]> xenbits.xensource.com Git - xen.git/log
xen.git
12 years agoxen: arm64: interrupt/abort mask/unmask
Ian Campbell [Fri, 22 Feb 2013 08:57:55 +0000 (08:57 +0000)]
xen: arm64: interrupt/abort mask/unmask

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Tim Deegan <tim@xen.org>
12 years agoxen: arm64: xchg and cmpxchg
Ian Campbell [Fri, 22 Feb 2013 08:57:54 +0000 (08:57 +0000)]
xen: arm64: xchg and cmpxchg

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Tim Deegan <tim@xen.org>
12 years agoxen: arm64: barriers and wait for interrupts/events
Ian Campbell [Fri, 22 Feb 2013 08:57:53 +0000 (08:57 +0000)]
xen: arm64: barriers and wait for interrupts/events

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Tim Deegan <tim@xen.org>
12 years agoxen: arm64: address translation
Ian Campbell [Fri, 22 Feb 2013 08:57:52 +0000 (08:57 +0000)]
xen: arm64: address translation

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Tim Deegan <tim@xen.org>
12 years agoxen: arm64: dcache flush
Ian Campbell [Fri, 22 Feb 2013 08:57:51 +0000 (08:57 +0000)]
xen: arm64: dcache flush

Use "dsb sy" instead of bare "dsb", they mean the same on 32-bit but only the
former is valid on 64-bit.

Abstract the actual flush operation into a macro.

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Tim Deegan <tim@xen.org>
12 years agoxen: arm64: PTE handling
Ian Campbell [Fri, 22 Feb 2013 08:57:50 +0000 (08:57 +0000)]
xen: arm64: PTE handling

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Tim Deegan <tim@xen.org>
12 years agoxen: arm64: TLB flushes
Ian Campbell [Fri, 22 Feb 2013 08:57:49 +0000 (08:57 +0000)]
xen: arm64: TLB flushes

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Tim Deegan <tim@xen.org>
12 years agoxen: arm: refactor co-pro and sysreg reg handling.
Ian Campbell [Fri, 22 Feb 2013 08:57:48 +0000 (08:57 +0000)]
xen: arm: refactor co-pro and sysreg reg handling.

AArch64 has removed the concept of co-processors replacing them with a
combination of specific instructions (cache and tlb flushes etc) and
system registers (which are understood by name in the assembler).

However most system registers are equivalent to a particular AArch32
co-pro register and can be used by generic code in the same way. Note
that the names of the registers differ (often only slightly)

For consistency it would be better to use only set of names in the
common code. Therefore move the {READ,WRITE}_CP{32,64} accessors into
arm32/processor.h and provide {READ,WRITE}_SYSREG. Where the names
differ #defines will be provided on 32-bit.

HSR_CPREG and friends are required even on 64-bit in order to decode
traps from 32 bit guests.

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Tim Deegan <tim@xen.org>
12 years agoxen: arm64: atomics
Ian Campbell [Fri, 22 Feb 2013 08:57:47 +0000 (08:57 +0000)]
xen: arm64: atomics

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Tim Deegan <tim@xen.org>
12 years agoxen: arm64: spinlocks
Ian Campbell [Fri, 22 Feb 2013 08:57:46 +0000 (08:57 +0000)]
xen: arm64: spinlocks

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Tim Deegan <tim@xen.org>
12 years agoxen: arm64: basic config and types headers
Ian Campbell [Fri, 22 Feb 2013 08:57:45 +0000 (08:57 +0000)]
xen: arm64: basic config and types headers

The 64-bit bitops are taken from the Linux asm-generic implementations. They
should be replaced with optimised versions from the Linux arm64 port when they
become available.

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Tim Deegan <tim@xen.org>
12 years agoxen: arm64: initial build + config changes, start of day code
Ian Campbell [Fri, 22 Feb 2013 08:57:44 +0000 (08:57 +0000)]
xen: arm64: initial build + config changes, start of day code

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Tim Deegan <tim@xen.org>
12 years agoxen: consolidate implementations of LOG() macro
Ian Campbell [Fri, 22 Feb 2013 08:57:43 +0000 (08:57 +0000)]
xen: consolidate implementations of LOG() macro

arm64 is going to add another one shortly, so take control now.

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Tim Deegan <tim@xen.org>
Acked-by: Keir Fraser <keir@xen.org>
12 years agoarm: avoid inline asm for dsb, isb, wfi and sev.
Ian Campbell [Fri, 22 Feb 2013 08:57:42 +0000 (08:57 +0000)]
arm: avoid inline asm for dsb, isb, wfi and sev.

"dsb" must be written "dsb sy" on arm64. "dsb sy" is also valid (and
synonymous) on arm32 but we have a macro so lets use it.

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Acked-by: Tim Deegan <tim@xen.org>
12 years agoxen: event channel arrays are xen_ulong_t and not unsigned long
Ian Campbell [Fri, 22 Feb 2013 08:57:41 +0000 (08:57 +0000)]
xen: event channel arrays are xen_ulong_t and not unsigned long

On ARM we want these to be the same size on 32- and 64-bit.

This is an ABI change on ARM. X86 does not change.

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Keir Fraser <keir@xen.org>
Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
12 years agotools: s/arm/arm32/ in foreign header checks.
Ian Campbell [Fri, 22 Feb 2013 08:57:40 +0000 (08:57 +0000)]
tools: s/arm/arm32/ in foreign header checks.

Also define __arm__ARM32 as required.

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
12 years agotools: disable docs for QEMU build
Wei Liu [Fri, 22 Feb 2013 11:31:44 +0000 (11:31 +0000)]
tools: disable docs for QEMU build

Texinfo 5 breaks QEMU builds. As we do not need documents from QEMU, just
disable it.

Signed-off-by: Wei Liu <wei.liu2@citrix.com>
Tested-by: jacek burghardt <jaceksburghardt@gmail.com>
12 years agohonor ACPI v4 FADT flags
Jan Beulich [Fri, 22 Feb 2013 10:56:54 +0000 (11:56 +0100)]
honor ACPI v4 FADT flags

- force use of physical APIC mode if indicated so (as we don't support
  xAPIC cluster mode, the respective flag is taken to force physical
  mode too)
- don't use MSI if indicated so (implies no IOMMU)

Both can be overridden on the command line, for the MSI case this at
once adds a new command line option allowing to turn off PCI MSI (IOMMU
and HPET are unaffected by this).

