From: Manish Jaggi
This patch extends the gicv3_iomem_deny_access functionality by adding
support for ITS region as well. Add function gicv3_its_deny_access.
Reviewed-by: Andre Przywara
Acked-by: Julien Grall
Signed-off-by: Manish Jaggi
---
xen/arch/arm/gic-v3-its.c| 22 +
From: Manish Jaggi
add_to_host_its_list will update the host_its_list. This common
function to be invoked from gicv3_its_dt_init and gic_v3_its_acpi_probe.
Signed-off-by: Manish Jaggi
Reviewed-by: Andre Przywara
Acked-by: Julien Grall
---
xen/arch/arm/gic-v3-its.c | 32 --
From: Manish Jaggi
Add gicv3_its_make_hwdom_madt to update hwdom MADT ITS information.
Reviewed-by: Andre Przywara
Signed-off-by: Manish Jaggi
---
xen/arch/arm/gic-v3-its.c| 19 +++
xen/arch/arm/gic-v3.c| 2 ++
xen/include/asm-arm/gic_v3_its.h | 8 +++
From: Manish Jaggi
Added gicv3_its_acpi_init to update host_its_list from MADT table.
For ACPI, host_its structure stores dt_node as NULL.
Reviewed-by: Andre Przywara
Signed-off-by: Manish Jaggi
---
xen/arch/arm/gic-v3-its.c| 24
xen/arch/arm/gic-v3.c
From: Manish Jaggi
estimate_acpi_efi_size needs to be updated to provide correct size of
hardware domains MADT, which now adds ITS information as well.
This patch updates the formula to compute extra MADT size, as per GICv2/3
by calling gic_get_hwdom_extra_madt_size
Signed-off-by: Manish Jaggi
From: Manish Jaggi
This patch is split into 5 patches. First two add support for updating
host_its_list from ACPI MADT table.
The rest patches provide support to update the hardware domain MADT table
with ITS information.
Changes since v4
- gic_hw_operations callback name changed to include "ext
On 10/09/2017 11:53 AM, Konrad Rzeszutek Wilk via refpolicy wrote:
From: Konrad Rzeszutek Wilk
libxenstored since git commit 9c89dc95201ffed5fead17b35754bf9440fdbdc0
prefers to use "/dev/xen/xenbus" over the "/proc/xen/xenbus".
Signed-off-by: Konrad Rzeszutek Wilk
---
policy/modules/kernel/
On 10/09/2017 11:53 AM, Konrad Rzeszutek Wilk via refpolicy wrote:
From: Konrad Rzeszutek Wilk
type=AVC msg=audit(1504637347.487:280): avc: denied { map } for pid=857 comm="xenconsoled"
path="/dev/xen/privcmd" dev="devtmpfs" ino=16289
scontext=system_u:system_r:xenconsoled_t:s0
Without th
On 10/10/17 13:36 +0800, Tian, Kevin wrote:
> > From: Roger Pau Monné [mailto:roger@citrix.com]
> > Sent: Wednesday, September 20, 2017 4:31 PM
> >
> > On Mon, Sep 11, 2017 at 02:00:48PM +0800, Haozhong Zhang wrote:
> > > The 64-bit DMAR fault address is composed of two 32 bits registers
> > >
> From: Roger Pau Monné [mailto:roger@citrix.com]
> Sent: Wednesday, September 20, 2017 4:31 PM
>
> On Mon, Sep 11, 2017 at 02:00:48PM +0800, Haozhong Zhang wrote:
> > The 64-bit DMAR fault address is composed of two 32 bits registers
> > DMAR_FEADDR_REG and DMAR_FEUADDR_REG. According to VT-d
> From: Andrew Cooper [mailto:andrew.coop...@citrix.com]
> Sent: Saturday, September 30, 2017 2:31 AM
>
> This rearanges the logic to avoid the double !hvm_paging_enabled(v) check,
> but
> is otherwise identical.
>
> Signed-off-by: Andrew Cooper
Acked-by: Kevin Tian
__
pt_update_irq() is expected to return the vector number of periodic
timer interrupt, which should be set in vIRR of vlapic. Otherwise it
would trigger the assertion in vmx_intr_assist(), please seeing
https://lists.xenproject.org/archives/html/xen-devel/2017-10/msg00915.html.
