x86, hvm: Clean up periodic timer code a little. This leads naturally
to a no-missed-tick-accounting mode which is a combination of ticks
delivered 'off beat' immediately upon re-scheduling when ticks are
missed, then reverting to delivering ticks 'on beat' as usual. Signed-off-by: Keir Fraser <keir@xensource.com>
xen-unstable changeset: 16341:8ff5bb70136dbb8ae4a725400334f4bff3643ba8
xen-unstable date: Thu Nov 08 10:33:18 2007 +0000
x86, hvm: Fix typo in no-missed-tick-accounting timer mode.
From: Dave Winchell <dwinchell@virtualiron.com> Signed-off-by: Keir Fraser <keir@xensource.com>
xen-unstable changeset: 16334:644e7577f6ee00f746a63a63ca16284cc31f9ee8
xen-unstable date: Wed Nov 07 14:53:32 2007 +0000
x86, hvm: More fixes to no-missed-tick-accounting mode. Signed-off-by: Keir Fraser <keir@xensource.com>
xen-unstable changeset: 16315:070da619e65e87b69b2d99794840d84998fdf083
xen-unstable date: Mon Nov 05 10:09:10 2007 +0000
hvm: Timer fixes:
1. Do not record more than one pending interrupt in
no-missed-tick-accounting mode. We do not stack up missed interrupts
in this timer mode.
2. Always record all missed ticks when we are in a
missed-tick-accounting mode. Do not have a ceiling for this as it
simply causes guests to lose track of wall time.
3. General bits of cleanup and simplification.
From: Dave Winchell <dwinchell@virtualiron.com> Signed-off-by: Keir Fraser <keir@xensource.com>
xen-unstable changeset: 16312:838e77a41a3c53a54428e642cb0440a8a6f8912b
xen-unstable date: Fri Nov 02 16:34:54 2007 +0000
hvm, x86: Allow virtual timer mode to be specified.
In HVM config file:
timer_mode=0 # Default: virtual time is delayed when timer ticks are
# missed dur to preemption
timer_mode=1 # Virtual time always equals wall time, even while missed
# ticks are pending
Keir Fraser [Wed, 19 Dec 2007 09:56:28 +0000 (09:56 +0000)]
[IA64] Fix vulnerability of copy_to_user in PAL emulation
There is a security vulnerability in PAL emulation since alt-dtlb
miss handler of HVM absolutely inserts a identity-mapped TLB when
psr.vm=0. HVM guest can access an arbitrary machine physical
memory with this security hole. Actually windows 2008 destroys
the content of machine physical address 0x108000.
I think this patch is enough for normal usage. Please see SDM
Vol2 11.10.2.1.3 "Making PAL Procedure Calls in Physical or
Virtual Mode". If the caller has a responsibility of providing
DTR or DTC mapping, xencomm for PAL might be unnecessary.
I confirmed there is no problem in linux, windows 2003, windows
2008 with this patch.
As for PV domain, the same logic can't be used due to only one
vTLB. This patch only checks that the buffer never points VMM
address, that would avoid the vulnerability.
With current XenD 3.0.4 or later try the following:
brctl addbr demo
ifconfig demo up
/etc/init.d/xend start
/etc/init.d/xend stop
ifconfig demo down
brctl delbr demo
Now, start XenD again....
/etc/init.d/xend start
And watch in horror as it re-creates your 'demo' bridge.
The problem is that the 'XendNetwork' class does not distinguish
between bridge devices that it is managing (ie those created via
XenAPI) and those which it does not manage (ie those created by OS
distro init scripts, or by apps like libvirt).
While initially I thought I could just make XenD ignore
externally-managed bridges completely, it seems to needs to know about
them otherwise it can't hook up guest VIFs to them correctly. So the
attached patch adds a 'managed' flag to the XendNetwork
class. Externally managed bridges have this set to False. At startup
XenD will now only re-create bridge devices which have the 'managed'
flag set to 'True' - ie those created via XenAPI.
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
xen-unstable changeset: 16625:44a98411d230b3214be49b42e66d7c42e01ab59f
xen-unstable date: Sat Dec 15 18:26:52 2007 +0000
Keir Fraser [Fri, 14 Dec 2007 12:05:31 +0000 (12:05 +0000)]
SVM: Treat the vlapic's tpr as the master copy and sync the vtpr to it
before every vm entry. This fixes HVM save/restore/migrate, as the
vtpr value was only being synced on guest TPR writes before.
