Add decompressors based on hypervisor code. This are used in mini-os by
pv-grub.
This enables pv-grub to boot kernels compressed with e.g. xz, which are
becoming more common.
Signed-off-by: Bastian Blank <waldi@debian.org>
Adjusted to use terminology "unsafe" rather than "trusted" to indicate
that the user had better sanitise the data (or not care, as in stub
domains) as suggested by Tim Deegan. This was effectively a sed script.
Minimise the changes to hypervisor code by moving the "compat layer" into the
relevant libxc source files (which include the Xen ones).
Signed-off-by: Ian Campbell <ian.campbell@citrix.com> Acked-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
Daniel De Graaf [Thu, 21 Mar 2013 20:11:28 +0000 (16:11 -0400)]
stubdom/grub: send kernel measurements to vTPM
This allows a domU with an arbitrary kernel and initrd to take advantage
of the static root of trust provided by a vTPM.
Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov> Acked-by: Samuel Thibault <samuel.thibault@ens-lyon.org> Acked-by: Matthew Fioravante <matthew.fioravante@jhuapl.edu>
Daniel De Graaf [Thu, 21 Mar 2013 20:11:25 +0000 (16:11 -0400)]
stubdom/vtpm: make state save operation atomic
This changes the save format of the vtpm stubdom to include two copies
of the saved data: one active, and one inactive. When saving the state,
data is written to the inactive slot before updating the key and hash
saved with the TPM Manager, which determines the active slot when the
vTPM starts up.
Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Daniel De Graaf [Thu, 21 Mar 2013 20:11:24 +0000 (16:11 -0400)]
stubdom/vtpm: Support locality field
The vTPM protocol now contains a field allowing the locality of a
command to be specified; pass this to the TPM when processing a packet.
While the locality is not currently checked for validity, a binding
between locality and some distinguishing feature of the client domain
(such as the XSM label) will need to be defined in order to properly
support a multi-client vTPM.
Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov> Acked-by: Matthew Fioravante <matthew.fioravante@jhuapl.edu>
Daniel De Graaf [Thu, 21 Mar 2013 20:11:23 +0000 (16:11 -0400)]
stubdom/vtpm: correct the buffer size returned by TPM_CAP_PROP_INPUT_BUFFER
The vtpm2 ABI supports packets of up to 4088 bytes by default; expose
this property though the TPM's interface so clients do not attempt to
send larger packets.
Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Daniel De Graaf [Thu, 21 Mar 2013 20:11:21 +0000 (16:11 -0400)]
mini-os/tpmback: Replace UUID field with opaque pointer
Instead of only recording the UUID field, which may not be of interest
to all tpmback implementations, provide a user-settable opaque pointer
associated with the tpmback instance.
Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Daniel De Graaf [Thu, 21 Mar 2013 20:11:20 +0000 (16:11 -0400)]
mini-os/tpmback: set up callbacks before enumeration
The open/close callbacks in tpmback cannot be properly initalized in
order to catch the initial enumeration events because init_tpmback
clears the callbacks and then asynchronously starts the enumeration of
existing tpmback devices. Fix this by passing the callbacks to
init_tpmback so they can be installed before enumeration.
This also removes the unused callbacks for suspend and resume.
Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Ian Campbell [Tue, 5 Feb 2013 16:19:53 +0000 (16:19 +0000)]
tools+stubdom: install under /usr/local by default.
Now that the hotplug scripts have been fixed to remove hardcoded paths lets
try this again. From 26470:acaf29203cf9:
This is the defacto (or FHS mandated?) standard location for software
built from source, in order to avoid clashing with packaged software
which is installed under /usr/bin etc.
I think there is benefit in having Xen's install behave more like the
majority of other OSS software out there.
The major downside here is in the transition from 4.2 to 4.3 where
people who have built from source will innevitably discover breakage
because 4.3 no longer overwrites stuff in /usr like it used to so they
pickup old stale bits from /usr instead of new stuff from /usr/local.
Packages will use ./configure --prefix=/usr or whatever helper macro
their package manager gives them. I have confirmed that doing this
results in the same list of installed files as before this patch was
applied.
The hypervisor remains in /boot/ and there is no intention to move it.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com> Acked-by: Roger Pau Monné <roger.pau@citrix.com>
Daniel De Graaf [Thu, 21 Mar 2013 20:11:29 +0000 (16:11 -0400)]
stubdom/Makefile: Fix gmp extract rule
When NEWLIB_STAMPFILE is updated but gmp has already been extracted, the mv
command will incorrectly create a subdirectory instead of renaming. Remove the
old target before renaming to fix this.
Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov> Acked-by: Ian Campbell <ian.campbell@citrix.com>
Andrei Lifchits [Wed, 20 Feb 2013 16:54:03 +0000 (16:54 +0000)]
build: Fix distclean when repo location changes
If the path to xen-unstable.hg changes (i.e. you move the repo), the symlinks
inside xen-unstable.hg/stubdom/libxc-x86_[32|64]/ all become broken, which
breaks distclean because make attempts to clean inside those first and fails to
find Makefile (which is also a symlink).
Signed-off-by: Andrei Lifchits <andrei.lifchits@citrix.com>
Ian Campbell [Mon, 28 Jan 2013 16:48:19 +0000 (16:48 +0000)]
tools: revert to installing in /usr
26470:acaf29203cf9 missed a bunch of hardcoded paths, e.g. in the
initscripts. I think at this juncture it is appropriate to revert
this change and try again after some more testing.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com> Acked-by: Roger Pau Monné <roger.pau@citrix.com> Committed-by: Ian Campbell <ian.campbell@citrix.com>
Ian Campbell [Fri, 25 Jan 2013 15:04:11 +0000 (15:04 +0000)]
stubdom: Install xenstore stubdom in $(XENFIRMWAREDIR)
Removes hardcoded /usr prefix.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com> Acked-by: Samuel Thibault <samuel.thibault@ens-lyon.org> Committed-by: Ian Campbell <ian.campbell@citrix.com>
Ian Campbell [Fri, 25 Jan 2013 15:04:09 +0000 (15:04 +0000)]
build: cleanup configure detritus at toplevel and stubdom
These files were left over after
$ git clean -f -dx
$ ./configure
$ make distclean
and picked up by a subsequent.
$ git clean -f -dx
Ensure that these files are also correctly ignored.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com> Acked-by: Roger Pau Monné <roger.pau@citrix.com> Committed-by: Ian Campbell <ian.campbell@citrix.com>
Ian Campbell [Thu, 24 Jan 2013 12:47:55 +0000 (12:47 +0000)]
vtpm/vtpmmgr: Use libpolarssl.a instead of hardcoding own list of .o files
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked by: Matthew Fioravante <matthew.fioravante@jhuapl.edu> Committed-by: Ian Campbell <ian.campbell@citrix.com>
Ian Campbell [Thu, 24 Jan 2013 12:47:54 +0000 (12:47 +0000)]
tools+stubdom: install under /usr/local by default.
This is the defacto (or FHS mandated?) standard location for software
built from source, in order to avoid clashing with packaged software
which is installed under /usr/bin etc.
I think there is benefit in having Xen's install behave more like the
majority of other OSS software out there.
The major downside here is in the transition from 4.2 to 4.3 where
people who have built from source will innevitably discover breakage
because 4.3 no longer overwrites stuff in /usr like it used to so they
pickup old stale bits from /usr instead of new stuff from /usr/local.
Packages will use ./configure --prefix=/usr or whatever helper macro
their package manager gives them. I have confirmed that doing this
results in the same list of installed files as before this patch was
applied.
The hypervisor remains in /boot/ and there is no intention to move it.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com> Acked-by: Roger Pau Monné <roger.pau@citrix.com> Acked-by: Matt Wilson <msw@amazon.com> Committed-by: Ian Campbell <ian.campbell@citrix.com>
Ian Campbell [Mon, 21 Jan 2013 16:04:56 +0000 (16:04 +0000)]
vtpmmgr: fix build on 32-bit
Correct format string, fixing:
vtpm_storage.c: In function 'vtpm_storage_load_header': vtpm_storage.c:658: error: format '%ld' expects type 'long int', but argument 5 has type 'unsigned int'
vtpm_storage.c:658: error: format '%ld' expects type 'long int', but argument 5 has type 'unsigned int' make[2]: *** [vtpm_storage.o] Error 1
Add padlock.o to PSSL_OBJS, fixing:
/local/scratch/ianc/devel/xen-unstable.git/stubdom/mini-os-x86_32-vtpmmgr/mini-os.o: In function `aes_crypt_ecb': /local/scratch/ianc/devel/xen-unstable.git/stubdom/polarssl-x86_32/library/aes.c:659: undefined reference to `padlock_supports'
/local/scratch/ianc/devel/xen-unstable.git/stubdom/polarssl-x86_32/library/aes.c:661: undefined reference to `padlock_xcryptecb' /local/scratch/ianc/devel/xen-unstable.git/stubdom/mini-os-x86_32-vtpmmgr/mini-os.o: In function `aes_crypt_cbc': /local/scratch/ianc/devel/xen-unstable.git/stubdom/polarssl-x86_32/library/aes.c:771: undefined reference to `padlock_supports'
/local/scratch/ianc/devel/xen-unstable.git/stubdom/polarssl-x86_32/library/aes.c:773: undefined reference to `padlock_xcryptcbc'
make[1]: ***
[/local/scratch/ianc/devel/xen-unstable.git/stubdom/mini-os-x86_32-vtpmmgr/mini-os]
Error 1
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked by: Matthew Fioravante <matthew.fioravante@jhuapl.edu>
[ ijc -- applied same fix to stubdom/vtpm/Makefile ] Committed-by: Ian Campbell <ian.campbell@citrix.com>
Stub domains now use autoconf to build.
