Arianna Avanzini [Sat, 30 Aug 2014 16:29:40 +0000 (18:29 +0200)]
xen/common: add ARM stub for the function memory_type_changed()
MTRR-related code is not available for the ARM architecture. Given
that the memory_type_changed() function would be called also from
common code, its invocation is currently ifdef'd out to be only
compiled in on an x86 machine. This commit adds an empty stub for ARM.
Signed-off-by: Arianna Avanzini <avanzini.arianna@gmail.com> Acked-by: Ian Campbell <Ian.Campbell@eu.citrix.com> Acked-by: Julien Grall <julien.grall@citrix.com> Cc: Dario Faggioli <dario.faggioli@citrix.com> Cc: Paolo Valente <paolo.valente@unimore.it> Cc: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Cc: Jan Beulich <JBeulich@suse.com> Cc: Keir Fraser <keir@xen.org> Cc: Tim Deegan <tim@xen.org> Cc: Ian Jackson <Ian.Jackson@eu.citrix.com> Cc: Andrew Cooper <andrew.cooper3@citrix.com> Cc: Eric Trudeau <etrudeau@broadcom.com> Cc: Viktor Kleinik <viktor.kleinik@globallogic.com> Cc: Andrii Tseglytskyi <andrii.tseglytskyi@globallogic.com>
Arianna Avanzini [Sat, 30 Aug 2014 16:29:39 +0000 (18:29 +0200)]
arch/x86: cleanup memory_mapping DOMCTL
This commit lets the end mfn be computed only once while handling a
XEN_DOMCTL_memory_mapping hypercall. Also, the name of the tmp_rc
local variable is changed to rc.
Signed-off-by: Arianna Avanzini <avanzini.arianna@gmail.com> Acked-by: Jan Beulich <JBeulich@suse.com> Cc: Dario Faggioli <dario.faggioli@citrix.com> Cc: Paolo Valente <paolo.valente@unimore.it> Cc: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Cc: Julien Grall <julien.grall@citrix.com> Cc: Ian Campbell <Ian.Campbell@eu.citrix.com> Cc: Keir Fraser <keir@xen.org> Cc: Tim Deegan <tim@xen.org> Cc: Ian Jackson <Ian.Jackson@eu.citrix.com> Cc: Andrew Cooper <andrew.cooper3@citrix.com> Cc: Eric Trudeau <etrudeau@broadcom.com> Cc: Viktor Kleinik <viktor.kleinik@globallogic.com> Cc: Andrii Tseglytskyi <andrii.tseglytskyi@globallogic.com>
Arianna Avanzini [Sat, 30 Aug 2014 16:29:38 +0000 (18:29 +0200)]
arch/x86: warn if to-be-removed mapping does not exist
Currently, when a memory mapping is removed with the memory_mapping
DOMCTL, no check is performed on the existence of such a mapping.
This commit adds such a consistency check to the code performing the
unmap, emitting a warning message if the check fails.
Signed-off-by: Arianna Avanzini <avanzini.arianna@gmail.com> Reviewed-by: Jan Beulich <jbeulich@suse.com> Cc: Dario Faggioli <dario.faggioli@citrix.com> Cc: Paolo Valente <paolo.valente@unimore.it> Cc: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Cc: Julien Grall <julien.grall@citrix.com> Cc: Ian Campbell <Ian.Campbell@eu.citrix.com> Cc: Keir Fraser <keir@xen.org> Cc: Tim Deegan <tim@xen.org> Cc: Ian Jackson <Ian.Jackson@eu.citrix.com> Cc: Andrew Cooper <andrew.cooper3@citrix.com> Cc: Eric Trudeau <etrudeau@broadcom.com> Cc: Viktor Kleinik <viktor.kleinik@globallogic.com> Cc: Andrii Tseglytskyi <andrii.tseglytskyi@globallogic.com>
This commit modifies the function apply_p2m_changes() so that it
destroys changes performed while mapping a memory region, if errors are
seen during the operation. The implemented behaviour includes destroying
only mappings created during the latest invocation of apply_p2m_changes().
This is useful to avoid that memory areas remain partially accessible
to guests.
Signed-off-by: Arianna Avanzini <avanzini.arianna@gmail.com> Cc: Dario Faggioli <dario.faggioli@citrix.com> Cc: Paolo Valente <paolo.valente@unimore.it> Cc: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Cc: Julien Grall <julien.grall@citrix.com> Cc: Ian Campbell <Ian.Campbell@eu.citrix.com> Cc: Jan Beulich <jbeulich@suse.com> Cc: Keir Fraser <keir@xen.org> Cc: Tim Deegan <tim@xen.org> Cc: Ian Jackson <Ian.Jackson@eu.citrix.com> Cc: Andrew Cooper <andrew.cooper3@citrix.com> Cc: Eric Trudeau <etrudeau@broadcom.com> Cc: Viktor Kleinik <viktor.kleinik@globallogic.com> Cc: Andrii Tseglytskyi <andrii.tseglytskyi@globallogic.com> Acked-by: Ian Campbell <ian.campbell@citrix.com>
Arianna Avanzini [Sat, 30 Aug 2014 16:29:36 +0000 (18:29 +0200)]
arch/arm: add consistency check to REMOVE p2m changes
Currently, the REMOVE case of the switch in apply_p2m_changes()
does not perform any consistency check on the mapping to be removed.
More in detail, the code does not check if the guest address to be
unmapped is actually mapped to the machine address given as a
parameter.
This commit adds the above-described consistency check to the REMOVE
path of apply_p2m_changes() and lets a warning be emitted when trying
to remove a non-existent mapping. This is instrumental to one of the
following commits, which implements the possibility to trigger the
removal of p2m ranges via the memory_mapping DOMCTL for ARM.
Signed-off-by: Arianna Avanzini <avanzini.arianna@gmail.com> Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Reviewed-by: Julien Grall <julien.grall@citrix.com> Cc: Dario Faggioli <dario.faggioli@citrix.com> Cc: Paolo Valente <paolo.valente@unimore.it> Cc: Ian Campbell <Ian.Campbell@eu.citrix.com> Cc: Jan Beulich <JBeulich@suse.com> Cc: Keir Fraser <keir@xen.org> Cc: Tim Deegan <tim@xen.org> Cc: Ian Jackson <Ian.Jackson@eu.citrix.com> Cc: Andrew Cooper <andrew.cooper3@citrix.com> Cc: Eric Trudeau <etrudeau@broadcom.com> Cc: Viktor Kleinik <viktor.kleinik@globallogic.com> Cc: Andrii Tseglytskyi <andrii.tseglytskyi@globallogic.com> Acked-by: Ian Campbell <ian.campbell@citrix.com>
xen/arm: Stringify the register name in sysreg read write macros
The register name parameter in {READ,WRITE}_SYSREG{32,64}
macros is replaced as register name in mrs and msr assembly
instruction.
