Le 29/09/2025 à 16:09, Roger Pau Monné a écrit :
> On Mon, Sep 29, 2025 at 12:36:30PM +0000, Teddy Astie wrote:
>> flush_vcpu static function here is only used in one place which is just below
>> where it is defined. Inline the function to reduce the noise and clarify
>> what
Le 02/09/2025 à 16:10, Jan Beulich a écrit :
> On 02.09.2025 15:24, Teddy Astie wrote:
>> Le 02/09/2025 à 14:38, Jan Beulich a écrit :
>>> On 29.08.2025 11:58, Teddy Astie wrote:
>>>> @@ -505,7 +505,22 @@ smbios_type_1_init(void *start, const char
>>>> *x
Le 02/09/2025 à 14:38, Jan Beulich a écrit :
> On 29.08.2025 11:58, Teddy Astie wrote:
>> @@ -505,7 +505,22 @@ smbios_type_1_init(void *start, const char *xen_version,
>> p->version_str = 3;
>> p->serial_number_str = 4;
>>
>> -memcpy(p->
Le 02/09/2025 à 13:18, Greg Kroah-Hartman a écrit :
> On Tue, Sep 02, 2025 at 09:28:32AM +0000, Teddy Astie wrote:
>> From: Juergen Gross
>>
>> From: Juergen Gross
>>
>> [ upstream commit 41925b105e345ebc84cedb64f59d20cb14a62613 ]
>>
>> xen_remap()
ergen Gross
Signed-off-by: Teddy Astie [backport to 5.10.y]
---
Cc: Anthoine Bourgeois
Cc: Juergen Gross
Cc: Boris Ostrovsky
Cc: Stefano Stabellini
Cc: Thomas Gleixner
Cc: Ingo Molnar
Cc: Borislav Petkov
Cc: Dave Hansen
Cc: "H. Peter Anvin"
Cc: Greg Kroah-Hartman
Cc: Jiri Sl
Le 28/08/2025 à 15:05, Jan Beulich a écrit :
> On 26.06.2025 16:01, Teddy Astie wrote:
>> From: Vaishali Thakkar (formely vates.tech)
>>
>> Currently ASID generation and management is done per-PCPU. This
>> scheme is incompatible with SEV technologies as SEV VMs n
Le 28/08/2025 à 14:35, Jan Beulich a écrit :
> On 21.08.2025 17:25, Teddy Astie wrote:
>> FastABI is a alternative ABI designed with performance and coco-enabled
>> guest in mind. It is register-oriented instead of refering to C structures
>> in the guest memory (through a v
Le 28/08/2025 à 14:40, Jan Beulich a écrit :
> On 21.08.2025 17:25, Teddy Astie wrote:
>> Allow specifying in memory map a region which can be hotplugged.
>>
>> This will be used by a future memory hotplug feature.
>
> Why could this not be done the ACPI way, with the
Le 28/08/2025 à 14:30, Jan Beulich a écrit :
> On 21.08.2025 17:25, Teddy Astie wrote:
>> @@ -686,10 +691,31 @@ static int domain_construct_memmap(libxl__gc *gc,
>> /* We always own at least one lowmem entry. */
>> unsigned int e820_entries = 1;
>> st
Le 28/08/2025 à 14:16, Jan Beulich a écrit :
> On 21.08.2025 17:25, Teddy Astie wrote:
>> Make these functions work with hypervisor-owned pointer rather than
>> guest handles, so the function parameters don't have to live in guest memory.
>
> This is odd to read
Signed-off-by: Teddy Astie
---
v2:
- introduced
---
CHANGELOG.md | 1 +
1 file changed, 1 insertion(+)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 8c4435c181..80a8273d7e 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -34,6 +34,7 @@ The format is based on [Keep a
Changelog](https
users
(at least with XAPI, xl, libvirt, hvmloader and Linux).
Fixes: 30ce2a9295a5 ("Store an opaque handle (tools uuid) in the domain
structure")
Suggested-by: Andrew Cooper
Signed-off-by: Teddy Astie
---
v2:
- introduced
---
CHANGELOG.md | 1 +
xen/include/public
vmloader.")
(SMBIOS versions before 2.6 has a ill-defined UUID definition)
Signed-off-by: Teddy Astie
---
v2:
- rebase onto staging
- introduce missing SMBIOS 2.5-2.6 fields
- check for new SMBIOS 2.6 table lengths
- update UUID conversion comment
- add Fixes: note
---
tools/firmw
First patch clarifies the Xen guest handle definition as being a big
endian UUID. The second does update to SMBIOS 2.6, writing a proper
UUID in the table.
Teddy Astie (3):
xen: Define xen_domain_handle_t encoding and formatting
hvmloader: Update to SMBIOS 2.6
CHANGELOG.md: Add SMBIOS 2.6
First patch clarify the Xen guest handle definition as being a big
endian UUID. The second does update to SMBIOS 2.6, writing a proper
UUID in the table.
