flight 117660 xen-4.8-testing real [real]
http://logs.test-lab.xenproject.org/osstest/logs/117660/
Failures and problems with tests :-(
Tests which did not succeed and are blocking,
including tests which could not be run:
test-amd64-amd64-xl-qemuu-debianhvm-amd64-xsm broken in 117586
test-a
flight 117652 xen-unstable real [real]
http://logs.test-lab.xenproject.org/osstest/logs/117652/
Regressions :-(
Tests which did not succeed and are blocking,
including tests which could not be run:
test-armhf-armhf-xl-cubietruck 6 xen-installfail REGR. vs. 117311
Tests which did no
flight 117655 linux-linus real [real]
http://logs.test-lab.xenproject.org/osstest/logs/117655/
Regressions :-(
Tests which did not succeed and are blocking,
including tests which could not be run:
test-amd64-amd64-xl-qemut-debianhvm-amd64 7 xen-bootfail REGR. vs. 115643
test-amd64-i386-qem
flight 117649 linux-next real [real]
http://logs.test-lab.xenproject.org/osstest/logs/117649/
Regressions :-(
Tests which did not succeed and are blocking,
including tests which could not be run:
test-armhf-armhf-xl 10 debian-install fail REGR. vs. 117544
test-amd64-i386-exam
On Sat, Jan 06, 2018 at 04:18:46PM -0800, Anthony Liguori wrote:
> On Sat, Jan 6, 2018 at 2:54 PM, Anthony Liguori wrote:
> > From: Matt Wilson
>
> Yeah, this has no hope of working on ARM Matt. Shame on you ;-P
It's almost like you put this patch in front of the one introducing
is_vixen() jus
On Sat, Jan 6, 2018 at 4:06 PM, Matt Wilson wrote:
> On Sat, Jan 06, 2018 at 02:54:22PM -0800, Anthony Liguori wrote:
>> From: Anthony Liguori
>>
>> Vixen (Virtualized Xen) is a paravirtual mode of Xen where
>> paravirtual I/O is passed through from the parent hypervisor
>> all the way through th
On Sat, Jan 06, 2018 at 02:54:37PM -0800, Anthony Liguori wrote:
> From: Anthony Liguori
>
> The dom0 builder requires a number of modifications in order to be
> able to launch unprivileged guests. The console and store pages
> must be mapped in a specific location within the guest's initial
> p
On Sat, Jan 6, 2018 at 2:54 PM, Anthony Liguori wrote:
> From: Matt Wilson
>
> When using Vixen, it is helpful to get the Xen messages in a
> separate channel than the console output. Add an option to
> output to the QEMU backdoor logging port.
>
> Signed-off-by: Matt Wilson
> Signed-off-by: An
On Sat, Jan 06, 2018 at 02:54:22PM -0800, Anthony Liguori wrote:
> From: Anthony Liguori
>
> Vixen (Virtualized Xen) is a paravirtual mode of Xen where
> paravirtual I/O is passed through from the parent hypervisor
> all the way through the dom0 guest. The dom0 guest is also
> deprivileged and r
On Sat, Jan 6, 2018 at 3:50 PM, Andrew Cooper wrote:
> On 06/01/2018 22:54, Anthony Liguori wrote:
>> From: Anthony Liguori
>>
>> CVE-2017-5754 is problematic for paravirtualized x86 domUs because it
>> appears to be very difficult to isolate the hypervisor's page tables
>> from PV domUs while ma
On Sat, Jan 06, 2018 at 11:50:46PM +, Andrew Cooper wrote:
> On 06/01/2018 22:54, Anthony Liguori wrote:
> > Please note the Xen page table configuration fundamental to the
> > current PV ABI makes it impossible for an operating system to mitigate
> > CVE-2017-5754 through mechanisms like Kerne
On 06/01/2018 22:54, Anthony Liguori wrote:
> From: Anthony Liguori
>
> CVE-2017-5754 is problematic for paravirtualized x86 domUs because it
> appears to be very difficult to isolate the hypervisor's page tables
> from PV domUs while maintaining ABI compatibility. Instead of trying
> to make a K
On Sat, Jan 6, 2018 at 2:54 PM, Anthony Liguori wrote:
> From: Anthony Liguori
>
> CVE-2017-5754 is problematic for paravirtualized x86 domUs because it
> appears to be very difficult to isolate the hypervisor's page tables
> from PV domUs while maintaining ABI compatibility. Instead of trying
>
From: Anthony Liguori
Our intention is for the Vixen guest to be deprivileged so we need
to avoid permitting access to each IRQ even though it is technically
the hardware domain.
Signed-off-by: Anthony Liguori
---
xen/arch/x86/irq.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff
From: Anthony Liguori
The grant table is a region of guest memory that contains GMFNs
which in PV are MFNs but are PFNs in HVM. Since a Vixen guest MFN
is an HVM PFN, we can pass this table directly through to the outer
Xen which cuts down considerably on overhead.
