Hello community, here is the log from the commit of package xen for openSUSE:12.3 checked in at 2013-02-25 21:46:59 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:12.3/xen (Old) and /work/SRC/openSUSE:12.3/.xen.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "xen", Maintainer is "CARNOLD@suse.com" Changes: -------- --- /work/SRC/openSUSE:12.3/xen/xen.changes 2013-02-05 11:22:33.000000000 +0100 +++ /work/SRC/openSUSE:12.3/.xen.new/xen.changes 2013-02-25 21:47:07.000000000 +0100 @@ -1,0 +2,91 @@ +Wed Feb 20 15:00:13 MST 2013 - jfehlig@suse.com + +- Add upstream patch to fix vfb/vkb initialization in libxl + 26369-libxl-devid.patch + +------------------------------------------------------------------- +Tue Feb 19 14:35:07 MST 2013 - carnold@suse.com + +- fate##313584: pass bios information to XEN HVM guest + 26554-hvm-firmware-passthrough.patch + 26555-hvm-firmware-passthrough.patch + 26556-hvm-firmware-passthrough.patch + +------------------------------------------------------------------- +Tue Feb 19 10:46:46 MST 2013 - carnold@suse.com + +- Upstream patches from Jan + 26516-ACPI-parse-table-retval.patch (Replaces CVE-2013-0153-xsa36.patch) + 26517-AMD-IOMMU-clear-irtes.patch (Replaces CVE-2013-0153-xsa36.patch) + 26518-AMD-IOMMU-disable-if-SATA-combined-mode.patch (Replaces CVE-2013-0153-xsa36.patch) + 26519-AMD-IOMMU-perdev-intremap-default.patch (Replaces CVE-2013-0153-xsa36.patch) + 26526-pvdrv-no-devinit.patch + 26529-gcc48-build-fix.patch + 26531-AMD-IOMMU-IVHD-special-missing.patch (Replaces CVE-2013-0153-xsa36.patch) + 26532-AMD-IOMMU-phantom-MSI.patch + 26536-xenoprof-div-by-0.patch + 26576-x86-APICV-migration.patch + 26577-x86-APICV-x2APIC.patch + 26578-AMD-IOMMU-replace-BUG_ON.patch + +------------------------------------------------------------------- +Mon Feb 18 17:28:00 CET 2013 - ohering@suse.de + +- bnc#797014 - no way to control live migrations + 26547-tools-xc_fix_logic_error_in_stdiostream_progress.patch + 26548-tools-xc_handle_tty_output_differently_in_stdiostream_progress.patch + 26549-tools-xc_turn_XCFLAGS_*_into_shifts.patch + 26550-tools-xc_restore_logging_in_xc_save.patch + 26551-tools-xc_log_pid_in_xc_save-xc_restore_output.patch + +------------------------------------------------------------------- +Mon Feb 11 14:35:06 UTC 2013 - mmarek@suse.cz + +- Set $BRP_PESIGN_FILES in the %install section so that modules + are signed in the buildservice (fate#314552). + +------------------------------------------------------------------- +Mon Feb 11 15:33:24 CET 2013 - ohering@suse.de + +- PVonHVM: __devinit was removed in linux-3.8 + +------------------------------------------------------------------- +Wed Feb 6 09:01:29 MST 2013 - jfehlig@suse.com + +- Add 'managed' PCI passthrough support to xend, allowing support + for the same through libvirt + xen-managed-pci-device.patch + FATE#313570 + +------------------------------------------------------------------- +Tue Feb 5 11:50:14 MST 2013 - carnold@suse.com + +- Upstream patches from Jan + 26287-sched-credit-pick-idle.patch + 26340-VT-d-intremap-verify-legacy-bridge.patch (Replaces CVE-2012-5634-xsa33.patch) + 26370-libxc-x86-initial-mapping-fit.patch + 26395-x86-FPU-context-conditional.patch + 26404-x86-forward-both-NMI-kinds.patch + 26418-x86-trampoline-consider-multiboot.patch + 26427-x86-AMD-enable-WC+.patch + 26428-x86-HVM-RTC-update.patch + 26440-x86-forward-SERR.patch + 26443-ACPI-zap-DMAR.patch + 26444-x86-nHVM-no-self-enable.patch (Replaces CVE-2013-0152-xsa35.patch) + 26501-VMX-simplify-CR0-update.patch + 26502-VMX-disable-SMEP-when-not-paging.patch + +------------------------------------------------------------------- +Fri Feb 1 08:30:28 MST 2013 - carnold@suse.com + +- bnc#800275 - VUL-0: XSA-36: CVE-2013-0153: xen: interrupt remap + entries shared and old ones not cleared on AMD IOMMUs + CVE-2013-0153-xsa36.patch + +------------------------------------------------------------------- +Wed Jan 30 15:14:41 UTC 2013 - mmarek@suse.cz + +- Add # needssslcertforbuild to the specfile, to make the UEFI + signing certificate available during build (fate#314511, fate#314552). + +------------------------------------------------------------------- Old: ---- CVE-2012-5634-xsa33.patch CVE-2013-0152-xsa35.patch x86-fpu-context-conditional.patch New: ---- 26287-sched-credit-pick-idle.patch 26340-VT-d-intremap-verify-legacy-bridge.patch 26369-libxl-devid.patch 26370-libxc-x86-initial-mapping-fit.patch 26395-x86-FPU-context-conditional.patch 26404-x86-forward-both-NMI-kinds.patch 26418-x86-trampoline-consider-multiboot.patch 26427-x86-AMD-enable-WC+.patch 26428-x86-HVM-RTC-update.patch 26440-x86-forward-SERR.patch 26443-ACPI-zap-DMAR.patch 26444-x86-nHVM-no-self-enable.patch 26501-VMX-simplify-CR0-update.patch 26502-VMX-disable-SMEP-when-not-paging.patch 26516-ACPI-parse-table-retval.patch 26517-AMD-IOMMU-clear-irtes.patch 26518-AMD-IOMMU-disable-if-SATA-combined-mode.patch 26519-AMD-IOMMU-perdev-intremap-default.patch 26526-pvdrv-no-devinit.patch 26529-gcc48-build-fix.patch 26531-AMD-IOMMU-IVHD-special-missing.patch 26532-AMD-IOMMU-phantom-MSI.patch 26536-xenoprof-div-by-0.patch 26547-tools-xc_fix_logic_error_in_stdiostream_progress.patch 26548-tools-xc_handle_tty_output_differently_in_stdiostream_progress.patch 26549-tools-xc_turn_XCFLAGS_*_into_shifts.patch 26550-tools-xc_restore_logging_in_xc_save.patch 26551-tools-xc_log_pid_in_xc_save-xc_restore_output.patch 26554-hvm-firmware-passthrough.patch 26555-hvm-firmware-passthrough.patch 26556-hvm-firmware-passthrough.patch 26576-x86-APICV-migration.patch 26577-x86-APICV-x2APIC.patch 26578-AMD-IOMMU-replace-BUG_ON.patch xen-managed-pci-device.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ xen.spec ++++++ --- /var/tmp/diff_new_pack.IlAvmd/_old 2013-02-25 21:47:10.000000000 +0100 +++ /var/tmp/diff_new_pack.IlAvmd/_new 2013-02-25 21:47:10.000000000 +0100 @@ -114,7 +114,7 @@ BuildRequires: module-init-tools BuildRequires: xorg-x11 %endif -Version: 4.2.1_04 +Version: 4.2.1_06 Release: 0 PreReq: %insserv_prereq %fillup_prereq Summary: Xen Virtualization: Hypervisor (aka VMM aka Microkernel) @@ -206,6 +206,7 @@ Patch26258: 26258-VMX-nested-intr-delivery.patch Patch26262: 26262-x86-EFI-secure-shim.patch Patch26266: 26266-sched-ratelimit-check.patch +Patch26287: 26287-sched-credit-pick-idle.patch Patch26294: 26294-x86-AMD-Fam15-way-access-filter.patch Patch26320: 26320-IOMMU-domctl-assign-seg.patch Patch26324: 26324-IOMMU-assign-params.patch @@ -218,16 +219,47 @@ Patch26331: 26331-IOMMU-phantom-dev-quirk.patch Patch26332: 26332-x86-compat-show-guest-stack-mfn.patch Patch26333: 26333-x86-get_page_type-assert.patch +Patch26340: 26340-VT-d-intremap-verify-legacy-bridge.patch Patch26341: 26341-hvm-firmware-passthrough.patch Patch26342: 26342-hvm-firmware-passthrough.patch Patch26343: 26343-hvm-firmware-passthrough.patch Patch26344: 26344-hvm-firmware-passthrough.patch +Patch26369: 26369-libxl-devid.patch +Patch26370: 26370-libxc-x86-initial-mapping-fit.patch Patch26372: 26372-tools-paths.patch +Patch26395: 26395-x86-FPU-context-conditional.patch +Patch26404: 26404-x86-forward-both-NMI-kinds.patch +Patch26418: 26418-x86-trampoline-consider-multiboot.patch +Patch26427: 26427-x86-AMD-enable-WC+.patch +Patch26428: 26428-x86-HVM-RTC-update.patch +Patch26440: 26440-x86-forward-SERR.patch +Patch26443: 26443-ACPI-zap-DMAR.patch +Patch26444: 26444-x86-nHVM-no-self-enable.patch Patch26468: 26468-libxl-race.patch Patch26469: 26469-libxl-race.patch -Patch33: CVE-2012-5634-xsa33.patch +Patch26501: 26501-VMX-simplify-CR0-update.patch +Patch26502: 26502-VMX-disable-SMEP-when-not-paging.patch +Patch26516: 26516-ACPI-parse-table-retval.patch +Patch26517: 26517-AMD-IOMMU-clear-irtes.patch +Patch26518: 26518-AMD-IOMMU-disable-if-SATA-combined-mode.patch +Patch26519: 26519-AMD-IOMMU-perdev-intremap-default.patch +Patch26526: 26526-pvdrv-no-devinit.patch +Patch26529: 26529-gcc48-build-fix.patch +Patch26531: 26531-AMD-IOMMU-IVHD-special-missing.patch +Patch26532: 26532-AMD-IOMMU-phantom-MSI.patch +Patch26536: 26536-xenoprof-div-by-0.patch +Patch26547: 26547-tools-xc_fix_logic_error_in_stdiostream_progress.patch +Patch26548: 26548-tools-xc_handle_tty_output_differently_in_stdiostream_progress.patch +Patch26549: 26549-tools-xc_turn_XCFLAGS_*_into_shifts.patch +Patch26550: 26550-tools-xc_restore_logging_in_xc_save.patch +Patch26551: 26551-tools-xc_log_pid_in_xc_save-xc_restore_output.patch +Patch26554: 26554-hvm-firmware-passthrough.patch +Patch26555: 26555-hvm-firmware-passthrough.patch +Patch26556: 26556-hvm-firmware-passthrough.patch +Patch26576: 26576-x86-APICV-migration.patch +Patch26577: 26577-x86-APICV-x2APIC.patch +Patch26578: 26578-AMD-IOMMU-replace-BUG_ON.patch Patch34: CVE-2013-0151-xsa34.patch -Patch35: CVE-2013-0152-xsa35.patch Patch41: CVE-2012-6075-xsa41.patch # Upstream qemu patches Patch100: VNC-Support-for-ExtendedKeyEvent-client-message.patch @@ -324,6 +356,7 @@ Patch461: xen-glibc217.patch Patch462: xen-migration-bridge-check.patch Patch463: pygrub-netware-xnloader.patch +Patch464: xen-managed-pci-device.patch # Jim's domain lock patch Patch480: xend-domain-lock.patch Patch481: xend-domain-lock-sfex.patch @@ -339,7 +372,6 @@ Patch511: supported_module.diff Patch512: magic_ioport_compat.patch Patch513: xen.sles11sp1.fate311487.xen_platform_pci.dmistring.patch -Patch514: x86-fpu-context-conditional.patch Patch650: disable_emulated_device.diff Patch651: ioemu-disable-scsi.patch Patch652: ioemu-disable-emulated-ide-if-pv.patch @@ -726,6 +758,7 @@ %patch26258 -p1 %patch26262 -p1 %patch26266 -p1 +%patch26287 -p1 %patch26294 -p1 %patch26320 -p1 %patch26324 -p1 @@ -738,16 +771,47 @@ %patch26331 -p1 %patch26332 -p1 %patch26333 -p1 +%patch26340 -p1 %patch26341 -p1 %patch26342 -p1 %patch26343 -p1 %patch26344 -p1 +%patch26369 -p1 +%patch26370 -p1 %patch26372 -p1 +%patch26395 -p1 +%patch26404 -p1 +%patch26418 -p1 +%patch26427 -p1 +%patch26428 -p1 +%patch26440 -p1 +%patch26443 -p1 +%patch34 -p1 +%patch26444 -p1 %patch26468 -p1 %patch26469 -p1 -%patch33 -p1 -%patch34 -p1 -%patch35 -p1 +%patch26501 -p1 +%patch26502 -p1 +%patch26516 -p1 +%patch26517 -p1 +%patch26518 -p1 +%patch26519 -p1 +%patch26526 -p1 +%patch26529 -p1 +%patch26531 -p1 +%patch26532 -p1 +%patch26536 -p1 +%patch26547 -p1 +%patch26548 -p1 +%patch26549 -p1 +%patch26550 -p1 +%patch26551 -p1 +%patch26554 -p1 +%patch26555 -p1 +%patch26556 -p1 +%patch26576 -p1 +%patch26577 -p1 +%patch26578 -p1 %patch41 -p1 # Qemu %patch100 -p1 @@ -841,6 +905,7 @@ %patch461 -p1 %patch462 -p1 %patch463 -p1 +%patch464 -p1 %patch480 -p1 %patch481 -p1 %patch500 -p1 @@ -854,7 +919,6 @@ %patch511 -p1 %patch512 -p1 %patch513 -p1 -%patch514 -p1 %patch650 -p1 %patch651 -p1 %patch652 -p1 @@ -981,6 +1045,7 @@ %if %{?with_kmp}0 export INSTALL_MOD_PATH=$RPM_BUILD_ROOT export INSTALL_MOD_DIR=updates +#export BRP_PESIGN_FILES="*.ko /lib/firmware" mkdir -p $RPM_BUILD_ROOT/etc/modprobe.d for flavor in %flavors_to_build; do make -C /usr/src/linux-obj/%_target_cpu/$flavor modules_install \ ++++++ 26287-sched-credit-pick-idle.patch ++++++ # HG changeset patch # User Dario Faggioli <dario.faggioli@citrix.com> # Date 1355854218 0 # Node ID 127c2c47d440eb7f3248ab5561909e326af7e328 # Parent d5c0389bf26c89969ebce71927f34f6b923af949 xen: sched_credit: improve picking up the idle CPU for a VCPU In _csched_cpu_pick() we try to select the best possible CPU for running a VCPU, considering the characteristics of the underlying hardware (i.e., how many threads, core, sockets, and how busy they are). What we want is "the idle execution vehicle with the most idling neighbours in its grouping". In order to achieve it, we select a CPU from the VCPU's affinity, giving preference to its current processor if possible, as the basis for the comparison with all the other CPUs. Problem is, to discount the VCPU itself when computing this "idleness" (in an attempt to be fair wrt its current processor), we arbitrarily and unconditionally consider that selected CPU as idle, even when it is not the case, for instance: 1. If the CPU is not the one where the VCPU is running (perhaps due to the affinity being changed); 2. The CPU is where the VCPU is running, but it has other VCPUs in its runq, so it won't go idle even if the VCPU in question goes. This is exemplified in the trace below: ] 3.466115364 x|------|------| d10v1 22005(2:2:5) 3 [ a 1 8 ] ... ... ... 3.466122856 x|------|------| d10v1 runstate_change d10v1 running->offline 3.466123046 x|------|------| d?v? runstate_change d32767v0 runnable->running ... ... ... ] 3.466126887 x|------|------| d32767v0 28004(2:8:4) 3 [ a 1 8 ] 22005(...) line (the first line) means _csched_cpu_pick() was called on VCPU 1 of domain 10, while it is running on CPU 0, and it choose CPU 8, which is busy ('|'), even if there are plenty of idle CPUs. That is because, as a consequence of changing the VCPU affinity, CPU 8 was chosen as the basis for the comparison, and therefore considered idle (its bit gets unconditionally set in the bitmask representing the idle CPUs). 28004(...) line means the VCPU is woken up and queued on CPU 8's runq, where it waits for a context switch or a migration, in order to be able to execute. This change fixes things by only considering the "guessed" CPU idle if the VCPU in question is both running there and is its only runnable VCPU. Signed-off-by: Dario Faggioli <dario.faggioli@citrix.com> Acked-by: George Dunlap <george.dunlap@citrix.com> Committed-by: Keir Fraser <keir@xen.org> --- a/xen/common/sched_credit.c +++ b/xen/common/sched_credit.c @@ -72,6 +72,9 @@ #define CSCHED_VCPU(_vcpu) ((struct csched_vcpu *) (_vcpu)->sched_priv) #define CSCHED_DOM(_dom) ((struct csched_dom *) (_dom)->sched_priv) #define RUNQ(_cpu) (&(CSCHED_PCPU(_cpu)->runq)) +/* Is the first element of _cpu's runq its idle vcpu? */ +#define IS_RUNQ_IDLE(_cpu) (list_empty(RUNQ(_cpu)) || \ + is_idle_vcpu(__runq_elem(RUNQ(_cpu)->next)->vcpu)) /* @@ -487,9 +490,14 @@ _csched_cpu_pick(const struct scheduler * distinct cores first and guarantees we don't do something stupid * like run two VCPUs on co-hyperthreads while there are idle cores * or sockets. + * + * Notice that, when computing the "idleness" of cpu, we may want to + * discount vc. That is, iff vc is the currently running and the only + * runnable vcpu on cpu, we add cpu to the idlers. */ cpumask_and(&idlers, &cpu_online_map, CSCHED_PRIV(ops)->idlers); - cpumask_set_cpu(cpu, &idlers); + if ( vc->processor == cpu && IS_RUNQ_IDLE(cpu) ) + cpumask_set_cpu(cpu, &idlers); cpumask_and(&cpus, &cpus, &idlers); cpumask_clear_cpu(cpu, &cpus); ++++++ 26340-VT-d-intremap-verify-legacy-bridge.patch ++++++ References: CVE-2012-5634 XSA-33 bnc#794316 # HG changeset patch # User Jan Beulich <jbeulich@suse.com> # Date 1357748006 -3600 # Node ID 19fd1237ff0dfa3d97a896d6ed6fbbd33f816a9f # Parent 56b0d5476c11bfd09986080dfa97923586ef474f VT-d: fix interrupt remapping source validation for devices behind legacy bridges Using SVT_VERIFY_BUS here doesn't make sense; native Linux also uses SVT_VERIFY_SID_SQ here instead. This is XSA-33 / CVE-2012-5634. Signed-off-by: Jan Beulich <jbeulich@suse.com> --- a/xen/drivers/passthrough/vtd/intremap.c +++ b/xen/drivers/passthrough/vtd/intremap.c @@ -469,7 +469,7 @@ static void set_msi_source_id(struct pci set_ire_sid(ire, SVT_VERIFY_BUS, SQ_ALL_16, (bus << 8) | pdev->bus); else if ( pdev_type(seg, bus, devfn) == DEV_TYPE_LEGACY_PCI_BRIDGE ) - set_ire_sid(ire, SVT_VERIFY_BUS, SQ_ALL_16, + set_ire_sid(ire, SVT_VERIFY_SID_SQ, SQ_ALL_16, PCI_BDF2(bus, devfn)); } break; ++++++ 26369-libxl-devid.patch ++++++ commit 5420f26507fc5c9853eb1076401a8658d72669da Author: Jim Fehlig <jfehlig@suse.com> Date: Fri Jan 11 12:22:26 2013 +0000 libxl: Set vfb and vkb devid if not done so by the caller Other devices set a sensible devid if the caller has not done so. Do the same for vfb and vkb. While at it, factor out the common code used to determine a sensible devid, so it can be used by other libxl__device_*_add functions. Signed-off-by: Jim Fehlig <jfehlig@suse.com> Acked-by: Ian Campbell <ian.campbell@citrix.com> Committed-by: Ian Campbell <ian.campbell@citrix.com> Index: xen-4.2.1-testing/tools/libxl/libxl.c =================================================================== --- xen-4.2.1-testing.orig/tools/libxl/libxl.c +++ xen-4.2.1-testing/tools/libxl/libxl.c @@ -1727,6 +1727,26 @@ out: return; } +/* common function to get next device id */ +static int libxl__device_nextid(libxl__gc *gc, uint32_t domid, char *device) +{ + char *dompath, **l; + unsigned int nb; + int nextid = -1; + + if (!(dompath = libxl__xs_get_dompath(gc, domid))) + return nextid; + + l = libxl__xs_directory(gc, XBT_NULL, + GCSPRINTF("%s/device/%s", dompath, device), &nb); + if (l == NULL || nb == 0) + nextid = 0; + else + nextid = strtoul(l[nb - 1], NULL, 10) + 1; + + return nextid; +} + /******************************************************************************/ int libxl__device_disk_setdefault(libxl__gc *gc, libxl_device_disk *disk) @@ -2563,8 +2583,7 @@ void libxl__device_nic_add(libxl__egc *e flexarray_t *front; flexarray_t *back; libxl__device *device; - char *dompath, **l; - unsigned int nb, rc; + unsigned int rc; rc = libxl__device_nic_setdefault(gc, nic, domid); if (rc) goto out; @@ -2581,16 +2600,10 @@ void libxl__device_nic_add(libxl__egc *e } if (nic->devid == -1) { - if (!(dompath = libxl__xs_get_dompath(gc, domid))) { + if ((nic->devid = libxl__device_nextid(gc, domid, "vif") < 0)) { rc = ERROR_FAIL; goto out_free; } - if (!