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Keir Fraser <keir@xen.org>
12 years agox86: honor ACPI indicating absence of CMOS RTC
Jan Beulich [Fri, 22 Feb 2013 10:51:06 +0000 (11:51 +0100)]
x86: honor ACPI indicating absence of CMOS RTC

On such systems we can boot through EFI only.

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Keir Fraser <keir@xen.org>
12 years agoACPI: support v5 (reduced HW) sleep interface
Jan Beulich [Fri, 22 Feb 2013 10:48:57 +0000 (11:48 +0100)]
ACPI: support v5 (reduced HW) sleep interface

Note that this also fixes a broken input check in acpi_enter_sleep()
(previously validating the sleep->pm1[ab]_cnt_val relationship based
on acpi_sinfo.pm1b_cnt_val, which however gets set only subsequently).

Also adjust a few minor issues with the pre-v5 handling in
acpi_fadt_parse_sleep_info().

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Keir Fraser <keir@xen.org>
12 years agoACPICA: Update for larger ACPI 5 FADT size
Bob Moore [Fri, 22 Feb 2013 10:47:25 +0000 (11:47 +0100)]
ACPICA: Update for larger ACPI 5 FADT size

FADT is now larger than 256 bytes, so all FADT offsets must be
changed from 8 bits to 16 bits.

Signed-off-by: Bob Moore <robert.moore@intel.com>
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Keir Fraser <keir@xen.org>
12 years agoACPI 5.0: Implement hardware-reduced option
Bob Moore [Fri, 22 Feb 2013 10:46:32 +0000 (11:46 +0100)]
ACPI 5.0: Implement hardware-reduced option

If HW-reduced flag is set in the FADT, do not attempt to access
or initialize any ACPI hardware, including SCI and global lock.
No FACS will be present.

Signed-off-by: Bob Moore <robert.moore@intel.com>
Also adjust acpi_fadt_parse_sleep_info().

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Keir Fraser <keir@xen.org>
12 years agoACPI 5.0: Basic support for FADT version 5
Bob Moore [Fri, 22 Feb 2013 10:43:59 +0000 (11:43 +0100)]
ACPI 5.0: Basic support for FADT version 5

Signed-off-by: Bob Moore <robert.moore@intel.com>
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Keir Fraser <keir@xen.org>
12 years agox86/nhvm: properly clean up after failure to set up all vCPU-s
Jan Beulich [Fri, 22 Feb 2013 10:21:38 +0000 (11:21 +0100)]
x86/nhvm: properly clean up after failure to set up all vCPU-s

Otherwise we may leak memory when setting up nHVM fails half way.

This implies that the individual destroy functions will have to remain
capable (in the VMX case they first need to be made so, following
26486:7648ef657fe7 and 26489:83a3fa9c8434) of being called for a vCPU
that the corresponding init function was never run on.

Once at it, also remove a redundant check from the corresponding
parameter validation code.

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Tim Deegan <tim@xen.org>
Tested-by: Olaf Hering <olaf@aepfle.de>
12 years agox86/mm: avoid locked lookups in shadow emulation.
Tim Deegan [Thu, 21 Feb 2013 17:41:26 +0000 (17:41 +0000)]
x86/mm: avoid locked lookups in shadow emulation.

Use get_page_from_gfn() instead of get_gfn(), avoiding taking the p2m
lock in the common case.

Signed-off-by: Andres Lagar-Cavilla <andres@lagarcavilla.org>
Acked-by: Tim Deegan <tim@xen.org>
12 years agogenid: Introduce again Windows generation ID device
Frediano Ziglio [Tue, 19 Feb 2013 08:54:34 +0000 (08:54 +0000)]
genid: Introduce again Windows generation ID device

This device was removed due to change in specifications.
Original patch written by Paul Durrant

Signed-off-by: Paul Durrant <paul.durrant@citrix.com>
Signed-off-by: Frediano Ziglio <frediano.ziglio@citrix.com>
12 years agogenid: Update Windows generation ID
Frediano Ziglio [Tue, 19 Feb 2013 08:54:33 +0000 (08:54 +0000)]
genid: Update Windows generation ID

First draft specification document it as a 64bit counter, now are a 128bit
value handled as a couple of 64bit values.

Allow to disable the device is values are all zeroes.

Add documentation for platform/generation-id key.

Signed-off-by: Frediano Ziglio <frediano.ziglio@citrix.com>
12 years agogcov: Add documentation for coverage
Frediano Ziglio [Thu, 14 Feb 2013 12:37:17 +0000 (12:37 +0000)]
gcov: Add documentation for coverage

12 years agogcov: Add small utility to deal with test coverage information from Xen
Frediano Ziglio [Thu, 14 Feb 2013 12:37:16 +0000 (12:37 +0000)]
gcov: Add small utility to deal with test coverage information from Xen

Currently the utility can read and reset coverage informations.

Signed-off-by: Frediano Ziglio <frediano.ziglio@citrix.com>
12 years agogcov: Implement code to read coverage informations
Frediano Ziglio [Thu, 14 Feb 2013 12:37:15 +0000 (12:37 +0000)]
gcov: Implement code to read coverage informations

Operations are handled by a sysctl specific operation.

Implement 4 operations
- check if coverage is compiled in
- read size of coverage information
- read coverage information
- reset coverage counters

Information are stored in a single blob in a format specific to Xen designed
to make code that generate coverage as small as possible.

This patch add a public header with the structure of blob exported by Xen.
This avoid problems distributing header which is GPL2.

Signed-off-by: Frediano Ziglio <frediano.ziglio@citrix.com>
12 years agogcov: Adding support for coverage information
Frediano Ziglio [Thu, 14 Feb 2013 12:37:14 +0000 (12:37 +0000)]
gcov: Adding support for coverage information

This patch introduce coverage support to Xen.
Currently it allows to compile Xen with coverage support but there is no
way to extract them.

The declarations came from Linux source files (as you can see from file
headers).

The idea is to have some operations mainly
- get coverage information size
- read coverage information
- reset coverage counters

Linux use a file system to export these information. The information will
be a blob to handle with some tools (as usually tools require a bunch of
files but Xen does not handle files at all). I'll pack them to make things
simpler as possible.

