ia64/xen-unstable

changeset 15608:9559ba7c80f9

Merge with PPC Xen tree.
author kfraser@localhost.localdomain
date Tue Jul 17 10:20:21 2007 +0100 (2007-07-17)
parents c9720159b983 23dab4b05455
children c1deef05c354
files xen/arch/ia64/vmx/vmx_process.c
line diff
     1.1 --- a/.hgignore	Mon Jul 16 14:20:16 2007 -0500
     1.2 +++ b/.hgignore	Tue Jul 17 10:20:21 2007 +0100
     1.3 @@ -130,6 +130,8 @@
     1.4  ^tools/ioemu/qemu\.1$
     1.5  ^tools/ioemu/qemu\.pod$
     1.6  ^tools/libxc/xen/.*$
     1.7 +^tools/libxc/ia64/asm/acpi\.h$
     1.8 +^tools/libxc/ia64/xen/list\.h$
     1.9  ^tools/libxen/libxenapi-
    1.10  ^tools/libxen/test/test_bindings$
    1.11  ^tools/libxen/test/test_event_handling$
    1.12 @@ -211,6 +213,7 @@
    1.13  ^tools/xm-test/lib/XmTestReport/xmtest.py$
    1.14  ^tools/xm-test/tests/.*\.test$
    1.15  ^xen/BLOG$
    1.16 +^xen/System.map$
    1.17  ^xen/TAGS$
    1.18  ^xen/arch/x86/asm-offsets\.s$
    1.19  ^xen/arch/x86/boot/mkelf32$
    1.20 @@ -218,6 +221,7 @@
    1.21  ^xen/ddb/.*$
    1.22  ^xen/include/asm$
    1.23  ^xen/include/asm-.*/asm-offsets\.h$
    1.24 +^xen/include/asm-ia64/asm-xsi-offsets\.h$
    1.25  ^xen/include/compat/.*$
    1.26  ^xen/include/hypervisor-ifs/arch$
    1.27  ^xen/include/public/foreign/.*\.(c|h|size)$
    1.28 @@ -233,6 +237,10 @@
    1.29  ^xen/xen$
    1.30  ^xen/xen-syms$
    1.31  ^xen/xen\..*$
    1.32 +^xen/arch/ia64/asm-offsets\.s$
    1.33 +^xen/arch/ia64/asm-xsi-offsets\.s$
    1.34 +^xen/arch/ia64/map\.out$
    1.35 +^xen/arch/ia64/xen\.lds\.s$
    1.36  ^xen/arch/powerpc/dom0\.bin$
    1.37  ^xen/arch/powerpc/asm-offsets\.s$
    1.38  ^xen/arch/powerpc/firmware$
     2.1 --- a/Config.mk	Mon Jul 16 14:20:16 2007 -0500
     2.2 +++ b/Config.mk	Tue Jul 17 10:20:21 2007 +0100
     2.3 @@ -81,14 +81,6 @@ CFLAGS += $(foreach i, $(EXTRA_INCLUDES)
     2.4  #        n - Do not build the Xen ACM framework
     2.5  ACM_SECURITY ?= n
     2.6  
     2.7 -# If ACM_SECURITY = y and no boot policy file is installed,
     2.8 -# then the ACM defaults to the security policy set by
     2.9 -# ACM_DEFAULT_SECURITY_POLICY
    2.10 -# Supported models are:
    2.11 -#	ACM_NULL_POLICY
    2.12 -#	ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY
    2.13 -ACM_DEFAULT_SECURITY_POLICY ?= ACM_NULL_POLICY
    2.14 -
    2.15  # Optional components
    2.16  XENSTAT_XENTOP     ?= y
    2.17  VTPM_TOOLS         ?= n
     3.1 --- a/docs/xen-api/xenapi-datamodel-graph.dot	Mon Jul 16 14:20:16 2007 -0500
     3.2 +++ b/docs/xen-api/xenapi-datamodel-graph.dot	Tue Jul 17 10:20:21 2007 +0100
     3.3 @@ -12,7 +12,7 @@
     3.4  digraph "Xen-API Class Diagram" {
     3.5  fontname="Verdana";
     3.6  
     3.7 -node [ shape=box ]; session VM host network VIF PIF SR VDI VBD PBD user;
     3.8 +node [ shape=box ]; session VM host network VIF PIF SR VDI VBD PBD user XSPolicy ACMPolicy;
     3.9  node [shape=ellipse]; PIF_metrics VIF_metrics VM_metrics VBD_metrics PBD_metrics VM_guest_metrics host_metrics;
    3.10  node [shape=box]; host_cpu console
    3.11  session -> host [ arrowhead="none" ]
    3.12 @@ -36,4 +36,6 @@ VDI -> VBD [ arrowhead="crow", arrowtail
    3.13  VBD -> VM [ arrowhead="none", arrowtail="crow" ]
    3.14  VTPM -> VM [ arrowhead="none", arrowtail="crow" ]
    3.15  VBD -> VBD_metrics [ arrowhead="none" ]
    3.16 +XSPolicy -> host [ arrowhead="none" ]
    3.17 +XSPolicy -> ACMPolicy [ arrowhead="none" ]
    3.18  }
     4.1 --- a/docs/xen-api/xenapi-datamodel.tex	Mon Jul 16 14:20:16 2007 -0500
     4.2 +++ b/docs/xen-api/xenapi-datamodel.tex	Tue Jul 17 10:20:21 2007 +0100
     4.3 @@ -46,6 +46,8 @@ Name & Description \\
     4.4  {\tt console} & A console \\
     4.5  {\tt user} & A user of the system \\
     4.6  {\tt debug} & A basic class for testing \\
     4.7 +{\tt XSPolicy} & A class for handling Xen Security Policies \\
     4.8 +{\tt ACMPolicy} & A class for handling ACM-type policies \\
     4.9  \hline
    4.10  \end{tabular}\end{center}
    4.11  \section{Relationships Between Classes}
    4.12 @@ -226,6 +228,7 @@ The following enumeration types are used
    4.13  
    4.14  \vspace{1cm}
    4.15  \newpage
    4.16 +
    4.17  \section{Error Handling}
    4.18  When a low-level transport error occurs, or a request is malformed at the HTTP
    4.19  or XML-RPC level, the server may send an XML-RPC Fault response, or the client
    4.20 @@ -469,6 +472,17 @@ HVM is required for this operation
    4.21  \begin{verbatim}VM_HVM_REQUIRED(vm)\end{verbatim}
    4.22  \begin{center}\rule{10em}{0.1pt}\end{center}
    4.23  
    4.24 +\subsubsection{SECURITY\_ERROR}
    4.25 +
    4.26 +A security error occurred. The parameter provides the xen security
    4.27 +error code and a message describing the error.
    4.28 +
    4.29 +\vspace{0.3cm}
    4.30 +{\bf Signature:}
    4.31 +\begin{verbatim}SECURITY_ERROR(xserr, message)\end{verbatim}
    4.32 +\begin{center}\rule{10em}{0.1pt}\end{center}
    4.33 +
    4.34 +
    4.35  \newpage
    4.36  \section{Class: session}
    4.37  \subsection{Fields for class: session}
    4.38 @@ -1401,6 +1415,7 @@ Quals & Field & Type & Description \\
    4.39  $\mathit{RO}_\mathit{run}$ &  {\tt is\_control\_domain} & bool & true if this is a control domain (domain 0 or a driver domain) \\
    4.40  $\mathit{RO}_\mathit{run}$ &  {\tt metrics} & VM\_metrics ref & metrics associated with this VM \\
    4.41  $\mathit{RO}_\mathit{run}$ &  {\tt guest\_metrics} & VM\_guest\_metrics ref & metrics associated with the running guest \\
    4.42 +$\mathit{RO}_\mathit{run}$ &  {\tt security/label} & string & the VM's security label \\
    4.43  \hline
    4.44  \end{longtable}
    4.45  \subsection{RPCs associated with class: VM}
    4.46 @@ -4398,6 +4413,82 @@ value of the field
    4.47  \vspace{0.3cm}
    4.48  \vspace{0.3cm}
    4.49  \vspace{0.3cm}
    4.50 +\subsubsection{RPC name:~get\_security\_label}
    4.51 +
    4.52 +{\bf Overview:}
    4.53 +Get the security label field of the given VM. Refer to the XSPolicy class
    4.54 +for the format of the security label.
    4.55 +
    4.56 + \noindent {\bf Signature:}
    4.57 +\begin{verbatim} string get_security_label (session_id s, VM ref self)\end{verbatim}
    4.58 +
    4.59 +
    4.60 +\noindent{\bf Arguments:}
    4.61 +
    4.62 +
    4.63 +\vspace{0.3cm}
    4.64 +\begin{tabular}{|c|c|p{7cm}|}
    4.65 + \hline
    4.66 +{\bf type} & {\bf name} & {\bf description} \\ \hline
    4.67 +{\tt VM ref } & self & reference to the object \\ \hline
    4.68 +
    4.69 +\end{tabular}
    4.70 +
    4.71 +\vspace{0.3cm}
    4.72 +
    4.73 + \noindent {\bf Return Type:}
    4.74 +{\tt
    4.75 +string
    4.76 +}
    4.77 +
    4.78 +
    4.79 +value of the field
    4.80 +\vspace{0.3cm}
    4.81 +\vspace{0.3cm}
    4.82 +\vspace{0.3cm}
    4.83 +\subsubsection{RPC name:~set\_security\_label}
    4.84 +
    4.85 +{\bf Overview:}
    4.86 +Set the security label field of the given VM. Refer to the XSPolicy class
    4.87 +for the format of the security label.
    4.88 +
    4.89 + \noindent {\bf Signature:}
    4.90 +\begin{verbatim} int set_security_label (session_id s, VM ref self, string
    4.91 +security_label, string old_label)\end{verbatim}
    4.92 +
    4.93 +
    4.94 +\noindent{\bf Arguments:}
    4.95 +
    4.96 +
    4.97 +\vspace{0.3cm}
    4.98 +\begin{tabular}{|c|c|p{7cm}|}
    4.99 + \hline
   4.100 +{\bf type} & {\bf name} & {\bf description} \\ \hline
   4.101 +{\tt VM ref } & self & reference to the object \\ \hline
   4.102 +{\tt string } & security\_label & security label for the VM \\ \hline
   4.103 +{\tt string } & old\_label & Optional label value that the security label \\
   4.104 +& & must currently have for the change to succeed.\\ \hline
   4.105 +
   4.106 +\end{tabular}
   4.107 +
   4.108 +\vspace{0.3cm}
   4.109 +
   4.110 + \noindent {\bf Return Type:}
   4.111 +{\tt
   4.112 +int
   4.113 +}
   4.114 +
   4.115 +
   4.116 +Returns the ssidref in case of an VM that is currently running or
   4.117 +paused, zero in case of a dormant VM (halted, suspended).
   4.118 +
   4.119 +\vspace{0.3cm}
   4.120 +
   4.121 +\noindent{\bf Possible Error Codes:} {\tt SECURITY\_ERROR}
   4.122 +
   4.123 +\vspace{0.3cm}
   4.124 +\vspace{0.3cm}
   4.125 +\vspace{0.3cm}
   4.126  \subsubsection{RPC name:~create}
   4.127  
   4.128  {\bf Overview:} 
   4.129 @@ -11317,6 +11408,79 @@ void
   4.130  \vspace{0.3cm}
   4.131  \vspace{0.3cm}
   4.132  \vspace{0.3cm}
   4.133 +\subsubsection{RPC name:~set\_security\_label}
   4.134 +
   4.135 +{\bf Overview:}
   4.136 +Set the security label of the given VDI. Refer to the XSPolicy class
   4.137 +for the format of the security label.
   4.138 +
   4.139 + \noindent {\bf Signature:}
   4.140 +\begin{verbatim} void set_security_label (session_id s, VDI ref self, string
   4.141 +security_label, string old_label)\end{verbatim}
   4.142 +
   4.143 +
   4.144 +\noindent{\bf Arguments:}
   4.145 +
   4.146 +
   4.147 +\vspace{0.3cm}
   4.148 +\begin{tabular}{|c|c|p{7cm}|}
   4.149 + \hline
   4.150 +{\bf type} & {\bf name} & {\bf description} \\ \hline
   4.151 +{\tt VDI ref } & self & reference to the object \\ \hline
   4.152 +
   4.153 +{\tt string } & security\_label & New value of the security label \\ \hline
   4.154 +{\tt string } & old\_label & Optional label value that the security label \\
   4.155 +& & must currently have for the change to succeed.\\ \hline
   4.156 +\end{tabular}
   4.157 +
   4.158 +\vspace{0.3cm}
   4.159 +
   4.160 + \noindent {\bf Return Type:}
   4.161 +{\tt
   4.162 +void
   4.163 +}
   4.164 +
   4.165 +
   4.166 +\vspace{0.3cm}
   4.167 +
   4.168 +\noindent{\bf Possible Error Codes:} {\tt SECURITY\_ERROR}
   4.169 +
   4.170 +\vspace{0.3cm}
   4.171 +\vspace{0.3cm}
   4.172 +\vspace{0.3cm}
   4.173 +\subsubsection{RPC name:~get\_security\_label}
   4.174 +
   4.175 +{\bf Overview:}
   4.176 +Get the security label of the given VDI.
   4.177 +
   4.178 + \noindent {\bf Signature:}
   4.179 +\begin{verbatim} string get_security_label (session_id s, VDI ref self)\end{verbatim}
   4.180 +
   4.181 +
   4.182 +\noindent{\bf Arguments:}
   4.183 +
   4.184 +
   4.185 +
   4.186 +\vspace{0.3cm}
   4.187 +\begin{tabular}{|c|c|p{7cm}|}
   4.188 + \hline
   4.189 +{\bf type} & {\bf name} & {\bf description} \\ \hline
   4.190 +{\tt VDI ref } & self & reference to the object \\ \hline
   4.191 +
   4.192 +\end{tabular}
   4.193 +
   4.194 +\vspace{0.3cm}
   4.195 +
   4.196 + \noindent {\bf Return Type:}
   4.197 +{\tt
   4.198 +string
   4.199 +}
   4.200 +
   4.201 +
   4.202 +value of the given field
   4.203 +\vspace{0.3cm}
   4.204 +\vspace{0.3cm}
   4.205 +\vspace{0.3cm}
   4.206  \subsubsection{RPC name:~create}
   4.207  
   4.208  {\bf Overview:} 
   4.209 @@ -13424,6 +13588,38 @@ value of the field
   4.210  \vspace{0.3cm}
   4.211  \vspace{0.3cm}
   4.212  \vspace{0.3cm}
   4.213 +\subsubsection{RPC name:~get\_runtime\_properties}
   4.214 +
   4.215 +{\bf Overview:}
   4.216 +Get the runtime\_properties field of the given VTPM.
   4.217 +
   4.218 +\noindent {\bf Signature:}
   4.219 +\begin{verbatim} ((string -> string) Map) get_runtime_properties (session_id s, VTPM ref self)\end{verbatim}
   4.220 +
   4.221 +
   4.222 +\noindent{\bf Arguments:}
   4.223 +
   4.224 +
   4.225 +\vspace{0.3cm}
   4.226 +\begin{tabular}{|c|c|p{7cm}|}
   4.227 + \hline
   4.228 +{\bf type} & {\bf name} & {\bf description} \\ \hline
   4.229 +{\tt VTPM ref } & self & reference to the object \\ \hline
   4.230 +
   4.231 +\end{tabular}
   4.232 +
   4.233 +\vspace{0.3cm}
   4.234 +
   4.235 + \noindent {\bf Return Type:}
   4.236 +{\tt
   4.237 +(string $\rightarrow$ string) Map
   4.238 +}
   4.239 +
   4.240 +
   4.241 +value of the field
   4.242 +\vspace{0.3cm}
   4.243 +\vspace{0.3cm}
   4.244 +\vspace{0.3cm}
   4.245  \subsubsection{RPC name:~create}
   4.246  
   4.247  {\bf Overview:} 
   4.248 @@ -14269,6 +14465,634 @@ all fields from the object
   4.249  
   4.250  \vspace{1cm}
   4.251  \newpage
   4.252 +\section{Class: XSPolicy}
   4.253 +\subsection{Fields for class: XSPolicy}
   4.254 +\begin{longtable}{|lllp{0.38\textwidth}|}
   4.255 +\hline
   4.256 +\multicolumn{1}{|l}{Name} & \multicolumn{3}{l|}{\bf XSPolicy} \\
   4.257 +\multicolumn{1}{|l}{Description} & \multicolumn{3}{l|}{\parbox{11cm}{\em A Xen Security Policy}} \\
   4.258 +\hline
   4.259 +Quals & Field & Type & Description \\
   4.260 +\hline
   4.261 +$\mathit{RO}_\mathit{run}$ &  {\tt uuid} & string  & unique identifier / object reference \\
   4.262 +$\mathit{RW}$              &  {\tt repr} & string  & representation of policy, i.e., XML \\
   4.263 +$\mathit{RO}_\mathit{run}$ &  {\tt type} & xs\_type & type of the policy \\
   4.264 +$\mathit{RO}_\mathit{run}$ & {\tt flags} & xs\_instantiationflags & policy
   4.265 +status flags \\
   4.266 +\hline
   4.267 +\end{longtable}
   4.268 +\subsection{Semantics of the class: XSPolicy}
   4.269 +
   4.270 +The XSPolicy class is used for administering Xen Security policies. Through
   4.271 +this class a new policy can be uploaded to the system, loaded into the
   4.272 +Xen hypervisor for enforcement and be set as the policy that the
   4.273 +system is automatically loading when the machine is started.
   4.274 +
   4.275 +This class returns information about the currently administered policy,
   4.276 +including a reference to the policy. This reference can then be used with
   4.277 +policy-specific classes, i.e., the ACMPolicy class, to allow retrieval of
   4.278 +information or changes to be made to a particular policy.
   4.279 +
   4.280 +\subsection{Structure and datatypes of class: XSPolicy}
   4.281 +
   4.282 +Format of the security label:
   4.283 +
   4.284 +A security label consist of the three different parts {\it policy type},
   4.285 +{\it policy name} and {\it label} separated with colons. To specify
   4.286 +the virtual machine label for an ACM-type policy {\it xm-test}, the
   4.287 +security label string would be {\it ACM:xm-test:blue}, where blue
   4.288 +denotes the virtual machine's label. The format of resource labels is
   4.289 +the same.\\[0.5cm]
   4.290 +The following flags are used by this class:
   4.291 +
   4.292 +\begin{longtable}{|l|l|l|}
   4.293 +\hline
   4.294 +{\tt xs\_type} & value & meaning \\
   4.295 +\hline
   4.296 +\hspace{0.5cm}{\tt XS\_POLICY\_ACM} & (1 $<<$ 0) & ACM-type policy \\
   4.297 +\hline
   4.298 +\end{longtable}
   4.299 +
   4.300 +\begin{longtable}{|l|l|l|}
   4.301 +\hline
   4.302 +{\tt xs\_instantiationflags} & value & meaning \\
   4.303 +\hline
   4.304 +\hspace{0.5cm}{\tt XS\_INST\_NONE} & 0 & do nothing \\
   4.305 +\hspace{0.5cm}{\tt XS\_INST\_BOOT} & (1 $<<$ 0) & make system boot with this policy \\
   4.306 +\hspace{0.5cm}{\tt XS\_INST\_LOAD} & (1 $<<$ 1) & load policy immediately \\
   4.307 +\hline
   4.308 +\end{longtable}
   4.309 +
   4.310 +\begin{longtable}{|l|l|l|}
   4.311 +\hline
   4.312 +{\tt xs\_policystate} & type & meaning \\
   4.313 +\hline
   4.314 +\hspace{0.5cm}{\tt xserr} & int & Error code from operation (if applicable) \\
   4.315 +\hspace{0.5cm}{\tt xs\_ref}  & XSPolicy ref & reference to the XS policy as returned by the API \\
   4.316 +\hspace{0.5cm}{\tt repr} & string & representation of the policy, i.e., XML \\
   4.317 +\hspace{0.5cm}{\tt type} & xs\_type & the type of the policy \\
   4.318 +\hspace{0.5cm}{\tt flags } & xs\_instantiationflags  & instantiation flags of the policy \\
   4.319 +\hspace{0.5cm}{\tt version} & string & version of the policy \\
   4.320 +\hspace{0.5cm}{\tt errors} & string & Base64-encoded sequence of integer tuples consisting \\
   4.321 +& & of (error code, detail); will be returned as part  \\
   4.322 +& & of the xs\_setpolicy function. \\
   4.323 +\hline
   4.324 +\end{longtable}
   4.325 +
   4.326 +\subsection{Additional RPCs associated with class: XSPolicy}
   4.327 +\subsubsection{RPC name:~get\_xstype}
   4.328 +
   4.329 +{\bf Overview:}
   4.330 +Return the Xen Security Policy types supported by this system
   4.331 +
   4.332 + \noindent {\bf Signature:}
   4.333 +\begin{verbatim} xs_type get_xstype (session_id s)\end{verbatim}
   4.334 +
   4.335 + \noindent {\bf Return Type:}
   4.336 +{\tt
   4.337 +xs\_type
   4.338 +}
   4.339 +
   4.340 +flags representing the supported Xen security policy types
   4.341 + \vspace{0.3cm}
   4.342 +\vspace{0.3cm}
   4.343 +\vspace{0.3cm}
   4.344 +\subsubsection{RPC name:~set\_xspolicy}
   4.345 +
   4.346 +{\bf Overview:}
   4.347 +Set the current XSPolicy. This function can also be be used for updating of
   4.348 +an existing policy whose name must be equivalent to the one of the
   4.349 +currently running policy.
   4.350 +
   4.351 +\noindent {\bf Signature:}
   4.352 +\begin{verbatim} xs_policystate set_xspolicy (session_id s, xs_type type, string repr,
   4.353 +xs_instantiationflags flags, bool overwrite)\end{verbatim}
   4.354 +
   4.355 +\noindent{\bf Arguments:}
   4.356 +
   4.357 +\vspace{0.3cm}
   4.358 +
   4.359 +\begin{tabular}{|c|c|p{7cm}|}
   4.360 + \hline
   4.361 +{\bf type} & {\bf name} & {\bf description} \\ \hline
   4.362 +{\tt xs\_type } & type & the type of policy \\ \hline
   4.363 +{\tt string} & repr & representation of the policy, i.e., XML \\ \hline
   4.364 +{\tt xs\_instantiationflags}    & flags & flags for the setting of the policy \\ \hline
   4.365 +{\tt bool}   & overwrite & whether to overwrite an existing policy \\ \hline
   4.366 +
   4.367 +\end{tabular}
   4.368 +
   4.369 +\vspace{0.3cm}
   4.370 +
   4.371 +
   4.372 + \noindent {\bf Return Type:}
   4.373 +{\tt
   4.374 +xs\_policystate
   4.375 +}
   4.376 +
   4.377 +
   4.378 +State information about the policy. In case an error occurred, the 'xs\_err'
   4.379 +field contains the error code. The 'errors' may contain further information
   4.380 +about the error.
   4.381 +\vspace{0.3cm}
   4.382 +\vspace{0.3cm}
   4.383 +\vspace{0.3cm}
   4.384 +\subsubsection{RPC name:~get\_xspolicy}
   4.385 +
   4.386 +{\bf Overview:}
   4.387 +Get information regarding the currently set Xen Security Policy
   4.388 +
   4.389 + \noindent {\bf Signature:}
   4.390 +\begin{verbatim} xs_policystate get_xspolicy (session_id s)\end{verbatim}
   4.391 +
   4.392 +\vspace{0.3cm}
   4.393 +
   4.394 + \noindent {\bf Return Type:}
   4.395 +{\tt
   4.396 +xs\_policystate
   4.397 +}
   4.398 +
   4.399 +
   4.400 +Policy state information.
   4.401 +\vspace{0.3cm}
   4.402 +\vspace{0.3cm}
   4.403 +\vspace{0.3cm}
   4.404 +\subsubsection{RPC name:~rm\_xsbootpolicy}
   4.405 +
   4.406 +{\bf Overview:}
   4.407 +Remove any policy from the default boot configuration.
   4.408 +
   4.409 + \noindent {\bf Signature:}
   4.410 +\begin{verbatim} void rm_xsbootpolicy (session_id s)\end{verbatim}
   4.411 +
   4.412 +\vspace{0.3cm}
   4.413 +
   4.414 +\noindent{\bf Possible Error Codes:} {\tt SECURITY\_ERROR}
   4.415 +
   4.416 +\vspace{0.3cm}
   4.417 +\vspace{0.3cm}
   4.418 +\vspace{0.3cm}
   4.419 +\subsubsection{RPC name:~get\_labeled\_resources}
   4.420 +
   4.421 +{\bf Overview:}
   4.422 +Get a list of resources that have been labeled.
   4.423 +
   4.424 + \noindent {\bf Signature:}
   4.425 +\begin{verbatim} ((string -> string) Map) get_labeled_resources (session_id s)\end{verbatim}
   4.426 +
   4.427 +
   4.428 +\vspace{0.3cm}
   4.429 +
   4.430 + \noindent {\bf Return Type:}
   4.431 +{\tt
   4.432 +(string $\rightarrow$ string) Map
   4.433 +}
   4.434 +
   4.435 +
   4.436 +A map of resources with their labels.
   4.437 +\vspace{0.3cm}
   4.438 +\vspace{0.3cm}
   4.439 +\vspace{0.3cm}
   4.440 +\subsubsection{RPC name:~set\_resource\_label}
   4.441 +
   4.442 +{\bf Overview:}
   4.443 +Label the given resource with the given label. An empty label removes any label
   4.444 +from the resource.
   4.445 +
   4.446 + \noindent {\bf Signature:}
   4.447 +\begin{verbatim} void set_resource_label (session_id s, string resource, string
   4.448 +label, string old_label)\end{verbatim}
   4.449 +
   4.450 +
   4.451 +\noindent{\bf Arguments:}
   4.452 +
   4.453 +
   4.454 +\vspace{0.3cm}
   4.455 +\begin{tabular}{|c|c|p{7cm}|}
   4.456 + \hline
   4.457 +{\bf type} & {\bf name} & {\bf description} \\ \hline
   4.458 +{\tt string } & resource & resource to label \\ \hline
   4.459 +{\tt string } & label & label for the resource \\ \hline
   4.460 +{\tt string } & old\_label & Optional label value that the security label \\
   4.461 +& & must currently have for the change to succeed. \\ \hline
   4.462 +
   4.463 +\end{tabular}
   4.464 +
   4.465 +\vspace{0.3cm}
   4.466 +
   4.467 +\noindent{\bf Possible Error Codes:} {\tt SECURITY\_ERROR}
   4.468 +
   4.469 +\vspace{0.3cm}
   4.470 +\vspace{0.3cm}
   4.471 +\vspace{0.3cm}
   4.472 +\subsubsection{RPC name:~get\_resource\_label}
   4.473 +
   4.474 +{\bf Overview:}
   4.475 +Get the label of the given resource.
   4.476 +
   4.477 + \noindent {\bf Signature:}
   4.478 +\begin{verbatim} string get_resource_label (session_id s, string resource)\end{verbatim}
   4.479 +
   4.480 +
   4.481 +\noindent{\bf Arguments:}
   4.482 +
   4.483 +
   4.484 +\vspace{0.3cm}
   4.485 +\begin{tabular}{|c|c|p{7cm}|}
   4.486 + \hline
   4.487 +{\bf type} & {\bf name} & {\bf description} \\ \hline
   4.488 +{\tt string } & resource & resource to label \\ \hline
   4.489 +
   4.490 +\end{tabular}
   4.491 +
   4.492 +\vspace{0.3cm}
   4.493 +
   4.494 + \noindent {\bf Return Type:}
   4.495 +{\tt
   4.496 +string
   4.497 +}
   4.498 +
   4.499 +
   4.500 +The label of the given resource.
   4.501 +\vspace{0.3cm}
   4.502 +\vspace{0.3cm}
   4.503 +\vspace{0.3cm}
   4.504 +\subsubsection{RPC name:~activate\_xspolicy}
   4.505 +
   4.506 +{\bf Overview:}
   4.507 +Load the referenced policy into the hypervisor.
   4.508 +
   4.509 + \noindent {\bf Signature:}
   4.510 +\begin{verbatim} xs_instantiationflags activate_xspolicy (session_id s, xs_ref xspolicy,
   4.511 +xs_instantiationflags flags)\end{verbatim}
   4.512 +
   4.513 +
   4.514 +\noindent{\bf Arguments:}
   4.515 +
   4.516 +
   4.517 +\vspace{0.3cm}
   4.518 +\begin{tabular}{|c|c|p{7cm}|}
   4.519 + \hline
   4.520 +{\bf type} & {\bf name} & {\bf description} \\ \hline
   4.521 +{\tt xs ref } & self & reference to the object \\ \hline
   4.522 +{\tt xs\_instantiationflags } & flags & flags to activate on a policy; flags
   4.523 +  can only be set \\ \hline
   4.524 +
   4.525 +\end{tabular}
   4.526 +
   4.527 +\vspace{0.3cm}
   4.528 +
   4.529 +
   4.530 + \noindent {\bf Return Type:}
   4.531 +{\tt
   4.532 +xs\_instantiationflags
   4.533 +}
   4.534 +
   4.535 +
   4.536 +Currently active instantiation flags.
   4.537 +\vspace{0.3cm}
   4.538 +
   4.539 +\noindent{\bf Possible Error Codes:} {\tt SECURITY\_ERROR}
   4.540 +
   4.541 +\vspace{0.3cm}
   4.542 +\vspace{0.3cm}
   4.543 +\vspace{0.3cm}
   4.544 +\subsubsection{RPC name:~get\_all}
   4.545 +
   4.546 +{\bf Overview:}
   4.547 +Return a list of all the XSPolicies known to the system.
   4.548 +
   4.549 + \noindent {\bf Signature:}
   4.550 +\begin{verbatim} ((XSPolicy ref) Set) get_all (session_id s)\end{verbatim}
   4.551 +
   4.552 +
   4.553 +\vspace{0.3cm}
   4.554 +
   4.555 + \noindent {\bf Return Type:}
   4.556 +{\tt
   4.557 +(XSPolicy ref) Set
   4.558 +}
   4.559 +
   4.560 +
   4.561 +A list of all the IDs of all the XSPolicies
   4.562 +\vspace{0.3cm}
   4.563 +\vspace{0.3cm}
   4.564 +\vspace{0.3cm}
   4.565 +\subsubsection{RPC name:~get\_uuid}
   4.566 +
   4.567 +{\bf Overview:}
   4.568 +Get the uuid field of the given XSPolicy.
   4.569 +
   4.570 + \noindent {\bf Signature:}
   4.571 +\begin{verbatim} string get_uuid (session_id s, XSPolicy ref self)\end{verbatim}
   4.572 +
   4.573 +
   4.574 +\noindent{\bf Arguments:}
   4.575 +
   4.576 +
   4.577 +\vspace{0.3cm}
   4.578 +\begin{tabular}{|c|c|p{7cm}|}
   4.579 + \hline
   4.580 +{\bf type} & {\bf name} & {\bf description} \\ \hline
   4.581 +{\tt XSPolicy ref } & self & reference to the object \\ \hline
   4.582 +
   4.583 +\end{tabular}
   4.584 +
   4.585 +\vspace{0.3cm}
   4.586 +
   4.587 + \noindent {\bf Return Type:}
   4.588 +{\tt
   4.589 +string
   4.590 +}
   4.591 +
   4.592 +
   4.593 +value of the field
   4.594 +\vspace{0.3cm}
   4.595 +\vspace{0.3cm}
   4.596 +\vspace{0.3cm}
   4.597 +\subsubsection{RPC name:~get\_record}
   4.598 +
   4.599 +{\bf Overview:}
   4.600 +Get a record of the referenced XSPolicy.
   4.601 +
   4.602 + \noindent {\bf Signature:}
   4.603 +\begin{verbatim} (XSPolicy record) get_record (session_id s, xs_ref xspolicy)\end{verbatim}
   4.604 +
   4.605 +
   4.606 +\noindent{\bf Arguments:}
   4.607 +
   4.608 +
   4.609 +\vspace{0.3cm}
   4.610 +\begin{tabular}{|c|c|p{7cm}|}
   4.611 + \hline
   4.612 +{\bf type} & {\bf name} & {\bf description} \\ \hline
   4.613 +{\tt xs ref } & self & reference to the object \\ \hline
   4.614 +
   4.615 +\end{tabular}
   4.616 +
   4.617 +\vspace{0.3cm}
   4.618 +
   4.619 + \noindent {\bf Return Type:}
   4.620 +{\tt
   4.621 +XSPolicy record
   4.622 +}
   4.623 +
   4.624 +
   4.625 +all fields from the object
   4.626 +\vspace{0.3cm}
   4.627 +\vspace{0.3cm}
   4.628 +\vspace{0.3cm}
   4.629 +\newpage
   4.630 +\section{Class: ACMPolicy}
   4.631 +\subsection{Fields for class: ACMPolicy}
   4.632 +\begin{longtable}{|lllp{0.38\textwidth}|}
   4.633 +\hline
   4.634 +\multicolumn{1}{|l}{Name} & \multicolumn{3}{l|}{\bf ACMPolicy} \\
   4.635 +\multicolumn{1}{|l}{Description} & \multicolumn{3}{l|}{\parbox{11cm}{\em An ACM Security Policy}} \\
   4.636 +\hline
   4.637 +Quals & Field & Type & Description \\
   4.638 +\hline
   4.639 +$\mathit{RO}_\mathit{run}$ &  {\tt uuid} & string & unique identifier / object reference \\
   4.640 +$\mathit{RW}$              &  {\tt repr} & string & representation of policy, in XML \\
   4.641 +$\mathit{RO}_\mathit{run}$ &  {\tt type} & xs\_type & type of the policy \\
   4.642 +$\mathit{RO}_\mathit{run}$ & {\tt flags} & xs\_instantiationflags & policy
   4.643 +status flags \\
   4.644 +\hline
   4.645 +\end{longtable}
   4.646 +
   4.647 +\subsection{Structure and datatypes of class: ACMPolicy}
   4.648 +
   4.649 +\vspace{0.5cm}
   4.650 +The following data structures are used:
   4.651 +
   4.652 +\begin{longtable}{|l|l|l|}
   4.653 +\hline
   4.654 +{\tt RIP acm\_policyheader} & type & meaning \\
   4.655 +\hline
   4.656 +\hspace{0.5cm}{\tt policyname}   & string & name of the policy \\
   4.657 +\hspace{0.5cm}{\tt policyurl }   & string & URL of the policy \\
   4.658 +\hspace{0.5cm}{\tt date}         & string & data of the policy \\
   4.659 +\hspace{0.5cm}{\tt reference}    & string & reference of the policy \\
   4.660 +\hspace{0.5cm}{\tt namespaceurl} & string & namespaceurl of the policy \\
   4.661 +\hspace{0.5cm}{\tt version}      & string & version of the policy \\
   4.662 +\hline
   4.663 +\end{longtable}
   4.664 +
   4.665 +\vspace{0.3cm}
   4.666 +\vspace{0.3cm}
   4.667 +\vspace{0.3cm}
   4.668 +\subsubsection{RPC name:~get\_header}
   4.669 +
   4.670 +{\bf Overview:}
   4.671 +Get the referenced policy's header information.
   4.672 +
   4.673 + \noindent {\bf Signature:}
   4.674 +\begin{verbatim} acm_policyheader get_header (session_id s, xs ref self)\end{verbatim}
   4.675 +
   4.676 +
   4.677 +\noindent{\bf Arguments:}
   4.678 +
   4.679 +
   4.680 +\vspace{0.3cm}
   4.681 +\begin{tabular}{|c|c|p{7cm}|}
   4.682 + \hline
   4.683 +{\bf type} & {\bf name} & {\bf description} \\ \hline
   4.684 +{\tt xs ref } & self & reference to the object \\ \hline
   4.685 +
   4.686 +\end{tabular}
   4.687 +
   4.688 +\vspace{0.3cm}
   4.689 +
   4.690 + \noindent {\bf Return Type:}
   4.691 +{\tt
   4.692 +acm\_policyheader
   4.693 +}
   4.694 +
   4.695 +
   4.696 +The policy's header information.
   4.697 +\vspace{0.3cm}
   4.698 +\vspace{0.3cm}
   4.699 +\vspace{0.3cm}
   4.700 +\subsubsection{RPC name:~get\_xml}
   4.701 +
   4.702 +{\bf Overview:}
   4.703 +Get the XML representation of the given policy.
   4.704 +
   4.705 + \noindent {\bf Signature:}
   4.706 +\begin{verbatim} string get_XML (session_id s, xs ref self)\end{verbatim}
   4.707 +
   4.708 +
   4.709 +\noindent{\bf Arguments:}
   4.710 +
   4.711 +
   4.712 +\vspace{0.3cm}
   4.713 +\begin{tabular}{|c|c|p{7cm}|}
   4.714 + \hline
   4.715 +{\bf type} & {\bf name} & {\bf description} \\ \hline
   4.716 +{\tt xs ref } & self & reference to the object \\ \hline
   4.717 +
   4.718 +\end{tabular}
   4.719 +
   4.720 +\vspace{0.3cm}
   4.721 +
   4.722 + \noindent {\bf Return Type:}
   4.723 +{\tt
   4.724 +string
   4.725 +}
   4.726 +
   4.727 +
   4.728 +XML representation of the referenced policy
   4.729 +\vspace{0.3cm}
   4.730 +\vspace{0.3cm}
   4.731 +\vspace{0.3cm}
   4.732 +\subsubsection{RPC name:~get\_map}
   4.733 +
   4.734 +{\bf Overview:}
   4.735 +Get the mapping information of the given policy.
   4.736 +
   4.737 + \noindent {\bf Signature:}
   4.738 +\begin{verbatim} string get_map (session_id s, xs ref self)\end{verbatim}
   4.739 +
   4.740 +
   4.741 +\noindent{\bf Arguments:}
   4.742 +
   4.743 +
   4.744 +\vspace{0.3cm}
   4.745 +\begin{tabular}{|c|c|p{7cm}|}
   4.746 + \hline
   4.747 +{\bf type} & {\bf name} & {\bf description} \\ \hline
   4.748 +{\tt xs ref } & self & reference to the object \\ \hline
   4.749 +
   4.750 +\end{tabular}
   4.751 +
   4.752 +\vspace{0.3cm}
   4.753 +
   4.754 + \noindent {\bf Return Type:}
   4.755 +{\tt
   4.756 +string
   4.757 +}
   4.758 +
   4.759 +
   4.760 +Mapping information of the referenced policy.
   4.761 +\vspace{0.3cm}
   4.762 +\vspace{0.3cm}
   4.763 +\vspace{0.3cm}
   4.764 +\subsubsection{RPC name:~get\_binary}
   4.765 +
   4.766 +{\bf Overview:}
   4.767 +Get the binary policy representation of the referenced policy.
   4.768 +
   4.769 + \noindent {\bf Signature:}
   4.770 +\begin{verbatim} string get_map (session_id s, xs ref self)\end{verbatim}
   4.771 +
   4.772 +
   4.773 +\noindent{\bf Arguments:}
   4.774 +
   4.775 +
   4.776 +\vspace{0.3cm}
   4.777 +\begin{tabular}{|c|c|p{7cm}|}
   4.778 + \hline
   4.779 +{\bf type} & {\bf name} & {\bf description} \\ \hline
   4.780 +{\tt xs ref } & self & reference to the object \\ \hline
   4.781 +
   4.782 +\end{tabular}
   4.783 +
   4.784 +\vspace{0.3cm}
   4.785 +
   4.786 + \noindent {\bf Return Type:}
   4.787 +{\tt
   4.788 +string
   4.789 +}
   4.790 +
   4.791 +
   4.792 +Base64-encoded representation of the binary policy.
   4.793 +\vspace{0.3cm}
   4.794 +\vspace{0.3cm}
   4.795 +\vspace{0.3cm}
   4.796 +\subsubsection{RPC name:~get\_all}
   4.797 +
   4.798 +{\bf Overview:}
   4.799 +Return a list of all the ACMPolicies known to the system.
   4.800 +
   4.801 + \noindent {\bf Signature:}
   4.802 +\begin{verbatim} ((ACMPolicy ref) Set) get_all (session_id s)\end{verbatim}
   4.803 +
   4.804 +
   4.805 +\vspace{0.3cm}
   4.806 +
   4.807 + \noindent {\bf Return Type:}
   4.808 +{\tt
   4.809 +(ACMPolicy ref) Set
   4.810 +}
   4.811 +
   4.812 +
   4.813 +A list of all the IDs of all the ACMPolicies
   4.814 +\vspace{0.3cm}
   4.815 +\vspace{0.3cm}
   4.816 +\vspace{0.3cm}
   4.817 +\subsubsection{RPC name:~get\_uuid}
   4.818 +
   4.819 +{\bf Overview:}
   4.820 +Get the uuid field of the given ACMPolicy.
   4.821 +
   4.822 + \noindent {\bf Signature:}
   4.823 +\begin{verbatim} string get_uuid (session_id s, ACMPolicy ref self)\end{verbatim}
   4.824 +
   4.825 +
   4.826 +\noindent{\bf Arguments:}
   4.827 +
   4.828 +
   4.829 +\vspace{0.3cm}
   4.830 +\begin{tabular}{|c|c|p{7cm}|}
   4.831 + \hline
   4.832 +{\bf type} & {\bf name} & {\bf description} \\ \hline
   4.833 +{\tt ACMPolicy ref } & self & reference to the object \\ \hline
   4.834 +
   4.835 +\end{tabular}
   4.836 +
   4.837 +\vspace{0.3cm}
   4.838 +
   4.839 + \noindent {\bf Return Type:}
   4.840 +{\tt
   4.841 +string
   4.842 +}
   4.843 +
   4.844 +
   4.845 +value of the field
   4.846 +\vspace{0.3cm}
   4.847 +\vspace{0.3cm}
   4.848 +\vspace{0.3cm}
   4.849 +\subsubsection{RPC name:~get\_record}
   4.850 +
   4.851 +{\bf Overview:}
   4.852 +Get a record of the referenced ACMPolicy.
   4.853 +
   4.854 + \noindent {\bf Signature:}
   4.855 +\begin{verbatim} (XSPolicy record) get_record (session_id s, xs_ref xspolicy)\end{verbatim}
   4.856 +
   4.857 +
   4.858 +\noindent{\bf Arguments:}
   4.859 +
   4.860 +
   4.861 +\vspace{0.3cm}
   4.862 +\begin{tabular}{|c|c|p{7cm}|}
   4.863 + \hline
   4.864 +{\bf type} & {\bf name} & {\bf description} \\ \hline
   4.865 +{\tt xs ref } & self & reference to the object \\ \hline
   4.866 +
   4.867 +\end{tabular}
   4.868 +
   4.869 +\vspace{0.3cm}
   4.870 +
   4.871 + \noindent {\bf Return Type:}
   4.872 +{\tt
   4.873 +XSPolicy record
   4.874 +}
   4.875 +
   4.876 +
   4.877 +all fields from the object
   4.878 +
   4.879 +\newpage
   4.880  \section{Class: debug}
   4.881  \subsection{Fields for class: debug}
   4.882  {\bf Class debug has no fields.}
     5.1 --- a/extras/mini-os/arch/ia64/ia64.S	Mon Jul 16 14:20:16 2007 -0500
     5.2 +++ b/extras/mini-os/arch/ia64/ia64.S	Tue Jul 17 10:20:21 2007 +0100
     5.3 @@ -105,7 +105,7 @@ ENTRY(_start)
     5.4  	/*
     5.5  	 * Now pin mappings into the TLB for kernel text and data
     5.6  	 */
     5.7 -	mov	r18=KERNEL_TR_PAGE_SIZE<<2
     5.8 +	mov	r18=KERNEL_TR_PAGE_SIZE<<IA64_ITIR_PS
     5.9  	movl	r17=KERNEL_START
    5.10  	;;
    5.11  	mov	cr.itir=r18
    5.12 @@ -204,7 +204,10 @@ 1:	/* now we are in virtual mode */
    5.13  	;;
    5.14  	or	out0=r16, r15			// make a region 7 address
    5.15  	;;
    5.16 -
    5.17 +	ssm	psr.i | psr.ic
    5.18 +	;;
    5.19 +	srlz.i
    5.20 +	;;
    5.21  	br.call.sptk.many rp=start_kernel
    5.22  	;;
    5.23  	add	r2=3,r0
     6.1 --- a/extras/mini-os/arch/ia64/ivt.S	Mon Jul 16 14:20:16 2007 -0500
     6.2 +++ b/extras/mini-os/arch/ia64/ivt.S	Tue Jul 17 10:20:21 2007 +0100
     6.3 @@ -587,13 +587,11 @@ END(save_special_regs)
     6.4  
     6.5  
     6.6  ENTRY(hypervisor_callback)
     6.7 -		// Calculate the stack address for storing.
     6.8 -		// Use the kernel stack here because it's mapped wired!
     6.9 -		// -> no nested tlb faults!
    6.10 -	movl	r18=kstack+KSTACK_PAGES * PAGE_SIZE - 16 - TF_SIZE
    6.11 -
    6.12 -	//add	r18=-TF_SIZE,sp
    6.13 -	add	r30=0xabab,r0
    6.14 +	/*
    6.15 +	 * Use the thread stack here for storing the trap frame.
    6.16 +	 * It's not wired mapped, so nested data tlb faults may occur!
    6.17 +	 */
    6.18 +	add	r18=-TF_SIZE,sp
    6.19  	;;
    6.20  {	.mib
    6.21  	nop	0x02
    6.22 @@ -602,7 +600,7 @@ ENTRY(hypervisor_callback)
    6.23  	;;
    6.24  }
    6.25  	add	sp=-16,r18		// the new stack
    6.26 -	alloc	r15=ar.pfs,0,0,1,0	// 1 out for do_trap_error
    6.27 +	alloc	r15=ar.pfs,0,0,1,0	// 1 out for do_hypervisor_callback
    6.28  	;;
    6.29  	mov	out0=r18		// the trap frame
    6.30  	movl	r22=XSI_PSR_IC
    6.31 @@ -617,13 +615,8 @@ ENTRY(hypervisor_callback)
    6.32  	movl	r22=XSI_PSR_IC
    6.33  	;;
    6.34  	st4	[r22]=r0		// rsm psr.ic
    6.35 -
    6.36 -	add	r16=16,sp		// load EF-pointer again
    6.37 +	add	r18=16,sp		// load EF-pointer again
    6.38  	;;
    6.39 -	//mov	r18=sp
    6.40 -	movl	r18=kstack+KSTACK_PAGES * PAGE_SIZE - 16 - TF_SIZE
    6.41 -	;;
    6.42 -
    6.43  			// must have r18-efp, calls rfi at the end.
    6.44  	br.sptk	restore_tf_rse_switch
    6.45  	;;
    6.46 @@ -654,9 +647,7 @@ ENTRY(trap_error)
    6.47  	mov	out0=r18		// the trap frame
    6.48  	add	sp=-16,r18		// C-call abi
    6.49  	;;
    6.50 -
    6.51 -	//bsw.1
    6.52 -	movl r30=XSI_BANKNUM
    6.53 +	movl r30=XSI_BANKNUM		// bsw.1
    6.54  	mov r31=1;;
    6.55  #if defined(BIG_ENDIAN)			// swap because mini-os is in BE
    6.56  	mux1	r31=r31,@rev;;
    6.57 @@ -752,6 +743,7 @@ IVT_ERR(Alternate_Instruction_TLB, 3, 0x
    6.58  
    6.59  IVT_ENTRY(Alternate_Data_TLB, 0x1000)
    6.60  	mov	r30=4			// trap number
    6.61 +adt_common:
    6.62  	mov	r16=cr.ifa		// where did it happen
    6.63  	mov	r31=pr			// save predicates
    6.64  	;;
    6.65 @@ -765,7 +757,7 @@ IVT_ENTRY(Alternate_Data_TLB, 0x1000)
    6.66  //		// No return
    6.67  //
    6.68  //adt_regf_addr:
    6.69 -//	extr.u	r17=r16,60,4	// get region number
    6.70 +//	extr.u	r17=r16,60,4		// get region number
    6.71  //	;;
    6.72  //	cmp.eq	p14,p15=0xf,r17
    6.73  //	;;
    6.74 @@ -799,8 +791,23 @@ adt_reg7_addr:
    6.75  
    6.76  IVT_END(Alternate_Data_TLB)
    6.77  
    6.78 +/*
    6.79 + * Handling of nested data tlb is needed, because in hypervisor_callback()
    6.80 + * the stack is used to store the register trap frame. This stack is allocated
    6.81 + * dynamically (as identity mapped address) and therewidth no tr mapped page!
    6.82 + */
    6.83 +IVT_ENTRY(Data_Nested_TLB, 0x1400)
    6.84  
    6.85 -IVT_ERR(Data_Nested_TLB, 5, 0x1400)
    6.86 +	mov	r30=5			// trap number
    6.87 +	add	r28=-TF_SIZE,sp		// r28 is never used in trap handling
    6.88 +	;;
    6.89 +	mov	cr.ifa=r28
    6.90 +	;;
    6.91 +	br.sptk	adt_common
    6.92 +IVT_END(Data_Nested_TLB)
    6.93 +
    6.94 +
    6.95 +
    6.96  IVT_ERR(Instruction_Key_Miss, 6, 0x1800)
    6.97  IVT_ERR(Data_Key_Miss, 7, 0x1c00)
    6.98  IVT_ERR(Dirty_Bit, 8, 0x2000)
     7.1 --- a/extras/mini-os/include/ia64/ia64_cpu.h	Mon Jul 16 14:20:16 2007 -0500
     7.2 +++ b/extras/mini-os/include/ia64/ia64_cpu.h	Tue Jul 17 10:20:21 2007 +0100
     7.3 @@ -143,11 +143,11 @@
     7.4  
     7.5  #define STARTUP_PSR (IA64_PSR_IT | \
     7.6              	     IA64_PSR_DT | IA64_PSR_RT | MOS_IA64_PSR_BE | \
     7.7 -		     IA64_PSR_BN | IA64_PSR_CPL_2 | IA64_PSR_AC)
     7.8 +		     IA64_PSR_BN | IA64_PSR_CPL_KERN | IA64_PSR_AC)
     7.9  
    7.10  #define MOS_SYS_PSR (IA64_PSR_IC | IA64_PSR_I | IA64_PSR_IT | \
    7.11              	     IA64_PSR_DT | IA64_PSR_RT | MOS_IA64_PSR_BE | \
    7.12 -		     IA64_PSR_BN | IA64_PSR_CPL_2 | IA64_PSR_AC)
    7.13 +		     IA64_PSR_BN | IA64_PSR_CPL_KERN | IA64_PSR_AC)
    7.14  
    7.15  #define MOS_USR_PSR (IA64_PSR_IC | IA64_PSR_I | IA64_PSR_IT | \
    7.16              	     IA64_PSR_DT | IA64_PSR_RT | MOS_IA64_PSR_BE | \
     8.1 --- a/tools/firmware/hvmloader/acpi/dsdt.asl	Mon Jul 16 14:20:16 2007 -0500
     8.2 +++ b/tools/firmware/hvmloader/acpi/dsdt.asl	Tue Jul 17 10:20:21 2007 +0100
     8.3 @@ -123,11 +123,12 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, 
     8.4              }
     8.5  
     8.6              Name(BUFA, ResourceTemplate() {
     8.7 -                IRQ(Level, ActiveLow, Shared) { 5, 7, 10, 11 }
     8.8 +                IRQ(Level, ActiveLow, Shared) { 5, 10, 11 }
     8.9              })
    8.10  
    8.11              Name(BUFB, Buffer() {
    8.12 -                0x23, 0x00, 0x00, 0x18, 0x79, 0
    8.13 +                0x23, 0x00, 0x00, 0x18, /* IRQ descriptor */
    8.14 +                0x79, 0                 /* End tag, null checksum */
    8.15              })
    8.16  
    8.17              CreateWordField(BUFB, 0x01, IRQV)
    8.18 @@ -643,6 +644,22 @@ DefinitionBlock ("DSDT.aml", "DSDT", 2, 
    8.19                          IRQNoFlags () {4}
    8.20                      })
    8.21                  }
    8.22 +
    8.23 +                Device (LTP1)
    8.24 +                {
    8.25 +                    Name (_HID, EisaId ("PNP0400"))
    8.26 +                    Name (_UID, 0x02)
    8.27 +                    Method (_STA, 0, NotSerialized)
    8.28 +                    {
    8.29 +                        Return (0x0F)
    8.30 +                    }
    8.31 +
    8.32 +                    Name (_CRS, ResourceTemplate()
    8.33 +                    {
    8.34 +                        IO (Decode16, 0x0378, 0x0378, 0x08, 0x08)
    8.35 +                        IRQNoFlags () {7}
    8.36 +                    })
    8.37 +                } 
    8.38              }
    8.39          }
    8.40      }
     9.1 --- a/tools/firmware/hvmloader/acpi/dsdt.c	Mon Jul 16 14:20:16 2007 -0500
     9.2 +++ b/tools/firmware/hvmloader/acpi/dsdt.c	Tue Jul 17 10:20:21 2007 +0100
     9.3 @@ -1,19 +1,19 @@
     9.4  /*
     9.5   * 
     9.6   * Intel ACPI Component Architecture
     9.7 - * ASL Optimizing Compiler version 20060707 [Dec 30 2006]
     9.8 + * ASL Optimizing Compiler version 20060707 [Feb 16 2007]
     9.9   * Copyright (C) 2000 - 2006 Intel Corporation
    9.10   * Supports ACPI Specification Revision 3.0a
    9.11   * 
    9.12 - * Compilation of "dsdt.asl" - Sat May 12 16:13:55 2007
    9.13 + * Compilation of "dsdt.asl" - Wed Jul 11 13:34:30 2007
    9.14   * 
    9.15   * C source code output
    9.16   *
    9.17   */
    9.18  unsigned char AmlCode[] =
    9.19  {
    9.20 -    0x44,0x53,0x44,0x54,0x67,0x0D,0x00,0x00,  /* 00000000    "DSDTg..." */
    9.21 -    0x02,0xE0,0x58,0x65,0x6E,0x00,0x00,0x00,  /* 00000008    "..Xen..." */
    9.22 +    0x44,0x53,0x44,0x54,0x9F,0x0D,0x00,0x00,  /* 00000000    "DSDT...." */
    9.23 +    0x02,0x2E,0x58,0x65,0x6E,0x00,0x00,0x00,  /* 00000008    "..Xen..." */
    9.24      0x48,0x56,0x4D,0x00,0x00,0x00,0x00,0x00,  /* 00000010    "HVM....." */
    9.25      0x00,0x00,0x00,0x00,0x49,0x4E,0x54,0x4C,  /* 00000018    "....INTL" */
    9.26      0x07,0x07,0x06,0x20,0x08,0x50,0x4D,0x42,  /* 00000020    "... .PMB" */
    9.27 @@ -27,7 +27,7 @@ unsigned char AmlCode[] =
    9.28      0x04,0x0A,0x07,0x0A,0x07,0x00,0x00,0x08,  /* 00000060    "........" */
    9.29      0x50,0x49,0x43,0x44,0x00,0x14,0x0C,0x5F,  /* 00000068    "PICD..._" */
    9.30      0x50,0x49,0x43,0x01,0x70,0x68,0x50,0x49,  /* 00000070    "PIC.phPI" */
    9.31 -    0x43,0x44,0x10,0x4C,0xCE,0x5F,0x53,0x42,  /* 00000078    "CD.L._SB" */
    9.32 +    0x43,0x44,0x10,0x44,0xD2,0x5F,0x53,0x42,  /* 00000078    "CD.D._SB" */
    9.33      0x5F,0x5B,0x82,0x49,0x04,0x4D,0x45,0x4D,  /* 00000080    "_[.I.MEM" */
    9.34      0x30,0x08,0x5F,0x48,0x49,0x44,0x0C,0x41,  /* 00000088    "0._HID.A" */
    9.35      0xD0,0x0C,0x02,0x08,0x5F,0x43,0x52,0x53,  /* 00000090    "...._CRS" */
    9.36 @@ -37,7 +37,7 @@ unsigned char AmlCode[] =
    9.37      0x00,0x00,0xFF,0xFF,0x09,0x00,0x00,0x00,  /* 000000B0    "........" */
    9.38      0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,  /* 000000B8    "........" */
    9.39      0x00,0x00,0x00,0x00,0x0A,0x00,0x00,0x00,  /* 000000C0    "........" */
    9.40 -    0x00,0x00,0x79,0x00,0x5B,0x82,0x49,0xC9,  /* 000000C8    "..y.[.I." */
    9.41 +    0x00,0x00,0x79,0x00,0x5B,0x82,0x41,0xCD,  /* 000000C8    "..y.[.A." */
    9.42      0x50,0x43,0x49,0x30,0x08,0x5F,0x48,0x49,  /* 000000D0    "PCI0._HI" */
    9.43      0x44,0x0C,0x41,0xD0,0x0A,0x03,0x08,0x5F,  /* 000000D8    "D.A...._" */
    9.44      0x55,0x49,0x44,0x00,0x08,0x5F,0x41,0x44,  /* 000000E0    "UID.._AD" */
    9.45 @@ -59,7 +59,7 @@ unsigned char AmlCode[] =
    9.46      0x00,0xF0,0xFF,0xFF,0xFF,0xF4,0x00,0x00,  /* 00000160    "........" */
    9.47      0x00,0x00,0x00,0x00,0x00,0x05,0x79,0x00,  /* 00000168    "......y." */
    9.48      0xA4,0x50,0x52,0x54,0x30,0x08,0x42,0x55,  /* 00000170    ".PRT0.BU" */
    9.49 -    0x46,0x41,0x11,0x09,0x0A,0x06,0x23,0xA0,  /* 00000178    "FA....#." */
    9.50 +    0x46,0x41,0x11,0x09,0x0A,0x06,0x23,0x20,  /* 00000178    "FA....# " */
    9.51      0x0C,0x18,0x79,0x00,0x08,0x42,0x55,0x46,  /* 00000180    "..y..BUF" */
    9.52      0x42,0x11,0x09,0x0A,0x06,0x23,0x00,0x00,  /* 00000188    "B....#.." */
    9.53      0x18,0x79,0x00,0x8B,0x42,0x55,0x46,0x42,  /* 00000190    ".y..BUFB" */
    9.54 @@ -348,7 +348,7 @@ unsigned char AmlCode[] =
    9.55      0x0C,0x04,0x0C,0xFF,0xFF,0x0F,0x00,0x0A,  /* 00000A68    "........" */
    9.56      0x02,0x00,0x0A,0x2F,0x12,0x0C,0x04,0x0C,  /* 00000A70    ".../...." */
    9.57      0xFF,0xFF,0x0F,0x00,0x0A,0x03,0x00,0x0A,  /* 00000A78    "........" */
    9.58 -    0x10,0x5B,0x82,0x44,0x2E,0x49,0x53,0x41,  /* 00000A80    ".[.D.ISA" */
    9.59 +    0x10,0x5B,0x82,0x4C,0x31,0x49,0x53,0x41,  /* 00000A80    ".[.L1ISA" */
    9.60      0x5F,0x08,0x5F,0x41,0x44,0x52,0x0C,0x00,  /* 00000A88    "_._ADR.." */
    9.61      0x00,0x01,0x00,0x5B,0x80,0x50,0x49,0x52,  /* 00000A90    "...[.PIR" */
    9.62      0x51,0x02,0x0A,0x60,0x0A,0x04,0x10,0x2E,  /* 00000A98    "Q..`...." */
    9.63 @@ -440,6 +440,13 @@ unsigned char AmlCode[] =
    9.64      0x09,0x5F,0x53,0x54,0x41,0x00,0xA4,0x0A,  /* 00000D48    "._STA..." */
    9.65      0x0F,0x08,0x5F,0x43,0x52,0x53,0x11,0x10,  /* 00000D50    ".._CRS.." */
    9.66      0x0A,0x0D,0x47,0x01,0xF8,0x03,0xF8,0x03,  /* 00000D58    "..G....." */
    9.67 -    0x01,0x08,0x22,0x10,0x00,0x79,0x00,
    9.68 +    0x01,0x08,0x22,0x10,0x00,0x79,0x00,0x5B,  /* 00000D60    ".."..y.[" */
    9.69 +    0x82,0x36,0x4C,0x54,0x50,0x31,0x08,0x5F,  /* 00000D68    ".6LTP1._" */
    9.70 +    0x48,0x49,0x44,0x0C,0x41,0xD0,0x04,0x00,  /* 00000D70    "HID.A..." */
    9.71 +    0x08,0x5F,0x55,0x49,0x44,0x0A,0x02,0x14,  /* 00000D78    "._UID..." */
    9.72 +    0x09,0x5F,0x53,0x54,0x41,0x00,0xA4,0x0A,  /* 00000D80    "._STA..." */
    9.73 +    0x0F,0x08,0x5F,0x43,0x52,0x53,0x11,0x10,  /* 00000D88    ".._CRS.." */
    9.74 +    0x0A,0x0D,0x47,0x01,0x78,0x03,0x78,0x03,  /* 00000D90    "..G.x.x." */
    9.75 +    0x08,0x08,0x22,0x80,0x00,0x79,0x00,
    9.76  };
    9.77  int DsdtLen=sizeof(AmlCode);
    10.1 --- a/tools/firmware/hvmloader/config.h	Mon Jul 16 14:20:16 2007 -0500
    10.2 +++ b/tools/firmware/hvmloader/config.h	Tue Jul 17 10:20:21 2007 +0100
    10.3 @@ -9,7 +9,7 @@
    10.4  #define LAPIC_ID(vcpu_id)   ((vcpu_id) * 2)
    10.5  
    10.6  #define PCI_ISA_DEVFN       0x08    /* dev 1, fn 0 */
    10.7 -#define PCI_ISA_IRQ_MASK    0x0ca0U /* ISA IRQs 5,7,10,11 are PCI connected */
    10.8 +#define PCI_ISA_IRQ_MASK    0x0c20U /* ISA IRQs 5,10,11 are PCI connected */
    10.9  
   10.10  #define ROMBIOS_SEG            0xF000
   10.11  #define ROMBIOS_BEGIN          0x000F0000
    11.1 --- a/tools/firmware/hvmloader/hvmloader.c	Mon Jul 16 14:20:16 2007 -0500
    11.2 +++ b/tools/firmware/hvmloader/hvmloader.c	Tue Jul 17 10:20:21 2007 +0100
    11.3 @@ -180,15 +180,13 @@ static void pci_setup(void)
    11.4      unsigned int bar, pin, link, isa_irq;
    11.5  
    11.6      /* Program PCI-ISA bridge with appropriate link routes. */
    11.7 -    link = 0;
    11.8 -    for ( isa_irq = 0; isa_irq < 15; isa_irq++ )
    11.9 +    isa_irq = 0;
   11.10 +    for ( link = 0; link < 4; link++ )
   11.11      {
   11.12 -        if ( !(PCI_ISA_IRQ_MASK & (1U << isa_irq)) )
   11.13 -            continue;
   11.14 +        do { isa_irq = (isa_irq + 1) & 15;
   11.15 +        } while ( !(PCI_ISA_IRQ_MASK & (1U << isa_irq)) );
   11.16          pci_writeb(PCI_ISA_DEVFN, 0x60 + link, isa_irq);
   11.17          printf("PCI-ISA link %u routed to IRQ%u\n", link, isa_irq);
   11.18 -        if ( link++ == 4 )
   11.19 -            break;
   11.20      }
   11.21  
   11.22      /* Program ELCR to match PCI-wired IRQs. */
    12.1 --- a/tools/firmware/rombios/rombios.c	Mon Jul 16 14:20:16 2007 -0500
    12.2 +++ b/tools/firmware/rombios/rombios.c	Tue Jul 17 10:20:21 2007 +0100
    12.3 @@ -9146,78 +9146,78 @@ pci_routing_table_structure:
    12.4    db 0 ;; pci bus number
    12.5    db 0x08 ;; pci device number (bit 7-3)
    12.6    db 0x61 ;; link value INTA#: pointer into PCI2ISA config space
    12.7 -  dw 0x0ca0 ;; IRQ bitmap INTA# 
    12.8 +  dw 0x0c20 ;; IRQ bitmap INTA# 
    12.9    db 0x62 ;; link value INTB#
   12.10 -  dw 0x0ca0 ;; IRQ bitmap INTB# 
   12.11 +  dw 0x0c20 ;; IRQ bitmap INTB# 
   12.12    db 0x63 ;; link value INTC#
   12.13 -  dw 0x0ca0 ;; IRQ bitmap INTC# 
   12.14 +  dw 0x0c20 ;; IRQ bitmap INTC# 
   12.15    db 0x60 ;; link value INTD#
   12.16 -  dw 0x0ca0 ;; IRQ bitmap INTD#
   12.17 +  dw 0x0c20 ;; IRQ bitmap INTD#
   12.18    db 0 ;; physical slot (0 = embedded)
   12.19    db 0 ;; reserved
   12.20    ;; second slot entry: 1st PCI slot
   12.21    db 0 ;; pci bus number
   12.22    db 0x10 ;; pci device number (bit 7-3)
   12.23    db 0x62 ;; link value INTA#
   12.24 -  dw 0x0ca0 ;; IRQ bitmap INTA# 
   12.25 +  dw 0x0c20 ;; IRQ bitmap INTA# 
   12.26    db 0x63 ;; link value INTB#
   12.27 -  dw 0x0ca0 ;; IRQ bitmap INTB# 
   12.28 +  dw 0x0c20 ;; IRQ bitmap INTB# 
   12.29    db 0x60 ;; link value INTC#
   12.30 -  dw 0x0ca0 ;; IRQ bitmap INTC# 
   12.31 +  dw 0x0c20 ;; IRQ bitmap INTC# 
   12.32    db 0x61 ;; link value INTD#
   12.33 -  dw 0x0ca0 ;; IRQ bitmap INTD#
   12.34 +  dw 0x0c20 ;; IRQ bitmap INTD#
   12.35    db 1 ;; physical slot (0 = embedded)
   12.36    db 0 ;; reserved
   12.37    ;; third slot entry: 2nd PCI slot
   12.38    db 0 ;; pci bus number
   12.39    db 0x18 ;; pci device number (bit 7-3)
   12.40    db 0x63 ;; link value INTA#
   12.41 -  dw 0x0ca0 ;; IRQ bitmap INTA# 
   12.42 +  dw 0x0c20 ;; IRQ bitmap INTA# 
   12.43    db 0x60 ;; link value INTB#
   12.44 -  dw 0x0ca0 ;; IRQ bitmap INTB# 
   12.45 +  dw 0x0c20 ;; IRQ bitmap INTB# 
   12.46    db 0x61 ;; link value INTC#
   12.47 -  dw 0x0ca0 ;; IRQ bitmap INTC# 
   12.48 +  dw 0x0c20 ;; IRQ bitmap INTC# 
   12.49    db 0x62 ;; link value INTD#
   12.50 -  dw 0x0ca0 ;; IRQ bitmap INTD#
   12.51 +  dw 0x0c20 ;; IRQ bitmap INTD#
   12.52    db 2 ;; physical slot (0 = embedded)
   12.53    db 0 ;; reserved
   12.54    ;; 4th slot entry: 3rd PCI slot
   12.55    db 0 ;; pci bus number
   12.56    db 0x20 ;; pci device number (bit 7-3)
   12.57    db 0x60 ;; link value INTA#
   12.58 -  dw 0x0ca0 ;; IRQ bitmap INTA# 
   12.59 +  dw 0x0c20 ;; IRQ bitmap INTA# 
   12.60    db 0x61 ;; link value INTB#
   12.61 -  dw 0x0ca0 ;; IRQ bitmap INTB# 
   12.62 +  dw 0x0c20 ;; IRQ bitmap INTB# 
   12.63    db 0x62 ;; link value INTC#
   12.64 -  dw 0x0ca0 ;; IRQ bitmap INTC# 
   12.65 +  dw 0x0c20 ;; IRQ bitmap INTC# 
   12.66    db 0x63 ;; link value INTD#
   12.67 -  dw 0x0ca0 ;; IRQ bitmap INTD#
   12.68 +  dw 0x0c20 ;; IRQ bitmap INTD#
   12.69    db 3 ;; physical slot (0 = embedded)
   12.70    db 0 ;; reserved
   12.71    ;; 5th slot entry: 4rd PCI slot
   12.72    db 0 ;; pci bus number
   12.73    db 0x28 ;; pci device number (bit 7-3)
   12.74    db 0x61 ;; link value INTA#
   12.75 -  dw 0x0ca0 ;; IRQ bitmap INTA# 
   12.76 +  dw 0x0c20 ;; IRQ bitmap INTA# 
   12.77    db 0x62 ;; link value INTB#
   12.78 -  dw 0x0ca0 ;; IRQ bitmap INTB# 
   12.79 +  dw 0x0c20 ;; IRQ bitmap INTB# 
   12.80    db 0x63 ;; link value INTC#
   12.81 -  dw 0x0ca0 ;; IRQ bitmap INTC# 
   12.82 +  dw 0x0c20 ;; IRQ bitmap INTC# 
   12.83    db 0x60 ;; link value INTD#
   12.84 -  dw 0x0ca0 ;; IRQ bitmap INTD#
   12.85 +  dw 0x0c20 ;; IRQ bitmap INTD#
   12.86    db 4 ;; physical slot (0 = embedded)
   12.87    db 0 ;; reserved
   12.88    ;; 6th slot entry: 5rd PCI slot
   12.89    db 0 ;; pci bus number
   12.90    db 0x30 ;; pci device number (bit 7-3)
   12.91    db 0x62 ;; link value INTA#
   12.92 -  dw 0x0ca0 ;; IRQ bitmap INTA# 
   12.93 +  dw 0x0c20 ;; IRQ bitmap INTA# 
   12.94    db 0x63 ;; link value INTB#
   12.95 -  dw 0x0ca0 ;; IRQ bitmap INTB# 
   12.96 +  dw 0x0c20 ;; IRQ bitmap INTB# 
   12.97    db 0x60 ;; link value INTC#
   12.98 -  dw 0x0ca0 ;; IRQ bitmap INTC# 
   12.99 +  dw 0x0c20 ;; IRQ bitmap INTC# 
  12.100    db 0x61 ;; link value INTD#
  12.101 -  dw 0x0ca0 ;; IRQ bitmap INTD#
  12.102 +  dw 0x0c20 ;; IRQ bitmap INTD#
  12.103    db 5 ;; physical slot (0 = embedded)
  12.104    db 0 ;; reserved
  12.105  #endif // BX_PCIBIOS
    13.1 --- a/tools/ioemu/hw/ide.c	Mon Jul 16 14:20:16 2007 -0500
    13.2 +++ b/tools/ioemu/hw/ide.c	Tue Jul 17 10:20:21 2007 +0100
    13.3 @@ -596,7 +596,8 @@ static void ide_identify(IDEState *s)
    13.4      /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
    13.5      put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
    13.6      put_le16(p + 84, (1 << 14));
    13.7 -    put_le16(p + 85, (1 << 14));
    13.8 +    /* 14=nop 5=write_cache */
    13.9 +    put_le16(p + 85, (1 << 14) | (1 << 5));
   13.10      /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
   13.11      put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
   13.12      put_le16(p + 87, (1 << 14));
    14.1 --- a/tools/ioemu/hw/rtl8139.c	Mon Jul 16 14:20:16 2007 -0500
    14.2 +++ b/tools/ioemu/hw/rtl8139.c	Tue Jul 17 10:20:21 2007 +0100
    14.3 @@ -53,9 +53,8 @@
    14.4  /* debug RTL8139 card C+ mode only */
    14.5  //#define DEBUG_RTL8139CP 1
    14.6  
    14.7 -/* RTL8139 provides frame CRC with received packet, this feature seems to be
    14.8 -   ignored by most drivers, disabled by default */
    14.9 -//#define RTL8139_CALCULATE_RXCRC 1
   14.10 +/* Calculate CRCs propoerly on Rx packets */
   14.11 +#define RTL8139_CALCULATE_RXCRC 1
   14.12  
   14.13  /* Uncomment to enable on-board timer interrupts */
   14.14  //#define RTL8139_ONBOARD_TIMER 1
   14.15 @@ -754,7 +753,7 @@ static void rtl8139_write_buffer(RTL8139
   14.16          int wrapped = MOD2(s->RxBufAddr + size, s->RxBufferSize);
   14.17  
   14.18          /* write packet data */
   14.19 -        if (wrapped && s->RxBufferSize < 65536 && !rtl8139_RxWrap(s))
   14.20 +        if (wrapped && !(s->RxBufferSize < 65536 && rtl8139_RxWrap(s)))
   14.21          {
   14.22              DEBUG_PRINT((">>> RTL8139: rx packet wrapped in buffer at %d\n", size-wrapped));
   14.23  
   14.24 @@ -1030,7 +1029,7 @@ static void rtl8139_do_receive(void *opa
   14.25  
   14.26          /* write checksum */
   14.27  #if defined (RTL8139_CALCULATE_RXCRC)
   14.28 -        val = cpu_to_le32(crc32(~0, buf, size));
   14.29 +        val = cpu_to_le32(crc32(0, buf, size));
   14.30  #else
   14.31          val = 0;
   14.32  #endif
   14.33 @@ -1136,7 +1135,7 @@ static void rtl8139_do_receive(void *opa
   14.34  
   14.35          /* write checksum */
   14.36  #if defined (RTL8139_CALCULATE_RXCRC)
   14.37 -        val = cpu_to_le32(crc32(~0, buf, size));
   14.38 +        val = cpu_to_le32(crc32(0, buf, size));
   14.39  #else
   14.40          val = 0;
   14.41  #endif
    15.1 --- a/tools/ioemu/target-i386-dm/exec-dm.c	Mon Jul 16 14:20:16 2007 -0500
    15.2 +++ b/tools/ioemu/target-i386-dm/exec-dm.c	Tue Jul 17 10:20:21 2007 +0100
    15.3 @@ -446,18 +446,16 @@ extern unsigned long logdirty_bitmap_siz
    15.4  #if defined(__x86_64__) || defined(__i386__)
    15.5  static void memcpy_words(void *dst, void *src, size_t n)
    15.6  {
    15.7 -    asm (
    15.8 +    asm volatile (
    15.9          "   movl %%edx,%%ecx \n"
   15.10  #ifdef __x86_64__
   15.11          "   shrl $3,%%ecx    \n"
   15.12 -        "   andl $7,%%edx    \n"
   15.13          "   rep  movsq       \n"
   15.14          "   test $4,%%edx    \n"
   15.15          "   jz   1f          \n"
   15.16          "   movsl            \n"
   15.17  #else /* __i386__ */
   15.18          "   shrl $2,%%ecx    \n"
   15.19 -        "   andl $3,%%edx    \n"
   15.20          "   rep  movsl       \n"
   15.21  #endif
   15.22          "1: test $2,%%edx    \n"
   15.23 @@ -467,7 +465,7 @@ static void memcpy_words(void *dst, void
   15.24          "   jz   1f          \n"
   15.25          "   movsb            \n"
   15.26          "1:                  \n"
   15.27 -        : : "S" (src), "D" (dst), "d" (n) : "ecx" );
   15.28 +        : "+S" (src), "+D" (dst) : "d" (n) : "ecx", "memory" );
   15.29  }
   15.30  #else
   15.31  static void memcpy_words(void *dst, void *src, size_t n)
    16.1 --- a/tools/ioemu/target-i386-dm/helper2.c	Mon Jul 16 14:20:16 2007 -0500
    16.2 +++ b/tools/ioemu/target-i386-dm/helper2.c	Tue Jul 17 10:20:21 2007 +0100
    16.3 @@ -140,6 +140,7 @@ void cpu_reset(CPUX86State *env)
    16.4      if (xcHandle < 0)
    16.5          fprintf(logfile, "Cannot acquire xenctrl handle\n");
    16.6      else {
    16.7 +        xc_domain_shutdown_hook(xcHandle, domid);
    16.8          sts = xc_domain_shutdown(xcHandle, domid, SHUTDOWN_reboot);
    16.9          if (sts != 0)
   16.10              fprintf(logfile,
    17.1 --- a/tools/ioemu/vl.c	Mon Jul 16 14:20:16 2007 -0500
    17.2 +++ b/tools/ioemu/vl.c	Tue Jul 17 10:20:21 2007 +0100
    17.3 @@ -7141,13 +7141,8 @@ int main(int argc, char **argv)
    17.4          serial_devices[i][0] = '\0';
    17.5      serial_device_index = 0;
    17.6  
    17.7 -#ifndef CONFIG_DM
    17.8      pstrcpy(parallel_devices[0], sizeof(parallel_devices[0]), "vc");
    17.9      for(i = 1; i < MAX_PARALLEL_PORTS; i++)
   17.10 -#else
   17.11 -    /* Xen steals IRQ7 for PCI. Disable LPT1 by default. */
   17.12 -    for(i = 0; i < MAX_PARALLEL_PORTS; i++)
   17.13 -#endif
   17.14          parallel_devices[i][0] = '\0';
   17.15      parallel_device_index = 0;
   17.16      
    18.1 --- a/tools/ioemu/vl.h	Mon Jul 16 14:20:16 2007 -0500
    18.2 +++ b/tools/ioemu/vl.h	Tue Jul 17 10:20:21 2007 +0100
    18.3 @@ -1498,4 +1498,13 @@ void destroy_hvm_domain(void);
    18.4  /* VNC Authentication */
    18.5  #define AUTHCHALLENGESIZE 16
    18.6  
    18.7 +#ifdef __ia64__
    18.8 +static inline void xc_domain_shutdown_hook(int xc_handle, uint32_t domid)
    18.9 +{
   18.10 +	xc_ia64_save_to_nvram(xc_handle, domid);
   18.11 +}
   18.12 +#else
   18.13 +#define xc_domain_shutdown_hook(xc_handle, domid)	do {} while (0)
   18.14 +#endif
   18.15 +
   18.16  #endif /* VL_H */
    19.1 --- a/tools/libxc/ia64/xc_dom_ia64_util.c	Mon Jul 16 14:20:16 2007 -0500
    19.2 +++ b/tools/libxc/ia64/xc_dom_ia64_util.c	Tue Jul 17 10:20:21 2007 +0100
    19.3 @@ -104,7 +104,7 @@ xen_ia64_is_vcpu_allocated(struct xc_dom
    19.4      if (rc == 0)
    19.5          return 1;
    19.6  
    19.7 -    if (rc != -ESRCH)
    19.8 +    if (errno != ESRCH)
    19.9          PERROR("Could not get vcpu info");
   19.10      return 0;
   19.11  }
    20.1 --- a/tools/libxc/ia64/xc_ia64_hvm_build.c	Mon Jul 16 14:20:16 2007 -0500
    20.2 +++ b/tools/libxc/ia64/xc_ia64_hvm_build.c	Tue Jul 17 10:20:21 2007 +0100
    20.3 @@ -623,6 +623,21 @@ copy_from_nvram_to_GFW(int xc_handle, ui
    20.4  
    20.5  
    20.6  /*
    20.7 + *Check is the address where NVRAM data located valid
    20.8 + */
    20.9 +static int is_valid_address(void *addr)
   20.10 +{
   20.11 +    struct nvram_save_addr *p = (struct nvram_save_addr *)addr;	
   20.12 +
   20.13 +    if ( p->signature == NVRAM_VALID_SIG )
   20.14 +        return 1;
   20.15 +    else {
   20.16 +        PERROR("Invalid nvram signature. Nvram save failed!\n");
   20.17 +        return 0;
   20.18 +    }
   20.19 +}
   20.20 +
   20.21 +/*
   20.22   * GFW use 4k page. when doing foreign map, we should 16k align
   20.23   * the address and map one more page to guarantee all 64k nvram data 
   20.24   * can be got.