This configure script can enable or disable specific domains
and also specify custom download locations for stubdom library
packages. See ./configure --help for details.
C and Caml are disabled by default. vtpm-stubdom is conditional
on the presense of cmake.
Rename vtpmmgrdom to vtpmmgr-stubdom
Also update .*ignore
Signed-off-by: Matthew Fioravante <matthew.fioravante@jhuapl.edu> Acked-by: Ian Campbell <ian.campbell@citrix.com> Committed-by: Ian Campbell <ian.campbell@citrix.com>
Signed-off-by: Matthew Fioravante <matthew.fioravante@jhuapl.edu> Acked-by: Ian Campbell <ian.campbell@citrix.com> Committed-by: Ian Campbell <ian.campbell@citrix.com>
vtpm/vtpmmgr and required libs to stubdom/Makefile
Add 3 new libraries to stubdom:
libgmp
polarssl
Berlios TPM Emulator 0.7.4
Add makefile structure for vtpm and vtpmmgrdom. Both
vtpm domains are optional builds as vtpm depends on
cmake. To build either of them, you must do so explicitly.
make vtpm-stubdom vtpmmgrdom
Finally, also update .*ignore
Signed-off-by: Matthew Fioravante <matthew.fioravante@jhuapl.edu> Acked-by: Ian Campbell <ian.campbell@citrix.com>
[ijc, folded in fix from Matthew to workaround cmake 2.8.2 build failure] Committed-by: Ian Campbell <ian.campbell@citrix.com>
Add the code base for vtpmmgrdom. Makefile changes
next patch.
Signed-off-by: Matthew Fioravante <matthew.fioravante@jhuapl.edu> Acked-by: Ian Campbell <ian.campbell@citrix.com> Committed-by: Ian Campbell <ian.campbell@citrix.com>
Add the code base for vtpm-stubdom to the stubdom
heirarchy. Makefile changes in later patch.
Signed-off-by: Matthew Fioravante <matthew.fioravante@jhuapl.edu> Acked-by: Ian Campbell <ian.campbell@citrix.com> Committed-by: Ian Campbell <ian.campbell@citrix.com>
Ian Jackson [Fri, 26 Oct 2012 15:09:29 +0000 (16:09 +0100)]
libxc: builder: limit maximum size of kernel/ramdisk.
Allowing user supplied kernels of arbitrary sizes, especially during
decompression, can swallow up dom0 memory leading to either virtual
address space exhaustion in the builder process or allocation
failures/OOM killing of both toolstack and unrelated processes.
We disable these checks when building in a stub domain for pvgrub
since this uses the guest's own memory and is isolated.
Decompression of gzip compressed kernels and ramdisks has been safe
since 14954:58205257517d (Xen 3.1.0 onwards).
This is XSA-25 / CVE-2012-4544.
Also make explicit checks for buffer overflows in various
decompression routines. These were already ruled out due to other
properties of the code but check them as a belt-and-braces measure.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com> Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
Ian Campbell [Thu, 25 Oct 2012 16:04:37 +0000 (17:04 +0100)]
xl: Do not leak events when a domain exits.
The goto in both of these places misses the event free which would
normally clean up.
==8655== 80 bytes in 1 blocks are definitely lost in loss record 1 of 1
==8655== at 0x4024370: calloc (vg_replace_malloc.c:593)
==8655== by 0x406EAAE: libxl__zalloc (libxl_internal.c:83)
==8655== by 0x4078173: libxl__event_new (libxl_event.c:1167)
==8655== by 0x4056373: domain_death_occurred (libxl.c:958)
==8655== by 0x4058D06: domain_death_xswatch_callback (libxl.c:1038)
==8655== by 0x4078EB5: watchfd_callback (libxl_event.c:458)
==8655== by 0x407839E: afterpoll_internal (libxl_event.c:949)
==8655== by 0x4079142: eventloop_iteration (libxl_event.c:1371)
==8655== by 0x40799BB: libxl_event_wait (libxl_event.c:1396)
==8655== by 0x805CC67: create_domain (xl_cmdimpl.c:1698)
==8655== by 0x805E001: main_create (xl_cmdimpl.c:3986)
==8655== by 0x804D43D: main (xl.c:285)
Signed-off-by: Ian Campbell <ian.campbell@citrix.com> Acked-by: Ian Jackson <ian.jackson@eu.citrix.com> Committed-by: Ian Jackson <ian.jackson@eu.citrix.com>
Olaf Hering [Thu, 18 Oct 2012 08:35:06 +0000 (09:35 +0100)]
stubdom: install stubdompath.sh as data file
rpmlint complains a script helper which is only sourced:
[ 1875s] xen-tools.i586: W: script-without-shebang /usr/lib/xen/bin/stubdompath.sh
[ 1875s] This text file has executable bits set or is located in a path dedicated for
[ 1875s] executables, but lacks a shebang and cannot thus be executed. If the file is
[ 1875s] meant to be an executable script, add the shebang, otherwise remove the
[ 1875s] executable bits or move the file elsewhere.
