From xen-changelog-bounces@lists.xen.org Sat Jan 05 07:22:18 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Sat, 05 Jan 2013 07:22:18 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TrO57-0004nk-TT; Sat, 05 Jan 2013 07:22:13 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TrO56-0004nM-KL for xen-changelog@lists.xensource.com; Sat, 05 Jan 2013 07:22:12 +0000 Received: from [193.109.254.147:3417] by server-16.bemta-14.messagelabs.com id EB/A0-18932-3A4D7E05; Sat, 05 Jan 2013 07:22:11 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-6.tower-27.messagelabs.com!1357370530!4951207!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 30005 invoked from network); 5 Jan 2013 07:22:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-6.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 5 Jan 2013 07:22:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TrO53-0004s4-Se for xen-changelog@lists.xensource.com; Sat, 05 Jan 2013 07:22:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TrO53-0005c0-FV for xen-changelog@lists.xensource.com; Sat, 05 Jan 2013 07:22:09 +0000 Message-Id: Date: Sat, 05 Jan 2013 07:22:08 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] arm: trim pagetable flag definitions to fit in 80 characters X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Tim Deegan # Date 1356004387 0 # Node ID 7420b8f2fa51d2f45b8224511d5dee1242e1a303 # Parent 6f5c96855a9e95d8b3919e289ed7dde38ef83a00 arm: trim pagetable flag definitions to fit in 80 characters Signed-off-by: Tim Deegan Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r 6f5c96855a9e -r 7420b8f2fa51 xen/arch/arm/arm32/head.S --- a/xen/arch/arm/arm32/head.S Thu Dec 20 11:00:32 2012 +0100 +++ b/xen/arch/arm/arm32/head.S Thu Dec 20 11:53:07 2012 +0000 @@ -24,10 +24,10 @@ #define ZIMAGE_MAGIC_NUMBER 0x016f2818 -#define PT_PT 0xe7f /* nG=1, AF=1, SH=10, AP=01, NS=1, ATTR=111, T=1, P=1 */ -#define PT_MEM 0xe7d /* nG=1, AF=1, SH=10, AP=01, NS=1, ATTR=111, T=0, P=1 */ -#define PT_DEV 0xe71 /* nG=1, AF=1, SH=10, AP=01, NS=1, ATTR=100, T=0, P=1 */ -#define PT_DEV_L3 0xe73 /* lev3: nG=1, AF=1, SH=10, AP=01, NS=1, ATTR=100, T=1, P=1 */ +#define PT_PT 0xe7f /* nG=1 AF=1 SH=10 AP=01 NS=1 ATTR=111 T=1 P=1 */ +#define PT_MEM 0xe7d /* nG=1 AF=1 SH=10 AP=01 NS=1 ATTR=111 T=0 P=1 */ +#define PT_DEV 0xe71 /* nG=1 AF=1 SH=10 AP=01 NS=1 ATTR=100 T=0 P=1 */ +#define PT_DEV_L3 0xe73 /* nG=1 AF=1 SH=10 AP=01 NS=1 ATTR=100 T=1 P=1 */ #define PT_UPPER(x) (PT_##x & 0xf00) #define PT_LOWER(x) (PT_##x & 0x0ff) _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Sat Jan 05 07:22:19 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Sat, 05 Jan 2013 07:22:19 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TrO58-0004np-08; Sat, 05 Jan 2013 07:22:14 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TrO57-0004nV-8K for xen-changelog@lists.xensource.com; Sat, 05 Jan 2013 07:22:13 +0000 Received: from [85.158.143.99:22336] by server-2.bemta-4.messagelabs.com id BE/26-30861-4A4D7E05; Sat, 05 Jan 2013 07:22:12 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-4.tower-216.messagelabs.com!1357370530!26657513!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 2114 invoked from network); 5 Jan 2013 07:22:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-4.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 5 Jan 2013 07:22:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TrO54-0004s6-50 for xen-changelog@lists.xensource.com; Sat, 05 Jan 2013 07:22:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TrO54-0005cF-0w for xen-changelog@lists.xensource.com; Sat, 05 Jan 2013 07:22:10 +0000 Message-Id: Date: Sat, 05 Jan 2013 07:22:09 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen: arm: fix guest register access. X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1356004388 0 # Node ID 509e9737e241010a3547689368ac1b7cb131e33c # Parent 7420b8f2fa51d2f45b8224511d5dee1242e1a303 xen: arm: fix guest register access. We weren't taking the guest mode (CPSR) into account and would always access the user version of the registers. Signed-off-by: Ian Campbell Acked-by: Tim Deegan Committed-by: Ian Campbell --- diff -r 7420b8f2fa51 -r 509e9737e241 xen/arch/arm/traps.c --- a/xen/arch/arm/traps.c Thu Dec 20 11:53:07 2012 +0000 +++ b/xen/arch/arm/traps.c Thu Dec 20 11:53:08 2012 +0000 @@ -73,6 +73,64 @@ static void print_xen_info(void) debug, print_tainted(taint_str)); } +uint32_t *select_user_reg(struct cpu_user_regs *regs, int reg) +{ + BUG_ON( guest_mode(regs) ); + + /* + * We rely heavily on the layout of cpu_user_regs to avoid having + * to handle all of the registers individually. Use BUILD_BUG_ON to + * ensure that things which expect are contiguous actually are. + */ +#define REGOFFS(R) offsetof(struct cpu_user_regs, R) + + switch ( reg ) { + case 0 ... 7: /* Unbanked registers */ + BUILD_BUG_ON(REGOFFS(r0) + 7*sizeof(uint32_t) != REGOFFS(r7)); + return ®s->r0 + reg; + case 8 ... 12: /* Register banked in FIQ mode */ + BUILD_BUG_ON(REGOFFS(r8_fiq) + 4*sizeof(uint32_t) != REGOFFS(r12_fiq)); + if ( fiq_mode(regs) ) + return ®s->r8_fiq + reg - 8; + else + return ®s->r8 + reg - 8; + case 13 ... 14: /* Banked SP + LR registers */ + BUILD_BUG_ON(REGOFFS(sp_fiq) + 1*sizeof(uint32_t) != REGOFFS(lr_fiq)); + BUILD_BUG_ON(REGOFFS(sp_irq) + 1*sizeof(uint32_t) != REGOFFS(lr_irq)); + BUILD_BUG_ON(REGOFFS(sp_svc) + 1*sizeof(uint32_t) != REGOFFS(lr_svc)); + BUILD_BUG_ON(REGOFFS(sp_abt) + 1*sizeof(uint32_t) != REGOFFS(lr_abt)); + BUILD_BUG_ON(REGOFFS(sp_und) + 1*sizeof(uint32_t) != REGOFFS(lr_und)); + switch ( regs->cpsr & PSR_MODE_MASK ) + { + case PSR_MODE_USR: + case PSR_MODE_SYS: /* Sys regs are the usr regs */ + if ( reg == 13 ) + return ®s->sp_usr; + else /* lr_usr == lr in a user frame */ + return ®s->lr; + case PSR_MODE_FIQ: + return ®s->sp_fiq + reg - 13; + case PSR_MODE_IRQ: + return ®s->sp_irq + reg - 13; + case PSR_MODE_SVC: + return ®s->sp_svc + reg - 13; + case PSR_MODE_ABT: + return ®s->sp_abt + reg - 13; + case PSR_MODE_UND: + return ®s->sp_und + reg - 13; + case PSR_MODE_MON: + case PSR_MODE_HYP: + default: + BUG(); + } + case 15: /* PC */ + return ®s->pc; + default: + BUG(); + } +#undef REGOFFS +} + static const char *decode_fsc(uint32_t fsc, int *level) { const char *msg = NULL; @@ -448,7 +506,7 @@ static void do_debug_trap(struct cpu_use switch ( code ) { case 0xe0 ... 0xef: reg = code - 0xe0; - r = ®s->r0 + reg; + r = select_user_reg(regs, reg); printk("DOM%d: R%d = %#010"PRIx32" at %#010"PRIx32"\n", domid, reg, *r, regs->pc); break; @@ -518,7 +576,7 @@ static void do_cp15_32(struct cpu_user_r union hsr hsr) { struct hsr_cp32 cp32 = hsr.cp32; - uint32_t *r = ®s->r0 + cp32.reg; + uint32_t *r = select_user_reg(regs, cp32.reg); if ( !cp32.ccvalid ) { dprintk(XENLOG_ERR, "cp_15(32): need to handle invalid condition codes\n"); diff -r 7420b8f2fa51 -r 509e9737e241 xen/arch/arm/vgic.c --- a/xen/arch/arm/vgic.c Thu Dec 20 11:53:07 2012 +0000 +++ b/xen/arch/arm/vgic.c Thu Dec 20 11:53:08 2012 +0000 @@ -160,7 +160,7 @@ static int vgic_distr_mmio_read(struct v { struct hsr_dabt dabt = info->dabt; struct cpu_user_regs *regs = guest_cpu_user_regs(); - uint32_t *r = ®s->r0 + dabt.reg; + uint32_t *r = select_user_reg(regs, dabt.reg); struct vgic_irq_rank *rank; int offset = (int)(info->gpa - VGIC_DISTR_BASE_ADDRESS); int gicd_reg = REG(offset); @@ -372,7 +372,7 @@ static int vgic_distr_mmio_write(struct { struct hsr_dabt dabt = info->dabt; struct cpu_user_regs *regs = guest_cpu_user_regs(); - uint32_t *r = ®s->r0 + dabt.reg; + uint32_t *r = select_user_reg(regs, dabt.reg); struct vgic_irq_rank *rank; int offset = (int)(info->gpa - VGIC_DISTR_BASE_ADDRESS); int gicd_reg = REG(offset); diff -r 7420b8f2fa51 -r 509e9737e241 xen/arch/arm/vpl011.c --- a/xen/arch/arm/vpl011.c Thu Dec 20 11:53:07 2012 +0000 +++ b/xen/arch/arm/vpl011.c Thu Dec 20 11:53:08 2012 +0000 @@ -92,7 +92,7 @@ static int uart0_mmio_read(struct vcpu * { struct hsr_dabt dabt = info->dabt; struct cpu_user_regs *regs = guest_cpu_user_regs(); - uint32_t *r = ®s->r0 + dabt.reg; + uint32_t *r = select_user_reg(regs, dabt.reg); int offset = (int)(info->gpa - UART0_START); switch ( offset ) @@ -114,7 +114,7 @@ static int uart0_mmio_write(struct vcpu { struct hsr_dabt dabt = info->dabt; struct cpu_user_regs *regs = guest_cpu_user_regs(); - uint32_t *r = ®s->r0 + dabt.reg; + uint32_t *r = select_user_reg(regs, dabt.reg); int offset = (int)(info->gpa - UART0_START); switch ( offset ) diff -r 7420b8f2fa51 -r 509e9737e241 xen/arch/arm/vtimer.c --- a/xen/arch/arm/vtimer.c Thu Dec 20 11:53:07 2012 +0000 +++ b/xen/arch/arm/vtimer.c Thu Dec 20 11:53:08 2012 +0000 @@ -22,6 +22,7 @@ #include #include #include +#include extern s_time_t ticks_to_ns(uint64_t ticks); extern uint64_t ns_to_ticks(s_time_t ns); @@ -49,7 +50,7 @@ static int vtimer_emulate_32(struct cpu_ { struct vcpu *v = current; struct hsr_cp32 cp32 = hsr.cp32; - uint32_t *r = ®s->r0 + cp32.reg; + uint32_t *r = select_user_reg(regs, cp32.reg); s_time_t now; switch ( hsr.bits & HSR_CP32_REGS_MASK ) @@ -101,8 +102,8 @@ static int vtimer_emulate_64(struct cpu_ { struct vcpu *v = current; struct hsr_cp64 cp64 = hsr.cp64; - uint32_t *r1 = ®s->r0 + cp64.reg1; - uint32_t *r2 = ®s->r0 + cp64.reg2; + uint32_t *r1 = select_user_reg(regs, cp64.reg1); + uint32_t *r2 = select_user_reg(regs, cp64.reg2); uint64_t ticks; s_time_t now; diff -r 7420b8f2fa51 -r 509e9737e241 xen/include/asm-arm/regs.h --- a/xen/include/asm-arm/regs.h Thu Dec 20 11:53:07 2012 +0000 +++ b/xen/include/asm-arm/regs.h Thu Dec 20 11:53:08 2012 +0000 @@ -30,6 +30,12 @@ #define return_reg(v) ((v)->arch.cpu_info->guest_cpu_user_regs.r0) +/* + * Returns a pointer to the given register value in regs, taking the + * processor mode (CPSR) into account. + */ +extern uint32_t *select_user_reg(struct cpu_user_regs *regs, int reg); + #endif /* __ARM_REGS_H__ */ /* * Local variables: _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Sat Jan 05 07:22:19 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Sat, 05 Jan 2013 07:22:19 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TrO58-0004np-08; Sat, 05 Jan 2013 07:22:14 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TrO57-0004nV-8K for xen-changelog@lists.xensource.com; Sat, 05 Jan 2013 07:22:13 +0000 Received: from [85.158.143.99:22336] by server-2.bemta-4.messagelabs.com id BE/26-30861-4A4D7E05; Sat, 05 Jan 2013 07:22:12 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-4.tower-216.messagelabs.com!1357370530!26657513!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 2114 invoked from network); 5 Jan 2013 07:22:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-4.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 5 Jan 2013 07:22:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TrO54-0004s6-50 for xen-changelog@lists.xensource.com; Sat, 05 Jan 2013 07:22:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TrO54-0005cF-0w for xen-changelog@lists.xensource.com; Sat, 05 Jan 2013 07:22:10 +0000 Message-Id: Date: Sat, 05 Jan 2013 07:22:09 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen: arm: fix guest register access. X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1356004388 0 # Node ID 509e9737e241010a3547689368ac1b7cb131e33c # Parent 7420b8f2fa51d2f45b8224511d5dee1242e1a303 xen: arm: fix guest register access. We weren't taking the guest mode (CPSR) into account and would always access the user version of the registers. Signed-off-by: Ian Campbell Acked-by: Tim Deegan Committed-by: Ian Campbell --- diff -r 7420b8f2fa51 -r 509e9737e241 xen/arch/arm/traps.c --- a/xen/arch/arm/traps.c Thu Dec 20 11:53:07 2012 +0000 +++ b/xen/arch/arm/traps.c Thu Dec 20 11:53:08 2012 +0000 @@ -73,6 +73,64 @@ static void print_xen_info(void) debug, print_tainted(taint_str)); } +uint32_t *select_user_reg(struct cpu_user_regs *regs, int reg) +{ + BUG_ON( guest_mode(regs) ); + + /* + * We rely heavily on the layout of cpu_user_regs to avoid having + * to handle all of the registers individually. Use BUILD_BUG_ON to + * ensure that things which expect are contiguous actually are. + */ +#define REGOFFS(R) offsetof(struct cpu_user_regs, R) + + switch ( reg ) { + case 0 ... 7: /* Unbanked registers */ + BUILD_BUG_ON(REGOFFS(r0) + 7*sizeof(uint32_t) != REGOFFS(r7)); + return ®s->r0 + reg; + case 8 ... 12: /* Register banked in FIQ mode */ + BUILD_BUG_ON(REGOFFS(r8_fiq) + 4*sizeof(uint32_t) != REGOFFS(r12_fiq)); + if ( fiq_mode(regs) ) + return ®s->r8_fiq + reg - 8; + else + return ®s->r8 + reg - 8; + case 13 ... 14: /* Banked SP + LR registers */ + BUILD_BUG_ON(REGOFFS(sp_fiq) + 1*sizeof(uint32_t) != REGOFFS(lr_fiq)); + BUILD_BUG_ON(REGOFFS(sp_irq) + 1*sizeof(uint32_t) != REGOFFS(lr_irq)); + BUILD_BUG_ON(REGOFFS(sp_svc) + 1*sizeof(uint32_t) != REGOFFS(lr_svc)); + BUILD_BUG_ON(REGOFFS(sp_abt) + 1*sizeof(uint32_t) != REGOFFS(lr_abt)); + BUILD_BUG_ON(REGOFFS(sp_und) + 1*sizeof(uint32_t) != REGOFFS(lr_und)); + switch ( regs->cpsr & PSR_MODE_MASK ) + { + case PSR_MODE_USR: + case PSR_MODE_SYS: /* Sys regs are the usr regs */ + if ( reg == 13 ) + return ®s->sp_usr; + else /* lr_usr == lr in a user frame */ + return ®s->lr; + case PSR_MODE_FIQ: + return ®s->sp_fiq + reg - 13; + case PSR_MODE_IRQ: + return ®s->sp_irq + reg - 13; + case PSR_MODE_SVC: + return ®s->sp_svc + reg - 13; + case PSR_MODE_ABT: + return ®s->sp_abt + reg - 13; + case PSR_MODE_UND: + return ®s->sp_und + reg - 13; + case PSR_MODE_MON: + case PSR_MODE_HYP: + default: + BUG(); + } + case 15: /* PC */ + return ®s->pc; + default: + BUG(); + } +#undef REGOFFS +} + static const char *decode_fsc(uint32_t fsc, int *level) { const char *msg = NULL; @@ -448,7 +506,7 @@ static void do_debug_trap(struct cpu_use switch ( code ) { case 0xe0 ... 0xef: reg = code - 0xe0; - r = ®s->r0 + reg; + r = select_user_reg(regs, reg); printk("DOM%d: R%d = %#010"PRIx32" at %#010"PRIx32"\n", domid, reg, *r, regs->pc); break; @@ -518,7 +576,7 @@ static void do_cp15_32(struct cpu_user_r union hsr hsr) { struct hsr_cp32 cp32 = hsr.cp32; - uint32_t *r = ®s->r0 + cp32.reg; + uint32_t *r = select_user_reg(regs, cp32.reg); if ( !cp32.ccvalid ) { dprintk(XENLOG_ERR, "cp_15(32): need to handle invalid condition codes\n"); diff -r 7420b8f2fa51 -r 509e9737e241 xen/arch/arm/vgic.c --- a/xen/arch/arm/vgic.c Thu Dec 20 11:53:07 2012 +0000 +++ b/xen/arch/arm/vgic.c Thu Dec 20 11:53:08 2012 +0000 @@ -160,7 +160,7 @@ static int vgic_distr_mmio_read(struct v { struct hsr_dabt dabt = info->dabt; struct cpu_user_regs *regs = guest_cpu_user_regs(); - uint32_t *r = ®s->r0 + dabt.reg; + uint32_t *r = select_user_reg(regs, dabt.reg); struct vgic_irq_rank *rank; int offset = (int)(info->gpa - VGIC_DISTR_BASE_ADDRESS); int gicd_reg = REG(offset); @@ -372,7 +372,7 @@ static int vgic_distr_mmio_write(struct { struct hsr_dabt dabt = info->dabt; struct cpu_user_regs *regs = guest_cpu_user_regs(); - uint32_t *r = ®s->r0 + dabt.reg; + uint32_t *r = select_user_reg(regs, dabt.reg); struct vgic_irq_rank *rank; int offset = (int)(info->gpa - VGIC_DISTR_BASE_ADDRESS); int gicd_reg = REG(offset); diff -r 7420b8f2fa51 -r 509e9737e241 xen/arch/arm/vpl011.c --- a/xen/arch/arm/vpl011.c Thu Dec 20 11:53:07 2012 +0000 +++ b/xen/arch/arm/vpl011.c Thu Dec 20 11:53:08 2012 +0000 @@ -92,7 +92,7 @@ static int uart0_mmio_read(struct vcpu * { struct hsr_dabt dabt = info->dabt; struct cpu_user_regs *regs = guest_cpu_user_regs(); - uint32_t *r = ®s->r0 + dabt.reg; + uint32_t *r = select_user_reg(regs, dabt.reg); int offset = (int)(info->gpa - UART0_START); switch ( offset ) @@ -114,7 +114,7 @@ static int uart0_mmio_write(struct vcpu { struct hsr_dabt dabt = info->dabt; struct cpu_user_regs *regs = guest_cpu_user_regs(); - uint32_t *r = ®s->r0 + dabt.reg; + uint32_t *r = select_user_reg(regs, dabt.reg); int offset = (int)(info->gpa - UART0_START); switch ( offset ) diff -r 7420b8f2fa51 -r 509e9737e241 xen/arch/arm/vtimer.c --- a/xen/arch/arm/vtimer.c Thu Dec 20 11:53:07 2012 +0000 +++ b/xen/arch/arm/vtimer.c Thu Dec 20 11:53:08 2012 +0000 @@ -22,6 +22,7 @@ #include #include #include +#include extern s_time_t ticks_to_ns(uint64_t ticks); extern uint64_t ns_to_ticks(s_time_t ns); @@ -49,7 +50,7 @@ static int vtimer_emulate_32(struct cpu_ { struct vcpu *v = current; struct hsr_cp32 cp32 = hsr.cp32; - uint32_t *r = ®s->r0 + cp32.reg; + uint32_t *r = select_user_reg(regs, cp32.reg); s_time_t now; switch ( hsr.bits & HSR_CP32_REGS_MASK ) @@ -101,8 +102,8 @@ static int vtimer_emulate_64(struct cpu_ { struct vcpu *v = current; struct hsr_cp64 cp64 = hsr.cp64; - uint32_t *r1 = ®s->r0 + cp64.reg1; - uint32_t *r2 = ®s->r0 + cp64.reg2; + uint32_t *r1 = select_user_reg(regs, cp64.reg1); + uint32_t *r2 = select_user_reg(regs, cp64.reg2); uint64_t ticks; s_time_t now; diff -r 7420b8f2fa51 -r 509e9737e241 xen/include/asm-arm/regs.h --- a/xen/include/asm-arm/regs.h Thu Dec 20 11:53:07 2012 +0000 +++ b/xen/include/asm-arm/regs.h Thu Dec 20 11:53:08 2012 +0000 @@ -30,6 +30,12 @@ #define return_reg(v) ((v)->arch.cpu_info->guest_cpu_user_regs.r0) +/* + * Returns a pointer to the given register value in regs, taking the + * processor mode (CPSR) into account. + */ +extern uint32_t *select_user_reg(struct cpu_user_regs *regs, int reg); + #endif /* __ARM_REGS_H__ */ /* * Local variables: _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Sat Jan 05 07:22:19 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Sat, 05 Jan 2013 07:22:19 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TrO57-0004ne-Qr; Sat, 05 Jan 2013 07:22:13 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TrO55-0004nL-Sy for xen-changelog@lists.xensource.com; Sat, 05 Jan 2013 07:22:12 +0000 Received: from [85.158.139.83:40049] by server-5.bemta-5.messagelabs.com id AD/9D-22648-3A4D7E05; Sat, 05 Jan 2013 07:22:11 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-11.tower-182.messagelabs.com!1357370529!25081068!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 12825 invoked from network); 5 Jan 2013 07:22:10 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-11.tower-182.messagelabs.com with AES256-SHA encrypted SMTP; 5 Jan 2013 07:22:10 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TrO53-0004s1-Bu for xen-changelog@lists.xensource.com; Sat, 05 Jan 2013 07:22:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TrO52-0005bl-QY for xen-changelog@lists.xensource.com; Sat, 05 Jan 2013 07:22:08 +0000 Message-Id: Date: Sat, 05 Jan 2013 07:22:08 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] passthrough/domctl: use correct struct in union X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Andrew Cooper # Date 1357290407 -3600 # Node ID 8fd5635f451b073ddc99e928c975e8a7743d1321 # Parent c4114a042410d3bdec3a77c30b2e85366d7fbe1d passthrough/domctl: use correct struct in union This appears to be a copy paste error from c/s 23861:ec7c81fbe0de. It is safe, functionally speaking, as both the xen_domctl_assign_device and xen_domctl_get_device_group structure start with a 'uint32_t machine_sbdf'. We should however use the correct union structure. Signed-off-by: Andrew Cooper Committed-by: Jan Beulich --- diff -r c4114a042410 -r 8fd5635f451b xen/drivers/passthrough/iommu.c --- a/xen/drivers/passthrough/iommu.c Fri Dec 21 17:05:38 2012 +0000 +++ b/xen/drivers/passthrough/iommu.c Fri Jan 04 10:06:47 2013 +0100 @@ -591,7 +591,7 @@ int iommu_do_domctl( if ( ret ) break; - seg = domctl->u.get_device_group.machine_sbdf >> 16; + seg = domctl->u.assign_device.machine_sbdf >> 16; bus = (domctl->u.assign_device.machine_sbdf >> 8) & 0xff; devfn = domctl->u.assign_device.machine_sbdf & 0xff; @@ -615,7 +615,7 @@ int iommu_do_domctl( if ( ret ) break; - seg = domctl->u.get_device_group.machine_sbdf >> 16; + seg = domctl->u.assign_device.machine_sbdf >> 16; bus = (domctl->u.assign_device.machine_sbdf >> 8) & 0xff; devfn = domctl->u.assign_device.machine_sbdf & 0xff; @@ -634,7 +634,7 @@ int iommu_do_domctl( if ( ret ) break; - seg = domctl->u.get_device_group.machine_sbdf >> 16; + seg = domctl->u.assign_device.machine_sbdf >> 16; bus = (domctl->u.assign_device.machine_sbdf >> 8) & 0xff; devfn = domctl->u.assign_device.machine_sbdf & 0xff; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Sat Jan 05 07:22:19 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Sat, 05 Jan 2013 07:22:19 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TrO57-0004ne-Qr; Sat, 05 Jan 2013 07:22:13 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TrO55-0004nL-Sy for xen-changelog@lists.xensource.com; Sat, 05 Jan 2013 07:22:12 +0000 Received: from [85.158.139.83:40049] by server-5.bemta-5.messagelabs.com id AD/9D-22648-3A4D7E05; Sat, 05 Jan 2013 07:22:11 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-11.tower-182.messagelabs.com!1357370529!25081068!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 12825 invoked from network); 5 Jan 2013 07:22:10 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-11.tower-182.messagelabs.com with AES256-SHA encrypted SMTP; 5 Jan 2013 07:22:10 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TrO53-0004s1-Bu for xen-changelog@lists.xensource.com; Sat, 05 Jan 2013 07:22:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TrO52-0005bl-QY for xen-changelog@lists.xensource.com; Sat, 05 Jan 2013 07:22:08 +0000 Message-Id: Date: Sat, 05 Jan 2013 07:22:08 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] passthrough/domctl: use correct struct in union X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Andrew Cooper # Date 1357290407 -3600 # Node ID 8fd5635f451b073ddc99e928c975e8a7743d1321 # Parent c4114a042410d3bdec3a77c30b2e85366d7fbe1d passthrough/domctl: use correct struct in union This appears to be a copy paste error from c/s 23861:ec7c81fbe0de. It is safe, functionally speaking, as both the xen_domctl_assign_device and xen_domctl_get_device_group structure start with a 'uint32_t machine_sbdf'. We should however use the correct union structure. Signed-off-by: Andrew Cooper Committed-by: Jan Beulich --- diff -r c4114a042410 -r 8fd5635f451b xen/drivers/passthrough/iommu.c --- a/xen/drivers/passthrough/iommu.c Fri Dec 21 17:05:38 2012 +0000 +++ b/xen/drivers/passthrough/iommu.c Fri Jan 04 10:06:47 2013 +0100 @@ -591,7 +591,7 @@ int iommu_do_domctl( if ( ret ) break; - seg = domctl->u.get_device_group.machine_sbdf >> 16; + seg = domctl->u.assign_device.machine_sbdf >> 16; bus = (domctl->u.assign_device.machine_sbdf >> 8) & 0xff; devfn = domctl->u.assign_device.machine_sbdf & 0xff; @@ -615,7 +615,7 @@ int iommu_do_domctl( if ( ret ) break; - seg = domctl->u.get_device_group.machine_sbdf >> 16; + seg = domctl->u.assign_device.machine_sbdf >> 16; bus = (domctl->u.assign_device.machine_sbdf >> 8) & 0xff; devfn = domctl->u.assign_device.machine_sbdf & 0xff; @@ -634,7 +634,7 @@ int iommu_do_domctl( if ( ret ) break; - seg = domctl->u.get_device_group.machine_sbdf >> 16; + seg = domctl->u.assign_device.machine_sbdf >> 16; bus = (domctl->u.assign_device.machine_sbdf >> 8) & 0xff; devfn = domctl->u.assign_device.machine_sbdf & 0xff; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Sat Jan 05 07:22:18 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Sat, 05 Jan 2013 07:22:18 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TrO57-0004nk-TT; Sat, 05 Jan 2013 07:22:13 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TrO56-0004nM-KL for xen-changelog@lists.xensource.com; Sat, 05 Jan 2013 07:22:12 +0000 Received: from [193.109.254.147:3417] by server-16.bemta-14.messagelabs.com id EB/A0-18932-3A4D7E05; Sat, 05 Jan 2013 07:22:11 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-6.tower-27.messagelabs.com!1357370530!4951207!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 30005 invoked from network); 5 Jan 2013 07:22:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-6.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 5 Jan 2013 07:22:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TrO53-0004s4-Se for xen-changelog@lists.xensource.com; Sat, 05 Jan 2013 07:22:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TrO53-0005c0-FV for xen-changelog@lists.xensource.com; Sat, 05 Jan 2013 07:22:09 +0000 Message-Id: Date: Sat, 05 Jan 2013 07:22:08 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] arm: trim pagetable flag definitions to fit in 80 characters X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Tim Deegan # Date 1356004387 0 # Node ID 7420b8f2fa51d2f45b8224511d5dee1242e1a303 # Parent 6f5c96855a9e95d8b3919e289ed7dde38ef83a00 arm: trim pagetable flag definitions to fit in 80 characters Signed-off-by: Tim Deegan Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r 6f5c96855a9e -r 7420b8f2fa51 xen/arch/arm/arm32/head.S --- a/xen/arch/arm/arm32/head.S Thu Dec 20 11:00:32 2012 +0100 +++ b/xen/arch/arm/arm32/head.S Thu Dec 20 11:53:07 2012 +0000 @@ -24,10 +24,10 @@ #define ZIMAGE_MAGIC_NUMBER 0x016f2818 -#define PT_PT 0xe7f /* nG=1, AF=1, SH=10, AP=01, NS=1, ATTR=111, T=1, P=1 */ -#define PT_MEM 0xe7d /* nG=1, AF=1, SH=10, AP=01, NS=1, ATTR=111, T=0, P=1 */ -#define PT_DEV 0xe71 /* nG=1, AF=1, SH=10, AP=01, NS=1, ATTR=100, T=0, P=1 */ -#define PT_DEV_L3 0xe73 /* lev3: nG=1, AF=1, SH=10, AP=01, NS=1, ATTR=100, T=1, P=1 */ +#define PT_PT 0xe7f /* nG=1 AF=1 SH=10 AP=01 NS=1 ATTR=111 T=1 P=1 */ +#define PT_MEM 0xe7d /* nG=1 AF=1 SH=10 AP=01 NS=1 ATTR=111 T=0 P=1 */ +#define PT_DEV 0xe71 /* nG=1 AF=1 SH=10 AP=01 NS=1 ATTR=100 T=0 P=1 */ +#define PT_DEV_L3 0xe73 /* nG=1 AF=1 SH=10 AP=01 NS=1 ATTR=100 T=1 P=1 */ #define PT_UPPER(x) (PT_##x & 0xf00) #define PT_LOWER(x) (PT_##x & 0x0ff) _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Sat Jan 05 07:22:20 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Sat, 05 Jan 2013 07:22:20 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TrO59-0004o4-2o; Sat, 05 Jan 2013 07:22:15 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TrO57-0004nZ-PV for xen-changelog@lists.xensource.com; Sat, 05 Jan 2013 07:22:14 +0000 Received: from [85.158.138.51:58403] by server-2.bemta-3.messagelabs.com id 34/35-11239-4A4D7E05; Sat, 05 Jan 2013 07:22:12 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-3.tower-174.messagelabs.com!1357370530!23221030!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 23325 invoked from network); 5 Jan 2013 07:22:12 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-3.tower-174.messagelabs.com with AES256-SHA encrypted SMTP; 5 Jan 2013 07:22:12 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TrO54-0004sA-MC for xen-changelog@lists.xensource.com; Sat, 05 Jan 2013 07:22:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TrO54-0005cU-Hu for xen-changelog@lists.xensource.com; Sat, 05 Jan 2013 07:22:10 +0000 Message-Id: Date: Sat, 05 Jan 2013 07:22:10 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] merge X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1357315117 0 # Node ID 64b36dde26bc3c4fc80312cc9eeb0e511f0cf94b # Parent 509e9737e241010a3547689368ac1b7cb131e33c # Parent 8fd5635f451b073ddc99e928c975e8a7743d1321 merge --- diff -r 509e9737e241 -r 64b36dde26bc tools/tests/Makefile --- a/tools/tests/Makefile Thu Dec 20 11:53:08 2012 +0000 +++ b/tools/tests/Makefile Fri Jan 04 15:58:37 2013 +0000 @@ -5,12 +5,12 @@ CFLAGS += $(CFLAGS_libxenctrl) LDLIBS += $(LDLIBS_libxenctrl) SUBDIRS-y := -SUBDIRS-y += mce-test +SUBDIRS-$(CONFIG_X86) += mce-test SUBDIRS-y += mem-sharing ifeq ($(XEN_TARGET_ARCH),__fixme__) SUBDIRS-y += regression endif -SUBDIRS-y += x86_emulator +SUBDIRS-$(CONFIG_X86) += x86_emulator SUBDIRS-y += xen-access .PHONY: all clean install distclean diff -r 509e9737e241 -r 64b36dde26bc xen/drivers/passthrough/iommu.c --- a/xen/drivers/passthrough/iommu.c Thu Dec 20 11:53:08 2012 +0000 +++ b/xen/drivers/passthrough/iommu.c Fri Jan 04 15:58:37 2013 +0000 @@ -591,7 +591,7 @@ int iommu_do_domctl( if ( ret ) break; - seg = domctl->u.get_device_group.machine_sbdf >> 16; + seg = domctl->u.assign_device.machine_sbdf >> 16; bus = (domctl->u.assign_device.machine_sbdf >> 8) & 0xff; devfn = domctl->u.assign_device.machine_sbdf & 0xff; @@ -615,7 +615,7 @@ int iommu_do_domctl( if ( ret ) break; - seg = domctl->u.get_device_group.machine_sbdf >> 16; + seg = domctl->u.assign_device.machine_sbdf >> 16; bus = (domctl->u.assign_device.machine_sbdf >> 8) & 0xff; devfn = domctl->u.assign_device.machine_sbdf & 0xff; @@ -634,7 +634,7 @@ int iommu_do_domctl( if ( ret ) break; - seg = domctl->u.get_device_group.machine_sbdf >> 16; + seg = domctl->u.assign_device.machine_sbdf >> 16; bus = (domctl->u.assign_device.machine_sbdf >> 8) & 0xff; devfn = domctl->u.assign_device.machine_sbdf & 0xff; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Sat Jan 05 07:22:20 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Sat, 05 Jan 2013 07:22:20 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TrO59-0004o4-2o; Sat, 05 Jan 2013 07:22:15 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TrO57-0004nZ-PV for xen-changelog@lists.xensource.com; Sat, 05 Jan 2013 07:22:14 +0000 Received: from [85.158.138.51:58403] by server-2.bemta-3.messagelabs.com id 34/35-11239-4A4D7E05; Sat, 05 Jan 2013 07:22:12 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-3.tower-174.messagelabs.com!1357370530!23221030!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 23325 invoked from network); 5 Jan 2013 07:22:12 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-3.tower-174.messagelabs.com with AES256-SHA encrypted SMTP; 5 Jan 2013 07:22:12 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TrO54-0004sA-MC for xen-changelog@lists.xensource.com; Sat, 05 Jan 2013 07:22:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TrO54-0005cU-Hu for xen-changelog@lists.xensource.com; Sat, 05 Jan 2013 07:22:10 +0000 Message-Id: Date: Sat, 05 Jan 2013 07:22:10 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] merge X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1357315117 0 # Node ID 64b36dde26bc3c4fc80312cc9eeb0e511f0cf94b # Parent 509e9737e241010a3547689368ac1b7cb131e33c # Parent 8fd5635f451b073ddc99e928c975e8a7743d1321 merge --- diff -r 509e9737e241 -r 64b36dde26bc tools/tests/Makefile --- a/tools/tests/Makefile Thu Dec 20 11:53:08 2012 +0000 +++ b/tools/tests/Makefile Fri Jan 04 15:58:37 2013 +0000 @@ -5,12 +5,12 @@ CFLAGS += $(CFLAGS_libxenctrl) LDLIBS += $(LDLIBS_libxenctrl) SUBDIRS-y := -SUBDIRS-y += mce-test +SUBDIRS-$(CONFIG_X86) += mce-test SUBDIRS-y += mem-sharing ifeq ($(XEN_TARGET_ARCH),__fixme__) SUBDIRS-y += regression endif -SUBDIRS-y += x86_emulator +SUBDIRS-$(CONFIG_X86) += x86_emulator SUBDIRS-y += xen-access .PHONY: all clean install distclean diff -r 509e9737e241 -r 64b36dde26bc xen/drivers/passthrough/iommu.c --- a/xen/drivers/passthrough/iommu.c Thu Dec 20 11:53:08 2012 +0000 +++ b/xen/drivers/passthrough/iommu.c Fri Jan 04 15:58:37 2013 +0000 @@ -591,7 +591,7 @@ int iommu_do_domctl( if ( ret ) break; - seg = domctl->u.get_device_group.machine_sbdf >> 16; + seg = domctl->u.assign_device.machine_sbdf >> 16; bus = (domctl->u.assign_device.machine_sbdf >> 8) & 0xff; devfn = domctl->u.assign_device.machine_sbdf & 0xff; @@ -615,7 +615,7 @@ int iommu_do_domctl( if ( ret ) break; - seg = domctl->u.get_device_group.machine_sbdf >> 16; + seg = domctl->u.assign_device.machine_sbdf >> 16; bus = (domctl->u.assign_device.machine_sbdf >> 8) & 0xff; devfn = domctl->u.assign_device.machine_sbdf & 0xff; @@ -634,7 +634,7 @@ int iommu_do_domctl( if ( ret ) break; - seg = domctl->u.get_device_group.machine_sbdf >> 16; + seg = domctl->u.assign_device.machine_sbdf >> 16; bus = (domctl->u.assign_device.machine_sbdf >> 8) & 0xff; devfn = domctl->u.assign_device.machine_sbdf & 0xff; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 07 23:44:27 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 07 Jan 2013 23:44:27 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsMMd-0004PW-Hz; Mon, 07 Jan 2013 23:44:19 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsMMc-0004PQ-Ad for xen-changelog@lists.xensource.com; Mon, 07 Jan 2013 23:44:18 +0000 Received: from [193.109.254.147:15588] by server-14.bemta-14.messagelabs.com id DE/50-10022-1DD5BE05; Mon, 07 Jan 2013 23:44:17 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-13.tower-27.messagelabs.com!1357602250!8568073!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 2527 invoked from network); 7 Jan 2013 23:44:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-13.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 7 Jan 2013 23:44:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsMMU-0003vn-28 for xen-changelog@lists.xensource.com; Mon, 07 Jan 2013 23:44:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TsMMT-00087Q-JK for xen-changelog@lists.xensource.com; Mon, 07 Jan 2013 23:44:09 +0000 Message-Id: Date: Mon, 07 Jan 2013 23:44:09 +0000 From: Xen patchbot-4.2-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.2-testing] x86: fix assertion in get_page_type() X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357565076 -3600 # Node ID 7dad27b2bcc7ec42c6f76b04c3a5a94bc6b49a0f # Parent 5acb5967d718c9ff5a15ce7462b58036c8d3afc8 x86: fix assertion in get_page_type() c/s 22998:e9fab50d7b61 (and immediately following ones) made it possible that __get_page_type() returns other than -EINVAL, in particular -EBUSY. Consequently, the assertion in get_page_type() should check for only the return values we absolutely don't expect to see there. This is XSA-37 / CVE-2013-0154. Signed-off-by: Jan Beulich xen-unstable changeset: 26333:e1facbde56ff xen-unstable date: Mon Jan 7 13:20:26 UTC 2013 --- diff -r 5acb5967d718 -r 7dad27b2bcc7 xen/arch/x86/mm.c --- a/xen/arch/x86/mm.c Wed Dec 19 12:58:07 2012 +0100 +++ b/xen/arch/x86/mm.c Mon Jan 07 14:24:36 2013 +0100 @@ -2586,7 +2586,7 @@ int get_page_type(struct page_info *page int rc = __get_page_type(page, type, 0); if ( likely(rc == 0) ) return 1; - ASSERT(rc == -EINVAL); + ASSERT(rc != -EINTR && rc != -EAGAIN); return 0; } _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 07 23:44:27 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 07 Jan 2013 23:44:27 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsMMd-0004PW-Hz; Mon, 07 Jan 2013 23:44:19 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsMMc-0004PQ-Ad for xen-changelog@lists.xensource.com; Mon, 07 Jan 2013 23:44:18 +0000 Received: from [193.109.254.147:15588] by server-14.bemta-14.messagelabs.com id DE/50-10022-1DD5BE05; Mon, 07 Jan 2013 23:44:17 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-13.tower-27.messagelabs.com!1357602250!8568073!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 2527 invoked from network); 7 Jan 2013 23:44:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-13.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 7 Jan 2013 23:44:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsMMU-0003vn-28 for xen-changelog@lists.xensource.com; Mon, 07 Jan 2013 23:44:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TsMMT-00087Q-JK for xen-changelog@lists.xensource.com; Mon, 07 Jan 2013 23:44:09 +0000 Message-Id: Date: Mon, 07 Jan 2013 23:44:09 +0000 From: Xen patchbot-4.2-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.2-testing] x86: fix assertion in get_page_type() X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357565076 -3600 # Node ID 7dad27b2bcc7ec42c6f76b04c3a5a94bc6b49a0f # Parent 5acb5967d718c9ff5a15ce7462b58036c8d3afc8 x86: fix assertion in get_page_type() c/s 22998:e9fab50d7b61 (and immediately following ones) made it possible that __get_page_type() returns other than -EINVAL, in particular -EBUSY. Consequently, the assertion in get_page_type() should check for only the return values we absolutely don't expect to see there. This is XSA-37 / CVE-2013-0154. Signed-off-by: Jan Beulich xen-unstable changeset: 26333:e1facbde56ff xen-unstable date: Mon Jan 7 13:20:26 UTC 2013 --- diff -r 5acb5967d718 -r 7dad27b2bcc7 xen/arch/x86/mm.c --- a/xen/arch/x86/mm.c Wed Dec 19 12:58:07 2012 +0100 +++ b/xen/arch/x86/mm.c Mon Jan 07 14:24:36 2013 +0100 @@ -2586,7 +2586,7 @@ int get_page_type(struct page_info *page int rc = __get_page_type(page, type, 0); if ( likely(rc == 0) ) return 1; - ASSERT(rc == -EINVAL); + ASSERT(rc != -EINTR && rc != -EAGAIN); return 0; } _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 08 13:22:18 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 08 Jan 2013 13:22:18 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ89-0001RE-9L; Tue, 08 Jan 2013 13:22:13 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ88-0001R8-Ey for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:12 +0000 Received: from [85.158.139.211:10465] by server-6.bemta-5.messagelabs.com id D4/D4-30498-38D1CE05; Tue, 08 Jan 2013 13:22:11 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-15.tower-206.messagelabs.com!1357651329!22508278!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 16155 invoked from network); 8 Jan 2013 13:22:10 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-15.tower-206.messagelabs.com with AES256-SHA encrypted SMTP; 8 Jan 2013 13:22:10 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ84-0003OW-PX for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:08 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TsZ84-0003ye-BK for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:08 +0000 Message-Id: Date: Tue, 08 Jan 2013 13:22:07 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] IOMMU: adjust (re)assign operation parameters X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357559364 -3600 # Node ID 62dd78a4e3fc9d190840549f13b4d613f2d19c41 # Parent 64b36dde26bc3c4fc80312cc9eeb0e511f0cf94b IOMMU: adjust (re)assign operation parameters ... to use a (struct pci_dev *, devfn) pair. Signed-off-by: Jan Beulich Acked-by: "Zhang, Xiantao" --- diff -r 64b36dde26bc -r 62dd78a4e3fc xen/drivers/passthrough/amd/pci_amd_iommu.c --- a/xen/drivers/passthrough/amd/pci_amd_iommu.c Fri Jan 04 15:58:37 2013 +0000 +++ b/xen/drivers/passthrough/amd/pci_amd_iommu.c Mon Jan 07 12:49:24 2013 +0100 @@ -332,34 +332,31 @@ void amd_iommu_disable_domain_device(str disable_ats_device(iommu->seg, bus, devfn); } -static int reassign_device( struct domain *source, struct domain *target, - u16 seg, u8 bus, u8 devfn) +static int reassign_device(struct domain *source, struct domain *target, + u8 devfn, struct pci_dev *pdev) { - struct pci_dev *pdev; struct amd_iommu *iommu; int bdf; struct hvm_iommu *t = domain_hvm_iommu(target); - ASSERT(spin_is_locked(&pcidevs_lock)); - pdev = pci_get_pdev_by_domain(source, seg, bus, devfn); - if ( !pdev ) - return -ENODEV; - - bdf = PCI_BDF2(bus, devfn); - iommu = find_iommu_for_device(seg, bdf); + bdf = PCI_BDF2(pdev->bus, pdev->devfn); + iommu = find_iommu_for_device(pdev->seg, bdf); if ( !iommu ) { AMD_IOMMU_DEBUG("Fail to find iommu." " %04x:%02x:%x02.%x cannot be assigned to dom%d\n", - seg, bus, PCI_SLOT(devfn), PCI_FUNC(devfn), + pdev->seg, pdev->bus, PCI_SLOT(devfn), PCI_FUNC(devfn), target->domain_id); return -ENODEV; } amd_iommu_disable_domain_device(source, iommu, bdf); - list_move(&pdev->domain_list, &target->arch.pdev_list); - pdev->domain = target; + if ( devfn == pdev->devfn ) + { + list_move(&pdev->domain_list, &target->arch.pdev_list); + pdev->domain = target; + } /* IO page tables might be destroyed after pci-detach the last device * In this case, we have to re-allocate root table for next pci-attach.*/ @@ -368,17 +365,18 @@ static int reassign_device( struct domai amd_iommu_setup_domain_device(target, iommu, bdf); AMD_IOMMU_DEBUG("Re-assign %04x:%02x:%02x.%u from dom%d to dom%d\n", - seg, bus, PCI_SLOT(devfn), PCI_FUNC(devfn), + pdev->seg, pdev->bus, PCI_SLOT(devfn), PCI_FUNC(devfn), source->domain_id, target->domain_id); return 0; } -static int amd_iommu_assign_device(struct domain *d, u16 seg, u8 bus, u8 devfn) +static int amd_iommu_assign_device(struct domain *d, u8 devfn, + struct pci_dev *pdev) { - struct ivrs_mappings *ivrs_mappings = get_ivrs_mappings(seg); - int bdf = PCI_BDF2(bus, devfn); - int req_id = get_dma_requestor_id(seg, bdf); + struct ivrs_mappings *ivrs_mappings = get_ivrs_mappings(pdev->seg); + int bdf = PCI_BDF2(pdev->bus, devfn); + int req_id = get_dma_requestor_id(pdev->seg, bdf); if ( ivrs_mappings[req_id].unity_map_enable ) { @@ -390,7 +388,7 @@ static int amd_iommu_assign_device(struc ivrs_mappings[req_id].read_permission); } - return reassign_device(dom0, d, seg, bus, devfn); + return reassign_device(dom0, d, devfn, pdev); } static void deallocate_next_page_table(struct page_info* pg, int level) @@ -451,12 +449,6 @@ static void amd_iommu_domain_destroy(str amd_iommu_flush_all_pages(d); } -static int amd_iommu_return_device( - struct domain *s, struct domain *t, u16 seg, u8 bus, u8 devfn) -{ - return reassign_device(s, t, seg, bus, devfn); -} - static int amd_iommu_add_device(struct pci_dev *pdev) { struct amd_iommu *iommu; @@ -593,7 +585,7 @@ const struct iommu_ops amd_iommu_ops = { .teardown = amd_iommu_domain_destroy, .map_page = amd_iommu_map_page, .unmap_page = amd_iommu_unmap_page, - .reassign_device = amd_iommu_return_device, + .reassign_device = reassign_device, .get_device_group_id = amd_iommu_group_id, .update_ire_from_apic = amd_iommu_ioapic_update_ire, .update_ire_from_msi = amd_iommu_msi_msg_update_ire, diff -r 64b36dde26bc -r 62dd78a4e3fc xen/drivers/passthrough/iommu.c --- a/xen/drivers/passthrough/iommu.c Fri Jan 04 15:58:37 2013 +0000 +++ b/xen/drivers/passthrough/iommu.c Mon Jan 07 12:49:24 2013 +0100 @@ -233,11 +233,16 @@ static int assign_device(struct domain * return -EXDEV; spin_lock(&pcidevs_lock); - pdev = pci_get_pdev(seg, bus, devfn); - if ( pdev ) - pdev->fault.count = 0; + pdev = pci_get_pdev_by_domain(dom0, seg, bus, devfn); + if ( !pdev ) + { + rc = pci_get_pdev(seg, bus, devfn) ? -EBUSY : -ENODEV; + goto done; + } - if ( (rc = hd->platform_ops->assign_device(d, seg, bus, devfn)) ) + pdev->fault.count = 0; + + if ( (rc = hd->platform_ops->assign_device(d, devfn, pdev)) ) goto done; if ( has_arch_pdevs(d) && !need_iommu(d) ) @@ -368,18 +373,11 @@ int deassign_device(struct domain *d, u1 return -EINVAL; ASSERT(spin_is_locked(&pcidevs_lock)); - pdev = pci_get_pdev(seg, bus, devfn); + pdev = pci_get_pdev_by_domain(d, seg, bus, devfn); if ( !pdev ) return -ENODEV; - if ( pdev->domain != d ) - { - dprintk(XENLOG_G_ERR, - "d%d: deassign a device not owned\n", d->domain_id); - return -EINVAL; - } - - ret = hd->platform_ops->reassign_device(d, dom0, seg, bus, devfn); + ret = hd->platform_ops->reassign_device(d, dom0, devfn, pdev); if ( ret ) { dprintk(XENLOG_G_ERR, diff -r 64b36dde26bc -r 62dd78a4e3fc xen/drivers/passthrough/vtd/iommu.c --- a/xen/drivers/passthrough/vtd/iommu.c Fri Jan 04 15:58:37 2013 +0000 +++ b/xen/drivers/passthrough/vtd/iommu.c Mon Jan 07 12:49:24 2013 +0100 @@ -1658,17 +1658,10 @@ out: static int reassign_device_ownership( struct domain *source, struct domain *target, - u16 seg, u8 bus, u8 devfn) + u8 devfn, struct pci_dev *pdev) { - struct pci_dev *pdev; int ret; - ASSERT(spin_is_locked(&pcidevs_lock)); - pdev = pci_get_pdev_by_domain(source, seg, bus, devfn); - - if (!pdev) - return -ENODEV; - /* * Devices assigned to untrusted domains (here assumed to be any domU) * can attempt to send arbitrary LAPIC/MSI messages. We are unprotected @@ -1677,16 +1670,19 @@ static int reassign_device_ownership( if ( (target != dom0) && !iommu_intremap ) untrusted_msi = 1; - ret = domain_context_unmap(source, seg, bus, devfn); + ret = domain_context_unmap(source, pdev->seg, pdev->bus, devfn); if ( ret ) return ret; - ret = domain_context_mapping(target, seg, bus, devfn); + ret = domain_context_mapping(target, pdev->seg, pdev->bus, devfn); if ( ret ) return ret; - list_move(&pdev->domain_list, &target->arch.pdev_list); - pdev->domain = target; + if ( devfn == pdev->devfn ) + { + list_move(&pdev->domain_list, &target->arch.pdev_list); + pdev->domain = target; + } return ret; } @@ -2202,36 +2198,26 @@ int __init intel_vtd_setup(void) } static int intel_iommu_assign_device( - struct domain *d, u16 seg, u8 bus, u8 devfn) + struct domain *d, u8 devfn, struct pci_dev *pdev) { struct acpi_rmrr_unit *rmrr; int ret = 0, i; - struct pci_dev *pdev; - u16 bdf; + u16 bdf, seg; + u8 bus; if ( list_empty(&acpi_drhd_units) ) return -ENODEV; - ASSERT(spin_is_locked(&pcidevs_lock)); - pdev = pci_get_pdev(seg, bus, devfn); - if (!pdev) - return -ENODEV; - - if (pdev->domain != dom0) - { - dprintk(XENLOG_ERR VTDPREFIX, - "IOMMU: assign a assigned device\n"); - return -EBUSY; - } - - ret = reassign_device_ownership(dom0, d, seg, bus, devfn); + ret = reassign_device_ownership(dom0, d, devfn, pdev); if ( ret ) goto done; /* FIXME: Because USB RMRR conflicts with guest bios region, * ignore USB RMRR temporarily. */ - if ( is_usb_device(seg, bus, devfn) ) + seg = pdev->seg; + bus = pdev->bus; + if ( is_usb_device(seg, bus, pdev->devfn) ) { ret = 0; goto done; diff -r 64b36dde26bc -r 62dd78a4e3fc xen/include/xen/iommu.h --- a/xen/include/xen/iommu.h Fri Jan 04 15:58:37 2013 +0000 +++ b/xen/include/xen/iommu.h Mon Jan 07 12:49:24 2013 +0100 @@ -97,13 +97,13 @@ struct iommu_ops { int (*add_device)(struct pci_dev *pdev); int (*enable_device)(struct pci_dev *pdev); int (*remove_device)(struct pci_dev *pdev); - int (*assign_device)(struct domain *d, u16 seg, u8 bus, u8 devfn); + int (*assign_device)(struct domain *, u8 devfn, struct pci_dev *); void (*teardown)(struct domain *d); int (*map_page)(struct domain *d, unsigned long gfn, unsigned long mfn, unsigned int flags); int (*unmap_page)(struct domain *d, unsigned long gfn); int (*reassign_device)(struct domain *s, struct domain *t, - u16 seg, u8 bus, u8 devfn); + u8 devfn, struct pci_dev *); int (*get_device_group_id)(u16 seg, u8 bus, u8 devfn); void (*update_ire_from_apic)(unsigned int apic, unsigned int reg, unsigned int value); void (*update_ire_from_msi)(struct msi_desc *msi_desc, struct msi_msg *msg); _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 08 13:22:18 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 08 Jan 2013 13:22:18 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ89-0001RE-9L; Tue, 08 Jan 2013 13:22:13 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ88-0001R8-Ey for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:12 +0000 Received: from [85.158.139.211:10465] by server-6.bemta-5.messagelabs.com id D4/D4-30498-38D1CE05; Tue, 08 Jan 2013 13:22:11 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-15.tower-206.messagelabs.com!1357651329!22508278!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 16155 invoked from network); 8 Jan 2013 13:22:10 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-15.tower-206.messagelabs.com with AES256-SHA encrypted SMTP; 8 Jan 2013 13:22:10 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ84-0003OW-PX for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:08 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TsZ84-0003ye-BK for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:08 +0000 Message-Id: Date: Tue, 08 Jan 2013 13:22:07 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] IOMMU: adjust (re)assign operation parameters X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357559364 -3600 # Node ID 62dd78a4e3fc9d190840549f13b4d613f2d19c41 # Parent 64b36dde26bc3c4fc80312cc9eeb0e511f0cf94b IOMMU: adjust (re)assign operation parameters ... to use a (struct pci_dev *, devfn) pair. Signed-off-by: Jan Beulich Acked-by: "Zhang, Xiantao" --- diff -r 64b36dde26bc -r 62dd78a4e3fc xen/drivers/passthrough/amd/pci_amd_iommu.c --- a/xen/drivers/passthrough/amd/pci_amd_iommu.c Fri Jan 04 15:58:37 2013 +0000 +++ b/xen/drivers/passthrough/amd/pci_amd_iommu.c Mon Jan 07 12:49:24 2013 +0100 @@ -332,34 +332,31 @@ void amd_iommu_disable_domain_device(str disable_ats_device(iommu->seg, bus, devfn); } -static int reassign_device( struct domain *source, struct domain *target, - u16 seg, u8 bus, u8 devfn) +static int reassign_device(struct domain *source, struct domain *target, + u8 devfn, struct pci_dev *pdev) { - struct pci_dev *pdev; struct amd_iommu *iommu; int bdf; struct hvm_iommu *t = domain_hvm_iommu(target); - ASSERT(spin_is_locked(&pcidevs_lock)); - pdev = pci_get_pdev_by_domain(source, seg, bus, devfn); - if ( !pdev ) - return -ENODEV; - - bdf = PCI_BDF2(bus, devfn); - iommu = find_iommu_for_device(seg, bdf); + bdf = PCI_BDF2(pdev->bus, pdev->devfn); + iommu = find_iommu_for_device(pdev->seg, bdf); if ( !iommu ) { AMD_IOMMU_DEBUG("Fail to find iommu." " %04x:%02x:%x02.%x cannot be assigned to dom%d\n", - seg, bus, PCI_SLOT(devfn), PCI_FUNC(devfn), + pdev->seg, pdev->bus, PCI_SLOT(devfn), PCI_FUNC(devfn), target->domain_id); return -ENODEV; } amd_iommu_disable_domain_device(source, iommu, bdf); - list_move(&pdev->domain_list, &target->arch.pdev_list); - pdev->domain = target; + if ( devfn == pdev->devfn ) + { + list_move(&pdev->domain_list, &target->arch.pdev_list); + pdev->domain = target; + } /* IO page tables might be destroyed after pci-detach the last device * In this case, we have to re-allocate root table for next pci-attach.*/ @@ -368,17 +365,18 @@ static int reassign_device( struct domai amd_iommu_setup_domain_device(target, iommu, bdf); AMD_IOMMU_DEBUG("Re-assign %04x:%02x:%02x.%u from dom%d to dom%d\n", - seg, bus, PCI_SLOT(devfn), PCI_FUNC(devfn), + pdev->seg, pdev->bus, PCI_SLOT(devfn), PCI_FUNC(devfn), source->domain_id, target->domain_id); return 0; } -static int amd_iommu_assign_device(struct domain *d, u16 seg, u8 bus, u8 devfn) +static int amd_iommu_assign_device(struct domain *d, u8 devfn, + struct pci_dev *pdev) { - struct ivrs_mappings *ivrs_mappings = get_ivrs_mappings(seg); - int bdf = PCI_BDF2(bus, devfn); - int req_id = get_dma_requestor_id(seg, bdf); + struct ivrs_mappings *ivrs_mappings = get_ivrs_mappings(pdev->seg); + int bdf = PCI_BDF2(pdev->bus, devfn); + int req_id = get_dma_requestor_id(pdev->seg, bdf); if ( ivrs_mappings[req_id].unity_map_enable ) { @@ -390,7 +388,7 @@ static int amd_iommu_assign_device(struc ivrs_mappings[req_id].read_permission); } - return reassign_device(dom0, d, seg, bus, devfn); + return reassign_device(dom0, d, devfn, pdev); } static void deallocate_next_page_table(struct page_info* pg, int level) @@ -451,12 +449,6 @@ static void amd_iommu_domain_destroy(str amd_iommu_flush_all_pages(d); } -static int amd_iommu_return_device( - struct domain *s, struct domain *t, u16 seg, u8 bus, u8 devfn) -{ - return reassign_device(s, t, seg, bus, devfn); -} - static int amd_iommu_add_device(struct pci_dev *pdev) { struct amd_iommu *iommu; @@ -593,7 +585,7 @@ const struct iommu_ops amd_iommu_ops = { .teardown = amd_iommu_domain_destroy, .map_page = amd_iommu_map_page, .unmap_page = amd_iommu_unmap_page, - .reassign_device = amd_iommu_return_device, + .reassign_device = reassign_device, .get_device_group_id = amd_iommu_group_id, .update_ire_from_apic = amd_iommu_ioapic_update_ire, .update_ire_from_msi = amd_iommu_msi_msg_update_ire, diff -r 64b36dde26bc -r 62dd78a4e3fc xen/drivers/passthrough/iommu.c --- a/xen/drivers/passthrough/iommu.c Fri Jan 04 15:58:37 2013 +0000 +++ b/xen/drivers/passthrough/iommu.c Mon Jan 07 12:49:24 2013 +0100 @@ -233,11 +233,16 @@ static int assign_device(struct domain * return -EXDEV; spin_lock(&pcidevs_lock); - pdev = pci_get_pdev(seg, bus, devfn); - if ( pdev ) - pdev->fault.count = 0; + pdev = pci_get_pdev_by_domain(dom0, seg, bus, devfn); + if ( !pdev ) + { + rc = pci_get_pdev(seg, bus, devfn) ? -EBUSY : -ENODEV; + goto done; + } - if ( (rc = hd->platform_ops->assign_device(d, seg, bus, devfn)) ) + pdev->fault.count = 0; + + if ( (rc = hd->platform_ops->assign_device(d, devfn, pdev)) ) goto done; if ( has_arch_pdevs(d) && !need_iommu(d) ) @@ -368,18 +373,11 @@ int deassign_device(struct domain *d, u1 return -EINVAL; ASSERT(spin_is_locked(&pcidevs_lock)); - pdev = pci_get_pdev(seg, bus, devfn); + pdev = pci_get_pdev_by_domain(d, seg, bus, devfn); if ( !pdev ) return -ENODEV; - if ( pdev->domain != d ) - { - dprintk(XENLOG_G_ERR, - "d%d: deassign a device not owned\n", d->domain_id); - return -EINVAL; - } - - ret = hd->platform_ops->reassign_device(d, dom0, seg, bus, devfn); + ret = hd->platform_ops->reassign_device(d, dom0, devfn, pdev); if ( ret ) { dprintk(XENLOG_G_ERR, diff -r 64b36dde26bc -r 62dd78a4e3fc xen/drivers/passthrough/vtd/iommu.c --- a/xen/drivers/passthrough/vtd/iommu.c Fri Jan 04 15:58:37 2013 +0000 +++ b/xen/drivers/passthrough/vtd/iommu.c Mon Jan 07 12:49:24 2013 +0100 @@ -1658,17 +1658,10 @@ out: static int reassign_device_ownership( struct domain *source, struct domain *target, - u16 seg, u8 bus, u8 devfn) + u8 devfn, struct pci_dev *pdev) { - struct pci_dev *pdev; int ret; - ASSERT(spin_is_locked(&pcidevs_lock)); - pdev = pci_get_pdev_by_domain(source, seg, bus, devfn); - - if (!pdev) - return -ENODEV; - /* * Devices assigned to untrusted domains (here assumed to be any domU) * can attempt to send arbitrary LAPIC/MSI messages. We are unprotected @@ -1677,16 +1670,19 @@ static int reassign_device_ownership( if ( (target != dom0) && !iommu_intremap ) untrusted_msi = 1; - ret = domain_context_unmap(source, seg, bus, devfn); + ret = domain_context_unmap(source, pdev->seg, pdev->bus, devfn); if ( ret ) return ret; - ret = domain_context_mapping(target, seg, bus, devfn); + ret = domain_context_mapping(target, pdev->seg, pdev->bus, devfn); if ( ret ) return ret; - list_move(&pdev->domain_list, &target->arch.pdev_list); - pdev->domain = target; + if ( devfn == pdev->devfn ) + { + list_move(&pdev->domain_list, &target->arch.pdev_list); + pdev->domain = target; + } return ret; } @@ -2202,36 +2198,26 @@ int __init intel_vtd_setup(void) } static int intel_iommu_assign_device( - struct domain *d, u16 seg, u8 bus, u8 devfn) + struct domain *d, u8 devfn, struct pci_dev *pdev) { struct acpi_rmrr_unit *rmrr; int ret = 0, i; - struct pci_dev *pdev; - u16 bdf; + u16 bdf, seg; + u8 bus; if ( list_empty(&acpi_drhd_units) ) return -ENODEV; - ASSERT(spin_is_locked(&pcidevs_lock)); - pdev = pci_get_pdev(seg, bus, devfn); - if (!pdev) - return -ENODEV; - - if (pdev->domain != dom0) - { - dprintk(XENLOG_ERR VTDPREFIX, - "IOMMU: assign a assigned device\n"); - return -EBUSY; - } - - ret = reassign_device_ownership(dom0, d, seg, bus, devfn); + ret = reassign_device_ownership(dom0, d, devfn, pdev); if ( ret ) goto done; /* FIXME: Because USB RMRR conflicts with guest bios region, * ignore USB RMRR temporarily. */ - if ( is_usb_device(seg, bus, devfn) ) + seg = pdev->seg; + bus = pdev->bus; + if ( is_usb_device(seg, bus, pdev->devfn) ) { ret = 0; goto done; diff -r 64b36dde26bc -r 62dd78a4e3fc xen/include/xen/iommu.h --- a/xen/include/xen/iommu.h Fri Jan 04 15:58:37 2013 +0000 +++ b/xen/include/xen/iommu.h Mon Jan 07 12:49:24 2013 +0100 @@ -97,13 +97,13 @@ struct iommu_ops { int (*add_device)(struct pci_dev *pdev); int (*enable_device)(struct pci_dev *pdev); int (*remove_device)(struct pci_dev *pdev); - int (*assign_device)(struct domain *d, u16 seg, u8 bus, u8 devfn); + int (*assign_device)(struct domain *, u8 devfn, struct pci_dev *); void (*teardown)(struct domain *d); int (*map_page)(struct domain *d, unsigned long gfn, unsigned long mfn, unsigned int flags); int (*unmap_page)(struct domain *d, unsigned long gfn); int (*reassign_device)(struct domain *s, struct domain *t, - u16 seg, u8 bus, u8 devfn); + u8 devfn, struct pci_dev *); int (*get_device_group_id)(u16 seg, u8 bus, u8 devfn); void (*update_ire_from_apic)(unsigned int apic, unsigned int reg, unsigned int value); void (*update_ire_from_msi)(struct msi_desc *msi_desc, struct msi_msg *msg); _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 08 13:22:18 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 08 Jan 2013 13:22:18 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ8C-0001SJ-PH; Tue, 08 Jan 2013 13:22:16 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ8B-0001RZ-IG for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:15 +0000 Received: from [85.158.137.99:48950] by server-12.bemta-3.messagelabs.com id 0F/30-27559-68D1CE05; Tue, 08 Jan 2013 13:22:14 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-7.tower-217.messagelabs.com!1357651332!14456751!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 27720 invoked from network); 8 Jan 2013 13:22:13 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-7.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 8 Jan 2013 13:22:13 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ88-0003Or-9g for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:12 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TsZ88-00040N-7u for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:12 +0000 Message-Id: Date: Tue, 08 Jan 2013 13:22:11 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] IOMMU: add option to specify devices behaving like ones using phantom functions X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357559889 -3600 # Node ID 23c4bbc0111dd807561b2c62cbc5798220943a0d # Parent b514b7118958327605e33dd387944832bc8d734a IOMMU: add option to specify devices behaving like ones using phantom functions At least certain Marvell SATA controllers are known to issue bus master requests with a non-zero function as origin, despite themselves being single function devices. Signed-off-by: Jan Beulich Acked-by: "Zhang, Xiantao" --- diff -r b514b7118958 -r 23c4bbc0111d docs/misc/xen-command-line.markdown --- a/docs/misc/xen-command-line.markdown Mon Jan 07 12:56:52 2013 +0100 +++ b/docs/misc/xen-command-line.markdown Mon Jan 07 12:58:09 2013 +0100 @@ -703,6 +703,16 @@ Defaults to booting secondary processors Default: `on` +### pci-phantom +> `=[:]:,` + +Mark a group of PCI devices as using phantom functions without actually +advertising so, so the IOMMU can create translation contexts for them. + +All numbers specified must be hexadecimal ones. + +This option can be specified more than once (up to 8 times at present). + ### ple\_gap > `= ` diff -r b514b7118958 -r 23c4bbc0111d xen/drivers/passthrough/pci.c --- a/xen/drivers/passthrough/pci.c Mon Jan 07 12:56:52 2013 +0100 +++ b/xen/drivers/passthrough/pci.c Mon Jan 07 12:58:09 2013 +0100 @@ -121,6 +121,49 @@ const unsigned long *pci_get_ro_map(u16 return pseg ? pseg->ro_map : NULL; } +static struct phantom_dev { + u16 seg; + u8 bus, slot, stride; +} phantom_devs[8]; +static unsigned int nr_phantom_devs; + +static void __init parse_phantom_dev(char *str) { + const char *s = str; + struct phantom_dev phantom; + + if ( !s || !*s || nr_phantom_devs >= ARRAY_SIZE(phantom_devs) ) + return; + + phantom.seg = simple_strtol(s, &s, 16); + if ( *s != ':' ) + return; + + phantom.bus = simple_strtol(s + 1, &s, 16); + if ( *s == ',' ) + { + phantom.slot = phantom.bus; + phantom.bus = phantom.seg; + phantom.seg = 0; + } + else if ( *s == ':' ) + phantom.slot = simple_strtol(s + 1, &s, 16); + else + return; + + if ( *s != ',' ) + return; + switch ( phantom.stride = simple_strtol(s + 1, &s, 0) ) + { + case 1: case 2: case 4: + if ( *s ) + default: + return; + } + + phantom_devs[nr_phantom_devs++] = phantom; +} +custom_param("pci-phantom", parse_phantom_dev); + static struct pci_dev *alloc_pdev(struct pci_seg *pseg, u8 bus, u8 devfn) { struct pci_dev *pdev; @@ -181,6 +224,20 @@ static struct pci_dev *alloc_pdev(struct if ( PCI_FUNC(devfn) >= pdev->phantom_stride ) pdev->phantom_stride = 0; } + else + { + unsigned int i; + + for ( i = 0; i < nr_phantom_devs; ++i ) + if ( phantom_devs[i].seg == pseg->nr && + phantom_devs[i].bus == bus && + phantom_devs[i].slot == PCI_SLOT(devfn) && + phantom_devs[i].stride > PCI_FUNC(devfn) ) + { + pdev->phantom_stride = phantom_devs[i].stride; + break; + } + } break; case DEV_TYPE_PCI: _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 08 13:22:18 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 08 Jan 2013 13:22:18 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ8C-0001SJ-PH; Tue, 08 Jan 2013 13:22:16 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ8B-0001RZ-IG for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:15 +0000 Received: from [85.158.137.99:48950] by server-12.bemta-3.messagelabs.com id 0F/30-27559-68D1CE05; Tue, 08 Jan 2013 13:22:14 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-7.tower-217.messagelabs.com!1357651332!14456751!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 27720 invoked from network); 8 Jan 2013 13:22:13 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-7.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 8 Jan 2013 13:22:13 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ88-0003Or-9g for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:12 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TsZ88-00040N-7u for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:12 +0000 Message-Id: Date: Tue, 08 Jan 2013 13:22:11 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] IOMMU: add option to specify devices behaving like ones using phantom functions X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357559889 -3600 # Node ID 23c4bbc0111dd807561b2c62cbc5798220943a0d # Parent b514b7118958327605e33dd387944832bc8d734a IOMMU: add option to specify devices behaving like ones using phantom functions At least certain Marvell SATA controllers are known to issue bus master requests with a non-zero function as origin, despite themselves being single function devices. Signed-off-by: Jan Beulich Acked-by: "Zhang, Xiantao" --- diff -r b514b7118958 -r 23c4bbc0111d docs/misc/xen-command-line.markdown --- a/docs/misc/xen-command-line.markdown Mon Jan 07 12:56:52 2013 +0100 +++ b/docs/misc/xen-command-line.markdown Mon Jan 07 12:58:09 2013 +0100 @@ -703,6 +703,16 @@ Defaults to booting secondary processors Default: `on` +### pci-phantom +> `=[:]:,` + +Mark a group of PCI devices as using phantom functions without actually +advertising so, so the IOMMU can create translation contexts for them. + +All numbers specified must be hexadecimal ones. + +This option can be specified more than once (up to 8 times at present). + ### ple\_gap > `= ` diff -r b514b7118958 -r 23c4bbc0111d xen/drivers/passthrough/pci.c --- a/xen/drivers/passthrough/pci.c Mon Jan 07 12:56:52 2013 +0100 +++ b/xen/drivers/passthrough/pci.c Mon Jan 07 12:58:09 2013 +0100 @@ -121,6 +121,49 @@ const unsigned long *pci_get_ro_map(u16 return pseg ? pseg->ro_map : NULL; } +static struct phantom_dev { + u16 seg; + u8 bus, slot, stride; +} phantom_devs[8]; +static unsigned int nr_phantom_devs; + +static void __init parse_phantom_dev(char *str) { + const char *s = str; + struct phantom_dev phantom; + + if ( !s || !*s || nr_phantom_devs >= ARRAY_SIZE(phantom_devs) ) + return; + + phantom.seg = simple_strtol(s, &s, 16); + if ( *s != ':' ) + return; + + phantom.bus = simple_strtol(s + 1, &s, 16); + if ( *s == ',' ) + { + phantom.slot = phantom.bus; + phantom.bus = phantom.seg; + phantom.seg = 0; + } + else if ( *s == ':' ) + phantom.slot = simple_strtol(s + 1, &s, 16); + else + return; + + if ( *s != ',' ) + return; + switch ( phantom.stride = simple_strtol(s + 1, &s, 0) ) + { + case 1: case 2: case 4: + if ( *s ) + default: + return; + } + + phantom_devs[nr_phantom_devs++] = phantom; +} +custom_param("pci-phantom", parse_phantom_dev); + static struct pci_dev *alloc_pdev(struct pci_seg *pseg, u8 bus, u8 devfn) { struct pci_dev *pdev; @@ -181,6 +224,20 @@ static struct pci_dev *alloc_pdev(struct if ( PCI_FUNC(devfn) >= pdev->phantom_stride ) pdev->phantom_stride = 0; } + else + { + unsigned int i; + + for ( i = 0; i < nr_phantom_devs; ++i ) + if ( phantom_devs[i].seg == pseg->nr && + phantom_devs[i].bus == bus && + phantom_devs[i].slot == PCI_SLOT(devfn) && + phantom_devs[i].stride > PCI_FUNC(devfn) ) + { + pdev->phantom_stride = phantom_devs[i].stride; + break; + } + } break; case DEV_TYPE_PCI: _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 08 13:22:18 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 08 Jan 2013 13:22:18 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ8B-0001Ro-HP; Tue, 08 Jan 2013 13:22:15 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ8A-0001RK-GR for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:14 +0000 Received: from [85.158.137.99:15488] by server-5.bemta-3.messagelabs.com id 45/0A-04992-58D1CE05; Tue, 08 Jan 2013 13:22:13 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-3.tower-217.messagelabs.com!1357651331!16088325!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 5033 invoked from network); 8 Jan 2013 13:22:12 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-3.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 8 Jan 2013 13:22:12 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ86-0003Oi-SV for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TsZ86-0003ze-KY for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:10 +0000 Message-Id: Date: Tue, 08 Jan 2013 13:22:10 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] IOMMU/PCI: consolidate pdev_type() and cache its result for a given device X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357559679 -3600 # Node ID 11fa145c880ee814aaf56a7f47f47ee3e5560c7c # Parent 2a2c63f641ee3bda4ad552eb0b3ea479d37590cc IOMMU/PCI: consolidate pdev_type() and cache its result for a given device Add an "unknown" device types as well as one for PCI-to-PCIe bridges (the latter of which other IOMMU code with or without this patch doesn't appear to handle properly). Make sure we don't mistake a device for which we can't access its config space as a legacy PCI device (after all we in fact don't know how to deal with such a device, and hence shouldn't try to). Signed-off-by: Jan Beulich Acked-by: "Zhang, Xiantao" --- diff -r 2a2c63f641ee -r 11fa145c880e xen/drivers/passthrough/pci.c --- a/xen/drivers/passthrough/pci.c Mon Jan 07 12:53:19 2013 +0100 +++ b/xen/drivers/passthrough/pci.c Mon Jan 07 12:54:39 2013 +0100 @@ -142,7 +142,7 @@ static struct pci_dev *alloc_pdev(struct spin_lock_init(&pdev->msix_table_lock); /* update bus2bridge */ - switch ( pdev_type(pseg->nr, bus, devfn) ) + switch ( pdev->type = pdev_type(pseg->nr, bus, devfn) ) { u8 sec_bus, sub_bus; @@ -182,7 +182,7 @@ static struct pci_dev *alloc_pdev(struct static void free_pdev(struct pci_seg *pseg, struct pci_dev *pdev) { /* update bus2bridge */ - switch ( pdev_type(pseg->nr, pdev->bus, pdev->devfn) ) + switch ( pdev->type ) { u8 dev, func, sec_bus, sub_bus; @@ -200,6 +200,9 @@ static void free_pdev(struct pci_seg *ps pseg->bus2bridge[sec_bus] = pseg->bus2bridge[pdev->bus]; spin_unlock(&pseg->bus2bridge_lock); break; + + default: + break; } list_del(&pdev->alldevs_list); @@ -587,20 +590,30 @@ void pci_release_devices(struct domain * #define PCI_CLASS_BRIDGE_PCI 0x0604 -int pdev_type(u16 seg, u8 bus, u8 devfn) +enum pdev_type pdev_type(u16 seg, u8 bus, u8 devfn) { u16 class_device, creg; u8 d = PCI_SLOT(devfn), f = PCI_FUNC(devfn); int pos = pci_find_cap_offset(seg, bus, d, f, PCI_CAP_ID_EXP); class_device = pci_conf_read16(seg, bus, d, f, PCI_CLASS_DEVICE); - if ( class_device == PCI_CLASS_BRIDGE_PCI ) + switch ( class_device ) { + case PCI_CLASS_BRIDGE_PCI: if ( !pos ) return DEV_TYPE_LEGACY_PCI_BRIDGE; creg = pci_conf_read16(seg, bus, d, f, pos + PCI_EXP_FLAGS); - return ((creg & PCI_EXP_FLAGS_TYPE) >> 4) == PCI_EXP_TYPE_PCI_BRIDGE ? - DEV_TYPE_PCIe2PCI_BRIDGE : DEV_TYPE_PCIe_BRIDGE; + switch ( (creg & PCI_EXP_FLAGS_TYPE) >> 4 ) + { + case PCI_EXP_TYPE_PCI_BRIDGE: + return DEV_TYPE_PCIe2PCI_BRIDGE; + case PCI_EXP_TYPE_PCIE_BRIDGE: + return DEV_TYPE_PCI2PCIe_BRIDGE; + } + return DEV_TYPE_PCIe_BRIDGE; + + case 0x0000: case 0xffff: + return DEV_TYPE_PCI_UNKNOWN; } return pos ? DEV_TYPE_PCIe_ENDPOINT : DEV_TYPE_PCI; diff -r 2a2c63f641ee -r 11fa145c880e xen/drivers/passthrough/vtd/intremap.c --- a/xen/drivers/passthrough/vtd/intremap.c Mon Jan 07 12:53:19 2013 +0100 +++ b/xen/drivers/passthrough/vtd/intremap.c Mon Jan 07 12:54:39 2013 +0100 @@ -430,7 +430,6 @@ void io_apic_write_remap_rte( static void set_msi_source_id(struct pci_dev *pdev, struct iremap_entry *ire) { - int type; u16 seg; u8 bus, devfn, secbus; int ret; @@ -441,8 +440,7 @@ static void set_msi_source_id(struct pci seg = pdev->seg; bus = pdev->bus; devfn = pdev->devfn; - type = pdev_type(seg, bus, devfn); - switch ( type ) + switch ( pdev->type ) { case DEV_TYPE_PCIe_BRIDGE: case DEV_TYPE_PCIe2PCI_BRIDGE: @@ -474,7 +472,7 @@ static void set_msi_source_id(struct pci default: dprintk(XENLOG_WARNING VTDPREFIX, "d%d: unknown(%u): %04x:%02x:%02x.%u\n", - pdev->domain->domain_id, type, + pdev->domain->domain_id, pdev->type, seg, bus, PCI_SLOT(devfn), PCI_FUNC(devfn)); break; } diff -r 2a2c63f641ee -r 11fa145c880e xen/drivers/passthrough/vtd/iommu.c --- a/xen/drivers/passthrough/vtd/iommu.c Mon Jan 07 12:53:19 2013 +0100 +++ b/xen/drivers/passthrough/vtd/iommu.c Mon Jan 07 12:54:39 2013 +0100 @@ -1419,7 +1419,6 @@ static int domain_context_mapping( { struct acpi_drhd_unit *drhd; int ret = 0; - u32 type; u8 seg = pdev->seg, bus = pdev->bus, secbus; drhd = acpi_find_matched_drhd_unit(pdev); @@ -1428,8 +1427,7 @@ static int domain_context_mapping( ASSERT(spin_is_locked(&pcidevs_lock)); - type = pdev_type(seg, bus, devfn); - switch ( type ) + switch ( pdev->type ) { case DEV_TYPE_PCIe_BRIDGE: case DEV_TYPE_PCIe2PCI_BRIDGE: @@ -1479,7 +1477,7 @@ static int domain_context_mapping( default: dprintk(XENLOG_ERR VTDPREFIX, "d%d:unknown(%u): %04x:%02x:%02x.%u\n", - domain->domain_id, type, + domain->domain_id, pdev->type, seg, bus, PCI_SLOT(devfn), PCI_FUNC(devfn)); ret = -EINVAL; break; @@ -1551,7 +1549,6 @@ static int domain_context_unmap( struct acpi_drhd_unit *drhd; struct iommu *iommu; int ret = 0; - u32 type; u8 seg = pdev->seg, bus = pdev->bus, tmp_bus, tmp_devfn, secbus; int found = 0; @@ -1560,8 +1557,7 @@ static int domain_context_unmap( return -ENODEV; iommu = drhd->iommu; - type = pdev_type(seg, bus, devfn); - switch ( type ) + switch ( pdev->type ) { case DEV_TYPE_PCIe_BRIDGE: case DEV_TYPE_PCIe2PCI_BRIDGE: @@ -1608,7 +1604,7 @@ static int domain_context_unmap( default: dprintk(XENLOG_ERR VTDPREFIX, "d%d:unknown(%u): %04x:%02x:%02x.%u\n", - domain->domain_id, type, + domain->domain_id, pdev->type, seg, bus, PCI_SLOT(devfn), PCI_FUNC(devfn)); ret = -EINVAL; goto out; diff -r 2a2c63f641ee -r 11fa145c880e xen/include/xen/pci.h --- a/xen/include/xen/pci.h Mon Jan 07 12:53:19 2013 +0100 +++ b/xen/include/xen/pci.h Mon Jan 07 12:54:39 2013 +0100 @@ -62,6 +62,17 @@ struct pci_dev { const u16 seg; const u8 bus; const u8 devfn; + + enum pdev_type { + DEV_TYPE_PCI_UNKNOWN, + DEV_TYPE_PCIe_ENDPOINT, + DEV_TYPE_PCIe_BRIDGE, // PCIe root port, switch + DEV_TYPE_PCIe2PCI_BRIDGE, // PCIe-to-PCI/PCIx bridge + DEV_TYPE_PCI2PCIe_BRIDGE, // PCI/PCIx-to-PCIe bridge + DEV_TYPE_LEGACY_PCI_BRIDGE, // Legacy PCI bridge + DEV_TYPE_PCI, + } type; + struct pci_dev_info info; struct arch_pci_dev arch; struct { @@ -83,18 +94,10 @@ struct pci_dev { extern spinlock_t pcidevs_lock; -enum { - DEV_TYPE_PCIe_ENDPOINT, - DEV_TYPE_PCIe_BRIDGE, // PCIe root port, switch - DEV_TYPE_PCIe2PCI_BRIDGE, // PCIe-to-PCI/PCIx bridge - DEV_TYPE_LEGACY_PCI_BRIDGE, // Legacy PCI bridge - DEV_TYPE_PCI, -}; - bool_t pci_known_segment(u16 seg); int pci_device_detect(u16 seg, u8 bus, u8 dev, u8 func); int scan_pci_devices(void); -int pdev_type(u16 seg, u8 bus, u8 devfn); +enum pdev_type pdev_type(u16 seg, u8 bus, u8 devfn); int find_upstream_bridge(u16 seg, u8 *bus, u8 *devfn, u8 *secbus); struct pci_dev *pci_lock_pdev(int seg, int bus, int devfn); struct pci_dev *pci_lock_domain_pdev( diff -r 2a2c63f641ee -r 11fa145c880e xen/include/xen/pci_regs.h --- a/xen/include/xen/pci_regs.h Mon Jan 07 12:53:19 2013 +0100 +++ b/xen/include/xen/pci_regs.h Mon Jan 07 12:54:39 2013 +0100 @@ -371,6 +371,9 @@ #define PCI_EXP_TYPE_UPSTREAM 0x5 /* Upstream Port */ #define PCI_EXP_TYPE_DOWNSTREAM 0x6 /* Downstream Port */ #define PCI_EXP_TYPE_PCI_BRIDGE 0x7 /* PCI/PCI-X Bridge */ +#define PCI_EXP_TYPE_PCIE_BRIDGE 0x8 /* PCI/PCI-X to PCIE Bridge */ +#define PCI_EXP_TYPE_RC_END 0x9 /* Root Complex Integrated Endpoint */ +#define PCI_EXP_TYPE_RC_EC 0xa /* Root Complex Event Collector */ #define PCI_EXP_FLAGS_SLOT 0x0100 /* Slot implemented */ #define PCI_EXP_FLAGS_IRQ 0x3e00 /* Interrupt message number */ #define PCI_EXP_DEVCAP 4 /* Device capabilities */ _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 08 13:22:18 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 08 Jan 2013 13:22:18 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ8B-0001Ro-HP; Tue, 08 Jan 2013 13:22:15 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ8A-0001RK-GR for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:14 +0000 Received: from [85.158.137.99:15488] by server-5.bemta-3.messagelabs.com id 45/0A-04992-58D1CE05; Tue, 08 Jan 2013 13:22:13 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-3.tower-217.messagelabs.com!1357651331!16088325!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 5033 invoked from network); 8 Jan 2013 13:22:12 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-3.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 8 Jan 2013 13:22:12 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ86-0003Oi-SV for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TsZ86-0003ze-KY for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:10 +0000 Message-Id: Date: Tue, 08 Jan 2013 13:22:10 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] IOMMU/PCI: consolidate pdev_type() and cache its result for a given device X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357559679 -3600 # Node ID 11fa145c880ee814aaf56a7f47f47ee3e5560c7c # Parent 2a2c63f641ee3bda4ad552eb0b3ea479d37590cc IOMMU/PCI: consolidate pdev_type() and cache its result for a given device Add an "unknown" device types as well as one for PCI-to-PCIe bridges (the latter of which other IOMMU code with or without this patch doesn't appear to handle properly). Make sure we don't mistake a device for which we can't access its config space as a legacy PCI device (after all we in fact don't know how to deal with such a device, and hence shouldn't try to). Signed-off-by: Jan Beulich Acked-by: "Zhang, Xiantao" --- diff -r 2a2c63f641ee -r 11fa145c880e xen/drivers/passthrough/pci.c --- a/xen/drivers/passthrough/pci.c Mon Jan 07 12:53:19 2013 +0100 +++ b/xen/drivers/passthrough/pci.c Mon Jan 07 12:54:39 2013 +0100 @@ -142,7 +142,7 @@ static struct pci_dev *alloc_pdev(struct spin_lock_init(&pdev->msix_table_lock); /* update bus2bridge */ - switch ( pdev_type(pseg->nr, bus, devfn) ) + switch ( pdev->type = pdev_type(pseg->nr, bus, devfn) ) { u8 sec_bus, sub_bus; @@ -182,7 +182,7 @@ static struct pci_dev *alloc_pdev(struct static void free_pdev(struct pci_seg *pseg, struct pci_dev *pdev) { /* update bus2bridge */ - switch ( pdev_type(pseg->nr, pdev->bus, pdev->devfn) ) + switch ( pdev->type ) { u8 dev, func, sec_bus, sub_bus; @@ -200,6 +200,9 @@ static void free_pdev(struct pci_seg *ps pseg->bus2bridge[sec_bus] = pseg->bus2bridge[pdev->bus]; spin_unlock(&pseg->bus2bridge_lock); break; + + default: + break; } list_del(&pdev->alldevs_list); @@ -587,20 +590,30 @@ void pci_release_devices(struct domain * #define PCI_CLASS_BRIDGE_PCI 0x0604 -int pdev_type(u16 seg, u8 bus, u8 devfn) +enum pdev_type pdev_type(u16 seg, u8 bus, u8 devfn) { u16 class_device, creg; u8 d = PCI_SLOT(devfn), f = PCI_FUNC(devfn); int pos = pci_find_cap_offset(seg, bus, d, f, PCI_CAP_ID_EXP); class_device = pci_conf_read16(seg, bus, d, f, PCI_CLASS_DEVICE); - if ( class_device == PCI_CLASS_BRIDGE_PCI ) + switch ( class_device ) { + case PCI_CLASS_BRIDGE_PCI: if ( !pos ) return DEV_TYPE_LEGACY_PCI_BRIDGE; creg = pci_conf_read16(seg, bus, d, f, pos + PCI_EXP_FLAGS); - return ((creg & PCI_EXP_FLAGS_TYPE) >> 4) == PCI_EXP_TYPE_PCI_BRIDGE ? - DEV_TYPE_PCIe2PCI_BRIDGE : DEV_TYPE_PCIe_BRIDGE; + switch ( (creg & PCI_EXP_FLAGS_TYPE) >> 4 ) + { + case PCI_EXP_TYPE_PCI_BRIDGE: + return DEV_TYPE_PCIe2PCI_BRIDGE; + case PCI_EXP_TYPE_PCIE_BRIDGE: + return DEV_TYPE_PCI2PCIe_BRIDGE; + } + return DEV_TYPE_PCIe_BRIDGE; + + case 0x0000: case 0xffff: + return DEV_TYPE_PCI_UNKNOWN; } return pos ? DEV_TYPE_PCIe_ENDPOINT : DEV_TYPE_PCI; diff -r 2a2c63f641ee -r 11fa145c880e xen/drivers/passthrough/vtd/intremap.c --- a/xen/drivers/passthrough/vtd/intremap.c Mon Jan 07 12:53:19 2013 +0100 +++ b/xen/drivers/passthrough/vtd/intremap.c Mon Jan 07 12:54:39 2013 +0100 @@ -430,7 +430,6 @@ void io_apic_write_remap_rte( static void set_msi_source_id(struct pci_dev *pdev, struct iremap_entry *ire) { - int type; u16 seg; u8 bus, devfn, secbus; int ret; @@ -441,8 +440,7 @@ static void set_msi_source_id(struct pci seg = pdev->seg; bus = pdev->bus; devfn = pdev->devfn; - type = pdev_type(seg, bus, devfn); - switch ( type ) + switch ( pdev->type ) { case DEV_TYPE_PCIe_BRIDGE: case DEV_TYPE_PCIe2PCI_BRIDGE: @@ -474,7 +472,7 @@ static void set_msi_source_id(struct pci default: dprintk(XENLOG_WARNING VTDPREFIX, "d%d: unknown(%u): %04x:%02x:%02x.%u\n", - pdev->domain->domain_id, type, + pdev->domain->domain_id, pdev->type, seg, bus, PCI_SLOT(devfn), PCI_FUNC(devfn)); break; } diff -r 2a2c63f641ee -r 11fa145c880e xen/drivers/passthrough/vtd/iommu.c --- a/xen/drivers/passthrough/vtd/iommu.c Mon Jan 07 12:53:19 2013 +0100 +++ b/xen/drivers/passthrough/vtd/iommu.c Mon Jan 07 12:54:39 2013 +0100 @@ -1419,7 +1419,6 @@ static int domain_context_mapping( { struct acpi_drhd_unit *drhd; int ret = 0; - u32 type; u8 seg = pdev->seg, bus = pdev->bus, secbus; drhd = acpi_find_matched_drhd_unit(pdev); @@ -1428,8 +1427,7 @@ static int domain_context_mapping( ASSERT(spin_is_locked(&pcidevs_lock)); - type = pdev_type(seg, bus, devfn); - switch ( type ) + switch ( pdev->type ) { case DEV_TYPE_PCIe_BRIDGE: case DEV_TYPE_PCIe2PCI_BRIDGE: @@ -1479,7 +1477,7 @@ static int domain_context_mapping( default: dprintk(XENLOG_ERR VTDPREFIX, "d%d:unknown(%u): %04x:%02x:%02x.%u\n", - domain->domain_id, type, + domain->domain_id, pdev->type, seg, bus, PCI_SLOT(devfn), PCI_FUNC(devfn)); ret = -EINVAL; break; @@ -1551,7 +1549,6 @@ static int domain_context_unmap( struct acpi_drhd_unit *drhd; struct iommu *iommu; int ret = 0; - u32 type; u8 seg = pdev->seg, bus = pdev->bus, tmp_bus, tmp_devfn, secbus; int found = 0; @@ -1560,8 +1557,7 @@ static int domain_context_unmap( return -ENODEV; iommu = drhd->iommu; - type = pdev_type(seg, bus, devfn); - switch ( type ) + switch ( pdev->type ) { case DEV_TYPE_PCIe_BRIDGE: case DEV_TYPE_PCIe2PCI_BRIDGE: @@ -1608,7 +1604,7 @@ static int domain_context_unmap( default: dprintk(XENLOG_ERR VTDPREFIX, "d%d:unknown(%u): %04x:%02x:%02x.%u\n", - domain->domain_id, type, + domain->domain_id, pdev->type, seg, bus, PCI_SLOT(devfn), PCI_FUNC(devfn)); ret = -EINVAL; goto out; diff -r 2a2c63f641ee -r 11fa145c880e xen/include/xen/pci.h --- a/xen/include/xen/pci.h Mon Jan 07 12:53:19 2013 +0100 +++ b/xen/include/xen/pci.h Mon Jan 07 12:54:39 2013 +0100 @@ -62,6 +62,17 @@ struct pci_dev { const u16 seg; const u8 bus; const u8 devfn; + + enum pdev_type { + DEV_TYPE_PCI_UNKNOWN, + DEV_TYPE_PCIe_ENDPOINT, + DEV_TYPE_PCIe_BRIDGE, // PCIe root port, switch + DEV_TYPE_PCIe2PCI_BRIDGE, // PCIe-to-PCI/PCIx bridge + DEV_TYPE_PCI2PCIe_BRIDGE, // PCI/PCIx-to-PCIe bridge + DEV_TYPE_LEGACY_PCI_BRIDGE, // Legacy PCI bridge + DEV_TYPE_PCI, + } type; + struct pci_dev_info info; struct arch_pci_dev arch; struct { @@ -83,18 +94,10 @@ struct pci_dev { extern spinlock_t pcidevs_lock; -enum { - DEV_TYPE_PCIe_ENDPOINT, - DEV_TYPE_PCIe_BRIDGE, // PCIe root port, switch - DEV_TYPE_PCIe2PCI_BRIDGE, // PCIe-to-PCI/PCIx bridge - DEV_TYPE_LEGACY_PCI_BRIDGE, // Legacy PCI bridge - DEV_TYPE_PCI, -}; - bool_t pci_known_segment(u16 seg); int pci_device_detect(u16 seg, u8 bus, u8 dev, u8 func); int scan_pci_devices(void); -int pdev_type(u16 seg, u8 bus, u8 devfn); +enum pdev_type pdev_type(u16 seg, u8 bus, u8 devfn); int find_upstream_bridge(u16 seg, u8 *bus, u8 *devfn, u8 *secbus); struct pci_dev *pci_lock_pdev(int seg, int bus, int devfn); struct pci_dev *pci_lock_domain_pdev( diff -r 2a2c63f641ee -r 11fa145c880e xen/include/xen/pci_regs.h --- a/xen/include/xen/pci_regs.h Mon Jan 07 12:53:19 2013 +0100 +++ b/xen/include/xen/pci_regs.h Mon Jan 07 12:54:39 2013 +0100 @@ -371,6 +371,9 @@ #define PCI_EXP_TYPE_UPSTREAM 0x5 /* Upstream Port */ #define PCI_EXP_TYPE_DOWNSTREAM 0x6 /* Downstream Port */ #define PCI_EXP_TYPE_PCI_BRIDGE 0x7 /* PCI/PCI-X Bridge */ +#define PCI_EXP_TYPE_PCIE_BRIDGE 0x8 /* PCI/PCI-X to PCIE Bridge */ +#define PCI_EXP_TYPE_RC_END 0x9 /* Root Complex Integrated Endpoint */ +#define PCI_EXP_TYPE_RC_EC 0xa /* Root Complex Event Collector */ #define PCI_EXP_FLAGS_SLOT 0x0100 /* Slot implemented */ #define PCI_EXP_FLAGS_IRQ 0x3e00 /* Interrupt message number */ #define PCI_EXP_DEVCAP 4 /* Device capabilities */ _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 08 13:22:19 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 08 Jan 2013 13:22:19 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ8B-0001Rj-Em; Tue, 08 Jan 2013 13:22:15 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ8A-0001RJ-GZ for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:14 +0000 Received: from [85.158.143.99:28978] by server-3.bemta-4.messagelabs.com id 5D/4B-18211-58D1CE05; Tue, 08 Jan 2013 13:22:13 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-8.tower-216.messagelabs.com!1357651330!18750293!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 8482 invoked from network); 8 Jan 2013 13:22:12 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-8.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 8 Jan 2013 13:22:12 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ86-0003Of-BF for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TsZ86-0003zP-34 for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:10 +0000 Message-Id: Date: Tue, 08 Jan 2013 13:22:09 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] AMD IOMMU: adjust flush function parameters X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357559599 -3600 # Node ID 2a2c63f641ee3bda4ad552eb0b3ea479d37590cc # Parent afb598bd0f5436bea15b7ef842e8ad5c6adefa1a AMD IOMMU: adjust flush function parameters ... to use a (struct pci_dev *, devfn) pair. Signed-off-by: Jan Beulich Acked-by: "Zhang, Xiantao" --- diff -r afb598bd0f54 -r 2a2c63f641ee xen/drivers/passthrough/amd/iommu_cmd.c --- a/xen/drivers/passthrough/amd/iommu_cmd.c Mon Jan 07 12:52:29 2013 +0100 +++ b/xen/drivers/passthrough/amd/iommu_cmd.c Mon Jan 07 12:53:19 2013 +0100 @@ -287,12 +287,12 @@ void invalidate_iommu_all(struct amd_iom send_iommu_command(iommu, cmd); } -void amd_iommu_flush_iotlb(struct pci_dev *pdev, +void amd_iommu_flush_iotlb(u8 devfn, const struct pci_dev *pdev, uint64_t gaddr, unsigned int order) { unsigned long flags; struct amd_iommu *iommu; - unsigned int bdf, req_id, queueid, maxpend; + unsigned int req_id, queueid, maxpend; struct pci_ats_dev *ats_pdev; if ( !ats_enabled ) @@ -305,8 +305,8 @@ void amd_iommu_flush_iotlb(struct pci_de if ( !pci_ats_enabled(ats_pdev->seg, ats_pdev->bus, ats_pdev->devfn) ) return; - bdf = PCI_BDF2(ats_pdev->bus, ats_pdev->devfn); - iommu = find_iommu_for_device(ats_pdev->seg, bdf); + iommu = find_iommu_for_device(ats_pdev->seg, + PCI_BDF2(ats_pdev->bus, ats_pdev->devfn)); if ( !iommu ) { @@ -319,7 +319,7 @@ void amd_iommu_flush_iotlb(struct pci_de if ( !iommu_has_cap(iommu, PCI_CAP_IOTLB_SHIFT) ) return; - req_id = get_dma_requestor_id(iommu->seg, bdf); + req_id = get_dma_requestor_id(iommu->seg, PCI_BDF2(ats_pdev->bus, devfn)); queueid = req_id; maxpend = ats_pdev->ats_queue_depth & 0xff; @@ -339,7 +339,7 @@ static void amd_iommu_flush_all_iotlbs(s return; for_each_pdev( d, pdev ) - amd_iommu_flush_iotlb(pdev, gaddr, order); + amd_iommu_flush_iotlb(pdev->devfn, pdev, gaddr, order); } /* Flush iommu cache after p2m changes. */ diff -r afb598bd0f54 -r 2a2c63f641ee xen/drivers/passthrough/amd/pci_amd_iommu.c --- a/xen/drivers/passthrough/amd/pci_amd_iommu.c Mon Jan 07 12:52:29 2013 +0100 +++ b/xen/drivers/passthrough/amd/pci_amd_iommu.c Mon Jan 07 12:53:19 2013 +0100 @@ -138,7 +138,7 @@ static void amd_iommu_setup_domain_devic if ( devfn == pdev->devfn ) enable_ats_device(iommu->seg, bus, devfn); - amd_iommu_flush_iotlb(pdev, INV_IOMMU_ALL_PAGES_ADDRESS, 0); + amd_iommu_flush_iotlb(devfn, pdev, INV_IOMMU_ALL_PAGES_ADDRESS, 0); } } diff -r afb598bd0f54 -r 2a2c63f641ee xen/include/asm-x86/hvm/svm/amd-iommu-proto.h --- a/xen/include/asm-x86/hvm/svm/amd-iommu-proto.h Mon Jan 07 12:52:29 2013 +0100 +++ b/xen/include/asm-x86/hvm/svm/amd-iommu-proto.h Mon Jan 07 12:53:19 2013 +0100 @@ -78,8 +78,8 @@ void iommu_dte_set_guest_cr3(u32 *dte, u void amd_iommu_flush_all_pages(struct domain *d); void amd_iommu_flush_pages(struct domain *d, unsigned long gfn, unsigned int order); -void amd_iommu_flush_iotlb(struct pci_dev *pdev, uint64_t gaddr, - unsigned int order); +void amd_iommu_flush_iotlb(u8 devfn, const struct pci_dev *pdev, + uint64_t gaddr, unsigned int order); void amd_iommu_flush_device(struct amd_iommu *iommu, uint16_t bdf); void amd_iommu_flush_intremap(struct amd_iommu *iommu, uint16_t bdf); void amd_iommu_flush_all_caches(struct amd_iommu *iommu); _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 08 13:22:19 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 08 Jan 2013 13:22:19 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ8B-0001Rj-Em; Tue, 08 Jan 2013 13:22:15 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ8A-0001RJ-GZ for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:14 +0000 Received: from [85.158.143.99:28978] by server-3.bemta-4.messagelabs.com id 5D/4B-18211-58D1CE05; Tue, 08 Jan 2013 13:22:13 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-8.tower-216.messagelabs.com!1357651330!18750293!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 8482 invoked from network); 8 Jan 2013 13:22:12 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-8.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 8 Jan 2013 13:22:12 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ86-0003Of-BF for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TsZ86-0003zP-34 for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:10 +0000 Message-Id: Date: Tue, 08 Jan 2013 13:22:09 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] AMD IOMMU: adjust flush function parameters X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357559599 -3600 # Node ID 2a2c63f641ee3bda4ad552eb0b3ea479d37590cc # Parent afb598bd0f5436bea15b7ef842e8ad5c6adefa1a AMD IOMMU: adjust flush function parameters ... to use a (struct pci_dev *, devfn) pair. Signed-off-by: Jan Beulich Acked-by: "Zhang, Xiantao" --- diff -r afb598bd0f54 -r 2a2c63f641ee xen/drivers/passthrough/amd/iommu_cmd.c --- a/xen/drivers/passthrough/amd/iommu_cmd.c Mon Jan 07 12:52:29 2013 +0100 +++ b/xen/drivers/passthrough/amd/iommu_cmd.c Mon Jan 07 12:53:19 2013 +0100 @@ -287,12 +287,12 @@ void invalidate_iommu_all(struct amd_iom send_iommu_command(iommu, cmd); } -void amd_iommu_flush_iotlb(struct pci_dev *pdev, +void amd_iommu_flush_iotlb(u8 devfn, const struct pci_dev *pdev, uint64_t gaddr, unsigned int order) { unsigned long flags; struct amd_iommu *iommu; - unsigned int bdf, req_id, queueid, maxpend; + unsigned int req_id, queueid, maxpend; struct pci_ats_dev *ats_pdev; if ( !ats_enabled ) @@ -305,8 +305,8 @@ void amd_iommu_flush_iotlb(struct pci_de if ( !pci_ats_enabled(ats_pdev->seg, ats_pdev->bus, ats_pdev->devfn) ) return; - bdf = PCI_BDF2(ats_pdev->bus, ats_pdev->devfn); - iommu = find_iommu_for_device(ats_pdev->seg, bdf); + iommu = find_iommu_for_device(ats_pdev->seg, + PCI_BDF2(ats_pdev->bus, ats_pdev->devfn)); if ( !iommu ) { @@ -319,7 +319,7 @@ void amd_iommu_flush_iotlb(struct pci_de if ( !iommu_has_cap(iommu, PCI_CAP_IOTLB_SHIFT) ) return; - req_id = get_dma_requestor_id(iommu->seg, bdf); + req_id = get_dma_requestor_id(iommu->seg, PCI_BDF2(ats_pdev->bus, devfn)); queueid = req_id; maxpend = ats_pdev->ats_queue_depth & 0xff; @@ -339,7 +339,7 @@ static void amd_iommu_flush_all_iotlbs(s return; for_each_pdev( d, pdev ) - amd_iommu_flush_iotlb(pdev, gaddr, order); + amd_iommu_flush_iotlb(pdev->devfn, pdev, gaddr, order); } /* Flush iommu cache after p2m changes. */ diff -r afb598bd0f54 -r 2a2c63f641ee xen/drivers/passthrough/amd/pci_amd_iommu.c --- a/xen/drivers/passthrough/amd/pci_amd_iommu.c Mon Jan 07 12:52:29 2013 +0100 +++ b/xen/drivers/passthrough/amd/pci_amd_iommu.c Mon Jan 07 12:53:19 2013 +0100 @@ -138,7 +138,7 @@ static void amd_iommu_setup_domain_devic if ( devfn == pdev->devfn ) enable_ats_device(iommu->seg, bus, devfn); - amd_iommu_flush_iotlb(pdev, INV_IOMMU_ALL_PAGES_ADDRESS, 0); + amd_iommu_flush_iotlb(devfn, pdev, INV_IOMMU_ALL_PAGES_ADDRESS, 0); } } diff -r afb598bd0f54 -r 2a2c63f641ee xen/include/asm-x86/hvm/svm/amd-iommu-proto.h --- a/xen/include/asm-x86/hvm/svm/amd-iommu-proto.h Mon Jan 07 12:52:29 2013 +0100 +++ b/xen/include/asm-x86/hvm/svm/amd-iommu-proto.h Mon Jan 07 12:53:19 2013 +0100 @@ -78,8 +78,8 @@ void iommu_dte_set_guest_cr3(u32 *dte, u void amd_iommu_flush_all_pages(struct domain *d); void amd_iommu_flush_pages(struct domain *d, unsigned long gfn, unsigned int order); -void amd_iommu_flush_iotlb(struct pci_dev *pdev, uint64_t gaddr, - unsigned int order); +void amd_iommu_flush_iotlb(u8 devfn, const struct pci_dev *pdev, + uint64_t gaddr, unsigned int order); void amd_iommu_flush_device(struct amd_iommu *iommu, uint16_t bdf); void amd_iommu_flush_intremap(struct amd_iommu *iommu, uint16_t bdf); void amd_iommu_flush_all_caches(struct amd_iommu *iommu); _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 08 13:22:19 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 08 Jan 2013 13:22:19 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ8B-0001Re-C2; Tue, 08 Jan 2013 13:22:15 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ89-0001RD-Mc for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:14 +0000 Received: from [85.158.137.99:48766] by server-11.bemta-3.messagelabs.com id 50/DB-13335-48D1CE05; Tue, 08 Jan 2013 13:22:12 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-7.tower-217.messagelabs.com!1357651330!14456739!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 27451 invoked from network); 8 Jan 2013 13:22:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-7.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 8 Jan 2013 13:22:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ85-0003Oc-L1 for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TsZ85-0003zA-Hr for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:09 +0000 Message-Id: Date: Tue, 08 Jan 2013 13:22:09 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] VT-d: adjust context map/unmap parameters X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357559549 -3600 # Node ID afb598bd0f5436bea15b7ef842e8ad5c6adefa1a # Parent 75cc4943b1ff509c4074800a23ff51d773233b8a VT-d: adjust context map/unmap parameters ... to use a (struct pci_dev *, devfn) pair. Signed-off-by: Jan Beulich Acked-by: "Zhang, Xiantao" --- diff -r 75cc4943b1ff -r afb598bd0f54 xen/drivers/passthrough/vtd/extern.h --- a/xen/drivers/passthrough/vtd/extern.h Mon Jan 07 12:51:22 2013 +0100 +++ b/xen/drivers/passthrough/vtd/extern.h Mon Jan 07 12:52:29 2013 +0100 @@ -79,7 +79,7 @@ void free_pgtable_maddr(u64 maddr); void *map_vtd_domain_page(u64 maddr); void unmap_vtd_domain_page(void *va); int domain_context_mapping_one(struct domain *domain, struct iommu *iommu, - u8 bus, u8 devfn); + u8 bus, u8 devfn, const struct pci_dev *); int domain_context_unmap_one(struct domain *domain, struct iommu *iommu, u8 bus, u8 devfn); diff -r 75cc4943b1ff -r afb598bd0f54 xen/drivers/passthrough/vtd/iommu.c --- a/xen/drivers/passthrough/vtd/iommu.c Mon Jan 07 12:51:22 2013 +0100 +++ b/xen/drivers/passthrough/vtd/iommu.c Mon Jan 07 12:52:29 2013 +0100 @@ -1275,7 +1275,7 @@ static void __init intel_iommu_dom0_init int domain_context_mapping_one( struct domain *domain, struct iommu *iommu, - u8 bus, u8 devfn) + u8 bus, u8 devfn, const struct pci_dev *pdev) { struct hvm_iommu *hd = domain_hvm_iommu(domain); struct context_entry *context, *context_entries; @@ -1292,11 +1292,9 @@ int domain_context_mapping_one( if ( context_present(*context) ) { int res = 0; - struct pci_dev *pdev = NULL; - /* First try to get domain ownership from device structure. If that's + /* Try to get domain ownership from device structure. If that's * not available, try to read it from the context itself. */ - pdev = pci_get_pdev(seg, bus, devfn); if ( pdev ) { if ( pdev->domain != domain ) @@ -1417,13 +1415,12 @@ int domain_context_mapping_one( } static int domain_context_mapping( - struct domain *domain, u16 seg, u8 bus, u8 devfn) + struct domain *domain, u8 devfn, const struct pci_dev *pdev) { struct acpi_drhd_unit *drhd; int ret = 0; u32 type; - u8 secbus; - struct pci_dev *pdev = pci_get_pdev(seg, bus, devfn); + u8 seg = pdev->seg, bus = pdev->bus, secbus; drhd = acpi_find_matched_drhd_unit(pdev); if ( !drhd ) @@ -1444,8 +1441,9 @@ static int domain_context_mapping( dprintk(VTDPREFIX, "d%d:PCIe: map %04x:%02x:%02x.%u\n", domain->domain_id, seg, bus, PCI_SLOT(devfn), PCI_FUNC(devfn)); - ret = domain_context_mapping_one(domain, drhd->iommu, bus, devfn); - if ( !ret && ats_device(pdev, drhd) > 0 ) + ret = domain_context_mapping_one(domain, drhd->iommu, bus, devfn, + pdev); + if ( !ret && devfn == pdev->devfn && ats_device(pdev, drhd) > 0 ) enable_ats_device(seg, bus, devfn); break; @@ -1456,14 +1454,16 @@ static int domain_context_mapping( domain->domain_id, seg, bus, PCI_SLOT(devfn), PCI_FUNC(devfn)); - ret = domain_context_mapping_one(domain, drhd->iommu, bus, devfn); + ret = domain_context_mapping_one(domain, drhd->iommu, bus, devfn, + pdev); if ( ret ) break; if ( find_upstream_bridge(seg, &bus, &devfn, &secbus) < 1 ) break; - ret = domain_context_mapping_one(domain, drhd->iommu, bus, devfn); + ret = domain_context_mapping_one(domain, drhd->iommu, bus, devfn, + pci_get_pdev(seg, bus, devfn)); /* * Devices behind PCIe-to-PCI/PCIx bridge may generate different @@ -1472,7 +1472,8 @@ static int domain_context_mapping( */ if ( !ret && pdev_type(seg, bus, devfn) == DEV_TYPE_PCIe2PCI_BRIDGE && (secbus != pdev->bus || pdev->devfn != 0) ) - ret = domain_context_mapping_one(domain, drhd->iommu, secbus, 0); + ret = domain_context_mapping_one(domain, drhd->iommu, secbus, 0, + pci_get_pdev(seg, secbus, 0)); break; @@ -1545,18 +1546,15 @@ int domain_context_unmap_one( } static int domain_context_unmap( - struct domain *domain, u16 seg, u8 bus, u8 devfn) + struct domain *domain, u8 devfn, const struct pci_dev *pdev) { struct acpi_drhd_unit *drhd; struct iommu *iommu; int ret = 0; u32 type; - u8 tmp_bus, tmp_devfn, secbus; - struct pci_dev *pdev = pci_get_pdev(seg, bus, devfn); + u8 seg = pdev->seg, bus = pdev->bus, tmp_bus, tmp_devfn, secbus; int found = 0; - BUG_ON(!pdev); - drhd = acpi_find_matched_drhd_unit(pdev); if ( !drhd ) return -ENODEV; @@ -1576,7 +1574,7 @@ static int domain_context_unmap( domain->domain_id, seg, bus, PCI_SLOT(devfn), PCI_FUNC(devfn)); ret = domain_context_unmap_one(domain, iommu, bus, devfn); - if ( !ret && ats_device(pdev, drhd) > 0 ) + if ( !ret && devfn == pdev->devfn && ats_device(pdev, drhd) > 0 ) disable_ats_device(seg, bus, devfn); break; @@ -1670,11 +1668,11 @@ static int reassign_device_ownership( if ( (target != dom0) && !iommu_intremap ) untrusted_msi = 1; - ret = domain_context_unmap(source, pdev->seg, pdev->bus, devfn); + ret = domain_context_unmap(source, devfn, pdev); if ( ret ) return ret; - ret = domain_context_mapping(target, pdev->seg, pdev->bus, devfn); + ret = domain_context_mapping(target, devfn, pdev); if ( ret ) return ret; @@ -1884,7 +1882,7 @@ static int intel_iommu_add_device(u8 dev if ( !pdev->domain ) return -EINVAL; - ret = domain_context_mapping(pdev->domain, pdev->seg, pdev->bus, devfn); + ret = domain_context_mapping(pdev->domain, devfn, pdev); if ( ret ) { dprintk(XENLOG_ERR VTDPREFIX, "d%d: context mapping failed\n", @@ -1944,14 +1942,14 @@ static int intel_iommu_remove_device(u8 } } - return domain_context_unmap(pdev->domain, pdev->seg, pdev->bus, devfn); + return domain_context_unmap(pdev->domain, devfn, pdev); } static int __init setup_dom0_device(u8 devfn, struct pci_dev *pdev) { int err; - err = domain_context_mapping(pdev->domain, pdev->seg, pdev->bus, devfn); + err = domain_context_mapping(pdev->domain, devfn, pdev); if ( !err && devfn == pdev->devfn ) pci_vtd_quirk(pdev); return err; diff -r 75cc4943b1ff -r afb598bd0f54 xen/drivers/passthrough/vtd/quirks.c --- a/xen/drivers/passthrough/vtd/quirks.c Mon Jan 07 12:51:22 2013 +0100 +++ b/xen/drivers/passthrough/vtd/quirks.c Mon Jan 07 12:52:29 2013 +0100 @@ -288,7 +288,7 @@ static void map_me_phantom_function(stru /* map or unmap ME phantom function */ if ( map ) domain_context_mapping_one(domain, drhd->iommu, 0, - PCI_DEVFN(dev, 7)); + PCI_DEVFN(dev, 7), NULL); else domain_context_unmap_one(domain, drhd->iommu, 0, PCI_DEVFN(dev, 7)); _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 08 13:22:19 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 08 Jan 2013 13:22:19 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ8B-0001Re-C2; Tue, 08 Jan 2013 13:22:15 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ89-0001RD-Mc for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:14 +0000 Received: from [85.158.137.99:48766] by server-11.bemta-3.messagelabs.com id 50/DB-13335-48D1CE05; Tue, 08 Jan 2013 13:22:12 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-7.tower-217.messagelabs.com!1357651330!14456739!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 27451 invoked from network); 8 Jan 2013 13:22:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-7.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 8 Jan 2013 13:22:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ85-0003Oc-L1 for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TsZ85-0003zA-Hr for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:09 +0000 Message-Id: Date: Tue, 08 Jan 2013 13:22:09 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] VT-d: adjust context map/unmap parameters X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357559549 -3600 # Node ID afb598bd0f5436bea15b7ef842e8ad5c6adefa1a # Parent 75cc4943b1ff509c4074800a23ff51d773233b8a VT-d: adjust context map/unmap parameters ... to use a (struct pci_dev *, devfn) pair. Signed-off-by: Jan Beulich Acked-by: "Zhang, Xiantao" --- diff -r 75cc4943b1ff -r afb598bd0f54 xen/drivers/passthrough/vtd/extern.h --- a/xen/drivers/passthrough/vtd/extern.h Mon Jan 07 12:51:22 2013 +0100 +++ b/xen/drivers/passthrough/vtd/extern.h Mon Jan 07 12:52:29 2013 +0100 @@ -79,7 +79,7 @@ void free_pgtable_maddr(u64 maddr); void *map_vtd_domain_page(u64 maddr); void unmap_vtd_domain_page(void *va); int domain_context_mapping_one(struct domain *domain, struct iommu *iommu, - u8 bus, u8 devfn); + u8 bus, u8 devfn, const struct pci_dev *); int domain_context_unmap_one(struct domain *domain, struct iommu *iommu, u8 bus, u8 devfn); diff -r 75cc4943b1ff -r afb598bd0f54 xen/drivers/passthrough/vtd/iommu.c --- a/xen/drivers/passthrough/vtd/iommu.c Mon Jan 07 12:51:22 2013 +0100 +++ b/xen/drivers/passthrough/vtd/iommu.c Mon Jan 07 12:52:29 2013 +0100 @@ -1275,7 +1275,7 @@ static void __init intel_iommu_dom0_init int domain_context_mapping_one( struct domain *domain, struct iommu *iommu, - u8 bus, u8 devfn) + u8 bus, u8 devfn, const struct pci_dev *pdev) { struct hvm_iommu *hd = domain_hvm_iommu(domain); struct context_entry *context, *context_entries; @@ -1292,11 +1292,9 @@ int domain_context_mapping_one( if ( context_present(*context) ) { int res = 0; - struct pci_dev *pdev = NULL; - /* First try to get domain ownership from device structure. If that's + /* Try to get domain ownership from device structure. If that's * not available, try to read it from the context itself. */ - pdev = pci_get_pdev(seg, bus, devfn); if ( pdev ) { if ( pdev->domain != domain ) @@ -1417,13 +1415,12 @@ int domain_context_mapping_one( } static int domain_context_mapping( - struct domain *domain, u16 seg, u8 bus, u8 devfn) + struct domain *domain, u8 devfn, const struct pci_dev *pdev) { struct acpi_drhd_unit *drhd; int ret = 0; u32 type; - u8 secbus; - struct pci_dev *pdev = pci_get_pdev(seg, bus, devfn); + u8 seg = pdev->seg, bus = pdev->bus, secbus; drhd = acpi_find_matched_drhd_unit(pdev); if ( !drhd ) @@ -1444,8 +1441,9 @@ static int domain_context_mapping( dprintk(VTDPREFIX, "d%d:PCIe: map %04x:%02x:%02x.%u\n", domain->domain_id, seg, bus, PCI_SLOT(devfn), PCI_FUNC(devfn)); - ret = domain_context_mapping_one(domain, drhd->iommu, bus, devfn); - if ( !ret && ats_device(pdev, drhd) > 0 ) + ret = domain_context_mapping_one(domain, drhd->iommu, bus, devfn, + pdev); + if ( !ret && devfn == pdev->devfn && ats_device(pdev, drhd) > 0 ) enable_ats_device(seg, bus, devfn); break; @@ -1456,14 +1454,16 @@ static int domain_context_mapping( domain->domain_id, seg, bus, PCI_SLOT(devfn), PCI_FUNC(devfn)); - ret = domain_context_mapping_one(domain, drhd->iommu, bus, devfn); + ret = domain_context_mapping_one(domain, drhd->iommu, bus, devfn, + pdev); if ( ret ) break; if ( find_upstream_bridge(seg, &bus, &devfn, &secbus) < 1 ) break; - ret = domain_context_mapping_one(domain, drhd->iommu, bus, devfn); + ret = domain_context_mapping_one(domain, drhd->iommu, bus, devfn, + pci_get_pdev(seg, bus, devfn)); /* * Devices behind PCIe-to-PCI/PCIx bridge may generate different @@ -1472,7 +1472,8 @@ static int domain_context_mapping( */ if ( !ret && pdev_type(seg, bus, devfn) == DEV_TYPE_PCIe2PCI_BRIDGE && (secbus != pdev->bus || pdev->devfn != 0) ) - ret = domain_context_mapping_one(domain, drhd->iommu, secbus, 0); + ret = domain_context_mapping_one(domain, drhd->iommu, secbus, 0, + pci_get_pdev(seg, secbus, 0)); break; @@ -1545,18 +1546,15 @@ int domain_context_unmap_one( } static int domain_context_unmap( - struct domain *domain, u16 seg, u8 bus, u8 devfn) + struct domain *domain, u8 devfn, const struct pci_dev *pdev) { struct acpi_drhd_unit *drhd; struct iommu *iommu; int ret = 0; u32 type; - u8 tmp_bus, tmp_devfn, secbus; - struct pci_dev *pdev = pci_get_pdev(seg, bus, devfn); + u8 seg = pdev->seg, bus = pdev->bus, tmp_bus, tmp_devfn, secbus; int found = 0; - BUG_ON(!pdev); - drhd = acpi_find_matched_drhd_unit(pdev); if ( !drhd ) return -ENODEV; @@ -1576,7 +1574,7 @@ static int domain_context_unmap( domain->domain_id, seg, bus, PCI_SLOT(devfn), PCI_FUNC(devfn)); ret = domain_context_unmap_one(domain, iommu, bus, devfn); - if ( !ret && ats_device(pdev, drhd) > 0 ) + if ( !ret && devfn == pdev->devfn && ats_device(pdev, drhd) > 0 ) disable_ats_device(seg, bus, devfn); break; @@ -1670,11 +1668,11 @@ static int reassign_device_ownership( if ( (target != dom0) && !iommu_intremap ) untrusted_msi = 1; - ret = domain_context_unmap(source, pdev->seg, pdev->bus, devfn); + ret = domain_context_unmap(source, devfn, pdev); if ( ret ) return ret; - ret = domain_context_mapping(target, pdev->seg, pdev->bus, devfn); + ret = domain_context_mapping(target, devfn, pdev); if ( ret ) return ret; @@ -1884,7 +1882,7 @@ static int intel_iommu_add_device(u8 dev if ( !pdev->domain ) return -EINVAL; - ret = domain_context_mapping(pdev->domain, pdev->seg, pdev->bus, devfn); + ret = domain_context_mapping(pdev->domain, devfn, pdev); if ( ret ) { dprintk(XENLOG_ERR VTDPREFIX, "d%d: context mapping failed\n", @@ -1944,14 +1942,14 @@ static int intel_iommu_remove_device(u8 } } - return domain_context_unmap(pdev->domain, pdev->seg, pdev->bus, devfn); + return domain_context_unmap(pdev->domain, devfn, pdev); } static int __init setup_dom0_device(u8 devfn, struct pci_dev *pdev) { int err; - err = domain_context_mapping(pdev->domain, pdev->seg, pdev->bus, devfn); + err = domain_context_mapping(pdev->domain, devfn, pdev); if ( !err && devfn == pdev->devfn ) pci_vtd_quirk(pdev); return err; diff -r 75cc4943b1ff -r afb598bd0f54 xen/drivers/passthrough/vtd/quirks.c --- a/xen/drivers/passthrough/vtd/quirks.c Mon Jan 07 12:51:22 2013 +0100 +++ b/xen/drivers/passthrough/vtd/quirks.c Mon Jan 07 12:52:29 2013 +0100 @@ -288,7 +288,7 @@ static void map_me_phantom_function(stru /* map or unmap ME phantom function */ if ( map ) domain_context_mapping_one(domain, drhd->iommu, 0, - PCI_DEVFN(dev, 7)); + PCI_DEVFN(dev, 7), NULL); else domain_context_unmap_one(domain, drhd->iommu, 0, PCI_DEVFN(dev, 7)); _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 08 13:22:19 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 08 Jan 2013 13:22:19 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ8C-0001SE-MU; Tue, 08 Jan 2013 13:22:16 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ8B-0001RK-6O for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:15 +0000 Received: from [85.158.138.51:41531] by server-5.bemta-3.messagelabs.com id FB/0A-04992-68D1CE05; Tue, 08 Jan 2013 13:22:14 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-6.tower-174.messagelabs.com!1357651332!23748167!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 19200 invoked from network); 8 Jan 2013 13:22:13 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-6.tower-174.messagelabs.com with AES256-SHA encrypted SMTP; 8 Jan 2013 13:22:13 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ88-0003Oo-0s for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:12 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TsZ87-000408-MR for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:11 +0000 Message-Id: Date: Tue, 08 Jan 2013 13:22:11 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] VT-d: relax source qualifier for MSI of phantom functions X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357559812 -3600 # Node ID b514b7118958327605e33dd387944832bc8d734a # Parent c9a01b396cb4eaedef30e9a6ed615115a9f8bfc5 VT-d: relax source qualifier for MSI of phantom functions With ordinary requests allowed to come from phantom functions, the remapping tables ought to be set up to allow for MSI triggers to come from other than the "real" device too. Signed-off-by: Jan Beulich Acked-by: "Zhang, Xiantao" --- diff -r c9a01b396cb4 -r b514b7118958 xen/drivers/passthrough/vtd/intremap.c --- a/xen/drivers/passthrough/vtd/intremap.c Mon Jan 07 12:55:42 2013 +0100 +++ b/xen/drivers/passthrough/vtd/intremap.c Mon Jan 07 12:56:52 2013 +0100 @@ -442,13 +442,22 @@ static void set_msi_source_id(struct pci devfn = pdev->devfn; switch ( pdev->type ) { + unsigned int sq; + case DEV_TYPE_PCIe_BRIDGE: case DEV_TYPE_PCIe2PCI_BRIDGE: case DEV_TYPE_LEGACY_PCI_BRIDGE: break; case DEV_TYPE_PCIe_ENDPOINT: - set_ire_sid(ire, SVT_VERIFY_SID_SQ, SQ_ALL_16, PCI_BDF2(bus, devfn)); + switch ( pdev->phantom_stride ) + { + case 1: sq = SQ_13_IGNORE_3; break; + case 2: sq = SQ_13_IGNORE_2; break; + case 4: sq = SQ_13_IGNORE_1; break; + default: sq = SQ_ALL_16; break; + } + set_ire_sid(ire, SVT_VERIFY_SID_SQ, sq, PCI_BDF2(bus, devfn)); break; case DEV_TYPE_PCI: _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 08 13:22:19 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 08 Jan 2013 13:22:19 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ8C-0001SE-MU; Tue, 08 Jan 2013 13:22:16 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ8B-0001RK-6O for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:15 +0000 Received: from [85.158.138.51:41531] by server-5.bemta-3.messagelabs.com id FB/0A-04992-68D1CE05; Tue, 08 Jan 2013 13:22:14 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-6.tower-174.messagelabs.com!1357651332!23748167!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 19200 invoked from network); 8 Jan 2013 13:22:13 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-6.tower-174.messagelabs.com with AES256-SHA encrypted SMTP; 8 Jan 2013 13:22:13 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ88-0003Oo-0s for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:12 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TsZ87-000408-MR for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:11 +0000 Message-Id: Date: Tue, 08 Jan 2013 13:22:11 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] VT-d: relax source qualifier for MSI of phantom functions X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357559812 -3600 # Node ID b514b7118958327605e33dd387944832bc8d734a # Parent c9a01b396cb4eaedef30e9a6ed615115a9f8bfc5 VT-d: relax source qualifier for MSI of phantom functions With ordinary requests allowed to come from phantom functions, the remapping tables ought to be set up to allow for MSI triggers to come from other than the "real" device too. Signed-off-by: Jan Beulich Acked-by: "Zhang, Xiantao" --- diff -r c9a01b396cb4 -r b514b7118958 xen/drivers/passthrough/vtd/intremap.c --- a/xen/drivers/passthrough/vtd/intremap.c Mon Jan 07 12:55:42 2013 +0100 +++ b/xen/drivers/passthrough/vtd/intremap.c Mon Jan 07 12:56:52 2013 +0100 @@ -442,13 +442,22 @@ static void set_msi_source_id(struct pci devfn = pdev->devfn; switch ( pdev->type ) { + unsigned int sq; + case DEV_TYPE_PCIe_BRIDGE: case DEV_TYPE_PCIe2PCI_BRIDGE: case DEV_TYPE_LEGACY_PCI_BRIDGE: break; case DEV_TYPE_PCIe_ENDPOINT: - set_ire_sid(ire, SVT_VERIFY_SID_SQ, SQ_ALL_16, PCI_BDF2(bus, devfn)); + switch ( pdev->phantom_stride ) + { + case 1: sq = SQ_13_IGNORE_3; break; + case 2: sq = SQ_13_IGNORE_2; break; + case 4: sq = SQ_13_IGNORE_1; break; + default: sq = SQ_ALL_16; break; + } + set_ire_sid(ire, SVT_VERIFY_SID_SQ, sq, PCI_BDF2(bus, devfn)); break; case DEV_TYPE_PCI: _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 08 13:22:20 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 08 Jan 2013 13:22:20 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ8D-0001ST-S2; Tue, 08 Jan 2013 13:22:17 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ8C-0001Rz-Be for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:16 +0000 Received: from [85.158.138.51:41635] by server-1.bemta-3.messagelabs.com id 18/7C-08906-78D1CE05; Tue, 08 Jan 2013 13:22:15 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-9.tower-174.messagelabs.com!1357651333!29230019!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 13539 invoked from network); 8 Jan 2013 13:22:14 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-9.tower-174.messagelabs.com with AES256-SHA encrypted SMTP; 8 Jan 2013 13:22:14 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ89-0003Ox-C7 for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:13 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TsZ89-00040r-AW for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:13 +0000 Message-Id: Date: Tue, 08 Jan 2013 13:22:12 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] x86: fix assertion in get_page_type() X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357564826 -3600 # Node ID e1facbde56ff4e5e85f9a4935abc99eb24367cd0 # Parent 8e942f2f3b45edc5bb1f7a6e05de288342426f0d x86: fix assertion in get_page_type() c/s 22998:e9fab50d7b61 (and immediately following ones) made it possible that __get_page_type() returns other than -EINVAL, in particular -EBUSY. Consequently, the assertion in get_page_type() should check for only the return values we absolutely don't expect to see there. This is XSA-37 / CVE-2013-0154. Signed-off-by: Jan Beulich --- diff -r 8e942f2f3b45 -r e1facbde56ff xen/arch/x86/mm.c --- a/xen/arch/x86/mm.c Mon Jan 07 13:28:29 2013 +0100 +++ b/xen/arch/x86/mm.c Mon Jan 07 14:20:26 2013 +0100 @@ -2318,7 +2318,7 @@ int get_page_type(struct page_info *page int rc = __get_page_type(page, type, 0); if ( likely(rc == 0) ) return 1; - ASSERT(rc == -EINVAL); + ASSERT(rc != -EINTR && rc != -EAGAIN); return 0; } _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 08 13:22:20 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 08 Jan 2013 13:22:20 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ8D-0001ST-S2; Tue, 08 Jan 2013 13:22:17 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ8C-0001Rz-Be for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:16 +0000 Received: from [85.158.138.51:41635] by server-1.bemta-3.messagelabs.com id 18/7C-08906-78D1CE05; Tue, 08 Jan 2013 13:22:15 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-9.tower-174.messagelabs.com!1357651333!29230019!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 13539 invoked from network); 8 Jan 2013 13:22:14 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-9.tower-174.messagelabs.com with AES256-SHA encrypted SMTP; 8 Jan 2013 13:22:14 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ89-0003Ox-C7 for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:13 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TsZ89-00040r-AW for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:13 +0000 Message-Id: Date: Tue, 08 Jan 2013 13:22:12 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] x86: fix assertion in get_page_type() X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357564826 -3600 # Node ID e1facbde56ff4e5e85f9a4935abc99eb24367cd0 # Parent 8e942f2f3b45edc5bb1f7a6e05de288342426f0d x86: fix assertion in get_page_type() c/s 22998:e9fab50d7b61 (and immediately following ones) made it possible that __get_page_type() returns other than -EINVAL, in particular -EBUSY. Consequently, the assertion in get_page_type() should check for only the return values we absolutely don't expect to see there. This is XSA-37 / CVE-2013-0154. Signed-off-by: Jan Beulich --- diff -r 8e942f2f3b45 -r e1facbde56ff xen/arch/x86/mm.c --- a/xen/arch/x86/mm.c Mon Jan 07 13:28:29 2013 +0100 +++ b/xen/arch/x86/mm.c Mon Jan 07 14:20:26 2013 +0100 @@ -2318,7 +2318,7 @@ int get_page_type(struct page_info *page int rc = __get_page_type(page, type, 0); if ( likely(rc == 0) ) return 1; - ASSERT(rc == -EINVAL); + ASSERT(rc != -EINTR && rc != -EAGAIN); return 0; } _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 08 13:22:23 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 08 Jan 2013 13:22:23 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ8H-0001Uy-Up; Tue, 08 Jan 2013 13:22:21 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ8G-0001U2-P6 for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:20 +0000 Received: from [193.109.254.147:13640] by server-8.bemta-14.messagelabs.com id F1/9E-26341-B8D1CE05; Tue, 08 Jan 2013 13:22:19 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-3.tower-27.messagelabs.com!1357651333!8990640!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 9792 invoked from network); 8 Jan 2013 13:22:14 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-3.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 8 Jan 2013 13:22:14 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ88-0003Ou-QX for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:12 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TsZ88-00040c-PF for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:12 +0000 Message-Id: Date: Tue, 08 Jan 2013 13:22:12 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] x86: compat_show_guest_stack() should not truncate MFN X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357561709 -3600 # Node ID 8e942f2f3b45edc5bb1f7a6e05de288342426f0d # Parent 23c4bbc0111dd807561b2c62cbc5798220943a0d x86: compat_show_guest_stack() should not truncate MFN Re-using "addr" here was a mistake, as it is a 32-bit quantity. Signed-off-by: Jan Beulich Acked-by: Ian Campbell Acked-by: Keir Fraser --- diff -r 23c4bbc0111d -r 8e942f2f3b45 xen/arch/x86/x86_64/compat/traps.c --- a/xen/arch/x86/x86_64/compat/traps.c Mon Jan 07 12:58:09 2013 +0100 +++ b/xen/arch/x86/x86_64/compat/traps.c Mon Jan 07 13:28:29 2013 +0100 @@ -20,11 +20,12 @@ void compat_show_guest_stack(struct vcpu if ( v != current ) { struct vcpu *vcpu; + unsigned long mfn; ASSERT(guest_kernel_mode(v, regs)); - addr = read_cr3() >> PAGE_SHIFT; + mfn = read_cr3() >> PAGE_SHIFT; for_each_vcpu( v->domain, vcpu ) - if ( pagetable_get_pfn(vcpu->arch.guest_table) == addr ) + if ( pagetable_get_pfn(vcpu->arch.guest_table) == mfn ) break; if ( !vcpu ) { _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 08 13:22:23 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 08 Jan 2013 13:22:23 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ8H-0001Uy-Up; Tue, 08 Jan 2013 13:22:21 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ8G-0001U2-P6 for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:20 +0000 Received: from [193.109.254.147:13640] by server-8.bemta-14.messagelabs.com id F1/9E-26341-B8D1CE05; Tue, 08 Jan 2013 13:22:19 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-3.tower-27.messagelabs.com!1357651333!8990640!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 9792 invoked from network); 8 Jan 2013 13:22:14 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-3.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 8 Jan 2013 13:22:14 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ88-0003Ou-QX for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:12 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TsZ88-00040c-PF for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:12 +0000 Message-Id: Date: Tue, 08 Jan 2013 13:22:12 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] x86: compat_show_guest_stack() should not truncate MFN X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357561709 -3600 # Node ID 8e942f2f3b45edc5bb1f7a6e05de288342426f0d # Parent 23c4bbc0111dd807561b2c62cbc5798220943a0d x86: compat_show_guest_stack() should not truncate MFN Re-using "addr" here was a mistake, as it is a 32-bit quantity. Signed-off-by: Jan Beulich Acked-by: Ian Campbell Acked-by: Keir Fraser --- diff -r 23c4bbc0111d -r 8e942f2f3b45 xen/arch/x86/x86_64/compat/traps.c --- a/xen/arch/x86/x86_64/compat/traps.c Mon Jan 07 12:58:09 2013 +0100 +++ b/xen/arch/x86/x86_64/compat/traps.c Mon Jan 07 13:28:29 2013 +0100 @@ -20,11 +20,12 @@ void compat_show_guest_stack(struct vcpu if ( v != current ) { struct vcpu *vcpu; + unsigned long mfn; ASSERT(guest_kernel_mode(v, regs)); - addr = read_cr3() >> PAGE_SHIFT; + mfn = read_cr3() >> PAGE_SHIFT; for_each_vcpu( v->domain, vcpu ) - if ( pagetable_get_pfn(vcpu->arch.guest_table) == addr ) + if ( pagetable_get_pfn(vcpu->arch.guest_table) == mfn ) break; if ( !vcpu ) { _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 08 13:22:33 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 08 Jan 2013 13:22:33 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ8R-0001XX-22; Tue, 08 Jan 2013 13:22:31 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ8O-0001Wq-W1 for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:29 +0000 Received: from [193.109.254.147:14212] by server-3.bemta-14.messagelabs.com id 27/FC-26055-49D1CE05; Tue, 08 Jan 2013 13:22:28 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-11.tower-27.messagelabs.com!1357651332!3997677!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 8896 invoked from network); 8 Jan 2013 13:22:13 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-11.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 8 Jan 2013 13:22:13 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ87-0003Ol-AY for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:11 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TsZ87-0003zt-5k for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:11 +0000 Message-Id: Date: Tue, 08 Jan 2013 13:22:10 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] IOMMU: add phantom function support X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357559742 -3600 # Node ID c9a01b396cb4eaedef30e9a6ed615115a9f8bfc5 # Parent 11fa145c880ee814aaf56a7f47f47ee3e5560c7c IOMMU: add phantom function support Apart from generating device context entries for the base function, all phantom functions also need context entries to be generated for them. In order to distinguish different use cases, a variant of pci_get_pdev() is being introduced that, even when passed a phantom function number, would return the underlying actual device. Signed-off-by: Jan Beulich Acked-by: "Zhang, Xiantao" --- diff -r 11fa145c880e -r c9a01b396cb4 xen/drivers/passthrough/amd/iommu_cmd.c --- a/xen/drivers/passthrough/amd/iommu_cmd.c Mon Jan 07 12:54:39 2013 +0100 +++ b/xen/drivers/passthrough/amd/iommu_cmd.c Mon Jan 07 12:55:42 2013 +0100 @@ -339,7 +339,15 @@ static void amd_iommu_flush_all_iotlbs(s return; for_each_pdev( d, pdev ) - amd_iommu_flush_iotlb(pdev->devfn, pdev, gaddr, order); + { + u8 devfn = pdev->devfn; + + do { + amd_iommu_flush_iotlb(devfn, pdev, gaddr, order); + devfn += pdev->phantom_stride; + } while ( devfn != pdev->devfn && + PCI_SLOT(devfn) == PCI_SLOT(pdev->devfn) ); + } } /* Flush iommu cache after p2m changes. */ diff -r 11fa145c880e -r c9a01b396cb4 xen/drivers/passthrough/amd/iommu_init.c --- a/xen/drivers/passthrough/amd/iommu_init.c Mon Jan 07 12:54:39 2013 +0100 +++ b/xen/drivers/passthrough/amd/iommu_init.c Mon Jan 07 12:55:42 2013 +0100 @@ -667,7 +667,7 @@ void parse_ppr_log_entry(struct amd_iomm devfn = PCI_DEVFN2(device_id); spin_lock(&pcidevs_lock); - pdev = pci_get_pdev(iommu->seg, bus, devfn); + pdev = pci_get_real_pdev(iommu->seg, bus, devfn); spin_unlock(&pcidevs_lock); if ( pdev ) diff -r 11fa145c880e -r c9a01b396cb4 xen/drivers/passthrough/amd/iommu_map.c --- a/xen/drivers/passthrough/amd/iommu_map.c Mon Jan 07 12:54:39 2013 +0100 +++ b/xen/drivers/passthrough/amd/iommu_map.c Mon Jan 07 12:55:42 2013 +0100 @@ -598,7 +598,6 @@ static int update_paging_mode(struct dom for_each_pdev( d, pdev ) { bdf = PCI_BDF2(pdev->bus, pdev->devfn); - req_id = get_dma_requestor_id(pdev->seg, bdf); iommu = find_iommu_for_device(pdev->seg, bdf); if ( !iommu ) { @@ -607,16 +606,21 @@ static int update_paging_mode(struct dom } spin_lock_irqsave(&iommu->lock, flags); - device_entry = iommu->dev_table.buffer + - (req_id * IOMMU_DEV_TABLE_ENTRY_SIZE); + do { + req_id = get_dma_requestor_id(pdev->seg, bdf); + device_entry = iommu->dev_table.buffer + + (req_id * IOMMU_DEV_TABLE_ENTRY_SIZE); - /* valid = 0 only works for dom0 passthrough mode */ - amd_iommu_set_root_page_table((u32 *)device_entry, - page_to_maddr(hd->root_table), - hd->domain_id, - hd->paging_mode, 1); + /* valid = 0 only works for dom0 passthrough mode */ + amd_iommu_set_root_page_table((u32 *)device_entry, + page_to_maddr(hd->root_table), + hd->domain_id, + hd->paging_mode, 1); - amd_iommu_flush_device(iommu, req_id); + amd_iommu_flush_device(iommu, req_id); + bdf += pdev->phantom_stride; + } while ( PCI_DEVFN2(bdf) != pdev->devfn && + PCI_SLOT(bdf) == PCI_SLOT(pdev->devfn) ); spin_unlock_irqrestore(&iommu->lock, flags); } diff -r 11fa145c880e -r c9a01b396cb4 xen/drivers/passthrough/iommu.c --- a/xen/drivers/passthrough/iommu.c Mon Jan 07 12:54:39 2013 +0100 +++ b/xen/drivers/passthrough/iommu.c Mon Jan 07 12:55:42 2013 +0100 @@ -158,6 +158,8 @@ void __init iommu_dom0_init(struct domai int iommu_add_device(struct pci_dev *pdev) { struct hvm_iommu *hd; + int rc; + u8 devfn; if ( !pdev->domain ) return -EINVAL; @@ -168,7 +170,20 @@ int iommu_add_device(struct pci_dev *pde if ( !iommu_enabled || !hd->platform_ops ) return 0; - return hd->platform_ops->add_device(pdev->devfn, pdev); + rc = hd->platform_ops->add_device(pdev->devfn, pdev); + if ( rc || !pdev->phantom_stride ) + return rc; + + for ( devfn = pdev->devfn ; ; ) + { + devfn += pdev->phantom_stride; + if ( PCI_SLOT(devfn) != PCI_SLOT(pdev->devfn) ) + return 0; + rc = hd->platform_ops->add_device(devfn, pdev); + if ( rc ) + printk(XENLOG_WARNING "IOMMU: add %04x:%02x:%02x.%u failed (%d)\n", + pdev->seg, pdev->bus, PCI_SLOT(devfn), PCI_FUNC(devfn), rc); + } } int iommu_enable_device(struct pci_dev *pdev) @@ -191,6 +206,8 @@ int iommu_enable_device(struct pci_dev * int iommu_remove_device(struct pci_dev *pdev) { struct hvm_iommu *hd; + u8 devfn; + if ( !pdev->domain ) return -EINVAL; @@ -198,6 +215,22 @@ int iommu_remove_device(struct pci_dev * if ( !iommu_enabled || !hd->platform_ops ) return 0; + for ( devfn = pdev->devfn ; pdev->phantom_stride; ) + { + int rc; + + devfn += pdev->phantom_stride; + if ( PCI_SLOT(devfn) != PCI_SLOT(pdev->devfn) ) + break; + rc = hd->platform_ops->remove_device(devfn, pdev); + if ( !rc ) + continue; + + printk(XENLOG_ERR "IOMMU: remove %04x:%02x:%02x.%u failed (%d)\n", + pdev->seg, pdev->bus, PCI_SLOT(devfn), PCI_FUNC(devfn), rc); + return rc; + } + return hd->platform_ops->remove_device(pdev->devfn, pdev); } @@ -245,6 +278,18 @@ static int assign_device(struct domain * if ( (rc = hd->platform_ops->assign_device(d, devfn, pdev)) ) goto done; + for ( ; pdev->phantom_stride; rc = 0 ) + { + devfn += pdev->phantom_stride; + if ( PCI_SLOT(devfn) != PCI_SLOT(pdev->devfn) ) + break; + rc = hd->platform_ops->assign_device(d, devfn, pdev); + if ( rc ) + printk(XENLOG_G_WARNING "d%d: assign %04x:%02x:%02x.%u failed (%d)\n", + d->domain_id, seg, bus, PCI_SLOT(devfn), PCI_FUNC(devfn), + rc); + } + if ( has_arch_pdevs(d) && !need_iommu(d) ) { d->need_iommu = 1; @@ -377,6 +422,21 @@ int deassign_device(struct domain *d, u1 if ( !pdev ) return -ENODEV; + while ( pdev->phantom_stride ) + { + devfn += pdev->phantom_stride; + if ( PCI_SLOT(devfn) != PCI_SLOT(pdev->devfn) ) + break; + ret = hd->platform_ops->reassign_device(d, dom0, devfn, pdev); + if ( !ret ) + continue; + + printk(XENLOG_G_ERR "d%d: deassign %04x:%02x:%02x.%u failed (%d)\n", + d->domain_id, seg, bus, PCI_SLOT(devfn), PCI_FUNC(devfn), ret); + return ret; + } + + devfn = pdev->devfn; ret = hd->platform_ops->reassign_device(d, dom0, devfn, pdev); if ( ret ) { diff -r 11fa145c880e -r c9a01b396cb4 xen/drivers/passthrough/pci.c --- a/xen/drivers/passthrough/pci.c Mon Jan 07 12:54:39 2013 +0100 +++ b/xen/drivers/passthrough/pci.c Mon Jan 07 12:55:42 2013 +0100 @@ -144,6 +144,8 @@ static struct pci_dev *alloc_pdev(struct /* update bus2bridge */ switch ( pdev->type = pdev_type(pseg->nr, bus, devfn) ) { + int pos; + u16 cap; u8 sec_bus, sub_bus; case DEV_TYPE_PCIe_BRIDGE: @@ -167,6 +169,20 @@ static struct pci_dev *alloc_pdev(struct break; case DEV_TYPE_PCIe_ENDPOINT: + pos = pci_find_cap_offset(pseg->nr, bus, PCI_SLOT(devfn), + PCI_FUNC(devfn), PCI_CAP_ID_EXP); + BUG_ON(!pos); + cap = pci_conf_read16(pseg->nr, bus, PCI_SLOT(devfn), + PCI_FUNC(devfn), pos + PCI_EXP_DEVCAP); + if ( cap & PCI_EXP_DEVCAP_PHANTOM ) + { + pdev->phantom_stride = 8 >> MASK_EXTR(cap, + PCI_EXP_DEVCAP_PHANTOM); + if ( PCI_FUNC(devfn) >= pdev->phantom_stride ) + pdev->phantom_stride = 0; + } + break; + case DEV_TYPE_PCI: break; @@ -290,6 +306,27 @@ struct pci_dev *pci_get_pdev(int seg, in return NULL; } +struct pci_dev *pci_get_real_pdev(int seg, int bus, int devfn) +{ + struct pci_dev *pdev; + int stride; + + if ( seg < 0 || bus < 0 || devfn < 0 ) + return NULL; + + for ( pdev = pci_get_pdev(seg, bus, devfn), stride = 4; + !pdev && stride; stride >>= 1 ) + { + if ( !(devfn & (8 - stride)) ) + continue; + pdev = pci_get_pdev(seg, bus, devfn & ~(8 - stride)); + if ( pdev && stride != pdev->phantom_stride ) + pdev = NULL; + } + + return pdev; +} + struct pci_dev *pci_get_pdev_by_domain( struct domain *d, int seg, int bus, int devfn) { @@ -488,8 +525,19 @@ int pci_add_device(u16 seg, u8 bus, u8 d out: spin_unlock(&pcidevs_lock); - printk(XENLOG_DEBUG "PCI add %s %04x:%02x:%02x.%u\n", pdev_type, - seg, bus, slot, func); + if ( !ret ) + { + printk(XENLOG_DEBUG "PCI add %s %04x:%02x:%02x.%u\n", pdev_type, + seg, bus, slot, func); + while ( pdev->phantom_stride ) + { + func += pdev->phantom_stride; + if ( PCI_SLOT(func) ) + break; + printk(XENLOG_DEBUG "PCI phantom %04x:%02x:%02x.%u\n", + seg, bus, slot, func); + } + } return ret; } @@ -681,7 +729,7 @@ void pci_check_disable_device(u16 seg, u u16 cword; spin_lock(&pcidevs_lock); - pdev = pci_get_pdev(seg, bus, devfn); + pdev = pci_get_real_pdev(seg, bus, devfn); if ( pdev ) { if ( now < pdev->fault.time || @@ -698,6 +746,7 @@ void pci_check_disable_device(u16 seg, u /* Tell the device to stop DMAing; we can't rely on the guest to * control it for us. */ + devfn = pdev->devfn; cword = pci_conf_read16(seg, bus, PCI_SLOT(devfn), PCI_FUNC(devfn), PCI_COMMAND); pci_conf_write16(seg, bus, PCI_SLOT(devfn), PCI_FUNC(devfn), @@ -759,6 +808,27 @@ struct setup_dom0 { int (*handler)(u8 devfn, struct pci_dev *); }; +static void setup_one_dom0_device(const struct setup_dom0 *ctxt, + struct pci_dev *pdev) +{ + u8 devfn = pdev->devfn; + + do { + int err = ctxt->handler(devfn, pdev); + + if ( err ) + { + printk(XENLOG_ERR "setup %04x:%02x:%02x.%u for d%d failed (%d)\n", + pdev->seg, pdev->bus, PCI_SLOT(devfn), PCI_FUNC(devfn), + ctxt->d->domain_id, err); + if ( devfn == pdev->devfn ) + return; + } + devfn += pdev->phantom_stride; + } while ( devfn != pdev->devfn && + PCI_SLOT(devfn) == PCI_SLOT(pdev->devfn) ); +} + static int __init _setup_dom0_pci_devices(struct pci_seg *pseg, void *arg) { struct setup_dom0 *ctxt = arg; @@ -777,12 +847,12 @@ static int __init _setup_dom0_pci_device { pdev->domain = ctxt->d; list_add(&pdev->domain_list, &ctxt->d->arch.pdev_list); - ctxt->handler(devfn, pdev); + setup_one_dom0_device(ctxt, pdev); } else if ( pdev->domain == dom_xen ) { pdev->domain = ctxt->d; - ctxt->handler(devfn, pdev); + setup_one_dom0_device(ctxt, pdev); pdev->domain = dom_xen; } else if ( pdev->domain != ctxt->d ) diff -r 11fa145c880e -r c9a01b396cb4 xen/include/xen/lib.h --- a/xen/include/xen/lib.h Mon Jan 07 12:54:39 2013 +0100 +++ b/xen/include/xen/lib.h Mon Jan 07 12:55:42 2013 +0100 @@ -58,6 +58,9 @@ do { #define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0]) + __must_be_array(x)) +#define MASK_EXTR(v, m) (((v) & (m)) / ((m) & -(m))) +#define MASK_INSR(v, m) (((v) * ((m) & -(m))) & (m)) + #define reserve_bootmem(_p,_l) ((void)0) struct domain; diff -r 11fa145c880e -r c9a01b396cb4 xen/include/xen/pci.h --- a/xen/include/xen/pci.h Mon Jan 07 12:54:39 2013 +0100 +++ b/xen/include/xen/pci.h Mon Jan 07 12:55:42 2013 +0100 @@ -63,6 +63,8 @@ struct pci_dev { const u8 bus; const u8 devfn; + u8 phantom_stride; + enum pdev_type { DEV_TYPE_PCI_UNKNOWN, DEV_TYPE_PCIe_ENDPOINT, @@ -114,6 +116,7 @@ int pci_ro_device(int seg, int bus, int void arch_pci_ro_device(int seg, int bdf); int pci_hide_device(int bus, int devfn); struct pci_dev *pci_get_pdev(int seg, int bus, int devfn); +struct pci_dev *pci_get_real_pdev(int seg, int bus, int devfn); struct pci_dev *pci_get_pdev_by_domain( struct domain *, int seg, int bus, int devfn); void pci_check_disable_device(u16 seg, u8 bus, u8 devfn); _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 08 13:22:33 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 08 Jan 2013 13:22:33 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ8R-0001XX-22; Tue, 08 Jan 2013 13:22:31 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ8O-0001Wq-W1 for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:29 +0000 Received: from [193.109.254.147:14212] by server-3.bemta-14.messagelabs.com id 27/FC-26055-49D1CE05; Tue, 08 Jan 2013 13:22:28 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-11.tower-27.messagelabs.com!1357651332!3997677!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 8896 invoked from network); 8 Jan 2013 13:22:13 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-11.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 8 Jan 2013 13:22:13 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ87-0003Ol-AY for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:11 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TsZ87-0003zt-5k for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:11 +0000 Message-Id: Date: Tue, 08 Jan 2013 13:22:10 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] IOMMU: add phantom function support X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357559742 -3600 # Node ID c9a01b396cb4eaedef30e9a6ed615115a9f8bfc5 # Parent 11fa145c880ee814aaf56a7f47f47ee3e5560c7c IOMMU: add phantom function support Apart from generating device context entries for the base function, all phantom functions also need context entries to be generated for them. In order to distinguish different use cases, a variant of pci_get_pdev() is being introduced that, even when passed a phantom function number, would return the underlying actual device. Signed-off-by: Jan Beulich Acked-by: "Zhang, Xiantao" --- diff -r 11fa145c880e -r c9a01b396cb4 xen/drivers/passthrough/amd/iommu_cmd.c --- a/xen/drivers/passthrough/amd/iommu_cmd.c Mon Jan 07 12:54:39 2013 +0100 +++ b/xen/drivers/passthrough/amd/iommu_cmd.c Mon Jan 07 12:55:42 2013 +0100 @@ -339,7 +339,15 @@ static void amd_iommu_flush_all_iotlbs(s return; for_each_pdev( d, pdev ) - amd_iommu_flush_iotlb(pdev->devfn, pdev, gaddr, order); + { + u8 devfn = pdev->devfn; + + do { + amd_iommu_flush_iotlb(devfn, pdev, gaddr, order); + devfn += pdev->phantom_stride; + } while ( devfn != pdev->devfn && + PCI_SLOT(devfn) == PCI_SLOT(pdev->devfn) ); + } } /* Flush iommu cache after p2m changes. */ diff -r 11fa145c880e -r c9a01b396cb4 xen/drivers/passthrough/amd/iommu_init.c --- a/xen/drivers/passthrough/amd/iommu_init.c Mon Jan 07 12:54:39 2013 +0100 +++ b/xen/drivers/passthrough/amd/iommu_init.c Mon Jan 07 12:55:42 2013 +0100 @@ -667,7 +667,7 @@ void parse_ppr_log_entry(struct amd_iomm devfn = PCI_DEVFN2(device_id); spin_lock(&pcidevs_lock); - pdev = pci_get_pdev(iommu->seg, bus, devfn); + pdev = pci_get_real_pdev(iommu->seg, bus, devfn); spin_unlock(&pcidevs_lock); if ( pdev ) diff -r 11fa145c880e -r c9a01b396cb4 xen/drivers/passthrough/amd/iommu_map.c --- a/xen/drivers/passthrough/amd/iommu_map.c Mon Jan 07 12:54:39 2013 +0100 +++ b/xen/drivers/passthrough/amd/iommu_map.c Mon Jan 07 12:55:42 2013 +0100 @@ -598,7 +598,6 @@ static int update_paging_mode(struct dom for_each_pdev( d, pdev ) { bdf = PCI_BDF2(pdev->bus, pdev->devfn); - req_id = get_dma_requestor_id(pdev->seg, bdf); iommu = find_iommu_for_device(pdev->seg, bdf); if ( !iommu ) { @@ -607,16 +606,21 @@ static int update_paging_mode(struct dom } spin_lock_irqsave(&iommu->lock, flags); - device_entry = iommu->dev_table.buffer + - (req_id * IOMMU_DEV_TABLE_ENTRY_SIZE); + do { + req_id = get_dma_requestor_id(pdev->seg, bdf); + device_entry = iommu->dev_table.buffer + + (req_id * IOMMU_DEV_TABLE_ENTRY_SIZE); - /* valid = 0 only works for dom0 passthrough mode */ - amd_iommu_set_root_page_table((u32 *)device_entry, - page_to_maddr(hd->root_table), - hd->domain_id, - hd->paging_mode, 1); + /* valid = 0 only works for dom0 passthrough mode */ + amd_iommu_set_root_page_table((u32 *)device_entry, + page_to_maddr(hd->root_table), + hd->domain_id, + hd->paging_mode, 1); - amd_iommu_flush_device(iommu, req_id); + amd_iommu_flush_device(iommu, req_id); + bdf += pdev->phantom_stride; + } while ( PCI_DEVFN2(bdf) != pdev->devfn && + PCI_SLOT(bdf) == PCI_SLOT(pdev->devfn) ); spin_unlock_irqrestore(&iommu->lock, flags); } diff -r 11fa145c880e -r c9a01b396cb4 xen/drivers/passthrough/iommu.c --- a/xen/drivers/passthrough/iommu.c Mon Jan 07 12:54:39 2013 +0100 +++ b/xen/drivers/passthrough/iommu.c Mon Jan 07 12:55:42 2013 +0100 @@ -158,6 +158,8 @@ void __init iommu_dom0_init(struct domai int iommu_add_device(struct pci_dev *pdev) { struct hvm_iommu *hd; + int rc; + u8 devfn; if ( !pdev->domain ) return -EINVAL; @@ -168,7 +170,20 @@ int iommu_add_device(struct pci_dev *pde if ( !iommu_enabled || !hd->platform_ops ) return 0; - return hd->platform_ops->add_device(pdev->devfn, pdev); + rc = hd->platform_ops->add_device(pdev->devfn, pdev); + if ( rc || !pdev->phantom_stride ) + return rc; + + for ( devfn = pdev->devfn ; ; ) + { + devfn += pdev->phantom_stride; + if ( PCI_SLOT(devfn) != PCI_SLOT(pdev->devfn) ) + return 0; + rc = hd->platform_ops->add_device(devfn, pdev); + if ( rc ) + printk(XENLOG_WARNING "IOMMU: add %04x:%02x:%02x.%u failed (%d)\n", + pdev->seg, pdev->bus, PCI_SLOT(devfn), PCI_FUNC(devfn), rc); + } } int iommu_enable_device(struct pci_dev *pdev) @@ -191,6 +206,8 @@ int iommu_enable_device(struct pci_dev * int iommu_remove_device(struct pci_dev *pdev) { struct hvm_iommu *hd; + u8 devfn; + if ( !pdev->domain ) return -EINVAL; @@ -198,6 +215,22 @@ int iommu_remove_device(struct pci_dev * if ( !iommu_enabled || !hd->platform_ops ) return 0; + for ( devfn = pdev->devfn ; pdev->phantom_stride; ) + { + int rc; + + devfn += pdev->phantom_stride; + if ( PCI_SLOT(devfn) != PCI_SLOT(pdev->devfn) ) + break; + rc = hd->platform_ops->remove_device(devfn, pdev); + if ( !rc ) + continue; + + printk(XENLOG_ERR "IOMMU: remove %04x:%02x:%02x.%u failed (%d)\n", + pdev->seg, pdev->bus, PCI_SLOT(devfn), PCI_FUNC(devfn), rc); + return rc; + } + return hd->platform_ops->remove_device(pdev->devfn, pdev); } @@ -245,6 +278,18 @@ static int assign_device(struct domain * if ( (rc = hd->platform_ops->assign_device(d, devfn, pdev)) ) goto done; + for ( ; pdev->phantom_stride; rc = 0 ) + { + devfn += pdev->phantom_stride; + if ( PCI_SLOT(devfn) != PCI_SLOT(pdev->devfn) ) + break; + rc = hd->platform_ops->assign_device(d, devfn, pdev); + if ( rc ) + printk(XENLOG_G_WARNING "d%d: assign %04x:%02x:%02x.%u failed (%d)\n", + d->domain_id, seg, bus, PCI_SLOT(devfn), PCI_FUNC(devfn), + rc); + } + if ( has_arch_pdevs(d) && !need_iommu(d) ) { d->need_iommu = 1; @@ -377,6 +422,21 @@ int deassign_device(struct domain *d, u1 if ( !pdev ) return -ENODEV; + while ( pdev->phantom_stride ) + { + devfn += pdev->phantom_stride; + if ( PCI_SLOT(devfn) != PCI_SLOT(pdev->devfn) ) + break; + ret = hd->platform_ops->reassign_device(d, dom0, devfn, pdev); + if ( !ret ) + continue; + + printk(XENLOG_G_ERR "d%d: deassign %04x:%02x:%02x.%u failed (%d)\n", + d->domain_id, seg, bus, PCI_SLOT(devfn), PCI_FUNC(devfn), ret); + return ret; + } + + devfn = pdev->devfn; ret = hd->platform_ops->reassign_device(d, dom0, devfn, pdev); if ( ret ) { diff -r 11fa145c880e -r c9a01b396cb4 xen/drivers/passthrough/pci.c --- a/xen/drivers/passthrough/pci.c Mon Jan 07 12:54:39 2013 +0100 +++ b/xen/drivers/passthrough/pci.c Mon Jan 07 12:55:42 2013 +0100 @@ -144,6 +144,8 @@ static struct pci_dev *alloc_pdev(struct /* update bus2bridge */ switch ( pdev->type = pdev_type(pseg->nr, bus, devfn) ) { + int pos; + u16 cap; u8 sec_bus, sub_bus; case DEV_TYPE_PCIe_BRIDGE: @@ -167,6 +169,20 @@ static struct pci_dev *alloc_pdev(struct break; case DEV_TYPE_PCIe_ENDPOINT: + pos = pci_find_cap_offset(pseg->nr, bus, PCI_SLOT(devfn), + PCI_FUNC(devfn), PCI_CAP_ID_EXP); + BUG_ON(!pos); + cap = pci_conf_read16(pseg->nr, bus, PCI_SLOT(devfn), + PCI_FUNC(devfn), pos + PCI_EXP_DEVCAP); + if ( cap & PCI_EXP_DEVCAP_PHANTOM ) + { + pdev->phantom_stride = 8 >> MASK_EXTR(cap, + PCI_EXP_DEVCAP_PHANTOM); + if ( PCI_FUNC(devfn) >= pdev->phantom_stride ) + pdev->phantom_stride = 0; + } + break; + case DEV_TYPE_PCI: break; @@ -290,6 +306,27 @@ struct pci_dev *pci_get_pdev(int seg, in return NULL; } +struct pci_dev *pci_get_real_pdev(int seg, int bus, int devfn) +{ + struct pci_dev *pdev; + int stride; + + if ( seg < 0 || bus < 0 || devfn < 0 ) + return NULL; + + for ( pdev = pci_get_pdev(seg, bus, devfn), stride = 4; + !pdev && stride; stride >>= 1 ) + { + if ( !(devfn & (8 - stride)) ) + continue; + pdev = pci_get_pdev(seg, bus, devfn & ~(8 - stride)); + if ( pdev && stride != pdev->phantom_stride ) + pdev = NULL; + } + + return pdev; +} + struct pci_dev *pci_get_pdev_by_domain( struct domain *d, int seg, int bus, int devfn) { @@ -488,8 +525,19 @@ int pci_add_device(u16 seg, u8 bus, u8 d out: spin_unlock(&pcidevs_lock); - printk(XENLOG_DEBUG "PCI add %s %04x:%02x:%02x.%u\n", pdev_type, - seg, bus, slot, func); + if ( !ret ) + { + printk(XENLOG_DEBUG "PCI add %s %04x:%02x:%02x.%u\n", pdev_type, + seg, bus, slot, func); + while ( pdev->phantom_stride ) + { + func += pdev->phantom_stride; + if ( PCI_SLOT(func) ) + break; + printk(XENLOG_DEBUG "PCI phantom %04x:%02x:%02x.%u\n", + seg, bus, slot, func); + } + } return ret; } @@ -681,7 +729,7 @@ void pci_check_disable_device(u16 seg, u u16 cword; spin_lock(&pcidevs_lock); - pdev = pci_get_pdev(seg, bus, devfn); + pdev = pci_get_real_pdev(seg, bus, devfn); if ( pdev ) { if ( now < pdev->fault.time || @@ -698,6 +746,7 @@ void pci_check_disable_device(u16 seg, u /* Tell the device to stop DMAing; we can't rely on the guest to * control it for us. */ + devfn = pdev->devfn; cword = pci_conf_read16(seg, bus, PCI_SLOT(devfn), PCI_FUNC(devfn), PCI_COMMAND); pci_conf_write16(seg, bus, PCI_SLOT(devfn), PCI_FUNC(devfn), @@ -759,6 +808,27 @@ struct setup_dom0 { int (*handler)(u8 devfn, struct pci_dev *); }; +static void setup_one_dom0_device(const struct setup_dom0 *ctxt, + struct pci_dev *pdev) +{ + u8 devfn = pdev->devfn; + + do { + int err = ctxt->handler(devfn, pdev); + + if ( err ) + { + printk(XENLOG_ERR "setup %04x:%02x:%02x.%u for d%d failed (%d)\n", + pdev->seg, pdev->bus, PCI_SLOT(devfn), PCI_FUNC(devfn), + ctxt->d->domain_id, err); + if ( devfn == pdev->devfn ) + return; + } + devfn += pdev->phantom_stride; + } while ( devfn != pdev->devfn && + PCI_SLOT(devfn) == PCI_SLOT(pdev->devfn) ); +} + static int __init _setup_dom0_pci_devices(struct pci_seg *pseg, void *arg) { struct setup_dom0 *ctxt = arg; @@ -777,12 +847,12 @@ static int __init _setup_dom0_pci_device { pdev->domain = ctxt->d; list_add(&pdev->domain_list, &ctxt->d->arch.pdev_list); - ctxt->handler(devfn, pdev); + setup_one_dom0_device(ctxt, pdev); } else if ( pdev->domain == dom_xen ) { pdev->domain = ctxt->d; - ctxt->handler(devfn, pdev); + setup_one_dom0_device(ctxt, pdev); pdev->domain = dom_xen; } else if ( pdev->domain != ctxt->d ) diff -r 11fa145c880e -r c9a01b396cb4 xen/include/xen/lib.h --- a/xen/include/xen/lib.h Mon Jan 07 12:54:39 2013 +0100 +++ b/xen/include/xen/lib.h Mon Jan 07 12:55:42 2013 +0100 @@ -58,6 +58,9 @@ do { #define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0]) + __must_be_array(x)) +#define MASK_EXTR(v, m) (((v) & (m)) / ((m) & -(m))) +#define MASK_INSR(v, m) (((v) * ((m) & -(m))) & (m)) + #define reserve_bootmem(_p,_l) ((void)0) struct domain; diff -r 11fa145c880e -r c9a01b396cb4 xen/include/xen/pci.h --- a/xen/include/xen/pci.h Mon Jan 07 12:54:39 2013 +0100 +++ b/xen/include/xen/pci.h Mon Jan 07 12:55:42 2013 +0100 @@ -63,6 +63,8 @@ struct pci_dev { const u8 bus; const u8 devfn; + u8 phantom_stride; + enum pdev_type { DEV_TYPE_PCI_UNKNOWN, DEV_TYPE_PCIe_ENDPOINT, @@ -114,6 +116,7 @@ int pci_ro_device(int seg, int bus, int void arch_pci_ro_device(int seg, int bdf); int pci_hide_device(int bus, int devfn); struct pci_dev *pci_get_pdev(int seg, int bus, int devfn); +struct pci_dev *pci_get_real_pdev(int seg, int bus, int devfn); struct pci_dev *pci_get_pdev_by_domain( struct domain *, int seg, int bus, int devfn); void pci_check_disable_device(u16 seg, u8 bus, u8 devfn); _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 08 14:44:15 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 08 Jan 2013 14:44:15 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsaPS-0002qR-MA; Tue, 08 Jan 2013 14:44:10 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsaPQ-0002qM-K9 for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 14:44:09 +0000 Received: from [85.158.143.35:16941] by server-2.bemta-4.messagelabs.com id 33/CB-24322-6B03CE05; Tue, 08 Jan 2013 14:44:06 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-15.tower-21.messagelabs.com!1357651329!13869479!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 21327 invoked from network); 8 Jan 2013 13:22:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-15.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 8 Jan 2013 13:22:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ85-0003OZ-Ak for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TsZ84-0003yt-Ve for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:08 +0000 Message-Id: Date: Tue, 08 Jan 2013 13:22:08 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] IOMMU: adjust add/remove operation parameters X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357559482 -3600 # Node ID 75cc4943b1ff509c4074800a23ff51d773233b8a # Parent 62dd78a4e3fc9d190840549f13b4d613f2d19c41 IOMMU: adjust add/remove operation parameters ... to use a (struct pci_dev *, devfn) pair. Signed-off-by: Jan Beulich Acked-by: "Zhang, Xiantao" --- diff -r 62dd78a4e3fc -r 75cc4943b1ff xen/drivers/passthrough/amd/pci_amd_iommu.c --- a/xen/drivers/passthrough/amd/pci_amd_iommu.c Mon Jan 07 12:49:24 2013 +0100 +++ b/xen/drivers/passthrough/amd/pci_amd_iommu.c Mon Jan 07 12:51:22 2013 +0100 @@ -83,14 +83,14 @@ static void disable_translation(u32 *dte } static void amd_iommu_setup_domain_device( - struct domain *domain, struct amd_iommu *iommu, int bdf) + struct domain *domain, struct amd_iommu *iommu, + u8 devfn, struct pci_dev *pdev) { void *dte; unsigned long flags; int req_id, valid = 1; int dte_i = 0; - u8 bus = PCI_BUS(bdf); - u8 devfn = PCI_DEVFN2(bdf); + u8 bus = pdev->bus; struct hvm_iommu *hd = domain_hvm_iommu(domain); @@ -103,7 +103,7 @@ static void amd_iommu_setup_domain_devic dte_i = 1; /* get device-table entry */ - req_id = get_dma_requestor_id(iommu->seg, bdf); + req_id = get_dma_requestor_id(iommu->seg, PCI_BDF2(bus, devfn)); dte = iommu->dev_table.buffer + (req_id * IOMMU_DEV_TABLE_ENTRY_SIZE); spin_lock_irqsave(&iommu->lock, flags); @@ -115,7 +115,7 @@ static void amd_iommu_setup_domain_devic (u32 *)dte, page_to_maddr(hd->root_table), hd->domain_id, hd->paging_mode, valid); - if ( pci_ats_device(iommu->seg, bus, devfn) && + if ( pci_ats_device(iommu->seg, bus, pdev->devfn) && iommu_has_cap(iommu, PCI_CAP_IOTLB_SHIFT) ) iommu_dte_set_iotlb((u32 *)dte, dte_i); @@ -132,32 +132,31 @@ static void amd_iommu_setup_domain_devic ASSERT(spin_is_locked(&pcidevs_lock)); - if ( pci_ats_device(iommu->seg, bus, devfn) && - !pci_ats_enabled(iommu->seg, bus, devfn) ) + if ( pci_ats_device(iommu->seg, bus, pdev->devfn) && + !pci_ats_enabled(iommu->seg, bus, pdev->devfn) ) { - struct pci_dev *pdev; + if ( devfn == pdev->devfn ) + enable_ats_device(iommu->seg, bus, devfn); - enable_ats_device(iommu->seg, bus, devfn); - - ASSERT(spin_is_locked(&pcidevs_lock)); - pdev = pci_get_pdev(iommu->seg, bus, devfn); - - ASSERT( pdev != NULL ); amd_iommu_flush_iotlb(pdev, INV_IOMMU_ALL_PAGES_ADDRESS, 0); } } -static void __init amd_iommu_setup_dom0_device(struct pci_dev *pdev) +static int __init amd_iommu_setup_dom0_device(u8 devfn, struct pci_dev *pdev) { int bdf = PCI_BDF2(pdev->bus, pdev->devfn); struct amd_iommu *iommu = find_iommu_for_device(pdev->seg, bdf); - if ( likely(iommu != NULL) ) - amd_iommu_setup_domain_device(pdev->domain, iommu, bdf); - else + if ( unlikely(!iommu) ) + { AMD_IOMMU_DEBUG("No iommu for device %04x:%02x:%02x.%u\n", pdev->seg, pdev->bus, - PCI_SLOT(pdev->devfn), PCI_FUNC(pdev->devfn)); + PCI_SLOT(devfn), PCI_FUNC(devfn)); + return -ENODEV; + } + + amd_iommu_setup_domain_device(pdev->domain, iommu, devfn, pdev); + return 0; } int __init amd_iov_detect(void) @@ -295,16 +294,16 @@ static void __init amd_iommu_dom0_init(s } void amd_iommu_disable_domain_device(struct domain *domain, - struct amd_iommu *iommu, int bdf) + struct amd_iommu *iommu, + u8 devfn, struct pci_dev *pdev) { void *dte; unsigned long flags; int req_id; - u8 bus = PCI_BUS(bdf); - u8 devfn = PCI_DEVFN2(bdf); + u8 bus = pdev->bus; BUG_ON ( iommu->dev_table.buffer == NULL ); - req_id = get_dma_requestor_id(iommu->seg, bdf); + req_id = get_dma_requestor_id(iommu->seg, PCI_BDF2(bus, devfn)); dte = iommu->dev_table.buffer + (req_id * IOMMU_DEV_TABLE_ENTRY_SIZE); spin_lock_irqsave(&iommu->lock, flags); @@ -312,7 +311,7 @@ void amd_iommu_disable_domain_device(str { disable_translation((u32 *)dte); - if ( pci_ats_device(iommu->seg, bus, devfn) && + if ( pci_ats_device(iommu->seg, bus, pdev->devfn) && iommu_has_cap(iommu, PCI_CAP_IOTLB_SHIFT) ) iommu_dte_set_iotlb((u32 *)dte, 0); @@ -327,7 +326,8 @@ void amd_iommu_disable_domain_device(str ASSERT(spin_is_locked(&pcidevs_lock)); - if ( pci_ats_device(iommu->seg, bus, devfn) && + if ( devfn == pdev->devfn && + pci_ats_device(iommu->seg, bus, devfn) && pci_ats_enabled(iommu->seg, bus, devfn) ) disable_ats_device(iommu->seg, bus, devfn); } @@ -350,7 +350,7 @@ static int reassign_device(struct domain return -ENODEV; } - amd_iommu_disable_domain_device(source, iommu, bdf); + amd_iommu_disable_domain_device(source, iommu, devfn, pdev); if ( devfn == pdev->devfn ) { @@ -363,7 +363,7 @@ static int reassign_device(struct domain if ( t->root_table == NULL ) allocate_domain_resources(t); - amd_iommu_setup_domain_device(target, iommu, bdf); + amd_iommu_setup_domain_device(target, iommu, devfn, pdev); AMD_IOMMU_DEBUG("Re-assign %04x:%02x:%02x.%u from dom%d to dom%d\n", pdev->seg, pdev->bus, PCI_SLOT(devfn), PCI_FUNC(devfn), source->domain_id, target->domain_id); @@ -449,7 +449,7 @@ static void amd_iommu_domain_destroy(str amd_iommu_flush_all_pages(d); } -static int amd_iommu_add_device(struct pci_dev *pdev) +static int amd_iommu_add_device(u8 devfn, struct pci_dev *pdev) { struct amd_iommu *iommu; u16 bdf; @@ -462,16 +462,16 @@ static int amd_iommu_add_device(struct p { AMD_IOMMU_DEBUG("Fail to find iommu." " %04x:%02x:%02x.%u cannot be assigned to dom%d\n", - pdev->seg, pdev->bus, PCI_SLOT(pdev->devfn), - PCI_FUNC(pdev->devfn), pdev->domain->domain_id); + pdev->seg, pdev->bus, PCI_SLOT(devfn), PCI_FUNC(devfn), + pdev->domain->domain_id); return -ENODEV; } - amd_iommu_setup_domain_device(pdev->domain, iommu, bdf); + amd_iommu_setup_domain_device(pdev->domain, iommu, devfn, pdev); return 0; } -static int amd_iommu_remove_device(struct pci_dev *pdev) +static int amd_iommu_remove_device(u8 devfn, struct pci_dev *pdev) { struct amd_iommu *iommu; u16 bdf; @@ -484,12 +484,12 @@ static int amd_iommu_remove_device(struc { AMD_IOMMU_DEBUG("Fail to find iommu." " %04x:%02x:%02x.%u cannot be removed from dom%d\n", - pdev->seg, pdev->bus, PCI_SLOT(pdev->devfn), - PCI_FUNC(pdev->devfn), pdev->domain->domain_id); + pdev->seg, pdev->bus, PCI_SLOT(devfn), PCI_FUNC(devfn), + pdev->domain->domain_id); return -ENODEV; } - amd_iommu_disable_domain_device(pdev->domain, iommu, bdf); + amd_iommu_disable_domain_device(pdev->domain, iommu, devfn, pdev); return 0; } diff -r 62dd78a4e3fc -r 75cc4943b1ff xen/drivers/passthrough/iommu.c --- a/xen/drivers/passthrough/iommu.c Mon Jan 07 12:49:24 2013 +0100 +++ b/xen/drivers/passthrough/iommu.c Mon Jan 07 12:51:22 2013 +0100 @@ -168,7 +168,7 @@ int iommu_add_device(struct pci_dev *pde if ( !iommu_enabled || !hd->platform_ops ) return 0; - return hd->platform_ops->add_device(pdev); + return hd->platform_ops->add_device(pdev->devfn, pdev); } int iommu_enable_device(struct pci_dev *pdev) @@ -198,7 +198,7 @@ int iommu_remove_device(struct pci_dev * if ( !iommu_enabled || !hd->platform_ops ) return 0; - return hd->platform_ops->remove_device(pdev); + return hd->platform_ops->remove_device(pdev->devfn, pdev); } /* diff -r 62dd78a4e3fc -r 75cc4943b1ff xen/drivers/passthrough/pci.c --- a/xen/drivers/passthrough/pci.c Mon Jan 07 12:49:24 2013 +0100 +++ b/xen/drivers/passthrough/pci.c Mon Jan 07 12:51:22 2013 +0100 @@ -743,7 +743,7 @@ int __init scan_pci_devices(void) struct setup_dom0 { struct domain *d; - void (*handler)(struct pci_dev *); + int (*handler)(u8 devfn, struct pci_dev *); }; static int __init _setup_dom0_pci_devices(struct pci_seg *pseg, void *arg) @@ -764,12 +764,12 @@ static int __init _setup_dom0_pci_device { pdev->domain = ctxt->d; list_add(&pdev->domain_list, &ctxt->d->arch.pdev_list); - ctxt->handler(pdev); + ctxt->handler(devfn, pdev); } else if ( pdev->domain == dom_xen ) { pdev->domain = ctxt->d; - ctxt->handler(pdev); + ctxt->handler(devfn, pdev); pdev->domain = dom_xen; } else if ( pdev->domain != ctxt->d ) @@ -783,7 +783,7 @@ static int __init _setup_dom0_pci_device } void __init setup_dom0_pci_devices( - struct domain *d, void (*handler)(struct pci_dev *)) + struct domain *d, int (*handler)(u8 devfn, struct pci_dev *)) { struct setup_dom0 ctxt = { .d = d, .handler = handler }; diff -r 62dd78a4e3fc -r 75cc4943b1ff xen/drivers/passthrough/vtd/iommu.c --- a/xen/drivers/passthrough/vtd/iommu.c Mon Jan 07 12:49:24 2013 +0100 +++ b/xen/drivers/passthrough/vtd/iommu.c Mon Jan 07 12:51:22 2013 +0100 @@ -50,7 +50,7 @@ int nr_iommus; static struct tasklet vtd_fault_tasklet; -static void setup_dom0_device(struct pci_dev *); +static int setup_dom0_device(u8 devfn, struct pci_dev *); static void setup_dom0_rmrr(struct domain *d); static int domain_iommu_domid(struct domain *d, @@ -1873,7 +1873,7 @@ static int rmrr_identity_mapping(struct return 0; } -static int intel_iommu_add_device(struct pci_dev *pdev) +static int intel_iommu_add_device(u8 devfn, struct pci_dev *pdev) { struct acpi_rmrr_unit *rmrr; u16 bdf; @@ -1884,8 +1884,7 @@ static int intel_iommu_add_device(struct if ( !pdev->domain ) return -EINVAL; - ret = domain_context_mapping(pdev->domain, pdev->seg, pdev->bus, - pdev->devfn); + ret = domain_context_mapping(pdev->domain, pdev->seg, pdev->bus, devfn); if ( ret ) { dprintk(XENLOG_ERR VTDPREFIX, "d%d: context mapping failed\n", @@ -1897,7 +1896,7 @@ static int intel_iommu_add_device(struct { if ( rmrr->segment == pdev->seg && PCI_BUS(bdf) == pdev->bus && - PCI_DEVFN2(bdf) == pdev->devfn ) + PCI_DEVFN2(bdf) == devfn ) { ret = rmrr_identity_mapping(pdev->domain, rmrr); if ( ret ) @@ -1922,7 +1921,7 @@ static int intel_iommu_enable_device(str return ret >= 0 ? 0 : ret; } -static int intel_iommu_remove_device(struct pci_dev *pdev) +static int intel_iommu_remove_device(u8 devfn, struct pci_dev *pdev) { struct acpi_rmrr_unit *rmrr; u16 bdf; @@ -1940,19 +1939,22 @@ static int intel_iommu_remove_device(str { if ( rmrr->segment == pdev->seg && PCI_BUS(bdf) == pdev->bus && - PCI_DEVFN2(bdf) == pdev->devfn ) + PCI_DEVFN2(bdf) == devfn ) return 0; } } - return domain_context_unmap(pdev->domain, pdev->seg, pdev->bus, - pdev->devfn); + return domain_context_unmap(pdev->domain, pdev->seg, pdev->bus, devfn); } -static void __init setup_dom0_device(struct pci_dev *pdev) +static int __init setup_dom0_device(u8 devfn, struct pci_dev *pdev) { - domain_context_mapping(pdev->domain, pdev->seg, pdev->bus, pdev->devfn); - pci_vtd_quirk(pdev); + int err; + + err = domain_context_mapping(pdev->domain, pdev->seg, pdev->bus, devfn); + if ( !err && devfn == pdev->devfn ) + pci_vtd_quirk(pdev); + return err; } void clear_fault_bits(struct iommu *iommu) diff -r 62dd78a4e3fc -r 75cc4943b1ff xen/include/xen/iommu.h --- a/xen/include/xen/iommu.h Mon Jan 07 12:49:24 2013 +0100 +++ b/xen/include/xen/iommu.h Mon Jan 07 12:51:22 2013 +0100 @@ -94,9 +94,9 @@ struct msi_msg; struct iommu_ops { int (*init)(struct domain *d); void (*dom0_init)(struct domain *d); - int (*add_device)(struct pci_dev *pdev); + int (*add_device)(u8 devfn, struct pci_dev *); int (*enable_device)(struct pci_dev *pdev); - int (*remove_device)(struct pci_dev *pdev); + int (*remove_device)(u8 devfn, struct pci_dev *); int (*assign_device)(struct domain *, u8 devfn, struct pci_dev *); void (*teardown)(struct domain *d); int (*map_page)(struct domain *d, unsigned long gfn, unsigned long mfn, diff -r 62dd78a4e3fc -r 75cc4943b1ff xen/include/xen/pci.h --- a/xen/include/xen/pci.h Mon Jan 07 12:49:24 2013 +0100 +++ b/xen/include/xen/pci.h Mon Jan 07 12:51:22 2013 +0100 @@ -100,7 +100,8 @@ struct pci_dev *pci_lock_pdev(int seg, i struct pci_dev *pci_lock_domain_pdev( struct domain *, int seg, int bus, int devfn); -void setup_dom0_pci_devices(struct domain *, void (*)(struct pci_dev *)); +void setup_dom0_pci_devices(struct domain *, + int (*)(u8 devfn, struct pci_dev *)); void pci_release_devices(struct domain *d); int pci_add_segment(u16 seg); const unsigned long *pci_get_ro_map(u16 seg); _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 08 14:44:15 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 08 Jan 2013 14:44:15 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsaPS-0002qR-MA; Tue, 08 Jan 2013 14:44:10 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsaPQ-0002qM-K9 for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 14:44:09 +0000 Received: from [85.158.143.35:16941] by server-2.bemta-4.messagelabs.com id 33/CB-24322-6B03CE05; Tue, 08 Jan 2013 14:44:06 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-15.tower-21.messagelabs.com!1357651329!13869479!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 21327 invoked from network); 8 Jan 2013 13:22:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-15.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 8 Jan 2013 13:22:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsZ85-0003OZ-Ak for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TsZ84-0003yt-Ve for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 13:22:08 +0000 Message-Id: Date: Tue, 08 Jan 2013 13:22:08 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] IOMMU: adjust add/remove operation parameters X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357559482 -3600 # Node ID 75cc4943b1ff509c4074800a23ff51d773233b8a # Parent 62dd78a4e3fc9d190840549f13b4d613f2d19c41 IOMMU: adjust add/remove operation parameters ... to use a (struct pci_dev *, devfn) pair. Signed-off-by: Jan Beulich Acked-by: "Zhang, Xiantao" --- diff -r 62dd78a4e3fc -r 75cc4943b1ff xen/drivers/passthrough/amd/pci_amd_iommu.c --- a/xen/drivers/passthrough/amd/pci_amd_iommu.c Mon Jan 07 12:49:24 2013 +0100 +++ b/xen/drivers/passthrough/amd/pci_amd_iommu.c Mon Jan 07 12:51:22 2013 +0100 @@ -83,14 +83,14 @@ static void disable_translation(u32 *dte } static void amd_iommu_setup_domain_device( - struct domain *domain, struct amd_iommu *iommu, int bdf) + struct domain *domain, struct amd_iommu *iommu, + u8 devfn, struct pci_dev *pdev) { void *dte; unsigned long flags; int req_id, valid = 1; int dte_i = 0; - u8 bus = PCI_BUS(bdf); - u8 devfn = PCI_DEVFN2(bdf); + u8 bus = pdev->bus; struct hvm_iommu *hd = domain_hvm_iommu(domain); @@ -103,7 +103,7 @@ static void amd_iommu_setup_domain_devic dte_i = 1; /* get device-table entry */ - req_id = get_dma_requestor_id(iommu->seg, bdf); + req_id = get_dma_requestor_id(iommu->seg, PCI_BDF2(bus, devfn)); dte = iommu->dev_table.buffer + (req_id * IOMMU_DEV_TABLE_ENTRY_SIZE); spin_lock_irqsave(&iommu->lock, flags); @@ -115,7 +115,7 @@ static void amd_iommu_setup_domain_devic (u32 *)dte, page_to_maddr(hd->root_table), hd->domain_id, hd->paging_mode, valid); - if ( pci_ats_device(iommu->seg, bus, devfn) && + if ( pci_ats_device(iommu->seg, bus, pdev->devfn) && iommu_has_cap(iommu, PCI_CAP_IOTLB_SHIFT) ) iommu_dte_set_iotlb((u32 *)dte, dte_i); @@ -132,32 +132,31 @@ static void amd_iommu_setup_domain_devic ASSERT(spin_is_locked(&pcidevs_lock)); - if ( pci_ats_device(iommu->seg, bus, devfn) && - !pci_ats_enabled(iommu->seg, bus, devfn) ) + if ( pci_ats_device(iommu->seg, bus, pdev->devfn) && + !pci_ats_enabled(iommu->seg, bus, pdev->devfn) ) { - struct pci_dev *pdev; + if ( devfn == pdev->devfn ) + enable_ats_device(iommu->seg, bus, devfn); - enable_ats_device(iommu->seg, bus, devfn); - - ASSERT(spin_is_locked(&pcidevs_lock)); - pdev = pci_get_pdev(iommu->seg, bus, devfn); - - ASSERT( pdev != NULL ); amd_iommu_flush_iotlb(pdev, INV_IOMMU_ALL_PAGES_ADDRESS, 0); } } -static void __init amd_iommu_setup_dom0_device(struct pci_dev *pdev) +static int __init amd_iommu_setup_dom0_device(u8 devfn, struct pci_dev *pdev) { int bdf = PCI_BDF2(pdev->bus, pdev->devfn); struct amd_iommu *iommu = find_iommu_for_device(pdev->seg, bdf); - if ( likely(iommu != NULL) ) - amd_iommu_setup_domain_device(pdev->domain, iommu, bdf); - else + if ( unlikely(!iommu) ) + { AMD_IOMMU_DEBUG("No iommu for device %04x:%02x:%02x.%u\n", pdev->seg, pdev->bus, - PCI_SLOT(pdev->devfn), PCI_FUNC(pdev->devfn)); + PCI_SLOT(devfn), PCI_FUNC(devfn)); + return -ENODEV; + } + + amd_iommu_setup_domain_device(pdev->domain, iommu, devfn, pdev); + return 0; } int __init amd_iov_detect(void) @@ -295,16 +294,16 @@ static void __init amd_iommu_dom0_init(s } void amd_iommu_disable_domain_device(struct domain *domain, - struct amd_iommu *iommu, int bdf) + struct amd_iommu *iommu, + u8 devfn, struct pci_dev *pdev) { void *dte; unsigned long flags; int req_id; - u8 bus = PCI_BUS(bdf); - u8 devfn = PCI_DEVFN2(bdf); + u8 bus = pdev->bus; BUG_ON ( iommu->dev_table.buffer == NULL ); - req_id = get_dma_requestor_id(iommu->seg, bdf); + req_id = get_dma_requestor_id(iommu->seg, PCI_BDF2(bus, devfn)); dte = iommu->dev_table.buffer + (req_id * IOMMU_DEV_TABLE_ENTRY_SIZE); spin_lock_irqsave(&iommu->lock, flags); @@ -312,7 +311,7 @@ void amd_iommu_disable_domain_device(str { disable_translation((u32 *)dte); - if ( pci_ats_device(iommu->seg, bus, devfn) && + if ( pci_ats_device(iommu->seg, bus, pdev->devfn) && iommu_has_cap(iommu, PCI_CAP_IOTLB_SHIFT) ) iommu_dte_set_iotlb((u32 *)dte, 0); @@ -327,7 +326,8 @@ void amd_iommu_disable_domain_device(str ASSERT(spin_is_locked(&pcidevs_lock)); - if ( pci_ats_device(iommu->seg, bus, devfn) && + if ( devfn == pdev->devfn && + pci_ats_device(iommu->seg, bus, devfn) && pci_ats_enabled(iommu->seg, bus, devfn) ) disable_ats_device(iommu->seg, bus, devfn); } @@ -350,7 +350,7 @@ static int reassign_device(struct domain return -ENODEV; } - amd_iommu_disable_domain_device(source, iommu, bdf); + amd_iommu_disable_domain_device(source, iommu, devfn, pdev); if ( devfn == pdev->devfn ) { @@ -363,7 +363,7 @@ static int reassign_device(struct domain if ( t->root_table == NULL ) allocate_domain_resources(t); - amd_iommu_setup_domain_device(target, iommu, bdf); + amd_iommu_setup_domain_device(target, iommu, devfn, pdev); AMD_IOMMU_DEBUG("Re-assign %04x:%02x:%02x.%u from dom%d to dom%d\n", pdev->seg, pdev->bus, PCI_SLOT(devfn), PCI_FUNC(devfn), source->domain_id, target->domain_id); @@ -449,7 +449,7 @@ static void amd_iommu_domain_destroy(str amd_iommu_flush_all_pages(d); } -static int amd_iommu_add_device(struct pci_dev *pdev) +static int amd_iommu_add_device(u8 devfn, struct pci_dev *pdev) { struct amd_iommu *iommu; u16 bdf; @@ -462,16 +462,16 @@ static int amd_iommu_add_device(struct p { AMD_IOMMU_DEBUG("Fail to find iommu." " %04x:%02x:%02x.%u cannot be assigned to dom%d\n", - pdev->seg, pdev->bus, PCI_SLOT(pdev->devfn), - PCI_FUNC(pdev->devfn), pdev->domain->domain_id); + pdev->seg, pdev->bus, PCI_SLOT(devfn), PCI_FUNC(devfn), + pdev->domain->domain_id); return -ENODEV; } - amd_iommu_setup_domain_device(pdev->domain, iommu, bdf); + amd_iommu_setup_domain_device(pdev->domain, iommu, devfn, pdev); return 0; } -static int amd_iommu_remove_device(struct pci_dev *pdev) +static int amd_iommu_remove_device(u8 devfn, struct pci_dev *pdev) { struct amd_iommu *iommu; u16 bdf; @@ -484,12 +484,12 @@ static int amd_iommu_remove_device(struc { AMD_IOMMU_DEBUG("Fail to find iommu." " %04x:%02x:%02x.%u cannot be removed from dom%d\n", - pdev->seg, pdev->bus, PCI_SLOT(pdev->devfn), - PCI_FUNC(pdev->devfn), pdev->domain->domain_id); + pdev->seg, pdev->bus, PCI_SLOT(devfn), PCI_FUNC(devfn), + pdev->domain->domain_id); return -ENODEV; } - amd_iommu_disable_domain_device(pdev->domain, iommu, bdf); + amd_iommu_disable_domain_device(pdev->domain, iommu, devfn, pdev); return 0; } diff -r 62dd78a4e3fc -r 75cc4943b1ff xen/drivers/passthrough/iommu.c --- a/xen/drivers/passthrough/iommu.c Mon Jan 07 12:49:24 2013 +0100 +++ b/xen/drivers/passthrough/iommu.c Mon Jan 07 12:51:22 2013 +0100 @@ -168,7 +168,7 @@ int iommu_add_device(struct pci_dev *pde if ( !iommu_enabled || !hd->platform_ops ) return 0; - return hd->platform_ops->add_device(pdev); + return hd->platform_ops->add_device(pdev->devfn, pdev); } int iommu_enable_device(struct pci_dev *pdev) @@ -198,7 +198,7 @@ int iommu_remove_device(struct pci_dev * if ( !iommu_enabled || !hd->platform_ops ) return 0; - return hd->platform_ops->remove_device(pdev); + return hd->platform_ops->remove_device(pdev->devfn, pdev); } /* diff -r 62dd78a4e3fc -r 75cc4943b1ff xen/drivers/passthrough/pci.c --- a/xen/drivers/passthrough/pci.c Mon Jan 07 12:49:24 2013 +0100 +++ b/xen/drivers/passthrough/pci.c Mon Jan 07 12:51:22 2013 +0100 @@ -743,7 +743,7 @@ int __init scan_pci_devices(void) struct setup_dom0 { struct domain *d; - void (*handler)(struct pci_dev *); + int (*handler)(u8 devfn, struct pci_dev *); }; static int __init _setup_dom0_pci_devices(struct pci_seg *pseg, void *arg) @@ -764,12 +764,12 @@ static int __init _setup_dom0_pci_device { pdev->domain = ctxt->d; list_add(&pdev->domain_list, &ctxt->d->arch.pdev_list); - ctxt->handler(pdev); + ctxt->handler(devfn, pdev); } else if ( pdev->domain == dom_xen ) { pdev->domain = ctxt->d; - ctxt->handler(pdev); + ctxt->handler(devfn, pdev); pdev->domain = dom_xen; } else if ( pdev->domain != ctxt->d ) @@ -783,7 +783,7 @@ static int __init _setup_dom0_pci_device } void __init setup_dom0_pci_devices( - struct domain *d, void (*handler)(struct pci_dev *)) + struct domain *d, int (*handler)(u8 devfn, struct pci_dev *)) { struct setup_dom0 ctxt = { .d = d, .handler = handler }; diff -r 62dd78a4e3fc -r 75cc4943b1ff xen/drivers/passthrough/vtd/iommu.c --- a/xen/drivers/passthrough/vtd/iommu.c Mon Jan 07 12:49:24 2013 +0100 +++ b/xen/drivers/passthrough/vtd/iommu.c Mon Jan 07 12:51:22 2013 +0100 @@ -50,7 +50,7 @@ int nr_iommus; static struct tasklet vtd_fault_tasklet; -static void setup_dom0_device(struct pci_dev *); +static int setup_dom0_device(u8 devfn, struct pci_dev *); static void setup_dom0_rmrr(struct domain *d); static int domain_iommu_domid(struct domain *d, @@ -1873,7 +1873,7 @@ static int rmrr_identity_mapping(struct return 0; } -static int intel_iommu_add_device(struct pci_dev *pdev) +static int intel_iommu_add_device(u8 devfn, struct pci_dev *pdev) { struct acpi_rmrr_unit *rmrr; u16 bdf; @@ -1884,8 +1884,7 @@ static int intel_iommu_add_device(struct if ( !pdev->domain ) return -EINVAL; - ret = domain_context_mapping(pdev->domain, pdev->seg, pdev->bus, - pdev->devfn); + ret = domain_context_mapping(pdev->domain, pdev->seg, pdev->bus, devfn); if ( ret ) { dprintk(XENLOG_ERR VTDPREFIX, "d%d: context mapping failed\n", @@ -1897,7 +1896,7 @@ static int intel_iommu_add_device(struct { if ( rmrr->segment == pdev->seg && PCI_BUS(bdf) == pdev->bus && - PCI_DEVFN2(bdf) == pdev->devfn ) + PCI_DEVFN2(bdf) == devfn ) { ret = rmrr_identity_mapping(pdev->domain, rmrr); if ( ret ) @@ -1922,7 +1921,7 @@ static int intel_iommu_enable_device(str return ret >= 0 ? 0 : ret; } -static int intel_iommu_remove_device(struct pci_dev *pdev) +static int intel_iommu_remove_device(u8 devfn, struct pci_dev *pdev) { struct acpi_rmrr_unit *rmrr; u16 bdf; @@ -1940,19 +1939,22 @@ static int intel_iommu_remove_device(str { if ( rmrr->segment == pdev->seg && PCI_BUS(bdf) == pdev->bus && - PCI_DEVFN2(bdf) == pdev->devfn ) + PCI_DEVFN2(bdf) == devfn ) return 0; } } - return domain_context_unmap(pdev->domain, pdev->seg, pdev->bus, - pdev->devfn); + return domain_context_unmap(pdev->domain, pdev->seg, pdev->bus, devfn); } -static void __init setup_dom0_device(struct pci_dev *pdev) +static int __init setup_dom0_device(u8 devfn, struct pci_dev *pdev) { - domain_context_mapping(pdev->domain, pdev->seg, pdev->bus, pdev->devfn); - pci_vtd_quirk(pdev); + int err; + + err = domain_context_mapping(pdev->domain, pdev->seg, pdev->bus, devfn); + if ( !err && devfn == pdev->devfn ) + pci_vtd_quirk(pdev); + return err; } void clear_fault_bits(struct iommu *iommu) diff -r 62dd78a4e3fc -r 75cc4943b1ff xen/include/xen/iommu.h --- a/xen/include/xen/iommu.h Mon Jan 07 12:49:24 2013 +0100 +++ b/xen/include/xen/iommu.h Mon Jan 07 12:51:22 2013 +0100 @@ -94,9 +94,9 @@ struct msi_msg; struct iommu_ops { int (*init)(struct domain *d); void (*dom0_init)(struct domain *d); - int (*add_device)(struct pci_dev *pdev); + int (*add_device)(u8 devfn, struct pci_dev *); int (*enable_device)(struct pci_dev *pdev); - int (*remove_device)(struct pci_dev *pdev); + int (*remove_device)(u8 devfn, struct pci_dev *); int (*assign_device)(struct domain *, u8 devfn, struct pci_dev *); void (*teardown)(struct domain *d); int (*map_page)(struct domain *d, unsigned long gfn, unsigned long mfn, diff -r 62dd78a4e3fc -r 75cc4943b1ff xen/include/xen/pci.h --- a/xen/include/xen/pci.h Mon Jan 07 12:49:24 2013 +0100 +++ b/xen/include/xen/pci.h Mon Jan 07 12:51:22 2013 +0100 @@ -100,7 +100,8 @@ struct pci_dev *pci_lock_pdev(int seg, i struct pci_dev *pci_lock_domain_pdev( struct domain *, int seg, int bus, int devfn); -void setup_dom0_pci_devices(struct domain *, void (*)(struct pci_dev *)); +void setup_dom0_pci_devices(struct domain *, + int (*)(u8 devfn, struct pci_dev *)); void pci_release_devices(struct domain *d); int pci_add_segment(u16 seg); const unsigned long *pci_get_ro_map(u16 seg); _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 08 18:00:26 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 08 Jan 2013 18:00:26 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsdTK-0006ZW-QM; Tue, 08 Jan 2013 18:00:22 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsdTJ-0006ZK-QM for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 18:00:22 +0000 Received: from [193.109.254.147:4027] by server-5.bemta-14.messagelabs.com id EA/7E-32031-5BE5CE05; Tue, 08 Jan 2013 18:00:21 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-15.tower-27.messagelabs.com!1357668019!3711761!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 16135 invoked from network); 8 Jan 2013 18:00:20 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-15.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 8 Jan 2013 18:00:20 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsdTG-0006ns-PD for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 18:00:18 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TsdTC-00039r-T3 for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 18:00:18 +0000 Message-Id: Date: Tue, 08 Jan 2013 18:00:14 +0000 From: Xen patchbot-4.1-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.1-testing] passthrough/PCI: replace improper uses of pci_find_next_cap() X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357636615 -3600 # Node ID c2cb6182a58ce946ebef2658f4eda5d01b7906d2 # Parent 2ae6267371d8d72f21b444720bb2d48d176cf7a5 passthrough/PCI: replace improper uses of pci_find_next_cap() Using pci_find_next_cap() without prior pci_find_cap_offset() is bogus (and possibly wrong, given that the latter doesn't check the PCI_STATUS_CAP_LIST flag, which so far was checked in an open-coded way only for the non-bridge case). Once at it, fold the two calls into one, as we need its result in any case. Question is whether, without any caller left, pci_find_next_cap() should be purged as well. Signed-off-by: Jan Beulich Acked-by: Xiantao Zhang xen-unstable changeset: 26179:ae6fb202b233 xen-unstable date: Tue Nov 20 07:58:31 UTC 2012 --- diff -r 2ae6267371d8 -r c2cb6182a58c xen/drivers/passthrough/pci.c --- a/xen/drivers/passthrough/pci.c Wed Dec 19 12:29:25 2012 +0100 +++ b/xen/drivers/passthrough/pci.c Tue Jan 08 10:16:55 2013 +0100 @@ -345,16 +345,13 @@ void pci_release_devices(struct domain * int pdev_type(u8 bus, u8 devfn) { - u16 class_device; - u16 status, creg; - int pos; + u16 class_device, creg; u8 d = PCI_SLOT(devfn), f = PCI_FUNC(devfn); + int pos = pci_find_cap_offset(bus, d, f, PCI_CAP_ID_EXP); class_device = pci_conf_read16(bus, d, f, PCI_CLASS_DEVICE); if ( class_device == PCI_CLASS_BRIDGE_PCI ) { - pos = pci_find_next_cap(bus, devfn, - PCI_CAPABILITY_LIST, PCI_CAP_ID_EXP); if ( !pos ) return DEV_TYPE_LEGACY_PCI_BRIDGE; creg = pci_conf_read16(bus, d, f, pos + PCI_EXP_FLAGS); @@ -362,14 +359,7 @@ int pdev_type(u8 bus, u8 devfn) DEV_TYPE_PCIe2PCI_BRIDGE : DEV_TYPE_PCIe_BRIDGE; } - status = pci_conf_read16(bus, d, f, PCI_STATUS); - if ( !(status & PCI_STATUS_CAP_LIST) ) - return DEV_TYPE_PCI; - - if ( pci_find_next_cap(bus, devfn, PCI_CAPABILITY_LIST, PCI_CAP_ID_EXP) ) - return DEV_TYPE_PCIe_ENDPOINT; - - return DEV_TYPE_PCI; + return pos ? DEV_TYPE_PCIe_ENDPOINT : DEV_TYPE_PCI; } /* _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 08 18:00:26 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 08 Jan 2013 18:00:26 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsdTK-0006ZW-QM; Tue, 08 Jan 2013 18:00:22 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsdTJ-0006ZK-QM for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 18:00:22 +0000 Received: from [193.109.254.147:4027] by server-5.bemta-14.messagelabs.com id EA/7E-32031-5BE5CE05; Tue, 08 Jan 2013 18:00:21 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-15.tower-27.messagelabs.com!1357668019!3711761!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 16135 invoked from network); 8 Jan 2013 18:00:20 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-15.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 8 Jan 2013 18:00:20 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsdTG-0006ns-PD for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 18:00:18 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TsdTC-00039r-T3 for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 18:00:18 +0000 Message-Id: Date: Tue, 08 Jan 2013 18:00:14 +0000 From: Xen patchbot-4.1-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.1-testing] passthrough/PCI: replace improper uses of pci_find_next_cap() X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357636615 -3600 # Node ID c2cb6182a58ce946ebef2658f4eda5d01b7906d2 # Parent 2ae6267371d8d72f21b444720bb2d48d176cf7a5 passthrough/PCI: replace improper uses of pci_find_next_cap() Using pci_find_next_cap() without prior pci_find_cap_offset() is bogus (and possibly wrong, given that the latter doesn't check the PCI_STATUS_CAP_LIST flag, which so far was checked in an open-coded way only for the non-bridge case). Once at it, fold the two calls into one, as we need its result in any case. Question is whether, without any caller left, pci_find_next_cap() should be purged as well. Signed-off-by: Jan Beulich Acked-by: Xiantao Zhang xen-unstable changeset: 26179:ae6fb202b233 xen-unstable date: Tue Nov 20 07:58:31 UTC 2012 --- diff -r 2ae6267371d8 -r c2cb6182a58c xen/drivers/passthrough/pci.c --- a/xen/drivers/passthrough/pci.c Wed Dec 19 12:29:25 2012 +0100 +++ b/xen/drivers/passthrough/pci.c Tue Jan 08 10:16:55 2013 +0100 @@ -345,16 +345,13 @@ void pci_release_devices(struct domain * int pdev_type(u8 bus, u8 devfn) { - u16 class_device; - u16 status, creg; - int pos; + u16 class_device, creg; u8 d = PCI_SLOT(devfn), f = PCI_FUNC(devfn); + int pos = pci_find_cap_offset(bus, d, f, PCI_CAP_ID_EXP); class_device = pci_conf_read16(bus, d, f, PCI_CLASS_DEVICE); if ( class_device == PCI_CLASS_BRIDGE_PCI ) { - pos = pci_find_next_cap(bus, devfn, - PCI_CAPABILITY_LIST, PCI_CAP_ID_EXP); if ( !pos ) return DEV_TYPE_LEGACY_PCI_BRIDGE; creg = pci_conf_read16(bus, d, f, pos + PCI_EXP_FLAGS); @@ -362,14 +359,7 @@ int pdev_type(u8 bus, u8 devfn) DEV_TYPE_PCIe2PCI_BRIDGE : DEV_TYPE_PCIe_BRIDGE; } - status = pci_conf_read16(bus, d, f, PCI_STATUS); - if ( !(status & PCI_STATUS_CAP_LIST) ) - return DEV_TYPE_PCI; - - if ( pci_find_next_cap(bus, devfn, PCI_CAPABILITY_LIST, PCI_CAP_ID_EXP) ) - return DEV_TYPE_PCIe_ENDPOINT; - - return DEV_TYPE_PCI; + return pos ? DEV_TYPE_PCIe_ENDPOINT : DEV_TYPE_PCI; } /* _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 08 18:00:34 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 08 Jan 2013 18:00:34 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsdTS-0006ai-Tk; Tue, 08 Jan 2013 18:00:30 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsdTR-0006aR-Fw for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 18:00:29 +0000 Received: from [85.158.143.35:28840] by server-1.bemta-4.messagelabs.com id CC/D4-28401-CBE5CE05; Tue, 08 Jan 2013 18:00:28 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-10.tower-21.messagelabs.com!1357668026!10364260!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 7179 invoked from network); 8 Jan 2013 18:00:27 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-10.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 8 Jan 2013 18:00:27 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsdTO-0006ny-Kk for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 18:00:26 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TsdTO-0003BZ-6p for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 18:00:26 +0000 Message-Id: Date: Tue, 08 Jan 2013 18:00:25 +0000 From: Xen patchbot-4.1-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.1-testing] IOMMU/ATS: fix maximum queue depth calculation X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357636952 -3600 # Node ID 54df833dd82f49889421551646a3ae8d95bb217e # Parent 2e0a6f43218220f2b293bed979a6aa1e79a53b8d IOMMU/ATS: fix maximum queue depth calculation The capabilities register field is a 5-bit value, and the 5 bits all being zero actually means 32 entries. Under the assumption that amd_iommu_flush_iotlb() really just tried to correct for the miscalculation above when adding 32 to the value, that adjustment is also being removed. Signed-off-by: Jan Beulich Acked-by Xiantao Zhang Acked-by: Wei Huang xen-unstable changeset: 26235:670b07e8d738 xen-unstable date: Wed Dec 5 08:52:14 UTC 2012 --- diff -r 2e0a6f432182 -r 54df833dd82f xen/drivers/passthrough/vtd/x86/ats.c --- a/xen/drivers/passthrough/vtd/x86/ats.c Tue Jan 08 10:18:59 2013 +0100 +++ b/xen/drivers/passthrough/vtd/x86/ats.c Tue Jan 08 10:22:32 2013 +0100 @@ -32,7 +32,7 @@ static LIST_HEAD(ats_dev_drhd_units); #define ATS_REG_CAP 4 #define ATS_REG_CTL 6 -#define ATS_QUEUE_DEPTH_MASK 0xF +#define ATS_QUEUE_DEPTH_MASK 0x1f #define ATS_ENABLE (1<<15) struct pci_ats_dev { @@ -178,7 +178,8 @@ int enable_ats_device(int seg, int bus, pdev->devfn = devfn; value = pci_conf_read16(bus, PCI_SLOT(devfn), PCI_FUNC(devfn), pos + ATS_REG_CAP); - pdev->ats_queue_depth = value & ATS_QUEUE_DEPTH_MASK; + pdev->ats_queue_depth = value & ATS_QUEUE_DEPTH_MASK ?: + ATS_QUEUE_DEPTH_MASK + 1; list_add(&pdev->list, &ats_devices); } _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 08 18:00:34 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 08 Jan 2013 18:00:34 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsdTS-0006ai-Tk; Tue, 08 Jan 2013 18:00:30 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsdTR-0006aR-Fw for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 18:00:29 +0000 Received: from [85.158.143.35:28840] by server-1.bemta-4.messagelabs.com id CC/D4-28401-CBE5CE05; Tue, 08 Jan 2013 18:00:28 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-10.tower-21.messagelabs.com!1357668026!10364260!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 7179 invoked from network); 8 Jan 2013 18:00:27 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-10.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 8 Jan 2013 18:00:27 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsdTO-0006ny-Kk for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 18:00:26 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TsdTO-0003BZ-6p for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 18:00:26 +0000 Message-Id: Date: Tue, 08 Jan 2013 18:00:25 +0000 From: Xen patchbot-4.1-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.1-testing] IOMMU/ATS: fix maximum queue depth calculation X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357636952 -3600 # Node ID 54df833dd82f49889421551646a3ae8d95bb217e # Parent 2e0a6f43218220f2b293bed979a6aa1e79a53b8d IOMMU/ATS: fix maximum queue depth calculation The capabilities register field is a 5-bit value, and the 5 bits all being zero actually means 32 entries. Under the assumption that amd_iommu_flush_iotlb() really just tried to correct for the miscalculation above when adding 32 to the value, that adjustment is also being removed. Signed-off-by: Jan Beulich Acked-by Xiantao Zhang Acked-by: Wei Huang xen-unstable changeset: 26235:670b07e8d738 xen-unstable date: Wed Dec 5 08:52:14 UTC 2012 --- diff -r 2e0a6f432182 -r 54df833dd82f xen/drivers/passthrough/vtd/x86/ats.c --- a/xen/drivers/passthrough/vtd/x86/ats.c Tue Jan 08 10:18:59 2013 +0100 +++ b/xen/drivers/passthrough/vtd/x86/ats.c Tue Jan 08 10:22:32 2013 +0100 @@ -32,7 +32,7 @@ static LIST_HEAD(ats_dev_drhd_units); #define ATS_REG_CAP 4 #define ATS_REG_CTL 6 -#define ATS_QUEUE_DEPTH_MASK 0xF +#define ATS_QUEUE_DEPTH_MASK 0x1f #define ATS_ENABLE (1<<15) struct pci_ats_dev { @@ -178,7 +178,8 @@ int enable_ats_device(int seg, int bus, pdev->devfn = devfn; value = pci_conf_read16(bus, PCI_SLOT(devfn), PCI_FUNC(devfn), pos + ATS_REG_CAP); - pdev->ats_queue_depth = value & ATS_QUEUE_DEPTH_MASK; + pdev->ats_queue_depth = value & ATS_QUEUE_DEPTH_MASK ?: + ATS_QUEUE_DEPTH_MASK + 1; list_add(&pdev->list, &ats_devices); } _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 08 18:00:35 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 08 Jan 2013 18:00:35 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsdTV-0006b1-0X; Tue, 08 Jan 2013 18:00:33 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsdTT-0006aq-VO for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 18:00:32 +0000 Received: from [85.158.139.211:10857] by server-5.bemta-5.messagelabs.com id 81/97-22648-FBE5CE05; Tue, 08 Jan 2013 18:00:31 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-9.tower-206.messagelabs.com!1357668028!20792066!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests=ML_RADAR_SPEW_LINKS_32, spamassassin: X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 18539 invoked from network); 8 Jan 2013 18:00:29 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-9.tower-206.messagelabs.com with AES256-SHA encrypted SMTP; 8 Jan 2013 18:00:29 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsdTQ-0006o4-LE for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 18:00:28 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TsdTQ-0003Bw-Cf for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 18:00:28 +0000 Message-Id: Date: Tue, 08 Jan 2013 18:00:26 +0000 From: Xen patchbot-4.1-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.1-testing] x86, amd: Disable way access filter on Piledriver CPUs X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Andre Przywara # Date 1357637017 -3600 # Node ID afdcd18ac70f43de3cf486da10327f515806f3ce # Parent 54df833dd82f49889421551646a3ae8d95bb217e x86, amd: Disable way access filter on Piledriver CPUs The Way Access Filter in recent AMD CPUs may hurt the performance of some workloads, caused by aliasing issues in the L1 cache. This patch disables it on the affected CPUs. The issue is similar to that one of last year: http://lkml.indiana.edu/hypermail/linux/kernel/1107.3/00041.html This new patch does not replace the old one, we just need another quirk for newer CPUs. The performance penalty without the patch depends on the circumstances, but is a bit less than the last year's 3%. The workloads affected would be those that access code from the same physical page under different virtual addresses, so different processes using the same libraries with ASLR or multiple instances of PIE-binaries. The code needs to be accessed simultaneously from both cores of the same compute unit. More details can be found here: http://developer.amd.com/Assets/SharedL1InstructionCacheonAMD15hCPU.pdf CPUs affected are anything with the core known as Piledriver. That includes the new parts of the AMD A-Series (aka Trinity) and the just released new CPUs of the FX-Series (aka Vishera). The model numbering is a bit odd here: FX CPUs have model 2, A-Series has model 10h, with possible extensions to 1Fh. Hence the range of model ids. Signed-off-by: Andre Przywara Add and use MSR_AMD64_IC_CFG. Update the value whenever it is found to not have all bits set, rather than just when it's zero. Signed-off-by: Jan Beulich Acked-by: Keir Fraser xen-unstable changeset: 26294:5fb0b8b838da xen-unstable date: Wed Dec 19 10:42:09 UTC 2012 --- diff -r 54df833dd82f -r afdcd18ac70f xen/arch/x86/cpu/amd.c --- a/xen/arch/x86/cpu/amd.c Tue Jan 08 10:22:32 2013 +0100 +++ b/xen/arch/x86/cpu/amd.c Tue Jan 08 10:23:37 2013 +0100 @@ -616,6 +616,14 @@ static void __devinit init_amd(struct cp } } + /* + * The way access filter has a performance penalty on some workloads. + * Disable it on the affected CPUs. + */ + if (c->x86 == 0x15 && c->x86_model >= 0x02 && c->x86_model < 0x20 && + !rdmsr_safe(MSR_AMD64_IC_CFG, value) && (value & 0x1e) != 0x1e) + wrmsr_safe(MSR_AMD64_IC_CFG, value | 0x1e); + amd_get_topology(c); /* Pointless to use MWAIT on Family10 as it does not deep sleep. */ diff -r 54df833dd82f -r afdcd18ac70f xen/include/asm-x86/msr-index.h --- a/xen/include/asm-x86/msr-index.h Tue Jan 08 10:22:32 2013 +0100 +++ b/xen/include/asm-x86/msr-index.h Tue Jan 08 10:23:37 2013 +0100 @@ -245,6 +245,7 @@ /* AMD64 MSRs */ #define MSR_AMD64_NB_CFG 0xc001001f +#define MSR_AMD64_IC_CFG 0xc0011021 #define MSR_AMD64_DC_CFG 0xc0011022 #define AMD64_NB_CFG_CF8_EXT_ENABLE_BIT 46 _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 08 18:00:35 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 08 Jan 2013 18:00:35 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsdTV-0006b1-0X; Tue, 08 Jan 2013 18:00:33 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsdTT-0006aq-VO for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 18:00:32 +0000 Received: from [85.158.139.211:10857] by server-5.bemta-5.messagelabs.com id 81/97-22648-FBE5CE05; Tue, 08 Jan 2013 18:00:31 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-9.tower-206.messagelabs.com!1357668028!20792066!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests=ML_RADAR_SPEW_LINKS_32, spamassassin: X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 18539 invoked from network); 8 Jan 2013 18:00:29 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-9.tower-206.messagelabs.com with AES256-SHA encrypted SMTP; 8 Jan 2013 18:00:29 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsdTQ-0006o4-LE for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 18:00:28 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TsdTQ-0003Bw-Cf for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 18:00:28 +0000 Message-Id: Date: Tue, 08 Jan 2013 18:00:26 +0000 From: Xen patchbot-4.1-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.1-testing] x86, amd: Disable way access filter on Piledriver CPUs X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Andre Przywara # Date 1357637017 -3600 # Node ID afdcd18ac70f43de3cf486da10327f515806f3ce # Parent 54df833dd82f49889421551646a3ae8d95bb217e x86, amd: Disable way access filter on Piledriver CPUs The Way Access Filter in recent AMD CPUs may hurt the performance of some workloads, caused by aliasing issues in the L1 cache. This patch disables it on the affected CPUs. The issue is similar to that one of last year: http://lkml.indiana.edu/hypermail/linux/kernel/1107.3/00041.html This new patch does not replace the old one, we just need another quirk for newer CPUs. The performance penalty without the patch depends on the circumstances, but is a bit less than the last year's 3%. The workloads affected would be those that access code from the same physical page under different virtual addresses, so different processes using the same libraries with ASLR or multiple instances of PIE-binaries. The code needs to be accessed simultaneously from both cores of the same compute unit. More details can be found here: http://developer.amd.com/Assets/SharedL1InstructionCacheonAMD15hCPU.pdf CPUs affected are anything with the core known as Piledriver. That includes the new parts of the AMD A-Series (aka Trinity) and the just released new CPUs of the FX-Series (aka Vishera). The model numbering is a bit odd here: FX CPUs have model 2, A-Series has model 10h, with possible extensions to 1Fh. Hence the range of model ids. Signed-off-by: Andre Przywara Add and use MSR_AMD64_IC_CFG. Update the value whenever it is found to not have all bits set, rather than just when it's zero. Signed-off-by: Jan Beulich Acked-by: Keir Fraser xen-unstable changeset: 26294:5fb0b8b838da xen-unstable date: Wed Dec 19 10:42:09 UTC 2012 --- diff -r 54df833dd82f -r afdcd18ac70f xen/arch/x86/cpu/amd.c --- a/xen/arch/x86/cpu/amd.c Tue Jan 08 10:22:32 2013 +0100 +++ b/xen/arch/x86/cpu/amd.c Tue Jan 08 10:23:37 2013 +0100 @@ -616,6 +616,14 @@ static void __devinit init_amd(struct cp } } + /* + * The way access filter has a performance penalty on some workloads. + * Disable it on the affected CPUs. + */ + if (c->x86 == 0x15 && c->x86_model >= 0x02 && c->x86_model < 0x20 && + !rdmsr_safe(MSR_AMD64_IC_CFG, value) && (value & 0x1e) != 0x1e) + wrmsr_safe(MSR_AMD64_IC_CFG, value | 0x1e); + amd_get_topology(c); /* Pointless to use MWAIT on Family10 as it does not deep sleep. */ diff -r 54df833dd82f -r afdcd18ac70f xen/include/asm-x86/msr-index.h --- a/xen/include/asm-x86/msr-index.h Tue Jan 08 10:22:32 2013 +0100 +++ b/xen/include/asm-x86/msr-index.h Tue Jan 08 10:23:37 2013 +0100 @@ -245,6 +245,7 @@ /* AMD64 MSRs */ #define MSR_AMD64_NB_CFG 0xc001001f +#define MSR_AMD64_IC_CFG 0xc0011021 #define MSR_AMD64_DC_CFG 0xc0011022 #define AMD64_NB_CFG_CF8_EXT_ENABLE_BIT 46 _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 08 18:00:43 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 08 Jan 2013 18:00:43 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsdTd-0006cg-3U; Tue, 08 Jan 2013 18:00:41 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsdTb-0006cG-Sr for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 18:00:40 +0000 Received: from [85.158.137.99:38987] by server-8.bemta-3.messagelabs.com id EA/CD-01233-2CE5CE05; Tue, 08 Jan 2013 18:00:34 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-13.tower-217.messagelabs.com!1357668026!17035720!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 29429 invoked from network); 8 Jan 2013 18:00:27 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-13.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 8 Jan 2013 18:00:27 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsdTN-0006nv-RB for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 18:00:25 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TsdTH-0003AK-F7 for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 18:00:21 +0000 Message-Id: Date: Tue, 08 Jan 2013 18:00:18 +0000 From: Xen patchbot-4.1-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.1-testing] x86/HPET: fix FSB interrupt masking X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357636739 -3600 # Node ID 2e0a6f43218220f2b293bed979a6aa1e79a53b8d # Parent c2cb6182a58ce946ebef2658f4eda5d01b7906d2 x86/HPET: fix FSB interrupt masking HPET_TN_FSB is not really suitable for masking interrupts - it merely switches between the two delivery methods. The right way of masking is through the HPET_TN_ENABLE bit (which really is an interrupt enable, not a counter enable or some such). This is even more so with certain chip sets not even allowing HPET_TN_FSB to be cleared on some of the channels. Further, all the setup of the channel should happen before actually enabling the interrupt, which requires splitting legacy and FSB logic. Finally this also fixes an S3 resume problem (HPET_TN_FSB did not get set in hpet_broadcast_resume(), and hpet_msi_unmask() doesn't get called from the general resume code either afaict). Signed-off-by: Jan Beulich Acked-by: Keir Fraser xen-unstable changeset: 26183:c139ca92edca xen-unstable date: Thu Nov 22 09:03:23 UTC 2012 --- diff -r c2cb6182a58c -r 2e0a6f432182 xen/arch/x86/hpet.c --- a/xen/arch/x86/hpet.c Tue Jan 08 10:16:55 2013 +0100 +++ b/xen/arch/x86/hpet.c Tue Jan 08 10:18:59 2013 +0100 @@ -262,7 +262,7 @@ static void hpet_msi_unmask(unsigned int ch = &hpet_events[ch_idx]; cfg = hpet_read32(HPET_Tn_CFG(ch->idx)); - cfg |= HPET_TN_FSB; + cfg |= HPET_TN_ENABLE; hpet_write32(cfg, HPET_Tn_CFG(ch->idx)); } @@ -276,7 +276,7 @@ static void hpet_msi_mask(unsigned int i ch = &hpet_events[ch_idx]; cfg = hpet_read32(HPET_Tn_CFG(ch->idx)); - cfg &= ~HPET_TN_FSB; + cfg &= ~HPET_TN_ENABLE; hpet_write32(cfg, HPET_Tn_CFG(ch->idx)); } @@ -367,8 +367,14 @@ static int hpet_setup_msi_irq(unsigned i int ret; struct msi_msg msg; struct hpet_event_channel *ch = &hpet_events[irq_to_channel(irq)]; + u32 cfg = hpet_read32(HPET_Tn_CFG(ch->idx)); irq_desc_t *desc = irq_to_desc(irq); + /* set HPET Tn as oneshot */ + cfg &= ~(HPET_TN_LEVEL | HPET_TN_PERIODIC); + cfg |= HPET_TN_FSB | HPET_TN_32BIT; + hpet_write32(cfg, HPET_Tn_CFG(ch->idx)); + if ( desc->handler == &no_irq_type ) { desc->handler = &hpet_msi_type; @@ -593,12 +599,6 @@ void hpet_broadcast_init(void) for ( i = 0; i < num_hpets_used; i++ ) { - /* set HPET Tn as oneshot */ - cfg = hpet_read32(HPET_Tn_CFG(hpet_events[i].idx)); - cfg &= ~HPET_TN_PERIODIC; - cfg |= HPET_TN_ENABLE | HPET_TN_32BIT; - hpet_write32(cfg, HPET_Tn_CFG(hpet_events[i].idx)); - hpet_events[i].mult = div_sc((unsigned long)hpet_rate, 1000000000ul, 32); hpet_events[i].shift = 32; @@ -626,7 +626,7 @@ void hpet_broadcast_init(void) /* set HPET T0 as oneshot */ cfg = hpet_read32(HPET_T0_CFG); - cfg &= ~HPET_TN_PERIODIC; + cfg &= ~(HPET_TN_LEVEL | HPET_TN_PERIODIC); cfg |= HPET_TN_ENABLE | HPET_TN_32BIT; hpet_write32(cfg, HPET_T0_CFG); diff -r c2cb6182a58c -r 2e0a6f432182 xen/include/asm-x86/hpet.h --- a/xen/include/asm-x86/hpet.h Tue Jan 08 10:16:55 2013 +0100 +++ b/xen/include/asm-x86/hpet.h Tue Jan 08 10:18:59 2013 +0100 @@ -42,6 +42,7 @@ #define HPET_LEGACY_8254 2 #define HPET_LEGACY_RTC 8 +#define HPET_TN_LEVEL 0x002 #define HPET_TN_ENABLE 0x004 #define HPET_TN_PERIODIC 0x008 #define HPET_TN_PERIODIC_CAP 0x010 _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 08 18:00:43 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 08 Jan 2013 18:00:43 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsdTd-0006cg-3U; Tue, 08 Jan 2013 18:00:41 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsdTb-0006cG-Sr for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 18:00:40 +0000 Received: from [85.158.137.99:38987] by server-8.bemta-3.messagelabs.com id EA/CD-01233-2CE5CE05; Tue, 08 Jan 2013 18:00:34 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-13.tower-217.messagelabs.com!1357668026!17035720!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 29429 invoked from network); 8 Jan 2013 18:00:27 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-13.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 8 Jan 2013 18:00:27 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsdTN-0006nv-RB for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 18:00:25 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TsdTH-0003AK-F7 for xen-changelog@lists.xensource.com; Tue, 08 Jan 2013 18:00:21 +0000 Message-Id: Date: Tue, 08 Jan 2013 18:00:18 +0000 From: Xen patchbot-4.1-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.1-testing] x86/HPET: fix FSB interrupt masking X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357636739 -3600 # Node ID 2e0a6f43218220f2b293bed979a6aa1e79a53b8d # Parent c2cb6182a58ce946ebef2658f4eda5d01b7906d2 x86/HPET: fix FSB interrupt masking HPET_TN_FSB is not really suitable for masking interrupts - it merely switches between the two delivery methods. The right way of masking is through the HPET_TN_ENABLE bit (which really is an interrupt enable, not a counter enable or some such). This is even more so with certain chip sets not even allowing HPET_TN_FSB to be cleared on some of the channels. Further, all the setup of the channel should happen before actually enabling the interrupt, which requires splitting legacy and FSB logic. Finally this also fixes an S3 resume problem (HPET_TN_FSB did not get set in hpet_broadcast_resume(), and hpet_msi_unmask() doesn't get called from the general resume code either afaict). Signed-off-by: Jan Beulich Acked-by: Keir Fraser xen-unstable changeset: 26183:c139ca92edca xen-unstable date: Thu Nov 22 09:03:23 UTC 2012 --- diff -r c2cb6182a58c -r 2e0a6f432182 xen/arch/x86/hpet.c --- a/xen/arch/x86/hpet.c Tue Jan 08 10:16:55 2013 +0100 +++ b/xen/arch/x86/hpet.c Tue Jan 08 10:18:59 2013 +0100 @@ -262,7 +262,7 @@ static void hpet_msi_unmask(unsigned int ch = &hpet_events[ch_idx]; cfg = hpet_read32(HPET_Tn_CFG(ch->idx)); - cfg |= HPET_TN_FSB; + cfg |= HPET_TN_ENABLE; hpet_write32(cfg, HPET_Tn_CFG(ch->idx)); } @@ -276,7 +276,7 @@ static void hpet_msi_mask(unsigned int i ch = &hpet_events[ch_idx]; cfg = hpet_read32(HPET_Tn_CFG(ch->idx)); - cfg &= ~HPET_TN_FSB; + cfg &= ~HPET_TN_ENABLE; hpet_write32(cfg, HPET_Tn_CFG(ch->idx)); } @@ -367,8 +367,14 @@ static int hpet_setup_msi_irq(unsigned i int ret; struct msi_msg msg; struct hpet_event_channel *ch = &hpet_events[irq_to_channel(irq)]; + u32 cfg = hpet_read32(HPET_Tn_CFG(ch->idx)); irq_desc_t *desc = irq_to_desc(irq); + /* set HPET Tn as oneshot */ + cfg &= ~(HPET_TN_LEVEL | HPET_TN_PERIODIC); + cfg |= HPET_TN_FSB | HPET_TN_32BIT; + hpet_write32(cfg, HPET_Tn_CFG(ch->idx)); + if ( desc->handler == &no_irq_type ) { desc->handler = &hpet_msi_type; @@ -593,12 +599,6 @@ void hpet_broadcast_init(void) for ( i = 0; i < num_hpets_used; i++ ) { - /* set HPET Tn as oneshot */ - cfg = hpet_read32(HPET_Tn_CFG(hpet_events[i].idx)); - cfg &= ~HPET_TN_PERIODIC; - cfg |= HPET_TN_ENABLE | HPET_TN_32BIT; - hpet_write32(cfg, HPET_Tn_CFG(hpet_events[i].idx)); - hpet_events[i].mult = div_sc((unsigned long)hpet_rate, 1000000000ul, 32); hpet_events[i].shift = 32; @@ -626,7 +626,7 @@ void hpet_broadcast_init(void) /* set HPET T0 as oneshot */ cfg = hpet_read32(HPET_T0_CFG); - cfg &= ~HPET_TN_PERIODIC; + cfg &= ~(HPET_TN_LEVEL | HPET_TN_PERIODIC); cfg |= HPET_TN_ENABLE | HPET_TN_32BIT; hpet_write32(cfg, HPET_T0_CFG); diff -r c2cb6182a58c -r 2e0a6f432182 xen/include/asm-x86/hpet.h --- a/xen/include/asm-x86/hpet.h Tue Jan 08 10:16:55 2013 +0100 +++ b/xen/include/asm-x86/hpet.h Tue Jan 08 10:18:59 2013 +0100 @@ -42,6 +42,7 @@ #define HPET_LEGACY_8254 2 #define HPET_LEGACY_RTC 8 +#define HPET_TN_LEVEL 0x002 #define HPET_TN_ENABLE 0x004 #define HPET_TN_PERIODIC 0x008 #define HPET_TN_PERIODIC_CAP 0x010 _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 09 03:44:19 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 09 Jan 2013 03:44:19 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsmaM-0002QE-JA; Wed, 09 Jan 2013 03:44:14 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsmaK-0002Q0-SX for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 03:44:13 +0000 Received: from [85.158.143.35:15632] by server-3.bemta-4.messagelabs.com id 5F/3A-18211-C87ECE05; Wed, 09 Jan 2013 03:44:12 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-15.tower-21.messagelabs.com!1357703050!13848300!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 26157 invoked from network); 9 Jan 2013 03:44:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-15.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 9 Jan 2013 03:44:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsmaI-0003Il-3u for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 03:44:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TsmaH-0001LR-LZ for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 03:44:09 +0000 Message-Id: Date: Wed, 09 Jan 2013 03:44:09 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] nested vmx: synchronize page fault error code match and mask X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Dongxiao Xu # Date 1357638215 -3600 # Node ID 11e92ef6d84a20a6b0b2f989060a6bc1a123d2c0 # Parent d5eb414fb0fbaece49b5040dba7df23fe3cb7b12 nested vmx: synchronize page fault error code match and mask Page fault is specially handled not only with exception bitmaps, but also with consideration of page fault error code mask/match values. Therefore in nested virtualization case, the two values need to be synchronized from virtual VMCS to shadow VMCS. Signed-off-by: Dongxiao Xu Committed-by: Jan Beulich --- diff -r d5eb414fb0fb -r 11e92ef6d84a xen/arch/x86/hvm/vmx/vvmx.c --- a/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 08 10:42:19 2013 +0100 +++ b/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 08 10:43:35 2013 +0100 @@ -603,6 +603,17 @@ static void nvmx_update_tpr_threshold(st __vmwrite(TPR_THRESHOLD, 0); } +static void nvmx_update_pfec(struct vcpu *v) +{ + struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v); + void *vvmcs = nvcpu->nv_vvmcx; + + __vmwrite(PAGE_FAULT_ERROR_CODE_MASK, + __get_vvmcs(vvmcs, PAGE_FAULT_ERROR_CODE_MASK)); + __vmwrite(PAGE_FAULT_ERROR_CODE_MATCH, + __get_vvmcs(vvmcs, PAGE_FAULT_ERROR_CODE_MATCH)); +} + static void __clear_current_vvmcs(struct vcpu *v) { struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v); @@ -813,6 +824,7 @@ static void load_shadow_control(struct v nvmx_update_apic_access_address(v); nvmx_update_virtual_apic_address(v); nvmx_update_tpr_threshold(v); + nvmx_update_pfec(v); } static void load_shadow_guest_state(struct vcpu *v) _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 09 03:44:19 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 09 Jan 2013 03:44:19 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsmaM-0002QE-JA; Wed, 09 Jan 2013 03:44:14 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsmaK-0002Q0-SX for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 03:44:13 +0000 Received: from [85.158.143.35:15632] by server-3.bemta-4.messagelabs.com id 5F/3A-18211-C87ECE05; Wed, 09 Jan 2013 03:44:12 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-15.tower-21.messagelabs.com!1357703050!13848300!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 26157 invoked from network); 9 Jan 2013 03:44:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-15.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 9 Jan 2013 03:44:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsmaI-0003Il-3u for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 03:44:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TsmaH-0001LR-LZ for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 03:44:09 +0000 Message-Id: Date: Wed, 09 Jan 2013 03:44:09 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] nested vmx: synchronize page fault error code match and mask X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Dongxiao Xu # Date 1357638215 -3600 # Node ID 11e92ef6d84a20a6b0b2f989060a6bc1a123d2c0 # Parent d5eb414fb0fbaece49b5040dba7df23fe3cb7b12 nested vmx: synchronize page fault error code match and mask Page fault is specially handled not only with exception bitmaps, but also with consideration of page fault error code mask/match values. Therefore in nested virtualization case, the two values need to be synchronized from virtual VMCS to shadow VMCS. Signed-off-by: Dongxiao Xu Committed-by: Jan Beulich --- diff -r d5eb414fb0fb -r 11e92ef6d84a xen/arch/x86/hvm/vmx/vvmx.c --- a/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 08 10:42:19 2013 +0100 +++ b/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 08 10:43:35 2013 +0100 @@ -603,6 +603,17 @@ static void nvmx_update_tpr_threshold(st __vmwrite(TPR_THRESHOLD, 0); } +static void nvmx_update_pfec(struct vcpu *v) +{ + struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v); + void *vvmcs = nvcpu->nv_vvmcx; + + __vmwrite(PAGE_FAULT_ERROR_CODE_MASK, + __get_vvmcs(vvmcs, PAGE_FAULT_ERROR_CODE_MASK)); + __vmwrite(PAGE_FAULT_ERROR_CODE_MATCH, + __get_vvmcs(vvmcs, PAGE_FAULT_ERROR_CODE_MATCH)); +} + static void __clear_current_vvmcs(struct vcpu *v) { struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v); @@ -813,6 +824,7 @@ static void load_shadow_control(struct v nvmx_update_apic_access_address(v); nvmx_update_virtual_apic_address(v); nvmx_update_tpr_threshold(v); + nvmx_update_pfec(v); } static void load_shadow_guest_state(struct vcpu *v) _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 09 03:44:23 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 09 Jan 2013 03:44:23 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsmaM-0002Q9-Gd; Wed, 09 Jan 2013 03:44:14 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsmaK-0002Pz-6C for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 03:44:12 +0000 Received: from [85.158.139.83:42354] by server-13.bemta-5.messagelabs.com id 4C/C2-10716-B87ECE05; Wed, 09 Jan 2013 03:44:11 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-3.tower-182.messagelabs.com!1357703050!32857046!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 28531 invoked from network); 9 Jan 2013 03:44:10 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-3.tower-182.messagelabs.com with AES256-SHA encrypted SMTP; 9 Jan 2013 03:44:10 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsmaH-0003Ij-Lu for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 03:44:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TsmaH-0001LC-2e for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 03:44:09 +0000 Message-Id: Date: Wed, 09 Jan 2013 03:44:08 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] nested vmx: emulate IA32_VMX_MISC MSR X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Dongxiao Xu # Date 1357638139 -3600 # Node ID d5eb414fb0fbaece49b5040dba7df23fe3cb7b12 # Parent 5e105c5c036dedc21aa62e2c847371839c253cf1 nested vmx: emulate IA32_VMX_MISC MSR Use the host value to emulate IA32_VMX_MISC MSR for L1 VMM. For CR3-target value, we don't support this feature currently and set the number to zero. Signed-off-by: Dongxiao Xu Committed-by: Jan Beulich --- diff -r 5e105c5c036d -r d5eb414fb0fb xen/arch/x86/hvm/vmx/vvmx.c --- a/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 08 10:37:38 2013 +0100 +++ b/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 08 10:42:19 2013 +0100 @@ -1462,7 +1462,8 @@ int nvmx_msr_read_intercept(unsigned int data = 0x267ff & ~X86_CR4_SMXE; break; case MSR_IA32_VMX_MISC: - gdprintk(XENLOG_WARNING, "VMX MSR %x not fully supported yet.\n", msr); + /* Do not support CR3-target feature now */ + data = host_data & ~VMX_MISC_CR3_TARGET; break; default: r = 0; diff -r 5e105c5c036d -r d5eb414fb0fb xen/include/asm-x86/hvm/vmx/vmcs.h --- a/xen/include/asm-x86/hvm/vmx/vmcs.h Tue Jan 08 10:37:38 2013 +0100 +++ b/xen/include/asm-x86/hvm/vmx/vmcs.h Tue Jan 08 10:42:19 2013 +0100 @@ -209,6 +209,8 @@ extern bool_t cpu_has_vmx_ins_outs_instr #define VMX_VPID_INVVPID_ALL_CONTEXT 0x40000000000ULL #define VMX_VPID_INVVPID_SINGLE_CONTEXT_RETAINING_GLOBAL 0x80000000000ULL +#define VMX_MISC_CR3_TARGET 0x1ff0000 + #define cpu_has_wbinvd_exiting \ (vmx_secondary_exec_control & SECONDARY_EXEC_WBINVD_EXITING) #define cpu_has_vmx_virtualize_apic_accesses \ _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 09 03:44:23 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 09 Jan 2013 03:44:23 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsmaM-0002Q9-Gd; Wed, 09 Jan 2013 03:44:14 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsmaK-0002Pz-6C for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 03:44:12 +0000 Received: from [85.158.139.83:42354] by server-13.bemta-5.messagelabs.com id 4C/C2-10716-B87ECE05; Wed, 09 Jan 2013 03:44:11 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-3.tower-182.messagelabs.com!1357703050!32857046!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 28531 invoked from network); 9 Jan 2013 03:44:10 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-3.tower-182.messagelabs.com with AES256-SHA encrypted SMTP; 9 Jan 2013 03:44:10 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsmaH-0003Ij-Lu for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 03:44:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TsmaH-0001LC-2e for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 03:44:09 +0000 Message-Id: Date: Wed, 09 Jan 2013 03:44:08 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] nested vmx: emulate IA32_VMX_MISC MSR X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Dongxiao Xu # Date 1357638139 -3600 # Node ID d5eb414fb0fbaece49b5040dba7df23fe3cb7b12 # Parent 5e105c5c036dedc21aa62e2c847371839c253cf1 nested vmx: emulate IA32_VMX_MISC MSR Use the host value to emulate IA32_VMX_MISC MSR for L1 VMM. For CR3-target value, we don't support this feature currently and set the number to zero. Signed-off-by: Dongxiao Xu Committed-by: Jan Beulich --- diff -r 5e105c5c036d -r d5eb414fb0fb xen/arch/x86/hvm/vmx/vvmx.c --- a/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 08 10:37:38 2013 +0100 +++ b/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 08 10:42:19 2013 +0100 @@ -1462,7 +1462,8 @@ int nvmx_msr_read_intercept(unsigned int data = 0x267ff & ~X86_CR4_SMXE; break; case MSR_IA32_VMX_MISC: - gdprintk(XENLOG_WARNING, "VMX MSR %x not fully supported yet.\n", msr); + /* Do not support CR3-target feature now */ + data = host_data & ~VMX_MISC_CR3_TARGET; break; default: r = 0; diff -r 5e105c5c036d -r d5eb414fb0fb xen/include/asm-x86/hvm/vmx/vmcs.h --- a/xen/include/asm-x86/hvm/vmx/vmcs.h Tue Jan 08 10:37:38 2013 +0100 +++ b/xen/include/asm-x86/hvm/vmx/vmcs.h Tue Jan 08 10:42:19 2013 +0100 @@ -209,6 +209,8 @@ extern bool_t cpu_has_vmx_ins_outs_instr #define VMX_VPID_INVVPID_ALL_CONTEXT 0x40000000000ULL #define VMX_VPID_INVVPID_SINGLE_CONTEXT_RETAINING_GLOBAL 0x80000000000ULL +#define VMX_MISC_CR3_TARGET 0x1ff0000 + #define cpu_has_wbinvd_exiting \ (vmx_secondary_exec_control & SECONDARY_EXEC_WBINVD_EXITING) #define cpu_has_vmx_virtualize_apic_accesses \ _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 09 03:44:30 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 09 Jan 2013 03:44:30 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsmaY-0002RN-OP; Wed, 09 Jan 2013 03:44:26 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsmaX-0002R9-Mm for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 03:44:25 +0000 Received: from [85.158.137.99:18477] by server-4.bemta-3.messagelabs.com id 65/2B-31835-897ECE05; Wed, 09 Jan 2013 03:44:24 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-3.tower-217.messagelabs.com!1357703049!16179433!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 19376 invoked from network); 9 Jan 2013 03:44:10 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-3.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 9 Jan 2013 03:44:10 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsmaH-0003Ig-2P for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 03:44:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TsmaG-0001Kx-DG for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 03:44:08 +0000 Message-Id: Date: Wed, 09 Jan 2013 03:44:07 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] x86/hvm: Bind xen-created event channels to building domain X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357637858 -3600 # Node ID 5e105c5c036dedc21aa62e2c847371839c253cf1 # Parent e1facbde56ff4e5e85f9a4935abc99eb24367cd0 x86/hvm: Bind xen-created event channels to building domain Instead of using a hardcoded domain 0 as the endpoint for the event channels created in hvm_vcpu_initialise, use the domain ID of the building domain so that a domain builder in a domain other than dom0 has the expected access to the event channels. Signed-off-by: Daniel De Graaf Committed-by: Jan Beulich --- diff -r e1facbde56ff -r 5e105c5c036d xen/arch/x86/hvm/hvm.c --- a/xen/arch/x86/hvm/hvm.c Mon Jan 07 14:20:26 2013 +0100 +++ b/xen/arch/x86/hvm/hvm.c Tue Jan 08 10:37:38 2013 +0100 @@ -1071,7 +1071,7 @@ int hvm_vcpu_initialise(struct vcpu *v) goto fail3; /* Create ioreq event channel. */ - rc = alloc_unbound_xen_event_channel(v, 0, NULL); + rc = alloc_unbound_xen_event_channel(v, current->domain->domain_id, NULL); if ( rc < 0 ) goto fail4; @@ -1081,7 +1081,7 @@ int hvm_vcpu_initialise(struct vcpu *v) if ( v->vcpu_id == 0 ) { /* Create bufioreq event channel. */ - rc = alloc_unbound_xen_event_channel(v, 0, NULL); + rc = alloc_unbound_xen_event_channel(v, current->domain->domain_id, NULL); if ( rc < 0 ) goto fail2; v->domain->arch.hvm_domain.params[HVM_PARAM_BUFIOREQ_EVTCHN] = rc; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 09 03:44:30 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 09 Jan 2013 03:44:30 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsmaY-0002RN-OP; Wed, 09 Jan 2013 03:44:26 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsmaX-0002R9-Mm for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 03:44:25 +0000 Received: from [85.158.137.99:18477] by server-4.bemta-3.messagelabs.com id 65/2B-31835-897ECE05; Wed, 09 Jan 2013 03:44:24 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-3.tower-217.messagelabs.com!1357703049!16179433!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 19376 invoked from network); 9 Jan 2013 03:44:10 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-3.