ia64/xen-unstable

changeset 7027:06d84bf87159

Merge latest xen-unstable into xen-ia64-unstable
author djm@kirby.fc.hp.com
date Thu Sep 22 11:42:01 2005 -0600 (2005-09-22)
parents 97dbd9524a7e 2f83ff9f6bd2
children b6ee1d1cdc93
files .hgignore Config.mk Makefile buildconfigs/Rules.mk buildconfigs/mk.linux-2.4-xenU buildconfigs/mk.linux-2.6-xen buildconfigs/mk.linux-2.6-xen0 buildconfigs/mk.linux-2.6-xenU docs/Doxyfile docs/Doxyfilter docs/Makefile docs/misc/sedf_scheduler_mini-HOWTO.txt docs/misc/vtpm.txt docs/pythfilter.py docs/src/interface.tex docs/src/interface/architecture.tex docs/src/interface/debugging.tex docs/src/interface/devices.tex docs/src/interface/further_info.tex docs/src/interface/hypercalls.tex docs/src/interface/memory.tex docs/src/interface/scheduling.tex docs/src/user.tex docs/src/user/build.tex docs/src/user/control_software.tex docs/src/user/debian.tex docs/src/user/domain_configuration.tex docs/src/user/domain_filesystem.tex docs/src/user/domain_mgmt.tex docs/src/user/glossary.tex docs/src/user/installation.tex docs/src/user/introduction.tex docs/src/user/redhat.tex docs/src/user/start_addl_dom.tex extras/mini-os/Makefile extras/mini-os/README extras/mini-os/domain_config extras/mini-os/events.c extras/mini-os/include/ctype.h extras/mini-os/include/err.h extras/mini-os/include/errno-base.h extras/mini-os/include/errno.h extras/mini-os/include/events.h extras/mini-os/include/fcntl.h extras/mini-os/include/hypervisor.h extras/mini-os/include/lib.h extras/mini-os/include/list.h extras/mini-os/include/mm.h extras/mini-os/include/os.h extras/mini-os/include/sched.h extras/mini-os/include/semaphore.h extras/mini-os/include/time.h extras/mini-os/include/traps.h extras/mini-os/include/types.h extras/mini-os/include/wait.h extras/mini-os/include/xenbus.h extras/mini-os/include/xmalloc.h extras/mini-os/kernel.c extras/mini-os/lib/printf.c extras/mini-os/lib/string.c extras/mini-os/lib/xmalloc.c extras/mini-os/mm.c extras/mini-os/sched.c extras/mini-os/time.c extras/mini-os/traps.c extras/mini-os/xenbus/Makefile extras/mini-os/xenbus/xenbus_comms.c extras/mini-os/xenbus/xenbus_comms.h extras/mini-os/xenbus/xenbus_xs.c linux-2.4-xen-sparse/Makefile linux-2.4-xen-sparse/arch/xen/Makefile linux-2.4-xen-sparse/arch/xen/boot/Makefile linux-2.4-xen-sparse/arch/xen/config.in linux-2.4-xen-sparse/arch/xen/defconfig-xen0 linux-2.4-xen-sparse/arch/xen/defconfig-xenU linux-2.4-xen-sparse/arch/xen/drivers/balloon/Makefile linux-2.4-xen-sparse/arch/xen/drivers/blkif/Makefile linux-2.4-xen-sparse/arch/xen/drivers/blkif/backend/Makefile linux-2.4-xen-sparse/arch/xen/drivers/blkif/frontend/Makefile linux-2.4-xen-sparse/arch/xen/drivers/blkif/frontend/common.h linux-2.4-xen-sparse/arch/xen/drivers/blkif/frontend/vbd.c linux-2.4-xen-sparse/arch/xen/drivers/console/Makefile linux-2.4-xen-sparse/arch/xen/drivers/dom0/Makefile linux-2.4-xen-sparse/arch/xen/drivers/evtchn/Makefile linux-2.4-xen-sparse/arch/xen/drivers/netif/Makefile linux-2.4-xen-sparse/arch/xen/drivers/netif/backend/Makefile linux-2.4-xen-sparse/arch/xen/drivers/netif/frontend/Makefile linux-2.4-xen-sparse/arch/xen/kernel/Makefile linux-2.4-xen-sparse/arch/xen/kernel/entry.S linux-2.4-xen-sparse/arch/xen/kernel/head.S linux-2.4-xen-sparse/arch/xen/kernel/i386_ksyms.c linux-2.4-xen-sparse/arch/xen/kernel/irq.c linux-2.4-xen-sparse/arch/xen/kernel/ldt.c linux-2.4-xen-sparse/arch/xen/kernel/pci-pc.c linux-2.4-xen-sparse/arch/xen/kernel/process.c linux-2.4-xen-sparse/arch/xen/kernel/setup.c linux-2.4-xen-sparse/arch/xen/kernel/signal.c linux-2.4-xen-sparse/arch/xen/kernel/time.c linux-2.4-xen-sparse/arch/xen/kernel/traps.c linux-2.4-xen-sparse/arch/xen/lib/Makefile linux-2.4-xen-sparse/arch/xen/lib/delay.c linux-2.4-xen-sparse/arch/xen/mm/Makefile linux-2.4-xen-sparse/arch/xen/mm/fault.c linux-2.4-xen-sparse/arch/xen/mm/init.c linux-2.4-xen-sparse/arch/xen/mm/ioremap.c linux-2.4-xen-sparse/arch/xen/vmlinux.lds linux-2.4-xen-sparse/drivers/block/ll_rw_blk.c linux-2.4-xen-sparse/drivers/char/Makefile linux-2.4-xen-sparse/drivers/char/mem.c linux-2.4-xen-sparse/drivers/char/tty_io.c linux-2.4-xen-sparse/drivers/scsi/aic7xxx/Makefile linux-2.4-xen-sparse/include/asm-xen/bugs.h linux-2.4-xen-sparse/include/asm-xen/desc.h linux-2.4-xen-sparse/include/asm-xen/fixmap.h linux-2.4-xen-sparse/include/asm-xen/highmem.h linux-2.4-xen-sparse/include/asm-xen/hw_irq.h linux-2.4-xen-sparse/include/asm-xen/io.h linux-2.4-xen-sparse/include/asm-xen/irq.h linux-2.4-xen-sparse/include/asm-xen/keyboard.h linux-2.4-xen-sparse/include/asm-xen/mmu_context.h linux-2.4-xen-sparse/include/asm-xen/module.h linux-2.4-xen-sparse/include/asm-xen/page.h linux-2.4-xen-sparse/include/asm-xen/pci.h linux-2.4-xen-sparse/include/asm-xen/pgalloc.h linux-2.4-xen-sparse/include/asm-xen/pgtable-2level.h linux-2.4-xen-sparse/include/asm-xen/pgtable.h linux-2.4-xen-sparse/include/asm-xen/processor.h linux-2.4-xen-sparse/include/asm-xen/queues.h linux-2.4-xen-sparse/include/asm-xen/segment.h linux-2.4-xen-sparse/include/asm-xen/smp.h linux-2.4-xen-sparse/include/asm-xen/system.h linux-2.4-xen-sparse/include/asm-xen/vga.h linux-2.4-xen-sparse/include/asm-xen/xor.h linux-2.4-xen-sparse/include/linux/blk.h linux-2.4-xen-sparse/include/linux/highmem.h linux-2.4-xen-sparse/include/linux/irq.h linux-2.4-xen-sparse/include/linux/mm.h linux-2.4-xen-sparse/include/linux/sched.h linux-2.4-xen-sparse/include/linux/skbuff.h linux-2.4-xen-sparse/include/linux/timer.h linux-2.4-xen-sparse/kernel/time.c linux-2.4-xen-sparse/kernel/timer.c linux-2.4-xen-sparse/mkbuildtree linux-2.4-xen-sparse/mm/highmem.c linux-2.4-xen-sparse/mm/memory.c linux-2.4-xen-sparse/mm/mprotect.c linux-2.4-xen-sparse/mm/mremap.c linux-2.4-xen-sparse/mm/page_alloc.c linux-2.4-xen-sparse/net/core/skbuff.c linux-2.6-xen-sparse/arch/xen/Kconfig linux-2.6-xen-sparse/arch/xen/Kconfig.drivers linux-2.6-xen-sparse/arch/xen/Makefile linux-2.6-xen-sparse/arch/xen/boot/Makefile linux-2.6-xen-sparse/arch/xen/configs/xen0_defconfig_x86_32 linux-2.6-xen-sparse/arch/xen/configs/xen0_defconfig_x86_64 linux-2.6-xen-sparse/arch/xen/configs/xenU_defconfig_x86_32 linux-2.6-xen-sparse/arch/xen/configs/xenU_defconfig_x86_64 linux-2.6-xen-sparse/arch/xen/configs/xen_defconfig_x86_32 linux-2.6-xen-sparse/arch/xen/configs/xen_defconfig_x86_64 linux-2.6-xen-sparse/arch/xen/i386/Kconfig linux-2.6-xen-sparse/arch/xen/i386/Makefile linux-2.6-xen-sparse/arch/xen/i386/kernel/Makefile linux-2.6-xen-sparse/arch/xen/i386/kernel/acpi/Makefile linux-2.6-xen-sparse/arch/xen/i386/kernel/acpi/boot.c linux-2.6-xen-sparse/arch/xen/i386/kernel/apic.c linux-2.6-xen-sparse/arch/xen/i386/kernel/cpu/Makefile linux-2.6-xen-sparse/arch/xen/i386/kernel/cpu/common.c linux-2.6-xen-sparse/arch/xen/i386/kernel/cpu/mtrr/Makefile linux-2.6-xen-sparse/arch/xen/i386/kernel/cpu/mtrr/main.c linux-2.6-xen-sparse/arch/xen/i386/kernel/entry.S linux-2.6-xen-sparse/arch/xen/i386/kernel/head.S linux-2.6-xen-sparse/arch/xen/i386/kernel/i386_ksyms.c linux-2.6-xen-sparse/arch/xen/i386/kernel/init_task.c linux-2.6-xen-sparse/arch/xen/i386/kernel/io_apic.c linux-2.6-xen-sparse/arch/xen/i386/kernel/ioport.c linux-2.6-xen-sparse/arch/xen/i386/kernel/irq.c linux-2.6-xen-sparse/arch/xen/i386/kernel/ldt.c linux-2.6-xen-sparse/arch/xen/i386/kernel/microcode.c linux-2.6-xen-sparse/arch/xen/i386/kernel/mpparse.c linux-2.6-xen-sparse/arch/xen/i386/kernel/pci-dma.c linux-2.6-xen-sparse/arch/xen/i386/kernel/process.c linux-2.6-xen-sparse/arch/xen/i386/kernel/setup.c linux-2.6-xen-sparse/arch/xen/i386/kernel/signal.c linux-2.6-xen-sparse/arch/xen/i386/kernel/smp.c linux-2.6-xen-sparse/arch/xen/i386/kernel/smpboot.c linux-2.6-xen-sparse/arch/xen/i386/kernel/swiotlb.c linux-2.6-xen-sparse/arch/xen/i386/kernel/time.c linux-2.6-xen-sparse/arch/xen/i386/kernel/traps.c linux-2.6-xen-sparse/arch/xen/i386/kernel/vsyscall.S linux-2.6-xen-sparse/arch/xen/i386/mach-default/Makefile linux-2.6-xen-sparse/arch/xen/i386/mm/Makefile linux-2.6-xen-sparse/arch/xen/i386/mm/fault.c linux-2.6-xen-sparse/arch/xen/i386/mm/highmem.c linux-2.6-xen-sparse/arch/xen/i386/mm/hypervisor.c linux-2.6-xen-sparse/arch/xen/i386/mm/init.c linux-2.6-xen-sparse/arch/xen/i386/mm/ioremap.c linux-2.6-xen-sparse/arch/xen/i386/mm/pgtable.c linux-2.6-xen-sparse/arch/xen/i386/pci/Makefile linux-2.6-xen-sparse/arch/xen/i386/pci/i386.c linux-2.6-xen-sparse/arch/xen/i386/pci/irq.c linux-2.6-xen-sparse/arch/xen/kernel/Makefile linux-2.6-xen-sparse/arch/xen/kernel/devmem.c linux-2.6-xen-sparse/arch/xen/kernel/evtchn.c linux-2.6-xen-sparse/arch/xen/kernel/fixup.c linux-2.6-xen-sparse/arch/xen/kernel/gnttab.c linux-2.6-xen-sparse/arch/xen/kernel/reboot.c linux-2.6-xen-sparse/arch/xen/kernel/skbuff.c linux-2.6-xen-sparse/arch/xen/kernel/smp.c linux-2.6-xen-sparse/arch/xen/kernel/xen_proc.c linux-2.6-xen-sparse/arch/xen/x86_64/Kconfig linux-2.6-xen-sparse/arch/xen/x86_64/Makefile linux-2.6-xen-sparse/arch/xen/x86_64/ia32/Makefile linux-2.6-xen-sparse/arch/xen/x86_64/ia32/ia32entry.S linux-2.6-xen-sparse/arch/xen/x86_64/ia32/syscall32.c linux-2.6-xen-sparse/arch/xen/x86_64/ia32/vsyscall-int80.S linux-2.6-xen-sparse/arch/xen/x86_64/kernel/Makefile linux-2.6-xen-sparse/arch/xen/x86_64/kernel/acpi/Makefile linux-2.6-xen-sparse/arch/xen/x86_64/kernel/apic.c linux-2.6-xen-sparse/arch/xen/x86_64/kernel/e820.c linux-2.6-xen-sparse/arch/xen/x86_64/kernel/early_printk.c linux-2.6-xen-sparse/arch/xen/x86_64/kernel/entry.S linux-2.6-xen-sparse/arch/xen/x86_64/kernel/genapic.c linux-2.6-xen-sparse/arch/xen/x86_64/kernel/genapic_xen.c linux-2.6-xen-sparse/arch/xen/x86_64/kernel/head.S linux-2.6-xen-sparse/arch/xen/x86_64/kernel/head64.c linux-2.6-xen-sparse/arch/xen/x86_64/kernel/io_apic.c linux-2.6-xen-sparse/arch/xen/x86_64/kernel/ioport.c linux-2.6-xen-sparse/arch/xen/x86_64/kernel/irq.c linux-2.6-xen-sparse/arch/xen/x86_64/kernel/ldt.c linux-2.6-xen-sparse/arch/xen/x86_64/kernel/mpparse.c linux-2.6-xen-sparse/arch/xen/x86_64/kernel/pci-nommu.c linux-2.6-xen-sparse/arch/xen/x86_64/kernel/process.c linux-2.6-xen-sparse/arch/xen/x86_64/kernel/setup.c linux-2.6-xen-sparse/arch/xen/x86_64/kernel/setup64.c linux-2.6-xen-sparse/arch/xen/x86_64/kernel/signal.c linux-2.6-xen-sparse/arch/xen/x86_64/kernel/smp.c linux-2.6-xen-sparse/arch/xen/x86_64/kernel/smpboot.c linux-2.6-xen-sparse/arch/xen/x86_64/kernel/traps.c linux-2.6-xen-sparse/arch/xen/x86_64/kernel/vsyscall.c linux-2.6-xen-sparse/arch/xen/x86_64/kernel/x8664_ksyms.c linux-2.6-xen-sparse/arch/xen/x86_64/kernel/xen_entry.S linux-2.6-xen-sparse/arch/xen/x86_64/mm/Makefile linux-2.6-xen-sparse/arch/xen/x86_64/mm/fault.c linux-2.6-xen-sparse/arch/xen/x86_64/mm/init.c linux-2.6-xen-sparse/arch/xen/x86_64/mm/pageattr.c linux-2.6-xen-sparse/arch/xen/x86_64/pci/Makefile linux-2.6-xen-sparse/arch/xen/x86_64/pci/Makefile-BUS linux-2.6-xen-sparse/drivers/Makefile linux-2.6-xen-sparse/drivers/acpi/tables.c linux-2.6-xen-sparse/drivers/char/mem.c linux-2.6-xen-sparse/drivers/char/tpm/Kconfig.domU linux-2.6-xen-sparse/drivers/char/tpm/Makefile linux-2.6-xen-sparse/drivers/char/tpm/tpm_nopci.c linux-2.6-xen-sparse/drivers/char/tpm/tpm_nopci.h linux-2.6-xen-sparse/drivers/char/tpm/tpm_xen.c linux-2.6-xen-sparse/drivers/char/tty_io.c linux-2.6-xen-sparse/drivers/xen/Makefile linux-2.6-xen-sparse/drivers/xen/balloon/Makefile linux-2.6-xen-sparse/drivers/xen/balloon/balloon.c linux-2.6-xen-sparse/drivers/xen/blkback/Makefile linux-2.6-xen-sparse/drivers/xen/blkback/blkback.c linux-2.6-xen-sparse/drivers/xen/blkback/common.h linux-2.6-xen-sparse/drivers/xen/blkback/interface.c linux-2.6-xen-sparse/drivers/xen/blkback/vbd.c linux-2.6-xen-sparse/drivers/xen/blkback/xenbus.c linux-2.6-xen-sparse/drivers/xen/blkfront/Kconfig linux-2.6-xen-sparse/drivers/xen/blkfront/Makefile linux-2.6-xen-sparse/drivers/xen/blkfront/blkfront.c linux-2.6-xen-sparse/drivers/xen/blkfront/block.h linux-2.6-xen-sparse/drivers/xen/blkfront/vbd.c linux-2.6-xen-sparse/drivers/xen/blktap/Makefile linux-2.6-xen-sparse/drivers/xen/blktap/blktap.c linux-2.6-xen-sparse/drivers/xen/blktap/common.h linux-2.6-xen-sparse/drivers/xen/blktap/interface.c linux-2.6-xen-sparse/drivers/xen/blktap/xenbus.c linux-2.6-xen-sparse/drivers/xen/console/Makefile linux-2.6-xen-sparse/drivers/xen/console/console.c linux-2.6-xen-sparse/drivers/xen/console/xencons_ring.c linux-2.6-xen-sparse/drivers/xen/console/xencons_ring.h linux-2.6-xen-sparse/drivers/xen/evtchn/Makefile linux-2.6-xen-sparse/drivers/xen/evtchn/evtchn.c linux-2.6-xen-sparse/drivers/xen/netback/Makefile linux-2.6-xen-sparse/drivers/xen/netback/common.h linux-2.6-xen-sparse/drivers/xen/netback/interface.c linux-2.6-xen-sparse/drivers/xen/netback/loopback.c linux-2.6-xen-sparse/drivers/xen/netback/netback.c linux-2.6-xen-sparse/drivers/xen/netback/xenbus.c linux-2.6-xen-sparse/drivers/xen/netfront/Kconfig linux-2.6-xen-sparse/drivers/xen/netfront/Makefile linux-2.6-xen-sparse/drivers/xen/netfront/netfront.c linux-2.6-xen-sparse/drivers/xen/privcmd/Makefile linux-2.6-xen-sparse/drivers/xen/privcmd/privcmd.c linux-2.6-xen-sparse/drivers/xen/tpmback/Makefile linux-2.6-xen-sparse/drivers/xen/tpmback/common.h linux-2.6-xen-sparse/drivers/xen/tpmback/interface.c linux-2.6-xen-sparse/drivers/xen/tpmback/tpmback.c linux-2.6-xen-sparse/drivers/xen/tpmback/xenbus.c linux-2.6-xen-sparse/drivers/xen/tpmfront/Makefile linux-2.6-xen-sparse/drivers/xen/tpmfront/tpmfront.c linux-2.6-xen-sparse/drivers/xen/tpmfront/tpmfront.h linux-2.6-xen-sparse/drivers/xen/util.c linux-2.6-xen-sparse/drivers/xen/xenbus/Makefile linux-2.6-xen-sparse/drivers/xen/xenbus/xenbus_comms.c linux-2.6-xen-sparse/drivers/xen/xenbus/xenbus_comms.h linux-2.6-xen-sparse/drivers/xen/xenbus/xenbus_dev.c linux-2.6-xen-sparse/drivers/xen/xenbus/xenbus_probe.c linux-2.6-xen-sparse/drivers/xen/xenbus/xenbus_xs.c linux-2.6-xen-sparse/include/asm-generic/pgtable.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/agp.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/desc.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/dma-mapping.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/fixmap.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/floppy.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/highmem.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/hw_irq.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/hypercall.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/hypervisor.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/io.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/kmap_types.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/mach-xen/irq_vectors.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/mach-xen/setup_arch_post.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/mach-xen/setup_arch_pre.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/mach-xen/smpboot_hooks.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/mmu.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/mmu_context.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/page.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/param.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/pci.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/pgalloc.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/pgtable-2level.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/pgtable-3level.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/pgtable.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/processor.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/ptrace.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/scatterlist.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/segment.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/setup.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/spinlock.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/swiotlb.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/synch_bitops.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/system.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/tlbflush.h linux-2.6-xen-sparse/include/asm-xen/asm-i386/vga.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/arch_hooks.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/bootsetup.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/desc.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/dma-mapping.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/fixmap.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/floppy.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/hw_irq.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/hypercall.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/hypervisor.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/io.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/irq.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/mach-xen/io_ports.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/mach-xen/irq_vectors.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/mach-xen/mach_timer.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/mach-xen/setup_arch_post.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/mach-xen/setup_arch_pre.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/mach-xen/smpboot_hooks.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/mmu.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/mmu_context.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/page.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/param.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/pci.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/pgalloc.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/pgtable.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/processor.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/ptrace.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/segment.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/smp.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/synch_bitops.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/system.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/timer.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/tlbflush.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/vga.h linux-2.6-xen-sparse/include/asm-xen/asm-x86_64/xor.h linux-2.6-xen-sparse/include/asm-xen/balloon.h linux-2.6-xen-sparse/include/asm-xen/driver_util.h linux-2.6-xen-sparse/include/asm-xen/evtchn.h linux-2.6-xen-sparse/include/asm-xen/foreign_page.h linux-2.6-xen-sparse/include/asm-xen/gnttab.h linux-2.6-xen-sparse/include/asm-xen/linux-public/privcmd.h linux-2.6-xen-sparse/include/asm-xen/queues.h linux-2.6-xen-sparse/include/asm-xen/xen_proc.h linux-2.6-xen-sparse/include/asm-xen/xenbus.h linux-2.6-xen-sparse/include/linux/gfp.h linux-2.6-xen-sparse/include/linux/highmem.h linux-2.6-xen-sparse/include/linux/irq.h linux-2.6-xen-sparse/include/linux/mm.h linux-2.6-xen-sparse/include/linux/skbuff.h linux-2.6-xen-sparse/include/linux/tpmfe.h linux-2.6-xen-sparse/kernel/irq/manage.c linux-2.6-xen-sparse/mkbuildtree linux-2.6-xen-sparse/mm/highmem.c linux-2.6-xen-sparse/mm/memory.c linux-2.6-xen-sparse/mm/mmap.c linux-2.6-xen-sparse/mm/page_alloc.c linux-2.6-xen-sparse/net/core/dev.c linux-2.6-xen-sparse/net/core/skbuff.c patches/linux-2.6.12/i386-cpu-hotplug-updated-for-mm.patch patches/linux-2.6.12/net-csum.patch patches/linux-2.6.12/patch-2.6.12.5 patches/linux-2.6.12/rcu-nohz.patch patches/linux-2.6.12/smp-alts.patch patches/linux-2.6.12/tpm_partial_read.patch tools/Makefile tools/Rules.mk tools/blktap/Makefile tools/blktap/README.sept05 tools/blktap/blkdump.c tools/blktap/blkif.c tools/blktap/blktaplib.c tools/blktap/blktaplib.h tools/blktap/list.h tools/blktap/parallax/Makefile tools/blktap/parallax/block-async.h tools/blktap/parallax/blockstore.h tools/blktap/ublkback/Makefile tools/blktap/ublkback/ublkback.c tools/blktap/ublkback/ublkbacklib.c tools/blktap/ublkback/ublkbacklib.h tools/blktap/xenbus.c tools/check/check_brctl tools/check/check_iproute tools/check/check_logging tools/check/check_python tools/check/check_zlib_devel tools/check/check_zlib_lib tools/check/chk tools/console/Makefile tools/console/client/main.c tools/console/daemon/io.c tools/console/daemon/io.h tools/console/daemon/main.c tools/console/daemon/utils.c tools/console/daemon/utils.h tools/console/testsuite/Makefile tools/console/testsuite/README tools/console/testsuite/console-dom0.c tools/console/testsuite/console-domU.c tools/console/testsuite/procpipe.c tools/debugger/gdb/README tools/debugger/gdb/gdb-6.2.1-xen-sparse/gdb/gdbserver/configure tools/debugger/gdb/gdb-6.2.1-xen-sparse/gdb/gdbserver/configure.in tools/debugger/gdb/gdb-6.2.1-xen-sparse/gdb/gdbserver/linux-xen-low.c tools/debugger/gdb/gdbbuild tools/debugger/libxendebug/Makefile tools/debugger/libxendebug/xendebug.c tools/debugger/libxendebug/xendebug.h tools/debugger/pdb/Domain.ml tools/debugger/pdb/Domain.mli tools/debugger/pdb/Makefile tools/debugger/pdb/PDB.ml tools/debugger/pdb/Process.ml tools/debugger/pdb/Process.mli tools/debugger/pdb/Util.ml tools/debugger/pdb/Xen_domain.ml tools/debugger/pdb/Xen_domain.mli tools/debugger/pdb/debugger.ml tools/debugger/pdb/linux-2.6-module/Makefile tools/debugger/pdb/linux-2.6-module/debug.c tools/debugger/pdb/linux-2.6-module/module.c tools/debugger/pdb/linux-2.6-module/pdb_debug.h tools/debugger/pdb/linux-2.6-module/pdb_module.h tools/debugger/pdb/linux-2.6-patches/Makefile tools/debugger/pdb/linux-2.6-patches/i386_ksyms.patch tools/debugger/pdb/linux-2.6-patches/kdebug.patch tools/debugger/pdb/linux-2.6-patches/makefile.patch tools/debugger/pdb/linux-2.6-patches/ptrace.patch tools/debugger/pdb/linux-2.6-patches/traps.patch tools/debugger/pdb/pdb_caml_domain.c tools/debugger/pdb/pdb_caml_evtchn.c tools/debugger/pdb/pdb_caml_process.c tools/debugger/pdb/pdb_caml_xc.c tools/debugger/pdb/pdb_caml_xcs.c tools/debugger/pdb/pdb_caml_xen.h tools/debugger/pdb/pdb_xen.c tools/debugger/pdb/readme tools/debugger/pdb/server.ml tools/examples/Makefile tools/examples/README tools/examples/block-enbd tools/examples/block-file tools/examples/block-phy tools/examples/init.d/xend tools/examples/network-bridge tools/examples/vif-bridge tools/examples/vif-route tools/examples/xen-backend.agent tools/examples/xend-config.sxp tools/examples/xmexample.vmx tools/examples/xmexample1 tools/examples/xmexample2 tools/examples/xmexample3 tools/firmware/Makefile tools/firmware/acpi/acpi2_0.h tools/firmware/acpi/acpi_madt.c tools/firmware/acpi/acpi_madt.h tools/firmware/rombios/rombios.c tools/firmware/vmxassist/Makefile tools/firmware/vmxassist/acpi_madt.c tools/firmware/vmxassist/setup.c tools/firmware/vmxassist/vm86.c tools/firmware/vmxassist/vmxloader.c tools/ioemu/cpu-all.h tools/ioemu/exec.c tools/ioemu/hw/i8254.c tools/ioemu/hw/i8259.c tools/ioemu/hw/ide.c tools/ioemu/hw/ioapic.h tools/ioemu/hw/pc.c tools/ioemu/hw/pckbd.c tools/ioemu/hw/pcnet.c tools/ioemu/hw/pcnet.h tools/ioemu/hw/vga.c tools/ioemu/monitor.c tools/ioemu/target-i386-dm/Makefile tools/ioemu/target-i386-dm/helper2.c tools/ioemu/target-i386-dm/qemu-dm.debug tools/ioemu/vl.c tools/ioemu/vl.h tools/ioemu/vnc.c tools/libxc/Makefile tools/libxc/linux_boot_params.h tools/libxc/xc_core.c tools/libxc/xc_domain.c tools/libxc/xc_gnttab.c tools/libxc/xc_ia64_stubs.c tools/libxc/xc_linux_build.c tools/libxc/xc_linux_restore.c tools/libxc/xc_linux_save.c tools/libxc/xc_load_aout9.c tools/libxc/xc_load_bin.c tools/libxc/xc_load_elf.c tools/libxc/xc_misc.c tools/libxc/xc_private.c tools/libxc/xc_private.h tools/libxc/xc_ptrace.c tools/libxc/xc_ptrace_core.c tools/libxc/xc_vmx_build.c tools/libxc/xenctrl.h tools/libxc/xenguest.h tools/libxc/xg_private.c tools/libxc/xg_private.h tools/misc/Makefile tools/misc/cpuperf/Makefile tools/misc/cpuperf/cpuperf.c tools/misc/cpuperf/cpuperf_xeno.h tools/misc/mbootpack/Makefile tools/misc/mbootpack/buildimage.c tools/misc/mbootpack/mbootpack.c tools/misc/mbootpack/mbootpack.h tools/misc/xc_shadow.c tools/misc/xend tools/misc/xenperf.c tools/python/Makefile tools/python/pylintrc tools/python/setup.py tools/python/xen/lowlevel/xc/xc.c tools/python/xen/lowlevel/xs/xs.c tools/python/xen/sv/CreateDomain.py tools/python/xen/sv/DomInfo.py tools/python/xen/sv/GenTabbed.py tools/python/xen/sv/HTMLBase.py tools/python/xen/sv/Main.py tools/python/xen/sv/NodeInfo.py tools/python/xen/sv/RestoreDomain.py tools/python/xen/sv/Wizard.py tools/python/xen/sv/__init__.py tools/python/xen/sv/util.py tools/python/xen/util/Brctl.py tools/python/xen/util/process.py tools/python/xen/web/SrvBase.py tools/python/xen/web/SrvDir.py tools/python/xen/web/__init__.py tools/python/xen/web/connection.py tools/python/xen/web/httpserver.py tools/python/xen/web/protocol.py tools/python/xen/web/reactor.py tools/python/xen/web/resource.py tools/python/xen/web/static.py tools/python/xen/web/tcp.py tools/python/xen/web/unix.py tools/python/xen/xend/Args.py tools/python/xen/xend/EventServer.py tools/python/xen/xend/PrettyPrint.py tools/python/xen/xend/Vifctl.py tools/python/xen/xend/XendBootloader.py tools/python/xen/xend/XendCheckpoint.py tools/python/xen/xend/XendClient.py tools/python/xen/xend/XendDB.py tools/python/xen/xend/XendDmesg.py tools/python/xen/xend/XendDomain.py tools/python/xen/xend/XendDomainInfo.py tools/python/xen/xend/XendError.py tools/python/xen/xend/XendLogging.py tools/python/xen/xend/XendNode.py tools/python/xen/xend/XendProtocol.py tools/python/xen/xend/XendRoot.py tools/python/xen/xend/XendVnet.py tools/python/xen/xend/encode.py tools/python/xen/xend/image.py tools/python/xen/xend/scheduler.py tools/python/xen/xend/server/DevController.py tools/python/xen/xend/server/SrvDaemon.py tools/python/xen/xend/server/SrvDmesg.py tools/python/xen/xend/server/SrvDomain.py tools/python/xen/xend/server/SrvDomainDir.py tools/python/xen/xend/server/SrvNode.py tools/python/xen/xend/server/SrvRoot.py tools/python/xen/xend/server/SrvServer.py tools/python/xen/xend/server/SrvVnetDir.py tools/python/xen/xend/server/SrvXendLog.py tools/python/xen/xend/server/blkif.py tools/python/xen/xend/server/channel.py tools/python/xen/xend/server/event.py tools/python/xen/xend/server/netif.py tools/python/xen/xend/server/params.py tools/python/xen/xend/server/pciif.py tools/python/xen/xend/server/relocate.py tools/python/xen/xend/server/tpmif.py tools/python/xen/xend/server/usbif.py tools/python/xen/xend/sxp.py tools/python/xen/xend/uuid.py tools/python/xen/xend/xenstore/__init__.py tools/python/xen/xend/xenstore/xsnode.py tools/python/xen/xend/xenstore/xsobj.py tools/python/xen/xend/xenstore/xsresource.py tools/python/xen/xend/xenstore/xstransact.py tools/python/xen/xend/xenstore/xsutil.py tools/python/xen/xend/xenstore/xswatch.py tools/python/xen/xm/create.py tools/python/xen/xm/destroy.py tools/python/xen/xm/help.py tools/python/xen/xm/main.py tools/python/xen/xm/migrate.py tools/python/xen/xm/opts.py tools/python/xen/xm/shutdown.py tools/python/xen/xm/sysrq.py tools/security/Makefile tools/security/example.txt tools/security/getlabel.sh tools/security/install.txt tools/security/labelfuncs.sh tools/security/policies/chwall/chwall-security_label_template.xml tools/security/policies/chwall/chwall-security_policy.xml tools/security/policies/chwall_ste/chwall_ste-security_label_template.xml tools/security/policies/chwall_ste/chwall_ste-security_policy.xml tools/security/policies/null/null-security_label_template.xml tools/security/policies/null/null-security_policy.xml tools/security/policies/security_policy.xsd tools/security/policies/ste/ste-security_label_template.xml tools/security/policies/ste/ste-security_policy.xml tools/security/policy.txt tools/security/readme.txt tools/security/secpol_compat.h tools/security/secpol_tool.c tools/security/secpol_xml2bin.c tools/security/secpol_xml2bin.h tools/security/setlabel.sh tools/security/updategrub.sh tools/sv/Makefile tools/sv/images/destroy.png tools/sv/images/finish.png tools/sv/images/next.png tools/sv/images/pause.png tools/sv/images/previous.png tools/sv/images/reboot.png tools/sv/images/shutdown.png tools/sv/images/small-destroy.png tools/sv/images/small-pause.png tools/sv/images/small-unpause.png tools/sv/images/unpause.png tools/sv/images/xen.png tools/sv/inc/script.js tools/sv/inc/style.css tools/sv/index.psp tools/vnet/00INSTALL tools/vnet/Make.env tools/vnet/Makefile tools/vnet/doc/vnet-module.txt tools/vnet/doc/vnet-xend.txt tools/vnet/examples/Makefile tools/vnet/examples/network-vnet tools/vnet/examples/vnet-insert tools/vnet/examples/vnet97.sxp tools/vnet/examples/vnet98.sxp tools/vnet/examples/vnet99.sxp tools/vnet/libxutil/Makefile tools/vnet/libxutil/debug.h tools/vnet/libxutil/mem_stream.c tools/vnet/libxutil/mem_stream.h tools/vnet/libxutil/sxpr.c tools/vnet/libxutil/sxpr.h tools/vnet/libxutil/sxpr_parser.c tools/vnet/libxutil/sxpr_parser.h tools/vnet/libxutil/sys_string.c tools/vnet/libxutil/sys_string.h tools/vnet/vnet-module/00README tools/vnet/vnet-module/Makefile tools/vnet/vnet-module/Makefile-2.4 tools/vnet/vnet-module/Makefile-2.6 tools/vnet/vnet-module/Makefile.ver tools/vnet/vnet-module/Makefile.vnet tools/vnet/vnet-module/etherip.c tools/vnet/vnet-module/if_etherip.h tools/vnet/vnet-module/if_varp.h tools/vnet/vnet-module/skb_util.h tools/vnet/vnet-module/tunnel.c tools/vnet/vnet-module/tunnel.h tools/vnet/vnet-module/varp.c tools/vnet/vnet-module/varp.h tools/vnet/vnet-module/varp_socket.c tools/vnet/vnet-module/varp_util.c tools/vnet/vnet-module/varp_util.h tools/vnet/vnet-module/vif.c tools/vnet/vnet-module/vif.h tools/vnet/vnet-module/vnet.c tools/vnet/vnet-module/vnet.h tools/vnet/vnet-module/vnet_dev.c tools/vnet/vnet-module/vnet_dev.h tools/vnet/vnet-module/vnet_ioctl.c tools/vnet/vnetd/Makefile tools/vnet/vnetd/vcache.c tools/vnet/vnetd/vcache.h tools/vnet/vnetd/vnetd.c tools/vnet/vnetd/vnetd.h tools/vtpm/Makefile tools/vtpm/README tools/vtpm/Rules.mk tools/vtpm/tpm_emulator-0.2b-x86_64.patch tools/vtpm/tpm_emulator.patch tools/vtpm/vtpm.patch tools/vtpm_manager/COPYING tools/vtpm_manager/Makefile tools/vtpm_manager/README tools/vtpm_manager/Rules.mk tools/vtpm_manager/crypto/Makefile tools/vtpm_manager/crypto/crypto.c tools/vtpm_manager/crypto/crypto.h tools/vtpm_manager/crypto/hash.c tools/vtpm_manager/crypto/rsa.c tools/vtpm_manager/crypto/sym_crypto.c tools/vtpm_manager/crypto/sym_crypto.h tools/vtpm_manager/manager/Makefile tools/vtpm_manager/manager/dmictl.c tools/vtpm_manager/manager/securestorage.c tools/vtpm_manager/manager/tpmpassthrough.c tools/vtpm_manager/manager/vtpm_manager.c tools/vtpm_manager/manager/vtpm_manager.h tools/vtpm_manager/manager/vtpmd.c tools/vtpm_manager/manager/vtpmpriv.h tools/vtpm_manager/manager/vtsp.c tools/vtpm_manager/manager/vtsp.h tools/vtpm_manager/tcs/Makefile tools/vtpm_manager/tcs/contextmgr.c tools/vtpm_manager/tcs/contextmgr.h tools/vtpm_manager/tcs/tcs.c tools/vtpm_manager/tcs/tcs.h tools/vtpm_manager/tcs/tpmddl.h tools/vtpm_manager/tcs/transmit.c tools/vtpm_manager/util/Makefile tools/vtpm_manager/util/bsg.c tools/vtpm_manager/util/bsg.h tools/vtpm_manager/util/buffer.c tools/vtpm_manager/util/buffer.h tools/vtpm_manager/util/depend tools/vtpm_manager/util/hashtable.c tools/vtpm_manager/util/hashtable.h tools/vtpm_manager/util/hashtable_itr.c tools/vtpm_manager/util/hashtable_itr.h tools/vtpm_manager/util/hashtable_private.h tools/vtpm_manager/util/log.c tools/vtpm_manager/util/log.h tools/vtpm_manager/util/tcg.h tools/xcutils/Makefile tools/xcutils/xc_restore.c tools/xcutils/xc_save.c tools/xenstat/Makefile tools/xenstat/libxenstat/COPYING tools/xenstat/libxenstat/Makefile tools/xenstat/libxenstat/bindings/swig/perl/.empty tools/xenstat/libxenstat/bindings/swig/python/.empty tools/xenstat/libxenstat/bindings/swig/xenstat.i tools/xenstat/libxenstat/src/xen-interface.c tools/xenstat/libxenstat/src/xen-interface.h tools/xenstat/libxenstat/src/xenstat.c tools/xenstat/libxenstat/src/xenstat.h tools/xenstat/xentop/Makefile tools/xenstat/xentop/TODO tools/xenstat/xentop/xentop.1 tools/xenstat/xentop/xentop.c tools/xenstore/COPYING tools/xenstore/Makefile tools/xenstore/TODO tools/xenstore/fake_libxc.c tools/xenstore/testsuite/01simple.test tools/xenstore/testsuite/02directory.test tools/xenstore/testsuite/03write.test tools/xenstore/testsuite/04rm.test tools/xenstore/testsuite/05filepermissions.test tools/xenstore/testsuite/06dirpermissions.test tools/xenstore/testsuite/07watch.test tools/xenstore/testsuite/08transaction.slowtest tools/xenstore/testsuite/08transaction.test tools/xenstore/testsuite/09domain.test tools/xenstore/testsuite/10domain-homedir.test tools/xenstore/testsuite/11domain-watch.test tools/xenstore/testsuite/12readonly.test tools/xenstore/testsuite/13watch-ack.test tools/xenstore/testsuite/14complexperms.test tools/xenstore/testsuite/15nowait.test tools/xenstore/testsuite/16block-watch-crash.test tools/xenstore/testsuite/test.sh tools/xenstore/testsuite/vg-suppressions tools/xenstore/utils.c tools/xenstore/utils.h tools/xenstore/xenstore_client.c tools/xenstore/xenstored.h tools/xenstore/xenstored_core.c tools/xenstore/xenstored_core.h tools/xenstore/xenstored_domain.c tools/xenstore/xenstored_domain.h tools/xenstore/xenstored_transaction.c tools/xenstore/xenstored_transaction.h tools/xenstore/xenstored_watch.c tools/xenstore/xenstored_watch.h tools/xenstore/xs.c tools/xenstore/xs.h tools/xenstore/xs_crashme.c tools/xenstore/xs_dom0_test.c tools/xenstore/xs_lib.c tools/xenstore/xs_lib.h tools/xenstore/xs_random.c tools/xenstore/xs_stress.c tools/xenstore/xs_test.c tools/xentrace/Makefile tools/xentrace/formats tools/xentrace/xenctx.c tools/xentrace/xentrace.c xen/Makefile xen/Rules.mk xen/acm/acm_chinesewall_hooks.c xen/acm/acm_core.c xen/acm/acm_null_hooks.c xen/acm/acm_policy.c xen/acm/acm_simple_type_enforcement_hooks.c xen/arch/ia64/Makefile xen/arch/ia64/Rules.mk xen/arch/ia64/asm-offsets.c xen/arch/ia64/asm-xsi-offsets.c xen/arch/ia64/linux-xen/efi.c xen/arch/ia64/linux-xen/entry.S xen/arch/ia64/linux-xen/entry.h xen/arch/ia64/linux-xen/head.S xen/arch/ia64/linux-xen/irq_ia64.c xen/arch/ia64/linux-xen/minstate.h xen/arch/ia64/linux-xen/mm_contig.c xen/arch/ia64/linux-xen/setup.c xen/arch/ia64/linux-xen/unaligned.c xen/arch/ia64/linux/extable.c xen/arch/ia64/linux/ia64_ksyms.c xen/arch/ia64/linux/irq_lsapic.c xen/arch/ia64/linux/pcdp.h xen/arch/ia64/tools/README.xenia64 xen/arch/ia64/tools/README.xenia64linux xen/arch/ia64/vmx/mm.c xen/arch/ia64/vmx/mmio.c xen/arch/ia64/vmx/pal_emul.c xen/arch/ia64/vmx/vmmu.c xen/arch/ia64/vmx/vmx_entry.S xen/arch/ia64/vmx/vmx_hypercall.c xen/arch/ia64/vmx/vmx_init.c xen/arch/ia64/vmx/vmx_interrupt.c xen/arch/ia64/vmx/vmx_irq_ia64.c xen/arch/ia64/vmx/vmx_ivt.S xen/arch/ia64/vmx/vmx_minstate.h xen/arch/ia64/vmx/vmx_process.c xen/arch/ia64/vmx/vmx_vcpu.c xen/arch/ia64/vmx/vmx_virt.c xen/arch/ia64/vmx/vtlb.c xen/arch/ia64/xen/dom_fw.c xen/arch/ia64/xen/domain.c xen/arch/ia64/xen/grant_table.c xen/arch/ia64/xen/hypercall.c xen/arch/ia64/xen/hyperprivop.S xen/arch/ia64/xen/ivt.S xen/arch/ia64/xen/privop.c xen/arch/ia64/xen/process.c xen/arch/ia64/xen/regionreg.c xen/arch/ia64/xen/vcpu.c xen/arch/ia64/xen/vhpt.c xen/arch/ia64/xen/xenmem.c xen/arch/ia64/xen/xenmisc.c xen/arch/x86/Makefile xen/arch/x86/Rules.mk xen/arch/x86/acpi/boot.c xen/arch/x86/apic.c xen/arch/x86/audit.c xen/arch/x86/boot/x86_32.S xen/arch/x86/boot/x86_64.S xen/arch/x86/cdb.c xen/arch/x86/cpu/amd.c xen/arch/x86/cpu/common.c xen/arch/x86/dom0_ops.c xen/arch/x86/domain.c xen/arch/x86/domain_build.c xen/arch/x86/genapic/es7000plat.c xen/arch/x86/i8259.c xen/arch/x86/io_apic.c xen/arch/x86/mm.c xen/arch/x86/mpparse.c xen/arch/x86/physdev.c xen/arch/x86/setup.c xen/arch/x86/shadow.c xen/arch/x86/shadow32.c xen/arch/x86/shadow_guest32.c xen/arch/x86/shadow_public.c xen/arch/x86/smpboot.c xen/arch/x86/time.c xen/arch/x86/traps.c xen/arch/x86/vmx.c xen/arch/x86/vmx_intercept.c xen/arch/x86/vmx_io.c xen/arch/x86/vmx_platform.c xen/arch/x86/vmx_vmcs.c xen/arch/x86/x86_32/asm-offsets.c xen/arch/x86/x86_32/entry.S xen/arch/x86/x86_32/mm.c xen/arch/x86/x86_32/traps.c xen/arch/x86/x86_64/asm-offsets.c xen/arch/x86/x86_64/entry.S xen/arch/x86/x86_64/mm.c xen/arch/x86/x86_64/traps.c xen/common/Makefile xen/common/ac_timer.c xen/common/acm_ops.c xen/common/dom0_ops.c xen/common/domain.c xen/common/event_channel.c xen/common/grant_table.c xen/common/kernel.c xen/common/lib.c xen/common/memory.c xen/common/multicall.c xen/common/page_alloc.c xen/common/perfc.c xen/common/sched_sedf.c xen/common/schedule.c xen/common/symbols.c xen/common/trace.c xen/common/xmalloc.c xen/drivers/char/Makefile xen/drivers/char/console.c xen/drivers/char/ns16550.c xen/drivers/char/serial.c xen/include/acm/acm_core.h xen/include/acm/acm_hooks.h xen/include/asm-ia64/config.h xen/include/asm-ia64/domain.h xen/include/asm-ia64/event.h xen/include/asm-ia64/ia64_int.h xen/include/asm-ia64/linux-xen/asm/gcc_intrin.h xen/include/asm-ia64/linux-xen/asm/ia64regs.h xen/include/asm-ia64/linux-xen/asm/io.h xen/include/asm-ia64/linux-xen/asm/kregs.h xen/include/asm-ia64/linux-xen/asm/mca_asm.h xen/include/asm-ia64/linux-xen/asm/page.h xen/include/asm-ia64/linux-xen/asm/pal.h xen/include/asm-ia64/linux-xen/asm/pgalloc.h xen/include/asm-ia64/linux-xen/asm/processor.h xen/include/asm-ia64/linux-xen/asm/system.h xen/include/asm-ia64/linux-xen/asm/types.h xen/include/asm-ia64/linux-xen/asm/uaccess.h xen/include/asm-ia64/linux-xen/linux/cpumask.h xen/include/asm-ia64/linux-xen/linux/hardirq.h xen/include/asm-ia64/linux-xen/linux/interrupt.h xen/include/asm-ia64/linux/asm-generic/bug.h xen/include/asm-ia64/linux/asm-generic/errno.h xen/include/asm-ia64/linux/asm-generic/iomap.h xen/include/asm-ia64/linux/asm-generic/pci.h xen/include/asm-ia64/linux/asm-generic/pgtable-nopud.h xen/include/asm-ia64/linux/asm-generic/pgtable.h xen/include/asm-ia64/linux/asm-generic/sections.h xen/include/asm-ia64/linux/asm-generic/topology.h xen/include/asm-ia64/linux/asm-generic/vmlinux.lds.h xen/include/asm-ia64/linux/asm/acpi.h xen/include/asm-ia64/linux/asm/bitops.h xen/include/asm-ia64/linux/asm/break.h xen/include/asm-ia64/linux/asm/bug.h xen/include/asm-ia64/linux/asm/cacheflush.h xen/include/asm-ia64/linux/asm/param.h xen/include/asm-ia64/linux/asm/pci.h xen/include/asm-ia64/linux/asm/percpu.h xen/include/asm-ia64/linux/asm/sal.h xen/include/asm-ia64/linux/asm/sections.h xen/include/asm-ia64/linux/asm/signal.h xen/include/asm-ia64/linux/asm/smp.h xen/include/asm-ia64/linux/asm/thread_info.h xen/include/asm-ia64/linux/asm/topology.h xen/include/asm-ia64/linux/asm/unaligned.h xen/include/asm-ia64/linux/asm/unistd.h xen/include/asm-ia64/linux/bitmap.h xen/include/asm-ia64/linux/bitops.h xen/include/asm-ia64/linux/dma-mapping.h xen/include/asm-ia64/linux/efi.h xen/include/asm-ia64/linux/err.h xen/include/asm-ia64/linux/gfp.h xen/include/asm-ia64/linux/mmzone.h xen/include/asm-ia64/linux/numa.h xen/include/asm-ia64/linux/page-flags.h xen/include/asm-ia64/linux/slab.h xen/include/asm-ia64/linux/threads.h xen/include/asm-ia64/linux/timex.h xen/include/asm-ia64/linux/topology.h xen/include/asm-ia64/linux/wait.h xen/include/asm-ia64/mm.h xen/include/asm-ia64/mmu_context.h xen/include/asm-ia64/privop.h xen/include/asm-ia64/regionreg.h xen/include/asm-ia64/regs.h xen/include/asm-ia64/time.h xen/include/asm-ia64/tlb.h xen/include/asm-ia64/vcpu.h xen/include/asm-ia64/vhpt.h xen/include/asm-ia64/vmmu.h xen/include/asm-ia64/vmx.h xen/include/asm-ia64/vmx_uaccess.h xen/include/asm-ia64/vmx_vcpu.h xen/include/asm-ia64/vmx_vpd.h xen/include/asm-ia64/xenkregs.h xen/include/asm-ia64/xenprocessor.h xen/include/asm-ia64/xensystem.h xen/include/asm-x86/apicdef.h xen/include/asm-x86/asm_defns.h xen/include/asm-x86/bitops.h xen/include/asm-x86/config.h xen/include/asm-x86/e820.h xen/include/asm-x86/event.h xen/include/asm-x86/fixmap.h xen/include/asm-x86/genapic.h xen/include/asm-x86/hpet.h xen/include/asm-x86/io.h xen/include/asm-x86/mach-bigsmp/mach_apic.h xen/include/asm-x86/mach-default/mach_apic.h xen/include/asm-x86/mach-es7000/mach_apic.h xen/include/asm-x86/mach-generic/mach_apic.h xen/include/asm-x86/mach-summit/mach_apic.h xen/include/asm-x86/mach-summit/mach_mpparse.h xen/include/asm-x86/mm.h xen/include/asm-x86/page-guest32.h xen/include/asm-x86/page.h xen/include/asm-x86/processor.h xen/include/asm-x86/shadow.h xen/include/asm-x86/shadow_64.h xen/include/asm-x86/shadow_ops.h xen/include/asm-x86/shadow_public.h xen/include/asm-x86/time.h xen/include/asm-x86/types.h xen/include/asm-x86/uaccess.h xen/include/asm-x86/vmx.h xen/include/asm-x86/vmx_platform.h xen/include/asm-x86/vmx_virpit.h xen/include/asm-x86/vmx_vmcs.h xen/include/asm-x86/x86_32/asm_defns.h xen/include/asm-x86/x86_32/page-3level.h xen/include/asm-x86/x86_32/uaccess.h xen/include/asm-x86/x86_64/asm_defns.h xen/include/asm-x86/x86_64/page.h xen/include/public/acm.h xen/include/public/acm_ops.h xen/include/public/arch-ia64.h xen/include/public/arch-x86_32.h xen/include/public/arch-x86_64.h xen/include/public/dom0_ops.h xen/include/public/grant_table.h xen/include/public/io/blkif.h xen/include/public/io/ioreq.h xen/include/public/io/netif.h xen/include/public/io/ring.h xen/include/public/io/tpmif.h xen/include/public/memory.h xen/include/public/physdev.h xen/include/public/trace.h xen/include/public/version.h xen/include/public/xen.h xen/include/xen/ac_timer.h xen/include/xen/config.h xen/include/xen/domain.h xen/include/xen/event.h xen/include/xen/grant_table.h xen/include/xen/mm.h xen/include/xen/perfc.h xen/include/xen/perfc_defn.h xen/include/xen/sched.h xen/include/xen/serial.h xen/include/xen/symbols.h xen/include/xen/time.h xen/include/xen/trace.h xen/tools/Makefile xen/tools/symbols.c
line diff
     1.1 --- a/.hgignore	Thu Sep 22 11:34:14 2005 -0600
     1.2 +++ b/.hgignore	Thu Sep 22 11:42:01 2005 -0600
     1.3 @@ -86,6 +86,9 @@
     1.4  ^tools/check/\..*$
     1.5  ^tools/console/xenconsoled$
     1.6  ^tools/console/xenconsole$
     1.7 +^tools/debugger/gdb/gdb-6\.2\.1\.tar\.bz2$
     1.8 +^tools/debugger/gdb/gdb-6\.2\.1/.*$
     1.9 +^tools/debugger/gdb/gdb-6\.2\.1-linux-i386-xen/.*$
    1.10  ^tools/debugger/pdb/pdb$
    1.11  ^tools/debugger/pdb/linux-[0-9.]*-module/.*\.ko$
    1.12  ^tools/debugger/pdb/linux-[0-9.]*-module/.*\.mod.c$
    1.13 @@ -136,9 +139,10 @@
    1.14  ^tools/vnet/vnet-module/\..*\.cmd$
    1.15  ^tools/vnet/vnet-module/\.tmp_versions/.*$
    1.16  ^tools/vnet/vnet-module/vnet_module\.mod\..*$
    1.17 -^tools/vtpm/vtpm*
    1.18 -^tools/vtpm/tpm_emulator-*
    1.19 -^tools/vtpm_manager/manager/vtpm_managerd
    1.20 +^tools/vtpm/tpm_emulator/.*$
    1.21 +^tools/vtpm/tpm_emulator-.*\.tar\.gz$
    1.22 +^tools/vtpm/vtpm/.*$
    1.23 +^tools/vtpm_manager/manager/vtpm_managerd$
    1.24  ^tools/xcutils/xc_restore$
    1.25  ^tools/xcutils/xc_save$
    1.26  ^tools/xenstat/xentop/xentop$
    1.27 @@ -156,6 +160,7 @@
    1.28  ^tools/xenstore/xs_stress$
    1.29  ^tools/xenstore/xs_test$
    1.30  ^tools/xenstore/xs_watch_stress$
    1.31 +^tools/xentrace/xenctx$
    1.32  ^tools/xentrace/xentrace$
    1.33  ^xen/BLOG$
    1.34  ^xen/TAGS$
     2.1 --- a/Makefile	Thu Sep 22 11:34:14 2005 -0600
     2.2 +++ b/Makefile	Thu Sep 22 11:42:01 2005 -0600
     2.3 @@ -98,12 +98,15 @@ clean::
     2.4  	$(MAKE) -C tools clean
     2.5  	$(MAKE) -C docs clean
     2.6  
     2.7 -# clean, but blow away kernel build tree plus tar balls
     2.8 -mrproper: clean
     2.9 +# clean, but blow away kernel build tree plus tarballs
    2.10 +distclean: clean
    2.11  	rm -rf dist patches/tmp
    2.12  	for i in $(ALLKERNELS) ; do $(MAKE) $$i-delete ; done
    2.13  	for i in $(ALLSPARSETREES) ; do $(MAKE) $$i-mrproper ; done
    2.14  
    2.15 +# Linux name for GNU distclean
    2.16 +mrproper: distclean
    2.17 +
    2.18  install-logging: LOGGING=logging-0.4.9.2
    2.19  install-logging:
    2.20  	[ -f $(LOGGING).tar.gz ] || wget http://www.red-dove.com/$(LOGGING).tar.gz
    2.21 @@ -142,7 +145,7 @@ help:
    2.22  	@echo 'Cleaning targets:'
    2.23  	@echo '  clean            - clean the Xen, tools and docs (but not'
    2.24  	@echo '                     guest kernel) trees'
    2.25 -	@echo '  mrproper         - clean plus delete kernel tarballs and kernel'
    2.26 +	@echo '  distclean        - clean plus delete kernel tarballs and kernel'
    2.27  	@echo '                     build trees'
    2.28  	@echo '  kdelete          - delete guest kernel build trees'
    2.29  	@echo '  kclean           - clean guest kernel build trees'
    2.30 @@ -163,27 +166,25 @@ uninstall: D=$(DESTDIR)
    2.31  uninstall:
    2.32  	[ -d $(D)/etc/xen ] && mv -f $(D)/etc/xen $(D)/etc/xen.old-`date +%s`
    2.33  	rm -rf $(D)/etc/init.d/xend*
    2.34 -	rm -rf $(D)/usr/$(LIBDIR)/libxc* $(D)/usr/$(LIBDIR)/libxutil*
    2.35 -	rm -rf $(D)/usr/$(LIBDIR)/python/xen $(D)/usr/include/xen
    2.36 -	rm -rf $(D)/usr/$(LIBDIR)/share/xen $(D)/usr/$(LIBDIR)/libxenstore*
    2.37 +	rm -rf $(D)/etc/hotplug/xen-backend.agent
    2.38  	rm -rf $(D)/var/run/xen* $(D)/var/lib/xen*
    2.39 -	rm -rf $(D)/usr/include/xcs_proto.h $(D)/usr/include/xc.h
    2.40 -	rm -rf $(D)/usr/include/xs_lib.h $(D)/usr/include/xs.h
    2.41 -	rm -rf $(D)/usr/sbin/xcs $(D)/usr/sbin/xcsdump $(D)/usr/sbin/xen*
    2.42 -	rm -rf $(D)/usr/sbin/netfix
    2.43 -	rm -rf $(D)/usr/sbin/xfrd $(D)/usr/sbin/xm
    2.44 -	rm -rf $(D)/usr/share/doc/xen  $(D)/usr/man/man*/xentrace*
    2.45 -	rm -rf $(D)/usr/bin/xen* $(D)/usr/bin/miniterm
    2.46  	rm -rf $(D)/boot/*xen*
    2.47  	rm -rf $(D)/lib/modules/*xen*
    2.48 +	rm -rf $(D)/usr/bin/xen* $(D)/usr/bin/lomount
    2.49  	rm -rf $(D)/usr/bin/cpuperf-perfcntr $(D)/usr/bin/cpuperf-xen
    2.50  	rm -rf $(D)/usr/bin/xc_shadow
    2.51 -	rm -rf $(D)/usr/share/xen $(D)/usr/libexec/xen
    2.52 +	rm -rf $(D)/usr/include/xenctrl.h
    2.53 +	rm -rf $(D)/usr/include/xs_lib.h $(D)/usr/include/xs.h
    2.54 +	rm -rf $(D)/usr/include/xen
    2.55 +	rm -rf $(D)/usr/$(LIBDIR)/libxenctrl* $(D)/usr/$(LIBDIR)/libxenguest*
    2.56 +	rm -rf $(D)/usr/$(LIBDIR)/libxenstore*
    2.57 +	rm -rf $(D)/usr/$(LIBDIR)/python/xen $(D)/usr/$(LIBDIR)/xen 
    2.58 +	rm -rf $(D)/usr/libexec/xen
    2.59 +	rm -rf $(D)/usr/sbin/xen* $(D)/usr/sbin/netfix $(D)/usr/sbin/xm
    2.60 +	rm -rf $(D)/usr/share/doc/xen
    2.61 +	rm -rf $(D)/usr/share/xen
    2.62  	rm -rf $(D)/usr/share/man/man1/xen*
    2.63  	rm -rf $(D)/usr/share/man/man8/xen*
    2.64 -	rm -rf $(D)/usr/lib/xen
    2.65 -	rm -rf $(D)/etc/hotplug.d/xen-backend
    2.66 -	rm -rf $(D)/etc/hotplug/xen-backend.agent
    2.67  
    2.68  # Legacy targets for compatibility
    2.69  linux24:
     3.1 --- a/docs/Makefile	Thu Sep 22 11:34:14 2005 -0600
     3.2 +++ b/docs/Makefile	Thu Sep 22 11:42:01 2005 -0600
     3.3 @@ -12,7 +12,7 @@ DOXYGEN		:= doxygen
     3.4  
     3.5  pkgdocdir	:= /usr/share/doc/xen
     3.6  
     3.7 -DOC_TEX		:= $(wildcard src/*.tex)
     3.8 +DOC_TEX		:= src/user.tex src/interface.tex
     3.9  DOC_PS		:= $(patsubst src/%.tex,ps/%.ps,$(DOC_TEX))
    3.10  DOC_PDF		:= $(patsubst src/%.tex,pdf/%.pdf,$(DOC_TEX))
    3.11  DOC_HTML	:= $(patsubst src/%.tex,html/%/index.html,$(DOC_TEX))
    3.12 @@ -36,11 +36,12 @@ html:
    3.13  	$(MAKE) $(DOC_HTML); fi
    3.14  
    3.15  python-dev-docs:
    3.16 -	mkdir -p api/tools/python
    3.17 +	@mkdir -v -p api/tools/python
    3.18  	@if which $(DOXYGEN) 1>/dev/null 2>/dev/null; then         \
    3.19          echo "Running doxygen to generate Python tools APIs ... "; \
    3.20  	$(DOXYGEN) Doxyfile;                                       \
    3.21 -	$(MAKE) -C api/tools/python/latex ; fi
    3.22 +	$(MAKE) -C api/tools/python/latex ; else                   \
    3.23 +        echo "Doxygen not installed; skipping python-dev-docs."; fi
    3.24  
    3.25  clean:
    3.26  	rm -rf .word_count *.aux *.dvi *.bbl *.blg *.glo *.idx *~ 
     4.1 --- a/docs/src/interface.tex	Thu Sep 22 11:34:14 2005 -0600
     4.2 +++ b/docs/src/interface.tex	Thu Sep 22 11:42:01 2005 -0600
     4.3 @@ -87,1084 +87,23 @@ itself, allows the Xen framework to sepa
     4.4  mechanism and policy within the system.