   20.25 @@ -667,7 +682,11 @@ copy_from_GFW_to_nvram(int xc_handle, ui
   20.26          return -1;
   20.27      }
   20.28  
   20.29 -    addr_from_GFW_4k_align = *((uint64_t *)tmp_ptr);
   20.30 +    /* Check is NVRAM data vaild */
   20.31 +    if ( !is_valid_address(tmp_ptr) )
   20.32 +        return -1;
   20.33 +
   20.34 +    addr_from_GFW_4k_align = ((struct nvram_save_addr *)tmp_ptr)->addr;
   20.35      munmap(tmp_ptr, PAGE_SIZE);
   20.36  
   20.37      // align address to 16k
    21.1 --- a/tools/libxc/xc_domain.c	Mon Jul 16 14:20:16 2007 -0500
    21.2 +++ b/tools/libxc/xc_domain.c	Tue Jul 17 10:20:21 2007 +0100
    21.3 @@ -588,6 +588,27 @@ int xc_domain_ioport_permission(int xc_h
    21.4      return do_domctl(xc_handle, &domctl);
    21.5  }
    21.6  
    21.7 +int xc_availheap(int xc_handle,
    21.8 +                 int min_width,
    21.9 +                 int max_width,
   21.10 +                 int node,
   21.11 +                 uint64_t *bytes)
   21.12 +{
   21.13 +    DECLARE_SYSCTL;
   21.14 +    int rc;
   21.15 +
   21.16 +    sysctl.cmd = XEN_SYSCTL_availheap;
   21.17 +    sysctl.u.availheap.min_bitwidth = min_width;
   21.18 +    sysctl.u.availheap.max_bitwidth = max_width;
   21.19 +    sysctl.u.availheap.node = node;
   21.20 +
   21.21 +    rc = xc_sysctl(xc_handle, &sysctl);
   21.22 +
   21.23 +    *bytes = sysctl.u.availheap.avail_bytes;
   21.24 +
   21.25 +    return rc;
   21.26 +}
   21.27 +
   21.28  int xc_vcpu_setcontext(int xc_handle,
   21.29                         uint32_t domid,
   21.30                         uint32_t vcpu,
   21.31 @@ -697,6 +718,18 @@ int xc_get_hvm_param(int handle, domid_t
   21.32      return rc;
   21.33  }
   21.34  
   21.35 +int xc_domain_setdebugging(int xc_handle,
   21.36 +                           uint32_t domid,
   21.37 +                           unsigned int enable)
   21.38 +{
   21.39 +    DECLARE_DOMCTL;
   21.40 +
   21.41 +    domctl.cmd = XEN_DOMCTL_setdebugging;
   21.42 +    domctl.domain = domid;
   21.43 +    domctl.u.setdebugging.enable = enable;
   21.44 +    return do_domctl(xc_handle, &domctl);
   21.45 +}
   21.46 +
   21.47  /*
   21.48   * Local variables:
   21.49   * mode: C
    22.1 --- a/tools/libxc/xc_linux.c	Mon Jul 16 14:20:16 2007 -0500
    22.2 +++ b/tools/libxc/xc_linux.c	Tue Jul 17 10:20:21 2007 +0100
    22.3 @@ -456,7 +456,7 @@ void *xc_gnttab_map_grant_refs(int xcg_h
    22.4  
    22.5      map->count = count;
    22.6      
    22.7 -    if ( ioctl(xcg_handle, IOCTL_GNTDEV_MAP_GRANT_REF, &map) )
    22.8 +    if ( ioctl(xcg_handle, IOCTL_GNTDEV_MAP_GRANT_REF, map) )
    22.9          goto out;
   22.10  
   22.11      addr = mmap(NULL, PAGE_SIZE * count, prot, MAP_SHARED, xcg_handle,
    23.1 --- a/tools/libxc/xc_ptrace.c	Mon Jul 16 14:20:16 2007 -0500
    23.2 +++ b/tools/libxc/xc_ptrace.c	Tue Jul 17 10:20:21 2007 +0100
    23.3 @@ -566,10 +566,7 @@ xc_ptrace(
    23.4          }
    23.5          if ( request == PTRACE_DETACH )
    23.6          {
    23.7 -            domctl.cmd = XEN_DOMCTL_setdebugging;
    23.8 -            domctl.domain = current_domid;
    23.9 -            domctl.u.setdebugging.enable = 0;
   23.10 -            if ((retval = do_domctl(xc_handle, &domctl)))
   23.11 +            if ((retval = xc_domain_setdebugging(xc_handle, current_domid, 0)))
   23.12                  goto out_error_domctl;
   23.13          }
   23.14          regs_valid = 0;
   23.15 @@ -593,10 +590,7 @@ xc_ptrace(
   23.16          else if ((retval = xc_domain_pause(xc_handle, current_domid)))
   23.17              goto out_error_domctl;
   23.18          current_is_hvm = !!(domctl.u.getdomaininfo.flags&XEN_DOMINF_hvm_guest);
   23.19 -        domctl.cmd = XEN_DOMCTL_setdebugging;
   23.20 -        domctl.domain = current_domid;
   23.21 -        domctl.u.setdebugging.enable = 1;
   23.22 -        if ((retval = do_domctl(xc_handle, &domctl)))
   23.23 +        if ((retval = xc_domain_setdebugging(xc_handle, current_domid, 1)))
   23.24              goto out_error_domctl;
   23.25  
   23.26          if (get_online_cpumap(xc_handle, &domctl.u.getdomaininfo, &cpumap))
    24.1 --- a/tools/libxc/xenctrl.h	Mon Jul 16 14:20:16 2007 -0500
    24.2 +++ b/tools/libxc/xenctrl.h	Tue Jul 17 10:20:21 2007 +0100
    24.3 @@ -433,6 +433,18 @@ int xc_domain_send_trigger(int xc_handle
    24.4                             uint32_t trigger,
    24.5                             uint32_t vcpu);
    24.6  
    24.7 +/**
    24.8 + * This function enables or disable debugging of a domain.
    24.9 + *
   24.10 + * @parm xc_handle a handle to an open hypervisor interface
   24.11 + * @parm domid the domain id to send trigger
   24.12 + * @parm enable true to enable debugging
   24.13 + * return 0 on success, -1 on failure
   24.14 + */
   24.15 +int xc_domain_setdebugging(int xc_handle,
   24.16 +                           uint32_t domid,
   24.17 +                           unsigned int enable);
   24.18 +
   24.19  /*
   24.20   * EVENT CHANNEL FUNCTIONS
   24.21   */
   24.22 @@ -616,6 +628,20 @@ int xc_get_pfn_type_batch(int xc_handle,
   24.23  /* Get current total pages allocated to a domain. */
   24.24  long xc_get_tot_pages(int xc_handle, uint32_t domid);
   24.25  
   24.26 +/**
   24.27 + * This function retrieves the the number of bytes available
   24.28 + * in the heap in a specific range of address-widths and nodes.
   24.29 + * 
   24.30 + * @parm xc_handle a handle to an open hypervisor interface
   24.31 + * @parm domid the domain to query
   24.32 + * @parm min_width the smallest address width to query (0 if don't care)
   24.33 + * @parm max_width the largest address width to query (0 if don't care)
   24.34 + * @parm node the node to query (-1 for all)
   24.35 + * @parm *bytes caller variable to put total bytes counted
   24.36 + * @return 0 on success, <0 on failure.
   24.37 + */
   24.38 +int xc_availheap(int xc_handle, int min_width, int max_width, int node,
   24.39 +                 uint64_t *bytes);
   24.40  
   24.41  /*
   24.42   * Trace Buffer Operations
    25.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    25.2 +++ b/tools/libxen/include/xen/api/xen_acmpolicy.h	Tue Jul 17 10:20:21 2007 +0100
    25.3 @@ -0,0 +1,117 @@
    25.4 +/*
    25.5 + * Copyright (c) 2007, IBM Corp.
    25.6 + * Copyright (c) 2007, XenSource Inc.
    25.7 + *
    25.8 + * This library is free software; you can redistribute it and/or
    25.9 + * modify it under the terms of the GNU Lesser General Public
   25.10 + * License as published by the Free Software Foundation; either
   25.11 + * version 2.1 of the License, or (at your option) any later version.
   25.12 + *
   25.13 + * This library is distributed in the hope that it will be useful,
   25.14 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
   25.15 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
   25.16 + * Lesser General Public License for more details.
   25.17 + *
   25.18 + * You should have received a copy of the GNU Lesser General Public
   25.19 + * License along with this library; if not, write to the Free Software
   25.20 + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
   25.21 + */
   25.22 +
   25.23 +#ifndef XEN_ACMPOLICY_H
   25.24 +#define XEN_ACMPOLICY_H
   25.25 +
   25.26 +#include "xen_common.h"
   25.27 +#include "xen_string_string_map.h"
   25.28 +#include "xen_xspolicy_decl.h"
   25.29 +#include "xen_vm_decl.h"
   25.30 +
   25.31 +/*
   25.32 + * Data structures.
   25.33 + */
   25.34 +
   25.35 +typedef struct xen_acmpolicy_record
   25.36 +{
   25.37 +    xen_xspolicy handle;
   25.38 +    char *uuid;
   25.39 +    char *repr;
   25.40 +    xs_instantiationflags flags;
   25.41 +    xs_type type;
   25.42 +} xen_acmpolicy_record;
   25.43 +
   25.44 +/**
   25.45 + * Allocate a xen_acmpolicy_record.
   25.46 + */
   25.47 +extern xen_acmpolicy_record *
   25.48 +xen_acmpolicy_record_alloc(void);
   25.49 +
   25.50 +/**
   25.51 + * Free the given xen_xspolicy_record, and all referenced values.  The
   25.52 + * given record must have been allocated by this library.
   25.53 + */
   25.54 +extern void
   25.55 +xen_acmpolicy_record_free(xen_acmpolicy_record *record);
   25.56 +
   25.57 +
   25.58 +/**
   25.59 + * Data structures for the policy's header
   25.60 + */
   25.61 +typedef struct xen_acm_header
   25.62 +{
   25.63 +    char *policyname;
   25.64 +    char *policyurl;
   25.65 +    char *date;
   25.66 +    char *reference;
   25.67 +    char *namespaceurl;
   25.68 +    char *version;
   25.69 +} xen_acm_header;
   25.70 +
   25.71 +extern xen_acm_header *
   25.72 +xen_acm_header_alloc(void);
   25.73 +
   25.74 +extern void
   25.75 +xen_acm_header_free(xen_acm_header *hdr);
   25.76 +
   25.77 +/**
   25.78 + * Get the referenced policy's record.
   25.79 + */
   25.80 +bool
   25.81 +xen_acmpolicy_get_record(xen_session *session, xen_acmpolicy_record **result,
   25.82 +                         xen_xspolicy xspolicy);
   25.83 +
   25.84 +/**
   25.85 + * Get the header of a  policy.
   25.86 + */
   25.87 +extern bool
   25.88 +xen_acmpolicy_get_header(xen_session *session, xen_acm_header **hdr,
   25.89 +                         xen_xspolicy xspolicy);
   25.90 +
   25.91 +
   25.92 +/**
   25.93 + * Get the XML representation of the policy.
   25.94 + */
   25.95 +extern bool
   25.96 +xen_acmpolicy_get_xml(xen_session *session, char **xml,
   25.97 +                      xen_xspolicy xspolicy);
   25.98 +
   25.99 +/**
  25.100 + * Get the mapping file of the policy.
  25.101 + */
  25.102 +extern bool
  25.103 +xen_acmpolicy_get_map(xen_session *session, char **map,
  25.104 +                      xen_xspolicy xspolicy);
  25.105 +
  25.106 +/**
  25.107 + * Get the binary representation (base64-encoded) of the policy.
  25.108 + */
  25.109 +extern bool
  25.110 +xen_acmpolicy_get_binary(xen_session *session, char **binary,
  25.111 +                         xen_xspolicy xspolicy);
  25.112 +
  25.113 +/**
  25.114 + * Get the UUID filed of the given policy.
  25.115 + */
  25.116 +bool
  25.117 +xen_acmpolicy_get_uuid(xen_session *session, char **result,
  25.118 +                       xen_xspolicy xspolicy);
  25.119 +
  25.120 +#endif
    26.1 --- a/tools/libxen/include/xen/api/xen_vdi.h	Mon Jul 16 14:20:16 2007 -0500
    26.2 +++ b/tools/libxen/include/xen/api/xen_vdi.h	Tue Jul 17 10:20:21 2007 +0100
    26.3 @@ -344,4 +344,17 @@ extern bool
    26.4  xen_vdi_get_all(xen_session *session, struct xen_vdi_set **result);
    26.5  
    26.6  
    26.7 +/**
    26.8 + * Set the security label of a VDI.
    26.9 + */
   26.10 +extern bool
   26.11 +xen_vdi_set_security_label(xen_session *session, int64_t *result, xen_vdi vdi,
   26.12 +                           char *label, char *oldlabel);
   26.13 +
   26.14 +/**
   26.15 + * Get the security label of a VDI.
   26.16 + */
   26.17 +extern bool
   26.18 +xen_vdi_get_security_label(xen_session *session, char **result, xen_vdi vdi);
   26.19 +
   26.20  #endif
    27.1 --- a/tools/libxen/include/xen/api/xen_vm.h	Mon Jul 16 14:20:16 2007 -0500
    27.2 +++ b/tools/libxen/include/xen/api/xen_vm.h	Tue Jul 17 10:20:21 2007 +0100
    27.3 @@ -112,6 +112,7 @@ typedef struct xen_vm_record
    27.4      bool is_control_domain;
    27.5      struct xen_vm_metrics_record_opt *metrics;
    27.6      struct xen_vm_guest_metrics_record_opt *guest_metrics;
    27.7 +    char *security_label;
    27.8  } xen_vm_record;
    27.9  
   27.10  /**
   27.11 @@ -891,4 +892,17 @@ extern bool
   27.12  xen_vm_get_all(xen_session *session, struct xen_vm_set **result);
   27.13  
   27.14  
   27.15 +/**
   27.16 + * Set the security label of a domain.
   27.17 + */
   27.18 +extern bool
   27.19 +xen_vm_set_security_label(xen_session *session, int64_t *result, xen_vm vm,
   27.20 +                          char *label, char *oldlabel);
   27.21 +
   27.22 +/**
   27.23 + * Get the security label of a domain.
   27.24 + */
   27.25 +extern bool
   27.26 +xen_vm_get_security_label(xen_session *session, char **result, xen_vm vm);
   27.27 +
   27.28  #endif
    28.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    28.2 +++ b/tools/libxen/include/xen/api/xen_xspolicy.h	Tue Jul 17 10:20:21 2007 +0100
    28.3 @@ -0,0 +1,271 @@
    28.4 +/*
    28.5 + * Copyright (c) 2007, IBM Corp.
    28.6 + * Copyright (c) 2007, XenSource Inc.
    28.7 + *
    28.8 + * This library is free software; you can redistribute it and/or
    28.9 + * modify it under the terms of the GNU Lesser General Public
   28.10 + * License as published by the Free Software Foundation; either
   28.11 + * version 2.1 of the License, or (at your option) any later version.
   28.12 + *
   28.13 + * This library is distributed in the hope that it will be useful,
   28.14 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
   28.15 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
   28.16 + * Lesser General Public License for more details.
   28.17 + *
   28.18 + * You should have received a copy of the GNU Lesser General Public
   28.19 + * License along with this library; if not, write to the Free Software
   28.20 + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
   28.21 + */
   28.22 +
   28.23 +#ifndef XEN_XSPOLICY_H
   28.24 +#define XEN_XSPOLICY_H
   28.25 +
   28.26 +#include "xen_common.h"
   28.27 +#include "xen_xspolicy_decl.h"
   28.28 +#include "xen_string_string_map.h"
   28.29 +
   28.30 +
   28.31 +/*
   28.32 + * The XSPolicy and associated data structures.
   28.33 + *
   28.34 + */
   28.35 +typedef int64_t xs_type;
   28.36 +typedef int64_t xs_instantiationflags;
   28.37 +
   28.38 +enum xs_type {
   28.39 +    XS_POLICY_ACM = (1 << 0),
   28.40 +};
   28.41 +
   28.42 +enum xs_instantiationflags {
   28.43 +    XS_INST_NONE = 0,
   28.44 +    XS_INST_BOOT = (1 << 0),
   28.45 +    XS_INST_LOAD = (1 << 1),
   28.46 +};
   28.47 +
   28.48 +
   28.49 +/* Error codes returned by xend following XSPolicy operations */
   28.50 +#define XSERR_BASE                       0x1000
   28.51 +
   28.52 +#define XSERR_SUCCESS                    0
   28.53 +#define XSERR_GENERAL_FAILURE            1 + XSERR_BASE
   28.54 +#define XSERR_BAD_XML                    2 + XSERR_BASE
   28.55 +#define XSERR_XML_PROCESSING             3 + XSERR_BASE
   28.56 +#define XSERR_POLICY_INCONSISTENT        4 + XSERR_BASE
   28.57 +#define XSERR_FILE_ERROR                 5 + XSERR_BASE
   28.58 +#define XSERR_BAD_RESOURCE_FORMAT        6 + XSERR_BASE
   28.59 +#define XSERR_BAD_LABEL_FORMAT           7 + XSERR_BASE
   28.60 +#define XSERR_RESOURCE_NOT_LABELED       8 + XSERR_BASE
   28.61 +#define XSERR_RESOURCE_ALREADY_LABELED   9 + XSERR_BASE
   28.62 +#define XSERR_WRONG_POLICY_TYPE         10 + XSERR_BASE
   28.63 +#define XSERR_BOOTPOLICY_INSTALLED      11 + XSERR_BASE
   28.64 +#define XSERR_NO_DEFAULT_BOOT_TITLE     12 + XSERR_BASE
   28.65 +#define XSERR_POLICY_LOAD_FAILED        13 + XSERR_BASE
   28.66 +#define XSERR_POLICY_LOADED             14 + XSERR_BASE
   28.67 +#define XSERR_POLICY_TYPE_UNSUPPORTED   15 + XSERR_BASE
   28.68 +#define XSERR_BAD_CONFLICTSET           20 + XSERR_BASE
   28.69 +#define XSERR_RESOURCE_IN_USE           21 + XSERR_BASE
   28.70 +#define XSERR_BAD_POLICY_NAME           22 + XSERR_BASE
   28.71 +#define XSERR_RESOURCE_ACCESS           23 + XSERR_BASE
   28.72 +#define XSERR_HV_OP_FAILED              24 + XSERR_BASE
   28.73 +#define XSERR_BOOTPOLICY_INSTALL_ERROR  25 + XSERR_BASE
   28.74 +
   28.75 +
   28.76 +/**
   28.77 + * Free the given xen_xspolicy.  The given handle must have been allocated
   28.78 + * by this library.
   28.79 + */
   28.80 +extern void
   28.81 +xen_xspolicy_free(xen_xspolicy xspolicy);
   28.82 +
   28.83 +
   28.84 +typedef struct xen_xspolicy_set
   28.85 +{
   28.86 +    size_t size;
   28.87 +    xen_xspolicy *contents[];
   28.88 +} xen_xspolicy_set;
   28.89 +
   28.90 +/**
   28.91 + * Allocate a xen_xspolicy_set of the given size.
   28.92 + */
   28.93 +extern xen_xspolicy_set *
   28.94 +xen_xspolicy_set_alloc(size_t size);
   28.95 +
   28.96 +/**
   28.97 + * Free the given xen_xspolicy_set.  The given set must have been allocated
   28.98 + * by this library.
   28.99 + */
  28.100 +extern void
  28.101 +xen_xspolicy_set_free(xen_xspolicy_set *set);
  28.102 +
  28.103 +
  28.104 +typedef struct xen_xspolicy_record
  28.105 +{
  28.106 +    xen_xspolicy handle;
  28.107 +    char *uuid;
  28.108 +    char *repr;
  28.109 +    xs_instantiationflags flags;
  28.110 +    xs_type type;
  28.111 +} xen_xspolicy_record;
  28.112 +
  28.113 +/**
  28.114 + * Allocate a xen_xspolicy_record.
  28.115 + */
  28.116 +extern xen_xspolicy_record *
  28.117 +xen_xspolicy_record_alloc(void);
  28.118 +
  28.119 +/**
  28.120 + * Free the given xen_xspolicy_record, and all referenced values.  The
  28.121 + * given record must have been allocated by this library.
  28.122 + */
  28.123 +extern void
  28.124 +xen_xspolicy_record_free(xen_xspolicy_record *record);
  28.125 +
  28.126 +
  28.127 +typedef struct xen_xspolicy_record_opt
  28.128 +{
  28.129 +    bool is_record;
  28.130 +    union
  28.131 +    {
  28.132 +        xen_xspolicy handle;
  28.133 +        xen_xspolicy_record *record;
  28.134 +    } u;
  28.135 +} xen_xspolicy_record_opt;
  28.136 +
  28.137 +/**
  28.138 + * Allocate a xen_xspolicy_record_opt.
  28.139 + */
  28.140 +extern xen_xspolicy_record_opt *
  28.141 +xen_xspolicy_record_opt_alloc(void);
  28.142 +
  28.143 +/**
  28.144 + * Free the given xen_xspolicy_record_opt, and all referenced values.  The
  28.145 + * given record_opt must have been allocated by this library.
  28.146 + */
  28.147 +extern void
  28.148 +xen_xspolicy_record_opt_free(xen_xspolicy_record_opt *record_opt);
  28.149 +
  28.150 +
  28.151 +typedef struct xen_xspolicy_record_set
  28.152 +{
  28.153 +    size_t size;
  28.154 +    xen_xspolicy_record *contents[];
  28.155 +} xen_xspolicy_record_set;
  28.156 +
  28.157 +/**
  28.158 + * Allocate a xen_xspolicy_record_set of the given size.
  28.159 + */
  28.160 +extern xen_xspolicy_record_set *
  28.161 +xen_xspolicy_record_set_alloc(size_t size);
  28.162 +
  28.163 +/**
  28.164 + * Free the given xen_xspolicy_record_set, and all referenced values.  The
  28.165 + * given set must have been allocated by this library.
  28.166 + */
  28.167 +extern void
  28.168 +xen_xspolicy_record_set_free(xen_xspolicy_record_set *set);
  28.169 +
  28.170 +/**
  28.171 + * Data structures and function declarations for an XS Policy's state
  28.172 + * information.
  28.173 + */
  28.174 +typedef struct xen_xs_policystate
  28.175 +{
  28.176 +    xen_xspolicy_record_opt *xs_ref;
  28.177 +    int64_t xserr;
  28.178 +    char *repr;
  28.179 +    xs_type type;
  28.180 +    xs_instantiationflags flags;
  28.181 +    char *version;
  28.182 +    char *errors;
  28.183 +} xen_xs_policystate;
  28.184 +
  28.185 +void
  28.186 +xen_xs_policystate_free(xen_xs_policystate *state);
  28.187 +
  28.188 +
  28.189 +/**
  28.190 + * Get the referenced policy's record.
  28.191 + */
  28.192 +bool
  28.193 +xen_xspolicy_get_record(xen_session *session, xen_xspolicy_record **result,
  28.194 +                        xen_xspolicy xspolicy);
  28.195 +
  28.196 +/**
  28.197 + * Get the UUID field of the given policy.
  28.198 + */
  28.199 +bool
  28.200 +xen_xspolicy_get_uuid(xen_session *session, char **result,
  28.201 +                      xen_xspolicy xspolicy);
  28.202 +
  28.203 +/**
  28.204 + * Get a policy given it's UUID
  28.205 + */
  28.206 +bool
  28.207 +xen_xspolicy_get_by_uuid(xen_session *session, xen_xspolicy *result,
  28.208 +                         char *uuid);
  28.209 +
  28.210 +
  28.211 +/**
  28.212 + * Get the types of policies supported by the system.
  28.213 + */
  28.214 +bool
  28.215 +xen_xspolicy_get_xstype(xen_session *session, xs_type *result);
  28.216 +
  28.217 +
  28.218 +/**
  28.219 + * Get information about the currently managed policy.
  28.220 + * (The API allows only one policy to be on the system.)
  28.221 + */
  28.222 +bool
  28.223 +xen_xspolicy_get_xspolicy(xen_session *session, xen_xs_policystate **result);
  28.224 +
  28.225 +/**
  28.226 + * Activate the referenced policy by loading it into the hypervisor.
  28.227 + */
  28.228 +bool
  28.229 +xen_xspolicy_activate_xspolicy(xen_session *session, int64_t *result,
  28.230 +                               xen_xspolicy xspolicy,
  28.231 +                               xs_instantiationflags flags);
  28.232 +
  28.233 +
  28.234 +/**
  28.235 + * Set the system's policy to the given information comprising
  28.236 + * type of policy, the xml representation of the policy, some flags
  28.237 + * on whether to load the policy immediately and whether to overwrite
  28.238 + * an existing policy on the system.
  28.239 + */
  28.240 +bool
  28.241 +xen_xspolicy_set_xspolicy(xen_session *session, xen_xs_policystate **result,
  28.242 +                          xs_type type, char *repr, int64_t flags,
  28.243 +                          bool overwrite);
  28.244 +
  28.245 +
  28.246 +/**
  28.247 + * Remove any policy from having the system booted with.
  28.248 + */
  28.249 +extern bool
  28.250 +xen_xspolicy_rm_xsbootpolicy(xen_session *session);
  28.251 +
  28.252 +/**
  28.253 + * Retrieve all labeled resources.
  28.254 + */
  28.255 +extern bool
  28.256 +xen_xspolicy_get_labeled_resources(xen_session *session,
  28.257 +                                   xen_string_string_map **resources);
  28.258 +
  28.259 +/**
  28.260 + * Label a resource such as for example a hard drive partition or file
  28.261 + */
  28.262 +extern bool
  28.263 +xen_xspolicy_set_resource_label(xen_session *session,
  28.264 +                                char *resource, char *label,
  28.265 +                                char *oldlabel);
  28.266 +
  28.267 +/**
  28.268 + * Get the label of a resource.
  28.269 + */
  28.270 +extern bool
  28.271 +xen_xspolicy_get_resource_label(xen_session *session, char **label,
  28.272 +                                char *resource);
  28.273 +
  28.274 +#endif
    29.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    29.2 +++ b/tools/libxen/include/xen/api/xen_xspolicy_decl.h	Tue Jul 17 10:20:21 2007 +0100
    29.3 @@ -0,0 +1,31 @@
    29.4 +/*
    29.5 + * Copyright (c) 2007, IBM Corp.
    29.6 + * Copyright (c) 2007, XenSource Inc.
    29.7 + *
    29.8 + * This library is free software; you can redistribute it and/or
    29.9 + * modify it under the terms of the GNU Lesser General Public
   29.10 + * License as published by the Free Software Foundation; either
   29.11 + * version 2.1 of the License, or (at your option) any later version.
   29.12 + *
   29.13 + * This library is distributed in the hope that it will be useful,
   29.14 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
   29.15 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
   29.16 + * Lesser General Public License for more details.
   29.17 + *
   29.18 + * You should have received a copy of the GNU Lesser General Public
   29.19 + * License along with this library; if not, write to the Free Software
   29.20 + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
   29.21 + */
   29.22 +
   29.23 +#ifndef XEN_XSPOLICY_DECL_H
   29.24 +#define XEN_XSPOLICY_DECL_H
   29.25 +
   29.26 +typedef void *xen_xspolicy;
   29.27 +
   29.28 +struct xen_xspolicy_set;
   29.29 +struct xen_xspolicy_record;
   29.30 +struct xen_xspolicy_record_set;
   29.31 +struct xen_xspolicy_record_opt;
   29.32 +struct xen_xspolicy_record_opt_set;
   29.33 +
   29.34 +#endif
    30.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    30.2 +++ b/tools/libxen/src/xen_acmpolicy.c	Tue Jul 17 10:20:21 2007 +0100
    30.3 @@ -0,0 +1,234 @@
    30.4 +/*
    30.5 + * Copyright (c) 2007, IBM Corp.
    30.6 + * Copyright (c) 2007, XenSource Inc.
    30.7 + *
    30.8 + * This library is free software; you can redistribute it and/or
    30.9 + * modify it under the terms of the GNU Lesser General Public
   30.10 + * License as published by the Free Software Foundation; either
   30.11 + * version 2.1 of the License, or (at your option) any later version.
   30.12 + *
   30.13 + * This library is distributed in the hope that it will be useful,
   30.14 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
   30.15 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
   30.16 + * Lesser General Public License for more details.
   30.17 + *
   30.18 + * You should have received a copy of the GNU Lesser General Public
   30.19 + * License along with this library; if not, write to the Free Software
   30.20 + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
   30.21 + */
   30.22 +
   30.23 +
   30.24 +#include <stddef.h>
   30.25 +#include <stdlib.h>
   30.26 +
   30.27 +#include "xen_internal.h"
   30.28 +#include "xen/api/xen_common.h"
   30.29 +#include "xen/api/xen_xspolicy.h"
   30.30 +#include "xen/api/xen_acmpolicy.h"
   30.31 +
   30.32 +
   30.33 +static const struct_member xen_acmpolicy_record_struct_members[] =
   30.34 +    {
   30.35 +        { .key = "uuid",
   30.36 +          .type = &abstract_type_string,
   30.37 +          .offset = offsetof(xen_acmpolicy_record, uuid) },
   30.38 +        { .key = "flags",
   30.39 +          .type = &abstract_type_int,
   30.40 +          .offset = offsetof(xen_acmpolicy_record, flags) },
   30.41 +        { .key = "repr",
   30.42 +          .type = &abstract_type_string,
   30.43 +          .offset = offsetof(xen_acmpolicy_record, repr) },
   30.44 +        { .key = "type",
   30.45 +          .type = &abstract_type_int,
   30.46 +          .offset = offsetof(xen_acmpolicy_record, type) },
   30.47 +    };
   30.48 +
   30.49 +const abstract_type xen_acmpolicy_record_abstract_type_ =
   30.50 +    {
   30.51 +       .typename = STRUCT,
   30.52 +       .struct_size = sizeof(xen_acmpolicy_record),
   30.53 +       .member_count =
   30.54 +          sizeof(xen_acmpolicy_record_struct_members) / sizeof(struct_member),
   30.55 +       .members = xen_acmpolicy_record_struct_members
   30.56 +    };
   30.57 +
   30.58 +
   30.59 +static const struct_member xen_acm_header_struct_members[] =
   30.60 +    {
   30.61 +        { .key = "policyname",
   30.62 +          .type = &abstract_type_string,
   30.63 +          .offset = offsetof(xen_acm_header, policyname) },
   30.64 +        { .key = "policyurl",
   30.65 +          .type = &abstract_type_string,
   30.66 +          .offset = offsetof(xen_acm_header, policyurl) },
   30.67 +        { .key = "date",
   30.68 +          .type = &abstract_type_string,
   30.69 +          .offset = offsetof(xen_acm_header, date) },
   30.70 +        { .key = "reference",
   30.71 +          .type = &abstract_type_string,
   30.72 +          .offset = offsetof(xen_acm_header, reference) },
   30.73 +        { .key = "namespaceurl",
   30.74 +          .type = &abstract_type_string,
   30.75 +          .offset = offsetof(xen_acm_header, namespaceurl) },
   30.76 +        { .key = "version",
   30.77 +          .type = &abstract_type_string,
   30.78 +          .offset = offsetof(xen_acm_header, version) },
   30.79 +    };
   30.80 +
   30.81 +const abstract_type xen_acm_header_abstract_type_ =
   30.82 +    {
   30.83 +        .typename = STRUCT,
   30.84 +        .struct_size = sizeof(xen_acm_header),
   30.85 +        .member_count =
   30.86 +            sizeof(xen_acm_header_struct_members) /
   30.87 +            sizeof(struct_member),
   30.88 +        .members = xen_acm_header_struct_members,
   30.89 +    };
   30.90 +
   30.91 +void
   30.92 +xen_acm_header_free(xen_acm_header *shdr)
   30.93 +{
   30.94 +    if (shdr == NULL)
   30.95 +    {
   30.96 +        return;
   30.97 +    }
   30.98 +    free(shdr->policyname);
   30.99 +    free(shdr->policyurl);
  30.100 +    free(shdr->date);
  30.101 +    free(shdr->reference);
  30.102 +    free(shdr->namespaceurl);
  30.103 +    free(shdr->version);
  30.104 +    free(shdr);
  30.105 +}
  30.106 +
  30.107 +
  30.108 +void
  30.109 +xen_acmpolicy_record_free(xen_acmpolicy_record *record)
  30.110 +{
  30.111 +    if (record == NULL)
  30.112 +    {
  30.113 +        return;
  30.114 +    }
  30.115 +    free(record->handle);
  30.116 +    free(record->uuid);
  30.117 +    free(record->repr);
  30.118 +    free(record);
  30.119 +}
  30.120 +
  30.121 +
  30.122 +
  30.123 +bool
  30.124 +xen_acmpolicy_get_record(xen_session *session, xen_acmpolicy_record **result,
  30.125 +                         xen_xspolicy xspolicy)
  30.126 +{
  30.127 +    abstract_value param_values[] =
  30.128 +        {
  30.129 +            { .type = &abstract_type_string,
  30.130 +              .u.string_val = xspolicy }
  30.131 +        };
  30.132 +
  30.133 +    abstract_type result_type = xen_acmpolicy_record_abstract_type_;
  30.134 +
  30.135 +    *result = NULL;
  30.136 +    XEN_CALL_("ACMPolicy.get_record");
  30.137 +
  30.138 +    if (session->ok)
  30.139 +    {
  30.140 +       (*result)->handle = xen_strdup_((*result)->uuid);
  30.141 +    }
  30.142 +
  30.143 +    return session->ok;
  30.144 +}
  30.145 +
  30.146 +
  30.147 +bool
  30.148 +xen_acmpolicy_get_header(xen_session *session,
  30.149 +                         xen_acm_header **result,
  30.150 +                         xen_xspolicy xspolicy)
  30.151 +{
  30.152 +    abstract_value param_values[] =
  30.153 +        {
  30.154 +            { .type = &abstract_type_string,
  30.155 +              .u.string_val = xspolicy },
  30.156 +        };
  30.157 +
  30.158 +    abstract_type result_type = xen_acm_header_abstract_type_;
  30.159 +
  30.160 +    *result = NULL;
  30.161 +    XEN_CALL_("ACMPolicy.get_header");
  30.162 +    return session->ok;
  30.163 +}
  30.164 +
  30.165 +
  30.166 +bool
  30.167 +xen_acmpolicy_get_xml(xen_session *session,
  30.168 +                      char **result,
  30.169 +                      xen_xspolicy xspolicy)
  30.170 +{
  30.171 +    abstract_value param_values[] =
  30.172 +        {
  30.173 +            { .type = &abstract_type_string,
  30.174 +              .u.string_val = xspolicy },
  30.175 +        };
  30.176 +
  30.177 +    abstract_type result_type = abstract_type_string;
  30.178 +
  30.179 +    *result = NULL;
  30.180 +    XEN_CALL_("ACMPolicy.get_xml");
  30.181 +    return session->ok;
  30.182 +}
  30.183 +
  30.184 +
  30.185 +bool
  30.186 +xen_acmpolicy_get_map(xen_session *session,
  30.187 +                      char **result,
  30.188 +                      xen_xspolicy xspolicy)
  30.189 +{
  30.190 +    abstract_value param_values[] =
  30.191 +        {
  30.192 +            { .type = &abstract_type_string,
  30.193 +              .u.string_val = xspolicy },
  30.194 +        };
  30.195 +
  30.196 +    abstract_type result_type = abstract_type_string;
  30.197 +
  30.198 +    *result = NULL;
  30.199 +    XEN_CALL_("ACMPolicy.get_map");
  30.200 +    return session->ok;
  30.201 +}
  30.202 +
  30.203 +
  30.204 +bool
  30.205 +xen_acmpolicy_get_binary(xen_session *session, char **result,
  30.206 +                         xen_xspolicy xspolicy)
  30.207 +{
  30.208 +    abstract_value param_values[] =
  30.209 +        {
  30.210 +            { .type = &abstract_type_string,
  30.211 +              .u.string_val = xspolicy },
  30.212 +        };
  30.213 +
  30.214 +    abstract_type result_type = abstract_type_string;
  30.215 +
  30.216 +    *result = NULL;
  30.217 +    XEN_CALL_("ACMPolicy.get_binary");
  30.218 +    return session->ok;
  30.219 +}
  30.220 +
  30.221 +
  30.222 +bool
  30.223 +xen_acmpolicy_get_uuid(xen_session *session, char **result,
  30.224 +                       xen_xspolicy xspolicy)
  30.225 +{
  30.226 +    abstract_value param_values[] =
  30.227 +        {
  30.228 +            { .type = &abstract_type_string,
  30.229 +              .u.string_val = xspolicy }
  30.230 +        };
  30.231 +
  30.232 +    abstract_type result_type = abstract_type_string;
  30.233 +
  30.234 +    *result = NULL;
  30.235 +    XEN_CALL_("ACMPolicy.get_uuid");
  30.236 +    return session->ok;
  30.237 +}
    31.1 --- a/tools/libxen/src/xen_vdi.c	Mon Jul 16 14:20:16 2007 -0500
    31.2 +++ b/tools/libxen/src/xen_vdi.c	Tue Jul 17 10:20:21 2007 +0100
    31.3 @@ -534,3 +534,42 @@ xen_vdi_get_uuid(xen_session *session, c
    31.4      XEN_CALL_("VDI.get_uuid");
    31.5      return session->ok;
    31.6  }
    31.7 +
    31.8 +
    31.9 +bool
   31.10 +xen_vdi_set_security_label(xen_session *session, int64_t *result, xen_vdi vdi,
   31.11 +                           char *label, char *oldlabel)
   31.12 +{
   31.13 +    abstract_value param_values[] =
   31.14 +        {
   31.15 +            { .type = &abstract_type_string,
   31.16 +              .u.string_val = vdi },
   31.17 +            { .type = &abstract_type_string,
   31.18 +              .u.string_val = label },
   31.19 +            { .type = &abstract_type_string,
   31.20 +              .u.string_val = oldlabel },
   31.21 +        };
   31.22 +
   31.23 +    abstract_type result_type = abstract_type_int;
   31.24 +
   31.25 +    *result = 0;
   31.26 +    XEN_CALL_("VDI.set_security_label");
   31.27 +    return session->ok;
   31.28 +}
   31.29 +
   31.30 +
   31.31 +bool
   31.32 +xen_vdi_get_security_label(xen_session *session, char **result, xen_vdi vdi)
   31.33 +{
   31.34 +    abstract_value param_values[] =
   31.35 +        {
   31.36 +            { .type = &abstract_type_string,
   31.37 +              .u.string_val = vdi },
   31.38 +        };
   31.39 +
   31.40 +    abstract_type result_type = abstract_type_string;
   31.41 +
   31.42 +    *result = NULL;
   31.43 +    XEN_CALL_("VDI.get_security_label");
   31.44 +    return session->ok;
   31.45 +}
    32.1 --- a/tools/libxen/src/xen_vm.c	Mon Jul 16 14:20:16 2007 -0500
    32.2 +++ b/tools/libxen/src/xen_vm.c	Tue Jul 17 10:20:21 2007 +0100
    32.3 @@ -162,7 +162,10 @@ static const struct_member xen_vm_record
    32.4            .offset = offsetof(xen_vm_record, metrics) },
    32.5          { .key = "guest_metrics",
    32.6            .type = &abstract_type_ref,
    32.7 -          .offset = offsetof(xen_vm_record, guest_metrics) }
    32.8 +          .offset = offsetof(xen_vm_record, guest_metrics) },
    32.9 +        { .key = "security_label",
   32.10 +          .type = &abstract_type_string,
   32.11 +          .offset = offsetof(xen_vm_record, security_label) }
   32.12      };
   32.13  
   32.14  const abstract_type xen_vm_record_abstract_type_ =
   32.15 @@ -206,6 +209,7 @@ xen_vm_record_free(xen_vm_record *record
   32.16      xen_string_string_map_free(record->other_config);
   32.17      xen_vm_metrics_record_opt_free(record->metrics);
   32.18      xen_vm_guest_metrics_record_opt_free(record->guest_metrics);
   32.19 +    free(record->security_label);
   32.20      free(record);
   32.21  }
   32.22  
   32.23 @@ -1738,3 +1742,42 @@ xen_vm_get_uuid(xen_session *session, ch
   32.24      XEN_CALL_("VM.get_uuid");
   32.25      return session->ok;
   32.26  }
   32.27 +
   32.28 +
   32.29 +bool
   32.30 +xen_vm_set_security_label(xen_session *session, int64_t *result, xen_vm vm,
   32.31 +                          char *label, char *oldlabel)
   32.32 +{
   32.33 +    abstract_value param_values[] =
   32.34 +        {
   32.35 +            { .type = &abstract_type_string,
   32.36 +              .u.string_val = vm },
   32.37 +            { .type = &abstract_type_string,
   32.38 +              .u.string_val = label },
   32.39 +            { .type = &abstract_type_string,
   32.40 +              .u.string_val = oldlabel },
   32.41 +        };
   32.42 +
   32.43 +    abstract_type result_type = abstract_type_int;
   32.44 +
   32.45 +    *result = 0;
   32.46 +    XEN_CALL_("VM.set_security_label");
   32.47 +    return session->ok;
   32.48 +}
   32.49 +
   32.50 +
   32.51 +bool
   32.52 +xen_vm_get_security_label(xen_session *session, char **result, xen_vm vm)
   32.53 +{
   32.54 +    abstract_value param_values[] =
   32.55 +        {
   32.56 +            { .type = &abstract_type_string,
   32.57 +              .u.string_val = vm },
   32.58 +        };
   32.59 +
   32.60 +    abstract_type result_type = abstract_type_string;
   32.61 +
   32.62 +    *result = NULL;
   32.63 +    XEN_CALL_("VM.get_security_label");
   32.64 +    return session->ok;
   32.65 +}
    33.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    33.2 +++ b/tools/libxen/src/xen_xspolicy.c	Tue Jul 17 10:20:21 2007 +0100
    33.3 @@ -0,0 +1,327 @@
    33.4 +/*
    33.5 + * Copyright (c) 2007, IBM Corp.
    33.6 + * Copyright (c) 2007, XenSource Inc.
    33.7 + *
    33.8 + * This library is free software; you can redistribute it and/or
    33.9 + * modify it under the terms of the GNU Lesser General Public
   33.10 + * License as published by the Free Software Foundation; either
   33.11 + * version 2.1 of the License, or (at your option) any later version.
   33.12 + *
   33.13 + * This library is distributed in the hope that it will be useful,
   33.14 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
   33.15 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
   33.16 + * Lesser General Public License for more details.
   33.17 + *
   33.18 + * You should have received a copy of the GNU Lesser General Public
   33.19 + * License along with this library; if not, write to the Free Software
   33.20 + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
   33.21 + */
   33.22 +
   33.23 +
   33.24 +#include <stddef.h>
   33.25 +#include <stdlib.h>
   33.26 +
   33.27 +#include "xen/api/xen_common.h"
   33.28 +#include "xen/api/xen_internal.h"
   33.29 +#include "xen/api/xen_xspolicy.h"
   33.30 +
   33.31 +
   33.32 +XEN_FREE(xen_xspolicy)
   33.33 +XEN_SET_ALLOC_FREE(xen_xspolicy)
   33.34 +XEN_RECORD_OPT_FREE(xen_xspolicy)
   33.35 +
   33.36 +static const struct_member xen_xspolicy_record_struct_members[] =
   33.37 +    {
   33.38 +        { .key = "uuid",
   33.39 +          .type = &abstract_type_string,
   33.40 +          .offset = offsetof(xen_xspolicy_record, uuid) },
   33.41 +        { .key = "flags",
   33.42 +          .type = &abstract_type_int,
   33.43 +          .offset = offsetof(xen_xspolicy_record, flags) },
   33.44 +        { .key = "repr",
   33.45 +          .type = &abstract_type_string,
   33.46 +          .offset = offsetof(xen_xspolicy_record, repr) },
   33.47 +        { .key = "type",
   33.48 +          .type = &abstract_type_int,
   33.49 +          .offset = offsetof(xen_xspolicy_record, type) },
   33.50 +    };
   33.51 +
   33.52 +const abstract_type xen_xspolicy_record_abstract_type_ =
   33.53 +    {
   33.54 +       .typename = STRUCT,
   33.55 +       .struct_size = sizeof(xen_xspolicy_record),
   33.56 +       .member_count =
   33.57 +           sizeof(xen_xspolicy_record_struct_members) / sizeof(struct_member),
   33.58 +       .members = xen_xspolicy_record_struct_members
   33.59 +    };
   33.60 +
   33.61 +
   33.62 +static const struct_member xen_xs_policystate_struct_members[] =
   33.63 +    {
   33.64 +        { .key = "xs_ref",
   33.65 +          .type = &abstract_type_ref,
   33.66 +          .offset = offsetof(xen_xs_policystate, xs_ref) },
   33.67 +        { .key = "xserr",
   33.68 +          .type = &abstract_type_int,
   33.69 +          .offset = offsetof(xen_xs_policystate, xserr) },
   33.70 +        { .key = "repr",
   33.71 +          .type = &abstract_type_string,
   33.72 +          .offset = offsetof(xen_xs_policystate, repr) },
   33.73 +        { .key = "type",
   33.74 +          .type = &abstract_type_int,
   33.75 +          .offset = offsetof(xen_xs_policystate, type) },
   33.76 +        { .key = "flags",
   33.77 +          .type = &abstract_type_int,
   33.78 +          .offset = offsetof(xen_xs_policystate, flags) },
   33.79 +        { .key = "version",
   33.80 +          .type = &abstract_type_string,
   33.81 +          .offset = offsetof(xen_xs_policystate, version) },
   33.82 +        { .key = "errors",
   33.83 +          .type = &abstract_type_string,
   33.84 +          .offset = offsetof(xen_xs_policystate, errors) },
   33.85 +    };
   33.86 +
   33.87 +const abstract_type xen_xs_policystate_abstract_type_ =
   33.88 +    {
   33.89 +        .typename = STRUCT,
   33.90 +        .struct_size = sizeof(xen_xs_policystate),
   33.91 +        .member_count =
   33.92 +            sizeof(xen_xs_policystate_struct_members) /
   33.93 +            sizeof(struct_member),
   33.94 +        .members = xen_xs_policystate_struct_members,
   33.95 +    };
   33.96 +
   33.97 +
   33.98 +
   33.99 +
  33.100 +void
  33.101 +xen_xs_policystate_free(xen_xs_policystate *state)
  33.102 +{
  33.103 +    if (state == NULL)
  33.104 +    {
  33.105 +        return;
  33.106 +    }
  33.107 +    xen_xspolicy_record_opt_free(state->xs_ref);
  33.108 +    free(state->repr);
  33.109 +    free(state->errors);
  33.110 +    free(state->version);
  33.111 +    free(state);
  33.112 +}
  33.113 +
  33.114 +
  33.115 +void
  33.116 +xen_xspolicy_record_free(xen_xspolicy_record *record)
  33.117 +{
  33.118 +    if (record == NULL)
  33.119 +    {
  33.120 +        return;
  33.121 +    }
  33.122 +    free(record->handle);
  33.123 +    free(record->uuid);
  33.124 +    free(record->repr);
  33.125 +    free(record);
  33.126 +}
  33.127 +
  33.128 +
  33.129 +bool
  33.130 +xen_xspolicy_get_record(xen_session *session, xen_xspolicy_record **result,
  33.131 +                        xen_xspolicy xspolicy)
  33.132 +{
  33.133 +    abstract_value param_values[] =
  33.134 +        {
  33.135 +            { .type = &abstract_type_string,
  33.136 +              .u.string_val = xspolicy }
  33.137 +        };
  33.138 +
  33.139 +    abstract_type result_type = xen_xspolicy_record_abstract_type_;
  33.140 +
  33.141 +    *result = NULL;
  33.142 +    XEN_CALL_("XSPolicy.get_record");
  33.143 +
  33.144 +    if (session->ok)
  33.145 +    {
  33.146 +       (*result)->handle = xen_strdup_((*result)->uuid);
  33.147 +    }
  33.148 +
  33.149 +    return session->ok;
  33.150 +}
  33.151 +
  33.152 +
  33.153 +bool
  33.154 +xen_xspolicy_get_uuid(xen_session *session, char **result,
  33.155 +                      xen_xspolicy xspolicy)
  33.156 +{
  33.157 +    abstract_value param_values[] =
  33.158 +        {
  33.159 +            { .type = &abstract_type_string,
  33.160 +              .u.string_val = xspolicy }
  33.161 +        };
  33.162 +
  33.163 +    abstract_type result_type = abstract_type_string;
  33.164 +
  33.165 +    *result = NULL;
  33.166 +    XEN_CALL_("XSPolicy.get_uuid");
  33.167 +    return session->ok;
  33.168 +}
  33.169 +
  33.170 +
  33.171 +bool
  33.172 +xen_xspolicy_get_by_uuid(xen_session *session, xen_xspolicy *result,
  33.173 +                         char *uuid)
  33.174 +{
  33.175 +    abstract_value param_values[] =
  33.176 +        {
  33.177 +            { .type = &abstract_type_string,
  33.178 +              .u.string_val = uuid }
  33.179 +        };
  33.180 +
  33.181 +    abstract_type result_type = abstract_type_string;
  33.182 +
  33.183 +    *result = NULL;
  33.184 +    XEN_CALL_("XSPolicy.get_by_uuid");
  33.185 +    return session->ok;
  33.186 +}
  33.187 +
  33.188 +
  33.189 +bool
  33.190 +xen_xspolicy_get_xstype(xen_session *session, xs_type *result)
  33.191 +{
  33.192 +    abstract_value param_values[] =
  33.193 +        {
  33.194 +        };
  33.195 +
  33.196 +    abstract_type result_type = abstract_type_int;
  33.197 +
  33.198 +    *result = 0;
  33.199 +    XEN_CALL_("XSPolicy.get_xstype");
  33.200 +    return session->ok;
  33.201 +}
  33.202 +
  33.203 +
  33.204 +bool
  33.205 +xen_xspolicy_set_xspolicy(xen_session *session, xen_xs_policystate **result,
  33.206 +                          xs_type type, char *repr,
  33.207 +                          xs_instantiationflags flags,
  33.208 +                          bool overwrite)
  33.209 +{
  33.210 +    abstract_value param_values[] =
  33.211 +        {
  33.212 +            { .type = &abstract_type_int,
  33.213 +              .u.int_val = type },
  33.214 +            { .type = &abstract_type_string,
  33.215 +              .u.string_val = repr },
  33.216 +            { .type = &abstract_type_int,
  33.217 +              .u.int_val = flags },
  33.218 +            { .type = &abstract_type_bool,
  33.219 +              .u.bool_val = overwrite }
  33.220 +        };
  33.221 +
  33.222 +    abstract_type result_type = xen_xs_policystate_abstract_type_;
  33.223 +
  33.224 +    *result = NULL;
  33.225 +    XEN_CALL_("XSPolicy.set_xspolicy");
  33.226 +    return session->ok;
  33.227 +}
  33.228 +
  33.229 +
  33.230 +bool
  33.231 +xen_xspolicy_get_xspolicy(xen_session *session, xen_xs_policystate **result)
  33.232 +{
  33.233 +    abstract_value param_values[] =
  33.234 +        {
  33.235 +        };
  33.236 +
  33.237 +    abstract_type result_type = xen_xs_policystate_abstract_type_;
  33.238 +
  33.239 +    *result = NULL;
  33.240 +    XEN_CALL_("XSPolicy.get_xspolicy");
  33.241 +    return session->ok;
  33.242 +}
  33.243 +
  33.244 +
  33.245 +bool
  33.246 +xen_xspolicy_get_labeled_resources(xen_session *session,
  33.247 +                                   xen_string_string_map **result)
  33.248 +{
  33.249 +    abstract_value param_values[] =
  33.250 +        {
  33.251 +        };
  33.252 +
  33.253 +    abstract_type result_type = abstract_type_string_string_map;
  33.254 +
  33.255 +    *result = NULL;
  33.256 +    XEN_CALL_("XSPolicy.get_labeled_resources");
  33.257 +    return session->ok;
  33.258 +}
  33.259 +
  33.260 +
  33.261 +bool
  33.262 +xen_xspolicy_set_resource_label(xen_session *session,
  33.263 +                                char *resource, char *label,
  33.264 +                                char *oldlabel)
  33.265 +{
  33.266 +    abstract_value param_values[] =
  33.267 +        {
  33.268 +            { .type = &abstract_type_string,
  33.269 +              .u.string_val = resource },
  33.270 +            { .type = &abstract_type_string,
  33.271 +              .u.string_val = label },
  33.272 +            { .type = &abstract_type_string,
  33.273 +              .u.string_val = oldlabel },
  33.274 +        };
  33.275 +
  33.276 +    xen_call_(session, "XSPolicy.set_resource_label", param_values, 3,
  33.277 +                       NULL, NULL);
  33.278 +    return session->ok;
  33.279 +}
  33.280 +
  33.281 +
  33.282 +bool
  33.283 +xen_xspolicy_get_resource_label(xen_session *session, char **result,
  33.284 +                                char *resource)
  33.285 +{
  33.286 +    abstract_value param_values[] =
  33.287 +        {
  33.288 +            { .type = &abstract_type_string,
  33.289 +              .u.string_val = resource },
  33.290 +        };
  33.291 +
  33.292 +    abstract_type result_type = abstract_type_string;
  33.293 +    XEN_CALL_("XSPolicy.get_resource_label");
  33.294 +    return session->ok;
  33.295 +}
  33.296 +
  33.297 +
  33.298 +bool
  33.299 +xen_xspolicy_rm_xsbootpolicy(xen_session *session)
  33.300 +{
  33.301 +    abstract_value param_values[] =
  33.302 +        {
  33.303 +        };
  33.304 +
  33.305 +    xen_call_(session, "XSPolicy.rm_xsbootpolicy", param_values, 0,
  33.306 +                       NULL, NULL);
  33.307 +    return session->ok;
  33.308 +}
  33.309 +
  33.310 +
  33.311 +bool
  33.312 +xen_xspolicy_activate_xspolicy(xen_session *session,
  33.313 +                               xs_instantiationflags *result,
  33.314 +                               xen_xspolicy xspolicy,
  33.315 +                               xs_instantiationflags flags)
  33.316 +{
  33.317 +    abstract_value param_values[] =
  33.318 +        {
  33.319 +            { .type = &abstract_type_string,
  33.320 +              .u.string_val = xspolicy },
  33.321 +            { .type = &abstract_type_int,
  33.322 +              .u.int_val = flags },
  33.323 +        };
  33.324 +
  33.325 +    abstract_type result_type = abstract_type_int;
  33.326 +
  33.327 +    *result = 0;
  33.328 +    XEN_CALL_("XSPolicy.activate_xspolicy");
  33.329 +    return session->ok;
  33.330 +}
    34.1 --- a/tools/python/xen/util/acmpolicy.py	Mon Jul 16 14:20:16 2007 -0500
    34.2 +++ b/tools/python/xen/util/acmpolicy.py	Tue Jul 17 10:20:21 2007 +0100
    34.3 @@ -57,12 +57,20 @@ class ACMPolicy(XSPolicy):
    34.4      def __init__(self, name=None, dom=None, ref=None, xml=None):
    34.5          if name:
    34.6              self.name = name
    34.7 -            self.dom = minidom.parse(self.path_from_policy_name(name))
    34.8 +            try:
    34.9 +                self.dom = minidom.parse(self.path_from_policy_name(name))
   34.10 +            except Exception, e:
   34.11 +                raise SecurityError(-xsconstants.XSERR_XML_PROCESSING,
   34.12 +                                    str(e))
   34.13          elif dom:
   34.14              self.dom = dom
   34.15              self.name = self.get_name()
   34.16          elif xml:
   34.17 -            self.dom = minidom.parseString(xml)
   34.18 +            try:
   34.19 +                self.dom = minidom.parseString(xml)
   34.20 +            except Exception, e:
   34.21 +                raise SecurityError(-xsconstants.XSERR_XML_PROCESSING,
   34.22 +                                    str(e))
   34.23              self.name = self.get_name()
   34.24          rc = self.validate()
   34.25          if rc != xsconstants.XSERR_SUCCESS:
   34.26 @@ -481,7 +489,8 @@ class ACMPolicy(XSPolicy):
   34.27          strings = []
   34.28          i = 0
   34.29          while i < len(node.childNodes):
   34.30 -            if node.childNodes[i].nodeName == "Type":
   34.31 +            if node.childNodes[i].nodeName == "Type" and \
   34.32 +               len(node.childNodes[i].childNodes) > 0:
   34.33                  strings.append(node.childNodes[i].childNodes[0].nodeValue)
   34.34              i += 1
   34.35          return strings
   34.36 @@ -564,7 +573,8 @@ class ACMPolicy(XSPolicy):
   34.37              while i < len(node.childNodes):
   34.38                  if node.childNodes[i].nodeName == "VirtualMachineLabel":
   34.39                      name = self.policy_dom_get(node.childNodes[i], "Name")
   34.40 -                    strings.append(name.childNodes[0].nodeValue)
   34.41 +                    if len(name.childNodes) > 0:
   34.42 +                        strings.append(name.childNodes[0].nodeValue)
   34.43                  i += 1
   34.44          return strings
   34.45  
   34.46 @@ -592,23 +602,24 @@ class ACMPolicy(XSPolicy):
   34.47              i = 0
   34.48              while i < len(node.childNodes):
   34.49                  if node.childNodes[i].nodeName == "VirtualMachineLabel":
   34.50 -                    _res = {}
   34.51 -                    _res['type'] = xsconstants.ACM_LABEL_VM
   34.52                      name = self.policy_dom_get(node.childNodes[i], "Name")
   34.53 -                    _res['name'] = name.childNodes[0].nodeValue
   34.54 -                    stes = self.policy_dom_get(node.childNodes[i],
   34.55 -                                               "SimpleTypeEnforcementTypes")
   34.56 -                    if stes:
   34.57 -                        _res['stes'] = self.policy_get_types(stes)
   34.58 -                    else:
   34.59 -                        _res['stes'] = []
   34.60 -                    chws = self.policy_dom_get(node.childNodes[i],
   34.61 -                                               "ChineseWallTypes")
   34.62 -                    if chws:
   34.63 -                        _res['chws'] = self.policy_get_types(chws)
   34.64 -                    else:
   34.65 -                        _res['chws'] = []
   34.66 -                    res.append(_res)
   34.67 +                    if len(name.childNodes) > 0:
   34.68 +                        _res = {}
   34.69 +                        _res['type'] = xsconstants.ACM_LABEL_VM
   34.70 +                        _res['name'] = name.childNodes[0].nodeValue
   34.71 +                        stes = self.policy_dom_get(node.childNodes[i],
   34.72 +                                                 "SimpleTypeEnforcementTypes")
   34.73 +                        if stes:
   34.74 +                           _res['stes'] = self.policy_get_types(stes)
   34.75 +                        else:
   34.76 +                            _res['stes'] = []
   34.77 +                        chws = self.policy_dom_get(node.childNodes[i],
   34.78 +                                                   "ChineseWallTypes")
   34.79 +                        if chws:
   34.80 +                            _res['chws'] = self.policy_get_types(chws)
   34.81 +                        else:
   34.82 +                            _res['chws'] = []
   34.83 +                        res.append(_res)
   34.84                  i += 1
   34.85          return res
   34.86  
   34.87 @@ -628,7 +639,8 @@ class ACMPolicy(XSPolicy):
   34.88              while i < len(node.childNodes):
   34.89                  if node.childNodes[i].nodeName == labeltype:
   34.90                      name = self.policy_dom_get(node.childNodes[i], "Name")
   34.91 -                    if name.childNodes[0].nodeValue == label:
   34.92 +                    if len(name.childNodes) > 0 and \
   34.93 +                       name.childNodes[0].nodeValue == label:
   34.94                          stes = self.policy_dom_get(node.childNodes[i],
   34.95                                              "SimpleTypeEnforcementTypes")
   34.96                          if not stes:
   34.97 @@ -662,7 +674,7 @@ class ACMPolicy(XSPolicy):
   34.98                  if node.childNodes[i].nodeName == labeltype:
   34.99                      name = self.policy_dom_get(node.childNodes[i], "Name")
  34.100                      from_name = name.getAttribute("from")
  34.101 -                    if from_name:
  34.102 +                    if from_name and len(name.childNodes) > 0:
  34.103                          res.update({from_name : name.childNodes[0].nodeValue})
  34.104                  i += 1
  34.105          return res
  34.106 @@ -700,7 +712,7 @@ class ACMPolicy(XSPolicy):
  34.107                      name = self.policy_dom_get(node.childNodes[i], "Name")
  34.108                      stes = self.policy_dom_get(node.childNodes[i],
  34.109                                            "SimpleTypeEnforcementTypes")
  34.110 -                    if stes:
  34.111 +                    if stes and len(name.childNodes) > 0:
  34.112                          strings.append(name.childNodes[0].nodeValue)
  34.113                  i += 1
  34.114          return strings
  34.115 @@ -715,18 +727,19 @@ class ACMPolicy(XSPolicy):
  34.116              i = 0
  34.117              while i < len(node.childNodes):
  34.118                  if node.childNodes[i].nodeName == "ResourceLabel":
  34.119 -                    _res = {}
  34.120 -                    _res['type'] = xsconstants.ACM_LABEL_RES
  34.121                      name = self.policy_dom_get(node.childNodes[i], "Name")
  34.122 -                    _res['name'] = name.childNodes[0].nodeValue
  34.123 -                    stes = self.policy_dom_get(node.childNodes[i],
  34.124 -                                               "SimpleTypeEnforcementTypes")
  34.125 -                    if stes:
  34.126 -                        _res['stes'] = self.policy_get_types(stes)
  34.127 -                    else:
  34.128 -                        _res['stes'] = []
  34.129 -                    _res['chws'] = []
  34.130 -                    res.append(_res)
  34.131 +                    if len(name.childNodes) > 0:
  34.132 +                        _res = {}
  34.133 +                        _res['type'] = xsconstants.ACM_LABEL_RES
  34.134 +                        _res['name'] = name.childNodes[0].nodeValue
  34.135 +                        stes = self.policy_dom_get(node.childNodes[i],
  34.136 +                                                   "SimpleTypeEnforcementTypes")
  34.137 +                        if stes:
  34.138 +                            _res['stes'] = self.policy_get_types(stes)
  34.139 +                        else:
  34.140 +                            _res['stes'] = []
  34.141 +                        _res['chws'] = []
  34.142 +                        res.append(_res)
  34.143                  i += 1
  34.144          return res
  34.145  
    35.1 --- a/tools/python/xen/util/security.py	Mon Jul 16 14:20:16 2007 -0500
    35.2 +++ b/tools/python/xen/util/security.py	Tue Jul 17 10:20:21 2007 +0100
    35.3 @@ -155,75 +155,6 @@ def calc_dom_ssidref_from_info(info):
    35.4      raise VmError("security.calc_dom_ssidref_from_info: info of type '%s'"
    35.5                    "not supported." % type(info))
    35.6  
    35.7 -# Assumes a 'security' info  [security access_control ...] [ssidref ...]
