>>> On 20.01.15 at 01:45, wrote:
>> From: Jan Beulich [mailto:jbeul...@suse.com]
>> The proposed new hypercall represents _only_ reserved regions.
>> But it was said several times that making the existing one work
>> for HVM (and then fit the purposes here) is at least an option
>> worth investig
On Mon, Jan 12, 2015 at 8:05 AM, Dario Faggioli
wrote:
> Still about referencing "history", one usually puts here a quick summary
> of what changed in each patch, wrt the previously submitted version.
>
> This is actually not really important in this case, since _a_lot_ of
> things changed, as it
> -Original Message-
> From: Stefano Stabellini [mailto:stefano.stabell...@eu.citrix.com]
> Sent: Tuesday, January 20, 2015 1:15 AM
> To: Xu, Quan
> Cc: qemu-de...@nongnu.org; xen-devel@lists.xen.org;
> stefano.stabell...@eu.citrix.com
> Subject: Re: [v3 3/5] Qemu-Xen-vTPM: Register Xen s
> -Original Message-
> From: Stefano Stabellini [mailto:stefano.stabell...@eu.citrix.com]
> Sent: Tuesday, January 20, 2015 1:15 AM
> To: Xu, Quan
> Cc: qemu-de...@nongnu.org; xen-devel@lists.xen.org;
> stefano.stabell...@eu.citrix.com
> Subject: Re: [v3 2/5] Qemu-Xen-vTPM: Xen frontend d
> -Original Message-
> From: Stefano Stabellini [mailto:stefano.stabell...@eu.citrix.com]
> Sent: Tuesday, January 20, 2015 1:19 AM
> To: Xu, Quan
> Cc: qemu-de...@nongnu.org; xen-devel@lists.xen.org;
> stefano.stabell...@eu.citrix.com
> Subject: Re: [v3 3/5] Qemu-Xen-vTPM: Register Xen s
> -Original Message-
> From: Stefano Stabellini [mailto:stefano.stabell...@eu.citrix.com]
> Sent: Tuesday, January 20, 2015 1:53 AM
> To: Stefano Stabellini
> Cc: Xu, Quan; qemu-de...@nongnu.org; xen-devel@lists.xen.org;
> lcapitul...@redhat.com; ebl...@redhat.com; arm...@redhat.com;
> al
On 01/19/2015 11:23 PM, Ian Campbell wrote:
> On Thu, 2015-01-15 at 11:26 +, Ian Jackson wrote:
>> Wen Congyang writes ("[PATCH v2] Fix building error"):
>>> ifeq ($(debug),y)
>>> # Disable optimizations and enable debugging information for macros
>>> CFLAGS += -O0 -g3
>>> +# _FORTIFY_SOURCE
Xen overrides __acpi_register_gsi and leaves __acpi_unregister_gsi as is.
That means, an IRQ allocated by acpi_register_gsi_xen_hvm() or
acpi_register_gsi_xen() will be freed by acpi_unregister_gsi_ioapic(),
which may cause undesired effects. So override __acpi_unregister_gsi to
NULL for safety.
S
Currently Xen Domain0 has special treatment for ACPI SCI interrupt,
that is initialize irq for ACPI SCI at early stage in a special way as:
xen_init_IRQ()
->pci_xen_initial_domain()
->xen_setup_acpi_sci()
Allocate and initialize irq for ACPI SCI
Func
> From: George Dunlap [mailto:george.dun...@eu.citrix.com]
> Sent: Monday, January 19, 2015 9:01 PM
>
> On 01/19/2015 12:23 PM, Tim Deegan wrote:
> > At 11:41 + on 19 Jan (1421664109), Jan Beulich wrote:
> > On 19.01.15 at 12:33, wrote:
> >>> FWIW, I don't like adding hypervisor state (an
> From: Jan Beulich [mailto:jbeul...@suse.com]
> Sent: Monday, January 19, 2015 9:52 PM
>
> >>> On 19.01.15 at 13:23, wrote:
> > At 11:41 + on 19 Jan (1421664109), Jan Beulich wrote:
> >> >>> On 19.01.15 at 12:33, wrote:
> >> > FWIW, I don't like adding hypervisor state (and even more so
> >
On Mon, 19 Jan 2015, Jaggi, Manish wrote:
> (B) solved, it was a small copy.