If this register name is macro indirection, the register
name is not replaced with designated macro. So replace the register
name with __stringify macro, which replaces register name
if it is macro
Signed-off-by: Vijaya Kumar K <Vijaya.Kumar@caviumnetworks.com> Acked-by: Ian Campbell <ian.campbell@citrix.com> Acked-by: Julien Grall <julien.grall@linaro.org>
Jan Beulich [Fri, 29 Aug 2014 10:22:42 +0000 (12:22 +0200)]
EPT: utilize GLA->GPA translation known for certain faults
Rather than doing the translation ourselves in __hvmemul_{read,write}()
leverage that we know the association for faults other than such having
occurred when translating addresses of page tables.
There is one intentional but not necessarily obvious (and possibly
subtle) adjustment to behavior: __hvmemul_read() no longer blindly
bails on instruction fetches matching the MMIO GVA (the callers of
handle_mmio_with_translation() now control the behavior via the struct
npfec they pass, and it didn't seem right to bail here rather than just
falling through to the unaccelerated path)
Signed-off-by: Jan Beulich <jbeulich@suse.com> Reviewed-by: Tim Deegan <tim@xen.org>
Ian Campbell [Thu, 28 Aug 2014 20:25:21 +0000 (21:25 +0100)]
tools: (lib)xl: remove stray uses of build_info->u.pv.{kernel, ramdisk, cmdline}
The commit 11dffa2359e8 "xen: pass kernel initrd to qemu" deprecated these in
favour of build_info->{kernel,ramdisk,cmdline} but missed a couple of uses.
The ARM case breaks guest boot by omitting the command line from the DTB while
the xl SXP one is mostly cosmetic.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com> Cc: Chunyan Liu <cyliu@suse.com> Reviewed-by: Julien Grall <julien.grall@linaro.org>
Ross Lagerwall [Thu, 28 Aug 2014 14:11:37 +0000 (16:11 +0200)]
x86/NMI: allow processing unknown NMIs when watchdog is enabled
Change NMI processing so that if watchdog=force is passed on the
command-line and the NMI is not caused by a perf counter overflow (i.e.
likely not a watchdog "tick"), the NMI is handled by the unknown NMI
handler.
This allows injection of NMIs from IPMI controllers that don't set the
IOCK/SERR bits to trigger the unknown NMI handler rather than be
ignored.
Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
Fix command line parsing (don't enable the watchdog on e.g.
"watchdog=xyz").
Juergen Gross [Thu, 28 Aug 2014 14:05:44 +0000 (16:05 +0200)]
update pvSCSI protocol description
Update the protocol description of the pvSCSI framework used to pass through
SCSI devices to a guest (pv or hvm).
The main changes are:
- added comments
- add support for larger SG-lists by putting them in an own granted page
- deprecate VSCSIIF_ACT_SCSI_SG_PRESET action with related structures
- add ref_rqid for action VSCSIIF_ACT_SCSI_ABORT to be able to specify the
request to abort
- deprecate timeout_per_command as this really should be handled by the
backend in case of default settings or by the guest domain by aborting a
long running command
This update is related to the rework of the pvSCSI backend and frontend drivers
in the Linux kernel. This interface version is included in that rework, too.
Signed-off-by: Juergen Gross <jgross@suse.com> Reviewed-by: David Vrabel <david.vrabel@citrix.com> Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Andrew Cooper [Thu, 28 Aug 2014 14:05:10 +0000 (16:05 +0200)]
x86/ats: Disable Address Translation Services by default
Xen cannot safely use any ATS functionality until it gains asynchronous queued
invalidation support, because of the current synchronous wait for completion.
Do not turn ATS on by default.
While editing the default in the command line documentation, correct the
statement regarding PCI Passthrough. ATS is purely a performance
optimisation, and is certainly not required for PCI Passthrough to function.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> Reviewed-by: Jan Beulich <jbeulich@suse.com> Acked-by: Suravee Suthikulpanit <suravee.suthikulpanit@amd.com>
Tamas K Lengyel [Thu, 28 Aug 2014 14:04:05 +0000 (16:04 +0200)]
x86/mem_event: deliver gla fault EPT violation information
On Intel EPT the exit qualification generated by a violation also
includes a bit (EPT_GLA_FAULT) which describes the following
information: Set if the access causing the EPT violation is to a
guest-physical address that is the translation of a linear address.
Clear if the access causing the EPT violation is to a paging-structure
entry as part of a page walk or the update of an accessed or dirty bit.
For more information see Table 27-7 in the Intel SDM.
This patch extends the mem_event system to deliver this extra
information, which could be useful for determining the cause of a
violation.
Signed-off-by: Tamas K Lengyel <tamas.lengyel@zentific.com> Reviewed-by: Jan Beulich <jbeulich@suse.com> Acked-by: Kevin Tian <kevin.tian@intel.com> Acked-by: Tim Deegan <tim@xen.org>
Tamas K Lengyel [Thu, 28 Aug 2014 14:03:26 +0000 (16:03 +0200)]
x86/hvm: treat non-instruction fetch nested page faults also as read violations
As pointed out by Jan Beulich in
http://lists.xen.org/archives/html/xen-devel/2014-08/msg01269.html:
"Read-modify-write instructions absolutely need to be treated as read
accesses, yet hardware doesn't guarantee to tell us so (they may
surface as just write accesses)." This patch addresses the issue in
both the VMX and the SVM side.
VMX: Treat all write data access violations also as read violations (in
addition to those that were already reported as read violations).
SVM: Refine the meaning of read data access violations to distinguish
between read/write and instruction fetch access violations.
With this patch both VMX and SVM specific nested page fault handling code reports violations the same way, thus abstracting the hardware specific behaviour from the layers above.
Suggested-by: Jan Beulich <JBeulich@suse.com> Signed-off-by: Tamas K Lengyel <tamas.lengyel@zentific.com> Reviewed-by: Boris Ostrovsky <boris.ostrovsky@oracle.com> Reviewed-by: Tim Deegan <tim@xen.org>
Tamas K Lengyel [Thu, 28 Aug 2014 14:02:01 +0000 (16:02 +0200)]
x86: consolidate boolean inputs in hvm and p2m into a shared bitmap
This patch consolidates the boolean input parameters of
hvm_hap_nested_page_fault and p2m_mem_access_check into a common bitmap
and defines the bitmap members accordingly.
