xen/iommu: address violations of MISRA C:2012 Rule 8.2
Add missing parameter names to address violations of MISRA C:2012
Rule 8.2 and remove uses of u{8,16,32} in favor of C standard types.
No functional change.
Signed-off-by: Federico Serafini <federico.serafini@bugseng.com> Acked-by: Jan Beulich <jbeulich@suse.com>
Simone Ballarin [Thu, 30 Nov 2023 17:04:53 +0000 (18:04 +0100)]
automation/eclair: improve scheduled analyses
The scheduled analyses are intended to maintain an overall vision
of the MISRA complaince of the entire project. For this reason,
the file exclusions in "out_of_scope.ecl" should not be applied.
This patch amends ECLAIR settings to prevent exempting files for
scheduled analyses.
Michal Orzel [Fri, 24 Nov 2023 12:09:07 +0000 (13:09 +0100)]
automation: Switch u-boot boot command to bootz for arm32 tests
Thanks to recent changes added to ImageBuilder to support the bootz
command, which allows obtaining the effective image size (including NOLOAD
sections) from the zImage header, switch the BOOT_CMD for arm32 tests to
bootz. Among other scenarios, this change will enable us, in the future,
to add tests with UBSAN enabled Xen, which would otherwise fail due to
incorrect image placement resulting in overlapping.
Signed-off-by: Michal Orzel <michal.orzel@amd.com> Acked-by: Stefano Stabellini <sstabellini@kernel.org>
Nicola Vetrini [Fri, 17 Nov 2023 08:53:25 +0000 (09:53 +0100)]
automation/eclair: make the docs for MISRA C:2012 Dir 4.1 visible to ECLAIR
To be able to check for the existence of the necessary subsections in
the documentation for MISRA C:2012 Dir 4.1, ECLAIR needs to have a source
file that is built.
This file is generated from 'C-runtime-failures.rst' in docs/misra
and the configuration is updated accordingly.
Roger Pau Monne [Tue, 28 Nov 2023 17:41:31 +0000 (18:41 +0100)]
xen/livepatch: fix livepatch tests
The current set of in-tree livepatch tests in xen/test/livepatch started
failing after the constify of the payload funcs array, and the movement of the
status data into a separate array.
Fix the tests so they respect the constness of the funcs array and also make
use of the new location of the per-func state data.
Fixes: 82182ad7b46e ('livepatch: do not use .livepatch.funcs section to store internal state') Signed-off-by: Roger Pau Monné <roger.pau@citrix.com> Acked-by: Andrew Cooper <andrew.cooper3@citrix.com> Reviewed-by: Ross Lagerwall <ross.lagerwall@citrix.com>
Roger Pau Monne [Tue, 28 Nov 2023 17:11:50 +0000 (18:11 +0100)]
cirrus-ci: update FreeBSD versions
FreeBSD 14.0 has already been released, so switch to the release version image,
and introduce a FreeBSD 15.0 version to track current FreeBSD unstable
(development) branch.
Signed-off-by: Roger Pau Monné <roger.pau@citrix.com> Acked-by: Andrew Cooper <andrew.cooper3@citrix.com> Acked-by: Stefano Stabellini <sstabellini@kernel.org>
Michal Orzel [Wed, 29 Nov 2023 09:06:45 +0000 (10:06 +0100)]
xen/arm64: Move print_reg macro to asm/arm64/macros.h
Macro print_reg is used to print a value of a register passed as an
argument. While today it is only used from within the common head.S,
in the future we might want to make use of it from other files, just
like PRINT(). It also serves as a great aid when debugging.
Expose print_reg macro by moving it to asm/arm64/macros.h and:
- rename putn to asm_putn to denote the usage from assembly only,
- use ENTRY() for asm_putn to make it globally visible.
This way the behavior will be consistent with what we already do on arm32.
Take the opportunity to get rid of unneeded stubs for early_puts,
init_uart and putn since the calls to them are already protected by
respective #ifdef CONFIG_EARLY_PRINTK.