We do not forward most of the
From: Anthony Liguori
This is necessary to trigger event channel upcalls but it is also
useful to passthrough the full version information such that the
guest believes it is running on the parent Xen.
Signed-off-by: Matt Wilson
Signed-off-by: Anthony Liguori
---
xen/common/kernel.c | 82 +
From: Anthony Liguori
Our initial approach exposed the console ring directly to guests
which worked well except for the fact that very old versions of Xen
did not support console ring for HVM guests. It also proved to
be complicated from a management tool perspective since both the
serial consol
From: Anthony Liguori
We split initialization of Vixen into two parts. The first part
just detects the presence of an HVM hypervisor so that we can
figure out whether to modify the e820 table.
The later initialization is used to actually map the shared_info
structure from the parent hypervisor
From: Anthony Liguori
Some older guests special case domid=0 instead of checking the
shared info flags so in order to get PV drivers loaded properly,
we need to make the guest always appear with a domid != 0.
While the Vixen domain is the hardware domain, we don't want it
to behave that way so w
From: Anthony Liguori
CVE-2017-5754 is problematic for paravirtualized x86 domUs because it
appears to be very difficult to isolate the hypervisor's page tables
from PV domUs while maintaining ABI compatibility. Instead of trying
to make a KPTI-like approach work for Xen PV, it seems reasonable
From: Jan H. Schönherr
Intel says for CPUID leaf 0Bh:
"Software must not use EBX[15:0] to enumerate processor
topology of the system. This value in this field
(EBX[15:0]) is only intended for display/diagnostic
purposes. The actual number of logical processors
available to BIOS/OS/
From: Jan H. Schönherr
While the hwdom_shutdown() is able to reboot the system, it fails to
properly power it off. With SCHEDOP_shutdown, we delegate the problem.
Signed-off-by: Jan H. Schönherr
Signed-off-by: Anthony Liguori
---
xen/common/domain.c | 14 ++
1 file changed, 14 ins
From: Andrew Cooper
Signed-off-by: Andrew Cooper
Signed-off-by: Anthony Liguori
---
xen/arch/x86/Makefile | 1 +
xen/arch/x86/guest/Makefile | 1 +
xen/arch/x86/guest/xen.c| 75 +
xen/arch/x86/setup.c| 4 +++
xen/incl
From: Matt Wilson
When using Vixen, it is helpful to get the Xen messages in a
separate channel than the console output. Add an option to
output to the QEMU backdoor logging port.
Signed-off-by: Matt Wilson
Signed-off-by: Anthony Liguori
---
xen/drivers/char/console.c | 24 ++
From: Anthony Liguori
The dom0 builder requires a number of modifications in order to be
able to launch unprivileged guests. The console and store pages
must be mapped in a specific location within the guest's initial
page table.
We also have to setup the start info to be what's expected for
un
From: Anthony Liguori
Otherwise when time sharing a physical CPU, the calculation can
be bogus resulting in time drift for the guest due to improper
frequency within pvclock.
Signed-off-by: Anthony Liguori
---
xen/arch/x86/guest/vixen.c| 21 +
xen/arch/x86/time.c
From: Jan H. Schönherr
The function originally did the following unconditionally:
send_guest_global_virq(global_virq_handlers[virq] ?: hardware_domain, virq);
The new variant should reflect the non-Vixen case correctly.
Signed-off-by: Jan H. Schönherr
Signed-off-by: Anthony Liguori
---
x
From: Jan H. Schönherr
Previously, we would keep proxied event channels as ECS_INTERDOMAIN
channel around. This works for most things, but has the problem
that EVTCHNOP_status is broken, and that EVTCHNOP_close does not
mark an event channel as free.
Introduce a separate ECS_PROXY to denote even
From: Anthony Liguori
This allows for proper accounting of steal time within the guest.
Signed-off-by: Anthony Liguori
---
xen/common/domain.c | 6 ++
1 file changed, 6 insertions(+)
diff --git a/xen/common/domain.c b/xen/common/domain.c
index ede377c..780f8ff 100644
--- a/xen/common/doma
From: Andrew Cooper
Signed-off-by: Andrew Cooper
Signed-off-by: Anthony Liguori
---
xen/arch/x86/guest/Makefile | 1 +
xen/arch/x86/guest/hypercall_page.S | 79 ++
xen/arch/x86/guest/xen.c | 5 ++
xen/arch/x86/xen.lds.S| 1
From: Anthony Liguori
This patch registers an interrupt handler using either an INTx
interrupt from the platform PCI device, CALLBACK_IRQ vector
delivery, or evtchn_upcall_vector depending on what the parent
hypervisor supports.
The event channel polling code comes from Linux but uses the
intern
From: Anthony Liguori
Only print the banner if the log threshold is at least info.
