flight 181015 linux-5.4 real [real]
flight 181022 linux-5.4 real-retest [real]
http://logs.test-lab.xenproject.org/osstest/logs/181015/
http://logs.test-lab.xenproject.org/osstest/logs/181022/
Failures :-/ but no regressions.
Tests which are failing intermittently (not blocking):
test-arm64-arm6
On Fri, 26 May 2023, Jan Beulich wrote:
> On 25.05.2023 21:54, Stefano Stabellini wrote:
> > On Thu, 25 May 2023, Jan Beulich wrote:
> >> On 25.05.2023 01:51, Stefano Stabellini wrote:
> >>> xen/irq: fix races between send_cleanup_vector and _clear_irq_vector
> >>
> >> This title is, I'm afraid, al
On Mon, May 29, 2023 at 06:48:03PM +0200, Mickaël Salaün wrote:
>
> On 08/05/2023 23:11, Wei Liu wrote:
> > On Fri, May 05, 2023 at 05:20:42PM +0200, Mickaël Salaün wrote:
> > > This enables guests to lock their CR0 and CR4 registers with a subset of
> > > X86_CR0_WP, X86_CR4_SMEP, X86_CR4_SMAP, X
On Tue, 30 May 2023, Jan Beulich wrote:
> Hidden devices (e.g. an add-in PCI serial card used for Xen's serial
> console) are associated with DomXEN, not Dom0. This means that while
> looking for overlapping BARs such devices cannot be found on Dom0's list
> of devices; DomXEN's list also needs to
flight 181018 xen-unstable-smoke real [real]
http://logs.test-lab.xenproject.org/osstest/logs/181018/
Failures :-/ but no regressions.
Tests which did not succeed, but are not blocking:
test-amd64-amd64-libvirt 15 migrate-support-checkfail never pass
test-arm64-arm64-xl-xsm 1
On Fri, 26 May 2023, Jan Beulich wrote:
> On 25.05.2023 21:32, Stefano Stabellini wrote:
> > Like I wrote, personally I am happy with whatever gets us to have the PVH
> > test in gitlab-ci faster.
> >
> > However, on the specific problem of PCI devices used by Xen and how to
> > deal with them for
On Fri, 26 May 2023, Jan Beulich wrote:
> On 25.05.2023 21:24, Stefano Stabellini wrote:
> > On Thu, 25 May 2023, Jan Beulich wrote:
> >> On 25.05.2023 01:37, Stefano Stabellini wrote:
> >>> On Wed, 24 May 2023, Jan Beulich wrote:
> >> RFC: _setup_hwdom_pci_devices()' loop may want splitting: F
flight 181013 qemu-mainline real [real]
http://logs.test-lab.xenproject.org/osstest/logs/181013/
Regressions :-(
Tests which did not succeed and are blocking,
including tests which could not be run:
build-arm64-xsm 6 xen-buildfail REGR. vs. 180691
build-arm64
On Tue, 30 May 2023, Juergen Gross wrote:
> In xen/include/public/io/9pfs.h the name of the Xenstore backend node
> "security-model" should be "security_model", as this is how the Xen
> tools are creating it and qemu is reading it.
>
> Fixes: ad58142e73a9 ("xen/public: move xenstore related doc in
On Fri, May 12, 2023 at 02:48:51PM -0500, Bjorn Helgaas wrote:
> On Fri, May 12, 2023 at 01:56:29PM +0300, Andy Shevchenko wrote:
> > On Tue, May 09, 2023 at 01:21:22PM -0500, Bjorn Helgaas wrote:
> > > On Tue, Apr 04, 2023 at 11:11:01AM -0500, Bjorn Helgaas wrote:
> > > > On Thu, Mar 30, 2023 at 0
On 5/30/23 15:39, Thomas Gleixner wrote:
On Tue, May 30 2023 at 15:03, Tom Lendacky wrote:
On 5/30/23 14:51, Thomas Gleixner wrote:
That aside. From a semantical POV making this decision about parallel
bootup based on some magic CC encryption attribute is questionable.
I'm tending to just do t
On Tue, May 30 2023 at 15:03, Tom Lendacky wrote:
> On 5/30/23 14:51, Thomas Gleixner wrote:
>> That aside. From a semantical POV making this decision about parallel
>> bootup based on some magic CC encryption attribute is questionable.