The patch introduces generic percpu.h which was based on Arm's version
with the following changes:
* makes __per_cpu_data_end[] constant
* introduce get_per_cpu_offset() for macros this_cpu() and this_cpu_ptr()
* add inclustion of <asm/current.h> as get_per_cpu_offset() is located there.
Also it was changed a place where <asm/percpu.h> is included in <xen/percpu.h>
because asm-generic version of percpu.h started to include <asm/current.h> which
requires definition of DECLARE_PER_CPU.
As well the patch switches Arm, PPC and x86 architectures to use asm-generic
version of percpu.h.
Oleksii Kurochko [Wed, 29 Nov 2023 09:07:02 +0000 (10:07 +0100)]
xen/asm-generic: introduce stub header paging.h
The patch introduces generic paging.h header for Arm, PPC and
RISC-V.
All mentioned above architectures use hardware virt extensions
and hardware pagetable extensions thereby it makes sense to set
paging_mode_translate and paging_mode_external by default.
Also in this patch Arm and PPC architectures are switched to
generic paging.h header.
Both Intel and AMD manuals agree that in x2APIC mode, the APIC LDR and ID
registers are derivable from each other through a fixed formula.
Xen uses that formula, but applies it to vCPU IDs (which are sequential)
rather than x2APIC IDs (which are not, at the moment). As I understand it,
this is an attempt to tightly pack vCPUs into clusters so each cluster has
16 vCPUs rather than 8, but this is a spec violation.
This patch fixes the implementation so we follow the x2APIC spec for new
VMs, while preserving the behaviour (buggy or fixed) for migrated-in VMs.
While touching that area, remove the existing printk statement in
vlapic_load_fixup() (as the checks it performed didn't make sense in x2APIC
mode and wouldn't affect the outcome) and put another printk as an else
branch so we get warnings trying to load nonsensical LDR values we don't
know about.
Fixes: f9e0cccf7b35 ("x86/HVM: fix ID handling of x2APIC emulation") Signed-off-by: Alejandro Vallejo <alejandro.vallejo@cloud.com> Reviewed-by: Roger Pau Monné <roger.pau@citrix.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
Nicola Vetrini [Fri, 24 Nov 2023 08:11:47 +0000 (09:11 +0100)]
xen: replace some occurrences of SAF-1-safe with asmlinkage attribute
The comment-based justifications for MISRA C:2012 Rule 8.4 are replaced
by the asmlinkage pseudo-attribute, for the sake of uniformity.
asmlinkage may in the future have the effect of altering the calling
convention, therefore three special where the calling convention is
altered by another macro retain the textual deviation.
Nicola Vetrini [Fri, 17 Nov 2023 09:21:52 +0000 (10:21 +0100)]
domain: add ASSERT to help static analysis tools
Static analysis tools may detect a possible null pointer
dereference of 'config'. This ASSERT helps them in detecting
that such a condition is not possible given that only
real domains can enter this branch, which are guaranteeed to have
a non-NULL config at this point, but this information is not
inferred by the tool.
Checking that the condition given in the assertion holds via
testing is the means to protect release builds, where the assertion
expands to effectively nothing.
Luca Fancellu [Fri, 24 Nov 2023 09:48:41 +0000 (09:48 +0000)]
arm/dom0less: introduce Kconfig for dom0less feature
Introduce a Kconfig for the dom0less feature, enabled by default,
to be able to choose if the feature should be compiled or not.
Provide static inline stubs when the option is disabled for the
functions externally visible.
Use the new Kconfig to remove dom0less DT binding from the efi-boot.h
code when the Kconfig is not enabled, do the same for
allocate_bank_memory inside domain_build.c that currently is used
only by dom0less-build.c module, but it's kept there provisioning
its usage by dom0 code.
Signed-off-by: Luca Fancellu <luca.fancellu@arm.com> Reviewed-by: Michal Orzel <michal.orzel@amd.com>
Luca Fancellu [Fri, 24 Nov 2023 09:48:40 +0000 (09:48 +0000)]
xen/arm: Move static memory build code in separate modules
Move static memory and static shared memory code in separate modules
so that they are included only when the corresponding feature is
enabled, doing that we modularise the features and we remove some
ifdefs from the code to improve readability.