These information cannot be put in a specific section (allowing a safe
mapping) as gcc use .rodata, .data, .text and .ctors sections.

I added code to handle constructors used in this case to initialize a
linked list of files.

I excluded %.init.o files as they are used before Xen start and should
not have section like .text or .data.

I used a "coverage" configuration option to mimic the "debug" one.

Signed-off-by: Frediano Ziglio <frediano.ziglio@citrix.com>
12 years agogcov: Call constructors during initialization
Frediano Ziglio [Thu, 14 Feb 2013 12:37:13 +0000 (12:37 +0000)]
gcov: Call constructors during initialization

This allow modules to set initializer functions.
This is used by Gcc instrumentation code for profiling arcs and test
coverage.

12 years agoFix emacs local variable block to use correct C style variable.
David Vrabel [Thu, 21 Feb 2013 16:12:46 +0000 (16:12 +0000)]
Fix emacs local variable block to use correct C style variable.

The emacs variable to set the C style from a local variable block is
c-file-style, not c-set-style.

Signed-off-by: David Vrabel <david.vrabel@citrix.com
12 years agox86/mm: Take the p2m lock even in shadow mode.
Tim Deegan [Thu, 21 Feb 2013 14:07:19 +0000 (14:07 +0000)]
x86/mm: Take the p2m lock even in shadow mode.

The reworking of p2m lookups to use get_gfn()/put_gfn() left the
shadow code not taking the p2m lock, even in cases where the p2m would
be updated (i.e. PoD).

In many cases, shadow code doesn't need the exclusion that
get_gfn()/put_gfn() provides, as it has its own interlocks against p2m
updates, but this is taking things too far, and can lead to crashes in
the PoD code.

Now that most shadow-code p2m lookups are done with explicitly
unlocked accessors, or with the get_page_from_gfn() accessor, which is
often lock-free, we can just turn this locking on.

The remaining locked lookups are in sh_page_fault() (in a path that's
almost always already serializing on the paging lock), and in
emulate_map_dest() (which can probably be updated to use
get_page_from_gfn()).  They're not addressed here but may be in a
follow-up patch.

Signed-off-by: Tim Deegan <tim@xen.org>
Acked-by: Andres Lagar-Cavilla <andres@lagarcavilla.org>
12 years agolibxl: fix build on 32-bit
Ian Campbell [Thu, 21 Feb 2013 10:59:51 +0000 (10:59 +0000)]
libxl: fix build on 32-bit

aab4d1b266ce "libxl: Add qxl vga interface support for upstream qemu"
introduced:
libxl_dm.c: In function ‘libxl__build_device_model_args_new’:
libxl_dm.c:449: error: format ‘%lu’ expects type ‘long unsigned int’, but argument 3 has type ‘long long unsigned int’
libxl_dm.c:451: error: format ‘%lu’ expects type ‘long unsigned int’, but argument 3 has type ‘long long unsigned int’

on arm32 and x86_32.

Use the inttypes.h PRId64 macro.

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
12 years ago.gitignore: Do not ignore dsdl.asl file
Frediano Ziglio [Wed, 20 Feb 2013 16:59:43 +0000 (16:59 +0000)]
.gitignore: Do not ignore dsdl.asl file

dsdl.asl file is not autogenerated while all other dsdl_*.asl files are.
.hgignore is correct.

Signed-off-by: Frediano Ziglio <frediano.ziglio@citrix.com>
Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
Committed-by: Ian Jackson <ian.jackson@eu.citrix.com>
12 years agolibxl: Add qxl vga interface support for upstream qemu
Fabio Fantoni [Wed, 20 Feb 2013 15:46:06 +0000 (15:46 +0000)]
libxl: Add qxl vga interface support for upstream qemu

Usage:
  vga="qxl"

Signed-off-by: Fabio Fantoni <fabio.fantoni@heliman.it>
Signed-off-by: Zhou Peng <zpengxen@gmail.com>
Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
Committed-by: Ian Jackson <ian.jackson@eu.citrix.com>
12 years agoQEMU_TAG update
Ian Jackson [Wed, 20 Feb 2013 15:43:03 +0000 (15:43 +0000)]
QEMU_TAG update

12 years agoxmalloc: make close-to-PAGE_SIZE allocations more efficient
Jan Beulich [Tue, 19 Feb 2013 09:49:53 +0000 (10:49 +0100)]
xmalloc: make close-to-PAGE_SIZE allocations more efficient

Rather than bumping their sizes to slightly above (a multiple of)
PAGE_SIZE (in order to store tracking information), thus requiring
a non-order-0 allocation even when no more than a page is being
requested, return the result of alloc_xenheap_pages() directly, and use
the struct page_info field underlying PFN_ORDER() to store the actual
size (needed for freeing the memory).

This leverages the fact that sub-allocation of memory obtained from the
page allocator can only ever result in non-page-aligned memory chunks
(with the exception of zero size allocations with sufficiently high
alignment being requested, which is why zero-size allocations now get
special cased).

Use the new property to simplify allocation of the trap info array for
PV guests on x86.

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Keir Fraser <keir@xen.org>
12 years agoAMD IOMMU: use __ioapic_read_entry() instead of open coding it
Jan Beulich [Mon, 18 Feb 2013 08:38:25 +0000 (09:38 +0100)]
AMD IOMMU: use __ioapic_read_entry() instead of open coding it

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
12 years agoAMD IOMMU: don't BUG() when we don't have to
Jan Beulich [Mon, 18 Feb 2013 08:37:35 +0000 (09:37 +0100)]
AMD IOMMU: don't BUG() when we don't have to

find_iommu_for_device() can easily return NULL instead, as all of its
callers are prepared for that.

Signed-off-by: Jan Beulich <jbeulich@suse.com>
12 years agox86/VMX: fix VMCS setting for x2APIC mode guest while enabling APICV
Jiongxi Li [Mon, 18 Feb 2013 08:34:18 +0000 (09:34 +0100)]
x86/VMX: fix VMCS setting for x2APIC mode guest while enabling APICV

The "APIC-register virtualization" and "virtual-interrupt deliver"
VM-execution control has no effect on the behavior of RDMSR/WRMSR if
the "virtualize x2APIC mode" VM-execution control is 0.
When guest uses x2APIC mode, we should enable "virtualize x2APIC mode"
for APICV first.

