Allows expert users to disable tmem via Kconfig. Incorporates feedback
from Jan and Konrad. Patch 2 & 3 from v1 were merged and patch 4 was
dropped.
Doug Goldstein (3):
tmem: add tmem_disable() function
tmem: drop direct usage of opt_tmem
tmem: allow tmem to be disabled with Kconfig
On 3/8/16 10:50 AM, Wei Liu wrote:
> On Tue, Mar 08, 2016 at 10:34:42AM -0600, Doug Goldstein wrote:
>> On 3/8/16 9:38 AM, Wei Liu wrote:
>>> On Mon, Mar 07, 2016 at 08:23:40PM -0600, Doug Goldstein wrote:
>>>> The build should not use -O0 as that results in misco
directly check opt_tmem but instead use the
tmem_enabled() helper function.
Signed-off-by: Doug Goldstein
Acked-by: Jan Beulich
---
CC: Keir Fraser
CC: Jan Beulich
CC: Andrew Cooper
CC: Konrad Rzeszutek Wilk
change since v2:
- merged commit message from patch 2 and 3
change since v1
Have Kconfig set CONFIG_FLASK_AVC_STATS and prefix all uses with CONFIG_
to use the Kconfig variable.
Signed-off-by: Doug Goldstein
Acked-by: Daniel De Graaf
---
CC: Daniel De Graaf
---
xen/common/Kconfig | 6 ++
xen/include/xen/config.h| 5 -
xen/xsm/flask/avc.c
The command line instructions for FLASK include a note on how to compile
Xen with FLASK but the note was out of date after the change to Kconfig.
Signed-off-by: Doug Goldstein
---
CC: Ian Jackson
CC: Jan Beulich
CC: Keir Fraser
CC: Tim Deegan
CC: Konrad Rzeszutek Wilk
CC: Daniel De Graaf
ock.
>
> Signed-off-by: Andrew Cooper
> ---
Reviewed-by: Doug Goldstein
This patch seems to be a general improvement and doesn't cause other
regressions without the rest of the series so can we merged this one.
--
Doug Goldstein
signature.asc
Description: OpenPGP digita
I have attached logs for reference.
>>> Before this step, I could not setup Linux Bridge Network for Guest
>>> networking.
>>> I am using my router for internet connection.Can this will be problem?
>>> Can you please have a look and let me know.
>>>
The help message did not include information about the --type parameter.
Signed-off-by: Doug Goldstein
---
CC: Ian Jackson
CC: Stefano Stabellini
CC: Wei Liu
---
tools/console/client/main.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/tools/console/client/main.c b/tools/console/client
On 3/16/16 2:18 PM, Doug Goldstein wrote:
> Rather than have XSM_MAGIC set in the global xen/config.h and set in
> xsm.h if it's unset, just set it once in xsm.h since its only used in
> files that already include xsm.h
>
> Signed-off-by: Doug Goldstein
> ---
> CC: Dan
bout rust language.
>
>
> Regards,
> -Sabiya
>
>
Sabiya,
I'll take a look but you will definitely want to take a look at the
contributing guidelines [1] and resubmit the patch following the
guidelines so that we can include it.
[1] http://www.xenproject.org/help/contrib
type = LIBXL_CONSOLE_TYPE_PV;
> @@ -3432,13 +3441,18 @@ int main_console(int argc, char **argv)
> case 'n':
> num = atoi(optarg);
> break;
> +case 'e':
> +escapechar = getEscapeChar(optarg);
> +break;
> }
There are a number of debugging options for Xen so the idea is to have a
menu to group them all together.
Signed-off-by: Doug Goldstein
---
This is more of an RFC than a merge request. If this seems reasonable I'll
add all the other debugging options under this menu as well. Obviously if
Convert the crash_debug option to Kconfig as CONFIG_CRASH_DEBUG. This
was previously togglable on the command line so this adds a message for
users enabling it from the command line to tell them to enable it from
make menuconfig.