But it fails to achie
> From: Andrew Cooper [mailto:andrew.coop...@citrix.com]
> Sent: Saturday, September 30, 2017 2:31 AM
>
> An update to CR4 following a CR0 update can be done easily by falling
> through into the CR4 case. This avoids unnecessary passes through
> vmx_vmcs_{enter,exit}() and unnecessary stack usage
> From: Andrew Cooper [mailto:andrew.coop...@citrix.com]
> Sent: Saturday, September 30, 2017 2:31 AM
>
> * Drop trailing whitespace
> * Fix indendation and newlines
> * Use bool where appropriate
>
> No functional change.
>
> Signed-off-by: Andrew Cooper
Acked-by: Kevin Tian
> From: George Dunlap [mailto:george.dun...@citrix.com]
> Sent: Wednesday, October 4, 2017 7:14 PM
>
> On 10/04/2017 12:11 PM, Jan Beulich wrote:
> On 02.10.17 at 16:09, wrote:
> >> On 10/02/2017 02:43 PM, George Dunlap wrote:
> >>> On 09/25/2017 01:03 PM, Petre Pircalabu wrote:
> Enfor
> From: Jan Beulich [mailto:jbeul...@suse.com]
> Sent: Wednesday, October 4, 2017 8:07 PM
>
> >>> On 28.09.17 at 20:36, wrote:
> > ... instead of the opencoded _mfn(pagetable_get_pfn(...)) construct.
> >
> > Fix two overly long lines; no functional change.
> >
> > Signed-off-by: Andrew Cooper
>
> From: Jan Beulich [mailto:jbeul...@suse.com]
> Sent: Monday, October 9, 2017 3:49 PM
>
> Therefore all write attempts should produce #GP, just like on real
> hardware.
>
> Signed-off-by: Jan Beulich
> Reviewed-by: Roger Pau Monné
Acked-by: Kevin Tian
___
> From: Julien Grall [mailto:julien.gr...@linaro.org]
> Sent: Friday, October 6, 2017 1:42 AM
>
> Most of the users of page_to_mfn and mfn_to_page are either overriding
> the macros to make them work with mfn_t or use mfn_x/_mfn because the
> rest of the function use mfn_t.
>
> So make __page_to_
flight 114185 linux-4.9 real [real]
http://logs.test-lab.xenproject.org/osstest/logs/114185/
Regressions :-(
Tests which did not succeed and are blocking,
including tests which could not be run:
test-amd64-amd64-xl-pvh-intel 12 guest-start fail REGR. vs. 114036
test-amd64-amd64-xl-p
Same code is already in allocate_and_map_msi_pirq()
-v2: remove unnecessory comment (Suggested by Jan and Roger)
added 'x86/physdev:' tag to commit subject (Suggested by Konrad)
Signed-off-by: Zhenzhong Duan
Reviewed-by: Joe Jin
Reviewed-by: Roger Pau Monné
Reviewed-by: Konrad Rzeszutek W
branch xen-unstable
xenbranch xen-unstable
job test-amd64-amd64-xl-pvh-intel
testid guest-start
Tree: linux git://xenbits.xen.org/linux-pvops.git
Tree: linuxfirmware git://xenbits.xen.org/osstest/linux-firmware.git
Tree: qemu git://xenbits.xen.org/qemu-xen-traditional.git
Tree: qemuu git://git.qem
This run is configured for baseline tests only.
flight 7 xen-4.8-testing real [real]
http://osstest.xs.citrite.net/~osstest/testlogs/logs/7/
Regressions :-(
Tests which did not succeed and are blocking,
including tests which could not be run:
test-armhf-armhf-xl-credit2 6 xen-install
flight 114180 linux-3.18 real [real]
http://logs.test-lab.xenproject.org/osstest/logs/114180/
Regressions :-(
Tests which did not succeed and are blocking,
including tests which could not be run:
test-amd64-amd64-xl-pvh-intel 12 guest-start fail REGR. vs. 114034
test-amd64-amd64-xl-
for me, the most important thing at the moment, is to run our system
on xen guest (aka DomU), with the full functions. the performance
could be a secondary consideration.
most of time, for our guests, full functions, with the
acceptable performance, is fine.
do we have plan to support xen net
On 17-10-09 15:03:25, Roger Pau Monn� wrote:
> On Sun, Oct 08, 2017 at 04:22:00AM +, Yi Sun wrote:
[...]