(l = libxl__xs_directory(gc, XBT_NULL, - libxl__sprintf(gc, "%s/device/vif", dompath), &nb))) { - nic->devid = 0; - } else { - nic->devid = strtoul(l[nb - 1], NULL, 10) + 1; - } } GCNEW(device); @@ -2977,6 +2990,13 @@ int libxl__device_vkb_add(libxl__gc *gc, goto out_free; } + if (vkb->devid == -1) { + if ((vkb->devid = libxl__device_nextid(gc, domid, "vkb") < 0)) { + rc = ERROR_FAIL; + goto out_free; + } + } + rc = libxl__device_from_vkb(gc, domid, vkb, &device); if (rc != 0) goto out_free; @@ -3078,6 +3098,13 @@ int libxl__device_vfb_add(libxl__gc *gc, goto out_free; } + if (vfb->devid == -1) { + if ((vfb->devid = libxl__device_nextid(gc, domid, "vfb") < 0)) { + rc = ERROR_FAIL; + goto out_free; + } + } + rc = libxl__device_from_vfb(gc, domid, vfb, &device); if (rc != 0) goto out_free; ++++++ 26370-libxc-x86-initial-mapping-fit.patch ++++++ # HG changeset patch # User Ian Campbell <Ian.Campbell@citrix.com> # Date 1357906947 0 # Node ID ba2d73234d73fc0faa027cd9bdfd3ac90642733c # Parent 84d87ca765be81c215ef3b67d2ed71acfba73553 libxc: x86: ensure that the initial mapping fits into the guest's memory In particular we need to check that adding 512KB of slack and rounding up to a 4MB boundary do not overflow the guest's memory allocation. Otherwise we run off the end of the p2m when building the guest's initial page tables and populate them with garbage. Wei noticed this when build tiny (2MB) mini-os domains. Reported-by: Wei Liu <Wei.Liu2@citrix.com> Signed-off-by: Ian Campbell <ian.campbell@citrix.com> Acked-by: Jan Beulich <jbeulich@suse.com> Committed-by: Ian Campbell <ian.campbell@citrix.com> --- a/tools/libxc/xc_dom_core.c +++ b/tools/libxc/xc_dom_core.c @@ -871,7 +871,8 @@ int xc_dom_build_image(struct xc_dom_ima goto err; if ( dom->arch_hooks->count_pgtables ) { - dom->arch_hooks->count_pgtables(dom); + if ( dom->arch_hooks->count_pgtables(dom) != 0 ) + goto err; if ( (dom->pgtables > 0) && (xc_dom_alloc_segment(dom, &dom->pgtables_seg, "page tables", 0, dom->pgtables * page_size) != 0) ) --- a/tools/libxc/xc_dom_x86.c +++ b/tools/libxc/xc_dom_x86.c @@ -82,6 +82,7 @@ static int count_pgtables(struct xc_dom_ { int pages, extra_pages; xen_vaddr_t try_virt_end; + xen_pfn_t try_pfn_end; extra_pages = dom->alloc_bootstack ? 1 : 0; extra_pages += dom->extra_pages; @@ -91,6 +92,17 @@ static int count_pgtables(struct xc_dom_ { try_virt_end = round_up(dom->virt_alloc_end + pages * PAGE_SIZE_X86, bits_to_mask(22)); /* 4MB alignment */ + + try_pfn_end = (try_virt_end - dom->parms.virt_base) >> PAGE_SHIFT_X86; + + if ( try_pfn_end > dom->total_pages ) + { + xc_dom_panic(dom->xch, XC_OUT_OF_MEMORY, + "%s: not enough memory for initial mapping (%#"PRIpfn" > %#"PRIpfn")", + __FUNCTION__, try_pfn_end, dom->total_pages); + return -ENOMEM; + } + dom->pg_l4 = nr_page_tables(dom, dom->parms.virt_base, try_virt_end, l4_bits); dom->pg_l3 = ++++++ 26395-x86-FPU-context-conditional.patch ++++++ # HG changeset patch # User Jan Beulich <jbeulich@suse.com> # Date 1358341015 -3600 # Node ID b4cbb83f9a1f57b4f26f2d35998cda42b904ea69 # Parent 327b812026fe62a990f1d81041729c42196983ca x86: consistently mask floating point exceptions c/s 23142:f5e8d152a565 resulted in v->arch.fpu_ctxt to point into the save area allocated for xsave/xrstor (when they're available). The way vcpu_restore_fpu_lazy() works (using fpu_init() for an uninitialized vCPU only when there's no xsave support) causes this to load whatever arch_set_info_guest() put there, irrespective of whether the i387 state was specified to be valid in the respective input structure. Consequently, with a cleared (al zeroes) incoming FPU context, and with xsave available, one gets all exceptions unmasked (as opposed to to the legacy case, where FINIT and LDMXCSR get used, masking all exceptions). This causes e.g. para-virtualized NetWare to crash. The behavior of arch_set_info_guest() is thus being made more hardware- like for the FPU portion of it: Considering it to be similar to INIT, it will leave untouched all floating point state now. An alternative would be to make the behavior RESET-like, forcing all state to known values, albeit - taking into account legacy behavior - not to precisely the values RESET would enforce (which masks only SSE exceptions, but not x87 ones); that would come closest to mimicing FINIT behavior in the xsave case. Another option would be to continue copying whatever was provided, but override (at least) FCW and MXCSR if VGCF_I387_VALID isn't set. Signed-off-by: Jan Beulich <jbeulich@suse.com> Acked-by: Keir Fraser <keir@xen.org> --- a/xen/arch/x86/domain.c +++ b/xen/arch/x86/domain.c @@ -819,7 +819,9 @@ int arch_set_info_guest( v->arch.vgc_flags = flags; - memcpy(v->arch.fpu_ctxt, &c.nat->fpu_ctxt, sizeof(c.nat->fpu_ctxt)); + if ( flags & VGCF_I387_VALID ) + memcpy(v->arch.fpu_ctxt, &c.nat->fpu_ctxt, sizeof(c.nat->fpu_ctxt)); + if ( !compat ) { memcpy(&v->arch.user_regs, &c.nat->user_regs, sizeof(c.nat->user_regs)); ++++++ 26404-x86-forward-both-NMI-kinds.patch ++++++ # HG changeset patch # User Jan Beulich <jbeulich@suse.com> # Date 1358427591 -3600 # Node ID 76598d4bf61ef0c575deba539ff99078c80e651e # Parent 0dee85c061addb7124d77c5f6cfe2ea7bc03b760 x86: handle both NMI kinds if they occur simultaneously We shouldn't assume PCI SERR excludes IOCHK. Once at it, also remove the doubly redundant range restriction on "reason" - the variable already is "unsigned char". Signed-off-by: Jan Beulich <jbeulich@suse.com> Acked-by: Andrew Cooper <andrew.cooper3@citrix.com> Acked-by: Keir Fraser <keir@xen.org> --- a/xen/arch/x86/traps.c +++ b/xen/arch/x86/traps.c @@ -3357,10 +3357,10 @@ void do_nmi(struct cpu_user_regs *regs) reason = inb(0x61); if ( reason & 0x80 ) pci_serr_error(regs); - else if ( reason & 0x40 ) + if ( reason & 0x40 ) io_check_error(regs); - else if ( !nmi_watchdog ) - unknown_nmi_error(regs, (unsigned char)(reason&0xff)); + if ( !(reason & 0xc0) && !nmi_watchdog ) + unknown_nmi_error(regs, reason); } } ++++++ 26418-x86-trampoline-consider-multiboot.patch ++++++ # HG changeset patch # User Paolo Bonzini <pbonzini@redhat.com> # Date 1358505311 -3600 # Node ID 3b59a6c3e9b0fb5009bdfff97c8493bb9f0bec54 # Parent 025f202f3022c30d1ec3b6ffcb72861c43a32cf7 x86: find a better location for the real-mode trampoline On some machines, the location at 0x40e does not point to the beginning of the EBDA. Rather, it points to the beginning of the BIOS-reserved area of the EBDA, while the option ROMs place their data below that segment. For this reason, 0x413 is actually a better source than 0x40e to get the location of the real-mode trampoline. Xen was already using it as a second source, and this patch keeps that working. However, just in case, let's also fetch the information from the multiboot structure, where the boot loader should have placed it. This way we don't necessarily trust one of the BIOS or the multiboot loader more than the other. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Retain the previous code, thus using the multiboot value only if it's sane but lower than the BDA computed one. Also use the full 32-bit mem_lower value and prefer MBI_MEMLIMITS over open coding it (requiring a slight adjustment to multiboot.h to make its constants actually usable in assembly code, which previously they were only meant to be). Signed-off-by: Jan Beulich <jbeulich@suse.com> Acked-by: Keir Fraser <keir@xen.org> Committed-by: Jan Beulich <jbeulich@suse.com> --- a/xen/arch/x86/boot/head.S +++ b/xen/arch/x86/boot/head.S @@ -88,6 +88,20 @@ __start: movzwl 0x413,%eax /* use base memory size on failure */ shl $10-4,%eax 1: + /* + * Compare the value in the BDA with the information from the + * multiboot structure (if available) and use the smallest. + */ + testb $MBI_MEMLIMITS,(%ebx) + jz 2f /* not available? BDA value will be fine */ + mov 4(%ebx),%edx + cmp $0x100,%edx /* is the multiboot value too small? */ + jb 2f /* if so, do not use it */ + shl $10-4,%edx + cmp %eax,%edx /* compare with BDA value */ + cmovb %edx,%eax /* and use the smaller */ + +2: /* Reserve 64kb for the trampoline */ sub $0x1000,%eax /* From arch/x86/smpboot.c: start_eip had better be page-aligned! */ --- a/xen/include/xen/multiboot.h +++ b/xen/include/xen/multiboot.h @@ -18,6 +18,7 @@ #ifndef __MULTIBOOT_H__ #define __MULTIBOOT_H__ +#include "const.h" /* * Multiboot header structure. @@ -31,17 +32,17 @@ /* The magic number passed by a Multiboot-compliant boot loader. */ #define MULTIBOOT_BOOTLOADER_MAGIC 0x2BADB002 -#define MBI_MEMLIMITS (1u<< 0) -#define MBI_BOOTDEV (1u<< 1) -#define MBI_CMDLINE (1u<< 2) -#define MBI_MODULES (1u<< 3) -#define MBI_AOUT_SYMS (1u<< 4) -#define MBI_ELF_SYMS (1u<< 5) -#define MBI_MEMMAP (1u<< 6) -#define MBI_DRIVES (1u<< 7) -#define MBI_BIOSCONFIG (1u<< 8) -#define MBI_LOADERNAME (1u<< 9) -#define MBI_APM (1u<<10) +#define MBI_MEMLIMITS (_AC(1,u) << 0) +#define MBI_BOOTDEV (_AC(1,u) << 1) +#define MBI_CMDLINE (_AC(1,u) << 2) +#define MBI_MODULES (_AC(1,u) << 3) +#define MBI_AOUT_SYMS (_AC(1,u) << 4) +#define MBI_ELF_SYMS (_AC(1,u) << 5) +#define MBI_MEMMAP (_AC(1,u) << 6) +#define MBI_DRIVES (_AC(1,u) << 7) +#define MBI_BIOSCONFIG (_AC(1,u) << 8) +#define MBI_LOADERNAME (_AC(1,u) << 9) +#define MBI_APM (_AC(1,u) << 10) #ifndef __ASSEMBLY__ ++++++ 26427-x86-AMD-enable-WC+.patch ++++++ # HG changeset patch # User Boris Ostrovsky <boris.ostrovsky@amd.com> # Date 1358508058 -3600 # Node ID 8f6dd5dc5d6cdd56050ed917a0c30903bbddcbf0 # Parent eb8e9a23925d7b77c344a4a99679a45f96754a17 x86/AMD: Enable WC+ memory type on family 10 processors In some cases BIOS may not enable WC+ memory type on family 10 processors, instead converting what would be WC+ memory to CD type. On guests using nested pages this could result in performance degradation. This patch enables WC+. Signed-off-by: Boris Ostrovsky <boris.ostrovsky@amd.com> Committed-by: Jan Beulich <jbeulich@suse.com> --- a/xen/arch/x86/cpu/amd.c +++ b/xen/arch/x86/cpu/amd.c @@ -534,6 +534,19 @@ static void __devinit init_amd(struct cp } #endif + if (c->x86 == 0x10) { + /* + * On family 10h BIOS may not have properly enabled WC+ + * support, causing it to be converted to CD memtype. This may + * result in performance degradation for certain nested-paging + * guests. Prevent this conversion by clearing bit 24 in + * MSR_F10_BU_CFG2. + */ + rdmsrl(MSR_F10_BU_CFG2, value); + value &= ~(1ULL << 24); + wrmsrl(MSR_F10_BU_CFG2, value); + } + /* * Family 0x12 and above processors have APIC timer * running in deep C states. --- a/xen/include/asm-x86/msr-index.h +++ b/xen/include/asm-x86/msr-index.h @@ -215,8 +215,9 @@ #define MSR_F10_MC4_MISC2 0xc0000409 #define MSR_F10_MC4_MISC3 0xc000040A -/* AMD Family10h MMU control MSRs */ -#define MSR_F10_BU_CFG 0xc0011023 +/* AMD Family10h Bus Unit MSRs */ +#define MSR_F10_BU_CFG 0xc0011023 +#define MSR_F10_BU_CFG2 0xc001102a /* Other AMD Fam10h MSRs */ #define MSR_FAM10H_MMIO_CONF_BASE 0xc0010058 ++++++ 26428-x86-HVM-RTC-update.patch ++++++ # HG changeset patch # User Tim Deegan <tim@xen.org> # Date 1358508717 -3600 # Node ID 9e8c39bdc1fedd5dfc5aa7209cc5f77f813476c7 # Parent 8f6dd5dc5d6cdd56050ed917a0c30903bbddcbf0 x86/hvm: fix RTC setting. When the guest writes one field of the RTC time, we must bring all the other fields up to date for the current second before calculating the new RTC time. Signed-off-by: Tim Deegan <tim@xen.org> Tested-by: Phil Evans <Phil.Evans@m247.com> Committed-by: Jan Beulich <jbeulich@suse.com> --- a/xen/arch/x86/hvm/rtc.c +++ b/xen/arch/x86/hvm/rtc.c @@ -399,10 +399,17 @@ static int rtc_ioport_write(void *opaque case RTC_DAY_OF_MONTH: case RTC_MONTH: case RTC_YEAR: - s->hw.cmos_data[s->hw.cmos_index] = data; - /* if in set mode, do not update the time */ - if ( !(s->hw.cmos_data[RTC_REG_B] & RTC_SET) ) + /* if in set mode, just write the register */ + if ( (s->hw.cmos_data[RTC_REG_B] & RTC_SET) ) + s->hw.cmos_data[s->hw.cmos_index] = data; + else + { + /* Fetch the current time and update just this field. */ + s->current_tm = gmtime(get_localtime(d)); + rtc_copy_date(s); + s->hw.cmos_data[s->hw.cmos_index] = data; rtc_set_time(s); + } alarm_timer_update(s); break; case RTC_REG_A: ++++++ 26440-x86-forward-SERR.patch ++++++ # HG changeset patch # User Jan Beulich <jbeulich@suse.com> # Date 1358843590 -3600 # Node ID 5af4f2ab06f33ce441fa550333a9049c09a9ef28 # Parent 4b476378fc35e776196c29dc0e24b71529393a4c x86: restore (optional) forwarding of PCI SERR induced NMI to Dom0 c/s 22949:54fe1011f86b removed the forwarding of NMIs to Dom0 when they were caused by PCI SERR. NMI buttons as well as BMCs (like HP's iLO) may however want such events to be seen in Dom0 (e.g. to trigger a dump). Therefore restore most of the functionality which named c/s removed (adjusted for subsequent changes, and adjusting the public interface to use the modern term, retaining the old one for backwards compatibility). Signed-off-by: Jan Beulich <jbeulich@suse.com> Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Acked-by: Keir Fraser <keir@xen.org> --- a/xen/arch/x86/traps.c +++ b/xen/arch/x86/traps.c @@ -3201,6 +3201,7 @@ static void nmi_mce_softirq(void) static void pci_serr_softirq(void) { printk("\n\nNMI - PCI system error (SERR)\n"); + outb(inb(0x61) & 0x0b, 0x61); /* re-enable the PCI SERR error line. */ } void async_exception_cleanup(struct vcpu *curr) @@ -3291,9 +3292,20 @@ static void pci_serr_error(struct cpu_us { outb((inb(0x61) & 0x0f) | 0x04, 0x61); /* clear-and-disable the PCI SERR error line. */ - /* Would like to print a diagnostic here but can't call printk() - from NMI context -- raise a softirq instead. */ - raise_softirq(PCI_SERR_SOFTIRQ); + switch ( opt_nmi[0] ) + { + case 'd': /* 'dom0' */ + nmi_dom0_report(_XEN_NMIREASON_pci_serr); + case 'i': /* 'ignore' */ + /* Would like to print a diagnostic here but can't call printk() + from NMI context -- raise a softirq instead. */ + raise_softirq(PCI_SERR_SOFTIRQ); + break; + default: /* 'fatal' */ + console_force_unlock(); + printk("\n\nNMI - PCI system error (SERR)\n"); + fatal_trap(TRAP_nmi, regs); + } } static void io_check_error(struct cpu_user_regs *regs) --- a/xen/include/public/nmi.h +++ b/xen/include/public/nmi.h @@ -36,9 +36,14 @@ /* I/O-check error reported via ISA port 0x61, bit 6. */ #define _XEN_NMIREASON_io_error 0 #define XEN_NMIREASON_io_error (1UL << _XEN_NMIREASON_io_error) + /* PCI SERR reported via ISA port 0x61, bit 7. */ +#define _XEN_NMIREASON_pci_serr 1 +#define XEN_NMIREASON_pci_serr (1UL << _XEN_NMIREASON_pci_serr) +#if __XEN_INTERFACE_VERSION__ < 0x00040300 /* legacy alias of the above */ /* Parity error reported via ISA port 0x61, bit 7. */ #define _XEN_NMIREASON_parity_error 1 #define XEN_NMIREASON_parity_error (1UL << _XEN_NMIREASON_parity_error) +#endif /* Unknown hardware-generated NMI. */ #define _XEN_NMIREASON_unknown 2 #define XEN_NMIREASON_unknown (1UL << _XEN_NMIREASON_unknown) ++++++ 26443-ACPI-zap-DMAR.patch ++++++ # HG changeset patch # User Tomasz Wroblewski <tomasz.wroblewski@citrix.com> # Date 1358933464 -3600 # Node ID 9efe4c0bf9c8d3ecf03868c69c24dad3218523a4 # Parent 7c6ecf2c1831a1c7f63a96f119a8891891463e54 fix acpi_dmar_zap/reinstate() (fixes S3 regression) Fix S3 regression introduced by cs 23013:65d26504e843 (ACPI: large cleanup). The dmar virtual pointer returned from acpi_get_table cannot be safely stored away and used later, as the underlying acpi_os_map_memory / __acpi_map_table functions overwrite the mapping causing it to point to different tables than dmar (last fetched table is used). This subsequently causes acpi_dmar_reinstate() and acpi_dmar_zap() to write data to wrong table, causing its corruption and problems with consecutive s3 resumes. Added a new function to fetch ACPI table physical address, and establishing separate static mapping for dmar_table pointer instead of using acpi_get_table(). Signed-off-by: Tomasz Wroblewski <tomasz.wroblewski@citrix.com> Added call to acpi_tb_verify_table(). Fixed page count passed to map_pages_to_xen(). Cosmetic changes. Signed-off-by: Jan Beulich <jbeulich@suse.com> Committed-by: Jan Beulich <jbeulich@suse.com> --- a/xen/drivers/acpi/tables/tbxface.c +++ b/xen/drivers/acpi/tables/tbxface.c @@ -205,3 +205,51 @@ acpi_get_table(char *signature, return (AE_NOT_FOUND); } + +/****************************************************************************** + * + * FUNCTION: acpi_get_table_phys + * + * PARAMETERS: signature - ACPI signature of needed table + * instance - Which instance (for SSDTs) + * addr - Where the table's physical address is returned + * len - Where the length of table is returned + * + * RETURN: Status, pointer and length of table + * + * DESCRIPTION: Finds physical address and length of ACPI table + * + *****************************************************************************/ +acpi_status __init +acpi_get_table_phys(acpi_string signature, acpi_native_uint instance, + acpi_physical_address *addr, acpi_native_uint *len) +{ + acpi_native_uint i, j; + acpi_status status; + + if (!signature || !addr || !len) + return AE_BAD_PARAMETER; + + for (i = j = 0; i < acpi_gbl_root_table_list.count; i++) { + if (!ACPI_COMPARE_NAME( + &acpi_gbl_root_table_list.tables[i].signature, + signature)) + continue; + + if (++j < instance) + continue; + + status = + acpi_tb_verify_table(&acpi_gbl_root_table_list.tables[i]); + if (ACPI_SUCCESS(status)) { + *addr = acpi_gbl_root_table_list.tables[i].address; + *len = acpi_gbl_root_table_list.tables[i].length; + } + + acpi_gbl_root_table_list.tables[i].pointer = NULL; + + return status; + } + + return AE_NOT_FOUND; +} --- a/xen/drivers/passthrough/vtd/dmar.c +++ b/xen/drivers/passthrough/vtd/dmar.c @@ -786,7 +786,18 @@ out: int __init acpi_dmar_init(void) { - acpi_get_table(ACPI_SIG_DMAR, 0, &dmar_table); + acpi_physical_address dmar_addr; + acpi_native_uint dmar_len; + + if ( ACPI_SUCCESS(acpi_get_table_phys(ACPI_SIG_DMAR, 0, + &dmar_addr, &dmar_len)) ) + { + map_pages_to_xen((unsigned long)__va(dmar_addr), PFN_DOWN(dmar_addr), + PFN_UP(dmar_addr + dmar_len) - PFN_DOWN(dmar_addr), + PAGE_HYPERVISOR); + dmar_table = __va(dmar_addr); + } + return parse_dmar_table(acpi_parse_dmar); } --- a/xen/include/acpi/acpixf.h +++ b/xen/include/acpi/acpixf.h @@ -77,6 +77,9 @@ acpi_status acpi_get_table(acpi_string signature, acpi_native_uint instance, struct acpi_table_header **out_table); +acpi_status +acpi_get_table_phys(acpi_string signature, acpi_native_uint instance, + acpi_physical_address *addr, acpi_native_uint *len); /* * Namespace and name interfaces */ ++++++ 26444-x86-nHVM-no-self-enable.patch ++++++ References: CVE-2013-0152 XSA-35 bnc#797287 # HG changeset patch # User Ian Campbell <ian.campbell@citrix.com> # Date 1358938044 -3600 # Node ID 621b1a889e9b120236698731e0b5ecc5b0cb1d82 # Parent 9efe4c0bf9c8d3ecf03868c69c24dad3218523a4 xen: Do not allow guests to enable nested HVM on themselves There is no reason for this and doing so exposes a memory leak to guests. Only toolstacks need write access to this HVM param. This is XSA-35 / CVE-2013-0152. Signed-off-by: Ian Campbell <ian.campbell@citrix.com> Acked-by: Jan Beulich <JBeulich@suse.com> Committed-by: Jan Beulich <jbeulich@suse.com> --- a/xen/arch/x86/hvm/hvm.c +++ b/xen/arch/x86/hvm/hvm.c @@ -3930,6 +3930,11 @@ long do_hvm_op(unsigned long op, XEN_GUE rc = -EINVAL; break; case HVM_PARAM_NESTEDHVM: + if ( !IS_PRIV(current->domain) ) + { + rc = -EPERM; + break; + } #ifdef __i386__ if ( a.value ) rc = -EINVAL; ++++++ 26501-VMX-simplify-CR0-update.patch ++++++ # HG changeset patch # User Keir Fraser <keir@xen.org> # Date 1359566139 28800 # Node ID 8201b6ec3564c80db5516cdcf36dcfa9b7fdd93b # Parent 1fe8ecfdf10cc9077fc810364663a0f25a5c5b96 vmx: Simplify cr0 update handling by deferring cr4 changes to the cr4 handler. Signed-off-by: Keir Fraser <keir@xen.org> --- a/xen/arch/x86/hvm/vmx/vmx.c +++ b/xen/arch/x86/hvm/vmx/vmx.c @@ -1133,20 +1133,18 @@ static void vmx_update_guest_cr(struct v if ( paging_mode_hap(v->domain) ) { - /* We manage GUEST_CR3 when guest CR0.PE is zero or when cr3 memevents are on */ + /* Manage GUEST_CR3 when CR0.PE=0. */ uint32_t cr3_ctls = (CPU_BASED_CR3_LOAD_EXITING | CPU_BASED_CR3_STORE_EXITING); v->arch.hvm_vmx.exec_control &= ~cr3_ctls; if ( !hvm_paging_enabled(v) ) v->arch.hvm_vmx.exec_control |= cr3_ctls; + /* Trap CR3 updates if CR3 memory events are enabled. */ if ( v->domain->arch.hvm_domain.params[HVM_PARAM_MEMORY_EVENT_CR3] ) v->arch.hvm_vmx.exec_control |= CPU_BASED_CR3_LOAD_EXITING; vmx_update_cpu_exec_control(v); - - /* Changing CR0.PE can change some bits in real CR4. */ - vmx_update_guest_cr(v, 4); } if ( !