> (A) Still not able to fix.
>
>
> From: Jaggi, Manish
> Sent: Tuesday, January 20, 2015 12:39 AM
> To: Stefano Stabellini; clark.laugh...@linaro.org
> Cc: jfeh...@suse.com; Kiarie
flight 33567 linux-3.10 real [real]
http://www.chiark.greenend.org.uk/~xensrcts/logs/33567/
Regressions :-(
Tests which did not succeed and are blocking,
including tests which could not be run:
test-amd64-i386-libvirt 5 xen-boot fail REGR. vs. 26303
test-amd64-i386-rhel6h
> Or: declare in the interface that the altp2ms are soft state that can
> be dropped on migration, with some suitable callback (#VE injection?)
> to the guest when an altp2m 'view' is not available. That depends on
> whether the in-guest agent can reconstruct the state it needs from
> scratch.
>
flight 33563 xen-4.4-testing real [real]
http://www.chiark.greenend.org.uk/~xensrcts/logs/33563/
Regressions :-(
Tests which did not succeed and are blocking,
including tests which could not be run:
test-amd64-i386-pair 17 guest-migrate/src_host/dst_host fail REGR. vs. 33292
Tests which are f
On 29/10/14 13:27, James Bulpin wrote:
George Dunlap writes ("Security policy ambiguities - XSA-108 process
post-mortem"):
[snip]
As far as I can tell we basically have the following options:
1. Never allow people to deploy during the embargo period.
2. Always allow people to deploy during t
(B) solved, it was a small copy.
(A) Still not able to fix.
From: Jaggi, Manish
Sent: Tuesday, January 20, 2015 12:39 AM
To: Stefano Stabellini; clark.laugh...@linaro.org
Cc: jfeh...@suse.com; Kiarie Kahurani; Kumar, Vijaya;
anthony.per...@citrix.com; Ian
>>> Without you explaining to us the full details of the in-domain
>>> agent model, I'm afraid this is going to remain dubious and the
>>> question hard to answer. In particular, if you indeed want to
>>> prohibit that behavior on _all_ other p2m types, how would
>>> subsequently changing the imple
Agree with George
On 19 Jan 2015, at 15:55, George Dunlap wrote:
> On Mon, Jan 19, 2015 at 1:38 PM, Ian Jackson
> wrote:
>> Lars Kurth writes ("Re: [Xen-devel] [PATCH SECURITY-POLICY 3/9] Deployment
>> with Security Team Permission"):
>>> On 19 Jan 2015, at 10:20, Jan Beulich wrote:
On 1
On 19 Jan 2015, at 13:36, Ian Jackson wrote:
> Jan Beulich writes ("[Xen-devel] [PATCH SECURITY-POLICY 0/9] Re: Security
> policy ambiguities - XSA-108 process post-mortem"):
>> LGTM, but I think there's no point in ack-ing the series as the
>> changes need to be voted on anyway.
>
> Indeed.
>
On 01/17/2015 01:49 AM, Tim Deegan wrote:
> At 13:43 -0800 on 16 Jan (1421412191), Ed White wrote:
>> I've tried to make all my work consistent with existing code
>> and design in the same vein or same source file, regardless of my
>> opinion of that existing content, unless I had some compelling r
Hi Stefano / Clark,
I thought ubuntu dom0 is the better way to get libvirt working, so following
the steps,
(A) there is a build error, if you can help with
root@manish-thunder-dev:/build/libvirt-upstream/libvirt# debuild -us -uc -i -I
Fatal Python error: Failed to open /dev/urandom
Aborted (cor
On 19/01/15 18:38, Stefano Stabellini wrote:
> On Mon, 19 Jan 2015, David Vrabel wrote:
>> On 19/01/15 17:49, Stefano Stabellini wrote:
>>> On Mon, 19 Jan 2015, David Vrabel wrote:
Unmapping may require sleeping and we unmap while holding priv->lock, so
convert it to a mutex.