Move process_shm_node function from bootfdt module and make it
externally visible.
A static inline helper called process_shm_chosen is introduced, it
will call the process_shm function for the '/chosen' node, and will
be used by the function construct_dom0 instead of using directly
process_shm, allowing some #ifdef to be removed.
No functional changes are intended.
Signed-off-by: Luca Fancellu <luca.fancellu@arm.com> Reviewed-by: Michal Orzel <michal.orzel@amd.com>
Luca Fancellu [Fri, 24 Nov 2023 09:48:39 +0000 (09:48 +0000)]
arm/dom0less: put dom0less feature code in a separate module
Currently the dom0less feature code is mostly inside domain_build.c
and setup.c, it is a feature that may not be useful to everyone so
put the code in a different compilation module in order to make it
easier to disable the feature in the future.
Move gic_interrupt_t in domain_build.h to use it with the function
declaration, move its comment above the declaration.
The following functions are now visible externally from domain_build
because they are used also from the dom0less-build module:
- get_allocation_size
- set_interrupt
- domain_fdt_begin_node
- make_memory_node
- make_resv_memory_node
- make_hypervisor_node
- make_psci_node
- make_cpus_node
- make_timer_node
- handle_device_interrupts
- construct_domain
- process_shm
- allocate_bank_memory
The functions allocate_static_memory and assign_static_memory_11
are now externally visible, so put their declarations into
domain_build.h and move the #else and stub definition in the header
as well.
Move is_dom0less_mode from setup.c to dom0less-build.c and make it
externally visible.
The function allocate_bank_memory is used only by dom0less code
at the moment, but it's been decided to leave it in domain_build.c
in case that in the future the dom0 code can use it.
Where spotted, fix code style issues.
No functional change is intended.
Signed-off-by: Luca Fancellu <luca.fancellu@arm.com> Reviewed-by: Michal Orzel <michal.orzel@amd.com>
Luca Fancellu [Fri, 24 Nov 2023 09:48:38 +0000 (09:48 +0000)]
xen/arm: Add asm/domain.h include to kernel.h
The 'enum domain_type' is defined by 'asm/domain.h' which is not
included (directly or indirectly) by 'asm/kernel.h'.
This currently doesn't break the compilation because asm/domain.h will
included by the user of 'kernel.h'. But it would be better to avoid
relying on it. So add the include in 'asm/domain.h'.
Luca Fancellu [Fri, 24 Nov 2023 09:48:37 +0000 (09:48 +0000)]
arm/gicv2: make GICv2 driver and vGICv2 optional
Introduce Kconfig GICV2 to be able to compile the GICv2 driver only
when needed, the option is active by default.
Introduce Kconfig VGICV2 that compiles the Generic Interrupt
Controller v2 emulation for domains, it is required only when using
GICv2 driver, otherwise using the GICv3 driver it is optional and can
be deselected if the user doesn't want to offer the v2 emulation to
domains or maybe its GICv3 hardware can't offer the GICv2 compatible
mode.
x86/atomic: address violations of MISRA C:2012 Rule 11.8
Edit casts that unnecessarily remove const qualifiers
to comply with Rule 11.8.
The type of the provided pointer may be const qualified.
No functional change.
Signed-off-by: Maria Celeste Cesario <maria.celeste.cesario@bugseng.com> Signed-off-by: Simone Ballarin <simone.ballarin@bugseng.com> Acked-by: Andrew Cooper <andrew.cooper3@citrix.com>
AMD/IOMMU: address violations of MISRA C:2012 Rule 11.8
Drop an unnecessary cast discarding a const qualifier, to comply with
Rule 11.8. The type of the formal parameter ivhd_block is const
qualified.
No functional change.
