Jan Beulich [Fri, 17 Jun 2016 14:50:37 +0000 (16:50 +0200)]
x86/HVM: re-order operations in hvm_ud_intercept()
Don't fetch CS explicitly, leverage the fact that hvm_emulate_prepare()
already does (and that hvm_virtual_to_linear_addr() doesn't alter it).
At once increase the length passed to hvm_virtual_to_linear_addr() by
one: There definitely needs to be at least one more opcode byte, and we
can avoid missing a wraparound case this way.
Signed-off-by: Jan Beulich <jbeulich@suse.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
Dario Faggioli [Fri, 17 Jun 2016 10:31:00 +0000 (12:31 +0200)]
xen: sched: use default scheduler upon an invalid "sched="
instead of just the first scheduler we find in the array.
In fact, right now, if someone makes a typo when passing
the "sched=" command line option to Xen, we (with all
schedulers configured in) pick ARINC653, which is most
likely not what one would expect.
Go for the default scheduler instead.
Signed-off-by: Dario Faggioli <dario.faggioli@citrix.com> Acked-by: George Dunlap <george.dunlap@citrix.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com> Reviewed-By: Jonathan Creekmore <jonathan.creekmore@gmail.com>
[ 153s] cc1: warnings being treated as errors
[ 153s] xen-livepatch.c: In function 'main':
[ 153s] xen-livepatch.c:415:12: error: 'j' may be used uninitialized in this function
[ 153s] make[3]: *** [xen-livepatch.o] Error 1
Signed-off-by: Dongli Zhang <dongli.zhang@oracle.com> Acked-by: Wei Liu <wei.liu2@citrix.com>
Wei Liu [Mon, 13 Jun 2016 07:49:08 +0000 (08:49 +0100)]
build: introduce XEN_RUN_STORED
It defaults to /var/run/xenstored. It will be used later to remove some
hard-coded paths in tree. There should be no visible change to default
configuration.
Install and remove it in respective Makefile targets.
Signed-off-by: Wei Liu <wei.liu2@citrix.com> Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
Julien Grall [Wed, 15 Jun 2016 13:40:48 +0000 (14:40 +0100)]
xen/arm: gic-v2: Only create GICv2m node when there are GICv2m frame available
Xen will crash on platform where GICv2m is not available with the
following error:
(XEN) Can't find ranges property for the gic node
(XEN) Device tree generation failed (-15).
(XEN)
(XEN) ****************************************
(XEN) Panic on CPU 0:
(XEN) Could not set up DOM0 guest OS
(XEN) ****************************************
This is because the property "ranges" may not be present in the GIC
when there are no GICv2m frames.
Skip the creation of the GICv2m node when the hardware does not
support it.
This fixes boot after commit "xen/arm: Export GICv2m register frames to
DOM0 by device tree".
The current driver ACPI probe fails on hardware which has GICv4
version, even though it is fully compatible to GICv3. This patch
fixed the issue by registering the same probe function for GICv4
hardware.
Peng Fan [Thu, 19 May 2016 09:22:07 +0000 (17:22 +0800)]
xen/arm: smpboot: drop unneeded code in start_secondary
CPU0 boots up secondary CPUs one by one. Before booting
one secondary CPU, CPU0 will assign hwid to smp_up_cpu
and flush cache. After a secondary CPU boots up,
CPU0 will assign MPIDR_INVALID to smp_up_cpu and flush
cache.
There is no need for secondary CPUs to assign MPIDR_INVALID
to smp_up_cpu. So, drop it.
Peng Fan [Thu, 12 May 2016 11:48:48 +0000 (19:48 +0800)]
xen/arm: mm: clean up code in setup_pagetables
The base of address for the relocated xen needs to be mapped
at the same virtual address (BOOT_RELOC_VIRT_START) in both
the boot and runtime page tables. So we can merge the two pieces
of code into one code block.
Also no need to use write_pte when mapping BOOT_RELOC_VIRT_START
in xen_second, because CPU0 is using boot page tables.
xen/arm: gicv2: Export GICv2m register frames to Dom0 by device tree
This patch adds v2m extension support in GIC-v2 driver. The GICv2 driver
detects the MSI frames from device tree and creates corresponding device
tree nodes in dom0's DTB. It also provides one hw_ops callback to map
v2m MMIO regions to dom0 and route v2m SPIs to dom0.