Teddy Astie (3):
xen: Define xen_domain_handle_t encoding and formatting
hvmloader: Update to SMBIOS 2.6
CHANGELOG.md: Add SMBIOS 2.6
users
(at least with XAPI, xl, libvirt, hvmloader and Linux).
Fixes: 30ce2a9295a5 ("Store an opaque handle (tools uuid) in the domain
structure")
Suggested-by: Andrew Cooper
Signed-off-by: Teddy Astie
---
v2:
- introduced
---
CHANGELOG.md | 1 +
xen/include/public
vmloader.")
(SMBIOS versions before 2.6 has a ill-defined UUID definition)
Signed-off-by: Teddy Astie
---
v2:
- rebase onto staging
- introduce missing SMBIOS 2.5-2.6 fields
- check for new SMBIOS 2.6 table lengths
- update UUID conversion comment
- add Fixes: note
---
tools/firmw
Signed-off-by: Teddy Astie
---
v2:
- introduced
---
CHANGELOG.md | 1 +
1 file changed, 1 insertion(+)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 8c4435c181..80a8273d7e 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -34,6 +34,7 @@ The format is based on [Keep a
Changelog](https
though it sounds a bit like this UUID could be a
little endian GUID in some cases.
Teddy Astie | Vates XCP-ng Developer
XCP-ng & Xen Orchestra - Vates solutions
web: https://vates.tech
Le 28/08/2025 à 09:08, Jan Beulich a écrit :
> On 22.08.2025 15:47, Teddy Astie wrote:
>> Currently, hvmloader uses SMBIOS 2.4, however, when using OVMF, the
>> SMBIOS is patched to 2.8, which has clarified the UUID format (as GUID).
>>
>> In Linux, if the SMBIOS version
Le 27/08/2025 à 19:49, Andrew Cooper a écrit :
> On 22/08/2025 2:47 pm, Teddy Astie wrote:
>> Currently, hvmloader uses SMBIOS 2.4, however, when using OVMF, the
>> SMBIOS is patched to 2.8, which has clarified the UUID format (as GUID).
>>
>> In Linux, if the SMBIOS
gt; +
I would prefer having hex constants (so that it matches the number
format the specification gives).
e.g
BUILD_BUG_ON(sizeof(struct smbios_type_7) != 0x13);
(same for other checks)
Teddy
Teddy Astie | Vates XCP-ng Developer
XCP-ng & Xen Orchestra - Vates solutions
web: https://vates.tech
uint8_t board_type; /* Optional */
> +uint8_t contained_handle_count; /* Optional */
> +uint16_t contained_handles[]; /* Optional */
> } __attribute__ ((packed));
>
> /* System Enclosure - Contained Elements */
> @@ -118,12 +118,12 @@ struct smbios_typ
omain_config
> *d_config, FILE *fh)
> fprintf(fh, "\t\t\t(sdl %s)\n",
> libxl_defbool_to_string(b_info->u.hvm.sdl.enable));
> fprintf(fh, "\t\t\t(opengl %s)\n",
> - libxl_defbool_to_string(b_info->u.hvm.sdl.opengl));
> + libxl_defbool_to_string(b_info->u.hvm.opengl));
> fprintf(fh, "\t\t\t(nographic %s)\n",
> libxl_defbool_to_string(b_info->u.hvm.nographic));
> fprintf(fh, "\t\t\t(spice %s)\n",
> @@ -219,10 +219,10 @@ void printf_info_sexp(int domid, libxl_domain_config
> *d_config, FILE *fh)
> fprintf(fh, "\t\t\t(vncunused %s)\n",
> libxl_defbool_to_string(d_config->vfbs[i].vnc.findunused));
> fprintf(fh, "\t\t\t(keymap %s)\n", d_config->vfbs[i].keymap);
> +fprintf(fh, "\t\t\t(opengl %s)\n",
> + libxl_defbool_to_string(d_config->vfbs[i].opengl));
> fprintf(fh, "\t\t\t(sdl %s)\n",
> libxl_defbool_to_string(d_config->vfbs[i].sdl.enable));
> -fprintf(fh, "\t\t\t(opengl %s)\n",
> - libxl_defbool_to_string(d_config->vfbs[i].sdl.opengl));
> fprintf(fh, "\t\t\t(display %s)\n", d_config->vfbs[i].sdl.display);
> fprintf(fh, "\t\t\t(xauthority %s)\n",
> d_config->vfbs[i].sdl.xauthority);
> fprintf(fh, "\t\t)\n");
Teddy Astie | Vates XCP-ng Developer
XCP-ng & Xen Orchestra - Vates solutions
web: https://vates.tech
eb7
This patch updates the SMBIOS version from 2.4 to 2.6 and fixup the UUID
written in the table; which effectively fix this endianness mismatch with
OVMF; while the UUID displayed by Linux is still the same for SeaBIOS.