Signed-off-by: Doug Goldstein
---
This is an example of using the
On 3/25/16 2:42 PM, Konrad Rzeszutek Wilk wrote:
> On Thu, Mar 24, 2016 at 11:48:18AM -0500, Doug Goldstein wrote:
>> There are a number of debugging options for Xen so the idea is to have a
>> menu to group them all together.
>>
>> Signed-off-by: Doug Goldstein
>&
On 3/25/16 2:49 PM, Konrad Rzeszutek Wilk wrote:
> On Thu, Mar 24, 2016 at 11:48:19AM -0500, Doug Goldstein wrote:
>> Convert the crash_debug option to Kconfig as CONFIG_CRASH_DEBUG. This
>> was previously togglable on the command line so this adds a message for
>> users
On 3/16/16 2:14 PM, Doug Goldstein wrote:
> On 3/8/16 10:50 AM, Wei Liu wrote:
>> On Tue, Mar 08, 2016 at 10:34:42AM -0600, Doug Goldstein wrote:
>>> On 3/8/16 9:38 AM, Wei Liu wrote:
>>>> On Mon, Mar 07, 2016 at 08:23:40PM -0600, Doug Goldstein wrote:
>>>
On 3/29/16 6:44 AM, George Dunlap wrote:
> On Mon, Mar 28, 2016 at 4:01 PM, Doug Goldstein wrote:
>> On 3/16/16 2:14 PM, Doug Goldstein wrote:
>>> On 3/8/16 10:50 AM, Wei Liu wrote:
>>>> On Tue, Mar 08, 2016 at 10:34:42AM -0600, Doug Goldstein wrote:
>>
;'
>
> CFLAGS-$(verbose) += -DVERBOSE
>
This was committed as 607044bf9a8c8a8b37666a3a64c0d9b005875b13 and
breaks the build on clang.
https://travis-ci.org/xen-project/xen/jobs/11981#L1004
https://travis-ci.org/xen-project/xen/jobs/11982#L1002
-
ULL, "console", 1) {
> case 't':
> if (!strcmp(optarg, "pv"))
> type = LIBXL_CONSOLE_TYPE_PV;
> @@ -3432,13 +3445,18 @@ int main_console(int argc, char **argv)
> case 'n':
> num = atoi(optarg);
>
On 3/29/16 3:50 AM, Jan Beulich wrote:
>>>> On 25.03.16 at 22:02, wrote:
>> On 3/25/16 2:49 PM, Konrad Rzeszutek Wilk wrote:
>>> On Thu, Mar 24, 2016 at 11:48:19AM -0500, Doug Goldstein wrote:
>>>> --- a/xen/Kconfig.debug
>>>> +++ b/xen/K
On 3/30/16 11:00 AM, Ian Jackson wrote:
> Doug Goldstein writes ("Re: [PATCH 2/2] tools: detect appropriate debug
> optimization level"):
>> On 3/8/16 9:38 AM, Wei Liu wrote:
>>> On Mon, Mar 07, 2016 at 08:23:40PM -0600, Doug Goldstein wrote:
>>>> The
E_PARAMS)
> params.checkpointed_stream = 0;
> ret = libxl_domain_create_restore(cfg->ctx, &d_config, &domid,
>restore_fd, ¶ms, NULL,
>
ACK
This fixes integration testing that Xen Pr
uild quite a bit, and won't make much of a
>> dent on the symbol table bloat.
>
> While this I'm unclear about: Istr Doug mentioning that simply
> adding the option in suitable for to AFLAGS would do.
>
> Jan
>
I was trying to do exactly what you mentioned where we still passed it
to gas and didn't pass it to llvm but unfortunately at some point the
flags get combined together and passed to llvm and fails.
--
Doug Goldstein
signature.asc
Description: OpenPGP digital signature
___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
7;s not very important TBH, but it would be a "nice to have".
>
> Roger.
>
We could also ask Kevin to do a 1.9.2 from the 1.9-stable branch.
There's one more commit on top of the one that Roger asked for in the
1.9-stable branch.