With this GICv2m extension support, the dom0 kernel can do GICv2m frame
setup and initialization.
This patch is based on the GICv2m patch of Suravee Suthikulpanit:
[PATCH 2/2] xen/arm: gicv2: Adding support for GICv2m in Dom0
http://lists.xen.org/archives/html/xen-devel/2015-04/msg02613.html
Quan Xu [Fri, 17 Jun 2016 08:25:52 +0000 (10:25 +0200)]
propagate IOMMU Device-TLB flush error up to EPT update (top level ones)
Propagate the IOMMU Device-TLB flush error up to the ept_set_entry(),
when VT-d shares EPT page table.
Signed-off-by: Quan Xu <quan.xu@intel.com> Acked-by: Kevin Tian <kevin.tian@intel.com> Reviewed-by: Jan Beulich <jbeulich@suse.com> Acked-by: George Dunlap <george.dunlap@citrix.com>
Jan Beulich [Fri, 17 Jun 2016 08:22:22 +0000 (10:22 +0200)]
APEI: pull a signedness check ahead for Coverity's sake
On 64-bit architectures (which is all we care about right now in ACPI
code), the value coming from a __u32 field makes "len" positive anyway,
but since from an abstract pov the tool is right, let's just re-order
things.
Jan Beulich [Wed, 15 Jun 2016 15:46:36 +0000 (17:46 +0200)]
AMD IOMMU: correctly propagate errors from amd_iommu_init()
... instead of using -ENODEV for any kind of error. It in particular
addresses Coverity ID 1362694 (introduced by commit eb48587210 ["AMD
IOMMU: introduce support for IVHD block type 11h"]).
Jan Beulich [Wed, 15 Jun 2016 15:31:55 +0000 (17:31 +0200)]
x86/HVM: rename mmio_gva field to mmio_gla
... to correctly reflect its purpose. To make things consistent also
rename handle_mmio_with_translation()'s respective parameter (but don't
touch sh_page_fault(), as renaming its parameter would require quite a
few more changes there).
Suggested-by: Andrew Cooper <andrew.cooper3@citrix.com> Signed-off-by: Jan Beulich <jbeulich@suse.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com> Reviewed-by: Paul Durrant <paul.durrant@citrix.com>
Wei Liu [Mon, 13 Jun 2016 07:49:03 +0000 (08:49 +0100)]
tools: install and remove XEN_LIB_DIR in Makefile
The intention of using wild card in uninstall target is to remove both
xen and xenstored directories. Change that to two runes that explicitly
remove each of those directories.
Note that the runes that use hard-coded paths are kept for now to keep
the tree bisectable as I replace hard-coded paths component by
component. Those runes will be removed eventually.
Signed-off-by: Wei Liu <wei.liu2@citrix.com> Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
Wei Liu [Mon, 6 Jun 2016 10:52:11 +0000 (11:52 +0100)]
libxl: rename a field in libxl__domain_create_state
The libxl__stub_dm_spawn_state field in libxl__domain_create_state was
named dmss. That was inconsistent with how things were named (usually
acronym) and there was already libxl__dm_spawn_state named dmss in other
places.
Change dmss to sdss and fix up all sites that reference this field. No
functional change.
Signed-off-by: Wei Liu <wei.liu2@citrix.com> Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
Quan Xu [Tue, 14 Jun 2016 13:11:48 +0000 (15:11 +0200)]
IOMMU/MMU: enhance the call trees of IOMMU unmapping and mapping
When IOMMU mapping is failed, we issue a best effort rollback, stopping
IOMMU mapping, unmapping the previous IOMMU maps and then reporting the
error up to the call trees. When rollback is not feasible (in early
initialization phase or trade-off of complexity) for the hardware domain,
we do things on a best effort basis, only throwing out an error message.
IOMMU unmapping should continue despite an error, in an attempt to do
best effort cleanup.