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 9 Jan 2013 03:44:10 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TsmaH-0003Ig-2P for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 03:44:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TsmaG-0001Kx-DG for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 03:44:08 +0000 Message-Id: Date: Wed, 09 Jan 2013 03:44:07 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] x86/hvm: Bind xen-created event channels to building domain X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357637858 -3600 # Node ID 5e105c5c036dedc21aa62e2c847371839c253cf1 # Parent e1facbde56ff4e5e85f9a4935abc99eb24367cd0 x86/hvm: Bind xen-created event channels to building domain Instead of using a hardcoded domain 0 as the endpoint for the event channels created in hvm_vcpu_initialise, use the domain ID of the building domain so that a domain builder in a domain other than dom0 has the expected access to the event channels. Signed-off-by: Daniel De Graaf Committed-by: Jan Beulich --- diff -r e1facbde56ff -r 5e105c5c036d xen/arch/x86/hvm/hvm.c --- a/xen/arch/x86/hvm/hvm.c Mon Jan 07 14:20:26 2013 +0100 +++ b/xen/arch/x86/hvm/hvm.c Tue Jan 08 10:37:38 2013 +0100 @@ -1071,7 +1071,7 @@ int hvm_vcpu_initialise(struct vcpu *v) goto fail3; /* Create ioreq event channel. */ - rc = alloc_unbound_xen_event_channel(v, 0, NULL); + rc = alloc_unbound_xen_event_channel(v, current->domain->domain_id, NULL); if ( rc < 0 ) goto fail4; @@ -1081,7 +1081,7 @@ int hvm_vcpu_initialise(struct vcpu *v) if ( v->vcpu_id == 0 ) { /* Create bufioreq event channel. */ - rc = alloc_unbound_xen_event_channel(v, 0, NULL); + rc = alloc_unbound_xen_event_channel(v, current->domain->domain_id, NULL); if ( rc < 0 ) goto fail2; v->domain->arch.hvm_domain.params[HVM_PARAM_BUFIOREQ_EVTCHN] = rc; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 09 22:33:20 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 09 Jan 2013 22:33:20 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt4Cx-0005Gi-U4; Wed, 09 Jan 2013 22:33:15 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt4Cw-0005GS-NO for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 22:33:14 +0000 Received: from [85.158.139.83:60928] by server-13.bemta-5.messagelabs.com id 2C/73-10716-A20FDE05; Wed, 09 Jan 2013 22:33:14 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-13.tower-182.messagelabs.com!1357770792!32420661!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 22583 invoked from network); 9 Jan 2013 22:33:13 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-13.tower-182.messagelabs.com with AES256-SHA encrypted SMTP; 9 Jan 2013 22:33:13 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt4Ct-00080c-PE for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 22:33:11 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tt4Ct-0006Bg-Nf for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 22:33:11 +0000 Message-Id: Date: Wed, 09 Jan 2013 22:33:11 +0000 From: Xen patchbot-4.2-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.2-testing] passthrough/domctl: use correct struct in union X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Andrew Cooper # Date 1357725114 -3600 # Node ID b2b486d4331f6b3bb43bda8fc62b6a9b32d7b8ba # Parent 5fd008a07f25e9e32d2f87431dfe9e48d2047c29 passthrough/domctl: use correct struct in union This appears to be a copy paste error from c/s 23861:ec7c81fbe0de. It is safe, functionally speaking, as both the xen_domctl_assign_device and xen_domctl_get_device_group structure start with a 'uint32_t machine_sbdf'. We should however use the correct union structure. Signed-off-by: Andrew Cooper xen-unstable changeset: 26320:8fd5635f451b xen-unstable date: Fri Jan 4 09:06:47 UTC 2013 --- diff -r 5fd008a07f25 -r b2b486d4331f xen/drivers/passthrough/iommu.c --- a/xen/drivers/passthrough/iommu.c Wed Jan 09 10:49:50 2013 +0100 +++ b/xen/drivers/passthrough/iommu.c Wed Jan 09 10:51:54 2013 +0100 @@ -585,7 +585,7 @@ int iommu_do_domctl( if ( ret ) break; - seg = domctl->u.get_device_group.machine_sbdf >> 16; + seg = domctl->u.assign_device.machine_sbdf >> 16; bus = (domctl->u.assign_device.machine_sbdf >> 8) & 0xff; devfn = domctl->u.assign_device.machine_sbdf & 0xff; @@ -614,7 +614,7 @@ int iommu_do_domctl( if ( ret ) goto assign_device_out; - seg = domctl->u.get_device_group.machine_sbdf >> 16; + seg = domctl->u.assign_device.machine_sbdf >> 16; bus = (domctl->u.assign_device.machine_sbdf >> 8) & 0xff; devfn = domctl->u.assign_device.machine_sbdf & 0xff; @@ -642,7 +642,7 @@ int iommu_do_domctl( if ( ret ) goto deassign_device_out; - seg = domctl->u.get_device_group.machine_sbdf >> 16; + seg = domctl->u.assign_device.machine_sbdf >> 16; bus = (domctl->u.assign_device.machine_sbdf >> 8) & 0xff; devfn = domctl->u.assign_device.machine_sbdf & 0xff; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 09 22:33:20 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 09 Jan 2013 22:33:20 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt4Cx-0005Gi-U4; Wed, 09 Jan 2013 22:33:15 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt4Cw-0005GS-NO for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 22:33:14 +0000 Received: from [85.158.139.83:60928] by server-13.bemta-5.messagelabs.com id 2C/73-10716-A20FDE05; Wed, 09 Jan 2013 22:33:14 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-13.tower-182.messagelabs.com!1357770792!32420661!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 22583 invoked from network); 9 Jan 2013 22:33:13 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-13.tower-182.messagelabs.com with AES256-SHA encrypted SMTP; 9 Jan 2013 22:33:13 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt4Ct-00080c-PE for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 22:33:11 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tt4Ct-0006Bg-Nf for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 22:33:11 +0000 Message-Id: Date: Wed, 09 Jan 2013 22:33:11 +0000 From: Xen patchbot-4.2-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.2-testing] passthrough/domctl: use correct struct in union X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Andrew Cooper # Date 1357725114 -3600 # Node ID b2b486d4331f6b3bb43bda8fc62b6a9b32d7b8ba # Parent 5fd008a07f25e9e32d2f87431dfe9e48d2047c29 passthrough/domctl: use correct struct in union This appears to be a copy paste error from c/s 23861:ec7c81fbe0de. It is safe, functionally speaking, as both the xen_domctl_assign_device and xen_domctl_get_device_group structure start with a 'uint32_t machine_sbdf'. We should however use the correct union structure. Signed-off-by: Andrew Cooper xen-unstable changeset: 26320:8fd5635f451b xen-unstable date: Fri Jan 4 09:06:47 UTC 2013 --- diff -r 5fd008a07f25 -r b2b486d4331f xen/drivers/passthrough/iommu.c --- a/xen/drivers/passthrough/iommu.c Wed Jan 09 10:49:50 2013 +0100 +++ b/xen/drivers/passthrough/iommu.c Wed Jan 09 10:51:54 2013 +0100 @@ -585,7 +585,7 @@ int iommu_do_domctl( if ( ret ) break; - seg = domctl->u.get_device_group.machine_sbdf >> 16; + seg = domctl->u.assign_device.machine_sbdf >> 16; bus = (domctl->u.assign_device.machine_sbdf >> 8) & 0xff; devfn = domctl->u.assign_device.machine_sbdf & 0xff; @@ -614,7 +614,7 @@ int iommu_do_domctl( if ( ret ) goto assign_device_out; - seg = domctl->u.get_device_group.machine_sbdf >> 16; + seg = domctl->u.assign_device.machine_sbdf >> 16; bus = (domctl->u.assign_device.machine_sbdf >> 8) & 0xff; devfn = domctl->u.assign_device.machine_sbdf & 0xff; @@ -642,7 +642,7 @@ int iommu_do_domctl( if ( ret ) goto deassign_device_out; - seg = domctl->u.get_device_group.machine_sbdf >> 16; + seg = domctl->u.assign_device.machine_sbdf >> 16; bus = (domctl->u.assign_device.machine_sbdf >> 8) & 0xff; devfn = domctl->u.assign_device.machine_sbdf & 0xff; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 09 22:33:23 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 09 Jan 2013 22:33:23 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt4Cw-0005GU-RU; Wed, 09 Jan 2013 22:33:14 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt4Cv-0005GJ-Az for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 22:33:13 +0000 Received: from [85.158.139.211:40423] by server-2.bemta-5.messagelabs.com id A0/F5-16162-820FDE05; Wed, 09 Jan 2013 22:33:12 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-3.tower-206.messagelabs.com!1357770790!22669360!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 31130 invoked from network); 9 Jan 2013 22:33:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-3.tower-206.messagelabs.com with AES256-SHA encrypted SMTP; 9 Jan 2013 22:33:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt4Cs-00080T-Br for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 22:33:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tt4Cs-0006Aw-2w for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 22:33:10 +0000 Message-Id: Date: Wed, 09 Jan 2013 22:33:09 +0000 From: Xen patchbot-4.2-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.2-testing] IOMMU: imply "verbose" from "debug" X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357717887 -3600 # Node ID 18b56fd7dcb236d7e1fa2458e366df7863a945a5 # Parent 9abea6220b1110e4ca6322afb2f58edc7eef76b4 IOMMU: imply "verbose" from "debug" I think that generally enabling debugging code without also enabling verbose output is rather pointless; if someone really wants this, they can always pass e.g. "iommu=debug,no-verbose". Signed-off-by: Jan Beulich Acked-by: Keir Fraser xen-unstable changeset: 26200:836697b19746 xen-unstable date: Wed Nov 28 16:00:56 UTC 2012 --- diff -r 9abea6220b11 -r 18b56fd7dcb2 xen/drivers/passthrough/iommu.c --- a/xen/drivers/passthrough/iommu.c Wed Jan 09 08:49:56 2013 +0100 +++ b/xen/drivers/passthrough/iommu.c Wed Jan 09 08:51:27 2013 +0100 @@ -91,7 +91,11 @@ static void __init parse_iommu_param(cha else if ( !strcmp(s, "intremap") ) iommu_intremap = val; else if ( !strcmp(s, "debug") ) + { iommu_debug = val; + if ( val ) + iommu_verbose = 1; + } else if ( !strcmp(s, "amd-iommu-perdev-intremap") ) amd_iommu_perdev_intremap = val; else if ( !strcmp(s, "dom0-passthrough") ) _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 09 22:33:23 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 09 Jan 2013 22:33:23 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt4Cw-0005GU-RU; Wed, 09 Jan 2013 22:33:14 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt4Cv-0005GJ-Az for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 22:33:13 +0000 Received: from [85.158.139.211:40423] by server-2.bemta-5.messagelabs.com id A0/F5-16162-820FDE05; Wed, 09 Jan 2013 22:33:12 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-3.tower-206.messagelabs.com!1357770790!22669360!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 31130 invoked from network); 9 Jan 2013 22:33:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-3.tower-206.messagelabs.com with AES256-SHA encrypted SMTP; 9 Jan 2013 22:33:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt4Cs-00080T-Br for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 22:33:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tt4Cs-0006Aw-2w for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 22:33:10 +0000 Message-Id: Date: Wed, 09 Jan 2013 22:33:09 +0000 From: Xen patchbot-4.2-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.2-testing] IOMMU: imply "verbose" from "debug" X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357717887 -3600 # Node ID 18b56fd7dcb236d7e1fa2458e366df7863a945a5 # Parent 9abea6220b1110e4ca6322afb2f58edc7eef76b4 IOMMU: imply "verbose" from "debug" I think that generally enabling debugging code without also enabling verbose output is rather pointless; if someone really wants this, they can always pass e.g. "iommu=debug,no-verbose". Signed-off-by: Jan Beulich Acked-by: Keir Fraser xen-unstable changeset: 26200:836697b19746 xen-unstable date: Wed Nov 28 16:00:56 UTC 2012 --- diff -r 9abea6220b11 -r 18b56fd7dcb2 xen/drivers/passthrough/iommu.c --- a/xen/drivers/passthrough/iommu.c Wed Jan 09 08:49:56 2013 +0100 +++ b/xen/drivers/passthrough/iommu.c Wed Jan 09 08:51:27 2013 +0100 @@ -91,7 +91,11 @@ static void __init parse_iommu_param(cha else if ( !strcmp(s, "intremap") ) iommu_intremap = val; else if ( !strcmp(s, "debug") ) + { iommu_debug = val; + if ( val ) + iommu_verbose = 1; + } else if ( !strcmp(s, "amd-iommu-perdev-intremap") ) amd_iommu_perdev_intremap = val; else if ( !strcmp(s, "dom0-passthrough") ) _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 09 22:33:23 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 09 Jan 2013 22:33:23 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt4D1-0005HH-0X; Wed, 09 Jan 2013 22:33:19 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt4Cz-0005Gn-0A for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 22:33:17 +0000 Received: from [85.158.137.99:50205] by server-4.bemta-3.messagelabs.com id FA/58-31835-720FDE05; Wed, 09 Jan 2013 22:33:11 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-3.tower-217.messagelabs.com!1357770790!16330282!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 29294 invoked from network); 9 Jan 2013 22:33:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-3.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 9 Jan 2013 22:33:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt4Cr-00080Q-U6 for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 22:33:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tt4Cr-0006Ah-G9 for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 22:33:09 +0000 Message-Id: Date: Wed, 09 Jan 2013 22:33:08 +0000 From: Xen patchbot-4.2-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.2-testing] x86/HPET: fix FSB interrupt masking X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357717796 -3600 # Node ID 9abea6220b1110e4ca6322afb2f58edc7eef76b4 # Parent 7dad27b2bcc7ec42c6f76b04c3a5a94bc6b49a0f x86/HPET: fix FSB interrupt masking HPET_TN_FSB is not really suitable for masking interrupts - it merely switches between the two delivery methods. The right way of masking is through the HPET_TN_ENABLE bit (which really is an interrupt enable, not a counter enable or some such). This is even more so with certain chip sets not even allowing HPET_TN_FSB to be cleared on some of the channels. Further, all the setup of the channel should happen before actually enabling the interrupt, which requires splitting legacy and FSB logic. Finally this also fixes an S3 resume problem (HPET_TN_FSB did not get set in hpet_broadcast_resume(), and hpet_msi_unmask() doesn't get called from the general resume code either afaict). Signed-off-by: Jan Beulich Acked-by: Keir Fraser xen-unstable changeset: 26183:c139ca92edca xen-unstable date: Thu Nov 22 09:03:23 UTC 2012 --- diff -r 7dad27b2bcc7 -r 9abea6220b11 xen/arch/x86/hpet.c --- a/xen/arch/x86/hpet.c Mon Jan 07 14:24:36 2013 +0100 +++ b/xen/arch/x86/hpet.c Wed Jan 09 08:49:56 2013 +0100 @@ -236,7 +236,7 @@ static void hpet_msi_unmask(struct irq_d struct hpet_event_channel *ch = desc->action->dev_id; cfg = hpet_read32(HPET_Tn_CFG(ch->idx)); - cfg |= HPET_TN_FSB; + cfg |= HPET_TN_ENABLE; hpet_write32(cfg, HPET_Tn_CFG(ch->idx)); } @@ -246,7 +246,7 @@ static void hpet_msi_mask(struct irq_des struct hpet_event_channel *ch = desc->action->dev_id; cfg = hpet_read32(HPET_Tn_CFG(ch->idx)); - cfg &= ~HPET_TN_FSB; + cfg &= ~HPET_TN_ENABLE; hpet_write32(cfg, HPET_Tn_CFG(ch->idx)); } @@ -319,8 +319,14 @@ static void __hpet_setup_msi_irq(struct static int __init hpet_setup_msi_irq(unsigned int irq, struct hpet_event_channel *ch) { int ret; + u32 cfg = hpet_read32(HPET_Tn_CFG(ch->idx)); irq_desc_t *desc = irq_to_desc(irq); + /* set HPET Tn as oneshot */ + cfg &= ~(HPET_TN_LEVEL | HPET_TN_PERIODIC); + cfg |= HPET_TN_FSB | HPET_TN_32BIT; + hpet_write32(cfg, HPET_Tn_CFG(ch->idx)); + desc->handler = &hpet_msi_type; ret = request_irq(irq, hpet_interrupt_handler, 0, "HPET", ch); if ( ret < 0 ) @@ -541,11 +547,14 @@ void __init hpet_broadcast_init(void) for ( i = 0; i < n; i++ ) { - /* set HPET Tn as oneshot */ - cfg = hpet_read32(HPET_Tn_CFG(hpet_events[i].idx)); - cfg &= ~(HPET_TN_LEVEL | HPET_TN_PERIODIC); - cfg |= HPET_TN_ENABLE | HPET_TN_32BIT; - hpet_write32(cfg, HPET_Tn_CFG(hpet_events[i].idx)); + if ( i == 0 && (cfg & HPET_CFG_LEGACY) ) + { + /* set HPET T0 as oneshot */ + cfg = hpet_read32(HPET_Tn_CFG(0)); + cfg &= ~(HPET_TN_LEVEL | HPET_TN_PERIODIC); + cfg |= HPET_TN_ENABLE | HPET_TN_32BIT; + hpet_write32(cfg, HPET_Tn_CFG(0)); + } /* * The period is a femto seconds value. We need to calculate the scaled @@ -602,6 +611,8 @@ void hpet_broadcast_resume(void) cfg = hpet_read32(HPET_Tn_CFG(hpet_events[i].idx)); cfg &= ~(HPET_TN_LEVEL | HPET_TN_PERIODIC); cfg |= HPET_TN_ENABLE | HPET_TN_32BIT; + if ( !(hpet_events[i].flags & HPET_EVT_LEGACY) ) + cfg |= HPET_TN_FSB; hpet_write32(cfg, HPET_Tn_CFG(hpet_events[i].idx)); hpet_events[i].next_event = STIME_MAX; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 09 22:33:23 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 09 Jan 2013 22:33:23 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt4D1-0005HH-0X; Wed, 09 Jan 2013 22:33:19 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt4Cz-0005Gn-0A for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 22:33:17 +0000 Received: from [85.158.137.99:50205] by server-4.bemta-3.messagelabs.com id FA/58-31835-720FDE05; Wed, 09 Jan 2013 22:33:11 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-3.tower-217.messagelabs.com!1357770790!16330282!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 29294 invoked from network); 9 Jan 2013 22:33:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-3.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 9 Jan 2013 22:33:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt4Cr-00080Q-U6 for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 22:33:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tt4Cr-0006Ah-G9 for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 22:33:09 +0000 Message-Id: Date: Wed, 09 Jan 2013 22:33:08 +0000 From: Xen patchbot-4.2-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.2-testing] x86/HPET: fix FSB interrupt masking X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357717796 -3600 # Node ID 9abea6220b1110e4ca6322afb2f58edc7eef76b4 # Parent 7dad27b2bcc7ec42c6f76b04c3a5a94bc6b49a0f x86/HPET: fix FSB interrupt masking HPET_TN_FSB is not really suitable for masking interrupts - it merely switches between the two delivery methods. The right way of masking is through the HPET_TN_ENABLE bit (which really is an interrupt enable, not a counter enable or some such). This is even more so with certain chip sets not even allowing HPET_TN_FSB to be cleared on some of the channels. Further, all the setup of the channel should happen before actually enabling the interrupt, which requires splitting legacy and FSB logic. Finally this also fixes an S3 resume problem (HPET_TN_FSB did not get set in hpet_broadcast_resume(), and hpet_msi_unmask() doesn't get called from the general resume code either afaict). Signed-off-by: Jan Beulich Acked-by: Keir Fraser xen-unstable changeset: 26183:c139ca92edca xen-unstable date: Thu Nov 22 09:03:23 UTC 2012 --- diff -r 7dad27b2bcc7 -r 9abea6220b11 xen/arch/x86/hpet.c --- a/xen/arch/x86/hpet.c Mon Jan 07 14:24:36 2013 +0100 +++ b/xen/arch/x86/hpet.c Wed Jan 09 08:49:56 2013 +0100 @@ -236,7 +236,7 @@ static void hpet_msi_unmask(struct irq_d struct hpet_event_channel *ch = desc->action->dev_id; cfg = hpet_read32(HPET_Tn_CFG(ch->idx)); - cfg |= HPET_TN_FSB; + cfg |= HPET_TN_ENABLE; hpet_write32(cfg, HPET_Tn_CFG(ch->idx)); } @@ -246,7 +246,7 @@ static void hpet_msi_mask(struct irq_des struct hpet_event_channel *ch = desc->action->dev_id; cfg = hpet_read32(HPET_Tn_CFG(ch->idx)); - cfg &= ~HPET_TN_FSB; + cfg &= ~HPET_TN_ENABLE; hpet_write32(cfg, HPET_Tn_CFG(ch->idx)); } @@ -319,8 +319,14 @@ static void __hpet_setup_msi_irq(struct static int __init hpet_setup_msi_irq(unsigned int irq, struct hpet_event_channel *ch) { int ret; + u32 cfg = hpet_read32(HPET_Tn_CFG(ch->idx)); irq_desc_t *desc = irq_to_desc(irq); + /* set HPET Tn as oneshot */ + cfg &= ~(HPET_TN_LEVEL | HPET_TN_PERIODIC); + cfg |= HPET_TN_FSB | HPET_TN_32BIT; + hpet_write32(cfg, HPET_Tn_CFG(ch->idx)); + desc->handler = &hpet_msi_type; ret = request_irq(irq, hpet_interrupt_handler, 0, "HPET", ch); if ( ret < 0 ) @@ -541,11 +547,14 @@ void __init hpet_broadcast_init(void) for ( i = 0; i < n; i++ ) { - /* set HPET Tn as oneshot */ - cfg = hpet_read32(HPET_Tn_CFG(hpet_events[i].idx)); - cfg &= ~(HPET_TN_LEVEL | HPET_TN_PERIODIC); - cfg |= HPET_TN_ENABLE | HPET_TN_32BIT; - hpet_write32(cfg, HPET_Tn_CFG(hpet_events[i].idx)); + if ( i == 0 && (cfg & HPET_CFG_LEGACY) ) + { + /* set HPET T0 as oneshot */ + cfg = hpet_read32(HPET_Tn_CFG(0)); + cfg &= ~(HPET_TN_LEVEL | HPET_TN_PERIODIC); + cfg |= HPET_TN_ENABLE | HPET_TN_32BIT; + hpet_write32(cfg, HPET_Tn_CFG(0)); + } /* * The period is a femto seconds value. We need to calculate the scaled @@ -602,6 +611,8 @@ void hpet_broadcast_resume(void) cfg = hpet_read32(HPET_Tn_CFG(hpet_events[i].idx)); cfg &= ~(HPET_TN_LEVEL | HPET_TN_PERIODIC); cfg |= HPET_TN_ENABLE | HPET_TN_32BIT; + if ( !(hpet_events[i].flags & HPET_EVT_LEGACY) ) + cfg |= HPET_TN_FSB; hpet_write32(cfg, HPET_Tn_CFG(hpet_events[i].idx)); hpet_events[i].next_event = STIME_MAX; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 09 22:33:23 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 09 Jan 2013 22:33:23 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt4D2-0005HW-3I; Wed, 09 Jan 2013 22:33:20 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt4D0-0005H5-NZ for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 22:33:18 +0000 Received: from [85.158.138.51:48291] by server-16.bemta-3.messagelabs.com id 89/0F-27634-920FDE05; Wed, 09 Jan 2013 22:33:13 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-14.tower-174.messagelabs.com!1357770791!25627521!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests=ML_RADAR_SPEW_LINKS_32, spamassassin: X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 26756 invoked from network); 9 Jan 2013 22:33:12 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-14.tower-174.messagelabs.com with AES256-SHA encrypted SMTP; 9 Jan 2013 22:33:12 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt4Ct-00080Z-B9 for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 22:33:11 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tt4Ct-0006BR-6l for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 22:33:11 +0000 Message-Id: Date: Wed, 09 Jan 2013 22:33:10 +0000 From: Xen patchbot-4.2-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.2-testing] x86, amd: Disable way access filter on Piledriver CPUs X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Andre Przywara # Date 1357724990 -3600 # Node ID 5fd008a07f25e9e32d2f87431dfe9e48d2047c29 # Parent ef4f080bbeb573dd806c9d7cd3b4414cb274bfea x86, amd: Disable way access filter on Piledriver CPUs The Way Access Filter in recent AMD CPUs may hurt the performance of some workloads, caused by aliasing issues in the L1 cache. This patch disables it on the affected CPUs. The issue is similar to that one of last year: http://lkml.indiana.edu/hypermail/linux/kernel/1107.3/00041.html This new patch does not replace the old one, we just need another quirk for newer CPUs. The performance penalty without the patch depends on the circumstances, but is a bit less than the last year's 3%. The workloads affected would be those that access code from the same physical page under different virtual addresses, so different processes using the same libraries with ASLR or multiple instances of PIE-binaries. The code needs to be accessed simultaneously from both cores of the same compute unit. More details can be found here: http://developer.amd.com/Assets/SharedL1InstructionCacheonAMD15hCPU.pdf CPUs affected are anything with the core known as Piledriver. That includes the new parts of the AMD A-Series (aka Trinity) and the just released new CPUs of the FX-Series (aka Vishera). The model numbering is a bit odd here: FX CPUs have model 2, A-Series has model 10h, with possible extensions to 1Fh. Hence the range of model ids. Signed-off-by: Andre Przywara Add and use MSR_AMD64_IC_CFG. Update the value whenever it is found to not have all bits set, rather than just when it's zero. Signed-off-by: Jan Beulich Acked-by: Keir Fraser xen-unstable changeset: 26294:5fb0b8b838da xen-unstable date: Wed Dec 19 10:42:09 UTC 2012 --- diff -r ef4f080bbeb5 -r 5fd008a07f25 xen/arch/x86/cpu/amd.c --- a/xen/arch/x86/cpu/amd.c Wed Jan 09 08:53:18 2013 +0100 +++ b/xen/arch/x86/cpu/amd.c Wed Jan 09 10:49:50 2013 +0100 @@ -493,6 +493,14 @@ static void __devinit init_amd(struct cp } } + /* + * The way access filter has a performance penalty on some workloads. + * Disable it on the affected CPUs. + */ + if (c->x86 == 0x15 && c->x86_model >= 0x02 && c->x86_model < 0x20 && + !rdmsr_safe(MSR_AMD64_IC_CFG, value) && (value & 0x1e) != 0x1e) + wrmsr_safe(MSR_AMD64_IC_CFG, value | 0x1e); + amd_get_topology(c); /* Pointless to use MWAIT on Family10 as it does not deep sleep. */ diff -r ef4f080bbeb5 -r 5fd008a07f25 xen/include/asm-x86/msr-index.h --- a/xen/include/asm-x86/msr-index.h Wed Jan 09 08:53:18 2013 +0100 +++ b/xen/include/asm-x86/msr-index.h Wed Jan 09 10:49:50 2013 +0100 @@ -206,6 +206,7 @@ /* AMD64 MSRs */ #define MSR_AMD64_NB_CFG 0xc001001f +#define MSR_AMD64_IC_CFG 0xc0011021 #define MSR_AMD64_DC_CFG 0xc0011022 #define AMD64_NB_CFG_CF8_EXT_ENABLE_BIT 46 _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 09 22:33:23 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 09 Jan 2013 22:33:23 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt4D2-0005HW-3I; Wed, 09 Jan 2013 22:33:20 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt4D0-0005H5-NZ for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 22:33:18 +0000 Received: from [85.158.138.51:48291] by server-16.bemta-3.messagelabs.com id 89/0F-27634-920FDE05; Wed, 09 Jan 2013 22:33:13 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-14.tower-174.messagelabs.com!1357770791!25627521!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests=ML_RADAR_SPEW_LINKS_32, spamassassin: X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 26756 invoked from network); 9 Jan 2013 22:33:12 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-14.tower-174.messagelabs.com with AES256-SHA encrypted SMTP; 9 Jan 2013 22:33:12 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt4Ct-00080Z-B9 for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 22:33:11 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tt4Ct-0006BR-6l for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 22:33:11 +0000 Message-Id: Date: Wed, 09 Jan 2013 22:33:10 +0000 From: Xen patchbot-4.2-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.2-testing] x86, amd: Disable way access filter on Piledriver CPUs X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Andre Przywara # Date 1357724990 -3600 # Node ID 5fd008a07f25e9e32d2f87431dfe9e48d2047c29 # Parent ef4f080bbeb573dd806c9d7cd3b4414cb274bfea x86, amd: Disable way access filter on Piledriver CPUs The Way Access Filter in recent AMD CPUs may hurt the performance of some workloads, caused by aliasing issues in the L1 cache. This patch disables it on the affected CPUs. The issue is similar to that one of last year: http://lkml.indiana.edu/hypermail/linux/kernel/1107.3/00041.html This new patch does not replace the old one, we just need another quirk for newer CPUs. The performance penalty without the patch depends on the circumstances, but is a bit less than the last year's 3%. The workloads affected would be those that access code from the same physical page under different virtual addresses, so different processes using the same libraries with ASLR or multiple instances of PIE-binaries. The code needs to be accessed simultaneously from both cores of the same compute unit. More details can be found here: http://developer.amd.com/Assets/SharedL1InstructionCacheonAMD15hCPU.pdf CPUs affected are anything with the core known as Piledriver. That includes the new parts of the AMD A-Series (aka Trinity) and the just released new CPUs of the FX-Series (aka Vishera). The model numbering is a bit odd here: FX CPUs have model 2, A-Series has model 10h, with possible extensions to 1Fh. Hence the range of model ids. Signed-off-by: Andre Przywara Add and use MSR_AMD64_IC_CFG. Update the value whenever it is found to not have all bits set, rather than just when it's zero. Signed-off-by: Jan Beulich Acked-by: Keir Fraser xen-unstable changeset: 26294:5fb0b8b838da xen-unstable date: Wed Dec 19 10:42:09 UTC 2012 --- diff -r ef4f080bbeb5 -r 5fd008a07f25 xen/arch/x86/cpu/amd.c --- a/xen/arch/x86/cpu/amd.c Wed Jan 09 08:53:18 2013 +0100 +++ b/xen/arch/x86/cpu/amd.c Wed Jan 09 10:49:50 2013 +0100 @@ -493,6 +493,14 @@ static void __devinit init_amd(struct cp } } + /* + * The way access filter has a performance penalty on some workloads. + * Disable it on the affected CPUs. + */ + if (c->x86 == 0x15 && c->x86_model >= 0x02 && c->x86_model < 0x20 && + !rdmsr_safe(MSR_AMD64_IC_CFG, value) && (value & 0x1e) != 0x1e) + wrmsr_safe(MSR_AMD64_IC_CFG, value | 0x1e); + amd_get_topology(c); /* Pointless to use MWAIT on Family10 as it does not deep sleep. */ diff -r ef4f080bbeb5 -r 5fd008a07f25 xen/include/asm-x86/msr-index.h --- a/xen/include/asm-x86/msr-index.h Wed Jan 09 08:53:18 2013 +0100 +++ b/xen/include/asm-x86/msr-index.h Wed Jan 09 10:49:50 2013 +0100 @@ -206,6 +206,7 @@ /* AMD64 MSRs */ #define MSR_AMD64_NB_CFG 0xc001001f +#define MSR_AMD64_IC_CFG 0xc0011021 #define MSR_AMD64_DC_CFG 0xc0011022 #define AMD64_NB_CFG_CF8_EXT_ENABLE_BIT 46 _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 09 22:33:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 09 Jan 2013 22:33:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt4D3-0005I0-6e; Wed, 09 Jan 2013 22:33:21 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt4D1-0005H4-HB for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 22:33:19 +0000 Received: from [85.158.137.99:60439] by server-6.bemta-3.messagelabs.com id 6B/E6-12154-820FDE05; Wed, 09 Jan 2013 22:33:12 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-3.tower-217.messagelabs.com!1357770791!16330284!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests=UPPERCASE_25_50 X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 29315 invoked from network); 9 Jan 2013 22:33:12 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-3.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 9 Jan 2013 22:33:12 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt4Cs-00080W-UV for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 22:33:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tt4Cs-0006BB-Kn for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 22:33:10 +0000 Message-Id: Date: Wed, 09 Jan 2013 22:33:10 +0000 From: Xen patchbot-4.2-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.2-testing] scheduler: fix rate limit range checking X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357717998 -3600 # Node ID ef4f080bbeb573dd806c9d7cd3b4414cb274bfea # Parent 18b56fd7dcb236d7e1fa2458e366df7863a945a5 scheduler: fix rate limit range checking For one, neither of the two checks permitted for the documented value of zero (disabling the functionality altogether). Second, the range checking of the command line parameter was done by the credit scheduler's initialization code, despite it being a generic scheduler option. Signed-off-by: Jan Beulich Acked-by: Keir Fraser xen-unstable changeset: 26266:8d209624ea83 xen-unstable date: Mon Dec 10 10:14:27 UTC 2012 --- diff -r 18b56fd7dcb2 -r ef4f080bbeb5 xen/common/sched_credit.c --- a/xen/common/sched_credit.c Wed Jan 09 08:51:27 2013 +0100 +++ b/xen/common/sched_credit.c Wed Jan 09 08:53:18 2013 +0100 @@ -846,8 +846,9 @@ csched_sys_cntl(const struct scheduler * case XEN_SYSCTL_SCHEDOP_putinfo: if (params->tslice_ms > XEN_SYSCTL_CSCHED_TSLICE_MAX || params->tslice_ms < XEN_SYSCTL_CSCHED_TSLICE_MIN - || params->ratelimit_us > XEN_SYSCTL_SCHED_RATELIMIT_MAX - || params->ratelimit_us < XEN_SYSCTL_SCHED_RATELIMIT_MIN + || (params->ratelimit_us + && (params->ratelimit_us > XEN_SYSCTL_SCHED_RATELIMIT_MAX + || params->ratelimit_us < XEN_SYSCTL_SCHED_RATELIMIT_MIN)) || MICROSECS(params->ratelimit_us) > MILLISECS(params->tslice_ms) ) goto out; prv->tslice_ms = params->tslice_ms; @@ -1607,17 +1608,6 @@ csched_init(struct scheduler *ops) sched_credit_tslice_ms = CSCHED_DEFAULT_TSLICE_MS; } - if ( sched_ratelimit_us > XEN_SYSCTL_SCHED_RATELIMIT_MAX - || sched_ratelimit_us < XEN_SYSCTL_SCHED_RATELIMIT_MIN ) - { - printk("WARNING: sched_ratelimit_us outside of valid range [%d,%d].\n" - " Resetting to default %u\n", - XEN_SYSCTL_SCHED_RATELIMIT_MIN, - XEN_SYSCTL_SCHED_RATELIMIT_MAX, - SCHED_DEFAULT_RATELIMIT_US); - sched_ratelimit_us = SCHED_DEFAULT_RATELIMIT_US; - } - prv->tslice_ms = sched_credit_tslice_ms; prv->ticks_per_tslice = CSCHED_TICKS_PER_TSLICE; if ( prv->tslice_ms < prv->ticks_per_tslice ) diff -r 18b56fd7dcb2 -r ef4f080bbeb5 xen/common/schedule.c --- a/xen/common/schedule.c Wed Jan 09 08:51:27 2013 +0100 +++ b/xen/common/schedule.c Wed Jan 09 08:53:18 2013 +0100 @@ -1322,6 +1322,18 @@ void __init scheduler_init(void) if ( SCHED_OP(&ops, init) ) panic("scheduler returned error on init\n"); + if ( sched_ratelimit_us && + (sched_ratelimit_us > XEN_SYSCTL_SCHED_RATELIMIT_MAX + || sched_ratelimit_us < XEN_SYSCTL_SCHED_RATELIMIT_MIN) ) + { + printk("WARNING: sched_ratelimit_us outside of valid range [%d,%d].\n" + " Resetting to default %u\n", + XEN_SYSCTL_SCHED_RATELIMIT_MIN, + XEN_SYSCTL_SCHED_RATELIMIT_MAX, + SCHED_DEFAULT_RATELIMIT_US); + sched_ratelimit_us = SCHED_DEFAULT_RATELIMIT_US; + } + idle_domain = domain_create(DOMID_IDLE, 0, 0); BUG_ON(IS_ERR(idle_domain)); idle_domain->vcpu = idle_vcpu; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 09 22:33:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 09 Jan 2013 22:33:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt4D3-0005I0-6e; Wed, 09 Jan 2013 22:33:21 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt4D1-0005H4-HB for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 22:33:19 +0000 Received: from [85.158.137.99:60439] by server-6.bemta-3.messagelabs.com id 6B/E6-12154-820FDE05; Wed, 09 Jan 2013 22:33:12 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-3.tower-217.messagelabs.com!1357770791!16330284!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests=UPPERCASE_25_50 X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 29315 invoked from network); 9 Jan 2013 22:33:12 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-3.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 9 Jan 2013 22:33:12 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt4Cs-00080W-UV for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 22:33:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tt4Cs-0006BB-Kn for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 22:33:10 +0000 Message-Id: Date: Wed, 09 Jan 2013 22:33:10 +0000 From: Xen patchbot-4.2-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.2-testing] scheduler: fix rate limit range checking X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357717998 -3600 # Node ID ef4f080bbeb573dd806c9d7cd3b4414cb274bfea # Parent 18b56fd7dcb236d7e1fa2458e366df7863a945a5 scheduler: fix rate limit range checking For one, neither of the two checks permitted for the documented value of zero (disabling the functionality altogether). Second, the range checking of the command line parameter was done by the credit scheduler's initialization code, despite it being a generic scheduler option. Signed-off-by: Jan Beulich Acked-by: Keir Fraser xen-unstable changeset: 26266:8d209624ea83 xen-unstable date: Mon Dec 10 10:14:27 UTC 2012 --- diff -r 18b56fd7dcb2 -r ef4f080bbeb5 xen/common/sched_credit.c --- a/xen/common/sched_credit.c Wed Jan 09 08:51:27 2013 +0100 +++ b/xen/common/sched_credit.c Wed Jan 09 08:53:18 2013 +0100 @@ -846,8 +846,9 @@ csched_sys_cntl(const struct scheduler * case XEN_SYSCTL_SCHEDOP_putinfo: if (params->tslice_ms > XEN_SYSCTL_CSCHED_TSLICE_MAX || params->tslice_ms < XEN_SYSCTL_CSCHED_TSLICE_MIN - || params->ratelimit_us > XEN_SYSCTL_SCHED_RATELIMIT_MAX - || params->ratelimit_us < XEN_SYSCTL_SCHED_RATELIMIT_MIN + || (params->ratelimit_us + && (params->ratelimit_us > XEN_SYSCTL_SCHED_RATELIMIT_MAX + || params->ratelimit_us < XEN_SYSCTL_SCHED_RATELIMIT_MIN)) || MICROSECS(params->ratelimit_us) > MILLISECS(params->tslice_ms) ) goto out; prv->tslice_ms = params->tslice_ms; @@ -1607,17 +1608,6 @@ csched_init(struct scheduler *ops) sched_credit_tslice_ms = CSCHED_DEFAULT_TSLICE_MS; } - if ( sched_ratelimit_us > XEN_SYSCTL_SCHED_RATELIMIT_MAX - || sched_ratelimit_us < XEN_SYSCTL_SCHED_RATELIMIT_MIN ) - { - printk("WARNING: sched_ratelimit_us outside of valid range [%d,%d].\n" - " Resetting to default %u\n", - XEN_SYSCTL_SCHED_RATELIMIT_MIN, - XEN_SYSCTL_SCHED_RATELIMIT_MAX, - SCHED_DEFAULT_RATELIMIT_US); - sched_ratelimit_us = SCHED_DEFAULT_RATELIMIT_US; - } - prv->tslice_ms = sched_credit_tslice_ms; prv->ticks_per_tslice = CSCHED_TICKS_PER_TSLICE; if ( prv->tslice_ms < prv->ticks_per_tslice ) diff -r 18b56fd7dcb2 -r ef4f080bbeb5 xen/common/schedule.c --- a/xen/common/schedule.c Wed Jan 09 08:51:27 2013 +0100 +++ b/xen/common/schedule.c Wed Jan 09 08:53:18 2013 +0100 @@ -1322,6 +1322,18 @@ void __init scheduler_init(void) if ( SCHED_OP(&ops, init) ) panic("scheduler returned error on init\n"); + if ( sched_ratelimit_us && + (sched_ratelimit_us > XEN_SYSCTL_SCHED_RATELIMIT_MAX + || sched_ratelimit_us < XEN_SYSCTL_SCHED_RATELIMIT_MIN) ) + { + printk("WARNING: sched_ratelimit_us outside of valid range [%d,%d].\n" + " Resetting to default %u\n", + XEN_SYSCTL_SCHED_RATELIMIT_MIN, + XEN_SYSCTL_SCHED_RATELIMIT_MAX, + SCHED_DEFAULT_RATELIMIT_US); + sched_ratelimit_us = SCHED_DEFAULT_RATELIMIT_US; + } + idle_domain = domain_create(DOMID_IDLE, 0, 0); BUG_ON(IS_ERR(idle_domain)); idle_domain->vcpu = idle_vcpu; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 09 22:33:25 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 09 Jan 2013 22:33:25 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt4D5-0005IT-9c; Wed, 09 Jan 2013 22:33:23 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt4D3-0005Hz-Pt for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 22:33:21 +0000 Received: from [85.158.137.99:60496] by server-7.bemta-3.messagelabs.com id 9E/F6-23008-C20FDE05; Wed, 09 Jan 2013 22:33:16 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-10.tower-217.messagelabs.com!1357770792!19513686!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 31522 invoked from network); 9 Jan 2013 22:33:13 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-10.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 9 Jan 2013 22:33:13 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt4Cu-00080f-Dj for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 22:33:12 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tt4Cu-0006Bv-9D for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 22:33:12 +0000 Message-Id: Date: Wed, 09 Jan 2013 22:33:11 +0000 From: Xen patchbot-4.2-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.2-testing] x86: compat_show_guest_stack() should not truncate MFN X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357725196 -3600 # Node ID 3444f03cf52d91e59b9cdcf7478f8dc39273f49d # Parent b2b486d4331f6b3bb43bda8fc62b6a9b32d7b8ba x86: compat_show_guest_stack() should not truncate MFN Re-using "addr" here was a mistake, as it is a 32-bit quantity. Signed-off-by: Jan Beulich Acked-by: Ian Campbell Acked-by: Keir Fraser xen-unstable changeset: 26332:8e942f2f3b45 xen-unstable date: Mon Jan 7 12:28:29 UTC 2013 --- diff -r b2b486d4331f -r 3444f03cf52d xen/arch/x86/x86_64/compat/traps.c --- a/xen/arch/x86/x86_64/compat/traps.c Wed Jan 09 10:51:54 2013 +0100 +++ b/xen/arch/x86/x86_64/compat/traps.c Wed Jan 09 10:53:16 2013 +0100 @@ -20,11 +20,12 @@ void compat_show_guest_stack(struct vcpu if ( v != current ) { struct vcpu *vcpu; + unsigned long mfn; ASSERT(guest_kernel_mode(v, regs)); - addr = read_cr3() >> PAGE_SHIFT; + mfn = read_cr3() >> PAGE_SHIFT; for_each_vcpu( v->domain, vcpu ) - if ( pagetable_get_pfn(vcpu->arch.guest_table) == addr ) + if ( pagetable_get_pfn(vcpu->arch.guest_table) == mfn ) break; if ( !vcpu ) { _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 09 22:33:25 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 09 Jan 2013 22:33:25 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt4D5-0005IT-9c; Wed, 09 Jan 2013 22:33:23 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt4D3-0005Hz-Pt for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 22:33:21 +0000 Received: from [85.158.137.99:60496] by server-7.bemta-3.messagelabs.com id 9E/F6-23008-C20FDE05; Wed, 09 Jan 2013 22:33:16 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-10.tower-217.messagelabs.com!1357770792!19513686!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 31522 invoked from network); 9 Jan 2013 22:33:13 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-10.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 9 Jan 2013 22:33:13 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt4Cu-00080f-Dj for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 22:33:12 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tt4Cu-0006Bv-9D for xen-changelog@lists.xensource.com; Wed, 09 Jan 2013 22:33:12 +0000 Message-Id: Date: Wed, 09 Jan 2013 22:33:11 +0000 From: Xen patchbot-4.2-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.2-testing] x86: compat_show_guest_stack() should not truncate MFN X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357725196 -3600 # Node ID 3444f03cf52d91e59b9cdcf7478f8dc39273f49d # Parent b2b486d4331f6b3bb43bda8fc62b6a9b32d7b8ba x86: compat_show_guest_stack() should not truncate MFN Re-using "addr" here was a mistake, as it is a 32-bit quantity. Signed-off-by: Jan Beulich Acked-by: Ian Campbell Acked-by: Keir Fraser xen-unstable changeset: 26332:8e942f2f3b45 xen-unstable date: Mon Jan 7 12:28:29 UTC 2013 --- diff -r b2b486d4331f -r 3444f03cf52d xen/arch/x86/x86_64/compat/traps.c --- a/xen/arch/x86/x86_64/compat/traps.c Wed Jan 09 10:51:54 2013 +0100 +++ b/xen/arch/x86/x86_64/compat/traps.c Wed Jan 09 10:53:16 2013 +0100 @@ -20,11 +20,12 @@ void compat_show_guest_stack(struct vcpu if ( v != current ) { struct vcpu *vcpu; + unsigned long mfn; ASSERT(guest_kernel_mode(v, regs)); - addr = read_cr3() >> PAGE_SHIFT; + mfn = read_cr3() >> PAGE_SHIFT; for_each_vcpu( v->domain, vcpu ) - if ( pagetable_get_pfn(vcpu->arch.guest_table) == addr ) + if ( pagetable_get_pfn(vcpu->arch.guest_table) == mfn ) break; if ( !vcpu ) { _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Thu Jan 10 02:22:22 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Thu, 10 Jan 2013 02:22:22 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt7mX-0004qm-Tt; Thu, 10 Jan 2013 02:22:13 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt7mV-0004qY-QL for xen-changelog@lists.xensource.com; Thu, 10 Jan 2013 02:22:12 +0000 Received: from [85.158.139.211:42117] by server-15.bemta-5.messagelabs.com id D0/95-20523-2D52EE05; Thu, 10 Jan 2013 02:22:10 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-6.tower-206.messagelabs.com!1357784529!18646259!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 23535 invoked from network); 10 Jan 2013 02:22:10 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-6.tower-206.messagelabs.com with AES256-SHA encrypted SMTP; 10 Jan 2013 02:22:10 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt7mT-0000l4-5Z for xen-changelog@lists.xensource.com; Thu, 10 Jan 2013 02:22:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tt7mS-0003WD-Tv for xen-changelog@lists.xensource.com; Thu, 10 Jan 2013 02:22:08 +0000 Message-Id: Date: Thu, 10 Jan 2013 02:22:08 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] mini-os: Fix test application link when various fronts are not enabled. X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Samuel Thibault # Date 1357721057 0 # Node ID 63753c56bad7a6044aa6f50a9c974a73ccad7e4e # Parent 5dec1022923c6abec388962db3320999b73996f1 mini-os: Fix test application link when various fronts are not enabled. When fronts are not enabled, the test application needs to disable the corresponding tests. Signed-off-by: Samuel Thibault Committed-by: Keir Fraser --- diff -r 5dec1022923c -r 63753c56bad7 extras/mini-os/test.c --- a/extras/mini-os/test.c Wed Jan 09 08:43:53 2013 +0000 +++ b/extras/mini-os/test.c Wed Jan 09 08:44:17 2013 +0000 @@ -45,13 +45,13 @@ #include #include +#ifdef CONFIG_XENBUS static unsigned int do_shutdown = 0; static unsigned int shutdown_reason; static DECLARE_WAIT_QUEUE_HEAD(shutdown_queue); +#endif -static struct netfront_dev *net_dev; -static struct semaphore net_sem = __SEMAPHORE_INITIALIZER(net_sem, 0); - +#ifdef CONFIG_XENBUS void test_xenbus(void); static void xenbus_tester(void *p) @@ -59,6 +59,7 @@ static void xenbus_tester(void *p) printk("Xenbus tests disabled, because of a Xend bug.\n"); /* test_xenbus(); */ } +#endif static void periodic_thread(void *p) { @@ -72,12 +73,18 @@ static void periodic_thread(void *p) } } +#ifdef CONFIG_NETFRONT +static struct netfront_dev *net_dev; +static struct semaphore net_sem = __SEMAPHORE_INITIALIZER(net_sem, 0); + static void netfront_thread(void *p) { net_dev = init_netfront(NULL, NULL, NULL, NULL); up(&net_sem); } +#endif +#ifdef CONFIG_BLKFRONT static struct blkfront_dev *blk_dev; static struct blkfront_info blk_info; static uint64_t blk_size_read; @@ -246,7 +253,9 @@ static void blkfront_thread(void *p) } up(&blk_sem); } +#endif +#if defined(CONFIG_FBFRONT) && defined(CONFIG_KBDFRONT) #define WIDTH 800 #define HEIGHT 600 #define DEPTH 32 @@ -436,6 +445,7 @@ static void kbdfront_thread(void *p) } up(&kbd_sem); } +#endif #ifdef CONFIG_PCIFRONT static struct pcifront_dev *pci_dev; @@ -469,20 +479,26 @@ static void pcifront_thread(void *p) void shutdown_frontends(void) { +#ifdef CONFIG_NETFRONT down(&net_sem); if (net_dev) shutdown_netfront(net_dev); +#endif +#ifdef CONFIG_BLKFRONT down(&blk_sem); if (blk_dev) shutdown_blkfront(blk_dev); +#endif +#if defined(CONFIG_FBFRONT) && defined(CONFIG_KBDFRONT) if (fb_dev) shutdown_fbfront(fb_dev); down(&kbd_sem); if (kbd_dev) shutdown_kbdfront(kbd_dev); +#endif #ifdef CONFIG_PCIFRONT down(&pci_sem); @@ -491,6 +507,7 @@ void shutdown_frontends(void) #endif } +#ifdef CONFIG_XENBUS void app_shutdown(unsigned reason) { shutdown_reason = reason; @@ -519,19 +536,30 @@ static void shutdown_thread(void *p) HYPERVISOR_shutdown(shutdown_reason); } +#endif int app_main(start_info_t *si) { printk("Test main: start_info=%p\n", si); +#ifdef CONFIG_XENBUS create_thread("xenbus_tester", xenbus_tester, si); +#endif create_thread("periodic_thread", periodic_thread, si); +#ifdef CONFIG_NETFRONT create_thread("netfront", netfront_thread, si); +#endif +#ifdef CONFIG_BLKFRONT create_thread("blkfront", blkfront_thread, si); +#endif +#if defined(CONFIG_FBFRONT) && defined(CONFIG_KBDFRONT) create_thread("fbfront", fbfront_thread, si); create_thread("kbdfront", kbdfront_thread, si); +#endif #ifdef CONFIG_PCIFRONT create_thread("pcifront", pcifront_thread, si); #endif +#ifdef CONFIG_XENBUS create_thread("shutdown", shutdown_thread, si); +#endif return 0; } _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Thu Jan 10 02:22:22 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Thu, 10 Jan 2013 02:22:22 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt7mX-0004qm-Tt; Thu, 10 Jan 2013 02:22:13 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt7mV-0004qY-QL for xen-changelog@lists.xensource.com; Thu, 10 Jan 2013 02:22:12 +0000 Received: from [85.158.139.211:42117] by server-15.bemta-5.messagelabs.com id D0/95-20523-2D52EE05; Thu, 10 Jan 2013 02:22:10 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-6.tower-206.messagelabs.com!1357784529!18646259!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 23535 invoked from network); 10 Jan 2013 02:22:10 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-6.tower-206.messagelabs.com with AES256-SHA encrypted SMTP; 10 Jan 2013 02:22:10 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt7mT-0000l4-5Z for xen-changelog@lists.xensource.com; Thu, 10 Jan 2013 02:22:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tt7mS-0003WD-Tv for xen-changelog@lists.xensource.com; Thu, 10 Jan 2013 02:22:08 +0000 Message-Id: Date: Thu, 10 Jan 2013 02:22:08 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] mini-os: Fix test application link when various fronts are not enabled. X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Samuel Thibault # Date 1357721057 0 # Node ID 63753c56bad7a6044aa6f50a9c974a73ccad7e4e # Parent 5dec1022923c6abec388962db3320999b73996f1 mini-os: Fix test application link when various fronts are not enabled. When fronts are not enabled, the test application needs to disable the corresponding tests. Signed-off-by: Samuel Thibault Committed-by: Keir Fraser --- diff -r 5dec1022923c -r 63753c56bad7 extras/mini-os/test.c --- a/extras/mini-os/test.c Wed Jan 09 08:43:53 2013 +0000 +++ b/extras/mini-os/test.c Wed Jan 09 08:44:17 2013 +0000 @@ -45,13 +45,13 @@ #include #include +#ifdef CONFIG_XENBUS static unsigned int do_shutdown = 0; static unsigned int shutdown_reason; static DECLARE_WAIT_QUEUE_HEAD(shutdown_queue); +#endif -static struct netfront_dev *net_dev; -static struct semaphore net_sem = __SEMAPHORE_INITIALIZER(net_sem, 0); - +#ifdef CONFIG_XENBUS void test_xenbus(void); static void xenbus_tester(void *p) @@ -59,6 +59,7 @@ static void xenbus_tester(void *p) printk("Xenbus tests disabled, because of a Xend bug.\n"); /* test_xenbus(); */ } +#endif static void periodic_thread(void *p) { @@ -72,12 +73,18 @@ static void periodic_thread(void *p) } } +#ifdef CONFIG_NETFRONT +static struct netfront_dev *net_dev; +static struct semaphore net_sem = __SEMAPHORE_INITIALIZER(net_sem, 0); + static void netfront_thread(void *p) { net_dev = init_netfront(NULL, NULL, NULL, NULL); up(&net_sem); } +#endif +#ifdef CONFIG_BLKFRONT static struct blkfront_dev *blk_dev; static struct blkfront_info blk_info; static uint64_t blk_size_read; @@ -246,7 +253,9 @@ static void blkfront_thread(void *p) } up(&blk_sem); } +#endif +#if defined(CONFIG_FBFRONT) && defined(CONFIG_KBDFRONT) #define WIDTH 800 #define HEIGHT 600 #define DEPTH 32 @@ -436,6 +445,7 @@ static void kbdfront_thread(void *p) } up(&kbd_sem); } +#endif #ifdef CONFIG_PCIFRONT static struct pcifront_dev *pci_dev; @@ -469,20 +479,26 @@ static void pcifront_thread(void *p) void shutdown_frontends(void) { +#ifdef CONFIG_NETFRONT down(&net_sem); if (net_dev) shutdown_netfront(net_dev); +#endif +#ifdef CONFIG_BLKFRONT down(&blk_sem); if (blk_dev) shutdown_blkfront(blk_dev); +#endif +#if defined(CONFIG_FBFRONT) && defined(CONFIG_KBDFRONT) if (fb_dev) shutdown_fbfront(fb_dev); down(&kbd_sem); if (kbd_dev) shutdown_kbdfront(kbd_dev); +#endif #ifdef CONFIG_PCIFRONT down(&pci_sem); @@ -491,6 +507,7 @@ void shutdown_frontends(void) #endif } +#ifdef CONFIG_XENBUS void app_shutdown(unsigned reason) { shutdown_reason = reason; @@ -519,19 +536,30 @@ static void shutdown_thread(void *p) HYPERVISOR_shutdown(shutdown_reason); } +#endif int app_main(start_info_t *si) { printk("Test main: start_info=%p\n", si); +#ifdef CONFIG_XENBUS create_thread("xenbus_tester", xenbus_tester, si); +#endif create_thread("periodic_thread", periodic_thread, si); +#ifdef CONFIG_NETFRONT create_thread("netfront", netfront_thread, si); +#endif +#ifdef CONFIG_BLKFRONT create_thread("blkfront", blkfront_thread, si); +#endif +#if defined(CONFIG_FBFRONT) && defined(CONFIG_KBDFRONT) create_thread("fbfront", fbfront_thread, si); create_thread("kbdfront", kbdfront_thread, si); +#endif #ifdef CONFIG_PCIFRONT create_thread("pcifront", pcifront_thread, si); #endif +#ifdef CONFIG_XENBUS create_thread("shutdown", shutdown_thread, si); +#endif return 0; } _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Thu Jan 10 02:22:33 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Thu, 10 Jan 2013 02:22:33 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt7mm-0004sN-2g; Thu, 10 Jan 2013 02:22:28 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt7mk-0004s4-3Q for xen-changelog@lists.xensource.com; Thu, 10 Jan 2013 02:22:26 +0000 Received: from [85.158.143.35:39083] by server-3.bemta-4.messagelabs.com id 43/79-19220-1E52EE05; Thu, 10 Jan 2013 02:22:25 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-4.tower-21.messagelabs.com!1357784529!5305800!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 20472 invoked from network); 10 Jan 2013 02:22:10 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-4.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 10 Jan 2013 02:22:10 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt7mT-0000l2-1b for xen-changelog@lists.xensource.com; Thu, 10 Jan 2013 02:22:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tt7mS-0003VQ-Ar for xen-changelog@lists.xensource.com; Thu, 10 Jan 2013 02:22:08 +0000 Message-Id: Date: Thu, 10 Jan 2013 02:22:07 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] mini-os: Notify shutdown through weak function call instead of wake queue X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Samuel Thibault # Date 1357721033 0 # Node ID 5dec1022923c6abec388962db3320999b73996f1 # Parent 11e92ef6d84a20a6b0b2f989060a6bc1a123d2c0 mini-os: Notify shutdown through weak function call instead of wake queue To allow for more flexibility, this notifies domain shutdown through a function rather than a wake queue, to let the application use a wake queue only if it wishes. Signed-off-by: Samuel Thibault Committed-by: Keir Fraser --- diff -r 11e92ef6d84a -r 5dec1022923c extras/mini-os/include/kernel.h --- a/extras/mini-os/include/kernel.h Tue Jan 08 10:43:35 2013 +0100 +++ b/extras/mini-os/include/kernel.h Wed Jan 09 08:43:53 2013 +0000 @@ -1,9 +1,6 @@ #ifndef _KERNEL_H_ #define _KERNEL_H_ -extern unsigned int do_shutdown; -extern unsigned int shutdown_reason; -extern struct wait_queue_head shutdown_queue; extern void do_exit(void) __attribute__((noreturn)); extern void stop_kernel(void); diff -r 11e92ef6d84a -r 5dec1022923c extras/mini-os/kernel.c --- a/extras/mini-os/kernel.c Tue Jan 08 10:43:35 2013 +0100 +++ b/extras/mini-os/kernel.c Wed Jan 09 08:43:53 2013 +0000 @@ -48,12 +48,6 @@ uint8_t xen_features[XENFEAT_NR_SUBMAPS * 32]; -#ifdef CONFIG_XENBUS -unsigned int do_shutdown = 0; -unsigned int shutdown_reason; -DECLARE_WAIT_QUEUE_HEAD(shutdown_queue); -#endif - void setup_xen_features(void) { xen_feature_info_t fi; @@ -71,12 +65,19 @@ void setup_xen_features(void) } #ifdef CONFIG_XENBUS +/* This should be overridden by the application we are linked against. */ +__attribute__((weak)) void app_shutdown(unsigned reason) +{ + printk("Shutdown requested: %d\n", reason); +} + static void shutdown_thread(void *p) { const char *path = "control/shutdown"; const char *token = path; xenbus_event_queue events = NULL; char *shutdown, *err; + unsigned int shutdown_reason; xenbus_watch_path_token(XBT_NIL, path, token, &events); while ((err = xenbus_read(XBT_NIL, path, &shutdown)) != NULL) { @@ -94,10 +95,7 @@ static void shutdown_thread(void *p) else /* Unknown */ shutdown_reason = SHUTDOWN_crash; - wmb(); - do_shutdown = 1; - wmb(); - wake_up(&shutdown_queue); + app_shutdown(shutdown_reason); } #endif diff -r 11e92ef6d84a -r 5dec1022923c extras/mini-os/test.c --- a/extras/mini-os/test.c Tue Jan 08 10:43:35 2013 +0100 +++ b/extras/mini-os/test.c Wed Jan 09 08:43:53 2013 +0000 @@ -45,6 +45,10 @@ #include #include +static unsigned int do_shutdown = 0; +static unsigned int shutdown_reason; +static DECLARE_WAIT_QUEUE_HEAD(shutdown_queue); + static struct netfront_dev *net_dev; static struct semaphore net_sem = __SEMAPHORE_INITIALIZER(net_sem, 0); @@ -487,6 +491,15 @@ void shutdown_frontends(void) #endif } +void app_shutdown(unsigned reason) +{ + shutdown_reason = reason; + wmb(); + do_shutdown = 1; + wmb(); + wake_up(&shutdown_queue); +} + static void shutdown_thread(void *p) { DEFINE_WAIT(w); _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Thu Jan 10 02:22:33 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Thu, 10 Jan 2013 02:22:33 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt7mm-0004sN-2g; Thu, 10 Jan 2013 02:22:28 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt7mk-0004s4-3Q for xen-changelog@lists.xensource.com; Thu, 10 Jan 2013 02:22:26 +0000 Received: from [85.158.143.35:39083] by server-3.bemta-4.messagelabs.com id 43/79-19220-1E52EE05; Thu, 10 Jan 2013 02:22:25 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-4.tower-21.messagelabs.com!1357784529!5305800!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 20472 invoked from network); 10 Jan 2013 02:22:10 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-4.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 10 Jan 2013 02:22:10 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tt7mT-0000l2-1b for xen-changelog@lists.xensource.com; Thu, 10 Jan 2013 02:22:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tt7mS-0003VQ-Ar for xen-changelog@lists.xensource.com; Thu, 10 Jan 2013 02:22:08 +0000 Message-Id: Date: Thu, 10 Jan 2013 02:22:07 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] mini-os: Notify shutdown through weak function call instead of wake queue X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Samuel Thibault # Date 1357721033 0 # Node ID 5dec1022923c6abec388962db3320999b73996f1 # Parent 11e92ef6d84a20a6b0b2f989060a6bc1a123d2c0 mini-os: Notify shutdown through weak function call instead of wake queue To allow for more flexibility, this notifies domain shutdown through a function rather than a wake queue, to let the application use a wake queue only if it wishes. Signed-off-by: Samuel Thibault Committed-by: Keir Fraser --- diff -r 11e92ef6d84a -r 5dec1022923c extras/mini-os/include/kernel.h --- a/extras/mini-os/include/kernel.h Tue Jan 08 10:43:35 2013 +0100 +++ b/extras/mini-os/include/kernel.h Wed Jan 09 08:43:53 2013 +0000 @@ -1,9 +1,6 @@ #ifndef _KERNEL_H_ #define _KERNEL_H_ -extern unsigned int do_shutdown; -extern unsigned int shutdown_reason; -extern struct wait_queue_head shutdown_queue; extern void do_exit(void) __attribute__((noreturn)); extern void stop_kernel(void); diff -r 11e92ef6d84a -r 5dec1022923c extras/mini-os/kernel.c --- a/extras/mini-os/kernel.c Tue Jan 08 10:43:35 2013 +0100 +++ b/extras/mini-os/kernel.c Wed Jan 09 08:43:53 2013 +0000 @@ -48,12 +48,6 @@ uint8_t xen_features[XENFEAT_NR_SUBMAPS * 32]; -#ifdef CONFIG_XENBUS -unsigned int do_shutdown = 0; -unsigned int shutdown_reason; -DECLARE_WAIT_QUEUE_HEAD(shutdown_queue); -#endif - void setup_xen_features(void) { xen_feature_info_t fi; @@ -71,12 +65,19 @@ void setup_xen_features(void) } #ifdef CONFIG_XENBUS +/* This should be overridden by the application we are linked against. */ +__attribute__((weak)) void app_shutdown(unsigned reason) +{ + printk("Shutdown requested: %d\n", reason); +} + static void shutdown_thread(void *p) { const char *path = "control/shutdown"; const char *token = path; xenbus_event_queue events = NULL; char *shutdown, *err; + unsigned int shutdown_reason; xenbus_watch_path_token(XBT_NIL, path, token, &events); while ((err = xenbus_read(XBT_NIL, path, &shutdown)) != NULL) { @@ -94,10 +95,7 @@ static void shutdown_thread(void *p) else /* Unknown */ shutdown_reason = SHUTDOWN_crash; - wmb(); - do_shutdown = 1; - wmb(); - wake_up(&shutdown_queue); + app_shutdown(shutdown_reason); } #endif diff -r 11e92ef6d84a -r 5dec1022923c extras/mini-os/test.c --- a/extras/mini-os/test.c Tue Jan 08 10:43:35 2013 +0100 +++ b/extras/mini-os/test.c Wed Jan 09 08:43:53 2013 +0000 @@ -45,6 +45,10 @@ #include #include +static unsigned int do_shutdown = 0; +static unsigned int shutdown_reason; +static DECLARE_WAIT_QUEUE_HEAD(shutdown_queue); + static struct netfront_dev *net_dev; static struct semaphore net_sem = __SEMAPHORE_INITIALIZER(net_sem, 0); @@ -487,6 +491,15 @@ void shutdown_frontends(void) #endif } +void app_shutdown(unsigned reason) +{ + shutdown_reason = reason; + wmb(); + do_shutdown = 1; + wmb(); + wake_up(&shutdown_queue); +} + static void shutdown_thread(void *p) { DEFINE_WAIT(w); _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Thu Jan 10 10:22:18 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Thu, 10 Jan 2013 10:22:18 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtFH4-0003H5-Tv; Thu, 10 Jan 2013 10:22:14 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtFH3-0003Gm-9A for xen-changelog@lists.xensource.com; Thu, 10 Jan 2013 10:22:13 +0000 Received: from [85.158.139.83:57999] by server-12.bemta-5.messagelabs.com id 92/17-02275-4569EE05; Thu, 10 Jan 2013 10:22:12 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-15.tower-182.messagelabs.com!1357813330!27495789!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 28329 invoked from network); 10 Jan 2013 10:22:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-15.tower-182.messagelabs.com with AES256-SHA encrypted SMTP; 10 Jan 2013 10:22:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtFH0-0006Ro-As for xen-changelog@lists.xensource.com; Thu, 10 Jan 2013 10:22:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TtFH0-0008FV-7e for xen-changelog@lists.xensource.com; Thu, 10 Jan 2013 10:22:10 +0000 Message-Id: Date: Thu, 10 Jan 2013 10:22:09 +0000 From: Xen patchbot-4.2-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.2-testing] VT-d: fix interrupt remapping source validation for devices behind legacy bridges X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357748160 -3600 # Node ID 2fff08507addd9626abdf3ad2f9321586236e4f2 # Parent 3444f03cf52d91e59b9cdcf7478f8dc39273f49d VT-d: fix interrupt remapping source validation for devices behind legacy bridges Using SVT_VERIFY_BUS here doesn't make sense; native Linux also uses SVT_VERIFY_SID_SQ here instead. This is XSA-33 / CVE-2012-5634. Signed-off-by: Jan Beulich xen-unstable changeset: 26340:19fd1237ff0d xen-unstable date: Wed Jan 9 16:13:26 UTC 2013 --- diff -r 3444f03cf52d -r 2fff08507add xen/drivers/passthrough/vtd/intremap.c --- a/xen/drivers/passthrough/vtd/intremap.c Wed Jan 09 10:53:16 2013 +0100 +++ b/xen/drivers/passthrough/vtd/intremap.c Wed Jan 09 17:16:00 2013 +0100 @@ -462,7 +462,7 @@ static void set_msi_source_id(struct pci set_ire_sid(ire, SVT_VERIFY_BUS, SQ_ALL_16, (bus << 8) | pdev->bus); else if ( pdev_type(seg, bus, devfn) == DEV_TYPE_LEGACY_PCI_BRIDGE ) - set_ire_sid(ire, SVT_VERIFY_BUS, SQ_ALL_16, + set_ire_sid(ire, SVT_VERIFY_SID_SQ, SQ_ALL_16, PCI_BDF2(bus, devfn)); } break; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Thu Jan 10 10:22:18 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Thu, 10 Jan 2013 10:22:18 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtFH4-0003H5-Tv; Thu, 10 Jan 2013 10:22:14 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtFH3-0003Gm-9A for xen-changelog@lists.xensource.com; Thu, 10 Jan 2013 10:22:13 +0000 Received: from [85.158.139.83:57999] by server-12.bemta-5.messagelabs.com id 92/17-02275-4569EE05; Thu, 10 Jan 2013 10:22:12 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-15.tower-182.messagelabs.com!1357813330!27495789!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 28329 invoked from network); 10 Jan 2013 10:22:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-15.tower-182.messagelabs.com with AES256-SHA encrypted SMTP; 10 Jan 2013 10:22:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtFH0-0006Ro-As for xen-changelog@lists.xensource.com; Thu, 10 Jan 2013 10:22:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TtFH0-0008FV-7e for xen-changelog@lists.xensource.com; Thu, 10 Jan 2013 10:22:10 +0000 Message-Id: Date: Thu, 10 Jan 2013 10:22:09 +0000 From: Xen patchbot-4.2-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.2-testing] VT-d: fix interrupt remapping source validation for devices behind legacy bridges X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357748160 -3600 # Node ID 2fff08507addd9626abdf3ad2f9321586236e4f2 # Parent 3444f03cf52d91e59b9cdcf7478f8dc39273f49d VT-d: fix interrupt remapping source validation for devices behind legacy bridges Using SVT_VERIFY_BUS here doesn't make sense; native Linux also uses SVT_VERIFY_SID_SQ here instead. This is XSA-33 / CVE-2012-5634. Signed-off-by: Jan Beulich xen-unstable changeset: 26340:19fd1237ff0d xen-unstable date: Wed Jan 9 16:13:26 UTC 2013 --- diff -r 3444f03cf52d -r 2fff08507add xen/drivers/passthrough/vtd/intremap.c --- a/xen/drivers/passthrough/vtd/intremap.c Wed Jan 09 10:53:16 2013 +0100 +++ b/xen/drivers/passthrough/vtd/intremap.c Wed Jan 09 17:16:00 2013 +0100 @@ -462,7 +462,7 @@ static void set_msi_source_id(struct pci set_ire_sid(ire, SVT_VERIFY_BUS, SQ_ALL_16, (bus << 8) | pdev->bus); else if ( pdev_type(seg, bus, devfn) == DEV_TYPE_LEGACY_PCI_BRIDGE ) - set_ire_sid(ire, SVT_VERIFY_BUS, SQ_ALL_16, + set_ire_sid(ire, SVT_VERIFY_SID_SQ, SQ_ALL_16, PCI_BDF2(bus, devfn)); } break; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Thu Jan 10 13:55:19 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Thu, 10 Jan 2013 13:55:19 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtIbB-0007re-MB; Thu, 10 Jan 2013 13:55:13 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtIbA-0007rT-OM for xen-changelog@lists.xensource.com; Thu, 10 Jan 2013 13:55:12 +0000 Received: from [193.109.254.147:58349] by server-3.bemta-14.messagelabs.com id 64/7E-26055-F38CEE05; Thu, 10 Jan 2013 13:55:11 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-12.tower-27.messagelabs.com!1357826109!9204764!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 28160 invoked from network); 10 Jan 2013 13:55:10 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-12.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 10 Jan 2013 13:55:10 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtIb7-0000Fc-KQ for xen-changelog@lists.xensource.com; Thu, 10 Jan 2013 13:55:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TtIb7-0005xp-BF for xen-changelog@lists.xensource.com; Thu, 10 Jan 2013 13:55:09 +0000 Message-Id: Date: Thu, 10 Jan 2013 13:55:08 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] VT-d: fix interrupt remapping source validation for devices behind legacy bridges X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357748006 -3600 # Node ID 19fd1237ff0dfa3d97a896d6ed6fbbd33f816a9f # Parent 56b0d5476c11bfd09986080dfa97923586ef474f VT-d: fix interrupt remapping source validation for devices behind legacy bridges Using SVT_VERIFY_BUS here doesn't make sense; native Linux also uses SVT_VERIFY_SID_SQ here instead. This is XSA-33 / CVE-2012-5634. Signed-off-by: Jan Beulich --- diff -r 56b0d5476c11 -r 19fd1237ff0d xen/drivers/passthrough/vtd/intremap.c --- a/xen/drivers/passthrough/vtd/intremap.c Wed Jan 09 15:00:58 2013 +0000 +++ b/xen/drivers/passthrough/vtd/intremap.c Wed Jan 09 17:13:26 2013 +0100 @@ -473,7 +473,7 @@ static void set_msi_source_id(struct pci set_ire_sid(ire, SVT_VERIFY_BUS, SQ_ALL_16, (bus << 8) | pdev->bus); else if ( pdev_type(seg, bus, devfn) == DEV_TYPE_LEGACY_PCI_BRIDGE ) - set_ire_sid(ire, SVT_VERIFY_BUS, SQ_ALL_16, + set_ire_sid(ire, SVT_VERIFY_SID_SQ, SQ_ALL_16, PCI_BDF2(bus, devfn)); } break; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Thu Jan 10 13:55:19 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Thu, 10 Jan 2013 13:55:19 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtIbB-0007re-MB; Thu, 10 Jan 2013 13:55:13 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtIbA-0007rT-OM for xen-changelog@lists.xensource.com; Thu, 10 Jan 2013 13:55:12 +0000 Received: from [193.109.254.147:58349] by server-3.bemta-14.messagelabs.com id 64/7E-26055-F38CEE05; Thu, 10 Jan 2013 13:55:11 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-12.tower-27.messagelabs.com!1357826109!9204764!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 28160 invoked from network); 10 Jan 2013 13:55:10 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-12.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 10 Jan 2013 13:55:10 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtIb7-0000Fc-KQ for xen-changelog@lists.xensource.com; Thu, 10 Jan 2013 13:55:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TtIb7-0005xp-BF for xen-changelog@lists.xensource.com; Thu, 10 Jan 2013 13:55:09 +0000 Message-Id: Date: Thu, 10 Jan 2013 13:55:08 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] VT-d: fix interrupt remapping source validation for devices behind legacy bridges X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357748006 -3600 # Node ID 19fd1237ff0dfa3d97a896d6ed6fbbd33f816a9f # Parent 56b0d5476c11bfd09986080dfa97923586ef474f VT-d: fix interrupt remapping source validation for devices behind legacy bridges Using SVT_VERIFY_BUS here doesn't make sense; native Linux also uses SVT_VERIFY_SID_SQ here instead. This is XSA-33 / CVE-2012-5634. Signed-off-by: Jan Beulich --- diff -r 56b0d5476c11 -r 19fd1237ff0d xen/drivers/passthrough/vtd/intremap.c --- a/xen/drivers/passthrough/vtd/intremap.c Wed Jan 09 15:00:58 2013 +0000 +++ b/xen/drivers/passthrough/vtd/intremap.c Wed Jan 09 17:13:26 2013 +0100 @@ -473,7 +473,7 @@ static void set_msi_source_id(struct pci set_ire_sid(ire, SVT_VERIFY_BUS, SQ_ALL_16, (bus << 8) | pdev->bus); else if ( pdev_type(seg, bus, devfn) == DEV_TYPE_LEGACY_PCI_BRIDGE ) - set_ire_sid(ire, SVT_VERIFY_BUS, SQ_ALL_16, + set_ire_sid(ire, SVT_VERIFY_SID_SQ, SQ_ALL_16, PCI_BDF2(bus, devfn)); } break; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Thu Jan 10 13:55:19 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Thu, 10 Jan 2013 13:55:19 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtIbC-0007rm-P6; Thu, 10 Jan 2013 13:55:14 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtIbA-0007rV-Um for xen-changelog@lists.xensource.com; Thu, 10 Jan 2013 13:55:13 +0000 Received: from [85.158.143.99:7400] by server-1.bemta-4.messagelabs.com id 2F/D0-18740-048CEE05; Thu, 10 Jan 2013 13:55:12 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-11.tower-216.messagelabs.com!1357826109!19834758!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 23153 invoked from network); 10 Jan 2013 13:55:10 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-11.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 10 Jan 2013 13:55:10 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtIb7-0000FZ-2U for xen-changelog@lists.xensource.com; Thu, 10 Jan 2013 13:55:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TtIb6-0005xY-IW for xen-changelog@lists.xensource.com; Thu, 10 Jan 2013 13:55:08 +0000 Message-Id: Date: Thu, 10 Jan 2013 13:55:07 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] x86/hvm: Bind device-model event-channels to registered device-model X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Keir Fraser # Date 1357743658 0 # Node ID 56b0d5476c11bfd09986080dfa97923586ef474f # Parent 63753c56bad7a6044aa6f50a9c974a73ccad7e4e x86/hvm: Bind device-model event-channels to registered device-model domid during vcpu initialisation. Signed-off-by: Keir Fraser --- diff -r 63753c56bad7 -r 56b0d5476c11 xen/arch/x86/hvm/hvm.c --- a/xen/arch/x86/hvm/hvm.c Wed Jan 09 08:44:17 2013 +0000 +++ b/xen/arch/x86/hvm/hvm.c Wed Jan 09 15:00:58 2013 +0000 @@ -1057,6 +1057,8 @@ __initcall(__hvm_register_CPU_XSAVE_save int hvm_vcpu_initialise(struct vcpu *v) { int rc; + struct domain *d = v->domain; + domid_t dm_domid = d->arch.hvm_domain.params[HVM_PARAM_DM_DOMAIN]; hvm_asid_flush_vcpu(v); @@ -1066,12 +1068,12 @@ int hvm_vcpu_initialise(struct vcpu *v) if ( (rc = hvm_funcs.vcpu_initialise(v)) != 0 ) goto fail2; - if ( nestedhvm_enabled(v->domain) + if ( nestedhvm_enabled(d) && (rc = nestedhvm_vcpu_initialise(v)) < 0 ) goto fail3; /* Create ioreq event channel. */ - rc = alloc_unbound_xen_event_channel(v, current->domain->domain_id, NULL); + rc = alloc_unbound_xen_event_channel(v, dm_domid, NULL); if ( rc < 0 ) goto fail4; @@ -1081,16 +1083,16 @@ int hvm_vcpu_initialise(struct vcpu *v) if ( v->vcpu_id == 0 ) { /* Create bufioreq event channel. */ - rc = alloc_unbound_xen_event_channel(v, current->domain->domain_id, NULL); + rc = alloc_unbound_xen_event_channel(v, dm_domid, NULL); if ( rc < 0 ) goto fail2; - v->domain->arch.hvm_domain.params[HVM_PARAM_BUFIOREQ_EVTCHN] = rc; + d->arch.hvm_domain.params[HVM_PARAM_BUFIOREQ_EVTCHN] = rc; } - spin_lock(&v->domain->arch.hvm_domain.ioreq.lock); - if ( v->domain->arch.hvm_domain.ioreq.va != NULL ) + spin_lock(&d->arch.hvm_domain.ioreq.lock); + if ( d->arch.hvm_domain.ioreq.va != NULL ) get_ioreq(v)->vp_eport = v->arch.hvm_vcpu.xen_port; - spin_unlock(&v->domain->arch.hvm_domain.ioreq.lock); + spin_unlock(&d->arch.hvm_domain.ioreq.lock); spin_lock_init(&v->arch.hvm_vcpu.tm_lock); INIT_LIST_HEAD(&v->arch.hvm_vcpu.tm_list); _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Thu Jan 10 13:55:19 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Thu, 10 Jan 2013 13:55:19 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtIbC-0007rm-P6; Thu, 10 Jan 2013 13:55:14 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtIbA-0007rV-Um for xen-changelog@lists.xensource.com; Thu, 10 Jan 2013 13:55:13 +0000 Received: from [85.158.143.99:7400] by server-1.bemta-4.messagelabs.com id 2F/D0-18740-048CEE05; Thu, 10 Jan 2013 13:55:12 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-11.tower-216.messagelabs.com!1357826109!19834758!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 23153 invoked from network); 10 Jan 2013 13:55:10 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-11.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 10 Jan 2013 13:55:10 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtIb7-0000FZ-2U for xen-changelog@lists.xensource.com; Thu, 10 Jan 2013 13:55:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TtIb6-0005xY-IW for xen-changelog@lists.xensource.com; Thu, 10 Jan 2013 13:55:08 +0000 Message-Id: Date: Thu, 10 Jan 2013 13:55:07 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] x86/hvm: Bind device-model event-channels to registered device-model X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Keir Fraser # Date 1357743658 0 # Node ID 56b0d5476c11bfd09986080dfa97923586ef474f # Parent 63753c56bad7a6044aa6f50a9c974a73ccad7e4e x86/hvm: Bind device-model event-channels to registered device-model domid during vcpu initialisation. Signed-off-by: Keir Fraser --- diff -r 63753c56bad7 -r 56b0d5476c11 xen/arch/x86/hvm/hvm.c --- a/xen/arch/x86/hvm/hvm.c Wed Jan 09 08:44:17 2013 +0000 +++ b/xen/arch/x86/hvm/hvm.c Wed Jan 09 15:00:58 2013 +0000 @@ -1057,6 +1057,8 @@ __initcall(__hvm_register_CPU_XSAVE_save int hvm_vcpu_initialise(struct vcpu *v) { int rc; + struct domain *d = v->domain; + domid_t dm_domid = d->arch.hvm_domain.params[HVM_PARAM_DM_DOMAIN]; hvm_asid_flush_vcpu(v); @@ -1066,12 +1068,12 @@ int hvm_vcpu_initialise(struct vcpu *v) if ( (rc = hvm_funcs.vcpu_initialise(v)) != 0 ) goto fail2; - if ( nestedhvm_enabled(v->domain) + if ( nestedhvm_enabled(d) && (rc = nestedhvm_vcpu_initialise(v)) < 0 ) goto fail3; /* Create ioreq event channel. */ - rc = alloc_unbound_xen_event_channel(v, current->domain->domain_id, NULL); + rc = alloc_unbound_xen_event_channel(v, dm_domid, NULL); if ( rc < 0 ) goto fail4; @@ -1081,16 +1083,16 @@ int hvm_vcpu_initialise(struct vcpu *v) if ( v->vcpu_id == 0 ) { /* Create bufioreq event channel. */ - rc = alloc_unbound_xen_event_channel(v, current->domain->domain_id, NULL); + rc = alloc_unbound_xen_event_channel(v, dm_domid, NULL); if ( rc < 0 ) goto fail2; - v->domain->arch.hvm_domain.params[HVM_PARAM_BUFIOREQ_EVTCHN] = rc; + d->arch.hvm_domain.params[HVM_PARAM_BUFIOREQ_EVTCHN] = rc; } - spin_lock(&v->domain->arch.hvm_domain.ioreq.lock); - if ( v->domain->arch.hvm_domain.ioreq.va != NULL ) + spin_lock(&d->arch.hvm_domain.ioreq.lock); + if ( d->arch.hvm_domain.ioreq.va != NULL ) get_ioreq(v)->vp_eport = v->arch.hvm_vcpu.xen_port; - spin_unlock(&v->domain->arch.hvm_domain.ioreq.lock); + spin_unlock(&d->arch.hvm_domain.ioreq.lock); spin_lock_init(&v->arch.hvm_vcpu.tm_lock); INIT_LIST_HEAD(&v->arch.hvm_vcpu.tm_list); _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Thu Jan 10 17:33:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Thu, 10 Jan 2013 17:33:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtM0G-00061Z-Kx; Thu, 10 Jan 2013 17:33:20 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtM0E-00061R-R7 for xen-changelog@lists.xensource.com; Thu, 10 Jan 2013 17:33:18 +0000 Received: from [85.158.137.99:34765] by server-8.bemta-3.messagelabs.com id 71/A3-01233-95BFEE05; Thu, 10 Jan 2013 17:33:13 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-12.tower-217.messagelabs.com!1357839188!16440240!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 18738 invoked from network); 10 Jan 2013 17:33:10 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-12.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 10 Jan 2013 17:33:10 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtM04-00037l-Of for xen-changelog@lists.xensource.com; Thu, 10 Jan 2013 17:33:08 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TtM04-0003II-Fs for xen-changelog@lists.xensource.com; Thu, 10 Jan 2013 17:33:08 +0000 Message-Id: Date: Thu, 10 Jan 2013 17:33:08 +0000 From: Xen patchbot-4.1-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.1-testing] VT-d: fix interrupt remapping source validation for devices behind legacy bridges X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357748341 -3600 # Node ID 2a91623a5807d8a8a718968d89cb586b32a1dfd3 # Parent afdcd18ac70f43de3cf486da10327f515806f3ce VT-d: fix interrupt remapping source validation for devices behind legacy bridges Using SVT_VERIFY_BUS here doesn't make sense; native Linux also uses SVT_VERIFY_SID_SQ here instead. This is XSA-33 / CVE-2012-5634. Signed-off-by: Jan Beulich xen-unstable changeset: 26340:19fd1237ff0d xen-unstable date: Wed Jan 9 16:13:26 UTC 2013 --- diff -r afdcd18ac70f -r 2a91623a5807 xen/drivers/passthrough/vtd/intremap.c --- a/xen/drivers/passthrough/vtd/intremap.c Tue Jan 08 10:23:37 2013 +0100 +++ b/xen/drivers/passthrough/vtd/intremap.c Wed Jan 09 17:19:01 2013 +0100 @@ -499,7 +499,7 @@ static void set_msi_source_id(struct pci set_ire_sid(ire, SVT_VERIFY_BUS, SQ_ALL_16, (bus << 8) | pdev->bus); else if ( pdev_type(bus, devfn) == DEV_TYPE_LEGACY_PCI_BRIDGE ) - set_ire_sid(ire, SVT_VERIFY_BUS, SQ_ALL_16, + set_ire_sid(ire, SVT_VERIFY_SID_SQ, SQ_ALL_16, PCI_BDF2(bus, devfn)); } break; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Thu Jan 10 17:33:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Thu, 10 Jan 2013 17:33:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtM0G-00061Z-Kx; Thu, 10 Jan 2013 17:33:20 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtM0E-00061R-R7 for xen-changelog@lists.xensource.com; Thu, 10 Jan 2013 17:33:18 +0000 Received: from [85.158.137.99:34765] by server-8.bemta-3.messagelabs.com id 71/A3-01233-95BFEE05; Thu, 10 Jan 2013 17:33:13 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-12.tower-217.messagelabs.com!1357839188!16440240!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 18738 invoked from network); 10 Jan 2013 17:33:10 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-12.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 10 Jan 2013 17:33:10 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtM04-00037l-Of for xen-changelog@lists.xensource.com; Thu, 10 Jan 2013 17:33:08 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TtM04-0003II-Fs for xen-changelog@lists.xensource.com; Thu, 10 Jan 2013 17:33:08 +0000 Message-Id: Date: Thu, 10 Jan 2013 17:33:08 +0000 From: Xen patchbot-4.1-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.1-testing] VT-d: fix interrupt remapping source validation for devices behind legacy bridges X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1357748341 -3600 # Node ID 2a91623a5807d8a8a718968d89cb586b32a1dfd3 # Parent afdcd18ac70f43de3cf486da10327f515806f3ce VT-d: fix interrupt remapping source validation for devices behind legacy bridges Using SVT_VERIFY_BUS here doesn't make sense; native Linux also uses SVT_VERIFY_SID_SQ here instead. This is XSA-33 / CVE-2012-5634. Signed-off-by: Jan Beulich xen-unstable changeset: 26340:19fd1237ff0d xen-unstable date: Wed Jan 9 16:13:26 UTC 2013 --- diff -r afdcd18ac70f -r 2a91623a5807 xen/drivers/passthrough/vtd/intremap.c --- a/xen/drivers/passthrough/vtd/intremap.c Tue Jan 08 10:23:37 2013 +0100 +++ b/xen/drivers/passthrough/vtd/intremap.c Wed Jan 09 17:19:01 2013 +0100 @@ -499,7 +499,7 @@ static void set_msi_source_id(struct pci set_ire_sid(ire, SVT_VERIFY_BUS, SQ_ALL_16, (bus << 8) | pdev->bus); else if ( pdev_type(bus, devfn) == DEV_TYPE_LEGACY_PCI_BRIDGE ) - set_ire_sid(ire, SVT_VERIFY_BUS, SQ_ALL_16, + set_ire_sid(ire, SVT_VERIFY_SID_SQ, SQ_ALL_16, PCI_BDF2(bus, devfn)); } break; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 11 03:33:18 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 11 Jan 2013 03:33:18 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMo-0004fO-Lf; Fri, 11 Jan 2013 03:33:14 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMn-0004f1-7W for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:13 +0000 Received: from [85.158.143.35:3034] by server-2.bemta-4.messagelabs.com id D1/9C-24322-8F78FE05; Fri, 11 Jan 2013 03:33:12 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-14.tower-21.messagelabs.com!1357875190!15843501!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 13155 invoked from network); 11 Jan 2013 03:33:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-14.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 11 Jan 2013 03:33:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMk-0008NN-9f for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TtVMj-00021k-O4 for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:09 +0000 Message-Id: Date: Fri, 11 Jan 2013 03:33:09 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] HVM firmware passthrough control tools support X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ross Philipson # Date 1357838241 0 # Node ID cabf395a6c849cc65e56f1640b18db0c3e0faf5d # Parent 07bf59a7ce837bd795e2df2f28166cfe41990d3d HVM firmware passthrough control tools support Xen control tools support for loading the firmware passthrough blocks during domain construction. SMBIOS and ACPI blocks are passed in using the new xc_hvm_build_args structure. Each block is read and loaded into the new domain address space behind the HVMLOADER image. The base address for the two blocks is returned as an out parameter to the caller via the args structure. Signed-off-by: Ross Philipson Committed-by: Keir Fraser --- diff -r 07bf59a7ce83 -r cabf395a6c84 tools/libxc/xc_hvm_build_arm.c --- a/tools/libxc/xc_hvm_build_arm.c Thu Jan 10 17:16:28 2013 +0000 +++ b/tools/libxc/xc_hvm_build_arm.c Thu Jan 10 17:17:21 2013 +0000 @@ -22,7 +22,7 @@ #include int xc_hvm_build(xc_interface *xch, uint32_t domid, - const struct xc_hvm_build_args *hvm_args) + struct xc_hvm_build_args *hvm_args) { errno = ENOSYS; return -1; diff -r 07bf59a7ce83 -r cabf395a6c84 tools/libxc/xc_hvm_build_x86.c --- a/tools/libxc/xc_hvm_build_x86.c Thu Jan 10 17:16:28 2013 +0000 +++ b/tools/libxc/xc_hvm_build_x86.c Thu Jan 10 17:17:21 2013 +0000 @@ -49,6 +49,40 @@ #define NR_SPECIAL_PAGES 8 #define special_pfn(x) (0xff000u - NR_SPECIAL_PAGES + (x)) +static int modules_init(struct xc_hvm_build_args *args, + uint64_t vend, struct elf_binary *elf, + uint64_t *mstart_out, uint64_t *mend_out) +{ +#define MODULE_ALIGN 1UL << 7 +#define MB_ALIGN 1UL << 20 +#define MKALIGN(x, a) (((uint64_t)(x) + (a) - 1) & ~(uint64_t)((a) - 1)) + uint64_t total_len = 0, offset1 = 0; + + if ( (args->acpi_module.length == 0)&&(args->smbios_module.length == 0) ) + return 0; + + /* Find the total length for the firmware modules with a reasonable large + * alignment size to align each the modules. + */ + total_len = MKALIGN(args->acpi_module.length, MODULE_ALIGN); + offset1 = total_len; + total_len += MKALIGN(args->smbios_module.length, MODULE_ALIGN); + + /* Want to place the modules 1Mb+change behind the loader image. */ + *mstart_out = MKALIGN(elf->pend, MB_ALIGN) + (MB_ALIGN); + *mend_out = *mstart_out + total_len; + + if ( *mend_out > vend ) + return -1; + + if ( args->acpi_module.length != 0 ) + args->acpi_module.guest_addr_out = *mstart_out; + if ( args->smbios_module.length != 0 ) + args->smbios_module.guest_addr_out = *mstart_out + offset1; + + return 0; +} + static void build_hvm_info(void *hvm_info_page, uint64_t mem_size, uint64_t mmio_start, uint64_t mmio_size) { @@ -86,9 +120,8 @@ static void build_hvm_info(void *hvm_inf hvm_info->checksum = -sum; } -static int loadelfimage( - xc_interface *xch, - struct elf_binary *elf, uint32_t dom, unsigned long *parray) +static int loadelfimage(xc_interface *xch, struct elf_binary *elf, + uint32_t dom, unsigned long *parray) { privcmd_mmap_entry_t *entries = NULL; unsigned long pfn_start = elf->pstart >> PAGE_SHIFT; @@ -126,6 +159,66 @@ static int loadelfimage( return rc; } +static int loadmodules(xc_interface *xch, + struct xc_hvm_build_args *args, + uint64_t mstart, uint64_t mend, + uint32_t dom, unsigned long *parray) +{ + privcmd_mmap_entry_t *entries = NULL; + unsigned long pfn_start; + unsigned long pfn_end; + size_t pages; + uint32_t i; + uint8_t *dest; + int rc = -1; + + if ( (mstart == 0)||(mend == 0) ) + return 0; + + pfn_start = (unsigned long)(mstart >> PAGE_SHIFT); + pfn_end = (unsigned long)((mend + PAGE_SIZE - 1) >> PAGE_SHIFT); + pages = pfn_end - pfn_start; + + /* Map address space for module list. */ + entries = calloc(pages, sizeof(privcmd_mmap_entry_t)); + if ( entries == NULL ) + goto error_out; + + for ( i = 0; i < pages; i++ ) + entries[i].mfn = parray[(mstart >> PAGE_SHIFT) + i]; + + dest = xc_map_foreign_ranges( + xch, dom, pages << PAGE_SHIFT, PROT_READ | PROT_WRITE, 1 << PAGE_SHIFT, + entries, pages); + if ( dest == NULL ) + goto error_out; + + /* Zero the range so padding is clear between modules */ + memset(dest, 0, pages << PAGE_SHIFT); + + /* Load modules into range */ + if ( args->acpi_module.length != 0 ) + { + memcpy(dest, + args->acpi_module.data, + args->acpi_module.length); + } + if ( args->smbios_module.length != 0 ) + { + memcpy(dest + (args->smbios_module.guest_addr_out - mstart), + args->smbios_module.data, + args->smbios_module.length); + } + + munmap(dest, pages << PAGE_SHIFT); + rc = 0; + + error_out: + free(entries); + + return rc; +} + /* * Check whether there exists mmio hole in the specified memory range. * Returns 1 if exists, else returns 0. @@ -140,7 +233,7 @@ static int check_mmio_hole(uint64_t star } static int setup_guest(xc_interface *xch, - uint32_t dom, const struct xc_hvm_build_args *args, + uint32_t dom, struct xc_hvm_build_args *args, char *image, unsigned long image_size) { xen_pfn_t *page_array = NULL; @@ -153,6 +246,7 @@ static int setup_guest(xc_interface *xch uint32_t *ident_pt; struct elf_binary elf; uint64_t v_start, v_end; + uint64_t m_start = 0, m_end = 0; int rc; xen_capabilities_info_t caps; unsigned long stat_normal_pages = 0, stat_2mb_pages = 0, @@ -178,11 +272,19 @@ static int setup_guest(xc_interface *xch goto error_out; } + if ( modules_init(args, v_end, &elf, &m_start, &m_end) != 0 ) + { + ERROR("Insufficient space to load modules."); + goto error_out; + } + IPRINTF("VIRTUAL MEMORY ARRANGEMENT:\n" " Loader: %016"PRIx64"->%016"PRIx64"\n" + " Modules: %016"PRIx64"->%016"PRIx64"\n" " TOTAL: %016"PRIx64"->%016"PRIx64"\n" " ENTRY ADDRESS: %016"PRIx64"\n", elf.pstart, elf.pend, + m_start, m_end, v_start, v_end, elf_uval(&elf, elf.ehdr, e_entry)); @@ -337,6 +439,9 @@ static int setup_guest(xc_interface *xch if ( loadelfimage(xch, &elf, dom, page_array) != 0 ) goto error_out; + if ( loadmodules(xch, args, m_start, m_end, dom, page_array) != 0 ) + goto error_out; + if ( (hvm_info_page = xc_map_foreign_range( xch, dom, PAGE_SIZE, PROT_READ | PROT_WRITE, HVM_INFO_PFN)) == NULL ) @@ -413,7 +518,7 @@ static int setup_guest(xc_interface *xch * Create a domain for a virtualized Linux, using files/filenames. */ int xc_hvm_build(xc_interface *xch, uint32_t domid, - const struct xc_hvm_build_args *hvm_args) + struct xc_hvm_build_args *hvm_args) { struct xc_hvm_build_args args = *hvm_args; void *image; @@ -441,6 +546,15 @@ int xc_hvm_build(xc_interface *xch, uint sts = setup_guest(xch, domid, &args, image, image_size); + if (!sts) + { + /* Return module load addresses to caller */ + hvm_args->acpi_module.guest_addr_out = + args.acpi_module.guest_addr_out; + hvm_args->smbios_module.guest_addr_out = + args.smbios_module.guest_addr_out; + } + free(image); return sts; @@ -461,6 +575,7 @@ int xc_hvm_build_target_mem(xc_interface { struct xc_hvm_build_args args = {}; + memset(&args, 0, sizeof(struct xc_hvm_build_args)); args.mem_size = (uint64_t)memsize << 20; args.mem_target = (uint64_t)target << 20; args.image_file_name = image_name; diff -r 07bf59a7ce83 -r cabf395a6c84 tools/libxc/xenguest.h --- a/tools/libxc/xenguest.h Thu Jan 10 17:16:28 2013 +0000 +++ b/tools/libxc/xenguest.h Thu Jan 10 17:17:21 2013 +0000 @@ -211,11 +211,23 @@ int xc_linux_build_mem(xc_interface *xch unsigned int console_evtchn, unsigned long *console_mfn); +struct xc_hvm_firmware_module { + uint8_t *data; + uint32_t length; + uint64_t guest_addr_out; +}; + struct xc_hvm_build_args { uint64_t mem_size; /* Memory size in bytes. */ uint64_t mem_target; /* Memory target in bytes. */ uint64_t mmio_size; /* Size of the MMIO hole in bytes. */ const char *image_file_name; /* File name of the image to load. */ + + /* Extra ACPI tables passed to HVMLOADER */ + struct xc_hvm_firmware_module acpi_module; + + /* Extra SMBIOS structures passed to HVMLOADER */ + struct xc_hvm_firmware_module smbios_module; }; /** @@ -228,7 +240,7 @@ struct xc_hvm_build_args { * are optional. */ int xc_hvm_build(xc_interface *xch, uint32_t domid, - const struct xc_hvm_build_args *hvm_args); + struct xc_hvm_build_args *hvm_args); int xc_hvm_build_target_mem(xc_interface *xch, uint32_t domid, diff -r 07bf59a7ce83 -r cabf395a6c84 tools/libxc/xg_private.c --- a/tools/libxc/xg_private.c Thu Jan 10 17:16:28 2013 +0000 +++ b/tools/libxc/xg_private.c Thu Jan 10 17:17:21 2013 +0000 @@ -192,7 +192,7 @@ unsigned long csum_page(void *page) __attribute__((weak)) int xc_hvm_build(xc_interface *xch, uint32_t domid, - const struct xc_hvm_build_args *hvm_args) + struct xc_hvm_build_args *hvm_args) { errno = ENOSYS; return -1; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 11 03:33:18 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 11 Jan 2013 03:33:18 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMo-0004fO-Lf; Fri, 11 Jan 2013 03:33:14 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMn-0004f1-7W for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:13 +0000 Received: from [85.158.143.35:3034] by server-2.bemta-4.messagelabs.com id D1/9C-24322-8F78FE05; Fri, 11 Jan 2013 03:33:12 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-14.tower-21.messagelabs.com!1357875190!15843501!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 13155 invoked from network); 11 Jan 2013 03:33:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-14.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 11 Jan 2013 03:33:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMk-0008NN-9f for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TtVMj-00021k-O4 for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:09 +0000 Message-Id: Date: Fri, 11 Jan 2013 03:33:09 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] HVM firmware passthrough control tools support X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ross Philipson # Date 1357838241 0 # Node ID cabf395a6c849cc65e56f1640b18db0c3e0faf5d # Parent 07bf59a7ce837bd795e2df2f28166cfe41990d3d HVM firmware passthrough control tools support Xen control tools support for loading the firmware passthrough blocks during domain construction. SMBIOS and ACPI blocks are passed in using the new xc_hvm_build_args structure. Each block is read and loaded into the new domain address space behind the HVMLOADER image. The base address for the two blocks is returned as an out parameter to the caller via the args structure. Signed-off-by: Ross Philipson Committed-by: Keir Fraser --- diff -r 07bf59a7ce83 -r cabf395a6c84 tools/libxc/xc_hvm_build_arm.c --- a/tools/libxc/xc_hvm_build_arm.c Thu Jan 10 17:16:28 2013 +0000 +++ b/tools/libxc/xc_hvm_build_arm.c Thu Jan 10 17:17:21 2013 +0000 @@ -22,7 +22,7 @@ #include int xc_hvm_build(xc_interface *xch, uint32_t domid, - const struct xc_hvm_build_args *hvm_args) + struct xc_hvm_build_args *hvm_args) { errno = ENOSYS; return -1; diff -r 07bf59a7ce83 -r cabf395a6c84 tools/libxc/xc_hvm_build_x86.c --- a/tools/libxc/xc_hvm_build_x86.c Thu Jan 10 17:16:28 2013 +0000 +++ b/tools/libxc/xc_hvm_build_x86.c Thu Jan 10 17:17:21 2013 +0000 @@ -49,6 +49,40 @@ #define NR_SPECIAL_PAGES 8 #define special_pfn(x) (0xff000u - NR_SPECIAL_PAGES + (x)) +static int modules_init(struct xc_hvm_build_args *args, + uint64_t vend, struct elf_binary *elf, + uint64_t *mstart_out, uint64_t *mend_out) +{ +#define MODULE_ALIGN 1UL << 7 +#define MB_ALIGN 1UL << 20 +#define MKALIGN(x, a) (((uint64_t)(x) + (a) - 1) & ~(uint64_t)((a) - 1)) + uint64_t total_len = 0, offset1 = 0; + + if ( (args->acpi_module.length == 0)&&(args->smbios_module.length == 0) ) + return 0; + + /* Find the total length for the firmware modules with a reasonable large + * alignment size to align each the modules. + */ + total_len = MKALIGN(args->acpi_module.length, MODULE_ALIGN); + offset1 = total_len; + total_len += MKALIGN(args->smbios_module.length, MODULE_ALIGN); + + /* Want to place the modules 1Mb+change behind the loader image. */ + *mstart_out = MKALIGN(elf->pend, MB_ALIGN) + (MB_ALIGN); + *mend_out = *mstart_out + total_len; + + if ( *mend_out > vend ) + return -1; + + if ( args->acpi_module.length != 0 ) + args->acpi_module.guest_addr_out = *mstart_out; + if ( args->smbios_module.length != 0 ) + args->smbios_module.guest_addr_out = *mstart_out + offset1; + + return 0; +} + static void build_hvm_info(void *hvm_info_page, uint64_t mem_size, uint64_t mmio_start, uint64_t mmio_size) { @@ -86,9 +120,8 @@ static void build_hvm_info(void *hvm_inf hvm_info->checksum = -sum; } -static int loadelfimage( - xc_interface *xch, - struct elf_binary *elf, uint32_t dom, unsigned long *parray) +static int loadelfimage(xc_interface *xch, struct elf_binary *elf, + uint32_t dom, unsigned long *parray) { privcmd_mmap_entry_t *entries = NULL; unsigned long pfn_start = elf->pstart >> PAGE_SHIFT; @@ -126,6 +159,66 @@ static int loadelfimage( return rc; } +static int loadmodules(xc_interface *xch, + struct xc_hvm_build_args *args, + uint64_t mstart, uint64_t mend, + uint32_t dom, unsigned long *parray) +{ + privcmd_mmap_entry_t *entries = NULL; + unsigned long pfn_start; + unsigned long pfn_end; + size_t pages; + uint32_t i; + uint8_t *dest; + int rc = -1; + + if ( (mstart == 0)||(mend == 0) ) + return 0; + + pfn_start = (unsigned long)(mstart >> PAGE_SHIFT); + pfn_end = (unsigned long)((mend + PAGE_SIZE - 1) >> PAGE_SHIFT); + pages = pfn_end - pfn_start; + + /* Map address space for module list. */ + entries = calloc(pages, sizeof(privcmd_mmap_entry_t)); + if ( entries == NULL ) + goto error_out; + + for ( i = 0; i < pages; i++ ) + entries[i].mfn = parray[(mstart >> PAGE_SHIFT) + i]; + + dest = xc_map_foreign_ranges( + xch, dom, pages << PAGE_SHIFT, PROT_READ | PROT_WRITE, 1 << PAGE_SHIFT, + entries, pages); + if ( dest == NULL ) + goto error_out; + + /* Zero the range so padding is clear between modules */ + memset(dest, 0, pages << PAGE_SHIFT); + + /* Load modules into range */ + if ( args->acpi_module.length != 0 ) + { + memcpy(dest, + args->acpi_module.data, + args->acpi_module.length); + } + if ( args->smbios_module.length != 0 ) + { + memcpy(dest + (args->smbios_module.guest_addr_out - mstart), + args->smbios_module.data, + args->smbios_module.length); + } + + munmap(dest, pages << PAGE_SHIFT); + rc = 0; + + error_out: + free(entries); + + return rc; +} + /* * Check whether there exists mmio hole in the specified memory range. * Returns 1 if exists, else returns 0. @@ -140,7 +233,7 @@ static int check_mmio_hole(uint64_t star } static int setup_guest(xc_interface *xch, - uint32_t dom, const struct xc_hvm_build_args *args, + uint32_t dom, struct xc_hvm_build_args *args, char *image, unsigned long image_size) { xen_pfn_t *page_array = NULL; @@ -153,6 +246,7 @@ static int setup_guest(xc_interface *xch uint32_t *ident_pt; struct elf_binary elf; uint64_t v_start, v_end; + uint64_t m_start = 0, m_end = 0; int rc; xen_capabilities_info_t caps; unsigned long stat_normal_pages = 0, stat_2mb_pages = 0, @@ -178,11 +272,19 @@ static int setup_guest(xc_interface *xch goto error_out; } + if ( modules_init(args, v_end, &elf, &m_start, &m_end) != 0 ) + { + ERROR("Insufficient space to load modules."); + goto error_out; + } + IPRINTF("VIRTUAL MEMORY ARRANGEMENT:\n" " Loader: %016"PRIx64"->%016"PRIx64"\n" + " Modules: %016"PRIx64"->%016"PRIx64"\n" " TOTAL: %016"PRIx64"->%016"PRIx64"\n" " ENTRY ADDRESS: %016"PRIx64"\n", elf.pstart, elf.pend, + m_start, m_end, v_start, v_end, elf_uval(&elf, elf.ehdr, e_entry)); @@ -337,6 +439,9 @@ static int setup_guest(xc_interface *xch if ( loadelfimage(xch, &elf, dom, page_array) != 0 ) goto error_out; + if ( loadmodules(xch, args, m_start, m_end, dom, page_array) != 0 ) + goto error_out; + if ( (hvm_info_page = xc_map_foreign_range( xch, dom, PAGE_SIZE, PROT_READ | PROT_WRITE, HVM_INFO_PFN)) == NULL ) @@ -413,7 +518,7 @@ static int setup_guest(xc_interface *xch * Create a domain for a virtualized Linux, using files/filenames. */ int xc_hvm_build(xc_interface *xch, uint32_t domid, - const struct xc_hvm_build_args *hvm_args) + struct xc_hvm_build_args *hvm_args) { struct xc_hvm_build_args args = *hvm_args; void *image; @@ -441,6 +546,15 @@ int xc_hvm_build(xc_interface *xch, uint sts = setup_guest(xch, domid, &args, image, image_size); + if (!sts) + { + /* Return module load addresses to caller */ + hvm_args->acpi_module.guest_addr_out = + args.acpi_module.guest_addr_out; + hvm_args->smbios_module.guest_addr_out = + args.smbios_module.guest_addr_out; + } + free(image); return sts; @@ -461,6 +575,7 @@ int xc_hvm_build_target_mem(xc_interface { struct xc_hvm_build_args args = {}; + memset(&args, 0, sizeof(struct xc_hvm_build_args)); args.mem_size = (uint64_t)memsize << 20; args.mem_target = (uint64_t)target << 20; args.image_file_name = image_name; diff -r 07bf59a7ce83 -r cabf395a6c84 tools/libxc/xenguest.h --- a/tools/libxc/xenguest.h Thu Jan 10 17:16:28 2013 +0000 +++ b/tools/libxc/xenguest.h Thu Jan 10 17:17:21 2013 +0000 @@ -211,11 +211,23 @@ int xc_linux_build_mem(xc_interface *xch unsigned int console_evtchn, unsigned long *console_mfn); +struct xc_hvm_firmware_module { + uint8_t *data; + uint32_t length; + uint64_t guest_addr_out; +}; + struct xc_hvm_build_args { uint64_t mem_size; /* Memory size in bytes. */ uint64_t mem_target; /* Memory target in bytes. */ uint64_t mmio_size; /* Size of the MMIO hole in bytes. */ const char *image_file_name; /* File name of the image to load. */ + + /* Extra ACPI tables passed to HVMLOADER */ + struct xc_hvm_firmware_module acpi_module; + + /* Extra SMBIOS structures passed to HVMLOADER */ + struct xc_hvm_firmware_module smbios_module; }; /** @@ -228,7 +240,7 @@ struct xc_hvm_build_args { * are optional. */ int xc_hvm_build(xc_interface *xch, uint32_t domid, - const struct xc_hvm_build_args *hvm_args); + struct xc_hvm_build_args *hvm_args); int xc_hvm_build_target_mem(xc_interface *xch, uint32_t domid, diff -r 07bf59a7ce83 -r cabf395a6c84 tools/libxc/xg_private.c --- a/tools/libxc/xg_private.c Thu Jan 10 17:16:28 2013 +0000 +++ b/tools/libxc/xg_private.c Thu Jan 10 17:17:21 2013 +0000 @@ -192,7 +192,7 @@ unsigned long csum_page(void *page) __attribute__((weak)) int xc_hvm_build(xc_interface *xch, uint32_t domid, - const struct xc_hvm_build_args *hvm_args) + struct xc_hvm_build_args *hvm_args) { errno = ENOSYS; return -1; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 11 03:33:18 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 11 Jan 2013 03:33:18 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMn-0004fA-It; Fri, 11 Jan 2013 03:33:13 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMm-0004ez-Fn for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:12 +0000 Received: from [85.158.139.211:2373] by server-12.bemta-5.messagelabs.com id 2A/0C-02275-7F78FE05; Fri, 11 Jan 2013 03:33:11 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-4.tower-206.messagelabs.com!1357875190!21255159!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG, UPPERCASE_25_50 X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 10875 invoked from network); 11 Jan 2013 03:33:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-4.tower-206.messagelabs.com with AES256-SHA encrypted SMTP; 11 Jan 2013 03:33:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMj-0008NK-PV for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TtVMj-00021V-3o for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:09 +0000 Message-Id: Date: Fri, 11 Jan 2013 03:33:08 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] HVM xenstore strings and firmware passthrough header X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ross Philipson # Date 1357838188 0 # Node ID 07bf59a7ce837bd795e2df2f28166cfe41990d3d # Parent 19fd1237ff0dfa3d97a896d6ed6fbbd33f816a9f HVM xenstore strings and firmware passthrough header Add public HVM definitions header for xenstore strings used in HVMLOADER. In addition this header describes the use of the firmware passthrough values set using xenstore. Signed-off-by: Ross Philipson Committed-by: Keir Fraser --- diff -r 19fd1237ff0d -r 07bf59a7ce83 xen/include/public/hvm/hvm_xs_strings.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/xen/include/public/hvm/hvm_xs_strings.h Thu Jan 10 17:16:28 2013 +0000 @@ -0,0 +1,79 @@ +/****************************************************************************** + * hvm/hvm_xs_strings.h + * + * HVM xenstore strings used in HVMLOADER. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to + * deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or + * sell copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER + * DEALINGS IN THE SOFTWARE. + */ + +#ifndef __XEN_PUBLIC_HVM_HVM_XS_STRINGS_H__ +#define __XEN_PUBLIC_HVM_HVM_XS_STRINGS_H__ + +#define HVM_XS_HVMLOADER "hvmloader" +#define HVM_XS_BIOS "hvmloader/bios" +#define HVM_XS_GENERATION_ID_ADDRESS "hvmloader/generation-id-address" + +/* The following values allow additional ACPI tables to be added to the + * virtual ACPI BIOS that hvmloader constructs. The values specify the guest + * physical address and length of a block of ACPI tables to add. The format of + * the block is simply concatenated raw tables (which specify their own length + * in the ACPI header). + */ +#define HVM_XS_ACPI_PT_ADDRESS "hvmloader/acpi/address" +#define HVM_XS_ACPI_PT_LENGTH "hvmloader/acpi/length" + +/* Any number of SMBIOS types can be passed through to an HVM guest using + * the following xenstore values. The values specify the guest physical + * address and length of a block of SMBIOS structures for hvmloader to use. + * The block is formatted in the following way: + * + * ... + * + * Each length separator is a 32b integer indicating the length of the next + * SMBIOS structure. For DMTF defined types (0 - 121), the passed in struct + * will replace the default structure in hvmloader. In addition, any + * OEM/vendortypes (128 - 255) will all be added. + */ +#define HVM_XS_SMBIOS_PT_ADDRESS "hvmloader/smbios/address" +#define HVM_XS_SMBIOS_PT_LENGTH "hvmloader/smbios/length" + +/* Set to 1 to enable SMBIOS default portable battery (type 22) values. */ +#define HVM_XS_SMBIOS_DEFAULT_BATTERY "hvmloader/smbios/default_battery" + +/* The following xenstore values are used to override some of the default + * string values in the SMBIOS table constructed in hvmloader. + */ +#define HVM_XS_BIOS_STRINGS "bios-strings" +#define HVM_XS_BIOS_VENDOR "bios-strings/bios-vendor" +#define HVM_XS_BIOS_VERSION "bios-strings/bios-version" +#define HVM_XS_SYSTEM_MANUFACTURER "bios-strings/system-manufacturer" +#define HVM_XS_SYSTEM_PRODUCT_NAME "bios-strings/system-product-name" +#define HVM_XS_SYSTEM_VERSION "bios-strings/system-version" +#define HVM_XS_SYSTEM_SERIAL_NUMBER "bios-strings/system-serial-number" +#define HVM_XS_ENCLOSURE_MANUFACTURER "bios-strings/enclosure-manufacturer" +#define HVM_XS_ENCLOSURE_SERIAL_NUMBER "bios-strings/enclosure-serial-number" +#define HVM_XS_BATTERY_MANUFACTURER "bios-strings/battery-manufacturer" +#define HVM_XS_BATTERY_DEVICE_NAME "bios-strings/battery-device-name" + +/* 1 to 99 OEM strings can be set in xenstore using values of the form + * below. These strings will be loaded into the SMBIOS type 11 structure. + */ +#define HVM_XS_OEM_STRINGS "bios-strings/oem-%02d" + +#endif /* __XEN_PUBLIC_HVM_HVM_XS_STRINGS_H__ */ _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 11 03:33:18 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 11 Jan 2013 03:33:18 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMn-0004fA-It; Fri, 11 Jan 2013 03:33:13 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMm-0004ez-Fn for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:12 +0000 Received: from [85.158.139.211:2373] by server-12.bemta-5.messagelabs.com id 2A/0C-02275-7F78FE05; Fri, 11 Jan 2013 03:33:11 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-4.tower-206.messagelabs.com!1357875190!21255159!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG, UPPERCASE_25_50 X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 10875 invoked from network); 11 Jan 2013 03:33:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-4.tower-206.messagelabs.com with AES256-SHA encrypted SMTP; 11 Jan 2013 03:33:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMj-0008NK-PV for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TtVMj-00021V-3o for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:09 +0000 Message-Id: Date: Fri, 11 Jan 2013 03:33:08 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] HVM xenstore strings and firmware passthrough header X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ross Philipson # Date 1357838188 0 # Node ID 07bf59a7ce837bd795e2df2f28166cfe41990d3d # Parent 19fd1237ff0dfa3d97a896d6ed6fbbd33f816a9f HVM xenstore strings and firmware passthrough header Add public HVM definitions header for xenstore strings used in HVMLOADER. In addition this header describes the use of the firmware passthrough values set using xenstore. Signed-off-by: Ross Philipson Committed-by: Keir Fraser --- diff -r 19fd1237ff0d -r 07bf59a7ce83 xen/include/public/hvm/hvm_xs_strings.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/xen/include/public/hvm/hvm_xs_strings.h Thu Jan 10 17:16:28 2013 +0000 @@ -0,0 +1,79 @@ +/****************************************************************************** + * hvm/hvm_xs_strings.h + * + * HVM xenstore strings used in HVMLOADER. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to + * deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or + * sell copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER + * DEALINGS IN THE SOFTWARE. + */ + +#ifndef __XEN_PUBLIC_HVM_HVM_XS_STRINGS_H__ +#define __XEN_PUBLIC_HVM_HVM_XS_STRINGS_H__ + +#define HVM_XS_HVMLOADER "hvmloader" +#define HVM_XS_BIOS "hvmloader/bios" +#define HVM_XS_GENERATION_ID_ADDRESS "hvmloader/generation-id-address" + +/* The following values allow additional ACPI tables to be added to the + * virtual ACPI BIOS that hvmloader constructs. The values specify the guest + * physical address and length of a block of ACPI tables to add. The format of + * the block is simply concatenated raw tables (which specify their own length + * in the ACPI header). + */ +#define HVM_XS_ACPI_PT_ADDRESS "hvmloader/acpi/address" +#define HVM_XS_ACPI_PT_LENGTH "hvmloader/acpi/length" + +/* Any number of SMBIOS types can be passed through to an HVM guest using + * the following xenstore values. The values specify the guest physical + * address and length of a block of SMBIOS structures for hvmloader to use. + * The block is formatted in the following way: + * + * ... + * + * Each length separator is a 32b integer indicating the length of the next + * SMBIOS structure. For DMTF defined types (0 - 121), the passed in struct + * will replace the default structure in hvmloader. In addition, any + * OEM/vendortypes (128 - 255) will all be added. + */ +#define HVM_XS_SMBIOS_PT_ADDRESS "hvmloader/smbios/address" +#define HVM_XS_SMBIOS_PT_LENGTH "hvmloader/smbios/length" + +/* Set to 1 to enable SMBIOS default portable battery (type 22) values. */ +#define HVM_XS_SMBIOS_DEFAULT_BATTERY "hvmloader/smbios/default_battery" + +/* The following xenstore values are used to override some of the default + * string values in the SMBIOS table constructed in hvmloader. + */ +#define HVM_XS_BIOS_STRINGS "bios-strings" +#define HVM_XS_BIOS_VENDOR "bios-strings/bios-vendor" +#define HVM_XS_BIOS_VERSION "bios-strings/bios-version" +#define HVM_XS_SYSTEM_MANUFACTURER "bios-strings/system-manufacturer" +#define HVM_XS_SYSTEM_PRODUCT_NAME "bios-strings/system-product-name" +#define HVM_XS_SYSTEM_VERSION "bios-strings/system-version" +#define HVM_XS_SYSTEM_SERIAL_NUMBER "bios-strings/system-serial-number" +#define HVM_XS_ENCLOSURE_MANUFACTURER "bios-strings/enclosure-manufacturer" +#define HVM_XS_ENCLOSURE_SERIAL_NUMBER "bios-strings/enclosure-serial-number" +#define HVM_XS_BATTERY_MANUFACTURER "bios-strings/battery-manufacturer" +#define HVM_XS_BATTERY_DEVICE_NAME "bios-strings/battery-device-name" + +/* 1 to 99 OEM strings can be set in xenstore using values of the form + * below. These strings will be loaded into the SMBIOS type 11 structure. + */ +#define HVM_XS_OEM_STRINGS "bios-strings/oem-%02d" + +#endif /* __XEN_PUBLIC_HVM_HVM_XS_STRINGS_H__ */ _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 11 03:33:20 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 11 Jan 2013 03:33:20 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMp-0004fV-OM; Fri, 11 Jan 2013 03:33:15 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMn-0004f1-P1 for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:13 +0000 Received: from [85.158.143.99:38256] by server-2.bemta-4.messagelabs.com id 62/9C-24322-9F78FE05; Fri, 11 Jan 2013 03:33:13 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-3.tower-216.messagelabs.com!1357875191!26879552!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 25217 invoked from network); 11 Jan 2013 03:33:12 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-3.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 11 Jan 2013 03:33:12 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMl-0008NT-AL for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:11 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TtVMl-00022E-3t for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:11 +0000 Message-Id: Date: Fri, 11 Jan 2013 03:33:10 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] HVM firmware passthrough ACPI processing X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ross Philipson # Date 1357838323 0 # Node ID b9c38bea15b117552ecb51809779c7cfef82dd44 # Parent a7ce196f40444fafbe8f13b2d80e4885d4321806 HVM firmware passthrough ACPI processing ACPI table passthrough support allowing additional static tables and SSDTs (AML code) to be loaded. These additional tables are added at the end of the secondary table list in the RSDT/XSDT tables. Signed-off-by: Ross Philipson Committed-by: Keir Fraser --- diff -r a7ce196f4044 -r b9c38bea15b1 tools/firmware/hvmloader/acpi/build.c --- a/tools/firmware/hvmloader/acpi/build.c Thu Jan 10 17:18:10 2013 +0000 +++ b/tools/firmware/hvmloader/acpi/build.c Thu Jan 10 17:18:43 2013 +0000 @@ -23,6 +23,9 @@ #include "ssdt_pm.h" #include "../config.h" #include "../util.h" +#include + +#define ACPI_MAX_SECONDARY_TABLES 16 #define align16(sz) (((sz) + 15) & ~15) #define fixed_strcpy(d, s) strncpy((d), (s), sizeof(d)) @@ -198,6 +201,52 @@ static struct acpi_20_waet *construct_wa return waet; } +static int construct_passthrough_tables(unsigned long *table_ptrs, + int nr_tables) +{ + const char *s; + uint8_t *acpi_pt_addr; + uint32_t acpi_pt_length; + struct acpi_header *header; + int nr_added; + int nr_max = (ACPI_MAX_SECONDARY_TABLES - nr_tables - 1); + uint32_t total = 0; + uint8_t *buffer; + + s = xenstore_read(HVM_XS_ACPI_PT_ADDRESS, NULL); + if ( s == NULL ) + return 0; + + acpi_pt_addr = (uint8_t*)(uint32_t)strtoll(s, NULL, 0); + if ( acpi_pt_addr == NULL ) + return 0; + + s = xenstore_read(HVM_XS_ACPI_PT_LENGTH, NULL); + if ( s == NULL ) + return 0; + + acpi_pt_length = (uint32_t)strtoll(s, NULL, 0); + + for ( nr_added = 0; nr_added < nr_max; nr_added++ ) + { + if ( (acpi_pt_length - total) < sizeof(struct acpi_header) ) + break; + + header = (struct acpi_header*)acpi_pt_addr; + + buffer = mem_alloc(header->length, 16); + if ( buffer == NULL ) + break; + memcpy(buffer, header, header->length); + + table_ptrs[nr_tables++] = (unsigned long)buffer; + total += header->length; + acpi_pt_addr += header->length; + } + + return nr_added; +} + static int construct_secondary_tables(unsigned long *table_ptrs, struct acpi_info *info) { @@ -293,6 +342,9 @@ static int construct_secondary_tables(un } } + /* Load any additional tables passed through. */ + nr_tables += construct_passthrough_tables(table_ptrs, nr_tables); + table_ptrs[nr_tables] = 0; return nr_tables; } @@ -327,7 +379,7 @@ void acpi_build_tables(struct acpi_confi struct acpi_10_fadt *fadt_10; struct acpi_20_facs *facs; unsigned char *dsdt; - unsigned long secondary_tables[16]; + unsigned long secondary_tables[ACPI_MAX_SECONDARY_TABLES]; int nr_secondaries, i; unsigned long vm_gid_addr; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 11 03:33:20 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 11 Jan 2013 03:33:20 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMp-0004fV-OM; Fri, 11 Jan 2013 03:33:15 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMn-0004f1-P1 for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:13 +0000 Received: from [85.158.143.99:38256] by server-2.bemta-4.messagelabs.com id 62/9C-24322-9F78FE05; Fri, 11 Jan 2013 03:33:13 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-3.tower-216.messagelabs.com!1357875191!26879552!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 25217 invoked from network); 11 Jan 2013 03:33:12 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-3.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 11 Jan 2013 03:33:12 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMl-0008NT-AL for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:11 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TtVMl-00022E-3t for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:11 +0000 Message-Id: Date: Fri, 11 Jan 2013 03:33:10 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] HVM firmware passthrough ACPI processing X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ross Philipson # Date 1357838323 0 # Node ID b9c38bea15b117552ecb51809779c7cfef82dd44 # Parent a7ce196f40444fafbe8f13b2d80e4885d4321806 HVM firmware passthrough ACPI processing ACPI table passthrough support allowing additional static tables and SSDTs (AML code) to be loaded. These additional tables are added at the end of the secondary table list in the RSDT/XSDT tables. Signed-off-by: Ross Philipson Committed-by: Keir Fraser --- diff -r a7ce196f4044 -r b9c38bea15b1 tools/firmware/hvmloader/acpi/build.c --- a/tools/firmware/hvmloader/acpi/build.c Thu Jan 10 17:18:10 2013 +0000 +++ b/tools/firmware/hvmloader/acpi/build.c Thu Jan 10 17:18:43 2013 +0000 @@ -23,6 +23,9 @@ #include "ssdt_pm.h" #include "../config.h" #include "../util.h" +#include + +#define ACPI_MAX_SECONDARY_TABLES 16 #define align16(sz) (((sz) + 15) & ~15) #define fixed_strcpy(d, s) strncpy((d), (s), sizeof(d)) @@ -198,6 +201,52 @@ static struct acpi_20_waet *construct_wa return waet; } +static int construct_passthrough_tables(unsigned long *table_ptrs, + int nr_tables) +{ + const char *s; + uint8_t *acpi_pt_addr; + uint32_t acpi_pt_length; + struct acpi_header *header; + int nr_added; + int nr_max = (ACPI_MAX_SECONDARY_TABLES - nr_tables - 1); + uint32_t total = 0; + uint8_t *buffer; + + s = xenstore_read(HVM_XS_ACPI_PT_ADDRESS, NULL); + if ( s == NULL ) + return 0; + + acpi_pt_addr = (uint8_t*)(uint32_t)strtoll(s, NULL, 0); + if ( acpi_pt_addr == NULL ) + return 0; + + s = xenstore_read(HVM_XS_ACPI_PT_LENGTH, NULL); + if ( s == NULL ) + return 0; + + acpi_pt_length = (uint32_t)strtoll(s, NULL, 0); + + for ( nr_added = 0; nr_added < nr_max; nr_added++ ) + { + if ( (acpi_pt_length - total) < sizeof(struct acpi_header) ) + break; + + header = (struct acpi_header*)acpi_pt_addr; + + buffer = mem_alloc(header->length, 16); + if ( buffer == NULL ) + break; + memcpy(buffer, header, header->length); + + table_ptrs[nr_tables++] = (unsigned long)buffer; + total += header->length; + acpi_pt_addr += header->length; + } + + return nr_added; +} + static int construct_secondary_tables(unsigned long *table_ptrs, struct acpi_info *info) { @@ -293,6 +342,9 @@ static int construct_secondary_tables(un } } + /* Load any additional tables passed through. */ + nr_tables += construct_passthrough_tables(table_ptrs, nr_tables); + table_ptrs[nr_tables] = 0; return nr_tables; } @@ -327,7 +379,7 @@ void acpi_build_tables(struct acpi_confi struct acpi_10_fadt *fadt_10; struct acpi_20_facs *facs; unsigned char *dsdt; - unsigned long secondary_tables[16]; + unsigned long secondary_tables[ACPI_MAX_SECONDARY_TABLES]; int nr_secondaries, i; unsigned long vm_gid_addr; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 11 03:33:21 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 11 Jan 2013 03:33:21 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMs-0004gO-Sf; Fri, 11 Jan 2013 03:33:18 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMr-0004fj-9c for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:17 +0000 Received: from [85.158.139.83:58898] by server-10.bemta-5.messagelabs.com id 44/E7-13383-CF78FE05; Fri, 11 Jan 2013 03:33:16 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-6.tower-182.messagelabs.com!1357875193!29226729!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests=UPPERCASE_25_50 X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 28075 invoked from network); 11 Jan 2013 03:33:14 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-6.tower-182.messagelabs.com with AES256-SHA encrypted SMTP; 11 Jan 2013 03:33:14 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMn-0008Nc-GO for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:13 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TtVMn-00022x-86 for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:13 +0000 Message-Id: Date: Fri, 11 Jan 2013 03:33:12 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] flask: move policy headers into hypervisor X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357839047 0 # Node ID 68e8cfca220f1d4dfcc1c74c8c117a0567490c14 # Parent 42b273995da0d11043a1a9b7002592c910db0cf8 flask: move policy headers into hypervisor Rather than keeping around headers that are autogenerated in order to avoid adding build dependencies from xen/ to files in tools/, move the relevant parts of the FLASK policy into the hypervisor tree and generate the headers as part of the hypervisor's build. Signed-off-by: Daniel De Graaf Committed-by: Keir Fraser --- diff -r 42b273995da0 -r 68e8cfca220f .gitignore --- a/.gitignore Thu Jan 10 17:27:58 2013 +0000 +++ b/.gitignore Thu Jan 10 17:30:47 2013 +0000 @@ -314,6 +314,11 @@ xen/include/xen/banner.h xen/include/xen/compile.h xen/tools/figlet/figlet xen/tools/symbols +xen/xsm/flask/include/av_perm_to_string.h +xen/xsm/flask/include/av_permissions.h +xen/xsm/flask/include/class_to_string.h +xen/xsm/flask/include/flask.h +xen/xsm/flask/include/initial_sid_to_string.h xen/xen xen/xen-syms xen/xen.* diff -r 42b273995da0 -r 68e8cfca220f .hgignore --- a/.hgignore Thu Jan 10 17:27:58 2013 +0000 +++ b/.hgignore Thu Jan 10 17:30:47 2013 +0000 @@ -339,6 +339,11 @@ ^xen/include/xen/compile\.h$ ^xen/tools/figlet/figlet$ ^xen/tools/symbols$ +^xen/xsm/flask/include/av_perm_to_string\.h$ +^xen/xsm/flask/include/av_permissions\.h$ +^xen/xsm/flask/include/class_to_string\.h$ +^xen/xsm/flask/include/flask\.h$ +^xen/xsm/flask/include/initial_sid_to_string\.h$ ^xen/xen$ ^xen/xen-syms$ ^xen/xen\..*$ diff -r 42b273995da0 -r 68e8cfca220f tools/flask/policy/Makefile --- a/tools/flask/policy/Makefile Thu Jan 10 17:27:58 2013 +0000 +++ b/tools/flask/policy/Makefile Thu Jan 10 17:30:47 2013 +0000 @@ -61,7 +61,7 @@ LOADPOLICY := $(SBINDIR)/flask-loadpolic # policy source layout POLDIR := policy MODDIR := $(POLDIR)/modules -FLASKDIR := $(POLDIR)/flask +FLASKDIR := ../../../xen/xsm/flask/policy SECCLASS := $(FLASKDIR)/security_classes ISIDS := $(FLASKDIR)/initial_sids AVS := $(FLASKDIR)/access_vectors diff -r 42b273995da0 -r 68e8cfca220f tools/flask/policy/policy/flask/Makefile --- a/tools/flask/policy/policy/flask/Makefile Thu Jan 10 17:27:58 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,41 +0,0 @@ -# flask needs to know where to export the libselinux headers. -LIBSEL ?= ../../libselinux - -# flask needs to know where to export the kernel headers. -LINUXDIR ?= ../../../linux-2.6 - -AWK = awk - -CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ - else if [ -x /bin/bash ]; then echo /bin/bash; \ - else echo sh; fi ; fi) - -FLASK_H_DEPEND = security_classes initial_sids -AV_H_DEPEND = access_vectors - -FLASK_H_FILES = class_to_string.h flask.h initial_sid_to_string.h -AV_H_FILES = av_perm_to_string.h av_permissions.h -ALL_H_FILES = $(FLASK_H_FILES) $(AV_H_FILES) - -all: $(ALL_H_FILES) - -$(FLASK_H_FILES): $(FLASK_H_DEPEND) - $(CONFIG_SHELL) mkflask.sh $(AWK) $(FLASK_H_DEPEND) - -$(AV_H_FILES): $(AV_H_DEPEND) - $(CONFIG_SHELL) mkaccess_vector.sh $(AWK) $(AV_H_DEPEND) - -tolib: all - install -m 644 flask.h av_permissions.h $(LIBSEL)/include/selinux - install -m 644 class_to_string.h av_inherit.h common_perm_to_string.h av_perm_to_string.h $(LIBSEL)/src - -tokern: all - install -m 644 $(ALL_H_FILES) $(LINUXDIR)/security/selinux/include - -install: all - -relabel: - -clean: - rm -f $(FLASK_H_FILES) - rm -f $(AV_H_FILES) diff -r 42b273995da0 -r 68e8cfca220f tools/flask/policy/policy/flask/mkaccess_vector.sh --- a/tools/flask/policy/policy/flask/mkaccess_vector.sh Thu Jan 10 17:27:58 2013 +0000 +++ b/tools/flask/policy/policy/flask/mkaccess_vector.sh Thu Jan 10 17:30:47 2013 +0000 @@ -9,8 +9,8 @@ awk=$1 shift # output files -av_permissions="av_permissions.h" -av_perm_to_string="av_perm_to_string.h" +av_permissions="include/av_permissions.h" +av_perm_to_string="include/av_perm_to_string.h" cat $* | $awk " BEGIN { diff -r 42b273995da0 -r 68e8cfca220f tools/flask/policy/policy/flask/mkflask.sh --- a/tools/flask/policy/policy/flask/mkflask.sh Thu Jan 10 17:27:58 2013 +0000 +++ b/tools/flask/policy/policy/flask/mkflask.sh Thu Jan 10 17:30:47 2013 +0000 @@ -9,9 +9,9 @@ awk=$1 shift 1 # output file -output_file="flask.h" -debug_file="class_to_string.h" -debug_file2="initial_sid_to_string.h" +output_file="include/flask.h" +debug_file="include/class_to_string.h" +debug_file2="include/initial_sid_to_string.h" cat $* | $awk " BEGIN { diff -r 42b273995da0 -r 68e8cfca220f xen/xsm/flask/Makefile --- a/xen/xsm/flask/Makefile Thu Jan 10 17:27:58 2013 +0000 +++ b/xen/xsm/flask/Makefile Thu Jan 10 17:30:47 2013 +0000 @@ -5,3 +5,28 @@ obj-y += flask_op.o subdir-y += ss CFLAGS += -I./include + +AWK = awk + +CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ + else if [ -x /bin/bash ]; then echo /bin/bash; \ + else echo sh; fi ; fi) + +FLASK_H_DEPEND = policy/security_classes policy/initial_sids +AV_H_DEPEND = policy/access_vectors + +FLASK_H_FILES = include/flask.h include/class_to_string.h include/initial_sid_to_string.h +AV_H_FILES = include/av_perm_to_string.h include/av_permissions.h +ALL_H_FILES = $(FLASK_H_FILES) $(AV_H_FILES) + +$(obj-y) ss/built_in.o: $(ALL_H_FILES) + +$(FLASK_H_FILES): $(FLASK_H_DEPEND) + $(CONFIG_SHELL) policy/mkflask.sh $(AWK) $(FLASK_H_DEPEND) + +$(AV_H_FILES): $(AV_H_DEPEND) + $(CONFIG_SHELL) policy/mkaccess_vector.sh $(AWK) $(AV_H_DEPEND) + +.PHONY: clean +clean:: + rm -f $(ALL_H_FILES) *.o $(DEPS) diff -r 42b273995da0 -r 68e8cfca220f xen/xsm/flask/include/av_perm_to_string.h --- a/xen/xsm/flask/include/av_perm_to_string.h Thu Jan 10 17:27:58 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,135 +0,0 @@ -/* This file is automatically generated. Do not edit. */ - S_(SECCLASS_XEN, XEN__SCHEDULER, "scheduler") - S_(SECCLASS_XEN, XEN__SETTIME, "settime") - S_(SECCLASS_XEN, XEN__TBUFCONTROL, "tbufcontrol") - S_(SECCLASS_XEN, XEN__READCONSOLE, "readconsole") - S_(SECCLASS_XEN, XEN__CLEARCONSOLE, "clearconsole") - S_(SECCLASS_XEN, XEN__PERFCONTROL, "perfcontrol") - S_(SECCLASS_XEN, XEN__MTRR_ADD, "mtrr_add") - S_(SECCLASS_XEN, XEN__MTRR_DEL, "mtrr_del") - S_(SECCLASS_XEN, XEN__MTRR_READ, "mtrr_read") - S_(SECCLASS_XEN, XEN__MICROCODE, "microcode") - S_(SECCLASS_XEN, XEN__PHYSINFO, "physinfo") - S_(SECCLASS_XEN, XEN__QUIRK, "quirk") - S_(SECCLASS_XEN, XEN__WRITECONSOLE, "writeconsole") - S_(SECCLASS_XEN, XEN__READAPIC, "readapic") - S_(SECCLASS_XEN, XEN__WRITEAPIC, "writeapic") - S_(SECCLASS_XEN, XEN__PRIVPROFILE, "privprofile") - S_(SECCLASS_XEN, XEN__NONPRIVPROFILE, "nonprivprofile") - S_(SECCLASS_XEN, XEN__KEXEC, "kexec") - S_(SECCLASS_XEN, XEN__FIRMWARE, "firmware") - S_(SECCLASS_XEN, XEN__SLEEP, "sleep") - S_(SECCLASS_XEN, XEN__FREQUENCY, "frequency") - S_(SECCLASS_XEN, XEN__GETIDLE, "getidle") - S_(SECCLASS_XEN, XEN__DEBUG, "debug") - S_(SECCLASS_XEN, XEN__GETCPUINFO, "getcpuinfo") - S_(SECCLASS_XEN, XEN__HEAP, "heap") - S_(SECCLASS_XEN, XEN__PM_OP, "pm_op") - S_(SECCLASS_XEN, XEN__MCA_OP, "mca_op") - S_(SECCLASS_XEN, XEN__LOCKPROF, "lockprof") - S_(SECCLASS_XEN, XEN__CPUPOOL_OP, "cpupool_op") - S_(SECCLASS_XEN, XEN__SCHED_OP, "sched_op") - S_(SECCLASS_DOMAIN, DOMAIN__SETVCPUCONTEXT, "setvcpucontext") - S_(SECCLASS_DOMAIN, DOMAIN__PAUSE, "pause") - S_(SECCLASS_DOMAIN, DOMAIN__UNPAUSE, "unpause") - S_(SECCLASS_DOMAIN, DOMAIN__RESUME, "resume") - S_(SECCLASS_DOMAIN, DOMAIN__CREATE, "create") - S_(SECCLASS_DOMAIN, DOMAIN__TRANSITION, "transition") - S_(SECCLASS_DOMAIN, DOMAIN__MAX_VCPUS, "max_vcpus") - S_(SECCLASS_DOMAIN, DOMAIN__DESTROY, "destroy") - S_(SECCLASS_DOMAIN, DOMAIN__SETVCPUAFFINITY, "setvcpuaffinity") - S_(SECCLASS_DOMAIN, DOMAIN__GETVCPUAFFINITY, "getvcpuaffinity") - S_(SECCLASS_DOMAIN, DOMAIN__SCHEDULER, "scheduler") - S_(SECCLASS_DOMAIN, DOMAIN__GETDOMAININFO, "getdomaininfo") - S_(SECCLASS_DOMAIN, DOMAIN__GETVCPUINFO, "getvcpuinfo") - S_(SECCLASS_DOMAIN, DOMAIN__GETVCPUCONTEXT, "getvcpucontext") - S_(SECCLASS_DOMAIN, DOMAIN__SETDOMAINMAXMEM, "setdomainmaxmem") - S_(SECCLASS_DOMAIN, DOMAIN__SETDOMAINHANDLE, "setdomainhandle") - S_(SECCLASS_DOMAIN, DOMAIN__SETDEBUGGING, "setdebugging") - S_(SECCLASS_DOMAIN, DOMAIN__HYPERCALL, "hypercall") - S_(SECCLASS_DOMAIN, DOMAIN__SETTIME, "settime") - S_(SECCLASS_DOMAIN, DOMAIN__SET_TARGET, "set_target") - S_(SECCLASS_DOMAIN, DOMAIN__SHUTDOWN, "shutdown") - S_(SECCLASS_DOMAIN, DOMAIN__SETADDRSIZE, "setaddrsize") - S_(SECCLASS_DOMAIN, DOMAIN__GETADDRSIZE, "getaddrsize") - S_(SECCLASS_DOMAIN, DOMAIN__TRIGGER, "trigger") - S_(SECCLASS_DOMAIN, DOMAIN__GETEXTVCPUCONTEXT, "getextvcpucontext") - S_(SECCLASS_DOMAIN, DOMAIN__SETEXTVCPUCONTEXT, "setextvcpucontext") - S_(SECCLASS_DOMAIN, DOMAIN__GETVCPUEXTSTATE, "getvcpuextstate") - S_(SECCLASS_DOMAIN, DOMAIN__SETVCPUEXTSTATE, "setvcpuextstate") - S_(SECCLASS_DOMAIN, DOMAIN__GETPODTARGET, "getpodtarget") - S_(SECCLASS_DOMAIN, DOMAIN__SETPODTARGET, "setpodtarget") - S_(SECCLASS_DOMAIN, DOMAIN__SET_MISC_INFO, "set_misc_info") - S_(SECCLASS_DOMAIN, DOMAIN__SET_VIRQ_HANDLER, "set_virq_handler") - S_(SECCLASS_DOMAIN2, DOMAIN2__RELABELFROM, "relabelfrom") - S_(SECCLASS_DOMAIN2, DOMAIN2__RELABELTO, "relabelto") - S_(SECCLASS_DOMAIN2, DOMAIN2__RELABELSELF, "relabelself") - S_(SECCLASS_HVM, HVM__SETHVMC, "sethvmc") - S_(SECCLASS_HVM, HVM__GETHVMC, "gethvmc") - S_(SECCLASS_HVM, HVM__SETPARAM, "setparam") - S_(SECCLASS_HVM, HVM__GETPARAM, "getparam") - S_(SECCLASS_HVM, HVM__PCILEVEL, "pcilevel") - S_(SECCLASS_HVM, HVM__IRQLEVEL, "irqlevel") - S_(SECCLASS_HVM, HVM__PCIROUTE, "pciroute") - S_(SECCLASS_HVM, HVM__BIND_IRQ, "bind_irq") - S_(SECCLASS_HVM, HVM__CACHEATTR, "cacheattr") - S_(SECCLASS_HVM, HVM__TRACKDIRTYVRAM, "trackdirtyvram") - S_(SECCLASS_HVM, HVM__HVMCTL, "hvmctl") - S_(SECCLASS_HVM, HVM__MEM_EVENT, "mem_event") - S_(SECCLASS_HVM, HVM__MEM_SHARING, "mem_sharing") - S_(SECCLASS_EVENT, EVENT__BIND, "bind") - S_(SECCLASS_EVENT, EVENT__SEND, "send") - S_(SECCLASS_EVENT, EVENT__STATUS, "status") - S_(SECCLASS_EVENT, EVENT__NOTIFY, "notify") - S_(SECCLASS_EVENT, EVENT__CREATE, "create") - S_(SECCLASS_EVENT, EVENT__RESET, "reset") - S_(SECCLASS_GRANT, GRANT__MAP_READ, "map_read") - S_(SECCLASS_GRANT, GRANT__MAP_WRITE, "map_write") - S_(SECCLASS_GRANT, GRANT__UNMAP, "unmap") - S_(SECCLASS_GRANT, GRANT__TRANSFER, "transfer") - S_(SECCLASS_GRANT, GRANT__SETUP, "setup") - S_(SECCLASS_GRANT, GRANT__COPY, "copy") - S_(SECCLASS_GRANT, GRANT__QUERY, "query") - S_(SECCLASS_MMU, MMU__MAP_READ, "map_read") - S_(SECCLASS_MMU, MMU__MAP_WRITE, "map_write") - S_(SECCLASS_MMU, MMU__PAGEINFO, "pageinfo") - S_(SECCLASS_MMU, MMU__PAGELIST, "pagelist") - S_(SECCLASS_MMU, MMU__ADJUST, "adjust") - S_(SECCLASS_MMU, MMU__STAT, "stat") - S_(SECCLASS_MMU, MMU__TRANSLATEGP, "translategp") - S_(SECCLASS_MMU, MMU__UPDATEMP, "updatemp") - S_(SECCLASS_MMU, MMU__PHYSMAP, "physmap") - S_(SECCLASS_MMU, MMU__PINPAGE, "pinpage") - S_(SECCLASS_MMU, MMU__MFNLIST, "mfnlist") - S_(SECCLASS_MMU, MMU__MEMORYMAP, "memorymap") - S_(SECCLASS_MMU, MMU__REMOTE_REMAP, "remote_remap") - S_(SECCLASS_SHADOW, SHADOW__DISABLE, "disable") - S_(SECCLASS_SHADOW, SHADOW__ENABLE, "enable") - S_(SECCLASS_SHADOW, SHADOW__LOGDIRTY, "logdirty") - S_(SECCLASS_RESOURCE, RESOURCE__ADD, "add") - S_(SECCLASS_RESOURCE, RESOURCE__REMOVE, "remove") - S_(SECCLASS_RESOURCE, RESOURCE__USE, "use") - S_(SECCLASS_RESOURCE, RESOURCE__ADD_IRQ, "add_irq") - S_(SECCLASS_RESOURCE, RESOURCE__REMOVE_IRQ, "remove_irq") - S_(SECCLASS_RESOURCE, RESOURCE__ADD_IOPORT, "add_ioport") - S_(SECCLASS_RESOURCE, RESOURCE__REMOVE_IOPORT, "remove_ioport") - S_(SECCLASS_RESOURCE, RESOURCE__ADD_IOMEM, "add_iomem") - S_(SECCLASS_RESOURCE, RESOURCE__REMOVE_IOMEM, "remove_iomem") - S_(SECCLASS_RESOURCE, RESOURCE__STAT_DEVICE, "stat_device") - S_(SECCLASS_RESOURCE, RESOURCE__ADD_DEVICE, "add_device") - S_(SECCLASS_RESOURCE, RESOURCE__REMOVE_DEVICE, "remove_device") - S_(SECCLASS_RESOURCE, RESOURCE__PLUG, "plug") - S_(SECCLASS_RESOURCE, RESOURCE__UNPLUG, "unplug") - S_(SECCLASS_RESOURCE, RESOURCE__SETUP, "setup") - S_(SECCLASS_SECURITY, SECURITY__COMPUTE_AV, "compute_av") - S_(SECCLASS_SECURITY, SECURITY__COMPUTE_CREATE, "compute_create") - S_(SECCLASS_SECURITY, SECURITY__COMPUTE_MEMBER, "compute_member") - S_(SECCLASS_SECURITY, SECURITY__CHECK_CONTEXT, "check_context") - S_(SECCLASS_SECURITY, SECURITY__LOAD_POLICY, "load_policy") - S_(SECCLASS_SECURITY, SECURITY__COMPUTE_RELABEL, "compute_relabel") - S_(SECCLASS_SECURITY, SECURITY__COMPUTE_USER, "compute_user") - S_(SECCLASS_SECURITY, SECURITY__SETENFORCE, "setenforce") - S_(SECCLASS_SECURITY, SECURITY__SETBOOL, "setbool") - S_(SECCLASS_SECURITY, SECURITY__SETSECPARAM, "setsecparam") - S_(SECCLASS_SECURITY, SECURITY__ADD_OCONTEXT, "add_ocontext") - S_(SECCLASS_SECURITY, SECURITY__DEL_OCONTEXT, "del_ocontext") diff -r 42b273995da0 -r 68e8cfca220f xen/xsm/flask/include/av_permissions.h --- a/xen/xsm/flask/include/av_permissions.h Thu Jan 10 17:27:58 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,145 +0,0 @@ -/* This file is automatically generated. Do not edit. */ -#define XEN__SCHEDULER 0x00000001UL -#define XEN__SETTIME 0x00000002UL -#define XEN__TBUFCONTROL 0x00000004UL -#define XEN__READCONSOLE 0x00000008UL -#define XEN__CLEARCONSOLE 0x00000010UL -#define XEN__PERFCONTROL 0x00000020UL -#define XEN__MTRR_ADD 0x00000040UL -#define XEN__MTRR_DEL 0x00000080UL -#define XEN__MTRR_READ 0x00000100UL -#define XEN__MICROCODE 0x00000200UL -#define XEN__PHYSINFO 0x00000400UL -#define XEN__QUIRK 0x00000800UL -#define XEN__WRITECONSOLE 0x00001000UL -#define XEN__READAPIC 0x00002000UL -#define XEN__WRITEAPIC 0x00004000UL -#define XEN__PRIVPROFILE 0x00008000UL -#define XEN__NONPRIVPROFILE 0x00010000UL -#define XEN__KEXEC 0x00020000UL -#define XEN__FIRMWARE 0x00040000UL -#define XEN__SLEEP 0x00080000UL -#define XEN__FREQUENCY 0x00100000UL -#define XEN__GETIDLE 0x00200000UL -#define XEN__DEBUG 0x00400000UL -#define XEN__GETCPUINFO 0x00800000UL -#define XEN__HEAP 0x01000000UL -#define XEN__PM_OP 0x02000000UL -#define XEN__MCA_OP 0x04000000UL -#define XEN__LOCKPROF 0x08000000UL -#define XEN__CPUPOOL_OP 0x10000000UL -#define XEN__SCHED_OP 0x20000000UL - -#define DOMAIN__SETVCPUCONTEXT 0x00000001UL -#define DOMAIN__PAUSE 0x00000002UL -#define DOMAIN__UNPAUSE 0x00000004UL -#define DOMAIN__RESUME 0x00000008UL -#define DOMAIN__CREATE 0x00000010UL -#define DOMAIN__TRANSITION 0x00000020UL -#define DOMAIN__MAX_VCPUS 0x00000040UL -#define DOMAIN__DESTROY 0x00000080UL -#define DOMAIN__SETVCPUAFFINITY 0x00000100UL -#define DOMAIN__GETVCPUAFFINITY 0x00000200UL -#define DOMAIN__SCHEDULER 0x00000400UL -#define DOMAIN__GETDOMAININFO 0x00000800UL -#define DOMAIN__GETVCPUINFO 0x00001000UL -#define DOMAIN__GETVCPUCONTEXT 0x00002000UL -#define DOMAIN__SETDOMAINMAXMEM 0x00004000UL -#define DOMAIN__SETDOMAINHANDLE 0x00008000UL -#define DOMAIN__SETDEBUGGING 0x00010000UL -#define DOMAIN__HYPERCALL 0x00020000UL -#define DOMAIN__SETTIME 0x00040000UL -#define DOMAIN__SET_TARGET 0x00080000UL -#define DOMAIN__SHUTDOWN 0x00100000UL -#define DOMAIN__SETADDRSIZE 0x00200000UL -#define DOMAIN__GETADDRSIZE 0x00400000UL -#define DOMAIN__TRIGGER 0x00800000UL -#define DOMAIN__GETEXTVCPUCONTEXT 0x01000000UL -#define DOMAIN__SETEXTVCPUCONTEXT 0x02000000UL -#define DOMAIN__GETVCPUEXTSTATE 0x04000000UL -#define DOMAIN__SETVCPUEXTSTATE 0x08000000UL -#define DOMAIN__GETPODTARGET 0x10000000UL -#define DOMAIN__SETPODTARGET 0x20000000UL -#define DOMAIN__SET_MISC_INFO 0x40000000UL -#define DOMAIN__SET_VIRQ_HANDLER 0x80000000UL - -#define DOMAIN2__RELABELFROM 0x00000001UL -#define DOMAIN2__RELABELTO 0x00000002UL -#define DOMAIN2__RELABELSELF 0x00000004UL - -#define HVM__SETHVMC 0x00000001UL -#define HVM__GETHVMC 0x00000002UL -#define HVM__SETPARAM 0x00000004UL -#define HVM__GETPARAM 0x00000008UL -#define HVM__PCILEVEL 0x00000010UL -#define HVM__IRQLEVEL 0x00000020UL -#define HVM__PCIROUTE 0x00000040UL -#define HVM__BIND_IRQ 0x00000080UL -#define HVM__CACHEATTR 0x00000100UL -#define HVM__TRACKDIRTYVRAM 0x00000200UL -#define HVM__HVMCTL 0x00000400UL -#define HVM__MEM_EVENT 0x00000800UL -#define HVM__MEM_SHARING 0x00001000UL - -#define EVENT__BIND 0x00000001UL -#define EVENT__SEND 0x00000002UL -#define EVENT__STATUS 0x00000004UL -#define EVENT__NOTIFY 0x00000008UL -#define EVENT__CREATE 0x00000010UL -#define EVENT__RESET 0x00000020UL - -#define GRANT__MAP_READ 0x00000001UL -#define GRANT__MAP_WRITE 0x00000002UL -#define GRANT__UNMAP 0x00000004UL -#define GRANT__TRANSFER 0x00000008UL -#define GRANT__SETUP 0x00000010UL -#define GRANT__COPY 0x00000020UL -#define GRANT__QUERY 0x00000040UL - -#define MMU__MAP_READ 0x00000001UL -#define MMU__MAP_WRITE 0x00000002UL -#define MMU__PAGEINFO 0x00000004UL -#define MMU__PAGELIST 0x00000008UL -#define MMU__ADJUST 0x00000010UL -#define MMU__STAT 0x00000020UL -#define MMU__TRANSLATEGP 0x00000040UL -#define MMU__UPDATEMP 0x00000080UL -#define MMU__PHYSMAP 0x00000100UL -#define MMU__PINPAGE 0x00000200UL -#define MMU__MFNLIST 0x00000400UL -#define MMU__MEMORYMAP 0x00000800UL -#define MMU__REMOTE_REMAP 0x00001000UL - -#define SHADOW__DISABLE 0x00000001UL -#define SHADOW__ENABLE 0x00000002UL -#define SHADOW__LOGDIRTY 0x00000004UL - -#define RESOURCE__ADD 0x00000001UL -#define RESOURCE__REMOVE 0x00000002UL -#define RESOURCE__USE 0x00000004UL -#define RESOURCE__ADD_IRQ 0x00000008UL -#define RESOURCE__REMOVE_IRQ 0x00000010UL -#define RESOURCE__ADD_IOPORT 0x00000020UL -#define RESOURCE__REMOVE_IOPORT 0x00000040UL -#define RESOURCE__ADD_IOMEM 0x00000080UL -#define RESOURCE__REMOVE_IOMEM 0x00000100UL -#define RESOURCE__STAT_DEVICE 0x00000200UL -#define RESOURCE__ADD_DEVICE 0x00000400UL -#define RESOURCE__REMOVE_DEVICE 0x00000800UL -#define RESOURCE__PLUG 0x00001000UL -#define RESOURCE__UNPLUG 0x00002000UL -#define RESOURCE__SETUP 0x00004000UL - -#define SECURITY__COMPUTE_AV 0x00000001UL -#define SECURITY__COMPUTE_CREATE 0x00000002UL -#define SECURITY__COMPUTE_MEMBER 0x00000004UL -#define SECURITY__CHECK_CONTEXT 0x00000008UL -#define SECURITY__LOAD_POLICY 0x00000010UL -#define SECURITY__COMPUTE_RELABEL 0x00000020UL -#define SECURITY__COMPUTE_USER 0x00000040UL -#define SECURITY__SETENFORCE 0x00000080UL -#define SECURITY__SETBOOL 0x00000100UL -#define SECURITY__SETSECPARAM 0x00000200UL -#define SECURITY__ADD_OCONTEXT 0x00000400UL -#define SECURITY__DEL_OCONTEXT 0x00000800UL - diff -r 42b273995da0 -r 68e8cfca220f xen/xsm/flask/include/class_to_string.h --- a/xen/xsm/flask/include/class_to_string.h Thu Jan 10 17:27:58 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,15 +0,0 @@ -/* This file is automatically generated. Do not edit. */ -/* - * Security object class definitions - */ - S_("null") - S_("xen") - S_("domain") - S_("domain2") - S_("hvm") - S_("mmu") - S_("resource") - S_("shadow") - S_("event") - S_("grant") - S_("security") diff -r 42b273995da0 -r 68e8cfca220f xen/xsm/flask/include/flask.h --- a/xen/xsm/flask/include/flask.h Thu Jan 10 17:27:58 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,35 +0,0 @@ -/* This file is automatically generated. Do not edit. */ -#ifndef _SELINUX_FLASK_H_ -#define _SELINUX_FLASK_H_ - -/* - * Security object class definitions - */ -#define SECCLASS_XEN 1 -#define SECCLASS_DOMAIN 2 -#define SECCLASS_DOMAIN2 3 -#define SECCLASS_HVM 4 -#define SECCLASS_MMU 5 -#define SECCLASS_RESOURCE 6 -#define SECCLASS_SHADOW 7 -#define SECCLASS_EVENT 8 -#define SECCLASS_GRANT 9 -#define SECCLASS_SECURITY 10 - -/* - * Security identifier indices for initial entities - */ -#define SECINITSID_XEN 1 -#define SECINITSID_DOM0 2 -#define SECINITSID_DOMIO 3 -#define SECINITSID_DOMXEN 4 -#define SECINITSID_UNLABELED 5 -#define SECINITSID_SECURITY 6 -#define SECINITSID_IOPORT 7 -#define SECINITSID_IOMEM 8 -#define SECINITSID_IRQ 9 -#define SECINITSID_DEVICE 10 - -#define SECINITSID_NUM 10 - -#endif diff -r 42b273995da0 -r 68e8cfca220f xen/xsm/flask/include/initial_sid_to_string.h --- a/xen/xsm/flask/include/initial_sid_to_string.h Thu Jan 10 17:27:58 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,16 +0,0 @@ -/* This file is automatically generated. Do not edit. */ -static char *initial_sid_to_string[] = -{ - "null", - "xen", - "dom0", - "domio", - "domxen", - "unlabeled", - "security", - "ioport", - "iomem", - "irq", - "device", -}; - _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 11 03:33:21 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 11 Jan 2013 03:33:21 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMs-0004gO-Sf; Fri, 11 Jan 2013 03:33:18 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMr-0004fj-9c for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:17 +0000 Received: from [85.158.139.83:58898] by server-10.bemta-5.messagelabs.com id 44/E7-13383-CF78FE05; Fri, 11 Jan 2013 03:33:16 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-6.tower-182.messagelabs.com!1357875193!29226729!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests=UPPERCASE_25_50 X-StarScan-Received: X-StarScan-Version: 6.6.1.8; banners=-,-,- X-VirusChecked: Checked Received: (qmail 28075 invoked from network); 11 Jan 2013 03:33:14 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-6.tower-182.messagelabs.com with AES256-SHA encrypted SMTP; 11 Jan 2013 03:33:14 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMn-0008Nc-GO for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:13 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TtVMn-00022x-86 for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:13 +0000 Message-Id: Date: Fri, 11 Jan 2013 03:33:12 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] flask: move policy headers into hypervisor X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357839047 0 # Node ID 68e8cfca220f1d4dfcc1c74c8c117a0567490c14 # Parent 42b273995da0d11043a1a9b7002592c910db0cf8 flask: move policy headers into hypervisor Rather than keeping around headers that are autogenerated in order to avoid adding build dependencies from xen/ to files in tools/, move the relevant parts of the FLASK policy into the hypervisor tree and generate the headers as part of the hypervisor's build. Signed-off-by: Daniel De Graaf Committed-by: Keir Fraser --- diff -r 42b273995da0 -r 68e8cfca220f .gitignore --- a/.gitignore Thu Jan 10 17:27:58 2013 +0000 +++ b/.gitignore Thu Jan 10 17:30:47 2013 +0000 @@ -314,6 +314,11 @@ xen/include/xen/banner.h xen/include/xen/compile.h xen/tools/figlet/figlet xen/tools/symbols +xen/xsm/flask/include/av_perm_to_string.h +xen/xsm/flask/include/av_permissions.h +xen/xsm/flask/include/class_to_string.h +xen/xsm/flask/include/flask.h +xen/xsm/flask/include/initial_sid_to_string.h xen/xen xen/xen-syms xen/xen.* diff -r 42b273995da0 -r 68e8cfca220f .hgignore --- a/.hgignore Thu Jan 10 17:27:58 2013 +0000 +++ b/.hgignore Thu Jan 10 17:30:47 2013 +0000 @@ -339,6 +339,11 @@ ^xen/include/xen/compile\.h$ ^xen/tools/figlet/figlet$ ^xen/tools/symbols$ +^xen/xsm/flask/include/av_perm_to_string\.h$ +^xen/xsm/flask/include/av_permissions\.h$ +^xen/xsm/flask/include/class_to_string\.h$ +^xen/xsm/flask/include/flask\.h$ +^xen/xsm/flask/include/initial_sid_to_string\.h$ ^xen/xen$ ^xen/xen-syms$ ^xen/xen\..*$ diff -r 42b273995da0 -r 68e8cfca220f tools/flask/policy/Makefile --- a/tools/flask/policy/Makefile Thu Jan 10 17:27:58 2013 +0000 +++ b/tools/flask/policy/Makefile Thu Jan 10 17:30:47 2013 +0000 @@ -61,7 +61,7 @@ LOADPOLICY := $(SBINDIR)/flask-loadpolic # policy source layout POLDIR := policy MODDIR := $(POLDIR)/modules -FLASKDIR := $(POLDIR)/flask +FLASKDIR := ../../../xen/xsm/flask/policy SECCLASS := $(FLASKDIR)/security_classes ISIDS := $(FLASKDIR)/initial_sids AVS := $(FLASKDIR)/access_vectors diff -r 42b273995da0 -r 68e8cfca220f tools/flask/policy/policy/flask/Makefile --- a/tools/flask/policy/policy/flask/Makefile Thu Jan 10 17:27:58 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,41 +0,0 @@ -# flask needs to know where to export the libselinux headers. -LIBSEL ?= ../../libselinux - -# flask needs to know where to export the kernel headers. -LINUXDIR ?= ../../../linux-2.6 - -AWK = awk - -CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ - else if [ -x /bin/bash ]; then echo /bin/bash; \ - else echo sh; fi ; fi) - -FLASK_H_DEPEND = security_classes initial_sids -AV_H_DEPEND = access_vectors - -FLASK_H_FILES = class_to_string.h flask.h initial_sid_to_string.h -AV_H_FILES = av_perm_to_string.h av_permissions.h -ALL_H_FILES = $(FLASK_H_FILES) $(AV_H_FILES) - -all: $(ALL_H_FILES) - -$(FLASK_H_FILES): $(FLASK_H_DEPEND) - $(CONFIG_SHELL) mkflask.sh $(AWK) $(FLASK_H_DEPEND) - -$(AV_H_FILES): $(AV_H_DEPEND) - $(CONFIG_SHELL) mkaccess_vector.sh $(AWK) $(AV_H_DEPEND) - -tolib: all - install -m 644 flask.h av_permissions.h $(LIBSEL)/include/selinux - install -m 644 class_to_string.h av_inherit.h common_perm_to_string.h av_perm_to_string.h $(LIBSEL)/src - -tokern: all - install -m 644 $(ALL_H_FILES) $(LINUXDIR)/security/selinux/include - -install: all - -relabel: - -clean: - rm -f $(FLASK_H_FILES) - rm -f $(AV_H_FILES) diff -r 42b273995da0 -r 68e8cfca220f tools/flask/policy/policy/flask/mkaccess_vector.sh --- a/tools/flask/policy/policy/flask/mkaccess_vector.sh Thu Jan 10 17:27:58 2013 +0000 +++ b/tools/flask/policy/policy/flask/mkaccess_vector.sh Thu Jan 10 17:30:47 2013 +0000 @@ -9,8 +9,8 @@ awk=$1 shift # output files -av_permissions="av_permissions.h" -av_perm_to_string="av_perm_to_string.h" +av_permissions="include/av_permissions.h" +av_perm_to_string="include/av_perm_to_string.h" cat $* | $awk " BEGIN { diff -r 42b273995da0 -r 68e8cfca220f tools/flask/policy/policy/flask/mkflask.sh --- a/tools/flask/policy/policy/flask/mkflask.sh Thu Jan 10 17:27:58 2013 +0000 +++ b/tools/flask/policy/policy/flask/mkflask.sh Thu Jan 10 17:30:47 2013 +0000 @@ -9,9 +9,9 @@ awk=$1 shift 1 # output file -output_file="flask.h" -debug_file="class_to_string.h" -debug_file2="initial_sid_to_string.h" +output_file="include/flask.h" +debug_file="include/class_to_string.h" +debug_file2="include/initial_sid_to_string.h" cat $* | $awk " BEGIN { diff -r 42b273995da0 -r 68e8cfca220f xen/xsm/flask/Makefile --- a/xen/xsm/flask/Makefile Thu Jan 10 17:27:58 2013 +0000 +++ b/xen/xsm/flask/Makefile Thu Jan 10 17:30:47 2013 +0000 @@ -5,3 +5,28 @@ obj-y += flask_op.o subdir-y += ss CFLAGS += -I./include + +AWK = awk + +CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ + else if [ -x /bin/bash ]; then echo /bin/bash; \ + else echo sh; fi ; fi) + +FLASK_H_DEPEND = policy/security_classes policy/initial_sids +AV_H_DEPEND = policy/access_vectors + +FLASK_H_FILES = include/flask.h include/class_to_string.h include/initial_sid_to_string.h +AV_H_FILES = include/av_perm_to_string.h include/av_permissions.h +ALL_H_FILES = $(FLASK_H_FILES) $(AV_H_FILES) + +$(obj-y) ss/built_in.o: $(ALL_H_FILES) + +$(FLASK_H_FILES): $(FLASK_H_DEPEND) + $(CONFIG_SHELL) policy/mkflask.sh $(AWK) $(FLASK_H_DEPEND) + +$(AV_H_FILES): $(AV_H_DEPEND) + $(CONFIG_SHELL) policy/mkaccess_vector.sh $(AWK) $(AV_H_DEPEND) + +.PHONY: clean +clean:: + rm -f $(ALL_H_FILES) *.o $(DEPS) diff -r 42b273995da0 -r 68e8cfca220f xen/xsm/flask/include/av_perm_to_string.h --- a/xen/xsm/flask/include/av_perm_to_string.h Thu Jan 10 17:27:58 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,135 +0,0 @@ -/* This file is automatically generated. Do not edit. */ - S_(SECCLASS_XEN, XEN__SCHEDULER, "scheduler") - S_(SECCLASS_XEN, XEN__SETTIME, "settime") - S_(SECCLASS_XEN, XEN__TBUFCONTROL, "tbufcontrol") - S_(SECCLASS_XEN, XEN__READCONSOLE, "readconsole") - S_(SECCLASS_XEN, XEN__CLEARCONSOLE, "clearconsole") - S_(SECCLASS_XEN, XEN__PERFCONTROL, "perfcontrol") - S_(SECCLASS_XEN, XEN__MTRR_ADD, "mtrr_add") - S_(SECCLASS_XEN, XEN__MTRR_DEL, "mtrr_del") - S_(SECCLASS_XEN, XEN__MTRR_READ, "mtrr_read") - S_(SECCLASS_XEN, XEN__MICROCODE, "microcode") - S_(SECCLASS_XEN, XEN__PHYSINFO, "physinfo") - S_(SECCLASS_XEN, XEN__QUIRK, "quirk") - S_(SECCLASS_XEN, XEN__WRITECONSOLE, "writeconsole") - S_(SECCLASS_XEN, XEN__READAPIC, "readapic") - S_(SECCLASS_XEN, XEN__WRITEAPIC, "writeapic") - S_(SECCLASS_XEN, XEN__PRIVPROFILE, "privprofile") - S_(SECCLASS_XEN, XEN__NONPRIVPROFILE, "nonprivprofile") - S_(SECCLASS_XEN, XEN__KEXEC, "kexec") - S_(SECCLASS_XEN, XEN__FIRMWARE, "firmware") - S_(SECCLASS_XEN, XEN__SLEEP, "sleep") - S_(SECCLASS_XEN, XEN__FREQUENCY, "frequency") - S_(SECCLASS_XEN, XEN__GETIDLE, "getidle") - S_(SECCLASS_XEN, XEN__DEBUG, "debug") - S_(SECCLASS_XEN, XEN__GETCPUINFO, "getcpuinfo") - S_(SECCLASS_XEN, XEN__HEAP, "heap") - S_(SECCLASS_XEN, XEN__PM_OP, "pm_op") - S_(SECCLASS_XEN, XEN__MCA_OP, "mca_op") - S_(SECCLASS_XEN, XEN__LOCKPROF, "lockprof") - S_(SECCLASS_XEN, XEN__CPUPOOL_OP, "cpupool_op") - S_(SECCLASS_XEN, XEN__SCHED_OP, "sched_op") - S_(SECCLASS_DOMAIN, DOMAIN__SETVCPUCONTEXT, "setvcpucontext") - S_(SECCLASS_DOMAIN, DOMAIN__PAUSE, "pause") - S_(SECCLASS_DOMAIN, DOMAIN__UNPAUSE, "unpause") - S_(SECCLASS_DOMAIN, DOMAIN__RESUME, "resume") - S_(SECCLASS_DOMAIN, DOMAIN__CREATE, "create") - S_(SECCLASS_DOMAIN, DOMAIN__TRANSITION, "transition") - S_(SECCLASS_DOMAIN, DOMAIN__MAX_VCPUS, "max_vcpus") - S_(SECCLASS_DOMAIN, DOMAIN__DESTROY, "destroy") - S_(SECCLASS_DOMAIN, DOMAIN__SETVCPUAFFINITY, "setvcpuaffinity") - S_(SECCLASS_DOMAIN, DOMAIN__GETVCPUAFFINITY, "getvcpuaffinity") - S_(SECCLASS_DOMAIN, DOMAIN__SCHEDULER, "scheduler") - S_(SECCLASS_DOMAIN, DOMAIN__GETDOMAININFO, "getdomaininfo") - S_(SECCLASS_DOMAIN, DOMAIN__GETVCPUINFO, "getvcpuinfo") - S_(SECCLASS_DOMAIN, DOMAIN__GETVCPUCONTEXT, "getvcpucontext") - S_(SECCLASS_DOMAIN, DOMAIN__SETDOMAINMAXMEM, "setdomainmaxmem") - S_(SECCLASS_DOMAIN, DOMAIN__SETDOMAINHANDLE, "setdomainhandle") - S_(SECCLASS_DOMAIN, DOMAIN__SETDEBUGGING, "setdebugging") - S_(SECCLASS_DOMAIN, DOMAIN__HYPERCALL, "hypercall") - S_(SECCLASS_DOMAIN, DOMAIN__SETTIME, "settime") - S_(SECCLASS_DOMAIN, DOMAIN__SET_TARGET, "set_target") - S_(SECCLASS_DOMAIN, DOMAIN__SHUTDOWN, "shutdown") - S_(SECCLASS_DOMAIN, DOMAIN__SETADDRSIZE, "setaddrsize") - S_(SECCLASS_DOMAIN, DOMAIN__GETADDRSIZE, "getaddrsize") - S_(SECCLASS_DOMAIN, DOMAIN__TRIGGER, "trigger") - S_(SECCLASS_DOMAIN, DOMAIN__GETEXTVCPUCONTEXT, "getextvcpucontext") - S_(SECCLASS_DOMAIN, DOMAIN__SETEXTVCPUCONTEXT, "setextvcpucontext") - S_(SECCLASS_DOMAIN, DOMAIN__GETVCPUEXTSTATE, "getvcpuextstate") - S_(SECCLASS_DOMAIN, DOMAIN__SETVCPUEXTSTATE, "setvcpuextstate") - S_(SECCLASS_DOMAIN, DOMAIN__GETPODTARGET, "getpodtarget") - S_(SECCLASS_DOMAIN, DOMAIN__SETPODTARGET, "setpodtarget") - S_(SECCLASS_DOMAIN, DOMAIN__SET_MISC_INFO, "set_misc_info") - S_(SECCLASS_DOMAIN, DOMAIN__SET_VIRQ_HANDLER, "set_virq_handler") - S_(SECCLASS_DOMAIN2, DOMAIN2__RELABELFROM, "relabelfrom") - S_(SECCLASS_DOMAIN2, DOMAIN2__RELABELTO, "relabelto") - S_(SECCLASS_DOMAIN2, DOMAIN2__RELABELSELF, "relabelself") - S_(SECCLASS_HVM, HVM__SETHVMC, "sethvmc") - S_(SECCLASS_HVM, HVM__GETHVMC, "gethvmc") - S_(SECCLASS_HVM, HVM__SETPARAM, "setparam") - S_(SECCLASS_HVM, HVM__GETPARAM, "getparam") - S_(SECCLASS_HVM, HVM__PCILEVEL, "pcilevel") - S_(SECCLASS_HVM, HVM__IRQLEVEL, "irqlevel") - S_(SECCLASS_HVM, HVM__PCIROUTE, "pciroute") - S_(SECCLASS_HVM, HVM__BIND_IRQ, "bind_irq") - S_(SECCLASS_HVM, HVM__CACHEATTR, "cacheattr") - S_(SECCLASS_HVM, HVM__TRACKDIRTYVRAM, "trackdirtyvram") - S_(SECCLASS_HVM, HVM__HVMCTL, "hvmctl") - S_(SECCLASS_HVM, HVM__MEM_EVENT, "mem_event") - S_(SECCLASS_HVM, HVM__MEM_SHARING, "mem_sharing") - S_(SECCLASS_EVENT, EVENT__BIND, "bind") - S_(SECCLASS_EVENT, EVENT__SEND, "send") - S_(SECCLASS_EVENT, EVENT__STATUS, "status") - S_(SECCLASS_EVENT, EVENT__NOTIFY, "notify") - S_(SECCLASS_EVENT, EVENT__CREATE, "create") - S_(SECCLASS_EVENT, EVENT__RESET, "reset") - S_(SECCLASS_GRANT, GRANT__MAP_READ, "map_read") - S_(SECCLASS_GRANT, GRANT__MAP_WRITE, "map_write") - S_(SECCLASS_GRANT, GRANT__UNMAP, "unmap") - S_(SECCLASS_GRANT, GRANT__TRANSFER, "transfer") - S_(SECCLASS_GRANT, GRANT__SETUP, "setup") - S_(SECCLASS_GRANT, GRANT__COPY, "copy") - S_(SECCLASS_GRANT, GRANT__QUERY, "query") - S_(SECCLASS_MMU, MMU__MAP_READ, "map_read") - S_(SECCLASS_MMU, MMU__MAP_WRITE, "map_write") - S_(SECCLASS_MMU, MMU__PAGEINFO, "pageinfo") - S_(SECCLASS_MMU, MMU__PAGELIST, "pagelist") - S_(SECCLASS_MMU, MMU__ADJUST, "adjust") - S_(SECCLASS_MMU, MMU__STAT, "stat") - S_(SECCLASS_MMU, MMU__TRANSLATEGP, "translategp") - S_(SECCLASS_MMU, MMU__UPDATEMP, "updatemp") - S_(SECCLASS_MMU, MMU__PHYSMAP, "physmap") - S_(SECCLASS_MMU, MMU__PINPAGE, "pinpage") - S_(SECCLASS_MMU, MMU__MFNLIST, "mfnlist") - S_(SECCLASS_MMU, MMU__MEMORYMAP, "memorymap") - S_(SECCLASS_MMU, MMU__REMOTE_REMAP, "remote_remap") - S_(SECCLASS_SHADOW, SHADOW__DISABLE, "disable") - S_(SECCLASS_SHADOW, SHADOW__ENABLE, "enable") - S_(SECCLASS_SHADOW, SHADOW__LOGDIRTY, "logdirty") - S_(SECCLASS_RESOURCE, RESOURCE__ADD, "add") - S_(SECCLASS_RESOURCE, RESOURCE__REMOVE, "remove") - S_(SECCLASS_RESOURCE, RESOURCE__USE, "use") - S_(SECCLASS_RESOURCE, RESOURCE__ADD_IRQ, "add_irq") - S_(SECCLASS_RESOURCE, RESOURCE__REMOVE_IRQ, "remove_irq") - S_(SECCLASS_RESOURCE, RESOURCE__ADD_IOPORT, "add_ioport") - S_(SECCLASS_RESOURCE, RESOURCE__REMOVE_IOPORT, "remove_ioport") - S_(SECCLASS_RESOURCE, RESOURCE__ADD_IOMEM, "add_iomem") - S_(SECCLASS_RESOURCE, RESOURCE__REMOVE_IOMEM, "remove_iomem") - S_(SECCLASS_RESOURCE, RESOURCE__STAT_DEVICE, "stat_device") - S_(SECCLASS_RESOURCE, RESOURCE__ADD_DEVICE, "add_device") - S_(SECCLASS_RESOURCE, RESOURCE__REMOVE_DEVICE, "remove_device") - S_(SECCLASS_RESOURCE, RESOURCE__PLUG, "plug") - S_(SECCLASS_RESOURCE, RESOURCE__UNPLUG, "unplug") - S_(SECCLASS_RESOURCE, RESOURCE__SETUP, "setup") - S_(SECCLASS_SECURITY, SECURITY__COMPUTE_AV, "compute_av") - S_(SECCLASS_SECURITY, SECURITY__COMPUTE_CREATE, "compute_create") - S_(SECCLASS_SECURITY, SECURITY__COMPUTE_MEMBER, "compute_member") - S_(SECCLASS_SECURITY, SECURITY__CHECK_CONTEXT, "check_context") - S_(SECCLASS_SECURITY, SECURITY__LOAD_POLICY, "load_policy") - S_(SECCLASS_SECURITY, SECURITY__COMPUTE_RELABEL, "compute_relabel") - S_(SECCLASS_SECURITY, SECURITY__COMPUTE_USER, "compute_user") - S_(SECCLASS_SECURITY, SECURITY__SETENFORCE, "setenforce") - S_(SECCLASS_SECURITY, SECURITY__SETBOOL, "setbool") - S_(SECCLASS_SECURITY, SECURITY__SETSECPARAM, "setsecparam") - S_(SECCLASS_SECURITY, SECURITY__ADD_OCONTEXT, "add_ocontext") - S_(SECCLASS_SECURITY, SECURITY__DEL_OCONTEXT, "del_ocontext") diff -r 42b273995da0 -r 68e8cfca220f xen/xsm/flask/include/av_permissions.h --- a/xen/xsm/flask/include/av_permissions.h Thu Jan 10 17:27:58 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,145 +0,0 @@ -/* This file is automatically generated. Do not edit. */ -#define XEN__SCHEDULER 0x00000001UL -#define XEN__SETTIME 0x00000002UL -#define XEN__TBUFCONTROL 0x00000004UL -#define XEN__READCONSOLE 0x00000008UL -#define XEN__CLEARCONSOLE 0x00000010UL -#define XEN__PERFCONTROL 0x00000020UL -#define XEN__MTRR_ADD 0x00000040UL -#define XEN__MTRR_DEL 0x00000080UL -#define XEN__MTRR_READ 0x00000100UL -#define XEN__MICROCODE 0x00000200UL -#define XEN__PHYSINFO 0x00000400UL -#define XEN__QUIRK 0x00000800UL -#define XEN__WRITECONSOLE 0x00001000UL -#define XEN__READAPIC 0x00002000UL -#define XEN__WRITEAPIC 0x00004000UL -#define XEN__PRIVPROFILE 0x00008000UL -#define XEN__NONPRIVPROFILE 0x00010000UL -#define XEN__KEXEC 0x00020000UL -#define XEN__FIRMWARE 0x00040000UL -#define XEN__SLEEP 0x00080000UL -#define XEN__FREQUENCY 0x00100000UL -#define XEN__GETIDLE 0x00200000UL -#define XEN__DEBUG 0x00400000UL -#define XEN__GETCPUINFO 0x00800000UL -#define XEN__HEAP 0x01000000UL -#define XEN__PM_OP 0x02000000UL -#define XEN__MCA_OP 0x04000000UL -#define XEN__LOCKPROF 0x08000000UL -#define XEN__CPUPOOL_OP 0x10000000UL -#define XEN__SCHED_OP 0x20000000UL - -#define DOMAIN__SETVCPUCONTEXT 0x00000001UL -#define DOMAIN__PAUSE 0x00000002UL -#define DOMAIN__UNPAUSE 0x00000004UL -#define DOMAIN__RESUME 0x00000008UL -#define DOMAIN__CREATE 0x00000010UL -#define DOMAIN__TRANSITION 0x00000020UL -#define DOMAIN__MAX_VCPUS 0x00000040UL -#define DOMAIN__DESTROY 0x00000080UL -#define DOMAIN__SETVCPUAFFINITY 0x00000100UL -#define DOMAIN__GETVCPUAFFINITY 0x00000200UL -#define DOMAIN__SCHEDULER 0x00000400UL -#define DOMAIN__GETDOMAININFO 0x00000800UL -#define DOMAIN__GETVCPUINFO 0x00001000UL -#define DOMAIN__GETVCPUCONTEXT 0x00002000UL -#define DOMAIN__SETDOMAINMAXMEM 0x00004000UL -#define DOMAIN__SETDOMAINHANDLE 0x00008000UL -#define DOMAIN__SETDEBUGGING 0x00010000UL -#define DOMAIN__HYPERCALL 0x00020000UL -#define DOMAIN__SETTIME 0x00040000UL -#define DOMAIN__SET_TARGET 0x00080000UL -#define DOMAIN__SHUTDOWN 0x00100000UL -#define DOMAIN__SETADDRSIZE 0x00200000UL -#define DOMAIN__GETADDRSIZE 0x00400000UL -#define DOMAIN__TRIGGER 0x00800000UL -#define DOMAIN__GETEXTVCPUCONTEXT 0x01000000UL -#define DOMAIN__SETEXTVCPUCONTEXT 0x02000000UL -#define DOMAIN__GETVCPUEXTSTATE 0x04000000UL -#define DOMAIN__SETVCPUEXTSTATE 0x08000000UL -#define DOMAIN__GETPODTARGET 0x10000000UL -#define DOMAIN__SETPODTARGET 0x20000000UL -#define DOMAIN__SET_MISC_INFO 0x40000000UL -#define DOMAIN__SET_VIRQ_HANDLER 0x80000000UL - -#define DOMAIN2__RELABELFROM 0x00000001UL -#define DOMAIN2__RELABELTO 0x00000002UL -#define DOMAIN2__RELABELSELF 0x00000004UL - -#define HVM__SETHVMC 0x00000001UL -#define HVM__GETHVMC 0x00000002UL -#define HVM__SETPARAM 0x00000004UL -#define HVM__GETPARAM 0x00000008UL -#define HVM__PCILEVEL 0x00000010UL -#define HVM__IRQLEVEL 0x00000020UL -#define HVM__PCIROUTE 0x00000040UL -#define HVM__BIND_IRQ 0x00000080UL -#define HVM__CACHEATTR 0x00000100UL -#define HVM__TRACKDIRTYVRAM 0x00000200UL -#define HVM__HVMCTL 0x00000400UL -#define HVM__MEM_EVENT 0x00000800UL -#define HVM__MEM_SHARING 0x00001000UL - -#define EVENT__BIND 0x00000001UL -#define EVENT__SEND 0x00000002UL -#define EVENT__STATUS 0x00000004UL -#define EVENT__NOTIFY 0x00000008UL -#define EVENT__CREATE 0x00000010UL -#define EVENT__RESET 0x00000020UL - -#define GRANT__MAP_READ 0x00000001UL -#define GRANT__MAP_WRITE 0x00000002UL -#define GRANT__UNMAP 0x00000004UL -#define GRANT__TRANSFER 0x00000008UL -#define GRANT__SETUP 0x00000010UL -#define GRANT__COPY 0x00000020UL -#define GRANT__QUERY 0x00000040UL - -#define MMU__MAP_READ 0x00000001UL -#define MMU__MAP_WRITE 0x00000002UL -#define MMU__PAGEINFO 0x00000004UL -#define MMU__PAGELIST 0x00000008UL -#define MMU__ADJUST 0x00000010UL -#define MMU__STAT 0x00000020UL -#define MMU__TRANSLATEGP 0x00000040UL -#define MMU__UPDATEMP 0x00000080UL -#define MMU__PHYSMAP 0x00000100UL -#define MMU__PINPAGE 0x00000200UL -#define MMU__MFNLIST 0x00000400UL -#define MMU__MEMORYMAP 0x00000800UL -#define MMU__REMOTE_REMAP 0x00001000UL - -#define SHADOW__DISABLE 0x00000001UL -#define SHADOW__ENABLE 0x00000002UL -#define SHADOW__LOGDIRTY 0x00000004UL - -#define RESOURCE__ADD 0x00000001UL -#define RESOURCE__REMOVE 0x00000002UL -#define RESOURCE__USE 0x00000004UL -#define RESOURCE__ADD_IRQ 0x00000008UL -#define RESOURCE__REMOVE_IRQ 0x00000010UL -#define RESOURCE__ADD_IOPORT 0x00000020UL -#define RESOURCE__REMOVE_IOPORT 0x00000040UL -#define RESOURCE__ADD_IOMEM 0x00000080UL -#define RESOURCE__REMOVE_IOMEM 0x00000100UL -#define RESOURCE__STAT_DEVICE 0x00000200UL -#define RESOURCE__ADD_DEVICE 0x00000400UL -#define RESOURCE__REMOVE_DEVICE 0x00000800UL -#define RESOURCE__PLUG 0x00001000UL -#define RESOURCE__UNPLUG 0x00002000UL -#define RESOURCE__SETUP 0x00004000UL - -#define SECURITY__COMPUTE_AV 0x00000001UL -#define SECURITY__COMPUTE_CREATE 0x00000002UL -#define SECURITY__COMPUTE_MEMBER 0x00000004UL -#define SECURITY__CHECK_CONTEXT 0x00000008UL -#define SECURITY__LOAD_POLICY 0x00000010UL -#define SECURITY__COMPUTE_RELABEL 0x00000020UL -#define SECURITY__COMPUTE_USER 0x00000040UL -#define SECURITY__SETENFORCE 0x00000080UL -#define SECURITY__SETBOOL 0x00000100UL -#define SECURITY__SETSECPARAM 0x00000200UL -#define SECURITY__ADD_OCONTEXT 0x00000400UL -#define SECURITY__DEL_OCONTEXT 0x00000800UL - diff -r 42b273995da0 -r 68e8cfca220f xen/xsm/flask/include/class_to_string.h --- a/xen/xsm/flask/include/class_to_string.h Thu Jan 10 17:27:58 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,15 +0,0 @@ -/* This file is automatically generated. Do not edit. */ -/* - * Security object class definitions - */ - S_("null") - S_("xen") - S_("domain") - S_("domain2") - S_("hvm") - S_("mmu") - S_("resource") - S_("shadow") - S_("event") - S_("grant") - S_("security") diff -r 42b273995da0 -r 68e8cfca220f xen/xsm/flask/include/flask.h --- a/xen/xsm/flask/include/flask.h Thu Jan 10 17:27:58 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,35 +0,0 @@ -/* This file is automatically generated. Do not edit. */ -#ifndef _SELINUX_FLASK_H_ -#define _SELINUX_FLASK_H_ - -/* - * Security object class definitions - */ -#define SECCLASS_XEN 1 -#define SECCLASS_DOMAIN 2 -#define SECCLASS_DOMAIN2 3 -#define SECCLASS_HVM 4 -#define SECCLASS_MMU 5 -#define SECCLASS_RESOURCE 6 -#define SECCLASS_SHADOW 7 -#define SECCLASS_EVENT 8 -#define SECCLASS_GRANT 9 -#define SECCLASS_SECURITY 10 - -/* - * Security identifier indices for initial entities - */ -#define SECINITSID_XEN 1 -#define SECINITSID_DOM0 2 -#define SECINITSID_DOMIO 3 -#define SECINITSID_DOMXEN 4 -#define SECINITSID_UNLABELED 5 -#define SECINITSID_SECURITY 6 -#define SECINITSID_IOPORT 7 -#define SECINITSID_IOMEM 8 -#define SECINITSID_IRQ 9 -#define SECINITSID_DEVICE 10 - -#define SECINITSID_NUM 10 - -#endif diff -r 42b273995da0 -r 68e8cfca220f xen/xsm/flask/include/initial_sid_to_string.h --- a/xen/xsm/flask/include/initial_sid_to_string.h Thu Jan 10 17:27:58 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,16 +0,0 @@ -/* This file is automatically generated. Do not edit. */ -static char *initial_sid_to_string[] = -{ - "null", - "xen", - "dom0", - "domio", - "domxen", - "unlabeled", - "security", - "ioport", - "iomem", - "irq", - "device", -}; - _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 11 03:33:22 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 11 Jan 2013 03:33:22 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMu-0004gm-0E; Fri, 11 Jan 2013 03:33:20 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMr-0004fl-TK for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:18 +0000 Received: from [85.158.138.51:52617] by server-5.bemta-3.messagelabs.com id AD/00-04992-9F78FE05; Fri, 11 Jan 2013 03:33:13 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-9.tower-174.messagelabs.com!1357875192!27545585!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 31886 invoked from network); 11 Jan 2013 03:33:13 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-9.tower-174.messagelabs.com with AES256-SHA encrypted SMTP; 11 Jan 2013 03:33:13 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMm-0008NW-3M for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:12 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TtVMl-00022T-MW for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:11 +0000 Message-Id: Date: Fri, 11 Jan 2013 03:33:11 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] hvmloader: Allocate 3 pages for Intel GPU OpRegion passthrough. X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Keir Fraser # Date 1357838784 0 # Node ID d912bf7f6d220da455831c671e89375b7e92ee64 # Parent b9c38bea15b117552ecb51809779c7cfef82dd44 hvmloader: Allocate 3 pages for Intel GPU OpRegion passthrough. The 8kB region may not be page aligned, hence requiring 3 pages to be mapped through. Signed-off-by: Keir Fraser --- diff -r b9c38bea15b1 -r d912bf7f6d22 tools/firmware/hvmloader/config.h --- a/tools/firmware/hvmloader/config.h Thu Jan 10 17:18:43 2013 +0000 +++ b/tools/firmware/hvmloader/config.h Thu Jan 10 17:26:24 2013 +0000 @@ -5,7 +5,9 @@ enum virtual_vga { VGA_none, VGA_std, VGA_cirrus, VGA_pt }; extern enum virtual_vga virtual_vga; + extern unsigned long igd_opregion_pgbase; +#define IGD_OPREGION_PAGES 3 struct bios_config { const char *name; diff -r b9c38bea15b1 -r d912bf7f6d22 tools/firmware/hvmloader/e820.c --- a/tools/firmware/hvmloader/e820.c Thu Jan 10 17:18:43 2013 +0000 +++ b/tools/firmware/hvmloader/e820.c Thu Jan 10 17:26:24 2013 +0000 @@ -142,11 +142,11 @@ int build_e820_table(struct e820entry *e nr++; e820[nr].addr = igd_opregion_base; - e820[nr].size = 2 * PAGE_SIZE; + e820[nr].size = IGD_OPREGION_PAGES * PAGE_SIZE; e820[nr].type = E820_NVS; nr++; - e820[nr].addr = igd_opregion_base + 2 * PAGE_SIZE; + e820[nr].addr = igd_opregion_base + IGD_OPREGION_PAGES * PAGE_SIZE; e820[nr].size = (uint32_t)-e820[nr].addr; e820[nr].type = E820_RESERVED; nr++; diff -r b9c38bea15b1 -r d912bf7f6d22 tools/firmware/hvmloader/pci.c --- a/tools/firmware/hvmloader/pci.c Thu Jan 10 17:18:43 2013 +0000 +++ b/tools/firmware/hvmloader/pci.c Thu Jan 10 17:26:24 2013 +0000 @@ -104,7 +104,7 @@ void pci_setup(void) virtual_vga = VGA_pt; if ( vendor_id == 0x8086 ) { - igd_opregion_pgbase = mem_hole_alloc(2); + igd_opregion_pgbase = mem_hole_alloc(IGD_OPREGION_PAGES); /* * Write the the OpRegion offset to give the opregion * address to the device model. The device model will trap _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 11 03:33:22 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 11 Jan 2013 03:33:22 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMu-0004gm-0E; Fri, 11 Jan 2013 03:33:20 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMr-0004fl-TK for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:18 +0000 Received: from [85.158.138.51:52617] by server-5.bemta-3.messagelabs.com id AD/00-04992-9F78FE05; Fri, 11 Jan 2013 03:33:13 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-9.tower-174.messagelabs.com!1357875192!27545585!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 31886 invoked from network); 11 Jan 2013 03:33:13 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-9.tower-174.messagelabs.com with AES256-SHA encrypted SMTP; 11 Jan 2013 03:33:13 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMm-0008NW-3M for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:12 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TtVMl-00022T-MW for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:11 +0000 Message-Id: Date: Fri, 11 Jan 2013 03:33:11 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] hvmloader: Allocate 3 pages for Intel GPU OpRegion passthrough. X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Keir Fraser # Date 1357838784 0 # Node ID d912bf7f6d220da455831c671e89375b7e92ee64 # Parent b9c38bea15b117552ecb51809779c7cfef82dd44 hvmloader: Allocate 3 pages for Intel GPU OpRegion passthrough. The 8kB region may not be page aligned, hence requiring 3 pages to be mapped through. Signed-off-by: Keir Fraser --- diff -r b9c38bea15b1 -r d912bf7f6d22 tools/firmware/hvmloader/config.h --- a/tools/firmware/hvmloader/config.h Thu Jan 10 17:18:43 2013 +0000 +++ b/tools/firmware/hvmloader/config.h Thu Jan 10 17:26:24 2013 +0000 @@ -5,7 +5,9 @@ enum virtual_vga { VGA_none, VGA_std, VGA_cirrus, VGA_pt }; extern enum virtual_vga virtual_vga; + extern unsigned long igd_opregion_pgbase; +#define IGD_OPREGION_PAGES 3 struct bios_config { const char *name; diff -r b9c38bea15b1 -r d912bf7f6d22 tools/firmware/hvmloader/e820.c --- a/tools/firmware/hvmloader/e820.c Thu Jan 10 17:18:43 2013 +0000 +++ b/tools/firmware/hvmloader/e820.c Thu Jan 10 17:26:24 2013 +0000 @@ -142,11 +142,11 @@ int build_e820_table(struct e820entry *e nr++; e820[nr].addr = igd_opregion_base; - e820[nr].size = 2 * PAGE_SIZE; + e820[nr].size = IGD_OPREGION_PAGES * PAGE_SIZE; e820[nr].type = E820_NVS; nr++; - e820[nr].addr = igd_opregion_base + 2 * PAGE_SIZE; + e820[nr].addr = igd_opregion_base + IGD_OPREGION_PAGES * PAGE_SIZE; e820[nr].size = (uint32_t)-e820[nr].addr; e820[nr].type = E820_RESERVED; nr++; diff -r b9c38bea15b1 -r d912bf7f6d22 tools/firmware/hvmloader/pci.c --- a/tools/firmware/hvmloader/pci.c Thu Jan 10 17:18:43 2013 +0000 +++ b/tools/firmware/hvmloader/pci.c Thu Jan 10 17:26:24 2013 +0000 @@ -104,7 +104,7 @@ void pci_setup(void) virtual_vga = VGA_pt; if ( vendor_id == 0x8086 ) { - igd_opregion_pgbase = mem_hole_alloc(2); + igd_opregion_pgbase = mem_hole_alloc(IGD_OPREGION_PAGES); /* * Write the the OpRegion offset to give the opregion * address to the device model. The device model will trap _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 11 03:33:23 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 11 Jan 2013 03:33:23 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMv-0004hO-6d; Fri, 11 Jan 2013 03:33:21 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMt-0004gY-TS for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:20 +0000 Received: from [85.158.138.51:44139] by server-2.bemta-3.messagelabs.com id 77/B9-11239-AF78FE05; Fri, 11 Jan 2013 03:33:14 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-8.tower-174.messagelabs.com!1357875191!27457138!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 24343 invoked from network); 11 Jan 2013 03:33:12 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-8.tower-174.messagelabs.com with AES256-SHA encrypted SMTP; 11 Jan 2013 03:33:12 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMk-0008NQ-Rw for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TtVMk-00021z-FG for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:10 +0000 Message-Id: Date: Fri, 11 Jan 2013 03:33:09 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] HVM firmware passthrough SMBIOS processing X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ross Philipson # Date 1357838290 0 # Node ID a7ce196f40444fafbe8f13b2d80e4885d4321806 # Parent cabf395a6c849cc65e56f1640b18db0c3e0faf5d HVM firmware passthrough SMBIOS processing Passthrough support for the SMBIOS structures including three new DMTF defined types and support for OEM defined tables. Passed in SMBIOS types override the default internal values. Default values can be enabled for the new type 22 portable battery using a xenstore flag. All other new DMTF defined and OEM structures will only be added to the SMBIOS table if passthrough values are present. Signed-off-by: Ross Philipson Committed-by: Keir Fraser --- diff -r cabf395a6c84 -r a7ce196f4044 tools/firmware/hvmloader/smbios.c --- a/tools/firmware/hvmloader/smbios.c Thu Jan 10 17:17:21 2013 +0000 +++ b/tools/firmware/hvmloader/smbios.c Thu Jan 10 17:18:10 2013 +0000 @@ -26,16 +26,38 @@ #include "smbios_types.h" #include "util.h" #include "hypercall.h" +#include +/* SBMIOS handle base values */ +#define SMBIOS_HANDLE_TYPE0 0x0000 +#define SMBIOS_HANDLE_TYPE1 0x0100 +#define SMBIOS_HANDLE_TYPE2 0x0200 +#define SMBIOS_HANDLE_TYPE3 0x0300 +#define SMBIOS_HANDLE_TYPE4 0x0400 +#define SMBIOS_HANDLE_TYPE11 0x0B00 +#define SMBIOS_HANDLE_TYPE16 0x1000 +#define SMBIOS_HANDLE_TYPE17 0x1100 +#define SMBIOS_HANDLE_TYPE19 0x1300 +#define SMBIOS_HANDLE_TYPE20 0x1400 +#define SMBIOS_HANDLE_TYPE22 0x1600 +#define SMBIOS_HANDLE_TYPE32 0x2000 +#define SMBIOS_HANDLE_TYPE39 0x2700 +#define SMBIOS_HANDLE_TYPE127 0x7f00 + +static void +smbios_pt_init(void); +static void* +get_smbios_pt_struct(uint8_t type, uint32_t *length_out); +static void +get_cpu_manufacturer(char *buf, int len); static int write_smbios_tables(void *ep, void *start, uint32_t vcpus, uint64_t memsize, uint8_t uuid[16], char *xen_version, uint32_t xen_major_version, uint32_t xen_minor_version, unsigned *nr_structs, unsigned *max_struct_size); - -static void -get_cpu_manufacturer(char *buf, int len); +static uint64_t +get_memsize(void); static void smbios_entry_point_init(void *start, uint16_t max_structure_size, @@ -49,6 +71,8 @@ static void * smbios_type_1_init(void *start, const char *xen_version, uint8_t uuid[16]); static void * +smbios_type_2_init(void *start); +static void * smbios_type_3_init(void *start); static void * smbios_type_4_init(void *start, unsigned int cpu_number, @@ -64,10 +88,73 @@ smbios_type_19_init(void *start, uint32_ static void * smbios_type_20_init(void *start, uint32_t memory_size_mb, int instance); static void * +smbios_type_22_init(void *start); +static void * smbios_type_32_init(void *start); static void * +smbios_type_39_init(void *start); +static void * +smbios_type_vendor_oem_init(void *start); +static void * smbios_type_127_init(void *start); +static uint32_t *smbios_pt_addr = NULL; +static uint32_t smbios_pt_length = 0; + +static void +smbios_pt_init(void) +{ + const char *s; + + s = xenstore_read(HVM_XS_SMBIOS_PT_ADDRESS, NULL); + if ( s == NULL ) + goto reset; + + smbios_pt_addr = (uint32_t*)(uint32_t)strtoll(s, NULL, 0); + if ( smbios_pt_addr == NULL ) + goto reset; + + s = xenstore_read(HVM_XS_SMBIOS_PT_LENGTH, NULL); + if ( s == NULL ) + goto reset; + + smbios_pt_length = (uint32_t)strtoll(s, NULL, 0); + if ( smbios_pt_length == 0 ) + goto reset; + + return; + +reset: + smbios_pt_addr = NULL; + smbios_pt_length = 0; +} + +static void* +get_smbios_pt_struct(uint8_t type, uint32_t *length_out) +{ + uint32_t *sep = smbios_pt_addr; + uint32_t total = 0; + uint8_t *ptr; + + if ( sep == NULL ) + return NULL; + + while ( total < smbios_pt_length ) + { + ptr = (uint8_t*)(sep + 1); + if ( ptr[0] == type ) + { + *length_out = *sep; + return ptr; + } + + total += (*sep + sizeof(uint32_t)); + sep = (uint32_t*)(ptr + *sep); + } + + return NULL; +} + static void get_cpu_manufacturer(char *buf, int len) { @@ -97,6 +184,8 @@ write_smbios_tables(void *ep, void *star char cpu_manufacturer[15]; int i, nr_mem_devs; + smbios_pt_init(); + get_cpu_manufacturer(cpu_manufacturer, 15); p = (char *)start; @@ -112,6 +201,7 @@ write_smbios_tables(void *ep, void *star do_struct(smbios_type_0_init(p, xen_version, xen_major_version, xen_minor_version)); do_struct(smbios_type_1_init(p, xen_version, uuid)); + do_struct(smbios_type_2_init(p)); do_struct(smbios_type_3_init(p)); for ( cpu_num = 1; cpu_num <= vcpus; cpu_num++ ) do_struct(smbios_type_4_init(p, cpu_num, cpu_manufacturer)); @@ -130,7 +220,10 @@ write_smbios_tables(void *ep, void *star do_struct(smbios_type_20_init(p, dev_memsize, i)); } + do_struct(smbios_type_22_init(p)); do_struct(smbios_type_32_init(p)); + do_struct(smbios_type_39_init(p)); + do_struct(smbios_type_vendor_oem_init(p)); do_struct(smbios_type_127_init(p)); #undef do_struct @@ -289,12 +382,22 @@ smbios_type_0_init(void *start, const ch struct smbios_type_0 *p = (struct smbios_type_0 *)start; static const char *smbios_release_date = __SMBIOS_DATE__; const char *s; + void *pts; + uint32_t length; + + pts = get_smbios_pt_struct(0, &length); + if ( (pts != NULL)&&(length > 0) ) + { + memcpy(start, pts, length); + p->header.handle = SMBIOS_HANDLE_TYPE0; + return (start + length); + } memset(p, 0, sizeof(*p)); p->header.type = 0; p->header.length = sizeof(struct smbios_type_0); - p->header.handle = 0; + p->header.handle = SMBIOS_HANDLE_TYPE0; p->vendor_str = 1; p->version_str = 2; @@ -315,11 +418,11 @@ smbios_type_0_init(void *start, const ch p->embedded_controller_minor = 0xff; start += sizeof(struct smbios_type_0); - s = xenstore_read("bios-strings/bios-vendor", "Xen"); + s = xenstore_read(HVM_XS_BIOS_VENDOR, "Xen"); strcpy((char *)start, s); start += strlen(s) + 1; - s = xenstore_read("bios-strings/bios-version", xen_version); + s = xenstore_read(HVM_XS_BIOS_VERSION, xen_version); strcpy((char *)start, s); start += strlen(s) + 1; @@ -338,12 +441,22 @@ smbios_type_1_init(void *start, const ch char uuid_str[37]; struct smbios_type_1 *p = (struct smbios_type_1 *)start; const char *s; + void *pts; + uint32_t length; + + pts = get_smbios_pt_struct(1, &length); + if ( (pts != NULL)&&(length > 0) ) + { + memcpy(start, pts, length); + p->header.handle = SMBIOS_HANDLE_TYPE1; + return (start + length); + } memset(p, 0, sizeof(*p)); p->header.type = 1; p->header.length = sizeof(struct smbios_type_1); - p->header.handle = 0x100; + p->header.handle = SMBIOS_HANDLE_TYPE1; p->manufacturer_str = 1; p->product_name_str = 2; @@ -358,20 +471,20 @@ smbios_type_1_init(void *start, const ch start += sizeof(struct smbios_type_1); - s = xenstore_read("bios-strings/system-manufacturer", "Xen"); + s = xenstore_read(HVM_XS_SYSTEM_MANUFACTURER, "Xen"); strcpy((char *)start, s); start += strlen(s) + 1; - s = xenstore_read("bios-strings/system-product-name", "HVM domU"); + s = xenstore_read(HVM_XS_SYSTEM_PRODUCT_NAME, "HVM domU"); strcpy((char *)start, s); start += strlen(s) + 1; - s = xenstore_read("bios-strings/system-version", xen_version); + s = xenstore_read(HVM_XS_SYSTEM_VERSION, xen_version); strcpy((char *)start, s); start += strlen(s) + 1; uuid_to_string(uuid_str, uuid); - s = xenstore_read("bios-strings/system-serial-number", uuid_str); + s = xenstore_read(HVM_XS_SYSTEM_SERIAL_NUMBER, uuid_str); strcpy((char *)start, s); start += strlen(s) + 1; @@ -380,17 +493,58 @@ smbios_type_1_init(void *start, const ch return start+1; } +/* Type 2 -- System Board */ +static void * +smbios_type_2_init(void *start) +{ + struct smbios_type_2 *p = (struct smbios_type_2 *)start; + uint8_t *ptr; + void *pts; + uint32_t length; + + pts = get_smbios_pt_struct(2, &length); + if ( (pts != NULL)&&(length > 0) ) + { + memcpy(start, pts, length); + p->header.handle = SMBIOS_HANDLE_TYPE2; + + /* Set current chassis handle if present */ + if ( p->header.length > 13 ) + { + ptr = ((uint8_t*)start) + 11; + if ( *((uint16_t*)ptr) != 0 ) + *((uint16_t*)ptr) = SMBIOS_HANDLE_TYPE3; + } + + return (start + length); + } + + /* Only present when passed in */ + return start; +} + /* Type 3 -- System Enclosure */ static void * smbios_type_3_init(void *start) { struct smbios_type_3 *p = (struct smbios_type_3 *)start; + const char *s; + void *pts; + uint32_t length; + + pts = get_smbios_pt_struct(3, &length); + if ( (pts != NULL)&&(length > 0) ) + { + memcpy(start, pts, length); + p->header.handle = SMBIOS_HANDLE_TYPE3; + return (start + length); + } memset(p, 0, sizeof(*p)); p->header.type = 3; p->header.length = sizeof(struct smbios_type_3); - p->header.handle = 0x300; + p->header.handle = SMBIOS_HANDLE_TYPE3; p->manufacturer_str = 1; p->type = 0x01; /* other */ @@ -404,8 +558,19 @@ smbios_type_3_init(void *start) start += sizeof(struct smbios_type_3); - strcpy((char *)start, "Xen"); - start += strlen("Xen") + 1; + s = xenstore_read(HVM_XS_ENCLOSURE_MANUFACTURER, "Xen"); + strcpy((char *)start, s); + start += strlen(s) + 1; + + /* No internal defaults for this if the value is not set */ + s = xenstore_read(HVM_XS_ENCLOSURE_SERIAL_NUMBER, NULL); + if ( (s != NULL)&&(*s != '\0') ) + { + strcpy((char *)start, s); + start += strlen(s) + 1; + p->serial_number_str = 2; + } + *((uint8_t *)start) = 0; return start+1; } @@ -423,7 +588,7 @@ smbios_type_4_init( p->header.type = 4; p->header.length = sizeof(struct smbios_type_4); - p->header.handle = 0x400 + cpu_number; + p->header.handle = SMBIOS_HANDLE_TYPE4 + cpu_number; p->socket_designation_str = 1; p->processor_type = 0x03; /* CPU */ @@ -465,13 +630,23 @@ static void * smbios_type_11_init(void *start) { struct smbios_type_11 *p = (struct smbios_type_11 *)start; - char path[20] = "bios-strings/oem-XX"; + char path[20]; const char *s; int i; + void *pts; + uint32_t length; + + pts = get_smbios_pt_struct(11, &length); + if ( (pts != NULL)&&(length > 0) ) + { + memcpy(start, pts, length); + p->header.handle = SMBIOS_HANDLE_TYPE11; + return (start + length); + } p->header.type = 11; p->header.length = sizeof(struct smbios_type_11); - p->header.handle = 0xB00; + p->header.handle = SMBIOS_HANDLE_TYPE11; p->count = 0; @@ -480,8 +655,7 @@ smbios_type_11_init(void *start) /* Pull out as many oem-* strings we find in xenstore */ for ( i = 1; i < 100; i++ ) { - path[(sizeof path) - 3] = '0' + ((i < 10) ? i : i / 10); - path[(sizeof path) - 2] = (i < 10) ? '\0' : '0' + (i % 10); + snprintf(path, sizeof(path), HVM_XS_OEM_STRINGS, i); if ( ((s = xenstore_read(path, NULL)) == NULL) || (*s == '\0') ) break; strcpy((char *)start, s); @@ -510,7 +684,7 @@ smbios_type_16_init(void *start, uint32_ memset(p, 0, sizeof(*p)); p->header.type = 16; - p->header.handle = 0x1000; + p->header.handle = SMBIOS_HANDLE_TYPE16; p->header.length = sizeof(struct smbios_type_16); p->location = 0x01; /* other */ @@ -536,7 +710,7 @@ smbios_type_17_init(void *start, uint32_ p->header.type = 17; p->header.length = sizeof(struct smbios_type_17); - p->header.handle = 0x1100 + instance; + p->header.handle = SMBIOS_HANDLE_TYPE17 + instance; p->physical_memory_array_handle = 0x1000; p->total_width = 64; @@ -571,7 +745,7 @@ smbios_type_19_init(void *start, uint32_ p->header.type = 19; p->header.length = sizeof(struct smbios_type_19); - p->header.handle = 0x1300 + instance; + p->header.handle = SMBIOS_HANDLE_TYPE19 + instance; p->starting_address = instance << 24; p->ending_address = p->starting_address + (memory_size_mb << 10) - 1; @@ -593,7 +767,7 @@ smbios_type_20_init(void *start, uint32_ p->header.type = 20; p->header.length = sizeof(struct smbios_type_20); - p->header.handle = 0x1400 + instance; + p->header.handle = SMBIOS_HANDLE_TYPE20 + instance; p->starting_address = instance << 24; p->ending_address = p->starting_address + (memory_size_mb << 10) - 1; @@ -609,6 +783,71 @@ smbios_type_20_init(void *start, uint32_ return start+2; } +/* Type 22 -- Portable Battery */ +static void * +smbios_type_22_init(void *start) +{ + struct smbios_type_22 *p = (struct smbios_type_22 *)start; + static const char *smbios_release_date = __SMBIOS_DATE__; + const char *s; + void *pts; + uint32_t length; + + pts = get_smbios_pt_struct(22, &length); + if ( (pts != NULL)&&(length > 0) ) + { + memcpy(start, pts, length); + p->header.handle = SMBIOS_HANDLE_TYPE22; + return (start + length); + } + + s = xenstore_read(HVM_XS_SMBIOS_DEFAULT_BATTERY, "0"); + if ( strncmp(s, "1", 1) != 0 ) + return start; + + memset(p, 0, sizeof(*p)); + + p->header.type = 22; + p->header.length = sizeof(struct smbios_type_22); + p->header.handle = SMBIOS_HANDLE_TYPE22; + + p->location_str = 1; + p->manufacturer_str = 2; + p->manufacturer_date_str = 3; + p->serial_number_str = 0; + p->device_name_str = 4; + p->device_chemistry = 0x2; /* unknown */ + p->device_capacity = 0; /* unknown */ + p->device_voltage = 0; /* unknown */ + p->sbds_version_number = 0; + p->max_error = 0xff; /* unknown */ + p->sbds_serial_number = 0; + p->sbds_manufacturer_date = 0; + p->sbds_device_chemistry = 0; + p->design_capacity_multiplier = 0; + p->oem_specific = 0; + + start += sizeof(struct smbios_type_22); + + strcpy((char *)start, "Primary"); + start += strlen("Primary") + 1; + + s = xenstore_read(HVM_XS_BATTERY_MANUFACTURER, "Xen"); + strcpy((char *)start, s); + start += strlen(s) + 1; + + strcpy((char *)start, smbios_release_date); + start += strlen(smbios_release_date) + 1; + + s = xenstore_read(HVM_XS_BATTERY_DEVICE_NAME, "XEN-VBAT"); + strcpy((char *)start, s); + start += strlen(s) + 1; + + *((uint8_t *)start) = 0; + + return start+1; +} + /* Type 32 -- System Boot Information */ static void * smbios_type_32_init(void *start) @@ -619,7 +858,7 @@ smbios_type_32_init(void *start) p->header.type = 32; p->header.length = sizeof(struct smbios_type_32); - p->header.handle = 0x2000; + p->header.handle = SMBIOS_HANDLE_TYPE32; memset(p->reserved, 0, 6); p->boot_status = 0; /* no errors detected */ @@ -628,6 +867,58 @@ smbios_type_32_init(void *start) return start+2; } +/* Type 39 -- Power Supply */ +static void * +smbios_type_39_init(void *start) +{ + struct smbios_type_39 *p = (struct smbios_type_39 *)start; + void *pts; + uint32_t length; + + pts = get_smbios_pt_struct(39, &length); + if ( (pts != NULL)&&(length > 0) ) + { + memcpy(start, pts, length); + p->header.handle = SMBIOS_HANDLE_TYPE39; + return (start + length); + } + + /* Only present when passed in */ + return start; +} + +static void * +smbios_type_vendor_oem_init(void *start) +{ + uint32_t *sep = smbios_pt_addr; + uint32_t total = 0; + uint8_t *ptr; + + if ( sep == NULL ) + return start; + + while ( total < smbios_pt_length ) + { + ptr = (uint8_t*)(sep + 1); + if ( ptr[0] >= 128 ) + { + /* Vendor/OEM table, copy it in. Note the handle values cannot + * be changed since it is unknown what is in each of these tables + * but they could contain handle references to other tables. This + * means a slight risk of collision with the tables above but that + * would have to be dealt with on a case by case basis. + */ + memcpy(start, ptr, *sep); + start += *sep; + } + + total += (*sep + sizeof(uint32_t)); + sep = (uint32_t*)(ptr + *sep); + } + + return start; +} + /* Type 127 -- End of Table */ static void * smbios_type_127_init(void *start) @@ -638,7 +929,7 @@ smbios_type_127_init(void *start) p->header.type = 127; p->header.length = sizeof(struct smbios_type_127); - p->header.handle = 0x7f00; + p->header.handle = SMBIOS_HANDLE_TYPE127; start += sizeof(struct smbios_type_127); *((uint16_t *)start) = 0; diff -r cabf395a6c84 -r a7ce196f4044 tools/firmware/hvmloader/smbios_types.h --- a/tools/firmware/hvmloader/smbios_types.h Thu Jan 10 17:17:21 2013 +0000 +++ b/tools/firmware/hvmloader/smbios_types.h Thu Jan 10 17:18:10 2013 +0000 @@ -84,6 +84,15 @@ struct smbios_type_1 { uint8_t family_str; } __attribute__ ((packed)); +/* SMBIOS type 2 - Base Board Information */ +struct smbios_type_2 { + struct smbios_structure_header header; + uint8_t manufacturer_str; + uint8_t product_name_str; + uint8_t version_str; + uint8_t serial_number_str; +} __attribute__ ((packed)); + /* SMBIOS type 3 - System Enclosure */ struct smbios_type_3 { struct smbios_structure_header header; @@ -173,6 +182,26 @@ struct smbios_type_20 { uint8_t interleaved_data_depth; } __attribute__ ((packed)); +/* SMBIOS type 22 - Portable battery */ +struct smbios_type_22 { + struct smbios_structure_header header; + uint8_t location_str; + uint8_t manufacturer_str; + uint8_t manufacturer_date_str; + uint8_t serial_number_str; + uint8_t device_name_str; + uint8_t device_chemistry; + uint16_t device_capacity; + uint16_t device_voltage; + uint8_t sbds_version_number; + uint8_t max_error; + uint16_t sbds_serial_number; + uint16_t sbds_manufacturer_date; + uint8_t sbds_device_chemistry; + uint8_t design_capacity_multiplier; + uint32_t oem_specific; +} __attribute__ ((packed)); + /* SMBIOS type 32 - System Boot Information */ struct smbios_type_32 { struct smbios_structure_header header; @@ -180,6 +209,24 @@ struct smbios_type_32 { uint8_t boot_status; } __attribute__ ((packed)); +/* SMBIOS type 39 - Power Supply */ +struct smbios_type_39 { + struct smbios_structure_header header; + uint8_t power_unit_group; + uint8_t location_str; + uint8_t device_name_str; + uint8_t manufacturer_str; + uint8_t serial_number_str; + uint8_t asset_tag_number_str; + uint8_t model_part_number_str; + uint8_t revision_level_str; + uint16_t max_capacity; + uint16_t characteristics; + uint16_t input_voltage_probe_handle; + uint16_t cooling_device_handle; + uint16_t input_current_probe_handle; +} __attribute__ ((packed)); + /* SMBIOS type 127 -- End-of-table */ struct smbios_type_127 { struct smbios_structure_header header; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 11 03:33:23 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 11 Jan 2013 03:33:23 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMv-0004hO-6d; Fri, 11 Jan 2013 03:33:21 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMt-0004gY-TS for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:20 +0000 Received: from [85.158.138.51:44139] by server-2.bemta-3.messagelabs.com id 77/B9-11239-AF78FE05; Fri, 11 Jan 2013 03:33:14 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-8.tower-174.messagelabs.com!1357875191!27457138!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 24343 invoked from network); 11 Jan 2013 03:33:12 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-8.tower-174.messagelabs.com with AES256-SHA encrypted SMTP; 11 Jan 2013 03:33:12 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMk-0008NQ-Rw for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TtVMk-00021z-FG for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:10 +0000 Message-Id: Date: Fri, 11 Jan 2013 03:33:09 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] HVM firmware passthrough SMBIOS processing X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ross Philipson # Date 1357838290 0 # Node ID a7ce196f40444fafbe8f13b2d80e4885d4321806 # Parent cabf395a6c849cc65e56f1640b18db0c3e0faf5d HVM firmware passthrough SMBIOS processing Passthrough support for the SMBIOS structures including three new DMTF defined types and support for OEM defined tables. Passed in SMBIOS types override the default internal values. Default values can be enabled for the new type 22 portable battery using a xenstore flag. All other new DMTF defined and OEM structures will only be added to the SMBIOS table if passthrough values are present. Signed-off-by: Ross Philipson Committed-by: Keir Fraser --- diff -r cabf395a6c84 -r a7ce196f4044 tools/firmware/hvmloader/smbios.c --- a/tools/firmware/hvmloader/smbios.c Thu Jan 10 17:17:21 2013 +0000 +++ b/tools/firmware/hvmloader/smbios.c Thu Jan 10 17:18:10 2013 +0000 @@ -26,16 +26,38 @@ #include "smbios_types.h" #include "util.h" #include "hypercall.h" +#include +/* SBMIOS handle base values */ +#define SMBIOS_HANDLE_TYPE0 0x0000 +#define SMBIOS_HANDLE_TYPE1 0x0100 +#define SMBIOS_HANDLE_TYPE2 0x0200 +#define SMBIOS_HANDLE_TYPE3 0x0300 +#define SMBIOS_HANDLE_TYPE4 0x0400 +#define SMBIOS_HANDLE_TYPE11 0x0B00 +#define SMBIOS_HANDLE_TYPE16 0x1000 +#define SMBIOS_HANDLE_TYPE17 0x1100 +#define SMBIOS_HANDLE_TYPE19 0x1300 +#define SMBIOS_HANDLE_TYPE20 0x1400 +#define SMBIOS_HANDLE_TYPE22 0x1600 +#define SMBIOS_HANDLE_TYPE32 0x2000 +#define SMBIOS_HANDLE_TYPE39 0x2700 +#define SMBIOS_HANDLE_TYPE127 0x7f00 + +static void +smbios_pt_init(void); +static void* +get_smbios_pt_struct(uint8_t type, uint32_t *length_out); +static void +get_cpu_manufacturer(char *buf, int len); static int write_smbios_tables(void *ep, void *start, uint32_t vcpus, uint64_t memsize, uint8_t uuid[16], char *xen_version, uint32_t xen_major_version, uint32_t xen_minor_version, unsigned *nr_structs, unsigned *max_struct_size); - -static void -get_cpu_manufacturer(char *buf, int len); +static uint64_t +get_memsize(void); static void smbios_entry_point_init(void *start, uint16_t max_structure_size, @@ -49,6 +71,8 @@ static void * smbios_type_1_init(void *start, const char *xen_version, uint8_t uuid[16]); static void * +smbios_type_2_init(void *start); +static void * smbios_type_3_init(void *start); static void * smbios_type_4_init(void *start, unsigned int cpu_number, @@ -64,10 +88,73 @@ smbios_type_19_init(void *start, uint32_ static void * smbios_type_20_init(void *start, uint32_t memory_size_mb, int instance); static void * +smbios_type_22_init(void *start); +static void * smbios_type_32_init(void *start); static void * +smbios_type_39_init(void *start); +static void * +smbios_type_vendor_oem_init(void *start); +static void * smbios_type_127_init(void *start); +static uint32_t *smbios_pt_addr = NULL; +static uint32_t smbios_pt_length = 0; + +static void +smbios_pt_init(void) +{ + const char *s; + + s = xenstore_read(HVM_XS_SMBIOS_PT_ADDRESS, NULL); + if ( s == NULL ) + goto reset; + + smbios_pt_addr = (uint32_t*)(uint32_t)strtoll(s, NULL, 0); + if ( smbios_pt_addr == NULL ) + goto reset; + + s = xenstore_read(HVM_XS_SMBIOS_PT_LENGTH, NULL); + if ( s == NULL ) + goto reset; + + smbios_pt_length = (uint32_t)strtoll(s, NULL, 0); + if ( smbios_pt_length == 0 ) + goto reset; + + return; + +reset: + smbios_pt_addr = NULL; + smbios_pt_length = 0; +} + +static void* +get_smbios_pt_struct(uint8_t type, uint32_t *length_out) +{ + uint32_t *sep = smbios_pt_addr; + uint32_t total = 0; + uint8_t *ptr; + + if ( sep == NULL ) + return NULL; + + while ( total < smbios_pt_length ) + { + ptr = (uint8_t*)(sep + 1); + if ( ptr[0] == type ) + { + *length_out = *sep; + return ptr; + } + + total += (*sep + sizeof(uint32_t)); + sep = (uint32_t*)(ptr + *sep); + } + + return NULL; +} + static void get_cpu_manufacturer(char *buf, int len) { @@ -97,6 +184,8 @@ write_smbios_tables(void *ep, void *star char cpu_manufacturer[15]; int i, nr_mem_devs; + smbios_pt_init(); + get_cpu_manufacturer(cpu_manufacturer, 15); p = (char *)start; @@ -112,6 +201,7 @@ write_smbios_tables(void *ep, void *star do_struct(smbios_type_0_init(p, xen_version, xen_major_version, xen_minor_version)); do_struct(smbios_type_1_init(p, xen_version, uuid)); + do_struct(smbios_type_2_init(p)); do_struct(smbios_type_3_init(p)); for ( cpu_num = 1; cpu_num <= vcpus; cpu_num++ ) do_struct(smbios_type_4_init(p, cpu_num, cpu_manufacturer)); @@ -130,7 +220,10 @@ write_smbios_tables(void *ep, void *star do_struct(smbios_type_20_init(p, dev_memsize, i)); } + do_struct(smbios_type_22_init(p)); do_struct(smbios_type_32_init(p)); + do_struct(smbios_type_39_init(p)); + do_struct(smbios_type_vendor_oem_init(p)); do_struct(smbios_type_127_init(p)); #undef do_struct @@ -289,12 +382,22 @@ smbios_type_0_init(void *start, const ch struct smbios_type_0 *p = (struct smbios_type_0 *)start; static const char *smbios_release_date = __SMBIOS_DATE__; const char *s; + void *pts; + uint32_t length; + + pts = get_smbios_pt_struct(0, &length); + if ( (pts != NULL)&&(length > 0) ) + { + memcpy(start, pts, length); + p->header.handle = SMBIOS_HANDLE_TYPE0; + return (start + length); + } memset(p, 0, sizeof(*p)); p->header.type = 0; p->header.length = sizeof(struct smbios_type_0); - p->header.handle = 0; + p->header.handle = SMBIOS_HANDLE_TYPE0; p->vendor_str = 1; p->version_str = 2; @@ -315,11 +418,11 @@ smbios_type_0_init(void *start, const ch p->embedded_controller_minor = 0xff; start += sizeof(struct smbios_type_0); - s = xenstore_read("bios-strings/bios-vendor", "Xen"); + s = xenstore_read(HVM_XS_BIOS_VENDOR, "Xen"); strcpy((char *)start, s); start += strlen(s) + 1; - s = xenstore_read("bios-strings/bios-version", xen_version); + s = xenstore_read(HVM_XS_BIOS_VERSION, xen_version); strcpy((char *)start, s); start += strlen(s) + 1; @@ -338,12 +441,22 @@ smbios_type_1_init(void *start, const ch char uuid_str[37]; struct smbios_type_1 *p = (struct smbios_type_1 *)start; const char *s; + void *pts; + uint32_t length; + + pts = get_smbios_pt_struct(1, &length); + if ( (pts != NULL)&&(length > 0) ) + { + memcpy(start, pts, length); + p->header.handle = SMBIOS_HANDLE_TYPE1; + return (start + length); + } memset(p, 0, sizeof(*p)); p->header.type = 1; p->header.length = sizeof(struct smbios_type_1); - p->header.handle = 0x100; + p->header.handle = SMBIOS_HANDLE_TYPE1; p->manufacturer_str = 1; p->product_name_str = 2; @@ -358,20 +471,20 @@ smbios_type_1_init(void *start, const ch start += sizeof(struct smbios_type_1); - s = xenstore_read("bios-strings/system-manufacturer", "Xen"); + s = xenstore_read(HVM_XS_SYSTEM_MANUFACTURER, "Xen"); strcpy((char *)start, s); start += strlen(s) + 1; - s = xenstore_read("bios-strings/system-product-name", "HVM domU"); + s = xenstore_read(HVM_XS_SYSTEM_PRODUCT_NAME, "HVM domU"); strcpy((char *)start, s); start += strlen(s) + 1; - s = xenstore_read("bios-strings/system-version", xen_version); + s = xenstore_read(HVM_XS_SYSTEM_VERSION, xen_version); strcpy((char *)start, s); start += strlen(s) + 1; uuid_to_string(uuid_str, uuid); - s = xenstore_read("bios-strings/system-serial-number", uuid_str); + s = xenstore_read(HVM_XS_SYSTEM_SERIAL_NUMBER, uuid_str); strcpy((char *)start, s); start += strlen(s) + 1; @@ -380,17 +493,58 @@ smbios_type_1_init(void *start, const ch return start+1; } +/* Type 2 -- System Board */ +static void * +smbios_type_2_init(void *start) +{ + struct smbios_type_2 *p = (struct smbios_type_2 *)start; + uint8_t *ptr; + void *pts; + uint32_t length; + + pts = get_smbios_pt_struct(2, &length); + if ( (pts != NULL)&&(length > 0) ) + { + memcpy(start, pts, length); + p->header.handle = SMBIOS_HANDLE_TYPE2; + + /* Set current chassis handle if present */ + if ( p->header.length > 13 ) + { + ptr = ((uint8_t*)start) + 11; + if ( *((uint16_t*)ptr) != 0 ) + *((uint16_t*)ptr) = SMBIOS_HANDLE_TYPE3; + } + + return (start + length); + } + + /* Only present when passed in */ + return start; +} + /* Type 3 -- System Enclosure */ static void * smbios_type_3_init(void *start) { struct smbios_type_3 *p = (struct smbios_type_3 *)start; + const char *s; + void *pts; + uint32_t length; + + pts = get_smbios_pt_struct(3, &length); + if ( (pts != NULL)&&(length > 0) ) + { + memcpy(start, pts, length); + p->header.handle = SMBIOS_HANDLE_TYPE3; + return (start + length); + } memset(p, 0, sizeof(*p)); p->header.type = 3; p->header.length = sizeof(struct smbios_type_3); - p->header.handle = 0x300; + p->header.handle = SMBIOS_HANDLE_TYPE3; p->manufacturer_str = 1; p->type = 0x01; /* other */ @@ -404,8 +558,19 @@ smbios_type_3_init(void *start) start += sizeof(struct smbios_type_3); - strcpy((char *)start, "Xen"); - start += strlen("Xen") + 1; + s = xenstore_read(HVM_XS_ENCLOSURE_MANUFACTURER, "Xen"); + strcpy((char *)start, s); + start += strlen(s) + 1; + + /* No internal defaults for this if the value is not set */ + s = xenstore_read(HVM_XS_ENCLOSURE_SERIAL_NUMBER, NULL); + if ( (s != NULL)&&(*s != '\0') ) + { + strcpy((char *)start, s); + start += strlen(s) + 1; + p->serial_number_str = 2; + } + *((uint8_t *)start) = 0; return start+1; } @@ -423,7 +588,7 @@ smbios_type_4_init( p->header.type = 4; p->header.length = sizeof(struct smbios_type_4); - p->header.handle = 0x400 + cpu_number; + p->header.handle = SMBIOS_HANDLE_TYPE4 + cpu_number; p->socket_designation_str = 1; p->processor_type = 0x03; /* CPU */ @@ -465,13 +630,23 @@ static void * smbios_type_11_init(void *start) { struct smbios_type_11 *p = (struct smbios_type_11 *)start; - char path[20] = "bios-strings/oem-XX"; + char path[20]; const char *s; int i; + void *pts; + uint32_t length; + + pts = get_smbios_pt_struct(11, &length); + if ( (pts != NULL)&&(length > 0) ) + { + memcpy(start, pts, length); + p->header.handle = SMBIOS_HANDLE_TYPE11; + return (start + length); + } p->header.type = 11; p->header.length = sizeof(struct smbios_type_11); - p->header.handle = 0xB00; + p->header.handle = SMBIOS_HANDLE_TYPE11; p->count = 0; @@ -480,8 +655,7 @@ smbios_type_11_init(void *start) /* Pull out as many oem-* strings we find in xenstore */ for ( i = 1; i < 100; i++ ) { - path[(sizeof path) - 3] = '0' + ((i < 10) ? i : i / 10); - path[(sizeof path) - 2] = (i < 10) ? '\0' : '0' + (i % 10); + snprintf(path, sizeof(path), HVM_XS_OEM_STRINGS, i); if ( ((s = xenstore_read(path, NULL)) == NULL) || (*s == '\0') ) break; strcpy((char *)start, s); @@ -510,7 +684,7 @@ smbios_type_16_init(void *start, uint32_ memset(p, 0, sizeof(*p)); p->header.type = 16; - p->header.handle = 0x1000; + p->header.handle = SMBIOS_HANDLE_TYPE16; p->header.length = sizeof(struct smbios_type_16); p->location = 0x01; /* other */ @@ -536,7 +710,7 @@ smbios_type_17_init(void *start, uint32_ p->header.type = 17; p->header.length = sizeof(struct smbios_type_17); - p->header.handle = 0x1100 + instance; + p->header.handle = SMBIOS_HANDLE_TYPE17 + instance; p->physical_memory_array_handle = 0x1000; p->total_width = 64; @@ -571,7 +745,7 @@ smbios_type_19_init(void *start, uint32_ p->header.type = 19; p->header.length = sizeof(struct smbios_type_19); - p->header.handle = 0x1300 + instance; + p->header.handle = SMBIOS_HANDLE_TYPE19 + instance; p->starting_address = instance << 24; p->ending_address = p->starting_address + (memory_size_mb << 10) - 1; @@ -593,7 +767,7 @@ smbios_type_20_init(void *start, uint32_ p->header.type = 20; p->header.length = sizeof(struct smbios_type_20); - p->header.handle = 0x1400 + instance; + p->header.handle = SMBIOS_HANDLE_TYPE20 + instance; p->starting_address = instance << 24; p->ending_address = p->starting_address + (memory_size_mb << 10) - 1; @@ -609,6 +783,71 @@ smbios_type_20_init(void *start, uint32_ return start+2; } +/* Type 22 -- Portable Battery */ +static void * +smbios_type_22_init(void *start) +{ + struct smbios_type_22 *p = (struct smbios_type_22 *)start; + static const char *smbios_release_date = __SMBIOS_DATE__; + const char *s; + void *pts; + uint32_t length; + + pts = get_smbios_pt_struct(22, &length); + if ( (pts != NULL)&&(length > 0) ) + { + memcpy(start, pts, length); + p->header.handle = SMBIOS_HANDLE_TYPE22; + return (start + length); + } + + s = xenstore_read(HVM_XS_SMBIOS_DEFAULT_BATTERY, "0"); + if ( strncmp(s, "1", 1) != 0 ) + return start; + + memset(p, 0, sizeof(*p)); + + p->header.type = 22; + p->header.length = sizeof(struct smbios_type_22); + p->header.handle = SMBIOS_HANDLE_TYPE22; + + p->location_str = 1; + p->manufacturer_str = 2; + p->manufacturer_date_str = 3; + p->serial_number_str = 0; + p->device_name_str = 4; + p->device_chemistry = 0x2; /* unknown */ + p->device_capacity = 0; /* unknown */ + p->device_voltage = 0; /* unknown */ + p->sbds_version_number = 0; + p->max_error = 0xff; /* unknown */ + p->sbds_serial_number = 0; + p->sbds_manufacturer_date = 0; + p->sbds_device_chemistry = 0; + p->design_capacity_multiplier = 0; + p->oem_specific = 0; + + start += sizeof(struct smbios_type_22); + + strcpy((char *)start, "Primary"); + start += strlen("Primary") + 1; + + s = xenstore_read(HVM_XS_BATTERY_MANUFACTURER, "Xen"); + strcpy((char *)start, s); + start += strlen(s) + 1; + + strcpy((char *)start, smbios_release_date); + start += strlen(smbios_release_date) + 1; + + s = xenstore_read(HVM_XS_BATTERY_DEVICE_NAME, "XEN-VBAT"); + strcpy((char *)start, s); + start += strlen(s) + 1; + + *((uint8_t *)start) = 0; + + return start+1; +} + /* Type 32 -- System Boot Information */ static void * smbios_type_32_init(void *start) @@ -619,7 +858,7 @@ smbios_type_32_init(void *start) p->header.type = 32; p->header.length = sizeof(struct smbios_type_32); - p->header.handle = 0x2000; + p->header.handle = SMBIOS_HANDLE_TYPE32; memset(p->reserved, 0, 6); p->boot_status = 0; /* no errors detected */ @@ -628,6 +867,58 @@ smbios_type_32_init(void *start) return start+2; } +/* Type 39 -- Power Supply */ +static void * +smbios_type_39_init(void *start) +{ + struct smbios_type_39 *p = (struct smbios_type_39 *)start; + void *pts; + uint32_t length; + + pts = get_smbios_pt_struct(39, &length); + if ( (pts != NULL)&&(length > 0) ) + { + memcpy(start, pts, length); + p->header.handle = SMBIOS_HANDLE_TYPE39; + return (start + length); + } + + /* Only present when passed in */ + return start; +} + +static void * +smbios_type_vendor_oem_init(void *start) +{ + uint32_t *sep = smbios_pt_addr; + uint32_t total = 0; + uint8_t *ptr; + + if ( sep == NULL ) + return start; + + while ( total < smbios_pt_length ) + { + ptr = (uint8_t*)(sep + 1); + if ( ptr[0] >= 128 ) + { + /* Vendor/OEM table, copy it in. Note the handle values cannot + * be changed since it is unknown what is in each of these tables + * but they could contain handle references to other tables. This + * means a slight risk of collision with the tables above but that + * would have to be dealt with on a case by case basis. + */ + memcpy(start, ptr, *sep); + start += *sep; + } + + total += (*sep + sizeof(uint32_t)); + sep = (uint32_t*)(ptr + *sep); + } + + return start; +} + /* Type 127 -- End of Table */ static void * smbios_type_127_init(void *start) @@ -638,7 +929,7 @@ smbios_type_127_init(void *start) p->header.type = 127; p->header.length = sizeof(struct smbios_type_127); - p->header.handle = 0x7f00; + p->header.handle = SMBIOS_HANDLE_TYPE127; start += sizeof(struct smbios_type_127); *((uint16_t *)start) = 0; diff -r cabf395a6c84 -r a7ce196f4044 tools/firmware/hvmloader/smbios_types.h --- a/tools/firmware/hvmloader/smbios_types.h Thu Jan 10 17:17:21 2013 +0000 +++ b/tools/firmware/hvmloader/smbios_types.h Thu Jan 10 17:18:10 2013 +0000 @@ -84,6 +84,15 @@ struct smbios_type_1 { uint8_t family_str; } __attribute__ ((packed)); +/* SMBIOS type 2 - Base Board Information */ +struct smbios_type_2 { + struct smbios_structure_header header; + uint8_t manufacturer_str; + uint8_t product_name_str; + uint8_t version_str; + uint8_t serial_number_str; +} __attribute__ ((packed)); + /* SMBIOS type 3 - System Enclosure */ struct smbios_type_3 { struct smbios_structure_header header; @@ -173,6 +182,26 @@ struct smbios_type_20 { uint8_t interleaved_data_depth; } __attribute__ ((packed)); +/* SMBIOS type 22 - Portable battery */ +struct smbios_type_22 { + struct smbios_structure_header header; + uint8_t location_str; + uint8_t manufacturer_str; + uint8_t manufacturer_date_str; + uint8_t serial_number_str; + uint8_t device_name_str; + uint8_t device_chemistry; + uint16_t device_capacity; + uint16_t device_voltage; + uint8_t sbds_version_number; + uint8_t max_error; + uint16_t sbds_serial_number; + uint16_t sbds_manufacturer_date; + uint8_t sbds_device_chemistry; + uint8_t design_capacity_multiplier; + uint32_t oem_specific; +} __attribute__ ((packed)); + /* SMBIOS type 32 - System Boot Information */ struct smbios_type_32 { struct smbios_structure_header header; @@ -180,6 +209,24 @@ struct smbios_type_32 { uint8_t boot_status; } __attribute__ ((packed)); +/* SMBIOS type 39 - Power Supply */ +struct smbios_type_39 { + struct smbios_structure_header header; + uint8_t power_unit_group; + uint8_t location_str; + uint8_t device_name_str; + uint8_t manufacturer_str; + uint8_t serial_number_str; + uint8_t asset_tag_number_str; + uint8_t model_part_number_str; + uint8_t revision_level_str; + uint16_t max_capacity; + uint16_t characteristics; + uint16_t input_voltage_probe_handle; + uint16_t cooling_device_handle; + uint16_t input_current_probe_handle; +} __attribute__ ((packed)); + /* SMBIOS type 127 -- End-of-table */ struct smbios_type_127 { struct smbios_structure_header header; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 11 03:33:26 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 11 Jan 2013 03:33:26 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMz-0004j0-AG; Fri, 11 Jan 2013 03:33:25 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMx-0004i8-NP for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:24 +0000 Received: from [85.158.143.35:11294] by server-2.bemta-4.messagelabs.com id 1A/9C-24322-2088FE05; Fri, 11 Jan 2013 03:33:22 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-2.tower-21.messagelabs.com!1357875192!4714645!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 15598 invoked from network); 11 Jan 2013 03:33:15 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-2.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 11 Jan 2013 03:33:15 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMm-0008NZ-Lg for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:12 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TtVMm-00022i-BE for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:12 +0000 Message-Id: Date: Fri, 11 Jan 2013 03:33:11 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xsm: Use the dummy XSM module if XSM is disabled X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357838878 0 # Node ID 42b273995da0d11043a1a9b7002592c910db0cf8 # Parent d912bf7f6d220da455831c671e89375b7e92ee64 xsm: Use the dummy XSM module if XSM is disabled This patch moves the implementation of the dummy XSM module to a header file that provides inline functions when XSM_ENABLE is not defined. This reduces duplication between the dummy module and callers when the implementation of the dummy return is not just "return 0", and also provides better compile-time checking for completeness of the XSM implementations in the dummy module. Signed-off-by: Daniel De Graaf Committed-by: Keir Fraser --- diff -r d912bf7f6d22 -r 42b273995da0 xen/common/domctl.c --- a/xen/common/domctl.c Thu Jan 10 17:26:24 2013 +0000 +++ b/xen/common/domctl.c Thu Jan 10 17:27:58 2013 +0000 @@ -279,10 +279,8 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe } break; } -#ifdef XSM_ENABLE case XEN_DOMCTL_getdomaininfo: break; -#endif default: if ( !IS_PRIV(current->domain) ) return -EPERM; diff -r d912bf7f6d22 -r 42b273995da0 xen/include/xsm/dummy.