Signed-off-by: Tamas K Lengyel <tamas.lengyel@zentific.com> Reviewed-by: Jan Beulich <jbeulich@suse.com> Acked-by: Kevin Tian <kevin.tian@intel.com> Reviewed-by: Tim Deegan <tim@xen.org>
Andrew Cooper [Mon, 18 Aug 2014 13:02:37 +0000 (14:02 +0100)]
tools/libxl: Initialise both parts of ctx->sigchld_selfpipe[] to -1
Otherwise, if it is not used, libxl_ctx_free() will close fd 0.
Reported-by: Alex Bligh <alex@alex.org.uk> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> CC: Ian Campbell <Ian.Campbell@citrix.com> CC: Ian Jackson <Ian.Jackson@eu.citrix.com> Acked-by: Ian Campbell <ian.campbell@citrix.com>
Boris Ostrovsky [Wed, 13 Aug 2014 16:40:38 +0000 (12:40 -0400)]
tools/libxc: Set max_elem to zero in xc_lockprof_query_number()
If max_elem is not zero then hypervisor's spinlock_profile_ucopy_elem()
will attempt to copy profile data into user's data buffer. Since this
buffer is explicitly set to (the equivalent of) NULL the copy will fail,
causing xenlockprof to fail as well.
Signed-off-by: Boris Ostrovsky <boris.ostrovsky@oracle.com> Acked-by: Ian Campbell <ian.campbell@citrix.com>
Anup Patel [Mon, 25 Aug 2014 10:18:40 +0000 (15:48 +0530)]
xen arm/arm64: minor improvement in smp_send_call_function_mask()
Currently, smp_send_call_function_mask() function implemented
by xen arm/arm64 will use IPI to call function on current CPU.
This means that current smp_send_call_function_mask() will do
the following on current CPU:
Trigger SGI for current CPU => Xen takes interrupt on current CPU
=> IPI interrupt handler will call smp_call_function_interrupt()
This patch improves the above by straight away calling
smp_call_function_interrupt() for current CPU. This is very
similar to smp_send_call_function_mask() implemented by Xen x86.
Chunyan Liu [Mon, 7 Jul 2014 06:34:34 +0000 (14:34 +0800)]
xl.cfg: add 'cmdline' in config file
Currently in xl.cfg, use 'root' and 'extra' to generate the command
line. 'cmdline' could be a more generic equivalent. So, add 'cmdline'
in xl.cfg and let it be preferred. 'root' and 'extra' still works.
But when 'cmdline' is specified, 'root' and 'extra' will be ignored.
Chunyan Liu [Mon, 7 Jul 2014 06:34:33 +0000 (14:34 +0800)]
xen: pass kernel initrd to qemu
xen side patch to support xen HVM direct kernel boot:
support 'kernel', 'ramdisk', 'cmdline' (and 'root', 'extra' as well
which would be deprecated later) in HVM config file, parse config file,
pass -kernel, -initrd, -append parameters to qemu.
It's working with qemu-xen when using the default BIOS (seabios).
White, Edmund H [Wed, 13 Aug 2014 19:08:18 +0000 (19:08 +0000)]
libxl: Allow multiple serial ports on HVM domain creation
This patch allows an HVM domain to be created with multiple serial
ports.
Since the previous interface only allowed the passing of a single
device, this requires us to add a new element to the hvm struct of
libxl_domain_build_info -- serial_list. For API compatibility, the
old element, serial, remains.
If hvm.serial_list is set, each device listed will cause an extra
"-serial [foo]" to be appended to the qemu command line.
Callers may set either hvm.serial or hvm.serial_list, but not
both; libxl will throw an error if both are set.
In order to allow users of libxl to write software compatible with
older versions of libxl, also define LIBXL_HAVE_BUILDINFO_SERIAL_LIST.
If this is defined, callers may use either hvm.serial or
hvm.serial_list; otherwise, only hvm.serial will be available.
Jan Beulich [Tue, 26 Aug 2014 15:56:52 +0000 (17:56 +0200)]
x86/IO-APIC: don't process softirqs during early boot
Commit e13b320399 ("x86/irq: process softirqs in irq keyhandlers")
made this unconditional, but the boot time use of __print_IO_APIC()
(when "apic_verbosity=debug" was given) can't tolerate that.
Reported-by: Sander Eikelenboom <linux@eikelenboom.it> Signed-off-by: Jan Beulich <jbeulich@suse.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com> Tested-by: Sander Eikelenboom <linux@eikelenboom.it>
Razvan Cojocaru [Tue, 26 Aug 2014 15:54:34 +0000 (17:54 +0200)]
VMX: use #defines instead of magic constants
Now using a combination of INTR_INFO_VECTOR_MASK,
INTR_INFO_INTR_TYPE_MASK and MASK_EXTR() to replace the old
"(ev >> 8) & 7, ev & 0xff" magic constant code in vmx.c.
Changes since V1:
- Fixed indentation.
Changes since V2:
- Fixed vmx_idtv_reinject() also.
Sugested-off-by: Jan Beulich <jbeulich@suse.com> Signed-off-by: Razvan Cojocaru <rcojocaru@bitdefender.com>
Li Liang [Fri, 22 Aug 2014 12:34:01 +0000 (14:34 +0200)]
x86/HVM: drop memory_type_changed() call from hvm_set_guest_pat()
The commit aa9114edd added the needless function call memory_type_changed,
it is unnessary because the PAT content does not influence the result of
epte_get_entry_emt(). If it is called, the cache will be flushed excessively
and make the nested guest very slowly, just like blocked.
No need to print these messages for each vCPU, even more, no need to
print them for each domain - they all depend on CPU features that are
either there or not.
Signed-off-by: Jan Beulich <jbeulich@suse.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com> Acked-by: Kevin Tian <kevin.tian@intel.com>
Jan Beulich [Fri, 22 Aug 2014 12:30:27 +0000 (14:30 +0200)]
VMX/vPMU: fix DebugCtl MSR handling
- writes with one of the vPMU-supported flags and some unsupported one
set got accepted, leading to a VM entry failure
- writes with one of the vPMU-supported flags set but the Debug Store
feature unavailable produced a #GP (other than other writes to this
MSR with unsupported bits set)
Signed-off-by: Jan Beulich <jbeulich@suse.com> Acked-by: Kevin Tian <kevin.tian@intel.com>
Jan Beulich [Fri, 22 Aug 2014 12:29:37 +0000 (14:29 +0200)]
VMX: fix DebugCtl MSR clearing
The previous shortcut was wrong, as it bypassed the necessary vmwrite:
All we really want to avoid if the guest writes zero is to add the MSR
to the host-load list.