>>>
>>> It w
On Mon, 19 Jan 2015, David Vrabel wrote:
> On 19/01/15 17:49, Stefano Stabellini wrote:
> > On Mon, 19 Jan 2015, David Vrabel wrote:
> >> Unmapping may require sleeping and we unmap while holding priv->lock, so
> >> convert it to a mutex.
> >
> > It would be useful to list in the commit message th
On Mon, 19 Jan 2015, Stefano Stabellini wrote:
> Hi Quan,
> thanks for the update: this version is much much better than the
> previous one.
>
> I am not familiar enough with QAPI, HMP and TPM to review the first and
> the last patches though.
I meant the first and the fourth. The last one is fin
On 19/01/15 17:49, Stefano Stabellini wrote:
> On Mon, 19 Jan 2015, David Vrabel wrote:
>> Unmapping may require sleeping and we unmap while holding priv->lock, so
>> convert it to a mutex.
>
> It would be useful to list in the commit message the operations that
> might sleep and are currently cal
On Mon, 19 Jan 2015, David Vrabel wrote:
> Unmapping may require sleeping and we unmap while holding priv->lock, so
> convert it to a mutex.
It would be useful to list in the commit message the operations that
might sleep and are currently called with the spinlock held.
> Signed-off-by: David Vr
Ian Campbell writes ("Re: [Xen-devel] [PATCH SECURITY-POLICY 4/9] Use a public
mailing list for predisclosure membership applications."):
> Perhaps:
> ...@xenproject, which is a public mailing list, if they wish ...
> or, "Note that this is a public mailing list"?
I went with the former of those
Ian Campbell writes ("Re: [Xen-devel] [libvirt test] 33157: regressions -
trouble: blocked/fail/pass/preparing/queued"):
> Ian: This should be backported everywhere please.
Noted, thanks.
Ian.
___
Xen-devel mailing list
Xen-devel@lists.xen.org
h
flight 33560 linux-3.14 real [real]
http://www.chiark.greenend.org.uk/~xensrcts/logs/33560/
Regressions :-(
Tests which did not succeed and are blocking,
including tests which could not be run:
test-amd64-amd64-xl-pvh-intel 5 xen-boot fail REGR. vs. 33341
test-amd64-amd64-xl-pv
On Mon, 2015-01-19 at 16:13 +, Wei Liu wrote:
> We should honour -initrd and -append iff -kernel is specified, because
> that's how QEMU works.
>
> Check direct boot parameters in libxl__domain_build_info_setdefault.
> Return failure if kernel is missing while ramdisk (-initrd) and / or
> cmdl
On Thu, 2015-01-15 at 17:55 +, Anthony PERARD wrote:
> This could happen if xenconsoled have not populate the xenstore key yet.
>
> Signed-off-by: Anthony PERARD
Acked + applied, thanks.
___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://
On 19/01/15 15:41, Jan Beulich wrote:
> ... to reduce padding holes. While doing this I noticed vtsc_usercount
> is a PV-only thing, so it gets moved straight to struct pv_domain.
The vtsc_{user,kernel}count split is curious. They are both for stats
purposes alone, but there is nothing pv specifi
On 13/01/15 14:30, Wei Liu wrote:
> On Tue, Jan 13, 2015 at 02:05:17PM +, David Vrabel wrote:
>> Always fully coalesce guest Rx packets into the minimum number of ring
>> slots. Reducing the number of slots per packet has significant
>> performance benefits (e.g., 7.2 Gbit/s to 11 Gbit/s in an
On Mon, 2015-01-05 at 21:18 -0500, Boris Ostrovsky wrote:
> tools/libxl/libxl_freebsd.c | 12 +++
> tools/libxl/libxl_netbsd.c| 12 +++
These are stubs, CCing some relevant folks to see if they would like to
provide an implementation.
> diff --git a/tools/libxl/libxl.c b/tools/
Julien Grall writes ("[BACKPORT for 4.4/4.3] libxl: Don't ignore error when we
fail to give access to ioport/irq/iomem"):
> If we fail to give the access, the domain will unlikely work correctly.
> So we should bail out at the first error.