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/xen/include/xsm/dummy.h Thu Jan 10 17:27:58 2013 +0000 @@ -0,0 +1,613 @@ +/* + * Default XSM hooks - IS_PRIV and IS_PRIV_FOR checks + * + * Author: Daniel De Graaf + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2, + * as published by the Free Software Foundation. + */ + +#include +#include + +static XSM_INLINE void xsm_security_domaininfo(struct domain *d, + struct xen_domctl_getdomaininfo *info) +{ + return; +} + +static XSM_INLINE int xsm_setvcpucontext(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_pausedomain(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_unpausedomain(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_resumedomain(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_domain_create(struct domain *d, u32 ssidref) +{ + return 0; +} + +static XSM_INLINE int xsm_max_vcpus(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_destroydomain(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_vcpuaffinity(int cmd, struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_scheduler(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_getdomaininfo(struct domain *d) +{ + if ( !IS_PRIV(current->domain) ) + return -EPERM; + return 0; +} + +static XSM_INLINE int xsm_getvcpucontext(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_getvcpuinfo(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_domain_settime(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_set_target(struct domain *d, struct domain *e) +{ + return 0; +} + +static XSM_INLINE int xsm_domctl(struct domain *d, int cmd) +{ + return 0; +} + +static XSM_INLINE int xsm_set_virq_handler(struct domain *d, uint32_t virq) +{ + return 0; +} + +static XSM_INLINE int xsm_tbufcontrol(void) +{ + return 0; +} + +static XSM_INLINE int xsm_readconsole(uint32_t clear) +{ + return 0; +} + +static XSM_INLINE int xsm_sched_id(void) +{ + return 0; +} + +static XSM_INLINE int xsm_setdomainmaxmem(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_setdomainhandle(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_setdebugging(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_perfcontrol(void) +{ + return 0; +} + +static XSM_INLINE int xsm_debug_keys(void) +{ + return 0; +} + +static XSM_INLINE int xsm_getcpuinfo(void) +{ + return 0; +} + +static XSM_INLINE int xsm_get_pmstat(void) +{ + return 0; +} + +static XSM_INLINE int xsm_setpminfo(void) +{ + return 0; +} + +static XSM_INLINE int xsm_pm_op(void) +{ + return 0; +} + +static XSM_INLINE int xsm_do_mca(void) +{ + return 0; +} + +static XSM_INLINE int xsm_availheap(void) +{ + return 0; +} + +static XSM_INLINE int xsm_alloc_security_domain(struct domain *d) +{ + return 0; +} + +static XSM_INLINE void xsm_free_security_domain(struct domain *d) +{ + return; +} + +static XSM_INLINE int xsm_grant_mapref(struct domain *d1, struct domain *d2, + uint32_t flags) +{ + return 0; +} + +static XSM_INLINE int xsm_grant_unmapref(struct domain *d1, struct domain *d2) +{ + return 0; +} + +static XSM_INLINE int xsm_grant_setup(struct domain *d1, struct domain *d2) +{ + return 0; +} + +static XSM_INLINE int xsm_grant_transfer(struct domain *d1, struct domain *d2) +{ + return 0; +} + +static XSM_INLINE int xsm_grant_copy(struct domain *d1, struct domain *d2) +{ + return 0; +} + +static XSM_INLINE int xsm_grant_query_size(struct domain *d1, struct domain *d2) +{ + return 0; +} + +static XSM_INLINE int xsm_memory_adjust_reservation(struct domain *d1, + struct domain *d2) +{ + return 0; +} + +static XSM_INLINE int xsm_memory_stat_reservation(struct domain *d1, struct domain *d2) +{ + return 0; +} + +static XSM_INLINE int xsm_console_io(struct domain *d, int cmd) +{ + return 0; +} + +static XSM_INLINE int xsm_profile(struct domain *d, int op) +{ + return 0; +} + +static XSM_INLINE int xsm_kexec(void) +{ + return 0; +} + +static XSM_INLINE int xsm_schedop_shutdown(struct domain *d1, struct domain *d2) +{ + return 0; +} + +static XSM_INLINE int xsm_memory_pin_page(struct domain *d1, struct domain *d2, + struct page_info *page) +{ + return 0; +} + +static XSM_INLINE int xsm_evtchn_unbound(struct domain *d, struct evtchn *chn, + domid_t id2) +{ + return 0; +} + +static XSM_INLINE int xsm_evtchn_interdomain(struct domain *d1, struct evtchn + *chan1, struct domain *d2, struct evtchn *chan2) +{ + return 0; +} + +static XSM_INLINE void xsm_evtchn_close_post(struct evtchn *chn) +{ + return; +} + +static XSM_INLINE int xsm_evtchn_send(struct domain *d, struct evtchn *chn) +{ + return 0; +} + +static XSM_INLINE int xsm_evtchn_status(struct domain *d, struct evtchn *chn) +{ + return 0; +} + +static XSM_INLINE int xsm_evtchn_reset(struct domain *d1, struct domain *d2) +{ + return 0; +} + +static XSM_INLINE int xsm_alloc_security_evtchn(struct evtchn *chn) +{ + return 0; +} + +static XSM_INLINE void xsm_free_security_evtchn(struct evtchn *chn) +{ + return; +} + +static XSM_INLINE char *xsm_show_security_evtchn(struct domain *d, const struct evtchn *chn) +{ + return NULL; +} + +static XSM_INLINE int xsm_get_pod_target(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_set_pod_target(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_get_device_group(uint32_t machine_bdf) +{ + return 0; +} + +static XSM_INLINE int xsm_test_assign_device(uint32_t machine_bdf) +{ + return 0; +} + +static XSM_INLINE int xsm_assign_device(struct domain *d, uint32_t machine_bdf) +{ + return 0; +} + +static XSM_INLINE int xsm_deassign_device(struct domain *d, uint32_t machine_bdf) +{ + return 0; +} + +static XSM_INLINE int xsm_resource_plug_core(void) +{ + return 0; +} + +static XSM_INLINE int xsm_resource_unplug_core(void) +{ + return 0; +} + +static XSM_INLINE int xsm_resource_plug_pci(uint32_t machine_bdf) +{ + return 0; +} + +static XSM_INLINE int xsm_resource_unplug_pci(uint32_t machine_bdf) +{ + return 0; +} + +static XSM_INLINE int xsm_resource_setup_pci(uint32_t machine_bdf) +{ + return 0; +} + +static XSM_INLINE int xsm_resource_setup_gsi(int gsi) +{ + return 0; +} + +static XSM_INLINE int xsm_resource_setup_misc(void) +{ + return 0; +} + +static XSM_INLINE int xsm_page_offline(uint32_t cmd) +{ + return 0; +} + +static XSM_INLINE int xsm_lockprof(void) +{ + return 0; +} + +static XSM_INLINE int xsm_cpupool_op(void) +{ + return 0; +} + +static XSM_INLINE int xsm_sched_op(void) +{ + return 0; +} + +static XSM_INLINE long xsm_do_xsm_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) +{ + return -ENOSYS; +} + +static XSM_INLINE char *xsm_show_irq_sid(int irq) +{ + return NULL; +} + +static XSM_INLINE int xsm_map_domain_pirq(struct domain *d, int irq, void *data) +{ + return 0; +} + +static XSM_INLINE int xsm_irq_permission(struct domain *d, int pirq, uint8_t allow) +{ + return 0; +} + +static XSM_INLINE int xsm_iomem_permission(struct domain *d, uint64_t s, uint64_t e, uint8_t allow) +{ + return 0; +} + +static XSM_INLINE int xsm_pci_config_permission(struct domain *d, uint32_t machine_bdf, + uint16_t start, uint16_t end, + uint8_t access) +{ + return 0; +} + +#ifdef CONFIG_X86 +static XSM_INLINE int xsm_shadow_control(struct domain *d, uint32_t op) +{ + return 0; +} + +static XSM_INLINE int xsm_getpageframeinfo(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_getmemlist(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_hypercall_init(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_hvmcontext(struct domain *d, uint32_t cmd) +{ + return 0; +} + +static XSM_INLINE int xsm_address_size(struct domain *d, uint32_t cmd) +{ + return 0; +} + +static XSM_INLINE int xsm_machine_address_size(struct domain *d, uint32_t cmd) +{ + return 0; +} + +static XSM_INLINE int xsm_hvm_param(struct domain *d, unsigned long op) +{ + return 0; +} + +static XSM_INLINE int xsm_hvm_set_pci_intx_level(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_hvm_set_isa_irq_level(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_hvm_set_pci_link_route(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_hvm_inject_msi(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_mem_event(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_mem_sharing(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_apic(struct domain *d, int cmd) +{ + return 0; +} + +static XSM_INLINE int xsm_xen_settime(void) +{ + return 0; +} + +static XSM_INLINE int xsm_memtype(uint32_t access) +{ + return 0; +} + +static XSM_INLINE int xsm_microcode(void) +{ + return 0; +} + +static XSM_INLINE int xsm_physinfo(void) +{ + return 0; +} + +static XSM_INLINE int xsm_platform_quirk(uint32_t quirk) +{ + return 0; +} + +static XSM_INLINE int xsm_firmware_info(void) +{ + return 0; +} + +static XSM_INLINE int xsm_efi_call(void) +{ + return 0; +} + +static XSM_INLINE int xsm_acpi_sleep(void) +{ + return 0; +} + +static XSM_INLINE int xsm_change_freq(void) +{ + return 0; +} + +static XSM_INLINE int xsm_getidletime(void) +{ + return 0; +} + +static XSM_INLINE int xsm_machine_memory_map(void) +{ + return 0; +} + +static XSM_INLINE int xsm_domain_memory_map(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_mmu_normal_update(struct domain *d, struct domain *t, + struct domain *f, intpte_t fpte) +{ + return 0; +} + +static XSM_INLINE int xsm_mmu_machphys_update(struct domain *d, struct domain *f, + unsigned long mfn) +{ + return 0; +} + +static XSM_INLINE int xsm_update_va_mapping(struct domain *d, struct domain *f, + l1_pgentry_t pte) +{ + return 0; +} + +static XSM_INLINE int xsm_add_to_physmap(struct domain *d1, struct domain *d2) +{ + return 0; +} + +static XSM_INLINE int xsm_remove_from_physmap(struct domain *d1, struct domain *d2) +{ + return 0; +} + +static XSM_INLINE int xsm_sendtrigger(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_bind_pt_irq(struct domain *d, struct xen_domctl_bind_pt_irq *bind) +{ + return 0; +} + +static XSM_INLINE int xsm_unbind_pt_irq(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_pin_mem_cacheattr(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_ext_vcpucontext(struct domain *d, uint32_t cmd) +{ + return 0; +} + +static XSM_INLINE int xsm_vcpuextstate(struct domain *d, uint32_t cmd) +{ + return 0; +} + +static XSM_INLINE int xsm_ioport_permission(struct domain *d, uint32_t s, uint32_t e, uint8_t allow) +{ + return 0; +} + +#endif diff -r d912bf7f6d22 -r 42b273995da0 xen/include/xsm/xsm.h --- a/xen/include/xsm/xsm.h Thu Jan 10 17:26:24 2013 +0000 +++ b/xen/include/xsm/xsm.h Thu Jan 10 17:27:58 2013 +0000 @@ -21,12 +21,6 @@ typedef void xsm_op_t; DEFINE_XEN_GUEST_HANDLE(xsm_op_t); -#ifdef XSM_ENABLE - #define xsm_call(fn) xsm_ops->fn -#else - #define xsm_call(fn) 0 -#endif - /* policy magic number (defined by XSM_MAGIC) */ typedef u32 xsm_magic_t; #ifndef XSM_MAGIC @@ -139,7 +133,7 @@ struct xsm_operations { int (*cpupool_op)(void); int (*sched_op)(void); - long (*__do_xsm_op) (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op); + long (*do_xsm_op) (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op); #ifdef CONFIG_X86 int (*shadow_control) (struct domain *d, uint32_t op); @@ -184,417 +178,608 @@ struct xsm_operations { #endif }; -#endif +extern struct xsm_operations *xsm_ops; -extern struct xsm_operations *xsm_ops; +#ifndef XSM_NO_WRAPPERS static inline void xsm_security_domaininfo (struct domain *d, struct xen_domctl_getdomaininfo *info) { - (void)xsm_call(security_domaininfo(d, info)); + xsm_ops->security_domaininfo(d, info); } static inline int xsm_setvcpucontext(struct domain *d) { - return xsm_call(setvcpucontext(d)); + return xsm_ops->setvcpucontext(d); } static inline int xsm_pausedomain (struct domain *d) { - return xsm_call(pausedomain(d)); + return xsm_ops->pausedomain(d); } static inline int xsm_unpausedomain (struct domain *d) { - return xsm_call(unpausedomain(d)); + return xsm_ops->unpausedomain(d); } static inline int xsm_resumedomain (struct domain *d) { - return xsm_call(resumedomain(d)); + return xsm_ops->resumedomain(d); } static inline int xsm_domain_create (struct domain *d, u32 ssidref) { - return xsm_call(domain_create(d, ssidref)); + return xsm_ops->domain_create(d, ssidref); } static inline int xsm_max_vcpus(struct domain *d) { - return xsm_call(max_vcpus(d)); + return xsm_ops->max_vcpus(d); } static inline int xsm_destroydomain (struct domain *d) { - return xsm_call(destroydomain(d)); + return xsm_ops->destroydomain(d); } static inline int xsm_vcpuaffinity (int cmd, struct domain *d) { - return xsm_call(vcpuaffinity(cmd, d)); + return xsm_ops->vcpuaffinity(cmd, d); } static inline int xsm_scheduler (struct domain *d) { - return xsm_call(scheduler(d)); + return xsm_ops->scheduler(d); } static inline int xsm_getdomaininfo (struct domain *d) { - return xsm_call(getdomaininfo(d)); + return xsm_ops->getdomaininfo(d); } static inline int xsm_getvcpucontext (struct domain *d) { - return xsm_call(getvcpucontext(d)); + return xsm_ops->getvcpucontext(d); } static inline int xsm_getvcpuinfo (struct domain *d) { - return xsm_call(getvcpuinfo(d)); + return xsm_ops->getvcpuinfo(d); } static inline int xsm_domain_settime (struct domain *d) { - return xsm_call(domain_settime(d)); + return xsm_ops->domain_settime(d); } static inline int xsm_set_target (struct domain *d, struct domain *e) { - return xsm_call(set_target(d, e)); + return xsm_ops->set_target(d, e); } static inline int xsm_domctl (struct domain *d, int cmd) { - return xsm_call(domctl(d, cmd)); + return xsm_ops->domctl(d, cmd); } static inline int xsm_set_virq_handler (struct domain *d, uint32_t virq) { - return xsm_call(set_virq_handler(d, virq)); + return xsm_ops->set_virq_handler(d, virq); } static inline int xsm_tbufcontrol (void) { - return xsm_call(tbufcontrol()); + return xsm_ops->tbufcontrol(); } static inline int xsm_readconsole (uint32_t clear) { - return xsm_call(readconsole(clear)); + return xsm_ops->readconsole(clear); } static inline int xsm_sched_id (void) { - return xsm_call(sched_id()); + return xsm_ops->sched_id(); } static inline int xsm_setdomainmaxmem (struct domain *d) { - return xsm_call(setdomainmaxmem(d)); + return xsm_ops->setdomainmaxmem(d); } static inline int xsm_setdomainhandle (struct domain *d) { - return xsm_call(setdomainhandle(d)); + return xsm_ops->setdomainhandle(d); } static inline int xsm_setdebugging (struct domain *d) { - return xsm_call(setdebugging(d)); + return xsm_ops->setdebugging(d); } static inline int xsm_perfcontrol (void) { - return xsm_call(perfcontrol()); + return xsm_ops->perfcontrol(); } static inline int xsm_debug_keys (void) { - return xsm_call(debug_keys()); + return xsm_ops->debug_keys(); } static inline int xsm_availheap (void) { - return xsm_call(availheap()); + return xsm_ops->availheap(); } static inline int xsm_getcpuinfo (void) { - return xsm_call(getcpuinfo()); + return xsm_ops->getcpuinfo(); } static inline int xsm_get_pmstat(void) { - return xsm_call(get_pmstat()); + return xsm_ops->get_pmstat(); } static inline int xsm_setpminfo(void) { - return xsm_call(setpminfo()); + return xsm_ops->setpminfo(); } static inline int xsm_pm_op(void) { - return xsm_call(pm_op()); + return xsm_ops->pm_op(); } static inline int xsm_do_mca(void) { - return xsm_call(do_mca()); + return xsm_ops->do_mca(); } static inline int xsm_evtchn_unbound (struct domain *d1, struct evtchn *chn, domid_t id2) { - return xsm_call(evtchn_unbound(d1, chn, id2)); + return xsm_ops->evtchn_unbound(d1, chn, id2); } static inline int xsm_evtchn_interdomain (struct domain *d1, struct evtchn *chan1, struct domain *d2, struct evtchn *chan2) { - return xsm_call(evtchn_interdomain(d1, chan1, d2, chan2)); + return xsm_ops->evtchn_interdomain(d1, chan1, d2, chan2); } static inline void xsm_evtchn_close_post (struct evtchn *chn) { - (void)xsm_call(evtchn_close_post(chn)); + xsm_ops->evtchn_close_post(chn); } static inline int xsm_evtchn_send (struct domain *d, struct evtchn *chn) { - return xsm_call(evtchn_send(d, chn)); + return xsm_ops->evtchn_send(d, chn); } static inline int xsm_evtchn_status (struct domain *d, struct evtchn *chn) { - return xsm_call(evtchn_status(d, chn)); + return xsm_ops->evtchn_status(d, chn); } static inline int xsm_evtchn_reset (struct domain *d1, struct domain *d2) { - return xsm_call(evtchn_reset(d1, d2)); + return xsm_ops->evtchn_reset(d1, d2); } static inline int xsm_grant_mapref (struct domain *d1, struct domain *d2, uint32_t flags) { - return xsm_call(grant_mapref(d1, d2, flags)); + return xsm_ops->grant_mapref(d1, d2, flags); } static inline int xsm_grant_unmapref (struct domain *d1, struct domain *d2) { - return xsm_call(grant_unmapref(d1, d2)); + return xsm_ops->grant_unmapref(d1, d2); } static inline int xsm_grant_setup (struct domain *d1, struct domain *d2) { - return xsm_call(grant_setup(d1, d2)); + return xsm_ops->grant_setup(d1, d2); } static inline int xsm_grant_transfer (struct domain *d1, struct domain *d2) { - return xsm_call(grant_transfer(d1, d2)); + return xsm_ops->grant_transfer(d1, d2); } static inline int xsm_grant_copy (struct domain *d1, struct domain *d2) { - return xsm_call(grant_copy(d1, d2)); + return xsm_ops->grant_copy(d1, d2); } static inline int xsm_grant_query_size (struct domain *d1, struct domain *d2) { - return xsm_call(grant_query_size(d1, d2)); + return xsm_ops->grant_query_size(d1, d2); } static inline int xsm_alloc_security_domain (struct domain *d) { - return xsm_call(alloc_security_domain(d)); + return xsm_ops->alloc_security_domain(d); } static inline void xsm_free_security_domain (struct domain *d) { - (void)xsm_call(free_security_domain(d)); + xsm_ops->free_security_domain(d); } static inline int xsm_alloc_security_evtchn (struct evtchn *chn) { - return xsm_call(alloc_security_evtchn(chn)); + return xsm_ops->alloc_security_evtchn(chn); } static inline void xsm_free_security_evtchn (struct evtchn *chn) { - (void)xsm_call(free_security_evtchn(chn)); + (void)xsm_ops->free_security_evtchn(chn); } static inline char *xsm_show_security_evtchn (struct domain *d, const struct evtchn *chn) { - return xsm_call(show_security_evtchn(d, chn)); + return xsm_ops->show_security_evtchn(d, chn); } static inline int xsm_get_pod_target (struct domain *d) { - return xsm_call(get_pod_target(d)); + return xsm_ops->get_pod_target(d); } static inline int xsm_set_pod_target (struct domain *d) { - return xsm_call(set_pod_target(d)); + return xsm_ops->set_pod_target(d); } static inline int xsm_memory_adjust_reservation (struct domain *d1, struct domain *d2) { - return xsm_call(memory_adjust_reservation(d1, d2)); + return xsm_ops->memory_adjust_reservation(d1, d2); } static inline int xsm_memory_stat_reservation (struct domain *d1, struct domain *d2) { - return xsm_call(memory_stat_reservation(d1, d2)); + return xsm_ops->memory_stat_reservation(d1, d2); } static inline int xsm_memory_pin_page(struct domain *d1, struct domain *d2, struct page_info *page) { - return xsm_call(memory_pin_page(d1, d2, page)); + return xsm_ops->memory_pin_page(d1, d2, page); } static inline int xsm_remove_from_physmap(struct domain *d1, struct domain *d2) { - return xsm_call(remove_from_physmap(d1, d2)); + return xsm_ops->remove_from_physmap(d1, d2); } static inline int xsm_console_io (struct domain *d, int cmd) { - return xsm_call(console_io(d, cmd)); + return xsm_ops->console_io(d, cmd); } static inline int xsm_profile (struct domain *d, int op) { - return xsm_call(profile(d, op)); + return xsm_ops->profile(d, op); } static inline int xsm_kexec (void) { - return xsm_call(kexec()); + return xsm_ops->kexec(); } static inline int xsm_schedop_shutdown (struct domain *d1, struct domain *d2) { - return xsm_call(schedop_shutdown(d1, d2)); + return xsm_ops->schedop_shutdown(d1, d2); } static inline char *xsm_show_irq_sid (int irq) { - return xsm_call(show_irq_sid(irq)); + return xsm_ops->show_irq_sid(irq); } static inline int xsm_map_domain_pirq (struct domain *d, int irq, void *data) { - return xsm_call(map_domain_pirq(d, irq, data)); + return xsm_ops->map_domain_pirq(d, irq, data); } static inline int xsm_irq_permission (struct domain *d, int pirq, uint8_t allow) { - return xsm_call(irq_permission(d, pirq, allow)); + return xsm_ops->irq_permission(d, pirq, allow); } static inline int xsm_iomem_permission (struct domain *d, uint64_t s, uint64_t e, uint8_t allow) { - return xsm_call(iomem_permission(d, s, e, allow)); + return xsm_ops->iomem_permission(d, s, e, allow); } static inline int xsm_pci_config_permission (struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access) { - return xsm_call(pci_config_permission(d, machine_bdf, start, end, access)); + return xsm_ops->pci_config_permission(d, machine_bdf, start, end, access); } static inline int xsm_get_device_group(uint32_t machine_bdf) { - return xsm_call(get_device_group(machine_bdf)); + return xsm_ops->get_device_group(machine_bdf); } static inline int xsm_test_assign_device(uint32_t machine_bdf) { - return xsm_call(test_assign_device(machine_bdf)); + return xsm_ops->test_assign_device(machine_bdf); } static inline int xsm_assign_device(struct domain *d, uint32_t machine_bdf) { - return xsm_call(assign_device(d, machine_bdf)); + return xsm_ops->assign_device(d, machine_bdf); } static inline int xsm_deassign_device(struct domain *d, uint32_t machine_bdf) { - return xsm_call(deassign_device(d, machine_bdf)); + return xsm_ops->deassign_device(d, machine_bdf); } static inline int xsm_resource_plug_pci (uint32_t machine_bdf) { - return xsm_call(resource_plug_pci(machine_bdf)); + return xsm_ops->resource_plug_pci(machine_bdf); } static inline int xsm_resource_unplug_pci (uint32_t machine_bdf) { - return xsm_call(resource_unplug_pci(machine_bdf)); + return xsm_ops->resource_unplug_pci(machine_bdf); } static inline int xsm_resource_plug_core (void) { - return xsm_call(resource_plug_core()); + return xsm_ops->resource_plug_core(); } static inline int xsm_resource_unplug_core (void) { - return xsm_call(resource_unplug_core()); + return xsm_ops->resource_unplug_core(); } static inline int xsm_resource_setup_pci (uint32_t machine_bdf) { - return xsm_call(resource_setup_pci(machine_bdf)); + return xsm_ops->resource_setup_pci(machine_bdf); } static inline int xsm_resource_setup_gsi (int gsi) { - return xsm_call(resource_setup_gsi(gsi)); + return xsm_ops->resource_setup_gsi(gsi); } static inline int xsm_resource_setup_misc (void) { - return xsm_call(resource_setup_misc()); + return xsm_ops->resource_setup_misc(); } static inline int xsm_page_offline(uint32_t cmd) { - return xsm_call(page_offline(cmd)); + return xsm_ops->page_offline(cmd); } static inline int xsm_lockprof(void) { - return xsm_call(lockprof()); + return xsm_ops->lockprof(); } static inline int xsm_cpupool_op(void) { - return xsm_call(cpupool_op()); + return xsm_ops->cpupool_op(); } static inline int xsm_sched_op(void) { - return xsm_call(sched_op()); + return xsm_ops->sched_op(); } -static inline long __do_xsm_op (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) +static inline long xsm_do_xsm_op (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) { -#ifdef XSM_ENABLE - return xsm_ops->__do_xsm_op(op); -#else - return -ENOSYS; -#endif + return xsm_ops->do_xsm_op(op); } -#ifdef XSM_ENABLE +#ifdef CONFIG_X86 +static inline int xsm_shadow_control (struct domain *d, uint32_t op) +{ + return xsm_ops->shadow_control(d, op); +} + +static inline int xsm_getpageframeinfo (struct domain *d) +{ + return xsm_ops->getpageframeinfo(d); +} + +static inline int xsm_getmemlist (struct domain *d) +{ + return xsm_ops->getmemlist(d); +} + +static inline int xsm_hypercall_init (struct domain *d) +{ + return xsm_ops->hypercall_init(d); +} + +static inline int xsm_hvmcontext (struct domain *d, uint32_t cmd) +{ + return xsm_ops->hvmcontext(d, cmd); +} + +static inline int xsm_address_size (struct domain *d, uint32_t cmd) +{ + return xsm_ops->address_size(d, cmd); +} + +static inline int xsm_machine_address_size (struct domain *d, uint32_t cmd) +{ + return xsm_ops->machine_address_size(d, cmd); +} + +static inline int xsm_hvm_param (struct domain *d, unsigned long op) +{ + return xsm_ops->hvm_param(d, op); +} + +static inline int xsm_hvm_set_pci_intx_level (struct domain *d) +{ + return xsm_ops->hvm_set_pci_intx_level(d); +} + +static inline int xsm_hvm_set_isa_irq_level (struct domain *d) +{ + return xsm_ops->hvm_set_isa_irq_level(d); +} + +static inline int xsm_hvm_set_pci_link_route (struct domain *d) +{ + return xsm_ops->hvm_set_pci_link_route(d); +} + +static inline int xsm_hvm_inject_msi (struct domain *d) +{ + return xsm_ops->hvm_inject_msi(d); +} + +static inline int xsm_mem_event (struct domain *d) +{ + return xsm_ops->mem_event(d); +} + +static inline int xsm_mem_sharing (struct domain *d) +{ + return xsm_ops->mem_sharing(d); +} + +static inline int xsm_apic (struct domain *d, int cmd) +{ + return xsm_ops->apic(d, cmd); +} + +static inline int xsm_xen_settime (void) +{ + return xsm_ops->xen_settime(); +} + +static inline int xsm_memtype (uint32_t access) +{ + return xsm_ops->memtype(access); +} + +static inline int xsm_microcode (void) +{ + return xsm_ops->microcode(); +} + +static inline int xsm_physinfo (void) +{ + return xsm_ops->physinfo(); +} + +static inline int xsm_platform_quirk (uint32_t quirk) +{ + return xsm_ops->platform_quirk(quirk); +} + +static inline int xsm_firmware_info (void) +{ + return xsm_ops->firmware_info(); +} + +static inline int xsm_efi_call (void) +{ + return xsm_ops->efi_call(); +} + +static inline int xsm_acpi_sleep (void) +{ + return xsm_ops->acpi_sleep(); +} + +static inline int xsm_change_freq (void) +{ + return xsm_ops->change_freq(); +} + +static inline int xsm_getidletime (void) +{ + return xsm_ops->getidletime(); +} + +static inline int xsm_machine_memory_map(void) +{ + return xsm_ops->machine_memory_map(); +} + +static inline int xsm_domain_memory_map(struct domain *d) +{ + return xsm_ops->domain_memory_map(d); +} + +static inline int xsm_mmu_normal_update (struct domain *d, struct domain *t, + struct domain *f, intpte_t fpte) +{ + return xsm_ops->mmu_normal_update(d, t, f, fpte); +} + +static inline int xsm_mmu_machphys_update (struct domain *d1, struct domain *d2, + unsigned long mfn) +{ + return xsm_ops->mmu_machphys_update(d1, d2, mfn); +} + +static inline int xsm_update_va_mapping(struct domain *d, struct domain *f, + l1_pgentry_t pte) +{ + return xsm_ops->update_va_mapping(d, f, pte); +} + +static inline int xsm_add_to_physmap(struct domain *d1, struct domain *d2) +{ + return xsm_ops->add_to_physmap(d1, d2); +} + +static inline int xsm_sendtrigger(struct domain *d) +{ + return xsm_ops->sendtrigger(d); +} + +static inline int xsm_bind_pt_irq(struct domain *d, + struct xen_domctl_bind_pt_irq *bind) +{ + return xsm_ops->bind_pt_irq(d, bind); +} + +static inline int xsm_unbind_pt_irq(struct domain *d) +{ + return xsm_ops->unbind_pt_irq(d); +} + +static inline int xsm_pin_mem_cacheattr(struct domain *d) +{ + return xsm_ops->pin_mem_cacheattr(d); +} + +static inline int xsm_ext_vcpucontext(struct domain *d, uint32_t cmd) +{ + return xsm_ops->ext_vcpucontext(d, cmd); +} +static inline int xsm_vcpuextstate(struct domain *d, uint32_t cmd) +{ + return xsm_ops->vcpuextstate(d, cmd); +} + +static inline int xsm_ioport_permission (struct domain *d, uint32_t s, uint32_t e, uint8_t allow) +{ + return xsm_ops->ioport_permission(d, s, e, allow); +} +#endif /* CONFIG_X86 */ +#endif /* XSM_NO_WRAPPERS */ + extern int xsm_init(unsigned long *module_map, const multiboot_info_t *mbi, void *(*bootstrap_map)(const module_t *)); extern int xsm_policy_init(unsigned long *module_map, @@ -602,211 +787,21 @@ extern int xsm_policy_init(unsigned long void *(*bootstrap_map)(const module_t *)); extern int register_xsm(struct xsm_operations *ops); extern int unregister_xsm(struct xsm_operations *ops); -#else + +extern struct xsm_operations dummy_xsm_ops; +extern void xsm_fixup_ops(struct xsm_operations *ops); + +#else /* XSM_ENABLE */ + +#define XSM_INLINE inline +#include + static inline int xsm_init (unsigned long *module_map, const multiboot_info_t *mbi, void *(*bootstrap_map)(const module_t *)) { return 0; } -#endif - -#ifdef CONFIG_X86 -static inline int xsm_shadow_control (struct domain *d, uint32_t op) -{ - return xsm_call(shadow_control(d, op)); -} - -static inline int xsm_getpageframeinfo (struct domain *d) -{ - return xsm_call(getpageframeinfo(d)); -} - -static inline int xsm_getmemlist (struct domain *d) -{ - return xsm_call(getmemlist(d)); -} - -static inline int xsm_hypercall_init (struct domain *d) -{ - return xsm_call(hypercall_init(d)); -} - -static inline int xsm_hvmcontext (struct domain *d, uint32_t cmd) -{ - return xsm_call(hvmcontext(d, cmd)); -} - -static inline int xsm_address_size (struct domain *d, uint32_t cmd) -{ - return xsm_call(address_size(d, cmd)); -} - -static inline int xsm_machine_address_size (struct domain *d, uint32_t cmd) -{ - return xsm_call(machine_address_size(d, cmd)); -} - -static inline int xsm_hvm_param (struct domain *d, unsigned long op) -{ - return xsm_call(hvm_param(d, op)); -} - -static inline int xsm_hvm_set_pci_intx_level (struct domain *d) -{ - return xsm_call(hvm_set_pci_intx_level(d)); -} - -static inline int xsm_hvm_set_isa_irq_level (struct domain *d) -{ - return xsm_call(hvm_set_isa_irq_level(d)); -} - -static inline int xsm_hvm_set_pci_link_route (struct domain *d) -{ - return xsm_call(hvm_set_pci_link_route(d)); -} - -static inline int xsm_hvm_inject_msi (struct domain *d) -{ - return xsm_call(hvm_inject_msi(d)); -} - -static inline int xsm_mem_event (struct domain *d) -{ - return xsm_call(mem_event(d)); -} - -static inline int xsm_mem_sharing (struct domain *d) -{ - return xsm_call(mem_sharing(d)); -} - -static inline int xsm_apic (struct domain *d, int cmd) -{ - return xsm_call(apic(d, cmd)); -} - -static inline int xsm_xen_settime (void) -{ - return xsm_call(xen_settime()); -} - -static inline int xsm_memtype (uint32_t access) -{ - return xsm_call(memtype(access)); -} - -static inline int xsm_microcode (void) -{ - return xsm_call(microcode()); -} - -static inline int xsm_physinfo (void) -{ - return xsm_call(physinfo()); -} - -static inline int xsm_platform_quirk (uint32_t quirk) -{ - return xsm_call(platform_quirk(quirk)); -} - -static inline int xsm_firmware_info (void) -{ - return xsm_call(firmware_info()); -} - -static inline int xsm_efi_call (void) -{ - return xsm_call(efi_call()); -} - -static inline int xsm_acpi_sleep (void) -{ - return xsm_call(acpi_sleep()); -} - -static inline int xsm_change_freq (void) -{ - return xsm_call(change_freq()); -} - -static inline int xsm_getidletime (void) -{ - return xsm_call(getidletime()); -} - -static inline int xsm_machine_memory_map(void) -{ - return xsm_call(machine_memory_map()); -} - -static inline int xsm_domain_memory_map(struct domain *d) -{ - return xsm_call(domain_memory_map(d)); -} - -static inline int xsm_mmu_normal_update (struct domain *d, struct domain *t, - struct domain *f, intpte_t fpte) -{ - return xsm_call(mmu_normal_update(d, t, f, fpte)); -} - -static inline int xsm_mmu_machphys_update (struct domain *d1, struct domain *d2, - unsigned long mfn) -{ - return xsm_call(mmu_machphys_update(d1, d2, mfn)); -} - -static inline int xsm_update_va_mapping(struct domain *d, struct domain *f, - l1_pgentry_t pte) -{ - return xsm_call(update_va_mapping(d, f, pte)); -} - -static inline int xsm_add_to_physmap(struct domain *d1, struct domain *d2) -{ - return xsm_call(add_to_physmap(d1, d2)); -} - -static inline int xsm_sendtrigger(struct domain *d) -{ - return xsm_call(sendtrigger(d)); -} - -static inline int xsm_bind_pt_irq(struct domain *d, - struct xen_domctl_bind_pt_irq *bind) -{ - return xsm_call(bind_pt_irq(d, bind)); -} - -static inline int xsm_unbind_pt_irq(struct domain *d) -{ - return xsm_call(unbind_pt_irq(d)); -} - -static inline int xsm_pin_mem_cacheattr(struct domain *d) -{ - return xsm_call(pin_mem_cacheattr(d)); -} - -static inline int xsm_ext_vcpucontext(struct domain *d, uint32_t cmd) -{ - return xsm_call(ext_vcpucontext(d, cmd)); -} -static inline int xsm_vcpuextstate(struct domain *d, uint32_t cmd) -{ - return xsm_call(vcpuextstate(d, cmd)); -} - -static inline int xsm_ioport_permission (struct domain *d, uint32_t s, uint32_t e, uint8_t allow) -{ - return xsm_call(ioport_permission(d, s, e, allow)); -} -#endif /* CONFIG_X86 */ - -extern struct xsm_operations dummy_xsm_ops; -extern void xsm_fixup_ops(struct xsm_operations *ops); +#endif /* XSM_ENABLE */ #endif /* __XSM_H */ diff -r d912bf7f6d22 -r 42b273995da0 xen/xsm/dummy.c --- a/xen/xsm/dummy.c Thu Jan 10 17:26:24 2013 +0000 +++ b/xen/xsm/dummy.c Thu Jan 10 17:27:58 2013 +0000 @@ -10,606 +10,9 @@ * as published by the Free Software Foundation. */ -#include -#include - -static void dummy_security_domaininfo(struct domain *d, - struct xen_domctl_getdomaininfo *info) -{ - return; -} - -static int dummy_setvcpucontext(struct domain *d) -{ - return 0; -} - -static int dummy_pausedomain (struct domain *d) -{ - return 0; -} - -static int dummy_unpausedomain (struct domain *d) -{ - return 0; -} - -static int dummy_resumedomain (struct domain *d) -{ - return 0; -} - -static int dummy_domain_create(struct domain *d, u32 ssidref) -{ - return 0; -} - -static int dummy_max_vcpus(struct domain *d) -{ - return 0; -} - -static int dummy_destroydomain (struct domain *d) -{ - return 0; -} - -static int dummy_vcpuaffinity (int cmd, struct domain *d) -{ - return 0; -} - -static int dummy_scheduler (struct domain *d) -{ - return 0; -} - -static int dummy_getdomaininfo (struct domain *d) -{ - if ( !IS_PRIV(current->domain) ) - return -EPERM; - return 0; -} - -static int dummy_getvcpucontext (struct domain *d) -{ - return 0; -} - -static int dummy_getvcpuinfo (struct domain *d) -{ - return 0; -} - -static int dummy_domain_settime (struct domain *d) -{ - return 0; -} - -static int dummy_set_target (struct domain *d, struct domain *e) -{ - return 0; -} - -static int dummy_domctl(struct domain *d, int cmd) -{ - return 0; -} - -static int dummy_set_virq_handler(struct domain *d, uint32_t virq) -{ - return 0; -} - -static int dummy_tbufcontrol (void) -{ - return 0; -} - -static int dummy_readconsole (uint32_t clear) -{ - return 0; -} - -static int dummy_sched_id (void) -{ - return 0; -} - -static int dummy_setdomainmaxmem (struct domain *d) -{ - return 0; -} - -static int dummy_setdomainhandle (struct domain *d) -{ - return 0; -} - -static int dummy_setdebugging (struct domain *d) -{ - return 0; -} - -static int dummy_perfcontrol (void) -{ - return 0; -} - -static int dummy_debug_keys (void) -{ - return 0; -} - -static int dummy_getcpuinfo (void) -{ - return 0; -} - -static int dummy_get_pmstat (void) -{ - return 0; -} - -static int dummy_setpminfo (void) -{ - return 0; -} - -static int dummy_pm_op (void) -{ - return 0; -} - -static int dummy_do_mca (void) -{ - return 0; -} - -static int dummy_availheap (void) -{ - return 0; -} - -static int dummy_alloc_security_domain (struct domain *d) -{ - return 0; -} - -static void dummy_free_security_domain (struct domain *d) -{ - return; -} - -static int dummy_grant_mapref (struct domain *d1, struct domain *d2, - uint32_t flags) -{ - return 0; -} - -static int dummy_grant_unmapref (struct domain *d1, struct domain *d2) -{ - return 0; -} - -static int dummy_grant_setup (struct domain *d1, struct domain *d2) -{ - return 0; -} - -static int dummy_grant_transfer (struct domain *d1, struct domain *d2) -{ - return 0; -} - -static int dummy_grant_copy (struct domain *d1, struct domain *d2) -{ - return 0; -} - -static int dummy_grant_query_size (struct domain *d1, struct domain *d2) -{ - return 0; -} - -static int dummy_memory_adjust_reservation (struct domain *d1, - struct domain *d2) -{ - return 0; -} - -static int dummy_memory_stat_reservation (struct domain *d1, struct domain *d2) -{ - return 0; -} - -static int dummy_console_io (struct domain *d, int cmd) -{ - return 0; -} - -static int dummy_profile (struct domain *d, int op) -{ - return 0; -} - -static int dummy_kexec (void) -{ - return 0; -} - -static int dummy_schedop_shutdown (struct domain *d1, struct domain *d2) -{ - return 0; -} - -static int dummy_memory_pin_page(struct domain *d1, struct domain *d2, struct page_info *page) -{ - return 0; -} - -static int dummy_evtchn_unbound (struct domain *d, struct evtchn *chn, - domid_t id2) -{ - return 0; -} - -static int dummy_evtchn_interdomain (struct domain *d1, struct evtchn - *chan1, struct domain *d2, struct evtchn *chan2) -{ - return 0; -} - -static void dummy_evtchn_close_post (struct evtchn *chn) -{ - return; -} - -static int dummy_evtchn_send (struct domain *d, struct evtchn *chn) -{ - return 0; -} - -static int dummy_evtchn_status (struct domain *d, struct evtchn *chn) -{ - return 0; -} - -static int dummy_evtchn_reset (struct domain *d1, struct domain *d2) -{ - return 0; -} - -static int dummy_alloc_security_evtchn (struct evtchn *chn) -{ - return 0; -} - -static void dummy_free_security_evtchn (struct evtchn *chn) -{ - return; -} - -static char *dummy_show_security_evtchn (struct domain *d, const struct evtchn *chn) -{ - return NULL; -} - -static int dummy_get_pod_target(struct domain *d) -{ - return 0; -} - -static int dummy_set_pod_target(struct domain *d) -{ - return 0; -} - -static int dummy_get_device_group (uint32_t machine_bdf) -{ - return 0; -} - -static int dummy_test_assign_device (uint32_t machine_bdf) -{ - return 0; -} - -static int dummy_assign_device (struct domain *d, uint32_t machine_bdf) -{ - return 0; -} - -static int dummy_deassign_device (struct domain *d, uint32_t machine_bdf) -{ - return 0; -} - -static int dummy_resource_plug_core (void) -{ - return 0; -} - -static int dummy_resource_unplug_core (void) -{ - return 0; -} - -static int dummy_resource_plug_pci (uint32_t machine_bdf) -{ - return 0; -} - -static int dummy_resource_unplug_pci (uint32_t machine_bdf) -{ - return 0; -} - -static int dummy_resource_setup_pci (uint32_t machine_bdf) -{ - return 0; -} - -static int dummy_resource_setup_gsi (int gsi) -{ - return 0; -} - -static int dummy_resource_setup_misc (void) -{ - return 0; -} - -static int dummy_page_offline (uint32_t cmd) -{ - return 0; -} - -static int dummy_lockprof (void) -{ - return 0; -} - -static int dummy_cpupool_op (void) -{ - return 0; -} - -static int dummy_sched_op (void) -{ - return 0; -} - -static long dummy___do_xsm_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) -{ - return -ENOSYS; -} - -static char *dummy_show_irq_sid (int irq) -{ - return NULL; -} - -static int dummy_map_domain_pirq (struct domain *d, int irq, void *data) -{ - return 0; -} - -static int dummy_irq_permission (struct domain *d, int pirq, uint8_t allow) -{ - return 0; -} - -static int dummy_iomem_permission (struct domain *d, uint64_t s, uint64_t e, uint8_t allow) -{ - return 0; -} - -static int dummy_pci_config_permission (struct domain *d, uint32_t machine_bdf, - uint16_t start, uint16_t end, - uint8_t access) -{ - return 0; -} - -#ifdef CONFIG_X86 -static int dummy_shadow_control (struct domain *d, uint32_t op) -{ - return 0; -} - -static int dummy_getpageframeinfo (struct domain *d) -{ - return 0; -} - -static int dummy_getmemlist (struct domain *d) -{ - return 0; -} - -static int dummy_hypercall_init (struct domain *d) -{ - return 0; -} - -static int dummy_hvmcontext (struct domain *d, uint32_t cmd) -{ - return 0; -} - -static int dummy_address_size (struct domain *d, uint32_t cmd) -{ - return 0; -} - -static int dummy_machine_address_size (struct domain *d, uint32_t cmd) -{ - return 0; -} - -static int dummy_hvm_param (struct domain *d, unsigned long op) -{ - return 0; -} - -static int dummy_hvm_set_pci_intx_level (struct domain *d) -{ - return 0; -} - -static int dummy_hvm_set_isa_irq_level (struct domain *d) -{ - return 0; -} - -static int dummy_hvm_set_pci_link_route (struct domain *d) -{ - return 0; -} - -static int dummy_hvm_inject_msi (struct domain *d) -{ - return 0; -} - -static int dummy_mem_event (struct domain *d) -{ - return 0; -} - -static int dummy_mem_sharing (struct domain *d) -{ - return 0; -} - -static int dummy_apic (struct domain *d, int cmd) -{ - return 0; -} - -static int dummy_xen_settime (void) -{ - return 0; -} - -static int dummy_memtype (uint32_t access) -{ - return 0; -} - -static int dummy_microcode (void) -{ - return 0; -} - -static int dummy_physinfo (void) -{ - return 0; -} - -static int dummy_platform_quirk (uint32_t quirk) -{ - return 0; -} - -static int dummy_firmware_info (void) -{ - return 0; -} - -static int dummy_efi_call(void) -{ - return 0; -} - -static int dummy_acpi_sleep (void) -{ - return 0; -} - -static int dummy_change_freq (void) -{ - return 0; -} - -static int dummy_getidletime (void) -{ - return 0; -} - -static int dummy_machine_memory_map (void) -{ - return 0; -} - -static int dummy_domain_memory_map (struct domain *d) -{ - return 0; -} - -static int dummy_mmu_normal_update (struct domain *d, struct domain *t, - struct domain *f, intpte_t fpte) -{ - return 0; -} - -static int dummy_mmu_machphys_update (struct domain *d, struct domain *f, unsigned long mfn) -{ - return 0; -} - -static int dummy_update_va_mapping (struct domain *d, struct domain *f, - l1_pgentry_t pte) -{ - return 0; -} - -static int dummy_add_to_physmap (struct domain *d1, struct domain *d2) -{ - return 0; -} - -static int dummy_remove_from_physmap (struct domain *d1, struct domain *d2) -{ - return 0; -} - -static int dummy_sendtrigger (struct domain *d) -{ - return 0; -} - -static int dummy_bind_pt_irq (struct domain *d, struct xen_domctl_bind_pt_irq *bind) -{ - return 0; -} - -static int dummy_unbind_pt_irq (struct domain *d) -{ - return 0; -} - -static int dummy_pin_mem_cacheattr (struct domain *d) -{ - return 0; -} - -static int dummy_ext_vcpucontext (struct domain *d, uint32_t cmd) -{ - return 0; -} - -static int dummy_vcpuextstate (struct domain *d, uint32_t cmd) -{ - return 0; -} - -static int dummy_ioport_permission (struct domain *d, uint32_t s, uint32_t e, uint8_t allow) -{ - return 0; -} -#endif +#define XSM_NO_WRAPPERS +#define XSM_INLINE /* */ +#include struct xsm_operations dummy_xsm_ops; @@ -617,7 +20,7 @@ struct xsm_operations dummy_xsm_ops; do { \ if ( !ops->function ) \ { \ - ops->function = dummy_##function; \ + ops->function = xsm_##function; \ if (ops != &dummy_xsm_ops) \ dprintk(XENLOG_DEBUG, "Had to override the " #function \ " security operation with the dummy one.\n"); \ @@ -715,7 +118,7 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, cpupool_op); set_to_dummy_if_null(ops, sched_op); - set_to_dummy_if_null(ops, __do_xsm_op); + set_to_dummy_if_null(ops, do_xsm_op); #ifdef CONFIG_X86 set_to_dummy_if_null(ops, shadow_control); diff -r d912bf7f6d22 -r 42b273995da0 xen/xsm/flask/hooks.c --- a/xen/xsm/flask/hooks.c Thu Jan 10 17:26:24 2013 +0000 +++ b/xen/xsm/flask/hooks.c Thu Jan 10 17:27:58 2013 +0000 @@ -1550,7 +1550,7 @@ static struct xsm_operations flask_ops = .cpupool_op = flask_cpupool_op, .sched_op = flask_sched_op, - .__do_xsm_op = do_flask_op, + .do_xsm_op = do_flask_op, #ifdef CONFIG_X86 .shadow_control = flask_shadow_control, diff -r d912bf7f6d22 -r 42b273995da0 xen/xsm/xsm_core.c --- a/xen/xsm/xsm_core.c Thu Jan 10 17:26:24 2013 +0000 +++ b/xen/xsm/xsm_core.c Thu Jan 10 17:27:58 2013 +0000 @@ -113,7 +113,7 @@ int unregister_xsm(struct xsm_operations long do_xsm_op (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) { - return __do_xsm_op(op); + return xsm_do_xsm_op(op); } _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 11 03:33:26 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 11 Jan 2013 03:33:26 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMz-0004j0-AG; Fri, 11 Jan 2013 03:33:25 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMx-0004i8-NP for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:24 +0000 Received: from [85.158.143.35:11294] by server-2.bemta-4.messagelabs.com id 1A/9C-24322-2088FE05; Fri, 11 Jan 2013 03:33:22 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-2.tower-21.messagelabs.com!1357875192!4714645!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 15598 invoked from network); 11 Jan 2013 03:33:15 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-2.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 11 Jan 2013 03:33:15 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMm-0008NZ-Lg for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:12 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TtVMm-00022i-BE for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:12 +0000 Message-Id: Date: Fri, 11 Jan 2013 03:33:11 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xsm: Use the dummy XSM module if XSM is disabled X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357838878 0 # Node ID 42b273995da0d11043a1a9b7002592c910db0cf8 # Parent d912bf7f6d220da455831c671e89375b7e92ee64 xsm: Use the dummy XSM module if XSM is disabled This patch moves the implementation of the dummy XSM module to a header file that provides inline functions when XSM_ENABLE is not defined. This reduces duplication between the dummy module and callers when the implementation of the dummy return is not just "return 0", and also provides better compile-time checking for completeness of the XSM implementations in the dummy module. Signed-off-by: Daniel De Graaf Committed-by: Keir Fraser --- diff -r d912bf7f6d22 -r 42b273995da0 xen/common/domctl.c --- a/xen/common/domctl.c Thu Jan 10 17:26:24 2013 +0000 +++ b/xen/common/domctl.c Thu Jan 10 17:27:58 2013 +0000 @@ -279,10 +279,8 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe } break; } -#ifdef XSM_ENABLE case XEN_DOMCTL_getdomaininfo: break; -#endif default: if ( !IS_PRIV(current->domain) ) return -EPERM; diff -r d912bf7f6d22 -r 42b273995da0 xen/include/xsm/dummy.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/xen/include/xsm/dummy.h Thu Jan 10 17:27:58 2013 +0000 @@ -0,0 +1,613 @@ +/* + * Default XSM hooks - IS_PRIV and IS_PRIV_FOR checks + * + * Author: Daniel De Graaf + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2, + * as published by the Free Software Foundation. + */ + +#include +#include + +static XSM_INLINE void xsm_security_domaininfo(struct domain *d, + struct xen_domctl_getdomaininfo *info) +{ + return; +} + +static XSM_INLINE int xsm_setvcpucontext(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_pausedomain(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_unpausedomain(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_resumedomain(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_domain_create(struct domain *d, u32 ssidref) +{ + return 0; +} + +static XSM_INLINE int xsm_max_vcpus(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_destroydomain(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_vcpuaffinity(int cmd, struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_scheduler(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_getdomaininfo(struct domain *d) +{ + if ( !IS_PRIV(current->domain) ) + return -EPERM; + return 0; +} + +static XSM_INLINE int xsm_getvcpucontext(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_getvcpuinfo(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_domain_settime(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_set_target(struct domain *d, struct domain *e) +{ + return 0; +} + +static XSM_INLINE int xsm_domctl(struct domain *d, int cmd) +{ + return 0; +} + +static XSM_INLINE int xsm_set_virq_handler(struct domain *d, uint32_t virq) +{ + return 0; +} + +static XSM_INLINE int xsm_tbufcontrol(void) +{ + return 0; +} + +static XSM_INLINE int xsm_readconsole(uint32_t clear) +{ + return 0; +} + +static XSM_INLINE int xsm_sched_id(void) +{ + return 0; +} + +static XSM_INLINE int xsm_setdomainmaxmem(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_setdomainhandle(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_setdebugging(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_perfcontrol(void) +{ + return 0; +} + +static XSM_INLINE int xsm_debug_keys(void) +{ + return 0; +} + +static XSM_INLINE int xsm_getcpuinfo(void) +{ + return 0; +} + +static XSM_INLINE int xsm_get_pmstat(void) +{ + return 0; +} + +static XSM_INLINE int xsm_setpminfo(void) +{ + return 0; +} + +static XSM_INLINE int xsm_pm_op(void) +{ + return 0; +} + +static XSM_INLINE int xsm_do_mca(void) +{ + return 0; +} + +static XSM_INLINE int xsm_availheap(void) +{ + return 0; +} + +static XSM_INLINE int xsm_alloc_security_domain(struct domain *d) +{ + return 0; +} + +static XSM_INLINE void xsm_free_security_domain(struct domain *d) +{ + return; +} + +static XSM_INLINE int xsm_grant_mapref(struct domain *d1, struct domain *d2, + uint32_t flags) +{ + return 0; +} + +static XSM_INLINE int xsm_grant_unmapref(struct domain *d1, struct domain *d2) +{ + return 0; +} + +static XSM_INLINE int xsm_grant_setup(struct domain *d1, struct domain *d2) +{ + return 0; +} + +static XSM_INLINE int xsm_grant_transfer(struct domain *d1, struct domain *d2) +{ + return 0; +} + +static XSM_INLINE int xsm_grant_copy(struct domain *d1, struct domain *d2) +{ + return 0; +} + +static XSM_INLINE int xsm_grant_query_size(struct domain *d1, struct domain *d2) +{ + return 0; +} + +static XSM_INLINE int xsm_memory_adjust_reservation(struct domain *d1, + struct domain *d2) +{ + return 0; +} + +static XSM_INLINE int xsm_memory_stat_reservation(struct domain *d1, struct domain *d2) +{ + return 0; +} + +static XSM_INLINE int xsm_console_io(struct domain *d, int cmd) +{ + return 0; +} + +static XSM_INLINE int xsm_profile(struct domain *d, int op) +{ + return 0; +} + +static XSM_INLINE int xsm_kexec(void) +{ + return 0; +} + +static XSM_INLINE int xsm_schedop_shutdown(struct domain *d1, struct domain *d2) +{ + return 0; +} + +static XSM_INLINE int xsm_memory_pin_page(struct domain *d1, struct domain *d2, + struct page_info *page) +{ + return 0; +} + +static XSM_INLINE int xsm_evtchn_unbound(struct domain *d, struct evtchn *chn, + domid_t id2) +{ + return 0; +} + +static XSM_INLINE int xsm_evtchn_interdomain(struct domain *d1, struct evtchn + *chan1, struct domain *d2, struct evtchn *chan2) +{ + return 0; +} + +static XSM_INLINE void xsm_evtchn_close_post(struct evtchn *chn) +{ + return; +} + +static XSM_INLINE int xsm_evtchn_send(struct domain *d, struct evtchn *chn) +{ + return 0; +} + +static XSM_INLINE int xsm_evtchn_status(struct domain *d, struct evtchn *chn) +{ + return 0; +} + +static XSM_INLINE int xsm_evtchn_reset(struct domain *d1, struct domain *d2) +{ + return 0; +} + +static XSM_INLINE int xsm_alloc_security_evtchn(struct evtchn *chn) +{ + return 0; +} + +static XSM_INLINE void xsm_free_security_evtchn(struct evtchn *chn) +{ + return; +} + +static XSM_INLINE char *xsm_show_security_evtchn(struct domain *d, const struct evtchn *chn) +{ + return NULL; +} + +static XSM_INLINE int xsm_get_pod_target(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_set_pod_target(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_get_device_group(uint32_t machine_bdf) +{ + return 0; +} + +static XSM_INLINE int xsm_test_assign_device(uint32_t machine_bdf) +{ + return 0; +} + +static XSM_INLINE int xsm_assign_device(struct domain *d, uint32_t machine_bdf) +{ + return 0; +} + +static XSM_INLINE int xsm_deassign_device(struct domain *d, uint32_t machine_bdf) +{ + return 0; +} + +static XSM_INLINE int xsm_resource_plug_core(void) +{ + return 0; +} + +static XSM_INLINE int xsm_resource_unplug_core(void) +{ + return 0; +} + +static XSM_INLINE int xsm_resource_plug_pci(uint32_t machine_bdf) +{ + return 0; +} + +static XSM_INLINE int xsm_resource_unplug_pci(uint32_t machine_bdf) +{ + return 0; +} + +static XSM_INLINE int xsm_resource_setup_pci(uint32_t machine_bdf) +{ + return 0; +} + +static XSM_INLINE int xsm_resource_setup_gsi(int gsi) +{ + return 0; +} + +static XSM_INLINE int xsm_resource_setup_misc(void) +{ + return 0; +} + +static XSM_INLINE int xsm_page_offline(uint32_t cmd) +{ + return 0; +} + +static XSM_INLINE int xsm_lockprof(void) +{ + return 0; +} + +static XSM_INLINE int xsm_cpupool_op(void) +{ + return 0; +} + +static XSM_INLINE int xsm_sched_op(void) +{ + return 0; +} + +static XSM_INLINE long xsm_do_xsm_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) +{ + return -ENOSYS; +} + +static XSM_INLINE char *xsm_show_irq_sid(int irq) +{ + return NULL; +} + +static XSM_INLINE int xsm_map_domain_pirq(struct domain *d, int irq, void *data) +{ + return 0; +} + +static XSM_INLINE int xsm_irq_permission(struct domain *d, int pirq, uint8_t allow) +{ + return 0; +} + +static XSM_INLINE int xsm_iomem_permission(struct domain *d, uint64_t s, uint64_t e, uint8_t allow) +{ + return 0; +} + +static XSM_INLINE int xsm_pci_config_permission(struct domain *d, uint32_t machine_bdf, + uint16_t start, uint16_t end, + uint8_t access) +{ + return 0; +} + +#ifdef CONFIG_X86 +static XSM_INLINE int xsm_shadow_control(struct domain *d, uint32_t op) +{ + return 0; +} + +static XSM_INLINE int xsm_getpageframeinfo(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_getmemlist(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_hypercall_init(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_hvmcontext(struct domain *d, uint32_t cmd) +{ + return 0; +} + +static XSM_INLINE int xsm_address_size(struct domain *d, uint32_t cmd) +{ + return 0; +} + +static XSM_INLINE int xsm_machine_address_size(struct domain *d, uint32_t cmd) +{ + return 0; +} + +static XSM_INLINE int xsm_hvm_param(struct domain *d, unsigned long op) +{ + return 0; +} + +static XSM_INLINE int xsm_hvm_set_pci_intx_level(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_hvm_set_isa_irq_level(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_hvm_set_pci_link_route(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_hvm_inject_msi(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_mem_event(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_mem_sharing(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_apic(struct domain *d, int cmd) +{ + return 0; +} + +static XSM_INLINE int xsm_xen_settime(void) +{ + return 0; +} + +static XSM_INLINE int xsm_memtype(uint32_t access) +{ + return 0; +} + +static XSM_INLINE int xsm_microcode(void) +{ + return 0; +} + +static XSM_INLINE int xsm_physinfo(void) +{ + return 0; +} + +static XSM_INLINE int xsm_platform_quirk(uint32_t quirk) +{ + return 0; +} + +static XSM_INLINE int xsm_firmware_info(void) +{ + return 0; +} + +static XSM_INLINE int xsm_efi_call(void) +{ + return 0; +} + +static XSM_INLINE int xsm_acpi_sleep(void) +{ + return 0; +} + +static XSM_INLINE int xsm_change_freq(void) +{ + return 0; +} + +static XSM_INLINE int xsm_getidletime(void) +{ + return 0; +} + +static XSM_INLINE int xsm_machine_memory_map(void) +{ + return 0; +} + +static XSM_INLINE int xsm_domain_memory_map(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_mmu_normal_update(struct domain *d, struct domain *t, + struct domain *f, intpte_t fpte) +{ + return 0; +} + +static XSM_INLINE int xsm_mmu_machphys_update(struct domain *d, struct domain *f, + unsigned long mfn) +{ + return 0; +} + +static XSM_INLINE int xsm_update_va_mapping(struct domain *d, struct domain *f, + l1_pgentry_t pte) +{ + return 0; +} + +static XSM_INLINE int xsm_add_to_physmap(struct domain *d1, struct domain *d2) +{ + return 0; +} + +static XSM_INLINE int xsm_remove_from_physmap(struct domain *d1, struct domain *d2) +{ + return 0; +} + +static XSM_INLINE int xsm_sendtrigger(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_bind_pt_irq(struct domain *d, struct xen_domctl_bind_pt_irq *bind) +{ + return 0; +} + +static XSM_INLINE int xsm_unbind_pt_irq(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_pin_mem_cacheattr(struct domain *d) +{ + return 0; +} + +static XSM_INLINE int xsm_ext_vcpucontext(struct domain *d, uint32_t cmd) +{ + return 0; +} + +static XSM_INLINE int xsm_vcpuextstate(struct domain *d, uint32_t cmd) +{ + return 0; +} + +static XSM_INLINE int xsm_ioport_permission(struct domain *d, uint32_t s, uint32_t e, uint8_t allow) +{ + return 0; +} + +#endif diff -r d912bf7f6d22 -r 42b273995da0 xen/include/xsm/xsm.h --- a/xen/include/xsm/xsm.h Thu Jan 10 17:26:24 2013 +0000 +++ b/xen/include/xsm/xsm.h Thu Jan 10 17:27:58 2013 +0000 @@ -21,12 +21,6 @@ typedef void xsm_op_t; DEFINE_XEN_GUEST_HANDLE(xsm_op_t); -#ifdef XSM_ENABLE - #define xsm_call(fn) xsm_ops->fn -#else - #define xsm_call(fn) 0 -#endif - /* policy magic number (defined by XSM_MAGIC) */ typedef u32 xsm_magic_t; #ifndef XSM_MAGIC @@ -139,7 +133,7 @@ struct xsm_operations { int (*cpupool_op)(void); int (*sched_op)(void); - long (*__do_xsm_op) (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op); + long (*do_xsm_op) (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op); #ifdef CONFIG_X86 int (*shadow_control) (struct domain *d, uint32_t op); @@ -184,417 +178,608 @@ struct xsm_operations { #endif }; -#endif +extern struct xsm_operations *xsm_ops; -extern struct xsm_operations *xsm_ops; +#ifndef XSM_NO_WRAPPERS static inline void xsm_security_domaininfo (struct domain *d, struct xen_domctl_getdomaininfo *info) { - (void)xsm_call(security_domaininfo(d, info)); + xsm_ops->security_domaininfo(d, info); } static inline int xsm_setvcpucontext(struct domain *d) { - return xsm_call(setvcpucontext(d)); + return xsm_ops->setvcpucontext(d); } static inline int xsm_pausedomain (struct domain *d) { - return xsm_call(pausedomain(d)); + return xsm_ops->pausedomain(d); } static inline int xsm_unpausedomain (struct domain *d) { - return xsm_call(unpausedomain(d)); + return xsm_ops->unpausedomain(d); } static inline int xsm_resumedomain (struct domain *d) { - return xsm_call(resumedomain(d)); + return xsm_ops->resumedomain(d); } static inline int xsm_domain_create (struct domain *d, u32 ssidref) { - return xsm_call(domain_create(d, ssidref)); + return xsm_ops->domain_create(d, ssidref); } static inline int xsm_max_vcpus(struct domain *d) { - return xsm_call(max_vcpus(d)); + return xsm_ops->max_vcpus(d); } static inline int xsm_destroydomain (struct domain *d) { - return xsm_call(destroydomain(d)); + return xsm_ops->destroydomain(d); } static inline int xsm_vcpuaffinity (int cmd, struct domain *d) { - return xsm_call(vcpuaffinity(cmd, d)); + return xsm_ops->vcpuaffinity(cmd, d); } static inline int xsm_scheduler (struct domain *d) { - return xsm_call(scheduler(d)); + return xsm_ops->scheduler(d); } static inline int xsm_getdomaininfo (struct domain *d) { - return xsm_call(getdomaininfo(d)); + return xsm_ops->getdomaininfo(d); } static inline int xsm_getvcpucontext (struct domain *d) { - return xsm_call(getvcpucontext(d)); + return xsm_ops->getvcpucontext(d); } static inline int xsm_getvcpuinfo (struct domain *d) { - return xsm_call(getvcpuinfo(d)); + return xsm_ops->getvcpuinfo(d); } static inline int xsm_domain_settime (struct domain *d) { - return xsm_call(domain_settime(d)); + return xsm_ops->domain_settime(d); } static inline int xsm_set_target (struct domain *d, struct domain *e) { - return xsm_call(set_target(d, e)); + return xsm_ops->set_target(d, e); } static inline int xsm_domctl (struct domain *d, int cmd) { - return xsm_call(domctl(d, cmd)); + return xsm_ops->domctl(d, cmd); } static inline int xsm_set_virq_handler (struct domain *d, uint32_t virq) { - return xsm_call(set_virq_handler(d, virq)); + return xsm_ops->set_virq_handler(d, virq); } static inline int xsm_tbufcontrol (void) { - return xsm_call(tbufcontrol()); + return xsm_ops->tbufcontrol(); } static inline int xsm_readconsole (uint32_t clear) { - return xsm_call(readconsole(clear)); + return xsm_ops->readconsole(clear); } static inline int xsm_sched_id (void) { - return xsm_call(sched_id()); + return xsm_ops->sched_id(); } static inline int xsm_setdomainmaxmem (struct domain *d) { - return xsm_call(setdomainmaxmem(d)); + return xsm_ops->setdomainmaxmem(d); } static inline int xsm_setdomainhandle (struct domain *d) { - return xsm_call(setdomainhandle(d)); + return xsm_ops->setdomainhandle(d); } static inline int xsm_setdebugging (struct domain *d) { - return xsm_call(setdebugging(d)); + return xsm_ops->setdebugging(d); } static inline int xsm_perfcontrol (void) { - return xsm_call(perfcontrol()); + return xsm_ops->perfcontrol(); } static inline int xsm_debug_keys (void) { - return xsm_call(debug_keys()); + return xsm_ops->debug_keys(); } static inline int xsm_availheap (void) { - return xsm_call(availheap()); + return xsm_ops->availheap(); } static inline int xsm_getcpuinfo (void) { - return xsm_call(getcpuinfo()); + return xsm_ops->getcpuinfo(); } static inline int xsm_get_pmstat(void) { - return xsm_call(get_pmstat()); + return xsm_ops->get_pmstat(); } static inline int xsm_setpminfo(void) { - return xsm_call(setpminfo()); + return xsm_ops->setpminfo(); } static inline int xsm_pm_op(void) { - return xsm_call(pm_op()); + return xsm_ops->pm_op(); } static inline int xsm_do_mca(void) { - return xsm_call(do_mca()); + return xsm_ops->do_mca(); } static inline int xsm_evtchn_unbound (struct domain *d1, struct evtchn *chn, domid_t id2) { - return xsm_call(evtchn_unbound(d1, chn, id2)); + return xsm_ops->evtchn_unbound(d1, chn, id2); } static inline int xsm_evtchn_interdomain (struct domain *d1, struct evtchn *chan1, struct domain *d2, struct evtchn *chan2) { - return xsm_call(evtchn_interdomain(d1, chan1, d2, chan2)); + return xsm_ops->evtchn_interdomain(d1, chan1, d2, chan2); } static inline void xsm_evtchn_close_post (struct evtchn *chn) { - (void)xsm_call(evtchn_close_post(chn)); + xsm_ops->evtchn_close_post(chn); } static inline int xsm_evtchn_send (struct domain *d, struct evtchn *chn) { - return xsm_call(evtchn_send(d, chn)); + return xsm_ops->evtchn_send(d, chn); } static inline int xsm_evtchn_status (struct domain *d, struct evtchn *chn) { - return xsm_call(evtchn_status(d, chn)); + return xsm_ops->evtchn_status(d, chn); } static inline int xsm_evtchn_reset (struct domain *d1, struct domain *d2) { - return xsm_call(evtchn_reset(d1, d2)); + return xsm_ops->evtchn_reset(d1, d2); } static inline int xsm_grant_mapref (struct domain *d1, struct domain *d2, uint32_t flags) { - return xsm_call(grant_mapref(d1, d2, flags)); + return xsm_ops->grant_mapref(d1, d2, flags); } static inline int xsm_grant_unmapref (struct domain *d1, struct domain *d2) { - return xsm_call(grant_unmapref(d1, d2)); + return xsm_ops->grant_unmapref(d1, d2); } static inline int xsm_grant_setup (struct domain *d1, struct domain *d2) { - return xsm_call(grant_setup(d1, d2)); + return xsm_ops->grant_setup(d1, d2); } static inline int xsm_grant_transfer (struct domain *d1, struct domain *d2) { - return xsm_call(grant_transfer(d1, d2)); + return xsm_ops->grant_transfer(d1, d2); } static inline int xsm_grant_copy (struct domain *d1, struct domain *d2) { - return xsm_call(grant_copy(d1, d2)); + return xsm_ops->grant_copy(d1, d2); } static inline int xsm_grant_query_size (struct domain *d1, struct domain *d2) { - return xsm_call(grant_query_size(d1, d2)); + return xsm_ops->grant_query_size(d1, d2); } static inline int xsm_alloc_security_domain (struct domain *d) { - return xsm_call(alloc_security_domain(d)); + return xsm_ops->alloc_security_domain(d); } static inline void xsm_free_security_domain (struct domain *d) { - (void)xsm_call(free_security_domain(d)); + xsm_ops->free_security_domain(d); } static inline int xsm_alloc_security_evtchn (struct evtchn *chn) { - return xsm_call(alloc_security_evtchn(chn)); + return xsm_ops->alloc_security_evtchn(chn); } static inline void xsm_free_security_evtchn (struct evtchn *chn) { - (void)xsm_call(free_security_evtchn(chn)); + (void)xsm_ops->free_security_evtchn(chn); } static inline char *xsm_show_security_evtchn (struct domain *d, const struct evtchn *chn) { - return xsm_call(show_security_evtchn(d, chn)); + return xsm_ops->show_security_evtchn(d, chn); } static inline int xsm_get_pod_target (struct domain *d) { - return xsm_call(get_pod_target(d)); + return xsm_ops->get_pod_target(d); } static inline int xsm_set_pod_target (struct domain *d) { - return xsm_call(set_pod_target(d)); + return xsm_ops->set_pod_target(d); } static inline int xsm_memory_adjust_reservation (struct domain *d1, struct domain *d2) { - return xsm_call(memory_adjust_reservation(d1, d2)); + return xsm_ops->memory_adjust_reservation(d1, d2); } static inline int xsm_memory_stat_reservation (struct domain *d1, struct domain *d2) { - return xsm_call(memory_stat_reservation(d1, d2)); + return xsm_ops->memory_stat_reservation(d1, d2); } static inline int xsm_memory_pin_page(struct domain *d1, struct domain *d2, struct page_info *page) { - return xsm_call(memory_pin_page(d1, d2, page)); + return xsm_ops->memory_pin_page(d1, d2, page); } static inline int xsm_remove_from_physmap(struct domain *d1, struct domain *d2) { - return xsm_call(remove_from_physmap(d1, d2)); + return xsm_ops->remove_from_physmap(d1, d2); } static inline int xsm_console_io (struct domain *d, int cmd) { - return xsm_call(console_io(d, cmd)); + return xsm_ops->console_io(d, cmd); } static inline int xsm_profile (struct domain *d, int op) { - return xsm_call(profile(d, op)); + return xsm_ops->profile(d, op); } static inline int xsm_kexec (void) { - return xsm_call(kexec()); + return xsm_ops->kexec(); } static inline int xsm_schedop_shutdown (struct domain *d1, struct domain *d2) { - return xsm_call(schedop_shutdown(d1, d2)); + return xsm_ops->schedop_shutdown(d1, d2); } static inline char *xsm_show_irq_sid (int irq) { - return xsm_call(show_irq_sid(irq)); + return xsm_ops->show_irq_sid(irq); } static inline int xsm_map_domain_pirq (struct domain *d, int irq, void *data) { - return xsm_call(map_domain_pirq(d, irq, data)); + return xsm_ops->map_domain_pirq(d, irq, data); } static inline int xsm_irq_permission (struct domain *d, int pirq, uint8_t allow) { - return xsm_call(irq_permission(d, pirq, allow)); + return xsm_ops->irq_permission(d, pirq, allow); } static inline int xsm_iomem_permission (struct domain *d, uint64_t s, uint64_t e, uint8_t allow) { - return xsm_call(iomem_permission(d, s, e, allow)); + return xsm_ops->iomem_permission(d, s, e, allow); } static inline int xsm_pci_config_permission (struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access) { - return xsm_call(pci_config_permission(d, machine_bdf, start, end, access)); + return xsm_ops->pci_config_permission(d, machine_bdf, start, end, access); } static inline int xsm_get_device_group(uint32_t machine_bdf) { - return xsm_call(get_device_group(machine_bdf)); + return xsm_ops->get_device_group(machine_bdf); } static inline int xsm_test_assign_device(uint32_t machine_bdf) { - return xsm_call(test_assign_device(machine_bdf)); + return xsm_ops->test_assign_device(machine_bdf); } static inline int xsm_assign_device(struct domain *d, uint32_t machine_bdf) { - return xsm_call(assign_device(d, machine_bdf)); + return xsm_ops->assign_device(d, machine_bdf); } static inline int xsm_deassign_device(struct domain *d, uint32_t machine_bdf) { - return xsm_call(deassign_device(d, machine_bdf)); + return xsm_ops->deassign_device(d, machine_bdf); } static inline int xsm_resource_plug_pci (uint32_t machine_bdf) { - return xsm_call(resource_plug_pci(machine_bdf)); + return xsm_ops->resource_plug_pci(machine_bdf); } static inline int xsm_resource_unplug_pci (uint32_t machine_bdf) { - return xsm_call(resource_unplug_pci(machine_bdf)); + return xsm_ops->resource_unplug_pci(machine_bdf); } static inline int xsm_resource_plug_core (void) { - return xsm_call(resource_plug_core()); + return xsm_ops->resource_plug_core(); } static inline int xsm_resource_unplug_core (void) { - return xsm_call(resource_unplug_core()); + return xsm_ops->resource_unplug_core(); } static inline int xsm_resource_setup_pci (uint32_t machine_bdf) { - return xsm_call(resource_setup_pci(machine_bdf)); + return xsm_ops->resource_setup_pci(machine_bdf); } static inline int xsm_resource_setup_gsi (int gsi) { - return xsm_call(resource_setup_gsi(gsi)); + return xsm_ops->resource_setup_gsi(gsi); } static inline int xsm_resource_setup_misc (void) { - return xsm_call(resource_setup_misc()); + return xsm_ops->resource_setup_misc(); } static inline int xsm_page_offline(uint32_t cmd) { - return xsm_call(page_offline(cmd)); + return xsm_ops->page_offline(cmd); } static inline int xsm_lockprof(void) { - return xsm_call(lockprof()); + return xsm_ops->lockprof(); } static inline int xsm_cpupool_op(void) { - return xsm_call(cpupool_op()); + return xsm_ops->cpupool_op(); } static inline int xsm_sched_op(void) { - return xsm_call(sched_op()); + return xsm_ops->sched_op(); } -static inline long __do_xsm_op (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) +static inline long xsm_do_xsm_op (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) { -#ifdef XSM_ENABLE - return xsm_ops->__do_xsm_op(op); -#else - return -ENOSYS; -#endif + return xsm_ops->do_xsm_op(op); } -#ifdef XSM_ENABLE +#ifdef CONFIG_X86 +static inline int xsm_shadow_control (struct domain *d, uint32_t op) +{ + return xsm_ops->shadow_control(d, op); +} + +static inline int xsm_getpageframeinfo (struct domain *d) +{ + return xsm_ops->getpageframeinfo(d); +} + +static inline int xsm_getmemlist (struct domain *d) +{ + return xsm_ops->getmemlist(d); +} + +static inline int xsm_hypercall_init (struct domain *d) +{ + return xsm_ops->hypercall_init(d); +} + +static inline int xsm_hvmcontext (struct domain *d, uint32_t cmd) +{ + return xsm_ops->hvmcontext(d, cmd); +} + +static inline int xsm_address_size (struct domain *d, uint32_t cmd) +{ + return xsm_ops->address_size(d, cmd); +} + +static inline int xsm_machine_address_size (struct domain *d, uint32_t cmd) +{ + return xsm_ops->machine_address_size(d, cmd); +} + +static inline int xsm_hvm_param (struct domain *d, unsigned long op) +{ + return xsm_ops->hvm_param(d, op); +} + +static inline int xsm_hvm_set_pci_intx_level (struct domain *d) +{ + return xsm_ops->hvm_set_pci_intx_level(d); +} + +static inline int xsm_hvm_set_isa_irq_level (struct domain *d) +{ + return xsm_ops->hvm_set_isa_irq_level(d); +} + +static inline int xsm_hvm_set_pci_link_route (struct domain *d) +{ + return xsm_ops->hvm_set_pci_link_route(d); +} + +static inline int xsm_hvm_inject_msi (struct domain *d) +{ + return xsm_ops->hvm_inject_msi(d); +} + +static inline int xsm_mem_event (struct domain *d) +{ + return xsm_ops->mem_event(d); +} + +static inline int xsm_mem_sharing (struct domain *d) +{ + return xsm_ops->mem_sharing(d); +} + +static inline int xsm_apic (struct domain *d, int cmd) +{ + return xsm_ops->apic(d, cmd); +} + +static inline int xsm_xen_settime (void) +{ + return xsm_ops->xen_settime(); +} + +static inline int xsm_memtype (uint32_t access) +{ + return xsm_ops->memtype(access); +} + +static inline int xsm_microcode (void) +{ + return xsm_ops->microcode(); +} + +static inline int xsm_physinfo (void) +{ + return xsm_ops->physinfo(); +} + +static inline int xsm_platform_quirk (uint32_t quirk) +{ + return xsm_ops->platform_quirk(quirk); +} + +static inline int xsm_firmware_info (void) +{ + return xsm_ops->firmware_info(); +} + +static inline int xsm_efi_call (void) +{ + return xsm_ops->efi_call(); +} + +static inline int xsm_acpi_sleep (void) +{ + return xsm_ops->acpi_sleep(); +} + +static inline int xsm_change_freq (void) +{ + return xsm_ops->change_freq(); +} + +static inline int xsm_getidletime (void) +{ + return xsm_ops->getidletime(); +} + +static inline int xsm_machine_memory_map(void) +{ + return xsm_ops->machine_memory_map(); +} + +static inline int xsm_domain_memory_map(struct domain *d) +{ + return xsm_ops->domain_memory_map(d); +} + +static inline int xsm_mmu_normal_update (struct domain *d, struct domain *t, + struct domain *f, intpte_t fpte) +{ + return xsm_ops->mmu_normal_update(d, t, f, fpte); +} + +static inline int xsm_mmu_machphys_update (struct domain *d1, struct domain *d2, + unsigned long mfn) +{ + return xsm_ops->mmu_machphys_update(d1, d2, mfn); +} + +static inline int xsm_update_va_mapping(struct domain *d, struct domain *f, + l1_pgentry_t pte) +{ + return xsm_ops->update_va_mapping(d, f, pte); +} + +static inline int xsm_add_to_physmap(struct domain *d1, struct domain *d2) +{ + return xsm_ops->add_to_physmap(d1, d2); +} + +static inline int xsm_sendtrigger(struct domain *d) +{ + return xsm_ops->sendtrigger(d); +} + +static inline int xsm_bind_pt_irq(struct domain *d, + struct xen_domctl_bind_pt_irq *bind) +{ + return xsm_ops->bind_pt_irq(d, bind); +} + +static inline int xsm_unbind_pt_irq(struct domain *d) +{ + return xsm_ops->unbind_pt_irq(d); +} + +static inline int xsm_pin_mem_cacheattr(struct domain *d) +{ + return xsm_ops->pin_mem_cacheattr(d); +} + +static inline int xsm_ext_vcpucontext(struct domain *d, uint32_t cmd) +{ + return xsm_ops->ext_vcpucontext(d, cmd); +} +static inline int xsm_vcpuextstate(struct domain *d, uint32_t cmd) +{ + return xsm_ops->vcpuextstate(d, cmd); +} + +static inline int xsm_ioport_permission (struct domain *d, uint32_t s, uint32_t e, uint8_t allow) +{ + return xsm_ops->ioport_permission(d, s, e, allow); +} +#endif /* CONFIG_X86 */ +#endif /* XSM_NO_WRAPPERS */ + extern int xsm_init(unsigned long *module_map, const multiboot_info_t *mbi, void *(*bootstrap_map)(const module_t *)); extern int xsm_policy_init(unsigned long *module_map, @@ -602,211 +787,21 @@ extern int xsm_policy_init(unsigned long void *(*bootstrap_map)(const module_t *)); extern int register_xsm(struct xsm_operations *ops); extern int unregister_xsm(struct xsm_operations *ops); -#else + +extern struct xsm_operations dummy_xsm_ops; +extern void xsm_fixup_ops(struct xsm_operations *ops); + +#else /* XSM_ENABLE */ + +#define XSM_INLINE inline +#include + static inline int xsm_init (unsigned long *module_map, const multiboot_info_t *mbi, void *(*bootstrap_map)(const module_t *)) { return 0; } -#endif - -#ifdef CONFIG_X86 -static inline int xsm_shadow_control (struct domain *d, uint32_t op) -{ - return xsm_call(shadow_control(d, op)); -} - -static inline int xsm_getpageframeinfo (struct domain *d) -{ - return xsm_call(getpageframeinfo(d)); -} - -static inline int xsm_getmemlist (struct domain *d) -{ - return xsm_call(getmemlist(d)); -} - -static inline int xsm_hypercall_init (struct domain *d) -{ - return xsm_call(hypercall_init(d)); -} - -static inline int xsm_hvmcontext (struct domain *d, uint32_t cmd) -{ - return xsm_call(hvmcontext(d, cmd)); -} - -static inline int xsm_address_size (struct domain *d, uint32_t cmd) -{ - return xsm_call(address_size(d, cmd)); -} - -static inline int xsm_machine_address_size (struct domain *d, uint32_t cmd) -{ - return xsm_call(machine_address_size(d, cmd)); -} - -static inline int xsm_hvm_param (struct domain *d, unsigned long op) -{ - return xsm_call(hvm_param(d, op)); -} - -static inline int xsm_hvm_set_pci_intx_level (struct domain *d) -{ - return xsm_call(hvm_set_pci_intx_level(d)); -} - -static inline int xsm_hvm_set_isa_irq_level (struct domain *d) -{ - return xsm_call(hvm_set_isa_irq_level(d)); -} - -static inline int xsm_hvm_set_pci_link_route (struct domain *d) -{ - return xsm_call(hvm_set_pci_link_route(d)); -} - -static inline int xsm_hvm_inject_msi (struct domain *d) -{ - return xsm_call(hvm_inject_msi(d)); -} - -static inline int xsm_mem_event (struct domain *d) -{ - return xsm_call(mem_event(d)); -} - -static inline int xsm_mem_sharing (struct domain *d) -{ - return xsm_call(mem_sharing(d)); -} - -static inline int xsm_apic (struct domain *d, int cmd) -{ - return xsm_call(apic(d, cmd)); -} - -static inline int xsm_xen_settime (void) -{ - return xsm_call(xen_settime()); -} - -static inline int xsm_memtype (uint32_t access) -{ - return xsm_call(memtype(access)); -} - -static inline int xsm_microcode (void) -{ - return xsm_call(microcode()); -} - -static inline int xsm_physinfo (void) -{ - return xsm_call(physinfo()); -} - -static inline int xsm_platform_quirk (uint32_t quirk) -{ - return xsm_call(platform_quirk(quirk)); -} - -static inline int xsm_firmware_info (void) -{ - return xsm_call(firmware_info()); -} - -static inline int xsm_efi_call (void) -{ - return xsm_call(efi_call()); -} - -static inline int xsm_acpi_sleep (void) -{ - return xsm_call(acpi_sleep()); -} - -static inline int xsm_change_freq (void) -{ - return xsm_call(change_freq()); -} - -static inline int xsm_getidletime (void) -{ - return xsm_call(getidletime()); -} - -static inline int xsm_machine_memory_map(void) -{ - return xsm_call(machine_memory_map()); -} - -static inline int xsm_domain_memory_map(struct domain *d) -{ - return xsm_call(domain_memory_map(d)); -} - -static inline int xsm_mmu_normal_update (struct domain *d, struct domain *t, - struct domain *f, intpte_t fpte) -{ - return xsm_call(mmu_normal_update(d, t, f, fpte)); -} - -static inline int xsm_mmu_machphys_update (struct domain *d1, struct domain *d2, - unsigned long mfn) -{ - return xsm_call(mmu_machphys_update(d1, d2, mfn)); -} - -static inline int xsm_update_va_mapping(struct domain *d, struct domain *f, - l1_pgentry_t pte) -{ - return xsm_call(update_va_mapping(d, f, pte)); -} - -static inline int xsm_add_to_physmap(struct domain *d1, struct domain *d2) -{ - return xsm_call(add_to_physmap(d1, d2)); -} - -static inline int xsm_sendtrigger(struct domain *d) -{ - return xsm_call(sendtrigger(d)); -} - -static inline int xsm_bind_pt_irq(struct domain *d, - struct xen_domctl_bind_pt_irq *bind) -{ - return xsm_call(bind_pt_irq(d, bind)); -} - -static inline int xsm_unbind_pt_irq(struct domain *d) -{ - return xsm_call(unbind_pt_irq(d)); -} - -static inline int xsm_pin_mem_cacheattr(struct domain *d) -{ - return xsm_call(pin_mem_cacheattr(d)); -} - -static inline int xsm_ext_vcpucontext(struct domain *d, uint32_t cmd) -{ - return xsm_call(ext_vcpucontext(d, cmd)); -} -static inline int xsm_vcpuextstate(struct domain *d, uint32_t cmd) -{ - return xsm_call(vcpuextstate(d, cmd)); -} - -static inline int xsm_ioport_permission (struct domain *d, uint32_t s, uint32_t e, uint8_t allow) -{ - return xsm_call(ioport_permission(d, s, e, allow)); -} -#endif /* CONFIG_X86 */ - -extern struct xsm_operations dummy_xsm_ops; -extern void xsm_fixup_ops(struct xsm_operations *ops); +#endif /* XSM_ENABLE */ #endif /* __XSM_H */ diff -r d912bf7f6d22 -r 42b273995da0 xen/xsm/dummy.c --- a/xen/xsm/dummy.c Thu Jan 10 17:26:24 2013 +0000 +++ b/xen/xsm/dummy.c Thu Jan 10 17:27:58 2013 +0000 @@ -10,606 +10,9 @@ * as published by the Free Software Foundation. */ -#include -#include - -static void dummy_security_domaininfo(struct domain *d, - struct xen_domctl_getdomaininfo *info) -{ - return; -} - -static int dummy_setvcpucontext(struct domain *d) -{ - return 0; -} - -static int dummy_pausedomain (struct domain *d) -{ - return 0; -} - -static int dummy_unpausedomain (struct domain *d) -{ - return 0; -} - -static int dummy_resumedomain (struct domain *d) -{ - return 0; -} - -static int dummy_domain_create(struct domain *d, u32 ssidref) -{ - return 0; -} - -static int dummy_max_vcpus(struct domain *d) -{ - return 0; -} - -static int dummy_destroydomain (struct domain *d) -{ - return 0; -} - -static int dummy_vcpuaffinity (int cmd, struct domain *d) -{ - return 0; -} - -static int dummy_scheduler (struct domain *d) -{ - return 0; -} - -static int dummy_getdomaininfo (struct domain *d) -{ - if ( !IS_PRIV(current->domain) ) - return -EPERM; - return 0; -} - -static int dummy_getvcpucontext (struct domain *d) -{ - return 0; -} - -static int dummy_getvcpuinfo (struct domain *d) -{ - return 0; -} - -static int dummy_domain_settime (struct domain *d) -{ - return 0; -} - -static int dummy_set_target (struct domain *d, struct domain *e) -{ - return 0; -} - -static int dummy_domctl(struct domain *d, int cmd) -{ - return 0; -} - -static int dummy_set_virq_handler(struct domain *d, uint32_t virq) -{ - return 0; -} - -static int dummy_tbufcontrol (void) -{ - return 0; -} - -static int dummy_readconsole (uint32_t clear) -{ - return 0; -} - -static int dummy_sched_id (void) -{ - return 0; -} - -static int dummy_setdomainmaxmem (struct domain *d) -{ - return 0; -} - -static int dummy_setdomainhandle (struct domain *d) -{ - return 0; -} - -static int dummy_setdebugging (struct domain *d) -{ - return 0; -} - -static int dummy_perfcontrol (void) -{ - return 0; -} - -static int dummy_debug_keys (void) -{ - return 0; -} - -static int dummy_getcpuinfo (void) -{ - return 0; -} - -static int dummy_get_pmstat (void) -{ - return 0; -} - -static int dummy_setpminfo (void) -{ - return 0; -} - -static int dummy_pm_op (void) -{ - return 0; -} - -static int dummy_do_mca (void) -{ - return 0; -} - -static int dummy_availheap (void) -{ - return 0; -} - -static int dummy_alloc_security_domain (struct domain *d) -{ - return 0; -} - -static void dummy_free_security_domain (struct domain *d) -{ - return; -} - -static int dummy_grant_mapref (struct domain *d1, struct domain *d2, - uint32_t flags) -{ - return 0; -} - -static int dummy_grant_unmapref (struct domain *d1, struct domain *d2) -{ - return 0; -} - -static int dummy_grant_setup (struct domain *d1, struct domain *d2) -{ - return 0; -} - -static int dummy_grant_transfer (struct domain *d1, struct domain *d2) -{ - return 0; -} - -static int dummy_grant_copy (struct domain *d1, struct domain *d2) -{ - return 0; -} - -static int dummy_grant_query_size (struct domain *d1, struct domain *d2) -{ - return 0; -} - -static int dummy_memory_adjust_reservation (struct domain *d1, - struct domain *d2) -{ - return 0; -} - -static int dummy_memory_stat_reservation (struct domain *d1, struct domain *d2) -{ - return 0; -} - -static int dummy_console_io (struct domain *d, int cmd) -{ - return 0; -} - -static int dummy_profile (struct domain *d, int op) -{ - return 0; -} - -static int dummy_kexec (void) -{ - return 0; -} - -static int dummy_schedop_shutdown (struct domain *d1, struct domain *d2) -{ - return 0; -} - -static int dummy_memory_pin_page(struct domain *d1, struct domain *d2, struct page_info *page) -{ - return 0; -} - -static int dummy_evtchn_unbound (struct domain *d, struct evtchn *chn, - domid_t id2) -{ - return 0; -} - -static int dummy_evtchn_interdomain (struct domain *d1, struct evtchn - *chan1, struct domain *d2, struct evtchn *chan2) -{ - return 0; -} - -static void dummy_evtchn_close_post (struct evtchn *chn) -{ - return; -} - -static int dummy_evtchn_send (struct domain *d, struct evtchn *chn) -{ - return 0; -} - -static int dummy_evtchn_status (struct domain *d, struct evtchn *chn) -{ - return 0; -} - -static int dummy_evtchn_reset (struct domain *d1, struct domain *d2) -{ - return 0; -} - -static int dummy_alloc_security_evtchn (struct evtchn *chn) -{ - return 0; -} - -static void dummy_free_security_evtchn (struct evtchn *chn) -{ - return; -} - -static char *dummy_show_security_evtchn (struct domain *d, const struct evtchn *chn) -{ - return NULL; -} - -static int dummy_get_pod_target(struct domain *d) -{ - return 0; -} - -static int dummy_set_pod_target(struct domain *d) -{ - return 0; -} - -static int dummy_get_device_group (uint32_t machine_bdf) -{ - return 0; -} - -static int dummy_test_assign_device (uint32_t machine_bdf) -{ - return 0; -} - -static int dummy_assign_device (struct domain *d, uint32_t machine_bdf) -{ - return 0; -} - -static int dummy_deassign_device (struct domain *d, uint32_t machine_bdf) -{ - return 0; -} - -static int dummy_resource_plug_core (void) -{ - return 0; -} - -static int dummy_resource_unplug_core (void) -{ - return 0; -} - -static int dummy_resource_plug_pci (uint32_t machine_bdf) -{ - return 0; -} - -static int dummy_resource_unplug_pci (uint32_t machine_bdf) -{ - return 0; -} - -static int dummy_resource_setup_pci (uint32_t machine_bdf) -{ - return 0; -} - -static int dummy_resource_setup_gsi (int gsi) -{ - return 0; -} - -static int dummy_resource_setup_misc (void) -{ - return 0; -} - -static int dummy_page_offline (uint32_t cmd) -{ - return 0; -} - -static int dummy_lockprof (void) -{ - return 0; -} - -static int dummy_cpupool_op (void) -{ - return 0; -} - -static int dummy_sched_op (void) -{ - return 0; -} - -static long dummy___do_xsm_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) -{ - return -ENOSYS; -} - -static char *dummy_show_irq_sid (int irq) -{ - return NULL; -} - -static int dummy_map_domain_pirq (struct domain *d, int irq, void *data) -{ - return 0; -} - -static int dummy_irq_permission (struct domain *d, int pirq, uint8_t allow) -{ - return 0; -} - -static int dummy_iomem_permission (struct domain *d, uint64_t s, uint64_t e, uint8_t allow) -{ - return 0; -} - -static int dummy_pci_config_permission (struct domain *d, uint32_t machine_bdf, - uint16_t start, uint16_t end, - uint8_t access) -{ - return 0; -} - -#ifdef CONFIG_X86 -static int dummy_shadow_control (struct domain *d, uint32_t op) -{ - return 0; -} - -static int dummy_getpageframeinfo (struct domain *d) -{ - return 0; -} - -static int dummy_getmemlist (struct domain *d) -{ - return 0; -} - -static int dummy_hypercall_init (struct domain *d) -{ - return 0; -} - -static int dummy_hvmcontext (struct domain *d, uint32_t cmd) -{ - return 0; -} - -static int dummy_address_size (struct domain *d, uint32_t cmd) -{ - return 0; -} - -static int dummy_machine_address_size (struct domain *d, uint32_t cmd) -{ - return 0; -} - -static int dummy_hvm_param (struct domain *d, unsigned long op) -{ - return 0; -} - -static int dummy_hvm_set_pci_intx_level (struct domain *d) -{ - return 0; -} - -static int dummy_hvm_set_isa_irq_level (struct domain *d) -{ - return 0; -} - -static int dummy_hvm_set_pci_link_route (struct domain *d) -{ - return 0; -} - -static int dummy_hvm_inject_msi (struct domain *d) -{ - return 0; -} - -static int dummy_mem_event (struct domain *d) -{ - return 0; -} - -static int dummy_mem_sharing (struct domain *d) -{ - return 0; -} - -static int dummy_apic (struct domain *d, int cmd) -{ - return 0; -} - -static int dummy_xen_settime (void) -{ - return 0; -} - -static int dummy_memtype (uint32_t access) -{ - return 0; -} - -static int dummy_microcode (void) -{ - return 0; -} - -static int dummy_physinfo (void) -{ - return 0; -} - -static int dummy_platform_quirk (uint32_t quirk) -{ - return 0; -} - -static int dummy_firmware_info (void) -{ - return 0; -} - -static int dummy_efi_call(void) -{ - return 0; -} - -static int dummy_acpi_sleep (void) -{ - return 0; -} - -static int dummy_change_freq (void) -{ - return 0; -} - -static int dummy_getidletime (void) -{ - return 0; -} - -static int dummy_machine_memory_map (void) -{ - return 0; -} - -static int dummy_domain_memory_map (struct domain *d) -{ - return 0; -} - -static int dummy_mmu_normal_update (struct domain *d, struct domain *t, - struct domain *f, intpte_t fpte) -{ - return 0; -} - -static int dummy_mmu_machphys_update (struct domain *d, struct domain *f, unsigned long mfn) -{ - return 0; -} - -static int dummy_update_va_mapping (struct domain *d, struct domain *f, - l1_pgentry_t pte) -{ - return 0; -} - -static int dummy_add_to_physmap (struct domain *d1, struct domain *d2) -{ - return 0; -} - -static int dummy_remove_from_physmap (struct domain *d1, struct domain *d2) -{ - return 0; -} - -static int dummy_sendtrigger (struct domain *d) -{ - return 0; -} - -static int dummy_bind_pt_irq (struct domain *d, struct xen_domctl_bind_pt_irq *bind) -{ - return 0; -} - -static int dummy_unbind_pt_irq (struct domain *d) -{ - return 0; -} - -static int dummy_pin_mem_cacheattr (struct domain *d) -{ - return 0; -} - -static int dummy_ext_vcpucontext (struct domain *d, uint32_t cmd) -{ - return 0; -} - -static int dummy_vcpuextstate (struct domain *d, uint32_t cmd) -{ - return 0; -} - -static int dummy_ioport_permission (struct domain *d, uint32_t s, uint32_t e, uint8_t allow) -{ - return 0; -} -#endif +#define XSM_NO_WRAPPERS +#define XSM_INLINE /* */ +#include struct xsm_operations dummy_xsm_ops; @@ -617,7 +20,7 @@ struct xsm_operations dummy_xsm_ops; do { \ if ( !ops->function ) \ { \ - ops->function = dummy_##function; \ + ops->function = xsm_##function; \ if (ops != &dummy_xsm_ops) \ dprintk(XENLOG_DEBUG, "Had to override the " #function \ " security operation with the dummy one.\n"); \ @@ -715,7 +118,7 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, cpupool_op); set_to_dummy_if_null(ops, sched_op); - set_to_dummy_if_null(ops, __do_xsm_op); + set_to_dummy_if_null(ops, do_xsm_op); #ifdef CONFIG_X86 set_to_dummy_if_null(ops, shadow_control); diff -r d912bf7f6d22 -r 42b273995da0 xen/xsm/flask/hooks.c --- a/xen/xsm/flask/hooks.c Thu Jan 10 17:26:24 2013 +0000 +++ b/xen/xsm/flask/hooks.c Thu Jan 10 17:27:58 2013 +0000 @@ -1550,7 +1550,7 @@ static struct xsm_operations flask_ops = .cpupool_op = flask_cpupool_op, .sched_op = flask_sched_op, - .__do_xsm_op = do_flask_op, + .do_xsm_op = do_flask_op, #ifdef CONFIG_X86 .shadow_control = flask_shadow_control, diff -r d912bf7f6d22 -r 42b273995da0 xen/xsm/xsm_core.c --- a/xen/xsm/xsm_core.c Thu Jan 10 17:26:24 2013 +0000 +++ b/xen/xsm/xsm_core.c Thu Jan 10 17:27:58 2013 +0000 @@ -113,7 +113,7 @@ int unregister_xsm(struct xsm_operations long do_xsm_op (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) { - return __do_xsm_op(op); + return xsm_do_xsm_op(op); } _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 11 03:33:50 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 11 Jan 2013 03:33:50 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVNM-0004p8-Gi; Fri, 11 Jan 2013 03:33:48 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVNL-0004op-PR for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:48 +0000 Received: from [85.158.143.35:3546] by server-2.bemta-4.messagelabs.com id F4/BC-24322-B188FE05; Fri, 11 Jan 2013 03:33:47 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-12.tower-21.messagelabs.com!1357875194!12430552!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 28867 invoked from network); 11 Jan 2013 03:33:18 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-12.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 11 Jan 2013 03:33:18 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMo-0008Nf-58 for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:14 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TtVMn-00023C-RA for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:13 +0000 Message-Id: Date: Fri, 11 Jan 2013 03:33:13 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] arch/x86: add distinct XSM hooks for map/unmap X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357839130 0 # Node ID 35a0556a7f76c9a6f616cfc9d5a82dccfe36b994 # Parent 68e8cfca220f1d4dfcc1c74c8c117a0567490c14 arch/x86: add distinct XSM hooks for map/unmap The xsm_iomem_permission and xsm_ioport_permission hooks are intended to be called by the domain builder, while the calls in arch/x86/domctl.c which control mapping are also performed by the device model. Because these operations require distinct access control policies, they cannot use the same XSM hooks. This also adds a missing XSM hook in the unbind IRQ domctl. Signed-off-by: Daniel De Graaf Acked-by: Jan Beulich Committed-by: Keir Fraser --- diff -r 68e8cfca220f -r 35a0556a7f76 xen/arch/x86/domctl.c --- a/xen/arch/x86/domctl.c Thu Jan 10 17:30:47 2013 +0000 +++ b/xen/arch/x86/domctl.c Thu Jan 10 17:32:10 2013 +0000 @@ -656,6 +656,10 @@ long arch_do_domctl( !irq_access_permitted(current->domain, bind->machine_irq) ) break; + ret = xsm_unbind_pt_irq(d, bind); + if ( ret ) + break; + if ( iommu_enabled ) { spin_lock(&pcidevs_lock); @@ -687,7 +691,7 @@ long arch_do_domctl( !iomem_access_permitted(current->domain, mfn, mfn + nr_mfns - 1) ) break; - ret = xsm_iomem_permission(d, mfn, mfn + nr_mfns - 1, add); + ret = xsm_iomem_mapping(d, mfn, mfn + nr_mfns - 1, add); if ( ret ) break; @@ -765,7 +769,7 @@ long arch_do_domctl( !ioports_access_permitted(current->domain, fmp, fmp + np - 1) ) break; - ret = xsm_ioport_permission(d, fmp, fmp + np - 1, add); + ret = xsm_ioport_mapping(d, fmp, fmp + np - 1, add); if ( ret ) break; diff -r 68e8cfca220f -r 35a0556a7f76 xen/arch/x86/physdev.c --- a/xen/arch/x86/physdev.c Thu Jan 10 17:30:47 2013 +0000 +++ b/xen/arch/x86/physdev.c Thu Jan 10 17:32:10 2013 +0000 @@ -242,7 +242,7 @@ int physdev_unmap_pirq(domid_t domid, in if ( !IS_PRIV_FOR(current->domain, d) ) goto free_domain; - ret = xsm_irq_permission(d, domain_pirq_to_irq(d, pirq), 0); + ret = xsm_unmap_domain_pirq(d, domain_pirq_to_irq(d, pirq)); if ( ret ) goto free_domain; diff -r 68e8cfca220f -r 35a0556a7f76 xen/include/xsm/dummy.h --- a/xen/include/xsm/dummy.h Thu Jan 10 17:30:47 2013 +0000 +++ b/xen/include/xsm/dummy.h Thu Jan 10 17:32:10 2013 +0000 @@ -394,6 +394,11 @@ static XSM_INLINE int xsm_map_domain_pir return 0; } +static XSM_INLINE int xsm_unmap_domain_pirq(struct domain *d, int irq) +{ + return 0; +} + static XSM_INLINE int xsm_irq_permission(struct domain *d, int pirq, uint8_t allow) { return 0; @@ -404,6 +409,11 @@ static XSM_INLINE int xsm_iomem_permissi return 0; } +static XSM_INLINE int xsm_iomem_mapping(struct domain *d, uint64_t s, uint64_t e, uint8_t allow) +{ + return 0; +} + static XSM_INLINE int xsm_pci_config_permission(struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access) @@ -585,7 +595,7 @@ static XSM_INLINE int xsm_bind_pt_irq(st return 0; } -static XSM_INLINE int xsm_unbind_pt_irq(struct domain *d) +static XSM_INLINE int xsm_unbind_pt_irq(struct domain *d, struct xen_domctl_bind_pt_irq *bind) { return 0; } @@ -610,4 +620,9 @@ static XSM_INLINE int xsm_ioport_permiss return 0; } +static XSM_INLINE int xsm_ioport_mapping(struct domain *d, uint32_t s, uint32_t e, uint8_t allow) +{ + return 0; +} + #endif diff -r 68e8cfca220f -r 35a0556a7f76 xen/include/xsm/xsm.h --- a/xen/include/xsm/xsm.h Thu Jan 10 17:30:47 2013 +0000 +++ b/xen/include/xsm/xsm.h Thu Jan 10 17:32:10 2013 +0000 @@ -111,8 +111,10 @@ struct xsm_operations { char *(*show_irq_sid) (int irq); int (*map_domain_pirq) (struct domain *d, int irq, void *data); + int (*unmap_domain_pirq) (struct domain *d, int irq); int (*irq_permission) (struct domain *d, int pirq, uint8_t allow); int (*iomem_permission) (struct domain *d, uint64_t s, uint64_t e, uint8_t allow); + int (*iomem_mapping) (struct domain *d, uint64_t s, uint64_t e, uint8_t allow); int (*pci_config_permission) (struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access); int (*get_device_group) (uint32_t machine_bdf); @@ -170,11 +172,12 @@ struct xsm_operations { int (*add_to_physmap) (struct domain *d1, struct domain *d2); int (*sendtrigger) (struct domain *d); int (*bind_pt_irq) (struct domain *d, struct xen_domctl_bind_pt_irq *bind); - int (*unbind_pt_irq) (struct domain *d); + int (*unbind_pt_irq) (struct domain *d, struct xen_domctl_bind_pt_irq *bind); int (*pin_mem_cacheattr) (struct domain *d); int (*ext_vcpucontext) (struct domain *d, uint32_t cmd); int (*vcpuextstate) (struct domain *d, uint32_t cmd); int (*ioport_permission) (struct domain *d, uint32_t s, uint32_t e, uint8_t allow); + int (*ioport_mapping) (struct domain *d, uint32_t s, uint32_t e, uint8_t allow); #endif }; @@ -489,6 +492,11 @@ static inline int xsm_map_domain_pirq (s return xsm_ops->map_domain_pirq(d, irq, data); } +static inline int xsm_unmap_domain_pirq (struct domain *d, int irq) +{ + return xsm_ops->unmap_domain_pirq(d, irq); +} + static inline int xsm_irq_permission (struct domain *d, int pirq, uint8_t allow) { return xsm_ops->irq_permission(d, pirq, allow); @@ -499,6 +507,11 @@ static inline int xsm_iomem_permission ( return xsm_ops->iomem_permission(d, s, e, allow); } +static inline int xsm_iomem_mapping (struct domain *d, uint64_t s, uint64_t e, uint8_t allow) +{ + return xsm_ops->iomem_mapping(d, s, e, allow); +} + static inline int xsm_pci_config_permission (struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access) { return xsm_ops->pci_config_permission(d, machine_bdf, start, end, access); @@ -754,9 +767,10 @@ static inline int xsm_bind_pt_irq(struct return xsm_ops->bind_pt_irq(d, bind); } -static inline int xsm_unbind_pt_irq(struct domain *d) +static inline int xsm_unbind_pt_irq(struct domain *d, + struct xen_domctl_bind_pt_irq *bind) { - return xsm_ops->unbind_pt_irq(d); + return xsm_ops->unbind_pt_irq(d, bind); } static inline int xsm_pin_mem_cacheattr(struct domain *d) @@ -777,6 +791,11 @@ static inline int xsm_ioport_permission { return xsm_ops->ioport_permission(d, s, e, allow); } + +static inline int xsm_ioport_mapping (struct domain *d, uint32_t s, uint32_t e, uint8_t allow) +{ + return xsm_ops->ioport_mapping(d, s, e, allow); +} #endif /* CONFIG_X86 */ #endif /* XSM_NO_WRAPPERS */ diff -r 68e8cfca220f -r 35a0556a7f76 xen/xsm/dummy.c --- a/xen/xsm/dummy.c Thu Jan 10 17:30:47 2013 +0000 +++ b/xen/xsm/dummy.c Thu Jan 10 17:32:10 2013 +0000 @@ -96,8 +96,10 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, show_irq_sid); set_to_dummy_if_null(ops, map_domain_pirq); + set_to_dummy_if_null(ops, unmap_domain_pirq); set_to_dummy_if_null(ops, irq_permission); set_to_dummy_if_null(ops, iomem_permission); + set_to_dummy_if_null(ops, iomem_mapping); set_to_dummy_if_null(ops, pci_config_permission); set_to_dummy_if_null(ops, get_device_group); @@ -160,5 +162,6 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, ext_vcpucontext); set_to_dummy_if_null(ops, vcpuextstate); set_to_dummy_if_null(ops, ioport_permission); + set_to_dummy_if_null(ops, ioport_mapping); #endif } diff -r 68e8cfca220f -r 35a0556a7f76 xen/xsm/flask/hooks.c --- a/xen/xsm/flask/hooks.c Thu Jan 10 17:30:47 2013 +0000 +++ b/xen/xsm/flask/hooks.c Thu Jan 10 17:32:10 2013 +0000 @@ -721,41 +721,39 @@ static int flask_map_domain_pirq (struct return rc; } -static int flask_irq_permission (struct domain *d, int irq, uint8_t access) +static int flask_unmap_domain_pirq (struct domain *d, int irq) { - u32 perm; - u32 rsid; + u32 sid; int rc = -EPERM; - struct domain_security_struct *ssec, *tsec; + struct domain_security_struct *ssec; struct avc_audit_data ad; - rc = domain_has_perm(current->domain, d, SECCLASS_RESOURCE, - resource_to_perm(access)); - + rc = domain_has_perm(current->domain, d, SECCLASS_RESOURCE, RESOURCE__REMOVE); if ( rc ) return rc; - if ( access ) - perm = RESOURCE__ADD_IRQ; - else - perm = RESOURCE__REMOVE_IRQ; + ssec = current->domain->ssid; - ssec = current->domain->ssid; - tsec = d->ssid; - - rc = get_irq_sid(irq, &rsid, &ad); + if ( irq < nr_static_irqs ) { + rc = get_irq_sid(irq, &sid, &ad); + } else { + /* It is currently not possible to check the specific MSI IRQ being + * removed, since we do not have the msi_info like map_domain_pirq */ + return 0; + } if ( rc ) return rc; - rc = avc_has_perm(ssec->sid, rsid, SECCLASS_RESOURCE, perm, &ad); - if ( rc ) - return rc; + rc = avc_has_perm(ssec->sid, sid, SECCLASS_RESOURCE, RESOURCE__REMOVE_IRQ, &ad); + return rc; +} - if ( access ) - rc = avc_has_perm(tsec->sid, rsid, SECCLASS_RESOURCE, - RESOURCE__USE, &ad); - return rc; +static int flask_irq_permission (struct domain *d, int pirq, uint8_t access) +{ + /* the PIRQ number is not useful; real IRQ is checked during mapping */ + return domain_has_perm(current->domain, d, SECCLASS_RESOURCE, + resource_to_perm(access)); } struct iomem_has_perm_data { @@ -1413,7 +1411,7 @@ static int flask_bind_pt_irq (struct dom return avc_has_perm(tsec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); } -static int flask_unbind_pt_irq (struct domain *d) +static int flask_unbind_pt_irq (struct domain *d, struct xen_domctl_bind_pt_irq *bind) { return domain_has_perm(current->domain, d, SECCLASS_RESOURCE, RESOURCE__REMOVE); } @@ -1533,6 +1531,7 @@ static struct xsm_operations flask_ops = .show_irq_sid = flask_show_irq_sid, .map_domain_pirq = flask_map_domain_pirq, + .unmap_domain_pirq = flask_unmap_domain_pirq, .irq_permission = flask_irq_permission, .iomem_permission = flask_iomem_permission, .pci_config_permission = flask_pci_config_permission, _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 11 03:33:50 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 11 Jan 2013 03:33:50 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVNM-0004p8-Gi; Fri, 11 Jan 2013 03:33:48 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVNL-0004op-PR for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:48 +0000 Received: from [85.158.143.35:3546] by server-2.bemta-4.messagelabs.com id F4/BC-24322-B188FE05; Fri, 11 Jan 2013 03:33:47 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-12.tower-21.messagelabs.com!1357875194!12430552!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 28867 invoked from network); 11 Jan 2013 03:33:18 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-12.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 11 Jan 2013 03:33:18 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TtVMo-0008Nf-58 for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:14 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TtVMn-00023C-RA for xen-changelog@lists.xensource.com; Fri, 11 Jan 2013 03:33:13 +0000 Message-Id: Date: Fri, 11 Jan 2013 03:33:13 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] arch/x86: add distinct XSM hooks for map/unmap X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357839130 0 # Node ID 35a0556a7f76c9a6f616cfc9d5a82dccfe36b994 # Parent 68e8cfca220f1d4dfcc1c74c8c117a0567490c14 arch/x86: add distinct XSM hooks for map/unmap The xsm_iomem_permission and xsm_ioport_permission hooks are intended to be called by the domain builder, while the calls in arch/x86/domctl.c which control mapping are also performed by the device model. Because these operations require distinct access control policies, they cannot use the same XSM hooks. This also adds a missing XSM hook in the unbind IRQ domctl. Signed-off-by: Daniel De Graaf Acked-by: Jan Beulich Committed-by: Keir Fraser --- diff -r 68e8cfca220f -r 35a0556a7f76 xen/arch/x86/domctl.c --- a/xen/arch/x86/domctl.c Thu Jan 10 17:30:47 2013 +0000 +++ b/xen/arch/x86/domctl.c Thu Jan 10 17:32:10 2013 +0000 @@ -656,6 +656,10 @@ long arch_do_domctl( !irq_access_permitted(current->domain, bind->machine_irq) ) break; + ret = xsm_unbind_pt_irq(d, bind); + if ( ret ) + break; + if ( iommu_enabled ) { spin_lock(&pcidevs_lock); @@ -687,7 +691,7 @@ long arch_do_domctl( !iomem_access_permitted(current->domain, mfn, mfn + nr_mfns - 1) ) break; - ret = xsm_iomem_permission(d, mfn, mfn + nr_mfns - 1, add); + ret = xsm_iomem_mapping(d, mfn, mfn + nr_mfns - 1, add); if ( ret ) break; @@ -765,7 +769,7 @@ long arch_do_domctl( !ioports_access_permitted(current->domain, fmp, fmp + np - 1) ) break; - ret = xsm_ioport_permission(d, fmp, fmp + np - 1, add); + ret = xsm_ioport_mapping(d, fmp, fmp + np - 1, add); if ( ret ) break; diff -r 68e8cfca220f -r 35a0556a7f76 xen/arch/x86/physdev.c --- a/xen/arch/x86/physdev.c Thu Jan 10 17:30:47 2013 +0000 +++ b/xen/arch/x86/physdev.c Thu Jan 10 17:32:10 2013 +0000 @@ -242,7 +242,7 @@ int physdev_unmap_pirq(domid_t domid, in if ( !IS_PRIV_FOR(current->domain, d) ) goto free_domain; - ret = xsm_irq_permission(d, domain_pirq_to_irq(d, pirq), 0); + ret = xsm_unmap_domain_pirq(d, domain_pirq_to_irq(d, pirq)); if ( ret ) goto free_domain; diff -r 68e8cfca220f -r 35a0556a7f76 xen/include/xsm/dummy.h --- a/xen/include/xsm/dummy.h Thu Jan 10 17:30:47 2013 +0000 +++ b/xen/include/xsm/dummy.h Thu Jan 10 17:32:10 2013 +0000 @@ -394,6 +394,11 @@ static XSM_INLINE int xsm_map_domain_pir return 0; } +static XSM_INLINE int xsm_unmap_domain_pirq(struct domain *d, int irq) +{ + return 0; +} + static XSM_INLINE int xsm_irq_permission(struct domain *d, int pirq, uint8_t allow) { return 0; @@ -404,6 +409,11 @@ static XSM_INLINE int xsm_iomem_permissi return 0; } +static XSM_INLINE int xsm_iomem_mapping(struct domain *d, uint64_t s, uint64_t e, uint8_t allow) +{ + return 0; +} + static XSM_INLINE int xsm_pci_config_permission(struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access) @@ -585,7 +595,7 @@ static XSM_INLINE int xsm_bind_pt_irq(st return 0; } -static XSM_INLINE int xsm_unbind_pt_irq(struct domain *d) +static XSM_INLINE int xsm_unbind_pt_irq(struct domain *d, struct xen_domctl_bind_pt_irq *bind) { return 0; } @@ -610,4 +620,9 @@ static XSM_INLINE int xsm_ioport_permiss return 0; } +static XSM_INLINE int xsm_ioport_mapping(struct domain *d, uint32_t s, uint32_t e, uint8_t allow) +{ + return 0; +} + #endif diff -r 68e8cfca220f -r 35a0556a7f76 xen/include/xsm/xsm.h --- a/xen/include/xsm/xsm.h Thu Jan 10 17:30:47 2013 +0000 +++ b/xen/include/xsm/xsm.h Thu Jan 10 17:32:10 2013 +0000 @@ -111,8 +111,10 @@ struct xsm_operations { char *(*show_irq_sid) (int irq); int (*map_domain_pirq) (struct domain *d, int irq, void *data); + int (*unmap_domain_pirq) (struct domain *d, int irq); int (*irq_permission) (struct domain *d, int pirq, uint8_t allow); int (*iomem_permission) (struct domain *d, uint64_t s, uint64_t e, uint8_t allow); + int (*iomem_mapping) (struct domain *d, uint64_t s, uint64_t e, uint8_t allow); int (*pci_config_permission) (struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access); int (*get_device_group) (uint32_t machine_bdf); @@ -170,11 +172,12 @@ struct xsm_operations { int (*add_to_physmap) (struct domain *d1, struct domain *d2); int (*sendtrigger) (struct domain *d); int (*bind_pt_irq) (struct domain *d, struct xen_domctl_bind_pt_irq *bind); - int (*unbind_pt_irq) (struct domain *d); + int (*unbind_pt_irq) (struct domain *d, struct xen_domctl_bind_pt_irq *bind); int (*pin_mem_cacheattr) (struct domain *d); int (*ext_vcpucontext) (struct domain *d, uint32_t cmd); int (*vcpuextstate) (struct domain *d, uint32_t cmd); int (*ioport_permission) (struct domain *d, uint32_t s, uint32_t e, uint8_t allow); + int (*ioport_mapping) (struct domain *d, uint32_t s, uint32_t e, uint8_t allow); #endif }; @@ -489,6 +492,11 @@ static inline int xsm_map_domain_pirq (s return xsm_ops->map_domain_pirq(d, irq, data); } +static inline int xsm_unmap_domain_pirq (struct domain *d, int irq) +{ + return xsm_ops->unmap_domain_pirq(d, irq); +} + static inline int xsm_irq_permission (struct domain *d, int pirq, uint8_t allow) { return xsm_ops->irq_permission(d, pirq, allow); @@ -499,6 +507,11 @@ static inline int xsm_iomem_permission ( return xsm_ops->iomem_permission(d, s, e, allow); } +static inline int xsm_iomem_mapping (struct domain *d, uint64_t s, uint64_t e, uint8_t allow) +{ + return xsm_ops->iomem_mapping(d, s, e, allow); +} + static inline int xsm_pci_config_permission (struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access) { return xsm_ops->pci_config_permission(d, machine_bdf, start, end, access); @@ -754,9 +767,10 @@ static inline int xsm_bind_pt_irq(struct return xsm_ops->bind_pt_irq(d, bind); } -static inline int xsm_unbind_pt_irq(struct domain *d) +static inline int xsm_unbind_pt_irq(struct domain *d, + struct xen_domctl_bind_pt_irq *bind) { - return xsm_ops->unbind_pt_irq(d); + return xsm_ops->unbind_pt_irq(d, bind); } static inline int xsm_pin_mem_cacheattr(struct domain *d) @@ -777,6 +791,11 @@ static inline int xsm_ioport_permission { return xsm_ops->ioport_permission(d, s, e, allow); } + +static inline int xsm_ioport_mapping (struct domain *d, uint32_t s, uint32_t e, uint8_t allow) +{ + return xsm_ops->ioport_mapping(d, s, e, allow); +} #endif /* CONFIG_X86 */ #endif /* XSM_NO_WRAPPERS */ diff -r 68e8cfca220f -r 35a0556a7f76 xen/xsm/dummy.c --- a/xen/xsm/dummy.c Thu Jan 10 17:30:47 2013 +0000 +++ b/xen/xsm/dummy.c Thu Jan 10 17:32:10 2013 +0000 @@ -96,8 +96,10 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, show_irq_sid); set_to_dummy_if_null(ops, map_domain_pirq); + set_to_dummy_if_null(ops, unmap_domain_pirq); set_to_dummy_if_null(ops, irq_permission); set_to_dummy_if_null(ops, iomem_permission); + set_to_dummy_if_null(ops, iomem_mapping); set_to_dummy_if_null(ops, pci_config_permission); set_to_dummy_if_null(ops, get_device_group); @@ -160,5 +162,6 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, ext_vcpucontext); set_to_dummy_if_null(ops, vcpuextstate); set_to_dummy_if_null(ops, ioport_permission); + set_to_dummy_if_null(ops, ioport_mapping); #endif } diff -r 68e8cfca220f -r 35a0556a7f76 xen/xsm/flask/hooks.c --- a/xen/xsm/flask/hooks.c Thu Jan 10 17:30:47 2013 +0000 +++ b/xen/xsm/flask/hooks.c Thu Jan 10 17:32:10 2013 +0000 @@ -721,41 +721,39 @@ static int flask_map_domain_pirq (struct return rc; } -static int flask_irq_permission (struct domain *d, int irq, uint8_t access) +static int flask_unmap_domain_pirq (struct domain *d, int irq) { - u32 perm; - u32 rsid; + u32 sid; int rc = -EPERM; - struct domain_security_struct *ssec, *tsec; + struct domain_security_struct *ssec; struct avc_audit_data ad; - rc = domain_has_perm(current->domain, d, SECCLASS_RESOURCE, - resource_to_perm(access)); - + rc = domain_has_perm(current->domain, d, SECCLASS_RESOURCE, RESOURCE__REMOVE); if ( rc ) return rc; - if ( access ) - perm = RESOURCE__ADD_IRQ; - else - perm = RESOURCE__REMOVE_IRQ; + ssec = current->domain->ssid; - ssec = current->domain->ssid; - tsec = d->ssid; - - rc = get_irq_sid(irq, &rsid, &ad); + if ( irq < nr_static_irqs ) { + rc = get_irq_sid(irq, &sid, &ad); + } else { + /* It is currently not possible to check the specific MSI IRQ being + * removed, since we do not have the msi_info like map_domain_pirq */ + return 0; + } if ( rc ) return rc; - rc = avc_has_perm(ssec->sid, rsid, SECCLASS_RESOURCE, perm, &ad); - if ( rc ) - return rc; + rc = avc_has_perm(ssec->sid, sid, SECCLASS_RESOURCE, RESOURCE__REMOVE_IRQ, &ad); + return rc; +} - if ( access ) - rc = avc_has_perm(tsec->sid, rsid, SECCLASS_RESOURCE, - RESOURCE__USE, &ad); - return rc; +static int flask_irq_permission (struct domain *d, int pirq, uint8_t access) +{ + /* the PIRQ number is not useful; real IRQ is checked during mapping */ + return domain_has_perm(current->domain, d, SECCLASS_RESOURCE, + resource_to_perm(access)); } struct iomem_has_perm_data { @@ -1413,7 +1411,7 @@ static int flask_bind_pt_irq (struct dom return avc_has_perm(tsec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); } -static int flask_unbind_pt_irq (struct domain *d) +static int flask_unbind_pt_irq (struct domain *d, struct xen_domctl_bind_pt_irq *bind) { return domain_has_perm(current->domain, d, SECCLASS_RESOURCE, RESOURCE__REMOVE); } @@ -1533,6 +1531,7 @@ static struct xsm_operations flask_ops = .show_irq_sid = flask_show_irq_sid, .map_domain_pirq = flask_map_domain_pirq, + .unmap_domain_pirq = flask_unmap_domain_pirq, .irq_permission = flask_irq_permission, .iomem_permission = flask_iomem_permission, .pci_config_permission = flask_pci_config_permission, _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 15 19:33:13 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 15 Jan 2013 19:33:13 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvCFw-0004Qt-Us; Tue, 15 Jan 2013 19:33:08 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvCFw-0004Ql-CZ for xen-changelog@lists.xensource.com; Tue, 15 Jan 2013 19:33:08 +0000 Received: from [85.158.139.83:52365] by server-14.bemta-5.messagelabs.com id 1E/2B-07459-3FEA5F05; Tue, 15 Jan 2013 19:33:07 +0000 X-Env-Sender: ian.jackson@eu.citrix.com X-Msg-Ref: server-8.tower-182.messagelabs.com!1358278386!16737192!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 32494 invoked from network); 15 Jan 2013 19:33:06 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-8.tower-182.messagelabs.com with AES256-SHA encrypted SMTP; 15 Jan 2013 19:33:06 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvCFt-0004km-Ns for xen-changelog@lists.xensource.com; Tue, 15 Jan 2013 19:33:05 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvCFt-00064U-BT for xen-changelog@lists.xensource.com; Tue, 15 Jan 2013 19:33:05 +0000 Date: Tue, 15 Jan 2013 19:33:05 +0000 Message-Id: From: patchbot@xen.org To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [qemu-upstream-unstable] Fix compile errors when enabling Xen debug logging. X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org commit 1db41b7ac20545c4b96da58400fc16fb2fad4139 Author: Sander Eikelenboom Date: Mon Dec 17 11:37:43 2012 +0000 Fix compile errors when enabling Xen debug logging. upstream-commit-id: f1b8caf1d927f30f66054733a783651a24db4999 Signed-off-by: Sander Eikelenboom Acked-by: Stefano Stabellini --- hw/xen_pt.c | 5 +++-- xen-all.c | 7 ++++--- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/hw/xen_pt.c b/hw/xen_pt.c index 7a3846e..7aae826 100644 --- a/hw/xen_pt.c +++ b/hw/xen_pt.c @@ -671,7 +671,8 @@ static int xen_pt_initfn(PCIDevice *d) s->is_virtfn = s->real_device.is_virtfn; if (s->is_virtfn) { XEN_PT_LOG(d, "%04x:%02x:%02x.%d is a SR-IOV Virtual Function\n", - s->real_device.domain, bus, slot, func); + s->real_device.domain, s->real_device.bus, + s->real_device.dev, s->real_device.func); } /* Initialize virtualized PCI configuration (Extended 256 Bytes) */ @@ -752,7 +753,7 @@ out: memory_listener_register(&s->memory_listener, &address_space_memory); memory_listener_register(&s->io_listener, &address_space_io); XEN_PT_LOG(d, "Real physical device %02x:%02x.%d registered successfuly!\n", - bus, slot, func); + s->hostaddr.bus, s->hostaddr.slot, s->hostaddr.function); return 0; } diff --git a/xen-all.c b/xen-all.c index 046cc2a..d0142bd 100644 --- a/xen-all.c +++ b/xen-all.c @@ -292,7 +292,8 @@ static int xen_add_to_physmap(XenIOState *state, return -1; go_physmap: - DPRINTF("mapping vram to %llx - %llx\n", start_addr, start_addr + size); + DPRINTF("mapping vram to %"HWADDR_PRIx" - %"HWADDR_PRIx"\n", + start_addr, start_addr + size); pfn = phys_offset >> TARGET_PAGE_BITS; start_gpfn = start_addr >> TARGET_PAGE_BITS; @@ -365,8 +366,8 @@ static int xen_remove_from_physmap(XenIOState *state, phys_offset = physmap->phys_offset; size = physmap->size; - DPRINTF("unmapping vram to %llx - %llx, from %llx\n", - phys_offset, phys_offset + size, start_addr); + DPRINTF("unmapping vram to %"HWADDR_PRIx" - %"HWADDR_PRIx", from ", + "%"HWADDR_PRIx"\n", phys_offset, phys_offset + size, start_addr); size >>= TARGET_PAGE_BITS; start_addr >>= TARGET_PAGE_BITS; -- generated by git-patchbot for /home/xen/git/qemu-upstream-unstable.git _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 15 19:33:13 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 15 Jan 2013 19:33:13 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvCFw-0004Qt-Us; Tue, 15 Jan 2013 19:33:08 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvCFw-0004Ql-CZ for xen-changelog@lists.xensource.com; Tue, 15 Jan 2013 19:33:08 +0000 Received: from [85.158.139.83:52365] by server-14.bemta-5.messagelabs.com id 1E/2B-07459-3FEA5F05; Tue, 15 Jan 2013 19:33:07 +0000 X-Env-Sender: ian.jackson@eu.citrix.com X-Msg-Ref: server-8.tower-182.messagelabs.com!1358278386!16737192!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 32494 invoked from network); 15 Jan 2013 19:33:06 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-8.tower-182.messagelabs.com with AES256-SHA encrypted SMTP; 15 Jan 2013 19:33:06 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvCFt-0004km-Ns for xen-changelog@lists.xensource.com; Tue, 15 Jan 2013 19:33:05 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvCFt-00064U-BT for xen-changelog@lists.xensource.com; Tue, 15 Jan 2013 19:33:05 +0000 Date: Tue, 15 Jan 2013 19:33:05 +0000 Message-Id: From: patchbot@xen.org To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [qemu-upstream-unstable] Fix compile errors when enabling Xen debug logging. X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org commit 1db41b7ac20545c4b96da58400fc16fb2fad4139 Author: Sander Eikelenboom Date: Mon Dec 17 11:37:43 2012 +0000 Fix compile errors when enabling Xen debug logging. upstream-commit-id: f1b8caf1d927f30f66054733a783651a24db4999 Signed-off-by: Sander Eikelenboom Acked-by: Stefano Stabellini --- hw/xen_pt.c | 5 +++-- xen-all.c | 7 ++++--- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/hw/xen_pt.c b/hw/xen_pt.c index 7a3846e..7aae826 100644 --- a/hw/xen_pt.c +++ b/hw/xen_pt.c @@ -671,7 +671,8 @@ static int xen_pt_initfn(PCIDevice *d) s->is_virtfn = s->real_device.is_virtfn; if (s->is_virtfn) { XEN_PT_LOG(d, "%04x:%02x:%02x.%d is a SR-IOV Virtual Function\n", - s->real_device.domain, bus, slot, func); + s->real_device.domain, s->real_device.bus, + s->real_device.dev, s->real_device.func); } /* Initialize virtualized PCI configuration (Extended 256 Bytes) */ @@ -752,7 +753,7 @@ out: memory_listener_register(&s->memory_listener, &address_space_memory); memory_listener_register(&s->io_listener, &address_space_io); XEN_PT_LOG(d, "Real physical device %02x:%02x.%d registered successfuly!\n", - bus, slot, func); + s->hostaddr.bus, s->hostaddr.slot, s->hostaddr.function); return 0; } diff --git a/xen-all.c b/xen-all.c index 046cc2a..d0142bd 100644 --- a/xen-all.c +++ b/xen-all.c @@ -292,7 +292,8 @@ static int xen_add_to_physmap(XenIOState *state, return -1; go_physmap: - DPRINTF("mapping vram to %llx - %llx\n", start_addr, start_addr + size); + DPRINTF("mapping vram to %"HWADDR_PRIx" - %"HWADDR_PRIx"\n", + start_addr, start_addr + size); pfn = phys_offset >> TARGET_PAGE_BITS; start_gpfn = start_addr >> TARGET_PAGE_BITS; @@ -365,8 +366,8 @@ static int xen_remove_from_physmap(XenIOState *state, phys_offset = physmap->phys_offset; size = physmap->size; - DPRINTF("unmapping vram to %llx - %llx, from %llx\n", - phys_offset, phys_offset + size, start_addr); + DPRINTF("unmapping vram to %"HWADDR_PRIx" - %"HWADDR_PRIx", from ", + "%"HWADDR_PRIx"\n", phys_offset, phys_offset + size, start_addr); size >>= TARGET_PAGE_BITS; start_addr >>= TARGET_PAGE_BITS; -- generated by git-patchbot for /home/xen/git/qemu-upstream-unstable.git _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 15 19:33:23 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 15 Jan 2013 19:33:23 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvCG9-0004Rg-1q; Tue, 15 Jan 2013 19:33:21 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvCG8-0004RZ-Hx for xen-changelog@lists.xensource.com; Tue, 15 Jan 2013 19:33:20 +0000 Received: from [85.158.143.99:58250] by server-3.bemta-4.messagelabs.com id 0D/99-19220-FFEA5F05; Tue, 15 Jan 2013 19:33:19 +0000 X-Env-Sender: ian.jackson@eu.citrix.com X-Msg-Ref: server-9.tower-216.messagelabs.com!1358278396!28088867!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=1.4 required=7.0 tests=INFO_TLD X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 15211 invoked from network); 15 Jan 2013 19:33:17 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-9.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 15 Jan 2013 19:33:17 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvCG4-0004kq-7d for xen-changelog@lists.xensource.com; Tue, 15 Jan 2013 19:33:16 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvCG4-00064x-12 for xen-changelog@lists.xensource.com; Tue, 15 Jan 2013 19:33:16 +0000 Date: Tue, 15 Jan 2013 19:33:16 +0000 Message-Id: From: patchbot@xen.org To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [qemu-upstream-unstable] xen: fix trivial PCI passthrough MSI-X bug X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org commit c849ef3781f21c3f711d68215048cd33f3cd385a Author: Stefano Stabellini Date: Mon Dec 17 11:36:58 2012 +0000 xen: fix trivial PCI passthrough MSI-X bug upstream-commit-id: 044b99c6555f562254ae70dc39f32190eecbc1f2 We are currently passing entry->data as address parameter. Pass entry->addr instead. Signed-off-by: Stefano Stabellini Tested-by: Sander Eikelenboom Xen-devel: http://marc.info/?l=xen-devel&m=135515462613715 --- hw/xen_pt_msi.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/hw/xen_pt_msi.c b/hw/xen_pt_msi.c index 6807672..db757cd 100644 --- a/hw/xen_pt_msi.c +++ b/hw/xen_pt_msi.c @@ -321,7 +321,7 @@ static int xen_pt_msix_update_one(XenPCIPassthroughState *s, int entry_nr) pirq = entry->pirq; - rc = msi_msix_setup(s, entry->data, entry->data, &pirq, true, entry_nr, + rc = msi_msix_setup(s, entry->addr, entry->data, &pirq, true, entry_nr, entry->pirq == XEN_PT_UNASSIGNED_PIRQ); if (rc) { return rc; -- generated by git-patchbot for /home/xen/git/qemu-upstream-unstable.git _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 15 19:33:23 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 15 Jan 2013 19:33:23 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvCG9-0004Rg-1q; Tue, 15 Jan 2013 19:33:21 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvCG8-0004RZ-Hx for xen-changelog@lists.xensource.com; Tue, 15 Jan 2013 19:33:20 +0000 Received: from [85.158.143.99:58250] by server-3.bemta-4.messagelabs.com id 0D/99-19220-FFEA5F05; Tue, 15 Jan 2013 19:33:19 +0000 X-Env-Sender: ian.jackson@eu.citrix.com X-Msg-Ref: server-9.tower-216.messagelabs.com!1358278396!28088867!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=1.4 required=7.0 tests=INFO_TLD X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 15211 invoked from network); 15 Jan 2013 19:33:17 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-9.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 15 Jan 2013 19:33:17 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvCG4-0004kq-7d for xen-changelog@lists.xensource.com; Tue, 15 Jan 2013 19:33:16 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvCG4-00064x-12 for xen-changelog@lists.xensource.com; Tue, 15 Jan 2013 19:33:16 +0000 Date: Tue, 15 Jan 2013 19:33:16 +0000 Message-Id: From: patchbot@xen.org To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [qemu-upstream-unstable] xen: fix trivial PCI passthrough MSI-X bug X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org commit c849ef3781f21c3f711d68215048cd33f3cd385a Author: Stefano Stabellini Date: Mon Dec 17 11:36:58 2012 +0000 xen: fix trivial PCI passthrough MSI-X bug upstream-commit-id: 044b99c6555f562254ae70dc39f32190eecbc1f2 We are currently passing entry->data as address parameter. Pass entry->addr instead. Signed-off-by: Stefano Stabellini Tested-by: Sander Eikelenboom Xen-devel: http://marc.info/?l=xen-devel&m=135515462613715 --- hw/xen_pt_msi.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/hw/xen_pt_msi.c b/hw/xen_pt_msi.c index 6807672..db757cd 100644 --- a/hw/xen_pt_msi.c +++ b/hw/xen_pt_msi.c @@ -321,7 +321,7 @@ static int xen_pt_msix_update_one(XenPCIPassthroughState *s, int entry_nr) pirq = entry->pirq; - rc = msi_msix_setup(s, entry->data, entry->data, &pirq, true, entry_nr, + rc = msi_msix_setup(s, entry->addr, entry->data, &pirq, true, entry_nr, entry->pirq == XEN_PT_UNASSIGNED_PIRQ); if (rc) { return rc; -- generated by git-patchbot for /home/xen/git/qemu-upstream-unstable.git _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 15 19:33:37 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 15 Jan 2013 19:33:37 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvCGK-0004T2-4s; Tue, 15 Jan 2013 19:33:32 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvCGI-0004Sj-L3 for xen-changelog@lists.xensource.com; Tue, 15 Jan 2013 19:33:30 +0000 Received: from [85.158.143.35:59133] by server-1.bemta-4.messagelabs.com id 60/C3-18740-90FA5F05; Tue, 15 Jan 2013 19:33:29 +0000 X-Env-Sender: ian.jackson@eu.citrix.com X-Msg-Ref: server-4.tower-21.messagelabs.com!1358278407!5606863!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 24477 invoked from network); 15 Jan 2013 19:33:28 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-4.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 15 Jan 2013 19:33:28 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvCGE-0004ky-Ow for xen-changelog@lists.xensource.com; Tue, 15 Jan 2013 19:33:26 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvCGE-00065N-Dt for xen-changelog@lists.xensource.com; Tue, 15 Jan 2013 19:33:26 +0000 Date: Tue, 15 Jan 2013 19:33:26 +0000 Message-Id: From: patchbot@xen.org To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [qemu-upstream-unstable] xen: implement support for secondary consoles in the console backend X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org commit 447b6b1b6074dbe0c65c88a76a31ed4eccc63014 Author: Stefano Stabellini Date: Mon Dec 17 11:36:09 2012 +0000 xen: implement support for secondary consoles in the console backend This patch corresponds to commit 840184a106bc24e745beda5c77e392f6cecd2bc9 from git://xenbits.xensource.com/qemu-xen-unstable.git. upstream-commit-id: 2c1d4d15f09cf95b8f832624e7aac2916f9d1865 Signed-off-by: Stefano Stabellini --- hw/xen_console.c | 28 +++++++++++++++++++++------- 1 files changed, 21 insertions(+), 7 deletions(-) diff --git a/hw/xen_console.c b/hw/xen_console.c index 9426d73..1349881 100644 --- a/hw/xen_console.c +++ b/hw/xen_console.c @@ -184,7 +184,11 @@ static int con_init(struct XenDevice *xendev) /* setup */ dom = xs_get_domain_path(xenstore, con->xendev.dom); - snprintf(con->console, sizeof(con->console), "%s/console", dom); + if (!xendev->dev) { + snprintf(con->console, sizeof(con->console), "%s/console", dom); + } else { + snprintf(con->console, sizeof(con->console), "%s/device/console/%d", dom, xendev->dev); + } free(dom); type = xenstore_read_str(con->console, "type"); @@ -223,10 +227,16 @@ static int con_initialise(struct XenDevice *xendev) if (xenstore_read_int(con->console, "limit", &limit) == 0) con->buffer.max_capacity = limit; - con->sring = xc_map_foreign_range(xen_xc, con->xendev.dom, - XC_PAGE_SIZE, - PROT_READ|PROT_WRITE, - con->ring_ref); + if (!xendev->dev) { + con->sring = xc_map_foreign_range(xen_xc, con->xendev.dom, + XC_PAGE_SIZE, + PROT_READ|PROT_WRITE, + con->ring_ref); + } else { + con->sring = xc_gnttab_map_grant_ref(xendev->gnttabdev, con->xendev.dom, + con->ring_ref, + PROT_READ|PROT_WRITE); + } if (!con->sring) return -1; @@ -255,7 +265,11 @@ static void con_disconnect(struct XenDevice *xendev) xen_be_unbind_evtchn(&con->xendev); if (con->sring) { - munmap(con->sring, XC_PAGE_SIZE); + if (!xendev->gnttabdev) { + munmap(con->sring, XC_PAGE_SIZE); + } else { + xc_gnttab_munmap(xendev->gnttabdev, con->sring, 1); + } con->sring = NULL; } } @@ -273,7 +287,7 @@ static void con_event(struct XenDevice *xendev) struct XenDevOps xen_console_ops = { .size = sizeof(struct XenConsole), - .flags = DEVOPS_FLAG_IGNORE_STATE, + .flags = DEVOPS_FLAG_IGNORE_STATE|DEVOPS_FLAG_NEED_GNTDEV, .init = con_init, .initialise = con_initialise, .event = con_event, -- generated by git-patchbot for /home/xen/git/qemu-upstream-unstable.git _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 15 19:33:37 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 15 Jan 2013 19:33:37 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvCGK-0004T2-4s; Tue, 15 Jan 2013 19:33:32 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvCGI-0004Sj-L3 for xen-changelog@lists.xensource.com; Tue, 15 Jan 2013 19:33:30 +0000 Received: from [85.158.143.35:59133] by server-1.bemta-4.messagelabs.com id 60/C3-18740-90FA5F05; Tue, 15 Jan 2013 19:33:29 +0000 X-Env-Sender: ian.jackson@eu.citrix.com X-Msg-Ref: server-4.tower-21.messagelabs.com!1358278407!5606863!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 24477 invoked from network); 15 Jan 2013 19:33:28 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-4.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 15 Jan 2013 19:33:28 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvCGE-0004ky-Ow for xen-changelog@lists.xensource.com; Tue, 15 Jan 2013 19:33:26 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvCGE-00065N-Dt for xen-changelog@lists.xensource.com; Tue, 15 Jan 2013 19:33:26 +0000 Date: Tue, 15 Jan 2013 19:33:26 +0000 Message-Id: From: patchbot@xen.org To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [qemu-upstream-unstable] xen: implement support for secondary consoles in the console backend X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org commit 447b6b1b6074dbe0c65c88a76a31ed4eccc63014 Author: Stefano Stabellini Date: Mon Dec 17 11:36:09 2012 +0000 xen: implement support for secondary consoles in the console backend This patch corresponds to commit 840184a106bc24e745beda5c77e392f6cecd2bc9 from git://xenbits.xensource.com/qemu-xen-unstable.git. upstream-commit-id: 2c1d4d15f09cf95b8f832624e7aac2916f9d1865 Signed-off-by: Stefano Stabellini --- hw/xen_console.c | 28 +++++++++++++++++++++------- 1 files changed, 21 insertions(+), 7 deletions(-) diff --git a/hw/xen_console.c b/hw/xen_console.c index 9426d73..1349881 100644 --- a/hw/xen_console.c +++ b/hw/xen_console.c @@ -184,7 +184,11 @@ static int con_init(struct XenDevice *xendev) /* setup */ dom = xs_get_domain_path(xenstore, con->xendev.dom); - snprintf(con->console, sizeof(con->console), "%s/console", dom); + if (!xendev->dev) { + snprintf(con->console, sizeof(con->console), "%s/console", dom); + } else { + snprintf(con->console, sizeof(con->console), "%s/device/console/%d", dom, xendev->dev); + } free(dom); type = xenstore_read_str(con->console, "type"); @@ -223,10 +227,16 @@ static int con_initialise(struct XenDevice *xendev) if (xenstore_read_int(con->console, "limit", &limit) == 0) con->buffer.max_capacity = limit; - con->sring = xc_map_foreign_range(xen_xc, con->xendev.dom, - XC_PAGE_SIZE, - PROT_READ|PROT_WRITE, - con->ring_ref); + if (!xendev->dev) { + con->sring = xc_map_foreign_range(xen_xc, con->xendev.dom, + XC_PAGE_SIZE, + PROT_READ|PROT_WRITE, + con->ring_ref); + } else { + con->sring = xc_gnttab_map_grant_ref(xendev->gnttabdev, con->xendev.dom, + con->ring_ref, + PROT_READ|PROT_WRITE); + } if (!con->sring) return -1; @@ -255,7 +265,11 @@ static void con_disconnect(struct XenDevice *xendev) xen_be_unbind_evtchn(&con->xendev); if (con->sring) { - munmap(con->sring, XC_PAGE_SIZE); + if (!xendev->gnttabdev) { + munmap(con->sring, XC_PAGE_SIZE); + } else { + xc_gnttab_munmap(xendev->gnttabdev, con->sring, 1); + } con->sring = NULL; } } @@ -273,7 +287,7 @@ static void con_event(struct XenDevice *xendev) struct XenDevOps xen_console_ops = { .size = sizeof(struct XenConsole), - .flags = DEVOPS_FLAG_IGNORE_STATE, + .flags = DEVOPS_FLAG_IGNORE_STATE|DEVOPS_FLAG_NEED_GNTDEV, .init = con_init, .initialise = con_initialise, .event = con_event, -- generated by git-patchbot for /home/xen/git/qemu-upstream-unstable.git _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 15 19:33:46 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 15 Jan 2013 19:33:46 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvCGV-0004V2-8K; Tue, 15 Jan 2013 19:33:43 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvCGU-0004Un-F6 for xen-changelog@lists.xensource.com; Tue, 15 Jan 2013 19:33:42 +0000 Received: from [85.158.139.83:53559] by server-16.bemta-5.messagelabs.com id 1B/92-22111-51FA5F05; Tue, 15 Jan 2013 19:33:41 +0000 X-Env-Sender: ian.jackson@eu.citrix.com X-Msg-Ref: server-4.tower-182.messagelabs.com!1358278417!25283467!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 23683 invoked from network); 15 Jan 2013 19:33:38 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-4.tower-182.messagelabs.com with AES256-SHA encrypted SMTP; 15 Jan 2013 19:33:38 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvCGP-0004l3-6w for xen-changelog@lists.xensource.com; Tue, 15 Jan 2013 19:33:37 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvCGO-00065n-Vx for xen-changelog@lists.xensource.com; Tue, 15 Jan 2013 19:33:37 +0000 Date: Tue, 15 Jan 2013 19:33:36 +0000 Message-Id: From: patchbot@xen.org To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [qemu-upstream-unstable] cpu_ioreq_pio, cpu_ioreq_move: introduce read_phys_req_item, write_phys_req_item X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org commit 56b1cba4719307218763af8e340569f9ed4b7381 Author: Ian Jackson Date: Mon Dec 17 11:43:19 2012 +0000 cpu_ioreq_pio, cpu_ioreq_move: introduce read_phys_req_item, write_phys_req_item Replace a lot of formulaic multiplications (containing casts, no less) with calls to a pair of functions. This encapsulates in a single place the operations which require care relating to integer overflow. upstream-commit-id: a38648290ee277c7cb8a53eabdcdb08bb7a9f23f Cc: Dongxiao Xu Signed-off-by: Ian Jackson Acked-by: Stefano Stabellini --- xen-all.c | 76 +++++++++++++++++++++++++++++++++++++------------------------ 1 files changed, 46 insertions(+), 30 deletions(-) diff --git a/xen-all.c b/xen-all.c index d0142bd..ef430ca 100644 --- a/xen-all.c +++ b/xen-all.c @@ -683,11 +683,45 @@ static void do_outp(pio_addr_t addr, } } -static void cpu_ioreq_pio(ioreq_t *req) +/* + * Helper functions which read/write an object from/to physical guest + * memory, as part of the implementation of an ioreq. + * + * Equivalent to + * cpu_physical_memory_rw(addr + (req->df ? -1 : +1) * req->size * i, + * val, req->size, 0/1) + * except without the integer overflow problems. + */ +static void rw_phys_req_item(hwaddr addr, + ioreq_t *req, uint32_t i, void *val, int rw) +{ + /* Do everything unsigned so overflow just results in a truncated result + * and accesses to undesired parts of guest memory, which is up + * to the guest */ + hwaddr offset = (hwaddr)req->size * i; + if (req->df) { + addr -= offset; + } else { + addr += offset; + } + cpu_physical_memory_rw(addr, val, req->size, rw); +} + +static inline void read_phys_req_item(hwaddr addr, + ioreq_t *req, uint32_t i, void *val) { - int i, sign; + rw_phys_req_item(addr, req, i, val, 0); +} +static inline void write_phys_req_item(hwaddr addr, + ioreq_t *req, uint32_t i, void *val) +{ + rw_phys_req_item(addr, req, i, val, 1); +} - sign = req->df ? -1 : 1; + +static void cpu_ioreq_pio(ioreq_t *req) +{ + int i; if (req->dir == IOREQ_READ) { if (!req->data_is_ptr) { @@ -697,9 +731,7 @@ static void cpu_ioreq_pio(ioreq_t *req) for (i = 0; i < req->count; i++) { tmp = do_inp(req->addr, req->size); - cpu_physical_memory_write( - req->data + (sign * i * (int64_t)req->size), - (uint8_t *) &tmp, req->size); + write_phys_req_item(req->data, req, i, &tmp); } } } else if (req->dir == IOREQ_WRITE) { @@ -709,9 +741,7 @@ static void cpu_ioreq_pio(ioreq_t *req) for (i = 0; i < req->count; i++) { uint32_t tmp = 0; - cpu_physical_memory_read( - req->data + (sign * i * (int64_t)req->size), - (uint8_t*) &tmp, req->size); + read_phys_req_item(req->data, req, i, &tmp); do_outp(req->addr, req->size, tmp); } } @@ -720,22 +750,16 @@ static void cpu_ioreq_pio(ioreq_t *req) static void cpu_ioreq_move(ioreq_t *req) { - int i, sign; - - sign = req->df ? -1 : 1; + int i; if (!req->data_is_ptr) { if (req->dir == IOREQ_READ) { for (i = 0; i < req->count; i++) { - cpu_physical_memory_read( - req->addr + (sign * i * (int64_t)req->size), - (uint8_t *) &req->data, req->size); + read_phys_req_item(req->addr, req, i, &req->data); } } else if (req->dir == IOREQ_WRITE) { for (i = 0; i < req->count; i++) { - cpu_physical_memory_write( - req->addr + (sign * i * (int64_t)req->size), - (uint8_t *) &req->data, req->size); + write_phys_req_item(req->addr, req, i, &req->data); } } } else { @@ -743,21 +767,13 @@ static void cpu_ioreq_move(ioreq_t *req) if (req->dir == IOREQ_READ) { for (i = 0; i < req->count; i++) { - cpu_physical_memory_read( - req->addr + (sign * i * (int64_t)req->size), - (uint8_t*) &tmp, req->size); - cpu_physical_memory_write( - req->data + (sign * i * (int64_t)req->size), - (uint8_t*) &tmp, req->size); + read_phys_req_item(req->addr, req, i, &tmp); + write_phys_req_item(req->data, req, i, &tmp); } } else if (req->dir == IOREQ_WRITE) { for (i = 0; i < req->count; i++) { - cpu_physical_memory_read( - req->data + (sign * i * (int64_t)req->size), - (uint8_t*) &tmp, req->size); - cpu_physical_memory_write( - req->addr + (sign * i * (int64_t)req->size), - (uint8_t*) &tmp, req->size); + read_phys_req_item(req->data, req, i, &tmp); + write_phys_req_item(req->addr, req, i, &tmp); } } } -- generated by git-patchbot for /home/xen/git/qemu-upstream-unstable.git _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 15 19:33:46 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 15 Jan 2013 19:33:46 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvCGV-0004V2-8K; Tue, 15 Jan 2013 19:33:43 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvCGU-0004Un-F6 for xen-changelog@lists.xensource.com; Tue, 15 Jan 2013 19:33:42 +0000 Received: from [85.158.139.83:53559] by server-16.bemta-5.messagelabs.com id 1B/92-22111-51FA5F05; Tue, 15 Jan 2013 19:33:41 +0000 X-Env-Sender: ian.jackson@eu.citrix.com X-Msg-Ref: server-4.tower-182.messagelabs.com!1358278417!25283467!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 23683 invoked from network); 15 Jan 2013 19:33:38 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-4.tower-182.messagelabs.com with AES256-SHA encrypted SMTP; 15 Jan 2013 19:33:38 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvCGP-0004l3-6w for xen-changelog@lists.xensource.com; Tue, 15 Jan 2013 19:33:37 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvCGO-00065n-Vx for xen-changelog@lists.xensource.com; Tue, 15 Jan 2013 19:33:37 +0000 Date: Tue, 15 Jan 2013 19:33:36 +0000 Message-Id: From: patchbot@xen.org To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [qemu-upstream-unstable] cpu_ioreq_pio, cpu_ioreq_move: introduce read_phys_req_item, write_phys_req_item X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org commit 56b1cba4719307218763af8e340569f9ed4b7381 Author: Ian Jackson Date: Mon Dec 17 11:43:19 2012 +0000 cpu_ioreq_pio, cpu_ioreq_move: introduce read_phys_req_item, write_phys_req_item Replace a lot of formulaic multiplications (containing casts, no less) with calls to a pair of functions. This encapsulates in a single place the operations which require care relating to integer overflow. upstream-commit-id: a38648290ee277c7cb8a53eabdcdb08bb7a9f23f Cc: Dongxiao Xu Signed-off-by: Ian Jackson Acked-by: Stefano Stabellini --- xen-all.c | 76 +++++++++++++++++++++++++++++++++++++------------------------ 1 files changed, 46 insertions(+), 30 deletions(-) diff --git a/xen-all.c b/xen-all.c index d0142bd..ef430ca 100644 --- a/xen-all.c +++ b/xen-all.c @@ -683,11 +683,45 @@ static void do_outp(pio_addr_t addr, } } -static void cpu_ioreq_pio(ioreq_t *req) +/* + * Helper functions which read/write an object from/to physical guest + * memory, as part of the implementation of an ioreq. + * + * Equivalent to + * cpu_physical_memory_rw(addr + (req->df ? -1 : +1) * req->size * i, + * val, req->size, 0/1) + * except without the integer overflow problems. + */ +static void rw_phys_req_item(hwaddr addr, + ioreq_t *req, uint32_t i, void *val, int rw) +{ + /* Do everything unsigned so overflow just results in a truncated result + * and accesses to undesired parts of guest memory, which is up + * to the guest */ + hwaddr offset = (hwaddr)req->size * i; + if (req->df) { + addr -= offset; + } else { + addr += offset; + } + cpu_physical_memory_rw(addr, val, req->size, rw); +} + +static inline void read_phys_req_item(hwaddr addr, + ioreq_t *req, uint32_t i, void *val) { - int i, sign; + rw_phys_req_item(addr, req, i, val, 0); +} +static inline void write_phys_req_item(hwaddr addr, + ioreq_t *req, uint32_t i, void *val) +{ + rw_phys_req_item(addr, req, i, val, 1); +} - sign = req->df ? -1 : 1; + +static void cpu_ioreq_pio(ioreq_t *req) +{ + int i; if (req->dir == IOREQ_READ) { if (!req->data_is_ptr) { @@ -697,9 +731,7 @@ static void cpu_ioreq_pio(ioreq_t *req) for (i = 0; i < req->count; i++) { tmp = do_inp(req->addr, req->size); - cpu_physical_memory_write( - req->data + (sign * i * (int64_t)req->size), - (uint8_t *) &tmp, req->size); + write_phys_req_item(req->data, req, i, &tmp); } } } else if (req->dir == IOREQ_WRITE) { @@ -709,9 +741,7 @@ static void cpu_ioreq_pio(ioreq_t *req) for (i = 0; i < req->count; i++) { uint32_t tmp = 0; - cpu_physical_memory_read( - req->data + (sign * i * (int64_t)req->size), - (uint8_t*) &tmp, req->size); + read_phys_req_item(req->data, req, i, &tmp); do_outp(req->addr, req->size, tmp); } } @@ -720,22 +750,16 @@ static void cpu_ioreq_pio(ioreq_t *req) static void cpu_ioreq_move(ioreq_t *req) { - int i, sign; - - sign = req->df ? -1 : 1; + int i; if (!req->data_is_ptr) { if (req->dir == IOREQ_READ) { for (i = 0; i < req->count; i++) { - cpu_physical_memory_read( - req->addr + (sign * i * (int64_t)req->size), - (uint8_t *) &req->data, req->size); + read_phys_req_item(req->addr, req, i, &req->data); } } else if (req->dir == IOREQ_WRITE) { for (i = 0; i < req->count; i++) { - cpu_physical_memory_write( - req->addr + (sign * i * (int64_t)req->size), - (uint8_t *) &req->data, req->size); + write_phys_req_item(req->addr, req, i, &req->data); } } } else { @@ -743,21 +767,13 @@ static void cpu_ioreq_move(ioreq_t *req) if (req->dir == IOREQ_READ) { for (i = 0; i < req->count; i++) { - cpu_physical_memory_read( - req->addr + (sign * i * (int64_t)req->size), - (uint8_t*) &tmp, req->size); - cpu_physical_memory_write( - req->data + (sign * i * (int64_t)req->size), - (uint8_t*) &tmp, req->size); + read_phys_req_item(req->addr, req, i, &tmp); + write_phys_req_item(req->data, req, i, &tmp); } } else if (req->dir == IOREQ_WRITE) { for (i = 0; i < req->count; i++) { - cpu_physical_memory_read( - req->data + (sign * i * (int64_t)req->size), - (uint8_t*) &tmp, req->size); - cpu_physical_memory_write( - req->addr + (sign * i * (int64_t)req->size), - (uint8_t*) &tmp, req->size); + read_phys_req_item(req->data, req, i, &tmp); + write_phys_req_item(req->addr, req, i, &tmp); } } } -- generated by git-patchbot for /home/xen/git/qemu-upstream-unstable.git _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 15 19:33:59 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 15 Jan 2013 19:33:59 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvCGi-0004Xg-Bn; Tue, 15 Jan 2013 19:33:56 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvCGg-0004XJ-S5 for xen-changelog@lists.xensource.com; Tue, 15 Jan 2013 19:33:55 +0000 Received: from [85.158.137.99:64122] by server-2.bemta-3.messagelabs.com id 36/8F-11239-D1FA5F05; Tue, 15 Jan 2013 19:33:49 +0000 X-Env-Sender: ian.jackson@eu.citrix.com X-Msg-Ref: server-14.tower-217.messagelabs.com!1358278427!17054436!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 21645 invoked from network); 15 Jan 2013 19:33:48 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-14.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 15 Jan 2013 19:33:48 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvCGZ-0004l9-Iy for xen-changelog@lists.xensource.com; Tue, 15 Jan 2013 19:33:47 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvCGZ-000669-DU for xen-changelog@lists.xensource.com; Tue, 15 Jan 2013 19:33:47 +0000 Date: Tue, 15 Jan 2013 19:33:47 +0000 Message-Id: From: patchbot@xen.org To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [qemu-upstream-unstable] cpu_ioreq_pio, cpu_ioreq_move: i should be uint32_t rather than int X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org commit ff780138eab9c89f9c339230ac73e4378ec9efde Author: Ian Jackson Date: Mon Dec 17 11:44:02 2012 +0000 cpu_ioreq_pio, cpu_ioreq_move: i should be uint32_t rather than int The current code compare i (int) with req->count (uint32_t) in a for loop, risking an infinite loop if req->count is equal to UINT_MAX. Also i is only used in comparisons or multiplications with unsigned integers. upstream-commit-id: 249e7e0fff080df0eff54730f3b6459d92d61e5a Signed-off-by: Stefano Stabellini Cc: Dongxiao Xu Cc: Stefano Stabellini Signed-off-by: Ian Jackson --- xen-all.c | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/xen-all.c b/xen-all.c index ef430ca..daf43b9 100644 --- a/xen-all.c +++ b/xen-all.c @@ -721,7 +721,7 @@ static inline void write_phys_req_item(hwaddr addr, static void cpu_ioreq_pio(ioreq_t *req) { - int i; + uint32_t i; if (req->dir == IOREQ_READ) { if (!req->data_is_ptr) { @@ -750,7 +750,7 @@ static void cpu_ioreq_pio(ioreq_t *req) static void cpu_ioreq_move(ioreq_t *req) { - int i; + uint32_t i; if (!req->data_is_ptr) { if (req->dir == IOREQ_READ) { -- generated by git-patchbot for /home/xen/git/qemu-upstream-unstable.git _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 15 19:33:59 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 15 Jan 2013 19:33:59 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvCGi-0004Xg-Bn; Tue, 15 Jan 2013 19:33:56 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvCGg-0004XJ-S5 for xen-changelog@lists.xensource.com; Tue, 15 Jan 2013 19:33:55 +0000 Received: from [85.158.137.99:64122] by server-2.bemta-3.messagelabs.com id 36/8F-11239-D1FA5F05; Tue, 15 Jan 2013 19:33:49 +0000 X-Env-Sender: ian.jackson@eu.citrix.com X-Msg-Ref: server-14.tower-217.messagelabs.com!1358278427!17054436!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 21645 invoked from network); 15 Jan 2013 19:33:48 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-14.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 15 Jan 2013 19:33:48 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvCGZ-0004l9-Iy for xen-changelog@lists.xensource.com; Tue, 15 Jan 2013 19:33:47 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvCGZ-000669-DU for xen-changelog@lists.xensource.com; Tue, 15 Jan 2013 19:33:47 +0000 Date: Tue, 15 Jan 2013 19:33:47 +0000 Message-Id: From: patchbot@xen.org To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [qemu-upstream-unstable] cpu_ioreq_pio, cpu_ioreq_move: i should be uint32_t rather than int X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org commit ff780138eab9c89f9c339230ac73e4378ec9efde Author: Ian Jackson Date: Mon Dec 17 11:44:02 2012 +0000 cpu_ioreq_pio, cpu_ioreq_move: i should be uint32_t rather than int The current code compare i (int) with req->count (uint32_t) in a for loop, risking an infinite loop if req->count is equal to UINT_MAX. Also i is only used in comparisons or multiplications with unsigned integers. upstream-commit-id: 249e7e0fff080df0eff54730f3b6459d92d61e5a Signed-off-by: Stefano Stabellini Cc: Dongxiao Xu Cc: Stefano Stabellini Signed-off-by: Ian Jackson --- xen-all.c | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/xen-all.c b/xen-all.c index ef430ca..daf43b9 100644 --- a/xen-all.c +++ b/xen-all.c @@ -721,7 +721,7 @@ static inline void write_phys_req_item(hwaddr addr, static void cpu_ioreq_pio(ioreq_t *req) { - int i; + uint32_t i; if (req->dir == IOREQ_READ) { if (!req->data_is_ptr) { @@ -750,7 +750,7 @@ static void cpu_ioreq_pio(ioreq_t *req) static void cpu_ioreq_move(ioreq_t *req) { - int i; + uint32_t i; if (!req->data_is_ptr) { if (req->dir == IOREQ_READ) { -- generated by git-patchbot for /home/xen/git/qemu-upstream-unstable.git _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:20 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:20 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGE-0007J7-Rz; Wed, 16 Jan 2013 08:22:14 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGC-0007Iw-I8 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:12 +0000 Received: from [85.158.139.211:28328] by server-2.bemta-5.messagelabs.com id 0E/F1-03587-33366F05; Wed, 16 Jan 2013 08:22:11 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-3.tower-206.messagelabs.com!1358324529!18304946!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 17199 invoked from network); 16 Jan 2013 08:22:10 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-3.tower-206.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:10 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOG9-0003qr-0g for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOG8-0000Xi-Dh for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:08 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:07 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen: use XSM instead of IS_PRIV where duplicated X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357898803 0 # Node ID bf1e34d665580679b02a67075f809d88f39646f8 # Parent 35a0556a7f76c9a6f616cfc9d5a82dccfe36b994 xen: use XSM instead of IS_PRIV where duplicated The Xen hypervisor has two basic access control function calls: IS_PRIV and the xsm_* functions. Most privileged operations currently require that both checks succeed, and many times the checks are at different locations in the code. This patch eliminates the explicit and implicit IS_PRIV checks that are duplicated in XSM hooks. When XSM_ENABLE is not defined or when the dummy XSM module is used, this patch should not change any functionality. Because the locations of privilege checks have sometimes moved below argument validation, error returns of some functions may change from EPERM to EINVAL or ESRCH if called with invalid arguments and from a domain without permission to perform the operation. Some checks are removed due to non-obvious duplicates in their callers: * acpi_enter_sleep is checked in XENPF_enter_acpi_sleep * map_domain_pirq has IS_PRIV_FOR checked in its callers: * physdev_map_pirq checks when acquiring the RCU lock * ioapic_guest_write is checked in PHYSDEVOP_apic_write * PHYSDEVOP_{manage_pci_add,manage_pci_add_ext,pci_device_add} are checked by xsm_resource_plug_pci in pci_add_device * PHYSDEVOP_manage_pci_remove is checked by xsm_resource_unplug_pci in pci_remove_device * PHYSDEVOP_{restore_msi,restore_msi_ext} are checked by xsm_resource_setup_pci in pci_restore_msi_state * do_console_io has changed to IS_PRIV from an explicit domid==0 Signed-off-by: Daniel De Graaf Acked-by: Jan Beulich Committed-by: Keir Fraser --- diff -r 35a0556a7f76 -r bf1e34d66558 xen/arch/x86/acpi/power.c --- a/xen/arch/x86/acpi/power.c Thu Jan 10 17:32:10 2013 +0000 +++ b/xen/arch/x86/acpi/power.c Fri Jan 11 10:06:43 2013 +0000 @@ -239,7 +239,7 @@ static long enter_state_helper(void *dat */ int acpi_enter_sleep(struct xenpf_enter_acpi_sleep *sleep) { - if ( !IS_PRIV(current->domain) || !acpi_sinfo.pm1a_cnt_blk.address ) + if ( !acpi_sinfo.pm1a_cnt_blk.address ) return -EPERM; /* Sanity check */ diff -r 35a0556a7f76 -r bf1e34d66558 xen/arch/x86/cpu/mcheck/mce.c --- a/xen/arch/x86/cpu/mcheck/mce.c Thu Jan 10 17:32:10 2013 +0000 +++ b/xen/arch/x86/cpu/mcheck/mce.c Fri Jan 11 10:06:43 2013 +0000 @@ -1293,9 +1293,6 @@ long do_mca(XEN_GUEST_HANDLE_PARAM(xen_m struct xen_mc_msrinject *mc_msrinject; struct xen_mc_mceinject *mc_mceinject; - if (!IS_PRIV(v->domain) ) - return x86_mcerr(NULL, -EPERM); - ret = xsm_do_mca(); if ( ret ) return x86_mcerr(NULL, ret); diff -r 35a0556a7f76 -r bf1e34d66558 xen/arch/x86/irq.c --- a/xen/arch/x86/irq.c Thu Jan 10 17:32:10 2013 +0000 +++ b/xen/arch/x86/irq.c Fri Jan 11 10:06:43 2013 +0000 @@ -1853,8 +1853,7 @@ int map_domain_pirq( ASSERT(spin_is_locked(&d->event_lock)); if ( !IS_PRIV(current->domain) && - !(IS_PRIV_FOR(current->domain, d) && - irq_access_permitted(current->domain, pirq))) + !irq_access_permitted(current->domain, pirq)) return -EPERM; if ( pirq < 0 || pirq >= d->nr_pirqs || irq < 0 || irq >= nr_irqs ) diff -r 35a0556a7f76 -r bf1e34d66558 xen/arch/x86/mm.c --- a/xen/arch/x86/mm.c Thu Jan 10 17:32:10 2013 +0000 +++ b/xen/arch/x86/mm.c Fri Jan 11 10:06:43 2013 +0000 @@ -4493,9 +4493,6 @@ long arch_memory_op(int op, XEN_GUEST_HA XEN_GUEST_HANDLE_PARAM(e820entry_t) buffer_param; unsigned int i; - if ( !IS_PRIV(current->domain) ) - return -EINVAL; - rc = xsm_machine_memory_map(); if ( rc ) return rc; diff -r 35a0556a7f76 -r bf1e34d66558 xen/arch/x86/physdev.c --- a/xen/arch/x86/physdev.c Thu Jan 10 17:32:10 2013 +0000 +++ b/xen/arch/x86/physdev.c Fri Jan 11 10:06:43 2013 +0000 @@ -109,12 +109,6 @@ int physdev_map_pirq(domid_t domid, int if ( ret ) return ret; - if ( !IS_PRIV_FOR(current->domain, d) ) - { - ret = -EPERM; - goto free_domain; - } - /* Verify or get irq. */ switch ( type ) { @@ -238,10 +232,6 @@ int physdev_unmap_pirq(domid_t domid, in goto free_domain; } - ret = -EPERM; - if ( !IS_PRIV_FOR(current->domain, d) ) - goto free_domain; - ret = xsm_unmap_domain_pirq(d, domain_pirq_to_irq(d, pirq)); if ( ret ) goto free_domain; @@ -433,9 +423,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H ret = -EFAULT; if ( copy_from_guest(&apic, arg, 1) != 0 ) break; - ret = -EPERM; - if ( !IS_PRIV(v->domain) ) - break; ret = xsm_apic(v->domain, cmd); if ( ret ) break; @@ -450,9 +437,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H ret = -EFAULT; if ( copy_from_guest(&apic, arg, 1) != 0 ) break; - ret = -EPERM; - if ( !IS_PRIV(v->domain) ) - break; ret = xsm_apic(v->domain, cmd); if ( ret ) break; @@ -467,8 +451,10 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H if ( copy_from_guest(&irq_op, arg, 1) != 0 ) break; - ret = -EPERM; - if ( !IS_PRIV(v->domain) ) + /* Use the APIC check since this dummy hypercall should still only + * be called by the domain with access to program the ioapic */ + ret = xsm_apic(v->domain, cmd); + if ( ret ) break; /* Vector is only used by hypervisor, and dom0 shouldn't @@ -517,9 +503,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H case PHYSDEVOP_manage_pci_add: { struct physdev_manage_pci manage_pci; - ret = -EPERM; - if ( !IS_PRIV(v->domain) ) - break; ret = -EFAULT; if ( copy_from_guest(&manage_pci, arg, 1) != 0 ) break; @@ -530,9 +513,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H case PHYSDEVOP_manage_pci_remove: { struct physdev_manage_pci manage_pci; - ret = -EPERM; - if ( !IS_PRIV(v->domain) ) - break; ret = -EFAULT; if ( copy_from_guest(&manage_pci, arg, 1) != 0 ) break; @@ -545,10 +525,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H struct physdev_manage_pci_ext manage_pci_ext; struct pci_dev_info pdev_info; - ret = -EPERM; - if ( !IS_PRIV(current->domain) ) - break; - ret = -EFAULT; if ( copy_from_guest(&manage_pci_ext, arg, 1) != 0 ) break; @@ -571,10 +547,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H struct physdev_pci_device_add add; struct pci_dev_info pdev_info; - ret = -EPERM; - if ( !IS_PRIV(current->domain) ) - break; - ret = -EFAULT; if ( copy_from_guest(&add, arg, 1) != 0 ) break; @@ -595,10 +567,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H case PHYSDEVOP_pci_device_remove: { struct physdev_pci_device dev; - ret = -EPERM; - if ( !IS_PRIV(v->domain) ) - break; - ret = -EFAULT; if ( copy_from_guest(&dev, arg, 1) != 0 ) break; @@ -610,10 +578,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H case PHYSDEVOP_pci_mmcfg_reserved: { struct physdev_pci_mmcfg_reserved info; - ret = -EPERM; - if ( !IS_PRIV(current->domain) ) - break; - ret = xsm_resource_setup_misc(); if ( ret ) break; @@ -631,10 +595,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H struct physdev_restore_msi restore_msi; struct pci_dev *pdev; - ret = -EPERM; - if ( !IS_PRIV(v->domain) ) - break; - ret = -EFAULT; if ( copy_from_guest(&restore_msi, arg, 1) != 0 ) break; @@ -650,10 +610,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H struct physdev_pci_device dev; struct pci_dev *pdev; - ret = -EPERM; - if ( !IS_PRIV(v->domain) ) - break; - ret = -EFAULT; if ( copy_from_guest(&dev, arg, 1) != 0 ) break; @@ -668,10 +624,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H case PHYSDEVOP_setup_gsi: { struct physdev_setup_gsi setup_gsi; - ret = -EPERM; - if ( !IS_PRIV(v->domain) ) - break; - ret = -EFAULT; if ( copy_from_guest(&setup_gsi, arg, 1) != 0 ) break; diff -r 35a0556a7f76 -r bf1e34d66558 xen/common/kexec.c --- a/xen/common/kexec.c Thu Jan 10 17:32:10 2013 +0000 +++ b/xen/common/kexec.c Fri Jan 11 10:06:43 2013 +0000 @@ -852,9 +852,6 @@ static int do_kexec_op_internal(unsigned unsigned long flags; int ret = -EINVAL; - if ( !IS_PRIV(current->domain) ) - return -EPERM; - ret = xsm_kexec(); if ( ret ) return ret; diff -r 35a0556a7f76 -r bf1e34d66558 xen/common/schedule.c --- a/xen/common/schedule.c Thu Jan 10 17:32:10 2013 +0000 +++ b/xen/common/schedule.c Fri Jan 11 10:06:43 2013 +0000 @@ -921,12 +921,6 @@ ret_t do_sched_op(int cmd, XEN_GUEST_HAN if ( d == NULL ) break; - if ( !IS_PRIV_FOR(current->domain, d) ) - { - rcu_unlock_domain(d); - return -EPERM; - } - ret = xsm_schedop_shutdown(current->domain, d); if ( ret ) { diff -r 35a0556a7f76 -r bf1e34d66558 xen/drivers/char/console.c --- a/xen/drivers/char/console.c Thu Jan 10 17:32:10 2013 +0000 +++ b/xen/drivers/char/console.c Fri Jan 11 10:06:43 2013 +0000 @@ -406,12 +406,6 @@ long do_console_io(int cmd, int count, X long rc; unsigned int idx, len; -#ifndef VERBOSE - /* Only domain 0 may access the emergency console. */ - if ( current->domain->domain_id != 0 ) - return -EPERM; -#endif - rc = xsm_console_io(current->domain, cmd); if ( rc ) return rc; diff -r 35a0556a7f76 -r bf1e34d66558 xen/include/xsm/dummy.h --- a/xen/include/xsm/dummy.h Thu Jan 10 17:32:10 2013 +0000 +++ b/xen/include/xsm/dummy.h Fri Jan 11 10:06:43 2013 +0000 @@ -161,6 +161,8 @@ static XSM_INLINE int xsm_pm_op(void) static XSM_INLINE int xsm_do_mca(void) { + if ( !IS_PRIV(current->domain) ) + return -EPERM; return 0; } @@ -223,6 +225,10 @@ static XSM_INLINE int xsm_memory_stat_re static XSM_INLINE int xsm_console_io(struct domain *d, int cmd) { +#ifndef VERBOSE + if ( !IS_PRIV(current->domain) ) + return -EPERM; +#endif return 0; } @@ -233,11 +239,15 @@ static XSM_INLINE int xsm_profile(struct static XSM_INLINE int xsm_kexec(void) { + if ( !IS_PRIV(current->domain) ) + return -EPERM; return 0; } static XSM_INLINE int xsm_schedop_shutdown(struct domain *d1, struct domain *d2) { + if ( !IS_PRIV_FOR(d1, d2) ) + return -EPERM; return 0; } @@ -336,26 +346,36 @@ static XSM_INLINE int xsm_resource_unplu static XSM_INLINE int xsm_resource_plug_pci(uint32_t machine_bdf) { + if ( !IS_PRIV(current->domain) ) + return -EPERM; return 0; } static XSM_INLINE int xsm_resource_unplug_pci(uint32_t machine_bdf) { + if ( !IS_PRIV(current->domain) ) + return -EPERM; return 0; } static XSM_INLINE int xsm_resource_setup_pci(uint32_t machine_bdf) { + if ( !IS_PRIV(current->domain) ) + return -EPERM; return 0; } static XSM_INLINE int xsm_resource_setup_gsi(int gsi) { + if ( !IS_PRIV(current->domain) ) + return -EPERM; return 0; } static XSM_INLINE int xsm_resource_setup_misc(void) { + if ( !IS_PRIV(current->domain) ) + return -EPERM; return 0; } @@ -396,6 +416,8 @@ static XSM_INLINE int xsm_map_domain_pir static XSM_INLINE int xsm_unmap_domain_pirq(struct domain *d, int irq) { + if ( !IS_PRIV_FOR(current->domain, d) ) + return -EPERM; return 0; } @@ -494,6 +516,8 @@ static XSM_INLINE int xsm_mem_sharing(st static XSM_INLINE int xsm_apic(struct domain *d, int cmd) { + if ( !IS_PRIV(d) ) + return -EPERM; return 0; } @@ -534,6 +558,8 @@ static XSM_INLINE int xsm_efi_call(void) static XSM_INLINE int xsm_acpi_sleep(void) { + if ( !IS_PRIV(current->domain) ) + return -EPERM; return 0; } @@ -549,6 +575,8 @@ static XSM_INLINE int xsm_getidletime(vo static XSM_INLINE int xsm_machine_memory_map(void) { + if ( !IS_PRIV(current->domain) ) + return -EPERM; return 0; } diff -r 35a0556a7f76 -r bf1e34d66558 xen/xsm/flask/hooks.c --- a/xen/xsm/flask/hooks.c Thu Jan 10 17:32:10 2013 +0000 +++ b/xen/xsm/flask/hooks.c Fri Jan 11 10:06:43 2013 +0000 @@ -1141,10 +1141,11 @@ static int flask_apic(struct domain *d, switch ( cmd ) { - case PHYSDEVOP_APIC_READ: + case PHYSDEVOP_apic_read: + case PHYSDEVOP_alloc_irq_vector: perm = XEN__READAPIC; break; - case PHYSDEVOP_APIC_WRITE: + case PHYSDEVOP_apic_write: perm = XEN__WRITEAPIC; break; default: _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:20 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:20 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGE-0007J7-Rz; Wed, 16 Jan 2013 08:22:14 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGC-0007Iw-I8 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:12 +0000 Received: from [85.158.139.211:28328] by server-2.bemta-5.messagelabs.com id 0E/F1-03587-33366F05; Wed, 16 Jan 2013 08:22:11 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-3.tower-206.messagelabs.com!1358324529!18304946!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 17199 invoked from network); 16 Jan 2013 08:22:10 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-3.tower-206.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:10 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOG9-0003qr-0g for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOG8-0000Xi-Dh for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:08 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:07 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen: use XSM instead of IS_PRIV where duplicated X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357898803 0 # Node ID bf1e34d665580679b02a67075f809d88f39646f8 # Parent 35a0556a7f76c9a6f616cfc9d5a82dccfe36b994 xen: use XSM instead of IS_PRIV where duplicated The Xen hypervisor has two basic access control function calls: IS_PRIV and the xsm_* functions. Most privileged operations currently require that both checks succeed, and many times the checks are at different locations in the code. This patch eliminates the explicit and implicit IS_PRIV checks that are duplicated in XSM hooks. When XSM_ENABLE is not defined or when the dummy XSM module is used, this patch should not change any functionality. Because the locations of privilege checks have sometimes moved below argument validation, error returns of some functions may change from EPERM to EINVAL or ESRCH if called with invalid arguments and from a domain without permission to perform the operation. Some checks are removed due to non-obvious duplicates in their callers: * acpi_enter_sleep is checked in XENPF_enter_acpi_sleep * map_domain_pirq has IS_PRIV_FOR checked in its callers: * physdev_map_pirq checks when acquiring the RCU lock * ioapic_guest_write is checked in PHYSDEVOP_apic_write * PHYSDEVOP_{manage_pci_add,manage_pci_add_ext,pci_device_add} are checked by xsm_resource_plug_pci in pci_add_device * PHYSDEVOP_manage_pci_remove is checked by xsm_resource_unplug_pci in pci_remove_device * PHYSDEVOP_{restore_msi,restore_msi_ext} are checked by xsm_resource_setup_pci in pci_restore_msi_state * do_console_io has changed to IS_PRIV from an explicit domid==0 Signed-off-by: Daniel De Graaf Acked-by: Jan Beulich Committed-by: Keir Fraser --- diff -r 35a0556a7f76 -r bf1e34d66558 xen/arch/x86/acpi/power.c --- a/xen/arch/x86/acpi/power.c Thu Jan 10 17:32:10 2013 +0000 +++ b/xen/arch/x86/acpi/power.c Fri Jan 11 10:06:43 2013 +0000 @@ -239,7 +239,7 @@ static long enter_state_helper(void *dat */ int acpi_enter_sleep(struct xenpf_enter_acpi_sleep *sleep) { - if ( !IS_PRIV(current->domain) || !acpi_sinfo.pm1a_cnt_blk.address ) + if ( !acpi_sinfo.pm1a_cnt_blk.address ) return -EPERM; /* Sanity check */ diff -r 35a0556a7f76 -r bf1e34d66558 xen/arch/x86/cpu/mcheck/mce.c --- a/xen/arch/x86/cpu/mcheck/mce.c Thu Jan 10 17:32:10 2013 +0000 +++ b/xen/arch/x86/cpu/mcheck/mce.c Fri Jan 11 10:06:43 2013 +0000 @@ -1293,9 +1293,6 @@ long do_mca(XEN_GUEST_HANDLE_PARAM(xen_m struct xen_mc_msrinject *mc_msrinject; struct xen_mc_mceinject *mc_mceinject; - if (!IS_PRIV(v->domain) ) - return x86_mcerr(NULL, -EPERM); - ret = xsm_do_mca(); if ( ret ) return x86_mcerr(NULL, ret); diff -r 35a0556a7f76 -r bf1e34d66558 xen/arch/x86/irq.c --- a/xen/arch/x86/irq.c Thu Jan 10 17:32:10 2013 +0000 +++ b/xen/arch/x86/irq.c Fri Jan 11 10:06:43 2013 +0000 @@ -1853,8 +1853,7 @@ int map_domain_pirq( ASSERT(spin_is_locked(&d->event_lock)); if ( !IS_PRIV(current->domain) && - !(IS_PRIV_FOR(current->domain, d) && - irq_access_permitted(current->domain, pirq))) + !irq_access_permitted(current->domain, pirq)) return -EPERM; if ( pirq < 0 || pirq >= d->nr_pirqs || irq < 0 || irq >= nr_irqs ) diff -r 35a0556a7f76 -r bf1e34d66558 xen/arch/x86/mm.c --- a/xen/arch/x86/mm.c Thu Jan 10 17:32:10 2013 +0000 +++ b/xen/arch/x86/mm.c Fri Jan 11 10:06:43 2013 +0000 @@ -4493,9 +4493,6 @@ long arch_memory_op(int op, XEN_GUEST_HA XEN_GUEST_HANDLE_PARAM(e820entry_t) buffer_param; unsigned int i; - if ( !IS_PRIV(current->domain) ) - return -EINVAL; - rc = xsm_machine_memory_map(); if ( rc ) return rc; diff -r 35a0556a7f76 -r bf1e34d66558 xen/arch/x86/physdev.c --- a/xen/arch/x86/physdev.c Thu Jan 10 17:32:10 2013 +0000 +++ b/xen/arch/x86/physdev.c Fri Jan 11 10:06:43 2013 +0000 @@ -109,12 +109,6 @@ int physdev_map_pirq(domid_t domid, int if ( ret ) return ret; - if ( !IS_PRIV_FOR(current->domain, d) ) - { - ret = -EPERM; - goto free_domain; - } - /* Verify or get irq. */ switch ( type ) { @@ -238,10 +232,6 @@ int physdev_unmap_pirq(domid_t domid, in goto free_domain; } - ret = -EPERM; - if ( !IS_PRIV_FOR(current->domain, d) ) - goto free_domain; - ret = xsm_unmap_domain_pirq(d, domain_pirq_to_irq(d, pirq)); if ( ret ) goto free_domain; @@ -433,9 +423,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H ret = -EFAULT; if ( copy_from_guest(&apic, arg, 1) != 0 ) break; - ret = -EPERM; - if ( !IS_PRIV(v->domain) ) - break; ret = xsm_apic(v->domain, cmd); if ( ret ) break; @@ -450,9 +437,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H ret = -EFAULT; if ( copy_from_guest(&apic, arg, 1) != 0 ) break; - ret = -EPERM; - if ( !IS_PRIV(v->domain) ) - break; ret = xsm_apic(v->domain, cmd); if ( ret ) break; @@ -467,8 +451,10 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H if ( copy_from_guest(&irq_op, arg, 1) != 0 ) break; - ret = -EPERM; - if ( !IS_PRIV(v->domain) ) + /* Use the APIC check since this dummy hypercall should still only + * be called by the domain with access to program the ioapic */ + ret = xsm_apic(v->domain, cmd); + if ( ret ) break; /* Vector is only used by hypervisor, and dom0 shouldn't @@ -517,9 +503,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H case PHYSDEVOP_manage_pci_add: { struct physdev_manage_pci manage_pci; - ret = -EPERM; - if ( !IS_PRIV(v->domain) ) - break; ret = -EFAULT; if ( copy_from_guest(&manage_pci, arg, 1) != 0 ) break; @@ -530,9 +513,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H case PHYSDEVOP_manage_pci_remove: { struct physdev_manage_pci manage_pci; - ret = -EPERM; - if ( !IS_PRIV(v->domain) ) - break; ret = -EFAULT; if ( copy_from_guest(&manage_pci, arg, 1) != 0 ) break; @@ -545,10 +525,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H struct physdev_manage_pci_ext manage_pci_ext; struct pci_dev_info pdev_info; - ret = -EPERM; - if ( !IS_PRIV(current->domain) ) - break; - ret = -EFAULT; if ( copy_from_guest(&manage_pci_ext, arg, 1) != 0 ) break; @@ -571,10 +547,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H struct physdev_pci_device_add add; struct pci_dev_info pdev_info; - ret = -EPERM; - if ( !IS_PRIV(current->domain) ) - break; - ret = -EFAULT; if ( copy_from_guest(&add, arg, 1) != 0 ) break; @@ -595,10 +567,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H case PHYSDEVOP_pci_device_remove: { struct physdev_pci_device dev; - ret = -EPERM; - if ( !IS_PRIV(v->domain) ) - break; - ret = -EFAULT; if ( copy_from_guest(&dev, arg, 1) != 0 ) break; @@ -610,10 +578,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H case PHYSDEVOP_pci_mmcfg_reserved: { struct physdev_pci_mmcfg_reserved info; - ret = -EPERM; - if ( !IS_PRIV(current->domain) ) - break; - ret = xsm_resource_setup_misc(); if ( ret ) break; @@ -631,10 +595,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H struct physdev_restore_msi restore_msi; struct pci_dev *pdev; - ret = -EPERM; - if ( !IS_PRIV(v->domain) ) - break; - ret = -EFAULT; if ( copy_from_guest(&restore_msi, arg, 1) != 0 ) break; @@ -650,10 +610,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H struct physdev_pci_device dev; struct pci_dev *pdev; - ret = -EPERM; - if ( !IS_PRIV(v->domain) ) - break; - ret = -EFAULT; if ( copy_from_guest(&dev, arg, 1) != 0 ) break; @@ -668,10 +624,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H case PHYSDEVOP_setup_gsi: { struct physdev_setup_gsi setup_gsi; - ret = -EPERM; - if ( !IS_PRIV(v->domain) ) - break; - ret = -EFAULT; if ( copy_from_guest(&setup_gsi, arg, 1) != 0 ) break; diff -r 35a0556a7f76 -r bf1e34d66558 xen/common/kexec.c --- a/xen/common/kexec.c Thu Jan 10 17:32:10 2013 +0000 +++ b/xen/common/kexec.c Fri Jan 11 10:06:43 2013 +0000 @@ -852,9 +852,6 @@ static int do_kexec_op_internal(unsigned unsigned long flags; int ret = -EINVAL; - if ( !IS_PRIV(current->domain) ) - return -EPERM; - ret = xsm_kexec(); if ( ret ) return ret; diff -r 35a0556a7f76 -r bf1e34d66558 xen/common/schedule.c --- a/xen/common/schedule.c Thu Jan 10 17:32:10 2013 +0000 +++ b/xen/common/schedule.c Fri Jan 11 10:06:43 2013 +0000 @@ -921,12 +921,6 @@ ret_t do_sched_op(int cmd, XEN_GUEST_HAN if ( d == NULL ) break; - if ( !IS_PRIV_FOR(current->domain, d) ) - { - rcu_unlock_domain(d); - return -EPERM; - } - ret = xsm_schedop_shutdown(current->domain, d); if ( ret ) { diff -r 35a0556a7f76 -r bf1e34d66558 xen/drivers/char/console.c --- a/xen/drivers/char/console.c Thu Jan 10 17:32:10 2013 +0000 +++ b/xen/drivers/char/console.c Fri Jan 11 10:06:43 2013 +0000 @@ -406,12 +406,6 @@ long do_console_io(int cmd, int count, X long rc; unsigned int idx, len; -#ifndef VERBOSE - /* Only domain 0 may access the emergency console. */ - if ( current->domain->domain_id != 0 ) - return -EPERM; -#endif - rc = xsm_console_io(current->domain, cmd); if ( rc ) return rc; diff -r 35a0556a7f76 -r bf1e34d66558 xen/include/xsm/dummy.h --- a/xen/include/xsm/dummy.h Thu Jan 10 17:32:10 2013 +0000 +++ b/xen/include/xsm/dummy.h Fri Jan 11 10:06:43 2013 +0000 @@ -161,6 +161,8 @@ static XSM_INLINE int xsm_pm_op(void) static XSM_INLINE int xsm_do_mca(void) { + if ( !IS_PRIV(current->domain) ) + return -EPERM; return 0; } @@ -223,6 +225,10 @@ static XSM_INLINE int xsm_memory_stat_re static XSM_INLINE int xsm_console_io(struct domain *d, int cmd) { +#ifndef VERBOSE + if ( !IS_PRIV(current->domain) ) + return -EPERM; +#endif return 0; } @@ -233,11 +239,15 @@ static XSM_INLINE int xsm_profile(struct static XSM_INLINE int xsm_kexec(void) { + if ( !IS_PRIV(current->domain) ) + return -EPERM; return 0; } static XSM_INLINE int xsm_schedop_shutdown(struct domain *d1, struct domain *d2) { + if ( !IS_PRIV_FOR(d1, d2) ) + return -EPERM; return 0; } @@ -336,26 +346,36 @@ static XSM_INLINE int xsm_resource_unplu static XSM_INLINE int xsm_resource_plug_pci(uint32_t machine_bdf) { + if ( !IS_PRIV(current->domain) ) + return -EPERM; return 0; } static XSM_INLINE int xsm_resource_unplug_pci(uint32_t machine_bdf) { + if ( !IS_PRIV(current->domain) ) + return -EPERM; return 0; } static XSM_INLINE int xsm_resource_setup_pci(uint32_t machine_bdf) { + if ( !IS_PRIV(current->domain) ) + return -EPERM; return 0; } static XSM_INLINE int xsm_resource_setup_gsi(int gsi) { + if ( !IS_PRIV(current->domain) ) + return -EPERM; return 0; } static XSM_INLINE int xsm_resource_setup_misc(void) { + if ( !IS_PRIV(current->domain) ) + return -EPERM; return 0; } @@ -396,6 +416,8 @@ static XSM_INLINE int xsm_map_domain_pir static XSM_INLINE int xsm_unmap_domain_pirq(struct domain *d, int irq) { + if ( !IS_PRIV_FOR(current->domain, d) ) + return -EPERM; return 0; } @@ -494,6 +516,8 @@ static XSM_INLINE int xsm_mem_sharing(st static XSM_INLINE int xsm_apic(struct domain *d, int cmd) { + if ( !IS_PRIV(d) ) + return -EPERM; return 0; } @@ -534,6 +558,8 @@ static XSM_INLINE int xsm_efi_call(void) static XSM_INLINE int xsm_acpi_sleep(void) { + if ( !IS_PRIV(current->domain) ) + return -EPERM; return 0; } @@ -549,6 +575,8 @@ static XSM_INLINE int xsm_getidletime(vo static XSM_INLINE int xsm_machine_memory_map(void) { + if ( !IS_PRIV(current->domain) ) + return -EPERM; return 0; } diff -r 35a0556a7f76 -r bf1e34d66558 xen/xsm/flask/hooks.c --- a/xen/xsm/flask/hooks.c Thu Jan 10 17:32:10 2013 +0000 +++ b/xen/xsm/flask/hooks.c Fri Jan 11 10:06:43 2013 +0000 @@ -1141,10 +1141,11 @@ static int flask_apic(struct domain *d, switch ( cmd ) { - case PHYSDEVOP_APIC_READ: + case PHYSDEVOP_apic_read: + case PHYSDEVOP_alloc_irq_vector: perm = XEN__READAPIC; break; - case PHYSDEVOP_APIC_WRITE: + case PHYSDEVOP_apic_write: perm = XEN__WRITEAPIC; break; default: _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:21 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:21 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGH-0007JS-2b; Wed, 16 Jan 2013 08:22:17 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGF-0007J6-9o for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:15 +0000 Received: from [85.158.138.51:54204] by server-9.bemta-3.messagelabs.com id C9/49-04352-63366F05; Wed, 16 Jan 2013 08:22:14 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-11.tower-174.messagelabs.com!1358324531!28188400!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 30045 invoked from network); 16 Jan 2013 08:22:12 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-11.tower-174.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:12 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGB-0003r6-FU for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:11 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGB-0000Yx-5o for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:11 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:10 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xsm: Move flask policy files into hypervisor (missed from earlier commit). X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Keir Fraser # Date 1357900566 0 # Node ID e391d7de856c629fb19625d68e888d618b5a374d # Parent f8156587c7fafb1d708553e83ca569ed8172050b xsm: Move flask policy files into hypervisor (missed from earlier commit). Signed-off-by: Keir Fraser --- diff -r f8156587c7fa -r e391d7de856c tools/flask/policy/policy/flask/access_vectors --- a/tools/flask/policy/policy/flask/access_vectors Fri Jan 11 10:11:02 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,178 +0,0 @@ -# -# Define the access vectors. -# -# class class_name { permission_name ... } - -class xen -{ - scheduler - settime - tbufcontrol - readconsole - clearconsole - perfcontrol - mtrr_add - mtrr_del - mtrr_read - microcode - physinfo - quirk - writeconsole - readapic - writeapic - privprofile - nonprivprofile - kexec - firmware - sleep - frequency - getidle - debug - getcpuinfo - heap - pm_op - mca_op - lockprof - cpupool_op - sched_op -} - -class domain -{ - setvcpucontext - pause - unpause - resume - create - transition - max_vcpus - destroy - setvcpuaffinity - getvcpuaffinity - scheduler - getdomaininfo - getvcpuinfo - getvcpucontext - setdomainmaxmem - setdomainhandle - setdebugging - hypercall - settime - set_target - shutdown - setaddrsize - getaddrsize - trigger - getextvcpucontext - setextvcpucontext - getvcpuextstate - setvcpuextstate - getpodtarget - setpodtarget - set_misc_info - set_virq_handler -} - -class domain2 -{ - relabelfrom - relabelto - relabelself -} - -class hvm -{ - sethvmc - gethvmc - setparam - getparam - pcilevel - irqlevel - pciroute - bind_irq - cacheattr - trackdirtyvram - hvmctl - mem_event - mem_sharing -} - -class event -{ - bind - send - status - notify - create - reset -} - -class grant -{ - map_read - map_write - unmap - transfer - setup - copy - query -} - -class mmu -{ - map_read - map_write - pageinfo - pagelist - adjust - stat - translategp - updatemp - physmap - pinpage - mfnlist - memorymap - remote_remap -} - -class shadow -{ - disable - enable - logdirty -} - -class resource -{ - add - remove - use - add_irq - remove_irq - add_ioport - remove_ioport - add_iomem - remove_iomem - stat_device - add_device - remove_device - plug - unplug - setup -} - -class security -{ - compute_av - compute_create - compute_member - check_context - load_policy - compute_relabel - compute_user - setenforce - setbool - setsecparam - add_ocontext - del_ocontext -} diff -r f8156587c7fa -r e391d7de856c tools/flask/policy/policy/flask/initial_sids --- a/tools/flask/policy/policy/flask/initial_sids Fri Jan 11 10:11:02 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,16 +0,0 @@ -# FLASK - -# -# Define initial security identifiers -# -sid xen -sid dom0 -sid domio -sid domxen -sid unlabeled -sid security -sid ioport -sid iomem -sid irq -sid device -# FLASK diff -r f8156587c7fa -r e391d7de856c tools/flask/policy/policy/flask/mkaccess_vector.sh --- a/tools/flask/policy/policy/flask/mkaccess_vector.sh Fri Jan 11 10:11:02 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,138 +0,0 @@ -#!/bin/sh - -# - -# FLASK - -set -e - -awk=$1 -shift - -# output files -av_permissions="include/av_permissions.h" -av_perm_to_string="include/av_perm_to_string.h" - -cat $* | $awk " -BEGIN { - outfile = \"$av_permissions\" - avpermfile = \"$av_perm_to_string\" - "' - nextstate = "COMMON_OR_AV"; - printf("/* This file is automatically generated. Do not edit. */\n") > outfile; - printf("/* This file is automatically generated. Do not edit. */\n") > avpermfile; -; - } -/^[ \t]*#/ { - next; - } -$1 == "class" { - if (nextstate != "COMMON_OR_AV" && - nextstate != "CLASS_OR_CLASS-OPENBRACKET") - { - printf("Parse error: Unexpected class definition on line %d\n", NR); - next; - } - - tclass = $2; - - if (tclass in av_defined) - { - printf("Duplicate access vector definition for %s on line %d\n", tclass, NR); - next; - } - av_defined[tclass] = 1; - - permission = 1; - - nextstate = "INHERITS_OR_CLASS-OPENBRACKET"; - next; - } -$1 == "{" { - if (nextstate != "INHERITS_OR_CLASS-OPENBRACKET" && - nextstate != "CLASS_OR_CLASS-OPENBRACKET" && - nextstate != "COMMON-OPENBRACKET") - { - printf("Parse error: Unexpected { on line %d\n", NR); - next; - } - - if (nextstate == "INHERITS_OR_CLASS-OPENBRACKET") - nextstate = "CLASS-CLOSEBRACKET"; - - if (nextstate == "CLASS_OR_CLASS-OPENBRACKET") - nextstate = "CLASS-CLOSEBRACKET"; - - if (nextstate == "COMMON-OPENBRACKET") - nextstate = "COMMON-CLOSEBRACKET"; - } -/[a-z][a-z_]*/ { - if (nextstate != "COMMON-CLOSEBRACKET" && - nextstate != "CLASS-CLOSEBRACKET") - { - printf("Parse error: Unexpected symbol %s on line %d\n", $1, NR); - next; - } - - if (nextstate == "COMMON-CLOSEBRACKET") - { - if ((common_name,$1) in common_perms) - { - printf("Duplicate permission %s for common %s on line %d.\n", $1, common_name, NR); - next; - } - - common_perms[common_name,$1] = permission; - - printf("#define COMMON_%s__%s", toupper(common_name), toupper($1)) > outfile; - - printf(" S_(\"%s\")\n", $1) > cpermfile; - } - else - { - if ((tclass,$1) in av_perms) - { - printf("Duplicate permission %s for %s on line %d.\n", $1, tclass, NR); - next; - } - - av_perms[tclass,$1] = permission; - - printf("#define %s__%s", toupper(tclass), toupper($1)) > outfile; - - printf(" S_(SECCLASS_%s, %s__%s, \"%s\")\n", toupper(tclass), toupper(tclass), toupper($1), $1) > avpermfile; - } - - spaces = 40 - (length($1) + length(tclass)); - if (spaces < 1) - spaces = 1; - - for (i = 0; i < spaces; i++) - printf(" ") > outfile; - printf("0x%08xUL\n", permission) > outfile; - permission = permission * 2; - } -$1 == "}" { - if (nextstate != "CLASS-CLOSEBRACKET" && - nextstate != "COMMON-CLOSEBRACKET") - { - printf("Parse error: Unexpected } on line %d\n", NR); - next; - } - - if (nextstate == "COMMON-CLOSEBRACKET") - { - common_base[common_name] = permission; - printf("TE_(common_%s_perm_to_string)\n\n", common_name) > cpermfile; - } - - printf("\n") > outfile; - - nextstate = "COMMON_OR_AV"; - } -END { - if (nextstate != "COMMON_OR_AV" && nextstate != "CLASS_OR_CLASS-OPENBRACKET") - printf("Parse error: Unexpected end of file\n"); - - }' - -# FLASK diff -r f8156587c7fa -r e391d7de856c tools/flask/policy/policy/flask/mkflask.sh --- a/tools/flask/policy/policy/flask/mkflask.sh Fri Jan 11 10:11:02 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,95 +0,0 @@ -#!/bin/sh - -# - -# FLASK - -set -e - -awk=$1 -shift 1 - -# output file -output_file="include/flask.h" -debug_file="include/class_to_string.h" -debug_file2="include/initial_sid_to_string.h" - -cat $* | $awk " -BEGIN { - outfile = \"$output_file\" - debugfile = \"$debug_file\" - debugfile2 = \"$debug_file2\" - "' - nextstate = "CLASS"; - - printf("/* This file is automatically generated. Do not edit. */\n") > outfile; - - printf("#ifndef _SELINUX_FLASK_H_\n") > outfile; - printf("#define _SELINUX_FLASK_H_\n") > outfile; - printf("\n/*\n * Security object class definitions\n */\n") > outfile; - printf("/* This file is automatically generated. Do not edit. */\n") > debugfile; - printf("/*\n * Security object class definitions\n */\n") > debugfile; - printf(" S_(\"null\")\n") > debugfile; - printf("/* This file is automatically generated. Do not edit. */\n") > debugfile2; - printf("static char *initial_sid_to_string[] =\n{\n") > debugfile2; - printf(" \"null\",\n") > debugfile2; - } -/^[ \t]*#/ { - next; - } -$1 == "class" { - if (nextstate != "CLASS") - { - printf("Parse error: Unexpected class definition on line %d\n", NR); - next; - } - - if ($2 in class_found) - { - printf("Duplicate class definition for %s on line %d.\n", $2, NR); - next; - } - class_found[$2] = 1; - - class_value++; - - printf("#define SECCLASS_%s", toupper($2)) > outfile; - for (i = 0; i < 40 - length($2); i++) - printf(" ") > outfile; - printf("%d\n", class_value) > outfile; - - printf(" S_(\"%s\")\n", $2) > debugfile; - } -$1 == "sid" { - if (nextstate == "CLASS") - { - nextstate = "SID"; - printf("\n/*\n * Security identifier indices for initial entities\n */\n") > outfile; - } - - if ($2 in sid_found) - { - printf("Duplicate SID definition for %s on line %d.\n", $2, NR); - next; - } - sid_found[$2] = 1; - sid_value++; - - printf("#define SECINITSID_%s", toupper($2)) > outfile; - for (i = 0; i < 37 - length($2); i++) - printf(" ") > outfile; - printf("%d\n", sid_value) > outfile; - printf(" \"%s\",\n", $2) > debugfile2; - } -END { - if (nextstate != "SID") - printf("Parse error: Unexpected end of file\n"); - - printf("\n#define SECINITSID_NUM") > outfile; - for (i = 0; i < 34; i++) - printf(" ") > outfile; - printf("%d\n", sid_value) > outfile; - printf("\n#endif\n") > outfile; - printf("};\n\n") > debugfile2; - }' - -# FLASK diff -r f8156587c7fa -r e391d7de856c tools/flask/policy/policy/flask/security_classes --- a/tools/flask/policy/policy/flask/security_classes Fri Jan 11 10:11:02 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,21 +0,0 @@ -# FLASK - -# -# Define the security object classes -# - -# Classes marked as userspace are classes -# for userspace object managers - -class xen -class domain -class domain2 -class hvm -class mmu -class resource -class shadow -class event -class grant -class security - -# FLASK diff -r f8156587c7fa -r e391d7de856c xen/xsm/flask/policy/access_vectors --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:36:06 2013 +0000 @@ -0,0 +1,178 @@ +# +# Define the access vectors. +# +# class class_name { permission_name ... } + +class xen +{ + scheduler + settime + tbufcontrol + readconsole + clearconsole + perfcontrol + mtrr_add + mtrr_del + mtrr_read + microcode + physinfo + quirk + writeconsole + readapic + writeapic + privprofile + nonprivprofile + kexec + firmware + sleep + frequency + getidle + debug + getcpuinfo + heap + pm_op + mca_op + lockprof + cpupool_op + sched_op +} + +class domain +{ + setvcpucontext + pause + unpause + resume + create + transition + max_vcpus + destroy + setvcpuaffinity + getvcpuaffinity + scheduler + getdomaininfo + getvcpuinfo + getvcpucontext + setdomainmaxmem + setdomainhandle + setdebugging + hypercall + settime + set_target + shutdown + setaddrsize + getaddrsize + trigger + getextvcpucontext + setextvcpucontext + getvcpuextstate + setvcpuextstate + getpodtarget + setpodtarget + set_misc_info + set_virq_handler +} + +class domain2 +{ + relabelfrom + relabelto + relabelself +} + +class hvm +{ + sethvmc + gethvmc + setparam + getparam + pcilevel + irqlevel + pciroute + bind_irq + cacheattr + trackdirtyvram + hvmctl + mem_event + mem_sharing +} + +class event +{ + bind + send + status + notify + create + reset +} + +class grant +{ + map_read + map_write + unmap + transfer + setup + copy + query +} + +class mmu +{ + map_read + map_write + pageinfo + pagelist + adjust + stat + translategp + updatemp + physmap + pinpage + mfnlist + memorymap + remote_remap +} + +class shadow +{ + disable + enable + logdirty +} + +class resource +{ + add + remove + use + add_irq + remove_irq + add_ioport + remove_ioport + add_iomem + remove_iomem + stat_device + add_device + remove_device + plug + unplug + setup +} + +class security +{ + compute_av + compute_create + compute_member + check_context + load_policy + compute_relabel + compute_user + setenforce + setbool + setsecparam + add_ocontext + del_ocontext +} diff -r f8156587c7fa -r e391d7de856c xen/xsm/flask/policy/initial_sids --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/xen/xsm/flask/policy/initial_sids Fri Jan 11 10:36:06 2013 +0000 @@ -0,0 +1,16 @@ +# FLASK + +# +# Define initial security identifiers +# +sid xen +sid dom0 +sid domio +sid domxen +sid unlabeled +sid security +sid ioport +sid iomem +sid irq +sid device +# FLASK diff -r f8156587c7fa -r e391d7de856c xen/xsm/flask/policy/mkaccess_vector.sh --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/xen/xsm/flask/policy/mkaccess_vector.sh Fri Jan 11 10:36:06 2013 +0000 @@ -0,0 +1,138 @@ +#!/bin/sh - +# + +# FLASK + +set -e + +awk=$1 +shift + +# output files +av_permissions="include/av_permissions.h" +av_perm_to_string="include/av_perm_to_string.h" + +cat $* | $awk " +BEGIN { + outfile = \"$av_permissions\" + avpermfile = \"$av_perm_to_string\" + "' + nextstate = "COMMON_OR_AV"; + printf("/* This file is automatically generated. Do not edit. */\n") > outfile; + printf("/* This file is automatically generated. Do not edit. */\n") > avpermfile; +; + } +/^[ \t]*#/ { + next; + } +$1 == "class" { + if (nextstate != "COMMON_OR_AV" && + nextstate != "CLASS_OR_CLASS-OPENBRACKET") + { + printf("Parse error: Unexpected class definition on line %d\n", NR); + next; + } + + tclass = $2; + + if (tclass in av_defined) + { + printf("Duplicate access vector definition for %s on line %d\n", tclass, NR); + next; + } + av_defined[tclass] = 1; + + permission = 1; + + nextstate = "INHERITS_OR_CLASS-OPENBRACKET"; + next; + } +$1 == "{" { + if (nextstate != "INHERITS_OR_CLASS-OPENBRACKET" && + nextstate != "CLASS_OR_CLASS-OPENBRACKET" && + nextstate != "COMMON-OPENBRACKET") + { + printf("Parse error: Unexpected { on line %d\n", NR); + next; + } + + if (nextstate == "INHERITS_OR_CLASS-OPENBRACKET") + nextstate = "CLASS-CLOSEBRACKET"; + + if (nextstate == "CLASS_OR_CLASS-OPENBRACKET") + nextstate = "CLASS-CLOSEBRACKET"; + + if (nextstate == "COMMON-OPENBRACKET") + nextstate = "COMMON-CLOSEBRACKET"; + } +/[a-z][a-z_]*/ { + if (nextstate != "COMMON-CLOSEBRACKET" && + nextstate != "CLASS-CLOSEBRACKET") + { + printf("Parse error: Unexpected symbol %s on line %d\n", $1, NR); + next; + } + + if (nextstate == "COMMON-CLOSEBRACKET") + { + if ((common_name,$1) in common_perms) + { + printf("Duplicate permission %s for common %s on line %d.\n", $1, common_name, NR); + next; + } + + common_perms[common_name,$1] = permission; + + printf("#define COMMON_%s__%s", toupper(common_name), toupper($1)) > outfile; + + printf(" S_(\"%s\")\n", $1) > cpermfile; + } + else + { + if ((tclass,$1) in av_perms) + { + printf("Duplicate permission %s for %s on line %d.\n", $1, tclass, NR); + next; + } + + av_perms[tclass,$1] = permission; + + printf("#define %s__%s", toupper(tclass), toupper($1)) > outfile; + + printf(" S_(SECCLASS_%s, %s__%s, \"%s\")\n", toupper(tclass), toupper(tclass), toupper($1), $1) > avpermfile; + } + + spaces = 40 - (length($1) + length(tclass)); + if (spaces < 1) + spaces = 1; + + for (i = 0; i < spaces; i++) + printf(" ") > outfile; + printf("0x%08xUL\n", permission) > outfile; + permission = permission * 2; + } +$1 == "}" { + if (nextstate != "CLASS-CLOSEBRACKET" && + nextstate != "COMMON-CLOSEBRACKET") + { + printf("Parse error: Unexpected } on line %d\n", NR); + next; + } + + if (nextstate == "COMMON-CLOSEBRACKET") + { + common_base[common_name] = permission; + printf("TE_(common_%s_perm_to_string)\n\n", common_name) > cpermfile; + } + + printf("\n") > outfile; + + nextstate = "COMMON_OR_AV"; + } +END { + if (nextstate != "COMMON_OR_AV" && nextstate != "CLASS_OR_CLASS-OPENBRACKET") + printf("Parse error: Unexpected end of file\n"); + + }' + +# FLASK diff -r f8156587c7fa -r e391d7de856c xen/xsm/flask/policy/mkflask.sh --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/xen/xsm/flask/policy/mkflask.sh Fri Jan 11 10:36:06 2013 +0000 @@ -0,0 +1,95 @@ +#!/bin/sh - +# + +# FLASK + +set -e + +awk=$1 +shift 1 + +# output file +output_file="include/flask.h" +debug_file="include/class_to_string.h" +debug_file2="include/initial_sid_to_string.h" + +cat $* | $awk " +BEGIN { + outfile = \"$output_file\" + debugfile = \"$debug_file\" + debugfile2 = \"$debug_file2\" + "' + nextstate = "CLASS"; + + printf("/* This file is automatically generated. Do not edit. */\n") > outfile; + + printf("#ifndef _SELINUX_FLASK_H_\n") > outfile; + printf("#define _SELINUX_FLASK_H_\n") > outfile; + printf("\n/*\n * Security object class definitions\n */\n") > outfile; + printf("/* This file is automatically generated. Do not edit. */\n") > debugfile; + printf("/*\n * Security object class definitions\n */\n") > debugfile; + printf(" S_(\"null\")\n") > debugfile; + printf("/* This file is automatically generated. Do not edit. */\n") > debugfile2; + printf("static char *initial_sid_to_string[] =\n{\n") > debugfile2; + printf(" \"null\",\n") > debugfile2; + } +/^[ \t]*#/ { + next; + } +$1 == "class" { + if (nextstate != "CLASS") + { + printf("Parse error: Unexpected class definition on line %d\n", NR); + next; + } + + if ($2 in class_found) + { + printf("Duplicate class definition for %s on line %d.\n", $2, NR); + next; + } + class_found[$2] = 1; + + class_value++; + + printf("#define SECCLASS_%s", toupper($2)) > outfile; + for (i = 0; i < 40 - length($2); i++) + printf(" ") > outfile; + printf("%d\n", class_value) > outfile; + + printf(" S_(\"%s\")\n", $2) > debugfile; + } +$1 == "sid" { + if (nextstate == "CLASS") + { + nextstate = "SID"; + printf("\n/*\n * Security identifier indices for initial entities\n */\n") > outfile; + } + + if ($2 in sid_found) + { + printf("Duplicate SID definition for %s on line %d.\n", $2, NR); + next; + } + sid_found[$2] = 1; + sid_value++; + + printf("#define SECINITSID_%s", toupper($2)) > outfile; + for (i = 0; i < 37 - length($2); i++) + printf(" ") > outfile; + printf("%d\n", sid_value) > outfile; + printf(" \"%s\",\n", $2) > debugfile2; + } +END { + if (nextstate != "SID") + printf("Parse error: Unexpected end of file\n"); + + printf("\n#define SECINITSID_NUM") > outfile; + for (i = 0; i < 34; i++) + printf(" ") > outfile; + printf("%d\n", sid_value) > outfile; + printf("\n#endif\n") > outfile; + printf("};\n\n") > debugfile2; + }' + +# FLASK diff -r f8156587c7fa -r e391d7de856c xen/xsm/flask/policy/security_classes --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/xen/xsm/flask/policy/security_classes Fri Jan 11 10:36:06 2013 +0000 @@ -0,0 +1,21 @@ +# FLASK + +# +# Define the security object classes +# + +# Classes marked as userspace are classes +# for userspace object managers + +class xen +class domain +class domain2 +class hvm +class mmu +class resource +class shadow +class event +class grant +class security + +# FLASK _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:21 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:21 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGH-0007JS-2b; Wed, 16 Jan 2013 08:22:17 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGF-0007J6-9o for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:15 +0000 Received: from [85.158.138.51:54204] by server-9.bemta-3.messagelabs.com id C9/49-04352-63366F05; Wed, 16 Jan 2013 08:22:14 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-11.tower-174.messagelabs.com!1358324531!28188400!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 30045 invoked from network); 16 Jan 2013 08:22:12 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-11.tower-174.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:12 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGB-0003r6-FU for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:11 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGB-0000Yx-5o for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:11 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:10 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xsm: Move flask policy files into hypervisor (missed from earlier commit). X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Keir Fraser # Date 1357900566 0 # Node ID e391d7de856c629fb19625d68e888d618b5a374d # Parent f8156587c7fafb1d708553e83ca569ed8172050b xsm: Move flask policy files into hypervisor (missed from earlier commit). Signed-off-by: Keir Fraser --- diff -r f8156587c7fa -r e391d7de856c tools/flask/policy/policy/flask/access_vectors --- a/tools/flask/policy/policy/flask/access_vectors Fri Jan 11 10:11:02 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,178 +0,0 @@ -# -# Define the access vectors. -# -# class class_name { permission_name ... } - -class xen -{ - scheduler - settime - tbufcontrol - readconsole - clearconsole - perfcontrol - mtrr_add - mtrr_del - mtrr_read - microcode - physinfo - quirk - writeconsole - readapic - writeapic - privprofile - nonprivprofile - kexec - firmware - sleep - frequency - getidle - debug - getcpuinfo - heap - pm_op - mca_op - lockprof - cpupool_op - sched_op -} - -class domain -{ - setvcpucontext - pause - unpause - resume - create - transition - max_vcpus - destroy - setvcpuaffinity - getvcpuaffinity - scheduler - getdomaininfo - getvcpuinfo - getvcpucontext - setdomainmaxmem - setdomainhandle - setdebugging - hypercall - settime - set_target - shutdown - setaddrsize - getaddrsize - trigger - getextvcpucontext - setextvcpucontext - getvcpuextstate - setvcpuextstate - getpodtarget - setpodtarget - set_misc_info - set_virq_handler -} - -class domain2 -{ - relabelfrom - relabelto - relabelself -} - -class hvm -{ - sethvmc - gethvmc - setparam - getparam - pcilevel - irqlevel - pciroute - bind_irq - cacheattr - trackdirtyvram - hvmctl - mem_event - mem_sharing -} - -class event -{ - bind - send - status - notify - create - reset -} - -class grant -{ - map_read - map_write - unmap - transfer - setup - copy - query -} - -class mmu -{ - map_read - map_write - pageinfo - pagelist - adjust - stat - translategp - updatemp - physmap - pinpage - mfnlist - memorymap - remote_remap -} - -class shadow -{ - disable - enable - logdirty -} - -class resource -{ - add - remove - use - add_irq - remove_irq - add_ioport - remove_ioport - add_iomem - remove_iomem - stat_device - add_device - remove_device - plug - unplug - setup -} - -class security -{ - compute_av - compute_create - compute_member - check_context - load_policy - compute_relabel - compute_user - setenforce - setbool - setsecparam - add_ocontext - del_ocontext -} diff -r f8156587c7fa -r e391d7de856c tools/flask/policy/policy/flask/initial_sids --- a/tools/flask/policy/policy/flask/initial_sids Fri Jan 11 10:11:02 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,16 +0,0 @@ -# FLASK - -# -# Define initial security identifiers -# -sid xen -sid dom0 -sid domio -sid domxen -sid unlabeled -sid security -sid ioport -sid iomem -sid irq -sid device -# FLASK diff -r f8156587c7fa -r e391d7de856c tools/flask/policy/policy/flask/mkaccess_vector.sh --- a/tools/flask/policy/policy/flask/mkaccess_vector.sh Fri Jan 11 10:11:02 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,138 +0,0 @@ -#!/bin/sh - -# - -# FLASK - -set -e - -awk=$1 -shift - -# output files -av_permissions="include/av_permissions.h" -av_perm_to_string="include/av_perm_to_string.h" - -cat $* | $awk " -BEGIN { - outfile = \"$av_permissions\" - avpermfile = \"$av_perm_to_string\" - "' - nextstate = "COMMON_OR_AV"; - printf("/* This file is automatically generated. Do not edit. */\n") > outfile; - printf("/* This file is automatically generated. Do not edit. */\n") > avpermfile; -; - } -/^[ \t]*#/ { - next; - } -$1 == "class" { - if (nextstate != "COMMON_OR_AV" && - nextstate != "CLASS_OR_CLASS-OPENBRACKET") - { - printf("Parse error: Unexpected class definition on line %d\n", NR); - next; - } - - tclass = $2; - - if (tclass in av_defined) - { - printf("Duplicate access vector definition for %s on line %d\n", tclass, NR); - next; - } - av_defined[tclass] = 1; - - permission = 1; - - nextstate = "INHERITS_OR_CLASS-OPENBRACKET"; - next; - } -$1 == "{" { - if (nextstate != "INHERITS_OR_CLASS-OPENBRACKET" && - nextstate != "CLASS_OR_CLASS-OPENBRACKET" && - nextstate != "COMMON-OPENBRACKET") - { - printf("Parse error: Unexpected { on line %d\n", NR); - next; - } - - if (nextstate == "INHERITS_OR_CLASS-OPENBRACKET") - nextstate = "CLASS-CLOSEBRACKET"; - - if (nextstate == "CLASS_OR_CLASS-OPENBRACKET") - nextstate = "CLASS-CLOSEBRACKET"; - - if (nextstate == "COMMON-OPENBRACKET") - nextstate = "COMMON-CLOSEBRACKET"; - } -/[a-z][a-z_]*/ { - if (nextstate != "COMMON-CLOSEBRACKET" && - nextstate != "CLASS-CLOSEBRACKET") - { - printf("Parse error: Unexpected symbol %s on line %d\n", $1, NR); - next; - } - - if (nextstate == "COMMON-CLOSEBRACKET") - { - if ((common_name,$1) in common_perms) - { - printf("Duplicate permission %s for common %s on line %d.\n", $1, common_name, NR); - next; - } - - common_perms[common_name,$1] = permission; - - printf("#define COMMON_%s__%s", toupper(common_name), toupper($1)) > outfile; - - printf(" S_(\"%s\")\n", $1) > cpermfile; - } - else - { - if ((tclass,$1) in av_perms) - { - printf("Duplicate permission %s for %s on line %d.\n", $1, tclass, NR); - next; - } - - av_perms[tclass,$1] = permission; - - printf("#define %s__%s", toupper(tclass), toupper($1)) > outfile; - - printf(" S_(SECCLASS_%s, %s__%s, \"%s\")\n", toupper(tclass), toupper(tclass), toupper($1), $1) > avpermfile; - } - - spaces = 40 - (length($1) + length(tclass)); - if (spaces < 1) - spaces = 1; - - for (i = 0; i < spaces; i++) - printf(" ") > outfile; - printf("0x%08xUL\n", permission) > outfile; - permission = permission * 2; - } -$1 == "}" { - if (nextstate != "CLASS-CLOSEBRACKET" && - nextstate != "COMMON-CLOSEBRACKET") - { - printf("Parse error: Unexpected } on line %d\n", NR); - next; - } - - if (nextstate == "COMMON-CLOSEBRACKET") - { - common_base[common_name] = permission; - printf("TE_(common_%s_perm_to_string)\n\n", common_name) > cpermfile; - } - - printf("\n") > outfile; - - nextstate = "COMMON_OR_AV"; - } -END { - if (nextstate != "COMMON_OR_AV" && nextstate != "CLASS_OR_CLASS-OPENBRACKET") - printf("Parse error: Unexpected end of file\n"); - - }' - -# FLASK diff -r f8156587c7fa -r e391d7de856c tools/flask/policy/policy/flask/mkflask.sh --- a/tools/flask/policy/policy/flask/mkflask.sh Fri Jan 11 10:11:02 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,95 +0,0 @@ -#!/bin/sh - -# - -# FLASK - -set -e - -awk=$1 -shift 1 - -# output file -output_file="include/flask.h" -debug_file="include/class_to_string.h" -debug_file2="include/initial_sid_to_string.h" - -cat $* | $awk " -BEGIN { - outfile = \"$output_file\" - debugfile = \"$debug_file\" - debugfile2 = \"$debug_file2\" - "' - nextstate = "CLASS"; - - printf("/* This file is automatically generated. Do not edit. */\n") > outfile; - - printf("#ifndef _SELINUX_FLASK_H_\n") > outfile; - printf("#define _SELINUX_FLASK_H_\n") > outfile; - printf("\n/*\n * Security object class definitions\n */\n") > outfile; - printf("/* This file is automatically generated. Do not edit. */\n") > debugfile; - printf("/*\n * Security object class definitions\n */\n") > debugfile; - printf(" S_(\"null\")\n") > debugfile; - printf("/* This file is automatically generated. Do not edit. */\n") > debugfile2; - printf("static char *initial_sid_to_string[] =\n{\n") > debugfile2; - printf(" \"null\",\n") > debugfile2; - } -/^[ \t]*#/ { - next; - } -$1 == "class" { - if (nextstate != "CLASS") - { - printf("Parse error: Unexpected class definition on line %d\n", NR); - next; - } - - if ($2 in class_found) - { - printf("Duplicate class definition for %s on line %d.\n", $2, NR); - next; - } - class_found[$2] = 1; - - class_value++; - - printf("#define SECCLASS_%s", toupper($2)) > outfile; - for (i = 0; i < 40 - length($2); i++) - printf(" ") > outfile; - printf("%d\n", class_value) > outfile; - - printf(" S_(\"%s\")\n", $2) > debugfile; - } -$1 == "sid" { - if (nextstate == "CLASS") - { - nextstate = "SID"; - printf("\n/*\n * Security identifier indices for initial entities\n */\n") > outfile; - } - - if ($2 in sid_found) - { - printf("Duplicate SID definition for %s on line %d.\n", $2, NR); - next; - } - sid_found[$2] = 1; - sid_value++; - - printf("#define SECINITSID_%s", toupper($2)) > outfile; - for (i = 0; i < 37 - length($2); i++) - printf(" ") > outfile; - printf("%d\n", sid_value) > outfile; - printf(" \"%s\",\n", $2) > debugfile2; - } -END { - if (nextstate != "SID") - printf("Parse error: Unexpected end of file\n"); - - printf("\n#define SECINITSID_NUM") > outfile; - for (i = 0; i < 34; i++) - printf(" ") > outfile; - printf("%d\n", sid_value) > outfile; - printf("\n#endif\n") > outfile; - printf("};\n\n") > debugfile2; - }' - -# FLASK diff -r f8156587c7fa -r e391d7de856c tools/flask/policy/policy/flask/security_classes --- a/tools/flask/policy/policy/flask/security_classes Fri Jan 11 10:11:02 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,21 +0,0 @@ -# FLASK - -# -# Define the security object classes -# - -# Classes marked as userspace are classes -# for userspace object managers - -class xen -class domain -class domain2 -class hvm -class mmu -class resource -class shadow -class event -class grant -class security - -# FLASK diff -r f8156587c7fa -r e391d7de856c xen/xsm/flask/policy/access_vectors --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:36:06 2013 +0000 @@ -0,0 +1,178 @@ +# +# Define the access vectors. +# +# class class_name { permission_name ... } + +class xen +{ + scheduler + settime + tbufcontrol + readconsole + clearconsole + perfcontrol + mtrr_add + mtrr_del + mtrr_read + microcode + physinfo + quirk + writeconsole + readapic + writeapic + privprofile + nonprivprofile + kexec + firmware + sleep + frequency + getidle + debug + getcpuinfo + heap + pm_op + mca_op + lockprof + cpupool_op + sched_op +} + +class domain +{ + setvcpucontext + pause + unpause + resume + create + transition + max_vcpus + destroy + setvcpuaffinity + getvcpuaffinity + scheduler + getdomaininfo + getvcpuinfo + getvcpucontext + setdomainmaxmem + setdomainhandle + setdebugging + hypercall + settime + set_target + shutdown + setaddrsize + getaddrsize + trigger + getextvcpucontext + setextvcpucontext + getvcpuextstate + setvcpuextstate + getpodtarget + setpodtarget + set_misc_info + set_virq_handler +} + +class domain2 +{ + relabelfrom + relabelto + relabelself +} + +class hvm +{ + sethvmc + gethvmc + setparam + getparam + pcilevel + irqlevel + pciroute + bind_irq + cacheattr + trackdirtyvram + hvmctl + mem_event + mem_sharing +} + +class event +{ + bind + send + status + notify + create + reset +} + +class grant +{ + map_read + map_write + unmap + transfer + setup + copy + query +} + +class mmu +{ + map_read + map_write + pageinfo + pagelist + adjust + stat + translategp + updatemp + physmap + pinpage + mfnlist + memorymap + remote_remap +} + +class shadow +{ + disable + enable + logdirty +} + +class resource +{ + add + remove + use + add_irq + remove_irq + add_ioport + remove_ioport + add_iomem + remove_iomem + stat_device + add_device + remove_device + plug + unplug + setup +} + +class security +{ + compute_av + compute_create + compute_member + check_context + load_policy + compute_relabel + compute_user + setenforce + setbool + setsecparam + add_ocontext + del_ocontext +} diff -r f8156587c7fa -r e391d7de856c xen/xsm/flask/policy/initial_sids --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/xen/xsm/flask/policy/initial_sids Fri Jan 11 10:36:06 2013 +0000 @@ -0,0 +1,16 @@ +# FLASK + +# +# Define initial security identifiers +# +sid xen +sid dom0 +sid domio +sid domxen +sid unlabeled +sid security +sid ioport +sid iomem +sid irq +sid device +# FLASK diff -r f8156587c7fa -r e391d7de856c xen/xsm/flask/policy/mkaccess_vector.sh --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/xen/xsm/flask/policy/mkaccess_vector.sh Fri Jan 11 10:36:06 2013 +0000 @@ -0,0 +1,138 @@ +#!/bin/sh - +# + +# FLASK + +set -e + +awk=$1 +shift + +# output files +av_permissions="include/av_permissions.h" +av_perm_to_string="include/av_perm_to_string.h" + +cat $* | $awk " +BEGIN { + outfile = \"$av_permissions\" + avpermfile = \"$av_perm_to_string\" + "' + nextstate = "COMMON_OR_AV"; + printf("/* This file is automatically generated. Do not edit. */\n") > outfile; + printf("/* This file is automatically generated. Do not edit. */\n") > avpermfile; +; + } +/^[ \t]*#/ { + next; + } +$1 == "class" { + if (nextstate != "COMMON_OR_AV" && + nextstate != "CLASS_OR_CLASS-OPENBRACKET") + { + printf("Parse error: Unexpected class definition on line %d\n", NR); + next; + } + + tclass = $2; + + if (tclass in av_defined) + { + printf("Duplicate access vector definition for %s on line %d\n", tclass, NR); + next; + } + av_defined[tclass] = 1; + + permission = 1; + + nextstate = "INHERITS_OR_CLASS-OPENBRACKET"; + next; + } +$1 == "{" { + if (nextstate != "INHERITS_OR_CLASS-OPENBRACKET" && + nextstate != "CLASS_OR_CLASS-OPENBRACKET" && + nextstate != "COMMON-OPENBRACKET") + { + printf("Parse error: Unexpected { on line %d\n", NR); + next; + } + + if (nextstate == "INHERITS_OR_CLASS-OPENBRACKET") + nextstate = "CLASS-CLOSEBRACKET"; + + if (nextstate == "CLASS_OR_CLASS-OPENBRACKET") + nextstate = "CLASS-CLOSEBRACKET"; + + if (nextstate == "COMMON-OPENBRACKET") + nextstate = "COMMON-CLOSEBRACKET"; + } +/[a-z][a-z_]*/ { + if (nextstate != "COMMON-CLOSEBRACKET" && + nextstate != "CLASS-CLOSEBRACKET") + { + printf("Parse error: Unexpected symbol %s on line %d\n", $1, NR); + next; + } + + if (nextstate == "COMMON-CLOSEBRACKET") + { + if ((common_name,$1) in common_perms) + { + printf("Duplicate permission %s for common %s on line %d.\n", $1, common_name, NR); + next; + } + + common_perms[common_name,$1] = permission; + + printf("#define COMMON_%s__%s", toupper(common_name), toupper($1)) > outfile; + + printf(" S_(\"%s\")\n", $1) > cpermfile; + } + else + { + if ((tclass,$1) in av_perms) + { + printf("Duplicate permission %s for %s on line %d.\n", $1, tclass, NR); + next; + } + + av_perms[tclass,$1] = permission; + + printf("#define %s__%s", toupper(tclass), toupper($1)) > outfile; + + printf(" S_(SECCLASS_%s, %s__%s, \"%s\")\n", toupper(tclass), toupper(tclass), toupper($1), $1) > avpermfile; + } + + spaces = 40 - (length($1) + length(tclass)); + if (spaces < 1) + spaces = 1; + + for (i = 0; i < spaces; i++) + printf(" ") > outfile; + printf("0x%08xUL\n", permission) > outfile; + permission = permission * 2; + } +$1 == "}" { + if (nextstate != "CLASS-CLOSEBRACKET" && + nextstate != "COMMON-CLOSEBRACKET") + { + printf("Parse error: Unexpected } on line %d\n", NR); + next; + } + + if (nextstate == "COMMON-CLOSEBRACKET") + { + common_base[common_name] = permission; + printf("TE_(common_%s_perm_to_string)\n\n", common_name) > cpermfile; + } + + printf("\n") > outfile; + + nextstate = "COMMON_OR_AV"; + } +END { + if (nextstate != "COMMON_OR_AV" && nextstate != "CLASS_OR_CLASS-OPENBRACKET") + printf("Parse error: Unexpected end of file\n"); + + }' + +# FLASK diff -r f8156587c7fa -r e391d7de856c xen/xsm/flask/policy/mkflask.sh --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/xen/xsm/flask/policy/mkflask.sh Fri Jan 11 10:36:06 2013 +0000 @@ -0,0 +1,95 @@ +#!/bin/sh - +# + +# FLASK + +set -e + +awk=$1 +shift 1 + +# output file +output_file="include/flask.h" +debug_file="include/class_to_string.h" +debug_file2="include/initial_sid_to_string.h" + +cat $* | $awk " +BEGIN { + outfile = \"$output_file\" + debugfile = \"$debug_file\" + debugfile2 = \"$debug_file2\" + "' + nextstate = "CLASS"; + + printf("/* This file is automatically generated. Do not edit. */\n") > outfile; + + printf("#ifndef _SELINUX_FLASK_H_\n") > outfile; + printf("#define _SELINUX_FLASK_H_\n") > outfile; + printf("\n/*\n * Security object class definitions\n */\n") > outfile; + printf("/* This file is automatically generated. Do not edit. */\n") > debugfile; + printf("/*\n * Security object class definitions\n */\n") > debugfile; + printf(" S_(\"null\")\n") > debugfile; + printf("/* This file is automatically generated. Do not edit. */\n") > debugfile2; + printf("static char *initial_sid_to_string[] =\n{\n") > debugfile2; + printf(" \"null\",\n") > debugfile2; + } +/^[ \t]*#/ { + next; + } +$1 == "class" { + if (nextstate != "CLASS") + { + printf("Parse error: Unexpected class definition on line %d\n", NR); + next; + } + + if ($2 in class_found) + { + printf("Duplicate class definition for %s on line %d.\n", $2, NR); + next; + } + class_found[$2] = 1; + + class_value++; + + printf("#define SECCLASS_%s", toupper($2)) > outfile; + for (i = 0; i < 40 - length($2); i++) + printf(" ") > outfile; + printf("%d\n", class_value) > outfile; + + printf(" S_(\"%s\")\n", $2) > debugfile; + } +$1 == "sid" { + if (nextstate == "CLASS") + { + nextstate = "SID"; + printf("\n/*\n * Security identifier indices for initial entities\n */\n") > outfile; + } + + if ($2 in sid_found) + { + printf("Duplicate SID definition for %s on line %d.\n", $2, NR); + next; + } + sid_found[$2] = 1; + sid_value++; + + printf("#define SECINITSID_%s", toupper($2)) > outfile; + for (i = 0; i < 37 - length($2); i++) + printf(" ") > outfile; + printf("%d\n", sid_value) > outfile; + printf(" \"%s\",\n", $2) > debugfile2; + } +END { + if (nextstate != "SID") + printf("Parse error: Unexpected end of file\n"); + + printf("\n#define SECINITSID_NUM") > outfile; + for (i = 0; i < 34; i++) + printf(" ") > outfile; + printf("%d\n", sid_value) > outfile; + printf("\n#endif\n") > outfile; + printf("};\n\n") > debugfile2; + }' + +# FLASK diff -r f8156587c7fa -r e391d7de856c xen/xsm/flask/policy/security_classes --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/xen/xsm/flask/policy/security_classes Fri Jan 11 10:36:06 2013 +0000 @@ -0,0 +1,21 @@ +# FLASK + +# +# Define the security object classes +# + +# Classes marked as userspace are classes +# for userspace object managers + +class xen +class domain +class domain2 +class hvm +class mmu +class resource +class shadow +class event +class grant +class security + +# FLASK _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:21 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:21 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGJ-0007K6-9u; Wed, 16 Jan 2013 08:22:19 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGH-0007JY-LL for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:18 +0000 Received: from [193.109.254.147:9551] by server-3.bemta-14.messagelabs.com id 2E/10-26055-83366F05; Wed, 16 Jan 2013 08:22:16 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-2.tower-27.messagelabs.com!1358324534!8933695!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 15776 invoked from network); 16 Jan 2013 08:22:15 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-2.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:15 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGD-0003rL-RO for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:13 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGD-0000aA-QI for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:13 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:13 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] arch/x86: use XSM hooks for get_pg_owner access checks X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357900798 0 # Node ID 1afbedca64ea6671d2dae5dfb8a886e69ce39d20 # Parent 62dcb40caa1d3ff6e0d47ad3e6616a4dbe433258 arch/x86: use XSM hooks for get_pg_owner access checks There are three callers of get_pg_owner: * do_mmuext_op, which does not have XSM hooks on all subfunctions * do_mmu_update, which has hooks that are inefficient * do_update_va_mapping_otherdomain, which has a simple XSM hook In order to preserve return values for the do_mmuext_op hypercall, an additional XSM hook is required to check the operation even for those subfunctions that do not use the pg_owner field. This also covers the MMUEXT_UNPIN_TABLE operation which did previously have an XSM hook. The XSM hooks in do_mmu_update were capable of replacing the checks in get_pg_owner; however, the hooks are buried in the inner loop of the function - not very good for performance when XSM is enabled and these turn in to indirect function calls. This patch removes the PTE from the hooks and replaces it with a bitfield describing what accesses are being requested. The XSM hook can then be called only when additional bits are set instead of once per iteration of the loop. This patch results in a change in the FLASK permissions used for mapping an MMIO page: the target for the permisison check on the memory mapping is no longer resolved to the device-specific type, and is instead either the domain's own type or domio_t (depending on if the domain uses DOMID_SELF or DOMID_IO in the map command). Device-specific access is still controlled via the "resource use" permisison checked at domain creation (or device hotplug). Signed-off-by: Daniel De Graaf Acked-by: Jan Beulich Acked-by: Tim Deegan Committed-by: Keir Fraser --- diff -r 62dcb40caa1d -r 1afbedca64ea tools/flask/policy/policy/modules/xen/xen.if --- a/tools/flask/policy/policy/modules/xen/xen.if Fri Jan 11 10:39:20 2013 +0000 +++ b/tools/flask/policy/policy/modules/xen/xen.if Fri Jan 11 10:39:58 2013 +0000 @@ -7,7 +7,7 @@ ################################################################################ define(`declare_domain_common', ` allow $1 $2:grant { query setup }; - allow $1 $2:mmu { adjust physmap map_read map_write stat pinpage updatemp }; + allow $1 $2:mmu { adjust physmap map_read map_write stat pinpage updatemp mmuext_op }; allow $1 $2:hvm { getparam setparam }; ') @@ -51,7 +51,7 @@ define(`create_domain_common', ` allow $1 $2:domain2 { set_cpuid settsc }; allow $1 $2:security check_context; allow $1 $2:shadow enable; - allow $1 $2:mmu {map_read map_write adjust memorymap physmap pinpage}; + allow $1 $2:mmu { map_read map_write adjust memorymap physmap pinpage mmuext_op }; allow $1 $2:grant setup; allow $1 $2:hvm { cacheattr getparam hvmctl irqlevel pciroute sethvmc setparam pcilevel trackdirtyvram }; ') @@ -162,7 +162,7 @@ define(`make_device_model', ` # Allow a device to be used by a domain define(`use_device', ` allow $1 $2:resource use; - allow $1 $2:mmu { map_read map_write }; + allow $1 domio_t:mmu { map_read map_write }; ') # admin_device(domain, device) diff -r 62dcb40caa1d -r 1afbedca64ea tools/flask/policy/policy/modules/xen/xen.te --- a/tools/flask/policy/policy/modules/xen/xen.te Fri Jan 11 10:39:20 2013 +0000 +++ b/tools/flask/policy/policy/modules/xen/xen.te Fri Jan 11 10:39:58 2013 +0000 @@ -29,10 +29,10 @@ type xen_t, xen_type, mls_priv; # Domain 0 declare_singleton_domain(dom0_t, mls_priv); -# Untracked I/O memory (pseudo-domain) +# I/O memory (DOMID_IO pseudo-domain) type domio_t, xen_type; -# Xen heap (pseudo-domain) +# Xen heap (DOMID_XEN pseudo-domain) type domxen_t, xen_type; # Unlabeled objects @@ -69,7 +69,6 @@ admin_device(dom0_t, device_t) admin_device(dom0_t, irq_t) admin_device(dom0_t, ioport_t) admin_device(dom0_t, iomem_t) -allow dom0_t domio_t:mmu { map_read map_write }; domain_comms(dom0_t, dom0_t) diff -r 62dcb40caa1d -r 1afbedca64ea xen/arch/x86/mm.c --- a/xen/arch/x86/mm.c Fri Jan 11 10:39:20 2013 +0000 +++ b/xen/arch/x86/mm.c Fri Jan 11 10:39:58 2013 +0000 @@ -2605,11 +2605,6 @@ static struct domain *get_pg_owner(domid pg_owner = rcu_lock_domain(dom_io); break; case DOMID_XEN: - if ( !IS_PRIV(curr) ) - { - MEM_LOG("Cannot set foreign dom"); - break; - } pg_owner = rcu_lock_domain(dom_xen); break; default: @@ -2618,12 +2613,6 @@ static struct domain *get_pg_owner(domid MEM_LOG("Unknown domain '%u'", domid); break; } - if ( !IS_PRIV_FOR(curr, pg_owner) ) - { - MEM_LOG("Cannot set foreign dom"); - rcu_unlock_domain(pg_owner); - pg_owner = NULL; - } break; } @@ -2711,6 +2700,13 @@ long do_mmuext_op( goto out; } + rc = xsm_mmuext_op(d, pg_owner); + if ( rc ) + { + rcu_unlock_domain(pg_owner); + goto out; + } + for ( i = 0; i < count; i++ ) { if ( hypercall_preempt_check() ) @@ -3153,6 +3149,8 @@ long do_mmu_update( struct vcpu *v = current; struct domain *d = v->domain, *pt_owner = d, *pg_owner; struct domain_mmap_cache mapcache; + uint32_t xsm_needed = 0; + uint32_t xsm_checked = 0; if ( unlikely(count & MMU_UPDATE_PREEMPTED) ) { @@ -3184,11 +3182,6 @@ long do_mmu_update( rc = -EINVAL; goto out; } - if ( !IS_PRIV_FOR(d, pt_owner) ) - { - rc = -ESRCH; - goto out; - } } if ( (pg_owner = get_pg_owner((uint16_t)foreigndom)) == NULL ) @@ -3228,9 +3221,20 @@ long do_mmu_update( { p2m_type_t p2mt; - rc = xsm_mmu_normal_update(d, pt_owner, pg_owner, req.val); - if ( rc ) - break; + xsm_needed |= XSM_MMU_NORMAL_UPDATE; + if ( get_pte_flags(req.val) & _PAGE_PRESENT ) + { + xsm_needed |= XSM_MMU_UPDATE_READ; + if ( get_pte_flags(req.val) & _PAGE_RW ) + xsm_needed |= XSM_MMU_UPDATE_WRITE; + } + if ( xsm_needed != xsm_checked ) + { + rc = xsm_mmu_update(d, pt_owner, pg_owner, xsm_needed); + if ( rc ) + break; + xsm_checked = xsm_needed; + } rc = -EINVAL; req.ptr -= cmd; @@ -3342,9 +3346,14 @@ long do_mmu_update( mfn = req.ptr >> PAGE_SHIFT; gpfn = req.val; - rc = xsm_mmu_machphys_update(d, pg_owner, mfn); - if ( rc ) - break; + xsm_needed |= XSM_MMU_MACHPHYS_UPDATE; + if ( xsm_needed != xsm_checked ) + { + rc = xsm_mmu_update(d, NULL, pg_owner, xsm_needed); + if ( rc ) + break; + xsm_checked = xsm_needed; + } if ( unlikely(!get_page_from_pagenr(mfn, pg_owner)) ) { diff -r 62dcb40caa1d -r 1afbedca64ea xen/include/xsm/dummy.h --- a/xen/include/xsm/dummy.h Fri Jan 11 10:39:20 2013 +0000 +++ b/xen/include/xsm/dummy.h Fri Jan 11 10:39:58 2013 +0000 @@ -662,21 +662,28 @@ static XSM_INLINE int xsm_domain_memory_ return 0; } -static XSM_INLINE int xsm_mmu_normal_update(struct domain *d, struct domain *t, - struct domain *f, intpte_t fpte) +static XSM_INLINE int xsm_mmu_update(struct domain *d, struct domain *t, + struct domain *f, uint32_t flags) { + if ( t && d != t && !IS_PRIV_FOR(d, t) ) + return -EPERM; + if ( d != f && !IS_PRIV_FOR(d, f) ) + return -EPERM; return 0; } -static XSM_INLINE int xsm_mmu_machphys_update(struct domain *d, struct domain *f, - unsigned long mfn) +static XSM_INLINE int xsm_mmuext_op(struct domain *d, struct domain *f) { + if ( d != f && !IS_PRIV_FOR(d, f) ) + return -EPERM; return 0; } static XSM_INLINE int xsm_update_va_mapping(struct domain *d, struct domain *f, l1_pgentry_t pte) { + if ( d != f && !IS_PRIV_FOR(d, f) ) + return -EPERM; return 0; } diff -r 62dcb40caa1d -r 1afbedca64ea xen/include/xsm/xsm.h --- a/xen/include/xsm/xsm.h Fri Jan 11 10:39:20 2013 +0000 +++ b/xen/include/xsm/xsm.h Fri Jan 11 10:39:58 2013 +0000 @@ -27,8 +27,6 @@ typedef u32 xsm_magic_t; #define XSM_MAGIC 0x00000000 #endif -#ifdef XSM_ENABLE - extern char *policy_buffer; extern u32 policy_size; @@ -170,9 +168,13 @@ struct xsm_operations { int (*getidletime) (void); int (*machine_memory_map) (void); int (*domain_memory_map) (struct domain *d); - int (*mmu_normal_update) (struct domain *d, struct domain *t, - struct domain *f, intpte_t fpte); - int (*mmu_machphys_update) (struct domain *d1, struct domain *d2, unsigned long mfn); +#define XSM_MMU_UPDATE_READ 1 +#define XSM_MMU_UPDATE_WRITE 2 +#define XSM_MMU_NORMAL_UPDATE 4 +#define XSM_MMU_MACHPHYS_UPDATE 8 + int (*mmu_update) (struct domain *d, struct domain *t, + struct domain *f, uint32_t flags); + int (*mmuext_op) (struct domain *d, struct domain *f); int (*update_va_mapping) (struct domain *d, struct domain *f, l1_pgentry_t pte); int (*add_to_physmap) (struct domain *d1, struct domain *d2); int (*sendtrigger) (struct domain *d); @@ -186,6 +188,8 @@ struct xsm_operations { #endif }; +#ifdef XSM_ENABLE + extern struct xsm_operations *xsm_ops; #ifndef XSM_NO_WRAPPERS @@ -763,16 +767,15 @@ static inline int xsm_domain_memory_map( return xsm_ops->domain_memory_map(d); } -static inline int xsm_mmu_normal_update (struct domain *d, struct domain *t, - struct domain *f, intpte_t fpte) +static inline int xsm_mmu_update (struct domain *d, struct domain *t, + struct domain *f, uint32_t flags) { - return xsm_ops->mmu_normal_update(d, t, f, fpte); + return xsm_ops->mmu_update(d, t, f, flags); } -static inline int xsm_mmu_machphys_update (struct domain *d1, struct domain *d2, - unsigned long mfn) +static inline int xsm_mmuext_op (struct domain *d, struct domain *f) { - return xsm_ops->mmu_machphys_update(d1, d2, mfn); + return xsm_ops->mmuext_op(d, f); } static inline int xsm_update_va_mapping(struct domain *d, struct domain *f, diff -r 62dcb40caa1d -r 1afbedca64ea xen/xsm/dummy.c --- a/xen/xsm/dummy.c Fri Jan 11 10:39:20 2013 +0000 +++ b/xen/xsm/dummy.c Fri Jan 11 10:39:58 2013 +0000 @@ -155,8 +155,8 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, getidletime); set_to_dummy_if_null(ops, machine_memory_map); set_to_dummy_if_null(ops, domain_memory_map); - set_to_dummy_if_null(ops, mmu_normal_update); - set_to_dummy_if_null(ops, mmu_machphys_update); + set_to_dummy_if_null(ops, mmu_update); + set_to_dummy_if_null(ops, mmuext_op); set_to_dummy_if_null(ops, update_va_mapping); set_to_dummy_if_null(ops, add_to_physmap); set_to_dummy_if_null(ops, remove_from_physmap); diff -r 62dcb40caa1d -r 1afbedca64ea xen/xsm/flask/hooks.c --- a/xen/xsm/flask/hooks.c Fri Jan 11 10:39:20 2013 +0000 +++ b/xen/xsm/flask/hooks.c Fri Jan 11 10:39:58 2013 +0000 @@ -1435,65 +1435,44 @@ static int flask_domain_memory_map(struc return current_has_perm(d, SECCLASS_MMU, MMU__MEMORYMAP); } -static int domain_memory_perm(struct domain *d, struct domain *f, l1_pgentry_t pte) +static int flask_mmu_update(struct domain *d, struct domain *t, + struct domain *f, uint32_t flags) { int rc = 0; - u32 map_perms = MMU__MAP_READ; - unsigned long fgfn, fmfn; - p2m_type_t p2mt; + u32 map_perms = 0; - if ( !