Signed-off-by: Jan Beulich <jbeulich@suse.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com> Acked-by: Kevin Tian <kevin.tian@intel.com>
Andrew Cooper [Fri, 22 Aug 2014 12:28:12 +0000 (14:28 +0200)]
x86/intel: protect set_cpuidmask() against #GP faults
Virtual environments such as Xen HVM containers and VirtualBox do not
necessarily provide support for feature masking MSRs.
As their presence is detected by model numbers alone, and their use predicated
on command line parameters, use the safe() variants of {wr,rd}msr() to avoid
dying with an early #GP fault.
While playing in this function, make some further improvements.
* Rename the masking MSR names for consistency, and name the CPU models for
the benefit of humans reading the code.
* Correct the CPU selection as specified in the flexmigration document. All
steppings of 0x17 and 0x1a are stated to have masking MSRs.
* Provide log messages indicating the masks applied, or lack of masking
capabilities.
* In the case of faulting support being available and masking command line
options specified, provide a log message indicating the lack of masking.
Fabio Fantoni [Fri, 8 Aug 2014 10:46:35 +0000 (12:46 +0200)]
tools/hotplug/Linux/init.d: fix wrong path in xendomains init
Fixed wrong path in xendomains init that make it not working, introduced
in commit d8bad9df2544291a0fdc8e4d826b16f9f5394462 (tools/xendomains:
move to libexec and use a smaller init helper).
Signed-off-by: Fabio Fantoni <fabio.fantoni@m2r.biz> Reviewed-by: Wei Liu <wei.liu2@citrix.com> Acked-by: Ian Campbell <ian.campbell@citrix.com>
Yang Hongyang [Mon, 28 Jul 2014 04:03:27 +0000 (12:03 +0800)]
tools: libxc: fix Remus failover regression
commit: c2ba706c "tools/libxc: goto correct label on error paths" by Andrew
Cooper broke Remus in Xen 4.4 or earlier versions that has this commit
backported.
With Remus, this jump essentially discards the current incomplete checkpoint
received by the backup and restore backup from the last complete checkpoint.
This is required for Remus to work and this does not break live migration. It
has been around since Xen 4.0.
CC: Ian Jackson <ian.jackson@eu.citrix.com> CC: Ian Campbell <ian.campbell@citrix.com> CC: Andrew Cooper <andrew.cooper3@citrix.com> CC: Shriram Rajagopalan <rshriram@cs.ubc.ca> Signed-off-by: Yang Hongyang <yanghy@cn.fujitsu.com> Acked-by: Shriram Rajagopalan <rshriram@cs.ubc.ca> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com> Acked-by: Ian Campbell <ian.campbell@citrix.com>
Wei Liu [Fri, 1 Aug 2014 11:36:41 +0000 (12:36 +0100)]
libxl: don't print out function name in log twice
The LOG macro already prints out function names. No need to explictly
use "__func__" in log message.
Signed-off-by: Wei Liu <wei.liu2@citrix.com> Cc: Ian Campbell <ian.campbell@citrix.com> Cc: Ian Jackson <ian.jackson@eu.citrix.com> Reviewed-by: Dario Faggioli <dario.faggioli@citrix.com> Acked-by: Ian Campbell <ian.campbell@citrix.com>
Parth Dixit [Thu, 14 Aug 2014 07:23:00 +0000 (12:53 +0530)]
xen/arm : emulation of arm's PSCI v0.2 standard
Arm based virtual machines dom0/guest will request power related functionality
from xen through PSCI interface. This patch implements version 0.2 of
PSCI standard specified by arm for 64bit and 32 bit arm machines.
Signed-off-by: Parth Dixit <parth.dixit@linaro.org> Acked-by: Ian Campbell <ian.campbell@citrix.com>
[ ijc -- switch include n vpsci.c from asm-arm/event.h to asm/event.h ]
Ian Campbell [Tue, 12 Aug 2014 13:38:01 +0000 (15:38 +0200)]
xen: arm: Correctly handle do_sysreg exception injection from 64-bit userspace
The do_sysreg case was missing a return, so it would increment PC and
inject the trap to the second instruction of the handler.
This is CVE-2014-5148 / XSA-103.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com> Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com> Acked-by: Julien Grall <julien.grall@linaro.org>
Ian Campbell [Tue, 12 Aug 2014 13:37:25 +0000 (15:37 +0200)]
xen: arm: Handle traps from 32-bit userspace on 64-bit kernel as undef
We are not setup to handle these properly. This turns a host crash
into a trap to the guest kernel which will likely result in killing
the offending process.
This is part of CVE-2014-5147 / XSA-102.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com> Acked-by: Julien Grall <julien.grall@linaro.org>
Ian Campbell [Tue, 12 Aug 2014 13:36:15 +0000 (15:36 +0200)]
xen: arm: Correctly handle exception injection from userspace on 64-bit.
Firstly we must be prepared to propagate traps from 32-bit userspace even for
64-bit guests, so wrap the existing inject_undef??_exception into
inject_undef_exception and use that when injecting an undef exception. The
various other exception cases (aborts etc) already do this.
Secondly when injecting the trap we must pick the correct exception vector
depending on whether the source of the trap was 32-bit EL0, 64-bit EL0 or EL1.
This is part of CVE-2014-5147 / XSA-102.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com> Acked-by: Julien Grall <julien.grall@linaro.org>
Ian Campbell [Tue, 12 Aug 2014 13:32:27 +0000 (15:32 +0200)]
xen: arm: handle AArch32 userspace when dumping 64-bit guest state.
A 64-bit guest can still be in 32-bit mode when running userspace,
handle this case by dumping the correct 32-bit state.
Note that on ARM it is not possible to change mode without the help
of the next exception level, hence there is no way a 64-bit guest can
be running in 32-bit kernel modes.
This is part of CVE-2014-5147 / XSA-102.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com> Acked-by: Julien Grall <julien.grall@linaro.org>
Jan Beulich [Tue, 12 Aug 2014 13:30:11 +0000 (15:30 +0200)]
x86/paging: make log-dirty operations preemptible
Both the freeing and the inspection of the bitmap get done in (nested)
loops which - besides having a rather high iteration count in general,
albeit that would be covered by XSA-77 - have the number of non-trivial
iterations they need to perform (indirectly) controllable by both the
guest they are for and any domain controlling the guest (including the
one running qemu for it).
This is CVE-2014-5146 / XSA-97.
Signed-off-by: Jan Beulich <jbeulich@suse.com> Reviewed-by: Tim Deegan <tim@xen.org>
Jan Beulich [Mon, 11 Aug 2014 13:00:15 +0000 (15:00 +0200)]
x86/vHPET: use rwlock instead of simple one
This namely benefits guests heavily reading the main counter, but not
touching the HPET much otherwise. Note that due to the way
hpet_get_comparator() works hpet_read() has to special cases reads from
the comparator registers and use a write lock there instead of the read
one used for all other registers.