>
> Signed-off-by: Julien Grall
> Cc: Ian Jackson
> Cc:
On Mon, 19 Jan 2015, Sergiy Kibrik wrote:
> On 1/19/2015 3:25 PM, Stefano Stabellini wrote:
> >> This doesn't sound like a secure interface: a potentially very
> >> > significant and unbound memory allocation in dom0 is caused by a
> >> > parameter configured by the guest.
> >
> > Sorry, I realiz
On Tue, 30 Dec 2014, Quan Xu wrote:
> +int vtpm_recv(struct XenDevice *xendev, uint8_t* buf, size_t *count)
> +{
> +struct xen_vtpm_dev *vtpmdev = container_of(xendev, struct xen_vtpm_dev,
> +xendev);
> +struct tpmif_shared_page *shr = vtpmdev
On 31/12/2014 00:02, Quan Xu wrote:
> Signed-off-by: Quan Xu
> ---
> configure| 14 ++
> hmp.c| 7 +++
> qapi-schema.json | 19 ---
> qemu-options.hx | 13 +++--
> tpm.c| 7 ++-
> 5 files changed, 54 insertions(+), 6
On Mon, 2015-01-05 at 21:18 -0500, Boris Ostrovsky wrote:
> Instead of copying data for each field in xen_sysctl_topologyinfo separately
> put cpu/socket/node into a single structure and do a single copy for each
> processor.
>
> There is also no need to copy whole op to user at the end, max_cpu_i
Hi Quan,
thanks for the update: this version is much much better than the
previous one.
I am not familiar enough with QAPI, HMP and TPM to review the first and
the last patches though.
Cheers,
Stefano
On Tue, 30 Dec 2014, Quan Xu wrote:
> *INTRODUCTION*
> The goal of virtual Trusted Platform M
On 19/01/15 15:52, Jan Beulich wrote:
> - being non-atomic, their pointer arguments shouldn't be volatile-
> qualified
> - their (half fake) memory operands can be a single "+m" instead of
> being both an output and an input
>
> Signed-off-by: Jan Beulich
There is a note at the top of the fil
On Tue, 30 Dec 2014, Quan Xu wrote:
> This drvier transfers any request/repond between TPM xenstubdoms
> driver and Xen vTPM stubdom, and facilitates communications between
> Xen vTPM stubdom domain and vTPM xenstubdoms driver. It is a glue for
> the TPM xenstubdoms driver and Xen stubdom vTPM doma
On Tue, 30 Dec 2014, Quan Xu wrote:
> This patch adds infrastructure for xen front drivers living in qemu,
> so drivers don't need to implement common stuff on their own. It's
> mostly xenbus management stuff: some functions to access XenStore,
> setting up XenStore watches, callbacks on device di
On 19/01/15 13:19, Ross Lagerwall wrote:
> Commit 61a734d305e1 ("xen/manage: Always freeze/thaw processes when
> suspend/resuming") ensured that userspace processes were always frozen
> before suspending to reduce interaction issues when resuming devices.
> However, freeze_processes() does not free
On Fri, 2015-01-16 at 12:02 +, Julien Grall wrote:
> Hi Ian,
>
> On 16/01/15 10:05, Ian Campbell wrote:
> > On Thu, 2015-01-15 at 21:06 +, Julien Grall wrote:
> >> QEMU upstream requires the use of pixman. When pixman is not present the
> >> system, the configure of QEMU will fail with:
>
On Wed, 2015-01-14 at 16:58 +, Ian Jackson wrote:
> Ian Campbell writes ("Re: [PATCH] libxl: provide xenlight.pc"):
> > On Fri, 2015-01-09 at 14:32 +, Wei Liu wrote:
> > > A pkg-config file for libxl. It also contains two variables
> > > (xenfirmwaredir and libexec_bin) so that tools that a
On Thu, 2015-01-08 at 14:56 -0700, Jim Fehlig wrote:
> From 3425c1cef21d0295fa8fbf9465ea7273b717f637 Mon Sep 17 00:00:00 2001
> From: Jim Fehlig
> Date: Thu, 8 Jan 2015 14:43:28 -0700
> Subject: [PATCH] Install libxlutil.h
>
> libxlutil.{a,so} are installed, but not the corresponding header
> fil
On Thu, 2015-01-15 at 20:23 +, Julien Grall wrote:
> The field nr_lines in the arch_domain vgic structure contains the number of
> SPIs for the emulated GIC. Using the nr_lines make confusion with the GIC
> code, where it means the number of IRQs. This can lead to coding error.