    35.8 -def get_security_info(info, field):
    35.9 -    """retrieves security field from self.info['security'])
   35.10 -    allowed search fields: ssidref, label, policy
   35.11 -    """
   35.12 -    if isinstance(info, dict):
   35.13 -        security = info['security']
   35.14 -    elif isinstance(info, list):
   35.15 -        security = sxp.child_value(info, 'security')
   35.16 -    if not security:
   35.17 -        if field == 'ssidref':
   35.18 -            #return default ssid
   35.19 -            return 0
   35.20 -        else:
   35.21 -            err("Security information not found in info struct.")
   35.22 -
   35.23 -    if field == 'ssidref':
   35.24 -        search = 'ssidref'
   35.25 -    elif field in ['policy', 'label']:
   35.26 -            search = 'access_control'
   35.27 -    else:
   35.28 -        err("Illegal field in get_security_info.")
   35.29 -
   35.30 -    for idx in range(0, len(security)):
   35.31 -        if search != security[idx][0]:
   35.32 -            continue
   35.33 -        if search == 'ssidref':
   35.34 -            return int(security[idx][1])
   35.35 -        else:
   35.36 -            for aidx in range(0, len(security[idx])):
   35.37 -                if security[idx][aidx][0] == field:
   35.38 -                    return str(security[idx][aidx][1])
   35.39 -
   35.40 -    if search == 'ssidref':
   35.41 -        return 0
   35.42 -    else:
   35.43 -        return None
   35.44 -
   35.45 -
   35.46 -def get_security_printlabel(info):
   35.47 -    """retrieves printable security label from self.info['security']),
   35.48 -    preferably the label name and otherwise (if label is not specified
   35.49 -    in config and cannot be found in mapping file) a hex string of the
   35.50 -    ssidref or none if both not available
   35.51 -    """
   35.52 -    try:
   35.53 -        if not on():
   35.54 -            return "INACTIVE"
   35.55 -        if active_policy in ["DEFAULT"]:
   35.56 -            return "DEFAULT"
   35.57 -
   35.58 -        printlabel = get_security_info(info, 'label')
   35.59 -        if printlabel:
   35.60 -            return printlabel
   35.61 -        ssidref = get_security_info(info, 'ssidref')
   35.62 -        if not ssidref:
   35.63 -            return None
   35.64 -        #try to translate ssidref to a label
   35.65 -        result = ssidref2label(ssidref)
   35.66 -        if not result:
   35.67 -            printlabel = "0x%08x" % ssidref
   35.68 -        else:
   35.69 -            printlabel = result
   35.70 -        return printlabel
   35.71 -    except ACMError:
   35.72 -        #don't throw an exception in xm list
   35.73 -        return "ERROR"
   35.74 -
   35.75 -
   35.76  
   35.77  def getmapfile(policyname):
   35.78      """
    36.1 --- a/tools/python/xen/xend/XendConfig.py	Mon Jul 16 14:20:16 2007 -0500
    36.2 +++ b/tools/python/xen/xend/XendConfig.py	Tue Jul 17 10:20:21 2007 +0100
    36.3 @@ -636,6 +636,8 @@ class XendConfig(dict):
    36.4                  except ValueError, e:
    36.5                      raise XendConfigError('cpus = %s: %s' % (cfg['cpus'], e))
    36.6  
    36.7 +        if not 'security' in cfg and sxp.child_value(sxp_cfg, 'security'):
    36.8 +            cfg['security'] = sxp.child_value(sxp_cfg, 'security')
    36.9          if 'security' in cfg and not cfg.get('security_label'):
   36.10              secinfo = cfg['security']
   36.11              if isinstance(secinfo, list):
    37.1 --- a/tools/python/xen/xend/XendDomain.py	Mon Jul 16 14:20:16 2007 -0500
    37.2 +++ b/tools/python/xen/xend/XendDomain.py	Tue Jul 17 10:20:21 2007 +0100
    37.3 @@ -1164,6 +1164,10 @@ class XendDomain:
    37.4  
    37.5          if dominfo.getDomid() == DOM0_ID:
    37.6              raise XendError("Cannot dump core for privileged domain %s" % domid)
    37.7 +        if dominfo._stateGet() not in (DOM_STATE_PAUSED, DOM_STATE_RUNNING):
    37.8 +            raise VMBadState("Domain '%s' is not started" % domid,
    37.9 +                             POWER_STATE_NAMES[DOM_STATE_PAUSED],
   37.10 +                             POWER_STATE_NAMES[dominfo._stateGet()])
   37.11  
   37.12          try:
   37.13              log.info("Domain core dump requested for domain %s (%d) "
   37.14 @@ -1537,6 +1541,10 @@ class XendDomain:
   37.15          dominfo = self.domain_lookup_nr(domid)
   37.16          if not dominfo:
   37.17              raise XendInvalidDomain(str(domid))
   37.18 +        if dominfo._stateGet() not in (DOM_STATE_RUNNING, DOM_STATE_PAUSED):
   37.19 +            raise VMBadState("Domain '%s' is not started" % domid,
   37.20 +                             POWER_STATE_NAMES[DOM_STATE_RUNNING],
   37.21 +                             POWER_STATE_NAMES[dominfo._stateGet()])
   37.22          if trigger_name.lower() in TRIGGER_TYPE: 
   37.23              trigger = TRIGGER_TYPE[trigger_name.lower()]
   37.24          else:
    38.1 --- a/tools/python/xen/xend/XendDomainInfo.py	Mon Jul 16 14:20:16 2007 -0500
    38.2 +++ b/tools/python/xen/xend/XendDomainInfo.py	Tue Jul 17 10:20:21 2007 +0100
    38.3 @@ -459,6 +459,7 @@ class XendDomainInfo:
    38.4              hvm_pvdrv = xc.hvm_get_param(self.domid, HVM_PARAM_CALLBACK_IRQ)
    38.5              if not hvm_pvdrv:
    38.6                  code = REVERSE_DOMAIN_SHUTDOWN_REASONS[reason]
    38.7 +                xc.domain_destroy_hook(self.domid)
    38.8                  log.info("HVM save:remote shutdown dom %d!", self.domid)
    38.9                  xc.domain_shutdown(self.domid, code)
   38.10  
   38.11 @@ -1593,6 +1594,7 @@ class XendDomainInfo:
   38.12                  log.exception("Removing domain path failed.")
   38.13  
   38.14              self._stateSet(DOM_STATE_HALTED)
   38.15 +            self.domid = None  # Do not push into _stateSet()!
   38.16          finally:
   38.17              self.refresh_shutdown_lock.release()
   38.18  
    39.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    39.2 +++ b/tools/python/xen/xm/activatepolicy.py	Tue Jul 17 10:20:21 2007 +0100
    39.3 @@ -0,0 +1,86 @@
    39.4 +#============================================================================
    39.5 +# This library is free software; you can redistribute it and/or
    39.6 +# modify it under the terms of version 2.1 of the GNU Lesser General Public
    39.7 +# License as published by the Free Software Foundation.
    39.8 +#
    39.9 +# This library is distributed in the hope that it will be useful,
   39.10 +# but WITHOUT ANY WARRANTY; without even the implied warranty of
   39.11 +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
   39.12 +# Lesser General Public License for more details.
   39.13 +#
   39.14 +# You should have received a copy of the GNU Lesser General Public
   39.15 +# License along with this library; if not, write to the Free Software
   39.16 +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
   39.17 +#============================================================================
   39.18 +# Copyright (C) 2007 International Business Machines Corp.
   39.19 +# Author: Stefan Berger <stefanb@us.ibm.com>
   39.20 +#============================================================================
   39.21 +
   39.22 +"""Activate the managed policy of the system.
   39.23 +"""
   39.24 +
   39.25 +import sys
   39.26 +from xen.util import xsconstants
   39.27 +from xml.dom import minidom
   39.28 +from xen.xm.opts import OptionError
   39.29 +from xen.xm import getpolicy
   39.30 +from xen.xm import main as xm_main
   39.31 +from xen.xm.main import server
   39.32 +
   39.33 +def help():
   39.34 +    return """
   39.35 +    Usage: xm activatepolicy [options]
   39.36 +
   39.37 +    Activate the xend-managed policy.
   39.38 +
   39.39 +    The following options are defined:
   39.40 +      --load     Load the policy into the hypervisor.
   39.41 +      --boot     Have the system boot with the policy. Changes the default
   39.42 +                 title in grub.conf.
   39.43 +      --noboot   Remove the policy from the default entry in grub.conf.
   39.44 +    """
   39.45 +
   39.46 +def activate_policy(flags):
   39.47 +    policystate = server.xenapi.XSPolicy.get_xspolicy()
   39.48 +    xs_ref = policystate['xs_ref']
   39.49 +    if int(policystate['type']) == 0 or xs_ref == "":
   39.50 +        print "No policy is installed."
   39.51 +        return
   39.52 +    rc = int(server.xenapi.XSPolicy.activate_xspolicy(xs_ref, flags))
   39.53 +    if rc == flags:
   39.54 +        print "Successfully activated the policy."
   39.55 +    else:
   39.56 +        print "An error occurred trying to activate the policy: %s" % \
   39.57 +              xsconstants.xserr2string(rc)
   39.58 +
   39.59 +def remove_bootpolicy():
   39.60 +    server.xenapi.XSPolicy.rm_xsbootpolicy()
   39.61 +
   39.62 +def main(argv):
   39.63 +    if xm_main.serverType != xm_main.SERVER_XEN_API:
   39.64 +        raise OptionError('xm needs to be configured to use the xen-api.')
   39.65 +    flags = 0
   39.66 +    c = 1
   39.67 +
   39.68 +    while c < len(argv):
   39.69 +        if '--boot' == argv[c]:
   39.70 +            flags |= xsconstants.XS_INST_BOOT
   39.71 +        elif '--load' == argv[c]:
   39.72 +            flags |= xsconstants.XS_INST_LOAD
   39.73 +        elif '--noboot' == argv[c]:
   39.74 +            remove_bootpolicy()
   39.75 +        else:
   39.76 +            raise OptionError("Unknown command line option '%s'" % argv[c])
   39.77 +        c += 1
   39.78 +
   39.79 +    if flags != 0:
   39.80 +        activate_policy(flags)
   39.81 +
   39.82 +    getpolicy.getpolicy(False)
   39.83 +
   39.84 +if __name__ == '__main__':
   39.85 +    try:
   39.86 +        main(sys.argv)
   39.87 +    except Exception, e:
   39.88 +        sys.stderr.write('Error: %s\n' % str(e))
   39.89 +        sys.exit(-1)
    40.1 --- a/tools/python/xen/xm/addlabel.py	Mon Jul 16 14:20:16 2007 -0500
    40.2 +++ b/tools/python/xen/xm/addlabel.py	Tue Jul 17 10:20:21 2007 +0100
    40.3 @@ -25,17 +25,29 @@ import sys
    40.4  from xen.util import dictio
    40.5  from xen.util import security
    40.6  from xen.xm.opts import OptionError
    40.7 +from xen.util import xsconstants
    40.8 +from xen.xm import main as xm_main
    40.9 +from xen.xm.main import server
   40.10  
   40.11  def help():
   40.12      return """
   40.13      Format: xm addlabel <label> dom <configfile> [<policy>]
   40.14 -            xm addlabel <label> res <resource> [<policy>]
   40.15 +            xm addlabel <label> mgt <domain name> [<policy type>:<policy>]
   40.16 +            xm addlabel <label> res <resource> [[<policy type>:]<policy>]
   40.17      
   40.18      This program adds an acm_label entry into the 'configfile'
   40.19 -    for a domain or to the global resource label file for a
   40.20 -    resource. It derives the policy from the running hypervisor
   40.21 +    for a domain or allows to label a xend-managed domain.
   40.22 +    The global resource label file for is extended with labels for
   40.23 +    resources. It derives the policy from the running hypervisor
   40.24      if it is not given (optional parameter). If a label already
   40.25 -    exists for the given domain or resource, then addlabel fails."""
   40.26 +    exists for the given domain or resource, then addlabel fails.
   40.27 +
   40.28 +    For xend-managed domains, the 'mgt' parameter should be used and
   40.29 +    the 'xm' tool must have been configured to use the xen-api for
   40.30 +    communication with xen. If a policy is provided as last parameter,
   40.31 +    its type must also be given. Currently only one type of policy is
   40.32 +    supported and identified as 'ACM'. An example for a valid string
   40.33 +    is 'ACM:xm-test'. """
   40.34  
   40.35  
   40.36  def validate_config_file(configfile):
   40.37 @@ -66,32 +78,47 @@ def validate_config_file(configfile):
   40.38          return 1
   40.39  
   40.40  
   40.41 -def add_resource_label(label, resource, policyref):
   40.42 +def add_resource_label(label, resource, policyref, policy_type):
   40.43      """Adds a resource label to the global resource label file.
   40.44      """
   40.45 -    # sanity check: make sure this label can be instantiated later on
   40.46 -    ssidref = security.label2ssidref(label, policyref, 'res')
   40.47 +
   40.48 +    if xm_main.serverType != xm_main.SERVER_XEN_API:
   40.49 +
   40.50 +        # sanity check: make sure this label can be instantiated later on
   40.51 +        ssidref = security.label2ssidref(label, policyref, 'res')
   40.52 +
   40.53 +        #build canonical resource name
   40.54 +        resource = security.unify_resname(resource,mustexist=False)
   40.55  
   40.56 -    #build canonical resource name
   40.57 -    resource = security.unify_resname(resource)
   40.58 +        # see if this resource is already in the file
   40.59 +        access_control = {}
   40.60 +        fil = security.res_label_filename
   40.61 +        try:
   40.62 +            access_control = dictio.dict_read("resources", fil)
   40.63 +        except:
   40.64 +            print "Resource file not found, creating new file at:"
   40.65 +            print "%s" % (fil)
   40.66  
   40.67 -    # see if this resource is already in the file
   40.68 -    access_control = {}
   40.69 -    file = security.res_label_filename
   40.70 -    try:
   40.71 -        access_control = dictio.dict_read("resources", file)
   40.72 -    except:
   40.73 -        print "Resource file not found, creating new file at:"
   40.74 -        print "%s" % (file)
   40.75 +        if access_control.has_key(resource):
   40.76 +            security.err("This resource is already labeled.")
   40.77  
   40.78 -    if access_control.has_key(resource):
   40.79 -        security.err("This resource is already labeled.")
   40.80 -
   40.81 -    # write the data to file
   40.82 -    new_entry = { resource : tuple([policyref, label]) }
   40.83 -    access_control.update(new_entry)
   40.84 -    dictio.dict_write(access_control, "resources", file)
   40.85 -
   40.86 +        # write the data to file
   40.87 +        new_entry = { resource : tuple([policy_type, policyref, label]) }
   40.88 +        access_control.update(new_entry)
   40.89 +        dictio.dict_write(access_control, "resources", fil)
   40.90 +    else:
   40.91 +        res = [ policy_type, policyref, label ]
   40.92 +        res_xapi = security.format_resource_label(res)
   40.93 +        old = server.xenapi.XSPolicy.get_resource_label(resource)
   40.94 +        if old == "":
   40.95 +            try:
   40.96 +                server.xenapi.XSPolicy.set_resource_label(resource,
   40.97 +                                                          res_xapi,
   40.98 +                                                          "")
   40.99 +            except Exception, e:
  40.100 +                security.err("Could not label this resource: %s" % e)
  40.101 +        else:
  40.102 +            security.err("'%s' is already labeled with '%s'" % (resource,old))
  40.103  
  40.104  def add_domain_label(label, configfile, policyref):
  40.105      # sanity checks: make sure this label can be instantiated later on
  40.106 @@ -109,9 +136,35 @@ def add_domain_label(label, configfile, 
  40.107      config_fd.write(new_label)
  40.108      config_fd.close()
  40.109  
  40.110 +def add_domain_label_xapi(label, domainname, policyref, policy_type):
  40.111 +    if xm_main.serverType != xm_main.SERVER_XEN_API:
  40.112 +        raise OptionError('Xm must be configured to use the xen-api.')
  40.113 +    uuids = server.xenapi.VM.get_by_name_label(domainname)
  40.114 +    if len(uuids) == 0:
  40.115 +        raise OptionError('A VM with that name does not exist.')
  40.116 +    if len(uuids) != 1:
  40.117 +        raise OptionError('There are multiple domains with the same name.')
  40.118 +    uuid = uuids[0]
  40.119 +    sec_lab = "%s:%s:%s" % (policy_type, policyref, label)
  40.120 +    try:
  40.121 +        old_lab = server.xenapi.VM.get_security_label(uuid)
  40.122 +        rc = server.xenapi.VM.set_security_label(uuid, sec_lab, old_lab)
  40.123 +    except:
  40.124 +        rc = -1
  40.125 +    if int(rc) < 0:
  40.126 +        raise OptionError('Could not label domain.')
  40.127 +    else:
  40.128 +        ssidref = int(rc)
  40.129 +        if ssidref != 0:
  40.130 +            print "Set the label of domain '%s' to '%s'. New ssidref = %08x" % \
  40.131 +                  (domainname,label,ssidref)
  40.132 +        else:
  40.133 +            print "Set the label of dormant domain '%s' to '%s'." % \
  40.134 +                  (domainname,label)
  40.135  
  40.136  def main(argv):
  40.137      policyref = None
  40.138 +    policy_type = ""
  40.139      if len(argv) not in (4, 5):
  40.140          raise OptionError('Needs either 2 or 3 arguments')
  40.141      
  40.142 @@ -121,6 +174,7 @@ def main(argv):
  40.143          policyref = argv[4]
  40.144      elif security.on():
  40.145          policyref = security.active_policy
  40.146 +        policy_type = xsconstants.ACM_POLICY_ID
  40.147      else:
  40.148          raise OptionError("No active policy. Must specify policy on the "
  40.149                            "command line.")
  40.150 @@ -136,11 +190,27 @@ def main(argv):
  40.151              raise OptionError('Invalid config file')
  40.152          else:
  40.153              add_domain_label(label, configfile, policyref)
  40.154 +    elif argv[2].lower() == "mgt":
  40.155 +        domain = argv[3]
  40.156 +        if policy_type == "":
  40.157 +            tmp = policyref.split(":")
  40.158 +            if len(tmp) != 2:
  40.159 +                raise OptionError("Policy name in wrong format.")
  40.160 +            policy_type, policyref = tmp
  40.161 +        add_domain_label_xapi(label, domain, policyref, policy_type)
  40.162      elif argv[2].lower() == "res":
  40.163          resource = argv[3]
  40.164 -        add_resource_label(label, resource, policyref)
  40.165 +        if policy_type == "":
  40.166 +            tmp = policyref.split(":")
  40.167 +            if len(tmp) == 1:
  40.168 +                policy_type = xsconstants.ACM_POLICY_ID
  40.169 +            elif len(tmp) == 2:
  40.170 +                policy_type, policyref = tmp
  40.171 +            else:
  40.172 +                raise OptionError("Policy name in wrong format.")
  40.173 +        add_resource_label(label, resource, policyref, policy_type)
  40.174      else:
  40.175 -        raise OptionError('Need to specify either "dom" or "res" as '
  40.176 +        raise OptionError('Need to specify either "dom", "mgt" or "res" as '
  40.177                            'object to add label to.')
  40.178              
  40.179  if __name__ == '__main__':
  40.180 @@ -149,6 +219,3 @@ if __name__ == '__main__':
  40.181      except Exception, e:
  40.182          sys.stderr.write('Error: %s\n' % str(e))
  40.183          sys.exit(-1)
  40.184 -    
  40.185 -
  40.186 -
    41.1 --- a/tools/python/xen/xm/cfgbootpolicy.py	Mon Jul 16 14:20:16 2007 -0500
    41.2 +++ b/tools/python/xen/xm/cfgbootpolicy.py	Tue Jul 17 10:20:21 2007 +0100
    41.3 @@ -31,7 +31,11 @@ from xen.util.security import policy_dir
    41.4  from xen.util.security import boot_filename, altboot_filename
    41.5  from xen.util.security import any_title_re, xen_kernel_re, any_module_re
    41.6  from xen.util.security import empty_line_re, binary_name_re, policy_name_re
    41.7 +from xen.util import xsconstants
    41.8  from xen.xm.opts import OptionError
    41.9 +from xen.xm import main as xm_main
   41.10 +from xen.xm.main import server
   41.11 +from xen.util.acmpolicy import ACMPolicy
   41.12  
   41.13  def help():
   41.14      return """
   41.15 @@ -144,6 +148,39 @@ def insert_policy(boot_file, alt_boot_fi
   41.16          pass
   41.17      return extended_titles[0]
   41.18  
   41.19 +def cfgbootpolicy_xapi(policy, user_title=None):
   41.20 +    xstype = int(server.xenapi.XSPolicy.get_xstype())
   41.21 +    if xstype & xsconstants.XS_POLICY_ACM == 0:
   41.22 +        raise OptionError("ACM policy not supported on system.")
   41.23 +    if user_title:
   41.24 +        raise OptionError("Only the default title is supported with Xen-API.")
   41.25 +
   41.26 +    policystate = server.xenapi.XSPolicy.get_xspolicy()
   41.27 +    if int(policystate['type']) == 0:
   41.28 +        print "No policy is installed."
   41.29 +        return
   41.30 +
   41.31 +    if int(policystate['type']) != xsconstants.XS_POLICY_ACM:
   41.32 +        print "Unknown policy type '%s'." % policystate['type']
   41.33 +        return
   41.34 +    else:
   41.35 +        xml = policystate['repr']
   41.36 +        xs_ref = policystate['xs_ref']
   41.37 +        if not xml:
   41.38 +            OptionError("No policy installed on system?")
   41.39 +        acmpol = ACMPolicy(xml=xml)
   41.40 +        if acmpol.get_name() != policy:
   41.41 +            OptionError("Policy installed on system '%s' does not match the "
   41.42 +                        "request policy '%s'" % (acmpol.get_name(), policy))
   41.43 +        flags = int(policystate['flags']) | xsconstants.XS_INST_BOOT
   41.44 +        rc = int(server.xenapi.XSPolicy.activate_xspolicy(xs_ref, flags))
   41.45 +        if rc == flags:
   41.46 +            print "Successfully enabled the policy for having the system" \
   41.47 +                  " booted with."
   41.48 +        else:
   41.49 +            print "An error occurred during the operation: %s" % \
   41.50 +                  xsconstants.xserr2string(rc)
   41.51 +
   41.52  
   41.53  def main(argv):
   41.54      user_kver = None
   41.55 @@ -159,24 +196,27 @@ def main(argv):
   41.56      if not policy_name_re.match(policy):
   41.57          raise OptionError("Illegal policy name: '%s'" % policy)
   41.58  
   41.59 -    policy_file = '/'.join([policy_dir_prefix] + policy.split('.'))
   41.60 -    src_binary_policy_file = policy_file + ".bin"
   41.61 -    #check if .bin exists or if policy file exists
   41.62 -    if not os.path.isfile(src_binary_policy_file):
   41.63 -        if not os.path.isfile(policy_file + "-security_policy.xml"):
   41.64 -            raise OptionError("Unknown policy '%s'" % policy)
   41.65 -        else:
   41.66 -            err_msg = "Cannot find binary file for policy '%s'." % policy
   41.67 -            err_msg += " Please use makepolicy to create binary file."
   41.68 -            raise OptionError(err_msg)
   41.69 +    if xm_main.serverType == xm_main.SERVER_XEN_API:
   41.70 +        cfgbootpolicy_xapi(policy)
   41.71 +    else:
   41.72 +        policy_file = '/'.join([policy_dir_prefix] + policy.split('.'))
   41.73 +        src_binary_policy_file = policy_file + ".bin"
   41.74 +        #check if .bin exists or if policy file exists
   41.75 +        if not os.path.isfile(src_binary_policy_file):
   41.76 +            if not os.path.isfile(policy_file + "-security_policy.xml"):
   41.77 +                raise OptionError("Unknown policy '%s'" % policy)
   41.78 +            else:
   41.79 +                err_msg = "Cannot find binary file for policy '%s'." % policy
   41.80 +                err_msg += " Please use makepolicy to create binary file."
   41.81 +                raise OptionError(err_msg)
   41.82      
   41.83 -    dst_binary_policy_file = "/boot/" + policy + ".bin"
   41.84 -    shutil.copyfile(src_binary_policy_file, dst_binary_policy_file)
   41.85 +        dst_binary_policy_file = "/boot/" + policy + ".bin"
   41.86 +        shutil.copyfile(src_binary_policy_file, dst_binary_policy_file)
   41.87      
   41.88 -    entryname = insert_policy(boot_filename, altboot_filename,
   41.89 -                              user_title, policy)
   41.90 -    print "Boot entry '%s' extended and \'%s\' copied to /boot" \
   41.91 -          % (entryname, policy + ".bin")
   41.92 +        entryname = insert_policy(boot_filename, altboot_filename,
   41.93 +                                  user_title, policy)
   41.94 +        print "Boot entry '%s' extended and \'%s\' copied to /boot" \
   41.95 +              % (entryname, policy + ".bin")
   41.96  
   41.97  if __name__ == '__main__':
   41.98      try:
    42.1 --- a/tools/python/xen/xm/create.dtd	Mon Jul 16 14:20:16 2007 -0500
    42.2 +++ b/tools/python/xen/xm/create.dtd	Tue Jul 17 10:20:21 2007 +0100
    42.3 @@ -38,6 +38,7 @@
    42.4                   memory,
    42.5                   vbd*,
    42.6                   vif*,
    42.7 +                 vtpm*,
    42.8                   console*,
    42.9                   platform*,
   42.10                   vcpu_param*,
   42.11 @@ -49,7 +50,8 @@
   42.12                   actions_after_shutdown %NORMAL_EXIT; #REQUIRED 
   42.13                   actions_after_reboot   %NORMAL_EXIT; #REQUIRED
   42.14                   actions_after_crash    %CRASH_BEHAVIOUR; #REQUIRED
   42.15 -                 PCI_bus                CDATA #REQUIRED> 
   42.16 +                 PCI_bus                CDATA #REQUIRED
   42.17 +                 security_label         CDATA #IMPLIED>
   42.18  
   42.19  <!ELEMENT memory EMPTY> 
   42.20  <!ATTLIST memory static_min      CDATA #REQUIRED
   42.21 @@ -74,6 +76,9 @@
   42.22                   qos_algorithm_type CDATA    #REQUIRED
   42.23                   network         CDATA       #IMPLIED> 
   42.24  
   42.25 +<!ELEMENT vtpm   (name*)>
   42.26 +<!ATTLIST vtpm   backend         CDATA #REQUIRED>
   42.27 +
   42.28  <!ELEMENT console (other_config*)>
   42.29  <!ATTLIST console protocol       (vt100|rfb|rdp) #REQUIRED>
   42.30  
    43.1 --- a/tools/python/xen/xm/create.py	Mon Jul 16 14:20:16 2007 -0500
    43.2 +++ b/tools/python/xen/xm/create.py	Tue Jul 17 10:20:21 2007 +0100
    43.3 @@ -643,22 +643,12 @@ def configure_security(config, vals):
    43.4                                   ['policy', policy],
    43.5                                   ['label', label] ]
    43.6  
    43.7 -        #ssidref cannot be specified together with access_control
    43.8 -        if sxp.child_value(config, 'ssidref'):
    43.9 -            err("ERROR: SSIDREF and access_control are mutually exclusive but both specified!")
   43.10 -        #else calculate ssidre from label
   43.11 +        #calculate ssidref from label
   43.12          ssidref = security.label2ssidref(label, policy, 'dom')
   43.13          if not ssidref :
   43.14              err("ERROR calculating ssidref from access_control.")
   43.15          security_label = ['security', [ config_access_control, ['ssidref' , ssidref ] ] ]
   43.16          config.append(security_label)
   43.17 -    elif num == 0:
   43.18 -        if hasattr(vals, 'ssidref'):
   43.19 -            if not security.on():
   43.20 -                err("ERROR: Security ssidref specified but no policy active.")
   43.21 -            ssidref = getattr(vals, 'ssidref')
   43.22 -            security_label = ['security', [ [ 'ssidref' , int(ssidref) ] ] ]
   43.23 -            config.append(security_label)
   43.24      elif num > 1:
   43.25          err("VM config error: Multiple access_control definitions!")
   43.26  
   43.27 @@ -1231,13 +1221,13 @@ def config_security_check(config, verbos
   43.28  
   43.29          except security.ACMError:
   43.30              print "   %s: DENIED" % (resource)
   43.31 -            (res_label, res_policy) = security.get_res_label(resource)
   43.32 +            (poltype, res_label, res_policy) = security.get_res_label(resource)
   43.33              if not res_label:
   43.34                  res_label = ""
   43.35 -            print "   --> res: %s (%s)" % (str(res_label),
   43.36 -                                           str(res_policy))
   43.37 -            print "   --> dom: %s (%s)" % (str(domain_label),
   43.38 -                                           str(domain_policy))
   43.39 +            print "   --> res: %s (%s:%s)" % (str(res_label),
   43.40 +                                           str(poltype), str(res_policy))
   43.41 +            print "   --> dom: %s (%s:%s)" % (str(domain_label),
   43.42 +                                           str(poltype), str(domain_policy))
   43.43  
   43.44              answer = 0
   43.45  
    44.1 --- a/tools/python/xen/xm/getlabel.py	Mon Jul 16 14:20:16 2007 -0500
    44.2 +++ b/tools/python/xen/xm/getlabel.py	Tue Jul 17 10:20:21 2007 +0100
    44.3 @@ -21,14 +21,19 @@
    44.4  import sys, os, re
    44.5  from xen.util import dictio
    44.6  from xen.util import security
    44.7 +from xen.util import xsconstants
    44.8  from xen.xm.opts import OptionError
    44.9 +from xen.xm import main as xm_main
   44.10 +from xen.xm.main import server
   44.11  
   44.12  def help():
   44.13      return """
   44.14      Usage: xm getlabel dom <configfile>
   44.15 +           xm getlabel mgt <domain name>
   44.16             xm getlabel res <resource>
   44.17             
   44.18 -    This program shows the label for a domain or resource."""
   44.19 +    This program shows the label for a domain, resource or virtual network
   44.20 +    interface of a Xend-managed domain."""
   44.21  
   44.22  def get_resource_label(resource):
   44.23      """Gets the resource label
   44.24 @@ -37,17 +42,24 @@ def get_resource_label(resource):
   44.25      resource = security.unify_resname(resource)
   44.26  
   44.27      # read in the resource file
   44.28 -    file = security.res_label_filename
   44.29 +    fil = security.res_label_filename
   44.30      try:
   44.31 -        access_control = dictio.dict_read("resources", file)
   44.32 +        access_control = dictio.dict_read("resources", fil)
   44.33      except:
   44.34          raise OptionError("Resource label file not found")
   44.35  
   44.36      # get the entry and print label
   44.37      if access_control.has_key(resource):
   44.38 -        policy = access_control[resource][0]
   44.39 -        label = access_control[resource][1]
   44.40 -        print "policy="+policy+",label="+label
   44.41 +        tmp = access_control[resource]
   44.42 +        if len(tmp) == 2:
   44.43 +            policy, label = tmp
   44.44 +            policytype = xsconstants.ACM_POLICY_ID
   44.45 +        elif len(tmp) == 3:
   44.46 +            policytype, policy, label = tmp
   44.47 +        else:
   44.48 +            raise security.ACMError("Resource not properly labeled. "
   44.49 +                                    "Please relabel the resource.")
   44.50 +        print policytype+":"+policy+":"+label
   44.51      else:
   44.52          raise security.ACMError("Resource not labeled")
   44.53  
   44.54 @@ -89,8 +101,19 @@ def get_domain_label(configfile):
   44.55      data = data.strip()
   44.56      data = data.lstrip("[\'")
   44.57      data = data.rstrip("\']")
   44.58 -    print data
   44.59 +    print "policytype=%s," % xsconstants.ACM_POLICY_ID + data
   44.60  
   44.61 +def get_domain_label_xapi(domainname):
   44.62 +    if xm_main.serverType != xm_main.SERVER_XEN_API:
   44.63 +        raise OptionError('xm needs to be configure to use the xen-api.')
   44.64 +    uuids = server.xenapi.VM.get_by_name_label(domainname)
   44.65 +    if len(uuids) == 0:
   44.66 +        raise OptionError('A VM with that name does not exist.')
   44.67 +    if len(uuids) != 1:
   44.68 +        raise OptionError('There are multiple domains with the same name.')
   44.69 +    uuid = uuids[0]
   44.70 +    sec_lab = server.xenapi.VM.get_security_label(uuid)
   44.71 +    print "%s" %sec_lab
   44.72  
   44.73  def main(argv):
   44.74      if len(argv) != 3:
   44.75 @@ -99,11 +122,15 @@ def main(argv):
   44.76      if argv[1].lower() == "dom":
   44.77          configfile = argv[2]
   44.78          get_domain_label(configfile)
   44.79 +    elif argv[1].lower() == "mgt":
   44.80 +        domainname = argv[2]
   44.81 +        get_domain_label_xapi(domainname)
   44.82      elif argv[1].lower() == "res":
   44.83          resource = argv[2]
   44.84          get_resource_label(resource)
   44.85      else:
   44.86 -        raise OptionError('First subcommand argument must be "dom" or "res"')
   44.87 +        raise OptionError('First subcommand argument must be "dom"'
   44.88 +                          ', "mgt" or "res"')
   44.89  
   44.90  if __name__ == '__main__':
   44.91      try:
   44.92 @@ -111,6 +138,4 @@ if __name__ == '__main__':
   44.93      except Exception, e:
   44.94          sys.stderr.write('Error: %s\n' % str(e))
   44.95          sys.exit(-1)
   44.96 -        
   44.97  
   44.98 -
    45.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    45.2 +++ b/tools/python/xen/xm/getpolicy.py	Tue Jul 17 10:20:21 2007 +0100
    45.3 @@ -0,0 +1,94 @@
    45.4 +#============================================================================
    45.5 +# This library is free software; you can redistribute it and/or
    45.6 +# modify it under the terms of version 2.1 of the GNU Lesser General Public
    45.7 +# License as published by the Free Software Foundation.
    45.8 +#
    45.9 +# This library is distributed in the hope that it will be useful,
   45.10 +# but WITHOUT ANY WARRANTY; without even the implied warranty of
   45.11 +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
   45.12 +# Lesser General Public License for more details.
   45.13 +#
   45.14 +# You should have received a copy of the GNU Lesser General Public
   45.15 +# License along with this library; if not, write to the Free Software
   45.16 +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
   45.17 +#============================================================================
   45.18 +# Copyright (C) 2007 International Business Machines Corp.
   45.19 +# Author: Stefan Berger <stefanb@us.ibm.com>
   45.20 +#============================================================================
   45.21 +
   45.22 +"""Get the managed policy of the system.
   45.23 +"""
   45.24 +
   45.25 +import sys
   45.26 +from xen.util import xsconstants
   45.27 +from xml.dom import minidom
   45.28 +from xen.xm.opts import OptionError
   45.29 +from xen.util.acmpolicy import ACMPolicy
   45.30 +from xen.xm import main as xm_main
   45.31 +from xen.xm.main import server
   45.32 +
   45.33 +def help():
   45.34 +    return """
   45.35 +    Usage: xm getpolicy [options]
   45.36 +
   45.37 +    The following options are defined
   45.38 +      --dumpxml     Display the XML of the policy
   45.39 +
   45.40 +    Get the policy managed by xend."""
   45.41 +
   45.42 +def getpolicy(dumpxml):
   45.43 +    if xm_main.serverType != xm_main.SERVER_XEN_API:
   45.44 +        raise OptionError('xm needs to be configured to use the xen-api.')
   45.45 +    types = []
   45.46 +    xstype = int(server.xenapi.XSPolicy.get_xstype())
   45.47 +    if xstype & xsconstants.XS_POLICY_ACM:
   45.48 +        types.append("ACM")
   45.49 +        xstype ^= xsconstants.XS_POLICY_ACM
   45.50 +    if xstype != 0:
   45.51 +        types.append("unsupported (%08x)" % xstype)
   45.52 +    print "Supported security subsystems   : %s \n" % ", ".join(types)
   45.53 +
   45.54 +    policystate = server.xenapi.XSPolicy.get_xspolicy()
   45.55 +    if int(policystate['type']) == 0:
   45.56 +        print "No policy is installed."
   45.57 +        return
   45.58 +    if int(policystate['type']) != xsconstants.XS_POLICY_ACM:
   45.59 +        print "Unknown policy type '%s'." % policystate['type']
   45.60 +    else:
   45.61 +        xml = policystate['repr']
   45.62 +        acmpol = None
   45.63 +        if xml:
   45.64 +            acmpol = ACMPolicy(xml=xml)
   45.65 +        print "Policy installed on the system:"
   45.66 +        if acmpol:
   45.67 +            print "Policy name           : %s" % acmpol.get_name()
   45.68 +        print "Policy type           : %s" % xsconstants.ACM_POLICY_ID
   45.69 +        print "Reference             : %s" % policystate['xs_ref']
   45.70 +        print "Version of XML policy : %s" % policystate['version']
   45.71 +        state = []
   45.72 +        flags = int(policystate['flags'])
   45.73 +        if flags & xsconstants.XS_INST_LOAD:
   45.74 +            state.append("loaded")
   45.75 +        if flags & xsconstants.XS_INST_BOOT:
   45.76 +            state.append("system booted with")
   45.77 +        print "State of the policy   : %s" % ", ".join(state)
   45.78 +        if dumpxml:
   45.79 +            xml = policystate['repr']
   45.80 +            if xml:
   45.81 +                dom = minidom.parseString(xml.encode("utf-8"))
   45.82 +                print "%s" % dom.toprettyxml(indent="   ",newl="\n")
   45.83 +
   45.84 +def main(argv):
   45.85 +    dumpxml = False
   45.86 +
   45.87 +    if '--dumpxml' in argv:
   45.88 +        dumpxml = True
   45.89 +
   45.90 +    getpolicy(dumpxml)
   45.91 +
   45.92 +if __name__ == '__main__':
   45.93 +    try:
   45.94 +        main(sys.argv)
   45.95 +    except Exception, e:
   45.96 +        sys.stderr.write('Error: %s\n' % str(e))
   45.97 +        sys.exit(-1)
    46.1 --- a/tools/python/xen/xm/labels.py	Mon Jul 16 14:20:16 2007 -0500
    46.2 +++ b/tools/python/xen/xm/labels.py	Tue Jul 17 10:20:21 2007 +0100
    46.3 @@ -24,6 +24,10 @@ import string
    46.4  from xen.util.security import ACMError, err, list_labels, active_policy
    46.5  from xen.util.security import vm_label_re, res_label_re, all_label_re
    46.6  from xen.xm.opts import OptionError
    46.7 +from xen.util.acmpolicy import ACMPolicy
    46.8 +from xen.util import xsconstants
    46.9 +from xen.xm.main import server
   46.10 +from xen.xm import main as xm_main
   46.11  
   46.12  
   46.13  def help():
   46.14 @@ -48,6 +52,12 @@ def main(argv):
   46.15          else:
   46.16              raise OptionError('Unrecognised option: %s' % arg)
   46.17  
   46.18 +    if xm_main.serverType != xm_main.SERVER_XEN_API:
   46.19 +        labels(policy, ptype)
   46.20 +    else:
   46.21 +        labels_xapi(policy, ptype)
   46.22 +
   46.23 +def labels(policy, ptype):
   46.24      if not policy:
   46.25          policy = active_policy
   46.26          if active_policy in ['NULL', 'INACTIVE', 'DEFAULT']:
   46.27 @@ -73,7 +83,30 @@ def main(argv):
   46.28      except:
   46.29          traceback.print_exc(limit = 1)
   46.30  
   46.31 +def labels_xapi(policy, ptype):
   46.32 +    policystate = server.xenapi.XSPolicy.get_xspolicy()
   46.33 +    if int(policystate['type']) == xsconstants.XS_POLICY_ACM:
   46.34 +        acmpol = ACMPolicy(xml=policystate['repr'])
   46.35 +        if policy and policy != acmpol.get_name():
   46.36 +            print "Warning: '%s' is not the currently loaded policy." % policy
   46.37 +            return labels(policy, ptype)
   46.38 +        names1 = []
   46.39 +        names2 = []
   46.40 +        if not ptype or ptype == 'dom' or ptype == 'any':
   46.41 +            names1 = acmpol.policy_get_virtualmachinelabel_names()
   46.42 +        if ptype == 'res' or ptype == 'any':
   46.43 +            names2 = acmpol.policy_get_resourcelabel_names()
   46.44 +        if len(names1) > 0:
   46.45 +            names = set(names1)
   46.46 +            names.union(names2)
   46.47 +        else:
   46.48 +            names = set(names2)
   46.49 +        for n in names:
   46.50 +            print n
   46.51 +    elif int(policystate['type']) == 0:
   46.52 +        print "No policy installed on the system."
   46.53 +    else:
   46.54 +        print "Unsupported type of policy installed on the system."
   46.55 +
   46.56  if __name__ == '__main__':
   46.57      main(sys.argv)
   46.58 -
   46.59 -
    47.1 --- a/tools/python/xen/xm/loadpolicy.py	Mon Jul 16 14:20:16 2007 -0500
    47.2 +++ b/tools/python/xen/xm/loadpolicy.py	Tue Jul 17 10:20:21 2007 +0100
    47.3 @@ -22,6 +22,11 @@ import sys
    47.4  import traceback
    47.5  from xen.util.security import ACMError, err, load_policy
    47.6  from xen.xm.opts import OptionError
    47.7 +from xen.xm import main as xm_main
    47.8 +from xen.util import xsconstants
    47.9 +from xen.xm.activatepolicy import activate_policy
   47.10 +from xen.xm.main import server
   47.11 +from xen.util.acmpolicy import ACMPolicy
   47.12  
   47.13  def help():
   47.14      return """Load the compiled binary (.bin) policy into the running
   47.15 @@ -30,8 +35,31 @@ def help():
   47.16  def main(argv):
   47.17      if len(argv) != 2:
   47.18          raise OptionError('No policy defined')
   47.19 -    
   47.20 -    load_policy(argv[1])
   47.21 +    if xm_main.serverType == xm_main.SERVER_XEN_API:
   47.22 +        policy = argv[1]
   47.23 +        print "This command is deprecated for use with Xen-API " \
   47.24 +              "configuration. Consider using\n'xm activatepolicy'."
   47.25 +        policystate = server.xenapi.XSPolicy.get_xspolicy()
   47.26 +        if int(policystate['type']) == 0:
   47.27 +            print "No policy is installed."
   47.28 +            return
   47.29 +
   47.30 +        if int(policystate['type']) != xsconstants.XS_POLICY_ACM:
   47.31 +            print "Unknown policy type '%s'." % policystate['type']
   47.32 +            return
   47.33 +        else:
   47.34 +            xml = policystate['repr']
   47.35 +            xs_ref = policystate['xs_ref']
   47.36 +            if not xml:
   47.37 +                OptionError("No policy installed on system?")
   47.38 +            acmpol = ACMPolicy(xml=xml)
   47.39 +            if acmpol.get_name() != policy:
   47.40 +                OptionError("Policy installed on system '%s' does not match"\
   47.41 +                            " the request policy '%s'" % \
   47.42 +                            (acmpol.get_name(), policy))
   47.43 +            activate_policy(xsconstants.XS_INST_LOAD)
   47.44 +    else:
   47.45 +        load_policy(argv[1])
   47.46  
   47.47  if __name__ == '__main__':
   47.48      try:
    48.1 --- a/tools/python/xen/xm/main.py	Mon Jul 16 14:20:16 2007 -0500
    48.2 +++ b/tools/python/xen/xm/main.py	Tue Jul 17 10:20:21 2007 +0100
    48.3 @@ -50,6 +50,7 @@ from xen.xend.XendConstants import *
    48.4  from xen.xm.opts import OptionError, Opts, wrap, set_true
    48.5  from xen.xm import console
    48.6  from xen.util.xmlrpcclient import ServerProxy
    48.7 +from xen.util.security import ACMError
    48.8  
    48.9  import XenAPI
   48.10  
   48.11 @@ -171,11 +172,12 @@ SUBCOMMAND_HELP = {
   48.12  
   48.13      # security
   48.14  
   48.15 -    'addlabel'      :  ('<label> {dom <ConfigFile>|res <resource>} [<policy>]',
   48.16 +    'addlabel'      :  ('<label> {dom <ConfigFile>|res <resource>|mgt <managed domain>}\n'
   48.17 +                        '                   [<policy>]',
   48.18                          'Add security label to domain.'),
   48.19 -    'rmlabel'       :  ('{dom <ConfigFile>|res <Resource>}',
   48.20 +    'rmlabel'       :  ('{dom <ConfigFile>|res <Resource>|mgt<managed domain>}',
   48.21                          'Remove a security label from domain.'),
   48.22 -    'getlabel'      :  ('{dom <ConfigFile>|res <Resource>}',
   48.23 +    'getlabel'      :  ('{dom <ConfigFile>|res <Resource>|mgt <managed domain>}',
   48.24                          'Show security label for domain or resource.'),
   48.25      'dry-run'       :  ('<ConfigFile>',
   48.26                          'Test if a domain can access its resources.'),
   48.27 @@ -186,6 +188,10 @@ SUBCOMMAND_HELP = {
   48.28      'loadpolicy'    :  ('<policy.bin>', 'Load binary policy into hypervisor.'),
   48.29      'makepolicy'    :  ('<policy>', 'Build policy and create .bin/.map '
   48.30                          'files.'),
   48.31 +    'setpolicy'     :  ('<policytype> <policyfile> [options]',
   48.32 +                        'Set the policy of the system.'),
   48.33 +    'getpolicy'     :  ('[options]', 'Get the policy of the system.'),
   48.34 +    'activatepolicy':  ('[options]', 'Activate the xend-managed policy.'),
   48.35      'labels'        :  ('[policy] [type=dom|res|any]',
   48.36                          'List <type> labels for (active) policy.'),
   48.37      'serve'         :  ('', 'Proxy Xend XMLRPC over stdio.'),
   48.38 @@ -343,6 +349,9 @@ acm_commands = [
   48.39      "loadpolicy",
   48.40      "cfgbootpolicy",
   48.41      "dumppolicy",
   48.42 +    "activatepolicy",
   48.43 +    "setpolicy",
   48.44 +    "getpolicy",
   48.45      ]
   48.46  
   48.47  all_commands = (domain_commands + host_commands + scheduler_commands +
   48.48 @@ -861,13 +870,13 @@ def parse_doms_info(info):
   48.49          'up_time'  : up_time
   48.50          }
   48.51  
   48.52 -    # We're not supporting security stuff just yet via XenAPI
   48.53 -
   48.54 -    if serverType != SERVER_XEN_API:
   48.55 -        from xen.util import security
   48.56 -        parsed_info['seclabel'] = security.get_security_printlabel(info)
   48.57 +    security_label = get_info('security_label', str, '')
   48.58 +    tmp = security_label.split(":")
   48.59 +    if len(tmp) != 3:
   48.60 +        seclabel = ""
   48.61      else:
   48.62 -        parsed_info['seclabel'] = ""
   48.63 +        seclabel = tmp[2]
   48.64 +    parsed_info['seclabel'] = seclabel
   48.65  
   48.66      if serverType == SERVER_XEN_API:
   48.67          parsed_info['mem'] = get_info('memory_actual', int, 0) / 1024
   48.68 @@ -925,28 +934,26 @@ def xm_brief_list(doms):
   48.69          print format % d
   48.70  
   48.71  def xm_label_list(doms):
   48.72 -    print '%-32s %5s %5s %5s %5s %9s %-8s' % \
   48.73 +    print '%-32s %5s %5s %5s %10s %9s %-8s' % \
   48.74            ('Name', 'ID', 'Mem', 'VCPUs', 'State', 'Time(s)', 'Label')
   48.75      
   48.76      output = []
   48.77      format = '%(name)-32s %(domid)5s %(mem)5d %(vcpus)5d %(state)10s ' \
   48.78               '%(cpu_time)8.1f %(seclabel)9s'
   48.79  
   48.80 -    if serverType != SERVER_XEN_API:
   48.81 -        from xen.util import security
   48.82 +    from xen.util import security
   48.83          
   48.84 -        for dom in doms:
   48.85 -            d = parse_doms_info(dom)
   48.86 +    for dom in doms:
   48.87 +        d = parse_doms_info(dom)
   48.88 +        if security.active_policy not in ['INACTIVE', 'NULL', 'DEFAULT']:
   48.89 +            if not d['seclabel']:
   48.90 +                d['seclabel'] = 'ERROR'
   48.91 +        elif security.active_policy in ['DEFAULT']:
   48.92 +            d['seclabel'] = 'DEFAULT'
   48.93 +        else:
   48.94 +            d['seclabel'] = 'INACTIVE'
   48.95  
   48.96 -            if security.active_policy not in ['INACTIVE', 'NULL', 'DEFAULT']:
   48.97 -                if not d['seclabel']:
   48.98 -                    d['seclabel'] = 'ERROR'
   48.99 -            elif security.active_policy in ['DEFAULT']:
  48.100 -                d['seclabel'] = 'DEFAULT'
  48.101 -            else:
  48.102 -                d['seclabel'] = 'INACTIVE'
  48.103 -
  48.104 -            output.append((format % d, d['seclabel']))
  48.105 +        output.append((format % d, d['seclabel']))
  48.106          
  48.107      #sort by labels
  48.108      output.sort(lambda x,y: cmp( x[1].lower(), y[1].lower()))
  48.109 @@ -1989,16 +1996,24 @@ def xm_block_list(args):
  48.110                     % ni)
  48.111  
  48.112  def xm_vtpm_list(args):
  48.113 -    xenapi_unsupported()
  48.114      (use_long, params) = arg_check_for_resource_list(args, "vtpm-list")
  48.115  
  48.116      dom = params[0]
  48.117 +
  48.118 +    if serverType == SERVER_XEN_API:
  48.119 +        vtpm_refs = server.xenapi.VM.get_VTPMs(get_single_vm(dom))
  48.120 +        vtpm_properties = \
  48.121 +            map(server.xenapi.VTPM.get_runtime_properties, vtpm_refs)
  48.122 +        devs = map(lambda (handle, properties): [handle, map2sxp(properties)],
  48.123 +                   zip(range(len(vtpm_properties)), vtpm_properties))
  48.124 +    else:
  48.125 +        devs = server.xend.domain.getDeviceSxprs(dom, 'vtpm')
  48.126 +
  48.127      if use_long:
  48.128 -        devs = server.xend.domain.getDeviceSxprs(dom, 'vtpm')
  48.129          map(PrettyPrint.prettyprint, devs)
  48.130      else:
  48.131          hdr = 0
  48.132 -        for x in server.xend.domain.getDeviceSxprs(dom, 'vtpm'):
  48.133 +        for x in devs:
  48.134              if hdr == 0:
  48.135                  print 'Idx  BE handle state evt-ch ring-ref BE-path'
  48.136                  hdr = 1
  48.137 @@ -2029,18 +2044,6 @@ def parse_block_configuration(args):
  48.138      if len(args) == 5:
  48.139          vbd.append(['backend', args[4]])
  48.140  
  48.141 -    if serverType != SERVER_XEN_API:
  48.142 -        # verify that policy permits attaching this resource
  48.143 -        from xen.util import security
  48.144 -    
  48.145 -        if security.on():
  48.146 -            dominfo = server.xend.domain(dom)
  48.147 -            label = security.get_security_printlabel(dominfo)
  48.148 -        else:
  48.149 -            label = None
  48.150 -
  48.151 -        security.res_security_check(args[1], label)
  48.152 -
  48.153      return (dom, vbd)
  48.154  
  48.155  
  48.156 @@ -2440,6 +2443,9 @@ IMPORTED_COMMANDS = [
  48.157      'getlabel',
  48.158      'dry-run',
  48.159      'resources',
  48.160 +    'getpolicy',
  48.161 +    'setpolicy',
  48.162 +    'activatepolicy',
  48.163      ]
  48.164  
  48.165  for c in IMPORTED_COMMANDS:
  48.166 @@ -2563,6 +2569,8 @@ def _run_cmd(cmd, cmd_name, args):
  48.167          print e.usage
  48.168      except XenAPIUnsupportedException, e:
  48.169          err(str(e))
  48.170 +    except ACMError, e:
  48.171 +        err(str(e))
  48.172      except Exception, e:
  48.173          if serverType != SERVER_XEN_API:
  48.174             from xen.util import security
    49.1 --- a/tools/python/xen/xm/makepolicy.py	Mon Jul 16 14:20:16 2007 -0500
    49.2 +++ b/tools/python/xen/xm/makepolicy.py	Tue Jul 17 10:20:21 2007 +0100
    49.3 @@ -20,7 +20,10 @@
    49.4  import sys
    49.5  import traceback
    49.6  from xen.util.security import ACMError, err, make_policy
    49.7 +from xen.util import xsconstants
    49.8  from xen.xm.opts import OptionError
    49.9 +from xen.xm import main as xm_main
   49.10 +from xen.xm.setpolicy import setpolicy
   49.11  
   49.12  def usage():
   49.13      print "\nUsage: xm makepolicy <policy>\n"
   49.14 @@ -32,8 +35,13 @@ def usage():
   49.15  def main(argv):
   49.16      if len(argv) != 2:
   49.17          raise OptionError('No XML policy file specified')
   49.18 -
   49.19 -    make_policy(argv[1])
   49.20 +    if xm_main.serverType == xm_main.SERVER_XEN_API:
   49.21 +        print "This command is deprecated for use with Xen-API " \
   49.22 +              "configuration. Consider using\n'xm setpolicy'."
   49.23 +        setpolicy(xsconstants.ACM_POLICY_ID, argv[1],
   49.24 +                  xsconstants.XS_INST_LOAD, True)
   49.25 +    else:
   49.26 +        make_policy(argv[1])
   49.27  
   49.28  if __name__ == '__main__':
   49.29      try:
   49.30 @@ -41,5 +49,3 @@ if __name__ == '__main__':
   49.31      except Exception, e:
   49.32          sys.stderr.write('Error: %s\n' % str(e))
   49.33          sys.exit(-1)
   49.34 -
   49.35 -
    50.1 --- a/tools/python/xen/xm/resources.py	Mon Jul 16 14:20:16 2007 -0500
    50.2 +++ b/tools/python/xen/xm/resources.py	Tue Jul 17 10:20:21 2007 +0100
    50.3 @@ -21,7 +21,10 @@
    50.4  import sys
    50.5  from xen.util import dictio
    50.6  from xen.util import security
    50.7 +from xen.util import xsconstants
    50.8  from xen.xm.opts import OptionError
    50.9 +from xen.xm import main as xm_main
   50.10 +from xen.xm.main import server
   50.11  
   50.12  def help():
   50.13      return """
   50.14 @@ -32,20 +35,32 @@ def print_resource_data(access_control):
   50.15      """Prints out a resource dictionary to stdout
   50.16      """
   50.17      for resource in access_control:
   50.18 -        (policy, label) = access_control[resource]
   50.19 +        tmp = access_control[resource]
   50.20 +        if len(tmp) == 2:
   50.21 +            policytype = xsconstants.ACM_POLICY_ID
   50.22 +            (policy, label) = access_control[resource]
   50.23 +        elif len(tmp) == 3:
   50.24 +            policytype, policy, label = access_control[resource]
   50.25          print resource
   50.26 -        print "    policy: "+policy
   50.27 -        print "    label:  "+label
   50.28 +        print "      type: "+ policytype
   50.29 +        print "    policy: "+ policy
   50.30 +        print "    label:  "+ label
   50.31  
   50.32  def main (argv):
   50.33      if len(argv) > 1:
   50.34          raise OptionError("No arguments required")
   50.35 -    
   50.36 -    try:
   50.37 -        filename = security.res_label_filename
   50.38 -        access_control = dictio.dict_read("resources", filename)
   50.39 -    except:
   50.40 -        raise OptionError("Resource file not found")
   50.41 +
   50.42 +    if xm_main.serverType == xm_main.SERVER_XEN_API:
   50.43 +        access_control = server.xenapi.XSPolicy.get_labeled_resources()
   50.44 +        for key, value in access_control.items():
   50.45 +            access_control[key] = tuple(value.split(':'))
   50.46 +    else:
   50.47 +        try:
   50.48 +            filename = security.res_label_filename
   50.49 +            access_control = dictio.dict_read("resources", filename)
   50.50 +            print access_control
   50.51 +        except:
   50.52 +            raise OptionError("Resource file not found")
   50.53  
   50.54      print_resource_data(access_control)
   50.55  
    51.1 --- a/tools/python/xen/xm/rmlabel.py	Mon Jul 16 14:20:16 2007 -0500
    51.2 +++ b/tools/python/xen/xm/rmlabel.py	Tue Jul 17 10:20:21 2007 +0100
    51.3 @@ -22,35 +22,52 @@ import sys, os, re
    51.4  from xen.util import dictio
    51.5  from xen.util import security
    51.6  from xen.xm.opts import OptionError
    51.7 +from xen.xm import main as xm_main
    51.8 +from xen.xm.main import server
    51.9  
   51.10  def help():
   51.11      return """
   51.12      Example: xm rmlabel dom <configfile>
   51.13               xm rmlabel res <resource>
   51.14 +             xm rmlabel mgt <domain name>
   51.15  
   51.16      This program removes an acm_label entry from the 'configfile'
   51.17 -    for a domain or from the global resource label file for a
   51.18 -    resource. If the label does not exist for the given domain or
   51.19 -    resource, then rmlabel fails."""
   51.20 +    for a domain, from a Xend-managed domain, from the global resource label
   51.21 +    file for a resource or from the virtual network interface of a Xend-managed
   51.22 +    domain. If the label does not exist for the given domain or resource, then
   51.23 +    rmlabel fails."""
   51.24  
   51.25  
   51.26  def rm_resource_label(resource):
   51.27      """Removes a resource label from the global resource label file.
