Andrew Cooper [Fri, 13 Sep 2024 14:41:46 +0000 (15:41 +0100)]
XTF: Use fastcall by default for 32bit
This passes up to 3 parameters in registers, rather than on the stack. Most
transformations are easy.
The exec_user() infrastructure took two parameters on the stack and used an
ad-hoc %eax/%ecx arrangement with %edx as a scratch register. Fastcall uses
%eax/%edx, so switch the scratch regsiter to %ecx instead.
memop-seg was already using %eax, and needs a bit of care now that addr isn't
on the stack. However, it does remove the need for stack_adj which simplifies
the result.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Andrew Cooper [Fri, 13 Sep 2024 14:52:45 +0000 (15:52 +0100)]
selftest: Fix test_unhandled_exception_hook()
When the hook was replaced with a week function, selftest's
do_unhandled_exception() became active for all unhandled exceptions, not just
the one under test.
Re-limit it to only test_unhandled_exception_hook().
Fixes: 7c575dc9c353 ("Simplify the unhandled_exception handling for tests") Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Andrew Cooper [Wed, 24 Jul 2024 17:33:13 +0000 (18:33 +0100)]
Switch to python3 shebangs
This is a better default for an average dev environment these days. Anyone
stuck with python 2 and just run `python ./xtf-runner` manually and take the
hint that they should upgrade.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Andrew Cooper [Sat, 2 Mar 2024 21:14:54 +0000 (21:14 +0000)]
test-swint: Update to use ex_record rather than exlog
This is both more precise and consice.
As this test pertains to mixing up faults and traps, introduce EXINFO_TRAP and
ex_record_trap_eax() to distinguish which EXTABLE entry was used. This in
turn means we don't need to export the trap/fault labels to C.
Change the nomeclature for instruction prefixes, because "red" is fairly
meaningless and confusing in context.
No change in test behaviour.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Andrew Cooper [Fri, 1 Mar 2024 21:41:45 +0000 (21:41 +0000)]
test-umip: Misc improvements, mostly for 32bit
* Record the fault in %eax to avoid forcing a spill of %edi
* Use testb $1 so %[fep] can be a memory operand referencing the parameter
directly on the stack.
* Render UMIP and FEP in the failure message.
No functional change.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Andrew Cooper [Tue, 9 Jan 2024 20:51:18 +0000 (20:51 +0000)]
XSA-296: Don't rely on PV-L1TF side effects
When CONFIG_SHADOW_PAGING is compiled out, PV-L1TF defaults to domain_crash()
on vulnerable hardware. While this has technically demonstrated that Xen
isn't vulnerable to XSA-296, it's an unclean exit.
The pv64 case can already spot and correct the race condition, while the
pv32pae test is no different to running on non-L1TF vulnerable hardware
already.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Andrew Cooper [Tue, 9 Jan 2024 11:59:14 +0000 (11:59 +0000)]
runner: Use virt caps to identify whether a test can run
Right now, --host filters a test selection using xen_caps to exclude full
environments. Furthermore, without passing --host, xtf-runner will try to
start a test even when we know it can't be constructed, leaving an xl error to
the user and reporting CRASH.
The virt capabilities are more fine grained, and include other information
such as the availability of hap and shadow paging.
Split run_test() out of run_tests() and use the test's required caps to short
circuit to SKIP.
Rework the existing --host filtering in terms of virt caps, which simplifies
the invocation of tests_from_selection().
This causes ~hap and ~shadow variation tests to SKIP rather than CRASH when
run on hardware without HAP (or with HAP disabled in firmware), or with Shadow
compiled out.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Andrew Cooper [Fri, 5 Jan 2024 21:48:39 +0000 (21:48 +0000)]
runner: More extensive Python 3 universal_newline fixes
When pv32pae is disabled e.g. due to CET being active, under Python 3, we
still get:
Executing 'xl create -p tests/example/test-pv32pae-example.cfg'
b'Parsing config from tests/example/test-pv32pae-example.cfg\nlibxl: error: ...\n'
Error: Failed to create VM
out, rather than `xl create`'s stdout/stderr rendered nicely.
All subprocess invocations we make will want universal_newlines, so wrap the
functions to have it active by default, but still allow it to be explicitly
turned off by passing universal_newlines = None.
Reinstate the use of check_output() now that we've upped the minimum python
version to 2.7.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Anthony PERARD [Thu, 17 Aug 2023 10:51:11 +0000 (11:51 +0100)]
xtf-runner: python3 fix
issue:
File "/home/xtf/xtf-runner", line 410, in interpret_selection
if not line.startswith("xen_caps"):
^^^^^^^^^^^^^^^^^^^^^^^^^^^
TypeError: startswith first arg must be bytes or a tuple of bytes, not str
Adding `universal_newlines` open stdout as text file, so line should
be a `str`. `universal_newlines` is available on python 2.7. A new
alias `text` is only available in python 3.7.