Signed-off-by: Tim Deegan <Tim.Deegan@citrix.com>
xen-unstable changeset: 16618:966a6d3b74087474df337e00b31cbecf495b442a
xen-unstable date: Fri Dec 14 11:50:24 2007 +0000
Keir Fraser [Fri, 14 Dec 2007 11:57:21 +0000 (11:57 +0000)]
x86: When emulating PV RDMSR/WRMSR, only look at low 32 bits of RCX. Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
This is based on part of:
xen-unstable changeset: 16616:136f80d219588b5e45a5d13e19dd51a2401504f5
xen-unstable date: Fri Dec 14 11:37:02 2007 +0000
Keir Fraser [Fri, 14 Dec 2007 11:52:01 +0000 (11:52 +0000)]
svm: Greatly reduce total number of CR8 intercepts
This patch reduces the number of CR8 intercept to a fraction of the
number of CR8 intercepts without. First, CR8 read intercepts are
completely disabled since the SVM vTPR is kept kept in sync with the
HVM vLAPIC TPR. Second, CR8 write intercepts are enabled and disabled
based upon certain conditions. Most of the time, CR8 write intercepts
are disabled. They are enabled only when there is a pending interrupt
that can't be delivered because of either the current ISR or TPR (aka
PPR) because this is the only time the TPR matters.
With this patch, the number of CR8 intercepts dropped from around
10,000,000 to around 6,000 during boot of Windows 2003 Server 64-bit
(this is a rough estimate).
Keir Fraser [Wed, 12 Dec 2007 14:42:41 +0000 (14:42 +0000)]
Fix gdb debugging of hypervisor.
This patch:
* enables the gdbstubs to properly access hypervisor memory;
* prevents an assertion failure in __spurious_page_fault's call
to map_domain_page if such accesses fail, by testing in_irq();
* prints some additional helpful messages;
* fixes the endianness of register transfers from the gdbstubs
so that gdb is much less confused.
* fixes the documentation in docs/misc/crashdb.txt
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
xen-unstable changeset: 16596:514d450ad7295c16c5e4b6bf3716aac7bd838bd4
xen-unstable date: Wed Dec 12 11:27:15 2007 +0000
Keir Fraser [Wed, 12 Dec 2007 14:41:39 +0000 (14:41 +0000)]
[HVM] Don't count "missed ticks" on one-shot timers.
It's not clear what it would mean, and it leads to division by zero. Signed-off-by: Tim Deegan <Tim.Deegan@xensource.com>
xen-unstable changeset: 15943:c0d1825f51899b329495efb2078dd15e0fb3b479
xen-unstable date: Mon Sep 24 13:44:29 2007 +0100
hvm: Fix one-shot timers. Do not disable until the interrupt has been
latched by the target VCPU. Signed-off-by: Keir Fraser <keir@xensource.com>
xen-unstable changeset: 16125:b4278beaf3549f410a5a6086dbd8af93c495aeac
xen-unstable date: Wed Oct 17 13:12:03 2007 +0100
hvm: Fix destroy_periodic_time() to not race destruction of one-shot
timers.
This bug was tracked down by Dexuan Cui <dexuan.cui@intel.com>
Keir Fraser [Sat, 8 Dec 2007 17:20:02 +0000 (17:20 +0000)]
x86: Respect e820 map even below 16MB.
NB. Even with this patch, x86/32 still statically allocates the range
1MB-12MB. This can be changed if there really are platforms that need
stuff to persist in that range after the OS starts to boot.
Keir Fraser [Sat, 8 Dec 2007 17:18:06 +0000 (17:18 +0000)]
x86: force DMI table to not be in E820 RAM region
In order for Dom0 to be able to map the DMI table, it must not be in
E820 RAM; since some BIOS versions apparently fail to set the type
correctly for the page(s) containing this table, adjust it before
starting to consume memory.
Keir Fraser [Fri, 7 Dec 2007 12:45:57 +0000 (12:45 +0000)]
[IA64] Fix TLB insertion for subpaging
Without this patch, Longhorn is sure to hang up. .NET application
might hit this bug. itc.i instruction is repeated forever, because
TLB entry with smaller page size is volatile.