Signed-off-by: Quan Xu <quan.xu@intel.com> Reviewed-by: Jan Beulich <jbeulich@suse.com> Reviewed-by: Suravee Suthikulpanit <suravee.suthikulpanit@amd.com> Acked-by: Kevin Tian <kevin.tian@intel.com> Acked-by: George Dunlap <george.dunlap@citrix.com>
Quan Xu [Tue, 14 Jun 2016 13:10:57 +0000 (15:10 +0200)]
IOMMU: handle IOMMU mapping and unmapping failures
Treat IOMMU mapping and unmapping failures as a fatal to the DomU
If IOMMU mapping and unmapping failed, crash the DomU and propagate
the error up to the call trees.
No spamming of the log can occur. For DomU, we avoid logging any
message for already dying domains. For Dom0, that'll still be more
verbose than we'd really like, but it at least wouldn't outright
flood the console.
Signed-off-by: Quan Xu <quan.xu@intel.com> Reviewed-by: Kevin Tian <kevin.tian@intel.com> Reviewed-by: Jan Beulich <jbeulich@suse.com>
Jan Beulich [Tue, 14 Jun 2016 13:10:16 +0000 (15:10 +0200)]
x86/HVM: use available linear->phys translations in REP MOVS/STOS handling
If we have the translation result available already, we should also use
is here. In my tests with Linux guests this eliminates all calls to
hvmemul_linear_to_phys() out of the two functions being changed.
Signed-off-by: Jan Beulich <jbeulich@suse.com> Reviewed-by: Paul Durrant <paul.durrant@citrix.com>
Jan Beulich [Tue, 14 Jun 2016 13:09:51 +0000 (15:09 +0200)]
x86/HVM: latch linear->phys translation results
... to avoid re-doing the same translation later again (in a retry, for
example). This doesn't help very often according to my testing, but
it's pretty cheap to have, and will be of further use subsequently.
Signed-off-by: Jan Beulich <jbeulich@suse.com> Reviewed-by: Paul Durrant <paul.durrant@citrix.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
Jan Beulich [Tue, 14 Jun 2016 13:08:47 +0000 (15:08 +0200)]
x86/time: use correct (local) time stamp in constant-TSC calibration fast path
This looks like a copy and paste mistake in commit 1b6a99892d ("x86:
Simpler time handling when TSC is constant across all power saving
states"), responsible for occasional many-microsecond cross-CPU skew of
what NOW() returns.
Also improve the correlation between local TSC and stime stamps
obtained at the end of the two calibration handlers: Compute the stime
one from the TSC one, instead of doing another rdtsc() for that
compuation.
Signed-off-by: Jan Beulich <jbeulich@suse.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
Euan Harris [Thu, 9 Jun 2016 10:14:10 +0000 (10:14 +0000)]
nested vmx: Validate host VMX MSRs before accessing them
Some VMX MSRs may not exist on certain processor models, or may
be disabled because of configuration settings. It is only safe to
access these MSRs if configuration flags in other MSRs are set. These
prerequisites are listed in the Intel 64 and IA-32 Architectures
Software Developer’s Manual, Vol 3, Appendix A.
nvmx_msr_read_intercept() does not check the prerequisites before
accessing MSR_IA32_VMX_PROCBASED_CTLS2, MSR_IA32_VMX_EPT_VPID_CAP,
MSR_IA32_VMX_VMFUNC on the host. Accessing these MSRs from a nested
VMX guest running on a host which does not support them will cause
Xen to crash with a GPF.
Signed-off-by: Euan Harris <euan.harris@citrix.com> Acked-by: Kevin Tian <kevin.tian@intel.com> Reviewed-by: Jan Beulich <jbeulich@suse.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
Andrew Cooper [Fri, 10 Jun 2016 18:11:12 +0000 (19:11 +0100)]
xen/hvm: Fix advertisement of available xstates following c/s c52319642
PKU lives in CPUID.7[0].ECX, not EBX. This causes hardware with BMI1 to
accidentally advertise PKU in CPUID.0xD[0].EAX. Any OS which proceeds to
blindly write this into %xcr0 takes a #GP fault. (Experimentally, Windows
Vista 32bit falls into this category.)