     4.5  
     4.6  
     4.7 -
     4.8 -\chapter{Virtual Architecture}
     4.9 -
    4.10 -On a Xen-based system, the hypervisor itself runs in {\it ring 0}.  It
    4.11 -has full access to the physical memory available in the system and is
    4.12 -responsible for allocating portions of it to the domains.  Guest
    4.13 -operating systems run in and use {\it rings 1}, {\it 2} and {\it 3} as
    4.14 -they see fit. Segmentation is used to prevent the guest OS from
    4.15 -accessing the portion of the address space that is reserved for
    4.16 -Xen. We expect most guest operating systems will use ring 1 for their
    4.17 -own operation and place applications in ring 3.
    4.18 -
    4.19 -In this chapter we consider the basic virtual architecture provided 
    4.20 -by Xen: the basic CPU state, exception and interrupt handling, and
    4.21 -time. Other aspects such as memory and device access are discussed 
    4.22 -in later chapters. 
    4.23 -
    4.24 -\section{CPU state}
    4.25 -
    4.26 -All privileged state must be handled by Xen.  The guest OS has no
    4.27 -direct access to CR3 and is not permitted to update privileged bits in
    4.28 -EFLAGS. Guest OSes use \emph{hypercalls} to invoke operations in Xen; 
    4.29 -these are analogous to system calls but occur from ring 1 to ring 0. 
    4.30 -
    4.31 -A list of all hypercalls is given in Appendix~\ref{a:hypercalls}. 
    4.32 -
    4.33 -
    4.34 -
    4.35 -\section{Exceptions}
    4.36 -
    4.37 -A virtual IDT is provided --- a domain can submit a table of trap
    4.38 -handlers to Xen via the {\tt set\_trap\_table()} hypercall.  Most trap
    4.39 -handlers are identical to native x86 handlers, although the page-fault
    4.40 -handler is somewhat different.
    4.41 -
    4.42 -
    4.43 -\section{Interrupts and events}
    4.44 -
    4.45 -Interrupts are virtualized by mapping them to \emph{events}, which are
    4.46 -delivered asynchronously to the target domain using a callback
    4.47 -supplied via the {\tt set\_callbacks()} hypercall.  A guest OS can map
    4.48 -these events onto its standard interrupt dispatch mechanisms.  Xen is
    4.49 -responsible for determining the target domain that will handle each
    4.50 -physical interrupt source. For more details on the binding of event
    4.51 -sources to events, see Chapter~\ref{c:devices}. 
    4.52 -
    4.53 -
    4.54 -
    4.55 -\section{Time}
    4.56 -
    4.57 -Guest operating systems need to be aware of the passage of both real
    4.58 -(or wallclock) time and their own `virtual time' (the time for
    4.59 -which they have been executing). Furthermore, Xen has a notion of 
    4.60 -time which is used for scheduling. The following notions of 
    4.61 -time are provided: 
    4.62 -
    4.63 -\begin{description}
    4.64 -\item[Cycle counter time.]
    4.65 -
    4.66 -This provides a fine-grained time reference.  The cycle counter time is
    4.67 -used to accurately extrapolate the other time references.  On SMP machines
    4.68 -it is currently assumed that the cycle counter time is synchronized between
    4.69 -CPUs.  The current x86-based implementation achieves this within inter-CPU
    4.70 -communication latencies.
    4.71 -
    4.72 -\item[System time.]
    4.73 -
    4.74 -This is a 64-bit counter which holds the number of nanoseconds that
    4.75 -have elapsed since system boot.
    4.76 -
    4.77 -
    4.78 -\item[Wall clock time.]
    4.79 -
    4.80 -This is the time of day in a Unix-style {\tt struct timeval} (seconds
    4.81 -and microseconds since 1 January 1970, adjusted by leap seconds).  An
    4.82 -NTP client hosted by {\it domain 0} can keep this value accurate.  
    4.83 -
    4.84 -
    4.85 -\item[Domain virtual time.]
    4.86 -
    4.87 -This progresses at the same pace as system time, but only while a
    4.88 -domain is executing --- it stops while a domain is de-scheduled.
    4.89 -Therefore the share of the CPU that a domain receives is indicated by
    4.90 -the rate at which its virtual time increases.
    4.91 -
    4.92 -\end{description}
    4.93 -
    4.94 -
    4.95 -Xen exports timestamps for system time and wall-clock time to guest
    4.96 -operating systems through a shared page of memory.  Xen also provides
    4.97 -the cycle counter time at the instant the timestamps were calculated,
    4.98 -and the CPU frequency in Hertz.  This allows the guest to extrapolate
    4.99 -system and wall-clock times accurately based on the current cycle
   4.100 -counter time.
   4.101 -
   4.102 -Since all time stamps need to be updated and read \emph{atomically}
   4.103 -two version numbers are also stored in the shared info page. The 
   4.104 -first is incremented prior to an update, while the second is only
   4.105 -incremented afterwards. Thus a guest can be sure that it read a consistent 
   4.106 -state by checking the two version numbers are equal. 
   4.107 -
   4.108 -Xen includes a periodic ticker which sends a timer event to the
   4.109 -currently executing domain every 10ms.  The Xen scheduler also sends a
   4.110 -timer event whenever a domain is scheduled; this allows the guest OS
   4.111 -to adjust for the time that has passed while it has been inactive.  In
   4.112 -addition, Xen allows each domain to request that they receive a timer
   4.113 -event sent at a specified system time by using the {\tt
   4.114 -set\_timer\_op()} hypercall.  Guest OSes may use this timer to
   4.115 -implement timeout values when they block.
   4.116 -
   4.117 -
   4.118 -
   4.119 -%% % akw: demoting this to a section -- not sure if there is any point
   4.120 -%% % though, maybe just remove it.
   4.121 -
   4.122 -\section{Xen CPU Scheduling}
   4.123 -
   4.124 -Xen offers a uniform API for CPU schedulers.  It is possible to choose
   4.125 -from a number of schedulers at boot and it should be easy to add more.
   4.126 -The BVT, Atropos and Round Robin schedulers are part of the normal
   4.127 -Xen distribution.  BVT provides proportional fair shares of the CPU to
   4.128 -the running domains.  Atropos can be used to reserve absolute shares
   4.129 -of the CPU for each domain.  Round-robin is provided as an example of
   4.130 -Xen's internal scheduler API.
   4.131 -
   4.132 -\paragraph*{Note: SMP host support}
   4.133 -Xen has always supported SMP host systems.  Domains are statically assigned to
   4.134 -CPUs, either at creation time or when manually pinning to a particular CPU.
   4.135 -The current schedulers then run locally on each CPU to decide which of the
   4.136 -assigned domains should be run there. The user-level control software 
   4.137 -can be used to perform coarse-grain load-balancing between CPUs. 
   4.138 -
   4.139 -
   4.140 -%% More information on the characteristics and use of these schedulers is
   4.141 -%% available in {\tt Sched-HOWTO.txt}.
   4.142 -
   4.143 -
   4.144 -\section{Privileged operations}
   4.145 -
   4.146 -Xen exports an extended interface to privileged domains (viz.\ {\it
   4.147 -  Domain 0}). This allows such domains to build and boot other domains 
   4.148 -on the server, and provides control interfaces for managing 
   4.149 -scheduling, memory, networking, and block devices. 
   4.150 -
   4.151 -
   4.152 -\chapter{Memory}
   4.153 -\label{c:memory} 
   4.154 -
   4.155 -Xen is responsible for managing the allocation of physical memory to
   4.156 -domains, and for ensuring safe use of the paging and segmentation
   4.157 -hardware.
   4.158 -
   4.159 -
   4.160 -\section{Memory Allocation}
   4.161 -
   4.162 -
   4.163 -Xen resides within a small fixed portion of physical memory; it also
   4.164 -reserves the top 64MB of every virtual address space. The remaining
   4.165 -physical memory is available for allocation to domains at a page
   4.166 -granularity.  Xen tracks the ownership and use of each page, which
   4.167 -allows it to enforce secure partitioning between domains.
   4.168 -
   4.169 -Each domain has a maximum and current physical memory allocation. 
   4.170 -A guest OS may run a `balloon driver' to dynamically adjust its 
   4.171 -current memory allocation up to its limit. 
   4.172 -
   4.173 -
   4.174 -%% XXX SMH: I use machine and physical in the next section (which 
   4.175 -%% is kinda required for consistency with code); wonder if this 
   4.176 -%% section should use same terms? 
   4.177 -%%
   4.178 -%% Probably. 
   4.179 -%%
   4.180 -%% Merging this and below section at some point prob makes sense. 
   4.181 -
   4.182 -\section{Pseudo-Physical Memory}
   4.183 -
   4.184 -Since physical memory is allocated and freed on a page granularity,
   4.185 -there is no guarantee that a domain will receive a contiguous stretch
   4.186 -of physical memory. However most operating systems do not have good
   4.187 -support for operating in a fragmented physical address space. To aid
   4.188 -porting such operating systems to run on top of Xen, we make a
   4.189 -distinction between \emph{machine memory} and \emph{pseudo-physical
   4.190 -memory}.
   4.191 -
   4.192 -Put simply, machine memory refers to the entire amount of memory
   4.193 -installed in the machine, including that reserved by Xen, in use by
   4.194 -various domains, or currently unallocated. We consider machine memory
   4.195 -to comprise a set of 4K \emph{machine page frames} numbered
   4.196 -consecutively starting from 0. Machine frame numbers mean the same
   4.197 -within Xen or any domain.
   4.198 -
   4.199 -Pseudo-physical memory, on the other hand, is a per-domain
   4.200 -abstraction. It allows a guest operating system to consider its memory
   4.201 -allocation to consist of a contiguous range of physical page frames
   4.202 -starting at physical frame 0, despite the fact that the underlying
   4.203 -machine page frames may be sparsely allocated and in any order.
   4.204 -
   4.205 -To achieve this, Xen maintains a globally readable {\it
   4.206 -machine-to-physical} table which records the mapping from machine page
   4.207 -frames to pseudo-physical ones. In addition, each domain is supplied
   4.208 -with a {\it physical-to-machine} table which performs the inverse
   4.209 -mapping. Clearly the machine-to-physical table has size proportional
   4.210 -to the amount of RAM installed in the machine, while each
   4.211 -physical-to-machine table has size proportional to the memory
   4.212 -allocation of the given domain.
   4.213 -
   4.214 -Architecture dependent code in guest operating systems can then use
   4.215 -the two tables to provide the abstraction of pseudo-physical
   4.216 -memory. In general, only certain specialized parts of the operating
   4.217 -system (such as page table management) needs to understand the
   4.218 -difference between machine and pseudo-physical addresses.
   4.219 -
   4.220 -\section{Page Table Updates}
   4.221 -
   4.222 -In the default mode of operation, Xen enforces read-only access to
   4.223 -page tables and requires guest operating systems to explicitly request
   4.224 -any modifications.  Xen validates all such requests and only applies
   4.225 -updates that it deems safe.  This is necessary to prevent domains from
   4.226 -adding arbitrary mappings to their page tables.
   4.227 -
   4.228 -To aid validation, Xen associates a type and reference count with each
   4.229 -memory page. A page has one of the following
   4.230 -mutually-exclusive types at any point in time: page directory ({\sf
   4.231 -PD}), page table ({\sf PT}), local descriptor table ({\sf LDT}),
   4.232 -global descriptor table ({\sf GDT}), or writable ({\sf RW}). Note that
   4.233 -a guest OS may always create readable mappings of its own memory 
   4.234 -regardless of its current type. 
   4.235 -%%% XXX: possibly explain more about ref count 'lifecyle' here?
   4.236 -This mechanism is used to
   4.237 -maintain the invariants required for safety; for example, a domain
   4.238 -cannot have a writable mapping to any part of a page table as this
   4.239 -would require the page concerned to simultaneously be of types {\sf
   4.240 -  PT} and {\sf RW}.
   4.241 -
   4.242 -
   4.243 -%\section{Writable Page Tables}
   4.244 -
   4.245 -Xen also provides an alternative mode of operation in which guests be
   4.246 -have the illusion that their page tables are directly writable.  Of
   4.247 -course this is not really the case, since Xen must still validate
   4.248 -modifications to ensure secure partitioning. To this end, Xen traps
   4.249 -any write attempt to a memory page of type {\sf PT} (i.e., that is
   4.250 -currently part of a page table).  If such an access occurs, Xen
   4.251 -temporarily allows write access to that page while at the same time
   4.252 -{\em disconnecting} it from the page table that is currently in
   4.253 -use. This allows the guest to safely make updates to the page because
   4.254 -the newly-updated entries cannot be used by the MMU until Xen
   4.255 -revalidates and reconnects the page.
   4.256 -Reconnection occurs automatically in a number of situations: for
   4.257 -example, when the guest modifies a different page-table page, when the
   4.258 -domain is preempted, or whenever the guest uses Xen's explicit
   4.259 -page-table update interfaces.
   4.260 -
   4.261 -Finally, Xen also supports a form of \emph{shadow page tables} in
   4.262 -which the guest OS uses a independent copy of page tables which are
   4.263 -unknown to the hardware (i.e.\ which are never pointed to by {\tt
   4.264 -cr3}). Instead Xen propagates changes made to the guest's tables to the
   4.265 -real ones, and vice versa. This is useful for logging page writes
   4.266 -(e.g.\ for live migration or checkpoint). A full version of the shadow
   4.267 -page tables also allows guest OS porting with less effort.
   4.268 -
   4.269 -\section{Segment Descriptor Tables}
   4.270 +%% chapter Virtual Architecture moved to architecture.tex
   4.271 +\include{src/interface/architecture}
   4.272  
   4.273 -On boot a guest is supplied with a default GDT, which does not reside
   4.274 -within its own memory allocation.  If the guest wishes to use other
   4.275 -than the default `flat' ring-1 and ring-3 segments that this GDT
   4.276 -provides, it must register a custom GDT and/or LDT with Xen,
   4.277 -allocated from its own memory. Note that a number of GDT 
   4.278 -entries are reserved by Xen -- any custom GDT must also include
   4.279 -sufficient space for these entries. 
   4.280 -
   4.281 -For example, the following hypercall is used to specify a new GDT: 
   4.282 -
   4.283 -\begin{quote}
   4.284 -int {\bf set\_gdt}(unsigned long *{\em frame\_list}, int {\em entries})
   4.285 -
   4.286 -{\em frame\_list}: An array of up to 16 machine page frames within
   4.287 -which the GDT resides.  Any frame registered as a GDT frame may only
   4.288 -be mapped read-only within the guest's address space (e.g., no
   4.289 -writable mappings, no use as a page-table page, and so on).
   4.290 -
   4.291 -{\em entries}: The number of descriptor-entry slots in the GDT.  Note
   4.292 -that the table must be large enough to contain Xen's reserved entries;
   4.293 -thus we must have `{\em entries $>$ LAST\_RESERVED\_GDT\_ENTRY}\ '.
   4.294 -Note also that, after registering the GDT, slots {\em FIRST\_} through
   4.295 -{\em LAST\_RESERVED\_GDT\_ENTRY} are no longer usable by the guest and
   4.296 -may be overwritten by Xen.
   4.297 -\end{quote}
   4.298 -
   4.299 -The LDT is updated via the generic MMU update mechanism (i.e., via 
   4.300 -the {\tt mmu\_update()} hypercall. 
   4.301 -
   4.302 -\section{Start of Day} 
   4.303 -
   4.304 -The start-of-day environment for guest operating systems is rather
   4.305 -different to that provided by the underlying hardware. In particular,
   4.306 -the processor is already executing in protected mode with paging
   4.307 -enabled.
   4.308 -
   4.309 -{\it Domain 0} is created and booted by Xen itself. For all subsequent
   4.310 -domains, the analogue of the boot-loader is the {\it domain builder},
   4.311 -user-space software running in {\it domain 0}. The domain builder 
   4.312 -is responsible for building the initial page tables for a domain  
   4.313 -and loading its kernel image at the appropriate virtual address. 
   4.314 -
   4.315 -
   4.316 -
   4.317 -\chapter{Devices}
   4.318 -\label{c:devices}
   4.319 -
   4.320 -Devices such as network and disk are exported to guests using a
   4.321 -split device driver.  The device driver domain, which accesses the
   4.322 -physical device directly also runs a {\em backend} driver, serving
   4.323 -requests to that device from guests.  Each guest will use a simple
   4.324 -{\em frontend} driver, to access the backend.  Communication between these
   4.325 -domains is composed of two parts:  First, data is placed onto a shared
   4.326 -memory page between the domains.  Second, an event channel between the
   4.327 -two domains is used to pass notification that data is outstanding.
   4.328 -This separation of notification from data transfer allows message
   4.329 -batching, and results in very efficient device access.  
   4.330 -
   4.331 -Event channels are used extensively in device virtualization; each
   4.332 -domain has a number of end-points or \emph{ports} each of which
   4.333 -may be bound to one of the following \emph{event sources}:
   4.334 -\begin{itemize} 
   4.335 -  \item a physical interrupt from a real device, 
   4.336 -  \item a virtual interrupt (callback) from Xen, or 
   4.337 -  \item a signal from another domain 
   4.338 -\end{itemize}
   4.339 -
   4.340 -Events are lightweight and do not carry much information beyond 
   4.341 -the source of the notification. Hence when performing bulk data
   4.342 -transfer, events are typically used as synchronization primitives
   4.343 -over a shared memory transport. Event channels are managed via 
   4.344 -the {\tt event\_channel\_op()} hypercall; for more details see
   4.345 -Section~\ref{s:idc}. 
   4.346 -
   4.347 -This chapter focuses on some individual device interfaces
   4.348 -available to Xen guests. 
   4.349 -
   4.350 -\section{Network I/O}
   4.351 -
   4.352 -Virtual network device services are provided by shared memory
   4.353 -communication with a backend domain.  From the point of view of
   4.354 -other domains, the backend may be viewed as a virtual ethernet switch
   4.355 -element with each domain having one or more virtual network interfaces
   4.356 -connected to it.
   4.357 -
   4.358 -\subsection{Backend Packet Handling}
   4.359 -
   4.360 -The backend driver is responsible for a variety of actions relating to
   4.361 -the transmission and reception of packets from the physical device.
   4.362 -With regard to transmission, the backend performs these key actions:
   4.363 -
   4.364 -\begin{itemize}
   4.365 -\item {\bf Validation:} To ensure that domains do not attempt to
   4.366 -  generate invalid (e.g. spoofed) traffic, the backend driver may
   4.367 -  validate headers ensuring that source MAC and IP addresses match the
   4.368 -  interface that they have been sent from.
   4.369 -
   4.370 -  Validation functions can be configured using standard firewall rules
   4.371 -  ({\small{\tt iptables}} in the case of Linux).
   4.372 -  
   4.373 -\item {\bf Scheduling:} Since a number of domains can share a single
   4.374 -  physical network interface, the backend must mediate access when
   4.375 -  several domains each have packets queued for transmission.  This
   4.376 -  general scheduling function subsumes basic shaping or rate-limiting
   4.377 -  schemes.
   4.378 -  
   4.379 -\item {\bf Logging and Accounting:} The backend domain can be
   4.380 -  configured with classifier rules that control how packets are
   4.381 -  accounted or logged.  For example, log messages might be generated
   4.382 -  whenever a domain attempts to send a TCP packet containing a SYN.
   4.383 -\end{itemize}
   4.384 -
   4.385 -On receipt of incoming packets, the backend acts as a simple
   4.386 -demultiplexer:  Packets are passed to the appropriate virtual
   4.387 -interface after any necessary logging and accounting have been carried
   4.388 -out.
   4.389 -
   4.390 -\subsection{Data Transfer}
   4.391 -
   4.392 -Each virtual interface uses two ``descriptor rings'', one for transmit,
   4.393 -the other for receive.  Each descriptor identifies a block of contiguous
   4.394 -physical memory allocated to the domain.  
   4.395 -
   4.396 -The transmit ring carries packets to transmit from the guest to the
   4.397 -backend domain.  The return path of the transmit ring carries messages
   4.398 -indicating that the contents have been physically transmitted and the
   4.399 -backend no longer requires the associated pages of memory.
   4.400 +%% chapter Memory moved to memory.tex
   4.401 +\include{src/interface/memory}
   4.402  
   4.403 -To receive packets, the guest places descriptors of unused pages on
   4.404 -the receive ring.  The backend will return received packets by
   4.405 -exchanging these pages in the domain's memory with new pages
   4.406 -containing the received data, and passing back descriptors regarding
   4.407 -the new packets on the ring.  This zero-copy approach allows the
   4.408 -backend to maintain a pool of free pages to receive packets into, and
   4.409 -then deliver them to appropriate domains after examining their
   4.410 -headers.
   4.411 -
   4.412 -%
   4.413 -%Real physical addresses are used throughout, with the domain performing 
   4.414 -%translation from pseudo-physical addresses if that is necessary.
   4.415 -
   4.416 -If a domain does not keep its receive ring stocked with empty buffers then 
   4.417 -packets destined to it may be dropped.  This provides some defence against 
   4.418 -receive livelock problems because an overload domain will cease to receive
   4.419 -further data.  Similarly, on the transmit path, it provides the application
   4.420 -with feedback on the rate at which packets are able to leave the system.
   4.421 -
   4.422 -
   4.423 -Flow control on rings is achieved by including a pair of producer
   4.424 -indexes on the shared ring page.  Each side will maintain a private
   4.425 -consumer index indicating the next outstanding message.  In this
   4.426 -manner, the domains cooperate to divide the ring into two message
   4.427 -lists, one in each direction.  Notification is decoupled from the
   4.428 -immediate placement of new messages on the ring; the event channel
   4.429 -will be used to generate notification when {\em either} a certain
   4.430 -number of outstanding messages are queued, {\em or} a specified number
   4.431 -of nanoseconds have elapsed since the oldest message was placed on the
   4.432 -ring.
   4.433 -
   4.434 -% Not sure if my version is any better -- here is what was here before:
   4.435 -%% Synchronization between the backend domain and the guest is achieved using 
   4.436 -%% counters held in shared memory that is accessible to both.  Each ring has
   4.437 -%% associated producer and consumer indices indicating the area in the ring
   4.438 -%% that holds descriptors that contain data.  After receiving {\it n} packets
   4.439 -%% or {\t nanoseconds} after receiving the first packet, the hypervisor sends
   4.440 -%% an event to the domain. 
   4.441 -
   4.442 -\section{Block I/O}
   4.443 -
   4.444 -All guest OS disk access goes through the virtual block device VBD
   4.445 -interface.  This interface allows domains access to portions of block
   4.446 -storage devices visible to the the block backend device.  The VBD
   4.447 -interface is a split driver, similar to the network interface
   4.448 -described above.  A single shared memory ring is used between the
   4.449 -frontend and backend drivers, across which read and write messages are
   4.450 -sent.
   4.451 -
   4.452 -Any block device accessible to the backend domain, including
   4.453 -network-based block (iSCSI, *NBD, etc), loopback and LVM/MD devices,
   4.454 -can be exported as a VBD.  Each VBD is mapped to a device node in the
   4.455 -guest, specified in the guest's startup configuration.
   4.456 -
   4.457 -Old (Xen 1.2) virtual disks are not supported under Xen 2.0, since
   4.458 -similar functionality can be achieved using the more complete LVM
   4.459 -system, which is already in widespread use.
   4.460 -
   4.461 -\subsection{Data Transfer}
   4.462 -
   4.463 -The single ring between the guest and the block backend supports three
   4.464 -messages:
   4.465 -
   4.466 -\begin{description}
   4.467 -\item [{\small {\tt PROBE}}:] Return a list of the VBDs available to this guest
   4.468 -  from the backend.  The request includes a descriptor of a free page
   4.469 -  into which the reply will be written by the backend.
   4.470 +%% chapter Devices moved to devices.tex
   4.471 +\include{src/interface/devices}
   4.472  
   4.473 -\item [{\small {\tt READ}}:] Read data from the specified block device.  The
   4.474 -  front end identifies the device and location to read from and
   4.475 -  attaches pages for the data to be copied to (typically via DMA from
   4.476 -  the device).  The backend acknowledges completed read requests as
   4.477 -  they finish.
   4.478 -
   4.479 -\item [{\small {\tt WRITE}}:] Write data to the specified block device.  This
   4.480 -  functions essentially as {\small {\tt READ}}, except that the data moves to
   4.481 -  the device instead of from it.
   4.482 -\end{description}
   4.483 -
   4.484 -% um... some old text
   4.485 -%% In overview, the same style of descriptor-ring that is used for
   4.486 -%% network packets is used here.  Each domain has one ring that carries
   4.487 -%% operation requests to the hypervisor and carries the results back
   4.488 -%% again.
   4.489 -
   4.490 -%% Rather than copying data, the backend simply maps the domain's buffers
   4.491 -%% in order to enable direct DMA to them.  The act of mapping the buffers
   4.492 -%% also increases the reference counts of the underlying pages, so that
   4.493 -%% the unprivileged domain cannot try to return them to the hypervisor,
   4.494 -%% install them as page tables, or any other unsafe behaviour.
   4.495 -%% %block API here 
   4.496 -
   4.497 -
   4.498 -\chapter{Further Information} 
   4.499 -
   4.500 -
   4.501 -If you have questions that are not answered by this manual, the
   4.502 -sources of information listed below may be of interest to you.  Note
   4.503 -that bug reports, suggestions and contributions related to the
   4.504 -software (or the documentation) should be sent to the Xen developers'
   4.505 -mailing list (address below).
   4.506 -
   4.507 -\section{Other documentation}
   4.508 -
   4.509 -If you are mainly interested in using (rather than developing for)
   4.510 -Xen, the {\em Xen Users' Manual} is distributed in the {\tt docs/}
   4.511 -directory of the Xen source distribution.  
   4.512 -
   4.513 -% Various HOWTOs are also available in {\tt docs/HOWTOS}.
   4.514 -
   4.515 -\section{Online references}
   4.516 -
   4.517 -The official Xen web site is found at:
   4.518 -\begin{quote}
   4.519 -{\tt http://www.cl.cam.ac.uk/Research/SRG/netos/xen/}
   4.520 -\end{quote}
   4.521 -
   4.522 -This contains links to the latest versions of all on-line 
   4.523 -documentation. 
   4.524 -
   4.525 -\section{Mailing lists}
   4.526 -
   4.527 -There are currently four official Xen mailing lists:
   4.528 -
   4.529 -\begin{description}
   4.530 -\item[xen-devel@lists.xensource.com] Used for development
   4.531 -discussions and bug reports.  Subscribe at: \\
   4.532 -{\small {\tt http://lists.xensource.com/xen-devel}}
   4.533 -\item[xen-users@lists.xensource.com] Used for installation and usage
   4.534 -discussions and requests for help.  Subscribe at: \\
   4.535 -{\small {\tt http://lists.xensource.com/xen-users}}
   4.536 -\item[xen-announce@lists.xensource.com] Used for announcements only.
   4.537 -Subscribe at: \\
   4.538 -{\small {\tt http://lists.xensource.com/xen-announce}}
   4.539 -\item[xen-changelog@lists.xensource.com]  Changelog feed
   4.540 -from the unstable and 2.0 trees - developer oriented.  Subscribe at: \\
   4.541 -{\small {\tt http://lists.xensource.com/xen-changelog}}
   4.542 -\end{description}
   4.543 -
   4.544 -Of these, xen-devel is the most active.
   4.545 -
   4.546 -
   4.547 +%% chapter Further Information moved to further_info.tex
   4.548 +\include{src/interface/further_info}
   4.549  
   4.550  
   4.551  \appendix
   4.552  
   4.553 -%\newcommand{\hypercall}[1]{\vspace{5mm}{\large\sf #1}}
   4.554 -
   4.555 -
   4.556 -
   4.557 -
   4.558 -
   4.559 -\newcommand{\hypercall}[1]{\vspace{2mm}{\sf #1}}
   4.560 -
   4.561 -
   4.562 -
   4.563 -
   4.564 -
   4.565 -
   4.566 -\chapter{Xen Hypercalls}
   4.567 -\label{a:hypercalls}
   4.568 -
   4.569 -Hypercalls represent the procedural interface to Xen; this appendix 
   4.570 -categorizes and describes the current set of hypercalls. 
   4.571 -
   4.572 -\section{Invoking Hypercalls} 
   4.573 -
   4.574 -Hypercalls are invoked in a manner analogous to system calls in a
   4.575 -conventional operating system; a software interrupt is issued which
   4.576 -vectors to an entry point within Xen. On x86\_32 machines the
   4.577 -instruction required is {\tt int \$82}; the (real) IDT is setup so
   4.578 -that this may only be issued from within ring 1. The particular 
   4.579 -hypercall to be invoked is contained in {\tt EAX} --- a list 
   4.580 -mapping these values to symbolic hypercall names can be found 
   4.581 -in {\tt xen/include/public/xen.h}. 
   4.582 -
   4.583 -On some occasions a set of hypercalls will be required to carry
   4.584 -out a higher-level function; a good example is when a guest 
   4.585 -operating wishes to context switch to a new process which 
   4.586 -requires updating various privileged CPU state. As an optimization
   4.587 -for these cases, there is a generic mechanism to issue a set of 
   4.588 -hypercalls as a batch: 
   4.589 -
   4.590 -\begin{quote}
   4.591 -\hypercall{multicall(void *call\_list, int nr\_calls)}
   4.592 -
   4.593 -Execute a series of hypervisor calls; {\tt nr\_calls} is the length of
   4.594 -the array of {\tt multicall\_entry\_t} structures pointed to be {\tt
   4.595 -call\_list}. Each entry contains the hypercall operation code followed
   4.596 -by up to 7 word-sized arguments.
   4.597 -\end{quote}
   4.598 -
   4.599 -Note that multicalls are provided purely as an optimization; there is
   4.600 -no requirement to use them when first porting a guest operating
   4.601 -system.
   4.602 -
   4.603 -
   4.604 -\section{Virtual CPU Setup} 
   4.605 -
   4.606 -At start of day, a guest operating system needs to setup the virtual
   4.607 -CPU it is executing on. This includes installing vectors for the
   4.608 -virtual IDT so that the guest OS can handle interrupts, page faults,
   4.609 -etc. However the very first thing a guest OS must setup is a pair 
   4.610 -of hypervisor callbacks: these are the entry points which Xen will
   4.611 -use when it wishes to notify the guest OS of an occurrence. 
   4.612 -
   4.613 -\begin{quote}
   4.614 -\hypercall{set\_callbacks(unsigned long event\_selector, unsigned long
   4.615 -  event\_address, unsigned long failsafe\_selector, unsigned long
   4.616 -  failsafe\_address) }
   4.617 -
   4.618 -Register the normal (``event'') and failsafe callbacks for 
   4.619 -event processing. In each case the code segment selector and 
   4.620 -address within that segment are provided. The selectors must
   4.621 -have RPL 1; in XenLinux we simply use the kernel's CS for both 
   4.622 -{\tt event\_selector} and {\tt failsafe\_selector}.
   4.623 -
   4.624 -The value {\tt event\_address} specifies the address of the guest OSes
   4.625 -event handling and dispatch routine; the {\tt failsafe\_address}
   4.626 -specifies a separate entry point which is used only if a fault occurs
   4.627 -when Xen attempts to use the normal callback. 
   4.628 -\end{quote} 
   4.629 -
   4.630 -
   4.631 -After installing the hypervisor callbacks, the guest OS can 
   4.632 -install a `virtual IDT' by using the following hypercall: 
   4.633 -
   4.634 -\begin{quote} 
   4.635 -\hypercall{set\_trap\_table(trap\_info\_t *table)} 
   4.636 -
   4.637 -Install one or more entries into the per-domain 
   4.638 -trap handler table (essentially a software version of the IDT). 
   4.639 -Each entry in the array pointed to by {\tt table} includes the 
   4.640 -exception vector number with the corresponding segment selector 
   4.641 -and entry point. Most guest OSes can use the same handlers on 
   4.642 -Xen as when running on the real hardware; an exception is the 
   4.643 -page fault handler (exception vector 14) where a modified 
   4.644 -stack-frame layout is used. 
   4.645 -
   4.646 -
   4.647 -\end{quote} 
   4.648 -
   4.649 -
   4.650 -
   4.651 -\section{Scheduling and Timer}
   4.652 -
   4.653 -Domains are preemptively scheduled by Xen according to the 
   4.654 -parameters installed by domain 0 (see Section~\ref{s:dom0ops}). 
   4.655 -In addition, however, a domain may choose to explicitly 
   4.656 -control certain behavior with the following hypercall: 
   4.657 -
   4.658 -\begin{quote} 
   4.659 -\hypercall{sched\_op(unsigned long op)} 
   4.660 -
   4.661 -Request scheduling operation from hypervisor. The options are: {\it
   4.662 -yield}, {\it block}, and {\it shutdown}.  {\it yield} keeps the
   4.663 -calling domain runnable but may cause a reschedule if other domains
   4.664 -are runnable.  {\it block} removes the calling domain from the run
   4.665 -queue and cause is to sleeps until an event is delivered to it.  {\it
   4.666 -shutdown} is used to end the domain's execution; the caller can
   4.667 -additionally specify whether the domain should reboot, halt or
   4.668 -suspend.
   4.669 -\end{quote} 
   4.670 -
   4.671 -To aid the implementation of a process scheduler within a guest OS,
   4.672 -Xen provides a virtual programmable timer:
   4.673 -
   4.674 -\begin{quote}
   4.675 -\hypercall{set\_timer\_op(uint64\_t timeout)} 
   4.676 -
   4.677 -Request a timer event to be sent at the specified system time (time 
   4.678 -in nanoseconds since system boot). The hypercall actually passes the 
   4.679 -64-bit timeout value as a pair of 32-bit values. 
   4.680 -
   4.681 -\end{quote} 
   4.682 -
   4.683 -Note that calling {\tt set\_timer\_op()} prior to {\tt sched\_op} 
   4.684 -allows block-with-timeout semantics. 
   4.685 -
   4.686 -
   4.687 -\section{Page Table Management} 
   4.688 -
   4.689 -Since guest operating systems have read-only access to their page 
   4.690 -tables, Xen must be involved when making any changes. The following
   4.691 -multi-purpose hypercall can be used to modify page-table entries, 
   4.692 -update the machine-to-physical mapping table, flush the TLB, install 
   4.693 -a new page-table base pointer, and more.
   4.694 -
   4.695 -\begin{quote} 
   4.696 -\hypercall{mmu\_update(mmu\_update\_t *req, int count, int *success\_count)} 
   4.697 -
   4.698 -Update the page table for the domain; a set of {\tt count} updates are
   4.699 -submitted for processing in a batch, with {\tt success\_count} being 
   4.700 -updated to report the number of successful updates.  
   4.701 -
   4.702 -Each element of {\tt req[]} contains a pointer (address) and value; 
   4.703 -the least significant 2-bits of the pointer are used to distinguish 
   4.704 -the type of update requested as follows:
   4.705 -\begin{description} 
   4.706 -
   4.707 -\item[\it MMU\_NORMAL\_PT\_UPDATE:] update a page directory entry or
   4.708 -page table entry to the associated value; Xen will check that the
   4.709 -update is safe, as described in Chapter~\ref{c:memory}.
   4.710 -
   4.711 -\item[\it MMU\_MACHPHYS\_UPDATE:] update an entry in the
   4.712 -  machine-to-physical table. The calling domain must own the machine
   4.713 -  page in question (or be privileged).
   4.714 -
   4.715 -\item[\it MMU\_EXTENDED\_COMMAND:] perform additional MMU operations.
   4.716 -The set of additional MMU operations is considerable, and includes
   4.717 -updating {\tt cr3} (or just re-installing it for a TLB flush),
   4.718 -flushing the cache, installing a new LDT, or pinning \& unpinning
   4.719 -page-table pages (to ensure their reference count doesn't drop to zero
   4.720 -which would require a revalidation of all entries).
   4.721 -
   4.722 -Further extended commands are used to deal with granting and 
   4.723 -acquiring page ownership; see Section~\ref{s:idc}. 
   4.724 -
   4.725 -
   4.726 -\end{description}
   4.727 -
   4.728 -More details on the precise format of all commands can be 
   4.729 -found in {\tt xen/include/public/xen.h}. 
   4.730 -
   4.731 -
   4.732 -\end{quote}
   4.733 -
   4.734 -Explicitly updating batches of page table entries is extremely
   4.735 -efficient, but can require a number of alterations to the guest
   4.736 -OS. Using the writable page table mode (Chapter~\ref{c:memory}) is
   4.737 -recommended for new OS ports.
   4.738 -
   4.739 -Regardless of which page table update mode is being used, however,
   4.740 -there are some occasions (notably handling a demand page fault) where
   4.741 -a guest OS will wish to modify exactly one PTE rather than a
   4.742 -batch. This is catered for by the following:
   4.743 -
   4.744 -\begin{quote} 
   4.745 -\hypercall{update\_va\_mapping(unsigned long page\_nr, unsigned long
   4.746 -val, \\ unsigned long flags)}
   4.747 -
   4.748 -Update the currently installed PTE for the page {\tt page\_nr} to 
   4.749 -{\tt val}. As with {\tt mmu\_update()}, Xen checks the modification 
   4.750 -is safe before applying it. The {\tt flags} determine which kind
   4.751 -of TLB flush, if any, should follow the update. 
   4.752 -
   4.753 -\end{quote} 
   4.754 -
   4.755 -Finally, sufficiently privileged domains may occasionally wish to manipulate 
   4.756 -the pages of others: 
   4.757 -\begin{quote}
   4.758 -
   4.759 -\hypercall{update\_va\_mapping\_otherdomain(unsigned long page\_nr,
   4.760 -unsigned long val, unsigned long flags, uint16\_t domid)}
   4.761 -
   4.762 -Identical to {\tt update\_va\_mapping()} save that the pages being
   4.763 -mapped must belong to the domain {\tt domid}. 
   4.764 -
   4.765 -\end{quote}
   4.766 -
   4.767 -This privileged operation is currently used by backend virtual device
   4.768 -drivers to safely map pages containing I/O data. 
   4.769 -
   4.770 -
   4.771 -
   4.772 -\section{Segmentation Support}
   4.773 -
   4.774 -Xen allows guest OSes to install a custom GDT if they require it; 
   4.775 -this is context switched transparently whenever a domain is 
   4.776 -[de]scheduled.  The following hypercall is effectively a 
   4.777 -`safe' version of {\tt lgdt}: 
   4.778 -
   4.779 -\begin{quote}
   4.780 -\hypercall{set\_gdt(unsigned long *frame\_list, int entries)} 
   4.781 -
   4.782 -Install a global descriptor table for a domain; {\tt frame\_list} is
   4.783 -an array of up to 16 machine page frames within which the GDT resides,
   4.784 -with {\tt entries} being the actual number of descriptor-entry
   4.785 -slots. All page frames must be mapped read-only within the guest's
   4.786 -address space, and the table must be large enough to contain Xen's
   4.787 -reserved entries (see {\tt xen/include/public/arch-x86\_32.h}).
   4.788 -
   4.789 -\end{quote}
   4.790 -
   4.791 -Many guest OSes will also wish to install LDTs; this is achieved by
   4.792 -using {\tt mmu\_update()} with an extended command, passing the
   4.793 -linear address of the LDT base along with the number of entries. No
   4.794 -special safety checks are required; Xen needs to perform this task
   4.795 -simply since {\tt lldt} requires CPL 0.
   4.796 -
   4.797 -
   4.798 -Xen also allows guest operating systems to update just an 
   4.799 -individual segment descriptor in the GDT or LDT:  
   4.800 -
   4.801 -\begin{quote}
   4.802 -\hypercall{update\_descriptor(unsigned long ma, unsigned long word1,
   4.803 -unsigned long word2)}
   4.804 -
   4.805 -Update the GDT/LDT entry at machine address {\tt ma}; the new
   4.806 -8-byte descriptor is stored in {\tt word1} and {\tt word2}.
   4.807 -Xen performs a number of checks to ensure the descriptor is 
   4.808 -valid. 
   4.809 -
   4.810 -\end{quote}
   4.811 -
   4.812 -Guest OSes can use the above in place of context switching entire 
   4.813 -LDTs (or the GDT) when the number of changing descriptors is small. 
   4.814 -
   4.815 -\section{Context Switching} 
   4.816 -
   4.817 -When a guest OS wishes to context switch between two processes, 
   4.818 -it can use the page table and segmentation hypercalls described
   4.819 -above to perform the the bulk of the privileged work. In addition, 
   4.820 -however, it will need to invoke Xen to switch the kernel (ring 1) 
   4.821 -stack pointer: 
   4.822 -
   4.823 -\begin{quote} 
   4.824 -\hypercall{stack\_switch(unsigned long ss, unsigned long esp)} 
   4.825 -
   4.826 -Request kernel stack switch from hypervisor; {\tt ss} is the new 
   4.827 -stack segment, which {\tt esp} is the new stack pointer. 
   4.828 -
   4.829 -\end{quote} 
   4.830 -
   4.831 -A final useful hypercall for context switching allows ``lazy'' 
   4.832 -save and restore of floating point state: 
   4.833 -
   4.834 -\begin{quote}
   4.835 -\hypercall{fpu\_taskswitch(void)} 
   4.836 -
   4.837 -This call instructs Xen to set the {\tt TS} bit in the {\tt cr0}
   4.838 -control register; this means that the next attempt to use floating
   4.839 -point will cause a trap which the guest OS can trap. Typically it will
   4.840 -then save/restore the FP state, and clear the {\tt TS} bit. 
   4.841 -\end{quote} 
   4.842 -
   4.843 -This is provided as an optimization only; guest OSes can also choose
   4.844 -to save and restore FP state on all context switches for simplicity. 
   4.845 -
   4.846 -
   4.847 -\section{Physical Memory Management}
   4.848 -
   4.849 -As mentioned previously, each domain has a maximum and current 
   4.850 -memory allocation. The maximum allocation, set at domain creation 
   4.851 -time, cannot be modified. However a domain can choose to reduce 
   4.852 -and subsequently grow its current allocation by using the
   4.853 -following call: 
   4.854 -
   4.855 -\begin{quote} 
   4.856 -\hypercall{dom\_mem\_op(unsigned int op, unsigned long *extent\_list,
   4.857 -  unsigned long nr\_extents, unsigned int extent\_order)}
   4.858 -
   4.859 -Increase or decrease current memory allocation (as determined by 
   4.860 -the value of {\tt op}). Each invocation provides a list of 
   4.861 -extents each of which is $2^s$ pages in size, 
   4.862 -where $s$ is the value of {\tt extent\_order}. 
   4.863 -
   4.864 -\end{quote} 
   4.865 -
   4.866 -In addition to simply reducing or increasing the current memory
   4.867 -allocation via a `balloon driver', this call is also useful for 
   4.868 -obtaining contiguous regions of machine memory when required (e.g. 
   4.869 -for certain PCI devices, or if using superpages).  
   4.870 -
   4.871 -
   4.872 -\section{Inter-Domain Communication}
   4.873 -\label{s:idc} 
   4.874 -
   4.875 -Xen provides a simple asynchronous notification mechanism via
   4.876 -\emph{event channels}. Each domain has a set of end-points (or
   4.877 -\emph{ports}) which may be bound to an event source (e.g. a physical
   4.878 -IRQ, a virtual IRQ, or an port in another domain). When a pair of
   4.879 -end-points in two different domains are bound together, then a `send'
   4.880 -operation on one will cause an event to be received by the destination
   4.881 -domain.
   4.882 -
   4.883 -The control and use of event channels involves the following hypercall: 
   4.884 -
   4.885 -\begin{quote}
   4.886 -\hypercall{event\_channel\_op(evtchn\_op\_t *op)} 
   4.887 -
   4.888 -Inter-domain event-channel management; {\tt op} is a discriminated 
   4.889 -union which allows the following 7 operations: 
   4.890 -
   4.891 -\begin{description} 
   4.892 -
   4.893 -\item[\it alloc\_unbound:] allocate a free (unbound) local
   4.894 -  port and prepare for connection from a specified domain. 
   4.895 -\item[\it bind\_virq:] bind a local port to a virtual 
   4.896 -IRQ; any particular VIRQ can be bound to at most one port per domain. 
   4.897 -\item[\it bind\_pirq:] bind a local port to a physical IRQ;
   4.898 -once more, a given pIRQ can be bound to at most one port per
   4.899 -domain. Furthermore the calling domain must be sufficiently
   4.900 -privileged.
   4.901 -\item[\it bind\_interdomain:] construct an interdomain event 
   4.902 -channel; in general, the target domain must have previously allocated 
   4.903 -an unbound port for this channel, although this can be bypassed by 
   4.904 -privileged domains during domain setup. 
   4.905 -\item[\it close:] close an interdomain event channel. 
   4.906 -\item[\it send:] send an event to the remote end of a 
   4.907 -interdomain event channel. 
   4.908 -\item[\it status:] determine the current status of a local port. 
   4.909 -\end{description} 
   4.910 -
   4.911 -For more details see
   4.912 -{\tt xen/include/public/event\_channel.h}. 
   4.913 -
   4.914 -\end{quote} 
   4.915 -
   4.916 -Event channels are the fundamental communication primitive between 
   4.917 -Xen domains and seamlessly support SMP. However they provide little
   4.918 -bandwidth for communication {\sl per se}, and hence are typically 
   4.919 -married with a piece of shared memory to produce effective and 
   4.920 -high-performance inter-domain communication. 
   4.921 -
   4.922 -Safe sharing of memory pages between guest OSes is carried out by
   4.923 -granting access on a per page basis to individual domains. This is
   4.924 -achieved by using the {\tt grant\_table\_op()} hypercall.
   4.925 -
   4.926 -\begin{quote}
   4.927 -\hypercall{grant\_table\_op(unsigned int cmd, void *uop, unsigned int count)}
   4.928 -
   4.929 -Grant or remove access to a particular page to a particular domain. 
   4.930 -
   4.931 -\end{quote} 
   4.932 -
   4.933 -This is not currently widely in use by guest operating systems, but 
   4.934 -we intend to integrate support more fully in the near future. 
   4.935 -
   4.936 -\section{PCI Configuration} 
   4.937 -
   4.938 -Domains with physical device access (i.e.\ driver domains) receive
   4.939 -limited access to certain PCI devices (bus address space and
   4.940 -interrupts). However many guest operating systems attempt to 
   4.941 -determine the PCI configuration by directly access the PCI BIOS, 
   4.942 -which cannot be allowed for safety. 
   4.943 -
   4.944 -Instead, Xen provides the following hypercall: 
   4.945 -
   4.946 -\begin{quote}
   4.947 -\hypercall{physdev\_op(void *physdev\_op)}
   4.948 -
   4.949 -Perform a PCI configuration option; depending on the value 
   4.950 -of {\tt physdev\_op} this can be a PCI config read, a PCI config 
   4.951 -write, or a small number of other queries. 
   4.952 -
   4.953 -\end{quote} 
   4.954 -
   4.955 -
   4.956 -For examples of using {\tt physdev\_op()}, see the 
   4.957 -Xen-specific PCI code in the linux sparse tree. 
   4.958 -
   4.959 -\section{Administrative Operations}
   4.960 -\label{s:dom0ops}
   4.961 -
   4.962 -A large number of control operations are available to a sufficiently
   4.963 -privileged domain (typically domain 0). These allow the creation and
   4.964 -management of new domains, for example. A complete list is given 
   4.965 -below: for more details on any or all of these, please see 
   4.966 -{\tt xen/include/public/dom0\_ops.h} 
   4.967 -
   4.968 -
   4.969 -\begin{quote}
   4.970 -\hypercall{dom0\_op(dom0\_op\_t *op)} 
   4.971 -
   4.972 -Administrative domain operations for domain management. The options are:
   4.973 -
   4.974 -\begin{description} 
   4.975 -\item [\it DOM0\_CREATEDOMAIN:] create a new domain
   4.976 -
   4.977 -\item [\it DOM0\_PAUSEDOMAIN:] remove a domain from the scheduler run 
   4.978 -queue. 
   4.979 -
   4.980 -\item [\it DOM0\_UNPAUSEDOMAIN:] mark a paused domain as schedulable
   4.981 -  once again. 
   4.982 -
   4.983 -\item [\it DOM0\_DESTROYDOMAIN:] deallocate all resources associated
   4.984 -with a domain
   4.985 -
   4.986 -\item [\it DOM0\_GETMEMLIST:] get list of pages used by the domain
   4.987 -
   4.988 -\item [\it DOM0\_SCHEDCTL:]
   4.989 -
   4.990 -\item [\it DOM0\_ADJUSTDOM:] adjust scheduling priorities for domain
   4.991 -
   4.992 -\item [\it DOM0\_BUILDDOMAIN:] do final guest OS setup for domain
   4.993 -
   4.994 -\item [\it DOM0\_GETDOMAINFO:] get statistics about the domain
   4.995 -
   4.996 -\item [\it DOM0\_GETPAGEFRAMEINFO:] 
   4.997 -
   4.998 -\item [\it DOM0\_GETPAGEFRAMEINFO2:]
   4.999 -
  4.1000 -\item [\it DOM0\_IOPL:] set I/O privilege level
  4.1001 -
  4.1002 -\item [\it DOM0\_MSR:] read or write model specific registers
  4.1003 -
  4.1004 -\item [\it DOM0\_DEBUG:] interactively invoke the debugger
  4.1005 -
  4.1006 -\item [\it DOM0\_SETTIME:] set system time
  4.1007 -
  4.1008 -\item [\it DOM0\_READCONSOLE:] read console content from hypervisor buffer ring
  4.1009 -
  4.1010 -\item [\it DOM0\_PINCPUDOMAIN:] pin domain to a particular CPU
  4.1011 -
  4.1012 -\item [\it DOM0\_GETTBUFS:] get information about the size and location of
  4.1013 -                      the trace buffers (only on trace-buffer enabled builds)
  4.1014 -
  4.1015 -\item [\it DOM0\_PHYSINFO:] get information about the host machine
  4.1016 -
  4.1017 -\item [\it DOM0\_PCIDEV\_ACCESS:] modify PCI device access permissions
  4.1018 -
  4.1019 -\item [\it DOM0\_SCHED\_ID:] get the ID of the current Xen scheduler
  4.1020 -
  4.1021 -\item [\it DOM0\_SHADOW\_CONTROL:] switch between shadow page-table modes
  4.1022 -
  4.1023 -\item [\it DOM0\_SETDOMAININITIALMEM:] set initial memory allocation of a domain
  4.1024 -
  4.1025 -\item [\it DOM0\_SETDOMAINMAXMEM:] set maximum memory allocation of a domain
  4.1026 -
  4.1027 -\item [\it DOM0\_SETDOMAINVMASSIST:] set domain VM assist options
  4.1028 -\end{description} 
  4.1029 -\end{quote} 
  4.1030 -
  4.1031 -Most of the above are best understood by looking at the code 
  4.1032 -implementing them (in {\tt xen/common/dom0\_ops.c}) and in 
  4.1033 -the user-space tools that use them (mostly in {\tt tools/libxc}). 
  4.1034 -
  4.1035 -\section{Debugging Hypercalls} 
  4.1036 -
  4.1037 -A few additional hypercalls are mainly useful for debugging: 
  4.1038 -
  4.1039 -\begin{quote} 
  4.1040 -\hypercall{console\_io(int cmd, int count, char *str)}
  4.1041 -
  4.1042 -Use Xen to interact with the console; operations are:
  4.1043 -
  4.1044 -{\it CONSOLEIO\_write}: Output count characters from buffer str.
  4.1045 -
  4.1046 -{\it CONSOLEIO\_read}: Input at most count characters into buffer str.
  4.1047 -\end{quote} 
  4.1048 -
  4.1049 -A pair of hypercalls allows access to the underlying debug registers: 
  4.1050 -\begin{quote}
  4.1051 -\hypercall{set\_debugreg(int reg, unsigned long value)}
  4.1052 -
  4.1053 -Set debug register {\tt reg} to {\tt value} 
  4.1054 -
  4.1055 -\hypercall{get\_debugreg(int reg)}
  4.1056 -
  4.1057 -Return the contents of the debug register {\tt reg}
  4.1058 -\end{quote}
  4.1059 -
  4.1060 -And finally: 
  4.1061 -\begin{quote}
  4.1062 -\hypercall{xen\_version(int cmd)}
  4.1063 -
  4.1064 -Request Xen version number.