> > static void do_write_psr_msrs(void *data)
>
> Should this be "static int do_write_psr_msrs"...
>
This function is a parameter of 'on_selected_cpus()' which requires it to be
'void'.
flight 114175 linux-linus real [real]
http://logs.test-lab.xenproject.org/osstest/logs/114175/
Failures :-/ but no regressions.
Tests which did not succeed, but are not blocking:
test-armhf-armhf-libvirt 14 saverestore-support-checkfail like 114116
test-amd64-i386-xl-qemut-win7-amd64 1
On Fri, 6 Oct 2017, Julien Grall wrote:
> Hi Volodymyr,
>
> On 04/10/17 22:00, Volodymyr Babchuk wrote:
> > PSCI handling code had helper routine that checked calling convention.
> > It does not needed anymore, because:
> >
> > - Generic handler checks that 64 bit calls can be made only by
> >
flight 114201 xen-unstable-smoke real [real]
http://logs.test-lab.xenproject.org/osstest/logs/114201/
Failures :-/ but no regressions.
Tests which did not succeed, but are not blocking:
test-amd64-amd64-libvirt 13 migrate-support-checkfail never pass
test-armhf-armhf-xl 1
flight 114173 xen-4.8-testing real [real]
http://logs.test-lab.xenproject.org/osstest/logs/114173/
Failures :-/ but no regressions.
Tests which are failing intermittently (not blocking):
test-xtf-amd64-amd64-1 48 xtf/test-hvm64-lbr-tsx-vmentry fail in 114093 pass
in 114173
test-xtf-amd64-amd64
Hi,
This series seems to have some coding style problems. See output below for
more information:
Type: series
Message-id: 1507564902-9000-1-git-send-email-ian.jack...@eu.citrix.com
Subject: [Qemu-devel] [PATCH v4 0/8] xen: xen-domid-restrict improvements
=== TEST SCRIPT BEGIN ===
#!/bin/bash
BA
flight 114169 xen-unstable real [real]
http://logs.test-lab.xenproject.org/osstest/logs/114169/
Failures :-/ but no regressions.
Tests which are failing intermittently (not blocking):
test-armhf-armhf-xl-rtds 12 guest-startfail pass in 114114
Tests which did not succeed, but
On Mon, Oct 09, 2017 at 02:15:48PM +0800, Joe Jin wrote:
> Looks good for me.
>
> Reviewed-by: Joe Jin
Ah, indeed.
Reviewed-by: Konrad Rzeszutek Wilk
Also
CC-ing Jan and Andrew.
P.S.
Could you change the title to have 'x86/physdev:' as part of the
name please?
>
> On 10/09/2017 02:00 PM,
From: Razvan Cojocaru
For the default EPT view we have xc_set_mem_access_multi(), which
is able to set an array of pages to an array of access rights with
a single hypercall. However, this functionality was lacking for the
altp2m subsystem, which could only set page restrictions for one
page at a
On 07/10/17 11:54, Sergej Proskurin wrote:
Hi Julien,
Hello,
On 10/07/2017 12:29 PM, Julien Grall wrote:
On 07/10/2017 11:18, Sergej Proskurin wrote:
Hi all,
Hello Sergej,
just wanted to friendly remind you about the next altp2m on ARM patch
series, since it has been submitted for
On Mon, 2017-10-09 at 12:13 -0400, Meng Xu wrote:
> On Wed, Sep 13, 2017 at 8:51 PM, Dario Faggioli
> wrote:
> >
> > On Fri, 2017-09-01 at 11:58 -0400, Meng Xu wrote:
> > > diff --git a/tools/xl/xl_cmdtable.c b/tools/xl/xl_cmdtable.c
> > > index ba0159d..1b03d44 100644
> > > --- a/tools/xl/xl_cmd
Hi,
can you please re-break the commit message to fit into 72 characters?
git show looks rather ugly as it is now.