   51.28      """
   51.29 +    # Try Xen-API first if configured to use it
   51.30 +    if xm_main.serverType == xm_main.SERVER_XEN_API:
   51.31 +        try:
   51.32 +            oldlabel = server.xenapi.XSPolicy.get_resource_label(resource)
   51.33 +            if oldlabel != "":
   51.34 +                server.xenapi.XSPolicy.set_resource_label(resource,"",
   51.35 +                                                          oldlabel)
   51.36 +            else:
   51.37 +                raise security.ACMError("Resource not labeled")
   51.38 +        except Exception, e:
   51.39 +            print "Could not remove label from resource: %s" % e
   51.40 +        return
   51.41 +
   51.42      #build canonical resource name
   51.43      resource = security.unify_resname(resource)
   51.44  
   51.45      # read in the resource file
   51.46 -    file = security.res_label_filename
   51.47 +    fil = security.res_label_filename
   51.48      try:
   51.49 -        access_control = dictio.dict_read("resources", file)
   51.50 +        access_control = dictio.dict_read("resources", fil)
   51.51      except:
   51.52          raise security.ACMError("Resource file not found, cannot remove label!")
   51.53  
   51.54      # remove the entry and update file
   51.55      if access_control.has_key(resource):
   51.56          del access_control[resource]
   51.57 -        dictio.dict_write(access_control, "resources", file)
   51.58 +        dictio.dict_write(access_control, "resources", fil)
   51.59      else:
   51.60          raise security.ACMError("Resource not labeled")
   51.61  
   51.62 @@ -58,15 +75,15 @@ def rm_resource_label(resource):
   51.63  def rm_domain_label(configfile):
   51.64      # open the domain config file
   51.65      fd = None
   51.66 -    file = None
   51.67 +    fil = None
   51.68      if configfile[0] == '/':
   51.69 -        file = configfile
   51.70 -        fd = open(file, "rb")
   51.71 +        fil = configfile
   51.72 +        fd = open(fil, "rb")
   51.73      else:
   51.74          for prefix in [".", "/etc/xen"]:
   51.75 -            file = prefix + "/" + configfile
   51.76 -            if os.path.isfile(file):
   51.77 -                fd = open(file, "rb")
   51.78 +            fil = prefix + "/" + configfile
   51.79 +            if os.path.isfile(fil):
   51.80 +                fd = open(fil, "rb")
   51.81                  break
   51.82      if not fd:
   51.83          raise OptionError("Configuration file '%s' not found." % configfile)
   51.84 @@ -93,22 +110,40 @@ def rm_domain_label(configfile):
   51.85          raise security.ACMError('Domain not labeled')
   51.86  
   51.87      # write the data back out to the file
   51.88 -    fd = open(file, "wb")
   51.89 +    fd = open(fil, "wb")
   51.90      fd.writelines(file_contents)
   51.91      fd.close()
   51.92  
   51.93 +def rm_domain_label_xapi(domainname):
   51.94 +    if xm_main.serverType != xm_main.SERVER_XEN_API:
   51.95 +        raise OptionError('Need to be configure for using xen-api.')
   51.96 +    uuids = server.xenapi.VM.get_by_name_label(domainname)
   51.97 +    if len(uuids) == 0:
   51.98 +        raise OptionError('A VM with that name does not exist.')
   51.99 +    if len(uuids) != 1:
  51.100 +        raise OptionError('Too many domains with the same name.')
  51.101 +    uuid = uuids[0]
  51.102 +    try:
  51.103 +        old_lab = server.xenapi.VM.get_security_label(uuid)
  51.104 +        server.xenapi.VM.set_security_label(uuid, "", old_lab)
  51.105 +    except Exception, e:
  51.106 +        print('Could not remove label from domain: %s' % e)
  51.107 +
  51.108  
  51.109  def main (argv):
  51.110  
  51.111      if len(argv) != 3:
  51.112          raise OptionError('Requires 2 arguments')
  51.113      
  51.114 -    if argv[1].lower() not in ('dom', 'res'):
  51.115 +    if argv[1].lower() not in ('dom', 'mgt', 'res'):
  51.116          raise OptionError('Unrecognised type argument: %s' % argv[1])
  51.117  
  51.118      if argv[1].lower() == "dom":
  51.119          configfile = argv[2]
  51.120          rm_domain_label(configfile)
  51.121 +    elif argv[1].lower() == "mgt":
  51.122 +        domain = argv[2]
  51.123 +        rm_domain_label_xapi(domain)
  51.124      elif argv[1].lower() == "res":
  51.125          resource = argv[2]
  51.126          rm_resource_label(resource)
  51.127 @@ -119,5 +154,3 @@ if __name__ == '__main__':
  51.128      except Exception, e:
  51.129          sys.stderr.write('Error: %s\n' % str(e))
  51.130          sys.exit(-1)    
  51.131 -
  51.132 -
    52.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    52.2 +++ b/tools/python/xen/xm/setpolicy.py	Tue Jul 17 10:20:21 2007 +0100
    52.3 @@ -0,0 +1,117 @@
    52.4 +#============================================================================
    52.5 +# This library is free software; you can redistribute it and/or
    52.6 +# modify it under the terms of version 2.1 of the GNU Lesser General Public
    52.7 +# License as published by the Free Software Foundation.
    52.8 +#
    52.9 +# This library is distributed in the hope that it will be useful,
   52.10 +# but WITHOUT ANY WARRANTY; without even the implied warranty of
   52.11 +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
   52.12 +# Lesser General Public License for more details.
   52.13 +#
   52.14 +# You should have received a copy of the GNU Lesser General Public
   52.15 +# License along with this library; if not, write to the Free Software
   52.16 +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
   52.17 +#============================================================================
   52.18 +# Copyright (C) 2007 International Business Machines Corp.
   52.19 +# Author: Stefan Berger <stefanb@us.ibm.com>
   52.20 +#============================================================================
   52.21 +
   52.22 +"""Get the managed policy of the system.
   52.23 +"""
   52.24 +
   52.25 +import base64
   52.26 +import struct
   52.27 +import sys
   52.28 +import string
   52.29 +from xen.util import xsconstants
   52.30 +from xen.xm.opts import OptionError
   52.31 +from xen.util.security import policy_dir_prefix
   52.32 +from xen.xm import main as xm_main
   52.33 +from xen.xm.main import server
   52.34 +
   52.35 +def help():
   52.36 +    return """
   52.37 +    Usage: xm setpolicy <policytype> <policy> [options]
   52.38 +
   52.39 +    Set the policy managed by xend.
   52.40 +
   52.41 +    The only policytype that is currently supported is 'ACM'.
   52.42 +
   52.43 +    The following options are defined
   52.44 +      --load     Load the policy immediately
   52.45 +      --boot     Have the system load the policy during boot
   52.46 +    """
   52.47 +
   52.48 +def setpolicy(policytype, policy_name, flags, overwrite):
   52.49 +    if xm_main.serverType != xm_main.SERVER_XEN_API:
   52.50 +        raise OptionError('xm needs to be configured to use the xen-api.')
   52.51 +    if policytype != xsconstants.ACM_POLICY_ID:
   52.52 +        raise OptionError("Unsupported policytype '%s'." % policytype)
   52.53 +    else:
   52.54 +        xs_type = xsconstants.XS_POLICY_ACM
   52.55 +
   52.56 +        policy_file = policy_dir_prefix + "/" + \
   52.57 +                      string.join(string.split(policy_name, "."), "/")
   52.58 +        policy_file += "-security_policy.xml"
   52.59 +
   52.60 +        try:
   52.61 +            f = open(policy_file,"r")
   52.62 +            xml = f.read(-1)
   52.63 +            f.close()
   52.64 +        except:
   52.65 +            raise OptionError("Not a valid policy file")
   52.66 +
   52.67 +        try:
   52.68 +            policystate = server.xenapi.XSPolicy.set_xspolicy(xs_type,
   52.69 +                                                              xml,
   52.70 +                                                              flags,
   52.71 +                                                              overwrite)
   52.72 +        except Exception, e:
   52.73 +            print "An error occurred setting the policy: %s" % str(e)
   52.74 +            return
   52.75 +        xserr = int(policystate['xserr'])
   52.76 +        if xserr != 0:
   52.77 +            print "An error occurred trying to set the policy: %s" % \
   52.78 +                  xsconstants.xserr2string(abs(xserr))
   52.79 +            errors = policystate['errors']
   52.80 +            if len(errors) > 0:
   52.81 +                print "Hypervisor reported errors:"
   52.82 +                err = base64.b64decode(errors)
   52.83 +                i = 0
   52.84 +                while i + 7 < len(err):
   52.85 +                    code, data = struct.unpack("!ii", errors[i:i+8])
   52.86 +                    print "(0x%08x, 0x%08x)" % (code, data)
   52.87 +                    i += 8
   52.88 +        else:
   52.89 +            print "Successfully set the new policy."
   52.90 +
   52.91 +
   52.92 +def main(argv):
   52.93 +    if len(argv) < 3:
   52.94 +       raise OptionError("Need at least 3 arguments.")
   52.95 +
   52.96 +    if "-?" in argv:
   52.97 +        help()
   52.98 +        return
   52.99 +
  52.100 +    policytype  = argv[1]
  52.101 +    policy_name = argv[2]
  52.102 +
  52.103 +    flags = 0
  52.104 +    if '--load' in argv:
  52.105 +        flags |= xsconstants.XS_INST_LOAD
  52.106 +    if '--boot' in argv:
  52.107 +        flags |= xsconstants.XS_INST_BOOT
  52.108 +
  52.109 +    overwrite = True
  52.110 +    if '--nooverwrite' in argv:
  52.111 +        overwrite = False
  52.112 +
  52.113 +    setpolicy(policytype, policy_name, flags, overwrite)
  52.114 +
  52.115 +if __name__ == '__main__':
  52.116 +    try:
  52.117 +        main(sys.argv)
  52.118 +    except Exception, e:
  52.119 +        sys.stderr.write('Error: %s\n' % str(e))
  52.120 +        sys.exit(-1)
    53.1 --- a/tools/python/xen/xm/xenapi_create.py	Mon Jul 16 14:20:16 2007 -0500
    53.2 +++ b/tools/python/xen/xm/xenapi_create.py	Tue Jul 17 10:20:21 2007 +0100
    53.3 @@ -25,6 +25,7 @@ from xen.xend import sxp
    53.4  from xen.xend.XendAPIConstants import XEN_API_ON_NORMAL_EXIT, \
    53.5       XEN_API_ON_CRASH_BEHAVIOUR
    53.6  from xen.xm.opts import OptionError
    53.7 +from xen.util import xsconstants
    53.8  
    53.9  import sys
   53.10  import os
   53.11 @@ -308,6 +309,12 @@ class xenapi_create:
   53.12                 ""
   53.13              }
   53.14  
   53.15 +        if vm.attributes.has_key("security_label"):
   53.16 +            vm_record.update({
   53.17 +                "security_label":
   53.18 +                    vm.attributes["security_label"].value
   53.19 +                })
   53.20 +
   53.21          if len(vm.getElementsByTagName("pv")) > 0:
   53.22              vm_record.update({
   53.23                  "PV_bootloader":
   53.24 @@ -348,6 +355,12 @@ class xenapi_create:
   53.25  
   53.26              self.create_vifs(vm_ref, vifs, networks)
   53.27  
   53.28 +            # Now create vtpms
   53.29 +
   53.30 +            vtpms = vm.getElementsByTagName("vtpm")
   53.31 +
   53.32 +            self.create_vtpms(vm_ref, vtpms)
   53.33 +
   53.34              # Now create consoles
   53.35  
   53.36              consoles = vm.getElementsByTagName("console")
   53.37 @@ -441,6 +454,21 @@ class xenapi_create:
   53.38              self._network_refs = server.xenapi.network.get_all()
   53.39              return self._network_refs.pop(0)
   53.40  
   53.41 +    def create_vtpms(self, vm_ref, vtpms):
   53.42 +        if len(vtpms) > 1:
   53.43 +            vtpms = [ vtpms[0] ]
   53.44 +        log(DEBUG, "create_vtpms")
   53.45 +        return map(lambda vtpm: self.create_vtpm(vm_ref, vtpm), vtpms)
   53.46 +
   53.47 +    def create_vtpm(self, vm_ref, vtpm):
   53.48 +        vtpm_record = {
   53.49 +            "VM":
   53.50 +                vm_ref,
   53.51 +            "backend":
   53.52 +                vtpm.attributes["backend"].value
   53.53 +        }
   53.54 +        return server.xenapi.VTPM.create(vtpm_record)
   53.55 +
   53.56      def create_consoles(self, vm_ref, consoles):
   53.57          log(DEBUG, "create_consoles")
   53.58          return map(lambda console: self.create_console(vm_ref, console),
   53.59 @@ -482,6 +510,10 @@ class sxp2xml:
   53.60  
   53.61          vifs_sxp = map(lambda x: x[1], [device for device in devices
   53.62                                          if device[1][0] == "vif"])
   53.63 +
   53.64 +        vtpms_sxp = map(lambda x: x[1], [device for device in devices
   53.65 +                                         if device[1][0] == "vtpm"])
   53.66 +
   53.67          # Create XML Document
   53.68          
   53.69          impl = getDOMImplementation()
   53.70 @@ -531,6 +563,14 @@ class sxp2xml:
   53.71          vm.attributes["vcpus_at_startup"] \
   53.72              = str(get_child_by_name(config, "vcpus", 1))
   53.73  
   53.74 +        sec_data = get_child_by_name(config, "security")
   53.75 +        if sec_data:
   53.76 +            try :
   53.77 +                vm.attributes['security_label'] = \
   53.78 +                      "%s:%s:%s" % (xsconstants.ACM_POLICY_ID, sec_data[0][1][1],sec_data[0][2][1])
   53.79 +            except Exception, e:
   53.80 +                raise "Invalid security data format: %s" % str(sec_data)
   53.81 +
   53.82          # Make the name tag
   53.83  
   53.84          vm.appendChild(self.make_name_tag(
   53.85 @@ -601,6 +641,12 @@ class sxp2xml:
   53.86  
   53.87          map(vm.appendChild, vifs)
   53.88  
   53.89 +        # And now the vTPMs
   53.90 +
   53.91 +        vtpms = map(lambda vtpm: self.extract_vtpm(vtpm, document), vtpms_sxp)
   53.92 +
   53.93 +        map(vm.appendChild, vtpms)
   53.94 +
   53.95          # Last but not least the consoles...
   53.96  
   53.97          consoles = self.extract_consoles(image, document)
   53.98 @@ -708,6 +754,15 @@ class sxp2xml:
   53.99          
  53.100          return vif
  53.101  
  53.102 +    def extract_vtpm(self, vtpm_sxp, document):
  53.103 +
  53.104 +        vtpm = document.createElement("vtpm")
  53.105 +
  53.106 +        vtpm.attributes["backend"] \
  53.107 +             = get_child_by_name(vtpm_sxp, "backend", "0")
  53.108 +
  53.109 +        return vtpm
  53.110 +
  53.111      _eths = -1
  53.112  
  53.113      def mk_other_config(self, key, value, document):
    54.1 --- a/tools/security/policies/security_policy.xsd	Mon Jul 16 14:20:16 2007 -0500
    54.2 +++ b/tools/security/policies/security_policy.xsd	Tue Jul 17 10:20:21 2007 +0100
    54.3 @@ -99,7 +99,7 @@
    54.4  			<xsd:sequence>
    54.5  				<xsd:element name="Name" type="NameWithFrom"></xsd:element>
    54.6  				<xsd:element ref="SimpleTypeEnforcementTypes" minOccurs="0" maxOccurs="unbounded" />
    54.7 -				<xsd:element name="ChineseWallTypes" type="SingleChineseWallType" />
    54.8 +				<xsd:element ref="ChineseWallTypes" minOccurs="0" maxOccurs="unbounded" />
    54.9  			</xsd:sequence>
   54.10  		</xsd:complexType>
   54.11  	</xsd:element>
   54.12 @@ -143,9 +143,4 @@
   54.13  			<xsd:element maxOccurs="1" minOccurs="1" ref="Type" />
   54.14  		</xsd:sequence>
   54.15  	</xsd:complexType>
   54.16 -	<xsd:complexType name="SingleChineseWallType">
   54.17 -		<xsd:sequence>
   54.18 -			<xsd:element maxOccurs="1" minOccurs="1" ref="Type" />
   54.19 -		</xsd:sequence>
   54.20 -	</xsd:complexType>
   54.21  </xsd:schema>
    55.1 --- a/tools/vtpm_manager/util/hashtable_itr.c	Mon Jul 16 14:20:16 2007 -0500
    55.2 +++ b/tools/vtpm_manager/util/hashtable_itr.c	Tue Jul 17 10:20:21 2007 +0100
    55.3 @@ -225,7 +225,7 @@ hashtable_iterator_search(struct hashtab
    55.4      
    55.5  egress:
    55.6  #ifdef HASHTABLE_THREADED
    55.7 -    pthread_mutex_lock(&h->mutex);
    55.8 +    pthread_mutex_unlock(&h->mutex);
    55.9  #endif 
   55.10      return ret;
   55.11  }
    56.1 --- a/tools/xenstore/xsls.c	Mon Jul 16 14:20:16 2007 -0500
    56.2 +++ b/tools/xenstore/xsls.c	Tue Jul 17 10:20:21 2007 +0100
    56.3 @@ -8,6 +8,7 @@
    56.4  #include <sys/ioctl.h>
    56.5  #include <termios.h>
    56.6  
    56.7 +#define STRING_MAX PATH_MAX
    56.8  static int max_width = 80;
    56.9  static int desired_width = 60;
   56.10  
   56.11 @@ -19,7 +20,8 @@ static int desired_width = 60;
   56.12  void print_dir(struct xs_handle *h, char *path, int cur_depth, int show_perms)
   56.13  {
   56.14      char **e;
   56.15 -    char newpath[512], *val;
   56.16 +    char newpath[STRING_MAX], *val;
   56.17 +    int newpath_len;
   56.18      int i;
   56.19      unsigned int num, len;
   56.20  
   56.21 @@ -33,13 +35,26 @@ void print_dir(struct xs_handle *h, char
   56.22          unsigned int nperms;
   56.23          int linewid;
   56.24  
   56.25 -        for (linewid=0; linewid<cur_depth; linewid++) putchar(' ');
   56.26 +        /* Print indent and path basename */
   56.27 +        for (linewid=0; linewid<cur_depth; linewid++) {
   56.28 +            putchar(' ');
   56.29 +        }
   56.30          linewid += printf("%.*s",
   56.31                            (int) (max_width - TAG_LEN - linewid), e[i]);
   56.32 -        sprintf(newpath, "%s%s%s", path, 
   56.33 +
   56.34 +        /* Compose fullpath and fetch value */
   56.35 +        newpath_len = snprintf(newpath, sizeof(newpath), "%s%s%s", path, 
   56.36                  path[strlen(path)-1] == '/' ? "" : "/", 
   56.37                  e[i]);
   56.38 -        val = xs_read(h, XBT_NULL, newpath, &len);
   56.39 +        if ( newpath_len < sizeof(newpath) ) {
   56.40 +            val = xs_read(h, XBT_NULL, newpath, &len);
   56.41 +        }
   56.42 +        else {
   56.43 +            /* Path was truncated and thus invalid */
   56.44 +            val = NULL;
   56.45 +        }
   56.46 +
   56.47 +        /* Print value */
   56.48          if (val == NULL) {
   56.49              printf(":\n");
   56.50          }
   56.51 @@ -88,7 +103,7 @@ void print_dir(struct xs_handle *h, char
   56.52  
   56.53  void usage(int argc, char *argv[])
   56.54  {
   56.55 -    fprintf(stderr, "Usage: %s [-p] [path]\n", argv[0]);
   56.56 +    fprintf(stderr, "Usage: %s [-w] [-p] [path]\n", argv[0]);
   56.57  }
   56.58  
   56.59  int main(int argc, char *argv[])
   56.60 @@ -104,11 +119,14 @@ int main(int argc, char *argv[])
   56.61      if (!ret)
   56.62          max_width = ws.ws_col - PAD;
   56.63  
   56.64 -    while (0 < (c = getopt(argc, argv, "ps"))) {
   56.65 +    while (0 < (c = getopt(argc, argv, "psw"))) {
   56.66          switch (c) {
   56.67 +        case 'w':
   56.68 +            max_width= STRING_MAX - PAD;
   56.69 +            desired_width = 0;
   56.70 +            break;
   56.71          case 'p':
   56.72              show_perm = 1;
   56.73 -            max_width -= 16;
   56.74              break;
   56.75          case 's':
   56.76              socket = 1;
   56.77 @@ -121,6 +139,11 @@ int main(int argc, char *argv[])
   56.78          }
   56.79      }
   56.80  
   56.81 +    /* Adjust the width here to avoid argument order dependency */
   56.82 +    if ( show_perm ) {
   56.83 +        max_width -= 16;
   56.84 +    }
   56.85 +
   56.86      xsh = socket ? xs_daemon_open() : xs_domain_open();
   56.87      if (xsh == NULL)
   56.88          err(1, socket ? "xs_daemon_open" : "xs_domain_open");
    57.1 --- a/tools/xentrace/xenctx.c	Mon Jul 16 14:20:16 2007 -0500
    57.2 +++ b/tools/xentrace/xenctx.c	Tue Jul 17 10:20:21 2007 +0100
    57.3 @@ -47,6 +47,13 @@ int stack_trace = 0;
    57.4  #elif defined (__ia64__)
    57.5  /* On ia64, we can't translate virtual address to physical address.  */
    57.6  #define NO_TRANSLATION
    57.7 +
    57.8 +/* Which registers should be displayed.  */
    57.9 +int disp_cr_regs;
   57.10 +int disp_ar_regs;
   57.11 +int disp_br_regs;
   57.12 +int disp_bank_regs;
   57.13 +int disp_tlb;
   57.14  #endif
   57.15  
   57.16  struct symbol {
   57.17 @@ -287,12 +294,12 @@ void print_ctx(vcpu_guest_context_t *ctx
   57.18  #define ITIR_PS_MAX               28
   57.19  #define RR_RID_SHIFT               8
   57.20  #define RR_RID_MASK         0xffffff
   57.21 +#define PSR_BN           (1UL << 44)
   57.22 +#define CFM_SOF_MASK            0x3f
   57.23  
   57.24 -void print_ctx(vcpu_guest_context_t *ctx1)
   57.25 +static void print_tr(int i, const struct ia64_tr_entry *tr)
   57.26  {
   57.27 -    struct vcpu_guest_context_regs *regs = &ctx1->regs;
   57.28 -    struct vcpu_tr_regs *tr = &ctx1->regs.tr;
   57.29 -    int i, ps_val, ma_val;
   57.30 +    int ps_val, ma_val;
   57.31      unsigned long pa;
   57.32  
   57.33      static const char ps[][5] = {"  4K", "  8K", " 16K", "    ",
   57.34 @@ -303,104 +310,204 @@ void print_ctx(vcpu_guest_context_t *ctx
   57.35      static const char ma[][4] = {"WB ", "   ", "   ", "   ",
   57.36                                   "UC ", "UCE", "WC ", "Nat"};
   57.37  
   57.38 -    printf(" ip:                %016lx  ", regs->ip);
   57.39 +    ps_val =  tr->itir >> ITIR_PS_SHIFT & ITIR_PS_MASK;
   57.40 +    ma_val =  tr->pte  >> PTE_MA_SHIFT  & PTE_MA_MASK;
   57.41 +    pa     = (tr->pte  >> PTE_PPN_SHIFT & PTE_PPN_MASK) << PTE_PPN_SHIFT;
   57.42 +    pa     = (pa >> ps_val) << ps_val;
   57.43 +    printf(" [%d]  %ld %06lx %016lx %013lx %02x %s %ld  %ld  %ld  %ld "
   57.44 +           "%ld %d %s %06lx\n", i,
   57.45 +           tr->pte  >> PTE_P_SHIFT    & PTE_P_MASK,
   57.46 +           tr->rid  >> RR_RID_SHIFT   & RR_RID_MASK,
   57.47 +           tr->vadr, pa, ps_val,
   57.48 +           ((ps_val >= ITIR_PS_MIN && ps_val <= ITIR_PS_MAX) ?
   57.49 +            ps[ps_val - ITIR_PS_MIN] : "    "),
   57.50 +           tr->pte  >> PTE_ED_SHIFT   & PTE_ED_MASK,
   57.51 +           tr->pte  >> PTE_PL_SHIFT   & PTE_PL_MASK,
   57.52 +           tr->pte  >> PTE_AR_SHIFT   & PTE_AR_MASK,
   57.53 +           tr->pte  >> PTE_A_SHIFT    & PTE_A_MASK,
   57.54 +           tr->pte  >> PTE_D_SHIFT    & PTE_D_MASK,
   57.55 +           ma_val, ma[ma_val],
   57.56 +           tr->itir >> ITIR_KEY_SHIFT & ITIR_KEY_MASK);
   57.57 +}
   57.58 +
   57.59 +void print_ctx(vcpu_guest_context_t *ctx)
   57.60 +{
   57.61 +    struct vcpu_guest_context_regs *regs = &ctx->regs;
   57.62 +    struct vcpu_tr_regs *tr = &ctx->regs.tr;
   57.63 +    int i;
   57.64 +    unsigned int rbs_size, cfm_sof;
   57.65 +
   57.66 +    printf(" ip:  %016lx  ", regs->ip);
   57.67      print_symbol(regs->ip);
   57.68      printf("\n");
   57.69 -    printf(" psr:               %016lx  ", regs->psr);
   57.70 -    printf(" b0:                %016lx\n", regs->b[0]);
   57.71 -    printf(" b6:                %016lx  ", regs->b[6]);
   57.72 -    printf(" b7:                %016lx\n", regs->b[7]);
   57.73 -    printf(" cfm:               %016lx  ", regs->cfm);
   57.74 -    printf(" ar.unat:           %016lx\n", regs->ar.unat);
   57.75 -    printf(" ar.pfs:            %016lx  ", regs->ar.pfs);
   57.76 -    printf(" ar.rsc:            %016lx\n", regs->ar.rsc);
   57.77 -    printf(" ar.rnat:           %016lx  ", regs->ar.rnat);
   57.78 -    printf(" ar.bspstore:       %016lx\n", regs->ar.bspstore);
   57.79 -    printf(" ar.fpsr:           %016lx  ", regs->ar.fpsr);
   57.80 -    printf(" event_callback_ip: %016lx\n", ctx1->event_callback_ip);
   57.81 -    printf(" pr:                %016lx  ", regs->pr);
   57.82 -    /*    printf(" loadrs:            %016lx\n", regs->loadrs); */
   57.83 -    printf(" iva:               %016lx\n", regs->cr.iva);
   57.84 -    printf(" dcr:               %016lx\n", regs->cr.dcr);
   57.85 +    printf(" psr:  %016lx  ", regs->psr);
   57.86 +    printf(" cfm:  %016lx  ", regs->cfm);
   57.87 +    printf(" pr:   %016lx\n", regs->pr);
   57.88 +
   57.89 +    if (disp_br_regs) {
   57.90 +        printf(" b0:   %016lx  ", regs->b[0]);
   57.91 +        printf(" b1:   %016lx  ", regs->b[1]);
   57.92 +        printf(" b2:   %016lx\n", regs->b[2]);
   57.93 +        printf(" b3:   %016lx  ", regs->b[3]);
   57.94 +        printf(" b4:   %016lx  ", regs->b[4]);
   57.95 +        printf(" b5:   %016lx\n", regs->b[5]);
   57.96 +        printf(" b6:   %016lx  ", regs->b[6]);
   57.97 +        printf(" b7:   %016lx\n", regs->b[7]);
   57.98 +    } else {
   57.99 +        printf(" b0:   %016lx\n", regs->b[0]);
  57.100 +    }
  57.101  
  57.102 +    if (disp_cr_regs) {
  57.103 +        printf ("\n"
  57.104 +                "                                CR:\n");
  57.105 +        printf(" dcr:  %016lx  ", regs->cr.dcr);
  57.106 +        printf(" itm:  %016lx  ", regs->cr.itm);
  57.107 +        printf(" iva:  %016lx\n", regs->cr.iva);
  57.108 +        printf(" pta:  %016lx  ", regs->cr.pta);
  57.109 +        printf(" ipsr: %016lx  ", regs->cr.ipsr);
  57.110 +        printf(" isr:  %016lx\n", regs->cr.isr);
  57.111 +        printf(" iip:  %016lx  ", regs->cr.iip);
  57.112 +        printf(" ifa:  %016lx  ", regs->cr.ifa);
  57.113 +        printf(" itir: %016lx\n", regs->cr.itir);
  57.114 +        printf(" iipa: %016lx  ", regs->cr.iipa);
  57.115 +        printf(" ifs:  %016lx  ", regs->cr.ifs);
  57.116 +        printf(" iim:  %016lx\n", regs->cr.iim);
  57.117 +        printf(" iha:  %016lx  ", regs->cr.iha);
  57.118 +        printf(" lid:  %016lx  ", regs->cr.lid);
  57.119 +        printf(" ivr:  %016lx\n", regs->cr.ivr);
  57.120 +        printf(" tpr:  %016lx  ", regs->cr.tpr);
  57.121 +        printf(" eoi:  %016lx  ", regs->cr.eoi);
  57.122 +        printf(" irr0: %016lx\n", regs->cr.irr[0]);
  57.123 +        printf(" irr1: %016lx  ", regs->cr.irr[1]);
  57.124 +        printf(" irr2: %016lx  ", regs->cr.irr[2]);
  57.125 +        printf(" irr3: %016lx\n", regs->cr.irr[3]);
  57.126 +        printf(" itv:  %016lx  ", regs->cr.itv);
  57.127 +        printf(" pmv:  %016lx  ", regs->cr.pmv);
  57.128 +        printf(" cmcv: %016lx\n", regs->cr.cmcv);
  57.129 +        printf(" lrr0: %016lx  ", regs->cr.lrr0);
  57.130 +        printf(" lrr1: %016lx  ", regs->cr.lrr1);
  57.131 +        printf(" ev_cb:%016lx\n", ctx->event_callback_ip);
  57.132 +
  57.133 +    }
  57.134 +    if (disp_ar_regs) {
  57.135 +        printf ("\n"
  57.136 +                "                                AR:\n");
  57.137 +        printf(" kr0:  %016lx  ", regs->ar.kr[0]);
  57.138 +        printf(" kr1:  %016lx  ", regs->ar.kr[1]);
  57.139 +        printf(" kr2:  %016lx\n", regs->ar.kr[2]);
  57.140 +        printf(" kr3:  %016lx  ", regs->ar.kr[3]);
  57.141 +        printf(" kr4:  %016lx  ", regs->ar.kr[4]);
  57.142 +        printf(" kr5:  %016lx\n", regs->ar.kr[5]);
  57.143 +        printf(" kr6:  %016lx  ", regs->ar.kr[6]);
  57.144 +        printf(" kr7:  %016lx  ", regs->ar.kr[7]);
  57.145 +        printf(" rsc:  %016lx\n", regs->ar.rsc);
  57.146 +        printf(" bsp:  %016lx  ", regs->ar.bsp);
  57.147 +        printf(" bsps: %016lx  ", regs->ar.bspstore);
  57.148 +        printf(" rnat: %016lx\n", regs->ar.rnat);
  57.149 +        printf(" csd:  %016lx  ", regs->ar.csd);
  57.150 +        printf(" ccv:  %016lx  ", regs->ar.ccv);
  57.151 +        printf(" unat: %016lx\n", regs->ar.unat);
  57.152 +        printf(" fpsr: %016lx  ", regs->ar.fpsr);
  57.153 +        printf(" itc:  %016lx\n", regs->ar.itc);
  57.154 +        printf(" pfs:  %016lx  ", regs->ar.pfs);
  57.155 +        printf(" lc:   %016lx  ", regs->ar.lc);
  57.156 +        printf(" ec:   %016lx\n", regs->ar.ec);
  57.157 +    }
  57.158      printf("\n");
  57.159 -    printf(" r1:  %016lx\n", regs->r[1]);
  57.160 +    printf(" r1:  %016lx  ", regs->r[1]);
  57.161      printf(" r2:  %016lx  ", regs->r[2]);
  57.162      printf(" r3:  %016lx\n", regs->r[3]);
  57.163      printf(" r4:  %016lx  ", regs->r[4]);
  57.164 -    printf(" r5:  %016lx\n", regs->r[5]);
  57.165 -    printf(" r6:  %016lx  ", regs->r[6]);
  57.166 -    printf(" r7:  %016lx\n", regs->r[7]);
  57.167 +    printf(" r5:  %016lx  ", regs->r[5]);
  57.168 +    printf(" r6:  %016lx\n", regs->r[6]);
  57.169 +    printf(" r7:  %016lx  ", regs->r[7]);
  57.170      printf(" r8:  %016lx  ", regs->r[8]);
  57.171      printf(" r9:  %016lx\n", regs->r[9]);
  57.172      printf(" r10: %016lx  ", regs->r[10]);
  57.173 -    printf(" r11: %016lx\n", regs->r[11]);
  57.174 -    printf(" sp:  %016lx  ", regs->r[12]);
  57.175 -    printf(" tp:  %016lx\n", regs->r[13]);
  57.176 +    printf(" r11: %016lx  ", regs->r[11]);
  57.177 +    printf(" sp:  %016lx\n", regs->r[12]);
  57.178 +    printf(" tp:  %016lx  ", regs->r[13]);
  57.179      printf(" r14: %016lx  ", regs->r[14]);
  57.180      printf(" r15: %016lx\n", regs->r[15]);
  57.181 -    printf(" r16: %016lx  ", regs->r[16]);
  57.182 -    printf(" r17: %016lx\n", regs->r[17]);
  57.183 -    printf(" r18: %016lx  ", regs->r[18]);
  57.184 -    printf(" r19: %016lx\n", regs->r[19]);
  57.185 -    printf(" r20: %016lx  ", regs->r[20]);
  57.186 -    printf(" r21: %016lx\n", regs->r[21]);
  57.187 -    printf(" r22: %016lx  ", regs->r[22]);
  57.188 -    printf(" r23: %016lx\n", regs->r[23]);
  57.189 -    printf(" r24: %016lx  ", regs->r[24]);
  57.190 -    printf(" r25: %016lx\n", regs->r[25]);
  57.191 -    printf(" r26: %016lx  ", regs->r[26]);
  57.192 -    printf(" r27: %016lx\n", regs->r[27]);
  57.193 -    printf(" r28: %016lx  ", regs->r[28]);
  57.194 -    printf(" r29: %016lx\n", regs->r[29]);
  57.195 -    printf(" r30: %016lx  ", regs->r[30]);
  57.196 -    printf(" r31: %016lx\n", regs->r[31]);
  57.197 -    
  57.198 -    printf("\n itr: P rid    va               pa            ps      ed pl "
  57.199 -           "ar a d ma    key\n");
  57.200 -    for (i = 0; i < 8; i++) {
  57.201 -        ps_val =  tr->itrs[i].itir >> ITIR_PS_SHIFT & ITIR_PS_MASK;
  57.202 -        ma_val =  tr->itrs[i].pte  >> PTE_MA_SHIFT  & PTE_MA_MASK;
  57.203 -        pa     = (tr->itrs[i].pte  >> PTE_PPN_SHIFT & PTE_PPN_MASK) <<
  57.204 -                 PTE_PPN_SHIFT;
  57.205 -        pa     = (pa >> ps_val) << ps_val;
  57.206 -        printf(" [%d]  %ld %06lx %016lx %013lx %02x %s %ld  %ld  %ld  %ld "
  57.207 -               "%ld %d %s %06lx\n", i,
  57.208 -               tr->itrs[i].pte  >> PTE_P_SHIFT    & PTE_P_MASK,
  57.209 -               tr->itrs[i].rid  >> RR_RID_SHIFT   & RR_RID_MASK,
  57.210 -               tr->itrs[i].vadr, pa, ps_val,
  57.211 -               ((ps_val >= ITIR_PS_MIN && ps_val <= ITIR_PS_MAX) ?
  57.212 -                ps[ps_val - ITIR_PS_MIN] : "    "),
  57.213 -               tr->itrs[i].pte  >> PTE_ED_SHIFT   & PTE_ED_MASK,
  57.214 -               tr->itrs[i].pte  >> PTE_PL_SHIFT   & PTE_PL_MASK,
  57.215 -               tr->itrs[i].pte  >> PTE_AR_SHIFT   & PTE_AR_MASK,
  57.216 -               tr->itrs[i].pte  >> PTE_A_SHIFT    & PTE_A_MASK,
  57.217 -               tr->itrs[i].pte  >> PTE_D_SHIFT    & PTE_D_MASK,
  57.218 -               ma_val, ma[ma_val],
  57.219 -               tr->itrs[i].itir >> ITIR_KEY_SHIFT & ITIR_KEY_MASK);
  57.220 +    if (disp_bank_regs) {
  57.221 +        printf("      Bank %d (current)                         Bank %d\n",
  57.222 +               (regs->psr & PSR_BN) ? 1 : 0, (regs->psr & PSR_BN) ? 0 : 1);
  57.223 +        printf ("16:%016lx ", regs->r[16]);
  57.224 +        printf ("17:%016lx ", regs->r[17]);
  57.225 +        printf ("16:%016lx ", regs->bank[0]);
  57.226 +        printf ("17:%016lx\n", regs->bank[1]);
  57.227 +        printf ("18:%016lx ", regs->r[18]);
  57.228 +        printf ("19:%016lx ", regs->r[19]);
  57.229 +        printf ("18:%016lx ", regs->bank[2]);
  57.230 +        printf ("19:%016lx\n", regs->bank[3]);
  57.231 +        printf ("20:%016lx ", regs->r[20]);
  57.232 +        printf ("21:%016lx ", regs->r[21]);
  57.233 +        printf ("20:%016lx ", regs->bank[4]);
  57.234 +        printf ("21:%016lx\n", regs->bank[5]);
  57.235 +        printf ("22:%016lx ", regs->r[22]);
  57.236 +        printf ("23:%016lx ", regs->r[23]);
  57.237 +        printf ("22:%016lx ", regs->bank[6]);
  57.238 +        printf ("23:%016lx\n", regs->bank[7]);
  57.239 +        printf ("24:%016lx ", regs->r[24]);
  57.240 +        printf ("25:%016lx ", regs->r[25]);
  57.241 +        printf ("24:%016lx ", regs->bank[8]);
  57.242 +        printf ("25:%016lx\n", regs->bank[9]);
  57.243 +        printf ("26:%016lx ", regs->r[26]);
  57.244 +        printf ("27:%016lx ", regs->r[27]);
  57.245 +        printf ("26:%016lx ", regs->bank[10]);
  57.246 +        printf ("27:%016lx\n", regs->bank[11]);
  57.247 +        printf ("28:%016lx ", regs->r[28]);
  57.248 +        printf ("29:%016lx ", regs->r[29]);
  57.249 +        printf ("28:%016lx ", regs->bank[12]);
  57.250 +        printf ("29:%016lx\n", regs->bank[13]);
  57.251 +        printf ("30:%016lx ", regs->r[30]);
  57.252 +        printf ("31:%016lx ", regs->r[31]);
  57.253 +        printf ("30:%016lx ", regs->bank[14]);
  57.254 +        printf ("31:%016lx\n", regs->bank[15]);
  57.255 +    } else {
  57.256 +        printf(" r16: %016lx  ", regs->r[16]);
  57.257 +        printf(" r17: %016lx  ", regs->r[17]);
  57.258 +        printf(" r18: %016lx\n", regs->r[18]);
  57.259 +        printf(" r19: %016lx  ", regs->r[19]);
  57.260 +        printf(" r20: %016lx  ", regs->r[20]);
  57.261 +        printf(" r21: %016lx\n", regs->r[21]);
  57.262 +        printf(" r22: %016lx  ", regs->r[22]);
  57.263 +        printf(" r23: %016lx  ", regs->r[23]);
  57.264 +        printf(" r24: %016lx\n", regs->r[24]);
  57.265 +        printf(" r25: %016lx  ", regs->r[25]);
  57.266 +        printf(" r26: %016lx  ", regs->r[26]);
  57.267 +        printf(" r27: %016lx\n", regs->r[27]);
  57.268 +        printf(" r28: %016lx  ", regs->r[28]);
  57.269 +        printf(" r29: %016lx  ", regs->r[29]);
  57.270 +        printf(" r30: %016lx\n", regs->r[30]);
  57.271 +        printf(" r31: %016lx\n", regs->r[31]);
  57.272      }
  57.273 -    printf("\n dtr: P rid    va               pa            ps      ed pl "
  57.274 -           "ar a d ma    key\n");
  57.275 -    for (i = 0; i < 8; i++) {
  57.276 -        ps_val =  tr->dtrs[i].itir >> ITIR_PS_SHIFT & ITIR_PS_MASK;
  57.277 -        ma_val =  tr->dtrs[i].pte  >> PTE_MA_SHIFT  & PTE_MA_MASK;
  57.278 -        pa     = (tr->dtrs[i].pte  >> PTE_PPN_SHIFT & PTE_PPN_MASK) <<
  57.279 -                 PTE_PPN_SHIFT;
  57.280 -        pa     = (pa >> ps_val) << ps_val;
  57.281 -        printf(" [%d]  %ld %06lx %016lx %013lx %02x %s %ld  %ld  %ld  %ld "
  57.282 -               "%ld %d %s %06lx\n", i,
  57.283 -               tr->dtrs[i].pte  >> PTE_P_SHIFT    & PTE_P_MASK,
  57.284 -               tr->dtrs[i].rid  >> RR_RID_SHIFT   & RR_RID_MASK,
  57.285 -               tr->dtrs[i].vadr, pa, ps_val,
  57.286 -               ((ps_val >= ITIR_PS_MIN && ps_val <= ITIR_PS_MAX) ?
  57.287 -                ps[ps_val - ITIR_PS_MIN] : "    "),
  57.288 -               tr->dtrs[i].pte  >> PTE_ED_SHIFT   & PTE_ED_MASK,
  57.289 -               tr->dtrs[i].pte  >> PTE_PL_SHIFT   & PTE_PL_MASK,
  57.290 -               tr->dtrs[i].pte  >> PTE_AR_SHIFT   & PTE_AR_MASK,
  57.291 -               tr->dtrs[i].pte  >> PTE_A_SHIFT    & PTE_A_MASK,
  57.292 -               tr->dtrs[i].pte  >> PTE_D_SHIFT    & PTE_D_MASK,
  57.293 -               ma_val, ma[ma_val],
  57.294 -               tr->dtrs[i].itir >> ITIR_KEY_SHIFT & ITIR_KEY_MASK);
  57.295 +
  57.296 +    printf("\n");
  57.297 +    rbs_size = (regs->ar.bsp - regs->ar.bspstore) / 8;
  57.298 +    cfm_sof = (regs->cfm & CFM_SOF_MASK);
  57.299 +    for (i = 0; i < cfm_sof; i++) {
  57.300 +        int off = cfm_sof - i;
  57.301 +        unsigned int rbs_off =
  57.302 +            (((62 - ((rbs_size + regs->rbs_voff) % 64) + off)) / 63) + off;
  57.303 +        if (rbs_off > rbs_size)
  57.304 +            break;
  57.305 +        printf(" r%02d: %016lx%s", 32 + i,
  57.306 +               regs->rbs[rbs_size - rbs_off],
  57.307 +               (i % 3) != 2 ? "  " : "\n");
  57.308 +    }
  57.309 +    if ((i % 3) != 0)
  57.310 +        printf ("\n");
  57.311 +
  57.312 +    if (disp_tlb) {
  57.313 +        printf("\n itr: P rid    va               pa            ps      ed pl "
  57.314 +               "ar a d ma    key\n");
  57.315 +        for (i = 0; i < 8; i++)
  57.316 +            print_tr(i, &tr->itrs[i]);
  57.317 +        printf("\n dtr: P rid    va               pa            ps      ed pl "
  57.318 +               "ar a d ma    key\n");
  57.319 +        for (i = 0; i < 8; i++)
  57.320 +            print_tr(i, &tr->dtrs[i]);
  57.321      }
  57.322  }
  57.323  #endif
  57.324 @@ -526,9 +633,16 @@ void dump_ctx(int vcpu)
  57.325  {
  57.326      int ret;
  57.327      vcpu_guest_context_t ctx;
  57.328 +    xc_dominfo_t dominfo;
  57.329  
  57.330      xc_handle = xc_interface_open(); /* for accessing control interface */
  57.331  
  57.332 +    ret = xc_domain_getinfo(xc_handle, domid, 1, &dominfo);
  57.333 +    if (ret < 0) {
  57.334 +        perror("xc_domain_getinfo");
  57.335 +        exit(-1);
  57.336 +    }
  57.337 +    
  57.338      ret = xc_domain_pause(xc_handle, domid);
  57.339      if (ret < 0) {
  57.340          perror("xc_domain_pause");
  57.341 @@ -537,7 +651,8 @@ void dump_ctx(int vcpu)
  57.342  
  57.343      ret = xc_vcpu_getcontext(xc_handle, domid, vcpu, &ctx);
  57.344      if (ret < 0) {
  57.345 -        xc_domain_unpause(xc_handle, domid);
  57.346 +        if (!dominfo.paused)
  57.347 +            xc_domain_unpause(xc_handle, domid);
  57.348          perror("xc_vcpu_getcontext");
  57.349          exit(-1);
  57.350      }
  57.351 @@ -548,10 +663,12 @@ void dump_ctx(int vcpu)
  57.352          print_stack(&ctx, vcpu);
  57.353  #endif
  57.354  
  57.355 -    ret = xc_domain_unpause(xc_handle, domid);
  57.356 -    if (ret < 0) {
  57.357 -        perror("xc_domain_unpause");
  57.358 -        exit(-1);
  57.359 +    if (!dominfo.paused) {
  57.360 +        ret = xc_domain_unpause(xc_handle, domid);
  57.361 +        if (ret < 0) {
  57.362 +            perror("xc_domain_unpause");
  57.363 +            exit(-1);
  57.364 +        }
  57.365      }
  57.366  
  57.367      xc_interface_close(xc_handle);
  57.368 @@ -574,16 +691,28 @@ void usage(void)
  57.369      printf("  -s SYMTAB, --symbol-table=SYMTAB\n");
  57.370      printf("                    read symbol table from SYMTAB.\n");
  57.371      printf("  --stack-trace     print a complete stack trace.\n");
  57.372 +#ifdef __ia64__
  57.373 +    printf("  -r LIST, --regs=LIST  display more registers.\n");
  57.374 +    printf("  -a --all          same as --regs=tlb,cr,ar,br,bk\n");
  57.375 +#endif
  57.376  }
  57.377  
  57.378  int main(int argc, char **argv)
  57.379  {
  57.380      int ch;
  57.381 -    const char *sopts = "fs:h";
  57.382 -    const struct option lopts[] = {
  57.383 +    static const char *sopts = "fs:h"
  57.384 +#ifdef __ia64__
  57.385 +        "ar:"
  57.386 +#endif
  57.387 +        ;
  57.388 +    static const struct option lopts[] = {
  57.389          {"stack-trace", 0, NULL, 'S'},
  57.390          {"symbol-table", 1, NULL, 's'},
  57.391          {"frame-pointers", 0, NULL, 'f'},
  57.392 +#ifdef __ia64__
  57.393 +        {"regs", 1, NULL, 'r'},
  57.394 +        {"all", 0, NULL, 'a'},
  57.395 +#endif
  57.396          {"help", 0, NULL, 'h'},
  57.397          {0, 0, 0, 0}
  57.398      };
  57.399 @@ -602,6 +731,39 @@ int main(int argc, char **argv)
  57.400          case 'S':
  57.401              stack_trace = 1;
  57.402              break;
  57.403 +#ifdef __ia64__
  57.404 +        case 'r':
  57.405 +            {
  57.406 +                char *r;
  57.407 +
  57.408 +                r = strtok(optarg, ",");
  57.409 +                while (r) {
  57.410 +                    if (strcmp (r, "cr") == 0)
  57.411 +                        disp_cr_regs = 1;
  57.412 +                    else if (strcmp (r, "ar") == 0)
  57.413 +                        disp_ar_regs = 1;
  57.414 +                    else if (strcmp (r, "br") == 0)
  57.415 +                        disp_br_regs = 1;
  57.416 +                    else if (strcmp (r, "bk") == 0)
  57.417 +                        disp_bank_regs = 1;
  57.418 +                    else if (strcmp (r, "tlb") == 0)
  57.419 +                        disp_tlb = 1;
  57.420 +                    else {
  57.421 +                        fprintf(stderr,"unknown register set %s\n", r);
  57.422 +                        exit(-1);
  57.423 +                    }
  57.424 +                    r = strtok(NULL, "'");
  57.425 +                }
  57.426 +            }
  57.427 +            break;
  57.428 +        case 'a':
  57.429 +            disp_cr_regs = 1;
  57.430 +            disp_ar_regs = 1;
  57.431 +            disp_br_regs = 1;
  57.432 +            disp_bank_regs = 1;
  57.433 +            disp_tlb = 1;
  57.434 +            break;
  57.435 +#endif
  57.436          case 'h':
  57.437              usage();
  57.438              exit(-1);
    58.1 --- a/unmodified_drivers/linux-2.6/compat-include/xen/platform-compat.h	Mon Jul 16 14:20:16 2007 -0500
    58.2 +++ b/unmodified_drivers/linux-2.6/compat-include/xen/platform-compat.h	Tue Jul 17 10:20:21 2007 +0100
    58.3 @@ -107,4 +107,13 @@ extern char *kasprintf(gfp_t gfp, const 
    58.4  #define __supported_pte_mask ((maddr_t)0)
    58.5  #endif
    58.6  
    58.7 +#if defined(_LINUX_NETDEVICE_H) && LINUX_VERSION_CODE < KERNEL_VERSION(2,6,18)
    58.8 +#define netif_tx_lock_bh(dev) (spin_lock_bh(&(dev)->xmit_lock))
    58.9 +#define netif_tx_unlock_bh(dev) (spin_unlock_bh(&(dev)->xmit_lock))
   58.10  #endif
   58.11 +
   58.12 +#if defined(__LINUX_SEQLOCK_H) && !defined(DEFINE_SEQLOCK)
   58.13 +#define DEFINE_SEQLOCK(x) seqlock_t x = SEQLOCK_UNLOCKED
   58.14 +#endif
   58.15 +
   58.16 +#endif
    59.1 --- a/unmodified_drivers/linux-2.6/netfront/Kbuild	Mon Jul 16 14:20:16 2007 -0500
    59.2 +++ b/unmodified_drivers/linux-2.6/netfront/Kbuild	Tue Jul 17 10:20:21 2007 +0100
    59.3 @@ -2,3 +2,4 @@ include $(M)/overrides.mk
    59.4  
    59.5  obj-m  = xen-vnif.o
    59.6  xen-vnif-objs	:= netfront.o
    59.7 +xen-vnif-objs	+= accel.o
    60.1 --- a/xen/Makefile	Mon Jul 16 14:20:16 2007 -0500
    60.2 +++ b/xen/Makefile	Tue Jul 17 10:20:21 2007 +0100
    60.3 @@ -59,7 +59,6 @@ build install debug clean distclean csco
    60.4  	$(MAKE) -f $(BASEDIR)/Rules.mk -C arch/$(TARGET_ARCH) clean
    60.5  	rm -f include/asm *.o $(TARGET)* *~ core
    60.6  	rm -f include/asm-*/asm-offsets.h
    60.7 -	rm -f include/xen/acm_policy.h
    60.8  
    60.9  .PHONY: _distclean
   60.10  _distclean: clean
   60.11 @@ -72,7 +71,6 @@ build install debug clean distclean csco
   60.12  $(TARGET): delete-unfresh-files build-headers
   60.13  	$(MAKE) -C tools
   60.14  	$(MAKE) -f $(BASEDIR)/Rules.mk include/xen/compile.h
   60.15 -	$(MAKE) -f $(BASEDIR)/Rules.mk include/xen/acm_policy.h
   60.16  	[ -e include/asm ] || ln -sf asm-$(TARGET_ARCH) include/asm
   60.17  	$(MAKE) -f $(BASEDIR)/Rules.mk -C include
   60.18  	$(MAKE) -f $(BASEDIR)/Rules.mk -C arch/$(TARGET_ARCH) asm-offsets.s
   60.19 @@ -87,20 +85,6 @@ delete-unfresh-files:
   60.20  		rm -f include/xen/compile.h; \
   60.21  	fi
   60.22  
   60.23 -# acm_policy.h contains security policy for Xen
   60.24 -include/xen/acm_policy.h:
   60.25 -	@(set -e; \
   60.26 -	  echo "/*"; \
   60.27 -	  echo " * DO NOT MODIFY."; \
   60.28 -	  echo " *"; \
   60.29 -	  echo " * This file was auto-generated by xen/Makefile $<"; \
   60.30 -	  echo " *"; \
   60.31 -	  echo " */"; \
   60.32 -	  echo ""; \
   60.33 -	  echo "#ifndef ACM_DEFAULT_SECURITY_POLICY"; \
   60.34 -	  echo "#define ACM_DEFAULT_SECURITY_POLICY $(ACM_DEFAULT_SECURITY_POLICY)"; \
   60.35 -	  echo "#endif") >$@
   60.36 -
   60.37  # compile.h contains dynamic build info. Rebuilt on every 'make' invocation.
   60.38  include/xen/compile.h: include/xen/compile.h.in
   60.39  	@sed -e 's/@@date@@/$(shell LC_ALL=C date)/g' \
    61.1 --- a/xen/arch/ia64/Makefile	Mon Jul 16 14:20:16 2007 -0500
    61.2 +++ b/xen/arch/ia64/Makefile	Tue Jul 17 10:20:21 2007 +0100
    61.3 @@ -27,7 +27,6 @@ subdir-y += linux-xen
    61.4  		> $(BASEDIR)/System.map
    61.5  
    61.6  # Headers do not depend on auto-generated header, but object files do.
    61.7 -HDRS    := $(subst $(BASEDIR)/include/asm-ia64/asm-xsi-offsets.h,,$(HDRS))
    61.8  $(ALL_OBJS): $(BASEDIR)/include/asm-ia64/asm-xsi-offsets.h
    61.9  
   61.10  asm-offsets.s: asm-offsets.c $(BASEDIR)/include/asm-ia64/.offsets.h.stamp
   61.11 @@ -58,6 +57,7 @@ asm-xsi-offsets.s: asm-xsi-offsets.c $(H
   61.12  	 || ln -sf $(BASEDIR)/include/xen $(BASEDIR)/include/linux
   61.13  	[ -e $(BASEDIR)/include/asm-ia64/xen ] \
   61.14  	 || ln -sf $(BASEDIR)/include/asm-ia64/linux $(BASEDIR)/include/asm-ia64/xen
   61.15 +	touch $@
   61.16  
   61.17  # I'm sure a Makefile wizard would know a better way to do this
   61.18  xen.lds.s: xen/xen.lds.S $(HDRS)
    62.1 --- a/xen/arch/ia64/Rules.mk	Mon Jul 16 14:20:16 2007 -0500
    62.2 +++ b/xen/arch/ia64/Rules.mk	Tue Jul 17 10:20:21 2007 +0100
    62.3 @@ -69,3 +69,5 @@ HDRS += $(wildcard $(BASEDIR)/include/as
    62.4  HDRS += $(wildcard $(BASEDIR)/include/asm-ia64/linux/asm/*.h)
    62.5  HDRS += $(wildcard $(BASEDIR)/include/asm-ia64/linux/byteorder/*.h)
    62.6  HDRS += $(wildcard $(BASEDIR)/include/asm-ia64/hvm/*.h)
    62.7 +
    62.8 +HDRS := $(filter-out %/include/asm-ia64/asm-xsi-offsets.h,$(HDRS))
    63.1 --- a/xen/arch/ia64/linux-xen/efi.c	Mon Jul 16 14:20:16 2007 -0500
    63.2 +++ b/xen/arch/ia64/linux-xen/efi.c	Tue Jul 17 10:20:21 2007 +0100
    63.3 @@ -1013,12 +1013,9 @@ efi_memmap_init(unsigned long *s, unsign
    63.4  			continue;
    63.5  		}
    63.6  #ifdef XEN
    63.7 -// this works around a problem in the ski bootloader
    63.8 -{
    63.9 -		extern long running_on_sim;
   63.10 +		/* this works around a problem in the ski bootloader */
   63.11  		if (running_on_sim && md->type != EFI_CONVENTIONAL_MEMORY)
   63.12  			continue;
   63.13 -}
   63.14  #endif
   63.15  		if (pmd == NULL || !efi_wb(pmd) || efi_md_end(pmd) != md->phys_addr) {
   63.16  			contig_low = GRANULEROUNDUP(md->phys_addr);
    64.1 --- a/xen/arch/ia64/linux-xen/perfmon.c	Mon Jul 16 14:20:16 2007 -0500
    64.2 +++ b/xen/arch/ia64/linux-xen/perfmon.c	Tue Jul 17 10:20:21 2007 +0100
    64.3 @@ -7729,7 +7729,7 @@ do_perfmon_op(unsigned long cmd,
    64.4  {
    64.5  	unsigned long error = 0;
    64.6  
    64.7 -	if (!NONPRIV_OP(cmd) && current->domain != xenoprof_primary_profiler) {
    64.8 +	if (!NONPRIV_OP(cmd) && current->domain->domain_id !=0) {
    64.9  		gdprintk(XENLOG_INFO, "xen perfmon: "
   64.10  			 "dom %d denied privileged operation %ld\n",
   64.11  			 current->domain->domain_id, cmd);
    65.1 --- a/xen/arch/ia64/linux-xen/sn/kernel/irq.c	Mon Jul 16 14:20:16 2007 -0500
    65.2 +++ b/xen/arch/ia64/linux-xen/sn/kernel/irq.c	Tue Jul 17 10:20:21 2007 +0100
    65.3 @@ -27,6 +27,7 @@
    65.4  #include <asm/sn/sn_sal.h>
    65.5  
    65.6  #ifdef XEN
    65.7 +#define pci_dev_get(dev)	do {} while(0)
    65.8  #define move_native_irq(foo)	do {} while(0)
    65.9  #endif
   65.10  
   65.11 @@ -264,7 +265,6 @@ void sn_irq_init(void)
   65.12  	}
   65.13  }
   65.14  
   65.15 -#ifndef XEN
   65.16  static void register_intr_pda(struct sn_irq_info *sn_irq_info)
   65.17  {
   65.18  	int irq = sn_irq_info->irq_irq;
   65.19 @@ -278,6 +278,7 @@ static void register_intr_pda(struct sn_
   65.20  		pdacpu(cpu)->sn_first_irq = irq;
   65.21  }
   65.22  
   65.23 +#ifndef XEN
   65.24  static void unregister_intr_pda(struct sn_irq_info *sn_irq_info)
   65.25  {
   65.26  	int irq = sn_irq_info->irq_irq;
   65.27 @@ -339,9 +340,7 @@ static void unregister_intr_pda(struct s
   65.28  	spin_unlock(&sn_irq_info_lock);
   65.29  #endif
   65.30  }
   65.31 -#endif /* XEN */
   65.32  
   65.33 -#ifndef XEN
   65.34  static void sn_irq_info_free(struct rcu_head *head)
   65.35  {
   65.36  	struct sn_irq_info *sn_irq_info;
   65.37 @@ -351,7 +350,6 @@ static void sn_irq_info_free(struct rcu_
   65.38  }
   65.39  #endif
   65.40  
   65.41 -#ifndef XEN
   65.42  void sn_irq_fixup(struct pci_dev *pci_dev, struct sn_irq_info *sn_irq_info)
   65.43  {
   65.44  	nasid_t nasid = sn_irq_info->irq_nasid;
   65.45 @@ -360,7 +358,9 @@ void sn_irq_fixup(struct pci_dev *pci_de
   65.46  
   65.47  	pci_dev_get(pci_dev);
   65.48  	sn_irq_info->irq_cpuid = cpu;
   65.49 +#ifndef XEN
   65.50  	sn_irq_info->irq_pciioinfo = SN_PCIDEV_INFO(pci_dev);
   65.51 +#endif
   65.52  
   65.53  	/* link it into the sn_irq[irq] list */
   65.54  	spin_lock(&sn_irq_info_lock);
   65.55 @@ -379,6 +379,7 @@ void sn_irq_fixup(struct pci_dev *pci_de
   65.56  
   65.57  void sn_irq_unfixup(struct pci_dev *pci_dev)
   65.58  {
   65.59 +#ifndef XEN
   65.60  	struct sn_irq_info *sn_irq_info;
   65.61  
   65.62  	/* Only cleanup IRQ stuff if this device has a host bus context */
   65.63 @@ -408,8 +409,8 @@ void sn_irq_unfixup(struct pci_dev *pci_
   65.64  #endif
   65.65  	pci_dev_put(pci_dev);
   65.66  
   65.67 +#endif
   65.68  }
   65.69 -#endif
   65.70  
   65.71  static inline void
   65.72  sn_call_force_intr_provider(struct sn_irq_info *sn_irq_info)
    66.1 --- a/xen/arch/ia64/linux-xen/sn/kernel/sn2_smp.c	Mon Jul 16 14:20:16 2007 -0500
    66.2 +++ b/xen/arch/ia64/linux-xen/sn/kernel/sn2_smp.c	Tue Jul 17 10:20:21 2007 +0100
    66.3 @@ -160,21 +160,97 @@ void sn_tlb_migrate_finish(struct mm_str
    66.4  // static cpumask_t mask_all = CPU_MASK_ALL;
    66.5  #endif
    66.6  
    66.7 +#ifdef XEN
    66.8 +static DEFINE_SPINLOCK(sn2_ptcg_lock);
    66.9 +
   66.10 +struct sn_flush_struct {
   66.11 +	unsigned long start;
   66.12 +	unsigned long end;
   66.13 +	unsigned long nbits;
   66.14 +};
   66.15 +
   66.16 +static void sn_flush_ptcga_cpu(void *ptr)
   66.17 +{
   66.18 +	struct sn_flush_struct *sn_flush = ptr;
   66.19 +	unsigned long start, end, nbits;
   66.20 +
   66.21 +	start = sn_flush->start;
   66.22 +	end = sn_flush->end;
   66.23 +	nbits = sn_flush->nbits;
   66.24 +
   66.25 +	/*
   66.26 +	 * Contention me harder!!!
   66.27 +	 */
   66.28 +	/* HW requires global serialization of ptc.ga.  */
   66.29 +	spin_lock(&sn2_ptcg_lock);
   66.30 +	{
   66.31 +		do {
   66.32 +			/*
   66.33 +			 * Flush ALAT entries also.
   66.34 +			 */
   66.35 +			ia64_ptcga(start, (nbits<<2));
   66.36 +			ia64_srlz_i();
   66.37 +			start += (1UL << nbits);
   66.38 +		} while (start < end);
   66.39 +	}
   66.40 +	spin_unlock(&sn2_ptcg_lock);
   66.41 +}
   66.42 +
   66.43  void
   66.44 -#ifndef XEN
   66.45 +sn2_global_tlb_purge(unsigned long start,
   66.46 +		     unsigned long end, unsigned long nbits)
   66.47 +{
   66.48 +	nodemask_t nodes_flushed;
   66.49 +	cpumask_t selected_cpus;
   66.50 +	int cpu, cnode, i;
   66.51 +	static DEFINE_SPINLOCK(sn2_ptcg_lock2);
   66.52 +
   66.53 +	nodes_clear(nodes_flushed);
   66.54 +	cpus_clear(selected_cpus);
   66.55 +
   66.56 +	spin_lock(&sn2_ptcg_lock2);
   66.57 +	node_set(cpu_to_node(smp_processor_id()), nodes_flushed);
   66.58 +	i = 0;
   66.59 +	for_each_cpu(cpu) {
   66.60 +		cnode = cpu_to_node(cpu);
   66.61 +		if (!node_isset(cnode, nodes_flushed)) {
   66.62 +			cpu_set(cpu, selected_cpus);
   66.63 +			i++;
   66.64 +		}
   66.65 +		node_set(cnode, nodes_flushed);
   66.66 +	}
   66.67 +
   66.68 +	/* HW requires global serialization of ptc.ga.  */
   66.69 +	spin_lock(&sn2_ptcg_lock);
   66.70 +	{
   66.71 +		do {
   66.72 +			/*
   66.73 +			 * Flush ALAT entries also.