  4.1065 -\end{quote} 
  4.1066 -
  4.1067 -This is useful to ensure that user-space tools are in sync 
  4.1068 -with the underlying hypervisor. 
  4.1069 -
  4.1070 -\section{Deprecated Hypercalls}
  4.1071 -
  4.1072 -Xen is under constant development and refinement; as such there 
  4.1073 -are plans to improve the way in which various pieces of functionality 
  4.1074 -are exposed to guest OSes. 
  4.1075 -
  4.1076 -\begin{quote} 
  4.1077 -\hypercall{vm\_assist(unsigned int cmd, unsigned int type)}
  4.1078 -
  4.1079 -Toggle various memory management modes (in particular wrritable page
  4.1080 -tables and superpage support). 
  4.1081 -
  4.1082 -\end{quote} 
  4.1083 -
  4.1084 -This is likely to be replaced with mode values in the shared 
  4.1085 -information page since this is more resilient for resumption 
  4.1086 -after migration or checkpoint. 
  4.1087 -
  4.1088 -
  4.1089 -
  4.1090 -
  4.1091 -
  4.1092 -
  4.1093 +%% chapter hypercalls moved to hypercalls.tex
  4.1094 +\include{src/interface/hypercalls}
  4.1095  
  4.1096  
  4.1097  %% 
  4.1098 @@ -1173,279 +112,9 @@ after migration or checkpoint.
  4.1099  %% new scheduler... not clear how many of them there are...
  4.1100  %%
  4.1101  
  4.1102 -\begin{comment}
  4.1103 -
  4.1104 -\chapter{Scheduling API}  
  4.1105 -
  4.1106 -The scheduling API is used by both the schedulers described above and should
  4.1107 -also be used by any new schedulers.  It provides a generic interface and also
  4.1108 -implements much of the ``boilerplate'' code.
  4.1109 -
  4.1110 -Schedulers conforming to this API are described by the following
  4.1111 -structure:
  4.1112 -
  4.1113 -\begin{verbatim}
  4.1114 -struct scheduler
  4.1115 -{
  4.1116 -    char *name;             /* full name for this scheduler      */
  4.1117 -    char *opt_name;         /* option name for this scheduler    */
  4.1118 -    unsigned int sched_id;  /* ID for this scheduler             */
  4.1119 -
  4.1120 -    int          (*init_scheduler) ();
  4.1121 -    int          (*alloc_task)     (struct task_struct *);
  4.1122 -    void         (*add_task)       (struct task_struct *);
  4.1123 -    void         (*free_task)      (struct task_struct *);
  4.1124 -    void         (*rem_task)       (struct task_struct *);
  4.1125 -    void         (*wake_up)        (struct task_struct *);
  4.1126 -    void         (*do_block)       (struct task_struct *);
  4.1127 -    task_slice_t (*do_schedule)    (s_time_t);
  4.1128 -    int          (*control)        (struct sched_ctl_cmd *);
  4.1129 -    int          (*adjdom)         (struct task_struct *,
  4.1130 -                                    struct sched_adjdom_cmd *);
  4.1131 -    s32          (*reschedule)     (struct task_struct *);
  4.1132 -    void         (*dump_settings)  (void);
  4.1133 -    void         (*dump_cpu_state) (int);
  4.1134 -    void         (*dump_runq_el)   (struct task_struct *);
  4.1135 -};
  4.1136 -\end{verbatim}
  4.1137 -
  4.1138 -The only method that {\em must} be implemented is
  4.1139 -{\tt do\_schedule()}.  However, if there is not some implementation for the
  4.1140 -{\tt wake\_up()} method then waking tasks will not get put on the runqueue!
  4.1141 -
  4.1142 -The fields of the above structure are described in more detail below.
  4.1143 -
  4.1144 -\subsubsection{name}
  4.1145 -
  4.1146 -The name field should point to a descriptive ASCII string.
  4.1147 -
  4.1148 -\subsubsection{opt\_name}
  4.1149 -
  4.1150 -This field is the value of the {\tt sched=} boot-time option that will select
  4.1151 -this scheduler.
  4.1152 -
  4.1153 -\subsubsection{sched\_id}
  4.1154 -
  4.1155 -This is an integer that uniquely identifies this scheduler.  There should be a
  4.1156 -macro corrsponding to this scheduler ID in {\tt <xen/sched-if.h>}.
  4.1157 -
  4.1158 -\subsubsection{init\_scheduler}
  4.1159 -
  4.1160 -\paragraph*{Purpose}
  4.1161 -
  4.1162 -This is a function for performing any scheduler-specific initialisation.  For
  4.1163 -instance, it might allocate memory for per-CPU scheduler data and initialise it
  4.1164 -appropriately.
  4.1165 -
  4.1166 -\paragraph*{Call environment}
  4.1167 -
  4.1168 -This function is called after the initialisation performed by the generic
  4.1169 -layer.  The function is called exactly once, for the scheduler that has been
  4.1170 -selected.
  4.1171 -
  4.1172 -\paragraph*{Return values}
  4.1173 -
  4.1174 -This should return negative on failure --- this will cause an
  4.1175 -immediate panic and the system will fail to boot.
  4.1176 -
  4.1177 -\subsubsection{alloc\_task}
  4.1178 -
  4.1179 -\paragraph*{Purpose}
  4.1180 -Called when a {\tt task\_struct} is allocated by the generic scheduler
  4.1181 -layer.  A particular scheduler implementation may use this method to
  4.1182 -allocate per-task data for this task.  It may use the {\tt
  4.1183 -sched\_priv} pointer in the {\tt task\_struct} to point to this data.
  4.1184 -
  4.1185 -\paragraph*{Call environment}
  4.1186 -The generic layer guarantees that the {\tt sched\_priv} field will
  4.1187 -remain intact from the time this method is called until the task is
  4.1188 -deallocated (so long as the scheduler implementation does not change
  4.1189 -it explicitly!).
  4.1190 -
  4.1191 -\paragraph*{Return values}
  4.1192 -Negative on failure.
  4.1193 -
  4.1194 -\subsubsection{add\_task}
  4.1195 -
  4.1196 -\paragraph*{Purpose}
  4.1197 -
  4.1198 -Called when a task is initially added by the generic layer.
  4.1199 -
  4.1200 -\paragraph*{Call environment}
  4.1201 -
  4.1202 -The fields in the {\tt task\_struct} are now filled out and available for use.
  4.1203 -Schedulers should implement appropriate initialisation of any per-task private
  4.1204 -information in this method.
  4.1205 -
  4.1206 -\subsubsection{free\_task}
  4.1207 -
  4.1208 -\paragraph*{Purpose}
  4.1209 -
  4.1210 -Schedulers should free the space used by any associated private data
  4.1211 -structures.
  4.1212 -
  4.1213 -\paragraph*{Call environment}
  4.1214 -
  4.1215 -This is called when a {\tt task\_struct} is about to be deallocated.
  4.1216 -The generic layer will have done generic task removal operations and
  4.1217 -(if implemented) called the scheduler's {\tt rem\_task} method before
  4.1218 -this method is called.
  4.1219 -
  4.1220 -\subsubsection{rem\_task}
  4.1221 -
  4.1222 -\paragraph*{Purpose}
  4.1223 -
  4.1224 -This is called when a task is being removed from scheduling (but is
  4.1225 -not yet being freed).
  4.1226 -
  4.1227 -\subsubsection{wake\_up}
  4.1228 -
  4.1229 -\paragraph*{Purpose}
  4.1230 -
  4.1231 -Called when a task is woken up, this method should put the task on the runqueue
  4.1232 -(or do the scheduler-specific equivalent action).
  4.1233 -
  4.1234 -\paragraph*{Call environment}
  4.1235 -
  4.1236 -The task is already set to state RUNNING.
  4.1237 -
  4.1238 -\subsubsection{do\_block}
  4.1239 -
  4.1240 -\paragraph*{Purpose}
  4.1241 -
  4.1242 -This function is called when a task is blocked.  This function should
  4.1243 -not remove the task from the runqueue.
  4.1244 -
  4.1245 -\paragraph*{Call environment}
  4.1246 -
  4.1247 -The EVENTS\_MASTER\_ENABLE\_BIT is already set and the task state changed to
  4.1248 -TASK\_INTERRUPTIBLE on entry to this method.  A call to the {\tt
  4.1249 -  do\_schedule} method will be made after this method returns, in
  4.1250 -order to select the next task to run.
  4.1251 -
  4.1252 -\subsubsection{do\_schedule}
  4.1253 -
  4.1254 -This method must be implemented.
  4.1255 -
  4.1256 -\paragraph*{Purpose}
  4.1257 -
  4.1258 -The method is called each time a new task must be chosen for scheduling on the
  4.1259 -current CPU.  The current time as passed as the single argument (the current
  4.1260 -task can be found using the {\tt current} macro).
  4.1261 -
  4.1262 -This method should select the next task to run on this CPU and set it's minimum
  4.1263 -time to run as well as returning the data described below.
  4.1264 -
  4.1265 -This method should also take the appropriate action if the previous
  4.1266 -task has blocked, e.g. removing it from the runqueue.
  4.1267 -
  4.1268 -\paragraph*{Call environment}
  4.1269 -
  4.1270 -The other fields in the {\tt task\_struct} are updated by the generic layer,
  4.1271 -which also performs all Xen-specific tasks and performs the actual task switch
  4.1272 -(unless the previous task has been chosen again).
  4.1273 -
  4.1274 -This method is called with the {\tt schedule\_lock} held for the current CPU
  4.1275 -and local interrupts disabled.
  4.1276 -
  4.1277 -\paragraph*{Return values}
  4.1278 -
  4.1279 -Must return a {\tt struct task\_slice} describing what task to run and how long
  4.1280 -for (at maximum).
  4.1281 -
  4.1282 -\subsubsection{control}
  4.1283 -
  4.1284 -\paragraph*{Purpose}
  4.1285 -
  4.1286 -This method is called for global scheduler control operations.  It takes a
  4.1287 -pointer to a {\tt struct sched\_ctl\_cmd}, which it should either
  4.1288 -source data from or populate with data, depending on the value of the
  4.1289 -{\tt direction} field.
  4.1290 -
  4.1291 -\paragraph*{Call environment}
  4.1292 -
  4.1293 -The generic layer guarantees that when this method is called, the
  4.1294 -caller selected the correct scheduler ID, hence the scheduler's
  4.1295 -implementation does not need to sanity-check these parts of the call.
  4.1296 -
  4.1297 -\paragraph*{Return values}
  4.1298 -
  4.1299 -This function should return the value to be passed back to user space, hence it
  4.1300 -should either be 0 or an appropriate errno value.
  4.1301 -
  4.1302 -\subsubsection{sched\_adjdom}
  4.1303 -
  4.1304 -\paragraph*{Purpose}
  4.1305 -
  4.1306 -This method is called to adjust the scheduling parameters of a particular
  4.1307 -domain, or to query their current values.  The function should check
  4.1308 -the {\tt direction} field of the {\tt sched\_adjdom\_cmd} it receives in
  4.1309 -order to determine which of these operations is being performed.
  4.1310 -
  4.1311 -\paragraph*{Call environment}
  4.1312 -
  4.1313 -The generic layer guarantees that the caller has specified the correct
  4.1314 -control interface version and scheduler ID and that the supplied {\tt
  4.1315 -task\_struct} will not be deallocated during the call (hence it is not
  4.1316 -necessary to {\tt get\_task\_struct}).
  4.1317 -
  4.1318 -\paragraph*{Return values}
  4.1319 -
  4.1320 -This function should return the value to be passed back to user space, hence it
  4.1321 -should either be 0 or an appropriate errno value.
  4.1322 -
  4.1323 -\subsubsection{reschedule}
  4.1324 -
  4.1325 -\paragraph*{Purpose}
  4.1326 -
  4.1327 -This method is called to determine if a reschedule is required as a result of a
  4.1328 -particular task.
  4.1329 -
  4.1330 -\paragraph*{Call environment}
  4.1331 -The generic layer will cause a reschedule if the current domain is the idle
  4.1332 -task or it has exceeded its minimum time slice before a reschedule.  The
  4.1333 -generic layer guarantees that the task passed is not currently running but is
  4.1334 -on the runqueue.
  4.1335 -
  4.1336 -\paragraph*{Return values}
  4.1337 -
  4.1338 -Should return a mask of CPUs to cause a reschedule on.
  4.1339 -
  4.1340 -\subsubsection{dump\_settings}
  4.1341 -
  4.1342 -\paragraph*{Purpose}
  4.1343 -
  4.1344 -If implemented, this should dump any private global settings for this
  4.1345 -scheduler to the console.
  4.1346 -
  4.1347 -\paragraph*{Call environment}
  4.1348 -
  4.1349 -This function is called with interrupts enabled.
  4.1350 -
  4.1351 -\subsubsection{dump\_cpu\_state}
  4.1352 -
  4.1353 -\paragraph*{Purpose}
  4.1354 -
  4.1355 -This method should dump any private settings for the specified CPU.
  4.1356 -
  4.1357 -\paragraph*{Call environment}
  4.1358 -
  4.1359 -This function is called with interrupts disabled and the {\tt schedule\_lock}
  4.1360 -for the specified CPU held.
  4.1361 -
  4.1362 -\subsubsection{dump\_runq\_el}
  4.1363 -
  4.1364 -\paragraph*{Purpose}
  4.1365 -
  4.1366 -This method should dump any private settings for the specified task.
  4.1367 -
  4.1368 -\paragraph*{Call environment}
  4.1369 -
  4.1370 -This function is called with interrupts disabled and the {\tt schedule\_lock}
  4.1371 -for the task's CPU held.
  4.1372 -
  4.1373 -\end{comment} 
  4.1374 -
  4.1375 +%% \include{src/interface/scheduling}
  4.1376 +%% scheduling information moved to scheduling.tex
  4.1377 +%% still commented out
  4.1378  
  4.1379  
  4.1380  
  4.1381 @@ -1457,74 +126,9 @@ for the task's CPU held.
  4.1382  %% (and/or kip's stuff?) and write about that instead? 
  4.1383  %%
  4.1384  
  4.1385 -\begin{comment} 
  4.1386 -
  4.1387 -\chapter{Debugging}
  4.1388 -
  4.1389 -Xen provides tools for debugging both Xen and guest OSes.  Currently, the
  4.1390 -Pervasive Debugger provides a GDB stub, which provides facilities for symbolic
  4.1391 -debugging of Xen itself and of OS kernels running on top of Xen.  The Trace
  4.1392 -Buffer provides a lightweight means to log data about Xen's internal state and
  4.1393 -behaviour at runtime, for later analysis.
  4.1394 -
  4.1395 -\section{Pervasive Debugger}
  4.1396 -
  4.1397 -Information on using the pervasive debugger is available in pdb.txt.
  4.1398 -
  4.1399 -
  4.1400 -\section{Trace Buffer}
  4.1401 -
  4.1402 -The trace buffer provides a means to observe Xen's operation from domain 0.
  4.1403 -Trace events, inserted at key points in Xen's code, record data that can be
  4.1404 -read by the {\tt xentrace} tool.  Recording these events has a low overhead
  4.1405 -and hence the trace buffer may be useful for debugging timing-sensitive
  4.1406 -behaviours.
  4.1407 -
  4.1408 -\subsection{Internal API}
  4.1409 -
  4.1410 -To use the trace buffer functionality from within Xen, you must {\tt \#include
  4.1411 -<xen/trace.h>}, which contains definitions related to the trace buffer.  Trace
  4.1412 -events are inserted into the buffer using the {\tt TRACE\_xD} ({\tt x} = 0, 1,
  4.1413 -2, 3, 4 or 5) macros.  These all take an event number, plus {\tt x} additional
  4.1414 -(32-bit) data as their arguments.  For trace buffer-enabled builds of Xen these
  4.1415 -will insert the event ID and data into the trace buffer, along with the current
  4.1416 -value of the CPU cycle-counter.  For builds without the trace buffer enabled,
  4.1417 -the macros expand to no-ops and thus can be left in place without incurring
  4.1418 -overheads.
  4.1419 -
  4.1420 -\subsection{Trace-enabled builds}
  4.1421 -
  4.1422 -By default, the trace buffer is enabled only in debug builds (i.e. {\tt NDEBUG}
  4.1423 -is not defined).  It can be enabled separately by defining {\tt TRACE\_BUFFER},
  4.1424 -either in {\tt <xen/config.h>} or on the gcc command line.
  4.1425 -
  4.1426 -The size (in pages) of the per-CPU trace buffers can be specified using the
  4.1427 -{\tt tbuf\_size=n } boot parameter to Xen.  If the size is set to 0, the trace
  4.1428 -buffers will be disabled.
  4.1429 -
  4.1430 -\subsection{Dumping trace data}
  4.1431 -
  4.1432 -When running a trace buffer build of Xen, trace data are written continuously
  4.1433 -into the buffer data areas, with newer data overwriting older data.  This data
  4.1434 -can be captured using the {\tt xentrace} program in domain 0.
  4.1435 -
  4.1436 -The {\tt xentrace} tool uses {\tt /dev/mem} in domain 0 to map the trace
  4.1437 -buffers into its address space.  It then periodically polls all the buffers for
  4.1438 -new data, dumping out any new records from each buffer in turn.  As a result,
  4.1439 -for machines with multiple (logical) CPUs, the trace buffer output will not be
  4.1440 -in overall chronological order.
  4.1441 -
  4.1442 -The output from {\tt xentrace} can be post-processed using {\tt
  4.1443 -xentrace\_cpusplit} (used to split trace data out into per-cpu log files) and
  4.1444 -{\tt xentrace\_format} (used to pretty-print trace data).  For the predefined
  4.1445 -trace points, there is an example format file in {\tt tools/xentrace/formats }.
  4.1446 -
  4.1447 -For more information, see the manual pages for {\tt xentrace}, {\tt
  4.1448 -xentrace\_format} and {\tt xentrace\_cpusplit}.
  4.1449 -
  4.1450 -\end{comment} 
  4.1451 -
  4.1452 -
  4.1453 +%% \include{src/interface/debugging}
  4.1454 +%% debugging information moved to debugging.tex
  4.1455 +%% still commented out
  4.1456  
  4.1457  
  4.1458  \end{document}
     5.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     5.2 +++ b/docs/src/interface/architecture.tex	Thu Sep 22 11:42:01 2005 -0600
     5.3 @@ -0,0 +1,140 @@
     5.4 +\chapter{Virtual Architecture}
     5.5 +
     5.6 +On a Xen-based system, the hypervisor itself runs in {\it ring 0}.  It
     5.7 +has full access to the physical memory available in the system and is
     5.8 +responsible for allocating portions of it to the domains.  Guest
     5.9 +operating systems run in and use {\it rings 1}, {\it 2} and {\it 3} as
    5.10 +they see fit. Segmentation is used to prevent the guest OS from
    5.11 +accessing the portion of the address space that is reserved for Xen.
    5.12 +We expect most guest operating systems will use ring 1 for their own
    5.13 +operation and place applications in ring 3.
    5.14 +
    5.15 +In this chapter we consider the basic virtual architecture provided by
    5.16 +Xen: the basic CPU state, exception and interrupt handling, and time.
    5.17 +Other aspects such as memory and device access are discussed in later
    5.18 +chapters.
    5.19 +
    5.20 +
    5.21 +\section{CPU state}
    5.22 +
    5.23 +All privileged state must be handled by Xen.  The guest OS has no
    5.24 +direct access to CR3 and is not permitted to update privileged bits in
    5.25 +EFLAGS. Guest OSes use \emph{hypercalls} to invoke operations in Xen;
    5.26 +these are analogous to system calls but occur from ring 1 to ring 0.
    5.27 +
    5.28 +A list of all hypercalls is given in Appendix~\ref{a:hypercalls}.
    5.29 +
    5.30 +
    5.31 +\section{Exceptions}
    5.32 +
    5.33 +A virtual IDT is provided --- a domain can submit a table of trap
    5.34 +handlers to Xen via the {\tt set\_trap\_table()} hypercall.  Most trap
    5.35 +handlers are identical to native x86 handlers, although the page-fault
    5.36 +handler is somewhat different.
    5.37 +
    5.38 +
    5.39 +\section{Interrupts and events}
    5.40 +
    5.41 +Interrupts are virtualized by mapping them to \emph{events}, which are
    5.42 +delivered asynchronously to the target domain using a callback
    5.43 +supplied via the {\tt set\_callbacks()} hypercall.  A guest OS can map
    5.44 +these events onto its standard interrupt dispatch mechanisms.  Xen is
    5.45 +responsible for determining the target domain that will handle each
    5.46 +physical interrupt source. For more details on the binding of event
    5.47 +sources to events, see Chapter~\ref{c:devices}.
    5.48 +
    5.49 +
    5.50 +\section{Time}
    5.51 +
    5.52 +Guest operating systems need to be aware of the passage of both real
    5.53 +(or wallclock) time and their own `virtual time' (the time for which
    5.54 +they have been executing). Furthermore, Xen has a notion of time which
    5.55 +is used for scheduling. The following notions of time are provided:
    5.56 +
    5.57 +\begin{description}
    5.58 +\item[Cycle counter time.]
    5.59 +
    5.60 +  This provides a fine-grained time reference.  The cycle counter time
    5.61 +  is used to accurately extrapolate the other time references.  On SMP
    5.62 +  machines it is currently assumed that the cycle counter time is
    5.63 +  synchronized between CPUs.  The current x86-based implementation
    5.64 +  achieves this within inter-CPU communication latencies.
    5.65 +
    5.66 +\item[System time.]
    5.67 +
    5.68 +  This is a 64-bit counter which holds the number of nanoseconds that
    5.69 +  have elapsed since system boot.
    5.70 +
    5.71 +\item[Wall clock time.]
    5.72 +
    5.73 +  This is the time of day in a Unix-style {\tt struct timeval}
    5.74 +  (seconds and microseconds since 1 January 1970, adjusted by leap
    5.75 +  seconds).  An NTP client hosted by {\it domain 0} can keep this
    5.76 +  value accurate.
    5.77 +
    5.78 +\item[Domain virtual time.]
    5.79 +
    5.80 +  This progresses at the same pace as system time, but only while a
    5.81 +  domain is executing --- it stops while a domain is de-scheduled.
    5.82 +  Therefore the share of the CPU that a domain receives is indicated
    5.83 +  by the rate at which its virtual time increases.
    5.84 +
    5.85 +\end{description}
    5.86 +
    5.87 +
    5.88 +Xen exports timestamps for system time and wall-clock time to guest
    5.89 +operating systems through a shared page of memory.  Xen also provides
    5.90 +the cycle counter time at the instant the timestamps were calculated,
    5.91 +and the CPU frequency in Hertz.  This allows the guest to extrapolate
    5.92 +system and wall-clock times accurately based on the current cycle
    5.93 +counter time.
    5.94 +
    5.95 +Since all time stamps need to be updated and read \emph{atomically}
    5.96 +two version numbers are also stored in the shared info page. The first
    5.97 +is incremented prior to an update, while the second is only
    5.98 +incremented afterwards. Thus a guest can be sure that it read a
    5.99 +consistent state by checking the two version numbers are equal.
   5.100 +
   5.101 +Xen includes a periodic ticker which sends a timer event to the
   5.102 +currently executing domain every 10ms.  The Xen scheduler also sends a
   5.103 +timer event whenever a domain is scheduled; this allows the guest OS
   5.104 +to adjust for the time that has passed while it has been inactive.  In
   5.105 +addition, Xen allows each domain to request that they receive a timer
   5.106 +event sent at a specified system time by using the {\tt
   5.107 +  set\_timer\_op()} hypercall.  Guest OSes may use this timer to
   5.108 +implement timeout values when they block.
   5.109 +
   5.110 +
   5.111 +
   5.112 +%% % akw: demoting this to a section -- not sure if there is any point
   5.113 +%% % though, maybe just remove it.
   5.114 +
   5.115 +\section{Xen CPU Scheduling}
   5.116 +
   5.117 +Xen offers a uniform API for CPU schedulers.  It is possible to choose
   5.118 +from a number of schedulers at boot and it should be easy to add more.
   5.119 +The BVT, Atropos and Round Robin schedulers are part of the normal Xen
   5.120 +distribution.  BVT provides proportional fair shares of the CPU to the
   5.121 +running domains.  Atropos can be used to reserve absolute shares of
   5.122 +the CPU for each domain.  Round-robin is provided as an example of
   5.123 +Xen's internal scheduler API.
   5.124 +
   5.125 +\paragraph*{Note: SMP host support}
   5.126 +Xen has always supported SMP host systems.  Domains are statically
   5.127 +assigned to CPUs, either at creation time or when manually pinning to
   5.128 +a particular CPU.  The current schedulers then run locally on each CPU
   5.129 +to decide which of the assigned domains should be run there. The
   5.130 +user-level control software can be used to perform coarse-grain
   5.131 +load-balancing between CPUs.
   5.132 +
   5.133 +
   5.134 +%% More information on the characteristics and use of these schedulers
   5.135 +%% is available in {\tt Sched-HOWTO.txt}.
   5.136 +
   5.137 +
   5.138 +\section{Privileged operations}
   5.139 +
   5.140 +Xen exports an extended interface to privileged domains (viz.\ {\it
   5.141 +  Domain 0}). This allows such domains to build and boot other domains
   5.142 +on the server, and provides control interfaces for managing
   5.143 +scheduling, memory, networking, and block devices.
     6.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     6.2 +++ b/docs/src/interface/debugging.tex	Thu Sep 22 11:42:01 2005 -0600
     6.3 @@ -0,0 +1,62 @@
     6.4 +\chapter{Debugging}
     6.5 +
     6.6 +Xen provides tools for debugging both Xen and guest OSes.  Currently, the
     6.7 +Pervasive Debugger provides a GDB stub, which provides facilities for symbolic
     6.8 +debugging of Xen itself and of OS kernels running on top of Xen.  The Trace
     6.9 +Buffer provides a lightweight means to log data about Xen's internal state and
    6.10 +behaviour at runtime, for later analysis.
    6.11 +
    6.12 +\section{Pervasive Debugger}
    6.13 +
    6.14 +Information on using the pervasive debugger is available in pdb.txt.
    6.15 +
    6.16 +
    6.17 +\section{Trace Buffer}
    6.18 +
    6.19 +The trace buffer provides a means to observe Xen's operation from domain 0.
    6.20 +Trace events, inserted at key points in Xen's code, record data that can be
    6.21 +read by the {\tt xentrace} tool.  Recording these events has a low overhead
    6.22 +and hence the trace buffer may be useful for debugging timing-sensitive
    6.23 +behaviours.
    6.24 +
    6.25 +\subsection{Internal API}
    6.26 +
    6.27 +To use the trace buffer functionality from within Xen, you must {\tt \#include
    6.28 +<xen/trace.h>}, which contains definitions related to the trace buffer.  Trace
    6.29 +events are inserted into the buffer using the {\tt TRACE\_xD} ({\tt x} = 0, 1,
    6.30 +2, 3, 4 or 5) macros.  These all take an event number, plus {\tt x} additional
    6.31 +(32-bit) data as their arguments.  For trace buffer-enabled builds of Xen these
    6.32 +will insert the event ID and data into the trace buffer, along with the current
    6.33 +value of the CPU cycle-counter.  For builds without the trace buffer enabled,
    6.34 +the macros expand to no-ops and thus can be left in place without incurring
    6.35 +overheads.
    6.36 +
    6.37 +\subsection{Trace-enabled builds}
    6.38 +
    6.39 +By default, the trace buffer is enabled only in debug builds (i.e. {\tt NDEBUG}
    6.40 +is not defined).  It can be enabled separately by defining {\tt TRACE\_BUFFER},
    6.41 +either in {\tt <xen/config.h>} or on the gcc command line.
    6.42 +
    6.43 +The size (in pages) of the per-CPU trace buffers can be specified using the
    6.44 +{\tt tbuf\_size=n } boot parameter to Xen.  If the size is set to 0, the trace
    6.45 +buffers will be disabled.
    6.46 +
    6.47 +\subsection{Dumping trace data}
    6.48 +
    6.49 +When running a trace buffer build of Xen, trace data are written continuously
    6.50 +into the buffer data areas, with newer data overwriting older data.  This data
    6.51 +can be captured using the {\tt xentrace} program in domain 0.
    6.52 +
    6.53 +The {\tt xentrace} tool uses {\tt /dev/mem} in domain 0 to map the trace
    6.54 +buffers into its address space.  It then periodically polls all the buffers for
    6.55 +new data, dumping out any new records from each buffer in turn.  As a result,
    6.56 +for machines with multiple (logical) CPUs, the trace buffer output will not be
    6.57 +in overall chronological order.
    6.58 +
    6.59 +The output from {\tt xentrace} can be post-processed using {\tt
    6.60 +xentrace\_cpusplit} (used to split trace data out into per-cpu log files) and
    6.61 +{\tt xentrace\_format} (used to pretty-print trace data).  For the predefined
    6.62 +trace points, there is an example format file in {\tt tools/xentrace/formats }.
    6.63 +
    6.64 +For more information, see the manual pages for {\tt xentrace}, {\tt
    6.65 +xentrace\_format} and {\tt xentrace\_cpusplit}.
     7.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     7.2 +++ b/docs/src/interface/devices.tex	Thu Sep 22 11:42:01 2005 -0600
     7.3 @@ -0,0 +1,178 @@
     7.4 +\chapter{Devices}
     7.5 +\label{c:devices}
     7.6 +
     7.7 +Devices such as network and disk are exported to guests using a split
     7.8 +device driver.  The device driver domain, which accesses the physical
     7.9 +device directly also runs a \emph{backend} driver, serving requests to
    7.10 +that device from guests.  Each guest will use a simple \emph{frontend}
    7.11 +driver, to access the backend.  Communication between these domains is
    7.12 +composed of two parts: First, data is placed onto a shared memory page
    7.13 +between the domains.  Second, an event channel between the two domains
    7.14 +is used to pass notification that data is outstanding.  This
    7.15 +separation of notification from data transfer allows message batching,
    7.16 +and results in very efficient device access.
    7.17 +
    7.18 +Event channels are used extensively in device virtualization; each
    7.19 +domain has a number of end-points or \emph{ports} each of which may be
    7.20 +bound to one of the following \emph{event sources}:
    7.21 +\begin{itemize}
    7.22 +  \item a physical interrupt from a real device, 
    7.23 +  \item a virtual interrupt (callback) from Xen, or 
    7.24 +  \item a signal from another domain 
    7.25 +\end{itemize}
    7.26 +
    7.27 +Events are lightweight and do not carry much information beyond the
    7.28 +source of the notification. Hence when performing bulk data transfer,
    7.29 +events are typically used as synchronization primitives over a shared
    7.30 +memory transport. Event channels are managed via the {\tt
    7.31 +  event\_channel\_op()} hypercall; for more details see
    7.32 +Section~\ref{s:idc}.
    7.33 +
    7.34 +This chapter focuses on some individual device interfaces available to
    7.35 +Xen guests.
    7.36 +
    7.37 +
    7.38 +\section{Network I/O}
    7.39 +
    7.40 +Virtual network device services are provided by shared memory
    7.41 +communication with a backend domain.  From the point of view of other
    7.42 +domains, the backend may be viewed as a virtual ethernet switch
    7.43 +element with each domain having one or more virtual network interfaces
    7.44 +connected to it.
    7.45 +
    7.46 +\subsection{Backend Packet Handling}
    7.47 +
    7.48 +The backend driver is responsible for a variety of actions relating to
    7.49 +the transmission and reception of packets from the physical device.
    7.50 +With regard to transmission, the backend performs these key actions:
    7.51 +
    7.52 +\begin{itemize}
    7.53 +\item {\bf Validation:} To ensure that domains do not attempt to
    7.54 +  generate invalid (e.g. spoofed) traffic, the backend driver may
    7.55 +  validate headers ensuring that source MAC and IP addresses match the
    7.56 +  interface that they have been sent from.
    7.57 +
    7.58 +  Validation functions can be configured using standard firewall rules
    7.59 +  ({\small{\tt iptables}} in the case of Linux).
    7.60 +  
    7.61 +\item {\bf Scheduling:} Since a number of domains can share a single
    7.62 +  physical network interface, the backend must mediate access when
    7.63 +  several domains each have packets queued for transmission.  This
    7.64 +  general scheduling function subsumes basic shaping or rate-limiting
    7.65 +  schemes.
    7.66 +  
    7.67 +\item {\bf Logging and Accounting:} The backend domain can be
    7.68 +  configured with classifier rules that control how packets are
    7.69 +  accounted or logged.  For example, log messages might be generated
    7.70 +  whenever a domain attempts to send a TCP packet containing a SYN.
    7.71 +\end{itemize}
    7.72 +
    7.73 +On receipt of incoming packets, the backend acts as a simple
    7.74 +demultiplexer: Packets are passed to the appropriate virtual interface
    7.75 +after any necessary logging and accounting have been carried out.
    7.76 +
    7.77 +\subsection{Data Transfer}
    7.78 +
    7.79 +Each virtual interface uses two ``descriptor rings'', one for
    7.80 +transmit, the other for receive.  Each descriptor identifies a block
    7.81 +of contiguous physical memory allocated to the domain.
    7.82 +
    7.83 +The transmit ring carries packets to transmit from the guest to the
    7.84 +backend domain.  The return path of the transmit ring carries messages
    7.85 +indicating that the contents have been physically transmitted and the
    7.86 +backend no longer requires the associated pages of memory.
    7.87 +
    7.88 +To receive packets, the guest places descriptors of unused pages on
    7.89 +the receive ring.  The backend will return received packets by
    7.90 +exchanging these pages in the domain's memory with new pages
    7.91 +containing the received data, and passing back descriptors regarding
    7.92 +the new packets on the ring.  This zero-copy approach allows the
    7.93 +backend to maintain a pool of free pages to receive packets into, and
    7.94 +then deliver them to appropriate domains after examining their
    7.95 +headers.
    7.96 +
    7.97 +% Real physical addresses are used throughout, with the domain
    7.98 +% performing translation from pseudo-physical addresses if that is
    7.99 +% necessary.
   7.100 +
   7.101 +If a domain does not keep its receive ring stocked with empty buffers
   7.102 +then packets destined to it may be dropped.  This provides some
   7.103 +defence against receive livelock problems because an overload domain
   7.104 +will cease to receive further data.  Similarly, on the transmit path,
   7.105 +it provides the application with feedback on the rate at which packets
   7.106 +are able to leave the system.
   7.107 +
   7.108 +Flow control on rings is achieved by including a pair of producer
   7.109 +indexes on the shared ring page.  Each side will maintain a private
   7.110 +consumer index indicating the next outstanding message.  In this
   7.111 +manner, the domains cooperate to divide the ring into two message
   7.112 +lists, one in each direction.  Notification is decoupled from the
   7.113 +immediate placement of new messages on the ring; the event channel
   7.114 +will be used to generate notification when {\em either} a certain
   7.115 +number of outstanding messages are queued, {\em or} a specified number
   7.116 +of nanoseconds have elapsed since the oldest message was placed on the
   7.117 +ring.
   7.118 +
   7.119 +%% Not sure if my version is any better -- here is what was here
   7.120 +%% before: Synchronization between the backend domain and the guest is
   7.121 +%% achieved using counters held in shared memory that is accessible to
   7.122 +%% both.  Each ring has associated producer and consumer indices
   7.123 +%% indicating the area in the ring that holds descriptors that contain
   7.124 +%% data.  After receiving {\it n} packets or {\t nanoseconds} after
   7.125 +%% receiving the first packet, the hypervisor sends an event to the
   7.126 +%% domain.
   7.127 +
   7.128 +
   7.129 +\section{Block I/O}
   7.130 +
   7.131 +All guest OS disk access goes through the virtual block device VBD
   7.132 +interface.  This interface allows domains access to portions of block
   7.133 +storage devices visible to the the block backend device.  The VBD
   7.134 +interface is a split driver, similar to the network interface
   7.135 +described above.  A single shared memory ring is used between the
   7.136 +frontend and backend drivers, across which read and write messages are
   7.137 +sent.
   7.138 +
   7.139 +Any block device accessible to the backend domain, including
   7.140 +network-based block (iSCSI, *NBD, etc), loopback and LVM/MD devices,
   7.141 +can be exported as a VBD.  Each VBD is mapped to a device node in the
   7.142 +guest, specified in the guest's startup configuration.
   7.143 +
   7.144 +Old (Xen 1.2) virtual disks are not supported under Xen 2.0, since
   7.145 +similar functionality can be achieved using the more complete LVM
   7.146 +system, which is already in widespread use.
   7.147 +
   7.148 +\subsection{Data Transfer}
   7.149 +
   7.150 +The single ring between the guest and the block backend supports three
   7.151 +messages:
   7.152 +
   7.153 +\begin{description}
   7.154 +\item [{\small {\tt PROBE}}:] Return a list of the VBDs available to
   7.155 +  this guest from the backend.  The request includes a descriptor of a
   7.156 +  free page into which the reply will be written by the backend.
   7.157 +
   7.158 +\item [{\small {\tt READ}}:] Read data from the specified block
   7.159 +  device.  The front end identifies the device and location to read
   7.160 +  from and attaches pages for the data to be copied to (typically via
   7.161 +  DMA from the device).  The backend acknowledges completed read
   7.162 +  requests as they finish.
   7.163 +
   7.164 +\item [{\small {\tt WRITE}}:] Write data to the specified block
   7.165 +  device.  This functions essentially as {\small {\tt READ}}, except
   7.166 +  that the data moves to the device instead of from it.
   7.167 +\end{description}
   7.168 +
   7.169 +%% um... some old text: In overview, the same style of descriptor-ring
   7.170 +%% that is used for network packets is used here.  Each domain has one
   7.171 +%% ring that carries operation requests to the hypervisor and carries
   7.172 +%% the results back again.
   7.173 +
   7.174 +%% Rather than copying data, the backend simply maps the domain's
   7.175 +%% buffers in order to enable direct DMA to them.  The act of mapping
   7.176 +%% the buffers also increases the reference counts of the underlying
   7.177 +%% pages, so that the unprivileged domain cannot try to return them to
   7.178 +%% the hypervisor, install them as page tables, or any other unsafe
   7.179 +%% behaviour.
   7.180 +%%
   7.181 +%% % block API here
     8.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     8.2 +++ b/docs/src/interface/further_info.tex	Thu Sep 22 11:42:01 2005 -0600
     8.3 @@ -0,0 +1,49 @@
     8.4 +\chapter{Further Information}
     8.5 +
     8.6 +If you have questions that are not answered by this manual, the
     8.7 +sources of information listed below may be of interest to you.  Note
     8.8 +that bug reports, suggestions and contributions related to the
     8.9 +software (or the documentation) should be sent to the Xen developers'
    8.10 +mailing list (address below).
    8.11 +
    8.12 +
    8.13 +\section{Other documentation}
    8.14 +
    8.15 +If you are mainly interested in using (rather than developing for)
    8.16 +Xen, the \emph{Xen Users' Manual} is distributed in the {\tt docs/}
    8.17 +directory of the Xen source distribution.
    8.18 +
    8.19 +% Various HOWTOs are also available in {\tt docs/HOWTOS}.
    8.20 +
    8.21 +
    8.22 +\section{Online references}
    8.23 +
    8.24 +The official Xen web site is found at:
    8.25 +\begin{quote}
    8.26 +{\tt http://www.cl.cam.ac.uk/Research/SRG/netos/xen/}
    8.27 +\end{quote}
    8.28 +
    8.29 +This contains links to the latest versions of all on-line
    8.30 +documentation.
    8.31 +
    8.32 +
    8.33 +\section{Mailing lists}
    8.34 +
    8.35 +There are currently four official Xen mailing lists:
    8.36 +
    8.37 +\begin{description}
    8.38 +\item[xen-devel@lists.xensource.com] Used for development
    8.39 +  discussions and bug reports.  Subscribe at: \\
    8.40 +  {\small {\tt http://lists.xensource.com/xen-devel}}
    8.41 +\item[xen-users@lists.xensource.com] Used for installation and usage
    8.42 +  discussions and requests for help.  Subscribe at: \\
    8.43 +  {\small {\tt http://lists.xensource.com/xen-users}}
    8.44 +\item[xen-announce@lists.xensource.com] Used for announcements only.
    8.45 +  Subscribe at: \\
    8.46 +  {\small {\tt http://lists.xensource.com/xen-announce}}
    8.47 +\item[xen-changelog@lists.xensource.com] Changelog feed
    8.48 +  from the unstable and 2.0 trees - developer oriented.  Subscribe at: \\
    8.49 +  {\small {\tt http://lists.xensource.com/xen-changelog}}
    8.50 +\end{description}
    8.51 +
    8.52 +Of these, xen-devel is the most active.
     9.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     9.2 +++ b/docs/src/interface/hypercalls.tex	Thu Sep 22 11:42:01 2005 -0600
     9.3 @@ -0,0 +1,524 @@
     9.4 +
     9.5 +\newcommand{\hypercall}[1]{\vspace{2mm}{\sf #1}}
     9.6 +
     9.7 +\chapter{Xen Hypercalls}
     9.8 +\label{a:hypercalls}
     9.9 +
    9.10 +Hypercalls represent the procedural interface to Xen; this appendix 
    9.11 +categorizes and describes the current set of hypercalls. 
    9.12 +
    9.13 +\section{Invoking Hypercalls} 
    9.14 +
    9.15 +Hypercalls are invoked in a manner analogous to system calls in a
    9.16 +conventional operating system; a software interrupt is issued which
    9.17 +vectors to an entry point within Xen. On x86\_32 machines the
    9.18 +instruction required is {\tt int \$82}; the (real) IDT is setup so
    9.19 +that this may only be issued from within ring 1. The particular 
    9.20 +hypercall to be invoked is contained in {\tt EAX} --- a list 
    9.21 +mapping these values to symbolic hypercall names can be found 
    9.22 +in {\tt xen/include/public/xen.h}. 
    9.23 +
    9.24 +On some occasions a set of hypercalls will be required to carry
    9.25 +out a higher-level function; a good example is when a guest 
    9.26 +operating wishes to context switch to a new process which 
    9.27 +requires updating various privileged CPU state. As an optimization
    9.28 +for these cases, there is a generic mechanism to issue a set of 
    9.29 +hypercalls as a batch: 
    9.30 +
    9.31 +\begin{quote}
    9.32 +\hypercall{multicall(void *call\_list, int nr\_calls)}
    9.33 +
    9.34 +Execute a series of hypervisor calls; {\tt nr\_calls} is the length of
    9.35 +the array of {\tt multicall\_entry\_t} structures pointed to be {\tt
    9.36 +call\_list}. Each entry contains the hypercall operation code followed
    9.37 +by up to 7 word-sized arguments.
    9.38 +\end{quote}
    9.39 +
    9.40 +Note that multicalls are provided purely as an optimization; there is
    9.41 +no requirement to use them when first porting a guest operating
    9.42 +system.
    9.43 +
    9.44 +
    9.45 +\section{Virtual CPU Setup} 
    9.46 +
    9.47 +At start of day, a guest operating system needs to setup the virtual
    9.48 +CPU it is executing on. This includes installing vectors for the
    9.49 +virtual IDT so that the guest OS can handle interrupts, page faults,
    9.50 +etc. However the very first thing a guest OS must setup is a pair 
    9.51 +of hypervisor callbacks: these are the entry points which Xen will
    9.52 +use when it wishes to notify the guest OS of an occurrence. 
    9.53 +
    9.54 +\begin{quote}
    9.55 +\hypercall{set\_callbacks(unsigned long event\_selector, unsigned long
    9.56 +  event\_address, unsigned long failsafe\_selector, unsigned long
    9.57 +  failsafe\_address) }
    9.58 +
    9.59 +Register the normal (``event'') and failsafe callbacks for 
    9.60 +event processing. In each case the code segment selector and 
    9.61 +address within that segment are provided. The selectors must
    9.62 +have RPL 1; in XenLinux we simply use the kernel's CS for both 
    9.63 +{\tt event\_selector} and {\tt failsafe\_selector}.
    9.64 +
    9.65 +The value {\tt event\_address} specifies the address of the guest OSes
    9.66 +event handling and dispatch routine; the {\tt failsafe\_address}
    9.67 +specifies a separate entry point which is used only if a fault occurs
    9.68 +when Xen attempts to use the normal callback. 
    9.69 +\end{quote} 
    9.70 +
    9.71 +
    9.72 +After installing the hypervisor callbacks, the guest OS can 
    9.73 +install a `virtual IDT' by using the following hypercall: 
    9.74 +
    9.75 +\begin{quote} 
    9.76 +\hypercall{set\_trap\_table(trap\_info\_t *table)} 
    9.77 +
    9.78 +Install one or more entries into the per-domain 
    9.79 +trap handler table (essentially a software version of the IDT). 
    9.80 +Each entry in the array pointed to by {\tt table} includes the 
    9.81 +exception vector number with the corresponding segment selector 
    9.82 +and entry point. Most guest OSes can use the same handlers on 
    9.83 +Xen as when running on the real hardware; an exception is the 
    9.84 +page fault handler (exception vector 14) where a modified 
    9.85 +stack-frame layout is used. 
    9.86 +
    9.87 +
    9.88 +\end{quote} 
    9.89 +
    9.90 +
    9.91 +
    9.92 +\section{Scheduling and Timer}
    9.93 +
    9.94 +Domains are preemptively scheduled by Xen according to the 
    9.95 +parameters installed by domain 0 (see Section~\ref{s:dom0ops}). 
    9.96 +In addition, however, a domain may choose to explicitly 
    9.97 +control certain behavior with the following hypercall: 
    9.98 +
    9.99 +\begin{quote} 
   9.100 +\hypercall{sched\_op(unsigned long op)} 
   9.101 +
   9.102 +Request scheduling operation from hypervisor. The options are: {\it
   9.103 +yield}, {\it block}, and {\it shutdown}.  {\it yield} keeps the
   9.104 +calling domain runnable but may cause a reschedule if other domains
   9.105 +are runnable.  {\it block} removes the calling domain from the run
   9.106 +queue and cause is to sleeps until an event is delivered to it.  {\it
   9.107 +shutdown} is used to end the domain's execution; the caller can
   9.108 +additionally specify whether the domain should reboot, halt or
   9.109 +suspend.
   9.110 +\end{quote} 
   9.111 +
   9.112 +To aid the implementation of a process scheduler within a guest OS,
   9.113 +Xen provides a virtual programmable timer:
   9.114 +
   9.115 +\begin{quote}
   9.116 +\hypercall{set\_timer\_op(uint64\_t timeout)} 
   9.117 +
   9.118 +Request a timer event to be sent at the specified system time (time 
   9.119 +in nanoseconds since system boot). The hypercall actually passes the 
   9.120 +64-bit timeout value as a pair of 32-bit values. 
   9.121 +
   9.122 +\end{quote} 
   9.123 +
   9.124 +Note that calling {\tt set\_timer\_op()} prior to {\tt sched\_op} 
   9.125 +allows block-with-timeout semantics. 
   9.126 +
   9.127 +
   9.128 +\section{Page Table Management} 
   9.129 +
   9.130 +Since guest operating systems have read-only access to their page 
   9.131 +tables, Xen must be involved when making any changes. The following
   9.132 +multi-purpose hypercall can be used to modify page-table entries, 
   9.133 +update the machine-to-physical mapping table, flush the TLB, install 
   9.134 +a new page-table base pointer, and more.
   9.135 +
   9.136 +\begin{quote} 
   9.137 +\hypercall{mmu\_update(mmu\_update\_t *req, int count, int *success\_count)} 
   9.138 +
   9.139 +Update the page table for the domain; a set of {\tt count} updates are
   9.140 +submitted for processing in a batch, with {\tt success\_count} being 
   9.141 +updated to report the number of successful updates.  
   9.142 +
   9.143 +Each element of {\tt req[]} contains a pointer (address) and value; 
   9.144 +the least significant 2-bits of the pointer are used to distinguish 
   9.145 +the type of update requested as follows:
   9.146 +\begin{description} 
   9.147 +
   9.148 +\item[\it MMU\_NORMAL\_PT\_UPDATE:] update a page directory entry or
   9.149 +page table entry to the associated value; Xen will check that the
   9.150 +update is safe, as described in Chapter~\ref{c:memory}.
   9.151 +
   9.152 +\item[\it MMU\_MACHPHYS\_UPDATE:] update an entry in the
   9.153 +  machine-to-physical table. The calling domain must own the machine
   9.154 +  page in question (or be privileged).
   9.155 +
   9.156 +\item[\it MMU\_EXTENDED\_COMMAND:] perform additional MMU operations.
   9.157 +The set of additional MMU operations is considerable, and includes
   9.158 +updating {\tt cr3} (or just re-installing it for a TLB flush),
   9.159 +flushing the cache, installing a new LDT, or pinning \& unpinning
   9.160 +page-table pages (to ensure their reference count doesn't drop to zero
   9.161 +which would require a revalidation of all entries).
   9.162 +
   9.163 +Further extended commands are used to deal with granting and 
   9.164 +acquiring page ownership; see Section~\ref{s:idc}. 
   9.165 +
   9.166 +
   9.167 +\end{description}
   9.168 +
   9.169 +More details on the precise format of all commands can be 
   9.170 +found in {\tt xen/include/public/xen.h}. 
   9.171 +
   9.172 +
   9.173 +\end{quote}
   9.174 +
   9.175 +Explicitly updating batches of page table entries is extremely
   9.176 +efficient, but can require a number of alterations to the guest
   9.177 +OS. Using the writable page table mode (Chapter~\ref{c:memory}) is
   9.178 +recommended for new OS ports.
   9.179 +
   9.180 +Regardless of which page table update mode is being used, however,
   9.181 +there are some occasions (notably handling a demand page fault) where
   9.182 +a guest OS will wish to modify exactly one PTE rather than a
   9.183 +batch. This is catered for by the following:
   9.184 +
   9.185 +\begin{quote} 
   9.186 +\hypercall{update\_va\_mapping(unsigned long page\_nr, unsigned long
   9.187 +val, \\ unsigned long flags)}
   9.188 +
   9.189 +Update the currently installed PTE for the page {\tt page\_nr} to 
   9.190 +{\tt val}. As with {\tt mmu\_update()}, Xen checks the modification 
   9.191 +is safe before applying it. The {\tt flags} determine which kind
   9.192 +of TLB flush, if any, should follow the update. 
   9.193 +
   9.194 +\end{quote} 
   9.195 +
   9.196 +Finally, sufficiently privileged domains may occasionally wish to manipulate 
   9.197 +the pages of others: 
   9.198 +\begin{quote}
   9.199 +
   9.200 +\hypercall{update\_va\_mapping\_otherdomain(unsigned long page\_nr,
   9.201 +unsigned long val, unsigned long flags, uint16\_t domid)}
   9.202 +
   9.203 +Identical to {\tt update\_va\_mapping()} save that the pages being
   9.204 +mapped must belong to the domain {\tt domid}. 
   9.205 +
   9.206 +\end{quote}
   9.207 +
   9.208 +This privileged operation is currently used by backend virtual device
   9.209 +drivers to safely map pages containing I/O data. 
   9.210 +
   9.211 +
   9.212 +
   9.213 +\section{Segmentation Support}
   9.214 +
   9.215 +Xen allows guest OSes to install a custom GDT if they require it; 
   9.216 +this is context switched transparently whenever a domain is 
   9.217 +[de]scheduled.  The following hypercall is effectively a 
   9.218 +`safe' version of {\tt lgdt}: 
   9.219 +
   9.220 +\begin{quote}
   9.221 +\hypercall{set\_gdt(unsigned long *frame\_list, int entries)} 
   9.222 +
   9.223 +Install a global descriptor table for a domain; {\tt frame\_list} is
   9.224 +an array of up to 16 machine page frames within which the GDT resides,
   9.225 +with {\tt entries} being the actual number of descriptor-entry
   9.226 +slots. All page frames must be mapped read-only within the guest's
   9.227 +address space, and the table must be large enough to contain Xen's
   9.228 +reserved entries (see {\tt xen/include/public/arch-x86\_32.h}).
   9.229 +
   9.230 +\end{quote}
   9.231 +
   9.232 +Many guest OSes will also wish to install LDTs; this is achieved by
   9.233 +using {\tt mmu\_update()} with an extended command, passing the
   9.234 +linear address of the LDT base along with the number of entries. No
   9.235 +special safety checks are required; Xen needs to perform this task
   9.236 +simply since {\tt lldt} requires CPL 0.
   9.237 +
   9.238 +
   9.239 +Xen also allows guest operating systems to update just an 
   9.240 +individual segment descriptor in the GDT or LDT:  
   9.241 +
   9.242 +\begin{quote}
   9.243 +\hypercall{update\_descriptor(unsigned long ma, unsigned long word1,
   9.244 +unsigned long word2)}
   9.245 +
   9.246 +Update the GDT/LDT entry at machine address {\tt ma}; the new
   9.247 +8-byte descriptor is stored in {\tt word1} and {\tt word2}.
   9.248 +Xen performs a number of checks to ensure the descriptor is 
   9.249 +valid. 
   9.250 +
   9.251 +\end{quote}
   9.252 +
   9.253 +Guest OSes can use the above in place of context switching entire 
   9.254 +LDTs (or the GDT) when the number of changing descriptors is small. 
   9.255 +
   9.256 +\section{Context Switching} 
   9.257 +
   9.258 +When a guest OS wishes to context switch between two processes, 
   9.259 +it can use the page table and segmentation hypercalls described
   9.260 +above to perform the the bulk of the privileged work. In addition, 
   9.261 +however, it will need to invoke Xen to switch the kernel (ring 1) 
   9.262 +stack pointer: 
   9.263 +
   9.264 +\begin{quote} 
   9.265 +\hypercall{stack\_switch(unsigned long ss, unsigned long esp)} 
   9.266 +
   9.267 +Request kernel stack switch from hypervisor; {\tt ss} is the new 
   9.268 +stack segment, which {\tt esp} is the new stack pointer. 
   9.269 +
   9.270 +\end{quote} 
   9.271 +
   9.272 +A final useful hypercall for context switching allows ``lazy'' 
   9.273 +save and restore of floating point state: 
   9.274 +
   9.275 +\begin{quote}
   9.276 +\hypercall{fpu\_taskswitch(void)} 
   9.277 +
   9.278 +This call instructs Xen to set the {\tt TS} bit in the {\tt cr0}
   9.279 +control register; this means that the next attempt to use floating
   9.280 +point will cause a trap which the guest OS can trap. Typically it will
   9.281 +then save/restore the FP state, and clear the {\tt TS} bit. 
   9.282 +\end{quote} 
   9.283 +
   9.284 +This is provided as an optimization only; guest OSes can also choose
   9.285 +to save and restore FP state on all context switches for simplicity. 
   9.286 +
   9.287 +
   9.288 +\section{Physical Memory Management}
   9.289 +
   9.290 +As mentioned previously, each domain has a maximum and current 
   9.291 +memory allocation. The maximum allocation, set at domain creation 
   9.292 +time, cannot be modified. However a domain can choose to reduce 
   9.293 +and subsequently grow its current allocation by using the
   9.294 +following call: 
   9.295 +
   9.296 +\begin{quote} 
   9.297 +\hypercall{dom\_mem\_op(unsigned int op, unsigned long *extent\_list,
   9.298 +  unsigned long nr\_extents, unsigned int extent\_order)}
   9.299 +
   9.300 +Increase or decrease current memory allocation (as determined by 
   9.301 +the value of {\tt op}). Each invocation provides a list of 
   9.302 +extents each of which is $2^s$ pages in size, 
   9.303 +where $s$ is the value of {\tt extent\_order}. 
   9.304 +
   9.305 +\end{quote} 
   9.306 +
   9.307 +In addition to simply reducing or increasing the current memory
   9.308 +allocation via a `balloon driver', this call is also useful for 
   9.309 +obtaining contiguous regions of machine memory when required (e.g. 
   9.310 +for certain PCI devices, or if using superpages).  
   9.311 +
   9.312 +
   9.313 +\section{Inter-Domain Communication}
   9.314 +\label{s:idc} 
   9.315 +
   9.316 +Xen provides a simple asynchronous notification mechanism via
   9.317 +\emph{event channels}. Each domain has a set of end-points (or
   9.318 +\emph{ports}) which may be bound to an event source (e.g. a physical
   9.319 +IRQ, a virtual IRQ, or an port in another domain). When a pair of
   9.320 +end-points in two different domains are bound together, then a `send'
   9.321 +operation on one will cause an event to be received by the destination
   9.322 +domain.
   9.323 +
   9.324 +The control and use of event channels involves the following hypercall: 
   9.325 +
   9.326 +\begin{quote}
   9.327 +\hypercall{event\_channel\_op(evtchn\_op\_t *op)} 
   9.328 +
   9.329 +Inter-domain event-channel management; {\tt op} is a discriminated 
   9.330 +union which allows the following 7 operations: 
   9.331 +
   9.332 +\begin{description} 
   9.333 +
   9.334 +\item[\it alloc\_unbound:] allocate a free (unbound) local
   9.335 +  port and prepare for connection from a specified domain. 
   9.336 +\item[\it bind\_virq:] bind a local port to a virtual 
   9.337 +IRQ; any particular VIRQ can be bound to at most one port per domain. 