On 27/09/17 07:13, Bhupinder Thakur wrote:
> This patch fixes the issue observed when pl011 patches were tested on
> the junos hardware by Andre/Julien. It was observed that when lar
Hi Sergej,
On 30/08/17 19:32, Sergej Proskurin wrote:
This commit pulls out generic init/teardown functionality out of
"p2m_init" and "p2m_teardown" into "p2m_init_one", "p2m_teardown_one",
and "p2m_flush_table" functions. This allows our future implementation
to reuse existing code for the ini
On Mon, 2017-10-09 at 03:49 -0600, Jan Beulich wrote:
> > > > On 28.09.17 at 19:06, wrote:
> >
> With at least the latter addressed
> Reviewed-by: Jan Beulich
> Of course both should be easy to take care of while committing,
> should no other reason arise for sending v4.
>
Which, AFAICS, you've
(resending, more competently this time)
Daniel P. Berrange writes ("Re: [Qemu-devel] [PATCH 7/8] os-posix: Provide new
-runasid option"):
> Just use getpwuid() to get the "struct passwd *", then change_process_uid()
> doesn't need any changes at all AFAICT.
See my comments in the commit message
(My resend has crossed with your review. Sorry about that.)
Anthony PERARD writes ("Re: [PATCH 3/8] xen: defer call to xen_restrict until
after os_setup_post"):
> On Wed, Oct 04, 2017 at 05:18:06PM +0100, Ian Jackson wrote:
> > +void xen_setup_post(void)
> > +{
> > +int rc;
>
> We probably
(My resend has crossed with your review. Sorry about that.)
Anthony PERARD writes ("Re: [PATCH 3/8] xen: defer call to xen_restrict until
after os_setup_post"):
> On Wed, Oct 04, 2017 at 05:18:06PM +0100, Ian Jackson wrote:
> > +void xen_setup_post(void)
> > +{
> > +int rc;
>
> We probably
flight 114199 xen-unstable-smoke real [real]
http://logs.test-lab.xenproject.org/osstest/logs/114199/
Regressions :-(
Tests which did not succeed and are blocking,
including tests which could not be run:
build-armhf broken
build-amd64 6 xen
Re-sending as the first didn't hit the refpolicy mailing list.
Date: Mon, 9 Oct 2017 11:53:45 -0400
From: Konrad Rzeszutek Wilk
To: refpol...@oss.tresys.com
Cc: xen-de...@lists.xenproject.org
Subject: [refpolicy SELinux PATCH] Updates to SELinux refpolicies to make
xenconsoled work. (v1)
Hey!
Daniel P. Berrange writes ("Re: [Qemu-devel] [PATCH 7/8] os-posix: Provide new
-runasid option"):
> Just use getpwuid() to get the "struct passwd *", then change_process_uid()
> doesn't need any changes at all AFAICT.
See my comments in the commit message. There may be multiple passwd
entries r
Hi Sergej,
On 30/08/17 19:32, Sergej Proskurin wrote:
This commit copies and extends the altp2m-related code from x86 to ARM.
Functions that are no yet supported notify the caller or print a BUG
message stating their absence.
I am still concerned on the locking differing between x86 and Arm
(
Ian Jackson writes ("[PATCH 1/8] xen: link against xentoolcore"):
> From: Anthony PERARD
>
> Xen libraries 4.10 will include a new xentoolcore library, without
> which xendevicemodel et al will not work.
The xentoolcore library was just committed to xen.git#staging, so at
least this patch (or so
On Mon, Oct 9, 2017 at 12:13 AM, Tan, Jianfeng
wrote:
> Hi,
>
> On 10/8/2017 12:54 PM, Bill Bonaparte wrote:
>
> Thanks Jianfeng for taking time to reply.
>
> please allow me to briefly explain why I want to run dpdk on xen.
> our system is based on dpdk, which means we use dpdk as packet
> recei
Hi Sergej,
On 30/08/17 19:32, Sergej Proskurin wrote:
This commit introduces macros for switching and restoring the vttbr
considering the currently set irq flags. We define these macros, as the
following commits will use the associated functionality multiple times
throughout different files.