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
Andrew Cooper [Wed, 4 Jan 2023 23:19:26 +0000 (23:19 +0000)]
link: Move x86-ism out of the linker script
... in preparation to reuse it for all architectures. In order to keep
various parts of the linker script all together, use a multi-include file with
header and footer delineations.
While moving things, drop the alignment check for the two stacks. Neither
need page alignment architecturally.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Jan Beulich [Thu, 29 Sep 2022 10:04:51 +0000 (12:04 +0200)]
build: silence GNU ld 2.39 warning about executable stacks
While for C files the compiler is supposed to arrange for emitting
respective information, for assembly sources we're responsible ourselves.
For the new use of cc-option to work we cannot pass -S to the compiler
anymore. We need the compiler to actually invoke the assembler, so switch
to using -c.
Signed-off-by: Jan Beulich <jbeulich@suse.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
Jan Beulich [Thu, 29 Sep 2022 10:04:28 +0000 (12:04 +0200)]
build: suppress GNU ld 2.39 warning about RWX load segments
We cannot really avoid such and we're also not really at risk because of
them, as we control page table permissions ourselves rather than relying
on a loader of some sort.
Signed-off-by: Jan Beulich <jbeulich@suse.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
Andrew Cooper [Tue, 31 May 2022 16:37:10 +0000 (17:37 +0100)]
build: Fix build with GCC 4.8.5
GCC 4.8.5 complains:
xtf/arch/x86/pv/traps.c: In function 'init_callbacks':
xtf/arch/x86/pv/traps.c:126:13: error: initializer element is not constant
.address = INIT_XEN_CALLBACK(__KERN_CS, _u(entry_EVTCHN)),
^
xtf/arch/x86/pv/traps.c:126:13: error: (near initialization for 'cb[0].address')
Drop the static const.
Reported-by: Samuel Verschelde <stormi-xcp@ylix.fr> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Andrew Cooper [Tue, 29 Mar 2022 12:19:26 +0000 (13:19 +0100)]
build: Rename obj-perarch to obj-perbits
As part of adding ARM support, we'll want to have something else named arch in
the build system. obj-perbits is a better name anyway for what this actually
does.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Andrew Cooper [Sat, 5 Feb 2022 17:28:16 +0000 (17:28 +0000)]
build: Make head.S invariant to link order
Introduce .text.head, ensure it is linked first, and use it in
{hvm,pv}/head.S. This removes the need for head-$(env).o to be linked first,
removing all head special casing in the build system.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Michal Orzel [Thu, 30 Sep 2021 06:52:30 +0000 (08:52 +0200)]
xsa-227: Fix link to XSA-227 web page
Current link is invalid and gives the following error:
"The requested URL was not found on this server."
Fix it.
Signed-off-by: Michal Orzel <michal.orzel@arm.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
XSA-227 was first written before c/s 487bce87eda33 "Docs: Fix the generated
advisory links" but upstreamed later, hence the missing of the tree-wide
cleanup.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Andrew Cooper [Tue, 17 Aug 2021 20:55:01 +0000 (21:55 +0100)]
common: Move {BITS,BYTES}_PER_LONG into limits.h
We're already using compiler-provided __*_TYPE__ macros, so instead of basing
BYTES_PER_LONG on __i386__ or __x86_64__, just use __SIZEOF_LONG__ directly.
This form doesn't require editing to add different architectures.
Add some build assertions that we have a half-way sane compile environment.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Andrew Cooper [Mon, 10 May 2021 17:03:09 +0000 (18:03 +0100)]
common: Make a weak default for arch_crash_hard()
arch_crash_hard() is used from common code, and in the most basic case can
just be an infinite loop. Both x86 PV and HVM keep their more specific
implementations.
Move the declaration from arch/traps.h to framework.h
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Andrew Cooper [Thu, 1 Jul 2021 12:12:34 +0000 (13:12 +0100)]
build: Fix build when only python3 is available
The shebang lines in the python scrips - xtf-runner in particular - still need
work, but this at least fixes `make` on systems without `python` on $PATH.
Default to python3 in CI too.
Reported-by: Pranjal Singh <008pranjalsingh@gmail.com> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> Tested-by: Pranjal Singh <008pranjalsingh@gmail.com>
Andrew Cooper [Wed, 19 May 2021 21:08:59 +0000 (22:08 +0100)]
Work around GCC issue 99578
GCC 11.1 objects to pointers derived from a constant:
error: '__builtin_memcpy' offset [0, 7] is out of the bounds [0, 0] [-Werror=array-bounds]
This is a GCC bug, but work around it rather than turning array-bounds
checking off generally.
