns(u64 cycle);
   70.16  
   70.17  /* Note: PSCB stands for Privilegied State Communication Block.  */
   70.18  #define VCPU(_v,_x)	(_v->arch.privregs->_x)
   70.19 @@ -183,6 +185,21 @@ itir_mask(UINT64 itir)
   70.20      return (~((1UL << itir_ps(itir)) - 1));
   70.21  }
   70.22  
   70.23 +static inline s64
   70.24 +vcpu_get_next_timer_ns(VCPU *vcpu)
   70.25 +{
   70.26 +    s64 vcpu_get_next_timer_ns;
   70.27 +    u64 d = PSCBX(vcpu, domain_itm);
   70.28 +    u64 now = ia64_get_itc();
   70.29 +
   70.30 +    if (d > now)
   70.31 +        vcpu_get_next_timer_ns = cycle_to_ns(d - now) + NOW();
   70.32 +    else
   70.33 +        vcpu_get_next_timer_ns = cycle_to_ns(local_cpu_data->itm_delta) + NOW();
   70.34 +
   70.35 +    return vcpu_get_next_timer_ns;
   70.36 +}
   70.37 +
   70.38  #define verbose(a...) do {if (vcpu_verbose) printf(a);} while(0)
   70.39  
   70.40  //#define vcpu_quick_region_check(_tr_regions,_ifa) 1
    71.1 --- a/xen/include/asm-ia64/vhpt.h	Wed Aug 30 14:09:31 2006 -0500
    71.2 +++ b/xen/include/asm-ia64/vhpt.h	Wed Aug 30 22:36:18 2006 +0100
    71.3 @@ -32,7 +32,7 @@ struct vhpt_lf_entry {
    71.4  #define INVALID_TI_TAG 0x8000000000000000L
    71.5  
    71.6  extern void vhpt_init (void);
    71.7 -extern int dump_vhpt_stats(char *buf);
    71.8 +extern void gather_vhpt_stats(void);
    71.9  extern void vhpt_multiple_insert(unsigned long vaddr, unsigned long pte,
   71.10  				 unsigned long logps);
   71.11  extern void vhpt_insert (unsigned long vadr, unsigned long pte,
    72.1 --- a/xen/include/asm-ia64/vmx.h	Wed Aug 30 14:09:31 2006 -0500
    72.2 +++ b/xen/include/asm-ia64/vmx.h	Wed Aug 30 22:36:18 2006 +0100
    72.3 @@ -35,7 +35,6 @@ extern void vmx_final_setup_guest(struct
    72.4  extern void vmx_save_state(struct vcpu *v);
    72.5  extern void vmx_load_state(struct vcpu *v);
    72.6  extern void vmx_setup_platform(struct domain *d);
    72.7 -extern void vmx_wait_io(void);
    72.8  extern void vmx_io_assist(struct vcpu *v);
    72.9  extern int ia64_hypercall (struct pt_regs *regs);
   72.10  extern void vmx_save_state(struct vcpu *v);
   72.11 @@ -53,19 +52,16 @@ extern void inject_guest_interruption(st
   72.12  extern void vmx_intr_assist(struct vcpu *v);
   72.13  extern void set_illegal_op_isr (struct vcpu *vcpu);
   72.14  extern void illegal_op (struct vcpu *vcpu);
   72.15 +extern void vmx_relinquish_guest_resources(struct domain *d);
   72.16  extern void vmx_relinquish_vcpu_resources(struct vcpu *v);
   72.17  extern void vmx_die_if_kernel(char *str, struct pt_regs *regs, long err);
   72.18 +extern void vmx_send_assist_req(struct vcpu *v);
   72.19  
   72.20  static inline vcpu_iodata_t *get_vio(struct domain *d, unsigned long cpu)
   72.21  {
   72.22      return &((shared_iopage_t *)d->arch.vmx_platform.shared_page_va)->vcpu_iodata[cpu];
   72.23  }
   72.24  
   72.25 -static inline int iopacket_port(struct vcpu *v)
   72.26 -{
   72.27 -    return get_vio(v->domain, v->vcpu_id)->vp_eport;
   72.28 -}
   72.29 -
   72.30  static inline shared_iopage_t *get_sp(struct domain *d)
   72.31  {
   72.32      return (shared_iopage_t *)d->arch.vmx_platform.shared_page_va;
    73.1 --- a/xen/include/asm-ia64/vmx_vcpu.h	Wed Aug 30 14:09:31 2006 -0500
    73.2 +++ b/xen/include/asm-ia64/vmx_vcpu.h	Wed Aug 30 22:36:18 2006 +0100
    73.3 @@ -239,12 +239,13 @@ vmx_vcpu_set_dcr(VCPU *vcpu, u64 val)
    73.4  {
    73.5      u64 mdcr, mask;
    73.6      VCPU(vcpu,dcr)=val;