(v->arch.hvm_vcpu.guest_cr[0] & X86_CR0_TS) ) @@ -1176,8 +1174,6 @@ static void vmx_update_guest_cr(struct v { for ( s = x86_seg_cs ; s <= x86_seg_tr ; s++ ) vmx_set_segment_register(v, s, ®[s]); - v->arch.hvm_vcpu.hw_cr[4] |= X86_CR4_VME; - __vmwrite(GUEST_CR4, v->arch.hvm_vcpu.hw_cr[4]); v->arch.hvm_vmx.exception_bitmap = 0xffffffff; vmx_update_exception_bitmap(v); } @@ -1187,10 +1183,6 @@ static void vmx_update_guest_cr(struct v if ( !(v->arch.hvm_vmx.vm86_segment_mask & (1<<s)) ) vmx_set_segment_register( v, s, &v->arch.hvm_vmx.vm86_saved_seg[s]); - v->arch.hvm_vcpu.hw_cr[4] = - ((v->arch.hvm_vcpu.hw_cr[4] & ~X86_CR4_VME) - |(v->arch.hvm_vcpu.guest_cr[4] & X86_CR4_VME)); - __vmwrite(GUEST_CR4, v->arch.hvm_vcpu.hw_cr[4]); v->arch.hvm_vmx.exception_bitmap = HVM_TRAP_MASK | (paging_mode_hap(v->domain) ? 0 : (1U << TRAP_page_fault)) @@ -1204,6 +1196,9 @@ static void vmx_update_guest_cr(struct v v->arch.hvm_vcpu.guest_cr[0] | hw_cr0_mask; __vmwrite(GUEST_CR0, v->arch.hvm_vcpu.hw_cr[0]); __vmwrite(CR0_READ_SHADOW, v->arch.hvm_vcpu.guest_cr[0]); + + /* Changing CR0 can change some bits in real CR4. */ + vmx_update_guest_cr(v, 4); break; } case 2: ++++++ 26502-VMX-disable-SMEP-when-not-paging.patch ++++++ # HG changeset patch # User Dongxiao Xu <dongxiao.xu@intel.com> # Date 1359566250 28800 # Node ID d1bf3b21f78302dad1ed53e540facf7b9a0e2ab5 # Parent 8201b6ec3564c80db5516cdcf36dcfa9b7fdd93b VMX: disable SMEP feature when guest is in non-paging mode SMEP is disabled if CPU is in non-paging mode in hardware. However Xen always uses paging mode to emulate guest non-paging mode with HAP. To emulate this behavior, SMEP needs to be manually disabled when guest switches to non-paging mode. We met an issue that, SMP Linux guest with recent kernel (enable SMEP support, for example, 3.5.3) would crash with triple fault if setting unrestricted_guest=0 in grub. This is because Xen uses an identity mapping page table to emulate the non-paging mode, where the page table is set with USER flag. If SMEP is still enabled in this case, guest will meet unhandlable page fault and then crash. Signed-off-by: Dongxiao Xu <dongxiao.xu@intel.com> Signed-off-by: Xiantao Zhang <xiantao.zhang@intel.com> Committed-by: Keir Fraser <keir@xen.org> --- a/xen/arch/x86/hvm/vmx/vmx.c +++ b/xen/arch/x86/hvm/vmx/vmx.c @@ -1227,6 +1227,13 @@ static void vmx_update_guest_cr(struct v { v->arch.hvm_vcpu.hw_cr[4] |= X86_CR4_PSE; v->arch.hvm_vcpu.hw_cr[4] &= ~X86_CR4_PAE; + /* + * SMEP is disabled if CPU is in non-paging mode in hardware. + * However Xen always uses paging mode to emulate guest non-paging + * mode with HAP. To emulate this behavior, SMEP needs to be + * manually disabled when guest switches to non-paging mode. + */ + v->arch.hvm_vcpu.hw_cr[4] &= ~X86_CR4_SMEP; } __vmwrite(GUEST_CR4, v->arch.hvm_vcpu.hw_cr[4]); __vmwrite(CR4_READ_SHADOW, v->arch.hvm_vcpu.guest_cr[4]); ++++++ 26516-ACPI-parse-table-retval.patch ++++++ References: CVE-2013-0153 XSA-36 bnc#800275 # HG changeset patch # User Boris Ostrovsky <boris.ostrovsky@amd.com> # Date 1360073898 -3600 # Node ID 32d4516a97f0b22ed06155f7b8e0bff075024991 # Parent 2fdca30363f08026971c094e8a1a84e19ca3e55b ACPI: acpi_table_parse() should return handler's error code Currently, the error code returned by acpi_table_parse()'s handler is ignored. This patch will propagate handler's return value to acpi_table_parse()'s caller. Signed-off-by: Boris Ostrovsky <boris.ostrovsky@amd.com> Committed-by: Jan Beulich <jbeulich@suse.com> --- a/xen/drivers/acpi/tables.c +++ b/xen/drivers/acpi/tables.c @@ -267,7 +267,7 @@ acpi_table_parse_madt(enum acpi_madt_typ * @handler: handler to run * * Scan the ACPI System Descriptor Table (STD) for a table matching @id, - * run @handler on it. Return 0 if table found, return on if not. + * run @handler on it. */ int __init acpi_table_parse(char *id, acpi_table_handler handler) { @@ -282,8 +282,7 @@ int __init acpi_table_parse(char *id, ac acpi_get_table(id, 0, &table); if (table) { - handler(table); - return 0; + return handler(table); } else return 1; } ++++++ 26517-AMD-IOMMU-clear-irtes.patch ++++++ References: CVE-2013-0153 XSA-36 bnc#800275 # HG changeset patch # User Jan Beulich <jbeulich@suse.com> # Date 1360074047 -3600 # Node ID 601139e2b0db7dc8a5bb69b9b7373fb87742741c # Parent 32d4516a97f0b22ed06155f7b8e0bff075024991 AMD,IOMMU: Clean up old entries in remapping tables when creating new one When changing the affinity of an IRQ associated with a passed through PCI device, clear previous mapping. This is XSA-36 / CVE-2013-0153. Signed-off-by: Jan Beulich <jbeulich@suse.com> In addition, because some BIOSes may incorrectly program IVRS entries for IOAPIC try to check for entry's consistency. Specifically, if conflicting entries are found disable IOMMU if per-device remapping table is used. If entries refer to bogus IOAPIC IDs disable IOMMU unconditionally Signed-off-by: Boris Ostrovsky <boris.ostrovsky@amd.com> --- a/xen/drivers/passthrough/amd/iommu_acpi.c +++ b/xen/drivers/passthrough/amd/iommu_acpi.c @@ -22,6 +22,7 @@ #include <xen/errno.h> #include <xen/acpi.h> #include <asm/apicdef.h> +#include <asm/io_apic.h> #include <asm/amd-iommu.h> #include <asm/hvm/svm/amd-iommu-proto.h> @@ -635,6 +636,7 @@ static u16 __init parse_ivhd_device_spec u16 header_length, u16 block_length, struct amd_iommu *iommu) { u16 dev_length, bdf; + int apic; dev_length = sizeof(*special); if ( header_length < (block_length + dev_length) ) @@ -651,10 +653,59 @@ static u16 __init parse_ivhd_device_spec } add_ivrs_mapping_entry(bdf, bdf, special->header.data_setting, iommu); - /* set device id of ioapic */ - ioapic_sbdf[special->handle].bdf = bdf; - ioapic_sbdf[special->handle].seg = seg; - return dev_length; + + if ( special->variety != ACPI_IVHD_IOAPIC ) + { + if ( special->variety != ACPI_IVHD_HPET ) + printk(XENLOG_ERR "Unrecognized IVHD special variety %#x\n", + special->variety); + return dev_length; + } + + /* + * Some BIOSes have IOAPIC broken entries so we check for IVRS + * consistency here --- whether entry's IOAPIC ID is valid and + * whether there are conflicting/duplicated entries. + */ + for ( apic = 0; apic < nr_ioapics; apic++ ) + { + if ( IO_APIC_ID(apic) != special->handle ) + continue; + + if ( ioapic_sbdf[special->handle].pin_setup ) + { + if ( ioapic_sbdf[special->handle].bdf == bdf && + ioapic_sbdf[special->handle].seg == seg ) + AMD_IOMMU_DEBUG("IVHD Warning: Duplicate IO-APIC %#x entries\n", + special->handle); + else + { + printk(XENLOG_ERR "IVHD Error: Conflicting IO-APIC %#x entries\n", + special->handle); + if ( amd_iommu_perdev_intremap ) + return 0; + } + } + else + { + /* set device id of ioapic */ + ioapic_sbdf[special->handle].bdf = bdf; + ioapic_sbdf[special->handle].seg = seg; + + ioapic_sbdf[special->handle].pin_setup = xzalloc_array( + unsigned long, BITS_TO_LONGS(nr_ioapic_entries[apic])); + if ( nr_ioapic_entries[apic] && + !ioapic_sbdf[IO_APIC_ID(apic)].pin_setup ) + { + printk(XENLOG_ERR "IVHD Error: Out of memory\n"); + return 0; + } + } + return dev_length; + } + + printk(XENLOG_ERR "IVHD Error: Invalid IO-APIC %#x\n", special->handle); + return 0; } static int __init parse_ivhd_block(const struct acpi_ivrs_hardware *ivhd_block) --- a/xen/drivers/passthrough/amd/iommu_intr.c +++ b/xen/drivers/passthrough/amd/iommu_intr.c @@ -99,12 +99,12 @@ static void update_intremap_entry(u32* e static void update_intremap_entry_from_ioapic( int bdf, struct amd_iommu *iommu, - struct IO_APIC_route_entry *ioapic_rte) + const struct IO_APIC_route_entry *rte, + const struct IO_APIC_route_entry *old_rte) { unsigned long flags; u32* entry; u8 delivery_mode, dest, vector, dest_mode; - struct IO_APIC_route_entry *rte = ioapic_rte; int req_id; spinlock_t *lock; int offset; @@ -120,6 +120,14 @@ static void update_intremap_entry_from_i spin_lock_irqsave(lock, flags); offset = get_intremap_offset(vector, delivery_mode); + if ( old_rte ) + { + int old_offset = get_intremap_offset(old_rte->vector, + old_rte->delivery_mode); + + if ( offset != old_offset ) + free_intremap_entry(iommu->seg, bdf, old_offset); + } entry = (u32*)get_intremap_entry(iommu->seg, req_id, offset); update_intremap_entry(entry, vector, delivery_mode, dest_mode, dest); @@ -188,6 +196,7 @@ int __init amd_iommu_setup_ioapic_remapp amd_iommu_flush_intremap(iommu, req_id); spin_unlock_irqrestore(&iommu->lock, flags); } + set_bit(pin, ioapic_sbdf[IO_APIC_ID(apic)].pin_setup); } } return 0; @@ -199,6 +208,7 @@ void amd_iommu_ioapic_update_ire( struct IO_APIC_route_entry old_rte = { 0 }; struct IO_APIC_route_entry new_rte = { 0 }; unsigned int rte_lo = (reg & 1) ? reg - 1 : reg; + unsigned int pin = (reg - 0x10) / 2; int saved_mask, seg, bdf; struct amd_iommu *iommu; @@ -236,6 +246,14 @@ void amd_iommu_ioapic_update_ire( *(((u32 *)&new_rte) + 1) = value; } + if ( new_rte.mask && + !test_bit(pin, ioapic_sbdf[IO_APIC_ID(apic)].pin_setup) ) + { + ASSERT(saved_mask); + __io_apic_write(apic, reg, value); + return; + } + /* mask the interrupt while we change the intremap table */ if ( !saved_mask ) { @@ -244,7 +262,11 @@ void amd_iommu_ioapic_update_ire( } /* Update interrupt remapping entry */ - update_intremap_entry_from_ioapic(bdf, iommu, &new_rte); + update_intremap_entry_from_ioapic( + bdf, iommu, &new_rte, + test_and_set_bit(pin, + ioapic_sbdf[IO_APIC_ID(apic)].pin_setup) ? &old_rte + : NULL); /* Forward write access to IO-APIC RTE */ __io_apic_write(apic, reg, value); @@ -354,6 +376,12 @@ void amd_iommu_msi_msg_update_ire( return; } + if ( msi_desc->remap_index >= 0 ) + update_intremap_entry_from_msi_msg(iommu, pdev, msi_desc, NULL); + + if ( !msg ) + return; + update_intremap_entry_from_msi_msg(iommu, pdev, msi_desc, msg); } --- a/xen/include/asm-x86/hvm/svm/amd-iommu-proto.h +++ b/xen/include/asm-x86/hvm/svm/amd-iommu-proto.h @@ -100,6 +100,7 @@ void amd_iommu_read_msi_from_ire( extern struct ioapic_sbdf { u16 bdf, seg; + unsigned long *pin_setup; } ioapic_sbdf[MAX_IO_APICS]; extern void *shared_intremap_table; ++++++ 26518-AMD-IOMMU-disable-if-SATA-combined-mode.patch ++++++ References: CVE-2013-0153 XSA-36 bnc#800275 # HG changeset patch # User Boris Ostrovsky <boris.ostrovsky@amd.com> # Date 1360074085 -3600 # Node ID e379a23b04655e9e43dc50944a5c9d1e59d8bee9 # Parent 601139e2b0db7dc8a5bb69b9b7373fb87742741c AMD,IOMMU: Disable IOMMU if SATA Combined mode is on AMD's SP5100 chipset can be placed into SATA Combined mode that may cause prevent dom0 from booting when IOMMU is enabled and per-device interrupt remapping table is used. While SP5100 erratum 28 requires BIOSes to disable this mode, some may still use it. This patch checks whether this mode is on and, if per-device table is in use, disables IOMMU. This is XSA-36 / CVE-2013-0153. Signed-off-by: Boris Ostrovsky <boris.ostrovsky@amd.com> Flipped operands of && in amd_iommu_init() to make the message issued by amd_sp5100_erratum28() match reality (when amd_iommu_perdev_intremap is zero, there's really no point in calling the function). Signed-off-by: Jan Beulich <jbeulich@suse.com> Committed-by: Jan Beulich <jbeulich@suse.com> --- a/xen/drivers/passthrough/amd/iommu_init.c +++ b/xen/drivers/passthrough/amd/iommu_init.c @@ -1118,12 +1118,45 @@ static int __init amd_iommu_setup_device return 0; } +/* Check whether SP5100 SATA Combined mode is on */ +static bool_t __init amd_sp5100_erratum28(void) +{ + u32 bus, id; + u16 vendor_id, dev_id; + u8 byte; + + for (bus = 0; bus < 256; bus++) + { + id = pci_conf_read32(0, bus, 0x14, 0, PCI_VENDOR_ID); + + vendor_id = id & 0xffff; + dev_id = (id >> 16) & 0xffff; + + /* SP5100 SMBus module sets Combined mode on */ + if (vendor_id != 0x1002 || dev_id != 0x4385) + continue; + + byte = pci_conf_read8(0, bus, 0x14, 0, 0xad); + if ( (byte >> 3) & 1 ) + { + printk(XENLOG_WARNING "AMD-Vi: SP5100 erratum 28 detected, disabling IOMMU.\n" + "If possible, disable SATA Combined mode in BIOS or contact your vendor for BIOS update.\n"); + return 1; + } + } + + return 0; +} + int __init amd_iommu_init(void) { struct amd_iommu *iommu; BUG_ON( !iommu_found() ); + if ( amd_iommu_perdev_intremap && amd_sp5100_erratum28() ) + goto error_out; + ivrs_bdf_entries = amd_iommu_get_ivrs_dev_entries(); if ( !ivrs_bdf_entries ) ++++++ 26519-AMD-IOMMU-perdev-intremap-default.patch ++++++ References: CVE-2013-0153 XSA-36 bnc#800275 # HG changeset patch # User Boris Ostrovsky <boris.ostrovsky@amd.com> # Date 1360074131 -3600 # Node ID 1af531e7bc2fc518f16d8d1461083c528e1517cf # Parent e379a23b04655e9e43dc50944a5c9d1e59d8bee9 AMD,IOMMU: Make per-device interrupt remapping table default Using global interrupt remapping table may be insecure, as described by XSA-36. This patch makes per-device mode default. This is XSA-36 / CVE-2013-0153. Signed-off-by: Boris Ostrovsky <boris.ostrovsky@amd.com> Moved warning in amd_iov_detect() to location covering all cases. Signed-off-by: Jan Beulich <jbeulich@suse.com> Committed-by: Jan Beulich <jbeulich@suse.com> --- a/xen/arch/x86/irq.c +++ b/xen/arch/x86/irq.c @@ -1942,9 +1942,6 @@ int map_domain_pirq( spin_lock_irqsave(&desc->lock, flags); set_domain_irq_pirq(d, irq, info); spin_unlock_irqrestore(&desc->lock, flags); - - if ( opt_irq_vector_map == OPT_IRQ_VECTOR_MAP_PERDEV ) - printk(XENLOG_INFO "Per-device vector maps for GSIs not implemented yet.\n"); } done: --- a/xen/drivers/passthrough/amd/pci_amd_iommu.c +++ b/xen/drivers/passthrough/amd/pci_amd_iommu.c @@ -204,6 +204,8 @@ int __init amd_iov_detect(void) { printk("AMD-Vi: Not overriding irq_vector_map setting\n"); } + if ( !amd_iommu_perdev_intremap ) + printk(XENLOG_WARNING "AMD-Vi: Using global interrupt remap table is not recommended (see XSA-36)!\n"); return scan_pci_devices(); } --- a/xen/drivers/passthrough/iommu.c +++ b/xen/drivers/passthrough/iommu.c @@ -52,7 +52,7 @@ bool_t __read_mostly iommu_qinval = 1; bool_t __read_mostly iommu_intremap = 1; bool_t __read_mostly iommu_hap_pt_share = 1; bool_t __read_mostly iommu_debug; -bool_t __read_mostly amd_iommu_perdev_intremap; +bool_t __read_mostly amd_iommu_perdev_intremap = 1; DEFINE_PER_CPU(bool_t, iommu_dont_flush_iotlb); ++++++ 26526-pvdrv-no-devinit.patch ++++++ # HG changeset patch # User Olaf Hering <olaf@aepfle.de> # Date 1360664991 -3600 # Node ID a37aa55c3cbcb0e8340b4985314ef8fb31d7610b # Parent 9af6e566befe5516e66b62197813aa22e1d7122c unmodified_drivers: __devinit was removed in linux-3.8 Signed-off-by: Olaf Hering <olaf@aepfle.de> Merge with __init handling. Signed-off-by: Jan Beulich <jbeulich@suse.com> Committed-by: Jan Beulich <jbeulich@suse.com> --- a/unmodified_drivers/linux-2.6/compat-include/xen/platform-compat.h +++ b/unmodified_drivers/linux-2.6/compat-include/xen/platform-compat.h @@ -13,10 +13,19 @@ #define DEFINE_SPINLOCK(x) spinlock_t x = SPIN_LOCK_UNLOCKED #endif -#if defined(_LINUX_INIT_H) && !defined(__init) +#ifdef _LINUX_INIT_H + +#ifndef __init #define __init #endif +#ifndef __devinit +#define __devinit +#define __devinitdata +#endif + +#endif /* _LINUX_INIT_H */ + #if defined(__LINUX_CACHE_H) && !defined(__read_mostly) #define __read_mostly #endif ++++++ 26529-gcc48-build-fix.patch ++++++ # HG changeset patch # User Keir Fraser <keir@xen.org> # Date 1360775011 0 # Node ID 97b7e546e2e4a021491e198a33f7d685550ebc73 # Parent 742dde457258422a3d08e3ddbf9a7eae55c93acb gcc4.8 build fix: Add -Wno-unused-local-typedefs to CFLAGS. Based on a patch by M A Young <m.a.young@durham.ac.uk> Signed-off-by: Keir Fraser <keir@xen.org> --- a/Config.mk +++ b/Config.mk @@ -166,6 +166,7 @@ CFLAGS-$(clang) += -Wno-parentheses -Wno $(call cc-option-add,HOSTCFLAGS,HOSTCC,-Wdeclaration-after-statement) $(call cc-option-add,CFLAGS,CC,-Wdeclaration-after-statement) $(call cc-option-add,CFLAGS,CC,-Wno-unused-but-set-variable) +$(call cc-option-add,CFLAGS,CC,-Wno-unused-local-typedefs) LDFLAGS += $(foreach i, $(EXTRA_LIB), -L$(i)) CFLAGS += $(foreach i, $(EXTRA_INCLUDES), -I$(i)) ++++++ 26531-AMD-IOMMU-IVHD-special-missing.patch ++++++ References: CVE-2013-0153 XSA-36 bnc#800275 # HG changeset patch # User Jan Beulich <jbeulich@suse.com> # Date 1360831252 -3600 # Node ID e68f14b9e73925e9d404e517ba510f73fe472e4e # Parent c43be17eec0602015fc6461d1f13c992ba330c20 AMD IOMMU: also spot missing IO-APIC entries in IVRS table Apart from dealing duplicate conflicting entries, we also have to handle firmware omitting IO-APIC entries in IVRS altogether. Not doing so has resulted in c/s 26517:601139e2b0db to crash such systems during boot (whereas with the change here the IOMMU gets disabled just as is being done in the other cases, i.e. unless global tables are being used). Debugging this issue has also pointed out that the debug log output is pretty ugly to look at - consolidate the output, and add one extra item for the IVHD special entries, so that future issues are easier to analyze. Signed-off-by: Jan Beulich <jbeulich@suse.com> Tested-by: Sander Eikelenboom <linux@eikelenboom.it> Acked-by: Ian Campbell <ian.campbell@citrix.com> --- a/xen/drivers/passthrough/amd/iommu_acpi.c +++ b/xen/drivers/passthrough/amd/iommu_acpi.c @@ -352,9 +352,8 @@ static int __init parse_ivmd_block(const base = start_addr & PAGE_MASK; limit = (start_addr + mem_length - 1) & PAGE_MASK; - AMD_IOMMU_DEBUG("IVMD Block: Type 0x%x\n",ivmd_block->header.type); - AMD_IOMMU_DEBUG(" Start_Addr_Phys 0x%lx\n", start_addr); - AMD_IOMMU_DEBUG(" Mem_Length 0x%lx\n", mem_length); + AMD_IOMMU_DEBUG("IVMD Block: type %#x phys %#lx len %#lx\n", + ivmd_block->header.type, start_addr, mem_length); if ( ivmd_block->header.flags & ACPI_IVMD_EXCLUSION_RANGE ) iw = ir = IOMMU_CONTROL_ENABLED; @@ -549,8 +548,8 @@ static u16 __init parse_ivhd_device_alia return 0; } - AMD_IOMMU_DEBUG(" Dev_Id Range: 0x%x -> 0x%x\n", first_bdf, last_bdf); - AMD_IOMMU_DEBUG(" Dev_Id Alias: 0x%x\n", alias_id); + AMD_IOMMU_DEBUG(" Dev_Id Range: %#x -> %#x alias %#x\n", + first_bdf, last_bdf, alias_id); for ( bdf = first_bdf; bdf <= last_bdf; bdf++ ) add_ivrs_mapping_entry(bdf, alias_id, range->alias.header.data_setting, @@ -652,6 +651,9 @@ static u16 __init parse_ivhd_device_spec return 0; } + AMD_IOMMU_DEBUG("IVHD Special: %04x:%02x:%02x.