>>
>> I'm tending to just do the below and make this CC agnos
Set "opened" to "0" before the hotplug script is called. Once the
device node has been opened, set "opened" to "1".
"opened" is used exclusively by userspace. It serves two purposes:
1. It tells userspace that the diskseq Xenstore entry is supported.
2. It tells userspace that it can wait for
This allows specifying a disk sequence number in XenStore. If it does
not match the disk sequence number of the underlying device, the device
will not be exported and a warning will be logged. Userspace can use
this to eliminate race conditions due to major/minor number reuse.
Old kernels do not
This adds a couple of BUILD_BUG_ON()s and moves some arithmetic after
the validation code that checks the arithmetic’s preconditions. The
previous code was correct but could potentially trip sanitizers that
check for unsigned integer wraparound.
Signed-off-by: Demi Marie Obenour
---
drivers/blo
Not only is this helpful for debugging, it also saves the caller an
ioctl in the case where a device should be used if it exists or created
otherwise. To ensure existing userspace is not broken, this feature is
only enabled in strict mode.
Signed-off-by: Demi Marie Obenour
---
drivers/md/dm-ioc
The previous patch for checking diskseq in blkback is not enough to
prevent the following race:
1. Program X opens a loop device
2. Program X gets the diskseq of the loop device.
3. Program X associates a file with the loop device.
4. Program X passes the loop device major, minor, and diskseq to
Typical userspace setups create a symlink under /dev/mapper with the
name of the device, but /dev/mapper/control is reserved for the control
device. Therefore, trying to create such a device is almost certain to
be a userspace bug.
Signed-off-by: Demi Marie Obenour
---
drivers/md/dm-ioctl.c | 7
Using either of these is going to greatly confuse userspace, as they are
not valid symlink names and so creating the usual /dev/mapper/NAME
symlink will not be possible. As creating a device with either of these
names is almost certainly a userspace bug, just error out.
Signed-off-by: Demi Marie
Userspace can use this to avoid spamming udev with events that udev
should ignore.
Signed-off-by: Demi Marie Obenour
---
drivers/md/dm-core.h | 2 +
drivers/md/dm-ioctl.c | 78 ++-
drivers/md/dm.c | 5 ++-
include/linux/device-mapp
This can be used to avoid race conditions in which a device is destroyed
and recreated with the same major/minor, name, or UUID. diskseqs are
only honored if strict parameter checking is on, to avoid any risk of
breaking old userspace.
Signed-off-by: Demi Marie Obenour
---
drivers/md/dm-ioctl.c
Currently, device-mapper ioctls ignore unknown flags. This makes
adding new flags to a given ioctl risky, as it could potentially break
old userspace.
To solve this problem, allow userspace to pass 5 as the major version to
any ioctl. This causes the kernel to reject any flags that are not
suppo
The version is fetched once in check_version(), which then does some
validation and then overwrites the version in userspace with the API
version supported by the kernel. copy_params() then fetches the version
from userspace *again*, and this time no validation is done. The result
is that the ker
The NUL terminator for each target parameter string must preceed the
following 'struct dm_target_spec'. Otherwise, dm_split_args() might
corrupt this struct.
Signed-off-by: Demi Marie Obenour
Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Cc: sta...@vger.kernel.org
---
drivers/md/dm-ioctl.c | 32
Previously the error was "unable to find target", which is not helpful.
Signed-off-by: Demi Marie Obenour
---
drivers/md/dm-ioctl.c | 8 +---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/drivers/md/dm-ioctl.c b/drivers/md/dm-ioctl.c
index
a1d5fe64e1d0d9d3dcb06924249b89fe661
Otherwise subsequent code will dereference a misaligned
`struct dm_target_spec *`, which is undefined behavior.
Signed-off-by: Demi Marie Obenour
Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Cc: sta...@vger.kernel.org
---
drivers/md/dm-ioctl.c | 7 +++
1 file changed, 7 insertions(+)
diff --git
Especially on 32-bit systems, it is possible for the pointer arithmetic
to overflow and cause a userspace pointer to be dereferenced in the
kernel.
Signed-off-by: Demi Marie Obenour
Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Cc: sta...@vger.kernel.org
---
drivers/md/dm-ioctl.c | 19 +++
This prevents dm_split_args() from corrupting this struct.