Signed-off-by: Teddy Astie
---
This effectively changes the UUID seen with U
Make these functions work with hypervisor-owned pointer rather than
guest handles, so the function parameters don't have to live in guest memory.
No functional changes intended.
Signed-off-by: Teddy Astie
---
xen/arch/x86/hvm/hvm.c | 126 +++--
1
Allow specifying in memory map a region which can be hotplugged.
This will be used by a future memory hotplug feature.
Signed-off-by: Teddy Astie
---
xen/include/public/arch-x86/hvm/start_info.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/xen/include/public/arch-x86/hvm/start_info.h
b
feature is useful to allow having a working guest without
having to expose to it physmap manipulation.
[1]
https://lore.kernel.org/xen-devel/20250610162930.89055-1-roger@citrix.com/
Signed-off-by: Teddy Astie
---
.../x86/fixed-memory-layout.pandoc| 24 ++
docs/guest-guide/x86
Implement FastABI basing on docs/guest-guide/x86/fastabi.pandoc and defined ABI.
Signed-off-by: Teddy Astie
---
xen/arch/x86/cpuid.c | 3 +
xen/arch/x86/domain.c | 71 ++
xen/arch/x86/hvm/hvm.c | 81 +++-
xen/arch/x86/hvm/hypercall.c
abi-tool is a small Rust tool that is able to parse ABI yaml
files and generate C stubs for performing hypercalls.
Signed-off-by: Teddy Astie
---
Usage :
./abi-tool < abi.yaml > abi.h
---
xen/tools/abi-tool/.gitignore| 1 +
xen/tools/abi-tool/Cargo.lock
Make do_xen_version more readable by moving the main XENVER_get_features
into a separate function.
No functional changes intended.
Signed-off-by: Teddy Astie
---
xen/common/kernel.c | 84 +
1 file changed, 46 insertions(+), 38 deletions(-)
diff
Make these functions work with hypervisor-owned pointer rather than
guest handles, so the function parameters don't have to live in guest memory.
No functional changes.
Signed-off-by: Teddy Astie
---
xen/common/grant_table.c | 68 +++-
1 file change
tions.
Signed-off-by: Teddy Astie
---
docs/guest-guide/x86/fastabi.pandoc | 50 ++
docs/guest-guide/x86/index.rst | 1 +
xen/abi/event_channel.yml | 130 ++
xen/abi/grant_table.yml | 46 +
xen/abi/hvm.yml
do_poll takes sched_poll* as parameter, but that's actually in guest memory
(so it's more a guest handle). Split its copy from/to guest logic from
the main logic, so that we have a separate vcpu_poll which takes the sched_poll
parameters directly.
Signed-off-by: Teddy Astie
---
xen/co
Allow specifying in memory map a region which can be hotplugged.
This will be used by a future memory hotplug feature.
Signed-off-by: Teddy Astie
---
xen/include/public/arch-x86/hvm/start_info.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/xen/include/public/arch-x86/hvm/start_info.h
b
me example generated headers in Linux SEV WIP branch [1].
[1]
https://github.com/xcp-ng/linux/tree/xen-sev-6.14/include/xen/interface/fastabi
Teddy Astie (9):
x86/hvm: Use direct structures instead of guest handles
common: Isolate XENVER_get_features into a separate function
common/grant_table:
tore it.
> - Tagged as `safe` for ECLAIR.
Here, we are constructing a function pointer from a unsigned long. I
assume this rule goes the other way it says, and allow converting a
unsigned long into a function pointer as long as its value is a valid
function pointer.
Teddy
Teddy Astie | Vates XCP-ng Developer
XCP-ng & Xen Orchestra - Vates solutions
web: https://vates.tech
o_maddr(relocate_xen);
> relocate_xen_fn *fn = (relocate_xen_fn *)id_addr;
> lpae_t pte;
> +BUILD_BUG_ON(sizeof(unsigned long) < sizeof(fn));
>
> /* Enable the identity mapping in the boot page tables */
> update_identity_mapping(true);
> @@ -178,6 +179,7 @@ void __init switch_ttbr(uint64_t ttbr)
> vaddr_t id_addr = virt_to_maddr(switch_ttbr_id);
> switch_ttbr_fn *fn = (switch_ttbr_fn *)id_addr;
> lpae_t pte;
> +BUILD_BUG_ON(sizeof(unsigned long) < sizeof(fn));
>
> /* Enable the identity mapping in the boot page tables */
> update_identity_mapping(true);
Teddy Astie | Vates XCP-ng Developer
XCP-ng & Xen Orchestra - Vates solutions
web: https://vates.tech
Add "virtio" vga which uses the virtio-vga device provided by upstream QEMU.
It is VGA compatible and can be enlightened with virtio-gpu drivers which are
available since Linux 4.4 and as a part of KVM Windows drivers.