%u variety %#x handle %#x\n", + seg, PCI_BUS(bdf), PCI_SLOT(bdf), PCI_FUNC(bdf), + special->variety, special->handle); add_ivrs_mapping_entry(bdf, bdf, special->header.data_setting, iommu); if ( special->variety != ACPI_IVHD_IOAPIC ) @@ -737,10 +739,9 @@ static int __init parse_ivhd_block(const { ivhd_device = (const void *)((const u8 *)ivhd_block + block_length); - AMD_IOMMU_DEBUG( "IVHD Device Entry:\n"); - AMD_IOMMU_DEBUG( " Type 0x%x\n", ivhd_device->header.type); - AMD_IOMMU_DEBUG( " Dev_Id 0x%x\n", ivhd_device->header.id); - AMD_IOMMU_DEBUG( " Flags 0x%x\n", ivhd_device->header.data_setting); + AMD_IOMMU_DEBUG("IVHD Device Entry: type %#x id %#x flags %#x\n", + ivhd_device->header.type, ivhd_device->header.id, + ivhd_device->header.data_setting); switch ( ivhd_device->header.type ) { @@ -869,6 +870,7 @@ static int __init parse_ivrs_table(struc { const struct acpi_ivrs_header *ivrs_block; unsigned long length; + unsigned int apic; int error = 0; BUG_ON(!table); @@ -882,11 +884,9 @@ static int __init parse_ivrs_table(struc { ivrs_block = (struct acpi_ivrs_header *)((u8 *)table + length); - AMD_IOMMU_DEBUG("IVRS Block:\n"); - AMD_IOMMU_DEBUG(" Type 0x%x\n", ivrs_block->type); - AMD_IOMMU_DEBUG(" Flags 0x%x\n", ivrs_block->flags); - AMD_IOMMU_DEBUG(" Length 0x%x\n", ivrs_block->length); - AMD_IOMMU_DEBUG(" Dev_Id 0x%x\n", ivrs_block->device_id); + AMD_IOMMU_DEBUG("IVRS Block: type %#x flags %#x len %#x id %#x\n", + ivrs_block->type, ivrs_block->flags, + ivrs_block->length, ivrs_block->device_id); if ( table->length < (length + ivrs_block->length) ) { @@ -901,6 +901,29 @@ static int __init parse_ivrs_table(struc length += ivrs_block->length; } + /* Each IO-APIC must have been mentioned in the table. */ + for ( apic = 0; !error && apic < nr_ioapics; ++apic ) + { + if ( !nr_ioapic_entries[apic] || + ioapic_sbdf[IO_APIC_ID(apic)].pin_setup ) + continue; + + printk(XENLOG_ERR "IVHD Error: no information for IO-APIC %#x\n", + IO_APIC_ID(apic)); + if ( amd_iommu_perdev_intremap ) + error = -ENXIO; + else + { + ioapic_sbdf[IO_APIC_ID(apic)].pin_setup = xzalloc_array( + unsigned long, BITS_TO_LONGS(nr_ioapic_entries[apic])); + if ( !ioapic_sbdf[IO_APIC_ID(apic)].pin_setup ) + { + printk(XENLOG_ERR "IVHD Error: Out of memory\n"); + error = -ENOMEM; + } + } + } + return error; } ++++++ 26532-AMD-IOMMU-phantom-MSI.patch ++++++ References: bnc#787169 # HG changeset patch # User Jan Beulich <jbeulich@suse.com> # Date 1360831377 -3600 # Node ID 788f4551580d476e13ea907e373e58806a32179e # Parent e68f14b9e73925e9d404e517ba510f73fe472e4e AMD IOMMU: handle MSI for phantom functions With ordinary requests allowed to come from phantom functions, the remapping tables ought to be set up to also allow for MSI triggers to come from other than the "real" device too. It is not clear to me whether the alias-ID handling also needs adjustment for this to work properly, or whether firmware can be expected to properly express this through a device alias range descriptor (or multiple device alias ones). Signed-off-by: Jan Beulich <jbeulich@suse.com> Acked-by: Ian Campbell <ian.campbell@citrix.com> --- a/xen/drivers/passthrough/amd/iommu_intr.c +++ b/xen/drivers/passthrough/amd/iommu_intr.c @@ -284,33 +284,32 @@ void amd_iommu_ioapic_update_ire( } static void update_intremap_entry_from_msi_msg( - struct amd_iommu *iommu, struct pci_dev *pdev, - struct msi_desc *msi_desc, struct msi_msg *msg) + struct amd_iommu *iommu, u16 bdf, + int *remap_index, const struct msi_msg *msg) { unsigned long flags; u32* entry; - u16 bdf, req_id, alias_id; + u16 req_id, alias_id; u8 delivery_mode, dest, vector, dest_mode; spinlock_t *lock; int offset; - bdf = (pdev->bus << 8) | pdev->devfn; - req_id = get_dma_requestor_id(pdev->seg, bdf); - alias_id = get_intremap_requestor_id(pdev->seg, bdf); + req_id = get_dma_requestor_id(iommu->seg, bdf); + alias_id = get_intremap_requestor_id(iommu->seg, bdf); if ( msg == NULL ) { lock = get_intremap_lock(iommu->seg, req_id); spin_lock_irqsave(lock, flags); - free_intremap_entry(iommu->seg, req_id, msi_desc->remap_index); + free_intremap_entry(iommu->seg, req_id, *remap_index); spin_unlock_irqrestore(lock, flags); if ( ( req_id != alias_id ) && - get_ivrs_mappings(pdev->seg)[alias_id].intremap_table != NULL ) + get_ivrs_mappings(iommu->seg)[alias_id].intremap_table != NULL ) { lock = get_intremap_lock(iommu->seg, alias_id); spin_lock_irqsave(lock, flags); - free_intremap_entry(iommu->seg, alias_id, msi_desc->remap_index); + free_intremap_entry(iommu->seg, alias_id, *remap_index); spin_unlock_irqrestore(lock, flags); } goto done; @@ -324,7 +323,10 @@ static void update_intremap_entry_from_m vector = (msg->data >> MSI_DATA_VECTOR_SHIFT) & MSI_DATA_VECTOR_MASK; dest = (msg->address_lo >> MSI_ADDR_DEST_ID_SHIFT) & 0xff; offset = get_intremap_offset(vector, delivery_mode); - msi_desc->remap_index = offset; + if ( *remap_index < 0) + *remap_index = offset; + else + BUG_ON(*remap_index != offset); entry = (u32*)get_intremap_entry(iommu->seg, req_id, offset); update_intremap_entry(entry, vector, delivery_mode, dest_mode, dest); @@ -339,7 +341,7 @@ static void update_intremap_entry_from_m lock = get_intremap_lock(iommu->seg, alias_id); if ( ( req_id != alias_id ) && - get_ivrs_mappings(pdev->seg)[alias_id].intremap_table != NULL ) + get_ivrs_mappings(iommu->seg)[alias_id].intremap_table != NULL ) { spin_lock_irqsave(lock, flags); entry = (u32*)get_intremap_entry(iommu->seg, alias_id, offset); @@ -362,27 +364,44 @@ void amd_iommu_msi_msg_update_ire( struct msi_desc *msi_desc, struct msi_msg *msg) { struct pci_dev *pdev = msi_desc->dev; + int bdf = PCI_BDF2(pdev->bus, pdev->devfn); struct amd_iommu *iommu = NULL; if ( !iommu_intremap ) return; - iommu = find_iommu_for_device(pdev->seg, (pdev->bus << 8) | pdev->devfn); - + iommu = find_iommu_for_device(pdev->seg, bdf); if ( !iommu ) { - AMD_IOMMU_DEBUG("Fail to find iommu for MSI device id = 0x%x\n", - (pdev->bus << 8) | pdev->devfn); + AMD_IOMMU_DEBUG("Fail to find iommu for MSI device id = 0x%x\n", bdf); return; } if ( msi_desc->remap_index >= 0 ) - update_intremap_entry_from_msi_msg(iommu, pdev, msi_desc, NULL); + { + do { + update_intremap_entry_from_msi_msg(iommu, bdf, + &msi_desc->remap_index, NULL); + if ( !pdev || !pdev->phantom_stride ) + break; + bdf += pdev->phantom_stride; + } while ( PCI_SLOT(bdf) == PCI_SLOT(pdev->devfn) ); + + msi_desc->remap_index = -1; + if ( pdev ) + bdf = PCI_BDF2(pdev->bus, pdev->devfn); + } if ( !msg ) return; - update_intremap_entry_from_msi_msg(iommu, pdev, msi_desc, msg); + do { + update_intremap_entry_from_msi_msg(iommu, bdf, &msi_desc->remap_index, + msg); + if ( !pdev || !pdev->phantom_stride ) + break; + bdf += pdev->phantom_stride; + } while ( PCI_SLOT(bdf) == PCI_SLOT(pdev->devfn) ); } void amd_iommu_read_msi_from_ire( ++++++ 26536-xenoprof-div-by-0.patch ++++++ # HG changeset patch # User Tim Deegan <tim@xen.org> # Date 1360917722 -3600 # Node ID 0cca8a18432f08b342d76a753aa98559d892f592 # Parent 7af3c38ae187b351c5cea58e9eee482b50d814d8 xenoprof: avoid division by 0 Signed-off-by: Tim Deegan <tim@xen.org> Acked-by: Jan Beulich <jbeulich@suse.com> Acked-by: Keir Fraser <keir@xen.org> Committed-by: Jan Beulich <jbeulich@suse.com> --- a/xen/common/xenoprof.c +++ b/xen/common/xenoprof.c @@ -193,6 +193,13 @@ static int alloc_xenoprof_struct( unsigned max_max_samples; int i; + nvcpu = 0; + for_each_vcpu ( d, v ) + nvcpu++; + + if ( !nvcpu ) + return -EINVAL; + d->xenoprof = xzalloc(struct xenoprof); if ( d->xenoprof == NULL ) { @@ -209,10 +216,6 @@ static int alloc_xenoprof_struct( return -ENOMEM; } - nvcpu = 0; - for_each_vcpu ( d, v ) - nvcpu++; - bufsize = sizeof(struct xenoprof_buf); i = sizeof(struct event_log); #ifdef CONFIG_COMPAT ++++++ 26547-tools-xc_fix_logic_error_in_stdiostream_progress.patch ++++++ changeset: 26547:8285d20a6f5b user: Olaf Hering <olaf@aepfle.de> date: Fri Feb 15 13:32:11 2013 +0000 files: tools/libxc/xtl_logger_stdio.c description: tools/xc: fix logic error in stdiostream_progress Setting XTL_STDIOSTREAM_HIDE_PROGRESS should disable progress reporting. Signed-off-by: Olaf Hering <olaf@aepfle.de> Acked-by: Ian Campbell <ian.campbell@citrix.com> Committed-by: Ian Campbell <ian.campbell@citrix.com> diff -r 0141aeb86b79 -r 8285d20a6f5b tools/libxc/xtl_logger_stdio.c --- a/tools/libxc/xtl_logger_stdio.c Fri Feb 15 13:32:10 2013 +0000 +++ b/tools/libxc/xtl_logger_stdio.c Fri Feb 15 13:32:11 2013 +0000 @@ -89,7 +89,7 @@ static void stdiostream_progress(struct int newpel, extra_erase; xentoollog_level this_level; - if (!(lg->flags & XTL_STDIOSTREAM_HIDE_PROGRESS)) + if (lg->flags & XTL_STDIOSTREAM_HIDE_PROGRESS) return; if (percent < lg->progress_last_percent) { ++++++ 26548-tools-xc_handle_tty_output_differently_in_stdiostream_progress.patch ++++++ changeset: 26548:e7d9bac5c11d user: Olaf Hering <olaf@aepfle.de> date: Fri Feb 15 13:32:11 2013 +0000 files: tools/libxc/xtl_logger_stdio.c description: tools/xc: handle tty output differently in stdiostream_progress If the output goes to a tty, rewind the cursor and print everything in a single line as it was done up to now. If the output goes to a file or pipe print a newline after each progress output. This will fix logging of progress messages from xc_save to xend.log. To support XTL_STDIOSTREAM_SHOW_PID or XTL_STDIOSTREAM_SHOW_DATE print the output via vmessage if the output is not a tty. Signed-off-by: Olaf Hering <olaf@aepfle.de> Acked-by: Ian Campbell <ian.campbell@citrix.com> Committed-by: Ian Campbell <ian.campbell@citrix.com> diff -r 8285d20a6f5b -r e7d9bac5c11d tools/libxc/xtl_logger_stdio.c --- a/tools/libxc/xtl_logger_stdio.c Fri Feb 15 13:32:11 2013 +0000 +++ b/tools/libxc/xtl_logger_stdio.c Fri Feb 15 13:32:11 2013 +0000 @@ -81,6 +81,17 @@ static void stdiostream_vmessage(xentool fflush(lg->f); } +static void stdiostream_message(struct xentoollog_logger *logger_in, + xentoollog_level level, + const char *context, + const char *format, ...) +{ + va_list al; + va_start(al,format); + stdiostream_vmessage(logger_in, level, -1, context, format, al); + va_end(al); +} + static void stdiostream_progress(struct xentoollog_logger *logger_in, const char *context, const char *doing_what, int percent, @@ -105,11 +116,18 @@ static void stdiostream_progress(struct if (this_level < lg->min_level) return; + lg->progress_last_percent = percent; + + if (isatty(fileno(lg->f)) <= 0) { + stdiostream_message(logger_in, this_level, context, + "%s: %lu/%lu %3d%%", + doing_what, done, total, percent); + return; + } + if (lg->progress_erase_len) putc('\r', lg->f); - lg->progress_last_percent = percent; - newpel = fprintf(lg->f, "%s%s" "%s: %lu/%lu %3d%%%s", context?context:"", context?": ":"", doing_what, done, total, percent, ++++++ 26549-tools-xc_turn_XCFLAGS_*_into_shifts.patch ++++++ changeset: 26549:d2991367ecd2 user: Olaf Hering <olaf@aepfle.de> date: Fri Feb 15 13:32:12 2013 +0000 files: tools/libxc/xenguest.h description: tools/xc: turn XCFLAGS_* into shifts to make it clear that these are bits and to make it easier to use in xend code. Signed-off-by: Olaf Hering <olaf@aepfle.de> Acked-by: Ian Campbell <ian.campbell@citrix.com> Committed-by: Ian Campbell <ian.campbell@citrix.com> diff -r e7d9bac5c11d -r d2991367ecd2 tools/libxc/xenguest.h --- a/tools/libxc/xenguest.h Fri Feb 15 13:32:11 2013 +0000 +++ b/tools/libxc/xenguest.h Fri Feb 15 13:32:12 2013 +0000 @@ -23,11 +23,12 @@ #ifndef XENGUEST_H #define XENGUEST_H -#define XCFLAGS_LIVE 1 -#define XCFLAGS_DEBUG 2 -#define XCFLAGS_HVM 4 -#define XCFLAGS_STDVGA 8 -#define XCFLAGS_CHECKPOINT_COMPRESS 16 +#define XCFLAGS_LIVE (1 << 0) +#define XCFLAGS_DEBUG (1 << 1) +#define XCFLAGS_HVM (1 << 2) +#define XCFLAGS_STDVGA (1 << 3) +#define XCFLAGS_CHECKPOINT_COMPRESS (1 << 4) + #define X86_64_B_SIZE 64 #define X86_32_B_SIZE 32 ++++++ 26550-tools-xc_restore_logging_in_xc_save.patch ++++++ changeset: 26550:e6c373fcb73e user: Olaf Hering <olaf@aepfle.de> date: Fri Feb 15 13:32:13 2013 +0000 files: tools/xcutils/xc_save.c description: tools/xc: restore logging in xc_save Prior to xen-4.1 the helper xc_save would print some progress during migration. With the new xc_interface_open API no more messages were printed because no logger was configured. Restore previous behaviour by providing a logger. The progress in xc_domain_save will be disabled because it generates alot of output and fills up xend.log quickly. Signed-off-by: Olaf Hering <olaf@aepfle.de> Acked-by: Ian Campbell <ian.campbell@citrix.com> Committed-by: Ian Campbell <ian.campbell@citrix.com> diff -r d2991367ecd2 -r e6c373fcb73e tools/xcutils/xc_save.c --- a/tools/xcutils/xc_save.c Fri Feb 15 13:32:12 2013 +0000 +++ b/tools/xcutils/xc_save.c Fri Feb 15 13:32:13 2013 +0000 @@ -166,17 +166,15 @@ static int switch_qemu_logdirty(int domi int main(int argc, char **argv) { - unsigned int maxit, max_f; + unsigned int maxit, max_f, lflags; int io_fd, ret, port; struct save_callbacks callbacks; + xentoollog_level lvl; + xentoollog_logger *l; if (argc != 6) errx(1, "usage: %s iofd domid maxit maxf flags", argv[0]); - si.xch = xc_interface_open(0,0,0); - if (!si.xch) - errx(1, "failed to open control interface"); - io_fd = atoi(argv[1]); si.domid = atoi(argv[2]); maxit = atoi(argv[3]); @@ -185,6 +183,13 @@ main(int argc, char **argv) si.suspend_evtchn = -1; + lvl = si.flags & XCFLAGS_DEBUG ? XTL_DEBUG: XTL_DETAIL; + lflags = XTL_STDIOSTREAM_HIDE_PROGRESS; + l = (xentoollog_logger *)xtl_createlogger_stdiostream(stderr, lvl, lflags); + si.xch = xc_interface_open(l, 0, 0); + if (!si.xch) + errx(1, "failed to open control interface"); + si.xce = xc_evtchn_open(NULL, 0); if (si.xce == NULL) warnx("failed to open event channel handle"); ++++++ 26551-tools-xc_log_pid_in_xc_save-xc_restore_output.patch ++++++ changeset: 26551:48f9436959dd user: Olaf Hering <olaf@aepfle.de> date: Fri Feb 15 13:32:13 2013 +0000 files: tools/libxc/xc_domain_restore.c tools/libxc/xc_domain_save.c tools/xcutils/xc_restore.c tools/xcutils/xc_save.c description: tools/xc: log pid in xc_save/xc_restore output If several migrations log their output to xend.log its not clear which line belongs to a which guest. Print entry/exit of xc_save and xc_restore and also request to print pid with each log call. Signed-off-by: Olaf Hering <olaf@aepfle.de> Acked-by: Ian Campbell <ian.campbell@citrix.com> Committed-by: Ian Campbell <ian.campbell@citrix.com> Index: xen-4.2.1-testing/tools/libxc/xc_domain_restore.c =================================================================== --- xen-4.2.1-testing.orig/tools/libxc/xc_domain_restore.c +++ xen-4.2.1-testing/tools/libxc/xc_domain_restore.c @@ -1382,6 +1382,8 @@ int xc_domain_restore(xc_interface *xch, struct restore_ctx *ctx = &_ctx; struct domain_info_context *dinfo = &ctx->dinfo; + DPRINTF("%s: starting restore of new domid %u", __func__, dom); + pagebuf_init(&pagebuf); memset(&tailbuf, 0, sizeof(tailbuf)); tailbuf.ishvm = hvm; @@ -1408,7 +1410,7 @@ int xc_domain_restore(xc_interface *xch, PERROR("read: p2m_size"); goto out; } - DPRINTF("xc_domain_restore start: p2m_size = %lx\n", dinfo->p2m_size); + DPRINTF("%s: p2m_size = %lx\n", __func__, dinfo->p2m_size); if ( !get_platform_info(xch, dom, &ctx->max_mfn, &ctx->hvirt_start, &ctx->pt_levels, &dinfo->guest_width) ) @@ -2215,7 +2217,7 @@ int xc_domain_restore(xc_interface *xch, fcntl(io_fd, F_SETFL, orig_io_fd_flags); - DPRINTF("Restore exit with rc=%d\n", rc); + DPRINTF("Restore exit of domid %u with rc=%d\n", dom, rc); return rc; } Index: xen-4.2.1-testing/tools/libxc/xc_domain_save.c =================================================================== --- xen-4.2.1-testing.orig/tools/libxc/xc_domain_save.c +++ xen-4.2.1-testing/tools/libxc/xc_domain_save.c @@ -897,6 +897,8 @@ int xc_domain_save(xc_interface *xch, in int completed = 