>
> Also introd
>>> On 13.01.15 at 15:25, wrote:
> --- a/xen/drivers/passthrough/device_tree.c
> +++ b/xen/drivers/passthrough/device_tree.c
> @@ -41,6 +41,10 @@ int iommu_assign_dt_device(struct domain *d, struct
> dt_device_node *dev)
> if ( !list_empty(&dev->domain_list) )
> goto fail;
>
> +
>>> On 13.01.15 at 15:25, wrote:
> The physdev sub-hypercalls PHYSDEVOP_{,map}_pirq allow the toolstack to
> assign/deassign a physical IRQ to the guest (via the config options "irqs"
> for xl). The x86 version is using them with PIRQ (IRQ bound to an event
> channel). As ARM doesn't have a such c
>>> On 13.01.15 at 15:25, wrote:
> --- /dev/null
> +++ b/xen/common/guestcopy.c
> @@ -0,0 +1,30 @@
> +#include
> +#include
> +#include
> +#include
> +
> +/* The function copies a string from the guest and adds a NUL to
> + * make sure the string is correctly terminated.
> + */
Coding style.
On 1/19/2015 3:31 PM, Ian Campbell wrote:
> On Mon, 2015-01-19 at 14:03 +0200, Sergiy Kibrik wrote:
>> include/xen/interface/io/fbif.h |9 +-
>
> Please get the any protocol changes reviewed and accepted into xen.git
> first, including e.g. the switch to grant tables, if that requires
> fron
>>> On 13.01.15 at 15:25, wrote:
> @@ -1069,7 +1057,6 @@ struct xen_domctl {
> #define XEN_DOMCTL_set_vcpu_msrs 73
> #define XEN_DOMCTL_setvnumainfo 74
> #define XEN_DOMCTL_psr_cmt_op75
> -#define XEN_DOMCTL_arm_configure_domain 76
On 1/19/2015 3:25 PM, Stefano Stabellini wrote:
>> This doesn't sound like a secure interface: a potentially very
>> > significant and unbound memory allocation in dom0 is caused by a
>> > parameter configured by the guest.
>
> Sorry, I realize now that fortunately it is the other way around.
> I
>>> On 19.01.15 at 17:25, wrote:
> On Mon, 2015-01-19 at 15:42 +, Jan Beulich wrote:
>> ... to reduce padding holes.
>>
>> I also wonder whether having independent spin locks side by side is
>> really a good thing cache-line-bouncing-wise.
>
> AIUI the general wisdom is to put each spinlock
hi Stefano, thank you for comments,
On 1/19/2015 3:21 PM, Stefano Stabellini wrote:
> On Mon, 19 Jan 2015, Sergiy Kibrik wrote:
>> Use N-buffering instead of old deferred I/O, which is not suitable for high
>> frame rates. This includes new event type -- xenfb_in_released,
>> to track buffers not
Signed-off-by: Julien Grall
---
xen/arch/arm/vgic-v2.c | 30 +-
1 file changed, 17 insertions(+), 13 deletions(-)
diff --git a/xen/arch/arm/vgic-v2.c b/xen/arch/arm/vgic-v2.c
index 3e5371f..86b4340 100644
--- a/xen/arch/arm/vgic-v2.c
+++ b/xen/arch/arm/vgic-v2.c
@@ -1
Some registers, such as GICD_ITARGET0 can be read/write with different
size.
When the write is ignored only word-access is checked. This will lead to
a domain crash if the guest is trying to access via byte-word.
In general, it's not necessary/important to check the size. It's better
to log it to
This register is shared between every vCPUs and the lock was already
taken for read.
Signed-off-by: Julien Grall
---
This patch should be backported to Xen 4.4 and Xen 4.5.
Although, it won't apply directly for Xen 4.4.
---
xen/arch/arm/vgic-v2.c | 3 +++
1 file changed, 3 insertions(+
The current vGIC v3 driver doesn't fully implement GICv3 spec:
- GICv3 backward compatibility is not supported (GICD_CTLR.ARE = 0)
- A processor can only access his own redistributor. For buggy
assumption, the current code bank the redistributors MMIO.