Signed-off-by: Teddy Astie
---
CHANGELOG.md |
Le 31/07/2025 à 17:54, Jan Beulich a écrit :
> On 26.06.2025 16:01, Teddy Astie wrote:
>> Rewrite this function such as it doesn't rely on goto, also change the
>> type of "type" to match the __invvpid function call.
>
> While this type change is probably
...
}
```
As there could be cases of limited backward compatibility, or multiple
diverging subarchs variants.
Teddy
Teddy Astie | Vates XCP-ng Developer
XCP-ng & Xen Orchestra - Vates solutions
web: https://vates.tech
Le 30/07/2025 à 18:40, Teddy Astie a écrit :
> When settings HVM_PARAM_IDENT_PT, skip domain pausing when :
> - there is no vcpu
> - unrestricted guest capability is used
>
> Signed-off-by: Teddy Astie
> ---
> xen/arch/x86/hvm/hvm.c | 4 +++-
> 1 file changed, 3 i
When settings HVM_PARAM_IDENT_PT, skip domain pausing when :
- there is no vcpu
- unrestricted guest capability is used
Signed-off-by: Teddy Astie
---
xen/arch/x86/hvm/hvm.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
drivers/vpci/vpci.c
> index 09988f04c2..7af6651831 100644
> --- a/xen/drivers/vpci/vpci.c
> +++ b/xen/drivers/vpci/vpci.c
> @@ -120,6 +120,7 @@ void vpci_deassign_device(struct pci_dev *pdev)
> for ( i = 0; i < ARRAY_SIZE(pdev->vpci->header.bars); i++ )
> rangeset_destroy(pdev->vpci->header.bars[i].mem);
>
> +xfree(pdev->vpci->sriov);
> xfree(pdev->vpci->msix);
> xfree(pdev->vpci->msi);
> xfree(pdev->vpci);
> diff --git a/xen/include/xen/vpci.h b/xen/include/xen/vpci.h
> index 06f7039f20..9e8dcab17e 100644
> --- a/xen/include/xen/vpci.h
> +++ b/xen/include/xen/vpci.h
> @@ -138,7 +138,6 @@ struct vpci {
>* upon to know whether BARs are mapped into the guest p2m.
>*/
> bool bars_mapped : 1;
> -/* FIXME: currently there's no support for SR-IOV. */
> } header;
>
> /* MSI data. */
> @@ -192,6 +191,12 @@ struct vpci {
> struct vpci_arch_msix_entry arch;
> } entries[];
> } *msix;
> +
> +struct vpci_sriov {
> +/* PF only */
> +struct vpci_bar vf_bars[PCI_SRIOV_NUM_BARS];
> +} *sriov;
> +
> #ifdef CONFIG_HAS_VPCI_GUEST_SUPPORT
> /* Guest SBDF of the device. */
> #define INVALID_GUEST_SBDF ((pci_sbdf_t){ .sbdf = ~0U })
Teddy Astie | Vates XCP-ng Developer
XCP-ng & Xen Orchestra - Vates solutions
web: https://vates.tech
pci_ecam_read(pci_sbdf_t sbdf, unsigned int reg,
> unsigned int len,
>
> /* Map/unmap the BARs of a vPCI device. */
> int vpci_modify_bars(const struct pci_dev *pdev, uint16_t cmd, bool
> rom_only);
> +int vpci_bar_add_rangeset(const struct pci_dev *pdev, struct vpci_bar *bar
Le 25/07/2025 à 16:26, Mykyta Poturai a écrit :
> From: Stewart Hildebrand
>
> Export functions required for SR-IOV support.
>
> Signed-off-by: Stewart Hildebrand
> Signed-off-by: Mykyta Poturai
Reviewed-by: Teddy Astie
Thanks
Teddy Astie | Vates XCP-ng Developer
XCP-
Le 25/07/2025 à 16:26, Mykyta Poturai a écrit :
> From: Stewart Hildebrand
>
> Export functions required for SR-IOV support.
>
> Signed-off-by: Stewart Hildebrand
> Signed-off-by: Mykyta Poturai
Reviewed-by: Teddy Astie
Thanks
Teddy Astie | Vates XCP-ng Developer
XCP-
xenmem_reservation_increase currently calls XENMEM_populate_physmap.
Rename the function to avoid confusion with XENMEM_increase_reservation.
Signed-off-by: Teddy Astie
---
Cc: Juergen Gross
Cc: Stefano Stabellini
Cc: Oleksandr Tyshchenko
---
drivers/xen/balloon.c | 2 +-
drivers/xen
Le 23/07/2025 à 13:16, Andrew Cooper a écrit :
> On 23/07/2025 10:05 am, Teddy Astie wrote:
>> do_sched_op(SCHEDOP_yield) just calls vcpu_yield(). Remove the indirection
>> through the hypercall handler and use the function directly.