0; + DPRINTF("%s: starting save of domid %u", __func__, dom); + if ( hvm && !callbacks->switch_qemu_logdirty ) { ERROR("No switch_qemu_logdirty callback provided."); @@ -2112,7 +2114,7 @@ int xc_domain_save(xc_interface *xch, in free(pfn_err); free(to_fix); - DPRINTF("Save exit rc=%d\n",rc); + DPRINTF("Save exit of domid %u with rc=%d\n", dom, rc); return !!rc; } Index: xen-4.2.1-testing/tools/xcutils/xc_restore.c =================================================================== --- xen-4.2.1-testing.orig/tools/xcutils/xc_restore.c +++ xen-4.2.1-testing/tools/xcutils/xc_restore.c @@ -19,17 +19,22 @@ int main(int argc, char **argv) { unsigned int domid, store_evtchn, console_evtchn; - unsigned int hvm, pae, apic; + unsigned int hvm, pae, apic, lflags; xc_interface *xch; int io_fd, ret; int superpages; unsigned long store_mfn, console_mfn; + xentoollog_level lvl; + xentoollog_logger *l; if ( (argc != 8) && (argc != 9) ) errx(1, "usage: %s iofd domid store_evtchn " "console_evtchn hvm pae apic [superpages]", argv[0]); - xch = xc_interface_open(0,0,0); + lvl = XTL_DETAIL; + lflags = XTL_STDIOSTREAM_SHOW_PID | XTL_STDIOSTREAM_HIDE_PROGRESS; + l = (xentoollog_logger *)xtl_createlogger_stdiostream(stderr, lvl, lflags); + xch = xc_interface_open(l, 0, 0); if ( !xch ) errx(1, "failed to open control interface"); Index: xen-4.2.1-testing/tools/xcutils/xc_save.c =================================================================== --- xen-4.2.1-testing.orig/tools/xcutils/xc_save.c +++ xen-4.2.1-testing/tools/xcutils/xc_save.c @@ -184,7 +184,7 @@ main(int argc, char **argv) si.suspend_evtchn = -1; lvl = si.flags & XCFLAGS_DEBUG ? XTL_DEBUG: XTL_DETAIL; - lflags = XTL_STDIOSTREAM_HIDE_PROGRESS; + lflags = XTL_STDIOSTREAM_SHOW_PID | XTL_STDIOSTREAM_HIDE_PROGRESS; l = (xentoollog_logger *)xtl_createlogger_stdiostream(stderr, lvl, lflags); si.xch = xc_interface_open(l, 0, 0); if (!si.xch) ++++++ 26554-hvm-firmware-passthrough.patch ++++++ # HG changeset patch # User Ross Philipson <ross.philipson@citrix.com> # Date 1360935136 0 # Node ID 3124ab7855fd7d4e0f3ea125cb21b60d693e8800 # Parent 71c15ae0998378b5c117bbd27a48015757685706 libxl: switch to using the new xc_hvm_build() libxc API. Signed-off-by: Ross Philipson <ross.philipson@citrix.com> Acked-by: Ian Campbell <ian.campbell@citrix.com> Committed-by: Ian Campbell <ian.campbell@citrix.com> diff -r 71c15ae09983 -r 3124ab7855fd tools/libxl/libxl_dom.c --- a/tools/libxl/libxl_dom.c Fri Feb 15 13:32:15 2013 +0000 +++ b/tools/libxl/libxl_dom.c Fri Feb 15 13:32:16 2013 +0000 @@ -542,17 +542,24 @@ int libxl__build_hvm(libxl__gc *gc, uint libxl__domain_build_state *state) { libxl_ctx *ctx = libxl__gc_owner(gc); + struct xc_hvm_build_args args = {}; int ret, rc = ERROR_FAIL; const char *firmware = libxl__domain_firmware(gc, info); if (!firmware) goto out; - ret = xc_hvm_build_target_mem( - ctx->xch, - domid, - (info->max_memkb - info->video_memkb) / 1024, - (info->target_memkb - info->video_memkb) / 1024, - firmware); + + memset(&args, 0, sizeof(struct xc_hvm_build_args)); + /* The params from the configuration file are in Mb, which are then + * multiplied by 1 Kb. This was then divided off when calling + * the old xc_hvm_build_target_mem() which then turned them to bytes. + * Do all this in one step here... + */ + args.mem_size = (uint64_t)(info->max_memkb - info->video_memkb) << 10; + args.mem_target = (uint64_t)(info->target_memkb - info->video_memkb) << 10; + args.image_file_name = firmware; + + ret = xc_hvm_build(ctx->xch, domid, &args); if (ret) { LIBXL__LOG_ERRNOVAL(ctx, LIBXL__LOG_ERROR, ret, "hvm building failed"); goto out; ++++++ 26555-hvm-firmware-passthrough.patch ++++++ # HG changeset patch # User Ross Philipson <ross.philipson@citrix.com> # Date 1360935136 0 # Node ID 17a228e37ec0913ff86b8b5f2d88f1b8e92146f1 # Parent 3124ab7855fd7d4e0f3ea125cb21b60d693e8800 libxl: HVM firmware passthrough support This patch introduces support for two new parameters in libxl: smbios_firmware=<path_to_smbios_structures_file> acpi_firmware=<path_to_acpi_tables_file> The changes are primarily in the domain building code where the firmware files are read and passed to libxc for loading into the new guest. After the domain building call to libxc, the addresses for the loaded blobs are returned and written to xenstore. LIBXL_HAVE_FIRMWARE_PASSTHROUGH is defined in libxl.h to allow users to determine if the feature is present. This patch also updates the xl.cfg man page with descriptions of the two new parameters for firmware passthrough. Signed-off-by: Ross Philipson <ross.philipson@citrix.com> Acked-by: Ian Campbell <ian.campbell@citrix.com> Committed-by: Ian Campbell <ian.campbell@citrix.com> Index: xen-4.2.1-testing/docs/man/xl.cfg.pod.5 =================================================================== --- xen-4.2.1-testing.orig/docs/man/xl.cfg.pod.5 +++ xen-4.2.1-testing/docs/man/xl.cfg.pod.5 @@ -637,6 +637,25 @@ of Xen) within a Xen guest or to support which uses hardware virtualisation extensions (e.g. Windows XP compatibility mode on more modern Windows OS). +=item B<acpi_firmware="STRING"> + +Specify a path to a file that contains extra ACPI firmware tables to pass in to +a guest. The file can contain several tables in their binary AML form +concatenated together. Each table self describes its length so no additional +information is needed. These tables will be added to the ACPI table set in the +guest. Note that existing tables cannot be overridden by this feature. For +example this cannot be used to override tables like DSDT, FADT, etc. + +=item B<smbios_firmware="STRING"> + +Specify a path to a file that contains extra SMBIOS firmware structures to pass +in to a guest. The file can contain a set DMTF predefined structures which will +override the internal defaults. Not all predefined structures can be overridden, +only the following types: 0, 1, 2, 3, 11, 22, 39. The file can also contain any +number of vendor defined SMBIOS structures (type 128 - 255). Since SMBIOS +structures do not present their overall size, each entry in the file must be +preceded by a 32b integer indicating the size of the next structure. + =back =head3 Guest Virtual Time Controls Index: xen-4.2.1-testing/tools/libxl/libxl.h =================================================================== --- xen-4.2.1-testing.orig/tools/libxl/libxl.h +++ xen-4.2.1-testing/tools/libxl/libxl.h @@ -68,6 +68,13 @@ */ /* + * LIBXL_HAVE_FIRMWARE_PASSTHROUGH indicates the feature for + * passing in SMBIOS and ACPI firmware to HVM guests is present + * in the library. + */ +#define LIBXL_HAVE_FIRMWARE_PASSTHROUGH 1 + +/* * libxl ABI compatibility * * The only guarantee which libxl makes regarding ABI compatibility Index: xen-4.2.1-testing/tools/libxl/libxl_dom.c =================================================================== --- xen-4.2.1-testing.orig/tools/libxl/libxl_dom.c +++ xen-4.2.1-testing/tools/libxl/libxl_dom.c @@ -21,6 +21,7 @@ #include <xc_dom.h> #include <xen/hvm/hvm_info_table.h> +#include <xen/hvm/hvm_xs_strings.h> libxl_domain_type libxl__domain_type(libxl__gc *gc, uint32_t domid) { @@ -510,11 +511,61 @@ static int hvm_build_set_params(xc_inter return 0; } -static const char *libxl__domain_firmware(libxl__gc *gc, - libxl_domain_build_info *info) +static int hvm_build_set_xs_values(libxl__gc *gc, + uint32_t domid, + struct xc_hvm_build_args *args) +{ + char *path = NULL; + int ret = 0; + + if (args->smbios_module.guest_addr_out) { + path = GCSPRINTF("/local/domain/%d/"HVM_XS_SMBIOS_PT_ADDRESS, domid); + + ret = libxl__xs_write(gc, XBT_NULL, path, "0x%"PRIx64, + args->smbios_module.guest_addr_out); + if (ret) + goto err; + + path = GCSPRINTF("/local/domain/%d/"HVM_XS_SMBIOS_PT_LENGTH, domid); + + ret = libxl__xs_write(gc, XBT_NULL, path, "0x%x", + args->smbios_module.length); + if (ret) + goto err; + } + + if (args->acpi_module.guest_addr_out) { + path = GCSPRINTF("/local/domain/%d/"HVM_XS_ACPI_PT_ADDRESS, domid); + + ret = libxl__xs_write(gc, XBT_NULL, path, "0x%"PRIx64, + args->acpi_module.guest_addr_out); + if (ret) + goto err; + + path = GCSPRINTF("/local/domain/%d/"HVM_XS_ACPI_PT_LENGTH, domid); + + ret = libxl__xs_write(gc, XBT_NULL, path, "0x%x", + args->acpi_module.length); + if (ret) + goto err; + } + + return 0; + +err: + LOG(ERROR, "failed to write firmware xenstore value, err: %d", ret); + return ret; +} + +static int libxl__domain_firmware(libxl__gc *gc, + libxl_domain_build_info *info, + struct xc_hvm_build_args *args) { libxl_ctx *ctx = libxl__gc_owner(gc); const char *firmware; + int e, rc = ERROR_FAIL; + int datalen = 0; + void *data; if (info->u.hvm.firmware) firmware = info->u.hvm.firmware; @@ -528,13 +579,52 @@ static const char *libxl__domain_firmwar firmware = "hvmloader"; break; default: - LIBXL__LOG(ctx, LIBXL__LOG_ERROR, "invalid device model version %d", - info->device_model_version); - return NULL; + LOG(ERROR, "invalid device model version %d", + info->device_model_version); + return ERROR_FAIL; break; } } - return libxl__abs_path(gc, firmware, libxl__xenfirmwaredir_path()); + args->image_file_name = libxl__abs_path(gc, firmware, + libxl__xenfirmwaredir_path()); + + if (info->u.hvm.smbios_firmware) { + data = NULL; + e = libxl_read_file_contents(ctx, info->u.hvm.smbios_firmware, + &data, &datalen); + if (e) { + LOGEV(ERROR, e, "failed to read SMBIOS firmware file %s", + info->u.hvm.smbios_firmware); + goto out; + } + libxl__ptr_add(gc, data); + if (datalen) { + /* Only accept non-empty files */ + args->smbios_module.data = data; + args->smbios_module.length = (uint32_t)datalen; + } + } + + if (info->u.hvm.acpi_firmware) { + data = NULL; + e = libxl_read_file_contents(ctx, info->u.hvm.acpi_firmware, + &data, &datalen); + if (e) { + LOGEV(ERROR, e, "failed to read ACPI firmware file %s", + info->u.hvm.acpi_firmware); + goto out; + } + libxl__ptr_add(gc, data); + if (datalen) { + /* Only accept non-empty files */ + args->acpi_module.data = data; + args->acpi_module.length = (uint32_t)datalen; + } + } + + return 0; +out: + return rc; } int libxl__build_hvm(libxl__gc *gc, uint32_t domid, @@ -544,10 +634,6 @@ int libxl__build_hvm(libxl__gc *gc, uint libxl_ctx *ctx = libxl__gc_owner(gc); struct xc_hvm_build_args args = {}; int ret, rc = ERROR_FAIL; - const char *firmware = libxl__domain_firmware(gc, info); - - if (!firmware) - goto out; memset(&args, 0, sizeof(struct xc_hvm_build_args)); /* The params from the configuration file are in Mb, which are then @@ -557,22 +643,34 @@ int libxl__build_hvm(libxl__gc *gc, uint */ args.mem_size = (uint64_t)(info->max_memkb - info->video_memkb) << 10; args.mem_target = (uint64_t)(info->target_memkb - info->video_memkb) << 10; - args.image_file_name = firmware; + + if (libxl__domain_firmware(gc, info, &args)) { + LOG(ERROR, "initializing domain firmware failed"); + goto out; + } ret = xc_hvm_build(ctx->xch, domid, &args); if (ret) { - LIBXL__LOG_ERRNOVAL(ctx, LIBXL__LOG_ERROR, ret, "hvm building failed"); + LOGEV(ERROR, ret, "hvm building failed"); goto out; } + ret = hvm_build_set_params(ctx->xch, domid, info, state->store_port, &state->store_mfn, state->console_port, &state->console_mfn, state->store_domid, state->console_domid); if (ret) { - LIBXL__LOG_ERRNOVAL(ctx, LIBXL__LOG_ERROR, ret, "hvm build set params failed"); + LOGEV(ERROR, ret, "hvm build set params failed"); goto out; } - rc = 0; + + ret = hvm_build_set_xs_values(gc, domid, &args); + if (ret) { + LOG(ERROR, "hvm build set xenstore values failed (ret=%d)", ret); + goto out; + } + + return 0; out: return rc; } @@ -634,7 +732,7 @@ int libxl__toolstack_restore(uint32_t do memcpy(&count, ptr, sizeof(count)); ptr += sizeof(count); - + if (size < sizeof(version) + sizeof(count) + count * (sizeof(struct libxl__physmap_info))) { LIBXL__LOG(ctx, LIBXL__LOG_ERROR, "wrong size"); @@ -809,7 +907,7 @@ static void switch_logdirty_xswatch(libx rc = libxl__xs_rm_checked(gc, t, lds->ret_path); if (rc) goto out; - rc = libxl__xs_transaction_commit(gc, &t); + rc = libxl__xs_transaction_commit(gc, &t); if (!rc) break; if (rc<0) goto out; } @@ -1281,7 +1379,7 @@ void libxl__xc_domain_save_done(libxl__e if (type == LIBXL_DOMAIN_TYPE_HVM) { rc = libxl__domain_suspend_device_model(gc, dss); if (rc) goto out; - + libxl__domain_save_device_model(egc, dss, domain_suspend_done); return; } Index: xen-4.2.1-testing/tools/libxl/libxl_types.idl =================================================================== --- xen-4.2.1-testing.orig/tools/libxl/libxl_types.idl +++ xen-4.2.1-testing/tools/libxl/libxl_types.idl @@ -301,6 +301,8 @@ libxl_domain_build_info = Struct("domain ("vpt_align", libxl_defbool), ("timer_mode", libxl_timer_mode), ("nested_hvm", libxl_defbool), + ("smbios_firmware", string), + ("acpi_firmware", string), ("nographic", libxl_defbool), ("vga", libxl_vga_interface_info), ("vnc", libxl_vnc_info), Index: xen-4.2.1-testing/tools/libxl/xl_cmdimpl.c =================================================================== --- xen-4.2.1-testing.orig/tools/libxl/xl_cmdimpl.c +++ xen-4.2.1-testing/tools/libxl/xl_cmdimpl.c @@ -863,6 +863,11 @@ static void parse_config_data(const char } xlu_cfg_get_defbool(config, "nestedhvm", &b_info->u.hvm.nested_hvm, 0); + + xlu_cfg_replace_string(config, "smbios_firmware", + &b_info->u.hvm.smbios_firmware, 0); + xlu_cfg_replace_string(config, "acpi_firmware", + &b_info->u.hvm.acpi_firmware, 0); break; case LIBXL_DOMAIN_TYPE_PV: { ++++++ 26556-hvm-firmware-passthrough.patch ++++++ # HG changeset patch # User Ross Philipson <ross.philipson@citrix.com> # Date 1360935137 0 # Node ID 6a9549a15108669408123e5e39f52ad09dea1c10 # Parent 17a228e37ec0913ff86b8b5f2d88f1b8e92146f1 libxl: Cleanup, use LOG* and GCSPRINTF macro in libxl_dom.c Signed-off-by: Ross Philipson <ross.philipson@citrix.com> Acked-by: Ian Campbell <ian.campbell@citrix.com> Committed-by: Ian Campbell <ian.campbell@citrix.com> Index: xen-4.2.1-testing/tools/libxl/libxl_dom.c =================================================================== --- xen-4.2.1-testing.orig/tools/libxl/libxl_dom.c +++ xen-4.2.1-testing/tools/libxl/libxl_dom.c @@ -31,8 +31,7 @@ libxl_domain_type libxl__domain_type(lib ret = xc_domain_getinfolist(ctx->xch, domid, 1, &info); if (ret != 1 || info.domain != domid) { - LIBXL__LOG(CTX, LIBXL__LOG_ERROR, - "unable to get domain type for domid=%"PRIu32, domid); + LOG(ERROR, "unable to get domain type for domid=%"PRIu32, domid); return LIBXL_DOMAIN_TYPE_INVALID; } if (info.flags & XEN_DOMINF_hvm_guest) @@ -313,20 +312,19 @@ int libxl__build_post(libxl__gc *gc, uin ents = libxl__calloc(gc, 12 + (info->max_vcpus * 2) + 2, sizeof(char *)); ents[0] = "memory/static-max"; - ents[1] = libxl__sprintf(gc, "%"PRId64, info->max_memkb); + ents[1] = GCSPRINTF("%"PRId64, info->max_memkb); ents[2] = "memory/target"; - ents[3] = libxl__sprintf(gc, "%"PRId64, - info->target_memkb - info->video_memkb); + ents[3] = GCSPRINTF("%"PRId64, info->target_memkb - info->video_memkb); ents[4] = "memory/videoram"; - ents[5] = libxl__sprintf(gc, "%"PRId64, info->video_memkb); + ents[5] = GCSPRINTF("%"PRId64, info->video_memkb); ents[6] = "domid"; - ents[7] = libxl__sprintf(gc, "%d", domid); + ents[7] = GCSPRINTF("%d", domid); ents[8] = "store/port"; - ents[9] = libxl__sprintf(gc, "%"PRIu32, state->store_port); + ents[9] = GCSPRINTF("%"PRIu32, state->store_port); ents[10] = "store/ring-ref"; - ents[11] = libxl__sprintf(gc, "%lu", state->store_mfn); + ents[11] = GCSPRINTF("%lu", state->store_mfn); for (i = 0; i < info->max_vcpus; i++) { - ents[12+(i*2)] = libxl__sprintf(gc, "cpu/%d/availability", i); + ents[12+(i*2)] = GCSPRINTF("cpu/%d/availability", i); ents[12+(i*2)+1] = libxl_bitmap_test(&info->avail_vcpus, i) ? "online" : "offline"; } @@ -335,7 +333,7 @@ int libxl__build_post(libxl__gc *gc, uin if (info->type == LIBXL_DOMAIN_TYPE_HVM) { hvm_ents = libxl__calloc(gc, 3, sizeof(char *)); hvm_ents[0] = "hvmloader/generation-id-address"; - hvm_ents[1] = libxl__sprintf(gc, "0x%lx", state->vm_generationid_addr); + hvm_ents[1] = GCSPRINTF("0x%lx", state->vm_generationid_addr); } dom_path = libxl__xs_get_dompath(gc, domid); @@ -343,7 +341,7 @@ int libxl__build_post(libxl__gc *gc, uin return ERROR_FAIL; } - vm_path = xs_read(ctx->xsh, XBT_NULL, libxl__sprintf(gc, "%s/vm", dom_path), NULL); + vm_path = xs_read(ctx->xsh, XBT_NULL, GCSPRINTF("%s/vm", dom_path), NULL); retry_transaction: t = xs_transaction_start(ctx->xsh); @@ -374,7 +372,7 @@ int libxl__build_pv(libxl__gc *gc, uint3 dom = xc_dom_allocate(ctx->xch, state->pv_cmdline, info->u.pv.features); if (!dom) { - LIBXL__LOG_ERRNO(ctx, LIBXL__LOG_ERROR, "xc_dom_allocate failed"); + LOGE(ERROR, "xc_dom_allocate failed"); return ERROR_FAIL; } @@ -384,13 +382,13 @@ int libxl__build_pv(libxl__gc *gc, uint3 state->pv_kernel.data, state->pv_kernel.size); if ( ret != 0) { - LIBXL__LOG_ERRNO(ctx, LIBXL__LOG_ERROR, "xc_dom_kernel_mem failed"); + LOGE(ERROR, "xc_dom_kernel_mem failed"); goto out; } } else { ret = xc_dom_kernel_file(dom, state->pv_kernel.path); if ( ret != 0) { - LIBXL__LOG_ERRNO(ctx, LIBXL__LOG_ERROR, "xc_dom_kernel_file failed"); + LOGE(ERROR, "xc_dom_kernel_file failed"); goto out; } } @@ -398,12 +396,12 @@ int libxl__build_pv(libxl__gc *gc, uint3 if ( state->pv_ramdisk.path && strlen(state->pv_ramdisk.path) ) { if (state->pv_ramdisk.mapped) { if ( (ret = xc_dom_ramdisk_mem(dom, state->pv_ramdisk.data, state->pv_ramdisk.size)) != 0 ) { - LIBXL__LOG_ERRNO(ctx, LIBXL__LOG_ERROR, "xc_dom_ramdisk_mem failed"); + LOGE(ERROR, "xc_dom_ramdisk_mem failed"); goto out; } } else { if ( (ret = xc_dom_ramdisk_file(dom, state->pv_ramdisk.path)) != 0 ) { - LIBXL__LOG_ERRNO(ctx, LIBXL__LOG_ERROR, "xc_dom_ramdisk_file failed"); + LOGE(ERROR, "xc_dom_ramdisk_file failed"); goto out; } } @@ -416,31 +414,31 @@ int libxl__build_pv(libxl__gc *gc, uint3 dom->xenstore_domid = state->store_domid; if ( (ret = xc_dom_boot_xen_init(dom, ctx->xch, domid)) != 0 ) { - LIBXL__LOG_ERRNO(ctx, LIBXL__LOG_ERROR, "xc_dom_boot_xen_init failed"); + LOGE(ERROR, "xc_dom_boot_xen_init