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> Reviewed-by: Jan Beulich <jbeulich@suse.com> Reviewed-by: Wei Liu <wei.liu2@citrix.com>
libxenvchan: Change license of header from Lesser GPL v2.1 to BSD
As the xen/COPYING file says:
"A few files are licensed under both GPL and a weaker BSD-style
license. This includes all files within the subdirectory
include/public, as described in include/public/COPYING. All such files
include the non-GPL license text as a source-code comment. Although
the license text refers generically to "the software", the non-GPL
license applies *only* to those source files that explicitly include
the non-GPL license text."
The libxenvchan.h is under xen/include/public/io directory
and the xen/include/public/COPYING says:
"XEN NOTICE
==========
This copyright applies to all files within this subdirectory and its
subdirectories:
include/public/*.h
include/public/hvm/*.h
include/public/io/*.h
The intention is that these files can be freely copied into the source
tree of an operating system when porting that OS to run on Xen. Doing
so does *not* cause the OS to become subject to the terms of the GPL.
All other files in the Xen source distribution are covered by version
2 of the GNU General Public License except where explicitly stated
otherwise within individual source files.
"
Having the libxenvchan.h as Lesser GPL v2.1 where the COPYING file
says otherwise is confusing to say at least.
Upon consulting with the authors of libxenvchan they said:
"FWIW Neither I, nor ITL staff (as author of original libvchan library)
have anything against converting it to the BSD-style licence."
(Marek Marczykowski-Górecki,
http://lists.xen.org/archives/html/xen-devel/2016-06/msg00995.html)
so as such lets change it.
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> Acked-by: Andrew Cooper <andrew.cooper3@citrix.com> Acked-by: Anil Madhavapeddy <anil@recoil.org> Acked-by: Daniel De Graaf <dgdegra@tycho.nsa.gov> Acked-by: George Dunlap <George.Dunlap@eu.citrix.com> Acked-by: Jan Beulich <JBeulich@suse.com> Acked-by: Jason Andryuk <andryuk@aero.org> Acked-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Acked-by: Matthew Daley <mattjd@gmail.com> Acked-by: Olaf Hering <olaf@aepfle.de> Acked-by: Roger Pau Monne <roger.pau@entel.upc.edu> Acked-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
["I have spoken to my line manager. I can confirm that Citrix is happy
with this proposed change. So:
Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
This view from Citrix covers all contributions made to these files in
the course of Citrix's employees' employment, which I think is:
> Cc: Andrew Cooper <andrew.cooper3@citrix.com>
> cc: George Dunlap <George.Dunlap@eu.citrix.com>
> Cc: Ian Campbell <ian.campbell@citrix.com>
> Cc: Ian Jackson <Ian.Jackson@eu.citrix.com>
> Cc: Roger Pau Monne <roger.pau@entel.upc.edu>
> Cc: Stefano Stabellini <sstabellini@kernel.org>
> Cc: Tim Deegan <tim@xen.org>
> Cc: Wei Liu <wei.liu2@citrix.com>
..
[in subsequent email]:
Wei points out that this ought also to include Keir Fraser's
contribution, which was (only) in 2012.
" (from Ian's email)
In a subsequent mail, Wei also points out that David Scott's
contribution is covered by Ian's ack.
]
Andrew Cooper [Fri, 10 Jun 2016 14:47:15 +0000 (15:47 +0100)]
xen/x86: Always print processor information at boot
It is generally useful information, which isn't directly available in the
hypervisor console log.
To get an appropriate string in this_cpu->c_vendor, drop the notion of
gcv_host_late. All relevent information is available even during early
detection, and even Linux (as the ancestor of this code) as dropped the
distinction.
A sample log now looks like:
(XEN) Domain heap initialised
(XEN) CPU Vendor: Intel, Family 6, Model 71, Stepping 1 (raw 00040671)
(XEN) found SMP MP-table at 000fd6c0
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> Reviewed-by: Jan Beulich <jbeulich@suse.com>
Local variable "j" would be used only when "i == ARRAY_SIZE(main_options)"
is true. Thus, it is not necessary to update "j" when "i ==
ARRAY_SIZE(main_options)" is false.