Keir Fraser [Fri, 7 Dec 2007 12:45:37 +0000 (12:45 +0000)]
[IA64] Fix wrong insertion of TLB entry in region 0
On PV domain with metaphysical mode, emulation of itc.d in region 0
doesn't work well and inserts an wrong TC entry.
Because set_one_rr() doesn't set the machine region register.
i.e. metaphyisical_rr0 is used instead of guest's rr[0].
This bug causes Dom0/U crash when an application uses region 0.
Actually I met the crash when I was building open GFW (java uses
region 0).
Keir Fraser [Fri, 7 Dec 2007 00:55:00 +0000 (00:55 +0000)]
xc_map_foreign_pages(), a convenient alternative to xc_map_foreign_batch()
xc_map_foreign_batch() can succeed partially. It is awkward to use
when you're only interested in complete success. Provide new
xc_map_foreign_pages() convenience function for that kind of use.
Also convert two obvious calls to use it.
Keir Fraser [Thu, 6 Dec 2007 17:45:41 +0000 (17:45 +0000)]
linux/x86: fix initial GDT setup
cpu_gdt_init() can be static, can have its argument point to const,
and the number of descriptors should be calculated from one more than
the table's limit.
Signed-off-by: Jan Beulich <jbeulich@novell.com>
linux-2.6.18-xen changeset: 349:d43906ea0e9c136e9ec28df30f94c225536d588c
linux-2.6.18-xen date: Thu Dec 06 15:59:52 2007 +0000
Keir Fraser [Thu, 6 Dec 2007 17:44:35 +0000 (17:44 +0000)]
On pirq enable/disable we fully unregister/reregister with Xen. This
causes the underlying IRQ to be properly masked/unmasked, thus
avoiding deadlock scenarios if the IRQ is not EOIed.
Based on a patch by Chris Lalancette <clalance@redhat.com> Signed-off-by: Keir Fraser <keir.fraser@eu.citrix.com>
linux-2.6.18-xen changeset: 313:51b2b0d0921c3aefb18e16a2eda68a5c3133e949
linux-2.6.18-xen date: Wed Nov 21 09:41:11 2007 +0000
Keir Fraser [Thu, 6 Dec 2007 17:44:12 +0000 (17:44 +0000)]
pvfb: PVFB frontend can send bogus screen updates
The PVFB frontend can get confused and send a screen update to the
backend when the screen is actually clean. Such an update asks for
the impossible rectangle (x1, x2, y1, y2) = (INT_MAX, 0, INT_MAX, 0).
Fix by setting the dirty flag in the obvious place: when the dirty
rectangle is grown.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
linux-2.6.18-xen changeset: 311:ca05cf1a9bdc2c7604b95fd085fa5abe067c969a
linux-2.6.18-xen date: Fri Nov 16 16:55:46 2007 +0000
Keir Fraser [Thu, 6 Dec 2007 17:36:07 +0000 (17:36 +0000)]
xc ptrace: Fix a couple of bugs in page-table walking. Signed-off-by: John Zulauf <john.zulauf@intel.com>
xen-unstable changeset: 16544:d7a0a73e5dca64466843a420a3975ecf665d4762
xen-unstable date: Thu Dec 06 11:29:18 2007 +0000
Keir Fraser [Thu, 6 Dec 2007 17:35:41 +0000 (17:35 +0000)]
[XEN, 32on64]: Correct continuation translation for large
compat_mmuext hypercalls.
At the point where we translate the continuation "nat_ops" points to
the beginning of the batch of "i" entries, therefore it must be
incremented by the number of entries processed "i - left". At the same
point "cmp_uops" points to the end of the batch of entries and must
therefore be decremented by "left".
The new count value has already been set by do_mmuext_op to "left" and
therefore it is correct to add "count - i" since that is the number of
entries that remain after this batch.
Signed-off-by: Ian Campbell <ian.campbell@xensource.com>
xen-unstable changeset: 16543:46776e65e6796f7751a15649f275b78e848d7ed5
xen-unstable date: Thu Dec 06 11:24:02 2007 +0000
Keir Fraser [Thu, 6 Dec 2007 17:34:47 +0000 (17:34 +0000)]
hvm: Initialize vlapic->timer_last_update.
Without the fix, before the first vlapic timer interrupt is injected,
the "vlapic->timer_last_update" in vlapic_get_tmcct() is always 0,
causing a wrong value of counter_passed.