failed"); goto out; } if ( (ret = xc_dom_parse_image(dom)) != 0 ) { - LIBXL__LOG_ERRNO(ctx, LIBXL__LOG_ERROR, "xc_dom_parse_image failed"); + LOGE(ERROR, "xc_dom_parse_image failed"); goto out; } if ( (ret = xc_dom_mem_init(dom, info->target_memkb / 1024)) != 0 ) { - LIBXL__LOG_ERRNO(ctx, LIBXL__LOG_ERROR, "xc_dom_mem_init failed"); + LOGE(ERROR, "xc_dom_mem_init failed"); goto out; } if ( (ret = xc_dom_boot_mem_init(dom)) != 0 ) { - LIBXL__LOG_ERRNO(ctx, LIBXL__LOG_ERROR, "xc_dom_boot_mem_init failed"); + LOGE(ERROR, "xc_dom_boot_mem_init failed"); goto out; } if ( (ret = xc_dom_build_image(dom)) != 0 ) { - LIBXL__LOG_ERRNO(ctx, LIBXL__LOG_ERROR, "xc_dom_build_image failed"); + LOGE(ERROR, "xc_dom_build_image failed"); goto out; } if ( (ret = xc_dom_boot_image(dom)) != 0 ) { - LIBXL__LOG_ERRNO(ctx, LIBXL__LOG_ERROR, "xc_dom_boot_image failed"); + LOGE(ERROR, "xc_dom_boot_image failed"); goto out; } if ( (ret = xc_dom_gnttab_init(dom)) != 0 ) { - LIBXL__LOG_ERRNO(ctx, LIBXL__LOG_ERROR, "xc_dom_gnttab_init failed"); + LOGE(ERROR, "xc_dom_gnttab_init failed"); goto out; } @@ -679,8 +677,7 @@ int libxl__qemu_traditional_cmd(libxl__g const char *cmd) { char *path = NULL; - path = libxl__sprintf(gc, "/local/domain/0/device-model/%d/command", - domid); + path = GCSPRINTF("/local/domain/0/device-model/%d/command", domid); return libxl__xs_write(gc, XBT_NULL, path, "%s", cmd); } @@ -697,8 +694,7 @@ struct libxl__physmap_info { static inline char *restore_helper(libxl__gc *gc, uint32_t domid, uint64_t phys_offset, char *node) { - return libxl__sprintf(gc, - "/local/domain/0/device-model/%d/physmap/%"PRIx64"/%s", + return GCSPRINTF("/local/domain/0/device-model/%d/physmap/%"PRIx64"/%s", domid, phys_offset, node); } @@ -708,7 +704,6 @@ int libxl__toolstack_restore(uint32_t do libxl__save_helper_state *shs = user; libxl__domain_create_state *dcs = CONTAINER_OF(shs, *dcs, shs); STATE_AO_GC(dcs->ao); - libxl_ctx *ctx = CTX; int i, ret; const uint8_t *ptr = buf; uint32_t count = 0, version = 0; @@ -718,7 +713,7 @@ int libxl__toolstack_restore(uint32_t do LOG(DEBUG,"domain=%"PRIu32" toolstack data size=%"PRIu32, domid, size); if (size < sizeof(version) + sizeof(count)) { - LIBXL__LOG(ctx, LIBXL__LOG_ERROR, "wrong size"); + LOG(ERROR, "wrong size"); return -1; } @@ -726,7 +721,7 @@ int libxl__toolstack_restore(uint32_t do ptr += sizeof(version); if (version != TOOLSTACK_SAVE_VERSION) { - LIBXL__LOG(ctx, LIBXL__LOG_ERROR, "wrong version"); + LOG(ERROR, "wrong version"); return -1; } @@ -735,7 +730,7 @@ int libxl__toolstack_restore(uint32_t do if (size < sizeof(version) + sizeof(count) + count * (sizeof(struct libxl__physmap_info))) { - LIBXL__LOG(ctx, LIBXL__LOG_ERROR, "wrong size"); + LOG(ERROR, "wrong size"); return -1; } @@ -945,15 +940,13 @@ static void switch_logdirty_done(libxl__ int libxl__domain_suspend_device_model(libxl__gc *gc, libxl__domain_suspend_state *dss) { - libxl_ctx *ctx = libxl__gc_owner(gc); int ret = 0; uint32_t const domid = dss->domid; const char *const filename = dss->dm_savefile; switch (libxl__device_model_version_running(gc, domid)) { case LIBXL_DEVICE_MODEL_VERSION_QEMU_XEN_TRADITIONAL: { - LIBXL__LOG(ctx, LIBXL__LOG_DEBUG, - "Saving device model state to %s", filename); + LOG(DEBUG, "Saving device model state to %s", filename); libxl__qemu_traditional_cmd(gc, domid, "save"); libxl__wait_for_device_model(gc, domid, "paused", NULL, NULL, NULL); break; @@ -1129,8 +1122,7 @@ int libxl__domain_suspend_common_callbac static inline char *physmap_path(libxl__gc *gc, uint32_t domid, char *phys_offset, char *node) { - return libxl__sprintf(gc, - "/local/domain/0/device-model/%d/physmap/%s/%s", + return GCSPRINTF("/local/domain/0/device-model/%d/physmap/%s/%s", domid, phys_offset, node); } @@ -1147,7 +1139,7 @@ int libxl__toolstack_save(uint32_t domid char **entries = NULL; struct libxl__physmap_info *pi; - entries = libxl__xs_directory(gc, 0, libxl__sprintf(gc, + entries = libxl__xs_directory(gc, 0, GCSPRINTF( "/local/domain/0/device-model/%d/physmap", domid), &num); count = num; @@ -1288,7 +1280,7 @@ void libxl__domain_suspend(libxl__egc *e char *path; char *addr; - path = libxl__sprintf(gc, "%s/hvmloader/generation-id-address", + path = GCSPRINTF("%s/hvmloader/generation-id-address", libxl__xs_get_dompath(gc, domid)); addr = libxl__xs_read(gc, XBT_NULL, path); @@ -1502,10 +1494,7 @@ static void domain_suspend_done(libxl__e char *libxl__uuid2string(libxl__gc *gc, const libxl_uuid uuid) { - char *s = libxl__sprintf(gc, LIBXL_UUID_FMT, LIBXL_UUID_BYTES(uuid)); - if (!s) - LIBXL__LOG(libxl__gc_owner(gc), LIBXL__LOG_ERROR, "cannot allocate for uuid"); - return s; + return GCSPRINTF(LIBXL_UUID_FMT, LIBXL_UUID_BYTES(uuid)); } static const char *userdata_path(libxl__gc *gc, uint32_t domid, @@ -1513,34 +1502,27 @@ static const char *userdata_path(libxl__ const char *wh) { libxl_ctx *ctx = libxl__gc_owner(gc); - char *path, *uuid_string; + char *uuid_string; libxl_dominfo info; int rc; rc = libxl_domain_info(ctx, &info, domid); if (rc) { - LIBXL__LOG_ERRNO(ctx, LIBXL__LOG_ERROR, "unable to find domain info" - " for domain %"PRIu32, domid); + LOGE(ERROR, "unable to find domain info for domain %"PRIu32, domid); return NULL; } - uuid_string = libxl__sprintf(gc, LIBXL_UUID_FMT, LIBXL_UUID_BYTES(info.uuid)); + uuid_string = GCSPRINTF(LIBXL_UUID_FMT, LIBXL_UUID_BYTES(info.uuid)); - path = libxl__sprintf(gc, "/var/lib/xen/" - "userdata-%s.%u.%s.%s", - wh, domid, uuid_string, userdata_userid); - if (!path) - LIBXL__LOG_ERRNO(ctx, LIBXL__LOG_ERROR, "unable to allocate for" - " userdata path"); - return path; + return GCSPRINTF("/var/lib/xen/userdata-%s.%u.%s.%s", + wh, domid, uuid_string, userdata_userid); } static int userdata_delete(libxl__gc *gc, const char *path) { - libxl_ctx *ctx = libxl__gc_owner(gc); int r; r = unlink(path); if (r) { - LIBXL__LOG_ERRNO(ctx, LIBXL__LOG_ERROR, "remove failed for %s", path); + LOGE(ERROR, "remove failed for %s", path); return errno; } return 0; @@ -1548,7 +1530,6 @@ static int userdata_delete(libxl__gc *gc void libxl__userdata_destroyall(libxl__gc *gc, uint32_t domid) { - libxl_ctx *ctx = libxl__gc_owner(gc); const char *pattern; glob_t gl; int r, i; @@ -1564,7 +1545,7 @@ void libxl__userdata_destroyall(libxl__g if (r == GLOB_NOMATCH) goto out; if (r) - LIBXL__LOG_ERRNO(ctx, LIBXL__LOG_ERROR, "glob failed for %s", pattern); + LOGE(ERROR, "glob failed for %s", pattern); for (i=0; i<gl.gl_pathc; i++) { userdata_delete(gc, gl.gl_pathv[i]); ++++++ 26576-x86-APICV-migration.patch ++++++ References: FATE#313605 # HG changeset patch # User Jiongxi Li <jiongxi.li@intel.com> # Date 1361176078 -3600 # Node ID 4c3355d776e115f979fd2abc135bb77ba710f0d4 # Parent 217a4fc4cd46e8de06f2f43eed727838891e9398 x86/VMX: fix live migration while enabling APICV SVI should be restored in case guest is processing virtual interrupt while saveing a domain state. Otherwise SVI would be missed when virtual interrupt delivery is enabled. Signed-off-by: Jiongxi Li <jiongxi.li@intel.com> Acked-by: Eddie Dong <eddie.dong@intel.com> Acked-by: Jun Nakajima <jun.nakajima@intel.com> Committed-by: Jan Beulich <jbeulich@suse.com> --- a/xen/arch/x86/hvm/vlapic.c +++ b/xen/arch/x86/hvm/vlapic.c @@ -1198,6 +1198,9 @@ static int lapic_load_regs(struct domain if ( hvm_load_entry(LAPIC_REGS, h, s->regs) != 0 ) return -EINVAL; + if ( hvm_funcs.process_isr ) + hvm_funcs.process_isr(vlapic_find_highest_isr(s), v); + vlapic_adjust_i8259_target(d); lapic_rearm(s); return 0; --- a/xen/arch/x86/hvm/vmx/intr.c +++ b/xen/arch/x86/hvm/vmx/intr.c @@ -290,8 +290,8 @@ void vmx_intr_assist(void) vmx_set_eoi_exit_bitmap(v, pt_vector); /* we need update the RVI field */ - status &= ~(unsigned long)0x0FF; - status |= (unsigned long)0x0FF & + status &= ~VMX_GUEST_INTR_STATUS_SUBFIELD_BITMASK; + status |= VMX_GUEST_INTR_STATUS_SUBFIELD_BITMASK & intack.vector; __vmwrite(GUEST_INTR_STATUS, status); if (v->arch.hvm_vmx.eoi_exitmap_changed) { --- a/xen/arch/x86/hvm/vmx/vmx.c +++ b/xen/arch/x86/hvm/vmx/vmx.c @@ -1520,6 +1520,29 @@ static int vmx_virtual_intr_delivery_ena return cpu_has_vmx_virtual_intr_delivery; } +static void vmx_process_isr(int isr, struct vcpu *v) +{ + unsigned long status; + u8 old; + + if ( !cpu_has_vmx_virtual_intr_delivery ) + return; + + if ( isr < 0 ) + isr = 0; + + vmx_vmcs_enter(v); + status = __vmread(GUEST_INTR_STATUS); + old = status >> VMX_GUEST_INTR_STATUS_SVI_OFFSET; + if ( isr != old ) + { + status &= VMX_GUEST_INTR_STATUS_SUBFIELD_BITMASK; + status |= isr << VMX_GUEST_INTR_STATUS_SVI_OFFSET; + __vmwrite(GUEST_INTR_STATUS, status); + } + vmx_vmcs_exit(v); +} + static struct hvm_function_table __read_mostly vmx_function_table = { .name = "VMX", .cpu_up_prepare = vmx_cpu_up_prepare, @@ -1568,7 +1591,8 @@ static struct hvm_function_table __read_ .nhvm_intr_blocked = nvmx_intr_blocked, .nhvm_domain_relinquish_resources = nvmx_domain_relinquish_resources, .update_eoi_exit_bitmap = vmx_update_eoi_exit_bitmap, - .virtual_intr_delivery_enabled = vmx_virtual_intr_delivery_enabled + .virtual_intr_delivery_enabled = vmx_virtual_intr_delivery_enabled, + .process_isr = vmx_process_isr, }; struct hvm_function_table * __init start_vmx(void) --- a/xen/include/asm-x86/hvm/hvm.h +++ b/xen/include/asm-x86/hvm/hvm.h @@ -184,6 +184,7 @@ struct hvm_function_table { /* Virtual interrupt delivery */ void (*update_eoi_exit_bitmap)(struct vcpu *v, u8 vector, u8 trig); int (*virtual_intr_delivery_enabled)(void); + void (*process_isr)(int isr, struct vcpu *v); }; extern struct hvm_function_table hvm_funcs; --- a/xen/include/asm-x86/hvm/vmx/vmcs.h +++ b/xen/include/asm-x86/hvm/vmx/vmcs.h @@ -246,6 +246,10 @@ extern bool_t cpu_has_vmx_ins_outs_instr #define VMX_INTR_SHADOW_SMI 0x00000004 #define VMX_INTR_SHADOW_NMI 0x00000008 +/* Guest interrupt status */ +#define VMX_GUEST_INTR_STATUS_SUBFIELD_BITMASK 0x0FF +#define VMX_GUEST_INTR_STATUS_SVI_OFFSET 8 + /* VMCS field encodings. */ enum vmcs_field { VIRTUAL_PROCESSOR_ID = 0x00000000, ++++++ 26577-x86-APICV-x2APIC.patch ++++++ References: FATE#313605 # HG changeset patch # User Jiongxi Li <jiongxi.li@intel.com> # Date 1361176458 -3600 # Node ID 45d59b822ed187c535b127679e32853b148ed411 # Parent 4c3355d776e115f979fd2abc135bb77ba710f0d4 x86/VMX: fix VMCS setting for x2APIC mode guest while enabling APICV The "APIC-register virtualization" and "virtual-interrupt deliver" VM-execution control has no effect on the behavior of RDMSR/WRMSR if the "virtualize x2APIC mode" VM-execution control is 0. When guest uses x2APIC mode, we should enable "virtualize x2APIC mode" for APICV first. Signed-off-by: Jiongxi Li <jiongxi.li@intel.com> Acked-by: Eddie Dong <eddie.dong@intel.com> Acked-by: Jun Nakajima <jun.nakajima@intel.com> Committed-by: Jan Beulich <jbeulich@suse.com> --- a/xen/arch/x86/hvm/vmx/vmcs.c +++ b/xen/arch/x86/hvm/vmx/vmcs.c @@ -194,7 +194,8 @@ static int vmx_init_vmcs_config(void) */ if ( _vmx_cpu_based_exec_control & CPU_BASED_TPR_SHADOW ) opt |= SECONDARY_EXEC_APIC_REGISTER_VIRT | - SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY; + SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY | + SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE; _vmx_secondary_exec_control = adjust_vmx_controls( @@ -673,19 +674,59 @@ void vmx_disable_intercept_for_msr(struc */ if ( msr <= 0x1fff ) { - if (type & MSR_TYPE_R) - __clear_bit(msr, msr_bitmap + 0x000/BYTES_PER_LONG); /* read-low */ - if (type & MSR_TYPE_W) - __clear_bit(msr, msr_bitmap + 0x800/BYTES_PER_LONG); /* write-low */ + if ( type & MSR_TYPE_R ) + clear_bit(msr, msr_bitmap + 0x000/BYTES_PER_LONG); /* read-low */ + if ( type & MSR_TYPE_W ) + clear_bit(msr, msr_bitmap + 0x800/BYTES_PER_LONG); /* write-low */ } else if ( (msr >= 0xc0000000) && (msr <= 0xc0001fff) ) { msr &= 0x1fff; - if (type & MSR_TYPE_R) - __clear_bit(msr, msr_bitmap + 0x400/BYTES_PER_LONG); /* read-high */ - if (type & MSR_TYPE_W) - __clear_bit(msr, msr_bitmap + 0xc00/BYTES_PER_LONG); /* write-high */ + if ( type & MSR_TYPE_R ) + clear_bit(msr, msr_bitmap + 0x400/BYTES_PER_LONG); /* read-high */ + if ( type & MSR_TYPE_W ) + clear_bit(msr, msr_bitmap + 0xc00/BYTES_PER_LONG); /* write-high */ } + else + HVM_DBG_LOG(DBG_LEVEL_0, + "msr %x is out of the control range" + "0x00000000-0x00001fff and 0xc0000000-0xc0001fff" + "RDMSR or WRMSR will cause a VM exit", msr); +} + +void vmx_enable_intercept_for_msr(struct vcpu *v, u32 msr, int type) +{ + unsigned long *msr_bitmap = v->arch.hvm_vmx.msr_bitmap; + + /* VMX MSR bitmap supported? */ + if ( msr_bitmap == NULL ) + return; + + /* + * See Intel PRM Vol. 3, 20.6.9 (MSR-Bitmap Address). Early manuals + * have the write-low and read-high bitmap offsets the wrong way round. + * We can control MSRs 0x00000000-0x00001fff and 0xc0000000-0xc0001fff. + */ + if ( msr <= 0x1fff ) + { + if ( type & MSR_TYPE_R ) + set_bit(msr, msr_bitmap + 0x000/BYTES_PER_LONG); /* read-low */ + if ( type & MSR_TYPE_W ) + set_bit(msr, msr_bitmap + 0x800/BYTES_PER_LONG); /* write-low */ + } + else if ( (msr >= 0xc0000000) && (msr <= 0xc0001fff) ) + { + msr &= 0x1fff; + if ( type & MSR_TYPE_R ) + set_bit(msr, msr_bitmap + 0x400/BYTES_PER_LONG); /* read-high */ + if ( type & MSR_TYPE_W ) + set_bit(msr, msr_bitmap + 0xc00/BYTES_PER_LONG); /* write-high */ + } + else + HVM_DBG_LOG(DBG_LEVEL_0, + "msr %x is out of the control range" + "0x00000000-0x00001fff and 0xc0000000-0xc0001fff" + "RDMSR or WRMSR will cause a VM exit", msr); } /* @@ -751,6 +792,10 @@ static int construct_vmcs(struct vcpu *v vmentry_ctl &= ~VM_ENTRY_LOAD_GUEST_PAT; } + /* Disable Virtualize x2APIC mode by default. */ + v->arch.hvm_vmx.secondary_exec_control &= + ~SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE; + /* Do not enable Monitor Trap Flag unless start single step debug */ v->arch.hvm_vmx.exec_control &= ~CPU_BASED_MONITOR_TRAP_FLAG; @@ -787,18 +832,6 @@ static int construct_vmcs(struct vcpu *v vmx_disable_intercept_for_msr(v, MSR_IA32_SYSENTER_EIP, MSR_TYPE_R | MSR_TYPE_W); if ( cpu_has_vmx_pat && paging_mode_hap(d) ) vmx_disable_intercept_for_msr(v, MSR_IA32_CR_PAT, MSR_TYPE_R | MSR_TYPE_W); - if ( cpu_has_vmx_apic_reg_virt ) - { - int msr; - for (msr = MSR_IA32_APICBASE_MSR; msr <= MSR_IA32_APICBASE_MSR + 0xff; msr++) - vmx_disable_intercept_for_msr(v, msr, MSR_TYPE_R); - } - if ( cpu_has_vmx_virtual_intr_delivery ) - { - vmx_disable_intercept_for_msr(v, MSR_IA32_APICTPR_MSR, MSR_TYPE_W); - vmx_disable_intercept_for_msr(v, MSR_IA32_APICEOI_MSR, MSR_TYPE_W); - vmx_disable_intercept_for_msr(v, MSR_IA32_APICSELF_MSR, MSR_TYPE_W); - } } /* I/O access bitmap. */ --- a/xen/arch/x86/hvm/vmx/vmx.c +++ b/xen/arch/x86/hvm/vmx/vmx.c @@ -2009,18 +2009,63 @@ static void vmx_install_vlapic_mapping(s void vmx_vlapic_msr_changed(struct vcpu *v) { + int virtualize_x2apic_mode; struct vlapic *vlapic = vcpu_vlapic(v); - if ( !cpu_has_vmx_virtualize_apic_accesses ) + virtualize_x2apic_mode = ( (cpu_has_vmx_apic_reg_virt || + cpu_has_vmx_virtual_intr_delivery) && + cpu_has_vmx_virtualize_x2apic_mode ); + + if ( !cpu_has_vmx_virtualize_apic_accesses && + !virtualize_x2apic_mode ) return; vmx_vmcs_enter(v); v->arch.hvm_vmx.secondary_exec_control &= - ~SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES; + ~(SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES | + SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE); if ( !vlapic_hw_disabled(vlapic) && (vlapic_base_address(vlapic) == APIC_DEFAULT_PHYS_BASE) ) - v->arch.hvm_vmx.secondary_exec_control |= - SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES; + { + unsigned int msr; + + if ( virtualize_x2apic_mode && vlapic_x2apic_mode(vlapic) ) + { + v->arch.hvm_vmx.secondary_exec_control |= + SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE; + if ( cpu_has_vmx_apic_reg_virt ) + { + for ( msr = MSR_IA32_APICBASE_MSR; + msr <= MSR_IA32_APICBASE_MSR + 0xff; msr++ ) + vmx_disable_intercept_for_msr(v, msr, MSR_TYPE_R); + + vmx_enable_intercept_for_msr(v, MSR_IA32_APICPPR_MSR, + MSR_TYPE_R); + vmx_enable_intercept_for_msr(v, MSR_IA32_APICTMICT_MSR, + MSR_TYPE_R); + vmx_enable_intercept_for_msr(v, MSR_IA32_APICTMCCT_MSR, + MSR_TYPE_R); + } + if ( cpu_has_vmx_virtual_intr_delivery ) + { + vmx_disable_intercept_for_msr(v, MSR_IA32_APICTPR_MSR, + MSR_TYPE_W); + vmx_disable_intercept_for_msr(v, MSR_IA32_APICEOI_MSR, + MSR_TYPE_W); + vmx_disable_intercept_for_msr(v, MSR_IA32_APICSELF_MSR, + MSR_TYPE_W); + } + } + else + { + v->arch.hvm_vmx.secondary_exec_control |= + SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES; + for ( msr = MSR_IA32_APICBASE_MSR; + msr <= MSR_IA32_APICBASE_MSR + 0xff; msr++ ) + vmx_enable_intercept_for_msr(v, msr, + MSR_TYPE_R | MSR_TYPE_W); + } + } vmx_update_secondary_exec_control(v); vmx_vmcs_exit(v); } --- a/xen/include/asm-x86/hvm/vmx/vmcs.h +++ b/xen/include/asm-x86/hvm/vmx/vmcs.h @@ -182,6 +182,7 @@ extern u32 vmx_vmentry_control; #define SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES 0x00000001 #define SECONDARY_EXEC_ENABLE_EPT 0x00000002 #define SECONDARY_EXEC_ENABLE_RDTSCP 0x00000008 +#define SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE 0x00000010 #define SECONDARY_EXEC_ENABLE_VPID 0x00000020 #define SECONDARY_EXEC_WBINVD_EXITING 0x00000040 #define SECONDARY_EXEC_UNRESTRICTED_GUEST 0x00000080 @@ -239,6 +240,8 @@ extern bool_t cpu_has_vmx_ins_outs_instr (vmx_secondary_exec_control & SECONDARY_EXEC_APIC_REGISTER_VIRT) #define cpu_has_vmx_virtual_intr_delivery \ (vmx_secondary_exec_control & SECONDARY_EXEC_VIRTUAL_INTR_DELIVERY) +#define cpu_has_vmx_virtualize_x2apic_mode \ + (vmx_secondary_exec_control & SECONDARY_EXEC_VIRTUALIZE_X2APIC_MODE) /* GUEST_INTERRUPTIBILITY_INFO flags. */ #define VMX_INTR_SHADOW_STI 0x00000001 @@ -414,6 +417,7 @@ enum vmcs_field { #define MSR_TYPE_R 1 #define MSR_TYPE_W 2 void vmx_disable_intercept_for_msr(struct vcpu *v, u32 msr, int type); +void vmx_enable_intercept_for_msr(struct vcpu *v, u32 msr, int type); int vmx_read_guest_msr(u32 msr, u64 *val); int vmx_write_guest_msr(u32 msr, u64 val); int vmx_add_guest_msr(u32 