Roger Pau Monné [Mon, 11 Aug 2014 12:57:09 +0000 (14:57 +0200)]
amd-iommu: disable iommu_hap_pt_share with AMD IOMMUs
According to the comment in p2m.h, AMD IOMMUs don't work correctly
with page types different than p2m_ram_rw when the p2m is shared
between HAP and IOMMU, so disable this sharing when using AMD IOMMUs.
Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>
Acked-by Suravee Suthikulpanit <suravee.suthikulpanit@amd.com>
Jan Beulich [Fri, 8 Aug 2014 07:34:03 +0000 (09:34 +0200)]
x86_emulate: properly do IP updates and other side effects on success
The two MMX/SSE/AVX code blocks failed to update IP properly, and these
as well as get_reg_refix(), which "manually" updated IP so far, failed
to do the TF and RF processing needed at the end of successfully
emulated instructions.
Fix the test utility at once to check IP is properly getting updated,
and while at it macroize the respective code quite a bit, hopefully
making it easier to add further tests when the need arises.
Reported-by: Andrei LUTAS <vlutas@bitdefender.com> Signed-off-by: Jan Beulich <jbeulich@suse.com> Tested-by: Razvan Cojocaru <rcojocaru@bitdefender.com> Reviewed-by: Andrew Cooper <andrew.cooper@citrix.com>
Jan Beulich [Fri, 8 Aug 2014 07:32:58 +0000 (09:32 +0200)]
pass-through: fix unbinding of MSI interrupts
Commit 568da4f8 ("pt-irq fixes and improvements") went a little too far
in its cleaning up of pt_irq_destroy_bind(): While neither of the two
lists need any maintenance, the actual unbinding still needs to be
done. Fix this and at once
- move all variables applying only to the PCI/MSI-translate cases into
scopes where they can't be used in error,
- limit the final (optional) log message to the cases it actually
applies and enhance it to make clear how much cleaning up was
actually done.
Reported-by: Sander Eikelenboom <linux@eikelenboom.it> Signed-off-by: Jan Beulich <jbeulich@suse.com> Tested-by: Boris Ostrovsky <boris.ostrovsky@oracle.com> Tested-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> Tested-by: Sander Eikelenboom <linux@eikelenboom.it>
Jan Beulich [Wed, 6 Aug 2014 16:02:41 +0000 (18:02 +0200)]
x86/HVM: command line option adjustments
Adding actual descriptions for them, hiding the hvm_debug= one from
non-debug builds (the option was recognized but didn't take any effect
so far), and adjusting some debug level specifiers to their purpose.
Signed-off-by: Jan Beulich <jbeulich@suse.com> Acked-by: Kevin Tian <kevin.tian@intel.com>
Ian Campbell [Mon, 4 Aug 2014 14:27:05 +0000 (15:27 +0100)]
autoconf: exec_prefix should default to $prefix not $ac_default_prefix
Otherwise "./configure --prefix=/usr" still ends up with exec_prefix=/usr/local
and therefore LIBDIR, PRIVATE_PREFIX and PRIVATE_BINDIR still point to
/usr/local/foo.
This was broken in 54f28913a2b3 "autoconf: xen: move standard path variables to
config/Paths.mk.in" which tried to add code to expand exec_prefix earlier.
Reported-by: Julien Grall <julien.grall@linaro.org> Signed-off-by: Ian Campbell <ian.campbell@citrix.com> Cc: Luis R. Rodriguez <mcgrof@suse.com> Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
Ian Campbell [Mon, 4 Aug 2014 13:29:17 +0000 (14:29 +0100)]
Makefile inclusion of Paths.mk should be conditional
Since it may not exist when doing e.g. "make clean". There is
existing logic in the makefiles which will raise an error if an
actual build target is invoked without having run configure.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com> Cc: Luis R. Rodriguez <mcgrof@do-not-panic.com> Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
Ian Campbell [Fri, 25 Jul 2014 15:22:52 +0000 (16:22 +0100)]
xen: arm: update arm32 assembly primitives to Linux v3.16-rc6
bitops, cmpxchg, atomics: Import: c32ffce ARM: 7984/1: prefetch: add prefetchw invocations for barriered atomics
Author: Will Deacon <will.deacon@arm.com> Signed-off-by: Will Deacon <will.deacon@arm.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
atomics: In addition to the above import: db38ee8 ARM: 7983/1: atomics: implement a better __atomic_add_unless for v6+
Author: Will Deacon <will.deacon@arm.com> Signed-off-by: Will Deacon <will.deacon@arm.com> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
spinlocks: We have diverged from Linux, so no updates but note this in the README.
mem* and str*: Import: d98b90e ARM: 7990/1: asm: rename logical shift macros push pull into lspush lspull
Author: Victor Kamensky <victor.kamensky@linaro.org> Suggested-by: Will Deacon <will.deacon@arm.com> Signed-off-by: Victor Kamensky <victor.kamensky@linaro.org> Acked-by: Nicolas Pitre <nico@linaro.org> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
For some reason str* were mentioned under mem* in the README, fix.
libgcc: No changes, update baseline
Signed-off-by: Ian Campbell <ian.campbell@citrix.com> Acked-by: Julien Grall <julien.grall@linaro.org>
Ian Campbell [Fri, 25 Jul 2014 15:22:51 +0000 (16:22 +0100)]
xen: arm: update arm64 assembly primitives to Linux v3.16-rc6
The only really interesting changes here are the updates to mem* which update
to actually optimised versions and introduce an optimised memcmp.
bitops: No change to the bits we import. Record new baseline.
cmpxchg: Import: 60010e5 arm64: cmpxchg: update macros to prevent warnings
Author: Mark Hambleton <mahamble@broadcom.com> Signed-off-by: Mark Hambleton <mahamble@broadcom.com> Signed-off-by: Mark Brown <broonie@linaro.org> Signed-off-by: Catalin Marinas <catalin.marinas@arm.com> e1dfda9 arm64: xchg: prevent warning if return value is unused
Author: Will Deacon <will.deacon@arm.com> Signed-off-by: Will Deacon <will.deacon@arm.com> Signed-off-by: Catalin Marinas <catalin.marinas@arm.com> e1dfda9 resolves the warning which previous caused us to skip 60010e508111.
Since arm32 and arm64 now differ (as do Linux arm and arm64) here the
existing definition in asm/system.h gets moved to asm/arm32/cmpxchg.h.