Signed-off-by: Olaf Hering <olaf@aepfle.de> Acked-by: Ian Campbell <ian.campbell@citrix.com> Committed-by: Ian Campbell <ian.campbell@citrix.com>
[ 1758s] xen-tools.x86_64: E: spurious-executable-perm (Badness: 50) /usr/lib/xen/boot/xenstore-stubdom.gz
[ 1758s] The file is installed with executable permissions, but was identified as one
[ 1758s] that probably should not be executable. Verify if the executable bits are
[ 1758s] desired, and remove if not. NOTE: example scripts should be packaged under
[ 1758s] %docdir/examples, which will avoid this warning.
Signed-off-by: Olaf Hering <olaf@aepfle.de> Acked-by: Ian Campbell <ian.campbell@citrix.com> Committed-by: Ian Campbell <ian.campbell@citrix.com>
Olaf Hering [Thu, 18 Oct 2012 08:34:59 +0000 (09:34 +0100)]
stubdom: fix compile errors in grub
Building xen.rpm in SLES11 started to fail due to these compiler
warnings:
[ 1436s] ../grub-upstream/netboot/fsys_tftp.c:213: warning: operation on 'block' may be undefined
[ 1437s] ../grub-upstream/netboot/main.c:444: warning: operation on 'block' may be undefined
The reason for this is that the assignment is done twice:
tp.u.ack.block = ((uint16_t)( (((uint16_t)((block = prevblock)) & (uint16_t)0x00ffU) << 8) | (((uint16_t)((block = prevblock)) & (uint16_t)0xff00U) >> 8)));
Fix this package build error by adding another patch for grub, which
moves the assignment out of the macro usage.
Signed-off-by: Olaf Hering <olaf@aepfle.de> Acked-by: Ian Campbell <ian.campbell@citrix.com> Committed-by: Ian Campbell <ian.campbell@citrix.com>
Olaf Hering [Thu, 11 Oct 2012 09:21:15 +0000 (10:21 +0100)]
stubdom: fix error assignment in grub:load_module
[ 1333s] mini-os.c: In function 'load_module':
[ 1333s] mini-os.c:244: warning: statement with no effect
Signed-off-by: Olaf Hering <olaf@aepfle.de> Acked-by: Samuel Thibault <samuel.thibault@ens-lyon.org> Committed-by: Ian Campbell <ian.campbell@citrix.com>
Olaf Hering [Mon, 8 Oct 2012 11:18:34 +0000 (12:18 +0100)]
stubdom: fix parallel build by expanding CROSS_MAKE
Recently I changed my rpm xen.spec file from doing
'make -C tools -j N && make stubdom' to 'make -j N stubdom' because
stubdom depends on tools, so both get built.
The result was the failure below.
make[2]: Leaving directory `/home/abuild/rpmbuild/BUILD/xen-4.2.25602/non-dbg/stubdom/grub'
make[1]: *** [grub] Error 2
[ -d mini-os-x86_64-xenstore ] || \
for i in $(cd /home/abuild/rpmbuild/BUILD/xen-4.2.25602/non-dbg/stubdom/../extras/mini-os ; find . -type d) ; do \
mkdir -p mini-os-x86_64-xenstore/$i ; \
done
....
Expanding every occurrence of CROSS_MAKE avoids this error. It also has
the nice side effect of actually enabling parallel build for stubdom.
According to the GNU make documentation $(MAKE) gets its special meaning
only if it appears directly in the recipe:
Matt Wilson [Wed, 4 Apr 2012 10:09:15 +0000 (11:09 +0100)]
PV-GRUB: add support for btrfs
This patch adds btrfs support to the GRUB tree used to build PV-GRUB.
The original patch is from Gentoo:
https://bugs.gentoo.org/show_bug.cgi?id=283637
Signed-off-by: Matt Wilson <msw@amazon.com> Committed-by: Ian Jackson <ian.jackson.citrix.com> Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
Matt Wilson [Wed, 4 Apr 2012 10:09:14 +0000 (11:09 +0100)]
PV-GRUB: add support for ext4
This patch adds support for ext4 to the GRUB tree used to build PV-GRUB.