Signed-off-by: Dongli Zhang <dongli.zhang@oracle.com> Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Wei Liu [Thu, 9 Jun 2016 12:57:40 +0000 (13:57 +0100)]
hotplug/NetBSD: honour XEN_{LOG,RUN}_DIR
Signed-off-by: Wei Liu <wei.liu2@citrix.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com> Acked-by: Ian Jackson <ian.jackson@eu.citrix.com> Acked-by: Roger Pau Monné <roger.pau@citrix.com>
Wei Liu [Thu, 9 Jun 2016 12:57:39 +0000 (13:57 +0100)]
hotplug/Linux: honour XEN_LOG_DIR
Signed-off-by: Wei Liu <wei.liu2@citrix.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com> Acked-by: Ian Jackson <ian.jackson@eu.citrix.com> Acked-by: Roger Pau Monné <roger.pau@citrix.com>
Wei Liu [Thu, 9 Jun 2016 12:57:38 +0000 (13:57 +0100)]
hotplug/FreeBSD: honour XEN_{LOG,RUN}_DIR
Signed-off-by: Wei Liu <wei.liu2@citrix.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com> Acked-by: Ian Jackson <ian.jackson@eu.citrix.com> Acked-by: Roger Pau Monné <roger.pau@citrix.com>
In accordance with CODING_SYTLE:
- Use 'r' for return values to functions whose return values are a
different error space (like xc_tmem_control, xc_tmem_auth)
libxc functions are supposed to, on failure, set errno and always
return -1 which is the value stored in 'r', therfore use LOGE()
instead LOGEV() with the 'r' value.
Signed-off-by: Paulina Szubarczyk <paulinaszubarczyk@gmail.com> Acked-by: Wei Liu <wei.liu2@citrix.com>
libxl: style cleanups in libxl_device_pci_assignable_list()
Various coding style compliance cleanups, such as, arranging for
using only one path out of the function, whitespaces in loops ad if-s
and r instead of rc for storing non-libxl error codes.
Signed-off-by: Paulina Szubarczyk <paulinaszubarczyk@gmail.com> Acked-by: Wei Liu <wei.liu2@citrix.com>
George Dunlap [Mon, 9 May 2016 11:30:55 +0000 (13:30 +0200)]
libxl: Fix libxl_set_memory_target return value
libxl_set_memory_target seems to have the following return values:
'1' : on failure, if the failure happens because of a xenstore error
*or* invalid target
'-1': on error, the setmaxmem and set_pod_target hypercalls
return -1 and set errno appropriately.
'0' : on success
Make it consistently return ERROR_FAIL on failure, unless the
parameters were invalid, in which case return ERROR_INVAL.
In accordance with CODING_SYTLE:
1. Leave rc uninitialized, and set when an error is detected
2. Use 'r' for return values to functions whose return values are a
different error space (like xc_domain_setmaxmem and
xc_domain_set_pod_target)
3. Use 'lrc' for return values to local functions libxl__*
where a failure means retry, rather than fail the whole function
(libxl__fill_dom0_memory_info), to reduce the risk of that.
Signed-off-by: George Dunlap <George.Dunlap@eu.citrix.com> Signed-off-by: Paulina Szubarczyk <paulinaszubarczyk@gmail.com> Reviewed-by: Olaf Hering <olaf@aepfle.de> Acked-by: Wei Liu <wei.liu2@citrix.com>
Functions libxl_tmem_freeze(), libxl_tmem_thaw(), libxl_tmem_set() and
libxl_tmem_shared_auth() located in libxl.c file return
ERROR_FAIL/ERROR_INVAL or internal error codes from libxc library
improve main_tmem_* return codes by returning EXIT_{SUCCESS/FAILURE}
accordingly to return codes of those functions.
Signed-off-by: Paulina Szubarczyk <paulinaszubarczyk@gmail.com> Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> Reviewed-by: Dario Faggioli <dario.faggioli@citrix.com> Acked-by: Roger Pau Monné <roger.pau@citrix.com> Acked-by: Wei Liu <wei.liu2@citrix.com>
Len Brown [Thu, 9 Jun 2016 13:52:27 +0000 (15:52 +0200)]
mwait-idle: add BXT support
Broxton has all the HSW C-states, except C3.
BXT C-state timing is slightly different.
Here we trust the IRTL MSRs as authority
on maximum C-state latency, and override the driver's tables
with the values found in the associated IRTL MSRs.
Further we set the target_residency to 1x maximum latency,
trusting the hardware demotion logic.