--
Doug Goldstein
signature.asc
Description: OpenPGP digital signature
___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
e a lot more low risk than something like
QEMU since they have a very clear target so they're a lot more likely to
remain stable. SeaBIOS also has a fairly low level of churn, especially
on stable branches.
Just a thought.
--
Doug Goldstein
signature.asc
Description: OpenPGP digital signature
___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
disabled. To make XSM usage more smooth I propose we
bake the default policy into .initdata so that when you boot Xen
compiled with XSM you are no worse off than compiling XSM out.
The rationale here is that prior to a recent commit when you compiled
Xen with XSM enabled but did not provide a default policy then any domUs
that you ran had as much access as dom0. The recent commit changed it so
that Xen by default does not boot without a policy.
With my proposed change we would have "dummy" that would compile in and
if you provided another policy it would be used instead or you could
late load a replacement policy. Basically filling the gap of turning on
XSM and having a system less secure than XSM off until you developed
your policy.
--
Doug Goldstein
signature.asc
Description: OpenPGP digital signature
___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
When building debug use -Og as the optimization level if its available,
otherwise retain the use of -O0. -Og has been added by GCC to enable all
optimizations that to not affect debugging while retaining full
debugability.
Signed-off-by: Doug Goldstein
---
tools/Rules.mk | 3 ++-
1 file changed
important but I figured I'd be clear about my motivations.
For Gentoo I'll actually keep the stock settings. For Yocto I'll keep
the stock settings but expose a way to run kconfig (like the linux
kernel is in Yocto) for vendors with a security focus. I'm aware of a
handful of downstream vendors which will utilize that capability.
--
Doug Goldstein
signature.asc
Description: OpenPGP digital signature
___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
The #ifndef / #define value used was not consistent so it did not
function as a proper header guard.
Signed-off-by: Doug Goldstein
---
tools/libfsimage/ufs/ufs.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/libfsimage/ufs/ufs.h b/tools/libfsimage/ufs/ufs.h
index
. This does not enable building of the toolstack with clang for
now due to multiple failures.
Signed-off-by: Doug Goldstein
---
.travis.yml | 8
scripts/travis-build | 31 +++
2 files changed, 35 insertions(+), 4 deletions(-)
create mode 100755 scripts
On 4/25/16 9:53 AM, Wei Liu wrote:
> On Mon, Apr 25, 2016 at 09:46:18AM -0500, Doug Goldstein wrote:
>> For native (non-cross compiles) we now only require bcc, ld86, as86 for
>> building rombios, we can build the toolstack sans rombios and using the
>> system SeaBIOS due to k
Instead of trying to write a snippet of code that crashes the process
just use abort() directly. This is to fix the build on clang which
detects that the snippet of code will crash and fails to compile. At
the same time removed extraneous whitespace in the macro.
Signed-off-by: Doug Goldstein
On 4/25/16 9:46 AM, Doug Goldstein wrote:
> For native (non-cross compiles) we now only require bcc, ld86, as86 for
> building rombios, we can build the toolstack sans rombios and using the
> system SeaBIOS due to known build issues. At the same time capture the
> output of the confi
When building debug use -Og as the optimization level if its available,
otherwise retain the use of -O0. -Og has been added by GCC to enable all
optimizations that to not affect debugging while retaining full
debugability.
Signed-off-by: Doug Goldstein
---
change since v2:
- switch back to cc
On 4/26/16 9:52 AM, Roger Pau Monne wrote:
> Signed-off-by: Roger Pau Monné
> ---
> Cc: Doug Goldstein
> ---
> xen/tools/kconfig/Makefile.kconfig | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/xen/tools/kconfig/Makefile.kconfi
> Signed-off-by: Roger Pau Monné
> ---
Reviewed-by: Doug Goldstein
--
Doug Goldstein
signature.asc
Description: OpenPGP digital signature
___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
On 4/26/16 9:52 AM, Roger Pau Monne wrote:
> Previously HOSTCC was always hardcoded to gcc
>
> Signed-off-by: Roger Pau Monné
Reviewed-by: Doug Goldstein
--
Doug Goldstein
signature.asc
Description: OpenPGP digital signature
___
On 4/26/16 9:52 AM, Roger Pau Monne wrote:
> The xconfig Kconfig target requires a C++ compiler because it uses Qt.