Signed-off-by: Dexuan Cui <dexuan.cui@intel.com>
xen-unstable changeset: 16536:89e7031e153c62b9ce223a58a7ba49df285784a7
xen-unstable date: Wed Dec 05 14:01:39 2007 +0000
Keir Fraser [Thu, 6 Dec 2007 17:29:12 +0000 (17:29 +0000)]
x86: Move get_page/put_page out of header file, and only print on
get_page() failure if the domain is not dying. Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
xen-unstable changeset: 16492:8e3d42fdb8e784b947fbd998d9a6df0ebf771718
xen-unstable date: Tue Dec 04 09:56:10 2007 +0000
Keir Fraser [Thu, 6 Dec 2007 17:03:17 +0000 (17:03 +0000)]
hvm: Fix 2 type mismatches in vlapic.h and hpet.c for 32-bit build Xen
For 32-bit build of Xen:
1) the first mismatch (in hpet_read(), length is 4) makes guest think
the HPET DM is buggy (we return 0 for HPET_CFG.COUNTER_CLK_PERIOD to
guest), so guest wouldn't use HPET at all.
2) the second one: if tmict is 62500000 and timer_divisor is 16
(Fedoar7's installer uses the values at some time), 10 * 62500000 * 16
= 0x2540BE400 -- it's too big to be held in uint32_t.
Signed-off-by: Dexuan Cui <dexuan.cui@intel.com>
xen-unstable changeset: 16486:c00f31f27de6eb69b4d79f7aa330b1e4aba6f45f
xen-unstable date: Wed Nov 28 13:13:51 2007 +0000
Keir Fraser [Thu, 6 Dec 2007 17:02:47 +0000 (17:02 +0000)]
hvm: Inject #UD for un-emulated instructions rather than crash guest
The CrashMe stress test (a process repeatedly forks child processes,
and
the child processes initialize a buffer with random numbers, then
treat
the buffer as code, and execute it) can crash 32-bit HVM RHEL5.1 guest
easily; this is because we haven't emulated all the instructions in
handle_mmio() yet.
The CrashMe process runs with root rights, and can access MMIO space
in
an unknown way ("strace -f" shows the random codes running at CPL=3D3
don't call mmap(), and don't open any special files in /dev/ "); the
gpa
may look like 0xa**** or 0xb****, or 0xfee0****. =20
Signed-off-by: Dexuan Cui <dexuan.cui@intel.com> Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
xen-unstable changeset: 16485:c76a9aa12d2e37ed5c6c2a3562c755ec3828af8a
xen-unstable date: Wed Nov 28 13:04:47 2007 +0000
Keir Fraser [Thu, 6 Dec 2007 17:01:46 +0000 (17:01 +0000)]
x86-64: access only 4 bytes a the reset vector location on smpboot. Signed-off-by: Jan Beulich <jbeulich@novell.com>
xen-unstable changeset: 16422:db98e4676d3ffe4a609b29ddef4a8e08016e4a43
xen-unstable date: Thu Nov 22 14:12:47 2007 +0000
Keir Fraser [Thu, 6 Dec 2007 17:00:58 +0000 (17:00 +0000)]
libxc: Minor clean up of xc_core, and fix for -fstrict-overflow. Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
xen-unstable changeset: 16412:7186e9611d55dc5ab6fd9c6a8bd6e5c674be8c10
xen-unstable date: Thu Nov 22 10:40:45 2007 +0000
Keir Fraser [Thu, 6 Dec 2007 16:55:41 +0000 (16:55 +0000)]
x86: Make IDT/GDT/LDT updates safe.
This involves either determining that the entry will not be
read/written while the update takes place, or atomically making the
entry 'present', or doing the entire write atomically, as appropriate.
This issue raised, and original patch provided, by Jan Beulich.
Keir Fraser [Thu, 6 Dec 2007 16:50:45 +0000 (16:50 +0000)]
hvm: Do not crash guest if it does an unaligned access to an HPET
register. Some CrashMe test apaprently does this and we don't want
that to crash the domain it runs in.
From: Dexuan Cui <dexuan.cui@intel.com> Signed-off-by: Keir Fraser <keir.fraser@eu.citrix.com>
xen-unstable changeset: 16404:ae6f4c7f15cbc2a7192c91e513682e3d13de9f4f
xen-unstable date: Wed Nov 21 09:49:09 2007 +0000
Keir Fraser [Thu, 6 Dec 2007 16:50:13 +0000 (16:50 +0000)]
x86, 32-on-64: Improve checking in vcpu_destroy_pagetables(). It *is*
possible for 64-bit guest to have matching guest_table and
guest_table_user.