Signed-off-by: Jiongxi Li <jiongxi.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Acked-by: Jun Nakajima <jun.nakajima@intel.com>
Committed-by: Jan Beulich <jbeulich@suse.com>
12 years agox86/VMX: fix live migration while enabling APICV
Jiongxi Li [Mon, 18 Feb 2013 08:27:58 +0000 (09:27 +0100)]
x86/VMX: fix live migration while enabling APICV

SVI should be restored in case guest is processing virtual interrupt
while saveing a domain state. Otherwise SVI would be missed when
virtual interrupt delivery is enabled.

Signed-off-by: Jiongxi Li <jiongxi.li@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
Acked-by: Jun Nakajima <jun.nakajima@intel.com>
Committed-by: Jan Beulich <jbeulich@suse.com>
12 years agoMerge
Ian Campbell [Sat, 16 Feb 2013 13:17:22 +0000 (13:17 +0000)]
Merge

12 years agoxm: fix description of xm vcpu-set command
Lalith Suresh [Fri, 15 Feb 2013 14:57:40 +0000 (14:57 +0000)]
xm: fix description of xm vcpu-set command

Minor language correction in the description of the xm vcpu-set command.

Signed-off-by: Lalith Suresh <suresh.lalith@gmail.com>
Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
Committed-by: Ian Jackson <ian.jackson@eu.citrix.com>
12 years agotools/libxl: Disable useless empty floppy drive with qemu-xen
Fabio Fantoni [Fri, 15 Feb 2013 14:30:06 +0000 (14:30 +0000)]
tools/libxl: Disable useless empty floppy drive with qemu-xen

Signed-off-by: Fabio Fantoni <fabio.fantoni@heliman.it>
Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Committed-by: Ian Campbell <ian.campbell@citrix.com>
12 years agoxen/arm: introduce a driver for the ARM HDLCD controller
Stefano Stabellini [Fri, 15 Feb 2013 14:30:06 +0000 (14:30 +0000)]
xen/arm: introduce a driver for the ARM HDLCD controller

Read the screen resolution setting from device tree, find the
corresponding modeline in a small table of standard video modes, set the
hardware accordingly.

Use vexpress_syscfg to configure the pixel clock.

Use the generic framebuffer functions to print on the screen.

Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Committed-by: Ian Campbell <ian.campbell@citrix.com>
12 years agoxen: introduce a generic framebuffer driver
Stefano Stabellini [Fri, 15 Feb 2013 14:30:05 +0000 (14:30 +0000)]
xen: introduce a generic framebuffer driver

Abstract away from vesa.c the funcions to handle a linear framebuffer
and print characters to it.
Make use of the new functions in vesa.c.

Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Acked-by: Jan Beulich <JBeulich@suse.com>
Acked-by: Keir Fraser <keir@xen.org>
[ ijc -- s/fbp/lfbp/ in two places to fix the build ]
Committed-by: Ian Campbell <ian.campbell@citrix.com>
12 years agotools/libxl: Improve videoram setting
Fabio Fantoni [Fri, 15 Feb 2013 13:32:27 +0000 (13:32 +0000)]
tools/libxl: Improve videoram setting

- If videoram setting is less than 8 mb shows error and exit.
- Added videoram setting for qemu upstream with cirrus (added in qemu 1.3).
- Updated xl.cfg man.
- Default and minimal videoram changed to 16 mb if stdvga is set and upstream
  qemu is being used. This is required by qemu 1.4 to avoid a xen memory error
  (qemu 1.3 doesn't complain about it, probably buggy).

Signed-off-by: Fabio Fantoni <fabio.fantoni@heliman.it>
Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Committed-by: Ian Campbell <ian.campbell@citrix.com>
12 years agotools/libxl: Added vga parameter for hvm domUs
Fabio Fantoni [Fri, 15 Feb 2013 13:32:26 +0000 (13:32 +0000)]
tools/libxl: Added vga parameter for hvm domUs

Usage:
  vga="stdvga"|"cirrus"

- Default option is cirrus.
- Prints error and exit if unknown value is passed.
- stdvga parameter is now deprecated.
- Updated xl.cfg man.

Signed-off-by: Fabio Fantoni <fabio.fantoni@heliman.it>
Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Committed-by: Ian Campbell <ian.campbell@citrix.com>
12 years agoxen/vtimer: fixes and improvements
Stefano Stabellini [Fri, 15 Feb 2013 13:32:26 +0000 (13:32 +0000)]
xen/vtimer: fixes and improvements

Do not try to save and restore the vtimer for the idle domain.

Inject the vtimer interrupt from the Xen timer handler, taking care of
setting the timer as masked in the ctl field, so that at restore time it
is not going to fire the interrupt again.

No need to disable the vtimer before writing the new offset on restore:
the vtimer is already disabled.

Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Committed-by: Ian Campbell <ian.campbell@citrix.com>
12 years agoxen/arm: drain all the outstanding interrupts before returning from gic_interrupt
Stefano Stabellini [Fri, 15 Feb 2013 13:32:25 +0000 (13:32 +0000)]
xen/arm: drain all the outstanding interrupts before returning from gic_interrupt

Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Committed-by: Ian Campbell <ian.campbell@citrix.com>
12 years agoxen/arm: make lr_mask per_cpu
Stefano Stabellini [Fri, 15 Feb 2013 13:32:24 +0000 (13:32 +0000)]
xen/arm: make lr_mask per_cpu

lr_mask, keeping track of the LR registers in use, should be a per_cpu
variable.

Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Committed-by: Ian Campbell <ian.campbell@citrix.com>
12 years agoxen/arm: just return 0 on XENMEM_get_sharing_shared/freed_pages
Stefano Stabellini [Fri, 15 Feb 2013 13:32:24 +0000 (13:32 +0000)]
xen/arm: just return 0 on XENMEM_get_sharing_shared/freed_pages

memory sharing is not implemented on ARM yet, so just return 0 for now

Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Committed-by: Ian Campbell <ian.campbell@citrix.com>
12 years agoxen/arm: /spin_lock_irq/spin_lock_irqsave in gic_set_guest_irq
Stefano Stabellini [Fri, 15 Feb 2013 13:32:23 +0000 (13:32 +0000)]
xen/arm: /spin_lock_irq/spin_lock_irqsave in gic_set_guest_irq

gic_set_guest_irq can be called with irq disabled

Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Committed-by: Ian Campbell <ian.campbell@citrix.com>
12 years agoxen/arm: compile and run libxl/xl
Stefano Stabellini [Fri, 15 Feb 2013 13:32:22 +0000 (13:32 +0000)]
xen/arm: compile and run libxl/xl

Move tsc, rtc, memmap_limit, localtime and shadow settings from
libxl__build_pre to libxl__arch_domain_create.