Si
On Wed, Sep 13, 2017 at 8:51 PM, Dario Faggioli
wrote:
>
> On Fri, 2017-09-01 at 11:58 -0400, Meng Xu wrote:
> > diff --git a/tools/xl/xl_cmdtable.c b/tools/xl/xl_cmdtable.c
> > index ba0159d..1b03d44 100644
> > --- a/tools/xl/xl_cmdtable.c
> > +++ b/tools/xl/xl_cmdtable.c
> > @@ -272,12 +272,13 @
>>> On 09.10.17 at 17:36, wrote:
> On 09/14/2017 04:12 PM, Jan Beulich wrote:
>> @@ -7119,6 +7142,18 @@ x86_emulate(
>> fic.insn_bytes = PFX_BYTES + 3;
>> break;
>>
>> +case X86EMUL_OPC_VEX_66(0x0f38, 0x19): /* vbroadcastsd m64,ymm */
>> +case X86EMUL_OPC_VEX_66(0x0f38,
Ian Jackson writes ("[PATCH v2 00/24] Provide some actual restriction of qemu"):
> With this series, it is possible to run qemu in a way that I think
> really does not have global privilege any more.
This is not v2. It is v4.
Sorry.
Ian.
___
Xen-deve
On Mon, Oct 09, 2017 at 04:57:28PM +0100, Ian Jackson wrote:
> Ross reports that stdvga guests do not work, and cirrus guests are
> slow, because qemu tries to do xc_domain_add_to_physmap. We will need
> another dmop to fix this properly.
>
> For now, document the problem.
>
> (In the cirrus cas
On Tue, Sep 19, 2017 at 5:23 AM, Dario Faggioli
wrote:
>
> On Fri, 2017-09-15 at 12:01 -0400, Meng Xu wrote:
> > On Wed, Sep 13, 2017 at 8:16 PM, Dario Faggioli
> > wrote:
> > >
> > > > I'm ok with what it is in this patch, although I feel that we can
> > > > kill the
> > > > if (scinfo->extrati
From: Anthony PERARD
Xen libraries 4.10 will include a new xentoolcore library, without
which xendevicemodel et al will not work.
Signed-off-by: Ian Jackson
---
configure | 8 +---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/configure b/configure
index fd7e3a5..6f691df 10
xc_interface_open etc. is not going to work if we have dropped
privilege, but xendevicemodel_shutdown will if everything is new
enough.
xendevicemodel_shutdown is only availabe in Xen 4.10 and later, so
provide a stub for earlier versions.
Signed-off-by: Ian Jackson
---
v2: Add compatibility stu
We are going to want to reuse this.
No functional change.
Signed-off-by: Ian Jackson
Reviewed-by: Anthony PERARD
---
hw/i386/xen/xen-hvm.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/hw/i386/xen/xen-hvm.c b/hw/i386/xen/xen-hvm.c
index 7b60ec6..83420cd 100644
--- a/
We need to restrict *all* the control fds that qemu opens. Looking in
/proc/PID/fd shows there are many; their allocation seems scattered
throughout Xen support code in qemu.
We must postpone the restrict call until roughly the same time as qemu
changes its uid, chroots (if applicable), and so on
This makes it much easier to find a particular thing in config.log.
The information may be lacking in other shells, resulting in harmless
empty output. (This is why we don't use the proper ${FUNCNAME[*]}
array syntax - other shells will choke on that.)
The extra output is only printed if configu
This allows the caller to specify a uid and gid to use, even if there
is no corresponding password entry. This will be useful in certain
Xen configurations.
We don't support just -runas because: (i) deprivileging without
calling setgroups would be ineffective (ii) given only a uid we don't
know
We are going to want to use the dummy xendevicemodel_handle type in
new stub functions in the CONFIG_XEN_CTRL_INTERFACE_VERSION < 41000
section. So we need to provide that definition, or (as applicable)
include the appropriate header, earlier in the file.
(Ideally the newer compatibility layers w
And insist that it works.
Drop individual use of xendevicemodel_restrict and
xenforeignmemory_restrict. These are not actually effective in this
version of qemu, because qemu has a large number of fds open onto
various Xen control devices.
The restriction arrangements are still not right, becaus
I have been working on trying to get qemu, when running as a Xen
device model, to _actually_ not have power equivalent to root.
I think I have achieved this, with some limitations (which are
discussed in my series against xen.git.