    73.7 -    /* All vDCR bits will go to mDCR, except for be/pp bit */
    73.8 +    /* All vDCR bits will go to mDCR, except for be/pp/dm bits */
    73.9      mdcr = ia64_get_dcr();
   73.10 -    mask = IA64_DCR_BE | IA64_DCR_PP;
   73.11 +    /* Machine dcr.dm masked to handle guest ld.s on tr mapped page */
   73.12 +    mask = IA64_DCR_BE | IA64_DCR_PP | IA64_DCR_DM;
   73.13      mdcr = ( mdcr & mask ) | ( val & (~mask) );
   73.14      ia64_set_dcr( mdcr);
   73.15 -
   73.16 +    VMX(vcpu, mdcr) = mdcr;
   73.17      return IA64_NO_FAULT;
   73.18  }
   73.19  
    74.1 --- a/xen/include/asm-ia64/vmx_vpd.h	Wed Aug 30 14:09:31 2006 -0500
    74.2 +++ b/xen/include/asm-ia64/vmx_vpd.h	Wed Aug 30 22:36:18 2006 +0100
    74.3 @@ -27,6 +27,7 @@
    74.4  #include <asm/vtm.h>
    74.5  #include <asm/vmx_platform.h>
    74.6  #include <public/xen.h>
    74.7 +#include <xen/spinlock.h>
    74.8  
    74.9  #define VPD_SHIFT	17	/* 128K requirement */
   74.10  #define VPD_SIZE	(1 << VPD_SHIFT)
   74.11 @@ -72,6 +73,11 @@ struct ivt_debug{
   74.12  };
   74.13  #define IVT_DEBUG_MAX 128
   74.14  #endif
   74.15 +
   74.16 +struct arch_vmx_domain {
   74.17 +    spinlock_t virq_assist_lock; /* spinlock for pass virq */
   74.18 +};
   74.19 +
   74.20  struct arch_vmx_struct {
   74.21  //	vpd_t       *vpd;
   74.22      vtime_t	    vtm;
   74.23 @@ -89,13 +95,15 @@ struct arch_vmx_struct {
   74.24  //    unsigned long   mrr5;
   74.25  //    unsigned long   mrr6;
   74.26  //    unsigned long   mrr7;
   74.27 +    unsigned long   mdcr;
   74.28      unsigned long   mpta;
   74.29  //    unsigned long   rfi_pfs;
   74.30  //    unsigned long   rfi_iip;
   74.31  //    unsigned long   rfi_ipsr;
   74.32  //    unsigned long   rfi_ifs;
   74.33  //	unsigned long	in_service[4];	// vLsapic inservice IRQ bits
   74.34 -	unsigned long   flags;
   74.35 +    unsigned long   flags;
   74.36 +    unsigned long   xen_port;
   74.37  #ifdef VTI_DEBUG
   74.38      unsigned long  ivt_current;
   74.39      struct ivt_debug ivt_debug[IVT_DEBUG_MAX];
    75.1 --- a/xen/include/public/domctl.h	Wed Aug 30 14:09:31 2006 -0500
    75.2 +++ b/xen/include/public/domctl.h	Wed Aug 30 22:36:18 2006 +0100
    75.3 @@ -16,7 +16,7 @@
    75.4  
    75.5  #include "xen.h"
    75.6  
    75.7 -#define XEN_DOMCTL_INTERFACE_VERSION 0x00000001
    75.8 +#define XEN_DOMCTL_INTERFACE_VERSION 0x00000002
    75.9  
   75.10  #define uint64_t uint64_aligned_t
   75.11  
   75.12 @@ -72,8 +72,11 @@ DEFINE_XEN_GUEST_HANDLE(xen_domctl_getdo
   75.13  #define XEN_DOMCTL_getmemlist         6
   75.14  struct xen_domctl_getmemlist {
   75.15      /* IN variables. */
   75.16 +    /* Max entries to write to output buffer. */
   75.17      uint64_t max_pfns;
   75.18 -    XEN_GUEST_HANDLE_64(ulong) buffer;
   75.19 +    /* Start index in guest's page list. */
   75.20 +    uint64_t start_pfn;
   75.21 +    XEN_GUEST_HANDLE_64(xen_pfn_t) buffer;
   75.22      /* OUT variables. */
   75.23      uint64_t num_pfns;
   75.24  };
    76.1 --- a/xen/include/public/xen.h	Wed Aug 30 14:09:31 2006 -0500
    76.2 +++ b/xen/include/public/xen.h	Wed Aug 30 22:36:18 2006 +0100
    76.3 @@ -63,6 +63,7 @@
    76.4  #define __HYPERVISOR_hvm_op               34
    76.5  #define __HYPERVISOR_sysctl               35
    76.6  #define __HYPERVISOR_domctl               36
    76.7 +#define __HYPERVISOR_kexec_op             37
    76.8  
    76.9  /* Architecture-specific hypercall definitions. */
   76.10  #define __HYPERVISOR_arch_0               48