Get the console and xenstore pfn's from struct xc_dom_image for
autotranslated guests.

Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Committed-by: Ian Campbell <ian.campbell@citrix.com>
12 years agolibxc: fixes for the ARM platform
Stefano Stabellini [Fri, 15 Feb 2013 13:32:21 +0000 (13:32 +0000)]
libxc: fixes for the ARM platform

Make xc_dom_feature_translated an arch-dependent function.

alloc_magic_pages: save console and xenstore pfn's in xc_dom_image.
alloc_magic_pages: set HVM_PARAM_CONSOLE_EVTCHN and
HVM_PARAM_STORE_EVTCHN hvm_params using the event channels allocated by
the toolstack.

Call xc_dom_gnttab_hvm_seed instead of xc_dom_gnttab_seed in
xc_dom_gnttab_init for autotranslated guests.

Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Committed-by: Ian Campbell <ian.campbell@citrix.com>
12 years agoxen/arm: implement gnttab_create_shared_page and gnttab_shared_gmfn
Stefano Stabellini [Fri, 15 Feb 2013 13:32:21 +0000 (13:32 +0000)]
xen/arm: implement gnttab_create_shared_page and gnttab_shared_gmfn

Introduce a simple pfn array, grant_table_gpfn, to keep track of the
grant table pages mapped in guest gpfn space.

Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Committed-by: Ian Campbell <ian.campbell@citrix.com>
12 years agoxen: move XEN_SYSCTL_physinfo, XEN_SYSCTL_numainfo and XEN_SYSCTL_topologyinfo to...
Stefano Stabellini [Fri, 15 Feb 2013 13:32:20 +0000 (13:32 +0000)]
xen: move XEN_SYSCTL_physinfo, XEN_SYSCTL_numainfo and XEN_SYSCTL_topologyinfo to common code

Move XEN_SYSCTL_physinfo, XEN_SYSCTL_numainfo and
XEN_SYSCTL_topologyinfo from x86/sysctl.c to common/sysctl.c.

The implementation of XEN_SYSCTL_physinfo is mostly generic but needs to
fill in few arch specific details: introduce arch_do_physinfo to do that.

The implementation of XEN_SYSCTL_physinfo relies on two global
variables: total_pages and cpu_khz. Make them available on ARM.

Implement node_spanned_pages and __node_distance on ARM, assuming 1 numa
node for now.

Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Acked-by: Keir Fraser <keir@xen.org>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Committed-by: Ian Campbell <ian.campbell@citrix.com>
12 years agoxen/arm: introduce vexpress_syscfg
Stefano Stabellini [Fri, 15 Feb 2013 13:32:19 +0000 (13:32 +0000)]
xen/arm: introduce vexpress_syscfg

Introduce a Versatile Express specific function to read/write
motherboard settings.

Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Committed-by: Ian Campbell <ian.campbell@citrix.com>
12 years agoxen/device_tree: introduce find_compatible_node
Stefano Stabellini [Fri, 15 Feb 2013 13:32:18 +0000 (13:32 +0000)]
xen/device_tree: introduce find_compatible_node

Introduce a find_compatible_node function that can be used by device
drivers to find the node corresponding to their device in the device
tree.

Initialize device_tree_flattened early in start_xen, so that it is
available before setup_mm. Get rid of fdt in the process.

Also add device_tree_node_compatible to device_tree.h, that is currently
missing.

Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
[ ijc - s/atag_paddr/fdt_paddr ]
Committed-by: Ian Campbell <ian.campbell@citrix.com>
12 years agoxen/arm: move setup_mm right after setup_pagetables
Stefano Stabellini [Fri, 15 Feb 2013 13:32:18 +0000 (13:32 +0000)]
xen/arm: move setup_mm right after setup_pagetables

At the moment we destroy the DTB mappings we have in setup_pagetables
and we restore them only in setup_mm.

Move setup_mm right after setup_pagetables.
This ensures we have a valid DTB mapping while running the subsequent
initialization code.

Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
[ ijc -- s/atag_paddr/fdt_paddr/ ]
Committed-by: Ian Campbell <ian.campbell@citrix.com>
12 years agolibxl: Cleanup, use LOG* and GCSPRINTF macro in libxl_dom.c
Ross Philipson [Fri, 15 Feb 2013 13:32:17 +0000 (13:32 +0000)]
libxl: Cleanup, use LOG* and GCSPRINTF macro in libxl_dom.c

Signed-off-by: Ross Philipson <ross.philipson@citrix.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Committed-by: Ian Campbell <ian.campbell@citrix.com>
12 years agolibxl: HVM firmware passthrough support
Ross Philipson [Fri, 15 Feb 2013 13:32:16 +0000 (13:32 +0000)]
libxl: HVM firmware passthrough support

This patch introduces support for two new parameters in libxl:

smbios_firmware=<path_to_smbios_structures_file>
acpi_firmware=<path_to_acpi_tables_file>

The changes are primarily in the domain building code where the firmware files
are read and passed to libxc for loading into the new guest. After the domain
building call to libxc, the addresses for the loaded blobs are returned and
written to xenstore.

LIBXL_HAVE_FIRMWARE_PASSTHROUGH is defined in libxl.h to allow users to
determine if the feature is present.

This patch also updates the xl.cfg man page with descriptions of the two new
parameters for firmware passthrough.

Signed-off-by: Ross Philipson <ross.philipson@citrix.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Committed-by: Ian Campbell <ian.campbell@citrix.com>
12 years agolibxl: switch to using the new xc_hvm_build() libxc API.
Ross Philipson [Fri, 15 Feb 2013 13:32:16 +0000 (13:32 +0000)]
libxl: switch to using the new xc_hvm_build() libxc API.