   66.74 +			 */
   66.75 +			ia64_ptcga(start, (nbits<<2));
   66.76 +			ia64_srlz_i();
   66.77 +			start += (1UL << nbits);
   66.78 +		} while (start < end);
   66.79 +	}
   66.80 +	spin_unlock(&sn2_ptcg_lock);
   66.81 +
   66.82 +	if (i) {
   66.83 +		struct sn_flush_struct flush_data;
   66.84 +		flush_data.start = start;
   66.85 +		flush_data.end = end;
   66.86 +		flush_data.nbits = nbits;
   66.87 +		on_selected_cpus(selected_cpus, sn_flush_ptcga_cpu,
   66.88 +				 &flush_data, 1, 1);
   66.89 +	}
   66.90 +	spin_unlock(&sn2_ptcg_lock2);
   66.91 +}
   66.92 +#else
   66.93 +void
   66.94  sn2_global_tlb_purge(struct mm_struct *mm, unsigned long start,
   66.95 -#else
   66.96 -sn2_global_tlb_purge(unsigned long start,
   66.97 -#endif
   66.98  		     unsigned long end, unsigned long nbits)
   66.99  {
  66.100  	int i, ibegin, shub1, cnode, mynasid, cpu, lcpu = 0, nasid;
  66.101 -#ifndef XEN
  66.102  	int mymm = (mm == current->active_mm && mm == current->mm);
  66.103 -#else
  66.104 -	// struct mm_struct *mm;
  66.105 -	int mymm = 0;
  66.106 -#endif
  66.107  	int use_cpu_ptcga;
  66.108  	volatile unsigned long *ptc0, *ptc1;
  66.109  	unsigned long itc, itc2, flags, data0 = 0, data1 = 0, rr_value, old_rr = 0;
  66.110 @@ -206,6 +282,7 @@ sn2_global_tlb_purge(unsigned long start
  66.111  
  66.112  	preempt_disable();
  66.113  
  66.114 +#ifndef XEN
  66.115  	if (likely(i == 1 && lcpu == smp_processor_id() && mymm)) {
  66.116  		do {
  66.117  			ia64_ptcl(start, nbits << 2);
  66.118 @@ -217,13 +294,8 @@ sn2_global_tlb_purge(unsigned long start
  66.119  		return;
  66.120  	}
  66.121  
  66.122 -#ifndef XEN
  66.123  	if (atomic_read(&mm->mm_users) == 1 && mymm) {
  66.124 -#ifndef XEN  /* I hate Xen! */
  66.125  		flush_tlb_mm(mm);
  66.126 -#else
  66.127 -		flush_tlb_mask(mask_all);
  66.128 -#endif
  66.129  		__get_cpu_var(ptcstats).change_rid++;
  66.130  		preempt_enable();
  66.131  		return;
  66.132 @@ -335,6 +407,7 @@ sn2_global_tlb_purge(unsigned long start
  66.133  
  66.134  	preempt_enable();
  66.135  }
  66.136 +#endif
  66.137  
  66.138  /*
  66.139   * sn2_ptc_deadlock_recovery
    67.1 --- a/xen/arch/ia64/vmx/Makefile	Mon Jul 16 14:20:16 2007 -0500
    67.2 +++ b/xen/arch/ia64/vmx/Makefile	Tue Jul 17 10:20:21 2007 +0100
    67.3 @@ -10,7 +10,7 @@ obj-y += vmx_init.o
    67.4  obj-y += vmx_interrupt.o
    67.5  obj-y += vmx_ivt.o
    67.6  obj-y += vmx_phy_mode.o
    67.7 -obj-y += vmx_process.o
    67.8 +obj-y += vmx_fault.o
    67.9  obj-y += vmx_support.o
   67.10  obj-y += vmx_utility.o
   67.11  obj-y += vmx_vcpu.o
    68.1 --- a/xen/arch/ia64/vmx/mmio.c	Mon Jul 16 14:20:16 2007 -0500
    68.2 +++ b/xen/arch/ia64/vmx/mmio.c	Tue Jul 17 10:20:21 2007 +0100
    68.3 @@ -200,6 +200,21 @@ static inline void set_os_type(VCPU *v, 
    68.4      if (type > OS_BASE && type < OS_END) {
    68.5          v->domain->arch.vmx_platform.gos_type = type;
    68.6          gdprintk(XENLOG_INFO, "Guest OS : %s\n", guest_os_name[type - OS_BASE]);
    68.7 +
    68.8 +        if (GOS_WINDOWS(v)) {
    68.9 +            struct xen_ia64_opt_feature optf;
   68.10 +
   68.11 +	    /* Windows identity maps regions 4 & 5 */
   68.12 +            optf.cmd = XEN_IA64_OPTF_IDENT_MAP_REG4;
   68.13 +            optf.on = XEN_IA64_OPTF_ON;
   68.14 +            optf.pgprot = (_PAGE_P|_PAGE_A|_PAGE_D|_PAGE_MA_WB|_PAGE_AR_RW);
   68.15 +            optf.key = 0;
   68.16 +            domain_opt_feature(&optf);
   68.17 +
   68.18 +            optf.cmd = XEN_IA64_OPTF_IDENT_MAP_REG5;
   68.19 +            optf.pgprot = (_PAGE_P|_PAGE_A|_PAGE_D|_PAGE_MA_UC|_PAGE_AR_RW);
   68.20 +            domain_opt_feature(&optf);
   68.21 +        }
   68.22      }
   68.23  }
   68.24  
    69.1 --- a/xen/arch/ia64/vmx/vmmu.c	Mon Jul 16 14:20:16 2007 -0500
    69.2 +++ b/xen/arch/ia64/vmx/vmmu.c	Tue Jul 17 10:20:21 2007 +0100
    69.3 @@ -540,8 +540,7 @@ IA64FAULT vmx_vcpu_ptc_e(VCPU *vcpu, u64
    69.4  
    69.5  IA64FAULT vmx_vcpu_ptc_g(VCPU *vcpu, u64 va, u64 ps)
    69.6  {
    69.7 -    vmx_vcpu_ptc_ga(vcpu, va, ps);
    69.8 -    return IA64_ILLOP_FAULT;
    69.9 +    return vmx_vcpu_ptc_ga(vcpu, va, ps);
   69.10  }
   69.11  /*
   69.12  IA64FAULT vmx_vcpu_ptc_ga(VCPU *vcpu, u64 va, u64 ps)
    70.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    70.2 +++ b/xen/arch/ia64/vmx/vmx_fault.c	Tue Jul 17 10:20:21 2007 +0100
    70.3 @@ -0,0 +1,524 @@
    70.4 +/* -*-  Mode:C; c-basic-offset:4; tab-width:4; indent-tabs-mode:nil -*- */
    70.5 +/*
    70.6 + * vmx_fault.c: handling VMX architecture-related VM exits
    70.7 + * Copyright (c) 2005, Intel Corporation.
    70.8 + *
    70.9 + * This program is free software; you can redistribute it and/or modify it
   70.10 + * under the terms and conditions of the GNU General Public License,
   70.11 + * version 2, as published by the Free Software Foundation.
   70.12 + *
   70.13 + * This program is distributed in the hope it will be useful, but WITHOUT
   70.14 + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
   70.15 + * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
   70.16 + * more details.
   70.17 + *
   70.18 + * You should have received a copy of the GNU General Public License along with
   70.19 + * this program; if not, write to the Free Software Foundation, Inc., 59 Temple
   70.20 + * Place - Suite 330, Boston, MA 02111-1307 USA.
   70.21 + *
   70.22 + *  Xiaoyan Feng (Fleming Feng)  <fleming.feng@intel.com>
   70.23 + *  Xuefei Xu (Anthony Xu) (Anthony.xu@intel.com)
   70.24 + */
   70.25 +
   70.26 +#include <xen/config.h>
   70.27 +#include <xen/lib.h>
   70.28 +#include <xen/errno.h>
   70.29 +#include <xen/sched.h>
   70.30 +#include <xen/smp.h>
   70.31 +#include <asm/ptrace.h>
   70.32 +#include <xen/delay.h>
   70.33 +
   70.34 +#include <linux/efi.h>  /* FOR EFI_UNIMPLEMENTED */
   70.35 +#include <asm/sal.h>    /* FOR struct ia64_sal_retval */
   70.36 +
   70.37 +#include <asm/system.h>
   70.38 +#include <asm/io.h>
   70.39 +#include <asm/processor.h>
   70.40 +#include <asm/desc.h>
   70.41 +#include <asm/vlsapic.h>
   70.42 +#include <xen/irq.h>
   70.43 +#include <xen/event.h>
   70.44 +#include <asm/regionreg.h>
   70.45 +#include <asm/privop.h>
   70.46 +#include <asm/ia64_int.h>
   70.47 +#include <asm/debugger.h>
   70.48 +//#include <asm/hpsim_ssc.h>
   70.49 +#include <asm/dom_fw.h>
   70.50 +#include <asm/vmx_vcpu.h>
   70.51 +#include <asm/kregs.h>
   70.52 +#include <asm/vmx.h>
   70.53 +#include <asm/vmmu.h>
   70.54 +#include <asm/vmx_mm_def.h>
   70.55 +#include <asm/vmx_phy_mode.h>
   70.56 +#include <xen/mm.h>
   70.57 +#include <asm/vmx_pal.h>
   70.58 +/* reset all PSR field to 0, except up,mfl,mfh,pk,dt,rt,mc,it */
   70.59 +#define INITIAL_PSR_VALUE_AT_INTERRUPTION 0x0000001808028034
   70.60 +
   70.61 +
   70.62 +extern void die_if_kernel(char *str, struct pt_regs *regs, long err);
   70.63 +extern void rnat_consumption (VCPU *vcpu);
   70.64 +extern void alt_itlb (VCPU *vcpu, u64 vadr);
   70.65 +extern void itlb_fault (VCPU *vcpu, u64 vadr);
   70.66 +extern void ivhpt_fault (VCPU *vcpu, u64 vadr);
   70.67 +extern unsigned long handle_fpu_swa (int fp_fault, struct pt_regs *regs, unsigned long isr);
   70.68 +
   70.69 +#define DOMN_PAL_REQUEST    0x110000
   70.70 +#define DOMN_SAL_REQUEST    0x110001
   70.71 +
   70.72 +static u64 vec2off[68] = {0x0,0x400,0x800,0xc00,0x1000,0x1400,0x1800,
   70.73 +    0x1c00,0x2000,0x2400,0x2800,0x2c00,0x3000,0x3400,0x3800,0x3c00,0x4000,
   70.74 +    0x4400,0x4800,0x4c00,0x5000,0x5100,0x5200,0x5300,0x5400,0x5500,0x5600,
   70.75 +    0x5700,0x5800,0x5900,0x5a00,0x5b00,0x5c00,0x5d00,0x5e00,0x5f00,0x6000,
   70.76 +    0x6100,0x6200,0x6300,0x6400,0x6500,0x6600,0x6700,0x6800,0x6900,0x6a00,
   70.77 +    0x6b00,0x6c00,0x6d00,0x6e00,0x6f00,0x7000,0x7100,0x7200,0x7300,0x7400,
   70.78 +    0x7500,0x7600,0x7700,0x7800,0x7900,0x7a00,0x7b00,0x7c00,0x7d00,0x7e00,
   70.79 +    0x7f00
   70.80 +};
   70.81 +
   70.82 +
   70.83 +
   70.84 +void vmx_reflect_interruption(u64 ifa, u64 isr, u64 iim,
   70.85 +                              u64 vec, REGS *regs)
   70.86 +{
   70.87 +    u64 status, vector;
   70.88 +    VCPU *vcpu = current;
   70.89 +    u64 vpsr = VCPU(vcpu, vpsr);
   70.90 +    
   70.91 +    vector = vec2off[vec];
   70.92 +
   70.93 +    switch (vec) {
   70.94 +    case 5:  // IA64_DATA_NESTED_TLB_VECTOR
   70.95 +        break;
   70.96 +    case 22:	// IA64_INST_ACCESS_RIGHTS_VECTOR
   70.97 +        if (!(vpsr & IA64_PSR_IC))
   70.98 +            goto nested_fault;
   70.99 +        if (vhpt_access_rights_fixup(vcpu, ifa, 0))
  70.100 +            return;
  70.101 +        break;
  70.102 +
  70.103 +    case 25:	// IA64_DISABLED_FPREG_VECTOR
  70.104 +        if (!(vpsr & IA64_PSR_IC))
  70.105 +            goto nested_fault;
  70.106 +        if (FP_PSR(vcpu) & IA64_PSR_DFH) {
  70.107 +            FP_PSR(vcpu) = IA64_PSR_MFH;
  70.108 +            if (__ia64_per_cpu_var(fp_owner) != vcpu)
  70.109 +                __ia64_load_fpu(vcpu->arch._thread.fph);
  70.110 +        }
  70.111 +        if (!(VCPU(vcpu, vpsr) & IA64_PSR_DFH)) {
  70.112 +            regs->cr_ipsr &= ~IA64_PSR_DFH;
  70.113 +            return;
  70.114 +        }
  70.115 +
  70.116 +        break;       
  70.117 +
  70.118 +    case 32:	// IA64_FP_FAULT_VECTOR
  70.119 +        if (!(vpsr & IA64_PSR_IC))
  70.120 +            goto nested_fault;
  70.121 +        // handle fpswa emulation
  70.122 +        // fp fault
  70.123 +        status = handle_fpu_swa(1, regs, isr);
  70.124 +        if (!status) {
  70.125 +            vcpu_increment_iip(vcpu);
  70.126 +            return;
  70.127 +        } else if (IA64_RETRY == status)
  70.128 +            return;
  70.129 +        break;
  70.130 +
  70.131 +    case 33:	// IA64_FP_TRAP_VECTOR
  70.132 +        if (!(vpsr & IA64_PSR_IC))
  70.133 +            goto nested_fault;
  70.134 +        //fp trap
  70.135 +        status = handle_fpu_swa(0, regs, isr);
  70.136 +        if (!status)
  70.137 +            return;
  70.138 +        else if (IA64_RETRY == status) {
  70.139 +            vcpu_decrement_iip(vcpu);
  70.140 +            return;
  70.141 +        }
  70.142 +        break;
  70.143 +
  70.144 +    case 29: // IA64_DEBUG_VECTOR
  70.145 +    case 35: // IA64_TAKEN_BRANCH_TRAP_VECTOR
  70.146 +    case 36: // IA64_SINGLE_STEP_TRAP_VECTOR
  70.147 +        if (vmx_guest_kernel_mode(regs)
  70.148 +            && current->domain->debugger_attached) {
  70.149 +            domain_pause_for_debugger();
  70.150 +            return;
  70.151 +        }
  70.152 +        if (!(vpsr & IA64_PSR_IC))
  70.153 +            goto nested_fault;
  70.154 +        break;
  70.155 +
  70.156 +    default:
  70.157 +        if (!(vpsr & IA64_PSR_IC))
  70.158 +            goto nested_fault;
  70.159 +        break;
  70.160 +    } 
  70.161 +    VCPU(vcpu,isr)=isr;
  70.162 +    VCPU(vcpu,iipa) = regs->cr_iip;
  70.163 +    if (vector == IA64_BREAK_VECTOR || vector == IA64_SPECULATION_VECTOR)
  70.164 +        VCPU(vcpu,iim) = iim;
  70.165 +    else {
  70.166 +        set_ifa_itir_iha(vcpu,ifa,1,1,1);
  70.167 +    }
  70.168 +    inject_guest_interruption(vcpu, vector);
  70.169 +    return;
  70.170 +
  70.171 + nested_fault:
  70.172 +    panic_domain(regs, "Guest nested fault vector=%lx!\n", vector);
  70.173 +}
  70.174 +
  70.175 +
  70.176 +IA64FAULT
  70.177 +vmx_ia64_handle_break (unsigned long ifa, struct pt_regs *regs, unsigned long isr, unsigned long iim)
  70.178 +{
  70.179 +    struct domain *d = current->domain;
  70.180 +    struct vcpu *v = current;
  70.181 +
  70.182 +    perfc_incr(vmx_ia64_handle_break);
  70.183 +#ifdef CRASH_DEBUG
  70.184 +    if ((iim == 0 || iim == CDB_BREAK_NUM) && !guest_mode(regs) &&
  70.185 +        IS_VMM_ADDRESS(regs->cr_iip)) {
  70.186 +        if (iim == 0)
  70.187 +            show_registers(regs);
  70.188 +        debugger_trap_fatal(0 /* don't care */, regs);
  70.189 +    } else
  70.190 +#endif
  70.191 +    {
  70.192 +        if (iim == 0) 
  70.193 +            vmx_die_if_kernel("Break 0 in Hypervisor.", regs, iim);
  70.194 +
  70.195 +        if (ia64_psr(regs)->cpl == 0) {
  70.196 +            /* Allow hypercalls only when cpl = 0.  */
  70.197 +            if (iim == d->arch.breakimm) {
  70.198 +                ia64_hypercall(regs);
  70.199 +                vcpu_increment_iip(v);
  70.200 +                return IA64_NO_FAULT;
  70.201 +            }
  70.202 +            else if(iim == DOMN_PAL_REQUEST){
  70.203 +                pal_emul(v);
  70.204 +                vcpu_increment_iip(v);
  70.205 +                return IA64_NO_FAULT;
  70.206 +            }else if(iim == DOMN_SAL_REQUEST){
  70.207 +                sal_emul(v);
  70.208 +                vcpu_increment_iip(v);
  70.209 +                return IA64_NO_FAULT;
  70.210 +            }
  70.211 +        }
  70.212 +        vmx_reflect_interruption(ifa,isr,iim,11,regs);
  70.213 +    }
  70.214 +    return IA64_NO_FAULT;
  70.215 +}
  70.216 +
  70.217 +
  70.218 +void save_banked_regs_to_vpd(VCPU *v, REGS *regs)
  70.219 +{
  70.220 +    unsigned long i=0UL, * src,* dst, *sunat, *dunat;
  70.221 +    IA64_PSR vpsr;
  70.222 +    src=&regs->r16;
  70.223 +    sunat=&regs->eml_unat;
  70.224 +    vpsr.val = VCPU(v, vpsr);
  70.225 +    if(vpsr.bn){
  70.226 +        dst = &VCPU(v, vgr[0]);
  70.227 +        dunat =&VCPU(v, vnat);
  70.228 +        __asm__ __volatile__ (";;extr.u %0 = %1,%4,16;; \
  70.229 +                            dep %2 = %0, %2, 0, 16;; \
  70.230 +                            st8 [%3] = %2;;"
  70.231 +       ::"r"(i),"r"(*sunat),"r"(*dunat),"r"(dunat),"i"(IA64_PT_REGS_R16_SLOT):"memory");
  70.232 +
  70.233 +    }else{
  70.234 +        dst = &VCPU(v, vbgr[0]);
  70.235 +//        dunat =&VCPU(v, vbnat);
  70.236 +//        __asm__ __volatile__ (";;extr.u %0 = %1,%4,16;;
  70.237 +//                            dep %2 = %0, %2, 16, 16;;
  70.238 +//                            st8 [%3] = %2;;"
  70.239 +//       ::"r"(i),"r"(*sunat),"r"(*dunat),"r"(dunat),"i"(IA64_PT_REGS_R16_SLOT):"memory");
  70.240 +
  70.241 +    }
  70.242 +    for(i=0; i<16; i++)
  70.243 +        *dst++ = *src++;
  70.244 +}
  70.245 +
  70.246 +
  70.247 +// ONLY gets called from ia64_leave_kernel
  70.248 +// ONLY call with interrupts disabled?? (else might miss one?)
  70.249 +// NEVER successful if already reflecting a trap/fault because psr.i==0
  70.250 +void leave_hypervisor_tail(void)
  70.251 +{
  70.252 +    struct domain *d = current->domain;
  70.253 +    struct vcpu *v = current;
  70.254 +
  70.255 +    // FIXME: Will this work properly if doing an RFI???
  70.256 +    if (!is_idle_domain(d) ) {	// always comes from guest
  70.257 +//        struct pt_regs *user_regs = vcpu_regs(current);
  70.258 +        local_irq_enable();
  70.259 +        do_softirq();
  70.260 +        local_irq_disable();
  70.261 +
  70.262 +        if (v->vcpu_id == 0) {
  70.263 +            unsigned long callback_irq =
  70.264 +                d->arch.hvm_domain.params[HVM_PARAM_CALLBACK_IRQ];
  70.265 +
  70.266 +            if ( v->arch.arch_vmx.pal_init_pending ) {
  70.267 +                /*inject INIT interruption to guest pal*/
  70.268 +                v->arch.arch_vmx.pal_init_pending = 0;
  70.269 +                deliver_pal_init(v);
  70.270 +                return;
  70.271 +            }
  70.272 +
  70.273 +            /*
  70.274 +             * val[63:56] == 1: val[55:0] is a delivery PCI INTx line:
  70.275 +             *                  Domain = val[47:32], Bus  = val[31:16],
  70.276 +             *                  DevFn  = val[15: 8], IntX = val[ 1: 0]
  70.277 +             * val[63:56] == 0: val[55:0] is a delivery as GSI
  70.278 +             */
  70.279 +            if (callback_irq != 0 && local_events_need_delivery()) {
  70.280 +                /* change level for para-device callback irq */
  70.281 +                /* use level irq to send discrete event */
  70.282 +                if ((uint8_t)(callback_irq >> 56) == 1) {
  70.283 +                    /* case of using PCI INTx line as callback irq */
  70.284 +                    int pdev = (callback_irq >> 11) & 0x1f;
  70.285 +                    int pintx = callback_irq & 3;
  70.286 +                    viosapic_set_pci_irq(d, pdev, pintx, 1);
  70.287 +                    viosapic_set_pci_irq(d, pdev, pintx, 0);
  70.288 +                } else {
  70.289 +                    /* case of using GSI as callback irq */
  70.290 +                    viosapic_set_irq(d, callback_irq, 1);
  70.291 +                    viosapic_set_irq(d, callback_irq, 0);
  70.292 +                }
  70.293 +            }
  70.294 +        }
  70.295 +
  70.296 +        rmb();
  70.297 +        if (xchg(&v->arch.irq_new_pending, 0)) {
  70.298 +            v->arch.irq_new_condition = 0;
  70.299 +            vmx_check_pending_irq(v);
  70.300 +            return;
  70.301 +        }
  70.302 +
  70.303 +        if (v->arch.irq_new_condition) {
  70.304 +            v->arch.irq_new_condition = 0;
  70.305 +            vhpi_detection(v);
  70.306 +        }
  70.307 +    }
  70.308 +}
  70.309 +
  70.310 +extern ia64_rr vmx_vcpu_rr(VCPU *vcpu, u64 vadr);
  70.311 +
  70.312 +static int vmx_handle_lds(REGS* regs)
  70.313 +{
  70.314 +    regs->cr_ipsr |=IA64_PSR_ED;
  70.315 +    return IA64_FAULT;
  70.316 +}
  70.317 +
  70.318 +/* We came here because the H/W VHPT walker failed to find an entry */
  70.319 +IA64FAULT
  70.320 +vmx_hpw_miss(u64 vadr, u64 vec, REGS* regs)
  70.321 +{
  70.322 +    IA64_PSR vpsr;
  70.323 +    int type;
  70.324 +    u64 vhpt_adr, gppa, pteval, rr, itir;
  70.325 +    ISR misr;
  70.326 +    PTA vpta;
  70.327 +    thash_data_t *data;
  70.328 +    VCPU *v = current;
  70.329 +
  70.330 +    vpsr.val = VCPU(v, vpsr);
  70.331 +    misr.val = VMX(v,cr_isr);
  70.332 +    
  70.333 +    if (vec == 1)
  70.334 +        type = ISIDE_TLB;
  70.335 +    else if (vec == 2)
  70.336 +        type = DSIDE_TLB;
  70.337 +    else
  70.338 +        panic_domain(regs, "wrong vec:%lx\n", vec);
  70.339 +
  70.340 +    /* Physical mode and region is 0 or 4.  */
  70.341 +    if (is_physical_mode(v) && (!((vadr<<1)>>62))) {
  70.342 +        if (vec == 2) {
  70.343 +            /* DTLB miss.  */
  70.344 +            if (misr.sp) /* Refer to SDM Vol2 Table 4-11,4-12 */
  70.345 +                return vmx_handle_lds(regs);
  70.346 +            if (v->domain != dom0
  70.347 +                && __gpfn_is_io(v->domain, (vadr << 1) >> (PAGE_SHIFT + 1))) {
  70.348 +                emulate_io_inst(v, ((vadr<<1)>>1),4);   //  UC
  70.349 +                return IA64_FAULT;
  70.350 +            }
  70.351 +        }
  70.352 +        physical_tlb_miss(v, vadr, type);
  70.353 +        return IA64_FAULT;
  70.354 +    }
  70.355 +    
  70.356 +try_again:
  70.357 +    if ((data=vtlb_lookup(v, vadr,type)) != 0) {
  70.358 +        if (v->domain != dom0 && type == DSIDE_TLB) {
  70.359 +            if (misr.sp) { /* Refer to SDM Vol2 Table 4-10,4-12 */
  70.360 +                if ((data->ma == VA_MATTR_UC) || (data->ma == VA_MATTR_UCE))
  70.361 +                    return vmx_handle_lds(regs);
  70.362 +            }
  70.363 +            gppa = (vadr & ((1UL << data->ps) - 1)) +
  70.364 +                   (data->ppn >> (data->ps - 12) << data->ps);
  70.365 +            if (__gpfn_is_io(v->domain, gppa >> PAGE_SHIFT)) {
  70.366 +                if (misr.sp)
  70.367 +                    panic_domain(NULL, "ld.s on I/O page not with UC attr."
  70.368 +                                 " pte=0x%lx\n", data->page_flags);
  70.369 +                if (data->pl >= ((regs->cr_ipsr >> IA64_PSR_CPL0_BIT) & 3))
  70.370 +                    emulate_io_inst(v, gppa, data->ma);
  70.371 +                else {
  70.372 +                    vcpu_set_isr(v, misr.val);
  70.373 +                    data_access_rights(v, vadr);
  70.374 +                }
  70.375 +                return IA64_FAULT;
  70.376 +            }
  70.377 +        }
  70.378 +        thash_vhpt_insert(v, data->page_flags, data->itir, vadr, type);
  70.379 +
  70.380 +    } else if (type == DSIDE_TLB) {
  70.381 +        struct opt_feature* optf = &(v->domain->arch.opt_feature);
  70.382 +
  70.383 +        if (misr.sp)
  70.384 +            return vmx_handle_lds(regs);
  70.385 +
  70.386 +        vcpu_get_rr(v, vadr, &rr);
  70.387 +        itir = rr & (RR_RID_MASK | RR_PS_MASK);
  70.388 +
  70.389 +        if (!vhpt_enabled(v, vadr, misr.rs ? RSE_REF : DATA_REF)) {
  70.390 +            /* windows use region 4 and 5 for identity mapping */
  70.391 +            if (optf->mask & XEN_IA64_OPTF_IDENT_MAP_REG4 &&
  70.392 +                REGION_NUMBER(vadr) == 4 && !(regs->cr_ipsr & IA64_PSR_CPL) &&
  70.393 +                REGION_OFFSET(vadr) <= _PAGE_PPN_MASK) {
  70.394 +
  70.395 +                pteval = PAGEALIGN(REGION_OFFSET(vadr), itir_ps(itir)) |
  70.396 +                         optf->im_reg4.pgprot;
  70.397 +                if (thash_purge_and_insert(v, pteval, itir, vadr, type))
  70.398 +                    goto try_again;
  70.399 +                return IA64_NO_FAULT;
  70.400 +            }
  70.401 +            if (optf->mask & XEN_IA64_OPTF_IDENT_MAP_REG5 &&
  70.402 +                REGION_NUMBER(vadr) == 5 && !(regs->cr_ipsr & IA64_PSR_CPL) &&
  70.403 +                REGION_OFFSET(vadr) <= _PAGE_PPN_MASK) {
  70.404 +
  70.405 +                pteval = PAGEALIGN(REGION_OFFSET(vadr), itir_ps(itir)) |
  70.406 +                         optf->im_reg5.pgprot;
  70.407 +                if (thash_purge_and_insert(v, pteval, itir, vadr, type))
  70.408 +                    goto try_again;
  70.409 +                return IA64_NO_FAULT;
  70.410 +            }
  70.411 +            if (vpsr.ic) {
  70.412 +                vcpu_set_isr(v, misr.val);
  70.413 +                alt_dtlb(v, vadr);
  70.414 +                return IA64_FAULT;
  70.415 +            } else {
  70.416 +                nested_dtlb(v);
  70.417 +                return IA64_FAULT;
  70.418 +            }
  70.419 +        }
  70.420 +
  70.421 +        vpta.val = vmx_vcpu_get_pta(v);
  70.422 +        if (vpta.vf) {
  70.423 +            /* Long format is not yet supported.  */
  70.424 +            if (vpsr.ic) {
  70.425 +                vcpu_set_isr(v, misr.val);
  70.426 +                dtlb_fault(v, vadr);
  70.427 +                return IA64_FAULT;
  70.428 +            } else {
  70.429 +                nested_dtlb(v);
  70.430 +                return IA64_FAULT;
  70.431 +            }
  70.432 +        }
  70.433 +
  70.434 +        /* avoid recursively walking (short format) VHPT */
  70.435 +        if (!(optf->mask & XEN_IA64_OPTF_IDENT_MAP_REG4) &&
  70.436 +            !(optf->mask & XEN_IA64_OPTF_IDENT_MAP_REG5) &&
  70.437 +            (((vadr ^ vpta.val) << 3) >> (vpta.size + 3)) == 0) {
  70.438 +
  70.439 +            if (vpsr.ic) {
  70.440 +                vcpu_set_isr(v, misr.val);
  70.441 +                dtlb_fault(v, vadr);
  70.442 +                return IA64_FAULT;
  70.443 +            } else {
  70.444 +                nested_dtlb(v);
  70.445 +                return IA64_FAULT;
  70.446 +            }
  70.447 +        }
  70.448 +            
  70.449 +        vhpt_adr = vmx_vcpu_thash(v, vadr);
  70.450 +        if (!guest_vhpt_lookup(vhpt_adr, &pteval)) {
  70.451 +            /* VHPT successfully read.  */
  70.452 +            if (!(pteval & _PAGE_P)) {
  70.453 +                if (vpsr.ic) {
  70.454 +                    vcpu_set_isr(v, misr.val);
  70.455 +                    dtlb_fault(v, vadr);
  70.456 +                    return IA64_FAULT;
  70.457 +                } else {
  70.458 +                    nested_dtlb(v);
  70.459 +                    return IA64_FAULT;
  70.460 +                }
  70.461 +            } else if ((pteval & _PAGE_MA_MASK) != _PAGE_MA_ST) {
  70.462 +                thash_purge_and_insert(v, pteval, itir, vadr, DSIDE_TLB);
  70.463 +                return IA64_NO_FAULT;
  70.464 +            } else if (vpsr.ic) {
  70.465 +                vcpu_set_isr(v, misr.val);
  70.466 +                dtlb_fault(v, vadr);
  70.467 +                return IA64_FAULT;
  70.468 +            } else {
  70.469 +                nested_dtlb(v);
  70.470 +                return IA64_FAULT;
  70.471 +            }
  70.472 +        } else {
  70.473 +            /* Can't read VHPT.  */
  70.474 +            if (vpsr.ic) {
  70.475 +                vcpu_set_isr(v, misr.val);
  70.476 +                dvhpt_fault(v, vadr);
  70.477 +                return IA64_FAULT;
  70.478 +            } else {
  70.479 +                nested_dtlb(v);
  70.480 +                return IA64_FAULT;
  70.481 +            }
  70.482 +        }
  70.483 +    } else if (type == ISIDE_TLB) {
  70.484 +    
  70.485 +        if (!vpsr.ic)
  70.486 +            misr.ni = 1;
  70.487 +        if (!vhpt_enabled(v, vadr, INST_REF)) {
  70.488 +            vcpu_set_isr(v, misr.val);
  70.489 +            alt_itlb(v, vadr);
  70.490 +            return IA64_FAULT;
  70.491 +        }
  70.492 +
  70.493 +        vpta.val = vmx_vcpu_get_pta(v);
  70.494 +        if (vpta.vf) {
  70.495 +            /* Long format is not yet supported.  */
  70.496 +            vcpu_set_isr(v, misr.val);
  70.497 +            itlb_fault(v, vadr);
  70.498 +            return IA64_FAULT;
  70.499 +        }
  70.500 +
  70.501 +
  70.502 +        vhpt_adr = vmx_vcpu_thash(v, vadr);
  70.503 +        if (!guest_vhpt_lookup(vhpt_adr, &pteval)) {
  70.504 +            /* VHPT successfully read.  */
  70.505 +            if (pteval & _PAGE_P) {
  70.506 +                if ((pteval & _PAGE_MA_MASK) == _PAGE_MA_ST) {
  70.507 +                    vcpu_set_isr(v, misr.val);
  70.508 +                    itlb_fault(v, vadr);
  70.509 +                    return IA64_FAULT;
  70.510 +                }
  70.511 +                vcpu_get_rr(v, vadr, &rr);
  70.512 +                itir = rr & (RR_RID_MASK | RR_PS_MASK);
  70.513 +                thash_purge_and_insert(v, pteval, itir, vadr, ISIDE_TLB);
  70.514 +                return IA64_NO_FAULT;
  70.515 +            } else {
  70.516 +                vcpu_set_isr(v, misr.val);
  70.517 +                inst_page_not_present(v, vadr);
  70.518 +                return IA64_FAULT;
  70.519 +            }
  70.520 +        } else {
  70.521 +            vcpu_set_isr(v, misr.val);
  70.522 +            ivhpt_fault(v, vadr);
  70.523 +            return IA64_FAULT;
  70.524 +        }
  70.525 +    }
  70.526 +    return IA64_NO_FAULT;
  70.527 +}
    71.1 --- a/xen/arch/ia64/vmx/vmx_init.c	Mon Jul 16 14:20:16 2007 -0500
    71.2 +++ b/xen/arch/ia64/vmx/vmx_init.c	Tue Jul 17 10:20:21 2007 +0100
    71.3 @@ -283,9 +283,13 @@ static void vmx_create_event_channels(st
    71.4  	}
    71.5  }
    71.6  
    71.7 +/*
    71.8 + * Event channel has destoryed in domain_kill(), so we needn't
    71.9 + * do anything here
   71.10 + */
   71.11  static void vmx_release_assist_channel(struct vcpu *v)
   71.12  {
   71.13 -	free_xen_event_channel(v, v->arch.arch_vmx.xen_port);
   71.14 +	return;
   71.15  }
   71.16  
   71.17  /*
    72.1 --- a/xen/arch/ia64/vmx/vmx_ivt.S	Mon Jul 16 14:20:16 2007 -0500
    72.2 +++ b/xen/arch/ia64/vmx/vmx_ivt.S	Tue Jul 17 10:20:21 2007 +0100
    72.3 @@ -1001,7 +1001,7 @@ END(vmx_speculation_vector)
    72.4  // 0x5900 Entry 29 (size 16 bundles) Debug (16,28,56)
    72.5  ENTRY(vmx_debug_vector)
    72.6      VMX_DBG_FAULT(29)
    72.7 -    VMX_FAULT(29)
    72.8 +    VMX_REFLECT(29)
    72.9  END(vmx_debug_vector)
   72.10  
   72.11      .org vmx_ia64_ivt+0x5a00
    73.1 --- a/xen/arch/ia64/vmx/vmx_minstate.h	Mon Jul 16 14:20:16 2007 -0500
    73.2 +++ b/xen/arch/ia64/vmx/vmx_minstate.h	Tue Jul 17 10:20:21 2007 +0100
    73.3 @@ -124,9 +124,9 @@
    73.4      ;;                                          \
    73.5      tbit.z p6,p0=r29,IA64_PSR_VM_BIT;       \
    73.6      ;;      \
    73.7 -    tbit.nz.or p6,p0 = r18,39; \
    73.8 +    tbit.nz.or p6,p0 = r18,IA64_ISR_NI_BIT; \
    73.9      ;;        \
   73.10 -(p6) br.sptk.few vmx_panic;        \
   73.11 +(p6) br.spnt.few vmx_panic;        \
   73.12      tbit.z p0,p15=r29,IA64_PSR_I_BIT;   \
   73.13      mov r1=r16;                     \
   73.14  /*    mov r21=r16;	*/		\
    74.1 --- a/xen/arch/ia64/vmx/vmx_process.c	Mon Jul 16 14:20:16 2007 -0500
    74.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
    74.3 @@ -1,503 +0,0 @@
    74.4 -/* -*-  Mode:C; c-basic-offset:4; tab-width:4; indent-tabs-mode:nil -*- */
    74.5 -/*
    74.6 - * vmx_process.c: handling VMX architecture-related VM exits
    74.7 - * Copyright (c) 2005, Intel Corporation.
    74.8 - *
    74.9 - * This program is free software; you can redistribute it and/or modify it
   74.10 - * under the terms and conditions of the GNU General Public License,
   74.11 - * version 2, as published by the Free Software Foundation.
   74.12 - *
   74.13 - * This program is distributed in the hope it will be useful, but WITHOUT
   74.14 - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
   74.15 - * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
   74.16 - * more details.
   74.17 - *
   74.18 - * You should have received a copy of the GNU General Public License along with
   74.19 - * this program; if not, write to the Free Software Foundation, Inc., 59 Temple
   74.20 - * Place - Suite 330, Boston, MA 02111-1307 USA.
   74.21 - *
   74.22 - *  Xiaoyan Feng (Fleming Feng)  <fleming.feng@intel.com>
   74.23 - *  Xuefei Xu (Anthony Xu) (Anthony.xu@intel.com)
   74.24 - */
   74.25 -
   74.26 -#include <xen/config.h>
   74.27 -#include <xen/lib.h>
   74.28 -#include <xen/errno.h>
   74.29 -#include <xen/sched.h>
   74.30 -#include <xen/smp.h>
   74.31 -#include <asm/ptrace.h>
   74.32 -#include <xen/delay.h>
   74.33 -
   74.34 -#include <linux/efi.h>  /* FOR EFI_UNIMPLEMENTED */
   74.35 -#include <asm/sal.h>    /* FOR struct ia64_sal_retval */
   74.36 -
   74.37 -#include <asm/system.h>
   74.38 -#include <asm/io.h>
   74.39 -#include <asm/processor.h>
   74.40 -#include <asm/desc.h>
   74.41 -#include <asm/vlsapic.h>
   74.42 -#include <xen/irq.h>
   74.43 -#include <xen/event.h>
   74.44 -#include <asm/regionreg.h>
   74.45 -#include <asm/privop.h>
   74.46 -#include <asm/ia64_int.h>
   74.47 -#include <asm/debugger.h>
   74.48 -//#include <asm/hpsim_ssc.h>
   74.49 -#include <asm/dom_fw.h>
   74.50 -#include <asm/vmx_vcpu.h>
   74.51 -#include <asm/kregs.h>
   74.52 -#include <asm/vmx.h>
   74.53 -#include <asm/vmmu.h>
   74.54 -#include <asm/vmx_mm_def.h>
   74.55 -#include <asm/vmx_phy_mode.h>
   74.56 -#include <xen/mm.h>
   74.57 -#include <asm/vmx_pal.h>
   74.58 -/* reset all PSR field to 0, except up,mfl,mfh,pk,dt,rt,mc,it */
   74.59 -#define INITIAL_PSR_VALUE_AT_INTERRUPTION 0x0000001808028034
   74.60 -
   74.61 -
   74.62 -extern void die_if_kernel(char *str, struct pt_regs *regs, long err);
   74.63 -extern void rnat_consumption (VCPU *vcpu);
   74.64 -extern void alt_itlb (VCPU *vcpu, u64 vadr);
   74.65 -extern void itlb_fault (VCPU *vcpu, u64 vadr);
   74.66 -extern void ivhpt_fault (VCPU *vcpu, u64 vadr);
   74.67 -extern unsigned long handle_fpu_swa (int fp_fault, struct pt_regs *regs, unsigned long isr);
   74.68 -
   74.69 -#define DOMN_PAL_REQUEST    0x110000
   74.70 -#define DOMN_SAL_REQUEST    0x110001
   74.71 -
   74.72 -static u64 vec2off[68] = {0x0,0x400,0x800,0xc00,0x1000,0x1400,0x1800,
   74.73 -    0x1c00,0x2000,0x2400,0x2800,0x2c00,0x3000,0x3400,0x3800,0x3c00,0x4000,
   74.74 -    0x4400,0x4800,0x4c00,0x5000,0x5100,0x5200,0x5300,0x5400,0x5500,0x5600,
   74.75 -    0x5700,0x5800,0x5900,0x5a00,0x5b00,0x5c00,0x5d00,0x5e00,0x5f00,0x6000,
   74.76 -    0x6100,0x6200,0x6300,0x6400,0x6500,0x6600,0x6700,0x6800,0x6900,0x6a00,
   74.77 -    0x6b00,0x6c00,0x6d00,0x6e00,0x6f00,0x7000,0x7100,0x7200,0x7300,0x7400,
   74.78 -    0x7500,0x7600,0x7700,0x7800,0x7900,0x7a00,0x7b00,0x7c00,0x7d00,0x7e00,
   74.79 -    0x7f00
   74.80 -};
   74.81 -
   74.82 -
   74.83 -
   74.84 -void vmx_reflect_interruption(u64 ifa, u64 isr, u64 iim,
   74.85 -                              u64 vec, REGS *regs)
   74.86 -{
   74.87 -    u64 status, vector;
   74.88 -    VCPU *vcpu = current;
   74.89 -    u64 vpsr = VCPU(vcpu, vpsr);
   74.90 -    
   74.91 -    vector = vec2off[vec];
   74.92 -    if(!(vpsr&IA64_PSR_IC)&&(vector!=IA64_DATA_NESTED_TLB_VECTOR)){
   74.93 -        panic_domain(regs, "Guest nested fault vector=%lx!\n", vector);
   74.94 -    }
   74.95 -
   74.96 -    switch (vec) {
   74.97 -
   74.98 -    case 22:	// IA64_INST_ACCESS_RIGHTS_VECTOR
   74.99 -        if (vhpt_access_rights_fixup(vcpu, ifa, 0))
  74.100 -            return;
  74.101 -        break;
  74.102 -
  74.103 -    case 25:	// IA64_DISABLED_FPREG_VECTOR
  74.104 -
  74.105 -        if (FP_PSR(vcpu) & IA64_PSR_DFH) {
  74.106 -            FP_PSR(vcpu) = IA64_PSR_MFH;
  74.107 -            if (__ia64_per_cpu_var(fp_owner) != vcpu)
  74.108 -                __ia64_load_fpu(vcpu->arch._thread.fph);
  74.109 -        }
  74.110 -        if (!(VCPU(vcpu, vpsr) & IA64_PSR_DFH)) {
  74.111 -            regs->cr_ipsr &= ~IA64_PSR_DFH;
  74.112 -            return;
  74.113 -        }
  74.114 -
  74.115 -        break;       
  74.116 -        
  74.117 -    case 32:	// IA64_FP_FAULT_VECTOR
  74.118 -        // handle fpswa emulation
  74.119 -        // fp fault
  74.120 -        status = handle_fpu_swa(1, regs, isr);
  74.121 -        if (!status) {
  74.122 -            vcpu_increment_iip(vcpu);
  74.123 -            return;
  74.124 -        } else if (IA64_RETRY == status)
  74.125 -            return;
  74.126 -        break;
  74.127 -
  74.128 -    case 33:	// IA64_FP_TRAP_VECTOR
  74.129 -        //fp trap
  74.130 -        status = handle_fpu_swa(0, regs, isr);
  74.131 -        if (!status)
  74.132 -            return;
  74.133 -        else if (IA64_RETRY == status) {
  74.134 -            vcpu_decrement_iip(vcpu);
  74.135 -            return;
  74.136 -        }
  74.137 -        break;
  74.138 -    
  74.139 -    } 
  74.140 -    VCPU(vcpu,isr)=isr;
  74.141 -    VCPU(vcpu,iipa) = regs->cr_iip;
  74.142 -    if (vector == IA64_BREAK_VECTOR || vector == IA64_SPECULATION_VECTOR)
  74.143 -        VCPU(vcpu,iim) = iim;
  74.144 -    else {
  74.145 -        set_ifa_itir_iha(vcpu,ifa,1,1,1);
  74.146 -    }
  74.147 -    inject_guest_interruption(vcpu, vector);
  74.148 -}
  74.149 -
  74.150 -
  74.151 -IA64FAULT
  74.152 -vmx_ia64_handle_break (unsigned long ifa, struct pt_regs *regs, unsigned long isr, unsigned long iim)
  74.153 -{
  74.154 -    struct domain *d = current->domain;
  74.155 -    struct vcpu *v = current;
  74.156 -
  74.157 -    perfc_incr(vmx_ia64_handle_break);
  74.158 -#ifdef CRASH_DEBUG
  74.159 -    if ((iim == 0 || iim == CDB_BREAK_NUM) && !guest_mode(regs) &&
  74.160 -        IS_VMM_ADDRESS(regs->cr_iip)) {
  74.161 -        if (iim == 0)
  74.162 -            show_registers(regs);
  74.163 -        debugger_trap_fatal(0 /* don't care */, regs);
  74.164 -    } else
  74.165 -#endif
  74.166 -    {
  74.167 -        if (iim == 0) 
  74.168 -            vmx_die_if_kernel("Break 0 in Hypervisor.", regs, iim);
  74.169 -
  74.170 -        if (ia64_psr(regs)->cpl == 0) {
  74.171 -            /* Allow hypercalls only when cpl = 0.  */
  74.172 -            if (iim == d->arch.breakimm) {
  74.173 -                ia64_hypercall(regs);
  74.174 -                vcpu_increment_iip(v);
  74.175 -                return IA64_NO_FAULT;
  74.176 -            }
  74.177 -            else if(iim == DOMN_PAL_REQUEST){
  74.178 -                pal_emul(v);
  74.179 -                vcpu_increment_iip(v);
  74.180 -                return IA64_NO_FAULT;
  74.181 -            }else if(iim == DOMN_SAL_REQUEST){
  74.182 -                sal_emul(v);
  74.183 -                vcpu_increment_iip(v);
  74.184 -                return IA64_NO_FAULT;
  74.185 -            }
  74.186 -        }
  74.187 -        vmx_reflect_interruption(ifa,isr,iim,11,regs);
  74.188 -    }
  74.189 -    return IA64_NO_FAULT;
  74.190 -}
  74.191 -
  74.192 -
  74.193 -void save_banked_regs_to_vpd(VCPU *v, REGS *regs)
  74.194 -{
  74.195 -    unsigned long i=0UL, * src,* dst, *sunat, *dunat;
  74.196 -    IA64_PSR vpsr;
  74.197 -    src=&regs->r16;
  74.198 -    sunat=&regs->eml_unat;
  74.199 -    vpsr.val = VCPU(v, vpsr);
  74.200 -    if(vpsr.bn){
  74.201 -        dst = &VCPU(v, vgr[0]);
  74.202 -        dunat =&VCPU(v, vnat);
  74.203 -        __asm__ __volatile__ (";;extr.u %0 = %1,%4,16;; \
  74.204 -                            dep %2 = %0, %2, 0, 16;; \
  74.205 -                            st8 [%3] = %2;;"
  74.206 -       ::"r"(i),"r"(*sunat),"r"(*dunat),"r"(dunat),"i"(IA64_PT_REGS_R16_SLOT):"memory");
  74.207 -
  74.208 -    }else{
  74.209 -        dst = &VCPU(v, vbgr[0]);
  74.210 -//        dunat =&VCPU(v, vbnat);
  74.211 -//        __asm__ __volatile__ (";;extr.u %0 = %1,%4,16;;
  74.212 -//                            dep %2 = %0, %2, 16, 16;;
  74.213 -//                            st8 [%3] = %2;;"
  74.214 -//       ::"r"(i),"r"(*sunat),"r"(*dunat),"r"(dunat),"i"(IA64_PT_REGS_R16_SLOT):"memory");
  74.215 -
  74.216 -    }
  74.217 -    for(i=0; i<16; i++)
  74.218 -        *dst++ = *src++;
  74.219 -}
  74.220 -
  74.221 -
  74.222 -// ONLY gets called from ia64_leave_kernel
  74.223 -// ONLY call with interrupts disabled?? (else might miss one?)
  74.224 -// NEVER successful if already reflecting a trap/fault because psr.i==0
  74.225 -void leave_hypervisor_tail(void)
  74.226 -{
  74.227 -    struct domain *d = current->domain;
  74.228 -    struct vcpu *v = current;
  74.229 -
  74.230 -    // FIXME: Will this work properly if doing an RFI???
  74.231 -    if (!is_idle_domain(d) ) {	// always comes from guest
  74.232 -//        struct pt_regs *user_regs = vcpu_regs(current);
  74.233 -        local_irq_enable();
  74.234 -        do_softirq();
  74.235 -        local_irq_disable();
  74.236 -
  74.237 -        if (v->vcpu_id == 0) {
  74.238 -            unsigned long callback_irq =
  74.239 -                d->arch.hvm_domain.params[HVM_PARAM_CALLBACK_IRQ];
  74.240 -
  74.241 -            if ( v->arch.arch_vmx.pal_init_pending ) {
  74.242 -                /*inject INIT interruption to guest pal*/
  74.243 -                v->arch.arch_vmx.pal_init_pending = 0;
  74.244 -                deliver_pal_init(v);
  74.245 -                return;
  74.246 -            }
  74.247 -
  74.248 -            /*
  74.249 -             * val[63:56] == 1: val[55:0] is a delivery PCI INTx line:
  74.250 -             *                  Domain = val[47:32], Bus  = val[31:16],
  74.251 -             *                  DevFn  = val[15: 8], IntX = val[ 1: 0]
  74.252 -             * val[63:56] == 0: val[55:0] is a delivery as GSI
  74.253 -             */
  74.254 -            if (callback_irq != 0 && local_events_need_delivery()) {
  74.255 -                /* change level for para-device callback irq */
  74.256 -                /* use level irq to send discrete event */
  74.257 -                if ((uint8_t)(callback_irq >> 56) == 1) {
  74.258 -                    /* case of using PCI INTx line as callback irq */
  74.259 -                    int pdev = (callback_irq >> 11) & 0x1f;
  74.260 -                    int pintx = callback_irq & 3;
  74.261 -                    viosapic_set_pci_irq(d, pdev, pintx, 1);
  74.262 -                    viosapic_set_pci_irq(d, pdev, pintx, 0);
  74.263 -                } else {
  74.264 -                    /* case of using GSI as callback irq */
  74.265 -                    viosapic_set_irq(d, callback_irq, 1);
  74.266 -                    viosapic_set_irq(d, callback_irq, 0);
  74.267 -                }
  74.268 -            }
  74.269 -        }
  74.270 -
  74.271 -        rmb();
  74.272 -        if (xchg(&v->arch.irq_new_pending, 0)) {
  74.273 -            v->arch.irq_new_condition = 0;
  74.274 -            vmx_check_pending_irq(v);
  74.275 -            return;
  74.276 -        }
  74.277 -
  74.278 -        if (v->arch.irq_new_condition) {
  74.279 -            v->arch.irq_new_condition = 0;
  74.280 -            vhpi_detection(v);
  74.281 -        }
  74.282 -    }
  74.283 -}
  74.284 -
  74.285 -extern ia64_rr vmx_vcpu_rr(VCPU *vcpu, u64 vadr);
  74.286 -
  74.287 -static int vmx_handle_lds(REGS* regs)
  74.288 -{
  74.289 -    regs->cr_ipsr |=IA64_PSR_ED;
  74.290 -    return IA64_FAULT;
  74.291 -}
  74.292 -
  74.293 -/* We came here because the H/W VHPT walker failed to find an entry */
  74.294 -IA64FAULT
  74.295 -vmx_hpw_miss(u64 vadr , u64 vec, REGS* regs)
  74.296 -{
  74.297 -    IA64_PSR vpsr;
  74.298 -    int type;
  74.299 -    u64 vhpt_adr, gppa, pteval, rr, itir;
  74.300 -    ISR misr;
  74.301 -    PTA vpta;
  74.302 -    thash_data_t *data;
  74.303 -    VCPU *v = current;
  74.304 -
  74.305 -    vpsr.val = VCPU(v, vpsr);
  74.306 -    misr.val = VMX(v,cr_isr);
  74.307 -    
  74.308 -    if (vec == 1)
  74.309 -        type = ISIDE_TLB;
  74.310 -    else if (vec == 2)
  74.311 -        type = DSIDE_TLB;
  74.312 -    else
  74.313 -        panic_domain(regs, "wrong vec:%lx\n", vec);
  74.314 -
  74.315 -    if(is_physical_mode(v)&&(!(vadr<<1>>62))){
  74.316 -        if(vec==2){
  74.317 -            if (misr.sp) /* Refer to SDM Vol2 Table 4-11,4-12 */
  74.318 -                return vmx_handle_lds(regs);
  74.319 -            if (v->domain != dom0
  74.320 -                && __gpfn_is_io(v->domain, (vadr << 1) >> (PAGE_SHIFT + 1))) {
  74.321 -                emulate_io_inst(v,((vadr<<1)>>1),4);   //  UC
  74.322 -                return IA64_FAULT;
  74.323 -            }
  74.324 -        }
  74.325 -        physical_tlb_miss(v, vadr, type);
  74.326 -        return IA64_FAULT;
  74.327 -    }
  74.328 -    
  74.329 -try_again:
  74.330 -    if((data=vtlb_lookup(v, vadr,type))!=0){
  74.331 -        if (v->domain != dom0 && type == DSIDE_TLB) {
  74.332 -            if (misr.sp) { /* Refer to SDM Vol2 Table 4-10,4-12 */
  74.333 -                if ((data->ma == VA_MATTR_UC) || (data->ma == VA_MATTR_UCE))
  74.334 -                    return vmx_handle_lds(regs);
  74.335 -            }
  74.336 -            gppa = (vadr & ((1UL << data->ps) - 1)) +
  74.337 -                   (data->ppn >> (data->ps - 12) << data->ps);
  74.338 -            if (__gpfn_is_io(v->domain, gppa >> PAGE_SHIFT)) {
  74.339 -                if (misr.sp)
  74.340 -                    panic_domain(NULL, "ld.s on I/O page not with UC attr."
  74.341 -                                 " pte=0x%lx\n", data->page_flags);
  74.342 -                if (data->pl >= ((regs->cr_ipsr >> IA64_PSR_CPL0_BIT) & 3))
  74.343 -                    emulate_io_inst(v, gppa, data->ma);
  74.344 -                else {
  74.345 -                    vcpu_set_isr(v, misr.val);
  74.346 -                    data_access_rights(v, vadr);
  74.347 -                }
  74.348 -                return IA64_FAULT;
  74.349 -            }
  74.350 -        }
  74.351 -        thash_vhpt_insert(v, data->page_flags, data->itir, vadr, type);
  74.352 -
  74.353 -    }else if(type == DSIDE_TLB){
  74.354 -    
  74.355 -        if (misr.sp)
  74.356 -            return vmx_handle_lds(regs);
  74.357 -
  74.358 -        vcpu_get_rr(v, vadr, &rr);
  74.359 -        itir = rr & (RR_RID_MASK | RR_PS_MASK);
  74.360 -
  74.361 -        if(!vhpt_enabled(v, vadr, misr.rs?RSE_REF:DATA_REF)){
  74.362 -            if (GOS_WINDOWS(v)) {
  74.363 -                /* windows use region 4 and 5 for identity mapping */
  74.364 -                if (REGION_NUMBER(vadr) == 4 && !(regs->cr_ipsr & IA64_PSR_CPL)
  74.365 -                    && (REGION_OFFSET(vadr)<= _PAGE_PPN_MASK)) {
  74.366 -
  74.367 -                    pteval = PAGEALIGN(REGION_OFFSET(vadr), itir_ps(itir)) |
  74.368 -                             (_PAGE_P | _PAGE_A | _PAGE_D |
  74.369 -                               _PAGE_MA_WB | _PAGE_AR_RW);
  74.370 -
  74.371 -                    if (thash_purge_and_insert(v, pteval, itir, vadr, type))
  74.372 -                        goto try_again;
  74.373 -
  74.374 -                    return IA64_NO_FAULT;
  74.375 -                }
  74.376 -
  74.377 -                if (REGION_NUMBER(vadr) == 5 && !(regs->cr_ipsr & IA64_PSR_CPL)
  74.378 -                    && (REGION_OFFSET(vadr)<= _PAGE_PPN_MASK)) {
  74.379 -
  74.380 -                    pteval = PAGEALIGN(REGION_OFFSET(vadr),itir_ps(itir)) |
  74.381 -                             (_PAGE_P | _PAGE_A | _PAGE_D |
  74.382 -                              _PAGE_MA_UC | _PAGE_AR_RW);
  74.383 -
  74.384 -                    if (thash_purge_and_insert(v, pteval, itir, vadr, type))
  74.385 -                        goto try_again;
  74.386 -
  74.387 -                    return IA64_NO_FAULT;
  74.388 -                }
  74.389 -            }
  74.390 -
  74.391 -            if(vpsr.ic){
  74.392 -                vcpu_set_isr(v, misr.val);
  74.393 -                alt_dtlb(v, vadr);
  74.394 -                return IA64_FAULT;
  74.395 -            } else{
  74.396 -                nested_dtlb(v);
  74.397 -                return IA64_FAULT;
  74.398 -            }
  74.399 -        }
  74.400 -
  74.401 -        vpta.val = vmx_vcpu_get_pta(v);
  74.402 -        if (vpta.vf) {
  74.403 -            /* Long format is not yet supported.  */
  74.404 -            if (vpsr.ic) {
  74.405 -                vcpu_set_isr(v, misr.val);
  74.406 -                dtlb_fault(v, vadr);
  74.407 -                return IA64_FAULT;
  74.408 -            } else {
  74.409 -                nested_dtlb(v);
  74.410 -                return IA64_FAULT;
  74.411 -            }
  74.412 -        }
  74.413 -
  74.414 -        /* avoid recursively walking (short format) VHPT */
  74.415 -        if (!GOS_WINDOWS(v) &&
  74.416 -            (((vadr ^ vpta.val) << 3) >> (vpta.size + 3)) == 0) {
  74.417 -
  74.418 -            if (vpsr.ic) {
  74.419 -                vcpu_set_isr(v, misr.val);
  74.420 -                dtlb_fault(v, vadr);
  74.421 -                return IA64_FAULT;
  74.422 -            } else {
  74.423 -                nested_dtlb(v);
  74.424 -                return IA64_FAULT;
  74.425 -            }
  74.426 -        }
  74.427 -            
  74.428 -        vhpt_adr = vmx_vcpu_thash(v, vadr);
  74.429 -        if (!guest_vhpt_lookup(vhpt_adr, &pteval)) {
  74.430 -            /* VHPT successfully read.  */
  74.431 -            if (!(pteval & _PAGE_P)) {
  74.432 -                if (vpsr.ic) {
  74.433 -                    vcpu_set_isr(v, misr.val);
  74.434 -                    dtlb_fault(v, vadr);
  74.435 -                    return IA64_FAULT;
  74.436 -                } else {
  74.437 -                    nested_dtlb(v);
  74.438 -                    return IA64_FAULT;
  74.439 -                }
  74.440 -            } else if ((pteval & _PAGE_MA_MASK) != _PAGE_MA_ST) {
  74.441 -                thash_purge_and_insert(v, pteval, itir, vadr, DSIDE_TLB);
  74.442 -                return IA64_NO_FAULT;
  74.443 -            } else if (vpsr.ic) {
  74.444 -                vcpu_set_isr(v, misr.val);
  74.445 -                dtlb_fault(v, vadr);
  74.446 -                return IA64_FAULT;
  74.447 -            }else{
  74.448 -                nested_dtlb(v);
  74.449 -                return IA64_FAULT;
  74.450 -            }
  74.451 -        } else {
  74.452 -            /* Can't read VHPT.  */
  74.453 -            if (vpsr.ic) {
  74.454 -                vcpu_set_isr(v, misr.val);
  74.455 -                dvhpt_fault(v, vadr);
  74.456 -                return IA64_FAULT;
  74.457 -            } else {
  74.458 -                nested_dtlb(v);
  74.459 -                return IA64_FAULT;
  74.460 -            }
  74.461 -        }
  74.462 -    }else if(type == ISIDE_TLB){
  74.463 -    
  74.464 -        if (!vpsr.ic)
  74.465 -            misr.ni = 1;
  74.466 -        if (!vhpt_enabled(v, vadr, INST_REF)) {
  74.467 -            vcpu_set_isr(v, misr.val);
  74.468 -            alt_itlb(v, vadr);
  74.469 -            return IA64_FAULT;
  74.470 -        }
  74.471 -
  74.472 -        vpta.val = vmx_vcpu_get_pta(v);
  74.473 -        if (vpta.vf) {
  74.474 -            /* Long format is not yet supported.  */
  74.475 -            vcpu_set_isr(v, misr.val);
  74.476 -            itlb_fault(v, vadr);
  74.477 -            return IA64_FAULT;
  74.478 -        }
  74.479 -
  74.480 -
  74.481 -        vhpt_adr = vmx_vcpu_thash(v, vadr);
  74.482 -        if (!guest_vhpt_lookup(vhpt_adr, &pteval)) {
  74.483 -            /* VHPT successfully read.  */
  74.484 -            if (pteval & _PAGE_P) {
  74.485 -                if ((pteval & _PAGE_MA_MASK) == _PAGE_MA_ST) {
  74.486 -                    vcpu_set_isr(v, misr.val);
  74.487 -                    itlb_fault(v, vadr);
  74.488 -                    return IA64_FAULT;
  74.489 -                }
  74.490 -                vcpu_get_rr(v, vadr, &rr);
  74.491 -                itir = rr & (RR_RID_MASK | RR_PS_MASK);
  74.492 -                thash_purge_and_insert(v, pteval, itir, vadr, ISIDE_TLB);
  74.493 -                return IA64_NO_FAULT;
  74.494 -            } else {
  74.495 -                vcpu_set_isr(v, misr.val);
  74.496 -                inst_page_not_present(v, vadr);
  74.497 -                return IA64_FAULT;
  74.498 -            }
  74.499 -        } else {
  74.500 -            vcpu_set_isr(v, misr.val);
  74.501 -            ivhpt_fault(v, vadr);
  74.502 -            return IA64_FAULT;
  74.503 -        }
  74.504 -    }
  74.505 -    return IA64_NO_FAULT;
  74.506 -}
    75.1 --- a/xen/arch/ia64/vmx/vmx_utility.c	Mon Jul 16 14:20:16 2007 -0500
    75.2 +++ b/xen/arch/ia64/vmx/vmx_utility.c	Tue Jul 17 10:20:21 2007 +0100
    75.3 @@ -26,7 +26,7 @@
    75.4  #include <asm/processor.h>
    75.5  #include <asm/vmx_mm_def.h>
    75.6  
    75.7 -
    75.8 +#ifdef CHECK_FAULT
    75.9  /*
   75.10   * Return:
   75.11   *  0:  Not reserved indirect registers
   75.12 @@ -71,6 +71,7 @@ is_reserved_indirect_register (
   75.13      return 0;
   75.14  
   75.15  }
   75.16 +#endif
   75.17  
   75.18  /*
   75.19   * Return:
   75.20 @@ -207,7 +208,7 @@ check_psr_rsv_fields (u64 value)
   75.21  }
   75.22  
   75.23  
   75.24 -
   75.25 +#ifdef CHECK_FAULT
   75.26  /*
   75.27   * Return:
   75.28   *  1: CR reserved fields are not zero
   75.29 @@ -310,9 +311,9 @@ check_cr_rsv_fields (int index, u64 valu
   75.30      panic ("Unsupported CR");
   75.31      return 0;
   75.32  }
   75.33 -
   75.34 +#endif
   75.35  
   75.36 -
   75.37 +#if 0
   75.38  /*
   75.39   * Return:
   75.40   *  0:  Indirect Reg reserved fields are not zero
   75.41 @@ -361,7 +362,7 @@ check_indirect_reg_rsv_fields ( int type
   75.42  
   75.43      return 1;
   75.44  }
   75.45 -
   75.46 +#endif
   75.47  
   75.48  
   75.49  
    76.1 --- a/xen/arch/ia64/vmx/vmx_vcpu.c	Mon Jul 16 14:20:16 2007 -0500
    76.2 +++ b/xen/arch/ia64/vmx/vmx_vcpu.c	Tue Jul 17 10:20:21 2007 +0100
    76.3 @@ -96,8 +96,7 @@ vmx_vcpu_set_psr(VCPU *vcpu, unsigned lo
    76.4       */
    76.5      VCPU(vcpu,vpsr) = value &
    76.6              (~ (IA64_PSR_ID |IA64_PSR_DA | IA64_PSR_DD |
    76.7 -                IA64_PSR_SS | IA64_PSR_ED | IA64_PSR_IA
    76.8 -            ));
    76.9 +                IA64_PSR_ED | IA64_PSR_IA));
   76.10  
   76.11      if ( !old_psr.i && (value & IA64_PSR_I) ) {
   76.12          // vpsr.i 0->1
    77.1 --- a/xen/arch/ia64/vmx/vmx_virt.c	Mon Jul 16 14:20:16 2007 -0500
    77.2 +++ b/xen/arch/ia64/vmx/vmx_virt.c	Tue Jul 17 10:20:21 2007 +0100
    77.3 @@ -178,8 +178,8 @@ static IA64FAULT vmx_emul_mov_to_psr(VCP
    77.4  {
    77.5      u64 val;
    77.6  
    77.7 -    if(vcpu_get_gr_nat(vcpu, inst.M35.r2, &val) != IA64_NO_FAULT)
    77.8 -	panic_domain(vcpu_regs(vcpu),"get_psr nat bit fault\n");
    77.9 +    if (vcpu_get_gr_nat(vcpu, inst.M35.r2, &val) != IA64_NO_FAULT)
   77.10 +        panic_domain(vcpu_regs(vcpu),"get_psr nat bit fault\n");
   77.11  
   77.12      return vmx_vcpu_set_psr_l(vcpu, val);
   77.13  }
   77.14 @@ -914,7 +914,6 @@ static IA64FAULT vmx_emul_mov_to_dbr(VCP
   77.15  static IA64FAULT vmx_emul_mov_to_ibr(VCPU *vcpu, INST64 inst)
   77.16  {
   77.17      u64 r3,r2;
   77.18 -    return IA64_NO_FAULT;
   77.19  #ifdef  CHECK_FAULT
   77.20      IA64_PSR vpsr;
   77.21      vpsr.val=vmx_vcpu_get_psr(vcpu);
   77.22 @@ -932,7 +931,7 @@ static IA64FAULT vmx_emul_mov_to_ibr(VCP
   77.23          return IA64_FAULT;
   77.24  #endif  //CHECK_FAULT
   77.25      }
   77.26 -    return (vmx_vcpu_set_ibr(vcpu,r3,r2));
   77.27 +    return vmx_vcpu_set_ibr(vcpu,r3,r2);
   77.28  }
   77.29  
   77.30  static IA64FAULT vmx_emul_mov_to_pmc(VCPU *vcpu, INST64 inst)
   77.31 @@ -1062,6 +1061,7 @@ static IA64FAULT vmx_emul_mov_from_pkr(V
   77.32  static IA64FAULT vmx_emul_mov_from_dbr(VCPU *vcpu, INST64 inst)
   77.33  {
   77.34      u64 r3,r1;
   77.35 +    IA64FAULT res;
   77.36  #ifdef  CHECK_FAULT
   77.37      if(check_target_register(vcpu, inst.M43.r1)){
   77.38          set_illegal_op_isr(vcpu);
   77.39 @@ -1092,13 +1092,16 @@ static IA64FAULT vmx_emul_mov_from_dbr(V
   77.40          return IA64_FAULT;
   77.41      }
   77.42  #endif  //CHECK_FAULT
   77.43 -    r1 = vmx_vcpu_get_dbr(vcpu, r3);
   77.44 +    res = vmx_vcpu_get_ibr(vcpu, r3, &r1);
   77.45 +    if (res != IA64_NO_FAULT)
   77.46 +        return res;
   77.47      return vcpu_set_gr(vcpu, inst.M43.r1, r1,0);
   77.48  }
   77.49  
   77.50  static IA64FAULT vmx_emul_mov_from_ibr(VCPU *vcpu, INST64 inst)
   77.51  {
   77.52      u64 r3,r1;
   77.53 +    IA64FAULT res;
   77.54  #ifdef  CHECK_FAULT
   77.55      if(check_target_register(vcpu, inst.M43.r1)){
   77.56          set_illegal_op_isr(vcpu);
   77.57 @@ -1129,7 +1132,9 @@ static IA64FAULT vmx_emul_mov_from_ibr(V
   77.58          return IA64_FAULT;
   77.59      }
   77.60  #endif  //CHECK_FAULT
   77.61 -    r1 = vmx_vcpu_get_ibr(vcpu, r3);
   77.62 +    res = vmx_vcpu_get_dbr(vcpu, r3, &r1);
   77.63 +    if (res != IA64_NO_FAULT)
   77.64 +        return res;
   77.65      return vcpu_set_gr(vcpu, inst.M43.r1, r1,0);
   77.66  }
   77.67  
   77.68 @@ -1562,22 +1567,38 @@ if ( (cause == 0xff && opcode == 0x1e000
   77.69          break;
   77.70      case EVENT_VMSW:
   77.71          printk ("Unimplemented instruction %ld\n", cause);
   77.72 -	status=IA64_FAULT;
   77.73 +        status=IA64_FAULT;
   77.74          break;
   77.75      default:
   77.76 -        panic_domain(regs,"unknown cause %ld, iip: %lx, ipsr: %lx\n", cause,regs->cr_iip,regs->cr_ipsr);
   77.77 +        panic_domain(regs,"unknown cause %ld, iip: %lx, ipsr: %lx\n",
   77.78 +                     cause,regs->cr_iip,regs->cr_ipsr);
   77.79          break;
   77.80      };
   77.81  
   77.82  #if 0
   77.83 -    if (status == IA64_FAULT)
   77.84 +    if (status != IA64_NO_FAULT)
   77.85  	panic("Emulation failed with cause %d:\n", cause);
   77.86  #endif
   77.87  
   77.88 -    if ( status == IA64_NO_FAULT && cause !=EVENT_RFI ) {
   77.89 -        vcpu_increment_iip(vcpu);
   77.90 +    switch (status) {
   77.91 +    case IA64_RSVDREG_FAULT:
   77.92 +        set_rsv_reg_field_isr(vcpu);
   77.93 +        rsv_reg_field(vcpu);
   77.94 +        break;
   77.95 +    case IA64_ILLOP_FAULT:
   77.96 +        set_illegal_op_isr(vcpu);
   77.97 +        illegal_op(vcpu);
   77.98 +        break;
   77.99 +    case IA64_FAULT:
  77.100 +        /* Registers aleady set.  */
  77.101 +        break;
  77.102 +    case IA64_NO_FAULT:
  77.103 +        if ( cause != EVENT_RFI )
  77.104 +            vcpu_increment_iip(vcpu);
  77.105 +        break;
  77.106      }
  77.107  
  77.108 +
  77.109      recover_if_physical_mode(vcpu);
  77.110      return;
  77.111  
    78.1 --- a/xen/arch/ia64/xen/Makefile	Mon Jul 16 14:20:16 2007 -0500
    78.2 +++ b/xen/arch/ia64/xen/Makefile	Tue Jul 17 10:20:21 2007 +0100
    78.3 @@ -10,6 +10,7 @@ obj-y += dom_fw_common.o
    78.4  obj-y += dom_fw_dom0.o
    78.5  obj-y += dom_fw_domu.o
    78.6  obj-y += dom_fw_utils.o
    78.7 +obj-y += dom_fw_sn2.o
    78.8  obj-y += fw_emul.o
    78.9  obj-y += hpsimserial.o
   78.10  obj-y += hypercall.o
    79.1 --- a/xen/arch/ia64/xen/dom0_ops.c	Mon Jul 16 14:20:16 2007 -0500
    79.2 +++ b/xen/arch/ia64/xen/dom0_ops.c	Tue Jul 17 10:20:21 2007 +0100
    79.3 @@ -224,12 +224,6 @@ long arch_do_domctl(xen_domctl_t *op, XE
    79.4      return ret;
    79.5  }
    79.6  
    79.7 -/*
    79.8 - * Temporarily disable the NUMA PHYSINFO code until the rest of the
    79.9 - * changes are upstream.