(l1e_get_flags(pte) & _PAGE_PRESENT) ) - return 0; - - if ( l1e_get_flags(pte) & _PAGE_RW ) - map_perms |= MMU__MAP_WRITE; - - fgfn = l1e_get_pfn(pte); - fmfn = mfn_x(get_gfn_query(f, fgfn, &p2mt)); - put_gfn(f, fgfn); - - if ( f->domain_id == DOMID_IO || !mfn_valid(fmfn) ) - { - struct avc_audit_data ad; - u32 dsid, fsid; - rc = security_iomem_sid(fmfn, &fsid); - if ( rc ) - return rc; - AVC_AUDIT_DATA_INIT(&ad, MEMORY); - ad.sdom = d; - ad.tdom = f; - ad.memory.pte = pte.l1; - ad.memory.mfn = fmfn; - dsid = domain_sid(d); - return avc_has_perm(dsid, fsid, SECCLASS_MMU, map_perms, &ad); - } - - return domain_has_perm(d, f, SECCLASS_MMU, map_perms); -} - -static int flask_mmu_normal_update(struct domain *d, struct domain *t, - struct domain *f, intpte_t fpte) -{ - int rc = 0; - - if (d != t) + if ( t && d != t ) rc = domain_has_perm(d, t, SECCLASS_MMU, MMU__REMOTE_REMAP); if ( rc ) return rc; - return domain_memory_perm(d, f, l1e_from_intpte(fpte)); + if ( flags & XSM_MMU_UPDATE_READ ) + map_perms |= MMU__MAP_READ; + if ( flags & XSM_MMU_UPDATE_WRITE ) + map_perms |= MMU__MAP_WRITE; + if ( flags & XSM_MMU_MACHPHYS_UPDATE ) + map_perms |= MMU__UPDATEMP; + + if ( map_perms ) + rc = domain_has_perm(d, f, SECCLASS_MMU, map_perms); + return rc; } -static int flask_mmu_machphys_update(struct domain *d1, struct domain *d2, - unsigned long mfn) +static int flask_mmuext_op(struct domain *d, struct domain *f) { - return domain_has_perm(d1, d2, SECCLASS_MMU, MMU__UPDATEMP); + return domain_has_perm(d, f, SECCLASS_MMU, MMU__MMUEXT_OP); } static int flask_update_va_mapping(struct domain *d, struct domain *f, l1_pgentry_t pte) { - return domain_memory_perm(d, f, pte); + u32 map_perms = MMU__MAP_READ; + if ( !(l1e_get_flags(pte) & _PAGE_PRESENT) ) + return 0; + if ( l1e_get_flags(pte) & _PAGE_RW ) + map_perms |= MMU__MAP_WRITE; + + return domain_has_perm(d, f, SECCLASS_MMU, map_perms); } static int flask_add_to_physmap(struct domain *d1, struct domain *d2) @@ -1774,8 +1753,8 @@ static struct xsm_operations flask_ops = .getidletime = flask_getidletime, .machine_memory_map = flask_machine_memory_map, .domain_memory_map = flask_domain_memory_map, - .mmu_normal_update = flask_mmu_normal_update, - .mmu_machphys_update = flask_mmu_machphys_update, + .mmu_update = flask_mmu_update, + .mmuext_op = flask_mmuext_op, .update_va_mapping = flask_update_va_mapping, .add_to_physmap = flask_add_to_physmap, .remove_from_physmap = flask_remove_from_physmap, diff -r 62dcb40caa1d -r 1afbedca64ea xen/xsm/flask/policy/access_vectors --- a/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:39:20 2013 +0000 +++ b/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:39:58 2013 +0000 @@ -141,6 +141,7 @@ class mmu mfnlist memorymap remote_remap + mmuext_op } class shadow _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:21 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:21 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGJ-0007K6-9u; Wed, 16 Jan 2013 08:22:19 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGH-0007JY-LL for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:18 +0000 Received: from [193.109.254.147:9551] by server-3.bemta-14.messagelabs.com id 2E/10-26055-83366F05; Wed, 16 Jan 2013 08:22:16 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-2.tower-27.messagelabs.com!1358324534!8933695!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 15776 invoked from network); 16 Jan 2013 08:22:15 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-2.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:15 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGD-0003rL-RO for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:13 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGD-0000aA-QI for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:13 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:13 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] arch/x86: use XSM hooks for get_pg_owner access checks X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357900798 0 # Node ID 1afbedca64ea6671d2dae5dfb8a886e69ce39d20 # Parent 62dcb40caa1d3ff6e0d47ad3e6616a4dbe433258 arch/x86: use XSM hooks for get_pg_owner access checks There are three callers of get_pg_owner: * do_mmuext_op, which does not have XSM hooks on all subfunctions * do_mmu_update, which has hooks that are inefficient * do_update_va_mapping_otherdomain, which has a simple XSM hook In order to preserve return values for the do_mmuext_op hypercall, an additional XSM hook is required to check the operation even for those subfunctions that do not use the pg_owner field. This also covers the MMUEXT_UNPIN_TABLE operation which did previously have an XSM hook. The XSM hooks in do_mmu_update were capable of replacing the checks in get_pg_owner; however, the hooks are buried in the inner loop of the function - not very good for performance when XSM is enabled and these turn in to indirect function calls. This patch removes the PTE from the hooks and replaces it with a bitfield describing what accesses are being requested. The XSM hook can then be called only when additional bits are set instead of once per iteration of the loop. This patch results in a change in the FLASK permissions used for mapping an MMIO page: the target for the permisison check on the memory mapping is no longer resolved to the device-specific type, and is instead either the domain's own type or domio_t (depending on if the domain uses DOMID_SELF or DOMID_IO in the map command). Device-specific access is still controlled via the "resource use" permisison checked at domain creation (or device hotplug). Signed-off-by: Daniel De Graaf Acked-by: Jan Beulich Acked-by: Tim Deegan Committed-by: Keir Fraser --- diff -r 62dcb40caa1d -r 1afbedca64ea tools/flask/policy/policy/modules/xen/xen.if --- a/tools/flask/policy/policy/modules/xen/xen.if Fri Jan 11 10:39:20 2013 +0000 +++ b/tools/flask/policy/policy/modules/xen/xen.if Fri Jan 11 10:39:58 2013 +0000 @@ -7,7 +7,7 @@ ################################################################################ define(`declare_domain_common', ` allow $1 $2:grant { query setup }; - allow $1 $2:mmu { adjust physmap map_read map_write stat pinpage updatemp }; + allow $1 $2:mmu { adjust physmap map_read map_write stat pinpage updatemp mmuext_op }; allow $1 $2:hvm { getparam setparam }; ') @@ -51,7 +51,7 @@ define(`create_domain_common', ` allow $1 $2:domain2 { set_cpuid settsc }; allow $1 $2:security check_context; allow $1 $2:shadow enable; - allow $1 $2:mmu {map_read map_write adjust memorymap physmap pinpage}; + allow $1 $2:mmu { map_read map_write adjust memorymap physmap pinpage mmuext_op }; allow $1 $2:grant setup; allow $1 $2:hvm { cacheattr getparam hvmctl irqlevel pciroute sethvmc setparam pcilevel trackdirtyvram }; ') @@ -162,7 +162,7 @@ define(`make_device_model', ` # Allow a device to be used by a domain define(`use_device', ` allow $1 $2:resource use; - allow $1 $2:mmu { map_read map_write }; + allow $1 domio_t:mmu { map_read map_write }; ') # admin_device(domain, device) diff -r 62dcb40caa1d -r 1afbedca64ea tools/flask/policy/policy/modules/xen/xen.te --- a/tools/flask/policy/policy/modules/xen/xen.te Fri Jan 11 10:39:20 2013 +0000 +++ b/tools/flask/policy/policy/modules/xen/xen.te Fri Jan 11 10:39:58 2013 +0000 @@ -29,10 +29,10 @@ type xen_t, xen_type, mls_priv; # Domain 0 declare_singleton_domain(dom0_t, mls_priv); -# Untracked I/O memory (pseudo-domain) +# I/O memory (DOMID_IO pseudo-domain) type domio_t, xen_type; -# Xen heap (pseudo-domain) +# Xen heap (DOMID_XEN pseudo-domain) type domxen_t, xen_type; # Unlabeled objects @@ -69,7 +69,6 @@ admin_device(dom0_t, device_t) admin_device(dom0_t, irq_t) admin_device(dom0_t, ioport_t) admin_device(dom0_t, iomem_t) -allow dom0_t domio_t:mmu { map_read map_write }; domain_comms(dom0_t, dom0_t) diff -r 62dcb40caa1d -r 1afbedca64ea xen/arch/x86/mm.c --- a/xen/arch/x86/mm.c Fri Jan 11 10:39:20 2013 +0000 +++ b/xen/arch/x86/mm.c Fri Jan 11 10:39:58 2013 +0000 @@ -2605,11 +2605,6 @@ static struct domain *get_pg_owner(domid pg_owner = rcu_lock_domain(dom_io); break; case DOMID_XEN: - if ( !IS_PRIV(curr) ) - { - MEM_LOG("Cannot set foreign dom"); - break; - } pg_owner = rcu_lock_domain(dom_xen); break; default: @@ -2618,12 +2613,6 @@ static struct domain *get_pg_owner(domid MEM_LOG("Unknown domain '%u'", domid); break; } - if ( !IS_PRIV_FOR(curr, pg_owner) ) - { - MEM_LOG("Cannot set foreign dom"); - rcu_unlock_domain(pg_owner); - pg_owner = NULL; - } break; } @@ -2711,6 +2700,13 @@ long do_mmuext_op( goto out; } + rc = xsm_mmuext_op(d, pg_owner); + if ( rc ) + { + rcu_unlock_domain(pg_owner); + goto out; + } + for ( i = 0; i < count; i++ ) { if ( hypercall_preempt_check() ) @@ -3153,6 +3149,8 @@ long do_mmu_update( struct vcpu *v = current; struct domain *d = v->domain, *pt_owner = d, *pg_owner; struct domain_mmap_cache mapcache; + uint32_t xsm_needed = 0; + uint32_t xsm_checked = 0; if ( unlikely(count & MMU_UPDATE_PREEMPTED) ) { @@ -3184,11 +3182,6 @@ long do_mmu_update( rc = -EINVAL; goto out; } - if ( !IS_PRIV_FOR(d, pt_owner) ) - { - rc = -ESRCH; - goto out; - } } if ( (pg_owner = get_pg_owner((uint16_t)foreigndom)) == NULL ) @@ -3228,9 +3221,20 @@ long do_mmu_update( { p2m_type_t p2mt; - rc = xsm_mmu_normal_update(d, pt_owner, pg_owner, req.val); - if ( rc ) - break; + xsm_needed |= XSM_MMU_NORMAL_UPDATE; + if ( get_pte_flags(req.val) & _PAGE_PRESENT ) + { + xsm_needed |= XSM_MMU_UPDATE_READ; + if ( get_pte_flags(req.val) & _PAGE_RW ) + xsm_needed |= XSM_MMU_UPDATE_WRITE; + } + if ( xsm_needed != xsm_checked ) + { + rc = xsm_mmu_update(d, pt_owner, pg_owner, xsm_needed); + if ( rc ) + break; + xsm_checked = xsm_needed; + } rc = -EINVAL; req.ptr -= cmd; @@ -3342,9 +3346,14 @@ long do_mmu_update( mfn = req.ptr >> PAGE_SHIFT; gpfn = req.val; - rc = xsm_mmu_machphys_update(d, pg_owner, mfn); - if ( rc ) - break; + xsm_needed |= XSM_MMU_MACHPHYS_UPDATE; + if ( xsm_needed != xsm_checked ) + { + rc = xsm_mmu_update(d, NULL, pg_owner, xsm_needed); + if ( rc ) + break; + xsm_checked = xsm_needed; + } if ( unlikely(!get_page_from_pagenr(mfn, pg_owner)) ) { diff -r 62dcb40caa1d -r 1afbedca64ea xen/include/xsm/dummy.h --- a/xen/include/xsm/dummy.h Fri Jan 11 10:39:20 2013 +0000 +++ b/xen/include/xsm/dummy.h Fri Jan 11 10:39:58 2013 +0000 @@ -662,21 +662,28 @@ static XSM_INLINE int xsm_domain_memory_ return 0; } -static XSM_INLINE int xsm_mmu_normal_update(struct domain *d, struct domain *t, - struct domain *f, intpte_t fpte) +static XSM_INLINE int xsm_mmu_update(struct domain *d, struct domain *t, + struct domain *f, uint32_t flags) { + if ( t && d != t && !IS_PRIV_FOR(d, t) ) + return -EPERM; + if ( d != f && !IS_PRIV_FOR(d, f) ) + return -EPERM; return 0; } -static XSM_INLINE int xsm_mmu_machphys_update(struct domain *d, struct domain *f, - unsigned long mfn) +static XSM_INLINE int xsm_mmuext_op(struct domain *d, struct domain *f) { + if ( d != f && !IS_PRIV_FOR(d, f) ) + return -EPERM; return 0; } static XSM_INLINE int xsm_update_va_mapping(struct domain *d, struct domain *f, l1_pgentry_t pte) { + if ( d != f && !IS_PRIV_FOR(d, f) ) + return -EPERM; return 0; } diff -r 62dcb40caa1d -r 1afbedca64ea xen/include/xsm/xsm.h --- a/xen/include/xsm/xsm.h Fri Jan 11 10:39:20 2013 +0000 +++ b/xen/include/xsm/xsm.h Fri Jan 11 10:39:58 2013 +0000 @@ -27,8 +27,6 @@ typedef u32 xsm_magic_t; #define XSM_MAGIC 0x00000000 #endif -#ifdef XSM_ENABLE - extern char *policy_buffer; extern u32 policy_size; @@ -170,9 +168,13 @@ struct xsm_operations { int (*getidletime) (void); int (*machine_memory_map) (void); int (*domain_memory_map) (struct domain *d); - int (*mmu_normal_update) (struct domain *d, struct domain *t, - struct domain *f, intpte_t fpte); - int (*mmu_machphys_update) (struct domain *d1, struct domain *d2, unsigned long mfn); +#define XSM_MMU_UPDATE_READ 1 +#define XSM_MMU_UPDATE_WRITE 2 +#define XSM_MMU_NORMAL_UPDATE 4 +#define XSM_MMU_MACHPHYS_UPDATE 8 + int (*mmu_update) (struct domain *d, struct domain *t, + struct domain *f, uint32_t flags); + int (*mmuext_op) (struct domain *d, struct domain *f); int (*update_va_mapping) (struct domain *d, struct domain *f, l1_pgentry_t pte); int (*add_to_physmap) (struct domain *d1, struct domain *d2); int (*sendtrigger) (struct domain *d); @@ -186,6 +188,8 @@ struct xsm_operations { #endif }; +#ifdef XSM_ENABLE + extern struct xsm_operations *xsm_ops; #ifndef XSM_NO_WRAPPERS @@ -763,16 +767,15 @@ static inline int xsm_domain_memory_map( return xsm_ops->domain_memory_map(d); } -static inline int xsm_mmu_normal_update (struct domain *d, struct domain *t, - struct domain *f, intpte_t fpte) +static inline int xsm_mmu_update (struct domain *d, struct domain *t, + struct domain *f, uint32_t flags) { - return xsm_ops->mmu_normal_update(d, t, f, fpte); + return xsm_ops->mmu_update(d, t, f, flags); } -static inline int xsm_mmu_machphys_update (struct domain *d1, struct domain *d2, - unsigned long mfn) +static inline int xsm_mmuext_op (struct domain *d, struct domain *f) { - return xsm_ops->mmu_machphys_update(d1, d2, mfn); + return xsm_ops->mmuext_op(d, f); } static inline int xsm_update_va_mapping(struct domain *d, struct domain *f, diff -r 62dcb40caa1d -r 1afbedca64ea xen/xsm/dummy.c --- a/xen/xsm/dummy.c Fri Jan 11 10:39:20 2013 +0000 +++ b/xen/xsm/dummy.c Fri Jan 11 10:39:58 2013 +0000 @@ -155,8 +155,8 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, getidletime); set_to_dummy_if_null(ops, machine_memory_map); set_to_dummy_if_null(ops, domain_memory_map); - set_to_dummy_if_null(ops, mmu_normal_update); - set_to_dummy_if_null(ops, mmu_machphys_update); + set_to_dummy_if_null(ops, mmu_update); + set_to_dummy_if_null(ops, mmuext_op); set_to_dummy_if_null(ops, update_va_mapping); set_to_dummy_if_null(ops, add_to_physmap); set_to_dummy_if_null(ops, remove_from_physmap); diff -r 62dcb40caa1d -r 1afbedca64ea xen/xsm/flask/hooks.c --- a/xen/xsm/flask/hooks.c Fri Jan 11 10:39:20 2013 +0000 +++ b/xen/xsm/flask/hooks.c Fri Jan 11 10:39:58 2013 +0000 @@ -1435,65 +1435,44 @@ static int flask_domain_memory_map(struc return current_has_perm(d, SECCLASS_MMU, MMU__MEMORYMAP); } -static int domain_memory_perm(struct domain *d, struct domain *f, l1_pgentry_t pte) +static int flask_mmu_update(struct domain *d, struct domain *t, + struct domain *f, uint32_t flags) { int rc = 0; - u32 map_perms = MMU__MAP_READ; - unsigned long fgfn, fmfn; - p2m_type_t p2mt; + u32 map_perms = 0; - if ( !(l1e_get_flags(pte) & _PAGE_PRESENT) ) - return 0; - - if ( l1e_get_flags(pte) & _PAGE_RW ) - map_perms |= MMU__MAP_WRITE; - - fgfn = l1e_get_pfn(pte); - fmfn = mfn_x(get_gfn_query(f, fgfn, &p2mt)); - put_gfn(f, fgfn); - - if ( f->domain_id == DOMID_IO || !mfn_valid(fmfn) ) - { - struct avc_audit_data ad; - u32 dsid, fsid; - rc = security_iomem_sid(fmfn, &fsid); - if ( rc ) - return rc; - AVC_AUDIT_DATA_INIT(&ad, MEMORY); - ad.sdom = d; - ad.tdom = f; - ad.memory.pte = pte.l1; - ad.memory.mfn = fmfn; - dsid = domain_sid(d); - return avc_has_perm(dsid, fsid, SECCLASS_MMU, map_perms, &ad); - } - - return domain_has_perm(d, f, SECCLASS_MMU, map_perms); -} - -static int flask_mmu_normal_update(struct domain *d, struct domain *t, - struct domain *f, intpte_t fpte) -{ - int rc = 0; - - if (d != t) + if ( t && d != t ) rc = domain_has_perm(d, t, SECCLASS_MMU, MMU__REMOTE_REMAP); if ( rc ) return rc; - return domain_memory_perm(d, f, l1e_from_intpte(fpte)); + if ( flags & XSM_MMU_UPDATE_READ ) + map_perms |= MMU__MAP_READ; + if ( flags & XSM_MMU_UPDATE_WRITE ) + map_perms |= MMU__MAP_WRITE; + if ( flags & XSM_MMU_MACHPHYS_UPDATE ) + map_perms |= MMU__UPDATEMP; + + if ( map_perms ) + rc = domain_has_perm(d, f, SECCLASS_MMU, map_perms); + return rc; } -static int flask_mmu_machphys_update(struct domain *d1, struct domain *d2, - unsigned long mfn) +static int flask_mmuext_op(struct domain *d, struct domain *f) { - return domain_has_perm(d1, d2, SECCLASS_MMU, MMU__UPDATEMP); + return domain_has_perm(d, f, SECCLASS_MMU, MMU__MMUEXT_OP); } static int flask_update_va_mapping(struct domain *d, struct domain *f, l1_pgentry_t pte) { - return domain_memory_perm(d, f, pte); + u32 map_perms = MMU__MAP_READ; + if ( !(l1e_get_flags(pte) & _PAGE_PRESENT) ) + return 0; + if ( l1e_get_flags(pte) & _PAGE_RW ) + map_perms |= MMU__MAP_WRITE; + + return domain_has_perm(d, f, SECCLASS_MMU, map_perms); } static int flask_add_to_physmap(struct domain *d1, struct domain *d2) @@ -1774,8 +1753,8 @@ static struct xsm_operations flask_ops = .getidletime = flask_getidletime, .machine_memory_map = flask_machine_memory_map, .domain_memory_map = flask_domain_memory_map, - .mmu_normal_update = flask_mmu_normal_update, - .mmu_machphys_update = flask_mmu_machphys_update, + .mmu_update = flask_mmu_update, + .mmuext_op = flask_mmuext_op, .update_va_mapping = flask_update_va_mapping, .add_to_physmap = flask_add_to_physmap, .remove_from_physmap = flask_remove_from_physmap, diff -r 62dcb40caa1d -r 1afbedca64ea xen/xsm/flask/policy/access_vectors --- a/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:39:20 2013 +0000 +++ b/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:39:58 2013 +0000 @@ -141,6 +141,7 @@ class mmu mfnlist memorymap remote_remap + mmuext_op } class shadow _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:22 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:22 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGI-0007Jl-5x; Wed, 16 Jan 2013 08:22:18 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGH-0007JU-H9 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:17 +0000 Received: from [85.158.143.35:50059] by server-3.bemta-4.messagelabs.com id BC/CE-19220-83366F05; Wed, 16 Jan 2013 08:22:16 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-7.tower-21.messagelabs.com!1358324534!11684826!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 15164 invoked from network); 16 Jan 2013 08:22:15 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-7.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:15 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGE-0003rO-Hj for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:14 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGE-0000aP-Am for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:14 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:13 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen: add XSM hook for XENMEM_exchange X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357900858 0 # Node ID 50418c161c75d0f8439f686ad2813dcfdcc16e5a # Parent 1afbedca64ea6671d2dae5dfb8a886e69ce39d20 xen: add XSM hook for XENMEM_exchange Signed-off-by: Daniel De Graaf Committed-by: Keir Fraser --- diff -r 1afbedca64ea -r 50418c161c75 tools/flask/policy/policy/modules/xen/xen.if --- a/tools/flask/policy/policy/modules/xen/xen.if Fri Jan 11 10:39:58 2013 +0000 +++ b/tools/flask/policy/policy/modules/xen/xen.if Fri Jan 11 10:40:58 2013 +0000 @@ -30,6 +30,7 @@ define(`declare_domain', ` # containing at most one domain. This is not enforced by policy. define(`declare_singleton_domain', ` type $1, domain_type`'ifelse(`$#', `1', `', `,shift($@)'); + define(`$1_self', `$1') type $1_channel, event_type; type_transition $1 domain_type:event $1_channel; declare_domain_common($1, $1) @@ -161,6 +162,7 @@ define(`make_device_model', ` # use_device(domain, device) # Allow a device to be used by a domain define(`use_device', ` + allow $1 $1_self:mmu exchange; allow $1 $2:resource use; allow $1 domio_t:mmu { map_read map_write }; ') diff -r 1afbedca64ea -r 50418c161c75 xen/common/memory.c --- a/xen/common/memory.c Fri Jan 11 10:39:58 2013 +0000 +++ b/xen/common/memory.c Fri Jan 11 10:40:58 2013 +0000 @@ -341,9 +341,19 @@ static long memory_exchange(XEN_GUEST_HA out_chunk_order = exch.in.extent_order - exch.out.extent_order; } - rc = rcu_lock_target_domain_by_id(exch.in.domid, &d); + d = rcu_lock_domain_by_any_id(exch.in.domid); + if ( d == NULL ) + { + rc = -ESRCH; + goto fail_early; + } + + rc = xsm_memory_exchange(d); if ( rc ) + { + rcu_unlock_domain(d); goto fail_early; + } memflags |= MEMF_bits(domain_clamp_alloc_bitsize( d, diff -r 1afbedca64ea -r 50418c161c75 xen/include/xsm/dummy.h --- a/xen/include/xsm/dummy.h Fri Jan 11 10:39:58 2013 +0000 +++ b/xen/include/xsm/dummy.h Fri Jan 11 10:40:58 2013 +0000 @@ -235,6 +235,13 @@ static XSM_INLINE int xsm_grant_query_si return 0; } +static XSM_INLINE int xsm_memory_exchange(struct domain *d) +{ + if ( d != current->domain && !IS_PRIV_FOR(current->domain, d) ) + return -EPERM; + return 0; +} + static XSM_INLINE int xsm_memory_adjust_reservation(struct domain *d1, struct domain *d2) { diff -r 1afbedca64ea -r 50418c161c75 xen/include/xsm/xsm.h --- a/xen/include/xsm/xsm.h Fri Jan 11 10:39:58 2013 +0000 +++ b/xen/include/xsm/xsm.h Fri Jan 11 10:40:58 2013 +0000 @@ -96,6 +96,7 @@ struct xsm_operations { int (*get_pod_target) (struct domain *d); int (*set_pod_target) (struct domain *d); + int (*memory_exchange) (struct domain *d); int (*memory_adjust_reservation) (struct domain *d1, struct domain *d2); int (*memory_stat_reservation) (struct domain *d1, struct domain *d2); int (*memory_pin_page) (struct domain *d1, struct domain *d2, struct page_info *page); @@ -453,6 +454,11 @@ static inline int xsm_set_pod_target (st return xsm_ops->set_pod_target(d); } +static inline int xsm_memory_exchange (struct domain *d) +{ + return xsm_ops->memory_exchange(d); +} + static inline int xsm_memory_adjust_reservation (struct domain *d1, struct domain *d2) { diff -r 1afbedca64ea -r 50418c161c75 xen/xsm/dummy.c --- a/xen/xsm/dummy.c Fri Jan 11 10:39:58 2013 +0000 +++ b/xen/xsm/dummy.c Fri Jan 11 10:40:58 2013 +0000 @@ -84,6 +84,7 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, get_pod_target); set_to_dummy_if_null(ops, set_pod_target); + set_to_dummy_if_null(ops, memory_exchange); set_to_dummy_if_null(ops, memory_adjust_reservation); set_to_dummy_if_null(ops, memory_stat_reservation); set_to_dummy_if_null(ops, memory_pin_page); diff -r 1afbedca64ea -r 50418c161c75 xen/xsm/flask/hooks.c --- a/xen/xsm/flask/hooks.c Fri Jan 11 10:39:58 2013 +0000 +++ b/xen/xsm/flask/hooks.c Fri Jan 11 10:40:58 2013 +0000 @@ -396,6 +396,11 @@ static int flask_set_pod_target(struct d return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETPODTARGET); } +static int flask_memory_exchange(struct domain *d) +{ + return current_has_perm(d, SECCLASS_MMU, MMU__EXCHANGE); +} + static int flask_memory_adjust_reservation(struct domain *d1, struct domain *d2) { return domain_has_perm(d1, d2, SECCLASS_MMU, MMU__ADJUST); @@ -1686,6 +1691,7 @@ static struct xsm_operations flask_ops = .get_pod_target = flask_get_pod_target, .set_pod_target = flask_set_pod_target, + .memory_exchange = flask_memory_exchange, .memory_adjust_reservation = flask_memory_adjust_reservation, .memory_stat_reservation = flask_memory_stat_reservation, .memory_pin_page = flask_memory_pin_page, diff -r 1afbedca64ea -r 50418c161c75 xen/xsm/flask/policy/access_vectors --- a/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:39:58 2013 +0000 +++ b/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:40:58 2013 +0000 @@ -142,6 +142,7 @@ class mmu memorymap remote_remap mmuext_op + exchange } class shadow _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:22 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:22 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGI-0007Jl-5x; Wed, 16 Jan 2013 08:22:18 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGH-0007JU-H9 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:17 +0000 Received: from [85.158.143.35:50059] by server-3.bemta-4.messagelabs.com id BC/CE-19220-83366F05; Wed, 16 Jan 2013 08:22:16 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-7.tower-21.messagelabs.com!1358324534!11684826!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 15164 invoked from network); 16 Jan 2013 08:22:15 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-7.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:15 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGE-0003rO-Hj for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:14 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGE-0000aP-Am for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:14 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:13 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen: add XSM hook for XENMEM_exchange X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357900858 0 # Node ID 50418c161c75d0f8439f686ad2813dcfdcc16e5a # Parent 1afbedca64ea6671d2dae5dfb8a886e69ce39d20 xen: add XSM hook for XENMEM_exchange Signed-off-by: Daniel De Graaf Committed-by: Keir Fraser --- diff -r 1afbedca64ea -r 50418c161c75 tools/flask/policy/policy/modules/xen/xen.if --- a/tools/flask/policy/policy/modules/xen/xen.if Fri Jan 11 10:39:58 2013 +0000 +++ b/tools/flask/policy/policy/modules/xen/xen.if Fri Jan 11 10:40:58 2013 +0000 @@ -30,6 +30,7 @@ define(`declare_domain', ` # containing at most one domain. This is not enforced by policy. define(`declare_singleton_domain', ` type $1, domain_type`'ifelse(`$#', `1', `', `,shift($@)'); + define(`$1_self', `$1') type $1_channel, event_type; type_transition $1 domain_type:event $1_channel; declare_domain_common($1, $1) @@ -161,6 +162,7 @@ define(`make_device_model', ` # use_device(domain, device) # Allow a device to be used by a domain define(`use_device', ` + allow $1 $1_self:mmu exchange; allow $1 $2:resource use; allow $1 domio_t:mmu { map_read map_write }; ') diff -r 1afbedca64ea -r 50418c161c75 xen/common/memory.c --- a/xen/common/memory.c Fri Jan 11 10:39:58 2013 +0000 +++ b/xen/common/memory.c Fri Jan 11 10:40:58 2013 +0000 @@ -341,9 +341,19 @@ static long memory_exchange(XEN_GUEST_HA out_chunk_order = exch.in.extent_order - exch.out.extent_order; } - rc = rcu_lock_target_domain_by_id(exch.in.domid, &d); + d = rcu_lock_domain_by_any_id(exch.in.domid); + if ( d == NULL ) + { + rc = -ESRCH; + goto fail_early; + } + + rc = xsm_memory_exchange(d); if ( rc ) + { + rcu_unlock_domain(d); goto fail_early; + } memflags |= MEMF_bits(domain_clamp_alloc_bitsize( d, diff -r 1afbedca64ea -r 50418c161c75 xen/include/xsm/dummy.h --- a/xen/include/xsm/dummy.h Fri Jan 11 10:39:58 2013 +0000 +++ b/xen/include/xsm/dummy.h Fri Jan 11 10:40:58 2013 +0000 @@ -235,6 +235,13 @@ static XSM_INLINE int xsm_grant_query_si return 0; } +static XSM_INLINE int xsm_memory_exchange(struct domain *d) +{ + if ( d != current->domain && !IS_PRIV_FOR(current->domain, d) ) + return -EPERM; + return 0; +} + static XSM_INLINE int xsm_memory_adjust_reservation(struct domain *d1, struct domain *d2) { diff -r 1afbedca64ea -r 50418c161c75 xen/include/xsm/xsm.h --- a/xen/include/xsm/xsm.h Fri Jan 11 10:39:58 2013 +0000 +++ b/xen/include/xsm/xsm.h Fri Jan 11 10:40:58 2013 +0000 @@ -96,6 +96,7 @@ struct xsm_operations { int (*get_pod_target) (struct domain *d); int (*set_pod_target) (struct domain *d); + int (*memory_exchange) (struct domain *d); int (*memory_adjust_reservation) (struct domain *d1, struct domain *d2); int (*memory_stat_reservation) (struct domain *d1, struct domain *d2); int (*memory_pin_page) (struct domain *d1, struct domain *d2, struct page_info *page); @@ -453,6 +454,11 @@ static inline int xsm_set_pod_target (st return xsm_ops->set_pod_target(d); } +static inline int xsm_memory_exchange (struct domain *d) +{ + return xsm_ops->memory_exchange(d); +} + static inline int xsm_memory_adjust_reservation (struct domain *d1, struct domain *d2) { diff -r 1afbedca64ea -r 50418c161c75 xen/xsm/dummy.c --- a/xen/xsm/dummy.c Fri Jan 11 10:39:58 2013 +0000 +++ b/xen/xsm/dummy.c Fri Jan 11 10:40:58 2013 +0000 @@ -84,6 +84,7 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, get_pod_target); set_to_dummy_if_null(ops, set_pod_target); + set_to_dummy_if_null(ops, memory_exchange); set_to_dummy_if_null(ops, memory_adjust_reservation); set_to_dummy_if_null(ops, memory_stat_reservation); set_to_dummy_if_null(ops, memory_pin_page); diff -r 1afbedca64ea -r 50418c161c75 xen/xsm/flask/hooks.c --- a/xen/xsm/flask/hooks.c Fri Jan 11 10:39:58 2013 +0000 +++ b/xen/xsm/flask/hooks.c Fri Jan 11 10:40:58 2013 +0000 @@ -396,6 +396,11 @@ static int flask_set_pod_target(struct d return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETPODTARGET); } +static int flask_memory_exchange(struct domain *d) +{ + return current_has_perm(d, SECCLASS_MMU, MMU__EXCHANGE); +} + static int flask_memory_adjust_reservation(struct domain *d1, struct domain *d2) { return domain_has_perm(d1, d2, SECCLASS_MMU, MMU__ADJUST); @@ -1686,6 +1691,7 @@ static struct xsm_operations flask_ops = .get_pod_target = flask_get_pod_target, .set_pod_target = flask_set_pod_target, + .memory_exchange = flask_memory_exchange, .memory_adjust_reservation = flask_memory_adjust_reservation, .memory_stat_reservation = flask_memory_stat_reservation, .memory_pin_page = flask_memory_pin_page, diff -r 1afbedca64ea -r 50418c161c75 xen/xsm/flask/policy/access_vectors --- a/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:39:58 2013 +0000 +++ b/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:40:58 2013 +0000 @@ -142,6 +142,7 @@ class mmu memorymap remote_remap mmuext_op + exchange } class shadow _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:23 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:23 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGL-0007LH-AT; Wed, 16 Jan 2013 08:22:21 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGK-0007KR-FL for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:20 +0000 Received: from [85.158.143.99:61316] by server-2.bemta-4.messagelabs.com id 96/8C-24322-B3366F05; Wed, 16 Jan 2013 08:22:19 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-4.tower-216.messagelabs.com!1358324535!22850525!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 9341 invoked from network); 16 Jan 2013 08:22:16 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-4.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:16 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGE-0003rR-TT for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:14 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGE-0000ae-SF for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:14 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:14 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen: domctl XSM hook removal X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357900911 0 # Node ID 6672ac1415b1a94f5287d9a34ac4cd9e8e9d536a # Parent 50418c161c75d0f8439f686ad2813dcfdcc16e5a xen: domctl XSM hook removal A number of the domctl XSM hooks do nothing except pass the domain and operation ID, making them redundant with the xsm_domctl hook. Remove these redundant hooks. The remaining domctls all use individual hooks because they pass extra details of the call to the XSM module in order to allow a more fine-grained access decision to be made - for example, considering the exact device or memory range being set up for guest access. Signed-off-by: Daniel De Graaf Committed-by: Keir Fraser --- diff -r 50418c161c75 -r 6672ac1415b1 xen/arch/x86/domctl.c --- a/xen/arch/x86/domctl.c Fri Jan 11 10:40:58 2013 +0000 +++ b/xen/arch/x86/domctl.c Fri Jan 11 10:41:51 2013 +0000 @@ -97,10 +97,6 @@ long arch_do_domctl( page = mfn_to_page(mfn); - ret = xsm_getpageframeinfo(d); - if ( ret ) - break; - if ( likely(get_page(page, d)) ) { ret = 0; @@ -141,10 +137,6 @@ long arch_do_domctl( struct page_info *page; xen_pfn_t *arr; - ret = xsm_getpageframeinfo(d); - if ( ret ) - break; - if ( unlikely(num > 1024) || unlikely(num != domctl->u.getpageframeinfo3.num) ) { @@ -239,10 +231,6 @@ long arch_do_domctl( int num = domctl->u.getpageframeinfo2.num; uint32_t *arr32; - ret = xsm_getpageframeinfo(d); - if ( ret ) - break; - if ( unlikely(num > 1024) ) { ret = -E2BIG; @@ -334,10 +322,6 @@ long arch_do_domctl( uint64_t mfn; struct page_info *page; - ret = xsm_getmemlist(d); - if ( ret ) - break; - if ( unlikely(d->is_dying) ) { ret = -EINVAL; break; @@ -373,10 +357,6 @@ long arch_do_domctl( struct page_info *page; void *hypercall_page; - ret = xsm_hypercall_init(d); - if ( ret ) - break; - page = get_page_from_gfn(d, gmfn, NULL, P2M_ALLOC); ret = -EACCES; @@ -401,10 +381,6 @@ long arch_do_domctl( { struct hvm_domain_context c = { .size = domctl->u.hvmcontext.size }; - ret = xsm_hvmcontext(d, domctl->cmd); - if ( ret ) - goto sethvmcontext_out; - ret = -EINVAL; if ( !is_hvm_domain(d) ) goto sethvmcontext_out; @@ -431,10 +407,6 @@ long arch_do_domctl( { struct hvm_domain_context c = { 0 }; - ret = xsm_hvmcontext(d, domctl->cmd); - if ( ret ) - goto gethvmcontext_out; - ret = -EINVAL; if ( !is_hvm_domain(d) ) goto gethvmcontext_out; @@ -477,10 +449,6 @@ long arch_do_domctl( case XEN_DOMCTL_gethvmcontext_partial: { - ret = xsm_hvmcontext(d, domctl->cmd); - if ( ret ) - break; - ret = -EINVAL; if ( !is_hvm_domain(d) ) break; @@ -496,10 +464,6 @@ long arch_do_domctl( case XEN_DOMCTL_set_address_size: { - ret = xsm_address_size(d, domctl->cmd); - if ( ret ) - break; - switch ( domctl->u.address_size.size ) { case 32: @@ -517,10 +481,6 @@ long arch_do_domctl( case XEN_DOMCTL_get_address_size: { - ret = xsm_address_size(d, domctl->cmd); - if ( ret ) - break; - domctl->u.address_size.size = is_pv_32on64_domain(d) ? 32 : BITS_PER_LONG; @@ -531,10 +491,6 @@ long arch_do_domctl( case XEN_DOMCTL_set_machine_address_size: { - ret = xsm_machine_address_size(d, domctl->cmd); - if ( ret ) - break; - ret = -EBUSY; if ( d->tot_pages > 0 ) break; @@ -547,10 +503,6 @@ long arch_do_domctl( case XEN_DOMCTL_get_machine_address_size: { - ret = xsm_machine_address_size(d, domctl->cmd); - if ( ret ) - break; - domctl->u.address_size.size = d->arch.physaddr_bitsize; ret = 0; @@ -562,10 +514,6 @@ long arch_do_domctl( { struct vcpu *v; - ret = xsm_sendtrigger(d); - if ( ret ) - break; - ret = -EINVAL; if ( domctl->u.sendtrigger.vcpu >= MAX_VIRT_CPUS ) break; @@ -832,10 +780,6 @@ long arch_do_domctl( case XEN_DOMCTL_pin_mem_cacheattr: { - ret = xsm_pin_mem_cacheattr(d); - if ( ret ) - break; - ret = hvm_set_mem_pinned_cacheattr( d, domctl->u.pin_mem_cacheattr.start, domctl->u.pin_mem_cacheattr.end, @@ -851,10 +795,6 @@ long arch_do_domctl( evc = &domctl->u.ext_vcpucontext; - ret = xsm_ext_vcpucontext(d, domctl->cmd); - if ( ret ) - break; - ret = -ESRCH; if ( (evc->vcpu >= d->max_vcpus) || ((v = d->vcpu[evc->vcpu]) == NULL) ) @@ -1118,10 +1058,6 @@ long arch_do_domctl( evc = &domctl->u.vcpuextstate; - ret = xsm_vcpuextstate(d, domctl->cmd); - if ( ret ) - goto vcpuextstate_out; - ret = -ESRCH; if ( (evc->vcpu >= d->max_vcpus) || ((v = d->vcpu[evc->vcpu]) == NULL) ) @@ -1231,9 +1167,7 @@ long arch_do_domctl( case XEN_DOMCTL_mem_sharing_op: { - ret = xsm_mem_sharing(d); - if ( !ret ) - ret = mem_sharing_domctl(d, &domctl->u.mem_sharing_op); + ret = mem_sharing_domctl(d, &domctl->u.mem_sharing_op); } break; @@ -1263,11 +1197,9 @@ long arch_do_domctl( if ( current->domain == d ) break; - ret = xsm_mem_event_setup(d); - if ( !ret ) { - p2m = p2m_get_hostp2m(d); - p2m->access_required = domctl->u.access_required.access_required; - } + ret = 0; + p2m = p2m_get_hostp2m(d); + p2m->access_required = domctl->u.access_required.access_required; } break; diff -r 50418c161c75 -r 6672ac1415b1 xen/common/domctl.c --- a/xen/common/domctl.c Fri Jan 11 10:40:58 2013 +0000 +++ b/xen/common/domctl.c Fri Jan 11 10:41:51 2013 +0000 @@ -290,10 +290,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe if ( d == NULL ) break; - ret = xsm_setvcpucontext(d); - if ( ret ) - goto svc_out; - ret = -EINVAL; if ( (d == current->domain) || /* no domain_pause() */ (vcpu >= d->max_vcpus) || ((v = d->vcpu[vcpu]) == NULL) ) @@ -340,10 +336,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe case XEN_DOMCTL_pausedomain: { - ret = xsm_pausedomain(d); - if ( ret ) - break; - ret = -EINVAL; if ( d != current->domain ) { @@ -355,10 +347,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe case XEN_DOMCTL_unpausedomain: { - ret = xsm_unpausedomain(d); - if ( ret ) - break; - domain_unpause_by_systemcontroller(d); ret = 0; } @@ -366,10 +354,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe case XEN_DOMCTL_resumedomain: { - ret = xsm_resumedomain(d); - if ( ret ) - break; - domain_resume(d); ret = 0; } @@ -452,10 +436,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe (is_hvm_domain(d) && (max > MAX_HVM_VCPUS)) ) break; - ret = xsm_max_vcpus(d); - if ( ret ) - break; - /* Until Xenoprof can dynamically grow its vcpu-s array... */ if ( d->xenoprof ) { @@ -538,7 +518,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe case XEN_DOMCTL_destroydomain: { - ret = xsm_destroydomain(d) ? : domain_kill(d); + ret = domain_kill(d); } break; @@ -547,10 +527,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe { struct vcpu *v; - ret = xsm_vcpuaffinity(op->cmd, d); - if ( ret ) - break; - ret = -EINVAL; if ( op->u.vcpuaffinity.vcpu >= d->max_vcpus ) break; @@ -581,10 +557,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe case XEN_DOMCTL_scheduler_op: { - ret = xsm_scheduler(d); - if ( ret ) - break; - ret = sched_adjust(d, &op->u.scheduler_op); copyback = 1; } @@ -627,10 +599,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe vcpu_guest_context_u c = { .nat = NULL }; struct vcpu *v; - ret = xsm_getvcpucontext(d); - if ( ret ) - goto getvcpucontext_out; - ret = -EINVAL; if ( op->u.vcpucontext.vcpu >= d->max_vcpus ) goto getvcpucontext_out; @@ -684,10 +652,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe struct vcpu *v; struct vcpu_runstate_info runstate; - ret = xsm_getvcpuinfo(d); - if ( ret ) - break; - ret = -EINVAL; if ( op->u.getvcpuinfo.vcpu >= d->max_vcpus ) break; @@ -712,10 +676,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe { unsigned long new_max; - ret = xsm_setdomainmaxmem(d); - if ( ret ) - break; - ret = -EINVAL; new_max = op->u.max_mem.max_memkb >> (PAGE_SHIFT-10); @@ -733,10 +693,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe case XEN_DOMCTL_setdomainhandle: { - ret = xsm_setdomainhandle(d); - if ( ret ) - break; - memcpy(d->handle, op->u.setdomainhandle.handle, sizeof(xen_domain_handle_t)); ret = 0; @@ -749,10 +705,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe if ( d == current->domain ) /* no domain_pause() */ break; - ret = xsm_setdebugging(d); - if ( ret ) - break; - domain_pause(d); d->debugger_attached = !!op->u.setdebugging.enable; domain_unpause(d); /* causes guest to latch new status */ @@ -797,10 +749,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe case XEN_DOMCTL_settimeoffset: { - ret = xsm_domain_settime(d); - if ( ret ) - break; - domain_set_time_offset(d, op->u.settimeoffset.time_offset_seconds); ret = 0; } @@ -850,10 +798,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe case XEN_DOMCTL_set_virq_handler: { uint32_t virq = op->u.set_virq_handler.virq; - - ret = xsm_set_virq_handler(d, virq); - if ( !ret ) - ret = set_global_virq_handler(d, virq); + ret = set_global_virq_handler(d, virq); } break; diff -r 50418c161c75 -r 6672ac1415b1 xen/include/xsm/dummy.h --- a/xen/include/xsm/dummy.h Fri Jan 11 10:40:58 2013 +0000 +++ b/xen/include/xsm/dummy.h Fri Jan 11 10:41:51 2013 +0000 @@ -17,71 +17,16 @@ static XSM_INLINE void xsm_security_doma return; } -static XSM_INLINE int xsm_setvcpucontext(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_pausedomain(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_unpausedomain(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_resumedomain(struct domain *d) -{ - return 0; -} - static XSM_INLINE int xsm_domain_create(struct domain *d, u32 ssidref) { return 0; } -static XSM_INLINE int xsm_max_vcpus(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_destroydomain(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_vcpuaffinity(int cmd, struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_scheduler(struct domain *d) -{ - return 0; -} - static XSM_INLINE int xsm_getdomaininfo(struct domain *d) { return 0; } -static XSM_INLINE int xsm_getvcpucontext(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_getvcpuinfo(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_domain_settime(struct domain *d) -{ - return 0; -} - static XSM_INLINE int xsm_set_target(struct domain *d, struct domain *e) { return 0; @@ -113,11 +58,6 @@ static XSM_INLINE int xsm_sysctl(int cmd return 0; } -static XSM_INLINE int xsm_set_virq_handler(struct domain *d, uint32_t virq) -{ - return 0; -} - static XSM_INLINE int xsm_tbufcontrol(void) { return 0; @@ -133,21 +73,6 @@ static XSM_INLINE int xsm_sched_id(void) return 0; } -static XSM_INLINE int xsm_setdomainmaxmem(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_setdomainhandle(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_setdebugging(struct domain *d) -{ - return 0; -} - static XSM_INLINE int xsm_perfcontrol(void) { return 0; @@ -493,36 +418,6 @@ static XSM_INLINE int xsm_shadow_control return 0; } -static XSM_INLINE int xsm_getpageframeinfo(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_getmemlist(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_hypercall_init(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_hvmcontext(struct domain *d, uint32_t cmd) -{ - return 0; -} - -static XSM_INLINE int xsm_address_size(struct domain *d, uint32_t cmd) -{ - return 0; -} - -static XSM_INLINE int xsm_machine_address_size(struct domain *d, uint32_t cmd) -{ - return 0; -} - static XSM_INLINE int xsm_hvm_param(struct domain *d, unsigned long op) { if ( current->domain != d && !IS_PRIV_FOR(current->domain, d) ) @@ -558,11 +453,6 @@ static XSM_INLINE int xsm_hvm_inject_msi return 0; } -static XSM_INLINE int xsm_mem_event_setup(struct domain *d) -{ - return 0; -} - static XSM_INLINE int xsm_mem_event_control(struct domain *d, int mode, int op) { if ( !IS_PRIV(current->domain) ) @@ -577,11 +467,6 @@ static XSM_INLINE int xsm_mem_event_op(s return 0; } -static XSM_INLINE int xsm_mem_sharing(struct domain *d) -{ - return 0; -} - static XSM_INLINE int xsm_mem_sharing_op(struct domain *d, struct domain *cd, int op) { if ( !IS_PRIV_FOR(current->domain, cd) ) @@ -708,11 +593,6 @@ static XSM_INLINE int xsm_remove_from_ph return 0; } -static XSM_INLINE int xsm_sendtrigger(struct domain *d) -{ - return 0; -} - static XSM_INLINE int xsm_bind_pt_irq(struct domain *d, struct xen_domctl_bind_pt_irq *bind) { return 0; @@ -723,21 +603,6 @@ static XSM_INLINE int xsm_unbind_pt_irq( return 0; } -static XSM_INLINE int xsm_pin_mem_cacheattr(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_ext_vcpucontext(struct domain *d, uint32_t cmd) -{ - return 0; -} - -static XSM_INLINE int xsm_vcpuextstate(struct domain *d, uint32_t cmd) -{ - return 0; -} - static XSM_INLINE int xsm_ioport_permission(struct domain *d, uint32_t s, uint32_t e, uint8_t allow) { return 0; diff -r 50418c161c75 -r 6672ac1415b1 xen/include/xsm/xsm.h --- a/xen/include/xsm/xsm.h Fri Jan 11 10:40:58 2013 +0000 +++ b/xen/include/xsm/xsm.h Fri Jan 11 10:41:51 2013 +0000 @@ -41,29 +41,14 @@ extern xsm_initcall_t __xsm_initcall_sta struct xsm_operations { void (*security_domaininfo) (struct domain *d, struct xen_domctl_getdomaininfo *info); - int (*setvcpucontext) (struct domain *d); - int (*pausedomain) (struct domain *d); - int (*unpausedomain) (struct domain *d); - int (*resumedomain) (struct domain *d); int (*domain_create) (struct domain *d, u32 ssidref); - int (*max_vcpus) (struct domain *d); - int (*destroydomain) (struct domain *d); - int (*vcpuaffinity) (int cmd, struct domain *d); - int (*scheduler) (struct domain *d); int (*getdomaininfo) (struct domain *d); - int (*getvcpucontext) (struct domain *d); - int (*getvcpuinfo) (struct domain *d); - int (*domain_settime) (struct domain *d); int (*set_target) (struct domain *d, struct domain *e); int (*domctl) (struct domain *d, int cmd); int (*sysctl) (int cmd); - int (*set_virq_handler) (struct domain *d, uint32_t virq); int (*tbufcontrol) (void); int (*readconsole) (uint32_t clear); int (*sched_id) (void); - int (*setdomainmaxmem) (struct domain *d); - int (*setdomainhandle) (struct domain *d); - int (*setdebugging) (struct domain *d); int (*perfcontrol) (void); int (*debug_keys) (void); int (*getcpuinfo) (void); @@ -139,21 +124,13 @@ struct xsm_operations { #ifdef CONFIG_X86 int (*shadow_control) (struct domain *d, uint32_t op); - int (*getpageframeinfo) (struct domain *d); - int (*getmemlist) (struct domain *d); - int (*hypercall_init) (struct domain *d); - int (*hvmcontext) (struct domain *d, uint32_t op); - int (*address_size) (struct domain *d, uint32_t op); - int (*machine_address_size) (struct domain *d, uint32_t op); int (*hvm_param) (struct domain *d, unsigned long op); int (*hvm_set_pci_intx_level) (struct domain *d); int (*hvm_set_isa_irq_level) (struct domain *d); int (*hvm_set_pci_link_route) (struct domain *d); int (*hvm_inject_msi) (struct domain *d); - int (*mem_event_setup) (struct domain *d); int (*mem_event_control) (struct domain *d, int mode, int op); int (*mem_event_op) (struct domain *d, int op); - int (*mem_sharing) (struct domain *d); int (*mem_sharing_op) (struct domain *d, struct domain *cd, int op); int (*apic) (struct domain *d, int cmd); int (*xen_settime) (void); @@ -178,12 +155,8 @@ struct xsm_operations { int (*mmuext_op) (struct domain *d, struct domain *f); int (*update_va_mapping) (struct domain *d, struct domain *f, l1_pgentry_t pte); int (*add_to_physmap) (struct domain *d1, struct domain *d2); - int (*sendtrigger) (struct domain *d); int (*bind_pt_irq) (struct domain *d, struct xen_domctl_bind_pt_irq *bind); int (*unbind_pt_irq) (struct domain *d, struct xen_domctl_bind_pt_irq *bind); - int (*pin_mem_cacheattr) (struct domain *d); - int (*ext_vcpucontext) (struct domain *d, uint32_t cmd); - int (*vcpuextstate) (struct domain *d, uint32_t cmd); int (*ioport_permission) (struct domain *d, uint32_t s, uint32_t e, uint8_t allow); int (*ioport_mapping) (struct domain *d, uint32_t s, uint32_t e, uint8_t allow); #endif @@ -201,71 +174,16 @@ static inline void xsm_security_domainin xsm_ops->security_domaininfo(d, info); } -static inline int xsm_setvcpucontext(struct domain *d) -{ - return xsm_ops->setvcpucontext(d); -} - -static inline int xsm_pausedomain (struct domain *d) -{ - return xsm_ops->pausedomain(d); -} - -static inline int xsm_unpausedomain (struct domain *d) -{ - return xsm_ops->unpausedomain(d); -} - -static inline int xsm_resumedomain (struct domain *d) -{ - return xsm_ops->resumedomain(d); -} - static inline int xsm_domain_create (struct domain *d, u32 ssidref) { return xsm_ops->domain_create(d, ssidref); } -static inline int xsm_max_vcpus(struct domain *d) -{ - return xsm_ops->max_vcpus(d); -} - -static inline int xsm_destroydomain (struct domain *d) -{ - return xsm_ops->destroydomain(d); -} - -static inline int xsm_vcpuaffinity (int cmd, struct domain *d) -{ - return xsm_ops->vcpuaffinity(cmd, d); -} - -static inline int xsm_scheduler (struct domain *d) -{ - return xsm_ops->scheduler(d); -} - static inline int xsm_getdomaininfo (struct domain *d) { return xsm_ops->getdomaininfo(d); } -static inline int xsm_getvcpucontext (struct domain *d) -{ - return xsm_ops->getvcpucontext(d); -} - -static inline int xsm_getvcpuinfo (struct domain *d) -{ - return xsm_ops->getvcpuinfo(d); -} - -static inline int xsm_domain_settime (struct domain *d) -{ - return xsm_ops->domain_settime(d); -} - static inline int xsm_set_target (struct domain *d, struct domain *e) { return xsm_ops->set_target(d, e); @@ -281,11 +199,6 @@ static inline int xsm_sysctl (int cmd) return xsm_ops->sysctl(cmd); } -static inline int xsm_set_virq_handler (struct domain *d, uint32_t virq) -{ - return xsm_ops->set_virq_handler(d, virq); -} - static inline int xsm_tbufcontrol (void) { return xsm_ops->tbufcontrol(); @@ -301,21 +214,6 @@ static inline int xsm_sched_id (void) return xsm_ops->sched_id(); } -static inline int xsm_setdomainmaxmem (struct domain *d) -{ - return xsm_ops->setdomainmaxmem(d); -} - -static inline int xsm_setdomainhandle (struct domain *d) -{ - return xsm_ops->setdomainhandle(d); -} - -static inline int xsm_setdebugging (struct domain *d) -{ - return xsm_ops->setdebugging(d); -} - static inline int xsm_perfcontrol (void) { return xsm_ops->perfcontrol(); @@ -623,36 +521,6 @@ static inline int xsm_shadow_control (st return xsm_ops->shadow_control(d, op); } -static inline int xsm_getpageframeinfo (struct domain *d) -{ - return xsm_ops->getpageframeinfo(d); -} - -static inline int xsm_getmemlist (struct domain *d) -{ - return xsm_ops->getmemlist(d); -} - -static inline int xsm_hypercall_init (struct domain *d) -{ - return xsm_ops->hypercall_init(d); -} - -static inline int xsm_hvmcontext (struct domain *d, uint32_t cmd) -{ - return xsm_ops->hvmcontext(d, cmd); -} - -static inline int xsm_address_size (struct domain *d, uint32_t cmd) -{ - return xsm_ops->address_size(d, cmd); -} - -static inline int xsm_machine_address_size (struct domain *d, uint32_t cmd) -{ - return xsm_ops->machine_address_size(d, cmd); -} - static inline int xsm_hvm_param (struct domain *d, unsigned long op) { return xsm_ops->hvm_param(d, op); @@ -678,11 +546,6 @@ static inline int xsm_hvm_inject_msi (st return xsm_ops->hvm_inject_msi(d); } -static inline int xsm_mem_event_setup (struct domain *d) -{ - return xsm_ops->mem_event_setup(d); -} - static inline int xsm_mem_event_control (struct domain *d, int mode, int op) { return xsm_ops->mem_event_control(d, mode, op); @@ -693,11 +556,6 @@ static inline int xsm_mem_event_op (stru return xsm_ops->mem_event_op(d, op); } -static inline int xsm_mem_sharing (struct domain *d) -{ - return xsm_ops->mem_sharing(d); -} - static inline int xsm_mem_sharing_op (struct domain *d, struct domain *cd, int op) { return xsm_ops->mem_sharing_op(d, cd, op); @@ -795,11 +653,6 @@ static inline int xsm_add_to_physmap(str return xsm_ops->add_to_physmap(d1, d2); } -static inline int xsm_sendtrigger(struct domain *d) -{ - return xsm_ops->sendtrigger(d); -} - static inline int xsm_bind_pt_irq(struct domain *d, struct xen_domctl_bind_pt_irq *bind) { @@ -812,20 +665,6 @@ static inline int xsm_unbind_pt_irq(stru return xsm_ops->unbind_pt_irq(d, bind); } -static inline int xsm_pin_mem_cacheattr(struct domain *d) -{ - return xsm_ops->pin_mem_cacheattr(d); -} - -static inline int xsm_ext_vcpucontext(struct domain *d, uint32_t cmd) -{ - return xsm_ops->ext_vcpucontext(d, cmd); -} -static inline int xsm_vcpuextstate(struct domain *d, uint32_t cmd) -{ - return xsm_ops->vcpuextstate(d, cmd); -} - static inline int xsm_ioport_permission (struct domain *d, uint32_t s, uint32_t e, uint8_t allow) { return xsm_ops->ioport_permission(d, s, e, allow); diff -r 50418c161c75 -r 6672ac1415b1 xen/xsm/dummy.c --- a/xen/xsm/dummy.c Fri Jan 11 10:40:58 2013 +0000 +++ b/xen/xsm/dummy.c Fri Jan 11 10:41:51 2013 +0000 @@ -30,29 +30,14 @@ struct xsm_operations dummy_xsm_ops; void xsm_fixup_ops (struct xsm_operations *ops) { set_to_dummy_if_null(ops, security_domaininfo); - set_to_dummy_if_null(ops, setvcpucontext); - set_to_dummy_if_null(ops, pausedomain); - set_to_dummy_if_null(ops, unpausedomain); - set_to_dummy_if_null(ops, resumedomain); set_to_dummy_if_null(ops, domain_create); - set_to_dummy_if_null(ops, max_vcpus); - set_to_dummy_if_null(ops, destroydomain); - set_to_dummy_if_null(ops, vcpuaffinity); - set_to_dummy_if_null(ops, scheduler); set_to_dummy_if_null(ops, getdomaininfo); - set_to_dummy_if_null(ops, getvcpucontext); - set_to_dummy_if_null(ops, getvcpuinfo); - set_to_dummy_if_null(ops, domain_settime); set_to_dummy_if_null(ops, set_target); set_to_dummy_if_null(ops, domctl); set_to_dummy_if_null(ops, sysctl); - set_to_dummy_if_null(ops, set_virq_handler); set_to_dummy_if_null(ops, tbufcontrol); set_to_dummy_if_null(ops, readconsole); set_to_dummy_if_null(ops, sched_id); - set_to_dummy_if_null(ops, setdomainmaxmem); - set_to_dummy_if_null(ops, setdomainhandle); - set_to_dummy_if_null(ops, setdebugging); set_to_dummy_if_null(ops, perfcontrol); set_to_dummy_if_null(ops, debug_keys); set_to_dummy_if_null(ops, getcpuinfo); @@ -126,21 +111,13 @@ void xsm_fixup_ops (struct xsm_operation #ifdef CONFIG_X86 set_to_dummy_if_null(ops, shadow_control); - set_to_dummy_if_null(ops, getpageframeinfo); - set_to_dummy_if_null(ops, getmemlist); - set_to_dummy_if_null(ops, hypercall_init); - set_to_dummy_if_null(ops, hvmcontext); - set_to_dummy_if_null(ops, address_size); - set_to_dummy_if_null(ops, machine_address_size); set_to_dummy_if_null(ops, hvm_param); set_to_dummy_if_null(ops, hvm_set_pci_intx_level); set_to_dummy_if_null(ops, hvm_set_isa_irq_level); set_to_dummy_if_null(ops, hvm_set_pci_link_route); set_to_dummy_if_null(ops, hvm_inject_msi); - set_to_dummy_if_null(ops, mem_event_setup); set_to_dummy_if_null(ops, mem_event_control); set_to_dummy_if_null(ops, mem_event_op); - set_to_dummy_if_null(ops, mem_sharing); set_to_dummy_if_null(ops, mem_sharing_op); set_to_dummy_if_null(ops, apic); set_to_dummy_if_null(ops, xen_settime); @@ -161,12 +138,8 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, update_va_mapping); set_to_dummy_if_null(ops, add_to_physmap); set_to_dummy_if_null(ops, remove_from_physmap); - set_to_dummy_if_null(ops, sendtrigger); set_to_dummy_if_null(ops, bind_pt_irq); set_to_dummy_if_null(ops, unbind_pt_irq); - set_to_dummy_if_null(ops, pin_mem_cacheattr); - set_to_dummy_if_null(ops, ext_vcpucontext); - set_to_dummy_if_null(ops, vcpuextstate); set_to_dummy_if_null(ops, ioport_permission); set_to_dummy_if_null(ops, ioport_mapping); #endif diff -r 50418c161c75 -r 6672ac1415b1 xen/xsm/flask/hooks.c --- a/xen/xsm/flask/hooks.c Fri Jan 11 10:40:58 2013 +0000 +++ b/xen/xsm/flask/hooks.c Fri Jan 11 10:41:51 2013 +0000 @@ -484,26 +484,6 @@ static void flask_security_domaininfo(st info->ssidref = domain_sid(d); } -static int flask_setvcpucontext(struct domain *d) -{ - return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETVCPUCONTEXT); -} - -static int flask_pausedomain(struct domain *d) -{ - return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__PAUSE); -} - -static int flask_unpausedomain(struct domain *d) -{ - return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__UNPAUSE); -} - -static int flask_resumedomain(struct domain *d) -{ - return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__RESUME); -} - static int flask_domain_create(struct domain *d, u32 ssidref) { int rc; @@ -532,66 +512,11 @@ static int flask_domain_create(struct do return rc; } -static int flask_max_vcpus(struct domain *d) -{ - return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__MAX_VCPUS); -} - -static int flask_destroydomain(struct domain *d) -{ - return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__DESTROY); -} - -static int flask_vcpuaffinity(int cmd, struct domain *d) -{ - u32 perm; - - switch ( cmd ) - { - case XEN_DOMCTL_setvcpuaffinity: - perm = DOMAIN__SETVCPUAFFINITY; - break; - case XEN_DOMCTL_getvcpuaffinity: - perm = DOMAIN__GETVCPUAFFINITY; - break; - default: - return -EPERM; - } - - return current_has_perm(d, SECCLASS_DOMAIN, perm ); -} - -static int flask_scheduler(struct domain *d) -{ - int rc = 0; - - rc = domain_has_xen(current->domain, XEN__SCHEDULER); - if ( rc ) - return rc; - - return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SCHEDULER); -} - static int flask_getdomaininfo(struct domain *d) { return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETDOMAININFO); } -static int flask_getvcpucontext(struct domain *d) -{ - return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETVCPUCONTEXT); -} - -static int flask_getvcpuinfo(struct domain *d) -{ - return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETVCPUINFO); -} - -static int flask_domain_settime(struct domain *d) -{ - return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETTIME); -} - static int flask_set_target(struct domain *d, struct domain *t) { int rc; @@ -622,55 +547,19 @@ static int flask_domctl(struct domain *d { /* These have individual XSM hooks (common/domctl.c) */ case XEN_DOMCTL_createdomain: - case XEN_DOMCTL_destroydomain: - case XEN_DOMCTL_pausedomain: - case XEN_DOMCTL_unpausedomain: case XEN_DOMCTL_getdomaininfo: - case XEN_DOMCTL_setvcpuaffinity: - case XEN_DOMCTL_max_mem: - case XEN_DOMCTL_setvcpucontext: - case XEN_DOMCTL_getvcpucontext: - case XEN_DOMCTL_getvcpuinfo: - case XEN_DOMCTL_max_vcpus: - case XEN_DOMCTL_scheduler_op: - case XEN_DOMCTL_setdomainhandle: - case XEN_DOMCTL_setdebugging: case XEN_DOMCTL_irq_permission: case XEN_DOMCTL_iomem_permission: - case XEN_DOMCTL_settimeoffset: - case XEN_DOMCTL_getvcpuaffinity: - case XEN_DOMCTL_resumedomain: case XEN_DOMCTL_set_target: - case XEN_DOMCTL_set_virq_handler: #ifdef CONFIG_X86 /* These have individual XSM hooks (arch/x86/domctl.c) */ case XEN_DOMCTL_shadow_op: case XEN_DOMCTL_ioport_permission: - case XEN_DOMCTL_getpageframeinfo: - case XEN_DOMCTL_getpageframeinfo2: - case XEN_DOMCTL_getpageframeinfo3: - case XEN_DOMCTL_getmemlist: - case XEN_DOMCTL_hypercall_init: - case XEN_DOMCTL_sethvmcontext: - case XEN_DOMCTL_gethvmcontext: - case XEN_DOMCTL_gethvmcontext_partial: - case XEN_DOMCTL_set_address_size: - case XEN_DOMCTL_get_address_size: - case XEN_DOMCTL_set_machine_address_size: - case XEN_DOMCTL_get_machine_address_size: - case XEN_DOMCTL_sendtrigger: case XEN_DOMCTL_bind_pt_irq: case XEN_DOMCTL_unbind_pt_irq: case XEN_DOMCTL_memory_mapping: case XEN_DOMCTL_ioport_mapping: - case XEN_DOMCTL_pin_mem_cacheattr: - case XEN_DOMCTL_set_ext_vcpucontext: - case XEN_DOMCTL_get_ext_vcpucontext: - case XEN_DOMCTL_setvcpuextstate: - case XEN_DOMCTL_getvcpuextstate: case XEN_DOMCTL_mem_event_op: - case XEN_DOMCTL_mem_sharing_op: - case XEN_DOMCTL_set_access_required: /* These have individual XSM hooks (drivers/passthrough/iommu.c) */ case XEN_DOMCTL_get_device_group: case XEN_DOMCTL_test_assign_device: @@ -679,6 +568,101 @@ static int flask_domctl(struct domain *d #endif return 0; + case XEN_DOMCTL_destroydomain: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__DESTROY); + + case XEN_DOMCTL_pausedomain: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__PAUSE); + + case XEN_DOMCTL_unpausedomain: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__UNPAUSE); + + case XEN_DOMCTL_setvcpuaffinity: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETVCPUAFFINITY); + + case XEN_DOMCTL_getvcpuaffinity: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETVCPUAFFINITY); + + case XEN_DOMCTL_resumedomain: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__RESUME); + + case XEN_DOMCTL_scheduler_op: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SCHEDULER); + + case XEN_DOMCTL_max_vcpus: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__MAX_VCPUS); + + case XEN_DOMCTL_max_mem: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETDOMAINMAXMEM); + + case XEN_DOMCTL_setdomainhandle: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETDOMAINHANDLE); + + case XEN_DOMCTL_setvcpucontext: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETVCPUCONTEXT); + + case XEN_DOMCTL_getvcpucontext: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETVCPUCONTEXT); + + case XEN_DOMCTL_getvcpuinfo: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETVCPUINFO); + + case XEN_DOMCTL_settimeoffset: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETTIME); + + case XEN_DOMCTL_setdebugging: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETDEBUGGING); + + case XEN_DOMCTL_getpageframeinfo: + case XEN_DOMCTL_getpageframeinfo2: + case XEN_DOMCTL_getpageframeinfo3: + return current_has_perm(d, SECCLASS_MMU, MMU__PAGEINFO); + + case XEN_DOMCTL_getmemlist: + return current_has_perm(d, SECCLASS_MMU, MMU__PAGELIST); + + case XEN_DOMCTL_hypercall_init: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__HYPERCALL); + + case XEN_DOMCTL_sethvmcontext: + return current_has_perm(d, SECCLASS_HVM, HVM__SETHVMC); + + case XEN_DOMCTL_gethvmcontext: + case XEN_DOMCTL_gethvmcontext_partial: + return current_has_perm(d, SECCLASS_HVM, HVM__GETHVMC); + + case XEN_DOMCTL_set_address_size: + case XEN_DOMCTL_set_machine_address_size: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETADDRSIZE); + + case XEN_DOMCTL_get_address_size: + case XEN_DOMCTL_get_machine_address_size: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETADDRSIZE); + + case XEN_DOMCTL_mem_sharing_op: + return current_has_perm(d, SECCLASS_HVM, HVM__MEM_SHARING); + + case XEN_DOMCTL_pin_mem_cacheattr: + return current_has_perm(d, SECCLASS_HVM, HVM__CACHEATTR); + + case XEN_DOMCTL_set_ext_vcpucontext: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETEXTVCPUCONTEXT); + + case XEN_DOMCTL_get_ext_vcpucontext: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETEXTVCPUCONTEXT); + + case XEN_DOMCTL_setvcpuextstate: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETVCPUEXTSTATE); + + case XEN_DOMCTL_getvcpuextstate: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETVCPUEXTSTATE); + + case XEN_DOMCTL_sendtrigger: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__TRIGGER); + + case XEN_DOMCTL_set_access_required: + return current_has_perm(d, SECCLASS_HVM, HVM__MEM_EVENT); + case XEN_DOMCTL_debug_op: case XEN_DOMCTL_gdbsx_guestmemio: case XEN_DOMCTL_gdbsx_pausevcpu: @@ -691,6 +675,9 @@ static int flask_domctl(struct domain *d case XEN_DOMCTL_suppress_spurious_page_faults: return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SET_MISC_INFO); + case XEN_DOMCTL_set_virq_handler: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SET_VIRQ_HANDLER); + case XEN_DOMCTL_set_cpuid: return current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__SET_CPUID); @@ -741,11 +728,6 @@ static int flask_sysctl(int cmd) } } -static int flask_set_virq_handler(struct domain *d, uint32_t virq) -{ - return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SET_VIRQ_HANDLER); -} - static int flask_tbufcontrol(void) { return domain_has_xen(current->domain, XEN__TBUFCONTROL); @@ -766,21 +748,6 @@ static int flask_sched_id(void) return domain_has_xen(current->domain, XEN__SCHEDULER); } -static int flask_setdomainmaxmem(struct domain *d) -{ - return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETDOMAINMAXMEM); -} - -static int flask_setdomainhandle(struct domain *d) -{ - return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETDOMAINHANDLE); -} - -static int flask_setdebugging(struct domain *d) -{ - return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETDEBUGGING); -} - static int flask_debug_keys(void) { return domain_has_xen(current->domain, XEN__DEBUG); @@ -1165,82 +1132,6 @@ static int flask_ioport_mapping(struct d return flask_ioport_permission(d, start, end, access); } -static int flask_getpageframeinfo(struct domain *d) -{ - return current_has_perm(d, SECCLASS_MMU, MMU__PAGEINFO); -} - -static int flask_getmemlist(struct domain *d) -{ - return current_has_perm(d, SECCLASS_MMU, MMU__PAGELIST); -} - -static int flask_hypercall_init(struct domain *d) -{ - return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__HYPERCALL); -} - -static int flask_hvmcontext(struct domain *d, uint32_t cmd) -{ - u32 perm; - - switch ( cmd ) - { - case XEN_DOMCTL_sethvmcontext: - perm = HVM__SETHVMC; - break; - case XEN_DOMCTL_gethvmcontext: - case XEN_DOMCTL_gethvmcontext_partial: - perm = HVM__GETHVMC; - break; - case HVMOP_track_dirty_vram: - perm = HVM__TRACKDIRTYVRAM; - break; - default: - return -EPERM; - } - - return current_has_perm(d, SECCLASS_HVM, perm); -} - -static int flask_address_size(struct domain *d, uint32_t cmd) -{ - u32 perm; - - switch ( cmd ) - { - case XEN_DOMCTL_set_address_size: - perm = DOMAIN__SETADDRSIZE; - break; - case XEN_DOMCTL_get_address_size: - perm = DOMAIN__GETADDRSIZE; - break; - default: - return -EPERM; - } - - return current_has_perm(d, SECCLASS_DOMAIN, perm); -} - -static int flask_machine_address_size(struct domain *d, uint32_t cmd) -{ - u32 perm; - - switch ( cmd ) - { - case XEN_DOMCTL_set_machine_address_size: - perm = DOMAIN__SETADDRSIZE; - break; - case XEN_DOMCTL_get_machine_address_size: - perm = DOMAIN__GETADDRSIZE; - break; - default: - return -EPERM; - } - - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, perm); -} - static int flask_hvm_param(struct domain *d, unsigned long op) { u32 perm; @@ -1283,11 +1174,6 @@ static int flask_hvm_inject_msi(struct d return current_has_perm(d, SECCLASS_HVM, HVM__SEND_IRQ); } -static int flask_mem_event_setup(struct domain *d) -{ - return current_has_perm(d, SECCLASS_HVM, HVM__MEM_EVENT); -} - static int flask_mem_event_control(struct domain *d, int mode, int op) { return current_has_perm(d, SECCLASS_HVM, HVM__MEM_EVENT); @@ -1298,11 +1184,6 @@ static int flask_mem_event_op(struct dom return current_has_perm(d, SECCLASS_HVM, HVM__MEM_EVENT); } -static int flask_mem_sharing(struct domain *d) -{ - return current_has_perm(d, SECCLASS_HVM, HVM__MEM_SHARING); -} - static int flask_mem_sharing_op(struct domain *d, struct domain *cd, int op) { int rc = current_has_perm(cd, SECCLASS_HVM, HVM__MEM_SHARING); @@ -1490,11 +1371,6 @@ static int flask_remove_from_physmap(str return domain_has_perm(d1, d2, SECCLASS_MMU, MMU__PHYSMAP); } -static int flask_sendtrigger(struct domain *d) -{ - return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__TRIGGER); -} - static int flask_get_device_group(uint32_t machine_bdf) { u32 rsid; @@ -1588,78 +1464,20 @@ static int flask_unbind_pt_irq (struct d { return current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__REMOVE); } - -static int flask_pin_mem_cacheattr (struct domain *d) -{ - return current_has_perm(d, SECCLASS_HVM, HVM__CACHEATTR); -} - -static int flask_ext_vcpucontext (struct domain *d, uint32_t cmd) -{ - u32 perm; - - switch ( cmd ) - { - case XEN_DOMCTL_set_ext_vcpucontext: - perm = DOMAIN__SETEXTVCPUCONTEXT; - break; - case XEN_DOMCTL_get_ext_vcpucontext: - perm = DOMAIN__GETEXTVCPUCONTEXT; - break; - default: - return -EPERM; - } - - return current_has_perm(d, SECCLASS_DOMAIN, perm); -} - -static int flask_vcpuextstate (struct domain *d, uint32_t cmd) -{ - u32 perm; - - switch ( cmd ) - { - case XEN_DOMCTL_setvcpuextstate: - perm = DOMAIN__SETVCPUEXTSTATE; - break; - case XEN_DOMCTL_getvcpuextstate: - perm = DOMAIN__GETVCPUEXTSTATE; - break; - default: - return -EPERM; - } - - return current_has_perm(d, SECCLASS_DOMAIN, perm); -} #endif long do_flask_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) u_flask_op); static struct xsm_operations flask_ops = { .security_domaininfo = flask_security_domaininfo, - .setvcpucontext = flask_setvcpucontext, - .pausedomain = flask_pausedomain, - .unpausedomain = flask_unpausedomain, - .resumedomain = flask_resumedomain, .domain_create = flask_domain_create, - .max_vcpus = flask_max_vcpus, - .destroydomain = flask_destroydomain, - .vcpuaffinity = flask_vcpuaffinity, - .scheduler = flask_scheduler, .getdomaininfo = flask_getdomaininfo, - .getvcpucontext = flask_getvcpucontext, - .getvcpuinfo = flask_getvcpuinfo, - .domain_settime = flask_domain_settime, .set_target = flask_set_target, .domctl = flask_domctl, .sysctl = flask_sysctl, - .set_virq_handler = flask_set_virq_handler, .tbufcontrol = flask_tbufcontrol, .readconsole = flask_readconsole, .sched_id = flask_sched_id, - .setdomainmaxmem = flask_setdomainmaxmem, - .setdomainhandle = flask_setdomainhandle, - .setdebugging = flask_setdebugging, .perfcontrol = flask_perfcontrol, .debug_keys = flask_debug_keys, .getcpuinfo = flask_getcpuinfo, @@ -1729,21 +1547,13 @@ static struct xsm_operations flask_ops = #ifdef CONFIG_X86 .shadow_control = flask_shadow_control, - .getpageframeinfo = flask_getpageframeinfo, - .getmemlist = flask_getmemlist, - .hypercall_init = flask_hypercall_init, - .hvmcontext = flask_hvmcontext, - .address_size = flask_address_size, - .machine_address_size = flask_machine_address_size, .hvm_param = flask_hvm_param, .hvm_set_pci_intx_level = flask_hvm_set_pci_intx_level, .hvm_set_isa_irq_level = flask_hvm_set_isa_irq_level, .hvm_set_pci_link_route = flask_hvm_set_pci_link_route, .hvm_inject_msi = flask_hvm_inject_msi, - .mem_event_setup = flask_mem_event_setup, .mem_event_control = flask_mem_event_control, .mem_event_op = flask_mem_event_op, - .mem_sharing = flask_mem_sharing, .mem_sharing_op = flask_mem_sharing_op, .apic = flask_apic, .xen_settime = flask_xen_settime, @@ -1764,16 +1574,12 @@ static struct xsm_operations flask_ops = .update_va_mapping = flask_update_va_mapping, .add_to_physmap = flask_add_to_physmap, .remove_from_physmap = flask_remove_from_physmap, - .sendtrigger = flask_sendtrigger, .get_device_group = flask_get_device_group, .test_assign_device = flask_test_assign_device, .assign_device = flask_assign_device, .deassign_device = flask_deassign_device, .bind_pt_irq = flask_bind_pt_irq, .unbind_pt_irq = flask_unbind_pt_irq, - .pin_mem_cacheattr = flask_pin_mem_cacheattr, - .ext_vcpucontext = flask_ext_vcpucontext, - .vcpuextstate = flask_vcpuextstate, .ioport_permission = flask_ioport_permission, .ioport_mapping = flask_ioport_mapping, #endif _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:23 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:23 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGL-0007LH-AT; Wed, 16 Jan 2013 08:22:21 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGK-0007KR-FL for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:20 +0000 Received: from [85.158.143.99:61316] by server-2.bemta-4.messagelabs.com id 96/8C-24322-B3366F05; Wed, 16 Jan 2013 08:22:19 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-4.tower-216.messagelabs.com!1358324535!22850525!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 9341 invoked from network); 16 Jan 2013 08:22:16 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-4.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:16 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGE-0003rR-TT for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:14 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGE-0000ae-SF for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:14 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:14 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen: domctl XSM hook removal X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357900911 0 # Node ID 6672ac1415b1a94f5287d9a34ac4cd9e8e9d536a # Parent 50418c161c75d0f8439f686ad2813dcfdcc16e5a xen: domctl XSM hook removal A number of the domctl XSM hooks do nothing except pass the domain and operation ID, making them redundant with the xsm_domctl hook. Remove these redundant hooks. The remaining domctls all use individual hooks because they pass extra details of the call to the XSM module in order to allow a more fine-grained access decision to be made - for example, considering the exact device or memory range being set up for guest access. Signed-off-by: Daniel De Graaf Committed-by: Keir Fraser --- diff -r 50418c161c75 -r 6672ac1415b1 xen/arch/x86/domctl.c --- a/xen/arch/x86/domctl.c Fri Jan 11 10:40:58 2013 +0000 +++ b/xen/arch/x86/domctl.c Fri Jan 11 10:41:51 2013 +0000 @@ -97,10 +97,6 @@ long arch_do_domctl( page = mfn_to_page(mfn); - ret = xsm_getpageframeinfo(d); - if ( ret ) - break; - if ( likely(get_page(page, d)) ) { ret = 0; @@ -141,10 +137,6 @@ long arch_do_domctl( struct page_info *page; xen_pfn_t *arr; - ret = xsm_getpageframeinfo(d); - if ( ret ) - break; - if ( unlikely(num > 1024) || unlikely(num != domctl->u.getpageframeinfo3.num) ) { @@ -239,10 +231,6 @@ long arch_do_domctl( int num = domctl->u.getpageframeinfo2.num; uint32_t *arr32; - ret = xsm_getpageframeinfo(d); - if ( ret ) - break; - if ( unlikely(num > 1024) ) { ret = -E2BIG; @@ -334,10 +322,6 @@ long arch_do_domctl( uint64_t mfn; struct page_info *page; - ret = xsm_getmemlist(d); - if ( ret ) - break; - if ( unlikely(d->is_dying) ) { ret = -EINVAL; break; @@ -373,10 +357,6 @@ long arch_do_domctl( struct page_info *page; void *hypercall_page; - ret = xsm_hypercall_init(d); - if ( ret ) - break; - page = get_page_from_gfn(d, gmfn, NULL, P2M_ALLOC); ret = -EACCES; @@ -401,10 +381,6 @@ long arch_do_domctl( { struct hvm_domain_context c = { .size = domctl->u.hvmcontext.size }; - ret = xsm_hvmcontext(d, domctl->cmd); - if ( ret ) - goto sethvmcontext_out; - ret = -EINVAL; if ( !is_hvm_domain(d) ) goto sethvmcontext_out; @@ -431,10 +407,6 @@ long arch_do_domctl( { struct hvm_domain_context c = { 0 }; - ret = xsm_hvmcontext(d, domctl->cmd); - if ( ret ) - goto gethvmcontext_out; - ret = -EINVAL; if ( !is_hvm_domain(d) ) goto gethvmcontext_out; @@ -477,10 +449,6 @@ long arch_do_domctl( case XEN_DOMCTL_gethvmcontext_partial: { - ret = xsm_hvmcontext(d, domctl->cmd); - if ( ret ) - break; - ret = -EINVAL; if ( !is_hvm_domain(d) ) break; @@ -496,10 +464,6 @@ long arch_do_domctl( case XEN_DOMCTL_set_address_size: { - ret = xsm_address_size(d, domctl->cmd); - if ( ret ) - break; - switch ( domctl->u.address_size.size ) { case 32: @@ -517,10 +481,6 @@ long arch_do_domctl( case XEN_DOMCTL_get_address_size: { - ret = xsm_address_size(d, domctl->cmd); - if ( ret ) - break; - domctl->u.address_size.size = is_pv_32on64_domain(d) ? 32 : BITS_PER_LONG; @@ -531,10 +491,6 @@ long arch_do_domctl( case XEN_DOMCTL_set_machine_address_size: { - ret = xsm_machine_address_size(d, domctl->cmd); - if ( ret ) - break; - ret = -EBUSY; if ( d->tot_pages > 0 ) break; @@ -547,10 +503,6 @@ long arch_do_domctl( case XEN_DOMCTL_get_machine_address_size: { - ret = xsm_machine_address_size(d, domctl->cmd); - if ( ret ) - break; - domctl->u.address_size.size = d->arch.physaddr_bitsize; ret = 0; @@ -562,10 +514,6 @@ long arch_do_domctl( { struct vcpu *v; - ret = xsm_sendtrigger(d); - if ( ret ) - break; - ret = -EINVAL; if ( domctl->u.sendtrigger.vcpu >= MAX_VIRT_CPUS ) break; @@ -832,10 +780,6 @@ long arch_do_domctl( case XEN_DOMCTL_pin_mem_cacheattr: { - ret = xsm_pin_mem_cacheattr(d); - if ( ret ) - break; - ret = hvm_set_mem_pinned_cacheattr( d, domctl->u.pin_mem_cacheattr.start, domctl->u.pin_mem_cacheattr.end, @@ -851,10 +795,6 @@ long arch_do_domctl( evc = &domctl->u.ext_vcpucontext; - ret = xsm_ext_vcpucontext(d, domctl->cmd); - if ( ret ) - break; - ret = -ESRCH; if ( (evc->vcpu >= d->max_vcpus) || ((v = d->vcpu[evc->vcpu]) == NULL) ) @@ -1118,10 +1058,6 @@ long arch_do_domctl( evc = &domctl->u.vcpuextstate; - ret = xsm_vcpuextstate(d, domctl->cmd); - if ( ret ) - goto vcpuextstate_out; - ret = -ESRCH; if ( (evc->vcpu >= d->max_vcpus) || ((v = d->vcpu[evc->vcpu]) == NULL) ) @@ -1231,9 +1167,7 @@ long arch_do_domctl( case XEN_DOMCTL_mem_sharing_op: { - ret = xsm_mem_sharing(d); - if ( !ret ) - ret = mem_sharing_domctl(d, &domctl->u.mem_sharing_op); + ret = mem_sharing_domctl(d, &domctl->u.mem_sharing_op); } break; @@ -1263,11 +1197,9 @@ long arch_do_domctl( if ( current->domain == d ) break; - ret = xsm_mem_event_setup(d); - if ( !ret ) { - p2m = p2m_get_hostp2m(d); - p2m->access_required = domctl->u.access_required.access_required; - } + ret = 0; + p2m = p2m_get_hostp2m(d); + p2m->access_required = domctl->u.access_required.access_required; } break; diff -r 50418c161c75 -r 6672ac1415b1 xen/common/domctl.c --- a/xen/common/domctl.c Fri Jan 11 10:40:58 2013 +0000 +++ b/xen/common/domctl.c Fri Jan 11 10:41:51 2013 +0000 @@ -290,10 +290,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe if ( d == NULL ) break; - ret = xsm_setvcpucontext(d); - if ( ret ) - goto svc_out; - ret = -EINVAL; if ( (d == current->domain) || /* no domain_pause() */ (vcpu >= d->max_vcpus) || ((v = d->vcpu[vcpu]) == NULL) ) @@ -340,10 +336,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe case XEN_DOMCTL_pausedomain: { - ret = xsm_pausedomain(d); - if ( ret ) - break; - ret = -EINVAL; if ( d != current->domain ) { @@ -355,10 +347,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe case XEN_DOMCTL_unpausedomain: { - ret = xsm_unpausedomain(d); - if ( ret ) - break; - domain_unpause_by_systemcontroller(d); ret = 0; } @@ -366,10 +354,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe case XEN_DOMCTL_resumedomain: { - ret = xsm_resumedomain(d); - if ( ret ) - break; - domain_resume(d); ret = 0; } @@ -452,10 +436,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe (is_hvm_domain(d) && (max > MAX_HVM_VCPUS)) ) break; - ret = xsm_max_vcpus(d); - if ( ret ) - break; - /* Until Xenoprof can dynamically grow its vcpu-s array... */ if ( d->xenoprof ) { @@ -538,7 +518,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe case XEN_DOMCTL_destroydomain: { - ret = xsm_destroydomain(d) ? : domain_kill(d); + ret = domain_kill(d); } break; @@ -547,10 +527,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe { struct vcpu *v; - ret = xsm_vcpuaffinity(op->cmd, d); - if ( ret ) - break; - ret = -EINVAL; if ( op->u.vcpuaffinity.vcpu >= d->max_vcpus ) break; @@ -581,10 +557,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe case XEN_DOMCTL_scheduler_op: { - ret = xsm_scheduler(d); - if ( ret ) - break; - ret = sched_adjust(d, &op->u.scheduler_op); copyback = 1; } @@ -627,10 +599,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe vcpu_guest_context_u c = { .nat = NULL }; struct vcpu *v; - ret = xsm_getvcpucontext(d); - if ( ret ) - goto getvcpucontext_out; - ret = -EINVAL; if ( op->u.vcpucontext.vcpu >= d->max_vcpus ) goto getvcpucontext_out; @@ -684,10 +652,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe struct vcpu *v; struct vcpu_runstate_info runstate; - ret = xsm_getvcpuinfo(d); - if ( ret ) - break; - ret = -EINVAL; if ( op->u.getvcpuinfo.vcpu >= d->max_vcpus ) break; @@ -712,10 +676,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe { unsigned long new_max; - ret = xsm_setdomainmaxmem(d); - if ( ret ) - break; - ret = -EINVAL; new_max = op->u.max_mem.max_memkb >> (PAGE_SHIFT-10); @@ -733,10 +693,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe case XEN_DOMCTL_setdomainhandle: { - ret = xsm_setdomainhandle(d); - if ( ret ) - break; - memcpy(d->handle, op->u.setdomainhandle.handle, sizeof(xen_domain_handle_t)); ret = 0; @@ -749,10 +705,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe if ( d == current->domain ) /* no domain_pause() */ break; - ret = xsm_setdebugging(d); - if ( ret ) - break; - domain_pause(d); d->debugger_attached = !!op->u.setdebugging.enable; domain_unpause(d); /* causes guest to latch new status */ @@ -797,10 +749,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe case XEN_DOMCTL_settimeoffset: { - ret = xsm_domain_settime(d); - if ( ret ) - break; - domain_set_time_offset(d, op->u.settimeoffset.time_offset_seconds); ret = 0; } @@ -850,10 +798,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe case XEN_DOMCTL_set_virq_handler: { uint32_t virq = op->u.set_virq_handler.virq; - - ret = xsm_set_virq_handler(d, virq); - if ( !ret ) - ret = set_global_virq_handler(d, virq); + ret = set_global_virq_handler(d, virq); } break; diff -r 50418c161c75 -r 6672ac1415b1 xen/include/xsm/dummy.h --- a/xen/include/xsm/dummy.h Fri Jan 11 10:40:58 2013 +0000 +++ b/xen/include/xsm/dummy.h Fri Jan 11 10:41:51 2013 +0000 @@ -17,71 +17,16 @@ static XSM_INLINE void xsm_security_doma return; } -static XSM_INLINE int xsm_setvcpucontext(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_pausedomain(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_unpausedomain(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_resumedomain(struct domain *d) -{ - return 0; -} - static XSM_INLINE int xsm_domain_create(struct domain *d, u32 ssidref) { return 0; } -static XSM_INLINE int xsm_max_vcpus(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_destroydomain(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_vcpuaffinity(int cmd, struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_scheduler(struct domain *d) -{ - return 0; -} - static XSM_INLINE int xsm_getdomaininfo(struct domain *d) { return 0; } -static XSM_INLINE int xsm_getvcpucontext(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_getvcpuinfo(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_domain_settime(struct domain *d) -{ - return 0; -} - static XSM_INLINE int xsm_set_target(struct domain *d, struct domain *e) { return 0; @@ -113,11 +58,6 @@ static XSM_INLINE int xsm_sysctl(int cmd return 0; } -static XSM_INLINE int xsm_set_virq_handler(struct domain *d, uint32_t virq) -{ - return 0; -} - static XSM_INLINE int xsm_tbufcontrol(void) { return 0; @@ -133,21 +73,6 @@ static XSM_INLINE int xsm_sched_id(void) return 0; } -static XSM_INLINE int xsm_setdomainmaxmem(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_setdomainhandle(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_setdebugging(struct domain *d) -{ - return 0; -} - static XSM_INLINE int xsm_perfcontrol(void) { return 0; @@ -493,36 +418,6 @@ static XSM_INLINE int xsm_shadow_control return 0; } -static XSM_INLINE int xsm_getpageframeinfo(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_getmemlist(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_hypercall_init(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_hvmcontext(struct domain *d, uint32_t cmd) -{ - return 0; -} - -static XSM_INLINE int xsm_address_size(struct domain *d, uint32_t cmd) -{ - return 0; -} - -static XSM_INLINE int xsm_machine_address_size(struct domain *d, uint32_t cmd) -{ - return 0; -} - static XSM_INLINE int xsm_hvm_param(struct domain *d, unsigned long op) { if ( current->domain != d && !IS_PRIV_FOR(current->domain, d) ) @@ -558,11 +453,6 @@ static XSM_INLINE int xsm_hvm_inject_msi return 0; } -static XSM_INLINE int xsm_mem_event_setup(struct domain *d) -{ - return 0; -} - static XSM_INLINE int xsm_mem_event_control(struct domain *d, int mode, int op) { if ( !IS_PRIV(current->domain) ) @@ -577,11 +467,6 @@ static XSM_INLINE int xsm_mem_event_op(s return 0; } -static XSM_INLINE int xsm_mem_sharing(struct domain *d) -{ - return 0; -} - static XSM_INLINE int xsm_mem_sharing_op(struct domain *d, struct domain *cd, int op) { if ( !IS_PRIV_FOR(current->domain, cd) ) @@ -708,11 +593,6 @@ static XSM_INLINE int xsm_remove_from_ph return 0; } -static XSM_INLINE int xsm_sendtrigger(struct domain *d) -{ - return 0; -} - static XSM_INLINE int xsm_bind_pt_irq(struct domain *d, struct xen_domctl_bind_pt_irq *bind) { return 0; @@ -723,21 +603,6 @@ static XSM_INLINE int xsm_unbind_pt_irq( return 0; } -static XSM_INLINE int xsm_pin_mem_cacheattr(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_ext_vcpucontext(struct domain *d, uint32_t cmd) -{ - return 0; -} - -static XSM_INLINE int xsm_vcpuextstate(struct domain *d, uint32_t cmd) -{ - return 0; -} - static XSM_INLINE int xsm_ioport_permission(struct domain *d, uint32_t s, uint32_t e, uint8_t allow) { return 0; diff -r 50418c161c75 -r 6672ac1415b1 xen/include/xsm/xsm.h --- a/xen/include/xsm/xsm.h Fri Jan 11 10:40:58 2013 +0000 +++ b/xen/include/xsm/xsm.h Fri Jan 11 10:41:51 2013 +0000 @@ -41,29 +41,14 @@ extern xsm_initcall_t __xsm_initcall_sta struct xsm_operations { void (*security_domaininfo) (struct domain *d, struct xen_domctl_getdomaininfo *info); - int (*setvcpucontext) (struct domain *d); - int (*pausedomain) (struct domain *d); - int (*unpausedomain) (struct domain *d); - int (*resumedomain) (struct domain *d); int (*domain_create) (struct domain *d, u32 ssidref); - int (*max_vcpus) (struct domain *d); - int (*destroydomain) (struct domain *d); - int (*vcpuaffinity) (int cmd, struct domain *d); - int (*scheduler) (struct domain *d); int (*getdomaininfo) (struct domain *d); - int (*getvcpucontext) (struct domain *d); - int (*getvcpuinfo) (struct domain *d); - int (*domain_settime) (struct domain *d); int (*set_target) (struct domain *d, struct domain *e); int (*domctl) (struct domain *d, int cmd); int (*sysctl) (int cmd); - int (*set_virq_handler) (struct domain *d, uint32_t virq); int (*tbufcontrol) (void); int (*readconsole) (uint32_t clear); int (*sched_id) (void); - int (*setdomainmaxmem) (struct domain *d); - int (*setdomainhandle) (struct domain *d); - int (*setdebugging) (struct domain *d); int (*perfcontrol) (void); int (*debug_keys) (void); int (*getcpuinfo) (void); @@ -139,21 +124,13 @@ struct xsm_operations { #ifdef CONFIG_X86 int (*shadow_control) (struct domain *d, uint32_t op); - int (*getpageframeinfo) (struct domain *d); - int (*getmemlist) (struct domain *d); - int (*hypercall_init) (struct domain *d); - int (*hvmcontext) (struct domain *d, uint32_t op); - int (*address_size) (struct domain *d, uint32_t op); - int (*machine_address_size) (struct domain *d, uint32_t op); int (*hvm_param) (struct domain *d, unsigned long op); int (*hvm_set_pci_intx_level) (struct domain *d); int (*hvm_set_isa_irq_level) (struct domain *d); int (*hvm_set_pci_link_route) (struct domain *d); int (*hvm_inject_msi) (struct domain *d); - int (*mem_event_setup) (struct domain *d); int (*mem_event_control) (struct domain *d, int mode, int op); int (*mem_event_op) (struct domain *d, int op); - int (*mem_sharing) (struct domain *d); int (*mem_sharing_op) (struct domain *d, struct domain *cd, int op); int (*apic) (struct domain *d, int cmd); int (*xen_settime) (void); @@ -178,12 +155,8 @@ struct xsm_operations { int (*mmuext_op) (struct domain *d, struct domain *f); int (*update_va_mapping) (struct domain *d, struct domain *f, l1_pgentry_t pte); int (*add_to_physmap) (struct domain *d1, struct domain *d2); - int (*sendtrigger) (struct domain *d); int (*bind_pt_irq) (struct domain *d, struct xen_domctl_bind_pt_irq *bind); int (*unbind_pt_irq) (struct domain *d, struct xen_domctl_bind_pt_irq *bind); - int (*pin_mem_cacheattr) (struct domain *d); - int (*ext_vcpucontext) (struct domain *d, uint32_t cmd); - int (*vcpuextstate) (struct domain *d, uint32_t cmd); int (*ioport_permission) (struct domain *d, uint32_t s, uint32_t e, uint8_t allow); int (*ioport_mapping) (struct domain *d, uint32_t s, uint32_t e, uint8_t allow); #endif @@ -201,71 +174,16 @@ static inline void xsm_security_domainin xsm_ops->security_domaininfo(d, info); } -static inline int xsm_setvcpucontext(struct domain *d) -{ - return xsm_ops->setvcpucontext(d); -} - -static inline int xsm_pausedomain (struct domain *d) -{ - return xsm_ops->pausedomain(d); -} - -static inline int xsm_unpausedomain (struct domain *d) -{ - return xsm_ops->unpausedomain(d); -} - -static inline int xsm_resumedomain (struct domain *d) -{ - return xsm_ops->resumedomain(d); -} - static inline int xsm_domain_create (struct domain *d, u32 ssidref) { return xsm_ops->domain_create(d, ssidref); } -static inline int xsm_max_vcpus(struct domain *d) -{ - return xsm_ops->max_vcpus(d); -} - -static inline int xsm_destroydomain (struct domain *d) -{ - return xsm_ops->destroydomain(d); -} - -static inline int xsm_vcpuaffinity (int cmd, struct domain *d) -{ - return xsm_ops->vcpuaffinity(cmd, d); -} - -static inline int xsm_scheduler (struct domain *d) -{ - return xsm_ops->scheduler(d); -} - static inline int xsm_getdomaininfo (struct domain *d) { return xsm_ops->getdomaininfo(d); } -static inline int xsm_getvcpucontext (struct domain *d) -{ - return xsm_ops->getvcpucontext(d); -} - -static inline int xsm_getvcpuinfo (struct domain *d) -{ - return xsm_ops->getvcpuinfo(d); -} - -static inline int xsm_domain_settime (struct domain *d) -{ - return xsm_ops->domain_settime(d); -} - static inline int xsm_set_target (struct domain *d, struct domain *e) { return xsm_ops->set_target(d, e); @@ -281,11 +199,6 @@ static inline int xsm_sysctl (int cmd) return xsm_ops->sysctl(cmd); } -static inline int xsm_set_virq_handler (struct domain *d, uint32_t virq) -{ - return xsm_ops->set_virq_handler(d, virq); -} - static inline int xsm_tbufcontrol (void) { return xsm_ops->tbufcontrol(); @@ -301,21 +214,6 @@ static inline int xsm_sched_id (void) return xsm_ops->sched_id(); } -static inline int xsm_setdomainmaxmem (struct domain *d) -{ - return xsm_ops->setdomainmaxmem(d); -} - -static inline int xsm_setdomainhandle (struct domain *d) -{ - return xsm_ops->setdomainhandle(d); -} - -static inline int xsm_setdebugging (struct domain *d) -{ - return xsm_ops->setdebugging(d); -} - static inline int xsm_perfcontrol (void) { return xsm_ops->perfcontrol(); @@ -623,36 +521,6 @@ static inline int xsm_shadow_control (st return xsm_ops->shadow_control(d, op); } -static inline int xsm_getpageframeinfo (struct domain *d) -{ - return xsm_ops->getpageframeinfo(d); -} - -static inline int xsm_getmemlist (struct domain *d) -{ - return xsm_ops->getmemlist(d); -} - -static inline int xsm_hypercall_init (struct domain *d) -{ - return xsm_ops->hypercall_init(d); -} - -static inline int xsm_hvmcontext (struct domain *d, uint32_t cmd) -{ - return xsm_ops->hvmcontext(d, cmd); -} - -static inline int xsm_address_size (struct domain *d, uint32_t cmd) -{ - return xsm_ops->address_size(d, cmd); -} - -static inline int xsm_machine_address_size (struct domain *d, uint32_t cmd) -{ - return xsm_ops->machine_address_size(d, cmd); -} - static inline int xsm_hvm_param (struct domain *d, unsigned long op) { return xsm_ops->hvm_param(d, op); @@ -678,11 +546,6 @@ static inline int xsm_hvm_inject_msi (st return xsm_ops->hvm_inject_msi(d); } -static inline int xsm_mem_event_setup (struct domain *d) -{ - return xsm_ops->mem_event_setup(d); -} - static inline int xsm_mem_event_control (struct domain *d, int mode, int op) { return xsm_ops->mem_event_control(d, mode, op); @@ -693,11 +556,6 @@ static inline int xsm_mem_event_op (stru return xsm_ops->mem_event_op(d, op); } -static inline int xsm_mem_sharing (struct domain *d) -{ - return xsm_ops->mem_sharing(d); -} - static inline int xsm_mem_sharing_op (struct domain *d, struct domain *cd, int op) { return xsm_ops->mem_sharing_op(d, cd, op); @@ -795,11 +653,6 @@ static inline int xsm_add_to_physmap(str return xsm_ops->add_to_physmap(d1, d2); } -static inline int xsm_sendtrigger(struct domain *d) -{ - return xsm_ops->sendtrigger(d); -} - static inline int xsm_bind_pt_irq(struct domain *d, struct xen_domctl_bind_pt_irq *bind) { @@ -812,20 +665,6 @@ static inline int xsm_unbind_pt_irq(stru return xsm_ops->unbind_pt_irq(d, bind); } -static inline int xsm_pin_mem_cacheattr(struct domain *d) -{ - return xsm_ops->pin_mem_cacheattr(d); -} - -static inline int xsm_ext_vcpucontext(struct domain *d, uint32_t cmd) -{ - return xsm_ops->ext_vcpucontext(d, cmd); -} -static inline int xsm_vcpuextstate(struct domain *d, uint32_t cmd) -{ - return xsm_ops->vcpuextstate(d, cmd); -} - static inline int xsm_ioport_permission (struct domain *d, uint32_t s, uint32_t e, uint8_t allow) { return xsm_ops->ioport_permission(d, s, e, allow); diff -r 50418c161c75 -r 6672ac1415b1 xen/xsm/dummy.c --- a/xen/xsm/dummy.c Fri Jan 11 10:40:58 2013 +0000 +++ b/xen/xsm/dummy.c Fri Jan 11 10:41:51 2013 +0000 @@ -30,29 +30,14 @@ struct xsm_operations dummy_xsm_ops; void xsm_fixup_ops (struct xsm_operations *ops) { set_to_dummy_if_null(ops, security_domaininfo); - set_to_dummy_if_null(ops, setvcpucontext); - set_to_dummy_if_null(ops, pausedomain); - set_to_dummy_if_null(ops, unpausedomain); - set_to_dummy_if_null(ops, resumedomain); set_to_dummy_if_null(ops, domain_create); - set_to_dummy_if_null(ops, max_vcpus); - set_to_dummy_if_null(ops, destroydomain); - set_to_dummy_if_null(ops, vcpuaffinity); - set_to_dummy_if_null(ops, scheduler); set_to_dummy_if_null(ops, getdomaininfo); - set_to_dummy_if_null(ops, getvcpucontext); - set_to_dummy_if_null(ops, getvcpuinfo); - set_to_dummy_if_null(ops, domain_settime); set_to_dummy_if_null(ops, set_target); set_to_dummy_if_null(ops, domctl); set_to_dummy_if_null(ops, sysctl); - set_to_dummy_if_null(ops, set_virq_handler); set_to_dummy_if_null(ops, tbufcontrol); set_to_dummy_if_null(ops, readconsole); set_to_dummy_if_null(ops, sched_id); - set_to_dummy_if_null(ops, setdomainmaxmem); - set_to_dummy_if_null(ops, setdomainhandle); - set_to_dummy_if_null(ops, setdebugging); set_to_dummy_if_null(ops, perfcontrol); set_to_dummy_if_null(ops, debug_keys); set_to_dummy_if_null(ops, getcpuinfo); @@ -126,21 +111,13 @@ void xsm_fixup_ops (struct xsm_operation #ifdef CONFIG_X86 set_to_dummy_if_null(ops, shadow_control); - set_to_dummy_if_null(ops, getpageframeinfo); - set_to_dummy_if_null(ops, getmemlist); - set_to_dummy_if_null(ops, hypercall_init); - set_to_dummy_if_null(ops, hvmcontext); - set_to_dummy_if_null(ops, address_size); - set_to_dummy_if_null(ops, machine_address_size); set_to_dummy_if_null(ops, hvm_param); set_to_dummy_if_null(ops, hvm_set_pci_intx_level); set_to_dummy_if_null(ops, hvm_set_isa_irq_level); set_to_dummy_if_null(ops, hvm_set_pci_link_route); set_to_dummy_if_null(ops, hvm_inject_msi); - set_to_dummy_if_null(ops, mem_event_setup); set_to_dummy_if_null(ops, mem_event_control); set_to_dummy_if_null(ops, mem_event_op); - set_to_dummy_if_null(ops, mem_sharing); set_to_dummy_if_null(ops, mem_sharing_op); set_to_dummy_if_null(ops, apic); set_to_dummy_if_null(ops, xen_settime); @@ -161,12 +138,8 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, update_va_mapping); set_to_dummy_if_null(ops, add_to_physmap); set_to_dummy_if_null(ops, remove_from_physmap); - set_to_dummy_if_null(ops, sendtrigger); set_to_dummy_if_null(ops, bind_pt_irq); set_to_dummy_if_null(ops, unbind_pt_irq); - set_to_dummy_if_null(ops, pin_mem_cacheattr); - set_to_dummy_if_null(ops, ext_vcpucontext); - set_to_dummy_if_null(ops, vcpuextstate); set_to_dummy_if_null(ops, ioport_permission); set_to_dummy_if_null(ops, ioport_mapping); #endif diff -r 50418c161c75 -r 6672ac1415b1 xen/xsm/flask/hooks.c --- a/xen/xsm/flask/hooks.c Fri Jan 11 10:40:58 2013 +0000 +++ b/xen/xsm/flask/hooks.c Fri Jan 11 10:41:51 2013 +0000 @@ -484,26 +484,6 @@ static void flask_security_domaininfo(st info->ssidref = domain_sid(d); } -static int flask_setvcpucontext(struct domain *d) -{ - return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETVCPUCONTEXT); -} - -static int flask_pausedomain(struct domain *d) -{ - return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__PAUSE); -} - -static int flask_unpausedomain(struct domain *d) -{ - return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__UNPAUSE); -} - -static int flask_resumedomain(struct domain *d) -{ - return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__RESUME); -} - static int flask_domain_create(struct domain *d, u32 ssidref) { int rc; @@ -532,66 +512,11 @@ static int flask_domain_create(struct do return rc; } -static int flask_max_vcpus(struct domain *d) -{ - return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__MAX_VCPUS); -} - -static int flask_destroydomain(struct domain *d) -{ - return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__DESTROY); -} - -static int flask_vcpuaffinity(int cmd, struct domain *d) -{ - u32 perm; - - switch ( cmd ) - { - case XEN_DOMCTL_setvcpuaffinity: - perm = DOMAIN__SETVCPUAFFINITY; - break; - case XEN_DOMCTL_getvcpuaffinity: - perm = DOMAIN__GETVCPUAFFINITY; - break; - default: - return -EPERM; - } - - return current_has_perm(d, SECCLASS_DOMAIN, perm ); -} - -static int flask_scheduler(struct domain *d) -{ - int rc = 0; - - rc = domain_has_xen(current->domain, XEN__SCHEDULER); - if ( rc ) - return rc; - - return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SCHEDULER); -} - static int flask_getdomaininfo(struct domain *d) { return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETDOMAININFO); } -static int flask_getvcpucontext(struct domain *d) -{ - return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETVCPUCONTEXT); -} - -static int flask_getvcpuinfo(struct domain *d) -{ - return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETVCPUINFO); -} - -static int flask_domain_settime(struct domain *d) -{ - return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETTIME); -} - static int flask_set_target(struct domain *d, struct domain *t) { int rc; @@ -622,55 +547,19 @@ static int flask_domctl(struct domain *d { /* These have individual XSM hooks (common/domctl.c) */ case XEN_DOMCTL_createdomain: - case XEN_DOMCTL_destroydomain: - case XEN_DOMCTL_pausedomain: - case XEN_DOMCTL_unpausedomain: case XEN_DOMCTL_getdomaininfo: - case XEN_DOMCTL_setvcpuaffinity: - case XEN_DOMCTL_max_mem: - case XEN_DOMCTL_setvcpucontext: - case XEN_DOMCTL_getvcpucontext: - case XEN_DOMCTL_getvcpuinfo: - case XEN_DOMCTL_max_vcpus: - case XEN_DOMCTL_scheduler_op: - case XEN_DOMCTL_setdomainhandle: - case XEN_DOMCTL_setdebugging: case XEN_DOMCTL_irq_permission: case XEN_DOMCTL_iomem_permission: - case XEN_DOMCTL_settimeoffset: - case XEN_DOMCTL_getvcpuaffinity: - case XEN_DOMCTL_resumedomain: case XEN_DOMCTL_set_target: - case XEN_DOMCTL_set_virq_handler: #ifdef CONFIG_X86 /* These have individual XSM hooks (arch/x86/domctl.c) */ case XEN_DOMCTL_shadow_op: case XEN_DOMCTL_ioport_permission: - case XEN_DOMCTL_getpageframeinfo: - case XEN_DOMCTL_getpageframeinfo2: - case XEN_DOMCTL_getpageframeinfo3: - case XEN_DOMCTL_getmemlist: - case XEN_DOMCTL_hypercall_init: - case XEN_DOMCTL_sethvmcontext: - case XEN_DOMCTL_gethvmcontext: - case XEN_DOMCTL_gethvmcontext_partial: - case XEN_DOMCTL_set_address_size: - case XEN_DOMCTL_get_address_size: - case XEN_DOMCTL_set_machine_address_size: - case XEN_DOMCTL_get_machine_address_size: - case XEN_DOMCTL_sendtrigger: case XEN_DOMCTL_bind_pt_irq: case XEN_DOMCTL_unbind_pt_irq: case XEN_DOMCTL_memory_mapping: case XEN_DOMCTL_ioport_mapping: - case XEN_DOMCTL_pin_mem_cacheattr: - case XEN_DOMCTL_set_ext_vcpucontext: - case XEN_DOMCTL_get_ext_vcpucontext: - case XEN_DOMCTL_setvcpuextstate: - case XEN_DOMCTL_getvcpuextstate: case XEN_DOMCTL_mem_event_op: - case XEN_DOMCTL_mem_sharing_op: - case XEN_DOMCTL_set_access_required: /* These have individual XSM hooks (drivers/passthrough/iommu.c) */ case XEN_DOMCTL_get_device_group: case XEN_DOMCTL_test_assign_device: @@ -679,6 +568,101 @@ static int flask_domctl(struct domain *d #endif return 0; + case XEN_DOMCTL_destroydomain: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__DESTROY); + + case XEN_DOMCTL_pausedomain: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__PAUSE); + + case XEN_DOMCTL_unpausedomain: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__UNPAUSE); + + case XEN_DOMCTL_setvcpuaffinity: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETVCPUAFFINITY); + + case XEN_DOMCTL_getvcpuaffinity: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETVCPUAFFINITY); + + case XEN_DOMCTL_resumedomain: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__RESUME); + + case XEN_DOMCTL_scheduler_op: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SCHEDULER); + + case XEN_DOMCTL_max_vcpus: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__MAX_VCPUS); + + case XEN_DOMCTL_max_mem: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETDOMAINMAXMEM); + + case XEN_DOMCTL_setdomainhandle: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETDOMAINHANDLE); + + case XEN_DOMCTL_setvcpucontext: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETVCPUCONTEXT); + + case XEN_DOMCTL_getvcpucontext: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETVCPUCONTEXT); + + case XEN_DOMCTL_getvcpuinfo: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETVCPUINFO); + + case XEN_DOMCTL_settimeoffset: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETTIME); + + case XEN_DOMCTL_setdebugging: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETDEBUGGING); + + case XEN_DOMCTL_getpageframeinfo: + case XEN_DOMCTL_getpageframeinfo2: + case XEN_DOMCTL_getpageframeinfo3: + return current_has_perm(d, SECCLASS_MMU, MMU__PAGEINFO); + + case XEN_DOMCTL_getmemlist: + return current_has_perm(d, SECCLASS_MMU, MMU__PAGELIST); + + case XEN_DOMCTL_hypercall_init: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__HYPERCALL); + + case XEN_DOMCTL_sethvmcontext: + return current_has_perm(d, SECCLASS_HVM, HVM__SETHVMC); + + case XEN_DOMCTL_gethvmcontext: + case XEN_DOMCTL_gethvmcontext_partial: + return current_has_perm(d, SECCLASS_HVM, HVM__GETHVMC); + + case XEN_DOMCTL_set_address_size: + case XEN_DOMCTL_set_machine_address_size: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETADDRSIZE); + + case XEN_DOMCTL_get_address_size: + case XEN_DOMCTL_get_machine_address_size: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETADDRSIZE); + + case XEN_DOMCTL_mem_sharing_op: + return current_has_perm(d, SECCLASS_HVM, HVM__MEM_SHARING); + + case XEN_DOMCTL_pin_mem_cacheattr: + return current_has_perm(d, SECCLASS_HVM, HVM__CACHEATTR); + + case XEN_DOMCTL_set_ext_vcpucontext: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETEXTVCPUCONTEXT); + + case XEN_DOMCTL_get_ext_vcpucontext: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETEXTVCPUCONTEXT); + + case XEN_DOMCTL_setvcpuextstate: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETVCPUEXTSTATE); + + case XEN_DOMCTL_getvcpuextstate: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETVCPUEXTSTATE); + + case XEN_DOMCTL_sendtrigger: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__TRIGGER); + + case XEN_DOMCTL_set_access_required: + return current_has_perm(d, SECCLASS_HVM, HVM__MEM_EVENT); + case XEN_DOMCTL_debug_op: case XEN_DOMCTL_gdbsx_guestmemio: case XEN_DOMCTL_gdbsx_pausevcpu: @@ -691,6 +675,9 @@ static int flask_domctl(struct domain *d case XEN_DOMCTL_suppress_spurious_page_faults: return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SET_MISC_INFO); + case XEN_DOMCTL_set_virq_handler: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SET_VIRQ_HANDLER); + case XEN_DOMCTL_set_cpuid: return current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__SET_CPUID); @@ -741,11 +728,6 @@ static int flask_sysctl(int cmd) } } -static int flask_set_virq_handler(struct domain *d, uint32_t virq) -{ - return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SET_VIRQ_HANDLER); -} - static int flask_tbufcontrol(void) { return domain_has_xen(current->domain, XEN__TBUFCONTROL); @@ -766,21 +748,6 @@ static int flask_sched_id(void) return domain_has_xen(current->domain, XEN__SCHEDULER); } -static int flask_setdomainmaxmem(struct domain *d) -{ - return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETDOMAINMAXMEM); -} - -static int flask_setdomainhandle(struct domain *d) -{ - return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETDOMAINHANDLE); -} - -static int flask_setdebugging(struct domain *d) -{ - return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETDEBUGGING); -} - static int flask_debug_keys(void) { return domain_has_xen(current->domain, XEN__DEBUG); @@ -1165,82 +1132,6 @@ static int flask_ioport_mapping(struct d return flask_ioport_permission(d, start, end, access); } -static int flask_getpageframeinfo(struct domain *d) -{ - return current_has_perm(d, SECCLASS_MMU, MMU__PAGEINFO); -} - -static int flask_getmemlist(struct domain *d) -{ - return current_has_perm(d, SECCLASS_MMU, MMU__PAGELIST); -} - -static int flask_hypercall_init(struct domain *d) -{ - return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__HYPERCALL); -} - -static int flask_hvmcontext(struct domain *d, uint32_t cmd) -{ - u32 perm; - - switch ( cmd ) - { - case XEN_DOMCTL_sethvmcontext: - perm = HVM__SETHVMC; - break; - case XEN_DOMCTL_gethvmcontext: - case XEN_DOMCTL_gethvmcontext_partial: - perm = HVM__GETHVMC; - break; - case HVMOP_track_dirty_vram: - perm = HVM__TRACKDIRTYVRAM; - break; - default: - return -EPERM; - } - - return current_has_perm(d, SECCLASS_HVM, perm); -} - -static int flask_address_size(struct domain *d, uint32_t cmd) -{ - u32 perm; - - switch ( cmd ) - { - case XEN_DOMCTL_set_address_size: - perm = DOMAIN__SETADDRSIZE; - break; - case XEN_DOMCTL_get_address_size: - perm = DOMAIN__GETADDRSIZE; - break; - default: - return -EPERM; - } - - return current_has_perm(d, SECCLASS_DOMAIN, perm); -} - -static int flask_machine_address_size(struct domain *d, uint32_t cmd) -{ - u32 perm; - - switch ( cmd ) - { - case XEN_DOMCTL_set_machine_address_size: - perm = DOMAIN__SETADDRSIZE; - break; - case XEN_DOMCTL_get_machine_address_size: - perm = DOMAIN__GETADDRSIZE; - break; - default: - return -EPERM; - } - - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, perm); -} - static int flask_hvm_param(struct domain *d, unsigned long op) { u32 perm; @@ -1283,11 +1174,6 @@ static int flask_hvm_inject_msi(struct d return current_has_perm(d, SECCLASS_HVM, HVM__SEND_IRQ); } -static int flask_mem_event_setup(struct domain *d) -{ - return current_has_perm(d, SECCLASS_HVM, HVM__MEM_EVENT); -} - static int flask_mem_event_control(struct domain *d, int mode, int op) { return current_has_perm(d, SECCLASS_HVM, HVM__MEM_EVENT); @@ -1298,11 +1184,6 @@ static int flask_mem_event_op(struct dom return current_has_perm(d, SECCLASS_HVM, HVM__MEM_EVENT); } -static int flask_mem_sharing(struct domain *d) -{ - return current_has_perm(d, SECCLASS_HVM, HVM__MEM_SHARING); -} - static int flask_mem_sharing_op(struct domain *d, struct domain *cd, int op) { int rc = current_has_perm(cd, SECCLASS_HVM, HVM__MEM_SHARING); @@ -1490,11 +1371,6 @@ static int flask_remove_from_physmap(str return domain_has_perm(d1, d2, SECCLASS_MMU, MMU__PHYSMAP); } -static int flask_sendtrigger(struct domain *d) -{ - return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__TRIGGER); -} - static int flask_get_device_group(uint32_t machine_bdf) { u32 rsid; @@ -1588,78 +1464,20 @@ static int flask_unbind_pt_irq (struct d { return current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__REMOVE); } - -static int flask_pin_mem_cacheattr (struct domain *d) -{ - return current_has_perm(d, SECCLASS_HVM, HVM__CACHEATTR); -} - -static int flask_ext_vcpucontext (struct domain *d, uint32_t cmd) -{ - u32 perm; - - switch ( cmd ) - { - case XEN_DOMCTL_set_ext_vcpucontext: - perm = DOMAIN__SETEXTVCPUCONTEXT; - break; - case XEN_DOMCTL_get_ext_vcpucontext: - perm = DOMAIN__GETEXTVCPUCONTEXT; - break; - default: - return -EPERM; - } - - return current_has_perm(d, SECCLASS_DOMAIN, perm); -} - -static int flask_vcpuextstate (struct domain *d, uint32_t cmd) -{ - u32 perm; - - switch ( cmd ) - { - case XEN_DOMCTL_setvcpuextstate: - perm = DOMAIN__SETVCPUEXTSTATE; - break; - case XEN_DOMCTL_getvcpuextstate: - perm = DOMAIN__GETVCPUEXTSTATE; - break; - default: - return -EPERM; - } - - return current_has_perm(d, SECCLASS_DOMAIN, perm); -} #endif long do_flask_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) u_flask_op); static struct xsm_operations flask_ops = { .security_domaininfo = flask_security_domaininfo, - .setvcpucontext = flask_setvcpucontext, - .pausedomain = flask_pausedomain, - .unpausedomain = flask_unpausedomain, - .resumedomain = flask_resumedomain, .domain_create = flask_domain_create, - .max_vcpus = flask_max_vcpus, - .destroydomain = flask_destroydomain, - .vcpuaffinity = flask_vcpuaffinity, - .scheduler = flask_scheduler, .getdomaininfo = flask_getdomaininfo, - .getvcpucontext = flask_getvcpucontext, - .getvcpuinfo = flask_getvcpuinfo, - .domain_settime = flask_domain_settime, .set_target = flask_set_target, .domctl = flask_domctl, .sysctl = flask_sysctl, - .set_virq_handler = flask_set_virq_handler, .tbufcontrol = flask_tbufcontrol, .readconsole = flask_readconsole, .sched_id = flask_sched_id, - .setdomainmaxmem = flask_setdomainmaxmem, - .setdomainhandle = flask_setdomainhandle, - .setdebugging = flask_setdebugging, .perfcontrol = flask_perfcontrol, .debug_keys = flask_debug_keys, .getcpuinfo = flask_getcpuinfo, @@ -1729,21 +1547,13 @@ static struct xsm_operations flask_ops = #ifdef CONFIG_X86 .shadow_control = flask_shadow_control, - .getpageframeinfo = flask_getpageframeinfo, - .getmemlist = flask_getmemlist, - .hypercall_init = flask_hypercall_init, - .hvmcontext = flask_hvmcontext, - .address_size = flask_address_size, - .machine_address_size = flask_machine_address_size, .hvm_param = flask_hvm_param, .hvm_set_pci_intx_level = flask_hvm_set_pci_intx_level, .hvm_set_isa_irq_level = flask_hvm_set_isa_irq_level, .hvm_set_pci_link_route = flask_hvm_set_pci_link_route, .hvm_inject_msi = flask_hvm_inject_msi, - .mem_event_setup = flask_mem_event_setup, .mem_event_control = flask_mem_event_control, .mem_event_op = flask_mem_event_op, - .mem_sharing = flask_mem_sharing, .mem_sharing_op = flask_mem_sharing_op, .apic = flask_apic, .xen_settime = flask_xen_settime, @@ -1764,16 +1574,12 @@ static struct xsm_operations flask_ops = .update_va_mapping = flask_update_va_mapping, .add_to_physmap = flask_add_to_physmap, .remove_from_physmap = flask_remove_from_physmap, - .sendtrigger = flask_sendtrigger, .get_device_group = flask_get_device_group, .test_assign_device = flask_test_assign_device, .assign_device = flask_assign_device, .deassign_device = flask_deassign_device, .bind_pt_irq = flask_bind_pt_irq, .unbind_pt_irq = flask_unbind_pt_irq, - .pin_mem_cacheattr = flask_pin_mem_cacheattr, - .ext_vcpucontext = flask_ext_vcpucontext, - .vcpuextstate = flask_vcpuextstate, .ioport_permission = flask_ioport_permission, .ioport_mapping = flask_ioport_mapping, #endif _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:23 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:23 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGL-0007L5-1z; Wed, 16 Jan 2013 08:22:21 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGI-0007JU-QA for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:18 +0000 Received: from [85.158.143.99:32310] by server-3.bemta-4.messagelabs.com id 16/DE-19220-A3366F05; Wed, 16 Jan 2013 08:22:18 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-4.tower-216.messagelabs.com!1358324532!22850513!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=2.5 required=7.0 tests=BODY_RANDOM_LONG,LONGWORDS X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 9263 invoked from network); 16 Jan 2013 08:22:13 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-4.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:13 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGC-0003rC-A7 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:12 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGC-0000ZR-57 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:12 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:11 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xsm/flask: add missing hooks X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357900667 0 # Node ID 5df501c84253e655838d3fc9a0dcd75a24ae9f25 # Parent f59daf1718864ff87caff2edf3809a437e6ec1b4 xsm/flask: add missing hooks The FLASK module was missing implementations of some hooks and did not have access vectors defined for 10 domctls; define these now. Signed-off-by: Daniel De Graaf Committed-by: Keir Fraser --- diff -r f59daf171886 -r 5df501c84253 tools/flask/policy/policy/modules/xen/xen.if --- a/tools/flask/policy/policy/modules/xen/xen.if Fri Jan 11 10:37:10 2013 +0000 +++ b/tools/flask/policy/policy/modules/xen/xen.if Fri Jan 11 10:37:47 2013 +0000 @@ -29,6 +29,7 @@ define(`create_domain_common', ` getdomaininfo hypercall setvcpucontext setextvcpucontext scheduler getvcpuinfo getvcpuextstate getaddrsize getvcpuaffinity setvcpuaffinity }; + allow $1 $2:domain2 { set_cpuid settsc }; allow $1 $2:security check_context; allow $1 $2:shadow enable; allow $1 $2:mmu {map_read map_write adjust memorymap physmap pinpage}; @@ -67,6 +68,7 @@ define(`migrate_domain_out', ` allow $1 $2:hvm { gethvmc getparam irqlevel }; allow $1 $2:mmu { stat pageinfo map_read }; allow $1 $2:domain { getaddrsize getvcpucontext getextvcpucontext getvcpuextstate pause destroy }; + allow $1 $2:domain2 gettsc; ') ################################################################################ @@ -112,7 +114,7 @@ define(`device_model', ` domain_comms($1, $2) allow $1 $2:domain { set_target shutdown }; allow $1 $2:mmu { map_read map_write adjust physmap }; - allow $1 $2:hvm { getparam setparam trackdirtyvram hvmctl irqlevel pciroute }; + allow $1 $2:hvm { getparam setparam trackdirtyvram hvmctl irqlevel pciroute cacheattr send_irq }; ') ################################################################################ # diff -r f59daf171886 -r 5df501c84253 xen/xsm/flask/hooks.c --- a/xen/xsm/flask/hooks.c Fri Jan 11 10:37:10 2013 +0000 +++ b/xen/xsm/flask/hooks.c Fri Jan 11 10:37:47 2013 +0000 @@ -650,25 +650,32 @@ static int flask_domctl(struct domain *d #endif return 0; + case XEN_DOMCTL_debug_op: + case XEN_DOMCTL_gdbsx_guestmemio: + case XEN_DOMCTL_gdbsx_pausevcpu: + case XEN_DOMCTL_gdbsx_unpausevcpu: + case XEN_DOMCTL_gdbsx_domstatus: + return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, + DOMAIN__SETDEBUGGING); + case XEN_DOMCTL_subscribe: case XEN_DOMCTL_disable_migrate: + case XEN_DOMCTL_suppress_spurious_page_faults: return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__SET_MISC_INFO); case XEN_DOMCTL_set_cpuid: - case XEN_DOMCTL_suppress_spurious_page_faults: - case XEN_DOMCTL_debug_op: + return domain_has_perm(current->domain, d, SECCLASS_DOMAIN2, DOMAIN2__SET_CPUID); + case XEN_DOMCTL_gettscinfo: + return domain_has_perm(current->domain, d, SECCLASS_DOMAIN2, DOMAIN2__GETTSC); + case XEN_DOMCTL_settscinfo: + return domain_has_perm(current->domain, d, SECCLASS_DOMAIN2, DOMAIN2__SETTSC); + case XEN_DOMCTL_audit_p2m: - case XEN_DOMCTL_gdbsx_guestmemio: - case XEN_DOMCTL_gdbsx_pausevcpu: - case XEN_DOMCTL_gdbsx_unpausevcpu: - case XEN_DOMCTL_gdbsx_domstatus: - /* TODO add per-subfunction hooks */ - if ( !IS_PRIV(current->domain) ) - return -EPERM; - return 0; + return domain_has_perm(current->domain, d, SECCLASS_HVM, HVM__AUDIT_P2M); + default: printk("flask_domctl: Unknown op %d\n", cmd); return -EPERM; @@ -922,6 +929,11 @@ static int flask_iomem_permission(struct return security_iterate_iomem_sids(start, end, _iomem_has_perm, &data); } +static int flask_iomem_mapping(struct domain *d, uint64_t start, uint64_t end, uint8_t access) +{ + return flask_iomem_permission(d, start, end, access); +} + static int flask_pci_config_permission(struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access) { u32 rsid; @@ -1129,7 +1141,6 @@ static int _ioport_has_perm(void *v, u32 return avc_has_perm(data->tsec->sid, sid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); } - static int flask_ioport_permission(struct domain *d, uint32_t start, uint32_t end, uint8_t access) { int rc; @@ -1152,6 +1163,11 @@ static int flask_ioport_permission(struc return security_iterate_ioport_sids(start, end, _ioport_has_perm, &data); } +static int flask_ioport_mapping(struct domain *d, uint32_t start, uint32_t end, uint8_t access) +{ + return flask_ioport_permission(d, start, end, access); +} + static int flask_getpageframeinfo(struct domain *d) { return domain_has_perm(current->domain, d, SECCLASS_MMU, MMU__PAGEINFO); @@ -1210,6 +1226,25 @@ static int flask_address_size(struct dom return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, perm); } +static int flask_machine_address_size(struct domain *d, uint32_t cmd) +{ + u32 perm; + + switch ( cmd ) + { + case XEN_DOMCTL_set_machine_address_size: + perm = DOMAIN__SETADDRSIZE; + break; + case XEN_DOMCTL_get_machine_address_size: + perm = DOMAIN__GETADDRSIZE; + break; + default: + return -EPERM; + } + + return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, perm); +} + static int flask_hvm_param(struct domain *d, unsigned long op) { u32 perm; @@ -1247,6 +1282,11 @@ static int flask_hvm_set_pci_link_route( return domain_has_perm(current->domain, d, SECCLASS_HVM, HVM__PCIROUTE); } +static int flask_hvm_inject_msi(struct domain *d) +{ + return domain_has_perm(current->domain, d, SECCLASS_HVM, HVM__SEND_IRQ); +} + static int flask_mem_event(struct domain *d) { return domain_has_perm(current->domain, d, SECCLASS_HVM, HVM__MEM_EVENT); @@ -1690,6 +1730,7 @@ static struct xsm_operations flask_ops = .unmap_domain_pirq = flask_unmap_domain_pirq, .irq_permission = flask_irq_permission, .iomem_permission = flask_iomem_permission, + .iomem_mapping = flask_iomem_mapping, .pci_config_permission = flask_pci_config_permission, .resource_plug_core = flask_resource_plug_core, @@ -1714,10 +1755,12 @@ static struct xsm_operations flask_ops = .hypercall_init = flask_hypercall_init, .hvmcontext = flask_hvmcontext, .address_size = flask_address_size, + .machine_address_size = flask_machine_address_size, .hvm_param = flask_hvm_param, .hvm_set_pci_intx_level = flask_hvm_set_pci_intx_level, .hvm_set_isa_irq_level = flask_hvm_set_isa_irq_level, .hvm_set_pci_link_route = flask_hvm_set_pci_link_route, + .hvm_inject_msi = flask_hvm_inject_msi, .mem_event = flask_mem_event, .mem_sharing = flask_mem_sharing, .apic = flask_apic, @@ -1750,6 +1793,7 @@ static struct xsm_operations flask_ops = .ext_vcpucontext = flask_ext_vcpucontext, .vcpuextstate = flask_vcpuextstate, .ioport_permission = flask_ioport_permission, + .ioport_mapping = flask_ioport_mapping, #endif }; diff -r f59daf171886 -r 5df501c84253 xen/xsm/flask/policy/access_vectors --- a/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:37:10 2013 +0000 +++ b/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:37:47 2013 +0000 @@ -80,6 +80,9 @@ class domain2 relabelself make_priv_for set_as_target + set_cpuid + gettsc + settsc } class hvm @@ -97,6 +100,8 @@ class hvm hvmctl mem_event mem_sharing + audit_p2m + send_irq } class event _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:23 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:23 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGL-0007L5-1z; Wed, 16 Jan 2013 08:22:21 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGI-0007JU-QA for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:18 +0000 Received: from [85.158.143.99:32310] by server-3.bemta-4.messagelabs.com id 16/DE-19220-A3366F05; Wed, 16 Jan 2013 08:22:18 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-4.tower-216.messagelabs.com!1358324532!22850513!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=2.5 required=7.0 tests=BODY_RANDOM_LONG,LONGWORDS X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 9263 invoked from network); 16 Jan 2013 08:22:13 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-4.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:13 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGC-0003rC-A7 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:12 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGC-0000ZR-57 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:12 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:11 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xsm/flask: add missing hooks X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357900667 0 # Node ID 5df501c84253e655838d3fc9a0dcd75a24ae9f25 # Parent f59daf1718864ff87caff2edf3809a437e6ec1b4 xsm/flask: add missing hooks The FLASK module was missing implementations of some hooks and did not have access vectors defined for 10 domctls; define these now. Signed-off-by: Daniel De Graaf Committed-by: Keir Fraser --- diff -r f59daf171886 -r 5df501c84253 tools/flask/policy/policy/modules/xen/xen.if --- a/tools/flask/policy/policy/modules/xen/xen.if Fri Jan 11 10:37:10 2013 +0000 +++ b/tools/flask/policy/policy/modules/xen/xen.if Fri Jan 11 10:37:47 2013 +0000 @@ -29,6 +29,7 @@ define(`create_domain_common', ` getdomaininfo hypercall setvcpucontext setextvcpucontext scheduler getvcpuinfo getvcpuextstate getaddrsize getvcpuaffinity setvcpuaffinity }; + allow $1 $2:domain2 { set_cpuid settsc }; allow $1 $2:security check_context; allow $1 $2:shadow enable; allow $1 $2:mmu {map_read map_write adjust memorymap physmap pinpage}; @@ -67,6 +68,7 @@ define(`migrate_domain_out', ` allow $1 $2:hvm { gethvmc getparam irqlevel }; allow $1 $2:mmu { stat pageinfo map_read }; allow $1 $2:domain { getaddrsize getvcpucontext getextvcpucontext getvcpuextstate pause destroy }; + allow $1 $2:domain2 gettsc; ') ################################################################################ @@ -112,7 +114,7 @@ define(`device_model', ` domain_comms($1, $2) allow $1 $2:domain { set_target shutdown }; allow $1 $2:mmu { map_read map_write adjust physmap }; - allow $1 $2:hvm { getparam setparam trackdirtyvram hvmctl irqlevel pciroute }; + allow $1 $2:hvm { getparam setparam trackdirtyvram hvmctl irqlevel pciroute cacheattr send_irq }; ') ################################################################################ # diff -r f59daf171886 -r 5df501c84253 xen/xsm/flask/hooks.c --- a/xen/xsm/flask/hooks.c Fri Jan 11 10:37:10 2013 +0000 +++ b/xen/xsm/flask/hooks.c Fri Jan 11 10:37:47 2013 +0000 @@ -650,25 +650,32 @@ static int flask_domctl(struct domain *d #endif return 0; + case XEN_DOMCTL_debug_op: + case XEN_DOMCTL_gdbsx_guestmemio: + case XEN_DOMCTL_gdbsx_pausevcpu: + case XEN_DOMCTL_gdbsx_unpausevcpu: + case XEN_DOMCTL_gdbsx_domstatus: + return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, + DOMAIN__SETDEBUGGING); + case XEN_DOMCTL_subscribe: case XEN_DOMCTL_disable_migrate: + case XEN_DOMCTL_suppress_spurious_page_faults: return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__SET_MISC_INFO); case XEN_DOMCTL_set_cpuid: - case XEN_DOMCTL_suppress_spurious_page_faults: - case XEN_DOMCTL_debug_op: + return domain_has_perm(current->domain, d, SECCLASS_DOMAIN2, DOMAIN2__SET_CPUID); + case XEN_DOMCTL_gettscinfo: + return domain_has_perm(current->domain, d, SECCLASS_DOMAIN2, DOMAIN2__GETTSC); + case XEN_DOMCTL_settscinfo: + return domain_has_perm(current->domain, d, SECCLASS_DOMAIN2, DOMAIN2__SETTSC); + case XEN_DOMCTL_audit_p2m: - case XEN_DOMCTL_gdbsx_guestmemio: - case XEN_DOMCTL_gdbsx_pausevcpu: - case XEN_DOMCTL_gdbsx_unpausevcpu: - case XEN_DOMCTL_gdbsx_domstatus: - /* TODO add per-subfunction hooks */ - if ( !IS_PRIV(current->domain) ) - return -EPERM; - return 0; + return domain_has_perm(current->domain, d, SECCLASS_HVM, HVM__AUDIT_P2M); + default: printk("flask_domctl: Unknown op %d\n", cmd); return -EPERM; @@ -922,6 +929,11 @@ static int flask_iomem_permission(struct return security_iterate_iomem_sids(start, end, _iomem_has_perm, &data); } +static int flask_iomem_mapping(struct domain *d, uint64_t start, uint64_t end, uint8_t access) +{ + return flask_iomem_permission(d, start, end, access); +} + static int flask_pci_config_permission(struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access) { u32 rsid; @@ -1129,7 +1141,6 @@ static int _ioport_has_perm(void *v, u32 return avc_has_perm(data->tsec->sid, sid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); } - static int flask_ioport_permission(struct domain *d, uint32_t start, uint32_t end, uint8_t access) { int rc; @@ -1152,6 +1163,11 @@ static int flask_ioport_permission(struc return security_iterate_ioport_sids(start, end, _ioport_has_perm, &data); } +static int flask_ioport_mapping(struct domain *d, uint32_t start, uint32_t end, uint8_t access) +{ + return flask_ioport_permission(d, start, end, access); +} + static int flask_getpageframeinfo(struct domain *d) { return domain_has_perm(current->domain, d, SECCLASS_MMU, MMU__PAGEINFO); @@ -1210,6 +1226,25 @@ static int flask_address_size(struct dom return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, perm); } +static int flask_machine_address_size(struct domain *d, uint32_t cmd) +{ + u32 perm; + + switch ( cmd ) + { + case XEN_DOMCTL_set_machine_address_size: + perm = DOMAIN__SETADDRSIZE; + break; + case XEN_DOMCTL_get_machine_address_size: + perm = DOMAIN__GETADDRSIZE; + break; + default: + return -EPERM; + } + + return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, perm); +} + static int flask_hvm_param(struct domain *d, unsigned long op) { u32 perm; @@ -1247,6 +1282,11 @@ static int flask_hvm_set_pci_link_route( return domain_has_perm(current->domain, d, SECCLASS_HVM, HVM__PCIROUTE); } +static int flask_hvm_inject_msi(struct domain *d) +{ + return domain_has_perm(current->domain, d, SECCLASS_HVM, HVM__SEND_IRQ); +} + static int flask_mem_event(struct domain *d) { return domain_has_perm(current->domain, d, SECCLASS_HVM, HVM__MEM_EVENT); @@ -1690,6 +1730,7 @@ static struct xsm_operations flask_ops = .unmap_domain_pirq = flask_unmap_domain_pirq, .irq_permission = flask_irq_permission, .iomem_permission = flask_iomem_permission, + .iomem_mapping = flask_iomem_mapping, .pci_config_permission = flask_pci_config_permission, .resource_plug_core = flask_resource_plug_core, @@ -1714,10 +1755,12 @@ static struct xsm_operations flask_ops = .hypercall_init = flask_hypercall_init, .hvmcontext = flask_hvmcontext, .address_size = flask_address_size, + .machine_address_size = flask_machine_address_size, .hvm_param = flask_hvm_param, .hvm_set_pci_intx_level = flask_hvm_set_pci_intx_level, .hvm_set_isa_irq_level = flask_hvm_set_isa_irq_level, .hvm_set_pci_link_route = flask_hvm_set_pci_link_route, + .hvm_inject_msi = flask_hvm_inject_msi, .mem_event = flask_mem_event, .mem_sharing = flask_mem_sharing, .apic = flask_apic, @@ -1750,6 +1793,7 @@ static struct xsm_operations flask_ops = .ext_vcpucontext = flask_ext_vcpucontext, .vcpuextstate = flask_vcpuextstate, .ioport_permission = flask_ioport_permission, + .ioport_mapping = flask_ioport_mapping, #endif }; diff -r f59daf171886 -r 5df501c84253 xen/xsm/flask/policy/access_vectors --- a/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:37:10 2013 +0000 +++ b/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:37:47 2013 +0000 @@ -80,6 +80,9 @@ class domain2 relabelself make_priv_for set_as_target + set_cpuid + gettsc + settsc } class hvm @@ -97,6 +100,8 @@ class hvm hvmctl mem_event mem_sharing + audit_p2m + send_irq } class event _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:23 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:23 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGL-0007LB-5s; Wed, 16 Jan 2013 08:22:21 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGK-0007KF-2o for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:20 +0000 Received: from [85.158.137.99:12159] by server-15.bemta-3.messagelabs.com id 6C/EE-18630-B3366F05; Wed, 16 Jan 2013 08:22:19 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-14.tower-217.messagelabs.com!1358324537!17113998!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 2170 invoked from network); 16 Jan 2013 08:22:18 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-14.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:18 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGH-0003rd-56 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:17 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGH-0000bc-40 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:17 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:16 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] tmem: add XSM hooks X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357901203 0 # Node ID 21f0e200f6b02bd02c4eb4aeae8ff6e84cd5b1d8 # Parent 1d94ac6cf85adbcfc5d5c1e45bc165f9a97f5634 tmem: add XSM hooks This adds a pair of XSM hooks for tmem operations: xsm_tmem_op which controls any use of tmem, and xsm_tmem_control which allows use of the TMEM_CONTROL operations. By default, all domains can use tmem while only IS_PRIV domains can use control operations. Signed-off-by: Daniel De Graaf Acked-by: Dan Magenheimer Committed-by: Keir Fraser --- diff -r 1d94ac6cf85a -r 21f0e200f6b0 tools/flask/policy/policy/modules/xen/xen.te --- a/tools/flask/policy/policy/modules/xen/xen.te Fri Jan 11 10:44:01 2013 +0000 +++ b/tools/flask/policy/policy/modules/xen/xen.te Fri Jan 11 10:46:43 2013 +0000 @@ -56,7 +56,7 @@ type device_t, resource_type; ################################################################################ allow dom0_t xen_t:xen { kexec readapic writeapic mtrr_read mtrr_add mtrr_del scheduler physinfo heap quirk readconsole writeconsole settime getcpuinfo - microcode cpupool_op sched_op pm_op }; + microcode cpupool_op sched_op pm_op tmem_control }; allow dom0_t xen_t:mmu { memorymap }; allow dom0_t security_t:security { check_context compute_av compute_create compute_member load_policy compute_relabel compute_user setenforce @@ -74,6 +74,9 @@ domain_comms(dom0_t, dom0_t) auditallow dom0_t security_t:security { load_policy setenforce setbool }; +# Allow all domains to use (unprivileged parts of) the tmem hypercall +allow domain_type xen_t:xen tmem_op; + ############################################################################### # # Domain creation diff -r 1d94ac6cf85a -r 21f0e200f6b0 xen/common/tmem.c --- a/xen/common/tmem.c Fri Jan 11 10:44:01 2013 +0000 +++ b/xen/common/tmem.c Fri Jan 11 10:46:43 2013 +0000 @@ -2644,6 +2644,9 @@ EXPORT long do_tmem_op(tmem_cli_op_t uop if ( !tmem_initialized ) return -ENODEV; + if ( !tmh_current_permitted() ) + return -EPERM; + total_tmem_ops++; if ( tmh_lock_all ) diff -r 1d94ac6cf85a -r 21f0e200f6b0 xen/include/xen/tmem_xen.h --- a/xen/include/xen/tmem_xen.h Fri Jan 11 10:44:01 2013 +0000 +++ b/xen/include/xen/tmem_xen.h Fri Jan 11 10:46:43 2013 +0000 @@ -16,6 +16,7 @@ #include /* copy_from_guest */ #include /* hash_long */ #include /* __map_domain_page */ +#include /* xsm_tmem_control */ #include #ifdef CONFIG_COMPAT #include @@ -326,9 +327,14 @@ static inline bool_t tmh_set_client_from return rc; } +static inline bool_t tmh_current_permitted(void) +{ + return !xsm_tmem_op(XSM_HOOK); +} + static inline bool_t tmh_current_is_privileged(void) { - return IS_PRIV(current->domain); + return !xsm_tmem_control(XSM_PRIV); } static inline uint8_t tmh_get_first_byte(pfp_t *pfp) diff -r 1d94ac6cf85a -r 21f0e200f6b0 xen/include/xsm/dummy.h --- a/xen/include/xsm/dummy.h Fri Jan 11 10:44:01 2013 +0000 +++ b/xen/include/xsm/dummy.h Fri Jan 11 10:46:43 2013 +0000 @@ -371,6 +371,18 @@ static XSM_INLINE int xsm_page_offline(X return xsm_default_action(action, current->domain, NULL); } +static XSM_INLINE int xsm_tmem_op(XSM_DEFAULT_VOID) +{ + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); +} + +static XSM_INLINE int xsm_tmem_control(XSM_DEFAULT_VOID) +{ + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); +} + static XSM_INLINE long xsm_do_xsm_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) { return -ENOSYS; diff -r 1d94ac6cf85a -r 21f0e200f6b0 xen/include/xsm/xsm.h --- a/xen/include/xsm/xsm.h Fri Jan 11 10:44:01 2013 +0000 +++ b/xen/include/xsm/xsm.h Fri Jan 11 10:46:43 2013 +0000 @@ -119,6 +119,8 @@ struct xsm_operations { int (*resource_setup_misc) (void); int (*page_offline)(uint32_t cmd); + int (*tmem_op)(void); + int (*tmem_control)(void); long (*do_xsm_op) (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op); @@ -441,6 +443,16 @@ static inline int xsm_page_offline(xsm_d return xsm_ops->page_offline(cmd); } +static inline int xsm_tmem_op(xsm_default_t def) +{ + return xsm_ops->tmem_op(); +} + +static inline int xsm_tmem_control(xsm_default_t def) +{ + return xsm_ops->tmem_control(); +} + static inline long xsm_do_xsm_op (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) { return xsm_ops->do_xsm_op(op); diff -r 1d94ac6cf85a -r 21f0e200f6b0 xen/xsm/dummy.c --- a/xen/xsm/dummy.c Fri Jan 11 10:44:01 2013 +0000 +++ b/xen/xsm/dummy.c Fri Jan 11 10:46:43 2013 +0000 @@ -94,6 +94,8 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, resource_setup_misc); set_to_dummy_if_null(ops, page_offline); + set_to_dummy_if_null(ops, tmem_op); + set_to_dummy_if_null(ops, tmem_control); set_to_dummy_if_null(ops, do_xsm_op); diff -r 1d94ac6cf85a -r 21f0e200f6b0 xen/xsm/flask/hooks.c --- a/xen/xsm/flask/hooks.c Fri Jan 11 10:44:01 2013 +0000 +++ b/xen/xsm/flask/hooks.c Fri Jan 11 10:46:43 2013 +0000 @@ -1017,6 +1017,16 @@ static inline int flask_page_offline(uin } } +static inline int flask_tmem_op(void) +{ + return domain_has_xen(current->domain, XEN__TMEM_OP); +} + +static inline int flask_tmem_control(void) +{ + return domain_has_xen(current->domain, XEN__TMEM_CONTROL); +} + #ifdef CONFIG_X86 static int flask_shadow_control(struct domain *d, uint32_t op) { @@ -1456,6 +1466,8 @@ static struct xsm_operations flask_ops = .resource_setup_misc = flask_resource_setup_misc, .page_offline = flask_page_offline, + .tmem_op = flask_tmem_op, + .tmem_control = flask_tmem_control, .do_xsm_op = do_flask_op, diff -r 1d94ac6cf85a -r 21f0e200f6b0 xen/xsm/flask/policy/access_vectors --- a/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:44:01 2013 +0000 +++ b/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:46:43 2013 +0000 @@ -35,6 +35,8 @@ class xen lockprof cpupool_op sched_op + tmem_op + tmem_control } class domain _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:23 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:23 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGL-0007LB-5s; Wed, 16 Jan 2013 08:22:21 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGK-0007KF-2o for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:20 +0000 Received: from [85.158.137.99:12159] by server-15.bemta-3.messagelabs.com id 6C/EE-18630-B3366F05; Wed, 16 Jan 2013 08:22:19 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-14.tower-217.messagelabs.com!1358324537!17113998!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 2170 invoked from network); 16 Jan 2013 08:22:18 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-14.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:18 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGH-0003rd-56 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:17 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGH-0000bc-40 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:17 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:16 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] tmem: add XSM hooks X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357901203 0 # Node ID 21f0e200f6b02bd02c4eb4aeae8ff6e84cd5b1d8 # Parent 1d94ac6cf85adbcfc5d5c1e45bc165f9a97f5634 tmem: add XSM hooks This adds a pair of XSM hooks for tmem operations: xsm_tmem_op which controls any use of tmem, and xsm_tmem_control which allows use of the TMEM_CONTROL operations. By default, all domains can use tmem while only IS_PRIV domains can use control operations. Signed-off-by: Daniel De Graaf Acked-by: Dan Magenheimer Committed-by: Keir Fraser --- diff -r 1d94ac6cf85a -r 21f0e200f6b0 tools/flask/policy/policy/modules/xen/xen.te --- a/tools/flask/policy/policy/modules/xen/xen.te Fri Jan 11 10:44:01 2013 +0000 +++ b/tools/flask/policy/policy/modules/xen/xen.te Fri Jan 11 10:46:43 2013 +0000 @@ -56,7 +56,7 @@ type device_t, resource_type; ################################################################################ allow dom0_t xen_t:xen { kexec readapic writeapic mtrr_read mtrr_add mtrr_del scheduler physinfo heap quirk readconsole writeconsole settime getcpuinfo - microcode cpupool_op sched_op pm_op }; + microcode cpupool_op sched_op pm_op tmem_control }; allow dom0_t xen_t:mmu { memorymap }; allow dom0_t security_t:security { check_context compute_av compute_create compute_member load_policy compute_relabel compute_user setenforce @@ -74,6 +74,9 @@ domain_comms(dom0_t, dom0_t) auditallow dom0_t security_t:security { load_policy setenforce setbool }; +# Allow all domains to use (unprivileged parts of) the tmem hypercall +allow domain_type xen_t:xen tmem_op; + ############################################################################### # # Domain creation diff -r 1d94ac6cf85a -r 21f0e200f6b0 xen/common/tmem.c --- a/xen/common/tmem.c Fri Jan 11 10:44:01 2013 +0000 +++ b/xen/common/tmem.c Fri Jan 11 10:46:43 2013 +0000 @@ -2644,6 +2644,9 @@ EXPORT long do_tmem_op(tmem_cli_op_t uop if ( !tmem_initialized ) return -ENODEV; + if ( !tmh_current_permitted() ) + return -EPERM; + total_tmem_ops++; if ( tmh_lock_all ) diff -r 1d94ac6cf85a -r 21f0e200f6b0 xen/include/xen/tmem_xen.h --- a/xen/include/xen/tmem_xen.h Fri Jan 11 10:44:01 2013 +0000 +++ b/xen/include/xen/tmem_xen.h Fri Jan 11 10:46:43 2013 +0000 @@ -16,6 +16,7 @@ #include /* copy_from_guest */ #include /* hash_long */ #include /* __map_domain_page */ +#include /* xsm_tmem_control */ #include #ifdef CONFIG_COMPAT #include @@ -326,9 +327,14 @@ static inline bool_t tmh_set_client_from return rc; } +static inline bool_t tmh_current_permitted(void) +{ + return !xsm_tmem_op(XSM_HOOK); +} + static inline bool_t tmh_current_is_privileged(void) { - return IS_PRIV(current->domain); + return !xsm_tmem_control(XSM_PRIV); } static inline uint8_t tmh_get_first_byte(pfp_t *pfp) diff -r 1d94ac6cf85a -r 21f0e200f6b0 xen/include/xsm/dummy.h --- a/xen/include/xsm/dummy.h Fri Jan 11 10:44:01 2013 +0000 +++ b/xen/include/xsm/dummy.h Fri Jan 11 10:46:43 2013 +0000 @@ -371,6 +371,18 @@ static XSM_INLINE int xsm_page_offline(X return xsm_default_action(action, current->domain, NULL); } +static XSM_INLINE int xsm_tmem_op(XSM_DEFAULT_VOID) +{ + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); +} + +static XSM_INLINE int xsm_tmem_control(XSM_DEFAULT_VOID) +{ + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); +} + static XSM_INLINE long xsm_do_xsm_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) { return -ENOSYS; diff -r 1d94ac6cf85a -r 21f0e200f6b0 xen/include/xsm/xsm.h --- a/xen/include/xsm/xsm.h Fri Jan 11 10:44:01 2013 +0000 +++ b/xen/include/xsm/xsm.h Fri Jan 11 10:46:43 2013 +0000 @@ -119,6 +119,8 @@ struct xsm_operations { int (*resource_setup_misc) (void); int (*page_offline)(uint32_t cmd); + int (*tmem_op)(void); + int (*tmem_control)(void); long (*do_xsm_op) (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op); @@ -441,6 +443,16 @@ static inline int xsm_page_offline(xsm_d return xsm_ops->page_offline(cmd); } +static inline int xsm_tmem_op(xsm_default_t def) +{ + return xsm_ops->tmem_op(); +} + +static inline int xsm_tmem_control(xsm_default_t def) +{ + return xsm_ops->tmem_control(); +} + static inline long xsm_do_xsm_op (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) { return xsm_ops->do_xsm_op(op); diff -r 1d94ac6cf85a -r 21f0e200f6b0 xen/xsm/dummy.c --- a/xen/xsm/dummy.c Fri Jan 11 10:44:01 2013 +0000 +++ b/xen/xsm/dummy.c Fri Jan 11 10:46:43 2013 +0000 @@ -94,6 +94,8 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, resource_setup_misc); set_to_dummy_if_null(ops, page_offline); + set_to_dummy_if_null(ops, tmem_op); + set_to_dummy_if_null(ops, tmem_control); set_to_dummy_if_null(ops, do_xsm_op); diff -r 1d94ac6cf85a -r 21f0e200f6b0 xen/xsm/flask/hooks.c --- a/xen/xsm/flask/hooks.c Fri Jan 11 10:44:01 2013 +0000 +++ b/xen/xsm/flask/hooks.c Fri Jan 11 10:46:43 2013 +0000 @@ -1017,6 +1017,16 @@ static inline int flask_page_offline(uin } } +static inline int flask_tmem_op(void) +{ + return domain_has_xen(current->domain, XEN__TMEM_OP); +} + +static inline int flask_tmem_control(void) +{ + return domain_has_xen(current->domain, XEN__TMEM_CONTROL); +} + #ifdef CONFIG_X86 static int flask_shadow_control(struct domain *d, uint32_t op) { @@ -1456,6 +1466,8 @@ static struct xsm_operations flask_ops = .resource_setup_misc = flask_resource_setup_misc, .page_offline = flask_page_offline, + .tmem_op = flask_tmem_op, + .tmem_control = flask_tmem_control, .do_xsm_op = do_flask_op, diff -r 1d94ac6cf85a -r 21f0e200f6b0 xen/xsm/flask/policy/access_vectors --- a/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:44:01 2013 +0000 +++ b/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:46:43 2013 +0000 @@ -35,6 +35,8 @@ class xen lockprof cpupool_op sched_op + tmem_op + tmem_control } class domain _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGN-0007O0-Cv; Wed, 16 Jan 2013 08:22:23 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGL-0007LC-Mc for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:22 +0000 Received: from [85.158.137.99:9318] by server-14.bemta-3.messagelabs.com id 6D/95-14086-C3366F05; Wed, 16 Jan 2013 08:22:20 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-16.tower-217.messagelabs.com!1358324538!17136509!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 10527 invoked from network); 16 Jan 2013 08:22:19 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-16.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:19 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGI-0003rj-5i for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:18 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGI-0000c6-4f for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:18 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:17 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xsm/flask: document the access vectors X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357901389 0 # Node ID b35e06c84bd0c3003c0c823f06472abe66122e2e # Parent 6de4ea938c443b72fa5de426f94e7c842318acd5 xsm/flask: document the access vectors This adds comments to the FLASK access_vectors file describing what operations each access vector controls and the meanings of the source and target fields in the permission check. This also makes the indentation of the file consistent; no functionality changes are made. Signed-off-by: Daniel De Graaf Committed-by: Keir Fraser --- diff -r 6de4ea938c44 -r b35e06c84bd0 xen/xsm/flask/policy/access_vectors --- a/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:49:10 2013 +0000 +++ b/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:49:49 2013 +0000 @@ -3,189 +3,440 @@ # # class class_name { permission_name ... } +# Class xen consists of dom0-only operations dealing with the hypervisor itself. +# Unless otherwise specified, the source is the domain executing the hypercall, +# and the target is the xen initial sid (type xen_t). class xen { - settime - tbufcontrol - readconsole - clearconsole - perfcontrol - mtrr_add - mtrr_del - mtrr_read - microcode - physinfo - quirk +# XENPF_settime + settime +# XEN_SYSCTL_tbuf_op + tbufcontrol +# CONSOLEIO_read, XEN_SYSCTL_readconsole + readconsole +# XEN_SYSCTL_readconsole with clear=1 + clearconsole +# XEN_SYSCTL_perfc_op + perfcontrol +# XENPF_add_memtype + mtrr_add +# XENPF_del_memtype + mtrr_del +# XENPF_read_memtype + mtrr_read +# XENPF_microcode_update + microcode +# XEN_SYSCTL_physinfo, XEN_SYSCTL_topologyinfo, XEN_SYSCTL_numainfo + physinfo +# XENPF_platform_quirk + quirk +# CONSOLEIO_write writeconsole +# PHYSDEVOP_apic_read, PHYSDEVOP_alloc_irq_vector readapic +# PHYSDEVOP_apic_write writeapic +# Most XENOPROF_* privprofile +# XENOPROF_{init,enable_virq,disable_virq,get_buffer} nonprivprofile +# kexec hypercall kexec - firmware - sleep - frequency - getidle - debug - getcpuinfo - heap - pm_op - mca_op - lockprof - cpupool_op - tmem_op - tmem_control - getscheduler - setscheduler +# XENPF_firmware_info, XENPF_efi_runtime_call + firmware +# XENPF_enter_acpi_sleep + sleep +# XENPF_change_freq + frequency +# XENPF_getidletime + getidle +# XEN_SYSCTL_debug_keys + debug +# XEN_SYSCTL_getcpuinfo, XENPF_get_cpu_version, XENPF_get_cpuinfo + getcpuinfo +# XEN_SYSCTL_availheap + heap +# XEN_SYSCTL_get_pmstat, XEN_SYSCTL_pm_op, XENPF_set_processor_pminfo, +# XENPF_core_parking + pm_op +# mca hypercall + mca_op +# XEN_SYSCTL_lockprof_op + lockprof +# XEN_SYSCTL_cpupool_op + cpupool_op +# tmem hypercall (any access) + tmem_op +# TMEM_CONTROL command of tmem hypercall + tmem_control +# XEN_SYSCTL_scheduler_op with XEN_DOMCTL_SCHEDOP_getinfo, XEN_SYSCTL_sched_id + getscheduler +# XEN_SYSCTL_scheduler_op with XEN_DOMCTL_SCHEDOP_putinfo + setscheduler } +# Classes domain and domain2 consist of operations that a domain performs on +# another domain or on itself. Unless otherwise specified, the source is the +# domain executing the hypercall, and the target is the domain being operated on +# (which may result in a _self or _target type). +# +# transitions in class domain are used to produce the _self and _target types; +# see docs/misc/xsm-flask.txt and the example XSM policy for details. class domain { - setvcpucontext - pause - unpause +# XEN_DOMCTL_setvcpucontext + setvcpucontext +# XEN_DOMCTL_pausedomain + pause +# XEN_DOMCTL_unpausedomain + unpause +# XEN_DOMCTL_resumedomain resume +# XEN_DOMCTL_createdomain create +# checked in FLASK_RELABEL_DOMAIN for any relabel operation: +# source = the old label of the domain +# target = the new label of the domain +# see also the domain2 relabel{from,to,self} permissions transition +# XEN_DOMCTL_max_vcpus max_vcpus +# XEN_DOMCTL_destroydomain destroy +# XEN_DOMCTL_setvcpuaffinity setvcpuaffinity - getvcpuaffinity - getscheduler - getdomaininfo - getvcpuinfo - getvcpucontext - setdomainmaxmem - setdomainhandle - setdebugging - hypercall +# XEN_DOMCTL_getvcpuaffinity + getvcpuaffinity +# XEN_DOMCTL_scheduler_op with XEN_DOMCTL_SCHEDOP_getinfo + getscheduler +# XEN_DOMCTL_getdomaininfo, XEN_SYSCTL_getdomaininfolist + getdomaininfo +# XEN_DOMCTL_getvcpuinfo + getvcpuinfo +# XEN_DOMCTL_getvcpucontext + getvcpucontext +# XEN_DOMCTL_max_mem + setdomainmaxmem +# XEN_DOMCTL_setdomainhandle + setdomainhandle +# XEN_DOMCTL_setdebugging + setdebugging +# XEN_DOMCTL_hypercall_init + hypercall +# XEN_DOMCTL_settimeoffset settime +# checked in XEN_DOMCTL_set_target: +# source = the new device model domain +# target = the new target domain +# see also the domain2 make_priv_for and set_as_target checks set_target +# SCHEDOP_remote_shutdown shutdown +# XEN_DOMCTL_set{,_machine}_address_size setaddrsize +# XEN_DOMCTL_get{,_machine}_address_size getaddrsize - trigger - getextvcpucontext - setextvcpucontext - getvcpuextstate - setvcpuextstate - getpodtarget - setpodtarget - set_misc_info - set_virq_handler +# XEN_DOMCTL_sendtrigger + trigger +# XEN_DOMCTL_get_ext_vcpucontext + getextvcpucontext +# XEN_DOMCTL_set_ext_vcpucontext + setextvcpucontext +# XEN_DOMCTL_getvcpuextstate + getvcpuextstate +# XEN_DOMCTL_setvcpuextstate + setvcpuextstate +# XENMEM_get_pod_target + getpodtarget +# XENMEM_set_pod_target + setpodtarget +# XEN_DOMCTL_subscribe, XEN_DOMCTL_disable_migrate, +# XEN_DOMCTL_suppress_spurious_page_faults + set_misc_info +# XEN_DOMCTL_set_virq_handler + set_virq_handler } +# This is a continuation of class domain, since only 32 permissions can be +# defined per class class domain2 { - relabelfrom - relabelto - relabelself - make_priv_for - set_as_target - set_cpuid - gettsc - settsc - setscheduler +# checked in FLASK_RELABEL_DOMAIN with non-DOMID_SELF: +# source = the domain making the hypercall +# target = the old label of the domain being relabeled + relabelfrom +# checked in FLASK_RELABEL_DOMAIN with non-DOMID_SELF: +# source = the domain making the hypercall +# target = the new label of the domain being relabeled + relabelto +# checked in FLASK_RELABEL_DOMAIN, only with DOMID_SELF: +# source = the old label of the domain +# target = the new label of the domain +# see also domain__transition + relabelself +# checked in XEN_DOMCTL_set_target: +# source = the domain making the hypercall +# target = the new device model domain + make_priv_for +# checked in XEN_DOMCTL_set_target: +# source = the domain making the hypercall +# target = the new target domain + set_as_target +# XEN_DOMCTL_set_cpuid + set_cpuid +# XEN_DOMCTL_gettscinfo + gettsc +# XEN_DOMCTL_settscinfo + settsc +# XEN_DOMCTL_scheduler_op with XEN_DOMCTL_SCHEDOP_putinfo + setscheduler } +# Similar to class domain, but primarily contains domctls related to HVM domains class hvm { +# XEN_DOMCTL_sethvmcontext sethvmc +# XEN_DOMCTL_gethvmcontext, XEN_DOMCTL_gethvmcontext_partial gethvmc +# HVMOP_set_param setparam +# HVMOP_get_param getparam +# HVMOP_set_pci_intx_level (also needs hvmctl) pcilevel +# HVMOP_set_isa_irq_level irqlevel +# HVMOP_set_pci_link_route pciroute - bind_irq - cacheattr + bind_irq +# XEN_DOMCTL_pin_mem_cacheattr + cacheattr +# HVMOP_track_dirty_vram trackdirtyvram +# HVMOP_modified_memory, HVMOP_get_mem_type, HVMOP_set_mem_type, +# HVMOP_set_mem_access, HVMOP_get_mem_access, HVMOP_pagetable_dying, +# HVMOP_inject_trap hvmctl +# XEN_DOMCTL_set_access_required mem_event +# XEN_DOMCTL_mem_sharing_op and XENMEM_sharing_op_{share,add_physmap} with: +# source = the domain making the hypercall +# target = domain whose memory is being shared mem_sharing +# XEN_DOMCTL_audit_p2m audit_p2m +# HVMOP_inject_msi send_irq +# checked in XENMEM_sharing_op_{share,add_physmap} with: +# source = domain whose memory is being shared +# target = client domain share_mem } +# Class event describes event channels. Interdomain event channels have their +# own security label which is computed using a type transition between the +# source and target domains. Each endpoint has its own label, and the +# permission checks must pass on both endpoints for an event channel to be +# established. class event { - bind - send - status - notify - create +# when creating an interdomain event channel endpoint: +# source = event channel label +# target = remote domain the event channel binds to. This may be a _self or +# _target label if the endpoints are related as such. +# This permission is checked when creating an unbound event channel and when the +# interdomain event channel is established. + bind +# EVTCHNOP_send: +# source = domain sending the event +# target = event channel label + send +# EVTCHNOP_status; same as _send + status +# + notify +# when creating an interdomain event channel endpoint: +# source = the domain creating the channel (which might not be an endpoint) +# target = event channel label + create +# EVTCHNOP_reset: +# source = domain making the hypercall +# target = domain whose event channels are being reset reset } +# Class grant describes pages shared by grant mappings. Pages use the security +# label of their owning domain. class grant { - map_read - map_write - unmap - transfer - setup +# GNTTABOP_map_grant_ref with any access + map_read +# GNTTABOP_map_grant_ref with write access + map_write +# GNTTABOP_unmap_grant_ref + unmap +# GNTTABOP_transfer + transfer +# GNTTABOP_setup_table, GNTTABOP_get_status_frames (target is commonly _self) + setup +# GNTTABOP_copy copy +# GNTTABOP_query_size, GNTTABOP_get_version query } +# Class mmu describes pages of memory not accessed using grants. Permissions +# are checked using the domain ID used to access the page - the most common case +# is a domain's own ID (the _self label). Using DOMID_IO in the map command to +# restrict the mapping to IO memory will result in the target being domio_t, and +# migration uses read-only mappings with a target of DOMID_XEN (domxen_t). class mmu { - map_read - map_write - pageinfo - pagelist +# checked when using mmu_update to map a page readably +# source = domain making the hypercall (which might not own the page table) +# target = domain whose pages are being mapped + map_read +# checked when using mmu_update to map a page writably +# source = domain making the hypercall +# target = domain whose pages are being mapped + map_write +# XEN_DOMCTL_getpageframeinfo* + pageinfo +# XEN_DOMCTL_getmemlist + pagelist +# XENMEM_{increase,decrease}_reservation, XENMEM_populate_physmap adjust +# XENMEM_{current,maximum}_reservation, XENMEM_maximum_gpfn stat +# translategp - updatemp +# mmu_update MMU_MACHPHYS_UPDATE + updatemp +# XENMEM_add_to_physmap, XENMEM_remove_from_physmap physmap +# MMUEXT_PIN_L*_TABLE pinpage +# mfnlist +# XENMEM_machine_memory_map (with target xen_t) +# XENMEM_set_memory_map (with domain target) memorymap +# checked when using mmu_update to update the page tables of another domain +# source = domain making the hypercall +# target = domain whose page tables are being modified remote_remap - mmuext_op - exchange +# the mmuext_op hypercall acting on the target domain + mmuext_op +# XENMEM_exchange: +# source = domain making the hypercall +# target = domain whose pages are being exchanged + exchange } +# control of the paging_domctl split by subop class shadow { - disable - enable +# XEN_DOMCTL_SHADOW_OP_OFF + disable +# enable, get/set allocation + enable +# enable, read, and clean log logdirty } +# Class resource is used to describe the resources used in hardware device +# passthrough. Resources include: hardware IRQs, MMIO regions, x86 I/O ports, +# and PCI devices; see docs/misc/xsm-flask.txt for how to label them. +# +# Access to the legacy PCI configuration space on x86 via port 0xCF8/CFC +# requires IS_PRIV, even with FLASK. Writes to the BARs are checked as "setup", +# while other reads/writes are "use"; the target is the PCI device whose +# configuration space is being modified. Accesses to the MMIO-based PCI express +# configuration space described by the ACPI MCFG table are controlled as MMIO +# accesses, and cannot special-case BAR writes. +# +# The {add,remove}_{irq,ioport,iomem,device} permissions use: +# source = domain making the hypercall +# target = resource's security label class resource { - add - remove - use - add_irq - remove_irq - add_ioport - remove_ioport - add_iomem - remove_iomem - stat_device - add_device - remove_device - plug - unplug - setup +# checked when adding a resource to a domain: +# source = domain making the hypercall +# target = domain which will have access to the resource + add +# checked when removing a resource from a domain: +# source = domain making the hypercall +# target = domain which will no longer have access to the resource + remove +# checked when adding a resource to a domain: +# source = domain which will have access to the resource +# target = resource's security label +# also checked when using some core Xen devices (target xen_t) + use +# PHYSDEVOP_map_pirq and ioapic writes for dom0 +# For GSI interrupts, the IRQ's label is indexed by the IRQ number +# For MSI interrupts, the label of the PCI device is used + add_irq +# PHYSDEVOP_unmap_pirq: +# This is currently only checked for GSI interrupts + remove_irq +# XEN_DOMCTL_ioport_permission, XEN_DOMCTL_ioport_mapping + add_ioport + remove_ioport +# XEN_DOMCTL_iomem_permission, XEN_DOMCTL_memory_mapping + add_iomem + remove_iomem +# XEN_DOMCTL_get_device_group, XEN_DOMCTL_test_assign_device: +# source = domain making the hypercall +# target = PCI device being queried + stat_device +# XEN_DOMCTL_assign_device + add_device +# XEN_DOMCTL_deassign_device + remove_device +# checked for PCI hot and cold-plug hypercalls, with target as the PCI device +# checked for CPU and memory hotplug with xen_t as the target + plug +# checked for PCI hot-unplug hypercalls, with target as the PCI device +# checked for CPU offlining with xen_t as the target + unplug +# checked for PHYSDEVOP_restore_msi* (target PCI device) +# checked for PHYSDEVOP_setup_gsi (target IRQ) +# checked for PHYSDEVOP_pci_mmcfg_reserved (target xen_t) + setup } +# Class security describes the FLASK security server itself; these operations +# are accessed using the xsm_op hypercall. The source is the domain invoking +# the hypercall, and the target is security_t. +# +# Any domain with access to load_policy or setenforce must be trusted, since it +# can bypass the rest of the security policy. class security { - compute_av - compute_create - compute_member - check_context - load_policy - compute_relabel - compute_user - setenforce - setbool - setsecparam - add_ocontext - del_ocontext +# use the security server to compute an access check + compute_av +# use the security server to compute a type transition + compute_create +# use the security server to compute member selection + compute_member +# sid <-> context string conversions + check_context +# allow loading a new XSM/FLASK policy + load_policy +# use the security server to compute an object relabel + compute_relabel +# use the security server to list the SIDs reachable by a given user + compute_user +# allow switching between enforcing and permissive mode + setenforce +# allow changing policy booleans + setbool +# allow changing security server configuration parmeters + setsecparam +# add ocontext label definitions for resources + add_ocontext +# remove ocontext label definitions for resources + del_ocontext } _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGN-0007O0-Cv; Wed, 16 Jan 2013 08:22:23 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGL-0007LC-Mc for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:22 +0000 Received: from [85.158.137.99:9318] by server-14.bemta-3.messagelabs.com id 6D/95-14086-C3366F05; Wed, 16 Jan 2013 08:22:20 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-16.tower-217.messagelabs.com!1358324538!17136509!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 10527 invoked from network); 16 Jan 2013 08:22:19 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-16.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:19 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGI-0003rj-5i for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:18 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGI-0000c6-4f for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:18 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:17 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xsm/flask: document the access vectors X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357901389 0 # Node ID b35e06c84bd0c3003c0c823f06472abe66122e2e # Parent 6de4ea938c443b72fa5de426f94e7c842318acd5 xsm/flask: document the access vectors This adds comments to the FLASK access_vectors file describing what operations each access vector controls and the meanings of the source and target fields in the permission check. This also makes the indentation of the file consistent; no functionality changes are made. Signed-off-by: Daniel De Graaf Committed-by: Keir Fraser --- diff -r 6de4ea938c44 -r b35e06c84bd0 xen/xsm/flask/policy/access_vectors --- a/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:49:10 2013 +0000 +++ b/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:49:49 2013 +0000 @@ -3,189 +3,440 @@ # # class class_name { permission_name ... } +# Class xen consists of dom0-only operations dealing with the hypervisor itself. +# Unless otherwise specified, the source is the domain executing the hypercall, +# and the target is the xen initial sid (type xen_t). class xen { - settime - tbufcontrol - readconsole - clearconsole - perfcontrol - mtrr_add - mtrr_del - mtrr_read - microcode - physinfo - quirk +# XENPF_settime + settime +# XEN_SYSCTL_tbuf_op + tbufcontrol +# CONSOLEIO_read, XEN_SYSCTL_readconsole + readconsole +# XEN_SYSCTL_readconsole with clear=1 + clearconsole +# XEN_SYSCTL_perfc_op + perfcontrol +# XENPF_add_memtype + mtrr_add +# XENPF_del_memtype + mtrr_del +# XENPF_read_memtype + mtrr_read +# XENPF_microcode_update + microcode +# XEN_SYSCTL_physinfo, XEN_SYSCTL_topologyinfo, XEN_SYSCTL_numainfo + physinfo +# XENPF_platform_quirk + quirk +# CONSOLEIO_write writeconsole +# PHYSDEVOP_apic_read, PHYSDEVOP_alloc_irq_vector readapic +# PHYSDEVOP_apic_write writeapic +# Most XENOPROF_* privprofile +# XENOPROF_{init,enable_virq,disable_virq,get_buffer} nonprivprofile +# kexec hypercall kexec - firmware - sleep - frequency - getidle - debug - getcpuinfo - heap - pm_op - mca_op - lockprof - cpupool_op - tmem_op - tmem_control - getscheduler - setscheduler +# XENPF_firmware_info, XENPF_efi_runtime_call + firmware +# XENPF_enter_acpi_sleep + sleep +# XENPF_change_freq + frequency +# XENPF_getidletime + getidle +# XEN_SYSCTL_debug_keys + debug +# XEN_SYSCTL_getcpuinfo, XENPF_get_cpu_version, XENPF_get_cpuinfo + getcpuinfo +# XEN_SYSCTL_availheap + heap +# XEN_SYSCTL_get_pmstat, XEN_SYSCTL_pm_op, XENPF_set_processor_pminfo, +# XENPF_core_parking + pm_op +# mca hypercall + mca_op +# XEN_SYSCTL_lockprof_op + lockprof +# XEN_SYSCTL_cpupool_op + cpupool_op +# tmem hypercall (any access) + tmem_op +# TMEM_CONTROL command of tmem hypercall + tmem_control +# XEN_SYSCTL_scheduler_op with XEN_DOMCTL_SCHEDOP_getinfo, XEN_SYSCTL_sched_id + getscheduler +# XEN_SYSCTL_scheduler_op with XEN_DOMCTL_SCHEDOP_putinfo + setscheduler } +# Classes domain and domain2 consist of operations that a domain performs on +# another domain or on itself. Unless otherwise specified, the source is the +# domain executing the hypercall, and the target is the domain being operated on +# (which may result in a _self or _target type). +# +# transitions in class domain are used to produce the _self and _target types; +# see docs/misc/xsm-flask.txt and the example XSM policy for details. class domain { - setvcpucontext - pause - unpause +# XEN_DOMCTL_setvcpucontext + setvcpucontext +# XEN_DOMCTL_pausedomain + pause +# XEN_DOMCTL_unpausedomain + unpause +# XEN_DOMCTL_resumedomain resume +# XEN_DOMCTL_createdomain create +# checked in FLASK_RELABEL_DOMAIN for any relabel operation: +# source = the old label of the domain +# target = the new label of the domain +# see also the domain2 relabel{from,to,self} permissions transition +# XEN_DOMCTL_max_vcpus max_vcpus +# XEN_DOMCTL_destroydomain destroy +# XEN_DOMCTL_setvcpuaffinity setvcpuaffinity - getvcpuaffinity - getscheduler - getdomaininfo - getvcpuinfo - getvcpucontext - setdomainmaxmem - setdomainhandle - setdebugging - hypercall +# XEN_DOMCTL_getvcpuaffinity + getvcpuaffinity +# XEN_DOMCTL_scheduler_op with XEN_DOMCTL_SCHEDOP_getinfo + getscheduler +# XEN_DOMCTL_getdomaininfo, XEN_SYSCTL_getdomaininfolist + getdomaininfo +# XEN_DOMCTL_getvcpuinfo + getvcpuinfo +# XEN_DOMCTL_getvcpucontext + getvcpucontext +# XEN_DOMCTL_max_mem + setdomainmaxmem +# XEN_DOMCTL_setdomainhandle + setdomainhandle +# XEN_DOMCTL_setdebugging + setdebugging +# XEN_DOMCTL_hypercall_init + hypercall +# XEN_DOMCTL_settimeoffset settime +# checked in XEN_DOMCTL_set_target: +# source = the new device model domain +# target = the new target domain +# see also the domain2 make_priv_for and set_as_target checks set_target +# SCHEDOP_remote_shutdown shutdown +# XEN_DOMCTL_set{,_machine}_address_size setaddrsize +# XEN_DOMCTL_get{,_machine}_address_size getaddrsize - trigger - getextvcpucontext - setextvcpucontext - getvcpuextstate - setvcpuextstate - getpodtarget - setpodtarget - set_misc_info - set_virq_handler +# XEN_DOMCTL_sendtrigger + trigger +# XEN_DOMCTL_get_ext_vcpucontext + getextvcpucontext +# XEN_DOMCTL_set_ext_vcpucontext + setextvcpucontext +# XEN_DOMCTL_getvcpuextstate + getvcpuextstate +# XEN_DOMCTL_setvcpuextstate + setvcpuextstate +# XENMEM_get_pod_target + getpodtarget +# XENMEM_set_pod_target + setpodtarget +# XEN_DOMCTL_subscribe, XEN_DOMCTL_disable_migrate, +# XEN_DOMCTL_suppress_spurious_page_faults + set_misc_info +# XEN_DOMCTL_set_virq_handler + set_virq_handler } +# This is a continuation of class domain, since only 32 permissions can be +# defined per class class domain2 { - relabelfrom - relabelto - relabelself - make_priv_for - set_as_target - set_cpuid - gettsc - settsc - setscheduler +# checked in FLASK_RELABEL_DOMAIN with non-DOMID_SELF: +# source = the domain making the hypercall +# target = the old label of the domain being relabeled + relabelfrom +# checked in FLASK_RELABEL_DOMAIN with non-DOMID_SELF: +# source = the domain making the hypercall +# target = the new label of the domain being relabeled + relabelto +# checked in FLASK_RELABEL_DOMAIN, only with DOMID_SELF: +# source = the old label of the domain +# target = the new label of the domain +# see also domain__transition + relabelself +# checked in XEN_DOMCTL_set_target: +# source = the domain making the hypercall +# target = the new device model domain + make_priv_for +# checked in XEN_DOMCTL_set_target: +# source = the domain making the hypercall +# target = the new target domain + set_as_target +# XEN_DOMCTL_set_cpuid + set_cpuid +# XEN_DOMCTL_gettscinfo + gettsc +# XEN_DOMCTL_settscinfo + settsc +# XEN_DOMCTL_scheduler_op with XEN_DOMCTL_SCHEDOP_putinfo + setscheduler } +# Similar to class domain, but primarily contains domctls related to HVM domains class hvm { +# XEN_DOMCTL_sethvmcontext sethvmc +# XEN_DOMCTL_gethvmcontext, XEN_DOMCTL_gethvmcontext_partial gethvmc +# HVMOP_set_param setparam +# HVMOP_get_param getparam +# HVMOP_set_pci_intx_level (also needs hvmctl) pcilevel +# HVMOP_set_isa_irq_level irqlevel +# HVMOP_set_pci_link_route pciroute - bind_irq - cacheattr + bind_irq +# XEN_DOMCTL_pin_mem_cacheattr + cacheattr +# HVMOP_track_dirty_vram trackdirtyvram +# HVMOP_modified_memory, HVMOP_get_mem_type, HVMOP_set_mem_type, +# HVMOP_set_mem_access, HVMOP_get_mem_access, HVMOP_pagetable_dying, +# HVMOP_inject_trap hvmctl +# XEN_DOMCTL_set_access_required mem_event +# XEN_DOMCTL_mem_sharing_op and XENMEM_sharing_op_{share,add_physmap} with: +# source = the domain making the hypercall +# target = domain whose memory is being shared mem_sharing +# XEN_DOMCTL_audit_p2m audit_p2m +# HVMOP_inject_msi send_irq +# checked in XENMEM_sharing_op_{share,add_physmap} with: +# source = domain whose memory is being shared +# target = client domain share_mem } +# Class event describes event channels. Interdomain event channels have their +# own security label which is computed using a type transition between the +# source and target domains. Each endpoint has its own label, and the +# permission checks must pass on both endpoints for an event channel to be +# established. class event { - bind - send - status - notify - create +# when creating an interdomain event channel endpoint: +# source = event channel label +# target = remote domain the event channel binds to. This may be a _self or +# _target label if the endpoints are related as such. +# This permission is checked when creating an unbound event channel and when the +# interdomain event channel is established. + bind +# EVTCHNOP_send: +# source = domain sending the event +# target = event channel label + send +# EVTCHNOP_status; same as _send + status +# + notify +# when creating an interdomain event channel endpoint: +# source = the domain creating the channel (which might not be an endpoint) +# target = event channel label + create +# EVTCHNOP_reset: +# source = domain making the hypercall +# target = domain whose event channels are being reset reset } +# Class grant describes pages shared by grant mappings. Pages use the security +# label of their owning domain. class grant { - map_read - map_write - unmap - transfer - setup +# GNTTABOP_map_grant_ref with any access + map_read +# GNTTABOP_map_grant_ref with write access + map_write +# GNTTABOP_unmap_grant_ref + unmap +# GNTTABOP_transfer + transfer +# GNTTABOP_setup_table, GNTTABOP_get_status_frames (target is commonly _self) + setup +# GNTTABOP_copy copy +# GNTTABOP_query_size, GNTTABOP_get_version query } +# Class mmu describes pages of memory not accessed using grants. Permissions +# are checked using the domain ID used to access the page - the most common case +# is a domain's own ID (the _self label). Using DOMID_IO in the map command to +# restrict the mapping to IO memory will result in the target being domio_t, and +# migration uses read-only mappings with a target of DOMID_XEN (domxen_t). class mmu { - map_read - map_write - pageinfo - pagelist +# checked when using mmu_update to map a page readably +# source = domain making the hypercall (which might not own the page table) +# target = domain whose pages are being mapped + map_read +# checked when using mmu_update to map a page writably +# source = domain making the hypercall +# target = domain whose pages are being mapped + map_write +# XEN_DOMCTL_getpageframeinfo* + pageinfo +# XEN_DOMCTL_getmemlist + pagelist +# XENMEM_{increase,decrease}_reservation, XENMEM_populate_physmap adjust +# XENMEM_{current,maximum}_reservation, XENMEM_maximum_gpfn stat +# translategp - updatemp +# mmu_update MMU_MACHPHYS_UPDATE + updatemp +# XENMEM_add_to_physmap, XENMEM_remove_from_physmap physmap +# MMUEXT_PIN_L*_TABLE pinpage +# mfnlist +# XENMEM_machine_memory_map (with target xen_t) +# XENMEM_set_memory_map (with domain target) memorymap +# checked when using mmu_update to update the page tables of another domain +# source = domain making the hypercall +# target = domain whose page tables are being modified remote_remap - mmuext_op - exchange +# the mmuext_op hypercall acting on the target domain + mmuext_op +# XENMEM_exchange: +# source = domain making the hypercall +# target = domain whose pages are being exchanged + exchange } +# control of the paging_domctl split by subop class shadow { - disable - enable +# XEN_DOMCTL_SHADOW_OP_OFF + disable +# enable, get/set allocation + enable +# enable, read, and clean log logdirty } +# Class resource is used to describe the resources used in hardware device +# passthrough. Resources include: hardware IRQs, MMIO regions, x86 I/O ports, +# and PCI devices; see docs/misc/xsm-flask.txt for how to label them. +# +# Access to the legacy PCI configuration space on x86 via port 0xCF8/CFC +# requires IS_PRIV, even with FLASK. Writes to the BARs are checked as "setup", +# while other reads/writes are "use"; the target is the PCI device whose +# configuration space is being modified. Accesses to the MMIO-based PCI express +# configuration space described by the ACPI MCFG table are controlled as MMIO +# accesses, and cannot special-case BAR writes. +# +# The {add,remove}_{irq,ioport,iomem,device} permissions use: +# source = domain making the hypercall +# target = resource's security label class resource { - add - remove - use - add_irq - remove_irq - add_ioport - remove_ioport - add_iomem - remove_iomem - stat_device - add_device - remove_device - plug - unplug - setup +# checked when adding a resource to a domain: +# source = domain making the hypercall +# target = domain which will have access to the resource + add +# checked when removing a resource from a domain: +# source = domain making the hypercall +# target = domain which will no longer have access to the resource + remove +# checked when adding a resource to a domain: +# source = domain which will have access to the resource +# target = resource's security label +# also checked when using some core Xen devices (target xen_t) + use +# PHYSDEVOP_map_pirq and ioapic writes for dom0 +# For GSI interrupts, the IRQ's label is indexed by the IRQ number +# For MSI interrupts, the label of the PCI device is used + add_irq +# PHYSDEVOP_unmap_pirq: +# This is currently only checked for GSI interrupts + remove_irq +# XEN_DOMCTL_ioport_permission, XEN_DOMCTL_ioport_mapping + add_ioport + remove_ioport +# XEN_DOMCTL_iomem_permission, XEN_DOMCTL_memory_mapping + add_iomem + remove_iomem +# XEN_DOMCTL_get_device_group, XEN_DOMCTL_test_assign_device: +# source = domain making the hypercall +# target = PCI device being queried + stat_device +# XEN_DOMCTL_assign_device + add_device +# XEN_DOMCTL_deassign_device + remove_device +# checked for PCI hot and cold-plug hypercalls, with target as the PCI device +# checked for CPU and memory hotplug with xen_t as the target + plug +# checked for PCI hot-unplug hypercalls, with target as the PCI device +# checked for CPU offlining with xen_t as the target + unplug +# checked for PHYSDEVOP_restore_msi* (target PCI device) +# checked for PHYSDEVOP_setup_gsi (target IRQ) +# checked for PHYSDEVOP_pci_mmcfg_reserved (target xen_t) + setup } +# Class security describes the FLASK security server itself; these operations +# are accessed using the xsm_op hypercall. The source is the domain invoking +# the hypercall, and the target is security_t. +# +# Any domain with access to load_policy or setenforce must be trusted, since it +# can bypass the rest of the security policy. class security { - compute_av - compute_create - compute_member - check_context - load_policy - compute_relabel - compute_user - setenforce - setbool - setsecparam - add_ocontext - del_ocontext +# use the security server to compute an access check + compute_av +# use the security server to compute a type transition + compute_create +# use the security server to compute member selection + compute_member +# sid <-> context string conversions + check_context +# allow loading a new XSM/FLASK policy + load_policy +# use the security server to compute an object relabel + compute_relabel +# use the security server to list the SIDs reachable by a given user + compute_user +# allow switching between enforcing and permissive mode + setenforce +# allow changing policy booleans + setbool +# allow changing security server configuration parmeters + setsecparam +# add ocontext label definitions for resources + add_ocontext +# remove ocontext label definitions for resources + del_ocontext } _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGN-0007Nj-57; Wed, 16 Jan 2013 08:22:23 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGL-0007JU-JV for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:21 +0000 Received: from [85.158.143.99:61443] by server-3.bemta-4.messagelabs.com id 5A/EE-19220-D3366F05; Wed, 16 Jan 2013 08:22:21 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-9.tower-216.messagelabs.com!1358324532!28148805!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 7028 invoked from network); 16 Jan 2013 08:22:14 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-9.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:14 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGB-0003r9-Mt for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:11 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGB-0000ZC-Lq for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:11 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:11 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xsm/flask: Add checks on the domain performing the set_target operation X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357900630 0 # Node ID f59daf1718864ff87caff2edf3809a437e6ec1b4 # Parent e391d7de856c629fb19625d68e888d618b5a374d xsm/flask: Add checks on the domain performing the set_target operation The existing domain__set_target check only verifies that the source and target domains can be associated. We also need to check that the privileged domain making this association is allowed to do so. Signed-off-by: Daniel De Graaf Committed-by: Keir Fraser --- diff -r e391d7de856c -r f59daf171886 xen/xsm/flask/hooks.c --- a/xen/xsm/flask/hooks.c Fri Jan 11 10:36:06 2013 +0000 +++ b/xen/xsm/flask/hooks.c Fri Jan 11 10:37:10 2013 +0000 @@ -577,6 +577,13 @@ static int flask_domain_settime(struct d static int flask_set_target(struct domain *d, struct domain *e) { + int rc; + rc = domain_has_perm(current->domain, d, SECCLASS_DOMAIN2, DOMAIN2__MAKE_PRIV_FOR); + if ( rc ) + return rc; + rc = domain_has_perm(current->domain, e, SECCLASS_DOMAIN2, DOMAIN2__SET_AS_TARGET); + if ( rc ) + return rc; return domain_has_perm(d, e, SECCLASS_DOMAIN, DOMAIN__SET_TARGET); } diff -r e391d7de856c -r f59daf171886 xen/xsm/flask/policy/access_vectors --- a/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:36:06 2013 +0000 +++ b/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:37:10 2013 +0000 @@ -78,6 +78,8 @@ class domain2 relabelfrom relabelto relabelself + make_priv_for + set_as_target } class hvm _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGN-0007Nj-57; Wed, 16 Jan 2013 08:22:23 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGL-0007JU-JV for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:21 +0000 Received: from [85.158.143.99:61443] by server-3.bemta-4.messagelabs.com id 5A/EE-19220-D3366F05; Wed, 16 Jan 2013 08:22:21 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-9.tower-216.messagelabs.com!1358324532!28148805!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 7028 invoked from network); 16 Jan 2013 08:22:14 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-9.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:14 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGB-0003r9-Mt for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:11 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGB-0000ZC-Lq for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:11 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:11 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xsm/flask: Add checks on the domain performing the set_target operation X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357900630 0 # Node ID f59daf1718864ff87caff2edf3809a437e6ec1b4 # Parent e391d7de856c629fb19625d68e888d618b5a374d xsm/flask: Add checks on the domain performing the set_target operation The existing domain__set_target check only verifies that the source and target domains can be associated. We also need to check that the privileged domain making this association is allowed to do so. Signed-off-by: Daniel De Graaf Committed-by: Keir Fraser --- diff -r e391d7de856c -r f59daf171886 xen/xsm/flask/hooks.c --- a/xen/xsm/flask/hooks.c Fri Jan 11 10:36:06 2013 +0000 +++ b/xen/xsm/flask/hooks.c Fri Jan 11 10:37:10 2013 +0000 @@ -577,6 +577,13 @@ static int flask_domain_settime(struct d static int flask_set_target(struct domain *d, struct domain *e) { + int rc; + rc = domain_has_perm(current->domain, d, SECCLASS_DOMAIN2, DOMAIN2__MAKE_PRIV_FOR); + if ( rc ) + return rc; + rc = domain_has_perm(current->domain, e, SECCLASS_DOMAIN2, DOMAIN2__SET_AS_TARGET); + if ( rc ) + return rc; return domain_has_perm(d, e, SECCLASS_DOMAIN, DOMAIN__SET_TARGET); } diff -r e391d7de856c -r f59daf171886 xen/xsm/flask/policy/access_vectors --- a/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:36:06 2013 +0000 +++ b/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:37:10 2013 +0000 @@ -78,6 +78,8 @@ class domain2 relabelfrom relabelto relabelself + make_priv_for + set_as_target } class hvm _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGM-0007N6-MV; Wed, 16 Jan 2013 08:22:22 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGL-0007Kh-37 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:21 +0000 Received: from [193.109.254.147:31020] by server-11.bemta-14.messagelabs.com id 3F/AB-02659-C3366F05; Wed, 16 Jan 2013 08:22:20 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-8.tower-27.messagelabs.com!1358324535!8741865!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 6623 invoked from network); 16 Jan 2013 08:22:17 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-8.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:17 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGF-0003rU-Dp for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:15 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGF-0000at-Ch for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:15 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:14 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen: sysctl XSM hook removal X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357900950 0 # Node ID 0bc879ecb8b3ece2fd879578f18c9565e82f175b # Parent 6672ac1415b1a94f5287d9a34ac4cd9e8e9d536a xen: sysctl XSM hook removal A number of the sysctl XSM hooks have no parameters or only pass the operation ID, making them redundant with the xsm_sysctl hook. Remove these redundant hooks. Signed-off-by: Daniel De Graaf Committed-by: Keir Fraser --- diff -r 6672ac1415b1 -r 0bc879ecb8b3 xen/arch/x86/sysctl.c --- a/xen/arch/x86/sysctl.c Fri Jan 11 10:41:51 2013 +0000 +++ b/xen/arch/x86/sysctl.c Fri Jan 11 10:42:30 2013 +0000 @@ -69,11 +69,6 @@ long arch_do_sysctl( { xen_sysctl_physinfo_t *pi = &sysctl->u.physinfo; - ret = xsm_physinfo(); - if ( ret ) - break; - - memset(pi, 0, sizeof(*pi)); pi->threads_per_core = cpumask_weight(per_cpu(cpu_sibling_mask, 0)); @@ -103,10 +98,6 @@ long arch_do_sysctl( uint32_t i, max_cpu_index, last_online_cpu; xen_sysctl_topologyinfo_t *ti = &sysctl->u.topologyinfo; - ret = xsm_physinfo(); - if ( ret ) - break; - last_online_cpu = cpumask_last(&cpu_online_map); max_cpu_index = min_t(uint32_t, ti->max_cpu_index, last_online_cpu); ti->max_cpu_index = last_online_cpu; @@ -144,10 +135,6 @@ long arch_do_sysctl( uint32_t i, j, max_node_index, last_online_node; xen_sysctl_numainfo_t *ni = &sysctl->u.numainfo; - ret = xsm_physinfo(); - if ( ret ) - break; - last_online_node = last_node(node_online_map); max_node_index = min_t(uint32_t, ni->max_node_index, last_online_node); ni->max_node_index = last_online_node; diff -r 6672ac1415b1 -r 0bc879ecb8b3 xen/common/sysctl.c --- a/xen/common/sysctl.c Fri Jan 11 10:41:51 2013 +0000 +++ b/xen/common/sysctl.c Fri Jan 11 10:42:30 2013 +0000 @@ -65,18 +65,10 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe break; case XEN_SYSCTL_tbuf_op: - ret = xsm_tbufcontrol(); - if ( ret ) - break; - ret = tb_control(&op->u.tbuf_op); break; case XEN_SYSCTL_sched_id: - ret = xsm_sched_id(); - if ( ret ) - break; - op->u.sched_id.sched_id = sched_id(); break; @@ -122,20 +114,12 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe #ifdef PERF_COUNTERS case XEN_SYSCTL_perfc_op: - ret = xsm_perfcontrol(); - if ( ret ) - break; - ret = perfc_control(&op->u.perfc_op); break; #endif #ifdef LOCK_PROFILE case XEN_SYSCTL_lockprof_op: - ret = xsm_lockprof(); - if ( ret ) - break; - ret = spinlock_profile_control(&op->u.lockprof_op); break; #endif @@ -144,10 +128,6 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe char c; uint32_t i; - ret = xsm_debug_keys(); - if ( ret ) - break; - ret = -EFAULT; for ( i = 0; i < op->u.debug_keys.nr_keys; i++ ) { @@ -167,10 +147,6 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe nr_cpus = min(op->u.getcpuinfo.max_cpus, nr_cpu_ids); - ret = xsm_getcpuinfo(); - if ( ret ) - break; - ret = -EFAULT; for ( i = 0; i < nr_cpus; i++ ) { @@ -186,10 +162,6 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe break; case XEN_SYSCTL_availheap: - ret = xsm_availheap(); - if ( ret ) - break; - op->u.availheap.avail_bytes = avail_domheap_pages_region( op->u.availheap.node, op->u.availheap.min_bitwidth, @@ -199,18 +171,10 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe #ifdef HAS_ACPI case XEN_SYSCTL_get_pmstat: - ret = xsm_get_pmstat(); - if ( ret ) - break; - ret = do_get_pm_info(&op->u.get_pmstat); break; case XEN_SYSCTL_pm_op: - ret = xsm_pm_op(); - if ( ret ) - break; - ret = do_pm_op(&op->u.pm_op); if ( ret == -EAGAIN ) copyback = 1; @@ -278,18 +242,10 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe break; case XEN_SYSCTL_cpupool_op: - ret = xsm_cpupool_op(); - if ( ret ) - break; - ret = cpupool_do_sysctl(&op->u.cpupool_op); break; case XEN_SYSCTL_scheduler_op: - ret = xsm_sched_op(); - if ( ret ) - break; - ret = sched_adjust_global(&op->u.scheduler_op); break; diff -r 6672ac1415b1 -r 0bc879ecb8b3 xen/include/xsm/dummy.h --- a/xen/include/xsm/dummy.h Fri Jan 11 10:41:51 2013 +0000 +++ b/xen/include/xsm/dummy.h Fri Jan 11 10:42:30 2013 +0000 @@ -58,41 +58,16 @@ static XSM_INLINE int xsm_sysctl(int cmd return 0; } -static XSM_INLINE int xsm_tbufcontrol(void) -{ - return 0; -} - static XSM_INLINE int xsm_readconsole(uint32_t clear) { return 0; } -static XSM_INLINE int xsm_sched_id(void) -{ - return 0; -} - -static XSM_INLINE int xsm_perfcontrol(void) -{ - return 0; -} - -static XSM_INLINE int xsm_debug_keys(void) -{ - return 0; -} - static XSM_INLINE int xsm_getcpuinfo(void) { return 0; } -static XSM_INLINE int xsm_get_pmstat(void) -{ - return 0; -} - static XSM_INLINE int xsm_setpminfo(void) { return 0; @@ -110,11 +85,6 @@ static XSM_INLINE int xsm_do_mca(void) return 0; } -static XSM_INLINE int xsm_availheap(void) -{ - return 0; -} - static XSM_INLINE int xsm_alloc_security_domain(struct domain *d) { return 0; @@ -353,21 +323,6 @@ static XSM_INLINE int xsm_page_offline(u return 0; } -static XSM_INLINE int xsm_lockprof(void) -{ - return 0; -} - -static XSM_INLINE int xsm_cpupool_op(void) -{ - return 0; -} - -static XSM_INLINE int xsm_sched_op(void) -{ - return 0; -} - static XSM_INLINE long xsm_do_xsm_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) { return -ENOSYS; @@ -496,11 +451,6 @@ static XSM_INLINE int xsm_microcode(void return 0; } -static XSM_INLINE int xsm_physinfo(void) -{ - return 0; -} - static XSM_INLINE int xsm_platform_quirk(uint32_t quirk) { return 0; diff -r 6672ac1415b1 -r 0bc879ecb8b3 xen/include/xsm/xsm.h --- a/xen/include/xsm/xsm.h Fri Jan 11 10:41:51 2013 +0000 +++ b/xen/include/xsm/xsm.h Fri Jan 11 10:42:30 2013 +0000 @@ -46,14 +46,8 @@ struct xsm_operations { int (*set_target) (struct domain *d, struct domain *e); int (*domctl) (struct domain *d, int cmd); int (*sysctl) (int cmd); - int (*tbufcontrol) (void); int (*readconsole) (uint32_t clear); - int (*sched_id) (void); - int (*perfcontrol) (void); - int (*debug_keys) (void); int (*getcpuinfo) (void); - int (*availheap) (void); - int (*get_pmstat) (void); int (*setpminfo) (void); int (*pm_op) (void); int (*do_mca) (void); @@ -116,9 +110,6 @@ struct xsm_operations { int (*resource_setup_misc) (void); int (*page_offline)(uint32_t cmd); - int (*lockprof)(void); - int (*cpupool_op)(void); - int (*sched_op)(void); long (*do_xsm_op) (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op); @@ -136,7 +127,6 @@ struct xsm_operations { int (*xen_settime) (void); int (*memtype) (uint32_t access); int (*microcode) (void); - int (*physinfo) (void); int (*platform_quirk) (uint32_t); int (*platform_op) (uint32_t cmd); int (*firmware_info) (void); @@ -199,46 +189,16 @@ static inline int xsm_sysctl (int cmd) return xsm_ops->sysctl(cmd); } -static inline int xsm_tbufcontrol (void) -{ - return xsm_ops->tbufcontrol(); -} - static inline int xsm_readconsole (uint32_t clear) { return xsm_ops->readconsole(clear); } -static inline int xsm_sched_id (void) -{ - return xsm_ops->sched_id(); -} - -static inline int xsm_perfcontrol (void) -{ - return xsm_ops->perfcontrol(); -} - -static inline int xsm_debug_keys (void) -{ - return xsm_ops->debug_keys(); -} - -static inline int xsm_availheap (void) -{ - return xsm_ops->availheap(); -} - -static inline int xsm_getcpuinfo (void) +static inline int xsm_getcpuinfo(void) { return xsm_ops->getcpuinfo(); } -static inline int xsm_get_pmstat(void) -{ - return xsm_ops->get_pmstat(); -} - static inline int xsm_setpminfo(void) { return xsm_ops->setpminfo(); @@ -495,21 +455,6 @@ static inline int xsm_page_offline(uint3 return xsm_ops->page_offline(cmd); } -static inline int xsm_lockprof(void) -{ - return xsm_ops->lockprof(); -} - -static inline int xsm_cpupool_op(void) -{ - return xsm_ops->cpupool_op(); -} - -static inline int xsm_sched_op(void) -{ - return xsm_ops->sched_op(); -} - static inline long xsm_do_xsm_op (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) { return xsm_ops->do_xsm_op(op); @@ -581,11 +526,6 @@ static inline int xsm_microcode (void) return xsm_ops->microcode(); } -static inline int xsm_physinfo (void) -{ - return xsm_ops->physinfo(); -} - static inline int xsm_platform_quirk (uint32_t quirk) { return xsm_ops->platform_quirk(quirk); diff -r 6672ac1415b1 -r 0bc879ecb8b3 xen/xsm/dummy.c --- a/xen/xsm/dummy.c Fri Jan 11 10:41:51 2013 +0000 +++ b/xen/xsm/dummy.c Fri Jan 11 10:42:30 2013 +0000 @@ -35,14 +35,8 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, set_target); set_to_dummy_if_null(ops, domctl); set_to_dummy_if_null(ops, sysctl); - set_to_dummy_if_null(ops, tbufcontrol); set_to_dummy_if_null(ops, readconsole); - set_to_dummy_if_null(ops, sched_id); - set_to_dummy_if_null(ops, perfcontrol); - set_to_dummy_if_null(ops, debug_keys); set_to_dummy_if_null(ops, getcpuinfo); - set_to_dummy_if_null(ops, availheap); - set_to_dummy_if_null(ops, get_pmstat); set_to_dummy_if_null(ops, setpminfo); set_to_dummy_if_null(ops, pm_op); set_to_dummy_if_null(ops, do_mca); @@ -103,9 +97,6 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, resource_setup_misc); set_to_dummy_if_null(ops, page_offline); - set_to_dummy_if_null(ops, lockprof); - set_to_dummy_if_null(ops, cpupool_op); - set_to_dummy_if_null(ops, sched_op); set_to_dummy_if_null(ops, do_xsm_op); @@ -123,7 +114,6 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, xen_settime); set_to_dummy_if_null(ops, memtype); set_to_dummy_if_null(ops, microcode); - set_to_dummy_if_null(ops, physinfo); set_to_dummy_if_null(ops, platform_quirk); set_to_dummy_if_null(ops, platform_op); set_to_dummy_if_null(ops, firmware_info); diff -r 6672ac1415b1 -r 0bc879ecb8b3 xen/xsm/flask/hooks.c --- a/xen/xsm/flask/hooks.c Fri Jan 11 10:41:51 2013 +0000 +++ b/xen/xsm/flask/hooks.c Fri Jan 11 10:42:30 2013 +0000 @@ -702,37 +702,57 @@ static int flask_sysctl(int cmd) { /* These have individual XSM hooks */ case XEN_SYSCTL_readconsole: + case XEN_SYSCTL_getdomaininfolist: + case XEN_SYSCTL_page_offline_op: +#ifdef CONFIG_X86 + case XEN_SYSCTL_cpu_hotplug: +#endif + return 0; + case XEN_SYSCTL_tbuf_op: + return domain_has_xen(current->domain, XEN__TBUFCONTROL); + case XEN_SYSCTL_sched_id: + return domain_has_xen(current->domain, XEN__SCHEDULER); + case XEN_SYSCTL_perfc_op: - case XEN_SYSCTL_getdomaininfolist: + return domain_has_xen(current->domain, XEN__PERFCONTROL); + case XEN_SYSCTL_debug_keys: + return domain_has_xen(current->domain, XEN__DEBUG); + case XEN_SYSCTL_getcpuinfo: + return domain_has_xen(current->domain, XEN__GETCPUINFO); + case XEN_SYSCTL_availheap: + return domain_has_xen(current->domain, XEN__HEAP); + case XEN_SYSCTL_get_pmstat: + return domain_has_xen(current->domain, XEN__PM_OP); + case XEN_SYSCTL_pm_op: - case XEN_SYSCTL_page_offline_op: + return domain_has_xen(current->domain, XEN__PM_OP); + case XEN_SYSCTL_lockprof_op: + return domain_has_xen(current->domain, XEN__LOCKPROF); + case XEN_SYSCTL_cpupool_op: + return domain_has_xen(current->domain, XEN__CPUPOOL_OP); + case XEN_SYSCTL_scheduler_op: -#ifdef CONFIG_X86 + return domain_has_xen(current->domain, XEN__SCHED_OP); + case XEN_SYSCTL_physinfo: - case XEN_SYSCTL_cpu_hotplug: case XEN_SYSCTL_topologyinfo: case XEN_SYSCTL_numainfo: -#endif - return 0; + return domain_has_xen(current->domain, XEN__PHYSINFO); + default: printk("flask_sysctl: Unknown op %d\n", cmd); return -EPERM; } } -static int flask_tbufcontrol(void) -{ - return domain_has_xen(current->domain, XEN__TBUFCONTROL); -} - static int flask_readconsole(uint32_t clear) { u32 perms = XEN__READCONSOLE; @@ -743,41 +763,6 @@ static int flask_readconsole(uint32_t cl return domain_has_xen(current->domain, perms); } -static int flask_sched_id(void) -{ - return domain_has_xen(current->domain, XEN__SCHEDULER); -} - -static int flask_debug_keys(void) -{ - return domain_has_xen(current->domain, XEN__DEBUG); -} - -static int flask_getcpuinfo(void) -{ - return domain_has_xen(current->domain, XEN__GETCPUINFO); -} - -static int flask_availheap(void) -{ - return domain_has_xen(current->domain, XEN__HEAP); -} - -static int flask_get_pmstat(void) -{ - return domain_has_xen(current->domain, XEN__PM_OP); -} - -static int flask_setpminfo(void) -{ - return domain_has_xen(current->domain, XEN__PM_OP); -} - -static int flask_pm_op(void) -{ - return domain_has_xen(current->domain, XEN__PM_OP); -} - static int flask_do_mca(void) { return domain_has_xen(current->domain, XEN__MCA_OP); @@ -1032,26 +1017,6 @@ static inline int flask_page_offline(uin } } -static inline int flask_lockprof(void) -{ - return domain_has_xen(current->domain, XEN__LOCKPROF); -} - -static inline int flask_cpupool_op(void) -{ - return domain_has_xen(current->domain, XEN__CPUPOOL_OP); -} - -static inline int flask_sched_op(void) -{ - return domain_has_xen(current->domain, XEN__SCHED_OP); -} - -static int flask_perfcontrol(void) -{ - return domain_has_xen(current->domain, XEN__PERFCONTROL); -} - #ifdef CONFIG_X86 static int flask_shadow_control(struct domain *d, uint32_t op) { @@ -1244,11 +1209,6 @@ static int flask_microcode(void) return domain_has_xen(current->domain, XEN__MICROCODE); } -static int flask_physinfo(void) -{ - return domain_has_xen(current->domain, XEN__PHYSINFO); -} - static int flask_platform_quirk(uint32_t quirk) { return avc_current_has_perm(SECINITSID_XEN, SECCLASS_XEN, XEN__QUIRK, NULL); @@ -1269,17 +1229,21 @@ static int flask_platform_op(uint32_t op case XENPF_enter_acpi_sleep: case XENPF_change_freq: case XENPF_getidletime: - case XENPF_set_processor_pminfo: - case XENPF_get_cpuinfo: - case XENPF_get_cpu_version: case XENPF_cpu_online: case XENPF_cpu_offline: case XENPF_cpu_hotadd: case XENPF_mem_hotadd: /* These operations have their own XSM hooks */ return 0; + + case XENPF_set_processor_pminfo: case XENPF_core_parking: return domain_has_xen(current->domain, XEN__PM_OP); + + case XENPF_get_cpu_version: + case XENPF_get_cpuinfo: + return domain_has_xen(current->domain, XEN__GETCPUINFO); + default: printk("flask_platform_op: Unknown op %d\n", op); return -EPERM; @@ -1475,16 +1439,7 @@ static struct xsm_operations flask_ops = .set_target = flask_set_target, .domctl = flask_domctl, .sysctl = flask_sysctl, - .tbufcontrol = flask_tbufcontrol, .readconsole = flask_readconsole, - .sched_id = flask_sched_id, - .perfcontrol = flask_perfcontrol, - .debug_keys = flask_debug_keys, - .getcpuinfo = flask_getcpuinfo, - .availheap = flask_availheap, - .get_pmstat = flask_get_pmstat, - .setpminfo = flask_setpminfo, - .pm_op = flask_pm_op, .do_mca = flask_do_mca, .evtchn_unbound = flask_evtchn_unbound, @@ -1539,9 +1494,6 @@ static struct xsm_operations flask_ops = .resource_setup_misc = flask_resource_setup_misc, .page_offline = flask_page_offline, - .lockprof = flask_lockprof, - .cpupool_op = flask_cpupool_op, - .sched_op = flask_sched_op, .do_xsm_op = do_flask_op, @@ -1559,7 +1511,6 @@ static struct xsm_operations flask_ops = .xen_settime = flask_xen_settime, .memtype = flask_memtype, .microcode = flask_microcode, - .physinfo = flask_physinfo, .platform_quirk = flask_platform_quirk, .platform_op = flask_platform_op, .firmware_info = flask_firmware_info, _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGM-0007N6-MV; Wed, 16 Jan 2013 08:22:22 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGL-0007Kh-37 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:21 +0000 Received: from [193.109.254.147:31020] by server-11.bemta-14.messagelabs.com id 3F/AB-02659-C3366F05; Wed, 16 Jan 2013 08:22:20 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-8.tower-27.messagelabs.com!1358324535!8741865!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 6623 invoked from network); 16 Jan 2013 08:22:17 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-8.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:17 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGF-0003rU-Dp for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:15 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGF-0000at-Ch for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:15 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:14 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen: sysctl XSM hook removal X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357900950 0 # Node ID 0bc879ecb8b3ece2fd879578f18c9565e82f175b # Parent 6672ac1415b1a94f5287d9a34ac4cd9e8e9d536a xen: sysctl XSM hook removal A number of the sysctl XSM hooks have no parameters or only pass the operation ID, making them redundant with the xsm_sysctl hook. Remove these redundant hooks. Signed-off-by: Daniel De Graaf Committed-by: Keir Fraser --- diff -r 6672ac1415b1 -r 0bc879ecb8b3 xen/arch/x86/sysctl.c --- a/xen/arch/x86/sysctl.c Fri Jan 11 10:41:51 2013 +0000 +++ b/xen/arch/x86/sysctl.c Fri Jan 11 10:42:30 2013 +0000 @@ -69,11 +69,6 @@ long arch_do_sysctl( { xen_sysctl_physinfo_t *pi = &sysctl->u.physinfo; - ret = xsm_physinfo(); - if ( ret ) - break; - - memset(pi, 0, sizeof(*pi)); pi->threads_per_core = cpumask_weight(per_cpu(cpu_sibling_mask, 0)); @@ -103,10 +98,6 @@ long arch_do_sysctl( uint32_t i, max_cpu_index, last_online_cpu; xen_sysctl_topologyinfo_t *ti = &sysctl->u.topologyinfo; - ret = xsm_physinfo(); - if ( ret ) - break; - last_online_cpu = cpumask_last(&cpu_online_map); max_cpu_index = min_t(uint32_t, ti->max_cpu_index, last_online_cpu); ti->max_cpu_index = last_online_cpu; @@ -144,10 +135,6 @@ long arch_do_sysctl( uint32_t i, j, max_node_index, last_online_node; xen_sysctl_numainfo_t *ni = &sysctl->u.numainfo; - ret = xsm_physinfo(); - if ( ret ) - break; - last_online_node = last_node(node_online_map); max_node_index = min_t(uint32_t, ni->max_node_index, last_online_node); ni->max_node_index = last_online_node; diff -r 6672ac1415b1 -r 0bc879ecb8b3 xen/common/sysctl.c --- a/xen/common/sysctl.c Fri Jan 11 10:41:51 2013 +0000 +++ b/xen/common/sysctl.c Fri Jan 11 10:42:30 2013 +0000 @@ -65,18 +65,10 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe break; case XEN_SYSCTL_tbuf_op: - ret = xsm_tbufcontrol(); - if ( ret ) - break; - ret = tb_control(&op->u.tbuf_op); break; case XEN_SYSCTL_sched_id: - ret = xsm_sched_id(); - if ( ret ) - break; - op->u.sched_id.sched_id = sched_id(); break; @@ -122,20 +114,12 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe #ifdef PERF_COUNTERS case XEN_SYSCTL_perfc_op: - ret = xsm_perfcontrol(); - if ( ret ) - break; - ret = perfc_control(&op->u.perfc_op); break; #endif #ifdef LOCK_PROFILE case XEN_SYSCTL_lockprof_op: - ret = xsm_lockprof(); - if ( ret ) - break; - ret = spinlock_profile_control(&op->u.lockprof_op); break; #endif @@ -144,10 +128,6 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe char c; uint32_t i; - ret = xsm_debug_keys(); - if ( ret ) - break; - ret = -EFAULT; for ( i = 0; i < op->u.debug_keys.nr_keys; i++ ) { @@ -167,10 +147,6 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe nr_cpus = min(op->u.getcpuinfo.max_cpus, nr_cpu_ids); - ret = xsm_getcpuinfo(); - if ( ret ) - break; - ret = -EFAULT; for ( i = 0; i < nr_cpus; i++ ) { @@ -186,10 +162,6 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe break; case XEN_SYSCTL_availheap: - ret = xsm_availheap(); - if ( ret ) - break; - op->u.availheap.avail_bytes = avail_domheap_pages_region( op->u.availheap.node, op->u.availheap.min_bitwidth, @@ -199,18 +171,10 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe #ifdef HAS_ACPI case XEN_SYSCTL_get_pmstat: - ret = xsm_get_pmstat(); - if ( ret ) - break; - ret = do_get_pm_info(&op->u.get_pmstat); break; case XEN_SYSCTL_pm_op: - ret = xsm_pm_op(); - if ( ret ) - break; - ret = do_pm_op(&op->u.pm_op); if ( ret == -EAGAIN ) copyback = 1; @@ -278,18 +242,10 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe break; case XEN_SYSCTL_cpupool_op: - ret = xsm_cpupool_op(); - if ( ret ) - break; - ret = cpupool_do_sysctl(&op->u.cpupool_op); break; case XEN_SYSCTL_scheduler_op: - ret = xsm_sched_op(); - if ( ret ) - break; - ret = sched_adjust_global(&op->u.scheduler_op); break; diff -r 6672ac1415b1 -r 0bc879ecb8b3 xen/include/xsm/dummy.h --- a/xen/include/xsm/dummy.h Fri Jan 11 10:41:51 2013 +0000 +++ b/xen/include/xsm/dummy.h Fri Jan 11 10:42:30 2013 +0000 @@ -58,41 +58,16 @@ static XSM_INLINE int xsm_sysctl(int cmd return 0; } -static XSM_INLINE int xsm_tbufcontrol(void) -{ - return 0; -} - static XSM_INLINE int xsm_readconsole(uint32_t clear) { return 0; } -static XSM_INLINE int xsm_sched_id(void) -{ - return 0; -} - -static XSM_INLINE int xsm_perfcontrol(void) -{ - return 0; -} - -static XSM_INLINE int xsm_debug_keys(void) -{ - return 0; -} - static XSM_INLINE int xsm_getcpuinfo(void) { return 0; } -static XSM_INLINE int xsm_get_pmstat(void) -{ - return 0; -} - static XSM_INLINE int xsm_setpminfo(void) { return 0; @@ -110,11 +85,6 @@ static XSM_INLINE int xsm_do_mca(void) return 0; } -static XSM_INLINE int xsm_availheap(void) -{ - return 0; -} - static XSM_INLINE int xsm_alloc_security_domain(struct domain *d) { return 0; @@ -353,21 +323,6 @@ static XSM_INLINE int xsm_page_offline(u return 0; } -static XSM_INLINE int xsm_lockprof(void) -{ - return 0; -} - -static XSM_INLINE int xsm_cpupool_op(void) -{ - return 0; -} - -static XSM_INLINE int xsm_sched_op(void) -{ - return 0; -} - static XSM_INLINE long xsm_do_xsm_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) { return -ENOSYS; @@ -496,11 +451,6 @@ static XSM_INLINE int xsm_microcode(void return 0; } -static XSM_INLINE int xsm_physinfo(void) -{ - return 0; -} - static XSM_INLINE int xsm_platform_quirk(uint32_t quirk) { return 0; diff -r 6672ac1415b1 -r 0bc879ecb8b3 xen/include/xsm/xsm.h --- a/xen/include/xsm/xsm.h Fri Jan 11 10:41:51 2013 +0000 +++ b/xen/include/xsm/xsm.h Fri Jan 11 10:42:30 2013 +0000 @@ -46,14 +46,8 @@ struct xsm_operations { int (*set_target) (struct domain *d, struct domain *e); int (*domctl) (struct domain *d, int cmd); int (*sysctl) (int cmd); - int (*tbufcontrol) (void); int (*readconsole) (uint32_t clear); - int (*sched_id) (void); - int (*perfcontrol) (void); - int (*debug_keys) (void); int (*getcpuinfo) (void); - int (*availheap) (void); - int (*get_pmstat) (void); int (*setpminfo) (void); int (*pm_op) (void); int (*do_mca) (void); @@ -116,9 +110,6 @@ struct xsm_operations { int (*resource_setup_misc) (void); int (*page_offline)(uint32_t cmd); - int (*lockprof)(void); - int (*cpupool_op)(void); - int (*sched_op)(void); long (*do_xsm_op) (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op); @@ -136,7 +127,6 @@ struct xsm_operations { int (*xen_settime) (void); int (*memtype) (uint32_t access); int (*microcode) (void); - int (*physinfo) (void); int (*platform_quirk) (uint32_t); int (*platform_op) (uint32_t cmd); int (*firmware_info) (void); @@ -199,46 +189,16 @@ static inline int xsm_sysctl (int cmd) return xsm_ops->sysctl(cmd); } -static inline int xsm_tbufcontrol (void) -{ - return xsm_ops->tbufcontrol(); -} - static inline int xsm_readconsole (uint32_t clear) { return xsm_ops->readconsole(clear); } -static inline int xsm_sched_id (void) -{ - return xsm_ops->sched_id(); -} - -static inline int xsm_perfcontrol (void) -{ - return xsm_ops->perfcontrol(); -} - -static inline int xsm_debug_keys (void) -{ - return xsm_ops->debug_keys(); -} - -static inline int xsm_availheap (void) -{ - return xsm_ops->availheap(); -} - -static inline int xsm_getcpuinfo (void) +static inline int xsm_getcpuinfo(void) { return xsm_ops->getcpuinfo(); } -static inline int xsm_get_pmstat(void) -{ - return xsm_ops->get_pmstat(); -} - static inline int xsm_setpminfo(void) { return xsm_ops->setpminfo(); @@ -495,21 +455,6 @@ static inline int xsm_page_offline(uint3 return xsm_ops->page_offline(cmd); } -static inline int xsm_lockprof(void) -{ - return xsm_ops->lockprof(); -} - -static inline int xsm_cpupool_op(void) -{ - return xsm_ops->cpupool_op(); -} - -static inline int xsm_sched_op(void) -{ - return xsm_ops->sched_op(); -} - static inline long xsm_do_xsm_op (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) { return xsm_ops->do_xsm_op(op); @@ -581,11 +526,6 @@ static inline int xsm_microcode (void) return xsm_ops->microcode(); } -static inline int xsm_physinfo (void) -{ - return xsm_ops->physinfo(); -} - static inline int xsm_platform_quirk (uint32_t quirk) { return xsm_ops->platform_quirk(quirk); diff -r 6672ac1415b1 -r 0bc879ecb8b3 xen/xsm/dummy.c --- a/xen/xsm/dummy.c Fri Jan 11 10:41:51 2013 +0000 +++ b/xen/xsm/dummy.c Fri Jan 11 10:42:30 2013 +0000 @@ -35,14 +35,8 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, set_target); set_to_dummy_if_null(ops, domctl); set_to_dummy_if_null(ops, sysctl); - set_to_dummy_if_null(ops, tbufcontrol); set_to_dummy_if_null(ops, readconsole); - set_to_dummy_if_null(ops, sched_id); - set_to_dummy_if_null(ops, perfcontrol); - set_to_dummy_if_null(ops, debug_keys); set_to_dummy_if_null(ops, getcpuinfo); - set_to_dummy_if_null(ops, availheap); - set_to_dummy_if_null(ops, get_pmstat); set_to_dummy_if_null(ops, setpminfo); set_to_dummy_if_null(ops, pm_op); set_to_dummy_if_null(ops, do_mca); @@ -103,9 +97,6 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, resource_setup_misc); set_to_dummy_if_null(ops, page_offline); - set_to_dummy_if_null(ops, lockprof); - set_to_dummy_if_null(ops, cpupool_op); - set_to_dummy_if_null(ops, sched_op); set_to_dummy_if_null(ops, do_xsm_op); @@ -123,7 +114,6 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, xen_settime); set_to_dummy_if_null(ops, memtype); set_to_dummy_if_null(ops, microcode); - set_to_dummy_if_null(ops, physinfo); set_to_dummy_if_null(ops, platform_quirk); set_to_dummy_if_null(ops, platform_op); set_to_dummy_if_null(ops, firmware_info); diff -r 6672ac1415b1 -r 0bc879ecb8b3 xen/xsm/flask/hooks.c --- a/xen/xsm/flask/hooks.c Fri Jan 11 10:41:51 2013 +0000 +++ b/xen/xsm/flask/hooks.c Fri Jan 11 10:42:30 2013 +0000 @@ -702,37 +702,57 @@ static int flask_sysctl(int cmd) { /* These have individual XSM hooks */ case XEN_SYSCTL_readconsole: + case XEN_SYSCTL_getdomaininfolist: + case XEN_SYSCTL_page_offline_op: +#ifdef CONFIG_X86 + case XEN_SYSCTL_cpu_hotplug: +#endif + return 0; + case XEN_SYSCTL_tbuf_op: + return domain_has_xen(current->domain, XEN__TBUFCONTROL); + case XEN_SYSCTL_sched_id: + return domain_has_xen(current->domain, XEN__SCHEDULER); + case XEN_SYSCTL_perfc_op: - case XEN_SYSCTL_getdomaininfolist: + return domain_has_xen(current->domain, XEN__PERFCONTROL); + case XEN_SYSCTL_debug_keys: + return domain_has_xen(current->domain, XEN__DEBUG); + case XEN_SYSCTL_getcpuinfo: + return domain_has_xen(current->domain, XEN__GETCPUINFO); + case XEN_SYSCTL_availheap: + return domain_has_xen(current->domain, XEN__HEAP); + case XEN_SYSCTL_get_pmstat: + return domain_has_xen(current->domain, XEN__PM_OP); + case XEN_SYSCTL_pm_op: - case XEN_SYSCTL_page_offline_op: + return domain_has_xen(current->domain, XEN__PM_OP); + case XEN_SYSCTL_lockprof_op: + return domain_has_xen(current->domain, XEN__LOCKPROF); + case XEN_SYSCTL_cpupool_op: + return domain_has_xen(current->domain, XEN__CPUPOOL_OP); + case XEN_SYSCTL_scheduler_op: -#ifdef CONFIG_X86 + return domain_has_xen(current->domain, XEN__SCHED_OP); + case XEN_SYSCTL_physinfo: - case XEN_SYSCTL_cpu_hotplug: case XEN_SYSCTL_topologyinfo: case XEN_SYSCTL_numainfo: -#endif - return 0; + return domain_has_xen(current->domain, XEN__PHYSINFO); + default: printk("flask_sysctl: Unknown op %d\n", cmd); return -EPERM; } } -static int flask_tbufcontrol(void) -{ - return domain_has_xen(current->domain, XEN__TBUFCONTROL); -} - static int flask_readconsole(uint32_t clear) { u32 perms = XEN__READCONSOLE; @@ -743,41 +763,6 @@ static int flask_readconsole(uint32_t cl return domain_has_xen(current->domain, perms); } -static int flask_sched_id(void) -{ - return domain_has_xen(current->domain, XEN__SCHEDULER); -} - -static int flask_debug_keys(void) -{ - return domain_has_xen(current->domain, XEN__DEBUG); -} - -static int flask_getcpuinfo(void) -{ - return domain_has_xen(current->domain, XEN__GETCPUINFO); -} - -static int flask_availheap(void) -{ - return domain_has_xen(current->domain, XEN__HEAP); -} - -static int flask_get_pmstat(void) -{ - return domain_has_xen(current->domain, XEN__PM_OP); -} - -static int flask_setpminfo(void) -{ - return domain_has_xen(current->domain, XEN__PM_OP); -} - -static int flask_pm_op(void) -{ - return domain_has_xen(current->domain, XEN__PM_OP); -} - static int flask_do_mca(void) { return domain_has_xen(current->domain, XEN__MCA_OP); @@ -1032,26 +1017,6 @@ static inline int flask_page_offline(uin } } -static inline int flask_lockprof(void) -{ - return domain_has_xen(current->domain, XEN__LOCKPROF); -} - -static inline int flask_cpupool_op(void) -{ - return domain_has_xen(current->domain, XEN__CPUPOOL_OP); -} - -static inline int flask_sched_op(void) -{ - return domain_has_xen(current->domain, XEN__SCHED_OP); -} - -static int flask_perfcontrol(void) -{ - return domain_has_xen(current->domain, XEN__PERFCONTROL); -} - #ifdef CONFIG_X86 static int flask_shadow_control(struct domain *d, uint32_t op) { @@ -1244,11 +1209,6 @@ static int flask_microcode(void) return domain_has_xen(current->domain, XEN__MICROCODE); } -static int flask_physinfo(void) -{ - return domain_has_xen(current->domain, XEN__PHYSINFO); -} - static int flask_platform_quirk(uint32_t quirk) { return avc_current_has_perm(SECINITSID_XEN, SECCLASS_XEN, XEN__QUIRK, NULL); @@ -1269,17 +1229,21 @@ static int flask_platform_op(uint32_t op case XENPF_enter_acpi_sleep: case XENPF_change_freq: case XENPF_getidletime: - case XENPF_set_processor_pminfo: - case XENPF_get_cpuinfo: - case XENPF_get_cpu_version: case XENPF_cpu_online: case XENPF_cpu_offline: case XENPF_cpu_hotadd: case XENPF_mem_hotadd: /* These operations have their own XSM hooks */ return 0; + + case XENPF_set_processor_pminfo: case XENPF_core_parking: return domain_has_xen(current->domain, XEN__PM_OP); + + case XENPF_get_cpu_version: + case XENPF_get_cpuinfo: + return domain_has_xen(current->domain, XEN__GETCPUINFO); + default: printk("flask_platform_op: Unknown op %d\n", op); return -EPERM; @@ -1475,16 +1439,7 @@ static struct xsm_operations flask_ops = .set_target = flask_set_target, .domctl = flask_domctl, .sysctl = flask_sysctl, - .tbufcontrol = flask_tbufcontrol, .readconsole = flask_readconsole, - .sched_id = flask_sched_id, - .perfcontrol = flask_perfcontrol, - .debug_keys = flask_debug_keys, - .getcpuinfo = flask_getcpuinfo, - .availheap = flask_availheap, - .get_pmstat = flask_get_pmstat, - .setpminfo = flask_setpminfo, - .pm_op = flask_pm_op, .do_mca = flask_do_mca, .evtchn_unbound = flask_evtchn_unbound, @@ -1539,9 +1494,6 @@ static struct xsm_operations flask_ops = .resource_setup_misc = flask_resource_setup_misc, .page_offline = flask_page_offline, - .lockprof = flask_lockprof, - .cpupool_op = flask_cpupool_op, - .sched_op = flask_sched_op, .do_xsm_op = do_flask_op, @@ -1559,7 +1511,6 @@ static struct xsm_operations flask_ops = .xen_settime = flask_xen_settime, .memtype = flask_memtype, .microcode = flask_microcode, - .physinfo = flask_physinfo, .platform_quirk = flask_platform_quirk, .platform_op = flask_platform_op, .firmware_info = flask_firmware_info, _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGN-0007OO-I6; Wed, 16 Jan 2013 08:22:23 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGL-0007LJ-Ud for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:22 +0000 Received: from [85.158.139.83:48311] by server-12.bemta-5.messagelabs.com id DA/07-06173-D3366F05; Wed, 16 Jan 2013 08:22:21 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-2.tower-182.messagelabs.com!1358324529!27624533!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 17228 invoked from network); 16 Jan 2013 08:22:10 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-2.tower-182.