msr); --- a/xen/include/asm-x86/msr-index.h +++ b/xen/include/asm-x86/msr-index.h @@ -295,7 +295,10 @@ #define MSR_IA32_APICBASE_BASE (0xfffff<<12) #define MSR_IA32_APICBASE_MSR 0x800 #define MSR_IA32_APICTPR_MSR 0x808 +#define MSR_IA32_APICPPR_MSR 0x80a #define MSR_IA32_APICEOI_MSR 0x80b +#define MSR_IA32_APICTMICT_MSR 0x838 +#define MSR_IA32_APICTMCCT_MSR 0x839 #define MSR_IA32_APICSELF_MSR 0x83f #define MSR_IA32_UCODE_WRITE 0x00000079 ++++++ 26578-AMD-IOMMU-replace-BUG_ON.patch ++++++ # HG changeset patch # User Jan Beulich <jbeulich@suse.com> # Date 1361176655 -3600 # Node ID 57e67af5281a6b66cf71dfa812e4335930684fd6 # Parent 45d59b822ed187c535b127679e32853b148ed411 AMD IOMMU: don't BUG() when we don't have to find_iommu_for_device() can easily return NULL instead, as all of its callers are prepared for that. Signed-off-by: Jan Beulich <jbeulich@suse.com> --- a/xen/drivers/passthrough/amd/pci_amd_iommu.c +++ b/xen/drivers/passthrough/amd/pci_amd_iommu.c @@ -32,8 +32,8 @@ struct amd_iommu *find_iommu_for_device( { struct ivrs_mappings *ivrs_mappings = get_ivrs_mappings(seg); - BUG_ON ( bdf >= ivrs_bdf_entries ); - return ivrs_mappings ? ivrs_mappings[bdf].iommu : NULL; + return ivrs_mappings && bdf < ivrs_bdf_entries ? ivrs_mappings[bdf].iommu + : NULL; } /* ++++++ 32on64-extra-mem.patch ++++++ --- /var/tmp/diff_new_pack.IlAvmd/_old 2013-02-25 21:47:10.000000000 +0100 +++ /var/tmp/diff_new_pack.IlAvmd/_new 2013-02-25 21:47:10.000000000 +0100 @@ -1,8 +1,8 @@ -Index: xen-4.2.0-testing/tools/python/xen/xend/XendDomainInfo.py +Index: xen-4.2.1-testing/tools/python/xen/xend/XendDomainInfo.py =================================================================== ---- xen-4.2.0-testing.orig/tools/python/xen/xend/XendDomainInfo.py -+++ xen-4.2.0-testing/tools/python/xen/xend/XendDomainInfo.py -@@ -2939,7 +2939,7 @@ class XendDomainInfo: +--- xen-4.2.1-testing.orig/tools/python/xen/xend/XendDomainInfo.py ++++ xen-4.2.1-testing/tools/python/xen/xend/XendDomainInfo.py +@@ -2966,7 +2966,7 @@ class XendDomainInfo: self.guest_bitsize = self.image.getBitSize() # Make sure there's enough RAM available for the domain ++++++ tools-watchdog-support.patch ++++++ --- /var/tmp/diff_new_pack.IlAvmd/_old 2013-02-25 21:47:11.000000000 +0100 +++ /var/tmp/diff_new_pack.IlAvmd/_new 2013-02-25 21:47:11.000000000 +0100 @@ -1,7 +1,7 @@ -Index: xen-4.2.0-testing/tools/python/xen/xm/create.py +Index: xen-4.2.1-testing/tools/python/xen/xm/create.py =================================================================== ---- xen-4.2.0-testing.orig/tools/python/xen/xm/create.py -+++ xen-4.2.0-testing/tools/python/xen/xm/create.py +--- xen-4.2.1-testing.orig/tools/python/xen/xm/create.py ++++ xen-4.2.1-testing/tools/python/xen/xm/create.py @@ -535,6 +535,21 @@ gopts.var('usbdevice', val='NAME', fn=set_value, default='', use="Name of USB device to add?") @@ -32,10 +32,10 @@ 'xauthority', 'xen_extended_power_mgmt', 'xen_platform_pci', 'memory_sharing' ] -Index: xen-4.2.0-testing/tools/python/xen/xm/xenapi_create.py +Index: xen-4.2.1-testing/tools/python/xen/xm/xenapi_create.py =================================================================== ---- xen-4.2.0-testing.orig/tools/python/xen/xm/xenapi_create.py -+++ xen-4.2.0-testing/tools/python/xen/xm/xenapi_create.py +--- xen-4.2.1-testing.orig/tools/python/xen/xm/xenapi_create.py ++++ xen-4.2.1-testing/tools/python/xen/xm/xenapi_create.py @@ -1113,7 +1113,9 @@ class sxp2xml: 'xen_platform_pci', 'tsc_mode' @@ -47,10 +47,10 @@ ] platform_configs = [] -Index: xen-4.2.0-testing/tools/python/xen/xend/image.py +Index: xen-4.2.1-testing/tools/python/xen/xend/image.py =================================================================== ---- xen-4.2.0-testing.orig/tools/python/xen/xend/image.py -+++ xen-4.2.0-testing/tools/python/xen/xend/image.py +--- xen-4.2.1-testing.orig/tools/python/xen/xend/image.py ++++ xen-4.2.1-testing/tools/python/xen/xend/image.py @@ -855,7 +855,8 @@ class HVMImageHandler(ImageHandler): dmargs = [ 'boot', 'fda', 'fdb', 'soundhw', @@ -69,10 +69,10 @@ # Handle booleans gracefully if a in ['localtime', 'std-vga', 'isa', 'usb', 'acpi']: -Index: xen-4.2.0-testing/tools/python/xen/xend/XendConfig.py +Index: xen-4.2.1-testing/tools/python/xen/xend/XendConfig.py =================================================================== ---- xen-4.2.0-testing.orig/tools/python/xen/xend/XendConfig.py -+++ xen-4.2.0-testing/tools/python/xen/xend/XendConfig.py +--- xen-4.2.1-testing.orig/tools/python/xen/xend/XendConfig.py ++++ xen-4.2.1-testing/tools/python/xen/xend/XendConfig.py @@ -192,6 +192,8 @@ XENAPI_PLATFORM_CFG_TYPES = { 'xen_platform_pci': int, "gfx_passthru": int, @@ -82,10 +82,10 @@ } # Xen API console 'other_config' keys. -Index: xen-4.2.0-testing/tools/libxl/libxl_dm.c +Index: xen-4.2.1-testing/tools/libxl/libxl_dm.c =================================================================== ---- xen-4.2.0-testing.orig/tools/libxl/libxl_dm.c -+++ xen-4.2.0-testing/tools/libxl/libxl_dm.c +--- xen-4.2.1-testing.orig/tools/libxl/libxl_dm.c ++++ xen-4.2.1-testing/tools/libxl/libxl_dm.c @@ -196,6 +196,12 @@ static char ** libxl__build_device_model "-usbdevice", b_info->u.hvm.usbdevice, NULL); } @@ -112,11 +112,11 @@ if (b_info->u.hvm.soundhw) { flexarray_vappend(dm_args, "-soundhw", b_info->u.hvm.soundhw, NULL); } -Index: xen-4.2.0-testing/tools/libxl/libxl_types.idl +Index: xen-4.2.1-testing/tools/libxl/libxl_types.idl =================================================================== ---- xen-4.2.0-testing.orig/tools/libxl/libxl_types.idl -+++ xen-4.2.0-testing/tools/libxl/libxl_types.idl -@@ -320,6 +320,8 @@ libxl_domain_build_info = Struct("domain +--- xen-4.2.1-testing.orig/tools/libxl/libxl_types.idl ++++ xen-4.2.1-testing/tools/libxl/libxl_types.idl +@@ -322,6 +322,8 @@ libxl_domain_build_info = Struct("domain ("usbdevice", string), ("soundhw", string), ("xen_platform_pci", libxl_defbool), @@ -125,11 +125,11 @@ ])), ("pv", Struct(None, [("kernel", string), ("slack_memkb", MemKB), -Index: xen-4.2.0-testing/tools/libxl/xl_cmdimpl.c +Index: xen-4.2.1-testing/tools/libxl/xl_cmdimpl.c =================================================================== ---- xen-4.2.0-testing.orig/tools/libxl/xl_cmdimpl.c -+++ xen-4.2.0-testing/tools/libxl/xl_cmdimpl.c -@@ -1412,6 +1412,8 @@ skip_vfb: +--- xen-4.2.1-testing.orig/tools/libxl/xl_cmdimpl.c ++++ xen-4.2.1-testing/tools/libxl/xl_cmdimpl.c +@@ -1417,6 +1417,8 @@ skip_vfb: xlu_cfg_replace_string (config, "soundhw", &b_info->u.hvm.soundhw, 0); xlu_cfg_get_defbool(config, "xen_platform_pci", &b_info->u.hvm.xen_platform_pci, 0); ++++++ xen-managed-pci-device.patch ++++++ pci passthrough: handle managed pci devices Handle managed pci devices for libvirt usage. If a pci device is set "managed=1", it will be made assignable (unbound from original driver and bind to pcistub driver) before vm start and reattach to original driver after vm shut off. FATE#313570 Note: This patch was rejected upstream since xend is deprecated. See the following thread for details http://lists.xen.org/archives/html/xen-devel/2013-01/msg01145.html Signed-off-by: Chunyan Liu <cyliu@suse.com> Index: xen-4.2.1-testing/tools/python/xen/util/pci.py =================================================================== --- xen-4.2.1-testing.orig/tools/python/xen/util/pci.py +++ xen-4.2.1-testing/tools/python/xen/util/pci.py @@ -20,6 +20,8 @@ from xen.xend import sxp from xen.xend.XendConstants import AUTO_PHP_SLOT from xen.xend.XendSXPDev import dev_dict_to_sxp from xen.xend.XendLogging import log +from xen.xend.xenstore.xstransact import xstransact +from xen.xend.XendError import XendError # for 2.3 compatibility try: @@ -27,9 +29,11 @@ try: except NameError: from sets import Set as set +XS_PCIBACK_PATH = '/xm/pciback' PROC_PCI_PATH = '/proc/bus/pci/devices' PROC_PCI_NUM_RESOURCES = 7 +SYSFS_PCI_DRVS_PATH = 'bus/pci/drivers' SYSFS_PCI_DEVS_PATH = '/bus/pci/devices' SYSFS_PCI_DEV_RESOURCE_PATH = '/resource' SYSFS_PCI_DEV_CONFIG_PATH = '/config' @@ -161,7 +165,7 @@ def PCI_BDF(domain, bus, slot, func): def check_pci_opts(opts): def f((k, v)): - if k not in ['msitranslate', 'power_mgmt'] or \ + if k not in ['msitranslate', 'power_mgmt', 'managed'] or \ not v.lower() in ['0', '1', 'yes', 'no']: raise PciDeviceParseError('Invalid pci option %s=%s: ' % (k, v)) @@ -427,6 +431,9 @@ def __pci_dict_to_fmt_str(fmt, dev): def pci_dict_to_bdf_str(dev): return __pci_dict_to_fmt_str('%04x:%02x:%02x.%01x', dev) +def pci_dict_to_xs_bdf_str(dev): + return __pci_dict_to_fmt_str('%04x-%02x-%02x-%01x', dev) + def pci_dict_to_xc_str(dev): return __pci_dict_to_fmt_str('0x%x, 0x%x, 0x%x, 0x%x', dev) @@ -560,6 +567,115 @@ def find_all_assignable_devices(): dev_list = dev_list + [dev] return dev_list +def pci_assignable_add(dev): + '''detach pci device from driver that we need to unbind from and rebind + to pciback driver, then it can be assigned to guest. + ''' + sysfs_mnt = find_sysfs_mnt() + pcidev_path = sysfs_mnt + SYSFS_PCI_DEVS_PATH + pciback_path = sysfs_mnt + SYSFS_PCIBACK_PATH + + # See if the device exists + pci_bdf = pci_dict_to_bdf_str(dev) + path = pcidev_path + '/' + pci_bdf + if not os.path.exists(path): + log.debug("Pci device %s doesn't exist" % pci_bdf) + return -1 + + # Check to see if it's already assigned to pciback + path = pciback_path + '/' + pci_bdf + if os.path.exists(path): + log.debug("Pci device %s is already assigned to pciback" % pci_bdf) + return 0 + + # Check to see if there's already a driver that we need to unbind from + path = pcidev_path + '/' + pci_bdf + '/driver' + drv_path = None + if os.path.exists(path): + drv_path = os.path.realpath(path).replace(" ", "\ ") + cmd = 'echo %s > %s/unbind' % (pci_bdf, drv_path) + if os.system(cmd): + log.debug("Couldn't unbind device") + return -1; + + # Store driver_path for rebinding to dom0 + if drv_path is not None: + xs_pci_bdf = pci_dict_to_xs_bdf_str(dev) + path = XS_PCIBACK_PATH + '/' + xs_pci_bdf + xstransact.Mkdir(path) + xstransact.Write(path, 'driver_path', drv_path) + else: + log.debug("Not bound to a driver, will not be rebound") + + # Bind to pciback + try: + # Scan through /sys/.../pciback/slots looking for pcidev's BDF + slots = os.popen('cat %s/slots' % pciback_path).read() + if re.search(pci_bdf, slots) is None: + # write bdf to new_slot + cmd = 'echo %s > %s/new_slot' % (pci_bdf, pciback_path) + if os.system(cmd): + raise XendError("Couldn't add device to pciback new_slot") + + # Bind to pciback + cmd = 'echo %s > %s/bind' % (pci_bdf, pciback_path) + if os.system(cmd): + raise XendError("Couldn't bind device to pciback") + except XendError: + # rebind to original driver + if drv_path is not None: + log.debug("Rebind to original driver") + cmd = 'echo %s > %s/bind' % (pci_bdf, drv_path) + if os.system(cmd): + log.debug("Failed to rebind") + return -1 + + return 0 + +def pci_assignable_remove(dev): + '''unbind pci device from pciback, and rebind to host pci driver where it + was detached from in pci-assignable-add. + ''' + sysfs_mnt = find_sysfs_mnt() + pcidrv_path = sysfs_mnt + SYSFS_PCI_DRVS_PATH + pciback_path = sysfs_mnt + SYSFS_PCIBACK_PATH + pci_bdf = pci_dict_to_bdf_str(dev) + + # Unbind from pciback + path = pciback_path + '/' + pci_bdf + if os.path.exists(path): + # unbind + cmd = 'echo %s > %s/unbind' % (pci_bdf, pciback_path) + if os.system(cmd): + log.debug("Couldn't unbind device to pciback") + return -1 + + # remove slots if necessary + slots = os.popen('cat %s/slots' % pciback_path).read() + if re.search(pci_bdf, slots): + # write bdf to remove_slot + cmd = 'echo %s > %s/remove_slot' % (pci_bdf, pciback_path) + if os.system(cmd): + log.debug("Couldn't remove pciback slot") + return -1 + else: + log.debug("Not bound to pciback") + + # Rebind if necessary + xs_pci_bdf = pci_dict_to_xs_bdf_str(dev) + path = XS_PCIBACK_PATH + '/' + xs_pci_bdf + drv_path = xstransact.Read(path, 'driver_path') + if drv_path: + cmd = 'echo %s > %s/bind' % (pci_bdf, drv_path) + if os.system(cmd): + log.debug("Couldn't rebind to driver %s" % drv_path) + return -1 + xstransact.Remove(path) + else: + log.debug("Counldn't find path for original driver. Not rebinding") + + return 0 + def transform_list(target, src): ''' src: its element is pci string (Format: xxxx:xx:xx.x). target: its element is pci string, or a list of pci string. Index: xen-4.2.1-testing/tools/python/xen/xend/XendDomainInfo.py =================================================================== --- xen-4.2.1-testing.orig/tools/python/xen/xend/XendDomainInfo.py +++ xen-4.2.1-testing/tools/python/xen/xend/XendDomainInfo.py @@ -303,7 +303,8 @@ def dom_get(dom): return None from xen.xend.server.pciif import parse_pci_name, PciDevice,\ - get_assigned_pci_devices, get_all_assigned_pci_devices + get_assigned_pci_devices, get_all_assigned_pci_devices,\ + prepare_host_pci_devices, reattach_host_pci_devices def do_FLR(domid, is_hvm): @@ -317,6 +318,20 @@ def do_FLR(domid, is_hvm): "parse it's resources - "+str(e)) dev.do_FLR(is_hvm, xoptions.get_pci_dev_assign_strict_check()) +def prepare_domain_pci_devices(domconfig): + ordered_refs = domconfig.ordered_device_refs() + for dev_uuid in ordered_refs: + devclass, devconfig = domconfig['devices'][dev_uuid] + if devclass == 'pci': + prepare_host_pci_devices(devconfig) + +def reattach_domain_pci_devices(domconfig): + ordered_refs = domconfig.ordered_device_refs() + for dev_uuid in ordered_refs: + devclass, devconfig = domconfig['devices'][dev_uuid] + if devclass == 'pci': + reattach_host_pci_devices(devconfig) + class XendDomainInfo: """An object represents a domain. @@ -470,6 +485,7 @@ class XendDomainInfo: if self._stateGet() in (XEN_API_VM_POWER_STATE_HALTED, XEN_API_VM_POWER_STATE_SUSPENDED, XEN_API_VM_POWER_STATE_CRASHED): try: + prepare_domain_pci_devices(self.info); XendTask.log_progress(0, 30, self._constructDomain) XendTask.log_progress(31, 60, self._initDomain) @@ -496,6 +512,7 @@ class XendDomainInfo: state = self._stateGet() if state in (DOM_STATE_SUSPENDED, DOM_STATE_HALTED): try: + prepare_domain_pci_devices(self.info) self._constructDomain() try: @@ -851,6 +868,9 @@ class XendDomainInfo: if self.domid is not None: try: + if dev_type == 'pci': + prepare_host_pci_devices(dev_config_dict) + dev_config_dict['devid'] = devid = \ self._createDevice(dev_type, dev_config_dict) if dev_type == 'tap2': @@ -864,6 +884,7 @@ class XendDomainInfo: if dev_type == 'pci': for dev in dev_config_dict['devs']: XendAPIStore.deregister(dev['uuid'], 'DPCI') + reattach_host_pci_devices(dev_config_dict) elif dev_type == 'vscsi': for dev in dev_config_dict['devs']: XendAPIStore.deregister(dev['uuid'], 'DSCSI') @@ -908,6 +929,9 @@ class XendDomainInfo: dev_config = pci_convert_sxp_to_dict(dev_sxp) dev = dev_config['devs'][0] + if self.domid is not None and pci_state == 'Initialising': + prepare_host_pci_devices(dev_config) + stubdomid = self.getStubdomDomid() # Do HVM specific processing if self.info.is_hvm(): @@ -984,6 +1008,9 @@ class XendDomainInfo: new_dev_sxp = dev_control.configuration(devid) self.info.device_update(dev_uuid, new_dev_sxp) + if pci_state == 'Closing': + reattach_host_pci_devices(dev_config) + # If there is no device left, destroy pci and remove config. if num_devs == 0: if self.info.is_hvm(): @@ -3154,6 +3181,7 @@ class XendDomainInfo: log.debug("%s KiB need to add to Memory pool" %self.alloc_mem) MemoryPool.instance().increase_memory(self.alloc_mem) + reattach_domain_pci_devices(self.info) self._cleanup_phantom_devs(paths) self._cleanupVm() Index: xen-4.2.1-testing/tools/python/xen/xend/server/pciif.py =================================================================== --- xen-4.2.1-testing.orig/tools/python/xen/xend/server/pciif.py +++ xen-4.2.1-testing/tools/python/xen/xend/server/pciif.py @@ -86,6 +86,48 @@ def get_all_assigned_pci_devices(domid = pci_str_list = pci_str_list + get_assigned_pci_devices(int(d)) return pci_str_list +def reattach_host_pci_devices(devconfig): + pci_dev_list = devconfig.get('devs', []) + for pci_dev in pci_dev_list: + managed = 0 + pci_opts_config = pci_dev.get('opts', []) + for opt in pci_opts_config: + if opt[0] == 'managed': + managed = opt[1] + if managed: + if pci_assignable_remove(pci_dev) != 0: + raise VmError('pci_assignable_remove failed') + +def detach_host_pci_devices(devconfig): + pci_dev_list = devconfig.get('devs', []) + reattach = 0 + for pci_dev in pci_dev_list: + managed = 0 + pci_opts_config = pci_dev.get('opts', []) + for opt in pci_opts_config: + if opt[0] == 'managed': + managed = opt[1] + if managed: + if pci_assignable_add(pci_dev) != 0: + log.debug('pci_assignable_add failed') + reattach = 1 + break + + if reattach: + reattach_host_pci_devices(devconfig) + raise VmError('detach_host_pci_devices failed') + +def prepare_host_pci_devices(devconfig): + # Test whether the device used by other domain + pci_dev_list = devconfig.get('devs', []) + for pci_dev in pci_dev_list: + pci_name = pci_dict_to_bdf_str(pci_dev) + if pci_name in get_all_assigned_pci_devices(): + raise VmError("failed to assign device %s that has" + " already been assigned to other domain." % pci_name) + # Detach 'managed' devices + detach_host_pci_devices(devconfig) + class PciController(DevController): def __init__(self, vm): ++++++ xend-domain-lock-sfex.patch ++++++ --- /var/tmp/diff_new_pack.IlAvmd/_old 2013-02-25 21:47:11.000000000 +0100 +++ /var/tmp/diff_new_pack.IlAvmd/_new 2013-02-25 21:47:11.000000000 +0100 @@ -1,7 +1,7 @@ -Index: xen-4.2.0-testing/tools/examples/xend-config.sxp +Index: xen-4.2.1-testing/tools/examples/xend-config.sxp =================================================================== ---- xen-4.2.0-testing.orig/tools/examples/xend-config.sxp -+++ xen-4.2.0-testing/tools/examples/xend-config.sxp +--- xen-4.2.1-testing.orig/tools/examples/xend-config.sxp ++++ xen-4.2.1-testing/tools/examples/xend-config.sxp @@ -357,7 +357,7 @@ # path /<xend-domain-lock-path>/<vm-uuid> # Return 0 on success, non-zero on error. @@ -23,10 +23,10 @@ # If we have a very big scsi device configuration, start of xend is slow, # because xend scans all the device paths to build its internal PSCSI device # list. If we need only a few devices for assigning to a guest, we can reduce -Index: xen-4.2.0-testing/tools/hotplug/Linux/Makefile +Index: xen-4.2.1-testing/tools/hotplug/Linux/Makefile =================================================================== ---- xen-4.2.0-testing.orig/tools/hotplug/Linux/Makefile -+++ xen-4.2.0-testing/tools/hotplug/Linux/Makefile +--- xen-4.2.1-testing.orig/tools/hotplug/Linux/Makefile ++++ xen-4.2.1-testing/tools/hotplug/Linux/Makefile @@ -23,6 +23,7 @@ XEN_SCRIPTS += xen-hotplug-cleanup XEN_SCRIPTS += external-device-migrate XEN_SCRIPTS += vscsi @@ -35,10 +35,10 @@ XEN_SCRIPT_DATA = xen-script-common.sh locking.sh logging.sh XEN_SCRIPT_DATA += xen-hotplug-common.sh xen-network-common.sh vif-common.sh XEN_SCRIPT_DATA += block-common.sh vtpm-common.sh vtpm-hotplug-common.sh -Index: xen-4.2.0-testing/tools/hotplug/Linux/domain-lock +Index: xen-4.2.1-testing/tools/hotplug/Linux/domain-lock =================================================================== ---- xen-4.2.0-testing.orig/tools/hotplug/Linux/domain-lock -+++ xen-4.2.0-testing/tools/hotplug/Linux/domain-lock +--- xen-4.2.1-testing.orig/tools/hotplug/Linux/domain-lock ++++ xen-4.2.1-testing/tools/hotplug/Linux/domain-lock @@ -4,7 +4,7 @@ basedir=$(dirname "$0") usage() { @@ -48,10 +48,10 @@ echo "" echo "-l lock" echo "-u unlock" -Index: xen-4.2.0-testing/tools/hotplug/Linux/domain-lock-sfex +Index: xen-4.2.1-testing/tools/hotplug/Linux/domain-lock-sfex =================================================================== --- /dev/null -+++ xen-4.2.0-testing/tools/hotplug/Linux/domain-lock-sfex ++++ xen-4.2.1-testing/tools/hotplug/Linux/domain-lock-sfex @@ -0,0 +1,166 @@ +#!