>
> Signed-off-by: Roger Pau Monné
Reviewed-by: Doug Goldstein
--
Doug Goldstein
signature.asc
Description: OpenPGP digital
On 4/26/16 9:52 AM, Roger Pau Monne wrote:
> Signed-off-by: Roger Pau Monné
> Acked-by: Ian Jackson
Reviewed-by: Doug Goldstein
--
Doug Goldstein
signature.asc
Description: OpenPGP digital signature
___
Xen-devel mailing list
Xen
ecific types to uint64_t only, and then replacing all the
> uint64_t types to __align8__ uint64_t. This relies on the fact that all
> Xen-specific types will have longer names, so they will always be replaced
> first.
>
> Signed-off-by: Roger Pau Monné
Reviewed-by: Doug Gol
;
> Signed-off-by: Roger Pau Monné
Reviewed-by: Doug Goldstein
--
Doug Goldstein
signature.asc
Description: OpenPGP digital signature
___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
On 4/26/16 9:52 AM, Roger Pau Monne wrote:
> It should be an enum, not an unsigned.
>
> Signed-off-by: Roger Pau Monné
Reviewed-by: Doug Goldstein
I had to drop the shutdown_reason >= 0 check a few lines below in my
version of this patch. But maybe its not necessary after al
On 4/26/16 9:52 AM, Roger Pau Monne wrote:
> It returns an int, not a libxl_scheduler.
>
> Signed-off-by: Roger Pau Monné
Reviewed-by: Doug Goldstein
--
Doug Goldstein
signature.asc
Description: OpenPGP digital signature
___
Xen-deve
s that require updating. You can either resend the
> whole series with all tags folded in or just update those patches that
> require updating. Do whatever most convenient for you.
>
> Wei.
>
FWIW, a lot of these are individual patches and don't build on each
other. If some
On 4/27/16 12:01 PM, Andrew Cooper wrote:
> tools now build under clang, so let them be tested.
>
> Signed-off-by: Andrew Cooper
> ---
Acked-by: Doug Goldstein
--
Doug Goldstein
signature.asc
Description: OpenPGP digital signature
_
red compiler is
> available. Note that travis already performs this step, but in a way which
> isn't fatal to the build.
>
> Signed-off-by: Andrew Cooper
Acked-by: Doug Goldstein
--
Doug Goldstein
signature.asc
Description: OpenPGP digital signature
_
0:20: note: uninitialized use occurs here
> if (select(fd + 1, &fds, NULL, NULL, NULL) > 0)
> ^~
>
> This situation can't actually happen, as usage() is a terminal path. Annotate
> it appropriately.
>
> Signed-off-by: Andrew Cooper
> ---
a
> list_for_each_entry(tl, &tap->list, entry) construct, but this is just a
> member name, and not a reference to local scope variable of the same name.
>
> Signed-off-by: Andrew Cooper
> ---
Reviewed-by: Doug Goldstein
--
Do
sk_sync and tapdisk_vmdk had it not been for this bug preventing a build
> failure. Drop all three.
>
> No functional change, but only because of the specific layout of
> tapdisk_disk_types[].
>
> Signed-off-by: Andrew Cooper
> ---
Reviewed-by: Doug Goldstein
Your ass
On 4/27/16 12:01 PM, Andrew Cooper wrote:
> Like c/s 4d98d3ebf - there is a second instance.
>
> Signed-off-by: Andrew Cooper
> ---
Reviewed-by: Doug Goldstein
--
Doug Goldstein
signature.asc
Description: OpenPGP digital signature
_
mp; index < node->num_domains)
> ~ ^ ~
>
> Signed-off-by: Andrew Cooper
> ---
Reviewed-by: Doug Goldstein
--
Doug Goldstein
signature.asc
Description: OpenPGP digital signature
___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
Convert the crash_debug option to Kconfig as CONFIG_CRASH_DEBUG. This
was previously togglable on the command line so this adds a message for
users enabling it from the command line to tell them to enable it from
make menuconfig.