   79.10 - */
   79.11 -#undef IA64_NUMA_PHYSINFO
   79.12 -
   79.13  long arch_do_sysctl(xen_sysctl_t *op, XEN_GUEST_HANDLE(xen_sysctl_t) u_sysctl)
   79.14  {
   79.15      long ret = 0;
   79.16 @@ -238,46 +232,47 @@ long arch_do_sysctl(xen_sysctl_t *op, XE
   79.17      {
   79.18      case XEN_SYSCTL_physinfo:
   79.19      {
   79.20 -#ifdef IA64_NUMA_PHYSINFO
   79.21 -        int i;
   79.22 -        uint32_t *map, cpu_to_node_map[NR_CPUS];
   79.23 -#endif
   79.24 +        int i, node_cpus = 0;
   79.25 +        uint32_t max_array_ent;
   79.26  
   79.27          xen_sysctl_physinfo_t *pi = &op->u.physinfo;
   79.28  
   79.29 -        pi->threads_per_core =
   79.30 -            cpus_weight(cpu_sibling_map[0]);
   79.31 +        pi->threads_per_core = cpus_weight(cpu_sibling_map[0]);
   79.32          pi->cores_per_socket =
   79.33              cpus_weight(cpu_core_map[0]) / pi->threads_per_core;
   79.34          pi->nr_nodes         = num_online_nodes();
   79.35 -        pi->sockets_per_node = num_online_cpus() / 
   79.36 -            (pi->nr_nodes * pi->cores_per_socket * pi->threads_per_core);
   79.37 +
   79.38 +        /*
   79.39 +         * Guess at a sockets_per_node value.  Use the maximum number of
   79.40 +         * CPUs per node to avoid deconfigured CPUs breaking the average.
   79.41 +         */
   79.42 +        for_each_online_node(i)
   79.43 +            node_cpus = max(node_cpus, cpus_weight(node_to_cpumask(i)));
   79.44 +
   79.45 +        pi->sockets_per_node = node_cpus / 
   79.46 +            (pi->cores_per_socket * pi->threads_per_core);
   79.47 +
   79.48          pi->total_pages      = total_pages; 
   79.49          pi->free_pages       = avail_domheap_pages();
   79.50          pi->scrub_pages      = avail_scrub_pages();
   79.51          pi->cpu_khz          = local_cpu_data->proc_freq / 1000;
   79.52          memset(pi->hw_cap, 0, sizeof(pi->hw_cap));
   79.53 -        //memcpy(pi->hw_cap, boot_cpu_data.x86_capability, NCAPINTS*4);
   79.54 +
   79.55 +        max_array_ent = pi->max_cpu_id;
   79.56 +        pi->max_cpu_id = last_cpu(cpu_online_map);
   79.57 +        max_array_ent = min_t(uint32_t, max_array_ent, pi->max_cpu_id);
   79.58 +
   79.59          ret = 0;
   79.60  
   79.61 -#ifdef IA64_NUMA_PHYSINFO
   79.62 -        /* fetch cpu_to_node pointer from guest */
   79.63 -        get_xen_guest_handle(map, pi->cpu_to_node);
   79.64 -
   79.65 -        /* if set, fill out cpu_to_node array */
   79.66 -        if (map != NULL) {
   79.67 -            /* copy cpu to node mapping to domU */
   79.68 -            memset(cpu_to_node_map, 0, sizeof(cpu_to_node_map));
   79.69 -            for (i = 0; i < num_online_cpus(); i++) {
   79.70 -                cpu_to_node_map[i] = cpu_to_node(i);
   79.71 -                if (copy_to_guest_offset(pi->cpu_to_node, i,
   79.72 -                                         &(cpu_to_node_map[i]), 1)) {
   79.73 +        if (!guest_handle_is_null(pi->cpu_to_node)) {
   79.74 +            for (i = 0; i <= max_array_ent; i++) {
   79.75 +                uint32_t node = cpu_online(i) ? cpu_to_node(i) : ~0u;
   79.76 +                if (copy_to_guest_offset(pi->cpu_to_node, i, &node, 1)) {
   79.77                      ret = -EFAULT;
   79.78                      break;
   79.79                  }
   79.80              }
   79.81          }
   79.82 -#endif
   79.83  
   79.84          if ( copy_to_guest(u_sysctl, op, 1) )
   79.85              ret = -EFAULT;
    80.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    80.2 +++ b/xen/arch/ia64/xen/dom_fw_sn2.c	Tue Jul 17 10:20:21 2007 +0100
    80.3 @@ -0,0 +1,92 @@
    80.4 +/*
    80.5 + *  Xen domain0 platform firmware fixups for sn2
    80.6 + *  Copyright (C) 2007 Silicon Graphics Inc.
    80.7 + *       Jes Sorensen <jes@sgi.com>
    80.8 + *
    80.9 + * This program is free software; you can redistribute it and/or modify
   80.10 + * it under the terms of the GNU General Public License as published by
   80.11 + * the Free Software Foundation; version 2.
   80.12 + *
   80.13 + * This program is distributed in the hope that it will be useful,
   80.14 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
   80.15 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   80.16 + * GNU General Public License for more details.
   80.17 + *
   80.18 + * You should have received a copy of the GNU General Public License
   80.19 + * along with this program; if not, write to the Free Software
   80.20 + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
   80.21 + */
   80.22 +
   80.23 +#include <xen/config.h>
   80.24 +#include <xen/acpi.h>
   80.25 +#include <xen/errno.h>
   80.26 +#include <xen/sched.h>
   80.27 +#include <xen/nodemask.h>
   80.28 +
   80.29 +#include <asm/dom_fw.h>
   80.30 +#include <asm/dom_fw_common.h>
   80.31 +#include <asm/dom_fw_dom0.h>
   80.32 +#include <asm/dom_fw_utils.h>
   80.33 +
   80.34 +#include <asm/sn/arch.h>
   80.35 +#include <asm/sn/addrs.h>
   80.36 +#include <asm/sn/shub_mmr.h>
   80.37 +
   80.38 +#define SWAP_NASID(n, x)       ((x & ~NASID_MASK) | NASID_SPACE(n))
   80.39 +
   80.40 +int __init
   80.41 +sn2_dom_fw_init(domain_t *d,
   80.42 +		struct xen_ia64_boot_param *bp,
   80.43 +		struct fw_tables *tables)
   80.44 +{
   80.45 +	int node;
   80.46 +	short nasid;
   80.47 +	unsigned long shubid, shubpicam, shubpiowrite;
   80.48 +
   80.49 +	printk("SN2 mapping specific registers to dom0\n");
   80.50 +
   80.51 +	assign_domain_mach_page(d, LOCAL_MMR_OFFSET | SH_RTC, PAGE_SIZE,
   80.52 +				ASSIGN_nocache);
   80.53 +
   80.54 +	if (is_shub1()) {
   80.55 +		/* 0x110060000 */
   80.56 +		shubid = SH1_GLOBAL_MMR_OFFSET + (SH1_SHUB_ID & PAGE_MASK);
   80.57 +		/* 0x120050000 */
   80.58 +		shubpicam = SH1_GLOBAL_MMR_OFFSET +
   80.59 +			(SH1_PI_CAM_CONTROL & PAGE_MASK);
   80.60 +		/* 0x120070000 */
   80.61 +		shubpiowrite = SH1_GLOBAL_MMR_OFFSET +
   80.62 +			(SH1_PIO_WRITE_STATUS_0 & PAGE_MASK);
   80.63 +
   80.64 +		for_each_online_node(node) {
   80.65 +			nasid = cnodeid_to_nasid(node);
   80.66 +			shubid = SWAP_NASID(nasid, shubid);
   80.67 +			shubpicam = SWAP_NASID(nasid, shubpicam);
   80.68 +			shubpiowrite = SWAP_NASID(nasid, shubpiowrite);
   80.69 +
   80.70 +			assign_domain_mach_page(d, shubid, PAGE_SIZE,
   80.71 +						ASSIGN_nocache);
   80.72 +			assign_domain_mach_page(d, shubpicam, PAGE_SIZE,
   80.73 +						ASSIGN_nocache);
   80.74 +			assign_domain_mach_page(d, shubpiowrite, PAGE_SIZE,
   80.75 +						ASSIGN_nocache);
   80.76 +		}
   80.77 +
   80.78 +		/* map leds */
   80.79 +		assign_domain_mach_page(d, LOCAL_MMR_OFFSET |
   80.80 +					SH1_REAL_JUNK_BUS_LED0,
   80.81 +					PAGE_SIZE, ASSIGN_nocache);
   80.82 +		assign_domain_mach_page(d, LOCAL_MMR_OFFSET |
   80.83 +					SH1_REAL_JUNK_BUS_LED1,
   80.84 +					PAGE_SIZE, ASSIGN_nocache);
   80.85 +		assign_domain_mach_page(d, LOCAL_MMR_OFFSET |
   80.86 +					SH1_REAL_JUNK_BUS_LED2,
   80.87 +					PAGE_SIZE, ASSIGN_nocache);
   80.88 +		assign_domain_mach_page(d, LOCAL_MMR_OFFSET |
   80.89 +					SH1_REAL_JUNK_BUS_LED3,
   80.90 +					PAGE_SIZE, ASSIGN_nocache);
   80.91 +	} else
   80.92 +		panic("Unable to build EFI entry for SHUB 2 MMR\n");
   80.93 +
   80.94 +	return 0;
   80.95 +}
    81.1 --- a/xen/arch/ia64/xen/dom_fw_utils.c	Mon Jul 16 14:20:16 2007 -0500
    81.2 +++ b/xen/arch/ia64/xen/dom_fw_utils.c	Tue Jul 17 10:20:21 2007 +0100
    81.3 @@ -52,7 +52,6 @@ int xen_ia64_is_vcpu_allocated(struct do
    81.4  
    81.5  int xen_ia64_is_running_on_sim(struct domain *unused)
    81.6  {
    81.7 -	extern unsigned long running_on_sim;
    81.8  	return running_on_sim;
    81.9  }
   81.10  
   81.11 @@ -251,10 +250,28 @@ int dom_fw_setup(domain_t * d, unsigned 
   81.12  		imva_hypercall_base = (unsigned long)domain_mpa_to_imva
   81.13  		    (d, FW_HYPERCALL_BASE_PADDR);
   81.14  
   81.15 +		/*
   81.16 +		 * dom_fw_init()
   81.17 +		 *   - [FW_HYPERCALL_BASE_PADDR, FW_HYPERCALL_END_PADDR)
   81.18 +		 *   - [FW_ACPI_BASE_PADDR, FW_ACPI_END_PADDR)
   81.19 +		 *   - [FW_TABLES_BASE_PADDR, tables->fw_tables_end_paddr)
   81.20 +		 *
   81.21 +		 * complete_dom0_memmap() for dom0
   81.22 +		 *   - real machine memory map
   81.23 +		 *   - memmap_info by setup_dom0_memmap_info()
   81.24 +		 *
   81.25 +		 * complete_domu_memmap() for old domu builder
   81.26 +		 *   - I/O port
   81.27 +		 *   - conventional memory
   81.28 +		 *   - memmap_info
   81.29 +		 */
   81.30 +#define NUM_EXTRA_MEM_DESCS     4
   81.31 +
   81.32  		/* Estimate necessary efi memmap size and allocate memory */
   81.33  		fw_tables_size = sizeof(*fw_tables) +
   81.34  			(ia64_boot_param->efi_memmap_size /
   81.35 -			 ia64_boot_param->efi_memdesc_size + NUM_MEM_DESCS) *
   81.36 +			 ia64_boot_param->efi_memdesc_size +
   81.37 +			 NUM_EXTRA_MEM_DESCS) *
   81.38  			sizeof(fw_tables->efi_memmap[0]);
   81.39  		if (fw_tables_size <
   81.40  		    FW_TABLES_END_PADDR_MIN - FW_TABLES_BASE_PADDR)
   81.41 @@ -292,14 +309,22 @@ int dom_fw_setup(domain_t * d, unsigned 
   81.42  			xfree(fw_tables);
   81.43  			return ret;
   81.44  		}
   81.45 +
   81.46 +		ret = platform_fw_init(d, bp, fw_tables);
   81.47 +		if (ret < 0) {
   81.48 +			xfree(fw_tables);
   81.49 +			return ret;
   81.50 +		}
   81.51 +
   81.52  		if (sizeof(*fw_tables) +
   81.53  		    fw_tables->num_mds * sizeof(fw_tables->efi_memmap[0]) >
   81.54  		    fw_tables_size) {
   81.55 -			panic("EFI memmap too large. Increase NUM_MEM_DESCS.\n"
   81.56 +			panic("EFI memmap too large. "
   81.57 +			      "Increase NUM_EXTRA_MEM_DESCS.\n"
   81.58  			      "fw_table_size %ld > %ld num_mds %ld "
   81.59 -			      "NUM_MEM_DESCS %d.\n",
   81.60 +			      "NUM_EXTRA_MEM_DESCS %d.\n",
   81.61  			      fw_tables_size, fw_tables->fw_tables_size,
   81.62 -			      fw_tables->num_mds, NUM_MEM_DESCS);
   81.63 +			      fw_tables->num_mds, NUM_EXTRA_MEM_DESCS);
   81.64  		}
   81.65  		fw_tables_size = sizeof(*fw_tables) +
   81.66  			fw_tables->num_mds * sizeof(fw_tables->efi_memmap[0]);
    82.1 --- a/xen/arch/ia64/xen/domain.c	Mon Jul 16 14:20:16 2007 -0500
    82.2 +++ b/xen/arch/ia64/xen/domain.c	Tue Jul 17 10:20:21 2007 +0100
    82.3 @@ -58,8 +58,6 @@ static unsigned long __initdata dom0_siz
    82.4  static unsigned int __initdata dom0_max_vcpus = 1;
    82.5  integer_param("dom0_max_vcpus", dom0_max_vcpus); 
    82.6  
    82.7 -extern unsigned long running_on_sim;
    82.8 -
    82.9  extern char dom0_command_line[];
   82.10  
   82.11  /* forward declaration */
   82.12 @@ -237,6 +235,14 @@ void context_switch(struct vcpu *prev, s
   82.13      ia64_disable_vhpt_walker();
   82.14      lazy_fp_switch(prev, current);
   82.15  
   82.16 +    if (prev->arch.dbg_used || next->arch.dbg_used) {
   82.17 +        /*
   82.18 +         * Load debug registers either because they are valid or to clear
   82.19 +         * the previous one.
   82.20 +         */
   82.21 +        ia64_load_debug_regs(next->arch.dbr);
   82.22 +    }
   82.23 +    
   82.24      prev = ia64_switch_to(next);
   82.25  
   82.26      /* Note: ia64_switch_to does not return here at vcpu initialization.  */
   82.27 @@ -361,10 +367,6 @@ void startup_cpu_idle_loop(void)
   82.28  # error "XMAPPEDREGS_SHIFT doesn't match sizeof(mapped_regs_t)."
   82.29  #endif
   82.30  
   82.31 -#if (IA64_RBS_OFFSET % 512) != IA64_GUEST_CONTEXT_RBS_OFFSET
   82.32 -# error "arch-ia64.h: IA64_GUEST_CONTEXT_RBS_OFFSET must be adjusted."
   82.33 -#endif
   82.34 -
   82.35  void hlt_timer_fn(void *data)
   82.36  {
   82.37  	struct vcpu *v = data;
   82.38 @@ -608,6 +610,8 @@ int arch_vcpu_reset(struct vcpu *v)
   82.39  	return 0;
   82.40  }
   82.41  
   82.42 +#define COPY_FPREG(dst, src) memcpy(dst, src, sizeof(struct ia64_fpreg))
   82.43 +
   82.44  void arch_get_info_guest(struct vcpu *v, vcpu_guest_context_u c)
   82.45  {
   82.46  	int i;
   82.47 @@ -674,12 +678,12 @@ void arch_get_info_guest(struct vcpu *v,
   82.48  
   82.49  	c.nat->regs.ar.ccv = uregs->ar_ccv;
   82.50  
   82.51 -	c.nat->regs.f[6] = uregs->f6;
   82.52 -	c.nat->regs.f[7] = uregs->f7;
   82.53 -	c.nat->regs.f[8] = uregs->f8;
   82.54 -	c.nat->regs.f[9] = uregs->f9;
   82.55 -	c.nat->regs.f[10] = uregs->f10;
   82.56 -	c.nat->regs.f[11] = uregs->f11;
   82.57 +	COPY_FPREG(&c.nat->regs.f[6], &uregs->f6);
   82.58 +	COPY_FPREG(&c.nat->regs.f[7], &uregs->f7);
   82.59 +	COPY_FPREG(&c.nat->regs.f[8], &uregs->f8);
   82.60 +	COPY_FPREG(&c.nat->regs.f[9], &uregs->f9);
   82.61 +	COPY_FPREG(&c.nat->regs.f[10], &uregs->f10);
   82.62 +	COPY_FPREG(&c.nat->regs.f[11], &uregs->f11);
   82.63  
   82.64  	c.nat->regs.r[4] = uregs->r4;
   82.65  	c.nat->regs.r[5] = uregs->r5;
   82.66 @@ -689,12 +693,21 @@ void arch_get_info_guest(struct vcpu *v,
   82.67  	/* FIXME: to be reordered.  */
   82.68  	c.nat->regs.nats = uregs->eml_unat;
   82.69  
   82.70 +	c.nat->regs.rbs_voff = (IA64_RBS_OFFSET / 8) % 64;
   82.71  	if (rbs_size < sizeof (c.nat->regs.rbs))
   82.72 -		memcpy (c.nat->regs.rbs, (char *)v + IA64_RBS_OFFSET, rbs_size);
   82.73 +		memcpy(c.nat->regs.rbs, (char *)v + IA64_RBS_OFFSET, rbs_size);
   82.74  
   82.75   	c.nat->privregs_pfn = get_gpfn_from_mfn
   82.76  		(virt_to_maddr(v->arch.privregs) >> PAGE_SHIFT);
   82.77  
   82.78 +	for (i = 0; i < IA64_NUM_DBG_REGS; i++) {
   82.79 +		vcpu_get_dbr(v, i, &c.nat->regs.dbr[i]);
   82.80 +		vcpu_get_ibr(v, i, &c.nat->regs.ibr[i]);
   82.81 +	}
   82.82 +
   82.83 +	for (i = 0; i < 7; i++)
   82.84 +		vcpu_get_rr(v, (unsigned long)i << 61, &c.nat->regs.rr[i]);
   82.85 +
   82.86  	/* Fill extra regs.  */
   82.87  	for (i = 0; i < 8; i++) {
   82.88  		tr->itrs[i].pte = v->arch.itrs[i].pte.val;
   82.89 @@ -724,7 +737,7 @@ int arch_set_info_guest(struct vcpu *v, 
   82.90  	struct domain *d = v->domain;
   82.91  	int was_initialised = v->is_initialised;
   82.92  	unsigned int rbs_size;
   82.93 -	int rc;
   82.94 +	int rc, i;
   82.95  
   82.96  	/* Finish vcpu initialization.  */
   82.97  	if (!was_initialised) {
   82.98 @@ -777,7 +790,7 @@ int arch_set_info_guest(struct vcpu *v, 
   82.99  	if (!was_initialised)
  82.100  		uregs->loadrs = (rbs_size) << 16;
  82.101  	if (rbs_size == (uregs->loadrs >> 16))
  82.102 -		memcpy ((char *)v + IA64_RBS_OFFSET, c.nat->regs.rbs, rbs_size);
  82.103 +		memcpy((char *)v + IA64_RBS_OFFSET, c.nat->regs.rbs, rbs_size);
  82.104  
  82.105  	uregs->r1 = c.nat->regs.r[1];
  82.106  	uregs->r12 = c.nat->regs.r[12];
  82.107 @@ -807,12 +820,12 @@ int arch_set_info_guest(struct vcpu *v, 
  82.108  	
  82.109  	uregs->ar_ccv = c.nat->regs.ar.ccv;
  82.110  	
  82.111 -	uregs->f6 = c.nat->regs.f[6];
  82.112 -	uregs->f7 = c.nat->regs.f[7];
  82.113 -	uregs->f8 = c.nat->regs.f[8];
  82.114 -	uregs->f9 = c.nat->regs.f[9];
  82.115 -	uregs->f10 = c.nat->regs.f[10];
  82.116 -	uregs->f11 = c.nat->regs.f[11];
  82.117 +	COPY_FPREG(&uregs->f6, &c.nat->regs.f[6]);
  82.118 +	COPY_FPREG(&uregs->f7, &c.nat->regs.f[7]);
  82.119 +	COPY_FPREG(&uregs->f8, &c.nat->regs.f[8]);
  82.120 +	COPY_FPREG(&uregs->f9, &c.nat->regs.f[9]);
  82.121 +	COPY_FPREG(&uregs->f10, &c.nat->regs.f[10]);
  82.122 +	COPY_FPREG(&uregs->f11, &c.nat->regs.f[11]);
  82.123  	
  82.124  	uregs->r4 = c.nat->regs.r[4];
  82.125  	uregs->r5 = c.nat->regs.r[5];
  82.126 @@ -825,12 +838,17 @@ int arch_set_info_guest(struct vcpu *v, 
  82.127  	
  82.128   	if (!d->arch.is_vti) {
  82.129   		/* domain runs at PL2/3 */
  82.130 - 		uregs->cr_ipsr |= 2UL << IA64_PSR_CPL0_BIT;
  82.131 - 		uregs->ar_rsc |= (2 << 2); /* force PL2/3 */
  82.132 + 		uregs->cr_ipsr = vcpu_pl_adjust(uregs->cr_ipsr,
  82.133 +		                                IA64_PSR_CPL0_BIT);
  82.134 + 		uregs->ar_rsc = vcpu_pl_adjust(uregs->ar_rsc, 2);
  82.135   	}
  82.136  
  82.137 +	for (i = 0; i < IA64_NUM_DBG_REGS; i++) {
  82.138 +		vcpu_set_dbr(v, i, c.nat->regs.dbr[i]);
  82.139 +		vcpu_set_ibr(v, i, c.nat->regs.ibr[i]);
  82.140 +	}
  82.141 +
  82.142  	if (c.nat->flags & VGCF_EXTRA_REGS) {
  82.143 -		int i;
  82.144  		struct vcpu_tr_regs *tr = &c.nat->regs.tr;
  82.145  
  82.146  		for (i = 0; i < 8; i++) {
  82.147 @@ -1497,3 +1515,48 @@ static void __init parse_dom0_mem(char *
  82.148  	dom0_size = parse_size_and_unit(s, NULL);
  82.149  }
  82.150  custom_param("dom0_mem", parse_dom0_mem);
  82.151 +
  82.152 +/*
  82.153 + * Helper function for the optimization stuff handling the identity mapping
  82.154 + * feature.
  82.155 + */
  82.156 +static inline void
  82.157 +optf_set_identity_mapping(unsigned long* mask, struct identity_mapping* im,
  82.158 +			  struct xen_ia64_opt_feature* f)
  82.159 +{
  82.160 +	if (f->on) {
  82.161 +		*mask |= f->cmd;
  82.162 +		im->pgprot = f->pgprot;
  82.163 +		im->key = f->key;
  82.164 +	} else {
  82.165 +		*mask &= ~(f->cmd);
  82.166 +		im->pgprot = 0;
  82.167 +		im->key = 0;
  82.168 +	}
  82.169 +}
  82.170 +
  82.171 +/* Switch a optimization feature on/off. */
  82.172 +int
  82.173 +domain_opt_feature(struct xen_ia64_opt_feature* f)
  82.174 +{
  82.175 +	struct opt_feature* optf = &(current->domain->arch.opt_feature);
  82.176 +	long rc = 0;
  82.177 +
  82.178 +	switch (f->cmd) {
  82.179 +	case XEN_IA64_OPTF_IDENT_MAP_REG4:
  82.180 +		optf_set_identity_mapping(&optf->mask, &optf->im_reg4, f);
  82.181 +		break;
  82.182 +	case XEN_IA64_OPTF_IDENT_MAP_REG5:
  82.183 +		optf_set_identity_mapping(&optf->mask, &optf->im_reg5, f);
  82.184 +		break;
  82.185 +	case XEN_IA64_OPTF_IDENT_MAP_REG7:
  82.186 +		optf_set_identity_mapping(&optf->mask, &optf->im_reg7, f);
  82.187 +		break;
  82.188 +	default:
  82.189 +		printk("%s: unknown opt_feature: %ld\n", __func__, f->cmd);
  82.190 +		rc = -ENOSYS;
  82.191 +		break;
  82.192 +	}
  82.193 +	return rc;
  82.194 +}
  82.195 +
    83.1 --- a/xen/arch/ia64/xen/faults.c	Mon Jul 16 14:20:16 2007 -0500
    83.2 +++ b/xen/arch/ia64/xen/faults.c	Tue Jul 17 10:20:21 2007 +0100
    83.3 @@ -38,10 +38,9 @@ extern void die_if_kernel(char *str, str
    83.4  extern int ia64_hyperprivop(unsigned long, REGS *);
    83.5  extern IA64FAULT ia64_hypercall(struct pt_regs *regs);
    83.6  
    83.7 -#define IA64_PSR_CPL1	(__IA64_UL(1) << IA64_PSR_CPL1_BIT)
    83.8  // note IA64_PSR_PK removed from following, why is this necessary?
    83.9  #define	DELIVER_PSR_SET	(IA64_PSR_IC | IA64_PSR_I | \
   83.10 -			IA64_PSR_DT | IA64_PSR_RT | IA64_PSR_CPL1 | \
   83.11 +			IA64_PSR_DT | IA64_PSR_RT | \
   83.12  			IA64_PSR_IT | IA64_PSR_BN)
   83.13  
   83.14  #define	DELIVER_PSR_CLR	(IA64_PSR_AC | IA64_PSR_DFL | IA64_PSR_DFH |	\
   83.15 @@ -92,6 +91,7 @@ static void reflect_interruption(unsigne
   83.16  
   83.17  	regs->cr_iip = ((unsigned long)PSCBX(v, iva) + vector) & ~0xffUL;
   83.18  	regs->cr_ipsr = (regs->cr_ipsr & ~DELIVER_PSR_CLR) | DELIVER_PSR_SET;
   83.19 +	regs->cr_ipsr = vcpu_pl_adjust(regs->cr_ipsr, IA64_PSR_CPL0_BIT);
   83.20  	if (PSCB(v, dcr) & IA64_DCR_BE)
   83.21  		regs->cr_ipsr |= IA64_PSR_BE;
   83.22  
   83.23 @@ -137,6 +137,7 @@ void reflect_event(void)
   83.24  
   83.25  	regs->cr_iip = v->arch.event_callback_ip;
   83.26  	regs->cr_ipsr = (regs->cr_ipsr & ~DELIVER_PSR_CLR) | DELIVER_PSR_SET;
   83.27 +	regs->cr_ipsr = vcpu_pl_adjust(regs->cr_ipsr, IA64_PSR_CPL0_BIT);
   83.28  	if (PSCB(v, dcr) & IA64_DCR_BE)
   83.29  		regs->cr_ipsr |= IA64_PSR_BE;
   83.30  
   83.31 @@ -236,6 +237,8 @@ void ia64_do_page_fault(unsigned long ad
   83.32  		    ((unsigned long)PSCBX(current, iva) + fault) & ~0xffUL;
   83.33  		regs->cr_ipsr =
   83.34  		    (regs->cr_ipsr & ~DELIVER_PSR_CLR) | DELIVER_PSR_SET;
   83.35 +		regs->cr_ipsr = vcpu_pl_adjust(regs->cr_ipsr,
   83.36 +					       IA64_PSR_CPL0_BIT);
   83.37  
   83.38  		if (PSCB(current, hpsr_dfh))
   83.39  			regs->cr_ipsr |= IA64_PSR_DFH;  
   83.40 @@ -488,8 +491,6 @@ ia64_fault(unsigned long vector, unsigne
   83.41  	panic("Fault in Xen.\n");
   83.42  }
   83.43  
   83.44 -unsigned long running_on_sim = 0;
   83.45 -
   83.46  /* Also read in hyperprivop.S  */
   83.47  int first_break = 0;
   83.48  
   83.49 @@ -503,7 +504,7 @@ ia64_handle_break(unsigned long ifa, str
   83.50  
   83.51  	/* FIXME: don't hardcode constant */
   83.52  	if ((iim == 0x80001 || iim == 0x80002)
   83.53 -	    && ia64_get_cpl(regs->cr_ipsr) == 2) {
   83.54 +	    && ia64_get_cpl(regs->cr_ipsr) == CONFIG_CPL0_EMUL) {
   83.55  		do_ssc(vcpu_get_gr(current, 36), regs);
   83.56  	}
   83.57  #ifdef CRASH_DEBUG
   83.58 @@ -513,7 +514,8 @@ ia64_handle_break(unsigned long ifa, str
   83.59  		debugger_trap_fatal(0 /* don't care */ , regs);
   83.60  	}
   83.61  #endif
   83.62 -	else if (iim == d->arch.breakimm && ia64_get_cpl(regs->cr_ipsr) == 2) {
   83.63 +	else if (iim == d->arch.breakimm &&
   83.64 +	         ia64_get_cpl(regs->cr_ipsr) == CONFIG_CPL0_EMUL) {
   83.65  		/* by default, do not continue */
   83.66  		v->arch.hypercall_continuation = 0;
   83.67  
   83.68 @@ -523,7 +525,7 @@ ia64_handle_break(unsigned long ifa, str
   83.69  		} else
   83.70  			reflect_interruption(isr, regs, vector);
   83.71  	} else if ((iim - HYPERPRIVOP_START) < HYPERPRIVOP_MAX
   83.72 -		   && ia64_get_cpl(regs->cr_ipsr) == 2) {
   83.73 +		   && ia64_get_cpl(regs->cr_ipsr) == CONFIG_CPL0_EMUL) {
   83.74  		if (ia64_hyperprivop(iim, regs))
   83.75  			vcpu_increment_iip(current);
   83.76  	} else {
   83.77 @@ -544,6 +546,14 @@ ia64_handle_privop(unsigned long ifa, st
   83.78  	if (vector != IA64_NO_FAULT && vector != IA64_RFI_IN_PROGRESS) {
   83.79  		// Note: if a path results in a vector to reflect that requires
   83.80  		// iha/itir (e.g. vcpu_force_data_miss), they must be set there
   83.81 +		/*
   83.82 +		 * IA64_GENEX_VECTOR may contain in the lowest byte an ISR.code
   83.83 +		 * see IA64_ILLOP_FAULT, ...
   83.84 +		 */
   83.85 +		if ((vector & ~0xffUL) == IA64_GENEX_VECTOR) {
   83.86 +			isr = vector & 0xffUL;
   83.87 +			vector = IA64_GENEX_VECTOR;
   83.88 +		}
   83.89  		reflect_interruption(isr, regs, vector);
   83.90  	}
   83.91  }
   83.92 @@ -639,6 +649,11 @@ ia64_handle_reflection(unsigned long ifa
   83.93  		PSCB(current, iim) = iim;
   83.94  		vector = IA64_SPECULATION_VECTOR;
   83.95  		break;
   83.96 +	case 29:
   83.97 +		vector = IA64_DEBUG_VECTOR;
   83.98 +		if (debugger_trap_entry(vector,regs))
   83.99 +			return;
  83.100 +		break;
  83.101  	case 30:
  83.102  		// FIXME: Should we handle unaligned refs in Xen??
  83.103  		vector = IA64_UNALIGNED_REF_VECTOR;
  83.104 @@ -673,19 +688,19 @@ ia64_handle_reflection(unsigned long ifa
  83.105  		vector = IA64_LOWERPRIV_TRANSFER_TRAP_VECTOR;
  83.106  		break;
  83.107  	case 35:
  83.108 -		printk("ia64_handle_reflection: handling taken branch trap\n");
  83.109  		vector = IA64_TAKEN_BRANCH_TRAP_VECTOR;
  83.110 +		if (debugger_trap_entry(vector,regs))
  83.111 +			return;
  83.112  		break;
  83.113  	case 36:
  83.114 -		printk("ia64_handle_reflection: handling single step trap\n");
  83.115  		vector = IA64_SINGLE_STEP_TRAP_VECTOR;
  83.116 +		if (debugger_trap_entry(vector,regs))
  83.117 +			return;
  83.118  		break;
  83.119  
  83.120  	default:
  83.121 -		printk("ia64_handle_reflection: unhandled vector=0x%lx\n",
  83.122 -		       vector);
  83.123 -		while (vector)
  83.124 -			/* spin */;
  83.125 +		panic_domain(regs, "ia64_handle_reflection: "
  83.126 +			     "unhandled vector=0x%lx\n", vector);
  83.127  		return;
  83.128  	}
  83.129  	if (check_lazy_cover && (isr & IA64_ISR_IR) &&
    84.1 --- a/xen/arch/ia64/xen/fw_emul.c	Mon Jul 16 14:20:16 2007 -0500
    84.2 +++ b/xen/arch/ia64/xen/fw_emul.c	Tue Jul 17 10:20:21 2007 +0100
    84.3 @@ -23,6 +23,7 @@
    84.4  #include <asm/pal.h>
    84.5  #include <asm/sal.h>
    84.6  #include <asm/sn/sn_sal.h>
    84.7 +#include <asm/sn/hubdev.h>
    84.8  #include <asm/xenmca.h>
    84.9  
   84.10  #include <public/sched.h>
   84.11 @@ -38,8 +39,6 @@
   84.12  
   84.13  static DEFINE_SPINLOCK(efi_time_services_lock);
   84.14  
   84.15 -extern unsigned long running_on_sim;
   84.16 -
   84.17  struct sal_mc_params {
   84.18  	u64 param_type;
   84.19  	u64 i_or_m;
   84.20 @@ -141,7 +140,7 @@ sal_emulator (long index, unsigned long 
   84.21  	status = 0;
   84.22  	switch (index) {
   84.23  	    case SAL_FREQ_BASE:
   84.24 -		if (!running_on_sim)
   84.25 +		if (likely(!running_on_sim))
   84.26  			status = ia64_sal_freq_base(in1,&r9,&r10);
   84.27  		else switch (in1) {
   84.28  		      case SAL_FREQ_BASE_PLATFORM:
   84.29 @@ -380,7 +379,7 @@ sal_emulator (long index, unsigned long 
   84.30  	    case SN_SAL_GET_MASTER_NASID:
   84.31  		status = -1;
   84.32  		if (current->domain == dom0) {
   84.33 -			printk("*** Emulating SN_SAL_GET_MASTER_NASID ***\n");
   84.34 +			/* printk("*** Emulating SN_SAL_GET_MASTER_NASID ***\n"); */
   84.35  			SAL_CALL_NOLOCK(ret_stuff, SN_SAL_GET_MASTER_NASID,
   84.36  					0, 0, 0, 0, 0, 0, 0);
   84.37  			status = ret_stuff.status;
   84.38 @@ -392,7 +391,7 @@ sal_emulator (long index, unsigned long 
   84.39  	    case SN_SAL_GET_KLCONFIG_ADDR:
   84.40  		status = -1;
   84.41  		if (current->domain == dom0) {
   84.42 -			printk("*** Emulating SN_SAL_GET_KLCONFIG_ADDR ***\n");
   84.43 +			/* printk("*** Emulating SN_SAL_GET_KLCONFIG_ADDR ***\n"); */
   84.44  			SAL_CALL_NOLOCK(ret_stuff, SN_SAL_GET_KLCONFIG_ADDR,
   84.45  					in1, 0, 0, 0, 0, 0, 0);
   84.46  			status = ret_stuff.status;
   84.47 @@ -404,9 +403,9 @@ sal_emulator (long index, unsigned long 
   84.48  	    case SN_SAL_GET_SAPIC_INFO:
   84.49  		status = -1;
   84.50  		if (current->domain == dom0) {
   84.51 -			printk("*** Emulating SN_SAL_GET_SAPIC_INFO ***\n");
   84.52 -			SAL_CALL_NOLOCK(ret_stuff, SN_SAL_GET_SAPIC_INFO, in1,
   84.53 -					0, 0, 0, 0, 0, 0);
   84.54 +			/* printk("*** Emulating SN_SAL_GET_SAPIC_INFO ***\n"); */
   84.55 +			SAL_CALL_NOLOCK(ret_stuff, SN_SAL_GET_SAPIC_INFO,
   84.56 +					in1, 0, 0, 0, 0, 0, 0);
   84.57  			status = ret_stuff.status;
   84.58  			r9 = ret_stuff.v0;
   84.59  			r10 = ret_stuff.v1;
   84.60 @@ -416,9 +415,9 @@ sal_emulator (long index, unsigned long 
   84.61  	    case SN_SAL_GET_SN_INFO:
   84.62  		status = -1;
   84.63  		if (current->domain == dom0) {
   84.64 -			printk("*** Emulating SN_SAL_GET_SN_INFO ***\n");
   84.65 -			SAL_CALL_NOLOCK(ret_stuff, SN_SAL_GET_SN_INFO, in1,
   84.66 -					0, 0, 0, 0, 0, 0);
   84.67 +			/* printk("*** Emulating SN_SAL_GET_SN_INFO ***\n"); */
   84.68 +			SAL_CALL_NOLOCK(ret_stuff, SN_SAL_GET_SN_INFO,
   84.69 +					in1, 0, 0, 0, 0, 0, 0);
   84.70  			status = ret_stuff.status;
   84.71  			r9 = ret_stuff.v0;
   84.72  			r10 = ret_stuff.v1;
   84.73 @@ -428,7 +427,7 @@ sal_emulator (long index, unsigned long 
   84.74  	    case SN_SAL_IOIF_GET_HUBDEV_INFO:
   84.75  		status = -1;
   84.76  		if (current->domain == dom0) {
   84.77 -			printk("*** Emulating SN_SAL_IOIF_GET_HUBDEV_INFO ***\n");
   84.78 +			/* printk("*** Emulating SN_SAL_IOIF_GET_HUBDEV_INFO ***\n"); */
   84.79  			SAL_CALL_NOLOCK(ret_stuff, SN_SAL_IOIF_GET_HUBDEV_INFO,
   84.80  					in1, in2, 0, 0, 0, 0, 0);
   84.81  			status = ret_stuff.status;
   84.82 @@ -437,6 +436,121 @@ sal_emulator (long index, unsigned long 
   84.83  			r11 = ret_stuff.v2;
   84.84  		}
   84.85  		break;
   84.86 +	    case SN_SAL_IOIF_INIT:
   84.87 +		status = -1;
   84.88 +		if (current->domain == dom0) {
   84.89 +			/* printk("*** Emulating SN_SAL_IOIF_INIT ***\n"); */
   84.90 +			SAL_CALL_NOLOCK(ret_stuff, SN_SAL_IOIF_INIT,
   84.91 +					0, 0, 0, 0, 0, 0, 0);
   84.92 +			status = ret_stuff.status;
   84.93 +			r9 = ret_stuff.v0;
   84.94 +			r10 = ret_stuff.v1;
   84.95 +			r11 = ret_stuff.v2;
   84.96 +		}
   84.97 +		break;
   84.98 +	    case SN_SAL_GET_PROM_FEATURE_SET:
   84.99 +		status = -1;
  84.100 +		if (current->domain == dom0) {
  84.101 +			/* printk("*** Emulating SN_SAL_GET_PROM_FEATURE_SET ***\n"); */
  84.102 +			SAL_CALL_NOLOCK(ret_stuff, SN_SAL_GET_PROM_FEATURE_SET,
  84.103 +					in1, 0, 0, 0, 0, 0, 0);
  84.104 +			status = ret_stuff.status;
  84.105 +			r9 = ret_stuff.v0;
  84.106 +			r10 = ret_stuff.v1;
  84.107 +			r11 = ret_stuff.v2;
  84.108 +		}
  84.109 +		break;
  84.110 +	    case SN_SAL_SET_OS_FEATURE_SET:
  84.111 +		status = -1;
  84.112 +		if (current->domain == dom0) {
  84.113 +			/* printk("*** Emulating SN_SAL_SET_OS_FEATURE_SET ***\n"); */
  84.114 +			SAL_CALL_NOLOCK(ret_stuff, SN_SAL_SET_OS_FEATURE_SET,
  84.115 +					in1, 0, 0, 0, 0, 0, 0);
  84.116 +			status = ret_stuff.status;
  84.117 +			r9 = ret_stuff.v0;
  84.118 +			r10 = ret_stuff.v1;
  84.119 +			r11 = ret_stuff.v2;
  84.120 +		}
  84.121 +		break;
  84.122 +	    case SN_SAL_SET_ERROR_HANDLING_FEATURES:
  84.123 +		status = -1;
  84.124 +		if (current->domain == dom0) {
  84.125 +			/* printk("*** Emulating SN_SAL_SET_ERROR_HANDLING_FEATURES ***\n"); */
  84.126 +			SAL_CALL_NOLOCK(ret_stuff,
  84.127 +					SN_SAL_SET_ERROR_HANDLING_FEATURES,
  84.128 +					in1, 0, 0, 0, 0, 0, 0);
  84.129 +			status = ret_stuff.status;
  84.130 +			r9 = ret_stuff.v0;
  84.131 +			r10 = ret_stuff.v1;
  84.132 +			r11 = ret_stuff.v2;
  84.133 +		}
  84.134 +		break;
  84.135 +#if 0
  84.136 +/*
  84.137 + * Somehow ACPI breaks if allowing this one
  84.138 + */
  84.139 +	    case SN_SAL_SET_CPU_NUMBER:
  84.140 +		status = -1;
  84.141 +		if (current->domain == dom0) {
  84.142 +			printk("*** Emulating SN_SAL_SET_CPU_NUMBER ***\n");
  84.143 +			SAL_CALL_NOLOCK(ret_stuff, SN_SAL_SET_CPU_NUMBER,
  84.144 +					in1, 0, 0, 0, 0, 0, 0);
  84.145 +			status = ret_stuff.status;
  84.146 +			r9 = ret_stuff.v0;
  84.147 +			r10 = ret_stuff.v1;
  84.148 +			r11 = ret_stuff.v2;
  84.149 +		}
  84.150 +		break;
  84.151 +#endif
  84.152 +	    case SN_SAL_LOG_CE:
  84.153 +		status = -1;
  84.154 +		if (current->domain == dom0) {
  84.155 +			static int log_ce = 0;
  84.156 +			if (!log_ce) {
  84.157 +				printk("*** Emulating SN_SAL_LOG_CE *** "
  84.158 +				       " this will only be printed once\n");
  84.159 +				log_ce = 1;
  84.160 +			}
  84.161 +			SAL_CALL_NOLOCK(ret_stuff, SN_SAL_LOG_CE,
  84.162 +					0, 0, 0, 0, 0, 0, 0);
  84.163 +			status = ret_stuff.status;
  84.164 +			r9 = ret_stuff.v0;
  84.165 +			r10 = ret_stuff.v1;
  84.166 +			r11 = ret_stuff.v2;
  84.167 +		}
  84.168 +		break;
  84.169 +	    case SN_SAL_IOIF_GET_DEVICE_DMAFLUSH_LIST:
  84.170 +		status = -1;
  84.171 +		if (current->domain == dom0) {
  84.172 +			struct sn_flush_device_common flush;
  84.173 +			int flush_size;
  84.174 +
  84.175 +			flush_size = sizeof(struct sn_flush_device_common);
  84.176 +			memset(&flush, 0, flush_size);
  84.177 +			SAL_CALL_NOLOCK(ret_stuff,
  84.178 +					SN_SAL_IOIF_GET_DEVICE_DMAFLUSH_LIST,
  84.179 +					in1, in2, in3, &flush, 0, 0, 0);
  84.180 +#if 0
  84.181 +			printk("*** Emulating "
  84.182 +			       "SN_SAL_IOIF_GET_DEVICE_DMAFLUSH_LIST ***\n");
  84.183 +#endif
  84.184 +			if (ret_stuff.status == SALRET_OK) {
  84.185 +				XEN_GUEST_HANDLE(void) handle =
  84.186 +					*(XEN_GUEST_HANDLE(void)*)&in4;
  84.187 +				if (copy_to_guest(handle, &flush, 1)) {
  84.188 +					printk("SN_SAL_IOIF_GET_DEVICE_"
  84.189 +					       "DMAFLUSH_LIST can't copy "
  84.190 +					       "to user!\n");
  84.191 +					ret_stuff.status = SALRET_ERROR;
  84.192 +				}
  84.193 +			}
  84.194 +
  84.195 +			status = ret_stuff.status;
  84.196 +			r9 = ret_stuff.v0;
  84.197 +			r10 = ret_stuff.v1;
  84.198 +			r11 = ret_stuff.v2;
  84.199 +		}
  84.200 +		break;
  84.201  	    default:
  84.202  		printk("*** CALLED SAL_ WITH UNKNOWN INDEX (%lx).  "
  84.203  		       "IGNORED...\n", index);
  84.204 @@ -478,7 +592,7 @@ xen_pal_emulator(unsigned long index, u6
  84.205  	unsigned long flags;
  84.206  	int processor;
  84.207  
  84.208 -	if (running_on_sim)
  84.209 +	if (unlikely(running_on_sim))
  84.210  		return pal_emulator_static(index);
  84.211  
  84.212  	// pal code must be mapped by a TR when pal is called, however
  84.213 @@ -1259,7 +1373,10 @@ do_ssc(unsigned long ssc, struct pt_regs
  84.214  		break;
  84.215  	    case SSC_OPEN:
  84.216  		arg1 = vcpu_get_gr(current,33);	// access rights
  84.217 -if (!running_on_sim) { printk("SSC_OPEN, not implemented on hardware.  (ignoring...)\n"); arg0 = 0; }
  84.218 +		if (!running_on_sim) { 
  84.219 +		    printk("SSC_OPEN, not implemented on hardware.  (ignoring...)\n"); 
  84.220 +		    arg0 = 0; 
  84.221 +		}
  84.222  		if (arg0) {	// metaphysical address
  84.223  			arg0 = translate_domain_mpaddr(arg0, NULL);
  84.224  			retval = ia64_ssc(arg0,arg1,0,0,ssc);
  84.225 @@ -1320,7 +1437,10 @@ if (!running_on_sim) { printk("SSC_OPEN,
  84.226  		arg1 = vcpu_get_gr(current,33);
  84.227  		arg2 = vcpu_get_gr(current,34);
  84.228  		arg3 = vcpu_get_gr(current,35);
  84.229 -		if (!running_on_sim) { printk("SSC_CONNECT_INTERRUPT, not implemented on hardware.  (ignoring...)\n"); break; }
  84.230 +		if (!running_on_sim) { 
  84.231 +		    printk("SSC_CONNECT_INTERRUPT, not implemented on hardware.  (ignoring...)\n"); 
  84.232 +		    break; 
  84.233 +		}
  84.234  		(void)ia64_ssc(arg0,arg1,arg2,arg3,ssc);
  84.235  		break;
  84.236  	    case SSC_NETDEV_PROBE:
    85.1 --- a/xen/arch/ia64/xen/hypercall.c	Mon Jul 16 14:20:16 2007 -0500
    85.2 +++ b/xen/arch/ia64/xen/hypercall.c	Tue Jul 17 10:20:21 2007 +0100
    85.3 @@ -224,6 +224,16 @@ ia64_hypercall(struct pt_regs *regs)
    85.4  		regs->r10 = fpswa_ret.err1;
    85.5  		regs->r11 = fpswa_ret.err2;
    85.6  		break;
    85.7 +	case __HYPERVISOR_opt_feature: {
    85.8 +		XEN_GUEST_HANDLE(void) arg;
    85.9 +		struct xen_ia64_opt_feature optf;
   85.10 +		set_xen_guest_handle(arg, (void*)(vcpu_get_gr(v, 32)));
   85.11 +		if (copy_from_guest(&optf, arg, 1) == 0)
   85.12 +			regs->r8 = domain_opt_feature(&optf);
   85.13 +		else
   85.14 +			regs->r8 = -EFAULT;
   85.15 +		break;
   85.16 +	}
   85.17  	default:
   85.18  		printk("unknown ia64 fw hypercall %lx\n", regs->r2);
   85.19  		regs->r8 = do_ni_hypercall();
    86.1 --- a/xen/arch/ia64/xen/hyperprivop.S	Mon Jul 16 14:20:16 2007 -0500
    86.2 +++ b/xen/arch/ia64/xen/hyperprivop.S	Tue Jul 17 10:20:21 2007 +0100
    86.3 @@ -18,9 +18,8 @@
    86.4  
    86.5  
    86.6  #define	_PAGE_PPN_MASK	0x0003fffffffff000 //asm/pgtable.h doesn't do assembly
    86.7 -#define PAGE_PHYS	0x0010000000000761 //__pgprot(__DIRTY_BITS|
    86.8 -					   //         _PAGE_PL_2|_PAGE_AR_RWX)
    86.9 -#define _PAGE_PL_2	(2<<7)
   86.10 +#define PAGE_PHYS	(0x0010000000000661 | _PAGE_PL_PRIV)
   86.11 +			//__pgprot(__DIRTY_BITS|_PAGE_PL_PRIV|_PAGE_AR_RWX)
   86.12  
   86.13  #if 1	 // change to 0 to turn off all fast paths
   86.14  # define FAST_HYPERPRIVOPS
   86.15 @@ -62,7 +61,7 @@
   86.16  #define IA64_PSR_CPL0	(__IA64_UL(1) << IA64_PSR_CPL0_BIT)
   86.17  // note IA64_PSR_PK removed from following, why is this necessary?
   86.18  #define	DELIVER_PSR_SET	(IA64_PSR_IC | IA64_PSR_I | \
   86.19 -			IA64_PSR_DT | IA64_PSR_RT | IA64_PSR_CPL1 | \
   86.20 +			IA64_PSR_DT | IA64_PSR_RT | \
   86.21  			IA64_PSR_IT | IA64_PSR_BN)
   86.22  
   86.23  #define	DELIVER_PSR_CLR	(IA64_PSR_AC | IA64_PSR_DFL | IA64_PSR_DFH | \
   86.24 @@ -249,8 +248,8 @@ ENTRY(hyper_ssm_i)
   86.25  	mov r29=r30 ;;
   86.26  	movl r28=DELIVER_PSR_SET;;
   86.27  	movl r27=~DELIVER_PSR_CLR;;
   86.28 +	and r29=r29,r27;;
   86.29  	or r29=r29,r28;;
   86.30 -	and r29=r29,r27;;
   86.31  	// set hpsr_dfh to ipsr
   86.32  	adds r28=XSI_HPSR_DFH_OFS-XSI_PSR_IC_OFS,r18;;
   86.33  	ld1 r28=[r28];;
   86.34 @@ -258,8 +257,7 @@ ENTRY(hyper_ssm_i)
   86.35  	mov cr.ipsr=r29;;
   86.36  	// set shared_mem ipsr (from ipsr in r30 with ipsr.ri already set)
   86.37  	extr.u r29=r30,IA64_PSR_CPL0_BIT,2;;
   86.38 -	cmp.eq p6,p7=3,r29;;
   86.39 -(p6)	dep r30=-1,r30,IA64_PSR_CPL0_BIT,2
   86.40 +	cmp.eq p7,p0=CONFIG_CPL0_EMUL,r29;;
   86.41  (p7)	dep r30=0,r30,IA64_PSR_CPL0_BIT,2
   86.42  	;;
   86.43  	// FOR SSM_I ONLY, also turn on psr.i and psr.ic
   86.44 @@ -441,20 +439,18 @@ GLOBAL_ENTRY(fast_tick_reflect)
   86.45  	st8 [r21]=r16 ;;
   86.46  	// set cr.ipsr (make sure cpl==2!)
   86.47  	mov r29=r17 ;;
   86.48 -	movl r28=DELIVER_PSR_SET;;
   86.49 -	movl r27=~(DELIVER_PSR_CLR|IA64_PSR_CPL0);;
   86.50 +	movl r28=DELIVER_PSR_SET | (CONFIG_CPL0_EMUL << IA64_PSR_CPL0_BIT);;
   86.51 +	movl r27=~(DELIVER_PSR_CLR|IA64_PSR_CPL0|IA64_PSR_CPL1);;
   86.52 +	and r29=r29,r27;;
   86.53  	or r29=r29,r28;;
   86.54 -	and r29=r29,r27;;
   86.55  	mov cr.ipsr=r29;;
   86.56  	// set shared_mem ipsr (from ipsr in r17 with ipsr.ri already set)
   86.57  	extr.u r29=r17,IA64_PSR_CPL0_BIT,2;;
   86.58 -	cmp.eq p6,p7=3,r29;;
   86.59 -(p6)	dep r17=-1,r17,IA64_PSR_CPL0_BIT,2
   86.60 +	cmp.eq p7,p0=CONFIG_CPL0_EMUL,r29;;
   86.61  (p7)	dep r17=0,r17,IA64_PSR_CPL0_BIT,2
   86.62  	;;
   86.63  	movl r28=(IA64_PSR_DT|IA64_PSR_IT|IA64_PSR_RT);;
   86.64  	movl r27=~(IA64_PSR_BE|IA64_PSR_PP|IA64_PSR_BN|IA64_PSR_I|IA64_PSR_IC);;
   86.65 -	dep r21=-1,r21,IA64_PSR_CPL1_BIT,1 ;;
   86.66  	or r17=r17,r28;;
   86.67  	and r17=r17,r27;;
   86.68  	ld4 r16=[r18];;
   86.69 @@ -620,10 +616,10 @@ ENTRY(fast_reflect)
   86.70  	movl r21=THIS_CPU(current_psr_i_addr)
   86.71  	mov r29=r30 ;;
   86.72  	ld8 r21=[r21]
   86.73 -	movl r28=DELIVER_PSR_SET;;
   86.74 -	movl r27=~(DELIVER_PSR_CLR|IA64_PSR_CPL0);;
   86.75 +	movl r28=DELIVER_PSR_SET | (CONFIG_CPL0_EMUL << IA64_PSR_CPL0_BIT);;
   86.76 +	movl r27=~(DELIVER_PSR_CLR|IA64_PSR_CPL0|IA64_PSR_CPL1);;
   86.77 +	and r29=r29,r27;;
   86.78  	or r29=r29,r28;;
   86.79 -	and r29=r29,r27;;
   86.80  	// set hpsr_dfh to ipsr
   86.81  	adds r28=XSI_HPSR_DFH_OFS-XSI_PSR_IC_OFS,r18;;
   86.82  	ld1 r28=[r28];;
   86.83 @@ -631,8 +627,7 @@ ENTRY(fast_reflect)
   86.84  	mov cr.ipsr=r29;;
   86.85  	// set shared_mem ipsr (from ipsr in r30 with ipsr.ri already set)
   86.86  	extr.u r29=r30,IA64_PSR_CPL0_BIT,2;;
   86.87 -	cmp.eq p6,p7=3,r29;;
   86.88 -(p6)	dep r30=-1,r30,IA64_PSR_CPL0_BIT,2
   86.89 +	cmp.eq p7,p0=CONFIG_CPL0_EMUL,r29;;
   86.90  (p7)	dep r30=0,r30,IA64_PSR_CPL0_BIT,2
   86.91  	;;
   86.92  	movl r28=(IA64_PSR_DT|IA64_PSR_IT|IA64_PSR_RT);;
   86.93 @@ -1112,14 +1107,17 @@ 1:	// OK now, let's do an rfi.
   86.94  
   86.95  just_do_rfi:
   86.96  	// r18=&vpsr.i|vpsr.ic, r21==vpsr, r22=vcr.iip
   86.97 -	mov cr.iip=r22;;
   86.98 +	mov cr.iip=r22
   86.99 +	extr.u r19=r21,IA64_PSR_CPL0_BIT,2
  86.100  	adds r20=XSI_IFS_OFS-XSI_PSR_IC_OFS,r18 ;;
  86.101 +	cmp.gtu p7,p0=CONFIG_CPL0_EMUL,r19
  86.102  	ld8 r20=[r20];;
  86.103 +(p7)	mov r19=CONFIG_CPL0_EMUL
  86.104  	dep r20=0,r20,38,25;; // ensure ifs has no reserved bits set
  86.105  	mov cr.ifs=r20 ;;
  86.106 -	// ipsr.cpl == (vcr.ipsr.cpl == 0) 2 : 3;
  86.107 +	// ipsr.cpl = max(vcr.ipsr.cpl, IA64_PSR_CPL0_BIT);
  86.108  	movl r20=THIS_CPU(current_psr_i_addr)
  86.109 -	dep r21=-1,r21,IA64_PSR_CPL1_BIT,1 ;;
  86.110 +	dep r21=r19,r21,IA64_PSR_CPL0_BIT,2;;
  86.111  	// vpsr.i = vcr.ipsr.i; vpsr.ic = vcr.ipsr.ic
  86.112  	ld8 r20=[r20]
  86.113  	mov r19=1 
  86.114 @@ -1287,12 +1285,12 @@ ENTRY(rfi_with_interrupt)
  86.115  	movl r22=THIS_CPU(current_psr_i_addr)
  86.116  	// set cr.ipsr (make sure cpl==2!)
  86.117  	mov r29=r17
  86.118 -	movl r28=DELIVER_PSR_SET;;
  86.119 +	movl r27=~(DELIVER_PSR_CLR|IA64_PSR_CPL0|IA64_PSR_CPL1)
  86.120 +	movl r28=DELIVER_PSR_SET | (CONFIG_CPL0_EMUL << IA64_PSR_CPL0_BIT);;
  86.121  	mov r20=1;;
  86.122  	ld8 r22=[r22]
  86.123 -	movl r27=~(DELIVER_PSR_CLR|IA64_PSR_CPL0)
  86.124 +	and r29=r29,r27;;
  86.125  	or r29=r29,r28;;
  86.126 -	and r29=r29,r27;;
  86.127  	mov cr.ipsr=r29;;
  86.128  	// v.ipsr and v.iip are already set (and v.iip validated) as rfi target
  86.129  	// set shared_mem interrupt_delivery_enabled to 0
  86.130 @@ -1935,7 +1933,7 @@ ENTRY(fast_insert)
  86.131  	or r20=r20,r21 ;;	// r20==return value from lookup_domain_mpa
  86.132  	// r16=pteval,r20=pteval2
  86.133  	movl r19=_PAGE_PPN_MASK
  86.134 -	movl r21=_PAGE_PL_2;;
  86.135 +	movl r21=_PAGE_PL_PRIV;;
  86.136  	andcm r25=r16,r19;;	// r25==pteval & ~_PAGE_PPN_MASK
  86.137  	and r22=r20,r19;;
  86.138  	or r22=r22,r21;;
    87.1 --- a/xen/arch/ia64/xen/ivt.S	Mon Jul 16 14:20:16 2007 -0500
    87.2 +++ b/xen/arch/ia64/xen/ivt.S	Tue Jul 17 10:20:21 2007 +0100
    87.3 @@ -154,14 +154,17 @@ late_alt_itlb_miss:
    87.4  	movl r17=PAGE_KERNEL
    87.5  	movl r19=(((1 << IA64_MAX_PHYS_BITS) - 1) & ~0xfff)
    87.6  	;;
    87.7 +	mov r20=cr.itir
    87.8  	extr.u r23=r21,IA64_PSR_CPL0_BIT,2	// extract psr.cpl
    87.9  	and r19=r19,r16		// clear ed, reserved bits, and PTE ctrl bits
   87.10  	extr.u r18=r16,XEN_VIRT_UC_BIT,1	// extract UC bit
   87.11  	;;
   87.12  	cmp.ne p8,p0=r0,r23	// psr.cpl != 0?
   87.13  	or r19=r17,r19		// insert PTE control bits into r19
   87.14 +	dep r20=0,r20,IA64_ITIR_KEY,IA64_ITIR_KEY_LEN	// clear the key 
   87.15  	;;
   87.16  	dep r19=r18,r19,4,1	// set bit 4 (uncached) if access to UC area.
   87.17 +	mov cr.itir=r20		// set itir with cleared key
   87.18  (p8)	br.cond.spnt page_fault
   87.19  	;;
   87.20  	itc.i r19		// insert the TLB entry
   87.21 @@ -195,6 +198,7 @@ late_alt_dtlb_miss:
   87.22  (p9)	cmp.eq.or.andcm p6,p7=IA64_ISR_CODE_LFETCH,r22	// check isr.code field
   87.23  (p8)	br.cond.spnt page_fault
   87.24  	;;
   87.25 +	mov r20=cr.itir
   87.26  #ifdef CONFIG_VIRTUAL_FRAME_TABLE
   87.27  	shr r22=r16,56	 	// Test for the address of virtual frame_table
   87.28  	;;
   87.29 @@ -204,11 +208,13 @@ late_alt_dtlb_miss:
   87.30  	// If it is not a Xen address, handle it via page_fault.
   87.31  	extr.u r22=r16,59,5
   87.32  	;;
   87.33 +	dep r20=0,r20,IA64_ITIR_KEY,IA64_ITIR_KEY_LEN	// clear the key
   87.34  	cmp.ne p8,p0=0x1e,r22
   87.35  (p8)	br.cond.sptk page_fault
   87.36  	;;
   87.37  	dep r21=-1,r21,IA64_PSR_ED_BIT,1
   87.38  	or r19=r19,r17		// insert PTE control bits into r19
   87.39 +	mov cr.itir=r20		// set itir with cleared key
   87.40  	;;
   87.41  	dep r19=r18,r19,4,1	// set bit 4 (uncached) if access to UC area
   87.42  (p6)	mov cr.ipsr=r21
   87.43 @@ -242,7 +248,7 @@ GLOBAL_ENTRY(frametable_miss)
   87.44  	shladd r24=r19,3,r24	// r24=&pte[pte_offset(addr)]
   87.45  	;;
   87.46  (p7)	ld8 r24=[r24]		// r24=pte[pte_offset(addr)]
   87.47 -	mov r25=0x700|(PAGE_SHIFT<<2) // key=7
   87.48 +	mov r25=(PAGE_SHIFT<<IA64_ITIR_PS)
   87.49  (p6)	br.spnt.few frametable_fault
   87.50  	;;
   87.51  	mov cr.itir=r25
   87.52 @@ -371,16 +377,6 @@ ENTRY(dkey_miss)
   87.53  	FAULT_OR_REFLECT(7)
   87.54  END(dkey_miss)
   87.55  
   87.56 -	
   87.57 -#define SAVE_MIN_COVER_DONE	DO_SAVE_MIN(,mov r30=cr.ifs,)
   87.58 -
   87.59 -// same as dispatch_break_fault except cover has already been done
   87.60 -GLOBAL_ENTRY(dispatch_slow_hyperprivop)
   87.61 -	SAVE_MIN_COVER_DONE
   87.62 -	;;
   87.63 -	br.sptk.many dispatch_break_fault_post_save
   87.64 -END(dispatch_slow_hyperprivop)
   87.65 -
   87.66  	.org ia64_ivt+0x2000
   87.67  //////////////////////////////////////////////////////////////////////////
   87.68  // 0x2000 Entry 8 (size 64 bundles) Dirty-bit (54)
   87.69 @@ -510,7 +506,8 @@ ENTRY(break_fault)
   87.70  (p7)	br.spnt.many dispatch_privop_fault
   87.71  	;;
   87.72  #endif
   87.73 -	// if (ipsr.cpl == 2 && (iim - HYPERPRIVOP_START) < HYPERPRIVOP_MAX)
   87.74 +	// if (ipsr.cpl == CONFIG_CPL0_EMUL &&
   87.75 +	//    (iim - HYPERPRIVOP_START) < HYPERPRIVOP_MAX)
   87.76  	// this is a hyperprivop. A hyperprivop is hand-coded assembly with
   87.77  	// psr.ic off which means it can make no calls, cannot use r1-r15,
   87.78  	// and it can have no memory accesses unless they are to pinned
   87.79 @@ -524,7 +521,7 @@ ENTRY(break_fault)
   87.80  	;;
   87.81  	cmp.gtu p7,p0=r21,r20
   87.82  	;;
   87.83 -	cmp.eq.and p7,p0=2,r19			// ipsr.cpl==2
   87.84 +	cmp.eq.and p7,p0=CONFIG_CPL0_EMUL,r19	// ipsr.cpl==CONFIG_CPL0_EMUL
   87.85  (p7)	br.sptk.many fast_hyperprivop
   87.86  	;;
   87.87  	movl r22=THIS_CPU(cpu_kr)+IA64_KR_CURRENT_OFFSET
   87.88 @@ -535,7 +532,7 @@ ENTRY(break_fault)
   87.89  	;;
   87.90  	ld4 r23=[r23];;
   87.91  	cmp4.eq p6,p0=r23,r17;;			// Xen-reserved breakimm?