Signed-off-by: Demi Marie Obenour
Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Cc: sta...@vger.kernel.org
---
drivers/md/dm-ioctl.c | 6 ++
1 file changed, 6 insertions(+)
diff --git a/drivers/md/dm-ioctl.c b/drivers/md/dm-ioctl.c
index
This work aims to allow userspace to create and destroy block devices
in a race-free way, and to allow them to be exposed to other Xen VMs via
blkback without races.
Changes since v1:
- Several device-mapper fixes added.
- The diskseq is now a separate Xenstore node, rather than being part of
p
flight 181012 linux-linus real [real]
flight 181017 linux-linus real-retest [real]
http://logs.test-lab.xenproject.org/osstest/logs/181012/
http://logs.test-lab.xenproject.org/osstest/logs/181017/
Regressions :-(
Tests which did not succeed and are blocking,
including tests which could not be run
Tue, 30 May 2023 09:46:54 +0200 Olaf Hering :
> Did osstest actually spot any HVM error?
> To me it looks like 180992 shows many failures, but nothing fatal.
I think osstest does not run Xen with xentrace enabled,
so it can not spot the failure I'm seeing.
Olaf
pgpxSe3PNFiwF.pgp
Description: D
Tue, 30 May 2023 10:41:07 +0200 Jan Beulich :
> Using this N would be correct afaict, but that N isn't num_online_cpus().
> CPUs may have been offlined by the time trace buffers are initialized, so
> without looking too closely I think it would be num_present_cpus() that
> you're after.
In my tes
On 5/30/23 14:51, Thomas Gleixner wrote:
On Tue, May 30 2023 at 09:56, Sean Christopherson wrote:
On Tue, May 30, 2023, Thomas Gleixner wrote:
On Tue, May 30 2023 at 15:29, Kirill A. Shutemov wrote:
On Tue, May 30, 2023 at 02:09:17PM +0200, Thomas Gleixner wrote:
The decision to allow paralle
On Tue, May 30 2023 at 09:56, Sean Christopherson wrote:
> On Tue, May 30, 2023, Thomas Gleixner wrote:
>> On Tue, May 30 2023 at 15:29, Kirill A. Shutemov wrote:
>> > On Tue, May 30, 2023 at 02:09:17PM +0200, Thomas Gleixner wrote:
>> >> The decision to allow parallel bringup of secondary CPUs che
flight 181016 xen-unstable-smoke real [real]
http://logs.test-lab.xenproject.org/osstest/logs/181016/
Failures :-/ but no regressions.
Tests which did not succeed, but are not blocking:
test-amd64-amd64-libvirt 15 migrate-support-checkfail never pass
test-arm64-arm64-xl-xsm 1
Stop using the .bdrv_co_io_plug() API because it is not multi-queue
block layer friendly. Use the new blk_io_plug_call() API to batch I/O
submission instead.
Note that a dev_max_batch check is dropped in laio_io_unplug() because
the semantics of unplug_fn() are different from .bdrv_co_unplug():
1.
Introduce a new API for thread-local blk_io_plug() that does not
traverse the block graph. The goal is to make blk_io_plug() multi-queue
friendly.
Instead of having block drivers track whether or not we're in a plugged
section, provide an API that allows them to defer a function call until
we're u
Stop using the .bdrv_co_io_plug() API because it is not multi-queue
block layer friendly. Use the new blk_io_plug_call() API to batch I/O
submission instead.
Signed-off-by: Stefan Hajnoczi
Reviewed-by: Eric Blake
Reviewed-by: Stefano Garzarella
---
v2
- Removed whitespace hunk [Eric]
---
inclu
No block driver implements .bdrv_co_io_plug() anymore. Get rid of the
function pointers.
Signed-off-by: Stefan Hajnoczi
Reviewed-by: Eric Blake
Reviewed-by: Stefano Garzarella
---
include/block/block-io.h | 3 ---
include/block/block_int-common.h | 11 --
block/io.c
Stop using the .bdrv_co_io_plug() API because it is not multi-queue
block layer friendly. Use the new blk_io_plug_call() API to batch I/O
submission instead.
Signed-off-by: Stefan Hajnoczi
Reviewed-by: Eric Blake
Reviewed-by: Stefano Garzarella
---
v2
- Add missing #include and fix blkio_unplug
Stop using the .bdrv_co_io_plug() API because it is not multi-queue
block layer friendly. Use the new blk_io_plug_call() API to batch I/O
submission instead.