   9.338 +\item[\it bind\_pirq:] bind a local port to a physical IRQ;
   9.339 +once more, a given pIRQ can be bound to at most one port per
   9.340 +domain. Furthermore the calling domain must be sufficiently
   9.341 +privileged.
   9.342 +\item[\it bind\_interdomain:] construct an interdomain event 
   9.343 +channel; in general, the target domain must have previously allocated 
   9.344 +an unbound port for this channel, although this can be bypassed by 
   9.345 +privileged domains during domain setup. 
   9.346 +\item[\it close:] close an interdomain event channel. 
   9.347 +\item[\it send:] send an event to the remote end of a 
   9.348 +interdomain event channel. 
   9.349 +\item[\it status:] determine the current status of a local port. 
   9.350 +\end{description} 
   9.351 +
   9.352 +For more details see
   9.353 +{\tt xen/include/public/event\_channel.h}. 
   9.354 +
   9.355 +\end{quote} 
   9.356 +
   9.357 +Event channels are the fundamental communication primitive between 
   9.358 +Xen domains and seamlessly support SMP. However they provide little
   9.359 +bandwidth for communication {\sl per se}, and hence are typically 
   9.360 +married with a piece of shared memory to produce effective and 
   9.361 +high-performance inter-domain communication. 
   9.362 +
   9.363 +Safe sharing of memory pages between guest OSes is carried out by
   9.364 +granting access on a per page basis to individual domains. This is
   9.365 +achieved by using the {\tt grant\_table\_op()} hypercall.
   9.366 +
   9.367 +\begin{quote}
   9.368 +\hypercall{grant\_table\_op(unsigned int cmd, void *uop, unsigned int count)}
   9.369 +
   9.370 +Grant or remove access to a particular page to a particular domain. 
   9.371 +
   9.372 +\end{quote} 
   9.373 +
   9.374 +This is not currently widely in use by guest operating systems, but 
   9.375 +we intend to integrate support more fully in the near future. 
   9.376 +
   9.377 +\section{PCI Configuration} 
   9.378 +
   9.379 +Domains with physical device access (i.e.\ driver domains) receive
   9.380 +limited access to certain PCI devices (bus address space and
   9.381 +interrupts). However many guest operating systems attempt to 
   9.382 +determine the PCI configuration by directly access the PCI BIOS, 
   9.383 +which cannot be allowed for safety. 
   9.384 +
   9.385 +Instead, Xen provides the following hypercall: 
   9.386 +
   9.387 +\begin{quote}
   9.388 +\hypercall{physdev\_op(void *physdev\_op)}
   9.389 +
   9.390 +Perform a PCI configuration option; depending on the value 
   9.391 +of {\tt physdev\_op} this can be a PCI config read, a PCI config 
   9.392 +write, or a small number of other queries. 
   9.393 +
   9.394 +\end{quote} 
   9.395 +
   9.396 +
   9.397 +For examples of using {\tt physdev\_op()}, see the 
   9.398 +Xen-specific PCI code in the linux sparse tree. 
   9.399 +
   9.400 +\section{Administrative Operations}
   9.401 +\label{s:dom0ops}
   9.402 +
   9.403 +A large number of control operations are available to a sufficiently
   9.404 +privileged domain (typically domain 0). These allow the creation and
   9.405 +management of new domains, for example. A complete list is given 
   9.406 +below: for more details on any or all of these, please see 
   9.407 +{\tt xen/include/public/dom0\_ops.h} 
   9.408 +
   9.409 +
   9.410 +\begin{quote}
   9.411 +\hypercall{dom0\_op(dom0\_op\_t *op)} 
   9.412 +
   9.413 +Administrative domain operations for domain management. The options are:
   9.414 +
   9.415 +\begin{description} 
   9.416 +\item [\it DOM0\_CREATEDOMAIN:] create a new domain
   9.417 +
   9.418 +\item [\it DOM0\_PAUSEDOMAIN:] remove a domain from the scheduler run 
   9.419 +queue. 
   9.420 +
   9.421 +\item [\it DOM0\_UNPAUSEDOMAIN:] mark a paused domain as schedulable
   9.422 +  once again. 
   9.423 +
   9.424 +\item [\it DOM0\_DESTROYDOMAIN:] deallocate all resources associated
   9.425 +with a domain
   9.426 +
   9.427 +\item [\it DOM0\_GETMEMLIST:] get list of pages used by the domain
   9.428 +
   9.429 +\item [\it DOM0\_SCHEDCTL:]
   9.430 +
   9.431 +\item [\it DOM0\_ADJUSTDOM:] adjust scheduling priorities for domain
   9.432 +
   9.433 +\item [\it DOM0\_BUILDDOMAIN:] do final guest OS setup for domain
   9.434 +
   9.435 +\item [\it DOM0\_GETDOMAINFO:] get statistics about the domain
   9.436 +
   9.437 +\item [\it DOM0\_GETPAGEFRAMEINFO:] 
   9.438 +
   9.439 +\item [\it DOM0\_GETPAGEFRAMEINFO2:]
   9.440 +
   9.441 +\item [\it DOM0\_IOPL:] set I/O privilege level
   9.442 +
   9.443 +\item [\it DOM0\_MSR:] read or write model specific registers
   9.444 +
   9.445 +\item [\it DOM0\_DEBUG:] interactively invoke the debugger
   9.446 +
   9.447 +\item [\it DOM0\_SETTIME:] set system time
   9.448 +
   9.449 +\item [\it DOM0\_READCONSOLE:] read console content from hypervisor buffer ring
   9.450 +
   9.451 +\item [\it DOM0\_PINCPUDOMAIN:] pin domain to a particular CPU
   9.452 +
   9.453 +\item [\it DOM0\_GETTBUFS:] get information about the size and location of
   9.454 +                      the trace buffers (only on trace-buffer enabled builds)
   9.455 +
   9.456 +\item [\it DOM0\_PHYSINFO:] get information about the host machine
   9.457 +
   9.458 +\item [\it DOM0\_PCIDEV\_ACCESS:] modify PCI device access permissions
   9.459 +
   9.460 +\item [\it DOM0\_SCHED\_ID:] get the ID of the current Xen scheduler
   9.461 +
   9.462 +\item [\it DOM0\_SHADOW\_CONTROL:] switch between shadow page-table modes
   9.463 +
   9.464 +\item [\it DOM0\_SETDOMAININITIALMEM:] set initial memory allocation of a domain
   9.465 +
   9.466 +\item [\it DOM0\_SETDOMAINMAXMEM:] set maximum memory allocation of a domain
   9.467 +
   9.468 +\item [\it DOM0\_SETDOMAINVMASSIST:] set domain VM assist options
   9.469 +\end{description} 
   9.470 +\end{quote} 
   9.471 +
   9.472 +Most of the above are best understood by looking at the code 
   9.473 +implementing them (in {\tt xen/common/dom0\_ops.c}) and in 
   9.474 +the user-space tools that use them (mostly in {\tt tools/libxc}). 
   9.475 +
   9.476 +\section{Debugging Hypercalls} 
   9.477 +
   9.478 +A few additional hypercalls are mainly useful for debugging: 
   9.479 +
   9.480 +\begin{quote} 
   9.481 +\hypercall{console\_io(int cmd, int count, char *str)}
   9.482 +
   9.483 +Use Xen to interact with the console; operations are:
   9.484 +
   9.485 +{\it CONSOLEIO\_write}: Output count characters from buffer str.
   9.486 +
   9.487 +{\it CONSOLEIO\_read}: Input at most count characters into buffer str.
   9.488 +\end{quote} 
   9.489 +
   9.490 +A pair of hypercalls allows access to the underlying debug registers: 
   9.491 +\begin{quote}
   9.492 +\hypercall{set\_debugreg(int reg, unsigned long value)}
   9.493 +
   9.494 +Set debug register {\tt reg} to {\tt value} 
   9.495 +
   9.496 +\hypercall{get\_debugreg(int reg)}
   9.497 +
   9.498 +Return the contents of the debug register {\tt reg}
   9.499 +\end{quote}
   9.500 +
   9.501 +And finally: 
   9.502 +\begin{quote}
   9.503 +\hypercall{xen\_version(int cmd)}
   9.504 +
   9.505 +Request Xen version number.
   9.506 +\end{quote} 
   9.507 +
   9.508 +This is useful to ensure that user-space tools are in sync 
   9.509 +with the underlying hypervisor. 
   9.510 +
   9.511 +\section{Deprecated Hypercalls}
   9.512 +
   9.513 +Xen is under constant development and refinement; as such there 
   9.514 +are plans to improve the way in which various pieces of functionality 
   9.515 +are exposed to guest OSes. 
   9.516 +
   9.517 +\begin{quote} 
   9.518 +\hypercall{vm\_assist(unsigned int cmd, unsigned int type)}
   9.519 +
   9.520 +Toggle various memory management modes (in particular wrritable page
   9.521 +tables and superpage support). 
   9.522 +
   9.523 +\end{quote} 
   9.524 +
   9.525 +This is likely to be replaced with mode values in the shared 
   9.526 +information page since this is more resilient for resumption 
   9.527 +after migration or checkpoint. 
    10.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    10.2 +++ b/docs/src/interface/memory.tex	Thu Sep 22 11:42:01 2005 -0600
    10.3 @@ -0,0 +1,162 @@
    10.4 +\chapter{Memory}
    10.5 +\label{c:memory} 
    10.6 +
    10.7 +Xen is responsible for managing the allocation of physical memory to
    10.8 +domains, and for ensuring safe use of the paging and segmentation
    10.9 +hardware.
   10.10 +
   10.11 +
   10.12 +\section{Memory Allocation}
   10.13 +
   10.14 +Xen resides within a small fixed portion of physical memory; it also
   10.15 +reserves the top 64MB of every virtual address space. The remaining
   10.16 +physical memory is available for allocation to domains at a page
   10.17 +granularity.  Xen tracks the ownership and use of each page, which
   10.18 +allows it to enforce secure partitioning between domains.
   10.19 +
   10.20 +Each domain has a maximum and current physical memory allocation.  A
   10.21 +guest OS may run a `balloon driver' to dynamically adjust its current
   10.22 +memory allocation up to its limit.
   10.23 +
   10.24 +
   10.25 +%% XXX SMH: I use machine and physical in the next section (which is
   10.26 +%% kinda required for consistency with code); wonder if this section
   10.27 +%% should use same terms?
   10.28 +%%
   10.29 +%% Probably. 
   10.30 +%%
   10.31 +%% Merging this and below section at some point prob makes sense.
   10.32 +
   10.33 +\section{Pseudo-Physical Memory}
   10.34 +
   10.35 +Since physical memory is allocated and freed on a page granularity,
   10.36 +there is no guarantee that a domain will receive a contiguous stretch
   10.37 +of physical memory. However most operating systems do not have good
   10.38 +support for operating in a fragmented physical address space. To aid
   10.39 +porting such operating systems to run on top of Xen, we make a
   10.40 +distinction between \emph{machine memory} and \emph{pseudo-physical
   10.41 +  memory}.
   10.42 +
   10.43 +Put simply, machine memory refers to the entire amount of memory
   10.44 +installed in the machine, including that reserved by Xen, in use by
   10.45 +various domains, or currently unallocated. We consider machine memory
   10.46 +to comprise a set of 4K \emph{machine page frames} numbered
   10.47 +consecutively starting from 0. Machine frame numbers mean the same
   10.48 +within Xen or any domain.
   10.49 +
   10.50 +Pseudo-physical memory, on the other hand, is a per-domain
   10.51 +abstraction. It allows a guest operating system to consider its memory
   10.52 +allocation to consist of a contiguous range of physical page frames
   10.53 +starting at physical frame 0, despite the fact that the underlying
   10.54 +machine page frames may be sparsely allocated and in any order.
   10.55 +
   10.56 +To achieve this, Xen maintains a globally readable {\it
   10.57 +  machine-to-physical} table which records the mapping from machine
   10.58 +page frames to pseudo-physical ones. In addition, each domain is
   10.59 +supplied with a {\it physical-to-machine} table which performs the
   10.60 +inverse mapping. Clearly the machine-to-physical table has size
   10.61 +proportional to the amount of RAM installed in the machine, while each
   10.62 +physical-to-machine table has size proportional to the memory
   10.63 +allocation of the given domain.
   10.64 +
   10.65 +Architecture dependent code in guest operating systems can then use
   10.66 +the two tables to provide the abstraction of pseudo-physical memory.
   10.67 +In general, only certain specialized parts of the operating system
   10.68 +(such as page table management) needs to understand the difference
   10.69 +between machine and pseudo-physical addresses.
   10.70 +
   10.71 +
   10.72 +\section{Page Table Updates}
   10.73 +
   10.74 +In the default mode of operation, Xen enforces read-only access to
   10.75 +page tables and requires guest operating systems to explicitly request
   10.76 +any modifications.  Xen validates all such requests and only applies
   10.77 +updates that it deems safe.  This is necessary to prevent domains from
   10.78 +adding arbitrary mappings to their page tables.
   10.79 +
   10.80 +To aid validation, Xen associates a type and reference count with each
   10.81 +memory page. A page has one of the following mutually-exclusive types
   10.82 +at any point in time: page directory ({\sf PD}), page table ({\sf
   10.83 +  PT}), local descriptor table ({\sf LDT}), global descriptor table
   10.84 +({\sf GDT}), or writable ({\sf RW}). Note that a guest OS may always
   10.85 +create readable mappings of its own memory regardless of its current
   10.86 +type.
   10.87 +
   10.88 +%%% XXX: possibly explain more about ref count 'lifecyle' here?
   10.89 +This mechanism is used to maintain the invariants required for safety;
   10.90 +for example, a domain cannot have a writable mapping to any part of a
   10.91 +page table as this would require the page concerned to simultaneously
   10.92 +be of types {\sf PT} and {\sf RW}.
   10.93 +
   10.94 +
   10.95 +% \section{Writable Page Tables}
   10.96 +
   10.97 +Xen also provides an alternative mode of operation in which guests be
   10.98 +have the illusion that their page tables are directly writable.  Of
   10.99 +course this is not really the case, since Xen must still validate
  10.100 +modifications to ensure secure partitioning. To this end, Xen traps
  10.101 +any write attempt to a memory page of type {\sf PT} (i.e., that is
  10.102 +currently part of a page table).  If such an access occurs, Xen
  10.103 +temporarily allows write access to that page while at the same time
  10.104 +\emph{disconnecting} it from the page table that is currently in use.
  10.105 +This allows the guest to safely make updates to the page because the
  10.106 +newly-updated entries cannot be used by the MMU until Xen revalidates
  10.107 +and reconnects the page.  Reconnection occurs automatically in a
  10.108 +number of situations: for example, when the guest modifies a different
  10.109 +page-table page, when the domain is preempted, or whenever the guest
  10.110 +uses Xen's explicit page-table update interfaces.
  10.111 +
  10.112 +Finally, Xen also supports a form of \emph{shadow page tables} in
  10.113 +which the guest OS uses a independent copy of page tables which are
  10.114 +unknown to the hardware (i.e.\ which are never pointed to by {\tt
  10.115 +  cr3}). Instead Xen propagates changes made to the guest's tables to
  10.116 +the real ones, and vice versa. This is useful for logging page writes
  10.117 +(e.g.\ for live migration or checkpoint). A full version of the shadow
  10.118 +page tables also allows guest OS porting with less effort.
  10.119 +
  10.120 +
  10.121 +\section{Segment Descriptor Tables}
  10.122 +
  10.123 +On boot a guest is supplied with a default GDT, which does not reside
  10.124 +within its own memory allocation.  If the guest wishes to use other
  10.125 +than the default `flat' ring-1 and ring-3 segments that this GDT
  10.126 +provides, it must register a custom GDT and/or LDT with Xen, allocated
  10.127 +from its own memory. Note that a number of GDT entries are reserved by
  10.128 +Xen -- any custom GDT must also include sufficient space for these
  10.129 +entries.
  10.130 +
  10.131 +For example, the following hypercall is used to specify a new GDT:
  10.132 +
  10.133 +\begin{quote}
  10.134 +  int {\bf set\_gdt}(unsigned long *{\em frame\_list}, int {\em
  10.135 +    entries})
  10.136 +
  10.137 +  \emph{frame\_list}: An array of up to 16 machine page frames within
  10.138 +  which the GDT resides.  Any frame registered as a GDT frame may only
  10.139 +  be mapped read-only within the guest's address space (e.g., no
  10.140 +  writable mappings, no use as a page-table page, and so on).
  10.141 +
  10.142 +  \emph{entries}: The number of descriptor-entry slots in the GDT.
  10.143 +  Note that the table must be large enough to contain Xen's reserved
  10.144 +  entries; thus we must have `{\em entries $>$
  10.145 +    LAST\_RESERVED\_GDT\_ENTRY}\ '.  Note also that, after registering
  10.146 +  the GDT, slots \emph{FIRST\_} through
  10.147 +  \emph{LAST\_RESERVED\_GDT\_ENTRY} are no longer usable by the guest
  10.148 +  and may be overwritten by Xen.
  10.149 +\end{quote}
  10.150 +
  10.151 +The LDT is updated via the generic MMU update mechanism (i.e., via the
  10.152 +{\tt mmu\_update()} hypercall.
  10.153 +
  10.154 +\section{Start of Day}
  10.155 +
  10.156 +The start-of-day environment for guest operating systems is rather
  10.157 +different to that provided by the underlying hardware. In particular,
  10.158 +the processor is already executing in protected mode with paging
  10.159 +enabled.
  10.160 +
  10.161 +{\it Domain 0} is created and booted by Xen itself. For all subsequent
  10.162 +domains, the analogue of the boot-loader is the {\it domain builder},
  10.163 +user-space software running in {\it domain 0}. The domain builder is
  10.164 +responsible for building the initial page tables for a domain and
  10.165 +loading its kernel image at the appropriate virtual address.
    11.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    11.2 +++ b/docs/src/interface/scheduling.tex	Thu Sep 22 11:42:01 2005 -0600
    11.3 @@ -0,0 +1,268 @@
    11.4 +\chapter{Scheduling API}  
    11.5 +
    11.6 +The scheduling API is used by both the schedulers described above and should
    11.7 +also be used by any new schedulers.  It provides a generic interface and also
    11.8 +implements much of the ``boilerplate'' code.
    11.9 +
   11.10 +Schedulers conforming to this API are described by the following
   11.11 +structure:
   11.12 +
   11.13 +\begin{verbatim}
   11.14 +struct scheduler
   11.15 +{
   11.16 +    char *name;             /* full name for this scheduler      */
   11.17 +    char *opt_name;         /* option name for this scheduler    */
   11.18 +    unsigned int sched_id;  /* ID for this scheduler             */
   11.19 +
   11.20 +    int          (*init_scheduler) ();
   11.21 +    int          (*alloc_task)     (struct task_struct *);
   11.22 +    void         (*add_task)       (struct task_struct *);
   11.23 +    void         (*free_task)      (struct task_struct *);
   11.24 +    void         (*rem_task)       (struct task_struct *);
   11.25 +    void         (*wake_up)        (struct task_struct *);
   11.26 +    void         (*do_block)       (struct task_struct *);
   11.27 +    task_slice_t (*do_schedule)    (s_time_t);
   11.28 +    int          (*control)        (struct sched_ctl_cmd *);
   11.29 +    int          (*adjdom)         (struct task_struct *,
   11.30 +                                    struct sched_adjdom_cmd *);
   11.31 +    s32          (*reschedule)     (struct task_struct *);
   11.32 +    void         (*dump_settings)  (void);
   11.33 +    void         (*dump_cpu_state) (int);
   11.34 +    void         (*dump_runq_el)   (struct task_struct *);
   11.35 +};
   11.36 +\end{verbatim}
   11.37 +
   11.38 +The only method that {\em must} be implemented is
   11.39 +{\tt do\_schedule()}.  However, if there is not some implementation for the
   11.40 +{\tt wake\_up()} method then waking tasks will not get put on the runqueue!
   11.41 +
   11.42 +The fields of the above structure are described in more detail below.
   11.43 +
   11.44 +\subsubsection{name}
   11.45 +
   11.46 +The name field should point to a descriptive ASCII string.
   11.47 +
   11.48 +\subsubsection{opt\_name}
   11.49 +
   11.50 +This field is the value of the {\tt sched=} boot-time option that will select
   11.51 +this scheduler.
   11.52 +
   11.53 +\subsubsection{sched\_id}
   11.54 +
   11.55 +This is an integer that uniquely identifies this scheduler.  There should be a
   11.56 +macro corrsponding to this scheduler ID in {\tt <xen/sched-if.h>}.
   11.57 +
   11.58 +\subsubsection{init\_scheduler}
   11.59 +
   11.60 +\paragraph*{Purpose}
   11.61 +
   11.62 +This is a function for performing any scheduler-specific initialisation.  For
   11.63 +instance, it might allocate memory for per-CPU scheduler data and initialise it
   11.64 +appropriately.
   11.65 +
   11.66 +\paragraph*{Call environment}
   11.67 +
   11.68 +This function is called after the initialisation performed by the generic
   11.69 +layer.  The function is called exactly once, for the scheduler that has been
   11.70 +selected.
   11.71 +
   11.72 +\paragraph*{Return values}
   11.73 +
   11.74 +This should return negative on failure --- this will cause an
   11.75 +immediate panic and the system will fail to boot.
   11.76 +
   11.77 +\subsubsection{alloc\_task}
   11.78 +
   11.79 +\paragraph*{Purpose}
   11.80 +Called when a {\tt task\_struct} is allocated by the generic scheduler
   11.81 +layer.  A particular scheduler implementation may use this method to
   11.82 +allocate per-task data for this task.  It may use the {\tt
   11.83 +sched\_priv} pointer in the {\tt task\_struct} to point to this data.
   11.84 +
   11.85 +\paragraph*{Call environment}
   11.86 +The generic layer guarantees that the {\tt sched\_priv} field will
   11.87 +remain intact from the time this method is called until the task is
   11.88 +deallocated (so long as the scheduler implementation does not change
   11.89 +it explicitly!).
   11.90 +
   11.91 +\paragraph*{Return values}
   11.92 +Negative on failure.
   11.93 +
   11.94 +\subsubsection{add\_task}
   11.95 +
   11.96 +\paragraph*{Purpose}
   11.97 +
   11.98 +Called when a task is initially added by the generic layer.
   11.99 +
  11.100 +\paragraph*{Call environment}
  11.101 +
  11.102 +The fields in the {\tt task\_struct} are now filled out and available for use.
  11.103 +Schedulers should implement appropriate initialisation of any per-task private
  11.104 +information in this method.
  11.105 +
  11.106 +\subsubsection{free\_task}
  11.107 +
  11.108 +\paragraph*{Purpose}
  11.109 +
  11.110 +Schedulers should free the space used by any associated private data
  11.111 +structures.
  11.112 +
  11.113 +\paragraph*{Call environment}
  11.114 +
  11.115 +This is called when a {\tt task\_struct} is about to be deallocated.
  11.116 +The generic layer will have done generic task removal operations and
  11.117 +(if implemented) called the scheduler's {\tt rem\_task} method before
  11.118 +this method is called.
  11.119 +
  11.120 +\subsubsection{rem\_task}
  11.121 +
  11.122 +\paragraph*{Purpose}
  11.123 +
  11.124 +This is called when a task is being removed from scheduling (but is
  11.125 +not yet being freed).
  11.126 +
  11.127 +\subsubsection{wake\_up}
  11.128 +
  11.129 +\paragraph*{Purpose}
  11.130 +
  11.131 +Called when a task is woken up, this method should put the task on the runqueue
  11.132 +(or do the scheduler-specific equivalent action).
  11.133 +
  11.134 +\paragraph*{Call environment}
  11.135 +
  11.136 +The task is already set to state RUNNING.
  11.137 +
  11.138 +\subsubsection{do\_block}
  11.139 +
  11.140 +\paragraph*{Purpose}
  11.141 +
  11.142 +This function is called when a task is blocked.  This function should
  11.143 +not remove the task from the runqueue.
  11.144 +
  11.145 +\paragraph*{Call environment}
  11.146 +
  11.147 +The EVENTS\_MASTER\_ENABLE\_BIT is already set and the task state changed to
  11.148 +TASK\_INTERRUPTIBLE on entry to this method.  A call to the {\tt
  11.149 +  do\_schedule} method will be made after this method returns, in
  11.150 +order to select the next task to run.
  11.151 +
  11.152 +\subsubsection{do\_schedule}
  11.153 +
  11.154 +This method must be implemented.
  11.155 +
  11.156 +\paragraph*{Purpose}
  11.157 +
  11.158 +The method is called each time a new task must be chosen for scheduling on the
  11.159 +current CPU.  The current time as passed as the single argument (the current
  11.160 +task can be found using the {\tt current} macro).
  11.161 +
  11.162 +This method should select the next task to run on this CPU and set it's minimum
  11.163 +time to run as well as returning the data described below.
  11.164 +
  11.165 +This method should also take the appropriate action if the previous
  11.166 +task has blocked, e.g. removing it from the runqueue.
  11.167 +
  11.168 +\paragraph*{Call environment}
  11.169 +
  11.170 +The other fields in the {\tt task\_struct} are updated by the generic layer,
  11.171 +which also performs all Xen-specific tasks and performs the actual task switch
  11.172 +(unless the previous task has been chosen again).
  11.173 +
  11.174 +This method is called with the {\tt schedule\_lock} held for the current CPU
  11.175 +and local interrupts disabled.
  11.176 +
  11.177 +\paragraph*{Return values}
  11.178 +
  11.179 +Must return a {\tt struct task\_slice} describing what task to run and how long
  11.180 +for (at maximum).
  11.181 +
  11.182 +\subsubsection{control}
  11.183 +
  11.184 +\paragraph*{Purpose}
  11.185 +
  11.186 +This method is called for global scheduler control operations.  It takes a
  11.187 +pointer to a {\tt struct sched\_ctl\_cmd}, which it should either
  11.188 +source data from or populate with data, depending on the value of the
  11.189 +{\tt direction} field.
  11.190 +
  11.191 +\paragraph*{Call environment}
  11.192 +
  11.193 +The generic layer guarantees that when this method is called, the
  11.194 +caller selected the correct scheduler ID, hence the scheduler's
  11.195 +implementation does not need to sanity-check these parts of the call.
  11.196 +
  11.197 +\paragraph*{Return values}
  11.198 +
  11.199 +This function should return the value to be passed back to user space, hence it
  11.200 +should either be 0 or an appropriate errno value.
  11.201 +
  11.202 +\subsubsection{sched\_adjdom}
  11.203 +
  11.204 +\paragraph*{Purpose}
  11.205 +
  11.206 +This method is called to adjust the scheduling parameters of a particular
  11.207 +domain, or to query their current values.  The function should check
  11.208 +the {\tt direction} field of the {\tt sched\_adjdom\_cmd} it receives in
  11.209 +order to determine which of these operations is being performed.
  11.210 +
  11.211 +\paragraph*{Call environment}
  11.212 +
  11.213 +The generic layer guarantees that the caller has specified the correct
  11.214 +control interface version and scheduler ID and that the supplied {\tt
  11.215 +task\_struct} will not be deallocated during the call (hence it is not
  11.216 +necessary to {\tt get\_task\_struct}).
  11.217 +
  11.218 +\paragraph*{Return values}
  11.219 +
  11.220 +This function should return the value to be passed back to user space, hence it
  11.221 +should either be 0 or an appropriate errno value.
  11.222 +
  11.223 +\subsubsection{reschedule}
  11.224 +
  11.225 +\paragraph*{Purpose}
  11.226 +
  11.227 +This method is called to determine if a reschedule is required as a result of a
  11.228 +particular task.
  11.229 +
  11.230 +\paragraph*{Call environment}
  11.231 +The generic layer will cause a reschedule if the current domain is the idle
  11.232 +task or it has exceeded its minimum time slice before a reschedule.  The
  11.233 +generic layer guarantees that the task passed is not currently running but is
  11.234 +on the runqueue.
  11.235 +
  11.236 +\paragraph*{Return values}
  11.237 +
  11.238 +Should return a mask of CPUs to cause a reschedule on.
  11.239 +
  11.240 +\subsubsection{dump\_settings}
  11.241 +
  11.242 +\paragraph*{Purpose}
  11.243 +
  11.244 +If implemented, this should dump any private global settings for this
  11.245 +scheduler to the console.
  11.246 +
  11.247 +\paragraph*{Call environment}
  11.248 +
  11.249 +This function is called with interrupts enabled.
  11.250 +
  11.251 +\subsubsection{dump\_cpu\_state}
  11.252 +
  11.253 +\paragraph*{Purpose}
  11.254 +
  11.255 +This method should dump any private settings for the specified CPU.
  11.256 +
  11.257 +\paragraph*{Call environment}
  11.258 +
  11.259 +This function is called with interrupts disabled and the {\tt schedule\_lock}
  11.260 +for the specified CPU held.
  11.261 +
  11.262 +\subsubsection{dump\_runq\_el}
  11.263 +
  11.264 +\paragraph*{Purpose}
  11.265 +
  11.266 +This method should dump any private settings for the specified task.
  11.267 +
  11.268 +\paragraph*{Call environment}
  11.269 +
  11.270 +This function is called with interrupts disabled and the {\tt schedule\_lock}
  11.271 +for the task's CPU held.
    12.1 --- a/docs/src/user.tex	Thu Sep 22 11:34:14 2005 -0600
    12.2 +++ b/docs/src/user.tex	Thu Sep 22 11:42:01 2005 -0600
    12.3 @@ -59,1803 +59,36 @@ Contributions of material, suggestions a
    12.4  \renewcommand{\floatpagefraction}{.8}
    12.5  \setstretch{1.1}
    12.6  
    12.7 -\part{Introduction and Tutorial}
    12.8 -\chapter{Introduction}
    12.9 -
   12.10 -Xen is a {\em paravirtualising} virtual machine monitor (VMM), or
   12.11 -`hypervisor', for the x86 processor architecture.  Xen can securely
   12.12 -execute multiple virtual machines on a single physical system with
   12.13 -close-to-native performance.  The virtual machine technology
   12.14 -facilitates enterprise-grade functionality, including:
   12.15 -
   12.16 -\begin{itemize}
   12.17 -\item Virtual machines with performance close to native
   12.18 -  hardware.
   12.19 -\item Live migration of running virtual machines between physical hosts.
   12.20 -\item Excellent hardware support (supports most Linux device drivers).
   12.21 -\item Sandboxed, restartable device drivers.
   12.22 -\end{itemize}
   12.23 -
   12.24 -Paravirtualisation permits very high performance virtualisation,
   12.25 -even on architectures like x86 that are traditionally
   12.26 -very hard to virtualise.
   12.27 -The drawback of this approach is that it requires operating systems to
   12.28 -be {\em ported} to run on Xen.  Porting an OS to run on Xen is similar
   12.29 -to supporting a new hardware platform, however the process
   12.30 -is simplified because the paravirtual machine architecture is very
   12.31 -similar to the underlying native hardware. Even though operating system
   12.32 -kernels must explicitly support Xen, a key feature is that user space
   12.33 -applications and libraries {\em do not} require modification.
   12.34 -
   12.35 -Xen support is available for increasingly many operating systems:
   12.36 -right now, Linux 2.4, Linux 2.6 and NetBSD are available for Xen 2.0.
   12.37 -A FreeBSD port is undergoing testing and will be incorporated into the
   12.38 -release soon. Other OS ports, including Plan 9, are in progress.  We
   12.39 -hope that that arch-xen patches will be incorporated into the
   12.40 -mainstream releases of these operating systems in due course (as has
   12.41 -already happened for NetBSD).
   12.42 -
   12.43 -Possible usage scenarios for Xen include:
   12.44 -\begin{description}
   12.45 -\item [Kernel development.] Test and debug kernel modifications in a
   12.46 -      sandboxed virtual machine --- no need for a separate test
   12.47 -      machine.
   12.48 -\item [Multiple OS configurations.] Run multiple operating systems
   12.49 -      simultaneously, for instance for compatibility or QA purposes.
   12.50 -\item [Server consolidation.] Move multiple servers onto a single
   12.51 -      physical host with performance and fault isolation provided at
   12.52 -      virtual machine boundaries. 
   12.53 -\item [Cluster computing.] Management at VM granularity provides more
   12.54 -      flexibility than separately managing each physical host, but
   12.55 -      better control and isolation than single-system image solutions, 
   12.56 -      particularly by using live migration for load balancing. 
   12.57 -\item [Hardware support for custom OSes.] Allow development of new OSes
   12.58 -      while benefiting from the wide-ranging hardware support of
   12.59 -      existing OSes such as Linux.
   12.60 -\end{description}
   12.61 -
   12.62 -\section{Structure of a Xen-Based System}
   12.63 -
   12.64 -A Xen system has multiple layers, the lowest and most privileged of
   12.65 -which is Xen itself. 
   12.66 -Xen in turn may host multiple {\em guest} operating systems, each of
   12.67 -which is executed within a secure virtual machine (in Xen terminology,
   12.68 -a {\em domain}). Domains are scheduled by Xen to make effective use of
   12.69 -the available physical CPUs.  Each guest OS manages its own
   12.70 -applications, which includes responsibility for scheduling each
   12.71 -application within the time allotted to the VM by Xen.
   12.72 -
   12.73 -The first domain, {\em domain 0}, is created automatically when the
   12.74 -system boots and has special management privileges. Domain 0 builds
   12.75 -other domains and manages their virtual devices. It also performs
   12.76 -administrative tasks such as suspending, resuming and migrating other
   12.77 -virtual machines.
   12.78 -
   12.79 -Within domain 0, a process called \emph{xend} runs to manage the system.
   12.80 -\Xend is responsible for managing virtual machines and providing access
   12.81 -to their consoles.  Commands are issued to \xend over an HTTP
   12.82 -interface, either from a command-line tool or from a web browser.
   12.83 -
   12.84 -\section{Hardware Support}
   12.85 -
   12.86 -Xen currently runs only on the x86 architecture, requiring a `P6' or
   12.87 -newer processor (e.g. Pentium Pro, Celeron, Pentium II, Pentium III,
   12.88 -Pentium IV, Xeon, AMD Athlon, AMD Duron).  Multiprocessor machines are
   12.89 -supported, and we also have basic support for HyperThreading (SMT),
   12.90 -although this remains a topic for ongoing research. A port
   12.91 -specifically for x86/64 is in progress, although Xen already runs on
   12.92 -such systems in 32-bit legacy mode. In addition a port to the IA64
   12.93 -architecture is approaching completion. We hope to add other
   12.94 -architectures such as PPC and ARM in due course.
   12.95 -
   12.96 -
   12.97 -Xen can currently use up to 4GB of memory.  It is possible for x86
   12.98 -machines to address up to 64GB of physical memory but there are no
   12.99 -current plans to support these systems: The x86/64 port is the
  12.100 -planned route to supporting larger memory sizes.
  12.101 -
  12.102 -Xen offloads most of the hardware support issues to the guest OS
  12.103 -running in Domain~0.  Xen itself contains only the code required to
  12.104 -detect and start secondary processors, set up interrupt routing, and
  12.105 -perform PCI bus enumeration.  Device drivers run within a privileged
  12.106 -guest OS rather than within Xen itself. This approach provides
  12.107 -compatibility with the majority of device hardware supported by Linux.
  12.108 -The default XenLinux build contains support for relatively modern
  12.109 -server-class network and disk hardware, but you can add support for
  12.110 -other hardware by configuring your XenLinux kernel in the normal way.
  12.111 -
  12.112 -\section{History}
  12.113 -
  12.114 -Xen was originally developed by the Systems Research Group at the
  12.115 -University of Cambridge Computer Laboratory as part of the XenoServers
  12.116 -project, funded by the UK-EPSRC.
  12.117 -XenoServers aim to provide a `public infrastructure for
  12.118 -global distributed computing', and Xen plays a key part in that,
  12.119 -allowing us to efficiently partition a single machine to enable
  12.120 -multiple independent clients to run their operating systems and
  12.121 -applications in an environment providing protection, resource
  12.122 -isolation and accounting.  The project web page contains further
  12.123 -information along with pointers to papers and technical reports:
  12.124 -\path{http://www.cl.cam.ac.uk/xeno} 
  12.125 -
  12.126 -Xen has since grown into a fully-fledged project in its own right,
  12.127 -enabling us to investigate interesting research issues regarding the
  12.128 -best techniques for virtualising resources such as the CPU, memory,
  12.129 -disk and network.  The project has been bolstered by support from
  12.130 -Intel Research Cambridge, and HP Labs, who are now working closely
  12.131 -with us.
  12.132 -
  12.133 -Xen was first described in a paper presented at SOSP in
  12.134 -2003\footnote{\tt
  12.135 -http://www.cl.cam.ac.uk/netos/papers/2003-xensosp.pdf}, and the first
  12.136 -public release (1.0) was made that October.  Since then, Xen has
  12.137 -significantly matured and is now used in production scenarios on
  12.138 -many sites.
  12.139 -
  12.140 -Xen 2.0 features greatly enhanced hardware support, configuration
  12.141 -flexibility, usability and a larger complement of supported operating
  12.142 -systems. This latest release takes Xen a step closer to becoming the 
  12.143 -definitive open source solution for virtualisation.
  12.144 -
  12.145 -\chapter{Installation}
  12.146 -
  12.147 -The Xen distribution includes three main components: Xen itself, ports
  12.148 -of Linux 2.4 and 2.6 and NetBSD to run on Xen, and the user-space
  12.149 -tools required to manage a Xen-based system.  This chapter describes
  12.150 -how to install the Xen 2.0 distribution from source.  Alternatively,
  12.151 -there may be pre-built packages available as part of your operating
  12.152 -system distribution.
  12.153 -
  12.154 -\section{Prerequisites}
  12.155 -\label{sec:prerequisites}
  12.156 -
  12.157 -The following is a full list of prerequisites.  Items marked `$\dag$'
  12.158 -are required by the \xend control tools, and hence required if you
  12.159 -want to run more than one virtual machine; items marked `$*$' are only
  12.160 -required if you wish to build from source.
  12.161 -\begin{itemize}
  12.162 -\item A working Linux distribution using the GRUB bootloader and
  12.163 -running on a P6-class (or newer) CPU.
  12.164 -\item [$\dag$] The \path{iproute2} package. 
  12.165 -\item [$\dag$] The Linux bridge-utils\footnote{Available from 
  12.166 -{\tt http://bridge.sourceforge.net}} (e.g., \path{/sbin/brctl})
  12.167 -\item [$\dag$] An installation of Twisted v1.3 or
  12.168 -above\footnote{Available from {\tt
  12.169 -http://www.twistedmatrix.com}}. There may be a binary package
  12.170 -available for your distribution; alternatively it can be installed by
  12.171 -running `{\sl make install-twisted}' in the root of the Xen source
  12.172 -tree.
  12.173 -\item [$*$] Build tools (gcc v3.2.x or v3.3.x, binutils, GNU make).
  12.174 -\item [$*$] Development installation of libcurl (e.g., libcurl-devel) 
  12.175 -\item [$*$] Development installation of zlib (e.g., zlib-dev).
  12.176 -\item [$*$] Development installation of Python v2.2 or later (e.g., python-dev).
  12.177 -\item [$*$] \LaTeX and transfig are required to build the documentation.
  12.178 -\end{itemize}
  12.179 -
  12.180 -Once you have satisfied the relevant prerequisites, you can 
  12.181 -now install either a binary or source distribution of Xen. 
  12.182 -
  12.183 -\section{Installing from Binary Tarball} 
  12.184 -
  12.185 -Pre-built tarballs are available for download from the Xen 
  12.186 -download page
  12.187 -\begin{quote} 
  12.188 -{\tt http://xen.sf.net}
  12.189 -\end{quote} 
  12.190 -
  12.191 -Once you've downloaded the tarball, simply unpack and install: 
  12.192 -\begin{verbatim}
  12.193 -# tar zxvf xen-2.0-install.tgz
  12.194 -# cd xen-2.0-install
  12.195 -# sh ./install.sh 
  12.196 -\end{verbatim} 
  12.197 -
  12.198 -Once you've installed the binaries you need to configure
  12.199 -your system as described in Section~\ref{s:configure}. 
  12.200 -
  12.201 -\section{Installing from Source} 
  12.202 -
  12.203 -This section describes how to obtain, build, and install 
  12.204 -Xen from source. 
  12.205 -
  12.206 -\subsection{Obtaining the Source} 
  12.207 -
  12.208 -The Xen source tree is available as either a compressed source tar
  12.209 -ball or as a clone of our master BitKeeper repository.
  12.210 -
  12.211 -\begin{description} 
  12.212 -\item[Obtaining the Source Tarball]\mbox{} \\  
  12.213 -Stable versions (and daily snapshots) of the Xen source tree are
  12.214 -available as compressed tarballs from the Xen download page
  12.215 -\begin{quote} 
  12.216 -{\tt http://xen.sf.net}
  12.217 -\end{quote} 
  12.218 -
  12.219 -\item[Using BitKeeper]\mbox{} \\  
  12.220 -If you wish to install Xen from a clone of our latest BitKeeper
  12.221 -repository then you will need to install the BitKeeper tools.
  12.222 -Download instructions for BitKeeper can be obtained by filling out the
  12.223 -form at:
  12.224 -
  12.225 -\begin{quote} 
  12.226 -{\tt http://www.bitmover.com/cgi-bin/download.cgi}
  12.227 -\end{quote}
  12.228 -The public master BK repository for the 2.0 release lives at: 
  12.229 -\begin{quote}
  12.230 -{\tt bk://xen.bkbits.net/xen-2.0.bk}  
  12.231 -\end{quote} 
  12.232 -You can use BitKeeper to
  12.233 -download it and keep it updated with the latest features and fixes.
  12.234 -
  12.235 -Change to the directory in which you want to put the source code, then
  12.236 -run:
  12.237 -\begin{verbatim}
  12.238 -# bk clone bk://xen.bkbits.net/xen-2.0.bk
  12.239 -\end{verbatim}
  12.240 -
  12.241 -Under your current directory, a new directory named \path{xen-2.0.bk}
  12.242 -has been created, which contains all the source code for Xen, the OS
  12.243 -ports, and the control tools. You can update your repository with the
  12.244 -latest changes at any time by running:
  12.245 -\begin{verbatim}
  12.246 -# cd xen-2.0.bk # to change into the local repository
  12.247 -# bk pull       # to update the repository
  12.248 -\end{verbatim}
  12.249 -\end{description} 
  12.250 -
  12.251 -%\section{The distribution}
  12.252 -%
  12.253 -%The Xen source code repository is structured as follows:
  12.254 -%
  12.255 -%\begin{description}
  12.256 -%\item[\path{tools/}] Xen node controller daemon (Xend), command line tools, 
  12.257 -%  control libraries
  12.258 -%\item[\path{xen/}] The Xen VMM.
  12.259 -%\item[\path{linux-*-xen-sparse/}] Xen support for Linux.
  12.260 -%\item[\path{linux-*-patches/}] Experimental patches for Linux.
  12.261 -%\item[\path{netbsd-*-xen-sparse/}] Xen support for NetBSD.
  12.262 -%\item[\path{docs/}] Various documentation files for users and developers.
  12.263 -%\item[\path{extras/}] Bonus extras.
  12.264 -%\end{description}
  12.265 -
  12.266 -\subsection{Building from Source} 
  12.267 -
  12.268 -The top-level Xen Makefile includes a target `world' that will do the
  12.269 -following:
  12.270 -
  12.271 -\begin{itemize}
  12.272 -\item Build Xen
  12.273 -\item Build the control tools, including \xend
  12.274 -\item Download (if necessary) and unpack the Linux 2.6 source code,
  12.275 -      and patch it for use with Xen
  12.276 -\item Build a Linux kernel to use in domain 0 and a smaller
  12.277 -      unprivileged kernel, which can optionally be used for
  12.278 -      unprivileged virtual machines.
  12.279 -\end{itemize}
  12.280 -
  12.281 -
  12.282 -After the build has completed you should have a top-level 
  12.283 -directory called \path{dist/} in which all resulting targets 
  12.284 -will be placed; of particular interest are the two kernels 
  12.285 -XenLinux kernel images, one with a `-xen0' extension
  12.286 -which contains hardware device drivers and drivers for Xen's virtual
  12.287 -devices, and one with a `-xenU' extension that just contains the
  12.288 -virtual ones. These are found in \path{dist/install/boot/} along
  12.289 -with the image for Xen itself and the configuration files used
  12.290 -during the build. 
  12.291 -
  12.292 -The NetBSD port can be built using: 
  12.293 -\begin{quote}
  12.294 -\begin{verbatim}
  12.295 -# make netbsd20
  12.296 -\end{verbatim} 
  12.297 -\end{quote} 
  12.298 -NetBSD port is built using a snapshot of the netbsd-2-0 cvs branch.
  12.299 -The snapshot is downloaded as part of the build process, if it is not
  12.300 -yet present in the \path{NETBSD\_SRC\_PATH} search path.  The build
  12.301 -process also downloads a toolchain which includes all the tools
  12.302 -necessary to build the NetBSD kernel under Linux.
  12.303 -
  12.304 -To customize further the set of kernels built you need to edit
  12.305 -the top-level Makefile. Look for the line: 
  12.306 -
  12.307 -\begin{quote}
  12.308 -\begin{verbatim}
  12.309 -KERNELS ?= mk.linux-2.6-xen0 mk.linux-2.6-xenU
  12.310 -\end{verbatim} 
  12.311 -\end{quote} 
  12.312 -
  12.313 -You can edit this line to include any set of operating system kernels
  12.314 -which have configurations in the top-level \path{buildconfigs/}
  12.315 -directory, for example \path{mk.linux-2.4-xenU} to build a Linux 2.4
  12.316 -kernel containing only virtual device drivers.
  12.317 -
  12.318 -%% Inspect the Makefile if you want to see what goes on during a build.
  12.319 -%% Building Xen and the tools is straightforward, but XenLinux is more
  12.320 -%% complicated.  The makefile needs a `pristine' Linux kernel tree to which
  12.321 -%% it will then add the Xen architecture files.  You can tell the
  12.322 -%% makefile the location of the appropriate Linux compressed tar file by
  12.323 -%% setting the LINUX\_SRC environment variable, e.g. \\
  12.324 -%% \verb!# LINUX_SRC=/tmp/linux-2.6.11.tar.bz2 make world! \\ or by
  12.325 -%% placing the tar file somewhere in the search path of {\tt
  12.326 -%% LINUX\_SRC\_PATH} which defaults to `{\tt .:..}'.  If the makefile
  12.327 -%% can't find a suitable kernel tar file it attempts to download it from
  12.328 -%% kernel.org (this won't work if you're behind a firewall).
  12.329 -
  12.330 -%% After untaring the pristine kernel tree, the makefile uses the {\tt
  12.331 -%% mkbuildtree} script to add the Xen patches to the kernel. 
  12.332 -
  12.333 -
  12.334 -%% The procedure is similar to build the Linux 2.4 port: \\
  12.335 -%% \verb!# LINUX_SRC=/path/to/linux2.4/source make linux24!
  12.336 -
  12.337 -
  12.338 -%% \framebox{\parbox{5in}{
  12.339 -%% {\bf Distro specific:} \\
  12.340 -%% {\it Gentoo} --- if not using udev (most installations, currently), you'll need
  12.341 -%% to enable devfs and devfs mount at boot time in the xen0 config.
  12.342 -%% }}
  12.343 -
  12.344 -\subsection{Custom XenLinux Builds}
  12.345 -
  12.346 -% If you have an SMP machine you may wish to give the {\tt '-j4'}
  12.347 -% argument to make to get a parallel build.
  12.348 -
  12.349 -If you wish to build a customized XenLinux kernel (e.g. to support
  12.350 -additional devices or enable distribution-required features), you can
  12.351 -use the standard Linux configuration mechanisms, specifying that the
  12.352 -architecture being built for is \path{xen}, e.g:
  12.353 -\begin{quote}
  12.354 -\begin{verbatim} 
  12.355 -# cd linux-2.6.11-xen0 
  12.356 -# make ARCH=xen xconfig 
  12.357 -# cd ..
  12.358 -# make
  12.359 -\end{verbatim} 
  12.360 -\end{quote} 
  12.361 -
  12.362 -You can also copy an existing Linux configuration (\path{.config}) 
  12.363 -into \path{linux-2.6.11-xen0} and execute:  
  12.364 -\begin{quote}
  12.365 -\begin{verbatim} 
  12.366 -# make ARCH=xen oldconfig 
  12.367 -\end{verbatim} 
  12.368 -\end{quote} 
  12.369 -
  12.370 -You may be prompted with some Xen-specific options; we 
  12.371 -advise accepting the defaults for these options.
  12.372 -
  12.373 -Note that the only difference between the two types of Linux kernel
  12.374 -that are built is the configuration file used for each.  The "U"
  12.375 -suffixed (unprivileged) versions don't contain any of the physical
  12.376 -hardware device drivers, leading to a 30\% reduction in size; hence
  12.377 -you may prefer these for your non-privileged domains.  The `0'
  12.378 -suffixed privileged versions can be used to boot the system, as well
  12.379 -as in driver domains and unprivileged domains.
  12.380 -
  12.381 -
  12.382 -\subsection{Installing the Binaries}
  12.383 -
  12.384 -
  12.385 -The files produced by the build process are stored under the
  12.386 -\path{dist/install/} directory. To install them in their default
  12.387 -locations, do:
  12.388 -\begin{quote}
  12.389 -\begin{verbatim}
  12.390 -# make install
  12.391 -\end{verbatim} 
  12.392 -\end{quote}
  12.393 -
  12.394 -
  12.395 -Alternatively, users with special installation requirements may wish
  12.396 -to install them manually by copying the files to their appropriate
  12.397 -destinations.
  12.398 -
  12.399 -%% Files in \path{install/boot/} include:
  12.400 -%% \begin{itemize}
  12.401 -%% \item \path{install/boot/xen-2.0.gz} Link to the Xen 'kernel'
  12.402 -%% \item \path{install/boot/vmlinuz-2.6-xen0}  Link to domain 0 XenLinux kernel
  12.403 -%% \item \path{install/boot/vmlinuz-2.6-xenU}  Link to unprivileged XenLinux kernel
  12.404 -%% \end{itemize}
  12.405 -
  12.406 -The \path{dist/install/boot} directory will also contain the config files
  12.407 -used for building the XenLinux kernels, and also versions of Xen and
  12.408 -XenLinux kernels that contain debug symbols (\path{xen-syms-2.0.6} and
  12.409 -\path{vmlinux-syms-2.6.11.11-xen0}) which are essential for interpreting crash
  12.410 -dumps.  Retain these files as the developers may wish to see them if
  12.411 -you post on the mailing list.
  12.412 -
  12.413 -
  12.414 -
  12.415 -
  12.416 -
  12.417 -\section{Configuration}
  12.418 -\label{s:configure}
  12.419 -Once you have built and installed the Xen distribution, it is 
  12.420 -simple to prepare the machine for booting and running Xen. 
  12.421 -
  12.422 -\subsection{GRUB Configuration}
  12.423 -
  12.424 -An entry should be added to \path{grub.conf} (often found under
  12.425 -\path{/boot/} or \path{/boot/grub/}) to allow Xen / XenLinux to boot.
  12.426 -This file is sometimes called \path{menu.lst}, depending on your
  12.427 -distribution.  The entry should look something like the following:
  12.428 -
  12.429 -{\small
  12.430 -\begin{verbatim}
  12.431 -title Xen 2.0 / XenLinux 2.6
  12.432 -  kernel /boot/xen-2.0.gz dom0_mem=131072
  12.433 -  module /boot/vmlinuz-2.6-xen0 root=/dev/sda4 ro console=tty0
  12.434 -\end{verbatim}
  12.435 -}
  12.436 -
  12.437 -The kernel line tells GRUB where to find Xen itself and what boot
  12.438 -parameters should be passed to it (in this case, setting domain 0's
  12.439 -memory allocation in kilobytes and the settings for the serial port). For more
  12.440 -details on the various Xen boot parameters see Section~\ref{s:xboot}. 
  12.441 -
  12.442 -The module line of the configuration describes the location of the
  12.443 -XenLinux kernel that Xen should start and the parameters that should
  12.444 -be passed to it (these are standard Linux parameters, identifying the
  12.445 -root device and specifying it be initially mounted read only and
  12.446 -instructing that console output be sent to the screen).  Some
  12.447 -distributions such as SuSE do not require the \path{ro} parameter.
  12.448 -
  12.449 -%% \framebox{\parbox{5in}{
  12.450 -%% {\bf Distro specific:} \\
  12.451 -%% {\it SuSE} --- Omit the {\tt ro} option from the XenLinux kernel
  12.452 -%% command line, since the partition won't be remounted rw during boot.
  12.453 -%% }}
  12.454 -
  12.455 -
  12.456 -If you want to use an initrd, just add another \path{module} line to
  12.457 -the configuration, as usual:
  12.458 -{\small
  12.459 -\begin{verbatim}
  12.460 -  module /boot/my_initrd.gz
  12.461 -\end{verbatim}
  12.462 -}
  12.463 -
  12.464 -As always when installing a new kernel, it is recommended that you do
  12.465 -not delete existing menu options from \path{menu.lst} --- you may want
  12.466 -to boot your old Linux kernel in future, particularly if you
  12.467 -have problems.
  12.468 -
  12.469 -
  12.470 -\subsection{Serial Console (optional)}
  12.471 -
  12.472 -%%   kernel /boot/xen-2.0.gz dom0_mem=131072 com1=115200,8n1
  12.473 -%%   module /boot/vmlinuz-2.6-xen0 root=/dev/sda4 ro 
  12.474 -
  12.475 -
  12.476 -In order to configure Xen serial console output, it is necessary to add 
  12.477 -an boot option to your GRUB config; e.g. replace the above kernel line 
  12.478 -with: 
  12.479 -\begin{quote}
  12.480 -{\small
  12.481 -\begin{verbatim}
  12.482 -   kernel /boot/xen.gz dom0_mem=131072 com1=115200,8n1
  12.483 -\end{verbatim}}
  12.484 -\end{quote}
  12.485 -
  12.486 -This configures Xen to output on COM1 at 115,200 baud, 8 data bits, 
  12.487 -1 stop bit and no parity. Modify these parameters for your set up. 
  12.488 -
  12.489 -One can also configure XenLinux to share the serial console; to 
  12.490 -achieve this append ``\path{console=ttyS0}'' to your 
  12.491 -module line. 
  12.492 -
  12.493 -
  12.494 -If you wish to be able to log in over the XenLinux serial console it
  12.495 -is necessary to add a line into \path{/etc/inittab}, just as per 
  12.496 -regular Linux. Simply add the line:
  12.497 -\begin{quote}
  12.498 -{\small 
  12.499 -{\tt c:2345:respawn:/sbin/mingetty ttyS0}
  12.500 -}
  12.501 -\end{quote} 
  12.502 -
  12.503 -and you should be able to log in. Note that to successfully log in 
  12.504 -as root over the serial line will require adding \path{ttyS0} to
  12.505 -\path{/etc/securetty} in most modern distributions. 
  12.506 -
  12.507 -\subsection{TLS Libraries}
  12.508 -
  12.509 -Users of the XenLinux 2.6 kernel should disable Thread Local Storage
  12.510 -(e.g.\ by doing a \path{mv /lib/tls /lib/tls.disabled}) before
  12.511 -attempting to run with a XenLinux kernel\footnote{If you boot without first
  12.512 -disabling TLS, you will get a warning message during the boot
  12.513 -process. In this case, simply perform the rename after the machine is
  12.514 -up and then run \texttt{/sbin/ldconfig} to make it take effect.}.  You can
  12.515 -always reenable it by restoring the directory to its original location
  12.516 -(i.e.\ \path{mv /lib/tls.disabled /lib/tls}).
  12.517 -
  12.518 -The reason for this is that the current TLS implementation uses
  12.519 -segmentation in a way that is not permissible under Xen.  If TLS is
  12.520 -not disabled, an emulation mode is used within Xen which reduces
  12.521 -performance substantially.
  12.522 -
  12.523 -We hope that this issue can be resolved by working with Linux
  12.524 -distribution vendors to implement a minor backward-compatible change
  12.525 -to the TLS library.
  12.526 -
  12.527 -\section{Booting Xen} 
  12.528 -
  12.529 -It should now be possible to restart the system and use Xen.  Reboot
  12.530 -as usual but choose the new Xen option when the Grub screen appears.
  12.531 -
  12.532 -What follows should look much like a conventional Linux boot.  The
  12.533 -first portion of the output comes from Xen itself, supplying low level
  12.534 -information about itself and the machine it is running on.  The
  12.535 -following portion of the output comes from XenLinux.
  12.536 -
  12.537 -You may see some errors during the XenLinux boot.  These are not
  12.538 -necessarily anything to worry about --- they may result from kernel
  12.539 -configuration differences between your XenLinux kernel and the one you
  12.540 -usually use.
  12.541 -
  12.542 -When the boot completes, you should be able to log into your system as
  12.543 -usual.  If you are unable to log in to your system running Xen, you
  12.544 -should still be able to reboot with your normal Linux kernel.
  12.545 -
  12.546 -
  12.547 -\chapter{Starting Additional Domains}
  12.548 -
  12.549 -The first step in creating a new domain is to prepare a root
  12.550 -filesystem for it to boot off.  Typically, this might be stored in a
  12.551 -normal partition, an LVM or other volume manager partition, a disk
  12.552 -file or on an NFS server.  A simple way to do this is simply to boot
  12.553 -from your standard OS install CD and install the distribution into
  12.554 -another partition on your hard drive.