Signed-off-by: Ross Philipson <ross.philipson@citrix.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Committed-by: Ian Campbell <ian.campbell@citrix.com>
12 years agolibxl: pass debug flag down to libxl_domain_suspend
Olaf Hering [Fri, 15 Feb 2013 13:32:15 +0000 (13:32 +0000)]
libxl: pass debug flag down to libxl_domain_suspend

libxl_domain_suspend is already prepared to handle LIBXL_SUSPEND_DEBUG,
and xl migrate handles the -d switch as well. Pass this flag down to
libxl_domain_suspend, so that finally xc_domain_save can dump huge
amount of debug data to stdout.
Update xl.1 and help text output.

Signed-off-by: Olaf Hering <olaf@aepfle.de>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Committed-by: Ian Campbell <ian.campbell@citrix.com>
12 years agoxl: correct help text of xl migrate
Olaf Hering [Fri, 15 Feb 2013 13:32:14 +0000 (13:32 +0000)]
xl: correct help text of xl migrate

Signed-off-by: Olaf Hering <olaf@aepfle.de>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Committed-by: Ian Campbell <ian.campbell@citrix.com>
12 years agotools/xc: log pid in xc_save/xc_restore output
Olaf Hering [Fri, 15 Feb 2013 13:32:13 +0000 (13:32 +0000)]
tools/xc: log pid in xc_save/xc_restore output

If several migrations log their output to xend.log its not clear which
line belongs to a which guest. Print entry/exit of xc_save and
xc_restore and also request to print pid with each log call.

Signed-off-by: Olaf Hering <olaf@aepfle.de>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Committed-by: Ian Campbell <ian.campbell@citrix.com>
12 years agotools/xc: restore logging in xc_save
Olaf Hering [Fri, 15 Feb 2013 13:32:13 +0000 (13:32 +0000)]
tools/xc: restore logging in xc_save

Prior to xen-4.1 the helper xc_save would print some progress during
migration. With the new xc_interface_open API no more messages were
printed because no logger was configured.

Restore previous behaviour by providing a logger. The progress in
xc_domain_save will be disabled because it generates alot of output and
fills up xend.log quickly.

Signed-off-by: Olaf Hering <olaf@aepfle.de>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Committed-by: Ian Campbell <ian.campbell@citrix.com>
12 years agotools/xc: turn XCFLAGS_* into shifts
Olaf Hering [Fri, 15 Feb 2013 13:32:12 +0000 (13:32 +0000)]
tools/xc: turn XCFLAGS_* into shifts

to make it clear that these are bits and to make it easier to use in
xend code.

Signed-off-by: Olaf Hering <olaf@aepfle.de>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Committed-by: Ian Campbell <ian.campbell@citrix.com>
12 years agotools/xc: handle tty output differently in stdiostream_progress
Olaf Hering [Fri, 15 Feb 2013 13:32:11 +0000 (13:32 +0000)]
tools/xc: handle tty output differently in stdiostream_progress

If the output goes to a tty, rewind the cursor and print everything in a
single line as it was done up to now. If the output goes to a file or
pipe print a newline after each progress output. This will fix logging
of progress messages from xc_save to xend.log.

To support XTL_STDIOSTREAM_SHOW_PID or XTL_STDIOSTREAM_SHOW_DATE print
the output via vmessage if the output is not a tty.

Signed-off-by: Olaf Hering <olaf@aepfle.de>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Committed-by: Ian Campbell <ian.campbell@citrix.com>
12 years agotools/xc: fix logic error in stdiostream_progress
Olaf Hering [Fri, 15 Feb 2013 13:32:11 +0000 (13:32 +0000)]
tools/xc: fix logic error in stdiostream_progress

Setting XTL_STDIOSTREAM_HIDE_PROGRESS should disable progress reporting.

Signed-off-by: Olaf Hering <olaf@aepfle.de>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Committed-by: Ian Campbell <ian.campbell@citrix.com>
12 years agoxen: arm32: Use system wide TLB flushes, not just inner-shareable
Ian Campbell [Fri, 15 Feb 2013 13:32:10 +0000 (13:32 +0000)]
xen: arm32: Use system wide TLB flushes, not just inner-shareable

We currently setup page table walks etc as outer-shareable. Given we don't
really make the distinction between inner- and outer-shareable yet err on
theside of safety.

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Tim Deegan <tim@xen.org>
Committed-by: Ian Campbell <ian.campbell@citrix.com>
12 years agoconfigure: configure a subsystem when explicitly requested.
Shakeel Butt [Fri, 15 Feb 2013 13:32:09 +0000 (13:32 +0000)]
configure: configure a subsystem when explicitly requested.

Executing "./configure --enable-stubdom" doesn't call stubdom/configure, fix
this.

Signed-off-by: Shakeel Butt <shakeel.butt@gmail.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Committed-by: Ian Campbell <ian.campbell@citrix.com>
12 years agoxen: arm: do not pass a machine ID to dom0
Ian Campbell [Fri, 15 Feb 2013 13:32:08 +0000 (13:32 +0000)]
xen: arm: do not pass a machine ID to dom0

Xen relies on DTB and we pass in a suitable device-tree so we don't
need to (and shouldn't) pretend to be a Versatile Express here.

We already don't pass a machine ID to domU in the same way.

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Tim Deegan <tim@xen.org>
Committed-by: Ian Campbell <ian.campbell@citrix.com>
12 years agoxen: arm: rename atag_paddr argument fdt_paddr
Ian Campbell [Fri, 15 Feb 2013 13:32:08 +0000 (13:32 +0000)]
xen: arm: rename atag_paddr argument fdt_paddr

We don't support ATAGs and this is always actually an FDT address.

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Tim Deegan <tim@xen.org>
Committed-by: Ian Campbell <ian.campbell@citrix.com>
12 years agoxen: arm32: Don't bother with the bootloader provided ARM-Linux machine type
Ian Campbell [Fri, 15 Feb 2013 13:32:07 +0000 (13:32 +0000)]
xen: arm32: Don't bother with the bootloader provided ARM-Linux machine type

Everything is DTB based and on 64-bit there is no such concept even in
Linux.