Signed-off-by: Stefan Hajnoczi
Reviewed-by: Eric Blake
Reviewed-by: Stefano Garzarella
---
v2
- Remove unused nvme_process_completion_que
v3
- Patch 5: Mention why dev_max_batch condition was dropped [Stefano]
v2
- Patch 1: "is not be freed" -> "is not freed" [Eric]
- Patch 2: Remove unused nvme_process_completion_queue_plugged trace event
[Stefano]
- Patch 3: Add missing #include and fix blkio_unplug_fn() prototype [Stefano]
- Pat
On Tue, May 30, 2023, Kirill A. Shutemov wrote:
> On Tue, May 30, 2023 at 06:00:46PM +0200, Thomas Gleixner wrote:
> > On Tue, May 30 2023 at 15:29, Kirill A. Shutemov wrote:
> > > On Tue, May 30, 2023 at 02:09:17PM +0200, Thomas Gleixner wrote:
> > >> The decision to allow parallel bringup of seco
On 30/05/2023 2:58 pm, Alejandro Vallejo wrote:
> Expose AutoIBRS to HVM guests. EFER is swapped by VMRUN, so Xen only has to
> make sure writes to EFER.AIBRSE are gated on the feature being exposed.
>
> Also hide EFER.AIBRSE from PV guests as they have no say in the matter.
>
> Signed-off-by: Alej
On 30/05/2023 2:58 pm, Alejandro Vallejo wrote:
> This is an AMD feature to reduce the IBRS handling overhead. Once enabled,
> processes running at CPL=0 are automatically IBRS-protected even if
> SPEC_CTRL.IBRS is not set. Furthermore, the RAS/RSB is cleared on VMEXIT.
>
> The feature is exposed i
On Mon, May 29, 2023 at 10:50:34AM +0200, Stefano Garzarella wrote:
> On Wed, May 24, 2023 at 03:36:34PM -0400, Stefan Hajnoczi wrote:
> > On Wed, May 24, 2023 at 10:52:03AM +0200, Stefano Garzarella wrote:
> > > On Tue, May 23, 2023 at 01:12:59PM -0400, Stefan Hajnoczi wrote:
> > > > Stop using th
On Thu, May 25, 2023 at 06:28:18PM +0300, Oleksii Kurochko wrote:
> After introduction of initial pagetables there is no any sense
> in dummy_bss variable as bss section will not be empty anymore.
>
> Signed-off-by: Oleksii Kurochko
> ---
> Changes in V9:
> - Nothing changed. Only rebase
> ---
>
On Thu, May 25, 2023 at 06:28:15PM +0300, Oleksii Kurochko wrote:
> The idea was taken from xvisor but the following changes
> were done:
> * Use only a minimal part of the code enough to enable MMU
> * rename {_}setup_initial_pagetables functions
> * add an argument for setup_initial_mapping to ha
On Tue, May 30, 2023 at 06:00:46PM +0200, Thomas Gleixner wrote:
> On Tue, May 30 2023 at 15:29, Kirill A. Shutemov wrote:
> > On Tue, May 30, 2023 at 02:09:17PM +0200, Thomas Gleixner wrote:
> >> The decision to allow parallel bringup of secondary CPUs checks
> >> CC_ATTR_GUEST_STATE_ENCRYPT to de
On Thu, May 25, 2023 at 06:28:16PM +0300, Oleksii Kurochko wrote:
> bss clear cycle requires proper alignment of __bss_start.
>
> ALIGN(PAGE_SIZE) before "*(.bss.page_aligned)" in xen.lds.S
> was removed as any contribution to "*(.bss.page_aligned)" have to
> specify proper aligntment themselves.
On Thu, May 25, 2023 at 06:28:17PM +0300, Oleksii Kurochko wrote:
> The patch does two thing:
> 1. Setup initial pagetables.
> 2. Enable MMU which end up with code in
>cont_after_mmu_is_enabled()
>
> Signed-off-by: Oleksii Kurochko
> ---
> Changes in V9:
> - Nothing changed. Only rebase
> --
On Thu, May 25, 2023 at 06:28:14PM +0300, Oleksii Kurochko wrote:
> Also it was added explanation about ignoring of top VA bits
>
> Signed-off-by: Oleksii Kurochko
> ---
> Changes in V9:
> - Update comment for VM layout description.