  12.555 -
  12.556 -To start the \xend control daemon, type
  12.557 -\begin{quote}
  12.558 -\verb!# xend start!
  12.559 -\end{quote}
  12.560 -If you
  12.561 -wish the daemon to start automatically, see the instructions in
  12.562 -Section~\ref{s:xend}. Once the daemon is running, you can use the
  12.563 -\path{xm} tool to monitor and maintain the domains running on your
  12.564 -system. This chapter provides only a brief tutorial: we provide full
  12.565 -details of the \path{xm} tool in the next chapter. 
  12.566 -
  12.567 -%\section{From the web interface}
  12.568 -%
  12.569 -%Boot the Xen machine and start Xensv (see Chapter~\ref{cha:xensv} for
  12.570 -%more details) using the command: \\
  12.571 -%\verb_# xensv start_ \\
  12.572 -%This will also start Xend (see Chapter~\ref{cha:xend} for more information).
  12.573 -%
  12.574 -%The domain management interface will then be available at {\tt
  12.575 -%http://your\_machine:8080/}.  This provides a user friendly wizard for
  12.576 -%starting domains and functions for managing running domains.
  12.577 -%
  12.578 -%\section{From the command line}
  12.579 -
  12.580 -
  12.581 -\section{Creating a Domain Configuration File} 
  12.582  
  12.583 -Before you can start an additional domain, you must create a
  12.584 -configuration file. We provide two example files which you 
  12.585 -can use as a starting point: 
  12.586 -\begin{itemize} 
  12.587 -  \item \path{/etc/xen/xmexample1} is a simple template configuration file
  12.588 -    for describing a single VM.
  12.589 -
  12.590 -  \item \path{/etc/xen/xmexample2} file is a template description that
  12.591 -    is intended to be reused for multiple virtual machines.  Setting
  12.592 -    the value of the \path{vmid} variable on the \path{xm} command line
  12.593 -    fills in parts of this template.
  12.594 -\end{itemize} 
  12.595 -
  12.596 -Copy one of these files and edit it as appropriate.
  12.597 -Typical values you may wish to edit include: 
  12.598 -
  12.599 -\begin{quote}
  12.600 -\begin{description}
  12.601 -\item[kernel] Set this to the path of the kernel you compiled for use
  12.602 -              with Xen (e.g.\  \path{kernel = '/boot/vmlinuz-2.6-xenU'})
  12.603 -\item[memory] Set this to the size of the domain's memory in
  12.604 -megabytes (e.g.\ \path{memory = 64})
  12.605 -\item[disk] Set the first entry in this list to calculate the offset
  12.606 -of the domain's root partition, based on the domain ID.  Set the
  12.607 -second to the location of \path{/usr} if you are sharing it between
  12.608 -domains (e.g.\ \path{disk = ['phy:your\_hard\_drive\%d,sda1,w' \%
  12.609 -(base\_partition\_number + vmid), 'phy:your\_usr\_partition,sda6,r' ]}
  12.610 -\item[dhcp] Uncomment the dhcp variable, so that the domain will
  12.611 -receive its IP address from a DHCP server (e.g.\ \path{dhcp='dhcp'})
  12.612 -\end{description}
  12.613 -\end{quote}
  12.614 -
  12.615 -You may also want to edit the {\bf vif} variable in order to choose
  12.616 -the MAC address of the virtual ethernet interface yourself.  For
  12.617 -example: 
  12.618 -\begin{quote}
  12.619 -\verb_vif = ['mac=00:06:AA:F6:BB:B3']_
  12.620 -\end{quote}
  12.621 -If you do not set this variable, \xend will automatically generate a
  12.622 -random MAC address from an unused range.
  12.623 -
  12.624 -
  12.625 -\section{Booting the Domain}
  12.626 -
  12.627 -The \path{xm} tool provides a variety of commands for managing domains.
  12.628 -Use the \path{create} command to start new domains. Assuming you've 
  12.629 -created a configuration file \path{myvmconf} based around
  12.630 -\path{/etc/xen/xmexample2}, to start a domain with virtual 
  12.631 -machine ID~1 you should type: 
  12.632 -
  12.633 -\begin{quote}
  12.634 -\begin{verbatim}
  12.635 -# xm create -c myvmconf vmid=1
  12.636 -\end{verbatim}
  12.637 -\end{quote}
  12.638 -
  12.639 -
  12.640 -The \path{-c} switch causes \path{xm} to turn into the domain's
  12.641 -console after creation.  The \path{vmid=1} sets the \path{vmid}
  12.642 -variable used in the \path{myvmconf} file. 
  12.643 -
  12.644 -
  12.645 -You should see the console boot messages from the new domain 
  12.646 -appearing in the terminal in which you typed the command, 
  12.647 -culminating in a login prompt. 
  12.648 -
  12.649 -
  12.650 -\section{Example: ttylinux}
  12.651 -
  12.652 -Ttylinux is a very small Linux distribution, designed to require very
  12.653 -few resources.  We will use it as a concrete example of how to start a
  12.654 -Xen domain.  Most users will probably want to install a full-featured
  12.655 -distribution once they have mastered the basics\footnote{ttylinux is
  12.656 -maintained by Pascal Schmidt. You can download source packages from
  12.657 -the distribution's home page: {\tt http://www.minimalinux.org/ttylinux/}}.
  12.658 -
  12.659 -\begin{enumerate}
  12.660 -\item Download and extract the ttylinux disk image from the Files
  12.661 -section of the project's SourceForge site (see 
  12.662 -\path{http://sf.net/projects/xen/}).
  12.663 -\item Create a configuration file like the following:
  12.664 -\begin{verbatim}
  12.665 -kernel = "/boot/vmlinuz-2.6-xenU"
  12.666 -memory = 64
  12.667 -name = "ttylinux"
  12.668 -nics = 1
  12.669 -ip = "1.2.3.4"
  12.670 -disk = ['file:/path/to/ttylinux/rootfs,sda1,w']
  12.671 -root = "/dev/sda1 ro"
  12.672 -\end{verbatim}
  12.673 -\item Now start the domain and connect to its console:
  12.674 -\begin{verbatim}
  12.675 -xm create configfile -c
  12.676 -\end{verbatim}
  12.677 -\item Login as root, password root.
  12.678 -\end{enumerate}
  12.679 -
  12.680 -
  12.681 -\section{Starting / Stopping Domains Automatically}
  12.682 -
  12.683 -It is possible to have certain domains start automatically at boot
  12.684 -time and to have dom0 wait for all running domains to shutdown before
  12.685 -it shuts down the system.
  12.686 -
  12.687 -To specify a domain is to start at boot-time, place its
  12.688 -configuration file (or a link to it) under \path{/etc/xen/auto/}.
  12.689 -
  12.690 -A Sys-V style init script for RedHat and LSB-compliant systems is
  12.691 -provided and will be automatically copied to \path{/etc/init.d/}
  12.692 -during install.  You can then enable it in the appropriate way for
  12.693 -your distribution.
  12.694 -
  12.695 -For instance, on RedHat:
  12.696 -
  12.697 -\begin{quote}
  12.698 -\verb_# chkconfig --add xendomains_
  12.699 -\end{quote}
  12.700 -
  12.701 -By default, this will start the boot-time domains in runlevels 3, 4
  12.702 -and 5.
  12.703 -
  12.704 -You can also use the \path{service} command to run this script
  12.705 -manually, e.g:
  12.706 -
  12.707 -\begin{quote}
  12.708 -\verb_# service xendomains start_
  12.709 -
  12.710 -Starts all the domains with config files under /etc/xen/auto/.
  12.711 -\end{quote}
  12.712 -
  12.713 -
  12.714 -\begin{quote}
  12.715 -\verb_# service xendomains stop_
  12.716 -
  12.717 -Shuts down ALL running Xen domains.
  12.718 -\end{quote}
  12.719 -
  12.720 -\chapter{Domain Management Tools}
  12.721 -
  12.722 -The previous chapter described a simple example of how to configure
  12.723 -and start a domain.  This chapter summarises the tools available to
  12.724 -manage running domains.
  12.725 -
  12.726 -\section{Command-line Management}
  12.727 -
  12.728 -Command line management tasks are also performed using the \path{xm}
  12.729 -tool.  For online help for the commands available, type:
  12.730 -\begin{quote}
  12.731 -\verb_# xm help_
  12.732 -\end{quote}
  12.733 -
  12.734 -You can also type \path{xm help $<$command$>$} for more information 
  12.735 -on a given command. 
  12.736 -
  12.737 -\subsection{Basic Management Commands}
  12.738 -
  12.739 -The most important \path{xm} commands are: 
  12.740 -\begin{quote}
  12.741 -\verb_# xm list_: Lists all domains running.\\
  12.742 -\verb_# xm consoles_ : Gives information about the domain consoles.\\
  12.743 -\verb_# xm console_: Opens a console to a domain (e.g.\
  12.744 -  \verb_# xm console myVM_
  12.745 -\end{quote}
  12.746 -
  12.747 -\subsection{\tt xm list}
  12.748 -
  12.749 -The output of \path{xm list} is in rows of the following format:
  12.750 -\begin{center}
  12.751 -{\tt name domid memory cpu state cputime console}
  12.752 -\end{center}
  12.753 -
  12.754 -\begin{quote}
  12.755 -\begin{description}
  12.756 -\item[name]  The descriptive name of the virtual machine.
  12.757 -\item[domid] The number of the domain ID this virtual machine is running in.
  12.758 -\item[memory] Memory size in megabytes.
  12.759 -\item[cpu]   The CPU this domain is running on.
  12.760 -\item[state] Domain state consists of 5 fields:
  12.761 -  \begin{description}
  12.762 -  \item[r] running
  12.763 -  \item[b] blocked
  12.764 -  \item[p] paused
  12.765 -  \item[s] shutdown
  12.766 -  \item[c] crashed
  12.767 -  \end{description}
  12.768 -\item[cputime] How much CPU time (in seconds) the domain has used so far.
  12.769 -\item[console] TCP port accepting connections to the domain's console.
  12.770 -\end{description}
  12.771 -\end{quote}
  12.772 -
  12.773 -The \path{xm list} command also supports a long output format when the
  12.774 -\path{-l} switch is used.  This outputs the fulls details of the
  12.775 -running domains in \xend's SXP configuration format.
  12.776 -
  12.777 -For example, suppose the system is running the ttylinux domain as
  12.778 -described earlier.  The list command should produce output somewhat
  12.779 -like the following:
  12.780 -\begin{verbatim}
  12.781 -# xm list
  12.782 -Name              Id  Mem(MB)  CPU  State  Time(s)  Console
  12.783 -Domain-0           0      251    0  r----    172.2        
  12.784 -ttylinux           5       63    0  -b---      3.0    9605
  12.785 -\end{verbatim}
  12.786 -
  12.787 -Here we can see the details for the ttylinux domain, as well as for
  12.788 -domain 0 (which, of course, is always running).  Note that the console
  12.789 -port for the ttylinux domain is 9605.  This can be connected to by TCP
  12.790 -using a terminal program (e.g. \path{telnet} or, better, 
  12.791 -\path{xencons}).  The simplest way to connect is to use the \path{xm console}
  12.792 -command, specifying the domain name or ID.  To connect to the console
  12.793 -of the ttylinux domain, we could use any of the following: 
  12.794 -\begin{verbatim}
  12.795 -# xm console ttylinux
  12.796 -# xm console 5
  12.797 -# xencons localhost 9605
  12.798 -\end{verbatim}
  12.799 -
  12.800 -\section{Domain Save and Restore}
  12.801 -
  12.802 -The administrator of a Xen system may suspend a virtual machine's
  12.803 -current state into a disk file in domain 0, allowing it to be resumed
  12.804 -at a later time.
  12.805 -
  12.806 -The ttylinux domain described earlier can be suspended to disk using
  12.807 -the command:
  12.808 -\begin{verbatim}
  12.809 -# xm save ttylinux ttylinux.xen
  12.810 -\end{verbatim}
  12.811 -
  12.812 -This will stop the domain named `ttylinux' and save its current state
  12.813 -into a file called \path{ttylinux.xen}.
  12.814 -
  12.815 -To resume execution of this domain, use the \path{xm restore} command:
  12.816 -\begin{verbatim}
  12.817 -# xm restore ttylinux.xen
  12.818 -\end{verbatim}
  12.819 -
  12.820 -This will restore the state of the domain and restart it.  The domain
  12.821 -will carry on as before and the console may be reconnected using the
  12.822 -\path{xm console} command, as above.
  12.823 -
  12.824 -\section{Live Migration}
  12.825 -
  12.826 -Live migration is used to transfer a domain between physical hosts
  12.827 -whilst that domain continues to perform its usual activities --- from
  12.828 -the user's perspective, the migration should be imperceptible.
  12.829 -
  12.830 -To perform a live migration, both hosts must be running Xen / \xend and
  12.831 -the destination host must have sufficient resources (e.g. memory
  12.832 -capacity) to accommodate the domain after the move. Furthermore we
  12.833 -currently require both source and destination machines to be on the 
  12.834 -same L2 subnet. 
  12.835 -
  12.836 -Currently, there is no support for providing automatic remote access
  12.837 -to filesystems stored on local disk when a domain is migrated.
  12.838 -Administrators should choose an appropriate storage solution
  12.839 -(i.e. SAN, NAS, etc.) to ensure that domain filesystems are also
  12.840 -available on their destination node. GNBD is a good method for
  12.841 -exporting a volume from one machine to another. iSCSI can do a similar
  12.842 -job, but is more complex to set up.
  12.843 -
  12.844 -When a domain migrates, it's MAC and IP address move with it, thus it
  12.845 -is only possible to migrate VMs within the same layer-2 network and IP
  12.846 -subnet. If the destination node is on a different subnet, the
  12.847 -administrator would need to manually configure a suitable etherip or
  12.848 -IP tunnel in the domain 0 of the remote node. 
  12.849 -
  12.850 -A domain may be migrated using the \path{xm migrate} command.  To
  12.851 -live migrate a domain to another machine, we would use
  12.852 -the command:
  12.853 -
  12.854 -\begin{verbatim}
  12.855 -# xm migrate --live mydomain destination.ournetwork.com
  12.856 -\end{verbatim}
  12.857 -
  12.858 -Without the \path{--live} flag, \xend simply stops the domain and
  12.859 -copies the memory image over to the new node and restarts it. Since
  12.860 -domains can have large allocations this can be quite time consuming,
  12.861 -even on a Gigabit network. With the \path{--live} flag \xend attempts
  12.862 -to keep the domain running while the migration is in progress,
  12.863 -resulting in typical `downtimes' of just 60--300ms.
  12.864 -
  12.865 -For now it will be necessary to reconnect to the domain's console on
  12.866 -the new machine using the \path{xm console} command.  If a migrated
  12.867 -domain has any open network connections then they will be preserved,
  12.868 -so SSH connections do not have this limitation.
  12.869 -
  12.870 -\section{Managing Domain Memory}
  12.871 -
  12.872 -XenLinux domains have the ability to relinquish / reclaim machine
  12.873 -memory at the request of the administrator or the user of the domain.
  12.874 +\part{Introduction and Tutorial}
  12.875  
  12.876 -\subsection{Setting memory footprints from dom0}
  12.877 -
  12.878 -The machine administrator can request that a domain alter its memory
  12.879 -footprint using the \path{xm set-mem} command.  For instance, we can
  12.880 -request that our example ttylinux domain reduce its memory footprint
  12.881 -to 32 megabytes.
  12.882 -
  12.883 -\begin{verbatim}
  12.884 -# xm set-mem ttylinux 32
  12.885 -\end{verbatim}
  12.886 -
  12.887 -We can now see the result of this in the output of \path{xm list}:
  12.888 -
  12.889 -\begin{verbatim}
  12.890 -# xm list
  12.891 -Name              Id  Mem(MB)  CPU  State  Time(s)  Console
  12.892 -Domain-0           0      251    0  r----    172.2        
  12.893 -ttylinux           5       31    0  -b---      4.3    9605
  12.894 -\end{verbatim}
  12.895 -
  12.896 -The domain has responded to the request by returning memory to Xen. We
  12.897 -can restore the domain to its original size using the command line:
  12.898 -
  12.899 -\begin{verbatim}
  12.900 -# xm set-mem ttylinux 64
  12.901 -\end{verbatim}
  12.902 -
  12.903 -\subsection{Setting memory footprints from within a domain}
  12.904 -
  12.905 -The virtual file \path{/proc/xen/balloon} allows the owner of a
  12.906 -domain to adjust their own memory footprint.  Reading the file
  12.907 -(e.g. \path{cat /proc/xen/balloon}) prints out the current
  12.908 -memory footprint of the domain.  Writing the file
  12.909 -(e.g. \path{echo new\_target > /proc/xen/balloon}) requests
  12.910 -that the kernel adjust the domain's memory footprint to a new value.
  12.911 -
  12.912 -\subsection{Setting memory limits}
  12.913 -
  12.914 -Xen associates a memory size limit with each domain.  By default, this
  12.915 -is the amount of memory the domain is originally started with,
  12.916 -preventing the domain from ever growing beyond this size.  To permit a
  12.917 -domain to grow beyond its original allocation or to prevent a domain
  12.918 -you've shrunk from reclaiming the memory it relinquished, use the 
  12.919 -\path{xm maxmem} command.
  12.920 -
  12.921 -\chapter{Domain Filesystem Storage}
  12.922 -
  12.923 -It is possible to directly export any Linux block device in dom0 to
  12.924 -another domain, or to export filesystems / devices to virtual machines
  12.925 -using standard network protocols (e.g. NBD, iSCSI, NFS, etc).  This
  12.926 -chapter covers some of the possibilities.
  12.927 -
  12.928 -
  12.929 -\section{Exporting Physical Devices as VBDs} 
  12.930 -\label{s:exporting-physical-devices-as-vbds}
  12.931 -
  12.932 -One of the simplest configurations is to directly export 
  12.933 -individual partitions from domain 0 to other domains. To 
  12.934 -achieve this use the \path{phy:} specifier in your domain 
  12.935 -configuration file. For example a line like
  12.936 -\begin{quote}
  12.937 -\verb_disk = ['phy:hda3,sda1,w']_
  12.938 -\end{quote}
  12.939 -specifies that the partition \path{/dev/hda3} in domain 0 
  12.940 -should be exported read-write to the new domain as \path{/dev/sda1}; 
  12.941 -one could equally well export it as \path{/dev/hda} or 
  12.942 -\path{/dev/sdb5} should one wish. 
  12.943 -
  12.944 -In addition to local disks and partitions, it is possible to export
  12.945 -any device that Linux considers to be ``a disk'' in the same manner.
  12.946 -For example, if you have iSCSI disks or GNBD volumes imported into
  12.947 -domain 0 you can export these to other domains using the \path{phy:}
  12.948 -disk syntax. E.g.:
  12.949 -\begin{quote}
  12.950 -\verb_disk = ['phy:vg/lvm1,sda2,w']_
  12.951 -\end{quote}
  12.952 -
  12.953 -
  12.954 -
  12.955 -\begin{center}
  12.956 -\framebox{\bf Warning: Block device sharing}
  12.957 -\end{center}
  12.958 -\begin{quote}
  12.959 -Block devices should typically only be shared between domains in a
  12.960 -read-only fashion otherwise the Linux kernel's file systems will get
  12.961 -very confused as the file system structure may change underneath them
  12.962 -(having the same ext3 partition mounted rw twice is a sure fire way to
  12.963 -cause irreparable damage)!  \Xend will attempt to prevent you from
  12.964 -doing this by checking that the device is not mounted read-write in
  12.965 -domain 0, and hasn't already been exported read-write to another
  12.966 -domain.
  12.967 -If you want read-write sharing, export the directory to other domains
  12.968 -via NFS from domain0 (or use a cluster file system such as GFS or
  12.969 -ocfs2).
  12.970 -
  12.971 -\end{quote}
  12.972 -
  12.973 -
  12.974 -\section{Using File-backed VBDs}
  12.975 -
  12.976 -It is also possible to use a file in Domain 0 as the primary storage
  12.977 -for a virtual machine.  As well as being convenient, this also has the
  12.978 -advantage that the virtual block device will be {\em sparse} --- space
  12.979 -will only really be allocated as parts of the file are used.  So if a
  12.980 -virtual machine uses only half of its disk space then the file really
  12.981 -takes up half of the size allocated.
  12.982 -
  12.983 -For example, to create a 2GB sparse file-backed virtual block device
  12.984 -(actually only consumes 1KB of disk):
  12.985 -\begin{quote}
  12.986 -\verb_# dd if=/dev/zero of=vm1disk bs=1k seek=2048k count=1_
  12.987 -\end{quote}
  12.988 -
  12.989 -Make a file system in the disk file: 
  12.990 -\begin{quote}
  12.991 -\verb_# mkfs -t ext3 vm1disk_
  12.992 -\end{quote}
  12.993 -
  12.994 -(when the tool asks for confirmation, answer `y')
  12.995 -
  12.996 -Populate the file system e.g. by copying from the current root:
  12.997 -\begin{quote}
  12.998 -\begin{verbatim}
  12.999 -# mount -o loop vm1disk /mnt
 12.1000 -# cp -ax /{root,dev,var,etc,usr,bin,sbin,lib} /mnt
 12.1001 -# mkdir /mnt/{proc,sys,home,tmp}
 12.1002 -\end{verbatim}
 12.1003 -\end{quote}
 12.1004 -
 12.1005 -Tailor the file system by editing \path{/etc/fstab},
 12.1006 -\path{/etc/hostname}, etc (don't forget to edit the files in the
 12.1007 -mounted file system, instead of your domain 0 filesystem, e.g. you
 12.1008 -would edit \path{/mnt/etc/fstab} instead of \path{/etc/fstab} ).  For
 12.1009 -this example put \path{/dev/sda1} to root in fstab.
 12.1010 -
 12.1011 -Now unmount (this is important!):
 12.1012 -\begin{quote}
 12.1013 -\verb_# umount /mnt_
 12.1014 -\end{quote}
 12.1015 -
 12.1016 -In the configuration file set:
 12.1017 -\begin{quote}
 12.1018 -\verb_disk = ['file:/full/path/to/vm1disk,sda1,w']_
 12.1019 -\end{quote}
 12.1020 +%% Chapter Introduction moved to introduction.tex
 12.1021 +\include{src/user/introduction}
 12.1022  
 12.1023 -As the virtual machine writes to its `disk', the sparse file will be
 12.1024 -filled in and consume more space up to the original 2GB.
 12.1025 -
 12.1026 -{\bf Note that file-backed VBDs may not be appropriate for backing
 12.1027 -I/O-intensive domains.}  File-backed VBDs are known to experience
 12.1028 -substantial slowdowns under heavy I/O workloads, due to the I/O handling
 12.1029 -by the loopback block device used to support file-backed VBDs in dom0.
 12.1030 -Better I/O performance can be achieved by using either LVM-backed VBDs
 12.1031 -(Section~\ref{s:using-lvm-backed-vbds}) or physical devices as VBDs
 12.1032 -(Section~\ref{s:exporting-physical-devices-as-vbds}).
 12.1033 -
 12.1034 -Linux supports a maximum of eight file-backed VBDs across all domains by
 12.1035 -default.  This limit can be statically increased by using the {\em
 12.1036 -max\_loop} module parameter if CONFIG\_BLK\_DEV\_LOOP is compiled as a
 12.1037 -module in the dom0 kernel, or by using the {\em max\_loop=n} boot option
 12.1038 -if CONFIG\_BLK\_DEV\_LOOP is compiled directly into the dom0 kernel.
 12.1039 -
 12.1040 -
 12.1041 -\section{Using LVM-backed VBDs}
 12.1042 -\label{s:using-lvm-backed-vbds}
 12.1043 -
 12.1044 -A particularly appealing solution is to use LVM volumes 
 12.1045 -as backing for domain file-systems since this allows dynamic
 12.1046 -growing/shrinking of volumes as well as snapshot and other 
 12.1047 -features. 
 12.1048 -
 12.1049 -To initialise a partition to support LVM volumes:
 12.1050 -\begin{quote}
 12.1051 -\begin{verbatim} 
 12.1052 -# pvcreate /dev/sda10           
 12.1053 -\end{verbatim} 
 12.1054 -\end{quote}
 12.1055 -
 12.1056 -Create a volume group named `vg' on the physical partition:
 12.1057 -\begin{quote}
 12.1058 -\begin{verbatim} 
 12.1059 -# vgcreate vg /dev/sda10
 12.1060 -\end{verbatim} 
 12.1061 -\end{quote}
 12.1062 -
 12.1063 -Create a logical volume of size 4GB named `myvmdisk1':
 12.1064 -\begin{quote}
 12.1065 -\begin{verbatim} 
 12.1066 -# lvcreate -L4096M -n myvmdisk1 vg
 12.1067 -\end{verbatim} 
 12.1068 -\end{quote}
 12.1069 -
 12.1070 -You should now see that you have a \path{/dev/vg/myvmdisk1}
 12.1071 -Make a filesystem, mount it and populate it, e.g.:
 12.1072 -\begin{quote}
 12.1073 -\begin{verbatim} 
 12.1074 -# mkfs -t ext3 /dev/vg/myvmdisk1
 12.1075 -# mount /dev/vg/myvmdisk1 /mnt
 12.1076 -# cp -ax / /mnt
 12.1077 -# umount /mnt
 12.1078 -\end{verbatim} 
 12.1079 -\end{quote}
 12.1080 -
 12.1081 -Now configure your VM with the following disk configuration:
 12.1082 -\begin{quote}
 12.1083 -\begin{verbatim} 
 12.1084 - disk = [ 'phy:vg/myvmdisk1,sda1,w' ]
 12.1085 -\end{verbatim} 
 12.1086 -\end{quote}
 12.1087 -
 12.1088 -LVM enables you to grow the size of logical volumes, but you'll need
 12.1089 -to resize the corresponding file system to make use of the new
 12.1090 -space. Some file systems (e.g. ext3) now support on-line resize.  See
 12.1091 -the LVM manuals for more details.
 12.1092 +%% Chapter Installation moved to installation.tex
 12.1093 +\include{src/user/installation}
 12.1094  
 12.1095 -You can also use LVM for creating copy-on-write clones of LVM
 12.1096 -volumes (known as writable persistent snapshots in LVM
 12.1097 -terminology). This facility is new in Linux 2.6.8, so isn't as
 12.1098 -stable as one might hope. In particular, using lots of CoW LVM
 12.1099 -disks consumes a lot of dom0 memory, and error conditions such as
 12.1100 -running out of disk space are not handled well. Hopefully this
 12.1101 -will improve in future.
 12.1102 -
 12.1103 -To create two copy-on-write clone of the above file system you
 12.1104 -would use the following commands:
 12.1105 -
 12.1106 -\begin{quote}
 12.1107 -\begin{verbatim} 
 12.1108 -# lvcreate -s -L1024M -n myclonedisk1 /dev/vg/myvmdisk1
 12.1109 -# lvcreate -s -L1024M -n myclonedisk2 /dev/vg/myvmdisk1
 12.1110 -\end{verbatim} 
 12.1111 -\end{quote}
 12.1112 -
 12.1113 -Each of these can grow to have 1GB of differences from the master
 12.1114 -volume. You can grow the amount of space for storing the
 12.1115 -differences using the lvextend command, e.g.:
 12.1116 -\begin{quote}
 12.1117 -\begin{verbatim} 
 12.1118 -# lvextend +100M /dev/vg/myclonedisk1
 12.1119 -\end{verbatim} 
 12.1120 -\end{quote}
 12.1121 -
 12.1122 -Don't let the `differences volume' ever fill up otherwise LVM gets
 12.1123 -rather confused. It may be possible to automate the growing
 12.1124 -process by using \path{dmsetup wait} to spot the volume getting full
 12.1125 -and then issue an \path{lvextend}.
 12.1126 -
 12.1127 -In principle, it is possible to continue writing to the volume
 12.1128 -that has been cloned (the changes will not be visible to the
 12.1129 -clones), but we wouldn't recommend this: have the cloned volume
 12.1130 -as a `pristine' file system install that isn't mounted directly
 12.1131 -by any of the virtual machines.
 12.1132 -
 12.1133 +%% Chapter Starting Additional Domains  moved to start_addl_dom.tex
 12.1134 +\include{src/user/start_addl_dom}
 12.1135  
 12.1136 -\section{Using NFS Root}
 12.1137 -
 12.1138 -First, populate a root filesystem in a directory on the server
 12.1139 -machine. This can be on a distinct physical machine, or simply 
 12.1140 -run within a virtual machine on the same node.
 12.1141 -
 12.1142 -Now configure the NFS server to export this filesystem over the
 12.1143 -network by adding a line to \path{/etc/exports}, for instance:
 12.1144 -
 12.1145 -\begin{quote}
 12.1146 -\begin{small}
 12.1147 -\begin{verbatim}
 12.1148 -/export/vm1root      1.2.3.4/24 (rw,sync,no_root_squash)
 12.1149 -\end{verbatim}
 12.1150 -\end{small}
 12.1151 -\end{quote}
 12.1152 +%% Chapter Domain Management Tools moved to domain_mgmt.tex
 12.1153 +\include{src/user/domain_mgmt}
 12.1154  
 12.1155 -Finally, configure the domain to use NFS root.  In addition to the
 12.1156 -normal variables, you should make sure to set the following values in
 12.1157 -the domain's configuration file:
 12.1158 +%% Chapter Domain Filesystem Storage moved to domain_filesystem.tex
 12.1159 +\include{src/user/domain_filesystem}
 12.1160  
 12.1161 -\begin{quote}
 12.1162 -\begin{small}
 12.1163 -\begin{verbatim}
 12.1164 -root       = '/dev/nfs'
 12.1165 -nfs_server = '2.3.4.5'       # substitute IP address of server 
 12.1166 -nfs_root   = '/path/to/root' # path to root FS on the server
 12.1167 -\end{verbatim}
 12.1168 -\end{small}
 12.1169 -\end{quote}
 12.1170 -
 12.1171 -The domain will need network access at boot time, so either statically
 12.1172 -configure an IP address (Using the config variables \path{ip}, 
 12.1173 -\path{netmask}, \path{gateway}, \path{hostname}) or enable DHCP (
 12.1174 -\path{dhcp='dhcp'}).
 12.1175 -
 12.1176 -Note that the Linux NFS root implementation is known to have stability
 12.1177 -problems under high load (this is not a Xen-specific problem), so this
 12.1178 -configuration may not be appropriate for critical servers.
 12.1179  
 12.1180  
 12.1181  \part{User Reference Documentation}
 12.1182  
 12.1183 -\chapter{Control Software} 
 12.1184 -
 12.1185 -The Xen control software includes the \xend node control daemon (which 
 12.1186 -must be running), the xm command line tools, and the prototype 
 12.1187 -xensv web interface. 
 12.1188 -
 12.1189 -\section{\Xend (node control daemon)}
 12.1190 -\label{s:xend}
 12.1191 -
 12.1192 -The Xen Daemon (\Xend) performs system management functions related to
 12.1193 -virtual machines.  It forms a central point of control for a machine
 12.1194 -and can be controlled using an HTTP-based protocol.  \Xend must be
 12.1195 -running in order to start and manage virtual machines.
 12.1196 -
 12.1197 -\Xend must be run as root because it needs access to privileged system
 12.1198 -management functions.  A small set of commands may be issued on the
 12.1199 -\xend command line:
 12.1200 -
 12.1201 -\begin{tabular}{ll}
 12.1202 -\verb!# xend start! & start \xend, if not already running \\
 12.1203 -\verb!# xend stop!  & stop \xend if already running       \\
 12.1204 -\verb!# xend restart! & restart \xend if running, otherwise start it \\
 12.1205 -% \verb!# xend trace_start! & start \xend, with very detailed debug logging \\
 12.1206 -\verb!# xend status! & indicates \xend status by its return code
 12.1207 -\end{tabular}
 12.1208 -
 12.1209 -A SysV init script called {\tt xend} is provided to start \xend at boot
 12.1210 -time.  {\tt make install} installs this script in {\path{/etc/init.d}.
 12.1211 -To enable it, you have to make symbolic links in the appropriate
 12.1212 -runlevel directories or use the {\tt chkconfig} tool, where available.
 12.1213 -
 12.1214 -Once \xend is running, more sophisticated administration can be done
 12.1215 -using the xm tool (see Section~\ref{s:xm}) and the experimental
 12.1216 -Xensv web interface (see Section~\ref{s:xensv}).
 12.1217 -
 12.1218 -As \xend runs, events will be logged to \path{/var/log/xend.log} and, 
 12.1219 -if the migration assistant daemon (\path{xfrd}) has been started, 
 12.1220 -\path{/var/log/xfrd.log}. These may be of use for troubleshooting
 12.1221 -problems.
 12.1222 -
 12.1223 -\section{Xm (command line interface)}
 12.1224 -\label{s:xm}
 12.1225 -
 12.1226 -The xm tool is the primary tool for managing Xen from the console.
 12.1227 -The general format of an xm command line is:
 12.1228 -
 12.1229 -\begin{verbatim}
 12.1230 -# xm command [switches] [arguments] [variables]
 12.1231 -\end{verbatim}
 12.1232 -
 12.1233 -The available {\em switches} and {\em arguments} are dependent on the
 12.1234 -{\em command} chosen.  The {\em variables} may be set using
 12.1235 -declarations of the form {\tt variable=value} and command line
 12.1236 -declarations override any of the values in the configuration file
 12.1237 -being used, including the standard variables described above and any
 12.1238 -custom variables (for instance, the \path{xmdefconfig} file uses a
 12.1239 -{\tt vmid} variable).
 12.1240 -
 12.1241 -The available commands are as follows:
 12.1242 -
 12.1243 -\begin{description}
 12.1244 -\item[set-mem] Request a domain to adjust its memory footprint.
 12.1245 -\item[create] Create a new domain.
 12.1246 -\item[destroy] Kill a domain immediately.
 12.1247 -\item[list] List running domains.
 12.1248 -\item[shutdown] Ask a domain to shutdown.
 12.1249 -\item[dmesg] Fetch the Xen (not Linux!) boot output.
 12.1250 -\item[consoles] Lists the available consoles.
 12.1251 -\item[console] Connect to the console for a domain.
 12.1252 -\item[help] Get help on xm commands.
 12.1253 -\item[save] Suspend a domain to disk.
 12.1254 -\item[restore] Restore a domain from disk.
 12.1255 -\item[pause] Pause a domain's execution.
 12.1256 -\item[unpause] Unpause a domain.
 12.1257 -\item[pincpu] Pin a domain to a CPU.
 12.1258 -\item[bvt] Set BVT scheduler parameters for a domain.
 12.1259 -\item[bvt\_ctxallow] Set the BVT context switching allowance for the system.
 12.1260 -\item[atropos] Set the atropos parameters for a domain.
 12.1261 -\item[rrobin] Set the round robin time slice for the system.
 12.1262 -\item[info] Get information about the Xen host.
 12.1263 -\item[call] Call a \xend HTTP API function directly.
 12.1264 -\end{description}
 12.1265 -
 12.1266 -For a detailed overview of switches, arguments and variables to each command
 12.1267 -try
 12.1268 -\begin{quote}
 12.1269 -\begin{verbatim}
 12.1270 -# xm help command
 12.1271 -\end{verbatim}
 12.1272 -\end{quote}
 12.1273 -
 12.1274 -\section{Xensv (web control interface)}
 12.1275 -\label{s:xensv}
 12.1276 -
 12.1277 -Xensv is the experimental web control interface for managing a Xen
 12.1278 -machine.  It can be used to perform some (but not yet all) of the
 12.1279 -management tasks that can be done using the xm tool.
 12.1280 -
 12.1281 -It can be started using:
 12.1282 -\begin{quote}
 12.1283 -\verb_# xensv start_
 12.1284 -\end{quote}
 12.1285 -and stopped using: 
 12.1286 -\begin{quote}
 12.1287 -\verb_# xensv stop_
 12.1288 -\end{quote}
 12.1289 -
 12.1290 -By default, Xensv will serve out the web interface on port 8080.  This
 12.1291 -can be changed by editing 
 12.1292 -\path{/usr/lib/python2.3/site-packages/xen/sv/params.py}.
 12.1293 -
 12.1294 -Once Xensv is running, the web interface can be used to create and
 12.1295 -manage running domains.
 12.1296 -
 12.1297 -
 12.1298 -
 12.1299 -
 12.1300 -\chapter{Domain Configuration}
 12.1301 -\label{cha:config}
 12.1302 -
 12.1303 -The following contains the syntax of the domain configuration 
 12.1304 -files and description of how to further specify networking, 
 12.1305 -driver domain and general scheduling behaviour. 
 12.1306 -
 12.1307 -\section{Configuration Files}
 12.1308 -\label{s:cfiles}
 12.1309 -
 12.1310 -Xen configuration files contain the following standard variables.
 12.1311 -Unless otherwise stated, configuration items should be enclosed in
 12.1312 -quotes: see \path{/etc/xen/xmexample1} and \path{/etc/xen/xmexample2} 
 12.1313 -for concrete examples of the syntax.
 12.1314 -
 12.1315 -\begin{description}
 12.1316 -\item[kernel] Path to the kernel image 
 12.1317 -\item[ramdisk] Path to a ramdisk image (optional).
 12.1318 -% \item[builder] The name of the domain build function (e.g. {\tt'linux'} or {\tt'netbsd'}.
 12.1319 -\item[memory] Memory size in megabytes.
 12.1320 -\item[cpu] CPU to run this domain on, or {\tt -1} for
 12.1321 -  auto-allocation. 
 12.1322 -\item[console] Port to export the domain console on (default 9600 + domain ID).
 12.1323 -\item[nics] Number of virtual network interfaces.
 12.1324 -\item[vif] List of MAC addresses (random addresses are assigned if not
 12.1325 -  given) and bridges to use for the domain's network interfaces, e.g.
 12.1326 -\begin{verbatim}
 12.1327 -vif = [ 'mac=aa:00:00:00:00:11, bridge=xen-br0',
 12.1328 -        'bridge=xen-br1' ]
 12.1329 -\end{verbatim}
 12.1330 -  to assign a MAC address and bridge to the first interface and assign
 12.1331 -  a different bridge to the second interface, leaving \xend to choose
 12.1332 -  the MAC address.
 12.1333 -\item[disk] List of block devices to export to the domain,  e.g. \\
 12.1334 -  \verb_disk = [ 'phy:hda1,sda1,r' ]_ \\
 12.1335 -  exports physical device \path{/dev/hda1} to the domain 
 12.1336 -  as \path{/dev/sda1} with read-only access. Exporting a disk read-write 
 12.1337 -  which is currently mounted is dangerous -- if you are \emph{certain}
 12.1338 -  you wish to do this, you can specify \path{w!} as the mode. 
 12.1339 -\item[dhcp] Set to {\tt 'dhcp'} if you want to use DHCP to configure
 12.1340 -  networking. 
 12.1341 -\item[netmask] Manually configured IP netmask.
 12.1342 -\item[gateway] Manually configured IP gateway. 
 12.1343 -\item[hostname] Set the hostname for the virtual machine.
 12.1344 -\item[root] Specify the root device parameter on the kernel command
 12.1345 -  line. 
 12.1346 -\item[nfs\_server] IP address for the NFS server (if any). 
 12.1347 -\item[nfs\_root] Path of the root filesystem on the NFS server (if any).
 12.1348 -\item[extra] Extra string to append to the kernel command line (if
 12.1349 -  any) 
 12.1350 -\item[restart] Three possible options:
 12.1351 -  \begin{description}
 12.1352 -  \item[always] Always restart the domain, no matter what
 12.1353 -                its exit code is.
 12.1354 -  \item[never]  Never restart the domain.
 12.1355 -  \item[onreboot] Restart the domain iff it requests reboot.
 12.1356 -  \end{description}
 12.1357 -\end{description}
 12.1358 -
 12.1359 -For additional flexibility, it is also possible to include Python
 12.1360 -scripting commands in configuration files.  An example of this is the
 12.1361 -\path{xmexample2} file, which uses Python code to handle the 
 12.1362 -\path{vmid} variable.
 12.1363 -
 12.1364 -
 12.1365 -%\part{Advanced Topics}
 12.1366 -
 12.1367 -\section{Network Configuration}
 12.1368 -
 12.1369 -For many users, the default installation should work `out of the box'.
 12.1370 -More complicated network setups, for instance with multiple ethernet
 12.1371 -interfaces and/or existing bridging setups will require some
 12.1372 -special configuration.
 12.1373 -
 12.1374 -The purpose of this section is to describe the mechanisms provided by
 12.1375 -\xend to allow a flexible configuration for Xen's virtual networking.
 12.1376 -
 12.1377 -\subsection{Xen virtual network topology}
 12.1378 -
 12.1379 -Each domain network interface is connected to a virtual network
 12.1380 -interface in dom0 by a point to point link (effectively a `virtual
 12.1381 -crossover cable').  These devices are named {\tt
 12.1382 -vif$<$domid$>$.$<$vifid$>$} (e.g. {\tt vif1.0} for the first interface
 12.1383 -in domain 1, {\tt vif3.1} for the second interface in domain 3).
 12.1384 -
 12.1385 -Traffic on these virtual interfaces is handled in domain 0 using
 12.1386 -standard Linux mechanisms for bridging, routing, rate limiting, etc.
 12.1387 -Xend calls on two shell scripts to perform initial configuration of
 12.1388 -the network and configuration of new virtual interfaces.  By default,
 12.1389 -these scripts configure a single bridge for all the virtual
 12.1390 -interfaces.  Arbitrary routing / bridging configurations can be
 12.1391 -configured by customising the scripts, as described in the following
 12.1392 -section.
 12.1393 -
 12.1394 -\subsection{Xen networking scripts}
 12.1395 -
 12.1396 -Xen's virtual networking is configured by two shell scripts (by
 12.1397 -default \path{network} and \path{vif-bridge}).  These are
 12.1398 -called automatically by \xend when certain events occur, with
 12.1399 -arguments to the scripts providing further contextual information.
 12.1400 -These scripts are found by default in \path{/etc/xen/scripts}.  The
 12.1401 -names and locations of the scripts can be configured in
 12.1402 -\path{/etc/xen/xend-config.sxp}.
 12.1403 -
 12.1404 -\begin{description} 
 12.1405 -
 12.1406 -\item[network:] This script is called whenever \xend is started or
 12.1407 -stopped to respectively initialise or tear down the Xen virtual
 12.1408 -network. In the default configuration initialisation creates the
 12.1409 -bridge `xen-br0' and moves eth0 onto that bridge, modifying the
 12.1410 -routing accordingly. When \xend exits, it deletes the Xen bridge and
 12.1411 -removes eth0, restoring the normal IP and routing configuration.
 12.1412 -
 12.1413 -%% In configurations where the bridge already exists, this script could
 12.1414 -%% be replaced with a link to \path{/bin/true} (for instance).
 12.1415 -
 12.1416 -\item[vif-bridge:] This script is called for every domain virtual
 12.1417 -interface and can configure firewalling rules and add the vif 
 12.1418 -to the appropriate bridge. By default, this adds and removes 
 12.1419 -VIFs on the default Xen bridge.
 12.1420 -
 12.1421 -\end{description} 
 12.1422 -
 12.1423 -For more complex network setups (e.g. where routing is required or
 12.1424 -integrate with existing bridges) these scripts may be replaced with
 12.1425 -customised variants for your site's preferred configuration.
 12.1426 -
 12.1427 -%% There are two possible types of privileges:  IO privileges and
 12.1428 -%% administration privileges.
 12.1429 -
 12.1430 -\section{Driver Domain Configuration} 
 12.1431 -
 12.1432 -I/O privileges can be assigned to allow a domain to directly access
 12.1433 -PCI devices itself.  This is used to support driver domains.
 12.1434 -
 12.1435 -Setting backend privileges is currently only supported in SXP format
 12.1436 -config files.  To allow a domain to function as a backend for others,
 12.1437 -somewhere within the {\tt vm} element of its configuration file must
 12.1438 -be a {\tt backend} element of the form {\tt (backend ({\em type}))}
 12.1439 -where {\tt \em type} may be either {\tt netif} or {\tt blkif},
 12.1440 -according to the type of virtual device this domain will service.
 12.1441 -%% After this domain has been built, \xend will connect all new and
 12.1442 -%% existing {\em virtual} devices (of the appropriate type) to that
 12.1443 -%% backend.
 12.1444 -
 12.1445 -Note that a block backend cannot currently import virtual block
 12.1446 -devices from other domains, and a network backend cannot import
 12.1447 -virtual network devices from other domains.  Thus (particularly in the
 12.1448 -case of block backends, which cannot import a virtual block device as
 12.1449 -their root filesystem), you may need to boot a backend domain from a
 12.1450 -ramdisk or a network device.
 12.1451 -
 12.1452 -Access to PCI devices may be configured on a per-device basis.  Xen
 12.1453 -will assign the minimal set of hardware privileges to a domain that
 12.1454 -are required to control its devices.  This can be configured in either
 12.1455 -format of configuration file:
 12.1456 -
 12.1457 -\begin{itemize}
 12.1458 -\item SXP Format: Include device elements of the form: \\
 12.1459 -\centerline{  {\tt (device (pci (bus {\em x}) (dev {\em y}) (func {\em z})))}} \\
 12.1460 -  inside the top-level {\tt vm} element.  Each one specifies the address
 12.1461 -  of a device this domain is allowed to access ---
 12.1462 -  the numbers {\em x},{\em y} and {\em z} may be in either decimal or
 12.1463 -  hexadecimal format.
 12.1464 -\item Flat Format: Include a list of PCI device addresses of the
 12.1465 -  format: \\ 
 12.1466 -\centerline{{\tt pci = ['x,y,z', ...]}} \\ 
 12.1467 -where each element in the
 12.1468 -  list is a string specifying the components of the PCI device
 12.1469 -  address, separated by commas.  The components ({\tt \em x}, {\tt \em
 12.1470 -  y} and {\tt \em z}) of the list may be formatted as either decimal
 12.1471 -  or hexadecimal.
 12.1472 -\end{itemize}
 12.1473 -
 12.1474 -%% \section{Administration Domains}
 12.1475 -
 12.1476 -%% Administration privileges allow a domain to use the `dom0
 12.1477 -%% operations' (so called because they are usually available only to
 12.1478 -%% domain 0).  A privileged domain can build other domains, set scheduling
 12.1479 -%% parameters, etc.
 12.1480 -
 12.1481 -% Support for other administrative domains is not yet available...  perhaps
 12.1482 -% we should plumb it in some time
 12.1483 -
 12.1484 -
 12.1485 -
 12.1486 -
 12.1487 -
 12.1488 -\section{Scheduler Configuration}
 12.1489 -\label{s:sched} 
 12.1490 -
 12.1491 -
 12.1492 -Xen offers a boot time choice between multiple schedulers.  To select
 12.1493 -a scheduler, pass the boot parameter {\em sched=sched\_name} to Xen,
 12.1494 -substituting the appropriate scheduler name.  Details of the schedulers
 12.1495 -and their parameters are included below; future versions of the tools
 12.1496 -will provide a higher-level interface to these tools.
 12.1497 +%% Chapter Control Software moved to control_software.tex
 12.1498 +\include{src/user/control_software}
 12.1499  
 12.1500 -It is expected that system administrators configure their system to
 12.1501 -use the scheduler most appropriate to their needs.  Currently, the BVT
 12.1502 -scheduler is the recommended choice. 
 12.1503 -
 12.1504 -\subsection{Borrowed Virtual Time}
 12.1505 -
 12.1506 -{\tt sched=bvt} (the default) \\ 
 12.1507 -
 12.1508 -BVT provides proportional fair shares of the CPU time.  It has been
 12.1509 -observed to penalise domains that block frequently (e.g. I/O intensive
 12.1510 -domains), but this can be compensated for by using warping. 
 12.1511 -
 12.1512 -\subsubsection{Global Parameters}
 12.1513 -
 12.1514 -\begin{description}
 12.1515 -\item[ctx\_allow]
 12.1516 -  the context switch allowance is similar to the `quantum'
 12.1517 -  in traditional schedulers.  It is the minimum time that
 12.1518 -  a scheduled domain will be allowed to run before being
 12.1519 -  pre-empted. 
 12.1520 -\end{description}
 12.1521 -
 12.1522 -\subsubsection{Per-domain parameters}
 12.1523 -
 12.1524 -\begin{description}
 12.1525 -\item[mcuadv]
 12.1526 -  the MCU (Minimum Charging Unit) advance determines the
 12.1527 -  proportional share of the CPU that a domain receives.  It
 12.1528 -  is set inversely proportionally to a domain's sharing weight.
 12.1529 -\item[warp]
 12.1530 -  the amount of `virtual time' the domain is allowed to warp
 12.1531 -  backwards
 12.1532 -\item[warpl]
 12.1533 -  the warp limit is the maximum time a domain can run warped for
 12.1534 -\item[warpu]
 12.1535 -  the unwarp requirement is the minimum time a domain must
 12.1536 -  run unwarped for before it can warp again
 12.1537 -\end{description}
 12.1538 -
 12.1539 -\subsection{Atropos}
 12.1540 -
 12.1541 -{\tt sched=atropos} \\
 12.1542 -
 12.1543 -Atropos is a soft real time scheduler.  It provides guarantees about
 12.1544 -absolute shares of the CPU, with a facility for sharing
 12.1545 -slack CPU time on a best-effort basis. It can provide timeliness
 12.1546 -guarantees for latency-sensitive domains.
 12.1547 -
 12.1548 -Every domain has an associated period and slice.  The domain should
 12.1549 -receive `slice' nanoseconds every `period' nanoseconds.  This allows
 12.1550 -the administrator to configure both the absolute share of the CPU a
 12.1551 -domain receives and the frequency with which it is scheduled. 
 12.1552 -
 12.1553 -%%  When
 12.1554 -%% domains unblock, their period is reduced to the value of the latency
 12.1555 -%% hint (the slice is scaled accordingly so that they still get the same
 12.1556 -%% proportion of the CPU).  For each subsequent period, the slice and
 12.1557 -%% period times are doubled until they reach their original values.
 12.1558 -
 12.1559 -Note: don't overcommit the CPU when using Atropos (i.e. don't reserve
 12.1560 -more CPU than is available --- the utilisation should be kept to
 12.1561 -slightly less than 100\% in order to ensure predictable behaviour).
 12.1562 -
 12.1563 -\subsubsection{Per-domain parameters}
 12.1564 -
 12.1565 -\begin{description}
 12.1566 -\item[period] The regular time interval during which a domain is
 12.1567 -  guaranteed to receive its allocation of CPU time.
 12.1568 -\item[slice]
 12.1569 -  The length of time per period that a domain is guaranteed to run
 12.1570 -  for (in the absence of voluntary yielding of the CPU). 
 12.1571 -\item[latency]
 12.1572 -  The latency hint is used to control how soon after
 12.1573 -  waking up a domain it should be scheduled.
 12.1574 -\item[xtratime] This is a boolean flag that specifies whether a domain
 12.1575 -  should be allowed a share of the system slack time.
 12.1576 -\end{description}
 12.1577 -
 12.1578 -\subsection{Round Robin}
 12.1579 -
 12.1580 -{\tt sched=rrobin} \\
 12.1581 -
 12.1582 -The round robin scheduler is included as a simple demonstration of
 12.1583 -Xen's internal scheduler API.  It is not intended for production use. 
 12.1584 -
 12.1585 -\subsubsection{Global Parameters}
 12.1586 -
 12.1587 -\begin{description}
 12.1588 -\item[rr\_slice]
 12.1589 -  The maximum time each domain runs before the next
 12.1590 -  scheduling decision is made.
 12.1591 -\end{description}
 12.1592 -
 12.1593 -
 12.1594 -
 12.1595 -
 12.1596 -
 12.1597 -
 12.1598 -
 12.1599 -
 12.1600 -
 12.1601 -
 12.1602 -
 12.1603 -
 12.1604 -\chapter{Build, Boot and Debug options} 
 12.1605 -
 12.1606 -This chapter describes the build- and boot-time options 
 12.1607 -which may be used to tailor your Xen system. 
 12.1608 -
 12.1609 -\section{Xen Build Options}
 12.1610 -
 12.1611 -Xen provides a number of build-time options which should be 
 12.1612 -set as environment variables or passed on make's command-line.  
 12.1613 -
 12.1614 -\begin{description} 
 12.1615 -\item[verbose=y] Enable debugging messages when Xen detects an unexpected condition.
 12.1616 -Also enables console output from all domains.
 12.1617 -\item[debug=y] 
 12.1618 -Enable debug assertions.  Implies {\bf verbose=y}.
 12.1619 -(Primarily useful for tracing bugs in Xen).       
 12.1620 -\item[debugger=y] 
 12.1621 -Enable the in-Xen debugger. This can be used to debug 
 12.1622 -Xen, guest OSes, and applications.
 12.1623 -\item[perfc=y] 
 12.1624 -Enable performance counters for significant events
 12.1625 -within Xen. The counts can be reset or displayed
 12.1626 -on Xen's console via console control keys.
 12.1627 -\item[trace=y] 
 12.1628 -Enable per-cpu trace buffers which log a range of
 12.1629 -events within Xen for collection by control
 12.1630 -software. 
 12.1631 -\end{description} 
 12.1632 -
 12.1633 -\section{Xen Boot Options}
 12.1634 -\label{s:xboot}
 12.1635 -
 12.1636 -These options are used to configure Xen's behaviour at runtime.  They
 12.1637 -should be appended to Xen's command line, either manually or by
 12.1638 -editing \path{grub.conf}.
 12.1639 -
 12.1640 -\begin{description}
 12.1641 -\item [noreboot ] 
 12.1642 - Don't reboot the machine automatically on errors.  This is
 12.1643 - useful to catch debug output if you aren't catching console messages
 12.1644 - via the serial line. 
 12.1645 -
 12.1646 -\item [nosmp ] 
 12.1647 - Disable SMP support.
 12.1648 - This option is implied by `ignorebiostables'. 
 12.1649 -
 12.1650 -\item [watchdog ] 
 12.1651 - Enable NMI watchdog which can report certain failures. 
 12.1652 -
 12.1653 -\item [noirqbalance ] 
 12.1654 - Disable software IRQ balancing and affinity. This can be used on
 12.1655 - systems such as Dell 1850/2850 that have workarounds in hardware for
 12.1656 - IRQ-routing issues.
 12.1657 +%% Chapter Domain Configuration moved to domain_configuration.tex
 12.1658 +\include{src/user/domain_configuration}
 12.1659  
 12.1660 -\item [badpage=$<$page number$>$,$<$page number$>$, \ldots ] 
 12.1661 - Specify a list of pages not to be allocated for use 
 12.1662 - because they contain bad bytes. For example, if your
 12.1663 - memory tester says that byte 0x12345678 is bad, you would
 12.1664 - place `badpage=0x12345' on Xen's command line. 
 12.1665 -
 12.1666 -\item [com1=$<$baud$>$,DPS,$<$io\_base$>$,$<$irq$>$
 12.1667 - com2=$<$baud$>$,DPS,$<$io\_base$>$,$<$irq$>$ ] \mbox{}\\ 
 12.1668 - Xen supports up to two 16550-compatible serial ports.
 12.1669 - For example: `com1=9600, 8n1, 0x408, 5' maps COM1 to a
 12.1670 - 9600-baud port, 8 data bits, no parity, 1 stop bit,
 12.1671 - I/O port base 0x408, IRQ 5.
 12.1672 - If some configuration options are standard (e.g., I/O base and IRQ),
 12.1673 - then only a prefix of the full configuration string need be
 12.1674 - specified. If the baud rate is pre-configured (e.g., by the
 12.1675 - bootloader) then you can specify `auto' in place of a numeric baud
 12.1676 - rate. 
 12.1677 -
 12.1678 -\item [console=$<$specifier list$>$ ] 
 12.1679 - Specify the destination for Xen console I/O.
 12.1680 - This is a comma-separated list of, for example:
 12.1681 -\begin{description}
 12.1682 - \item[vga]  use VGA console and allow keyboard input
 12.1683 - \item[com1] use serial port com1
 12.1684 - \item[com2H] use serial port com2. Transmitted chars will
 12.1685 -   have the MSB set. Received chars must have
 12.1686 -   MSB set.
 12.1687 - \item[com2L] use serial port com2. Transmitted chars will
 12.1688 -   have the MSB cleared. Received chars must
 12.1689 -   have MSB cleared.
 12.1690 -\end{description}
 12.1691 - The latter two examples allow a single port to be
 12.1692 - shared by two subsystems (e.g. console and
 12.1693 - debugger). Sharing is controlled by MSB of each
 12.1694 - transmitted/received character.
 12.1695 - [NB. Default for this option is `com1,vga'] 
 12.1696 -
 12.1697 -\item [sync\_console ]
 12.1698 - Force synchronous console output. This is useful if you system fails
 12.1699 - unexpectedly before it has sent all available output to the
 12.1700 - console. In most cases Xen will automatically enter synchronous mode
 12.1701 - when an exceptional event occurs, but this option provides a manual
 12.1702 - fallback.