Signed-off-by: Maria Celeste Cesario <maria.celeste.cesario@bugseng.com> Signed-off-by: Simone Ballarin <simone.ballarin@bugseng.com> Acked-by: Andrew Cooper <andrew.cooper3@citrix.com>
x86/boot/reloc: address violations of MISRA C:2012 Rule 11.8
Add missing const qualifier in casting to comply with Rule 11.8.
Argument tag is typically const qualified.
No functional change.
Signed-off-by: Maria Celeste Cesario <maria.celeste.cesario@bugseng.com> Signed-off-by: Simone Ballarin <simone.ballarin@bugseng.com> Acked-by: Andrew Cooper <andrew.cooper3@citrix.com>
x86/platform_hypercall: address violations of MISRA C:2012 Rule 11.8
Add const qualifier in cast that unnecessarily removes it
to comply with Rule 11.8.
The variable info is declared with a const qualified type.
No functional change.
Signed-off-by: Maria Celeste Cesario <maria.celeste.cesario@bugseng.com> Signed-off-by: Simone Ballarin <simone.ballarin@bugseng.com> Acked-by: Andrew Cooper <andrew.cooper3@citrix.com>
Roger Pau Monné [Mon, 27 Nov 2023 14:16:01 +0000 (15:16 +0100)]
livepatch: do not use .livepatch.funcs section to store internal state
Currently the livepatch logic inside of Xen will use fields of struct
livepatch_func in order to cache internal state of patched functions. Note
this is a field that is part of the payload, and is loaded as an ELF section
(.livepatch.funcs), taking into account the SHF_* flags in the section
header.
The flags for the .livepatch.funcs section, as set by livepatch-build-tools,
are SHF_ALLOC, which leads to its contents (the array of livepatch_func
structures) being placed in read-only memory:
This previously went unnoticed, as all writes to the fields of livepatch_func
happen in the critical region that had WP disabled in CR0. After 8676092a0f16
however WP is no longer toggled in CR0 for patch application, and only the
hypervisor .text mappings are made write-accessible. That leads to the
following page fault when attempting to apply a livepatch:
----[ Xen-4.19-unstable x86_64 debug=y Tainted: C ]----
CPU: 4
RIP: e008:[<ffff82d040221e81>] common/livepatch.c#apply_payload+0x45/0x1e1
[...]
Xen call trace:
[<ffff82d040221e81>] R common/livepatch.c#apply_payload+0x45/0x1e1
[<ffff82d0402235b2>] F check_for_livepatch_work+0x385/0xaa5
[<ffff82d04032508f>] F arch/x86/domain.c#idle_loop+0x92/0xee
****************************************
Panic on CPU 4:
FATAL PAGE FAULT
[error_code=0003]
Faulting linear address: ffff82d040625079
****************************************
Fix this by moving the internal Xen function patching state out of
livepatch_func into an area not allocated as part of the ELF payload. While
there also constify the array of livepatch_func structures in order to prevent
further surprises.
Note there's still one field (old_addr) that gets set during livepatch load. I
consider this fine since the field is read-only after load, and at the point
the field gets set the underlying mapping hasn't been made read-only yet.
Fixes: 8676092a0f16 ('x86/livepatch: Fix livepatch application when CET is active') Signed-off-by: Roger Pau Monné <roger.pau@citrix.com> Reviewed-by: Ross Lagerwall <ross.lagerwall@citrix.com>
x86/mm: preparation work to uniform modify_xen_mappings* interfaces
The objective is to use parameter name "nf" to denote "new flags"
in all the modify_xen_mappings* functions.
Since modify_xen_mappings_lite() is currently using "nf" as identifier
for a local variable, bad things could happen if new uses of such
variable are committed while a renaming patch is waiting for the
approval.
To avoid such danger, as first thing rename the local variable from
"nf" to "flags".
No functional change.
Suggested-by: Jan Beulich <jbeulich@suse.com> Signed-off-by: Federico Serafini <federico.serafini@bugseng.com> Reviewed-by: Stefano Stabellini <sstabellini@kernel.org> Acked-by: Jan Beulich <jbeulich@suse.com>
Frediano Ziglio [Wed, 22 Nov 2023 16:39:55 +0000 (16:39 +0000)]
x86/mem_sharing: Release domain if we are not able to enable memory sharing
In case it's not possible to enable memory sharing (mem_sharing_control
fails) we just return the error code without releasing the domain
acquired some lines above by rcu_lock_live_remote_domain_by_id().