Previously this was shadowing the arm64 one but they happened to be identical.
atomics: Import: 8715466 arch,arm64: Convert smp_mb__*()
Author: Peter Zijlstra <peterz@infradead.org> Signed-off-by: Peter Zijlstra <peterz@infradead.org>
This just drops some unused (by us) smp_mb__*_atomic_*.
This adds the systemd xen service / module files and integrates
support into the build system.
This goes in with AX_AVAILABLE_SYSTEMD() which will enable
systemd if development libraries have been found on your
build system. If you don't have systemd on target systems
for binaries built with systemd then the binary will not
work, you must explicitly disable systemd support if you
do not want to build systemd support.
When systemd libraries are present only systems that
have booted into systemd go through the systemd initialization,
otherwise the SysVinit is used.
These are originally based on the Fedora systemd files.
Changes made from Fedora's systemd files:
* split sockets into two files to claim different permissions
* Use /bin/sh -c exec to for a simple launcher implementation
* enables systemd socket activation for C xenstored and Ocaml
oxenstored
* use sd_notify(), so change the service to Type=notify, because of
this we remove the PIDFile specification as we don't care for it, and let
systemd do its magic for us, this also means we don't have to fork
so we use --no-fork with systemd
* defines a modules-load.d, its original source file will be shared
between systemd and old init systems
* simplify service files with ConditionVirtualization=xen which uses
the built in systemd virtualization backend detection, these
service files will not be available to start on systems that do not
boot with xen as a hypervisor
* use autoconf to replace @variable@ paths for us which piggy
backs on top of the latest autoconf changes to xen
* removes oxenstored service file in favor of a system variable which
controls which which xentored to use at run time, we avoid multiple
service files this way.
* simplifies startup to not require polling on the sockets
as initial socket management is handled by systemd, we just
take on the socket later once anything pokes at it, a simple nc -U
(as root) on any of the sockets files can activate the service for example.
Anything queued up will be sent to us once we start. Socket activation
should in theory also let us dynamically switch between xenstores but more
importantly we could upgrade xenstored while keeping all active
socket communication queued up, but in order to take advantage of
this we eventually would need to remove the requirement of not being
able to bring down the xenstored. Even though active sockets are
supported since most libxl communication doesn't triggger a check
on the unix socket first administrators are encouraged to enable
the xenstored.service to triggger an initialization of the xenstored
upon bring up. Some systems also never use unix sockets for
communication with the xenstored and as such active sockets will
not be used there.
* allow for xenstored configuration through *either* of these
configuration files:
- /etc/sysconfig/xenstored
- /etc/default/xenstored
The /etc/default/xenstored will let debian based systems do
the same, while SUSE/OpenSUSE/Fedora/RedHat can keep on chugging
with sysconfig. We leave these files all commented out by default
though given that for systemd we want to encourage not using them.
* ensures we create the run directory as most systems will likely
be using a tmpfs for run dirs for the pid files
* Some systems define the selinux context in the systemd Option for the
/var/lib/xenstored tmpfs:
Options=mode=755,context="system_u:object_r:xenstored_var_lib_t:s0"
For the upstream version we remove that and let systems specify the
context on their system /etc/default/xenstored or /etc/sysconfig/xenstored
$XENSTORED_MOUNT_CTX variable, with a default to none.
* takes advantage of the shared xendomains helper for the xendomains
service
* Add the new dom0 that gets kicked off for disk backend access into
its own systemd service associated to xen
As for integration with xen, we house keep all the systemd files
under a new directory tools/hotplug/Linux/systemd/ and will be targeted
by default when building on Linux systems if systemd development
libraries are present at build time.
The systemd files will be sanitized for meta @VARIABLES@ upon
configuration and installed upon the install target. Systems that
do not use systemd can still get systemd service unit files installed
if the build system enabled systemd support, this however does not
mandate a requirement of having systemd libraries present. Old init
scripts are always installed.
If you don't specify a prefix you will end up with the services
files under /usr/local/lib/systemd/system/ by default, and systemd
modules-load.d conf files under /usr/local/lib/modules-load.d/ which
systemd does look for (although it seems this is not documented).
Distributions are expected to provide their /usr/ prefix to end up in
the more generic location upon distribution install at
/usr/lib/systemd/system/ and /usr/lib/modules-load.d/ respectively.
Cc: Ian Jackson <ian.jackson@eu.citrix.com> Cc: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Cc: Ian Campbell <ian.campbell@citrix.com> Cc: Jan Rękorajski <baggins@pld-linux.org> Cc: M A Young <m.a.young@durham.ac.uk> Cc: Jacek Konieczny <jajcus@jajcus.net> Cc: xen-devel@lists.xenproject.org Signed-off-by: Luis R. Rodriguez <mcgrof@suse.com> Acked-by: Ian Campbell <ian.campbell@citrix.com>
[ ijc -- ran autogen.sh ]
autoconf: xen: enable explicit preference option for xenstored preference
As it stands oxenstored will be used by default if ocaml tools are
found, the init system will also try to use oxenstored first if its
found otherwise the cxenstored will be used. Lets simplify the init
script and let users be explicit about the preference through configure.
This adds support to let you be explicit about the xenstored preference,
you can only use one of these two options:
We continue with the old behaviour and default oxenstored will be used
but only if you have ocaml dependencies. Since the xenstored preference
is explicit now and since we require configure substitutions for it we
make use of the AX_XEN_EXPAND_CONFIG() helpers as otherwise substitution
for SBINDIR is not propagated from the top level configuration.
All this allows us to simplify the init script to use the configured
xenstore from the start. We update the sysconfig/default xencommons file
with the paths for the different options though, this can be used by
users to override the default xenstored, this follows the old behaviour
but we now just explicitly provide the full configured paths for users.
As before, changing the xenstore requires a reboot.
In order to help with documentation we update the README with some
details on configure usage refer to the wiki [0] [1] [2] for more elaborate
details.
Since we are now parsing an entry within Paths.mk.in on tools we let
the move the parsing of the file to be the tool's configure.
Cc: Ian Campbell <ian.campbell@citrix.com> Cc: Ian Jackson <ian.jackson@eu.citrix.com> Cc: Jan Beulich <jbeulich@suse.com> Cc: Keir Fraser <keir@xen.org> Cc: Tim Deegan <tim@xen.org> Signed-off-by: Luis R. Rodriguez <mcgrof@suse.com> Acked-by: Ian Campbell <ian.campbell@citrix.com>
[ ijc -- ran autogen.sh ]
This will allow us to share the same module list with
systemd, and lets us upkeep it in one place. Document this
while at it on the top level README and expand on the wiki:
libxc: expand cpuid features exposed to PVH guests
Expand the cpuid features exposed to PVH guests, this includes
exposing PSE, PGE and 1GB pages (which will be masked by the
hypervisor if not supported by the hardware).