Signed-off-by: Doug Goldstein
---
CC: Jan Beulich
CC: Andrew
Convert 'verbose', which was enabled by 'debug=y' to Kconfig as
CONFIG_VERBOSE_DEBUG which is enabled by default when CONFIG_DEBUG is
enabled.
Signed-off-by: Doug Goldstein
---
CC: Stefano Stabellini
CC: Julien Grall
CC: Jan Beulich
CC: Andrew Cooper
CC: Daniel De
id 'verbose=y' and 'frame_pointer=y' so they were linked but
differently.
Doug Goldstein (7):
build: add debug menu to Kconfig
build: convert crash_debug to Kconfig
build: convert verbose to Kconfig
build: convert frame_pointer to Kconfig
build: wire up pre-existi
There are a number of debugging options for Xen so the idea is to have a
menu to group them all together. Enabling this menu item will also
disable NDEBUG which will result in more debug prints. This was
previously wired into the 'debug=y' command line option.
Signed-off-by: Doug
Convert the 'perfc' and 'perfc_arrays' options to Kconfig as
CONFIG_PERF_COUNTERS and CONFIG_PERF_ARRAYS to minimize code changes.
Signed-off-by: Doug Goldstein
---
CC: Jan Beulich
CC: Andrew Cooper
---
INSTALL | 2 --
xen/Kconfig.debug
Converts the frame_pointer option to a Kconfig option.
Signed-off-by: Doug Goldstein
---
CC: Andrew Cooper
CC: George Dunlap
CC: Ian Jackson
CC: Jan Beulich
CC: Konrad Rzeszutek Wilk
CC: Stefano Stabellini
CC: Tim Deegan
CC: Wei Liu
---
INSTALL | 1 -
xen/Kconfig.debug | 8
e and if the user has already
built up a config their have their real preference set.
Signed-off-by: Doug Goldstein
---
CC: Andrew Cooper
CC: George Dunlap
CC: Ian Jackson
CC: Jan Beulich
CC: Konrad Rzeszutek Wilk
CC: Stefano Stabellini
CC: Tim Deegan
CC: Wei Liu
---
xen/Kconfig.debug | 5
Convert the 'lock_profile' option to Kconfig as CONFIG_LOCK_PROFILE.
Signed-off-by: Doug Goldstein
---
CC: Stefano Stabellini
CC: Julien Grall
CC: Jan Beulich
CC: Andrew Cooper
---
INSTALL| 1 -
xen/Kconfig.debug | 6 ++
xen/Rules.mk
On 4/27/16 8:12 AM, Lars Kurth wrote:
>
>> On 24 Apr 2016, at 02:06, Doug Goldstein wrote:
>>
>> On 4/22/16 9:25 AM, George Dunlap wrote:
>>> On Fri, Apr 22, 2016 at 3:22 PM, Lars Kurth
>>> wrote:
>>>>
>>>>> On 22 Apr 2016,
On 5/2/16 6:02 AM, Andrew Cooper wrote:
> On 02/05/2016 11:42, Wei Liu wrote:
>> On Sun, May 01, 2016 at 11:10:40PM -0500, Doug Goldstein wrote:
>>> There are a number of debugging options for Xen so the idea is to have a
>>> menu to group them all together. Enabli
On 5/2/16 10:18 AM, Konrad Rzeszutek Wilk wrote:
> On Sun, May 01, 2016 at 11:10:42PM -0500, Doug Goldstein wrote:
>> Convert 'verbose', which was enabled by 'debug=y' to Kconfig as
>> CONFIG_VERBOSE_DEBUG which is enabled by default when CONFIG_DEBUG is
&g
UG is turned on (or isn't).
