Keir Fraser [Thu, 6 Dec 2007 11:24:02 +0000 (11:24 +0000)]
[XEN, 32on64]: Correct continuation translation for large
compat_mmuext hypercalls.
At the point where we translate the continuation "nat_ops" points to
the beginning of the batch of "i" entries, therefore it must be
incremented by the number of entries processed "i - left". At the same
point "cmp_uops" points to the end of the batch of entries and must
therefore be decremented by "left".
The new count value has already been set by do_mmuext_op to "left" and
therefore it is correct to add "count - i" since that is the number of
entries that remain after this batch.
Signed-off-by: Ian Campbell <ian.campbell@xensource.com>
Keir Fraser [Wed, 5 Dec 2007 17:56:13 +0000 (17:56 +0000)]
xenstore: expanding_buffer variables are supposed to be static. Apart
from anything else, this was guaranteeing they were initialised. Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
Keir Fraser [Wed, 5 Dec 2007 14:21:00 +0000 (14:21 +0000)]
[QEMU-DM] Upgrade emulated UART to 16550A.
This patch adds 16550 emulation to qemu-dm. I still consider it a work
in progress, but from my testing, it consistently performs better than
the old code already, sometimes considerably so (on my laptop, dumping
out data over serial from a HVM DomU -> pty in Dom0 was up to 5.3
times faster than with the old 16450 code). I can consistenly reach
full 115200 baud speeds over physical serial lines when the virtual
device is backed by a phys port, which I never could with the old code.
There are still some things to be done. I want to add proper error
handling, so that overflow/framing & parity errors on the physical
port get detected and reported by the virtual port. Also, now that
FIFOs are in place, I believe performance could be improved
significantly by putting some code into the hypervisor so that reads &
writes from the FIFOs don't have to exit into qemu-dm at all. I'm also
reading up on the specs for newer uarts with deeper FIFOs.
Keir Fraser [Wed, 5 Dec 2007 14:18:34 +0000 (14:18 +0000)]
[QEMU-DM] Modem control line & msl/mcr register support.
This patch enables handling of the modem/flow control lines of a
serial port when the backend for the virtual port is a physical serial
port. During initialization, it tries to load the msr with the
detected status from the real port (this is consistent with physical
uart, which starts with its msr values set according to the status of
the modem status lines). If the ioctl returns -ENOTSUP, then the code
assumes the backend is not a real serial port and will disable any
further attempts to manipulate or read the physical port's line
status.
It's tries to be as "correct" as possible in its msr/msl handling,
with the exception of modem line status change interrupts. A real
16550 uart apparently have a delay time of 250ns between when a modem
status line changes and the IRQ line goes high. In this patch, an
"idle" port is polled for line status changes only if the guest has
enabled UART_IER_MSI is enabled, and only polled every 10 ms.
Keir Fraser [Wed, 5 Dec 2007 14:01:39 +0000 (14:01 +0000)]
hvm: Initialize vlapic->timer_last_update.
Without the fix, before the first vlapic timer interrupt is injected,
the "vlapic->timer_last_update" in vlapic_get_tmcct() is always 0,
causing a wrong value of counter_passed.
Keir Fraser [Wed, 5 Dec 2007 11:08:07 +0000 (11:08 +0000)]
xenstore: document the xenstore protocol
The attached patch adds a new text file docs/misc/xenstore.txt which
describes the actual protocol implemented by xenstored. This was
reverse-engineered from the actual code in tools/xenstore.
I didn't bother making any automatic arrangements to ensure that the
implemented and documented protocols are kept in step (for example,
automatic code generation, etc.) The protocol is rather messy
unfortunately and unsuitable for an xdr approach, and in any case is
not likely to change very quickly.
Also in this patch are a couple of comments for xenstored_core.c which
help clarify the behaviour of some payload parsing helper functions.