However, there are changes to qemu needed. In particular
* The
Signed-off-by: Ian Jackson
Acked-by: Wei Liu
---
tools/Rules.mk | 2 +-
tools/libs/foreignmemory/Makefile | 4 ++--
tools/libs/foreignmemory/core.c | 15 +++
tools/libs/foreignmemory/private.h | 3 +++
too
Signed-off-by: Ian Jackson
Acked-by: Wei Liu
---
v2: Fix typo in comment
---
tools/libs/toolcore/include/xentoolcore.h | 6 --
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/tools/libs/toolcore/include/xentoolcore.h
b/tools/libs/toolcore/include/xentoolcore.h
index 93eaf23..8
Now we can also abolish the temporary local variable "fd" and simply
use h->fd.
This ordering is necessary to be able to call
xentoolcore__register_active_handle sensibly.
Signed-off-by: Ian Jackson
Acked-by: Wei Liu
---
tools/xenstore/xs.c | 28 +++-
1 file changed, 15
Signed-off-by: Ian Jackson
Acked-by: Wei Liu
---
v3: Use -runas ., as suggested on qemu-devel
by Markus Armbruster
---
docs/man/xl.cfg.pod.5.in | 11 ++-
tools/libxl/libxl_dm.c | 32
tools/libxl/libxl_internal.h | 1 +
3 files changed, 43 i
This functionality is still quite imperfect, but it will be useful in
certain restricted use cases.
Signed-off-by: Ian Jackson
Acked-by: Wei Liu
---
docs/man/xl.cfg.pod.5.in| 86 +
tools/libxl/libxl_create.c | 1 +
tools/libxl/libxl_dm.c |
Signed-off-by: Ian Jackson
Acked-by: Wei Liu
---
tools/libs/toolcore/include/xentoolcore_internal.h | 42 ++
tools/libxl/libxl_internal.h | 30
2 files changed, 42 insertions(+), 30 deletions(-)
diff --git a/tools/libs/toolcore/include/
We need to do this before we start to make the other libraries call
into xentoolcore, or we break building minios with new the xen.
Signed-off-by: Ian Jackson
---
Config.mk | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/Config.mk b/Config.mk
index 54f2382..7b85195 1006
In practice, qemu opens a great many fds. Tracking them all down and
playing whack-a-mole is unattractive. It is also potentially fragile
in that future changes might accidentally undo our efforts.
Instead, we are going to teach all the Xen libraries how to register
their fds so that they can be
Signed-off-by: Ian Jackson
Acked-by: Wei Liu
---
tools/Rules.mk| 2 +-
tools/libs/gnttab/Makefile| 4 ++--
tools/libs/gnttab/gnttab_core.c | 10 ++
tools/libs/gnttab/private.h | 2 ++
tools/libs/gnttab/xengnttab.pc.in | 2 +-
5 files changed, 16 in
We are going to want versions of getpwuid, too. And maybe in the
future getgr*.
This is most sanely achieved with a macro, as otherwise the types are
a mess.
Signed-off-by: Ian Jackson
Acked-by: Wei Liu
---
v2: Fix higgledy \'s (codying style)
---
tools/libxl/libxl_dm.c | 79 +
Signed-off-by: Ian Jackson
Acked-by: Wei Liu
---
tools/libs/call/core.c | 30 +-
tools/libs/toolcore/handlereg.c| 26 +++
tools/libs/toolcore/include/xentoolcore_internal.h | 12 +
tools/libs/toolcore/lib
Signed-off-by: Ian Jackson
Acked-by: Wei Liu
---
tools/Rules.mk| 2 +-
tools/xenstore/Makefile | 7 ---
tools/xenstore/xenstore.pc.in | 2 +-
tools/xenstore/xs.c | 14 ++
4 files changed, 20 insertions(+), 5 deletions(-)
diff --git a/tools/Rule
Signed-off-by: Ian Jackson
Acked-by: Wei Liu
---
tools/libxl/libxl_dm.c | 11 +++
1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/tools/libxl/libxl_dm.c b/tools/libxl/libxl_dm.c
index 00718c5..620b66b 100644
--- a/tools/libxl/libxl_dm.c
+++ b/tools/libxl/libxl_dm.c
@@ -750,
We need to do this before we start to make the other libraries call
into xentoolcore, or we break the stubdom build.