Original patch by John Levon <levon@movementarian.org> Signed-off-by: Keir Fraser <keir.fraser@eu.citrix.com>
xen-unstable changeset: 16401:f62e6c697eeb68a7a62f4beb87e85a68b91b3c6a
xen-unstable date: Tue Nov 20 15:34:25 2007 +0000
Keir Fraser [Thu, 6 Dec 2007 16:49:41 +0000 (16:49 +0000)]
svm: Fix __update_guest_eip() to clear interrupt shadow.
Get rid of assertions about return value of get_instruction_length()
-- instead test in __update_guest_eip() and crash the domain.
Cache value of 'current' in svm_do_hlt().
The mismanagement of the interrupt shadow was found by Christoph
Egger of AMD.
Keir Fraser [Thu, 6 Dec 2007 16:36:45 +0000 (16:36 +0000)]
xen: Domain0 builder should set start_info magic string to
'xen-3.0-...' just like user-space builder for domUs. Signed-off-by: Keir Fraser <keir@xensource.com>
xen-unstable changeset: 16397:64fbef22f86a0fa74a31bf865ebed95aa5179fa6
xen-unstable date: Tue Nov 20 14:35:36 2007 +0000
Keir Fraser [Thu, 6 Dec 2007 16:36:06 +0000 (16:36 +0000)]
hvm: RTC emulation - RTC_UIE/RTC_SET fix
This patch fixes a bug in the RTC code which appears to originate in
having written the emuated device following an incorrect
specification. VMware has (or had, at least, at the time we were still
testing on both VMWare and Xen) the same issue. In the current code,
when RTC_SET is set, RTC_UIE is cleared. This does not match the
behavior of real hardware, where the case is simply that no update
ended interrupts are sent as long as RTC_SET is set, but the UE ints
will resume as soon as RTC_SET is cleared and the clock update is
done. This little patch fixes this issue. In practicality, this means
OS/2 can now set the time without having the clock stop. I don't know
if any other guests have been affected by this issue.
Keir Fraser [Thu, 6 Dec 2007 16:35:37 +0000 (16:35 +0000)]
x86: Clean up some files of inline asm, and fix
__copy_{to,from}_user_ll() for gcc 3.4 (asm output constraints all
need to be '=&').
Based on a patch by Jan Beulich. Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
xen-unstable changeset: 16392:2052364cb456170a70ad5c8bfb876c95f7a9fe4a
xen-unstable date: Fri Nov 16 17:59:34 2007 +0000
Keir Fraser [Thu, 6 Dec 2007 16:28:37 +0000 (16:28 +0000)]
x86: GDT reserved page should be a full page. Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
xen-unstable changeset: 16376:6c544894b8b2d2329ad1aa991ae25ebf8e1764d3
xen-unstable date: Tue Nov 13 19:21:00 2007 +0000
Keir Fraser [Thu, 6 Dec 2007 16:26:58 +0000 (16:26 +0000)]
x86, hvm: Better handling of INVD/WBINVD on VMX and SVM.
Also better handling of MONITOR/MWAIT on VMX. Signed-off-by: Keir Fraser <keir@xensource.com>
xen-unstable changeset: 16365:fc8be8f3707bd1ffeab55efea5f9804fa570177e
xen-unstable date: Fri Nov 09 12:05:27 2007 +0000
Keir Fraser [Thu, 6 Dec 2007 16:14:32 +0000 (16:14 +0000)]
[Xend] Fix problem when destroying VMs using the Xen-API
When domains are destroyed/suspend-resume/migration using the Xen-API
things break due to the domid not having been reset. This patch fixes
this. This is the best place I found for fixing this problem. I could
not push this line into _stateSet() for the case of DOM_STATE_HALTED
and left a comment regarding this.
Keir Fraser [Tue, 6 Nov 2007 11:50:32 +0000 (11:50 +0000)]
[PV-ON-HVM] Fix evtchn of unbind_from_irqhandler()
When xm block-detach command was done on PV-ON-HVM, the response of
other disks was lost. It is because a wrong event channel was
invalidated when detaching it. Not the evtchn number but the irq
number is invalidated specifying it.