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
Keir Fraser [Wed, 5 Dec 2007 11:07:12 +0000 (11:07 +0000)]
xenstore-ls -f for find(1)-like output
The current output of xenstore-ls can be quite hard to read and it is
not very intractable for postprocessing with sort|diff and the like.
The patch below provides a -f option which produces output with the
full key pathname on each line, and which disables the value
truncation and the `.'-padding when used with -p (since these latter
two aren't likely to be very useful when values are preceded by long
pathnames).
While I was at it I added the `-s' option to the usage message, where
it was previously missing.
Keir Fraser [Wed, 5 Dec 2007 11:05:47 +0000 (11:05 +0000)]
xenstore: deprecating but \-quoting binary data.
Presently it's not clear what the allowable character set is for
values in xenstore. The current command-line tools just pass values
to printf("%s",...) so implicitly assume that it's 7-bit printable
ASCII (since the interpretation of 8-bit characters would be unclear).
However there are rumours of programs which dump binary data into
xenstore and/or bugs involving nul bytes being added to the ends of
xenstore values (and even of some drivers insisting on a spurious
nul).
There isn't all that much useful documentation about xenstore. There
is a doc detailing which xenstore keys may be used and what their
meanings are (interface.tex) but it is very out of date, amongst other
reasons because it's in format which is not very easy to update when
adding functionality to the code and because there is no way to check
programs' behaviour in xenstore against the spec. I think the
xenstore part of interface.tex should be replaced with a new document
in a simpler format, which should amonst other things be sufficiently
machine-readable that automatic testing could reveal at least basic
out-of-spec behaviours like setting or using undocumented keys.
This new document ought to specify the allowable character set of both
keys and values, and ought to specify the xenstored protocol as well.
It seems to me that the appropriate character set for xenstore values
is 7-bit printing ASCII (0x20..0x7e). Values should not have a
trailing nul byte `on the wire' but of course the xs library interface
should continue to add an additional nul beyond the quoted length for
the convenience of callers.
That is consistent with nearly all of the existing uses and makes the
whole system much more tractable compared to an explicit expectation
that binary data will be stored. (For example, if we like binary data
in xenstore, why are uuids represented in their printable hex
encoding?) xenstore data is supposedly non-performance-critical
metadata for use by control plane machinery so the overhead of
printing and parsing text strings is hardly a problem.
Applications which set binary values should be deprecated but to avoid
breaking those applications xenstored should continue indefinitely to
be binary-transparent.
Under these circumstances it can only be regarded as a bug that the
current command-line tools are lossy in the presence of binary data.
Not only does this make them break for those now-deprecated uses, but
it also prevents them from being used to detect and debug problems
relating to the exact byte strings being recorded in xenstore.
As a first step towards the utopia I describe above, this patch
causes xenstore-read and -ls to \-escape the values of xenstore
keys, and xenstore-write to un-\-escape them. The escaping is a
subset of that permitted by C89; only \t \r \n \\ and hex and octal
are used and recognised. (So no \f, \a etc.)
This change will not change the representation by these tools of
values which contain only 7-bit printing ASCII characters unless they
contain \'s.
Values which contain \'s will need to be quoted on entry and dequoted
on exit if being manipulated by xenstore-*. The only values likely to
be affected are paths in Windows guest filesystems and in practice we
believe that any such filename which is actually relevant to anything
will be set other than via xenstore-write.
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
Keir Fraser [Wed, 5 Dec 2007 10:53:47 +0000 (10:53 +0000)]
vt-d: Use bitmap to solve domain-id limitation issue.
The Capability register reports the domain-id width supported by
hardware. For implementations supporting less than 16-bit domainids,
unused bits of domain identifier field(87:72) in Context entry are
treated as reserved by hardware. For example, for an implementation
supporting 4-bit domain-ids, bits 87:76 of this field are treated as
reserved. 16 is a small number, overflow is easy to happen. What's
more,
context-entries programmed with the same domain identifier must always
reference the same address translation structure (through the ASR
field). So Dom16 will conflict with Dom0, and device assignment fails.