Signed-off-by: Roger Pau Monné <roger.pau@citrix.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com> Cc: Ian Jackson <Ian.Jackson@eu.citrix.com> Cc: Ian Campbell <ian.campbell@citrix.com> Cc: Andrew Cooper <andrew.cooper3@citrix.com> Acked-by: Ian Campbell <ian.campbell@citrix.com>
Ian Campbell [Fri, 25 Jul 2014 09:32:06 +0000 (10:32 +0100)]
xen: arm: Write to the correct PT when mapping the DTB on boot on arm64
We currently get away with this because when debug=y and earlyprintk is enabled
the previous block of (conditional) code would have set this up. Historically we
mostly got away with it even without those options because the pre paging code
would normally (at least on h/w we test) leave x4 set to the paddr of
boot_second.
This latent bug has always been present but was exposed by ca59618967fe "xen:
arm: Handle 4K aligned hypervisor load address" (or one of the related patches)
since now x4 is quite likely to point to boot_third not boot_second.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com> Acked-by: Julien Grall <julien.grall@linaro.org>
Roger Pau Monné [Mon, 4 Aug 2014 11:46:54 +0000 (13:46 +0200)]
x86: fix cpuid reporting on PVH Dom0
dab11417d also caused some problems regarding HVM guest creation on
PVH Dom0, mainly the CR4 mask returned by hvm_cr4_guest_reserved_bits
changed from 0xfffffffffffff800 to 0xfffffffffffff893, which means HVM
guests created from a PVH Dom0 are unable to set VME, PVI, PSE or PGE
CR4 flags.
This is because cpuid on PVH guests mask PSE, PGE, PSE36 and VME
flags, so the white listing done in xc_cpuid_hvm_policy doesn't enable
those features, and the guest ends up with a very restrictive cpuid
policy.
Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>
Jan Beulich [Mon, 4 Aug 2014 11:46:03 +0000 (13:46 +0200)]
x86/HVM: extend LAPIC shortcuts around P2M lookups
... to all internally handled MMIO regions. It is in particular the
HPET page that, e.g. on Windows Server 2012 R2, can get heavily
accessed, and hence avoiding the unnecessary lookups is rather
beneficial (in the reported case a 40+-vCPU guest would previously not
have booted at all while with hvm_hap_nested_page_fault() shortcut
alone it was able to boot up in 18 minutes [i.e. still room for
improvement]).
Note the apparently unrelated addition of a is_hvm_vcpu() check to the
__hvm_copy() code: Afaict for PVH this shortcut should never have taken
effect (since there's no LAPIC in that case).
Signed-off-by: Jan Beulich <jbeulich@suse.com> Reviewed-by: Tim Deegan <tim@xen.org>
Jan Beulich [Mon, 4 Aug 2014 11:44:36 +0000 (13:44 +0200)]
convert "no-" command line option prefix into "=no" for OPT_CUSTOM
... to allow restoring/retaining previous behavior for options getting
converted from boolean to custom. Obviously that'll work only when no
other argument was specified for the option. Command line settings of
the form "no-<name>=<value>" will now be ignored as ambiguous (rather
than being interpreted as "<name>=<value>", i.e. ignoring the "no-"
prefix).
Reported-by: Don Slutz <dslutz@verizon.com> Signed-off-by: Jan Beulich <jbeulich@suse.com> Acked-by: Ian Campbell <ian.campbell@citrix.com>
Jan Beulich [Mon, 4 Aug 2014 11:42:34 +0000 (13:42 +0200)]
fix qemu building with older make
The $(or ...) builtin (uses introduced by commits ffbf089357 and 8962a8f951) is supported only from make 3.81 onwards, yet we claim to
only require make 3.80. Introduce a good enough fallback.
Signed-off-by: Jan Beulich <jbeulich@suse.com> Acked-by: George Dunlap <george.dunlap@eu.citrix.com> Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
When HW tries to load a corrupted patch, it generates #GP
and depending on 'noreboot' parameter on grub, the system
is either stuck in a reboot loop or is hung. Use wrmsr_safe
instead of wrmsrl so that we fail to load microcode gracefully.
Signed-off-by: Aravind Gopalakrishnan <aravind.gopalakrishnan@amd.com> Reviewed-by: Boris Ostrovsky <boris.ostrovsky@oracle.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
It would be nice to allow guests to close all event channels in
ABI-agnostic way in case of kexec/kdump. EVTCHNOP_reset looks suitable
for this purpose. However control blocks for vcpus and event array need
cleanup when FIFO ABI is being used.
With this change a guest can simply do EVTCHNOP_reset before kexec in
both 2-level and FIFO cases. It is also important to perform store/console
channel remapping after such call.
The issue can also be solved by introducing a new EVTCHNOP operation but
it seems that EVTCHNOP_reset can be reused.
[The idea was suggested by Ian Campbell, Andrew Cooper, and David Vrabel]
Feng Wu [Fri, 1 Aug 2014 14:39:17 +0000 (16:39 +0200)]
x86/hvm: always do SMAP check when updating runstate_guest(v)
In the current implementation, we honor the guest's CPL and AC
to determain whether do the SMAP check or not for runstate_guest(v).
However, this doesn't work. The VMCS feild is invalid when we try
to get geust's SS by hvm_get_segment_register(), since the
right VMCS has not beed loaded for the current VCPU.
In this patch, we always do the SMAP check when updating
runstate_guest(v) for the guest when SMAP is enabled by it.
Jan Beulich [Fri, 1 Aug 2014 14:29:27 +0000 (16:29 +0200)]
x86/ACPI: allow CMOS RTC use even when ACPI says there is none
HP is setting the ACPI_FADT_NO_CMOS_RTC flag on newer systems,
regardless of whether they're being booted from UEFI. Add a command
line option to allow probing for a working RTC in that case.
Signed-off-by: Jan Beulich <jbeulich@suse.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
libxl: automatic NUMA placement affects soft affinity
vCPU soft affinity and NUMA-aware scheduling does not have
to be related. However, soft affinity is how NUMA-aware
scheduling is actually implemented, and therefore, by default,
the results of automatic NUMA placement (at VM creation time)
are also used to set the soft affinity of all the vCPUs of
the domain.
Of course, this only happens if automatic NUMA placement is
enabled and actually takes place (for instance, if the user
does not specify any hard and soft affiniy in the xl config
file).
This also takes care of the vice-versa, i.e., don't trigger
automatic placement if the config file specifies either an
hard (the check for which was already there) or a soft (the
check for which is introduced by this commit) affinity.