The original patch is taken from the Fedora GRUB package in this commit:
http://pkgs.fedoraproject.org/gitweb/?p=grub.git;a=commitdiff;h=32bf414af04d377055957167aac7dedec691ef57
Signed-off-by: Matt Wilson <msw@amazon.com> Committed-by: Ian Jackson <ian.jackson.citrix.com> Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
Matt Wilson [Wed, 4 Apr 2012 10:09:14 +0000 (11:09 +0100)]
PV-GRUB: Check for errors when applying patches to GRUB
We want to ensure that patches apply cleanly without rejects. Bail if
patch returns a non-zero exit code.
Signed-off-by: Matt Wilson <msw@amazon.com> Committed-by: Ian Jackson <ian.jackson.citrix.com> Acked-by: Ian Campbell <ian.campbell@citrix.com> Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
Daniel De Graaf [Thu, 9 Feb 2012 18:33:35 +0000 (18:33 +0000)]
stubdom: enable xenstored build
Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov> Acked-by: Ian Campbell <ian.campbell@citrix.com> Cc: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Committed-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
Daniel De Graaf [Thu, 9 Feb 2012 18:33:32 +0000 (18:33 +0000)]
mini-os: make frontends and xenbus optional
This adds compile-time logic to disable certain frontends in mini-os:
- pcifront is disabled by default, enabled for ioemu
- blkfront, netfront, fbfront, kbdfront, consfront are enabled by default
- xenbus is required for any frontend, and is enabled by default
If all frontends and xenbus are disabled, mini-os will run without
needing to communicate with xenstore, making it suitable to run the
xenstore daemon. The console frontend is not required for the initial
console, only consoles opened via openpt or ptmx.
Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov> Acked-by: Ian Campbell <ian.campbell@citrix.com> Cc: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Committed-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
Daniel De Graaf [Thu, 9 Feb 2012 18:33:31 +0000 (18:33 +0000)]
mini-os: Move test functions into test.c
While useful, these test functions should not be compiled into every
mini-os instance that we compile.
Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov> Acked-by: Ian Campbell <ian.campbell@citrix.com> Cc: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Committed-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
Daniel De Graaf [Thu, 9 Feb 2012 18:33:31 +0000 (18:33 +0000)]
mini-os: create app-specific configuration
Instead of using CONFIG_QEMU and CONFIG_GRUB to enable or disable minios
code, create CONFIG_ items for features and use application-specific
configuration files to enable or disable the features.
The configuration flags are currently added to the compiler command
line; as the number of flags grows this may need to move to a header.
Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov> Acked-by: Ian Campbell <ian.campbell@citrix.com> Acked-by: Samuel Thibault <samuel.thibault@ens-lyon.org> Committed-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
Jan Beulich [Tue, 13 Dec 2011 12:32:23 +0000 (13:32 +0100)]
stubdom: allow to build with older tool chain
GNU make prior to 3.81 doesn't support $(realpath ...). This fixes a
regression introduced in 23368:0f670f5146c8 (the option tested via
cc-option-add got interpreted as the argument of the -I compiler
option, as its intended argument was blank, and hence the compiler was
falsely considered to support *any* option in the pciutils sub-tree).
Signed-off-by: Jan Beulich <jbeulich@suse.com> Acked-by: Keir Fraser <keir@xen.org>
Daniel Kiper [Wed, 27 Apr 2011 12:29:14 +0000 (13:29 +0100)]
pv-grub: Fix for incorrect dom->p2m_host[] list initialization
Introduction of Linux Kernel git commit ceefccc93932b920a8ec6f35f596db05202a12fe (x86: default
CONFIG_PHYSICAL_START and CONFIG_PHYSICAL_ALIGN to 16 MB) revealed
deeply hidden bug in pv-grub. During kernel load stage dom->p2m_host[]
list has been incorrectly initialized.
At the beginning of kernel load stage dom->p2m_host[] list is
populated with current PFN->MFN layout. Later during memory allocation
(memory is allocated page by page in kexec_allocate()) page order is
changed to establish linear layout in new domain. It is done by
exchanging subsequent MFNs with newly allocated MFNs. dom->p2m_host[]
list is indexed by currently requested PFN (it is incremented from 0)
and PFN of newly allocated paged. If PFN of newly allocated page is
less than currently requested PFN then earlier allocated MFN is
overwritten which leads to domain crash later. This patch corrects
that issue. If PFN of newly allocated page is less then currently
requested PFN then relevant PFN/MFN pair is properly calculated and
usual exchange occurs later.
Signed-off-by: Daniel Kiper <dkiper@net-space.pl> Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
Keir Fraser [Thu, 17 Mar 2011 10:36:25 +0000 (10:36 +0000)]
build: Make XEN_ROOT an absolute path.