Basically if you enable the debug menu at all it will not turn on NDEBUG.
Previously this was only done when you supplied 'debug=n'. The inverse,
'debug=y' did 'verbose=y' and 'frame_pointer=y' so they were linked but
differentl
Convert the 'perfc' and 'perfc_arrays' options to Kconfig as
CONFIG_PERF_COUNTERS and CONFIG_PERF_ARRAYS to minimize code changes.
Signed-off-by: Doug Goldstein
---
CC: Jan Beulich
CC: Andrew Cooper
---
INSTALL | 2 --
xen/Kconfig.debug
Convert 'verbose', which was enabled by 'debug=y' to Kconfig as
CONFIG_VERBOSE_DEBUG which is enabled by default when CONFIG_DEBUG is
enabled.
Signed-off-by: Doug Goldstein
---
CC: Stefano Stabellini
CC: Julien Grall
CC: Jan Beulich
CC: Andrew Cooper
CC: Daniel De
Converts the frame_pointer option to a Kconfig option.
Signed-off-by: Doug Goldstein
---
CC: Andrew Cooper
CC: George Dunlap
CC: Ian Jackson
CC: Jan Beulich
CC: Konrad Rzeszutek Wilk
CC: Stefano Stabellini
CC: Tim Deegan
CC: Wei Liu
---
INSTALL | 1 -
xen/Kconfig.debug | 8
e and if the user has already
built up a config with their real preference set.
Signed-off-by: Doug Goldstein
---
CC: Andrew Cooper
CC: George Dunlap
CC: Ian Jackson
CC: Jan Beulich
CC: Konrad Rzeszutek Wilk
CC: Stefano Stabellini
CC: Tim Deegan
CC: Wei Liu
---
xen/Kconfig.debug | 5 +
xen
Convert the 'lock_profile' option to Kconfig as CONFIG_LOCK_PROFILE.
Signed-off-by: Doug Goldstein
---
CC: Stefano Stabellini
CC: Julien Grall
CC: Jan Beulich
CC: Andrew Cooper
---
INSTALL| 1 -
xen/Kconfig.debug | 8
xen/Rules.mk
There are a number of debugging options for Xen so the idea is to have a
menu to group them all together. Enabling this menu item will also
disable NDEBUG which will result in more debug prints. This was
previously wired into the 'debug=y' command line option.
Signed-off-by: Doug
Convert the crash_debug option to Kconfig as CONFIG_CRASH_DEBUG. This
was previously togglable on the command line so this adds a message for
users enabling it from the command line to tell them to enable it from
make menuconfig.
Signed-off-by: Doug Goldstein
---
CC: Jan Beulich
CC: Andrew
>>
>> +#ifndef CONFIG_DEBUG
>> +#define NDEBUG
>> +#endif
>
> At the same time you should delete the -DNDEBUG from xen/Rules.mk.
> There shouldn't be two places controlling the same thing.
>
> Jan
>
You're right. That hunk slipped to
to tell them to enable it from
>> make menuconfig.
>>
>> Signed-off-by: Doug Goldstein
>> ---
>> CC: Jan Beulich
>> CC: Andrew Cooper
>
> I think the Cc list should be quite a bit wider here.
$ ./scripts/get_maintainer.pl
patches/v2-0002-build-co
>> That option can't be moved without providing an alternative.
>
> Why can't it be moved into tools/ if that's where it is still of interest?
>
> Jan
>
You could argue it could then move into the autoconf script which would
make the knobs more consistent for e
to tell them to enable it from
>> make menuconfig.
>>
>> Signed-off-by: Doug Goldstein
>> ---
>> CC: Jan Beulich
>> CC: Andrew Cooper
>
> I think the Cc list should be quite a bit wider here.
>
>> --- a/xen/Kconfig.debug
>> +++ b/xen/Kconfig.
ly people didn't want to alter their
workflow, I am more than happy to drop this if others concur with you.