Signed-off-by: Len Brown <len.brown@intel.com>
[Linux commit: 5dcef694860100fd16885f052591b1268b764d21] Signed-off-by: Jan Beulich <jbeulich@suse.com> Acked-by: Andrew Cooper <andrew.cooper3@citrix.com>
Len Brown [Thu, 9 Jun 2016 13:52:05 +0000 (15:52 +0200)]
mwait-idle: add KBL support
KBL is similar to SKL
Signed-off-by: Len Brown <len.brown@intel.com>
[Linux commit: 3ce093d4de753d6c92cc09366e29d0618a62f542] Signed-off-by: Jan Beulich <jbeulich@suse.com> Acked-by: Andrew Cooper <andrew.cooper3@citrix.com>
Len Brown [Thu, 9 Jun 2016 13:51:43 +0000 (15:51 +0200)]
mwait-idle: add SKX support
SKX is similar to BDX
Signed-off-by: Len Brown <len.brown@intel.com>
[Linux commit: f9e71657c2c0a8f1c50884ab45794be2854e158e] Signed-off-by: Jan Beulich <jbeulich@suse.com> Acked-by: Andrew Cooper <andrew.cooper3@citrix.com>
Jan Beulich [Thu, 9 Jun 2016 13:46:22 +0000 (15:46 +0200)]
public/errno: sort entries numerically
Signed-off-by: Jan Beulich <jbeulich@suse.com> Acked-by: George Dunlap <george.dunlap@citrix.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
Andrew Cooper [Thu, 21 Apr 2016 13:47:12 +0000 (14:47 +0100)]
xen/vsprintf: Avoid returning NULL from number()
In practice this is an unused codepath, as every caller of number() passes an
explicit base of 8, 10 or 16. For all other uses, number() returns a pointer
between the str and end parameters, as do the other similar helper functions.
However, the fact that there is a NULL return path causes Coverity to check
whether the caller makes NULL checks on the return value, and complain.
Change the conditional return into an ASSERT().
No functional change, but this removes 21 instances of NULL_RETURN in
Coverity.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
--- CC: Jan Beulich <JBeulich@suse.com>
Wei Chen [Fri, 3 Jun 2016 10:07:13 +0000 (18:07 +0800)]
xen/arm: build: add missed dependency for head.S
When we update the header files that had been included in head.S.
The build system would not re-compile the head.S. Because in the
build rules, the dependencies are setting to .*.d (eg. DEPS = .*.d)
files in the same folder as Makefile.
But head.S is very special, it was used by the Makefile in the parent
folder: "ALL_OBJS := $(TARGET_SUBARCH)/head.o".
In this case, the build system could not find the dependency in DEPS.
When we update the header files, the build system is unware of this
update. If we re-build the Xen without doing make clean or touching
the head.S, the build system will not recompile the head.S.
Signed-off-by: Wei Chen <Wei.Chen@linaro.org> Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
Ian Jackson [Wed, 8 Jun 2016 14:42:19 +0000 (15:42 +0100)]
libxl: Fix NULL pointer due to XSA-178 fix wrong XS nodename
In "libxl: Do not trust backend for disk eject vdev" (c69871a2fb26 on
xen.git#staging) we changed libxl_evenable_disk_eject to read the
device vdev out of xenstore from the /libxl path, rather than the
backend path, and to read it during setup rather than on each event.
However, the patch has a mistake:
- GCSPRINTF("%s/dev", backend), NULL);
+ GCSPRINTF("%s/vdev", libxl_path), &configured_vdev);
^
Spot the extra "v". This causes configured_vdev always to be NULL.
configured_vdev is passed to [libxl__]strdup.
In Xen 4.6 and later libxl__strdup is used and tolerates NULL.
evg->vdev is set to NULL. This propagates to the `vdev' field in the
generated event. This may or may not cause further trouble, depending
on the calling application. In our osstest test cases it does not
cause any trouble, so the bug goes undetected.
In Xen 4.5 and earlier, the strdup does not tolerate NULL, and libxl
crashes immediately. This has been detected by osstest as a
regression in Xen 4.5.
IMO this patch should be applied immediately to
xen.git#staging-4.5 (to check that it fixes the osstest regression)
xen.git#staging (to check that it does not break master
Subject to passes, it should then be propagated to all supported
stable trees and also be mentioned in an update to XSA-178.
Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com> Reviewed-by: Wei Liu <wei.liu2@citrix.com> CC: security@xenproject.org CC: Jan Beulich <jbeulich@suse.com> CC: Wei Liu <wei.liu2@citrix.com>
(cherry picked from commit 27c5d7ff8cfdc2e15ff521b4912d69b782a269d7)
Euan Harris [Wed, 8 Jun 2016 12:14:33 +0000 (14:14 +0200)]
nested vmx: intercept guest rdmsr for MSR_IA32_VMX_VMFUNC
Guest reads of MSR_IA32_VMX_VMFUNC should be handled by
the logic in vmx_msr_read_intercept(). Otherwise a guest
can read the raw host value of this MSR, even if nested
vmx is disabled.
Signed-off-by: Euan Harris <euan.harris@citrix.com> Acked-by: Kevin Tian <kevin.tian@intel.com> Reviewed-by: Jan Beulich <jbeulich@suse.com>
At the time of registering HVM I/O handler, the HVM domain might
not have been initialized, which means the hvm_domain.io_handler
would be NULL. In the hvm_next_io_handler(), this should be asserted.
Signed-off-by: Suravee Suthikulpanit <suravee.suthikulpanit@amd.com> Reviewed-by: Paul Durrant <paul.durrant@citrix.com>
AMD IOMMU: introduce support for IVHD block type 11h
Along with the IVHD block type 10h, newer AMD platforms also come with
types 11h, which is a superset of the older one. Having multiple IVHD
block types in the same platform allows backward compatibility of newer
systems to work with existing drivers. The driver should only parse
the highest-level (newest) type of IVHD block that it can support.
However, the current driver returns error when encounters with unknown
IVHD block type. This causes existing driver to unnecessarily fail IOMMU
initialization on new systems.
This patch introduces a new logic, which scans through IVRS table looking
for the highest-level supporsted IVHD block type. It also adds support
for the new IVHD block type 11h. More information about the IVHD type 11h
can be found in the AMD I/O Virtualization Technology (IOMMU) Specification
rev 2.62.
http://support.amd.com/TechDocs/48882_IOMMU.pdf
Signed-off-by: Suravee Suthikulpanit <suravee.suthikulpanit@amd.com> Reviewed-by: Jan Beulich <jbeulich@suse.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
Jan Beulich [Wed, 8 Jun 2016 12:12:45 +0000 (14:12 +0200)]
kexec: allow relaxed placement specification via command line
Rather than just allowing a fixed address or fully automatic placement,
also allow for specifying an upper bound. Especially on EFI systems,
where firmware memory use is commonly less predictable than on legacy
BIOS ones, this makes success of the reservation more likely when
automatic placement is not an option (e.g. because of special DMA
restrictions of devices involved in actually carrying out the dump).
Also take the opportunity to actually add text to the "crashkernel"
entry in the command line option doc.
Signed-off-by: Jan Beulich <jbeulich@suse.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com> Reviewed-by: David Vrabel <david.vrabel@citrix.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Doug Goldstein [Wed, 8 Jun 2016 12:11:50 +0000 (14:11 +0200)]
build: convert lock_profile to Kconfig
Convert the 'lock_profile' option to Kconfig as CONFIG_LOCK_PROFILE.
Signed-off-by: Doug Goldstein <cardoe@cardoe.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com> Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> Reviewed-by: Jan Beulich <jbeulich@suse.com> Reviewed-by: Wei Liu <wei.liu2@citrix.com> Acked-by: Julien Grall <julien.grall@arm.com>
Doug Goldstein [Wed, 8 Jun 2016 12:11:21 +0000 (14:11 +0200)]
build: convert perfc{,_arrays} to Kconfig
Convert the 'perfc' and 'perfc_arrays' options to Kconfig as
CONFIG_PERF_COUNTERS and CONFIG_PERF_ARRAYS.
Signed-off-by: Doug Goldstein <cardoe@cardoe.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com> Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> Reviewed-by: Jan Beulich <jbeulich@suse.com> Reviewed-by: Wei Liu <wei.liu2@citrix.com>
projects / xen.git / log