Fixes: 72f8d45d69b8 ("x86/mem_sharing: enable mem_sharing on first memop") Signed-off-by: Frediano Ziglio <frediano.ziglio@cloud.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com> Acked-by: Tamas K Lengyel <tamas@tklengyel.com>
Frediano Ziglio [Wed, 22 Nov 2023 16:26:20 +0000 (16:26 +0000)]
x86/mem_sharing: Fix typo in comment
ambigious -> ambiguous
Signed-off-by: Frediano Ziglio <frediano.ziglio@cloud.com> Acked-by: Andrew Cooper <andrew.cooper3@citrix.com> Acked-by: Tamas K Lengyel <tamas@tklengyel.com>
Jan Beulich [Fri, 24 Nov 2023 08:04:09 +0000 (09:04 +0100)]
x86/vPIC: correct vpic_domain()
Make it use its parameter in both places.
Fixes: 00a70f44a68c ("[HVM] Update VPIC device model for new interrupt delivery code") Signed-off-by: Jan Beulich <jbeulich@suse.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com> Acked-by: Roger Pau Monné <roger.pau@citrix.com>
Nicola Vetrini [Fri, 24 Nov 2023 08:02:09 +0000 (09:02 +0100)]
x86_64/mm: express macro CNT using ISOLATE_LSB
The various definitions of macro CNT (and the related BUILD_BUG_ON)
can be rewritten using ISOLATE_LSB, encapsulating a violation of
MISRA C:2012 Rule 10.1.
Nicola Vetrini [Fri, 24 Nov 2023 08:00:54 +0000 (09:00 +0100)]
xen/pdx: amend definition of PDX_GROUP_COUNT
The definition of PDX_GROUP_COUNT causes violations of
MISRA C:2012 Rule 10.1, therefore the problematic part now uses
the ISOLATE_LSB macro, which encapsulates the pattern.
tools/pygrub: Set mount propagation to private recursively
This is important in order for every mount done inside a mount namespace to
go away after the namespace itself goes away. The comment referring to
unreliability in Linux 4.19 was just wrong.
This patch sets the story straight and makes the depriv pygrub a bit more
confined should a layer of the onion be vulnerable.
Fixes: e0342ae5556f ("tools/pygrub: Deprivilege pygrub") Signed-off-by: Alejandro Vallejo <alejandro.vallejo@cloud.com> Acked-by: Andrew Cooper <andrew.cooper3@citrix.com>
Juergen Gross [Wed, 22 Nov 2023 13:02:20 +0000 (14:02 +0100)]
tools/python: add .gitignore file
Add a local .gitignore file for tools/python.
As at least on some systems (e.g. OpenSUSE Leap 15.5) the build will
produce a tools/python/xen.egg-info directory, add it to the new
.gitignore file, too.
Use "/dir/" as pattern for ignoring a directory and its contents, as
the "/dir/*" pattern won't ignore the directory itself (git just
doesn't complain when seeing a directory without any not ignored file
in it).
Signed-off-by: Juergen Gross <jgross@suse.com> Reviewed-by: Jan Beulich <jbeulich@suse.com>
Juergen Gross [Wed, 22 Nov 2023 13:02:19 +0000 (14:02 +0100)]
tools/pygrub: add .gitignore file
Add a local .gitignore file for tools/pygrub.
As at least on some systems (e.g. OpenSUSE Leap 15.5) the build will
produce a tools/pygrub/pygrub.egg-info directory, add it to the new
.gitignore file, too.
Use "/dir/" as pattern for ignoring a directory and its contents, as
the "/dir/*" pattern won't ignore the directory itself (git just
doesn't complain when seeing a directory without any not ignored file
in it).