Signed-off-by: Dario Faggioli <dario.faggioli@citrix.com> Acked-by: George Dunlap <george.dunlap@eu.citrix.com> Acked-by: Ian Campbell <ian.campbell@citrix.com>
libxl/xl: make it possible to specify soft-affinity in domain config file
To do so, we add the vcpu_soft_affinity array to build_info, and
treat it much like vcpu_hard_affinity. The new config option is
called "cpus_soft".
Note that the vcpu_hard_affinity array, introduced in a previous
patch, and the vcpu_soft_affinity array, introduced here, share
the same LIBXL_HAVE_xxx macro, in libxl.h. That is called
LIBXL_HAVE_BUILDINFO_VCPU_AFFINITY_ARRAYS, and was introduced
together with vcpu_hard_affinity, but only inside a comment.
In this change, we uncomment, and hence properly define it.
In order to avoid having to issue separate calls to
libxl_set_vcpuaffinity() (one for hard affinity and one for soft
affinity) in libxl__build_pre(), in case the caller uses
b_info->cpumap (for the former) and b_info->vcpu_soft_affinity (for
the latter), we also set (again!) a new default for b_info->cpumap.
This allows, from this change on, to always and only deal with
b_info->vcpu_hard_affinity all around libxl internals.
Signed-off-by: Dario Faggioli <dario.faggioli@citrix.com> Acked-by: Ian Campbell <ian.campbell@citrix.com>
xl: move away from the use of cpumap for hard affinity
and start using the vcpu_hard_affinity array instead. This is done
as when, in a subsequent patch ("libxl/xl: make it possible to
specify soft-affinity in domain config file") we will become able
to deal with soft affinity, code can be shared.
This change also enables more advanced VCPU to PCPU (hard, for now)
affinity specification, in case a list is used, like:
cpus = ["3-4", "2-6,^4"]
What it means is that VCPU 0 must be pinned to PCPU 3,4 and VCPU 1
to PCPUs 2,3,5,6 (before this change, cpus=[xx, yy] only supported
single values). Of course, the old (e.g., cpus=[2, 3]) syntax
continues to work.
Signed-off-by: Dario Faggioli <dario.faggioli@citrix.com> Acked-by: Ian Campbell <ian.campbell@citrix.com>
Getting happens via `xl vcpu-list', which now looks like this:
# xl vcpu-list -s
Name ID VCPU CPU State Time(s) Affinity (Hard / Soft)
Domain-0 0 0 11 -b- 5.4 8-15 / all
Domain-0 0 1 11 -b- 1.0 8-15 / all
Domain-0 0 14 13 -b- 1.4 8-15 / all
Domain-0 0 15 8 -b- 1.6 8-15 / all
vm-test 3 0 4 -b- 2.5 0-12 / 0-7
vm-test 3 1 0 -b- 3.2 0-12 / 0-7
Setting happens by specifying two pCPU masks to the `xl vcpu-pin'
command, the first one will be hard affinity, the second soft
affinity. If only one mask is specified, it is only hard affinity
that is affected. To change only soft affinity, '-' can be used
as the hard affinity mask parameter, and it will be left alone.
xl manual page is updated accordingly.
Signed-off-by: Dario Faggioli <dario.faggioli@citrix.com> Acked-by: Ian Campbell <ian.campbell@citrix.com>
Andrew Cooper [Tue, 29 Jul 2014 15:02:25 +0000 (17:02 +0200)]
x86/cpu: undo BIOS CPUID max_leaf limit before querying for features
If IA32_MISC_ENABLE[22] is set by the BIOS, CPUID.0.EAX will be limited to 3.
Lift this limit before considering whether to query CPUID.7[ECX=0].EBX for
features.
Without this change, dom0 is able to see this feature leaf (as the limit was
subsequently lifted), and will set features appropriately in HVM domain cpuid
policies.
The specific bug XenServer observed was the advertisement of the FSGSBASE
feature, but an inability to set CR4.FSGSBASE as Xen considered the bit to be
reserved as cpu_has_fsgsbase incorrectly evaluated as false.
This is a regression introduced by c/s 44e24f8567 "x86: don't call
generic_identify() redundantly" where the redundant call actually resampled
CPUID.7[ECX=0] properly to obtain the feature flags.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> Reviewed-by: Jan Beulich <jbeulich@suse.com>
Jan Beulich [Tue, 29 Jul 2014 14:51:26 +0000 (16:51 +0200)]
libxl: use libxl_fd_set_{cloexec,nonblock} helpers
... instead of open-coding them or not using them at all. This in
particular fixes a build (and presumably also runtime) problem on old
enough libc due to the recent introduction of a use of O_CLOEXEC. The
other two changes are only of cleanup kind.
Signed-off-by: Jan Beulich <jbeulich@suse.com> Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
autoconf: xen: move standard path variables to config/Paths.mk.in
This moves all generic path variables to a new the config/Paths.mk.in
input source file to be processed at configure time, tons of files use
these so this just share them. This also paves the way to let us
easily dynamically configure these with autoconf, for now we leave the
same presets as was present before.
This work was prompted by looking for an autoconf way to do
replacements for the hotplug global file, while at it I realized
that a few other files use the same variables and have in places
around the tree the same constructs for generating their own
files. This makes use of the old buildmakevars2file() but generalizes
the definition of the paths at configure time and spreads the
new definitions out throughout the build system.
This has no impact on building the hypervisor and extras/mini-os,
you do not need to, and are not expected to, run configure to build
those targets.
While at it lets add some documentation on the for the two files on
the source file, we can expand further details on the wiki [0].
Cc: Ian Campbell <ian.campbell@citrix.com> Cc: Ian Jackson <ian.jackson@eu.citrix.com> Cc: Samuel Thibault <samuel.thibault@ens-lyon.org> Cc: Jan Beulich <jbeulich@suse.com> Cc: Keir Fraser <keir@xen.org> Cc: Tim Deegan <tim@xen.org> Signed-off-by: Luis R. Rodriguez <mcgrof@suse.com> Acked-by: Ian Campbell <ian.campbell@citrix.com>
[ ijc -- reran autogen.sh ]
oxenstored: also fail if only 1 socket was given by systemd
Reported-by: Ian Campbell <ian.campbell@citrix.com> Signed-off-by: Luis R. Rodriguez <mcgrof@suse.com> Acked-by: Ian Campbell <ian.campbell@citrix.com>
cxenstored: also fail if only 1 socket was given by systemd
Reported-by: Ian Campbell <ian.campbell@citrix.com> Signed-off-by: Luis R. Rodriguez <mcgrof@suse.com> Acked-by: Ian Campbell <ian.campbell@citrix.com>
projects / xen.git / log