>>
>> Perform the same for SCHEDOP_bl
do_sched_op(SCHEDOP_yield) just calls vcpu_yield(). Remove the indirection
through the hypercall handler and use the function directly.
Perform the same for SCHEDOP_block.
Not a functional change.
Signed-off-by: Teddy Astie
---
v2:
- For SCHEDOP_block case: export and use
do_sched_op(SCHEDOP_yield) just calls vcpu_yield(). Remove the indirection
through the hypercall handler and use the function directly.
Perform the same for SCHEDOP_block.
Not a functional change.
Signed-off-by: Teddy Astie
---
xen/arch/x86/hvm/hvm.c | 3 ++-
xen/arch/x86/hvm
ven when flush-by-asid is available.
Fixes: 64b1da5a2fcf ("x86/svm: Use flush-by-asid when available")
Signed-off-by: Teddy Astie
Reviewed-by: Jan Beulich
---
This patch has been sent first at the security mailing list
(secur...@xenproject.org)
which asked me to publish it public
t; No functional change.
>
> Signed-off-by: Denis Mukhin
Reviewed-by: Teddy Astie
> ---
> Changes since v7:
> - use ARRAY_SIZE() for cons->buf checks
> - update the commit message
> ---
> xen/arch/arm/vpl011.c | 2 +-
> xen/arch/x86/hvm/hvm.c
(struct sk_buff *skb,
> struct net_device *dev
> tx_stats->packets++;
> u64_stats_update_end(&tx_stats->syncp);
>
> - /* Note: It is not safe to access skb after xennet_tx_buf_gc()! */
> - xennet_tx_buf_gc(queue);
> -
> if (!netfront_tx_slot_available(q
ff-by: Teddy Astie [backport to 5.15.y]
---
v3:
- add missing hvc_xen.c change
v2:
- also remove xen_remap/xen_unmap on ARM
---
arch/x86/include/asm/xen/page.h | 3 ---
drivers/tty/hvc/hvc_xen.c | 2 +-
drivers/xen/grant-table.c | 6 +++---
drivers/xen/xenbus/xenbus_probe.
ff-by: Teddy Astie [backport to 5.15.y]
---
v2:
- also remove xen_remap/xen_unmap on ARM
---
arch/x86/include/asm/xen/page.h | 3 ---
drivers/xen/grant-table.c | 6 +++---
drivers/xen/xenbus/xenbus_probe.c | 3 +--
include/xen/arm/page.h| 3 ---
4 files changed, 4 insertions(+
ff-by: Teddy Astie [backport to 5.15.y]
---
arch/x86/include/asm/xen/page.h | 3 ---
drivers/xen/grant-table.c | 6 +++---
drivers/xen/xenbus/xenbus_probe.c | 3 +--
3 files changed, 4 insertions(+), 8 deletions(-)
diff --git a/arch/x86/include/asm/xen/page.h b/arch/x86/include/asm/xen/p
sh-by-asid
tlb_control on AMD).
Changes were tested on Intel Haswell, KVM AMD virtual machine and AMD EPYC
Genoa.
Teddy Astie (3):
vmx: Rewrite vpid_sync_vcpu_gva
vmx: Introduce vcpu single context VPID invalidation
x86/hvm: Introduce Xen-wide ASID allocator
xen/arch/x86/flushtlb.c
Rewrite this function such as it doesn't rely on goto, also change the
type of "type" to match the __invvpid function call.
Suggested-by: Jan Beulich
Signed-off-by: Teddy Astie
---
xen/arch/x86/include/asm/hvm/vmx/vmx.h | 29 +-
1 file changed, 10 in
e TLB invalidations.
Introduce vcpu->needs_tlb_flush attribute to schedule a guest TLB
flush for the next VMRUN/VMENTER. This will be later be done using
either TLB_CONTROL field (AMD) or INVEPT (Intel). This flush method
is used in place of the current ASID swapping logic.
Signed-off-by: Teddy Astie
Si
Introduce vpid_sync_vcpu_context to do a single-context invalidation
on the vpid attached to the vcpu as a alternative to per-gva and all-context
invlidations.
Signed-off-by: Teddy Astie
---
xen/arch/x86/include/asm/hvm/vmx/vmx.h | 13 +
1 file changed, 13 insertions(+)
diff --git
.e systematically flush the guest TLB before entering the vcpu and
using a "blank" VMID)
I don't expect a lot of platforms to allow for 32 pCPU while not giving
more than 16 VMID values. So it would just be less efficient in that
case at worst.
Teddy
Teddy Astie | Vates XCP-ng Developer
XCP-ng & Xen Orchestra - Vates solutions
web: https://vates.tech
el)
In userland, this could take the form as xenstored pushing multiples
messages through a single send(), so the client would be able to perform
all the recv() at once.