For Vixen guests, we want the console output to be exactly what the
PV guest would show on it's own. That means the inner Xen banner
can potentially break automation that assumes a specific type of
console output
From: Andrew Cooper
Signed-off-by: Andrew Cooper
Signed-off-by: Anthony Liguori
---
xen/arch/x86/Kconfig | 17 +
1 file changed, 17 insertions(+)
diff --git a/xen/arch/x86/Kconfig b/xen/arch/x86/Kconfig
index 7c45829..07530bf 100644
--- a/xen/arch/x86/Kconfig
+++ b/xen/arch/x8
From: Anthony Liguori
For Vixen, we do not want to pass through all event channel
operations as HVM guests do not have nearly as many event channel
interactions as PV and on older versions of Xen, there is no reliable
way to wake up an event channel on VCPU != 0 leading to a variety of
deadlocks.
From: Anthony Liguori
In order to be able to assign the Xenstore page into the Vixen guest,
we need struct page_info's to exist. We do this by modifying the
e820 table early in boot and then using the badpages handling to
prevent these pages from being added to the xenheap.
Since these pages ex
From: Anthony Liguori
Vixen (Virtualized Xen) is a paravirtual mode of Xen where
paravirtual I/O is passed through from the parent hypervisor
all the way through the dom0 guest. The dom0 guest is also
deprivileged and renumbered to give the appearance that it
is running as a normal PV guest.
Si
Variable Length Arrays In Structs (VLAIS) is not supported by Clang, and
frowned upon by others.
https://lkml.org/lkml/2013/9/23/500
Here, the VLAIS was used because the size of the bitmap returned from
xen_mc_entry() depended on possibly (based on kernel configuration)
runtime sized data. Rather
On Tue, Jan 2, 2018 at 7:00 AM, Boris Ostrovsky
wrote:
> On 01/02/2018 09:32 AM, Andrew Cooper wrote:
>> On 02/01/18 14:24, Juergen Gross wrote:
>>> On 02/01/18 15:18, Boris Ostrovsky wrote:
On 12/23/2017 09:50 PM, Nick Desaulniers wrote:
> The header declares this function as __init but
Hello,
>From: Xen-devel [xen-devel-boun...@lists.xen.org] on behalf of Roger Pau Monne
>[roger@citrix.com]
>Sent: Tuesday, September 19, 2017 8:59 PM
>To: xen-devel@lists.xenproject.org
>Cc: boris.ostrov...@oracle.com
>Subject: [Xen-devel] [PATCH v6 00/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Xen Security Advisory CVE-2017-17563 / XSA-249
version 3
broken x86 shadow mode refcount overflow check
UPDATES IN VERSION 3
CVE assigned.
ISSUE DESCRIPTION
==
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Xen Security Advisory CVE-2017-17564 / XSA-250
version 3
improper x86 shadow mode refcount error handling
UPDATES IN VERSION 3
CVE assigned.
ISSUE DESCRIPTION
=
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Xen Security Advisory CVE-2017-17566 / XSA-248
version 3
x86 PV guests may gain access to internally used pages
UPDATES IN VERSION 3
CVE assigned.
ISSUE DESCRIPTION
=
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Xen Security Advisory CVE-2017-17565 / XSA-251
version 3
improper bug check in x86 log-dirty handling
UPDATES IN VERSION 3
CVE assigned.
ISSUE DESCRIPTION
===
flight 117647 xen-4.10-testing real [real]
http://logs.test-lab.xenproject.org/osstest/logs/117647/
Regressions :-(
Tests which did not succeed and are blocking,
including tests which could not be run:
test-arm64-arm64-libvirt-xsm 7 xen-boot fail REGR. vs. 117130
Tests which di
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Xen Security Advisory CVE-2018-5244 / XSA-253
version 3
x86: memory leak with MSR emulation
UPDATES IN VERSION 3
CVE assigned.
ISSUE DESCRIPTION
=
I
flight 117644 xen-4.9-testing real [real]
http://logs.test-lab.xenproject.org/osstest/logs/117644/
Regressions :-(
Tests which did not succeed and are blocking,
including tests which could not be run:
build-armhf broken in 117607
build-armhf
flight 73983 distros-debian-stretch real [real]
http://osstest.xs.citrite.net/~osstest/testlogs/logs/73983/
Failures and problems with tests :-(
Tests which did not succeed and are blocking,
including tests which could not be run:
build-armhf-pvopsbroken
build-i3
flight 117642 seabios real [real]
http://logs.test-lab.xenproject.org/osstest/logs/117642/
Regressions :-(
Tests which did not succeed and are blocking,
including tests which could not be run:
test-amd64-amd64-xl-qemuu-ws16-amd64 17 guest-stop fail REGR. vs. 115539
Tests which did not suc
flight 117641 linux-3.18 real [real]
http://logs.test-lab.xenproject.org/osstest/logs/117641/
Failures and problems with tests :-(
Tests which did not succeed and are blocking,
including tests which could not be run:
test-amd64-i386-libvirt broken in 117609
test-amd64-
flight 117639 xen-4.7-testing real [real]
http://logs.test-lab.xenproject.org/osstest/logs/117639/
Failures and problems with tests :-(
Tests which did not succeed and are blocking,
including tests which could not be run:
test-amd64-amd64-migrupgrade broken
test-amd64-amd64-
50 matches
Mail list logo