This patch implements a domaid id bitmap to solve above issue.
Signed-off-by: Weidong Han <weidong.han@intel.com> Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
Keir Fraser [Wed, 5 Dec 2007 10:34:15 +0000 (10:34 +0000)]
x86_emulate: EFLAGS.PF only reflects least-significant byte of result,
so even_parity() can return to its original prototype. Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
Keir Fraser [Wed, 5 Dec 2007 10:00:42 +0000 (10:00 +0000)]
[USER GUIDE] [ACM/sHype Update] User Guide Update for sHype/Xen
This patch updates the ACM/sHype user guide chapter. It updates the
examples throughout the chapter and describes advanced security policy
and domain management based on the new ACM xm command extensions that
were submitted this morning (cf.
http://lists.xensource.com/archives/html/xen-devel/2007-12/msg00043.html
and
http://lists.xensource.com/archives/html/xen-devel/2007-12/msg00041.html).
Keir Fraser [Wed, 5 Dec 2007 09:44:20 +0000 (09:44 +0000)]
Implement legacy XML-RPC interface for ACM commands.
This patch implements a (non Xen-API) legacy XML-RPC interface for the
ACM commands and funnels the calls into code introduced by the Xen-API
support for ACM security management. Since some of the functionality
has changed, also the xm applications have changed. In particular the
following old commands have been removed along with some tools the
have become obsolete now:
Keir Fraser [Tue, 4 Dec 2007 11:04:57 +0000 (11:04 +0000)]
x86: clean up mm.c and cache 'current' where appropriate.
Attached patch caches current vcpu and current->domain where
appropriate. Make mod_l4_entry() definition matching with
mod_l?_entry(). Since current->domain was always passed to it, this
has no functional change.
Signed-off-by: Christoph Egger <Christoph.Egger@amd.com>
Keir Fraser [Tue, 4 Dec 2007 10:50:28 +0000 (10:50 +0000)]
blkif interface: Add BLKIF_OP_FLUSH_DISKCACHE.
This disk operation, implemented on Solaris only so far, asks a
backend to flush the disk caches of the underlying storage if
possible, and is contigent upon the 'feature-flush-cache' xenstore
flag (although currently Solaris will always attempt to flush
anyway).
Keir Fraser [Tue, 4 Dec 2007 10:47:10 +0000 (10:47 +0000)]
tboot, xen: Update for Trusted Boot v20071128.
This patch updates the Xen to work with the latest version (20071128)
of Trusted Boot (tboot). This version of tboot now resides at 16MB
(instead of the previous <1MB), in addition to several other
enhancements. By residing at 16MB, this version of tboot will be
protected from access by dom0.
This patch allows Xen to correctly map the tboot shutdown code that it
must trampoline into for a clean shutdown (without this patch Xen will
fault on shutdown). This patch will also work with the previous
version of tboot.
Signed-off-by: Joseph Cihula <joseph.cihula@intel.com>
Keir Fraser [Tue, 4 Dec 2007 10:40:48 +0000 (10:40 +0000)]
Fix xenmon.py to work on Solaris
The xenmon.py script does not work on Solaris because of (1) its
assumption that xenbaked is in the users path and, (2) the use of the
killall command. Changed xenmon.py to use pkill instead and provided
the path to xenbaked on Solaris.
Keir Fraser [Tue, 4 Dec 2007 10:17:32 +0000 (10:17 +0000)]
xentrace: Don't append trace on existing file.
When you run "xentrace -e <mask> trace.output" the first time, all is
fine. When you run it a second time, then the data is appended which
makes you reading old data with xentrace_format and you interprete it
as new data. This usually happens when you automated tracing guests
with xentrace and xentrace_format with a script.
Therefore, attached patch makes xentrace to truncate the file to zero
bytes before writing any data.