> Is this beyond the scope of what xenstored wants to do? From a first
> glance,
> this does not seem to introduce obvious
Le 12/06/2025 à 14:12, Jan Beulich a écrit :
> On 12.06.2025 13:45, Teddy Astie wrote:
>> In Xen x86, there is the shadow paging that could be used in some cases
>> (notably with HVM), and is used when HAP is not available. It may also
>> be used in very specific cases for
the current plan of hardening the privcmd device is going to be
very hard for sure.
dom0-iommu=strict is a good mitigations in case untrusted parties of the
dom0 get direct access to a devices. However, as it is now, it implies a
IOTLB flush for each grant mapping done, which severely impede PV
p
Hello,
In Xen x86, there is the shadow paging that could be used in some cases
(notably with HVM), and is used when HAP is not available. It may also
be used in very specific cases for PV guests.
With the vast majority of hardware supporting HAP (through EPT or NPT),
it's rarely used in practi
Hello,
Le 10/06/2025 à 02:45, dm...@proton.me a écrit :
> From: Denis Mukhin
>
> Rewrite emulation_flags_ok() to simplify future modifications.
>
> No functional change intended.
>
> Signed-off-by: Denis Mukhin
Reviewed-by: Teddy Astie
> ---
> Changes since
);
> diff --git a/xen/include/xen/sched.h b/xen/include/xen/sched.h
> index fe53d4fab7..637aa09ec4 100644
> --- a/xen/include/xen/sched.h
> +++ b/xen/include/xen/sched.h
> @@ -562,12 +562,6 @@ struct domain
> /* Control-plane tools handle for this domain. */
> xen_domain_handle_
Le 06/06/2025 à 11:13, Jan Beulich a écrit :
> On 05.06.2025 19:06, Teddy Astie wrote:
>> Le 05/06/2025 à 12:27, Jan Beulich a écrit :
>>> Move the function to its own assembly file. Having it in C just for the
>>> entire body to be an asm() isn't really helpf
Le 06/06/2025 à 11:21, Jan Beulich a écrit :
> On 05.06.2025 19:34, Teddy Astie wrote:
>> Le 05/06/2025 à 12:28, Jan Beulich a écrit :
>>> Stop the compiler from inlining non-trivial memset() and memcpy() (for
>>> memset() see e.g. map_vcpu_info() or kimage_load_segment
:noalign)
> +
> ifeq ($(CONFIG_UBSAN),y)
> # Don't enable alignment sanitisation. x86 has efficient unaligned
> accesses,
> # and various things (ACPI tables, hypercall pages, stubs, etc) are
> wont-fix.
>
>
Teddy
Teddy Astie | Vates XCP-ng Developer
XCP-ng & Xen Orchestra - Vates solutions
web: https://vates.tech
" rep ; movs"__OS" ; "
> -" mov %k4,%k3 ; "
> -" rep ; movsb"
> -: "=&c" (d0), "=&D" (d1), "=&S" (d2)
> -: "0" (n/BYTES_PER_LONG), "r" (n%BYTES_PER_LONG), "1" (dest), "2"
> (src)
> -: "memory" );
> -
> -return dest;
> -}
> -
> void *(memmove)(void *dest, const void *src, size_t n)
> {
> long d0, d1, d2;
>
>
Aside that:
Reviewed-by: Teddy Astie
Teddy
Teddy Astie | Vates XCP-ng Developer
XCP-ng & Xen Orchestra - Vates solutions
web: https://vates.tech
6/string.c
> @@ -22,19 +22,6 @@ void *(memcpy)(void *dest, const void *s
> return dest;
> }
>
> -void *(memset)(void *s, int c, size_t n)
> -{
> -long d0, d1;
> -
> -asm volatile (
> -"rep stosb"
> -: "=&c" (d0), "=&D" (d1)
> -: "a" (c), "1" (s), "0" (n)
> -: "memory");
> -
> -return s;
> -}
> -
> void *(memmove)(void *dest, const void *src, size_t n)
> {
> long d0, d1, d2;
>
>
Teddy
Teddy Astie | Vates XCP-ng Developer
XCP-ng & Xen Orchestra - Vates solutions
web: https://vates.tech
Le 05/06/2025 à 16:51, Jan Beulich a écrit :
> On 30.05.2025 10:48, Teddy Astie wrote:
>> Introduce vpid_sync_vcpu_context to do a single-context invalidation
>> on the vpid attached to the vcpu as a alternative to per-gva and all-contexts
>> invlidations.
>>
&g
gt; +.opt= X86_EMU_USE_PIRQ,
> +},
> +
> +/* PVH */
And this one being PVH domU.
> +{
> +.caps = CAP_HVM | CAP_DOMU,
> +.min= X86_EMU_LAPIC,
> + .opt= 0,
> + },
With that
Reviewed-by: Teddy Astie
Teddy
T
Introduce vpid_sync_vcpu_context to do a single-context invalidation
on the vpid attached to the vcpu as a alternative to per-gva and all-contexts
invlidations.