Otherwise make can search the path relative to certain standard paths
such as /usr/include (e.g., the line '-include $(XEN_ROOT)/.config' in
Config.mk suffers from this).
John Weekes [Tue, 11 Jan 2011 16:42:41 +0000 (16:42 +0000)]
stubdom: Fix stubdom-dm using "grep" improperly
stubdom-dm uses "grep" on "xm list" output to determine whether it is
already running. The existing behavior is to use "grep $domname-dm" but
this will result in a false-positive in the case of another domU running
whose name ends with the full new name; for instance, if "abctest-dm" is
running, a new "test-dm" will spin forever, waiting for it the end.
Any easy fix is to have it use "grep -w" instead of "grep", searching
for the whole word only.
It also might be worth considering a switch to "xl list" from "xm list",
here and in other places.
Signed-off-by: John Weekes <lists.xen@nuclearfallout.net> Committed-by: Ian Jackson <ian.jackson@eu.citrix.com>
Jan Beulich [Tue, 23 Nov 2010 16:43:38 +0000 (16:43 +0000)]
qemu-xen: build adjustments to support out-of-tree builds
QEMU by itself can be built outside of its source directory. With the
qemu repository being separate from the hypervisor/tools one it seems
to make sense to make use of this feature, but doing so requires a
couple of adjustments to the Xen changes to it. Basically, if
CONFIG_QEMU is found to indicate an existing directory, this directory
will be used rather than cloning the git repo into the build tree.
[ This changeset is the xen-unstable part of the patch but also
includes the QEMU_TAG update to pull in the qemu part. -iwj ]
Signed-off-by: Jan Beulich <jbeulich@novell.com> Acked-by: Ian Jackson <ian.jackson@eu.citrix.com> Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
Jan Beulich [Fri, 19 Nov 2010 18:39:33 +0000 (18:39 +0000)]
stubdom: allow building with read-only sources
Signed-off-by: Jan Beulich <jbeulich@novell.com> Acked-by: Ian Jackson <ian.jackson@eu.citrix.com> Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
Patrick Colp [Thu, 28 Oct 2010 11:15:41 +0000 (12:15 +0100)]
tools: caml-stubdom: fix "red zone" bug
According to the AMD64 ABI, the 128-byte area below %rsp is reserved
for scratch space and should not be used by signal, interrupt, or
exception handlers. However, Mini-OS does not adhere to this
interface. As a result, the -mno-red-zone flag must be provided to gcc
in order to force code to be compiled without this assumption. In the
case of the c-stubdom or the ioemu stubdom, Makefile configuration and
flags are inherited from Xen, which includes this flag. However, in
the case of the ocaml stubdom, since an independent ocaml version is
pulled and compiled, with its own make system in place, this flag is
not present.
As a default optimisation (no optimisation flags specified), gcc
generates function header code that uses mov instead of push (to save
a few instructions). However, with the 128-byte scratch space
assumption in place, registers are moved onto the stack *before* %rsp
is updated. This results in cases where when a function is being
called, *after* the first mov <foo>, <offset>(%rsp) but *before* the
%rsp update, sub <bar>, %rsp, if an interrupt is fired, then the stack
will be clobbered (as Mini-OS uses the application stack for its
stack, pushing registers onto the stack on entry and popping them off
on exit).
This patch fixes this issue by passing the -mno-red-zone flag to the
ocaml configure script in the stubdom Makefile.
Signed-off-by: Patrick Colp <pjcolp@cs.ubc.ca> Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
Patrick Colp [Tue, 21 Sep 2010 16:54:43 +0000 (17:54 +0100)]
tools/ocaml: Fix caml-stubdom make line to depend on the ocaml cross compiler
The provided sample caml stubdom needs to use the ocaml cross
compiler, but if it hasn't been downloaded and compiled, then it won't
find it and the build will fail. This makes caml-stubdom depend on
the cross compiler, so it will automatically get built before the
stubdom.
Signed-off-by: Patrick Colp <pjcolp@cs.ubc.ca> Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
Ian Campbell [Wed, 21 Jul 2010 15:36:19 +0000 (16:36 +0100)]
stubdom: correct handling DESTDIR during build
The stubdom/Makefile expects components to install themselves to
stubdom/$(CROSS_ROOT) and passes the appropriate configure and make
variables to make this happen.
However if the top-level build uses DESTDIR then this not only effects
the installation targets in stubdom/Makefile but is also propagated to
the individual components' build causing them to install into an
unexpected location and breaking the build.
In other words "make -C stubdom DESTDIR=/tmp/a-dest-dir" fails due to missing
headers because they had been installed into /tmp/a-dest-dir instead of
stubdom/$(CROSS_ROOT).
The existing attempt to clear DESTDIR for the newlib install phase was
insufficient.