> ---
> Changes in V8:
> - Add "#ifdef RV_STAGE1_MODE == SATP_
On Tue, May 30, 2023, Thomas Gleixner wrote:
> On Tue, May 30 2023 at 15:29, Kirill A. Shutemov wrote:
> > On Tue, May 30, 2023 at 02:09:17PM +0200, Thomas Gleixner wrote:
> >> The decision to allow parallel bringup of secondary CPUs checks
> >> CC_ATTR_GUEST_STATE_ENCRYPT to detect encrypted guest
flight 181014 xen-unstable-smoke real [real]
http://logs.test-lab.xenproject.org/osstest/logs/181014/
Failures and problems with tests :-(
Tests which did not succeed and are blocking,
including tests which could not be run:
test-amd64-amd64-xl-qemuu-debianhvm-amd64 broken
tes
Am 16.05.2023 um 21:02 hat Stefan Hajnoczi geschrieben:
> The aio_disable_external() API temporarily suspends file descriptor monitoring
> in the event loop. The block layer uses this to prevent new I/O requests being
> submitted from the guest and elsewhere between bdrv_drained_begin() and
> bdrv_
On Fri, 2023-05-26 at 17:22 +0200, Mickaël Salaün wrote:
> > > Can the guest kernel ask the host VMM's emulated devices to DMA
> > > into
> > > the protected data? It should go through the host userspace
> > > mappings I
> > > think, which don't care about EPT permissions. Or did I miss
> > > where
On Wed, Apr 05, 2023 at 12:15:26PM +0200, Jan Beulich wrote:
> On 31.03.2023 11:59, Roger Pau Monne wrote:
> > Only set the GOP mode if vga is selected in the console option,
>
> This particular aspect of the behavior is inconsistent with legacy
> boot behavior: There "vga=" isn't qualified by wha
On Tue, May 30 2023 at 15:29, Kirill A. Shutemov wrote:
> On Tue, May 30, 2023 at 02:09:17PM +0200, Thomas Gleixner wrote:
>> The decision to allow parallel bringup of secondary CPUs checks
>> CC_ATTR_GUEST_STATE_ENCRYPT to detect encrypted guests. Those cannot use
>> parallel bootup because access
On 29.05.2023 14:13, Oleksii Kurochko wrote:
> --- a/xen/arch/riscv/include/asm/bug.h
> +++ b/xen/arch/riscv/include/asm/bug.h
> @@ -7,4 +7,32 @@
> #ifndef _ASM_RISCV_BUG_H
> #define _ASM_RISCV_BUG_H
>
> +#ifndef __ASSEMBLY__
> +
> +#define BUG_INSTR "ebreak"
> +
> +/*
> + * The base instructio
On 29.05.2023 14:13, Oleksii Kurochko wrote:
> --- a/xen/arch/riscv/traps.c
> +++ b/xen/arch/riscv/traps.c
> @@ -12,6 +12,31 @@
> #include
> #include
>
> +#define cast_to_bug_frame(addr) \
> +(const struct bug_frame *)(addr)
I can't find a use for this; should it be dropped or moved to s
On 30.05.2023 17:34, Andrew Cooper wrote:
> * Rename IBRS_ALL to EIBRS. EIBRS is the term that everyone knows, and this
>makes ARCH_CAPS_EIBRS match the X86_FEATURE_EIBRS form.
> * Print RRSBA too, which is also a hint about behaviour.
>
> Signed-off-by: Andrew Cooper
Reviewed-by: Jan Beu
* Rename IBRS_ALL to EIBRS. EIBRS is the term that everyone knows, and this
makes ARCH_CAPS_EIBRS match the X86_FEATURE_EIBRS form.
* Print RRSBA too, which is also a hint about behaviour.
Signed-off-by: Andrew Cooper
---
CC: Jan Beulich
CC: Roger Pau Monné
CC: Wei Liu
---
xen/arch/x86/
For an approach like that used in "x86: detect PIT aliasing on ports
other than 0x4[0-3]" [1] to work, channel 2 may not (appear to) continue
counting when "gate" is low. Record the time when "gate" goes low, and
adjust pit_get_{count,out}() accordingly. Additionally for most of the
modes a rising
To avoid the need for a forward declaration of pit_load_count() in a
subsequent change, move it earlier in the file (along with its helper
callback).