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:10 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOG9-0003qu-HL for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOG9-0000Xz-4Y for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:09 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:08 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen: avoid calling rcu_lock_*target_domain when an XSM hook exists X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357898839 0 # Node ID ba386fd2bf17fd30e8215bedc3187c95b8eb9e6b # Parent bf1e34d665580679b02a67075f809d88f39646f8 xen: avoid calling rcu_lock_*target_domain when an XSM hook exists The rcu_lock_{,remote_}target_domain_by_id functions are wrappers around an IS_PRIV_FOR check for the current domain. This is now redundant with XSM hooks, so replace these calls with rcu_lock_domain_by_any_id or rcu_lock_remote_domain_by_id to remove the duplicate permission checks. When XSM_ENABLE is not defined or when the dummy XSM module is used, this patch should not change any functionality. Because the locations of privilege checks have sometimes moved below argument validation, error returns of some functions may change from EPERM to EINVAL when called with invalid arguments and from a domain without permission to perform the operation. Signed-off-by: Daniel De Graaf Acked-by: Jan Beulich Committed-by: Keir Fraser --- diff -r bf1e34d66558 -r ba386fd2bf17 xen/arch/x86/hvm/hvm.c --- a/xen/arch/x86/hvm/hvm.c Fri Jan 11 10:06:43 2013 +0000 +++ b/xen/arch/x86/hvm/hvm.c Fri Jan 11 10:07:19 2013 +0000 @@ -3388,7 +3388,7 @@ static int hvmop_set_pci_intx_level( if ( (op.domain > 0) || (op.bus > 0) || (op.device > 31) || (op.intx > 3) ) return -EINVAL; - rc = rcu_lock_remote_target_domain_by_id(op.domid, &d); + rc = rcu_lock_remote_domain_by_id(op.domid, &d); if ( rc != 0 ) return rc; @@ -3555,7 +3555,7 @@ static int hvmop_set_isa_irq_level( if ( op.isa_irq > 15 ) return -EINVAL; - rc = rcu_lock_remote_target_domain_by_id(op.domid, &d); + rc = rcu_lock_remote_domain_by_id(op.domid, &d); if ( rc != 0 ) return rc; @@ -3599,7 +3599,7 @@ static int hvmop_set_pci_link_route( if ( (op.link > 3) || (op.isa_irq > 15) ) return -EINVAL; - rc = rcu_lock_remote_target_domain_by_id(op.domid, &d); + rc = rcu_lock_remote_domain_by_id(op.domid, &d); if ( rc != 0 ) return rc; @@ -3629,7 +3629,7 @@ static int hvmop_inject_msi( if ( copy_from_guest(&op, uop, 1) ) return -EFAULT; - rc = rcu_lock_remote_target_domain_by_id(op.domid, &d); + rc = rcu_lock_remote_domain_by_id(op.domid, &d); if ( rc != 0 ) return rc; @@ -3726,9 +3726,9 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( a.index >= HVM_NR_PARAMS ) return -EINVAL; - rc = rcu_lock_target_domain_by_id(a.domid, &d); - if ( rc != 0 ) - return rc; + d = rcu_lock_domain_by_any_id(a.domid); + if ( d == NULL ) + return -ESRCH; rc = -EINVAL; if ( !is_hvm_domain(d) ) @@ -3972,7 +3972,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( copy_from_guest(&a, arg, 1) ) return -EFAULT; - rc = rcu_lock_remote_target_domain_by_id(a.domid, &d); + rc = rcu_lock_remote_domain_by_id(a.domid, &d); if ( rc != 0 ) return rc; @@ -4013,7 +4013,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( copy_from_guest(&a, arg, 1) ) return -EFAULT; - rc = rcu_lock_remote_target_domain_by_id(a.domid, &d); + rc = rcu_lock_remote_domain_by_id(a.domid, &d); if ( rc != 0 ) return rc; @@ -4078,9 +4078,9 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( copy_from_guest(&a, arg, 1) ) return -EFAULT; - rc = rcu_lock_target_domain_by_id(a.domid, &d); - if ( rc != 0 ) - return rc; + d = rcu_lock_domain_by_any_id(a.domid); + if ( d == NULL ) + return -ESRCH; rc = xsm_hvm_param(d, op); if ( rc ) @@ -4128,7 +4128,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( copy_from_guest(&a, arg, 1) ) return -EFAULT; - rc = rcu_lock_remote_target_domain_by_id(a.domid, &d); + rc = rcu_lock_remote_domain_by_id(a.domid, &d); if ( rc != 0 ) return rc; @@ -4221,7 +4221,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( copy_from_guest(&a, arg, 1) ) return -EFAULT; - rc = rcu_lock_remote_target_domain_by_id(a.domid, &d); + rc = rcu_lock_remote_domain_by_id(a.domid, &d); if ( rc != 0 ) return rc; @@ -4256,7 +4256,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( copy_from_guest(&a, arg, 1) ) return -EFAULT; - rc = rcu_lock_remote_target_domain_by_id(a.domid, &d); + rc = rcu_lock_remote_domain_by_id(a.domid, &d); if ( rc != 0 ) return rc; @@ -4292,9 +4292,9 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( copy_from_guest(&a, arg, 1) ) return -EFAULT; - rc = rcu_lock_target_domain_by_id(a.domid, &d); - if ( rc != 0 ) - return rc; + d = rcu_lock_domain_by_any_id(a.domid); + if ( d == NULL ) + return -ESRCH; rc = -EINVAL; if ( !is_hvm_domain(d) || !paging_mode_shadow(d) ) @@ -4346,7 +4346,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( copy_from_guest(&tr, arg, 1 ) ) return -EFAULT; - rc = rcu_lock_remote_target_domain_by_id(tr.domid, &d); + rc = rcu_lock_remote_domain_by_id(tr.domid, &d); if ( rc != 0 ) return rc; diff -r bf1e34d66558 -r ba386fd2bf17 xen/arch/x86/mm.c --- a/xen/arch/x86/mm.c Fri Jan 11 10:06:43 2013 +0000 +++ b/xen/arch/x86/mm.c Fri Jan 11 10:07:19 2013 +0000 @@ -4375,9 +4375,9 @@ long arch_memory_op(int op, XEN_GUEST_HA if ( copy_from_guest(&xatp, arg, 1) ) return -EFAULT; - rc = rcu_lock_target_domain_by_id(xatp.domid, &d); - if ( rc != 0 ) - return rc; + d = rcu_lock_domain_by_any_id(xatp.domid); + if ( d == NULL ) + return -ESRCH; if ( xsm_add_to_physmap(current->domain, d) ) { @@ -4414,9 +4414,9 @@ long arch_memory_op(int op, XEN_GUEST_HA if ( fmap.map.nr_entries > E820MAX ) return -EINVAL; - rc = rcu_lock_target_domain_by_id(fmap.domid, &d); - if ( rc != 0 ) - return rc; + d = rcu_lock_domain_by_any_id(fmap.domid); + if ( d == NULL ) + return -ESRCH; rc = xsm_domain_memory_map(d); if ( rc ) @@ -4569,16 +4569,12 @@ long arch_memory_op(int op, XEN_GUEST_HA struct domain *d; struct p2m_domain *p2m; - /* Support DOMID_SELF? */ - if ( !IS_PRIV(current->domain) ) - return -EPERM; - if ( copy_from_guest(&target, arg, 1) ) return -EFAULT; - rc = rcu_lock_target_domain_by_id(target.domid, &d); - if ( rc != 0 ) - return rc; + d = rcu_lock_domain_by_any_id(target.domid); + if ( d == NULL ) + return -ESRCH; if ( op == XENMEM_set_pod_target ) rc = xsm_set_pod_target(d); diff -r bf1e34d66558 -r ba386fd2bf17 xen/common/event_channel.c --- a/xen/common/event_channel.c Fri Jan 11 10:06:43 2013 +0000 +++ b/xen/common/event_channel.c Fri Jan 11 10:07:19 2013 +0000 @@ -165,9 +165,9 @@ static long evtchn_alloc_unbound(evtchn_ domid_t dom = alloc->dom; long rc; - rc = rcu_lock_target_domain_by_id(dom, &d); - if ( rc ) - return rc; + d = rcu_lock_domain_by_any_id(dom); + if ( d == NULL ) + return -ESRCH; spin_lock(&d->event_lock); @@ -798,9 +798,9 @@ static long evtchn_status(evtchn_status_ struct evtchn *chn; long rc = 0; - rc = rcu_lock_target_domain_by_id(dom, &d); - if ( rc ) - return rc; + d = rcu_lock_domain_by_any_id(dom); + if ( d == NULL ) + return -ESRCH; spin_lock(&d->event_lock); @@ -950,9 +950,9 @@ static long evtchn_reset(evtchn_reset_t struct domain *d; int i, rc; - rc = rcu_lock_target_domain_by_id(dom, &d); - if ( rc ) - return rc; + d = rcu_lock_domain_by_any_id(dom); + if ( d == NULL ) + return -ESRCH; rc = xsm_evtchn_reset(current->domain, d); if ( rc ) diff -r bf1e34d66558 -r ba386fd2bf17 xen/common/grant_table.c --- a/xen/common/grant_table.c Fri Jan 11 10:06:43 2013 +0000 +++ b/xen/common/grant_table.c Fri Jan 11 10:07:19 2013 +0000 @@ -230,30 +230,6 @@ double_gt_unlock(struct grant_table *lgt spin_unlock(&rgt->lock); } -static struct domain *gt_lock_target_domain_by_id(domid_t dom) -{ - struct domain *d; - int rc = GNTST_general_error; - - switch ( rcu_lock_target_domain_by_id(dom, &d) ) - { - case 0: - return d; - - case -ESRCH: - gdprintk(XENLOG_INFO, "Bad domid %d.\n", dom); - rc = GNTST_bad_domain; - break; - - case -EPERM: - rc = GNTST_permission_denied; - break; - } - - ASSERT(rc < 0 && -rc <= MAX_ERRNO); - return ERR_PTR(rc); -} - static inline int __get_maptrack_handle( struct grant_table *t) @@ -1352,11 +1328,12 @@ gnttab_setup_table( if ( !guest_handle_okay(op.frame_list, op.nr_frames) ) return -EFAULT; - d = gt_lock_target_domain_by_id(op.dom); - if ( IS_ERR(d) ) + d = rcu_lock_domain_by_any_id(op.dom); + if ( d == NULL ) { - op.status = PTR_ERR(d); - goto out1; + gdprintk(XENLOG_INFO, "Bad domid %d.\n", op.dom); + op.status = GNTST_bad_domain; + goto out2; } if ( xsm_grant_setup(current->domain, d) ) @@ -1421,10 +1398,11 @@ gnttab_query_size( return -EFAULT; } - d = gt_lock_target_domain_by_id(op.dom); - if ( IS_ERR(d) ) + d = rcu_lock_domain_by_any_id(op.dom); + if ( d == NULL ) { - op.status = PTR_ERR(d); + gdprintk(XENLOG_INFO, "Bad domid %d.\n", op.dom); + op.status = GNTST_bad_domain; goto query_out; } @@ -2296,10 +2274,10 @@ gnttab_get_status_frames(XEN_GUEST_HANDL return -EFAULT; } - d = gt_lock_target_domain_by_id(op.dom); - if ( IS_ERR(d) ) + d = rcu_lock_domain_by_any_id(op.dom); + if ( d == NULL ) { - op.status = PTR_ERR(d); + op.status = GNTST_bad_domain; goto out1; } rc = xsm_grant_setup(current->domain, d); @@ -2349,14 +2327,15 @@ gnttab_get_version(XEN_GUEST_HANDLE_PARA if ( copy_from_guest(&op, uop, 1) ) return -EFAULT; - rc = rcu_lock_target_domain_by_id(op.dom, &d); - if ( rc < 0 ) - return rc; - - if ( xsm_grant_query_size(current->domain, d) ) + d = rcu_lock_domain_by_any_id(op.dom); + if ( d == NULL ) + return -ESRCH; + + rc = xsm_grant_query_size(current->domain, d); + if ( rc ) { rcu_unlock_domain(d); - return -EPERM; + return rc; } op.version = d->grant_table->gt_version; diff -r bf1e34d66558 -r ba386fd2bf17 xen/common/memory.c --- a/xen/common/memory.c Fri Jan 11 10:06:43 2013 +0000 +++ b/xen/common/memory.c Fri Jan 11 10:07:19 2013 +0000 @@ -585,7 +585,8 @@ long do_memory_op(unsigned long cmd, XEN && (reservation.mem_flags & XENMEMF_populate_on_demand) ) args.memflags |= MEMF_populate_on_demand; - if ( unlikely(rcu_lock_target_domain_by_id(reservation.domid, &d)) ) + d = rcu_lock_domain_by_any_id(reservation.domid); + if ( d == NULL ) return start_extent; args.domain = d; @@ -634,9 +635,9 @@ long do_memory_op(unsigned long cmd, XEN if ( copy_from_guest(&domid, arg, 1) ) return -EFAULT; - rc = rcu_lock_target_domain_by_id(domid, &d); - if ( rc ) - return rc; + d = rcu_lock_domain_by_any_id(domid); + if ( d == NULL ) + return -ESRCH; rc = xsm_memory_stat_reservation(current->domain, d); if ( rc ) @@ -672,9 +673,9 @@ long do_memory_op(unsigned long cmd, XEN if ( copy_from_guest(&xrfp, arg, 1) ) return -EFAULT; - rc = rcu_lock_target_domain_by_id(xrfp.domid, &d); - if ( rc != 0 ) - return rc; + d = rcu_lock_domain_by_any_id(xrfp.domid); + if ( d == NULL ) + return -ESRCH; if ( xsm_remove_from_physmap(current->domain, d) ) { diff -r bf1e34d66558 -r ba386fd2bf17 xen/include/xsm/dummy.h --- a/xen/include/xsm/dummy.h Fri Jan 11 10:06:43 2013 +0000 +++ b/xen/include/xsm/dummy.h Fri Jan 11 10:07:19 2013 +0000 @@ -194,6 +194,8 @@ static XSM_INLINE int xsm_grant_unmapref static XSM_INLINE int xsm_grant_setup(struct domain *d1, struct domain *d2) { + if ( d1 != d2 && !IS_PRIV_FOR(d1, d2) ) + return -EPERM; return 0; } @@ -209,17 +211,23 @@ static XSM_INLINE int xsm_grant_copy(str static XSM_INLINE int xsm_grant_query_size(struct domain *d1, struct domain *d2) { + if ( d1 != d2 && !IS_PRIV_FOR(d1, d2) ) + return -EPERM; return 0; } static XSM_INLINE int xsm_memory_adjust_reservation(struct domain *d1, struct domain *d2) { + if ( d1 != d2 && !IS_PRIV_FOR(d1, d2) ) + return -EPERM; return 0; } static XSM_INLINE int xsm_memory_stat_reservation(struct domain *d1, struct domain *d2) { + if ( d1 != d2 && !IS_PRIV_FOR(d1, d2) ) + return -EPERM; return 0; } @@ -260,6 +268,8 @@ static XSM_INLINE int xsm_memory_pin_pag static XSM_INLINE int xsm_evtchn_unbound(struct domain *d, struct evtchn *chn, domid_t id2) { + if ( current->domain != d && !IS_PRIV_FOR(current->domain, d) ) + return -EPERM; return 0; } @@ -281,11 +291,15 @@ static XSM_INLINE int xsm_evtchn_send(st static XSM_INLINE int xsm_evtchn_status(struct domain *d, struct evtchn *chn) { + if ( current->domain != d && !IS_PRIV_FOR(current->domain, d) ) + return -EPERM; return 0; } static XSM_INLINE int xsm_evtchn_reset(struct domain *d1, struct domain *d2) { + if ( d1 != d2 && !IS_PRIV_FOR(d1, d2) ) + return -EPERM; return 0; } @@ -306,11 +320,15 @@ static XSM_INLINE char *xsm_show_securit static XSM_INLINE int xsm_get_pod_target(struct domain *d) { + if ( !IS_PRIV(current->domain) ) + return -EPERM; return 0; } static XSM_INLINE int xsm_set_pod_target(struct domain *d) { + if ( !IS_PRIV(current->domain) ) + return -EPERM; return 0; } @@ -481,26 +499,36 @@ static XSM_INLINE int xsm_machine_addres static XSM_INLINE int xsm_hvm_param(struct domain *d, unsigned long op) { + if ( current->domain != d && !IS_PRIV_FOR(current->domain, d) ) + return -EPERM; return 0; } static XSM_INLINE int xsm_hvm_set_pci_intx_level(struct domain *d) { + if ( !IS_PRIV_FOR(current->domain, d) ) + return -EPERM; return 0; } static XSM_INLINE int xsm_hvm_set_isa_irq_level(struct domain *d) { + if ( !IS_PRIV_FOR(current->domain, d) ) + return -EPERM; return 0; } static XSM_INLINE int xsm_hvm_set_pci_link_route(struct domain *d) { + if ( !IS_PRIV_FOR(current->domain, d) ) + return -EPERM; return 0; } static XSM_INLINE int xsm_hvm_inject_msi(struct domain *d) { + if ( !IS_PRIV_FOR(current->domain, d) ) + return -EPERM; return 0; } @@ -582,6 +610,8 @@ static XSM_INLINE int xsm_machine_memory static XSM_INLINE int xsm_domain_memory_map(struct domain *d) { + if ( current->domain != d && !IS_PRIV_FOR(current->domain, d) ) + return -EPERM; return 0; } @@ -605,11 +635,15 @@ static XSM_INLINE int xsm_update_va_mapp static XSM_INLINE int xsm_add_to_physmap(struct domain *d1, struct domain *d2) { + if ( d1 != d2 && !IS_PRIV_FOR(d1, d2) ) + return -EPERM; return 0; } static XSM_INLINE int xsm_remove_from_physmap(struct domain *d1, struct domain *d2) { + if ( d1 != d2 && !IS_PRIV_FOR(d1, d2) ) + return -EPERM; return 0; } _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGN-0007OO-I6; Wed, 16 Jan 2013 08:22:23 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGL-0007LJ-Ud for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:22 +0000 Received: from [85.158.139.83:48311] by server-12.bemta-5.messagelabs.com id DA/07-06173-D3366F05; Wed, 16 Jan 2013 08:22:21 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-2.tower-182.messagelabs.com!1358324529!27624533!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 17228 invoked from network); 16 Jan 2013 08:22:10 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-2.tower-182.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:10 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOG9-0003qu-HL for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOG9-0000Xz-4Y for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:09 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:08 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen: avoid calling rcu_lock_*target_domain when an XSM hook exists X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357898839 0 # Node ID ba386fd2bf17fd30e8215bedc3187c95b8eb9e6b # Parent bf1e34d665580679b02a67075f809d88f39646f8 xen: avoid calling rcu_lock_*target_domain when an XSM hook exists The rcu_lock_{,remote_}target_domain_by_id functions are wrappers around an IS_PRIV_FOR check for the current domain. This is now redundant with XSM hooks, so replace these calls with rcu_lock_domain_by_any_id or rcu_lock_remote_domain_by_id to remove the duplicate permission checks. When XSM_ENABLE is not defined or when the dummy XSM module is used, this patch should not change any functionality. Because the locations of privilege checks have sometimes moved below argument validation, error returns of some functions may change from EPERM to EINVAL when called with invalid arguments and from a domain without permission to perform the operation. Signed-off-by: Daniel De Graaf Acked-by: Jan Beulich Committed-by: Keir Fraser --- diff -r bf1e34d66558 -r ba386fd2bf17 xen/arch/x86/hvm/hvm.c --- a/xen/arch/x86/hvm/hvm.c Fri Jan 11 10:06:43 2013 +0000 +++ b/xen/arch/x86/hvm/hvm.c Fri Jan 11 10:07:19 2013 +0000 @@ -3388,7 +3388,7 @@ static int hvmop_set_pci_intx_level( if ( (op.domain > 0) || (op.bus > 0) || (op.device > 31) || (op.intx > 3) ) return -EINVAL; - rc = rcu_lock_remote_target_domain_by_id(op.domid, &d); + rc = rcu_lock_remote_domain_by_id(op.domid, &d); if ( rc != 0 ) return rc; @@ -3555,7 +3555,7 @@ static int hvmop_set_isa_irq_level( if ( op.isa_irq > 15 ) return -EINVAL; - rc = rcu_lock_remote_target_domain_by_id(op.domid, &d); + rc = rcu_lock_remote_domain_by_id(op.domid, &d); if ( rc != 0 ) return rc; @@ -3599,7 +3599,7 @@ static int hvmop_set_pci_link_route( if ( (op.link > 3) || (op.isa_irq > 15) ) return -EINVAL; - rc = rcu_lock_remote_target_domain_by_id(op.domid, &d); + rc = rcu_lock_remote_domain_by_id(op.domid, &d); if ( rc != 0 ) return rc; @@ -3629,7 +3629,7 @@ static int hvmop_inject_msi( if ( copy_from_guest(&op, uop, 1) ) return -EFAULT; - rc = rcu_lock_remote_target_domain_by_id(op.domid, &d); + rc = rcu_lock_remote_domain_by_id(op.domid, &d); if ( rc != 0 ) return rc; @@ -3726,9 +3726,9 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( a.index >= HVM_NR_PARAMS ) return -EINVAL; - rc = rcu_lock_target_domain_by_id(a.domid, &d); - if ( rc != 0 ) - return rc; + d = rcu_lock_domain_by_any_id(a.domid); + if ( d == NULL ) + return -ESRCH; rc = -EINVAL; if ( !is_hvm_domain(d) ) @@ -3972,7 +3972,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( copy_from_guest(&a, arg, 1) ) return -EFAULT; - rc = rcu_lock_remote_target_domain_by_id(a.domid, &d); + rc = rcu_lock_remote_domain_by_id(a.domid, &d); if ( rc != 0 ) return rc; @@ -4013,7 +4013,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( copy_from_guest(&a, arg, 1) ) return -EFAULT; - rc = rcu_lock_remote_target_domain_by_id(a.domid, &d); + rc = rcu_lock_remote_domain_by_id(a.domid, &d); if ( rc != 0 ) return rc; @@ -4078,9 +4078,9 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( copy_from_guest(&a, arg, 1) ) return -EFAULT; - rc = rcu_lock_target_domain_by_id(a.domid, &d); - if ( rc != 0 ) - return rc; + d = rcu_lock_domain_by_any_id(a.domid); + if ( d == NULL ) + return -ESRCH; rc = xsm_hvm_param(d, op); if ( rc ) @@ -4128,7 +4128,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( copy_from_guest(&a, arg, 1) ) return -EFAULT; - rc = rcu_lock_remote_target_domain_by_id(a.domid, &d); + rc = rcu_lock_remote_domain_by_id(a.domid, &d); if ( rc != 0 ) return rc; @@ -4221,7 +4221,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( copy_from_guest(&a, arg, 1) ) return -EFAULT; - rc = rcu_lock_remote_target_domain_by_id(a.domid, &d); + rc = rcu_lock_remote_domain_by_id(a.domid, &d); if ( rc != 0 ) return rc; @@ -4256,7 +4256,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( copy_from_guest(&a, arg, 1) ) return -EFAULT; - rc = rcu_lock_remote_target_domain_by_id(a.domid, &d); + rc = rcu_lock_remote_domain_by_id(a.domid, &d); if ( rc != 0 ) return rc; @@ -4292,9 +4292,9 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( copy_from_guest(&a, arg, 1) ) return -EFAULT; - rc = rcu_lock_target_domain_by_id(a.domid, &d); - if ( rc != 0 ) - return rc; + d = rcu_lock_domain_by_any_id(a.domid); + if ( d == NULL ) + return -ESRCH; rc = -EINVAL; if ( !is_hvm_domain(d) || !paging_mode_shadow(d) ) @@ -4346,7 +4346,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( copy_from_guest(&tr, arg, 1 ) ) return -EFAULT; - rc = rcu_lock_remote_target_domain_by_id(tr.domid, &d); + rc = rcu_lock_remote_domain_by_id(tr.domid, &d); if ( rc != 0 ) return rc; diff -r bf1e34d66558 -r ba386fd2bf17 xen/arch/x86/mm.c --- a/xen/arch/x86/mm.c Fri Jan 11 10:06:43 2013 +0000 +++ b/xen/arch/x86/mm.c Fri Jan 11 10:07:19 2013 +0000 @@ -4375,9 +4375,9 @@ long arch_memory_op(int op, XEN_GUEST_HA if ( copy_from_guest(&xatp, arg, 1) ) return -EFAULT; - rc = rcu_lock_target_domain_by_id(xatp.domid, &d); - if ( rc != 0 ) - return rc; + d = rcu_lock_domain_by_any_id(xatp.domid); + if ( d == NULL ) + return -ESRCH; if ( xsm_add_to_physmap(current->domain, d) ) { @@ -4414,9 +4414,9 @@ long arch_memory_op(int op, XEN_GUEST_HA if ( fmap.map.nr_entries > E820MAX ) return -EINVAL; - rc = rcu_lock_target_domain_by_id(fmap.domid, &d); - if ( rc != 0 ) - return rc; + d = rcu_lock_domain_by_any_id(fmap.domid); + if ( d == NULL ) + return -ESRCH; rc = xsm_domain_memory_map(d); if ( rc ) @@ -4569,16 +4569,12 @@ long arch_memory_op(int op, XEN_GUEST_HA struct domain *d; struct p2m_domain *p2m; - /* Support DOMID_SELF? */ - if ( !IS_PRIV(current->domain) ) - return -EPERM; - if ( copy_from_guest(&target, arg, 1) ) return -EFAULT; - rc = rcu_lock_target_domain_by_id(target.domid, &d); - if ( rc != 0 ) - return rc; + d = rcu_lock_domain_by_any_id(target.domid); + if ( d == NULL ) + return -ESRCH; if ( op == XENMEM_set_pod_target ) rc = xsm_set_pod_target(d); diff -r bf1e34d66558 -r ba386fd2bf17 xen/common/event_channel.c --- a/xen/common/event_channel.c Fri Jan 11 10:06:43 2013 +0000 +++ b/xen/common/event_channel.c Fri Jan 11 10:07:19 2013 +0000 @@ -165,9 +165,9 @@ static long evtchn_alloc_unbound(evtchn_ domid_t dom = alloc->dom; long rc; - rc = rcu_lock_target_domain_by_id(dom, &d); - if ( rc ) - return rc; + d = rcu_lock_domain_by_any_id(dom); + if ( d == NULL ) + return -ESRCH; spin_lock(&d->event_lock); @@ -798,9 +798,9 @@ static long evtchn_status(evtchn_status_ struct evtchn *chn; long rc = 0; - rc = rcu_lock_target_domain_by_id(dom, &d); - if ( rc ) - return rc; + d = rcu_lock_domain_by_any_id(dom); + if ( d == NULL ) + return -ESRCH; spin_lock(&d->event_lock); @@ -950,9 +950,9 @@ static long evtchn_reset(evtchn_reset_t struct domain *d; int i, rc; - rc = rcu_lock_target_domain_by_id(dom, &d); - if ( rc ) - return rc; + d = rcu_lock_domain_by_any_id(dom); + if ( d == NULL ) + return -ESRCH; rc = xsm_evtchn_reset(current->domain, d); if ( rc ) diff -r bf1e34d66558 -r ba386fd2bf17 xen/common/grant_table.c --- a/xen/common/grant_table.c Fri Jan 11 10:06:43 2013 +0000 +++ b/xen/common/grant_table.c Fri Jan 11 10:07:19 2013 +0000 @@ -230,30 +230,6 @@ double_gt_unlock(struct grant_table *lgt spin_unlock(&rgt->lock); } -static struct domain *gt_lock_target_domain_by_id(domid_t dom) -{ - struct domain *d; - int rc = GNTST_general_error; - - switch ( rcu_lock_target_domain_by_id(dom, &d) ) - { - case 0: - return d; - - case -ESRCH: - gdprintk(XENLOG_INFO, "Bad domid %d.\n", dom); - rc = GNTST_bad_domain; - break; - - case -EPERM: - rc = GNTST_permission_denied; - break; - } - - ASSERT(rc < 0 && -rc <= MAX_ERRNO); - return ERR_PTR(rc); -} - static inline int __get_maptrack_handle( struct grant_table *t) @@ -1352,11 +1328,12 @@ gnttab_setup_table( if ( !guest_handle_okay(op.frame_list, op.nr_frames) ) return -EFAULT; - d = gt_lock_target_domain_by_id(op.dom); - if ( IS_ERR(d) ) + d = rcu_lock_domain_by_any_id(op.dom); + if ( d == NULL ) { - op.status = PTR_ERR(d); - goto out1; + gdprintk(XENLOG_INFO, "Bad domid %d.\n", op.dom); + op.status = GNTST_bad_domain; + goto out2; } if ( xsm_grant_setup(current->domain, d) ) @@ -1421,10 +1398,11 @@ gnttab_query_size( return -EFAULT; } - d = gt_lock_target_domain_by_id(op.dom); - if ( IS_ERR(d) ) + d = rcu_lock_domain_by_any_id(op.dom); + if ( d == NULL ) { - op.status = PTR_ERR(d); + gdprintk(XENLOG_INFO, "Bad domid %d.\n", op.dom); + op.status = GNTST_bad_domain; goto query_out; } @@ -2296,10 +2274,10 @@ gnttab_get_status_frames(XEN_GUEST_HANDL return -EFAULT; } - d = gt_lock_target_domain_by_id(op.dom); - if ( IS_ERR(d) ) + d = rcu_lock_domain_by_any_id(op.dom); + if ( d == NULL ) { - op.status = PTR_ERR(d); + op.status = GNTST_bad_domain; goto out1; } rc = xsm_grant_setup(current->domain, d); @@ -2349,14 +2327,15 @@ gnttab_get_version(XEN_GUEST_HANDLE_PARA if ( copy_from_guest(&op, uop, 1) ) return -EFAULT; - rc = rcu_lock_target_domain_by_id(op.dom, &d); - if ( rc < 0 ) - return rc; - - if ( xsm_grant_query_size(current->domain, d) ) + d = rcu_lock_domain_by_any_id(op.dom); + if ( d == NULL ) + return -ESRCH; + + rc = xsm_grant_query_size(current->domain, d); + if ( rc ) { rcu_unlock_domain(d); - return -EPERM; + return rc; } op.version = d->grant_table->gt_version; diff -r bf1e34d66558 -r ba386fd2bf17 xen/common/memory.c --- a/xen/common/memory.c Fri Jan 11 10:06:43 2013 +0000 +++ b/xen/common/memory.c Fri Jan 11 10:07:19 2013 +0000 @@ -585,7 +585,8 @@ long do_memory_op(unsigned long cmd, XEN && (reservation.mem_flags & XENMEMF_populate_on_demand) ) args.memflags |= MEMF_populate_on_demand; - if ( unlikely(rcu_lock_target_domain_by_id(reservation.domid, &d)) ) + d = rcu_lock_domain_by_any_id(reservation.domid); + if ( d == NULL ) return start_extent; args.domain = d; @@ -634,9 +635,9 @@ long do_memory_op(unsigned long cmd, XEN if ( copy_from_guest(&domid, arg, 1) ) return -EFAULT; - rc = rcu_lock_target_domain_by_id(domid, &d); - if ( rc ) - return rc; + d = rcu_lock_domain_by_any_id(domid); + if ( d == NULL ) + return -ESRCH; rc = xsm_memory_stat_reservation(current->domain, d); if ( rc ) @@ -672,9 +673,9 @@ long do_memory_op(unsigned long cmd, XEN if ( copy_from_guest(&xrfp, arg, 1) ) return -EFAULT; - rc = rcu_lock_target_domain_by_id(xrfp.domid, &d); - if ( rc != 0 ) - return rc; + d = rcu_lock_domain_by_any_id(xrfp.domid); + if ( d == NULL ) + return -ESRCH; if ( xsm_remove_from_physmap(current->domain, d) ) { diff -r bf1e34d66558 -r ba386fd2bf17 xen/include/xsm/dummy.h --- a/xen/include/xsm/dummy.h Fri Jan 11 10:06:43 2013 +0000 +++ b/xen/include/xsm/dummy.h Fri Jan 11 10:07:19 2013 +0000 @@ -194,6 +194,8 @@ static XSM_INLINE int xsm_grant_unmapref static XSM_INLINE int xsm_grant_setup(struct domain *d1, struct domain *d2) { + if ( d1 != d2 && !IS_PRIV_FOR(d1, d2) ) + return -EPERM; return 0; } @@ -209,17 +211,23 @@ static XSM_INLINE int xsm_grant_copy(str static XSM_INLINE int xsm_grant_query_size(struct domain *d1, struct domain *d2) { + if ( d1 != d2 && !IS_PRIV_FOR(d1, d2) ) + return -EPERM; return 0; } static XSM_INLINE int xsm_memory_adjust_reservation(struct domain *d1, struct domain *d2) { + if ( d1 != d2 && !IS_PRIV_FOR(d1, d2) ) + return -EPERM; return 0; } static XSM_INLINE int xsm_memory_stat_reservation(struct domain *d1, struct domain *d2) { + if ( d1 != d2 && !IS_PRIV_FOR(d1, d2) ) + return -EPERM; return 0; } @@ -260,6 +268,8 @@ static XSM_INLINE int xsm_memory_pin_pag static XSM_INLINE int xsm_evtchn_unbound(struct domain *d, struct evtchn *chn, domid_t id2) { + if ( current->domain != d && !IS_PRIV_FOR(current->domain, d) ) + return -EPERM; return 0; } @@ -281,11 +291,15 @@ static XSM_INLINE int xsm_evtchn_send(st static XSM_INLINE int xsm_evtchn_status(struct domain *d, struct evtchn *chn) { + if ( current->domain != d && !IS_PRIV_FOR(current->domain, d) ) + return -EPERM; return 0; } static XSM_INLINE int xsm_evtchn_reset(struct domain *d1, struct domain *d2) { + if ( d1 != d2 && !IS_PRIV_FOR(d1, d2) ) + return -EPERM; return 0; } @@ -306,11 +320,15 @@ static XSM_INLINE char *xsm_show_securit static XSM_INLINE int xsm_get_pod_target(struct domain *d) { + if ( !IS_PRIV(current->domain) ) + return -EPERM; return 0; } static XSM_INLINE int xsm_set_pod_target(struct domain *d) { + if ( !IS_PRIV(current->domain) ) + return -EPERM; return 0; } @@ -481,26 +499,36 @@ static XSM_INLINE int xsm_machine_addres static XSM_INLINE int xsm_hvm_param(struct domain *d, unsigned long op) { + if ( current->domain != d && !IS_PRIV_FOR(current->domain, d) ) + return -EPERM; return 0; } static XSM_INLINE int xsm_hvm_set_pci_intx_level(struct domain *d) { + if ( !IS_PRIV_FOR(current->domain, d) ) + return -EPERM; return 0; } static XSM_INLINE int xsm_hvm_set_isa_irq_level(struct domain *d) { + if ( !IS_PRIV_FOR(current->domain, d) ) + return -EPERM; return 0; } static XSM_INLINE int xsm_hvm_set_pci_link_route(struct domain *d) { + if ( !IS_PRIV_FOR(current->domain, d) ) + return -EPERM; return 0; } static XSM_INLINE int xsm_hvm_inject_msi(struct domain *d) { + if ( !IS_PRIV_FOR(current->domain, d) ) + return -EPERM; return 0; } @@ -582,6 +610,8 @@ static XSM_INLINE int xsm_machine_memory static XSM_INLINE int xsm_domain_memory_map(struct domain *d) { + if ( current->domain != d && !IS_PRIV_FOR(current->domain, d) ) + return -EPERM; return 0; } @@ -605,11 +635,15 @@ static XSM_INLINE int xsm_update_va_mapp static XSM_INLINE int xsm_add_to_physmap(struct domain *d1, struct domain *d2) { + if ( d1 != d2 && !IS_PRIV_FOR(d1, d2) ) + return -EPERM; return 0; } static XSM_INLINE int xsm_remove_from_physmap(struct domain *d1, struct domain *d2) { + if ( d1 != d2 && !IS_PRIV_FOR(d1, d2) ) + return -EPERM; return 0; } _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGN-0007Nu-93; Wed, 16 Jan 2013 08:22:23 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGL-0007LM-QO for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:21 +0000 Received: from [85.158.143.99:32537] by server-1.bemta-4.messagelabs.com id E4/44-18740-D3366F05; Wed, 16 Jan 2013 08:22:21 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-14.tower-216.messagelabs.com!1358324539!18496200!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 21086 invoked from network); 16 Jan 2013 08:22:20 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-14.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:20 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGJ-0003rp-6u for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:19 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGJ-0000ca-5r for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:19 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:18 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] libxl: Set vfb and vkb devid if not done so by the caller X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jim Fehlig # Date 1357906946 0 # Node ID 84d87ca765be81c215ef3b67d2ed71acfba73553 # Parent 35a0556a7f76c9a6f616cfc9d5a82dccfe36b994 libxl: Set vfb and vkb devid if not done so by the caller Other devices set a sensible devid if the caller has not done so. Do the same for vfb and vkb. While at it, factor out the common code used to determine a sensible devid, so it can be used by other libxl__device_*_add functions. Signed-off-by: Jim Fehlig Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r 35a0556a7f76 -r 84d87ca765be tools/libxl/libxl.c --- a/tools/libxl/libxl.c Thu Jan 10 17:32:10 2013 +0000 +++ b/tools/libxl/libxl.c Fri Jan 11 12:22:26 2013 +0000 @@ -1710,6 +1710,26 @@ out: return; } +/* common function to get next device id */ +static int libxl__device_nextid(libxl__gc *gc, uint32_t domid, char *device) +{ + char *dompath, **l; + unsigned int nb; + int nextid = -1; + + if (!(dompath = libxl__xs_get_dompath(gc, domid))) + return nextid; + + l = libxl__xs_directory(gc, XBT_NULL, + GCSPRINTF("%s/device/%s", dompath, device), &nb); + if (l == NULL || nb == 0) + nextid = 0; + else + nextid = strtoul(l[nb - 1], NULL, 10) + 1; + + return nextid; +} + /******************************************************************************/ int libxl__device_vtpm_setdefault(libxl__gc *gc, libxl_device_vtpm *vtpm) { @@ -1741,8 +1761,7 @@ void libxl__device_vtpm_add(libxl__egc * flexarray_t *front; flexarray_t *back; libxl__device *device; - char *dompath, **l; - unsigned int nb, rc; + unsigned int rc; rc = libxl__device_vtpm_setdefault(gc, vtpm); if (rc) goto out; @@ -1750,18 +1769,11 @@ void libxl__device_vtpm_add(libxl__egc * front = flexarray_make(gc, 16, 1); back = flexarray_make(gc, 16, 1); - if(vtpm->devid == -1) { - if (!(dompath = libxl__xs_get_dompath(gc, domid))) { + if (vtpm->devid == -1) { + if ((vtpm->devid = libxl__device_nextid(gc, domid, "vtpm") < 0)) { rc = ERROR_FAIL; goto out; } - l = libxl__xs_directory(gc, XBT_NULL, - GCSPRINTF("%s/device/vtpm", dompath), &nb); - if(l == NULL || nb == 0) { - vtpm->devid = 0; - } else { - vtpm->devid = strtoul(l[nb - 1], NULL, 10) + 1; - } } GCNEW(device); @@ -2808,8 +2820,7 @@ void libxl__device_nic_add(libxl__egc *e flexarray_t *front; flexarray_t *back; libxl__device *device; - char *dompath, **l; - unsigned int nb, rc; + unsigned int rc; rc = libxl__device_nic_setdefault(gc, nic, domid); if (rc) goto out; @@ -2818,16 +2829,10 @@ void libxl__device_nic_add(libxl__egc *e back = flexarray_make(gc, 16, 1); if (nic->devid == -1) { - if (!(dompath = libxl__xs_get_dompath(gc, domid))) { + if ((nic->devid = libxl__device_nextid(gc, domid, "vif") < 0)) { rc = ERROR_FAIL; goto out; } - if (!(l = libxl__xs_directory(gc, XBT_NULL, - libxl__sprintf(gc, "%s/device/vif", dompath), &nb))) { - nic->devid = 0; - } else { - nic->devid = strtoul(l[nb - 1], NULL, 10) + 1; - } } GCNEW(device); @@ -3192,6 +3197,13 @@ int libxl__device_vkb_add(libxl__gc *gc, front = flexarray_make(gc, 16, 1); back = flexarray_make(gc, 16, 1); + if (vkb->devid == -1) { + if ((vkb->devid = libxl__device_nextid(gc, domid, "vkb") < 0)) { + rc = ERROR_FAIL; + goto out; + } + } + rc = libxl__device_from_vkb(gc, domid, vkb, &device); if (rc != 0) goto out; @@ -3282,6 +3294,13 @@ int libxl__device_vfb_add(libxl__gc *gc, front = flexarray_make(gc, 16, 1); back = flexarray_make(gc, 16, 1); + if (vfb->devid == -1) { + if ((vfb->devid = libxl__device_nextid(gc, domid, "vfb") < 0)) { + rc = ERROR_FAIL; + goto out; + } + } + rc = libxl__device_from_vfb(gc, domid, vfb, &device); if (rc != 0) goto out; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGN-0007PF-Tt; Wed, 16 Jan 2013 08:22:23 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGM-0007Mg-S3 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:23 +0000 Received: from [85.158.139.211:28844] by server-10.bemta-5.messagelabs.com id F1/D4-18175-E3366F05; Wed, 16 Jan 2013 08:22:22 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-13.tower-206.messagelabs.com!1358324540!14331162!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 8535 invoked from network); 16 Jan 2013 08:22:21 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-13.tower-206.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:21 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGK-0003rv-AC for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:20 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGK-0000d4-5i for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:20 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:19 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] fix wrong path while calling pygrub and libxl-save-helper X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Bamvor Jian Zhang # Date 1357906948 0 # Node ID 2ad5792b4274d76ced39515cbd3f84898b181768 # Parent ba2d73234d73fc0faa027cd9bdfd3ac90642733c fix wrong path while calling pygrub and libxl-save-helper in current xen x86_64, the default libexec directory is /usr/lib/xen/bin, while the private binder is /usr/lib64/xen/bin. but some commands(pygrub, libxl-save-helper) located in private binder directory is called from libexec directory which lead to the following error: 1, for pygrub bootloader: libxl: debug: libxl_bootloader.c:429:bootloader_disk_attached_cb: /usr/lib/xen/bin/pygrub doesn't exist, falling back to config path 2, for libxl-save-helper: libxl: cannot execute /usr/lib/xen/bin/libxl-save-helper: No such file or directory libxl: error: libxl_utils.c:363:libxl_read_exactly: file/stream truncated reading ipc msg header from domain 3 save/restore helper stdout pipe libxl: error: libxl_exec.c:118:libxl_report_child_exitstatus: domain 3 save/restore helper [10222] exited with error status 255 there are two ways to fix above error. the first one is make such command store in the /usr/lib/xen/bin and /usr/lib64/xen/bin(symbol link to previous), e.g. qemu-dm. The second way is using private binder dir instead of libexec dir. e.g. xenconsole. For these cases, the latter one is suitable. Signed-off-by: Bamvor Jian Zhang Committed-by: Ian Campbell --- diff -r ba2d73234d73 -r 2ad5792b4274 tools/libxl/libxl_bootloader.c --- a/tools/libxl/libxl_bootloader.c Fri Jan 11 12:22:27 2013 +0000 +++ b/tools/libxl/libxl_bootloader.c Fri Jan 11 12:22:28 2013 +0000 @@ -419,7 +419,7 @@ static void bootloader_disk_attached_cb( const char *bltmp; struct stat st; - bltmp = libxl__abs_path(gc, bootloader, libxl__libexec_path()); + bltmp = libxl__abs_path(gc, bootloader, libxl__private_bindir_path()); /* Check to see if the file exists in this location; if not, * fall back to checking the path */ LOG(DEBUG, "Checking for bootloader in libexec path: %s", bltmp); diff -r ba2d73234d73 -r 2ad5792b4274 tools/libxl/libxl_save_callout.c --- a/tools/libxl/libxl_save_callout.c Fri Jan 11 12:22:27 2013 +0000 +++ b/tools/libxl/libxl_save_callout.c Fri Jan 11 12:22:28 2013 +0000 @@ -172,7 +172,7 @@ static void run_helper(libxl__egc *egc, shs->stdout_what = GCSPRINTF("domain %"PRIu32" save/restore helper" " stdout pipe", domid); - *arg++ = getenv("LIBXL_SAVE_HELPER") ?: LIBEXEC "/" "libxl-save-helper"; + *arg++ = getenv("LIBXL_SAVE_HELPER") ?: PRIVATE_BINDIR "/" "libxl-save-helper"; *arg++ = mode_arg; const char **stream_fd_arg = arg++; for (i=0; i Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGN-0007PF-Tt; Wed, 16 Jan 2013 08:22:23 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGM-0007Mg-S3 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:23 +0000 Received: from [85.158.139.211:28844] by server-10.bemta-5.messagelabs.com id F1/D4-18175-E3366F05; Wed, 16 Jan 2013 08:22:22 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-13.tower-206.messagelabs.com!1358324540!14331162!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 8535 invoked from network); 16 Jan 2013 08:22:21 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-13.tower-206.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:21 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGK-0003rv-AC for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:20 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGK-0000d4-5i for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:20 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:19 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] fix wrong path while calling pygrub and libxl-save-helper X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Bamvor Jian Zhang # Date 1357906948 0 # Node ID 2ad5792b4274d76ced39515cbd3f84898b181768 # Parent ba2d73234d73fc0faa027cd9bdfd3ac90642733c fix wrong path while calling pygrub and libxl-save-helper in current xen x86_64, the default libexec directory is /usr/lib/xen/bin, while the private binder is /usr/lib64/xen/bin. but some commands(pygrub, libxl-save-helper) located in private binder directory is called from libexec directory which lead to the following error: 1, for pygrub bootloader: libxl: debug: libxl_bootloader.c:429:bootloader_disk_attached_cb: /usr/lib/xen/bin/pygrub doesn't exist, falling back to config path 2, for libxl-save-helper: libxl: cannot execute /usr/lib/xen/bin/libxl-save-helper: No such file or directory libxl: error: libxl_utils.c:363:libxl_read_exactly: file/stream truncated reading ipc msg header from domain 3 save/restore helper stdout pipe libxl: error: libxl_exec.c:118:libxl_report_child_exitstatus: domain 3 save/restore helper [10222] exited with error status 255 there are two ways to fix above error. the first one is make such command store in the /usr/lib/xen/bin and /usr/lib64/xen/bin(symbol link to previous), e.g. qemu-dm. The second way is using private binder dir instead of libexec dir. e.g. xenconsole. For these cases, the latter one is suitable. Signed-off-by: Bamvor Jian Zhang Committed-by: Ian Campbell --- diff -r ba2d73234d73 -r 2ad5792b4274 tools/libxl/libxl_bootloader.c --- a/tools/libxl/libxl_bootloader.c Fri Jan 11 12:22:27 2013 +0000 +++ b/tools/libxl/libxl_bootloader.c Fri Jan 11 12:22:28 2013 +0000 @@ -419,7 +419,7 @@ static void bootloader_disk_attached_cb( const char *bltmp; struct stat st; - bltmp = libxl__abs_path(gc, bootloader, libxl__libexec_path()); + bltmp = libxl__abs_path(gc, bootloader, libxl__private_bindir_path()); /* Check to see if the file exists in this location; if not, * fall back to checking the path */ LOG(DEBUG, "Checking for bootloader in libexec path: %s", bltmp); diff -r ba2d73234d73 -r 2ad5792b4274 tools/libxl/libxl_save_callout.c --- a/tools/libxl/libxl_save_callout.c Fri Jan 11 12:22:27 2013 +0000 +++ b/tools/libxl/libxl_save_callout.c Fri Jan 11 12:22:28 2013 +0000 @@ -172,7 +172,7 @@ static void run_helper(libxl__egc *egc, shs->stdout_what = GCSPRINTF("domain %"PRIu32" save/restore helper" " stdout pipe", domid); - *arg++ = getenv("LIBXL_SAVE_HELPER") ?: LIBEXEC "/" "libxl-save-helper"; + *arg++ = getenv("LIBXL_SAVE_HELPER") ?: PRIVATE_BINDIR "/" "libxl-save-helper"; *arg++ = mode_arg; const char **stream_fd_arg = arg++; for (i=0; i Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGN-0007NS-0M; Wed, 16 Jan 2013 08:22:23 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGL-0007Ke-2J for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:21 +0000 Received: from [85.158.137.99:9263] by server-12.bemta-3.messagelabs.com id 61/D7-22577-C3366F05; Wed, 16 Jan 2013 08:22:20 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-6.tower-217.messagelabs.com!1358324532!12001687!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 29957 invoked from network); 16 Jan 2013 08:22:14 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-6.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:14 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGC-0003rF-OH for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:12 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGC-0000Zg-Mu for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:12 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:12 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xsm/flask: add distinct SIDs for self/target access X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357900719 0 # Node ID b0ab408cb0b9e668edcc9340f7688f6fb3d998dd # Parent 5df501c84253e655838d3fc9a0dcd75a24ae9f25 xsm/flask: add distinct SIDs for self/target access Because the FLASK XSM module no longer checks IS_PRIV for remote domain accesses covered by XSM permissions, domains now have the ability to perform memory management and other functions on all domains that have the same type. While it is possible to prevent this by only creating one domain per type, this solution significantly limits the flexibility of the type system. This patch introduces a domain type transition to represent a domain that is operating on itself. In the example policy, this is demonstrated by creating a type with _self appended when declaring a domain type which will be used for reflexive operations. AVCs for a domain of type domU_t will look like the following: scontext=system_u:system_r:domU_t tcontext=system_u:system_r:domU_t_self This change also allows policy to distinguish between event channels a domain creates to itself and event channels created between domains of the same type. The IS_PRIV_FOR check used for device model domains is also no longer checked by FLASK; a similar transition is performed when the target is set and used when the device model accesses its target domain. Signed-off-by: Daniel De Graaf Committed-by: Keir Fraser --- diff -r 5df501c84253 -r b0ab408cb0b9 docs/misc/xsm-flask.txt --- a/docs/misc/xsm-flask.txt Fri Jan 11 10:37:47 2013 +0000 +++ b/docs/misc/xsm-flask.txt Fri Jan 11 10:38:39 2013 +0000 @@ -68,9 +68,43 @@ HVM domains with stubdomain device model - dm_dom_t is the device model for a domain with type domHVM_t One disadvantage of using type enforcement to enforce isolation is that a new -type is needed for each group of domains. In addition, it is not possible to -allow isolated_domU_t cannot to create loopback event channels without allowing -two domains of type isolated_domU_t to communicate with one another. +type is needed for each group of domains. The user field can be used to address +this for the most common case of groups that can communicate internally but not +externally; see "Users and roles" below. + +Type transitions +---------------- + +Xen defines a number of operations such as memory mapping that are necessary for +a domain to perform on itself, but are also undesirable to allow a domain to +perform on every other domain of the same label. While it is possible to address +this by only creating one domain per type, this solution significantly limits +the flexibility of the type system. Another method to address this issue is to +duplicate the permission names for every operation that can be performed on the +current domain or on other domains; however, this significantly increases the +necessary number of permissions and complicates the XSM hooks. Instead, this is +addressed by allowing a distinct type to be used for a domain's access to +itself. The same applies for a device model domain's access to its designated +target, allowing the IS_PRIV_FOR checks used in Xen's DAC model to be +implemented in FLASK. + +Upon domain creation (or relabel), a type transition is computed using the +domain's label as the source and target. The result of this computation is used +as the target when the domain accesses itself. In the example policy, this +computed type is the result of appending _self to a domain's type: domU_t_self +for domU_t. If no type transition rule exists, the domain will continue to use +its own label for both the source and target. An AVC message will look like: + + scontext=system_u:system_r:domU_t tcontext=system_u:system_r:domU_t_self + +A similar type transition is done when a device model domain is associated with +its target using the set_target operation. The transition is computed with the +target domain as the source and the device model domain as the target: this +ordering was chosen in order to preserve the original label for the target when +no type transition rule exists. In the example policy, these computed types are +the result of appending _target to the domain. + +Type transitions are also used to compute the labels of event channels. Users and roles --------------- @@ -84,7 +118,8 @@ the customer_1 user. Access control rules involving users and roles are defined in the policy constraints file (tools/flask/policy/policy/constraints). The example policy provides constraints that prevent different users from communicating using -grants or event channels, while still allowing communication with dom0. +grants or event channels, while still allowing communication with the system_u +user where dom0 resides. Resource Policy --------------- diff -r 5df501c84253 -r b0ab408cb0b9 tools/flask/policy/policy/modules/xen/xen.if --- a/tools/flask/policy/policy/modules/xen/xen.if Fri Jan 11 10:37:47 2013 +0000 +++ b/tools/flask/policy/policy/modules/xen/xen.if Fri Jan 11 10:38:39 2013 +0000 @@ -5,15 +5,34 @@ # Domain creation and setup # ################################################################################ +define(`declare_domain_common', ` + allow $1 $2:grant { query setup }; + allow $1 $2:mmu { adjust physmap map_read map_write stat pinpage updatemp }; + allow $1 $2:hvm { getparam setparam }; +') + # declare_domain(type, attrs...) -# Declare a type as a domain type, and allow basic domain setup +# Declare a domain type, along with associated _self and _channel types +# Allow the domain to perform basic operations on itself define(`declare_domain', ` type $1, domain_type`'ifelse(`$#', `1', `', `,shift($@)'); + type $1_self, domain_type, domain_self_type; + type_transition $1 $1:domain $1_self; + type $1_channel, event_type; + type_transition $1 domain_type:event $1_channel; + declare_domain_common($1, $1_self) +') + +# declare_singleton_domain(type, attrs...) +# Declare a domain type and associated _channel types. +# Note: Because the domain can perform basic operations on itself and any +# other domain of the same type, this constructor should be used for types +# containing at most one domain. This is not enforced by policy. +define(`declare_singleton_domain', ` + type $1, domain_type`'ifelse(`$#', `1', `', `,shift($@)'); type $1_channel, event_type; type_transition $1 domain_type:event $1_channel; - allow $1 $1:grant { query setup }; - allow $1 $1:mmu { adjust physmap map_read map_write stat pinpage }; - allow $1 $1:hvm { getparam setparam }; + declare_domain_common($1, $1) ') # declare_build_label(type) @@ -51,6 +70,7 @@ define(`create_domain_build_label', ` allow $1 $2_channel:event create; allow $1 $2_building:domain2 relabelfrom; allow $1 $2:domain2 relabelto; + allow $2_building $2:domain transition; ') # manage_domain(priv, target) @@ -101,20 +121,36 @@ define(`domain_comms', ` ') # domain_self_comms(domain) -# Allow a domain types to communicate with others of its type using grants -# and event channels (this includes event channels to DOMID_SELF) +# Allow a non-singleton domain type to communicate with itself using grants +# and event channels define(`domain_self_comms', ` - create_channel($1, $1, $1_channel) - allow $1 $1:grant { map_read map_write copy unmap }; + create_channel($1, $1_self, $1_channel) + allow $1 $1_self:grant { map_read map_write copy unmap }; ') # device_model(dm_dom, hvm_dom) # Define how a device model domain interacts with its target define(`device_model', ` - domain_comms($1, $2) - allow $1 $2:domain { set_target shutdown }; - allow $1 $2:mmu { map_read map_write adjust physmap }; - allow $1 $2:hvm { getparam setparam trackdirtyvram hvmctl irqlevel pciroute cacheattr send_irq }; + type $2_target, domain_type, domain_target_type; + type_transition $2 $1:domain $2_target; + allow $1 $2:domain set_target; + + type_transition $2_target domain_type:event $2_channel; + create_channel($1, $2_target, $1_channel) + create_channel($2, $1, $2_channel) + allow $1 $2_channel:event create; + + allow $1 $2_target:domain shutdown; + allow $1 $2_target:mmu { map_read map_write adjust physmap }; + allow $1 $2_target:hvm { getparam setparam trackdirtyvram hvmctl irqlevel pciroute cacheattr send_irq }; +') + +# make_device_model(priv, dm_dom, hvm_dom) +# Allow creation of a device model and HVM domain pair +define(`make_device_model', ` + device_model($2, $3) + allow $1 $2:domain2 make_priv_for; + allow $1 $3:domain2 set_as_target; ') ################################################################################ # diff -r 5df501c84253 -r b0ab408cb0b9 tools/flask/policy/policy/modules/xen/xen.te --- a/tools/flask/policy/policy/modules/xen/xen.te Fri Jan 11 10:37:47 2013 +0000 +++ b/tools/flask/policy/policy/modules/xen/xen.te Fri Jan 11 10:38:39 2013 +0000 @@ -8,6 +8,8 @@ ################################################################################ attribute xen_type; attribute domain_type; +attribute domain_self_type; +attribute domain_target_type; attribute resource_type; attribute event_type; attribute mls_priv; @@ -25,7 +27,7 @@ attribute mls_priv; type xen_t, xen_type, mls_priv; # Domain 0 -declare_domain(dom0_t, mls_priv); +declare_singleton_domain(dom0_t, mls_priv); # Untracked I/O memory (pseudo-domain) type domio_t, xen_type; @@ -69,7 +71,7 @@ admin_device(dom0_t, ioport_t) admin_device(dom0_t, iomem_t) allow dom0_t domio_t:mmu { map_read map_write }; -domain_self_comms(dom0_t) +domain_comms(dom0_t, dom0_t) auditallow dom0_t security_t:security { load_policy setenforce setbool }; @@ -84,11 +86,14 @@ domain_self_comms(domU_t) create_domain(dom0_t, domU_t) manage_domain(dom0_t, domU_t) domain_comms(dom0_t, domU_t) +domain_comms(domU_t, domU_t) +domain_self_comms(domU_t) declare_domain(isolated_domU_t) create_domain(dom0_t, isolated_domU_t) manage_domain(dom0_t, isolated_domU_t) domain_comms(dom0_t, isolated_domU_t) +domain_self_comms(isolated_domU_t) # Declare a boolean that denies creation of prot_domU_t domains gen_bool(prot_doms_locked, false) @@ -98,6 +103,8 @@ if (!prot_doms_locked) { } domain_comms(dom0_t, prot_domU_t) domain_comms(domU_t, prot_domU_t) +domain_comms(prot_domU_t, prot_domU_t) +domain_self_comms(prot_domU_t) # domHVM_t is meant to be paired with a qemu-dm stub domain of type dm_dom_t declare_domain(domHVM_t) @@ -110,7 +117,7 @@ declare_domain(dm_dom_t) create_domain(dom0_t, dm_dom_t) manage_domain(dom0_t, dm_dom_t) domain_comms(dom0_t, dm_dom_t) -device_model(dm_dom_t, domHVM_t) +make_device_model(dom0_t, dm_dom_t, domHVM_t) # nomigrate_t must be built via the nomigrate_t_building label; once built, # dom0 cannot read its memory. diff -r 5df501c84253 -r b0ab408cb0b9 xen/xsm/flask/flask_op.c --- a/xen/xsm/flask/flask_op.c Fri Jan 11 10:37:47 2013 +0000 +++ b/xen/xsm/flask/flask_op.c Fri Jan 11 10:38:39 2013 +0000 @@ -612,6 +612,15 @@ static int flask_relabel_domain(struct x goto out; dsec->sid = arg->sid; + dsec->self_sid = arg->sid; + security_transition_sid(dsec->sid, dsec->sid, SECCLASS_DOMAIN, + &dsec->self_sid); + if ( d->target ) + { + struct domain_security_struct *tsec = d->target->ssid; + security_transition_sid(tsec->sid, dsec->sid, SECCLASS_DOMAIN, + &dsec->target_sid); + } out: rcu_unlock_domain(d); diff -r 5df501c84253 -r b0ab408cb0b9 xen/xsm/flask/hooks.c --- a/xen/xsm/flask/hooks.c Fri Jan 11 10:37:47 2013 +0000 +++ b/xen/xsm/flask/hooks.c Fri Jan 11 10:38:39 2013 +0000 @@ -33,38 +33,69 @@ struct xsm_operations *original_ops = NULL; +static u32 domain_sid(struct domain *dom) +{ + struct domain_security_struct *dsec = dom->ssid; + return dsec->sid; +} + +static u32 domain_target_sid(struct domain *src, struct domain *dst) +{ + struct domain_security_struct *ssec = src->ssid; + struct domain_security_struct *dsec = dst->ssid; + if (src == dst) + return ssec->self_sid; + if (src->target == dst) + return ssec->target_sid; + return dsec->sid; +} + +static u32 evtchn_sid(const struct evtchn *chn) +{ + struct evtchn_security_struct *esec = chn->ssid; + return esec->sid; +} + static int domain_has_perm(struct domain *dom1, struct domain *dom2, u16 class, u32 perms) { - struct domain_security_struct *dsec1, *dsec2; + u32 ssid, tsid; struct avc_audit_data ad; AVC_AUDIT_DATA_INIT(&ad, NONE); ad.sdom = dom1; ad.tdom = dom2; - dsec1 = dom1->ssid; - dsec2 = dom2->ssid; + ssid = domain_sid(dom1); + tsid = domain_target_sid(dom1, dom2); - return avc_has_perm(dsec1->sid, dsec2->sid, class, perms, &ad); + return avc_has_perm(ssid, tsid, class, perms, &ad); +} + +static int avc_current_has_perm(u32 tsid, u16 class, u32 perm, + struct avc_audit_data *ad) +{ + u32 csid = domain_sid(current->domain); + return avc_has_perm(csid, tsid, class, perm, ad); +} + +static int current_has_perm(struct domain *d, u16 class, u32 perms) +{ + return domain_has_perm(current->domain, d, class, perms); } static int domain_has_evtchn(struct domain *d, struct evtchn *chn, u32 perms) { - struct domain_security_struct *dsec; - struct evtchn_security_struct *esec; + u32 dsid = domain_sid(d); + u32 esid = evtchn_sid(chn); - dsec = d->ssid; - esec = chn->ssid; - - return avc_has_perm(dsec->sid, esec->sid, SECCLASS_EVENT, perms, NULL); + return avc_has_perm(dsid, esid, SECCLASS_EVENT, perms, NULL); } static int domain_has_xen(struct domain *d, u32 perms) { - struct domain_security_struct *dsec; - dsec = d->ssid; + u32 dsid = domain_sid(d); - return avc_has_perm(dsec->sid, SECINITSID_XEN, SECCLASS_XEN, perms, NULL); + return avc_has_perm(dsid, SECINITSID_XEN, SECCLASS_XEN, perms, NULL); } static int get_irq_sid(int irq, u32 *sid, struct avc_audit_data *ad) @@ -123,6 +154,7 @@ static int flask_domain_alloc_security(s dsec->sid = SECINITSID_UNLABELED; } + dsec->self_sid = dsec->sid; d->ssid = dsec; return 0; @@ -142,68 +174,55 @@ static void flask_domain_free_security(s static int flask_evtchn_unbound(struct domain *d1, struct evtchn *chn, domid_t id2) { - u32 newsid; + u32 sid1, sid2, newsid; int rc; - domid_t id; struct domain *d2; - struct domain_security_struct *dsec, *dsec1, *dsec2; struct evtchn_security_struct *esec; - dsec = current->domain->ssid; - dsec1 = d1->ssid; - esec = chn->ssid; - - if ( id2 == DOMID_SELF ) - id = current->domain->domain_id; - else - id = id2; - - d2 = get_domain_by_id(id); + d2 = rcu_lock_domain_by_any_id(id2); if ( d2 == NULL ) return -EPERM; - dsec2 = d2->ssid; - rc = security_transition_sid(dsec1->sid, dsec2->sid, SECCLASS_EVENT, - &newsid); + sid1 = domain_sid(d1); + sid2 = domain_target_sid(d1, d2); + esec = chn->ssid; + + rc = security_transition_sid(sid1, sid2, SECCLASS_EVENT, &newsid); if ( rc ) goto out; - rc = avc_has_perm(dsec->sid, newsid, SECCLASS_EVENT, EVENT__CREATE, NULL); + rc = avc_current_has_perm(newsid, SECCLASS_EVENT, EVENT__CREATE, NULL); if ( rc ) goto out; - rc = avc_has_perm(newsid, dsec2->sid, SECCLASS_EVENT, EVENT__BIND, NULL); + rc = avc_has_perm(newsid, sid2, SECCLASS_EVENT, EVENT__BIND, NULL); if ( rc ) goto out; - else - esec->sid = newsid; + + esec->sid = newsid; out: - put_domain(d2); + rcu_unlock_domain(d2); return rc; } static int flask_evtchn_interdomain(struct domain *d1, struct evtchn *chn1, struct domain *d2, struct evtchn *chn2) { - u32 newsid; + u32 sid1, sid2, newsid, reverse_sid; int rc; - struct domain_security_struct *dsec, *dsec1, *dsec2; - struct evtchn_security_struct *esec1, *esec2; + struct evtchn_security_struct *esec1; struct avc_audit_data ad; AVC_AUDIT_DATA_INIT(&ad, NONE); ad.sdom = d1; ad.tdom = d2; - dsec = current->domain->ssid; - dsec1 = d1->ssid; - dsec2 = d2->ssid; + sid1 = domain_sid(d1); + sid2 = domain_target_sid(d1, d2); esec1 = chn1->ssid; - esec2 = chn2->ssid; - rc = security_transition_sid(dsec1->sid, dsec2->sid, - SECCLASS_EVENT, &newsid); + rc = security_transition_sid(sid1, sid2, SECCLASS_EVENT, &newsid); if ( rc ) { printk("%s: security_transition_sid failed, rc=%d (domain=%d)\n", @@ -211,15 +230,20 @@ static int flask_evtchn_interdomain(stru return rc; } - rc = avc_has_perm(dsec->sid, newsid, SECCLASS_EVENT, EVENT__CREATE, &ad); + rc = avc_current_has_perm(newsid, SECCLASS_EVENT, EVENT__CREATE, &ad); if ( rc ) return rc; - rc = avc_has_perm(newsid, dsec2->sid, SECCLASS_EVENT, EVENT__BIND, &ad); + rc = avc_has_perm(newsid, sid2, SECCLASS_EVENT, EVENT__BIND, &ad); if ( rc ) return rc; - rc = avc_has_perm(esec2->sid, dsec1->sid, SECCLASS_EVENT, EVENT__BIND, &ad); + /* It's possible the target domain has changed (relabel or destroy/create) + * since the unbound part was created; re-validate this binding now. + */ + reverse_sid = evtchn_sid(chn2); + sid1 = domain_target_sid(d2, d1); + rc = avc_has_perm(reverse_sid, sid1, SECCLASS_EVENT, EVENT__BIND, &ad); if ( rc ) return rc; @@ -302,7 +326,6 @@ static void flask_free_security_evtchn(s static char *flask_show_security_evtchn(struct domain *d, const struct evtchn *chn) { - struct evtchn_security_struct *esec; int irq; u32 sid = 0; char *ctx; @@ -312,9 +335,7 @@ static char *flask_show_security_evtchn( { case ECS_UNBOUND: case ECS_INTERDOMAIN: - esec = chn->ssid; - if ( esec ) - sid = esec->sid; + sid = evtchn_sid(chn); break; case ECS_PIRQ: irq = domain_pirq_to_irq(d, chn->u.pirq.irq); @@ -367,12 +388,12 @@ static int flask_grant_query_size(struct static int flask_get_pod_target(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__GETPODTARGET); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETPODTARGET); } static int flask_set_pod_target(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__SETPODTARGET); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETPODTARGET); } static int flask_memory_adjust_reservation(struct domain *d1, struct domain *d2) @@ -455,70 +476,65 @@ static int flask_schedop_shutdown(struct static void flask_security_domaininfo(struct domain *d, struct xen_domctl_getdomaininfo *info) { - struct domain_security_struct *dsec; - - dsec = d->ssid; - info->ssidref = dsec->sid; + info->ssidref = domain_sid(d); } static int flask_setvcpucontext(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__SETVCPUCONTEXT); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETVCPUCONTEXT); } static int flask_pausedomain(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__PAUSE); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__PAUSE); } static int flask_unpausedomain(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__UNPAUSE); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__UNPAUSE); } static int flask_resumedomain(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__RESUME); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__RESUME); } static int flask_domain_create(struct domain *d, u32 ssidref) { int rc; - struct domain_security_struct *dsec1; - struct domain_security_struct *dsec2; + struct domain_security_struct *dsec = d->ssid; static int dom0_created = 0; - dsec1 = current->domain->ssid; - dsec2 = d->ssid; - if ( is_idle_domain(current->domain) && !dom0_created ) { - dsec2->sid = SECINITSID_DOM0; + dsec->sid = SECINITSID_DOM0; dom0_created = 1; - return 0; } + else + { + rc = avc_current_has_perm(ssidref, SECCLASS_DOMAIN, + DOMAIN__CREATE, NULL); + if ( rc ) + return rc; - rc = avc_has_perm(dsec1->sid, ssidref, SECCLASS_DOMAIN, - DOMAIN__CREATE, NULL); - if ( rc ) - return rc; + dsec->sid = ssidref; + } + dsec->self_sid = dsec->sid; - dsec2->sid = ssidref; + rc = security_transition_sid(dsec->sid, dsec->sid, SECCLASS_DOMAIN, + &dsec->self_sid); return rc; } static int flask_max_vcpus(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__MAX_VCPUS); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__MAX_VCPUS); } static int flask_destroydomain(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__DESTROY); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__DESTROY); } static int flask_vcpuaffinity(int cmd, struct domain *d) @@ -537,7 +553,7 @@ static int flask_vcpuaffinity(int cmd, s return -EPERM; } - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, perm ); + return current_has_perm(d, SECCLASS_DOMAIN, perm ); } static int flask_scheduler(struct domain *d) @@ -548,43 +564,51 @@ static int flask_scheduler(struct domain if ( rc ) return rc; - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__SCHEDULER); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SCHEDULER); } static int flask_getdomaininfo(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__GETDOMAININFO); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETDOMAININFO); } static int flask_getvcpucontext(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__GETVCPUCONTEXT); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETVCPUCONTEXT); } static int flask_getvcpuinfo(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__GETVCPUINFO); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETVCPUINFO); } static int flask_domain_settime(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__SETTIME); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETTIME); } -static int flask_set_target(struct domain *d, struct domain *e) +static int flask_set_target(struct domain *d, struct domain *t) { int rc; - rc = domain_has_perm(current->domain, d, SECCLASS_DOMAIN2, DOMAIN2__MAKE_PRIV_FOR); + struct domain_security_struct *dsec, *tsec; + dsec = d->ssid; + tsec = t->ssid; + + rc = current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__MAKE_PRIV_FOR); if ( rc ) return rc; - rc = domain_has_perm(current->domain, e, SECCLASS_DOMAIN2, DOMAIN2__SET_AS_TARGET); + rc = current_has_perm(t, SECCLASS_DOMAIN2, DOMAIN2__SET_AS_TARGET); if ( rc ) return rc; - return domain_has_perm(d, e, SECCLASS_DOMAIN, DOMAIN__SET_TARGET); + /* Use avc_has_perm to avoid resolving target/current SID */ + rc = avc_has_perm(dsec->sid, tsec->sid, SECCLASS_DOMAIN, DOMAIN__SET_TARGET, NULL); + if ( rc ) + return rc; + + /* (tsec, dsec) defaults the label to tsec, as it should here */ + rc = security_transition_sid(tsec->sid, dsec->sid, SECCLASS_DOMAIN, + &dsec->target_sid); + return rc; } static int flask_domctl(struct domain *d, int cmd) @@ -655,26 +679,24 @@ static int flask_domctl(struct domain *d case XEN_DOMCTL_gdbsx_pausevcpu: case XEN_DOMCTL_gdbsx_unpausevcpu: case XEN_DOMCTL_gdbsx_domstatus: - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__SETDEBUGGING); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETDEBUGGING); case XEN_DOMCTL_subscribe: case XEN_DOMCTL_disable_migrate: case XEN_DOMCTL_suppress_spurious_page_faults: - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__SET_MISC_INFO); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SET_MISC_INFO); case XEN_DOMCTL_set_cpuid: - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN2, DOMAIN2__SET_CPUID); + return current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__SET_CPUID); case XEN_DOMCTL_gettscinfo: - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN2, DOMAIN2__GETTSC); + return current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__GETTSC); case XEN_DOMCTL_settscinfo: - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN2, DOMAIN2__SETTSC); + return current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__SETTSC); case XEN_DOMCTL_audit_p2m: - return domain_has_perm(current->domain, d, SECCLASS_HVM, HVM__AUDIT_P2M); + return current_has_perm(d, SECCLASS_HVM, HVM__AUDIT_P2M); default: printk("flask_domctl: Unknown op %d\n", cmd); @@ -716,7 +738,7 @@ static int flask_sysctl(int cmd) static int flask_set_virq_handler(struct domain *d, uint32_t virq) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__SET_VIRQ_HANDLER); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SET_VIRQ_HANDLER); } static int flask_tbufcontrol(void) @@ -741,20 +763,17 @@ static int flask_sched_id(void) static int flask_setdomainmaxmem(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__SETDOMAINMAXMEM); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETDOMAINMAXMEM); } static int flask_setdomainhandle(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__SETDOMAINHANDLE); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETDOMAINHANDLE); } static int flask_setdebugging(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__SETDEBUGGING); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETDEBUGGING); } static int flask_debug_keys(void) @@ -816,14 +835,12 @@ static char *flask_show_irq_sid (int irq static int flask_map_domain_pirq (struct domain *d, int irq, void *data) { - u32 sid; + u32 sid, dsid; int rc = -EPERM; struct msi_info *msi = data; - - struct domain_security_struct *ssec, *tsec; struct avc_audit_data ad; - rc = domain_has_perm(current->domain, d, SECCLASS_RESOURCE, RESOURCE__ADD); + rc = current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__ADD); if ( rc ) return rc; @@ -839,14 +856,13 @@ static int flask_map_domain_pirq (struct if ( rc ) return rc; - ssec = current->domain->ssid; - tsec = d->ssid; + dsid = domain_sid(d); - rc = avc_has_perm(ssec->sid, sid, SECCLASS_RESOURCE, RESOURCE__ADD_IRQ, &ad); + rc = avc_current_has_perm(sid, SECCLASS_RESOURCE, RESOURCE__ADD_IRQ, &ad); if ( rc ) return rc; - rc = avc_has_perm(tsec->sid, sid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); + rc = avc_has_perm(dsid, sid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); return rc; } @@ -854,16 +870,12 @@ static int flask_unmap_domain_pirq (stru { u32 sid; int rc = -EPERM; - - struct domain_security_struct *ssec; struct avc_audit_data ad; - rc = domain_has_perm(current->domain, d, SECCLASS_RESOURCE, RESOURCE__REMOVE); + rc = current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__REMOVE); if ( rc ) return rc; - ssec = current->domain->ssid; - if ( irq < nr_static_irqs ) { rc = get_irq_sid(irq, &sid, &ad); } else { @@ -874,19 +886,19 @@ static int flask_unmap_domain_pirq (stru if ( rc ) return rc; - rc = avc_has_perm(ssec->sid, sid, SECCLASS_RESOURCE, RESOURCE__REMOVE_IRQ, &ad); + rc = avc_current_has_perm(sid, SECCLASS_RESOURCE, RESOURCE__REMOVE_IRQ, &ad); return rc; } static int flask_irq_permission (struct domain *d, int pirq, uint8_t access) { /* the PIRQ number is not useful; real IRQ is checked during mapping */ - return domain_has_perm(current->domain, d, SECCLASS_RESOURCE, - resource_to_perm(access)); + return current_has_perm(d, SECCLASS_RESOURCE, resource_to_perm(access)); } struct iomem_has_perm_data { - struct domain_security_struct *ssec, *tsec; + u32 ssid; + u32 dsid; u32 perm; }; @@ -900,12 +912,12 @@ static int _iomem_has_perm(void *v, u32 ad.range.start = start; ad.range.end = end; - rc = avc_has_perm(data->ssec->sid, sid, SECCLASS_RESOURCE, data->perm, &ad); + rc = avc_has_perm(data->ssid, sid, SECCLASS_RESOURCE, data->perm, &ad); if ( rc ) return rc; - return avc_has_perm(data->tsec->sid, sid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); + return avc_has_perm(data->dsid, sid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); } static int flask_iomem_permission(struct domain *d, uint64_t start, uint64_t end, uint8_t access) @@ -913,7 +925,7 @@ static int flask_iomem_permission(struct struct iomem_has_perm_data data; int rc; - rc = domain_has_perm(current->domain, d, SECCLASS_RESOURCE, + rc = current_has_perm(d, SECCLASS_RESOURCE, resource_to_perm(access)); if ( rc ) return rc; @@ -923,8 +935,8 @@ static int flask_iomem_permission(struct else data.perm = RESOURCE__REMOVE_IOMEM; - data.ssec = current->domain->ssid; - data.tsec = d->ssid; + data.ssid = domain_sid(current->domain); + data.dsid = domain_sid(d); return security_iterate_iomem_sids(start, end, _iomem_has_perm, &data); } @@ -936,10 +948,9 @@ static int flask_iomem_mapping(struct do static int flask_pci_config_permission(struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access) { - u32 rsid; + u32 dsid, rsid; int rc = -EPERM; struct avc_audit_data ad; - struct domain_security_struct *ssec; u32 perm = RESOURCE__USE; rc = security_device_sid(machine_bdf, &rsid); @@ -952,33 +963,24 @@ static int flask_pci_config_permission(s AVC_AUDIT_DATA_INIT(&ad, DEV); ad.device = (unsigned long) machine_bdf; - ssec = d->ssid; - return avc_has_perm(ssec->sid, rsid, SECCLASS_RESOURCE, perm, &ad); + dsid = domain_sid(d); + return avc_has_perm(dsid, rsid, SECCLASS_RESOURCE, perm, &ad); } static int flask_resource_plug_core(void) { - struct domain_security_struct *ssec; - - ssec = current->domain->ssid; - return avc_has_perm(ssec->sid, SECINITSID_DOMXEN, SECCLASS_RESOURCE, RESOURCE__PLUG, NULL); + return avc_current_has_perm(SECINITSID_DOMXEN, SECCLASS_RESOURCE, RESOURCE__PLUG, NULL); } static int flask_resource_unplug_core(void) { - struct domain_security_struct *ssec; - - ssec = current->domain->ssid; - return avc_has_perm(ssec->sid, SECINITSID_DOMXEN, SECCLASS_RESOURCE, RESOURCE__UNPLUG, NULL); + return avc_current_has_perm(SECINITSID_DOMXEN, SECCLASS_RESOURCE, RESOURCE__UNPLUG, NULL); } static int flask_resource_use_core(void) { - struct domain_security_struct *ssec; - - ssec = current->domain->ssid; - return avc_has_perm(ssec->sid, SECINITSID_DOMXEN, SECCLASS_RESOURCE, RESOURCE__USE, NULL); + return avc_current_has_perm(SECINITSID_DOMXEN, SECCLASS_RESOURCE, RESOURCE__USE, NULL); } static int flask_resource_plug_pci(uint32_t machine_bdf) @@ -986,7 +988,6 @@ static int flask_resource_plug_pci(uint3 u32 rsid; int rc = -EPERM; struct avc_audit_data ad; - struct domain_security_struct *ssec; rc = security_device_sid(machine_bdf, &rsid); if ( rc ) @@ -994,8 +995,7 @@ static int flask_resource_plug_pci(uint3 AVC_AUDIT_DATA_INIT(&ad, DEV); ad.device = (unsigned long) machine_bdf; - ssec = current->domain->ssid; - return avc_has_perm(ssec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__PLUG, &ad); + return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__PLUG, &ad); } static int flask_resource_unplug_pci(uint32_t machine_bdf) @@ -1003,7 +1003,6 @@ static int flask_resource_unplug_pci(uin u32 rsid; int rc = -EPERM; struct avc_audit_data ad; - struct domain_security_struct *ssec; rc = security_device_sid(machine_bdf, &rsid); if ( rc ) @@ -1011,8 +1010,7 @@ static int flask_resource_unplug_pci(uin AVC_AUDIT_DATA_INIT(&ad, DEV); ad.device = (unsigned long) machine_bdf; - ssec = current->domain->ssid; - return avc_has_perm(ssec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__UNPLUG, &ad); + return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__UNPLUG, &ad); } static int flask_resource_setup_pci(uint32_t machine_bdf) @@ -1020,7 +1018,6 @@ static int flask_resource_setup_pci(uint u32 rsid; int rc = -EPERM; struct avc_audit_data ad; - struct domain_security_struct *ssec; rc = security_device_sid(machine_bdf, &rsid); if ( rc ) @@ -1028,8 +1025,7 @@ static int flask_resource_setup_pci(uint AVC_AUDIT_DATA_INIT(&ad, DEV); ad.device = (unsigned long) machine_bdf; - ssec = current->domain->ssid; - return avc_has_perm(ssec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__SETUP, &ad); + return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__SETUP, &ad); } static int flask_resource_setup_gsi(int gsi) @@ -1037,22 +1033,17 @@ static int flask_resource_setup_gsi(int u32 rsid; int rc = -EPERM; struct avc_audit_data ad; - struct domain_security_struct *ssec; rc = get_irq_sid(gsi, &rsid, &ad); if ( rc ) return rc; - ssec = current->domain->ssid; - return avc_has_perm(ssec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__SETUP, &ad); + return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__SETUP, &ad); } static int flask_resource_setup_misc(void) { - struct domain_security_struct *ssec; - - ssec = current->domain->ssid; - return avc_has_perm(ssec->sid, SECINITSID_XEN, SECCLASS_RESOURCE, RESOURCE__SETUP, NULL); + return avc_current_has_perm(SECINITSID_XEN, SECCLASS_RESOURCE, RESOURCE__SETUP, NULL); } static inline int flask_page_offline(uint32_t cmd) @@ -1115,11 +1106,12 @@ static int flask_shadow_control(struct d return -EPERM; } - return domain_has_perm(current->domain, d, SECCLASS_SHADOW, perm); + return current_has_perm(d, SECCLASS_SHADOW, perm); } struct ioport_has_perm_data { - struct domain_security_struct *ssec, *tsec; + u32 ssid; + u32 dsid; u32 perm; }; @@ -1133,12 +1125,12 @@ static int _ioport_has_perm(void *v, u32 ad.range.start = start; ad.range.end = end; - rc = avc_has_perm(data->ssec->sid, sid, SECCLASS_RESOURCE, data->perm, &ad); + rc = avc_has_perm(data->ssid, sid, SECCLASS_RESOURCE, data->perm, &ad); if ( rc ) return rc; - return avc_has_perm(data->tsec->sid, sid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); + return avc_has_perm(data->dsid, sid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); } static int flask_ioport_permission(struct domain *d, uint32_t start, uint32_t end, uint8_t access) @@ -1146,7 +1138,7 @@ static int flask_ioport_permission(struc int rc; struct ioport_has_perm_data data; - rc = domain_has_perm(current->domain, d, SECCLASS_RESOURCE, + rc = current_has_perm(d, SECCLASS_RESOURCE, resource_to_perm(access)); if ( rc ) @@ -1157,8 +1149,8 @@ static int flask_ioport_permission(struc else data.perm = RESOURCE__REMOVE_IOPORT; - data.ssec = current->domain->ssid; - data.tsec = d->ssid; + data.ssid = domain_sid(current->domain); + data.dsid = domain_sid(d); return security_iterate_ioport_sids(start, end, _ioport_has_perm, &data); } @@ -1170,18 +1162,17 @@ static int flask_ioport_mapping(struct d static int flask_getpageframeinfo(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_MMU, MMU__PAGEINFO); + return current_has_perm(d, SECCLASS_MMU, MMU__PAGEINFO); } static int flask_getmemlist(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_MMU, MMU__PAGELIST); + return current_has_perm(d, SECCLASS_MMU, MMU__PAGELIST); } static int flask_hypercall_init(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__HYPERCALL); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__HYPERCALL); } static int flask_hvmcontext(struct domain *d, uint32_t cmd) @@ -1204,7 +1195,7 @@ static int flask_hvmcontext(struct domai return -EPERM; } - return domain_has_perm(current->domain, d, SECCLASS_HVM, perm); + return current_has_perm(d, SECCLASS_HVM, perm); } static int flask_address_size(struct domain *d, uint32_t cmd) @@ -1223,7 +1214,7 @@ static int flask_address_size(struct dom return -EPERM; } - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, perm); + return current_has_perm(d, SECCLASS_DOMAIN, perm); } static int flask_machine_address_size(struct domain *d, uint32_t cmd) @@ -1264,37 +1255,37 @@ static int flask_hvm_param(struct domain perm = HVM__HVMCTL; } - return domain_has_perm(current->domain, d, SECCLASS_HVM, perm); + return current_has_perm(d, SECCLASS_HVM, perm); } static int flask_hvm_set_pci_intx_level(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_HVM, HVM__PCILEVEL); + return current_has_perm(d, SECCLASS_HVM, HVM__PCILEVEL); } static int flask_hvm_set_isa_irq_level(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_HVM, HVM__IRQLEVEL); + return current_has_perm(d, SECCLASS_HVM, HVM__IRQLEVEL); } static int flask_hvm_set_pci_link_route(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_HVM, HVM__PCIROUTE); + return current_has_perm(d, SECCLASS_HVM, HVM__PCIROUTE); } static int flask_hvm_inject_msi(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_HVM, HVM__SEND_IRQ); + return current_has_perm(d, SECCLASS_HVM, HVM__SEND_IRQ); } static int flask_mem_event(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_HVM, HVM__MEM_EVENT); + return current_has_perm(d, SECCLASS_HVM, HVM__MEM_EVENT); } static int flask_mem_sharing(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_HVM, HVM__MEM_SHARING); + return current_has_perm(d, SECCLASS_HVM, HVM__MEM_SHARING); } static int flask_apic(struct domain *d, int cmd) @@ -1356,11 +1347,7 @@ static int flask_physinfo(void) static int flask_platform_quirk(uint32_t quirk) { - struct domain_security_struct *dsec; - dsec = current->domain->ssid; - - return avc_has_perm(dsec->sid, SECINITSID_XEN, SECCLASS_XEN, - XEN__QUIRK, NULL); + return avc_current_has_perm(SECINITSID_XEN, SECCLASS_XEN, XEN__QUIRK, NULL); } static int flask_platform_op(uint32_t op) @@ -1422,16 +1409,12 @@ static int flask_getidletime(void) static int flask_machine_memory_map(void) { - struct domain_security_struct *dsec; - dsec = current->domain->ssid; - - return avc_has_perm(dsec->sid, SECINITSID_XEN, SECCLASS_MMU, - MMU__MEMORYMAP, NULL); + return avc_current_has_perm(SECINITSID_XEN, SECCLASS_MMU, MMU__MEMORYMAP, NULL); } static int flask_domain_memory_map(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_MMU, MMU__MEMORYMAP); + return current_has_perm(d, SECCLASS_MMU, MMU__MEMORYMAP); } static int domain_memory_perm(struct domain *d, struct domain *f, l1_pgentry_t pte) @@ -1454,17 +1437,17 @@ static int domain_memory_perm(struct dom if ( f->domain_id == DOMID_IO || !mfn_valid(fmfn) ) { struct avc_audit_data ad; - struct domain_security_struct *dsec = d->ssid; - u32 fsid; + u32 dsid, fsid; + rc = security_iomem_sid(fmfn, &fsid); + if ( rc ) + return rc; AVC_AUDIT_DATA_INIT(&ad, MEMORY); ad.sdom = d; ad.tdom = f; ad.memory.pte = pte.l1; ad.memory.mfn = fmfn; - rc = security_iomem_sid(fmfn, &fsid); - if ( rc ) - return rc; - return avc_has_perm(dsec->sid, fsid, SECCLASS_MMU, map_perms, &ad); + dsid = domain_sid(d); + return avc_has_perm(dsid, fsid, SECCLASS_MMU, map_perms, &ad); } return domain_has_perm(d, f, SECCLASS_MMU, map_perms); @@ -1507,43 +1490,40 @@ static int flask_remove_from_physmap(str static int flask_sendtrigger(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__TRIGGER); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__TRIGGER); } static int flask_get_device_group(uint32_t machine_bdf) { u32 rsid; int rc = -EPERM; - struct domain_security_struct *ssec = current->domain->ssid; rc = security_device_sid(machine_bdf, &rsid); if ( rc ) return rc; - return avc_has_perm(ssec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__STAT_DEVICE, NULL); + return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__STAT_DEVICE, NULL); } static int flask_test_assign_device(uint32_t machine_bdf) { u32 rsid; int rc = -EPERM; - struct domain_security_struct *ssec = current->domain->ssid; rc = security_device_sid(machine_bdf, &rsid); if ( rc ) return rc; - return rc = avc_has_perm(ssec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__STAT_DEVICE, NULL); + return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__STAT_DEVICE, NULL); } static int flask_assign_device(struct domain *d, uint32_t machine_bdf) { - u32 rsid; + u32 dsid, rsid; int rc = -EPERM; - struct domain_security_struct *ssec, *tsec; struct avc_audit_data ad; - rc = domain_has_perm(current->domain, d, SECCLASS_RESOURCE, RESOURCE__ADD); + rc = current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__ADD); if ( rc ) return rc; @@ -1553,22 +1533,20 @@ static int flask_assign_device(struct do AVC_AUDIT_DATA_INIT(&ad, DEV); ad.device = (unsigned long) machine_bdf; - ssec = current->domain->ssid; - rc = avc_has_perm(ssec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__ADD_DEVICE, &ad); + rc = avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__ADD_DEVICE, &ad); if ( rc ) return rc; - tsec = d->ssid; - return avc_has_perm(tsec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); + dsid = domain_sid(d); + return avc_has_perm(dsid, rsid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); } static int flask_deassign_device(struct domain *d, uint32_t machine_bdf) { u32 rsid; int rc = -EPERM; - struct domain_security_struct *ssec = current->domain->ssid; - rc = domain_has_perm(current->domain, d, SECCLASS_RESOURCE, RESOURCE__REMOVE); + rc = current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__REMOVE); if ( rc ) return rc; @@ -1576,18 +1554,17 @@ static int flask_deassign_device(struct if ( rc ) return rc; - return rc = avc_has_perm(ssec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__REMOVE_DEVICE, NULL); + return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__REMOVE_DEVICE, NULL); } static int flask_bind_pt_irq (struct domain *d, struct xen_domctl_bind_pt_irq *bind) { - u32 rsid; + u32 dsid, rsid; int rc = -EPERM; int irq; - struct domain_security_struct *ssec, *tsec; struct avc_audit_data ad; - rc = domain_has_perm(current->domain, d, SECCLASS_RESOURCE, RESOURCE__ADD); + rc = current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__ADD); if ( rc ) return rc; @@ -1597,23 +1574,22 @@ static int flask_bind_pt_irq (struct dom if ( rc ) return rc; - ssec = current->domain->ssid; - rc = avc_has_perm(ssec->sid, rsid, SECCLASS_HVM, HVM__BIND_IRQ, &ad); + rc = avc_current_has_perm(rsid, SECCLASS_HVM, HVM__BIND_IRQ, &ad); if ( rc ) return rc; - tsec = d->ssid; - return avc_has_perm(tsec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); + dsid = domain_sid(d); + return avc_has_perm(dsid, rsid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); } static int flask_unbind_pt_irq (struct domain *d, struct xen_domctl_bind_pt_irq *bind) { - return domain_has_perm(current->domain, d, SECCLASS_RESOURCE, RESOURCE__REMOVE); + return current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__REMOVE); } static int flask_pin_mem_cacheattr (struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_HVM, HVM__CACHEATTR); + return current_has_perm(d, SECCLASS_HVM, HVM__CACHEATTR); } static int flask_ext_vcpucontext (struct domain *d, uint32_t cmd) @@ -1632,7 +1608,7 @@ static int flask_ext_vcpucontext (struct return -EPERM; } - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, perm); + return current_has_perm(d, SECCLASS_DOMAIN, perm); } static int flask_vcpuextstate (struct domain *d, uint32_t cmd) @@ -1651,7 +1627,7 @@ static int flask_vcpuextstate (struct do return -EPERM; } - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, perm); + return current_has_perm(d, SECCLASS_DOMAIN, perm); } #endif diff -r 5df501c84253 -r b0ab408cb0b9 xen/xsm/flask/include/objsec.h --- a/xen/xsm/flask/include/objsec.h Fri Jan 11 10:37:47 2013 +0000 +++ b/xen/xsm/flask/include/objsec.h Fri Jan 11 10:38:39 2013 +0000 @@ -19,6 +19,8 @@ struct domain_security_struct { u32 sid; /* current SID */ + u32 self_sid; /* SID for target when operating on DOMID_SELF */ + u32 target_sid; /* SID for device model target domain */ }; struct evtchn_security_struct { _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGM-0007My-Ip; Wed, 16 Jan 2013 08:22:22 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGL-0007KR-8O for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:21 +0000 Received: from [85.158.143.99:61322] by server-2.bemta-4.messagelabs.com id 68/8C-24322-C3366F05; Wed, 16 Jan 2013 08:22:20 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-6.tower-216.messagelabs.com!1358324532!21093448!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 28263 invoked from network); 16 Jan 2013 08:22:19 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-6.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:19 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOG9-0003qx-S6 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOG9-0000YE-LK for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:09 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:09 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen: convert do_domctl to use XSM X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357898985 0 # Node ID fd939d1a9b306b5e219fd1080eefdcd1c47cfcb0 # Parent ba386fd2bf17fd30e8215bedc3187c95b8eb9e6b xen: convert do_domctl to use XSM The xsm_domctl hook now covers every domctl, in addition to the more fine-grained XSM hooks in most sub-functions. This also removes the need to special-case XEN_DOMCTL_getdomaininfo. Signed-off-by: Daniel De Graaf Committed-by: Keir Fraser --- diff -r ba386fd2bf17 -r fd939d1a9b30 xen/common/domctl.c --- a/xen/common/domctl.c Fri Jan 11 10:07:19 2013 +0000 +++ b/xen/common/domctl.c Fri Jan 11 10:09:45 2013 +0000 @@ -265,27 +265,9 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe return -ESRCH; } - switch ( op->cmd ) - { - case XEN_DOMCTL_ioport_mapping: - case XEN_DOMCTL_memory_mapping: - case XEN_DOMCTL_bind_pt_irq: - case XEN_DOMCTL_unbind_pt_irq: { - bool_t is_priv = IS_PRIV_FOR(current->domain, d); - if ( !is_priv ) - { - ret = -EPERM; - goto domctl_out_unlock_domonly; - } - break; - } - case XEN_DOMCTL_getdomaininfo: - break; - default: - if ( !IS_PRIV(current->domain) ) - return -EPERM; - break; - } + ret = xsm_domctl(d, op->cmd); + if ( ret ) + goto domctl_out_unlock_domonly; if ( !domctl_lock_acquire() ) { @@ -855,17 +837,13 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe case XEN_DOMCTL_subscribe: { - ret = xsm_domctl(d, op->cmd); - if ( !ret ) - d->suspend_evtchn = op->u.subscribe.port; + d->suspend_evtchn = op->u.subscribe.port; } break; case XEN_DOMCTL_disable_migrate: { - ret = xsm_domctl(d, op->cmd); - if ( !ret ) - d->disable_migrate = op->u.disable_migrate.disable; + d->disable_migrate = op->u.disable_migrate.disable; } break; diff -r ba386fd2bf17 -r fd939d1a9b30 xen/include/xsm/dummy.h --- a/xen/include/xsm/dummy.h Fri Jan 11 10:07:19 2013 +0000 +++ b/xen/include/xsm/dummy.h Fri Jan 11 10:09:45 2013 +0000 @@ -64,8 +64,6 @@ static XSM_INLINE int xsm_scheduler(stru static XSM_INLINE int xsm_getdomaininfo(struct domain *d) { - if ( !IS_PRIV(current->domain) ) - return -EPERM; return 0; } @@ -91,6 +89,20 @@ static XSM_INLINE int xsm_set_target(str static XSM_INLINE int xsm_domctl(struct domain *d, int cmd) { + switch ( cmd ) + { + case XEN_DOMCTL_ioport_mapping: + case XEN_DOMCTL_memory_mapping: + case XEN_DOMCTL_bind_pt_irq: + case XEN_DOMCTL_unbind_pt_irq: { + if ( !IS_PRIV_FOR(current->domain, d) ) + return -EPERM; + break; + } + default: + if ( !IS_PRIV(current->domain) ) + return -EPERM; + } return 0; } diff -r ba386fd2bf17 -r fd939d1a9b30 xen/xsm/flask/hooks.c --- a/xen/xsm/flask/hooks.c Fri Jan 11 10:07:19 2013 +0000 +++ b/xen/xsm/flask/hooks.c Fri Jan 11 10:09:45 2013 +0000 @@ -582,7 +582,90 @@ static int flask_set_target(struct domai static int flask_domctl(struct domain *d, int cmd) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__SET_MISC_INFO); + switch ( cmd ) + { + /* These have individual XSM hooks (common/domctl.c) */ + case XEN_DOMCTL_createdomain: + case XEN_DOMCTL_destroydomain: + case XEN_DOMCTL_pausedomain: + case XEN_DOMCTL_unpausedomain: + case XEN_DOMCTL_getdomaininfo: + case XEN_DOMCTL_setvcpuaffinity: + case XEN_DOMCTL_max_mem: + case XEN_DOMCTL_setvcpucontext: + case XEN_DOMCTL_getvcpucontext: + case XEN_DOMCTL_getvcpuinfo: + case XEN_DOMCTL_max_vcpus: + case XEN_DOMCTL_scheduler_op: + case XEN_DOMCTL_setdomainhandle: + case XEN_DOMCTL_setdebugging: + case XEN_DOMCTL_irq_permission: + case XEN_DOMCTL_iomem_permission: + case XEN_DOMCTL_settimeoffset: + case XEN_DOMCTL_getvcpuaffinity: + case XEN_DOMCTL_resumedomain: + case XEN_DOMCTL_set_target: + case XEN_DOMCTL_set_virq_handler: +#ifdef CONFIG_X86 + /* These have individual XSM hooks (arch/x86/domctl.c) */ + case XEN_DOMCTL_shadow_op: + case XEN_DOMCTL_ioport_permission: + case XEN_DOMCTL_getpageframeinfo: + case XEN_DOMCTL_getpageframeinfo2: + case XEN_DOMCTL_getpageframeinfo3: + case XEN_DOMCTL_getmemlist: + case XEN_DOMCTL_hypercall_init: + case XEN_DOMCTL_sethvmcontext: + case XEN_DOMCTL_gethvmcontext: + case XEN_DOMCTL_gethvmcontext_partial: + case XEN_DOMCTL_set_address_size: + case XEN_DOMCTL_get_address_size: + case XEN_DOMCTL_set_machine_address_size: + case XEN_DOMCTL_get_machine_address_size: + case XEN_DOMCTL_sendtrigger: + case XEN_DOMCTL_bind_pt_irq: + case XEN_DOMCTL_unbind_pt_irq: + case XEN_DOMCTL_memory_mapping: + case XEN_DOMCTL_ioport_mapping: + case XEN_DOMCTL_pin_mem_cacheattr: + case XEN_DOMCTL_set_ext_vcpucontext: + case XEN_DOMCTL_get_ext_vcpucontext: + case XEN_DOMCTL_setvcpuextstate: + case XEN_DOMCTL_getvcpuextstate: + case XEN_DOMCTL_mem_event_op: + case XEN_DOMCTL_mem_sharing_op: + case XEN_DOMCTL_set_access_required: + /* These have individual XSM hooks (drivers/passthrough/iommu.c) */ + case XEN_DOMCTL_get_device_group: + case XEN_DOMCTL_test_assign_device: + case XEN_DOMCTL_assign_device: + case XEN_DOMCTL_deassign_device: +#endif + return 0; + + case XEN_DOMCTL_subscribe: + case XEN_DOMCTL_disable_migrate: + return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, + DOMAIN__SET_MISC_INFO); + + case XEN_DOMCTL_set_cpuid: + case XEN_DOMCTL_suppress_spurious_page_faults: + case XEN_DOMCTL_debug_op: + case XEN_DOMCTL_gettscinfo: + case XEN_DOMCTL_settscinfo: + case XEN_DOMCTL_audit_p2m: + case XEN_DOMCTL_gdbsx_guestmemio: + case XEN_DOMCTL_gdbsx_pausevcpu: + case XEN_DOMCTL_gdbsx_unpausevcpu: + case XEN_DOMCTL_gdbsx_domstatus: + /* TODO add per-subfunction hooks */ + if ( !IS_PRIV(current->domain) ) + return -EPERM; + return 0; + default: + printk("flask_domctl: Unknown op %d\n", cmd); + return -EPERM; + } } static int flask_set_virq_handler(struct domain *d, uint32_t virq) _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGN-0007Nu-93; Wed, 16 Jan 2013 08:22:23 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGL-0007LM-QO for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:21 +0000 Received: from [85.158.143.99:32537] by server-1.bemta-4.messagelabs.com id E4/44-18740-D3366F05; Wed, 16 Jan 2013 08:22:21 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-14.tower-216.messagelabs.com!1358324539!18496200!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 21086 invoked from network); 16 Jan 2013 08:22:20 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-14.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:20 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGJ-0003rp-6u for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:19 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGJ-0000ca-5r for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:19 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:18 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] libxl: Set vfb and vkb devid if not done so by the caller X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jim Fehlig # Date 1357906946 0 # Node ID 84d87ca765be81c215ef3b67d2ed71acfba73553 # Parent 35a0556a7f76c9a6f616cfc9d5a82dccfe36b994 libxl: Set vfb and vkb devid if not done so by the caller Other devices set a sensible devid if the caller has not done so. Do the same for vfb and vkb. While at it, factor out the common code used to determine a sensible devid, so it can be used by other libxl__device_*_add functions. Signed-off-by: Jim Fehlig Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r 35a0556a7f76 -r 84d87ca765be tools/libxl/libxl.c --- a/tools/libxl/libxl.c Thu Jan 10 17:32:10 2013 +0000 +++ b/tools/libxl/libxl.c Fri Jan 11 12:22:26 2013 +0000 @@ -1710,6 +1710,26 @@ out: return; } +/* common function to get next device id */ +static int libxl__device_nextid(libxl__gc *gc, uint32_t domid, char *device) +{ + char *dompath, **l; + unsigned int nb; + int nextid = -1; + + if (!(dompath = libxl__xs_get_dompath(gc, domid))) + return nextid; + + l = libxl__xs_directory(gc, XBT_NULL, + GCSPRINTF("%s/device/%s", dompath, device), &nb); + if (l == NULL || nb == 0) + nextid = 0; + else + nextid = strtoul(l[nb - 1], NULL, 10) + 1; + + return nextid; +} + /******************************************************************************/ int libxl__device_vtpm_setdefault(libxl__gc *gc, libxl_device_vtpm *vtpm) { @@ -1741,8 +1761,7 @@ void libxl__device_vtpm_add(libxl__egc * flexarray_t *front; flexarray_t *back; libxl__device *device; - char *dompath, **l; - unsigned int nb, rc; + unsigned int rc; rc = libxl__device_vtpm_setdefault(gc, vtpm); if (rc) goto out; @@ -1750,18 +1769,11 @@ void libxl__device_vtpm_add(libxl__egc * front = flexarray_make(gc, 16, 1); back = flexarray_make(gc, 16, 1); - if(vtpm->devid == -1) { - if (!(dompath = libxl__xs_get_dompath(gc, domid))) { + if (vtpm->devid == -1) { + if ((vtpm->devid = libxl__device_nextid(gc, domid, "vtpm") < 0)) { rc = ERROR_FAIL; goto out; } - l = libxl__xs_directory(gc, XBT_NULL, - GCSPRINTF("%s/device/vtpm", dompath), &nb); - if(l == NULL || nb == 0) { - vtpm->devid = 0; - } else { - vtpm->devid = strtoul(l[nb - 1], NULL, 10) + 1; - } } GCNEW(device); @@ -2808,8 +2820,7 @@ void libxl__device_nic_add(libxl__egc *e flexarray_t *front; flexarray_t *back; libxl__device *device; - char *dompath, **l; - unsigned int nb, rc; + unsigned int rc; rc = libxl__device_nic_setdefault(gc, nic, domid); if (rc) goto out; @@ -2818,16 +2829,10 @@ void libxl__device_nic_add(libxl__egc *e back = flexarray_make(gc, 16, 1); if (nic->devid == -1) { - if (!(dompath = libxl__xs_get_dompath(gc, domid))) { + if ((nic->devid = libxl__device_nextid(gc, domid, "vif") < 0)) { rc = ERROR_FAIL; goto out; } - if (!(l = libxl__xs_directory(gc, XBT_NULL, - libxl__sprintf(gc, "%s/device/vif", dompath), &nb))) { - nic->devid = 0; - } else { - nic->devid = strtoul(l[nb - 1], NULL, 10) + 1; - } } GCNEW(device); @@ -3192,6 +3197,13 @@ int libxl__device_vkb_add(libxl__gc *gc, front = flexarray_make(gc, 16, 1); back = flexarray_make(gc, 16, 1); + if (vkb->devid == -1) { + if ((vkb->devid = libxl__device_nextid(gc, domid, "vkb") < 0)) { + rc = ERROR_FAIL; + goto out; + } + } + rc = libxl__device_from_vkb(gc, domid, vkb, &device); if (rc != 0) goto out; @@ -3282,6 +3294,13 @@ int libxl__device_vfb_add(libxl__gc *gc, front = flexarray_make(gc, 16, 1); back = flexarray_make(gc, 16, 1); + if (vfb->devid == -1) { + if ((vfb->devid = libxl__device_nextid(gc, domid, "vfb") < 0)) { + rc = ERROR_FAIL; + goto out; + } + } + rc = libxl__device_from_vfb(gc, domid, vfb, &device); if (rc != 0) goto out; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGN-0007NS-0M; Wed, 16 Jan 2013 08:22:23 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGL-0007Ke-2J for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:21 +0000 Received: from [85.158.137.99:9263] by server-12.bemta-3.messagelabs.com id 61/D7-22577-C3366F05; Wed, 16 Jan 2013 08:22:20 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-6.tower-217.messagelabs.com!1358324532!12001687!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 29957 invoked from network); 16 Jan 2013 08:22:14 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-6.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:14 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGC-0003rF-OH for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:12 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGC-0000Zg-Mu for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:12 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:12 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xsm/flask: add distinct SIDs for self/target access X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357900719 0 # Node ID b0ab408cb0b9e668edcc9340f7688f6fb3d998dd # Parent 5df501c84253e655838d3fc9a0dcd75a24ae9f25 xsm/flask: add distinct SIDs for self/target access Because the FLASK XSM module no longer checks IS_PRIV for remote domain accesses covered by XSM permissions, domains now have the ability to perform memory management and other functions on all domains that have the same type. While it is possible to prevent this by only creating one domain per type, this solution significantly limits the flexibility of the type system. This patch introduces a domain type transition to represent a domain that is operating on itself. In the example policy, this is demonstrated by creating a type with _self appended when declaring a domain type which will be used for reflexive operations. AVCs for a domain of type domU_t will look like the following: scontext=system_u:system_r:domU_t tcontext=system_u:system_r:domU_t_self This change also allows policy to distinguish between event channels a domain creates to itself and event channels created between domains of the same type. The IS_PRIV_FOR check used for device model domains is also no longer checked by FLASK; a similar transition is performed when the target is set and used when the device model accesses its target domain. Signed-off-by: Daniel De Graaf Committed-by: Keir Fraser --- diff -r 5df501c84253 -r b0ab408cb0b9 docs/misc/xsm-flask.txt --- a/docs/misc/xsm-flask.txt Fri Jan 11 10:37:47 2013 +0000 +++ b/docs/misc/xsm-flask.txt Fri Jan 11 10:38:39 2013 +0000 @@ -68,9 +68,43 @@ HVM domains with stubdomain device model - dm_dom_t is the device model for a domain with type domHVM_t One disadvantage of using type enforcement to enforce isolation is that a new -type is needed for each group of domains. In addition, it is not possible to -allow isolated_domU_t cannot to create loopback event channels without allowing -two domains of type isolated_domU_t to communicate with one another. +type is needed for each group of domains. The user field can be used to address +this for the most common case of groups that can communicate internally but not +externally; see "Users and roles" below. + +Type transitions +---------------- + +Xen defines a number of operations such as memory mapping that are necessary for +a domain to perform on itself, but are also undesirable to allow a domain to +perform on every other domain of the same label. While it is possible to address +this by only creating one domain per type, this solution significantly limits +the flexibility of the type system. Another method to address this issue is to +duplicate the permission names for every operation that can be performed on the +current domain or on other domains; however, this significantly increases the +necessary number of permissions and complicates the XSM hooks. Instead, this is +addressed by allowing a distinct type to be used for a domain's access to +itself. The same applies for a device model domain's access to its designated +target, allowing the IS_PRIV_FOR checks used in Xen's DAC model to be +implemented in FLASK. + +Upon domain creation (or relabel), a type transition is computed using the +domain's label as the source and target. The result of this computation is used +as the target when the domain accesses itself. In the example policy, this +computed type is the result of appending _self to a domain's type: domU_t_self +for domU_t. If no type transition rule exists, the domain will continue to use +its own label for both the source and target. An AVC message will look like: + + scontext=system_u:system_r:domU_t tcontext=system_u:system_r:domU_t_self + +A similar type transition is done when a device model domain is associated with +its target using the set_target operation. The transition is computed with the +target domain as the source and the device model domain as the target: this +ordering was chosen in order to preserve the original label for the target when +no type transition rule exists. In the example policy, these computed types are +the result of appending _target to the domain. + +Type transitions are also used to compute the labels of event channels. Users and roles --------------- @@ -84,7 +118,8 @@ the customer_1 user. Access control rules involving users and roles are defined in the policy constraints file (tools/flask/policy/policy/constraints). The example policy provides constraints that prevent different users from communicating using -grants or event channels, while still allowing communication with dom0. +grants or event channels, while still allowing communication with the system_u +user where dom0 resides. Resource Policy --------------- diff -r 5df501c84253 -r b0ab408cb0b9 tools/flask/policy/policy/modules/xen/xen.if --- a/tools/flask/policy/policy/modules/xen/xen.if Fri Jan 11 10:37:47 2013 +0000 +++ b/tools/flask/policy/policy/modules/xen/xen.if Fri Jan 11 10:38:39 2013 +0000 @@ -5,15 +5,34 @@ # Domain creation and setup # ################################################################################ +define(`declare_domain_common', ` + allow $1 $2:grant { query setup }; + allow $1 $2:mmu { adjust physmap map_read map_write stat pinpage updatemp }; + allow $1 $2:hvm { getparam setparam }; +') + # declare_domain(type, attrs...) -# Declare a type as a domain type, and allow basic domain setup +# Declare a domain type, along with associated _self and _channel types +# Allow the domain to perform basic operations on itself define(`declare_domain', ` type $1, domain_type`'ifelse(`$#', `1', `', `,shift($@)'); + type $1_self, domain_type, domain_self_type; + type_transition $1 $1:domain $1_self; + type $1_channel, event_type; + type_transition $1 domain_type:event $1_channel; + declare_domain_common($1, $1_self) +') + +# declare_singleton_domain(type, attrs...) +# Declare a domain type and associated _channel types. +# Note: Because the domain can perform basic operations on itself and any +# other domain of the same type, this constructor should be used for types +# containing at most one domain. This is not enforced by policy. +define(`declare_singleton_domain', ` + type $1, domain_type`'ifelse(`$#', `1', `', `,shift($@)'); type $1_channel, event_type; type_transition $1 domain_type:event $1_channel; - allow $1 $1:grant { query setup }; - allow $1 $1:mmu { adjust physmap map_read map_write stat pinpage }; - allow $1 $1:hvm { getparam setparam }; + declare_domain_common($1, $1) ') # declare_build_label(type) @@ -51,6 +70,7 @@ define(`create_domain_build_label', ` allow $1 $2_channel:event create; allow $1 $2_building:domain2 relabelfrom; allow $1 $2:domain2 relabelto; + allow $2_building $2:domain transition; ') # manage_domain(priv, target) @@ -101,20 +121,36 @@ define(`domain_comms', ` ') # domain_self_comms(domain) -# Allow a domain types to communicate with others of its type using grants -# and event channels (this includes event channels to DOMID_SELF) +# Allow a non-singleton domain type to communicate with itself using grants +# and event channels define(`domain_self_comms', ` - create_channel($1, $1, $1_channel) - allow $1 $1:grant { map_read map_write copy unmap }; + create_channel($1, $1_self, $1_channel) + allow $1 $1_self:grant { map_read map_write copy unmap }; ') # device_model(dm_dom, hvm_dom) # Define how a device model domain interacts with its target define(`device_model', ` - domain_comms($1, $2) - allow $1 $2:domain { set_target shutdown }; - allow $1 $2:mmu { map_read map_write adjust physmap }; - allow $1 $2:hvm { getparam setparam trackdirtyvram hvmctl irqlevel pciroute cacheattr send_irq }; + type $2_target, domain_type, domain_target_type; + type_transition $2 $1:domain $2_target; + allow $1 $2:domain set_target; + + type_transition $2_target domain_type:event $2_channel; + create_channel($1, $2_target, $1_channel) + create_channel($2, $1, $2_channel) + allow $1 $2_channel:event create; + + allow $1 $2_target:domain shutdown; + allow $1 $2_target:mmu { map_read map_write adjust physmap }; + allow $1 $2_target:hvm { getparam setparam trackdirtyvram hvmctl irqlevel pciroute cacheattr send_irq }; +') + +# make_device_model(priv, dm_dom, hvm_dom) +# Allow creation of a device model and HVM domain pair +define(`make_device_model', ` + device_model($2, $3) + allow $1 $2:domain2 make_priv_for; + allow $1 $3:domain2 set_as_target; ') ################################################################################ # diff -r 5df501c84253 -r b0ab408cb0b9 tools/flask/policy/policy/modules/xen/xen.te --- a/tools/flask/policy/policy/modules/xen/xen.te Fri Jan 11 10:37:47 2013 +0000 +++ b/tools/flask/policy/policy/modules/xen/xen.te Fri Jan 11 10:38:39 2013 +0000 @@ -8,6 +8,8 @@ ################################################################################ attribute xen_type; attribute domain_type; +attribute domain_self_type; +attribute domain_target_type; attribute resource_type; attribute event_type; attribute mls_priv; @@ -25,7 +27,7 @@ attribute mls_priv; type xen_t, xen_type, mls_priv; # Domain 0 -declare_domain(dom0_t, mls_priv); +declare_singleton_domain(dom0_t, mls_priv); # Untracked I/O memory (pseudo-domain) type domio_t, xen_type; @@ -69,7 +71,7 @@ admin_device(dom0_t, ioport_t) admin_device(dom0_t, iomem_t) allow dom0_t domio_t:mmu { map_read map_write }; -domain_self_comms(dom0_t) +domain_comms(dom0_t, dom0_t) auditallow dom0_t security_t:security { load_policy setenforce setbool }; @@ -84,11 +86,14 @@ domain_self_comms(domU_t) create_domain(dom0_t, domU_t) manage_domain(dom0_t, domU_t) domain_comms(dom0_t, domU_t) +domain_comms(domU_t, domU_t) +domain_self_comms(domU_t) declare_domain(isolated_domU_t) create_domain(dom0_t, isolated_domU_t) manage_domain(dom0_t, isolated_domU_t) domain_comms(dom0_t, isolated_domU_t) +domain_self_comms(isolated_domU_t) # Declare a boolean that denies creation of prot_domU_t domains gen_bool(prot_doms_locked, false) @@ -98,6 +103,8 @@ if (!prot_doms_locked) { } domain_comms(dom0_t, prot_domU_t) domain_comms(domU_t, prot_domU_t) +domain_comms(prot_domU_t, prot_domU_t) +domain_self_comms(prot_domU_t) # domHVM_t is meant to be paired with a qemu-dm stub domain of type dm_dom_t declare_domain(domHVM_t) @@ -110,7 +117,7 @@ declare_domain(dm_dom_t) create_domain(dom0_t, dm_dom_t) manage_domain(dom0_t, dm_dom_t) domain_comms(dom0_t, dm_dom_t) -device_model(dm_dom_t, domHVM_t) +make_device_model(dom0_t, dm_dom_t, domHVM_t) # nomigrate_t must be built via the nomigrate_t_building label; once built, # dom0 cannot read its memory. diff -r 5df501c84253 -r b0ab408cb0b9 xen/xsm/flask/flask_op.c --- a/xen/xsm/flask/flask_op.c Fri Jan 11 10:37:47 2013 +0000 +++ b/xen/xsm/flask/flask_op.c Fri Jan 11 10:38:39 2013 +0000 @@ -612,6 +612,15 @@ static int flask_relabel_domain(struct x goto out; dsec->sid = arg->sid; + dsec->self_sid = arg->sid; + security_transition_sid(dsec->sid, dsec->sid, SECCLASS_DOMAIN, + &dsec->self_sid); + if ( d->target ) + { + struct domain_security_struct *tsec = d->target->ssid; + security_transition_sid(tsec->sid, dsec->sid, SECCLASS_DOMAIN, + &dsec->target_sid); + } out: rcu_unlock_domain(d); diff -r 5df501c84253 -r b0ab408cb0b9 xen/xsm/flask/hooks.c --- a/xen/xsm/flask/hooks.c Fri Jan 11 10:37:47 2013 +0000 +++ b/xen/xsm/flask/hooks.c Fri Jan 11 10:38:39 2013 +0000 @@ -33,38 +33,69 @@ struct xsm_operations *original_ops = NULL; +static u32 domain_sid(struct domain *dom) +{ + struct domain_security_struct *dsec = dom->ssid; + return dsec->sid; +} + +static u32 domain_target_sid(struct domain *src, struct domain *dst) +{ + struct domain_security_struct *ssec = src->ssid; + struct domain_security_struct *dsec = dst->ssid; + if (src == dst) + return ssec->self_sid; + if (src->target == dst) + return ssec->target_sid; + return dsec->sid; +} + +static u32 evtchn_sid(const struct evtchn *chn) +{ + struct evtchn_security_struct *esec = chn->ssid; + return esec->sid; +} + static int domain_has_perm(struct domain *dom1, struct domain *dom2, u16 class, u32 perms) { - struct domain_security_struct *dsec1, *dsec2; + u32 ssid, tsid; struct avc_audit_data ad; AVC_AUDIT_DATA_INIT(&ad, NONE); ad.sdom = dom1; ad.tdom = dom2; - dsec1 = dom1->ssid; - dsec2 = dom2->ssid; + ssid = domain_sid(dom1); + tsid = domain_target_sid(dom1, dom2); - return avc_has_perm(dsec1->sid, dsec2->sid, class, perms, &ad); + return avc_has_perm(ssid, tsid, class, perms, &ad); +} + +static int avc_current_has_perm(u32 tsid, u16 class, u32 perm, + struct avc_audit_data *ad) +{ + u32 csid = domain_sid(current->domain); + return avc_has_perm(csid, tsid, class, perm, ad); +} + +static int current_has_perm(struct domain *d, u16 class, u32 perms) +{ + return domain_has_perm(current->domain, d, class, perms); } static int domain_has_evtchn(struct domain *d, struct evtchn *chn, u32 perms) { - struct domain_security_struct *dsec; - struct evtchn_security_struct *esec; + u32 dsid = domain_sid(d); + u32 esid = evtchn_sid(chn); - dsec = d->ssid; - esec = chn->ssid; - - return avc_has_perm(dsec->sid, esec->sid, SECCLASS_EVENT, perms, NULL); + return avc_has_perm(dsid, esid, SECCLASS_EVENT, perms, NULL); } static int domain_has_xen(struct domain *d, u32 perms) { - struct domain_security_struct *dsec; - dsec = d->ssid; + u32 dsid = domain_sid(d); - return avc_has_perm(dsec->sid, SECINITSID_XEN, SECCLASS_XEN, perms, NULL); + return avc_has_perm(dsid, SECINITSID_XEN, SECCLASS_XEN, perms, NULL); } static int get_irq_sid(int irq, u32 *sid, struct avc_audit_data *ad) @@ -123,6 +154,7 @@ static int flask_domain_alloc_security(s dsec->sid = SECINITSID_UNLABELED; } + dsec->self_sid = dsec->sid; d->ssid = dsec; return 0; @@ -142,68 +174,55 @@ static void flask_domain_free_security(s static int flask_evtchn_unbound(struct domain *d1, struct evtchn *chn, domid_t id2) { - u32 newsid; + u32 sid1, sid2, newsid; int rc; - domid_t id; struct domain *d2; - struct domain_security_struct *dsec, *dsec1, *dsec2; struct evtchn_security_struct *esec; - dsec = current->domain->ssid; - dsec1 = d1->ssid; - esec = chn->ssid; - - if ( id2 == DOMID_SELF ) - id = current->domain->domain_id; - else - id = id2; - - d2 = get_domain_by_id(id); + d2 = rcu_lock_domain_by_any_id(id2); if ( d2 == NULL ) return -EPERM; - dsec2 = d2->ssid; - rc = security_transition_sid(dsec1->sid, dsec2->sid, SECCLASS_EVENT, - &newsid); + sid1 = domain_sid(d1); + sid2 = domain_target_sid(d1, d2); + esec = chn->ssid; + + rc = security_transition_sid(sid1, sid2, SECCLASS_EVENT, &newsid); if ( rc ) goto out; - rc = avc_has_perm(dsec->sid, newsid, SECCLASS_EVENT, EVENT__CREATE, NULL); + rc = avc_current_has_perm(newsid, SECCLASS_EVENT, EVENT__CREATE, NULL); if ( rc ) goto out; - rc = avc_has_perm(newsid, dsec2->sid, SECCLASS_EVENT, EVENT__BIND, NULL); + rc = avc_has_perm(newsid, sid2, SECCLASS_EVENT, EVENT__BIND, NULL); if ( rc ) goto out; - else - esec->sid = newsid; + + esec->sid = newsid; out: - put_domain(d2); + rcu_unlock_domain(d2); return rc; } static int flask_evtchn_interdomain(struct domain *d1, struct evtchn *chn1, struct domain *d2, struct evtchn *chn2) { - u32 newsid; + u32 sid1, sid2, newsid, reverse_sid; int rc; - struct domain_security_struct *dsec, *dsec1, *dsec2; - struct evtchn_security_struct *esec1, *esec2; + struct evtchn_security_struct *esec1; struct avc_audit_data ad; AVC_AUDIT_DATA_INIT(&ad, NONE); ad.sdom = d1; ad.tdom = d2; - dsec = current->domain->ssid; - dsec1 = d1->ssid; - dsec2 = d2->ssid; + sid1 = domain_sid(d1); + sid2 = domain_target_sid(d1, d2); esec1 = chn1->ssid; - esec2 = chn2->ssid; - rc = security_transition_sid(dsec1->sid, dsec2->sid, - SECCLASS_EVENT, &newsid); + rc = security_transition_sid(sid1, sid2, SECCLASS_EVENT, &newsid); if ( rc ) { printk("%s: security_transition_sid failed, rc=%d (domain=%d)\n", @@ -211,15 +230,20 @@ static int flask_evtchn_interdomain(stru return rc; } - rc = avc_has_perm(dsec->sid, newsid, SECCLASS_EVENT, EVENT__CREATE, &ad); + rc = avc_current_has_perm(newsid, SECCLASS_EVENT, EVENT__CREATE, &ad); if ( rc ) return rc; - rc = avc_has_perm(newsid, dsec2->sid, SECCLASS_EVENT, EVENT__BIND, &ad); + rc = avc_has_perm(newsid, sid2, SECCLASS_EVENT, EVENT__BIND, &ad); if ( rc ) return rc; - rc = avc_has_perm(esec2->sid, dsec1->sid, SECCLASS_EVENT, EVENT__BIND, &ad); + /* It's possible the target domain has changed (relabel or destroy/create) + * since the unbound part was created; re-validate this binding now. + */ + reverse_sid = evtchn_sid(chn2); + sid1 = domain_target_sid(d2, d1); + rc = avc_has_perm(reverse_sid, sid1, SECCLASS_EVENT, EVENT__BIND, &ad); if ( rc ) return rc; @@ -302,7 +326,6 @@ static void flask_free_security_evtchn(s static char *flask_show_security_evtchn(struct domain *d, const struct evtchn *chn) { - struct evtchn_security_struct *esec; int irq; u32 sid = 0; char *ctx; @@ -312,9 +335,7 @@ static char *flask_show_security_evtchn( { case ECS_UNBOUND: case ECS_INTERDOMAIN: - esec = chn->ssid; - if ( esec ) - sid = esec->sid; + sid = evtchn_sid(chn); break; case ECS_PIRQ: irq = domain_pirq_to_irq(d, chn->u.pirq.irq); @@ -367,12 +388,12 @@ static int flask_grant_query_size(struct static int flask_get_pod_target(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__GETPODTARGET); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETPODTARGET); } static int flask_set_pod_target(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__SETPODTARGET); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETPODTARGET); } static int flask_memory_adjust_reservation(struct domain *d1, struct domain *d2) @@ -455,70 +476,65 @@ static int flask_schedop_shutdown(struct static void flask_security_domaininfo(struct domain *d, struct xen_domctl_getdomaininfo *info) { - struct domain_security_struct *dsec; - - dsec = d->ssid; - info->ssidref = dsec->sid; + info->ssidref = domain_sid(d); } static int flask_setvcpucontext(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__SETVCPUCONTEXT); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETVCPUCONTEXT); } static int flask_pausedomain(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__PAUSE); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__PAUSE); } static int flask_unpausedomain(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__UNPAUSE); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__UNPAUSE); } static int flask_resumedomain(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__RESUME); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__RESUME); } static int flask_domain_create(struct domain *d, u32 ssidref) { int rc; - struct domain_security_struct *dsec1; - struct domain_security_struct *dsec2; + struct domain_security_struct *dsec = d->ssid; static int dom0_created = 0; - dsec1 = current->domain->ssid; - dsec2 = d->ssid; - if ( is_idle_domain(current->domain) && !dom0_created ) { - dsec2->sid = SECINITSID_DOM0; + dsec->sid = SECINITSID_DOM0; dom0_created = 1; - return 0; } + else + { + rc = avc_current_has_perm(ssidref, SECCLASS_DOMAIN, + DOMAIN__CREATE, NULL); + if ( rc ) + return rc; - rc = avc_has_perm(dsec1->sid, ssidref, SECCLASS_DOMAIN, - DOMAIN__CREATE, NULL); - if ( rc ) - return rc; + dsec->sid = ssidref; + } + dsec->self_sid = dsec->sid; - dsec2->sid = ssidref; + rc = security_transition_sid(dsec->sid, dsec->sid, SECCLASS_DOMAIN, + &dsec->self_sid); return rc; } static int flask_max_vcpus(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__MAX_VCPUS); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__MAX_VCPUS); } static int flask_destroydomain(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__DESTROY); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__DESTROY); } static int flask_vcpuaffinity(int cmd, struct domain *d) @@ -537,7 +553,7 @@ static int flask_vcpuaffinity(int cmd, s return -EPERM; } - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, perm ); + return current_has_perm(d, SECCLASS_DOMAIN, perm ); } static int flask_scheduler(struct domain *d) @@ -548,43 +564,51 @@ static int flask_scheduler(struct domain if ( rc ) return rc; - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__SCHEDULER); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SCHEDULER); } static int flask_getdomaininfo(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__GETDOMAININFO); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETDOMAININFO); } static int flask_getvcpucontext(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__GETVCPUCONTEXT); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETVCPUCONTEXT); } static int flask_getvcpuinfo(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__GETVCPUINFO); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETVCPUINFO); } static int flask_domain_settime(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__SETTIME); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETTIME); } -static int flask_set_target(struct domain *d, struct domain *e) +static int flask_set_target(struct domain *d, struct domain *t) { int rc; - rc = domain_has_perm(current->domain, d, SECCLASS_DOMAIN2, DOMAIN2__MAKE_PRIV_FOR); + struct domain_security_struct *dsec, *tsec; + dsec = d->ssid; + tsec = t->ssid; + + rc = current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__MAKE_PRIV_FOR); if ( rc ) return rc; - rc = domain_has_perm(current->domain, e, SECCLASS_DOMAIN2, DOMAIN2__SET_AS_TARGET); + rc = current_has_perm(t, SECCLASS_DOMAIN2, DOMAIN2__SET_AS_TARGET); if ( rc ) return rc; - return domain_has_perm(d, e, SECCLASS_DOMAIN, DOMAIN__SET_TARGET); + /* Use avc_has_perm to avoid resolving target/current SID */ + rc = avc_has_perm(dsec->sid, tsec->sid, SECCLASS_DOMAIN, DOMAIN__SET_TARGET, NULL); + if ( rc ) + return rc; + + /* (tsec, dsec) defaults the label to tsec, as it should here */ + rc = security_transition_sid(tsec->sid, dsec->sid, SECCLASS_DOMAIN, + &dsec->target_sid); + return rc; } static int flask_domctl(struct domain *d, int cmd) @@ -655,26 +679,24 @@ static int flask_domctl(struct domain *d case XEN_DOMCTL_gdbsx_pausevcpu: case XEN_DOMCTL_gdbsx_unpausevcpu: case XEN_DOMCTL_gdbsx_domstatus: - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__SETDEBUGGING); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETDEBUGGING); case XEN_DOMCTL_subscribe: case XEN_DOMCTL_disable_migrate: case XEN_DOMCTL_suppress_spurious_page_faults: - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__SET_MISC_INFO); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SET_MISC_INFO); case XEN_DOMCTL_set_cpuid: - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN2, DOMAIN2__SET_CPUID); + return current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__SET_CPUID); case XEN_DOMCTL_gettscinfo: - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN2, DOMAIN2__GETTSC); + return current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__GETTSC); case XEN_DOMCTL_settscinfo: - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN2, DOMAIN2__SETTSC); + return current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__SETTSC); case XEN_DOMCTL_audit_p2m: - return domain_has_perm(current->domain, d, SECCLASS_HVM, HVM__AUDIT_P2M); + return current_has_perm(d, SECCLASS_HVM, HVM__AUDIT_P2M); default: printk("flask_domctl: Unknown op %d\n", cmd); @@ -716,7 +738,7 @@ static int flask_sysctl(int cmd) static int flask_set_virq_handler(struct domain *d, uint32_t virq) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__SET_VIRQ_HANDLER); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SET_VIRQ_HANDLER); } static int flask_tbufcontrol(void) @@ -741,20 +763,17 @@ static int flask_sched_id(void) static int flask_setdomainmaxmem(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__SETDOMAINMAXMEM); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETDOMAINMAXMEM); } static int flask_setdomainhandle(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__SETDOMAINHANDLE); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETDOMAINHANDLE); } static int flask_setdebugging(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__SETDEBUGGING); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETDEBUGGING); } static int flask_debug_keys(void) @@ -816,14 +835,12 @@ static char *flask_show_irq_sid (int irq static int flask_map_domain_pirq (struct domain *d, int irq, void *data) { - u32 sid; + u32 sid, dsid; int rc = -EPERM; struct msi_info *msi = data; - - struct domain_security_struct *ssec, *tsec; struct avc_audit_data ad; - rc = domain_has_perm(current->domain, d, SECCLASS_RESOURCE, RESOURCE__ADD); + rc = current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__ADD); if ( rc ) return rc; @@ -839,14 +856,13 @@ static int flask_map_domain_pirq (struct if ( rc ) return rc; - ssec = current->domain->ssid; - tsec = d->ssid; + dsid = domain_sid(d); - rc = avc_has_perm(ssec->sid, sid, SECCLASS_RESOURCE, RESOURCE__ADD_IRQ, &ad); + rc = avc_current_has_perm(sid, SECCLASS_RESOURCE, RESOURCE__ADD_IRQ, &ad); if ( rc ) return rc; - rc = avc_has_perm(tsec->sid, sid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); + rc = avc_has_perm(dsid, sid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); return rc; } @@ -854,16 +870,12 @@ static int flask_unmap_domain_pirq (stru { u32 sid; int rc = -EPERM; - - struct domain_security_struct *ssec; struct avc_audit_data ad; - rc = domain_has_perm(current->domain, d, SECCLASS_RESOURCE, RESOURCE__REMOVE); + rc = current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__REMOVE); if ( rc ) return rc; - ssec = current->domain->ssid; - if ( irq < nr_static_irqs ) { rc = get_irq_sid(irq, &sid, &ad); } else { @@ -874,19 +886,19 @@ static int flask_unmap_domain_pirq (stru if ( rc ) return rc; - rc = avc_has_perm(ssec->sid, sid, SECCLASS_RESOURCE, RESOURCE__REMOVE_IRQ, &ad); + rc = avc_current_has_perm(sid, SECCLASS_RESOURCE, RESOURCE__REMOVE_IRQ, &ad); return rc; } static int flask_irq_permission (struct domain *d, int pirq, uint8_t access) { /* the PIRQ number is not useful; real IRQ is checked during mapping */ - return domain_has_perm(current->domain, d, SECCLASS_RESOURCE, - resource_to_perm(access)); + return current_has_perm(d, SECCLASS_RESOURCE, resource_to_perm(access)); } struct iomem_has_perm_data { - struct domain_security_struct *ssec, *tsec; + u32 ssid; + u32 dsid; u32 perm; }; @@ -900,12 +912,12 @@ static int _iomem_has_perm(void *v, u32 ad.range.start = start; ad.range.end = end; - rc = avc_has_perm(data->ssec->sid, sid, SECCLASS_RESOURCE, data->perm, &ad); + rc = avc_has_perm(data->ssid, sid, SECCLASS_RESOURCE, data->perm, &ad); if ( rc ) return rc; - return avc_has_perm(data->tsec->sid, sid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); + return avc_has_perm(data->dsid, sid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); } static int flask_iomem_permission(struct domain *d, uint64_t start, uint64_t end, uint8_t access) @@ -913,7 +925,7 @@ static int flask_iomem_permission(struct struct iomem_has_perm_data data; int rc; - rc = domain_has_perm(current->domain, d, SECCLASS_RESOURCE, + rc = current_has_perm(d, SECCLASS_RESOURCE, resource_to_perm(access)); if ( rc ) return rc; @@ -923,8 +935,8 @@ static int flask_iomem_permission(struct else data.perm = RESOURCE__REMOVE_IOMEM; - data.ssec = current->domain->ssid; - data.tsec = d->ssid; + data.ssid = domain_sid(current->domain); + data.dsid = domain_sid(d); return security_iterate_iomem_sids(start, end, _iomem_has_perm, &data); } @@ -936,10 +948,9 @@ static int flask_iomem_mapping(struct do static int flask_pci_config_permission(struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access) { - u32 rsid; + u32 dsid, rsid; int rc = -EPERM; struct avc_audit_data ad; - struct domain_security_struct *ssec; u32 perm = RESOURCE__USE; rc = security_device_sid(machine_bdf, &rsid); @@ -952,33 +963,24 @@ static int flask_pci_config_permission(s AVC_AUDIT_DATA_INIT(&ad, DEV); ad.device = (unsigned long) machine_bdf; - ssec = d->ssid; - return avc_has_perm(ssec->sid, rsid, SECCLASS_RESOURCE, perm, &ad); + dsid = domain_sid(d); + return avc_has_perm(dsid, rsid, SECCLASS_RESOURCE, perm, &ad); } static int flask_resource_plug_core(void) { - struct domain_security_struct *ssec; - - ssec = current->domain->ssid; - return avc_has_perm(ssec->sid, SECINITSID_DOMXEN, SECCLASS_RESOURCE, RESOURCE__PLUG, NULL); + return avc_current_has_perm(SECINITSID_DOMXEN, SECCLASS_RESOURCE, RESOURCE__PLUG, NULL); } static int flask_resource_unplug_core(void) { - struct domain_security_struct *ssec; - - ssec = current->domain->ssid; - return avc_has_perm(ssec->sid, SECINITSID_DOMXEN, SECCLASS_RESOURCE, RESOURCE__UNPLUG, NULL); + return avc_current_has_perm(SECINITSID_DOMXEN, SECCLASS_RESOURCE, RESOURCE__UNPLUG, NULL); } static int flask_resource_use_core(void) { - struct domain_security_struct *ssec; - - ssec = current->domain->ssid; - return avc_has_perm(ssec->sid, SECINITSID_DOMXEN, SECCLASS_RESOURCE, RESOURCE__USE, NULL); + return avc_current_has_perm(SECINITSID_DOMXEN, SECCLASS_RESOURCE, RESOURCE__USE, NULL); } static int flask_resource_plug_pci(uint32_t machine_bdf) @@ -986,7 +988,6 @@ static int flask_resource_plug_pci(uint3 u32 rsid; int rc = -EPERM; struct avc_audit_data ad; - struct domain_security_struct *ssec; rc = security_device_sid(machine_bdf, &rsid); if ( rc ) @@ -994,8 +995,7 @@ static int flask_resource_plug_pci(uint3 AVC_AUDIT_DATA_INIT(&ad, DEV); ad.device = (unsigned long) machine_bdf; - ssec = current->domain->ssid; - return avc_has_perm(ssec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__PLUG, &ad); + return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__PLUG, &ad); } static int flask_resource_unplug_pci(uint32_t machine_bdf) @@ -1003,7 +1003,6 @@ static int flask_resource_unplug_pci(uin u32 rsid; int rc = -EPERM; struct avc_audit_data ad; - struct domain_security_struct *ssec; rc = security_device_sid(machine_bdf, &rsid); if ( rc ) @@ -1011,8 +1010,7 @@ static int flask_resource_unplug_pci(uin AVC_AUDIT_DATA_INIT(&ad, DEV); ad.device = (unsigned long) machine_bdf; - ssec = current->domain->ssid; - return avc_has_perm(ssec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__UNPLUG, &ad); + return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__UNPLUG, &ad); } static int flask_resource_setup_pci(uint32_t machine_bdf) @@ -1020,7 +1018,6 @@ static int flask_resource_setup_pci(uint u32 rsid; int rc = -EPERM; struct avc_audit_data ad; - struct domain_security_struct *ssec; rc = security_device_sid(machine_bdf, &rsid); if ( rc ) @@ -1028,8 +1025,7 @@ static int flask_resource_setup_pci(uint AVC_AUDIT_DATA_INIT(&ad, DEV); ad.device = (unsigned long) machine_bdf; - ssec = current->domain->ssid; - return avc_has_perm(ssec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__SETUP, &ad); + return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__SETUP, &ad); } static int flask_resource_setup_gsi(int gsi) @@ -1037,22 +1033,17 @@ static int flask_resource_setup_gsi(int u32 rsid; int rc = -EPERM; struct avc_audit_data ad; - struct domain_security_struct *ssec; rc = get_irq_sid(gsi, &rsid, &ad); if ( rc ) return rc; - ssec = current->domain->ssid; - return avc_has_perm(ssec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__SETUP, &ad); + return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__SETUP, &ad); } static int flask_resource_setup_misc(void) { - struct domain_security_struct *ssec; - - ssec = current->domain->ssid; - return avc_has_perm(ssec->sid, SECINITSID_XEN, SECCLASS_RESOURCE, RESOURCE__SETUP, NULL); + return avc_current_has_perm(SECINITSID_XEN, SECCLASS_RESOURCE, RESOURCE__SETUP, NULL); } static inline int flask_page_offline(uint32_t cmd) @@ -1115,11 +1106,12 @@ static int flask_shadow_control(struct d return -EPERM; } - return domain_has_perm(current->domain, d, SECCLASS_SHADOW, perm); + return current_has_perm(d, SECCLASS_SHADOW, perm); } struct ioport_has_perm_data { - struct domain_security_struct *ssec, *tsec; + u32 ssid; + u32 dsid; u32 perm; }; @@ -1133,12 +1125,12 @@ static int _ioport_has_perm(void *v, u32 ad.range.start = start; ad.range.end = end; - rc = avc_has_perm(data->ssec->sid, sid, SECCLASS_RESOURCE, data->perm, &ad); + rc = avc_has_perm(data->ssid, sid, SECCLASS_RESOURCE, data->perm, &ad); if ( rc ) return rc; - return avc_has_perm(data->tsec->sid, sid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); + return avc_has_perm(data->dsid, sid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); } static int flask_ioport_permission(struct domain *d, uint32_t start, uint32_t end, uint8_t access) @@ -1146,7 +1138,7 @@ static int flask_ioport_permission(struc int rc; struct ioport_has_perm_data data; - rc = domain_has_perm(current->domain, d, SECCLASS_RESOURCE, + rc = current_has_perm(d, SECCLASS_RESOURCE, resource_to_perm(access)); if ( rc ) @@ -1157,8 +1149,8 @@ static int flask_ioport_permission(struc else data.perm = RESOURCE__REMOVE_IOPORT; - data.ssec = current->domain->ssid; - data.tsec = d->ssid; + data.ssid = domain_sid(current->domain); + data.dsid = domain_sid(d); return security_iterate_ioport_sids(start, end, _ioport_has_perm, &data); } @@ -1170,18 +1162,17 @@ static int flask_ioport_mapping(struct d static int flask_getpageframeinfo(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_MMU, MMU__PAGEINFO); + return current_has_perm(d, SECCLASS_MMU, MMU__PAGEINFO); } static int flask_getmemlist(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_MMU, MMU__PAGELIST); + return current_has_perm(d, SECCLASS_MMU, MMU__PAGELIST); } static int flask_hypercall_init(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__HYPERCALL); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__HYPERCALL); } static int flask_hvmcontext(struct domain *d, uint32_t cmd) @@ -1204,7 +1195,7 @@ static int flask_hvmcontext(struct domai return -EPERM; } - return domain_has_perm(current->domain, d, SECCLASS_HVM, perm); + return current_has_perm(d, SECCLASS_HVM, perm); } static int flask_address_size(struct domain *d, uint32_t cmd) @@ -1223,7 +1214,7 @@ static int flask_address_size(struct dom return -EPERM; } - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, perm); + return current_has_perm(d, SECCLASS_DOMAIN, perm); } static int flask_machine_address_size(struct domain *d, uint32_t cmd) @@ -1264,37 +1255,37 @@ static int flask_hvm_param(struct domain perm = HVM__HVMCTL; } - return domain_has_perm(current->domain, d, SECCLASS_HVM, perm); + return current_has_perm(d, SECCLASS_HVM, perm); } static int flask_hvm_set_pci_intx_level(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_HVM, HVM__PCILEVEL); + return current_has_perm(d, SECCLASS_HVM, HVM__PCILEVEL); } static int flask_hvm_set_isa_irq_level(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_HVM, HVM__IRQLEVEL); + return current_has_perm(d, SECCLASS_HVM, HVM__IRQLEVEL); } static int flask_hvm_set_pci_link_route(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_HVM, HVM__PCIROUTE); + return current_has_perm(d, SECCLASS_HVM, HVM__PCIROUTE); } static int flask_hvm_inject_msi(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_HVM, HVM__SEND_IRQ); + return current_has_perm(d, SECCLASS_HVM, HVM__SEND_IRQ); } static int flask_mem_event(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_HVM, HVM__MEM_EVENT); + return current_has_perm(d, SECCLASS_HVM, HVM__MEM_EVENT); } static int flask_mem_sharing(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_HVM, HVM__MEM_SHARING); + return current_has_perm(d, SECCLASS_HVM, HVM__MEM_SHARING); } static int flask_apic(struct domain *d, int cmd) @@ -1356,11 +1347,7 @@ static int flask_physinfo(void) static int flask_platform_quirk(uint32_t quirk) { - struct domain_security_struct *dsec; - dsec = current->domain->ssid; - - return avc_has_perm(dsec->sid, SECINITSID_XEN, SECCLASS_XEN, - XEN__QUIRK, NULL); + return avc_current_has_perm(SECINITSID_XEN, SECCLASS_XEN, XEN__QUIRK, NULL); } static int flask_platform_op(uint32_t op) @@ -1422,16 +1409,12 @@ static int flask_getidletime(void) static int flask_machine_memory_map(void) { - struct domain_security_struct *dsec; - dsec = current->domain->ssid; - - return avc_has_perm(dsec->sid, SECINITSID_XEN, SECCLASS_MMU, - MMU__MEMORYMAP, NULL); + return avc_current_has_perm(SECINITSID_XEN, SECCLASS_MMU, MMU__MEMORYMAP, NULL); } static int flask_domain_memory_map(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_MMU, MMU__MEMORYMAP); + return current_has_perm(d, SECCLASS_MMU, MMU__MEMORYMAP); } static int domain_memory_perm(struct domain *d, struct domain *f, l1_pgentry_t pte) @@ -1454,17 +1437,17 @@ static int domain_memory_perm(struct dom if ( f->domain_id == DOMID_IO || !mfn_valid(fmfn) ) { struct avc_audit_data ad; - struct domain_security_struct *dsec = d->ssid; - u32 fsid; + u32 dsid, fsid; + rc = security_iomem_sid(fmfn, &fsid); + if ( rc ) + return rc; AVC_AUDIT_DATA_INIT(&ad, MEMORY); ad.sdom = d; ad.tdom = f; ad.memory.pte = pte.l1; ad.memory.mfn = fmfn; - rc = security_iomem_sid(fmfn, &fsid); - if ( rc ) - return rc; - return avc_has_perm(dsec->sid, fsid, SECCLASS_MMU, map_perms, &ad); + dsid = domain_sid(d); + return avc_has_perm(dsid, fsid, SECCLASS_MMU, map_perms, &ad); } return domain_has_perm(d, f, SECCLASS_MMU, map_perms); @@ -1507,43 +1490,40 @@ static int flask_remove_from_physmap(str static int flask_sendtrigger(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__TRIGGER); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__TRIGGER); } static int flask_get_device_group(uint32_t machine_bdf) { u32 rsid; int rc = -EPERM; - struct domain_security_struct *ssec = current->domain->ssid; rc = security_device_sid(machine_bdf, &rsid); if ( rc ) return rc; - return avc_has_perm(ssec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__STAT_DEVICE, NULL); + return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__STAT_DEVICE, NULL); } static int flask_test_assign_device(uint32_t machine_bdf) { u32 rsid; int rc = -EPERM; - struct domain_security_struct *ssec = current->domain->ssid; rc = security_device_sid(machine_bdf, &rsid); if ( rc ) return rc; - return rc = avc_has_perm(ssec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__STAT_DEVICE, NULL); + return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__STAT_DEVICE, NULL); } static int flask_assign_device(struct domain *d, uint32_t machine_bdf) { - u32 rsid; + u32 dsid, rsid; int rc = -EPERM; - struct domain_security_struct *ssec, *tsec; struct avc_audit_data ad; - rc = domain_has_perm(current->domain, d, SECCLASS_RESOURCE, RESOURCE__ADD); + rc = current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__ADD); if ( rc ) return rc; @@ -1553,22 +1533,20 @@ static int flask_assign_device(struct do AVC_AUDIT_DATA_INIT(&ad, DEV); ad.device = (unsigned long) machine_bdf; - ssec = current->domain->ssid; - rc = avc_has_perm(ssec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__ADD_DEVICE, &ad); + rc = avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__ADD_DEVICE, &ad); if ( rc ) return rc; - tsec = d->ssid; - return avc_has_perm(tsec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); + dsid = domain_sid(d); + return avc_has_perm(dsid, rsid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); } static int flask_deassign_device(struct domain *d, uint32_t machine_bdf) { u32 rsid; int rc = -EPERM; - struct domain_security_struct *ssec = current->domain->ssid; - rc = domain_has_perm(current->domain, d, SECCLASS_RESOURCE, RESOURCE__REMOVE); + rc = current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__REMOVE); if ( rc ) return rc; @@ -1576,18 +1554,17 @@ static int flask_deassign_device(struct if ( rc ) return rc; - return rc = avc_has_perm(ssec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__REMOVE_DEVICE, NULL); + return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__REMOVE_DEVICE, NULL); } static int flask_bind_pt_irq (struct domain *d, struct xen_domctl_bind_pt_irq *bind) { - u32 rsid; + u32 dsid, rsid; int rc = -EPERM; int irq; - struct domain_security_struct *ssec, *tsec; struct avc_audit_data ad; - rc = domain_has_perm(current->domain, d, SECCLASS_RESOURCE, RESOURCE__ADD); + rc = current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__ADD); if ( rc ) return rc; @@ -1597,23 +1574,22 @@ static int flask_bind_pt_irq (struct dom if ( rc ) return rc; - ssec = current->domain->ssid; - rc = avc_has_perm(ssec->sid, rsid, SECCLASS_HVM, HVM__BIND_IRQ, &ad); + rc = avc_current_has_perm(rsid, SECCLASS_HVM, HVM__BIND_IRQ, &ad); if ( rc ) return rc; - tsec = d->ssid; - return avc_has_perm(tsec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); + dsid = domain_sid(d); + return avc_has_perm(dsid, rsid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); } static int flask_unbind_pt_irq (struct domain *d, struct xen_domctl_bind_pt_irq *bind) { - return domain_has_perm(current->domain, d, SECCLASS_RESOURCE, RESOURCE__REMOVE); + return current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__REMOVE); } static int flask_pin_mem_cacheattr (struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_HVM, HVM__CACHEATTR); + return current_has_perm(d, SECCLASS_HVM, HVM__CACHEATTR); } static int flask_ext_vcpucontext (struct domain *d, uint32_t cmd) @@ -1632,7 +1608,7 @@ static int flask_ext_vcpucontext (struct return -EPERM; } - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, perm); + return current_has_perm(d, SECCLASS_DOMAIN, perm); } static int flask_vcpuextstate (struct domain *d, uint32_t cmd) @@ -1651,7 +1627,7 @@ static int flask_vcpuextstate (struct do return -EPERM; } - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, perm); + return current_has_perm(d, SECCLASS_DOMAIN, perm); } #endif diff -r 5df501c84253 -r b0ab408cb0b9 xen/xsm/flask/include/objsec.h --- a/xen/xsm/flask/include/objsec.h Fri Jan 11 10:37:47 2013 +0000 +++ b/xen/xsm/flask/include/objsec.h Fri Jan 11 10:38:39 2013 +0000 @@ -19,6 +19,8 @@ struct domain_security_struct { u32 sid; /* current SID */ + u32 self_sid; /* SID for target when operating on DOMID_SELF */ + u32 target_sid; /* SID for device model target domain */ }; struct evtchn_security_struct { _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGM-0007My-Ip; Wed, 16 Jan 2013 08:22:22 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGL-0007KR-8O for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:21 +0000 Received: from [85.158.143.99:61322] by server-2.bemta-4.messagelabs.com id 68/8C-24322-C3366F05; Wed, 16 Jan 2013 08:22:20 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-6.tower-216.messagelabs.com!1358324532!21093448!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 28263 invoked from network); 16 Jan 2013 08:22:19 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-6.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:19 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOG9-0003qx-S6 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOG9-0000YE-LK for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:09 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:09 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen: convert do_domctl to use XSM X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357898985 0 # Node ID fd939d1a9b306b5e219fd1080eefdcd1c47cfcb0 # Parent ba386fd2bf17fd30e8215bedc3187c95b8eb9e6b xen: convert do_domctl to use XSM The xsm_domctl hook now covers every domctl, in addition to the more fine-grained XSM hooks in most sub-functions. This also removes the need to special-case XEN_DOMCTL_getdomaininfo. Signed-off-by: Daniel De Graaf Committed-by: Keir Fraser --- diff -r ba386fd2bf17 -r fd939d1a9b30 xen/common/domctl.c --- a/xen/common/domctl.c Fri Jan 11 10:07:19 2013 +0000 +++ b/xen/common/domctl.c Fri Jan 11 10:09:45 2013 +0000 @@ -265,27 +265,9 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe return -ESRCH; } - switch ( op->cmd ) - { - case XEN_DOMCTL_ioport_mapping: - case XEN_DOMCTL_memory_mapping: - case XEN_DOMCTL_bind_pt_irq: - case XEN_DOMCTL_unbind_pt_irq: { - bool_t is_priv = IS_PRIV_FOR(current->domain, d); - if ( !is_priv ) - { - ret = -EPERM; - goto domctl_out_unlock_domonly; - } - break; - } - case XEN_DOMCTL_getdomaininfo: - break; - default: - if ( !IS_PRIV(current->domain) ) - return -EPERM; - break; - } + ret = xsm_domctl(d, op->cmd); + if ( ret ) + goto domctl_out_unlock_domonly; if ( !domctl_lock_acquire() ) { @@ -855,17 +837,13 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe case XEN_DOMCTL_subscribe: { - ret = xsm_domctl(d, op->cmd); - if ( !ret ) - d->suspend_evtchn = op->u.subscribe.port; + d->suspend_evtchn = op->u.subscribe.port; } break; case XEN_DOMCTL_disable_migrate: { - ret = xsm_domctl(d, op->cmd); - if ( !ret ) - d->disable_migrate = op->u.disable_migrate.disable; + d->disable_migrate = op->u.disable_migrate.disable; } break; diff -r ba386fd2bf17 -r fd939d1a9b30 xen/include/xsm/dummy.h --- a/xen/include/xsm/dummy.h Fri Jan 11 10:07:19 2013 +0000 +++ b/xen/include/xsm/dummy.h Fri Jan 11 10:09:45 2013 +0000 @@ -64,8 +64,6 @@ static XSM_INLINE int xsm_scheduler(stru static XSM_INLINE int xsm_getdomaininfo(struct domain *d) { - if ( !IS_PRIV(current->domain) ) - return -EPERM; return 0; } @@ -91,6 +89,20 @@ static XSM_INLINE int xsm_set_target(str static XSM_INLINE int xsm_domctl(struct domain *d, int cmd) { + switch ( cmd ) + { + case XEN_DOMCTL_ioport_mapping: + case XEN_DOMCTL_memory_mapping: + case XEN_DOMCTL_bind_pt_irq: + case XEN_DOMCTL_unbind_pt_irq: { + if ( !IS_PRIV_FOR(current->domain, d) ) + return -EPERM; + break; + } + default: + if ( !IS_PRIV(current->domain) ) + return -EPERM; + } return 0; } diff -r ba386fd2bf17 -r fd939d1a9b30 xen/xsm/flask/hooks.c --- a/xen/xsm/flask/hooks.c Fri Jan 11 10:07:19 2013 +0000 +++ b/xen/xsm/flask/hooks.c Fri Jan 11 10:09:45 2013 +0000 @@ -582,7 +582,90 @@ static int flask_set_target(struct domai static int flask_domctl(struct domain *d, int cmd) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__SET_MISC_INFO); + switch ( cmd ) + { + /* These have individual XSM hooks (common/domctl.c) */ + case XEN_DOMCTL_createdomain: + case XEN_DOMCTL_destroydomain: + case XEN_DOMCTL_pausedomain: + case XEN_DOMCTL_unpausedomain: + case XEN_DOMCTL_getdomaininfo: + case XEN_DOMCTL_setvcpuaffinity: + case XEN_DOMCTL_max_mem: + case XEN_DOMCTL_setvcpucontext: + case XEN_DOMCTL_getvcpucontext: + case XEN_DOMCTL_getvcpuinfo: + case XEN_DOMCTL_max_vcpus: + case XEN_DOMCTL_scheduler_op: + case XEN_DOMCTL_setdomainhandle: + case XEN_DOMCTL_setdebugging: + case XEN_DOMCTL_irq_permission: + case XEN_DOMCTL_iomem_permission: + case XEN_DOMCTL_settimeoffset: + case XEN_DOMCTL_getvcpuaffinity: + case XEN_DOMCTL_resumedomain: + case XEN_DOMCTL_set_target: + case XEN_DOMCTL_set_virq_handler: +#ifdef CONFIG_X86 + /* These have individual XSM hooks (arch/x86/domctl.c) */ + case XEN_DOMCTL_shadow_op: + case XEN_DOMCTL_ioport_permission: + case XEN_DOMCTL_getpageframeinfo: + case XEN_DOMCTL_getpageframeinfo2: + case XEN_DOMCTL_getpageframeinfo3: + case XEN_DOMCTL_getmemlist: + case XEN_DOMCTL_hypercall_init: + case XEN_DOMCTL_sethvmcontext: + case XEN_DOMCTL_gethvmcontext: + case XEN_DOMCTL_gethvmcontext_partial: + case XEN_DOMCTL_set_address_size: + case XEN_DOMCTL_get_address_size: + case XEN_DOMCTL_set_machine_address_size: + case XEN_DOMCTL_get_machine_address_size: + case XEN_DOMCTL_sendtrigger: + case XEN_DOMCTL_bind_pt_irq: + case XEN_DOMCTL_unbind_pt_irq: + case XEN_DOMCTL_memory_mapping: + case XEN_DOMCTL_ioport_mapping: + case XEN_DOMCTL_pin_mem_cacheattr: + case XEN_DOMCTL_set_ext_vcpucontext: + case XEN_DOMCTL_get_ext_vcpucontext: + case XEN_DOMCTL_setvcpuextstate: + case XEN_DOMCTL_getvcpuextstate: + case XEN_DOMCTL_mem_event_op: + case XEN_DOMCTL_mem_sharing_op: + case XEN_DOMCTL_set_access_required: + /* These have individual XSM hooks (drivers/passthrough/iommu.c) */ + case XEN_DOMCTL_get_device_group: + case XEN_DOMCTL_test_assign_device: + case XEN_DOMCTL_assign_device: + case XEN_DOMCTL_deassign_device: +#endif + return 0; + + case XEN_DOMCTL_subscribe: + case XEN_DOMCTL_disable_migrate: + return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, + DOMAIN__SET_MISC_INFO); + + case XEN_DOMCTL_set_cpuid: + case XEN_DOMCTL_suppress_spurious_page_faults: + case XEN_DOMCTL_debug_op: + case XEN_DOMCTL_gettscinfo: + case XEN_DOMCTL_settscinfo: + case XEN_DOMCTL_audit_p2m: + case XEN_DOMCTL_gdbsx_guestmemio: + case XEN_DOMCTL_gdbsx_pausevcpu: + case XEN_DOMCTL_gdbsx_unpausevcpu: + case XEN_DOMCTL_gdbsx_domstatus: + /* TODO add per-subfunction hooks */ + if ( !IS_PRIV(current->domain) ) + return -EPERM; + return 0; + default: + printk("flask_domctl: Unknown op %d\n", cmd); + return -EPERM; + } } static int flask_set_virq_handler(struct domain *d, uint32_t virq) _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGM-0007NF-S1; Wed, 16 Jan 2013 08:22:22 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGL-0007Kl-Bm for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:21 +0000 Received: from [85.158.137.99:12296] by server-1.bemta-3.messagelabs.com id B8/A2-04327-C3366F05; Wed, 16 Jan 2013 08:22:20 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-9.tower-217.messagelabs.com!1358324538!13969404!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 20422 invoked from network); 16 Jan 2013 08:22:19 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-9.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:19 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGI-0003rm-MO for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:18 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGI-0000cL-Kz for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:18 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:18 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xsm/flask: remove unused permissions X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357901417 0 # Node ID fe115341b816ed303df06708dded2b58bf0d5f51 # Parent b35e06c84bd0c3003c0c823f06472abe66122e2e xsm/flask: remove unused permissions Signed-off-by: Daniel De Graaf Committed-by: Keir Fraser --- diff -r b35e06c84bd0 -r fe115341b816 xen/xsm/flask/policy/access_vectors --- a/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:49:49 2013 +0000 +++ b/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:50:17 2013 +0000 @@ -254,8 +254,6 @@ class event send # EVTCHNOP_status; same as _send status -# - notify # when creating an interdomain event channel endpoint: # source = the domain creating the channel (which might not be an endpoint) # target = event channel label @@ -309,16 +307,12 @@ class mmu adjust # XENMEM_{current,maximum}_reservation, XENMEM_maximum_gpfn stat -# - translategp # mmu_update MMU_MACHPHYS_UPDATE updatemp # XENMEM_add_to_physmap, XENMEM_remove_from_physmap physmap # MMUEXT_PIN_L*_TABLE pinpage -# - mfnlist # XENMEM_machine_memory_map (with target xen_t) # XENMEM_set_memory_map (with domain target) memorymap _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGN-0007Ox-PD; Wed, 16 Jan 2013 08:22:23 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGM-0007KR-KN for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:22 +0000 Received: from [85.158.143.99:61518] by server-2.bemta-4.messagelabs.com id 78/9C-24322-E3366F05; Wed, 16 Jan 2013 08:22:22 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-9.tower-216.messagelabs.com!1358324539!28148828!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 7179 invoked from network); 16 Jan 2013 08:22:20 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-9.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:20 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGJ-0003rs-Ma for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:19 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGJ-0000cp-LW for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:19 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:19 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] libxc: x86: ensure that the initial mapping fits into the guest's memory X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1357906947 0 # Node ID ba2d73234d73fc0faa027cd9bdfd3ac90642733c # Parent 84d87ca765be81c215ef3b67d2ed71acfba73553 libxc: x86: ensure that the initial mapping fits into the guest's memory In particular we need to check that adding 512KB of slack and rounding up to a 4MB boundary do not overflow the guest's memory allocation. Otherwise we run off the end of the p2m when building the guest's initial page tables and populate them with garbage. Wei noticed this when build tiny (2MB) mini-os domains. Reported-by: Wei Liu Signed-off-by: Ian Campbell Acked-by: Jan Beulich Committed-by: Ian Campbell --- diff -r 84d87ca765be -r ba2d73234d73 tools/libxc/xc_dom_core.c --- a/tools/libxc/xc_dom_core.c Fri Jan 11 12:22:26 2013 +0000 +++ b/tools/libxc/xc_dom_core.c Fri Jan 11 12:22:27 2013 +0000 @@ -873,7 +873,8 @@ int xc_dom_build_image(struct xc_dom_ima goto err; if ( dom->arch_hooks->count_pgtables ) { - dom->arch_hooks->count_pgtables(dom); + if ( dom->arch_hooks->count_pgtables(dom) != 0 ) + goto err; if ( (dom->pgtables > 0) && (xc_dom_alloc_segment(dom, &dom->pgtables_seg, "page tables", 0, dom->pgtables * page_size) != 0) ) diff -r 84d87ca765be -r ba2d73234d73 tools/libxc/xc_dom_x86.c --- a/tools/libxc/xc_dom_x86.c Fri Jan 11 12:22:26 2013 +0000 +++ b/tools/libxc/xc_dom_x86.c Fri Jan 11 12:22:27 2013 +0000 @@ -82,6 +82,7 @@ static int count_pgtables(struct xc_dom_ { int pages, extra_pages; xen_vaddr_t try_virt_end; + xen_pfn_t try_pfn_end; extra_pages = dom->alloc_bootstack ? 1 : 0; extra_pages += dom->extra_pages; @@ -91,6 +92,17 @@ static int count_pgtables(struct xc_dom_ { try_virt_end = round_up(dom->virt_alloc_end + pages * PAGE_SIZE_X86, bits_to_mask(22)); /* 4MB alignment */ + + try_pfn_end = (try_virt_end - dom->parms.virt_base) >> PAGE_SHIFT_X86; + + if ( try_pfn_end > dom->total_pages ) + { + xc_dom_panic(dom->xch, XC_OUT_OF_MEMORY, + "%s: not enough memory for initial mapping (%#"PRIpfn" > %#"PRIpfn")", + __FUNCTION__, try_pfn_end, dom->total_pages); + return -ENOMEM; + } + dom->pg_l4 = nr_page_tables(dom, dom->parms.virt_base, try_virt_end, l4_bits); dom->pg_l3 = _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGN-0007Ox-PD; Wed, 16 Jan 2013 08:22:23 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGM-0007KR-KN for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:22 +0000 Received: from [85.158.143.99:61518] by server-2.bemta-4.messagelabs.com id 78/9C-24322-E3366F05; Wed, 16 Jan 2013 08:22:22 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-9.tower-216.messagelabs.com!1358324539!28148828!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 7179 invoked from network); 16 Jan 2013 08:22:20 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-9.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:20 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGJ-0003rs-Ma for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:19 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGJ-0000cp-LW for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:19 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:19 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] libxc: x86: ensure that the initial mapping fits into the guest's memory X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1357906947 0 # Node ID ba2d73234d73fc0faa027cd9bdfd3ac90642733c # Parent 84d87ca765be81c215ef3b67d2ed71acfba73553 libxc: x86: ensure that the initial mapping fits into the guest's memory In particular we need to check that adding 512KB of slack and rounding up to a 4MB boundary do not overflow the guest's memory allocation. Otherwise we run off the end of the p2m when building the guest's initial page tables and populate them with garbage. Wei noticed this when build tiny (2MB) mini-os domains. Reported-by: Wei Liu Signed-off-by: Ian Campbell Acked-by: Jan Beulich Committed-by: Ian Campbell --- diff -r 84d87ca765be -r ba2d73234d73 tools/libxc/xc_dom_core.c --- a/tools/libxc/xc_dom_core.c Fri Jan 11 12:22:26 2013 +0000 +++ b/tools/libxc/xc_dom_core.c Fri Jan 11 12:22:27 2013 +0000 @@ -873,7 +873,8 @@ int xc_dom_build_image(struct xc_dom_ima goto err; if ( dom->arch_hooks->count_pgtables ) { - dom->arch_hooks->count_pgtables(dom); + if ( dom->arch_hooks->count_pgtables(dom) != 0 ) + goto err; if ( (dom->pgtables > 0) && (xc_dom_alloc_segment(dom, &dom->pgtables_seg, "page tables", 0, dom->pgtables * page_size) != 0) ) diff -r 84d87ca765be -r ba2d73234d73 tools/libxc/xc_dom_x86.c --- a/tools/libxc/xc_dom_x86.c Fri Jan 11 12:22:26 2013 +0000 +++ b/tools/libxc/xc_dom_x86.c Fri Jan 11 12:22:27 2013 +0000 @@ -82,6 +82,7 @@ static int count_pgtables(struct xc_dom_ { int pages, extra_pages; xen_vaddr_t try_virt_end; + xen_pfn_t try_pfn_end; extra_pages = dom->alloc_bootstack ? 1 : 0; extra_pages += dom->extra_pages; @@ -91,6 +92,17 @@ static int count_pgtables(struct xc_dom_ { try_virt_end = round_up(dom->virt_alloc_end + pages * PAGE_SIZE_X86, bits_to_mask(22)); /* 4MB alignment */ + + try_pfn_end = (try_virt_end - dom->parms.virt_base) >> PAGE_SHIFT_X86; + + if ( try_pfn_end > dom->total_pages ) + { + xc_dom_panic(dom->xch, XC_OUT_OF_MEMORY, + "%s: not enough memory for initial mapping (%#"PRIpfn" > %#"PRIpfn")", + __FUNCTION__, try_pfn_end, dom->total_pages); + return -ENOMEM; + } + dom->pg_l4 = nr_page_tables(dom, dom->parms.virt_base, try_virt_end, l4_bits); dom->pg_l3 = _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGM-0007NF-S1; Wed, 16 Jan 2013 08:22:22 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGL-0007Kl-Bm for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:21 +0000 Received: from [85.158.137.99:12296] by server-1.bemta-3.messagelabs.com id B8/A2-04327-C3366F05; Wed, 16 Jan 2013 08:22:20 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-9.tower-217.messagelabs.com!1358324538!13969404!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 20422 invoked from network); 16 Jan 2013 08:22:19 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-9.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:19 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGI-0003rm-MO for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:18 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGI-0000cL-Kz for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:18 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:18 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xsm/flask: remove unused permissions X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357901417 0 # Node ID fe115341b816ed303df06708dded2b58bf0d5f51 # Parent b35e06c84bd0c3003c0c823f06472abe66122e2e xsm/flask: remove unused permissions Signed-off-by: Daniel De Graaf Committed-by: Keir Fraser --- diff -r b35e06c84bd0 -r fe115341b816 xen/xsm/flask/policy/access_vectors --- a/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:49:49 2013 +0000 +++ b/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:50:17 2013 +0000 @@ -254,8 +254,6 @@ class event send # EVTCHNOP_status; same as _send status -# - notify # when creating an interdomain event channel endpoint: # source = the domain creating the channel (which might not be an endpoint) # target = event channel label @@ -309,16 +307,12 @@ class mmu adjust # XENMEM_{current,maximum}_reservation, XENMEM_maximum_gpfn stat -# - translategp # mmu_update MMU_MACHPHYS_UPDATE updatemp # XENMEM_add_to_physmap, XENMEM_remove_from_physmap physmap # MMUEXT_PIN_L*_TABLE pinpage -# - mfnlist # XENMEM_machine_memory_map (with target xen_t) # XENMEM_set_memory_map (with domain target) memorymap _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:26 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:26 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGP-0007Sx-MJ; Wed, 16 Jan 2013 08:22:25 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGN-0007LM-Qv for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:24 +0000 Received: from [85.158.143.99:32706] by server-1.bemta-4.messagelabs.com id 22/54-18740-F3366F05; Wed, 16 Jan 2013 08:22:23 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-4.tower-216.messagelabs.com!1358324541!22850546!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 10461 invoked from network); 16 Jan 2013 08:22:22 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-4.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:22 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGL-0003s4-Mm for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:21 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGL-0000dn-Lh for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:21 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:21 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] tools/ocaml: libxc bindings: Correct PCI terminology X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Andrew Cooper # Date 1357906950 0 # Node ID c3c683a439aee86b3de38ea54205a6faee6b6429 # Parent 56daf05bcf69db56476bb7b97600292e791253c3 tools/ocaml: libxc bindings: Correct PCI terminology Some renaming to correct the PCI and SBDF terminology. No functional change. Signed-off-by: Andrew Cooper Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r 56daf05bcf69 -r c3c683a439ae tools/ocaml/libs/xc/xenctrl_stubs.c --- a/tools/ocaml/libs/xc/xenctrl_stubs.c Fri Jan 11 12:22:29 2013 +0000 +++ b/tools/ocaml/libs/xc/xenctrl_stubs.c Fri Jan 11 12:22:30 2013 +0000 @@ -1083,11 +1083,11 @@ CAMLprim value stub_xc_domain_irq_permis CAMLreturn(Val_unit); } -static uint32_t pci_dev_to_bdf(int domain, int bus, int slot, int func) +static uint32_t encode_sbdf(int domain, int bus, int dev, int func) { return ((uint32_t)domain & 0xffff) << 16 | ((uint32_t)bus & 0xff) << 8 | - ((uint32_t)slot & 0x1f) << 3 | + ((uint32_t)dev & 0x1f) << 3 | ((uint32_t)func & 0x7); } @@ -1095,16 +1095,16 @@ CAMLprim value stub_xc_domain_test_assig { CAMLparam3(xch, domid, desc); int ret; - int domain, bus, slot, func; - uint32_t bdf; + int domain, bus, dev, func; + uint32_t sbdf; domain = Int_val(Field(desc, 0)); bus = Int_val(Field(desc, 1)); - slot = Int_val(Field(desc, 2)); + dev = Int_val(Field(desc, 2)); func = Int_val(Field(desc, 3)); - bdf = pci_dev_to_bdf(domain, bus, slot, func); + sbdf = encode_sbdf(domain, bus, dev, func); - ret = xc_test_assign_device(_H(xch), _D(domid), bdf); + ret = xc_test_assign_device(_H(xch), _D(domid), sbdf); CAMLreturn(Val_bool(ret == 0)); } @@ -1113,16 +1113,16 @@ CAMLprim value stub_xc_domain_assign_dev { CAMLparam3(xch, domid, desc); int ret; - int domain, bus, slot, func; - uint32_t bdf; + int domain, bus, dev, func; + uint32_t sbdf; domain = Int_val(Field(desc, 0)); bus = Int_val(Field(desc, 1)); - slot = Int_val(Field(desc, 2)); + dev = Int_val(Field(desc, 2)); func = Int_val(Field(desc, 3)); - bdf = pci_dev_to_bdf(domain, bus, slot, func); + sbdf = encode_sbdf(domain, bus, dev, func); - ret = xc_assign_device(_H(xch), _D(domid), bdf); + ret = xc_assign_device(_H(xch), _D(domid), sbdf); if (ret < 0) failwith_xc(_H(xch)); @@ -1133,16 +1133,16 @@ CAMLprim value stub_xc_domain_deassign_d { CAMLparam3(xch, domid, desc); int ret; - int domain, bus, slot, func; - uint32_t bdf; + int domain, bus, dev, func; + uint32_t sbdf; domain = Int_val(Field(desc, 0)); bus = Int_val(Field(desc, 1)); - slot = Int_val(Field(desc, 2)); + dev = Int_val(Field(desc, 2)); func = Int_val(Field(desc, 3)); - bdf = pci_dev_to_bdf(domain, bus, slot, func); + sbdf = encode_sbdf(domain, bus, dev, func); - ret = xc_deassign_device(_H(xch), _D(domid), bdf); + ret = xc_deassign_device(_H(xch), _D(domid), sbdf); if (ret < 0) failwith_xc(_H(xch)); _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:26 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:26 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGP-0007So-H3; Wed, 16 Jan 2013 08:22:25 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGN-0007ML-JI for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:23 +0000 Received: from [193.109.254.147:31084] by server-5.bemta-14.messagelabs.com id F4/54-32031-D3366F05; Wed, 16 Jan 2013 08:22:21 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-6.tower-27.messagelabs.com!1358324538!3232621!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 2970 invoked from network); 16 Jan 2013 08:22:18 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-6.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:18 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGH-0003rg-OK for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:17 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGH-0000br-KH for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:17 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:17 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen/xsm: distinguish scheduler get/set operations X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357901350 0 # Node ID 6de4ea938c443b72fa5de426f94e7c842318acd5 # Parent 21f0e200f6b02bd02c4eb4aeae8ff6e84cd5b1d8 xen/xsm: distinguish scheduler get/set operations Add getscheduler and setscheduler permissions to replace the monolithic scheduler permission in the scheduler_op domctl and sysctl. Signed-off-by: Daniel De Graaf Committed-by: Keir Fraser --- diff -r 21f0e200f6b0 -r 6de4ea938c44 tools/flask/policy/policy/modules/xen/xen.if --- a/tools/flask/policy/policy/modules/xen/xen.if Fri Jan 11 10:46:43 2013 +0000 +++ b/tools/flask/policy/policy/modules/xen/xen.if Fri Jan 11 10:49:10 2013 +0000 @@ -47,9 +47,9 @@ define(`declare_build_label', ` define(`create_domain_common', ` allow $1 $2:domain { create max_vcpus setdomainmaxmem setaddrsize getdomaininfo hypercall setvcpucontext setextvcpucontext - scheduler getvcpuinfo getvcpuextstate getaddrsize + getscheduler getvcpuinfo getvcpuextstate getaddrsize getvcpuaffinity setvcpuaffinity }; - allow $1 $2:domain2 { set_cpuid settsc }; + allow $1 $2:domain2 { set_cpuid settsc setscheduler }; allow $1 $2:security check_context; allow $1 $2:shadow enable; allow $1 $2:mmu { map_read map_write adjust memorymap physmap pinpage mmuext_op }; @@ -79,7 +79,7 @@ define(`create_domain_build_label', ` define(`manage_domain', ` allow $1 $2:domain { getdomaininfo getvcpuinfo getvcpuaffinity getaddrsize pause unpause trigger shutdown destroy - setvcpuaffinity setdomainmaxmem }; + setvcpuaffinity setdomainmaxmem getscheduler }; ') # migrate_domain_out(priv, target) diff -r 21f0e200f6b0 -r 6de4ea938c44 tools/flask/policy/policy/modules/xen/xen.te --- a/tools/flask/policy/policy/modules/xen/xen.te Fri Jan 11 10:46:43 2013 +0000 +++ b/tools/flask/policy/policy/modules/xen/xen.te Fri Jan 11 10:49:10 2013 +0000 @@ -55,8 +55,8 @@ type device_t, resource_type; # ################################################################################ allow dom0_t xen_t:xen { kexec readapic writeapic mtrr_read mtrr_add mtrr_del - scheduler physinfo heap quirk readconsole writeconsole settime getcpuinfo - microcode cpupool_op sched_op pm_op tmem_control }; + physinfo heap quirk readconsole writeconsole settime getcpuinfo + microcode cpupool_op pm_op tmem_control getscheduler setscheduler }; allow dom0_t xen_t:mmu { memorymap }; allow dom0_t security_t:security { check_context compute_av compute_create compute_member load_policy compute_relabel compute_user setenforce diff -r 21f0e200f6b0 -r 6de4ea938c44 xen/common/schedule.c --- a/xen/common/schedule.c Fri Jan 11 10:46:43 2013 +0000 +++ b/xen/common/schedule.c Fri Jan 11 10:49:10 2013 +0000 @@ -1006,7 +1006,11 @@ int sched_id(void) long sched_adjust(struct domain *d, struct xen_domctl_scheduler_op *op) { long ret; - + + ret = xsm_domctl_scheduler_op(XSM_HOOK, d, op->cmd); + if ( ret ) + return ret; + if ( (op->sched_id != DOM2OP(d)->sched_id) || ((op->cmd != XEN_DOMCTL_SCHEDOP_putinfo) && (op->cmd != XEN_DOMCTL_SCHEDOP_getinfo)) ) @@ -1025,6 +1029,10 @@ long sched_adjust_global(struct xen_sysc struct cpupool *pool; int rc; + rc = xsm_sysctl_scheduler_op(XSM_HOOK, op->cmd); + if ( rc ) + return rc; + if ( (op->cmd != XEN_DOMCTL_SCHEDOP_putinfo) && (op->cmd != XEN_DOMCTL_SCHEDOP_getinfo) ) return -EINVAL; diff -r 21f0e200f6b0 -r 6de4ea938c44 xen/include/xsm/dummy.h --- a/xen/include/xsm/dummy.h Fri Jan 11 10:46:43 2013 +0000 +++ b/xen/include/xsm/dummy.h Fri Jan 11 10:49:10 2013 +0000 @@ -95,6 +95,18 @@ static XSM_INLINE int xsm_getdomaininfo( return xsm_default_action(action, current->domain, d); } +static XSM_INLINE int xsm_domctl_scheduler_op(XSM_DEFAULT_ARG struct domain *d, int cmd) +{ + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); +} + +static XSM_INLINE int xsm_sysctl_scheduler_op(XSM_DEFAULT_ARG int cmd) +{ + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); +} + static XSM_INLINE int xsm_set_target(XSM_DEFAULT_ARG struct domain *d, struct domain *e) { XSM_ASSERT_ACTION(XSM_HOOK); diff -r 21f0e200f6b0 -r 6de4ea938c44 xen/include/xsm/xsm.h --- a/xen/include/xsm/xsm.h Fri Jan 11 10:46:43 2013 +0000 +++ b/xen/include/xsm/xsm.h Fri Jan 11 10:49:10 2013 +0000 @@ -55,6 +55,8 @@ struct xsm_operations { struct xen_domctl_getdomaininfo *info); int (*domain_create) (struct domain *d, u32 ssidref); int (*getdomaininfo) (struct domain *d); + int (*domctl_scheduler_op) (struct domain *d, int op); + int (*sysctl_scheduler_op) (int op); int (*set_target) (struct domain *d, struct domain *e); int (*domctl) (struct domain *d, int cmd); int (*sysctl) (int cmd); @@ -177,6 +179,16 @@ static inline int xsm_getdomaininfo (xsm return xsm_ops->getdomaininfo(d); } +static inline int xsm_domctl_scheduler_op (xsm_default_t def, struct domain *d, int cmd) +{ + return xsm_ops->domctl_scheduler_op(d, cmd); +} + +static inline int xsm_sysctl_scheduler_op (xsm_default_t def, int cmd) +{ + return xsm_ops->sysctl_scheduler_op(cmd); +} + static inline int xsm_set_target (xsm_default_t def, struct domain *d, struct domain *e) { return xsm_ops->set_target(d, e); diff -r 21f0e200f6b0 -r 6de4ea938c44 xen/xsm/dummy.c --- a/xen/xsm/dummy.c Fri Jan 11 10:46:43 2013 +0000 +++ b/xen/xsm/dummy.c Fri Jan 11 10:49:10 2013 +0000 @@ -32,6 +32,8 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, security_domaininfo); set_to_dummy_if_null(ops, domain_create); set_to_dummy_if_null(ops, getdomaininfo); + set_to_dummy_if_null(ops, domctl_scheduler_op); + set_to_dummy_if_null(ops, sysctl_scheduler_op); set_to_dummy_if_null(ops, set_target); set_to_dummy_if_null(ops, domctl); set_to_dummy_if_null(ops, sysctl); diff -r 21f0e200f6b0 -r 6de4ea938c44 xen/xsm/flask/hooks.c --- a/xen/xsm/flask/hooks.c Fri Jan 11 10:46:43 2013 +0000 +++ b/xen/xsm/flask/hooks.c Fri Jan 11 10:49:10 2013 +0000 @@ -517,6 +517,38 @@ static int flask_getdomaininfo(struct do return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETDOMAININFO); } +static int flask_domctl_scheduler_op(struct domain *d, int op) +{ + switch ( op ) + { + case XEN_DOMCTL_SCHEDOP_putinfo: + return current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__SETSCHEDULER); + + case XEN_DOMCTL_SCHEDOP_getinfo: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETSCHEDULER); + + default: + printk("flask_domctl_scheduler_op: Unknown op %d\n", op); + return -EPERM; + } +} + +static int flask_sysctl_scheduler_op(int op) +{ + switch ( op ) + { + case XEN_DOMCTL_SCHEDOP_putinfo: + return domain_has_xen(current->domain, XEN__SETSCHEDULER); + + case XEN_DOMCTL_SCHEDOP_getinfo: + return domain_has_xen(current->domain, XEN__GETSCHEDULER); + + default: + printk("flask_domctl_scheduler_op: Unknown op %d\n", op); + return -EPERM; + } +} + static int flask_set_target(struct domain *d, struct domain *t) { int rc; @@ -548,6 +580,7 @@ static int flask_domctl(struct domain *d /* These have individual XSM hooks (common/domctl.c) */ case XEN_DOMCTL_createdomain: case XEN_DOMCTL_getdomaininfo: + case XEN_DOMCTL_scheduler_op: case XEN_DOMCTL_irq_permission: case XEN_DOMCTL_iomem_permission: case XEN_DOMCTL_set_target: @@ -586,9 +619,6 @@ static int flask_domctl(struct domain *d case XEN_DOMCTL_resumedomain: return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__RESUME); - case XEN_DOMCTL_scheduler_op: - return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SCHEDULER); - case XEN_DOMCTL_max_vcpus: return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__MAX_VCPUS); @@ -704,6 +734,7 @@ static int flask_sysctl(int cmd) case XEN_SYSCTL_readconsole: case XEN_SYSCTL_getdomaininfolist: case XEN_SYSCTL_page_offline_op: + case XEN_SYSCTL_scheduler_op: #ifdef CONFIG_X86 case XEN_SYSCTL_cpu_hotplug: #endif @@ -713,7 +744,7 @@ static int flask_sysctl(int cmd) return domain_has_xen(current->domain, XEN__TBUFCONTROL); case XEN_SYSCTL_sched_id: - return domain_has_xen(current->domain, XEN__SCHEDULER); + return domain_has_xen(current->domain, XEN__GETSCHEDULER); case XEN_SYSCTL_perfc_op: return domain_has_xen(current->domain, XEN__PERFCONTROL); @@ -739,9 +770,6 @@ static int flask_sysctl(int cmd) case XEN_SYSCTL_cpupool_op: return domain_has_xen(current->domain, XEN__CPUPOOL_OP); - case XEN_SYSCTL_scheduler_op: - return domain_has_xen(current->domain, XEN__SCHED_OP); - case XEN_SYSCTL_physinfo: case XEN_SYSCTL_topologyinfo: case XEN_SYSCTL_numainfo: @@ -1408,6 +1436,8 @@ static struct xsm_operations flask_ops = .security_domaininfo = flask_security_domaininfo, .domain_create = flask_domain_create, .getdomaininfo = flask_getdomaininfo, + .domctl_scheduler_op = flask_domctl_scheduler_op, + .sysctl_scheduler_op = flask_sysctl_scheduler_op, .set_target = flask_set_target, .domctl = flask_domctl, .sysctl = flask_sysctl, diff -r 21f0e200f6b0 -r 6de4ea938c44 xen/xsm/flask/policy/access_vectors --- a/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:46:43 2013 +0000 +++ b/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:49:10 2013 +0000 @@ -5,7 +5,6 @@ class xen { - scheduler settime tbufcontrol readconsole @@ -34,9 +33,10 @@ class xen mca_op lockprof cpupool_op - sched_op tmem_op tmem_control + getscheduler + setscheduler } class domain @@ -51,7 +51,7 @@ class domain destroy setvcpuaffinity getvcpuaffinity - scheduler + getscheduler getdomaininfo getvcpuinfo getvcpucontext @@ -85,6 +85,7 @@ class domain2 set_cpuid gettsc settsc + setscheduler } class hvm _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:26 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:26 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGP-0007So-H3; Wed, 16 Jan 2013 08:22:25 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGN-0007ML-JI for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:23 +0000 Received: from [193.109.254.147:31084] by server-5.bemta-14.messagelabs.com id F4/54-32031-D3366F05; Wed, 16 Jan 2013 08:22:21 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-6.tower-27.messagelabs.com!1358324538!3232621!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 2970 invoked from network); 16 Jan 2013 08:22:18 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-6.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:18 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGH-0003rg-OK for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:17 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGH-0000br-KH for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:17 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:17 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen/xsm: distinguish scheduler get/set operations X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357901350 0 # Node ID 6de4ea938c443b72fa5de426f94e7c842318acd5 # Parent 21f0e200f6b02bd02c4eb4aeae8ff6e84cd5b1d8 xen/xsm: distinguish scheduler get/set operations Add getscheduler and setscheduler permissions to replace the monolithic scheduler permission in the scheduler_op domctl and sysctl. Signed-off-by: Daniel De Graaf Committed-by: Keir Fraser --- diff -r 21f0e200f6b0 -r 6de4ea938c44 tools/flask/policy/policy/modules/xen/xen.if --- a/tools/flask/policy/policy/modules/xen/xen.if Fri Jan 11 10:46:43 2013 +0000 +++ b/tools/flask/policy/policy/modules/xen/xen.if Fri Jan 11 10:49:10 2013 +0000 @@ -47,9 +47,9 @@ define(`declare_build_label', ` define(`create_domain_common', ` allow $1 $2:domain { create max_vcpus setdomainmaxmem setaddrsize getdomaininfo hypercall setvcpucontext setextvcpucontext - scheduler getvcpuinfo getvcpuextstate getaddrsize + getscheduler getvcpuinfo getvcpuextstate getaddrsize getvcpuaffinity setvcpuaffinity }; - allow $1 $2:domain2 { set_cpuid settsc }; + allow $1 $2:domain2 { set_cpuid settsc setscheduler }; allow $1 $2:security check_context; allow $1 $2:shadow enable; allow $1 $2:mmu { map_read map_write adjust memorymap physmap pinpage mmuext_op }; @@ -79,7 +79,7 @@ define(`create_domain_build_label', ` define(`manage_domain', ` allow $1 $2:domain { getdomaininfo getvcpuinfo getvcpuaffinity getaddrsize pause unpause trigger shutdown destroy - setvcpuaffinity setdomainmaxmem }; + setvcpuaffinity setdomainmaxmem getscheduler }; ') # migrate_domain_out(priv, target) diff -r 21f0e200f6b0 -r 6de4ea938c44 tools/flask/policy/policy/modules/xen/xen.te --- a/tools/flask/policy/policy/modules/xen/xen.te Fri Jan 11 10:46:43 2013 +0000 +++ b/tools/flask/policy/policy/modules/xen/xen.te Fri Jan 11 10:49:10 2013 +0000 @@ -55,8 +55,8 @@ type device_t, resource_type; # ################################################################################ allow dom0_t xen_t:xen { kexec readapic writeapic mtrr_read mtrr_add mtrr_del - scheduler physinfo heap quirk readconsole writeconsole settime getcpuinfo - microcode cpupool_op sched_op pm_op tmem_control }; + physinfo heap quirk readconsole writeconsole settime getcpuinfo + microcode cpupool_op pm_op tmem_control getscheduler setscheduler }; allow dom0_t xen_t:mmu { memorymap }; allow dom0_t security_t:security { check_context compute_av compute_create compute_member load_policy compute_relabel compute_user setenforce diff -r 21f0e200f6b0 -r 6de4ea938c44 xen/common/schedule.c --- a/xen/common/schedule.c Fri Jan 11 10:46:43 2013 +0000 +++ b/xen/common/schedule.c Fri Jan 11 10:49:10 2013 +0000 @@ -1006,7 +1006,11 @@ int sched_id(void) long sched_adjust(struct domain *d, struct xen_domctl_scheduler_op *op) { long ret; - + + ret = xsm_domctl_scheduler_op(XSM_HOOK, d, op->cmd); + if ( ret ) + return ret; + if ( (op->sched_id != DOM2OP(d)->sched_id) || ((op->cmd != XEN_DOMCTL_SCHEDOP_putinfo) && (op->cmd != XEN_DOMCTL_SCHEDOP_getinfo)) ) @@ -1025,6 +1029,10 @@ long sched_adjust_global(struct xen_sysc struct cpupool *pool; int rc; + rc = xsm_sysctl_scheduler_op(XSM_HOOK, op->cmd); + if ( rc ) + return rc; + if ( (op->cmd != XEN_DOMCTL_SCHEDOP_putinfo) && (op->cmd != XEN_DOMCTL_SCHEDOP_getinfo) ) return -EINVAL; diff -r 21f0e200f6b0 -r 6de4ea938c44 xen/include/xsm/dummy.h --- a/xen/include/xsm/dummy.h Fri Jan 11 10:46:43 2013 +0000 +++ b/xen/include/xsm/dummy.h Fri Jan 11 10:49:10 2013 +0000 @@ -95,6 +95,18 @@ static XSM_INLINE int xsm_getdomaininfo( return xsm_default_action(action, current->domain, d); } +static XSM_INLINE int xsm_domctl_scheduler_op(XSM_DEFAULT_ARG struct domain *d, int cmd) +{ + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); +} + +static XSM_INLINE int xsm_sysctl_scheduler_op(XSM_DEFAULT_ARG int cmd) +{ + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); +} + static XSM_INLINE int xsm_set_target(XSM_DEFAULT_ARG struct domain *d, struct domain *e) { XSM_ASSERT_ACTION(XSM_HOOK); diff -r 21f0e200f6b0 -r 6de4ea938c44 xen/include/xsm/xsm.h --- a/xen/include/xsm/xsm.h Fri Jan 11 10:46:43 2013 +0000 +++ b/xen/include/xsm/xsm.h Fri Jan 11 10:49:10 2013 +0000 @@ -55,6 +55,8 @@ struct xsm_operations { struct xen_domctl_getdomaininfo *info); int (*domain_create) (struct domain *d, u32 ssidref); int (*getdomaininfo) (struct domain *d); + int (*domctl_scheduler_op) (struct domain *d, int op); + int (*sysctl_scheduler_op) (int op); int (*set_target) (struct domain *d, struct domain *e); int (*domctl) (struct domain *d, int cmd); int (*sysctl) (int cmd); @@ -177,6 +179,16 @@ static inline int xsm_getdomaininfo (xsm return xsm_ops->getdomaininfo(d); } +static inline int xsm_domctl_scheduler_op (xsm_default_t def, struct domain *d, int cmd) +{ + return xsm_ops->domctl_scheduler_op(d, cmd); +} + +static inline int xsm_sysctl_scheduler_op (xsm_default_t def, int cmd) +{ + return xsm_ops->sysctl_scheduler_op(cmd); +} + static inline int xsm_set_target (xsm_default_t def, struct domain *d, struct domain *e) { return xsm_ops->set_target(d, e); diff -r 21f0e200f6b0 -r 6de4ea938c44 xen/xsm/dummy.c --- a/xen/xsm/dummy.c Fri Jan 11 10:46:43 2013 +0000 +++ b/xen/xsm/dummy.c Fri Jan 11 10:49:10 2013 +0000 @@ -32,6 +32,8 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, security_domaininfo); set_to_dummy_if_null(ops, domain_create); set_to_dummy_if_null(ops, getdomaininfo); + set_to_dummy_if_null(ops, domctl_scheduler_op); + set_to_dummy_if_null(ops, sysctl_scheduler_op); set_to_dummy_if_null(ops, set_target); set_to_dummy_if_null(ops, domctl); set_to_dummy_if_null(ops, sysctl); diff -r 21f0e200f6b0 -r 6de4ea938c44 xen/xsm/flask/hooks.c --- a/xen/xsm/flask/hooks.c Fri Jan 11 10:46:43 2013 +0000 +++ b/xen/xsm/flask/hooks.c Fri Jan 11 10:49:10 2013 +0000 @@ -517,6 +517,38 @@ static int flask_getdomaininfo(struct do return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETDOMAININFO); } +static int flask_domctl_scheduler_op(struct domain *d, int op) +{ + switch ( op ) + { + case XEN_DOMCTL_SCHEDOP_putinfo: + return current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__SETSCHEDULER); + + case XEN_DOMCTL_SCHEDOP_getinfo: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETSCHEDULER); + + default: + printk("flask_domctl_scheduler_op: Unknown op %d\n", op); + return -EPERM; + } +} + +static int flask_sysctl_scheduler_op(int op) +{ + switch ( op ) + { + case XEN_DOMCTL_SCHEDOP_putinfo: + return domain_has_xen(current->domain, XEN__SETSCHEDULER); + + case XEN_DOMCTL_SCHEDOP_getinfo: + return domain_has_xen(current->domain, XEN__GETSCHEDULER); + + default: + printk("flask_domctl_scheduler_op: Unknown op %d\n", op); + return -EPERM; + } +} + static int flask_set_target(struct domain *d, struct domain *t) { int rc; @@ -548,6 +580,7 @@ static int flask_domctl(struct domain *d /* These have individual XSM hooks (common/domctl.c) */ case XEN_DOMCTL_createdomain: case XEN_DOMCTL_getdomaininfo: + case XEN_DOMCTL_scheduler_op: case XEN_DOMCTL_irq_permission: case XEN_DOMCTL_iomem_permission: case XEN_DOMCTL_set_target: @@ -586,9 +619,6 @@ static int flask_domctl(struct domain *d case XEN_DOMCTL_resumedomain: return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__RESUME); - case XEN_DOMCTL_scheduler_op: - return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SCHEDULER); - case XEN_DOMCTL_max_vcpus: return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__MAX_VCPUS); @@ -704,6 +734,7 @@ static int flask_sysctl(int cmd) case XEN_SYSCTL_readconsole: case XEN_SYSCTL_getdomaininfolist: case XEN_SYSCTL_page_offline_op: + case XEN_SYSCTL_scheduler_op: #ifdef CONFIG_X86 case XEN_SYSCTL_cpu_hotplug: #endif @@ -713,7 +744,7 @@ static int flask_sysctl(int cmd) return domain_has_xen(current->domain, XEN__TBUFCONTROL); case XEN_SYSCTL_sched_id: - return domain_has_xen(current->domain, XEN__SCHEDULER); + return domain_has_xen(current->domain, XEN__GETSCHEDULER); case XEN_SYSCTL_perfc_op: return domain_has_xen(current->domain, XEN__PERFCONTROL); @@ -739,9 +770,6 @@ static int flask_sysctl(int cmd) case XEN_SYSCTL_cpupool_op: return domain_has_xen(current->domain, XEN__CPUPOOL_OP); - case XEN_SYSCTL_scheduler_op: - return domain_has_xen(current->domain, XEN__SCHED_OP); - case XEN_SYSCTL_physinfo: case XEN_SYSCTL_topologyinfo: case XEN_SYSCTL_numainfo: @@ -1408,6 +1436,8 @@ static struct xsm_operations flask_ops = .security_domaininfo = flask_security_domaininfo, .domain_create = flask_domain_create, .getdomaininfo = flask_getdomaininfo, + .domctl_scheduler_op = flask_domctl_scheduler_op, + .sysctl_scheduler_op = flask_sysctl_scheduler_op, .set_target = flask_set_target, .domctl = flask_domctl, .sysctl = flask_sysctl, diff -r 21f0e200f6b0 -r 6de4ea938c44 xen/xsm/flask/policy/access_vectors --- a/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:46:43 2013 +0000 +++ b/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:49:10 2013 +0000 @@ -5,7 +5,6 @@ class xen { - scheduler settime tbufcontrol readconsole @@ -34,9 +33,10 @@ class xen mca_op lockprof cpupool_op - sched_op tmem_op tmem_control + getscheduler + setscheduler } class domain @@ -51,7 +51,7 @@ class domain destroy setvcpuaffinity getvcpuaffinity - scheduler + getscheduler getdomaininfo getvcpuinfo getvcpucontext @@ -85,6 +85,7 @@ class domain2 set_cpuid gettsc settsc + setscheduler } class hvm _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:26 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:26 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGP-0007Sx-MJ; Wed, 16 Jan 2013 08:22:25 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGN-0007LM-Qv for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:24 +0000 Received: from [85.158.143.99:32706] by server-1.bemta-4.messagelabs.com id 22/54-18740-F3366F05; Wed, 16 Jan 2013 08:22:23 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-4.tower-216.messagelabs.com!1358324541!22850546!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 10461 invoked from network); 16 Jan 2013 08:22:22 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-4.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:22 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGL-0003s4-Mm for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:21 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGL-0000dn-Lh for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:21 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:21 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] tools/ocaml: libxc bindings: Correct PCI terminology X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Andrew Cooper # Date 1357906950 0 # Node ID c3c683a439aee86b3de38ea54205a6faee6b6429 # Parent 56daf05bcf69db56476bb7b97600292e791253c3 tools/ocaml: libxc bindings: Correct PCI terminology Some renaming to correct the PCI and SBDF terminology. No functional change. Signed-off-by: Andrew Cooper Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r 56daf05bcf69 -r c3c683a439ae tools/ocaml/libs/xc/xenctrl_stubs.c --- a/tools/ocaml/libs/xc/xenctrl_stubs.c Fri Jan 11 12:22:29 2013 +0000 +++ b/tools/ocaml/libs/xc/xenctrl_stubs.c Fri Jan 11 12:22:30 2013 +0000 @@ -1083,11 +1083,11 @@ CAMLprim value stub_xc_domain_irq_permis CAMLreturn(Val_unit); } -static uint32_t pci_dev_to_bdf(int domain, int bus, int slot, int func) +static uint32_t encode_sbdf(int domain, int bus, int dev, int func) { return ((uint32_t)domain & 0xffff) << 16 | ((uint32_t)bus & 0xff) << 8 | - ((uint32_t)slot & 0x1f) << 3 | + ((uint32_t)dev & 0x1f) << 3 | ((uint32_t)func & 0x7); } @@ -1095,16 +1095,16 @@ CAMLprim value stub_xc_domain_test_assig { CAMLparam3(xch, domid, desc); int ret; - int domain, bus, slot, func; - uint32_t bdf; + int domain, bus, dev, func; + uint32_t sbdf; domain = Int_val(Field(desc, 0)); bus = Int_val(Field(desc, 1)); - slot = Int_val(Field(desc, 2)); + dev = Int_val(Field(desc, 2)); func = Int_val(Field(desc, 3)); - bdf = pci_dev_to_bdf(domain, bus, slot, func); + sbdf = encode_sbdf(domain, bus, dev, func); - ret = xc_test_assign_device(_H(xch), _D(domid), bdf); + ret = xc_test_assign_device(_H(xch), _D(domid), sbdf); CAMLreturn(Val_bool(ret == 0)); } @@ -1113,16 +1113,16 @@ CAMLprim value stub_xc_domain_assign_dev { CAMLparam3(xch, domid, desc); int ret; - int domain, bus, slot, func; - uint32_t bdf; + int domain, bus, dev, func; + uint32_t sbdf; domain = Int_val(Field(desc, 0)); bus = Int_val(Field(desc, 1)); - slot = Int_val(Field(desc, 2)); + dev = Int_val(Field(desc, 2)); func = Int_val(Field(desc, 3)); - bdf = pci_dev_to_bdf(domain, bus, slot, func); + sbdf = encode_sbdf(domain, bus, dev, func); - ret = xc_assign_device(_H(xch), _D(domid), bdf); + ret = xc_assign_device(_H(xch), _D(domid), sbdf); if (ret < 0) failwith_xc(_H(xch)); @@ -1133,16 +1133,16 @@ CAMLprim value stub_xc_domain_deassign_d { CAMLparam3(xch, domid, desc); int ret; - int domain, bus, slot, func; - uint32_t bdf; + int domain, bus, dev, func; + uint32_t sbdf; domain = Int_val(Field(desc, 0)); bus = Int_val(Field(desc, 1)); - slot = Int_val(Field(desc, 2)); + dev = Int_val(Field(desc, 2)); func = Int_val(Field(desc, 3)); - bdf = pci_dev_to_bdf(domain, bus, slot, func); + sbdf = encode_sbdf(domain, bus, dev, func); - ret = xc_deassign_device(_H(xch), _D(domid), bdf); + ret = xc_deassign_device(_H(xch), _D(domid), sbdf); if (ret < 0) failwith_xc(_H(xch)); _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:28 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:28 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGR-0007VB-RJ; Wed, 16 Jan 2013 08:22:27 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGQ-0007KR-4A for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:26 +0000 Received: from [85.158.143.35:34596] by server-2.bemta-4.messagelabs.com id 95/AC-24322-14366F05; Wed, 16 Jan 2013 08:22:25 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-2.tower-21.messagelabs.com!1358324543!4782582!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 22175 invoked from network); 16 Jan 2013 08:22:24 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-2.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:24 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGN-0003sD-It for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:23 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGN-0000eY-Gn for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:23 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:23 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xsm: Dummy hook functions must be always_inline to ensure constant X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Keir Fraser # Date 1357911909 0 # Node ID 32758c974bf8a2302c3ce9fc21c1e77d55bbc9a5 # Parent f54b7b1f65eaa222e2d251ea741da6dcb7adbebe xsm: Dummy hook functions must be always_inline to ensure constant propagation and dead-code elimination makes LINKER_BUG_ON() operate properly. Signed-off-by: Keir Fraser --- diff -r f54b7b1f65ea -r 32758c974bf8 xen/include/xsm/dummy.h --- a/xen/include/xsm/dummy.h Fri Jan 11 12:23:39 2013 +0000 +++ b/xen/include/xsm/dummy.h Fri Jan 11 13:45:09 2013 +0000 @@ -46,15 +46,15 @@ void __xsm_action_mismatch_detected(void * compile-time checks on the xsm_default_t argument to ensure that the behavior * of the dummy XSM module is the same as the behavior with XSM disabled. */ -#define XSM_INLINE inline +#define XSM_INLINE always_inline #define XSM_DEFAULT_ARG xsm_default_t action, #define XSM_DEFAULT_VOID xsm_default_t action #define XSM_ASSERT_ACTION(def) LINKER_BUG_ON(def != action) #endif /* XSM_ENABLE */ -static inline int xsm_default_action(xsm_default_t action, struct domain *src, - struct domain *target) +static always_inline int xsm_default_action( + xsm_default_t action, struct domain *src, struct domain *target) { switch ( action ) { case XSM_HOOK: _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:28 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:28 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGR-0007VB-RJ; Wed, 16 Jan 2013 08:22:27 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGQ-0007KR-4A for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:26 +0000 Received: from [85.158.143.35:34596] by server-2.bemta-4.messagelabs.com id 95/AC-24322-14366F05; Wed, 16 Jan 2013 08:22:25 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-2.tower-21.messagelabs.com!1358324543!4782582!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 22175 invoked from network); 16 Jan 2013 08:22:24 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-2.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:24 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGN-0003sD-It for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:23 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGN-0000eY-Gn for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:23 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:23 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xsm: Dummy hook functions must be always_inline to ensure constant X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Keir Fraser # Date 1357911909 0 # Node ID 32758c974bf8a2302c3ce9fc21c1e77d55bbc9a5 # Parent f54b7b1f65eaa222e2d251ea741da6dcb7adbebe xsm: Dummy hook functions must be always_inline to ensure constant propagation and dead-code elimination makes LINKER_BUG_ON() operate properly. Signed-off-by: Keir Fraser --- diff -r f54b7b1f65ea -r 32758c974bf8 xen/include/xsm/dummy.h --- a/xen/include/xsm/dummy.h Fri Jan 11 12:23:39 2013 +0000 +++ b/xen/include/xsm/dummy.h Fri Jan 11 13:45:09 2013 +0000 @@ -46,15 +46,15 @@ void __xsm_action_mismatch_detected(void * compile-time checks on the xsm_default_t argument to ensure that the behavior * of the dummy XSM module is the same as the behavior with XSM disabled. */ -#define XSM_INLINE inline +#define XSM_INLINE always_inline #define XSM_DEFAULT_ARG xsm_default_t action, #define XSM_DEFAULT_VOID xsm_default_t action #define XSM_ASSERT_ACTION(def) LINKER_BUG_ON(def != action) #endif /* XSM_ENABLE */ -static inline int xsm_default_action(xsm_default_t action, struct domain *src, - struct domain *target) +static always_inline int xsm_default_action( + xsm_default_t action, struct domain *src, struct domain *target) { switch ( action ) { case XSM_HOOK: _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:28 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:28 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGS-0007VU-4m; Wed, 16 Jan 2013 08:22:28 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGR-0007US-D4 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:27 +0000 Received: from [193.109.254.147:15990] by server-7.bemta-14.messagelabs.com id 55/4E-08102-24366F05; Wed, 16 Jan 2013 08:22:26 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-14.tower-27.messagelabs.com!1358324540!1851656!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 8458 invoked from network); 16 Jan 2013 08:22:21 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-14.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:21 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGK-0003ry-NF for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:20 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGK-0000dJ-M8 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:20 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:20 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xencommons: Stop QEMU in do_stop() X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Wei Liu # Date 1357906948 0 # Node ID 9a1610c1e564cdc49b8bf628694632a63c6f6b63 # Parent 2ad5792b4274d76ced39515cbd3f84898b181768 xencommons: Stop QEMU in do_stop() do_stop() is invoked by "restart" action. We can get multiple QEMUs started up for Dom0 if we don't kill previous ones. Signed-off-by: Wei Liu Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r 2ad5792b4274 -r 9a1610c1e564 tools/hotplug/Linux/init.d/xencommons --- a/tools/hotplug/Linux/init.d/xencommons Fri Jan 11 12:22:28 2013 +0000 +++ b/tools/hotplug/Linux/init.d/xencommons Fri Jan 11 12:22:28 2013 +0000 @@ -27,6 +27,7 @@ fi test -f $xencommons_config/xencommons && . $xencommons_config/xencommons XENCONSOLED_PIDFILE=/var/run/xenconsoled.pid +QEMU_PIDFILE=/var/run/qemu-dom0.pid shopt -s extglob # not running in Xen dom0 or domU @@ -116,7 +117,7 @@ do_start () { test "`uname`" != "NetBSD" || xenbackendd $XENBACKENDD_ARGS echo Starting QEMU as disk backend for dom0 test -z "$QEMU_XEN" && QEMU_XEN=/usr/lib/xen/bin/qemu-system-i386 - $QEMU_XEN -xen-domid 0 -xen-attach -name dom0 -nographic -M xenpv -daemonize -monitor /dev/null + $QEMU_XEN -xen-domid 0 -xen-attach -name dom0 -nographic -M xenpv -daemonize -monitor /dev/null -pidfile $QEMU_PIDFILE } do_stop () { echo Stopping xenconsoled @@ -126,6 +127,13 @@ do_stop () { rm -f $XENCONSOLED_PIDFILE fi + echo Stopping QEMU + if read 2>/dev/null <$QEMU_PIDFILE pid; then + kill $pid + while kill -9 $pid >/dev/null 2>&1; do sleep 0.1; done + rm -f $QEMU_PIDFILE + fi + echo WARNING: Not stopping xenstored, as it cannot be restarted. } _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:28 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:28 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGS-0007VU-4m; Wed, 16 Jan 2013 08:22:28 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGR-0007US-D4 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:27 +0000 Received: from [193.109.254.147:15990] by server-7.bemta-14.messagelabs.com id 55/4E-08102-24366F05; Wed, 16 Jan 2013 08:22:26 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-14.tower-27.messagelabs.com!1358324540!1851656!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 8458 invoked from network); 16 Jan 2013 08:22:21 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-14.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:21 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGK-0003ry-NF for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:20 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGK-0000dJ-M8 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:20 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:20 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xencommons: Stop QEMU in do_stop() X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Wei Liu # Date 1357906948 0 # Node ID 9a1610c1e564cdc49b8bf628694632a63c6f6b63 # Parent 2ad5792b4274d76ced39515cbd3f84898b181768 xencommons: Stop QEMU in do_stop() do_stop() is invoked by "restart" action. We can get multiple QEMUs started up for Dom0 if we don't kill previous ones. Signed-off-by: Wei Liu Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r 2ad5792b4274 -r 9a1610c1e564 tools/hotplug/Linux/init.d/xencommons --- a/tools/hotplug/Linux/init.d/xencommons Fri Jan 11 12:22:28 2013 +0000 +++ b/tools/hotplug/Linux/init.d/xencommons Fri Jan 11 12:22:28 2013 +0000 @@ -27,6 +27,7 @@ fi test -f $xencommons_config/xencommons && . $xencommons_config/xencommons XENCONSOLED_PIDFILE=/var/run/xenconsoled.pid +QEMU_PIDFILE=/var/run/qemu-dom0.pid shopt -s extglob # not running in Xen dom0 or domU @@ -116,7 +117,7 @@ do_start () { test "`uname`" != "NetBSD" || xenbackendd $XENBACKENDD_ARGS echo Starting QEMU as disk backend for dom0 test -z "$QEMU_XEN" && QEMU_XEN=/usr/lib/xen/bin/qemu-system-i386 - $QEMU_XEN -xen-domid 0 -xen-attach -name dom0 -nographic -M xenpv -daemonize -monitor /dev/null + $QEMU_XEN -xen-domid 0 -xen-attach -name dom0 -nographic -M xenpv -daemonize -monitor /dev/null -pidfile $QEMU_PIDFILE } do_stop () { echo Stopping xenconsoled @@ -126,6 +127,13 @@ do_stop () { rm -f $XENCONSOLED_PIDFILE fi + echo Stopping QEMU + if read 2>/dev/null <$QEMU_PIDFILE pid; then + kill $pid + while kill -9 $pid >/dev/null 2>&1; do sleep 0.1; done + rm -f $QEMU_PIDFILE + fi + echo WARNING: Not stopping xenstored, as it cannot be restarted. } _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:30 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:30 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGU-0007Xo-8Q; Wed, 16 Jan 2013 08:22:30 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGS-0007VQ-MS for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:29 +0000 Received: from [85.158.137.99:51029] by server-11.bemta-3.messagelabs.com id 9F/FD-01807-34366F05; Wed, 16 Jan 2013 08:22:27 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-3.tower-217.messagelabs.com!1358324545!12071450!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 15243 invoked from network); 16 Jan 2013 08:22:26 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-3.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:26 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGP-0003sM-J7 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:25 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGO-0000f4-LW for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:25 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:24 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] Revert 0b9dfd067b42: Switch from select() to poll() in xenconsoled's IO loop X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1358072440 0 # Node ID 2347d59ea0cc1023ac0623a2b6fd39909312df88 # Parent 0b9dfd067b4259e2cb3285f279f369dd7bd2e032 Revert 0b9dfd067b42: Switch from select() to poll() in xenconsoled's IO loop Causes issues with migration etc in test flight 14869 onwards. Signed-off-by: Ian Campbell --- diff -r 0b9dfd067b42 -r 2347d59ea0cc tools/console/daemon/io.c --- a/tools/console/daemon/io.c Fri Jan 11 12:22:30 2013 +0000 +++ b/tools/console/daemon/io.c Sun Jan 13 10:20:40 2013 +0000 @@ -28,7 +28,7 @@ #include #include #include -#include +#include #include #include #include @@ -66,12 +66,9 @@ extern int discard_overflowed_data; static int log_time_hv_needts = 1; static int log_time_guest_needts = 1; static int log_hv_fd = -1; - -static struct pollfd *fds; -static unsigned int current_array_size; -static unsigned int nr_fds; - -#define ROUNDUP(_x,_w) (((unsigned long)(_x)+(1UL<<(_w))-1) & ~((1UL<<(_w))-1)) +static evtchn_port_or_error_t log_hv_evtchn = -1; +static xc_interface *xch; /* why does xenconsoled have two xc handles ? */ +static xc_evtchn *xce_handle = NULL; struct buffer { char *data; @@ -84,9 +81,7 @@ struct buffer { struct domain { int domid; int master_fd; - struct pollfd *master_pollfd; int slave_fd; - struct pollfd *slave_pollfd; int log_fd; bool is_dead; unsigned last_seen; @@ -97,7 +92,6 @@ struct domain { evtchn_port_or_error_t local_port; evtchn_port_or_error_t remote_port; xc_evtchn *xce_handle; - struct pollfd *xce_pollfd; struct xencons_interface *interface; int event_count; long long next_period; @@ -775,17 +769,6 @@ static int ring_free_bytes(struct domain return (sizeof(intf->in) - space); } -static void domain_handle_broken_tty(struct domain *dom, int recreate) -{ - domain_close_tty(dom); - - if (recreate) { - domain_create_tty(dom); - } else { - shutdown_domain(dom); - } -} - static void handle_tty_read(struct domain *dom) { ssize_t len = 0; @@ -811,7 +794,13 @@ static void handle_tty_read(struct domai * keep the slave open for the duration. */ if (len < 0) { - domain_handle_broken_tty(dom, domain_is_valid(dom->domid)); + domain_close_tty(dom); + + if (domain_is_valid(dom->domid)) { + domain_create_tty(dom); + } else { + shutdown_domain(dom); + } } else if (domain_is_valid(dom->domid)) { prod = intf->in_prod; for (i = 0; i < len; i++) { @@ -839,7 +828,14 @@ static void handle_tty_write(struct doma if (len < 1) { dolog(LOG_DEBUG, "Write failed on domain %d: %zd, %d\n", dom->domid, len, errno); - domain_handle_broken_tty(dom, domain_is_valid(dom->domid)); + + domain_close_tty(dom); + + if (domain_is_valid(dom->domid)) { + domain_create_tty(dom); + } else { + shutdown_domain(dom); + } } else { buffer_advance(&dom->buffer, len); } @@ -887,7 +883,7 @@ static void handle_xs(void) free(vec); } -static void handle_hv_logs(xc_evtchn *xce_handle) +static void handle_hv_logs(void) { char buffer[1024*16]; char *bufptr = buffer; @@ -898,7 +894,7 @@ static void handle_hv_logs(xc_evtchn *xc if ((port = xc_evtchn_pending(xce_handle)) == -1) return; - if (xc_readconsolering(xc, bufptr, &size, 0, 1, &index) == 0 && size > 0) { + if (xc_readconsolering(xch, bufptr, &size, 0, 1, &index) == 0 && size > 0) { int logret; if (log_time_hv) logret = write_with_timestamp(log_hv_fd, buffer, size, @@ -932,54 +928,18 @@ static void handle_log_reload(void) } } -static struct pollfd *set_fds(int fd, short events) -{ - struct pollfd *ret; - if (current_array_size < nr_fds + 1) { - struct pollfd *new_fds = NULL; - unsigned long newsize; - - /* Round up to 2^8 boundary, in practice this just - * make newsize larger than current_array_size. - */ - newsize = ROUNDUP(nr_fds + 1, 8); - - new_fds = realloc(fds, sizeof(struct pollfd)*newsize); - if (!new_fds) - goto fail; - fds = new_fds; - - memset(&fds[0] + current_array_size, 0, - sizeof(struct pollfd) * (newsize-current_array_size)); - current_array_size = newsize; - } - - fds[nr_fds].fd = fd; - fds[nr_fds].events = events; - ret = &fds[nr_fds]; - nr_fds++; - - return ret; -fail: - dolog(LOG_ERR, "realloc failed, ignoring fd %d\n", fd); - return NULL; -} - -static void reset_fds(void) -{ - nr_fds = 0; - memset(fds, 0, sizeof(struct pollfd) * current_array_size); -} - void handle_io(void) { + fd_set readfds, writefds; int ret; - evtchn_port_or_error_t log_hv_evtchn = -1; - struct pollfd *xce_pollfd = NULL; - struct pollfd *xs_pollfd = NULL; - xc_evtchn *xce_handle = NULL; if (log_hv) { + xch = xc_interface_open(0,0,0); + if (!xch) { + dolog(LOG_ERR, "Failed to open xc handle: %d (%s)", + errno, strerror(errno)); + goto out; + } xce_handle = xc_evtchn_open(NULL, 0); if (xce_handle == NULL) { dolog(LOG_ERR, "Failed to open xce handle: %d (%s)", @@ -999,17 +959,21 @@ void handle_io(void) for (;;) { struct domain *d, *n; - int poll_timeout; /* timeout in milliseconds */ + int max_fd = -1; + struct timeval timeout; struct timespec ts; long long now, next_timeout = 0; - reset_fds(); + FD_ZERO(&readfds); + FD_ZERO(&writefds); - xs_pollfd = set_fds(xs_fileno(xs), POLLIN|POLLPRI); + FD_SET(xs_fileno(xs), &readfds); + max_fd = MAX(xs_fileno(xs), max_fd); - if (log_hv) - xce_pollfd = set_fds(xc_evtchn_fd(xce_handle), - POLLIN|POLLPRI); + if (log_hv) { + FD_SET(xc_evtchn_fd(xce_handle), &readfds); + max_fd = MAX(xc_evtchn_fd(xce_handle), max_fd); + } if (clock_gettime(CLOCK_MONOTONIC, &ts) < 0) return; @@ -1018,12 +982,10 @@ void handle_io(void) /* Re-calculate any event counter allowances & unblock domains with new allowance */ for (d = dom_head; d; d = d->next) { - /* CS 16257:955ee4fa1345 introduces a 5ms fuzz - * for select(), it is not clear poll() has - * similar behavior (returning a couple of ms - * sooner than requested) as well. Just leave - * the fuzz here. Remove it with a separate - * patch if necessary */ + /* Add 5ms of fuzz since select() often returns + a couple of ms sooner than requested. Without + the fuzz we typically do an extra spin in select() + with a 1/2 ms timeout every other iteration */ if ((now+5) > d->next_period) { d->next_period = now + RATE_LIMIT_PERIOD; if (d->event_count >= RATE_LIMIT_ALLOWANCE) { @@ -1044,101 +1006,75 @@ void handle_io(void) !d->buffer.max_capacity || d->buffer.size < d->buffer.max_capacity) { int evtchn_fd = xc_evtchn_fd(d->xce_handle); - d->xce_pollfd = set_fds(evtchn_fd, - POLLIN|POLLPRI); + FD_SET(evtchn_fd, &readfds); + max_fd = MAX(evtchn_fd, max_fd); } } if (d->master_fd != -1) { - short events = 0; if (!d->is_dead && ring_free_bytes(d)) - events |= POLLIN; + FD_SET(d->master_fd, &readfds); if (!buffer_empty(&d->buffer)) - events |= POLLOUT; - - if (events) - d->master_pollfd = - set_fds(d->master_fd, - events|POLLPRI); + FD_SET(d->master_fd, &writefds); + max_fd = MAX(d->master_fd, max_fd); } } /* If any domain has been rate limited, we need to work - out what timeout to supply to poll */ + out what timeout to supply to select */ if (next_timeout) { long long duration = (next_timeout - now); if (duration <= 0) /* sanity check */ duration = 1; - poll_timeout = (int)duration; + timeout.tv_sec = duration / 1000; + timeout.tv_usec = ((duration - (timeout.tv_sec * 1000)) + * 1000); } - ret = poll(fds, nr_fds, next_timeout ? poll_timeout : -1); + ret = select(max_fd + 1, &readfds, &writefds, 0, + next_timeout ? &timeout : NULL); if (log_reload) { handle_log_reload(); log_reload = 0; } - /* Abort if poll failed, except for EINTR cases + /* Abort if select failed, except for EINTR cases which indicate a possible log reload */ if (ret == -1) { if (errno == EINTR) continue; - dolog(LOG_ERR, "Failure in poll: %d (%s)", + dolog(LOG_ERR, "Failure in select: %d (%s)", errno, strerror(errno)); break; } - if (log_hv && xce_pollfd) { - if (xce_pollfd->revents & ~(POLLIN|POLLOUT|POLLPRI)) { - dolog(LOG_ERR, - "Failure in poll xce_handle: %d (%s)", - errno, strerror(errno)); - break; - } else if (xce_pollfd->revents & POLLIN) - handle_hv_logs(xce_handle); - } + if (log_hv && FD_ISSET(xc_evtchn_fd(xce_handle), &readfds)) + handle_hv_logs(); if (ret <= 0) continue; - if (xs_pollfd) { - if (xs_pollfd->revents & ~(POLLIN|POLLOUT|POLLPRI)) { - dolog(LOG_ERR, - "Failure in poll xs_handle: %d (%s)", - errno, strerror(errno)); - break; - } else if (xs_pollfd->revents & POLLIN) - handle_xs(); - } + if (FD_ISSET(xs_fileno(xs), &readfds)) + handle_xs(); for (d = dom_head; d; d = n) { n = d->next; if (d->event_count < RATE_LIMIT_ALLOWANCE) { if (d->xce_handle != NULL && - d->xce_pollfd && - !(d->xce_pollfd->revents & - ~(POLLIN|POLLOUT|POLLPRI)) && - (d->xce_pollfd->revents & - POLLIN)) - handle_ring_read(d); + FD_ISSET(xc_evtchn_fd(d->xce_handle), + &readfds)) + handle_ring_read(d); } - if (d->master_fd != -1 && d->master_pollfd) { - if (d->master_pollfd->revents & - ~(POLLIN|POLLOUT|POLLPRI)) - domain_handle_broken_tty(d, - domain_is_valid(d->domid)); - else { - if (d->master_pollfd->revents & - POLLIN) - handle_tty_read(d); - if (d->master_pollfd->revents & - POLLOUT) - handle_tty_write(d); - } - } + if (d->master_fd != -1 && FD_ISSET(d->master_fd, + &readfds)) + handle_tty_read(d); + + if (d->master_fd != -1 && FD_ISSET(d->master_fd, + &writefds)) + handle_tty_write(d); if (d->last_seen != enum_pass) shutdown_domain(d); @@ -1148,14 +1084,15 @@ void handle_io(void) } } - free(fds); - current_array_size = 0; - out: if (log_hv_fd != -1) { close(log_hv_fd); log_hv_fd = -1; } + if (xch) { + xc_interface_close(xch); + xch = 0; + } if (xce_handle != NULL) { xc_evtchn_close(xce_handle); xce_handle = NULL; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:30 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:30 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGU-0007Xo-8Q; Wed, 16 Jan 2013 08:22:30 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGS-0007VQ-MS for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:29 +0000 Received: from [85.158.137.99:51029] by server-11.bemta-3.messagelabs.com id 9F/FD-01807-34366F05; Wed, 16 Jan 2013 08:22:27 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-3.tower-217.messagelabs.com!1358324545!12071450!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 15243 invoked from network); 16 Jan 2013 08:22:26 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-3.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:26 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGP-0003sM-J7 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:25 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGO-0000f4-LW for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:25 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:24 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] Revert 0b9dfd067b42: Switch from select() to poll() in xenconsoled's IO loop X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1358072440 0 # Node ID 2347d59ea0cc1023ac0623a2b6fd39909312df88 # Parent 0b9dfd067b4259e2cb3285f279f369dd7bd2e032 Revert 0b9dfd067b42: Switch from select() to poll() in xenconsoled's IO loop Causes issues with migration etc in test flight 14869 onwards. Signed-off-by: Ian Campbell --- diff -r 0b9dfd067b42 -r 2347d59ea0cc tools/console/daemon/io.c --- a/tools/console/daemon/io.c Fri Jan 11 12:22:30 2013 +0000 +++ b/tools/console/daemon/io.c Sun Jan 13 10:20:40 2013 +0000 @@ -28,7 +28,7 @@ #include #include #include -#include +#include #include #include #include @@ -66,12 +66,9 @@ extern int discard_overflowed_data; static int log_time_hv_needts = 1; static int log_time_guest_needts = 1; static int log_hv_fd = -1; - -static struct pollfd *fds; -static unsigned int current_array_size; -static unsigned int nr_fds; - -#define ROUNDUP(_x,_w) (((unsigned long)(_x)+(1UL<<(_w))-1) & ~((1UL<<(_w))-1)) +static evtchn_port_or_error_t log_hv_evtchn = -1; +static xc_interface *xch; /* why does xenconsoled have two xc handles ? */ +static xc_evtchn *xce_handle = NULL; struct buffer { char *data; @@ -84,9 +81,7 @@ struct buffer { struct domain { int domid; int master_fd; - struct pollfd *master_pollfd; int slave_fd; - struct pollfd *slave_pollfd; int log_fd; bool is_dead; unsigned last_seen; @@ -97,7 +92,6 @@ struct domain { evtchn_port_or_error_t local_port; evtchn_port_or_error_t remote_port; xc_evtchn *xce_handle; - struct pollfd *xce_pollfd; struct xencons_interface *interface; int event_count; long long next_period; @@ -775,17 +769,6 @@ static int ring_free_bytes(struct domain return (sizeof(intf->in) - space); } -static void domain_handle_broken_tty(struct domain *dom, int recreate) -{ - domain_close_tty(dom); - - if (recreate) { - domain_create_tty(dom); - } else { - shutdown_domain(dom); - } -} - static void handle_tty_read(struct domain *dom) { ssize_t len = 0; @@ -811,7 +794,13 @@ static void handle_tty_read(struct domai * keep the slave open for the duration. */ if (len < 0) { - domain_handle_broken_tty(dom, domain_is_valid(dom->domid)); + domain_close_tty(dom); + + if (domain_is_valid(dom->domid)) { + domain_create_tty(dom); + } else { + shutdown_domain(dom); + } } else if (domain_is_valid(dom->domid)) { prod = intf->in_prod; for (i = 0; i < len; i++) { @@ -839,7 +828,14 @@ static void handle_tty_write(struct doma if (len < 1) { dolog(LOG_DEBUG, "Write failed on domain %d: %zd, %d\n", dom->domid, len, errno); - domain_handle_broken_tty(dom, domain_is_valid(dom->domid)); + + domain_close_tty(dom); + + if (domain_is_valid(dom->domid)) { + domain_create_tty(dom); + } else { + shutdown_domain(dom); + } } else { buffer_advance(&dom->buffer, len); } @@ -887,7 +883,7 @@ static void handle_xs(void) free(vec); } -static void handle_hv_logs(xc_evtchn *xce_handle) +static void handle_hv_logs(void) { char buffer[1024*16]; char *bufptr = buffer; @@ -898,7 +894,7 @@ static void handle_hv_logs(xc_evtchn *xc if ((port = xc_evtchn_pending(xce_handle)) == -1) return; - if (xc_readconsolering(xc, bufptr, &size, 0, 1, &index) == 0 && size > 0) { + if (xc_readconsolering(xch, bufptr, &size, 0, 1, &index) == 0 && size > 0) { int logret; if (log_time_hv) logret = write_with_timestamp(log_hv_fd, buffer, size, @@ -932,54 +928,18 @@ static void handle_log_reload(void) } } -static struct pollfd *set_fds(int fd, short events) -{ - struct pollfd *ret; - if (current_array_size < nr_fds + 1) { - struct pollfd *new_fds = NULL; - unsigned long newsize; - - /* Round up to 2^8 boundary, in practice this just - * make newsize larger than current_array_size. - */ - newsize = ROUNDUP(nr_fds + 1, 8); - - new_fds = realloc(fds, sizeof(struct pollfd)*newsize); - if (!new_fds) - goto fail; - fds = new_fds; - - memset(&fds[0] + current_array_size, 0, - sizeof(struct pollfd) * (newsize-current_array_size)); - current_array_size = newsize; - } - - fds[nr_fds].fd = fd; - fds[nr_fds].events = events; - ret = &fds[nr_fds]; - nr_fds++; - - return ret; -fail: - dolog(LOG_ERR, "realloc failed, ignoring fd %d\n", fd); - return NULL; -} - -static void reset_fds(void) -{ - nr_fds = 0; - memset(fds, 0, sizeof(struct pollfd) * current_array_size); -} - void handle_io(void) { + fd_set readfds, writefds; int ret; - evtchn_port_or_error_t log_hv_evtchn = -1; - struct pollfd *xce_pollfd = NULL; - struct pollfd *xs_pollfd = NULL; - xc_evtchn *xce_handle = NULL; if (log_hv) { + xch = xc_interface_open(0,0,0); + if (!xch) { + dolog(LOG_ERR, "Failed to open xc handle: %d (%s)", + errno, strerror(errno)); + goto out; + } xce_handle = xc_evtchn_open(NULL, 0); if (xce_handle == NULL) { dolog(LOG_ERR, "Failed to open xce handle: %d (%s)", @@ -999,17 +959,21 @@ void handle_io(void) for (;;) { struct domain *d, *n; - int poll_timeout; /* timeout in milliseconds */ + int max_fd = -1; + struct timeval timeout; struct timespec ts; long long now, next_timeout = 0; - reset_fds(); + FD_ZERO(&readfds); + FD_ZERO(&writefds); - xs_pollfd = set_fds(xs_fileno(xs), POLLIN|POLLPRI); + FD_SET(xs_fileno(xs), &readfds); + max_fd = MAX(xs_fileno(xs), max_fd); - if (log_hv) - xce_pollfd = set_fds(xc_evtchn_fd(xce_handle), - POLLIN|POLLPRI); + if (log_hv) { + FD_SET(xc_evtchn_fd(xce_handle), &readfds); + max_fd = MAX(xc_evtchn_fd(xce_handle), max_fd); + } if (clock_gettime(CLOCK_MONOTONIC, &ts) < 0) return; @@ -1018,12 +982,10 @@ void handle_io(void) /* Re-calculate any event counter allowances & unblock domains with new allowance */ for (d = dom_head; d; d = d->next) { - /* CS 16257:955ee4fa1345 introduces a 5ms fuzz - * for select(), it is not clear poll() has - * similar behavior (returning a couple of ms - * sooner than requested) as well. Just leave - * the fuzz here. Remove it with a separate - * patch if necessary */ + /* Add 5ms of fuzz since select() often returns + a couple of ms sooner than requested. Without + the fuzz we typically do an extra spin in select() + with a 1/2 ms timeout every other iteration */ if ((now+5) > d->next_period) { d->next_period = now + RATE_LIMIT_PERIOD; if (d->event_count >= RATE_LIMIT_ALLOWANCE) { @@ -1044,101 +1006,75 @@ void handle_io(void) !d->buffer.max_capacity || d->buffer.size < d->buffer.max_capacity) { int evtchn_fd = xc_evtchn_fd(d->xce_handle); - d->xce_pollfd = set_fds(evtchn_fd, - POLLIN|POLLPRI); + FD_SET(evtchn_fd, &readfds); + max_fd = MAX(evtchn_fd, max_fd); } } if (d->master_fd != -1) { - short events = 0; if (!d->is_dead && ring_free_bytes(d)) - events |= POLLIN; + FD_SET(d->master_fd, &readfds); if (!buffer_empty(&d->buffer)) - events |= POLLOUT; - - if (events) - d->master_pollfd = - set_fds(d->master_fd, - events|POLLPRI); + FD_SET(d->master_fd, &writefds); + max_fd = MAX(d->master_fd, max_fd); } } /* If any domain has been rate limited, we need to work - out what timeout to supply to poll */ + out what timeout to supply to select */ if (next_timeout) { long long duration = (next_timeout - now); if (duration <= 0) /* sanity check */ duration = 1; - poll_timeout = (int)duration; + timeout.tv_sec = duration / 1000; + timeout.tv_usec = ((duration - (timeout.tv_sec * 1000)) + * 1000); } - ret = poll(fds, nr_fds, next_timeout ? poll_timeout : -1); + ret = select(max_fd + 1, &readfds, &writefds, 0, + next_timeout ? &timeout : NULL); if (log_reload) { handle_log_reload(); log_reload = 0; } - /* Abort if poll failed, except for EINTR cases + /* Abort if select failed, except for EINTR cases which indicate a possible log reload */ if (ret == -1) { if (errno == EINTR) continue; - dolog(LOG_ERR, "Failure in poll: %d (%s)", + dolog(LOG_ERR, "Failure in select: %d (%s)", errno, strerror(errno)); break; } - if (log_hv && xce_pollfd) { - if (xce_pollfd->revents & ~(POLLIN|POLLOUT|POLLPRI)) { - dolog(LOG_ERR, - "Failure in poll xce_handle: %d (%s)", - errno, strerror(errno)); - break; - } else if (xce_pollfd->revents & POLLIN) - handle_hv_logs(xce_handle); - } + if (log_hv && FD_ISSET(xc_evtchn_fd(xce_handle), &readfds)) + handle_hv_logs(); if (ret <= 0) continue; - if (xs_pollfd) { - if (xs_pollfd->revents & ~(POLLIN|POLLOUT|POLLPRI)) { - dolog(LOG_ERR, - "Failure in poll xs_handle: %d (%s)", - errno, strerror(errno)); - break; - } else if (xs_pollfd->revents & POLLIN) - handle_xs(); - } + if (FD_ISSET(xs_fileno(xs), &readfds)) + handle_xs(); for (d = dom_head; d; d = n) { n = d->next; if (d->event_count < RATE_LIMIT_ALLOWANCE) { if (d->xce_handle != NULL && - d->xce_pollfd && - !