Define a CROSS_MAKE variable which should be used to recurse into the
cross compiled components and which clears DESTDIR.
Also move the definition of the genpath target to after the first
"all" target so that the default target is all.
I have confirmed that with this fix only the Xen build system outputs end up in
/tmp/a-dest-dir.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com> Committed-by: Ian Jackson <ian.jackson@eu.citrix.com>
Keir Fraser [Fri, 28 May 2010 08:30:19 +0000 (09:30 +0100)]
libxc: eliminate static variables, use xentoollog; API change
This patch eliminate the global variables in libxenctrl (used for
logging and error reporting).
Instead the information which was in the global variables is now in a
new xc_interface* opaque structure, which xc_interface open returns
instead of the raw file descriptor; furthermore, logging is done via
xentoollog.
There are three new parameters to xc_interface_open to control the
logging, but existing callers can just pass "0" for all three to get
the old behaviour.
All libxc callers have been adjusted accordingly.
Also update QEMU_TAG for corresponding qemu change.
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
When no fb is available, init_fbfront will return, so the local
semaphore for synchronization with the kbd thread would get dropped.
Using a global static semaphore instead fixes this.
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
Keir Fraser [Fri, 5 Mar 2010 14:40:19 +0000 (14:40 +0000)]
Fix Makefile targets that generate several files at once
In a few places in the tree the Makefiles have constructs like this:
one_file another_file:
$(COMMAND_WHICH_GENERATES_BOTH_AT_ONCE)
This is wrong, because make will run _two copies_ of the same command
at once. This generally causes races and hard-to-reproduce build
failures.
Notably, `make -j4' at the top level will build stubdom libxc twice
simultaneously!
In this patch we replace the occurrences of this construct with the
correct idiom:
one_file: another_file
another_file:
$(COMMAND_WHICH_GENERATES_BOTH_AT_ONCE)
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
Keir Fraser [Fri, 11 Dec 2009 08:44:33 +0000 (08:44 +0000)]
domain builder: multiboot-like module support
This defines how multiple modules can be passed to a domain by packing
them together into a "multiboot module" in a way very similar to the
multiboot standard. An SIF_ flag is added to announce such package.
This also adds a packing implementation to PV-GRUB.
Signed-Off-By: Samuel Thibault <samuel.thibault@ens-lyon.org>
Keir Fraser [Mon, 23 Nov 2009 07:14:33 +0000 (07:14 +0000)]
pcifront: fix multiple initialization bug
Now that we have pcifront_watches to dynamically initialize pcifront
we don't need a call to init_pcifront in pcilib and pcifront_scan
anymore; we should just wait for the frontend to connect to the
backend instead.
Keir Fraser [Fri, 13 Nov 2009 21:58:30 +0000 (21:58 +0000)]
pcifront: implement dynamic connections and disconnections
this patch implements dynamic connections and disconnections in
pcifront.
This feature is required to properly support pci hotplug, because when
no pci devices are assigned to a guest, xend will remove the pci
backend altogether.
Keir Fraser [Thu, 29 Oct 2009 14:04:45 +0000 (14:04 +0000)]
stubdom: make stubdom-dm exit properly
The built-in bash command wait should be able to take a pid argument
and just wait for the specified process to die, but it currently has a
bug and what actually does is waiting for the death of all the
children. For this reason the stubdom-dm script doesn't exit properly
after stubdom destruction. This patch solves the issue spawning only
one child, removing the sleep subprocess workaround that was used to
create a usable stdin for "xm console" and replacing it with a fifo.
Keir Fraser [Thu, 15 Oct 2009 07:16:42 +0000 (08:16 +0100)]
xend: destroy stubdoms synchronously
This patch makes the destruction of stubdoms a synchronous event,
therefore it is no longer possible to run out of memory when rebooting
a guest because the stubdom of the old guest is always destroyed
before the creation of the new guest.
Keir Fraser [Sun, 16 Aug 2009 07:45:04 +0000 (08:45 +0100)]
stubdoms: parse bridge informations
Currently the stubdom-dm script doesn't read the bridge of a vif
on xenstore, therefore all the vifs assigned to the stubdom always
belong to default bridge. This patch changes the behavior reading the
bridge from xenstore and adding the bridge to the stubdom config
file.
Keir Fraser [Tue, 11 Aug 2009 06:34:55 +0000 (07:34 +0100)]
libxc: Include private Xen headers in stubdom libxc build
The headers libelf.h and elfstructs.h were removed from
xen/include/public in 19011:7df072566b8c. But this broke the stubdom
build because parts of libxc depend on them. This patch adds
$(XEN_ROOT)/xen/include/xen to the stubdom -I path.