 12.1703 -
 12.1704 -\item [conswitch=$<$switch-char$><$auto-switch-char$>$ ] 
 12.1705 - Specify how to switch serial-console input between
 12.1706 - Xen and DOM0. The required sequence is CTRL-$<$switch-char$>$
 12.1707 - pressed three times. Specifying the backtick character 
 12.1708 - disables switching.
 12.1709 - The $<$auto-switch-char$>$ specifies whether Xen should
 12.1710 - auto-switch input to DOM0 when it boots --- if it is `x'
 12.1711 - then auto-switching is disabled.  Any other value, or
 12.1712 - omitting the character, enables auto-switching.
 12.1713 - [NB. default switch-char is `a'] 
 12.1714 -
 12.1715 -\item [nmi=xxx ] 
 12.1716 - Specify what to do with an NMI parity or I/O error. \\
 12.1717 - `nmi=fatal':  Xen prints a diagnostic and then hangs. \\
 12.1718 - `nmi=dom0':   Inform DOM0 of the NMI. \\
 12.1719 - `nmi=ignore': Ignore the NMI. 
 12.1720 -
 12.1721 -\item [mem=xxx ]
 12.1722 - Set the physical RAM address limit. Any RAM appearing beyond this
 12.1723 - physical address in the memory map will be ignored. This parameter
 12.1724 - may be specified with a B, K, M or G suffix, representing bytes,
 12.1725 - kilobytes, megabytes and gigabytes respectively. The
 12.1726 - default unit, if no suffix is specified, is kilobytes.
 12.1727 -
 12.1728 -\item [dom0\_mem=xxx ] 
 12.1729 - Set the amount of memory to be allocated to domain0. In Xen 3.x the parameter
 12.1730 - may be specified with a B, K, M or G suffix, representing bytes,
 12.1731 - kilobytes, megabytes and gigabytes respectively; if no suffix is specified, 
 12.1732 - the parameter defaults to kilobytes. In previous versions of Xen, suffixes
 12.1733 - were not supported and the value is always interpreted as kilobytes. 
 12.1734 -
 12.1735 -\item [tbuf\_size=xxx ] 
 12.1736 - Set the size of the per-cpu trace buffers, in pages
 12.1737 - (default 1).  Note that the trace buffers are only
 12.1738 - enabled in debug builds.  Most users can ignore
 12.1739 - this feature completely. 
 12.1740 -
 12.1741 -\item [sched=xxx ] 
 12.1742 - Select the CPU scheduler Xen should use.  The current
 12.1743 - possibilities are `bvt' (default), `atropos' and `rrobin'. 
 12.1744 - For more information see Section~\ref{s:sched}. 
 12.1745 -
 12.1746 -\item [apic\_verbosity=debug,verbose ]
 12.1747 - Print more detailed information about local APIC and IOAPIC configuration.
 12.1748 -
 12.1749 -\item [lapic ]
 12.1750 - Force use of local APIC even when left disabled by uniprocessor BIOS.
 12.1751 -
 12.1752 -\item [nolapic ]
 12.1753 - Ignore local APIC in a uniprocessor system, even if enabled by the BIOS.
 12.1754 -
 12.1755 -\item [apic=bigsmp,default,es7000,summit ]
 12.1756 - Specify NUMA platform. This can usually be probed automatically.
 12.1757 -
 12.1758 -\end{description} 
 12.1759 -
 12.1760 -In addition, the following options may be specified on the Xen command
 12.1761 -line. Since domain 0 shares responsibility for booting the platform,
 12.1762 -Xen will automatically propagate these options to its command
 12.1763 -line. These options are taken from Linux's command-line syntax with
 12.1764 -unchanged semantics.
 12.1765 -
 12.1766 -\begin{description}
 12.1767 -\item [acpi=off,force,strict,ht,noirq,\ldots ] 
 12.1768 - Modify how Xen (and domain 0) parses the BIOS ACPI tables.
 12.1769 -
 12.1770 -\item [acpi\_skip\_timer\_override ]
 12.1771 - Instruct Xen (and domain 0) to ignore timer-interrupt override
 12.1772 - instructions specified by the BIOS ACPI tables.
 12.1773 -
 12.1774 -\item [noapic ]
 12.1775 - Instruct Xen (and domain 0) to ignore any IOAPICs that are present in
 12.1776 - the system, and instead continue to use the legacy PIC.
 12.1777 -
 12.1778 -\end{description} 
 12.1779 -
 12.1780 -\section{XenLinux Boot Options}
 12.1781 -
 12.1782 -In addition to the standard Linux kernel boot options, we support: 
 12.1783 -\begin{description} 
 12.1784 -\item[xencons=xxx ] Specify the device node to which the Xen virtual
 12.1785 -console driver is attached. The following options are supported:
 12.1786 -\begin{center}
 12.1787 -\begin{tabular}{l}
 12.1788 -`xencons=off': disable virtual console \\ 
 12.1789 -`xencons=tty': attach console to /dev/tty1 (tty0 at boot-time) \\
 12.1790 -`xencons=ttyS': attach console to /dev/ttyS0
 12.1791 -\end{tabular}
 12.1792 -\end{center}
 12.1793 -The default is ttyS for dom0 and tty for all other domains.
 12.1794 -\end{description} 
 12.1795 -
 12.1796 -
 12.1797 -
 12.1798 -\section{Debugging}
 12.1799 -\label{s:keys} 
 12.1800 -
 12.1801 -Xen has a set of debugging features that can be useful to try and
 12.1802 -figure out what's going on. Hit 'h' on the serial line (if you
 12.1803 -specified a baud rate on the Xen command line) or ScrollLock-h on the
 12.1804 -keyboard to get a list of supported commands.
 12.1805 -
 12.1806 -If you have a crash you'll likely get a crash dump containing an EIP
 12.1807 -(PC) which, along with an \path{objdump -d image}, can be useful in
 12.1808 -figuring out what's happened.  Debug a Xenlinux image just as you
 12.1809 -would any other Linux kernel.
 12.1810 -
 12.1811 -%% We supply a handy debug terminal program which you can find in
 12.1812 -%% \path{/usr/local/src/xen-2.0.bk/tools/misc/miniterm/}
 12.1813 -%% This should be built and executed on another machine that is connected
 12.1814 -%% via a null modem cable. Documentation is included.
 12.1815 -%% Alternatively, if the Xen machine is connected to a serial-port server
 12.1816 -%% then we supply a dumb TCP terminal client, {\tt xencons}.
 12.1817 -
 12.1818 -
 12.1819 +%% Chapter Build, Boot and Debug Options moved to build.tex
 12.1820 +\include{src/user/build}
 12.1821  
 12.1822  
 12.1823  \chapter{Further Support}
 12.1824 @@ -1875,6 +108,7 @@ directory of the Xen source distribution
 12.1825  %Various HOWTOs are available in \path{docs/HOWTOS} but this content is
 12.1826  %being integrated into this manual.
 12.1827  
 12.1828 +
 12.1829  \section{Online References}
 12.1830  
 12.1831  The official Xen web site is found at:
 12.1832 @@ -1885,6 +119,7 @@ The official Xen web site is found at:
 12.1833  This contains links to the latest versions of all on-line 
 12.1834  documentation (including the lateset version of the FAQ). 
 12.1835  
 12.1836 +
 12.1837  \section{Mailing Lists}
 12.1838  
 12.1839  There are currently four official Xen mailing lists:
 12.1840 @@ -1905,326 +140,18 @@ from the unstable and 2.0 trees - develo
 12.1841  \end{description}
 12.1842  
 12.1843  
 12.1844 +
 12.1845  \appendix
 12.1846  
 12.1847 +%% Chapter Installing Xen / XenLinux on Debian moved to debian.tex
 12.1848 +\include{src/user/debian}
 12.1849 +
 12.1850 +%% Chapter Installing Xen on Red Hat moved to redhat.tex
 12.1851 +\include{src/user/redhat}
 12.1852 +
 12.1853  
 12.1854 -\chapter{Installing Xen / XenLinux on Debian}
 12.1855 -
 12.1856 -The Debian project provides a tool called \path{debootstrap} which
 12.1857 -allows a base Debian system to be installed into a filesystem without
 12.1858 -requiring the host system to have any Debian-specific software (such
 12.1859 -as \path{apt}. 
 12.1860 -
 12.1861 -Here's some info how to install Debian 3.1 (Sarge) for an unprivileged
 12.1862 -Xen domain:
 12.1863 -
 12.1864 -\begin{enumerate}
 12.1865 -\item Set up Xen 2.0 and test that it's working, as described earlier in
 12.1866 -      this manual.
 12.1867 -
 12.1868 -\item Create disk images for root-fs and swap (alternatively, you
 12.1869 -      might create dedicated partitions, LVM logical volumes, etc. if
 12.1870 -      that suits your setup).
 12.1871 -\begin{small}\begin{verbatim}  
 12.1872 -dd if=/dev/zero of=/path/diskimage bs=1024k count=size_in_mbytes
 12.1873 -dd if=/dev/zero of=/path/swapimage bs=1024k count=size_in_mbytes
 12.1874 -\end{verbatim}\end{small}
 12.1875 -      If you're going to use this filesystem / disk image only as a
 12.1876 -      `template' for other vm disk images, something like 300 MB should
 12.1877 -      be enough.. (of course it depends what kind of packages you are
 12.1878 -      planning to install to the template)
 12.1879 -
 12.1880 -\item Create the filesystem and initialise the swap image
 12.1881 -\begin{small}\begin{verbatim}
 12.1882 -mkfs.ext3 /path/diskimage
 12.1883 -mkswap /path/swapimage
 12.1884 -\end{verbatim}\end{small}
 12.1885 -
 12.1886 -\item Mount the disk image for installation
 12.1887 -\begin{small}\begin{verbatim}
 12.1888 -mount -o loop /path/diskimage /mnt/disk
 12.1889 -\end{verbatim}\end{small}
 12.1890 -
 12.1891 -\item Install \path{debootstrap}
 12.1892 -
 12.1893 -Make sure you have debootstrap installed on the host.  If you are
 12.1894 -running Debian sarge (3.1 / testing) or unstable you can install it by
 12.1895 -running \path{apt-get install debootstrap}.  Otherwise, it can be
 12.1896 -downloaded from the Debian project website.
 12.1897 -
 12.1898 -\item Install Debian base to the disk image:
 12.1899 -\begin{small}\begin{verbatim}
 12.1900 -debootstrap --arch i386 sarge /mnt/disk  \
 12.1901 -            http://ftp.<countrycode>.debian.org/debian
 12.1902 -\end{verbatim}\end{small}
 12.1903 -
 12.1904 -You can use any other Debian http/ftp mirror you want.
 12.1905 -
 12.1906 -\item When debootstrap completes successfully, modify settings:
 12.1907 -\begin{small}\begin{verbatim}
 12.1908 -chroot /mnt/disk /bin/bash
 12.1909 -\end{verbatim}\end{small}
 12.1910 -
 12.1911 -Edit the following files using vi or nano and make needed changes:
 12.1912 -\begin{small}\begin{verbatim}
 12.1913 -/etc/hostname
 12.1914 -/etc/hosts
 12.1915 -/etc/resolv.conf
 12.1916 -/etc/network/interfaces
 12.1917 -/etc/networks
 12.1918 -\end{verbatim}\end{small}
 12.1919 -
 12.1920 -Set up access to the services, edit:
 12.1921 -\begin{small}\begin{verbatim}
 12.1922 -/etc/hosts.deny
 12.1923 -/etc/hosts.allow
 12.1924 -/etc/inetd.conf
 12.1925 -\end{verbatim}\end{small}
 12.1926 -
 12.1927 -Add Debian mirror to:   
 12.1928 -\begin{small}\begin{verbatim}
 12.1929 -/etc/apt/sources.list
 12.1930 -\end{verbatim}\end{small}
 12.1931 -
 12.1932 -Create fstab like this:
 12.1933 -\begin{small}\begin{verbatim}
 12.1934 -/dev/sda1       /       ext3    errors=remount-ro       0       1
 12.1935 -/dev/sda2       none    swap    sw                      0       0
 12.1936 -proc            /proc   proc    defaults                0       0
 12.1937 -\end{verbatim}\end{small}
 12.1938 -
 12.1939 -Logout
 12.1940 -
 12.1941 -\item      Unmount the disk image
 12.1942 -\begin{small}\begin{verbatim}
 12.1943 -umount /mnt/disk
 12.1944 -\end{verbatim}\end{small}
 12.1945 -
 12.1946 -\item Create Xen 2.0 configuration file for the new domain. You can
 12.1947 -        use the example-configurations coming with Xen as a template.
 12.1948 -
 12.1949 -        Make sure you have the following set up:
 12.1950 -\begin{small}\begin{verbatim}
 12.1951 -disk = [ 'file:/path/diskimage,sda1,w', 'file:/path/swapimage,sda2,w' ]
 12.1952 -root = "/dev/sda1 ro"
 12.1953 -\end{verbatim}\end{small}
 12.1954 -
 12.1955 -\item Start the new domain
 12.1956 -\begin{small}\begin{verbatim}
 12.1957 -xm create -f domain_config_file
 12.1958 -\end{verbatim}\end{small}
 12.1959 -
 12.1960 -Check that the new domain is running:
 12.1961 -\begin{small}\begin{verbatim}
 12.1962 -xm list
 12.1963 -\end{verbatim}\end{small}
 12.1964 -
 12.1965 -\item   Attach to the console of the new domain.
 12.1966 -        You should see something like this when starting the new domain:
 12.1967 -
 12.1968 -\begin{small}\begin{verbatim}
 12.1969 -Started domain testdomain2, console on port 9626
 12.1970 -\end{verbatim}\end{small}
 12.1971 -        
 12.1972 -        There you can see the ID of the console: 26. You can also list
 12.1973 -        the consoles with \path{xm consoles} (ID is the last two
 12.1974 -        digits of the port number.)
 12.1975 -
 12.1976 -        Attach to the console:
 12.1977 -
 12.1978 -\begin{small}\begin{verbatim}
 12.1979 -xm console 26
 12.1980 -\end{verbatim}\end{small}
 12.1981 -
 12.1982 -        or by telnetting to the port 9626 of localhost (the xm console
 12.1983 -        program works better).
 12.1984 -
 12.1985 -\item   Log in and run base-config
 12.1986 -
 12.1987 -        As a default there's no password for the root.
 12.1988 -
 12.1989 -        Check that everything looks OK, and the system started without
 12.1990 -        errors.  Check that the swap is active, and the network settings are
 12.1991 -        correct.
 12.1992 -
 12.1993 -        Run \path{/usr/sbin/base-config} to set up the Debian settings.
 12.1994 -
 12.1995 -        Set up the password for root using passwd.
 12.1996 -
 12.1997 -\item     Done. You can exit the console by pressing \path{Ctrl + ]}
 12.1998 -
 12.1999 -\end{enumerate}
 12.2000 -
 12.2001 -If you need to create new domains, you can just copy the contents of
 12.2002 -the `template'-image to the new disk images, either by mounting the
 12.2003 -template and the new image, and using \path{cp -a} or \path{tar} or by
 12.2004 -simply copying the image file.  Once this is done, modify the
 12.2005 -image-specific settings (hostname, network settings, etc).
 12.2006 -
 12.2007 -\chapter{Installing Xen / XenLinux on Redhat or Fedora Core}
 12.2008 -
 12.2009 -When using Xen / XenLinux on a standard Linux distribution there are
 12.2010 -a couple of things to watch out for:
 12.2011 -
 12.2012 -Note that, because domains>0 don't have any privileged access at all,
 12.2013 -certain commands in the default boot sequence will fail e.g. attempts
 12.2014 -to update the hwclock, change the console font, update the keytable
 12.2015 -map, start apmd (power management), or gpm (mouse cursor).  Either
 12.2016 -ignore the errors (they should be harmless), or remove them from the
 12.2017 -startup scripts.  Deleting the following links are a good start:
 12.2018 -{\path{S24pcmcia}}, {\path{S09isdn}},
 12.2019 -{\path{S17keytable}}, {\path{S26apmd}},
 12.2020 -{\path{S85gpm}}.
 12.2021 -
 12.2022 -If you want to use a single root file system that works cleanly for
 12.2023 -both domain 0 and unprivileged domains, a useful trick is to use
 12.2024 -different 'init' run levels. For example, use
 12.2025 -run level 3 for domain 0, and run level 4 for other domains. This
 12.2026 -enables different startup scripts to be run in depending on the run
 12.2027 -level number passed on the kernel command line.
 12.2028 -
 12.2029 -If using NFS root files systems mounted either from an
 12.2030 -external server or from domain0 there are a couple of other gotchas.
 12.2031 -The default {\path{/etc/sysconfig/iptables}} rules block NFS, so part
 12.2032 -way through the boot sequence things will suddenly go dead.
 12.2033 -
 12.2034 -If you're planning on having a separate NFS {\path{/usr}} partition, the
 12.2035 -RH9 boot scripts don't make life easy - they attempt to mount NFS file
 12.2036 -systems way to late in the boot process. The easiest way I found to do
 12.2037 -this was to have a {\path{/linuxrc}} script run ahead of
 12.2038 -{\path{/sbin/init}} that mounts {\path{/usr}}:
 12.2039 -
 12.2040 -\begin{quote}
 12.2041 -\begin{small}\begin{verbatim}
 12.2042 - #!/bin/bash
 12.2043 - /sbin/ipconfig lo 127.0.0.1
 12.2044 - /sbin/portmap
 12.2045 - /bin/mount /usr
 12.2046 - exec /sbin/init "$@" <>/dev/console 2>&1
 12.2047 -\end{verbatim}\end{small}
 12.2048 -\end{quote}
 12.2049 -
 12.2050 -%$ XXX SMH: font lock fix :-)  
 12.2051 -
 12.2052 -The one slight complication with the above is that
 12.2053 -{\path{/sbin/portmap}} is dynamically linked against
 12.2054 -{\path{/usr/lib/libwrap.so.0}} Since this is in
 12.2055 -{\path{/usr}}, it won't work. This can be solved by copying the
 12.2056 -file (and link) below the /usr mount point, and just let the file be
 12.2057 -'covered' when the mount happens.
 12.2058 -
 12.2059 -In some installations, where a shared read-only {\path{/usr}} is
 12.2060 -being used, it may be desirable to move other large directories over
 12.2061 -into the read-only {\path{/usr}}. For example, you might replace
 12.2062 -{\path{/bin}}, {\path{/lib}} and {\path{/sbin}} with
 12.2063 -links into {\path{/usr/root/bin}}, {\path{/usr/root/lib}}
 12.2064 -and {\path{/usr/root/sbin}} respectively. This creates other
 12.2065 -problems for running the {\path{/linuxrc}} script, requiring
 12.2066 -bash, portmap, mount, ifconfig, and a handful of other shared
 12.2067 -libraries to be copied below the mount point --- a simple
 12.2068 -statically-linked C program would solve this problem.
 12.2069 -
 12.2070 -
 12.2071 -
 12.2072 -
 12.2073 -\chapter{Glossary of Terms}
 12.2074 -
 12.2075 -\begin{description}
 12.2076 -\item[Atropos]             One of the CPU schedulers provided by Xen.
 12.2077 -                           Atropos provides domains with absolute shares
 12.2078 -                           of the CPU, with timeliness guarantees and a
 12.2079 -                           mechanism for sharing out `slack time'.
 12.2080 -
 12.2081 -\item[BVT]                 The BVT scheduler is used to give proportional
 12.2082 -                           fair shares of the CPU to domains.
 12.2083 -
 12.2084 -\item[Exokernel]           A minimal piece of privileged code, similar to
 12.2085 -                           a {\bf microkernel} but providing a more
 12.2086 -                           `hardware-like' interface to the tasks it
 12.2087 -                           manages.  This is similar to a paravirtualising
 12.2088 -                           VMM like {\bf Xen} but was designed as a new
 12.2089 -                           operating system structure, rather than
 12.2090 -                           specifically to run multiple conventional OSs.
 12.2091 -
 12.2092 -\item[Domain]              A domain is the execution context that
 12.2093 -                           contains a running {\bf virtual machine}.
 12.2094 -                           The relationship between virtual machines
 12.2095 -                           and domains on Xen is similar to that between
 12.2096 -                           programs and processes in an operating
 12.2097 -                           system: a virtual machine is a persistent
 12.2098 -                           entity that resides on disk (somewhat like
 12.2099 -                           a program).  When it is loaded for execution,
 12.2100 -                           it runs in a domain.  Each domain has a
 12.2101 -                           {\bf domain ID}.
 12.2102 -
 12.2103 -\item[Domain 0]            The first domain to be started on a Xen
 12.2104 -                           machine.  Domain 0 is responsible for managing
 12.2105 -                           the system.
 12.2106 -
 12.2107 -\item[Domain ID]           A unique identifier for a {\bf domain},
 12.2108 -                           analogous to a process ID in an operating
 12.2109 -                           system.
 12.2110 -
 12.2111 -\item[Full virtualisation] An approach to virtualisation which
 12.2112 -                           requires no modifications to the hosted
 12.2113 -                           operating system, providing the illusion of
 12.2114 -                           a complete system of real hardware devices.
 12.2115 -
 12.2116 -\item[Hypervisor]          An alternative term for {\bf VMM}, used
 12.2117 -                           because it means `beyond supervisor',
 12.2118 -                           since it is responsible for managing multiple
 12.2119 -                           `supervisor' kernels.
 12.2120 -
 12.2121 -\item[Live migration]      A technique for moving a running virtual
 12.2122 -                           machine to another physical host, without
 12.2123 -                           stopping it or the services running on it.
 12.2124 -
 12.2125 -\item[Microkernel]         A small base of code running at the highest
 12.2126 -                           hardware privilege level.  A microkernel is
 12.2127 -                           responsible for sharing CPU and memory (and
 12.2128 -                           sometimes other devices) between less
 12.2129 -                           privileged tasks running on the system.
 12.2130 -                           This is similar to a VMM, particularly a
 12.2131 -                           {\bf paravirtualising} VMM but typically
 12.2132 -                           addressing a different problem space and
 12.2133 -                           providing different kind of interface.
 12.2134 -
 12.2135 -\item[NetBSD/Xen]          A port of NetBSD to the Xen architecture.
 12.2136 -
 12.2137 -\item[Paravirtualisation]  An approach to virtualisation which requires
 12.2138 -                           modifications to the operating system in
 12.2139 -                           order to run in a virtual machine.  Xen
 12.2140 -                           uses paravirtualisation but preserves
 12.2141 -                           binary compatibility for user space
 12.2142 -                           applications.
 12.2143 -
 12.2144 -\item[Shadow pagetables]   A technique for hiding the layout of machine
 12.2145 -                           memory from a virtual machine's operating
 12.2146 -                           system.  Used in some {\bf VMMs} to provide
 12.2147 -                           the illusion of contiguous physical memory,
 12.2148 -                           in Xen this is used during
 12.2149 -                           {\bf live migration}.
 12.2150 -
 12.2151 -\item[Virtual Machine]     The environment in which a hosted operating
 12.2152 -                           system runs, providing the abstraction of a
 12.2153 -                           dedicated machine.  A virtual machine may
 12.2154 -                           be identical to the underlying hardware (as
 12.2155 -                           in {\bf full virtualisation}, or it may
 12.2156 -                           differ, as in {\bf paravirtualisation}.
 12.2157 -
 12.2158 -\item[VMM]                 Virtual Machine Monitor - the software that
 12.2159 -                           allows multiple virtual machines to be
 12.2160 -                           multiplexed on a single physical machine.
 12.2161 -
 12.2162 -\item[Xen]                 Xen is a paravirtualising virtual machine
 12.2163 -                           monitor, developed primarily by the
 12.2164 -                           Systems Research Group at the University
 12.2165 -                           of Cambridge Computer Laboratory.
 12.2166 -
 12.2167 -\item[XenLinux]            Official name for the port of the Linux kernel
 12.2168 -                           that runs on Xen.
 12.2169 -
 12.2170 -\end{description}
 12.2171 +%% Chapter Glossary of Terms moved to glossary.tex
 12.2172 +\include{src/user/glossary}
 12.2173  
 12.2174  
 12.2175  \end{document}
    13.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    13.2 +++ b/docs/src/user/build.tex	Thu Sep 22 11:42:01 2005 -0600
    13.3 @@ -0,0 +1,170 @@
    13.4 +\chapter{Build, Boot and Debug Options} 
    13.5 +
    13.6 +This chapter describes the build- and boot-time options which may be
    13.7 +used to tailor your Xen system.
    13.8 +
    13.9 +
   13.10 +\section{Xen Build Options}
   13.11 +
   13.12 +Xen provides a number of build-time options which should be set as
   13.13 +environment variables or passed on make's command-line.
   13.14 +
   13.15 +\begin{description}
   13.16 +\item[verbose=y] Enable debugging messages when Xen detects an
   13.17 +  unexpected condition.  Also enables console output from all domains.
   13.18 +\item[debug=y] Enable debug assertions.  Implies {\bf verbose=y}.
   13.19 +  (Primarily useful for tracing bugs in Xen).
   13.20 +\item[debugger=y] Enable the in-Xen debugger. This can be used to
   13.21 +  debug Xen, guest OSes, and applications.
   13.22 +\item[perfc=y] Enable performance counters for significant events
   13.23 +  within Xen. The counts can be reset or displayed on Xen's console
   13.24 +  via console control keys.
   13.25 +\item[trace=y] Enable per-cpu trace buffers which log a range of
   13.26 +  events within Xen for collection by control software.
   13.27 +\end{description}
   13.28 +
   13.29 +
   13.30 +\section{Xen Boot Options}
   13.31 +\label{s:xboot}
   13.32 +
   13.33 +These options are used to configure Xen's behaviour at runtime.  They
   13.34 +should be appended to Xen's command line, either manually or by
   13.35 +editing \path{grub.conf}.
   13.36 +
   13.37 +\begin{description}
   13.38 +\item [ noreboot ] Don't reboot the machine automatically on errors.
   13.39 +  This is useful to catch debug output if you aren't catching console
   13.40 +  messages via the serial line.
   13.41 +\item [ nosmp ] Disable SMP support.  This option is implied by
   13.42 +  `ignorebiostables'.
   13.43 +\item [ watchdog ] Enable NMI watchdog which can report certain
   13.44 +  failures.
   13.45 +\item [ noirqbalance ] Disable software IRQ balancing and affinity.
   13.46 +  This can be used on systems such as Dell 1850/2850 that have
   13.47 +  workarounds in hardware for IRQ-routing issues.
   13.48 +\item [ badpage=$<$page number$>$,$<$page number$>$, \ldots ] Specify
   13.49 +  a list of pages not to be allocated for use because they contain bad
   13.50 +  bytes. For example, if your memory tester says that byte 0x12345678
   13.51 +  is bad, you would place `badpage=0x12345' on Xen's command line.
   13.52 +\item [ com1=$<$baud$>$,DPS,$<$io\_base$>$,$<$irq$>$
   13.53 +  com2=$<$baud$>$,DPS,$<$io\_base$>$,$<$irq$>$ ] \mbox{}\\
   13.54 +  Xen supports up to two 16550-compatible serial ports.  For example:
   13.55 +  `com1=9600, 8n1, 0x408, 5' maps COM1 to a 9600-baud port, 8 data
   13.56 +  bits, no parity, 1 stop bit, I/O port base 0x408, IRQ 5.  If some
   13.57 +  configuration options are standard (e.g., I/O base and IRQ), then
   13.58 +  only a prefix of the full configuration string need be specified. If
   13.59 +  the baud rate is pre-configured (e.g., by the bootloader) then you
   13.60 +  can specify `auto' in place of a numeric baud rate.
   13.61 +\item [ console=$<$specifier list$>$ ] Specify the destination for Xen
   13.62 +  console I/O.  This is a comma-separated list of, for example:
   13.63 +  \begin{description}
   13.64 +  \item[ vga ] Use VGA console and allow keyboard input.
   13.65 +  \item[ com1 ] Use serial port com1.
   13.66 +  \item[ com2H ] Use serial port com2. Transmitted chars will have the
   13.67 +    MSB set. Received chars must have MSB set.
   13.68 +  \item[ com2L] Use serial port com2. Transmitted chars will have the
   13.69 +    MSB cleared. Received chars must have MSB cleared.
   13.70 +  \end{description}
   13.71 +  The latter two examples allow a single port to be shared by two
   13.72 +  subsystems (e.g.\ console and debugger). Sharing is controlled by
   13.73 +  MSB of each transmitted/received character.  [NB. Default for this
   13.74 +  option is `com1,vga']
   13.75 +\item [ sync\_console ] Force synchronous console output. This is
   13.76 +  useful if you system fails unexpectedly before it has sent all
   13.77 +  available output to the console. In most cases Xen will
   13.78 +  automatically enter synchronous mode when an exceptional event
   13.79 +  occurs, but this option provides a manual fallback.
   13.80 +\item [ conswitch=$<$switch-char$><$auto-switch-char$>$ ] Specify how
   13.81 +  to switch serial-console input between Xen and DOM0. The required
   13.82 +  sequence is CTRL-$<$switch-char$>$ pressed three times. Specifying
   13.83 +  the backtick character disables switching.  The
   13.84 +  $<$auto-switch-char$>$ specifies whether Xen should auto-switch
   13.85 +  input to DOM0 when it boots --- if it is `x' then auto-switching is
   13.86 +  disabled.  Any other value, or omitting the character, enables
   13.87 +  auto-switching.  [NB. Default switch-char is `a'.]
   13.88 +\item [ nmi=xxx ]
   13.89 +  Specify what to do with an NMI parity or I/O error. \\
   13.90 +  `nmi=fatal':  Xen prints a diagnostic and then hangs. \\
   13.91 +  `nmi=dom0':   Inform DOM0 of the NMI. \\
   13.92 +  `nmi=ignore': Ignore the NMI.
   13.93 +\item [ mem=xxx ] Set the physical RAM address limit. Any RAM
   13.94 +  appearing beyond this physical address in the memory map will be
   13.95 +  ignored. This parameter may be specified with a B, K, M or G suffix,
   13.96 +  representing bytes, kilobytes, megabytes and gigabytes respectively.
   13.97 +  The default unit, if no suffix is specified, is kilobytes.
   13.98 +\item [ dom0\_mem=xxx ] Set the amount of memory to be allocated to
   13.99 +  domain0. In Xen 3.x the parameter may be specified with a B, K, M or
  13.100 +  G suffix, representing bytes, kilobytes, megabytes and gigabytes
  13.101 +  respectively; if no suffix is specified, the parameter defaults to
  13.102 +  kilobytes. In previous versions of Xen, suffixes were not supported
  13.103 +  and the value is always interpreted as kilobytes.
  13.104 +\item [ tbuf\_size=xxx ] Set the size of the per-cpu trace buffers, in
  13.105 +  pages (default 1).  Note that the trace buffers are only enabled in
  13.106 +  debug builds.  Most users can ignore this feature completely.
  13.107 +\item [ sched=xxx ] Select the CPU scheduler Xen should use.  The
  13.108 +  current possibilities are `bvt' (default), `atropos' and `rrobin'.
  13.109 +  For more information see Section~\ref{s:sched}.
  13.110 +\item [ apic\_verbosity=debug,verbose ] Print more detailed
  13.111 +  information about local APIC and IOAPIC configuration.
  13.112 +\item [ lapic ] Force use of local APIC even when left disabled by
  13.113 +  uniprocessor BIOS.
  13.114 +\item [ nolapic ] Ignore local APIC in a uniprocessor system, even if
  13.115 +  enabled by the BIOS.
  13.116 +\item [ apic=bigsmp,default,es7000,summit ] Specify NUMA platform.
  13.117 +  This can usually be probed automatically.
  13.118 +\end{description}
  13.119 +
  13.120 +In addition, the following options may be specified on the Xen command
  13.121 +line. Since domain 0 shares responsibility for booting the platform,
  13.122 +Xen will automatically propagate these options to its command line.
  13.123 +These options are taken from Linux's command-line syntax with
  13.124 +unchanged semantics.
  13.125 +
  13.126 +\begin{description}
  13.127 +\item [ acpi=off,force,strict,ht,noirq,\ldots ] Modify how Xen (and
  13.128 +  domain 0) parses the BIOS ACPI tables.
  13.129 +\item [ acpi\_skip\_timer\_override ] Instruct Xen (and domain~0) to
  13.130 +  ignore timer-interrupt override instructions specified by the BIOS
  13.131 +  ACPI tables.
  13.132 +\item [ noapic ] Instruct Xen (and domain~0) to ignore any IOAPICs
  13.133 +  that are present in the system, and instead continue to use the
  13.134 +  legacy PIC.
  13.135 +\end{description} 
  13.136 +
  13.137 +
  13.138 +\section{XenLinux Boot Options}
  13.139 +
  13.140 +In addition to the standard Linux kernel boot options, we support:
  13.141 +\begin{description}
  13.142 +\item[ xencons=xxx ] Specify the device node to which the Xen virtual
  13.143 +  console driver is attached. The following options are supported:
  13.144 +  \begin{center}
  13.145 +    \begin{tabular}{l}
  13.146 +      `xencons=off': disable virtual console \\
  13.147 +      `xencons=tty': attach console to /dev/tty1 (tty0 at boot-time) \\
  13.148 +      `xencons=ttyS': attach console to /dev/ttyS0
  13.149 +    \end{tabular}
  13.150 +\end{center}
  13.151 +The default is ttyS for dom0 and tty for all other domains.
  13.152 +\end{description}
  13.153 +
  13.154 +
  13.155 +\section{Debugging}
  13.156 +\label{s:keys}
  13.157 +
  13.158 +Xen has a set of debugging features that can be useful to try and
  13.159 +figure out what's going on. Hit `h' on the serial line (if you
  13.160 +specified a baud rate on the Xen command line) or ScrollLock-h on the
  13.161 +keyboard to get a list of supported commands.
  13.162 +
  13.163 +If you have a crash you'll likely get a crash dump containing an EIP
  13.164 +(PC) which, along with an \path{objdump -d image}, can be useful in
  13.165 +figuring out what's happened.  Debug a Xenlinux image just as you
  13.166 +would any other Linux kernel.
  13.167 +
  13.168 +%% We supply a handy debug terminal program which you can find in
  13.169 +%% \path{/usr/local/src/xen-2.0.bk/tools/misc/miniterm/} This should
  13.170 +%% be built and executed on another machine that is connected via a
  13.171 +%% null modem cable. Documentation is included.  Alternatively, if the
  13.172 +%% Xen machine is connected to a serial-port server then we supply a
  13.173 +%% dumb TCP terminal client, {\tt xencons}.
    14.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    14.2 +++ b/docs/src/user/control_software.tex	Thu Sep 22 11:42:01 2005 -0600
    14.3 @@ -0,0 +1,115 @@
    14.4 +\chapter{Control Software} 
    14.5 +
    14.6 +The Xen control software includes the \xend\ node control daemon
    14.7 +(which must be running), the xm command line tools, and the prototype
    14.8 +xensv web interface.
    14.9 +
   14.10 +\section{\Xend\ (node control daemon)}
   14.11 +\label{s:xend}
   14.12 +
   14.13 +The Xen Daemon (\Xend) performs system management functions related to
   14.14 +virtual machines.  It forms a central point of control for a machine
   14.15 +and can be controlled using an HTTP-based protocol.  \Xend\ must be
   14.16 +running in order to start and manage virtual machines.
   14.17 +
   14.18 +\Xend\ must be run as root because it needs access to privileged
   14.19 +system management functions.  A small set of commands may be issued on
   14.20 +the \xend\ command line:
   14.21 +
   14.22 +\begin{tabular}{ll}
   14.23 +  \verb!# xend start! & start \xend, if not already running \\
   14.24 +  \verb!# xend stop!  & stop \xend\ if already running       \\
   14.25 +  \verb!# xend restart! & restart \xend\ if running, otherwise start it \\
   14.26 +  % \verb!# xend trace_start! & start \xend, with very detailed debug logging \\
   14.27 +  \verb!# xend status! & indicates \xend\ status by its return code
   14.28 +\end{tabular}
   14.29 +
   14.30 +A SysV init script called {\tt xend} is provided to start \xend\ at
   14.31 +boot time.  {\tt make install} installs this script in
   14.32 +\path{/etc/init.d}.  To enable it, you have to make symbolic links in
   14.33 +the appropriate runlevel directories or use the {\tt chkconfig} tool,
   14.34 +where available.
   14.35 +
   14.36 +Once \xend\ is running, more sophisticated administration can be done
   14.37 +using the xm tool (see Section~\ref{s:xm}) and the experimental Xensv
   14.38 +web interface (see Section~\ref{s:xensv}).
   14.39 +
   14.40 +As \xend\ runs, events will be logged to \path{/var/log/xend.log} and,
   14.41 +if the migration assistant daemon (\path{xfrd}) has been started,
   14.42 +\path{/var/log/xfrd.log}. These may be of use for troubleshooting
   14.43 +problems.
   14.44 +
   14.45 +\section{Xm (command line interface)}
   14.46 +\label{s:xm}
   14.47 +
   14.48 +The xm tool is the primary tool for managing Xen from the console.
   14.49 +The general format of an xm command line is:
   14.50 +
   14.51 +\begin{verbatim}
   14.52 +# xm command [switches] [arguments] [variables]
   14.53 +\end{verbatim}
   14.54 +
   14.55 +The available \emph{switches} and \emph{arguments} are dependent on
   14.56 +the \emph{command} chosen.  The \emph{variables} may be set using
   14.57 +declarations of the form {\tt variable=value} and command line
   14.58 +declarations override any of the values in the configuration file
   14.59 +being used, including the standard variables described above and any
   14.60 +custom variables (for instance, the \path{xmdefconfig} file uses a
   14.61 +{\tt vmid} variable).
   14.62 +
   14.63 +The available commands are as follows:
   14.64 +
   14.65 +\begin{description}
   14.66 +\item[set-mem] Request a domain to adjust its memory footprint.
   14.67 +\item[create] Create a new domain.
   14.68 +\item[destroy] Kill a domain immediately.
   14.69 +\item[list] List running domains.
   14.70 +\item[shutdown] Ask a domain to shutdown.
   14.71 +\item[dmesg] Fetch the Xen (not Linux!) boot output.
   14.72 +\item[consoles] Lists the available consoles.
   14.73 +\item[console] Connect to the console for a domain.
   14.74 +\item[help] Get help on xm commands.
   14.75 +\item[save] Suspend a domain to disk.
   14.76 +\item[restore] Restore a domain from disk.
   14.77 +\item[pause] Pause a domain's execution.
   14.78 +\item[unpause] Un-pause a domain.
   14.79 +\item[pincpu] Pin a domain to a CPU.
   14.80 +\item[bvt] Set BVT scheduler parameters for a domain.
   14.81 +\item[bvt\_ctxallow] Set the BVT context switching allowance for the
   14.82 +  system.
   14.83 +\item[atropos] Set the atropos parameters for a domain.
   14.84 +\item[rrobin] Set the round robin time slice for the system.
   14.85 +\item[info] Get information about the Xen host.
   14.86 +\item[call] Call a \xend\ HTTP API function directly.
   14.87 +\end{description}
   14.88 +
   14.89 +For a detailed overview of switches, arguments and variables to each
   14.90 +command try
   14.91 +\begin{quote}
   14.92 +\begin{verbatim}
   14.93 +# xm help command
   14.94 +\end{verbatim}
   14.95 +\end{quote}
   14.96 +
   14.97 +\section{Xensv (web control interface)}
   14.98 +\label{s:xensv}
   14.99 +
  14.100 +Xensv is the experimental web control interface for managing a Xen
  14.101 +machine.  It can be used to perform some (but not yet all) of the
  14.102 +management tasks that can be done using the xm tool.
  14.103 +
  14.104 +It can be started using:
  14.105 +\begin{quote}
  14.106 +  \verb_# xensv start_
  14.107 +\end{quote}
  14.108 +and stopped using:
  14.109 +\begin{quote}
  14.110 +  \verb_# xensv stop_
  14.111 +\end{quote}
  14.112 +
  14.113 +By default, Xensv will serve out the web interface on port 8080.  This
  14.114 +can be changed by editing
  14.115 +\path{/usr/lib/python2.3/site-packages/xen/sv/params.py}.
  14.116 +
  14.117 +Once Xensv is running, the web interface can be used to create and
  14.118 +manage running domains.
    15.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    15.2 +++ b/docs/src/user/debian.tex	Thu Sep 22 11:42:01 2005 -0600
    15.3 @@ -0,0 +1,154 @@
    15.4 +\chapter{Installing Xen / XenLinux on Debian}
    15.5 +
    15.6 +The Debian project provides a tool called \path{debootstrap} which
    15.7 +allows a base Debian system to be installed into a filesystem without
    15.8 +requiring the host system to have any Debian-specific software (such
    15.9 +as \path{apt}).
   15.10 +
   15.11 +Here's some info how to install Debian 3.1 (Sarge) for an unprivileged
   15.12 +Xen domain:
   15.13 +
   15.14 +\begin{enumerate}
   15.15 +
   15.16 +\item Set up Xen and test that it's working, as described earlier in
   15.17 +  this manual.
   15.18 +
   15.19 +\item Create disk images for rootfs and swap. Alternatively, you might
   15.20 +  create dedicated partitions, LVM logical volumes, etc.\ if that
   15.21 +  suits your setup.
   15.22 +\begin{verbatim}
   15.23 +dd if=/dev/zero of=/path/diskimage bs=1024k count=size_in_mbytes
   15.24 +dd if=/dev/zero of=/path/swapimage bs=1024k count=size_in_mbytes
   15.25 +\end{verbatim}
   15.26 +
   15.27 +  If you're going to use this filesystem / disk image only as a
   15.28 +  `template' for other vm disk images, something like 300 MB should be
   15.29 +  enough. (of course it depends what kind of packages you are planning
   15.30 +  to install to the template)
   15.31 +
   15.32 +\item Create the filesystem and initialise the swap image
   15.33 +\begin{verbatim}
   15.34 +mkfs.ext3 /path/diskimage
   15.35 +mkswap /path/swapimage
   15.36 +\end{verbatim}
   15.37 +
   15.38 +\item Mount the disk image for installation
   15.39 +\begin{verbatim}
   15.40 +mount -o loop /path/diskimage /mnt/disk
   15.41 +\end{verbatim}
   15.42 +
   15.43 +\item Install \path{debootstrap}. Make sure you have debootstrap
   15.44 +  installed on the host.  If you are running Debian Sarge (3.1 /
   15.45 +  testing) or unstable you can install it by running \path{apt-get
   15.46 +    install debootstrap}.  Otherwise, it can be downloaded from the
   15.47 +  Debian project website.
   15.48 +
   15.49 +\item Install Debian base to the disk image:
   15.50 +\begin{verbatim}
   15.51 +debootstrap --arch i386 sarge /mnt/disk  \
   15.52 +            http://ftp.<countrycode>.debian.org/debian
   15.53 +\end{verbatim}
   15.54 +
   15.55 +  You can use any other Debian http/ftp mirror you want.
   15.56 +
   15.57 +\item When debootstrap completes successfully, modify settings:
   15.58 +\begin{verbatim}
   15.59 +chroot /mnt/disk /bin/bash
   15.60 +\end{verbatim}
   15.61 +
   15.62 +Edit the following files using vi or nano and make needed changes:
   15.63 +\begin{verbatim}
   15.64 +/etc/hostname
   15.65 +/etc/hosts
   15.66 +/etc/resolv.conf
   15.67 +/etc/network/interfaces
   15.68 +/etc/networks
   15.69 +\end{verbatim}
   15.70 +
   15.71 +Set up access to the services, edit:
   15.72 +\begin{verbatim}
   15.73 +/etc/hosts.deny
   15.74 +/etc/hosts.allow
   15.75 +/etc/inetd.conf
   15.76 +\end{verbatim}
   15.77 +
   15.78 +Add Debian mirror to:   
   15.79 +\begin{verbatim}
   15.80 +/etc/apt/sources.list
   15.81 +\end{verbatim}
   15.82 +
   15.83 +Create fstab like this:
   15.84 +\begin{verbatim}
   15.85 +/dev/sda1       /       ext3    errors=remount-ro       0       1
   15.86 +/dev/sda2       none    swap    sw                      0       0
   15.87 +proc            /proc   proc    defaults                0       0
   15.88 +\end{verbatim}
   15.89 +
   15.90 +Logout
   15.91 +
   15.92 +\item Unmount the disk image
   15.93 +\begin{verbatim}
   15.94 +umount /mnt/disk
   15.95 +\end{verbatim}
   15.96 +
   15.97 +\item Create Xen 2.0 configuration file for the new domain. You can
   15.98 +  use the example-configurations coming with Xen as a template.
   15.99 +
  15.100 +  Make sure you have the following set up:
  15.101 +\begin{verbatim}
  15.102 +disk = [ 'file:/path/diskimage,sda1,w', 'file:/path/swapimage,sda2,w' ]
  15.103 +root = "/dev/sda1 ro"
  15.104 +\end{verbatim}
  15.105 +
  15.106 +\item Start the new domain
  15.107 +\begin{verbatim}
  15.108 +xm create -f domain_config_file
  15.109 +\end{verbatim}
  15.110 +
  15.111 +Check that the new domain is running:
  15.112 +\begin{verbatim}
  15.113 +xm list
  15.114 +\end{verbatim}
  15.115 +
  15.116 +\item Attach to the console of the new domain.  You should see
  15.117 +  something like this when starting the new domain:
  15.118 +
  15.119 +\begin{verbatim}
  15.120 +Started domain testdomain2, console on port 9626
  15.121 +\end{verbatim}
  15.122 +        
  15.123 +  There you can see the ID of the console: 26. You can also list the
  15.124 +  consoles with \path{xm consoles} (ID is the last two digits of the
  15.125 +  port number.)
  15.126 +
  15.127 +  Attach to the console:
  15.128 +
  15.129 +\begin{verbatim}
  15.130 +xm console 26
  15.131 +\end{verbatim}
  15.132 +
  15.133 +  or by telnetting to the port 9626 of localhost (the xm console
  15.134 +  program works better).
  15.135 +
  15.136 +\item Log in and run base-config
  15.137 +
  15.138 +  As a default there's no password for the root.
  15.139 +
  15.140 +  Check that everything looks OK, and the system started without
  15.141 +  errors.  Check that the swap is active, and the network settings are
  15.142 +  correct.
  15.143 +
  15.144 +  Run \path{/usr/sbin/base-config} to set up the Debian settings.
  15.145 +
  15.146 +  Set up the password for root using passwd.
  15.147 +
  15.148 +\item Done. You can exit the console by pressing {\path{Ctrl + ]}}
  15.149 +
  15.150 +\end{enumerate}
  15.151 +
  15.152 +
  15.153 +If you need to create new domains, you can just copy the contents of
  15.154 +the `template'-image to the new disk images, either by mounting the
  15.155 +template and the new image, and using \path{cp -a} or \path{tar} or by
  15.156 +simply copying the image file.  Once this is done, modify the
  15.157 +image-specific settings (hostname, network settings, etc).
    16.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    16.2 +++ b/docs/src/user/domain_configuration.tex	Thu Sep 22 11:42:01 2005 -0600
    16.3 @@ -0,0 +1,281 @@
    16.4 +\chapter{Domain Configuration}
    16.5 +\label{cha:config}
    16.6 +
    16.7 +The following contains the syntax of the domain configuration files
    16.8 +and description of how to further specify networking, driver domain
    16.9 +and general scheduling behavior.
   16.10 +
   16.11 +
   16.12 +\section{Configuration Files}
   16.13 +\label{s:cfiles}
   16.14 +
   16.15 +Xen configuration files contain the following standard variables.
   16.16 +Unless otherwise stated, configuration items should be enclosed in
   16.17 +quotes: see \path{/etc/xen/xmexample1} and \path{/etc/xen/xmexample2}
   16.18 +for concrete examples of the syntax.
   16.19 +
   16.20 +\begin{description}
   16.21 +\item[kernel] Path to the kernel image.
   16.22 +\item[ramdisk] Path to a ramdisk image (optional).
   16.23 +  % \item[builder] The name of the domain build function (e.g.
   16.24 +  %   {\tt'linux'} or {\tt'netbsd'}.
   16.25 +\item[memory] Memory size in megabytes.
   16.26 +\item[cpu] CPU to run this domain on, or {\tt -1} for auto-allocation.
   16.27 +\item[console] Port to export the domain console on (default 9600 +
   16.28 +  domain ID).
   16.29 +\item[nics] Number of virtual network interfaces.
   16.30 +\item[vif] List of MAC addresses (random addresses are assigned if not
   16.31 +  given) and bridges to use for the domain's network interfaces, e.g.\ 
   16.32 +\begin{verbatim}
   16.33 +vif = [ 'mac=aa:00:00:00:00:11, bridge=xen-br0',
   16.34 +        'bridge=xen-br1' ]
   16.35 +\end{verbatim}
   16.36 +  to assign a MAC address and bridge to the first interface and assign
   16.37 +  a different bridge to the second interface, leaving \xend\ to choose
   16.38 +  the MAC address.
   16.39 +\item[disk] List of block devices to export to the domain, e.g.\ \\
   16.40 +  \verb_disk = [ 'phy:hda1,sda1,r' ]_ \\
   16.41 +  exports physical device \path{/dev/hda1} to the domain as
   16.42 +  \path{/dev/sda1} with read-only access. Exporting a disk read-write
   16.43 +  which is currently mounted is dangerous -- if you are \emph{certain}
   16.44 +  you wish to do this, you can specify \path{w!} as the mode.
   16.45 +\item[dhcp] Set to {\tt `dhcp'} if you want to use DHCP to configure
   16.46 +  networking.
   16.47 +\item[netmask] Manually configured IP netmask.
   16.48 +\item[gateway] Manually configured IP gateway.
   16.49 +\item[hostname] Set the hostname for the virtual machine.
   16.50 +\item[root] Specify the root device parameter on the kernel command
   16.51 +  line.
   16.52 +\item[nfs\_server] IP address for the NFS server (if any).
   16.53 +\item[nfs\_root] Path of the root filesystem on the NFS server (if
   16.54 +  any).
   16.55 +\item[extra] Extra string to append to the kernel command line (if
   16.56 +  any)
   16.57 +\item[restart] Three possible options:
   16.58 +  \begin{description}
   16.59 +  \item[always] Always restart the domain, no matter what its exit
   16.60 +    code is.
   16.61 +  \item[never] Never restart the domain.
   16.62 +  \item[onreboot] Restart the domain iff it requests reboot.
   16.63 +  \end{description}
   16.64 +\end{description}
   16.65 +
   16.66 +For additional flexibility, it is also possible to include Python
   16.67 +scripting commands in configuration files.  An example of this is the
   16.68 +\path{xmexample2} file, which uses Python code to handle the
   16.69 +\path{vmid} variable.
   16.70 +
   16.71 +
   16.72 +%\part{Advanced Topics}
   16.73 +
   16.74 +
   16.75 +\section{Network Configuration}
   16.76 +
   16.77 +For many users, the default installation should work ``out of the
   16.78 +box''.  More complicated network setups, for instance with multiple
   16.79 +Ethernet interfaces and/or existing bridging setups will require some
   16.80 +special configuration.
   16.81 +
   16.82 +The purpose of this section is to describe the mechanisms provided by
   16.83 +\xend\ to allow a flexible configuration for Xen's virtual networking.
   16.84 +
   16.85 +\subsection{Xen virtual network topology}
   16.86 +
   16.87 +Each domain network interface is connected to a virtual network
   16.88 +interface in dom0 by a point to point link (effectively a ``virtual
   16.89 +crossover cable'').  These devices are named {\tt
   16.90 +  vif$<$domid$>$.$<$vifid$>$} (e.g.\ {\tt vif1.0} for the first
   16.91 +interface in domain~1, {\tt vif3.1} for the second interface in
   16.92 +domain~3).
   16.93 +
   16.94 +Traffic on these virtual interfaces is handled in domain~0 using
   16.95 +standard Linux mechanisms for bridging, routing, rate limiting, etc.
   16.96 +Xend calls on two shell scripts to perform initial configuration of
   16.97 +the network and configuration of new virtual interfaces.  By default,
   16.98 +these scripts configure a single bridge for all the virtual
   16.99 +interfaces.  Arbitrary routing / bridging configurations can be
  16.100 +configured by customizing the scripts, as described in the following
  16.101 +section.
  16.102 +
  16.103 +\subsection{Xen networking scripts}
  16.104 +
  16.105 +Xen's virtual networking is configured by two shell scripts (by
  16.106 +default \path{network} and \path{vif-bridge}).  These are called
  16.107 +automatically by \xend\ when certain events occur, with arguments to
  16.108 +the scripts providing further contextual information.  These scripts
  16.109 +are found by default in \path{/etc/xen/scripts}.  The names and
  16.110 +locations of the scripts can be configured in
  16.111 +\path{/etc/xen/xend-config.sxp}.
  16.112 +
  16.113 +\begin{description}
  16.114 +\item[network:] This script is called whenever \xend\ is started or
  16.115 +  stopped to respectively initialize or tear down the Xen virtual
  16.116 +  network. In the default configuration initialization creates the
  16.117 +  bridge `xen-br0' and moves eth0 onto that bridge, modifying the
  16.118 +  routing accordingly. When \xend\ exits, it deletes the Xen bridge
  16.119 +  and removes eth0, restoring the normal IP and routing configuration.
  16.120 +
  16.121 +  %% In configurations where the bridge already exists, this script
  16.122 +  %% could be replaced with a link to \path{/bin/true} (for instance).
  16.123 +
  16.124 +\item[vif-bridge:] This script is called for every domain virtual
  16.125 +  interface and can configure firewalling rules and add the vif to the
  16.126 +  appropriate bridge. By default, this adds and removes VIFs on the
  16.127 +  default Xen bridge.
  16.128 +\end{description}
  16.129 +
  16.130 +For more complex network setups (e.g.\ where routing is required or
  16.131 +integrate with existing bridges) these scripts may be replaced with
  16.132 +customized variants for your site's preferred configuration.
  16.133 +
  16.134 +%% There are two possible types of privileges: IO privileges and
  16.135 +%% administration privileges.
  16.136 +
  16.137 +
  16.138 +\section{Driver Domain Configuration}
  16.139 +
  16.140 +I/O privileges can be assigned to allow a domain to directly access
  16.141 +PCI devices itself.  This is used to support driver domains.
  16.142 +
  16.143 +Setting back-end privileges is currently only supported in SXP format
  16.144 +config files.  To allow a domain to function as a back-end for others,
  16.145 +somewhere within the {\tt vm} element of its configuration file must
  16.146 +be a {\tt back-end} element of the form {\tt (back-end ({\em type}))}
  16.147 +where {\tt \em type} may be either {\tt netif} or {\tt blkif},
  16.148 +according to the type of virtual device this domain will service.
  16.149 +%% After this domain has been built, \xend will connect all new and
  16.150 +%% existing {\em virtual} devices (of the appropriate type) to that
  16.151 +%% back-end.
  16.152 +
  16.153 +Note that a block back-end cannot currently import virtual block
  16.154 +devices from other domains, and a network back-end cannot import
  16.155 +virtual network devices from other domains.  Thus (particularly in the
  16.156 +case of block back-ends, which cannot import a virtual block device as
  16.157 +their root filesystem), you may need to boot a back-end domain from a
  16.158 +ramdisk or a network device.
  16.159 +
  16.160 +Access to PCI devices may be configured on a per-device basis.  Xen
  16.161 +will assign the minimal set of hardware privileges to a domain that
  16.162 +are required to control its devices.  This can be configured in either
  16.163 +format of configuration file:
  16.164 +
  16.165 +\begin{itemize}
  16.166 +\item SXP Format: Include device elements of the form: \\
  16.167 +  \centerline{  {\tt (device (pci (bus {\em x}) (dev {\em y}) (func {\em z})))}} \\
  16.168 +  inside the top-level {\tt vm} element.  Each one specifies the
  16.169 +  address of a device this domain is allowed to access --- the numbers
  16.170 +  \emph{x},\emph{y} and \emph{z} may be in either decimal or
  16.171 +  hexadecimal format.
  16.172 +\item Flat Format: Include a list of PCI device addresses of the
  16.173 +  format: \\
  16.174 +  \centerline{{\tt pci = ['x,y,z', \ldots]}} \\
  16.175 +  where each element in the list is a string specifying the components
  16.176 +  of the PCI device address, separated by commas.  The components
  16.177 +  ({\tt \em x}, {\tt \em y} and {\tt \em z}) of the list may be
  16.178 +  formatted as either decimal or hexadecimal.
  16.179 +\end{itemize}
  16.180 +
  16.181 +%% \section{Administration Domains}
  16.182 +
  16.183 +%% Administration privileges allow a domain to use the `dom0
  16.184 +%% operations' (so called because they are usually available only to
  16.185 +%% domain 0).  A privileged domain can build other domains, set
  16.186 +%% scheduling parameters, etc.
  16.187 +
  16.188 +% Support for other administrative domains is not yet available...