   87.92 -	cmp.eq.and p6,p0=2,r19        
   87.93 +	cmp.eq.and p6,p0=CONFIG_CPL0_EMUL,r19        
   87.94  (p6)	br.spnt.many fast_hypercall
   87.95  	;;
   87.96  	br.sptk.many fast_break_reflect
   87.97 @@ -736,7 +733,6 @@ END(break_fault)
   87.98  ENTRY(interrupt)
   87.99  	DBG_FAULT(12)
  87.100  	mov r31=pr		// prepare to save predicates
  87.101 -	;;
  87.102  	mov r30=cr.ivr		// pass cr.ivr as first arg
  87.103  	// FIXME: this is a hack... use cpuinfo.ksoftirqd because its
  87.104  	// not used anywhere else and we need a place to stash ivr and
  87.105 @@ -744,7 +740,6 @@ ENTRY(interrupt)
  87.106  	movl r29=THIS_CPU(cpu_info)+IA64_CPUINFO_KSOFTIRQD_OFFSET
  87.107  	;;
  87.108  	st8 [r29]=r30
  87.109 -	;;
  87.110  	movl r28=slow_interrupt
  87.111  	;;
  87.112  	mov r29=rp
  87.113 @@ -805,7 +800,6 @@ dispatch_break_fault_post_save:
  87.114  	movl r14=ia64_leave_kernel
  87.115  	;;
  87.116  	mov rp=r14
  87.117 -//	br.sptk.many ia64_prepare_handle_break	// TODO: why commented out?
  87.118      	br.call.sptk.many b6=ia64_handle_break
  87.119  END(dispatch_break_fault)
  87.120  
  87.121 @@ -997,7 +991,6 @@ ENTRY(dispatch_privop_fault)
  87.122  	movl r14=ia64_leave_kernel
  87.123  	;;
  87.124  	mov rp=r14
  87.125 -//	br.sptk.many ia64_prepare_handle_privop  // TODO: why commented out?
  87.126       	br.call.sptk.many b6=ia64_handle_privop
  87.127  END(dispatch_privop_fault)
  87.128  
  87.129 @@ -1094,11 +1087,10 @@ END(iaccess_rights)
  87.130  ENTRY(daccess_rights)
  87.131  	DBG_FAULT(23)
  87.132  	mov r31=pr
  87.133 -	;;
  87.134  	mov r16=cr.isr
  87.135  	mov r17=cr.ifa
  87.136  	mov r19=23
  87.137 -	movl r20=0x5300
  87.138 +	mov r20=0x5300
  87.139  	br.sptk.many fast_access_reflect
  87.140  	;;
  87.141  END(daccess_rights)
  87.142 @@ -1115,9 +1107,6 @@ ENTRY(general_exception)
  87.143  (p6)	br.sptk.many dispatch_privop_fault
  87.144  	;;
  87.145  	FAULT_OR_REFLECT(24)
  87.146 -	;;
  87.147 -	mov r19=24		// fault number
  87.148 -	br.sptk.many dispatch_to_fault_handler
  87.149  END(general_exception)
  87.150  
  87.151  	.org ia64_ivt+0x5500
  87.152 @@ -1125,34 +1114,7 @@ END(general_exception)
  87.153  // 0x5500 Entry 25 (size 16 bundles) Disabled FP-Register (35)
  87.154  ENTRY(disabled_fp_reg)
  87.155  	DBG_FAULT(25)
  87.156 -#if 0				// TODO: can this be removed?
  87.157 -	mov r20=pr
  87.158 -	movl r16=0x2000000000000000
  87.159 -	movl r17=0x2000000000176b60
  87.160 -	mov r18=cr.iip
  87.161 -	mov r19=rr[r16]
  87.162 -	movl r22=0xe95d0439
  87.163 -	;;
  87.164 -	mov pr=r0,-1
  87.165 -	;;
  87.166 -	cmp.eq p6,p7=r22,r19
  87.167 -	;;
  87.168 -	(p6) cmp.eq p8,p9=r17,r18
  87.169 -	(p8) br.sptk.few floating_panic
  87.170 -	;;
  87.171 -	mov pr=r20,-1
  87.172 -	;;
  87.173 -#endif
  87.174  	FAULT_OR_REFLECT(25)
  87.175 -//floating_panic:		// TODO: can this be removed?
  87.176 -//	br.sptk.many floating_panic
  87.177 -	;;
  87.178 -	rsm psr.dfh		// ensure we can access fph
  87.179 -	;;
  87.180 -	srlz.d
  87.181 -	mov r31=pr
  87.182 -	mov r19=25
  87.183 -	br.sptk.many dispatch_to_fault_handler
  87.184  END(disabled_fp_reg)
  87.185  
  87.186  	.org ia64_ivt+0x5600
  87.187 @@ -1183,11 +1145,7 @@ END(speculation_vector)
  87.188  // 0x5900 Entry 29 (size 16 bundles) Debug (16,28,56)
  87.189  ENTRY(debug_vector)
  87.190  	DBG_FAULT(29)
  87.191 -#ifdef XEN
  87.192  	FAULT_OR_REFLECT(29)
  87.193 -#else
  87.194 -	FAULT(29)
  87.195 -#endif
  87.196  END(debug_vector)
  87.197  
  87.198  	.org ia64_ivt+0x5a00
    88.1 --- a/xen/arch/ia64/xen/mm.c	Mon Jul 16 14:20:16 2007 -0500
    88.2 +++ b/xen/arch/ia64/xen/mm.c	Tue Jul 17 10:20:21 2007 +0100
    88.3 @@ -546,7 +546,7 @@ u64 translate_domain_pte(u64 pteval, u64
    88.4  	/* Ignore non-addr bits of pteval2 and force PL0->2
    88.5  	   (PL3 is unaffected) */
    88.6  	return (pteval & ~_PAGE_PPN_MASK) |
    88.7 -	       (pteval2 & _PAGE_PPN_MASK) | _PAGE_PL_2;
    88.8 +	       (pteval2 & _PAGE_PPN_MASK) | _PAGE_PL_PRIV;
    88.9  }
   88.10  
   88.11  // given a current domain metaphysical address, return the physical address
   88.12 @@ -711,7 +711,8 @@ unsigned long lookup_domain_mpa(struct d
   88.13          p2m_entry_set(entry, NULL, __pte(0));
   88.14      //XXX This is a work around until the emulation memory access to a region
   88.15      //    where memory or device are attached is implemented.
   88.16 -    return pte_val(pfn_pte(0, __pgprot(__DIRTY_BITS | _PAGE_PL_2 | _PAGE_AR_RWX)));
   88.17 +    return pte_val(pfn_pte(0, __pgprot(__DIRTY_BITS | _PAGE_PL_PRIV |
   88.18 +                                       _PAGE_AR_RWX)));
   88.19  }
   88.20  
   88.21  // FIXME: ONLY USE FOR DOMAIN PAGE_SIZE == PAGE_SIZE
   88.22 @@ -785,7 +786,7 @@ static struct page_info *
   88.23      set_pte_rel(pte,
   88.24                  pfn_pte(maddr >> PAGE_SHIFT,
   88.25                          __pgprot(_PAGE_PGC_ALLOCATED | __DIRTY_BITS |
   88.26 -                                 _PAGE_PL_2 | _PAGE_AR_RWX)));
   88.27 +                                 _PAGE_PL_PRIV | _PAGE_AR_RWX)));
   88.28  
   88.29      smp_mb();
   88.30      return p;
   88.31 @@ -820,7 +821,7 @@ assign_new_domain0_page(struct domain *d
   88.32  static unsigned long
   88.33  flags_to_prot (unsigned long flags)
   88.34  {
   88.35 -    unsigned long res = _PAGE_PL_2 | __DIRTY_BITS;
   88.36 +    unsigned long res = _PAGE_PL_PRIV | __DIRTY_BITS;
   88.37  
   88.38      res |= flags & ASSIGN_readonly ? _PAGE_AR_R: _PAGE_AR_RWX;
   88.39      res |= flags & ASSIGN_nocache ? _PAGE_MA_UC: _PAGE_MA_WB;
   88.40 @@ -2020,20 +2021,6 @@ static int alloc_page_type(struct page_i
   88.41  	return 1;
   88.42  }
   88.43  
   88.44 -unsigned long __get_free_pages(unsigned int mask, unsigned int order)
   88.45 -{
   88.46 -	void *p = alloc_xenheap_pages(order);
   88.47 -
   88.48 -	memset(p,0,PAGE_SIZE<<order);
   88.49 -	return (unsigned long)p;
   88.50 -}
   88.51 -
   88.52 -void __free_pages(struct page_info *page, unsigned int order)
   88.53 -{
   88.54 -	if (order) BUG();
   88.55 -	free_xenheap_page(page);
   88.56 -}
   88.57 -
   88.58  static int opt_p2m_xenheap;
   88.59  boolean_param("p2m_xenheap", opt_p2m_xenheap);
   88.60  
    89.1 --- a/xen/arch/ia64/xen/oprofile/perfmon.c	Mon Jul 16 14:20:16 2007 -0500
    89.2 +++ b/xen/arch/ia64/xen/oprofile/perfmon.c	Tue Jul 17 10:20:21 2007 +0100
    89.3 @@ -119,19 +119,10 @@ void xenoprof_perfmon_exit(void)
    89.4  ///////////////////////////////////////////////////////////////////////////
    89.5  // glue methods for xenoprof and perfmon.
    89.6  int
    89.7 -xenoprof_arch_init(int *num_events, int *is_primary, char *cpu_type)
    89.8 +xenoprof_arch_init(int *num_events, char *cpu_type)
    89.9  {
   89.10      *num_events = 0;
   89.11      strlcpy(cpu_type, get_cpu_type(), XENOPROF_CPU_TYPE_SIZE);
   89.12 -
   89.13 -    *is_primary = 0;
   89.14 -    if (xenoprof_primary_profiler == NULL) {
   89.15 -        /* For now, only dom0 can be the primary profiler */
   89.16 -        if (current->domain->domain_id == 0) {
   89.17 -            *is_primary = 1;
   89.18 -        }
   89.19 -    } else if (xenoprof_primary_profiler == current->domain)
   89.20 -        *is_primary = 1;
   89.21      return 0;
   89.22  }
   89.23  
    90.1 --- a/xen/arch/ia64/xen/oprofile/xenoprof.c	Mon Jul 16 14:20:16 2007 -0500
    90.2 +++ b/xen/arch/ia64/xen/oprofile/xenoprof.c	Tue Jul 17 10:20:21 2007 +0100
    90.3 @@ -28,20 +28,26 @@
    90.4  int
    90.5  xenoprofile_get_mode(struct vcpu *v, struct cpu_user_regs * const regs)
    90.6  {
    90.7 -    int mode = 0;
    90.8 +    int mode;
    90.9  
   90.10      // mode
   90.11      // 0: user, 1: kernel, 2: xen
   90.12 -    // Xen/IA64 uses ring2 for kernel, and doesn't use ring1.
   90.13 -    if (ring_2(regs))
   90.14 -        mode = 1;
   90.15 -    else if (ring_0(regs))
   90.16 -        mode = 2;
   90.17 -    else if (ring_1(regs)) {
   90.18 -        gdprintk(XENLOG_ERR, "%s:%d ring1 is used!\n", __func__, __LINE__);
   90.19 -        mode = 1;// fall back to kernel mode.
   90.20 +    switch (ring(regs))
   90.21 +    {
   90.22 +        case 3:
   90.23 +                mode = 0;
   90.24 +                break;
   90.25 +        case CONFIG_CPL0_EMUL:
   90.26 +                mode = 1;
   90.27 +                break;
   90.28 +        case 0:
   90.29 +                mode = 2;
   90.30 +                break;
   90.31 +        default:
   90.32 +                gdprintk(XENLOG_ERR, "%s:%d ring%d is used!\n", __func__,
   90.33 +                         __LINE__, 3 - CONFIG_CPL0_EMUL);
   90.34 +                mode = 1; /* fall back to kernel mode. */
   90.35      }
   90.36 -
   90.37      return mode;
   90.38  }
   90.39  
    91.1 --- a/xen/arch/ia64/xen/privop.c	Mon Jul 16 14:20:16 2007 -0500
    91.2 +++ b/xen/arch/ia64/xen/privop.c	Tue Jul 17 10:20:21 2007 +0100
    91.3 @@ -636,7 +636,7 @@ static IA64FAULT priv_handle_op(VCPU * v
    91.4  	}
    91.5  	if (slot_type == B && inst.generic.major == 0 && inst.B8.x6 == 0x0) {
    91.6  		// break instr for privified cover
    91.7 -	} else if (privlvl != 2)
    91.8 +	} else if (privlvl > CONFIG_CPL0_EMUL)
    91.9  		return IA64_ILLOP_FAULT;
   91.10  	switch (slot_type) {
   91.11  	case M:
    92.1 --- a/xen/arch/ia64/xen/vcpu.c	Mon Jul 16 14:20:16 2007 -0500
    92.2 +++ b/xen/arch/ia64/xen/vcpu.c	Tue Jul 17 10:20:21 2007 +0100
    92.3 @@ -158,7 +158,7 @@ void vcpu_init_regs(struct vcpu *v)
    92.4  		regs->cr_ipsr &= ~(IA64_PSR_BITS_TO_CLEAR
    92.5  				   | IA64_PSR_RI | IA64_PSR_IS);
    92.6  		// domain runs at PL2
    92.7 -		regs->cr_ipsr |= 2UL << IA64_PSR_CPL0_BIT;
    92.8 +		regs->cr_ipsr = vcpu_pl_adjust(regs->cr_ipsr,IA64_PSR_CPL0_BIT);
    92.9  		// lazy fp 
   92.10  		PSCB(v, hpsr_dfh) = 1;
   92.11  		PSCB(v, hpsr_mfh) = 0;
   92.12 @@ -174,7 +174,7 @@ void vcpu_init_regs(struct vcpu *v)
   92.13  		VCPU(v, dcr) = 0;
   92.14  	} else {
   92.15  		init_all_rr(v);
   92.16 -		regs->ar_rsc |= (2 << 2);	/* force PL2/3 */
   92.17 +		regs->ar_rsc = vcpu_pl_adjust(regs->ar_rsc, 2);
   92.18  		VCPU(v, banknum) = 1;
   92.19  		VCPU(v, metaphysical_mode) = 1;
   92.20  		VCPU(v, interrupt_mask_addr) =
   92.21 @@ -496,7 +496,7 @@ IA64FAULT vcpu_set_psr(VCPU * vcpu, u64 
   92.22  	PSCB(vcpu, interrupt_collection_enabled) = vpsr.ic;
   92.23  	vcpu_set_metaphysical_mode(vcpu, !(vpsr.dt && vpsr.rt && vpsr.it));
   92.24  
   92.25 -	newpsr.cpl |= vpsr.cpl | 2;
   92.26 +	newpsr.cpl |= max_t(u64, vpsr.cpl, CONFIG_CPL0_EMUL);
   92.27  
   92.28  	if (PSCB(vcpu, banknum)	!= vpsr.bn) {
   92.29  		if (vpsr.bn)
   92.30 @@ -535,10 +535,10 @@ u64 vcpu_get_psr(VCPU * vcpu)
   92.31  	newpsr.ia64_psr.pp = PSCB(vcpu, vpsr_pp);
   92.32  
   92.33  	/* Fool cpl.  */
   92.34 -	if (ipsr.ia64_psr.cpl < 3)
   92.35 +	if (ipsr.ia64_psr.cpl <= CONFIG_CPL0_EMUL)
   92.36  		newpsr.ia64_psr.cpl = 0;
   92.37  	else
   92.38 -		newpsr.ia64_psr.cpl = 3;
   92.39 +		newpsr.ia64_psr.cpl = ipsr.ia64_psr.cpl;
   92.40  
   92.41  	newpsr.ia64_psr.bn = PSCB(vcpu, banknum);
   92.42  	
   92.43 @@ -1646,7 +1646,7 @@ IA64FAULT vcpu_translate(VCPU * vcpu, u6
   92.44  
   92.45  		} else {
   92.46  			*pteval = (address & _PAGE_PPN_MASK) |
   92.47 -				__DIRTY_BITS | _PAGE_PL_2 | _PAGE_AR_RWX;
   92.48 +				__DIRTY_BITS | _PAGE_PL_PRIV | _PAGE_AR_RWX;
   92.49  			*itir = PAGE_SHIFT << 2;
   92.50  			perfc_incr(phys_translate);
   92.51  			return IA64_NO_FAULT;
   92.52 @@ -1709,11 +1709,13 @@ IA64FAULT vcpu_translate(VCPU * vcpu, u6
   92.53  	vcpu_thash(vcpu, address, iha);
   92.54  	if (!(rr & RR_VE_MASK) || !(pta & IA64_PTA_VE)) {
   92.55  		REGS *regs = vcpu_regs(vcpu);
   92.56 -		// NOTE: This is specific code for linux kernel
   92.57 -		// We assume region 7 is identity mapped
   92.58 -		if (region == 7 && ia64_psr(regs)->cpl == 2) {
   92.59 +		struct opt_feature* optf = &(vcpu->domain->arch.opt_feature);
   92.60 +
   92.61 +		/* Optimization for identity mapped region 7 OS (linux) */
   92.62 +		if (optf->mask & XEN_IA64_OPTF_IDENT_MAP_REG7 &&
   92.63 +		    region == 7 && ia64_psr(regs)->cpl == CONFIG_CPL0_EMUL) {
   92.64  			pte.val = address & _PAGE_PPN_MASK;
   92.65 -			pte.val = pte.val | pgprot_val(PAGE_KERNEL);
   92.66 +			pte.val = pte.val | optf->im_reg7.pgprot;
   92.67  			goto out;
   92.68  		}
   92.69  		return is_data ? IA64_ALT_DATA_TLB_VECTOR :
   92.70 @@ -1773,33 +1775,65 @@ IA64FAULT vcpu_tak(VCPU * vcpu, u64 vadr
   92.71  
   92.72  IA64FAULT vcpu_set_dbr(VCPU * vcpu, u64 reg, u64 val)
   92.73  {
   92.74 -	// TODO: unimplemented DBRs return a reserved register fault
   92.75 -	// TODO: Should set Logical CPU state, not just physical
   92.76 -	ia64_set_dbr(reg, val);
   92.77 +	if (reg >= IA64_NUM_DBG_REGS)
   92.78 +		return IA64_RSVDREG_FAULT;
   92.79 +	if ((reg & 1) == 0) {
   92.80 +		/* Validate address. */
   92.81 +		if (val >= HYPERVISOR_VIRT_START && val <= HYPERVISOR_VIRT_END)
   92.82 +			return IA64_ILLOP_FAULT;
   92.83 +	} else {
   92.84 +		if (!VMX_DOMAIN(vcpu)) {
   92.85 +			/* Mask PL0. */
   92.86 +			val &= ~(1UL << 56);
   92.87 +		}
   92.88 +	}
   92.89 +	if (val != 0)
   92.90 +		vcpu->arch.dbg_used |= (1 << reg);
   92.91 +	else
   92.92 +		vcpu->arch.dbg_used &= ~(1 << reg);
   92.93 +	vcpu->arch.dbr[reg] = val;
   92.94 +	if (vcpu == current)
   92.95 +		ia64_set_dbr(reg, val);
   92.96  	return IA64_NO_FAULT;
   92.97  }
   92.98  
   92.99  IA64FAULT vcpu_set_ibr(VCPU * vcpu, u64 reg, u64 val)
  92.100  {
  92.101 -	// TODO: unimplemented IBRs return a reserved register fault
  92.102 -	// TODO: Should set Logical CPU state, not just physical
  92.103 -	ia64_set_ibr(reg, val);
  92.104 +	if (reg >= IA64_NUM_DBG_REGS)
  92.105 +		return IA64_RSVDREG_FAULT;
  92.106 +	if ((reg & 1) == 0) {
  92.107 +		/* Validate address. */
  92.108 +		if (val >= HYPERVISOR_VIRT_START && val <= HYPERVISOR_VIRT_END)
  92.109 +			return IA64_ILLOP_FAULT;
  92.110 +	} else {
  92.111 +		if (!VMX_DOMAIN(vcpu)) {
  92.112 +			/* Mask PL0. */
  92.113 +			val &= ~(1UL << 56);
  92.114 +		}
  92.115 +	}
  92.116 +	if (val != 0)
  92.117 +		vcpu->arch.dbg_used |= (1 << (reg + IA64_NUM_DBG_REGS));
  92.118 +	else
  92.119 +		vcpu->arch.dbg_used &= ~(1 << (reg + IA64_NUM_DBG_REGS));
  92.120 +	vcpu->arch.ibr[reg] = val;
  92.121 +	if (vcpu == current)
  92.122 +		ia64_set_ibr(reg, val);
  92.123  	return IA64_NO_FAULT;
  92.124  }
  92.125  
  92.126  IA64FAULT vcpu_get_dbr(VCPU * vcpu, u64 reg, u64 * pval)
  92.127  {
  92.128 -	// TODO: unimplemented DBRs return a reserved register fault
  92.129 -	u64 val = ia64_get_dbr(reg);
  92.130 -	*pval = val;
  92.131 +	if (reg >= IA64_NUM_DBG_REGS)
  92.132 +		return IA64_RSVDREG_FAULT;
  92.133 +	*pval = vcpu->arch.dbr[reg];
  92.134  	return IA64_NO_FAULT;
  92.135  }
  92.136  
  92.137  IA64FAULT vcpu_get_ibr(VCPU * vcpu, u64 reg, u64 * pval)
  92.138  {
  92.139 -	// TODO: unimplemented IBRs return a reserved register fault
  92.140 -	u64 val = ia64_get_ibr(reg);
  92.141 -	*pval = val;
  92.142 +	if (reg >= IA64_NUM_DBG_REGS)
  92.143 +		return IA64_RSVDREG_FAULT;
  92.144 +	*pval = vcpu->arch.ibr[reg];
  92.145  	return IA64_NO_FAULT;
  92.146  }
  92.147  
  92.148 @@ -2002,8 +2036,8 @@ unsigned long vcpu_get_rr_ve(VCPU * vcpu
  92.149  IA64FAULT vcpu_set_rr(VCPU * vcpu, u64 reg, u64 val)
  92.150  {
  92.151  	PSCB(vcpu, rrs)[reg >> 61] = val;
  92.152 -	// warning: set_one_rr() does it "live"
  92.153 -	set_one_rr(reg, val);
  92.154 +	if (vcpu == current)
  92.155 +		set_one_rr(reg, val);
  92.156  	return IA64_NO_FAULT;
  92.157  }
  92.158  
  92.159 @@ -2062,8 +2096,8 @@ vcpu_set_tr_entry_rid(TR_ENTRY * trp, u6
  92.160  	trp->rid = rid;
  92.161  	ps = trp->ps;
  92.162  	new_pte.val = pte;
  92.163 -	if (new_pte.pl < 2)
  92.164 -		new_pte.pl = 2;
  92.165 +	if (new_pte.pl < CONFIG_CPL0_EMUL)
  92.166 +		new_pte.pl = CONFIG_CPL0_EMUL;
  92.167  	trp->vadr = ifa & ~0xfff;
  92.168  	if (ps > 12) {		// "ignore" relevant low-order bits
  92.169  		new_pte.ppn &= ~((1UL << (ps - 12)) - 1);
    93.1 --- a/xen/arch/ia64/xen/vhpt.c	Mon Jul 16 14:20:16 2007 -0500
    93.2 +++ b/xen/arch/ia64/xen/vhpt.c	Tue Jul 17 10:20:21 2007 +0100
    93.3 @@ -21,8 +21,6 @@
    93.4  #include <asm/vcpumask.h>
    93.5  #include <asm/vmmu.h>
    93.6  
    93.7 -extern long running_on_sim;
    93.8 -
    93.9  DEFINE_PER_CPU (unsigned long, vhpt_paddr);
   93.10  DEFINE_PER_CPU (unsigned long, vhpt_pend);
   93.11  #ifdef CONFIG_XEN_IA64_TLBFLUSH_CLOCK
    94.1 --- a/xen/arch/ia64/xen/xenasm.S	Mon Jul 16 14:20:16 2007 -0500
    94.2 +++ b/xen/arch/ia64/xen/xenasm.S	Tue Jul 17 10:20:21 2007 +0100
    94.3 @@ -11,6 +11,7 @@
    94.4  #include <asm/pgtable.h>
    94.5  #include <asm/vhpt.h>
    94.6  #include <asm/asm-xsi-offsets.h>
    94.7 +#include <asm/vmmu.h>
    94.8  #include <public/xen.h>
    94.9  	
   94.10  // Change rr7 to the passed value while ensuring
   94.11 @@ -148,7 +149,7 @@ 1:
   94.12  
   94.13  	//  Shared info
   94.14  	mov r24=XSI_SHIFT<<2
   94.15 -	movl r25=__pgprot(__DIRTY_BITS | _PAGE_PL_2 | _PAGE_AR_RW)
   94.16 +	movl r25=__pgprot(__DIRTY_BITS | _PAGE_PL_PRIV | _PAGE_AR_RW)
   94.17  	;;
   94.18  	ptr.d	in3,r24
   94.19  	or r23=in1,r25			// construct PA | page properties
    95.1 --- a/xen/arch/ia64/xen/xenmisc.c	Mon Jul 16 14:20:16 2007 -0500
    95.2 +++ b/xen/arch/ia64/xen/xenmisc.c	Tue Jul 17 10:20:21 2007 +0100
    95.3 @@ -35,25 +35,6 @@ void hpsim_setup(char **x)
    95.4  #endif
    95.5  }
    95.6  
    95.7 -// called from mem_init... don't think s/w I/O tlb is needed in Xen
    95.8 -//void swiotlb_init(void) { }  ...looks like it IS needed
    95.9 -
   95.10 -long
   95.11 -is_platform_hp_ski(void)
   95.12 -{
   95.13 -	int i;
   95.14 -	long cpuid[6];
   95.15 -
   95.16 -	for (i = 0; i < 5; ++i)
   95.17 -		cpuid[i] = ia64_get_cpuid(i);
   95.18 -	if ((cpuid[0] & 0xff) != 'H') return 0;
   95.19 -	if ((cpuid[3] & 0xff) != 0x4) return 0;
   95.20 -	if (((cpuid[3] >> 8) & 0xff) != 0x0) return 0;
   95.21 -	if (((cpuid[3] >> 16) & 0xff) != 0x0) return 0;
   95.22 -	if (((cpuid[3] >> 24) & 0x7) != 0x7) return 0;
   95.23 -	return 1;
   95.24 -}
   95.25 -
   95.26  struct pt_regs *guest_cpu_user_regs(void) { return vcpu_regs(current); }
   95.27  
   95.28  ///////////////////////////////
    96.1 --- a/xen/arch/ia64/xen/xenpatch.c	Mon Jul 16 14:20:16 2007 -0500
    96.2 +++ b/xen/arch/ia64/xen/xenpatch.c	Tue Jul 17 10:20:21 2007 +0100
    96.3 @@ -90,25 +90,26 @@ ia64_patch_imm64 (u64 insn_addr, u64 val
    96.4  	ia64_patch(insn_addr + 1, 0x1ffffffffffUL, val >> 22);
    96.5  }
    96.6  
    96.7 -extern char frametable_miss;
    96.8 -extern unsigned long xen_pstart;
    96.9 -
   96.10  /*
   96.11   * Add more patch points in seperate functions as appropriate
   96.12   */
   96.13  
   96.14  static void __init xen_patch_frametable_miss(u64 offset)
   96.15  {
   96.16 +#ifdef CONFIG_VIRTUAL_FRAME_TABLE
   96.17 +	extern char frametable_miss;
   96.18  	u64 addr, val;
   96.19  
   96.20  	addr = (u64)&frametable_miss;
   96.21  	val = get_imm64(addr) + offset;
   96.22  	ia64_patch_imm64(addr, val);
   96.23 +#endif
   96.24  }
   96.25  
   96.26  
   96.27  void __init xen_patch_kernel(void)
   96.28  {
   96.29 +	extern unsigned long xen_pstart;
   96.30  	unsigned long patch_offset;
   96.31  
   96.32  	patch_offset = xen_pstart - (KERNEL_START - PAGE_OFFSET);
    97.1 --- a/xen/arch/ia64/xen/xensetup.c	Mon Jul 16 14:20:16 2007 -0500
    97.2 +++ b/xen/arch/ia64/xen/xensetup.c	Tue Jul 17 10:20:21 2007 +0100
    97.3 @@ -7,7 +7,6 @@
    97.4  #include <xen/config.h>
    97.5  #include <xen/lib.h>
    97.6  #include <xen/errno.h>
    97.7 -//#include <xen/spinlock.h>
    97.8  #include <xen/multiboot.h>
    97.9  #include <xen/sched.h>
   97.10  #include <xen/mm.h>
   97.11 @@ -43,7 +42,6 @@ extern unsigned long domain0_ready;
   97.12  int find_max_pfn (unsigned long, unsigned long, void *);
   97.13  
   97.14  /* FIXME: which header these declarations should be there ? */
   97.15 -extern long is_platform_hp_ski(void);
   97.16  extern void early_setup_arch(char **);
   97.17  extern void late_setup_arch(char **);
   97.18  extern void hpsim_serial_init(void);
   97.19 @@ -84,7 +82,6 @@ boolean_param("xencons_poll", opt_xencon
   97.20   */
   97.21  unsigned int opt_xenheap_megabytes = XENHEAP_DEFAULT_MB;
   97.22  unsigned long xenheap_size = XENHEAP_DEFAULT_SIZE;
   97.23 -extern long running_on_sim;
   97.24  unsigned long xen_pstart;
   97.25  void *xen_pickle_offset __read_mostly;
   97.26  
   97.27 @@ -255,6 +252,31 @@ static void noinline init_done(void)
   97.28      startup_cpu_idle_loop();
   97.29  }
   97.30  
   97.31 +int running_on_sim;
   97.32 +
   97.33 +static int __init
   97.34 +is_platform_hp_ski(void)
   97.35 +{
   97.36 +    int i;
   97.37 +    long cpuid[6];
   97.38 +
   97.39 +    for (i = 0; i < 5; ++i)
   97.40 +        cpuid[i] = ia64_get_cpuid(i);
   97.41 +
   97.42 +    if ((cpuid[0] & 0xff) != 'H')
   97.43 +        return 0;
   97.44 +    if ((cpuid[3] & 0xff) != 0x4)
   97.45 +        return 0;
   97.46 +    if (((cpuid[3] >> 8) & 0xff) != 0x0)
   97.47 +        return 0;
   97.48 +    if (((cpuid[3] >> 16) & 0xff) != 0x0)
   97.49 +        return 0;
   97.50 +    if (((cpuid[3] >> 24) & 0x7) != 0x7)
   97.51 +        return 0;
   97.52 +
   97.53 +    return 1;
   97.54 +}
   97.55 +
   97.56  void __init start_kernel(void)
   97.57  {
   97.58      char *cmdline;
   97.59 @@ -273,10 +295,11 @@ void __init start_kernel(void)
   97.60      /* Be sure the struct shared_info size is <= XSI_SIZE.  */
   97.61      BUILD_BUG_ON(sizeof(struct shared_info) > XSI_SIZE);
   97.62  
   97.63 -    running_on_sim = is_platform_hp_ski();
   97.64      /* Kernel may be relocated by EFI loader */
   97.65      xen_pstart = ia64_tpa(KERNEL_START);
   97.66  
   97.67 +    running_on_sim = is_platform_hp_ski();
   97.68 +
   97.69      early_setup_arch(&cmdline);
   97.70  
   97.71      /* We initialise the serial devices very early so we can get debugging. */
    98.1 --- a/xen/arch/ia64/xen/xentime.c	Mon Jul 16 14:20:16 2007 -0500
    98.2 +++ b/xen/arch/ia64/xen/xentime.c	Tue Jul 17 10:20:21 2007 +0100
    98.3 @@ -126,9 +126,7 @@ xen_timer_interrupt (int irq, void *dev_
    98.4  
    98.5  
    98.6  	new_itm = local_cpu_data->itm_next;
    98.7 -	while (time_after(ia64_get_itc(), new_itm)) {
    98.8 -		new_itm += local_cpu_data->itm_delta;
    98.9 -
   98.10 +	while (1) {
   98.11  		if (smp_processor_id() == TIME_KEEPER_ID) {
   98.12  			/*
   98.13  			 * Here we are in the timer irq handler. We have irqs locally
   98.14 @@ -150,6 +148,10 @@ xen_timer_interrupt (int irq, void *dev_
   98.15  
   98.16  		local_cpu_data->itm_next = new_itm;
   98.17  
   98.18 +		if (time_after(new_itm, ia64_get_itc())) 
   98.19 +			break;
   98.20 +
   98.21 +		new_itm += local_cpu_data->itm_delta;
   98.22  	}
   98.23  
   98.24  	if (!is_idle_domain(current->domain) && !VMX_DOMAIN(current)) {
    99.1 --- a/xen/arch/x86/acpi/Makefile	Mon Jul 16 14:20:16 2007 -0500
    99.2 +++ b/xen/arch/x86/acpi/Makefile	Tue Jul 17 10:20:21 2007 +0100
    99.3 @@ -1,1 +1,2 @@
    99.4  obj-y += boot.o
    99.5 +obj-y += power.o suspend.o wakeup_prot.o
   100.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   100.2 +++ b/xen/arch/x86/acpi/power.c	Tue Jul 17 10:20:21 2007 +0100
   100.3 @@ -0,0 +1,274 @@
   100.4 +/* drivers/acpi/sleep/power.c - PM core functionality for Xen
   100.5 + *
   100.6 + * Copyrights from Linux side:
   100.7 + * Copyright (c) 2000-2003 Patrick Mochel
   100.8 + * Copyright (C) 2001-2003 Pavel Machek <pavel@suse.cz>
   100.9 + * Copyright (c) 2003 Open Source Development Lab
  100.10 + * Copyright (c) 2004 David Shaohua Li <shaohua.li@intel.com>
  100.11 + * Copyright (c) 2005 Alexey Starikovskiy <alexey.y.starikovskiy@intel.com>
  100.12 + *
  100.13 + * Slimmed with Xen specific support.
  100.14 + */
  100.15 +
  100.16 +#include <xen/config.h>
  100.17 +#include <asm/io.h>
  100.18 +#include <asm/acpi.h>
  100.19 +#include <xen/acpi.h>
  100.20 +#include <xen/errno.h>
  100.21 +#include <xen/iocap.h>
  100.22 +#include <xen/sched.h>
  100.23 +#include <asm/acpi.h>
  100.24 +#include <asm/irq.h>
  100.25 +#include <asm/init.h>
  100.26 +#include <xen/spinlock.h>
  100.27 +#include <xen/sched.h>
  100.28 +#include <xen/domain.h>
  100.29 +#include <xen/console.h>
  100.30 +#include <public/platform.h>
  100.31 +
  100.32 +#define pmprintk(_l, _f, _a...) printk(_l "<PM>" _f, ## _a )
  100.33 +
  100.34 +u8 sleep_states[ACPI_S_STATE_COUNT];
  100.35 +DEFINE_SPINLOCK(pm_lock);
  100.36 +
  100.37 +struct acpi_sleep_info {
  100.38 +    uint16_t pm1a_cnt;
  100.39 +    uint16_t pm1b_cnt;
  100.40 +    uint16_t pm1a_evt;
  100.41 +    uint16_t pm1b_evt;
  100.42 +    uint16_t pm1a_cnt_val;
  100.43 +    uint16_t pm1b_cnt_val;
  100.44 +    uint32_t sleep_state;
  100.45 +} acpi_sinfo;
  100.46 +
  100.47 +extern void do_suspend_lowlevel(void);
  100.48 +
  100.49 +static char *acpi_states[ACPI_S_STATE_COUNT] =
  100.50 +{
  100.51 +    [ACPI_STATE_S1] = "standby",
  100.52 +    [ACPI_STATE_S3] = "mem",
  100.53 +    [ACPI_STATE_S4] = "disk",
  100.54 +};
  100.55 +
  100.56 +unsigned long acpi_video_flags;
  100.57 +unsigned long saved_videomode;
  100.58 +
  100.59 +/* XXX: Add suspend failure recover later */
  100.60 +static int device_power_down(void)
  100.61 +{
  100.62 +    console_suspend();
  100.63 +
  100.64 +    time_suspend();
  100.65 +
  100.66 +    i8259A_suspend();
  100.67 +    
  100.68 +    ioapic_suspend();
  100.69 +    
  100.70 +    lapic_suspend();
  100.71 +
  100.72 +    return 0;
  100.73 +}
  100.74 +
  100.75 +static void device_power_up(void)
  100.76 +{
  100.77 +    lapic_resume();
  100.78 +    
  100.79 +    ioapic_resume();
  100.80 +
  100.81 +    i8259A_resume();
  100.82 +    
  100.83 +    time_resume();
  100.84 +
  100.85 +    console_resume();
  100.86 +}
  100.87 +
  100.88 +static void freeze_domains(void)
  100.89 +{
  100.90 +    struct domain *d;
  100.91 +
  100.92 +    for_each_domain(d)
  100.93 +        if (d->domain_id != 0)
  100.94 +            domain_pause(d);
  100.95 +}
  100.96 +
  100.97 +static void thaw_domains(void)
  100.98 +{
  100.99 +    struct domain *d;
 100.100 +
 100.101 +    for_each_domain(d)
 100.102 +        if (d->domain_id != 0)
 100.103 +            domain_unpause(d);
 100.104 +}
 100.105 +
 100.106 +/* Main interface to do xen specific suspend/resume */
 100.107 +int enter_state(u32 state)
 100.108 +{
 100.109 +    unsigned long flags;
 100.110 +    int error;
 100.111 +
 100.112 +    if (state <= ACPI_STATE_S0 || state > ACPI_S_STATES_MAX)
 100.113 +        return -EINVAL;
 100.114 +
 100.115 +    /* Sync lazy state on ths cpu */
 100.116 +    __sync_lazy_execstate();
 100.117 +    pmprintk(XENLOG_INFO, "Flush lazy state\n");
 100.118 +
 100.119 +    if (!spin_trylock(&pm_lock))
 100.120 +        return -EBUSY;
 100.121 +    
 100.122 +    freeze_domains();
 100.123 +
 100.124 +    hvm_cpu_down();
 100.125 +
 100.126 +    pmprintk(XENLOG_INFO, "PM: Preparing system for %s sleep\n",
 100.127 +        acpi_states[state]);
 100.128 +
 100.129 +    local_irq_save(flags);
 100.130 +
 100.131 +    if ((error = device_power_down()))
 100.132 +    {
 100.133 +        printk(XENLOG_ERR "Some devices failed to power down\n");
 100.134 +        goto Done;
 100.135 +    }
 100.136 +
 100.137 +    ACPI_FLUSH_CPU_CACHE();
 100.138 +
 100.139 +    switch (state)
 100.140 +    {
 100.141 +        case ACPI_STATE_S3:
 100.142 +            do_suspend_lowlevel();
 100.143 +            break;
 100.144 +        default:
 100.145 +            error = -EINVAL;
 100.146 +            break;
 100.147 +    }
 100.148 +
 100.149 +    pmprintk(XENLOG_INFO, "Back to C!\n");
 100.150 +
 100.151 +    device_power_up();
 100.152 +
 100.153 +    pmprintk(XENLOG_INFO, "PM: Finishing wakeup.\n");
 100.154 +
 100.155 + Done:
 100.156 +    local_irq_restore(flags);
 100.157 +
 100.158 +    if ( !hvm_cpu_up() )
 100.159 +        BUG();
 100.160 +
 100.161 +    thaw_domains();
 100.162 +    spin_unlock(&pm_lock);
 100.163 +    return error;
 100.164 +}
 100.165 +
 100.166 +/*
 100.167 + * Xen just requires address of pm1x_cnt, and ACPI interpreter
 100.168 + * is still kept in dom0. Address of xen wakeup stub will be
 100.169 + * returned, and then dom0 writes that address to FACS.
 100.170 + */
 100.171 +int set_acpi_sleep_info(struct xenpf_set_acpi_sleep *info)
 100.172 +{
 100.173 +    if (acpi_sinfo.pm1a_cnt)
 100.174 +        pmprintk(XENLOG_WARNING, "Multiple setting on acpi sleep info\n");
 100.175 +
 100.176 +    acpi_sinfo.pm1a_cnt = info->pm1a_cnt_port;
 100.177 +    acpi_sinfo.pm1b_cnt = info->pm1b_cnt_port;
 100.178 +    acpi_sinfo.pm1a_evt = info->pm1a_evt_port;
 100.179 +    acpi_sinfo.pm1b_evt = info->pm1b_evt_port;
 100.180 +    info->xen_waking_vec = (uint64_t)bootsym_phys(wakeup_start);
 100.181 +
 100.182 +    pmprintk(XENLOG_INFO, "pm1a[%x],pm1b[%x],pm1a_e[%x],pm1b_e[%x]"
 100.183 +                       "wake[%"PRIx64"]",
 100.184 +                       acpi_sinfo.pm1a_cnt, acpi_sinfo.pm1b_cnt,
 100.185 +                       acpi_sinfo.pm1a_evt, acpi_sinfo.pm1b_evt,
 100.186 +                       info->xen_waking_vec);
 100.187 +    return 0;
 100.188 +}
 100.189 +
 100.190 +/*
 100.191 + * Dom0 issues this hypercall in place of writing pm1a_cnt. Xen then
 100.192 + * takes over the control and put the system into sleep state really.
 100.193 + * Also video flags and mode are passed here, in case user may use
 100.194 + * "acpi_sleep=***" for video resume.
 100.195 + *
 100.196 + * Guest may issue a two-phases write to PM1x_CNT, to work
 100.197 + * around poorly implemented hardware. It's better to keep
 100.198 + * this logic here. Two writes can be differentiated by 
 100.199 + * enable bit setting.
 100.200 + */
 100.201 +int acpi_enter_sleep(struct xenpf_enter_acpi_sleep *sleep)
 100.202 +{
 100.203 +    if (!IS_PRIV(current->domain) || !acpi_sinfo.pm1a_cnt)
 100.204 +        return -EPERM;
 100.205 +
 100.206 +    /* Sanity check */
 100.207 +    if (acpi_sinfo.pm1b_cnt_val &&
 100.208 +        ((sleep->pm1a_cnt_val ^ sleep->pm1b_cnt_val) &
 100.209 +        ACPI_BITMASK_SLEEP_ENABLE))
 100.210 +    {
 100.211 +        pmprintk(XENLOG_ERR, "Mismatched pm1a/pm1b setting\n");
 100.212 +        return -EINVAL;
 100.213 +    }
 100.214 +
 100.215 +    /* Write #1 */
 100.216 +    if (!(sleep->pm1a_cnt_val & ACPI_BITMASK_SLEEP_ENABLE))
 100.217 +    {
 100.218 +        outw((u16)sleep->pm1a_cnt_val, acpi_sinfo.pm1a_cnt);
 100.219 +        if (acpi_sinfo.pm1b_cnt)
 100.220 +            outw((u16)sleep->pm1b_cnt_val, acpi_sinfo.pm1b_cnt);
 100.221 +        return 0;
 100.222 +    }
 100.223 +
 100.224 +    /* Write #2 */
 100.225 +    acpi_sinfo.pm1a_cnt_val = sleep->pm1a_cnt_val;
 100.226 +    acpi_sinfo.pm1b_cnt_val = sleep->pm1b_cnt_val;
 100.227 +    acpi_sinfo.sleep_state = sleep->sleep_state;
 100.228 +    acpi_video_flags = sleep->video_flags;
 100.229 +    saved_videomode = sleep->video_mode;
 100.230 +
 100.231 +    return enter_state(acpi_sinfo.sleep_state);
 100.232 +}
 100.233 +
 100.234 +static int acpi_get_wake_status(void)
 100.235 +{
 100.236 +    uint16_t val;
 100.237 +
 100.238 +    /* Wake status is the 15th bit of PM1 status register. (ACPI spec 3.0) */
 100.239 +    val = inw(acpi_sinfo.pm1a_evt) | inw(acpi_sinfo.pm1b_evt);
 100.240 +    val &= ACPI_BITMASK_WAKE_STATUS;
 100.241 +    val >>= ACPI_BITPOSITION_WAKE_STATUS;
 100.242 +    return val;
 100.243 +}
 100.244 +
 100.245 +/* System is really put into sleep state by this stub */
 100.246 +acpi_status asmlinkage acpi_enter_sleep_state(u8 sleep_state)
 100.247 +{
 100.248 +    ACPI_FLUSH_CPU_CACHE();
 100.249 +
 100.250 +    outw((u16)acpi_sinfo.pm1a_cnt_val, acpi_sinfo.pm1a_cnt);
 100.251 +    if (acpi_sinfo.pm1b_cnt)
 100.252 +        outw((u16)acpi_sinfo.pm1b_cnt_val, acpi_sinfo.pm1b_cnt);
 100.253 +    
 100.254 +    /* Wait until we enter sleep state, and spin until we wake */
 100.255 +    while (!acpi_get_wake_status());
 100.256 +    return_ACPI_STATUS(AE_OK);
 100.257 +}
 100.258 +
 100.259 +static int __init acpi_sleep_init(void)
 100.260 +{
 100.261 +    int i = 0; 
 100.262 +
 100.263 +    pmprintk(XENLOG_INFO, "ACPI (supports");
 100.264 +    for (i = 0; i < ACPI_S_STATE_COUNT; i++)
 100.265 +    {
 100.266 +        if (i == ACPI_STATE_S3)
 100.267 +        {
 100.268 +            sleep_states[i] = 1;
 100.269 +            printk(" S%d", i);
 100.270 +        }
 100.271 +        else
 100.272 +            sleep_states[i] = 0;
 100.273 +    }
 100.274 +    printk(")\n");
 100.275 +    return 0;
 100.276 +}
 100.277 +__initcall(acpi_sleep_init);
   101.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   101.2 +++ b/xen/arch/x86/acpi/suspend.c	Tue Jul 17 10:20:21 2007 +0100
   101.3 @@ -0,0 +1,85 @@
   101.4 +/*
   101.5 + * Suspend support specific for i386.
   101.6 + *
   101.7 + * Distribute under GPLv2
   101.8 + *
   101.9 + * Copyright (c) 2002 Pavel Machek <pavel@suse.cz>
  101.10 + * Copyright (c) 2001 Patrick Mochel <mochel@osdl.org>
  101.11 + */
  101.12 +#include <xen/config.h>
  101.13 +#include <xen/acpi.h>
  101.14 +#include <xen/smp.h>
  101.15 +#include <asm/processor.h>
  101.16 +#include <asm/msr.h>
  101.17 +#include <asm/flushtlb.h>
  101.18 +#include <asm/hvm/hvm.h>
  101.19 +#include <asm/hvm/support.h>
  101.20 +#include <asm/i387.h>
  101.21 +
  101.22 +/* Following context save/restore happens on the real context
  101.23 + * of current vcpu, with a lazy state sync forced earlier. 
  101.24 + */
  101.25 +#if defined(CONFIG_X86_64)
  101.26 +unsigned long saved_lstar, saved_cstar;
  101.27 +#endif
  101.28 +void save_rest_processor_state(void)
  101.29 +{
  101.30 +    /*
  101.31 +     * Net effect of unlazy_fpu is to set cr0.ts and thus there's no
  101.32 +     * need to restore fpu after resume.
  101.33 +     */
  101.34 +    if (!is_idle_vcpu(current))
  101.35 +        unlazy_fpu(current);
  101.36 +
  101.37 +#if defined(CONFIG_X86_64)
  101.38 +    rdmsrl(MSR_CSTAR, saved_cstar);
  101.39 +    rdmsrl(MSR_LSTAR, saved_lstar);
  101.40 +#endif
  101.41 +
  101.42 +    bootsym(video_flags) = acpi_video_flags;
  101.43 +    bootsym(video_mode) = saved_videomode;
  101.44 +}
  101.45 +
  101.46 +#define loaddebug(_v,_reg) \
  101.47 +    __asm__ __volatile__ ("mov %0,%%db" #_reg : : "r" ((_v)->debugreg[_reg]))
  101.48 +
  101.49 +void restore_rest_processor_state(void)
  101.50 +{
  101.51 +    int cpu = smp_processor_id();
  101.52 +    struct tss_struct *t = &init_tss[cpu];
  101.53 +    struct vcpu *v = current;
  101.54 +
  101.55 +    /* Really scared by suffixed comment from Linux, and keep it for safe */
  101.56 +    set_tss_desc(cpu, t);    /* This just modifies memory; should not be necessary. But... This is necessary, because 386 hardware has concept of busy TSS or some similar stupidity. */
  101.57 +
  101.58 +    load_TR(cpu);
  101.59 +
  101.60 +#if defined(CONFIG_X86_64)
  101.61 +    /* Recover syscall MSRs */
  101.62 +    wrmsrl(MSR_LSTAR, saved_lstar);
  101.63 +    wrmsrl(MSR_CSTAR, saved_cstar);
  101.64 +    wrmsr(MSR_STAR, 0, (FLAT_RING3_CS32<<16) | __HYPERVISOR_CS);
  101.65 +    wrmsr(MSR_SYSCALL_MASK, EF_VM|EF_RF|EF_NT|EF_DF|EF_IE|EF_TF, 0U);    
  101.66 +#else /* !defined(CONFIG_X86_64) */
  101.67 +    if (supervisor_mode_kernel && cpu_has_sep)
  101.68 +        wrmsr(MSR_IA32_SYSENTER_ESP, &t->esp1, 0);
  101.69 +#endif
  101.70 +
  101.71 +    /* Maybe load the debug registers. */
  101.72 +    if ( !is_idle_vcpu(v) && unlikely(v->arch.guest_context.debugreg[7]) )
  101.73 +    {
  101.74 +        loaddebug(&v->arch.guest_context, 0);
  101.75 +        loaddebug(&v->arch.guest_context, 1);
  101.76 +        loaddebug(&v->arch.guest_context, 2);
  101.77 +        loaddebug(&v->arch.guest_context, 3);
  101.78 +        /* no 4 and 5 */
  101.79 +        loaddebug(&v->arch.guest_context, 6);
  101.80 +        loaddebug(&v->arch.guest_context, 7);
  101.81 +    }
  101.82 +
  101.83 +    /* Do we start fpu really? Just set cr0.ts to monitor it */
  101.84 +    stts();
  101.85 +
  101.86 +    mtrr_ap_init();
  101.87 +    mcheck_init(&boot_cpu_data);
  101.88 +}
   102.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   102.2 +++ b/xen/arch/x86/acpi/wakeup_prot.S	Tue Jul 17 10:20:21 2007 +0100
   102.3 @@ -0,0 +1,267 @@
   102.4 +        .text
   102.5 +
   102.6 +#include <xen/config.h>
   102.7 +#include <xen/multiboot.h>
   102.8 +#include <public/xen.h>
   102.9 +#include <asm/asm_defns.h>
  102.10 +#include <asm/desc.h>
  102.11 +#include <asm/page.h>
  102.12 +#include <asm/msr.h>
  102.13 +
  102.14 +#if defined(__x86_64__)
  102.15 +
  102.16 +        .code64
  102.17 +
  102.18 +#define GREG(x)         %r##x
  102.19 +#define SAVED_GREG(x)   saved_r##x(%rip)
  102.20 +#define DECLARE_GREG(x) saved_r##x:     .quad   0
  102.21 +#define SAVE_GREG(x)    movq GREG(x), SAVED_GREG(x)
  102.22 +#define LOAD_GREG(x)    movq SAVED_GREG(x), GREG(x)
  102.23 +
  102.24 +#define REF(x)          x(%rip)
  102.25 +
  102.26 +#define RDMSR(ind, m)                   \
  102.27 +        xorq    %rdx, %rdx;             \
  102.28 +        mov     $ind, %ecx;             \
  102.29 +        rdmsr;                          \
  102.30 +        shlq    $0x20, %rdx;              \
  102.31 +        orq     %rax, %rdx;             \
  102.32 +        movq    %rdx, m(%rip);
  102.33 +
  102.34 +#define WRMSR(ind, m)                   \
  102.35 +        mov     $ind, %ecx;             \
  102.36 +        movq    m(%rip), %rdx;          \
  102.37 +        mov     %edx, %eax;             \
  102.38 +        shrq    $0x20, %rdx;              \
  102.39 +        wrmsr;
  102.40 +
  102.41 +#else /* !defined(__x86_64__) */
  102.42 +
  102.43 +        .code32
  102.44 +
  102.45 +#define GREG(x)         %e##x
  102.46 +#define SAVED_GREG(x)   saved_e##x
  102.47 +#define DECLARE_GREG(x) saved_e##x:     .long   0
  102.48 +#define SAVE_GREG(x)    movl GREG(x), SAVED_GREG(x)
  102.49 +#define LOAD_GREG(x)    movl SAVED_GREG(x), GREG(x)
  102.50 +
  102.51 +#define REF(x)          x
  102.52 +
  102.53 +#endif
  102.54 +
  102.55 +ENTRY(do_suspend_lowlevel)
  102.56 +
  102.57 +        SAVE_GREG(sp)
  102.58 +        SAVE_GREG(ax)
  102.59 +        SAVE_GREG(bx)
  102.60 +        SAVE_GREG(cx)
  102.61 +        SAVE_GREG(dx)
  102.62 +        SAVE_GREG(bp)
  102.63 +        SAVE_GREG(si)
  102.64 +        SAVE_GREG(di)
  102.65 +
  102.66 +#if defined(__x86_64__)
  102.67 +
  102.68 +        SAVE_GREG(8)     # save r8...r15
  102.69 +        SAVE_GREG(9)
  102.70 +        SAVE_GREG(10)
  102.71 +        SAVE_GREG(11)
  102.72 +        SAVE_GREG(12)
  102.73 +        SAVE_GREG(13)
  102.74 +        SAVE_GREG(14)
  102.75 +        SAVE_GREG(15)
  102.76 +        pushfq;
  102.77 +        popq    SAVED_GREG(flags)
  102.78 +
  102.79 +        mov     %cr8, GREG(ax)
  102.80 +        mov     GREG(ax), REF(saved_cr8)
  102.81 +
  102.82 +        RDMSR(MSR_FS_BASE, saved_fs_base)
  102.83 +        RDMSR(MSR_GS_BASE, saved_gs_base)
  102.84 +        RDMSR(MSR_SHADOW_GS_BASE, saved_kernel_gs_base)
  102.85 +
  102.86 +#else /* !defined(__x86_64__) */
  102.87 +
  102.88 +        pushfl;
  102.89 +        popl    SAVED_GREG(flags)
  102.90 +
  102.91 +#endif
  102.92 +
  102.93 +        mov     %ds, REF(saved_ds)
  102.94 +        mov     %es, REF(saved_es)
  102.95 +        mov     %fs, REF(saved_fs)
  102.96 +        mov     %gs, REF(saved_gs)
  102.97 +        mov     %ss, REF(saved_ss)
  102.98 +
  102.99 +        sgdt    REF(saved_gdt)
 102.100 +        sidt    REF(saved_idt)
 102.101 +        sldt    REF(saved_ldt)
 102.102 +
 102.103 +        mov     %cr0, GREG(ax)
 102.104 +        mov     GREG(ax), REF(saved_cr0)
 102.105 +
 102.106 +        mov     %cr3, GREG(ax)
 102.107 +        mov     GREG(ax), REF(saved_cr3)
 102.108 +
 102.109 +        call    save_rest_processor_state
 102.110 +
 102.111 +#if defined(__x86_64__)
 102.112 +
 102.113 +        mov     $3, %rdi
 102.114 +        xor     %eax, %eax
 102.115 +
 102.116 +#else /* !defined(__x86_64__) */
 102.117 +
 102.118 +        push    $3
 102.119 +
 102.120 +#endif
 102.121 +
 102.122 +        /* enter sleep state physically */
 102.123 +        call    acpi_enter_sleep_state
 102.124 +        jmp     __ret_point
 102.125 +
 102.126 +        .align  16
 102.127 +        .globl  __ret_point
 102.128 +__ret_point:
 102.129 +
 102.130 +        /* mmu_cr4_features contains latest cr4 setting */
 102.131 +        mov     REF(mmu_cr4_features), GREG(ax)
 102.132 +        mov     GREG(ax), %cr4
 102.133 +
 102.134 +        mov     REF(saved_cr3), GREG(ax)
 102.135 +        mov     GREG(ax), %cr3
 102.136 +
 102.137 +        mov     REF(saved_cr0), GREG(ax)
 102.138 +        mov     GREG(ax), %cr0
 102.139 +
 102.140 +        lgdt    REF(saved_gdt)
 102.141 +        lidt    REF(saved_idt)
 102.142 +        lldt    REF(saved_ldt)
 102.143 +
 102.144 +        mov     REF(saved_ss), %ss
 102.145 +        LOAD_GREG(sp)
 102.146 +
 102.147 +#if defined(__x86_64__)
 102.148 +
 102.149 +        mov     REF(saved_cr8), %rax
 102.150 +        mov     %rax, %cr8
 102.151 +
 102.152 +        pushq   SAVED_GREG(flags)
 102.153 +        popfq
 102.154 +
 102.155 +        /* Idle vcpu doesn't need segment selectors reload, since
 102.156 +         * those may contain stale value from other domains and 
 102.157 +         * reload may result page fault due to no matched gdt entry
 102.158 +         */
 102.159 +        mov     $(STACK_SIZE - 8), %rax
 102.160 +        or      %rsp, %rax
 102.161 +        and     $~7, %rax
 102.162 +        mov     (%rax), %rax
 102.163 +        mov     0x10(%rax), %rax
 102.164 +        cmpw    $0x7fff, (%rax)
 102.165 +        je      1f
 102.166 +
 102.167 +        /* These selectors are from guest, and thus need reload */
 102.168 +        mov     REF(saved_ds), %ds
 102.169 +        mov     REF(saved_es), %es
 102.170 +        mov     REF(saved_fs), %fs
 102.171 +
 102.172 +        /* gs load is special */
 102.173 +        mov     REF(saved_gs), %rsi
 102.174 +        mov     $3, %rdi        # SEGBASE_GS_USER_SEL
 102.175 +        call    do_set_segment_base
 102.176 +
 102.177 +1:
 102.178 +        # MSR restore
 102.179 +        WRMSR(MSR_FS_BASE, saved_fs_base)
 102.180 +        WRMSR(MSR_GS_BASE, saved_gs_base)
 102.181 +        WRMSR(MSR_SHADOW_GS_BASE, saved_kernel_gs_base)
 102.182 +
 102.183 +#else /* !defined(__x86_64__) */
 102.184 +
 102.185 +        pushl   SAVED_GREG(flags)
 102.186 +        popfl
 102.187 +
 102.188 +        /* No reload to fs/gs, which is saved in bottom stack already */
 102.189 +        mov     REF(saved_ds), %ds
 102.190 +        mov     REF(saved_es), %es
 102.191 +
 102.192 +#endif
 102.193 +
 102.194 +        call restore_rest_processor_state
 102.195 +
 102.196 +        LOAD_GREG(bp)
 102.197 +        LOAD_GREG(ax)
 102.198 +        LOAD_GREG(bx)
 102.199 +        LOAD_GREG(cx)
 102.200 +        LOAD_GREG(dx)
 102.201 +        LOAD_GREG(si)
 102.202 +        LOAD_GREG(di)
 102.203 +#if defined(__x86_64__)
 102.204 +        LOAD_GREG(8)     # save r8...r15
 102.205 +        LOAD_GREG(9)
 102.206 +        LOAD_GREG(10)
 102.207 +        LOAD_GREG(11)
 102.208 +        LOAD_GREG(12)
 102.209 +        LOAD_GREG(13)
 102.210 +        LOAD_GREG(14)
 102.211 +        LOAD_GREG(15)
 102.212 +#endif
 102.213 +        ret 
 102.214 +
 102.215 +.data
 102.216 +        .align 16
 102.217 +saved_ds:        .word   0
 102.218 +saved_es:        .word   0
 102.219 +saved_ss:        .word   0
 102.220 +saved_gs:        .word   0
 102.221 +saved_fs:        .word   0
 102.222 +
 102.223 +        .align 4
 102.224 +        .globl   saved_magic
 102.225 +saved_magic:     .long   0x9abcdef0
 102.226 +
 102.227 +        .align 8
 102.228 +DECLARE_GREG(sp)
 102.229 +DECLARE_GREG(bp)
 102.230 +DECLARE_GREG(ax)
 102.231 +DECLARE_GREG(bx)
 102.232 +DECLARE_GREG(cx)
 102.233 +DECLARE_GREG(dx)
 102.234 +DECLARE_GREG(si)
 102.235 +DECLARE_GREG(di)
 102.236 +DECLARE_GREG(flags)
 102.237 +
 102.238 +#if defined(__x86_64__)
 102.239 +
 102.240 +DECLARE_GREG(8)
 102.241 +DECLARE_GREG(9)
 102.242 +DECLARE_GREG(10)
 102.243 +DECLARE_GREG(11)
 102.244 +DECLARE_GREG(12)
 102.245 +DECLARE_GREG(13)
 102.246 +DECLARE_GREG(14)
 102.247 +DECLARE_GREG(15)
 102.248 +
 102.249 +saved_gdt:      .quad   0,0
 102.250 +saved_idt:      .quad   0,0
 102.251 +saved_ldt:      .quad   0,0
 102.252 +
 102.253 +saved_cr0:      .quad   0
 102.254 +saved_cr3:      .quad   0
 102.255 +saved_cr8:      .quad   0
 102.256 +
 102.257 +saved_gs_base:  .quad   0
 102.258 +saved_fs_base:  .quad   0
 102.259 +saved_kernel_gs_base:   .quad   0
 102.260 +
 102.261 +#else /* !defined(__x86_64__) */
 102.262 +
 102.263 +saved_gdt:      .long   0,0
 102.264 +saved_idt:      .long   0,0
 102.265 +saved_ldt:      .long   0
 102.266 +
 102.267 +saved_cr0:      .long   0
 102.268 +saved_cr3:      .long   0
 102.269 +
 102.270 +#endif 
   103.1 --- a/xen/arch/x86/apic.c	Mon Jul 16 14:20:16 2007 -0500
   103.2 +++ b/xen/arch/x86/apic.c	Tue Jul 17 10:20:21 2007 +0100
   103.3 @@ -957,7 +957,7 @@ void __setup_APIC_LVTT(unsigned int cloc
   103.4      apic_write_around(APIC_TMICT, clocks/APIC_DIVISOR);
   103.5  }
   103.6  
   103.7 -static void __init setup_APIC_timer(unsigned int clocks)
   103.8 +static void __devinit setup_APIC_timer(unsigned int clocks)
   103.9  {
  103.10      unsigned long flags;
  103.11      local_irq_save(flags);
   104.1 --- a/xen/arch/x86/boot/Makefile	Mon Jul 16 14:20:16 2007 -0500
   104.2 +++ b/xen/arch/x86/boot/Makefile	Tue Jul 17 10:20:21 2007 +0100
   104.3 @@ -1,3 +1,4 @@
   104.4  obj-y += head.o
   104.5  
   104.6 -head.o: head.S $(TARGET_SUBARCH).S trampoline.S mem.S video.S cmdline.S edd.S
   104.7 +head.o: head.S $(TARGET_SUBARCH).S trampoline.S mem.S video.S \
   104.8 +	cmdline.S edd.S wakeup.S
   105.1 --- a/xen/arch/x86/boot/head.S	Mon Jul 16 14:20:16 2007 -0500
   105.2 +++ b/xen/arch/x86/boot/head.S	Tue Jul 17 10:20:21 2007 +0100
   105.3 @@ -175,9 +175,11 @@ 1:      stosl   /* low mappings cover up
   105.4  
   105.5  #include "cmdline.S"
   105.6  
   105.7 +        .align 16
   105.8          .globl trampoline_start, trampoline_end
   105.9  trampoline_start:
  105.10  #include "trampoline.S"
  105.11 +#include "wakeup.S"
  105.12  trampoline_end:
  105.13  
  105.14          .text
   106.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
   106.2 +++ b/xen/arch/x86/boot/wakeup.S	Tue Jul 17 10:20:21 2007 +0100
   106.3 @@ -0,0 +1,212 @@
   106.4 +        .code16
   106.5 +
   106.6 +#undef wakesym
   106.7 +/* Used in real mode, to cal offset in current segment */
   106.8 +#define wakesym(sym) (sym - wakeup_start)
   106.9 +
  106.10 +ENTRY(wakeup_start)
  106.11 +        wakeup_code_start = .
  106.12 +
  106.13 +        cli
  106.14 +        cld
  106.15 +
  106.16 +        # setup data segment
  106.17 +        movw    %cs, %ax
  106.18 +        movw    %ax, %ds
  106.19 +        movw    %ax, %ss        # A stack required for BIOS call
  106.20 +        movw    $wakesym(wakeup_stack), %sp
  106.21 +
  106.22 +        pushl   $0              # Kill dangerous flag early
  106.23 +        popfl
  106.24 +
  106.25 +        # check magic number
  106.26 +        movl    wakesym(real_magic), %eax
  106.27 +        cmpl    $0x12345678, %eax
  106.28 +        jne     bogus_real_magic
  106.29 +
  106.30 +        # for acpi_sleep=s3_bios
  106.31 +        testl   $1, wakesym(video_flags)
  106.32 +        jz      1f
  106.33 +        lcall   $0xc000, $3
  106.34 +        movw    %cs, %ax        # In case messed by BIOS
  106.35 +        movw    %ax, %ds
  106.36 +        movw    %ax, %ss        # Need this? How to ret if clobbered?
  106.37 +
  106.38 +1:      # for acpi_sleep=s3_mode
  106.39 +        testl   $2, wakesym(video_flags)
  106.40 +        jz      1f
  106.41 +        movl    wakesym(video_mode), %eax
  106.42 +        call    mode_setw
  106.43 +
  106.44 +1:      # Show some progress if VGA is resumed
  106.45 +        movw    $0xb800, %ax
  106.46 +        movw    %ax, %fs
  106.47 +        movw    $0x0e00 + 'L', %fs:(0x10)
  106.48 +
  106.49 +        # boot trampoline is under 1M, and shift its start into
  106.50 +        # %fs to reference symbols in that area
  106.51 +        movl    $BOOT_TRAMPOLINE, %eax
  106.52 +        shrl    $4, %eax
  106.53 +        movl    %eax, %fs
  106.54 +        lidt    %fs:bootsym(idt_48)
  106.55 +        lgdt    %fs:bootsym(gdt_48)
  106.56 +
  106.57 +        movw    $1, %ax
  106.58 +        lmsw    %ax             # Turn on CR0.PE 
  106.59 +        jmp     1f
  106.60 +1:      ljmpl   $BOOT_CS32, $bootsym_phys(wakeup_32)
  106.61 +
  106.62 +/* This code uses an extended set of video mode numbers. These include:
  106.63 + * Aliases for standard modes
  106.64 + *      NORMAL_VGA (-1)
  106.65 + *      EXTENDED_VGA (-2)
  106.66 + *      ASK_VGA (-3)
  106.67 + * Video modes numbered by menu position -- NOT RECOMMENDED because of lack
  106.68 + * of compatibility when extending the table. These are between 0x00 and 0xff.