--
Doug Goldstein
signature.asc
Description: OpenPGP digital signature
___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
ild_id } for domid=1
scontext=system_u:system_r:domU_t tcontext=system_u:system_r:xen_t
tclass=version
I'm guessing a changed happened to xl so that it queries the version
info everytime it is run.
--
Doug Goldstein
signature.asc
Description:
aps it did that always, and it has become a problem only
> because of the XSM check which the version hypercall obtained
> recently?
>
> Jan
>
That would do it as well, thank you. I knew there was a change in this
code path recently and I remembered Konrad was active in it so I C
On 5/4/16 12:20 PM, Daniel De Graaf wrote:
> On 05/04/2016 09:52 AM, Doug Goldstein wrote:
>> Hi all,
>>
>> Sometime after d4cd5a205973171475b8c63bc250c2803e0f51fa, I get the
>> following denials for any domU that attempts to run "xl". In my
>> situation
In which case it sounds as if you
> are using a non-default XSM policy?
>
I'm calling it domD (since I'm passing a device into it) but its a domU.
Ignore my wording. I've got a few extra allows at the bottom of the
default policy to allow a PCI device to be passed in.
--
Doug Goldstein
signature.asc
Description: OpenPGP digital signature
___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
On 5/4/16 12:20 PM, Daniel De Graaf wrote:
> Reported-by: Doug Goldstein
> Signed-off-by: Daniel De Graaf
> ---
> tools/flask/policy/policy/modules/xen/xen.te | 10 ++
> 1 file changed, 10 insertions(+)
>
> diff --git a/tools/flask/policy/policy/modules/xen/xe
From: Daniel De Graaf
Signed-off-by: Daniel De Graaf
Signed-off-by: Doug Goldstein
---
tools/flask/policy/policy/modules/xen/xen.te | 9 +
1 file changed, 9 insertions(+)
diff --git a/tools/flask/policy/policy/modules/xen/xen.te
b/tools/flask/policy/policy/modules/xen/xen.te
index
Most implementations of the sleep command only take integers. GNU
coreutils has a GNU extension to allow any floating point number to be
passed but we shouldn't depend on that.
Signed-off-by: Doug Goldstein
---
tools/hotplug/Linux/block-iscsi | 2 +-
tools/hotplug/Linux/i
The shebang was not on the first line in the init script and it should
be.
Signed-off-by: Doug Goldstein
---
tools/hotplug/Linux/init.d/xendriverdomain.in | 1 -
1 file changed, 1 deletion(-)
diff --git a/tools/hotplug/Linux/init.d/xendriverdomain.in
b/tools/hotplug/Linux/init.d
/drivers/img2qcow.c | 2 +-
> tools/blktap2/drivers/qcow2raw.c | 2 +-
> tools/blktap2/vhd/lib/vhd-util-check.c | 2 +-
> tools/firmware/rombios/32bit/tcgbios/tcgbios.c | 6 +++---
> 4 files changed, 6 insertions(+), 6 deletions(-)
>
For the whole se
;d like to see
and I'll go off and do it.
--
Doug Goldstein
signature.asc
Description: OpenPGP digital signature
___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
There are a number of debugging options for Xen so the idea is to have a
menu to group them all together. Enabling this menu item will also
disable NDEBUG which will result in more debug prints. This was
previously wired into the 'debug=y' command line option.
Signed-off-by: Doug
not set. As a result this changes the way the menu works to just be a plain
menu and moving the NDEBUG (!CONFIG_DEBUG) to another menu item.
change since v2:
- dropped patch 5 as it was unwanted
- remove 'default n'
- redo patch 1 as described above
Doug Goldstein (6):
build: add deb
Convert the 'lock_profile' option to Kconfig as CONFIG_LOCK_PROFILE.
Signed-off-by: Doug Goldstein
---
CC: Stefano Stabellini
CC: Julien Grall
CC: Jan Beulich
CC: Andrew Cooper
---
INSTALL| 1 -
xen/Kconfig.debug | 7 +++
xen/Rules.mk
Converts the frame_pointer option to a Kconfig option.