Keir Fraser [Thu, 1 Nov 2007 16:35:59 +0000 (16:35 +0000)]
Fix use-after-free in xenconsoled.
shutdown_domain() MUST NOT call cleanup_domain(), just flagging them
as dead is enough. cleanup_domains() for dead domains is called by
the main loop in handle_io() in a safe way already.
shutdown_domain() calling cleanup_domain() too leads struct domain
being accessed after freeing and to a double-free.
Fixed by simply dropping the cleanup_domain() call and by making the
functions called by the main loop in handle_io() ignore dead domains.
Keir Fraser [Tue, 30 Oct 2007 16:20:20 +0000 (16:20 +0000)]
x86, hvm: Flush local TLB after any change to linear pagetable
mapping.
This was not needed when vmenter/vmexit always had the side effect of
flushing host TLBs.
But, with SVM ASIDs, it is possible to:
(1) Update CR3 update,
(2) vmenter the guest, and
(3) and vmexit due to a page fault
all without an intervening host TLB flush.
Then the page fault code could use the linear pagetable
to read a top-level shadow page table entry.
But, without this change, it would fetch the wrong value
due to a stale TLB.
Signed-off-by: Robert Phillips <rphillips@virtualiron.com> Signed-off-by: Ben Guthro <bguthro@virtualiron.com>
xen-unstable changeset: 16275:9379c83e14b5b0a9ab2fe627ed786a8abded0d38
xen-unstable date: Tue Oct 30 16:15:17 2007 +0000
Keir Fraser [Thu, 25 Oct 2007 08:46:36 +0000 (09:46 +0100)]
x86: GDTR must be reset after using real-mode BIOS services. Some
BIOSes clobber GDTR. While we're here reset IDTR too, although it's
not really necessary. Signed-off-by: John Byrne <john.l.byrne@hp.com> Signed-off-by: Keir Fraser <keir@xensource.com>
xen-unstable changeset: 16215:0f86492f1a8c44dd723cae0ebe3af9f2a737dea5
xen-unstable date: Thu Oct 25 09:43:42 2007 +0100
Keir Fraser [Tue, 23 Oct 2007 08:28:11 +0000 (09:28 +0100)]
xenmon: Fix security vulnerability CVE-2007-3919.
The xenbaked daemon and xenmon utility communicate via a mmap'ed
shared file. Since this file is located in /tmp, unprivileged users
can cause arbitrary files to be truncated by creating a symlink from
the well-known /tmp filename to e.g., /etc/passwd.
The fix is to place the shared file in a directory to which only root
should have access (in this case /var/run/).
This bug was reported, and the fix suggested, by Steve Kemp
<skx@debian.org>. Thanks!
Keir Fraser [Sat, 20 Oct 2007 08:36:31 +0000 (09:36 +0100)]
Avoid passing uninitialised ACPI tables to dom0 when checksums fail.
If during boot, ACPI checksum failures disable ACPI support in Xen,
pass 'acpi=off' to the domain 0 kernel to avoid a fatal page fault
as domain 0 attempts to access the uninitialized ACPI tables.
Signed-off-by: David Lively <dlively@virtualiron.com> Signed-off-by: Steve Ofsthun <sofsthun@virtualiron.com>
xen-unstable changeset: 16144:975811798ffe
xen-unstable date: Fri Oct 19 17:47:12 2007 +0100
Keir Fraser [Fri, 19 Oct 2007 08:45:09 +0000 (09:45 +0100)]
Fix ptep_get_and_clear() on init_mm pte that is not mapped into
current address space. Signed-off-by: Keir Fraser <keir@xensource.com>
linux-2.6.18-xen changeset: 265:7837d0ec57bce4578c17018ca1ef1ded64fe1dd3
linux-2.6.18-xen date: Thu Oct 18 16:18:48 2007 +0100
Fix ptep_get_and_clear(): atomic operation required on user ptes to
get correct snapshot of A/D bits.
Keir Fraser [Fri, 19 Oct 2007 08:43:46 +0000 (09:43 +0100)]
xfs: eagerly remove vmap mappings to avoid upsetting Xen
XFS leaves stray mappings around when it vmaps memory to make it
virtually contigious. This upsets Xen if one of those pages is being
recycled into a pagetable, since it finds an extra writable mapping of
the page.
This patch solves the problem in a brute force way, by making XFS
always eagerly unmap its mappings. David Chinner says this shouldn't
have any performance impact on filesystems with default block sizes;
it will only affect filesystems with large block sizes.