Signed-off-by: Jan Beulich
--- a/xen/arch/x86/emul-i8254.c
+++ b/xen/arch/x86/emul-i8254.c
@@ -87,6 +87,57 @@ static int pit_get_count(PITState *p
This addresses an observation made while putting together "x86: detect
PIT aliasing on ports other than 0x4[0-3]".
1: re-order functions
2: account for "counter stopped" time
Jan
On Mon, May 22, 2023 at 04:17:50PM +0200, Juergen Gross wrote:
> The attached diff is for patch 13.
Merged and pushed out into same branch.
Next issue. Diffing /proc/mtrr shows:
--- proc-mtrr.6.3 2023-05-30 17:00:13.215999483 +0200
+++ proc-mtrr.after 2023-05-30 16:01:38.281997816 +020
On Tue, May 30, 2023 at 04:23:21PM +0200, Jan Beulich wrote:
> On 30.05.2023 15:21, Roger Pau Monné wrote:
> > On Tue, May 30, 2023 at 10:06:27AM +0200, Jan Beulich wrote:
> >> On 29.05.2023 15:34, Roger Pau Monné wrote:
> >>> On Tue, May 23, 2023 at 01:30:51PM +0200, Jan Beulich wrote:
> Note
Since firmware doesn't indicate the iBFT in the E820, add a reserved
region so that it gets identity mapped when running as Dom 0 so that it
is possible to search for it. Move the call to reserve_ibft_region()
later so that it is called after the Xen identity mapping adjustments
are applied.
Final
> From: Jan Beulich
> Sent: Thursday, May 25, 2023 10:31 AM
> To: Ross Lagerwall
> Cc: Thomas Gleixner ; Ingo Molnar ;
> Borislav Petkov ; Dave Hansen ;
> x...@kernel.org ; Juergen Gross ; Boris
> Ostrovsky ; Peter Jones ;
> Konrad Rzeszutek Wilk ; linux-ker...@vger.kernel.org
> ; xen-devel@
On 30.05.2023 15:25, Andrew Cooper wrote:
> On 30/05/2023 10:40 am, Jan Beulich wrote:
>> On 26.05.2023 13:06, Andrew Cooper wrote:
>>> --- a/xen/arch/x86/cpu-policy.c
>>> +++ b/xen/arch/x86/cpu-policy.c
>>> @@ -423,8 +423,14 @@ static void __init
>>> guest_common_max_feature_adjustments(uint32_t
On 30.05.2023 15:21, Roger Pau Monné wrote:
> On Tue, May 30, 2023 at 10:06:27AM +0200, Jan Beulich wrote:
>> On 29.05.2023 15:34, Roger Pau Monné wrote:
>>> On Tue, May 23, 2023 at 01:30:51PM +0200, Jan Beulich wrote:
Note that the FB-label in autogen_stubs() cannot be converted just yet:
>>>
On 30.05.2023 15:36, Roger Pau Monné wrote:
> On Tue, May 30, 2023 at 02:38:56PM +0200, Jan Beulich wrote:
>> Hidden devices (e.g. an add-in PCI serial card used for Xen's serial
>> console) are associated with DomXEN, not Dom0. This means that while
>> looking for overlapping BARs such devices can
This is an AMD feature to reduce the IBRS handling overhead. Once enabled,
processes running at CPL=0 are automatically IBRS-protected even if
SPEC_CTRL.IBRS is not set. Furthermore, the RAS/RSB is cleared on VMEXIT.
The feature is exposed in CPUID and toggled in EFER.
Signed-off-by: Alejandro Va
In cases where AutoIBRS is supported by the host:
* Prefer AutoIBRS to retpolines as BTI mitigation in heuristics
calculations.
* Always enable AutoIBRS if IBRS is chosen as a BTI mitigation.
* Avoid stuffing the RAS/RSB on VMEXIT if AutoIBRS is enabled.
Signed-off-by: Alejandro Vallejo
---
v2
Expose AutoIBRS to HVM guests. EFER is swapped by VMRUN, so Xen only has to
make sure writes to EFER.AIBRSE are gated on the feature being exposed.
Also hide EFER.AIBRSE from PV guests as they have no say in the matter.
Signed-off-by: Alejandro Vallejo
Reviewed-by: Andrew Cooper
---
v2:
* Mov
v2:
* Renamed AUTOMATIC to AUTO
* Style change in xen-cpuid.c
* Swapped patches 2 and 3
* Modified trampoline_efer from the BSP so APs use it during boot and S3
wakeups pick it up.