  106.69 + */
  106.70 +#define VIDEO_FIRST_MENU 0x0000
  106.71 +
  106.72 +/* Standard BIOS video modes (BIOS number + 0x0100) */
  106.73 +#define VIDEO_FIRST_BIOS 0x0100
  106.74 +
  106.75 +/* VESA BIOS video modes (VESA number + 0x0200) */
  106.76 +#define VIDEO_FIRST_VESA 0x0200
  106.77 +
  106.78 +/* Video7 special modes (BIOS number + 0x0900) */
  106.79 +#define VIDEO_FIRST_V7 0x0900
  106.80 +
  106.81 +# Setting of user mode (AX=mode ID) => CF=success
  106.82 +mode_setw:
  106.83 +        movw    %ax, %bx
  106.84 +        cmpb    $VIDEO_FIRST_VESA>>8, %ah
  106.85 +        jnc     check_vesaw
  106.86 +        decb    %ah
  106.87 +
  106.88 +setbadw: clc
  106.89 +        ret
  106.90 +
  106.91 +check_vesaw:
  106.92 +        subb    $VIDEO_FIRST_VESA>>8, %bh
  106.93 +        orw     $0x4000, %bx                    # Use linear frame buffer
  106.94 +        movw    $0x4f02, %ax                    # VESA BIOS mode set call
  106.95 +        int     $0x10
  106.96 +        cmpw    $0x004f, %ax                    # AL=4f if implemented
  106.97 +        jnz     _setbadw                        # AH=0 if OK
  106.98 +
  106.99 +        stc
 106.100 +        ret
 106.101 +
 106.102 +_setbadw: jmp    setbadw
 106.103 +
 106.104 +bogus_real_magic:
 106.105 +        movw    $0x0e00 + 'B', %fs:(0x12)
 106.106 +        jmp     bogus_real_magic
 106.107 +
 106.108 +        .align 4
 106.109 +real_magic:     .long 0x12345678
 106.110 +         .globl video_mode, video_flags
 106.111 +video_mode:     .long 0
 106.112 +video_flags:    .long 0
 106.113 +
 106.114 +        .code32
 106.115 +
 106.116 +        # Now in protect mode, with paging disabled
 106.117 +        # Add offset for any reference to xen specific symbols
 106.118 +
 106.119 +wakeup_32:
 106.120 +        mov     $BOOT_DS, %eax
 106.121 +        mov     %eax, %ds
 106.122 +        mov     %eax, %ss
 106.123 +        mov     $bootsym_phys(wakeup_stack), %esp
 106.124 +
 106.125 +        # check saved magic again
 106.126 +        mov     $sym_phys(saved_magic), %eax
 106.127 +        add     bootsym_phys(trampoline_xen_phys_start), %eax
 106.128 +        mov     (%eax), %eax
 106.129 +        cmp     $0x9abcdef0, %eax
 106.130 +        jne     bogus_saved_magic
 106.131 +        
 106.132 +        /* fpu init? */
 106.133 +
 106.134 +        /* Initialise CR4. */
 106.135 +#if CONFIG_PAGING_LEVELS == 2
 106.136 +        mov     $X86_CR4_PSE, %ecx
 106.137 +#else
 106.138 +        mov     $X86_CR4_PAE, %ecx
 106.139 +#endif
 106.140 +        mov     %ecx, %cr4
 106.141 +
 106.142 +        /* Load pagetable base register */
 106.143 +        mov     $sym_phys(idle_pg_table),%eax
 106.144 +        add     bootsym_phys(trampoline_xen_phys_start),%eax
 106.145 +        mov     %eax,%cr3
 106.146 +
 106.147 +        /* Will cpuid feature change after resume? */
 106.148 +#if CONFIG_PAGING_LEVELS != 2
 106.149 +        /* Set up EFER (Extended Feature Enable Register). */
 106.150 +        mov     bootsym_phys(cpuid_ext_features),%edi
 106.151 +        test    $0x20100800,%edi /* SYSCALL/SYSRET, No Execute, Long Mode? */
 106.152 +        jz      .Lskip_eferw
 106.153 +        movl    $MSR_EFER,%ecx
 106.154 +        rdmsr
 106.155 +#if CONFIG_PAGING_LEVELS == 4
 106.156 +        btsl    $_EFER_LME,%eax /* Long Mode      */
 106.157 +        btsl    $_EFER_SCE,%eax /* SYSCALL/SYSRET */
 106.158 +#endif
 106.159 +        btl     $20,%edi        /* No Execute?    */
 106.160 +        jnc     1f
 106.161 +        btsl    $_EFER_NX,%eax  /* No Execute     */
 106.162 +1:      wrmsr
 106.163 +.Lskip_eferw:
 106.164 +#endif
 106.165 +
 106.166 +        wbinvd
 106.167 +
 106.168 +        mov     $0x80050033,%eax /* hi-to-lo: PG,AM,WP,NE,ET,MP,PE */
 106.169 +        mov     %eax,%cr0
 106.170 +        jmp     1f
 106.171 +1:
 106.172 +
 106.173 +#if defined(__x86_64__)
 106.174 +
 106.175 +        /* Now in compatibility mode. Long-jump to 64-bit mode */
 106.176 +        ljmp    $BOOT_CS64, $bootsym_phys(wakeup_64)
 106.177 +
 106.178 +        .code64
 106.179 +        .align  8
 106.180 +        .word   0,0,0
 106.181 +lgdt_descr:
 106.182 +        .word   LAST_RESERVED_GDT_BYTE
 106.183 +        .quad   gdt_table - FIRST_RESERVED_GDT_BYTE
 106.184 +        
 106.185 +wakeup_64:
 106.186 +        lgdt    lgdt_descr(%rip)
 106.187 +        mov     $(__HYPERVISOR_DS64), %eax
 106.188 +        mov     %eax, %ds
 106.189 +
 106.190 +        # long jump to return point, with cs reload
 106.191 +        rex64 ljmp    *ret_point(%rip)
 106.192 +
 106.193 +        .align 8
 106.194 +ret_point:
 106.195 +        .quad   __ret_point
 106.196 +        .word   __HYPERVISOR_CS64
 106.197 +
 106.198 +#else /* !defined(__x86_64__) */
 106.199 +        lgdt    gdt_descr
 106.200 +        mov     $(__HYPERVISOR_DS), %eax
 106.201 +        mov     %eax, %ds
 106.202 +
 106.203 +        ljmp    $(__HYPERVISOR_CS), $__ret_point
 106.204 +#endif
 106.205 +
 106.206 +bogus_saved_magic:
 106.207 +        movw    $0x0e00 + 'S', 0xb8014
 106.208 +        jmp     bogus_saved_magic
 106.209 +
 106.210 +        .align  16
 106.211 +wakeup_stack_begin:     # Stack grows down
 106.212 +
 106.213 +        .fill   PAGE_SIZE,1,0
 106.214 +wakeup_stack:           # Just below end of first page in this section
 106.215 +ENTRY(wakeup_end)
   107.1 --- a/xen/arch/x86/cpu/common.c	Mon Jul 16 14:20:16 2007 -0500
   107.2 +++ b/xen/arch/x86/cpu/common.c	Tue Jul 17 10:20:21 2007 +0100
   107.3 @@ -557,9 +557,6 @@ void __devinit cpu_init(void)
   107.4  	}
   107.5  	printk(KERN_INFO "Initializing CPU#%d\n", cpu);
   107.6  
   107.7 -	if (cpu_has_vme || cpu_has_tsc || cpu_has_de)
   107.8 -		clear_in_cr4(X86_CR4_VME|X86_CR4_PVI|X86_CR4_TSD|X86_CR4_DE);
   107.9 -
  107.10  	*(unsigned short *)(&gdt_load[0]) = LAST_RESERVED_GDT_BYTE;
  107.11  	*(unsigned long  *)(&gdt_load[2]) = GDT_VIRT_START(current);
  107.12  	__asm__ __volatile__ ( "lgdt %0" : "=m" (gdt_load) );
  107.13 @@ -594,3 +591,11 @@ void __devinit cpu_init(void)
  107.14  	/* Install correct page table. */
  107.15  	write_ptbase(current);
  107.16  }
  107.17 +
  107.18 +#ifdef CONFIG_HOTPLUG_CPU
  107.19 +void __cpuinit cpu_uninit(void)
  107.20 +{
  107.21 +	int cpu = raw_smp_processor_id();
  107.22 +	cpu_clear(cpu, cpu_initialized);
  107.23 +}
  107.24 +#endif
   108.1 --- a/xen/arch/x86/crash.c	Mon Jul 16 14:20:16 2007 -0500
   108.2 +++ b/xen/arch/x86/crash.c	Tue Jul 17 10:20:21 2007 +0100
   108.3 @@ -43,7 +43,7 @@ static int crash_nmi_callback(struct cpu
   108.4      kexec_crash_save_cpu();
   108.5      disable_local_APIC();
   108.6      atomic_dec(&waiting_for_crash_ipi);
   108.7 -    hvm_disable();
   108.8 +    hvm_cpu_down();
   108.9  
  108.10      for ( ; ; )
  108.11          __asm__ __volatile__ ( "hlt" );
  108.12 @@ -99,7 +99,7 @@ void machine_crash_shutdown(void)
  108.13  
  108.14      disable_IO_APIC();
  108.15  
  108.16 -    hvm_disable();
  108.17 +    hvm_cpu_down();
  108.18  
  108.19      info = kexec_crash_save_info();
  108.20      info->dom0_pfn_to_mfn_frame_list_list =
   109.1 --- a/xen/arch/x86/dmi_scan.c	Mon Jul 16 14:20:16 2007 -0500
   109.2 +++ b/xen/arch/x86/dmi_scan.c	Tue Jul 17 10:20:21 2007 +0100
   109.3 @@ -184,7 +184,6 @@ static __init int broken_toshiba_keyboar
   109.4  static __init int reset_videomode_after_s3(struct dmi_blacklist *d)
   109.5  {
   109.6  	/* See acpi_wakeup.S */
   109.7 -	extern long acpi_video_flags;
   109.8  	acpi_video_flags |= 2;
   109.9  	return 0;
  109.10  }
   110.1 --- a/xen/arch/x86/domain.c	Mon Jul 16 14:20:16 2007 -0500
   110.2 +++ b/xen/arch/x86/domain.c	Tue Jul 17 10:20:21 2007 +0100
   110.3 @@ -43,6 +43,7 @@
   110.4  #include <asm/hvm/hvm.h>
   110.5  #include <asm/hvm/support.h>
   110.6  #include <asm/msr.h>
   110.7 +#include <asm/nmi.h>
   110.8  #ifdef CONFIG_COMPAT
   110.9  #include <compat/vcpu.h>
  110.10  #endif
  110.11 @@ -76,10 +77,28 @@ static void default_idle(void)
  110.12          local_irq_enable();
  110.13  }
  110.14  
  110.15 +static void play_dead(void)
  110.16 +{
  110.17 +    __cpu_disable();
  110.18 +    /* This must be done before dead CPU ack */
  110.19 +    cpu_exit_clear();
  110.20 +    wbinvd();
  110.21 +    mb();
  110.22 +    /* Ack it */
  110.23 +    __get_cpu_var(cpu_state) = CPU_DEAD;
  110.24 +
  110.25 +    /* With physical CPU hotplug, we should halt the cpu. */
  110.26 +    local_irq_disable();
  110.27 +    for ( ; ; )
  110.28 +        halt();
  110.29 +}
  110.30 +
  110.31  void idle_loop(void)
  110.32  {
  110.33      for ( ; ; )
  110.34      {
  110.35 +        if (cpu_is_offline(smp_processor_id()))
  110.36 +            play_dead();
  110.37          page_scrub_schedule_work();
  110.38          default_idle();
  110.39          do_softirq();
   111.1 --- a/xen/arch/x86/domain_build.c	Mon Jul 16 14:20:16 2007 -0500
   111.2 +++ b/xen/arch/x86/domain_build.c	Tue Jul 17 10:20:21 2007 +0100
   111.3 @@ -434,8 +434,7 @@ int __init construct_dom0(
   111.4  
   111.5  #ifdef __i386__
   111.6      /* Ensure that our low-memory 1:1 mapping covers the allocation. */
   111.7 -    page = alloc_domheap_pages(d, order,
   111.8 -                               MEMF_bits(30 + (v_start >> 31)));
   111.9 +    page = alloc_domheap_pages(d, order, MEMF_bits(30));
  111.10  #else
  111.11      page = alloc_domheap_pages(d, order, 0);
  111.12  #endif
   112.1 --- a/xen/arch/x86/domctl.c	Mon Jul 16 14:20:16 2007 -0500
   112.2 +++ b/xen/arch/x86/domctl.c	Tue Jul 17 10:20:21 2007 +0100
   112.3 @@ -427,6 +427,46 @@ long arch_do_domctl(
   112.4      }
   112.5      break;
   112.6  
   112.7 +    case XEN_DOMCTL_sendtrigger:
   112.8 +    {
   112.9 +        struct domain *d;
  112.10 +        struct vcpu *v;
  112.11 +
  112.12 +        ret = -ESRCH;
  112.13 +        if ( (d = rcu_lock_domain_by_id(domctl->domain)) == NULL )
  112.14 +            break;
  112.15 +
  112.16 +        ret = -EINVAL;
  112.17 +        if ( domctl->u.sendtrigger.vcpu >= MAX_VIRT_CPUS )
  112.18 +            goto sendtrigger_out;
  112.19 +
  112.20 +        ret = -ESRCH;
  112.21 +        if ( (v = d->vcpu[domctl->u.sendtrigger.vcpu]) == NULL )
  112.22 +            goto sendtrigger_out;
  112.23 +
  112.24 +        switch ( domctl->u.sendtrigger.trigger )
  112.25 +        {
  112.26 +        case XEN_DOMCTL_SENDTRIGGER_NMI:
  112.27 +        {
  112.28 +            ret = -ENOSYS;
  112.29 +            if ( !is_hvm_domain(d) )
  112.30 +                break;
  112.31 +
  112.32 +            ret = 0;
  112.33 +            if ( !test_and_set_bool(v->arch.hvm_vcpu.nmi_pending) )
  112.34 +                vcpu_kick(v);
  112.35 +        }
  112.36 +        break;
  112.37 +
  112.38 +        default:
  112.39 +            ret = -ENOSYS;
  112.40 +        }
  112.41 +
  112.42 +    sendtrigger_out:
  112.43 +        rcu_unlock_domain(d);
  112.44 +    }
  112.45 +    break;
  112.46 +
  112.47      default:
  112.48          ret = -ENOSYS;
  112.49          break;
   113.1 --- a/xen/arch/x86/hvm/hvm.c	Mon Jul 16 14:20:16 2007 -0500
   113.2 +++ b/xen/arch/x86/hvm/hvm.c	Tue Jul 17 10:20:21 2007 +0100
   113.3 @@ -76,12 +76,6 @@ void hvm_enable(struct hvm_function_tabl
   113.4      hvm_enabled = 1;
   113.5  }
   113.6  
   113.7 -void hvm_disable(void)
   113.8 -{
   113.9 -    if ( hvm_enabled )
  113.10 -        hvm_funcs.disable();
  113.11 -}
  113.12 -
  113.13  void hvm_stts(struct vcpu *v)
  113.14  {
  113.15      /* FPU state already dirty? Then no need to setup_fpu() lazily. */
   114.1 --- a/xen/arch/x86/hvm/svm/svm.c	Mon Jul 16 14:20:16 2007 -0500
   114.2 +++ b/xen/arch/x86/hvm/svm/svm.c	Tue Jul 17 10:20:21 2007 +0100
   114.3 @@ -94,9 +94,8 @@ static void svm_inject_exception(struct 
   114.4      vmcb->eventinj = event;
   114.5  }
   114.6  
   114.7 -static void stop_svm(void)
   114.8 +static void svm_cpu_down(void)
   114.9  {
  114.10 -    /* We turn off the EFER_SVME bit. */
  114.11      write_efer(read_efer() & ~EFER_SVME);
  114.12  }
  114.13  
  114.14 @@ -974,7 +973,7 @@ static int svm_event_injection_faulted(s
  114.15  
  114.16  static struct hvm_function_table svm_function_table = {
  114.17      .name                 = "SVM",
  114.18 -    .disable              = stop_svm,
  114.19 +    .cpu_down             = svm_cpu_down,
  114.20      .domain_initialise    = svm_domain_initialise,
  114.21      .domain_destroy       = svm_domain_destroy,
  114.22      .vcpu_initialise      = svm_vcpu_initialise,
  114.23 @@ -2329,9 +2328,6 @@ static int svm_reset_to_realmode(struct 
  114.24      /* clear the vmcb and user regs */
  114.25      memset(regs, 0, sizeof(struct cpu_user_regs));
  114.26     
  114.27 -    /* VMCB Control */
  114.28 -    vmcb->tsc_offset = 0;
  114.29 -
  114.30      /* VMCB State */
  114.31      vmcb->cr0 = X86_CR0_ET | X86_CR0_PG | X86_CR0_WP;
  114.32      v->arch.hvm_svm.cpu_shadow_cr0 = X86_CR0_ET;
   115.1 --- a/xen/arch/x86/hvm/svm/vmcb.c	Mon Jul 16 14:20:16 2007 -0500
   115.2 +++ b/xen/arch/x86/hvm/svm/vmcb.c	Tue Jul 17 10:20:21 2007 +0100
   115.3 @@ -239,11 +239,11 @@ static int construct_vmcb(struct vcpu *v
   115.4                      (HVM_CR4_HOST_MASK & ~X86_CR4_PAE);
   115.5          vmcb->exception_intercepts = HVM_TRAP_MASK;
   115.6  
   115.7 -        /* No point in intercepting CR0/3/4 reads, because the hardware 
   115.8 -         * will return the guest versions anyway. */
   115.9 -        vmcb->cr_intercepts &= ~(CR_INTERCEPT_CR0_READ
  115.10 -                                 |CR_INTERCEPT_CR3_READ
  115.11 -                                 |CR_INTERCEPT_CR4_READ);
  115.12 +        /* No point in intercepting CR3/4 reads, because the hardware 
  115.13 +         * will return the guest versions anyway.  Still need to intercept 
  115.14 +         * CR0 reads to hide the changes we make to CR0.TS in the lazy-fpu 
  115.15 +         * code. */
  115.16 +        vmcb->cr_intercepts &= ~(CR_INTERCEPT_CR3_READ|CR_INTERCEPT_CR4_READ);
  115.17  
  115.18          /* No point in intercepting INVLPG if we don't have shadow pagetables 
  115.19           * that need to be fixed up. */
   116.1 --- a/xen/arch/x86/hvm/vlapic.c	Mon Jul 16 14:20:16 2007 -0500
   116.2 +++ b/xen/arch/x86/hvm/vlapic.c	Tue Jul 17 10:20:21 2007 +0100
   116.3 @@ -915,10 +915,17 @@ HVM_REGISTER_SAVE_RESTORE(LAPIC_REGS, la
   116.4  int vlapic_init(struct vcpu *v)
   116.5  {
   116.6      struct vlapic *vlapic = vcpu_vlapic(v);
   116.7 +    unsigned int memflags = 0;
   116.8  
   116.9      HVM_DBG_LOG(DBG_LEVEL_VLAPIC, "%d", v->vcpu_id);
  116.10  
  116.11 -    vlapic->regs_page = alloc_domheap_page(NULL);
  116.12 +#ifdef __i386__
  116.13 +    /* 32-bit VMX may be limited to 32-bit physical addresses. */
  116.14 +    if ( boot_cpu_data.x86_vendor == X86_VENDOR_INTEL )
  116.15 +        memflags = MEMF_bits(32);
  116.16 +#endif
  116.17 +
  116.18 +    vlapic->regs_page = alloc_domheap_pages(NULL, 0, memflags);
  116.19      if ( vlapic->regs_page == NULL )
  116.20      {
  116.21          dprintk(XENLOG_ERR, "alloc vlapic regs error: %d/%d\n",
   117.1 --- a/xen/arch/x86/hvm/vmx/vmcs.c	Mon Jul 16 14:20:16 2007 -0500
   117.2 +++ b/xen/arch/x86/hvm/vmx/vmcs.c	Tue Jul 17 10:20:21 2007 +0100
   117.3 @@ -45,7 +45,9 @@ u32 vmx_vmexit_control __read_mostly;
   117.4  u32 vmx_vmentry_control __read_mostly;
   117.5  bool_t cpu_has_vmx_ins_outs_instr_info __read_mostly;
   117.6  
   117.7 +static DEFINE_PER_CPU(struct vmcs_struct *, host_vmcs);
   117.8  static DEFINE_PER_CPU(struct vmcs_struct *, current_vmcs);
   117.9 +static DEFINE_PER_CPU(struct list_head, active_vmcs_list);
  117.10  
  117.11  static u32 vmcs_revision_id __read_mostly;
  117.12  
  117.13 @@ -64,7 +66,7 @@ static u32 adjust_vmx_controls(u32 ctl_m
  117.14      return ctl;
  117.15  }
  117.16  
  117.17 -void vmx_init_vmcs_config(void)
  117.18 +static void vmx_init_vmcs_config(void)
  117.19  {
  117.20      u32 vmx_msr_low, vmx_msr_high, min, opt;
  117.21      u32 _vmx_pin_based_exec_control;
  117.22 @@ -128,8 +130,9 @@ void vmx_init_vmcs_config(void)
  117.23  
  117.24      rdmsr(MSR_IA32_VMX_BASIC, vmx_msr_low, vmx_msr_high);
  117.25  
  117.26 -    if ( smp_processor_id() == 0 )
  117.27 +    if ( !vmx_pin_based_exec_control )
  117.28      {
  117.29 +        /* First time through. */
  117.30          vmcs_revision_id = vmx_msr_low;
  117.31          vmx_pin_based_exec_control = _vmx_pin_based_exec_control;
  117.32          vmx_cpu_based_exec_control = _vmx_cpu_based_exec_control;
  117.33 @@ -140,6 +143,7 @@ void vmx_init_vmcs_config(void)
  117.34      }
  117.35      else
  117.36      {
  117.37 +        /* Globals are already initialised: re-check them. */
  117.38          BUG_ON(vmcs_revision_id != vmx_msr_low);
  117.39          BUG_ON(vmx_pin_based_exec_control != _vmx_pin_based_exec_control);
  117.40          BUG_ON(vmx_cpu_based_exec_control != _vmx_cpu_based_exec_control);
  117.41 @@ -151,6 +155,14 @@ void vmx_init_vmcs_config(void)
  117.42  
  117.43      /* IA-32 SDM Vol 3B: VMCS size is never greater than 4kB. */
  117.44      BUG_ON((vmx_msr_high & 0x1fff) > PAGE_SIZE);
  117.45 +
  117.46 +#ifdef __x86_64__
  117.47 +    /* IA-32 SDM Vol 3B: 64-bit CPUs always have VMX_BASIC_MSR[48]==0. */
  117.48 +    BUG_ON(vmx_msr_high & (1u<<16));
  117.49 +#endif
  117.50 +
  117.51 +    /* Require Write-Back (WB) memory type for VMCS accesses. */
  117.52 +    BUG_ON(((vmx_msr_high >> 18) & 15) != 6);
  117.53  }
  117.54  
  117.55  static struct vmcs_struct *vmx_alloc_vmcs(void)
  117.56 @@ -177,34 +189,115 @@ static void vmx_free_vmcs(struct vmcs_st
  117.57  static void __vmx_clear_vmcs(void *info)
  117.58  {
  117.59      struct vcpu *v = info;
  117.60 +    struct arch_vmx_struct *arch_vmx = &v->arch.hvm_vmx;
  117.61  
  117.62 -    __vmpclear(virt_to_maddr(v->arch.hvm_vmx.vmcs));
  117.63 +    /* Otherwise we can nest (vmx_cpu_down() vs. vmx_clear_vmcs()). */
  117.64 +    ASSERT(!local_irq_is_enabled());
  117.65 +
  117.66 +    if ( arch_vmx->active_cpu == smp_processor_id() )
  117.67 +    {
  117.68 +        __vmpclear(virt_to_maddr(arch_vmx->vmcs));
  117.69  
  117.70 -    v->arch.hvm_vmx.active_cpu = -1;
  117.71 -    v->arch.hvm_vmx.launched   = 0;
  117.72 +        arch_vmx->active_cpu = -1;
  117.73 +        arch_vmx->launched   = 0;
  117.74  
  117.75 -    if ( v->arch.hvm_vmx.vmcs == this_cpu(current_vmcs) )
  117.76 -        this_cpu(current_vmcs) = NULL;
  117.77 +        list_del(&arch_vmx->active_list);
  117.78 +
  117.79 +        if ( arch_vmx->vmcs == this_cpu(current_vmcs) )
  117.80 +            this_cpu(current_vmcs) = NULL;
  117.81 +    }
  117.82  }
  117.83  
  117.84  static void vmx_clear_vmcs(struct vcpu *v)
  117.85  {
  117.86      int cpu = v->arch.hvm_vmx.active_cpu;
  117.87  
  117.88 -    if ( cpu == -1 )
  117.89 -        return;
  117.90 -
  117.91 -    if ( cpu == smp_processor_id() )
  117.92 -        return __vmx_clear_vmcs(v);
  117.93 -
  117.94 -    on_selected_cpus(cpumask_of_cpu(cpu), __vmx_clear_vmcs, v, 1, 1);
  117.95 +    if ( cpu != -1 )
  117.96 +        on_selected_cpus(cpumask_of_cpu(cpu), __vmx_clear_vmcs, v, 1, 1);
  117.97  }
  117.98  
  117.99  static void vmx_load_vmcs(struct vcpu *v)
 117.100  {
 117.101 +    unsigned long flags;
 117.102 +
 117.103 +    local_irq_save(flags);
 117.104 +
 117.105 +    if ( v->arch.hvm_vmx.active_cpu == -1 )
 117.106 +    {
 117.107 +        list_add(&v->arch.hvm_vmx.active_list, &this_cpu(active_vmcs_list));
 117.108 +        v->arch.hvm_vmx.active_cpu = smp_processor_id();
 117.109 +    }
 117.110 +
 117.111 +    ASSERT(v->arch.hvm_vmx.active_cpu == smp_processor_id());
 117.112 +
 117.113      __vmptrld(virt_to_maddr(v->arch.hvm_vmx.vmcs));
 117.114 -    v->arch.hvm_vmx.active_cpu = smp_processor_id();
 117.115      this_cpu(current_vmcs) = v->arch.hvm_vmx.vmcs;
 117.116 +
 117.117 +    local_irq_restore(flags);
 117.118 +}
 117.119 +
 117.120 +int vmx_cpu_up(void)
 117.121 +{
 117.122 +    u32 eax, edx;
 117.123 +    int cpu = smp_processor_id();
 117.124 +
 117.125 +    BUG_ON(!(read_cr4() & X86_CR4_VMXE));
 117.126 +
 117.127 +    rdmsr(IA32_FEATURE_CONTROL_MSR, eax, edx);
 117.128 +
 117.129 +    if ( eax & IA32_FEATURE_CONTROL_MSR_LOCK )
 117.130 +    {
 117.131 +        if ( !(eax & IA32_FEATURE_CONTROL_MSR_ENABLE_VMXON) )
 117.132 +        {
 117.133 +            printk("CPU%d: VMX disabled\n", cpu);
 117.134 +            return 0;
 117.135 +        }
 117.136 +    }
 117.137 +    else
 117.138 +    {
 117.139 +        wrmsr(IA32_FEATURE_CONTROL_MSR,
 117.140 +              IA32_FEATURE_CONTROL_MSR_LOCK |
 117.141 +              IA32_FEATURE_CONTROL_MSR_ENABLE_VMXON, 0);
 117.142 +    }
 117.143 +
 117.144 +    vmx_init_vmcs_config();
 117.145 +
 117.146 +    INIT_LIST_HEAD(&this_cpu(active_vmcs_list));
 117.147 +
 117.148 +    if ( this_cpu(host_vmcs) == NULL )
 117.149 +    {
 117.150 +        this_cpu(host_vmcs) = vmx_alloc_vmcs();
 117.151 +        if ( this_cpu(host_vmcs) == NULL )
 117.152 +        {
 117.153 +            printk("CPU%d: Could not allocate host VMCS\n", cpu);
 117.154 +            return 0;
 117.155 +        }
 117.156 +    }
 117.157 +
 117.158 +    if ( __vmxon(virt_to_maddr(this_cpu(host_vmcs))) )
 117.159 +    {
 117.160 +        printk("CPU%d: VMXON failed\n", cpu);
 117.161 +        return 0;
 117.162 +    }
 117.163 +
 117.164 +    return 1;
 117.165 +}
 117.166 +
 117.167 +void vmx_cpu_down(void)
 117.168 +{
 117.169 +    struct list_head *active_vmcs_list = &this_cpu(active_vmcs_list);
 117.170 +    unsigned long flags;
 117.171 +
 117.172 +    local_irq_save(flags);
 117.173 +
 117.174 +    while ( !list_empty(active_vmcs_list) )
 117.175 +        __vmx_clear_vmcs(list_entry(active_vmcs_list->next,
 117.176 +                                    struct vcpu, arch.hvm_vmx.active_list));
 117.177 +
 117.178 +    BUG_ON(!(read_cr4() & X86_CR4_VMXE));
 117.179 +    __vmxoff();
 117.180 +
 117.181 +    local_irq_restore(flags);
 117.182  }
 117.183  
 117.184  void vmx_vmcs_enter(struct vcpu *v)
 117.185 @@ -237,65 +330,27 @@ void vmx_vmcs_exit(struct vcpu *v)
 117.186      vcpu_unpause(v);
 117.187  }
 117.188  
 117.189 -struct vmcs_struct *vmx_alloc_host_vmcs(void)
 117.190 -{
 117.191 -    return vmx_alloc_vmcs();
 117.192 -}
 117.193 -
 117.194 -void vmx_free_host_vmcs(struct vmcs_struct *vmcs)
 117.195 -{
 117.196 -    vmx_free_vmcs(vmcs);
 117.197 -}
 117.198 -
 117.199 -#define GUEST_SEGMENT_LIMIT     0xffffffff
 117.200 -
 117.201 -struct host_execution_env {
 117.202 -    /* selectors */
 117.203 -    unsigned short ldtr_selector;
 117.204 -    unsigned short tr_selector;
 117.205 -    unsigned short ds_selector;
 117.206 -    unsigned short cs_selector;
 117.207 -    /* limits */
 117.208 -    unsigned short gdtr_limit;
 117.209 -    unsigned short ldtr_limit;
 117.210 -    unsigned short idtr_limit;
 117.211 -    unsigned short tr_limit;
 117.212 -    /* base */
 117.213 -    unsigned long gdtr_base;
 117.214 -    unsigned long ldtr_base;
 117.215 -    unsigned long idtr_base;
 117.216 -    unsigned long tr_base;
 117.217 -    unsigned long ds_base;
 117.218 -    unsigned long cs_base;
 117.219 -#ifdef __x86_64__
 117.220 -    unsigned long fs_base;
 117.221 -    unsigned long gs_base;
 117.222 -#endif
 117.223 +struct xgt_desc {
 117.224 +    unsigned short size;
 117.225 +    unsigned long address __attribute__((packed));
 117.226  };
 117.227  
 117.228  static void vmx_set_host_env(struct vcpu *v)
 117.229  {
 117.230      unsigned int tr, cpu;
 117.231 -    struct host_execution_env host_env;
 117.232 -    struct Xgt_desc_struct desc;
 117.233 +    struct xgt_desc desc;
 117.234  
 117.235      cpu = smp_processor_id();
 117.236 -    __asm__ __volatile__ ("sidt  (%0) \n" :: "a"(&desc) : "memory");
 117.237 -    host_env.idtr_limit = desc.size;
 117.238 -    host_env.idtr_base = desc.address;
 117.239 -    __vmwrite(HOST_IDTR_BASE, host_env.idtr_base);
 117.240 +
 117.241 +    __asm__ __volatile__ ( "sidt (%0) \n" : : "a" (&desc) : "memory" );
 117.242 +    __vmwrite(HOST_IDTR_BASE, desc.address);
 117.243  
 117.244 -    __asm__ __volatile__ ("sgdt  (%0) \n" :: "a"(&desc) : "memory");
 117.245 -    host_env.gdtr_limit = desc.size;
 117.246 -    host_env.gdtr_base = desc.address;
 117.247 -    __vmwrite(HOST_GDTR_BASE, host_env.gdtr_base);
 117.248 +    __asm__ __volatile__ ( "sgdt (%0) \n" : : "a" (&desc) : "memory" );
 117.249 +    __vmwrite(HOST_GDTR_BASE, desc.address);
 117.250  
 117.251 -    __asm__ __volatile__ ("str  (%0) \n" :: "a"(&tr) : "memory");
 117.252 -    host_env.tr_selector = tr;
 117.253 -    host_env.tr_limit = sizeof(struct tss_struct);
 117.254 -    host_env.tr_base = (unsigned long) &init_tss[cpu];
 117.255 -    __vmwrite(HOST_TR_SELECTOR, host_env.tr_selector);
 117.256 -    __vmwrite(HOST_TR_BASE, host_env.tr_base);
 117.257 +    __asm__ __volatile__ ( "str (%0) \n" : : "a" (&tr) : "memory" );
 117.258 +    __vmwrite(HOST_TR_SELECTOR, tr);
 117.259 +    __vmwrite(HOST_TR_BASE, (unsigned long)&init_tss[cpu]);
 117.260  
 117.261      /*
 117.262       * Skip end of cpu_user_regs when entering the hypervisor because the
 117.263 @@ -306,6 +361,8 @@ static void vmx_set_host_env(struct vcpu
 117.264                (unsigned long)&get_cpu_info()->guest_cpu_user_regs.error_code);
 117.265  }
 117.266  
 117.267 +#define GUEST_SEGMENT_LIMIT     0xffffffff
 117.268 +
 117.269  static void construct_vmcs(struct vcpu *v)
 117.270  {
 117.271      unsigned long cr0, cr4;
 117.272 @@ -448,11 +505,8 @@ static void construct_vmcs(struct vcpu *
 117.273  
 117.274      if ( cpu_has_vmx_tpr_shadow )
 117.275      {
 117.276 -        paddr_t virt_page_ma = page_to_maddr(vcpu_vlapic(v)->regs_page);
 117.277 -        __vmwrite(VIRTUAL_APIC_PAGE_ADDR, virt_page_ma);
 117.278 -#if defined (CONFIG_X86_PAE)
 117.279 -        __vmwrite(VIRTUAL_APIC_PAGE_ADDR_HIGH, virt_page_ma >> 32);
 117.280 -#endif
 117.281 +        __vmwrite(VIRTUAL_APIC_PAGE_ADDR,
 117.282 +                  page_to_maddr(vcpu_vlapic(v)->regs_page));
 117.283          __vmwrite(TPR_THRESHOLD, 0);
 117.284      }
 117.285  
 117.286 @@ -472,12 +526,17 @@ static void construct_vmcs(struct vcpu *
 117.287  
 117.288  int vmx_create_vmcs(struct vcpu *v)
 117.289  {
 117.290 -    if ( v->arch.hvm_vmx.vmcs == NULL )
 117.291 +    struct arch_vmx_struct *arch_vmx = &v->arch.hvm_vmx;
 117.292 +
 117.293 +    if ( arch_vmx->vmcs == NULL )
 117.294      {
 117.295 -        if ( (v->arch.hvm_vmx.vmcs = vmx_alloc_vmcs()) == NULL )
 117.296 +        if ( (arch_vmx->vmcs = vmx_alloc_vmcs()) == NULL )
 117.297              return -ENOMEM;
 117.298  
 117.299 -        __vmx_clear_vmcs(v);
 117.300 +        INIT_LIST_HEAD(&arch_vmx->active_list);
 117.301 +        __vmpclear(virt_to_maddr(arch_vmx->vmcs));
 117.302 +        arch_vmx->active_cpu = -1;
 117.303 +        arch_vmx->launched   = 0;
 117.304      }
 117.305  
 117.306      construct_vmcs(v);
   118.1 --- a/xen/arch/x86/hvm/vmx/vmx.c	Mon Jul 16 14:20:16 2007 -0500
   118.2 +++ b/xen/arch/x86/hvm/vmx/vmx.c	Tue Jul 17 10:20:21 2007 +0100
   118.3 @@ -907,15 +907,6 @@ static void vmx_ctxt_switch_to(struct vc
   118.4      vmx_restore_dr(v);
   118.5  }
   118.6  
   118.7 -static void stop_vmx(void)
   118.8 -{
   118.9 -    if ( !(read_cr4() & X86_CR4_VMXE) )
  118.10 -        return;
  118.11 -
  118.12 -    __vmxoff();
  118.13 -    clear_in_cr4(X86_CR4_VMXE);
  118.14 -}
  118.15 -
  118.16  static void vmx_store_cpu_guest_regs(
  118.17      struct vcpu *v, struct cpu_user_regs *regs, unsigned long *crs)
  118.18  {
  118.19 @@ -1244,7 +1235,6 @@ static void disable_intercept_for_msr(u3
  118.20  
  118.21  static struct hvm_function_table vmx_function_table = {
  118.22      .name                 = "VMX",
  118.23 -    .disable              = stop_vmx,
  118.24      .domain_initialise    = vmx_domain_initialise,
  118.25      .domain_destroy       = vmx_domain_destroy,
  118.26      .vcpu_initialise      = vmx_vcpu_initialise,
  118.27 @@ -1271,66 +1261,46 @@ static struct hvm_function_table vmx_fun
  118.28      .inject_exception     = vmx_inject_exception,
  118.29      .init_ap_context      = vmx_init_ap_context,
  118.30      .init_hypercall_page  = vmx_init_hypercall_page,
  118.31 -    .event_injection_faulted = vmx_event_injection_faulted
  118.32 +    .event_injection_faulted = vmx_event_injection_faulted,
  118.33 +    .cpu_up               = vmx_cpu_up,
  118.34 +    .cpu_down             = vmx_cpu_down,
  118.35  };
  118.36  
  118.37 -int start_vmx(void)
  118.38 +void start_vmx(void)
  118.39  {
  118.40 -    u32 eax, edx;
  118.41 -    struct vmcs_struct *vmcs;
  118.42 -
  118.43 -    /*
  118.44 -     * Xen does not fill x86_capability words except 0.
  118.45 -     */
  118.46 +    static int bootstrapped;
  118.47 +
  118.48 +    if ( bootstrapped )
  118.49 +    {
  118.50 +        if ( hvm_enabled && !vmx_cpu_up() )
  118.51 +        {
  118.52 +            printk("VMX: FATAL: failed to initialise CPU%d!\n",
  118.53 +                   smp_processor_id());
  118.54 +            BUG();
  118.55 +        }
  118.56 +        return;
  118.57 +    }
  118.58 +
  118.59 +    bootstrapped = 1;
  118.60 +
  118.61 +    /* Xen does not fill x86_capability words except 0. */
  118.62      boot_cpu_data.x86_capability[4] = cpuid_ecx(1);
  118.63  
  118.64      if ( !test_bit(X86_FEATURE_VMXE, &boot_cpu_data.x86_capability) )
  118.65 -        return 0;
  118.66 -
  118.67 -    rdmsr(IA32_FEATURE_CONTROL_MSR, eax, edx);
  118.68 -
  118.69 -    if ( eax & IA32_FEATURE_CONTROL_MSR_LOCK )
  118.70 -    {
  118.71 -        if ( (eax & IA32_FEATURE_CONTROL_MSR_ENABLE_VMXON) == 0x0 )
  118.72 -        {
  118.73 -            printk("VMX disabled by Feature Control MSR.\n");
  118.74 -            return 0;
  118.75 -        }
  118.76 -    }
  118.77 -    else
  118.78 -    {
  118.79 -        wrmsr(IA32_FEATURE_CONTROL_MSR,
  118.80 -              IA32_FEATURE_CONTROL_MSR_LOCK |
  118.81 -              IA32_FEATURE_CONTROL_MSR_ENABLE_VMXON, 0);
  118.82 -    }
  118.83 +        return;
  118.84  
  118.85      set_in_cr4(X86_CR4_VMXE);
  118.86  
  118.87 -    vmx_init_vmcs_config();
  118.88 -
  118.89 -    if ( smp_processor_id() == 0 )
  118.90 -        setup_vmcs_dump();
  118.91 -
  118.92 -    if ( (vmcs = vmx_alloc_host_vmcs()) == NULL )
  118.93 +    if ( !vmx_cpu_up() )
  118.94      {
  118.95 -        clear_in_cr4(X86_CR4_VMXE);
  118.96 -        printk("Failed to allocate host VMCS\n");
  118.97 -        return 0;
  118.98 +        printk("VMX: failed to initialise.\n");
  118.99 +        return;
 118.100      }
 118.101  
 118.102 -    if ( __vmxon(virt_to_maddr(vmcs)) )
 118.103 -    {
 118.104 -        clear_in_cr4(X86_CR4_VMXE);
 118.105 -        printk("VMXON failed\n");
 118.106 -        vmx_free_host_vmcs(vmcs);
 118.107 -        return 0;
 118.108 -    }
 118.109 +    setup_vmcs_dump();
 118.110  
 118.111      vmx_save_host_msrs();
 118.112  
 118.113 -    if ( smp_processor_id() != 0 )
 118.114 -        return 1;
 118.115 -
 118.116      hvm_enable(&vmx_function_table);
 118.117  
 118.118      if ( cpu_has_vmx_msr_bitmap )
 118.119 @@ -1347,8 +1317,6 @@ int start_vmx(void)
 118.120          disable_intercept_for_msr(MSR_IA32_SYSENTER_ESP);
 118.121          disable_intercept_for_msr(MSR_IA32_SYSENTER_EIP);
 118.122      }
 118.123 -
 118.124 -    return 1;
 118.125  }
 118.126  
 118.127  /*
 118.128 @@ -2718,7 +2686,7 @@ static void vmx_free_vlapic_mapping(stru
 118.129  
 118.130  static void vmx_install_vlapic_mapping(struct vcpu *v)
 118.131  {
 118.132 -    paddr_t virt_page_ma, apic_page_ma;
 118.133 +    unsigned long virt_page_ma, apic_page_ma;
 118.134  
 118.135      if ( !cpu_has_vmx_virtualize_apic_accesses )
 118.136          return;
 118.137 @@ -2730,10 +2698,6 @@ static void vmx_install_vlapic_mapping(s
 118.138      vmx_vmcs_enter(v);
 118.139      __vmwrite(VIRTUAL_APIC_PAGE_ADDR, virt_page_ma);
 118.140      __vmwrite(APIC_ACCESS_ADDR, apic_page_ma);
 118.141 -#if defined (CONFIG_X86_PAE)
 118.142 -    __vmwrite(VIRTUAL_APIC_PAGE_ADDR_HIGH, virt_page_ma >> 32);
 118.143 -    __vmwrite(APIC_ACCESS_ADDR_HIGH, apic_page_ma >> 32);
 118.144 -#endif
 118.145      vmx_vmcs_exit(v);
 118.146  }
 118.147  
   119.1 --- a/xen/arch/x86/i8259.c	Mon Jul 16 14:20:16 2007 -0500
   119.2 +++ b/xen/arch/x86/i8259.c	Tue Jul 17 10:20:21 2007 +0100
   119.3 @@ -336,7 +336,7 @@ int i8259A_suspend(void)
   119.4      return 0;
   119.5  }
   119.6  
   119.7 -void __init init_8259A(int auto_eoi)
   119.8 +void __devinit init_8259A(int auto_eoi)
   119.9  {
  119.10      unsigned long flags;
  119.11  
  119.12 @@ -396,7 +396,9 @@ void __init init_IRQ(void)
  119.13          irq_desc[i].action  = NULL;
  119.14          irq_desc[i].depth   = 1;
  119.15          spin_lock_init(&irq_desc[i].lock);
  119.16 -        set_intr_gate(i, interrupt[i]);
  119.17 +        cpus_setall(irq_desc[i].affinity);
  119.18 +        if ( i >= 0x20 )
  119.19 +            set_intr_gate(i, interrupt[i]);
  119.20      }
  119.21  
  119.22      for ( i = 0; i < 16; i++ )
   120.1 --- a/xen/arch/x86/io_apic.c	Mon Jul 16 14:20:16 2007 -0500
   120.2 +++ b/xen/arch/x86/io_apic.c	Tue Jul 17 10:20:21 2007 +0100
   120.3 @@ -35,9 +35,6 @@
   120.4  #include <mach_apic.h>
   120.5  #include <io_ports.h>
   120.6  
   120.7 -#define set_irq_info(irq, mask) ((void)0)
   120.8 -#define set_native_irq_info(irq, mask) ((void)0)
   120.9 -
  120.10  /* Different to Linux: our implementation can be simpler. */
  120.11  #define make_8259A_irq(irq) (io_apic_irqs &= ~(1<<(irq)))
  120.12  
   121.1 --- a/xen/arch/x86/irq.c	Mon Jul 16 14:20:16 2007 -0500
   121.2 +++ b/xen/arch/x86/irq.c	Tue Jul 17 10:20:21 2007 +0100
   121.3 @@ -654,3 +654,36 @@ static int __init setup_dump_irqs(void)
   121.4      return 0;
   121.5  }
   121.6  __initcall(setup_dump_irqs);
   121.7 +
   121.8 +#ifdef CONFIG_HOTPLUG_CPU
   121.9 +#include <asm/mach-generic/mach_apic.h>
  121.10 +#include <xen/delay.h>
  121.11 +
  121.12 +void fixup_irqs(cpumask_t map)
  121.13 +{
  121.14 +    unsigned int irq;
  121.15 +    static int warned;
  121.16 +
  121.17 +    for ( irq = 0; irq < NR_IRQS; irq++ )
  121.18 +    {
  121.19 +        cpumask_t mask;
  121.20 +        if ( irq == 2 )
  121.21 +            continue;
  121.22 +
  121.23 +        cpus_and(mask, irq_desc[irq].affinity, map);
  121.24 +        if ( any_online_cpu(mask) == NR_CPUS )
  121.25 +        {
  121.26 +            printk("Breaking affinity for irq %i\n", irq);
  121.27 +            mask = map;
  121.28 +        }
  121.29 +        if ( irq_desc[irq].handler->set_affinity )
  121.30 +            irq_desc[irq].handler->set_affinity(irq, mask);
  121.31 +        else if ( irq_desc[irq].action && !(warned++) )
  121.32 +            printk("Cannot set affinity for irq %i\n", irq);
  121.33 +    }
  121.34 +
  121.35 +    local_irq_enable();
  121.36 +    mdelay(1);
  121.37 +    local_irq_disable();
  121.38 +}
  121.39 +#endif
   122.1 --- a/xen/arch/x86/machine_kexec.c	Mon Jul 16 14:20:16 2007 -0500
   122.2 +++ b/xen/arch/x86/machine_kexec.c	Tue Jul 17 10:20:21 2007 +0100
   122.3 @@ -82,10 +82,8 @@ static void __machine_reboot_kexec(void 
   122.4  
   122.5      smp_send_stop();
   122.6  
   122.7 -#ifdef CONFIG_X86_IO_APIC
   122.8      disable_IO_APIC();
   122.9 -#endif
  122.10 -    hvm_disable();
  122.11 +    hvm_cpu_down();
  122.12  
  122.13      machine_kexec(image);
  122.14  }
   123.1 --- a/xen/arch/x86/mm.c	Mon Jul 16 14:20:16 2007 -0500
   123.2 +++ b/xen/arch/x86/mm.c	Tue Jul 17 10:20:21 2007 +0100
   123.3 @@ -2701,15 +2701,15 @@ int replace_grant_host_mapping(
   123.4      
   123.5      if ( flags & GNTMAP_contains_pte )
   123.6      {
   123.7 -	if (!new_addr)
   123.8 -	    return destroy_grant_pte_mapping(addr, frame, current->domain);
   123.9 -
  123.10 -	MEM_LOG("Unsupported grant table operation");
  123.11 -	return GNTST_general_error;
  123.12 +        if ( !new_addr )
  123.13 +            return destroy_grant_pte_mapping(addr, frame, current->domain);
  123.14 +        
  123.15 +        MEM_LOG("Unsupported grant table operation");
  123.16 +        return GNTST_general_error;
  123.17      }
  123.18  
  123.19 -    if (!new_addr)
  123.20 -	return destroy_grant_va_mapping(addr, frame, current);
  123.21 +    if ( !new_addr )
  123.22 +        return destroy_grant_va_mapping(addr, frame, current);
  123.23  
  123.24      pl1e = guest_map_l1e(current, new_addr, &gl1mfn);
  123.25      if ( !pl1e )
  123.26 @@ -2720,7 +2720,8 @@ int replace_grant_host_mapping(
  123.27      }
  123.28      ol1e = *pl1e;
  123.29  
  123.30 -    if ( unlikely(!UPDATE_ENTRY(l1, pl1e, ol1e, l1e_empty(), gl1mfn, current)) )
  123.31 +    if ( unlikely(!UPDATE_ENTRY(l1, pl1e, ol1e, l1e_empty(),
  123.32 +                                gl1mfn, current)) )
  123.33      {
  123.34          MEM_LOG("Cannot delete PTE entry at %p", (unsigned long *)pl1e);
  123.35          guest_unmap_l1e(current, pl1e);
  123.36 @@ -3642,8 +3643,6 @@ static void __memguard_change_range(void
  123.37      unsigned long flags = __PAGE_HYPERVISOR | MAP_SMALL_PAGES;
  123.38  
  123.39      /* Ensure we are dealing with a page-aligned whole number of pages. */
  123.40 -    ASSERT((_p&PAGE_MASK) != 0);
  123.41 -    ASSERT((_l&PAGE_MASK) != 0);
  123.42      ASSERT((_p&~PAGE_MASK) == 0);
  123.43      ASSERT((_l&~PAGE_MASK) == 0);
  123.44  
   124.1 --- a/xen/arch/x86/mm/hap/hap.c	Mon Jul 16 14:20:16 2007 -0500
   124.2 +++ b/xen/arch/x86/mm/hap/hap.c	Tue Jul 17 10:20:21 2007 +0100
   124.3 @@ -133,21 +133,21 @@ struct page_info * hap_alloc_p2m_page(st
   124.4      */
   124.5      if ( d->arch.paging.hap.p2m_pages == 0 ) 
   124.6      {
   124.7 -	pg = alloc_domheap_pages(NULL, 0, MEMF_bits(32));
   124.8 -	d->arch.paging.hap.p2m_pages += 1;
   124.9 +        pg = alloc_domheap_pages(NULL, 0, MEMF_bits(32));
  124.10 +        d->arch.paging.hap.p2m_pages += 1;
  124.11      }
  124.12      else
  124.13  #endif
  124.14      {
  124.15 -	pg = mfn_to_page(hap_alloc(d));
  124.16 -	
  124.17 -	d->arch.paging.hap.p2m_pages += 1;
  124.18 -	d->arch.paging.hap.total_pages -= 1;
  124.19 -    }	
  124.20 +        pg = mfn_to_page(hap_alloc(d));
  124.21 +        d->arch.paging.hap.p2m_pages += 1;
  124.22 +        d->arch.paging.hap.total_pages -= 1;
  124.23 +    }
  124.24  
  124.25 -    if ( pg == NULL ) {
  124.26 -	hap_unlock(d);
  124.27 -	return NULL;
  124.28 +    if ( pg == NULL )
  124.29 +    {
  124.30 +        hap_unlock(d);
  124.31 +        return NULL;
  124.32      }   
  124.33  
  124.34      hap_unlock(d);
  124.35 @@ -166,17 +166,16 @@ void hap_free_p2m_page(struct domain *d,
  124.36  {
  124.37      ASSERT(page_get_owner(pg) == d);
  124.38      /* Should have just the one ref we gave it in alloc_p2m_page() */
  124.39 -    if ( (pg->count_info & PGC_count_mask) != 1 ) {
  124.40 +    if ( (pg->count_info & PGC_count_mask) != 1 )
  124.41          HAP_ERROR("Odd p2m page count c=%#x t=%"PRtype_info"\n",
  124.42                    pg->count_info, pg->u.inuse.type_info);
  124.43 -    }
  124.44      pg->count_info = 0;
  124.45      /* Free should not decrement domain's total allocation, since 
  124.46       * these pages were allocated without an owner. */
  124.47      page_set_owner(pg, NULL); 
  124.48      free_domheap_pages(pg, 0);
  124.49      d->arch.paging.hap.p2m_pages--;
  124.50 -    ASSERT( d->arch.paging.hap.p2m_pages >= 0 );
  124.51 +    ASSERT(d->arch.paging.hap.p2m_pages >= 0);
  124.52  }
  124.53  
  124.54  /* Return the size of the pool, rounded up to the nearest MB */
  124.55 @@ -185,7 +184,6 @@ hap_get_allocation(struct domain *d)
  124.56  {
  124.57      unsigned int pg = d->arch.paging.hap.total_pages;
  124.58  
  124.59 -    HERE_I_AM;
  124.60      return ((pg >> (20 - PAGE_SHIFT))
  124.61              + ((pg & ((1 << (20 - PAGE_SHIFT)) - 1)) ? 1 : 0));
  124.62  }
  124.63 @@ -199,11 +197,14 @@ hap_set_allocation(struct domain *d, uns
  124.64  
  124.65      ASSERT(hap_locked_by_me(d));
  124.66  
  124.67 -    while ( d->arch.paging.hap.total_pages != pages ) {
  124.68 -        if ( d->arch.paging.hap.total_pages < pages ) {
  124.69 +    while ( d->arch.paging.hap.total_pages != pages )
  124.70 +    {
  124.71 +        if ( d->arch.paging.hap.total_pages < pages )
  124.72 +        {
  124.73              /* Need to allocate more memory from domheap */
  124.74              sp = alloc_domheap_pages(NULL, 0, 0);
  124.75 -            if ( sp == NULL ) {
  124.76 +            if ( sp == NULL )
  124.77 +            {
  124.78                  HAP_PRINTK("failed to allocate hap pages.\n");
  124.79                  return -ENOMEM;
  124.80              }
  124.81 @@ -211,7 +212,8 @@ hap_set_allocation(struct domain *d, uns
  124.82              d->arch.paging.hap.total_pages += 1;
  124.83              list_add_tail(&sp->list, &d->arch.paging.hap.freelists);
  124.84          }
  124.85 -        else if ( d->arch.paging.hap.total_pages > pages ) {
  124.86 +        else if ( d->arch.paging.hap.total_pages > pages )
  124.87 +        {
  124.88              /* Need to return memory to domheap */
  124.89              ASSERT(!list_empty(&d->arch.paging.hap.freelists));
  124.90              sp = list_entry(d->arch.paging.hap.freelists.next,
  124.91 @@ -224,7 +226,8 @@ hap_set_allocation(struct domain *d, uns
  124.92          }
  124.93          
  124.94          /* Check to see if we need to yield and try again */
  124.95 -        if ( preempted && hypercall_preempt_check() ) {
  124.96 +        if ( preempted && hypercall_preempt_check() )
  124.97 +        {
  124.98              *preempted = 1;
  124.99              return 0;
 124.100          }
 124.101 @@ -285,8 +288,8 @@ void hap_install_xen_entries_in_l2h(stru
 124.102      for ( i = 0; i < PDPT_L2_ENTRIES; i++ )
 124.103          sl2e[l2_table_offset(PERDOMAIN_VIRT_START) + i] =
 124.104              l2e_from_pfn(
 124.105 -                         mfn_x(page_to_mfn(virt_to_page(d->arch.mm_perdomain_pt) + i)),
 124.106 -                         __PAGE_HYPERVISOR);
 124.107 +                mfn_x(page_to_mfn(virt_to_page(d->arch.mm_perdomain_pt) + i)),
 124.108 +                __PAGE_HYPERVISOR);
 124.109      
 124.110      for ( i = 0; i < HAP_L3_PAGETABLE_ENTRIES; i++ )
 124.111          sl2e[l2_table_offset(LINEAR_PT_VIRT_START) + i] =
 124.112 @@ -434,22 +437,23 @@ int hap_enable(struct domain *d, u32 mod
 124.113      unsigned int old_pages;
 124.114      int rv = 0;
 124.115  
 124.116 -    HERE_I_AM;
 124.117 -
 124.118      domain_pause(d);
 124.119      /* error check */
 124.120 -    if ( (d == current->domain) ) {
 124.121 +    if ( (d == current->domain) )
 124.122 +    {
 124.123          rv = -EINVAL;
 124.124          goto out;
 124.125      }
 124.126  
 124.127      old_pages = d->arch.paging.hap.total_pages;
 124.128 -    if ( old_pages == 0 ) {
 124.129 +    if ( old_pages == 0 )
 124.130 +    {
 124.131          unsigned int r;
 124.132          hap_lock(d);
 124.133          r = hap_set_allocation(d, 256, NULL);
 124.134          hap_unlock(d);
 124.135 -        if ( r != 0 ) {
 124.136 +        if ( r != 0 )
 124.137 +        {
 124.138              hap_set_allocation(d, 0, NULL);
 124.139              rv = -ENOMEM;
 124.140              goto out;
 124.141 @@ -457,7 +461,8 @@ int hap_enable(struct domain *d, u32 mod
 124.142      }
 124.143  
 124.144      /* allocate P2m table */
 124.145 -    if ( mode & PG_translate ) {
 124.146 +    if ( mode & PG_translate )
 124.147 +    {
 124.148          rv = p2m_alloc_table(d, hap_alloc_p2m_page, hap_free_p2m_page);
 124.149          if ( rv != 0 )
 124.150              goto out;
 124.151 @@ -472,20 +477,17 @@ int hap_enable(struct domain *d, u32 mod
 124.152  
 124.153  void hap_final_teardown(struct domain *d)
 124.154  {
 124.155 -    HERE_I_AM;
 124.156 -
 124.157      if ( d->arch.paging.hap.total_pages != 0 )
 124.158          hap_teardown(d);
 124.159  
 124.160      p2m_teardown(d);
 124.161 -    ASSERT( d->arch.paging.hap.p2m_pages == 0 );
 124.162 +    ASSERT(d->arch.paging.hap.p2m_pages == 0);
 124.163  }
 124.164  
 124.165  void hap_teardown(struct domain *d)
 124.166  {
 124.167      struct vcpu *v;
 124.168      mfn_t mfn;
 124.169 -    HERE_I_AM;
 124.170  
 124.171      ASSERT(d->is_dying);
 124.172      ASSERT(d != current->domain);
 124.173 @@ -493,10 +495,13 @@ void hap_teardown(struct domain *d)
 124.174      if ( !hap_locked_by_me(d) )
 124.175          hap_lock(d); /* Keep various asserts happy */
 124.176  
 124.177 -    if ( paging_mode_enabled(d) ) {
 124.178 +    if ( paging_mode_enabled(d) )
 124.179 +    {
 124.180          /* release the monitor table held by each vcpu */
 124.181 -        for_each_vcpu(d, v) {
 124.182 -            if ( v->arch.paging.mode && paging_mode_external(d) ) {
 124.183 +        for_each_vcpu ( d, v )
 124.184 +        {
 124.185 +            if ( v->arch.paging.mode && paging_mode_external(d) )
 124.186 +            {
 124.187                  mfn = pagetable_get_mfn(v->arch.monitor_table);
 124.188                  if ( mfn_valid(mfn) && (mfn_x(mfn) != 0) )
 124.189                      hap_destroy_monitor_table(v, mfn);
 124.190 @@ -505,7 +510,8 @@ void hap_teardown(struct domain *d)
 124.191          }
 124.192      }
 124.193  
 124.194 -    if ( d->arch.paging.hap.total_pages != 0 ) {
 124.195 +    if ( d->arch.paging.hap.total_pages != 0 )
 124.196 +    {
 124.197          HAP_PRINTK("teardown of domain %u starts."
 124.198                        "  pages total = %u, free = %u, p2m=%u\n",
 124.199                        d->domain_id,
 124.200 @@ -531,9 +537,8 @@ int hap_domctl(struct domain *d, xen_dom
 124.201  {
 124.202      int rc, preempted = 0;
 124.203  
 124.204 -    HERE_I_AM;
 124.205 -
 124.206 -    switch ( sc->op ) {
 124.207 +    switch ( sc->op )
 124.208 +    {
 124.209      case XEN_DOMCTL_SHADOW_OP_SET_ALLOCATION:
 124.210          hap_lock(d);
 124.211          rc = hap_set_allocation(d, sc->mb << (20 - PAGE_SHIFT), &preempted);
 124.212 @@ -599,8 +604,6 @@ void hap_update_paging_modes(struct vcpu
 124.213  {
 124.214      struct domain *d;
 124.215  
 124.216 -    HERE_I_AM;
 124.217 -
 124.218      d = v->domain;
 124.219      hap_lock(d);
 124.220  
 124.221 @@ -608,7 +611,8 @@ void hap_update_paging_modes(struct vcpu
 124.222       * guest's paging mode. So, make sure the shadow registers (CR0, CR4, EFER)
 124.223       * reflect guest's status correctly.
 124.224       */
 124.225 -    if ( hvm_paging_enabled(v) ) {
 124.226 +    if ( hvm_paging_enabled(v) )
 124.227 +    {
 124.228          if ( hvm_long_mode_enabled(v) )
 124.229              v->arch.paging.mode = &hap_paging_long_mode;
 124.230          else if ( hvm_pae_enabled(v) )
 124.231 @@ -616,13 +620,15 @@ void hap_update_paging_modes(struct vcpu
 124.232          else
 124.233              v->arch.paging.mode = &hap_paging_protected_mode;
 124.234      }
 124.235 -    else {
 124.236 +    else
 124.237 +    {
 124.238          v->arch.paging.mode = &hap_paging_real_mode;
 124.239      }
 124.240  
 124.241      v->arch.paging.translate_enabled = !!hvm_paging_enabled(v);
 124.242  
 124.243 -    if ( pagetable_is_null(v->arch.monitor_table) ) {
 124.244 +    if ( pagetable_is_null(v->arch.monitor_table) )
 124.245 +    {
 124.246          mfn_t mmfn = hap_make_monitor_table(v);
 124.247          v->arch.monitor_table = pagetable_from_mfn(mmfn);
 124.248          make_cr3(v, mfn_x(mmfn));
 124.249 @@ -647,23 +653,25 @@ static void p2m_install_entry_in_monitor
 124.250      index = ((unsigned long)l3e & ~PAGE_MASK) / sizeof(l3_pgentry_t);
 124.251      ASSERT(index < MACHPHYS_MBYTES>>1);
 124.252      
 124.253 -    for_each_vcpu(d, v) {
 124.254 -	if ( pagetable_get_pfn(v->arch.monitor_table) == 0 ) 
 124.255 -	    continue;
 124.256 +    for_each_vcpu ( d, v )
 124.257 +    {
 124.258 +        if ( pagetable_get_pfn(v->arch.monitor_table) == 0 ) 
 124.259 +            continue;
 124.260  
 124.261 -	ASSERT(paging_mode_external(v->domain));
 124.262 +        ASSERT(paging_mode_external(v->domain));
 124.263  
 124.264          if ( v == current ) /* OK to use linear map of monitor_table */
 124.265 -	    ml2e = __linear_l2_table + l2_linear_offset(RO_MPT_VIRT_START);
 124.266 +            ml2e = __linear_l2_table + l2_linear_offset(RO_MPT_VIRT_START);
 124.267          else {
 124.268 -	    l3_pgentry_t *ml3e;
 124.269 -            ml3e = hap_map_domain_page(pagetable_get_mfn(v->arch.monitor_table));
 124.270 -	    ASSERT(l3e_get_flags(ml3e[3]) & _PAGE_PRESENT);
 124.271 +            l3_pgentry_t *ml3e;
 124.272 +            ml3e = hap_map_domain_page(
 124.273 +                pagetable_get_mfn(v->arch.monitor_table));
 124.274 +            ASSERT(l3e_get_flags(ml3e[3]) & _PAGE_PRESENT);
 124.275              ml2e = hap_map_domain_page(_mfn(l3e_get_pfn(ml3e[3])));
 124.276              ml2e += l2_table_offset(RO_MPT_VIRT_START);
 124.277 -	    hap_unmap_domain_page(ml3e);
 124.278 +            hap_unmap_domain_page(ml3e);
 124.279          }
 124.280 -	ml2e[index] = l2e_from_pfn(l3e_get_pfn(*l3e), __PAGE_HYPERVISOR);
 124.281 +        ml2e[index] = l2e_from_pfn(l3e_get_pfn(*l3e), __PAGE_HYPERVISOR);
 124.282          if ( v != current )
 124.283              hap_unmap_domain_page(ml2e);
 124.284      }
 124.285 @@ -680,9 +688,9 @@ hap_write_p2m_entry(struct vcpu *v, unsi
 124.286  #if CONFIG_PAGING_LEVELS == 3
 124.287      /* install P2M in monitor table for PAE Xen */
 124.288      if ( level == 3 ) 
 124.289 -	/* We have written to the p2m l3: need to sync the per-vcpu
 124.290 +        /* We have written to the p2m l3: need to sync the per-vcpu
 124.291           * copies of it in the monitor tables */
 124.292 -	p2m_install_entry_in_monitors(v->domain, (l3_pgentry_t *)p);
 124.293 +        p2m_install_entry_in_monitors(v->domain, (l3_pgentry_t *)p);
 124.294  #endif
 124.295      
 124.296      hap_unlock(v->domain);
   125.1 --- a/xen/arch/x86/mm/hap/support.c	Mon Jul 16 14:20:16 2007 -0500
   125.2 +++ b/xen/arch/x86/mm/hap/support.c	Tue Jul 17 10:20:21 2007 +0100
   125.3 @@ -43,7 +43,6 @@
   125.4   */
   125.5  unsigned long hap_gva_to_gfn_real_mode(struct vcpu *v, unsigned long gva)
   125.6  {
   125.7 -    HERE_I_AM;
   125.8      return ((paddr_t)gva >> PAGE_SHIFT);
   125.9  }
  125.10  
  125.11 @@ -61,12 +60,12 @@ unsigned long hap_gva_to_gfn_protected_m
  125.12      l2_pgentry_32_t *l2e; /* guest page entry size is 32-bit */
  125.13      l1_pgentry_32_t *l1e;
  125.14  
  125.15 -    HERE_I_AM;
  125.16 -
  125.17      gpfn = (gcr3 >> PAGE_SHIFT);
  125.18 -    for ( lev = mode; lev >= 1; lev-- ) {
  125.19 -        mfn = get_mfn_from_gpfn( gpfn );
  125.20 -        if ( mfn == INVALID_MFN ) {
  125.21 +    for ( lev = mode; lev >= 1; lev-- )
  125.22 +    {
  125.23 +        mfn = get_mfn_from_gpfn(gpfn);
  125.24 +        if ( mfn == INVALID_MFN )
  125.25 +        {
  125.26              HAP_PRINTK("bad pfn=0x%lx from gva=0x%lx at lev%d\n", gpfn, gva, 
  125.27                         lev);
  125.28              success = 0;
  125.29 @@ -74,18 +73,22 @@ unsigned long hap_gva_to_gfn_protected_m
  125.30          }
  125.31          index = (gva >> PT_SHIFT[mode][lev]) & (PT_ENTRIES[mode][lev]-1);
  125.32  
  125.33 -        if ( lev == 2 ) {
  125.34 -            l2e = map_domain_page( mfn );
  125.35 +        if ( lev == 2 )
  125.36 +        {
  125.37 +            l2e = map_domain_page(mfn);
  125.38              HAP_PRINTK("l2 page table entry is %ulx at index = %d\n", 
  125.39                         l2e[index].l2, index);
  125.40