Signed-off-by: Juergen Gross <jgross@suse.com> Reviewed-by: Jan Beulich <jbeulich@suse.com>
Andrew Cooper [Wed, 22 Nov 2023 13:39:54 +0000 (13:39 +0000)]
xen/MISRA: Remove nonstandard inline keywords
The differences between inline, __inline and __inline__ keywords (as far as
GCC is concenred at least) are a vestigial remnant of older C standards, and
in Xen we use inline almost exclusively.
Replace __inline and __inline__ with regular inline, and remove their
exceptions from the MISRA configuration.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> Reviewed-by: Simone Ballarin <simone.ballarin@bugseng.com> Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
Andrew Cooper [Tue, 16 May 2023 19:55:57 +0000 (20:55 +0100)]
xen: Enable -Wwrite-strings
The codebase is now -Wwrite-strings clean. Activate the option to cause
string literals to have a const type, and prevent any violations of MISRA Rule
7.4 being reintroduced.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> Acked-by: Stefano Stabellini <sstabellini@kernel.org>
Andrew Cooper [Tue, 21 Nov 2023 20:02:16 +0000 (20:02 +0000)]
arm/efi: Simplify efi_arch_handle_cmdline()
-Wwrite-strings is unhappy with assigning "xen" to a mutable pointer, but this
logic looks incorrect. It was inherited from the x86 side, where the logic
was redundant and has now been removed.
In the ARM case it inserts the image name into "xen,xen-bootargs" and there is
no logic at all to strip this before parsing it as the command line.
The absence of any logic to strip an image name suggests that it shouldn't
exist there, or having a Xen image named e.g. "hmp-unsafe" in the filesystem
is going to lead to some unexpected behaviour on boot.
No functional change.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> Reviewed-by: Luca Fancellu <luca.fancellu@arm.com> Tested-by: Luca Fancellu <luca.fancellu@arm.com> Tested-by: Henry Wang <Henry.Wang@arm.com> Reviewed-by: Stefano Stabellini <sstabellini@kernel.org> Reviewed-by: Julien Grall <jgrall@amazon.com>
Andrew Cooper [Tue, 21 Nov 2023 19:47:23 +0000 (19:47 +0000)]
x86/efi: Simplify efi_arch_handle_cmdline()
-Wwrite-strings is unhappy with assigning "xen" to a mutable pointer, but all
this work is useless; it's just prepending the image name which cmdline_cook()
intentionally strips back out (and allocating memory to do so).
Simply forgo the work and identify EFI_LOADER as one of the loaders which
doesn't prepend the image name.
No functional change.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> Reviewed-by: Jan Beulich <jbeulich@suse.com>
Andrew Cooper [Mon, 20 Nov 2023 22:10:59 +0000 (22:10 +0000)]
x86/setup: Rework cmdline_cook() to be compatible with -Wwrite-strings
Rework the logic in __start_xen() to not potentially pass NULL into
cmdline_cook(). This makes the logic easier to follow too, and the rest of
__start_xen() is safe when initialising cmdline to the empty string.
Update cmdline_cook() to take and return const pointers, and write a
description of what it does. It now requires a non-NULL input and guarentees
to return a pointer somewhere in the 'p' string.
Note this only compiles because strstr() launders the const off the pointer
when assigning to the mutable kextra, but that logic only mutates the
mbi->cmdline buffer.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> Reviewed-by: Jan Beulich <jbeulich@suse.com>
Andrew Cooper [Tue, 21 Nov 2023 18:26:31 +0000 (18:26 +0000)]
x86/setup: Clean up cmdline handling in create_dom0()
There's a confusing mix of variables; a static dom0_cmdline[], and a cmdline
pointer which points to image->string before being pointed at the static
buffer in order to be passed into construct_dom0(). cmdline being a mutable
pointer falls over -Wwrite-strings builds.
Delete the cmdline pointer, and rename dom0_cmdline[] to cmdline extending it
to have full function scope.