Signed-off-by: Jeremy Fitzhardinge <jeremy@xensource.com> Acked-by: David Chinner <dgc@sgi.com> Cc: Nick Piggin <nickpiggin@yahoo.com.au> Cc: XFS masters <xfs-masters@oss.sgi.com> Cc: Stable kernel <stable@kernel.org> Cc: Morten Bogeskov <xen-users@morten.bogeskov.dk> Cc: Mark Williamson <mark.williamson@cl.cam.ac.uk>
linux-2.6.18-xen changeset: 263:9bf1ddd0f6bf57684c5b0307a43ea381c45f5147
linux-2.6.18-xen date: Wed Oct 17 09:24:03 2007 +0100
Keir Fraser [Wed, 17 Oct 2007 09:02:49 +0000 (10:02 +0100)]
Fix xenstore unwatch with node name starting with "@"
Watch node starting with "@" should not be canonicalized. Signed-off-by: Xiaowei Yang <xiaowei.yang@intel.com>
xen-unstable changeset: 16122:86bd91e90eec5da1dce9f25cd101a7034dec67cc
xen-unstable date: Wed Oct 17 10:02:49 2007 +0100
Keir Fraser [Fri, 12 Oct 2007 13:30:41 +0000 (14:30 +0100)]
xend: Fix file resouce leak on resume of suspended managed domains.
When a suspended managed domain is resumed, the checkpoint file is
removed, but xend retains a reference to the removed file. This
represents a resource leak. Fixed by ensuring that the file reference
is closed correctly.
Signed-off-by: Gary Pennington <gary.pennington@sun.com>
xen-unstable changeset: 16106:628f8ec692a0153af03a81b04f41b9edfcca7aad
xen-unstable date: Fri Oct 12 14:30:41 2007 +0100
Keir Fraser [Thu, 11 Oct 2007 18:18:12 +0000 (19:18 +0100)]
x86: Fix emulation of DIV instruction. Never actually used currently,
but this will avoid a #DE in Xen. Signed-off-by: Keir Fraser <keir@xensource.com>
xen-unstable changeset: 16097:d5531095d06b5e4513e891b89fd3085311490304
xen-unstable date: Thu Oct 11 19:18:12 2007 +0100
Keir Fraser [Thu, 11 Oct 2007 09:20:45 +0000 (10:20 +0100)]
Shadow code printing adjustments.
Messages prior to BUG() should always be displayed, not just when
DEBUG_TRACE_DUMP is defined (which by default it isn't). Convert them
from SHADOW_PRINTK() to SHADOW_ERROR().
Signed-off-by: Jan Beulich <jbeulich@novell.com>
xen-unstable changeset: 16090:8d51b80fcb6f002f53a5ab293f1ab87384837397
xen-unstable date: Thu Oct 11 10:20:45 2007 +0100
Keir Fraser [Thu, 11 Oct 2007 09:02:07 +0000 (10:02 +0100)]
Do not include compile.h directly -- use version.h indirection functions. Signed-off-by: Keir Fraser <keir@xensource.com>
xen-unstable changeset: 16089:ab5b615867ee7913ae6f0afe49f7a5e8ad20ea94
xen-unstable date: Thu Oct 11 10:02:07 2007 +0100
Keir Fraser [Wed, 17 Oct 2007 08:57:02 +0000 (09:57 +0100)]
x86/64: Do not clobber %r11 (user rflags) on syscall from guest
userspace to guest kernel. The flags are saved on the guest kernel
stack anyway, but some guests rely on %r11 instead. Signed-off-by: Keir Fraser <keir@xensource.com>
xen-unstable changeset: 16110:c918a68617c9d562fb697165ea6ddbe665b92aae
xen-unstable date: Mon Oct 15 12:13:41 2007 +0100
Keir Fraser [Thu, 11 Oct 2007 07:15:26 +0000 (08:15 +0100)]
hvm: Fix migration of 64-bit guests by permitting EFER_LMA to be set
in restored VCPU context. Signed-off-by: David Lively <dlively@virtualiron.com> Signed-off-by: Robert Phillips <rphillips@virtualiron.com>
xen-unstable changeset: 16087:960a05895a4ac0e9b2e93281b8de57dca568f08a
xen-unstable date: Thu Oct 11 08:14:11 2007 +0100
projects / people / vhanquez / xen.git / log