Signed-off-by: Teddy Astie
---
Extracted from SEV series.
This will be used for instance in fixed-ASID patches (in SEV series
struct svm_domain was in vmcb.h which is meant for VMCB specific operations and
constants, move it to svm.h where it belongs.
Signed-off-by: Teddy Astie
---
xen/arch/x86/include/asm/hvm/domain.h | 1 +
xen/arch/x86/include/asm/hvm/svm/svm.h | 11 +++
xen/arch/x86/include/asm/hvm/svm
> +See the ARGO section of the Xen MAINTAINERS document for web reference.
> +
> +# History
> +
> +
> +Date Revision Version Notes
> +-- - --
> +2025-05-28 1Xen 4.12+ Feature included in Xen 4.12.
> +-- - --
Teddy
Teddy Astie | Vates XCP-ng Developer
XCP-ng & Xen Orchestra - Vates solutions
web: https://vates.tech
xen-project/xen/-/commit/3fc44151d83d3d63320036bcf06634dfbebe1ff3
Signed-off-by: Teddy Astie
---
xen/drivers/passthrough/amd/iommu_map.c | 4 +---
xen/drivers/passthrough/amd/pci_amd_iommu.c | 18 --
2 files changed, 1 insertion(+), 21 deletions(-)
diff --git a/xen/driv
return ioremap_attr(start, len, PAGE_HYPERVISOR_WC);
> +}
> +
> +void *ioremap(paddr_t pa, size_t len)
also here
> +{
> +return ioremap_attr(pa, len, PAGE_HYPERVISOR_NOCACHE);
> +}
Teddy
Teddy Astie | Vates XCP-ng Developer
XCP-ng & Xen Orchestra - Vates solutions
web: https://vates.tech
When doing PCI Passthrough with high-IRQ devices (e.g NVMe drives),
the default limit may be unefficient as not all domains requires
more IRQs.
Introduce a new parameter to allow the toolstack to tune the IRQ
count if more is required.
Signed-off-by: Teddy Astie
---
0 extra_irqs is meaningful
Le 16/05/2025 à 12:54, Jürgen Groß a écrit :
> On 16.05.25 11:31, Teddy Astie wrote:
>>
>> In order to create a confidential computing domain, the process is
>> follow :
>> - create a HVM/PVH domain with XEN_DOMCTL_CDF_coco
>> - populate ini
Introduce a basic console hypercall for debugging needs under SEV
when PV console is not usable at this point. This is later on used
by the earlyprintk of the experimental SEV Linux branch.
Signed-off-by: Teddy Astie
---
xen/common/coco.c| 6 ++
xen/include/hypercall-defs.c | 2
From: Andrei Semenov
AMD-SEV is AMD implementation for confidential computing.
This patch introduces SEV initialization and HVM enablement logic.
Signed-off-by: Andrei Semenov
Signed-off-by: Teddy Astie
---
Some possible improvement would be to slightly change the ASID allocation
logic under
Those bits are used to enable SEV-related features in VMCB.
Signed-off-by: Andrei Semenov
Signed-off-by: Teddy Astie
---
xen/arch/x86/include/asm/hvm/svm/vmcb.h | 11 +++
1 file changed, 11 insertions(+)
diff --git a/xen/arch/x86/include/asm/hvm/svm/vmcb.h
b/xen/arch/x86/include/asm
Signed-off-by: Teddy Astie
---
xen/arch/x86/cpu/common.c | 2 ++
xen/arch/x86/include/asm/cpufeature.h | 4
xen/include/public/arch-x86/cpufeatureset.h | 5 +
xen/include/xen/lib/x86/cpu-policy.h| 9 -
4 files changed, 19 insertions(+), 1 deletion
In order to reuse a ASID in a SEV guest, we need to perform a
WBINVD on all pCPUs that ran the guest, then a DF_FLUSH on the PSP.
Just leak the ASID for now.
Signed-off-by: Teddy Astie
---
xen/arch/x86/hvm/hvm.c | 5 -
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/xen/arch
From: Vaishali Thakkar
Signed-off-by: Vaishali Thakkar
Signed-off-by: Teddy Astie
---
tools/include/libxl.h| 5
tools/include/xenctrl.h | 4
tools/include/xenguest.h | 1 +
tools/libs/ctrl/xc_domain.c | 36 +
tools
From: Andrei Semenov
Some code paths are not emulable under SEV or needs special handling.
Signed-off-by: Andrei Semenov
Signed-off-by: Teddy Astie
---
xen/arch/x86/hvm/emulate.c | 137 -
xen/arch/x86/hvm/hvm.c | 13
2 files changed, 133
From: Andrei Semenov
Introduce a basic PSP driver with focus on SEV commands.