No functional change.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> Reviewed-by: Jan Beulich <jbeulich@suse.com>
GICD_CTL_ENABLE is a GICv2 bit. Remove it. The definitions of
GICD_CTL_ENABLE and GICD_CTLR_ENABLE_G1 are identical, so the value
written is unchanged.
Signed-off-by: Stewart Hildebrand <stewart.hildebrand@amd.com> Reviewed-by: Julien Grall <jgrall@amazon.com>
Roger Pau Monne [Tue, 21 Nov 2023 16:03:52 +0000 (17:03 +0100)]
automation: remove CR characters from serial output
The gitlab CI webpage seems to have issues displaying the \CR\CR\LF "\r\r\n"
sequence on the web interface used as line returns by the Linux kernel serial
output. This leads to the QEMU tests output looking like:
(XEN) Guest Loglevel: Nothing (Rate-limited: Errors and warnings)
(XEN) *** Serial input to DOM0 (type 'CTRL-a' three times to switch input)
(XEN) Freed 664kB init memory
mapping kernel into physical memory
about to get started...
qemu-system-x86_64: terminating on signal 15 from pid 52 (timeout)
This not helpful, so strip the CR characters from the output that goes to
stdout, leaving the output in the serial output file untouched.
All usages of `tee` are adjusted to strip CR from the output.
Fixes: 3030a73bf849 ('automation: add a QEMU based x86_64 Dom0/DomU test') Signed-off-by: Roger Pau Monné <roger.pau@citrix.com> Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
Juergen Gross [Wed, 22 Nov 2023 07:21:10 +0000 (08:21 +0100)]
stubdom: Remove caml-stubdom
In order to build caml-stubdom, it must be explicitly enabled via
"configure --enable-caml-stubdom". The build process is failing due to
stubdom/ocaml.patch failing to apply. Since the patched file has been
modified in 2014 the last time, it seems nobody cares for caml-stubdom
since at least then.
Remove caml-stubdom from the build system.
Signed-off-by: Juergen Gross <jgross@suse.com> Acked-by: Christian Lindig <christian.lindig@cloud.com> Acked-by: Henry Wang <Henry.Wang@arm.com> Acked-by: Andrew Cooper <andrew.cooper3@citrix.com>
Andrew Cooper [Wed, 22 Nov 2023 10:26:03 +0000 (10:26 +0000)]
x86/mm: Fix up bad bool conversion in ept_set_entry()
This accidentally turned a 1 into false.
Noticed by Coverity.
Reported-by: Jan Beulich <JBeulich@suse.com> Fixes: de577618c285 ("x86/treewide: Switch bool_t to bool") Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> Reviewed-by: Jan Beulich <jbeulich@suse.com>
Nicola Vetrini [Wed, 1 Nov 2023 09:30:31 +0000 (10:30 +0100)]
x86: add deviation for asm-only functions
As stated in rules.rst, functions used only in asm modules
are allowed to have no prior declaration visible when being
defined, hence these functions are marked with an
'asmlinkage' macro, which is then deviated for MISRA C:2012
Rule 8.4.
Andrew Cooper [Wed, 5 Aug 2020 11:39:30 +0000 (12:39 +0100)]
x86/ioapic: Check 1k alignment for IO-APIC physical addresses
The MP spec requires a minimum of 1k alignment. So too does Xen's use of a
single fixmap page to map the IO-APIC.
Reject out-of-spec values so we don't end up in a position where a bad
firmware value causes Xen to use the wrong mapping.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> Reviewed-by: Jan Beulich <jbeulich@suse.com> Reviewed-by: Roger Pau Monné <roger.pau@citrix.com>
Andrew Cooper [Thu, 26 Oct 2023 17:21:35 +0000 (18:21 +0100)]
x86/traps: More use of nocall
sysenter_eflags_saved() and int80_direct_trap() are now only used by a single
translation unit. Move the declarations into the respective traps.c, renaming
int80_direct_trap() to entry_int80() to match the style elsewhere.
Annotate all 3 with nocall like all other entry paths.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> Reviewed-by: Jan Beulich <jbeulich@suse.com>
projects / people / royger / xen.git / log