Signed-off-by: Ian Jackson
Acked-by: Wei Liu
---
v2: New patch in this series
---
stubdom/Makefile | 17 +++--
1 file changed, 15 insertions(+), 2 deletions(-)
diff
Ross reports that stdvga guests do not work, and cirrus guests are
slow, because qemu tries to do xc_domain_add_to_physmap. We will need
another dmop to fix this properly.
For now, document the problem.
(In the cirrus case, the vram remains mapped at the old guest-physical
addresses, while the g
Coding style only; no functional change.
CC: Jan Beulich
CC: Andrew Cooper
Signed-off-by: Ian Jackson
Acked-by: Jan Beulich
---
v2: New patch in this version of the series.
---
xen/arch/x86/hvm/dm.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/xen/arch/x86/hvm/dm.c b/xen/arch/x86/hvm/
This necessitates adding $(CFLAGS_xeninclude) to all the depending
libraries (which can be done via Rules.mk), so that the definition of
domid_t (in xen.h) can be found.
Signed-off-by: Ian Jackson
Acked-by: Wei Liu
---
tools/libs/call/core.c | 2 +-
tools/libs/device
Signed-off-by: Ian Jackson
Acked-by: Wei Liu
---
v2: Add a space (coding style)
---
tools/Rules.mk| 2 +-
tools/libs/call/Makefile | 4 ++--
tools/libs/call/core.c| 37 +
tools/libs/call/linux.c | 4
tools/libs/call/p
Signed-off-by: Ian Jackson
Acked-by: Wei Liu
---
tools/Makefile | 3 +++
1 file changed, 3 insertions(+)
diff --git a/tools/Makefile b/tools/Makefile
index 11ad42c..03d326a 100644
--- a/tools/Makefile
+++ b/tools/Makefile
@@ -244,6 +244,7 @@ subdir-all-qemu-xen-dir: qemu-xen-dir-find
Signed-off-by: Ian Jackson
Acked-by: Wei Liu
---
v2: Bump library minor version, as this is a new function
---
tools/libs/devicemodel/Makefile | 2 +-
tools/libs/devicemodel/core.c | 16
tools/libs/devicemodel/include/xendevicemodel.h | 9
Replace the ad-hoc exit clauses with the error handling style where
- local variables contain either things to be freed, or sentinels
- all error exits go via an "err" label which frees everything
Signed-off-by: Ian Jackson
Acked-by: Wei Liu
---
tools/xenstore/xs.c | 21 +---
If the config specifies a user we use that. Otherwise:
When we are not restricting qemu, there is very little point running
it as a different user than root. Indeed, previously, creating the
"magic" users would cause qemu to become slightly dysfunctional (for
example, you can't insert a cd that
Signed-off-by: Ian Jackson
Acked-by: Wei Liu
---
tools/libs/toolcore/include/xentoolcore.h | 5 +
1 file changed, 5 insertions(+)
diff --git a/tools/libs/toolcore/include/xentoolcore.h
b/tools/libs/toolcore/include/xentoolcore.h
index 32e2af1..93eaf23 100644
--- a/tools/libs/toolcore/inclu
Signed-off-by: Ian Jackson
Acked-by: Wei Liu
---
tools/Rules.mk | 2 +-
tools/libs/devicemodel/Makefile | 3 ++-
tools/libs/devicemodel/core.c | 16
tools/libs/devicemodel/private.h| 3 +++
tools/libs/devicemo
With this series, it is possible to run qemu in a way that I think
really does not have global privilege any more.
I have verified that it runs as a non-root user. I have checked all
of its fds and they are either privcmd (which I have arranged to
neuter), or /dev/null, or harmless sockets and pi
SCHEDOP_remote_shutdown should be a DMOP so that a deprivileged qemu
can do the propery tidying up.
We need to keep SCHEDOP_remote_shutdown for ABI stability reasons and
because it is needed for PV guests.
CC: Jan Beulich
CC: Andrew Cooper
CC: George Dunlap
CC: Konrad Rzeszutek Wilk
CC: Stefa
We are going to want to move something here.