Signed-off-by: Christoph Egger <Christoph.Egger@amd.com>
Keir Fraser [Tue, 4 Dec 2007 09:56:10 +0000 (09:56 +0000)]
x86: Move get_page/put_page out of header file, and only print on
get_page() failure if the domain is not dying. Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
Alex Williamson [Thu, 29 Nov 2007 19:15:43 +0000 (12:15 -0700)]
[IA64] Implement guest_os_type for ia64
This makes use of the domain config option guest_os_type for
ia64 and removes the backing for the previous ACPI based
mechanism used previously. A user wanting optimal performance
for a specific type of OS guest running in an HVM domain should
make use of this new option. See updated xmexmaple.vti for
available options. All supported OSes should always work using
the default option or leaving the option unspecified. Originally
based on patch from Zhang Xin.
Signed-off-by: Alex Williamson <alex.williamson@hp.com>
Alex Williamson [Thu, 29 Nov 2007 18:54:31 +0000 (11:54 -0700)]
[IA64] Create common guest_os_type domain config option
This is an optional domain config entry that may be used by
architecture specific builder code to setup various optimizations
based on the guest OS intended to run in the domain. Based on
patch from Zhang Xin.
Signed-off-by: Alex Williamson <alex.williamson@hp.com> Acked-by: Keir Fraser <keir.fraser@citrix.com>
Keir Fraser [Wed, 28 Nov 2007 22:36:33 +0000 (22:36 +0000)]
vmx: Better tracing in vmcs_dump_vcpu() -- grab RIP/RSP/RFLAGS from
cpu_user_regs structure as well as VMCS. Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
Alex Williamson [Wed, 28 Nov 2007 19:32:28 +0000 (12:32 -0700)]
[IA64] vcpu_setcontext: only set cr_irr if VGCF_SET_CR_IRR flag is set.
cr_irr can be modified even when a vcpu is blocked (by itv handler).
Unconditionally setting cr_irr can trouble debugger as it may clear a bit
of cr_irr and thus miss an interrupt. This can be very annoying if the
interrupt is itv and the vcpu is inside PAL_HALT_LIGHT (the vcpu stays
blocked forever).
Keir Fraser [Wed, 28 Nov 2007 13:36:56 +0000 (13:36 +0000)]
domctl: Fix handling of size parameter in ext_vcpucontext domctl commands.
Original patch by Stefan Berger. Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
Keir Fraser [Wed, 28 Nov 2007 13:13:51 +0000 (13:13 +0000)]
hvm: Fix 2 type mismatches in vlapic.h and hpet.c for 32-bit build Xen
For 32-bit build of Xen:
1) the first mismatch (in hpet_read(), length is 4) makes guest think
the HPET DM is buggy (we return 0 for HPET_CFG.COUNTER_CLK_PERIOD to
guest), so guest wouldn't use HPET at all.
2) the second one: if tmict is 62500000 and timer_divisor is 16
(Fedoar7's installer uses the values at some time), 10 * 62500000 * 16
= 0x2540BE400 -- it's too big to be held in uint32_t.
Signed-off-by: Dexuan Cui <dexuan.cui@intel.com>=20
Keir Fraser [Wed, 28 Nov 2007 13:04:47 +0000 (13:04 +0000)]
hvm: Inject #UD for un-emulated instructions rather than crash guest
The CrashMe stress test (a process repeatedly forks child processes, and
the child processes initialize a buffer with random numbers, then treat
the buffer as code, and execute it) can crash 32-bit HVM RHEL5.1 guest
easily; this is because we haven't emulated all the instructions in
handle_mmio() yet.
The CrashMe process runs with root rights, and can access MMIO space in
an unknown way ("strace -f" shows the random codes running at CPL=3D3
don't call mmap(), and don't open any special files in /dev/ "); the gpa
may look like 0xa**** or 0xb****, or 0xfee0****. =20
Signed-off-by: Dexuan Cui <dexuan.cui@intel.com> Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
Keir Fraser [Wed, 28 Nov 2007 12:34:11 +0000 (12:34 +0000)]
vt-d: Some fixes and cleanup of Intel iommu
This patch modifies domain id in __iommu_flush_context() and
__iommu_flush_iotlb() to be consistent consist with domain id set by
context_set_domain_id(), avoids setting NULL to address space root
and corrects macro cap_ndoms.