Signed-off-by: Julien Grall
---
On GICv3, the value (CPUNumber + 1) indicates the number of processor that may
be used as interrupts targets when ARE bit is zero. The maximum is 8
processors.
Signed-off-by: Julien Grall
---
The current code of the vGIC doesn't support ARE = 0.
Nonetheless, the patch is a candidate for b
Also remove vGICv3 in the message log as gdprintk already print the name
of the file.
Signed-off-by: Julien Grall
---
xen/arch/arm/vgic-v3.c | 85 ++
1 file changed, 45 insertions(+), 40 deletions(-)
diff --git a/xen/arch/arm/vgic-v3.c b/xen/arch/
In general, it's not necessary/important to check the size. It's better
to log it to let know the guest that its access will have no effect.
Note: On debug build it may happen to see some of these messages during
domain boot.
Signed-off-by: Julien Grall
---
xen/arch/arm/vgic-v3.c | 95 +
>From Linux 3.19, the GICv3 drivers is using GICD_TYPER.IDbits to check
the validity of the hardware interrupt number.
The field IDBits in the register GICD_TYPER is used to know the number of
interrupt identifiers (SPI, PPIs, SGIs, LPIs) supported by GIC Stream Protocol
Interface.
This field con
The number of implemented CPU interfaces is one more than the value of
this field.
Also avoid to hardcode the shift and remove unuseful mask.
Signed-off-by: Julien Grall
---
This patch should be backported to Xen 4.4 and Xen 4.5.
Although this patch won't apply directly for Xen 4.4 and
On Mon, 2015-01-19 at 16:14 +, Julien Grall wrote:
> >> diff --git a/xen/arch/arm/vgic.c b/xen/arch/arm/vgic.c
> >> index b272d86..1a8b3cd 100644
> >> --- a/xen/arch/arm/vgic.c
> >> +++ b/xen/arch/arm/vgic.c
> >> @@ -110,6 +110,15 @@ int domain_vgic_init(struct domain *d)
> >>
> >> d->ar
Hello,
The first goal of this series is to fix Linux 3.19 DOM0 booting on GICv3 systems
(see patch #1).
I also took the opportunity to review vGIC drivers and found several issues.
While I believe everything should be ok for vGICv2, there is still some
pending bugs in vGICv3 that will require som
As backward GICv2 compatibility is not supported in the VGICv3 driver,
the bit ARE_NS should be set at any time.
Futhermore, when ARE_NS is set, the guest can only modify EnableGrp1A.
At same time take the vgic_lock to write into domain.arch.vgic.ctrl. It
was already taken during read.
Signed-of
On Mon, 2015-01-19 at 15:42 +, Jan Beulich wrote:
> ... to reduce padding holes.
>
> I also wonder whether having independent spin locks side by side is
> really a good thing cache-line-bouncing-wise.
AIUI the general wisdom is to put each spinlock next to the data it
protects (I suppose on t
On Mon, 19 Jan 2015 13:19:03 +
Ian Campbell wrote:
> On Mon, 2015-01-19 at 13:10 +, Ian Jackson wrote:
> > Ian Campbell writes ("Re: [Xen-devel] [PATCH SECURITY-POLICY 4/9] Use a
> > public mailing list for predisclosure membership applications."):
> > > On Fri, 2015-01-16 at 19:52 +
Hi Ian,
On 19/01/15 16:04, Ian Campbell wrote:
> On Thu, 2015-01-15 at 20:23 +, Julien Grall wrote:
>
> Subject should be "Automatically find..."
>
>> Use the new vgic interface to know which virtual PPI is free and use it
>> for the event channel code.
>>
>> At the DOM0 creation time, Xen s
Hi Ian,
On 19/01/15 15:55, Ian Campbell wrote:
>> diff --git a/xen/arch/arm/domain.c b/xen/arch/arm/domain.c
>> index 7221bc8..d0229d1 100644
>> --- a/xen/arch/arm/domain.c
>> +++ b/xen/arch/arm/domain.c
>> @@ -548,6 +548,9 @@ int arch_domain_create(struct domain *d, unsigned int
>> domcr_flags)
We should honour -initrd and -append iff -kernel is specified, because
that's how QEMU works.