Signed-off-by: Ian Jackson
Acked-by: Wei Liu
---
tools/libxl/Makefile | 11 ++-
tools/libxl/libxl_internal.h | 2 ++
2 files changed, 8 insertions(+), 5 deletions(-)
diff --git a/tools/libxl/Makefile b/tools/libxl/Makefile
index 49b
From: Konrad Rzeszutek Wilk
type=AVC msg=audit(1504637347.487:280): avc: denied { map } for pid=857
comm="xenconsoled" path="/dev/xen/privcmd" dev="devtmpfs" ino=16289
scontext=system_u:system_r:xenconsoled_t:s0
Without this we can't use xenconsole (client) to
talk to xenconsoled (server).
> -Original Message-
> From: Xen-devel [mailto:xen-devel-boun...@lists.xen.org] On Behalf Of
> Paul Durrant
> Sent: 26 September 2017 08:41
> To: 'Julien Grall' ; Ian Jackson
> ; Jan Beuli ch
> Cc: Juergen Gross ; Wei Liu ;
> ross.philip...@gmail.com; lars.kurth@gmail.com; xen-
> de...
From: Konrad Rzeszutek Wilk
libxenstored since git commit 9c89dc95201ffed5fead17b35754bf9440fdbdc0
prefers to use "/dev/xen/xenbus" over the "/proc/xen/xenbus".
Signed-off-by: Konrad Rzeszutek Wilk
---
policy/modules/kernel/devices.fc | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/
Hey!
Since Xen 4.6 the xenstored prefers to use /dev/xen/xenbus instead of
/proc/xen/xenbus.
That wasn't in the original email that Anthony had sent:
"[refpolicy] [SELINUX POLICY PATCH] Update for Xen 4.7"
http://oss.tresys.com/pipermail/refpolicy/2017-August/009784.html
But nonetheless it is n
On Wed, Oct 04, 2017 at 05:18:06PM +0100, Ian Jackson wrote:
> We need to restrict *all* the control fds that qemu opens. Looking in
> /proc/PID/fd shows there are many; their allocation seems scattered
> throughout Xen support code in qemu.
>
> We must postpone the restrict call until roughly th
This run is configured for baseline tests only.
flight 72221 ovmf real [real]
http://osstest.xs.citrite.net/~osstest/testlogs/logs/72221/
Regressions :-(
Tests which did not succeed and are blocking,
including tests which could not be run:
test-amd64-i386-xl-qemuu-ovmf-amd64 15 guest-saverestor
>>> On 06.10.17 at 14:25, wrote:
> --- a/xen/arch/x86/mm.c
> +++ b/xen/arch/x86/mm.c
> @@ -1619,9 +1619,10 @@ void page_unlock(struct page_info *page)
>
> /* Update the L1 entry at pl1e to new value nl1e. */
> static int mod_l1_entry(l1_pgentry_t *pl1e, l1_pgentry_t nl1e,
> -
Hi Andrii,
I'm sorry for replying to this thread late. I was busy with a paper
deadline until last Saturday morning.
I saw Dario's thorough answer which explains the high-level idea of
the real-time analysis that is the theoretical foundation of the
analysis tool, e.g., CARTs.
Hopefully, he answe
On 09/10/17 16:19, Wei Liu wrote:
> On Mon, Oct 09, 2017 at 03:51:49PM +0100, Andrew Cooper wrote:
>> On 09/10/17 15:47, Wei Liu wrote:
>>> On Fri, Oct 06, 2017 at 08:00:00PM +0100, Andrew Cooper wrote:
Mixed throughout libxc are uint32_t, int, and domid_t for domid parameters.
With a sig
On 09/14/2017 04:12 PM, Jan Beulich wrote:
> I.e. those not being equivalents of SSEn ones.
>
> There's one necessary change to generic code: Faulting behavior of
> VMASKMOVP{S,D} requires us to do partial reads/writes.
>
> Signed-off-by: Jan Beulich
> ---
> v2: Move vpmaskmov{d,q} handling to A
On Fri, Oct 06, 2017 at 07:04:49PM +0100, Andrew Cooper wrote:
> On 06/10/17 11:30, Roger Pau Monné wrote:
> > On Thu, Oct 05, 2017 at 06:23:44PM +, Andrew Cooper wrote:
> >> Recent changes in grant table configuration have caused calls to
> >> xc_dom_gnttab_init() to fail if not proceeded with
1 - 100 of 197 matches
Mail list logo