/bin/bash + @@ -219,11 +219,11 @@ +;; +esac + -Index: xen-4.2.0-testing/tools/python/xen/xend/XendDomainInfo.py +Index: xen-4.2.1-testing/tools/python/xen/xend/XendDomainInfo.py =================================================================== ---- xen-4.2.0-testing.orig/tools/python/xen/xend/XendDomainInfo.py -+++ xen-4.2.0-testing/tools/python/xen/xend/XendDomainInfo.py -@@ -4526,8 +4526,14 @@ class XendDomainInfo: +--- xen-4.2.1-testing.orig/tools/python/xen/xend/XendDomainInfo.py ++++ xen-4.2.1-testing/tools/python/xen/xend/XendDomainInfo.py +@@ -4554,8 +4554,14 @@ class XendDomainInfo: # Return name of host contained in lock file. def get_lock_host(self, path): @@ -240,7 +240,7 @@ hostname = "unknown" try: -@@ -4549,6 +4555,16 @@ class XendDomainInfo: +@@ -4577,6 +4583,16 @@ class XendDomainInfo: path = xoptions.get_xend_domain_lock_path() path = os.path.join(path, self.get_uuid()) @@ -257,7 +257,7 @@ try: if not os.path.exists(path): mkdir.parents(path, stat.S_IRWXU) -@@ -4556,12 +4572,7 @@ class XendDomainInfo: +@@ -4584,12 +4600,7 @@ class XendDomainInfo: log.exception("%s could not be created." % path) raise XendError("%s could not be created." % path) @@ -271,7 +271,7 @@ if status != 0: log.debug("Failed to aqcuire lock: status = %d" % status) raise XendError("The VM is locked and appears to be running on host %s." % self.get_lock_host(path)) -@@ -4578,12 +4589,18 @@ class XendDomainInfo: +@@ -4606,12 +4617,18 @@ class XendDomainInfo: path = xoptions.get_xend_domain_lock_path() path = os.path.join(path, self.get_uuid()) @@ -296,10 +296,10 @@ if status != 0: log.exception("Failed to release lock: status = %s" % status) try: -Index: xen-4.2.0-testing/tools/python/xen/xend/XendNode.py +Index: xen-4.2.1-testing/tools/python/xen/xend/XendNode.py =================================================================== ---- xen-4.2.0-testing.orig/tools/python/xen/xend/XendNode.py -+++ xen-4.2.0-testing/tools/python/xen/xend/XendNode.py +--- xen-4.2.1-testing.orig/tools/python/xen/xend/XendNode.py ++++ xen-4.2.1-testing/tools/python/xen/xend/XendNode.py @@ -162,6 +162,7 @@ class XendNode: self._init_cpu_pools() @@ -326,10 +326,10 @@ def add_network(self, interface): # TODO log.debug("add_network(): Not implemented.") -Index: xen-4.2.0-testing/tools/python/xen/xend/XendOptions.py +Index: xen-4.2.1-testing/tools/python/xen/xend/XendOptions.py =================================================================== ---- xen-4.2.0-testing.orig/tools/python/xen/xend/XendOptions.py -+++ xen-4.2.0-testing/tools/python/xen/xend/XendOptions.py +--- xen-4.2.1-testing.orig/tools/python/xen/xend/XendOptions.py ++++ xen-4.2.1-testing/tools/python/xen/xend/XendOptions.py @@ -164,6 +164,9 @@ class XendOptions: """Default script to acquire/release domain lock""" xend_domain_lock_utility = auxbin.scripts_dir() + "/domain-lock" ++++++ xend-domain-lock.patch ++++++ --- /var/tmp/diff_new_pack.IlAvmd/_old 2013-02-25 21:47:11.000000000 +0100 +++ /var/tmp/diff_new_pack.IlAvmd/_new 2013-02-25 21:47:11.000000000 +0100 @@ -8,10 +8,10 @@ tools/python/xen/xend/XendOptions.py | 29 +++++++++++ 7 files changed, 290 insertions(+) -Index: xen-4.2.0-testing/tools/examples/xend-config.sxp +Index: xen-4.2.1-testing/tools/examples/xend-config.sxp =================================================================== ---- xen-4.2.0-testing.orig/tools/examples/xend-config.sxp -+++ xen-4.2.0-testing/tools/examples/xend-config.sxp +--- xen-4.2.1-testing.orig/tools/examples/xend-config.sxp ++++ xen-4.2.1-testing/tools/examples/xend-config.sxp @@ -324,6 +324,65 @@ # device assignment could really work properly even after we do this. #(pci-passthrough-strict-check yes) @@ -78,10 +78,10 @@ # If we have a very big scsi device configuration, start of xend is slow, # because xend scans all the device paths to build its internal PSCSI device # list. If we need only a few devices for assigning to a guest, we can reduce -Index: xen-4.2.0-testing/tools/hotplug/Linux/Makefile +Index: xen-4.2.1-testing/tools/hotplug/Linux/Makefile =================================================================== ---- xen-4.2.0-testing.orig/tools/hotplug/Linux/Makefile -+++ xen-4.2.0-testing/tools/hotplug/Linux/Makefile +--- xen-4.2.1-testing.orig/tools/hotplug/Linux/Makefile ++++ xen-4.2.1-testing/tools/hotplug/Linux/Makefile @@ -22,6 +22,7 @@ XEN_SCRIPTS += vtpm vtpm-delete XEN_SCRIPTS += xen-hotplug-cleanup XEN_SCRIPTS += external-device-migrate @@ -90,10 +90,10 @@ XEN_SCRIPT_DATA = xen-script-common.sh locking.sh logging.sh XEN_SCRIPT_DATA += xen-hotplug-common.sh xen-network-common.sh vif-common.sh XEN_SCRIPT_DATA += block-common.sh vtpm-common.sh vtpm-hotplug-common.sh -Index: xen-4.2.0-testing/tools/hotplug/Linux/domain-lock +Index: xen-4.2.1-testing/tools/hotplug/Linux/domain-lock =================================================================== --- /dev/null -+++ xen-4.2.0-testing/tools/hotplug/Linux/domain-lock ++++ xen-4.2.1-testing/tools/hotplug/Linux/domain-lock @@ -0,0 +1,83 @@ +#!/bin/bash + @@ -178,10 +178,10 @@ + get_status $vm_path + ;; +esac -Index: xen-4.2.0-testing/tools/hotplug/Linux/vm-monitor +Index: xen-4.2.1-testing/tools/hotplug/Linux/vm-monitor =================================================================== --- /dev/null -+++ xen-4.2.0-testing/tools/hotplug/Linux/vm-monitor ++++ xen-4.2.1-testing/tools/hotplug/Linux/vm-monitor @@ -0,0 +1,41 @@ +#!/bin/bash + @@ -224,10 +224,10 @@ +elif [ $0 = "$basedir/vm-monitor" ]; then + monitor $* +fi -Index: xen-4.2.0-testing/tools/python/xen/xend/XendCheckpoint.py +Index: xen-4.2.1-testing/tools/python/xen/xend/XendCheckpoint.py =================================================================== ---- xen-4.2.0-testing.orig/tools/python/xen/xend/XendCheckpoint.py -+++ xen-4.2.0-testing/tools/python/xen/xend/XendCheckpoint.py +--- xen-4.2.1-testing.orig/tools/python/xen/xend/XendCheckpoint.py ++++ xen-4.2.1-testing/tools/python/xen/xend/XendCheckpoint.py @@ -130,6 +130,8 @@ def save(fd, dominfo, network, live, dst dominfo.shutdown('suspend') dominfo.waitForSuspend() @@ -245,19 +245,19 @@ return dominfo except Exception, exn: dominfo.destroy() -Index: xen-4.2.0-testing/tools/python/xen/xend/XendDomainInfo.py +Index: xen-4.2.1-testing/tools/python/xen/xend/XendDomainInfo.py =================================================================== ---- xen-4.2.0-testing.orig/tools/python/xen/xend/XendDomainInfo.py -+++ xen-4.2.0-testing/tools/python/xen/xend/XendDomainInfo.py -@@ -470,6 +470,7 @@ class XendDomainInfo: - +--- xen-4.2.1-testing.orig/tools/python/xen/xend/XendDomainInfo.py ++++ xen-4.2.1-testing/tools/python/xen/xend/XendDomainInfo.py +@@ -486,6 +486,7 @@ class XendDomainInfo: if self._stateGet() in (XEN_API_VM_POWER_STATE_HALTED, XEN_API_VM_POWER_STATE_SUSPENDED, XEN_API_VM_POWER_STATE_CRASHED): try: + prepare_domain_pci_devices(self.info); + self.acquire_running_lock(); XendTask.log_progress(0, 30, self._constructDomain) XendTask.log_progress(31, 60, self._initDomain) -@@ -3010,6 +3011,11 @@ class XendDomainInfo: +@@ -3037,6 +3038,11 @@ class XendDomainInfo: self._stateSet(DOM_STATE_HALTED) self.domid = None # Do not push into _stateSet()! @@ -269,7 +269,7 @@ finally: self.refresh_shutdown_lock.release() -@@ -4518,6 +4524,74 @@ class XendDomainInfo: +@@ -4546,6 +4552,74 @@ class XendDomainInfo: def has_device(self, dev_class, dev_uuid): return (dev_uuid in self.info['%s_refs' % dev_class.lower()]) @@ -344,10 +344,10 @@ def __str__(self): return '<domain id=%s name=%s memory=%s state=%s>' % \ (str(self.domid), self.info['name_label'], -Index: xen-4.2.0-testing/tools/python/xen/xend/XendOptions.py +Index: xen-4.2.1-testing/tools/python/xen/xend/XendOptions.py =================================================================== ---- xen-4.2.0-testing.orig/tools/python/xen/xend/XendOptions.py -+++ xen-4.2.0-testing/tools/python/xen/xend/XendOptions.py +--- xen-4.2.1-testing.orig/tools/python/xen/xend/XendOptions.py ++++ xen-4.2.1-testing/tools/python/xen/xend/XendOptions.py @@ -154,6 +154,17 @@ class XendOptions: use loose check automatically if necessary.""" pci_dev_assign_strict_check_default = True ++++++ xenpaging.autostart.patch ++++++ --- /var/tmp/diff_new_pack.IlAvmd/_old 2013-02-25 21:47:11.000000000 +0100 +++ /var/tmp/diff_new_pack.IlAvmd/_new 2013-02-25 21:47:11.000000000 +0100 @@ -45,10 +45,10 @@ tools/python/xen/xm/xenapi_create.py | 3 + 10 files changed, 179 insertions(+) -Index: xen-4.2.0-testing/tools/examples/xmexample.hvm +Index: xen-4.2.1-testing/tools/examples/xmexample.hvm =================================================================== ---- xen-4.2.0-testing.orig/tools/examples/xmexample.hvm -+++ xen-4.2.0-testing/tools/examples/xmexample.hvm +--- xen-4.2.1-testing.orig/tools/examples/xmexample.hvm ++++ xen-4.2.1-testing/tools/examples/xmexample.hvm @@ -142,6 +142,15 @@ disk = [ 'file:/var/lib/xen/images/disk. # Device Model to be used device_model = 'qemu-dm' @@ -65,10 +65,10 @@ #----------------------------------------------------------------------------- # boot on floppy (a), hard disk (c), Network (n) or CD-ROM (d) # default: hard disk, cd-rom, floppy -Index: xen-4.2.0-testing/tools/python/README.XendConfig +Index: xen-4.2.1-testing/tools/python/README.XendConfig =================================================================== ---- xen-4.2.0-testing.orig/tools/python/README.XendConfig -+++ xen-4.2.0-testing/tools/python/README.XendConfig +--- xen-4.2.1-testing.orig/tools/python/README.XendConfig ++++ xen-4.2.1-testing/tools/python/README.XendConfig @@ -120,6 +120,9 @@ otherConfig image.vncdisplay image.vncunused @@ -79,10 +79,10 @@ image.hvm.display image.hvm.xauthority image.hvm.vncconsole -Index: xen-4.2.0-testing/tools/python/README.sxpcfg +Index: xen-4.2.1-testing/tools/python/README.sxpcfg =================================================================== ---- xen-4.2.0-testing.orig/tools/python/README.sxpcfg -+++ xen-4.2.0-testing/tools/python/README.sxpcfg +--- xen-4.2.1-testing.orig/tools/python/README.sxpcfg ++++ xen-4.2.1-testing/tools/python/README.sxpcfg @@ -51,6 +51,9 @@ image - vncunused (HVM) @@ -93,10 +93,10 @@ - display - xauthority - vncconsole -Index: xen-4.2.0-testing/tools/python/xen/xend/XendConfig.py +Index: xen-4.2.1-testing/tools/python/xen/xend/XendConfig.py =================================================================== ---- xen-4.2.0-testing.orig/tools/python/xen/xend/XendConfig.py -+++ xen-4.2.0-testing/tools/python/xen/xend/XendConfig.py +--- xen-4.2.1-testing.orig/tools/python/xen/xend/XendConfig.py ++++ xen-4.2.1-testing/tools/python/xen/xend/XendConfig.py @@ -147,6 +147,9 @@ XENAPI_PLATFORM_CFG_TYPES = { 'apic': int, 'boot': str, @@ -120,10 +120,10 @@ if 'timer_mode' not in self['platform']: self['platform']['timer_mode'] = 1 if 'extid' in self['platform'] and int(self['platform']['extid']) == 1: -Index: xen-4.2.0-testing/tools/python/xen/xend/XendDomain.py +Index: xen-4.2.1-testing/tools/python/xen/xend/XendDomain.py =================================================================== ---- xen-4.2.0-testing.orig/tools/python/xen/xend/XendDomain.py -+++ xen-4.2.0-testing/tools/python/xen/xend/XendDomain.py +--- xen-4.2.1-testing.orig/tools/python/xen/xend/XendDomain.py ++++ xen-4.2.1-testing/tools/python/xen/xend/XendDomain.py @@ -1835,6 +1835,21 @@ class XendDomain: log.exception(ex) raise XendError(str(ex)) @@ -146,11 +146,11 @@ def domain_maxmem_set(self, domid, mem): """Set the memory limit for a domain. -Index: xen-4.2.0-testing/tools/python/xen/xend/XendDomainInfo.py +Index: xen-4.2.1-testing/tools/python/xen/xend/XendDomainInfo.py =================================================================== ---- xen-4.2.0-testing.orig/tools/python/xen/xend/XendDomainInfo.py -+++ xen-4.2.0-testing/tools/python/xen/xend/XendDomainInfo.py -@@ -1505,6 +1505,17 @@ class XendDomainInfo: +--- xen-4.2.1-testing.orig/tools/python/xen/xend/XendDomainInfo.py ++++ xen-4.2.1-testing/tools/python/xen/xend/XendDomainInfo.py +@@ -1532,6 +1532,17 @@ class XendDomainInfo: break xen.xend.XendDomain.instance().managed_config_save(self) @@ -168,7 +168,7 @@ def setMemoryTarget(self, target): """Set the memory target of this domain. @param target: In MiB. -@@ -2295,6 +2306,8 @@ class XendDomainInfo: +@@ -2322,6 +2333,8 @@ class XendDomainInfo: self.info['name_label'], self.domid, self.info['uuid'], new_name, new_uuid) self._unwatchVm() @@ -177,7 +177,7 @@ self._releaseDevices() # Remove existing vm node in xenstore self._removeVm() -@@ -2974,6 +2987,9 @@ class XendDomainInfo: +@@ -3001,6 +3014,9 @@ class XendDomainInfo: self._createDevices() @@ -187,7 +187,7 @@ self.image.cleanupTmpImages() self.info['start_time'] = time.time() -@@ -2998,6 +3014,8 @@ class XendDomainInfo: +@@ -3025,6 +3041,8 @@ class XendDomainInfo: self.refresh_shutdown_lock.acquire() try: self.unwatchShutdown() @@ -196,7 +196,7 @@ self._releaseDevices() bootloader_tidy(self) -@@ -3082,6 +3100,7 @@ class XendDomainInfo: +@@ -3109,6 +3127,7 @@ class XendDomainInfo: self.image = image.create(self, self.info) if self.image: self.image.createDeviceModel(True) @@ -204,7 +204,7 @@ self.console_port = console_port self._storeDomDetails() self._registerWatches() -@@ -3223,6 +3242,8 @@ class XendDomainInfo: +@@ -3251,6 +3270,8 @@ class XendDomainInfo: # could also fetch a parsed note from xenstore fast = self.info.get_notes().get('SUSPEND_CANCEL') and 1 or 0 if not fast: @@ -213,7 +213,7 @@ self._releaseDevices() self.testDeviceComplete() self.testvifsComplete() -@@ -3238,6 +3259,8 @@ class XendDomainInfo: +@@ -3266,6 +3287,8 @@ class XendDomainInfo: self._storeDomDetails() self._createDevices() @@ -222,10 +222,10 @@ log.debug("XendDomainInfo.resumeDomain: devices created") xc.domain_resume(self.domid, fast) -Index: xen-4.2.0-testing/tools/python/xen/xend/image.py +Index: xen-4.2.1-testing/tools/python/xen/xend/image.py =================================================================== ---- xen-4.2.0-testing.orig/tools/python/xen/xend/image.py -+++ xen-4.2.0-testing/tools/python/xen/xend/image.py +--- xen-4.2.1-testing.orig/tools/python/xen/xend/image.py ++++ xen-4.2.1-testing/tools/python/xen/xend/image.py @@ -122,6 +122,10 @@ class ImageHandler: self.vm.permissionsVm("image/cmdline", { 'dom': self.vm.getDomid(), 'read': True } ) @@ -325,10 +325,10 @@ def createDeviceModel(self, restore = False): if self.device_model is None: return -Index: xen-4.2.0-testing/tools/python/xen/xm/create.py +Index: xen-4.2.1-testing/tools/python/xen/xm/create.py =================================================================== ---- xen-4.2.0-testing.orig/tools/python/xen/xm/create.py -+++ xen-4.2.0-testing/tools/python/xen/xm/create.py +--- xen-4.2.1-testing.orig/tools/python/xen/xm/create.py ++++ xen-4.2.1-testing/tools/python/xen/xm/create.py @@ -495,6 +495,18 @@ gopts.var('nfs_root', val="PATH", fn=set_value, default=None, use="Set the path of the root NFS directory.") @@ -358,10 +358,10 @@ 'device_model', 'display', 'fda', 'fdb', 'gfx_passthru', 'guest_os_type', -Index: xen-4.2.0-testing/tools/python/xen/xm/main.py +Index: xen-4.2.1-testing/tools/python/xen/xm/main.py =================================================================== ---- xen-4.2.0-testing.orig/tools/python/xen/xm/main.py -+++ xen-4.2.0-testing/tools/python/xen/xm/main.py +--- xen-4.2.1-testing.orig/tools/python/xen/xm/main.py ++++ xen-4.2.1-testing/tools/python/xen/xm/main.py @@ -115,6 +115,8 @@ SUBCOMMAND_HELP = { 'Set the maximum amount reservation for a domain.'), 'mem-set' : ('<Domain> <Mem>', @@ -397,10 +397,10 @@ # cpu commands "vcpu-pin": xm_vcpu_pin, "vcpu-list": xm_vcpu_list, -Index: xen-4.2.0-testing/tools/python/xen/xm/xenapi_create.py +Index: xen-4.2.1-testing/tools/python/xen/xm/xenapi_create.py =================================================================== ---- xen-4.2.0-testing.orig/tools/python/xen/xm/xenapi_create.py -+++ xen-4.2.0-testing/tools/python/xen/xm/xenapi_create.py +--- xen-4.2.1-testing.orig/tools/python/xen/xm/xenapi_create.py ++++ xen-4.2.1-testing/tools/python/xen/xm/xenapi_create.py @@ -1085,6 +1085,9 @@ class sxp2xml: 'acpi', 'apic', -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org