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Committed-by: Ian Campbell <ian.campbell@citrix.com>
12 years agotrivial: Optimize printnum
Frediano Ziglio [Fri, 15 Feb 2013 13:32:06 +0000 (13:32 +0000)]
trivial: Optimize printnum

Reuse the string of hexadecimal numbers to simplify printnum implementation

Signed-off-by: Frediano Ziglio <frediano.ziglio@citrix.com>
Acked-by: Keir Fraser <keir@xen.org>
Committed-by: Ian Campbell <ian.campbell@citrix.com>
12 years agoarm: comment the use of second_linear_offset() in mm.c
Tim Deegan [Fri, 15 Feb 2013 13:32:06 +0000 (13:32 +0000)]
arm: comment the use of second_linear_offset() in mm.c

Signed-off-by: Tim Deegan <tim@xen.org>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Committed-by: Ian Campbell <ian.campbell@citrix.com>
12 years agotools/ocaml: oxenstored: correctly handle a full ring.
Ian Campbell [Fri, 15 Feb 2013 09:24:43 +0000 (09:24 +0000)]
tools/ocaml: oxenstored: correctly handle a full ring.

Change 26521:2c0fd406f02c (part of XSA-38 / CVE-2013-0215) incorrectly
caused us to ignore rather than process a completely full ring. Check if
producer and consumer are equal before masking to avoid this, since prod ==
cons + PAGE_SIZE after masking becomes prod == cons.

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Keir Fraser <keir@xen.org>
Committed-by: Ian Campbell <ian.campbell@citrix.com>
12 years agox86: move watchdog declarations from config.h to nmi.h
Jan Beulich [Fri, 15 Feb 2013 08:47:17 +0000 (09:47 +0100)]
x86: move watchdog declarations from config.h to nmi.h

They don't belong into the former.

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Keir Fraser <keir@xen.org>
12 years agox86: use single definitions for a few constants
Jan Beulich [Fri, 15 Feb 2013 08:45:28 +0000 (09:45 +0100)]
x86: use single definitions for a few constants

... rather than having a C and an assembly one.

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Keir Fraser <keir@xen.org>
12 years agoxenoprof: avoid division by 0
Tim Deegan [Fri, 15 Feb 2013 08:42:02 +0000 (09:42 +0100)]
xenoprof: avoid division by 0

Signed-off-by: Tim Deegan <tim@xen.org>
Acked-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Keir Fraser <keir@xen.org>
Committed-by: Jan Beulich <jbeulich@suse.com>
12 years agohvm: Allow triple fault to imply crash rather than reboot
Andrew Cooper [Fri, 15 Feb 2013 08:38:45 +0000 (09:38 +0100)]
hvm: Allow triple fault to imply crash rather than reboot

While the triple fault action on native hardware will result in a system
reset, any modern operating system can and will make use of less violent
reboot methods.  As a result, the most likely cause of a triple fault is a
fatal software bug.

This patch allows the toolstack to indicate that a triple fault should mean a
crash rather than a reboot.  The default of reboot still remains the same.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Acked-by: Keir Fraser <keir@xen.org>
Committed-by: Jan Beulich <jbeulich@suse.com>
12 years agox86: explicit suffix in inline assembler (for clang).
Tim Deegan [Thu, 14 Feb 2013 13:20:06 +0000 (14:20 +0100)]
x86: explicit suffix in inline assembler (for clang).

This fixes the clang build, and has no effect on gcc's output.

Signed-off-by: Tim Deegan <tim@xen.org>
Committed-by: Jan Beulich <jbeulich@suse.com>
12 years agox86/setup: don't relocate the VGA hole.
Tim Deegan [Thu, 14 Feb 2013 12:20:58 +0000 (12:20 +0000)]
x86/setup: don't relocate the VGA hole.

Copying the contents of the VGA hole is at best pointless and at worst
dangerous.  Booting Xen on Xen, it causes a very long delay as each
byte is referred to qemu.

Since we were already discarding the first 1MB of the relocated area,
just avoid copying it in the first place.

Reported-by: Jon Ludlam <jonathan.ludlam@eu.citrix.com>
Signed-off-by: Tim Deegan <tim@xen.org>
Committed-by: Keir Fraser <keir@xen.org>
12 years agoAMD IOMMU: handle MSI for phantom functions
Jan Beulich [Thu, 14 Feb 2013 08:42:57 +0000 (09:42 +0100)]
AMD IOMMU: handle MSI for phantom functions

With ordinary requests allowed to come from phantom functions, the
remapping tables ought to be set up to also allow for MSI triggers to
come from other than the "real" device too.

It is not clear to me whether the alias-ID handling also needs
adjustment for this to work properly, or whether firmware can be
expected to properly express this through a device alias range
descriptor (or multiple device alias ones).

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
12 years agoAMD IOMMU: also spot missing IO-APIC entries in IVRS table
Jan Beulich [Thu, 14 Feb 2013 08:40:52 +0000 (09:40 +0100)]
AMD IOMMU: also spot missing IO-APIC entries in IVRS table

Apart from dealing duplicate conflicting entries, we also have to
handle firmware omitting IO-APIC entries in IVRS altogether. Not doing
so has resulted in c/s 26517:601139e2b0db to crash such systems during
boot (whereas with the change here the IOMMU gets disabled just as is
being done in the other cases, i.e. unless global tables are being
used).

Debugging this issue has also pointed out that the debug log output is
pretty ugly to look at - consolidate the output, and add one extra
item for the IVHD special entries, so that future issues are easier
to analyze.

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Tested-by: Sander Eikelenboom <linux@eikelenboom.it>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
12 years agoxen/flask: fix crash on debugkey "i"
Daniel De Graaf [Wed, 13 Feb 2013 17:04:33 +0000 (17:04 +0000)]
xen/flask: fix crash on debugkey "i"

The IRQs beyond nr_static_irqs do not all have an associated PCI
device, so only query the device SID if pci is not NULL.

Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Acked-by: Jan Beulich <jbeulich@suse.com>
Committed-by: Keir Fraser <keir@xen.org>
12 years agogcc4.8 build fix: Add -Wno-unused-local-typedefs to CFLAGS.
Keir Fraser [Wed, 13 Feb 2013 17:03:31 +0000 (17:03 +0000)]
gcc4.8 build fix: Add -Wno-unused-local-typedefs to CFLAGS.

Based on a patch by M A Young <m.a.young@durham.ac.uk>

Signed-off-by: Keir Fraser <keir@xen.org>
12 years agotools: Fix memset(&p,0,sizeof(p)) idiom in several places.
Michael Young [Wed, 13 Feb 2013 17:00:15 +0000 (17:00 +0000)]
tools: Fix memset(&p,0,sizeof(p)) idiom in several places.

gcc 4.8 identifies several places where code of the form memset(x, 0,
sizeof(x)); is used incorrectly, meaning that less memory is set to
zero than required.