(d->xce_pollfd->revents & - ~(POLLIN|POLLOUT|POLLPRI)) && - (d->xce_pollfd->revents & - POLLIN)) - handle_ring_read(d); + FD_ISSET(xc_evtchn_fd(d->xce_handle), + &readfds)) + handle_ring_read(d); } - if (d->master_fd != -1 && d->master_pollfd) { - if (d->master_pollfd->revents & - ~(POLLIN|POLLOUT|POLLPRI)) - domain_handle_broken_tty(d, - domain_is_valid(d->domid)); - else { - if (d->master_pollfd->revents & - POLLIN) - handle_tty_read(d); - if (d->master_pollfd->revents & - POLLOUT) - handle_tty_write(d); - } - } + if (d->master_fd != -1 && FD_ISSET(d->master_fd, + &readfds)) + handle_tty_read(d); + + if (d->master_fd != -1 && FD_ISSET(d->master_fd, + &writefds)) + handle_tty_write(d); if (d->last_seen != enum_pass) shutdown_domain(d); @@ -1148,14 +1084,15 @@ void handle_io(void) } } - free(fds); - current_array_size = 0; - out: if (log_hv_fd != -1) { close(log_hv_fd); log_hv_fd = -1; } + if (xch) { + xc_interface_close(xch); + xch = 0; + } if (xce_handle != NULL) { xc_evtchn_close(xce_handle); xce_handle = NULL; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:33 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:33 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGV-0007Zo-Ec; Wed, 16 Jan 2013 08:22:31 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGU-0007XE-3Y for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:30 +0000 Received: from [85.158.137.99:9870] by server-7.bemta-3.messagelabs.com id 56/7E-23876-54366F05; Wed, 16 Jan 2013 08:22:29 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-16.tower-217.messagelabs.com!1358324547!17136538!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 11011 invoked from network); 16 Jan 2013 08:22:28 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-16.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:28 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGR-0003sb-3p for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:27 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGR-0000fr-2d for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:27 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:26 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] x86/hvm: Remove 32-/64-bit abstraction macros from asm files. X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Keir Fraser # Date 1358172365 0 # Node ID f6a81b41ad710464f255fb6e75f569c71f58045e # Parent e6f74afc78d26e0201c64d08b8a3ed089c2120ff x86/hvm: Remove 32-/64-bit abstraction macros from asm files. Not needed now we target 64-bit only. Signed-off-by: Keir Fraser --- diff -r e6f74afc78d2 -r f6a81b41ad71 xen/arch/x86/hvm/svm/entry.S --- a/xen/arch/x86/hvm/svm/entry.S Mon Jan 14 13:55:45 2013 +0000 +++ b/xen/arch/x86/hvm/svm/entry.S Mon Jan 14 14:06:05 2013 +0000 @@ -31,55 +31,48 @@ #define STGI .byte 0x0F,0x01,0xDC #define CLGI .byte 0x0F,0x01,0xDD -#define get_current(reg) GET_CURRENT(r(reg)) - -#define r(reg) %r##reg -#define addr_of(lbl) lbl(%rip) -#define call_with_regs(fn) \ - mov %rsp,%rdi; \ - call fn; - ENTRY(svm_asm_do_resume) call svm_intr_assist - call_with_regs(nsvm_vcpu_switch) + mov %rsp,%rdi + call nsvm_vcpu_switch ASSERT_NOT_IN_ATOMIC - get_current(bx) + GET_CURRENT(%rbx) CLGI - mov VCPU_processor(r(bx)),%eax - shl $IRQSTAT_shift,r(ax) - lea addr_of(irq_stat),r(dx) - testl $~0,(r(dx),r(ax),1) + mov VCPU_processor(%rbx),%eax + shl $IRQSTAT_shift,%rax + lea irq_stat(%rip),%rdx + testl $~0,(%rdx,%rax,1) jnz .Lsvm_process_softirqs - testb $0, VCPU_nsvm_hap_enabled(r(bx)) + testb $0, VCPU_nsvm_hap_enabled(%rbx) UNLIKELY_START(nz, nsvm_hap) - mov VCPU_nhvm_p2m(r(bx)),r(ax) - test r(ax),r(ax) + mov VCPU_nhvm_p2m(%rbx),%rax + test %rax,%rax sete %al - andb VCPU_nhvm_guestmode(r(bx)),%al + andb VCPU_nhvm_guestmode(%rbx),%al jnz .Lsvm_nsvm_no_p2m UNLIKELY_END(nsvm_hap) call svm_asid_handle_vmrun - cmpb $0,addr_of(tb_init_done) + cmpb $0,tb_init_done(%rip) UNLIKELY_START(nz, svm_trace) call svm_trace_vmentry UNLIKELY_END(svm_trace) - mov VCPU_svm_vmcb(r(bx)),r(cx) - mov UREGS_rax(r(sp)),r(ax) - mov r(ax),VMCB_rax(r(cx)) - mov UREGS_rip(r(sp)),r(ax) - mov r(ax),VMCB_rip(r(cx)) - mov UREGS_rsp(r(sp)),r(ax) - mov r(ax),VMCB_rsp(r(cx)) - mov UREGS_eflags(r(sp)),r(ax) - mov r(ax),VMCB_rflags(r(cx)) + mov VCPU_svm_vmcb(%rbx),%rcx + mov UREGS_rax(%rsp),%rax + mov %rax,VMCB_rax(%rcx) + mov UREGS_rip(%rsp),%rax + mov %rax,VMCB_rip(%rcx) + mov UREGS_rsp(%rsp),%rax + mov %rax,VMCB_rsp(%rcx) + mov UREGS_eflags(%rsp),%rax + mov %rax,VMCB_rflags(%rcx) - mov VCPU_svm_vmcb_pa(r(bx)),r(ax) + mov VCPU_svm_vmcb_pa(%rbx),%rax pop %r15 pop %r14 @@ -115,35 +108,36 @@ UNLIKELY_END(svm_trace) push %r14 push %r15 - get_current(bx) - movb $0,VCPU_svm_vmcb_in_sync(r(bx)) - mov VCPU_svm_vmcb(r(bx)),r(cx) - mov VMCB_rax(r(cx)),r(ax) - mov r(ax),UREGS_rax(r(sp)) - mov VMCB_rip(r(cx)),r(ax) - mov r(ax),UREGS_rip(r(sp)) - mov VMCB_rsp(r(cx)),r(ax) - mov r(ax),UREGS_rsp(r(sp)) - mov VMCB_rflags(r(cx)),r(ax) - mov r(ax),UREGS_eflags(r(sp)) + GET_CURRENT(%rbx) + movb $0,VCPU_svm_vmcb_in_sync(%rbx) + mov VCPU_svm_vmcb(%rbx),%rcx + mov VMCB_rax(%rcx),%rax + mov %rax,UREGS_rax(%rsp) + mov VMCB_rip(%rcx),%rax + mov %rax,UREGS_rip(%rsp) + mov VMCB_rsp(%rcx),%rax + mov %rax,UREGS_rsp(%rsp) + mov VMCB_rflags(%rcx),%rax + mov %rax,UREGS_eflags(%rsp) #ifndef NDEBUG mov $0xbeef,%ax - mov %ax,UREGS_error_code(r(sp)) - mov %ax,UREGS_entry_vector(r(sp)) - mov %ax,UREGS_saved_upcall_mask(r(sp)) - mov %ax,UREGS_cs(r(sp)) - mov %ax,UREGS_ds(r(sp)) - mov %ax,UREGS_es(r(sp)) - mov %ax,UREGS_fs(r(sp)) - mov %ax,UREGS_gs(r(sp)) - mov %ax,UREGS_ss(r(sp)) + mov %ax,UREGS_error_code(%rsp) + mov %ax,UREGS_entry_vector(%rsp) + mov %ax,UREGS_saved_upcall_mask(%rsp) + mov %ax,UREGS_cs(%rsp) + mov %ax,UREGS_ds(%rsp) + mov %ax,UREGS_es(%rsp) + mov %ax,UREGS_fs(%rsp) + mov %ax,UREGS_gs(%rsp) + mov %ax,UREGS_ss(%rsp) #endif STGI .globl svm_stgi_label svm_stgi_label: - call_with_regs(svm_vmexit_handler) + mov %rsp,%rdi + call svm_vmexit_handler jmp svm_asm_do_resume .Lsvm_process_softirqs: diff -r e6f74afc78d2 -r f6a81b41ad71 xen/arch/x86/hvm/vmx/entry.S --- a/xen/arch/x86/hvm/vmx/entry.S Mon Jan 14 13:55:45 2013 +0000 +++ b/xen/arch/x86/hvm/vmx/entry.S Mon Jan 14 14:06:05 2013 +0000 @@ -36,14 +36,6 @@ #define GUEST_RIP 0x681e #define GUEST_RFLAGS 0x6820 -#define get_current(reg) GET_CURRENT(r(reg)) - -#define r(reg) %r##reg -#define addr_of(lbl) lbl(%rip) -#define call_with_regs(fn) \ - mov %rsp,%rdi; \ - call fn; - ALIGN .globl vmx_asm_vmexit_handler vmx_asm_vmexit_handler: @@ -63,36 +55,37 @@ vmx_asm_vmexit_handler: push %r14 push %r15 - get_current(bx) + GET_CURRENT(%rbx) - movb $1,VCPU_vmx_launched(r(bx)) + movb $1,VCPU_vmx_launched(%rbx) - lea UREGS_rip(r(sp)),r(di) + lea UREGS_rip(%rsp),%rdi mov $GUEST_RIP,%eax /*VMREAD(UREGS_rip)*/ - .byte 0x0f,0x78,0x07 /* vmread r(ax),(r(di)) */ + .byte 0x0f,0x78,0x07 /* vmread %rax,(%rdi) */ mov $GUEST_RSP,%eax VMREAD(UREGS_rsp) mov $GUEST_RFLAGS,%eax VMREAD(UREGS_eflags) - mov %cr2,r(ax) - mov r(ax),VCPU_hvm_guest_cr2(r(bx)) + mov %cr2,%rax + mov %rax,VCPU_hvm_guest_cr2(%rbx) #ifndef NDEBUG mov $0xbeef,%ax - mov %ax,UREGS_error_code(r(sp)) - mov %ax,UREGS_entry_vector(r(sp)) - mov %ax,UREGS_saved_upcall_mask(r(sp)) - mov %ax,UREGS_cs(r(sp)) - mov %ax,UREGS_ds(r(sp)) - mov %ax,UREGS_es(r(sp)) - mov %ax,UREGS_fs(r(sp)) - mov %ax,UREGS_gs(r(sp)) - mov %ax,UREGS_ss(r(sp)) + mov %ax,UREGS_error_code(%rsp) + mov %ax,UREGS_entry_vector(%rsp) + mov %ax,UREGS_saved_upcall_mask(%rsp) + mov %ax,UREGS_cs(%rsp) + mov %ax,UREGS_ds(%rsp) + mov %ax,UREGS_es(%rsp) + mov %ax,UREGS_fs(%rsp) + mov %ax,UREGS_gs(%rsp) + mov %ax,UREGS_ss(%rsp) #endif - call_with_regs(vmx_vmexit_handler) + mov %rsp,%rdi + call vmx_vmexit_handler .globl vmx_asm_do_vmentry vmx_asm_do_vmentry: @@ -100,38 +93,39 @@ vmx_asm_do_vmentry: call nvmx_switch_guest ASSERT_NOT_IN_ATOMIC - get_current(bx) + GET_CURRENT(%rbx) cli - mov VCPU_processor(r(bx)),%eax - shl $IRQSTAT_shift,r(ax) - lea addr_of(irq_stat),r(dx) - cmpl $0,(r(dx),r(ax),1) + mov VCPU_processor(%rbx),%eax + shl $IRQSTAT_shift,%rax + lea irq_stat(%rip),%rdx + cmpl $0,(%rdx,%rax,1) jnz .Lvmx_process_softirqs - testb $0xff,VCPU_vmx_emulate(r(bx)) + testb $0xff,VCPU_vmx_emulate(%rbx) jnz .Lvmx_goto_emulator - testb $0xff,VCPU_vmx_realmode(r(bx)) + testb $0xff,VCPU_vmx_realmode(%rbx) UNLIKELY_START(nz, realmode) - cmpw $0,VCPU_vm86_seg_mask(r(bx)) + cmpw $0,VCPU_vm86_seg_mask(%rbx) jnz .Lvmx_goto_emulator - call_with_regs(vmx_enter_realmode) + mov %rsp,%rdi + call vmx_enter_realmode UNLIKELY_END(realmode) call vmx_vmenter_helper - mov VCPU_hvm_guest_cr2(r(bx)),r(ax) - mov r(ax),%cr2 + mov VCPU_hvm_guest_cr2(%rbx),%rax + mov %rax,%cr2 - lea UREGS_rip(r(sp)),r(di) + lea UREGS_rip(%rsp),%rdi mov $GUEST_RIP,%eax /*VMWRITE(UREGS_rip)*/ - .byte 0x0f,0x79,0x07 /* vmwrite (r(di)),r(ax) */ + .byte 0x0f,0x79,0x07 /* vmwrite (%rdi),%rax */ mov $GUEST_RSP,%eax VMWRITE(UREGS_rsp) mov $GUEST_RFLAGS,%eax VMWRITE(UREGS_eflags) - cmpb $0,VCPU_vmx_launched(r(bx)) + cmpb $0,VCPU_vmx_launched(%rbx) pop %r15 pop %r14 pop %r13 @@ -163,7 +157,8 @@ UNLIKELY_END(realmode) .Lvmx_goto_emulator: sti - call_with_regs(vmx_realmode) + mov %rsp,%rdi + call vmx_realmode jmp vmx_asm_do_vmentry .Lvmx_process_softirqs: _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:33 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:33 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGV-0007Zo-Ec; Wed, 16 Jan 2013 08:22:31 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGU-0007XE-3Y for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:30 +0000 Received: from [85.158.137.99:9870] by server-7.bemta-3.messagelabs.com id 56/7E-23876-54366F05; Wed, 16 Jan 2013 08:22:29 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-16.tower-217.messagelabs.com!1358324547!17136538!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 11011 invoked from network); 16 Jan 2013 08:22:28 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-16.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:28 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGR-0003sb-3p for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:27 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGR-0000fr-2d for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:27 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:26 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] x86/hvm: Remove 32-/64-bit abstraction macros from asm files. X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Keir Fraser # Date 1358172365 0 # Node ID f6a81b41ad710464f255fb6e75f569c71f58045e # Parent e6f74afc78d26e0201c64d08b8a3ed089c2120ff x86/hvm: Remove 32-/64-bit abstraction macros from asm files. Not needed now we target 64-bit only. Signed-off-by: Keir Fraser --- diff -r e6f74afc78d2 -r f6a81b41ad71 xen/arch/x86/hvm/svm/entry.S --- a/xen/arch/x86/hvm/svm/entry.S Mon Jan 14 13:55:45 2013 +0000 +++ b/xen/arch/x86/hvm/svm/entry.S Mon Jan 14 14:06:05 2013 +0000 @@ -31,55 +31,48 @@ #define STGI .byte 0x0F,0x01,0xDC #define CLGI .byte 0x0F,0x01,0xDD -#define get_current(reg) GET_CURRENT(r(reg)) - -#define r(reg) %r##reg -#define addr_of(lbl) lbl(%rip) -#define call_with_regs(fn) \ - mov %rsp,%rdi; \ - call fn; - ENTRY(svm_asm_do_resume) call svm_intr_assist - call_with_regs(nsvm_vcpu_switch) + mov %rsp,%rdi + call nsvm_vcpu_switch ASSERT_NOT_IN_ATOMIC - get_current(bx) + GET_CURRENT(%rbx) CLGI - mov VCPU_processor(r(bx)),%eax - shl $IRQSTAT_shift,r(ax) - lea addr_of(irq_stat),r(dx) - testl $~0,(r(dx),r(ax),1) + mov VCPU_processor(%rbx),%eax + shl $IRQSTAT_shift,%rax + lea irq_stat(%rip),%rdx + testl $~0,(%rdx,%rax,1) jnz .Lsvm_process_softirqs - testb $0, VCPU_nsvm_hap_enabled(r(bx)) + testb $0, VCPU_nsvm_hap_enabled(%rbx) UNLIKELY_START(nz, nsvm_hap) - mov VCPU_nhvm_p2m(r(bx)),r(ax) - test r(ax),r(ax) + mov VCPU_nhvm_p2m(%rbx),%rax + test %rax,%rax sete %al - andb VCPU_nhvm_guestmode(r(bx)),%al + andb VCPU_nhvm_guestmode(%rbx),%al jnz .Lsvm_nsvm_no_p2m UNLIKELY_END(nsvm_hap) call svm_asid_handle_vmrun - cmpb $0,addr_of(tb_init_done) + cmpb $0,tb_init_done(%rip) UNLIKELY_START(nz, svm_trace) call svm_trace_vmentry UNLIKELY_END(svm_trace) - mov VCPU_svm_vmcb(r(bx)),r(cx) - mov UREGS_rax(r(sp)),r(ax) - mov r(ax),VMCB_rax(r(cx)) - mov UREGS_rip(r(sp)),r(ax) - mov r(ax),VMCB_rip(r(cx)) - mov UREGS_rsp(r(sp)),r(ax) - mov r(ax),VMCB_rsp(r(cx)) - mov UREGS_eflags(r(sp)),r(ax) - mov r(ax),VMCB_rflags(r(cx)) + mov VCPU_svm_vmcb(%rbx),%rcx + mov UREGS_rax(%rsp),%rax + mov %rax,VMCB_rax(%rcx) + mov UREGS_rip(%rsp),%rax + mov %rax,VMCB_rip(%rcx) + mov UREGS_rsp(%rsp),%rax + mov %rax,VMCB_rsp(%rcx) + mov UREGS_eflags(%rsp),%rax + mov %rax,VMCB_rflags(%rcx) - mov VCPU_svm_vmcb_pa(r(bx)),r(ax) + mov VCPU_svm_vmcb_pa(%rbx),%rax pop %r15 pop %r14 @@ -115,35 +108,36 @@ UNLIKELY_END(svm_trace) push %r14 push %r15 - get_current(bx) - movb $0,VCPU_svm_vmcb_in_sync(r(bx)) - mov VCPU_svm_vmcb(r(bx)),r(cx) - mov VMCB_rax(r(cx)),r(ax) - mov r(ax),UREGS_rax(r(sp)) - mov VMCB_rip(r(cx)),r(ax) - mov r(ax),UREGS_rip(r(sp)) - mov VMCB_rsp(r(cx)),r(ax) - mov r(ax),UREGS_rsp(r(sp)) - mov VMCB_rflags(r(cx)),r(ax) - mov r(ax),UREGS_eflags(r(sp)) + GET_CURRENT(%rbx) + movb $0,VCPU_svm_vmcb_in_sync(%rbx) + mov VCPU_svm_vmcb(%rbx),%rcx + mov VMCB_rax(%rcx),%rax + mov %rax,UREGS_rax(%rsp) + mov VMCB_rip(%rcx),%rax + mov %rax,UREGS_rip(%rsp) + mov VMCB_rsp(%rcx),%rax + mov %rax,UREGS_rsp(%rsp) + mov VMCB_rflags(%rcx),%rax + mov %rax,UREGS_eflags(%rsp) #ifndef NDEBUG mov $0xbeef,%ax - mov %ax,UREGS_error_code(r(sp)) - mov %ax,UREGS_entry_vector(r(sp)) - mov %ax,UREGS_saved_upcall_mask(r(sp)) - mov %ax,UREGS_cs(r(sp)) - mov %ax,UREGS_ds(r(sp)) - mov %ax,UREGS_es(r(sp)) - mov %ax,UREGS_fs(r(sp)) - mov %ax,UREGS_gs(r(sp)) - mov %ax,UREGS_ss(r(sp)) + mov %ax,UREGS_error_code(%rsp) + mov %ax,UREGS_entry_vector(%rsp) + mov %ax,UREGS_saved_upcall_mask(%rsp) + mov %ax,UREGS_cs(%rsp) + mov %ax,UREGS_ds(%rsp) + mov %ax,UREGS_es(%rsp) + mov %ax,UREGS_fs(%rsp) + mov %ax,UREGS_gs(%rsp) + mov %ax,UREGS_ss(%rsp) #endif STGI .globl svm_stgi_label svm_stgi_label: - call_with_regs(svm_vmexit_handler) + mov %rsp,%rdi + call svm_vmexit_handler jmp svm_asm_do_resume .Lsvm_process_softirqs: diff -r e6f74afc78d2 -r f6a81b41ad71 xen/arch/x86/hvm/vmx/entry.S --- a/xen/arch/x86/hvm/vmx/entry.S Mon Jan 14 13:55:45 2013 +0000 +++ b/xen/arch/x86/hvm/vmx/entry.S Mon Jan 14 14:06:05 2013 +0000 @@ -36,14 +36,6 @@ #define GUEST_RIP 0x681e #define GUEST_RFLAGS 0x6820 -#define get_current(reg) GET_CURRENT(r(reg)) - -#define r(reg) %r##reg -#define addr_of(lbl) lbl(%rip) -#define call_with_regs(fn) \ - mov %rsp,%rdi; \ - call fn; - ALIGN .globl vmx_asm_vmexit_handler vmx_asm_vmexit_handler: @@ -63,36 +55,37 @@ vmx_asm_vmexit_handler: push %r14 push %r15 - get_current(bx) + GET_CURRENT(%rbx) - movb $1,VCPU_vmx_launched(r(bx)) + movb $1,VCPU_vmx_launched(%rbx) - lea UREGS_rip(r(sp)),r(di) + lea UREGS_rip(%rsp),%rdi mov $GUEST_RIP,%eax /*VMREAD(UREGS_rip)*/ - .byte 0x0f,0x78,0x07 /* vmread r(ax),(r(di)) */ + .byte 0x0f,0x78,0x07 /* vmread %rax,(%rdi) */ mov $GUEST_RSP,%eax VMREAD(UREGS_rsp) mov $GUEST_RFLAGS,%eax VMREAD(UREGS_eflags) - mov %cr2,r(ax) - mov r(ax),VCPU_hvm_guest_cr2(r(bx)) + mov %cr2,%rax + mov %rax,VCPU_hvm_guest_cr2(%rbx) #ifndef NDEBUG mov $0xbeef,%ax - mov %ax,UREGS_error_code(r(sp)) - mov %ax,UREGS_entry_vector(r(sp)) - mov %ax,UREGS_saved_upcall_mask(r(sp)) - mov %ax,UREGS_cs(r(sp)) - mov %ax,UREGS_ds(r(sp)) - mov %ax,UREGS_es(r(sp)) - mov %ax,UREGS_fs(r(sp)) - mov %ax,UREGS_gs(r(sp)) - mov %ax,UREGS_ss(r(sp)) + mov %ax,UREGS_error_code(%rsp) + mov %ax,UREGS_entry_vector(%rsp) + mov %ax,UREGS_saved_upcall_mask(%rsp) + mov %ax,UREGS_cs(%rsp) + mov %ax,UREGS_ds(%rsp) + mov %ax,UREGS_es(%rsp) + mov %ax,UREGS_fs(%rsp) + mov %ax,UREGS_gs(%rsp) + mov %ax,UREGS_ss(%rsp) #endif - call_with_regs(vmx_vmexit_handler) + mov %rsp,%rdi + call vmx_vmexit_handler .globl vmx_asm_do_vmentry vmx_asm_do_vmentry: @@ -100,38 +93,39 @@ vmx_asm_do_vmentry: call nvmx_switch_guest ASSERT_NOT_IN_ATOMIC - get_current(bx) + GET_CURRENT(%rbx) cli - mov VCPU_processor(r(bx)),%eax - shl $IRQSTAT_shift,r(ax) - lea addr_of(irq_stat),r(dx) - cmpl $0,(r(dx),r(ax),1) + mov VCPU_processor(%rbx),%eax + shl $IRQSTAT_shift,%rax + lea irq_stat(%rip),%rdx + cmpl $0,(%rdx,%rax,1) jnz .Lvmx_process_softirqs - testb $0xff,VCPU_vmx_emulate(r(bx)) + testb $0xff,VCPU_vmx_emulate(%rbx) jnz .Lvmx_goto_emulator - testb $0xff,VCPU_vmx_realmode(r(bx)) + testb $0xff,VCPU_vmx_realmode(%rbx) UNLIKELY_START(nz, realmode) - cmpw $0,VCPU_vm86_seg_mask(r(bx)) + cmpw $0,VCPU_vm86_seg_mask(%rbx) jnz .Lvmx_goto_emulator - call_with_regs(vmx_enter_realmode) + mov %rsp,%rdi + call vmx_enter_realmode UNLIKELY_END(realmode) call vmx_vmenter_helper - mov VCPU_hvm_guest_cr2(r(bx)),r(ax) - mov r(ax),%cr2 + mov VCPU_hvm_guest_cr2(%rbx),%rax + mov %rax,%cr2 - lea UREGS_rip(r(sp)),r(di) + lea UREGS_rip(%rsp),%rdi mov $GUEST_RIP,%eax /*VMWRITE(UREGS_rip)*/ - .byte 0x0f,0x79,0x07 /* vmwrite (r(di)),r(ax) */ + .byte 0x0f,0x79,0x07 /* vmwrite (%rdi),%rax */ mov $GUEST_RSP,%eax VMWRITE(UREGS_rsp) mov $GUEST_RFLAGS,%eax VMWRITE(UREGS_eflags) - cmpb $0,VCPU_vmx_launched(r(bx)) + cmpb $0,VCPU_vmx_launched(%rbx) pop %r15 pop %r14 pop %r13 @@ -163,7 +157,8 @@ UNLIKELY_END(realmode) .Lvmx_goto_emulator: sti - call_with_regs(vmx_realmode) + mov %rsp,%rdi + call vmx_realmode jmp vmx_asm_do_vmentry .Lvmx_process_softirqs: _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:34 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:34 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGY-0007d7-2t; Wed, 16 Jan 2013 08:22:34 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGW-0007aU-MO for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:32 +0000 Received: from [85.158.143.99:63933] by server-3.bemta-4.messagelabs.com id 57/1F-19220-84366F05; Wed, 16 Jan 2013 08:22:32 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-8.tower-216.messagelabs.com!1358324532!18354855!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 16929 invoked from network); 16 Jan 2013 08:22:22 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-8.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:22 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGA-0003r3-T3 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGA-0000Yi-LI for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:10 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:10 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] arch/x86: convert platform_hypercall to use XSM X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357899062 0 # Node ID f8156587c7fafb1d708553e83ca569ed8172050b # Parent 6be26b7bda2f0c2cc86a8c68d0a302fffdeac7ae arch/x86: convert platform_hypercall to use XSM The newly introduced xsm_platform_op hook addresses new sub-ops, while most ops already have their own XSM hooks. Signed-off-by: Daniel De Graaf Acked-by: Jan Beulich Committed-by: Keir Fraser --- diff -r 6be26b7bda2f -r f8156587c7fa xen/arch/x86/platform_hypercall.c --- a/xen/arch/x86/platform_hypercall.c Fri Jan 11 10:10:21 2013 +0000 +++ b/xen/arch/x86/platform_hypercall.c Fri Jan 11 10:11:02 2013 +0000 @@ -66,15 +66,16 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA ret_t ret = 0; struct xen_platform_op curop, *op = &curop; - if ( !IS_PRIV(current->domain) ) - return -EPERM; - if ( copy_from_guest(op, u_xenpf_op, 1) ) return -EFAULT; if ( op->interface_version != XENPF_INTERFACE_VERSION ) return -EACCES; + ret = xsm_platform_op(op->cmd); + if ( ret ) + return ret; + /* * Trylock here avoids deadlock with an existing platform critical section * which might (for some current or future reason) want to synchronise @@ -513,6 +514,10 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA { struct xenpf_pcpu_version *ver = &op->u.pcpu_version; + ret = xsm_getcpuinfo(); + if ( ret ) + break; + if ( !get_cpu_maps() ) { ret = -EBUSY; diff -r 6be26b7bda2f -r f8156587c7fa xen/include/xsm/dummy.h --- a/xen/include/xsm/dummy.h Fri Jan 11 10:10:21 2013 +0000 +++ b/xen/include/xsm/dummy.h Fri Jan 11 10:11:02 2013 +0000 @@ -593,6 +593,13 @@ static XSM_INLINE int xsm_platform_quirk return 0; } +static XSM_INLINE int xsm_platform_op(uint32_t op) +{ + if ( !IS_PRIV(current->domain) ) + return -EPERM; + return 0; +} + static XSM_INLINE int xsm_firmware_info(void) { return 0; diff -r 6be26b7bda2f -r f8156587c7fa xen/include/xsm/xsm.h --- a/xen/include/xsm/xsm.h Fri Jan 11 10:10:21 2013 +0000 +++ b/xen/include/xsm/xsm.h Fri Jan 11 10:11:02 2013 +0000 @@ -159,6 +159,7 @@ struct xsm_operations { int (*microcode) (void); int (*physinfo) (void); int (*platform_quirk) (uint32_t); + int (*platform_op) (uint32_t cmd); int (*firmware_info) (void); int (*efi_call) (void); int (*acpi_sleep) (void); @@ -704,6 +705,11 @@ static inline int xsm_platform_quirk (ui return xsm_ops->platform_quirk(quirk); } +static inline int xsm_platform_op (uint32_t op) +{ + return xsm_ops->platform_op(op); +} + static inline int xsm_firmware_info (void) { return xsm_ops->firmware_info(); diff -r 6be26b7bda2f -r f8156587c7fa xen/xsm/dummy.c --- a/xen/xsm/dummy.c Fri Jan 11 10:10:21 2013 +0000 +++ b/xen/xsm/dummy.c Fri Jan 11 10:11:02 2013 +0000 @@ -144,6 +144,7 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, microcode); set_to_dummy_if_null(ops, physinfo); set_to_dummy_if_null(ops, platform_quirk); + set_to_dummy_if_null(ops, platform_op); set_to_dummy_if_null(ops, firmware_info); set_to_dummy_if_null(ops, efi_call); set_to_dummy_if_null(ops, acpi_sleep); diff -r 6be26b7bda2f -r f8156587c7fa xen/xsm/flask/hooks.c --- a/xen/xsm/flask/hooks.c Fri Jan 11 10:10:21 2013 +0000 +++ b/xen/xsm/flask/hooks.c Fri Jan 11 10:11:02 2013 +0000 @@ -1316,6 +1316,38 @@ static int flask_platform_quirk(uint32_t XEN__QUIRK, NULL); } +static int flask_platform_op(uint32_t op) +{ + switch ( op ) + { + case XENPF_settime: + case XENPF_add_memtype: + case XENPF_del_memtype: + case XENPF_read_memtype: + case XENPF_microcode_update: + case XENPF_platform_quirk: + case XENPF_firmware_info: + case XENPF_efi_runtime_call: + case XENPF_enter_acpi_sleep: + case XENPF_change_freq: + case XENPF_getidletime: + case XENPF_set_processor_pminfo: + case XENPF_get_cpuinfo: + case XENPF_get_cpu_version: + case XENPF_cpu_online: + case XENPF_cpu_offline: + case XENPF_cpu_hotadd: + case XENPF_mem_hotadd: + /* These operations have their own XSM hooks */ + return 0; + case XENPF_core_parking: + return domain_has_xen(current->domain, XEN__PM_OP); + default: + printk("flask_platform_op: Unknown op %d\n", op); + return -EPERM; + } +} + static int flask_firmware_info(void) { return domain_has_xen(current->domain, XEN__FIRMWARE); @@ -1687,6 +1719,7 @@ static struct xsm_operations flask_ops = .microcode = flask_microcode, .physinfo = flask_physinfo, .platform_quirk = flask_platform_quirk, + .platform_op = flask_platform_op, .firmware_info = flask_firmware_info, .efi_call = flask_efi_call, .acpi_sleep = flask_acpi_sleep, _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:34 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:34 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGY-0007d7-2t; Wed, 16 Jan 2013 08:22:34 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGW-0007aU-MO for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:32 +0000 Received: from [85.158.143.99:63933] by server-3.bemta-4.messagelabs.com id 57/1F-19220-84366F05; Wed, 16 Jan 2013 08:22:32 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-8.tower-216.messagelabs.com!1358324532!18354855!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 16929 invoked from network); 16 Jan 2013 08:22:22 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-8.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:22 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGA-0003r3-T3 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGA-0000Yi-LI for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:10 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:10 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] arch/x86: convert platform_hypercall to use XSM X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357899062 0 # Node ID f8156587c7fafb1d708553e83ca569ed8172050b # Parent 6be26b7bda2f0c2cc86a8c68d0a302fffdeac7ae arch/x86: convert platform_hypercall to use XSM The newly introduced xsm_platform_op hook addresses new sub-ops, while most ops already have their own XSM hooks. Signed-off-by: Daniel De Graaf Acked-by: Jan Beulich Committed-by: Keir Fraser --- diff -r 6be26b7bda2f -r f8156587c7fa xen/arch/x86/platform_hypercall.c --- a/xen/arch/x86/platform_hypercall.c Fri Jan 11 10:10:21 2013 +0000 +++ b/xen/arch/x86/platform_hypercall.c Fri Jan 11 10:11:02 2013 +0000 @@ -66,15 +66,16 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA ret_t ret = 0; struct xen_platform_op curop, *op = &curop; - if ( !IS_PRIV(current->domain) ) - return -EPERM; - if ( copy_from_guest(op, u_xenpf_op, 1) ) return -EFAULT; if ( op->interface_version != XENPF_INTERFACE_VERSION ) return -EACCES; + ret = xsm_platform_op(op->cmd); + if ( ret ) + return ret; + /* * Trylock here avoids deadlock with an existing platform critical section * which might (for some current or future reason) want to synchronise @@ -513,6 +514,10 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA { struct xenpf_pcpu_version *ver = &op->u.pcpu_version; + ret = xsm_getcpuinfo(); + if ( ret ) + break; + if ( !get_cpu_maps() ) { ret = -EBUSY; diff -r 6be26b7bda2f -r f8156587c7fa xen/include/xsm/dummy.h --- a/xen/include/xsm/dummy.h Fri Jan 11 10:10:21 2013 +0000 +++ b/xen/include/xsm/dummy.h Fri Jan 11 10:11:02 2013 +0000 @@ -593,6 +593,13 @@ static XSM_INLINE int xsm_platform_quirk return 0; } +static XSM_INLINE int xsm_platform_op(uint32_t op) +{ + if ( !IS_PRIV(current->domain) ) + return -EPERM; + return 0; +} + static XSM_INLINE int xsm_firmware_info(void) { return 0; diff -r 6be26b7bda2f -r f8156587c7fa xen/include/xsm/xsm.h --- a/xen/include/xsm/xsm.h Fri Jan 11 10:10:21 2013 +0000 +++ b/xen/include/xsm/xsm.h Fri Jan 11 10:11:02 2013 +0000 @@ -159,6 +159,7 @@ struct xsm_operations { int (*microcode) (void); int (*physinfo) (void); int (*platform_quirk) (uint32_t); + int (*platform_op) (uint32_t cmd); int (*firmware_info) (void); int (*efi_call) (void); int (*acpi_sleep) (void); @@ -704,6 +705,11 @@ static inline int xsm_platform_quirk (ui return xsm_ops->platform_quirk(quirk); } +static inline int xsm_platform_op (uint32_t op) +{ + return xsm_ops->platform_op(op); +} + static inline int xsm_firmware_info (void) { return xsm_ops->firmware_info(); diff -r 6be26b7bda2f -r f8156587c7fa xen/xsm/dummy.c --- a/xen/xsm/dummy.c Fri Jan 11 10:10:21 2013 +0000 +++ b/xen/xsm/dummy.c Fri Jan 11 10:11:02 2013 +0000 @@ -144,6 +144,7 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, microcode); set_to_dummy_if_null(ops, physinfo); set_to_dummy_if_null(ops, platform_quirk); + set_to_dummy_if_null(ops, platform_op); set_to_dummy_if_null(ops, firmware_info); set_to_dummy_if_null(ops, efi_call); set_to_dummy_if_null(ops, acpi_sleep); diff -r 6be26b7bda2f -r f8156587c7fa xen/xsm/flask/hooks.c --- a/xen/xsm/flask/hooks.c Fri Jan 11 10:10:21 2013 +0000 +++ b/xen/xsm/flask/hooks.c Fri Jan 11 10:11:02 2013 +0000 @@ -1316,6 +1316,38 @@ static int flask_platform_quirk(uint32_t XEN__QUIRK, NULL); } +static int flask_platform_op(uint32_t op) +{ + switch ( op ) + { + case XENPF_settime: + case XENPF_add_memtype: + case XENPF_del_memtype: + case XENPF_read_memtype: + case XENPF_microcode_update: + case XENPF_platform_quirk: + case XENPF_firmware_info: + case XENPF_efi_runtime_call: + case XENPF_enter_acpi_sleep: + case XENPF_change_freq: + case XENPF_getidletime: + case XENPF_set_processor_pminfo: + case XENPF_get_cpuinfo: + case XENPF_get_cpu_version: + case XENPF_cpu_online: + case XENPF_cpu_offline: + case XENPF_cpu_hotadd: + case XENPF_mem_hotadd: + /* These operations have their own XSM hooks */ + return 0; + case XENPF_core_parking: + return domain_has_xen(current->domain, XEN__PM_OP); + default: + printk("flask_platform_op: Unknown op %d\n", op); + return -EPERM; + } +} + static int flask_firmware_info(void) { return domain_has_xen(current->domain, XEN__FIRMWARE); @@ -1687,6 +1719,7 @@ static struct xsm_operations flask_ops = .microcode = flask_microcode, .physinfo = flask_physinfo, .platform_quirk = flask_platform_quirk, + .platform_op = flask_platform_op, .firmware_info = flask_firmware_info, .efi_call = flask_efi_call, .acpi_sleep = flask_acpi_sleep, _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:35 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:35 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGY-0007dk-Cw; Wed, 16 Jan 2013 08:22:34 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGX-0007bO-DB for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:33 +0000 Received: from [85.158.137.99:16007] by server-14.bemta-3.messagelabs.com id AD/D5-14086-84366F05; Wed, 16 Jan 2013 08:22:32 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-4.tower-217.messagelabs.com!1358324551!17141339!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_DONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 2465 invoked from network); 16 Jan 2013 08:22:32 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-4.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:32 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGU-0003tE-RQ for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:30 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGU-0000hf-QJ for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:30 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:30 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] nEPT: Sync PDPTR fields if L2 guest in PAE paging mode X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Zhang Xiantao # Date 1358245385 -3600 # Node ID 1756a6782c750b40e136d197fcd07420c4e59b59 # Parent 0d20a4939690437e2a2b2b29b30c7518000dd961 nEPT: Sync PDPTR fields if L2 guest in PAE paging mode For PAE L2 guest, GUEST_DPPTR registers needs to be synced for each virtual vmentry. Signed-off-by: Zhang Xiantao Acked-by: Tim Deegan Acked-by: Jun Nakajima Acked-by: Eddie Dong Committed-by: Jan Beulich --- diff -r 0d20a4939690 -r 1756a6782c75 xen/arch/x86/hvm/vmx/vvmx.c --- a/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 15 11:18:46 2013 +0100 +++ b/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 15 11:23:05 2013 +0100 @@ -882,7 +882,15 @@ static void load_shadow_guest_state(stru (__get_vvmcs(vvmcs, CR4_READ_SHADOW) & cr_gh_mask); __vmwrite(CR4_READ_SHADOW, cr_read_shadow); - /* TODO: PDPTRs for nested ept */ + if ( nvmx_ept_enabled(v) && hvm_pae_enabled(v) && + (v->arch.hvm_vcpu.guest_efer & EFER_LMA) ) + { + vvmcs_to_shadow(vvmcs, GUEST_PDPTR0); + vvmcs_to_shadow(vvmcs, GUEST_PDPTR1); + vvmcs_to_shadow(vvmcs, GUEST_PDPTR2); + vvmcs_to_shadow(vvmcs, GUEST_PDPTR3); + } + /* TODO: CR3 target control */ } _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:35 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:35 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGY-0007dk-Cw; Wed, 16 Jan 2013 08:22:34 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGX-0007bO-DB for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:33 +0000 Received: from [85.158.137.99:16007] by server-14.bemta-3.messagelabs.com id AD/D5-14086-84366F05; Wed, 16 Jan 2013 08:22:32 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-4.tower-217.messagelabs.com!1358324551!17141339!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_DONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 2465 invoked from network); 16 Jan 2013 08:22:32 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-4.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:32 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGU-0003tE-RQ for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:30 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGU-0000hf-QJ for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:30 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:30 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] nEPT: Sync PDPTR fields if L2 guest in PAE paging mode X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Zhang Xiantao # Date 1358245385 -3600 # Node ID 1756a6782c750b40e136d197fcd07420c4e59b59 # Parent 0d20a4939690437e2a2b2b29b30c7518000dd961 nEPT: Sync PDPTR fields if L2 guest in PAE paging mode For PAE L2 guest, GUEST_DPPTR registers needs to be synced for each virtual vmentry. Signed-off-by: Zhang Xiantao Acked-by: Tim Deegan Acked-by: Jun Nakajima Acked-by: Eddie Dong Committed-by: Jan Beulich --- diff -r 0d20a4939690 -r 1756a6782c75 xen/arch/x86/hvm/vmx/vvmx.c --- a/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 15 11:18:46 2013 +0100 +++ b/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 15 11:23:05 2013 +0100 @@ -882,7 +882,15 @@ static void load_shadow_guest_state(stru (__get_vvmcs(vvmcs, CR4_READ_SHADOW) & cr_gh_mask); __vmwrite(CR4_READ_SHADOW, cr_read_shadow); - /* TODO: PDPTRs for nested ept */ + if ( nvmx_ept_enabled(v) && hvm_pae_enabled(v) && + (v->arch.hvm_vcpu.guest_efer & EFER_LMA) ) + { + vvmcs_to_shadow(vvmcs, GUEST_PDPTR0); + vvmcs_to_shadow(vvmcs, GUEST_PDPTR1); + vvmcs_to_shadow(vvmcs, GUEST_PDPTR2); + vvmcs_to_shadow(vvmcs, GUEST_PDPTR3); + } + /* TODO: CR3 target control */ } _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:35 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:35 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGZ-0007fo-Ht; Wed, 16 Jan 2013 08:22:35 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGX-0007cA-UT for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:34 +0000 Received: from [85.158.137.99:13068] by server-1.bemta-3.messagelabs.com id 49/E2-04327-94366F05; Wed, 16 Jan 2013 08:22:33 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-2.tower-217.messagelabs.com!1358324541!17023728!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 29542 invoked from network); 16 Jan 2013 08:22:22 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-2.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:22 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGL-0003s1-7P for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:21 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGL-0000dY-68 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:21 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:20 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] tools/ocaml: libxc bindings: Fix SBDF encoding X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Andrew Cooper # Date 1357906949 0 # Node ID 56daf05bcf69db56476bb7b97600292e791253c3 # Parent 9a1610c1e564cdc49b8bf628694632a63c6f6b63 tools/ocaml: libxc bindings: Fix SBDF encoding Changeset 23861:ec7c81fbe0de alters the SBDF encoding expected by the DOMCTL_{de,}assign_device hypercalls. While it updates libxl, libxc and the python bindings, the ocaml bindings got missed. As a result, any attempt to use PCI Passthrough with Xen-4.2 and later will fail. Signed-off-by: Andrew Cooper Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r 9a1610c1e564 -r 56daf05bcf69 tools/ocaml/libs/xc/xenctrl_stubs.c --- a/tools/ocaml/libs/xc/xenctrl_stubs.c Fri Jan 11 12:22:28 2013 +0000 +++ b/tools/ocaml/libs/xc/xenctrl_stubs.c Fri Jan 11 12:22:29 2013 +0000 @@ -1085,11 +1085,10 @@ CAMLprim value stub_xc_domain_irq_permis static uint32_t pci_dev_to_bdf(int domain, int bus, int slot, int func) { - uint32_t bdf = 0; - bdf |= (bus & 0xff) << 16; - bdf |= (slot & 0x1f) << 11; - bdf |= (func & 0x7) << 8; - return bdf; + return ((uint32_t)domain & 0xffff) << 16 | + ((uint32_t)bus & 0xff) << 8 | + ((uint32_t)slot & 0x1f) << 3 | + ((uint32_t)func & 0x7); } CAMLprim value stub_xc_domain_test_assign_device(value xch, value domid, value desc) _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:35 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:35 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGZ-0007fo-Ht; Wed, 16 Jan 2013 08:22:35 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGX-0007cA-UT for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:34 +0000 Received: from [85.158.137.99:13068] by server-1.bemta-3.messagelabs.com id 49/E2-04327-94366F05; Wed, 16 Jan 2013 08:22:33 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-2.tower-217.messagelabs.com!1358324541!17023728!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 29542 invoked from network); 16 Jan 2013 08:22:22 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-2.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:22 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGL-0003s1-7P for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:21 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGL-0000dY-68 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:21 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:20 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] tools/ocaml: libxc bindings: Fix SBDF encoding X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Andrew Cooper # Date 1357906949 0 # Node ID 56daf05bcf69db56476bb7b97600292e791253c3 # Parent 9a1610c1e564cdc49b8bf628694632a63c6f6b63 tools/ocaml: libxc bindings: Fix SBDF encoding Changeset 23861:ec7c81fbe0de alters the SBDF encoding expected by the DOMCTL_{de,}assign_device hypercalls. While it updates libxl, libxc and the python bindings, the ocaml bindings got missed. As a result, any attempt to use PCI Passthrough with Xen-4.2 and later will fail. Signed-off-by: Andrew Cooper Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r 9a1610c1e564 -r 56daf05bcf69 tools/ocaml/libs/xc/xenctrl_stubs.c --- a/tools/ocaml/libs/xc/xenctrl_stubs.c Fri Jan 11 12:22:28 2013 +0000 +++ b/tools/ocaml/libs/xc/xenctrl_stubs.c Fri Jan 11 12:22:29 2013 +0000 @@ -1085,11 +1085,10 @@ CAMLprim value stub_xc_domain_irq_permis static uint32_t pci_dev_to_bdf(int domain, int bus, int slot, int func) { - uint32_t bdf = 0; - bdf |= (bus & 0xff) << 16; - bdf |= (slot & 0x1f) << 11; - bdf |= (func & 0x7) << 8; - return bdf; + return ((uint32_t)domain & 0xffff) << 16 | + ((uint32_t)bus & 0xff) << 8 | + ((uint32_t)slot & 0x1f) << 3 | + ((uint32_t)func & 0x7); } CAMLprim value stub_xc_domain_test_assign_device(value xch, value domid, value desc) _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:35 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:35 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGZ-0007g9-L1; Wed, 16 Jan 2013 08:22:35 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGY-0007aU-0S for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:34 +0000 Received: from [85.158.143.35:34866] by server-3.bemta-4.messagelabs.com id EE/1F-19220-94366F05; Wed, 16 Jan 2013 08:22:33 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-7.tower-21.messagelabs.com!1358324552!11684865!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_DONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 16314 invoked from network); 16 Jan 2013 08:22:32 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-7.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:32 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGV-0003tO-Sg for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:31 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGV-0000i9-RY for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:31 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:31 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] nEPT: handle invept instruction from L1 VMM X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Zhang Xiantao # Date 1358245781 -3600 # Node ID a16d3f55a3d583bc50ad1c7a79fef5eb75140a5a # Parent 51095ed4f95131d7aa467810c3fae043c945220b nEPT: handle invept instruction from L1 VMM Add the INVEPT instruction emulation logic. Signed-off-by: Zhang Xiantao Acked-by: Tim Deegan Acked-by: Jun Nakajima Acked-by: Eddie Dong Committed-by: Jan Beulich --- diff -r 51095ed4f951 -r a16d3f55a3d5 xen/arch/x86/hvm/vmx/vmx.c --- a/xen/arch/x86/hvm/vmx/vmx.c Tue Jan 15 11:28:23 2013 +0100 +++ b/xen/arch/x86/hvm/vmx/vmx.c Tue Jan 15 11:29:41 2013 +0100 @@ -2580,10 +2580,14 @@ void vmx_vmexit_handler(struct cpu_user_ update_guest_eip(); break; + case EXIT_REASON_INVEPT: + if ( nvmx_handle_invept(regs) == X86EMUL_OKAY ) + update_guest_eip(); + break; + case EXIT_REASON_MWAIT_INSTRUCTION: case EXIT_REASON_MONITOR_INSTRUCTION: case EXIT_REASON_GETSEC: - case EXIT_REASON_INVEPT: case EXIT_REASON_INVVPID: /* * We should never exit on GETSEC because CR4.SMXE is always 0 when diff -r 51095ed4f951 -r a16d3f55a3d5 xen/arch/x86/hvm/vmx/vvmx.c --- a/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 15 11:28:23 2013 +0100 +++ b/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 15 11:29:41 2013 +0100 @@ -1393,6 +1393,40 @@ int nvmx_handle_vmwrite(struct cpu_user_ return X86EMUL_OKAY; } +int nvmx_handle_invept(struct cpu_user_regs *regs) +{ + struct vmx_inst_decoded decode; + unsigned long eptp; + int ret; + + if ( (ret = decode_vmx_inst(regs, &decode, &eptp, 0)) != X86EMUL_OKAY ) + return ret; + + switch ( reg_read(regs, decode.reg2) ) + { + case INVEPT_SINGLE_CONTEXT: + { + struct p2m_domain *p2m = vcpu_nestedhvm(current).nv_p2m; + if ( p2m ) + { + p2m_flush(current, p2m); + ept_sync_domain(p2m); + } + break; + } + case INVEPT_ALL_CONTEXT: + p2m_flush_nestedp2m(current->domain); + __invept(INVEPT_ALL_CONTEXT, 0, 0); + break; + default: + vmreturn(regs, VMFAIL_INVALID); + return X86EMUL_OKAY; + } + vmreturn(regs, VMSUCCEED); + return X86EMUL_OKAY; +} + + #define __emul_value(enable1, default1) \ ((enable1 | default1) << 32 | (default1)) diff -r 51095ed4f951 -r a16d3f55a3d5 xen/include/asm-x86/hvm/vmx/vvmx.h --- a/xen/include/asm-x86/hvm/vmx/vvmx.h Tue Jan 15 11:28:23 2013 +0100 +++ b/xen/include/asm-x86/hvm/vmx/vvmx.h Tue Jan 15 11:29:41 2013 +0100 @@ -191,6 +191,7 @@ int nvmx_handle_vmread(struct cpu_user_r int nvmx_handle_vmwrite(struct cpu_user_regs *regs); int nvmx_handle_vmresume(struct cpu_user_regs *regs); int nvmx_handle_vmlaunch(struct cpu_user_regs *regs); +int nvmx_handle_invept(struct cpu_user_regs *regs); int nvmx_msr_read_intercept(unsigned int msr, u64 *msr_content); int nvmx_msr_write_intercept(unsigned int msr, _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:35 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:35 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGZ-0007g9-L1; Wed, 16 Jan 2013 08:22:35 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGY-0007aU-0S for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:34 +0000 Received: from [85.158.143.35:34866] by server-3.bemta-4.messagelabs.com id EE/1F-19220-94366F05; Wed, 16 Jan 2013 08:22:33 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-7.tower-21.messagelabs.com!1358324552!11684865!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_DONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 16314 invoked from network); 16 Jan 2013 08:22:32 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-7.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:32 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGV-0003tO-Sg for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:31 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGV-0000i9-RY for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:31 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:31 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] nEPT: handle invept instruction from L1 VMM X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Zhang Xiantao # Date 1358245781 -3600 # Node ID a16d3f55a3d583bc50ad1c7a79fef5eb75140a5a # Parent 51095ed4f95131d7aa467810c3fae043c945220b nEPT: handle invept instruction from L1 VMM Add the INVEPT instruction emulation logic. Signed-off-by: Zhang Xiantao Acked-by: Tim Deegan Acked-by: Jun Nakajima Acked-by: Eddie Dong Committed-by: Jan Beulich --- diff -r 51095ed4f951 -r a16d3f55a3d5 xen/arch/x86/hvm/vmx/vmx.c --- a/xen/arch/x86/hvm/vmx/vmx.c Tue Jan 15 11:28:23 2013 +0100 +++ b/xen/arch/x86/hvm/vmx/vmx.c Tue Jan 15 11:29:41 2013 +0100 @@ -2580,10 +2580,14 @@ void vmx_vmexit_handler(struct cpu_user_ update_guest_eip(); break; + case EXIT_REASON_INVEPT: + if ( nvmx_handle_invept(regs) == X86EMUL_OKAY ) + update_guest_eip(); + break; + case EXIT_REASON_MWAIT_INSTRUCTION: case EXIT_REASON_MONITOR_INSTRUCTION: case EXIT_REASON_GETSEC: - case EXIT_REASON_INVEPT: case EXIT_REASON_INVVPID: /* * We should never exit on GETSEC because CR4.SMXE is always 0 when diff -r 51095ed4f951 -r a16d3f55a3d5 xen/arch/x86/hvm/vmx/vvmx.c --- a/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 15 11:28:23 2013 +0100 +++ b/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 15 11:29:41 2013 +0100 @@ -1393,6 +1393,40 @@ int nvmx_handle_vmwrite(struct cpu_user_ return X86EMUL_OKAY; } +int nvmx_handle_invept(struct cpu_user_regs *regs) +{ + struct vmx_inst_decoded decode; + unsigned long eptp; + int ret; + + if ( (ret = decode_vmx_inst(regs, &decode, &eptp, 0)) != X86EMUL_OKAY ) + return ret; + + switch ( reg_read(regs, decode.reg2) ) + { + case INVEPT_SINGLE_CONTEXT: + { + struct p2m_domain *p2m = vcpu_nestedhvm(current).nv_p2m; + if ( p2m ) + { + p2m_flush(current, p2m); + ept_sync_domain(p2m); + } + break; + } + case INVEPT_ALL_CONTEXT: + p2m_flush_nestedp2m(current->domain); + __invept(INVEPT_ALL_CONTEXT, 0, 0); + break; + default: + vmreturn(regs, VMFAIL_INVALID); + return X86EMUL_OKAY; + } + vmreturn(regs, VMSUCCEED); + return X86EMUL_OKAY; +} + + #define __emul_value(enable1, default1) \ ((enable1 | default1) << 32 | (default1)) diff -r 51095ed4f951 -r a16d3f55a3d5 xen/include/asm-x86/hvm/vmx/vvmx.h --- a/xen/include/asm-x86/hvm/vmx/vvmx.h Tue Jan 15 11:28:23 2013 +0100 +++ b/xen/include/asm-x86/hvm/vmx/vvmx.h Tue Jan 15 11:29:41 2013 +0100 @@ -191,6 +191,7 @@ int nvmx_handle_vmread(struct cpu_user_r int nvmx_handle_vmwrite(struct cpu_user_regs *regs); int nvmx_handle_vmresume(struct cpu_user_regs *regs); int nvmx_handle_vmlaunch(struct cpu_user_regs *regs); +int nvmx_handle_invept(struct cpu_user_regs *regs); int nvmx_msr_read_intercept(unsigned int msr, u64 *msr_content); int nvmx_msr_write_intercept(unsigned int msr, _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:36 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:36 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGZ-0007gX-Ps; Wed, 16 Jan 2013 08:22:35 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGY-0007co-Eh for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:34 +0000 Received: from [193.109.254.147:31699] by server-1.bemta-14.messagelabs.com id 52/98-00596-94366F05; Wed, 16 Jan 2013 08:22:33 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-3.tower-27.messagelabs.com!1358324551!9109511!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_DONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 7952 invoked from network); 16 Jan 2013 08:22:32 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-3.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:32 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGV-0003tJ-Be for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:31 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGV-0000hu-AX for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:31 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:30 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] nEPT: Use minimal permission for nested p2m X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Zhang Xiantao # Date 1358245703 -3600 # Node ID 51095ed4f95131d7aa467810c3fae043c945220b # Parent 1756a6782c750b40e136d197fcd07420c4e59b59 nEPT: Use minimal permission for nested p2m Emulate permission check for the nested p2m. Current solution is to use minimal permission, and once meet permission violation in L0, then determin whether it is caused by guest EPT or host EPT Signed-off-by: Zhang Xiantao Acked-by: Tim Deegan Acked-by: Jun Nakajima Acked-by: Eddie Dong Committed-by: Jan Beulich --- diff -r 1756a6782c75 -r 51095ed4f951 xen/arch/x86/hvm/svm/nestedsvm.c --- a/xen/arch/x86/hvm/svm/nestedsvm.c Tue Jan 15 11:23:05 2013 +0100 +++ b/xen/arch/x86/hvm/svm/nestedsvm.c Tue Jan 15 11:28:23 2013 +0100 @@ -1177,7 +1177,7 @@ nsvm_vmcb_hap_enabled(struct vcpu *v) */ int nsvm_hap_walk_L1_p2m(struct vcpu *v, paddr_t L2_gpa, paddr_t *L1_gpa, - unsigned int *page_order, + unsigned int *page_order, uint8_t *p2m_acc, bool_t access_r, bool_t access_w, bool_t access_x) { uint32_t pfec; diff -r 1756a6782c75 -r 51095ed4f951 xen/arch/x86/hvm/vmx/vvmx.c --- a/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 15 11:23:05 2013 +0100 +++ b/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 15 11:28:23 2013 +0100 @@ -1532,7 +1532,7 @@ int nvmx_msr_write_intercept(unsigned in */ int nvmx_hap_walk_L1_p2m(struct vcpu *v, paddr_t L2_gpa, paddr_t *L1_gpa, - unsigned int *page_order, + unsigned int *page_order, uint8_t *p2m_acc, bool_t access_r, bool_t access_w, bool_t access_x) { int rc; @@ -1542,7 +1542,7 @@ nvmx_hap_walk_L1_p2m(struct vcpu *v, pad uint32_t rwx_rights = (access_x << 2) | (access_w << 1) | access_r; struct nestedvmx *nvmx = &vcpu_2_nvmx(v); - rc = nept_translate_l2ga(v, L2_gpa, page_order, rwx_rights, &gfn, + rc = nept_translate_l2ga(v, L2_gpa, page_order, rwx_rights, &gfn, p2m_acc, &exit_qual, &exit_reason); switch ( rc ) { diff -r 1756a6782c75 -r 51095ed4f951 xen/arch/x86/mm/hap/nested_ept.c --- a/xen/arch/x86/mm/hap/nested_ept.c Tue Jan 15 11:23:05 2013 +0100 +++ b/xen/arch/x86/mm/hap/nested_ept.c Tue Jan 15 11:28:23 2013 +0100 @@ -224,8 +224,8 @@ out: int nept_translate_l2ga(struct vcpu *v, paddr_t l2ga, unsigned int *page_order, uint32_t rwx_acc, - unsigned long *l1gfn, uint64_t *exit_qual, - uint32_t *exit_reason) + unsigned long *l1gfn, uint8_t *p2m_acc, + uint64_t *exit_qual, uint32_t *exit_reason) { uint32_t rc, rwx_bits = 0; ept_walk_t gw; @@ -262,6 +262,7 @@ int nept_translate_l2ga(struct vcpu *v, if ( nept_permission_check(rwx_acc, rwx_bits) ) { *l1gfn = gw.lxe[0].mfn; + *p2m_acc = (uint8_t)rwx_bits; break; } rc = EPT_TRANSLATE_VIOLATION; diff -r 1756a6782c75 -r 51095ed4f951 xen/arch/x86/mm/hap/nested_hap.c --- a/xen/arch/x86/mm/hap/nested_hap.c Tue Jan 15 11:23:05 2013 +0100 +++ b/xen/arch/x86/mm/hap/nested_hap.c Tue Jan 15 11:28:23 2013 +0100 @@ -143,13 +143,13 @@ nestedhap_fix_p2m(struct vcpu *v, struct */ static int nestedhap_walk_L1_p2m(struct vcpu *v, paddr_t L2_gpa, paddr_t *L1_gpa, - unsigned int *page_order, + unsigned int *page_order, uint8_t *p2m_acc, bool_t access_r, bool_t access_w, bool_t access_x) { ASSERT(hvm_funcs.nhvm_hap_walk_L1_p2m); return hvm_funcs.nhvm_hap_walk_L1_p2m(v, L2_gpa, L1_gpa, page_order, - access_r, access_w, access_x); + p2m_acc, access_r, access_w, access_x); } @@ -159,16 +159,15 @@ nestedhap_walk_L1_p2m(struct vcpu *v, pa */ static int nestedhap_walk_L0_p2m(struct p2m_domain *p2m, paddr_t L1_gpa, paddr_t *L0_gpa, - p2m_type_t *p2mt, + p2m_type_t *p2mt, p2m_access_t *p2ma, unsigned int *page_order, bool_t access_r, bool_t access_w, bool_t access_x) { mfn_t mfn; - p2m_access_t p2ma; int rc; /* walk L0 P2M table */ - mfn = get_gfn_type_access(p2m, L1_gpa >> PAGE_SHIFT, p2mt, &p2ma, + mfn = get_gfn_type_access(p2m, L1_gpa >> PAGE_SHIFT, p2mt, p2ma, 0, page_order); rc = NESTEDHVM_PAGEFAULT_MMIO; @@ -207,12 +206,14 @@ nestedhvm_hap_nested_page_fault(struct v struct p2m_domain *p2m, *nested_p2m; unsigned int page_order_21, page_order_10, page_order_20; p2m_type_t p2mt_10; + p2m_access_t p2ma_10 = p2m_access_rwx; + uint8_t p2ma_21 = p2m_access_rwx; p2m = p2m_get_hostp2m(d); /* L0 p2m */ nested_p2m = p2m_get_nestedp2m(v, nhvm_vcpu_p2m_base(v)); /* walk the L1 P2M table */ - rv = nestedhap_walk_L1_p2m(v, *L2_gpa, &L1_gpa, &page_order_21, + rv = nestedhap_walk_L1_p2m(v, *L2_gpa, &L1_gpa, &page_order_21, &p2ma_21, access_r, access_w, access_x); /* let caller to handle these two cases */ @@ -230,7 +231,7 @@ nestedhvm_hap_nested_page_fault(struct v /* ==> we have to walk L0 P2M */ rv = nestedhap_walk_L0_p2m(p2m, L1_gpa, &L0_gpa, - &p2mt_10, &page_order_10, + &p2mt_10, &p2ma_10, &page_order_10, access_r, access_w, access_x); /* let upper level caller to handle these two cases */ @@ -251,10 +252,30 @@ nestedhvm_hap_nested_page_fault(struct v page_order_20 = min(page_order_21, page_order_10); + ASSERT(p2ma_10 <= p2m_access_n2rwx); + /*NOTE: if assert fails, needs to handle new access type here */ + + switch ( p2ma_10 ) + { + case p2m_access_n ... p2m_access_rwx: + break; + case p2m_access_rx2rw: + p2ma_10 = p2m_access_rx; + break; + case p2m_access_n2rwx: + p2ma_10 = p2m_access_n; + break; + default: + p2ma_10 = p2m_access_n; + /* For safety, remove all permissions. */ + gdprintk(XENLOG_ERR, "Unhandled p2m access type:%d\n", p2ma_10); + } + /* Use minimal permission for nested p2m. */ + p2ma_10 &= (p2m_access_t)p2ma_21; + /* fix p2m_get_pagetable(nested_p2m) */ nestedhap_fix_p2m(v, nested_p2m, *L2_gpa, L0_gpa, page_order_20, - p2mt_10, - p2m_access_rwx /* FIXME: Should use minimum permission. */); + p2mt_10, p2ma_10); return NESTEDHVM_PAGEFAULT_DONE; } diff -r 1756a6782c75 -r 51095ed4f951 xen/include/asm-x86/hvm/hvm.h --- a/xen/include/asm-x86/hvm/hvm.h Tue Jan 15 11:23:05 2013 +0100 +++ b/xen/include/asm-x86/hvm/hvm.h Tue Jan 15 11:28:23 2013 +0100 @@ -187,8 +187,8 @@ struct hvm_function_table { /*Walk nested p2m */ int (*nhvm_hap_walk_L1_p2m)(struct vcpu *v, paddr_t L2_gpa, paddr_t *L1_gpa, unsigned int *page_order, - bool_t access_r, bool_t access_w, - bool_t access_x); + uint8_t *p2m_acc, bool_t access_r, + bool_t access_w, bool_t access_x); }; extern struct hvm_function_table hvm_funcs; diff -r 1756a6782c75 -r 51095ed4f951 xen/include/asm-x86/hvm/svm/nestedsvm.h --- a/xen/include/asm-x86/hvm/svm/nestedsvm.h Tue Jan 15 11:23:05 2013 +0100 +++ b/xen/include/asm-x86/hvm/svm/nestedsvm.h Tue Jan 15 11:28:23 2013 +0100 @@ -134,7 +134,7 @@ void svm_vmexit_do_clgi(struct cpu_user_ void svm_vmexit_do_stgi(struct cpu_user_regs *regs, struct vcpu *v); bool_t nestedsvm_gif_isset(struct vcpu *v); int nsvm_hap_walk_L1_p2m(struct vcpu *v, paddr_t L2_gpa, paddr_t *L1_gpa, - unsigned int *page_order, + unsigned int *page_order, uint8_t *p2m_acc, bool_t access_r, bool_t access_w, bool_t access_x); #define NSVM_INTR_NOTHANDLED 3 diff -r 1756a6782c75 -r 51095ed4f951 xen/include/asm-x86/hvm/vmx/vvmx.h --- a/xen/include/asm-x86/hvm/vmx/vvmx.h Tue Jan 15 11:23:05 2013 +0100 +++ b/xen/include/asm-x86/hvm/vmx/vvmx.h Tue Jan 15 11:28:23 2013 +0100 @@ -123,7 +123,7 @@ int nvmx_handle_vmxoff(struct cpu_user_r int nvmx_hap_walk_L1_p2m(struct vcpu *v, paddr_t L2_gpa, paddr_t *L1_gpa, - unsigned int *page_order, + unsigned int *page_order, uint8_t *p2m_acc, bool_t access_r, bool_t access_w, bool_t access_x); /* * Virtual VMCS layout @@ -208,7 +208,7 @@ int nvmx_n2_vmexit_handler(struct cpu_us int nept_translate_l2ga(struct vcpu *v, paddr_t l2ga, unsigned int *page_order, uint32_t rwx_acc, - unsigned long *l1gfn, uint64_t *exit_qual, - uint32_t *exit_reason); + unsigned long *l1gfn, uint8_t *p2m_acc, + uint64_t *exit_qual, uint32_t *exit_reason); #endif /* __ASM_X86_HVM_VVMX_H__ */ _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:36 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:36 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGZ-0007gX-Ps; Wed, 16 Jan 2013 08:22:35 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGY-0007co-Eh for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:34 +0000 Received: from [193.109.254.147:31699] by server-1.bemta-14.messagelabs.com id 52/98-00596-94366F05; Wed, 16 Jan 2013 08:22:33 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-3.tower-27.messagelabs.com!1358324551!9109511!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_DONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 7952 invoked from network); 16 Jan 2013 08:22:32 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-3.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:32 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGV-0003tJ-Be for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:31 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGV-0000hu-AX for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:31 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:30 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] nEPT: Use minimal permission for nested p2m X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Zhang Xiantao # Date 1358245703 -3600 # Node ID 51095ed4f95131d7aa467810c3fae043c945220b # Parent 1756a6782c750b40e136d197fcd07420c4e59b59 nEPT: Use minimal permission for nested p2m Emulate permission check for the nested p2m. Current solution is to use minimal permission, and once meet permission violation in L0, then determin whether it is caused by guest EPT or host EPT Signed-off-by: Zhang Xiantao Acked-by: Tim Deegan Acked-by: Jun Nakajima Acked-by: Eddie Dong Committed-by: Jan Beulich --- diff -r 1756a6782c75 -r 51095ed4f951 xen/arch/x86/hvm/svm/nestedsvm.c --- a/xen/arch/x86/hvm/svm/nestedsvm.c Tue Jan 15 11:23:05 2013 +0100 +++ b/xen/arch/x86/hvm/svm/nestedsvm.c Tue Jan 15 11:28:23 2013 +0100 @@ -1177,7 +1177,7 @@ nsvm_vmcb_hap_enabled(struct vcpu *v) */ int nsvm_hap_walk_L1_p2m(struct vcpu *v, paddr_t L2_gpa, paddr_t *L1_gpa, - unsigned int *page_order, + unsigned int *page_order, uint8_t *p2m_acc, bool_t access_r, bool_t access_w, bool_t access_x) { uint32_t pfec; diff -r 1756a6782c75 -r 51095ed4f951 xen/arch/x86/hvm/vmx/vvmx.c --- a/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 15 11:23:05 2013 +0100 +++ b/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 15 11:28:23 2013 +0100 @@ -1532,7 +1532,7 @@ int nvmx_msr_write_intercept(unsigned in */ int nvmx_hap_walk_L1_p2m(struct vcpu *v, paddr_t L2_gpa, paddr_t *L1_gpa, - unsigned int *page_order, + unsigned int *page_order, uint8_t *p2m_acc, bool_t access_r, bool_t access_w, bool_t access_x) { int rc; @@ -1542,7 +1542,7 @@ nvmx_hap_walk_L1_p2m(struct vcpu *v, pad uint32_t rwx_rights = (access_x << 2) | (access_w << 1) | access_r; struct nestedvmx *nvmx = &vcpu_2_nvmx(v); - rc = nept_translate_l2ga(v, L2_gpa, page_order, rwx_rights, &gfn, + rc = nept_translate_l2ga(v, L2_gpa, page_order, rwx_rights, &gfn, p2m_acc, &exit_qual, &exit_reason); switch ( rc ) { diff -r 1756a6782c75 -r 51095ed4f951 xen/arch/x86/mm/hap/nested_ept.c --- a/xen/arch/x86/mm/hap/nested_ept.c Tue Jan 15 11:23:05 2013 +0100 +++ b/xen/arch/x86/mm/hap/nested_ept.c Tue Jan 15 11:28:23 2013 +0100 @@ -224,8 +224,8 @@ out: int nept_translate_l2ga(struct vcpu *v, paddr_t l2ga, unsigned int *page_order, uint32_t rwx_acc, - unsigned long *l1gfn, uint64_t *exit_qual, - uint32_t *exit_reason) + unsigned long *l1gfn, uint8_t *p2m_acc, + uint64_t *exit_qual, uint32_t *exit_reason) { uint32_t rc, rwx_bits = 0; ept_walk_t gw; @@ -262,6 +262,7 @@ int nept_translate_l2ga(struct vcpu *v, if ( nept_permission_check(rwx_acc, rwx_bits) ) { *l1gfn = gw.lxe[0].mfn; + *p2m_acc = (uint8_t)rwx_bits; break; } rc = EPT_TRANSLATE_VIOLATION; diff -r 1756a6782c75 -r 51095ed4f951 xen/arch/x86/mm/hap/nested_hap.c --- a/xen/arch/x86/mm/hap/nested_hap.c Tue Jan 15 11:23:05 2013 +0100 +++ b/xen/arch/x86/mm/hap/nested_hap.c Tue Jan 15 11:28:23 2013 +0100 @@ -143,13 +143,13 @@ nestedhap_fix_p2m(struct vcpu *v, struct */ static int nestedhap_walk_L1_p2m(struct vcpu *v, paddr_t L2_gpa, paddr_t *L1_gpa, - unsigned int *page_order, + unsigned int *page_order, uint8_t *p2m_acc, bool_t access_r, bool_t access_w, bool_t access_x) { ASSERT(hvm_funcs.nhvm_hap_walk_L1_p2m); return hvm_funcs.nhvm_hap_walk_L1_p2m(v, L2_gpa, L1_gpa, page_order, - access_r, access_w, access_x); + p2m_acc, access_r, access_w, access_x); } @@ -159,16 +159,15 @@ nestedhap_walk_L1_p2m(struct vcpu *v, pa */ static int nestedhap_walk_L0_p2m(struct p2m_domain *p2m, paddr_t L1_gpa, paddr_t *L0_gpa, - p2m_type_t *p2mt, + p2m_type_t *p2mt, p2m_access_t *p2ma, unsigned int *page_order, bool_t access_r, bool_t access_w, bool_t access_x) { mfn_t mfn; - p2m_access_t p2ma; int rc; /* walk L0 P2M table */ - mfn = get_gfn_type_access(p2m, L1_gpa >> PAGE_SHIFT, p2mt, &p2ma, + mfn = get_gfn_type_access(p2m, L1_gpa >> PAGE_SHIFT, p2mt, p2ma, 0, page_order); rc = NESTEDHVM_PAGEFAULT_MMIO; @@ -207,12 +206,14 @@ nestedhvm_hap_nested_page_fault(struct v struct p2m_domain *p2m, *nested_p2m; unsigned int page_order_21, page_order_10, page_order_20; p2m_type_t p2mt_10; + p2m_access_t p2ma_10 = p2m_access_rwx; + uint8_t p2ma_21 = p2m_access_rwx; p2m = p2m_get_hostp2m(d); /* L0 p2m */ nested_p2m = p2m_get_nestedp2m(v, nhvm_vcpu_p2m_base(v)); /* walk the L1 P2M table */ - rv = nestedhap_walk_L1_p2m(v, *L2_gpa, &L1_gpa, &page_order_21, + rv = nestedhap_walk_L1_p2m(v, *L2_gpa, &L1_gpa, &page_order_21, &p2ma_21, access_r, access_w, access_x); /* let caller to handle these two cases */ @@ -230,7 +231,7 @@ nestedhvm_hap_nested_page_fault(struct v /* ==> we have to walk L0 P2M */ rv = nestedhap_walk_L0_p2m(p2m, L1_gpa, &L0_gpa, - &p2mt_10, &page_order_10, + &p2mt_10, &p2ma_10, &page_order_10, access_r, access_w, access_x); /* let upper level caller to handle these two cases */ @@ -251,10 +252,30 @@ nestedhvm_hap_nested_page_fault(struct v page_order_20 = min(page_order_21, page_order_10); + ASSERT(p2ma_10 <= p2m_access_n2rwx); + /*NOTE: if assert fails, needs to handle new access type here */ + + switch ( p2ma_10 ) + { + case p2m_access_n ... p2m_access_rwx: + break; + case p2m_access_rx2rw: + p2ma_10 = p2m_access_rx; + break; + case p2m_access_n2rwx: + p2ma_10 = p2m_access_n; + break; + default: + p2ma_10 = p2m_access_n; + /* For safety, remove all permissions. */ + gdprintk(XENLOG_ERR, "Unhandled p2m access type:%d\n", p2ma_10); + } + /* Use minimal permission for nested p2m. */ + p2ma_10 &= (p2m_access_t)p2ma_21; + /* fix p2m_get_pagetable(nested_p2m) */ nestedhap_fix_p2m(v, nested_p2m, *L2_gpa, L0_gpa, page_order_20, - p2mt_10, - p2m_access_rwx /* FIXME: Should use minimum permission. */); + p2mt_10, p2ma_10); return NESTEDHVM_PAGEFAULT_DONE; } diff -r 1756a6782c75 -r 51095ed4f951 xen/include/asm-x86/hvm/hvm.h --- a/xen/include/asm-x86/hvm/hvm.h Tue Jan 15 11:23:05 2013 +0100 +++ b/xen/include/asm-x86/hvm/hvm.h Tue Jan 15 11:28:23 2013 +0100 @@ -187,8 +187,8 @@ struct hvm_function_table { /*Walk nested p2m */ int (*nhvm_hap_walk_L1_p2m)(struct vcpu *v, paddr_t L2_gpa, paddr_t *L1_gpa, unsigned int *page_order, - bool_t access_r, bool_t access_w, - bool_t access_x); + uint8_t *p2m_acc, bool_t access_r, + bool_t access_w, bool_t access_x); }; extern struct hvm_function_table hvm_funcs; diff -r 1756a6782c75 -r 51095ed4f951 xen/include/asm-x86/hvm/svm/nestedsvm.h --- a/xen/include/asm-x86/hvm/svm/nestedsvm.h Tue Jan 15 11:23:05 2013 +0100 +++ b/xen/include/asm-x86/hvm/svm/nestedsvm.h Tue Jan 15 11:28:23 2013 +0100 @@ -134,7 +134,7 @@ void svm_vmexit_do_clgi(struct cpu_user_ void svm_vmexit_do_stgi(struct cpu_user_regs *regs, struct vcpu *v); bool_t nestedsvm_gif_isset(struct vcpu *v); int nsvm_hap_walk_L1_p2m(struct vcpu *v, paddr_t L2_gpa, paddr_t *L1_gpa, - unsigned int *page_order, + unsigned int *page_order, uint8_t *p2m_acc, bool_t access_r, bool_t access_w, bool_t access_x); #define NSVM_INTR_NOTHANDLED 3 diff -r 1756a6782c75 -r 51095ed4f951 xen/include/asm-x86/hvm/vmx/vvmx.h --- a/xen/include/asm-x86/hvm/vmx/vvmx.h Tue Jan 15 11:23:05 2013 +0100 +++ b/xen/include/asm-x86/hvm/vmx/vvmx.h Tue Jan 15 11:28:23 2013 +0100 @@ -123,7 +123,7 @@ int nvmx_handle_vmxoff(struct cpu_user_r int nvmx_hap_walk_L1_p2m(struct vcpu *v, paddr_t L2_gpa, paddr_t *L1_gpa, - unsigned int *page_order, + unsigned int *page_order, uint8_t *p2m_acc, bool_t access_r, bool_t access_w, bool_t access_x); /* * Virtual VMCS layout @@ -208,7 +208,7 @@ int nvmx_n2_vmexit_handler(struct cpu_us int nept_translate_l2ga(struct vcpu *v, paddr_t l2ga, unsigned int *page_order, uint32_t rwx_acc, - unsigned long *l1gfn, uint64_t *exit_qual, - uint32_t *exit_reason); + unsigned long *l1gfn, uint8_t *p2m_acc, + uint64_t *exit_qual, uint32_t *exit_reason); #endif /* __ASM_X86_HVM_VVMX_H__ */ _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:36 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:36 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGZ-0007h3-VE; Wed, 16 Jan 2013 08:22:36 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGX-0007bm-J0 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:34 +0000 Received: from [85.158.137.99:13047] by server-12.bemta-3.messagelabs.com id 1A/18-22577-84366F05; Wed, 16 Jan 2013 08:22:32 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-7.tower-217.messagelabs.com!1358324543!12344789!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=2.5 required=7.0 tests=BODY_RANDOM_LONG,LONGWORDS X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 25946 invoked from network); 16 Jan 2013 08:22:24 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-7.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:24 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGN-0003sA-1n for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:23 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGM-0000eH-Tc for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:23 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:22 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] merge X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1357907019 0 # Node ID f54b7b1f65eaa222e2d251ea741da6dcb7adbebe # Parent 0b9dfd067b4259e2cb3285f279f369dd7bd2e032 # Parent fe115341b816ed303df06708dded2b58bf0d5f51 merge --- diff -r 0b9dfd067b42 -r f54b7b1f65ea docs/misc/xsm-flask.txt --- a/docs/misc/xsm-flask.txt Fri Jan 11 12:22:30 2013 +0000 +++ b/docs/misc/xsm-flask.txt Fri Jan 11 12:23:39 2013 +0000 @@ -68,9 +68,43 @@ HVM domains with stubdomain device model - dm_dom_t is the device model for a domain with type domHVM_t One disadvantage of using type enforcement to enforce isolation is that a new -type is needed for each group of domains. In addition, it is not possible to -allow isolated_domU_t cannot to create loopback event channels without allowing -two domains of type isolated_domU_t to communicate with one another. +type is needed for each group of domains. The user field can be used to address +this for the most common case of groups that can communicate internally but not +externally; see "Users and roles" below. + +Type transitions +---------------- + +Xen defines a number of operations such as memory mapping that are necessary for +a domain to perform on itself, but are also undesirable to allow a domain to +perform on every other domain of the same label. While it is possible to address +this by only creating one domain per type, this solution significantly limits +the flexibility of the type system. Another method to address this issue is to +duplicate the permission names for every operation that can be performed on the +current domain or on other domains; however, this significantly increases the +necessary number of permissions and complicates the XSM hooks. Instead, this is +addressed by allowing a distinct type to be used for a domain's access to +itself. The same applies for a device model domain's access to its designated +target, allowing the IS_PRIV_FOR checks used in Xen's DAC model to be +implemented in FLASK. + +Upon domain creation (or relabel), a type transition is computed using the +domain's label as the source and target. The result of this computation is used +as the target when the domain accesses itself. In the example policy, this +computed type is the result of appending _self to a domain's type: domU_t_self +for domU_t. If no type transition rule exists, the domain will continue to use +its own label for both the source and target. An AVC message will look like: + + scontext=system_u:system_r:domU_t tcontext=system_u:system_r:domU_t_self + +A similar type transition is done when a device model domain is associated with +its target using the set_target operation. The transition is computed with the +target domain as the source and the device model domain as the target: this +ordering was chosen in order to preserve the original label for the target when +no type transition rule exists. In the example policy, these computed types are +the result of appending _target to the domain. + +Type transitions are also used to compute the labels of event channels. Users and roles --------------- @@ -84,7 +118,8 @@ the customer_1 user. Access control rules involving users and roles are defined in the policy constraints file (tools/flask/policy/policy/constraints). The example policy provides constraints that prevent different users from communicating using -grants or event channels, while still allowing communication with dom0. +grants or event channels, while still allowing communication with the system_u +user where dom0 resides. Resource Policy --------------- diff -r 0b9dfd067b42 -r f54b7b1f65ea tools/flask/policy/policy/flask/access_vectors --- a/tools/flask/policy/policy/flask/access_vectors Fri Jan 11 12:22:30 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,178 +0,0 @@ -# -# Define the access vectors. -# -# class class_name { permission_name ... } - -class xen -{ - scheduler - settime - tbufcontrol - readconsole - clearconsole - perfcontrol - mtrr_add - mtrr_del - mtrr_read - microcode - physinfo - quirk - writeconsole - readapic - writeapic - privprofile - nonprivprofile - kexec - firmware - sleep - frequency - getidle - debug - getcpuinfo - heap - pm_op - mca_op - lockprof - cpupool_op - sched_op -} - -class domain -{ - setvcpucontext - pause - unpause - resume - create - transition - max_vcpus - destroy - setvcpuaffinity - getvcpuaffinity - scheduler - getdomaininfo - getvcpuinfo - getvcpucontext - setdomainmaxmem - setdomainhandle - setdebugging - hypercall - settime - set_target - shutdown - setaddrsize - getaddrsize - trigger - getextvcpucontext - setextvcpucontext - getvcpuextstate - setvcpuextstate - getpodtarget - setpodtarget - set_misc_info - set_virq_handler -} - -class domain2 -{ - relabelfrom - relabelto - relabelself -} - -class hvm -{ - sethvmc - gethvmc - setparam - getparam - pcilevel - irqlevel - pciroute - bind_irq - cacheattr - trackdirtyvram - hvmctl - mem_event - mem_sharing -} - -class event -{ - bind - send - status - notify - create - reset -} - -class grant -{ - map_read - map_write - unmap - transfer - setup - copy - query -} - -class mmu -{ - map_read - map_write - pageinfo - pagelist - adjust - stat - translategp - updatemp - physmap - pinpage - mfnlist - memorymap - remote_remap -} - -class shadow -{ - disable - enable - logdirty -} - -class resource -{ - add - remove - use - add_irq - remove_irq - add_ioport - remove_ioport - add_iomem - remove_iomem - stat_device - add_device - remove_device - plug - unplug - setup -} - -class security -{ - compute_av - compute_create - compute_member - check_context - load_policy - compute_relabel - compute_user - setenforce - setbool - setsecparam - add_ocontext - del_ocontext -} diff -r 0b9dfd067b42 -r f54b7b1f65ea tools/flask/policy/policy/flask/initial_sids --- a/tools/flask/policy/policy/flask/initial_sids Fri Jan 11 12:22:30 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,16 +0,0 @@ -# FLASK - -# -# Define initial security identifiers -# -sid xen -sid dom0 -sid domio -sid domxen -sid unlabeled -sid security -sid ioport -sid iomem -sid irq -sid device -# FLASK diff -r 0b9dfd067b42 -r f54b7b1f65ea tools/flask/policy/policy/flask/mkaccess_vector.sh --- a/tools/flask/policy/policy/flask/mkaccess_vector.sh Fri Jan 11 12:22:30 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,138 +0,0 @@ -#!/bin/sh - -# - -# FLASK - -set -e - -awk=$1 -shift - -# output files -av_permissions="include/av_permissions.h" -av_perm_to_string="include/av_perm_to_string.h" - -cat $* | $awk " -BEGIN { - outfile = \"$av_permissions\" - avpermfile = \"$av_perm_to_string\" - "' - nextstate = "COMMON_OR_AV"; - printf("/* This file is automatically generated. Do not edit. */\n") > outfile; - printf("/* This file is automatically generated. Do not edit. */\n") > avpermfile; -; - } -/^[ \t]*#/ { - next; - } -$1 == "class" { - if (nextstate != "COMMON_OR_AV" && - nextstate != "CLASS_OR_CLASS-OPENBRACKET") - { - printf("Parse error: Unexpected class definition on line %d\n", NR); - next; - } - - tclass = $2; - - if (tclass in av_defined) - { - printf("Duplicate access vector definition for %s on line %d\n", tclass, NR); - next; - } - av_defined[tclass] = 1; - - permission = 1; - - nextstate = "INHERITS_OR_CLASS-OPENBRACKET"; - next; - } -$1 == "{" { - if (nextstate != "INHERITS_OR_CLASS-OPENBRACKET" && - nextstate != "CLASS_OR_CLASS-OPENBRACKET" && - nextstate != "COMMON-OPENBRACKET") - { - printf("Parse error: Unexpected { on line %d\n", NR); - next; - } - - if (nextstate == "INHERITS_OR_CLASS-OPENBRACKET") - nextstate = "CLASS-CLOSEBRACKET"; - - if (nextstate == "CLASS_OR_CLASS-OPENBRACKET") - nextstate = "CLASS-CLOSEBRACKET"; - - if (nextstate == "COMMON-OPENBRACKET") - nextstate = "COMMON-CLOSEBRACKET"; - } -/[a-z][a-z_]*/ { - if (nextstate != "COMMON-CLOSEBRACKET" && - nextstate != "CLASS-CLOSEBRACKET") - { - printf("Parse error: Unexpected symbol %s on line %d\n", $1, NR); - next; - } - - if (nextstate == "COMMON-CLOSEBRACKET") - { - if ((common_name,$1) in common_perms) - { - printf("Duplicate permission %s for common %s on line %d.\n", $1, common_name, NR); - next; - } - - common_perms[common_name,$1] = permission; - - printf("#define COMMON_%s__%s", toupper(common_name), toupper($1)) > outfile; - - printf(" S_(\"%s\")\n", $1) > cpermfile; - } - else - { - if ((tclass,$1) in av_perms) - { - printf("Duplicate permission %s for %s on line %d.\n", $1, tclass, NR); - next; - } - - av_perms[tclass,$1] = permission; - - printf("#define %s__%s", toupper(tclass), toupper($1)) > outfile; - - printf(" S_(SECCLASS_%s, %s__%s, \"%s\")\n", toupper(tclass), toupper(tclass), toupper($1), $1) > avpermfile; - } - - spaces = 40 - (length($1) + length(tclass)); - if (spaces < 1) - spaces = 1; - - for (i = 0; i < spaces; i++) - printf(" ") > outfile; - printf("0x%08xUL\n", permission) > outfile; - permission = permission * 2; - } -$1 == "}" { - if (nextstate != "CLASS-CLOSEBRACKET" && - nextstate != "COMMON-CLOSEBRACKET") - { - printf("Parse error: Unexpected } on line %d\n", NR); - next; - } - - if (nextstate == "COMMON-CLOSEBRACKET") - { - common_base[common_name] = permission; - printf("TE_(common_%s_perm_to_string)\n\n", common_name) > cpermfile; - } - - printf("\n") > outfile; - - nextstate = "COMMON_OR_AV"; - } -END { - if (nextstate != "COMMON_OR_AV" && nextstate != "CLASS_OR_CLASS-OPENBRACKET") - printf("Parse error: Unexpected end of file\n"); - - }' - -# FLASK diff -r 0b9dfd067b42 -r f54b7b1f65ea tools/flask/policy/policy/flask/mkflask.sh --- a/tools/flask/policy/policy/flask/mkflask.sh Fri Jan 11 12:22:30 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,95 +0,0 @@ -#!/bin/sh - -# - -# FLASK - -set -e - -awk=$1 -shift 1 - -# output file -output_file="include/flask.h" -debug_file="include/class_to_string.h" -debug_file2="include/initial_sid_to_string.h" - -cat $* | $awk " -BEGIN { - outfile = \"$output_file\" - debugfile = \"$debug_file\" - debugfile2 = \"$debug_file2\" - "' - nextstate = "CLASS"; - - printf("/* This file is automatically generated. Do not edit. */\n") > outfile; - - printf("#ifndef _SELINUX_FLASK_H_\n") > outfile; - printf("#define _SELINUX_FLASK_H_\n") > outfile; - printf("\n/*\n * Security object class definitions\n */\n") > outfile; - printf("/* This file is automatically generated. Do not edit. */\n") > debugfile; - printf("/*\n * Security object class definitions\n */\n") > debugfile; - printf(" S_(\"null\")\n") > debugfile; - printf("/* This file is automatically generated. Do not edit. */\n") > debugfile2; - printf("static char *initial_sid_to_string[] =\n{\n") > debugfile2; - printf(" \"null\",\n") > debugfile2; - } -/^[ \t]*#/ { - next; - } -$1 == "class" { - if (nextstate != "CLASS") - { - printf("Parse error: Unexpected class definition on line %d\n", NR); - next; - } - - if ($2 in class_found) - { - printf("Duplicate class definition for %s on line %d.\n", $2, NR); - next; - } - class_found[$2] = 1; - - class_value++; - - printf("#define SECCLASS_%s", toupper($2)) > outfile; - for (i = 0; i < 40 - length($2); i++) - printf(" ") > outfile; - printf("%d\n", class_value) > outfile; - - printf(" S_(\"%s\")\n", $2) > debugfile; - } -$1 == "sid" { - if (nextstate == "CLASS") - { - nextstate = "SID"; - printf("\n/*\n * Security identifier indices for initial entities\n */\n") > outfile; - } - - if ($2 in sid_found) - { - printf("Duplicate SID definition for %s on line %d.\n", $2, NR); - next; - } - sid_found[$2] = 1; - sid_value++; - - printf("#define SECINITSID_%s", toupper($2)) > outfile; - for (i = 0; i < 37 - length($2); i++) - printf(" ") > outfile; - printf("%d\n", sid_value) > outfile; - printf(" \"%s\",\n", $2) > debugfile2; - } -END { - if (nextstate != "SID") - printf("Parse error: Unexpected end of file\n"); - - printf("\n#define SECINITSID_NUM") > outfile; - for (i = 0; i < 34; i++) - printf(" ") > outfile; - printf("%d\n", sid_value) > outfile; - printf("\n#endif\n") > outfile; - printf("};\n\n") > debugfile2; - }' - -# FLASK diff -r 0b9dfd067b42 -r f54b7b1f65ea tools/flask/policy/policy/flask/security_classes --- a/tools/flask/policy/policy/flask/security_classes Fri Jan 11 12:22:30 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,21 +0,0 @@ -# FLASK - -# -# Define the security object classes -# - -# Classes marked as userspace are classes -# for userspace object managers - -class xen -class domain -class domain2 -class hvm -class mmu -class resource -class shadow -class event -class grant -class security - -# FLASK diff -r 0b9dfd067b42 -r f54b7b1f65ea tools/flask/policy/policy/modules/xen/xen.if --- a/tools/flask/policy/policy/modules/xen/xen.if Fri Jan 11 12:22:30 2013 +0000 +++ b/tools/flask/policy/policy/modules/xen/xen.if Fri Jan 11 12:23:39 2013 +0000 @@ -5,15 +5,35 @@ # Domain creation and setup # ################################################################################ +define(`declare_domain_common', ` + allow $1 $2:grant { query setup }; + allow $1 $2:mmu { adjust physmap map_read map_write stat pinpage updatemp mmuext_op }; + allow $1 $2:hvm { getparam setparam }; +') + # declare_domain(type, attrs...) -# Declare a type as a domain type, and allow basic domain setup +# Declare a domain type, along with associated _self and _channel types +# Allow the domain to perform basic operations on itself define(`declare_domain', ` type $1, domain_type`'ifelse(`$#', `1', `', `,shift($@)'); + type $1_self, domain_type, domain_self_type; + type_transition $1 $1:domain $1_self; type $1_channel, event_type; type_transition $1 domain_type:event $1_channel; - allow $1 $1:grant { query setup }; - allow $1 $1:mmu { adjust physmap map_read map_write stat pinpage }; - allow $1 $1:hvm { getparam setparam }; + declare_domain_common($1, $1_self) +') + +# declare_singleton_domain(type, attrs...) +# Declare a domain type and associated _channel types. +# Note: Because the domain can perform basic operations on itself and any +# other domain of the same type, this constructor should be used for types +# containing at most one domain. This is not enforced by policy. +define(`declare_singleton_domain', ` + type $1, domain_type`'ifelse(`$#', `1', `', `,shift($@)'); + define(`$1_self', `$1') + type $1_channel, event_type; + type_transition $1 domain_type:event $1_channel; + declare_domain_common($1, $1) ') # declare_build_label(type) @@ -27,11 +47,12 @@ define(`declare_build_label', ` define(`create_domain_common', ` allow $1 $2:domain { create max_vcpus setdomainmaxmem setaddrsize getdomaininfo hypercall setvcpucontext setextvcpucontext - scheduler getvcpuinfo getvcpuextstate getaddrsize + getscheduler getvcpuinfo getvcpuextstate getaddrsize getvcpuaffinity setvcpuaffinity }; + allow $1 $2:domain2 { set_cpuid settsc setscheduler }; allow $1 $2:security check_context; allow $1 $2:shadow enable; - allow $1 $2:mmu {map_read map_write adjust memorymap physmap pinpage}; + allow $1 $2:mmu { map_read map_write adjust memorymap physmap pinpage mmuext_op }; allow $1 $2:grant setup; allow $1 $2:hvm { cacheattr getparam hvmctl irqlevel pciroute sethvmc setparam pcilevel trackdirtyvram }; ') @@ -50,6 +71,7 @@ define(`create_domain_build_label', ` allow $1 $2_channel:event create; allow $1 $2_building:domain2 relabelfrom; allow $1 $2:domain2 relabelto; + allow $2_building $2:domain transition; ') # manage_domain(priv, target) @@ -57,7 +79,7 @@ define(`create_domain_build_label', ` define(`manage_domain', ` allow $1 $2:domain { getdomaininfo getvcpuinfo getvcpuaffinity getaddrsize pause unpause trigger shutdown destroy - setvcpuaffinity setdomainmaxmem }; + setvcpuaffinity setdomainmaxmem getscheduler }; ') # migrate_domain_out(priv, target) @@ -67,6 +89,7 @@ define(`migrate_domain_out', ` allow $1 $2:hvm { gethvmc getparam irqlevel }; allow $1 $2:mmu { stat pageinfo map_read }; allow $1 $2:domain { getaddrsize getvcpucontext getextvcpucontext getvcpuextstate pause destroy }; + allow $1 $2:domain2 gettsc; ') ################################################################################ @@ -99,20 +122,36 @@ define(`domain_comms', ` ') # domain_self_comms(domain) -# Allow a domain types to communicate with others of its type using grants -# and event channels (this includes event channels to DOMID_SELF) +# Allow a non-singleton domain type to communicate with itself using grants +# and event channels define(`domain_self_comms', ` - create_channel($1, $1, $1_channel) - allow $1 $1:grant { map_read map_write copy unmap }; + create_channel($1, $1_self, $1_channel) + allow $1 $1_self:grant { map_read map_write copy unmap }; ') # device_model(dm_dom, hvm_dom) # Define how a device model domain interacts with its target define(`device_model', ` - domain_comms($1, $2) - allow $1 $2:domain { set_target shutdown }; - allow $1 $2:mmu { map_read map_write adjust physmap }; - allow $1 $2:hvm { getparam setparam trackdirtyvram hvmctl irqlevel pciroute }; + type $2_target, domain_type, domain_target_type; + type_transition $2 $1:domain $2_target; + allow $1 $2:domain set_target; + + type_transition $2_target domain_type:event $2_channel; + create_channel($1, $2_target, $1_channel) + create_channel($2, $1, $2_channel) + allow $1 $2_channel:event create; + + allow $1 $2_target:domain shutdown; + allow $1 $2_target:mmu { map_read map_write adjust physmap }; + allow $1 $2_target:hvm { getparam setparam trackdirtyvram hvmctl irqlevel pciroute cacheattr send_irq }; +') + +# make_device_model(priv, dm_dom, hvm_dom) +# Allow creation of a device model and HVM domain pair +define(`make_device_model', ` + device_model($2, $3) + allow $1 $2:domain2 make_priv_for; + allow $1 $3:domain2 set_as_target; ') ################################################################################ # @@ -123,8 +162,9 @@ define(`device_model', ` # use_device(domain, device) # Allow a device to be used by a domain define(`use_device', ` + allow $1 $1_self:mmu exchange; allow $1 $2:resource use; - allow $1 $2:mmu { map_read map_write }; + allow $1 domio_t:mmu { map_read map_write }; ') # admin_device(domain, device) diff -r 0b9dfd067b42 -r f54b7b1f65ea tools/flask/policy/policy/modules/xen/xen.te --- a/tools/flask/policy/policy/modules/xen/xen.te Fri Jan 11 12:22:30 2013 +0000 +++ b/tools/flask/policy/policy/modules/xen/xen.te Fri Jan 11 12:23:39 2013 +0000 @@ -8,6 +8,8 @@ ################################################################################ attribute xen_type; attribute domain_type; +attribute domain_self_type; +attribute domain_target_type; attribute resource_type; attribute event_type; attribute mls_priv; @@ -25,12 +27,12 @@ attribute mls_priv; type xen_t, xen_type, mls_priv; # Domain 0 -declare_domain(dom0_t, mls_priv); +declare_singleton_domain(dom0_t, mls_priv); -# Untracked I/O memory (pseudo-domain) +# I/O memory (DOMID_IO pseudo-domain) type domio_t, xen_type; -# Xen heap (pseudo-domain) +# Xen heap (DOMID_XEN pseudo-domain) type domxen_t, xen_type; # Unlabeled objects @@ -53,8 +55,8 @@ type device_t, resource_type; # ################################################################################ allow dom0_t xen_t:xen { kexec readapic writeapic mtrr_read mtrr_add mtrr_del - scheduler physinfo heap quirk readconsole writeconsole settime getcpuinfo - microcode cpupool_op sched_op pm_op }; + physinfo heap quirk readconsole writeconsole settime getcpuinfo + microcode cpupool_op pm_op tmem_control getscheduler setscheduler }; allow dom0_t xen_t:mmu { memorymap }; allow dom0_t security_t:security { check_context compute_av compute_create compute_member load_policy compute_relabel compute_user setenforce @@ -67,12 +69,14 @@ admin_device(dom0_t, device_t) admin_device(dom0_t, irq_t) admin_device(dom0_t, ioport_t) admin_device(dom0_t, iomem_t) -allow dom0_t domio_t:mmu { map_read map_write }; -domain_self_comms(dom0_t) +domain_comms(dom0_t, dom0_t) auditallow dom0_t security_t:security { load_policy setenforce setbool }; +# Allow all domains to use (unprivileged parts of) the tmem hypercall +allow domain_type xen_t:xen tmem_op; + ############################################################################### # # Domain creation @@ -84,11 +88,14 @@ domain_self_comms(domU_t) create_domain(dom0_t, domU_t) manage_domain(dom0_t, domU_t) domain_comms(dom0_t, domU_t) +domain_comms(domU_t, domU_t) +domain_self_comms(domU_t) declare_domain(isolated_domU_t) create_domain(dom0_t, isolated_domU_t) manage_domain(dom0_t, isolated_domU_t) domain_comms(dom0_t, isolated_domU_t) +domain_self_comms(isolated_domU_t) # Declare a boolean that denies creation of prot_domU_t domains gen_bool(prot_doms_locked, false) @@ -98,6 +105,8 @@ if (!prot_doms_locked) { } domain_comms(dom0_t, prot_domU_t) domain_comms(domU_t, prot_domU_t) +domain_comms(prot_domU_t, prot_domU_t) +domain_self_comms(prot_domU_t) # domHVM_t is meant to be paired with a qemu-dm stub domain of type dm_dom_t declare_domain(domHVM_t) @@ -110,7 +119,7 @@ declare_domain(dm_dom_t) create_domain(dom0_t, dm_dom_t) manage_domain(dom0_t, dm_dom_t) domain_comms(dom0_t, dm_dom_t) -device_model(dm_dom_t, domHVM_t) +make_device_model(dom0_t, dm_dom_t, domHVM_t) # nomigrate_t must be built via the nomigrate_t_building label; once built, # dom0 cannot read its memory. diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/arch/x86/acpi/power.c --- a/xen/arch/x86/acpi/power.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/arch/x86/acpi/power.c Fri Jan 11 12:23:39 2013 +0000 @@ -239,7 +239,7 @@ static long enter_state_helper(void *dat */ int acpi_enter_sleep(struct xenpf_enter_acpi_sleep *sleep) { - if ( !IS_PRIV(current->domain) || !acpi_sinfo.pm1a_cnt_blk.address ) + if ( !acpi_sinfo.pm1a_cnt_blk.address ) return -EPERM; /* Sanity check */ diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/arch/x86/cpu/mcheck/mce.c --- a/xen/arch/x86/cpu/mcheck/mce.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/arch/x86/cpu/mcheck/mce.c Fri Jan 11 12:23:39 2013 +0000 @@ -1293,10 +1293,7 @@ long do_mca(XEN_GUEST_HANDLE_PARAM(xen_m struct xen_mc_msrinject *mc_msrinject; struct xen_mc_mceinject *mc_mceinject; - if (!IS_PRIV(v->domain) ) - return x86_mcerr(NULL, -EPERM); - - ret = xsm_do_mca(); + ret = xsm_do_mca(XSM_PRIV); if ( ret ) return x86_mcerr(NULL, ret); diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/arch/x86/domctl.c --- a/xen/arch/x86/domctl.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/arch/x86/domctl.c Fri Jan 11 12:23:39 2013 +0000 @@ -77,7 +77,7 @@ long arch_do_domctl( if ( np == 0 ) ret = 0; - else if ( xsm_ioport_permission(d, fp, fp + np - 1, allow) ) + else if ( xsm_ioport_permission(XSM_HOOK, d, fp, fp + np - 1, allow) ) ret = -EPERM; else if ( allow ) ret = ioports_permit_access(d, fp, fp + np - 1); @@ -97,10 +97,6 @@ long arch_do_domctl( page = mfn_to_page(mfn); - ret = xsm_getpageframeinfo(d); - if ( ret ) - break; - if ( likely(get_page(page, d)) ) { ret = 0; @@ -141,10 +137,6 @@ long arch_do_domctl( struct page_info *page; xen_pfn_t *arr; - ret = xsm_getpageframeinfo(d); - if ( ret ) - break; - if ( unlikely(num > 1024) || unlikely(num != domctl->u.getpageframeinfo3.num) ) { @@ -239,10 +231,6 @@ long arch_do_domctl( int num = domctl->u.getpageframeinfo2.num; uint32_t *arr32; - ret = xsm_getpageframeinfo(d); - if ( ret ) - break; - if ( unlikely(num > 1024) ) { ret = -E2BIG; @@ -334,10 +322,6 @@ long arch_do_domctl( uint64_t mfn; struct page_info *page; - ret = xsm_getmemlist(d); - if ( ret ) - break; - if ( unlikely(d->is_dying) ) { ret = -EINVAL; break; @@ -373,10 +357,6 @@ long arch_do_domctl( struct page_info *page; void *hypercall_page; - ret = xsm_hypercall_init(d); - if ( ret ) - break; - page = get_page_from_gfn(d, gmfn, NULL, P2M_ALLOC); ret = -EACCES; @@ -401,10 +381,6 @@ long arch_do_domctl( { struct hvm_domain_context c = { .size = domctl->u.hvmcontext.size }; - ret = xsm_hvmcontext(d, domctl->cmd); - if ( ret ) - goto sethvmcontext_out; - ret = -EINVAL; if ( !is_hvm_domain(d) ) goto sethvmcontext_out; @@ -431,10 +407,6 @@ long arch_do_domctl( { struct hvm_domain_context c = { 0 }; - ret = xsm_hvmcontext(d, domctl->cmd); - if ( ret ) - goto gethvmcontext_out; - ret = -EINVAL; if ( !is_hvm_domain(d) ) goto gethvmcontext_out; @@ -477,10 +449,6 @@ long arch_do_domctl( case XEN_DOMCTL_gethvmcontext_partial: { - ret = xsm_hvmcontext(d, domctl->cmd); - if ( ret ) - break; - ret = -EINVAL; if ( !is_hvm_domain(d) ) break; @@ -496,10 +464,6 @@ long arch_do_domctl( case XEN_DOMCTL_set_address_size: { - ret = xsm_address_size(d, domctl->cmd); - if ( ret ) - break; - switch ( domctl->u.address_size.size ) { case 32: @@ -517,10 +481,6 @@ long arch_do_domctl( case XEN_DOMCTL_get_address_size: { - ret = xsm_address_size(d, domctl->cmd); - if ( ret ) - break; - domctl->u.address_size.size = is_pv_32on64_domain(d) ? 32 : BITS_PER_LONG; @@ -531,10 +491,6 @@ long arch_do_domctl( case XEN_DOMCTL_set_machine_address_size: { - ret = xsm_machine_address_size(d, domctl->cmd); - if ( ret ) - break; - ret = -EBUSY; if ( d->tot_pages > 0 ) break; @@ -547,10 +503,6 @@ long arch_do_domctl( case XEN_DOMCTL_get_machine_address_size: { - ret = xsm_machine_address_size(d, domctl->cmd); - if ( ret ) - break; - domctl->u.address_size.size = d->arch.physaddr_bitsize; ret = 0; @@ -562,10 +514,6 @@ long arch_do_domctl( { struct vcpu *v; - ret = xsm_sendtrigger(d); - if ( ret ) - break; - ret = -EINVAL; if ( domctl->u.sendtrigger.vcpu >= MAX_VIRT_CPUS ) break; @@ -623,7 +571,7 @@ long arch_do_domctl( if ( !is_hvm_domain(d) ) break; - ret = xsm_bind_pt_irq(d, bind); + ret = xsm_bind_pt_irq(XSM_HOOK, d, bind); if ( ret ) break; @@ -656,7 +604,7 @@ long arch_do_domctl( !irq_access_permitted(current->domain, bind->machine_irq) ) break; - ret = xsm_unbind_pt_irq(d, bind); + ret = xsm_unbind_pt_irq(XSM_HOOK, d, bind); if ( ret ) break; @@ -691,7 +639,7 @@ long arch_do_domctl( !iomem_access_permitted(current->domain, mfn, mfn + nr_mfns - 1) ) break; - ret = xsm_iomem_mapping(d, mfn, mfn + nr_mfns - 1, add); + ret = xsm_iomem_mapping(XSM_HOOK, d, mfn, mfn + nr_mfns - 1, add); if ( ret ) break; @@ -769,7 +717,7 @@ long arch_do_domctl( !ioports_access_permitted(current->domain, fmp, fmp + np - 1) ) break; - ret = xsm_ioport_mapping(d, fmp, fmp + np - 1, add); + ret = xsm_ioport_mapping(XSM_HOOK, d, fmp, fmp + np - 1, add); if ( ret ) break; @@ -832,10 +780,6 @@ long arch_do_domctl( case XEN_DOMCTL_pin_mem_cacheattr: { - ret = xsm_pin_mem_cacheattr(d); - if ( ret ) - break; - ret = hvm_set_mem_pinned_cacheattr( d, domctl->u.pin_mem_cacheattr.start, domctl->u.pin_mem_cacheattr.end, @@ -851,10 +795,6 @@ long arch_do_domctl( evc = &domctl->u.ext_vcpucontext; - ret = xsm_ext_vcpucontext(d, domctl->cmd); - if ( ret ) - break; - ret = -ESRCH; if ( (evc->vcpu >= d->max_vcpus) || ((v = d->vcpu[evc->vcpu]) == NULL) ) @@ -1118,10 +1058,6 @@ long arch_do_domctl( evc = &domctl->u.vcpuextstate; - ret = xsm_vcpuextstate(d, domctl->cmd); - if ( ret ) - goto vcpuextstate_out; - ret = -ESRCH; if ( (evc->vcpu >= d->max_vcpus) || ((v = d->vcpu[evc->vcpu]) == NULL) ) @@ -1223,19 +1159,15 @@ long arch_do_domctl( case XEN_DOMCTL_mem_event_op: { - ret = xsm_mem_event(d); - if ( !ret ) - ret = mem_event_domctl(d, &domctl->u.mem_event_op, - guest_handle_cast(u_domctl, void)); + ret = mem_event_domctl(d, &domctl->u.mem_event_op, + guest_handle_cast(u_domctl, void)); copyback = 1; } break; case XEN_DOMCTL_mem_sharing_op: { - ret = xsm_mem_sharing(d); - if ( !ret ) - ret = mem_sharing_domctl(d, &domctl->u.mem_sharing_op); + ret = mem_sharing_domctl(d, &domctl->u.mem_sharing_op); } break; @@ -1265,11 +1197,9 @@ long arch_do_domctl( if ( current->domain == d ) break; - ret = xsm_mem_event(d); - if ( !ret ) { - p2m = p2m_get_hostp2m(d); - p2m->access_required = domctl->u.access_required.access_required; - } + ret = 0; + p2m = p2m_get_hostp2m(d); + p2m->access_required = domctl->u.access_required.access_required; } break; diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/arch/x86/hvm/hvm.c --- a/xen/arch/x86/hvm/hvm.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/arch/x86/hvm/hvm.c Fri Jan 11 12:23:39 2013 +0000 @@ -3388,7 +3388,7 @@ static int hvmop_set_pci_intx_level( if ( (op.domain > 0) || (op.bus > 0) || (op.device > 31) || (op.intx > 3) ) return -EINVAL; - rc = rcu_lock_remote_target_domain_by_id(op.domid, &d); + rc = rcu_lock_remote_domain_by_id(op.domid, &d); if ( rc != 0 ) return rc; @@ -3396,7 +3396,7 @@ static int hvmop_set_pci_intx_level( if ( !is_hvm_domain(d) ) goto out; - rc = xsm_hvm_set_pci_intx_level(d); + rc = xsm_hvm_set_pci_intx_level(XSM_DM_PRIV, d); if ( rc ) goto out; @@ -3555,7 +3555,7 @@ static int hvmop_set_isa_irq_level( if ( op.isa_irq > 15 ) return -EINVAL; - rc = rcu_lock_remote_target_domain_by_id(op.domid, &d); + rc = rcu_lock_remote_domain_by_id(op.domid, &d); if ( rc != 0 ) return rc; @@ -3563,7 +3563,7 @@ static int hvmop_set_isa_irq_level( if ( !is_hvm_domain(d) ) goto out; - rc = xsm_hvm_set_isa_irq_level(d); + rc = xsm_hvm_set_isa_irq_level(XSM_DM_PRIV, d); if ( rc ) goto out; @@ -3599,7 +3599,7 @@ static int hvmop_set_pci_link_route( if ( (op.link > 3) || (op.isa_irq > 15) ) return -EINVAL; - rc = rcu_lock_remote_target_domain_by_id(op.domid, &d); + rc = rcu_lock_remote_domain_by_id(op.domid, &d); if ( rc != 0 ) return rc; @@ -3607,7 +3607,7 @@ static int hvmop_set_pci_link_route( if ( !is_hvm_domain(d) ) goto out; - rc = xsm_hvm_set_pci_link_route(d); + rc = xsm_hvm_set_pci_link_route(XSM_DM_PRIV, d); if ( rc ) goto out; @@ -3629,7 +3629,7 @@ static int hvmop_inject_msi( if ( copy_from_guest(&op, uop, 1) ) return -EFAULT; - rc = rcu_lock_remote_target_domain_by_id(op.domid, &d); + rc = rcu_lock_remote_domain_by_id(op.domid, &d); if ( rc != 0 ) return rc; @@ -3637,7 +3637,7 @@ static int hvmop_inject_msi( if ( !is_hvm_domain(d) ) goto out; - rc = xsm_hvm_inject_msi(d); + rc = xsm_hvm_inject_msi(XSM_DM_PRIV, d); if ( rc ) goto out; @@ -3726,15 +3726,15 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( a.index >= HVM_NR_PARAMS ) return -EINVAL; - rc = rcu_lock_target_domain_by_id(a.domid, &d); - if ( rc != 0 ) - return rc; + d = rcu_lock_domain_by_any_id(a.domid); + if ( d == NULL ) + return -ESRCH; rc = -EINVAL; if ( !is_hvm_domain(d) ) goto param_fail; - rc = xsm_hvm_param(d, op); + rc = xsm_hvm_param(XSM_TARGET, d, op); if ( rc ) goto param_fail; @@ -3972,7 +3972,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( copy_from_guest(&a, arg, 1) ) return -EFAULT; - rc = rcu_lock_remote_target_domain_by_id(a.domid, &d); + rc = rcu_lock_remote_domain_by_id(a.domid, &d); if ( rc != 0 ) return rc; @@ -3983,7 +3983,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( a.nr > GB(1) >> PAGE_SHIFT ) goto param_fail2; - rc = xsm_hvm_param(d, op); + rc = xsm_hvm_param(XSM_TARGET, d, op); if ( rc ) goto param_fail2; @@ -4013,7 +4013,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( copy_from_guest(&a, arg, 1) ) return -EFAULT; - rc = rcu_lock_remote_target_domain_by_id(a.domid, &d); + rc = rcu_lock_remote_domain_by_id(a.domid, &d); if ( rc != 0 ) return rc; @@ -4021,7 +4021,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( !is_hvm_domain(d) ) goto param_fail3; - rc = xsm_hvm_param(d, op); + rc = xsm_hvm_param(XSM_TARGET, d, op); if ( rc ) goto param_fail3; @@ -4078,11 +4078,11 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( copy_from_guest(&a, arg, 1) ) return -EFAULT; - rc = rcu_lock_target_domain_by_id(a.domid, &d); - if ( rc != 0 ) - return rc; - - rc = xsm_hvm_param(d, op); + d = rcu_lock_domain_by_any_id(a.domid); + if ( d == NULL ) + return -ESRCH; + + rc = xsm_hvm_param(XSM_TARGET, d, op); if ( rc ) goto param_fail_getmemtype; @@ -4128,7 +4128,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( copy_from_guest(&a, arg, 1) ) return -EFAULT; - rc = rcu_lock_remote_target_domain_by_id(a.domid, &d); + rc = rcu_lock_remote_domain_by_id(a.domid, &d); if ( rc != 0 ) return rc; @@ -4136,7 +4136,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( !is_hvm_domain(d) ) goto param_fail4; - rc = xsm_hvm_param(d, op); + rc = xsm_hvm_param(XSM_TARGET, d, op); if ( rc ) goto param_fail4; @@ -4221,7 +4221,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( copy_from_guest(&a, arg, 1) ) return -EFAULT; - rc = rcu_lock_remote_target_domain_by_id(a.domid, &d); + rc = rcu_lock_remote_domain_by_id(a.domid, &d); if ( rc != 0 ) return rc; @@ -4229,7 +4229,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( !is_hvm_domain(d) ) goto param_fail5; - rc = xsm_hvm_param(d, op); + rc = xsm_hvm_param(XSM_TARGET, d, op); if ( rc ) goto param_fail5; @@ -4256,7 +4256,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( copy_from_guest(&a, arg, 1) ) return -EFAULT; - rc = rcu_lock_remote_target_domain_by_id(a.domid, &d); + rc = rcu_lock_remote_domain_by_id(a.domid, &d); if ( rc != 0 ) return rc; @@ -4264,7 +4264,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( !is_hvm_domain(d) ) goto param_fail6; - rc = xsm_hvm_param(d, op); + rc = xsm_hvm_param(XSM_TARGET, d, op); if ( rc ) goto param_fail6; @@ -4292,15 +4292,15 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( copy_from_guest(&a, arg, 1) ) return -EFAULT; - rc = rcu_lock_target_domain_by_id(a.domid, &d); - if ( rc != 0 ) - return rc; + d = rcu_lock_domain_by_any_id(a.domid); + if ( d == NULL ) + return -ESRCH; rc = -EINVAL; if ( !is_hvm_domain(d) || !paging_mode_shadow(d) ) goto param_fail7; - rc = xsm_hvm_param(d, op); + rc = xsm_hvm_param(XSM_TARGET, d, op); if ( rc ) goto param_fail7; @@ -4346,7 +4346,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( copy_from_guest(&tr, arg, 1 ) ) return -EFAULT; - rc = rcu_lock_remote_target_domain_by_id(tr.domid, &d); + rc = rcu_lock_remote_domain_by_id(tr.domid, &d); if ( rc != 0 ) return rc; @@ -4354,7 +4354,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( !is_hvm_domain(d) ) goto param_fail8; - rc = xsm_hvm_param(d, op); + rc = xsm_hvm_param(XSM_TARGET, d, op); if ( rc ) goto param_fail8; diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/arch/x86/irq.c --- a/xen/arch/x86/irq.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/arch/x86/irq.c Fri Jan 11 12:23:39 2013 +0000 @@ -1853,8 +1853,7 @@ int map_domain_pirq( ASSERT(spin_is_locked(&d->event_lock)); if ( !IS_PRIV(current->domain) && - !(IS_PRIV_FOR(current->domain, d) && - irq_access_permitted(current->domain, pirq))) + !irq_access_permitted(current->domain, pirq)) return -EPERM; if ( pirq < 0 || pirq >= d->nr_pirqs || irq < 0 || irq >= nr_irqs ) @@ -1875,7 +1874,7 @@ int map_domain_pirq( return 0; } - ret = xsm_map_domain_pirq(d, irq, data); + ret = xsm_map_domain_pirq(XSM_HOOK, d, irq, data); if ( ret ) { dprintk(XENLOG_G_ERR, "dom%d: could not permit access to irq %d mapping to pirq %d\n", diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/arch/x86/mm.c --- a/xen/arch/x86/mm.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/arch/x86/mm.c Fri Jan 11 12:23:39 2013 +0000 @@ -2605,11 +2605,6 @@ static struct domain *get_pg_owner(domid pg_owner = rcu_lock_domain(dom_io); break; case DOMID_XEN: - if ( !IS_PRIV(curr) ) - { - MEM_LOG("Cannot set foreign dom"); - break; - } pg_owner = rcu_lock_domain(dom_xen); break; default: @@ -2618,12 +2613,6 @@ static struct domain *get_pg_owner(domid MEM_LOG("Unknown domain '%u'", domid); break; } - if ( !IS_PRIV_FOR(curr, pg_owner) ) - { - MEM_LOG("Cannot set foreign dom"); - rcu_unlock_domain(pg_owner); - pg_owner = NULL; - } break; } @@ -2711,6 +2700,13 @@ long do_mmuext_op( goto out; } + rc = xsm_mmuext_op(XSM_TARGET, d, pg_owner); + if ( rc ) + { + rcu_unlock_domain(pg_owner); + goto out; + } + for ( i = 0; i < count; i++ ) { if ( hypercall_preempt_check() ) @@ -2776,7 +2772,7 @@ long do_mmuext_op( break; } - if ( (rc = xsm_memory_pin_page(d, pg_owner, page)) != 0 ) + if ( (rc = xsm_memory_pin_page(XSM_HOOK, d, pg_owner, page)) != 0 ) { put_page_and_type(page); okay = 0; @@ -3153,6 +3149,8 @@ long do_mmu_update( struct vcpu *v = current; struct domain *d = v->domain, *pt_owner = d, *pg_owner; struct domain_mmap_cache mapcache; + uint32_t xsm_needed = 0; + uint32_t xsm_checked = 0; if ( unlikely(count & MMU_UPDATE_PREEMPTED) ) { @@ -3184,11 +3182,6 @@ long do_mmu_update( rc = -EINVAL; goto out; } - if ( !IS_PRIV_FOR(d, pt_owner) ) - { - rc = -ESRCH; - goto out; - } } if ( (pg_owner = get_pg_owner((uint16_t)foreigndom)) == NULL ) @@ -3228,9 +3221,20 @@ long do_mmu_update( { p2m_type_t p2mt; - rc = xsm_mmu_normal_update(d, pt_owner, pg_owner, req.val); - if ( rc ) - break; + xsm_needed |= XSM_MMU_NORMAL_UPDATE; + if ( get_pte_flags(req.val) & _PAGE_PRESENT ) + { + xsm_needed |= XSM_MMU_UPDATE_READ; + if ( get_pte_flags(req.val) & _PAGE_RW ) + xsm_needed |= XSM_MMU_UPDATE_WRITE; + } + if ( xsm_needed != xsm_checked ) + { + rc = xsm_mmu_update(XSM_TARGET, d, pt_owner, pg_owner, xsm_needed); + if ( rc ) + break; + xsm_checked = xsm_needed; + } rc = -EINVAL; req.ptr -= cmd; @@ -3342,9 +3346,14 @@ long do_mmu_update( mfn = req.ptr >> PAGE_SHIFT; gpfn = req.val; - rc = xsm_mmu_machphys_update(d, pg_owner, mfn); - if ( rc ) - break; + xsm_needed |= XSM_MMU_MACHPHYS_UPDATE; + if ( xsm_needed != xsm_checked ) + { + rc = xsm_mmu_update(XSM_TARGET, d, NULL, pg_owner, xsm_needed); + if ( rc ) + break; + xsm_checked = xsm_needed; + } if ( unlikely(!get_page_from_pagenr(mfn, pg_owner)) ) { @@ -3908,7 +3917,7 @@ static int __do_update_va_mapping( perfc_incr(calls_to_update_va); - rc = xsm_update_va_mapping(d, pg_owner, val); + rc = xsm_update_va_mapping(XSM_TARGET, d, pg_owner, val); if ( rc ) return rc; @@ -4375,11 +4384,11 @@ long arch_memory_op(int op, XEN_GUEST_HA if ( copy_from_guest(&xatp, arg, 1) ) return -EFAULT; - rc = rcu_lock_target_domain_by_id(xatp.domid, &d); - if ( rc != 0 ) - return rc; - - if ( xsm_add_to_physmap(current->domain, d) ) + d = rcu_lock_domain_by_any_id(xatp.domid); + if ( d == NULL ) + return -ESRCH; + + if ( xsm_add_to_physmap(XSM_TARGET, current->domain, d) ) { rcu_unlock_domain(d); return -EPERM; @@ -4414,11 +4423,11 @@ long arch_memory_op(int op, XEN_GUEST_HA if ( fmap.map.nr_entries > E820MAX ) return -EINVAL; - rc = rcu_lock_target_domain_by_id(fmap.domid, &d); - if ( rc != 0 ) - return rc; - - rc = xsm_domain_memory_map(d); + d = rcu_lock_domain_by_any_id(fmap.domid); + if ( d == NULL ) + return -ESRCH; + + rc = xsm_domain_memory_map(XSM_TARGET, d); if ( rc ) { rcu_unlock_domain(d); @@ -4493,10 +4502,7 @@ long arch_memory_op(int op, XEN_GUEST_HA XEN_GUEST_HANDLE_PARAM(e820entry_t) buffer_param; unsigned int i; - if ( !IS_PRIV(current->domain) ) - return -EINVAL; - - rc = xsm_machine_memory_map(); + rc = xsm_machine_memory_map(XSM_PRIV); if ( rc ) return rc; @@ -4572,21 +4578,17 @@ long arch_memory_op(int op, XEN_GUEST_HA struct domain *d; struct p2m_domain *p2m; - /* Support DOMID_SELF? */ - if ( !IS_PRIV(current->domain) ) - return -EPERM; - if ( copy_from_guest(&target, arg, 1) ) return -EFAULT; - rc = rcu_lock_target_domain_by_id(target.domid, &d); - if ( rc != 0 ) - return rc; + d = rcu_lock_domain_by_any_id(target.domid); + if ( d == NULL ) + return -ESRCH; if ( op == XENMEM_set_pod_target ) - rc = xsm_set_pod_target(d); + rc = xsm_set_pod_target(XSM_PRIV, d); else - rc = xsm_get_pod_target(d); + rc = xsm_get_pod_target(XSM_PRIV, d); if ( rc != 0 ) goto pod_target_out_unlock; diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/arch/x86/mm/mem_event.c --- a/xen/arch/x86/mm/mem_event.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/arch/x86/mm/mem_event.c Fri Jan 11 12:23:39 2013 +0000 @@ -29,6 +29,7 @@ #include #include #include +#include /* for public/io/ring.h macros */ #define xen_mb() mb() @@ -439,35 +440,19 @@ static void mem_sharing_notification(str mem_sharing_sharing_resume(v->domain); } -struct domain *get_mem_event_op_target(uint32_t domain, int *rc) -{ - struct domain *d; - - /* Get the target domain */ - *rc = rcu_lock_remote_target_domain_by_id(domain, &d); - if ( *rc != 0 ) - return NULL; - - /* Not dying? */ - if ( d->is_dying ) - { - rcu_unlock_domain(d); - *rc = -EINVAL; - return NULL; - } - - return d; -} - int do_mem_event_op(int op, uint32_t domain, void *arg) { int ret; struct domain *d; - d = get_mem_event_op_target(domain, &ret); - if ( !d ) + ret = rcu_lock_live_remote_domain_by_id(domain, &d); + if ( ret ) return ret; + ret = xsm_mem_event_op(XSM_TARGET, d, op); + if ( ret ) + goto out; + switch (op) { case XENMEM_paging_op: @@ -483,6 +468,7 @@ int do_mem_event_op(int op, uint32_t dom ret = -ENOSYS; } + out: rcu_unlock_domain(d); return ret; } @@ -516,6 +502,10 @@ int mem_event_domctl(struct domain *d, x { int rc; + rc = xsm_mem_event_control(XSM_PRIV, d, mec->mode, mec->op); + if ( rc ) + return rc; + if ( unlikely(d == current->domain) ) { gdprintk(XENLOG_INFO, "Tried to do a memory event op on itself.\n"); @@ -537,13 +527,6 @@ int mem_event_domctl(struct domain *d, x return -EINVAL; } - /* TODO: XSM hook */ -#if 0 - rc = xsm_mem_event_control(d, mec->op); - if ( rc ) - return rc; -#endif - rc = -ENOSYS; switch ( mec->mode ) diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/arch/x86/mm/mem_sharing.c --- a/xen/arch/x86/mm/mem_sharing.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/arch/x86/mm/mem_sharing.c Fri Jan 11 12:23:39 2013 +0000 @@ -34,6 +34,7 @@ #include #include #include +#include #include "mm-locks.h" @@ -1345,10 +1346,18 @@ int mem_sharing_memop(struct domain *d, if ( !mem_sharing_enabled(d) ) return -EINVAL; - cd = get_mem_event_op_target(mec->u.share.client_domain, &rc); - if ( !cd ) + rc = rcu_lock_live_remote_domain_by_id(mec->u.share.client_domain, + &cd); + if ( rc ) return rc; + rc = xsm_mem_sharing_op(XSM_TARGET, d, cd, mec->op); + if ( rc ) + { + rcu_unlock_domain(cd); + return rc; + } + if ( !mem_sharing_enabled(cd) ) { rcu_unlock_domain(cd); @@ -1401,10 +1410,18 @@ int mem_sharing_memop(struct domain *d, if ( !mem_sharing_enabled(d) ) return -EINVAL; - cd = get_mem_event_op_target(mec->u.share.client_domain, &rc); - if ( !cd ) + rc = rcu_lock_live_remote_domain_by_id(mec->u.share.client_domain, + &cd); + if ( rc ) return rc; + rc = xsm_mem_sharing_op(XSM_TARGET, d, cd, mec->op); + if ( rc ) + { + rcu_unlock_domain(cd); + return rc; + } + if ( !mem_sharing_enabled(cd) ) { rcu_unlock_domain(cd); diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/arch/x86/mm/paging.c --- a/xen/arch/x86/mm/paging.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/arch/x86/mm/paging.c Fri Jan 11 12:23:39 2013 +0000 @@ -559,7 +559,7 @@ int paging_domctl(struct domain *d, xen_ return -EINVAL; } - rc = xsm_shadow_control(d, sc->op); + rc = xsm_shadow_control(XSM_HOOK, d, sc->op); if ( rc ) return rc; diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/arch/x86/msi.c --- a/xen/arch/x86/msi.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/arch/x86/msi.c Fri Jan 11 12:23:39 2013 +0000 @@ -1016,7 +1016,7 @@ int pci_restore_msi_state(struct pci_dev if (!pdev) return -EINVAL; - ret = xsm_resource_setup_pci((pdev->seg << 16) | (pdev->bus << 8) | pdev->devfn); + ret = xsm_resource_setup_pci(XSM_PRIV, (pdev->seg << 16) | (pdev->bus << 8) | pdev->devfn); if ( ret ) return ret; diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/arch/x86/physdev.c --- a/xen/arch/x86/physdev.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/arch/x86/physdev.c Fri Jan 11 12:23:39 2013 +0000 @@ -109,12 +109,6 @@ int physdev_map_pirq(domid_t domid, int if ( ret ) return ret; - if ( !IS_PRIV_FOR(current->domain, d) ) - { - ret = -EPERM; - goto free_domain; - } - /* Verify or get irq. */ switch ( type ) { @@ -238,11 +232,7 @@ int physdev_unmap_pirq(domid_t domid, in goto free_domain; } - ret = -EPERM; - if ( !IS_PRIV_FOR(current->domain, d) ) - goto free_domain; - - ret = xsm_unmap_domain_pirq(d, domain_pirq_to_irq(d, pirq)); + ret = xsm_unmap_domain_pirq(XSM_TARGET, d, domain_pirq_to_irq(d, pirq)); if ( ret ) goto free_domain; @@ -433,10 +423,7 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H ret = -EFAULT; if ( copy_from_guest(&apic, arg, 1) != 0 ) break; - ret = -EPERM; - if ( !IS_PRIV(v->domain) ) - break; - ret = xsm_apic(v->domain, cmd); + ret = xsm_apic(XSM_PRIV, v->domain, cmd); if ( ret ) break; ret = ioapic_guest_read(apic.apic_physbase, apic.reg, &apic.value); @@ -450,10 +437,7 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H ret = -EFAULT; if ( copy_from_guest(&apic, arg, 1) != 0 ) break; - ret = -EPERM; - if ( !IS_PRIV(v->domain) ) - break; - ret = xsm_apic(v->domain, cmd); + ret = xsm_apic(XSM_PRIV, v->domain, cmd); if ( ret ) break; ret = ioapic_guest_write(apic.apic_physbase, apic.reg, apic.value); @@ -467,8 +451,10 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H if ( copy_from_guest(&irq_op, arg, 1) != 0 ) break; - ret = -EPERM; - if ( !IS_PRIV(v->domain) ) + /* Use the APIC check since this dummy hypercall should still only + * be called by the domain with access to program the ioapic */ + ret = xsm_apic(XSM_PRIV, v->domain, cmd); + if ( ret ) break; /* Vector is only used by hypervisor, and dom0 shouldn't @@ -517,9 +503,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H case PHYSDEVOP_manage_pci_add: { struct physdev_manage_pci manage_pci; - ret = -EPERM; - if ( !IS_PRIV(v->domain) ) - break; ret = -EFAULT; if ( copy_from_guest(&manage_pci, arg, 1) != 0 ) break; @@ -530,9 +513,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H case PHYSDEVOP_manage_pci_remove: { struct physdev_manage_pci manage_pci; - ret = -EPERM; - if ( !IS_PRIV(v->domain) ) - break; ret = -EFAULT; if ( copy_from_guest(&manage_pci, arg, 1) != 0 ) break; @@ -545,10 +525,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H struct physdev_manage_pci_ext manage_pci_ext; struct pci_dev_info pdev_info; - ret = -EPERM; - if ( !IS_PRIV(current->domain) ) - break; - ret = -EFAULT; if ( copy_from_guest(&manage_pci_ext, arg, 1) != 0 ) break; @@ -571,10 +547,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H struct physdev_pci_device_add add; struct pci_dev_info pdev_info; - ret = -EPERM; - if ( !IS_PRIV(current->domain) ) - break; - ret = -EFAULT; if ( copy_from_guest(&add, arg, 1) != 0 ) break; @@ -595,10 +567,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H case PHYSDEVOP_pci_device_remove: { struct physdev_pci_device dev; - ret = -EPERM; - if ( !IS_PRIV(v->domain) ) - break; - ret = -EFAULT; if ( copy_from_guest(&dev, arg, 1) != 0 ) break; @@ -610,11 +578,7 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H case PHYSDEVOP_pci_mmcfg_reserved: { struct physdev_pci_mmcfg_reserved info; - ret = -EPERM; - if ( !IS_PRIV(current->domain) ) - break; - - ret = xsm_resource_setup_misc(); + ret = xsm_resource_setup_misc(XSM_PRIV); if ( ret ) break; @@ -631,10 +595,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H struct physdev_restore_msi restore_msi; struct pci_dev *pdev; - ret = -EPERM; - if ( !IS_PRIV(v->domain) ) - break; - ret = -EFAULT; if ( copy_from_guest(&restore_msi, arg, 1) != 0 ) break; @@ -650,10 +610,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H struct physdev_pci_device dev; struct pci_dev *pdev; - ret = -EPERM; - if ( !IS_PRIV(v->domain) ) - break; - ret = -EFAULT; if ( copy_from_guest(&dev, arg, 1) != 0 ) break; @@ -668,10 +624,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H case PHYSDEVOP_setup_gsi: { struct physdev_setup_gsi setup_gsi; - ret = -EPERM; - if ( !IS_PRIV(v->domain) ) - break; - ret = -EFAULT; if ( copy_from_guest(&setup_gsi, arg, 1) != 0 ) break; @@ -680,7 +632,7 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H if ( setup_gsi.gsi < 0 || setup_gsi.gsi >= nr_irqs_gsi ) break; - ret = xsm_resource_setup_gsi(setup_gsi.gsi); + ret = xsm_resource_setup_gsi(XSM_PRIV, setup_gsi.gsi); if ( ret ) break; diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/arch/x86/platform_hypercall.c --- a/xen/arch/x86/platform_hypercall.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/arch/x86/platform_hypercall.c Fri Jan 11 12:23:39 2013 +0000 @@ -66,15 +66,16 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA ret_t ret = 0; struct xen_platform_op curop, *op = &curop; - if ( !IS_PRIV(current->domain) ) - return -EPERM; - if ( copy_from_guest(op, u_xenpf_op, 1) ) return -EFAULT; if ( op->interface_version != XENPF_INTERFACE_VERSION ) return -EACCES; + ret = xsm_platform_op(XSM_PRIV, op->cmd); + if ( ret ) + return ret; + /* * Trylock here avoids deadlock with an existing platform critical section * which might (for some current or future reason) want to synchronise @@ -89,10 +90,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA { case XENPF_settime: { - ret = xsm_xen_settime(); - if ( ret ) - break; - do_settime(op->u.settime.secs, op->u.settime.nsecs, op->u.settime.system_time); @@ -102,10 +99,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA case XENPF_add_memtype: { - ret = xsm_memtype(op->cmd); - if ( ret ) - break; - ret = mtrr_add_page( op->u.add_memtype.mfn, op->u.add_memtype.nr_mfns, @@ -125,10 +118,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA case XENPF_del_memtype: { - ret = xsm_memtype(op->cmd); - if ( ret ) - break; - if (op->u.del_memtype.handle == 0 /* mtrr/main.c otherwise does a lookup */ && (int)op->u.del_memtype.reg >= 0) @@ -147,10 +136,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA unsigned long mfn, nr_mfns; mtrr_type type; - ret = xsm_memtype(op->cmd); - if ( ret ) - break; - ret = -EINVAL; if ( op->u.read_memtype.reg < num_var_ranges ) { @@ -168,10 +153,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA { XEN_GUEST_HANDLE(const_void) data; - ret = xsm_microcode(); - if ( ret ) - break; - guest_from_compat_handle(data, op->u.microcode.data); /* @@ -199,10 +180,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA { int quirk_id = op->u.platform_quirk.quirk_id; - ret = xsm_platform_quirk(quirk_id); - if ( ret ) - break; - switch ( quirk_id ) { case QUIRK_NOIRQBALANCING: @@ -224,10 +201,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA break; case XENPF_firmware_info: - ret = xsm_firmware_info(); - if ( ret ) - break; - switch ( op->u.firmware_info.type ) { case XEN_FW_DISK_INFO: { @@ -336,10 +309,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA break; case XENPF_efi_runtime_call: - ret = xsm_efi_call(); - if ( ret ) - break; - ret = efi_runtime_call(&op->u.efi_runtime_call); if ( ret == 0 && __copy_field_to_guest(u_xenpf_op, op, u.efi_runtime_call) ) @@ -347,18 +316,10 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA break; case XENPF_enter_acpi_sleep: - ret = xsm_acpi_sleep(); - if ( ret ) - break; - ret = acpi_enter_sleep(&op->u.enter_acpi_sleep); break; case XENPF_change_freq: - ret = xsm_change_freq(); - if ( ret ) - break; - ret = -ENOSYS; if ( cpufreq_controller != FREQCTL_dom0_kernel ) break; @@ -380,10 +341,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA XEN_GUEST_HANDLE(uint8) cpumap_bitmap; XEN_GUEST_HANDLE(uint64) idletimes; - ret = xsm_getidletime(); - if ( ret ) - break; - ret = -ENOSYS; if ( cpufreq_controller != FREQCTL_dom0_kernel ) break; @@ -420,10 +377,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA break; case XENPF_set_processor_pminfo: - ret = xsm_setpminfo(); - if ( ret ) - break; - switch ( op->u.set_pminfo.type ) { case XEN_PM_PX: @@ -476,10 +429,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA g_info = &op->u.pcpu_info; - ret = xsm_getcpuinfo(); - if ( ret ) - break; - if ( !get_cpu_maps() ) { ret = -EBUSY; @@ -549,7 +498,7 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA { int cpu = op->u.cpu_ol.cpuid; - ret = xsm_resource_plug_core(); + ret = xsm_resource_plug_core(XSM_HOOK); if ( ret ) break; @@ -565,10 +514,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA break; } - ret = xsm_resource_plug_core(); - if ( ret ) - break; - ret = continue_hypercall_on_cpu( 0, cpu_up_helper, (void *)(unsigned long)cpu); break; @@ -578,7 +523,7 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA { int cpu = op->u.cpu_ol.cpuid; - ret = xsm_resource_unplug_core(); + ret = xsm_resource_unplug_core(XSM_HOOK); if ( ret ) break; @@ -607,7 +552,7 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA break; case XENPF_cpu_hotadd: - ret = xsm_resource_plug_core(); + ret = xsm_resource_plug_core(XSM_HOOK); if ( ret ) break; @@ -617,7 +562,7 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA break; case XENPF_mem_hotadd: - ret = xsm_resource_plug_core(); + ret = xsm_resource_plug_core(XSM_HOOK); if ( ret ) break; diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/arch/x86/sysctl.c --- a/xen/arch/x86/sysctl.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/arch/x86/sysctl.c Fri Jan 11 12:23:39 2013 +0000 @@ -69,11 +69,6 @@ long arch_do_sysctl( { xen_sysctl_physinfo_t *pi = &sysctl->u.physinfo; - ret = xsm_physinfo(); - if ( ret ) - break; - - memset(pi, 0, sizeof(*pi)); pi->threads_per_core = cpumask_weight(per_cpu(cpu_sibling_mask, 0)); @@ -103,10 +98,6 @@ long arch_do_sysctl( uint32_t i, max_cpu_index, last_online_cpu; xen_sysctl_topologyinfo_t *ti = &sysctl->u.topologyinfo; - ret = xsm_physinfo(); - if ( ret ) - break; - last_online_cpu = cpumask_last(&cpu_online_map); max_cpu_index = min_t(uint32_t, ti->max_cpu_index, last_online_cpu); ti->max_cpu_index = last_online_cpu; @@ -144,10 +135,6 @@ long arch_do_sysctl( uint32_t i, j, max_node_index, last_online_node; xen_sysctl_numainfo_t *ni = &sysctl->u.numainfo; - ret = xsm_physinfo(); - if ( ret ) - break; - last_online_node = last_node(node_online_map); max_node_index = min_t(uint32_t, ni->max_node_index, last_online_node); ni->max_node_index = last_online_node; @@ -199,14 +186,14 @@ long arch_do_sysctl( switch ( sysctl->u.cpu_hotplug.op ) { case XEN_SYSCTL_CPU_HOTPLUG_ONLINE: - ret = xsm_resource_plug_core(); + ret = xsm_resource_plug_core(XSM_HOOK); if ( ret ) break; ret = continue_hypercall_on_cpu( 0, cpu_up_helper, (void *)(unsigned long)cpu); break; case XEN_SYSCTL_CPU_HOTPLUG_OFFLINE: - ret = xsm_resource_unplug_core(); + ret = xsm_resource_unplug_core(XSM_HOOK); if ( ret ) break; ret = continue_hypercall_on_cpu( diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/arch/x86/traps.c --- a/xen/arch/x86/traps.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/arch/x86/traps.c Fri Jan 11 12:23:39 2013 +0000 @@ -1643,7 +1643,7 @@ static int pci_cfg_ok(struct domain *d, start |= (d->arch.pci_cf8 >> 16) & 0xF00; } end = start + size - 1; - if (xsm_pci_config_permission(d, machine_bdf, start, end, write)) + if (xsm_pci_config_permission(XSM_HOOK, d, machine_bdf, start, end, write)) return 0; return 1; } diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/common/domain.c --- a/xen/common/domain.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/common/domain.c Fri Jan 11 12:23:39 2013 +0000 @@ -252,7 +252,7 @@ struct domain *domain_create( if ( !is_idle_domain(d) ) { - if ( (err = xsm_domain_create(d, ssidref)) != 0 ) + if ( (err = xsm_domain_create(XSM_HOOK, d, ssidref)) != 0 ) goto fail; d->is_paused_by_controller = 1; @@ -475,6 +475,21 @@ int rcu_lock_remote_domain_by_id(domid_t return 0; } +int rcu_lock_live_remote_domain_by_id(domid_t dom, struct domain **d) +{ + int rv; + rv = rcu_lock_remote_domain_by_id(dom, d); + if ( rv ) + return rv; + if ( (*d)->is_dying ) + { + rcu_unlock_domain(*d); + return -EINVAL; + } + + return 0; +} + int domain_kill(struct domain *d) { int rc = 0; diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/common/domctl.c --- a/xen/common/domctl.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/common/domctl.c Fri Jan 11 12:23:39 2013 +0000 @@ -265,27 +265,9 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe return -ESRCH; } - switch ( op->cmd ) - { - case XEN_DOMCTL_ioport_mapping: - case XEN_DOMCTL_memory_mapping: - case XEN_DOMCTL_bind_pt_irq: - case XEN_DOMCTL_unbind_pt_irq: { - bool_t is_priv = IS_PRIV_FOR(current->domain, d); - if ( !is_priv ) - { - ret = -EPERM; - goto domctl_out_unlock_domonly; - } - break; - } - case XEN_DOMCTL_getdomaininfo: - break; - default: - if ( !IS_PRIV(current->domain) ) - return -EPERM; - break; - } + ret = xsm_domctl(XSM_OTHER, d, op->cmd); + if ( ret ) + goto domctl_out_unlock_domonly; if ( !domctl_lock_acquire() ) { @@ -308,10 +290,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe if ( d == NULL ) break; - ret = xsm_setvcpucontext(d); - if ( ret ) - goto svc_out; - ret = -EINVAL; if ( (d == current->domain) || /* no domain_pause() */ (vcpu >= d->max_vcpus) || ((v = d->vcpu[vcpu]) == NULL) ) @@ -358,10 +336,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe case XEN_DOMCTL_pausedomain: { - ret = xsm_pausedomain(d); - if ( ret ) - break; - ret = -EINVAL; if ( d != current->domain ) { @@ -373,10 +347,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe case XEN_DOMCTL_unpausedomain: { - ret = xsm_unpausedomain(d); - if ( ret ) - break; - domain_unpause_by_systemcontroller(d); ret = 0; } @@ -384,10 +354,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe case XEN_DOMCTL_resumedomain: { - ret = xsm_resumedomain(d); - if ( ret ) - break; - domain_resume(d); ret = 0; } @@ -470,10 +436,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe (is_hvm_domain(d) && (max > MAX_HVM_VCPUS)) ) break; - ret = xsm_max_vcpus(d); - if ( ret ) - break; - /* Until Xenoprof can dynamically grow its vcpu-s array... */ if ( d->xenoprof ) { @@ -556,7 +518,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe case XEN_DOMCTL_destroydomain: { - ret = xsm_destroydomain(d) ? : domain_kill(d); + ret = domain_kill(d); } break; @@ -565,10 +527,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe { struct vcpu *v; - ret = xsm_vcpuaffinity(op->cmd, d); - if ( ret ) - break; - ret = -EINVAL; if ( op->u.vcpuaffinity.vcpu >= d->max_vcpus ) break; @@ -599,10 +557,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe case XEN_DOMCTL_scheduler_op: { - ret = xsm_scheduler(d); - if ( ret ) - break; - ret = sched_adjust(d, &op->u.scheduler_op); copyback = 1; } @@ -625,7 +579,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe break; } - ret = xsm_getdomaininfo(d); + ret = xsm_getdomaininfo(XSM_HOOK, d); if ( ret ) goto getdomaininfo_out; @@ -645,10 +599,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe vcpu_guest_context_u c = { .nat = NULL }; struct vcpu *v; - ret = xsm_getvcpucontext(d); - if ( ret ) - goto getvcpucontext_out; - ret = -EINVAL; if ( op->u.vcpucontext.vcpu >= d->max_vcpus ) goto getvcpucontext_out; @@ -702,10 +652,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe struct vcpu *v; struct vcpu_runstate_info runstate; - ret = xsm_getvcpuinfo(d); - if ( ret ) - break; - ret = -EINVAL; if ( op->u.getvcpuinfo.vcpu >= d->max_vcpus ) break; @@ -730,10 +676,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe { unsigned long new_max; - ret = xsm_setdomainmaxmem(d); - if ( ret ) - break; - ret = -EINVAL; new_max = op->u.max_mem.max_memkb >> (PAGE_SHIFT-10); @@ -751,10 +693,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe case XEN_DOMCTL_setdomainhandle: { - ret = xsm_setdomainhandle(d); - if ( ret ) - break; - memcpy(d->handle, op->u.setdomainhandle.handle, sizeof(xen_domain_handle_t)); ret = 0; @@ -767,10 +705,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe if ( d == current->domain ) /* no domain_pause() */ break; - ret = xsm_setdebugging(d); - if ( ret ) - break; - domain_pause(d); d->debugger_attached = !!op->u.setdebugging.enable; domain_unpause(d); /* causes guest to latch new status */ @@ -785,7 +719,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe if ( pirq >= d->nr_pirqs ) ret = -EINVAL; - else if ( xsm_irq_permission(d, pirq, allow) ) + else if ( xsm_irq_permission(XSM_HOOK, d, pirq, allow) ) ret = -EPERM; else if ( allow ) ret = irq_permit_access(d, pirq); @@ -804,7 +738,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe if ( (mfn + nr_mfns - 1) < mfn ) /* wrap? */ break; - if ( xsm_iomem_permission(d, mfn, mfn + nr_mfns - 1, allow) ) + if ( xsm_iomem_permission(XSM_HOOK, d, mfn, mfn + nr_mfns - 1, allow) ) ret = -EPERM; else if ( allow ) ret = iomem_permit_access(d, mfn, mfn + nr_mfns - 1); @@ -815,10 +749,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe case XEN_DOMCTL_settimeoffset: { - ret = xsm_domain_settime(d); - if ( ret ) - break; - domain_set_time_offset(d, op->u.settimeoffset.time_offset_seconds); ret = 0; } @@ -840,7 +770,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe break; } - ret = xsm_set_target(d, e); + ret = xsm_set_target(XSM_HOOK, d, e); if ( ret ) { put_domain(e); break; @@ -855,27 +785,20 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe case XEN_DOMCTL_subscribe: { - ret = xsm_domctl(d, op->cmd); - if ( !ret ) - d->suspend_evtchn = op->u.subscribe.port; + d->suspend_evtchn = op->u.subscribe.port; } break; case XEN_DOMCTL_disable_migrate: { - ret = xsm_domctl(d, op->cmd); - if ( !ret ) - d->disable_migrate = op->u.disable_migrate.disable; + d->disable_migrate = op->u.disable_migrate.disable; } break; case XEN_DOMCTL_set_virq_handler: { uint32_t virq = op->u.set_virq_handler.virq; - - ret = xsm_set_virq_handler(d, virq); - if ( !ret ) - ret = set_global_virq_handler(d, virq); + ret = set_global_virq_handler(d, virq); } break; diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/common/event_channel.c --- a/xen/common/event_channel.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/common/event_channel.c Fri Jan 11 12:23:39 2013 +0000 @@ -165,9 +165,9 @@ static long evtchn_alloc_unbound(evtchn_ domid_t dom = alloc->dom; long rc; - rc = rcu_lock_target_domain_by_id(dom, &d); - if ( rc ) - return rc; + d = rcu_lock_domain_by_any_id(dom); + if ( d == NULL ) + return -ESRCH; spin_lock(&d->event_lock); @@ -175,7 +175,7 @@ static long evtchn_alloc_unbound(evtchn_ ERROR_EXIT_DOM(port, d); chn = evtchn_from_port(d, port); - rc = xsm_evtchn_unbound(d, chn, alloc->remote_dom); + rc = xsm_evtchn_unbound(XSM_TARGET, d, chn, alloc->remote_dom); if ( rc ) goto out; @@ -231,7 +231,7 @@ static long evtchn_bind_interdomain(evtc (rchn->u.unbound.remote_domid != ld->domain_id) ) ERROR_EXIT_DOM(-EINVAL, rd); - rc = xsm_evtchn_interdomain(ld, lchn, rd, rchn); + rc = xsm_evtchn_interdomain(XSM_HOOK, ld, lchn, rd, rchn); if ( rc ) goto out; @@ -580,7 +580,7 @@ int evtchn_send(struct domain *d, unsign return -EINVAL; } - ret = xsm_evtchn_send(ld, lchn); + ret = xsm_evtchn_send(XSM_HOOK, ld, lchn); if ( ret ) goto out; @@ -798,9 +798,9 @@ static long evtchn_status(evtchn_status_ struct evtchn *chn; long rc = 0; - rc = rcu_lock_target_domain_by_id(dom, &d); - if ( rc ) - return rc; + d = rcu_lock_domain_by_any_id(dom); + if ( d == NULL ) + return -ESRCH; spin_lock(&d->event_lock); @@ -812,7 +812,7 @@ static long evtchn_status(evtchn_status_ chn = evtchn_from_port(d, port); - rc = xsm_evtchn_status(d, chn); + rc = xsm_evtchn_status(XSM_TARGET, d, chn); if ( rc ) goto out; @@ -950,11 +950,11 @@ static long evtchn_reset(evtchn_reset_t struct domain *d; int i, rc; - rc = rcu_lock_target_domain_by_id(dom, &d); - if ( rc ) - return rc; + d = rcu_lock_domain_by_any_id(dom); + if ( d == NULL ) + return -ESRCH; - rc = xsm_evtchn_reset(current->domain, d); + rc = xsm_evtchn_reset(XSM_TARGET, current->domain, d); if ( rc ) goto out; @@ -1101,7 +1101,7 @@ int alloc_unbound_xen_event_channel( goto out; chn = evtchn_from_port(d, port); - rc = xsm_evtchn_unbound(d, chn, remote_domid); + rc = xsm_evtchn_unbound(XSM_TARGET, d, chn, remote_domid); chn->state = ECS_UNBOUND; chn->xen_consumer = get_xen_consumer(notification_fn); diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/common/grant_table.c --- a/xen/common/grant_table.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/common/grant_table.c Fri Jan 11 12:23:39 2013 +0000 @@ -230,30 +230,6 @@ double_gt_unlock(struct grant_table *lgt spin_unlock(&rgt->lock); } -static struct domain *gt_lock_target_domain_by_id(domid_t dom) -{ - struct domain *d; - int rc = GNTST_general_error; - - switch ( rcu_lock_target_domain_by_id(dom, &d) ) - { - case 0: - return d; - - case -ESRCH: - gdprintk(XENLOG_INFO, "Bad domid %d.\n", dom); - rc = GNTST_bad_domain; - break; - - case -EPERM: - rc = GNTST_permission_denied; - break; - } - - ASSERT(rc < 0 && -rc <= MAX_ERRNO); - return ERR_PTR(rc); -} - static inline int __get_maptrack_handle( struct grant_table *t) @@ -576,7 +552,7 @@ __gnttab_map_grant_ref( return; } - rc = xsm_grant_mapref(ld, rd, op->flags); + rc = xsm_grant_mapref(XSM_HOOK, ld, rd, op->flags); if ( rc ) { rcu_unlock_domain(rd); @@ -896,7 +872,7 @@ __gnttab_unmap_common( return; } - rc = xsm_grant_unmapref(ld, rd); + rc = xsm_grant_unmapref(XSM_HOOK, ld, rd); if ( rc ) { rcu_unlock_domain(rd); @@ -1352,14 +1328,15 @@ gnttab_setup_table( if ( !guest_handle_okay(op.frame_list, op.nr_frames) ) return -EFAULT; - d = gt_lock_target_domain_by_id(op.dom); - if ( IS_ERR(d) ) + d = rcu_lock_domain_by_any_id(op.dom); + if ( d == NULL ) { - op.status = PTR_ERR(d); - goto out1; + gdprintk(XENLOG_INFO, "Bad domid %d.\n", op.dom); + op.status = GNTST_bad_domain; + goto out2; } - if ( xsm_grant_setup(current->domain, d) ) + if ( xsm_grant_setup(XSM_TARGET, current->domain, d) ) { op.status = GNTST_permission_denied; goto out2; @@ -1421,14 +1398,15 @@ gnttab_query_size( return -EFAULT; } - d = gt_lock_target_domain_by_id(op.dom); - if ( IS_ERR(d) ) + d = rcu_lock_domain_by_any_id(op.dom); + if ( d == NULL ) { - op.status = PTR_ERR(d); + gdprintk(XENLOG_INFO, "Bad domid %d.\n", op.dom); + op.status = GNTST_bad_domain; goto query_out; } - rc = xsm_grant_query_size(current->domain, d); + rc = xsm_grant_query_size(XSM_TARGET, current->domain, d); if ( rc ) { op.status = GNTST_permission_denied; @@ -1604,7 +1582,7 @@ gnttab_transfer( goto copyback; } - if ( xsm_grant_transfer(d, e) ) + if ( xsm_grant_transfer(XSM_HOOK, d, e) ) { put_gfn(d, gop.mfn); gop.status = GNTST_permission_denied; @@ -2044,7 +2022,7 @@ __gnttab_copy( PIN_FAIL(error_out, GNTST_bad_domain, "couldn't find %d\n", op->dest.domid); - rc = xsm_grant_copy(sd, dd); + rc = xsm_grant_copy(XSM_HOOK, sd, dd); if ( rc ) { rc = GNTST_permission_denied; @@ -2296,13 +2274,13 @@ gnttab_get_status_frames(XEN_GUEST_HANDL return -EFAULT; } - d = gt_lock_target_domain_by_id(op.dom); - if ( IS_ERR(d) ) + d = rcu_lock_domain_by_any_id(op.dom); + if ( d == NULL ) { - op.status = PTR_ERR(d); + op.status = GNTST_bad_domain; goto out1; } - rc = xsm_grant_setup(current->domain, d); + rc = xsm_grant_setup(XSM_TARGET, current->domain, d); if ( rc ) { op.status = GNTST_permission_denied; goto out1; @@ -2349,14 +2327,15 @@ gnttab_get_version(XEN_GUEST_HANDLE_PARA if ( copy_from_guest(&op, uop, 1) ) return -EFAULT; - rc = rcu_lock_target_domain_by_id(op.dom, &d); - if ( rc < 0 ) - return rc; - - if ( xsm_grant_query_size(current->domain, d) ) + d = rcu_lock_domain_by_any_id(op.dom); + if ( d == NULL ) + return -ESRCH; + + rc = xsm_grant_query_size(XSM_TARGET, current->domain, d); + if ( rc ) { rcu_unlock_domain(d); - return -EPERM; + return rc; } op.version = d->grant_table->gt_version; diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/common/kexec.c --- a/xen/common/kexec.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/common/kexec.c Fri Jan 11 12:23:39 2013 +0000 @@ -852,10 +852,7 @@ static int do_kexec_op_internal(unsigned unsigned long flags; int ret = -EINVAL; - if ( !IS_PRIV(current->domain) ) - return -EPERM; - - ret = xsm_kexec(); + ret = xsm_kexec(XSM_PRIV); if ( ret ) return ret; diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/common/memory.c --- a/xen/common/memory.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/common/memory.c Fri Jan 11 12:23:39 2013 +0000 @@ -341,9 +341,19 @@ static long memory_exchange(XEN_GUEST_HA out_chunk_order = exch.in.extent_order - exch.out.extent_order; } - rc = rcu_lock_target_domain_by_id(exch.in.domid, &d); + d = rcu_lock_domain_by_any_id(exch.in.domid); + if ( d == NULL ) + { + rc = -ESRCH; + goto fail_early; + } + + rc = xsm_memory_exchange(XSM_TARGET, d); if ( rc ) + { + rcu_unlock_domain(d); goto fail_early; + } memflags |= MEMF_bits(domain_clamp_alloc_bitsize( d, @@ -585,11 +595,12 @@ long do_memory_op(unsigned long cmd, XEN && (reservation.mem_flags & XENMEMF_populate_on_demand) ) args.memflags |= MEMF_populate_on_demand; - if ( unlikely(rcu_lock_target_domain_by_id(reservation.domid, &d)) ) + d = rcu_lock_domain_by_any_id(reservation.domid); + if ( d == NULL ) return start_extent; args.domain = d; - rc = xsm_memory_adjust_reservation(current->domain, d); + rc = xsm_memory_adjust_reservation(XSM_TARGET, current->domain, d); if ( rc ) { rcu_unlock_domain(d); @@ -634,11 +645,11 @@ long do_memory_op(unsigned long cmd, XEN if ( copy_from_guest(&domid, arg, 1) ) return -EFAULT; - rc = rcu_lock_target_domain_by_id(domid, &d); - if ( rc ) - return rc; + d = rcu_lock_domain_by_any_id(domid); + if ( d == NULL ) + return -ESRCH; - rc = xsm_memory_stat_reservation(current->domain, d); + rc = xsm_memory_stat_reservation(XSM_TARGET, current->domain, d); if ( rc ) { rcu_unlock_domain(d); @@ -672,11 +683,11 @@ long do_memory_op(unsigned long cmd, XEN if ( copy_from_guest(&xrfp, arg, 1) ) return -EFAULT; - rc = rcu_lock_target_domain_by_id(xrfp.domid, &d); - if ( rc != 0 ) - return rc; + d = rcu_lock_domain_by_any_id(xrfp.domid); + if ( d == NULL ) + return -ESRCH; - if ( xsm_remove_from_physmap(current->domain, d) ) + if ( xsm_remove_from_physmap(XSM_TARGET, current->domain, d) ) { rcu_unlock_domain(d); return -EPERM; diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/common/schedule.c --- a/xen/common/schedule.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/common/schedule.c Fri Jan 11 12:23:39 2013 +0000 @@ -921,13 +921,7 @@ ret_t do_sched_op(int cmd, XEN_GUEST_HAN if ( d == NULL ) break; - if ( !IS_PRIV_FOR(current->domain, d) ) - { - rcu_unlock_domain(d); - return -EPERM; - } - - ret = xsm_schedop_shutdown(current->domain, d); + ret = xsm_schedop_shutdown(XSM_DM_PRIV, current->domain, d); if ( ret ) { rcu_unlock_domain(d); @@ -1012,7 +1006,11 @@ int sched_id(void) long sched_adjust(struct domain *d, struct xen_domctl_scheduler_op *op) { long ret; - + + ret = xsm_domctl_scheduler_op(XSM_HOOK, d, op->cmd); + if ( ret ) + return ret; + if ( (op->sched_id != DOM2OP(d)->sched_id) || ((op->cmd != XEN_DOMCTL_SCHEDOP_putinfo) && (op->cmd != XEN_DOMCTL_SCHEDOP_getinfo)) ) @@ -1031,6 +1029,10 @@ long sched_adjust_global(struct xen_sysc struct cpupool *pool; int rc; + rc = xsm_sysctl_scheduler_op(XSM_HOOK, op->cmd); + if ( rc ) + return rc; + if ( (op->cmd != XEN_DOMCTL_SCHEDOP_putinfo) && (op->cmd != XEN_DOMCTL_SCHEDOP_getinfo) ) return -EINVAL; diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/common/sysctl.c --- a/xen/common/sysctl.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/common/sysctl.c Fri Jan 11 12:23:39 2013 +0000 @@ -34,15 +34,16 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe struct xen_sysctl curop, *op = &curop; static DEFINE_SPINLOCK(sysctl_lock); - if ( !IS_PRIV(current->domain) ) - return -EPERM; - if ( copy_from_guest(op, u_sysctl, 1) ) return -EFAULT; if ( op->interface_version != XEN_SYSCTL_INTERFACE_VERSION ) return -EACCES; + ret = xsm_sysctl(XSM_PRIV, op->cmd); + if ( ret ) + return ret; + /* * Trylock here avoids deadlock with an existing sysctl critical section * which might (for some current or future reason) want to synchronise @@ -56,7 +57,7 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe switch ( op->cmd ) { case XEN_SYSCTL_readconsole: - ret = xsm_readconsole(op->u.readconsole.clear); + ret = xsm_readconsole(XSM_HOOK, op->u.readconsole.clear); if ( ret ) break; @@ -64,18 +65,10 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe break; case XEN_SYSCTL_tbuf_op: - ret = xsm_tbufcontrol(); - if ( ret ) - break; - ret = tb_control(&op->u.tbuf_op); break; case XEN_SYSCTL_sched_id: - ret = xsm_sched_id(); - if ( ret ) - break; - op->u.sched_id.sched_id = sched_id(); break; @@ -94,7 +87,7 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe if ( num_domains == op->u.getdomaininfolist.max_domains ) break; - ret = xsm_getdomaininfo(d); + ret = xsm_getdomaininfo(XSM_HOOK, d); if ( ret ) continue; @@ -121,20 +114,12 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe #ifdef PERF_COUNTERS case XEN_SYSCTL_perfc_op: - ret = xsm_perfcontrol(); - if ( ret ) - break; - ret = perfc_control(&op->u.perfc_op); break; #endif #ifdef LOCK_PROFILE case XEN_SYSCTL_lockprof_op: - ret = xsm_lockprof(); - if ( ret ) - break; - ret = spinlock_profile_control(&op->u.lockprof_op); break; #endif @@ -143,10 +128,6 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe char c; uint32_t i; - ret = xsm_debug_keys(); - if ( ret ) - break; - ret = -EFAULT; for ( i = 0; i < op->u.debug_keys.nr_keys; i++ ) { @@ -166,10 +147,6 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe nr_cpus = min(op->u.getcpuinfo.max_cpus, nr_cpu_ids); - ret = xsm_getcpuinfo(); - if ( ret ) - break; - ret = -EFAULT; for ( i = 0; i < nr_cpus; i++ ) { @@ -185,10 +162,6 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe break; case XEN_SYSCTL_availheap: - ret = xsm_availheap(); - if ( ret ) - break; - op->u.availheap.avail_bytes = avail_domheap_pages_region( op->u.availheap.node, op->u.availheap.min_bitwidth, @@ -198,18 +171,10 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe #ifdef HAS_ACPI case XEN_SYSCTL_get_pmstat: - ret = xsm_get_pmstat(); - if ( ret ) - break; - ret = do_get_pm_info(&op->u.get_pmstat); break; case XEN_SYSCTL_pm_op: - ret = xsm_pm_op(); - if ( ret ) - break; - ret = do_pm_op(&op->u.pm_op); if ( ret == -EAGAIN ) copyback = 1; @@ -221,7 +186,7 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe uint32_t *status, *ptr; unsigned long pfn; - ret = xsm_page_offline(op->u.page_offline.cmd); + ret = xsm_page_offline(XSM_HOOK, op->u.page_offline.cmd); if ( ret ) break; @@ -277,18 +242,10 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe break; case XEN_SYSCTL_cpupool_op: - ret = xsm_cpupool_op(); - if ( ret ) - break; - ret = cpupool_do_sysctl(&op->u.cpupool_op); break; case XEN_SYSCTL_scheduler_op: - ret = xsm_sched_op(); - if ( ret ) - break; - ret = sched_adjust_global(&op->u.scheduler_op); break; diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/common/tmem.c --- a/xen/common/tmem.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/common/tmem.c Fri Jan 11 12:23:39 2013 +0000 @@ -2644,6 +2644,9 @@ EXPORT long do_tmem_op(tmem_cli_op_t uop if ( !tmem_initialized ) return -ENODEV; + if ( !tmh_current_permitted() ) + return -EPERM; + total_tmem_ops++; if ( tmh_lock_all ) diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/common/xenoprof.c --- a/xen/common/xenoprof.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/common/xenoprof.c Fri Jan 11 12:23:39 2013 +0000 @@ -677,7 +677,7 @@ ret_t do_xenoprof_op(int op, XEN_GUEST_H return -EPERM; } - ret = xsm_profile(current->domain, op); + ret = xsm_profile(XSM_HOOK, current->domain, op); if ( ret ) return ret; diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/drivers/char/console.c --- a/xen/drivers/char/console.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/drivers/char/console.c Fri Jan 11 12:23:39 2013 +0000 @@ -406,13 +406,7 @@ long do_console_io(int cmd, int count, X long rc; unsigned int idx, len; -#ifndef VERBOSE - /* Only domain 0 may access the emergency console. */ - if ( current->domain->domain_id != 0 ) - return -EPERM; -#endif - - rc = xsm_console_io(current->domain, cmd); + rc = xsm_console_io(XSM_OTHER, current->domain, cmd); if ( rc ) return rc; diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/drivers/passthrough/iommu.c --- a/xen/drivers/passthrough/iommu.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/drivers/passthrough/iommu.c Fri Jan 11 12:23:39 2013 +0000 @@ -514,7 +514,7 @@ static int iommu_get_device_group( ((pdev->bus == bus) && (pdev->devfn == devfn)) ) continue; - if ( xsm_get_device_group((seg << 16) | (pdev->bus << 8) | pdev->devfn) ) + if ( xsm_get_device_group(XSM_HOOK, (seg << 16) | (pdev->bus << 8) | pdev->devfn) ) continue; sdev_id = ops->get_device_group_id(seg, pdev->bus, pdev->devfn); @@ -617,7 +617,7 @@ int iommu_do_domctl( u32 max_sdevs; XEN_GUEST_HANDLE_64(uint32) sdevs; - ret = xsm_get_device_group(domctl->u.get_device_group.machine_sbdf); + ret = xsm_get_device_group(XSM_HOOK, domctl->u.get_device_group.machine_sbdf); if ( ret ) break; @@ -645,7 +645,7 @@ int iommu_do_domctl( break; case XEN_DOMCTL_test_assign_device: - ret = xsm_test_assign_device(domctl->u.assign_device.machine_sbdf); + ret = xsm_test_assign_device(XSM_HOOK, domctl->u.assign_device.machine_sbdf); if ( ret ) break; @@ -669,7 +669,7 @@ int iommu_do_domctl( break; } - ret = xsm_assign_device(d, domctl->u.assign_device.machine_sbdf); + ret = xsm_assign_device(XSM_HOOK, d, domctl->u.assign_device.machine_sbdf); if ( ret ) break; @@ -688,7 +688,7 @@ int iommu_do_domctl( break; case XEN_DOMCTL_deassign_device: - ret = xsm_deassign_device(d, domctl->u.assign_device.machine_sbdf); + ret = xsm_deassign_device(XSM_HOOK, d, domctl->u.assign_device.machine_sbdf); if ( ret ) break; diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/drivers/passthrough/pci.c --- a/xen/drivers/passthrough/pci.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/drivers/passthrough/pci.c Fri Jan 11 12:23:39 2013 +0000 @@ -477,7 +477,7 @@ int pci_add_device(u16 seg, u8 bus, u8 d pdev_type = "device"; } - ret = xsm_resource_plug_pci((seg << 16) | (bus << 8) | devfn); + ret = xsm_resource_plug_pci(XSM_PRIV, (seg << 16) | (bus << 8) | devfn); if ( ret ) return ret; @@ -604,7 +604,7 @@ int pci_remove_device(u16 seg, u8 bus, u struct pci_dev *pdev; int ret; - ret = xsm_resource_unplug_pci((seg << 16) | (bus << 8) | devfn); + ret = xsm_resource_unplug_pci(XSM_PRIV, (seg << 16) | (bus << 8) | devfn); if ( ret ) return ret; diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/include/asm-x86/mem_event.h --- a/xen/include/asm-x86/mem_event.h Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/include/asm-x86/mem_event.h Fri Jan 11 12:23:39 2013 +0000 @@ -62,7 +62,6 @@ void mem_event_put_request(struct domain int mem_event_get_response(struct domain *d, struct mem_event_domain *med, mem_event_response_t *rsp); -struct domain *get_mem_event_op_target(uint32_t domain, int *rc); int do_mem_event_op(int op, uint32_t domain, void *arg); int mem_event_domctl(struct domain *d, xen_domctl_mem_event_op_t *mec, XEN_GUEST_HANDLE_PARAM(void) u_domctl); diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/include/xen/sched.h --- a/xen/include/xen/sched.h Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/include/xen/sched.h Fri Jan 11 12:23:39 2013 +0000 @@ -484,6 +484,12 @@ int rcu_lock_remote_target_domain_by_id( */ int rcu_lock_remote_domain_by_id(domid_t dom, struct domain **d); +/* + * As rcu_lock_remote_domain_by_id() but will fail EINVAL if the domain is + * dying. + */ +int rcu_lock_live_remote_domain_by_id(domid_t dom, struct domain **d); + /* Finish a RCU critical region started by rcu_lock_domain_by_id(). */ static inline void rcu_unlock_domain(struct domain *d) { diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/include/xen/tmem_xen.h --- a/xen/include/xen/tmem_xen.h Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/include/xen/tmem_xen.h Fri Jan 11 12:23:39 2013 +0000 @@ -16,6 +16,7 @@ #include /* copy_from_guest */ #include /* hash_long */ #include /* __map_domain_page */ +#include /* xsm_tmem_control */ #include #ifdef CONFIG_COMPAT #include @@ -326,9 +327,14 @@ static inline bool_t tmh_set_client_from return rc; } +static inline bool_t tmh_current_permitted(void) +{ + return !xsm_tmem_op(XSM_HOOK); +} + static inline bool_t tmh_current_is_privileged(void) { - return IS_PRIV(current->domain); + return !xsm_tmem_control(XSM_PRIV); } static inline uint8_t tmh_get_first_byte(pfp_t *pfp) diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/include/xsm/dummy.h --- a/xen/include/xsm/dummy.h Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/include/xsm/dummy.h Fri Jan 11 12:23:39 2013 +0000 @@ -6,167 +6,144 @@ * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2, * as published by the Free Software Foundation. + * + * + * Each XSM hook implementing an access check should have its first parameter + * preceded by XSM_DEFAULT_ARG (or use XSM_DEFAULT_VOID if it has no + * arguments). The first non-declaration statement shold be XSM_ASSERT_ACTION + * with the expected type of the hook, which will either define or check the + * value of action. */ #include #include +/* Cannot use BUILD_BUG_ON here because the expressions we check are not + * considered constant at compile time. Instead, rely on constant propagation to + * inline out the calls to this invalid function, which will cause linker errors + * if references remain at link time. + */ +#define LINKER_BUG_ON(x) do { if (x) __xsm_action_mismatch_detected(); } while (0) +/* DO NOT implement this function; it is supposed to trigger link errors */ +void __xsm_action_mismatch_detected(void); + +#ifdef XSM_ENABLE + +/* In XSM_ENABLE builds, this header file is included from xsm/dummy.c, and + * contains static (not inline) functions compiled to the dummy XSM module. + * There is no xsm_default_t argument available, so the value from the assertion + * is used to initialize the variable. + */ +#define XSM_INLINE /* */ +#define XSM_DEFAULT_ARG /* */ +#define XSM_DEFAULT_VOID void +#define XSM_ASSERT_ACTION(def) xsm_default_t action = def; (void)action + +#else /* XSM_ENABLE */ + +/* In !XSM_ENABLE builds, this header file is included from xsm/xsm.h, and + * contains inline functions for each XSM hook. These functions also perform + * compile-time checks on the xsm_default_t argument to ensure that the behavior + * of the dummy XSM module is the same as the behavior with XSM disabled. + */ +#define XSM_INLINE inline +#define XSM_DEFAULT_ARG xsm_default_t action, +#define XSM_DEFAULT_VOID xsm_default_t action +#define XSM_ASSERT_ACTION(def) LINKER_BUG_ON(def != action) + +#endif /* XSM_ENABLE */ + +static inline int xsm_default_action(xsm_default_t action, struct domain *src, + struct domain *target) +{ + switch ( action ) { + case XSM_HOOK: + return 0; + case XSM_DM_PRIV: + if ( !IS_PRIV_FOR(src, target) ) + return -EPERM; + return 0; + case XSM_TARGET: + if ( src != target && !IS_PRIV_FOR(src, target) ) + return -EPERM; + return 0; + case XSM_PRIV: + if ( !IS_PRIV(src) ) + return -EPERM; + return 0; + default: + LINKER_BUG_ON(1); + return -EPERM; + } +} + static XSM_INLINE void xsm_security_domaininfo(struct domain *d, struct xen_domctl_getdomaininfo *info) { return; } -static XSM_INLINE int xsm_setvcpucontext(struct domain *d) +static XSM_INLINE int xsm_domain_create(XSM_DEFAULT_ARG struct domain *d, u32 ssidref) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_pausedomain(struct domain *d) +static XSM_INLINE int xsm_getdomaininfo(XSM_DEFAULT_ARG struct domain *d) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_unpausedomain(struct domain *d) +static XSM_INLINE int xsm_domctl_scheduler_op(XSM_DEFAULT_ARG struct domain *d, int cmd) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_resumedomain(struct domain *d) +static XSM_INLINE int xsm_sysctl_scheduler_op(XSM_DEFAULT_ARG int cmd) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_domain_create(struct domain *d, u32 ssidref) +static XSM_INLINE int xsm_set_target(XSM_DEFAULT_ARG struct domain *d, struct domain *e) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_max_vcpus(struct domain *d) +static XSM_INLINE int xsm_domctl(XSM_DEFAULT_ARG struct domain *d, int cmd) { - return 0; + XSM_ASSERT_ACTION(XSM_OTHER); + switch ( cmd ) + { + case XEN_DOMCTL_ioport_mapping: + case XEN_DOMCTL_memory_mapping: + case XEN_DOMCTL_bind_pt_irq: + case XEN_DOMCTL_unbind_pt_irq: + return xsm_default_action(XSM_DM_PRIV, current->domain, d); + default: + return xsm_default_action(XSM_PRIV, current->domain, d); + } } -static XSM_INLINE int xsm_destroydomain(struct domain *d) +static XSM_INLINE int xsm_sysctl(XSM_DEFAULT_ARG int cmd) { - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_vcpuaffinity(int cmd, struct domain *d) +static XSM_INLINE int xsm_readconsole(XSM_DEFAULT_ARG uint32_t clear) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_scheduler(struct domain *d) +static XSM_INLINE int xsm_do_mca(XSM_DEFAULT_VOID) { - return 0; -} - -static XSM_INLINE int xsm_getdomaininfo(struct domain *d) -{ - if ( !IS_PRIV(current->domain) ) - return -EPERM; - return 0; -} - -static XSM_INLINE int xsm_getvcpucontext(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_getvcpuinfo(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_domain_settime(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_set_target(struct domain *d, struct domain *e) -{ - return 0; -} - -static XSM_INLINE int xsm_domctl(struct domain *d, int cmd) -{ - return 0; -} - -static XSM_INLINE int xsm_set_virq_handler(struct domain *d, uint32_t virq) -{ - return 0; -} - -static XSM_INLINE int xsm_tbufcontrol(void) -{ - return 0; -} - -static XSM_INLINE int xsm_readconsole(uint32_t clear) -{ - return 0; -} - -static XSM_INLINE int xsm_sched_id(void) -{ - return 0; -} - -static XSM_INLINE int xsm_setdomainmaxmem(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_setdomainhandle(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_setdebugging(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_perfcontrol(void) -{ - return 0; -} - -static XSM_INLINE int xsm_debug_keys(void) -{ - return 0; -} - -static XSM_INLINE int xsm_getcpuinfo(void) -{ - return 0; -} - -static XSM_INLINE int xsm_get_pmstat(void) -{ - return 0; -} - -static XSM_INLINE int xsm_setpminfo(void) -{ - return 0; -} - -static XSM_INLINE int xsm_pm_op(void) -{ - return 0; -} - -static XSM_INLINE int xsm_do_mca(void) -{ - return 0; -} - -static XSM_INLINE int xsm_availheap(void) -{ - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } static XSM_INLINE int xsm_alloc_security_domain(struct domain *d) @@ -179,84 +156,109 @@ static XSM_INLINE void xsm_free_security return; } -static XSM_INLINE int xsm_grant_mapref(struct domain *d1, struct domain *d2, +static XSM_INLINE int xsm_grant_mapref(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2, uint32_t flags) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_grant_unmapref(struct domain *d1, struct domain *d2) +static XSM_INLINE int xsm_grant_unmapref(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_grant_setup(struct domain *d1, struct domain *d2) +static XSM_INLINE int xsm_grant_setup(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_grant_transfer(struct domain *d1, struct domain *d2) +static XSM_INLINE int xsm_grant_transfer(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_grant_copy(struct domain *d1, struct domain *d2) +static XSM_INLINE int xsm_grant_copy(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_grant_query_size(struct domain *d1, struct domain *d2) +static XSM_INLINE int xsm_grant_query_size(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_memory_adjust_reservation(struct domain *d1, +static XSM_INLINE int xsm_memory_exchange(XSM_DEFAULT_ARG struct domain *d) +{ + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, current->domain, d); +} + +static XSM_INLINE int xsm_memory_adjust_reservation(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_memory_stat_reservation(struct domain *d1, struct domain *d2) +static XSM_INLINE int xsm_memory_stat_reservation(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_console_io(struct domain *d, int cmd) +static XSM_INLINE int xsm_console_io(XSM_DEFAULT_ARG struct domain *d, int cmd) { - return 0; + XSM_ASSERT_ACTION(XSM_OTHER); +#ifdef VERBOSE + return xsm_default_action(XSM_HOOK, current->domain, NULL); +#else + return xsm_default_action(XSM_PRIV, current->domain, NULL); +#endif } -static XSM_INLINE int xsm_profile(struct domain *d, int op) +static XSM_INLINE int xsm_profile(XSM_DEFAULT_ARG struct domain *d, int op) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_kexec(void) +static XSM_INLINE int xsm_kexec(XSM_DEFAULT_VOID) { - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_schedop_shutdown(struct domain *d1, struct domain *d2) +static XSM_INLINE int xsm_schedop_shutdown(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - return 0; + XSM_ASSERT_ACTION(XSM_DM_PRIV); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_memory_pin_page(struct domain *d1, struct domain *d2, +static XSM_INLINE int xsm_memory_pin_page(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2, struct page_info *page) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_evtchn_unbound(struct domain *d, struct evtchn *chn, +static XSM_INLINE int xsm_evtchn_unbound(XSM_DEFAULT_ARG struct domain *d, struct evtchn *chn, domid_t id2) { - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_evtchn_interdomain(struct domain *d1, struct evtchn +static XSM_INLINE int xsm_evtchn_interdomain(XSM_DEFAULT_ARG struct domain *d1, struct evtchn *chan1, struct domain *d2, struct evtchn *chan2) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, d1, d2); } static XSM_INLINE void xsm_evtchn_close_post(struct evtchn *chn) @@ -264,19 +266,22 @@ static XSM_INLINE void xsm_evtchn_close_ return; } -static XSM_INLINE int xsm_evtchn_send(struct domain *d, struct evtchn *chn) +static XSM_INLINE int xsm_evtchn_send(XSM_DEFAULT_ARG struct domain *d, struct evtchn *chn) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_evtchn_status(struct domain *d, struct evtchn *chn) +static XSM_INLINE int xsm_evtchn_status(XSM_DEFAULT_ARG struct domain *d, struct evtchn *chn) { - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_evtchn_reset(struct domain *d1, struct domain *d2) +static XSM_INLINE int xsm_evtchn_reset(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d1, d2); } static XSM_INLINE int xsm_alloc_security_evtchn(struct evtchn *chn) @@ -294,89 +299,100 @@ static XSM_INLINE char *xsm_show_securit return NULL; } -static XSM_INLINE int xsm_get_pod_target(struct domain *d) +static XSM_INLINE int xsm_get_pod_target(XSM_DEFAULT_ARG struct domain *d) { - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_set_pod_target(struct domain *d) +static XSM_INLINE int xsm_set_pod_target(XSM_DEFAULT_ARG struct domain *d) { - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_get_device_group(uint32_t machine_bdf) +static XSM_INLINE int xsm_get_device_group(XSM_DEFAULT_ARG uint32_t machine_bdf) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_test_assign_device(uint32_t machine_bdf) +static XSM_INLINE int xsm_test_assign_device(XSM_DEFAULT_ARG uint32_t machine_bdf) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_assign_device(struct domain *d, uint32_t machine_bdf) +static XSM_INLINE int xsm_assign_device(XSM_DEFAULT_ARG struct domain *d, uint32_t machine_bdf) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_deassign_device(struct domain *d, uint32_t machine_bdf) +static XSM_INLINE int xsm_deassign_device(XSM_DEFAULT_ARG struct domain *d, uint32_t machine_bdf) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_resource_plug_core(void) +static XSM_INLINE int xsm_resource_plug_core(XSM_DEFAULT_VOID) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_resource_unplug_core(void) +static XSM_INLINE int xsm_resource_unplug_core(XSM_DEFAULT_VOID) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_resource_plug_pci(uint32_t machine_bdf) +static XSM_INLINE int xsm_resource_plug_pci(XSM_DEFAULT_ARG uint32_t machine_bdf) { - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_resource_unplug_pci(uint32_t machine_bdf) +static XSM_INLINE int xsm_resource_unplug_pci(XSM_DEFAULT_ARG uint32_t machine_bdf) { - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_resource_setup_pci(uint32_t machine_bdf) +static XSM_INLINE int xsm_resource_setup_pci(XSM_DEFAULT_ARG uint32_t machine_bdf) { - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_resource_setup_gsi(int gsi) +static XSM_INLINE int xsm_resource_setup_gsi(XSM_DEFAULT_ARG int gsi) { - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_resource_setup_misc(void) +static XSM_INLINE int xsm_resource_setup_misc(XSM_DEFAULT_VOID) { - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_page_offline(uint32_t cmd) +static XSM_INLINE int xsm_page_offline(XSM_DEFAULT_ARG uint32_t cmd) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_lockprof(void) +static XSM_INLINE int xsm_tmem_op(XSM_DEFAULT_VOID) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_cpupool_op(void) +static XSM_INLINE int xsm_tmem_control(XSM_DEFAULT_VOID) { - return 0; -} - -static XSM_INLINE int xsm_sched_op(void) -{ - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } static XSM_INLINE long xsm_do_xsm_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) @@ -389,240 +405,179 @@ static XSM_INLINE char *xsm_show_irq_sid return NULL; } -static XSM_INLINE int xsm_map_domain_pirq(struct domain *d, int irq, void *data) +static XSM_INLINE int xsm_map_domain_pirq(XSM_DEFAULT_ARG struct domain *d, int irq, void *data) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_unmap_domain_pirq(struct domain *d, int irq) +static XSM_INLINE int xsm_unmap_domain_pirq(XSM_DEFAULT_ARG struct domain *d, int irq) { - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_irq_permission(struct domain *d, int pirq, uint8_t allow) +static XSM_INLINE int xsm_irq_permission(XSM_DEFAULT_ARG struct domain *d, int pirq, uint8_t allow) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_iomem_permission(struct domain *d, uint64_t s, uint64_t e, uint8_t allow) +static XSM_INLINE int xsm_iomem_permission(XSM_DEFAULT_ARG struct domain *d, uint64_t s, uint64_t e, uint8_t allow) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_iomem_mapping(struct domain *d, uint64_t s, uint64_t e, uint8_t allow) +static XSM_INLINE int xsm_iomem_mapping(XSM_DEFAULT_ARG struct domain *d, uint64_t s, uint64_t e, uint8_t allow) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_pci_config_permission(struct domain *d, uint32_t machine_bdf, +static XSM_INLINE int xsm_pci_config_permission(XSM_DEFAULT_ARG struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } #ifdef CONFIG_X86 -static XSM_INLINE int xsm_shadow_control(struct domain *d, uint32_t op) +static XSM_INLINE int xsm_shadow_control(XSM_DEFAULT_ARG struct domain *d, uint32_t op) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_getpageframeinfo(struct domain *d) +static XSM_INLINE int xsm_hvm_param(XSM_DEFAULT_ARG struct domain *d, unsigned long op) { - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_getmemlist(struct domain *d) +static XSM_INLINE int xsm_hvm_set_pci_intx_level(XSM_DEFAULT_ARG struct domain *d) { - return 0; + XSM_ASSERT_ACTION(XSM_DM_PRIV); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_hypercall_init(struct domain *d) +static XSM_INLINE int xsm_hvm_set_isa_irq_level(XSM_DEFAULT_ARG struct domain *d) { - return 0; + XSM_ASSERT_ACTION(XSM_DM_PRIV); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_hvmcontext(struct domain *d, uint32_t cmd) +static XSM_INLINE int xsm_hvm_set_pci_link_route(XSM_DEFAULT_ARG struct domain *d) { - return 0; + XSM_ASSERT_ACTION(XSM_DM_PRIV); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_address_size(struct domain *d, uint32_t cmd) +static XSM_INLINE int xsm_hvm_inject_msi(XSM_DEFAULT_ARG struct domain *d) { - return 0; + XSM_ASSERT_ACTION(XSM_DM_PRIV); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_machine_address_size(struct domain *d, uint32_t cmd) +static XSM_INLINE int xsm_mem_event_control(XSM_DEFAULT_ARG struct domain *d, int mode, int op) { - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_hvm_param(struct domain *d, unsigned long op) +static XSM_INLINE int xsm_mem_event_op(XSM_DEFAULT_ARG struct domain *d, int op) { - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_hvm_set_pci_intx_level(struct domain *d) +static XSM_INLINE int xsm_mem_sharing_op(XSM_DEFAULT_ARG struct domain *d, struct domain *cd, int op) { - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, current->domain, cd); } -static XSM_INLINE int xsm_hvm_set_isa_irq_level(struct domain *d) +static XSM_INLINE int xsm_apic(XSM_DEFAULT_ARG struct domain *d, int cmd) { - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, d, NULL); } -static XSM_INLINE int xsm_hvm_set_pci_link_route(struct domain *d) +static XSM_INLINE int xsm_platform_op(XSM_DEFAULT_ARG uint32_t op) { - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_hvm_inject_msi(struct domain *d) +static XSM_INLINE int xsm_machine_memory_map(XSM_DEFAULT_VOID) { - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_mem_event(struct domain *d) +static XSM_INLINE int xsm_domain_memory_map(XSM_DEFAULT_ARG struct domain *d) { - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_mem_sharing(struct domain *d) +static XSM_INLINE int xsm_mmu_update(XSM_DEFAULT_ARG struct domain *d, struct domain *t, + struct domain *f, uint32_t flags) { - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + if ( t && d != t && !IS_PRIV_FOR(d, t) ) + return -EPERM; + return xsm_default_action(action, d, f); } -static XSM_INLINE int xsm_apic(struct domain *d, int cmd) +static XSM_INLINE int xsm_mmuext_op(XSM_DEFAULT_ARG struct domain *d, struct domain *f) { - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d, f); } -static XSM_INLINE int xsm_xen_settime(void) +static XSM_INLINE int xsm_update_va_mapping(XSM_DEFAULT_ARG struct domain *d, struct domain *f, + l1_pgentry_t pte) { - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d, f); } -static XSM_INLINE int xsm_memtype(uint32_t access) +static XSM_INLINE int xsm_add_to_physmap(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_microcode(void) +static XSM_INLINE int xsm_remove_from_physmap(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_physinfo(void) +static XSM_INLINE int xsm_bind_pt_irq(XSM_DEFAULT_ARG struct domain *d, struct xen_domctl_bind_pt_irq *bind) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_platform_quirk(uint32_t quirk) +static XSM_INLINE int xsm_unbind_pt_irq(XSM_DEFAULT_ARG struct domain *d, struct xen_domctl_bind_pt_irq *bind) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_firmware_info(void) +static XSM_INLINE int xsm_ioport_permission(XSM_DEFAULT_ARG struct domain *d, uint32_t s, uint32_t e, uint8_t allow) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_efi_call(void) +static XSM_INLINE int xsm_ioport_mapping(XSM_DEFAULT_ARG struct domain *d, uint32_t s, uint32_t e, uint8_t allow) { - return 0; -} - -static XSM_INLINE int xsm_acpi_sleep(void) -{ - return 0; -} - -static XSM_INLINE int xsm_change_freq(void) -{ - return 0; -} - -static XSM_INLINE int xsm_getidletime(void) -{ - return 0; -} - -static XSM_INLINE int xsm_machine_memory_map(void) -{ - return 0; -} - -static XSM_INLINE int xsm_domain_memory_map(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_mmu_normal_update(struct domain *d, struct domain *t, - struct domain *f, intpte_t fpte) -{ - return 0; -} - -static XSM_INLINE int xsm_mmu_machphys_update(struct domain *d, struct domain *f, - unsigned long mfn) -{ - return 0; -} - -static XSM_INLINE int xsm_update_va_mapping(struct domain *d, struct domain *f, - l1_pgentry_t pte) -{ - return 0; -} - -static XSM_INLINE int xsm_add_to_physmap(struct domain *d1, struct domain *d2) -{ - return 0; -} - -static XSM_INLINE int xsm_remove_from_physmap(struct domain *d1, struct domain *d2) -{ - return 0; -} - -static XSM_INLINE int xsm_sendtrigger(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_bind_pt_irq(struct domain *d, struct xen_domctl_bind_pt_irq *bind) -{ - return 0; -} - -static XSM_INLINE int xsm_unbind_pt_irq(struct domain *d, struct xen_domctl_bind_pt_irq *bind) -{ - return 0; -} - -static XSM_INLINE int xsm_pin_mem_cacheattr(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_ext_vcpucontext(struct domain *d, uint32_t cmd) -{ - return 0; -} - -static XSM_INLINE int xsm_vcpuextstate(struct domain *d, uint32_t cmd) -{ - return 0; -} - -static XSM_INLINE int xsm_ioport_permission(struct domain *d, uint32_t s, uint32_t e, uint8_t allow) -{ - return 0; -} - -static XSM_INLINE int xsm_ioport_mapping(struct domain *d, uint32_t s, uint32_t e, uint8_t allow) -{ - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } #endif diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/include/xsm/xsm.h --- a/xen/include/xsm/xsm.h Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/include/xsm/xsm.h Fri Jan 11 12:23:39 2013 +0000 @@ -27,7 +27,17 @@ typedef u32 xsm_magic_t; #define XSM_MAGIC 0x00000000 #endif -#ifdef XSM_ENABLE +/* These annotations are used by callers and in dummy.h to document the + * default actions of XSM hooks. They should be compiled out otherwise. + */ +enum xsm_default { + XSM_HOOK, /* Guests can normally access the hypercall */ + XSM_DM_PRIV, /* Device model can perform on its target domain */ + XSM_TARGET, /* Can perform on self or your target domain */ + XSM_PRIV, /* Privileged - normally restricted to dom0 */ + XSM_OTHER /* Something more complex */ +}; +typedef enum xsm_default xsm_default_t; extern char *policy_buffer; extern u32 policy_size; @@ -43,35 +53,14 @@ extern xsm_initcall_t __xsm_initcall_sta struct xsm_operations { void (*security_domaininfo) (struct domain *d, struct xen_domctl_getdomaininfo *info); - int (*setvcpucontext) (struct domain *d); - int (*pausedomain) (struct domain *d); - int (*unpausedomain) (struct domain *d); - int (*resumedomain) (struct domain *d); int (*domain_create) (struct domain *d, u32 ssidref); - int (*max_vcpus) (struct domain *d); - int (*destroydomain) (struct domain *d); - int (*vcpuaffinity) (int cmd, struct domain *d); - int (*scheduler) (struct domain *d); int (*getdomaininfo) (struct domain *d); - int (*getvcpucontext) (struct domain *d); - int (*getvcpuinfo) (struct domain *d); - int (*domain_settime) (struct domain *d); + int (*domctl_scheduler_op) (struct domain *d, int op); + int (*sysctl_scheduler_op) (int op); int (*set_target) (struct domain *d, struct domain *e); int (*domctl) (struct domain *d, int cmd); - int (*set_virq_handler) (struct domain *d, uint32_t virq); - int (*tbufcontrol) (void); + int (*sysctl) (int cmd); int (*readconsole) (uint32_t clear); - int (*sched_id) (void); - int (*setdomainmaxmem) (struct domain *d); - int (*setdomainhandle) (struct domain *d); - int (*setdebugging) (struct domain *d); - int (*perfcontrol) (void); - int (*debug_keys) (void); - int (*getcpuinfo) (void); - int (*availheap) (void); - int (*get_pmstat) (void); - int (*setpminfo) (void); - int (*pm_op) (void); int (*do_mca) (void); int (*evtchn_unbound) (struct domain *d, struct evtchn *chn, domid_t id2); @@ -97,6 +86,7 @@ struct xsm_operations { int (*get_pod_target) (struct domain *d); int (*set_pod_target) (struct domain *d); + int (*memory_exchange) (struct domain *d); int (*memory_adjust_reservation) (struct domain *d1, struct domain *d2); int (*memory_stat_reservation) (struct domain *d1, struct domain *d2); int (*memory_pin_page) (struct domain *d1, struct domain *d2, struct page_info *page); @@ -131,56 +121,44 @@ struct xsm_operations { int (*resource_setup_misc) (void); int (*page_offline)(uint32_t cmd); - int (*lockprof)(void); - int (*cpupool_op)(void); - int (*sched_op)(void); + int (*tmem_op)(void); + int (*tmem_control)(void); long (*do_xsm_op) (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op); #ifdef CONFIG_X86 int (*shadow_control) (struct domain *d, uint32_t op); - int (*getpageframeinfo) (struct domain *d); - int (*getmemlist) (struct domain *d); - int (*hypercall_init) (struct domain *d); - int (*hvmcontext) (struct domain *d, uint32_t op); - int (*address_size) (struct domain *d, uint32_t op); - int (*machine_address_size) (struct domain *d, uint32_t op); int (*hvm_param) (struct domain *d, unsigned long op); int (*hvm_set_pci_intx_level) (struct domain *d); int (*hvm_set_isa_irq_level) (struct domain *d); int (*hvm_set_pci_link_route) (struct domain *d); int (*hvm_inject_msi) (struct domain *d); - int (*mem_event) (struct domain *d); - int (*mem_sharing) (struct domain *d); + int (*mem_event_control) (struct domain *d, int mode, int op); + int (*mem_event_op) (struct domain *d, int op); + int (*mem_sharing_op) (struct domain *d, struct domain *cd, int op); int (*apic) (struct domain *d, int cmd); - int (*xen_settime) (void); int (*memtype) (uint32_t access); - int (*microcode) (void); - int (*physinfo) (void); - int (*platform_quirk) (uint32_t); - int (*firmware_info) (void); - int (*efi_call) (void); - int (*acpi_sleep) (void); - int (*change_freq) (void); - int (*getidletime) (void); + int (*platform_op) (uint32_t cmd); int (*machine_memory_map) (void); int (*domain_memory_map) (struct domain *d); - int (*mmu_normal_update) (struct domain *d, struct domain *t, - struct domain *f, intpte_t fpte); - int (*mmu_machphys_update) (struct domain *d1, struct domain *d2, unsigned long mfn); +#define XSM_MMU_UPDATE_READ 1 +#define XSM_MMU_UPDATE_WRITE 2 +#define XSM_MMU_NORMAL_UPDATE 4 +#define XSM_MMU_MACHPHYS_UPDATE 8 + int (*mmu_update) (struct domain *d, struct domain *t, + struct domain *f, uint32_t flags); + int (*mmuext_op) (struct domain *d, struct domain *f); int (*update_va_mapping) (struct domain *d, struct domain *f, l1_pgentry_t pte); int (*add_to_physmap) (struct domain *d1, struct domain *d2); - int (*sendtrigger) (struct domain *d); int (*bind_pt_irq) (struct domain *d, struct xen_domctl_bind_pt_irq *bind); int (*unbind_pt_irq) (struct domain *d, struct xen_domctl_bind_pt_irq *bind); - int (*pin_mem_cacheattr) (struct domain *d); - int (*ext_vcpucontext) (struct domain *d, uint32_t cmd); - int (*vcpuextstate) (struct domain *d, uint32_t cmd); int (*ioport_permission) (struct domain *d, uint32_t s, uint32_t e, uint8_t allow); int (*ioport_mapping) (struct domain *d, uint32_t s, uint32_t e, uint8_t allow); #endif }; +#ifdef XSM_ENABLE + extern struct xsm_operations *xsm_ops; #ifndef XSM_NO_WRAPPERS @@ -191,163 +169,58 @@ static inline void xsm_security_domainin xsm_ops->security_domaininfo(d, info); } -static inline int xsm_setvcpucontext(struct domain *d) -{ - return xsm_ops->setvcpucontext(d); -} - -static inline int xsm_pausedomain (struct domain *d) -{ - return xsm_ops->pausedomain(d); -} - -static inline int xsm_unpausedomain (struct domain *d) -{ - return xsm_ops->unpausedomain(d); -} - -static inline int xsm_resumedomain (struct domain *d) -{ - return xsm_ops->resumedomain(d); -} - -static inline int xsm_domain_create (struct domain *d, u32 ssidref) +static inline int xsm_domain_create (xsm_default_t def, struct domain *d, u32 ssidref) { return xsm_ops->domain_create(d, ssidref); } -static inline int xsm_max_vcpus(struct domain *d) -{ - return xsm_ops->max_vcpus(d); -} - -static inline int xsm_destroydomain (struct domain *d) -{ - return xsm_ops->destroydomain(d); -} - -static inline int xsm_vcpuaffinity (int cmd, struct domain *d) -{ - return xsm_ops->vcpuaffinity(cmd, d); -} - -static inline int xsm_scheduler (struct domain *d) -{ - return xsm_ops->scheduler(d); -} - -static inline int xsm_getdomaininfo (struct domain *d) +static inline int xsm_getdomaininfo (xsm_default_t def, struct domain *d) { return xsm_ops->getdomaininfo(d); } -static inline int xsm_getvcpucontext (struct domain *d) +static inline int xsm_domctl_scheduler_op (xsm_default_t def, struct domain *d, int cmd) { - return xsm_ops->getvcpucontext(d); + return xsm_ops->domctl_scheduler_op(d, cmd); } -static inline int xsm_getvcpuinfo (struct domain *d) +static inline int xsm_sysctl_scheduler_op (xsm_default_t def, int cmd) { - return xsm_ops->getvcpuinfo(d); + return xsm_ops->sysctl_scheduler_op(cmd); } -static inline int xsm_domain_settime (struct domain *d) -{ - return xsm_ops->domain_settime(d); -} - -static inline int xsm_set_target (struct domain *d, struct domain *e) +static inline int xsm_set_target (xsm_default_t def, struct domain *d, struct domain *e) { return xsm_ops->set_target(d, e); } -static inline int xsm_domctl (struct domain *d, int cmd) +static inline int xsm_domctl (xsm_default_t def, struct domain *d, int cmd) { return xsm_ops->domctl(d, cmd); } -static inline int xsm_set_virq_handler (struct domain *d, uint32_t virq) +static inline int xsm_sysctl (xsm_default_t def, int cmd) { - return xsm_ops->set_virq_handler(d, virq); + return xsm_ops->sysctl(cmd); } -static inline int xsm_tbufcontrol (void) -{ - return xsm_ops->tbufcontrol(); -} - -static inline int xsm_readconsole (uint32_t clear) +static inline int xsm_readconsole (xsm_default_t def, uint32_t clear) { return xsm_ops->readconsole(clear); } -static inline int xsm_sched_id (void) -{ - return xsm_ops->sched_id(); -} - -static inline int xsm_setdomainmaxmem (struct domain *d) -{ - return xsm_ops->setdomainmaxmem(d); -} - -static inline int xsm_setdomainhandle (struct domain *d) -{ - return xsm_ops->setdomainhandle(d); -} - -static inline int xsm_setdebugging (struct domain *d) -{ - return xsm_ops->setdebugging(d); -} - -static inline int xsm_perfcontrol (void) -{ - return xsm_ops->perfcontrol(); -} - -static inline int xsm_debug_keys (void) -{ - return xsm_ops->debug_keys(); -} - -static inline int xsm_availheap (void) -{ - return xsm_ops->availheap(); -} - -static inline int xsm_getcpuinfo (void) -{ - return xsm_ops->getcpuinfo(); -} - -static inline int xsm_get_pmstat(void) -{ - return xsm_ops->get_pmstat(); -} - -static inline int xsm_setpminfo(void) -{ - return xsm_ops->setpminfo(); -} - -static inline int xsm_pm_op(void) -{ - return xsm_ops->pm_op(); -} - -static inline int xsm_do_mca(void) +static inline int xsm_do_mca(xsm_default_t def) { return xsm_ops->do_mca(); } -static inline int xsm_evtchn_unbound (struct domain *d1, struct evtchn *chn, +static inline int xsm_evtchn_unbound (xsm_default_t def, struct domain *d1, struct evtchn *chn, domid_t id2) { return xsm_ops->evtchn_unbound(d1, chn, id2); } -static inline int xsm_evtchn_interdomain (struct domain *d1, +static inline int xsm_evtchn_interdomain (xsm_default_t def, struct domain *d1, struct evtchn *chan1, struct domain *d2, struct evtchn *chan2) { return xsm_ops->evtchn_interdomain(d1, chan1, d2, chan2); @@ -358,48 +231,48 @@ static inline void xsm_evtchn_close_post xsm_ops->evtchn_close_post(chn); } -static inline int xsm_evtchn_send (struct domain *d, struct evtchn *chn) +static inline int xsm_evtchn_send (xsm_default_t def, struct domain *d, struct evtchn *chn) { return xsm_ops->evtchn_send(d, chn); } -static inline int xsm_evtchn_status (struct domain *d, struct evtchn *chn) +static inline int xsm_evtchn_status (xsm_default_t def, struct domain *d, struct evtchn *chn) { return xsm_ops->evtchn_status(d, chn); } -static inline int xsm_evtchn_reset (struct domain *d1, struct domain *d2) +static inline int xsm_evtchn_reset (xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->evtchn_reset(d1, d2); } -static inline int xsm_grant_mapref (struct domain *d1, struct domain *d2, +static inline int xsm_grant_mapref (xsm_default_t def, struct domain *d1, struct domain *d2, uint32_t flags) { return xsm_ops->grant_mapref(d1, d2, flags); } -static inline int xsm_grant_unmapref (struct domain *d1, struct domain *d2) +static inline int xsm_grant_unmapref (xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->grant_unmapref(d1, d2); } -static inline int xsm_grant_setup (struct domain *d1, struct domain *d2) +static inline int xsm_grant_setup (xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->grant_setup(d1, d2); } -static inline int xsm_grant_transfer (struct domain *d1, struct domain *d2) +static inline int xsm_grant_transfer (xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->grant_transfer(d1, d2); } -static inline int xsm_grant_copy (struct domain *d1, struct domain *d2) +static inline int xsm_grant_copy (xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->grant_copy(d1, d2); } -static inline int xsm_grant_query_size (struct domain *d1, struct domain *d2) +static inline int xsm_grant_query_size (xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->grant_query_size(d1, d2); } @@ -429,55 +302,60 @@ static inline char *xsm_show_security_ev return xsm_ops->show_security_evtchn(d, chn); } -static inline int xsm_get_pod_target (struct domain *d) +static inline int xsm_get_pod_target (xsm_default_t def, struct domain *d) { return xsm_ops->get_pod_target(d); } -static inline int xsm_set_pod_target (struct domain *d) +static inline int xsm_set_pod_target (xsm_default_t def, struct domain *d) { return xsm_ops->set_pod_target(d); } -static inline int xsm_memory_adjust_reservation (struct domain *d1, struct +static inline int xsm_memory_exchange (xsm_default_t def, struct domain *d) +{ + return xsm_ops->memory_exchange(d); +} + +static inline int xsm_memory_adjust_reservation (xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->memory_adjust_reservation(d1, d2); } -static inline int xsm_memory_stat_reservation (struct domain *d1, +static inline int xsm_memory_stat_reservation (xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->memory_stat_reservation(d1, d2); } -static inline int xsm_memory_pin_page(struct domain *d1, struct domain *d2, +static inline int xsm_memory_pin_page(xsm_default_t def, struct domain *d1, struct domain *d2, struct page_info *page) { return xsm_ops->memory_pin_page(d1, d2, page); } -static inline int xsm_remove_from_physmap(struct domain *d1, struct domain *d2) +static inline int xsm_remove_from_physmap(xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->remove_from_physmap(d1, d2); } -static inline int xsm_console_io (struct domain *d, int cmd) +static inline int xsm_console_io (xsm_default_t def, struct domain *d, int cmd) { return xsm_ops->console_io(d, cmd); } -static inline int xsm_profile (struct domain *d, int op) +static inline int xsm_profile (xsm_default_t def, struct domain *d, int op) { return xsm_ops->profile(d, op); } -static inline int xsm_kexec (void) +static inline int xsm_kexec (xsm_default_t def) { return xsm_ops->kexec(); } -static inline int xsm_schedop_shutdown (struct domain *d1, struct domain *d2) +static inline int xsm_schedop_shutdown (xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->schedop_shutdown(d1, d2); } @@ -487,109 +365,104 @@ static inline char *xsm_show_irq_sid (in return xsm_ops->show_irq_sid(irq); } -static inline int xsm_map_domain_pirq (struct domain *d, int irq, void *data) +static inline int xsm_map_domain_pirq (xsm_default_t def, struct domain *d, int irq, void *data) { return xsm_ops->map_domain_pirq(d, irq, data); } -static inline int xsm_unmap_domain_pirq (struct domain *d, int irq) +static inline int xsm_unmap_domain_pirq (xsm_default_t def, struct domain *d, int irq) { return xsm_ops->unmap_domain_pirq(d, irq); } -static inline int xsm_irq_permission (struct domain *d, int pirq, uint8_t allow) +static inline int xsm_irq_permission (xsm_default_t def, struct domain *d, int pirq, uint8_t allow) { return xsm_ops->irq_permission(d, pirq, allow); } -static inline int xsm_iomem_permission (struct domain *d, uint64_t s, uint64_t e, uint8_t allow) +static inline int xsm_iomem_permission (xsm_default_t def, struct domain *d, uint64_t s, uint64_t e, uint8_t allow) { return xsm_ops->iomem_permission(d, s, e, allow); } -static inline int xsm_iomem_mapping (struct domain *d, uint64_t s, uint64_t e, uint8_t allow) +static inline int xsm_iomem_mapping (xsm_default_t def, struct domain *d, uint64_t s, uint64_t e, uint8_t allow) { return xsm_ops->iomem_mapping(d, s, e, allow); } -static inline int xsm_pci_config_permission (struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access) +static inline int xsm_pci_config_permission (xsm_default_t def, struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access) { return xsm_ops->pci_config_permission(d, machine_bdf, start, end, access); } -static inline int xsm_get_device_group(uint32_t machine_bdf) +static inline int xsm_get_device_group(xsm_default_t def, uint32_t machine_bdf) { return xsm_ops->get_device_group(machine_bdf); } -static inline int xsm_test_assign_device(uint32_t machine_bdf) +static inline int xsm_test_assign_device(xsm_default_t def, uint32_t machine_bdf) { return xsm_ops->test_assign_device(machine_bdf); } -static inline int xsm_assign_device(struct domain *d, uint32_t machine_bdf) +static inline int xsm_assign_device(xsm_default_t def, struct domain *d, uint32_t machine_bdf) { return xsm_ops->assign_device(d, machine_bdf); } -static inline int xsm_deassign_device(struct domain *d, uint32_t machine_bdf) +static inline int xsm_deassign_device(xsm_default_t def, struct domain *d, uint32_t machine_bdf) { return xsm_ops->deassign_device(d, machine_bdf); } -static inline int xsm_resource_plug_pci (uint32_t machine_bdf) +static inline int xsm_resource_plug_pci (xsm_default_t def, uint32_t machine_bdf) { return xsm_ops->resource_plug_pci(machine_bdf); } -static inline int xsm_resource_unplug_pci (uint32_t machine_bdf) +static inline int xsm_resource_unplug_pci (xsm_default_t def, uint32_t machine_bdf) { return xsm_ops->resource_unplug_pci(machine_bdf); } -static inline int xsm_resource_plug_core (void) +static inline int xsm_resource_plug_core (xsm_default_t def) { return xsm_ops->resource_plug_core(); } -static inline int xsm_resource_unplug_core (void) +static inline int xsm_resource_unplug_core (xsm_default_t def) { return xsm_ops->resource_unplug_core(); } -static inline int xsm_resource_setup_pci (uint32_t machine_bdf) +static inline int xsm_resource_setup_pci (xsm_default_t def, uint32_t machine_bdf) { return xsm_ops->resource_setup_pci(machine_bdf); } -static inline int xsm_resource_setup_gsi (int gsi) +static inline int xsm_resource_setup_gsi (xsm_default_t def, int gsi) { return xsm_ops->resource_setup_gsi(gsi); } -static inline int xsm_resource_setup_misc (void) +static inline int xsm_resource_setup_misc (xsm_default_t def) { return xsm_ops->resource_setup_misc(); } -static inline int xsm_page_offline(uint32_t cmd) +static inline int xsm_page_offline(xsm_default_t def, uint32_t cmd) { return xsm_ops->page_offline(cmd); } -static inline int xsm_lockprof(void) +static inline int xsm_tmem_op(xsm_default_t def) { - return xsm_ops->lockprof(); + return xsm_ops->tmem_op(); } -static inline int xsm_cpupool_op(void) +static inline int xsm_tmem_control(xsm_default_t def) { - return xsm_ops->cpupool_op(); -} - -static inline int xsm_sched_op(void) -{ - return xsm_ops->sched_op(); + return xsm_ops->tmem_control(); } static inline long xsm_do_xsm_op (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) @@ -598,201 +471,116 @@ static inline long xsm_do_xsm_op (XEN_GU } #ifdef CONFIG_X86 -static inline int xsm_shadow_control (struct domain *d, uint32_t op) +static inline int xsm_shadow_control (xsm_default_t def, struct domain *d, uint32_t op) { return xsm_ops->shadow_control(d, op); } -static inline int xsm_getpageframeinfo (struct domain *d) -{ - return xsm_ops->getpageframeinfo(d); -} - -static inline int xsm_getmemlist (struct domain *d) -{ - return xsm_ops->getmemlist(d); -} - -static inline int xsm_hypercall_init (struct domain *d) -{ - return xsm_ops->hypercall_init(d); -} - -static inline int xsm_hvmcontext (struct domain *d, uint32_t cmd) -{ - return xsm_ops->hvmcontext(d, cmd); -} - -static inline int xsm_address_size (struct domain *d, uint32_t cmd) -{ - return xsm_ops->address_size(d, cmd); -} - -static inline int xsm_machine_address_size (struct domain *d, uint32_t cmd) -{ - return xsm_ops->machine_address_size(d, cmd); -} - -static inline int xsm_hvm_param (struct domain *d, unsigned long op) +static inline int xsm_hvm_param (xsm_default_t def, struct domain *d, unsigned long op) { return xsm_ops->hvm_param(d, op); } -static inline int xsm_hvm_set_pci_intx_level (struct domain *d) +static inline int xsm_hvm_set_pci_intx_level (xsm_default_t def, struct domain *d) { return xsm_ops->hvm_set_pci_intx_level(d); } -static inline int xsm_hvm_set_isa_irq_level (struct domain *d) +static inline int xsm_hvm_set_isa_irq_level (xsm_default_t def, struct domain *d) { return xsm_ops->hvm_set_isa_irq_level(d); } -static inline int xsm_hvm_set_pci_link_route (struct domain *d) +static inline int xsm_hvm_set_pci_link_route (xsm_default_t def, struct domain *d) { return xsm_ops->hvm_set_pci_link_route(d); } -static inline int xsm_hvm_inject_msi (struct domain *d) +static inline int xsm_hvm_inject_msi (xsm_default_t def, struct domain *d) { return xsm_ops->hvm_inject_msi(d); } -static inline int xsm_mem_event (struct domain *d) +static inline int xsm_mem_event_control (xsm_default_t def, struct domain *d, int mode, int op) { - return xsm_ops->mem_event(d); + return xsm_ops->mem_event_control(d, mode, op); } -static inline int xsm_mem_sharing (struct domain *d) +static inline int xsm_mem_event_op (xsm_default_t def, struct domain *d, int op) { - return xsm_ops->mem_sharing(d); + return xsm_ops->mem_event_op(d, op); } -static inline int xsm_apic (struct domain *d, int cmd) +static inline int xsm_mem_sharing_op (xsm_default_t def, struct domain *d, struct domain *cd, int op) +{ + return xsm_ops->mem_sharing_op(d, cd, op); +} + +static inline int xsm_apic (xsm_default_t def, struct domain *d, int cmd) { return xsm_ops->apic(d, cmd); } -static inline int xsm_xen_settime (void) -{ - return xsm_ops->xen_settime(); -} - -static inline int xsm_memtype (uint32_t access) +static inline int xsm_memtype (xsm_default_t def, uint32_t access) { return xsm_ops->memtype(access); } -static inline int xsm_microcode (void) +static inline int xsm_platform_op (xsm_default_t def, uint32_t op) { - return xsm_ops->microcode(); + return xsm_ops->platform_op(op); } -static inline int xsm_physinfo (void) -{ - return xsm_ops->physinfo(); -} - -static inline int xsm_platform_quirk (uint32_t quirk) -{ - return xsm_ops->platform_quirk(quirk); -} - -static inline int xsm_firmware_info (void) -{ - return xsm_ops->firmware_info(); -} - -static inline int xsm_efi_call (void) -{ - return xsm_ops->efi_call(); -} - -static inline int xsm_acpi_sleep (void) -{ - return xsm_ops->acpi_sleep(); -} - -static inline int xsm_change_freq (void) -{ - return xsm_ops->change_freq(); -} - -static inline int xsm_getidletime (void) -{ - return xsm_ops->getidletime(); -} - -static inline int xsm_machine_memory_map(void) +static inline int xsm_machine_memory_map(xsm_default_t def) { return xsm_ops->machine_memory_map(); } -static inline int xsm_domain_memory_map(struct domain *d) +static inline int xsm_domain_memory_map(xsm_default_t def, struct domain *d) { return xsm_ops->domain_memory_map(d); } -static inline int xsm_mmu_normal_update (struct domain *d, struct domain *t, - struct domain *f, intpte_t fpte) +static inline int xsm_mmu_update (xsm_default_t def, struct domain *d, struct domain *t, + struct domain *f, uint32_t flags) { - return xsm_ops->mmu_normal_update(d, t, f, fpte); + return xsm_ops->mmu_update(d, t, f, flags); } -static inline int xsm_mmu_machphys_update (struct domain *d1, struct domain *d2, - unsigned long mfn) +static inline int xsm_mmuext_op (xsm_default_t def, struct domain *d, struct domain *f) { - return xsm_ops->mmu_machphys_update(d1, d2, mfn); + return xsm_ops->mmuext_op(d, f); } -static inline int xsm_update_va_mapping(struct domain *d, struct domain *f, +static inline int xsm_update_va_mapping(xsm_default_t def, struct domain *d, struct domain *f, l1_pgentry_t pte) { return xsm_ops->update_va_mapping(d, f, pte); } -static inline int xsm_add_to_physmap(struct domain *d1, struct domain *d2) +static inline int xsm_add_to_physmap(xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->add_to_physmap(d1, d2); } -static inline int xsm_sendtrigger(struct domain *d) -{ - return xsm_ops->sendtrigger(d); -} - -static inline int xsm_bind_pt_irq(struct domain *d, +static inline int xsm_bind_pt_irq(xsm_default_t def, struct domain *d, struct xen_domctl_bind_pt_irq *bind) { return xsm_ops->bind_pt_irq(d, bind); } -static inline int xsm_unbind_pt_irq(struct domain *d, +static inline int xsm_unbind_pt_irq(xsm_default_t def, struct domain *d, struct xen_domctl_bind_pt_irq *bind) { return xsm_ops->unbind_pt_irq(d, bind); } -static inline int xsm_pin_mem_cacheattr(struct domain *d) -{ - return xsm_ops->pin_mem_cacheattr(d); -} - -static inline int xsm_ext_vcpucontext(struct domain *d, uint32_t cmd) -{ - return xsm_ops->ext_vcpucontext(d, cmd); -} -static inline int xsm_vcpuextstate(struct domain *d, uint32_t cmd) -{ - return xsm_ops->vcpuextstate(d, cmd); -} - -static inline int xsm_ioport_permission (struct domain *d, uint32_t s, uint32_t e, uint8_t allow) +static inline int xsm_ioport_permission (xsm_default_t def, struct domain *d, uint32_t s, uint32_t e, uint8_t allow) { return xsm_ops->ioport_permission(d, s, e, allow); } -static inline int xsm_ioport_mapping (struct domain *d, uint32_t s, uint32_t e, uint8_t allow) +static inline int xsm_ioport_mapping (xsm_default_t def, struct domain *d, uint32_t s, uint32_t e, uint8_t allow) { return xsm_ops->ioport_mapping(d, s, e, allow); } @@ -812,7 +600,6 @@ extern void xsm_fixup_ops(struct xsm_ope #else /* XSM_ENABLE */ -#define XSM_INLINE inline #include static inline int xsm_init (unsigned long *module_map, diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/xsm/dummy.c --- a/xen/xsm/dummy.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/xsm/dummy.c Fri Jan 11 12:23:39 2013 +0000 @@ -30,35 +30,14 @@ struct xsm_operations dummy_xsm_ops; void xsm_fixup_ops (struct xsm_operations *ops) { set_to_dummy_if_null(ops, security_domaininfo); - set_to_dummy_if_null(ops, setvcpucontext); - set_to_dummy_if_null(ops, pausedomain); - set_to_dummy_if_null(ops, unpausedomain); - set_to_dummy_if_null(ops, resumedomain); set_to_dummy_if_null(ops, domain_create); - set_to_dummy_if_null(ops, max_vcpus); - set_to_dummy_if_null(ops, destroydomain); - set_to_dummy_if_null(ops, vcpuaffinity); - set_to_dummy_if_null(ops, scheduler); set_to_dummy_if_null(ops, getdomaininfo); - set_to_dummy_if_null(ops, getvcpucontext); - set_to_dummy_if_null(ops, getvcpuinfo); - set_to_dummy_if_null(ops, domain_settime); + set_to_dummy_if_null(ops, domctl_scheduler_op); + set_to_dummy_if_null(ops, sysctl_scheduler_op); set_to_dummy_if_null(ops, set_target); set_to_dummy_if_null(ops, domctl); - set_to_dummy_if_null(ops, set_virq_handler); - set_to_dummy_if_null(ops, tbufcontrol); + set_to_dummy_if_null(ops, sysctl); set_to_dummy_if_null(ops, readconsole); - set_to_dummy_if_null(ops, sched_id); - set_to_dummy_if_null(ops, setdomainmaxmem); - set_to_dummy_if_null(ops, setdomainhandle); - set_to_dummy_if_null(ops, setdebugging); - set_to_dummy_if_null(ops, perfcontrol); - set_to_dummy_if_null(ops, debug_keys); - set_to_dummy_if_null(ops, getcpuinfo); - set_to_dummy_if_null(ops, availheap); - set_to_dummy_if_null(ops, get_pmstat); - set_to_dummy_if_null(ops, setpminfo); - set_to_dummy_if_null(ops, pm_op); set_to_dummy_if_null(ops, do_mca); set_to_dummy_if_null(ops, evtchn_unbound); @@ -83,6 +62,7 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, get_pod_target); set_to_dummy_if_null(ops, set_pod_target); + set_to_dummy_if_null(ops, memory_exchange); set_to_dummy_if_null(ops, memory_adjust_reservation); set_to_dummy_if_null(ops, memory_stat_reservation); set_to_dummy_if_null(ops, memory_pin_page); @@ -116,51 +96,32 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, resource_setup_misc); set_to_dummy_if_null(ops, page_offline); - set_to_dummy_if_null(ops, lockprof); - set_to_dummy_if_null(ops, cpupool_op); - set_to_dummy_if_null(ops, sched_op); + set_to_dummy_if_null(ops, tmem_op); + set_to_dummy_if_null(ops, tmem_control); set_to_dummy_if_null(ops, do_xsm_op); #ifdef CONFIG_X86 set_to_dummy_if_null(ops, shadow_control); - set_to_dummy_if_null(ops, getpageframeinfo); - set_to_dummy_if_null(ops, getmemlist); - set_to_dummy_if_null(ops, hypercall_init); - set_to_dummy_if_null(ops, hvmcontext); - set_to_dummy_if_null(ops, address_size); - set_to_dummy_if_null(ops, machine_address_size); set_to_dummy_if_null(ops, hvm_param); set_to_dummy_if_null(ops, hvm_set_pci_intx_level); set_to_dummy_if_null(ops, hvm_set_isa_irq_level); set_to_dummy_if_null(ops, hvm_set_pci_link_route); set_to_dummy_if_null(ops, hvm_inject_msi); - set_to_dummy_if_null(ops, mem_event); - set_to_dummy_if_null(ops, mem_sharing); + set_to_dummy_if_null(ops, mem_event_control); + set_to_dummy_if_null(ops, mem_event_op); + set_to_dummy_if_null(ops, mem_sharing_op); set_to_dummy_if_null(ops, apic); - set_to_dummy_if_null(ops, xen_settime); - set_to_dummy_if_null(ops, memtype); - set_to_dummy_if_null(ops, microcode); - set_to_dummy_if_null(ops, physinfo); - set_to_dummy_if_null(ops, platform_quirk); - set_to_dummy_if_null(ops, firmware_info); - set_to_dummy_if_null(ops, efi_call); - set_to_dummy_if_null(ops, acpi_sleep); - set_to_dummy_if_null(ops, change_freq); - set_to_dummy_if_null(ops, getidletime); + set_to_dummy_if_null(ops, platform_op); set_to_dummy_if_null(ops, machine_memory_map); set_to_dummy_if_null(ops, domain_memory_map); - set_to_dummy_if_null(ops, mmu_normal_update); - set_to_dummy_if_null(ops, mmu_machphys_update); + set_to_dummy_if_null(ops, mmu_update); + set_to_dummy_if_null(ops, mmuext_op); set_to_dummy_if_null(ops, update_va_mapping); set_to_dummy_if_null(ops, add_to_physmap); set_to_dummy_if_null(ops, remove_from_physmap); - set_to_dummy_if_null(ops, sendtrigger); set_to_dummy_if_null(ops, bind_pt_irq); set_to_dummy_if_null(ops, unbind_pt_irq); - set_to_dummy_if_null(ops, pin_mem_cacheattr); - set_to_dummy_if_null(ops, ext_vcpucontext); - set_to_dummy_if_null(ops, vcpuextstate); set_to_dummy_if_null(ops, ioport_permission); set_to_dummy_if_null(ops, ioport_mapping); #endif diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/xsm/flask/flask_op.c --- a/xen/xsm/flask/flask_op.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/xsm/flask/flask_op.c Fri Jan 11 12:23:39 2013 +0000 @@ -612,6 +612,15 @@ static int flask_relabel_domain(struct x goto out; dsec->sid = arg->sid; + dsec->self_sid = arg->sid; + security_transition_sid(dsec->sid, dsec->sid, SECCLASS_DOMAIN, + &dsec->self_sid); + if ( d->target ) + { + struct domain_security_struct *tsec = d->target->ssid; + security_transition_sid(tsec->sid, dsec->sid, SECCLASS_DOMAIN, + &dsec->target_sid); + } out: rcu_unlock_domain(d); diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/xsm/flask/hooks.c --- a/xen/xsm/flask/hooks.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/xsm/flask/hooks.c Fri Jan 11 12:23:39 2013 +0000 @@ -33,38 +33,69 @@ struct xsm_operations *original_ops = NULL; +static u32 domain_sid(struct domain *dom) +{ + struct domain_security_struct *dsec = dom->ssid; + return dsec->sid; +} + +static u32 domain_target_sid(struct domain *src, struct domain *dst) +{ + struct domain_security_struct *ssec = src->ssid; + struct domain_security_struct *dsec = dst->ssid; + if (src == dst) + return ssec->self_sid; + if (src->target == dst) + return ssec->target_sid; + return dsec->sid; +} + +static u32 evtchn_sid(const struct evtchn *chn) +{ + struct evtchn_security_struct *esec = chn->ssid; + return esec->sid; +} + static int domain_has_perm(struct domain *dom1, struct domain *dom2, u16 class, u32 perms) { - struct domain_security_struct *dsec1, *dsec2; + u32 ssid, tsid; struct avc_audit_data ad; AVC_AUDIT_DATA_INIT(&ad, NONE); ad.sdom = dom1; ad.tdom = dom2; - dsec1 = dom1->ssid; - dsec2 = dom2->ssid; + ssid = domain_sid(dom1); + tsid = domain_target_sid(dom1, dom2); - return avc_has_perm(dsec1->sid, dsec2->sid, class, perms, &ad); + return avc_has_perm(ssid, tsid, class, perms, &ad); +} + +static int avc_current_has_perm(u32 tsid, u16 class, u32 perm, + struct avc_audit_data *ad) +{ + u32 csid = domain_sid(current->domain); + return avc_has_perm(csid, tsid, class, perm, ad); +} + +static int current_has_perm(struct domain *d, u16 class, u32 perms) +{ + return domain_has_perm(current->domain, d, class, perms); } static int domain_has_evtchn(struct domain *d, struct evtchn *chn, u32 perms) { - struct domain_security_struct *dsec; - struct evtchn_security_struct *esec; + u32 dsid = domain_sid(d); + u32 esid = evtchn_sid(chn); - dsec = d->ssid; - esec = chn->ssid; - - return avc_has_perm(dsec->sid, esec->sid, SECCLASS_EVENT, perms, NULL); + return avc_has_perm(dsid, esid, SECCLASS_EVENT, perms, NULL); } static int domain_has_xen(struct domain *d, u32 perms) { - struct domain_security_struct *dsec; - dsec = d->ssid; + u32 dsid = domain_sid(d); - return avc_has_perm(dsec->sid, SECINITSID_XEN, SECCLASS_XEN, perms, NULL); + return avc_has_perm(dsid, SECINITSID_XEN, SECCLASS_XEN, perms, NULL); } static int get_irq_sid(int irq, u32 *sid, struct avc_audit_data *ad) @@ -123,6 +154,7 @@ static int flask_domain_alloc_security(s dsec->sid = SECINITSID_UNLABELED; } + dsec->self_sid = dsec->sid; d->ssid = dsec; return 0; @@ -142,68 +174,55 @@ static void flask_domain_free_security(s static int flask_evtchn_unbound(struct domain *d1, struct evtchn *chn, domid_t id2) { - u32 newsid; + u32 sid1, sid2, newsid; int rc; - domid_t id; struct domain *d2; - struct domain_security_struct *dsec, *dsec1, *dsec2; struct evtchn_security_struct *esec; - dsec = current->domain->ssid; - dsec1 = d1->ssid; - esec = chn->ssid; - - if ( id2 == DOMID_SELF ) - id = current->domain->domain_id; - else - id = id2; - - d2 = get_domain_by_id(id); + d2 = rcu_lock_domain_by_any_id(id2); if ( d2 == NULL ) return -EPERM; - dsec2 = d2->ssid; - rc = security_transition_sid(dsec1->sid, dsec2->sid, SECCLASS_EVENT, - &newsid); + sid1 = domain_sid(d1); + sid2 = domain_target_sid(d1, d2); + esec = chn->ssid; + + rc = security_transition_sid(sid1, sid2, SECCLASS_EVENT, &newsid); if ( rc ) goto out; - rc = avc_has_perm(dsec->sid, newsid, SECCLASS_EVENT, EVENT__CREATE, NULL); + rc = avc_current_has_perm(newsid, SECCLASS_EVENT, EVENT__CREATE, NULL); if ( rc ) goto out; - rc = avc_has_perm(newsid, dsec2->sid, SECCLASS_EVENT, EVENT__BIND, NULL); + rc = avc_has_perm(newsid, sid2, SECCLASS_EVENT, EVENT__BIND, NULL); if ( rc ) goto out; - else - esec->sid = newsid; + + esec->sid = newsid; out: - put_domain(d2); + rcu_unlock_domain(d2); return rc; } static int flask_evtchn_interdomain(struct domain *d1, struct evtchn *chn1, struct domain *d2, struct evtchn *chn2) { - u32 newsid; + u32 sid1, sid2, newsid, reverse_sid; int rc; - struct domain_security_struct *dsec, *dsec1, *dsec2; - struct evtchn_security_struct *esec1, *esec2; + struct evtchn_security_struct *esec1; struct avc_audit_data ad; AVC_AUDIT_DATA_INIT(&ad, NONE); ad.sdom = d1; ad.tdom = d2; - dsec = current->domain->ssid; - dsec1 = d1->ssid; - dsec2 = d2->ssid; + sid1 = domain_sid(d1); + sid2 = domain_target_sid(d1, d2); esec1 = chn1->ssid; - esec2 = chn2->ssid; - rc = security_transition_sid(dsec1->sid, dsec2->sid, - SECCLASS_EVENT, &newsid); + rc = security_transition_sid(sid1, sid2, SECCLASS_EVENT, &newsid); if ( rc ) { printk("%s: security_transition_sid failed, rc=%d (domain=%d)\n", @@ -211,15 +230,20 @@ static int flask_evtchn_interdomain(stru return rc; } - rc = avc_has_perm(dsec->sid, newsid, SECCLASS_EVENT, EVENT__CREATE, &ad); + rc = avc_current_has_perm(newsid, SECCLASS_EVENT, EVENT__CREATE, &ad); if ( rc ) return rc; - rc = avc_has_perm(newsid, dsec2->sid, SECCLASS_EVENT, EVENT__BIND, &ad); + rc = avc_has_perm(newsid, sid2, SECCLASS_EVENT, EVENT__BIND, &ad); if ( rc ) return rc; - rc = avc_has_perm(esec2->sid, dsec1->sid, SECCLASS_EVENT, EVENT__BIND, &ad); + /* It's possible the target domain has changed (relabel or destroy/create) + * since the unbound part was created; re-validate this binding now. + */ + reverse_sid = evtchn_sid(chn2); + sid1 = domain_target_sid(d2, d1); + rc = avc_has_perm(reverse_sid, sid1, SECCLASS_EVENT, EVENT__BIND, &ad); if ( rc ) return rc; @@ -302,7 +326,6 @@ static void flask_free_security_evtchn(s static char *flask_show_security_evtchn(struct domain *d, const struct evtchn *chn) { - struct evtchn_security_struct *esec; int irq; u32 sid = 0; char *ctx; @@ -312,9 +335,7 @@ static char *flask_show_security_evtchn( { case ECS_UNBOUND: case ECS_INTERDOMAIN: - esec = chn->ssid; - if ( esec ) - sid = esec->sid; + sid = evtchn_sid(chn); break; case ECS_PIRQ: irq = domain_pirq_to_irq(d, chn->u.pirq.irq); @@ -367,12 +388,17 @@ static int flask_grant_query_size(struct static int flask_get_pod_target(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__GETPODTARGET); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETPODTARGET); } static int flask_set_pod_target(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__SETPODTARGET); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETPODTARGET); +} + +static int flask_memory_exchange(struct domain *d) +{ + return current_has_perm(d, SECCLASS_MMU, MMU__EXCHANGE); } static int flask_memory_adjust_reservation(struct domain *d1, struct domain *d2) @@ -455,144 +481,304 @@ static int flask_schedop_shutdown(struct static void flask_security_domaininfo(struct domain *d, struct xen_domctl_getdomaininfo *info) { - struct domain_security_struct *dsec; - - dsec = d->ssid; - info->ssidref = dsec->sid; -} - -static int flask_setvcpucontext(struct domain *d) -{ - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__SETVCPUCONTEXT); -} - -static int flask_pausedomain(struct domain *d) -{ - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__PAUSE); -} - -static int flask_unpausedomain(struct domain *d) -{ - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__UNPAUSE); -} - -static int flask_resumedomain(struct domain *d) -{ - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__RESUME); + info->ssidref = domain_sid(d); } static int flask_domain_create(struct domain *d, u32 ssidref) { int rc; - struct domain_security_struct *dsec1; - struct domain_security_struct *dsec2; + struct domain_security_struct *dsec = d->ssid; static int dom0_created = 0; - dsec1 = current->domain->ssid; - dsec2 = d->ssid; - if ( is_idle_domain(current->domain) && !dom0_created ) { - dsec2->sid = SECINITSID_DOM0; + dsec->sid = SECINITSID_DOM0; dom0_created = 1; - return 0; } + else + { + rc = avc_current_has_perm(ssidref, SECCLASS_DOMAIN, + DOMAIN__CREATE, NULL); + if ( rc ) + return rc; - rc = avc_has_perm(dsec1->sid, ssidref, SECCLASS_DOMAIN, - DOMAIN__CREATE, NULL); - if ( rc ) - return rc; + dsec->sid = ssidref; + } + dsec->self_sid = dsec->sid; - dsec2->sid = ssidref; + rc = security_transition_sid(dsec->sid, dsec->sid, SECCLASS_DOMAIN, + &dsec->self_sid); return rc; } -static int flask_max_vcpus(struct domain *d) +static int flask_getdomaininfo(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__MAX_VCPUS); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETDOMAININFO); } -static int flask_destroydomain(struct domain *d) +static int flask_domctl_scheduler_op(struct domain *d, int op) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__DESTROY); + switch ( op ) + { + case XEN_DOMCTL_SCHEDOP_putinfo: + return current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__SETSCHEDULER); + + case XEN_DOMCTL_SCHEDOP_getinfo: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETSCHEDULER); + + default: + printk("flask_domctl_scheduler_op: Unknown op %d\n", op); + return -EPERM; + } } -static int flask_vcpuaffinity(int cmd, struct domain *d) +static int flask_sysctl_scheduler_op(int op) { - u32 perm; + switch ( op ) + { + case XEN_DOMCTL_SCHEDOP_putinfo: + return domain_has_xen(current->domain, XEN__SETSCHEDULER); - switch ( cmd ) - { - case XEN_DOMCTL_setvcpuaffinity: - perm = DOMAIN__SETVCPUAFFINITY; - break; - case XEN_DOMCTL_getvcpuaffinity: - perm = DOMAIN__GETVCPUAFFINITY; - break; + case XEN_DOMCTL_SCHEDOP_getinfo: + return domain_has_xen(current->domain, XEN__GETSCHEDULER); + default: + printk("flask_domctl_scheduler_op: Unknown op %d\n", op); return -EPERM; } - - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, perm ); } -static int flask_scheduler(struct domain *d) +static int flask_set_target(struct domain *d, struct domain *t) { - int rc = 0; + int rc; + struct domain_security_struct *dsec, *tsec; + dsec = d->ssid; + tsec = t->ssid; - rc = domain_has_xen(current->domain, XEN__SCHEDULER); + rc = current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__MAKE_PRIV_FOR); + if ( rc ) + return rc; + rc = current_has_perm(t, SECCLASS_DOMAIN2, DOMAIN2__SET_AS_TARGET); + if ( rc ) + return rc; + /* Use avc_has_perm to avoid resolving target/current SID */ + rc = avc_has_perm(dsec->sid, tsec->sid, SECCLASS_DOMAIN, DOMAIN__SET_TARGET, NULL); if ( rc ) return rc; - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__SCHEDULER); -} - -static int flask_getdomaininfo(struct domain *d) -{ - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__GETDOMAININFO); -} - -static int flask_getvcpucontext(struct domain *d) -{ - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__GETVCPUCONTEXT); -} - -static int flask_getvcpuinfo(struct domain *d) -{ - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__GETVCPUINFO); -} - -static int flask_domain_settime(struct domain *d) -{ - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__SETTIME); -} - -static int flask_set_target(struct domain *d, struct domain *e) -{ - return domain_has_perm(d, e, SECCLASS_DOMAIN, DOMAIN__SET_TARGET); + /* (tsec, dsec) defaults the label to tsec, as it should here */ + rc = security_transition_sid(tsec->sid, dsec->sid, SECCLASS_DOMAIN, + &dsec->target_sid); + return rc; } static int flask_domctl(struct domain *d, int cmd) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__SET_MISC_INFO); + switch ( cmd ) + { + /* These have individual XSM hooks (common/domctl.c) */ + case XEN_DOMCTL_createdomain: + case XEN_DOMCTL_getdomaininfo: + case XEN_DOMCTL_scheduler_op: + case XEN_DOMCTL_irq_permission: + case XEN_DOMCTL_iomem_permission: + case XEN_DOMCTL_set_target: +#ifdef CONFIG_X86 + /* These have individual XSM hooks (arch/x86/domctl.c) */ + case XEN_DOMCTL_shadow_op: + case XEN_DOMCTL_ioport_permission: + case XEN_DOMCTL_bind_pt_irq: + case XEN_DOMCTL_unbind_pt_irq: + case XEN_DOMCTL_memory_mapping: + case XEN_DOMCTL_ioport_mapping: + case XEN_DOMCTL_mem_event_op: + /* These have individual XSM hooks (drivers/passthrough/iommu.c) */ + case XEN_DOMCTL_get_device_group: + case XEN_DOMCTL_test_assign_device: + case XEN_DOMCTL_assign_device: + case XEN_DOMCTL_deassign_device: +#endif + return 0; + + case XEN_DOMCTL_destroydomain: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__DESTROY); + + case XEN_DOMCTL_pausedomain: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__PAUSE); + + case XEN_DOMCTL_unpausedomain: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__UNPAUSE); + + case XEN_DOMCTL_setvcpuaffinity: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETVCPUAFFINITY); + + case XEN_DOMCTL_getvcpuaffinity: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETVCPUAFFINITY); + + case XEN_DOMCTL_resumedomain: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__RESUME); + + case XEN_DOMCTL_max_vcpus: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__MAX_VCPUS); + + case XEN_DOMCTL_max_mem: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETDOMAINMAXMEM); + + case XEN_DOMCTL_setdomainhandle: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETDOMAINHANDLE); + + case XEN_DOMCTL_setvcpucontext: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETVCPUCONTEXT); + + case XEN_DOMCTL_getvcpucontext: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETVCPUCONTEXT); + + case XEN_DOMCTL_getvcpuinfo: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETVCPUINFO); + + case XEN_DOMCTL_settimeoffset: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETTIME); + + case XEN_DOMCTL_setdebugging: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETDEBUGGING); + + case XEN_DOMCTL_getpageframeinfo: + case XEN_DOMCTL_getpageframeinfo2: + case XEN_DOMCTL_getpageframeinfo3: + return current_has_perm(d, SECCLASS_MMU, MMU__PAGEINFO); + + case XEN_DOMCTL_getmemlist: + return current_has_perm(d, SECCLASS_MMU, MMU__PAGELIST); + + case XEN_DOMCTL_hypercall_init: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__HYPERCALL); + + case XEN_DOMCTL_sethvmcontext: + return current_has_perm(d, SECCLASS_HVM, HVM__SETHVMC); + + case XEN_DOMCTL_gethvmcontext: + case XEN_DOMCTL_gethvmcontext_partial: + return current_has_perm(d, SECCLASS_HVM, HVM__GETHVMC); + + case XEN_DOMCTL_set_address_size: + case XEN_DOMCTL_set_machine_address_size: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETADDRSIZE); + + case XEN_DOMCTL_get_address_size: + case XEN_DOMCTL_get_machine_address_size: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETADDRSIZE); + + case XEN_DOMCTL_mem_sharing_op: + return current_has_perm(d, SECCLASS_HVM, HVM__MEM_SHARING); + + case XEN_DOMCTL_pin_mem_cacheattr: + return current_has_perm(d, SECCLASS_HVM, HVM__CACHEATTR); + + case XEN_DOMCTL_set_ext_vcpucontext: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETEXTVCPUCONTEXT); + + case XEN_DOMCTL_get_ext_vcpucontext: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETEXTVCPUCONTEXT); + + case XEN_DOMCTL_setvcpuextstate: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETVCPUEXTSTATE); + + case XEN_DOMCTL_getvcpuextstate: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETVCPUEXTSTATE); + + case XEN_DOMCTL_sendtrigger: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__TRIGGER); + + case XEN_DOMCTL_set_access_required: + return current_has_perm(d, SECCLASS_HVM, HVM__MEM_EVENT); + + case XEN_DOMCTL_debug_op: + case XEN_DOMCTL_gdbsx_guestmemio: + case XEN_DOMCTL_gdbsx_pausevcpu: + case XEN_DOMCTL_gdbsx_unpausevcpu: + case XEN_DOMCTL_gdbsx_domstatus: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETDEBUGGING); + + case XEN_DOMCTL_subscribe: + case XEN_DOMCTL_disable_migrate: + case XEN_DOMCTL_suppress_spurious_page_faults: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SET_MISC_INFO); + + case XEN_DOMCTL_set_virq_handler: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SET_VIRQ_HANDLER); + + case XEN_DOMCTL_set_cpuid: + return current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__SET_CPUID); + + case XEN_DOMCTL_gettscinfo: + return current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__GETTSC); + + case XEN_DOMCTL_settscinfo: + return current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__SETTSC); + + case XEN_DOMCTL_audit_p2m: + return current_has_perm(d, SECCLASS_HVM, HVM__AUDIT_P2M); + + default: + printk("flask_domctl: Unknown op %d\n", cmd); + return -EPERM; + } } -static int flask_set_virq_handler(struct domain *d, uint32_t virq) +static int flask_sysctl(int cmd) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__SET_VIRQ_HANDLER); -} + switch ( cmd ) + { + /* These have individual XSM hooks */ + case XEN_SYSCTL_readconsole: + case XEN_SYSCTL_getdomaininfolist: + case XEN_SYSCTL_page_offline_op: + case XEN_SYSCTL_scheduler_op: +#ifdef CONFIG_X86 + case XEN_SYSCTL_cpu_hotplug: +#endif + return 0; -static int flask_tbufcontrol(void) -{ - return domain_has_xen(current->domain, XEN__TBUFCONTROL); + case XEN_SYSCTL_tbuf_op: + return domain_has_xen(current->domain, XEN__TBUFCONTROL); + + case XEN_SYSCTL_sched_id: + return domain_has_xen(current->domain, XEN__GETSCHEDULER); + + case XEN_SYSCTL_perfc_op: + return domain_has_xen(current->domain, XEN__PERFCONTROL); + + case XEN_SYSCTL_debug_keys: + return domain_has_xen(current->domain, XEN__DEBUG); + + case XEN_SYSCTL_getcpuinfo: + return domain_has_xen(current->domain, XEN__GETCPUINFO); + + case XEN_SYSCTL_availheap: + return domain_has_xen(current->domain, XEN__HEAP); + + case XEN_SYSCTL_get_pmstat: + return domain_has_xen(current->domain, XEN__PM_OP); + + case XEN_SYSCTL_pm_op: + return domain_has_xen(current->domain, XEN__PM_OP); + + case XEN_SYSCTL_lockprof_op: + return domain_has_xen(current->domain, XEN__LOCKPROF); + + case XEN_SYSCTL_cpupool_op: + return domain_has_xen(current->domain, XEN__CPUPOOL_OP); + + case XEN_SYSCTL_physinfo: + case XEN_SYSCTL_topologyinfo: + case XEN_SYSCTL_numainfo: + return domain_has_xen(current->domain, XEN__PHYSINFO); + + default: + printk("flask_sysctl: Unknown op %d\n", cmd); + return -EPERM; + } } static int flask_readconsole(uint32_t clear) @@ -605,59 +791,6 @@ static int flask_readconsole(uint32_t cl return domain_has_xen(current->domain, perms); } -static int flask_sched_id(void) -{ - return domain_has_xen(current->domain, XEN__SCHEDULER); -} - -static int flask_setdomainmaxmem(struct domain *d) -{ - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__SETDOMAINMAXMEM); -} - -static int flask_setdomainhandle(struct domain *d) -{ - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__SETDOMAINHANDLE); -} - -static int flask_setdebugging(struct domain *d) -{ - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__SETDEBUGGING); -} - -static int flask_debug_keys(void) -{ - return domain_has_xen(current->domain, XEN__DEBUG); -} - -static int flask_getcpuinfo(void) -{ - return domain_has_xen(current->domain, XEN__GETCPUINFO); -} - -static int flask_availheap(void) -{ - return domain_has_xen(current->domain, XEN__HEAP); -} - -static int flask_get_pmstat(void) -{ - return domain_has_xen(current->domain, XEN__PM_OP); -} - -static int flask_setpminfo(void) -{ - return domain_has_xen(current->domain, XEN__PM_OP); -} - -static int flask_pm_op(void) -{ - return domain_has_xen(current->domain, XEN__PM_OP); -} - static int flask_do_mca(void) { return domain_has_xen(current->domain, XEN__MCA_OP); @@ -687,14 +820,12 @@ static char *flask_show_irq_sid (int irq static int flask_map_domain_pirq (struct domain *d, int irq, void *data) { - u32 sid; + u32 sid, dsid; int rc = -EPERM; struct msi_info *msi = data; - - struct domain_security_struct *ssec, *tsec; struct avc_audit_data ad; - rc = domain_has_perm(current->domain, d, SECCLASS_RESOURCE, RESOURCE__ADD); + rc = current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__ADD); if ( rc ) return rc; @@ -710,14 +841,13 @@ static int flask_map_domain_pirq (struct if ( rc ) return rc; - ssec = current->domain->ssid; - tsec = d->ssid; + dsid = domain_sid(d); - rc = avc_has_perm(ssec->sid, sid, SECCLASS_RESOURCE, RESOURCE__ADD_IRQ, &ad); + rc = avc_current_has_perm(sid, SECCLASS_RESOURCE, RESOURCE__ADD_IRQ, &ad); if ( rc ) return rc; - rc = avc_has_perm(tsec->sid, sid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); + rc = avc_has_perm(dsid, sid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); return rc; } @@ -725,16 +855,12 @@ static int flask_unmap_domain_pirq (stru { u32 sid; int rc = -EPERM; - - struct domain_security_struct *ssec; struct avc_audit_data ad; - rc = domain_has_perm(current->domain, d, SECCLASS_RESOURCE, RESOURCE__REMOVE); + rc = current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__REMOVE); if ( rc ) return rc; - ssec = current->domain->ssid; - if ( irq < nr_static_irqs ) { rc = get_irq_sid(irq, &sid, &ad); } else { @@ -745,19 +871,19 @@ static int flask_unmap_domain_pirq (stru if ( rc ) return rc; - rc = avc_has_perm(ssec->sid, sid, SECCLASS_RESOURCE, RESOURCE__REMOVE_IRQ, &ad); + rc = avc_current_has_perm(sid, SECCLASS_RESOURCE, RESOURCE__REMOVE_IRQ, &ad); return rc; } static int flask_irq_permission (struct domain *d, int pirq, uint8_t access) { /* the PIRQ number is not useful; real IRQ is checked during mapping */ - return domain_has_perm(current->domain, d, SECCLASS_RESOURCE, - resource_to_perm(access)); + return current_has_perm(d, SECCLASS_RESOURCE, resource_to_perm(access)); } struct iomem_has_perm_data { - struct domain_security_struct *ssec, *tsec; + u32 ssid; + u32 dsid; u32 perm; }; @@ -771,12 +897,12 @@ static int _iomem_has_perm(void *v, u32 ad.range.start = start; ad.range.end = end; - rc = avc_has_perm(data->ssec->sid, sid, SECCLASS_RESOURCE, data->perm, &ad); + rc = avc_has_perm(data->ssid, sid, SECCLASS_RESOURCE, data->perm, &ad); if ( rc ) return rc; - return avc_has_perm(data->tsec->sid, sid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); + return avc_has_perm(data->dsid, sid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); } static int flask_iomem_permission(struct domain *d, uint64_t start, uint64_t end, uint8_t access) @@ -784,7 +910,7 @@ static int flask_iomem_permission(struct struct iomem_has_perm_data data; int rc; - rc = domain_has_perm(current->domain, d, SECCLASS_RESOURCE, + rc = current_has_perm(d, SECCLASS_RESOURCE, resource_to_perm(access)); if ( rc ) return rc; @@ -794,18 +920,22 @@ static int flask_iomem_permission(struct else data.perm = RESOURCE__REMOVE_IOMEM; - data.ssec = current->domain->ssid; - data.tsec = d->ssid; + data.ssid = domain_sid(current->domain); + data.dsid = domain_sid(d); return security_iterate_iomem_sids(start, end, _iomem_has_perm, &data); } +static int flask_iomem_mapping(struct domain *d, uint64_t start, uint64_t end, uint8_t access) +{ + return flask_iomem_permission(d, start, end, access); +} + static int flask_pci_config_permission(struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access) { - u32 rsid; + u32 dsid, rsid; int rc = -EPERM; struct avc_audit_data ad; - struct domain_security_struct *ssec; u32 perm = RESOURCE__USE; rc = security_device_sid(machine_bdf, &rsid); @@ -818,33 +948,24 @@ static int flask_pci_config_permission(s AVC_AUDIT_DATA_INIT(&ad, DEV); ad.device = (unsigned long) machine_bdf; - ssec = d->ssid; - return avc_has_perm(ssec->sid, rsid, SECCLASS_RESOURCE, perm, &ad); + dsid = domain_sid(d); + return avc_has_perm(dsid, rsid, SECCLASS_RESOURCE, perm, &ad); } static int flask_resource_plug_core(void) { - struct domain_security_struct *ssec; - - ssec = current->domain->ssid; - return avc_has_perm(ssec->sid, SECINITSID_DOMXEN, SECCLASS_RESOURCE, RESOURCE__PLUG, NULL); + return avc_current_has_perm(SECINITSID_DOMXEN, SECCLASS_RESOURCE, RESOURCE__PLUG, NULL); } static int flask_resource_unplug_core(void) { - struct domain_security_struct *ssec; - - ssec = current->domain->ssid; - return avc_has_perm(ssec->sid, SECINITSID_DOMXEN, SECCLASS_RESOURCE, RESOURCE__UNPLUG, NULL); + return avc_current_has_perm(SECINITSID_DOMXEN, SECCLASS_RESOURCE, RESOURCE__UNPLUG, NULL); } static int flask_resource_use_core(void) { - struct domain_security_struct *ssec; - - ssec = current->domain->ssid; - return avc_has_perm(ssec->sid, SECINITSID_DOMXEN, SECCLASS_RESOURCE, RESOURCE__USE, NULL); + return avc_current_has_perm(SECINITSID_DOMXEN, SECCLASS_RESOURCE, RESOURCE__USE, NULL); } static int flask_resource_plug_pci(uint32_t machine_bdf) @@ -852,7 +973,6 @@ static int flask_resource_plug_pci(uint3 u32 rsid; int rc = -EPERM; struct avc_audit_data ad; - struct domain_security_struct *ssec; rc = security_device_sid(machine_bdf, &rsid); if ( rc ) @@ -860,8 +980,7 @@ static int flask_resource_plug_pci(uint3 AVC_AUDIT_DATA_INIT(&ad, DEV); ad.device = (unsigned long) machine_bdf; - ssec = current->domain->ssid; - return avc_has_perm(ssec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__PLUG, &ad); + return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__PLUG, &ad); } static int flask_resource_unplug_pci(uint32_t machine_bdf) @@ -869,7 +988,6 @@ static int flask_resource_unplug_pci(uin u32 rsid; int rc = -EPERM; struct avc_audit_data ad; - struct domain_security_struct *ssec; rc = security_device_sid(machine_bdf, &rsid); if ( rc ) @@ -877,8 +995,7 @@ static int flask_resource_unplug_pci(uin AVC_AUDIT_DATA_INIT(&ad, DEV); ad.device = (unsigned long) machine_bdf; - ssec = current->domain->ssid; - return avc_has_perm(ssec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__UNPLUG, &ad); + return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__UNPLUG, &ad); } static int flask_resource_setup_pci(uint32_t machine_bdf) @@ -886,7 +1003,6 @@ static int flask_resource_setup_pci(uint u32 rsid; int rc = -EPERM; struct avc_audit_data ad; - struct domain_security_struct *ssec; rc = security_device_sid(machine_bdf, &rsid); if ( rc ) @@ -894,8 +1010,7 @@ static int flask_resource_setup_pci(uint AVC_AUDIT_DATA_INIT(&ad, DEV); ad.device = (unsigned long) machine_bdf; - ssec = current->domain->ssid; - return avc_has_perm(ssec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__SETUP, &ad); + return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__SETUP, &ad); } static int flask_resource_setup_gsi(int gsi) @@ -903,22 +1018,17 @@ static int flask_resource_setup_gsi(int u32 rsid; int rc = -EPERM; struct avc_audit_data ad; - struct domain_security_struct *ssec; rc = get_irq_sid(gsi, &rsid, &ad); if ( rc ) return rc; - ssec = current->domain->ssid; - return avc_has_perm(ssec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__SETUP, &ad); + return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__SETUP, &ad); } static int flask_resource_setup_misc(void) { - struct domain_security_struct *ssec; - - ssec = current->domain->ssid; - return avc_has_perm(ssec->sid, SECINITSID_XEN, SECCLASS_RESOURCE, RESOURCE__SETUP, NULL); + return avc_current_has_perm(SECINITSID_XEN, SECCLASS_RESOURCE, RESOURCE__SETUP, NULL); } static inline int flask_page_offline(uint32_t cmd) @@ -935,24 +1045,14 @@ static inline int flask_page_offline(uin } } -static inline int flask_lockprof(void) +static inline int flask_tmem_op(void) { - return domain_has_xen(current->domain, XEN__LOCKPROF); + return domain_has_xen(current->domain, XEN__TMEM_OP); } -static inline int flask_cpupool_op(void) +static inline int flask_tmem_control(void) { - return domain_has_xen(current->domain, XEN__CPUPOOL_OP); -} - -static inline int flask_sched_op(void) -{ - return domain_has_xen(current->domain, XEN__SCHED_OP); -} - -static int flask_perfcontrol(void) -{ - return domain_has_xen(current->domain, XEN__PERFCONTROL); + return domain_has_xen(current->domain, XEN__TMEM_CONTROL); } #ifdef CONFIG_X86 @@ -981,11 +1081,12 @@ static int flask_shadow_control(struct d return -EPERM; } - return domain_has_perm(current->domain, d, SECCLASS_SHADOW, perm); + return current_has_perm(d, SECCLASS_SHADOW, perm); } struct ioport_has_perm_data { - struct domain_security_struct *ssec, *tsec; + u32 ssid; + u32 dsid; u32 perm; }; @@ -999,21 +1100,20 @@ static int _ioport_has_perm(void *v, u32 ad.range.start = start; ad.range.end = end; - rc = avc_has_perm(data->ssec->sid, sid, SECCLASS_RESOURCE, data->perm, &ad); + rc = avc_has_perm(data->ssid, sid, SECCLASS_RESOURCE, data->perm, &ad); if ( rc ) return rc; - return avc_has_perm(data->tsec->sid, sid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); + return avc_has_perm(data->dsid, sid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); } - static int flask_ioport_permission(struct domain *d, uint32_t start, uint32_t end, uint8_t access) { int rc; struct ioport_has_perm_data data; - rc = domain_has_perm(current->domain, d, SECCLASS_RESOURCE, + rc = current_has_perm(d, SECCLASS_RESOURCE, resource_to_perm(access)); if ( rc ) @@ -1024,68 +1124,15 @@ static int flask_ioport_permission(struc else data.perm = RESOURCE__REMOVE_IOPORT; - data.ssec = current->domain->ssid; - data.tsec = d->ssid; + data.ssid = domain_sid(current->domain); + data.dsid = domain_sid(d); return security_iterate_ioport_sids(start, end, _ioport_has_perm, &data); } -static int flask_getpageframeinfo(struct domain *d) +static int flask_ioport_mapping(struct domain *d, uint32_t start, uint32_t end, uint8_t access) { - return domain_has_perm(current->domain, d, SECCLASS_MMU, MMU__PAGEINFO); -} - -static int flask_getmemlist(struct domain *d) -{ - return domain_has_perm(current->domain, d, SECCLASS_MMU, MMU__PAGELIST); -} - -static int flask_hypercall_init(struct domain *d) -{ - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__HYPERCALL); -} - -static int flask_hvmcontext(struct domain *d, uint32_t cmd) -{ - u32 perm; - - switch ( cmd ) - { - case XEN_DOMCTL_sethvmcontext: - perm = HVM__SETHVMC; - break; - case XEN_DOMCTL_gethvmcontext: - case XEN_DOMCTL_gethvmcontext_partial: - perm = HVM__GETHVMC; - break; - case HVMOP_track_dirty_vram: - perm = HVM__TRACKDIRTYVRAM; - break; - default: - return -EPERM; - } - - return domain_has_perm(current->domain, d, SECCLASS_HVM, perm); -} - -static int flask_address_size(struct domain *d, uint32_t cmd) -{ - u32 perm; - - switch ( cmd ) - { - case XEN_DOMCTL_set_address_size: - perm = DOMAIN__SETADDRSIZE; - break; - case XEN_DOMCTL_get_address_size: - perm = DOMAIN__GETADDRSIZE; - break; - default: - return -EPERM; - } - - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, perm); + return flask_ioport_permission(d, start, end, access); } static int flask_hvm_param(struct domain *d, unsigned long op) @@ -1107,32 +1154,45 @@ static int flask_hvm_param(struct domain perm = HVM__HVMCTL; } - return domain_has_perm(current->domain, d, SECCLASS_HVM, perm); + return current_has_perm(d, SECCLASS_HVM, perm); } static int flask_hvm_set_pci_intx_level(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_HVM, HVM__PCILEVEL); + return current_has_perm(d, SECCLASS_HVM, HVM__PCILEVEL); } static int flask_hvm_set_isa_irq_level(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_HVM, HVM__IRQLEVEL); + return current_has_perm(d, SECCLASS_HVM, HVM__IRQLEVEL); } static int flask_hvm_set_pci_link_route(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_HVM, HVM__PCIROUTE); + return current_has_perm(d, SECCLASS_HVM, HVM__PCIROUTE); } -static int flask_mem_event(struct domain *d) +static int flask_hvm_inject_msi(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_HVM, HVM__MEM_EVENT); + return current_has_perm(d, SECCLASS_HVM, HVM__SEND_IRQ); } -static int flask_mem_sharing(struct domain *d) +static int flask_mem_event_control(struct domain *d, int mode, int op) { - return domain_has_perm(current->domain, d, SECCLASS_HVM, HVM__MEM_SHARING); + return current_has_perm(d, SECCLASS_HVM, HVM__MEM_EVENT); +} + +static int flask_mem_event_op(struct domain *d, int op) +{ + return current_has_perm(d, SECCLASS_HVM, HVM__MEM_EVENT); +} + +static int flask_mem_sharing_op(struct domain *d, struct domain *cd, int op) +{ + int rc = current_has_perm(cd, SECCLASS_HVM, HVM__MEM_SHARING); + if ( rc ) + return rc; + return domain_has_perm(d, cd, SECCLASS_HVM, HVM__SHARE_MEM); } static int flask_apic(struct domain *d, int cmd) @@ -1141,10 +1201,11 @@ static int flask_apic(struct domain *d, switch ( cmd ) { - case PHYSDEVOP_APIC_READ: + case PHYSDEVOP_apic_read: + case PHYSDEVOP_alloc_irq_vector: perm = XEN__READAPIC; break; - case PHYSDEVOP_APIC_WRITE: + case PHYSDEVOP_apic_write: perm = XEN__WRITEAPIC; break; default: @@ -1154,150 +1215,114 @@ static int flask_apic(struct domain *d, return domain_has_xen(d, perm); } -static int flask_xen_settime(void) +static int flask_platform_op(uint32_t op) { - return domain_has_xen(current->domain, XEN__SETTIME); -} + switch ( op ) + { +#ifdef CONFIG_X86 + /* These operations have their own XSM hooks */ + case XENPF_cpu_online: + case XENPF_cpu_offline: + case XENPF_cpu_hotadd: + case XENPF_mem_hotadd: + return 0; +#endif -static int flask_memtype(uint32_t access) -{ - u32 perm; + case XENPF_settime: + return domain_has_xen(current->domain, XEN__SETTIME); - switch ( access ) - { case XENPF_add_memtype: - perm = XEN__MTRR_ADD; - break; + return domain_has_xen(current->domain, XEN__MTRR_ADD); + case XENPF_del_memtype: - perm = XEN__MTRR_DEL; - break; + return domain_has_xen(current->domain, XEN__MTRR_DEL); + case XENPF_read_memtype: - perm = XEN__MTRR_READ; - break; + return domain_has_xen(current->domain, XEN__MTRR_READ); + + case XENPF_microcode_update: + return domain_has_xen(current->domain, XEN__MICROCODE); + + case XENPF_platform_quirk: + return domain_has_xen(current->domain, XEN__QUIRK); + + case XENPF_firmware_info: + return domain_has_xen(current->domain, XEN__FIRMWARE); + + case XENPF_efi_runtime_call: + return domain_has_xen(current->domain, XEN__FIRMWARE); + + case XENPF_enter_acpi_sleep: + return domain_has_xen(current->domain, XEN__SLEEP); + + case XENPF_change_freq: + return domain_has_xen(current->domain, XEN__FREQUENCY); + + case XENPF_getidletime: + return domain_has_xen(current->domain, XEN__GETIDLE); + + case XENPF_set_processor_pminfo: + case XENPF_core_parking: + return domain_has_xen(current->domain, XEN__PM_OP); + + case XENPF_get_cpu_version: + case XENPF_get_cpuinfo: + return domain_has_xen(current->domain, XEN__GETCPUINFO); + default: + printk("flask_platform_op: Unknown op %d\n", op); return -EPERM; } - - return domain_has_xen(current->domain, perm); -} - -static int flask_microcode(void) -{ - return domain_has_xen(current->domain, XEN__MICROCODE); -} - -static int flask_physinfo(void) -{ - return domain_has_xen(current->domain, XEN__PHYSINFO); -} - -static int flask_platform_quirk(uint32_t quirk) -{ - struct domain_security_struct *dsec; - dsec = current->domain->ssid; - - return avc_has_perm(dsec->sid, SECINITSID_XEN, SECCLASS_XEN, - XEN__QUIRK, NULL); -} - -static int flask_firmware_info(void) -{ - return domain_has_xen(current->domain, XEN__FIRMWARE); -} - -static int flask_efi_call(void) -{ - return domain_has_xen(current->domain, XEN__FIRMWARE); -} - -static int flask_acpi_sleep(void) -{ - return domain_has_xen(current->domain, XEN__SLEEP); -} - -static int flask_change_freq(void) -{ - return domain_has_xen(current->domain, XEN__FREQUENCY); -} - -static int flask_getidletime(void) -{ - return domain_has_xen(current->domain, XEN__GETIDLE); } static int flask_machine_memory_map(void) { - struct domain_security_struct *dsec; - dsec = current->domain->ssid; - - return avc_has_perm(dsec->sid, SECINITSID_XEN, SECCLASS_MMU, - MMU__MEMORYMAP, NULL); + return avc_current_has_perm(SECINITSID_XEN, SECCLASS_MMU, MMU__MEMORYMAP, NULL); } static int flask_domain_memory_map(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_MMU, MMU__MEMORYMAP); + return current_has_perm(d, SECCLASS_MMU, MMU__MEMORYMAP); } -static int domain_memory_perm(struct domain *d, struct domain *f, l1_pgentry_t pte) +static int flask_mmu_update(struct domain *d, struct domain *t, + struct domain *f, uint32_t flags) { int rc = 0; - u32 map_perms = MMU__MAP_READ; - unsigned long fgfn, fmfn; - p2m_type_t p2mt; + u32 map_perms = 0; - if ( !