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
19818 added the following line to stubdom-dm:
. ./stubdompath.sh
and replaced many paths with variables. However the path to
stubdompath.sh is obviously wrong and stubdompath.sh is nowhere to be
found anyway. For the moment I am dropping . ./stubdompath.sh and
hardcoding the values of the variables.
stubdom: fix a race that affects live migration with stubdoms
This patch fixes a race during live migration with stubdoms: right
after the stubdom dies the configuration file of the VM is removed by
stubdom-dm but, in case of a live migration, the configuration file
could be the one of the new VM in the process of being created.
Removing the config file before destroying the stubdom is enough to
solve the race.
Keir Fraser [Tue, 23 Jun 2009 16:25:51 +0000 (17:25 +0100)]
Get rid of hardcoded pathes for stubdom and hotplug scripts
- Have the buid system generate a file which exports the install paths
for the hotplug scripts and stubdom / stubdom-dm
- Move file generation code from tools/python/Makefile into a gmake
macro
in Config.mk to avoid maintenance of three duplicates each with its
own
tweaks and bugs
- Export gmake variables into ioemu as shell variables
for upcoming ioemu patches
- Do above as a gmake macro to avoid maintenance of several duplicates
- Adjust hotplug scripts to find the right xen binaries from the
install directory
- Adjust stubdom-dm to use the install directories
Signed-off-by: Christoph Egger <Christoph.Egger@amd.com>
Keir Fraser [Thu, 18 Jun 2009 09:20:17 +0000 (10:20 +0100)]
stubdoms: qemu monitor support
Add support for the qemu monitor in a stubdom, the same way the
emulated serial support was added few days ago. The stubdom exports
the monitor as a pty and minios opens a console frontend; qemu in dom0
provides the correspondent backend for this additional pv console that
happens to be the qemu monitor.
Keir Fraser [Tue, 26 May 2009 08:50:35 +0000 (09:50 +0100)]
stubdom: 'file' based disk sharing
Allow 'file' based disks, that are blkback based disks, to be shared
between the guest domain and the stubdom. It does so exploiting the
same exception introduced in the previous patch "stubdoms phy disks
sharing". Now we can remove the hack in stubdom-dm that forces "file"
disks to be opened using blktap instead of blkback.
Keir Fraser [Tue, 19 May 2009 13:17:56 +0000 (14:17 +0100)]
stubdom: Rebuild the ocaml runtime libraries with the options needed
if they are to be linked with object files created by ocamlc and the minios
kernel.
This is needed to build stubdoms written in ocaml.
Signed-off-by: Alex Zeffertt <alex.zeffertt@eu.citrix.com>
Network support is still provided the same way: using the tap
interface, created in qemu using netfront.
The lwip stack is still available to avoid additional compilation
issues.
However the stubdom is not going to have its own vif anymore,
this means that the only vnc server supported is the one in dom0.
You can still enable the vnc server in a stubdom at compile time, if
you want so.
Probably the most important change caused by this patch to xen users
is that you don't have to specify two vif in the stubdom config file
anymore, but just one:
This patch removes the need for a second configuration file for
stubdoms: it is going to be automatically generated by the script
stubdom-dm using command line options and xenstore to find any needed
information.
The configuration script will be placed under /etc/xen/stubdoms and
automatically removed when the domain is destroyed.
The only change needed in xend is not to write on xenstore sdl,
opengl and serial command line options for qemu, because stubdoms do
not support them.
It is safe to remove those two options from xenstore because qemu does
not use xenstore to read commans line options.
Finally this patch fixes blkfront disconnections from backends and
display and xauthority variables for pv guests.
Keir Fraser [Wed, 18 Mar 2009 17:30:13 +0000 (17:30 +0000)]
ioemu-stubdom: Use xen-setup-stubdom rather than configure
xen-setup runs the upstream configure script, and ends up
autodetecting various properties of the host and then trying to use
them in stubdom, which works badly.
Keir Fraser [Thu, 29 Jan 2009 16:41:48 +0000 (16:41 +0000)]
stubdom: add videoram to stubdom initial memory reservation
This patch adds a videoram parameter (4MB is the default) to pv guests
too: if the pv guest is actually a stubdomain then the videoram size
is added to the initial required available memory.
This way there is no risk that a stubdom fails to populate the
videoram because the RAM freed for the videoram by dom0 has already
been used to create the stubdom.
Keir Fraser [Fri, 9 Jan 2009 16:56:54 +0000 (16:56 +0000)]
stubdom: Fix compilation after libelf header changes
Changeset 19011:7df072566b8c moved some of the libelf headers.
However, no changes were made to stubdom/Makefile.
stubdom/Makefile unfortunately contains embedded in it knowledge about
the header directory structures, and must therefore typically be
updated if new header directories are created.
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
projects / people / liuw / stubdom.git / log