Check direct boot parameters in libxl__domain_build_info_setdefault.
Return failure if kernel is missing while ramdisk (-initrd) and / or
cmdline (-append) is present.
Signed-off-by: Wei Liu
Cc: Ian Cam
On Thu, 2015-01-15 at 20:23 +, Julien Grall wrote:
Subject should be "Automatically find..."
> Use the new vgic interface to know which virtual PPI is free and use it
> for the event channel code.
>
> At the DOM0 creation time, Xen still don't know which vIRQ will be free.
"...Xen still doe
At 15:42 + on 19 Jan (1421678566), Jan Beulich wrote:
> ... to reduce padding holes.
>
> I also wonder whether having independent spin locks side by side is
> really a good thing cache-line-bouncing-wise.
>
> Signed-off-by: Jan Beulich
> @@ -390,15 +397,12 @@ struct domain
>
> /* If
From: Jenny Herbert
Introduce gnttab_unmap_refs_async() that can be used to safely unmap
pages that may be in use (ref count > 1). If the pages are in use the
unmap is deferred and retried later. This polling is not very clever
but it should be good enough if the cases where the delay is necess
This series fixes a number of long-standing bugs in the handling of
grant maps. Refer to the following for all the details.
http://xenbits.xen.org/people/dvrabel/grant-improvements-C.pdf
In summary, the important uses that this enables are:
1. Block backends can use networked storage safely.
The optional find_special_page VMA operation is used to lookup the
pages backing a VMA. This is useful in cases where the normal
mechanisms for finding the page don't work. This is only called if
the PTE is special.
One use case is a Xen PV guest mapping foreign pages into userspace.
In a Xen P
On 19/01/15 15:36, Jan Beulich wrote:
> @@ -483,7 +482,7 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H
> ret = -EFAULT;
> if ( copy_from_guest(&apic, arg, 1) != 0 )
> break;
> -ret = xsm_apic(XSM_PRIV, v->domain, cmd);
> +ret = xsm_apic(XSM_PRIV, currd,
Using atomic (LOCKed on x86) bitops for certain of the operations on
cpumask_t is overkill when the variables aren't concurrently accessible
(e.g. local function variables, or due to explicit locking). Introduce
alternatives using non-atomic bitops and use them where appropriate.
Signed-off-by: Ja
For a PV guest, use the find_special_page op to find the right page.
To handle VMAs being split, remember the start of the original VMA so
the correct index in the pages array can be calculated.
Signed-off-by: David Vrabel
---
drivers/xen/gntdev.c | 12
1 file changed, 12 insertio
Unmapping may require sleeping and we unmap while holding priv->lock, so
convert it to a mutex.
Signed-off-by: David Vrabel
---
drivers/xen/gntdev.c | 40
1 file changed, 20 insertions(+), 20 deletions(-)
diff --git a/drivers/xen/gntdev.c b/drivers/xen
From: Jenny Herbert
Use gnttab_unmap_refs_async() to wait until the mapped pages are no
longer in use before unmapping them.
This allows blkback to use network storage which may retain refs to
pages in queued skbs after the block I/O has completed.
Signed-off-by: Jenny Herbert
Signed-off-by: D
From: Jenny Herbert
Use gnttab_unmap_refs_async() to wait until the mapped pages are no
longer in use before unmapping them.
This allows userspace programs to safely use Direct I/O and AIO to a
network filesystem which may retain refs to pages in queued skbs after
the filesystem I/O has complete
On Thu, 2015-01-15 at 20:23 +, Julien Grall wrote:
> While it's easy to know which hardware IRQ is assigned to a domain, there
> is no way to know which vIRQ is allocated by Xen for a specific domain.
>
> Introduce a bitmap to keep track of every vIRQ used by a domain. This
> will be used late
In an x86 PV guest, get_user_pages_fast() on a userspace address range
containing foreign mappings does not work correctly because the M2P
lookup of the MFN from a userspace PTE may return the wrong page.
Force get_user_pages_fast() to fail on such addresses by marking the PTEs
as special.