(l1e_get_flags(pte) & _PAGE_PRESENT) ) - return 0; - - if ( l1e_get_flags(pte) & _PAGE_RW ) - map_perms |= MMU__MAP_WRITE; - - fgfn = l1e_get_pfn(pte); - fmfn = mfn_x(get_gfn_query(f, fgfn, &p2mt)); - put_gfn(f, fgfn); - - if ( f->domain_id == DOMID_IO || !mfn_valid(fmfn) ) - { - struct avc_audit_data ad; - struct domain_security_struct *dsec = d->ssid; - u32 fsid; - AVC_AUDIT_DATA_INIT(&ad, MEMORY); - ad.sdom = d; - ad.tdom = f; - ad.memory.pte = pte.l1; - ad.memory.mfn = fmfn; - rc = security_iomem_sid(fmfn, &fsid); - if ( rc ) - return rc; - return avc_has_perm(dsec->sid, fsid, SECCLASS_MMU, map_perms, &ad); - } - - return domain_has_perm(d, f, SECCLASS_MMU, map_perms); -} - -static int flask_mmu_normal_update(struct domain *d, struct domain *t, - struct domain *f, intpte_t fpte) -{ - int rc = 0; - - if (d != t) + if ( t && d != t ) rc = domain_has_perm(d, t, SECCLASS_MMU, MMU__REMOTE_REMAP); if ( rc ) return rc; - return domain_memory_perm(d, f, l1e_from_intpte(fpte)); + if ( flags & XSM_MMU_UPDATE_READ ) + map_perms |= MMU__MAP_READ; + if ( flags & XSM_MMU_UPDATE_WRITE ) + map_perms |= MMU__MAP_WRITE; + if ( flags & XSM_MMU_MACHPHYS_UPDATE ) + map_perms |= MMU__UPDATEMP; + + if ( map_perms ) + rc = domain_has_perm(d, f, SECCLASS_MMU, map_perms); + return rc; } -static int flask_mmu_machphys_update(struct domain *d1, struct domain *d2, - unsigned long mfn) +static int flask_mmuext_op(struct domain *d, struct domain *f) { - return domain_has_perm(d1, d2, SECCLASS_MMU, MMU__UPDATEMP); + return domain_has_perm(d, f, SECCLASS_MMU, MMU__MMUEXT_OP); } static int flask_update_va_mapping(struct domain *d, struct domain *f, l1_pgentry_t pte) { - return domain_memory_perm(d, f, pte); + u32 map_perms = MMU__MAP_READ; + if ( !(l1e_get_flags(pte) & _PAGE_PRESENT) ) + return 0; + if ( l1e_get_flags(pte) & _PAGE_RW ) + map_perms |= MMU__MAP_WRITE; + + return domain_has_perm(d, f, SECCLASS_MMU, map_perms); } static int flask_add_to_physmap(struct domain *d1, struct domain *d2) @@ -1310,45 +1335,37 @@ static int flask_remove_from_physmap(str return domain_has_perm(d1, d2, SECCLASS_MMU, MMU__PHYSMAP); } -static int flask_sendtrigger(struct domain *d) -{ - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__TRIGGER); -} - static int flask_get_device_group(uint32_t machine_bdf) { u32 rsid; int rc = -EPERM; - struct domain_security_struct *ssec = current->domain->ssid; rc = security_device_sid(machine_bdf, &rsid); if ( rc ) return rc; - return avc_has_perm(ssec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__STAT_DEVICE, NULL); + return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__STAT_DEVICE, NULL); } static int flask_test_assign_device(uint32_t machine_bdf) { u32 rsid; int rc = -EPERM; - struct domain_security_struct *ssec = current->domain->ssid; rc = security_device_sid(machine_bdf, &rsid); if ( rc ) return rc; - return rc = avc_has_perm(ssec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__STAT_DEVICE, NULL); + return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__STAT_DEVICE, NULL); } static int flask_assign_device(struct domain *d, uint32_t machine_bdf) { - u32 rsid; + u32 dsid, rsid; int rc = -EPERM; - struct domain_security_struct *ssec, *tsec; struct avc_audit_data ad; - rc = domain_has_perm(current->domain, d, SECCLASS_RESOURCE, RESOURCE__ADD); + rc = current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__ADD); if ( rc ) return rc; @@ -1358,22 +1375,20 @@ static int flask_assign_device(struct do AVC_AUDIT_DATA_INIT(&ad, DEV); ad.device = (unsigned long) machine_bdf; - ssec = current->domain->ssid; - rc = avc_has_perm(ssec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__ADD_DEVICE, &ad); + rc = avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__ADD_DEVICE, &ad); if ( rc ) return rc; - tsec = d->ssid; - return avc_has_perm(tsec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); + dsid = domain_sid(d); + return avc_has_perm(dsid, rsid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); } static int flask_deassign_device(struct domain *d, uint32_t machine_bdf) { u32 rsid; int rc = -EPERM; - struct domain_security_struct *ssec = current->domain->ssid; - rc = domain_has_perm(current->domain, d, SECCLASS_RESOURCE, RESOURCE__REMOVE); + rc = current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__REMOVE); if ( rc ) return rc; @@ -1381,18 +1396,17 @@ static int flask_deassign_device(struct if ( rc ) return rc; - return rc = avc_has_perm(ssec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__REMOVE_DEVICE, NULL); + return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__REMOVE_DEVICE, NULL); } static int flask_bind_pt_irq (struct domain *d, struct xen_domctl_bind_pt_irq *bind) { - u32 rsid; + u32 dsid, rsid; int rc = -EPERM; int irq; - struct domain_security_struct *ssec, *tsec; struct avc_audit_data ad; - rc = domain_has_perm(current->domain, d, SECCLASS_RESOURCE, RESOURCE__ADD); + rc = current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__ADD); if ( rc ) return rc; @@ -1402,61 +1416,17 @@ static int flask_bind_pt_irq (struct dom if ( rc ) return rc; - ssec = current->domain->ssid; - rc = avc_has_perm(ssec->sid, rsid, SECCLASS_HVM, HVM__BIND_IRQ, &ad); + rc = avc_current_has_perm(rsid, SECCLASS_HVM, HVM__BIND_IRQ, &ad); if ( rc ) return rc; - tsec = d->ssid; - return avc_has_perm(tsec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); + dsid = domain_sid(d); + return avc_has_perm(dsid, rsid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); } static int flask_unbind_pt_irq (struct domain *d, struct xen_domctl_bind_pt_irq *bind) { - return domain_has_perm(current->domain, d, SECCLASS_RESOURCE, RESOURCE__REMOVE); -} - -static int flask_pin_mem_cacheattr (struct domain *d) -{ - return domain_has_perm(current->domain, d, SECCLASS_HVM, HVM__CACHEATTR); -} - -static int flask_ext_vcpucontext (struct domain *d, uint32_t cmd) -{ - u32 perm; - - switch ( cmd ) - { - case XEN_DOMCTL_set_ext_vcpucontext: - perm = DOMAIN__SETEXTVCPUCONTEXT; - break; - case XEN_DOMCTL_get_ext_vcpucontext: - perm = DOMAIN__GETEXTVCPUCONTEXT; - break; - default: - return -EPERM; - } - - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, perm); -} - -static int flask_vcpuextstate (struct domain *d, uint32_t cmd) -{ - u32 perm; - - switch ( cmd ) - { - case XEN_DOMCTL_setvcpuextstate: - perm = DOMAIN__SETVCPUEXTSTATE; - break; - case XEN_DOMCTL_getvcpuextstate: - perm = DOMAIN__GETVCPUEXTSTATE; - break; - default: - return -EPERM; - } - - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, perm); + return current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__REMOVE); } #endif @@ -1464,35 +1434,14 @@ long do_flask_op(XEN_GUEST_HANDLE_PARAM( static struct xsm_operations flask_ops = { .security_domaininfo = flask_security_domaininfo, - .setvcpucontext = flask_setvcpucontext, - .pausedomain = flask_pausedomain, - .unpausedomain = flask_unpausedomain, - .resumedomain = flask_resumedomain, .domain_create = flask_domain_create, - .max_vcpus = flask_max_vcpus, - .destroydomain = flask_destroydomain, - .vcpuaffinity = flask_vcpuaffinity, - .scheduler = flask_scheduler, .getdomaininfo = flask_getdomaininfo, - .getvcpucontext = flask_getvcpucontext, - .getvcpuinfo = flask_getvcpuinfo, - .domain_settime = flask_domain_settime, + .domctl_scheduler_op = flask_domctl_scheduler_op, + .sysctl_scheduler_op = flask_sysctl_scheduler_op, .set_target = flask_set_target, .domctl = flask_domctl, - .set_virq_handler = flask_set_virq_handler, - .tbufcontrol = flask_tbufcontrol, + .sysctl = flask_sysctl, .readconsole = flask_readconsole, - .sched_id = flask_sched_id, - .setdomainmaxmem = flask_setdomainmaxmem, - .setdomainhandle = flask_setdomainhandle, - .setdebugging = flask_setdebugging, - .perfcontrol = flask_perfcontrol, - .debug_keys = flask_debug_keys, - .getcpuinfo = flask_getcpuinfo, - .availheap = flask_availheap, - .get_pmstat = flask_get_pmstat, - .setpminfo = flask_setpminfo, - .pm_op = flask_pm_op, .do_mca = flask_do_mca, .evtchn_unbound = flask_evtchn_unbound, @@ -1517,6 +1466,7 @@ static struct xsm_operations flask_ops = .get_pod_target = flask_get_pod_target, .set_pod_target = flask_set_pod_target, + .memory_exchange = flask_memory_exchange, .memory_adjust_reservation = flask_memory_adjust_reservation, .memory_stat_reservation = flask_memory_stat_reservation, .memory_pin_page = flask_memory_pin_page, @@ -1534,6 +1484,7 @@ static struct xsm_operations flask_ops = .unmap_domain_pirq = flask_unmap_domain_pirq, .irq_permission = flask_irq_permission, .iomem_permission = flask_iomem_permission, + .iomem_mapping = flask_iomem_mapping, .pci_config_permission = flask_pci_config_permission, .resource_plug_core = flask_resource_plug_core, @@ -1545,54 +1496,38 @@ static struct xsm_operations flask_ops = .resource_setup_misc = flask_resource_setup_misc, .page_offline = flask_page_offline, - .lockprof = flask_lockprof, - .cpupool_op = flask_cpupool_op, - .sched_op = flask_sched_op, + .tmem_op = flask_tmem_op, + .tmem_control = flask_tmem_control, .do_xsm_op = do_flask_op, #ifdef CONFIG_X86 .shadow_control = flask_shadow_control, - .getpageframeinfo = flask_getpageframeinfo, - .getmemlist = flask_getmemlist, - .hypercall_init = flask_hypercall_init, - .hvmcontext = flask_hvmcontext, - .address_size = flask_address_size, .hvm_param = flask_hvm_param, .hvm_set_pci_intx_level = flask_hvm_set_pci_intx_level, .hvm_set_isa_irq_level = flask_hvm_set_isa_irq_level, .hvm_set_pci_link_route = flask_hvm_set_pci_link_route, - .mem_event = flask_mem_event, - .mem_sharing = flask_mem_sharing, + .hvm_inject_msi = flask_hvm_inject_msi, + .mem_event_control = flask_mem_event_control, + .mem_event_op = flask_mem_event_op, + .mem_sharing_op = flask_mem_sharing_op, .apic = flask_apic, - .xen_settime = flask_xen_settime, - .memtype = flask_memtype, - .microcode = flask_microcode, - .physinfo = flask_physinfo, - .platform_quirk = flask_platform_quirk, - .firmware_info = flask_firmware_info, - .efi_call = flask_efi_call, - .acpi_sleep = flask_acpi_sleep, - .change_freq = flask_change_freq, - .getidletime = flask_getidletime, + .platform_op = flask_platform_op, .machine_memory_map = flask_machine_memory_map, .domain_memory_map = flask_domain_memory_map, - .mmu_normal_update = flask_mmu_normal_update, - .mmu_machphys_update = flask_mmu_machphys_update, + .mmu_update = flask_mmu_update, + .mmuext_op = flask_mmuext_op, .update_va_mapping = flask_update_va_mapping, .add_to_physmap = flask_add_to_physmap, .remove_from_physmap = flask_remove_from_physmap, - .sendtrigger = flask_sendtrigger, .get_device_group = flask_get_device_group, .test_assign_device = flask_test_assign_device, .assign_device = flask_assign_device, .deassign_device = flask_deassign_device, .bind_pt_irq = flask_bind_pt_irq, .unbind_pt_irq = flask_unbind_pt_irq, - .pin_mem_cacheattr = flask_pin_mem_cacheattr, - .ext_vcpucontext = flask_ext_vcpucontext, - .vcpuextstate = flask_vcpuextstate, .ioport_permission = flask_ioport_permission, + .ioport_mapping = flask_ioport_mapping, #endif }; diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/xsm/flask/include/objsec.h --- a/xen/xsm/flask/include/objsec.h Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/xsm/flask/include/objsec.h Fri Jan 11 12:23:39 2013 +0000 @@ -19,6 +19,8 @@ struct domain_security_struct { u32 sid; /* current SID */ + u32 self_sid; /* SID for target when operating on DOMID_SELF */ + u32 target_sid; /* SID for device model target domain */ }; struct evtchn_security_struct { diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/xsm/flask/policy/access_vectors --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/xen/xsm/flask/policy/access_vectors Fri Jan 11 12:23:39 2013 +0000 @@ -0,0 +1,436 @@ +# +# Define the access vectors. +# +# class class_name { permission_name ... } + +# Class xen consists of dom0-only operations dealing with the hypervisor itself. +# Unless otherwise specified, the source is the domain executing the hypercall, +# and the target is the xen initial sid (type xen_t). +class xen +{ +# XENPF_settime + settime +# XEN_SYSCTL_tbuf_op + tbufcontrol +# CONSOLEIO_read, XEN_SYSCTL_readconsole + readconsole +# XEN_SYSCTL_readconsole with clear=1 + clearconsole +# XEN_SYSCTL_perfc_op + perfcontrol +# XENPF_add_memtype + mtrr_add +# XENPF_del_memtype + mtrr_del +# XENPF_read_memtype + mtrr_read +# XENPF_microcode_update + microcode +# XEN_SYSCTL_physinfo, XEN_SYSCTL_topologyinfo, XEN_SYSCTL_numainfo + physinfo +# XENPF_platform_quirk + quirk +# CONSOLEIO_write + writeconsole +# PHYSDEVOP_apic_read, PHYSDEVOP_alloc_irq_vector + readapic +# PHYSDEVOP_apic_write + writeapic +# Most XENOPROF_* + privprofile +# XENOPROF_{init,enable_virq,disable_virq,get_buffer} + nonprivprofile +# kexec hypercall + kexec +# XENPF_firmware_info, XENPF_efi_runtime_call + firmware +# XENPF_enter_acpi_sleep + sleep +# XENPF_change_freq + frequency +# XENPF_getidletime + getidle +# XEN_SYSCTL_debug_keys + debug +# XEN_SYSCTL_getcpuinfo, XENPF_get_cpu_version, XENPF_get_cpuinfo + getcpuinfo +# XEN_SYSCTL_availheap + heap +# XEN_SYSCTL_get_pmstat, XEN_SYSCTL_pm_op, XENPF_set_processor_pminfo, +# XENPF_core_parking + pm_op +# mca hypercall + mca_op +# XEN_SYSCTL_lockprof_op + lockprof +# XEN_SYSCTL_cpupool_op + cpupool_op +# tmem hypercall (any access) + tmem_op +# TMEM_CONTROL command of tmem hypercall + tmem_control +# XEN_SYSCTL_scheduler_op with XEN_DOMCTL_SCHEDOP_getinfo, XEN_SYSCTL_sched_id + getscheduler +# XEN_SYSCTL_scheduler_op with XEN_DOMCTL_SCHEDOP_putinfo + setscheduler +} + +# Classes domain and domain2 consist of operations that a domain performs on +# another domain or on itself. Unless otherwise specified, the source is the +# domain executing the hypercall, and the target is the domain being operated on +# (which may result in a _self or _target type). +# +# transitions in class domain are used to produce the _self and _target types; +# see docs/misc/xsm-flask.txt and the example XSM policy for details. +class domain +{ +# XEN_DOMCTL_setvcpucontext + setvcpucontext +# XEN_DOMCTL_pausedomain + pause +# XEN_DOMCTL_unpausedomain + unpause +# XEN_DOMCTL_resumedomain + resume +# XEN_DOMCTL_createdomain + create +# checked in FLASK_RELABEL_DOMAIN for any relabel operation: +# source = the old label of the domain +# target = the new label of the domain +# see also the domain2 relabel{from,to,self} permissions + transition +# XEN_DOMCTL_max_vcpus + max_vcpus +# XEN_DOMCTL_destroydomain + destroy +# XEN_DOMCTL_setvcpuaffinity + setvcpuaffinity +# XEN_DOMCTL_getvcpuaffinity + getvcpuaffinity +# XEN_DOMCTL_scheduler_op with XEN_DOMCTL_SCHEDOP_getinfo + getscheduler +# XEN_DOMCTL_getdomaininfo, XEN_SYSCTL_getdomaininfolist + getdomaininfo +# XEN_DOMCTL_getvcpuinfo + getvcpuinfo +# XEN_DOMCTL_getvcpucontext + getvcpucontext +# XEN_DOMCTL_max_mem + setdomainmaxmem +# XEN_DOMCTL_setdomainhandle + setdomainhandle +# XEN_DOMCTL_setdebugging + setdebugging +# XEN_DOMCTL_hypercall_init + hypercall +# XEN_DOMCTL_settimeoffset + settime +# checked in XEN_DOMCTL_set_target: +# source = the new device model domain +# target = the new target domain +# see also the domain2 make_priv_for and set_as_target checks + set_target +# SCHEDOP_remote_shutdown + shutdown +# XEN_DOMCTL_set{,_machine}_address_size + setaddrsize +# XEN_DOMCTL_get{,_machine}_address_size + getaddrsize +# XEN_DOMCTL_sendtrigger + trigger +# XEN_DOMCTL_get_ext_vcpucontext + getextvcpucontext +# XEN_DOMCTL_set_ext_vcpucontext + setextvcpucontext +# XEN_DOMCTL_getvcpuextstate + getvcpuextstate +# XEN_DOMCTL_setvcpuextstate + setvcpuextstate +# XENMEM_get_pod_target + getpodtarget +# XENMEM_set_pod_target + setpodtarget +# XEN_DOMCTL_subscribe, XEN_DOMCTL_disable_migrate, +# XEN_DOMCTL_suppress_spurious_page_faults + set_misc_info +# XEN_DOMCTL_set_virq_handler + set_virq_handler +} + +# This is a continuation of class domain, since only 32 permissions can be +# defined per class +class domain2 +{ +# checked in FLASK_RELABEL_DOMAIN with non-DOMID_SELF: +# source = the domain making the hypercall +# target = the old label of the domain being relabeled + relabelfrom +# checked in FLASK_RELABEL_DOMAIN with non-DOMID_SELF: +# source = the domain making the hypercall +# target = the new label of the domain being relabeled + relabelto +# checked in FLASK_RELABEL_DOMAIN, only with DOMID_SELF: +# source = the old label of the domain +# target = the new label of the domain +# see also domain__transition + relabelself +# checked in XEN_DOMCTL_set_target: +# source = the domain making the hypercall +# target = the new device model domain + make_priv_for +# checked in XEN_DOMCTL_set_target: +# source = the domain making the hypercall +# target = the new target domain + set_as_target +# XEN_DOMCTL_set_cpuid + set_cpuid +# XEN_DOMCTL_gettscinfo + gettsc +# XEN_DOMCTL_settscinfo + settsc +# XEN_DOMCTL_scheduler_op with XEN_DOMCTL_SCHEDOP_putinfo + setscheduler +} + +# Similar to class domain, but primarily contains domctls related to HVM domains +class hvm +{ +# XEN_DOMCTL_sethvmcontext + sethvmc +# XEN_DOMCTL_gethvmcontext, XEN_DOMCTL_gethvmcontext_partial + gethvmc +# HVMOP_set_param + setparam +# HVMOP_get_param + getparam +# HVMOP_set_pci_intx_level (also needs hvmctl) + pcilevel +# HVMOP_set_isa_irq_level + irqlevel +# HVMOP_set_pci_link_route + pciroute + bind_irq +# XEN_DOMCTL_pin_mem_cacheattr + cacheattr +# HVMOP_track_dirty_vram + trackdirtyvram +# HVMOP_modified_memory, HVMOP_get_mem_type, HVMOP_set_mem_type, +# HVMOP_set_mem_access, HVMOP_get_mem_access, HVMOP_pagetable_dying, +# HVMOP_inject_trap + hvmctl +# XEN_DOMCTL_set_access_required + mem_event +# XEN_DOMCTL_mem_sharing_op and XENMEM_sharing_op_{share,add_physmap} with: +# source = the domain making the hypercall +# target = domain whose memory is being shared + mem_sharing +# XEN_DOMCTL_audit_p2m + audit_p2m +# HVMOP_inject_msi + send_irq +# checked in XENMEM_sharing_op_{share,add_physmap} with: +# source = domain whose memory is being shared +# target = client domain + share_mem +} + +# Class event describes event channels. Interdomain event channels have their +# own security label which is computed using a type transition between the +# source and target domains. Each endpoint has its own label, and the +# permission checks must pass on both endpoints for an event channel to be +# established. +class event +{ +# when creating an interdomain event channel endpoint: +# source = event channel label +# target = remote domain the event channel binds to. This may be a _self or +# _target label if the endpoints are related as such. +# This permission is checked when creating an unbound event channel and when the +# interdomain event channel is established. + bind +# EVTCHNOP_send: +# source = domain sending the event +# target = event channel label + send +# EVTCHNOP_status; same as _send + status +# when creating an interdomain event channel endpoint: +# source = the domain creating the channel (which might not be an endpoint) +# target = event channel label + create +# EVTCHNOP_reset: +# source = domain making the hypercall +# target = domain whose event channels are being reset + reset +} + +# Class grant describes pages shared by grant mappings. Pages use the security +# label of their owning domain. +class grant +{ +# GNTTABOP_map_grant_ref with any access + map_read +# GNTTABOP_map_grant_ref with write access + map_write +# GNTTABOP_unmap_grant_ref + unmap +# GNTTABOP_transfer + transfer +# GNTTABOP_setup_table, GNTTABOP_get_status_frames (target is commonly _self) + setup +# GNTTABOP_copy + copy +# GNTTABOP_query_size, GNTTABOP_get_version + query +} + +# Class mmu describes pages of memory not accessed using grants. Permissions +# are checked using the domain ID used to access the page - the most common case +# is a domain's own ID (the _self label). Using DOMID_IO in the map command to +# restrict the mapping to IO memory will result in the target being domio_t, and +# migration uses read-only mappings with a target of DOMID_XEN (domxen_t). +class mmu +{ +# checked when using mmu_update to map a page readably +# source = domain making the hypercall (which might not own the page table) +# target = domain whose pages are being mapped + map_read +# checked when using mmu_update to map a page writably +# source = domain making the hypercall +# target = domain whose pages are being mapped + map_write +# XEN_DOMCTL_getpageframeinfo* + pageinfo +# XEN_DOMCTL_getmemlist + pagelist +# XENMEM_{increase,decrease}_reservation, XENMEM_populate_physmap + adjust +# XENMEM_{current,maximum}_reservation, XENMEM_maximum_gpfn + stat +# mmu_update MMU_MACHPHYS_UPDATE + updatemp +# XENMEM_add_to_physmap, XENMEM_remove_from_physmap + physmap +# MMUEXT_PIN_L*_TABLE + pinpage +# XENMEM_machine_memory_map (with target xen_t) +# XENMEM_set_memory_map (with domain target) + memorymap +# checked when using mmu_update to update the page tables of another domain +# source = domain making the hypercall +# target = domain whose page tables are being modified + remote_remap +# the mmuext_op hypercall acting on the target domain + mmuext_op +# XENMEM_exchange: +# source = domain making the hypercall +# target = domain whose pages are being exchanged + exchange +} + +# control of the paging_domctl split by subop +class shadow +{ +# XEN_DOMCTL_SHADOW_OP_OFF + disable +# enable, get/set allocation + enable +# enable, read, and clean log + logdirty +} + +# Class resource is used to describe the resources used in hardware device +# passthrough. Resources include: hardware IRQs, MMIO regions, x86 I/O ports, +# and PCI devices; see docs/misc/xsm-flask.txt for how to label them. +# +# Access to the legacy PCI configuration space on x86 via port 0xCF8/CFC +# requires IS_PRIV, even with FLASK. Writes to the BARs are checked as "setup", +# while other reads/writes are "use"; the target is the PCI device whose +# configuration space is being modified. Accesses to the MMIO-based PCI express +# configuration space described by the ACPI MCFG table are controlled as MMIO +# accesses, and cannot special-case BAR writes. +# +# The {add,remove}_{irq,ioport,iomem,device} permissions use: +# source = domain making the hypercall +# target = resource's security label +class resource +{ +# checked when adding a resource to a domain: +# source = domain making the hypercall +# target = domain which will have access to the resource + add +# checked when removing a resource from a domain: +# source = domain making the hypercall +# target = domain which will no longer have access to the resource + remove +# checked when adding a resource to a domain: +# source = domain which will have access to the resource +# target = resource's security label +# also checked when using some core Xen devices (target xen_t) + use +# PHYSDEVOP_map_pirq and ioapic writes for dom0 +# For GSI interrupts, the IRQ's label is indexed by the IRQ number +# For MSI interrupts, the label of the PCI device is used + add_irq +# PHYSDEVOP_unmap_pirq: +# This is currently only checked for GSI interrupts + remove_irq +# XEN_DOMCTL_ioport_permission, XEN_DOMCTL_ioport_mapping + add_ioport + remove_ioport +# XEN_DOMCTL_iomem_permission, XEN_DOMCTL_memory_mapping + add_iomem + remove_iomem +# XEN_DOMCTL_get_device_group, XEN_DOMCTL_test_assign_device: +# source = domain making the hypercall +# target = PCI device being queried + stat_device +# XEN_DOMCTL_assign_device + add_device +# XEN_DOMCTL_deassign_device + remove_device +# checked for PCI hot and cold-plug hypercalls, with target as the PCI device +# checked for CPU and memory hotplug with xen_t as the target + plug +# checked for PCI hot-unplug hypercalls, with target as the PCI device +# checked for CPU offlining with xen_t as the target + unplug +# checked for PHYSDEVOP_restore_msi* (target PCI device) +# checked for PHYSDEVOP_setup_gsi (target IRQ) +# checked for PHYSDEVOP_pci_mmcfg_reserved (target xen_t) + setup +} + +# Class security describes the FLASK security server itself; these operations +# are accessed using the xsm_op hypercall. The source is the domain invoking +# the hypercall, and the target is security_t. +# +# Any domain with access to load_policy or setenforce must be trusted, since it +# can bypass the rest of the security policy. +class security +{ +# use the security server to compute an access check + compute_av +# use the security server to compute a type transition + compute_create +# use the security server to compute member selection + compute_member +# sid <-> context string conversions + check_context +# allow loading a new XSM/FLASK policy + load_policy +# use the security server to compute an object relabel + compute_relabel +# use the security server to list the SIDs reachable by a given user + compute_user +# allow switching between enforcing and permissive mode + setenforce +# allow changing policy booleans + setbool +# allow changing security server configuration parmeters + setsecparam +# add ocontext label definitions for resources + add_ocontext +# remove ocontext label definitions for resources + del_ocontext +} diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/xsm/flask/policy/initial_sids --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/xen/xsm/flask/policy/initial_sids Fri Jan 11 12:23:39 2013 +0000 @@ -0,0 +1,16 @@ +# FLASK + +# +# Define initial security identifiers +# +sid xen +sid dom0 +sid domio +sid domxen +sid unlabeled +sid security +sid ioport +sid iomem +sid irq +sid device +# FLASK diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/xsm/flask/policy/mkaccess_vector.sh --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/xen/xsm/flask/policy/mkaccess_vector.sh Fri Jan 11 12:23:39 2013 +0000 @@ -0,0 +1,138 @@ +#!/bin/sh - +# + +# FLASK + +set -e + +awk=$1 +shift + +# output files +av_permissions="include/av_permissions.h" +av_perm_to_string="include/av_perm_to_string.h" + +cat $* | $awk " +BEGIN { + outfile = \"$av_permissions\" + avpermfile = \"$av_perm_to_string\" + "' + nextstate = "COMMON_OR_AV"; + printf("/* This file is automatically generated. Do not edit. */\n") > outfile; + printf("/* This file is automatically generated. Do not edit. */\n") > avpermfile; +; + } +/^[ \t]*#/ { + next; + } +$1 == "class" { + if (nextstate != "COMMON_OR_AV" && + nextstate != "CLASS_OR_CLASS-OPENBRACKET") + { + printf("Parse error: Unexpected class definition on line %d\n", NR); + next; + } + + tclass = $2; + + if (tclass in av_defined) + { + printf("Duplicate access vector definition for %s on line %d\n", tclass, NR); + next; + } + av_defined[tclass] = 1; + + permission = 1; + + nextstate = "INHERITS_OR_CLASS-OPENBRACKET"; + next; + } +$1 == "{" { + if (nextstate != "INHERITS_OR_CLASS-OPENBRACKET" && + nextstate != "CLASS_OR_CLASS-OPENBRACKET" && + nextstate != "COMMON-OPENBRACKET") + { + printf("Parse error: Unexpected { on line %d\n", NR); + next; + } + + if (nextstate == "INHERITS_OR_CLASS-OPENBRACKET") + nextstate = "CLASS-CLOSEBRACKET"; + + if (nextstate == "CLASS_OR_CLASS-OPENBRACKET") + nextstate = "CLASS-CLOSEBRACKET"; + + if (nextstate == "COMMON-OPENBRACKET") + nextstate = "COMMON-CLOSEBRACKET"; + } +/[a-z][a-z_]*/ { + if (nextstate != "COMMON-CLOSEBRACKET" && + nextstate != "CLASS-CLOSEBRACKET") + { + printf("Parse error: Unexpected symbol %s on line %d\n", $1, NR); + next; + } + + if (nextstate == "COMMON-CLOSEBRACKET") + { + if ((common_name,$1) in common_perms) + { + printf("Duplicate permission %s for common %s on line %d.\n", $1, common_name, NR); + next; + } + + common_perms[common_name,$1] = permission; + + printf("#define COMMON_%s__%s", toupper(common_name), toupper($1)) > outfile; + + printf(" S_(\"%s\")\n", $1) > cpermfile; + } + else + { + if ((tclass,$1) in av_perms) + { + printf("Duplicate permission %s for %s on line %d.\n", $1, tclass, NR); + next; + } + + av_perms[tclass,$1] = permission; + + printf("#define %s__%s", toupper(tclass), toupper($1)) > outfile; + + printf(" S_(SECCLASS_%s, %s__%s, \"%s\")\n", toupper(tclass), toupper(tclass), toupper($1), $1) > avpermfile; + } + + spaces = 40 - (length($1) + length(tclass)); + if (spaces < 1) + spaces = 1; + + for (i = 0; i < spaces; i++) + printf(" ") > outfile; + printf("0x%08xUL\n", permission) > outfile; + permission = permission * 2; + } +$1 == "}" { + if (nextstate != "CLASS-CLOSEBRACKET" && + nextstate != "COMMON-CLOSEBRACKET") + { + printf("Parse error: Unexpected } on line %d\n", NR); + next; + } + + if (nextstate == "COMMON-CLOSEBRACKET") + { + common_base[common_name] = permission; + printf("TE_(common_%s_perm_to_string)\n\n", common_name) > cpermfile; + } + + printf("\n") > outfile; + + nextstate = "COMMON_OR_AV"; + } +END { + if (nextstate != "COMMON_OR_AV" && nextstate != "CLASS_OR_CLASS-OPENBRACKET") + printf("Parse error: Unexpected end of file\n"); + + }' + +# FLASK diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/xsm/flask/policy/mkflask.sh --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/xen/xsm/flask/policy/mkflask.sh Fri Jan 11 12:23:39 2013 +0000 @@ -0,0 +1,95 @@ +#!/bin/sh - +# + +# FLASK + +set -e + +awk=$1 +shift 1 + +# output file +output_file="include/flask.h" +debug_file="include/class_to_string.h" +debug_file2="include/initial_sid_to_string.h" + +cat $* | $awk " +BEGIN { + outfile = \"$output_file\" + debugfile = \"$debug_file\" + debugfile2 = \"$debug_file2\" + "' + nextstate = "CLASS"; + + printf("/* This file is automatically generated. Do not edit. */\n") > outfile; + + printf("#ifndef _SELINUX_FLASK_H_\n") > outfile; + printf("#define _SELINUX_FLASK_H_\n") > outfile; + printf("\n/*\n * Security object class definitions\n */\n") > outfile; + printf("/* This file is automatically generated. Do not edit. */\n") > debugfile; + printf("/*\n * Security object class definitions\n */\n") > debugfile; + printf(" S_(\"null\")\n") > debugfile; + printf("/* This file is automatically generated. Do not edit. */\n") > debugfile2; + printf("static char *initial_sid_to_string[] =\n{\n") > debugfile2; + printf(" \"null\",\n") > debugfile2; + } +/^[ \t]*#/ { + next; + } +$1 == "class" { + if (nextstate != "CLASS") + { + printf("Parse error: Unexpected class definition on line %d\n", NR); + next; + } + + if ($2 in class_found) + { + printf("Duplicate class definition for %s on line %d.\n", $2, NR); + next; + } + class_found[$2] = 1; + + class_value++; + + printf("#define SECCLASS_%s", toupper($2)) > outfile; + for (i = 0; i < 40 - length($2); i++) + printf(" ") > outfile; + printf("%d\n", class_value) > outfile; + + printf(" S_(\"%s\")\n", $2) > debugfile; + } +$1 == "sid" { + if (nextstate == "CLASS") + { + nextstate = "SID"; + printf("\n/*\n * Security identifier indices for initial entities\n */\n") > outfile; + } + + if ($2 in sid_found) + { + printf("Duplicate SID definition for %s on line %d.\n", $2, NR); + next; + } + sid_found[$2] = 1; + sid_value++; + + printf("#define SECINITSID_%s", toupper($2)) > outfile; + for (i = 0; i < 37 - length($2); i++) + printf(" ") > outfile; + printf("%d\n", sid_value) > outfile; + printf(" \"%s\",\n", $2) > debugfile2; + } +END { + if (nextstate != "SID") + printf("Parse error: Unexpected end of file\n"); + + printf("\n#define SECINITSID_NUM") > outfile; + for (i = 0; i < 34; i++) + printf(" ") > outfile; + printf("%d\n", sid_value) > outfile; + printf("\n#endif\n") > outfile; + printf("};\n\n") > debugfile2; + }' + +# FLASK diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/xsm/flask/policy/security_classes --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/xen/xsm/flask/policy/security_classes Fri Jan 11 12:23:39 2013 +0000 @@ -0,0 +1,21 @@ +# FLASK + +# +# Define the security object classes +# + +# Classes marked as userspace are classes +# for userspace object managers + +class xen +class domain +class domain2 +class hvm +class mmu +class resource +class shadow +class event +class grant +class security + +# FLASK _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:36 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:36 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGZ-0007h3-VE; Wed, 16 Jan 2013 08:22:36 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGX-0007bm-J0 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:34 +0000 Received: from [85.158.137.99:13047] by server-12.bemta-3.messagelabs.com id 1A/18-22577-84366F05; Wed, 16 Jan 2013 08:22:32 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-7.tower-217.messagelabs.com!1358324543!12344789!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=2.5 required=7.0 tests=BODY_RANDOM_LONG,LONGWORDS X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 25946 invoked from network); 16 Jan 2013 08:22:24 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-7.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:24 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGN-0003sA-1n for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:23 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGM-0000eH-Tc for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:23 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:22 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] merge X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1357907019 0 # Node ID f54b7b1f65eaa222e2d251ea741da6dcb7adbebe # Parent 0b9dfd067b4259e2cb3285f279f369dd7bd2e032 # Parent fe115341b816ed303df06708dded2b58bf0d5f51 merge --- diff -r 0b9dfd067b42 -r f54b7b1f65ea docs/misc/xsm-flask.txt --- a/docs/misc/xsm-flask.txt Fri Jan 11 12:22:30 2013 +0000 +++ b/docs/misc/xsm-flask.txt Fri Jan 11 12:23:39 2013 +0000 @@ -68,9 +68,43 @@ HVM domains with stubdomain device model - dm_dom_t is the device model for a domain with type domHVM_t One disadvantage of using type enforcement to enforce isolation is that a new -type is needed for each group of domains. In addition, it is not possible to -allow isolated_domU_t cannot to create loopback event channels without allowing -two domains of type isolated_domU_t to communicate with one another. +type is needed for each group of domains. The user field can be used to address +this for the most common case of groups that can communicate internally but not +externally; see "Users and roles" below. + +Type transitions +---------------- + +Xen defines a number of operations such as memory mapping that are necessary for +a domain to perform on itself, but are also undesirable to allow a domain to +perform on every other domain of the same label. While it is possible to address +this by only creating one domain per type, this solution significantly limits +the flexibility of the type system. Another method to address this issue is to +duplicate the permission names for every operation that can be performed on the +current domain or on other domains; however, this significantly increases the +necessary number of permissions and complicates the XSM hooks. Instead, this is +addressed by allowing a distinct type to be used for a domain's access to +itself. The same applies for a device model domain's access to its designated +target, allowing the IS_PRIV_FOR checks used in Xen's DAC model to be +implemented in FLASK. + +Upon domain creation (or relabel), a type transition is computed using the +domain's label as the source and target. The result of this computation is used +as the target when the domain accesses itself. In the example policy, this +computed type is the result of appending _self to a domain's type: domU_t_self +for domU_t. If no type transition rule exists, the domain will continue to use +its own label for both the source and target. An AVC message will look like: + + scontext=system_u:system_r:domU_t tcontext=system_u:system_r:domU_t_self + +A similar type transition is done when a device model domain is associated with +its target using the set_target operation. The transition is computed with the +target domain as the source and the device model domain as the target: this +ordering was chosen in order to preserve the original label for the target when +no type transition rule exists. In the example policy, these computed types are +the result of appending _target to the domain. + +Type transitions are also used to compute the labels of event channels. Users and roles --------------- @@ -84,7 +118,8 @@ the customer_1 user. Access control rules involving users and roles are defined in the policy constraints file (tools/flask/policy/policy/constraints). The example policy provides constraints that prevent different users from communicating using -grants or event channels, while still allowing communication with dom0. +grants or event channels, while still allowing communication with the system_u +user where dom0 resides. Resource Policy --------------- diff -r 0b9dfd067b42 -r f54b7b1f65ea tools/flask/policy/policy/flask/access_vectors --- a/tools/flask/policy/policy/flask/access_vectors Fri Jan 11 12:22:30 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,178 +0,0 @@ -# -# Define the access vectors. -# -# class class_name { permission_name ... } - -class xen -{ - scheduler - settime - tbufcontrol - readconsole - clearconsole - perfcontrol - mtrr_add - mtrr_del - mtrr_read - microcode - physinfo - quirk - writeconsole - readapic - writeapic - privprofile - nonprivprofile - kexec - firmware - sleep - frequency - getidle - debug - getcpuinfo - heap - pm_op - mca_op - lockprof - cpupool_op - sched_op -} - -class domain -{ - setvcpucontext - pause - unpause - resume - create - transition - max_vcpus - destroy - setvcpuaffinity - getvcpuaffinity - scheduler - getdomaininfo - getvcpuinfo - getvcpucontext - setdomainmaxmem - setdomainhandle - setdebugging - hypercall - settime - set_target - shutdown - setaddrsize - getaddrsize - trigger - getextvcpucontext - setextvcpucontext - getvcpuextstate - setvcpuextstate - getpodtarget - setpodtarget - set_misc_info - set_virq_handler -} - -class domain2 -{ - relabelfrom - relabelto - relabelself -} - -class hvm -{ - sethvmc - gethvmc - setparam - getparam - pcilevel - irqlevel - pciroute - bind_irq - cacheattr - trackdirtyvram - hvmctl - mem_event - mem_sharing -} - -class event -{ - bind - send - status - notify - create - reset -} - -class grant -{ - map_read - map_write - unmap - transfer - setup - copy - query -} - -class mmu -{ - map_read - map_write - pageinfo - pagelist - adjust - stat - translategp - updatemp - physmap - pinpage - mfnlist - memorymap - remote_remap -} - -class shadow -{ - disable - enable - logdirty -} - -class resource -{ - add - remove - use - add_irq - remove_irq - add_ioport - remove_ioport - add_iomem - remove_iomem - stat_device - add_device - remove_device - plug - unplug - setup -} - -class security -{ - compute_av - compute_create - compute_member - check_context - load_policy - compute_relabel - compute_user - setenforce - setbool - setsecparam - add_ocontext - del_ocontext -} diff -r 0b9dfd067b42 -r f54b7b1f65ea tools/flask/policy/policy/flask/initial_sids --- a/tools/flask/policy/policy/flask/initial_sids Fri Jan 11 12:22:30 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,16 +0,0 @@ -# FLASK - -# -# Define initial security identifiers -# -sid xen -sid dom0 -sid domio -sid domxen -sid unlabeled -sid security -sid ioport -sid iomem -sid irq -sid device -# FLASK diff -r 0b9dfd067b42 -r f54b7b1f65ea tools/flask/policy/policy/flask/mkaccess_vector.sh --- a/tools/flask/policy/policy/flask/mkaccess_vector.sh Fri Jan 11 12:22:30 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,138 +0,0 @@ -#!/bin/sh - -# - -# FLASK - -set -e - -awk=$1 -shift - -# output files -av_permissions="include/av_permissions.h" -av_perm_to_string="include/av_perm_to_string.h" - -cat $* | $awk " -BEGIN { - outfile = \"$av_permissions\" - avpermfile = \"$av_perm_to_string\" - "' - nextstate = "COMMON_OR_AV"; - printf("/* This file is automatically generated. Do not edit. */\n") > outfile; - printf("/* This file is automatically generated. Do not edit. */\n") > avpermfile; -; - } -/^[ \t]*#/ { - next; - } -$1 == "class" { - if (nextstate != "COMMON_OR_AV" && - nextstate != "CLASS_OR_CLASS-OPENBRACKET") - { - printf("Parse error: Unexpected class definition on line %d\n", NR); - next; - } - - tclass = $2; - - if (tclass in av_defined) - { - printf("Duplicate access vector definition for %s on line %d\n", tclass, NR); - next; - } - av_defined[tclass] = 1; - - permission = 1; - - nextstate = "INHERITS_OR_CLASS-OPENBRACKET"; - next; - } -$1 == "{" { - if (nextstate != "INHERITS_OR_CLASS-OPENBRACKET" && - nextstate != "CLASS_OR_CLASS-OPENBRACKET" && - nextstate != "COMMON-OPENBRACKET") - { - printf("Parse error: Unexpected { on line %d\n", NR); - next; - } - - if (nextstate == "INHERITS_OR_CLASS-OPENBRACKET") - nextstate = "CLASS-CLOSEBRACKET"; - - if (nextstate == "CLASS_OR_CLASS-OPENBRACKET") - nextstate = "CLASS-CLOSEBRACKET"; - - if (nextstate == "COMMON-OPENBRACKET") - nextstate = "COMMON-CLOSEBRACKET"; - } -/[a-z][a-z_]*/ { - if (nextstate != "COMMON-CLOSEBRACKET" && - nextstate != "CLASS-CLOSEBRACKET") - { - printf("Parse error: Unexpected symbol %s on line %d\n", $1, NR); - next; - } - - if (nextstate == "COMMON-CLOSEBRACKET") - { - if ((common_name,$1) in common_perms) - { - printf("Duplicate permission %s for common %s on line %d.\n", $1, common_name, NR); - next; - } - - common_perms[common_name,$1] = permission; - - printf("#define COMMON_%s__%s", toupper(common_name), toupper($1)) > outfile; - - printf(" S_(\"%s\")\n", $1) > cpermfile; - } - else - { - if ((tclass,$1) in av_perms) - { - printf("Duplicate permission %s for %s on line %d.\n", $1, tclass, NR); - next; - } - - av_perms[tclass,$1] = permission; - - printf("#define %s__%s", toupper(tclass), toupper($1)) > outfile; - - printf(" S_(SECCLASS_%s, %s__%s, \"%s\")\n", toupper(tclass), toupper(tclass), toupper($1), $1) > avpermfile; - } - - spaces = 40 - (length($1) + length(tclass)); - if (spaces < 1) - spaces = 1; - - for (i = 0; i < spaces; i++) - printf(" ") > outfile; - printf("0x%08xUL\n", permission) > outfile; - permission = permission * 2; - } -$1 == "}" { - if (nextstate != "CLASS-CLOSEBRACKET" && - nextstate != "COMMON-CLOSEBRACKET") - { - printf("Parse error: Unexpected } on line %d\n", NR); - next; - } - - if (nextstate == "COMMON-CLOSEBRACKET") - { - common_base[common_name] = permission; - printf("TE_(common_%s_perm_to_string)\n\n", common_name) > cpermfile; - } - - printf("\n") > outfile; - - nextstate = "COMMON_OR_AV"; - } -END { - if (nextstate != "COMMON_OR_AV" && nextstate != "CLASS_OR_CLASS-OPENBRACKET") - printf("Parse error: Unexpected end of file\n"); - - }' - -# FLASK diff -r 0b9dfd067b42 -r f54b7b1f65ea tools/flask/policy/policy/flask/mkflask.sh --- a/tools/flask/policy/policy/flask/mkflask.sh Fri Jan 11 12:22:30 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,95 +0,0 @@ -#!/bin/sh - -# - -# FLASK - -set -e - -awk=$1 -shift 1 - -# output file -output_file="include/flask.h" -debug_file="include/class_to_string.h" -debug_file2="include/initial_sid_to_string.h" - -cat $* | $awk " -BEGIN { - outfile = \"$output_file\" - debugfile = \"$debug_file\" - debugfile2 = \"$debug_file2\" - "' - nextstate = "CLASS"; - - printf("/* This file is automatically generated. Do not edit. */\n") > outfile; - - printf("#ifndef _SELINUX_FLASK_H_\n") > outfile; - printf("#define _SELINUX_FLASK_H_\n") > outfile; - printf("\n/*\n * Security object class definitions\n */\n") > outfile; - printf("/* This file is automatically generated. Do not edit. */\n") > debugfile; - printf("/*\n * Security object class definitions\n */\n") > debugfile; - printf(" S_(\"null\")\n") > debugfile; - printf("/* This file is automatically generated. Do not edit. */\n") > debugfile2; - printf("static char *initial_sid_to_string[] =\n{\n") > debugfile2; - printf(" \"null\",\n") > debugfile2; - } -/^[ \t]*#/ { - next; - } -$1 == "class" { - if (nextstate != "CLASS") - { - printf("Parse error: Unexpected class definition on line %d\n", NR); - next; - } - - if ($2 in class_found) - { - printf("Duplicate class definition for %s on line %d.\n", $2, NR); - next; - } - class_found[$2] = 1; - - class_value++; - - printf("#define SECCLASS_%s", toupper($2)) > outfile; - for (i = 0; i < 40 - length($2); i++) - printf(" ") > outfile; - printf("%d\n", class_value) > outfile; - - printf(" S_(\"%s\")\n", $2) > debugfile; - } -$1 == "sid" { - if (nextstate == "CLASS") - { - nextstate = "SID"; - printf("\n/*\n * Security identifier indices for initial entities\n */\n") > outfile; - } - - if ($2 in sid_found) - { - printf("Duplicate SID definition for %s on line %d.\n", $2, NR); - next; - } - sid_found[$2] = 1; - sid_value++; - - printf("#define SECINITSID_%s", toupper($2)) > outfile; - for (i = 0; i < 37 - length($2); i++) - printf(" ") > outfile; - printf("%d\n", sid_value) > outfile; - printf(" \"%s\",\n", $2) > debugfile2; - } -END { - if (nextstate != "SID") - printf("Parse error: Unexpected end of file\n"); - - printf("\n#define SECINITSID_NUM") > outfile; - for (i = 0; i < 34; i++) - printf(" ") > outfile; - printf("%d\n", sid_value) > outfile; - printf("\n#endif\n") > outfile; - printf("};\n\n") > debugfile2; - }' - -# FLASK diff -r 0b9dfd067b42 -r f54b7b1f65ea tools/flask/policy/policy/flask/security_classes --- a/tools/flask/policy/policy/flask/security_classes Fri Jan 11 12:22:30 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,21 +0,0 @@ -# FLASK - -# -# Define the security object classes -# - -# Classes marked as userspace are classes -# for userspace object managers - -class xen -class domain -class domain2 -class hvm -class mmu -class resource -class shadow -class event -class grant -class security - -# FLASK diff -r 0b9dfd067b42 -r f54b7b1f65ea tools/flask/policy/policy/modules/xen/xen.if --- a/tools/flask/policy/policy/modules/xen/xen.if Fri Jan 11 12:22:30 2013 +0000 +++ b/tools/flask/policy/policy/modules/xen/xen.if Fri Jan 11 12:23:39 2013 +0000 @@ -5,15 +5,35 @@ # Domain creation and setup # ################################################################################ +define(`declare_domain_common', ` + allow $1 $2:grant { query setup }; + allow $1 $2:mmu { adjust physmap map_read map_write stat pinpage updatemp mmuext_op }; + allow $1 $2:hvm { getparam setparam }; +') + # declare_domain(type, attrs...) -# Declare a type as a domain type, and allow basic domain setup +# Declare a domain type, along with associated _self and _channel types +# Allow the domain to perform basic operations on itself define(`declare_domain', ` type $1, domain_type`'ifelse(`$#', `1', `', `,shift($@)'); + type $1_self, domain_type, domain_self_type; + type_transition $1 $1:domain $1_self; type $1_channel, event_type; type_transition $1 domain_type:event $1_channel; - allow $1 $1:grant { query setup }; - allow $1 $1:mmu { adjust physmap map_read map_write stat pinpage }; - allow $1 $1:hvm { getparam setparam }; + declare_domain_common($1, $1_self) +') + +# declare_singleton_domain(type, attrs...) +# Declare a domain type and associated _channel types. +# Note: Because the domain can perform basic operations on itself and any +# other domain of the same type, this constructor should be used for types +# containing at most one domain. This is not enforced by policy. +define(`declare_singleton_domain', ` + type $1, domain_type`'ifelse(`$#', `1', `', `,shift($@)'); + define(`$1_self', `$1') + type $1_channel, event_type; + type_transition $1 domain_type:event $1_channel; + declare_domain_common($1, $1) ') # declare_build_label(type) @@ -27,11 +47,12 @@ define(`declare_build_label', ` define(`create_domain_common', ` allow $1 $2:domain { create max_vcpus setdomainmaxmem setaddrsize getdomaininfo hypercall setvcpucontext setextvcpucontext - scheduler getvcpuinfo getvcpuextstate getaddrsize + getscheduler getvcpuinfo getvcpuextstate getaddrsize getvcpuaffinity setvcpuaffinity }; + allow $1 $2:domain2 { set_cpuid settsc setscheduler }; allow $1 $2:security check_context; allow $1 $2:shadow enable; - allow $1 $2:mmu {map_read map_write adjust memorymap physmap pinpage}; + allow $1 $2:mmu { map_read map_write adjust memorymap physmap pinpage mmuext_op }; allow $1 $2:grant setup; allow $1 $2:hvm { cacheattr getparam hvmctl irqlevel pciroute sethvmc setparam pcilevel trackdirtyvram }; ') @@ -50,6 +71,7 @@ define(`create_domain_build_label', ` allow $1 $2_channel:event create; allow $1 $2_building:domain2 relabelfrom; allow $1 $2:domain2 relabelto; + allow $2_building $2:domain transition; ') # manage_domain(priv, target) @@ -57,7 +79,7 @@ define(`create_domain_build_label', ` define(`manage_domain', ` allow $1 $2:domain { getdomaininfo getvcpuinfo getvcpuaffinity getaddrsize pause unpause trigger shutdown destroy - setvcpuaffinity setdomainmaxmem }; + setvcpuaffinity setdomainmaxmem getscheduler }; ') # migrate_domain_out(priv, target) @@ -67,6 +89,7 @@ define(`migrate_domain_out', ` allow $1 $2:hvm { gethvmc getparam irqlevel }; allow $1 $2:mmu { stat pageinfo map_read }; allow $1 $2:domain { getaddrsize getvcpucontext getextvcpucontext getvcpuextstate pause destroy }; + allow $1 $2:domain2 gettsc; ') ################################################################################ @@ -99,20 +122,36 @@ define(`domain_comms', ` ') # domain_self_comms(domain) -# Allow a domain types to communicate with others of its type using grants -# and event channels (this includes event channels to DOMID_SELF) +# Allow a non-singleton domain type to communicate with itself using grants +# and event channels define(`domain_self_comms', ` - create_channel($1, $1, $1_channel) - allow $1 $1:grant { map_read map_write copy unmap }; + create_channel($1, $1_self, $1_channel) + allow $1 $1_self:grant { map_read map_write copy unmap }; ') # device_model(dm_dom, hvm_dom) # Define how a device model domain interacts with its target define(`device_model', ` - domain_comms($1, $2) - allow $1 $2:domain { set_target shutdown }; - allow $1 $2:mmu { map_read map_write adjust physmap }; - allow $1 $2:hvm { getparam setparam trackdirtyvram hvmctl irqlevel pciroute }; + type $2_target, domain_type, domain_target_type; + type_transition $2 $1:domain $2_target; + allow $1 $2:domain set_target; + + type_transition $2_target domain_type:event $2_channel; + create_channel($1, $2_target, $1_channel) + create_channel($2, $1, $2_channel) + allow $1 $2_channel:event create; + + allow $1 $2_target:domain shutdown; + allow $1 $2_target:mmu { map_read map_write adjust physmap }; + allow $1 $2_target:hvm { getparam setparam trackdirtyvram hvmctl irqlevel pciroute cacheattr send_irq }; +') + +# make_device_model(priv, dm_dom, hvm_dom) +# Allow creation of a device model and HVM domain pair +define(`make_device_model', ` + device_model($2, $3) + allow $1 $2:domain2 make_priv_for; + allow $1 $3:domain2 set_as_target; ') ################################################################################ # @@ -123,8 +162,9 @@ define(`device_model', ` # use_device(domain, device) # Allow a device to be used by a domain define(`use_device', ` + allow $1 $1_self:mmu exchange; allow $1 $2:resource use; - allow $1 $2:mmu { map_read map_write }; + allow $1 domio_t:mmu { map_read map_write }; ') # admin_device(domain, device) diff -r 0b9dfd067b42 -r f54b7b1f65ea tools/flask/policy/policy/modules/xen/xen.te --- a/tools/flask/policy/policy/modules/xen/xen.te Fri Jan 11 12:22:30 2013 +0000 +++ b/tools/flask/policy/policy/modules/xen/xen.te Fri Jan 11 12:23:39 2013 +0000 @@ -8,6 +8,8 @@ ################################################################################ attribute xen_type; attribute domain_type; +attribute domain_self_type; +attribute domain_target_type; attribute resource_type; attribute event_type; attribute mls_priv; @@ -25,12 +27,12 @@ attribute mls_priv; type xen_t, xen_type, mls_priv; # Domain 0 -declare_domain(dom0_t, mls_priv); +declare_singleton_domain(dom0_t, mls_priv); -# Untracked I/O memory (pseudo-domain) +# I/O memory (DOMID_IO pseudo-domain) type domio_t, xen_type; -# Xen heap (pseudo-domain) +# Xen heap (DOMID_XEN pseudo-domain) type domxen_t, xen_type; # Unlabeled objects @@ -53,8 +55,8 @@ type device_t, resource_type; # ################################################################################ allow dom0_t xen_t:xen { kexec readapic writeapic mtrr_read mtrr_add mtrr_del - scheduler physinfo heap quirk readconsole writeconsole settime getcpuinfo - microcode cpupool_op sched_op pm_op }; + physinfo heap quirk readconsole writeconsole settime getcpuinfo + microcode cpupool_op pm_op tmem_control getscheduler setscheduler }; allow dom0_t xen_t:mmu { memorymap }; allow dom0_t security_t:security { check_context compute_av compute_create compute_member load_policy compute_relabel compute_user setenforce @@ -67,12 +69,14 @@ admin_device(dom0_t, device_t) admin_device(dom0_t, irq_t) admin_device(dom0_t, ioport_t) admin_device(dom0_t, iomem_t) -allow dom0_t domio_t:mmu { map_read map_write }; -domain_self_comms(dom0_t) +domain_comms(dom0_t, dom0_t) auditallow dom0_t security_t:security { load_policy setenforce setbool }; +# Allow all domains to use (unprivileged parts of) the tmem hypercall +allow domain_type xen_t:xen tmem_op; + ############################################################################### # # Domain creation @@ -84,11 +88,14 @@ domain_self_comms(domU_t) create_domain(dom0_t, domU_t) manage_domain(dom0_t, domU_t) domain_comms(dom0_t, domU_t) +domain_comms(domU_t, domU_t) +domain_self_comms(domU_t) declare_domain(isolated_domU_t) create_domain(dom0_t, isolated_domU_t) manage_domain(dom0_t, isolated_domU_t) domain_comms(dom0_t, isolated_domU_t) +domain_self_comms(isolated_domU_t) # Declare a boolean that denies creation of prot_domU_t domains gen_bool(prot_doms_locked, false) @@ -98,6 +105,8 @@ if (!prot_doms_locked) { } domain_comms(dom0_t, prot_domU_t) domain_comms(domU_t, prot_domU_t) +domain_comms(prot_domU_t, prot_domU_t) +domain_self_comms(prot_domU_t) # domHVM_t is meant to be paired with a qemu-dm stub domain of type dm_dom_t declare_domain(domHVM_t) @@ -110,7 +119,7 @@ declare_domain(dm_dom_t) create_domain(dom0_t, dm_dom_t) manage_domain(dom0_t, dm_dom_t) domain_comms(dom0_t, dm_dom_t) -device_model(dm_dom_t, domHVM_t) +make_device_model(dom0_t, dm_dom_t, domHVM_t) # nomigrate_t must be built via the nomigrate_t_building label; once built, # dom0 cannot read its memory. diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/arch/x86/acpi/power.c --- a/xen/arch/x86/acpi/power.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/arch/x86/acpi/power.c Fri Jan 11 12:23:39 2013 +0000 @@ -239,7 +239,7 @@ static long enter_state_helper(void *dat */ int acpi_enter_sleep(struct xenpf_enter_acpi_sleep *sleep) { - if ( !IS_PRIV(current->domain) || !acpi_sinfo.pm1a_cnt_blk.address ) + if ( !acpi_sinfo.pm1a_cnt_blk.address ) return -EPERM; /* Sanity check */ diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/arch/x86/cpu/mcheck/mce.c --- a/xen/arch/x86/cpu/mcheck/mce.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/arch/x86/cpu/mcheck/mce.c Fri Jan 11 12:23:39 2013 +0000 @@ -1293,10 +1293,7 @@ long do_mca(XEN_GUEST_HANDLE_PARAM(xen_m struct xen_mc_msrinject *mc_msrinject; struct xen_mc_mceinject *mc_mceinject; - if (!IS_PRIV(v->domain) ) - return x86_mcerr(NULL, -EPERM); - - ret = xsm_do_mca(); + ret = xsm_do_mca(XSM_PRIV); if ( ret ) return x86_mcerr(NULL, ret); diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/arch/x86/domctl.c --- a/xen/arch/x86/domctl.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/arch/x86/domctl.c Fri Jan 11 12:23:39 2013 +0000 @@ -77,7 +77,7 @@ long arch_do_domctl( if ( np == 0 ) ret = 0; - else if ( xsm_ioport_permission(d, fp, fp + np - 1, allow) ) + else if ( xsm_ioport_permission(XSM_HOOK, d, fp, fp + np - 1, allow) ) ret = -EPERM; else if ( allow ) ret = ioports_permit_access(d, fp, fp + np - 1); @@ -97,10 +97,6 @@ long arch_do_domctl( page = mfn_to_page(mfn); - ret = xsm_getpageframeinfo(d); - if ( ret ) - break; - if ( likely(get_page(page, d)) ) { ret = 0; @@ -141,10 +137,6 @@ long arch_do_domctl( struct page_info *page; xen_pfn_t *arr; - ret = xsm_getpageframeinfo(d); - if ( ret ) - break; - if ( unlikely(num > 1024) || unlikely(num != domctl->u.getpageframeinfo3.num) ) { @@ -239,10 +231,6 @@ long arch_do_domctl( int num = domctl->u.getpageframeinfo2.num; uint32_t *arr32; - ret = xsm_getpageframeinfo(d); - if ( ret ) - break; - if ( unlikely(num > 1024) ) { ret = -E2BIG; @@ -334,10 +322,6 @@ long arch_do_domctl( uint64_t mfn; struct page_info *page; - ret = xsm_getmemlist(d); - if ( ret ) - break; - if ( unlikely(d->is_dying) ) { ret = -EINVAL; break; @@ -373,10 +357,6 @@ long arch_do_domctl( struct page_info *page; void *hypercall_page; - ret = xsm_hypercall_init(d); - if ( ret ) - break; - page = get_page_from_gfn(d, gmfn, NULL, P2M_ALLOC); ret = -EACCES; @@ -401,10 +381,6 @@ long arch_do_domctl( { struct hvm_domain_context c = { .size = domctl->u.hvmcontext.size }; - ret = xsm_hvmcontext(d, domctl->cmd); - if ( ret ) - goto sethvmcontext_out; - ret = -EINVAL; if ( !is_hvm_domain(d) ) goto sethvmcontext_out; @@ -431,10 +407,6 @@ long arch_do_domctl( { struct hvm_domain_context c = { 0 }; - ret = xsm_hvmcontext(d, domctl->cmd); - if ( ret ) - goto gethvmcontext_out; - ret = -EINVAL; if ( !is_hvm_domain(d) ) goto gethvmcontext_out; @@ -477,10 +449,6 @@ long arch_do_domctl( case XEN_DOMCTL_gethvmcontext_partial: { - ret = xsm_hvmcontext(d, domctl->cmd); - if ( ret ) - break; - ret = -EINVAL; if ( !is_hvm_domain(d) ) break; @@ -496,10 +464,6 @@ long arch_do_domctl( case XEN_DOMCTL_set_address_size: { - ret = xsm_address_size(d, domctl->cmd); - if ( ret ) - break; - switch ( domctl->u.address_size.size ) { case 32: @@ -517,10 +481,6 @@ long arch_do_domctl( case XEN_DOMCTL_get_address_size: { - ret = xsm_address_size(d, domctl->cmd); - if ( ret ) - break; - domctl->u.address_size.size = is_pv_32on64_domain(d) ? 32 : BITS_PER_LONG; @@ -531,10 +491,6 @@ long arch_do_domctl( case XEN_DOMCTL_set_machine_address_size: { - ret = xsm_machine_address_size(d, domctl->cmd); - if ( ret ) - break; - ret = -EBUSY; if ( d->tot_pages > 0 ) break; @@ -547,10 +503,6 @@ long arch_do_domctl( case XEN_DOMCTL_get_machine_address_size: { - ret = xsm_machine_address_size(d, domctl->cmd); - if ( ret ) - break; - domctl->u.address_size.size = d->arch.physaddr_bitsize; ret = 0; @@ -562,10 +514,6 @@ long arch_do_domctl( { struct vcpu *v; - ret = xsm_sendtrigger(d); - if ( ret ) - break; - ret = -EINVAL; if ( domctl->u.sendtrigger.vcpu >= MAX_VIRT_CPUS ) break; @@ -623,7 +571,7 @@ long arch_do_domctl( if ( !is_hvm_domain(d) ) break; - ret = xsm_bind_pt_irq(d, bind); + ret = xsm_bind_pt_irq(XSM_HOOK, d, bind); if ( ret ) break; @@ -656,7 +604,7 @@ long arch_do_domctl( !irq_access_permitted(current->domain, bind->machine_irq) ) break; - ret = xsm_unbind_pt_irq(d, bind); + ret = xsm_unbind_pt_irq(XSM_HOOK, d, bind); if ( ret ) break; @@ -691,7 +639,7 @@ long arch_do_domctl( !iomem_access_permitted(current->domain, mfn, mfn + nr_mfns - 1) ) break; - ret = xsm_iomem_mapping(d, mfn, mfn + nr_mfns - 1, add); + ret = xsm_iomem_mapping(XSM_HOOK, d, mfn, mfn + nr_mfns - 1, add); if ( ret ) break; @@ -769,7 +717,7 @@ long arch_do_domctl( !ioports_access_permitted(current->domain, fmp, fmp + np - 1) ) break; - ret = xsm_ioport_mapping(d, fmp, fmp + np - 1, add); + ret = xsm_ioport_mapping(XSM_HOOK, d, fmp, fmp + np - 1, add); if ( ret ) break; @@ -832,10 +780,6 @@ long arch_do_domctl( case XEN_DOMCTL_pin_mem_cacheattr: { - ret = xsm_pin_mem_cacheattr(d); - if ( ret ) - break; - ret = hvm_set_mem_pinned_cacheattr( d, domctl->u.pin_mem_cacheattr.start, domctl->u.pin_mem_cacheattr.end, @@ -851,10 +795,6 @@ long arch_do_domctl( evc = &domctl->u.ext_vcpucontext; - ret = xsm_ext_vcpucontext(d, domctl->cmd); - if ( ret ) - break; - ret = -ESRCH; if ( (evc->vcpu >= d->max_vcpus) || ((v = d->vcpu[evc->vcpu]) == NULL) ) @@ -1118,10 +1058,6 @@ long arch_do_domctl( evc = &domctl->u.vcpuextstate; - ret = xsm_vcpuextstate(d, domctl->cmd); - if ( ret ) - goto vcpuextstate_out; - ret = -ESRCH; if ( (evc->vcpu >= d->max_vcpus) || ((v = d->vcpu[evc->vcpu]) == NULL) ) @@ -1223,19 +1159,15 @@ long arch_do_domctl( case XEN_DOMCTL_mem_event_op: { - ret = xsm_mem_event(d); - if ( !ret ) - ret = mem_event_domctl(d, &domctl->u.mem_event_op, - guest_handle_cast(u_domctl, void)); + ret = mem_event_domctl(d, &domctl->u.mem_event_op, + guest_handle_cast(u_domctl, void)); copyback = 1; } break; case XEN_DOMCTL_mem_sharing_op: { - ret = xsm_mem_sharing(d); - if ( !ret ) - ret = mem_sharing_domctl(d, &domctl->u.mem_sharing_op); + ret = mem_sharing_domctl(d, &domctl->u.mem_sharing_op); } break; @@ -1265,11 +1197,9 @@ long arch_do_domctl( if ( current->domain == d ) break; - ret = xsm_mem_event(d); - if ( !ret ) { - p2m = p2m_get_hostp2m(d); - p2m->access_required = domctl->u.access_required.access_required; - } + ret = 0; + p2m = p2m_get_hostp2m(d); + p2m->access_required = domctl->u.access_required.access_required; } break; diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/arch/x86/hvm/hvm.c --- a/xen/arch/x86/hvm/hvm.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/arch/x86/hvm/hvm.c Fri Jan 11 12:23:39 2013 +0000 @@ -3388,7 +3388,7 @@ static int hvmop_set_pci_intx_level( if ( (op.domain > 0) || (op.bus > 0) || (op.device > 31) || (op.intx > 3) ) return -EINVAL; - rc = rcu_lock_remote_target_domain_by_id(op.domid, &d); + rc = rcu_lock_remote_domain_by_id(op.domid, &d); if ( rc != 0 ) return rc; @@ -3396,7 +3396,7 @@ static int hvmop_set_pci_intx_level( if ( !is_hvm_domain(d) ) goto out; - rc = xsm_hvm_set_pci_intx_level(d); + rc = xsm_hvm_set_pci_intx_level(XSM_DM_PRIV, d); if ( rc ) goto out; @@ -3555,7 +3555,7 @@ static int hvmop_set_isa_irq_level( if ( op.isa_irq > 15 ) return -EINVAL; - rc = rcu_lock_remote_target_domain_by_id(op.domid, &d); + rc = rcu_lock_remote_domain_by_id(op.domid, &d); if ( rc != 0 ) return rc; @@ -3563,7 +3563,7 @@ static int hvmop_set_isa_irq_level( if ( !is_hvm_domain(d) ) goto out; - rc = xsm_hvm_set_isa_irq_level(d); + rc = xsm_hvm_set_isa_irq_level(XSM_DM_PRIV, d); if ( rc ) goto out; @@ -3599,7 +3599,7 @@ static int hvmop_set_pci_link_route( if ( (op.link > 3) || (op.isa_irq > 15) ) return -EINVAL; - rc = rcu_lock_remote_target_domain_by_id(op.domid, &d); + rc = rcu_lock_remote_domain_by_id(op.domid, &d); if ( rc != 0 ) return rc; @@ -3607,7 +3607,7 @@ static int hvmop_set_pci_link_route( if ( !is_hvm_domain(d) ) goto out; - rc = xsm_hvm_set_pci_link_route(d); + rc = xsm_hvm_set_pci_link_route(XSM_DM_PRIV, d); if ( rc ) goto out; @@ -3629,7 +3629,7 @@ static int hvmop_inject_msi( if ( copy_from_guest(&op, uop, 1) ) return -EFAULT; - rc = rcu_lock_remote_target_domain_by_id(op.domid, &d); + rc = rcu_lock_remote_domain_by_id(op.domid, &d); if ( rc != 0 ) return rc; @@ -3637,7 +3637,7 @@ static int hvmop_inject_msi( if ( !is_hvm_domain(d) ) goto out; - rc = xsm_hvm_inject_msi(d); + rc = xsm_hvm_inject_msi(XSM_DM_PRIV, d); if ( rc ) goto out; @@ -3726,15 +3726,15 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( a.index >= HVM_NR_PARAMS ) return -EINVAL; - rc = rcu_lock_target_domain_by_id(a.domid, &d); - if ( rc != 0 ) - return rc; + d = rcu_lock_domain_by_any_id(a.domid); + if ( d == NULL ) + return -ESRCH; rc = -EINVAL; if ( !is_hvm_domain(d) ) goto param_fail; - rc = xsm_hvm_param(d, op); + rc = xsm_hvm_param(XSM_TARGET, d, op); if ( rc ) goto param_fail; @@ -3972,7 +3972,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( copy_from_guest(&a, arg, 1) ) return -EFAULT; - rc = rcu_lock_remote_target_domain_by_id(a.domid, &d); + rc = rcu_lock_remote_domain_by_id(a.domid, &d); if ( rc != 0 ) return rc; @@ -3983,7 +3983,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( a.nr > GB(1) >> PAGE_SHIFT ) goto param_fail2; - rc = xsm_hvm_param(d, op); + rc = xsm_hvm_param(XSM_TARGET, d, op); if ( rc ) goto param_fail2; @@ -4013,7 +4013,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( copy_from_guest(&a, arg, 1) ) return -EFAULT; - rc = rcu_lock_remote_target_domain_by_id(a.domid, &d); + rc = rcu_lock_remote_domain_by_id(a.domid, &d); if ( rc != 0 ) return rc; @@ -4021,7 +4021,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( !is_hvm_domain(d) ) goto param_fail3; - rc = xsm_hvm_param(d, op); + rc = xsm_hvm_param(XSM_TARGET, d, op); if ( rc ) goto param_fail3; @@ -4078,11 +4078,11 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( copy_from_guest(&a, arg, 1) ) return -EFAULT; - rc = rcu_lock_target_domain_by_id(a.domid, &d); - if ( rc != 0 ) - return rc; - - rc = xsm_hvm_param(d, op); + d = rcu_lock_domain_by_any_id(a.domid); + if ( d == NULL ) + return -ESRCH; + + rc = xsm_hvm_param(XSM_TARGET, d, op); if ( rc ) goto param_fail_getmemtype; @@ -4128,7 +4128,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( copy_from_guest(&a, arg, 1) ) return -EFAULT; - rc = rcu_lock_remote_target_domain_by_id(a.domid, &d); + rc = rcu_lock_remote_domain_by_id(a.domid, &d); if ( rc != 0 ) return rc; @@ -4136,7 +4136,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( !is_hvm_domain(d) ) goto param_fail4; - rc = xsm_hvm_param(d, op); + rc = xsm_hvm_param(XSM_TARGET, d, op); if ( rc ) goto param_fail4; @@ -4221,7 +4221,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( copy_from_guest(&a, arg, 1) ) return -EFAULT; - rc = rcu_lock_remote_target_domain_by_id(a.domid, &d); + rc = rcu_lock_remote_domain_by_id(a.domid, &d); if ( rc != 0 ) return rc; @@ -4229,7 +4229,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( !is_hvm_domain(d) ) goto param_fail5; - rc = xsm_hvm_param(d, op); + rc = xsm_hvm_param(XSM_TARGET, d, op); if ( rc ) goto param_fail5; @@ -4256,7 +4256,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( copy_from_guest(&a, arg, 1) ) return -EFAULT; - rc = rcu_lock_remote_target_domain_by_id(a.domid, &d); + rc = rcu_lock_remote_domain_by_id(a.domid, &d); if ( rc != 0 ) return rc; @@ -4264,7 +4264,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( !is_hvm_domain(d) ) goto param_fail6; - rc = xsm_hvm_param(d, op); + rc = xsm_hvm_param(XSM_TARGET, d, op); if ( rc ) goto param_fail6; @@ -4292,15 +4292,15 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( copy_from_guest(&a, arg, 1) ) return -EFAULT; - rc = rcu_lock_target_domain_by_id(a.domid, &d); - if ( rc != 0 ) - return rc; + d = rcu_lock_domain_by_any_id(a.domid); + if ( d == NULL ) + return -ESRCH; rc = -EINVAL; if ( !is_hvm_domain(d) || !paging_mode_shadow(d) ) goto param_fail7; - rc = xsm_hvm_param(d, op); + rc = xsm_hvm_param(XSM_TARGET, d, op); if ( rc ) goto param_fail7; @@ -4346,7 +4346,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( copy_from_guest(&tr, arg, 1 ) ) return -EFAULT; - rc = rcu_lock_remote_target_domain_by_id(tr.domid, &d); + rc = rcu_lock_remote_domain_by_id(tr.domid, &d); if ( rc != 0 ) return rc; @@ -4354,7 +4354,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( !is_hvm_domain(d) ) goto param_fail8; - rc = xsm_hvm_param(d, op); + rc = xsm_hvm_param(XSM_TARGET, d, op); if ( rc ) goto param_fail8; diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/arch/x86/irq.c --- a/xen/arch/x86/irq.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/arch/x86/irq.c Fri Jan 11 12:23:39 2013 +0000 @@ -1853,8 +1853,7 @@ int map_domain_pirq( ASSERT(spin_is_locked(&d->event_lock)); if ( !IS_PRIV(current->domain) && - !(IS_PRIV_FOR(current->domain, d) && - irq_access_permitted(current->domain, pirq))) + !irq_access_permitted(current->domain, pirq)) return -EPERM; if ( pirq < 0 || pirq >= d->nr_pirqs || irq < 0 || irq >= nr_irqs ) @@ -1875,7 +1874,7 @@ int map_domain_pirq( return 0; } - ret = xsm_map_domain_pirq(d, irq, data); + ret = xsm_map_domain_pirq(XSM_HOOK, d, irq, data); if ( ret ) { dprintk(XENLOG_G_ERR, "dom%d: could not permit access to irq %d mapping to pirq %d\n", diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/arch/x86/mm.c --- a/xen/arch/x86/mm.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/arch/x86/mm.c Fri Jan 11 12:23:39 2013 +0000 @@ -2605,11 +2605,6 @@ static struct domain *get_pg_owner(domid pg_owner = rcu_lock_domain(dom_io); break; case DOMID_XEN: - if ( !IS_PRIV(curr) ) - { - MEM_LOG("Cannot set foreign dom"); - break; - } pg_owner = rcu_lock_domain(dom_xen); break; default: @@ -2618,12 +2613,6 @@ static struct domain *get_pg_owner(domid MEM_LOG("Unknown domain '%u'", domid); break; } - if ( !IS_PRIV_FOR(curr, pg_owner) ) - { - MEM_LOG("Cannot set foreign dom"); - rcu_unlock_domain(pg_owner); - pg_owner = NULL; - } break; } @@ -2711,6 +2700,13 @@ long do_mmuext_op( goto out; } + rc = xsm_mmuext_op(XSM_TARGET, d, pg_owner); + if ( rc ) + { + rcu_unlock_domain(pg_owner); + goto out; + } + for ( i = 0; i < count; i++ ) { if ( hypercall_preempt_check() ) @@ -2776,7 +2772,7 @@ long do_mmuext_op( break; } - if ( (rc = xsm_memory_pin_page(d, pg_owner, page)) != 0 ) + if ( (rc = xsm_memory_pin_page(XSM_HOOK, d, pg_owner, page)) != 0 ) { put_page_and_type(page); okay = 0; @@ -3153,6 +3149,8 @@ long do_mmu_update( struct vcpu *v = current; struct domain *d = v->domain, *pt_owner = d, *pg_owner; struct domain_mmap_cache mapcache; + uint32_t xsm_needed = 0; + uint32_t xsm_checked = 0; if ( unlikely(count & MMU_UPDATE_PREEMPTED) ) { @@ -3184,11 +3182,6 @@ long do_mmu_update( rc = -EINVAL; goto out; } - if ( !IS_PRIV_FOR(d, pt_owner) ) - { - rc = -ESRCH; - goto out; - } } if ( (pg_owner = get_pg_owner((uint16_t)foreigndom)) == NULL ) @@ -3228,9 +3221,20 @@ long do_mmu_update( { p2m_type_t p2mt; - rc = xsm_mmu_normal_update(d, pt_owner, pg_owner, req.val); - if ( rc ) - break; + xsm_needed |= XSM_MMU_NORMAL_UPDATE; + if ( get_pte_flags(req.val) & _PAGE_PRESENT ) + { + xsm_needed |= XSM_MMU_UPDATE_READ; + if ( get_pte_flags(req.val) & _PAGE_RW ) + xsm_needed |= XSM_MMU_UPDATE_WRITE; + } + if ( xsm_needed != xsm_checked ) + { + rc = xsm_mmu_update(XSM_TARGET, d, pt_owner, pg_owner, xsm_needed); + if ( rc ) + break; + xsm_checked = xsm_needed; + } rc = -EINVAL; req.ptr -= cmd; @@ -3342,9 +3346,14 @@ long do_mmu_update( mfn = req.ptr >> PAGE_SHIFT; gpfn = req.val; - rc = xsm_mmu_machphys_update(d, pg_owner, mfn); - if ( rc ) - break; + xsm_needed |= XSM_MMU_MACHPHYS_UPDATE; + if ( xsm_needed != xsm_checked ) + { + rc = xsm_mmu_update(XSM_TARGET, d, NULL, pg_owner, xsm_needed); + if ( rc ) + break; + xsm_checked = xsm_needed; + } if ( unlikely(!get_page_from_pagenr(mfn, pg_owner)) ) { @@ -3908,7 +3917,7 @@ static int __do_update_va_mapping( perfc_incr(calls_to_update_va); - rc = xsm_update_va_mapping(d, pg_owner, val); + rc = xsm_update_va_mapping(XSM_TARGET, d, pg_owner, val); if ( rc ) return rc; @@ -4375,11 +4384,11 @@ long arch_memory_op(int op, XEN_GUEST_HA if ( copy_from_guest(&xatp, arg, 1) ) return -EFAULT; - rc = rcu_lock_target_domain_by_id(xatp.domid, &d); - if ( rc != 0 ) - return rc; - - if ( xsm_add_to_physmap(current->domain, d) ) + d = rcu_lock_domain_by_any_id(xatp.domid); + if ( d == NULL ) + return -ESRCH; + + if ( xsm_add_to_physmap(XSM_TARGET, current->domain, d) ) { rcu_unlock_domain(d); return -EPERM; @@ -4414,11 +4423,11 @@ long arch_memory_op(int op, XEN_GUEST_HA if ( fmap.map.nr_entries > E820MAX ) return -EINVAL; - rc = rcu_lock_target_domain_by_id(fmap.domid, &d); - if ( rc != 0 ) - return rc; - - rc = xsm_domain_memory_map(d); + d = rcu_lock_domain_by_any_id(fmap.domid); + if ( d == NULL ) + return -ESRCH; + + rc = xsm_domain_memory_map(XSM_TARGET, d); if ( rc ) { rcu_unlock_domain(d); @@ -4493,10 +4502,7 @@ long arch_memory_op(int op, XEN_GUEST_HA XEN_GUEST_HANDLE_PARAM(e820entry_t) buffer_param; unsigned int i; - if ( !IS_PRIV(current->domain) ) - return -EINVAL; - - rc = xsm_machine_memory_map(); + rc = xsm_machine_memory_map(XSM_PRIV); if ( rc ) return rc; @@ -4572,21 +4578,17 @@ long arch_memory_op(int op, XEN_GUEST_HA struct domain *d; struct p2m_domain *p2m; - /* Support DOMID_SELF? */ - if ( !IS_PRIV(current->domain) ) - return -EPERM; - if ( copy_from_guest(&target, arg, 1) ) return -EFAULT; - rc = rcu_lock_target_domain_by_id(target.domid, &d); - if ( rc != 0 ) - return rc; + d = rcu_lock_domain_by_any_id(target.domid); + if ( d == NULL ) + return -ESRCH; if ( op == XENMEM_set_pod_target ) - rc = xsm_set_pod_target(d); + rc = xsm_set_pod_target(XSM_PRIV, d); else - rc = xsm_get_pod_target(d); + rc = xsm_get_pod_target(XSM_PRIV, d); if ( rc != 0 ) goto pod_target_out_unlock; diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/arch/x86/mm/mem_event.c --- a/xen/arch/x86/mm/mem_event.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/arch/x86/mm/mem_event.c Fri Jan 11 12:23:39 2013 +0000 @@ -29,6 +29,7 @@ #include #include #include +#include /* for public/io/ring.h macros */ #define xen_mb() mb() @@ -439,35 +440,19 @@ static void mem_sharing_notification(str mem_sharing_sharing_resume(v->domain); } -struct domain *get_mem_event_op_target(uint32_t domain, int *rc) -{ - struct domain *d; - - /* Get the target domain */ - *rc = rcu_lock_remote_target_domain_by_id(domain, &d); - if ( *rc != 0 ) - return NULL; - - /* Not dying? */ - if ( d->is_dying ) - { - rcu_unlock_domain(d); - *rc = -EINVAL; - return NULL; - } - - return d; -} - int do_mem_event_op(int op, uint32_t domain, void *arg) { int ret; struct domain *d; - d = get_mem_event_op_target(domain, &ret); - if ( !d ) + ret = rcu_lock_live_remote_domain_by_id(domain, &d); + if ( ret ) return ret; + ret = xsm_mem_event_op(XSM_TARGET, d, op); + if ( ret ) + goto out; + switch (op) { case XENMEM_paging_op: @@ -483,6 +468,7 @@ int do_mem_event_op(int op, uint32_t dom ret = -ENOSYS; } + out: rcu_unlock_domain(d); return ret; } @@ -516,6 +502,10 @@ int mem_event_domctl(struct domain *d, x { int rc; + rc = xsm_mem_event_control(XSM_PRIV, d, mec->mode, mec->op); + if ( rc ) + return rc; + if ( unlikely(d == current->domain) ) { gdprintk(XENLOG_INFO, "Tried to do a memory event op on itself.\n"); @@ -537,13 +527,6 @@ int mem_event_domctl(struct domain *d, x return -EINVAL; } - /* TODO: XSM hook */ -#if 0 - rc = xsm_mem_event_control(d, mec->op); - if ( rc ) - return rc; -#endif - rc = -ENOSYS; switch ( mec->mode ) diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/arch/x86/mm/mem_sharing.c --- a/xen/arch/x86/mm/mem_sharing.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/arch/x86/mm/mem_sharing.c Fri Jan 11 12:23:39 2013 +0000 @@ -34,6 +34,7 @@ #include #include #include +#include #include "mm-locks.h" @@ -1345,10 +1346,18 @@ int mem_sharing_memop(struct domain *d, if ( !mem_sharing_enabled(d) ) return -EINVAL; - cd = get_mem_event_op_target(mec->u.share.client_domain, &rc); - if ( !cd ) + rc = rcu_lock_live_remote_domain_by_id(mec->u.share.client_domain, + &cd); + if ( rc ) return rc; + rc = xsm_mem_sharing_op(XSM_TARGET, d, cd, mec->op); + if ( rc ) + { + rcu_unlock_domain(cd); + return rc; + } + if ( !mem_sharing_enabled(cd) ) { rcu_unlock_domain(cd); @@ -1401,10 +1410,18 @@ int mem_sharing_memop(struct domain *d, if ( !mem_sharing_enabled(d) ) return -EINVAL; - cd = get_mem_event_op_target(mec->u.share.client_domain, &rc); - if ( !cd ) + rc = rcu_lock_live_remote_domain_by_id(mec->u.share.client_domain, + &cd); + if ( rc ) return rc; + rc = xsm_mem_sharing_op(XSM_TARGET, d, cd, mec->op); + if ( rc ) + { + rcu_unlock_domain(cd); + return rc; + } + if ( !mem_sharing_enabled(cd) ) { rcu_unlock_domain(cd); diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/arch/x86/mm/paging.c --- a/xen/arch/x86/mm/paging.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/arch/x86/mm/paging.c Fri Jan 11 12:23:39 2013 +0000 @@ -559,7 +559,7 @@ int paging_domctl(struct domain *d, xen_ return -EINVAL; } - rc = xsm_shadow_control(d, sc->op); + rc = xsm_shadow_control(XSM_HOOK, d, sc->op); if ( rc ) return rc; diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/arch/x86/msi.c --- a/xen/arch/x86/msi.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/arch/x86/msi.c Fri Jan 11 12:23:39 2013 +0000 @@ -1016,7 +1016,7 @@ int pci_restore_msi_state(struct pci_dev if (!pdev) return -EINVAL; - ret = xsm_resource_setup_pci((pdev->seg << 16) | (pdev->bus << 8) | pdev->devfn); + ret = xsm_resource_setup_pci(XSM_PRIV, (pdev->seg << 16) | (pdev->bus << 8) | pdev->devfn); if ( ret ) return ret; diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/arch/x86/physdev.c --- a/xen/arch/x86/physdev.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/arch/x86/physdev.c Fri Jan 11 12:23:39 2013 +0000 @@ -109,12 +109,6 @@ int physdev_map_pirq(domid_t domid, int if ( ret ) return ret; - if ( !IS_PRIV_FOR(current->domain, d) ) - { - ret = -EPERM; - goto free_domain; - } - /* Verify or get irq. */ switch ( type ) { @@ -238,11 +232,7 @@ int physdev_unmap_pirq(domid_t domid, in goto free_domain; } - ret = -EPERM; - if ( !IS_PRIV_FOR(current->domain, d) ) - goto free_domain; - - ret = xsm_unmap_domain_pirq(d, domain_pirq_to_irq(d, pirq)); + ret = xsm_unmap_domain_pirq(XSM_TARGET, d, domain_pirq_to_irq(d, pirq)); if ( ret ) goto free_domain; @@ -433,10 +423,7 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H ret = -EFAULT; if ( copy_from_guest(&apic, arg, 1) != 0 ) break; - ret = -EPERM; - if ( !IS_PRIV(v->domain) ) - break; - ret = xsm_apic(v->domain, cmd); + ret = xsm_apic(XSM_PRIV, v->domain, cmd); if ( ret ) break; ret = ioapic_guest_read(apic.apic_physbase, apic.reg, &apic.value); @@ -450,10 +437,7 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H ret = -EFAULT; if ( copy_from_guest(&apic, arg, 1) != 0 ) break; - ret = -EPERM; - if ( !IS_PRIV(v->domain) ) - break; - ret = xsm_apic(v->domain, cmd); + ret = xsm_apic(XSM_PRIV, v->domain, cmd); if ( ret ) break; ret = ioapic_guest_write(apic.apic_physbase, apic.reg, apic.value); @@ -467,8 +451,10 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H if ( copy_from_guest(&irq_op, arg, 1) != 0 ) break; - ret = -EPERM; - if ( !IS_PRIV(v->domain) ) + /* Use the APIC check since this dummy hypercall should still only + * be called by the domain with access to program the ioapic */ + ret = xsm_apic(XSM_PRIV, v->domain, cmd); + if ( ret ) break; /* Vector is only used by hypervisor, and dom0 shouldn't @@ -517,9 +503,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H case PHYSDEVOP_manage_pci_add: { struct physdev_manage_pci manage_pci; - ret = -EPERM; - if ( !IS_PRIV(v->domain) ) - break; ret = -EFAULT; if ( copy_from_guest(&manage_pci, arg, 1) != 0 ) break; @@ -530,9 +513,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H case PHYSDEVOP_manage_pci_remove: { struct physdev_manage_pci manage_pci; - ret = -EPERM; - if ( !IS_PRIV(v->domain) ) - break; ret = -EFAULT; if ( copy_from_guest(&manage_pci, arg, 1) != 0 ) break; @@ -545,10 +525,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H struct physdev_manage_pci_ext manage_pci_ext; struct pci_dev_info pdev_info; - ret = -EPERM; - if ( !IS_PRIV(current->domain) ) - break; - ret = -EFAULT; if ( copy_from_guest(&manage_pci_ext, arg, 1) != 0 ) break; @@ -571,10 +547,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H struct physdev_pci_device_add add; struct pci_dev_info pdev_info; - ret = -EPERM; - if ( !IS_PRIV(current->domain) ) - break; - ret = -EFAULT; if ( copy_from_guest(&add, arg, 1) != 0 ) break; @@ -595,10 +567,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H case PHYSDEVOP_pci_device_remove: { struct physdev_pci_device dev; - ret = -EPERM; - if ( !IS_PRIV(v->domain) ) - break; - ret = -EFAULT; if ( copy_from_guest(&dev, arg, 1) != 0 ) break; @@ -610,11 +578,7 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H case PHYSDEVOP_pci_mmcfg_reserved: { struct physdev_pci_mmcfg_reserved info; - ret = -EPERM; - if ( !IS_PRIV(current->domain) ) - break; - - ret = xsm_resource_setup_misc(); + ret = xsm_resource_setup_misc(XSM_PRIV); if ( ret ) break; @@ -631,10 +595,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H struct physdev_restore_msi restore_msi; struct pci_dev *pdev; - ret = -EPERM; - if ( !IS_PRIV(v->domain) ) - break; - ret = -EFAULT; if ( copy_from_guest(&restore_msi, arg, 1) != 0 ) break; @@ -650,10 +610,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H struct physdev_pci_device dev; struct pci_dev *pdev; - ret = -EPERM; - if ( !IS_PRIV(v->domain) ) - break; - ret = -EFAULT; if ( copy_from_guest(&dev, arg, 1) != 0 ) break; @@ -668,10 +624,6 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H case PHYSDEVOP_setup_gsi: { struct physdev_setup_gsi setup_gsi; - ret = -EPERM; - if ( !IS_PRIV(v->domain) ) - break; - ret = -EFAULT; if ( copy_from_guest(&setup_gsi, arg, 1) != 0 ) break; @@ -680,7 +632,7 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H if ( setup_gsi.gsi < 0 || setup_gsi.gsi >= nr_irqs_gsi ) break; - ret = xsm_resource_setup_gsi(setup_gsi.gsi); + ret = xsm_resource_setup_gsi(XSM_PRIV, setup_gsi.gsi); if ( ret ) break; diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/arch/x86/platform_hypercall.c --- a/xen/arch/x86/platform_hypercall.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/arch/x86/platform_hypercall.c Fri Jan 11 12:23:39 2013 +0000 @@ -66,15 +66,16 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA ret_t ret = 0; struct xen_platform_op curop, *op = &curop; - if ( !IS_PRIV(current->domain) ) - return -EPERM; - if ( copy_from_guest(op, u_xenpf_op, 1) ) return -EFAULT; if ( op->interface_version != XENPF_INTERFACE_VERSION ) return -EACCES; + ret = xsm_platform_op(XSM_PRIV, op->cmd); + if ( ret ) + return ret; + /* * Trylock here avoids deadlock with an existing platform critical section * which might (for some current or future reason) want to synchronise @@ -89,10 +90,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA { case XENPF_settime: { - ret = xsm_xen_settime(); - if ( ret ) - break; - do_settime(op->u.settime.secs, op->u.settime.nsecs, op->u.settime.system_time); @@ -102,10 +99,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA case XENPF_add_memtype: { - ret = xsm_memtype(op->cmd); - if ( ret ) - break; - ret = mtrr_add_page( op->u.add_memtype.mfn, op->u.add_memtype.nr_mfns, @@ -125,10 +118,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA case XENPF_del_memtype: { - ret = xsm_memtype(op->cmd); - if ( ret ) - break; - if (op->u.del_memtype.handle == 0 /* mtrr/main.c otherwise does a lookup */ && (int)op->u.del_memtype.reg >= 0) @@ -147,10 +136,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA unsigned long mfn, nr_mfns; mtrr_type type; - ret = xsm_memtype(op->cmd); - if ( ret ) - break; - ret = -EINVAL; if ( op->u.read_memtype.reg < num_var_ranges ) { @@ -168,10 +153,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA { XEN_GUEST_HANDLE(const_void) data; - ret = xsm_microcode(); - if ( ret ) - break; - guest_from_compat_handle(data, op->u.microcode.data); /* @@ -199,10 +180,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA { int quirk_id = op->u.platform_quirk.quirk_id; - ret = xsm_platform_quirk(quirk_id); - if ( ret ) - break; - switch ( quirk_id ) { case QUIRK_NOIRQBALANCING: @@ -224,10 +201,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA break; case XENPF_firmware_info: - ret = xsm_firmware_info(); - if ( ret ) - break; - switch ( op->u.firmware_info.type ) { case XEN_FW_DISK_INFO: { @@ -336,10 +309,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA break; case XENPF_efi_runtime_call: - ret = xsm_efi_call(); - if ( ret ) - break; - ret = efi_runtime_call(&op->u.efi_runtime_call); if ( ret == 0 && __copy_field_to_guest(u_xenpf_op, op, u.efi_runtime_call) ) @@ -347,18 +316,10 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA break; case XENPF_enter_acpi_sleep: - ret = xsm_acpi_sleep(); - if ( ret ) - break; - ret = acpi_enter_sleep(&op->u.enter_acpi_sleep); break; case XENPF_change_freq: - ret = xsm_change_freq(); - if ( ret ) - break; - ret = -ENOSYS; if ( cpufreq_controller != FREQCTL_dom0_kernel ) break; @@ -380,10 +341,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA XEN_GUEST_HANDLE(uint8) cpumap_bitmap; XEN_GUEST_HANDLE(uint64) idletimes; - ret = xsm_getidletime(); - if ( ret ) - break; - ret = -ENOSYS; if ( cpufreq_controller != FREQCTL_dom0_kernel ) break; @@ -420,10 +377,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA break; case XENPF_set_processor_pminfo: - ret = xsm_setpminfo(); - if ( ret ) - break; - switch ( op->u.set_pminfo.type ) { case XEN_PM_PX: @@ -476,10 +429,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA g_info = &op->u.pcpu_info; - ret = xsm_getcpuinfo(); - if ( ret ) - break; - if ( !get_cpu_maps() ) { ret = -EBUSY; @@ -549,7 +498,7 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA { int cpu = op->u.cpu_ol.cpuid; - ret = xsm_resource_plug_core(); + ret = xsm_resource_plug_core(XSM_HOOK); if ( ret ) break; @@ -565,10 +514,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA break; } - ret = xsm_resource_plug_core(); - if ( ret ) - break; - ret = continue_hypercall_on_cpu( 0, cpu_up_helper, (void *)(unsigned long)cpu); break; @@ -578,7 +523,7 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA { int cpu = op->u.cpu_ol.cpuid; - ret = xsm_resource_unplug_core(); + ret = xsm_resource_unplug_core(XSM_HOOK); if ( ret ) break; @@ -607,7 +552,7 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA break; case XENPF_cpu_hotadd: - ret = xsm_resource_plug_core(); + ret = xsm_resource_plug_core(XSM_HOOK); if ( ret ) break; @@ -617,7 +562,7 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA break; case XENPF_mem_hotadd: - ret = xsm_resource_plug_core(); + ret = xsm_resource_plug_core(XSM_HOOK); if ( ret ) break; diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/arch/x86/sysctl.c --- a/xen/arch/x86/sysctl.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/arch/x86/sysctl.c Fri Jan 11 12:23:39 2013 +0000 @@ -69,11 +69,6 @@ long arch_do_sysctl( { xen_sysctl_physinfo_t *pi = &sysctl->u.physinfo; - ret = xsm_physinfo(); - if ( ret ) - break; - - memset(pi, 0, sizeof(*pi)); pi->threads_per_core = cpumask_weight(per_cpu(cpu_sibling_mask, 0)); @@ -103,10 +98,6 @@ long arch_do_sysctl( uint32_t i, max_cpu_index, last_online_cpu; xen_sysctl_topologyinfo_t *ti = &sysctl->u.topologyinfo; - ret = xsm_physinfo(); - if ( ret ) - break; - last_online_cpu = cpumask_last(&cpu_online_map); max_cpu_index = min_t(uint32_t, ti->max_cpu_index, last_online_cpu); ti->max_cpu_index = last_online_cpu; @@ -144,10 +135,6 @@ long arch_do_sysctl( uint32_t i, j, max_node_index, last_online_node; xen_sysctl_numainfo_t *ni = &sysctl->u.numainfo; - ret = xsm_physinfo(); - if ( ret ) - break; - last_online_node = last_node(node_online_map); max_node_index = min_t(uint32_t, ni->max_node_index, last_online_node); ni->max_node_index = last_online_node; @@ -199,14 +186,14 @@ long arch_do_sysctl( switch ( sysctl->u.cpu_hotplug.op ) { case XEN_SYSCTL_CPU_HOTPLUG_ONLINE: - ret = xsm_resource_plug_core(); + ret = xsm_resource_plug_core(XSM_HOOK); if ( ret ) break; ret = continue_hypercall_on_cpu( 0, cpu_up_helper, (void *)(unsigned long)cpu); break; case XEN_SYSCTL_CPU_HOTPLUG_OFFLINE: - ret = xsm_resource_unplug_core(); + ret = xsm_resource_unplug_core(XSM_HOOK); if ( ret ) break; ret = continue_hypercall_on_cpu( diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/arch/x86/traps.c --- a/xen/arch/x86/traps.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/arch/x86/traps.c Fri Jan 11 12:23:39 2013 +0000 @@ -1643,7 +1643,7 @@ static int pci_cfg_ok(struct domain *d, start |= (d->arch.pci_cf8 >> 16) & 0xF00; } end = start + size - 1; - if (xsm_pci_config_permission(d, machine_bdf, start, end, write)) + if (xsm_pci_config_permission(XSM_HOOK, d, machine_bdf, start, end, write)) return 0; return 1; } diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/common/domain.c --- a/xen/common/domain.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/common/domain.c Fri Jan 11 12:23:39 2013 +0000 @@ -252,7 +252,7 @@ struct domain *domain_create( if ( !is_idle_domain(d) ) { - if ( (err = xsm_domain_create(d, ssidref)) != 0 ) + if ( (err = xsm_domain_create(XSM_HOOK, d, ssidref)) != 0 ) goto fail; d->is_paused_by_controller = 1; @@ -475,6 +475,21 @@ int rcu_lock_remote_domain_by_id(domid_t return 0; } +int rcu_lock_live_remote_domain_by_id(domid_t dom, struct domain **d) +{ + int rv; + rv = rcu_lock_remote_domain_by_id(dom, d); + if ( rv ) + return rv; + if ( (*d)->is_dying ) + { + rcu_unlock_domain(*d); + return -EINVAL; + } + + return 0; +} + int domain_kill(struct domain *d) { int rc = 0; diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/common/domctl.c --- a/xen/common/domctl.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/common/domctl.c Fri Jan 11 12:23:39 2013 +0000 @@ -265,27 +265,9 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe return -ESRCH; } - switch ( op->cmd ) - { - case XEN_DOMCTL_ioport_mapping: - case XEN_DOMCTL_memory_mapping: - case XEN_DOMCTL_bind_pt_irq: - case XEN_DOMCTL_unbind_pt_irq: { - bool_t is_priv = IS_PRIV_FOR(current->domain, d); - if ( !is_priv ) - { - ret = -EPERM; - goto domctl_out_unlock_domonly; - } - break; - } - case XEN_DOMCTL_getdomaininfo: - break; - default: - if ( !IS_PRIV(current->domain) ) - return -EPERM; - break; - } + ret = xsm_domctl(XSM_OTHER, d, op->cmd); + if ( ret ) + goto domctl_out_unlock_domonly; if ( !domctl_lock_acquire() ) { @@ -308,10 +290,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe if ( d == NULL ) break; - ret = xsm_setvcpucontext(d); - if ( ret ) - goto svc_out; - ret = -EINVAL; if ( (d == current->domain) || /* no domain_pause() */ (vcpu >= d->max_vcpus) || ((v = d->vcpu[vcpu]) == NULL) ) @@ -358,10 +336,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe case XEN_DOMCTL_pausedomain: { - ret = xsm_pausedomain(d); - if ( ret ) - break; - ret = -EINVAL; if ( d != current->domain ) { @@ -373,10 +347,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe case XEN_DOMCTL_unpausedomain: { - ret = xsm_unpausedomain(d); - if ( ret ) - break; - domain_unpause_by_systemcontroller(d); ret = 0; } @@ -384,10 +354,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe case XEN_DOMCTL_resumedomain: { - ret = xsm_resumedomain(d); - if ( ret ) - break; - domain_resume(d); ret = 0; } @@ -470,10 +436,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe (is_hvm_domain(d) && (max > MAX_HVM_VCPUS)) ) break; - ret = xsm_max_vcpus(d); - if ( ret ) - break; - /* Until Xenoprof can dynamically grow its vcpu-s array... */ if ( d->xenoprof ) { @@ -556,7 +518,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe case XEN_DOMCTL_destroydomain: { - ret = xsm_destroydomain(d) ? : domain_kill(d); + ret = domain_kill(d); } break; @@ -565,10 +527,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe { struct vcpu *v; - ret = xsm_vcpuaffinity(op->cmd, d); - if ( ret ) - break; - ret = -EINVAL; if ( op->u.vcpuaffinity.vcpu >= d->max_vcpus ) break; @@ -599,10 +557,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe case XEN_DOMCTL_scheduler_op: { - ret = xsm_scheduler(d); - if ( ret ) - break; - ret = sched_adjust(d, &op->u.scheduler_op); copyback = 1; } @@ -625,7 +579,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe break; } - ret = xsm_getdomaininfo(d); + ret = xsm_getdomaininfo(XSM_HOOK, d); if ( ret ) goto getdomaininfo_out; @@ -645,10 +599,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe vcpu_guest_context_u c = { .nat = NULL }; struct vcpu *v; - ret = xsm_getvcpucontext(d); - if ( ret ) - goto getvcpucontext_out; - ret = -EINVAL; if ( op->u.vcpucontext.vcpu >= d->max_vcpus ) goto getvcpucontext_out; @@ -702,10 +652,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe struct vcpu *v; struct vcpu_runstate_info runstate; - ret = xsm_getvcpuinfo(d); - if ( ret ) - break; - ret = -EINVAL; if ( op->u.getvcpuinfo.vcpu >= d->max_vcpus ) break; @@ -730,10 +676,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe { unsigned long new_max; - ret = xsm_setdomainmaxmem(d); - if ( ret ) - break; - ret = -EINVAL; new_max = op->u.max_mem.max_memkb >> (PAGE_SHIFT-10); @@ -751,10 +693,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe case XEN_DOMCTL_setdomainhandle: { - ret = xsm_setdomainhandle(d); - if ( ret ) - break; - memcpy(d->handle, op->u.setdomainhandle.handle, sizeof(xen_domain_handle_t)); ret = 0; @@ -767,10 +705,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe if ( d == current->domain ) /* no domain_pause() */ break; - ret = xsm_setdebugging(d); - if ( ret ) - break; - domain_pause(d); d->debugger_attached = !!op->u.setdebugging.enable; domain_unpause(d); /* causes guest to latch new status */ @@ -785,7 +719,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe if ( pirq >= d->nr_pirqs ) ret = -EINVAL; - else if ( xsm_irq_permission(d, pirq, allow) ) + else if ( xsm_irq_permission(XSM_HOOK, d, pirq, allow) ) ret = -EPERM; else if ( allow ) ret = irq_permit_access(d, pirq); @@ -804,7 +738,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe if ( (mfn + nr_mfns - 1) < mfn ) /* wrap? */ break; - if ( xsm_iomem_permission(d, mfn, mfn + nr_mfns - 1, allow) ) + if ( xsm_iomem_permission(XSM_HOOK, d, mfn, mfn + nr_mfns - 1, allow) ) ret = -EPERM; else if ( allow ) ret = iomem_permit_access(d, mfn, mfn + nr_mfns - 1); @@ -815,10 +749,6 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe case XEN_DOMCTL_settimeoffset: { - ret = xsm_domain_settime(d); - if ( ret ) - break; - domain_set_time_offset(d, op->u.settimeoffset.time_offset_seconds); ret = 0; } @@ -840,7 +770,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe break; } - ret = xsm_set_target(d, e); + ret = xsm_set_target(XSM_HOOK, d, e); if ( ret ) { put_domain(e); break; @@ -855,27 +785,20 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe case XEN_DOMCTL_subscribe: { - ret = xsm_domctl(d, op->cmd); - if ( !ret ) - d->suspend_evtchn = op->u.subscribe.port; + d->suspend_evtchn = op->u.subscribe.port; } break; case XEN_DOMCTL_disable_migrate: { - ret = xsm_domctl(d, op->cmd); - if ( !ret ) - d->disable_migrate = op->u.disable_migrate.disable; + d->disable_migrate = op->u.disable_migrate.disable; } break; case XEN_DOMCTL_set_virq_handler: { uint32_t virq = op->u.set_virq_handler.virq; - - ret = xsm_set_virq_handler(d, virq); - if ( !ret ) - ret = set_global_virq_handler(d, virq); + ret = set_global_virq_handler(d, virq); } break; diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/common/event_channel.c --- a/xen/common/event_channel.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/common/event_channel.c Fri Jan 11 12:23:39 2013 +0000 @@ -165,9 +165,9 @@ static long evtchn_alloc_unbound(evtchn_ domid_t dom = alloc->dom; long rc; - rc = rcu_lock_target_domain_by_id(dom, &d); - if ( rc ) - return rc; + d = rcu_lock_domain_by_any_id(dom); + if ( d == NULL ) + return -ESRCH; spin_lock(&d->event_lock); @@ -175,7 +175,7 @@ static long evtchn_alloc_unbound(evtchn_ ERROR_EXIT_DOM(port, d); chn = evtchn_from_port(d, port); - rc = xsm_evtchn_unbound(d, chn, alloc->remote_dom); + rc = xsm_evtchn_unbound(XSM_TARGET, d, chn, alloc->remote_dom); if ( rc ) goto out; @@ -231,7 +231,7 @@ static long evtchn_bind_interdomain(evtc (rchn->u.unbound.remote_domid != ld->domain_id) ) ERROR_EXIT_DOM(-EINVAL, rd); - rc = xsm_evtchn_interdomain(ld, lchn, rd, rchn); + rc = xsm_evtchn_interdomain(XSM_HOOK, ld, lchn, rd, rchn); if ( rc ) goto out; @@ -580,7 +580,7 @@ int evtchn_send(struct domain *d, unsign return -EINVAL; } - ret = xsm_evtchn_send(ld, lchn); + ret = xsm_evtchn_send(XSM_HOOK, ld, lchn); if ( ret ) goto out; @@ -798,9 +798,9 @@ static long evtchn_status(evtchn_status_ struct evtchn *chn; long rc = 0; - rc = rcu_lock_target_domain_by_id(dom, &d); - if ( rc ) - return rc; + d = rcu_lock_domain_by_any_id(dom); + if ( d == NULL ) + return -ESRCH; spin_lock(&d->event_lock); @@ -812,7 +812,7 @@ static long evtchn_status(evtchn_status_ chn = evtchn_from_port(d, port); - rc = xsm_evtchn_status(d, chn); + rc = xsm_evtchn_status(XSM_TARGET, d, chn); if ( rc ) goto out; @@ -950,11 +950,11 @@ static long evtchn_reset(evtchn_reset_t struct domain *d; int i, rc; - rc = rcu_lock_target_domain_by_id(dom, &d); - if ( rc ) - return rc; + d = rcu_lock_domain_by_any_id(dom); + if ( d == NULL ) + return -ESRCH; - rc = xsm_evtchn_reset(current->domain, d); + rc = xsm_evtchn_reset(XSM_TARGET, current->domain, d); if ( rc ) goto out; @@ -1101,7 +1101,7 @@ int alloc_unbound_xen_event_channel( goto out; chn = evtchn_from_port(d, port); - rc = xsm_evtchn_unbound(d, chn, remote_domid); + rc = xsm_evtchn_unbound(XSM_TARGET, d, chn, remote_domid); chn->state = ECS_UNBOUND; chn->xen_consumer = get_xen_consumer(notification_fn); diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/common/grant_table.c --- a/xen/common/grant_table.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/common/grant_table.c Fri Jan 11 12:23:39 2013 +0000 @@ -230,30 +230,6 @@ double_gt_unlock(struct grant_table *lgt spin_unlock(&rgt->lock); } -static struct domain *gt_lock_target_domain_by_id(domid_t dom) -{ - struct domain *d; - int rc = GNTST_general_error; - - switch ( rcu_lock_target_domain_by_id(dom, &d) ) - { - case 0: - return d; - - case -ESRCH: - gdprintk(XENLOG_INFO, "Bad domid %d.\n", dom); - rc = GNTST_bad_domain; - break; - - case -EPERM: - rc = GNTST_permission_denied; - break; - } - - ASSERT(rc < 0 && -rc <= MAX_ERRNO); - return ERR_PTR(rc); -} - static inline int __get_maptrack_handle( struct grant_table *t) @@ -576,7 +552,7 @@ __gnttab_map_grant_ref( return; } - rc = xsm_grant_mapref(ld, rd, op->flags); + rc = xsm_grant_mapref(XSM_HOOK, ld, rd, op->flags); if ( rc ) { rcu_unlock_domain(rd); @@ -896,7 +872,7 @@ __gnttab_unmap_common( return; } - rc = xsm_grant_unmapref(ld, rd); + rc = xsm_grant_unmapref(XSM_HOOK, ld, rd); if ( rc ) { rcu_unlock_domain(rd); @@ -1352,14 +1328,15 @@ gnttab_setup_table( if ( !guest_handle_okay(op.frame_list, op.nr_frames) ) return -EFAULT; - d = gt_lock_target_domain_by_id(op.dom); - if ( IS_ERR(d) ) + d = rcu_lock_domain_by_any_id(op.dom); + if ( d == NULL ) { - op.status = PTR_ERR(d); - goto out1; + gdprintk(XENLOG_INFO, "Bad domid %d.\n", op.dom); + op.status = GNTST_bad_domain; + goto out2; } - if ( xsm_grant_setup(current->domain, d) ) + if ( xsm_grant_setup(XSM_TARGET, current->domain, d) ) { op.status = GNTST_permission_denied; goto out2; @@ -1421,14 +1398,15 @@ gnttab_query_size( return -EFAULT; } - d = gt_lock_target_domain_by_id(op.dom); - if ( IS_ERR(d) ) + d = rcu_lock_domain_by_any_id(op.dom); + if ( d == NULL ) { - op.status = PTR_ERR(d); + gdprintk(XENLOG_INFO, "Bad domid %d.\n", op.dom); + op.status = GNTST_bad_domain; goto query_out; } - rc = xsm_grant_query_size(current->domain, d); + rc = xsm_grant_query_size(XSM_TARGET, current->domain, d); if ( rc ) { op.status = GNTST_permission_denied; @@ -1604,7 +1582,7 @@ gnttab_transfer( goto copyback; } - if ( xsm_grant_transfer(d, e) ) + if ( xsm_grant_transfer(XSM_HOOK, d, e) ) { put_gfn(d, gop.mfn); gop.status = GNTST_permission_denied; @@ -2044,7 +2022,7 @@ __gnttab_copy( PIN_FAIL(error_out, GNTST_bad_domain, "couldn't find %d\n", op->dest.domid); - rc = xsm_grant_copy(sd, dd); + rc = xsm_grant_copy(XSM_HOOK, sd, dd); if ( rc ) { rc = GNTST_permission_denied; @@ -2296,13 +2274,13 @@ gnttab_get_status_frames(XEN_GUEST_HANDL return -EFAULT; } - d = gt_lock_target_domain_by_id(op.dom); - if ( IS_ERR(d) ) + d = rcu_lock_domain_by_any_id(op.dom); + if ( d == NULL ) { - op.status = PTR_ERR(d); + op.status = GNTST_bad_domain; goto out1; } - rc = xsm_grant_setup(current->domain, d); + rc = xsm_grant_setup(XSM_TARGET, current->domain, d); if ( rc ) { op.status = GNTST_permission_denied; goto out1; @@ -2349,14 +2327,15 @@ gnttab_get_version(XEN_GUEST_HANDLE_PARA if ( copy_from_guest(&op, uop, 1) ) return -EFAULT; - rc = rcu_lock_target_domain_by_id(op.dom, &d); - if ( rc < 0 ) - return rc; - - if ( xsm_grant_query_size(current->domain, d) ) + d = rcu_lock_domain_by_any_id(op.dom); + if ( d == NULL ) + return -ESRCH; + + rc = xsm_grant_query_size(XSM_TARGET, current->domain, d); + if ( rc ) { rcu_unlock_domain(d); - return -EPERM; + return rc; } op.version = d->grant_table->gt_version; diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/common/kexec.c --- a/xen/common/kexec.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/common/kexec.c Fri Jan 11 12:23:39 2013 +0000 @@ -852,10 +852,7 @@ static int do_kexec_op_internal(unsigned unsigned long flags; int ret = -EINVAL; - if ( !IS_PRIV(current->domain) ) - return -EPERM; - - ret = xsm_kexec(); + ret = xsm_kexec(XSM_PRIV); if ( ret ) return ret; diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/common/memory.c --- a/xen/common/memory.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/common/memory.c Fri Jan 11 12:23:39 2013 +0000 @@ -341,9 +341,19 @@ static long memory_exchange(XEN_GUEST_HA out_chunk_order = exch.in.extent_order - exch.out.extent_order; } - rc = rcu_lock_target_domain_by_id(exch.in.domid, &d); + d = rcu_lock_domain_by_any_id(exch.in.domid); + if ( d == NULL ) + { + rc = -ESRCH; + goto fail_early; + } + + rc = xsm_memory_exchange(XSM_TARGET, d); if ( rc ) + { + rcu_unlock_domain(d); goto fail_early; + } memflags |= MEMF_bits(domain_clamp_alloc_bitsize( d, @@ -585,11 +595,12 @@ long do_memory_op(unsigned long cmd, XEN && (reservation.mem_flags & XENMEMF_populate_on_demand) ) args.memflags |= MEMF_populate_on_demand; - if ( unlikely(rcu_lock_target_domain_by_id(reservation.domid, &d)) ) + d = rcu_lock_domain_by_any_id(reservation.domid); + if ( d == NULL ) return start_extent; args.domain = d; - rc = xsm_memory_adjust_reservation(current->domain, d); + rc = xsm_memory_adjust_reservation(XSM_TARGET, current->domain, d); if ( rc ) { rcu_unlock_domain(d); @@ -634,11 +645,11 @@ long do_memory_op(unsigned long cmd, XEN if ( copy_from_guest(&domid, arg, 1) ) return -EFAULT; - rc = rcu_lock_target_domain_by_id(domid, &d); - if ( rc ) - return rc; + d = rcu_lock_domain_by_any_id(domid); + if ( d == NULL ) + return -ESRCH; - rc = xsm_memory_stat_reservation(current->domain, d); + rc = xsm_memory_stat_reservation(XSM_TARGET, current->domain, d); if ( rc ) { rcu_unlock_domain(d); @@ -672,11 +683,11 @@ long do_memory_op(unsigned long cmd, XEN if ( copy_from_guest(&xrfp, arg, 1) ) return -EFAULT; - rc = rcu_lock_target_domain_by_id(xrfp.domid, &d); - if ( rc != 0 ) - return rc; + d = rcu_lock_domain_by_any_id(xrfp.domid); + if ( d == NULL ) + return -ESRCH; - if ( xsm_remove_from_physmap(current->domain, d) ) + if ( xsm_remove_from_physmap(XSM_TARGET, current->domain, d) ) { rcu_unlock_domain(d); return -EPERM; diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/common/schedule.c --- a/xen/common/schedule.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/common/schedule.c Fri Jan 11 12:23:39 2013 +0000 @@ -921,13 +921,7 @@ ret_t do_sched_op(int cmd, XEN_GUEST_HAN if ( d == NULL ) break; - if ( !IS_PRIV_FOR(current->domain, d) ) - { - rcu_unlock_domain(d); - return -EPERM; - } - - ret = xsm_schedop_shutdown(current->domain, d); + ret = xsm_schedop_shutdown(XSM_DM_PRIV, current->domain, d); if ( ret ) { rcu_unlock_domain(d); @@ -1012,7 +1006,11 @@ int sched_id(void) long sched_adjust(struct domain *d, struct xen_domctl_scheduler_op *op) { long ret; - + + ret = xsm_domctl_scheduler_op(XSM_HOOK, d, op->cmd); + if ( ret ) + return ret; + if ( (op->sched_id != DOM2OP(d)->sched_id) || ((op->cmd != XEN_DOMCTL_SCHEDOP_putinfo) && (op->cmd != XEN_DOMCTL_SCHEDOP_getinfo)) ) @@ -1031,6 +1029,10 @@ long sched_adjust_global(struct xen_sysc struct cpupool *pool; int rc; + rc = xsm_sysctl_scheduler_op(XSM_HOOK, op->cmd); + if ( rc ) + return rc; + if ( (op->cmd != XEN_DOMCTL_SCHEDOP_putinfo) && (op->cmd != XEN_DOMCTL_SCHEDOP_getinfo) ) return -EINVAL; diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/common/sysctl.c --- a/xen/common/sysctl.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/common/sysctl.c Fri Jan 11 12:23:39 2013 +0000 @@ -34,15 +34,16 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe struct xen_sysctl curop, *op = &curop; static DEFINE_SPINLOCK(sysctl_lock); - if ( !IS_PRIV(current->domain) ) - return -EPERM; - if ( copy_from_guest(op, u_sysctl, 1) ) return -EFAULT; if ( op->interface_version != XEN_SYSCTL_INTERFACE_VERSION ) return -EACCES; + ret = xsm_sysctl(XSM_PRIV, op->cmd); + if ( ret ) + return ret; + /* * Trylock here avoids deadlock with an existing sysctl critical section * which might (for some current or future reason) want to synchronise @@ -56,7 +57,7 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe switch ( op->cmd ) { case XEN_SYSCTL_readconsole: - ret = xsm_readconsole(op->u.readconsole.clear); + ret = xsm_readconsole(XSM_HOOK, op->u.readconsole.clear); if ( ret ) break; @@ -64,18 +65,10 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe break; case XEN_SYSCTL_tbuf_op: - ret = xsm_tbufcontrol(); - if ( ret ) - break; - ret = tb_control(&op->u.tbuf_op); break; case XEN_SYSCTL_sched_id: - ret = xsm_sched_id(); - if ( ret ) - break; - op->u.sched_id.sched_id = sched_id(); break; @@ -94,7 +87,7 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe if ( num_domains == op->u.getdomaininfolist.max_domains ) break; - ret = xsm_getdomaininfo(d); + ret = xsm_getdomaininfo(XSM_HOOK, d); if ( ret ) continue; @@ -121,20 +114,12 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe #ifdef PERF_COUNTERS case XEN_SYSCTL_perfc_op: - ret = xsm_perfcontrol(); - if ( ret ) - break; - ret = perfc_control(&op->u.perfc_op); break; #endif #ifdef LOCK_PROFILE case XEN_SYSCTL_lockprof_op: - ret = xsm_lockprof(); - if ( ret ) - break; - ret = spinlock_profile_control(&op->u.lockprof_op); break; #endif @@ -143,10 +128,6 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe char c; uint32_t i; - ret = xsm_debug_keys(); - if ( ret ) - break; - ret = -EFAULT; for ( i = 0; i < op->u.debug_keys.nr_keys; i++ ) { @@ -166,10 +147,6 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe nr_cpus = min(op->u.getcpuinfo.max_cpus, nr_cpu_ids); - ret = xsm_getcpuinfo(); - if ( ret ) - break; - ret = -EFAULT; for ( i = 0; i < nr_cpus; i++ ) { @@ -185,10 +162,6 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe break; case XEN_SYSCTL_availheap: - ret = xsm_availheap(); - if ( ret ) - break; - op->u.availheap.avail_bytes = avail_domheap_pages_region( op->u.availheap.node, op->u.availheap.min_bitwidth, @@ -198,18 +171,10 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe #ifdef HAS_ACPI case XEN_SYSCTL_get_pmstat: - ret = xsm_get_pmstat(); - if ( ret ) - break; - ret = do_get_pm_info(&op->u.get_pmstat); break; case XEN_SYSCTL_pm_op: - ret = xsm_pm_op(); - if ( ret ) - break; - ret = do_pm_op(&op->u.pm_op); if ( ret == -EAGAIN ) copyback = 1; @@ -221,7 +186,7 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe uint32_t *status, *ptr; unsigned long pfn; - ret = xsm_page_offline(op->u.page_offline.cmd); + ret = xsm_page_offline(XSM_HOOK, op->u.page_offline.cmd); if ( ret ) break; @@ -277,18 +242,10 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe break; case XEN_SYSCTL_cpupool_op: - ret = xsm_cpupool_op(); - if ( ret ) - break; - ret = cpupool_do_sysctl(&op->u.cpupool_op); break; case XEN_SYSCTL_scheduler_op: - ret = xsm_sched_op(); - if ( ret ) - break; - ret = sched_adjust_global(&op->u.scheduler_op); break; diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/common/tmem.c --- a/xen/common/tmem.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/common/tmem.c Fri Jan 11 12:23:39 2013 +0000 @@ -2644,6 +2644,9 @@ EXPORT long do_tmem_op(tmem_cli_op_t uop if ( !tmem_initialized ) return -ENODEV; + if ( !tmh_current_permitted() ) + return -EPERM; + total_tmem_ops++; if ( tmh_lock_all ) diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/common/xenoprof.c --- a/xen/common/xenoprof.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/common/xenoprof.c Fri Jan 11 12:23:39 2013 +0000 @@ -677,7 +677,7 @@ ret_t do_xenoprof_op(int op, XEN_GUEST_H return -EPERM; } - ret = xsm_profile(current->domain, op); + ret = xsm_profile(XSM_HOOK, current->domain, op); if ( ret ) return ret; diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/drivers/char/console.c --- a/xen/drivers/char/console.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/drivers/char/console.c Fri Jan 11 12:23:39 2013 +0000 @@ -406,13 +406,7 @@ long do_console_io(int cmd, int count, X long rc; unsigned int idx, len; -#ifndef VERBOSE - /* Only domain 0 may access the emergency console. */ - if ( current->domain->domain_id != 0 ) - return -EPERM; -#endif - - rc = xsm_console_io(current->domain, cmd); + rc = xsm_console_io(XSM_OTHER, current->domain, cmd); if ( rc ) return rc; diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/drivers/passthrough/iommu.c --- a/xen/drivers/passthrough/iommu.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/drivers/passthrough/iommu.c Fri Jan 11 12:23:39 2013 +0000 @@ -514,7 +514,7 @@ static int iommu_get_device_group( ((pdev->bus == bus) && (pdev->devfn == devfn)) ) continue; - if ( xsm_get_device_group((seg << 16) | (pdev->bus << 8) | pdev->devfn) ) + if ( xsm_get_device_group(XSM_HOOK, (seg << 16) | (pdev->bus << 8) | pdev->devfn) ) continue; sdev_id = ops->get_device_group_id(seg, pdev->bus, pdev->devfn); @@ -617,7 +617,7 @@ int iommu_do_domctl( u32 max_sdevs; XEN_GUEST_HANDLE_64(uint32) sdevs; - ret = xsm_get_device_group(domctl->u.get_device_group.machine_sbdf); + ret = xsm_get_device_group(XSM_HOOK, domctl->u.get_device_group.machine_sbdf); if ( ret ) break; @@ -645,7 +645,7 @@ int iommu_do_domctl( break; case XEN_DOMCTL_test_assign_device: - ret = xsm_test_assign_device(domctl->u.assign_device.machine_sbdf); + ret = xsm_test_assign_device(XSM_HOOK, domctl->u.assign_device.machine_sbdf); if ( ret ) break; @@ -669,7 +669,7 @@ int iommu_do_domctl( break; } - ret = xsm_assign_device(d, domctl->u.assign_device.machine_sbdf); + ret = xsm_assign_device(XSM_HOOK, d, domctl->u.assign_device.machine_sbdf); if ( ret ) break; @@ -688,7 +688,7 @@ int iommu_do_domctl( break; case XEN_DOMCTL_deassign_device: - ret = xsm_deassign_device(d, domctl->u.assign_device.machine_sbdf); + ret = xsm_deassign_device(XSM_HOOK, d, domctl->u.assign_device.machine_sbdf); if ( ret ) break; diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/drivers/passthrough/pci.c --- a/xen/drivers/passthrough/pci.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/drivers/passthrough/pci.c Fri Jan 11 12:23:39 2013 +0000 @@ -477,7 +477,7 @@ int pci_add_device(u16 seg, u8 bus, u8 d pdev_type = "device"; } - ret = xsm_resource_plug_pci((seg << 16) | (bus << 8) | devfn); + ret = xsm_resource_plug_pci(XSM_PRIV, (seg << 16) | (bus << 8) | devfn); if ( ret ) return ret; @@ -604,7 +604,7 @@ int pci_remove_device(u16 seg, u8 bus, u struct pci_dev *pdev; int ret; - ret = xsm_resource_unplug_pci((seg << 16) | (bus << 8) | devfn); + ret = xsm_resource_unplug_pci(XSM_PRIV, (seg << 16) | (bus << 8) | devfn); if ( ret ) return ret; diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/include/asm-x86/mem_event.h --- a/xen/include/asm-x86/mem_event.h Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/include/asm-x86/mem_event.h Fri Jan 11 12:23:39 2013 +0000 @@ -62,7 +62,6 @@ void mem_event_put_request(struct domain int mem_event_get_response(struct domain *d, struct mem_event_domain *med, mem_event_response_t *rsp); -struct domain *get_mem_event_op_target(uint32_t domain, int *rc); int do_mem_event_op(int op, uint32_t domain, void *arg); int mem_event_domctl(struct domain *d, xen_domctl_mem_event_op_t *mec, XEN_GUEST_HANDLE_PARAM(void) u_domctl); diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/include/xen/sched.h --- a/xen/include/xen/sched.h Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/include/xen/sched.h Fri Jan 11 12:23:39 2013 +0000 @@ -484,6 +484,12 @@ int rcu_lock_remote_target_domain_by_id( */ int rcu_lock_remote_domain_by_id(domid_t dom, struct domain **d); +/* + * As rcu_lock_remote_domain_by_id() but will fail EINVAL if the domain is + * dying. + */ +int rcu_lock_live_remote_domain_by_id(domid_t dom, struct domain **d); + /* Finish a RCU critical region started by rcu_lock_domain_by_id(). */ static inline void rcu_unlock_domain(struct domain *d) { diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/include/xen/tmem_xen.h --- a/xen/include/xen/tmem_xen.h Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/include/xen/tmem_xen.h Fri Jan 11 12:23:39 2013 +0000 @@ -16,6 +16,7 @@ #include /* copy_from_guest */ #include /* hash_long */ #include /* __map_domain_page */ +#include /* xsm_tmem_control */ #include #ifdef CONFIG_COMPAT #include @@ -326,9 +327,14 @@ static inline bool_t tmh_set_client_from return rc; } +static inline bool_t tmh_current_permitted(void) +{ + return !xsm_tmem_op(XSM_HOOK); +} + static inline bool_t tmh_current_is_privileged(void) { - return IS_PRIV(current->domain); + return !xsm_tmem_control(XSM_PRIV); } static inline uint8_t tmh_get_first_byte(pfp_t *pfp) diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/include/xsm/dummy.h --- a/xen/include/xsm/dummy.h Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/include/xsm/dummy.h Fri Jan 11 12:23:39 2013 +0000 @@ -6,167 +6,144 @@ * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2, * as published by the Free Software Foundation. + * + * + * Each XSM hook implementing an access check should have its first parameter + * preceded by XSM_DEFAULT_ARG (or use XSM_DEFAULT_VOID if it has no + * arguments). The first non-declaration statement shold be XSM_ASSERT_ACTION + * with the expected type of the hook, which will either define or check the + * value of action. */ #include #include +/* Cannot use BUILD_BUG_ON here because the expressions we check are not + * considered constant at compile time. Instead, rely on constant propagation to + * inline out the calls to this invalid function, which will cause linker errors + * if references remain at link time. + */ +#define LINKER_BUG_ON(x) do { if (x) __xsm_action_mismatch_detected(); } while (0) +/* DO NOT implement this function; it is supposed to trigger link errors */ +void __xsm_action_mismatch_detected(void); + +#ifdef XSM_ENABLE + +/* In XSM_ENABLE builds, this header file is included from xsm/dummy.c, and + * contains static (not inline) functions compiled to the dummy XSM module. + * There is no xsm_default_t argument available, so the value from the assertion + * is used to initialize the variable. + */ +#define XSM_INLINE /* */ +#define XSM_DEFAULT_ARG /* */ +#define XSM_DEFAULT_VOID void +#define XSM_ASSERT_ACTION(def) xsm_default_t action = def; (void)action + +#else /* XSM_ENABLE */ + +/* In !XSM_ENABLE builds, this header file is included from xsm/xsm.h, and + * contains inline functions for each XSM hook. These functions also perform + * compile-time checks on the xsm_default_t argument to ensure that the behavior + * of the dummy XSM module is the same as the behavior with XSM disabled. + */ +#define XSM_INLINE inline +#define XSM_DEFAULT_ARG xsm_default_t action, +#define XSM_DEFAULT_VOID xsm_default_t action +#define XSM_ASSERT_ACTION(def) LINKER_BUG_ON(def != action) + +#endif /* XSM_ENABLE */ + +static inline int xsm_default_action(xsm_default_t action, struct domain *src, + struct domain *target) +{ + switch ( action ) { + case XSM_HOOK: + return 0; + case XSM_DM_PRIV: + if ( !IS_PRIV_FOR(src, target) ) + return -EPERM; + return 0; + case XSM_TARGET: + if ( src != target && !IS_PRIV_FOR(src, target) ) + return -EPERM; + return 0; + case XSM_PRIV: + if ( !IS_PRIV(src) ) + return -EPERM; + return 0; + default: + LINKER_BUG_ON(1); + return -EPERM; + } +} + static XSM_INLINE void xsm_security_domaininfo(struct domain *d, struct xen_domctl_getdomaininfo *info) { return; } -static XSM_INLINE int xsm_setvcpucontext(struct domain *d) +static XSM_INLINE int xsm_domain_create(XSM_DEFAULT_ARG struct domain *d, u32 ssidref) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_pausedomain(struct domain *d) +static XSM_INLINE int xsm_getdomaininfo(XSM_DEFAULT_ARG struct domain *d) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_unpausedomain(struct domain *d) +static XSM_INLINE int xsm_domctl_scheduler_op(XSM_DEFAULT_ARG struct domain *d, int cmd) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_resumedomain(struct domain *d) +static XSM_INLINE int xsm_sysctl_scheduler_op(XSM_DEFAULT_ARG int cmd) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_domain_create(struct domain *d, u32 ssidref) +static XSM_INLINE int xsm_set_target(XSM_DEFAULT_ARG struct domain *d, struct domain *e) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_max_vcpus(struct domain *d) +static XSM_INLINE int xsm_domctl(XSM_DEFAULT_ARG struct domain *d, int cmd) { - return 0; + XSM_ASSERT_ACTION(XSM_OTHER); + switch ( cmd ) + { + case XEN_DOMCTL_ioport_mapping: + case XEN_DOMCTL_memory_mapping: + case XEN_DOMCTL_bind_pt_irq: + case XEN_DOMCTL_unbind_pt_irq: + return xsm_default_action(XSM_DM_PRIV, current->domain, d); + default: + return xsm_default_action(XSM_PRIV, current->domain, d); + } } -static XSM_INLINE int xsm_destroydomain(struct domain *d) +static XSM_INLINE int xsm_sysctl(XSM_DEFAULT_ARG int cmd) { - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_vcpuaffinity(int cmd, struct domain *d) +static XSM_INLINE int xsm_readconsole(XSM_DEFAULT_ARG uint32_t clear) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_scheduler(struct domain *d) +static XSM_INLINE int xsm_do_mca(XSM_DEFAULT_VOID) { - return 0; -} - -static XSM_INLINE int xsm_getdomaininfo(struct domain *d) -{ - if ( !IS_PRIV(current->domain) ) - return -EPERM; - return 0; -} - -static XSM_INLINE int xsm_getvcpucontext(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_getvcpuinfo(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_domain_settime(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_set_target(struct domain *d, struct domain *e) -{ - return 0; -} - -static XSM_INLINE int xsm_domctl(struct domain *d, int cmd) -{ - return 0; -} - -static XSM_INLINE int xsm_set_virq_handler(struct domain *d, uint32_t virq) -{ - return 0; -} - -static XSM_INLINE int xsm_tbufcontrol(void) -{ - return 0; -} - -static XSM_INLINE int xsm_readconsole(uint32_t clear) -{ - return 0; -} - -static XSM_INLINE int xsm_sched_id(void) -{ - return 0; -} - -static XSM_INLINE int xsm_setdomainmaxmem(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_setdomainhandle(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_setdebugging(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_perfcontrol(void) -{ - return 0; -} - -static XSM_INLINE int xsm_debug_keys(void) -{ - return 0; -} - -static XSM_INLINE int xsm_getcpuinfo(void) -{ - return 0; -} - -static XSM_INLINE int xsm_get_pmstat(void) -{ - return 0; -} - -static XSM_INLINE int xsm_setpminfo(void) -{ - return 0; -} - -static XSM_INLINE int xsm_pm_op(void) -{ - return 0; -} - -static XSM_INLINE int xsm_do_mca(void) -{ - return 0; -} - -static XSM_INLINE int xsm_availheap(void) -{ - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } static XSM_INLINE int xsm_alloc_security_domain(struct domain *d) @@ -179,84 +156,109 @@ static XSM_INLINE void xsm_free_security return; } -static XSM_INLINE int xsm_grant_mapref(struct domain *d1, struct domain *d2, +static XSM_INLINE int xsm_grant_mapref(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2, uint32_t flags) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_grant_unmapref(struct domain *d1, struct domain *d2) +static XSM_INLINE int xsm_grant_unmapref(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_grant_setup(struct domain *d1, struct domain *d2) +static XSM_INLINE int xsm_grant_setup(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_grant_transfer(struct domain *d1, struct domain *d2) +static XSM_INLINE int xsm_grant_transfer(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_grant_copy(struct domain *d1, struct domain *d2) +static XSM_INLINE int xsm_grant_copy(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_grant_query_size(struct domain *d1, struct domain *d2) +static XSM_INLINE int xsm_grant_query_size(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_memory_adjust_reservation(struct domain *d1, +static XSM_INLINE int xsm_memory_exchange(XSM_DEFAULT_ARG struct domain *d) +{ + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, current->domain, d); +} + +static XSM_INLINE int xsm_memory_adjust_reservation(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_memory_stat_reservation(struct domain *d1, struct domain *d2) +static XSM_INLINE int xsm_memory_stat_reservation(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_console_io(struct domain *d, int cmd) +static XSM_INLINE int xsm_console_io(XSM_DEFAULT_ARG struct domain *d, int cmd) { - return 0; + XSM_ASSERT_ACTION(XSM_OTHER); +#ifdef VERBOSE + return xsm_default_action(XSM_HOOK, current->domain, NULL); +#else + return xsm_default_action(XSM_PRIV, current->domain, NULL); +#endif } -static XSM_INLINE int xsm_profile(struct domain *d, int op) +static XSM_INLINE int xsm_profile(XSM_DEFAULT_ARG struct domain *d, int op) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_kexec(void) +static XSM_INLINE int xsm_kexec(XSM_DEFAULT_VOID) { - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_schedop_shutdown(struct domain *d1, struct domain *d2) +static XSM_INLINE int xsm_schedop_shutdown(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - return 0; + XSM_ASSERT_ACTION(XSM_DM_PRIV); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_memory_pin_page(struct domain *d1, struct domain *d2, +static XSM_INLINE int xsm_memory_pin_page(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2, struct page_info *page) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_evtchn_unbound(struct domain *d, struct evtchn *chn, +static XSM_INLINE int xsm_evtchn_unbound(XSM_DEFAULT_ARG struct domain *d, struct evtchn *chn, domid_t id2) { - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_evtchn_interdomain(struct domain *d1, struct evtchn +static XSM_INLINE int xsm_evtchn_interdomain(XSM_DEFAULT_ARG struct domain *d1, struct evtchn *chan1, struct domain *d2, struct evtchn *chan2) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, d1, d2); } static XSM_INLINE void xsm_evtchn_close_post(struct evtchn *chn) @@ -264,19 +266,22 @@ static XSM_INLINE void xsm_evtchn_close_ return; } -static XSM_INLINE int xsm_evtchn_send(struct domain *d, struct evtchn *chn) +static XSM_INLINE int xsm_evtchn_send(XSM_DEFAULT_ARG struct domain *d, struct evtchn *chn) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_evtchn_status(struct domain *d, struct evtchn *chn) +static XSM_INLINE int xsm_evtchn_status(XSM_DEFAULT_ARG struct domain *d, struct evtchn *chn) { - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_evtchn_reset(struct domain *d1, struct domain *d2) +static XSM_INLINE int xsm_evtchn_reset(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d1, d2); } static XSM_INLINE int xsm_alloc_security_evtchn(struct evtchn *chn) @@ -294,89 +299,100 @@ static XSM_INLINE char *xsm_show_securit return NULL; } -static XSM_INLINE int xsm_get_pod_target(struct domain *d) +static XSM_INLINE int xsm_get_pod_target(XSM_DEFAULT_ARG struct domain *d) { - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_set_pod_target(struct domain *d) +static XSM_INLINE int xsm_set_pod_target(XSM_DEFAULT_ARG struct domain *d) { - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_get_device_group(uint32_t machine_bdf) +static XSM_INLINE int xsm_get_device_group(XSM_DEFAULT_ARG uint32_t machine_bdf) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_test_assign_device(uint32_t machine_bdf) +static XSM_INLINE int xsm_test_assign_device(XSM_DEFAULT_ARG uint32_t machine_bdf) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_assign_device(struct domain *d, uint32_t machine_bdf) +static XSM_INLINE int xsm_assign_device(XSM_DEFAULT_ARG struct domain *d, uint32_t machine_bdf) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_deassign_device(struct domain *d, uint32_t machine_bdf) +static XSM_INLINE int xsm_deassign_device(XSM_DEFAULT_ARG struct domain *d, uint32_t machine_bdf) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_resource_plug_core(void) +static XSM_INLINE int xsm_resource_plug_core(XSM_DEFAULT_VOID) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_resource_unplug_core(void) +static XSM_INLINE int xsm_resource_unplug_core(XSM_DEFAULT_VOID) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_resource_plug_pci(uint32_t machine_bdf) +static XSM_INLINE int xsm_resource_plug_pci(XSM_DEFAULT_ARG uint32_t machine_bdf) { - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_resource_unplug_pci(uint32_t machine_bdf) +static XSM_INLINE int xsm_resource_unplug_pci(XSM_DEFAULT_ARG uint32_t machine_bdf) { - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_resource_setup_pci(uint32_t machine_bdf) +static XSM_INLINE int xsm_resource_setup_pci(XSM_DEFAULT_ARG uint32_t machine_bdf) { - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_resource_setup_gsi(int gsi) +static XSM_INLINE int xsm_resource_setup_gsi(XSM_DEFAULT_ARG int gsi) { - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_resource_setup_misc(void) +static XSM_INLINE int xsm_resource_setup_misc(XSM_DEFAULT_VOID) { - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_page_offline(uint32_t cmd) +static XSM_INLINE int xsm_page_offline(XSM_DEFAULT_ARG uint32_t cmd) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_lockprof(void) +static XSM_INLINE int xsm_tmem_op(XSM_DEFAULT_VOID) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_cpupool_op(void) +static XSM_INLINE int xsm_tmem_control(XSM_DEFAULT_VOID) { - return 0; -} - -static XSM_INLINE int xsm_sched_op(void) -{ - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } static XSM_INLINE long xsm_do_xsm_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) @@ -389,240 +405,179 @@ static XSM_INLINE char *xsm_show_irq_sid return NULL; } -static XSM_INLINE int xsm_map_domain_pirq(struct domain *d, int irq, void *data) +static XSM_INLINE int xsm_map_domain_pirq(XSM_DEFAULT_ARG struct domain *d, int irq, void *data) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_unmap_domain_pirq(struct domain *d, int irq) +static XSM_INLINE int xsm_unmap_domain_pirq(XSM_DEFAULT_ARG struct domain *d, int irq) { - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_irq_permission(struct domain *d, int pirq, uint8_t allow) +static XSM_INLINE int xsm_irq_permission(XSM_DEFAULT_ARG struct domain *d, int pirq, uint8_t allow) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_iomem_permission(struct domain *d, uint64_t s, uint64_t e, uint8_t allow) +static XSM_INLINE int xsm_iomem_permission(XSM_DEFAULT_ARG struct domain *d, uint64_t s, uint64_t e, uint8_t allow) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_iomem_mapping(struct domain *d, uint64_t s, uint64_t e, uint8_t allow) +static XSM_INLINE int xsm_iomem_mapping(XSM_DEFAULT_ARG struct domain *d, uint64_t s, uint64_t e, uint8_t allow) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_pci_config_permission(struct domain *d, uint32_t machine_bdf, +static XSM_INLINE int xsm_pci_config_permission(XSM_DEFAULT_ARG struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } #ifdef CONFIG_X86 -static XSM_INLINE int xsm_shadow_control(struct domain *d, uint32_t op) +static XSM_INLINE int xsm_shadow_control(XSM_DEFAULT_ARG struct domain *d, uint32_t op) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_getpageframeinfo(struct domain *d) +static XSM_INLINE int xsm_hvm_param(XSM_DEFAULT_ARG struct domain *d, unsigned long op) { - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_getmemlist(struct domain *d) +static XSM_INLINE int xsm_hvm_set_pci_intx_level(XSM_DEFAULT_ARG struct domain *d) { - return 0; + XSM_ASSERT_ACTION(XSM_DM_PRIV); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_hypercall_init(struct domain *d) +static XSM_INLINE int xsm_hvm_set_isa_irq_level(XSM_DEFAULT_ARG struct domain *d) { - return 0; + XSM_ASSERT_ACTION(XSM_DM_PRIV); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_hvmcontext(struct domain *d, uint32_t cmd) +static XSM_INLINE int xsm_hvm_set_pci_link_route(XSM_DEFAULT_ARG struct domain *d) { - return 0; + XSM_ASSERT_ACTION(XSM_DM_PRIV); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_address_size(struct domain *d, uint32_t cmd) +static XSM_INLINE int xsm_hvm_inject_msi(XSM_DEFAULT_ARG struct domain *d) { - return 0; + XSM_ASSERT_ACTION(XSM_DM_PRIV); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_machine_address_size(struct domain *d, uint32_t cmd) +static XSM_INLINE int xsm_mem_event_control(XSM_DEFAULT_ARG struct domain *d, int mode, int op) { - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_hvm_param(struct domain *d, unsigned long op) +static XSM_INLINE int xsm_mem_event_op(XSM_DEFAULT_ARG struct domain *d, int op) { - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_hvm_set_pci_intx_level(struct domain *d) +static XSM_INLINE int xsm_mem_sharing_op(XSM_DEFAULT_ARG struct domain *d, struct domain *cd, int op) { - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, current->domain, cd); } -static XSM_INLINE int xsm_hvm_set_isa_irq_level(struct domain *d) +static XSM_INLINE int xsm_apic(XSM_DEFAULT_ARG struct domain *d, int cmd) { - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, d, NULL); } -static XSM_INLINE int xsm_hvm_set_pci_link_route(struct domain *d) +static XSM_INLINE int xsm_platform_op(XSM_DEFAULT_ARG uint32_t op) { - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_hvm_inject_msi(struct domain *d) +static XSM_INLINE int xsm_machine_memory_map(XSM_DEFAULT_VOID) { - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_mem_event(struct domain *d) +static XSM_INLINE int xsm_domain_memory_map(XSM_DEFAULT_ARG struct domain *d) { - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_mem_sharing(struct domain *d) +static XSM_INLINE int xsm_mmu_update(XSM_DEFAULT_ARG struct domain *d, struct domain *t, + struct domain *f, uint32_t flags) { - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + if ( t && d != t && !IS_PRIV_FOR(d, t) ) + return -EPERM; + return xsm_default_action(action, d, f); } -static XSM_INLINE int xsm_apic(struct domain *d, int cmd) +static XSM_INLINE int xsm_mmuext_op(XSM_DEFAULT_ARG struct domain *d, struct domain *f) { - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d, f); } -static XSM_INLINE int xsm_xen_settime(void) +static XSM_INLINE int xsm_update_va_mapping(XSM_DEFAULT_ARG struct domain *d, struct domain *f, + l1_pgentry_t pte) { - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d, f); } -static XSM_INLINE int xsm_memtype(uint32_t access) +static XSM_INLINE int xsm_add_to_physmap(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_microcode(void) +static XSM_INLINE int xsm_remove_from_physmap(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_physinfo(void) +static XSM_INLINE int xsm_bind_pt_irq(XSM_DEFAULT_ARG struct domain *d, struct xen_domctl_bind_pt_irq *bind) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_platform_quirk(uint32_t quirk) +static XSM_INLINE int xsm_unbind_pt_irq(XSM_DEFAULT_ARG struct domain *d, struct xen_domctl_bind_pt_irq *bind) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_firmware_info(void) +static XSM_INLINE int xsm_ioport_permission(XSM_DEFAULT_ARG struct domain *d, uint32_t s, uint32_t e, uint8_t allow) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_efi_call(void) +static XSM_INLINE int xsm_ioport_mapping(XSM_DEFAULT_ARG struct domain *d, uint32_t s, uint32_t e, uint8_t allow) { - return 0; -} - -static XSM_INLINE int xsm_acpi_sleep(void) -{ - return 0; -} - -static XSM_INLINE int xsm_change_freq(void) -{ - return 0; -} - -static XSM_INLINE int xsm_getidletime(void) -{ - return 0; -} - -static XSM_INLINE int xsm_machine_memory_map(void) -{ - return 0; -} - -static XSM_INLINE int xsm_domain_memory_map(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_mmu_normal_update(struct domain *d, struct domain *t, - struct domain *f, intpte_t fpte) -{ - return 0; -} - -static XSM_INLINE int xsm_mmu_machphys_update(struct domain *d, struct domain *f, - unsigned long mfn) -{ - return 0; -} - -static XSM_INLINE int xsm_update_va_mapping(struct domain *d, struct domain *f, - l1_pgentry_t pte) -{ - return 0; -} - -static XSM_INLINE int xsm_add_to_physmap(struct domain *d1, struct domain *d2) -{ - return 0; -} - -static XSM_INLINE int xsm_remove_from_physmap(struct domain *d1, struct domain *d2) -{ - return 0; -} - -static XSM_INLINE int xsm_sendtrigger(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_bind_pt_irq(struct domain *d, struct xen_domctl_bind_pt_irq *bind) -{ - return 0; -} - -static XSM_INLINE int xsm_unbind_pt_irq(struct domain *d, struct xen_domctl_bind_pt_irq *bind) -{ - return 0; -} - -static XSM_INLINE int xsm_pin_mem_cacheattr(struct domain *d) -{ - return 0; -} - -static XSM_INLINE int xsm_ext_vcpucontext(struct domain *d, uint32_t cmd) -{ - return 0; -} - -static XSM_INLINE int xsm_vcpuextstate(struct domain *d, uint32_t cmd) -{ - return 0; -} - -static XSM_INLINE int xsm_ioport_permission(struct domain *d, uint32_t s, uint32_t e, uint8_t allow) -{ - return 0; -} - -static XSM_INLINE int xsm_ioport_mapping(struct domain *d, uint32_t s, uint32_t e, uint8_t allow) -{ - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } #endif diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/include/xsm/xsm.h --- a/xen/include/xsm/xsm.h Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/include/xsm/xsm.h Fri Jan 11 12:23:39 2013 +0000 @@ -27,7 +27,17 @@ typedef u32 xsm_magic_t; #define XSM_MAGIC 0x00000000 #endif -#ifdef XSM_ENABLE +/* These annotations are used by callers and in dummy.h to document the + * default actions of XSM hooks. They should be compiled out otherwise. + */ +enum xsm_default { + XSM_HOOK, /* Guests can normally access the hypercall */ + XSM_DM_PRIV, /* Device model can perform on its target domain */ + XSM_TARGET, /* Can perform on self or your target domain */ + XSM_PRIV, /* Privileged - normally restricted to dom0 */ + XSM_OTHER /* Something more complex */ +}; +typedef enum xsm_default xsm_default_t; extern char *policy_buffer; extern u32 policy_size; @@ -43,35 +53,14 @@ extern xsm_initcall_t __xsm_initcall_sta struct xsm_operations { void (*security_domaininfo) (struct domain *d, struct xen_domctl_getdomaininfo *info); - int (*setvcpucontext) (struct domain *d); - int (*pausedomain) (struct domain *d); - int (*unpausedomain) (struct domain *d); - int (*resumedomain) (struct domain *d); int (*domain_create) (struct domain *d, u32 ssidref); - int (*max_vcpus) (struct domain *d); - int (*destroydomain) (struct domain *d); - int (*vcpuaffinity) (int cmd, struct domain *d); - int (*scheduler) (struct domain *d); int (*getdomaininfo) (struct domain *d); - int (*getvcpucontext) (struct domain *d); - int (*getvcpuinfo) (struct domain *d); - int (*domain_settime) (struct domain *d); + int (*domctl_scheduler_op) (struct domain *d, int op); + int (*sysctl_scheduler_op) (int op); int (*set_target) (struct domain *d, struct domain *e); int (*domctl) (struct domain *d, int cmd); - int (*set_virq_handler) (struct domain *d, uint32_t virq); - int (*tbufcontrol) (void); + int (*sysctl) (int cmd); int (*readconsole) (uint32_t clear); - int (*sched_id) (void); - int (*setdomainmaxmem) (struct domain *d); - int (*setdomainhandle) (struct domain *d); - int (*setdebugging) (struct domain *d); - int (*perfcontrol) (void); - int (*debug_keys) (void); - int (*getcpuinfo) (void); - int (*availheap) (void); - int (*get_pmstat) (void); - int (*setpminfo) (void); - int (*pm_op) (void); int (*do_mca) (void); int (*evtchn_unbound) (struct domain *d, struct evtchn *chn, domid_t id2); @@ -97,6 +86,7 @@ struct xsm_operations { int (*get_pod_target) (struct domain *d); int (*set_pod_target) (struct domain *d); + int (*memory_exchange) (struct domain *d); int (*memory_adjust_reservation) (struct domain *d1, struct domain *d2); int (*memory_stat_reservation) (struct domain *d1, struct domain *d2); int (*memory_pin_page) (struct domain *d1, struct domain *d2, struct page_info *page); @@ -131,56 +121,44 @@ struct xsm_operations { int (*resource_setup_misc) (void); int (*page_offline)(uint32_t cmd); - int (*lockprof)(void); - int (*cpupool_op)(void); - int (*sched_op)(void); + int (*tmem_op)(void); + int (*tmem_control)(void); long (*do_xsm_op) (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op); #ifdef CONFIG_X86 int (*shadow_control) (struct domain *d, uint32_t op); - int (*getpageframeinfo) (struct domain *d); - int (*getmemlist) (struct domain *d); - int (*hypercall_init) (struct domain *d); - int (*hvmcontext) (struct domain *d, uint32_t op); - int (*address_size) (struct domain *d, uint32_t op); - int (*machine_address_size) (struct domain *d, uint32_t op); int (*hvm_param) (struct domain *d, unsigned long op); int (*hvm_set_pci_intx_level) (struct domain *d); int (*hvm_set_isa_irq_level) (struct domain *d); int (*hvm_set_pci_link_route) (struct domain *d); int (*hvm_inject_msi) (struct domain *d); - int (*mem_event) (struct domain *d); - int (*mem_sharing) (struct domain *d); + int (*mem_event_control) (struct domain *d, int mode, int op); + int (*mem_event_op) (struct domain *d, int op); + int (*mem_sharing_op) (struct domain *d, struct domain *cd, int op); int (*apic) (struct domain *d, int cmd); - int (*xen_settime) (void); int (*memtype) (uint32_t access); - int (*microcode) (void); - int (*physinfo) (void); - int (*platform_quirk) (uint32_t); - int (*firmware_info) (void); - int (*efi_call) (void); - int (*acpi_sleep) (void); - int (*change_freq) (void); - int (*getidletime) (void); + int (*platform_op) (uint32_t cmd); int (*machine_memory_map) (void); int (*domain_memory_map) (struct domain *d); - int (*mmu_normal_update) (struct domain *d, struct domain *t, - struct domain *f, intpte_t fpte); - int (*mmu_machphys_update) (struct domain *d1, struct domain *d2, unsigned long mfn); +#define XSM_MMU_UPDATE_READ 1 +#define XSM_MMU_UPDATE_WRITE 2 +#define XSM_MMU_NORMAL_UPDATE 4 +#define XSM_MMU_MACHPHYS_UPDATE 8 + int (*mmu_update) (struct domain *d, struct domain *t, + struct domain *f, uint32_t flags); + int (*mmuext_op) (struct domain *d, struct domain *f); int (*update_va_mapping) (struct domain *d, struct domain *f, l1_pgentry_t pte); int (*add_to_physmap) (struct domain *d1, struct domain *d2); - int (*sendtrigger) (struct domain *d); int (*bind_pt_irq) (struct domain *d, struct xen_domctl_bind_pt_irq *bind); int (*unbind_pt_irq) (struct domain *d, struct xen_domctl_bind_pt_irq *bind); - int (*pin_mem_cacheattr) (struct domain *d); - int (*ext_vcpucontext) (struct domain *d, uint32_t cmd); - int (*vcpuextstate) (struct domain *d, uint32_t cmd); int (*ioport_permission) (struct domain *d, uint32_t s, uint32_t e, uint8_t allow); int (*ioport_mapping) (struct domain *d, uint32_t s, uint32_t e, uint8_t allow); #endif }; +#ifdef XSM_ENABLE + extern struct xsm_operations *xsm_ops; #ifndef XSM_NO_WRAPPERS @@ -191,163 +169,58 @@ static inline void xsm_security_domainin xsm_ops->security_domaininfo(d, info); } -static inline int xsm_setvcpucontext(struct domain *d) -{ - return xsm_ops->setvcpucontext(d); -} - -static inline int xsm_pausedomain (struct domain *d) -{ - return xsm_ops->pausedomain(d); -} - -static inline int xsm_unpausedomain (struct domain *d) -{ - return xsm_ops->unpausedomain(d); -} - -static inline int xsm_resumedomain (struct domain *d) -{ - return xsm_ops->resumedomain(d); -} - -static inline int xsm_domain_create (struct domain *d, u32 ssidref) +static inline int xsm_domain_create (xsm_default_t def, struct domain *d, u32 ssidref) { return xsm_ops->domain_create(d, ssidref); } -static inline int xsm_max_vcpus(struct domain *d) -{ - return xsm_ops->max_vcpus(d); -} - -static inline int xsm_destroydomain (struct domain *d) -{ - return xsm_ops->destroydomain(d); -} - -static inline int xsm_vcpuaffinity (int cmd, struct domain *d) -{ - return xsm_ops->vcpuaffinity(cmd, d); -} - -static inline int xsm_scheduler (struct domain *d) -{ - return xsm_ops->scheduler(d); -} - -static inline int xsm_getdomaininfo (struct domain *d) +static inline int xsm_getdomaininfo (xsm_default_t def, struct domain *d) { return xsm_ops->getdomaininfo(d); } -static inline int xsm_getvcpucontext (struct domain *d) +static inline int xsm_domctl_scheduler_op (xsm_default_t def, struct domain *d, int cmd) { - return xsm_ops->getvcpucontext(d); + return xsm_ops->domctl_scheduler_op(d, cmd); } -static inline int xsm_getvcpuinfo (struct domain *d) +static inline int xsm_sysctl_scheduler_op (xsm_default_t def, int cmd) { - return xsm_ops->getvcpuinfo(d); + return xsm_ops->sysctl_scheduler_op(cmd); } -static inline int xsm_domain_settime (struct domain *d) -{ - return xsm_ops->domain_settime(d); -} - -static inline int xsm_set_target (struct domain *d, struct domain *e) +static inline int xsm_set_target (xsm_default_t def, struct domain *d, struct domain *e) { return xsm_ops->set_target(d, e); } -static inline int xsm_domctl (struct domain *d, int cmd) +static inline int xsm_domctl (xsm_default_t def, struct domain *d, int cmd) { return xsm_ops->domctl(d, cmd); } -static inline int xsm_set_virq_handler (struct domain *d, uint32_t virq) +static inline int xsm_sysctl (xsm_default_t def, int cmd) { - return xsm_ops->set_virq_handler(d, virq); + return xsm_ops->sysctl(cmd); } -static inline int xsm_tbufcontrol (void) -{ - return xsm_ops->tbufcontrol(); -} - -static inline int xsm_readconsole (uint32_t clear) +static inline int xsm_readconsole (xsm_default_t def, uint32_t clear) { return xsm_ops->readconsole(clear); } -static inline int xsm_sched_id (void) -{ - return xsm_ops->sched_id(); -} - -static inline int xsm_setdomainmaxmem (struct domain *d) -{ - return xsm_ops->setdomainmaxmem(d); -} - -static inline int xsm_setdomainhandle (struct domain *d) -{ - return xsm_ops->setdomainhandle(d); -} - -static inline int xsm_setdebugging (struct domain *d) -{ - return xsm_ops->setdebugging(d); -} - -static inline int xsm_perfcontrol (void) -{ - return xsm_ops->perfcontrol(); -} - -static inline int xsm_debug_keys (void) -{ - return xsm_ops->debug_keys(); -} - -static inline int xsm_availheap (void) -{ - return xsm_ops->availheap(); -} - -static inline int xsm_getcpuinfo (void) -{ - return xsm_ops->getcpuinfo(); -} - -static inline int xsm_get_pmstat(void) -{ - return xsm_ops->get_pmstat(); -} - -static inline int xsm_setpminfo(void) -{ - return xsm_ops->setpminfo(); -} - -static inline int xsm_pm_op(void) -{ - return xsm_ops->pm_op(); -} - -static inline int xsm_do_mca(void) +static inline int xsm_do_mca(xsm_default_t def) { return xsm_ops->do_mca(); } -static inline int xsm_evtchn_unbound (struct domain *d1, struct evtchn *chn, +static inline int xsm_evtchn_unbound (xsm_default_t def, struct domain *d1, struct evtchn *chn, domid_t id2) { return xsm_ops->evtchn_unbound(d1, chn, id2); } -static inline int xsm_evtchn_interdomain (struct domain *d1, +static inline int xsm_evtchn_interdomain (xsm_default_t def, struct domain *d1, struct evtchn *chan1, struct domain *d2, struct evtchn *chan2) { return xsm_ops->evtchn_interdomain(d1, chan1, d2, chan2); @@ -358,48 +231,48 @@ static inline void xsm_evtchn_close_post xsm_ops->evtchn_close_post(chn); } -static inline int xsm_evtchn_send (struct domain *d, struct evtchn *chn) +static inline int xsm_evtchn_send (xsm_default_t def, struct domain *d, struct evtchn *chn) { return xsm_ops->evtchn_send(d, chn); } -static inline int xsm_evtchn_status (struct domain *d, struct evtchn *chn) +static inline int xsm_evtchn_status (xsm_default_t def, struct domain *d, struct evtchn *chn) { return xsm_ops->evtchn_status(d, chn); } -static inline int xsm_evtchn_reset (struct domain *d1, struct domain *d2) +static inline int xsm_evtchn_reset (xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->evtchn_reset(d1, d2); } -static inline int xsm_grant_mapref (struct domain *d1, struct domain *d2, +static inline int xsm_grant_mapref (xsm_default_t def, struct domain *d1, struct domain *d2, uint32_t flags) { return xsm_ops->grant_mapref(d1, d2, flags); } -static inline int xsm_grant_unmapref (struct domain *d1, struct domain *d2) +static inline int xsm_grant_unmapref (xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->grant_unmapref(d1, d2); } -static inline int xsm_grant_setup (struct domain *d1, struct domain *d2) +static inline int xsm_grant_setup (xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->grant_setup(d1, d2); } -static inline int xsm_grant_transfer (struct domain *d1, struct domain *d2) +static inline int xsm_grant_transfer (xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->grant_transfer(d1, d2); } -static inline int xsm_grant_copy (struct domain *d1, struct domain *d2) +static inline int xsm_grant_copy (xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->grant_copy(d1, d2); } -static inline int xsm_grant_query_size (struct domain *d1, struct domain *d2) +static inline int xsm_grant_query_size (xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->grant_query_size(d1, d2); } @@ -429,55 +302,60 @@ static inline char *xsm_show_security_ev return xsm_ops->show_security_evtchn(d, chn); } -static inline int xsm_get_pod_target (struct domain *d) +static inline int xsm_get_pod_target (xsm_default_t def, struct domain *d) { return xsm_ops->get_pod_target(d); } -static inline int xsm_set_pod_target (struct domain *d) +static inline int xsm_set_pod_target (xsm_default_t def, struct domain *d) { return xsm_ops->set_pod_target(d); } -static inline int xsm_memory_adjust_reservation (struct domain *d1, struct +static inline int xsm_memory_exchange (xsm_default_t def, struct domain *d) +{ + return xsm_ops->memory_exchange(d); +} + +static inline int xsm_memory_adjust_reservation (xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->memory_adjust_reservation(d1, d2); } -static inline int xsm_memory_stat_reservation (struct domain *d1, +static inline int xsm_memory_stat_reservation (xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->memory_stat_reservation(d1, d2); } -static inline int xsm_memory_pin_page(struct domain *d1, struct domain *d2, +static inline int xsm_memory_pin_page(xsm_default_t def, struct domain *d1, struct domain *d2, struct page_info *page) { return xsm_ops->memory_pin_page(d1, d2, page); } -static inline int xsm_remove_from_physmap(struct domain *d1, struct domain *d2) +static inline int xsm_remove_from_physmap(xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->remove_from_physmap(d1, d2); } -static inline int xsm_console_io (struct domain *d, int cmd) +static inline int xsm_console_io (xsm_default_t def, struct domain *d, int cmd) { return xsm_ops->console_io(d, cmd); } -static inline int xsm_profile (struct domain *d, int op) +static inline int xsm_profile (xsm_default_t def, struct domain *d, int op) { return xsm_ops->profile(d, op); } -static inline int xsm_kexec (void) +static inline int xsm_kexec (xsm_default_t def) { return xsm_ops->kexec(); } -static inline int xsm_schedop_shutdown (struct domain *d1, struct domain *d2) +static inline int xsm_schedop_shutdown (xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->schedop_shutdown(d1, d2); } @@ -487,109 +365,104 @@ static inline char *xsm_show_irq_sid (in return xsm_ops->show_irq_sid(irq); } -static inline int xsm_map_domain_pirq (struct domain *d, int irq, void *data) +static inline int xsm_map_domain_pirq (xsm_default_t def, struct domain *d, int irq, void *data) { return xsm_ops->map_domain_pirq(d, irq, data); } -static inline int xsm_unmap_domain_pirq (struct domain *d, int irq) +static inline int xsm_unmap_domain_pirq (xsm_default_t def, struct domain *d, int irq) { return xsm_ops->unmap_domain_pirq(d, irq); } -static inline int xsm_irq_permission (struct domain *d, int pirq, uint8_t allow) +static inline int xsm_irq_permission (xsm_default_t def, struct domain *d, int pirq, uint8_t allow) { return xsm_ops->irq_permission(d, pirq, allow); } -static inline int xsm_iomem_permission (struct domain *d, uint64_t s, uint64_t e, uint8_t allow) +static inline int xsm_iomem_permission (xsm_default_t def, struct domain *d, uint64_t s, uint64_t e, uint8_t allow) { return xsm_ops->iomem_permission(d, s, e, allow); } -static inline int xsm_iomem_mapping (struct domain *d, uint64_t s, uint64_t e, uint8_t allow) +static inline int xsm_iomem_mapping (xsm_default_t def, struct domain *d, uint64_t s, uint64_t e, uint8_t allow) { return xsm_ops->iomem_mapping(d, s, e, allow); } -static inline int xsm_pci_config_permission (struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access) +static inline int xsm_pci_config_permission (xsm_default_t def, struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access) { return xsm_ops->pci_config_permission(d, machine_bdf, start, end, access); } -static inline int xsm_get_device_group(uint32_t machine_bdf) +static inline int xsm_get_device_group(xsm_default_t def, uint32_t machine_bdf) { return xsm_ops->get_device_group(machine_bdf); } -static inline int xsm_test_assign_device(uint32_t machine_bdf) +static inline int xsm_test_assign_device(xsm_default_t def, uint32_t machine_bdf) { return xsm_ops->test_assign_device(machine_bdf); } -static inline int xsm_assign_device(struct domain *d, uint32_t machine_bdf) +static inline int xsm_assign_device(xsm_default_t def, struct domain *d, uint32_t machine_bdf) { return xsm_ops->assign_device(d, machine_bdf); } -static inline int xsm_deassign_device(struct domain *d, uint32_t machine_bdf) +static inline int xsm_deassign_device(xsm_default_t def, struct domain *d, uint32_t machine_bdf) { return xsm_ops->deassign_device(d, machine_bdf); } -static inline int xsm_resource_plug_pci (uint32_t machine_bdf) +static inline int xsm_resource_plug_pci (xsm_default_t def, uint32_t machine_bdf) { return xsm_ops->resource_plug_pci(machine_bdf); } -static inline int xsm_resource_unplug_pci (uint32_t machine_bdf) +static inline int xsm_resource_unplug_pci (xsm_default_t def, uint32_t machine_bdf) { return xsm_ops->resource_unplug_pci(machine_bdf); } -static inline int xsm_resource_plug_core (void) +static inline int xsm_resource_plug_core (xsm_default_t def) { return xsm_ops->resource_plug_core(); } -static inline int xsm_resource_unplug_core (void) +static inline int xsm_resource_unplug_core (xsm_default_t def) { return xsm_ops->resource_unplug_core(); } -static inline int xsm_resource_setup_pci (uint32_t machine_bdf) +static inline int xsm_resource_setup_pci (xsm_default_t def, uint32_t machine_bdf) { return xsm_ops->resource_setup_pci(machine_bdf); } -static inline int xsm_resource_setup_gsi (int gsi) +static inline int xsm_resource_setup_gsi (xsm_default_t def, int gsi) { return xsm_ops->resource_setup_gsi(gsi); } -static inline int xsm_resource_setup_misc (void) +static inline int xsm_resource_setup_misc (xsm_default_t def) { return xsm_ops->resource_setup_misc(); } -static inline int xsm_page_offline(uint32_t cmd) +static inline int xsm_page_offline(xsm_default_t def, uint32_t cmd) { return xsm_ops->page_offline(cmd); } -static inline int xsm_lockprof(void) +static inline int xsm_tmem_op(xsm_default_t def) { - return xsm_ops->lockprof(); + return xsm_ops->tmem_op(); } -static inline int xsm_cpupool_op(void) +static inline int xsm_tmem_control(xsm_default_t def) { - return xsm_ops->cpupool_op(); -} - -static inline int xsm_sched_op(void) -{ - return xsm_ops->sched_op(); + return xsm_ops->tmem_control(); } static inline long xsm_do_xsm_op (XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) @@ -598,201 +471,116 @@ static inline long xsm_do_xsm_op (XEN_GU } #ifdef CONFIG_X86 -static inline int xsm_shadow_control (struct domain *d, uint32_t op) +static inline int xsm_shadow_control (xsm_default_t def, struct domain *d, uint32_t op) { return xsm_ops->shadow_control(d, op); } -static inline int xsm_getpageframeinfo (struct domain *d) -{ - return xsm_ops->getpageframeinfo(d); -} - -static inline int xsm_getmemlist (struct domain *d) -{ - return xsm_ops->getmemlist(d); -} - -static inline int xsm_hypercall_init (struct domain *d) -{ - return xsm_ops->hypercall_init(d); -} - -static inline int xsm_hvmcontext (struct domain *d, uint32_t cmd) -{ - return xsm_ops->hvmcontext(d, cmd); -} - -static inline int xsm_address_size (struct domain *d, uint32_t cmd) -{ - return xsm_ops->address_size(d, cmd); -} - -static inline int xsm_machine_address_size (struct domain *d, uint32_t cmd) -{ - return xsm_ops->machine_address_size(d, cmd); -} - -static inline int xsm_hvm_param (struct domain *d, unsigned long op) +static inline int xsm_hvm_param (xsm_default_t def, struct domain *d, unsigned long op) { return xsm_ops->hvm_param(d, op); } -static inline int xsm_hvm_set_pci_intx_level (struct domain *d) +static inline int xsm_hvm_set_pci_intx_level (xsm_default_t def, struct domain *d) { return xsm_ops->hvm_set_pci_intx_level(d); } -static inline int xsm_hvm_set_isa_irq_level (struct domain *d) +static inline int xsm_hvm_set_isa_irq_level (xsm_default_t def, struct domain *d) { return xsm_ops->hvm_set_isa_irq_level(d); } -static inline int xsm_hvm_set_pci_link_route (struct domain *d) +static inline int xsm_hvm_set_pci_link_route (xsm_default_t def, struct domain *d) { return xsm_ops->hvm_set_pci_link_route(d); } -static inline int xsm_hvm_inject_msi (struct domain *d) +static inline int xsm_hvm_inject_msi (xsm_default_t def, struct domain *d) { return xsm_ops->hvm_inject_msi(d); } -static inline int xsm_mem_event (struct domain *d) +static inline int xsm_mem_event_control (xsm_default_t def, struct domain *d, int mode, int op) { - return xsm_ops->mem_event(d); + return xsm_ops->mem_event_control(d, mode, op); } -static inline int xsm_mem_sharing (struct domain *d) +static inline int xsm_mem_event_op (xsm_default_t def, struct domain *d, int op) { - return xsm_ops->mem_sharing(d); + return xsm_ops->mem_event_op(d, op); } -static inline int xsm_apic (struct domain *d, int cmd) +static inline int xsm_mem_sharing_op (xsm_default_t def, struct domain *d, struct domain *cd, int op) +{ + return xsm_ops->mem_sharing_op(d, cd, op); +} + +static inline int xsm_apic (xsm_default_t def, struct domain *d, int cmd) { return xsm_ops->apic(d, cmd); } -static inline int xsm_xen_settime (void) -{ - return xsm_ops->xen_settime(); -} - -static inline int xsm_memtype (uint32_t access) +static inline int xsm_memtype (xsm_default_t def, uint32_t access) { return xsm_ops->memtype(access); } -static inline int xsm_microcode (void) +static inline int xsm_platform_op (xsm_default_t def, uint32_t op) { - return xsm_ops->microcode(); + return xsm_ops->platform_op(op); } -static inline int xsm_physinfo (void) -{ - return xsm_ops->physinfo(); -} - -static inline int xsm_platform_quirk (uint32_t quirk) -{ - return xsm_ops->platform_quirk(quirk); -} - -static inline int xsm_firmware_info (void) -{ - return xsm_ops->firmware_info(); -} - -static inline int xsm_efi_call (void) -{ - return xsm_ops->efi_call(); -} - -static inline int xsm_acpi_sleep (void) -{ - return xsm_ops->acpi_sleep(); -} - -static inline int xsm_change_freq (void) -{ - return xsm_ops->change_freq(); -} - -static inline int xsm_getidletime (void) -{ - return xsm_ops->getidletime(); -} - -static inline int xsm_machine_memory_map(void) +static inline int xsm_machine_memory_map(xsm_default_t def) { return xsm_ops->machine_memory_map(); } -static inline int xsm_domain_memory_map(struct domain *d) +static inline int xsm_domain_memory_map(xsm_default_t def, struct domain *d) { return xsm_ops->domain_memory_map(d); } -static inline int xsm_mmu_normal_update (struct domain *d, struct domain *t, - struct domain *f, intpte_t fpte) +static inline int xsm_mmu_update (xsm_default_t def, struct domain *d, struct domain *t, + struct domain *f, uint32_t flags) { - return xsm_ops->mmu_normal_update(d, t, f, fpte); + return xsm_ops->mmu_update(d, t, f, flags); } -static inline int xsm_mmu_machphys_update (struct domain *d1, struct domain *d2, - unsigned long mfn) +static inline int xsm_mmuext_op (xsm_default_t def, struct domain *d, struct domain *f) { - return xsm_ops->mmu_machphys_update(d1, d2, mfn); + return xsm_ops->mmuext_op(d, f); } -static inline int xsm_update_va_mapping(struct domain *d, struct domain *f, +static inline int xsm_update_va_mapping(xsm_default_t def, struct domain *d, struct domain *f, l1_pgentry_t pte) { return xsm_ops->update_va_mapping(d, f, pte); } -static inline int xsm_add_to_physmap(struct domain *d1, struct domain *d2) +static inline int xsm_add_to_physmap(xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->add_to_physmap(d1, d2); } -static inline int xsm_sendtrigger(struct domain *d) -{ - return xsm_ops->sendtrigger(d); -} - -static inline int xsm_bind_pt_irq(struct domain *d, +static inline int xsm_bind_pt_irq(xsm_default_t def, struct domain *d, struct xen_domctl_bind_pt_irq *bind) { return xsm_ops->bind_pt_irq(d, bind); } -static inline int xsm_unbind_pt_irq(struct domain *d, +static inline int xsm_unbind_pt_irq(xsm_default_t def, struct domain *d, struct xen_domctl_bind_pt_irq *bind) { return xsm_ops->unbind_pt_irq(d, bind); } -static inline int xsm_pin_mem_cacheattr(struct domain *d) -{ - return xsm_ops->pin_mem_cacheattr(d); -} - -static inline int xsm_ext_vcpucontext(struct domain *d, uint32_t cmd) -{ - return xsm_ops->ext_vcpucontext(d, cmd); -} -static inline int xsm_vcpuextstate(struct domain *d, uint32_t cmd) -{ - return xsm_ops->vcpuextstate(d, cmd); -} - -static inline int xsm_ioport_permission (struct domain *d, uint32_t s, uint32_t e, uint8_t allow) +static inline int xsm_ioport_permission (xsm_default_t def, struct domain *d, uint32_t s, uint32_t e, uint8_t allow) { return xsm_ops->ioport_permission(d, s, e, allow); } -static inline int xsm_ioport_mapping (struct domain *d, uint32_t s, uint32_t e, uint8_t allow) +static inline int xsm_ioport_mapping (xsm_default_t def, struct domain *d, uint32_t s, uint32_t e, uint8_t allow) { return xsm_ops->ioport_mapping(d, s, e, allow); } @@ -812,7 +600,6 @@ extern void xsm_fixup_ops(struct xsm_ope #else /* XSM_ENABLE */ -#define XSM_INLINE inline #include static inline int xsm_init (unsigned long *module_map, diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/xsm/dummy.c --- a/xen/xsm/dummy.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/xsm/dummy.c Fri Jan 11 12:23:39 2013 +0000 @@ -30,35 +30,14 @@ struct xsm_operations dummy_xsm_ops; void xsm_fixup_ops (struct xsm_operations *ops) { set_to_dummy_if_null(ops, security_domaininfo); - set_to_dummy_if_null(ops, setvcpucontext); - set_to_dummy_if_null(ops, pausedomain); - set_to_dummy_if_null(ops, unpausedomain); - set_to_dummy_if_null(ops, resumedomain); set_to_dummy_if_null(ops, domain_create); - set_to_dummy_if_null(ops, max_vcpus); - set_to_dummy_if_null(ops, destroydomain); - set_to_dummy_if_null(ops, vcpuaffinity); - set_to_dummy_if_null(ops, scheduler); set_to_dummy_if_null(ops, getdomaininfo); - set_to_dummy_if_null(ops, getvcpucontext); - set_to_dummy_if_null(ops, getvcpuinfo); - set_to_dummy_if_null(ops, domain_settime); + set_to_dummy_if_null(ops, domctl_scheduler_op); + set_to_dummy_if_null(ops, sysctl_scheduler_op); set_to_dummy_if_null(ops, set_target); set_to_dummy_if_null(ops, domctl); - set_to_dummy_if_null(ops, set_virq_handler); - set_to_dummy_if_null(ops, tbufcontrol); + set_to_dummy_if_null(ops, sysctl); set_to_dummy_if_null(ops, readconsole); - set_to_dummy_if_null(ops, sched_id); - set_to_dummy_if_null(ops, setdomainmaxmem); - set_to_dummy_if_null(ops, setdomainhandle); - set_to_dummy_if_null(ops, setdebugging); - set_to_dummy_if_null(ops, perfcontrol); - set_to_dummy_if_null(ops, debug_keys); - set_to_dummy_if_null(ops, getcpuinfo); - set_to_dummy_if_null(ops, availheap); - set_to_dummy_if_null(ops, get_pmstat); - set_to_dummy_if_null(ops, setpminfo); - set_to_dummy_if_null(ops, pm_op); set_to_dummy_if_null(ops, do_mca); set_to_dummy_if_null(ops, evtchn_unbound); @@ -83,6 +62,7 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, get_pod_target); set_to_dummy_if_null(ops, set_pod_target); + set_to_dummy_if_null(ops, memory_exchange); set_to_dummy_if_null(ops, memory_adjust_reservation); set_to_dummy_if_null(ops, memory_stat_reservation); set_to_dummy_if_null(ops, memory_pin_page); @@ -116,51 +96,32 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, resource_setup_misc); set_to_dummy_if_null(ops, page_offline); - set_to_dummy_if_null(ops, lockprof); - set_to_dummy_if_null(ops, cpupool_op); - set_to_dummy_if_null(ops, sched_op); + set_to_dummy_if_null(ops, tmem_op); + set_to_dummy_if_null(ops, tmem_control); set_to_dummy_if_null(ops, do_xsm_op); #ifdef CONFIG_X86 set_to_dummy_if_null(ops, shadow_control); - set_to_dummy_if_null(ops, getpageframeinfo); - set_to_dummy_if_null(ops, getmemlist); - set_to_dummy_if_null(ops, hypercall_init); - set_to_dummy_if_null(ops, hvmcontext); - set_to_dummy_if_null(ops, address_size); - set_to_dummy_if_null(ops, machine_address_size); set_to_dummy_if_null(ops, hvm_param); set_to_dummy_if_null(ops, hvm_set_pci_intx_level); set_to_dummy_if_null(ops, hvm_set_isa_irq_level); set_to_dummy_if_null(ops, hvm_set_pci_link_route); set_to_dummy_if_null(ops, hvm_inject_msi); - set_to_dummy_if_null(ops, mem_event); - set_to_dummy_if_null(ops, mem_sharing); + set_to_dummy_if_null(ops, mem_event_control); + set_to_dummy_if_null(ops, mem_event_op); + set_to_dummy_if_null(ops, mem_sharing_op); set_to_dummy_if_null(ops, apic); - set_to_dummy_if_null(ops, xen_settime); - set_to_dummy_if_null(ops, memtype); - set_to_dummy_if_null(ops, microcode); - set_to_dummy_if_null(ops, physinfo); - set_to_dummy_if_null(ops, platform_quirk); - set_to_dummy_if_null(ops, firmware_info); - set_to_dummy_if_null(ops, efi_call); - set_to_dummy_if_null(ops, acpi_sleep); - set_to_dummy_if_null(ops, change_freq); - set_to_dummy_if_null(ops, getidletime); + set_to_dummy_if_null(ops, platform_op); set_to_dummy_if_null(ops, machine_memory_map); set_to_dummy_if_null(ops, domain_memory_map); - set_to_dummy_if_null(ops, mmu_normal_update); - set_to_dummy_if_null(ops, mmu_machphys_update); + set_to_dummy_if_null(ops, mmu_update); + set_to_dummy_if_null(ops, mmuext_op); set_to_dummy_if_null(ops, update_va_mapping); set_to_dummy_if_null(ops, add_to_physmap); set_to_dummy_if_null(ops, remove_from_physmap); - set_to_dummy_if_null(ops, sendtrigger); set_to_dummy_if_null(ops, bind_pt_irq); set_to_dummy_if_null(ops, unbind_pt_irq); - set_to_dummy_if_null(ops, pin_mem_cacheattr); - set_to_dummy_if_null(ops, ext_vcpucontext); - set_to_dummy_if_null(ops, vcpuextstate); set_to_dummy_if_null(ops, ioport_permission); set_to_dummy_if_null(ops, ioport_mapping); #endif diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/xsm/flask/flask_op.c --- a/xen/xsm/flask/flask_op.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/xsm/flask/flask_op.c Fri Jan 11 12:23:39 2013 +0000 @@ -612,6 +612,15 @@ static int flask_relabel_domain(struct x goto out; dsec->sid = arg->sid; + dsec->self_sid = arg->sid; + security_transition_sid(dsec->sid, dsec->sid, SECCLASS_DOMAIN, + &dsec->self_sid); + if ( d->target ) + { + struct domain_security_struct *tsec = d->target->ssid; + security_transition_sid(tsec->sid, dsec->sid, SECCLASS_DOMAIN, + &dsec->target_sid); + } out: rcu_unlock_domain(d); diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/xsm/flask/hooks.c --- a/xen/xsm/flask/hooks.c Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/xsm/flask/hooks.c Fri Jan 11 12:23:39 2013 +0000 @@ -33,38 +33,69 @@ struct xsm_operations *original_ops = NULL; +static u32 domain_sid(struct domain *dom) +{ + struct domain_security_struct *dsec = dom->ssid; + return dsec->sid; +} + +static u32 domain_target_sid(struct domain *src, struct domain *dst) +{ + struct domain_security_struct *ssec = src->ssid; + struct domain_security_struct *dsec = dst->ssid; + if (src == dst) + return ssec->self_sid; + if (src->target == dst) + return ssec->target_sid; + return dsec->sid; +} + +static u32 evtchn_sid(const struct evtchn *chn) +{ + struct evtchn_security_struct *esec = chn->ssid; + return esec->sid; +} + static int domain_has_perm(struct domain *dom1, struct domain *dom2, u16 class, u32 perms) { - struct domain_security_struct *dsec1, *dsec2; + u32 ssid, tsid; struct avc_audit_data ad; AVC_AUDIT_DATA_INIT(&ad, NONE); ad.sdom = dom1; ad.tdom = dom2; - dsec1 = dom1->ssid; - dsec2 = dom2->ssid; + ssid = domain_sid(dom1); + tsid = domain_target_sid(dom1, dom2); - return avc_has_perm(dsec1->sid, dsec2->sid, class, perms, &ad); + return avc_has_perm(ssid, tsid, class, perms, &ad); +} + +static int avc_current_has_perm(u32 tsid, u16 class, u32 perm, + struct avc_audit_data *ad) +{ + u32 csid = domain_sid(current->domain); + return avc_has_perm(csid, tsid, class, perm, ad); +} + +static int current_has_perm(struct domain *d, u16 class, u32 perms) +{ + return domain_has_perm(current->domain, d, class, perms); } static int domain_has_evtchn(struct domain *d, struct evtchn *chn, u32 perms) { - struct domain_security_struct *dsec; - struct evtchn_security_struct *esec; + u32 dsid = domain_sid(d); + u32 esid = evtchn_sid(chn); - dsec = d->ssid; - esec = chn->ssid; - - return avc_has_perm(dsec->sid, esec->sid, SECCLASS_EVENT, perms, NULL); + return avc_has_perm(dsid, esid, SECCLASS_EVENT, perms, NULL); } static int domain_has_xen(struct domain *d, u32 perms) { - struct domain_security_struct *dsec; - dsec = d->ssid; + u32 dsid = domain_sid(d); - return avc_has_perm(dsec->sid, SECINITSID_XEN, SECCLASS_XEN, perms, NULL); + return avc_has_perm(dsid, SECINITSID_XEN, SECCLASS_XEN, perms, NULL); } static int get_irq_sid(int irq, u32 *sid, struct avc_audit_data *ad) @@ -123,6 +154,7 @@ static int flask_domain_alloc_security(s dsec->sid = SECINITSID_UNLABELED; } + dsec->self_sid = dsec->sid; d->ssid = dsec; return 0; @@ -142,68 +174,55 @@ static void flask_domain_free_security(s static int flask_evtchn_unbound(struct domain *d1, struct evtchn *chn, domid_t id2) { - u32 newsid; + u32 sid1, sid2, newsid; int rc; - domid_t id; struct domain *d2; - struct domain_security_struct *dsec, *dsec1, *dsec2; struct evtchn_security_struct *esec; - dsec = current->domain->ssid; - dsec1 = d1->ssid; - esec = chn->ssid; - - if ( id2 == DOMID_SELF ) - id = current->domain->domain_id; - else - id = id2; - - d2 = get_domain_by_id(id); + d2 = rcu_lock_domain_by_any_id(id2); if ( d2 == NULL ) return -EPERM; - dsec2 = d2->ssid; - rc = security_transition_sid(dsec1->sid, dsec2->sid, SECCLASS_EVENT, - &newsid); + sid1 = domain_sid(d1); + sid2 = domain_target_sid(d1, d2); + esec = chn->ssid; + + rc = security_transition_sid(sid1, sid2, SECCLASS_EVENT, &newsid); if ( rc ) goto out; - rc = avc_has_perm(dsec->sid, newsid, SECCLASS_EVENT, EVENT__CREATE, NULL); + rc = avc_current_has_perm(newsid, SECCLASS_EVENT, EVENT__CREATE, NULL); if ( rc ) goto out; - rc = avc_has_perm(newsid, dsec2->sid, SECCLASS_EVENT, EVENT__BIND, NULL); + rc = avc_has_perm(newsid, sid2, SECCLASS_EVENT, EVENT__BIND, NULL); if ( rc ) goto out; - else - esec->sid = newsid; + + esec->sid = newsid; out: - put_domain(d2); + rcu_unlock_domain(d2); return rc; } static int flask_evtchn_interdomain(struct domain *d1, struct evtchn *chn1, struct domain *d2, struct evtchn *chn2) { - u32 newsid; + u32 sid1, sid2, newsid, reverse_sid; int rc; - struct domain_security_struct *dsec, *dsec1, *dsec2; - struct evtchn_security_struct *esec1, *esec2; + struct evtchn_security_struct *esec1; struct avc_audit_data ad; AVC_AUDIT_DATA_INIT(&ad, NONE); ad.sdom = d1; ad.tdom = d2; - dsec = current->domain->ssid; - dsec1 = d1->ssid; - dsec2 = d2->ssid; + sid1 = domain_sid(d1); + sid2 = domain_target_sid(d1, d2); esec1 = chn1->ssid; - esec2 = chn2->ssid; - rc = security_transition_sid(dsec1->sid, dsec2->sid, - SECCLASS_EVENT, &newsid); + rc = security_transition_sid(sid1, sid2, SECCLASS_EVENT, &newsid); if ( rc ) { printk("%s: security_transition_sid failed, rc=%d (domain=%d)\n", @@ -211,15 +230,20 @@ static int flask_evtchn_interdomain(stru return rc; } - rc = avc_has_perm(dsec->sid, newsid, SECCLASS_EVENT, EVENT__CREATE, &ad); + rc = avc_current_has_perm(newsid, SECCLASS_EVENT, EVENT__CREATE, &ad); if ( rc ) return rc; - rc = avc_has_perm(newsid, dsec2->sid, SECCLASS_EVENT, EVENT__BIND, &ad); + rc = avc_has_perm(newsid, sid2, SECCLASS_EVENT, EVENT__BIND, &ad); if ( rc ) return rc; - rc = avc_has_perm(esec2->sid, dsec1->sid, SECCLASS_EVENT, EVENT__BIND, &ad); + /* It's possible the target domain has changed (relabel or destroy/create) + * since the unbound part was created; re-validate this binding now. + */ + reverse_sid = evtchn_sid(chn2); + sid1 = domain_target_sid(d2, d1); + rc = avc_has_perm(reverse_sid, sid1, SECCLASS_EVENT, EVENT__BIND, &ad); if ( rc ) return rc; @@ -302,7 +326,6 @@ static void flask_free_security_evtchn(s static char *flask_show_security_evtchn(struct domain *d, const struct evtchn *chn) { - struct evtchn_security_struct *esec; int irq; u32 sid = 0; char *ctx; @@ -312,9 +335,7 @@ static char *flask_show_security_evtchn( { case ECS_UNBOUND: case ECS_INTERDOMAIN: - esec = chn->ssid; - if ( esec ) - sid = esec->sid; + sid = evtchn_sid(chn); break; case ECS_PIRQ: irq = domain_pirq_to_irq(d, chn->u.pirq.irq); @@ -367,12 +388,17 @@ static int flask_grant_query_size(struct static int flask_get_pod_target(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__GETPODTARGET); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETPODTARGET); } static int flask_set_pod_target(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__SETPODTARGET); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETPODTARGET); +} + +static int flask_memory_exchange(struct domain *d) +{ + return current_has_perm(d, SECCLASS_MMU, MMU__EXCHANGE); } static int flask_memory_adjust_reservation(struct domain *d1, struct domain *d2) @@ -455,144 +481,304 @@ static int flask_schedop_shutdown(struct static void flask_security_domaininfo(struct domain *d, struct xen_domctl_getdomaininfo *info) { - struct domain_security_struct *dsec; - - dsec = d->ssid; - info->ssidref = dsec->sid; -} - -static int flask_setvcpucontext(struct domain *d) -{ - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__SETVCPUCONTEXT); -} - -static int flask_pausedomain(struct domain *d) -{ - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__PAUSE); -} - -static int flask_unpausedomain(struct domain *d) -{ - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__UNPAUSE); -} - -static int flask_resumedomain(struct domain *d) -{ - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__RESUME); + info->ssidref = domain_sid(d); } static int flask_domain_create(struct domain *d, u32 ssidref) { int rc; - struct domain_security_struct *dsec1; - struct domain_security_struct *dsec2; + struct domain_security_struct *dsec = d->ssid; static int dom0_created = 0; - dsec1 = current->domain->ssid; - dsec2 = d->ssid; - if ( is_idle_domain(current->domain) && !dom0_created ) { - dsec2->sid = SECINITSID_DOM0; + dsec->sid = SECINITSID_DOM0; dom0_created = 1; - return 0; } + else + { + rc = avc_current_has_perm(ssidref, SECCLASS_DOMAIN, + DOMAIN__CREATE, NULL); + if ( rc ) + return rc; - rc = avc_has_perm(dsec1->sid, ssidref, SECCLASS_DOMAIN, - DOMAIN__CREATE, NULL); - if ( rc ) - return rc; + dsec->sid = ssidref; + } + dsec->self_sid = dsec->sid; - dsec2->sid = ssidref; + rc = security_transition_sid(dsec->sid, dsec->sid, SECCLASS_DOMAIN, + &dsec->self_sid); return rc; } -static int flask_max_vcpus(struct domain *d) +static int flask_getdomaininfo(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__MAX_VCPUS); + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETDOMAININFO); } -static int flask_destroydomain(struct domain *d) +static int flask_domctl_scheduler_op(struct domain *d, int op) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__DESTROY); + switch ( op ) + { + case XEN_DOMCTL_SCHEDOP_putinfo: + return current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__SETSCHEDULER); + + case XEN_DOMCTL_SCHEDOP_getinfo: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETSCHEDULER); + + default: + printk("flask_domctl_scheduler_op: Unknown op %d\n", op); + return -EPERM; + } } -static int flask_vcpuaffinity(int cmd, struct domain *d) +static int flask_sysctl_scheduler_op(int op) { - u32 perm; + switch ( op ) + { + case XEN_DOMCTL_SCHEDOP_putinfo: + return domain_has_xen(current->domain, XEN__SETSCHEDULER); - switch ( cmd ) - { - case XEN_DOMCTL_setvcpuaffinity: - perm = DOMAIN__SETVCPUAFFINITY; - break; - case XEN_DOMCTL_getvcpuaffinity: - perm = DOMAIN__GETVCPUAFFINITY; - break; + case XEN_DOMCTL_SCHEDOP_getinfo: + return domain_has_xen(current->domain, XEN__GETSCHEDULER); + default: + printk("flask_domctl_scheduler_op: Unknown op %d\n", op); return -EPERM; } - - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, perm ); } -static int flask_scheduler(struct domain *d) +static int flask_set_target(struct domain *d, struct domain *t) { - int rc = 0; + int rc; + struct domain_security_struct *dsec, *tsec; + dsec = d->ssid; + tsec = t->ssid; - rc = domain_has_xen(current->domain, XEN__SCHEDULER); + rc = current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__MAKE_PRIV_FOR); + if ( rc ) + return rc; + rc = current_has_perm(t, SECCLASS_DOMAIN2, DOMAIN2__SET_AS_TARGET); + if ( rc ) + return rc; + /* Use avc_has_perm to avoid resolving target/current SID */ + rc = avc_has_perm(dsec->sid, tsec->sid, SECCLASS_DOMAIN, DOMAIN__SET_TARGET, NULL); if ( rc ) return rc; - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__SCHEDULER); -} - -static int flask_getdomaininfo(struct domain *d) -{ - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__GETDOMAININFO); -} - -static int flask_getvcpucontext(struct domain *d) -{ - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__GETVCPUCONTEXT); -} - -static int flask_getvcpuinfo(struct domain *d) -{ - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__GETVCPUINFO); -} - -static int flask_domain_settime(struct domain *d) -{ - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__SETTIME); -} - -static int flask_set_target(struct domain *d, struct domain *e) -{ - return domain_has_perm(d, e, SECCLASS_DOMAIN, DOMAIN__SET_TARGET); + /* (tsec, dsec) defaults the label to tsec, as it should here */ + rc = security_transition_sid(tsec->sid, dsec->sid, SECCLASS_DOMAIN, + &dsec->target_sid); + return rc; } static int flask_domctl(struct domain *d, int cmd) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__SET_MISC_INFO); + switch ( cmd ) + { + /* These have individual XSM hooks (common/domctl.c) */ + case XEN_DOMCTL_createdomain: + case XEN_DOMCTL_getdomaininfo: + case XEN_DOMCTL_scheduler_op: + case XEN_DOMCTL_irq_permission: + case XEN_DOMCTL_iomem_permission: + case XEN_DOMCTL_set_target: +#ifdef CONFIG_X86 + /* These have individual XSM hooks (arch/x86/domctl.c) */ + case XEN_DOMCTL_shadow_op: + case XEN_DOMCTL_ioport_permission: + case XEN_DOMCTL_bind_pt_irq: + case XEN_DOMCTL_unbind_pt_irq: + case XEN_DOMCTL_memory_mapping: + case XEN_DOMCTL_ioport_mapping: + case XEN_DOMCTL_mem_event_op: + /* These have individual XSM hooks (drivers/passthrough/iommu.c) */ + case XEN_DOMCTL_get_device_group: + case XEN_DOMCTL_test_assign_device: + case XEN_DOMCTL_assign_device: + case XEN_DOMCTL_deassign_device: +#endif + return 0; + + case XEN_DOMCTL_destroydomain: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__DESTROY); + + case XEN_DOMCTL_pausedomain: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__PAUSE); + + case XEN_DOMCTL_unpausedomain: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__UNPAUSE); + + case XEN_DOMCTL_setvcpuaffinity: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETVCPUAFFINITY); + + case XEN_DOMCTL_getvcpuaffinity: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETVCPUAFFINITY); + + case XEN_DOMCTL_resumedomain: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__RESUME); + + case XEN_DOMCTL_max_vcpus: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__MAX_VCPUS); + + case XEN_DOMCTL_max_mem: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETDOMAINMAXMEM); + + case XEN_DOMCTL_setdomainhandle: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETDOMAINHANDLE); + + case XEN_DOMCTL_setvcpucontext: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETVCPUCONTEXT); + + case XEN_DOMCTL_getvcpucontext: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETVCPUCONTEXT); + + case XEN_DOMCTL_getvcpuinfo: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETVCPUINFO); + + case XEN_DOMCTL_settimeoffset: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETTIME); + + case XEN_DOMCTL_setdebugging: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETDEBUGGING); + + case XEN_DOMCTL_getpageframeinfo: + case XEN_DOMCTL_getpageframeinfo2: + case XEN_DOMCTL_getpageframeinfo3: + return current_has_perm(d, SECCLASS_MMU, MMU__PAGEINFO); + + case XEN_DOMCTL_getmemlist: + return current_has_perm(d, SECCLASS_MMU, MMU__PAGELIST); + + case XEN_DOMCTL_hypercall_init: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__HYPERCALL); + + case XEN_DOMCTL_sethvmcontext: + return current_has_perm(d, SECCLASS_HVM, HVM__SETHVMC); + + case XEN_DOMCTL_gethvmcontext: + case XEN_DOMCTL_gethvmcontext_partial: + return current_has_perm(d, SECCLASS_HVM, HVM__GETHVMC); + + case XEN_DOMCTL_set_address_size: + case XEN_DOMCTL_set_machine_address_size: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETADDRSIZE); + + case XEN_DOMCTL_get_address_size: + case XEN_DOMCTL_get_machine_address_size: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETADDRSIZE); + + case XEN_DOMCTL_mem_sharing_op: + return current_has_perm(d, SECCLASS_HVM, HVM__MEM_SHARING); + + case XEN_DOMCTL_pin_mem_cacheattr: + return current_has_perm(d, SECCLASS_HVM, HVM__CACHEATTR); + + case XEN_DOMCTL_set_ext_vcpucontext: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETEXTVCPUCONTEXT); + + case XEN_DOMCTL_get_ext_vcpucontext: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETEXTVCPUCONTEXT); + + case XEN_DOMCTL_setvcpuextstate: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETVCPUEXTSTATE); + + case XEN_DOMCTL_getvcpuextstate: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__GETVCPUEXTSTATE); + + case XEN_DOMCTL_sendtrigger: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__TRIGGER); + + case XEN_DOMCTL_set_access_required: + return current_has_perm(d, SECCLASS_HVM, HVM__MEM_EVENT); + + case XEN_DOMCTL_debug_op: + case XEN_DOMCTL_gdbsx_guestmemio: + case XEN_DOMCTL_gdbsx_pausevcpu: + case XEN_DOMCTL_gdbsx_unpausevcpu: + case XEN_DOMCTL_gdbsx_domstatus: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SETDEBUGGING); + + case XEN_DOMCTL_subscribe: + case XEN_DOMCTL_disable_migrate: + case XEN_DOMCTL_suppress_spurious_page_faults: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SET_MISC_INFO); + + case XEN_DOMCTL_set_virq_handler: + return current_has_perm(d, SECCLASS_DOMAIN, DOMAIN__SET_VIRQ_HANDLER); + + case XEN_DOMCTL_set_cpuid: + return current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__SET_CPUID); + + case XEN_DOMCTL_gettscinfo: + return current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__GETTSC); + + case XEN_DOMCTL_settscinfo: + return current_has_perm(d, SECCLASS_DOMAIN2, DOMAIN2__SETTSC); + + case XEN_DOMCTL_audit_p2m: + return current_has_perm(d, SECCLASS_HVM, HVM__AUDIT_P2M); + + default: + printk("flask_domctl: Unknown op %d\n", cmd); + return -EPERM; + } } -static int flask_set_virq_handler(struct domain *d, uint32_t virq) +static int flask_sysctl(int cmd) { - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__SET_VIRQ_HANDLER); -} + switch ( cmd ) + { + /* These have individual XSM hooks */ + case XEN_SYSCTL_readconsole: + case XEN_SYSCTL_getdomaininfolist: + case XEN_SYSCTL_page_offline_op: + case XEN_SYSCTL_scheduler_op: +#ifdef CONFIG_X86 + case XEN_SYSCTL_cpu_hotplug: +#endif + return 0; -static int flask_tbufcontrol(void) -{ - return domain_has_xen(current->domain, XEN__TBUFCONTROL); + case XEN_SYSCTL_tbuf_op: + return domain_has_xen(current->domain, XEN__TBUFCONTROL); + + case XEN_SYSCTL_sched_id: + return domain_has_xen(current->domain, XEN__GETSCHEDULER); + + case XEN_SYSCTL_perfc_op: + return domain_has_xen(current->domain, XEN__PERFCONTROL); + + case XEN_SYSCTL_debug_keys: + return domain_has_xen(current->domain, XEN__DEBUG); + + case XEN_SYSCTL_getcpuinfo: + return domain_has_xen(current->domain, XEN__GETCPUINFO); + + case XEN_SYSCTL_availheap: + return domain_has_xen(current->domain, XEN__HEAP); + + case XEN_SYSCTL_get_pmstat: + return domain_has_xen(current->domain, XEN__PM_OP); + + case XEN_SYSCTL_pm_op: + return domain_has_xen(current->domain, XEN__PM_OP); + + case XEN_SYSCTL_lockprof_op: + return domain_has_xen(current->domain, XEN__LOCKPROF); + + case XEN_SYSCTL_cpupool_op: + return domain_has_xen(current->domain, XEN__CPUPOOL_OP); + + case XEN_SYSCTL_physinfo: + case XEN_SYSCTL_topologyinfo: + case XEN_SYSCTL_numainfo: + return domain_has_xen(current->domain, XEN__PHYSINFO); + + default: + printk("flask_sysctl: Unknown op %d\n", cmd); + return -EPERM; + } } static int flask_readconsole(uint32_t clear) @@ -605,59 +791,6 @@ static int flask_readconsole(uint32_t cl return domain_has_xen(current->domain, perms); } -static int flask_sched_id(void) -{ - return domain_has_xen(current->domain, XEN__SCHEDULER); -} - -static int flask_setdomainmaxmem(struct domain *d) -{ - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__SETDOMAINMAXMEM); -} - -static int flask_setdomainhandle(struct domain *d) -{ - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__SETDOMAINHANDLE); -} - -static int flask_setdebugging(struct domain *d) -{ - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__SETDEBUGGING); -} - -static int flask_debug_keys(void) -{ - return domain_has_xen(current->domain, XEN__DEBUG); -} - -static int flask_getcpuinfo(void) -{ - return domain_has_xen(current->domain, XEN__GETCPUINFO); -} - -static int flask_availheap(void) -{ - return domain_has_xen(current->domain, XEN__HEAP); -} - -static int flask_get_pmstat(void) -{ - return domain_has_xen(current->domain, XEN__PM_OP); -} - -static int flask_setpminfo(void) -{ - return domain_has_xen(current->domain, XEN__PM_OP); -} - -static int flask_pm_op(void) -{ - return domain_has_xen(current->domain, XEN__PM_OP); -} - static int flask_do_mca(void) { return domain_has_xen(current->domain, XEN__MCA_OP); @@ -687,14 +820,12 @@ static char *flask_show_irq_sid (int irq static int flask_map_domain_pirq (struct domain *d, int irq, void *data) { - u32 sid; + u32 sid, dsid; int rc = -EPERM; struct msi_info *msi = data; - - struct domain_security_struct *ssec, *tsec; struct avc_audit_data ad; - rc = domain_has_perm(current->domain, d, SECCLASS_RESOURCE, RESOURCE__ADD); + rc = current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__ADD); if ( rc ) return rc; @@ -710,14 +841,13 @@ static int flask_map_domain_pirq (struct if ( rc ) return rc; - ssec = current->domain->ssid; - tsec = d->ssid; + dsid = domain_sid(d); - rc = avc_has_perm(ssec->sid, sid, SECCLASS_RESOURCE, RESOURCE__ADD_IRQ, &ad); + rc = avc_current_has_perm(sid, SECCLASS_RESOURCE, RESOURCE__ADD_IRQ, &ad); if ( rc ) return rc; - rc = avc_has_perm(tsec->sid, sid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); + rc = avc_has_perm(dsid, sid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); return rc; } @@ -725,16 +855,12 @@ static int flask_unmap_domain_pirq (stru { u32 sid; int rc = -EPERM; - - struct domain_security_struct *ssec; struct avc_audit_data ad; - rc = domain_has_perm(current->domain, d, SECCLASS_RESOURCE, RESOURCE__REMOVE); + rc = current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__REMOVE); if ( rc ) return rc; - ssec = current->domain->ssid; - if ( irq < nr_static_irqs ) { rc = get_irq_sid(irq, &sid, &ad); } else { @@ -745,19 +871,19 @@ static int flask_unmap_domain_pirq (stru if ( rc ) return rc; - rc = avc_has_perm(ssec->sid, sid, SECCLASS_RESOURCE, RESOURCE__REMOVE_IRQ, &ad); + rc = avc_current_has_perm(sid, SECCLASS_RESOURCE, RESOURCE__REMOVE_IRQ, &ad); return rc; } static int flask_irq_permission (struct domain *d, int pirq, uint8_t access) { /* the PIRQ number is not useful; real IRQ is checked during mapping */ - return domain_has_perm(current->domain, d, SECCLASS_RESOURCE, - resource_to_perm(access)); + return current_has_perm(d, SECCLASS_RESOURCE, resource_to_perm(access)); } struct iomem_has_perm_data { - struct domain_security_struct *ssec, *tsec; + u32 ssid; + u32 dsid; u32 perm; }; @@ -771,12 +897,12 @@ static int _iomem_has_perm(void *v, u32 ad.range.start = start; ad.range.end = end; - rc = avc_has_perm(data->ssec->sid, sid, SECCLASS_RESOURCE, data->perm, &ad); + rc = avc_has_perm(data->ssid, sid, SECCLASS_RESOURCE, data->perm, &ad); if ( rc ) return rc; - return avc_has_perm(data->tsec->sid, sid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); + return avc_has_perm(data->dsid, sid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); } static int flask_iomem_permission(struct domain *d, uint64_t start, uint64_t end, uint8_t access) @@ -784,7 +910,7 @@ static int flask_iomem_permission(struct struct iomem_has_perm_data data; int rc; - rc = domain_has_perm(current->domain, d, SECCLASS_RESOURCE, + rc = current_has_perm(d, SECCLASS_RESOURCE, resource_to_perm(access)); if ( rc ) return rc; @@ -794,18 +920,22 @@ static int flask_iomem_permission(struct else data.perm = RESOURCE__REMOVE_IOMEM; - data.ssec = current->domain->ssid; - data.tsec = d->ssid; + data.ssid = domain_sid(current->domain); + data.dsid = domain_sid(d); return security_iterate_iomem_sids(start, end, _iomem_has_perm, &data); } +static int flask_iomem_mapping(struct domain *d, uint64_t start, uint64_t end, uint8_t access) +{ + return flask_iomem_permission(d, start, end, access); +} + static int flask_pci_config_permission(struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access) { - u32 rsid; + u32 dsid, rsid; int rc = -EPERM; struct avc_audit_data ad; - struct domain_security_struct *ssec; u32 perm = RESOURCE__USE; rc = security_device_sid(machine_bdf, &rsid); @@ -818,33 +948,24 @@ static int flask_pci_config_permission(s AVC_AUDIT_DATA_INIT(&ad, DEV); ad.device = (unsigned long) machine_bdf; - ssec = d->ssid; - return avc_has_perm(ssec->sid, rsid, SECCLASS_RESOURCE, perm, &ad); + dsid = domain_sid(d); + return avc_has_perm(dsid, rsid, SECCLASS_RESOURCE, perm, &ad); } static int flask_resource_plug_core(void) { - struct domain_security_struct *ssec; - - ssec = current->domain->ssid; - return avc_has_perm(ssec->sid, SECINITSID_DOMXEN, SECCLASS_RESOURCE, RESOURCE__PLUG, NULL); + return avc_current_has_perm(SECINITSID_DOMXEN, SECCLASS_RESOURCE, RESOURCE__PLUG, NULL); } static int flask_resource_unplug_core(void) { - struct domain_security_struct *ssec; - - ssec = current->domain->ssid; - return avc_has_perm(ssec->sid, SECINITSID_DOMXEN, SECCLASS_RESOURCE, RESOURCE__UNPLUG, NULL); + return avc_current_has_perm(SECINITSID_DOMXEN, SECCLASS_RESOURCE, RESOURCE__UNPLUG, NULL); } static int flask_resource_use_core(void) { - struct domain_security_struct *ssec; - - ssec = current->domain->ssid; - return avc_has_perm(ssec->sid, SECINITSID_DOMXEN, SECCLASS_RESOURCE, RESOURCE__USE, NULL); + return avc_current_has_perm(SECINITSID_DOMXEN, SECCLASS_RESOURCE, RESOURCE__USE, NULL); } static int flask_resource_plug_pci(uint32_t machine_bdf) @@ -852,7 +973,6 @@ static int flask_resource_plug_pci(uint3 u32 rsid; int rc = -EPERM; struct avc_audit_data ad; - struct domain_security_struct *ssec; rc = security_device_sid(machine_bdf, &rsid); if ( rc ) @@ -860,8 +980,7 @@ static int flask_resource_plug_pci(uint3 AVC_AUDIT_DATA_INIT(&ad, DEV); ad.device = (unsigned long) machine_bdf; - ssec = current->domain->ssid; - return avc_has_perm(ssec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__PLUG, &ad); + return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__PLUG, &ad); } static int flask_resource_unplug_pci(uint32_t machine_bdf) @@ -869,7 +988,6 @@ static int flask_resource_unplug_pci(uin u32 rsid; int rc = -EPERM; struct avc_audit_data ad; - struct domain_security_struct *ssec; rc = security_device_sid(machine_bdf, &rsid); if ( rc ) @@ -877,8 +995,7 @@ static int flask_resource_unplug_pci(uin AVC_AUDIT_DATA_INIT(&ad, DEV); ad.device = (unsigned long) machine_bdf; - ssec = current->domain->ssid; - return avc_has_perm(ssec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__UNPLUG, &ad); + return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__UNPLUG, &ad); } static int flask_resource_setup_pci(uint32_t machine_bdf) @@ -886,7 +1003,6 @@ static int flask_resource_setup_pci(uint u32 rsid; int rc = -EPERM; struct avc_audit_data ad; - struct domain_security_struct *ssec; rc = security_device_sid(machine_bdf, &rsid); if ( rc ) @@ -894,8 +1010,7 @@ static int flask_resource_setup_pci(uint AVC_AUDIT_DATA_INIT(&ad, DEV); ad.device = (unsigned long) machine_bdf; - ssec = current->domain->ssid; - return avc_has_perm(ssec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__SETUP, &ad); + return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__SETUP, &ad); } static int flask_resource_setup_gsi(int gsi) @@ -903,22 +1018,17 @@ static int flask_resource_setup_gsi(int u32 rsid; int rc = -EPERM; struct avc_audit_data ad; - struct domain_security_struct *ssec; rc = get_irq_sid(gsi, &rsid, &ad); if ( rc ) return rc; - ssec = current->domain->ssid; - return avc_has_perm(ssec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__SETUP, &ad); + return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__SETUP, &ad); } static int flask_resource_setup_misc(void) { - struct domain_security_struct *ssec; - - ssec = current->domain->ssid; - return avc_has_perm(ssec->sid, SECINITSID_XEN, SECCLASS_RESOURCE, RESOURCE__SETUP, NULL); + return avc_current_has_perm(SECINITSID_XEN, SECCLASS_RESOURCE, RESOURCE__SETUP, NULL); } static inline int flask_page_offline(uint32_t cmd) @@ -935,24 +1045,14 @@ static inline int flask_page_offline(uin } } -static inline int flask_lockprof(void) +static inline int flask_tmem_op(void) { - return domain_has_xen(current->domain, XEN__LOCKPROF); + return domain_has_xen(current->domain, XEN__TMEM_OP); } -static inline int flask_cpupool_op(void) +static inline int flask_tmem_control(void) { - return domain_has_xen(current->domain, XEN__CPUPOOL_OP); -} - -static inline int flask_sched_op(void) -{ - return domain_has_xen(current->domain, XEN__SCHED_OP); -} - -static int flask_perfcontrol(void) -{ - return domain_has_xen(current->domain, XEN__PERFCONTROL); + return domain_has_xen(current->domain, XEN__TMEM_CONTROL); } #ifdef CONFIG_X86 @@ -981,11 +1081,12 @@ static int flask_shadow_control(struct d return -EPERM; } - return domain_has_perm(current->domain, d, SECCLASS_SHADOW, perm); + return current_has_perm(d, SECCLASS_SHADOW, perm); } struct ioport_has_perm_data { - struct domain_security_struct *ssec, *tsec; + u32 ssid; + u32 dsid; u32 perm; }; @@ -999,21 +1100,20 @@ static int _ioport_has_perm(void *v, u32 ad.range.start = start; ad.range.end = end; - rc = avc_has_perm(data->ssec->sid, sid, SECCLASS_RESOURCE, data->perm, &ad); + rc = avc_has_perm(data->ssid, sid, SECCLASS_RESOURCE, data->perm, &ad); if ( rc ) return rc; - return avc_has_perm(data->tsec->sid, sid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); + return avc_has_perm(data->dsid, sid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); } - static int flask_ioport_permission(struct domain *d, uint32_t start, uint32_t end, uint8_t access) { int rc; struct ioport_has_perm_data data; - rc = domain_has_perm(current->domain, d, SECCLASS_RESOURCE, + rc = current_has_perm(d, SECCLASS_RESOURCE, resource_to_perm(access)); if ( rc ) @@ -1024,68 +1124,15 @@ static int flask_ioport_permission(struc else data.perm = RESOURCE__REMOVE_IOPORT; - data.ssec = current->domain->ssid; - data.tsec = d->ssid; + data.ssid = domain_sid(current->domain); + data.dsid = domain_sid(d); return security_iterate_ioport_sids(start, end, _ioport_has_perm, &data); } -static int flask_getpageframeinfo(struct domain *d) +static int flask_ioport_mapping(struct domain *d, uint32_t start, uint32_t end, uint8_t access) { - return domain_has_perm(current->domain, d, SECCLASS_MMU, MMU__PAGEINFO); -} - -static int flask_getmemlist(struct domain *d) -{ - return domain_has_perm(current->domain, d, SECCLASS_MMU, MMU__PAGELIST); -} - -static int flask_hypercall_init(struct domain *d) -{ - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, - DOMAIN__HYPERCALL); -} - -static int flask_hvmcontext(struct domain *d, uint32_t cmd) -{ - u32 perm; - - switch ( cmd ) - { - case XEN_DOMCTL_sethvmcontext: - perm = HVM__SETHVMC; - break; - case XEN_DOMCTL_gethvmcontext: - case XEN_DOMCTL_gethvmcontext_partial: - perm = HVM__GETHVMC; - break; - case HVMOP_track_dirty_vram: - perm = HVM__TRACKDIRTYVRAM; - break; - default: - return -EPERM; - } - - return domain_has_perm(current->domain, d, SECCLASS_HVM, perm); -} - -static int flask_address_size(struct domain *d, uint32_t cmd) -{ - u32 perm; - - switch ( cmd ) - { - case XEN_DOMCTL_set_address_size: - perm = DOMAIN__SETADDRSIZE; - break; - case XEN_DOMCTL_get_address_size: - perm = DOMAIN__GETADDRSIZE; - break; - default: - return -EPERM; - } - - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, perm); + return flask_ioport_permission(d, start, end, access); } static int flask_hvm_param(struct domain *d, unsigned long op) @@ -1107,32 +1154,45 @@ static int flask_hvm_param(struct domain perm = HVM__HVMCTL; } - return domain_has_perm(current->domain, d, SECCLASS_HVM, perm); + return current_has_perm(d, SECCLASS_HVM, perm); } static int flask_hvm_set_pci_intx_level(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_HVM, HVM__PCILEVEL); + return current_has_perm(d, SECCLASS_HVM, HVM__PCILEVEL); } static int flask_hvm_set_isa_irq_level(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_HVM, HVM__IRQLEVEL); + return current_has_perm(d, SECCLASS_HVM, HVM__IRQLEVEL); } static int flask_hvm_set_pci_link_route(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_HVM, HVM__PCIROUTE); + return current_has_perm(d, SECCLASS_HVM, HVM__PCIROUTE); } -static int flask_mem_event(struct domain *d) +static int flask_hvm_inject_msi(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_HVM, HVM__MEM_EVENT); + return current_has_perm(d, SECCLASS_HVM, HVM__SEND_IRQ); } -static int flask_mem_sharing(struct domain *d) +static int flask_mem_event_control(struct domain *d, int mode, int op) { - return domain_has_perm(current->domain, d, SECCLASS_HVM, HVM__MEM_SHARING); + return current_has_perm(d, SECCLASS_HVM, HVM__MEM_EVENT); +} + +static int flask_mem_event_op(struct domain *d, int op) +{ + return current_has_perm(d, SECCLASS_HVM, HVM__MEM_EVENT); +} + +static int flask_mem_sharing_op(struct domain *d, struct domain *cd, int op) +{ + int rc = current_has_perm(cd, SECCLASS_HVM, HVM__MEM_SHARING); + if ( rc ) + return rc; + return domain_has_perm(d, cd, SECCLASS_HVM, HVM__SHARE_MEM); } static int flask_apic(struct domain *d, int cmd) @@ -1141,10 +1201,11 @@ static int flask_apic(struct domain *d, switch ( cmd ) { - case PHYSDEVOP_APIC_READ: + case PHYSDEVOP_apic_read: + case PHYSDEVOP_alloc_irq_vector: perm = XEN__READAPIC; break; - case PHYSDEVOP_APIC_WRITE: + case PHYSDEVOP_apic_write: perm = XEN__WRITEAPIC; break; default: @@ -1154,150 +1215,114 @@ static int flask_apic(struct domain *d, return domain_has_xen(d, perm); } -static int flask_xen_settime(void) +static int flask_platform_op(uint32_t op) { - return domain_has_xen(current->domain, XEN__SETTIME); -} + switch ( op ) + { +#ifdef CONFIG_X86 + /* These operations have their own XSM hooks */ + case XENPF_cpu_online: + case XENPF_cpu_offline: + case XENPF_cpu_hotadd: + case XENPF_mem_hotadd: + return 0; +#endif -static int flask_memtype(uint32_t access) -{ - u32 perm; + case XENPF_settime: + return domain_has_xen(current->domain, XEN__SETTIME); - switch ( access ) - { case XENPF_add_memtype: - perm = XEN__MTRR_ADD; - break; + return domain_has_xen(current->domain, XEN__MTRR_ADD); + case XENPF_del_memtype: - perm = XEN__MTRR_DEL; - break; + return domain_has_xen(current->domain, XEN__MTRR_DEL); + case XENPF_read_memtype: - perm = XEN__MTRR_READ; - break; + return domain_has_xen(current->domain, XEN__MTRR_READ); + + case XENPF_microcode_update: + return domain_has_xen(current->domain, XEN__MICROCODE); + + case XENPF_platform_quirk: + return domain_has_xen(current->domain, XEN__QUIRK); + + case XENPF_firmware_info: + return domain_has_xen(current->domain, XEN__FIRMWARE); + + case XENPF_efi_runtime_call: + return domain_has_xen(current->domain, XEN__FIRMWARE); + + case XENPF_enter_acpi_sleep: + return domain_has_xen(current->domain, XEN__SLEEP); + + case XENPF_change_freq: + return domain_has_xen(current->domain, XEN__FREQUENCY); + + case XENPF_getidletime: + return domain_has_xen(current->domain, XEN__GETIDLE); + + case XENPF_set_processor_pminfo: + case XENPF_core_parking: + return domain_has_xen(current->domain, XEN__PM_OP); + + case XENPF_get_cpu_version: + case XENPF_get_cpuinfo: + return domain_has_xen(current->domain, XEN__GETCPUINFO); + default: + printk("flask_platform_op: Unknown op %d\n", op); return -EPERM; } - - return domain_has_xen(current->domain, perm); -} - -static int flask_microcode(void) -{ - return domain_has_xen(current->domain, XEN__MICROCODE); -} - -static int flask_physinfo(void) -{ - return domain_has_xen(current->domain, XEN__PHYSINFO); -} - -static int flask_platform_quirk(uint32_t quirk) -{ - struct domain_security_struct *dsec; - dsec = current->domain->ssid; - - return avc_has_perm(dsec->sid, SECINITSID_XEN, SECCLASS_XEN, - XEN__QUIRK, NULL); -} - -static int flask_firmware_info(void) -{ - return domain_has_xen(current->domain, XEN__FIRMWARE); -} - -static int flask_efi_call(void) -{ - return domain_has_xen(current->domain, XEN__FIRMWARE); -} - -static int flask_acpi_sleep(void) -{ - return domain_has_xen(current->domain, XEN__SLEEP); -} - -static int flask_change_freq(void) -{ - return domain_has_xen(current->domain, XEN__FREQUENCY); -} - -static int flask_getidletime(void) -{ - return domain_has_xen(current->domain, XEN__GETIDLE); } static int flask_machine_memory_map(void) { - struct domain_security_struct *dsec; - dsec = current->domain->ssid; - - return avc_has_perm(dsec->sid, SECINITSID_XEN, SECCLASS_MMU, - MMU__MEMORYMAP, NULL); + return avc_current_has_perm(SECINITSID_XEN, SECCLASS_MMU, MMU__MEMORYMAP, NULL); } static int flask_domain_memory_map(struct domain *d) { - return domain_has_perm(current->domain, d, SECCLASS_MMU, MMU__MEMORYMAP); + return current_has_perm(d, SECCLASS_MMU, MMU__MEMORYMAP); } -static int domain_memory_perm(struct domain *d, struct domain *f, l1_pgentry_t pte) +static int flask_mmu_update(struct domain *d, struct domain *t, + struct domain *f, uint32_t flags) { int rc = 0; - u32 map_perms = MMU__MAP_READ; - unsigned long fgfn, fmfn; - p2m_type_t p2mt; + u32 map_perms = 0; - if ( !