  16.189 +% perhaps we should plumb it in some time
  16.190 +
  16.191 +
  16.192 +\section{Scheduler Configuration}
  16.193 +\label{s:sched}
  16.194 +
  16.195 +Xen offers a boot time choice between multiple schedulers.  To select
  16.196 +a scheduler, pass the boot parameter \emph{sched=sched\_name} to Xen,
  16.197 +substituting the appropriate scheduler name.  Details of the
  16.198 +schedulers and their parameters are included below; future versions of
  16.199 +the tools will provide a higher-level interface to these tools.
  16.200 +
  16.201 +It is expected that system administrators configure their system to
  16.202 +use the scheduler most appropriate to their needs.  Currently, the BVT
  16.203 +scheduler is the recommended choice.
  16.204 +
  16.205 +\subsection{Borrowed Virtual Time}
  16.206 +
  16.207 +{\tt sched=bvt} (the default) \\
  16.208 +
  16.209 +BVT provides proportional fair shares of the CPU time.  It has been
  16.210 +observed to penalize domains that block frequently (e.g.\ I/O
  16.211 +intensive domains), but this can be compensated for by using warping.
  16.212 +
  16.213 +\subsubsection{Global Parameters}
  16.214 +
  16.215 +\begin{description}
  16.216 +\item[ctx\_allow] The context switch allowance is similar to the
  16.217 +  ``quantum'' in traditional schedulers.  It is the minimum time that
  16.218 +  a scheduled domain will be allowed to run before being preempted.
  16.219 +\end{description}
  16.220 +
  16.221 +\subsubsection{Per-domain parameters}
  16.222 +
  16.223 +\begin{description}
  16.224 +\item[mcuadv] The MCU (Minimum Charging Unit) advance determines the
  16.225 +  proportional share of the CPU that a domain receives.  It is set
  16.226 +  inversely proportionally to a domain's sharing weight.
  16.227 +\item[warp] The amount of ``virtual time'' the domain is allowed to
  16.228 +  warp backwards.
  16.229 +\item[warpl] The warp limit is the maximum time a domain can run
  16.230 +  warped for.
  16.231 +\item[warpu] The unwarp requirement is the minimum time a domain must
  16.232 +  run unwarped for before it can warp again.
  16.233 +\end{description}
  16.234 +
  16.235 +\subsection{Atropos}
  16.236 +
  16.237 +{\tt sched=atropos} \\
  16.238 +
  16.239 +Atropos is a soft real time scheduler.  It provides guarantees about
  16.240 +absolute shares of the CPU, with a facility for sharing slack CPU time
  16.241 +on a best-effort basis. It can provide timeliness guarantees for
  16.242 +latency-sensitive domains.
  16.243 +
  16.244 +Every domain has an associated period and slice.  The domain should
  16.245 +receive `slice' nanoseconds every `period' nanoseconds.  This allows
  16.246 +the administrator to configure both the absolute share of the CPU a
  16.247 +domain receives and the frequency with which it is scheduled.
  16.248 +
  16.249 +%% When domains unblock, their period is reduced to the value of the
  16.250 +%% latency hint (the slice is scaled accordingly so that they still
  16.251 +%% get the same proportion of the CPU).  For each subsequent period,
  16.252 +%% the slice and period times are doubled until they reach their
  16.253 +%% original values.
  16.254 +
  16.255 +Note: don't over-commit the CPU when using Atropos (i.e.\ don't reserve
  16.256 +more CPU than is available --- the utilization should be kept to
  16.257 +slightly less than 100\% in order to ensure predictable behavior).
  16.258 +
  16.259 +\subsubsection{Per-domain parameters}
  16.260 +
  16.261 +\begin{description}
  16.262 +\item[period] The regular time interval during which a domain is
  16.263 +  guaranteed to receive its allocation of CPU time.
  16.264 +\item[slice] The length of time per period that a domain is guaranteed
  16.265 +  to run for (in the absence of voluntary yielding of the CPU).
  16.266 +\item[latency] The latency hint is used to control how soon after
  16.267 +  waking up a domain it should be scheduled.
  16.268 +\item[xtratime] This is a boolean flag that specifies whether a domain
  16.269 +  should be allowed a share of the system slack time.
  16.270 +\end{description}
  16.271 +
  16.272 +\subsection{Round Robin}
  16.273 +
  16.274 +{\tt sched=rrobin} \\
  16.275 +
  16.276 +The round robin scheduler is included as a simple demonstration of
  16.277 +Xen's internal scheduler API.  It is not intended for production use.
  16.278 +
  16.279 +\subsubsection{Global Parameters}
  16.280 +
  16.281 +\begin{description}
  16.282 +\item[rr\_slice] The maximum time each domain runs before the next
  16.283 +  scheduling decision is made.
  16.284 +\end{description}
    17.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    17.2 +++ b/docs/src/user/domain_filesystem.tex	Thu Sep 22 11:42:01 2005 -0600
    17.3 @@ -0,0 +1,243 @@
    17.4 +\chapter{Domain Filesystem Storage}
    17.5 +
    17.6 +It is possible to directly export any Linux block device in dom0 to
    17.7 +another domain, or to export filesystems / devices to virtual machines
    17.8 +using standard network protocols (e.g.\ NBD, iSCSI, NFS, etc.).  This
    17.9 +chapter covers some of the possibilities.
   17.10 +
   17.11 +
   17.12 +\section{Exporting Physical Devices as VBDs}
   17.13 +\label{s:exporting-physical-devices-as-vbds}
   17.14 +
   17.15 +One of the simplest configurations is to directly export individual
   17.16 +partitions from domain~0 to other domains. To achieve this use the
   17.17 +\path{phy:} specifier in your domain configuration file. For example a
   17.18 +line like
   17.19 +\begin{quote}
   17.20 +  \verb_disk = ['phy:hda3,sda1,w']_
   17.21 +\end{quote}
   17.22 +specifies that the partition \path{/dev/hda3} in domain~0 should be
   17.23 +exported read-write to the new domain as \path{/dev/sda1}; one could
   17.24 +equally well export it as \path{/dev/hda} or \path{/dev/sdb5} should
   17.25 +one wish.
   17.26 +
   17.27 +In addition to local disks and partitions, it is possible to export
   17.28 +any device that Linux considers to be ``a disk'' in the same manner.
   17.29 +For example, if you have iSCSI disks or GNBD volumes imported into
   17.30 +domain~0 you can export these to other domains using the \path{phy:}
   17.31 +disk syntax. E.g.:
   17.32 +\begin{quote}
   17.33 +  \verb_disk = ['phy:vg/lvm1,sda2,w']_
   17.34 +\end{quote}
   17.35 +
   17.36 +\begin{center}
   17.37 +  \framebox{\bf Warning: Block device sharing}
   17.38 +\end{center}
   17.39 +\begin{quote}
   17.40 +  Block devices should typically only be shared between domains in a
   17.41 +  read-only fashion otherwise the Linux kernel's file systems will get
   17.42 +  very confused as the file system structure may change underneath
   17.43 +  them (having the same ext3 partition mounted \path{rw} twice is a
   17.44 +  sure fire way to cause irreparable damage)!  \Xend\ will attempt to
   17.45 +  prevent you from doing this by checking that the device is not
   17.46 +  mounted read-write in domain~0, and hasn't already been exported
   17.47 +  read-write to another domain.  If you want read-write sharing,
   17.48 +  export the directory to other domains via NFS from domain~0 (or use
   17.49 +  a cluster file system such as GFS or ocfs2).
   17.50 +\end{quote}
   17.51 +
   17.52 +
   17.53 +\section{Using File-backed VBDs}
   17.54 +
   17.55 +It is also possible to use a file in Domain~0 as the primary storage
   17.56 +for a virtual machine.  As well as being convenient, this also has the
   17.57 +advantage that the virtual block device will be \emph{sparse} ---
   17.58 +space will only really be allocated as parts of the file are used.  So
   17.59 +if a virtual machine uses only half of its disk space then the file
   17.60 +really takes up half of the size allocated.
   17.61 +
   17.62 +For example, to create a 2GB sparse file-backed virtual block device
   17.63 +(actually only consumes 1KB of disk):
   17.64 +\begin{quote}
   17.65 +  \verb_# dd if=/dev/zero of=vm1disk bs=1k seek=2048k count=1_
   17.66 +\end{quote}
   17.67 +
   17.68 +Make a file system in the disk file:
   17.69 +\begin{quote}
   17.70 +  \verb_# mkfs -t ext3 vm1disk_
   17.71 +\end{quote}
   17.72 +
   17.73 +(when the tool asks for confirmation, answer `y')
   17.74 +
   17.75 +Populate the file system e.g.\ by copying from the current root:
   17.76 +\begin{quote}
   17.77 +\begin{verbatim}
   17.78 +# mount -o loop vm1disk /mnt
   17.79 +# cp -ax /{root,dev,var,etc,usr,bin,sbin,lib} /mnt
   17.80 +# mkdir /mnt/{proc,sys,home,tmp}
   17.81 +\end{verbatim}
   17.82 +\end{quote}
   17.83 +
   17.84 +Tailor the file system by editing \path{/etc/fstab},
   17.85 +\path{/etc/hostname}, etc.\ Don't forget to edit the files in the
   17.86 +mounted file system, instead of your domain~0 filesystem, e.g.\ you
   17.87 +would edit \path{/mnt/etc/fstab} instead of \path{/etc/fstab}.  For
   17.88 +this example put \path{/dev/sda1} to root in fstab.
   17.89 +
   17.90 +Now unmount (this is important!):
   17.91 +\begin{quote}
   17.92 +  \verb_# umount /mnt_
   17.93 +\end{quote}
   17.94 +
   17.95 +In the configuration file set:
   17.96 +\begin{quote}
   17.97 +  \verb_disk = ['file:/full/path/to/vm1disk,sda1,w']_
   17.98 +\end{quote}
   17.99 +
  17.100 +As the virtual machine writes to its `disk', the sparse file will be
  17.101 +filled in and consume more space up to the original 2GB.
  17.102 +
  17.103 +{\bf Note that file-backed VBDs may not be appropriate for backing
  17.104 +  I/O-intensive domains.}  File-backed VBDs are known to experience
  17.105 +substantial slowdowns under heavy I/O workloads, due to the I/O
  17.106 +handling by the loopback block device used to support file-backed VBDs
  17.107 +in dom0.  Better I/O performance can be achieved by using either
  17.108 +LVM-backed VBDs (Section~\ref{s:using-lvm-backed-vbds}) or physical
  17.109 +devices as VBDs (Section~\ref{s:exporting-physical-devices-as-vbds}).
  17.110 +
  17.111 +Linux supports a maximum of eight file-backed VBDs across all domains
  17.112 +by default.  This limit can be statically increased by using the
  17.113 +\emph{max\_loop} module parameter if CONFIG\_BLK\_DEV\_LOOP is
  17.114 +compiled as a module in the dom0 kernel, or by using the
  17.115 +\emph{max\_loop=n} boot option if CONFIG\_BLK\_DEV\_LOOP is compiled
  17.116 +directly into the dom0 kernel.
  17.117 +
  17.118 +
  17.119 +\section{Using LVM-backed VBDs}
  17.120 +\label{s:using-lvm-backed-vbds}
  17.121 +
  17.122 +A particularly appealing solution is to use LVM volumes as backing for
  17.123 +domain file-systems since this allows dynamic growing/shrinking of
  17.124 +volumes as well as snapshot and other features.
  17.125 +
  17.126 +To initialize a partition to support LVM volumes:
  17.127 +\begin{quote}
  17.128 +\begin{verbatim}
  17.129 +# pvcreate /dev/sda10           
  17.130 +\end{verbatim} 
  17.131 +\end{quote}
  17.132 +
  17.133 +Create a volume group named `vg' on the physical partition:
  17.134 +\begin{quote}
  17.135 +\begin{verbatim}
  17.136 +# vgcreate vg /dev/sda10
  17.137 +\end{verbatim} 
  17.138 +\end{quote}
  17.139 +
  17.140 +Create a logical volume of size 4GB named `myvmdisk1':
  17.141 +\begin{quote}
  17.142 +\begin{verbatim}
  17.143 +# lvcreate -L4096M -n myvmdisk1 vg
  17.144 +\end{verbatim}
  17.145 +\end{quote}
  17.146 +
  17.147 +You should now see that you have a \path{/dev/vg/myvmdisk1} Make a
  17.148 +filesystem, mount it and populate it, e.g.:
  17.149 +\begin{quote}
  17.150 +\begin{verbatim}
  17.151 +# mkfs -t ext3 /dev/vg/myvmdisk1
  17.152 +# mount /dev/vg/myvmdisk1 /mnt
  17.153 +# cp -ax / /mnt
  17.154 +# umount /mnt
  17.155 +\end{verbatim}
  17.156 +\end{quote}
  17.157 +
  17.158 +Now configure your VM with the following disk configuration:
  17.159 +\begin{quote}
  17.160 +\begin{verbatim}
  17.161 + disk = [ 'phy:vg/myvmdisk1,sda1,w' ]
  17.162 +\end{verbatim}
  17.163 +\end{quote}
  17.164 +
  17.165 +LVM enables you to grow the size of logical volumes, but you'll need
  17.166 +to resize the corresponding file system to make use of the new space.
  17.167 +Some file systems (e.g.\ ext3) now support online resize.  See the LVM
  17.168 +manuals for more details.
  17.169 +
  17.170 +You can also use LVM for creating copy-on-write (CoW) clones of LVM
  17.171 +volumes (known as writable persistent snapshots in LVM terminology).
  17.172 +This facility is new in Linux 2.6.8, so isn't as stable as one might
  17.173 +hope.  In particular, using lots of CoW LVM disks consumes a lot of
  17.174 +dom0 memory, and error conditions such as running out of disk space
  17.175 +are not handled well. Hopefully this will improve in future.
  17.176 +
  17.177 +To create two copy-on-write clone of the above file system you would
  17.178 +use the following commands:
  17.179 +
  17.180 +\begin{quote}
  17.181 +\begin{verbatim}
  17.182 +# lvcreate -s -L1024M -n myclonedisk1 /dev/vg/myvmdisk1
  17.183 +# lvcreate -s -L1024M -n myclonedisk2 /dev/vg/myvmdisk1
  17.184 +\end{verbatim}
  17.185 +\end{quote}
  17.186 +
  17.187 +Each of these can grow to have 1GB of differences from the master
  17.188 +volume. You can grow the amount of space for storing the differences
  17.189 +using the lvextend command, e.g.:
  17.190 +\begin{quote}
  17.191 +\begin{verbatim}
  17.192 +# lvextend +100M /dev/vg/myclonedisk1
  17.193 +\end{verbatim}
  17.194 +\end{quote}
  17.195 +
  17.196 +Don't let the `differences volume' ever fill up otherwise LVM gets
  17.197 +rather confused. It may be possible to automate the growing process by
  17.198 +using \path{dmsetup wait} to spot the volume getting full and then
  17.199 +issue an \path{lvextend}.
  17.200 +
  17.201 +In principle, it is possible to continue writing to the volume that
  17.202 +has been cloned (the changes will not be visible to the clones), but
  17.203 +we wouldn't recommend this: have the cloned volume as a `pristine'
  17.204 +file system install that isn't mounted directly by any of the virtual
  17.205 +machines.
  17.206 +
  17.207 +
  17.208 +\section{Using NFS Root}
  17.209 +
  17.210 +First, populate a root filesystem in a directory on the server
  17.211 +machine. This can be on a distinct physical machine, or simply run
  17.212 +within a virtual machine on the same node.
  17.213 +
  17.214 +Now configure the NFS server to export this filesystem over the
  17.215 +network by adding a line to \path{/etc/exports}, for instance:
  17.216 +
  17.217 +\begin{quote}
  17.218 +  \begin{small}
  17.219 +\begin{verbatim}
  17.220 +/export/vm1root      1.2.3.4/24 (rw,sync,no_root_squash)
  17.221 +\end{verbatim}
  17.222 +  \end{small}
  17.223 +\end{quote}
  17.224 +
  17.225 +Finally, configure the domain to use NFS root.  In addition to the
  17.226 +normal variables, you should make sure to set the following values in
  17.227 +the domain's configuration file:
  17.228 +
  17.229 +\begin{quote}
  17.230 +  \begin{small}
  17.231 +\begin{verbatim}
  17.232 +root       = '/dev/nfs'
  17.233 +nfs_server = '2.3.4.5'       # substitute IP address of server
  17.234 +nfs_root   = '/path/to/root' # path to root FS on the server
  17.235 +\end{verbatim}
  17.236 +  \end{small}
  17.237 +\end{quote}
  17.238 +
  17.239 +The domain will need network access at boot time, so either statically
  17.240 +configure an IP address using the config variables \path{ip},
  17.241 +\path{netmask}, \path{gateway}, \path{hostname}; or enable DHCP
  17.242 +(\path{dhcp='dhcp'}).
  17.243 +
  17.244 +Note that the Linux NFS root implementation is known to have stability
  17.245 +problems under high load (this is not a Xen-specific problem), so this
  17.246 +configuration may not be appropriate for critical servers.
    18.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    18.2 +++ b/docs/src/user/domain_mgmt.tex	Thu Sep 22 11:42:01 2005 -0600
    18.3 @@ -0,0 +1,203 @@
    18.4 +\chapter{Domain Management Tools}
    18.5 +
    18.6 +The previous chapter described a simple example of how to configure
    18.7 +and start a domain.  This chapter summarises the tools available to
    18.8 +manage running domains.
    18.9 +
   18.10 +
   18.11 +\section{Command-line Management}
   18.12 +
   18.13 +Command line management tasks are also performed using the \path{xm}
   18.14 +tool.  For online help for the commands available, type:
   18.15 +\begin{quote}
   18.16 +  \verb_# xm help_
   18.17 +\end{quote}
   18.18 +
   18.19 +You can also type \path{xm help $<$command$>$} for more information on
   18.20 +a given command.
   18.21 +
   18.22 +\subsection{Basic Management Commands}
   18.23 +
   18.24 +The most important \path{xm} commands are:
   18.25 +\begin{quote}
   18.26 +  \verb_# xm list_: Lists all domains running.\\
   18.27 +  \verb_# xm consoles_: Gives information about the domain consoles.\\
   18.28 +  \verb_# xm console_: Opens a console to a domain (e.g.\
   18.29 +  \verb_# xm console myVM_)
   18.30 +\end{quote}
   18.31 +
   18.32 +\subsection{\tt xm list}
   18.33 +
   18.34 +The output of \path{xm list} is in rows of the following format:
   18.35 +\begin{center} {\tt name domid memory cpu state cputime console}
   18.36 +\end{center}
   18.37 +
   18.38 +\begin{quote}
   18.39 +  \begin{description}
   18.40 +  \item[name] The descriptive name of the virtual machine.
   18.41 +  \item[domid] The number of the domain ID this virtual machine is
   18.42 +    running in.
   18.43 +  \item[memory] Memory size in megabytes.
   18.44 +  \item[cpu] The CPU this domain is running on.
   18.45 +  \item[state] Domain state consists of 5 fields:
   18.46 +    \begin{description}
   18.47 +    \item[r] running
   18.48 +    \item[b] blocked
   18.49 +    \item[p] paused
   18.50 +    \item[s] shutdown
   18.51 +    \item[c] crashed
   18.52 +    \end{description}
   18.53 +  \item[cputime] How much CPU time (in seconds) the domain has used so
   18.54 +    far.
   18.55 +  \item[console] TCP port accepting connections to the domain's
   18.56 +    console.
   18.57 +  \end{description}
   18.58 +\end{quote}
   18.59 +
   18.60 +The \path{xm list} command also supports a long output format when the
   18.61 +\path{-l} switch is used.  This outputs the fulls details of the
   18.62 +running domains in \xend's SXP configuration format.
   18.63 +
   18.64 +For example, suppose the system is running the ttylinux domain as
   18.65 +described earlier.  The list command should produce output somewhat
   18.66 +like the following:
   18.67 +\begin{verbatim}
   18.68 +# xm list
   18.69 +Name              Id  Mem(MB)  CPU  State  Time(s)  Console
   18.70 +Domain-0           0      251    0  r----    172.2        
   18.71 +ttylinux           5       63    0  -b---      3.0    9605
   18.72 +\end{verbatim}
   18.73 +
   18.74 +Here we can see the details for the ttylinux domain, as well as for
   18.75 +domain~0 (which, of course, is always running).  Note that the console
   18.76 +port for the ttylinux domain is 9605.  This can be connected to by TCP
   18.77 +using a terminal program (e.g. \path{telnet} or, better,
   18.78 +\path{xencons}).  The simplest way to connect is to use the
   18.79 +\path{xm~console} command, specifying the domain name or ID.  To
   18.80 +connect to the console of the ttylinux domain, we could use any of the
   18.81 +following:
   18.82 +\begin{verbatim}
   18.83 +# xm console ttylinux
   18.84 +# xm console 5
   18.85 +# xencons localhost 9605
   18.86 +\end{verbatim}
   18.87 +
   18.88 +\section{Domain Save and Restore}
   18.89 +
   18.90 +The administrator of a Xen system may suspend a virtual machine's
   18.91 +current state into a disk file in domain~0, allowing it to be resumed
   18.92 +at a later time.
   18.93 +
   18.94 +The ttylinux domain described earlier can be suspended to disk using
   18.95 +the command:
   18.96 +\begin{verbatim}
   18.97 +# xm save ttylinux ttylinux.xen
   18.98 +\end{verbatim}
   18.99 +
  18.100 +This will stop the domain named `ttylinux' and save its current state
  18.101 +into a file called \path{ttylinux.xen}.
  18.102 +
  18.103 +To resume execution of this domain, use the \path{xm restore} command:
  18.104 +\begin{verbatim}
  18.105 +# xm restore ttylinux.xen
  18.106 +\end{verbatim}
  18.107 +
  18.108 +This will restore the state of the domain and restart it.  The domain
  18.109 +will carry on as before and the console may be reconnected using the
  18.110 +\path{xm console} command, as above.
  18.111 +
  18.112 +\section{Live Migration}
  18.113 +
  18.114 +Live migration is used to transfer a domain between physical hosts
  18.115 +whilst that domain continues to perform its usual activities --- from
  18.116 +the user's perspective, the migration should be imperceptible.
  18.117 +
  18.118 +To perform a live migration, both hosts must be running Xen / \xend\
  18.119 +and the destination host must have sufficient resources (e.g.\ memory
  18.120 +capacity) to accommodate the domain after the move. Furthermore we
  18.121 +currently require both source and destination machines to be on the
  18.122 +same L2 subnet.
  18.123 +
  18.124 +Currently, there is no support for providing automatic remote access
  18.125 +to filesystems stored on local disk when a domain is migrated.
  18.126 +Administrators should choose an appropriate storage solution (i.e.\
  18.127 +SAN, NAS, etc.) to ensure that domain filesystems are also available
  18.128 +on their destination node. GNBD is a good method for exporting a
  18.129 +volume from one machine to another. iSCSI can do a similar job, but is
  18.130 +more complex to set up.
  18.131 +
  18.132 +When a domain migrates, it's MAC and IP address move with it, thus it
  18.133 +is only possible to migrate VMs within the same layer-2 network and IP
  18.134 +subnet. If the destination node is on a different subnet, the
  18.135 +administrator would need to manually configure a suitable etherip or
  18.136 +IP tunnel in the domain~0 of the remote node.
  18.137 +
  18.138 +A domain may be migrated using the \path{xm migrate} command.  To live
  18.139 +migrate a domain to another machine, we would use the command:
  18.140 +
  18.141 +\begin{verbatim}
  18.142 +# xm migrate --live mydomain destination.ournetwork.com
  18.143 +\end{verbatim}
  18.144 +
  18.145 +Without the \path{--live} flag, \xend\ simply stops the domain and
  18.146 +copies the memory image over to the new node and restarts it. Since
  18.147 +domains can have large allocations this can be quite time consuming,
  18.148 +even on a Gigabit network. With the \path{--live} flag \xend\ attempts
  18.149 +to keep the domain running while the migration is in progress,
  18.150 +resulting in typical `downtimes' of just 60--300ms.
  18.151 +
  18.152 +For now it will be necessary to reconnect to the domain's console on
  18.153 +the new machine using the \path{xm console} command.  If a migrated
  18.154 +domain has any open network connections then they will be preserved,
  18.155 +so SSH connections do not have this limitation.
  18.156 +
  18.157 +
  18.158 +\section{Managing Domain Memory}
  18.159 +
  18.160 +XenLinux domains have the ability to relinquish / reclaim machine
  18.161 +memory at the request of the administrator or the user of the domain.
  18.162 +
  18.163 +\subsection{Setting memory footprints from dom0}
  18.164 +
  18.165 +The machine administrator can request that a domain alter its memory
  18.166 +footprint using the \path{xm set-mem} command.  For instance, we can
  18.167 +request that our example ttylinux domain reduce its memory footprint
  18.168 +to 32 megabytes.
  18.169 +
  18.170 +\begin{verbatim}
  18.171 +# xm set-mem ttylinux 32
  18.172 +\end{verbatim}
  18.173 +
  18.174 +We can now see the result of this in the output of \path{xm list}:
  18.175 +
  18.176 +\begin{verbatim}
  18.177 +# xm list
  18.178 +Name              Id  Mem(MB)  CPU  State  Time(s)  Console
  18.179 +Domain-0           0      251    0  r----    172.2        
  18.180 +ttylinux           5       31    0  -b---      4.3    9605
  18.181 +\end{verbatim}
  18.182 +
  18.183 +The domain has responded to the request by returning memory to Xen. We
  18.184 +can restore the domain to its original size using the command line:
  18.185 +
  18.186 +\begin{verbatim}
  18.187 +# xm set-mem ttylinux 64
  18.188 +\end{verbatim}
  18.189 +
  18.190 +\subsection{Setting memory footprints from within a domain}
  18.191 +
  18.192 +The virtual file \path{/proc/xen/balloon} allows the owner of a domain
  18.193 +to adjust their own memory footprint.  Reading the file (e.g.\
  18.194 +\path{cat /proc/xen/balloon}) prints out the current memory footprint
  18.195 +of the domain.  Writing the file (e.g.\ \path{echo new\_target >
  18.196 +  /proc/xen/balloon}) requests that the kernel adjust the domain's
  18.197 +memory footprint to a new value.
  18.198 +
  18.199 +\subsection{Setting memory limits}
  18.200 +
  18.201 +Xen associates a memory size limit with each domain.  By default, this
  18.202 +is the amount of memory the domain is originally started with,
  18.203 +preventing the domain from ever growing beyond this size.  To permit a
  18.204 +domain to grow beyond its original allocation or to prevent a domain
  18.205 +you've shrunk from reclaiming the memory it relinquished, use the
  18.206 +\path{xm maxmem} command.
    19.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    19.2 +++ b/docs/src/user/glossary.tex	Thu Sep 22 11:42:01 2005 -0600
    19.3 @@ -0,0 +1,79 @@
    19.4 +\chapter{Glossary of Terms}
    19.5 +
    19.6 +\begin{description}
    19.7 +
    19.8 +\item[Atropos] One of the CPU schedulers provided by Xen.  Atropos
    19.9 +  provides domains with absolute shares of the CPU, with timeliness
   19.10 +  guarantees and a mechanism for sharing out `slack time'.
   19.11 +
   19.12 +\item[BVT] The BVT scheduler is used to give proportional fair shares
   19.13 +  of the CPU to domains.
   19.14 +
   19.15 +\item[Exokernel] A minimal piece of privileged code, similar to a {\bf
   19.16 +    microkernel} but providing a more `hardware-like' interface to the
   19.17 +  tasks it manages.  This is similar to a paravirtualising VMM like
   19.18 +  {\bf Xen} but was designed as a new operating system structure,
   19.19 +  rather than specifically to run multiple conventional OSs.
   19.20 +
   19.21 +\item[Domain] A domain is the execution context that contains a
   19.22 +  running {\bf virtual machine}.  The relationship between virtual
   19.23 +  machines and domains on Xen is similar to that between programs and
   19.24 +  processes in an operating system: a virtual machine is a persistent
   19.25 +  entity that resides on disk (somewhat like a program).  When it is
   19.26 +  loaded for execution, it runs in a domain.  Each domain has a {\bf
   19.27 +    domain ID}.
   19.28 +
   19.29 +\item[Domain 0] The first domain to be started on a Xen machine.
   19.30 +  Domain 0 is responsible for managing the system.
   19.31 +
   19.32 +\item[Domain ID] A unique identifier for a {\bf domain}, analogous to
   19.33 +  a process ID in an operating system.
   19.34 +
   19.35 +\item[Full virtualisation] An approach to virtualisation which
   19.36 +  requires no modifications to the hosted operating system, providing
   19.37 +  the illusion of a complete system of real hardware devices.
   19.38 +
   19.39 +\item[Hypervisor] An alternative term for {\bf VMM}, used because it
   19.40 +  means `beyond supervisor', since it is responsible for managing
   19.41 +  multiple `supervisor' kernels.
   19.42 +
   19.43 +\item[Live migration] A technique for moving a running virtual machine
   19.44 +  to another physical host, without stopping it or the services
   19.45 +  running on it.
   19.46 +
   19.47 +\item[Microkernel] A small base of code running at the highest
   19.48 +  hardware privilege level.  A microkernel is responsible for sharing
   19.49 +  CPU and memory (and sometimes other devices) between less privileged
   19.50 +  tasks running on the system.  This is similar to a VMM, particularly
   19.51 +  a {\bf paravirtualising} VMM but typically addressing a different
   19.52 +  problem space and providing different kind of interface.
   19.53 +
   19.54 +\item[NetBSD/Xen] A port of NetBSD to the Xen architecture.
   19.55 +
   19.56 +\item[Paravirtualisation] An approach to virtualisation which requires
   19.57 +  modifications to the operating system in order to run in a virtual
   19.58 +  machine.  Xen uses paravirtualisation but preserves binary
   19.59 +  compatibility for user space applications.
   19.60 +
   19.61 +\item[Shadow pagetables] A technique for hiding the layout of machine
   19.62 +  memory from a virtual machine's operating system.  Used in some {\bf
   19.63 +    VMMs} to provide the illusion of contiguous physical memory, in
   19.64 +  Xen this is used during {\bf live migration}.
   19.65 +
   19.66 +\item[Virtual Machine] The environment in which a hosted operating
   19.67 +  system runs, providing the abstraction of a dedicated machine.  A
   19.68 +  virtual machine may be identical to the underlying hardware (as in
   19.69 +  {\bf full virtualisation}, or it may differ, as in {\bf
   19.70 +    paravirtualisation}).
   19.71 +
   19.72 +\item[VMM] Virtual Machine Monitor - the software that allows multiple
   19.73 +  virtual machines to be multiplexed on a single physical machine.
   19.74 +
   19.75 +\item[Xen] Xen is a paravirtualising virtual machine monitor,
   19.76 +  developed primarily by the Systems Research Group at the University
   19.77 +  of Cambridge Computer Laboratory.
   19.78 +
   19.79 +\item[XenLinux] Official name for the port of the Linux kernel that
   19.80 +  runs on Xen.
   19.81 +
   19.82 +\end{description}
    20.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    20.2 +++ b/docs/src/user/installation.tex	Thu Sep 22 11:42:01 2005 -0600
    20.3 @@ -0,0 +1,394 @@
    20.4 +\chapter{Installation}
    20.5 +
    20.6 +The Xen distribution includes three main components: Xen itself, ports
    20.7 +of Linux 2.4 and 2.6 and NetBSD to run on Xen, and the userspace
    20.8 +tools required to manage a Xen-based system.  This chapter describes
    20.9 +how to install the Xen~2.0 distribution from source.  Alternatively,
   20.10 +there may be pre-built packages available as part of your operating
   20.11 +system distribution.
   20.12 +
   20.13 +
   20.14 +\section{Prerequisites}
   20.15 +\label{sec:prerequisites}
   20.16 +
   20.17 +The following is a full list of prerequisites.  Items marked `$\dag$'
   20.18 +are required by the \xend\ control tools, and hence required if you
   20.19 +want to run more than one virtual machine; items marked `$*$' are only
   20.20 +required if you wish to build from source.
   20.21 +\begin{itemize}
   20.22 +\item A working Linux distribution using the GRUB bootloader and
   20.23 +  running on a P6-class (or newer) CPU.
   20.24 +\item [$\dag$] The \path{iproute2} package.
   20.25 +\item [$\dag$] The Linux bridge-utils\footnote{Available from {\tt
   20.26 +      http://bridge.sourceforge.net}} (e.g., \path{/sbin/brctl})
   20.27 +\item [$\dag$] An installation of Twisted~v1.3 or
   20.28 +  above\footnote{Available from {\tt http://www.twistedmatrix.com}}.
   20.29 +  There may be a binary package available for your distribution;
   20.30 +  alternatively it can be installed by running `{\sl make
   20.31 +    install-twisted}' in the root of the Xen source tree.
   20.32 +\item [$*$] Build tools (gcc v3.2.x or v3.3.x, binutils, GNU make).
   20.33 +\item [$*$] Development installation of libcurl (e.g., libcurl-devel)
   20.34 +\item [$*$] Development installation of zlib (e.g., zlib-dev).
   20.35 +\item [$*$] Development installation of Python v2.2 or later (e.g.,
   20.36 +  python-dev).
   20.37 +\item [$*$] \LaTeX\ and transfig are required to build the
   20.38 +  documentation.
   20.39 +\end{itemize}
   20.40 +
   20.41 +Once you have satisfied the relevant prerequisites, you can now
   20.42 +install either a binary or source distribution of Xen.
   20.43 +
   20.44 +
   20.45 +\section{Installing from Binary Tarball}
   20.46 +
   20.47 +Pre-built tarballs are available for download from the Xen download
   20.48 +page
   20.49 +\begin{quote} {\tt http://xen.sf.net}
   20.50 +\end{quote}
   20.51 +
   20.52 +Once you've downloaded the tarball, simply unpack and install:
   20.53 +\begin{verbatim}
   20.54 +# tar zxvf xen-2.0-install.tgz
   20.55 +# cd xen-2.0-install
   20.56 +# sh ./install.sh
   20.57 +\end{verbatim}
   20.58 +
   20.59 +Once you've installed the binaries you need to configure your system
   20.60 +as described in Section~\ref{s:configure}.
   20.61 +
   20.62 +
   20.63 +\section{Installing from Source}
   20.64 +
   20.65 +This section describes how to obtain, build, and install Xen from
   20.66 +source.
   20.67 +
   20.68 +\subsection{Obtaining the Source}
   20.69 +
   20.70 +The Xen source tree is available as either a compressed source tar
   20.71 +ball or as a clone of our master BitKeeper repository.
   20.72 +
   20.73 +\begin{description}
   20.74 +\item[Obtaining the Source Tarball]\mbox{} \\
   20.75 +  Stable versions (and daily snapshots) of the Xen source tree are
   20.76 +  available as compressed tarballs from the Xen download page
   20.77 +  \begin{quote} {\tt http://xen.sf.net}
   20.78 +  \end{quote}
   20.79 +
   20.80 +\item[Using BitKeeper]\mbox{} \\
   20.81 +  If you wish to install Xen from a clone of our latest BitKeeper
   20.82 +  repository then you will need to install the BitKeeper tools.
   20.83 +  Download instructions for BitKeeper can be obtained by filling out
   20.84 +  the form at:
   20.85 +  \begin{quote} {\tt http://www.bitmover.com/cgi-bin/download.cgi}
   20.86 +\end{quote}
   20.87 +The public master BK repository for the 2.0 release lives at:
   20.88 +\begin{quote} {\tt bk://xen.bkbits.net/xen-2.0.bk}
   20.89 +\end{quote} 
   20.90 +You can use BitKeeper to download it and keep it updated with the
   20.91 +latest features and fixes.
   20.92 +
   20.93 +Change to the directory in which you want to put the source code, then
   20.94 +run:
   20.95 +\begin{verbatim}
   20.96 +# bk clone bk://xen.bkbits.net/xen-2.0.bk
   20.97 +\end{verbatim}
   20.98 +
   20.99 +Under your current directory, a new directory named \path{xen-2.0.bk}
  20.100 +has been created, which contains all the source code for Xen, the OS
  20.101 +ports, and the control tools. You can update your repository with the
  20.102 +latest changes at any time by running:
  20.103 +\begin{verbatim}
  20.104 +# cd xen-2.0.bk # to change into the local repository
  20.105 +# bk pull       # to update the repository
  20.106 +\end{verbatim}
  20.107 +\end{description}
  20.108 +
  20.109 +% \section{The distribution}
  20.110 +%
  20.111 +% The Xen source code repository is structured as follows:
  20.112 +%
  20.113 +% \begin{description}
  20.114 +% \item[\path{tools/}] Xen node controller daemon (Xend), command line
  20.115 +%   tools, control libraries
  20.116 +% \item[\path{xen/}] The Xen VMM.
  20.117 +% \item[\path{linux-*-xen-sparse/}] Xen support for Linux.
  20.118 +% \item[\path{linux-*-patches/}] Experimental patches for Linux.
  20.119 +% \item[\path{netbsd-*-xen-sparse/}] Xen support for NetBSD.
  20.120 +% \item[\path{docs/}] Various documentation files for users and
  20.121 +%   developers.
  20.122 +% \item[\path{extras/}] Bonus extras.
  20.123 +% \end{description}
  20.124 +
  20.125 +\subsection{Building from Source}
  20.126 +
  20.127 +The top-level Xen Makefile includes a target `world' that will do the
  20.128 +following:
  20.129 +
  20.130 +\begin{itemize}
  20.131 +\item Build Xen.
  20.132 +\item Build the control tools, including \xend.
  20.133 +\item Download (if necessary) and unpack the Linux 2.6 source code,
  20.134 +  and patch it for use with Xen.
  20.135 +\item Build a Linux kernel to use in domain 0 and a smaller
  20.136 +  unprivileged kernel, which can optionally be used for unprivileged
  20.137 +  virtual machines.
  20.138 +\end{itemize}
  20.139 +
  20.140 +After the build has completed you should have a top-level directory
  20.141 +called \path{dist/} in which all resulting targets will be placed; of
  20.142 +particular interest are the two kernels XenLinux kernel images, one
  20.143 +with a `-xen0' extension which contains hardware device drivers and
  20.144 +drivers for Xen's virtual devices, and one with a `-xenU' extension
  20.145 +that just contains the virtual ones. These are found in
  20.146 +\path{dist/install/boot/} along with the image for Xen itself and the
  20.147 +configuration files used during the build.
  20.148 +
  20.149 +The NetBSD port can be built using:
  20.150 +\begin{quote}
  20.151 +\begin{verbatim}
  20.152 +# make netbsd20
  20.153 +\end{verbatim}
  20.154 +\end{quote}
  20.155 +NetBSD port is built using a snapshot of the netbsd-2-0 cvs branch.
  20.156 +The snapshot is downloaded as part of the build process, if it is not
  20.157 +yet present in the \path{NETBSD\_SRC\_PATH} search path.  The build
  20.158 +process also downloads a toolchain which includes all the tools
  20.159 +necessary to build the NetBSD kernel under Linux.
  20.160 +
  20.161 +To customize further the set of kernels built you need to edit the
  20.162 +top-level Makefile. Look for the line:
  20.163 +
  20.164 +\begin{quote}
  20.165 +\begin{verbatim}
  20.166 +KERNELS ?= mk.linux-2.6-xen0 mk.linux-2.6-xenU
  20.167 +\end{verbatim}
  20.168 +\end{quote}
  20.169 +
  20.170 +You can edit this line to include any set of operating system kernels
  20.171 +which have configurations in the top-level \path{buildconfigs/}
  20.172 +directory, for example \path{mk.linux-2.4-xenU} to build a Linux 2.4
  20.173 +kernel containing only virtual device drivers.
  20.174 +
  20.175 +%% Inspect the Makefile if you want to see what goes on during a
  20.176 +%% build.  Building Xen and the tools is straightforward, but XenLinux
  20.177 +%% is more complicated.  The makefile needs a `pristine' Linux kernel
  20.178 +%% tree to which it will then add the Xen architecture files.  You can
  20.179 +%% tell the makefile the location of the appropriate Linux compressed
  20.180 +%% tar file by
  20.181 +%% setting the LINUX\_SRC environment variable, e.g. \\
  20.182 +%% \verb!# LINUX_SRC=/tmp/linux-2.6.11.tar.bz2 make world! \\ or by
  20.183 +%% placing the tar file somewhere in the search path of {\tt
  20.184 +%%   LINUX\_SRC\_PATH} which defaults to `{\tt .:..}'.  If the
  20.185 +%% makefile can't find a suitable kernel tar file it attempts to
  20.186 +%% download it from kernel.org (this won't work if you're behind a
  20.187 +%% firewall).
  20.188 +
  20.189 +%% After untaring the pristine kernel tree, the makefile uses the {\tt
  20.190 +%%   mkbuildtree} script to add the Xen patches to the kernel.
  20.191 +
  20.192 +
  20.193 +%% The procedure is similar to build the Linux 2.4 port: \\
  20.194 +%% \verb!# LINUX_SRC=/path/to/linux2.4/source make linux24!
  20.195 +
  20.196 +
  20.197 +%% \framebox{\parbox{5in}{
  20.198 +%%     {\bf Distro specific:} \\
  20.199 +%%     {\it Gentoo} --- if not using udev (most installations,
  20.200 +%%     currently), you'll need to enable devfs and devfs mount at boot
  20.201 +%%     time in the xen0 config.  }}
  20.202 +
  20.203 +\subsection{Custom XenLinux Builds}
  20.204 +
  20.205 +% If you have an SMP machine you may wish to give the {\tt '-j4'}
  20.206 +% argument to make to get a parallel build.
  20.207 +
  20.208 +If you wish to build a customized XenLinux kernel (e.g. to support
  20.209 +additional devices or enable distribution-required features), you can
  20.210 +use the standard Linux configuration mechanisms, specifying that the
  20.211 +architecture being built for is \path{xen}, e.g:
  20.212 +\begin{quote}
  20.213 +\begin{verbatim}
  20.214 +# cd linux-2.6.11-xen0
  20.215 +# make ARCH=xen xconfig
  20.216 +# cd ..
  20.217 +# make
  20.218 +\end{verbatim}
  20.219 +\end{quote}
  20.220 +
  20.221 +You can also copy an existing Linux configuration (\path{.config})
  20.222 +into \path{linux-2.6.11-xen0} and execute:
  20.223 +\begin{quote}
  20.224 +\begin{verbatim}
  20.225 +# make ARCH=xen oldconfig
  20.226 +\end{verbatim}
  20.227 +\end{quote}
  20.228 +
  20.229 +You may be prompted with some Xen-specific options; we advise
  20.230 +accepting the defaults for these options.
  20.231 +
  20.232 +Note that the only difference between the two types of Linux kernel
  20.233 +that are built is the configuration file used for each.  The `U'
  20.234 +suffixed (unprivileged) versions don't contain any of the physical
  20.235 +hardware device drivers, leading to a 30\% reduction in size; hence
  20.236 +you may prefer these for your non-privileged domains.  The `0'
  20.237 +suffixed privileged versions can be used to boot the system, as well
  20.238 +as in driver domains and unprivileged domains.
  20.239 +
  20.240 +\subsection{Installing the Binaries}
  20.241 +
  20.242 +The files produced by the build process are stored under the
  20.243 +\path{dist/install/} directory. To install them in their default
  20.244 +locations, do:
  20.245 +\begin{quote}
  20.246 +\begin{verbatim}
  20.247 +# make install
  20.248 +\end{verbatim}
  20.249 +\end{quote}
  20.250 +
  20.251 +Alternatively, users with special installation requirements may wish
  20.252 +to install them manually by copying the files to their appropriate
  20.253 +destinations.
  20.254 +
  20.255 +%% Files in \path{install/boot/} include:
  20.256 +%% \begin{itemize}
  20.257 +%% \item \path{install/boot/xen-2.0.gz} Link to the Xen 'kernel'
  20.258 +%% \item \path{install/boot/vmlinuz-2.6-xen0} Link to domain 0
  20.259 +%%   XenLinux kernel
  20.260 +%% \item \path{install/boot/vmlinuz-2.6-xenU} Link to unprivileged
  20.261 +%%   XenLinux kernel
  20.262 +%% \end{itemize}
  20.263 +
  20.264 +The \path{dist/install/boot} directory will also contain the config
  20.265 +files used for building the XenLinux kernels, and also versions of Xen
  20.266 +and XenLinux kernels that contain debug symbols (\path{xen-syms-2.0.6}
  20.267 +and \path{vmlinux-syms-2.6.11.11-xen0}) which are essential for
  20.268 +interpreting crash dumps.  Retain these files as the developers may
  20.269 +wish to see them if you post on the mailing list.
  20.270 +
  20.271 +
  20.272 +\section{Configuration}
  20.273 +\label{s:configure}
  20.274 +
  20.275 +Once you have built and installed the Xen distribution, it is simple
  20.276 +to prepare the machine for booting and running Xen.
  20.277 +
  20.278 +\subsection{GRUB Configuration}
  20.279 +
  20.280 +An entry should be added to \path{grub.conf} (often found under
  20.281 +\path{/boot/} or \path{/boot/grub/}) to allow Xen / XenLinux to boot.
  20.282 +This file is sometimes called \path{menu.lst}, depending on your
  20.283 +distribution.  The entry should look something like the following:
  20.284 +
  20.285 +{\small
  20.286 +\begin{verbatim}
  20.287 +title Xen 2.0 / XenLinux 2.6
  20.288 +  kernel /boot/xen-2.0.gz dom0_mem=131072
  20.289 +  module /boot/vmlinuz-2.6-xen0 root=/dev/sda4 ro console=tty0
  20.290 +\end{verbatim}
  20.291 +}
  20.292 +
  20.293 +The kernel line tells GRUB where to find Xen itself and what boot
  20.294 +parameters should be passed to it (in this case, setting domain 0's
  20.295 +memory allocation in kilobytes and the settings for the serial port).
  20.296 +For more details on the various Xen boot parameters see
  20.297 +Section~\ref{s:xboot}.
  20.298 +
  20.299 +The module line of the configuration describes the location of the
  20.300 +XenLinux kernel that Xen should start and the parameters that should
  20.301 +be passed to it (these are standard Linux parameters, identifying the
  20.302 +root device and specifying it be initially mounted read only and
  20.303 +instructing that console output be sent to the screen).  Some
  20.304 +distributions such as SuSE do not require the \path{ro} parameter.
  20.305 +
  20.306 +%% \framebox{\parbox{5in}{
  20.307 +%%     {\bf Distro specific:} \\
  20.308 +%%     {\it SuSE} --- Omit the {\tt ro} option from the XenLinux
  20.309 +%%     kernel command line, since the partition won't be remounted rw
  20.310 +%%     during boot.  }}
  20.311 +
  20.312 +
  20.313 +If you want to use an initrd, just add another \path{module} line to
  20.314 +the configuration, as usual:
  20.315 +
  20.316 +{\small
  20.317 +\begin{verbatim}
  20.318 +  module /boot/my_initrd.gz
  20.319 +\end{verbatim}
  20.320 +}
  20.321 +
  20.322 +As always when installing a new kernel, it is recommended that you do
  20.323 +not delete existing menu options from \path{menu.lst} --- you may want
  20.324 +to boot your old Linux kernel in future, particularly if you have
  20.325 +problems.
  20.326 +
  20.327 +\subsection{Serial Console (optional)}
  20.328 +
  20.329 +%% kernel /boot/xen-2.0.gz dom0_mem=131072 com1=115200,8n1
  20.330 +%% module /boot/vmlinuz-2.6-xen0 root=/dev/sda4 ro
  20.331 +
  20.332 +
  20.333 +In order to configure Xen serial console output, it is necessary to
  20.334 +add an boot option to your GRUB config; e.g.\ replace the above kernel
  20.335 +line with:
  20.336 +\begin{quote}
  20.337 +{\small
  20.338 +\begin{verbatim}
  20.339 +   kernel /boot/xen.gz dom0_mem=131072 com1=115200,8n1
  20.340 +\end{verbatim}}
  20.341 +\end{quote}
  20.342 +
  20.343 +This configures Xen to output on COM1 at 115,200 baud, 8 data bits, 1
  20.344 +stop bit and no parity. Modify these parameters for your set up.
  20.345 +
  20.346 +One can also configure XenLinux to share the serial console; to
  20.347 +achieve this append ``\path{console=ttyS0}'' to your module line.
  20.348 +
  20.349 +If you wish to be able to log in over the XenLinux serial console it
  20.350 +is necessary to add a line into \path{/etc/inittab}, just as per
  20.351 +regular Linux. Simply add the line:
  20.352 +\begin{quote} {\small {\tt c:2345:respawn:/sbin/mingetty ttyS0}}
  20.353 +\end{quote}
  20.354 +
  20.355 +and you should be able to log in. Note that to successfully log in as
  20.356 +root over the serial line will require adding \path{ttyS0} to
  20.357 +\path{/etc/securetty} in most modern distributions.
  20.358 +
  20.359 +\subsection{TLS Libraries}
  20.360 +
  20.361 +Users of the XenLinux 2.6 kernel should disable Thread Local Storage
  20.362 +(e.g.\ by doing a \path{mv /lib/tls /lib/tls.disabled}) before
  20.363 +attempting to run with a XenLinux kernel\footnote{If you boot without
  20.364 +  first disabling TLS, you will get a warning message during the boot
  20.365 +  process. In this case, simply perform the rename after the machine
  20.366 +  is up and then run \texttt{/sbin/ldconfig} to make it take effect.}.
  20.367 +You can always reenable it by restoring the directory to its original
  20.368 +location (i.e.\ \path{mv /lib/tls.disabled /lib/tls}).
  20.369 +
  20.370 +The reason for this is that the current TLS implementation uses
  20.371 +segmentation in a way that is not permissible under Xen.  If TLS is
  20.372 +not disabled, an emulation mode is used within Xen which reduces
  20.373 +performance substantially.
  20.374 +
  20.375 +We hope that this issue can be resolved by working with Linux
  20.376 +distribution vendors to implement a minor backward-compatible change
  20.377 +to the TLS library.
  20.378 +
  20.379 +
  20.380 +\section{Booting Xen}
  20.381 +
  20.382 +It should now be possible to restart the system and use Xen.  Reboot
  20.383 +as usual but choose the new Xen option when the Grub screen appears.
  20.384 +
  20.385 +What follows should look much like a conventional Linux boot.  The
  20.386 +first portion of the output comes from Xen itself, supplying low level
  20.387 +information about itself and the machine it is running on.  The
  20.388 +following portion of the output comes from XenLinux.
  20.389 +
  20.390 +You may see some errors during the XenLinux boot.  These are not
  20.391 +necessarily anything to worry about --- they may result from kernel
  20.392 +configuration differences between your XenLinux kernel and the one you
  20.393 +usually use.
  20.394 +
  20.395 +When the boot completes, you should be able to log into your system as
  20.396 +usual.  If you are unable to log in to your system running Xen, you
  20.397 +should still be able to reboot with your normal Linux kernel.
    21.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    21.2 +++ b/docs/src/user/introduction.tex	Thu Sep 22 11:42:01 2005 -0600
    21.3 @@ -0,0 +1,143 @@
    21.4 +\chapter{Introduction}
    21.5 +
    21.6 +
    21.7 +Xen is a \emph{paravirtualising} virtual machine monitor (VMM), or
    21.8 +`hypervisor', for the x86 processor architecture.  Xen can securely
    21.9 +execute multiple virtual machines on a single physical system with
   21.10 +close-to-native performance.  The virtual machine technology
   21.11 +facilitates enterprise-grade functionality, including:
   21.12 +
   21.13 +\begin{itemize}
   21.14 +\item Virtual machines with performance close to native hardware.
   21.15 +\item Live migration of running virtual machines between physical
   21.16 +  hosts.
   21.17 +\item Excellent hardware support (supports most Linux device drivers).
   21.18 +\item Sandboxed, re-startable device drivers.
   21.19 +\end{itemize}
   21.20 +
   21.21 +Paravirtualisation permits very high performance virtualisation, even
   21.22 +on architectures like x86 that are traditionally very hard to
   21.23 +virtualise.
   21.24 +
   21.25 +The drawback of this approach is that it requires operating systems to
   21.26 +be \emph{ported} to run on Xen.  Porting an OS to run on Xen is
   21.27 +similar to supporting a new hardware platform, however the process is
   21.28 +simplified because the paravirtual machine architecture is very
   21.29 +similar to the underlying native hardware. Even though operating
   21.30 +system kernels must explicitly support Xen, a key feature is that user
   21.31 +space applications and libraries \emph{do not} require modification.
   21.32 +
   21.33 +Xen support is available for increasingly many operating systems:
   21.34 +right now, Linux 2.4, Linux 2.6 and NetBSD are available for Xen 2.0.
   21.35 +A FreeBSD port is undergoing testing and will be incorporated into the
   21.36 +release soon. Other OS ports, including Plan 9, are in progress.  We
   21.37 +hope that that arch-xen patches will be incorporated into the
   21.38 +mainstream releases of these operating systems in due course (as has
   21.39 +already happened for NetBSD).
   21.40 +
   21.41 +Possible usage scenarios for Xen include:
   21.42 +
   21.43 +\begin{description}
   21.44 +\item [Kernel development.] Test and debug kernel modifications in a
   21.45 +  sandboxed virtual machine --- no need for a separate test machine.
   21.46 +\item [Multiple OS configurations.] Run multiple operating systems
   21.47 +  simultaneously, for instance for compatibility or QA purposes.
   21.48 +\item [Server consolidation.] Move multiple servers onto a single
   21.49 +  physical host with performance and fault isolation provided at
   21.50 +  virtual machine boundaries.
   21.51 +\item [Cluster computing.] Management at VM granularity provides more
   21.52 +  flexibility than separately managing each physical host, but better
   21.53 +  control and isolation than single-system image solutions,
   21.54 +  particularly by using live migration for load balancing.
   21.55 +\item [Hardware support for custom OSes.] Allow development of new
   21.56 +  OSes while benefiting from the wide-ranging hardware support of
   21.57 +  existing OSes such as Linux.
   21.58 +\end{description}
   21.59 +
   21.60 +
   21.61 +\section{Structure of a Xen-Based System}
   21.62 +
   21.63 +A Xen system has multiple layers, the lowest and most privileged of
   21.64 +which is Xen itself. 
   21.65 +
   21.66 +Xen in turn may host multiple \emph{guest} operating systems, each of
   21.67 +which is executed within a secure virtual machine (in Xen terminology,
   21.68 +a \emph{domain}). Domains are scheduled by Xen to make effective use
   21.69 +of the available physical CPUs.  Each guest OS manages its own
   21.70 +applications, which includes responsibility for scheduling each
   21.71 +application within the time allotted to the VM by Xen.
   21.72 +
   21.73 +The first domain, \emph{domain 0}, is created automatically when the
   21.74 +system boots and has special management privileges. Domain 0 builds
   21.75 +other domains and manages their virtual devices. It also performs
   21.76 +administrative tasks such as suspending, resuming and migrating other
   21.77 +virtual machines.
   21.78 +
   21.79 +Within domain 0, a process called \emph{xend} runs to manage the
   21.80 +system.  \Xend is responsible for managing virtual machines and
   21.81 +providing access to their consoles.  Commands are issued to \xend over
   21.82 +an HTTP interface, either from a command-line tool or from a web
   21.83 +browser.
   21.84 +
   21.85 +
   21.86 +\section{Hardware Support}
   21.87 +
   21.88 +Xen currently runs only on the x86 architecture, requiring a `P6' or
   21.89 +newer processor (e.g. Pentium Pro, Celeron, Pentium II, Pentium III,
   21.90 +Pentium IV, Xeon, AMD Athlon, AMD Duron).  Multiprocessor machines are
   21.91 +supported, and we also have basic support for HyperThreading (SMT),
   21.92 +although this remains a topic for ongoing research. A port
   21.93 +specifically for x86/64 is in progress, although Xen already runs on
   21.94 +such systems in 32-bit legacy mode. In addition a port to the IA64
   21.95 +architecture is approaching completion. We hope to add other
   21.96 +architectures such as PPC and ARM in due course.
   21.97 +
   21.98 +Xen can currently use up to 4GB of memory.  It is possible for x86
   21.99 +machines to address up to 64GB of physical memory but there are no
  21.100 +current plans to support these systems: The x86/64 port is the planned
  21.101 +route to supporting larger memory sizes.
  21.102 +
  21.103 +Xen offloads most of the hardware support issues to the guest OS
  21.104 +running in Domain~0.  Xen itself contains only the code required to
  21.105 +detect and start secondary processors, set up interrupt routing, and
  21.106 +perform PCI bus enumeration.  Device drivers run within a privileged
  21.107 +guest OS rather than within Xen itself. This approach provides
  21.108 +compatibility with the majority of device hardware supported by Linux.
  21.109 +The default XenLinux build contains support for relatively modern
  21.110 +server-class network and disk hardware, but you can add support for
  21.111 +other hardware by configuring your XenLinux kernel in the normal way.
  21.112 +
  21.113 +
  21.114 +\section{History}
  21.115 +
  21.116 +Xen was originally developed by the Systems Research Group at the
  21.117 +University of Cambridge Computer Laboratory as part of the XenoServers
  21.118 +project, funded by the UK-EPSRC.