* Avoid the delay setting AutoIBRS
Adds support for AMD's Automatic IBRS. It's a set-and-forget feature
On Tue, May 30, 2023 at 02:38:56PM +0200, Jan Beulich wrote:
> Hidden devices (e.g. an add-in PCI serial card used for Xen's serial
> console) are associated with DomXEN, not Dom0. This means that while
> looking for overlapping BARs such devices cannot be found on Dom0's list
> of devices; DomXEN'
On 30/05/2023 10:40 am, Jan Beulich wrote:
> On 26.05.2023 13:06, Andrew Cooper wrote:
>> The RSBA bit, "RSB Alternative", means that the RSB may use alternative
>> predictors when empty. From a practical point of view, this mean "Retpoline
>> not safe".
>>
>> Enhanced IBRS (officially IBRS_ALL in
flight 181007 xen-unstable real [real]
http://logs.test-lab.xenproject.org/osstest/logs/181007/
Failures :-/ but no regressions.
Tests which are failing intermittently (not blocking):
test-amd64-i386-examine-bios 6 xen-install fail in 180992 pass in 181007
test-amd64-amd64-xl-qemut-debian
On Tue, May 30, 2023 at 10:06:27AM +0200, Jan Beulich wrote:
> On 29.05.2023 15:34, Roger Pau Monné wrote:
> > On Tue, May 23, 2023 at 01:30:51PM +0200, Jan Beulich wrote:
> >> Note that the FB-label in autogen_stubs() cannot be converted just yet:
> >> Such labels cannot be used with .type. We cou
Hidden devices (e.g. an add-in PCI serial card used for Xen's serial
console) are associated with DomXEN, not Dom0. This means that while
looking for overlapping BARs such devices cannot be found on Dom0's list
of devices; DomXEN's list also needs to be scanned.
Suppress vPCI init altogether for r
On Tue, May 30, 2023 at 02:09:17PM +0200, Thomas Gleixner wrote:
> The decision to allow parallel bringup of secondary CPUs checks
> CC_ATTR_GUEST_STATE_ENCRYPT to detect encrypted guests. Those cannot use
> parallel bootup because accessing the local APIC is intercepted and raises
> a #VC or #VE,
> On 30 May 2023, at 11:14, Jan Beulich wrote:
>
> On 24.05.2023 11:43, Luca Fancellu wrote:
>>
>>
>>> On 23 May 2023, at 17:38, Anthony PERARD wrote:
>>>
>>> CFLAGS is just from Config.mk, instead use the flags used to build
>>> Xen.
>>>
>>> Signed-off-by: Anthony PERARD
>>> ---
>>>
>>>
> On 30 May 2023, at 11:32, Jan Beulich wrote:
>
> On 19.05.2023 11:30, Luca Fancellu wrote:
>> Currenly there is a latent bug that is not triggered because
>> the function cppcheck_merge_txt_fragments is called with the
>> parameter strip_paths having a list of only one element.
>>
>> The bu
The decision to allow parallel bringup of secondary CPUs checks
CC_ATTR_GUEST_STATE_ENCRYPT to detect encrypted guests. Those cannot use
parallel bootup because accessing the local APIC is intercepted and raises
a #VC or #VE, which cannot be handled at that point.
The check works correctly, but on
On Tue, May 30, 2023 at 7:48 AM Juergen Gross wrote:
>
> In xen/include/public/io/9pfs.h the name of the Xenstore backend node
> "security-model" should be "security_model", as this is how the Xen
> tools are creating it and qemu is reading it.
>
> Fixes: ad58142e73a9 ("xen/public: move xenstore r
On 05.05.2023 23:25, Marek Marczykowski-Górecki wrote:
> Not the whole page, which may contain other registers too. In fact
> on Tiger Lake and newer (at least), this page do contain other registers
> that Linux tries to use.
Please can you clarify whether this is with spec or an erratum? I ask
no
On 05.05.2023 23:25, Marek Marczykowski-Górecki wrote:
> In some cases, only few registers on a page needs to be write-protected.
> Examples include USB3 console (64 bytes worth of registers) or MSI-X's
> PBA table (which doesn't need to span the whole table either), although
> in the latter case t
In xen/include/public/io/9pfs.h the name of the Xenstore backend node
"security-model" should be "security_model", as this is how the Xen
tools are creating it and qemu is reading it.