Signed-off-by: Weidong Han <weidong.han@intel.com>
Keir Fraser [Mon, 26 Nov 2007 22:20:21 +0000 (22:20 +0000)]
vmx realmode: When returning to protected mode we have to massage the
segment state to pass VMENTER's stringent 'sanity checks'. Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
Keir Fraser [Mon, 26 Nov 2007 16:57:57 +0000 (16:57 +0000)]
x86 emulate: Emulate atomic read-modify-write instructions as a
straightforward write. Hopefully multiprocessor synchronisation is not
relied upon in real mode! Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
Keir Fraser [Mon, 26 Nov 2007 16:47:10 +0000 (16:47 +0000)]
vmx realmode: Fix emulation of exception delivery (stack pointer must
be adjusted for FLAGS push), and fix up vmx_realmode() exit protocol
now that it is called from asm stub context. Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
Keir Fraser [Mon, 26 Nov 2007 15:32:54 +0000 (15:32 +0000)]
x86_emulate: Emulate CPUID and HLT.
vmx realmode: Fix decode & emulate loop, add hooks for CPUID, HLT and
WBINVD. Also do not hook realmode entry off of vmentry failure any
more. Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
Keir Fraser [Sun, 25 Nov 2007 21:24:48 +0000 (21:24 +0000)]
vmx realmode: Detect and correctly plumb mmio accesses from emulated
realmode. Also correctly handle debug output to I/O port 0xe9. Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
Keir Fraser [Sun, 25 Nov 2007 11:45:02 +0000 (11:45 +0000)]
vmx realmode: Support privileged EFLAGS updates in emulated realmode.
Also tweak debug tracing to be much less noisy. We can emulates tens
of thousands of instructions in rombios now. Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
Keir Fraser [Sat, 24 Nov 2007 22:19:03 +0000 (22:19 +0000)]
Revert 16450:5e8e82e80. Instead remove all arch-specific handling of
memcmp() and hence always use common/lib.c version. Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
Keir Fraser [Sat, 24 Nov 2007 21:46:14 +0000 (21:46 +0000)]
vmx: Initial framework for real-mode emulation (disabled by default).
Still plenty to do:
- i/o emulation
- more instructions
- interrupt/exception delivery
- vm86 fast path
At this stage we can get three instructions into the rombios. Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
Keir Fraser [Sat, 24 Nov 2007 13:40:23 +0000 (13:40 +0000)]
vt-d: Some fixes of Intel iommu
This patch removes a wrong if condition judgement to setup rmrr
identify mapping for guests, and passes page count rather than address
size to iommu_flush_iotlb_psi().
Signed-off-by: Weidong Han <weidong.han@intel.com> Signed-off-by: Anthony Xu <Anthony.xu@intel.com>
Keir Fraser [Sat, 24 Nov 2007 13:37:26 +0000 (13:37 +0000)]
Fix non-optimized compilation of Xen's memcmp
Even when using __builtin_memcmp, gcc may emit external references to
memcmp (when not optimizing for instance), so this #define does not
always provide a completely suitable memcmp().
Signed-off-by: Samuel Thibault <samuel.thibault@citrix.com> Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
Keir Fraser [Sat, 24 Nov 2007 13:31:39 +0000 (13:31 +0000)]
[Mini-OS] Fix domain blocking race
A callback which wakes a thread may happen between the moment
schedule() gives hand to the idle thread and the latter blocks the
domain. Idle hence needs to atomically check that no thread is
running and block, else awoken threads may have to wait up to 10
seconds.
Signed-off-by: Samuel Thibault <samuel.thibault@citrix.com>
projects / xen.git / log