Signed-off-by: Andrei Semenov
Signed-off-by: Teddy Astie
---
xen/arch/x86/include/asm/psp-sev.h | 655 +++
xen/drivers/Kconfig| 2 +
xen/drivers/Makefile | 1
guest.
Signed-off-by: Teddy Astie
---
xen/arch/x86/domain.c | 4 +
xen/arch/x86/hvm/hvm.c| 10 ++-
xen/common/Kconfig| 5 ++
xen/common/Makefile | 1 +
xen/common/coco.c | 134 ++
xen/common/domain.c
vcpu->needs_tlb_flush attribute to schedule a guest TLB
flush for the next VMRUN/VMENTER. This will be later be done using
either TLB_CONTROL field (AMD) or INVEPT (Intel). This flush method
is used in place of the current ASID swapping logic.
Signed-off-by: Teddy Astie
Signed-off-by: Vaishali
Signed-off-by: Teddy Astie
---
xen/arch/x86/cpuid.c| 2 ++
xen/include/public/arch-x86/cpuid.h | 2 ++
2 files changed, 4 insertions(+)
diff --git a/xen/arch/x86/cpuid.c b/xen/arch/x86/cpuid.c
index 8dc68945f7..e2d94619c2 100644
--- a/xen/arch/x86/cpuid.c
+++ b/xen/arch/x86
Introduce vpid_sync_vcpu_context to do a single-context invalidation
on the vpid attached to the vcpu as a alternative to per-gva and all-context
invlidations.
Signed-off-by: Teddy Astie
---
This will be used on Intel platforms for the ASID management rework.
---
xen/arch/x86/include/asm/hvm
OM2_FORCE_WB (_AC(1, ULL) << 22)
+#define SYSCFG_MEM_ENCRYPT (_AC(1, ULL) << 23)
#define MSR_K8_IORR_BASE0 _AC(0xc0010016, U)
#define MSR_K8_IORR_MASK0 _AC(0xc0010017, U)
--
2.49.0
Teddy Astie | Vates XCP-ng
ith early SEV support (more or less working)
https://github.com/xcp-ng/linux/tree/xen-sev-6.6/
https://github.com/xcp-ng/linux/tree/xen-sev-6.14/
Teddy Astie (16):
x86/msr: Introduce SYSCFG_MEM_ENCRYPT MSR.
x86/svm: Move svm_domain structure to svm.h
x86/hvm: Add support for physical address AB
Signed-off-by: Teddy Astie
---
docs/guest-guide/x86/hypercall-abi.rst | 4
1 file changed, 4 insertions(+)
diff --git a/docs/guest-guide/x86/hypercall-abi.rst
b/docs/guest-guide/x86/hypercall-abi.rst
index e52ed453bc..710a02895b 100644
--- a/docs/guest-guide/x86/hypercall-abi.rst
+++ b
struct svm_domain was in vmcb.h which is meant for VMCB specific
operations and values, move it to svm.h where it belongs.
Signed-off-by: Teddy Astie
---
xen/arch/x86/include/asm/hvm/domain.h | 1 +
xen/arch/x86/include/asm/hvm/svm/svm.h | 11 +++
xen/arch/x86/include/asm/hvm/svm
Guest can tag their hypercalls with 0x4000 in order to use this
alternative ABI that uses physical addresses instead of linear ones.
Signed-off-by: Teddy Astie
---
This one is based on the "HVMv2 ABI" RFC, but reworked in a way that is more
compatible with existing guest (guest n
= rover + 1; dom != rover; dom++ )
> -{
> -if ( dom == DOMID_FIRST_RESERVED )
> -dom = 1;
> -if ( is_free_domid(dom) )
> -break;
> -}
> -
> -ret = -ENOMEM;
> -if ( dom == rover )
> -break;
> -
> -rover = dom;
> +break;
> }
>
> -d = domain_create(dom, &op->u.createdomain, false);
> +d = domain_create(domid, &op->u.createdomain, false);
> if ( IS_ERR(d) )
> {
> ret = PTR_ERR(d);
In case the domain creation failure, we need to free the domid,
otherwise, it would not be used anymore as considered used by the domid
allocator.
> diff --git a/xen/include/xen/domain.h b/xen/include/xen/domain.h
> index e10baf2615..039bb7eeaf 100644
> --- a/xen/include/xen/domain.h
> +++ b/xen/include/xen/domain.h
> @@ -38,6 +38,10 @@ void arch_get_domain_info(const struct domain *d,
>
> domid_t get_initial_domain_id(void);
>
> +void domid_init(void);
> +void domid_free(domid_t domid);
> +domid_t domid_alloc(domid_t domid);
> +
> /* CDF_* constant. Internal flags for domain creation. */
> /* Is this a privileged domain? */
> #define CDF_privileged (1U << 0)
Teddy
Teddy Astie | Vates XCP-ng Developer
XCP-ng & Xen Orchestra - Vates solutions
web: https://vates.tech
1 - 100 of 234 matches
Mail list logo