Fixes: ad58142e73a9 ("xen/public: move xenstore related doc into 9pfs.h")
Fixes: cf1d2d22fdfd ("docs/misc: Xen tra
On Tue, May 30, 2023 at 12:34:45PM +0200, Thomas Gleixner wrote:
> On Tue, May 30 2023 at 11:26, Thomas Gleixner wrote:
> > On Tue, May 30 2023 at 03:54, Kirill A. Shutemov wrote:
> >> On Mon, May 29, 2023 at 11:31:29PM +0300, Kirill A. Shutemov wrote:
> >>> Disabling parallel bringup helps. I didn
On Tue, 2023-05-30 at 12:23 +0200, Jan Beulich wrote:
> On 25.05.2023 17:28, Oleksii Kurochko wrote:
> > Oleksii Kurochko (5):
> > xen/riscv: add VM space layout
> > xen/riscv: introduce setup_initial_pages
> > xen/riscv: align __bss_start
> > xen/riscv: setup initial pagetables
> > xen/r
Commit 438c5ffa44e99cceb574c0f9946aacacdedd2952 ("rpmball: Adjust to
new rpm, do not require --force") attempted to handle stricter
directory permissions in newer distributions.
This introduced a few issues:
- /boot used to be a constant prior commit
6475d700055fa952f7671cee982a23de2f5e4a7c ("us
On Tue, May 30, 2023 at 12:46:22PM +0200, Thomas Gleixner wrote:
> The stack locking and stack assignment macro LOAD_REALMODE_ESP fails to
> work when invoked from the 64bit trampoline entry point:
>
> trampoline_start64
> trampoline_compat
> LOAD_REALMODE_ESP <- lock
>
> Accessing tr_lock
On Tue, May 30, 2023 at 11:44:52AM +0200, Jan Beulich wrote:
> On 30.05.2023 11:12, Roger Pau Monné wrote:
> > On Tue, May 30, 2023 at 10:45:09AM +0200, Jan Beulich wrote:
> >> On 29.05.2023 10:08, Roger Pau Monné wrote:
> >>> On Thu, May 25, 2023 at 05:30:54PM +0200, Jan Beulich wrote:
> On 2
flight 181011 ovmf real [real]
http://logs.test-lab.xenproject.org/osstest/logs/181011/
Perfect :-)
All tests in this flight passed as required
version targeted for testing:
ovmf 0f9283429dd487deeeb264ee5670551d596fc208
baseline version:
ovmf 9d9761af50e538d983e00
On 23.05.2023 18:38, Anthony PERARD wrote:
> Everything needed to build the hypervisor should already be configured
> by "xen/Makefile", thus Config.mk shouldn't be needed.
"... by xen/Rules.mk." (Or else it sounds as if yo're removing its use
altogether.)
> --- a/xen/Makefile
> +++ b/xen/Makefil
The stack locking and stack assignment macro LOAD_REALMODE_ESP fails to
work when invoked from the 64bit trampoline entry point:
trampoline_start64
trampoline_compat
LOAD_REALMODE_ESP <- lock
Accessing tr_lock is only possible from 16bit mode. For the compat entry
point this needs to be pa_
On 23.05.2023 18:38, Anthony PERARD wrote:
> In xen/, it isn't necessary to include Config.mk in every Makefile in
> subdirectories as nearly all necessary variables should be calculated
> in xen/Makefile. But some Makefile make use of the macro $(cc-option,)
> that is only available in Config.mk.
On Tue, May 30 2023 at 11:26, Thomas Gleixner wrote:
> On Tue, May 30 2023 at 03:54, Kirill A. Shutemov wrote:
>> On Mon, May 29, 2023 at 11:31:29PM +0300, Kirill A. Shutemov wrote:
>>> Disabling parallel bringup helps. I didn't look closer yet. If you have
>>> an idea let me know.
>>
>> Okay, it c
On 19.05.2023 11:30, Luca Fancellu wrote:
> Currenly there is a latent bug that is not triggered because
> the function cppcheck_merge_txt_fragments is called with the
> parameter strip_paths having a list of only one element.
>
> The bug is that the split function should not be in the
> loop for
1 - 100 of 171 matches
Mail list logo