Signed-off-by: Doug Goldstein
---
CC: Andrew Cooper
CC: George Dunlap
CC: Ian Jackson
CC: Jan Beulich
CC: Konrad Rzeszutek Wilk
CC: Stefano Stabellini
CC: Tim Deegan
CC: Wei Liu
---
INSTALL | 1 -
xen/Kconfig.debug | 8
Convert 'verbose', which was enabled by 'debug=y' to Kconfig as
CONFIG_VERBOSE_DEBUG which is enabled by default when CONFIG_DEBUG is
enabled.
Signed-off-by: Doug Goldstein
---
CC: Stefano Stabellini
CC: Julien Grall
CC: Jan Beulich
CC: Andrew Cooper
CC: Daniel De
Convert the crash_debug option to Kconfig as CONFIG_CRASH_DEBUG. This
was previously togglable on the command line so this adds a message for
users enabling it from the command line to tell them to enable it from
make menuconfig.
Signed-off-by: Doug Goldstein
---
CC: Andrew Cooper
CC: George
Convert the 'perfc' and 'perfc_arrays' options to Kconfig as
CONFIG_PERF_COUNTERS and CONFIG_PERF_ARRAYS to minimize code changes.
Signed-off-by: Doug Goldstein
---
CC: Andrew Cooper
CC: George Dunlap
CC: Ian Jackson
CC: Jan Beulich
CC: Konrad Rzeszutek Wilk
CC: Stefano
menu must be
enabled and cannot be conditionally displayed on another option.
Roughly think of it this way:
menuconfig SOME_STATE
if SOME_STATE || EXPERT
config OTHER
endif
is the following code:
if (SOME_STATE) {
if (SOME_STATE or EXPERT) {
printf("got here\n");
}
}
--
Doug Goldstein
signature.asc
Description: OpenPGP digital signature
___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
>
> The "depends on DEBUG || EXPERT" did get lost here (or, looking at
> the following patch, a respective "if" framing them all).
>
> Jan
>
This option is always visible to someone and is not dependent on DEBUG
due to the if not being possible in the
gt;
>> --- a/xen/arch/x86/x86_64/asm-offsets.c
>> +++ b/xen/arch/x86/x86_64/asm-offsets.c
>> @@ -151,7 +151,7 @@ void __dummy__(void)
>> OFFSET(TRAPBOUNCE_eip, struct trap_bounce, eip);
>> BLANK();
>>
>> -#if PERF_COUNTERS
>> +#if CONFIG_PERF_COUNTERS
>
> Same here - I'm pretty sure I've already asked for this to become
> #ifdef.
>
> Jan
>
--
Doug Goldstein
signature.asc
Description: OpenPGP digital signature
___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
xl devd prefers to use /dev/xen/ instead of /proc/xen so the init script
should use the new interface as well and drop the legacy interface. To
check for support this uses /sys/hypervisor which has been present since
2.6.18 Xen kernels. Fix bad whitespace at the same time.
Signed-off-by: Doug
The script doesn't use any bash-isms and works fine with BusyBox's ash.
Signed-off-by: Doug Goldstein
---
tools/hotplug/Linux/init.d/xendriverdomain.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/hotplug/Linux/init.d/xendriverdomain.in
b/tools/hotplug/Li
give you
deadlocks if you try to use /proc/xen/xenbus. Xen 4.6 and newer should
prefer /dev/xen/xenbus. Same thing can happen with privcmd but making
that default didn't land until Xen 4.7. Since you're on the right
versions I expect you're using /dev/xen/xenbus but you never kn
ew one
> is after, but I would presume the standard headers are updated to
> account for this. Is there an easy way to check for this? Also, would
> the same issue cause writes to fails? Because writes from the same
> domain work fine, and appear to other domains using xenstore-ls.
&
but I would presume the standard headers are updated to
>>> account for this. Is there an easy way to check for this? Also, would
>>> the same issue cause writes to fails? Because writes from the same
>>> domain work fine, and app
1 - 100 of 937 matches
Mail list logo