Reported-by: Damien Thenot <damien.thenot@vates.fr> Reported-by: Christopher Clark <christopher.w.clark@gmail.com> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com> Tested-by: Christopher Clark <christopher.w.clark@gmail.com>
Andrew Cooper [Mon, 17 May 2021 09:48:57 +0000 (10:48 +0100)]
build: Fix build with binutils 2.36
Passing -no-pie to ld has never been correct, and binutils 2.36 now objects
properly to it. https://sourceware.org/bugzilla/show_bug.cgi?id=27050
When this workaround was introduced, we used $(CC) to link, but this was
adjusted back to $(LD) with c/s 8486a388e2 ("build: Use LD").
However, the adjustment should always have been passed to the compile step,
not the link step. Move the adjustment into COMMON_CFLAGS.
Fixes: c92015f8ab ("build: disable PIE during linking if necessary") Fixes: 8486a388e2 ("build: Use LD") Reported-by: Damien Thenot <damien.thenot@vates.fr> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Michal Orzel [Wed, 5 May 2021 06:34:16 +0000 (08:34 +0200)]
Fix issue with clang --target when cross compiling using LLVM
When using LLVM and cross compiling, the CC expands to:
clang --target=<target_triple>
Example of target triple: aarch64-linux-gnu.
However the current code assigning --target based on the
cross compiler does not work if we pass the full path to
CROSS_COMPILE. In this case the build fails.
Fix the issue so that when cross compiling using LLVM
only the basename of cross compiler path is used.
Closes #2
Signed-off-by: Michal Orzel <michal.orzel@arm.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
main.c:164:15: warning: Although the value stored to 'cr4' is used in the enclosing expression, the value is never actually read from 'cr4' [deadcode.DeadStores]
write_cr4(cr4 &= ~X86_CR4_DE);
^ ~~~~~~~~~~~
Rework all impacted logic avoid dead stores of this form.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Andrew Cooper [Thu, 15 Apr 2021 00:36:20 +0000 (01:36 +0100)]
gnttab: Fix scan-build core.CallAndMessage issues
scan-build complains:
arch/x86/grant_table.c:41:17: warning: 1st function call argument is an uninitialized value [core.CallAndMessage]
pte_from_gfn(gnttab_gfns[i], PF_SYM(AD, RW, P)), UVMF_INVLPG);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
because it can't observe that GNTTABOP_setup_table fills the variable on its
success path.
Initialising the array (which is currently one entry) isn't trivial because
the array is variadic. Drop the nr_frames variable and use the sizeof()
expression directly, to create compile-time constant size.
A similar issue is reported against xsa-255, but this is trivial to resolve.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Andrew Cooper [Thu, 15 Apr 2021 15:55:09 +0000 (16:55 +0100)]
Drop dependency on gcc-multilib
inttypes.h in particular isn't a freestanding header, and certain distros have
problems providing suitable freestanding headers anyway. This also gets more
complicated as we start supporting other architectures.
Take the plunge and switch to entirely local headers only.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Andrew Cooper [Thu, 15 Apr 2021 17:05:05 +0000 (18:05 +0100)]
Fix LGTM static analysis issues
* xtf-runner: Class TestInstance implements __hash__ but does not define __eq__.
* mkinfo.py: Import of 'os' is not used.
LGTM also complains about gdt/idt/tss being global symbols with too-short
names. As they're the most appropriate architectural names, insert
suppression comments.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Michal Orzel [Wed, 10 Mar 2021 10:43:32 +0000 (11:43 +0100)]
xtf: Perform misc code cleanup
* Define macro ALIGN to set alignment. Header file asm_macros.h should not
contain architecture specific code. Replace hardcoded alignment value with
a call to macro ALIGN.
* Move declaration of shared_info into xtf/traps.h. Declaration of
shared_info structure should be placed in xtf/traps.h as it is a common
declaration for all the possible architectures.
* Do not protect including <arch/barrier.h>. We should always include
<arch/barrier.h> and rely on the compiler to throw an error. This would
avoid increasing #if protection each time we would add a new architecture.
Signed-off-by: Michal Orzel <michal.orzel@arm.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
[Also implement HYPERCALL0 as it is frequently opencoded] Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Andrew Cooper [Wed, 11 Nov 2020 12:57:45 +0000 (12:57 +0000)]
hypercall: Refine fix for Clang code generation bug
It was incorrect to switch "=a" to "+a" and set up hcall, as the hypercall
number is encoded in the offset within hypercall_page. Switch res back to
just an output.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
projects / people / andrewcoop / xen-test-framework.git / log