Signed-off-by: Michael Young <m.a.young@durham.ac.uk>
Committed-by: Keir Fraser <keir@xen.org>
12 years agox86: fix map_domain_page() leak from vcpu_destroy_pagetables()
Jan Beulich [Wed, 13 Feb 2013 08:31:48 +0000 (09:31 +0100)]
x86: fix map_domain_page() leak from vcpu_destroy_pagetables()

Introduced by c/s 26450:4816763549e0 and exposed with
26523:fd997a96d448.

Signed-off-by: Jan Beulich <jbeulich@suse.com>
12 years agounmodified_drivers: __devinit was removed in linux-3.8
Olaf Hering [Tue, 12 Feb 2013 10:29:51 +0000 (11:29 +0100)]
unmodified_drivers: __devinit was removed in linux-3.8

Signed-off-by: Olaf Hering <olaf@aepfle.de>
Merge with __init handling.

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Committed-by: Jan Beulich <jbeulich@suse.com>
12 years agox86: Add Xenoprofile support for AMD Family16h
Suravee Suthikulpanit [Tue, 12 Feb 2013 10:18:54 +0000 (11:18 +0100)]
x86: Add Xenoprofile support for AMD Family16h

Add Xenoprofile support for AMD Family16h. The corresponded OProfile
patch has already been submitted to OProfile mailing list.
(http://marc.info/?l=oprofile-list&m=136036136017302&w=2 ).

Signed-off-by: Suravee Suthikulpanit <suravee.suthikulpanit@amd.com>
Committed-by: Jan Beulich <jbeulich@suse.com>
12 years agox86/HAP: Add global enable/disable command line option
Andrew Cooper [Tue, 12 Feb 2013 10:12:22 +0000 (11:12 +0100)]
x86/HAP: Add global enable/disable command line option

Also, correct a copy&paste error in the documentation.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Acked-by: Tim Deegan <tim@xen.org>
Committed-by: Jan Beulich <jbeulich@suse.com>
12 years agox86: debugging code for testing 16Tb support on smaller memory systems
Jan Beulich [Fri, 8 Feb 2013 10:06:04 +0000 (11:06 +0100)]
x86: debugging code for testing 16Tb support on smaller memory systems

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Keir Fraser <keir@xen.org>
12 years agooxenstored: Enforce a maximum message size of 4096 bytes
Ian Jackson [Thu, 7 Feb 2013 14:21:47 +0000 (14:21 +0000)]
oxenstored: Enforce a maximum message size of 4096 bytes

The maximum size of a message is part of the protocol spec in
  xen/include/public/io/xs_wire.h

Before this patch a client which sends an overly large message can
cause a buffer read overrun.

Note if a badly-behaved client sends a very large message
then it will be difficult for them to make their connection
work again-- they will probably need to reboot.

Signed-off-by: David Scott <dave.scott@eu.citrix.com>
Acked-by: Ian Campbell <Ian.Campbell@citrix.com>
Committed-by: Ian Jackson <ian.jackson@eu.citrix.com>
12 years agotools/ocaml: oxenstored: Be more paranoid about ring reading
Ian Jackson [Thu, 7 Feb 2013 14:21:44 +0000 (14:21 +0000)]
tools/ocaml: oxenstored: Be more paranoid about ring reading

oxenstored makes use of the OCaml Xenbus bindings, in which the
function xs_ring_read in tools/ocaml/libs/xb/xs_ring_stubs.c is used
to read from the shared memory Xenstore ring.

This function does not correctly handle all possible (prod, cons)
states when MASK_XENSTORE_IDX(prod) > MASK_XENSTORE_IDX(cons).

The root cause is the use of the unmasked values of prod and cons to
calculate to_read.  If prod is set to an out-of-range value, the ring
peer can cause to_read to be too large or even negative.  This allows
the ring peer to force oxenstored to read and write out of range for
the buffers leading to a crash or possibly to privilege escalation.

Correct this by masking the values of cons and prod at the start, so
we only deal with masked values.  This makes the logic simpler, as
semantically inappropriate values of the upper bits of the ring
pointers are simply ignored.

The same vulnerability does not exist in the ring writer because the
only use made of the unmasked value is the check which prevents the
prod pointer overtaking the cons pointer.  A ring peer which defeats
this check will suffer only lost data.

However, additionally, precautions need to be taken to ensure that
req_cons and req_prod are only read once in each function.  Without
the use of volatile or some asm construct, the compiler can "prove"
that req_cons and req_prod do not change unexpectedly and is permitted
to "amplify" the read of (say) req_cons into two reads at different
times, giving two different values for use as cons, and then use the
two sources of cons interchangeably.  (The use of xen_mb() does not
forbid this.)

Therefore do the reads of req_cons and req_prod through a volatile
pointer in both xs_ring_read and xs_ring_write.

This is currently believed to be a theoretical vulnerability as we are
not aware of any compilers which amplify reads in this way.

This is a security issue, part of XSA-38 / CVE-2013-0215.

Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
Tested-by: Matthew Daley <mattjd@gmail.com>
Committed-by: Ian Jackson <ian.jackson@eu.citrix.com>
12 years agoxen: enable stubdom on a per arch basis
Ian Campbell [Tue, 5 Feb 2013 15:47:41 +0000 (15:47 +0000)]
xen: enable stubdom on a per arch basis

... and disable on ARM (for now).

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
Committed-by: Ian Campbell <ian.campbell@citrix.com>
12 years agoAMD,IOMMU: Make per-device interrupt remapping table default
Boris Ostrovsky [Tue, 5 Feb 2013 14:22:11 +0000 (15:22 +0100)]
AMD,IOMMU: Make per-device interrupt remapping table default

Using global interrupt remapping table may be insecure, as
described by XSA-36. This patch makes per-device mode default.

This is XSA-36 / CVE-2013-0153.

Signed-off-by: Boris Ostrovsky <boris.ostrovsky@amd.com>
Moved warning in amd_iov_detect() to location covering all cases.

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Committed-by: Jan Beulich <jbeulich@suse.com>