If Xen
On Mon, Jan 19, 2015 at 1:38 PM, Ian Jackson
wrote:
> Lars Kurth writes ("Re: [Xen-devel] [PATCH SECURITY-POLICY 3/9] Deployment
> with Security Team Permission"):
>> On 19 Jan 2015, at 10:20, Jan Beulich wrote:
>> > On 16.01.15 at 20:52, wrote:
>> >> +List members may, if (and only if) the Sec
- being non-atomic, their pointer arguments shouldn't be volatile-
qualified
- their (half fake) memory operands can be a single "+m" instead of
being both an output and an input
Signed-off-by: Jan Beulich
--- a/xen/include/asm-x86/bitops.h
+++ b/xen/include/asm-x86/bitops.h
@@ -53,12 +53,9
From: Jenny Herbert
Use the foreign page flag in netback to get the domid and grant ref
needed for the grant copy. This signficiantly simplifies the netback
code and makes netback work with foreign pages from other backends
(e.g., blkback).
This allows blkback to use iSCSI disks provided by dom
When unmapping grants, instead of converting the kernel map ops to
unmap ops on the fly, pre-populate the set of unmap ops.
This allows the grant unmap for the kernel mappings to be trivially
batched in the future.
Signed-off-by: David Vrabel
---
arch/arm/include/asm/xen/page.h |2 +-
arch/
From: Jenny Herbert
Use the "foreign" page flag to mark pages that have a grant map. Use
page->private to store information of the grant (the granting domain
and the grant reference).
Signed-off-by: Jenny Herbert
Signed-off-by: David Vrabel
---
arch/x86/xen/p2m.c|7 ---
drive
From: Jenny Herbert
Ballooned pages are always used for grant maps which means the
original frame does not need to be saved in page->index nor restored
after the grant unmap.
This allows the workaround in netback for the conflicting use of the
(unionized) page->index and page->pfmemalloc to be r
From: Jenny Herbert
The foreign page flag will be used by Xen guests to mark pages that
have grant mappings of frames from other (foreign) guests.
The foreign flag is an alias for the existing (Xen-specific) pinned
flag. This is safe because pinned is only used on pages used for page
tables and
Add gnttab_alloc_pages() and gnttab_free_pages() to allocate/free pages
suitable to for granted maps.
Signed-off-by: David Vrabel
---
drivers/block/xen-blkback/blkback.c |8
drivers/net/xen-netback/interface.c |7 +++
drivers/xen/gntdev.c|4 ++--
drivers/
The scratch frame mappings for ballooned pages and the m2p override
are broken. Remove them in preparation for replacing them with
simpler mechanisms that works.
The scratch pages did not ensure that the page was not in use. In
particular, the foreign page could still be in use by hardware. If
... to reduce padding holes.
I also wonder whether having independent spin locks side by side is
really a good thing cache-line-bouncing-wise.
Signed-off-by: Jan Beulich
--- a/xen/include/xen/sched.h
+++ b/xen/include/xen/sched.h
@@ -306,6 +306,9 @@ struct domain
{
domid_t domain
On 19/01/15 05:07, Juergen Gross wrote:
> Hi,
>
> anything missing to take these patches?
Patch #1 needs an x86 maintainer ack.
David
> On 12/17/2014 10:50 AM, Juergen Gross wrote:
>> The Xen hypercalls are defined in include/xen/interface/xen.h. There
>> are some places where for each hypercal
... to reduce padding holes. While doing this I noticed vtsc_usercount
is a PV-only thing, so it gets moved straight to struct pv_domain.
Signed-off-by: Jan Beulich
--- a/xen/arch/x86/time.c
+++ b/xen/arch/x86/time.c
@@ -1767,7 +1767,7 @@ void pv_soft_rdtsc(struct vcpu *v, struc
if ( guest_
On 19/01/15 15:36, Jan Beulich wrote:
> We don't really need the MFN in more than one place (after dropping
> mfn_to_page() translations where we know the result already), so no
> need to have a local variable for it.
>
> Signed-off-by: Jan Beulich
Reviewed-by: Andrew Cooper
>
> --- a/xen/arch/
1 - 100 of 223 matches
Mail list logo