  21.119 +
  21.120 +XenoServers aim to provide a `public infrastructure for global
  21.121 +distributed computing', and Xen plays a key part in that, allowing us
  21.122 +to efficiently partition a single machine to enable multiple
  21.123 +independent clients to run their operating systems and applications in
  21.124 +an environment providing protection, resource isolation and
  21.125 +accounting.  The project web page contains further information along
  21.126 +with pointers to papers and technical reports:
  21.127 +\path{http://www.cl.cam.ac.uk/xeno}
  21.128 +
  21.129 +Xen has since grown into a fully-fledged project in its own right,
  21.130 +enabling us to investigate interesting research issues regarding the
  21.131 +best techniques for virtualising resources such as the CPU, memory,
  21.132 +disk and network.  The project has been bolstered by support from
  21.133 +Intel Research Cambridge, and HP Labs, who are now working closely
  21.134 +with us.
  21.135 +
  21.136 +Xen was first described in a paper presented at SOSP in
  21.137 +2003\footnote{\tt
  21.138 +  http://www.cl.cam.ac.uk/netos/papers/2003-xensosp.pdf}, and the
  21.139 +first public release (1.0) was made that October.  Since then, Xen has
  21.140 +significantly matured and is now used in production scenarios on many
  21.141 +sites.
  21.142 +
  21.143 +Xen 2.0 features greatly enhanced hardware support, configuration
  21.144 +flexibility, usability and a larger complement of supported operating
  21.145 +systems. This latest release takes Xen a step closer to becoming the
  21.146 +definitive open source solution for virtualisation.
    22.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    22.2 +++ b/docs/src/user/redhat.tex	Thu Sep 22 11:42:01 2005 -0600
    22.3 @@ -0,0 +1,61 @@
    22.4 +\chapter{Installing Xen / XenLinux on Red~Hat or Fedora Core}
    22.5 +
    22.6 +When using Xen / XenLinux on a standard Linux distribution there are a
    22.7 +couple of things to watch out for:
    22.8 +
    22.9 +Note that, because domains greater than 0 don't have any privileged
   22.10 +access at all, certain commands in the default boot sequence will fail
   22.11 +e.g.\ attempts to update the hwclock, change the console font, update
   22.12 +the keytable map, start apmd (power management), or gpm (mouse
   22.13 +cursor).  Either ignore the errors (they should be harmless), or
   22.14 +remove them from the startup scripts.  Deleting the following links
   22.15 +are a good start: {\path{S24pcmcia}}, {\path{S09isdn}},
   22.16 +{\path{S17keytable}}, {\path{S26apmd}}, {\path{S85gpm}}.
   22.17 +
   22.18 +If you want to use a single root file system that works cleanly for
   22.19 +both domain~0 and unprivileged domains, a useful trick is to use
   22.20 +different `init' run levels. For example, use run level 3 for
   22.21 +domain~0, and run level 4 for other domains. This enables different
   22.22 +startup scripts to be run in depending on the run level number passed
   22.23 +on the kernel command line.
   22.24 +
   22.25 +If using NFS root files systems mounted either from an external server
   22.26 +or from domain0 there are a couple of other gotchas.  The default
   22.27 +{\path{/etc/sysconfig/iptables}} rules block NFS, so part way through
   22.28 +the boot sequence things will suddenly go dead.
   22.29 +
   22.30 +If you're planning on having a separate NFS {\path{/usr}} partition,
   22.31 +the RH9 boot scripts don't make life easy - they attempt to mount NFS
   22.32 +file systems way to late in the boot process. The easiest way I found
   22.33 +to do this was to have a {\path{/linuxrc}} script run ahead of
   22.34 +{\path{/sbin/init}} that mounts {\path{/usr}}:
   22.35 +
   22.36 +\begin{quote}
   22.37 +  \begin{small}\begin{verbatim}
   22.38 + #!/bin/bash
   22.39 + /sbin/ipconfig lo 127.0.0.1
   22.40 + /sbin/portmap
   22.41 + /bin/mount /usr
   22.42 + exec /sbin/init "$@" <>/dev/console 2>&1
   22.43 +\end{verbatim}\end{small}
   22.44 +\end{quote}
   22.45 +
   22.46 +%% $ XXX SMH: font lock fix :-)
   22.47 +
   22.48 +The one slight complication with the above is that
   22.49 +{\path{/sbin/portmap}} is dynamically linked against
   22.50 +{\path{/usr/lib/libwrap.so.0}} Since this is in {\path{/usr}}, it
   22.51 +won't work. This can be solved by copying the file (and link) below
   22.52 +the {\path{/usr}} mount point, and just let the file be `covered' when
   22.53 +the mount happens.
   22.54 +
   22.55 +In some installations, where a shared read-only {\path{/usr}} is being
   22.56 +used, it may be desirable to move other large directories over into
   22.57 +the read-only {\path{/usr}}. For example, you might replace
   22.58 +{\path{/bin}}, {\path{/lib}} and {\path{/sbin}} with links into
   22.59 +{\path{/usr/root/bin}}, {\path{/usr/root/lib}} and
   22.60 +{\path{/usr/root/sbin}} respectively. This creates other problems for
   22.61 +running the {\path{/linuxrc}} script, requiring bash, portmap, mount,
   22.62 +ifconfig, and a handful of other shared libraries to be copied below
   22.63 +the mount point --- a simple statically-linked C program would solve
   22.64 +this problem.
    23.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    23.2 +++ b/docs/src/user/start_addl_dom.tex	Thu Sep 22 11:42:01 2005 -0600
    23.3 @@ -0,0 +1,172 @@
    23.4 +\chapter{Starting Additional Domains}
    23.5 +
    23.6 +The first step in creating a new domain is to prepare a root
    23.7 +filesystem for it to boot from.  Typically, this might be stored in a
    23.8 +normal partition, an LVM or other volume manager partition, a disk
    23.9 +file or on an NFS server.  A simple way to do this is simply to boot
   23.10 +from your standard OS install CD and install the distribution into
   23.11 +another partition on your hard drive.
   23.12 +
   23.13 +To start the \xend\ control daemon, type
   23.14 +\begin{quote}
   23.15 +  \verb!# xend start!
   23.16 +\end{quote}
   23.17 +
   23.18 +If you wish the daemon to start automatically, see the instructions in
   23.19 +Section~\ref{s:xend}. Once the daemon is running, you can use the
   23.20 +\path{xm} tool to monitor and maintain the domains running on your
   23.21 +system. This chapter provides only a brief tutorial. We provide full
   23.22 +details of the \path{xm} tool in the next chapter.
   23.23 +
   23.24 +% \section{From the web interface}
   23.25 +%
   23.26 +% Boot the Xen machine and start Xensv (see Chapter~\ref{cha:xensv}
   23.27 +% for more details) using the command: \\
   23.28 +% \verb_# xensv start_ \\
   23.29 +% This will also start Xend (see Chapter~\ref{cha:xend} for more
   23.30 +% information).
   23.31 +%
   23.32 +% The domain management interface will then be available at {\tt
   23.33 +%   http://your\_machine:8080/}.  This provides a user friendly wizard
   23.34 +% for starting domains and functions for managing running domains.
   23.35 +%
   23.36 +% \section{From the command line}
   23.37 +
   23.38 +
   23.39 +\section{Creating a Domain Configuration File}
   23.40 +
   23.41 +Before you can start an additional domain, you must create a
   23.42 +configuration file. We provide two example files which you can use as
   23.43 +a starting point:
   23.44 +\begin{itemize}
   23.45 +\item \path{/etc/xen/xmexample1} is a simple template configuration
   23.46 +  file for describing a single VM.
   23.47 +
   23.48 +\item \path{/etc/xen/xmexample2} file is a template description that
   23.49 +  is intended to be reused for multiple virtual machines.  Setting the
   23.50 +  value of the \path{vmid} variable on the \path{xm} command line
   23.51 +  fills in parts of this template.
   23.52 +\end{itemize}
   23.53 +
   23.54 +Copy one of these files and edit it as appropriate.  Typical values
   23.55 +you may wish to edit include:
   23.56 +
   23.57 +\begin{quote}
   23.58 +\begin{description}
   23.59 +\item[kernel] Set this to the path of the kernel you compiled for use
   23.60 +  with Xen (e.g.\ \path{kernel = `/boot/vmlinuz-2.6-xenU'})
   23.61 +\item[memory] Set this to the size of the domain's memory in megabytes
   23.62 +  (e.g.\ \path{memory = 64})
   23.63 +\item[disk] Set the first entry in this list to calculate the offset
   23.64 +  of the domain's root partition, based on the domain ID.  Set the
   23.65 +  second to the location of \path{/usr} if you are sharing it between
   23.66 +  domains (e.g.\ \path{disk = [`phy:your\_hard\_drive\%d,sda1,w' \%
   23.67 +    (base\_partition\_number + vmid),
   23.68 +    `phy:your\_usr\_partition,sda6,r' ]}
   23.69 +\item[dhcp] Uncomment the dhcp variable, so that the domain will
   23.70 +  receive its IP address from a DHCP server (e.g.\ \path{dhcp=`dhcp'})
   23.71 +\end{description}
   23.72 +\end{quote}
   23.73 +
   23.74 +You may also want to edit the {\bf vif} variable in order to choose
   23.75 +the MAC address of the virtual ethernet interface yourself.  For
   23.76 +example:
   23.77 +\begin{quote}
   23.78 +\verb_vif = [`mac=00:06:AA:F6:BB:B3']_
   23.79 +\end{quote}
   23.80 +If you do not set this variable, \xend\ will automatically generate a
   23.81 +random MAC address from an unused range.
   23.82 +
   23.83 +
   23.84 +\section{Booting the Domain}
   23.85 +
   23.86 +The \path{xm} tool provides a variety of commands for managing
   23.87 +domains.  Use the \path{create} command to start new domains. Assuming
   23.88 +you've created a configuration file \path{myvmconf} based around
   23.89 +\path{/etc/xen/xmexample2}, to start a domain with virtual machine
   23.90 +ID~1 you should type:
   23.91 +
   23.92 +\begin{quote}
   23.93 +\begin{verbatim}
   23.94 +# xm create -c myvmconf vmid=1
   23.95 +\end{verbatim}
   23.96 +\end{quote}
   23.97 +
   23.98 +The \path{-c} switch causes \path{xm} to turn into the domain's
   23.99 +console after creation.  The \path{vmid=1} sets the \path{vmid}
  23.100 +variable used in the \path{myvmconf} file.
  23.101 +
  23.102 +You should see the console boot messages from the new domain appearing
  23.103 +in the terminal in which you typed the command, culminating in a login
  23.104 +prompt.
  23.105 +
  23.106 +
  23.107 +\section{Example: ttylinux}
  23.108 +
  23.109 +Ttylinux is a very small Linux distribution, designed to require very
  23.110 +few resources.  We will use it as a concrete example of how to start a
  23.111 +Xen domain.  Most users will probably want to install a full-featured
  23.112 +distribution once they have mastered the basics\footnote{ttylinux is
  23.113 +  maintained by Pascal Schmidt. You can download source packages from
  23.114 +  the distribution's home page: {\tt
  23.115 +    http://www.minimalinux.org/ttylinux/}}.
  23.116 +
  23.117 +\begin{enumerate}
  23.118 +\item Download and extract the ttylinux disk image from the Files
  23.119 +  section of the project's SourceForge site (see
  23.120 +  \path{http://sf.net/projects/xen/}).
  23.121 +\item Create a configuration file like the following:
  23.122 +\begin{verbatim}
  23.123 +kernel = "/boot/vmlinuz-2.6-xenU"
  23.124 +memory = 64
  23.125 +name = "ttylinux"
  23.126 +nics = 1
  23.127 +ip = "1.2.3.4"
  23.128 +disk = ['file:/path/to/ttylinux/rootfs,sda1,w']
  23.129 +root = "/dev/sda1 ro"
  23.130 +\end{verbatim}
  23.131 +\item Now start the domain and connect to its console:
  23.132 +\begin{verbatim}
  23.133 +xm create configfile -c
  23.134 +\end{verbatim}
  23.135 +\item Login as root, password root.
  23.136 +\end{enumerate}
  23.137 +
  23.138 +
  23.139 +\section{Starting / Stopping Domains Automatically}
  23.140 +
  23.141 +It is possible to have certain domains start automatically at boot
  23.142 +time and to have dom0 wait for all running domains to shutdown before
  23.143 +it shuts down the system.
  23.144 +
  23.145 +To specify a domain is to start at boot-time, place its configuration
  23.146 +file (or a link to it) under \path{/etc/xen/auto/}.
  23.147 +
  23.148 +A Sys-V style init script for Red Hat and LSB-compliant systems is
  23.149 +provided and will be automatically copied to \path{/etc/init.d/}
  23.150 +during install.  You can then enable it in the appropriate way for
  23.151 +your distribution.
  23.152 +
  23.153 +For instance, on Red Hat:
  23.154 +
  23.155 +\begin{quote}
  23.156 +  \verb_# chkconfig --add xendomains_
  23.157 +\end{quote}
  23.158 +
  23.159 +By default, this will start the boot-time domains in runlevels 3, 4
  23.160 +and 5.
  23.161 +
  23.162 +You can also use the \path{service} command to run this script
  23.163 +manually, e.g:
  23.164 +
  23.165 +\begin{quote}
  23.166 +  \verb_# service xendomains start_
  23.167 +
  23.168 +  Starts all the domains with config files under /etc/xen/auto/.
  23.169 +\end{quote}
  23.170 +
  23.171 +\begin{quote}
  23.172 +  \verb_# service xendomains stop_
  23.173 +
  23.174 +  Shuts down ALL running Xen domains.
  23.175 +\end{quote}
    24.1 --- a/extras/mini-os/xenbus/xenbus_xs.c	Thu Sep 22 11:34:14 2005 -0600
    24.2 +++ b/extras/mini-os/xenbus/xenbus_xs.c	Thu Sep 22 11:42:01 2005 -0600
    24.3 @@ -127,7 +127,7 @@ static void *xs_talkv(enum xsd_sockmsg_t
    24.4  		return ERR_PTR(err);
    24.5  
    24.6  	for (i = 0; i < num_vecs; i++) {
    24.7 -		err = xb_write(iovec[i].iov_base, iovec[i].iov_len);;
    24.8 +		err = xb_write(iovec[i].iov_base, iovec[i].iov_len);
    24.9  		if (err)
   24.10  			return ERR_PTR(err);
   24.11  	}
    25.1 --- a/linux-2.6-xen-sparse/arch/xen/Kconfig	Thu Sep 22 11:34:14 2005 -0600
    25.2 +++ b/linux-2.6-xen-sparse/arch/xen/Kconfig	Thu Sep 22 11:42:01 2005 -0600
    25.3 @@ -73,6 +73,8 @@ config XEN_NETDEV_BACKEND
    25.4  config XEN_TPMDEV_FRONTEND
    25.5          bool "TPM-device frontend driver"
    25.6          default n
    25.7 +	select TCG_TPM
    25.8 +	select TCG_XEN
    25.9          help
   25.10            The TPM-device frontend driver.
   25.11  
   25.12 @@ -109,13 +111,6 @@ config XEN_NETDEV_FRONTEND
   25.13  	  dedicated device-driver domain, or your master control domain
   25.14  	  (domain 0), then you almost certainly want to say Y here.
   25.15  
   25.16 -config XEN_NETDEV_GRANT
   25.17 -        bool "Grant table substrate for network drivers (DANGEROUS)"
   25.18 -        default n
   25.19 -        help
   25.20 -          This introduces the use of grant tables as a data exhange mechanism
   25.21 -          between the frontend and backend network drivers.
   25.22 -
   25.23  config XEN_NETDEV_FRONTEND_PIPELINED_TRANSMITTER
   25.24  	bool "Pipelined transmitter (DANGEROUS)"
   25.25  	depends on XEN_NETDEV_FRONTEND
    26.1 --- a/linux-2.6-xen-sparse/arch/xen/configs/xen0_defconfig_x86_32	Thu Sep 22 11:34:14 2005 -0600
    26.2 +++ b/linux-2.6-xen-sparse/arch/xen/configs/xen0_defconfig_x86_32	Thu Sep 22 11:42:01 2005 -0600
    26.3 @@ -19,7 +19,6 @@ CONFIG_XEN_NETDEV_BACKEND=y
    26.4  # CONFIG_XEN_TPMDEV_BACKEND is not set
    26.5  CONFIG_XEN_BLKDEV_FRONTEND=y
    26.6  CONFIG_XEN_NETDEV_FRONTEND=y
    26.7 -CONFIG_XEN_NETDEV_GRANT=y
    26.8  # CONFIG_XEN_NETDEV_FRONTEND_PIPELINED_TRANSMITTER is not set
    26.9  # CONFIG_XEN_BLKDEV_TAP is not set
   26.10  # CONFIG_XEN_SHADOW_MODE is not set
    27.1 --- a/linux-2.6-xen-sparse/arch/xen/configs/xen0_defconfig_x86_64	Thu Sep 22 11:34:14 2005 -0600
    27.2 +++ b/linux-2.6-xen-sparse/arch/xen/configs/xen0_defconfig_x86_64	Thu Sep 22 11:42:01 2005 -0600
    27.3 @@ -19,7 +19,6 @@ CONFIG_XEN_NETDEV_BACKEND=y
    27.4  # CONFIG_XEN_TPMDEV_BACKEND is not set
    27.5  CONFIG_XEN_BLKDEV_FRONTEND=y
    27.6  CONFIG_XEN_NETDEV_FRONTEND=y
    27.7 -CONFIG_XEN_NETDEV_GRANT=y
    27.8  # CONFIG_XEN_NETDEV_FRONTEND_PIPELINED_TRANSMITTER is not set
    27.9  # CONFIG_XEN_BLKDEV_TAP is not set
   27.10  # CONFIG_XEN_SHADOW_MODE is not set
    28.1 --- a/linux-2.6-xen-sparse/arch/xen/configs/xenU_defconfig_x86_32	Thu Sep 22 11:34:14 2005 -0600
    28.2 +++ b/linux-2.6-xen-sparse/arch/xen/configs/xenU_defconfig_x86_32	Thu Sep 22 11:42:01 2005 -0600
    28.3 @@ -16,7 +16,6 @@ CONFIG_NO_IDLE_HZ=y
    28.4  # CONFIG_XEN_TPMDEV_BACKEND is not set
    28.5  CONFIG_XEN_BLKDEV_FRONTEND=y
    28.6  CONFIG_XEN_NETDEV_FRONTEND=y
    28.7 -CONFIG_XEN_NETDEV_GRANT=y
    28.8  # CONFIG_XEN_NETDEV_FRONTEND_PIPELINED_TRANSMITTER is not set
    28.9  # CONFIG_XEN_BLKDEV_TAP is not set
   28.10  # CONFIG_XEN_SHADOW_MODE is not set
    29.1 --- a/linux-2.6-xen-sparse/arch/xen/configs/xenU_defconfig_x86_64	Thu Sep 22 11:34:14 2005 -0600
    29.2 +++ b/linux-2.6-xen-sparse/arch/xen/configs/xenU_defconfig_x86_64	Thu Sep 22 11:42:01 2005 -0600
    29.3 @@ -16,7 +16,6 @@ CONFIG_NO_IDLE_HZ=y
    29.4  # CONFIG_XEN_TPMDEV_BACKEND is not set
    29.5  CONFIG_XEN_BLKDEV_FRONTEND=y
    29.6  CONFIG_XEN_NETDEV_FRONTEND=y
    29.7 -CONFIG_XEN_NETDEV_GRANT=y
    29.8  # CONFIG_XEN_NETDEV_FRONTEND_PIPELINED_TRANSMITTER is not set
    29.9  # CONFIG_XEN_BLKDEV_TAP is not set
   29.10  # CONFIG_XEN_SHADOW_MODE is not set
    30.1 --- a/linux-2.6-xen-sparse/arch/xen/configs/xen_defconfig_x86_32	Thu Sep 22 11:34:14 2005 -0600
    30.2 +++ b/linux-2.6-xen-sparse/arch/xen/configs/xen_defconfig_x86_32	Thu Sep 22 11:42:01 2005 -0600
    30.3 @@ -19,7 +19,6 @@ CONFIG_XEN_NETDEV_BACKEND=y
    30.4  # CONFIG_XEN_TPMDEV_BACKEND is not set
    30.5  CONFIG_XEN_BLKDEV_FRONTEND=y
    30.6  CONFIG_XEN_NETDEV_FRONTEND=y
    30.7 -CONFIG_XEN_NETDEV_GRANT=y
    30.8  # CONFIG_XEN_NETDEV_FRONTEND_PIPELINED_TRANSMITTER is not set
    30.9  # CONFIG_XEN_BLKDEV_TAP is not set
   30.10  # CONFIG_XEN_SHADOW_MODE is not set
   30.11 @@ -372,7 +371,7 @@ CONFIG_PNP=y
   30.12  #
   30.13  CONFIG_ISAPNP=y
   30.14  # CONFIG_PNPBIOS is not set
   30.15 -CONFIG_PNPACPI=y
   30.16 +# CONFIG_PNPACPI is not set
   30.17  
   30.18  #
   30.19  # Block devices
    31.1 --- a/linux-2.6-xen-sparse/arch/xen/configs/xen_defconfig_x86_64	Thu Sep 22 11:34:14 2005 -0600
    31.2 +++ b/linux-2.6-xen-sparse/arch/xen/configs/xen_defconfig_x86_64	Thu Sep 22 11:42:01 2005 -0600
    31.3 @@ -19,7 +19,6 @@ CONFIG_XEN_NETDEV_BACKEND=y
    31.4  # CONFIG_XEN_TPMDEV_BACKEND is not set
    31.5  CONFIG_XEN_BLKDEV_FRONTEND=y
    31.6  CONFIG_XEN_NETDEV_FRONTEND=y
    31.7 -CONFIG_XEN_NETDEV_GRANT=y
    31.8  # CONFIG_XEN_NETDEV_FRONTEND_PIPELINED_TRANSMITTER is not set
    31.9  # CONFIG_XEN_BLKDEV_TAP is not set
   31.10  # CONFIG_XEN_SHADOW_MODE is not set
    32.1 --- a/linux-2.6-xen-sparse/arch/xen/i386/mm/ioremap.c	Thu Sep 22 11:34:14 2005 -0600
    32.2 +++ b/linux-2.6-xen-sparse/arch/xen/i386/mm/ioremap.c	Thu Sep 22 11:42:01 2005 -0600
    32.3 @@ -45,12 +45,12 @@ static int direct_remap_area_pte_fn(pte_
    32.4  	return 0;
    32.5  }
    32.6  
    32.7 -int direct_remap_pfn_range(struct mm_struct *mm,
    32.8 -			    unsigned long address, 
    32.9 -			    unsigned long mfn,
   32.10 -			    unsigned long size, 
   32.11 -			    pgprot_t prot,
   32.12 -			    domid_t  domid)
   32.13 +static int __direct_remap_pfn_range(struct mm_struct *mm,
   32.14 +				    unsigned long address, 
   32.15 +				    unsigned long mfn,
   32.16 +				    unsigned long size, 
   32.17 +				    pgprot_t prot,
   32.18 +				    domid_t  domid)
   32.19  {
   32.20  	int i;
   32.21  	unsigned long start_address;
   32.22 @@ -98,6 +98,20 @@ int direct_remap_pfn_range(struct mm_str
   32.23  	return 0;
   32.24  }
   32.25  
   32.26 +int direct_remap_pfn_range(struct vm_area_struct *vma,
   32.27 +			   unsigned long address, 
   32.28 +			   unsigned long mfn,
   32.29 +			   unsigned long size, 
   32.30 +			   pgprot_t prot,
   32.31 +			   domid_t  domid)
   32.32 +{
   32.33 +	/* Same as remap_pfn_range(). */
   32.34 +	vma->vm_flags |= VM_IO | VM_RESERVED;
   32.35 +
   32.36 +	return __direct_remap_pfn_range(
   32.37 +		vma->vm_mm, address, mfn, size, prot, domid);
   32.38 +}
   32.39 +
   32.40  EXPORT_SYMBOL(direct_remap_pfn_range);
   32.41  
   32.42  
   32.43 @@ -221,8 +235,9 @@ void __iomem * __ioremap(unsigned long p
   32.44  #ifdef __x86_64__
   32.45  	flags |= _PAGE_USER;
   32.46  #endif
   32.47 -	if (direct_remap_pfn_range(&init_mm, (unsigned long) addr, phys_addr>>PAGE_SHIFT,
   32.48 -				    size, __pgprot(flags), domid)) {
   32.49 +	if (__direct_remap_pfn_range(&init_mm, (unsigned long)addr,
   32.50 +				     phys_addr>>PAGE_SHIFT,
   32.51 +				     size, __pgprot(flags), domid)) {
   32.52  		vunmap((void __force *) addr);
   32.53  		return NULL;
   32.54  	}
    33.1 --- a/linux-2.6-xen-sparse/arch/xen/i386/pci/i386.c	Thu Sep 22 11:34:14 2005 -0600
    33.2 +++ b/linux-2.6-xen-sparse/arch/xen/i386/pci/i386.c	Thu Sep 22 11:42:01 2005 -0600
    33.3 @@ -295,7 +295,7 @@ int pci_mmap_page_range(struct pci_dev *
    33.4  	/* Write-combine setting is ignored, it is changed via the mtrr
    33.5  	 * interfaces on this platform.
    33.6  	 */
    33.7 -	if (direct_remap_pfn_range(vma->vm_mm, vma->vm_start, vma->vm_pgoff,
    33.8 +	if (direct_remap_pfn_range(vma, vma->vm_start, vma->vm_pgoff,
    33.9  				   vma->vm_end - vma->vm_start,
   33.10  				   vma->vm_page_prot, DOMID_IO))
   33.11  		return -EAGAIN;
    34.1 --- a/linux-2.6-xen-sparse/arch/xen/kernel/devmem.c	Thu Sep 22 11:34:14 2005 -0600
    34.2 +++ b/linux-2.6-xen-sparse/arch/xen/kernel/devmem.c	Thu Sep 22 11:42:01 2005 -0600
    34.3 @@ -90,22 +90,10 @@ out:
    34.4  
    34.5  static int mmap_mem(struct file * file, struct vm_area_struct * vma)
    34.6  {
    34.7 -	int uncached;
    34.8 -
    34.9 -	uncached = uncached_access(file);
   34.10 -	if (uncached)
   34.11 +	if (uncached_access(file))
   34.12  		vma->vm_page_prot = pgprot_noncached(vma->vm_page_prot);
   34.13  
   34.14 -	/* Don't try to swap out physical pages.. */
   34.15 -	vma->vm_flags |= VM_RESERVED;
   34.16 -
   34.17 -	/*
   34.18 -	 * Don't dump addresses that are not real memory to a core file.
   34.19 -	 */
   34.20 -	if (uncached)
   34.21 -		vma->vm_flags |= VM_IO;
   34.22 -
   34.23 -	if (direct_remap_pfn_range(vma->vm_mm, vma->vm_start, vma->vm_pgoff,
   34.24 +	if (direct_remap_pfn_range(vma, vma->vm_start, vma->vm_pgoff,
   34.25  				   vma->vm_end - vma->vm_start,
   34.26  				   vma->vm_page_prot, DOMID_IO))
   34.27  		return -EAGAIN;
    35.1 --- a/linux-2.6-xen-sparse/arch/xen/kernel/gnttab.c	Thu Sep 22 11:34:14 2005 -0600
    35.2 +++ b/linux-2.6-xen-sparse/arch/xen/kernel/gnttab.c	Thu Sep 22 11:42:01 2005 -0600
    35.3 @@ -182,14 +182,14 @@ gnttab_end_foreign_access(grant_ref_t re
    35.4  }
    35.5  
    35.6  int
    35.7 -gnttab_grant_foreign_transfer(domid_t domid, unsigned long pfn)
    35.8 +gnttab_grant_foreign_transfer(domid_t domid)
    35.9  {
   35.10      int ref;
   35.11  
   35.12      if ( unlikely((ref = get_free_entry()) == -1) )
   35.13          return -ENOSPC;
   35.14  
   35.15 -    shared[ref].frame = pfn;
   35.16 +    shared[ref].frame = 0;
   35.17      shared[ref].domid = domid;
   35.18      wmb();
   35.19      shared[ref].flags = GTF_accept_transfer;
   35.20 @@ -198,10 +198,9 @@ gnttab_grant_foreign_transfer(domid_t do
   35.21  }
   35.22  
   35.23  void
   35.24 -gnttab_grant_foreign_transfer_ref(grant_ref_t ref, domid_t domid,
   35.25 -				  unsigned long pfn)
   35.26 +gnttab_grant_foreign_transfer_ref(grant_ref_t ref, domid_t domid)
   35.27  {
   35.28 -    shared[ref].frame = pfn;
   35.29 +    shared[ref].frame = 0;
   35.30      shared[ref].domid = domid;
   35.31      wmb();
   35.32      shared[ref].flags = GTF_accept_transfer;
    36.1 --- a/linux-2.6-xen-sparse/arch/xen/kernel/reboot.c	Thu Sep 22 11:34:14 2005 -0600
    36.2 +++ b/linux-2.6-xen-sparse/arch/xen/kernel/reboot.c	Thu Sep 22 11:42:01 2005 -0600
    36.3 @@ -334,7 +334,7 @@ static void shutdown_handler(struct xenb
    36.4  	return;
    36.5      }
    36.6  
    36.7 -    xenbus_write("control", "shutdown", "", O_CREAT);
    36.8 +    xenbus_write("control", "shutdown", "");
    36.9  
   36.10      err = xenbus_transaction_end(0);
   36.11      if (err == -ETIMEDOUT) {
    37.1 --- a/linux-2.6-xen-sparse/drivers/char/tpm/tpm.c	Thu Sep 22 11:34:14 2005 -0600
    37.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
    37.3 @@ -1,627 +0,0 @@
    37.4 -/*
    37.5 - * Copyright (C) 2004 IBM Corporation
    37.6 - *
    37.7 - * Authors:
    37.8 - * Leendert van Doorn <leendert@watson.ibm.com>
    37.9 - * Dave Safford <safford@watson.ibm.com>
   37.10 - * Reiner Sailer <sailer@watson.ibm.com>
   37.11 - * Kylene Hall <kjhall@us.ibm.com>
   37.12 - *
   37.13 - * Maintained by: <tpmdd_devel@lists.sourceforge.net>
   37.14 - *
   37.15 - * Device driver for TCG/TCPA TPM (trusted platform module).
   37.16 - * Specifications at www.trustedcomputinggroup.org
   37.17 - *
   37.18 - * This program is free software; you can redistribute it and/or
   37.19 - * modify it under the terms of the GNU General Public License as
   37.20 - * published by the Free Software Foundation, version 2 of the
   37.21 - * License.
   37.22 - *
   37.23 - * Note, the TPM chip is not interrupt driven (only polling)
   37.24 - * and can have very long timeouts (minutes!). Hence the unusual
   37.25 - * calls to schedule_timeout.
   37.26 - *
   37.27 - */
   37.28 -
   37.29 -#include <linux/sched.h>
   37.30 -#include <linux/poll.h>
   37.31 -#include <linux/spinlock.h>
   37.32 -#include "tpm.h"
   37.33 -
   37.34 -#define	TPM_MINOR			224	/* officially assigned */
   37.35 -
   37.36 -#define	TPM_BUFSIZE			2048
   37.37 -
   37.38 -static LIST_HEAD(tpm_chip_list);
   37.39 -static DEFINE_SPINLOCK(driver_lock);
   37.40 -static int dev_mask[32];
   37.41 -
   37.42 -static void user_reader_timeout(unsigned long ptr)
   37.43 -{
   37.44 -	struct tpm_chip *chip = (struct tpm_chip *) ptr;
   37.45 -
   37.46 -	down(&chip->buffer_mutex);
   37.47 -	atomic_set(&chip->data_pending, 0);
   37.48 -	memset(chip->data_buffer, 0, TPM_BUFSIZE);
   37.49 -	up(&chip->buffer_mutex);
   37.50 -}
   37.51 -
   37.52 -void tpm_time_expired(unsigned long ptr)
   37.53 -{
   37.54 -	int *exp = (int *) ptr;
   37.55 -	*exp = 1;
   37.56 -}
   37.57 -
   37.58 -EXPORT_SYMBOL_GPL(tpm_time_expired);
   37.59 -
   37.60 -/*
   37.61 - * Internal kernel interface to transmit TPM commands
   37.62 - */
   37.63 -static ssize_t tpm_transmit(struct tpm_chip *chip, const char *buf,
   37.64 -			    size_t bufsiz)
   37.65 -{
   37.66 -	ssize_t len;
   37.67 -	u32 count;
   37.68 -	__be32 *native_size;
   37.69 -
   37.70 -	native_size = (__force __be32 *) (buf + 2);
   37.71 -	count = be32_to_cpu(*native_size);
   37.72 -
   37.73 -	if (count == 0)
   37.74 -		return -ENODATA;
   37.75 -	if (count > bufsiz) {
   37.76 -		dev_err(&chip->pci_dev->dev,
   37.77 -			"invalid count value %x %zx \n", count, bufsiz);
   37.78 -		return -E2BIG;
   37.79 -	}
   37.80 -
   37.81 -	down(&chip->tpm_mutex);
   37.82 -
   37.83 -	if ((len = chip->vendor->send(chip, (u8 *) buf, count)) < 0) {
   37.84 -		dev_err(&chip->pci_dev->dev,
   37.85 -			"tpm_transmit: tpm_send: error %zd\n", len);
   37.86 -		return len;
   37.87 -	}
   37.88 -
   37.89 -	down(&chip->timer_manipulation_mutex);
   37.90 -	chip->time_expired = 0;
   37.91 -	init_timer(&chip->device_timer);
   37.92 -	chip->device_timer.function = tpm_time_expired;
   37.93 -	chip->device_timer.expires = jiffies + 2 * 60 * HZ;
   37.94 -	chip->device_timer.data = (unsigned long) &chip->time_expired;
   37.95 -	add_timer(&chip->device_timer);
   37.96 -	up(&chip->timer_manipulation_mutex);
   37.97 -
   37.98 -	do {
   37.99 -		u8 status = inb(chip->vendor->base + 1);
  37.100 -		if ((status & chip->vendor->req_complete_mask) ==
  37.101 -		    chip->vendor->req_complete_val) {
  37.102 -			down(&chip->timer_manipulation_mutex);
  37.103 -			del_singleshot_timer_sync(&chip->device_timer);
  37.104 -			up(&chip->timer_manipulation_mutex);
  37.105 -			goto out_recv;
  37.106 -		}
  37.107 -		set_current_state(TASK_UNINTERRUPTIBLE);
  37.108 -		schedule_timeout(TPM_TIMEOUT);
  37.109 -		rmb();
  37.110 -	} while (!chip->time_expired);
  37.111 -
  37.112 -
  37.113 -	chip->vendor->cancel(chip);
  37.114 -	dev_err(&chip->pci_dev->dev, "Time expired\n");
  37.115 -	up(&chip->tpm_mutex);
  37.116 -	return -EIO;
  37.117 -
  37.118 -out_recv:
  37.119 -	len = chip->vendor->recv(chip, (u8 *) buf, bufsiz);
  37.120 -	if (len < 0)
  37.121 -		dev_err(&chip->pci_dev->dev,
  37.122 -			"tpm_transmit: tpm_recv: error %zd\n", len);
  37.123 -	up(&chip->tpm_mutex);
  37.124 -	return len;
  37.125 -}
  37.126 -
  37.127 -#define TPM_DIGEST_SIZE 20
  37.128 -#define CAP_PCR_RESULT_SIZE 18
  37.129 -static u8 cap_pcr[] = {
  37.130 -	0, 193,			/* TPM_TAG_RQU_COMMAND */
  37.131 -	0, 0, 0, 22,		/* length */
  37.132 -	0, 0, 0, 101,		/* TPM_ORD_GetCapability */
  37.133 -	0, 0, 0, 5,
  37.134 -	0, 0, 0, 4,
  37.135 -	0, 0, 1, 1
  37.136 -};
  37.137 -
  37.138 -#define READ_PCR_RESULT_SIZE 30
  37.139 -static u8 pcrread[] = {
  37.140 -	0, 193,			/* TPM_TAG_RQU_COMMAND */
  37.141 -	0, 0, 0, 14,		/* length */
  37.142 -	0, 0, 0, 21,		/* TPM_ORD_PcrRead */
  37.143 -	0, 0, 0, 0		/* PCR index */
  37.144 -};
  37.145 -
  37.146 -static ssize_t show_pcrs(struct device *dev, char *buf)
  37.147 -{
  37.148 -	u8 data[READ_PCR_RESULT_SIZE];
  37.149 -	ssize_t len;
  37.150 -	int i, j, index, num_pcrs;
  37.151 -	char *str = buf;
  37.152 -
  37.153 -	struct tpm_chip *chip =
  37.154 -	    pci_get_drvdata(container_of(dev, struct pci_dev, dev));
  37.155 -	if (chip == NULL)
  37.156 -		return -ENODEV;
  37.157 -
  37.158 -	memcpy(data, cap_pcr, sizeof(cap_pcr));
  37.159 -	if ((len = tpm_transmit(chip, data, sizeof(data)))
  37.160 -	    < CAP_PCR_RESULT_SIZE)
  37.161 -		return len;
  37.162 -
  37.163 -	num_pcrs = be32_to_cpu(*((__force __be32 *) (data + 14)));
  37.164 -
  37.165 -	for (i = 0; i < num_pcrs; i++) {
  37.166 -		memcpy(data, pcrread, sizeof(pcrread));
  37.167 -		index = cpu_to_be32(i);
  37.168 -		memcpy(data + 10, &index, 4);
  37.169 -		if ((len = tpm_transmit(chip, data, sizeof(data)))
  37.170 -		    < READ_PCR_RESULT_SIZE)
  37.171 -			return len;
  37.172 -		str += sprintf(str, "PCR-%02d: ", i);
  37.173 -		for (j = 0; j < TPM_DIGEST_SIZE; j++)
  37.174 -			str += sprintf(str, "%02X ", *(data + 10 + j));
  37.175 -		str += sprintf(str, "\n");
  37.176 -	}
  37.177 -	return str - buf;
  37.178 -}
  37.179 -
  37.180 -static DEVICE_ATTR(pcrs, S_IRUGO, show_pcrs, NULL);
  37.181 -
  37.182 -#define  READ_PUBEK_RESULT_SIZE 314
  37.183 -static u8 readpubek[] = {
  37.184 -	0, 193,			/* TPM_TAG_RQU_COMMAND */
  37.185 -	0, 0, 0, 30,		/* length */
  37.186 -	0, 0, 0, 124,		/* TPM_ORD_ReadPubek */
  37.187 -};
  37.188 -
  37.189 -static ssize_t show_pubek(struct device *dev, char *buf)
  37.190 -{
  37.191 -	u8 data[READ_PUBEK_RESULT_SIZE];
  37.192 -	ssize_t len;
  37.193 -	__be32 *native_val;
  37.194 -	int i;
  37.195 -	char *str = buf;
  37.196 -
  37.197 -	struct tpm_chip *chip =
  37.198 -	    pci_get_drvdata(container_of(dev, struct pci_dev, dev));
  37.199 -	if (chip == NULL)
  37.200 -		return -ENODEV;
  37.201 -
  37.202 -	memcpy(data, readpubek, sizeof(readpubek));
  37.203 -	memset(data + sizeof(readpubek), 0, 20);	/* zero nonce */
  37.204 -
  37.205 -	if ((len = tpm_transmit(chip, data, sizeof(data))) <
  37.206 -	    READ_PUBEK_RESULT_SIZE)
  37.207 -		return len;
  37.208 -
  37.209 -	/*
  37.210 -	   ignore header 10 bytes
  37.211 -	   algorithm 32 bits (1 == RSA )
  37.212 -	   encscheme 16 bits
  37.213 -	   sigscheme 16 bits
  37.214 -	   parameters (RSA 12->bytes: keybit, #primes, expbit)
  37.215 -	   keylenbytes 32 bits
  37.216 -	   256 byte modulus
  37.217 -	   ignore checksum 20 bytes
  37.218 -	 */
  37.219 -
  37.220 -	native_val = (__force __be32 *) (data + 34);
  37.221 -
  37.222 -	str +=
  37.223 -	    sprintf(str,
  37.224 -		    "Algorithm: %02X %02X %02X %02X\nEncscheme: %02X %02X\n"
  37.225 -		    "Sigscheme: %02X %02X\nParameters: %02X %02X %02X %02X"
  37.226 -		    " %02X %02X %02X %02X %02X %02X %02X %02X\n"
  37.227 -		    "Modulus length: %d\nModulus: \n",
  37.228 -		    data[10], data[11], data[12], data[13], data[14],
  37.229 -		    data[15], data[16], data[17], data[22], data[23],
  37.230 -		    data[24], data[25], data[26], data[27], data[28],
  37.231 -		    data[29], data[30], data[31], data[32], data[33],
  37.232 -		    be32_to_cpu(*native_val)
  37.233 -	    );
  37.234 -
  37.235 -	for (i = 0; i < 256; i++) {
  37.236 -		str += sprintf(str, "%02X ", data[i + 39]);
  37.237 -		if ((i + 1) % 16 == 0)
  37.238 -			str += sprintf(str, "\n");
  37.239 -	}
  37.240 -	return str - buf;
  37.241 -}
  37.242 -
  37.243 -static DEVICE_ATTR(pubek, S_IRUGO, show_pubek, NULL);
  37.244 -
  37.245 -#define CAP_VER_RESULT_SIZE 18
  37.246 -static u8 cap_version[] = {
  37.247 -	0, 193,			/* TPM_TAG_RQU_COMMAND */
  37.248 -	0, 0, 0, 18,		/* length */
  37.249 -	0, 0, 0, 101,		/* TPM_ORD_GetCapability */
  37.250 -	0, 0, 0, 6,
  37.251 -	0, 0, 0, 0
  37.252 -};
  37.253 -
  37.254 -#define CAP_MANUFACTURER_RESULT_SIZE 18
  37.255 -static u8 cap_manufacturer[] = {
  37.256 -	0, 193,			/* TPM_TAG_RQU_COMMAND */
  37.257 -	0, 0, 0, 22,		/* length */
  37.258 -	0, 0, 0, 101,		/* TPM_ORD_GetCapability */
  37.259 -	0, 0, 0, 5,
  37.260 -	0, 0, 0, 4,
  37.261 -	0, 0, 1, 3
  37.262 -};
  37.263 -
  37.264 -static ssize_t show_caps(struct device *dev, char *buf)
  37.265 -{
  37.266 -	u8 data[READ_PUBEK_RESULT_SIZE];
  37.267 -	ssize_t len;
  37.268 -	char *str = buf;
  37.269 -
  37.270 -	struct tpm_chip *chip =
  37.271 -	    pci_get_drvdata(container_of(dev, struct pci_dev, dev));
  37.272 -	if (chip == NULL)
  37.273 -		return -ENODEV;
  37.274 -
  37.275 -	memcpy(data, cap_manufacturer, sizeof(cap_manufacturer));
  37.276 -
  37.277 -	if ((len = tpm_transmit(chip, data, sizeof(data))) <
  37.278 -	    CAP_MANUFACTURER_RESULT_SIZE)
  37.279 -		return len;
  37.280 -
  37.281 -	str += sprintf(str, "Manufacturer: 0x%x\n",
  37.282 -		       be32_to_cpu(*(data + 14)));
  37.283 -
  37.284 -	memcpy(data, cap_version, sizeof(cap_version));
  37.285 -
  37.286 -	if ((len = tpm_transmit(chip, data, sizeof(data))) <
  37.287 -	    CAP_VER_RESULT_SIZE)
  37.288 -		return len;
  37.289 -
  37.290 -	str +=
  37.291 -	    sprintf(str, "TCG version: %d.%d\nFirmware version: %d.%d\n",
  37.292 -		    (int) data[14], (int) data[15], (int) data[16],
  37.293 -		    (int) data[17]);
  37.294 -
  37.295 -	return str - buf;
  37.296 -}
  37.297 -
  37.298 -static DEVICE_ATTR(caps, S_IRUGO, show_caps, NULL);
  37.299 -
  37.300 -/*
  37.301 - * Device file system interface to the TPM
  37.302 - */
  37.303 -int tpm_open(struct inode *inode, struct file *file)
  37.304 -{
  37.305 -	int rc = 0, minor = iminor(inode);
  37.306 -	struct tpm_chip *chip = NULL, *pos;
  37.307 -
  37.308 -	spin_lock(&driver_lock);
  37.309 -
  37.310 -	list_for_each_entry(pos, &tpm_chip_list, list) {
  37.311 -		if (pos->vendor->miscdev.minor == minor) {
  37.312 -			chip = pos;
  37.313 -			break;
  37.314 -		}
  37.315 -	}
  37.316 -
  37.317 -	if (chip == NULL) {
  37.318 -		rc = -ENODEV;
  37.319 -		goto err_out;
  37.320 -	}
  37.321 -
  37.322 -	if (chip->num_opens) {
  37.323 -		dev_dbg(&chip->pci_dev->dev,
  37.324 -			"Another process owns this TPM\n");
  37.325 -		rc = -EBUSY;
  37.326 -		goto err_out;
  37.327 -	}
  37.328 -
  37.329 -	chip->num_opens++;
  37.330 -	pci_dev_get(chip->pci_dev);
  37.331 -
  37.332 -	spin_unlock(&driver_lock);
  37.333 -
  37.334 -	chip->data_buffer = kmalloc(TPM_BUFSIZE * sizeof(u8), GFP_KERNEL);
  37.335 -	if (chip->data_buffer == NULL) {
  37.336 -		chip->num_opens--;
  37.337 -		pci_dev_put(chip->pci_dev);
  37.338 -		return -ENOMEM;
  37.339 -	}
  37.340 -
  37.341 -	atomic_set(&chip->data_pending, 0);
  37.342 -
  37.343 -	file->private_data = chip;
  37.344 -	return 0;
  37.345 -
  37.346 -err_out:
  37.347 -	spin_unlock(&driver_lock);
  37.348 -	return rc;
  37.349 -}
  37.350 -
  37.351 -EXPORT_SYMBOL_GPL(tpm_open);
  37.352 -
  37.353 -int tpm_release(struct inode *inode, struct file *file)
  37.354 -{
  37.355 -	struct tpm_chip *chip = file->private_data;
  37.356 -
  37.357 -	file->private_data = NULL;
  37.358 -
  37.359 -	spin_lock(&driver_lock);
  37.360 -	chip->num_opens--;
  37.361 -	spin_unlock(&driver_lock);
  37.362 -
  37.363 -	down(&chip->timer_manipulation_mutex);
  37.364 -	if (timer_pending(&chip->user_read_timer))
  37.365 -		del_singleshot_timer_sync(&chip->user_read_timer);
  37.366 -	else if (timer_pending(&chip->device_timer))
  37.367 -		del_singleshot_timer_sync(&chip->device_timer);
  37.368 -	up(&chip->timer_manipulation_mutex);
  37.369 -
  37.370 -	kfree(chip->data_buffer);
  37.371 -	atomic_set(&chip->data_pending, 0);
  37.372 -
  37.373 -	pci_dev_put(chip->pci_dev);
  37.374 -	return 0;
  37.375 -}
  37.376 -
  37.377 -EXPORT_SYMBOL_GPL(tpm_release);
  37.378 -
  37.379 -ssize_t tpm_write(struct file * file, const char __user * buf,
  37.380 -		  size_t size, loff_t * off)
  37.381 -{
  37.382 -	struct tpm_chip *chip = file->private_data;
  37.383 -	int in_size = size, out_size;
  37.384 -
  37.385 -	/* cannot perform a write until the read has cleared
  37.386 -	   either via tpm_read or a user_read_timer timeout */
  37.387 -	while (atomic_read(&chip->data_pending) != 0) {
  37.388 -		set_current_state(TASK_UNINTERRUPTIBLE);
  37.389 -		schedule_timeout(TPM_TIMEOUT);
  37.390 -	}
  37.391 -
  37.392 -	down(&chip->buffer_mutex);
  37.393 -
  37.394 -	if (in_size > TPM_BUFSIZE)
  37.395 -		in_size = TPM_BUFSIZE;
  37.396 -
  37.397 -	if (copy_from_user
  37.398 -	    (chip->data_buffer, (void __user *) buf, in_size)) {
  37.399 -		up(&chip->buffer_mutex);
  37.400 -		return -EFAULT;
  37.401 -	}
  37.402 -
  37.403 -	/* atomic tpm command send and result receive */
  37.404 -	out_size = tpm_transmit(chip, chip->data_buffer, TPM_BUFSIZE);
  37.405 -
  37.406 -	atomic_set(&chip->data_pending, out_size);
  37.407 -	atomic_set(&chip->data_position, 0);
  37.408 -	up(&chip->buffer_mutex);
  37.409 -
  37.410 -	/* Set a timeout by which the reader must come claim the result */
  37.411 -	down(&chip->timer_manipulation_mutex);
  37.412 -	init_timer(&chip->user_read_timer);
  37.413 -	chip->user_read_timer.function = user_reader_timeout;
  37.414 -	chip->user_read_timer.data = (unsigned long) chip;
  37.415 -	chip->user_read_timer.expires = jiffies + (60 * HZ);
  37.416 -	add_timer(&chip->user_read_timer);
  37.417 -	up(&chip->timer_manipulation_mutex);
  37.418 -
  37.419 -	return in_size;
  37.420 -}
  37.421 -
  37.422 -EXPORT_SYMBOL_GPL(tpm_write);
  37.423 -
  37.424 -ssize_t tpm_read(struct file * file, char __user * buf,
  37.425 -		 size_t size, loff_t * off)
  37.426 -{
  37.427 -	struct tpm_chip *chip = file->private_data;
  37.428 -	int ret_size = -ENODATA;
  37.429 -	int pos, pending = 0;
  37.430 -
  37.431 -	down(&chip->buffer_mutex);
  37.432 -	ret_size = atomic_read(&chip->data_pending);
  37.433 -	if ( ret_size > 0 ) {	/* Result available */
  37.434 -		if (size < ret_size)
  37.435 -			ret_size = size;
  37.436 -
  37.437 -		pos = atomic_read(&chip->data_position);
  37.438 -
  37.439 -		if (copy_to_user((void __user *) buf,
  37.440 -				 &chip->data_buffer[pos], ret_size)) {
  37.441 -			ret_size = -EFAULT;
  37.442 -		} else {
  37.443 -			pending = atomic_read(&chip->data_pending) - ret_size;
  37.444 -			if ( pending ) {
  37.445 -				atomic_set( &chip->data_pending, pending );
  37.446 -				atomic_set( &chip->data_position, pos+ret_size );
  37.447 -			}
  37.448 -		}
  37.449 -	}
  37.450 -	up(&chip->buffer_mutex);
  37.451 -
  37.452 -	if ( ret_size <= 0 || pending == 0 ) {
  37.453 -		atomic_set( &chip->data_pending, 0 );
  37.454 -		down(&chip->timer_manipulation_mutex);
  37.455 -		del_singleshot_timer_sync(&chip->user_read_timer);
  37.456 -		up(&chip->timer_manipulation_mutex);
  37.457 -	}
  37.458 -
  37.459 -	return ret_size;
  37.460 -}
  37.461 -
  37.462 -EXPORT_SYMBOL_GPL(tpm_read);
  37.463 -
  37.464 -void __devexit tpm_remove(struct pci_dev *pci_dev)
  37.465 -{
  37.466 -	struct tpm_chip *chip = pci_get_drvdata(pci_dev);
  37.467 -
  37.468 -	if (chip == NULL) {
  37.469 -		dev_err(&pci_dev->dev, "No device data found\n");
  37.470 -		return;
  37.471 -	}
  37.472 -
  37.473 -	spin_lock(&driver_lock);
  37.474 -
  37.475 -	list_del(&chip->list);
  37.476 -
  37.477 -	spin_unlock(&driver_lock);
  37.478 -
  37.479 -	pci_set_drvdata(pci_dev, NULL);
  37.480 -	misc_deregister(&chip->vendor->miscdev);
  37.481 -
  37.482 -	device_remove_file(&pci_dev->dev, &dev_attr_pubek);
  37.483 -	device_remove_file(&pci_dev->dev, &dev_attr_pcrs);
  37.484 -	device_remove_file(&pci_dev->dev, &dev_attr_caps);
  37.485 -
  37.486 -	pci_disable_device(pci_dev);
  37.487 -
  37.488 -	dev_mask[chip->dev_num / 32] &= !(1 << (chip->dev_num % 32));
  37.489 -
  37.490 -	kfree(chip);
  37.491 -
  37.492 -	pci_dev_put(pci_dev);
  37.493 -}
  37.494 -
  37.495 -EXPORT_SYMBOL_GPL(tpm_remove);
  37.496 -
  37.497 -static u8 savestate[] = {
  37.498 -	0, 193,			/* TPM_TAG_RQU_COMMAND */
  37.499 -	0, 0, 0, 10,		/* blob length (in bytes) */
  37.500 -	0, 0, 0, 152		/* TPM_ORD_SaveState */
  37.501 -};
  37.502 -
  37.503 -/*
  37.504 - * We are about to suspend. Save the TPM state
  37.505 - * so that it can be restored.
  37.506 - */
  37.507 -int tpm_pm_suspend(struct pci_dev *pci_dev, pm_message_t pm_state)
  37.508 -{
  37.509 -	struct tpm_chip *chip = pci_get_drvdata(pci_dev);
  37.510 -	if (chip == NULL)
  37.511 -		return -ENODEV;
  37.512 -
  37.513 -	tpm_transmit(chip, savestate, sizeof(savestate));
  37.514 -	return 0;
  37.515 -}
  37.516 -
  37.517 -EXPORT_SYMBOL_GPL(tpm_pm_suspend);
  37.518 -
  37.519 -/*
  37.520 - * Resume from a power safe. The BIOS already restored
  37.521 - * the TPM state.
  37.522 - */
  37.523 -int tpm_pm_resume(struct pci_dev *pci_dev)
  37.524 -{
  37.525 -	struct tpm_chip *chip = pci_get_drvdata(pci_dev);
  37.526 -
  37.527 -	if (chip == NULL)
  37.528 -		return -ENODEV;
  37.529 -
  37.530 -	return 0;
  37.531 -}
  37.532 -
  37.533 -EXPORT_SYMBOL_GPL(tpm_pm_resume);
  37.534 -
  37.535 -/*
  37.536 - * Called from tpm_<specific>.c probe function only for devices
  37.537 - * the driver has determined it should claim.  Prior to calling
  37.538 - * this function the specific probe function has called pci_enable_device
  37.539 - * upon errant exit from this function specific probe function should call
  37.540 - * pci_disable_device
  37.541 - */
  37.542 -int tpm_register_hardware(struct pci_dev *pci_dev,
  37.543 -			  struct tpm_vendor_specific *entry)
  37.544 -{
  37.545 -	char devname[7];
  37.546 -	struct tpm_chip *chip;
  37.547 -	int i, j;
  37.548 -
  37.549 -	/* Driver specific per-device data */
  37.550 -	chip = kmalloc(sizeof(*chip), GFP_KERNEL);
  37.551 -	if (chip == NULL)
  37.552 -		return -ENOMEM;
  37.553 -
  37.554 -	memset(chip, 0, sizeof(struct tpm_chip));
  37.555 -
  37.556 -	init_MUTEX(&chip->buffer_mutex);
  37.557 -	init_MUTEX(&chip->tpm_mutex);
  37.558 -	init_MUTEX(&chip->timer_manipulation_mutex);
  37.559 -	INIT_LIST_HEAD(&chip->list);
  37.560 -
  37.561 -	chip->vendor = entry;
  37.562 -
  37.563 -	chip->dev_num = -1;
  37.564 -
  37.565 -	for (i = 0; i < 32; i++)
  37.566 -		for (j = 0; j < 8; j++)
  37.567 -			if ((dev_mask[i] & (1 << j)) == 0) {
  37.568 -				chip->dev_num = i * 32 + j;
  37.569 -				dev_mask[i] |= 1 << j;
  37.570 -				goto dev_num_search_complete;
  37.571 -			}
  37.572 -
  37.573 -dev_num_search_complete:
  37.574 -	if (chip->dev_num < 0) {
  37.575 -		dev_err(&pci_dev->dev,
  37.576 -			"No available tpm device numbers\n");
  37.577 -		kfree(chip);
  37.578 -		return -ENODEV;
  37.579 -	} else if (chip->dev_num == 0)
  37.580 -		chip->vendor->miscdev.minor = TPM_MINOR;
  37.581 -	else
  37.582 -		chip->vendor->miscdev.minor = MISC_DYNAMIC_MINOR;
  37.583 -
  37.584 -	snprintf(devname, sizeof(devname), "%s%d", "tpm", chip->dev_num);
  37.585 -	chip->vendor->miscdev.name = devname;
  37.586 -
  37.587 -	chip->vendor->miscdev.dev = &(pci_dev->dev);
  37.588 -	chip->pci_dev = pci_dev_get(pci_dev);
  37.589 -
  37.590 -	if (misc_register(&chip->vendor->miscdev)) {
  37.591 -		dev_err(&chip->pci_dev->dev,
  37.592 -			"unable to misc_register %s, minor %d\n",
  37.593 -			chip->vendor->miscdev.name,
  37.594 -			chip->vendor->miscdev.minor);
  37.595 -		pci_dev_put(pci_dev);
  37.596 -		kfree(chip);