(l1e_get_flags(pte) & _PAGE_PRESENT) ) - return 0; - - if ( l1e_get_flags(pte) & _PAGE_RW ) - map_perms |= MMU__MAP_WRITE; - - fgfn = l1e_get_pfn(pte); - fmfn = mfn_x(get_gfn_query(f, fgfn, &p2mt)); - put_gfn(f, fgfn); - - if ( f->domain_id == DOMID_IO || !mfn_valid(fmfn) ) - { - struct avc_audit_data ad; - struct domain_security_struct *dsec = d->ssid; - u32 fsid; - AVC_AUDIT_DATA_INIT(&ad, MEMORY); - ad.sdom = d; - ad.tdom = f; - ad.memory.pte = pte.l1; - ad.memory.mfn = fmfn; - rc = security_iomem_sid(fmfn, &fsid); - if ( rc ) - return rc; - return avc_has_perm(dsec->sid, fsid, SECCLASS_MMU, map_perms, &ad); - } - - return domain_has_perm(d, f, SECCLASS_MMU, map_perms); -} - -static int flask_mmu_normal_update(struct domain *d, struct domain *t, - struct domain *f, intpte_t fpte) -{ - int rc = 0; - - if (d != t) + if ( t && d != t ) rc = domain_has_perm(d, t, SECCLASS_MMU, MMU__REMOTE_REMAP); if ( rc ) return rc; - return domain_memory_perm(d, f, l1e_from_intpte(fpte)); + if ( flags & XSM_MMU_UPDATE_READ ) + map_perms |= MMU__MAP_READ; + if ( flags & XSM_MMU_UPDATE_WRITE ) + map_perms |= MMU__MAP_WRITE; + if ( flags & XSM_MMU_MACHPHYS_UPDATE ) + map_perms |= MMU__UPDATEMP; + + if ( map_perms ) + rc = domain_has_perm(d, f, SECCLASS_MMU, map_perms); + return rc; } -static int flask_mmu_machphys_update(struct domain *d1, struct domain *d2, - unsigned long mfn) +static int flask_mmuext_op(struct domain *d, struct domain *f) { - return domain_has_perm(d1, d2, SECCLASS_MMU, MMU__UPDATEMP); + return domain_has_perm(d, f, SECCLASS_MMU, MMU__MMUEXT_OP); } static int flask_update_va_mapping(struct domain *d, struct domain *f, l1_pgentry_t pte) { - return domain_memory_perm(d, f, pte); + u32 map_perms = MMU__MAP_READ; + if ( !(l1e_get_flags(pte) & _PAGE_PRESENT) ) + return 0; + if ( l1e_get_flags(pte) & _PAGE_RW ) + map_perms |= MMU__MAP_WRITE; + + return domain_has_perm(d, f, SECCLASS_MMU, map_perms); } static int flask_add_to_physmap(struct domain *d1, struct domain *d2) @@ -1310,45 +1335,37 @@ static int flask_remove_from_physmap(str return domain_has_perm(d1, d2, SECCLASS_MMU, MMU__PHYSMAP); } -static int flask_sendtrigger(struct domain *d) -{ - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__TRIGGER); -} - static int flask_get_device_group(uint32_t machine_bdf) { u32 rsid; int rc = -EPERM; - struct domain_security_struct *ssec = current->domain->ssid; rc = security_device_sid(machine_bdf, &rsid); if ( rc ) return rc; - return avc_has_perm(ssec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__STAT_DEVICE, NULL); + return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__STAT_DEVICE, NULL); } static int flask_test_assign_device(uint32_t machine_bdf) { u32 rsid; int rc = -EPERM; - struct domain_security_struct *ssec = current->domain->ssid; rc = security_device_sid(machine_bdf, &rsid); if ( rc ) return rc; - return rc = avc_has_perm(ssec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__STAT_DEVICE, NULL); + return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__STAT_DEVICE, NULL); } static int flask_assign_device(struct domain *d, uint32_t machine_bdf) { - u32 rsid; + u32 dsid, rsid; int rc = -EPERM; - struct domain_security_struct *ssec, *tsec; struct avc_audit_data ad; - rc = domain_has_perm(current->domain, d, SECCLASS_RESOURCE, RESOURCE__ADD); + rc = current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__ADD); if ( rc ) return rc; @@ -1358,22 +1375,20 @@ static int flask_assign_device(struct do AVC_AUDIT_DATA_INIT(&ad, DEV); ad.device = (unsigned long) machine_bdf; - ssec = current->domain->ssid; - rc = avc_has_perm(ssec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__ADD_DEVICE, &ad); + rc = avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__ADD_DEVICE, &ad); if ( rc ) return rc; - tsec = d->ssid; - return avc_has_perm(tsec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); + dsid = domain_sid(d); + return avc_has_perm(dsid, rsid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); } static int flask_deassign_device(struct domain *d, uint32_t machine_bdf) { u32 rsid; int rc = -EPERM; - struct domain_security_struct *ssec = current->domain->ssid; - rc = domain_has_perm(current->domain, d, SECCLASS_RESOURCE, RESOURCE__REMOVE); + rc = current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__REMOVE); if ( rc ) return rc; @@ -1381,18 +1396,17 @@ static int flask_deassign_device(struct if ( rc ) return rc; - return rc = avc_has_perm(ssec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__REMOVE_DEVICE, NULL); + return avc_current_has_perm(rsid, SECCLASS_RESOURCE, RESOURCE__REMOVE_DEVICE, NULL); } static int flask_bind_pt_irq (struct domain *d, struct xen_domctl_bind_pt_irq *bind) { - u32 rsid; + u32 dsid, rsid; int rc = -EPERM; int irq; - struct domain_security_struct *ssec, *tsec; struct avc_audit_data ad; - rc = domain_has_perm(current->domain, d, SECCLASS_RESOURCE, RESOURCE__ADD); + rc = current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__ADD); if ( rc ) return rc; @@ -1402,61 +1416,17 @@ static int flask_bind_pt_irq (struct dom if ( rc ) return rc; - ssec = current->domain->ssid; - rc = avc_has_perm(ssec->sid, rsid, SECCLASS_HVM, HVM__BIND_IRQ, &ad); + rc = avc_current_has_perm(rsid, SECCLASS_HVM, HVM__BIND_IRQ, &ad); if ( rc ) return rc; - tsec = d->ssid; - return avc_has_perm(tsec->sid, rsid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); + dsid = domain_sid(d); + return avc_has_perm(dsid, rsid, SECCLASS_RESOURCE, RESOURCE__USE, &ad); } static int flask_unbind_pt_irq (struct domain *d, struct xen_domctl_bind_pt_irq *bind) { - return domain_has_perm(current->domain, d, SECCLASS_RESOURCE, RESOURCE__REMOVE); -} - -static int flask_pin_mem_cacheattr (struct domain *d) -{ - return domain_has_perm(current->domain, d, SECCLASS_HVM, HVM__CACHEATTR); -} - -static int flask_ext_vcpucontext (struct domain *d, uint32_t cmd) -{ - u32 perm; - - switch ( cmd ) - { - case XEN_DOMCTL_set_ext_vcpucontext: - perm = DOMAIN__SETEXTVCPUCONTEXT; - break; - case XEN_DOMCTL_get_ext_vcpucontext: - perm = DOMAIN__GETEXTVCPUCONTEXT; - break; - default: - return -EPERM; - } - - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, perm); -} - -static int flask_vcpuextstate (struct domain *d, uint32_t cmd) -{ - u32 perm; - - switch ( cmd ) - { - case XEN_DOMCTL_setvcpuextstate: - perm = DOMAIN__SETVCPUEXTSTATE; - break; - case XEN_DOMCTL_getvcpuextstate: - perm = DOMAIN__GETVCPUEXTSTATE; - break; - default: - return -EPERM; - } - - return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, perm); + return current_has_perm(d, SECCLASS_RESOURCE, RESOURCE__REMOVE); } #endif @@ -1464,35 +1434,14 @@ long do_flask_op(XEN_GUEST_HANDLE_PARAM( static struct xsm_operations flask_ops = { .security_domaininfo = flask_security_domaininfo, - .setvcpucontext = flask_setvcpucontext, - .pausedomain = flask_pausedomain, - .unpausedomain = flask_unpausedomain, - .resumedomain = flask_resumedomain, .domain_create = flask_domain_create, - .max_vcpus = flask_max_vcpus, - .destroydomain = flask_destroydomain, - .vcpuaffinity = flask_vcpuaffinity, - .scheduler = flask_scheduler, .getdomaininfo = flask_getdomaininfo, - .getvcpucontext = flask_getvcpucontext, - .getvcpuinfo = flask_getvcpuinfo, - .domain_settime = flask_domain_settime, + .domctl_scheduler_op = flask_domctl_scheduler_op, + .sysctl_scheduler_op = flask_sysctl_scheduler_op, .set_target = flask_set_target, .domctl = flask_domctl, - .set_virq_handler = flask_set_virq_handler, - .tbufcontrol = flask_tbufcontrol, + .sysctl = flask_sysctl, .readconsole = flask_readconsole, - .sched_id = flask_sched_id, - .setdomainmaxmem = flask_setdomainmaxmem, - .setdomainhandle = flask_setdomainhandle, - .setdebugging = flask_setdebugging, - .perfcontrol = flask_perfcontrol, - .debug_keys = flask_debug_keys, - .getcpuinfo = flask_getcpuinfo, - .availheap = flask_availheap, - .get_pmstat = flask_get_pmstat, - .setpminfo = flask_setpminfo, - .pm_op = flask_pm_op, .do_mca = flask_do_mca, .evtchn_unbound = flask_evtchn_unbound, @@ -1517,6 +1466,7 @@ static struct xsm_operations flask_ops = .get_pod_target = flask_get_pod_target, .set_pod_target = flask_set_pod_target, + .memory_exchange = flask_memory_exchange, .memory_adjust_reservation = flask_memory_adjust_reservation, .memory_stat_reservation = flask_memory_stat_reservation, .memory_pin_page = flask_memory_pin_page, @@ -1534,6 +1484,7 @@ static struct xsm_operations flask_ops = .unmap_domain_pirq = flask_unmap_domain_pirq, .irq_permission = flask_irq_permission, .iomem_permission = flask_iomem_permission, + .iomem_mapping = flask_iomem_mapping, .pci_config_permission = flask_pci_config_permission, .resource_plug_core = flask_resource_plug_core, @@ -1545,54 +1496,38 @@ static struct xsm_operations flask_ops = .resource_setup_misc = flask_resource_setup_misc, .page_offline = flask_page_offline, - .lockprof = flask_lockprof, - .cpupool_op = flask_cpupool_op, - .sched_op = flask_sched_op, + .tmem_op = flask_tmem_op, + .tmem_control = flask_tmem_control, .do_xsm_op = do_flask_op, #ifdef CONFIG_X86 .shadow_control = flask_shadow_control, - .getpageframeinfo = flask_getpageframeinfo, - .getmemlist = flask_getmemlist, - .hypercall_init = flask_hypercall_init, - .hvmcontext = flask_hvmcontext, - .address_size = flask_address_size, .hvm_param = flask_hvm_param, .hvm_set_pci_intx_level = flask_hvm_set_pci_intx_level, .hvm_set_isa_irq_level = flask_hvm_set_isa_irq_level, .hvm_set_pci_link_route = flask_hvm_set_pci_link_route, - .mem_event = flask_mem_event, - .mem_sharing = flask_mem_sharing, + .hvm_inject_msi = flask_hvm_inject_msi, + .mem_event_control = flask_mem_event_control, + .mem_event_op = flask_mem_event_op, + .mem_sharing_op = flask_mem_sharing_op, .apic = flask_apic, - .xen_settime = flask_xen_settime, - .memtype = flask_memtype, - .microcode = flask_microcode, - .physinfo = flask_physinfo, - .platform_quirk = flask_platform_quirk, - .firmware_info = flask_firmware_info, - .efi_call = flask_efi_call, - .acpi_sleep = flask_acpi_sleep, - .change_freq = flask_change_freq, - .getidletime = flask_getidletime, + .platform_op = flask_platform_op, .machine_memory_map = flask_machine_memory_map, .domain_memory_map = flask_domain_memory_map, - .mmu_normal_update = flask_mmu_normal_update, - .mmu_machphys_update = flask_mmu_machphys_update, + .mmu_update = flask_mmu_update, + .mmuext_op = flask_mmuext_op, .update_va_mapping = flask_update_va_mapping, .add_to_physmap = flask_add_to_physmap, .remove_from_physmap = flask_remove_from_physmap, - .sendtrigger = flask_sendtrigger, .get_device_group = flask_get_device_group, .test_assign_device = flask_test_assign_device, .assign_device = flask_assign_device, .deassign_device = flask_deassign_device, .bind_pt_irq = flask_bind_pt_irq, .unbind_pt_irq = flask_unbind_pt_irq, - .pin_mem_cacheattr = flask_pin_mem_cacheattr, - .ext_vcpucontext = flask_ext_vcpucontext, - .vcpuextstate = flask_vcpuextstate, .ioport_permission = flask_ioport_permission, + .ioport_mapping = flask_ioport_mapping, #endif }; diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/xsm/flask/include/objsec.h --- a/xen/xsm/flask/include/objsec.h Fri Jan 11 12:22:30 2013 +0000 +++ b/xen/xsm/flask/include/objsec.h Fri Jan 11 12:23:39 2013 +0000 @@ -19,6 +19,8 @@ struct domain_security_struct { u32 sid; /* current SID */ + u32 self_sid; /* SID for target when operating on DOMID_SELF */ + u32 target_sid; /* SID for device model target domain */ }; struct evtchn_security_struct { diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/xsm/flask/policy/access_vectors --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/xen/xsm/flask/policy/access_vectors Fri Jan 11 12:23:39 2013 +0000 @@ -0,0 +1,436 @@ +# +# Define the access vectors. +# +# class class_name { permission_name ... } + +# Class xen consists of dom0-only operations dealing with the hypervisor itself. +# Unless otherwise specified, the source is the domain executing the hypercall, +# and the target is the xen initial sid (type xen_t). +class xen +{ +# XENPF_settime + settime +# XEN_SYSCTL_tbuf_op + tbufcontrol +# CONSOLEIO_read, XEN_SYSCTL_readconsole + readconsole +# XEN_SYSCTL_readconsole with clear=1 + clearconsole +# XEN_SYSCTL_perfc_op + perfcontrol +# XENPF_add_memtype + mtrr_add +# XENPF_del_memtype + mtrr_del +# XENPF_read_memtype + mtrr_read +# XENPF_microcode_update + microcode +# XEN_SYSCTL_physinfo, XEN_SYSCTL_topologyinfo, XEN_SYSCTL_numainfo + physinfo +# XENPF_platform_quirk + quirk +# CONSOLEIO_write + writeconsole +# PHYSDEVOP_apic_read, PHYSDEVOP_alloc_irq_vector + readapic +# PHYSDEVOP_apic_write + writeapic +# Most XENOPROF_* + privprofile +# XENOPROF_{init,enable_virq,disable_virq,get_buffer} + nonprivprofile +# kexec hypercall + kexec +# XENPF_firmware_info, XENPF_efi_runtime_call + firmware +# XENPF_enter_acpi_sleep + sleep +# XENPF_change_freq + frequency +# XENPF_getidletime + getidle +# XEN_SYSCTL_debug_keys + debug +# XEN_SYSCTL_getcpuinfo, XENPF_get_cpu_version, XENPF_get_cpuinfo + getcpuinfo +# XEN_SYSCTL_availheap + heap +# XEN_SYSCTL_get_pmstat, XEN_SYSCTL_pm_op, XENPF_set_processor_pminfo, +# XENPF_core_parking + pm_op +# mca hypercall + mca_op +# XEN_SYSCTL_lockprof_op + lockprof +# XEN_SYSCTL_cpupool_op + cpupool_op +# tmem hypercall (any access) + tmem_op +# TMEM_CONTROL command of tmem hypercall + tmem_control +# XEN_SYSCTL_scheduler_op with XEN_DOMCTL_SCHEDOP_getinfo, XEN_SYSCTL_sched_id + getscheduler +# XEN_SYSCTL_scheduler_op with XEN_DOMCTL_SCHEDOP_putinfo + setscheduler +} + +# Classes domain and domain2 consist of operations that a domain performs on +# another domain or on itself. Unless otherwise specified, the source is the +# domain executing the hypercall, and the target is the domain being operated on +# (which may result in a _self or _target type). +# +# transitions in class domain are used to produce the _self and _target types; +# see docs/misc/xsm-flask.txt and the example XSM policy for details. +class domain +{ +# XEN_DOMCTL_setvcpucontext + setvcpucontext +# XEN_DOMCTL_pausedomain + pause +# XEN_DOMCTL_unpausedomain + unpause +# XEN_DOMCTL_resumedomain + resume +# XEN_DOMCTL_createdomain + create +# checked in FLASK_RELABEL_DOMAIN for any relabel operation: +# source = the old label of the domain +# target = the new label of the domain +# see also the domain2 relabel{from,to,self} permissions + transition +# XEN_DOMCTL_max_vcpus + max_vcpus +# XEN_DOMCTL_destroydomain + destroy +# XEN_DOMCTL_setvcpuaffinity + setvcpuaffinity +# XEN_DOMCTL_getvcpuaffinity + getvcpuaffinity +# XEN_DOMCTL_scheduler_op with XEN_DOMCTL_SCHEDOP_getinfo + getscheduler +# XEN_DOMCTL_getdomaininfo, XEN_SYSCTL_getdomaininfolist + getdomaininfo +# XEN_DOMCTL_getvcpuinfo + getvcpuinfo +# XEN_DOMCTL_getvcpucontext + getvcpucontext +# XEN_DOMCTL_max_mem + setdomainmaxmem +# XEN_DOMCTL_setdomainhandle + setdomainhandle +# XEN_DOMCTL_setdebugging + setdebugging +# XEN_DOMCTL_hypercall_init + hypercall +# XEN_DOMCTL_settimeoffset + settime +# checked in XEN_DOMCTL_set_target: +# source = the new device model domain +# target = the new target domain +# see also the domain2 make_priv_for and set_as_target checks + set_target +# SCHEDOP_remote_shutdown + shutdown +# XEN_DOMCTL_set{,_machine}_address_size + setaddrsize +# XEN_DOMCTL_get{,_machine}_address_size + getaddrsize +# XEN_DOMCTL_sendtrigger + trigger +# XEN_DOMCTL_get_ext_vcpucontext + getextvcpucontext +# XEN_DOMCTL_set_ext_vcpucontext + setextvcpucontext +# XEN_DOMCTL_getvcpuextstate + getvcpuextstate +# XEN_DOMCTL_setvcpuextstate + setvcpuextstate +# XENMEM_get_pod_target + getpodtarget +# XENMEM_set_pod_target + setpodtarget +# XEN_DOMCTL_subscribe, XEN_DOMCTL_disable_migrate, +# XEN_DOMCTL_suppress_spurious_page_faults + set_misc_info +# XEN_DOMCTL_set_virq_handler + set_virq_handler +} + +# This is a continuation of class domain, since only 32 permissions can be +# defined per class +class domain2 +{ +# checked in FLASK_RELABEL_DOMAIN with non-DOMID_SELF: +# source = the domain making the hypercall +# target = the old label of the domain being relabeled + relabelfrom +# checked in FLASK_RELABEL_DOMAIN with non-DOMID_SELF: +# source = the domain making the hypercall +# target = the new label of the domain being relabeled + relabelto +# checked in FLASK_RELABEL_DOMAIN, only with DOMID_SELF: +# source = the old label of the domain +# target = the new label of the domain +# see also domain__transition + relabelself +# checked in XEN_DOMCTL_set_target: +# source = the domain making the hypercall +# target = the new device model domain + make_priv_for +# checked in XEN_DOMCTL_set_target: +# source = the domain making the hypercall +# target = the new target domain + set_as_target +# XEN_DOMCTL_set_cpuid + set_cpuid +# XEN_DOMCTL_gettscinfo + gettsc +# XEN_DOMCTL_settscinfo + settsc +# XEN_DOMCTL_scheduler_op with XEN_DOMCTL_SCHEDOP_putinfo + setscheduler +} + +# Similar to class domain, but primarily contains domctls related to HVM domains +class hvm +{ +# XEN_DOMCTL_sethvmcontext + sethvmc +# XEN_DOMCTL_gethvmcontext, XEN_DOMCTL_gethvmcontext_partial + gethvmc +# HVMOP_set_param + setparam +# HVMOP_get_param + getparam +# HVMOP_set_pci_intx_level (also needs hvmctl) + pcilevel +# HVMOP_set_isa_irq_level + irqlevel +# HVMOP_set_pci_link_route + pciroute + bind_irq +# XEN_DOMCTL_pin_mem_cacheattr + cacheattr +# HVMOP_track_dirty_vram + trackdirtyvram +# HVMOP_modified_memory, HVMOP_get_mem_type, HVMOP_set_mem_type, +# HVMOP_set_mem_access, HVMOP_get_mem_access, HVMOP_pagetable_dying, +# HVMOP_inject_trap + hvmctl +# XEN_DOMCTL_set_access_required + mem_event +# XEN_DOMCTL_mem_sharing_op and XENMEM_sharing_op_{share,add_physmap} with: +# source = the domain making the hypercall +# target = domain whose memory is being shared + mem_sharing +# XEN_DOMCTL_audit_p2m + audit_p2m +# HVMOP_inject_msi + send_irq +# checked in XENMEM_sharing_op_{share,add_physmap} with: +# source = domain whose memory is being shared +# target = client domain + share_mem +} + +# Class event describes event channels. Interdomain event channels have their +# own security label which is computed using a type transition between the +# source and target domains. Each endpoint has its own label, and the +# permission checks must pass on both endpoints for an event channel to be +# established. +class event +{ +# when creating an interdomain event channel endpoint: +# source = event channel label +# target = remote domain the event channel binds to. This may be a _self or +# _target label if the endpoints are related as such. +# This permission is checked when creating an unbound event channel and when the +# interdomain event channel is established. + bind +# EVTCHNOP_send: +# source = domain sending the event +# target = event channel label + send +# EVTCHNOP_status; same as _send + status +# when creating an interdomain event channel endpoint: +# source = the domain creating the channel (which might not be an endpoint) +# target = event channel label + create +# EVTCHNOP_reset: +# source = domain making the hypercall +# target = domain whose event channels are being reset + reset +} + +# Class grant describes pages shared by grant mappings. Pages use the security +# label of their owning domain. +class grant +{ +# GNTTABOP_map_grant_ref with any access + map_read +# GNTTABOP_map_grant_ref with write access + map_write +# GNTTABOP_unmap_grant_ref + unmap +# GNTTABOP_transfer + transfer +# GNTTABOP_setup_table, GNTTABOP_get_status_frames (target is commonly _self) + setup +# GNTTABOP_copy + copy +# GNTTABOP_query_size, GNTTABOP_get_version + query +} + +# Class mmu describes pages of memory not accessed using grants. Permissions +# are checked using the domain ID used to access the page - the most common case +# is a domain's own ID (the _self label). Using DOMID_IO in the map command to +# restrict the mapping to IO memory will result in the target being domio_t, and +# migration uses read-only mappings with a target of DOMID_XEN (domxen_t). +class mmu +{ +# checked when using mmu_update to map a page readably +# source = domain making the hypercall (which might not own the page table) +# target = domain whose pages are being mapped + map_read +# checked when using mmu_update to map a page writably +# source = domain making the hypercall +# target = domain whose pages are being mapped + map_write +# XEN_DOMCTL_getpageframeinfo* + pageinfo +# XEN_DOMCTL_getmemlist + pagelist +# XENMEM_{increase,decrease}_reservation, XENMEM_populate_physmap + adjust +# XENMEM_{current,maximum}_reservation, XENMEM_maximum_gpfn + stat +# mmu_update MMU_MACHPHYS_UPDATE + updatemp +# XENMEM_add_to_physmap, XENMEM_remove_from_physmap + physmap +# MMUEXT_PIN_L*_TABLE + pinpage +# XENMEM_machine_memory_map (with target xen_t) +# XENMEM_set_memory_map (with domain target) + memorymap +# checked when using mmu_update to update the page tables of another domain +# source = domain making the hypercall +# target = domain whose page tables are being modified + remote_remap +# the mmuext_op hypercall acting on the target domain + mmuext_op +# XENMEM_exchange: +# source = domain making the hypercall +# target = domain whose pages are being exchanged + exchange +} + +# control of the paging_domctl split by subop +class shadow +{ +# XEN_DOMCTL_SHADOW_OP_OFF + disable +# enable, get/set allocation + enable +# enable, read, and clean log + logdirty +} + +# Class resource is used to describe the resources used in hardware device +# passthrough. Resources include: hardware IRQs, MMIO regions, x86 I/O ports, +# and PCI devices; see docs/misc/xsm-flask.txt for how to label them. +# +# Access to the legacy PCI configuration space on x86 via port 0xCF8/CFC +# requires IS_PRIV, even with FLASK. Writes to the BARs are checked as "setup", +# while other reads/writes are "use"; the target is the PCI device whose +# configuration space is being modified. Accesses to the MMIO-based PCI express +# configuration space described by the ACPI MCFG table are controlled as MMIO +# accesses, and cannot special-case BAR writes. +# +# The {add,remove}_{irq,ioport,iomem,device} permissions use: +# source = domain making the hypercall +# target = resource's security label +class resource +{ +# checked when adding a resource to a domain: +# source = domain making the hypercall +# target = domain which will have access to the resource + add +# checked when removing a resource from a domain: +# source = domain making the hypercall +# target = domain which will no longer have access to the resource + remove +# checked when adding a resource to a domain: +# source = domain which will have access to the resource +# target = resource's security label +# also checked when using some core Xen devices (target xen_t) + use +# PHYSDEVOP_map_pirq and ioapic writes for dom0 +# For GSI interrupts, the IRQ's label is indexed by the IRQ number +# For MSI interrupts, the label of the PCI device is used + add_irq +# PHYSDEVOP_unmap_pirq: +# This is currently only checked for GSI interrupts + remove_irq +# XEN_DOMCTL_ioport_permission, XEN_DOMCTL_ioport_mapping + add_ioport + remove_ioport +# XEN_DOMCTL_iomem_permission, XEN_DOMCTL_memory_mapping + add_iomem + remove_iomem +# XEN_DOMCTL_get_device_group, XEN_DOMCTL_test_assign_device: +# source = domain making the hypercall +# target = PCI device being queried + stat_device +# XEN_DOMCTL_assign_device + add_device +# XEN_DOMCTL_deassign_device + remove_device +# checked for PCI hot and cold-plug hypercalls, with target as the PCI device +# checked for CPU and memory hotplug with xen_t as the target + plug +# checked for PCI hot-unplug hypercalls, with target as the PCI device +# checked for CPU offlining with xen_t as the target + unplug +# checked for PHYSDEVOP_restore_msi* (target PCI device) +# checked for PHYSDEVOP_setup_gsi (target IRQ) +# checked for PHYSDEVOP_pci_mmcfg_reserved (target xen_t) + setup +} + +# Class security describes the FLASK security server itself; these operations +# are accessed using the xsm_op hypercall. The source is the domain invoking +# the hypercall, and the target is security_t. +# +# Any domain with access to load_policy or setenforce must be trusted, since it +# can bypass the rest of the security policy. +class security +{ +# use the security server to compute an access check + compute_av +# use the security server to compute a type transition + compute_create +# use the security server to compute member selection + compute_member +# sid <-> context string conversions + check_context +# allow loading a new XSM/FLASK policy + load_policy +# use the security server to compute an object relabel + compute_relabel +# use the security server to list the SIDs reachable by a given user + compute_user +# allow switching between enforcing and permissive mode + setenforce +# allow changing policy booleans + setbool +# allow changing security server configuration parmeters + setsecparam +# add ocontext label definitions for resources + add_ocontext +# remove ocontext label definitions for resources + del_ocontext +} diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/xsm/flask/policy/initial_sids --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/xen/xsm/flask/policy/initial_sids Fri Jan 11 12:23:39 2013 +0000 @@ -0,0 +1,16 @@ +# FLASK + +# +# Define initial security identifiers +# +sid xen +sid dom0 +sid domio +sid domxen +sid unlabeled +sid security +sid ioport +sid iomem +sid irq +sid device +# FLASK diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/xsm/flask/policy/mkaccess_vector.sh --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/xen/xsm/flask/policy/mkaccess_vector.sh Fri Jan 11 12:23:39 2013 +0000 @@ -0,0 +1,138 @@ +#!/bin/sh - +# + +# FLASK + +set -e + +awk=$1 +shift + +# output files +av_permissions="include/av_permissions.h" +av_perm_to_string="include/av_perm_to_string.h" + +cat $* | $awk " +BEGIN { + outfile = \"$av_permissions\" + avpermfile = \"$av_perm_to_string\" + "' + nextstate = "COMMON_OR_AV"; + printf("/* This file is automatically generated. Do not edit. */\n") > outfile; + printf("/* This file is automatically generated. Do not edit. */\n") > avpermfile; +; + } +/^[ \t]*#/ { + next; + } +$1 == "class" { + if (nextstate != "COMMON_OR_AV" && + nextstate != "CLASS_OR_CLASS-OPENBRACKET") + { + printf("Parse error: Unexpected class definition on line %d\n", NR); + next; + } + + tclass = $2; + + if (tclass in av_defined) + { + printf("Duplicate access vector definition for %s on line %d\n", tclass, NR); + next; + } + av_defined[tclass] = 1; + + permission = 1; + + nextstate = "INHERITS_OR_CLASS-OPENBRACKET"; + next; + } +$1 == "{" { + if (nextstate != "INHERITS_OR_CLASS-OPENBRACKET" && + nextstate != "CLASS_OR_CLASS-OPENBRACKET" && + nextstate != "COMMON-OPENBRACKET") + { + printf("Parse error: Unexpected { on line %d\n", NR); + next; + } + + if (nextstate == "INHERITS_OR_CLASS-OPENBRACKET") + nextstate = "CLASS-CLOSEBRACKET"; + + if (nextstate == "CLASS_OR_CLASS-OPENBRACKET") + nextstate = "CLASS-CLOSEBRACKET"; + + if (nextstate == "COMMON-OPENBRACKET") + nextstate = "COMMON-CLOSEBRACKET"; + } +/[a-z][a-z_]*/ { + if (nextstate != "COMMON-CLOSEBRACKET" && + nextstate != "CLASS-CLOSEBRACKET") + { + printf("Parse error: Unexpected symbol %s on line %d\n", $1, NR); + next; + } + + if (nextstate == "COMMON-CLOSEBRACKET") + { + if ((common_name,$1) in common_perms) + { + printf("Duplicate permission %s for common %s on line %d.\n", $1, common_name, NR); + next; + } + + common_perms[common_name,$1] = permission; + + printf("#define COMMON_%s__%s", toupper(common_name), toupper($1)) > outfile; + + printf(" S_(\"%s\")\n", $1) > cpermfile; + } + else + { + if ((tclass,$1) in av_perms) + { + printf("Duplicate permission %s for %s on line %d.\n", $1, tclass, NR); + next; + } + + av_perms[tclass,$1] = permission; + + printf("#define %s__%s", toupper(tclass), toupper($1)) > outfile; + + printf(" S_(SECCLASS_%s, %s__%s, \"%s\")\n", toupper(tclass), toupper(tclass), toupper($1), $1) > avpermfile; + } + + spaces = 40 - (length($1) + length(tclass)); + if (spaces < 1) + spaces = 1; + + for (i = 0; i < spaces; i++) + printf(" ") > outfile; + printf("0x%08xUL\n", permission) > outfile; + permission = permission * 2; + } +$1 == "}" { + if (nextstate != "CLASS-CLOSEBRACKET" && + nextstate != "COMMON-CLOSEBRACKET") + { + printf("Parse error: Unexpected } on line %d\n", NR); + next; + } + + if (nextstate == "COMMON-CLOSEBRACKET") + { + common_base[common_name] = permission; + printf("TE_(common_%s_perm_to_string)\n\n", common_name) > cpermfile; + } + + printf("\n") > outfile; + + nextstate = "COMMON_OR_AV"; + } +END { + if (nextstate != "COMMON_OR_AV" && nextstate != "CLASS_OR_CLASS-OPENBRACKET") + printf("Parse error: Unexpected end of file\n"); + + }' + +# FLASK diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/xsm/flask/policy/mkflask.sh --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/xen/xsm/flask/policy/mkflask.sh Fri Jan 11 12:23:39 2013 +0000 @@ -0,0 +1,95 @@ +#!/bin/sh - +# + +# FLASK + +set -e + +awk=$1 +shift 1 + +# output file +output_file="include/flask.h" +debug_file="include/class_to_string.h" +debug_file2="include/initial_sid_to_string.h" + +cat $* | $awk " +BEGIN { + outfile = \"$output_file\" + debugfile = \"$debug_file\" + debugfile2 = \"$debug_file2\" + "' + nextstate = "CLASS"; + + printf("/* This file is automatically generated. Do not edit. */\n") > outfile; + + printf("#ifndef _SELINUX_FLASK_H_\n") > outfile; + printf("#define _SELINUX_FLASK_H_\n") > outfile; + printf("\n/*\n * Security object class definitions\n */\n") > outfile; + printf("/* This file is automatically generated. Do not edit. */\n") > debugfile; + printf("/*\n * Security object class definitions\n */\n") > debugfile; + printf(" S_(\"null\")\n") > debugfile; + printf("/* This file is automatically generated. Do not edit. */\n") > debugfile2; + printf("static char *initial_sid_to_string[] =\n{\n") > debugfile2; + printf(" \"null\",\n") > debugfile2; + } +/^[ \t]*#/ { + next; + } +$1 == "class" { + if (nextstate != "CLASS") + { + printf("Parse error: Unexpected class definition on line %d\n", NR); + next; + } + + if ($2 in class_found) + { + printf("Duplicate class definition for %s on line %d.\n", $2, NR); + next; + } + class_found[$2] = 1; + + class_value++; + + printf("#define SECCLASS_%s", toupper($2)) > outfile; + for (i = 0; i < 40 - length($2); i++) + printf(" ") > outfile; + printf("%d\n", class_value) > outfile; + + printf(" S_(\"%s\")\n", $2) > debugfile; + } +$1 == "sid" { + if (nextstate == "CLASS") + { + nextstate = "SID"; + printf("\n/*\n * Security identifier indices for initial entities\n */\n") > outfile; + } + + if ($2 in sid_found) + { + printf("Duplicate SID definition for %s on line %d.\n", $2, NR); + next; + } + sid_found[$2] = 1; + sid_value++; + + printf("#define SECINITSID_%s", toupper($2)) > outfile; + for (i = 0; i < 37 - length($2); i++) + printf(" ") > outfile; + printf("%d\n", sid_value) > outfile; + printf(" \"%s\",\n", $2) > debugfile2; + } +END { + if (nextstate != "SID") + printf("Parse error: Unexpected end of file\n"); + + printf("\n#define SECINITSID_NUM") > outfile; + for (i = 0; i < 34; i++) + printf(" ") > outfile; + printf("%d\n", sid_value) > outfile; + printf("\n#endif\n") > outfile; + printf("};\n\n") > debugfile2; + }' + +# FLASK diff -r 0b9dfd067b42 -r f54b7b1f65ea xen/xsm/flask/policy/security_classes --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/xen/xsm/flask/policy/security_classes Fri Jan 11 12:23:39 2013 +0000 @@ -0,0 +1,21 @@ +# FLASK + +# +# Define the security object classes +# + +# Classes marked as userspace are classes +# for userspace object managers + +class xen +class domain +class domain2 +class hvm +class mmu +class resource +class shadow +class event +class grant +class security + +# FLASK _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:36 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:36 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGa-0007hw-9z; Wed, 16 Jan 2013 08:22:36 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGY-0007d5-Jv for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:34 +0000 Received: from [193.109.254.147:31635] by server-11.bemta-14.messagelabs.com id DF/DB-02659-94366F05; Wed, 16 Jan 2013 08:22:33 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-3.tower-27.messagelabs.com!1358324536!9109478!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 6903 invoked from network); 16 Jan 2013 08:22:16 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-3.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:16 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGF-0003rX-Tm for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:15 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGF-0000b8-Sb for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:15 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:15 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen: platform_hypercall XSM hook removal X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357900982 0 # Node ID 4b101bfde4ba2568f3359cf27d38f8dbaf52a0d8 # Parent 0bc879ecb8b3ece2fd879578f18c9565e82f175b xen: platform_hypercall XSM hook removal A number of the platform_hypercall XSM hooks have no parameters or only pass the operation ID, making them redundant with the xsm_platform_op hook. Remove these redundant hooks. Signed-off-by: Daniel De Graaf Committed-by: Keir Fraser --- diff -r 0bc879ecb8b3 -r 4b101bfde4ba xen/arch/x86/platform_hypercall.c --- a/xen/arch/x86/platform_hypercall.c Fri Jan 11 10:42:30 2013 +0000 +++ b/xen/arch/x86/platform_hypercall.c Fri Jan 11 10:43:02 2013 +0000 @@ -90,10 +90,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA { case XENPF_settime: { - ret = xsm_xen_settime(); - if ( ret ) - break; - do_settime(op->u.settime.secs, op->u.settime.nsecs, op->u.settime.system_time); @@ -103,10 +99,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA case XENPF_add_memtype: { - ret = xsm_memtype(op->cmd); - if ( ret ) - break; - ret = mtrr_add_page( op->u.add_memtype.mfn, op->u.add_memtype.nr_mfns, @@ -126,10 +118,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA case XENPF_del_memtype: { - ret = xsm_memtype(op->cmd); - if ( ret ) - break; - if (op->u.del_memtype.handle == 0 /* mtrr/main.c otherwise does a lookup */ && (int)op->u.del_memtype.reg >= 0) @@ -148,10 +136,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA unsigned long mfn, nr_mfns; mtrr_type type; - ret = xsm_memtype(op->cmd); - if ( ret ) - break; - ret = -EINVAL; if ( op->u.read_memtype.reg < num_var_ranges ) { @@ -169,10 +153,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA { XEN_GUEST_HANDLE(const_void) data; - ret = xsm_microcode(); - if ( ret ) - break; - guest_from_compat_handle(data, op->u.microcode.data); /* @@ -200,10 +180,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA { int quirk_id = op->u.platform_quirk.quirk_id; - ret = xsm_platform_quirk(quirk_id); - if ( ret ) - break; - switch ( quirk_id ) { case QUIRK_NOIRQBALANCING: @@ -225,10 +201,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA break; case XENPF_firmware_info: - ret = xsm_firmware_info(); - if ( ret ) - break; - switch ( op->u.firmware_info.type ) { case XEN_FW_DISK_INFO: { @@ -337,10 +309,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA break; case XENPF_efi_runtime_call: - ret = xsm_efi_call(); - if ( ret ) - break; - ret = efi_runtime_call(&op->u.efi_runtime_call); if ( ret == 0 && __copy_field_to_guest(u_xenpf_op, op, u.efi_runtime_call) ) @@ -348,18 +316,10 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA break; case XENPF_enter_acpi_sleep: - ret = xsm_acpi_sleep(); - if ( ret ) - break; - ret = acpi_enter_sleep(&op->u.enter_acpi_sleep); break; case XENPF_change_freq: - ret = xsm_change_freq(); - if ( ret ) - break; - ret = -ENOSYS; if ( cpufreq_controller != FREQCTL_dom0_kernel ) break; @@ -381,10 +341,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA XEN_GUEST_HANDLE(uint8) cpumap_bitmap; XEN_GUEST_HANDLE(uint64) idletimes; - ret = xsm_getidletime(); - if ( ret ) - break; - ret = -ENOSYS; if ( cpufreq_controller != FREQCTL_dom0_kernel ) break; @@ -421,10 +377,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA break; case XENPF_set_processor_pminfo: - ret = xsm_setpminfo(); - if ( ret ) - break; - switch ( op->u.set_pminfo.type ) { case XEN_PM_PX: @@ -477,10 +429,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA g_info = &op->u.pcpu_info; - ret = xsm_getcpuinfo(); - if ( ret ) - break; - if ( !get_cpu_maps() ) { ret = -EBUSY; @@ -514,10 +462,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA { struct xenpf_pcpu_version *ver = &op->u.pcpu_version; - ret = xsm_getcpuinfo(); - if ( ret ) - break; - if ( !get_cpu_maps() ) { ret = -EBUSY; @@ -570,10 +514,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA break; } - ret = xsm_resource_plug_core(); - if ( ret ) - break; - ret = continue_hypercall_on_cpu( 0, cpu_up_helper, (void *)(unsigned long)cpu); break; diff -r 0bc879ecb8b3 -r 4b101bfde4ba xen/include/xsm/dummy.h --- a/xen/include/xsm/dummy.h Fri Jan 11 10:42:30 2013 +0000 +++ b/xen/include/xsm/dummy.h Fri Jan 11 10:43:02 2013 +0000 @@ -63,21 +63,6 @@ static XSM_INLINE int xsm_readconsole(ui return 0; } -static XSM_INLINE int xsm_getcpuinfo(void) -{ - return 0; -} - -static XSM_INLINE int xsm_setpminfo(void) -{ - return 0; -} - -static XSM_INLINE int xsm_pm_op(void) -{ - return 0; -} - static XSM_INLINE int xsm_do_mca(void) { if ( !IS_PRIV(current->domain) ) @@ -436,26 +421,6 @@ static XSM_INLINE int xsm_apic(struct do return 0; } -static XSM_INLINE int xsm_xen_settime(void) -{ - return 0; -} - -static XSM_INLINE int xsm_memtype(uint32_t access) -{ - return 0; -} - -static XSM_INLINE int xsm_microcode(void) -{ - return 0; -} - -static XSM_INLINE int xsm_platform_quirk(uint32_t quirk) -{ - return 0; -} - static XSM_INLINE int xsm_platform_op(uint32_t op) { if ( !IS_PRIV(current->domain) ) @@ -463,33 +428,6 @@ static XSM_INLINE int xsm_platform_op(ui return 0; } -static XSM_INLINE int xsm_firmware_info(void) -{ - return 0; -} - -static XSM_INLINE int xsm_efi_call(void) -{ - return 0; -} - -static XSM_INLINE int xsm_acpi_sleep(void) -{ - if ( !IS_PRIV(current->domain) ) - return -EPERM; - return 0; -} - -static XSM_INLINE int xsm_change_freq(void) -{ - return 0; -} - -static XSM_INLINE int xsm_getidletime(void) -{ - return 0; -} - static XSM_INLINE int xsm_machine_memory_map(void) { if ( !IS_PRIV(current->domain) ) diff -r 0bc879ecb8b3 -r 4b101bfde4ba xen/include/xsm/xsm.h --- a/xen/include/xsm/xsm.h Fri Jan 11 10:42:30 2013 +0000 +++ b/xen/include/xsm/xsm.h Fri Jan 11 10:43:02 2013 +0000 @@ -47,9 +47,6 @@ struct xsm_operations { int (*domctl) (struct domain *d, int cmd); int (*sysctl) (int cmd); int (*readconsole) (uint32_t clear); - int (*getcpuinfo) (void); - int (*setpminfo) (void); - int (*pm_op) (void); int (*do_mca) (void); int (*evtchn_unbound) (struct domain *d, struct evtchn *chn, domid_t id2); @@ -124,16 +121,8 @@ struct xsm_operations { int (*mem_event_op) (struct domain *d, int op); int (*mem_sharing_op) (struct domain *d, struct domain *cd, int op); int (*apic) (struct domain *d, int cmd); - int (*xen_settime) (void); int (*memtype) (uint32_t access); - int (*microcode) (void); - int (*platform_quirk) (uint32_t); int (*platform_op) (uint32_t cmd); - int (*firmware_info) (void); - int (*efi_call) (void); - int (*acpi_sleep) (void); - int (*change_freq) (void); - int (*getidletime) (void); int (*machine_memory_map) (void); int (*domain_memory_map) (struct domain *d); #define XSM_MMU_UPDATE_READ 1 @@ -194,21 +183,6 @@ static inline int xsm_readconsole (uint3 return xsm_ops->readconsole(clear); } -static inline int xsm_getcpuinfo(void) -{ - return xsm_ops->getcpuinfo(); -} - -static inline int xsm_setpminfo(void) -{ - return xsm_ops->setpminfo(); -} - -static inline int xsm_pm_op(void) -{ - return xsm_ops->pm_op(); -} - static inline int xsm_do_mca(void) { return xsm_ops->do_mca(); @@ -511,56 +485,16 @@ static inline int xsm_apic (struct domai return xsm_ops->apic(d, cmd); } -static inline int xsm_xen_settime (void) -{ - return xsm_ops->xen_settime(); -} - static inline int xsm_memtype (uint32_t access) { return xsm_ops->memtype(access); } -static inline int xsm_microcode (void) -{ - return xsm_ops->microcode(); -} - -static inline int xsm_platform_quirk (uint32_t quirk) -{ - return xsm_ops->platform_quirk(quirk); -} - static inline int xsm_platform_op (uint32_t op) { return xsm_ops->platform_op(op); } -static inline int xsm_firmware_info (void) -{ - return xsm_ops->firmware_info(); -} - -static inline int xsm_efi_call (void) -{ - return xsm_ops->efi_call(); -} - -static inline int xsm_acpi_sleep (void) -{ - return xsm_ops->acpi_sleep(); -} - -static inline int xsm_change_freq (void) -{ - return xsm_ops->change_freq(); -} - -static inline int xsm_getidletime (void) -{ - return xsm_ops->getidletime(); -} - static inline int xsm_machine_memory_map(void) { return xsm_ops->machine_memory_map(); diff -r 0bc879ecb8b3 -r 4b101bfde4ba xen/xsm/dummy.c --- a/xen/xsm/dummy.c Fri Jan 11 10:42:30 2013 +0000 +++ b/xen/xsm/dummy.c Fri Jan 11 10:43:02 2013 +0000 @@ -36,9 +36,6 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, domctl); set_to_dummy_if_null(ops, sysctl); set_to_dummy_if_null(ops, readconsole); - set_to_dummy_if_null(ops, getcpuinfo); - set_to_dummy_if_null(ops, setpminfo); - set_to_dummy_if_null(ops, pm_op); set_to_dummy_if_null(ops, do_mca); set_to_dummy_if_null(ops, evtchn_unbound); @@ -111,16 +108,7 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, mem_event_op); set_to_dummy_if_null(ops, mem_sharing_op); set_to_dummy_if_null(ops, apic); - set_to_dummy_if_null(ops, xen_settime); - set_to_dummy_if_null(ops, memtype); - set_to_dummy_if_null(ops, microcode); - set_to_dummy_if_null(ops, platform_quirk); set_to_dummy_if_null(ops, platform_op); - set_to_dummy_if_null(ops, firmware_info); - set_to_dummy_if_null(ops, efi_call); - set_to_dummy_if_null(ops, acpi_sleep); - set_to_dummy_if_null(ops, change_freq); - set_to_dummy_if_null(ops, getidletime); set_to_dummy_if_null(ops, machine_memory_map); set_to_dummy_if_null(ops, domain_memory_map); set_to_dummy_if_null(ops, mmu_update); diff -r 0bc879ecb8b3 -r 4b101bfde4ba xen/xsm/flask/hooks.c --- a/xen/xsm/flask/hooks.c Fri Jan 11 10:42:30 2013 +0000 +++ b/xen/xsm/flask/hooks.c Fri Jan 11 10:43:02 2013 +0000 @@ -1177,64 +1177,51 @@ static int flask_apic(struct domain *d, return domain_has_xen(d, perm); } -static int flask_xen_settime(void) -{ - return domain_has_xen(current->domain, XEN__SETTIME); -} - -static int flask_memtype(uint32_t access) -{ - u32 perm; - - switch ( access ) - { - case XENPF_add_memtype: - perm = XEN__MTRR_ADD; - break; - case XENPF_del_memtype: - perm = XEN__MTRR_DEL; - break; - case XENPF_read_memtype: - perm = XEN__MTRR_READ; - break; - default: - return -EPERM; - } - - return domain_has_xen(current->domain, perm); -} - -static int flask_microcode(void) -{ - return domain_has_xen(current->domain, XEN__MICROCODE); -} - -static int flask_platform_quirk(uint32_t quirk) -{ - return avc_current_has_perm(SECINITSID_XEN, SECCLASS_XEN, XEN__QUIRK, NULL); -} - static int flask_platform_op(uint32_t op) { switch ( op ) { - case XENPF_settime: - case XENPF_add_memtype: - case XENPF_del_memtype: - case XENPF_read_memtype: - case XENPF_microcode_update: - case XENPF_platform_quirk: - case XENPF_firmware_info: - case XENPF_efi_runtime_call: - case XENPF_enter_acpi_sleep: - case XENPF_change_freq: - case XENPF_getidletime: +#ifdef CONFIG_X86 + /* These operations have their own XSM hooks */ case XENPF_cpu_online: case XENPF_cpu_offline: case XENPF_cpu_hotadd: case XENPF_mem_hotadd: - /* These operations have their own XSM hooks */ return 0; +#endif + + case XENPF_settime: + return domain_has_xen(current->domain, XEN__SETTIME); + + case XENPF_add_memtype: + return domain_has_xen(current->domain, XEN__MTRR_ADD); + + case XENPF_del_memtype: + return domain_has_xen(current->domain, XEN__MTRR_DEL); + + case XENPF_read_memtype: + return domain_has_xen(current->domain, XEN__MTRR_READ); + + case XENPF_microcode_update: + return domain_has_xen(current->domain, XEN__MICROCODE); + + case XENPF_platform_quirk: + return domain_has_xen(current->domain, XEN__QUIRK); + + case XENPF_firmware_info: + return domain_has_xen(current->domain, XEN__FIRMWARE); + + case XENPF_efi_runtime_call: + return domain_has_xen(current->domain, XEN__FIRMWARE); + + case XENPF_enter_acpi_sleep: + return domain_has_xen(current->domain, XEN__SLEEP); + + case XENPF_change_freq: + return domain_has_xen(current->domain, XEN__FREQUENCY); + + case XENPF_getidletime: + return domain_has_xen(current->domain, XEN__GETIDLE); case XENPF_set_processor_pminfo: case XENPF_core_parking: @@ -1250,31 +1237,6 @@ static int flask_platform_op(uint32_t op } } -static int flask_firmware_info(void) -{ - return domain_has_xen(current->domain, XEN__FIRMWARE); -} - -static int flask_efi_call(void) -{ - return domain_has_xen(current->domain, XEN__FIRMWARE); -} - -static int flask_acpi_sleep(void) -{ - return domain_has_xen(current->domain, XEN__SLEEP); -} - -static int flask_change_freq(void) -{ - return domain_has_xen(current->domain, XEN__FREQUENCY); -} - -static int flask_getidletime(void) -{ - return domain_has_xen(current->domain, XEN__GETIDLE); -} - static int flask_machine_memory_map(void) { return avc_current_has_perm(SECINITSID_XEN, SECCLASS_MMU, MMU__MEMORYMAP, NULL); @@ -1508,16 +1470,7 @@ static struct xsm_operations flask_ops = .mem_event_op = flask_mem_event_op, .mem_sharing_op = flask_mem_sharing_op, .apic = flask_apic, - .xen_settime = flask_xen_settime, - .memtype = flask_memtype, - .microcode = flask_microcode, - .platform_quirk = flask_platform_quirk, .platform_op = flask_platform_op, - .firmware_info = flask_firmware_info, - .efi_call = flask_efi_call, - .acpi_sleep = flask_acpi_sleep, - .change_freq = flask_change_freq, - .getidletime = flask_getidletime, .machine_memory_map = flask_machine_memory_map, .domain_memory_map = flask_domain_memory_map, .mmu_update = flask_mmu_update, _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:36 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:36 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGa-0007hw-9z; Wed, 16 Jan 2013 08:22:36 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGY-0007d5-Jv for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:34 +0000 Received: from [193.109.254.147:31635] by server-11.bemta-14.messagelabs.com id DF/DB-02659-94366F05; Wed, 16 Jan 2013 08:22:33 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-3.tower-27.messagelabs.com!1358324536!9109478!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 6903 invoked from network); 16 Jan 2013 08:22:16 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-3.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:16 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGF-0003rX-Tm for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:15 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGF-0000b8-Sb for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:15 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:15 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen: platform_hypercall XSM hook removal X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357900982 0 # Node ID 4b101bfde4ba2568f3359cf27d38f8dbaf52a0d8 # Parent 0bc879ecb8b3ece2fd879578f18c9565e82f175b xen: platform_hypercall XSM hook removal A number of the platform_hypercall XSM hooks have no parameters or only pass the operation ID, making them redundant with the xsm_platform_op hook. Remove these redundant hooks. Signed-off-by: Daniel De Graaf Committed-by: Keir Fraser --- diff -r 0bc879ecb8b3 -r 4b101bfde4ba xen/arch/x86/platform_hypercall.c --- a/xen/arch/x86/platform_hypercall.c Fri Jan 11 10:42:30 2013 +0000 +++ b/xen/arch/x86/platform_hypercall.c Fri Jan 11 10:43:02 2013 +0000 @@ -90,10 +90,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA { case XENPF_settime: { - ret = xsm_xen_settime(); - if ( ret ) - break; - do_settime(op->u.settime.secs, op->u.settime.nsecs, op->u.settime.system_time); @@ -103,10 +99,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA case XENPF_add_memtype: { - ret = xsm_memtype(op->cmd); - if ( ret ) - break; - ret = mtrr_add_page( op->u.add_memtype.mfn, op->u.add_memtype.nr_mfns, @@ -126,10 +118,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA case XENPF_del_memtype: { - ret = xsm_memtype(op->cmd); - if ( ret ) - break; - if (op->u.del_memtype.handle == 0 /* mtrr/main.c otherwise does a lookup */ && (int)op->u.del_memtype.reg >= 0) @@ -148,10 +136,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA unsigned long mfn, nr_mfns; mtrr_type type; - ret = xsm_memtype(op->cmd); - if ( ret ) - break; - ret = -EINVAL; if ( op->u.read_memtype.reg < num_var_ranges ) { @@ -169,10 +153,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA { XEN_GUEST_HANDLE(const_void) data; - ret = xsm_microcode(); - if ( ret ) - break; - guest_from_compat_handle(data, op->u.microcode.data); /* @@ -200,10 +180,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA { int quirk_id = op->u.platform_quirk.quirk_id; - ret = xsm_platform_quirk(quirk_id); - if ( ret ) - break; - switch ( quirk_id ) { case QUIRK_NOIRQBALANCING: @@ -225,10 +201,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA break; case XENPF_firmware_info: - ret = xsm_firmware_info(); - if ( ret ) - break; - switch ( op->u.firmware_info.type ) { case XEN_FW_DISK_INFO: { @@ -337,10 +309,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA break; case XENPF_efi_runtime_call: - ret = xsm_efi_call(); - if ( ret ) - break; - ret = efi_runtime_call(&op->u.efi_runtime_call); if ( ret == 0 && __copy_field_to_guest(u_xenpf_op, op, u.efi_runtime_call) ) @@ -348,18 +316,10 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA break; case XENPF_enter_acpi_sleep: - ret = xsm_acpi_sleep(); - if ( ret ) - break; - ret = acpi_enter_sleep(&op->u.enter_acpi_sleep); break; case XENPF_change_freq: - ret = xsm_change_freq(); - if ( ret ) - break; - ret = -ENOSYS; if ( cpufreq_controller != FREQCTL_dom0_kernel ) break; @@ -381,10 +341,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA XEN_GUEST_HANDLE(uint8) cpumap_bitmap; XEN_GUEST_HANDLE(uint64) idletimes; - ret = xsm_getidletime(); - if ( ret ) - break; - ret = -ENOSYS; if ( cpufreq_controller != FREQCTL_dom0_kernel ) break; @@ -421,10 +377,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA break; case XENPF_set_processor_pminfo: - ret = xsm_setpminfo(); - if ( ret ) - break; - switch ( op->u.set_pminfo.type ) { case XEN_PM_PX: @@ -477,10 +429,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA g_info = &op->u.pcpu_info; - ret = xsm_getcpuinfo(); - if ( ret ) - break; - if ( !get_cpu_maps() ) { ret = -EBUSY; @@ -514,10 +462,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA { struct xenpf_pcpu_version *ver = &op->u.pcpu_version; - ret = xsm_getcpuinfo(); - if ( ret ) - break; - if ( !get_cpu_maps() ) { ret = -EBUSY; @@ -570,10 +514,6 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA break; } - ret = xsm_resource_plug_core(); - if ( ret ) - break; - ret = continue_hypercall_on_cpu( 0, cpu_up_helper, (void *)(unsigned long)cpu); break; diff -r 0bc879ecb8b3 -r 4b101bfde4ba xen/include/xsm/dummy.h --- a/xen/include/xsm/dummy.h Fri Jan 11 10:42:30 2013 +0000 +++ b/xen/include/xsm/dummy.h Fri Jan 11 10:43:02 2013 +0000 @@ -63,21 +63,6 @@ static XSM_INLINE int xsm_readconsole(ui return 0; } -static XSM_INLINE int xsm_getcpuinfo(void) -{ - return 0; -} - -static XSM_INLINE int xsm_setpminfo(void) -{ - return 0; -} - -static XSM_INLINE int xsm_pm_op(void) -{ - return 0; -} - static XSM_INLINE int xsm_do_mca(void) { if ( !IS_PRIV(current->domain) ) @@ -436,26 +421,6 @@ static XSM_INLINE int xsm_apic(struct do return 0; } -static XSM_INLINE int xsm_xen_settime(void) -{ - return 0; -} - -static XSM_INLINE int xsm_memtype(uint32_t access) -{ - return 0; -} - -static XSM_INLINE int xsm_microcode(void) -{ - return 0; -} - -static XSM_INLINE int xsm_platform_quirk(uint32_t quirk) -{ - return 0; -} - static XSM_INLINE int xsm_platform_op(uint32_t op) { if ( !IS_PRIV(current->domain) ) @@ -463,33 +428,6 @@ static XSM_INLINE int xsm_platform_op(ui return 0; } -static XSM_INLINE int xsm_firmware_info(void) -{ - return 0; -} - -static XSM_INLINE int xsm_efi_call(void) -{ - return 0; -} - -static XSM_INLINE int xsm_acpi_sleep(void) -{ - if ( !IS_PRIV(current->domain) ) - return -EPERM; - return 0; -} - -static XSM_INLINE int xsm_change_freq(void) -{ - return 0; -} - -static XSM_INLINE int xsm_getidletime(void) -{ - return 0; -} - static XSM_INLINE int xsm_machine_memory_map(void) { if ( !IS_PRIV(current->domain) ) diff -r 0bc879ecb8b3 -r 4b101bfde4ba xen/include/xsm/xsm.h --- a/xen/include/xsm/xsm.h Fri Jan 11 10:42:30 2013 +0000 +++ b/xen/include/xsm/xsm.h Fri Jan 11 10:43:02 2013 +0000 @@ -47,9 +47,6 @@ struct xsm_operations { int (*domctl) (struct domain *d, int cmd); int (*sysctl) (int cmd); int (*readconsole) (uint32_t clear); - int (*getcpuinfo) (void); - int (*setpminfo) (void); - int (*pm_op) (void); int (*do_mca) (void); int (*evtchn_unbound) (struct domain *d, struct evtchn *chn, domid_t id2); @@ -124,16 +121,8 @@ struct xsm_operations { int (*mem_event_op) (struct domain *d, int op); int (*mem_sharing_op) (struct domain *d, struct domain *cd, int op); int (*apic) (struct domain *d, int cmd); - int (*xen_settime) (void); int (*memtype) (uint32_t access); - int (*microcode) (void); - int (*platform_quirk) (uint32_t); int (*platform_op) (uint32_t cmd); - int (*firmware_info) (void); - int (*efi_call) (void); - int (*acpi_sleep) (void); - int (*change_freq) (void); - int (*getidletime) (void); int (*machine_memory_map) (void); int (*domain_memory_map) (struct domain *d); #define XSM_MMU_UPDATE_READ 1 @@ -194,21 +183,6 @@ static inline int xsm_readconsole (uint3 return xsm_ops->readconsole(clear); } -static inline int xsm_getcpuinfo(void) -{ - return xsm_ops->getcpuinfo(); -} - -static inline int xsm_setpminfo(void) -{ - return xsm_ops->setpminfo(); -} - -static inline int xsm_pm_op(void) -{ - return xsm_ops->pm_op(); -} - static inline int xsm_do_mca(void) { return xsm_ops->do_mca(); @@ -511,56 +485,16 @@ static inline int xsm_apic (struct domai return xsm_ops->apic(d, cmd); } -static inline int xsm_xen_settime (void) -{ - return xsm_ops->xen_settime(); -} - static inline int xsm_memtype (uint32_t access) { return xsm_ops->memtype(access); } -static inline int xsm_microcode (void) -{ - return xsm_ops->microcode(); -} - -static inline int xsm_platform_quirk (uint32_t quirk) -{ - return xsm_ops->platform_quirk(quirk); -} - static inline int xsm_platform_op (uint32_t op) { return xsm_ops->platform_op(op); } -static inline int xsm_firmware_info (void) -{ - return xsm_ops->firmware_info(); -} - -static inline int xsm_efi_call (void) -{ - return xsm_ops->efi_call(); -} - -static inline int xsm_acpi_sleep (void) -{ - return xsm_ops->acpi_sleep(); -} - -static inline int xsm_change_freq (void) -{ - return xsm_ops->change_freq(); -} - -static inline int xsm_getidletime (void) -{ - return xsm_ops->getidletime(); -} - static inline int xsm_machine_memory_map(void) { return xsm_ops->machine_memory_map(); diff -r 0bc879ecb8b3 -r 4b101bfde4ba xen/xsm/dummy.c --- a/xen/xsm/dummy.c Fri Jan 11 10:42:30 2013 +0000 +++ b/xen/xsm/dummy.c Fri Jan 11 10:43:02 2013 +0000 @@ -36,9 +36,6 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, domctl); set_to_dummy_if_null(ops, sysctl); set_to_dummy_if_null(ops, readconsole); - set_to_dummy_if_null(ops, getcpuinfo); - set_to_dummy_if_null(ops, setpminfo); - set_to_dummy_if_null(ops, pm_op); set_to_dummy_if_null(ops, do_mca); set_to_dummy_if_null(ops, evtchn_unbound); @@ -111,16 +108,7 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, mem_event_op); set_to_dummy_if_null(ops, mem_sharing_op); set_to_dummy_if_null(ops, apic); - set_to_dummy_if_null(ops, xen_settime); - set_to_dummy_if_null(ops, memtype); - set_to_dummy_if_null(ops, microcode); - set_to_dummy_if_null(ops, platform_quirk); set_to_dummy_if_null(ops, platform_op); - set_to_dummy_if_null(ops, firmware_info); - set_to_dummy_if_null(ops, efi_call); - set_to_dummy_if_null(ops, acpi_sleep); - set_to_dummy_if_null(ops, change_freq); - set_to_dummy_if_null(ops, getidletime); set_to_dummy_if_null(ops, machine_memory_map); set_to_dummy_if_null(ops, domain_memory_map); set_to_dummy_if_null(ops, mmu_update); diff -r 0bc879ecb8b3 -r 4b101bfde4ba xen/xsm/flask/hooks.c --- a/xen/xsm/flask/hooks.c Fri Jan 11 10:42:30 2013 +0000 +++ b/xen/xsm/flask/hooks.c Fri Jan 11 10:43:02 2013 +0000 @@ -1177,64 +1177,51 @@ static int flask_apic(struct domain *d, return domain_has_xen(d, perm); } -static int flask_xen_settime(void) -{ - return domain_has_xen(current->domain, XEN__SETTIME); -} - -static int flask_memtype(uint32_t access) -{ - u32 perm; - - switch ( access ) - { - case XENPF_add_memtype: - perm = XEN__MTRR_ADD; - break; - case XENPF_del_memtype: - perm = XEN__MTRR_DEL; - break; - case XENPF_read_memtype: - perm = XEN__MTRR_READ; - break; - default: - return -EPERM; - } - - return domain_has_xen(current->domain, perm); -} - -static int flask_microcode(void) -{ - return domain_has_xen(current->domain, XEN__MICROCODE); -} - -static int flask_platform_quirk(uint32_t quirk) -{ - return avc_current_has_perm(SECINITSID_XEN, SECCLASS_XEN, XEN__QUIRK, NULL); -} - static int flask_platform_op(uint32_t op) { switch ( op ) { - case XENPF_settime: - case XENPF_add_memtype: - case XENPF_del_memtype: - case XENPF_read_memtype: - case XENPF_microcode_update: - case XENPF_platform_quirk: - case XENPF_firmware_info: - case XENPF_efi_runtime_call: - case XENPF_enter_acpi_sleep: - case XENPF_change_freq: - case XENPF_getidletime: +#ifdef CONFIG_X86 + /* These operations have their own XSM hooks */ case XENPF_cpu_online: case XENPF_cpu_offline: case XENPF_cpu_hotadd: case XENPF_mem_hotadd: - /* These operations have their own XSM hooks */ return 0; +#endif + + case XENPF_settime: + return domain_has_xen(current->domain, XEN__SETTIME); + + case XENPF_add_memtype: + return domain_has_xen(current->domain, XEN__MTRR_ADD); + + case XENPF_del_memtype: + return domain_has_xen(current->domain, XEN__MTRR_DEL); + + case XENPF_read_memtype: + return domain_has_xen(current->domain, XEN__MTRR_READ); + + case XENPF_microcode_update: + return domain_has_xen(current->domain, XEN__MICROCODE); + + case XENPF_platform_quirk: + return domain_has_xen(current->domain, XEN__QUIRK); + + case XENPF_firmware_info: + return domain_has_xen(current->domain, XEN__FIRMWARE); + + case XENPF_efi_runtime_call: + return domain_has_xen(current->domain, XEN__FIRMWARE); + + case XENPF_enter_acpi_sleep: + return domain_has_xen(current->domain, XEN__SLEEP); + + case XENPF_change_freq: + return domain_has_xen(current->domain, XEN__FREQUENCY); + + case XENPF_getidletime: + return domain_has_xen(current->domain, XEN__GETIDLE); case XENPF_set_processor_pminfo: case XENPF_core_parking: @@ -1250,31 +1237,6 @@ static int flask_platform_op(uint32_t op } } -static int flask_firmware_info(void) -{ - return domain_has_xen(current->domain, XEN__FIRMWARE); -} - -static int flask_efi_call(void) -{ - return domain_has_xen(current->domain, XEN__FIRMWARE); -} - -static int flask_acpi_sleep(void) -{ - return domain_has_xen(current->domain, XEN__SLEEP); -} - -static int flask_change_freq(void) -{ - return domain_has_xen(current->domain, XEN__FREQUENCY); -} - -static int flask_getidletime(void) -{ - return domain_has_xen(current->domain, XEN__GETIDLE); -} - static int flask_machine_memory_map(void) { return avc_current_has_perm(SECINITSID_XEN, SECCLASS_MMU, MMU__MEMORYMAP, NULL); @@ -1508,16 +1470,7 @@ static struct xsm_operations flask_ops = .mem_event_op = flask_mem_event_op, .mem_sharing_op = flask_mem_sharing_op, .apic = flask_apic, - .xen_settime = flask_xen_settime, - .memtype = flask_memtype, - .microcode = flask_microcode, - .platform_quirk = flask_platform_quirk, .platform_op = flask_platform_op, - .firmware_info = flask_firmware_info, - .efi_call = flask_efi_call, - .acpi_sleep = flask_acpi_sleep, - .change_freq = flask_change_freq, - .getidletime = flask_getidletime, .machine_memory_map = flask_machine_memory_map, .domain_memory_map = flask_domain_memory_map, .mmu_update = flask_mmu_update, _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:37 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:37 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGb-0007k6-6k; Wed, 16 Jan 2013 08:22:37 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGZ-0007eT-56 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:35 +0000 Received: from [193.109.254.147:31764] by server-4.bemta-14.messagelabs.com id 55/B3-15233-A4366F05; Wed, 16 Jan 2013 08:22:34 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-8.tower-27.messagelabs.com!1358324550!8741900!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_DONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 7203 invoked from network); 16 Jan 2013 08:22:31 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-8.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:31 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGU-0003tA-B5 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:30 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGU-0000hQ-9x for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:30 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:29 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] nEPT: Try to enable EPT paging for L2 guest X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Zhang Xiantao # Date 1358245126 -3600 # Node ID 0d20a4939690437e2a2b2b29b30c7518000dd961 # Parent 4056e5a3d8150303bf8d89bd64b789e3a72321a3 nEPT: Try to enable EPT paging for L2 guest Once found EPT is enabled by L1 VMM, enabled nested EPT support for L2 guest. Signed-off-by: Zhang Xiantao Acked-by: Tim Deegan Acked-by: Jun Nakajima Acked-by: Eddie Dong Committed-by: Jan Beulich --- diff -r 4056e5a3d815 -r 0d20a4939690 xen/arch/x86/hvm/vmx/vmx.c --- a/xen/arch/x86/hvm/vmx/vmx.c Tue Jan 15 11:17:01 2013 +0100 +++ b/xen/arch/x86/hvm/vmx/vmx.c Tue Jan 15 11:18:46 2013 +0100 @@ -1461,6 +1461,7 @@ static struct hvm_function_table __read_ .nhvm_vcpu_guestcr3 = nvmx_vcpu_guestcr3, .nhvm_vcpu_p2m_base = nvmx_vcpu_eptp_base, .nhvm_vcpu_asid = nvmx_vcpu_asid, + .nhvm_vmcx_hap_enabled = nvmx_ept_enabled, .nhvm_vmcx_guest_intercepts_trap = nvmx_intercepts_exception, .nhvm_vcpu_vmexit_trap = nvmx_vmexit_trap, .nhvm_intr_blocked = nvmx_intr_blocked, @@ -2003,6 +2004,7 @@ static void ept_handle_violation(unsigne unsigned long gla, gfn = gpa >> PAGE_SHIFT; mfn_t mfn; p2m_type_t p2mt; + int ret; struct domain *d = current->domain; if ( tb_init_done ) @@ -2017,18 +2019,33 @@ static void ept_handle_violation(unsigne _d.gpa = gpa; _d.qualification = qualification; _d.mfn = mfn_x(get_gfn_query_unlocked(d, gfn, &_d.p2mt)); - + __trace_var(TRC_HVM_NPF, 0, sizeof(_d), &_d); } - if ( hvm_hap_nested_page_fault(gpa, + ret = hvm_hap_nested_page_fault(gpa, qualification & EPT_GLA_VALID ? 1 : 0, qualification & EPT_GLA_VALID ? __vmread(GUEST_LINEAR_ADDRESS) : ~0ull, qualification & EPT_READ_VIOLATION ? 1 : 0, qualification & EPT_WRITE_VIOLATION ? 1 : 0, - qualification & EPT_EXEC_VIOLATION ? 1 : 0) ) + qualification & EPT_EXEC_VIOLATION ? 1 : 0); + switch ( ret ) + { + case 0: // Unhandled L1 EPT violation + break; + case 1: // This violation is handled completly + /*Current nested EPT maybe flushed by other vcpus, so need + * to re-set its shadow EPTP pointer. + */ + if ( nestedhvm_vcpu_in_guestmode(current) && + nestedhvm_paging_mode_hap(current ) ) + __vmwrite(EPT_POINTER, get_shadow_eptp(current)); return; + case -1: // This vioaltion should be injected to L1 VMM + vcpu_nestedhvm(current).nv_vmexit_pending = 1; + return; + } /* Everything else is an error. */ mfn = get_gfn_query_unlocked(d, gfn, &p2mt); diff -r 4056e5a3d815 -r 0d20a4939690 xen/arch/x86/hvm/vmx/vvmx.c --- a/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 15 11:17:01 2013 +0100 +++ b/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 15 11:18:46 2013 +0100 @@ -41,6 +41,7 @@ int nvmx_vcpu_initialise(struct vcpu *v) gdprintk(XENLOG_ERR, "nest: allocation for shadow vmcs failed\n"); goto out; } + nvmx->ept.enabled = 0; nvmx->vmxon_region_pa = 0; nvcpu->nv_vvmcx = NULL; nvcpu->nv_vvmcxaddr = VMCX_EADDR; @@ -96,9 +97,11 @@ uint64_t nvmx_vcpu_guestcr3(struct vcpu uint64_t nvmx_vcpu_eptp_base(struct vcpu *v) { - /* TODO */ - ASSERT(0); - return 0; + uint64_t eptp_base; + struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v); + + eptp_base = __get_vvmcs(nvcpu->nv_vvmcx, EPT_POINTER); + return eptp_base & PAGE_MASK; } uint32_t nvmx_vcpu_asid(struct vcpu *v) @@ -108,6 +111,13 @@ uint32_t nvmx_vcpu_asid(struct vcpu *v) return 0; } +bool_t nvmx_ept_enabled(struct vcpu *v) +{ + struct nestedvmx *nvmx = &vcpu_2_nvmx(v); + + return !!(nvmx->ept.enabled); +} + static const enum x86_segment sreg_to_index[] = { [VMX_SREG_ES] = x86_seg_es, [VMX_SREG_CS] = x86_seg_cs, @@ -502,14 +512,16 @@ void nvmx_update_exec_control(struct vcp } void nvmx_update_secondary_exec_control(struct vcpu *v, - unsigned long value) + unsigned long host_cntrl) { u32 shadow_cntrl; struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v); + struct nestedvmx *nvmx = &vcpu_2_nvmx(v); shadow_cntrl = __get_vvmcs(nvcpu->nv_vvmcx, SECONDARY_VM_EXEC_CONTROL); - shadow_cntrl |= value; - set_shadow_control(v, SECONDARY_VM_EXEC_CONTROL, shadow_cntrl); + nvmx->ept.enabled = !!(shadow_cntrl & SECONDARY_EXEC_ENABLE_EPT); + shadow_cntrl |= host_cntrl; + __vmwrite(SECONDARY_VM_EXEC_CONTROL, shadow_cntrl); } static void nvmx_update_pin_control(struct vcpu *v, unsigned long host_cntrl) @@ -874,6 +886,16 @@ static void load_shadow_guest_state(stru /* TODO: CR3 target control */ } +uint64_t get_shadow_eptp(struct vcpu *v) +{ + uint64_t np2m_base = nvmx_vcpu_eptp_base(v); + struct p2m_domain *p2m = p2m_get_nestedp2m(v, np2m_base); + struct ept_data *ept = &p2m->ept; + + ept->asr = pagetable_get_pfn(p2m_get_pagetable(p2m)); + return ept_get_eptp(ept); +} + static void virtual_vmentry(struct cpu_user_regs *regs) { struct vcpu *v = current; @@ -918,7 +940,10 @@ static void virtual_vmentry(struct cpu_u /* updating host cr0 to sync TS bit */ __vmwrite(HOST_CR0, v->arch.hvm_vmx.host_cr0); - /* TODO: EPT_POINTER */ + /* Setup virtual ETP for L2 guest*/ + if ( nestedhvm_paging_mode_hap(v) ) + __vmwrite(EPT_POINTER, get_shadow_eptp(v)); + } static void sync_vvmcs_guest_state(struct vcpu *v, struct cpu_user_regs *regs) @@ -952,8 +977,8 @@ static void sync_vvmcs_ro(struct vcpu *v /* Adjust exit_reason/exit_qualifciation for violation case */ if ( __get_vvmcs(vvmcs, VM_EXIT_REASON) == EXIT_REASON_EPT_VIOLATION ) { - __set_vvmcs(vvmcs, EXIT_QUALIFICATION, nvmx->ept_exit.exit_qual); - __set_vvmcs(vvmcs, VM_EXIT_REASON, nvmx->ept_exit.exit_reason); + __set_vvmcs(vvmcs, EXIT_QUALIFICATION, nvmx->ept.exit_qual); + __set_vvmcs(vvmcs, VM_EXIT_REASON, nvmx->ept.exit_reason); } } @@ -1520,8 +1545,8 @@ nvmx_hap_walk_L1_p2m(struct vcpu *v, pad case EPT_TRANSLATE_VIOLATION: case EPT_TRANSLATE_MISCONFIG: rc = NESTEDHVM_PAGEFAULT_INJECT; - nvmx->ept_exit.exit_reason = exit_reason; - nvmx->ept_exit.exit_qual = exit_qual; + nvmx->ept.exit_reason = exit_reason; + nvmx->ept.exit_qual = exit_qual; break; case EPT_TRANSLATE_RETRY: rc = NESTEDHVM_PAGEFAULT_RETRY; diff -r 4056e5a3d815 -r 0d20a4939690 xen/include/asm-x86/hvm/vmx/vvmx.h --- a/xen/include/asm-x86/hvm/vmx/vvmx.h Tue Jan 15 11:17:01 2013 +0100 +++ b/xen/include/asm-x86/hvm/vmx/vvmx.h Tue Jan 15 11:18:46 2013 +0100 @@ -33,9 +33,10 @@ struct nestedvmx { u32 error_code; } intr; struct { + bool_t enabled; uint32_t exit_reason; uint32_t exit_qual; - } ept_exit; + } ept; }; #define vcpu_2_nvmx(v) (vcpu_nestedhvm(v).u.nvmx) @@ -110,6 +111,8 @@ int nvmx_intercepts_exception(struct vcp unsigned int trap, int error_code); void nvmx_domain_relinquish_resources(struct domain *d); +bool_t nvmx_ept_enabled(struct vcpu *v); + int nvmx_handle_vmxon(struct cpu_user_regs *regs); int nvmx_handle_vmxoff(struct cpu_user_regs *regs); @@ -178,6 +181,8 @@ enum vvmcs_encoding_type { u64 __get_vvmcs(void *vvmcs, u32 vmcs_encoding); void __set_vvmcs(void *vvmcs, u32 vmcs_encoding, u64 val); +uint64_t get_shadow_eptp(struct vcpu *v); + void nvmx_destroy_vmcs(struct vcpu *v); int nvmx_handle_vmptrld(struct cpu_user_regs *regs); int nvmx_handle_vmptrst(struct cpu_user_regs *regs); _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:37 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:37 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGb-0007k6-6k; Wed, 16 Jan 2013 08:22:37 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGZ-0007eT-56 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:35 +0000 Received: from [193.109.254.147:31764] by server-4.bemta-14.messagelabs.com id 55/B3-15233-A4366F05; Wed, 16 Jan 2013 08:22:34 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-8.tower-27.messagelabs.com!1358324550!8741900!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_DONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 7203 invoked from network); 16 Jan 2013 08:22:31 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-8.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:31 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGU-0003tA-B5 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:30 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGU-0000hQ-9x for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:30 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:29 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] nEPT: Try to enable EPT paging for L2 guest X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Zhang Xiantao # Date 1358245126 -3600 # Node ID 0d20a4939690437e2a2b2b29b30c7518000dd961 # Parent 4056e5a3d8150303bf8d89bd64b789e3a72321a3 nEPT: Try to enable EPT paging for L2 guest Once found EPT is enabled by L1 VMM, enabled nested EPT support for L2 guest. Signed-off-by: Zhang Xiantao Acked-by: Tim Deegan Acked-by: Jun Nakajima Acked-by: Eddie Dong Committed-by: Jan Beulich --- diff -r 4056e5a3d815 -r 0d20a4939690 xen/arch/x86/hvm/vmx/vmx.c --- a/xen/arch/x86/hvm/vmx/vmx.c Tue Jan 15 11:17:01 2013 +0100 +++ b/xen/arch/x86/hvm/vmx/vmx.c Tue Jan 15 11:18:46 2013 +0100 @@ -1461,6 +1461,7 @@ static struct hvm_function_table __read_ .nhvm_vcpu_guestcr3 = nvmx_vcpu_guestcr3, .nhvm_vcpu_p2m_base = nvmx_vcpu_eptp_base, .nhvm_vcpu_asid = nvmx_vcpu_asid, + .nhvm_vmcx_hap_enabled = nvmx_ept_enabled, .nhvm_vmcx_guest_intercepts_trap = nvmx_intercepts_exception, .nhvm_vcpu_vmexit_trap = nvmx_vmexit_trap, .nhvm_intr_blocked = nvmx_intr_blocked, @@ -2003,6 +2004,7 @@ static void ept_handle_violation(unsigne unsigned long gla, gfn = gpa >> PAGE_SHIFT; mfn_t mfn; p2m_type_t p2mt; + int ret; struct domain *d = current->domain; if ( tb_init_done ) @@ -2017,18 +2019,33 @@ static void ept_handle_violation(unsigne _d.gpa = gpa; _d.qualification = qualification; _d.mfn = mfn_x(get_gfn_query_unlocked(d, gfn, &_d.p2mt)); - + __trace_var(TRC_HVM_NPF, 0, sizeof(_d), &_d); } - if ( hvm_hap_nested_page_fault(gpa, + ret = hvm_hap_nested_page_fault(gpa, qualification & EPT_GLA_VALID ? 1 : 0, qualification & EPT_GLA_VALID ? __vmread(GUEST_LINEAR_ADDRESS) : ~0ull, qualification & EPT_READ_VIOLATION ? 1 : 0, qualification & EPT_WRITE_VIOLATION ? 1 : 0, - qualification & EPT_EXEC_VIOLATION ? 1 : 0) ) + qualification & EPT_EXEC_VIOLATION ? 1 : 0); + switch ( ret ) + { + case 0: // Unhandled L1 EPT violation + break; + case 1: // This violation is handled completly + /*Current nested EPT maybe flushed by other vcpus, so need + * to re-set its shadow EPTP pointer. + */ + if ( nestedhvm_vcpu_in_guestmode(current) && + nestedhvm_paging_mode_hap(current ) ) + __vmwrite(EPT_POINTER, get_shadow_eptp(current)); return; + case -1: // This vioaltion should be injected to L1 VMM + vcpu_nestedhvm(current).nv_vmexit_pending = 1; + return; + } /* Everything else is an error. */ mfn = get_gfn_query_unlocked(d, gfn, &p2mt); diff -r 4056e5a3d815 -r 0d20a4939690 xen/arch/x86/hvm/vmx/vvmx.c --- a/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 15 11:17:01 2013 +0100 +++ b/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 15 11:18:46 2013 +0100 @@ -41,6 +41,7 @@ int nvmx_vcpu_initialise(struct vcpu *v) gdprintk(XENLOG_ERR, "nest: allocation for shadow vmcs failed\n"); goto out; } + nvmx->ept.enabled = 0; nvmx->vmxon_region_pa = 0; nvcpu->nv_vvmcx = NULL; nvcpu->nv_vvmcxaddr = VMCX_EADDR; @@ -96,9 +97,11 @@ uint64_t nvmx_vcpu_guestcr3(struct vcpu uint64_t nvmx_vcpu_eptp_base(struct vcpu *v) { - /* TODO */ - ASSERT(0); - return 0; + uint64_t eptp_base; + struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v); + + eptp_base = __get_vvmcs(nvcpu->nv_vvmcx, EPT_POINTER); + return eptp_base & PAGE_MASK; } uint32_t nvmx_vcpu_asid(struct vcpu *v) @@ -108,6 +111,13 @@ uint32_t nvmx_vcpu_asid(struct vcpu *v) return 0; } +bool_t nvmx_ept_enabled(struct vcpu *v) +{ + struct nestedvmx *nvmx = &vcpu_2_nvmx(v); + + return !!(nvmx->ept.enabled); +} + static const enum x86_segment sreg_to_index[] = { [VMX_SREG_ES] = x86_seg_es, [VMX_SREG_CS] = x86_seg_cs, @@ -502,14 +512,16 @@ void nvmx_update_exec_control(struct vcp } void nvmx_update_secondary_exec_control(struct vcpu *v, - unsigned long value) + unsigned long host_cntrl) { u32 shadow_cntrl; struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v); + struct nestedvmx *nvmx = &vcpu_2_nvmx(v); shadow_cntrl = __get_vvmcs(nvcpu->nv_vvmcx, SECONDARY_VM_EXEC_CONTROL); - shadow_cntrl |= value; - set_shadow_control(v, SECONDARY_VM_EXEC_CONTROL, shadow_cntrl); + nvmx->ept.enabled = !!(shadow_cntrl & SECONDARY_EXEC_ENABLE_EPT); + shadow_cntrl |= host_cntrl; + __vmwrite(SECONDARY_VM_EXEC_CONTROL, shadow_cntrl); } static void nvmx_update_pin_control(struct vcpu *v, unsigned long host_cntrl) @@ -874,6 +886,16 @@ static void load_shadow_guest_state(stru /* TODO: CR3 target control */ } +uint64_t get_shadow_eptp(struct vcpu *v) +{ + uint64_t np2m_base = nvmx_vcpu_eptp_base(v); + struct p2m_domain *p2m = p2m_get_nestedp2m(v, np2m_base); + struct ept_data *ept = &p2m->ept; + + ept->asr = pagetable_get_pfn(p2m_get_pagetable(p2m)); + return ept_get_eptp(ept); +} + static void virtual_vmentry(struct cpu_user_regs *regs) { struct vcpu *v = current; @@ -918,7 +940,10 @@ static void virtual_vmentry(struct cpu_u /* updating host cr0 to sync TS bit */ __vmwrite(HOST_CR0, v->arch.hvm_vmx.host_cr0); - /* TODO: EPT_POINTER */ + /* Setup virtual ETP for L2 guest*/ + if ( nestedhvm_paging_mode_hap(v) ) + __vmwrite(EPT_POINTER, get_shadow_eptp(v)); + } static void sync_vvmcs_guest_state(struct vcpu *v, struct cpu_user_regs *regs) @@ -952,8 +977,8 @@ static void sync_vvmcs_ro(struct vcpu *v /* Adjust exit_reason/exit_qualifciation for violation case */ if ( __get_vvmcs(vvmcs, VM_EXIT_REASON) == EXIT_REASON_EPT_VIOLATION ) { - __set_vvmcs(vvmcs, EXIT_QUALIFICATION, nvmx->ept_exit.exit_qual); - __set_vvmcs(vvmcs, VM_EXIT_REASON, nvmx->ept_exit.exit_reason); + __set_vvmcs(vvmcs, EXIT_QUALIFICATION, nvmx->ept.exit_qual); + __set_vvmcs(vvmcs, VM_EXIT_REASON, nvmx->ept.exit_reason); } } @@ -1520,8 +1545,8 @@ nvmx_hap_walk_L1_p2m(struct vcpu *v, pad case EPT_TRANSLATE_VIOLATION: case EPT_TRANSLATE_MISCONFIG: rc = NESTEDHVM_PAGEFAULT_INJECT; - nvmx->ept_exit.exit_reason = exit_reason; - nvmx->ept_exit.exit_qual = exit_qual; + nvmx->ept.exit_reason = exit_reason; + nvmx->ept.exit_qual = exit_qual; break; case EPT_TRANSLATE_RETRY: rc = NESTEDHVM_PAGEFAULT_RETRY; diff -r 4056e5a3d815 -r 0d20a4939690 xen/include/asm-x86/hvm/vmx/vvmx.h --- a/xen/include/asm-x86/hvm/vmx/vvmx.h Tue Jan 15 11:17:01 2013 +0100 +++ b/xen/include/asm-x86/hvm/vmx/vvmx.h Tue Jan 15 11:18:46 2013 +0100 @@ -33,9 +33,10 @@ struct nestedvmx { u32 error_code; } intr; struct { + bool_t enabled; uint32_t exit_reason; uint32_t exit_qual; - } ept_exit; + } ept; }; #define vcpu_2_nvmx(v) (vcpu_nestedhvm(v).u.nvmx) @@ -110,6 +111,8 @@ int nvmx_intercepts_exception(struct vcp unsigned int trap, int error_code); void nvmx_domain_relinquish_resources(struct domain *d); +bool_t nvmx_ept_enabled(struct vcpu *v); + int nvmx_handle_vmxon(struct cpu_user_regs *regs); int nvmx_handle_vmxoff(struct cpu_user_regs *regs); @@ -178,6 +181,8 @@ enum vvmcs_encoding_type { u64 __get_vvmcs(void *vvmcs, u32 vmcs_encoding); void __set_vvmcs(void *vvmcs, u32 vmcs_encoding, u64 val); +uint64_t get_shadow_eptp(struct vcpu *v); + void nvmx_destroy_vmcs(struct vcpu *v); int nvmx_handle_vmptrld(struct cpu_user_regs *regs); int nvmx_handle_vmptrst(struct cpu_user_regs *regs); _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:38 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:38 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGa-0007jT-Tm; Wed, 16 Jan 2013 08:22:36 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGZ-0007eZ-2r for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:35 +0000 Received: from [193.109.254.147:16546] by server-14.bemta-14.messagelabs.com id 69/87-10022-A4366F05; Wed, 16 Jan 2013 08:22:34 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-6.tower-27.messagelabs.com!1358324548!3232646!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_DONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 3699 invoked from network); 16 Jan 2013 08:22:29 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-6.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:29 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGS-0003t1-NR for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:28 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGS-0000gd-Lm for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:28 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:28 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] nestedhap: Change nested p2m's walker to vendor-specific X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Zhang Xiantao # Date 1358244697 -3600 # Node ID eaeef464f3920c7ebd68a4d30813eee2763df70c # Parent 6f2697d51542d57fad8adee1341d60393bca0ad8 nestedhap: Change nested p2m's walker to vendor-specific EPT and NPT adopts differnt formats for each-level entry, so change the walker functions to vendor-specific. Signed-off-by: Zhang Xiantao Acked-by: Tim Deegan Acked-by: Jun Nakajima Acked-by: Eddie Dong Committed-by: Jan Beulich --- diff -r 6f2697d51542 -r eaeef464f392 xen/arch/x86/hvm/svm/nestedsvm.c --- a/xen/arch/x86/hvm/svm/nestedsvm.c Tue Jan 15 11:09:33 2013 +0100 +++ b/xen/arch/x86/hvm/svm/nestedsvm.c Tue Jan 15 11:11:37 2013 +0100 @@ -1171,6 +1171,36 @@ nsvm_vmcb_hap_enabled(struct vcpu *v) return vcpu_nestedsvm(v).ns_hap_enabled; } +/* This function uses L2_gpa to walk the P2M page table in L1. If the + * walk is successful, the translated value is returned in + * L1_gpa. The result value tells what to do next. + */ +int +nsvm_hap_walk_L1_p2m(struct vcpu *v, paddr_t L2_gpa, paddr_t *L1_gpa, + unsigned int *page_order, + bool_t access_r, bool_t access_w, bool_t access_x) +{ + uint32_t pfec; + unsigned long nested_cr3, gfn; + + nested_cr3 = nhvm_vcpu_p2m_base(v); + + pfec = PFEC_user_mode | PFEC_page_present; + if ( access_w ) + pfec |= PFEC_write_access; + if ( access_x ) + pfec |= PFEC_insn_fetch; + + /* Walk the guest-supplied NPT table, just as if it were a pagetable */ + gfn = paging_ga_to_gfn_cr3(v, nested_cr3, L2_gpa, &pfec, page_order); + + if ( gfn == INVALID_GFN ) + return NESTEDHVM_PAGEFAULT_INJECT; + + *L1_gpa = (gfn << PAGE_SHIFT) + (L2_gpa & ~PAGE_MASK); + return NESTEDHVM_PAGEFAULT_DONE; +} + enum hvm_intblk nsvm_intr_blocked(struct vcpu *v) { struct nestedsvm *svm = &vcpu_nestedsvm(v); diff -r 6f2697d51542 -r eaeef464f392 xen/arch/x86/hvm/svm/svm.c --- a/xen/arch/x86/hvm/svm/svm.c Tue Jan 15 11:09:33 2013 +0100 +++ b/xen/arch/x86/hvm/svm/svm.c Tue Jan 15 11:11:37 2013 +0100 @@ -2008,6 +2008,7 @@ static struct hvm_function_table __read_ .nhvm_vmcx_guest_intercepts_trap = nsvm_vmcb_guest_intercepts_trap, .nhvm_vmcx_hap_enabled = nsvm_vmcb_hap_enabled, .nhvm_intr_blocked = nsvm_intr_blocked, + .nhvm_hap_walk_L1_p2m = nsvm_hap_walk_L1_p2m, }; void svm_vmexit_handler(struct cpu_user_regs *regs) diff -r 6f2697d51542 -r eaeef464f392 xen/arch/x86/hvm/vmx/vmx.c --- a/xen/arch/x86/hvm/vmx/vmx.c Tue Jan 15 11:09:33 2013 +0100 +++ b/xen/arch/x86/hvm/vmx/vmx.c Tue Jan 15 11:11:37 2013 +0100 @@ -1511,7 +1511,8 @@ static struct hvm_function_table __read_ .nhvm_intr_blocked = nvmx_intr_blocked, .nhvm_domain_relinquish_resources = nvmx_domain_relinquish_resources, .update_eoi_exit_bitmap = vmx_update_eoi_exit_bitmap, - .virtual_intr_delivery_enabled = vmx_virtual_intr_delivery_enabled + .virtual_intr_delivery_enabled = vmx_virtual_intr_delivery_enabled, + .nhvm_hap_walk_L1_p2m = nvmx_hap_walk_L1_p2m, }; struct hvm_function_table * __init start_vmx(void) diff -r 6f2697d51542 -r eaeef464f392 xen/arch/x86/hvm/vmx/vvmx.c --- a/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 15 11:09:33 2013 +0100 +++ b/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 15 11:11:37 2013 +0100 @@ -1484,6 +1484,19 @@ int nvmx_msr_write_intercept(unsigned in return 1; } +/* This function uses L2_gpa to walk the P2M page table in L1. If the + * walk is successful, the translated value is returned in + * L1_gpa. The result value tells what to do next. + */ +int +nvmx_hap_walk_L1_p2m(struct vcpu *v, paddr_t L2_gpa, paddr_t *L1_gpa, + unsigned int *page_order, + bool_t access_r, bool_t access_w, bool_t access_x) +{ + /*TODO:*/ + return 0; +} + void nvmx_idtv_handling(void) { struct vcpu *v = current; diff -r 6f2697d51542 -r eaeef464f392 xen/arch/x86/mm/hap/nested_hap.c --- a/xen/arch/x86/mm/hap/nested_hap.c Tue Jan 15 11:09:33 2013 +0100 +++ b/xen/arch/x86/mm/hap/nested_hap.c Tue Jan 15 11:11:37 2013 +0100 @@ -137,6 +137,22 @@ nestedhap_fix_p2m(struct vcpu *v, struct } } +/* This function uses L2_gpa to walk the P2M page table in L1. If the + * walk is successful, the translated value is returned in + * L1_gpa. The result value tells what to do next. + */ +static int +nestedhap_walk_L1_p2m(struct vcpu *v, paddr_t L2_gpa, paddr_t *L1_gpa, + unsigned int *page_order, + bool_t access_r, bool_t access_w, bool_t access_x) +{ + ASSERT(hvm_funcs.nhvm_hap_walk_L1_p2m); + + return hvm_funcs.nhvm_hap_walk_L1_p2m(v, L2_gpa, L1_gpa, page_order, + access_r, access_w, access_x); +} + + /* This function uses L1_gpa to walk the P2M table in L0 hypervisor. If the * walk is successful, the translated value is returned in L0_gpa. The return * value tells the upper level what to do. @@ -176,36 +192,6 @@ out: return rc; } -/* This function uses L2_gpa to walk the P2M page table in L1. If the - * walk is successful, the translated value is returned in - * L1_gpa. The result value tells what to do next. - */ -static int -nestedhap_walk_L1_p2m(struct vcpu *v, paddr_t L2_gpa, paddr_t *L1_gpa, - unsigned int *page_order, - bool_t access_r, bool_t access_w, bool_t access_x) -{ - uint32_t pfec; - unsigned long nested_cr3, gfn; - - nested_cr3 = nhvm_vcpu_p2m_base(v); - - pfec = PFEC_user_mode | PFEC_page_present; - if (access_w) - pfec |= PFEC_write_access; - if (access_x) - pfec |= PFEC_insn_fetch; - - /* Walk the guest-supplied NPT table, just as if it were a pagetable */ - gfn = paging_ga_to_gfn_cr3(v, nested_cr3, L2_gpa, &pfec, page_order); - - if ( gfn == INVALID_GFN ) - return NESTEDHVM_PAGEFAULT_INJECT; - - *L1_gpa = (gfn << PAGE_SHIFT) + (L2_gpa & ~PAGE_MASK); - return NESTEDHVM_PAGEFAULT_DONE; -} - /* * The following function, nestedhap_page_fault(), is for steps (3)--(10). * diff -r 6f2697d51542 -r eaeef464f392 xen/include/asm-x86/hvm/hvm.h --- a/xen/include/asm-x86/hvm/hvm.h Tue Jan 15 11:09:33 2013 +0100 +++ b/xen/include/asm-x86/hvm/hvm.h Tue Jan 15 11:11:37 2013 +0100 @@ -183,6 +183,12 @@ struct hvm_function_table { /* Virtual interrupt delivery */ void (*update_eoi_exit_bitmap)(struct vcpu *v, u8 vector, u8 trig); int (*virtual_intr_delivery_enabled)(void); + + /*Walk nested p2m */ + int (*nhvm_hap_walk_L1_p2m)(struct vcpu *v, paddr_t L2_gpa, + paddr_t *L1_gpa, unsigned int *page_order, + bool_t access_r, bool_t access_w, + bool_t access_x); }; extern struct hvm_function_table hvm_funcs; diff -r 6f2697d51542 -r eaeef464f392 xen/include/asm-x86/hvm/svm/nestedsvm.h --- a/xen/include/asm-x86/hvm/svm/nestedsvm.h Tue Jan 15 11:09:33 2013 +0100 +++ b/xen/include/asm-x86/hvm/svm/nestedsvm.h Tue Jan 15 11:11:37 2013 +0100 @@ -133,6 +133,9 @@ int nsvm_wrmsr(struct vcpu *v, unsigned void svm_vmexit_do_clgi(struct cpu_user_regs *regs, struct vcpu *v); void svm_vmexit_do_stgi(struct cpu_user_regs *regs, struct vcpu *v); bool_t nestedsvm_gif_isset(struct vcpu *v); +int nsvm_hap_walk_L1_p2m(struct vcpu *v, paddr_t L2_gpa, paddr_t *L1_gpa, + unsigned int *page_order, + bool_t access_r, bool_t access_w, bool_t access_x); #define NSVM_INTR_NOTHANDLED 3 #define NSVM_INTR_NOTINTERCEPTED 2 diff -r 6f2697d51542 -r eaeef464f392 xen/include/asm-x86/hvm/vmx/vvmx.h --- a/xen/include/asm-x86/hvm/vmx/vvmx.h Tue Jan 15 11:09:33 2013 +0100 +++ b/xen/include/asm-x86/hvm/vmx/vvmx.h Tue Jan 15 11:11:37 2013 +0100 @@ -108,6 +108,11 @@ void nvmx_domain_relinquish_resources(st int nvmx_handle_vmxon(struct cpu_user_regs *regs); int nvmx_handle_vmxoff(struct cpu_user_regs *regs); + +int +nvmx_hap_walk_L1_p2m(struct vcpu *v, paddr_t L2_gpa, paddr_t *L1_gpa, + unsigned int *page_order, + bool_t access_r, bool_t access_w, bool_t access_x); /* * Virtual VMCS layout * _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:38 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:38 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGa-0007jT-Tm; Wed, 16 Jan 2013 08:22:36 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGZ-0007eZ-2r for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:35 +0000 Received: from [193.109.254.147:16546] by server-14.bemta-14.messagelabs.com id 69/87-10022-A4366F05; Wed, 16 Jan 2013 08:22:34 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-6.tower-27.messagelabs.com!1358324548!3232646!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_DONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 3699 invoked from network); 16 Jan 2013 08:22:29 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-6.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:29 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGS-0003t1-NR for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:28 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGS-0000gd-Lm for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:28 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:28 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] nestedhap: Change nested p2m's walker to vendor-specific X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Zhang Xiantao # Date 1358244697 -3600 # Node ID eaeef464f3920c7ebd68a4d30813eee2763df70c # Parent 6f2697d51542d57fad8adee1341d60393bca0ad8 nestedhap: Change nested p2m's walker to vendor-specific EPT and NPT adopts differnt formats for each-level entry, so change the walker functions to vendor-specific. Signed-off-by: Zhang Xiantao Acked-by: Tim Deegan Acked-by: Jun Nakajima Acked-by: Eddie Dong Committed-by: Jan Beulich --- diff -r 6f2697d51542 -r eaeef464f392 xen/arch/x86/hvm/svm/nestedsvm.c --- a/xen/arch/x86/hvm/svm/nestedsvm.c Tue Jan 15 11:09:33 2013 +0100 +++ b/xen/arch/x86/hvm/svm/nestedsvm.c Tue Jan 15 11:11:37 2013 +0100 @@ -1171,6 +1171,36 @@ nsvm_vmcb_hap_enabled(struct vcpu *v) return vcpu_nestedsvm(v).ns_hap_enabled; } +/* This function uses L2_gpa to walk the P2M page table in L1. If the + * walk is successful, the translated value is returned in + * L1_gpa. The result value tells what to do next. + */ +int +nsvm_hap_walk_L1_p2m(struct vcpu *v, paddr_t L2_gpa, paddr_t *L1_gpa, + unsigned int *page_order, + bool_t access_r, bool_t access_w, bool_t access_x) +{ + uint32_t pfec; + unsigned long nested_cr3, gfn; + + nested_cr3 = nhvm_vcpu_p2m_base(v); + + pfec = PFEC_user_mode | PFEC_page_present; + if ( access_w ) + pfec |= PFEC_write_access; + if ( access_x ) + pfec |= PFEC_insn_fetch; + + /* Walk the guest-supplied NPT table, just as if it were a pagetable */ + gfn = paging_ga_to_gfn_cr3(v, nested_cr3, L2_gpa, &pfec, page_order); + + if ( gfn == INVALID_GFN ) + return NESTEDHVM_PAGEFAULT_INJECT; + + *L1_gpa = (gfn << PAGE_SHIFT) + (L2_gpa & ~PAGE_MASK); + return NESTEDHVM_PAGEFAULT_DONE; +} + enum hvm_intblk nsvm_intr_blocked(struct vcpu *v) { struct nestedsvm *svm = &vcpu_nestedsvm(v); diff -r 6f2697d51542 -r eaeef464f392 xen/arch/x86/hvm/svm/svm.c --- a/xen/arch/x86/hvm/svm/svm.c Tue Jan 15 11:09:33 2013 +0100 +++ b/xen/arch/x86/hvm/svm/svm.c Tue Jan 15 11:11:37 2013 +0100 @@ -2008,6 +2008,7 @@ static struct hvm_function_table __read_ .nhvm_vmcx_guest_intercepts_trap = nsvm_vmcb_guest_intercepts_trap, .nhvm_vmcx_hap_enabled = nsvm_vmcb_hap_enabled, .nhvm_intr_blocked = nsvm_intr_blocked, + .nhvm_hap_walk_L1_p2m = nsvm_hap_walk_L1_p2m, }; void svm_vmexit_handler(struct cpu_user_regs *regs) diff -r 6f2697d51542 -r eaeef464f392 xen/arch/x86/hvm/vmx/vmx.c --- a/xen/arch/x86/hvm/vmx/vmx.c Tue Jan 15 11:09:33 2013 +0100 +++ b/xen/arch/x86/hvm/vmx/vmx.c Tue Jan 15 11:11:37 2013 +0100 @@ -1511,7 +1511,8 @@ static struct hvm_function_table __read_ .nhvm_intr_blocked = nvmx_intr_blocked, .nhvm_domain_relinquish_resources = nvmx_domain_relinquish_resources, .update_eoi_exit_bitmap = vmx_update_eoi_exit_bitmap, - .virtual_intr_delivery_enabled = vmx_virtual_intr_delivery_enabled + .virtual_intr_delivery_enabled = vmx_virtual_intr_delivery_enabled, + .nhvm_hap_walk_L1_p2m = nvmx_hap_walk_L1_p2m, }; struct hvm_function_table * __init start_vmx(void) diff -r 6f2697d51542 -r eaeef464f392 xen/arch/x86/hvm/vmx/vvmx.c --- a/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 15 11:09:33 2013 +0100 +++ b/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 15 11:11:37 2013 +0100 @@ -1484,6 +1484,19 @@ int nvmx_msr_write_intercept(unsigned in return 1; } +/* This function uses L2_gpa to walk the P2M page table in L1. If the + * walk is successful, the translated value is returned in + * L1_gpa. The result value tells what to do next. + */ +int +nvmx_hap_walk_L1_p2m(struct vcpu *v, paddr_t L2_gpa, paddr_t *L1_gpa, + unsigned int *page_order, + bool_t access_r, bool_t access_w, bool_t access_x) +{ + /*TODO:*/ + return 0; +} + void nvmx_idtv_handling(void) { struct vcpu *v = current; diff -r 6f2697d51542 -r eaeef464f392 xen/arch/x86/mm/hap/nested_hap.c --- a/xen/arch/x86/mm/hap/nested_hap.c Tue Jan 15 11:09:33 2013 +0100 +++ b/xen/arch/x86/mm/hap/nested_hap.c Tue Jan 15 11:11:37 2013 +0100 @@ -137,6 +137,22 @@ nestedhap_fix_p2m(struct vcpu *v, struct } } +/* This function uses L2_gpa to walk the P2M page table in L1. If the + * walk is successful, the translated value is returned in + * L1_gpa. The result value tells what to do next. + */ +static int +nestedhap_walk_L1_p2m(struct vcpu *v, paddr_t L2_gpa, paddr_t *L1_gpa, + unsigned int *page_order, + bool_t access_r, bool_t access_w, bool_t access_x) +{ + ASSERT(hvm_funcs.nhvm_hap_walk_L1_p2m); + + return hvm_funcs.nhvm_hap_walk_L1_p2m(v, L2_gpa, L1_gpa, page_order, + access_r, access_w, access_x); +} + + /* This function uses L1_gpa to walk the P2M table in L0 hypervisor. If the * walk is successful, the translated value is returned in L0_gpa. The return * value tells the upper level what to do. @@ -176,36 +192,6 @@ out: return rc; } -/* This function uses L2_gpa to walk the P2M page table in L1. If the - * walk is successful, the translated value is returned in - * L1_gpa. The result value tells what to do next. - */ -static int -nestedhap_walk_L1_p2m(struct vcpu *v, paddr_t L2_gpa, paddr_t *L1_gpa, - unsigned int *page_order, - bool_t access_r, bool_t access_w, bool_t access_x) -{ - uint32_t pfec; - unsigned long nested_cr3, gfn; - - nested_cr3 = nhvm_vcpu_p2m_base(v); - - pfec = PFEC_user_mode | PFEC_page_present; - if (access_w) - pfec |= PFEC_write_access; - if (access_x) - pfec |= PFEC_insn_fetch; - - /* Walk the guest-supplied NPT table, just as if it were a pagetable */ - gfn = paging_ga_to_gfn_cr3(v, nested_cr3, L2_gpa, &pfec, page_order); - - if ( gfn == INVALID_GFN ) - return NESTEDHVM_PAGEFAULT_INJECT; - - *L1_gpa = (gfn << PAGE_SHIFT) + (L2_gpa & ~PAGE_MASK); - return NESTEDHVM_PAGEFAULT_DONE; -} - /* * The following function, nestedhap_page_fault(), is for steps (3)--(10). * diff -r 6f2697d51542 -r eaeef464f392 xen/include/asm-x86/hvm/hvm.h --- a/xen/include/asm-x86/hvm/hvm.h Tue Jan 15 11:09:33 2013 +0100 +++ b/xen/include/asm-x86/hvm/hvm.h Tue Jan 15 11:11:37 2013 +0100 @@ -183,6 +183,12 @@ struct hvm_function_table { /* Virtual interrupt delivery */ void (*update_eoi_exit_bitmap)(struct vcpu *v, u8 vector, u8 trig); int (*virtual_intr_delivery_enabled)(void); + + /*Walk nested p2m */ + int (*nhvm_hap_walk_L1_p2m)(struct vcpu *v, paddr_t L2_gpa, + paddr_t *L1_gpa, unsigned int *page_order, + bool_t access_r, bool_t access_w, + bool_t access_x); }; extern struct hvm_function_table hvm_funcs; diff -r 6f2697d51542 -r eaeef464f392 xen/include/asm-x86/hvm/svm/nestedsvm.h --- a/xen/include/asm-x86/hvm/svm/nestedsvm.h Tue Jan 15 11:09:33 2013 +0100 +++ b/xen/include/asm-x86/hvm/svm/nestedsvm.h Tue Jan 15 11:11:37 2013 +0100 @@ -133,6 +133,9 @@ int nsvm_wrmsr(struct vcpu *v, unsigned void svm_vmexit_do_clgi(struct cpu_user_regs *regs, struct vcpu *v); void svm_vmexit_do_stgi(struct cpu_user_regs *regs, struct vcpu *v); bool_t nestedsvm_gif_isset(struct vcpu *v); +int nsvm_hap_walk_L1_p2m(struct vcpu *v, paddr_t L2_gpa, paddr_t *L1_gpa, + unsigned int *page_order, + bool_t access_r, bool_t access_w, bool_t access_x); #define NSVM_INTR_NOTHANDLED 3 #define NSVM_INTR_NOTINTERCEPTED 2 diff -r 6f2697d51542 -r eaeef464f392 xen/include/asm-x86/hvm/vmx/vvmx.h --- a/xen/include/asm-x86/hvm/vmx/vvmx.h Tue Jan 15 11:09:33 2013 +0100 +++ b/xen/include/asm-x86/hvm/vmx/vvmx.h Tue Jan 15 11:11:37 2013 +0100 @@ -108,6 +108,11 @@ void nvmx_domain_relinquish_resources(st int nvmx_handle_vmxon(struct cpu_user_regs *regs); int nvmx_handle_vmxoff(struct cpu_user_regs *regs); + +int +nvmx_hap_walk_L1_p2m(struct vcpu *v, paddr_t L2_gpa, paddr_t *L1_gpa, + unsigned int *page_order, + bool_t access_r, bool_t access_w, bool_t access_x); /* * Virtual VMCS layout * _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:38 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:38 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGc-0007lk-8X; Wed, 16 Jan 2013 08:22:38 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGZ-0007fC-EE for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:35 +0000 Received: from [193.109.254.147:16583] by server-10.bemta-14.messagelabs.com id BC/2F-13263-A4366F05; Wed, 16 Jan 2013 08:22:34 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-8.tower-27.messagelabs.com!1358324553!8741908!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_DONG,UPPERCASE_25_50 X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 7499 invoked from network); 16 Jan 2013 08:22:33 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-8.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:33 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGW-0003tV-TU for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:32 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGW-0000id-SQ for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:32 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:32 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] nEPT: Expose EPT & VPID capablities to L1 VMM X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Zhang Xiantao # Date 1358246021 -3600 # Node ID 78ed15cfd96aba346030df399ae04dd196475267 # Parent 6c982d14bc4a5aa9dcc119ac49938269799d414e nEPT: Expose EPT & VPID capablities to L1 VMM Expose EPT's and VPID 's basic features to L1 VMM. For EPT, no EPT A/D bit feature supported. For VPID, exposes all features to L1 VMM Signed-off-by: Zhang Xiantao Acked-by: Tim Deegan Acked-by: Jun Nakajima Acked-by: Eddie Dong Committed-by: Jan Beulich --- diff -r 6c982d14bc4a -r 78ed15cfd96a xen/arch/x86/hvm/vmx/vvmx.c --- a/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 15 11:30:50 2013 +0100 +++ b/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 15 11:33:41 2013 +0100 @@ -1513,6 +1513,8 @@ int nvmx_msr_read_intercept(unsigned int break; case MSR_IA32_VMX_PROCBASED_CTLS: case MSR_IA32_VMX_TRUE_PROCBASED_CTLS: + { + u32 default1_bits = VMX_PROCBASED_CTLS_DEFAULT1; /* 1-seetings */ data = CPU_BASED_HLT_EXITING | CPU_BASED_VIRTUAL_INTR_PENDING | @@ -1535,12 +1537,21 @@ int nvmx_msr_read_intercept(unsigned int CPU_BASED_RDPMC_EXITING | CPU_BASED_TPR_SHADOW | CPU_BASED_ACTIVATE_SECONDARY_CONTROLS; - data = gen_vmx_msr(data, VMX_PROCBASED_CTLS_DEFAULT1, host_data); + + if ( msr == MSR_IA32_VMX_TRUE_PROCBASED_CTLS ) + default1_bits &= ~(CPU_BASED_CR3_LOAD_EXITING | + CPU_BASED_CR3_STORE_EXITING | + CPU_BASED_INVLPG_EXITING); + + data = gen_vmx_msr(data, default1_bits, host_data); break; + } case MSR_IA32_VMX_PROCBASED_CTLS2: /* 1-seetings */ data = SECONDARY_EXEC_DESCRIPTOR_TABLE_EXITING | - SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES; + SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES | + SECONDARY_EXEC_ENABLE_VPID | + SECONDARY_EXEC_ENABLE_EPT; data = gen_vmx_msr(data, 0, host_data); break; case MSR_IA32_VMX_EXIT_CTLS: @@ -1594,6 +1605,9 @@ int nvmx_msr_read_intercept(unsigned int /* Do not support CR3-target feature now */ data = host_data & ~VMX_MISC_CR3_TARGET; break; + case MSR_IA32_VMX_EPT_VPID_CAP: + data = nept_get_ept_vpid_cap(); + break; default: r = 0; break; diff -r 6c982d14bc4a -r 78ed15cfd96a xen/arch/x86/mm/hap/nested_ept.c --- a/xen/arch/x86/mm/hap/nested_ept.c Tue Jan 15 11:30:50 2013 +0100 +++ b/xen/arch/x86/mm/hap/nested_ept.c Tue Jan 15 11:33:41 2013 +0100 @@ -43,12 +43,17 @@ #define EPT_MUST_RSV_BITS (((1ull << PADDR_BITS) - 1) & \ ~((1ull << paddr_bits) - 1)) -/* - *TODO: Just leave it as 0 here for compile pass, will - * define real capabilities in the subsequent patches. - */ -#define NEPT_VPID_CAP_BITS 0 +#define NEPT_CAP_BITS \ + (VMX_EPT_INVEPT_ALL_CONTEXT | VMX_EPT_INVEPT_SINGLE_CONTEXT | \ + VMX_EPT_INVEPT_INSTRUCTION | VMX_EPT_SUPERPAGE_1GB | \ + VMX_EPT_SUPERPAGE_2MB | VMX_EPT_MEMORY_TYPE_WB | \ + VMX_EPT_MEMORY_TYPE_UC | VMX_EPT_WALK_LENGTH_4_SUPPORTED | \ + VMX_EPT_EXEC_ONLY_SUPPORTED) +#define NVPID_CAP_BITS \ + (VMX_VPID_INVVPID_INSTRUCTION | VMX_VPID_INVVPID_INDIVIDUAL_ADDR | \ + VMX_VPID_INVVPID_SINGLE_CONTEXT | VMX_VPID_INVVPID_ALL_CONTEXT | \ + VMX_VPID_INVVPID_SINGLE_CONTEXT_RETAINING_GLOBAL) #define NEPT_1G_ENTRY_FLAG (1 << 11) #define NEPT_2M_ENTRY_FLAG (1 << 10) @@ -111,10 +116,15 @@ static bool_t nept_non_present_check(ept uint64_t nept_get_ept_vpid_cap(void) { - uint64_t caps = NEPT_VPID_CAP_BITS; + uint64_t caps = 0; + if ( cpu_has_vmx_ept ) + caps |= NEPT_CAP_BITS; if ( !cpu_has_vmx_ept_exec_only_supported ) caps &= ~VMX_EPT_EXEC_ONLY_SUPPORTED; + if ( cpu_has_vmx_vpid ) + caps |= NVPID_CAP_BITS; + return caps; } diff -r 6c982d14bc4a -r 78ed15cfd96a xen/include/asm-x86/hvm/vmx/vvmx.h --- a/xen/include/asm-x86/hvm/vmx/vvmx.h Tue Jan 15 11:30:50 2013 +0100 +++ b/xen/include/asm-x86/hvm/vmx/vvmx.h Tue Jan 15 11:33:41 2013 +0100 @@ -209,6 +209,8 @@ u64 nvmx_get_tsc_offset(struct vcpu *v); int nvmx_n2_vmexit_handler(struct cpu_user_regs *regs, unsigned int exit_reason); +uint64_t nept_get_ept_vpid_cap(void); + int nept_translate_l2ga(struct vcpu *v, paddr_t l2ga, unsigned int *page_order, uint32_t rwx_acc, unsigned long *l1gfn, uint8_t *p2m_acc, _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:38 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:38 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGc-0007lk-8X; Wed, 16 Jan 2013 08:22:38 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGZ-0007fC-EE for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:35 +0000 Received: from [193.109.254.147:16583] by server-10.bemta-14.messagelabs.com id BC/2F-13263-A4366F05; Wed, 16 Jan 2013 08:22:34 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-8.tower-27.messagelabs.com!1358324553!8741908!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_DONG,UPPERCASE_25_50 X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 7499 invoked from network); 16 Jan 2013 08:22:33 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-8.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:33 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGW-0003tV-TU for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:32 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGW-0000id-SQ for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:32 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:32 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] nEPT: Expose EPT & VPID capablities to L1 VMM X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Zhang Xiantao # Date 1358246021 -3600 # Node ID 78ed15cfd96aba346030df399ae04dd196475267 # Parent 6c982d14bc4a5aa9dcc119ac49938269799d414e nEPT: Expose EPT & VPID capablities to L1 VMM Expose EPT's and VPID 's basic features to L1 VMM. For EPT, no EPT A/D bit feature supported. For VPID, exposes all features to L1 VMM Signed-off-by: Zhang Xiantao Acked-by: Tim Deegan Acked-by: Jun Nakajima Acked-by: Eddie Dong Committed-by: Jan Beulich --- diff -r 6c982d14bc4a -r 78ed15cfd96a xen/arch/x86/hvm/vmx/vvmx.c --- a/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 15 11:30:50 2013 +0100 +++ b/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 15 11:33:41 2013 +0100 @@ -1513,6 +1513,8 @@ int nvmx_msr_read_intercept(unsigned int break; case MSR_IA32_VMX_PROCBASED_CTLS: case MSR_IA32_VMX_TRUE_PROCBASED_CTLS: + { + u32 default1_bits = VMX_PROCBASED_CTLS_DEFAULT1; /* 1-seetings */ data = CPU_BASED_HLT_EXITING | CPU_BASED_VIRTUAL_INTR_PENDING | @@ -1535,12 +1537,21 @@ int nvmx_msr_read_intercept(unsigned int CPU_BASED_RDPMC_EXITING | CPU_BASED_TPR_SHADOW | CPU_BASED_ACTIVATE_SECONDARY_CONTROLS; - data = gen_vmx_msr(data, VMX_PROCBASED_CTLS_DEFAULT1, host_data); + + if ( msr == MSR_IA32_VMX_TRUE_PROCBASED_CTLS ) + default1_bits &= ~(CPU_BASED_CR3_LOAD_EXITING | + CPU_BASED_CR3_STORE_EXITING | + CPU_BASED_INVLPG_EXITING); + + data = gen_vmx_msr(data, default1_bits, host_data); break; + } case MSR_IA32_VMX_PROCBASED_CTLS2: /* 1-seetings */ data = SECONDARY_EXEC_DESCRIPTOR_TABLE_EXITING | - SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES; + SECONDARY_EXEC_VIRTUALIZE_APIC_ACCESSES | + SECONDARY_EXEC_ENABLE_VPID | + SECONDARY_EXEC_ENABLE_EPT; data = gen_vmx_msr(data, 0, host_data); break; case MSR_IA32_VMX_EXIT_CTLS: @@ -1594,6 +1605,9 @@ int nvmx_msr_read_intercept(unsigned int /* Do not support CR3-target feature now */ data = host_data & ~VMX_MISC_CR3_TARGET; break; + case MSR_IA32_VMX_EPT_VPID_CAP: + data = nept_get_ept_vpid_cap(); + break; default: r = 0; break; diff -r 6c982d14bc4a -r 78ed15cfd96a xen/arch/x86/mm/hap/nested_ept.c --- a/xen/arch/x86/mm/hap/nested_ept.c Tue Jan 15 11:30:50 2013 +0100 +++ b/xen/arch/x86/mm/hap/nested_ept.c Tue Jan 15 11:33:41 2013 +0100 @@ -43,12 +43,17 @@ #define EPT_MUST_RSV_BITS (((1ull << PADDR_BITS) - 1) & \ ~((1ull << paddr_bits) - 1)) -/* - *TODO: Just leave it as 0 here for compile pass, will - * define real capabilities in the subsequent patches. - */ -#define NEPT_VPID_CAP_BITS 0 +#define NEPT_CAP_BITS \ + (VMX_EPT_INVEPT_ALL_CONTEXT | VMX_EPT_INVEPT_SINGLE_CONTEXT | \ + VMX_EPT_INVEPT_INSTRUCTION | VMX_EPT_SUPERPAGE_1GB | \ + VMX_EPT_SUPERPAGE_2MB | VMX_EPT_MEMORY_TYPE_WB | \ + VMX_EPT_MEMORY_TYPE_UC | VMX_EPT_WALK_LENGTH_4_SUPPORTED | \ + VMX_EPT_EXEC_ONLY_SUPPORTED) +#define NVPID_CAP_BITS \ + (VMX_VPID_INVVPID_INSTRUCTION | VMX_VPID_INVVPID_INDIVIDUAL_ADDR | \ + VMX_VPID_INVVPID_SINGLE_CONTEXT | VMX_VPID_INVVPID_ALL_CONTEXT | \ + VMX_VPID_INVVPID_SINGLE_CONTEXT_RETAINING_GLOBAL) #define NEPT_1G_ENTRY_FLAG (1 << 11) #define NEPT_2M_ENTRY_FLAG (1 << 10) @@ -111,10 +116,15 @@ static bool_t nept_non_present_check(ept uint64_t nept_get_ept_vpid_cap(void) { - uint64_t caps = NEPT_VPID_CAP_BITS; + uint64_t caps = 0; + if ( cpu_has_vmx_ept ) + caps |= NEPT_CAP_BITS; if ( !cpu_has_vmx_ept_exec_only_supported ) caps &= ~VMX_EPT_EXEC_ONLY_SUPPORTED; + if ( cpu_has_vmx_vpid ) + caps |= NVPID_CAP_BITS; + return caps; } diff -r 6c982d14bc4a -r 78ed15cfd96a xen/include/asm-x86/hvm/vmx/vvmx.h --- a/xen/include/asm-x86/hvm/vmx/vvmx.h Tue Jan 15 11:30:50 2013 +0100 +++ b/xen/include/asm-x86/hvm/vmx/vvmx.h Tue Jan 15 11:33:41 2013 +0100 @@ -209,6 +209,8 @@ u64 nvmx_get_tsc_offset(struct vcpu *v); int nvmx_n2_vmexit_handler(struct cpu_user_regs *regs, unsigned int exit_reason); +uint64_t nept_get_ept_vpid_cap(void); + int nept_translate_l2ga(struct vcpu *v, paddr_t l2ga, unsigned int *page_order, uint32_t rwx_acc, unsigned long *l1gfn, uint8_t *p2m_acc, _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:39 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:39 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGd-0007oS-8R; Wed, 16 Jan 2013 08:22:39 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGa-0007hQ-Gr for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:36 +0000 Received: from [85.158.143.35:34962] by server-1.bemta-4.messagelabs.com id A1/84-18740-B4366F05; Wed, 16 Jan 2013 08:22:35 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-6.tower-21.messagelabs.com!1358324548!15683247!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_DONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 19354 invoked from network); 16 Jan 2013 08:22:29 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-6.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:29 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGS-0003su-5b for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:28 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGS-0000gL-4V for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:28 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:27 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] nestedhap: Change hostcr3 and p2m->cr3 to meaningful words X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Zhang Xiantao # Date 1358244573 -3600 # Node ID 6f2697d51542d57fad8adee1341d60393bca0ad8 # Parent 21a2ecc7318344ffe6e73018c6230292496bb6b7 nestedhap: Change hostcr3 and p2m->cr3 to meaningful words VMX doesn't have the concept about host cr3 for nested p2m, and only SVM has, so change it to netural words. Signed-off-by: Zhang Xiantao Acked-by: Tim Deegan Acked-by: Jun Nakajima Acked-by: Eddie Dong Committed-by: Jan Beulich --- diff -r 21a2ecc73183 -r 6f2697d51542 xen/arch/x86/hvm/hvm.c --- a/xen/arch/x86/hvm/hvm.c Mon Jan 14 16:47:22 2013 +0000 +++ b/xen/arch/x86/hvm/hvm.c Tue Jan 15 11:09:33 2013 +0100 @@ -4538,10 +4538,10 @@ uint64_t nhvm_vcpu_guestcr3(struct vcpu return -EOPNOTSUPP; } -uint64_t nhvm_vcpu_hostcr3(struct vcpu *v) +uint64_t nhvm_vcpu_p2m_base(struct vcpu *v) { - if (hvm_funcs.nhvm_vcpu_hostcr3) - return hvm_funcs.nhvm_vcpu_hostcr3(v); + if ( hvm_funcs.nhvm_vcpu_p2m_base ) + return hvm_funcs.nhvm_vcpu_p2m_base(v); return -EOPNOTSUPP; } diff -r 21a2ecc73183 -r 6f2697d51542 xen/arch/x86/hvm/svm/svm.c --- a/xen/arch/x86/hvm/svm/svm.c Mon Jan 14 16:47:22 2013 +0000 +++ b/xen/arch/x86/hvm/svm/svm.c Tue Jan 15 11:09:33 2013 +0100 @@ -2003,7 +2003,7 @@ static struct hvm_function_table __read_ .nhvm_vcpu_vmexit = nsvm_vcpu_vmexit_inject, .nhvm_vcpu_vmexit_trap = nsvm_vcpu_vmexit_trap, .nhvm_vcpu_guestcr3 = nsvm_vcpu_guestcr3, - .nhvm_vcpu_hostcr3 = nsvm_vcpu_hostcr3, + .nhvm_vcpu_p2m_base = nsvm_vcpu_hostcr3, .nhvm_vcpu_asid = nsvm_vcpu_asid, .nhvm_vmcx_guest_intercepts_trap = nsvm_vmcb_guest_intercepts_trap, .nhvm_vmcx_hap_enabled = nsvm_vmcb_hap_enabled, diff -r 21a2ecc73183 -r 6f2697d51542 xen/arch/x86/hvm/vmx/vmx.c --- a/xen/arch/x86/hvm/vmx/vmx.c Mon Jan 14 16:47:22 2013 +0000 +++ b/xen/arch/x86/hvm/vmx/vmx.c Tue Jan 15 11:09:33 2013 +0100 @@ -1504,7 +1504,7 @@ static struct hvm_function_table __read_ .nhvm_vcpu_destroy = nvmx_vcpu_destroy, .nhvm_vcpu_reset = nvmx_vcpu_reset, .nhvm_vcpu_guestcr3 = nvmx_vcpu_guestcr3, - .nhvm_vcpu_hostcr3 = nvmx_vcpu_hostcr3, + .nhvm_vcpu_p2m_base = nvmx_vcpu_eptp_base, .nhvm_vcpu_asid = nvmx_vcpu_asid, .nhvm_vmcx_guest_intercepts_trap = nvmx_intercepts_exception, .nhvm_vcpu_vmexit_trap = nvmx_vmexit_trap, diff -r 21a2ecc73183 -r 6f2697d51542 xen/arch/x86/hvm/vmx/vvmx.c --- a/xen/arch/x86/hvm/vmx/vvmx.c Mon Jan 14 16:47:22 2013 +0000 +++ b/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 15 11:09:33 2013 +0100 @@ -94,7 +94,7 @@ uint64_t nvmx_vcpu_guestcr3(struct vcpu return 0; } -uint64_t nvmx_vcpu_hostcr3(struct vcpu *v) +uint64_t nvmx_vcpu_eptp_base(struct vcpu *v) { /* TODO */ ASSERT(0); diff -r 21a2ecc73183 -r 6f2697d51542 xen/arch/x86/mm/hap/nested_hap.c --- a/xen/arch/x86/mm/hap/nested_hap.c Mon Jan 14 16:47:22 2013 +0000 +++ b/xen/arch/x86/mm/hap/nested_hap.c Tue Jan 15 11:09:33 2013 +0100 @@ -48,9 +48,11 @@ * 1. If #NPF is from L1 guest, then we crash the guest VM (same as old * code) * 2. If #NPF is from L2 guest, then we continue from (3) - * 3. Get h_cr3 from L1 guest. Map h_cr3 into L0 hypervisor address space. - * 4. Walk the h_cr3 page table - * 5. - if not present, then we inject #NPF back to L1 guest and + * 3. Get np2m base from L1 guest. Map np2m base into L0 hypervisor address + * space. + * 4. Walk the np2m's page table + * 5. - if not present or permission check failure, then we inject #NPF + * back to L1 guest and * re-launch L1 guest (L1 guest will either treat this #NPF as MMIO, * or fix its p2m table for L2 guest) * 6. - if present, then we will get the a new translated value L1-GPA @@ -89,7 +91,7 @@ nestedp2m_write_p2m_entry(struct p2m_dom if (old_flags & _PAGE_PRESENT) flush_tlb_mask(p2m->dirty_cpumask); - + paging_unlock(d); } @@ -110,7 +112,7 @@ nestedhap_fix_p2m(struct vcpu *v, struct /* If this p2m table has been flushed or recycled under our feet, * leave it alone. We'll pick up the right one as we try to * vmenter the guest. */ - if ( p2m->cr3 == nhvm_vcpu_hostcr3(v) ) + if ( p2m->np2m_base == nhvm_vcpu_p2m_base(v) ) { unsigned long gfn, mask; mfn_t mfn; @@ -186,7 +188,7 @@ nestedhap_walk_L1_p2m(struct vcpu *v, pa uint32_t pfec; unsigned long nested_cr3, gfn; - nested_cr3 = nhvm_vcpu_hostcr3(v); + nested_cr3 = nhvm_vcpu_p2m_base(v); pfec = PFEC_user_mode | PFEC_page_present; if (access_w) @@ -221,7 +223,7 @@ nestedhvm_hap_nested_page_fault(struct v p2m_type_t p2mt_10; p2m = p2m_get_hostp2m(d); /* L0 p2m */ - nested_p2m = p2m_get_nestedp2m(v, nhvm_vcpu_hostcr3(v)); + nested_p2m = p2m_get_nestedp2m(v, nhvm_vcpu_p2m_base(v)); /* walk the L1 P2M table */ rv = nestedhap_walk_L1_p2m(v, *L2_gpa, &L1_gpa, &page_order_21, diff -r 21a2ecc73183 -r 6f2697d51542 xen/arch/x86/mm/mm-locks.h --- a/xen/arch/x86/mm/mm-locks.h Mon Jan 14 16:47:22 2013 +0000 +++ b/xen/arch/x86/mm/mm-locks.h Tue Jan 15 11:09:33 2013 +0100 @@ -249,7 +249,7 @@ declare_mm_order_constraint(per_page_sha * A per-domain lock that protects the mapping from nested-CR3 to * nested-p2m. In particular it covers: * - the array of nested-p2m tables, and all LRU activity therein; and - * - setting the "cr3" field of any p2m table to a non-CR3_EADDR value. + * - setting the "cr3" field of any p2m table to a non-P2M_BASE_EAADR value. * (i.e. assigning a p2m table to be the shadow of that cr3 */ /* PoD lock (per-p2m-table) diff -r 21a2ecc73183 -r 6f2697d51542 xen/arch/x86/mm/p2m.c --- a/xen/arch/x86/mm/p2m.c Mon Jan 14 16:47:22 2013 +0000 +++ b/xen/arch/x86/mm/p2m.c Tue Jan 15 11:09:33 2013 +0100 @@ -69,7 +69,7 @@ static void p2m_initialise(struct domain p2m->domain = d; p2m->default_access = p2m_access_rwx; - p2m->cr3 = CR3_EADDR; + p2m->np2m_base = P2M_BASE_EADDR; if ( hap_enabled(d) && cpu_has_vmx ) ept_p2m_init(p2m); @@ -1433,7 +1433,7 @@ p2m_flush_table(struct p2m_domain *p2m) ASSERT(page_list_empty(&p2m->pod.single)); /* This is no longer a valid nested p2m for any address space */ - p2m->cr3 = CR3_EADDR; + p2m->np2m_base = P2M_BASE_EADDR; /* Zap the top level of the trie */ top = mfn_to_page(pagetable_get_mfn(p2m_get_pagetable(p2m))); @@ -1471,7 +1471,7 @@ p2m_flush_nestedp2m(struct domain *d) } struct p2m_domain * -p2m_get_nestedp2m(struct vcpu *v, uint64_t cr3) +p2m_get_nestedp2m(struct vcpu *v, uint64_t np2m_base) { /* Use volatile to prevent gcc to cache nv->nv_p2m in a cpu register as * this may change within the loop by an other (v)cpu. @@ -1480,8 +1480,8 @@ p2m_get_nestedp2m(struct vcpu *v, uint64 struct domain *d; struct p2m_domain *p2m; - /* Mask out low bits; this avoids collisions with CR3_EADDR */ - cr3 &= ~(0xfffull); + /* Mask out low bits; this avoids collisions with P2M_BASE_EADDR */ + np2m_base &= ~(0xfffull); if (nv->nv_flushp2m && nv->nv_p2m) { nv->nv_p2m = NULL; @@ -1493,14 +1493,14 @@ p2m_get_nestedp2m(struct vcpu *v, uint64 if ( p2m ) { p2m_lock(p2m); - if ( p2m->cr3 == cr3 || p2m->cr3 == CR3_EADDR ) + if ( p2m->np2m_base == np2m_base || p2m->np2m_base == P2M_BASE_EADDR ) { nv->nv_flushp2m = 0; p2m_getlru_nestedp2m(d, p2m); nv->nv_p2m = p2m; - if (p2m->cr3 == CR3_EADDR) + if ( p2m->np2m_base == P2M_BASE_EADDR ) hvm_asid_flush_vcpu(v); - p2m->cr3 = cr3; + p2m->np2m_base = np2m_base; cpumask_set_cpu(v->processor, p2m->dirty_cpumask); p2m_unlock(p2m); nestedp2m_unlock(d); @@ -1515,7 +1515,7 @@ p2m_get_nestedp2m(struct vcpu *v, uint64 p2m_flush_table(p2m); p2m_lock(p2m); nv->nv_p2m = p2m; - p2m->cr3 = cr3; + p2m->np2m_base = np2m_base; nv->nv_flushp2m = 0; hvm_asid_flush_vcpu(v); cpumask_set_cpu(v->processor, p2m->dirty_cpumask); @@ -1531,7 +1531,7 @@ p2m_get_p2m(struct vcpu *v) if (!nestedhvm_is_n2(v)) return p2m_get_hostp2m(v->domain); - return p2m_get_nestedp2m(v, nhvm_vcpu_hostcr3(v)); + return p2m_get_nestedp2m(v, nhvm_vcpu_p2m_base(v)); } unsigned long paging_gva_to_gfn(struct vcpu *v, @@ -1549,15 +1549,15 @@ unsigned long paging_gva_to_gfn(struct v struct p2m_domain *p2m; const struct paging_mode *mode; uint32_t pfec_21 = *pfec; - uint64_t ncr3 = nhvm_vcpu_hostcr3(v); + uint64_t np2m_base = nhvm_vcpu_p2m_base(v); /* translate l2 guest va into l2 guest gfn */ - p2m = p2m_get_nestedp2m(v, ncr3); + p2m = p2m_get_nestedp2m(v, np2m_base); mode = paging_get_nestedmode(v); gfn = mode->gva_to_gfn(v, p2m, va, pfec); /* translate l2 guest gfn into l1 guest gfn */ - return hostmode->p2m_ga_to_gfn(v, hostp2m, ncr3, + return hostmode->p2m_ga_to_gfn(v, hostp2m, np2m_base, gfn << PAGE_SHIFT, &pfec_21, NULL); } diff -r 21a2ecc73183 -r 6f2697d51542 xen/include/asm-x86/hvm/hvm.h --- a/xen/include/asm-x86/hvm/hvm.h Mon Jan 14 16:47:22 2013 +0000 +++ b/xen/include/asm-x86/hvm/hvm.h Tue Jan 15 11:09:33 2013 +0100 @@ -170,7 +170,7 @@ struct hvm_function_table { uint64_t exitcode); int (*nhvm_vcpu_vmexit_trap)(struct vcpu *v, struct hvm_trap *trap); uint64_t (*nhvm_vcpu_guestcr3)(struct vcpu *v); - uint64_t (*nhvm_vcpu_hostcr3)(struct vcpu *v); + uint64_t (*nhvm_vcpu_p2m_base)(struct vcpu *v); uint32_t (*nhvm_vcpu_asid)(struct vcpu *v); int (*nhvm_vmcx_guest_intercepts_trap)(struct vcpu *v, unsigned int trapnr, int errcode); @@ -475,7 +475,7 @@ uint64_t nhvm_vcpu_guestcr3(struct vcpu /* returns l1 guest's cr3 that points to the page table used to * translate l2 guest physical address to l1 guest physical address. */ -uint64_t nhvm_vcpu_hostcr3(struct vcpu *v); +uint64_t nhvm_vcpu_p2m_base(struct vcpu *v); /* returns the asid number l1 guest wants to use to run the l2 guest */ uint32_t nhvm_vcpu_asid(struct vcpu *v); diff -r 21a2ecc73183 -r 6f2697d51542 xen/include/asm-x86/hvm/vmx/vvmx.h --- a/xen/include/asm-x86/hvm/vmx/vvmx.h Mon Jan 14 16:47:22 2013 +0000 +++ b/xen/include/asm-x86/hvm/vmx/vvmx.h Tue Jan 15 11:09:33 2013 +0100 @@ -99,7 +99,7 @@ int nvmx_vcpu_initialise(struct vcpu *v) void nvmx_vcpu_destroy(struct vcpu *v); int nvmx_vcpu_reset(struct vcpu *v); uint64_t nvmx_vcpu_guestcr3(struct vcpu *v); -uint64_t nvmx_vcpu_hostcr3(struct vcpu *v); +uint64_t nvmx_vcpu_eptp_base(struct vcpu *v); uint32_t nvmx_vcpu_asid(struct vcpu *v); enum hvm_intblk nvmx_intr_blocked(struct vcpu *v); int nvmx_intercepts_exception(struct vcpu *v, diff -r 21a2ecc73183 -r 6f2697d51542 xen/include/asm-x86/p2m.h --- a/xen/include/asm-x86/p2m.h Mon Jan 14 16:47:22 2013 +0000 +++ b/xen/include/asm-x86/p2m.h Tue Jan 15 11:09:33 2013 +0100 @@ -197,17 +197,17 @@ struct p2m_domain { struct domain *domain; /* back pointer to domain */ - /* Nested p2ms only: nested-CR3 value that this p2m shadows. - * This can be cleared to CR3_EADDR under the per-p2m lock but + /* Nested p2ms only: nested p2m base value that this p2m shadows. + * This can be cleared to P2M_BASE_EADDR under the per-p2m lock but * needs both the per-p2m lock and the per-domain nestedp2m lock * to set it to any other value. */ -#define CR3_EADDR (~0ULL) - uint64_t cr3; +#define P2M_BASE_EADDR (~0ULL) + uint64_t np2m_base; /* Nested p2ms: linked list of n2pms allocated to this domain. * The host p2m hasolds the head of the list and the np2ms are * threaded on in LRU order. */ - struct list_head np2m_list; + struct list_head np2m_list; /* Host p2m: when this flag is set, don't flush all the nested-p2m @@ -282,11 +282,11 @@ struct p2m_domain { /* get host p2m table */ #define p2m_get_hostp2m(d) ((d)->arch.p2m) -/* Get p2m table (re)usable for specified cr3. +/* Get p2m table (re)usable for specified np2m base. * Automatically destroys and re-initializes a p2m if none found. - * If cr3 == 0 then v->arch.hvm_vcpu.guest_cr[3] is used. + * If np2m_base == 0 then v->arch.hvm_vcpu.guest_cr[3] is used. */ -struct p2m_domain *p2m_get_nestedp2m(struct vcpu *v, uint64_t cr3); +struct p2m_domain *p2m_get_nestedp2m(struct vcpu *v, uint64_t np2m_base); /* If vcpu is in host mode then behaviour matches p2m_get_hostp2m(). * If vcpu is in guest mode then behaviour matches p2m_get_nestedp2m(). _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:39 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:39 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGd-0007oS-8R; Wed, 16 Jan 2013 08:22:39 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGa-0007hQ-Gr for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:36 +0000 Received: from [85.158.143.35:34962] by server-1.bemta-4.messagelabs.com id A1/84-18740-B4366F05; Wed, 16 Jan 2013 08:22:35 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-6.tower-21.messagelabs.com!1358324548!15683247!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_DONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 19354 invoked from network); 16 Jan 2013 08:22:29 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-6.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:29 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGS-0003su-5b for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:28 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGS-0000gL-4V for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:28 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:27 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] nestedhap: Change hostcr3 and p2m->cr3 to meaningful words X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Zhang Xiantao # Date 1358244573 -3600 # Node ID 6f2697d51542d57fad8adee1341d60393bca0ad8 # Parent 21a2ecc7318344ffe6e73018c6230292496bb6b7 nestedhap: Change hostcr3 and p2m->cr3 to meaningful words VMX doesn't have the concept about host cr3 for nested p2m, and only SVM has, so change it to netural words. Signed-off-by: Zhang Xiantao Acked-by: Tim Deegan Acked-by: Jun Nakajima Acked-by: Eddie Dong Committed-by: Jan Beulich --- diff -r 21a2ecc73183 -r 6f2697d51542 xen/arch/x86/hvm/hvm.c --- a/xen/arch/x86/hvm/hvm.c Mon Jan 14 16:47:22 2013 +0000 +++ b/xen/arch/x86/hvm/hvm.c Tue Jan 15 11:09:33 2013 +0100 @@ -4538,10 +4538,10 @@ uint64_t nhvm_vcpu_guestcr3(struct vcpu return -EOPNOTSUPP; } -uint64_t nhvm_vcpu_hostcr3(struct vcpu *v) +uint64_t nhvm_vcpu_p2m_base(struct vcpu *v) { - if (hvm_funcs.nhvm_vcpu_hostcr3) - return hvm_funcs.nhvm_vcpu_hostcr3(v); + if ( hvm_funcs.nhvm_vcpu_p2m_base ) + return hvm_funcs.nhvm_vcpu_p2m_base(v); return -EOPNOTSUPP; } diff -r 21a2ecc73183 -r 6f2697d51542 xen/arch/x86/hvm/svm/svm.c --- a/xen/arch/x86/hvm/svm/svm.c Mon Jan 14 16:47:22 2013 +0000 +++ b/xen/arch/x86/hvm/svm/svm.c Tue Jan 15 11:09:33 2013 +0100 @@ -2003,7 +2003,7 @@ static struct hvm_function_table __read_ .nhvm_vcpu_vmexit = nsvm_vcpu_vmexit_inject, .nhvm_vcpu_vmexit_trap = nsvm_vcpu_vmexit_trap, .nhvm_vcpu_guestcr3 = nsvm_vcpu_guestcr3, - .nhvm_vcpu_hostcr3 = nsvm_vcpu_hostcr3, + .nhvm_vcpu_p2m_base = nsvm_vcpu_hostcr3, .nhvm_vcpu_asid = nsvm_vcpu_asid, .nhvm_vmcx_guest_intercepts_trap = nsvm_vmcb_guest_intercepts_trap, .nhvm_vmcx_hap_enabled = nsvm_vmcb_hap_enabled, diff -r 21a2ecc73183 -r 6f2697d51542 xen/arch/x86/hvm/vmx/vmx.c --- a/xen/arch/x86/hvm/vmx/vmx.c Mon Jan 14 16:47:22 2013 +0000 +++ b/xen/arch/x86/hvm/vmx/vmx.c Tue Jan 15 11:09:33 2013 +0100 @@ -1504,7 +1504,7 @@ static struct hvm_function_table __read_ .nhvm_vcpu_destroy = nvmx_vcpu_destroy, .nhvm_vcpu_reset = nvmx_vcpu_reset, .nhvm_vcpu_guestcr3 = nvmx_vcpu_guestcr3, - .nhvm_vcpu_hostcr3 = nvmx_vcpu_hostcr3, + .nhvm_vcpu_p2m_base = nvmx_vcpu_eptp_base, .nhvm_vcpu_asid = nvmx_vcpu_asid, .nhvm_vmcx_guest_intercepts_trap = nvmx_intercepts_exception, .nhvm_vcpu_vmexit_trap = nvmx_vmexit_trap, diff -r 21a2ecc73183 -r 6f2697d51542 xen/arch/x86/hvm/vmx/vvmx.c --- a/xen/arch/x86/hvm/vmx/vvmx.c Mon Jan 14 16:47:22 2013 +0000 +++ b/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 15 11:09:33 2013 +0100 @@ -94,7 +94,7 @@ uint64_t nvmx_vcpu_guestcr3(struct vcpu return 0; } -uint64_t nvmx_vcpu_hostcr3(struct vcpu *v) +uint64_t nvmx_vcpu_eptp_base(struct vcpu *v) { /* TODO */ ASSERT(0); diff -r 21a2ecc73183 -r 6f2697d51542 xen/arch/x86/mm/hap/nested_hap.c --- a/xen/arch/x86/mm/hap/nested_hap.c Mon Jan 14 16:47:22 2013 +0000 +++ b/xen/arch/x86/mm/hap/nested_hap.c Tue Jan 15 11:09:33 2013 +0100 @@ -48,9 +48,11 @@ * 1. If #NPF is from L1 guest, then we crash the guest VM (same as old * code) * 2. If #NPF is from L2 guest, then we continue from (3) - * 3. Get h_cr3 from L1 guest. Map h_cr3 into L0 hypervisor address space. - * 4. Walk the h_cr3 page table - * 5. - if not present, then we inject #NPF back to L1 guest and + * 3. Get np2m base from L1 guest. Map np2m base into L0 hypervisor address + * space. + * 4. Walk the np2m's page table + * 5. - if not present or permission check failure, then we inject #NPF + * back to L1 guest and * re-launch L1 guest (L1 guest will either treat this #NPF as MMIO, * or fix its p2m table for L2 guest) * 6. - if present, then we will get the a new translated value L1-GPA @@ -89,7 +91,7 @@ nestedp2m_write_p2m_entry(struct p2m_dom if (old_flags & _PAGE_PRESENT) flush_tlb_mask(p2m->dirty_cpumask); - + paging_unlock(d); } @@ -110,7 +112,7 @@ nestedhap_fix_p2m(struct vcpu *v, struct /* If this p2m table has been flushed or recycled under our feet, * leave it alone. We'll pick up the right one as we try to * vmenter the guest. */ - if ( p2m->cr3 == nhvm_vcpu_hostcr3(v) ) + if ( p2m->np2m_base == nhvm_vcpu_p2m_base(v) ) { unsigned long gfn, mask; mfn_t mfn; @@ -186,7 +188,7 @@ nestedhap_walk_L1_p2m(struct vcpu *v, pa uint32_t pfec; unsigned long nested_cr3, gfn; - nested_cr3 = nhvm_vcpu_hostcr3(v); + nested_cr3 = nhvm_vcpu_p2m_base(v); pfec = PFEC_user_mode | PFEC_page_present; if (access_w) @@ -221,7 +223,7 @@ nestedhvm_hap_nested_page_fault(struct v p2m_type_t p2mt_10; p2m = p2m_get_hostp2m(d); /* L0 p2m */ - nested_p2m = p2m_get_nestedp2m(v, nhvm_vcpu_hostcr3(v)); + nested_p2m = p2m_get_nestedp2m(v, nhvm_vcpu_p2m_base(v)); /* walk the L1 P2M table */ rv = nestedhap_walk_L1_p2m(v, *L2_gpa, &L1_gpa, &page_order_21, diff -r 21a2ecc73183 -r 6f2697d51542 xen/arch/x86/mm/mm-locks.h --- a/xen/arch/x86/mm/mm-locks.h Mon Jan 14 16:47:22 2013 +0000 +++ b/xen/arch/x86/mm/mm-locks.h Tue Jan 15 11:09:33 2013 +0100 @@ -249,7 +249,7 @@ declare_mm_order_constraint(per_page_sha * A per-domain lock that protects the mapping from nested-CR3 to * nested-p2m. In particular it covers: * - the array of nested-p2m tables, and all LRU activity therein; and - * - setting the "cr3" field of any p2m table to a non-CR3_EADDR value. + * - setting the "cr3" field of any p2m table to a non-P2M_BASE_EAADR value. * (i.e. assigning a p2m table to be the shadow of that cr3 */ /* PoD lock (per-p2m-table) diff -r 21a2ecc73183 -r 6f2697d51542 xen/arch/x86/mm/p2m.c --- a/xen/arch/x86/mm/p2m.c Mon Jan 14 16:47:22 2013 +0000 +++ b/xen/arch/x86/mm/p2m.c Tue Jan 15 11:09:33 2013 +0100 @@ -69,7 +69,7 @@ static void p2m_initialise(struct domain p2m->domain = d; p2m->default_access = p2m_access_rwx; - p2m->cr3 = CR3_EADDR; + p2m->np2m_base = P2M_BASE_EADDR; if ( hap_enabled(d) && cpu_has_vmx ) ept_p2m_init(p2m); @@ -1433,7 +1433,7 @@ p2m_flush_table(struct p2m_domain *p2m) ASSERT(page_list_empty(&p2m->pod.single)); /* This is no longer a valid nested p2m for any address space */ - p2m->cr3 = CR3_EADDR; + p2m->np2m_base = P2M_BASE_EADDR; /* Zap the top level of the trie */ top = mfn_to_page(pagetable_get_mfn(p2m_get_pagetable(p2m))); @@ -1471,7 +1471,7 @@ p2m_flush_nestedp2m(struct domain *d) } struct p2m_domain * -p2m_get_nestedp2m(struct vcpu *v, uint64_t cr3) +p2m_get_nestedp2m(struct vcpu *v, uint64_t np2m_base) { /* Use volatile to prevent gcc to cache nv->nv_p2m in a cpu register as * this may change within the loop by an other (v)cpu. @@ -1480,8 +1480,8 @@ p2m_get_nestedp2m(struct vcpu *v, uint64 struct domain *d; struct p2m_domain *p2m; - /* Mask out low bits; this avoids collisions with CR3_EADDR */ - cr3 &= ~(0xfffull); + /* Mask out low bits; this avoids collisions with P2M_BASE_EADDR */ + np2m_base &= ~(0xfffull); if (nv->nv_flushp2m && nv->nv_p2m) { nv->nv_p2m = NULL; @@ -1493,14 +1493,14 @@ p2m_get_nestedp2m(struct vcpu *v, uint64 if ( p2m ) { p2m_lock(p2m); - if ( p2m->cr3 == cr3 || p2m->cr3 == CR3_EADDR ) + if ( p2m->np2m_base == np2m_base || p2m->np2m_base == P2M_BASE_EADDR ) { nv->nv_flushp2m = 0; p2m_getlru_nestedp2m(d, p2m); nv->nv_p2m = p2m; - if (p2m->cr3 == CR3_EADDR) + if ( p2m->np2m_base == P2M_BASE_EADDR ) hvm_asid_flush_vcpu(v); - p2m->cr3 = cr3; + p2m->np2m_base = np2m_base; cpumask_set_cpu(v->processor, p2m->dirty_cpumask); p2m_unlock(p2m); nestedp2m_unlock(d); @@ -1515,7 +1515,7 @@ p2m_get_nestedp2m(struct vcpu *v, uint64 p2m_flush_table(p2m); p2m_lock(p2m); nv->nv_p2m = p2m; - p2m->cr3 = cr3; + p2m->np2m_base = np2m_base; nv->nv_flushp2m = 0; hvm_asid_flush_vcpu(v); cpumask_set_cpu(v->processor, p2m->dirty_cpumask); @@ -1531,7 +1531,7 @@ p2m_get_p2m(struct vcpu *v) if (!nestedhvm_is_n2(v)) return p2m_get_hostp2m(v->domain); - return p2m_get_nestedp2m(v, nhvm_vcpu_hostcr3(v)); + return p2m_get_nestedp2m(v, nhvm_vcpu_p2m_base(v)); } unsigned long paging_gva_to_gfn(struct vcpu *v, @@ -1549,15 +1549,15 @@ unsigned long paging_gva_to_gfn(struct v struct p2m_domain *p2m; const struct paging_mode *mode; uint32_t pfec_21 = *pfec; - uint64_t ncr3 = nhvm_vcpu_hostcr3(v); + uint64_t np2m_base = nhvm_vcpu_p2m_base(v); /* translate l2 guest va into l2 guest gfn */ - p2m = p2m_get_nestedp2m(v, ncr3); + p2m = p2m_get_nestedp2m(v, np2m_base); mode = paging_get_nestedmode(v); gfn = mode->gva_to_gfn(v, p2m, va, pfec); /* translate l2 guest gfn into l1 guest gfn */ - return hostmode->p2m_ga_to_gfn(v, hostp2m, ncr3, + return hostmode->p2m_ga_to_gfn(v, hostp2m, np2m_base, gfn << PAGE_SHIFT, &pfec_21, NULL); } diff -r 21a2ecc73183 -r 6f2697d51542 xen/include/asm-x86/hvm/hvm.h --- a/xen/include/asm-x86/hvm/hvm.h Mon Jan 14 16:47:22 2013 +0000 +++ b/xen/include/asm-x86/hvm/hvm.h Tue Jan 15 11:09:33 2013 +0100 @@ -170,7 +170,7 @@ struct hvm_function_table { uint64_t exitcode); int (*nhvm_vcpu_vmexit_trap)(struct vcpu *v, struct hvm_trap *trap); uint64_t (*nhvm_vcpu_guestcr3)(struct vcpu *v); - uint64_t (*nhvm_vcpu_hostcr3)(struct vcpu *v); + uint64_t (*nhvm_vcpu_p2m_base)(struct vcpu *v); uint32_t (*nhvm_vcpu_asid)(struct vcpu *v); int (*nhvm_vmcx_guest_intercepts_trap)(struct vcpu *v, unsigned int trapnr, int errcode); @@ -475,7 +475,7 @@ uint64_t nhvm_vcpu_guestcr3(struct vcpu /* returns l1 guest's cr3 that points to the page table used to * translate l2 guest physical address to l1 guest physical address. */ -uint64_t nhvm_vcpu_hostcr3(struct vcpu *v); +uint64_t nhvm_vcpu_p2m_base(struct vcpu *v); /* returns the asid number l1 guest wants to use to run the l2 guest */ uint32_t nhvm_vcpu_asid(struct vcpu *v); diff -r 21a2ecc73183 -r 6f2697d51542 xen/include/asm-x86/hvm/vmx/vvmx.h --- a/xen/include/asm-x86/hvm/vmx/vvmx.h Mon Jan 14 16:47:22 2013 +0000 +++ b/xen/include/asm-x86/hvm/vmx/vvmx.h Tue Jan 15 11:09:33 2013 +0100 @@ -99,7 +99,7 @@ int nvmx_vcpu_initialise(struct vcpu *v) void nvmx_vcpu_destroy(struct vcpu *v); int nvmx_vcpu_reset(struct vcpu *v); uint64_t nvmx_vcpu_guestcr3(struct vcpu *v); -uint64_t nvmx_vcpu_hostcr3(struct vcpu *v); +uint64_t nvmx_vcpu_eptp_base(struct vcpu *v); uint32_t nvmx_vcpu_asid(struct vcpu *v); enum hvm_intblk nvmx_intr_blocked(struct vcpu *v); int nvmx_intercepts_exception(struct vcpu *v, diff -r 21a2ecc73183 -r 6f2697d51542 xen/include/asm-x86/p2m.h --- a/xen/include/asm-x86/p2m.h Mon Jan 14 16:47:22 2013 +0000 +++ b/xen/include/asm-x86/p2m.h Tue Jan 15 11:09:33 2013 +0100 @@ -197,17 +197,17 @@ struct p2m_domain { struct domain *domain; /* back pointer to domain */ - /* Nested p2ms only: nested-CR3 value that this p2m shadows. - * This can be cleared to CR3_EADDR under the per-p2m lock but + /* Nested p2ms only: nested p2m base value that this p2m shadows. + * This can be cleared to P2M_BASE_EADDR under the per-p2m lock but * needs both the per-p2m lock and the per-domain nestedp2m lock * to set it to any other value. */ -#define CR3_EADDR (~0ULL) - uint64_t cr3; +#define P2M_BASE_EADDR (~0ULL) + uint64_t np2m_base; /* Nested p2ms: linked list of n2pms allocated to this domain. * The host p2m hasolds the head of the list and the np2ms are * threaded on in LRU order. */ - struct list_head np2m_list; + struct list_head np2m_list; /* Host p2m: when this flag is set, don't flush all the nested-p2m @@ -282,11 +282,11 @@ struct p2m_domain { /* get host p2m table */ #define p2m_get_hostp2m(d) ((d)->arch.p2m) -/* Get p2m table (re)usable for specified cr3. +/* Get p2m table (re)usable for specified np2m base. * Automatically destroys and re-initializes a p2m if none found. - * If cr3 == 0 then v->arch.hvm_vcpu.guest_cr[3] is used. + * If np2m_base == 0 then v->arch.hvm_vcpu.guest_cr[3] is used. */ -struct p2m_domain *p2m_get_nestedp2m(struct vcpu *v, uint64_t cr3); +struct p2m_domain *p2m_get_nestedp2m(struct vcpu *v, uint64_t np2m_base); /* If vcpu is in host mode then behaviour matches p2m_get_hostp2m(). * If vcpu is in guest mode then behaviour matches p2m_get_nestedp2m(). _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:53 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:53 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGr-00083y-Ge; Wed, 16 Jan 2013 08:22:53 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGp-00081o-Uk for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:52 +0000 Received: from [85.158.143.35:35433] by server-2.bemta-4.messagelabs.com id 07/0D-24322-B5366F05; Wed, 16 Jan 2013 08:22:51 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-14.tower-21.messagelabs.com!1358324542!16454592!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 25062 invoked from network); 16 Jan 2013 08:22:29 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-14.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:29 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGM-0003s7-6N for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:22 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGM-0000e2-5I for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:22 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:21 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] Switch from select() to poll() in xenconsoled's IO loop X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Wei Liu # Date 1357906950 0 # Node ID 0b9dfd067b4259e2cb3285f279f369dd7bd2e032 # Parent c3c683a439aee86b3de38ea54205a6faee6b6429 Switch from select() to poll() in xenconsoled's IO loop In Linux select() typically supports up to 1024 file descriptors. This can be a problem when user tries to boot up many guests. Switching to poll() has minimum impact on existing code and has better scalibility. pollfd array is dynamically allocated / reallocated. If the array fails to expand, we just ignore the incoming fd. Signed-off-by: Wei Liu Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r c3c683a439ae -r 0b9dfd067b42 tools/console/daemon/io.c --- a/tools/console/daemon/io.c Fri Jan 11 12:22:30 2013 +0000 +++ b/tools/console/daemon/io.c Fri Jan 11 12:22:30 2013 +0000 @@ -28,7 +28,7 @@ #include #include #include -#include +#include #include #include #include @@ -66,9 +66,12 @@ extern int discard_overflowed_data; static int log_time_hv_needts = 1; static int log_time_guest_needts = 1; static int log_hv_fd = -1; -static evtchn_port_or_error_t log_hv_evtchn = -1; -static xc_interface *xch; /* why does xenconsoled have two xc handles ? */ -static xc_evtchn *xce_handle = NULL; + +static struct pollfd *fds; +static unsigned int current_array_size; +static unsigned int nr_fds; + +#define ROUNDUP(_x,_w) (((unsigned long)(_x)+(1UL<<(_w))-1) & ~((1UL<<(_w))-1)) struct buffer { char *data; @@ -81,7 +84,9 @@ struct buffer { struct domain { int domid; int master_fd; + struct pollfd *master_pollfd; int slave_fd; + struct pollfd *slave_pollfd; int log_fd; bool is_dead; unsigned last_seen; @@ -92,6 +97,7 @@ struct domain { evtchn_port_or_error_t local_port; evtchn_port_or_error_t remote_port; xc_evtchn *xce_handle; + struct pollfd *xce_pollfd; struct xencons_interface *interface; int event_count; long long next_period; @@ -769,6 +775,17 @@ static int ring_free_bytes(struct domain return (sizeof(intf->in) - space); } +static void domain_handle_broken_tty(struct domain *dom, int recreate) +{ + domain_close_tty(dom); + + if (recreate) { + domain_create_tty(dom); + } else { + shutdown_domain(dom); + } +} + static void handle_tty_read(struct domain *dom) { ssize_t len = 0; @@ -794,13 +811,7 @@ static void handle_tty_read(struct domai * keep the slave open for the duration. */ if (len < 0) { - domain_close_tty(dom); - - if (domain_is_valid(dom->domid)) { - domain_create_tty(dom); - } else { - shutdown_domain(dom); - } + domain_handle_broken_tty(dom, domain_is_valid(dom->domid)); } else if (domain_is_valid(dom->domid)) { prod = intf->in_prod; for (i = 0; i < len; i++) { @@ -828,14 +839,7 @@ static void handle_tty_write(struct doma if (len < 1) { dolog(LOG_DEBUG, "Write failed on domain %d: %zd, %d\n", dom->domid, len, errno); - - domain_close_tty(dom); - - if (domain_is_valid(dom->domid)) { - domain_create_tty(dom); - } else { - shutdown_domain(dom); - } + domain_handle_broken_tty(dom, domain_is_valid(dom->domid)); } else { buffer_advance(&dom->buffer, len); } @@ -883,7 +887,7 @@ static void handle_xs(void) free(vec); } -static void handle_hv_logs(void) +static void handle_hv_logs(xc_evtchn *xce_handle) { char buffer[1024*16]; char *bufptr = buffer; @@ -894,7 +898,7 @@ static void handle_hv_logs(void) if ((port = xc_evtchn_pending(xce_handle)) == -1) return; - if (xc_readconsolering(xch, bufptr, &size, 0, 1, &index) == 0 && size > 0) { + if (xc_readconsolering(xc, bufptr, &size, 0, 1, &index) == 0 && size > 0) { int logret; if (log_time_hv) logret = write_with_timestamp(log_hv_fd, buffer, size, @@ -928,18 +932,54 @@ static void handle_log_reload(void) } } +static struct pollfd *set_fds(int fd, short events) +{ + struct pollfd *ret; + if (current_array_size < nr_fds + 1) { + struct pollfd *new_fds = NULL; + unsigned long newsize; + + /* Round up to 2^8 boundary, in practice this just + * make newsize larger than current_array_size. + */ + newsize = ROUNDUP(nr_fds + 1, 8); + + new_fds = realloc(fds, sizeof(struct pollfd)*newsize); + if (!new_fds) + goto fail; + fds = new_fds; + + memset(&fds[0] + current_array_size, 0, + sizeof(struct pollfd) * (newsize-current_array_size)); + current_array_size = newsize; + } + + fds[nr_fds].fd = fd; + fds[nr_fds].events = events; + ret = &fds[nr_fds]; + nr_fds++; + + return ret; +fail: + dolog(LOG_ERR, "realloc failed, ignoring fd %d\n", fd); + return NULL; +} + +static void reset_fds(void) +{ + nr_fds = 0; + memset(fds, 0, sizeof(struct pollfd) * current_array_size); +} + void handle_io(void) { - fd_set readfds, writefds; int ret; + evtchn_port_or_error_t log_hv_evtchn = -1; + struct pollfd *xce_pollfd = NULL; + struct pollfd *xs_pollfd = NULL; + xc_evtchn *xce_handle = NULL; if (log_hv) { - xch = xc_interface_open(0,0,0); - if (!xch) { - dolog(LOG_ERR, "Failed to open xc handle: %d (%s)", - errno, strerror(errno)); - goto out; - } xce_handle = xc_evtchn_open(NULL, 0); if (xce_handle == NULL) { dolog(LOG_ERR, "Failed to open xce handle: %d (%s)", @@ -959,21 +999,17 @@ void handle_io(void) for (;;) { struct domain *d, *n; - int max_fd = -1; - struct timeval timeout; + int poll_timeout; /* timeout in milliseconds */ struct timespec ts; long long now, next_timeout = 0; - FD_ZERO(&readfds); - FD_ZERO(&writefds); + reset_fds(); - FD_SET(xs_fileno(xs), &readfds); - max_fd = MAX(xs_fileno(xs), max_fd); + xs_pollfd = set_fds(xs_fileno(xs), POLLIN|POLLPRI); - if (log_hv) { - FD_SET(xc_evtchn_fd(xce_handle), &readfds); - max_fd = MAX(xc_evtchn_fd(xce_handle), max_fd); - } + if (log_hv) + xce_pollfd = set_fds(xc_evtchn_fd(xce_handle), + POLLIN|POLLPRI); if (clock_gettime(CLOCK_MONOTONIC, &ts) < 0) return; @@ -982,10 +1018,12 @@ void handle_io(void) /* Re-calculate any event counter allowances & unblock domains with new allowance */ for (d = dom_head; d; d = d->next) { - /* Add 5ms of fuzz since select() often returns - a couple of ms sooner than requested. Without - the fuzz we typically do an extra spin in select() - with a 1/2 ms timeout every other iteration */ + /* CS 16257:955ee4fa1345 introduces a 5ms fuzz + * for select(), it is not clear poll() has + * similar behavior (returning a couple of ms + * sooner than requested) as well. Just leave + * the fuzz here. Remove it with a separate + * patch if necessary */ if ((now+5) > d->next_period) { d->next_period = now + RATE_LIMIT_PERIOD; if (d->event_count >= RATE_LIMIT_ALLOWANCE) { @@ -1006,75 +1044,101 @@ void handle_io(void) !d->buffer.max_capacity || d->buffer.size < d->buffer.max_capacity) { int evtchn_fd = xc_evtchn_fd(d->xce_handle); - FD_SET(evtchn_fd, &readfds); - max_fd = MAX(evtchn_fd, max_fd); + d->xce_pollfd = set_fds(evtchn_fd, + POLLIN|POLLPRI); } } if (d->master_fd != -1) { + short events = 0; if (!d->is_dead && ring_free_bytes(d)) - FD_SET(d->master_fd, &readfds); + events |= POLLIN; if (!buffer_empty(&d->buffer)) - FD_SET(d->master_fd, &writefds); - max_fd = MAX(d->master_fd, max_fd); + events |= POLLOUT; + + if (events) + d->master_pollfd = + set_fds(d->master_fd, + events|POLLPRI); } } /* If any domain has been rate limited, we need to work - out what timeout to supply to select */ + out what timeout to supply to poll */ if (next_timeout) { long long duration = (next_timeout - now); if (duration <= 0) /* sanity check */ duration = 1; - timeout.tv_sec = duration / 1000; - timeout.tv_usec = ((duration - (timeout.tv_sec * 1000)) - * 1000); + poll_timeout = (int)duration; } - ret = select(max_fd + 1, &readfds, &writefds, 0, - next_timeout ? &timeout : NULL); + ret = poll(fds, nr_fds, next_timeout ? poll_timeout : -1); if (log_reload) { handle_log_reload(); log_reload = 0; } - /* Abort if select failed, except for EINTR cases + /* Abort if poll failed, except for EINTR cases which indicate a possible log reload */ if (ret == -1) { if (errno == EINTR) continue; - dolog(LOG_ERR, "Failure in select: %d (%s)", + dolog(LOG_ERR, "Failure in poll: %d (%s)", errno, strerror(errno)); break; } - if (log_hv && FD_ISSET(xc_evtchn_fd(xce_handle), &readfds)) - handle_hv_logs(); + if (log_hv && xce_pollfd) { + if (xce_pollfd->revents & ~(POLLIN|POLLOUT|POLLPRI)) { + dolog(LOG_ERR, + "Failure in poll xce_handle: %d (%s)", + errno, strerror(errno)); + break; + } else if (xce_pollfd->revents & POLLIN) + handle_hv_logs(xce_handle); + } if (ret <= 0) continue; - if (FD_ISSET(xs_fileno(xs), &readfds)) - handle_xs(); + if (xs_pollfd) { + if (xs_pollfd->revents & ~(POLLIN|POLLOUT|POLLPRI)) { + dolog(LOG_ERR, + "Failure in poll xs_handle: %d (%s)", + errno, strerror(errno)); + break; + } else if (xs_pollfd->revents & POLLIN) + handle_xs(); + } for (d = dom_head; d; d = n) { n = d->next; if (d->event_count < RATE_LIMIT_ALLOWANCE) { if (d->xce_handle != NULL && - FD_ISSET(xc_evtchn_fd(d->xce_handle), - &readfds)) - handle_ring_read(d); + d->xce_pollfd && + !(d->xce_pollfd->revents & + ~(POLLIN|POLLOUT|POLLPRI)) && + (d->xce_pollfd->revents & + POLLIN)) + handle_ring_read(d); } - if (d->master_fd != -1 && FD_ISSET(d->master_fd, - &readfds)) - handle_tty_read(d); - - if (d->master_fd != -1 && FD_ISSET(d->master_fd, - &writefds)) - handle_tty_write(d); + if (d->master_fd != -1 && d->master_pollfd) { + if (d->master_pollfd->revents & + ~(POLLIN|POLLOUT|POLLPRI)) + domain_handle_broken_tty(d, + domain_is_valid(d->domid)); + else { + if (d->master_pollfd->revents & + POLLIN) + handle_tty_read(d); + if (d->master_pollfd->revents & + POLLOUT) + handle_tty_write(d); + } + } if (d->last_seen != enum_pass) shutdown_domain(d); @@ -1084,15 +1148,14 @@ void handle_io(void) } } + free(fds); + current_array_size = 0; + out: if (log_hv_fd != -1) { close(log_hv_fd); log_hv_fd = -1; } - if (xch) { - xc_interface_close(xch); - xch = 0; - } if (xce_handle != NULL) { xc_evtchn_close(xce_handle); xce_handle = NULL; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:53 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:53 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGr-00083y-Ge; Wed, 16 Jan 2013 08:22:53 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGp-00081o-Uk for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:52 +0000 Received: from [85.158.143.35:35433] by server-2.bemta-4.messagelabs.com id 07/0D-24322-B5366F05; Wed, 16 Jan 2013 08:22:51 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-14.tower-21.messagelabs.com!1358324542!16454592!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 25062 invoked from network); 16 Jan 2013 08:22:29 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-14.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:29 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGM-0003s7-6N for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:22 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGM-0000e2-5I for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:22 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:21 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] Switch from select() to poll() in xenconsoled's IO loop X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Wei Liu # Date 1357906950 0 # Node ID 0b9dfd067b4259e2cb3285f279f369dd7bd2e032 # Parent c3c683a439aee86b3de38ea54205a6faee6b6429 Switch from select() to poll() in xenconsoled's IO loop In Linux select() typically supports up to 1024 file descriptors. This can be a problem when user tries to boot up many guests. Switching to poll() has minimum impact on existing code and has better scalibility. pollfd array is dynamically allocated / reallocated. If the array fails to expand, we just ignore the incoming fd. Signed-off-by: Wei Liu Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r c3c683a439ae -r 0b9dfd067b42 tools/console/daemon/io.c --- a/tools/console/daemon/io.c Fri Jan 11 12:22:30 2013 +0000 +++ b/tools/console/daemon/io.c Fri Jan 11 12:22:30 2013 +0000 @@ -28,7 +28,7 @@ #include #include #include -#include +#include #include #include #include @@ -66,9 +66,12 @@ extern int discard_overflowed_data; static int log_time_hv_needts = 1; static int log_time_guest_needts = 1; static int log_hv_fd = -1; -static evtchn_port_or_error_t log_hv_evtchn = -1; -static xc_interface *xch; /* why does xenconsoled have two xc handles ? */ -static xc_evtchn *xce_handle = NULL; + +static struct pollfd *fds; +static unsigned int current_array_size; +static unsigned int nr_fds; + +#define ROUNDUP(_x,_w) (((unsigned long)(_x)+(1UL<<(_w))-1) & ~((1UL<<(_w))-1)) struct buffer { char *data; @@ -81,7 +84,9 @@ struct buffer { struct domain { int domid; int master_fd; + struct pollfd *master_pollfd; int slave_fd; + struct pollfd *slave_pollfd; int log_fd; bool is_dead; unsigned last_seen; @@ -92,6 +97,7 @@ struct domain { evtchn_port_or_error_t local_port; evtchn_port_or_error_t remote_port; xc_evtchn *xce_handle; + struct pollfd *xce_pollfd; struct xencons_interface *interface; int event_count; long long next_period; @@ -769,6 +775,17 @@ static int ring_free_bytes(struct domain return (sizeof(intf->in) - space); } +static void domain_handle_broken_tty(struct domain *dom, int recreate) +{ + domain_close_tty(dom); + + if (recreate) { + domain_create_tty(dom); + } else { + shutdown_domain(dom); + } +} + static void handle_tty_read(struct domain *dom) { ssize_t len = 0; @@ -794,13 +811,7 @@ static void handle_tty_read(struct domai * keep the slave open for the duration. */ if (len < 0) { - domain_close_tty(dom); - - if (domain_is_valid(dom->domid)) { - domain_create_tty(dom); - } else { - shutdown_domain(dom); - } + domain_handle_broken_tty(dom, domain_is_valid(dom->domid)); } else if (domain_is_valid(dom->domid)) { prod = intf->in_prod; for (i = 0; i < len; i++) { @@ -828,14 +839,7 @@ static void handle_tty_write(struct doma if (len < 1) { dolog(LOG_DEBUG, "Write failed on domain %d: %zd, %d\n", dom->domid, len, errno); - - domain_close_tty(dom); - - if (domain_is_valid(dom->domid)) { - domain_create_tty(dom); - } else { - shutdown_domain(dom); - } + domain_handle_broken_tty(dom, domain_is_valid(dom->domid)); } else { buffer_advance(&dom->buffer, len); } @@ -883,7 +887,7 @@ static void handle_xs(void) free(vec); } -static void handle_hv_logs(void) +static void handle_hv_logs(xc_evtchn *xce_handle) { char buffer[1024*16]; char *bufptr = buffer; @@ -894,7 +898,7 @@ static void handle_hv_logs(void) if ((port = xc_evtchn_pending(xce_handle)) == -1) return; - if (xc_readconsolering(xch, bufptr, &size, 0, 1, &index) == 0 && size > 0) { + if (xc_readconsolering(xc, bufptr, &size, 0, 1, &index) == 0 && size > 0) { int logret; if (log_time_hv) logret = write_with_timestamp(log_hv_fd, buffer, size, @@ -928,18 +932,54 @@ static void handle_log_reload(void) } } +static struct pollfd *set_fds(int fd, short events) +{ + struct pollfd *ret; + if (current_array_size < nr_fds + 1) { + struct pollfd *new_fds = NULL; + unsigned long newsize; + + /* Round up to 2^8 boundary, in practice this just + * make newsize larger than current_array_size. + */ + newsize = ROUNDUP(nr_fds + 1, 8); + + new_fds = realloc(fds, sizeof(struct pollfd)*newsize); + if (!new_fds) + goto fail; + fds = new_fds; + + memset(&fds[0] + current_array_size, 0, + sizeof(struct pollfd) * (newsize-current_array_size)); + current_array_size = newsize; + } + + fds[nr_fds].fd = fd; + fds[nr_fds].events = events; + ret = &fds[nr_fds]; + nr_fds++; + + return ret; +fail: + dolog(LOG_ERR, "realloc failed, ignoring fd %d\n", fd); + return NULL; +} + +static void reset_fds(void) +{ + nr_fds = 0; + memset(fds, 0, sizeof(struct pollfd) * current_array_size); +} + void handle_io(void) { - fd_set readfds, writefds; int ret; + evtchn_port_or_error_t log_hv_evtchn = -1; + struct pollfd *xce_pollfd = NULL; + struct pollfd *xs_pollfd = NULL; + xc_evtchn *xce_handle = NULL; if (log_hv) { - xch = xc_interface_open(0,0,0); - if (!xch) { - dolog(LOG_ERR, "Failed to open xc handle: %d (%s)", - errno, strerror(errno)); - goto out; - } xce_handle = xc_evtchn_open(NULL, 0); if (xce_handle == NULL) { dolog(LOG_ERR, "Failed to open xce handle: %d (%s)", @@ -959,21 +999,17 @@ void handle_io(void) for (;;) { struct domain *d, *n; - int max_fd = -1; - struct timeval timeout; + int poll_timeout; /* timeout in milliseconds */ struct timespec ts; long long now, next_timeout = 0; - FD_ZERO(&readfds); - FD_ZERO(&writefds); + reset_fds(); - FD_SET(xs_fileno(xs), &readfds); - max_fd = MAX(xs_fileno(xs), max_fd); + xs_pollfd = set_fds(xs_fileno(xs), POLLIN|POLLPRI); - if (log_hv) { - FD_SET(xc_evtchn_fd(xce_handle), &readfds); - max_fd = MAX(xc_evtchn_fd(xce_handle), max_fd); - } + if (log_hv) + xce_pollfd = set_fds(xc_evtchn_fd(xce_handle), + POLLIN|POLLPRI); if (clock_gettime(CLOCK_MONOTONIC, &ts) < 0) return; @@ -982,10 +1018,12 @@ void handle_io(void) /* Re-calculate any event counter allowances & unblock domains with new allowance */ for (d = dom_head; d; d = d->next) { - /* Add 5ms of fuzz since select() often returns - a couple of ms sooner than requested. Without - the fuzz we typically do an extra spin in select() - with a 1/2 ms timeout every other iteration */ + /* CS 16257:955ee4fa1345 introduces a 5ms fuzz + * for select(), it is not clear poll() has + * similar behavior (returning a couple of ms + * sooner than requested) as well. Just leave + * the fuzz here. Remove it with a separate + * patch if necessary */ if ((now+5) > d->next_period) { d->next_period = now + RATE_LIMIT_PERIOD; if (d->event_count >= RATE_LIMIT_ALLOWANCE) { @@ -1006,75 +1044,101 @@ void handle_io(void) !d->buffer.max_capacity || d->buffer.size < d->buffer.max_capacity) { int evtchn_fd = xc_evtchn_fd(d->xce_handle); - FD_SET(evtchn_fd, &readfds); - max_fd = MAX(evtchn_fd, max_fd); + d->xce_pollfd = set_fds(evtchn_fd, + POLLIN|POLLPRI); } } if (d->master_fd != -1) { + short events = 0; if (!d->is_dead && ring_free_bytes(d)) - FD_SET(d->master_fd, &readfds); + events |= POLLIN; if (!buffer_empty(&d->buffer)) - FD_SET(d->master_fd, &writefds); - max_fd = MAX(d->master_fd, max_fd); + events |= POLLOUT; + + if (events) + d->master_pollfd = + set_fds(d->master_fd, + events|POLLPRI); } } /* If any domain has been rate limited, we need to work - out what timeout to supply to select */ + out what timeout to supply to poll */ if (next_timeout) { long long duration = (next_timeout - now); if (duration <= 0) /* sanity check */ duration = 1; - timeout.tv_sec = duration / 1000; - timeout.tv_usec = ((duration - (timeout.tv_sec * 1000)) - * 1000); + poll_timeout = (int)duration; } - ret = select(max_fd + 1, &readfds, &writefds, 0, - next_timeout ? &timeout : NULL); + ret = poll(fds, nr_fds, next_timeout ? poll_timeout : -1); if (log_reload) { handle_log_reload(); log_reload = 0; } - /* Abort if select failed, except for EINTR cases + /* Abort if poll failed, except for EINTR cases which indicate a possible log reload */ if (ret == -1) { if (errno == EINTR) continue; - dolog(LOG_ERR, "Failure in select: %d (%s)", + dolog(LOG_ERR, "Failure in poll: %d (%s)", errno, strerror(errno)); break; } - if (log_hv && FD_ISSET(xc_evtchn_fd(xce_handle), &readfds)) - handle_hv_logs(); + if (log_hv && xce_pollfd) { + if (xce_pollfd->revents & ~(POLLIN|POLLOUT|POLLPRI)) { + dolog(LOG_ERR, + "Failure in poll xce_handle: %d (%s)", + errno, strerror(errno)); + break; + } else if (xce_pollfd->revents & POLLIN) + handle_hv_logs(xce_handle); + } if (ret <= 0) continue; - if (FD_ISSET(xs_fileno(xs), &readfds)) - handle_xs(); + if (xs_pollfd) { + if (xs_pollfd->revents & ~(POLLIN|POLLOUT|POLLPRI)) { + dolog(LOG_ERR, + "Failure in poll xs_handle: %d (%s)", + errno, strerror(errno)); + break; + } else if (xs_pollfd->revents & POLLIN) + handle_xs(); + } for (d = dom_head; d; d = n) { n = d->next; if (d->event_count < RATE_LIMIT_ALLOWANCE) { if (d->xce_handle != NULL && - FD_ISSET(xc_evtchn_fd(d->xce_handle), - &readfds)) - handle_ring_read(d); + d->xce_pollfd && + !(d->xce_pollfd->revents & + ~(POLLIN|POLLOUT|POLLPRI)) && + (d->xce_pollfd->revents & + POLLIN)) + handle_ring_read(d); } - if (d->master_fd != -1 && FD_ISSET(d->master_fd, - &readfds)) - handle_tty_read(d); - - if (d->master_fd != -1 && FD_ISSET(d->master_fd, - &writefds)) - handle_tty_write(d); + if (d->master_fd != -1 && d->master_pollfd) { + if (d->master_pollfd->revents & + ~(POLLIN|POLLOUT|POLLPRI)) + domain_handle_broken_tty(d, + domain_is_valid(d->domid)); + else { + if (d->master_pollfd->revents & + POLLIN) + handle_tty_read(d); + if (d->master_pollfd->revents & + POLLOUT) + handle_tty_write(d); + } + } if (d->last_seen != enum_pass) shutdown_domain(d); @@ -1084,15 +1148,14 @@ void handle_io(void) } } + free(fds); + current_array_size = 0; + out: if (log_hv_fd != -1) { close(log_hv_fd); log_hv_fd = -1; } - if (xch) { - xc_interface_close(xch); - xch = 0; - } if (xce_handle != NULL) { xc_evtchn_close(xce_handle); xce_handle = NULL; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:55 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:55 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGt-00086T-S2; Wed, 16 Jan 2013 08:22:55 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGs-00084K-7Y for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:54 +0000 Received: from [193.109.254.147:36768] by server-13.bemta-14.messagelabs.com id 0A/7B-01725-D5366F05; Wed, 16 Jan 2013 08:22:53 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-10.tower-27.messagelabs.com!1358324530!3554838!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 15115 invoked from network); 16 Jan 2013 08:22:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-10.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGA-0003r0-8v for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGA-0000YT-4s for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:10 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:09 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen: convert do_sysctl to use XSM X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357899021 0 # Node ID 6be26b7bda2f0c2cc86a8c68d0a302fffdeac7ae # Parent fd939d1a9b306b5e219fd1080eefdcd1c47cfcb0 xen: convert do_sysctl to use XSM The xsm_sysctl hook now covers every sysctl, in addition to the more fine-grained XSM hooks in most sub-functions. Signed-off-by: Daniel De Graaf Committed-by: Keir Fraser --- diff -r fd939d1a9b30 -r 6be26b7bda2f xen/common/sysctl.c --- a/xen/common/sysctl.c Fri Jan 11 10:09:45 2013 +0000 +++ b/xen/common/sysctl.c Fri Jan 11 10:10:21 2013 +0000 @@ -34,15 +34,16 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe struct xen_sysctl curop, *op = &curop; static DEFINE_SPINLOCK(sysctl_lock); - if ( !IS_PRIV(current->domain) ) - return -EPERM; - if ( copy_from_guest(op, u_sysctl, 1) ) return -EFAULT; if ( op->interface_version != XEN_SYSCTL_INTERFACE_VERSION ) return -EACCES; + ret = xsm_sysctl(op->cmd); + if ( ret ) + return ret; + /* * Trylock here avoids deadlock with an existing sysctl critical section * which might (for some current or future reason) want to synchronise diff -r fd939d1a9b30 -r 6be26b7bda2f xen/include/xsm/dummy.h --- a/xen/include/xsm/dummy.h Fri Jan 11 10:09:45 2013 +0000 +++ b/xen/include/xsm/dummy.h Fri Jan 11 10:10:21 2013 +0000 @@ -106,6 +106,13 @@ static XSM_INLINE int xsm_domctl(struct return 0; } +static XSM_INLINE int xsm_sysctl(int cmd) +{ + if ( !IS_PRIV(current->domain) ) + return -EPERM; + return 0; +} + static XSM_INLINE int xsm_set_virq_handler(struct domain *d, uint32_t virq) { return 0; diff -r fd939d1a9b30 -r 6be26b7bda2f xen/include/xsm/xsm.h --- a/xen/include/xsm/xsm.h Fri Jan 11 10:09:45 2013 +0000 +++ b/xen/include/xsm/xsm.h Fri Jan 11 10:10:21 2013 +0000 @@ -58,6 +58,7 @@ struct xsm_operations { int (*domain_settime) (struct domain *d); int (*set_target) (struct domain *d, struct domain *e); int (*domctl) (struct domain *d, int cmd); + int (*sysctl) (int cmd); int (*set_virq_handler) (struct domain *d, uint32_t virq); int (*tbufcontrol) (void); int (*readconsole) (uint32_t clear); @@ -266,6 +267,11 @@ static inline int xsm_domctl (struct dom return xsm_ops->domctl(d, cmd); } +static inline int xsm_sysctl (int cmd) +{ + return xsm_ops->sysctl(cmd); +} + static inline int xsm_set_virq_handler (struct domain *d, uint32_t virq) { return xsm_ops->set_virq_handler(d, virq); diff -r fd939d1a9b30 -r 6be26b7bda2f xen/xsm/dummy.c --- a/xen/xsm/dummy.c Fri Jan 11 10:09:45 2013 +0000 +++ b/xen/xsm/dummy.c Fri Jan 11 10:10:21 2013 +0000 @@ -45,6 +45,7 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, domain_settime); set_to_dummy_if_null(ops, set_target); set_to_dummy_if_null(ops, domctl); + set_to_dummy_if_null(ops, sysctl); set_to_dummy_if_null(ops, set_virq_handler); set_to_dummy_if_null(ops, tbufcontrol); set_to_dummy_if_null(ops, readconsole); diff -r fd939d1a9b30 -r 6be26b7bda2f xen/xsm/flask/hooks.c --- a/xen/xsm/flask/hooks.c Fri Jan 11 10:09:45 2013 +0000 +++ b/xen/xsm/flask/hooks.c Fri Jan 11 10:10:21 2013 +0000 @@ -668,6 +668,38 @@ static int flask_domctl(struct domain *d } } +static int flask_sysctl(int cmd) +{ + switch ( cmd ) + { + /* These have individual XSM hooks */ + case XEN_SYSCTL_readconsole: + case XEN_SYSCTL_tbuf_op: + case XEN_SYSCTL_sched_id: + case XEN_SYSCTL_perfc_op: + case XEN_SYSCTL_getdomaininfolist: + case XEN_SYSCTL_debug_keys: + case XEN_SYSCTL_getcpuinfo: + case XEN_SYSCTL_availheap: + case XEN_SYSCTL_get_pmstat: + case XEN_SYSCTL_pm_op: + case XEN_SYSCTL_page_offline_op: + case XEN_SYSCTL_lockprof_op: + case XEN_SYSCTL_cpupool_op: + case XEN_SYSCTL_scheduler_op: +#ifdef CONFIG_X86 + case XEN_SYSCTL_physinfo: + case XEN_SYSCTL_cpu_hotplug: + case XEN_SYSCTL_topologyinfo: + case XEN_SYSCTL_numainfo: +#endif + return 0; + default: + printk("flask_sysctl: Unknown op %d\n", cmd); + return -EPERM; + } +} + static int flask_set_virq_handler(struct domain *d, uint32_t virq) { return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__SET_VIRQ_HANDLER); @@ -1563,6 +1595,7 @@ static struct xsm_operations flask_ops = .domain_settime = flask_domain_settime, .set_target = flask_set_target, .domctl = flask_domctl, + .sysctl = flask_sysctl, .set_virq_handler = flask_set_virq_handler, .tbufcontrol = flask_tbufcontrol, .readconsole = flask_readconsole, _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:55 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:55 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGt-00086T-S2; Wed, 16 Jan 2013 08:22:55 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGs-00084K-7Y for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:54 +0000 Received: from [193.109.254.147:36768] by server-13.bemta-14.messagelabs.com id 0A/7B-01725-D5366F05; Wed, 16 Jan 2013 08:22:53 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-10.tower-27.messagelabs.com!1358324530!3554838!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 15115 invoked from network); 16 Jan 2013 08:22:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-10.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGA-0003r0-8v for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGA-0000YT-4s for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:10 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:09 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen: convert do_sysctl to use XSM X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357899021 0 # Node ID 6be26b7bda2f0c2cc86a8c68d0a302fffdeac7ae # Parent fd939d1a9b306b5e219fd1080eefdcd1c47cfcb0 xen: convert do_sysctl to use XSM The xsm_sysctl hook now covers every sysctl, in addition to the more fine-grained XSM hooks in most sub-functions. Signed-off-by: Daniel De Graaf Committed-by: Keir Fraser --- diff -r fd939d1a9b30 -r 6be26b7bda2f xen/common/sysctl.c --- a/xen/common/sysctl.c Fri Jan 11 10:09:45 2013 +0000 +++ b/xen/common/sysctl.c Fri Jan 11 10:10:21 2013 +0000 @@ -34,15 +34,16 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe struct xen_sysctl curop, *op = &curop; static DEFINE_SPINLOCK(sysctl_lock); - if ( !IS_PRIV(current->domain) ) - return -EPERM; - if ( copy_from_guest(op, u_sysctl, 1) ) return -EFAULT; if ( op->interface_version != XEN_SYSCTL_INTERFACE_VERSION ) return -EACCES; + ret = xsm_sysctl(op->cmd); + if ( ret ) + return ret; + /* * Trylock here avoids deadlock with an existing sysctl critical section * which might (for some current or future reason) want to synchronise diff -r fd939d1a9b30 -r 6be26b7bda2f xen/include/xsm/dummy.h --- a/xen/include/xsm/dummy.h Fri Jan 11 10:09:45 2013 +0000 +++ b/xen/include/xsm/dummy.h Fri Jan 11 10:10:21 2013 +0000 @@ -106,6 +106,13 @@ static XSM_INLINE int xsm_domctl(struct return 0; } +static XSM_INLINE int xsm_sysctl(int cmd) +{ + if ( !IS_PRIV(current->domain) ) + return -EPERM; + return 0; +} + static XSM_INLINE int xsm_set_virq_handler(struct domain *d, uint32_t virq) { return 0; diff -r fd939d1a9b30 -r 6be26b7bda2f xen/include/xsm/xsm.h --- a/xen/include/xsm/xsm.h Fri Jan 11 10:09:45 2013 +0000 +++ b/xen/include/xsm/xsm.h Fri Jan 11 10:10:21 2013 +0000 @@ -58,6 +58,7 @@ struct xsm_operations { int (*domain_settime) (struct domain *d); int (*set_target) (struct domain *d, struct domain *e); int (*domctl) (struct domain *d, int cmd); + int (*sysctl) (int cmd); int (*set_virq_handler) (struct domain *d, uint32_t virq); int (*tbufcontrol) (void); int (*readconsole) (uint32_t clear); @@ -266,6 +267,11 @@ static inline int xsm_domctl (struct dom return xsm_ops->domctl(d, cmd); } +static inline int xsm_sysctl (int cmd) +{ + return xsm_ops->sysctl(cmd); +} + static inline int xsm_set_virq_handler (struct domain *d, uint32_t virq) { return xsm_ops->set_virq_handler(d, virq); diff -r fd939d1a9b30 -r 6be26b7bda2f xen/xsm/dummy.c --- a/xen/xsm/dummy.c Fri Jan 11 10:09:45 2013 +0000 +++ b/xen/xsm/dummy.c Fri Jan 11 10:10:21 2013 +0000 @@ -45,6 +45,7 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, domain_settime); set_to_dummy_if_null(ops, set_target); set_to_dummy_if_null(ops, domctl); + set_to_dummy_if_null(ops, sysctl); set_to_dummy_if_null(ops, set_virq_handler); set_to_dummy_if_null(ops, tbufcontrol); set_to_dummy_if_null(ops, readconsole); diff -r fd939d1a9b30 -r 6be26b7bda2f xen/xsm/flask/hooks.c --- a/xen/xsm/flask/hooks.c Fri Jan 11 10:09:45 2013 +0000 +++ b/xen/xsm/flask/hooks.c Fri Jan 11 10:10:21 2013 +0000 @@ -668,6 +668,38 @@ static int flask_domctl(struct domain *d } } +static int flask_sysctl(int cmd) +{ + switch ( cmd ) + { + /* These have individual XSM hooks */ + case XEN_SYSCTL_readconsole: + case XEN_SYSCTL_tbuf_op: + case XEN_SYSCTL_sched_id: + case XEN_SYSCTL_perfc_op: + case XEN_SYSCTL_getdomaininfolist: + case XEN_SYSCTL_debug_keys: + case XEN_SYSCTL_getcpuinfo: + case XEN_SYSCTL_availheap: + case XEN_SYSCTL_get_pmstat: + case XEN_SYSCTL_pm_op: + case XEN_SYSCTL_page_offline_op: + case XEN_SYSCTL_lockprof_op: + case XEN_SYSCTL_cpupool_op: + case XEN_SYSCTL_scheduler_op: +#ifdef CONFIG_X86 + case XEN_SYSCTL_physinfo: + case XEN_SYSCTL_cpu_hotplug: + case XEN_SYSCTL_topologyinfo: + case XEN_SYSCTL_numainfo: +#endif + return 0; + default: + printk("flask_sysctl: Unknown op %d\n", cmd); + return -EPERM; + } +} + static int flask_set_virq_handler(struct domain *d, uint32_t virq) { return domain_has_perm(current->domain, d, SECCLASS_DOMAIN, DOMAIN__SET_VIRQ_HANDLER); @@ -1563,6 +1595,7 @@ static struct xsm_operations flask_ops = .domain_settime = flask_domain_settime, .set_target = flask_set_target, .domctl = flask_domctl, + .sysctl = flask_sysctl, .set_virq_handler = flask_set_virq_handler, .tbufcontrol = flask_tbufcontrol, .readconsole = flask_readconsole, _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:59 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:59 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGx-0008A7-0R; Wed, 16 Jan 2013 08:22:59 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGu-00087O-OD for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:57 +0000 Received: from [193.109.254.147:2837] by server-11.bemta-14.messagelabs.com id 30/4C-02659-06366F05; Wed, 16 Jan 2013 08:22:56 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-13.tower-27.messagelabs.com!1358324549!8988238!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_DONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 25748 invoked from network); 16 Jan 2013 08:22:30 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-13.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:30 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGT-0003t4-8s for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:29 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGT-0000gs-7d for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:29 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:28 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] nested_ept: Implement guest ept's walker X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Zhang Xiantao # Date 1358244929 -3600 # Node ID 289f47c01867013f4f6d0f9b65f7cb532bb60938 # Parent eaeef464f3920c7ebd68a4d30813eee2763df70c nested_ept: Implement guest ept's walker Implment guest EPT PT walker, some logic is based on shadow's ia32e PT walker. During the PT walking, if the target pages are not in memory, use RETRY mechanism and get a chance to let the target page back. Signed-off-by: Zhang Xiantao Acked-by: Tim Deegan Acked-by: Jun Nakajima Acked-by: Eddie Dong Committed-by: Jan Beulich --- diff -r eaeef464f392 -r 289f47c01867 xen/arch/x86/hvm/hvm.c --- a/xen/arch/x86/hvm/hvm.c Tue Jan 15 11:11:37 2013 +0100 +++ b/xen/arch/x86/hvm/hvm.c Tue Jan 15 11:15:29 2013 +0100 @@ -1326,6 +1326,7 @@ int hvm_hap_nested_page_fault(paddr_t gp access_r, access_w, access_x); switch (rv) { case NESTEDHVM_PAGEFAULT_DONE: + case NESTEDHVM_PAGEFAULT_RETRY: return 1; case NESTEDHVM_PAGEFAULT_L1_ERROR: /* An error occured while translating gpa from diff -r eaeef464f392 -r 289f47c01867 xen/arch/x86/hvm/vmx/vvmx.c --- a/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 15 11:11:37 2013 +0100 +++ b/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 15 11:15:29 2013 +0100 @@ -943,9 +943,18 @@ static void sync_vvmcs_ro(struct vcpu *v { int i; struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v); + struct nestedvmx *nvmx = &vcpu_2_nvmx(v); + void *vvmcs = nvcpu->nv_vvmcx; for ( i = 0; i < ARRAY_SIZE(vmcs_ro_field); i++ ) shadow_to_vvmcs(nvcpu->nv_vvmcx, vmcs_ro_field[i]); + + /* Adjust exit_reason/exit_qualifciation for violation case */ + if ( __get_vvmcs(vvmcs, VM_EXIT_REASON) == EXIT_REASON_EPT_VIOLATION ) + { + __set_vvmcs(vvmcs, EXIT_QUALIFICATION, nvmx->ept_exit.exit_qual); + __set_vvmcs(vvmcs, VM_EXIT_REASON, nvmx->ept_exit.exit_reason); + } } static void load_vvmcs_host_state(struct vcpu *v) @@ -1493,8 +1502,37 @@ nvmx_hap_walk_L1_p2m(struct vcpu *v, pad unsigned int *page_order, bool_t access_r, bool_t access_w, bool_t access_x) { - /*TODO:*/ - return 0; + int rc; + unsigned long gfn; + uint64_t exit_qual = __vmread(EXIT_QUALIFICATION); + uint32_t exit_reason = EXIT_REASON_EPT_VIOLATION; + uint32_t rwx_rights = (access_x << 2) | (access_w << 1) | access_r; + struct nestedvmx *nvmx = &vcpu_2_nvmx(v); + + rc = nept_translate_l2ga(v, L2_gpa, page_order, rwx_rights, &gfn, + &exit_qual, &exit_reason); + switch ( rc ) + { + case EPT_TRANSLATE_SUCCEED: + *L1_gpa = (gfn << PAGE_SHIFT) + (L2_gpa & ~PAGE_MASK); + rc = NESTEDHVM_PAGEFAULT_DONE; + break; + case EPT_TRANSLATE_VIOLATION: + case EPT_TRANSLATE_MISCONFIG: + rc = NESTEDHVM_PAGEFAULT_INJECT; + nvmx->ept_exit.exit_reason = exit_reason; + nvmx->ept_exit.exit_qual = exit_qual; + break; + case EPT_TRANSLATE_RETRY: + rc = NESTEDHVM_PAGEFAULT_RETRY; + break; + default: + gdprintk(XENLOG_ERR, "GUEST EPT translation error!:%d\n", rc); + BUG(); + break; + } + + return rc; } void nvmx_idtv_handling(void) diff -r eaeef464f392 -r 289f47c01867 xen/arch/x86/mm/guest_walk.c --- a/xen/arch/x86/mm/guest_walk.c Tue Jan 15 11:11:37 2013 +0100 +++ b/xen/arch/x86/mm/guest_walk.c Tue Jan 15 11:15:29 2013 +0100 @@ -88,18 +88,15 @@ static uint32_t set_ad_bits(void *guest_ /* If the map is non-NULL, we leave this function having * acquired an extra ref on mfn_to_page(*mfn) */ -static inline void *map_domain_gfn(struct p2m_domain *p2m, - gfn_t gfn, - mfn_t *mfn, - p2m_type_t *p2mt, - uint32_t *rc) +void *map_domain_gfn(struct p2m_domain *p2m, gfn_t gfn, mfn_t *mfn, + p2m_type_t *p2mt, p2m_query_t q, uint32_t *rc) { struct page_info *page; void *map; /* Translate the gfn, unsharing if shared */ page = get_page_from_gfn_p2m(p2m->domain, p2m, gfn_x(gfn), p2mt, NULL, - P2M_ALLOC | P2M_UNSHARE); + q); if ( p2m_is_paging(*p2mt) ) { ASSERT(!p2m_is_nestedp2m(p2m)); @@ -149,6 +146,7 @@ guest_walk_tables(struct vcpu *v, struct uint32_t gflags, mflags, iflags, rc = 0; int smep; bool_t pse1G = 0, pse2M = 0; + p2m_query_t qt = P2M_ALLOC | P2M_UNSHARE; perfc_incr(guest_walk); memset(gw, 0, sizeof(*gw)); @@ -188,7 +186,8 @@ guest_walk_tables(struct vcpu *v, struct l3p = map_domain_gfn(p2m, guest_l4e_get_gfn(gw->l4e), &gw->l3mfn, - &p2mt, + &p2mt, + qt, &rc); if(l3p == NULL) goto out; @@ -249,6 +248,7 @@ guest_walk_tables(struct vcpu *v, struct guest_l3e_get_gfn(gw->l3e), &gw->l2mfn, &p2mt, + qt, &rc); if(l2p == NULL) goto out; @@ -322,6 +322,7 @@ guest_walk_tables(struct vcpu *v, struct guest_l2e_get_gfn(gw->l2e), &gw->l1mfn, &p2mt, + qt, &rc); if(l1p == NULL) goto out; diff -r eaeef464f392 -r 289f47c01867 xen/arch/x86/mm/hap/Makefile --- a/xen/arch/x86/mm/hap/Makefile Tue Jan 15 11:11:37 2013 +0100 +++ b/xen/arch/x86/mm/hap/Makefile Tue Jan 15 11:15:29 2013 +0100 @@ -3,6 +3,7 @@ obj-y += guest_walk_2level.o obj-y += guest_walk_3level.o obj-$(x86_64) += guest_walk_4level.o obj-y += nested_hap.o +obj-y += nested_ept.o guest_walk_%level.o: guest_walk.c Makefile $(CC) $(CFLAGS) -DGUEST_PAGING_LEVELS=$* -c $< -o $@ diff -r eaeef464f392 -r 289f47c01867 xen/arch/x86/mm/hap/nested_ept.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/xen/arch/x86/mm/hap/nested_ept.c Tue Jan 15 11:15:29 2013 +0100 @@ -0,0 +1,287 @@ +/* + * nested_ept.c: Handling virtulized EPT for guest in nested case. + * + * Copyright (c) 2012, Intel Corporation + * Xiantao Zhang + * + * This program is free software; you can redistribute it and/or modify it + * under the terms and conditions of the GNU General Public License, + * version 2, as published by the Free Software Foundation. + * + * This program is distributed in the hope it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along with + * this program; if not, write to the Free Software Foundation, Inc., 59 Temple + * Place - Suite 330, Boston, MA 02111-1307 USA. + */ +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include + +#include "private.h" + +#include +#include + +/* EPT always use 4-level paging structure */ +#define GUEST_PAGING_LEVELS 4 +#include + +/* Must reserved bits in all level entries */ +#define EPT_MUST_RSV_BITS (((1ull << PADDR_BITS) - 1) & \ + ~((1ull << paddr_bits) - 1)) + +/* + *TODO: Just leave it as 0 here for compile pass, will + * define real capabilities in the subsequent patches. + */ +#define NEPT_VPID_CAP_BITS 0 + + +#define NEPT_1G_ENTRY_FLAG (1 << 11) +#define NEPT_2M_ENTRY_FLAG (1 << 10) +#define NEPT_4K_ENTRY_FLAG (1 << 9) + +bool_t nept_sp_entry(ept_entry_t e) +{ + return !!(e.sp); +} + +static bool_t nept_rsv_bits_check(ept_entry_t e, uint32_t level) +{ + uint64_t rsv_bits = EPT_MUST_RSV_BITS; + + switch ( level ) + { + case 1: + break; + case 2 ... 3: + if ( nept_sp_entry(e) ) + rsv_bits |= ((1ull << (9 * (level - 1))) - 1) << PAGE_SHIFT; + else + rsv_bits |= EPTE_EMT_MASK | EPTE_IGMT_MASK; + break; + case 4: + rsv_bits |= EPTE_EMT_MASK | EPTE_IGMT_MASK | EPTE_SUPER_PAGE_MASK; + break; + default: + gdprintk(XENLOG_ERR,"Unsupported EPT paging level: %d\n", level); + BUG(); + break; + } + return !!(e.epte & rsv_bits); +} + +/* EMT checking*/ +static bool_t nept_emt_bits_check(ept_entry_t e, uint32_t level) +{ + if ( e.sp || level == 1 ) + { + if ( e.emt == EPT_EMT_RSV0 || e.emt == EPT_EMT_RSV1 || + e.emt == EPT_EMT_RSV2 ) + return 1; + } + return 0; +} + +static bool_t nept_permission_check(uint32_t rwx_acc, uint32_t rwx_bits) +{ + return !(EPTE_RWX_MASK & rwx_acc & ~rwx_bits); +} + +/* nept's non-present check */ +static bool_t nept_non_present_check(ept_entry_t e) +{ + if ( e.epte & EPTE_RWX_MASK ) + return 0; + return 1; +} + +uint64_t nept_get_ept_vpid_cap(void) +{ + uint64_t caps = NEPT_VPID_CAP_BITS; + + if ( !cpu_has_vmx_ept_exec_only_supported ) + caps &= ~VMX_EPT_EXEC_ONLY_SUPPORTED; + return caps; +} + +static bool_t nept_rwx_bits_check(ept_entry_t e) +{ + /*write only or write/execute only*/ + uint8_t rwx_bits = e.epte & EPTE_RWX_MASK; + + if ( rwx_bits == ept_access_w || rwx_bits == ept_access_wx ) + return 1; + + if ( rwx_bits == ept_access_x && + !(nept_get_ept_vpid_cap() & VMX_EPT_EXEC_ONLY_SUPPORTED) ) + return 1; + + return 0; +} + +/* nept's misconfiguration check */ +static bool_t nept_misconfiguration_check(ept_entry_t e, uint32_t level) +{ + return nept_rsv_bits_check(e, level) || + nept_emt_bits_check(e, level) || + nept_rwx_bits_check(e); +} + +static int ept_lvl_table_offset(unsigned long gpa, int lvl) +{ + return (gpa >> (EPT_L4_PAGETABLE_SHIFT -(4 - lvl) * 9)) & + (EPT_PAGETABLE_ENTRIES - 1); +} + +static uint32_t +nept_walk_tables(struct vcpu *v, unsigned long l2ga, ept_walk_t *gw) +{ + int lvl; + p2m_type_t p2mt; + uint32_t rc = 0, ret = 0, gflags; + struct domain *d = v->domain; + struct p2m_domain *p2m = d->arch.p2m; + gfn_t base_gfn = _gfn(nhvm_vcpu_p2m_base(v) >> PAGE_SHIFT); + mfn_t lxmfn; + ept_entry_t *lxp = NULL; + + memset(gw, 0, sizeof(*gw)); + + for (lvl = 4; lvl > 0; lvl--) + { + lxp = map_domain_gfn(p2m, base_gfn, &lxmfn, &p2mt, P2M_ALLOC, &rc); + if ( !lxp ) + goto map_err; + gw->lxe[lvl] = lxp[ept_lvl_table_offset(l2ga, lvl)]; + unmap_domain_page(lxp); + put_page(mfn_to_page(mfn_x(lxmfn))); + + if ( nept_non_present_check(gw->lxe[lvl]) ) + goto non_present; + + if ( nept_misconfiguration_check(gw->lxe[lvl], lvl) ) + goto misconfig_err; + + if ( (lvl == 2 || lvl == 3) && nept_sp_entry(gw->lxe[lvl]) ) + { + /* Generate a fake l1 table entry so callers don't all + * have to understand superpages. */ + unsigned long gfn_lvl_mask = (1ull << ((lvl - 1) * 9)) - 1; + gfn_t start = _gfn(gw->lxe[lvl].mfn); + /* Increment the pfn by the right number of 4k pages. */ + start = _gfn((gfn_x(start) & ~gfn_lvl_mask) + + ((l2ga >> PAGE_SHIFT) & gfn_lvl_mask)); + gflags = (gw->lxe[lvl].epte & EPTE_FLAG_MASK) | + (lvl == 3 ? NEPT_1G_ENTRY_FLAG: NEPT_2M_ENTRY_FLAG); + gw->lxe[0].epte = (gfn_x(start) << PAGE_SHIFT) | gflags; + goto done; + } + if ( lvl > 1 ) + base_gfn = _gfn(gw->lxe[lvl].mfn); + } + + /* If this is not a super entry, we can reach here. */ + gflags = (gw->lxe[1].epte & EPTE_FLAG_MASK) | NEPT_4K_ENTRY_FLAG; + gw->lxe[0].epte = (gw->lxe[1].epte & PAGE_MASK) | gflags; + +done: + ret = EPT_TRANSLATE_SUCCEED; + goto out; + +map_err: + if ( rc == _PAGE_PAGED ) + { + ret = EPT_TRANSLATE_RETRY; + goto out; + } + /* fall through to misconfig error */ +misconfig_err: + ret = EPT_TRANSLATE_MISCONFIG; + goto out; + +non_present: + ret = EPT_TRANSLATE_VIOLATION; + /* fall through. */ +out: + return ret; +} + +/* Translate a L2 guest address to L1 gpa via L1 EPT paging structure */ + +int nept_translate_l2ga(struct vcpu *v, paddr_t l2ga, + unsigned int *page_order, uint32_t rwx_acc, + unsigned long *l1gfn, uint64_t *exit_qual, + uint32_t *exit_reason) +{ + uint32_t rc, rwx_bits = 0; + ept_walk_t gw; + rwx_acc &= EPTE_RWX_MASK; + + *l1gfn = INVALID_GFN; + + rc = nept_walk_tables(v, l2ga, &gw); + switch ( rc ) + { + case EPT_TRANSLATE_SUCCEED: + if ( likely(gw.lxe[0].epte & NEPT_2M_ENTRY_FLAG) ) + { + rwx_bits = gw.lxe[4].epte & gw.lxe[3].epte & gw.lxe[2].epte & + EPTE_RWX_MASK; + *page_order = 9; + } + else if ( gw.lxe[0].epte & NEPT_4K_ENTRY_FLAG ) + { + rwx_bits = gw.lxe[4].epte & gw.lxe[3].epte & gw.lxe[2].epte & + gw.lxe[1].epte & EPTE_RWX_MASK; + *page_order = 0; + } + else if ( gw.lxe[0].epte & NEPT_1G_ENTRY_FLAG ) + { + rwx_bits = gw.lxe[4].epte & gw.lxe[3].epte & EPTE_RWX_MASK; + *page_order = 18; + } + else + { + gdprintk(XENLOG_ERR, "Uncorrect l1 entry!\n"); + BUG(); + } + if ( nept_permission_check(rwx_acc, rwx_bits) ) + { + *l1gfn = gw.lxe[0].mfn; + break; + } + rc = EPT_TRANSLATE_VIOLATION; + /* Fall through to EPT violation if permission check fails. */ + case EPT_TRANSLATE_VIOLATION: + *exit_qual = (*exit_qual & 0xffffffc0) | (rwx_bits << 3) | rwx_acc; + *exit_reason = EXIT_REASON_EPT_VIOLATION; + break; + + case EPT_TRANSLATE_MISCONFIG: + rc = EPT_TRANSLATE_MISCONFIG; + *exit_qual = 0; + *exit_reason = EXIT_REASON_EPT_MISCONFIG; + break; + case EPT_TRANSLATE_RETRY: + break; + default: + gdprintk(XENLOG_ERR, "Unsupported ept translation type!:%d\n", rc); + BUG(); + break; + } + return rc; +} diff -r eaeef464f392 -r 289f47c01867 xen/arch/x86/mm/hap/nested_hap.c --- a/xen/arch/x86/mm/hap/nested_hap.c Tue Jan 15 11:11:37 2013 +0100 +++ b/xen/arch/x86/mm/hap/nested_hap.c Tue Jan 15 11:15:29 2013 +0100 @@ -218,7 +218,7 @@ nestedhvm_hap_nested_page_fault(struct v /* let caller to handle these two cases */ switch (rv) { case NESTEDHVM_PAGEFAULT_INJECT: - return rv; + case NESTEDHVM_PAGEFAULT_RETRY: case NESTEDHVM_PAGEFAULT_L1_ERROR: return rv; case NESTEDHVM_PAGEFAULT_DONE: diff -r eaeef464f392 -r 289f47c01867 xen/include/asm-x86/guest_pt.h --- a/xen/include/asm-x86/guest_pt.h Tue Jan 15 11:11:37 2013 +0100 +++ b/xen/include/asm-x86/guest_pt.h Tue Jan 15 11:15:29 2013 +0100 @@ -315,6 +315,10 @@ guest_walk_to_page_order(walk_t *gw) #define GPT_RENAME2(_n, _l) _n ## _ ## _l ## _levels #define GPT_RENAME(_n, _l) GPT_RENAME2(_n, _l) #define guest_walk_tables GPT_RENAME(guest_walk_tables, GUEST_PAGING_LEVELS) +#define map_domain_gfn GPT_RENAME(map_domain_gfn, GUEST_PAGING_LEVELS) + +void *map_domain_gfn(struct p2m_domain *p2m, gfn_t gfn, mfn_t *mfn, + p2m_type_t *p2mt, p2m_query_t q, uint32_t *rc); extern uint32_t guest_walk_tables(struct vcpu *v, struct p2m_domain *p2m, unsigned long va, diff -r eaeef464f392 -r 289f47c01867 xen/include/asm-x86/hvm/nestedhvm.h --- a/xen/include/asm-x86/hvm/nestedhvm.h Tue Jan 15 11:11:37 2013 +0100 +++ b/xen/include/asm-x86/hvm/nestedhvm.h Tue Jan 15 11:15:29 2013 +0100 @@ -52,6 +52,7 @@ bool_t nestedhvm_vcpu_in_guestmode(struc #define NESTEDHVM_PAGEFAULT_L1_ERROR 2 #define NESTEDHVM_PAGEFAULT_L0_ERROR 3 #define NESTEDHVM_PAGEFAULT_MMIO 4 +#define NESTEDHVM_PAGEFAULT_RETRY 5 int nestedhvm_hap_nested_page_fault(struct vcpu *v, paddr_t *L2_gpa, bool_t access_r, bool_t access_w, bool_t access_x); diff -r eaeef464f392 -r 289f47c01867 xen/include/asm-x86/hvm/vmx/vmcs.h --- a/xen/include/asm-x86/hvm/vmx/vmcs.h Tue Jan 15 11:11:37 2013 +0100 +++ b/xen/include/asm-x86/hvm/vmx/vmcs.h Tue Jan 15 11:15:29 2013 +0100 @@ -194,6 +194,7 @@ extern u32 vmx_secondary_exec_control; extern bool_t cpu_has_vmx_ins_outs_instr_info; +#define VMX_EPT_EXEC_ONLY_SUPPORTED 0x00000001 #define VMX_EPT_WALK_LENGTH_4_SUPPORTED 0x00000040 #define VMX_EPT_MEMORY_TYPE_UC 0x00000100 #define VMX_EPT_MEMORY_TYPE_WB 0x00004000 diff -r eaeef464f392 -r 289f47c01867 xen/include/asm-x86/hvm/vmx/vmx.h --- a/xen/include/asm-x86/hvm/vmx/vmx.h Tue Jan 15 11:11:37 2013 +0100 +++ b/xen/include/asm-x86/hvm/vmx/vmx.h Tue Jan 15 11:15:29 2013 +0100 @@ -51,6 +51,22 @@ typedef union { u64 epte; } ept_entry_t; +typedef struct { + /*use lxe[0] to save result */ + ept_entry_t lxe[5]; +} ept_walk_t; + +typedef enum { + ept_access_n = 0, /* No access permissions allowed */ + ept_access_r = 1, /* Read only */ + ept_access_w = 2, /* Write only */ + ept_access_rw = 3, /* Read & Write */ + ept_access_x = 4, /* Exec Only */ + ept_access_rx = 5, /* Read & Exec */ + ept_access_wx = 6, /* Write & Exec*/ + ept_access_all = 7, /* Full permissions */ +} ept_access_t; + #define EPT_TABLE_ORDER 9 #define EPTE_SUPER_PAGE_MASK 0x80 #define EPTE_MFN_MASK 0xffffffffff000ULL @@ -60,6 +76,17 @@ typedef union { #define EPTE_AVAIL1_SHIFT 8 #define EPTE_EMT_SHIFT 3 #define EPTE_IGMT_SHIFT 6 +#define EPTE_RWX_MASK 0x7 +#define EPTE_FLAG_MASK 0x7f + +#define EPT_EMT_UC 0 +#define EPT_EMT_WC 1 +#define EPT_EMT_RSV0 2 +#define EPT_EMT_RSV1 3 +#define EPT_EMT_WT 4 +#define EPT_EMT_WP 5 +#define EPT_EMT_WB 6 +#define EPT_EMT_RSV2 7 void vmx_asm_vmexit_handler(struct cpu_user_regs); void vmx_asm_do_vmentry(void); @@ -191,6 +218,9 @@ void vmx_update_secondary_exec_control(s extern u64 vmx_ept_vpid_cap; +#define cpu_has_vmx_ept_exec_only_supported \ + (vmx_ept_vpid_cap & VMX_EPT_EXEC_ONLY_SUPPORTED) + #define cpu_has_vmx_ept_wl4_supported \ (vmx_ept_vpid_cap & VMX_EPT_WALK_LENGTH_4_SUPPORTED) #define cpu_has_vmx_ept_mt_uc \ @@ -419,6 +449,7 @@ void update_guest_eip(void); #define _EPT_GLA_FAULT 8 #define EPT_GLA_FAULT (1UL<<_EPT_GLA_FAULT) +#define EPT_L4_PAGETABLE_SHIFT 39 #define EPT_PAGETABLE_ENTRIES 512 #endif /* __ASM_X86_HVM_VMX_VMX_H__ */ diff -r eaeef464f392 -r 289f47c01867 xen/include/asm-x86/hvm/vmx/vvmx.h --- a/xen/include/asm-x86/hvm/vmx/vvmx.h Tue Jan 15 11:11:37 2013 +0100 +++ b/xen/include/asm-x86/hvm/vmx/vvmx.h Tue Jan 15 11:15:29 2013 +0100 @@ -32,6 +32,10 @@ struct nestedvmx { unsigned long intr_info; u32 error_code; } intr; + struct { + uint32_t exit_reason; + uint32_t exit_qual; + } ept_exit; }; #define vcpu_2_nvmx(v) (vcpu_nestedhvm(v).u.nvmx) @@ -109,6 +113,11 @@ void nvmx_domain_relinquish_resources(st int nvmx_handle_vmxon(struct cpu_user_regs *regs); int nvmx_handle_vmxoff(struct cpu_user_regs *regs); +#define EPT_TRANSLATE_SUCCEED 0 +#define EPT_TRANSLATE_VIOLATION 1 +#define EPT_TRANSLATE_MISCONFIG 2 +#define EPT_TRANSLATE_RETRY 3 + int nvmx_hap_walk_L1_p2m(struct vcpu *v, paddr_t L2_gpa, paddr_t *L1_gpa, unsigned int *page_order, @@ -192,5 +201,9 @@ u64 nvmx_get_tsc_offset(struct vcpu *v); int nvmx_n2_vmexit_handler(struct cpu_user_regs *regs, unsigned int exit_reason); +int nept_translate_l2ga(struct vcpu *v, paddr_t l2ga, + unsigned int *page_order, uint32_t rwx_acc, + unsigned long *l1gfn, uint64_t *exit_qual, + uint32_t *exit_reason); #endif /* __ASM_X86_HVM_VVMX_H__ */ _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:59 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:59 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGx-0008A7-0R; Wed, 16 Jan 2013 08:22:59 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGu-00087O-OD for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:57 +0000 Received: from [193.109.254.147:2837] by server-11.bemta-14.messagelabs.com id 30/4C-02659-06366F05; Wed, 16 Jan 2013 08:22:56 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-13.tower-27.messagelabs.com!1358324549!8988238!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_DONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 25748 invoked from network); 16 Jan 2013 08:22:30 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-13.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:30 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGT-0003t4-8s for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:29 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGT-0000gs-7d for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:29 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:28 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] nested_ept: Implement guest ept's walker X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Zhang Xiantao # Date 1358244929 -3600 # Node ID 289f47c01867013f4f6d0f9b65f7cb532bb60938 # Parent eaeef464f3920c7ebd68a4d30813eee2763df70c nested_ept: Implement guest ept's walker Implment guest EPT PT walker, some logic is based on shadow's ia32e PT walker. During the PT walking, if the target pages are not in memory, use RETRY mechanism and get a chance to let the target page back. Signed-off-by: Zhang Xiantao Acked-by: Tim Deegan Acked-by: Jun Nakajima Acked-by: Eddie Dong Committed-by: Jan Beulich --- diff -r eaeef464f392 -r 289f47c01867 xen/arch/x86/hvm/hvm.c --- a/xen/arch/x86/hvm/hvm.c Tue Jan 15 11:11:37 2013 +0100 +++ b/xen/arch/x86/hvm/hvm.c Tue Jan 15 11:15:29 2013 +0100 @@ -1326,6 +1326,7 @@ int hvm_hap_nested_page_fault(paddr_t gp access_r, access_w, access_x); switch (rv) { case NESTEDHVM_PAGEFAULT_DONE: + case NESTEDHVM_PAGEFAULT_RETRY: return 1; case NESTEDHVM_PAGEFAULT_L1_ERROR: /* An error occured while translating gpa from diff -r eaeef464f392 -r 289f47c01867 xen/arch/x86/hvm/vmx/vvmx.c --- a/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 15 11:11:37 2013 +0100 +++ b/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 15 11:15:29 2013 +0100 @@ -943,9 +943,18 @@ static void sync_vvmcs_ro(struct vcpu *v { int i; struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v); + struct nestedvmx *nvmx = &vcpu_2_nvmx(v); + void *vvmcs = nvcpu->nv_vvmcx; for ( i = 0; i < ARRAY_SIZE(vmcs_ro_field); i++ ) shadow_to_vvmcs(nvcpu->nv_vvmcx, vmcs_ro_field[i]); + + /* Adjust exit_reason/exit_qualifciation for violation case */ + if ( __get_vvmcs(vvmcs, VM_EXIT_REASON) == EXIT_REASON_EPT_VIOLATION ) + { + __set_vvmcs(vvmcs, EXIT_QUALIFICATION, nvmx->ept_exit.exit_qual); + __set_vvmcs(vvmcs, VM_EXIT_REASON, nvmx->ept_exit.exit_reason); + } } static void load_vvmcs_host_state(struct vcpu *v) @@ -1493,8 +1502,37 @@ nvmx_hap_walk_L1_p2m(struct vcpu *v, pad unsigned int *page_order, bool_t access_r, bool_t access_w, bool_t access_x) { - /*TODO:*/ - return 0; + int rc; + unsigned long gfn; + uint64_t exit_qual = __vmread(EXIT_QUALIFICATION); + uint32_t exit_reason = EXIT_REASON_EPT_VIOLATION; + uint32_t rwx_rights = (access_x << 2) | (access_w << 1) | access_r; + struct nestedvmx *nvmx = &vcpu_2_nvmx(v); + + rc = nept_translate_l2ga(v, L2_gpa, page_order, rwx_rights, &gfn, + &exit_qual, &exit_reason); + switch ( rc ) + { + case EPT_TRANSLATE_SUCCEED: + *L1_gpa = (gfn << PAGE_SHIFT) + (L2_gpa & ~PAGE_MASK); + rc = NESTEDHVM_PAGEFAULT_DONE; + break; + case EPT_TRANSLATE_VIOLATION: + case EPT_TRANSLATE_MISCONFIG: + rc = NESTEDHVM_PAGEFAULT_INJECT; + nvmx->ept_exit.exit_reason = exit_reason; + nvmx->ept_exit.exit_qual = exit_qual; + break; + case EPT_TRANSLATE_RETRY: + rc = NESTEDHVM_PAGEFAULT_RETRY; + break; + default: + gdprintk(XENLOG_ERR, "GUEST EPT translation error!:%d\n", rc); + BUG(); + break; + } + + return rc; } void nvmx_idtv_handling(void) diff -r eaeef464f392 -r 289f47c01867 xen/arch/x86/mm/guest_walk.c --- a/xen/arch/x86/mm/guest_walk.c Tue Jan 15 11:11:37 2013 +0100 +++ b/xen/arch/x86/mm/guest_walk.c Tue Jan 15 11:15:29 2013 +0100 @@ -88,18 +88,15 @@ static uint32_t set_ad_bits(void *guest_ /* If the map is non-NULL, we leave this function having * acquired an extra ref on mfn_to_page(*mfn) */ -static inline void *map_domain_gfn(struct p2m_domain *p2m, - gfn_t gfn, - mfn_t *mfn, - p2m_type_t *p2mt, - uint32_t *rc) +void *map_domain_gfn(struct p2m_domain *p2m, gfn_t gfn, mfn_t *mfn, + p2m_type_t *p2mt, p2m_query_t q, uint32_t *rc) { struct page_info *page; void *map; /* Translate the gfn, unsharing if shared */ page = get_page_from_gfn_p2m(p2m->domain, p2m, gfn_x(gfn), p2mt, NULL, - P2M_ALLOC | P2M_UNSHARE); + q); if ( p2m_is_paging(*p2mt) ) { ASSERT(!p2m_is_nestedp2m(p2m)); @@ -149,6 +146,7 @@ guest_walk_tables(struct vcpu *v, struct uint32_t gflags, mflags, iflags, rc = 0; int smep; bool_t pse1G = 0, pse2M = 0; + p2m_query_t qt = P2M_ALLOC | P2M_UNSHARE; perfc_incr(guest_walk); memset(gw, 0, sizeof(*gw)); @@ -188,7 +186,8 @@ guest_walk_tables(struct vcpu *v, struct l3p = map_domain_gfn(p2m, guest_l4e_get_gfn(gw->l4e), &gw->l3mfn, - &p2mt, + &p2mt, + qt, &rc); if(l3p == NULL) goto out; @@ -249,6 +248,7 @@ guest_walk_tables(struct vcpu *v, struct guest_l3e_get_gfn(gw->l3e), &gw->l2mfn, &p2mt, + qt, &rc); if(l2p == NULL) goto out; @@ -322,6 +322,7 @@ guest_walk_tables(struct vcpu *v, struct guest_l2e_get_gfn(gw->l2e), &gw->l1mfn, &p2mt, + qt, &rc); if(l1p == NULL) goto out; diff -r eaeef464f392 -r 289f47c01867 xen/arch/x86/mm/hap/Makefile --- a/xen/arch/x86/mm/hap/Makefile Tue Jan 15 11:11:37 2013 +0100 +++ b/xen/arch/x86/mm/hap/Makefile Tue Jan 15 11:15:29 2013 +0100 @@ -3,6 +3,7 @@ obj-y += guest_walk_2level.o obj-y += guest_walk_3level.o obj-$(x86_64) += guest_walk_4level.o obj-y += nested_hap.o +obj-y += nested_ept.o guest_walk_%level.o: guest_walk.c Makefile $(CC) $(CFLAGS) -DGUEST_PAGING_LEVELS=$* -c $< -o $@ diff -r eaeef464f392 -r 289f47c01867 xen/arch/x86/mm/hap/nested_ept.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/xen/arch/x86/mm/hap/nested_ept.c Tue Jan 15 11:15:29 2013 +0100 @@ -0,0 +1,287 @@ +/* + * nested_ept.c: Handling virtulized EPT for guest in nested case. + * + * Copyright (c) 2012, Intel Corporation + * Xiantao Zhang + * + * This program is free software; you can redistribute it and/or modify it + * under the terms and conditions of the GNU General Public License, + * version 2, as published by the Free Software Foundation. + * + * This program is distributed in the hope it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along with + * this program; if not, write to the Free Software Foundation, Inc., 59 Temple + * Place - Suite 330, Boston, MA 02111-1307 USA. + */ +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include + +#include "private.h" + +#include +#include + +/* EPT always use 4-level paging structure */ +#define GUEST_PAGING_LEVELS 4 +#include + +/* Must reserved bits in all level entries */ +#define EPT_MUST_RSV_BITS (((1ull << PADDR_BITS) - 1) & \ + ~((1ull << paddr_bits) - 1)) + +/* + *TODO: Just leave it as 0 here for compile pass, will + * define real capabilities in the subsequent patches. + */ +#define NEPT_VPID_CAP_BITS 0 + + +#define NEPT_1G_ENTRY_FLAG (1 << 11) +#define NEPT_2M_ENTRY_FLAG (1 << 10) +#define NEPT_4K_ENTRY_FLAG (1 << 9) + +bool_t nept_sp_entry(ept_entry_t e) +{ + return !!(e.sp); +} + +static bool_t nept_rsv_bits_check(ept_entry_t e, uint32_t level) +{ + uint64_t rsv_bits = EPT_MUST_RSV_BITS; + + switch ( level ) + { + case 1: + break; + case 2 ... 3: + if ( nept_sp_entry(e) ) + rsv_bits |= ((1ull << (9 * (level - 1))) - 1) << PAGE_SHIFT; + else + rsv_bits |= EPTE_EMT_MASK | EPTE_IGMT_MASK; + break; + case 4: + rsv_bits |= EPTE_EMT_MASK | EPTE_IGMT_MASK | EPTE_SUPER_PAGE_MASK; + break; + default: + gdprintk(XENLOG_ERR,"Unsupported EPT paging level: %d\n", level); + BUG(); + break; + } + return !!(e.epte & rsv_bits); +} + +/* EMT checking*/ +static bool_t nept_emt_bits_check(ept_entry_t e, uint32_t level) +{ + if ( e.sp || level == 1 ) + { + if ( e.emt == EPT_EMT_RSV0 || e.emt == EPT_EMT_RSV1 || + e.emt == EPT_EMT_RSV2 ) + return 1; + } + return 0; +} + +static bool_t nept_permission_check(uint32_t rwx_acc, uint32_t rwx_bits) +{ + return !(EPTE_RWX_MASK & rwx_acc & ~rwx_bits); +} + +/* nept's non-present check */ +static bool_t nept_non_present_check(ept_entry_t e) +{ + if ( e.epte & EPTE_RWX_MASK ) + return 0; + return 1; +} + +uint64_t nept_get_ept_vpid_cap(void) +{ + uint64_t caps = NEPT_VPID_CAP_BITS; + + if ( !cpu_has_vmx_ept_exec_only_supported ) + caps &= ~VMX_EPT_EXEC_ONLY_SUPPORTED; + return caps; +} + +static bool_t nept_rwx_bits_check(ept_entry_t e) +{ + /*write only or write/execute only*/ + uint8_t rwx_bits = e.epte & EPTE_RWX_MASK; + + if ( rwx_bits == ept_access_w || rwx_bits == ept_access_wx ) + return 1; + + if ( rwx_bits == ept_access_x && + !(nept_get_ept_vpid_cap() & VMX_EPT_EXEC_ONLY_SUPPORTED) ) + return 1; + + return 0; +} + +/* nept's misconfiguration check */ +static bool_t nept_misconfiguration_check(ept_entry_t e, uint32_t level) +{ + return nept_rsv_bits_check(e, level) || + nept_emt_bits_check(e, level) || + nept_rwx_bits_check(e); +} + +static int ept_lvl_table_offset(unsigned long gpa, int lvl) +{ + return (gpa >> (EPT_L4_PAGETABLE_SHIFT -(4 - lvl) * 9)) & + (EPT_PAGETABLE_ENTRIES - 1); +} + +static uint32_t +nept_walk_tables(struct vcpu *v, unsigned long l2ga, ept_walk_t *gw) +{ + int lvl; + p2m_type_t p2mt; + uint32_t rc = 0, ret = 0, gflags; + struct domain *d = v->domain; + struct p2m_domain *p2m = d->arch.p2m; + gfn_t base_gfn = _gfn(nhvm_vcpu_p2m_base(v) >> PAGE_SHIFT); + mfn_t lxmfn; + ept_entry_t *lxp = NULL; + + memset(gw, 0, sizeof(*gw)); + + for (lvl = 4; lvl > 0; lvl--) + { + lxp = map_domain_gfn(p2m, base_gfn, &lxmfn, &p2mt, P2M_ALLOC, &rc); + if ( !lxp ) + goto map_err; + gw->lxe[lvl] = lxp[ept_lvl_table_offset(l2ga, lvl)]; + unmap_domain_page(lxp); + put_page(mfn_to_page(mfn_x(lxmfn))); + + if ( nept_non_present_check(gw->lxe[lvl]) ) + goto non_present; + + if ( nept_misconfiguration_check(gw->lxe[lvl], lvl) ) + goto misconfig_err; + + if ( (lvl == 2 || lvl == 3) && nept_sp_entry(gw->lxe[lvl]) ) + { + /* Generate a fake l1 table entry so callers don't all + * have to understand superpages. */ + unsigned long gfn_lvl_mask = (1ull << ((lvl - 1) * 9)) - 1; + gfn_t start = _gfn(gw->lxe[lvl].mfn); + /* Increment the pfn by the right number of 4k pages. */ + start = _gfn((gfn_x(start) & ~gfn_lvl_mask) + + ((l2ga >> PAGE_SHIFT) & gfn_lvl_mask)); + gflags = (gw->lxe[lvl].epte & EPTE_FLAG_MASK) | + (lvl == 3 ? NEPT_1G_ENTRY_FLAG: NEPT_2M_ENTRY_FLAG); + gw->lxe[0].epte = (gfn_x(start) << PAGE_SHIFT) | gflags; + goto done; + } + if ( lvl > 1 ) + base_gfn = _gfn(gw->lxe[lvl].mfn); + } + + /* If this is not a super entry, we can reach here. */ + gflags = (gw->lxe[1].epte & EPTE_FLAG_MASK) | NEPT_4K_ENTRY_FLAG; + gw->lxe[0].epte = (gw->lxe[1].epte & PAGE_MASK) | gflags; + +done: + ret = EPT_TRANSLATE_SUCCEED; + goto out; + +map_err: + if ( rc == _PAGE_PAGED ) + { + ret = EPT_TRANSLATE_RETRY; + goto out; + } + /* fall through to misconfig error */ +misconfig_err: + ret = EPT_TRANSLATE_MISCONFIG; + goto out; + +non_present: + ret = EPT_TRANSLATE_VIOLATION; + /* fall through. */ +out: + return ret; +} + +/* Translate a L2 guest address to L1 gpa via L1 EPT paging structure */ + +int nept_translate_l2ga(struct vcpu *v, paddr_t l2ga, + unsigned int *page_order, uint32_t rwx_acc, + unsigned long *l1gfn, uint64_t *exit_qual, + uint32_t *exit_reason) +{ + uint32_t rc, rwx_bits = 0; + ept_walk_t gw; + rwx_acc &= EPTE_RWX_MASK; + + *l1gfn = INVALID_GFN; + + rc = nept_walk_tables(v, l2ga, &gw); + switch ( rc ) + { + case EPT_TRANSLATE_SUCCEED: + if ( likely(gw.lxe[0].epte & NEPT_2M_ENTRY_FLAG) ) + { + rwx_bits = gw.lxe[4].epte & gw.lxe[3].epte & gw.lxe[2].epte & + EPTE_RWX_MASK; + *page_order = 9; + } + else if ( gw.lxe[0].epte & NEPT_4K_ENTRY_FLAG ) + { + rwx_bits = gw.lxe[4].epte & gw.lxe[3].epte & gw.lxe[2].epte & + gw.lxe[1].epte & EPTE_RWX_MASK; + *page_order = 0; + } + else if ( gw.lxe[0].epte & NEPT_1G_ENTRY_FLAG ) + { + rwx_bits = gw.lxe[4].epte & gw.lxe[3].epte & EPTE_RWX_MASK; + *page_order = 18; + } + else + { + gdprintk(XENLOG_ERR, "Uncorrect l1 entry!\n"); + BUG(); + } + if ( nept_permission_check(rwx_acc, rwx_bits) ) + { + *l1gfn = gw.lxe[0].mfn; + break; + } + rc = EPT_TRANSLATE_VIOLATION; + /* Fall through to EPT violation if permission check fails. */ + case EPT_TRANSLATE_VIOLATION: + *exit_qual = (*exit_qual & 0xffffffc0) | (rwx_bits << 3) | rwx_acc; + *exit_reason = EXIT_REASON_EPT_VIOLATION; + break; + + case EPT_TRANSLATE_MISCONFIG: + rc = EPT_TRANSLATE_MISCONFIG; + *exit_qual = 0; + *exit_reason = EXIT_REASON_EPT_MISCONFIG; + break; + case EPT_TRANSLATE_RETRY: + break; + default: + gdprintk(XENLOG_ERR, "Unsupported ept translation type!:%d\n", rc); + BUG(); + break; + } + return rc; +} diff -r eaeef464f392 -r 289f47c01867 xen/arch/x86/mm/hap/nested_hap.c --- a/xen/arch/x86/mm/hap/nested_hap.c Tue Jan 15 11:11:37 2013 +0100 +++ b/xen/arch/x86/mm/hap/nested_hap.c Tue Jan 15 11:15:29 2013 +0100 @@ -218,7 +218,7 @@ nestedhvm_hap_nested_page_fault(struct v /* let caller to handle these two cases */ switch (rv) { case NESTEDHVM_PAGEFAULT_INJECT: - return rv; + case NESTEDHVM_PAGEFAULT_RETRY: case NESTEDHVM_PAGEFAULT_L1_ERROR: return rv; case NESTEDHVM_PAGEFAULT_DONE: diff -r eaeef464f392 -r 289f47c01867 xen/include/asm-x86/guest_pt.h --- a/xen/include/asm-x86/guest_pt.h Tue Jan 15 11:11:37 2013 +0100 +++ b/xen/include/asm-x86/guest_pt.h Tue Jan 15 11:15:29 2013 +0100 @@ -315,6 +315,10 @@ guest_walk_to_page_order(walk_t *gw) #define GPT_RENAME2(_n, _l) _n ## _ ## _l ## _levels #define GPT_RENAME(_n, _l) GPT_RENAME2(_n, _l) #define guest_walk_tables GPT_RENAME(guest_walk_tables, GUEST_PAGING_LEVELS) +#define map_domain_gfn GPT_RENAME(map_domain_gfn, GUEST_PAGING_LEVELS) + +void *map_domain_gfn(struct p2m_domain *p2m, gfn_t gfn, mfn_t *mfn, + p2m_type_t *p2mt, p2m_query_t q, uint32_t *rc); extern uint32_t guest_walk_tables(struct vcpu *v, struct p2m_domain *p2m, unsigned long va, diff -r eaeef464f392 -r 289f47c01867 xen/include/asm-x86/hvm/nestedhvm.h --- a/xen/include/asm-x86/hvm/nestedhvm.h Tue Jan 15 11:11:37 2013 +0100 +++ b/xen/include/asm-x86/hvm/nestedhvm.h Tue Jan 15 11:15:29 2013 +0100 @@ -52,6 +52,7 @@ bool_t nestedhvm_vcpu_in_guestmode(struc #define NESTEDHVM_PAGEFAULT_L1_ERROR 2 #define NESTEDHVM_PAGEFAULT_L0_ERROR 3 #define NESTEDHVM_PAGEFAULT_MMIO 4 +#define NESTEDHVM_PAGEFAULT_RETRY 5 int nestedhvm_hap_nested_page_fault(struct vcpu *v, paddr_t *L2_gpa, bool_t access_r, bool_t access_w, bool_t access_x); diff -r eaeef464f392 -r 289f47c01867 xen/include/asm-x86/hvm/vmx/vmcs.h --- a/xen/include/asm-x86/hvm/vmx/vmcs.h Tue Jan 15 11:11:37 2013 +0100 +++ b/xen/include/asm-x86/hvm/vmx/vmcs.h Tue Jan 15 11:15:29 2013 +0100 @@ -194,6 +194,7 @@ extern u32 vmx_secondary_exec_control; extern bool_t cpu_has_vmx_ins_outs_instr_info; +#define VMX_EPT_EXEC_ONLY_SUPPORTED 0x00000001 #define VMX_EPT_WALK_LENGTH_4_SUPPORTED 0x00000040 #define VMX_EPT_MEMORY_TYPE_UC 0x00000100 #define VMX_EPT_MEMORY_TYPE_WB 0x00004000 diff -r eaeef464f392 -r 289f47c01867 xen/include/asm-x86/hvm/vmx/vmx.h --- a/xen/include/asm-x86/hvm/vmx/vmx.h Tue Jan 15 11:11:37 2013 +0100 +++ b/xen/include/asm-x86/hvm/vmx/vmx.h Tue Jan 15 11:15:29 2013 +0100 @@ -51,6 +51,22 @@ typedef union { u64 epte; } ept_entry_t; +typedef struct { + /*use lxe[0] to save result */ + ept_entry_t lxe[5]; +} ept_walk_t; + +typedef enum { + ept_access_n = 0, /* No access permissions allowed */ + ept_access_r = 1, /* Read only */ + ept_access_w = 2, /* Write only */ + ept_access_rw = 3, /* Read & Write */ + ept_access_x = 4, /* Exec Only */ + ept_access_rx = 5, /* Read & Exec */ + ept_access_wx = 6, /* Write & Exec*/ + ept_access_all = 7, /* Full permissions */ +} ept_access_t; + #define EPT_TABLE_ORDER 9 #define EPTE_SUPER_PAGE_MASK 0x80 #define EPTE_MFN_MASK 0xffffffffff000ULL @@ -60,6 +76,17 @@ typedef union { #define EPTE_AVAIL1_SHIFT 8 #define EPTE_EMT_SHIFT 3 #define EPTE_IGMT_SHIFT 6 +#define EPTE_RWX_MASK 0x7 +#define EPTE_FLAG_MASK 0x7f + +#define EPT_EMT_UC 0 +#define EPT_EMT_WC 1 +#define EPT_EMT_RSV0 2 +#define EPT_EMT_RSV1 3 +#define EPT_EMT_WT 4 +#define EPT_EMT_WP 5 +#define EPT_EMT_WB 6 +#define EPT_EMT_RSV2 7 void vmx_asm_vmexit_handler(struct cpu_user_regs); void vmx_asm_do_vmentry(void); @@ -191,6 +218,9 @@ void vmx_update_secondary_exec_control(s extern u64 vmx_ept_vpid_cap; +#define cpu_has_vmx_ept_exec_only_supported \ + (vmx_ept_vpid_cap & VMX_EPT_EXEC_ONLY_SUPPORTED) + #define cpu_has_vmx_ept_wl4_supported \ (vmx_ept_vpid_cap & VMX_EPT_WALK_LENGTH_4_SUPPORTED) #define cpu_has_vmx_ept_mt_uc \ @@ -419,6 +449,7 @@ void update_guest_eip(void); #define _EPT_GLA_FAULT 8 #define EPT_GLA_FAULT (1UL<<_EPT_GLA_FAULT) +#define EPT_L4_PAGETABLE_SHIFT 39 #define EPT_PAGETABLE_ENTRIES 512 #endif /* __ASM_X86_HVM_VMX_VMX_H__ */ diff -r eaeef464f392 -r 289f47c01867 xen/include/asm-x86/hvm/vmx/vvmx.h --- a/xen/include/asm-x86/hvm/vmx/vvmx.h Tue Jan 15 11:11:37 2013 +0100 +++ b/xen/include/asm-x86/hvm/vmx/vvmx.h Tue Jan 15 11:15:29 2013 +0100 @@ -32,6 +32,10 @@ struct nestedvmx { unsigned long intr_info; u32 error_code; } intr; + struct { + uint32_t exit_reason; + uint32_t exit_qual; + } ept_exit; }; #define vcpu_2_nvmx(v) (vcpu_nestedhvm(v).u.nvmx) @@ -109,6 +113,11 @@ void nvmx_domain_relinquish_resources(st int nvmx_handle_vmxon(struct cpu_user_regs *regs); int nvmx_handle_vmxoff(struct cpu_user_regs *regs); +#define EPT_TRANSLATE_SUCCEED 0 +#define EPT_TRANSLATE_VIOLATION 1 +#define EPT_TRANSLATE_MISCONFIG 2 +#define EPT_TRANSLATE_RETRY 3 + int nvmx_hap_walk_L1_p2m(struct vcpu *v, paddr_t L2_gpa, paddr_t *L1_gpa, unsigned int *page_order, @@ -192,5 +201,9 @@ u64 nvmx_get_tsc_offset(struct vcpu *v); int nvmx_n2_vmexit_handler(struct cpu_user_regs *regs, unsigned int exit_reason); +int nept_translate_l2ga(struct vcpu *v, paddr_t l2ga, + unsigned int *page_order, uint32_t rwx_acc, + unsigned long *l1gfn, uint64_t *exit_qual, + uint32_t *exit_reason); #endif /* __ASM_X86_HVM_VVMX_H__ */ _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:59 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:59 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGx-0008AO-4Z; Wed, 16 Jan 2013 08:22:59 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGv-00087u-EJ for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:57 +0000 Received: from [85.158.137.99:58693] by server-11.bemta-3.messagelabs.com id A3/BE-01807-06366F05; Wed, 16 Jan 2013 08:22:56 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-12.tower-217.messagelabs.com!1358324550!14001987!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_DONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 5583 invoked from network); 16 Jan 2013 08:22:31 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-12.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:31 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGT-0003t7-RC for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:29 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGT-0000hB-Pb for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:29 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:29 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] EPT: Make ept data structure or operations neutral X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Zhang Xiantao # Date 1358245021 -3600 # Node ID 4056e5a3d8150303bf8d89bd64b789e3a72321a3 # Parent 289f47c01867013f4f6d0f9b65f7cb532bb60938 EPT: Make ept data structure or operations neutral Share the current EPT logic with nested EPT case, so make the related data structure or operations netural to comment EPT and nested EPT. Signed-off-by: Zhang Xiantao Acked-by: Tim Deegan Acked-by: Jun Nakajima Acked-by: Eddie Dong Committed-by: Jan Beulich --- diff -r 289f47c01867 -r 4056e5a3d815 xen/arch/x86/hvm/vmx/vmcs.c --- a/xen/arch/x86/hvm/vmx/vmcs.c Tue Jan 15 11:15:29 2013 +0100 +++ b/xen/arch/x86/hvm/vmx/vmcs.c Tue Jan 15 11:17:01 2013 +0100 @@ -942,7 +942,13 @@ static int construct_vmcs(struct vcpu *v } if ( paging_mode_hap(d) ) - __vmwrite(EPT_POINTER, d->arch.hvm_domain.vmx.ept_control.eptp); + { + struct p2m_domain *p2m = p2m_get_hostp2m(d); + struct ept_data *ept = &p2m->ept; + + ept->asr = pagetable_get_pfn(p2m_get_pagetable(p2m)); + __vmwrite(EPT_POINTER, ept_get_eptp(ept)); + } if ( cpu_has_vmx_pat && paging_mode_hap(d) ) { diff -r 289f47c01867 -r 4056e5a3d815 xen/arch/x86/hvm/vmx/vmx.c --- a/xen/arch/x86/hvm/vmx/vmx.c Tue Jan 15 11:15:29 2013 +0100 +++ b/xen/arch/x86/hvm/vmx/vmx.c Tue Jan 15 11:17:01 2013 +0100 @@ -74,38 +74,19 @@ static void vmx_fpu_dirty_intercept(void static int vmx_msr_read_intercept(unsigned int msr, uint64_t *msr_content); static int vmx_msr_write_intercept(unsigned int msr, uint64_t msr_content); static void vmx_invlpg_intercept(unsigned long vaddr); -static void __ept_sync_domain(void *info); static int vmx_domain_initialise(struct domain *d) { int rc; - /* Set the memory type used when accessing EPT paging structures. */ - d->arch.hvm_domain.vmx.ept_control.ept_mt = EPT_DEFAULT_MT; - - /* set EPT page-walk length, now it's actual walk length - 1, i.e. 3 */ - d->arch.hvm_domain.vmx.ept_control.ept_wl = 3; - - d->arch.hvm_domain.vmx.ept_control.asr = - pagetable_get_pfn(p2m_get_pagetable(p2m_get_hostp2m(d))); - - if ( !zalloc_cpumask_var(&d->arch.hvm_domain.vmx.ept_synced) ) - return -ENOMEM; - if ( (rc = vmx_alloc_vlapic_mapping(d)) != 0 ) - { - free_cpumask_var(d->arch.hvm_domain.vmx.ept_synced); return rc; - } return 0; } static void vmx_domain_destroy(struct domain *d) { - if ( paging_mode_hap(d) ) - on_each_cpu(__ept_sync_domain, d, 1); - free_cpumask_var(d->arch.hvm_domain.vmx.ept_synced); vmx_free_vlapic_mapping(d); } @@ -641,6 +622,7 @@ static void vmx_ctxt_switch_to(struct vc { struct domain *d = v->domain; unsigned long old_cr4 = read_cr4(), new_cr4 = mmu_cr4_features; + struct ept_data *ept_data = &p2m_get_hostp2m(d)->ept; /* HOST_CR4 in VMCS is always mmu_cr4_features. Sync CR4 now. */ if ( old_cr4 != new_cr4 ) @@ -650,10 +632,10 @@ static void vmx_ctxt_switch_to(struct vc { unsigned int cpu = smp_processor_id(); /* Test-and-test-and-set this CPU in the EPT-is-synced mask. */ - if ( !cpumask_test_cpu(cpu, d->arch.hvm_domain.vmx.ept_synced) && + if ( !cpumask_test_cpu(cpu, ept_get_synced_mask(ept_data)) && !cpumask_test_and_set_cpu(cpu, - d->arch.hvm_domain.vmx.ept_synced) ) - __invept(INVEPT_SINGLE_CONTEXT, ept_get_eptp(d), 0); + ept_get_synced_mask(ept_data)) ) + __invept(INVEPT_SINGLE_CONTEXT, ept_get_eptp(ept_data), 0); } vmx_restore_guest_msrs(v); @@ -1216,33 +1198,6 @@ static void vmx_update_guest_efer(struct (v->arch.hvm_vcpu.guest_efer & EFER_SCE)); } -static void __ept_sync_domain(void *info) -{ - struct domain *d = info; - __invept(INVEPT_SINGLE_CONTEXT, ept_get_eptp(d), 0); -} - -void ept_sync_domain(struct domain *d) -{ - /* Only if using EPT and this domain has some VCPUs to dirty. */ - if ( !paging_mode_hap(d) || !d->vcpu || !d->vcpu[0] ) - return; - - ASSERT(local_irq_is_enabled()); - - /* - * Flush active cpus synchronously. Flush others the next time this domain - * is scheduled onto them. We accept the race of other CPUs adding to - * the ept_synced mask before on_selected_cpus() reads it, resulting in - * unnecessary extra flushes, to avoid allocating a cpumask_t on the stack. - */ - cpumask_and(d->arch.hvm_domain.vmx.ept_synced, - d->domain_dirty_cpumask, &cpu_online_map); - - on_selected_cpus(d->arch.hvm_domain.vmx.ept_synced, - __ept_sync_domain, d, 1); -} - void nvmx_enqueue_n2_exceptions(struct vcpu *v, unsigned long intr_fields, int error_code) { diff -r 289f47c01867 -r 4056e5a3d815 xen/arch/x86/mm/p2m-ept.c --- a/xen/arch/x86/mm/p2m-ept.c Tue Jan 15 11:15:29 2013 +0100 +++ b/xen/arch/x86/mm/p2m-ept.c Tue Jan 15 11:17:01 2013 +0100 @@ -291,9 +291,11 @@ ept_set_entry(struct p2m_domain *p2m, un int need_modify_vtd_table = 1; int vtd_pte_present = 0; int needs_sync = 1; + ept_entry_t old_entry = { .epte = 0 }; + struct ept_data *ept = &p2m->ept; struct domain *d = p2m->domain; - ept_entry_t old_entry = { .epte = 0 }; + ASSERT(ept); /* * the caller must make sure: * 1. passing valid gfn and mfn at order boundary. @@ -301,17 +303,17 @@ ept_set_entry(struct p2m_domain *p2m, un * 3. passing a valid order. */ if ( ((gfn | mfn_x(mfn)) & ((1UL << order) - 1)) || - ((u64)gfn >> ((ept_get_wl(d) + 1) * EPT_TABLE_ORDER)) || + ((u64)gfn >> ((ept_get_wl(ept) + 1) * EPT_TABLE_ORDER)) || (order % EPT_TABLE_ORDER) ) return 0; - ASSERT((target == 2 && hvm_hap_has_1gb(d)) || - (target == 1 && hvm_hap_has_2mb(d)) || + ASSERT((target == 2 && hvm_hap_has_1gb()) || + (target == 1 && hvm_hap_has_2mb()) || (target == 0)); - table = map_domain_page(ept_get_asr(d)); + table = map_domain_page(pagetable_get_pfn(p2m_get_pagetable(p2m))); - for ( i = ept_get_wl(d); i > target; i-- ) + for ( i = ept_get_wl(ept); i > target; i-- ) { ret = ept_next_level(p2m, 0, &table, &gfn_remainder, i); if ( !ret ) @@ -439,9 +441,11 @@ out: unmap_domain_page(table); if ( needs_sync ) - ept_sync_domain(p2m->domain); + ept_sync_domain(p2m); - if ( rv && iommu_enabled && need_iommu(p2m->domain) && need_modify_vtd_table ) + /* For non-nested p2m, may need to change VT-d page table.*/ + if ( rv && !p2m_is_nestedp2m(p2m) && iommu_enabled && + need_iommu(p2m->domain) && need_modify_vtd_table ) { if ( iommu_hap_pt_share ) iommu_pte_flush(d, gfn, (u64*)ept_entry, order, vtd_pte_present); @@ -488,14 +492,14 @@ static mfn_t ept_get_entry(struct p2m_do unsigned long gfn, p2m_type_t *t, p2m_access_t* a, p2m_query_t q, unsigned int *page_order) { - struct domain *d = p2m->domain; - ept_entry_t *table = map_domain_page(ept_get_asr(d)); + ept_entry_t *table = map_domain_page(pagetable_get_pfn(p2m_get_pagetable(p2m))); unsigned long gfn_remainder = gfn; ept_entry_t *ept_entry; u32 index; int i; int ret = 0; mfn_t mfn = _mfn(INVALID_MFN); + struct ept_data *ept = &p2m->ept; *t = p2m_mmio_dm; *a = p2m_access_n; @@ -506,7 +510,7 @@ static mfn_t ept_get_entry(struct p2m_do /* Should check if gfn obeys GAW here. */ - for ( i = ept_get_wl(d); i > 0; i-- ) + for ( i = ept_get_wl(ept); i > 0; i-- ) { retry: ret = ept_next_level(p2m, 1, &table, &gfn_remainder, i); @@ -588,19 +592,20 @@ out: static ept_entry_t ept_get_entry_content(struct p2m_domain *p2m, unsigned long gfn, int *level) { - ept_entry_t *table = map_domain_page(ept_get_asr(p2m->domain)); + ept_entry_t *table = map_domain_page(pagetable_get_pfn(p2m_get_pagetable(p2m))); unsigned long gfn_remainder = gfn; ept_entry_t *ept_entry; ept_entry_t content = { .epte = 0 }; u32 index; int i; int ret=0; + struct ept_data *ept = &p2m->ept; /* This pfn is higher than the highest the p2m map currently holds */ if ( gfn > p2m->max_mapped_pfn ) goto out; - for ( i = ept_get_wl(p2m->domain); i > 0; i-- ) + for ( i = ept_get_wl(ept); i > 0; i-- ) { ret = ept_next_level(p2m, 1, &table, &gfn_remainder, i); if ( !ret || ret == GUEST_TABLE_POD_PAGE ) @@ -622,7 +627,8 @@ static ept_entry_t ept_get_entry_content void ept_walk_table(struct domain *d, unsigned long gfn) { struct p2m_domain *p2m = p2m_get_hostp2m(d); - ept_entry_t *table = map_domain_page(ept_get_asr(d)); + struct ept_data *ept = &p2m->ept; + ept_entry_t *table = map_domain_page(pagetable_get_pfn(p2m_get_pagetable(p2m))); unsigned long gfn_remainder = gfn; int i; @@ -638,7 +644,7 @@ void ept_walk_table(struct domain *d, un goto out; } - for ( i = ept_get_wl(d); i >= 0; i-- ) + for ( i = ept_get_wl(ept); i >= 0; i-- ) { ept_entry_t *ept_entry, *next; u32 index; @@ -778,24 +784,76 @@ static void ept_change_entry_type_page(m static void ept_change_entry_type_global(struct p2m_domain *p2m, p2m_type_t ot, p2m_type_t nt) { - struct domain *d = p2m->domain; - if ( ept_get_asr(d) == 0 ) + struct ept_data *ept = &p2m->ept; + if ( ept_get_asr(ept) == 0 ) return; BUG_ON(p2m_is_grant(ot) || p2m_is_grant(nt)); BUG_ON(ot != nt && (ot == p2m_mmio_direct || nt == p2m_mmio_direct)); - ept_change_entry_type_page(_mfn(ept_get_asr(d)), ept_get_wl(d), ot, nt); + ept_change_entry_type_page(_mfn(ept_get_asr(ept)), + ept_get_wl(ept), ot, nt); - ept_sync_domain(d); + ept_sync_domain(p2m); } -void ept_p2m_init(struct p2m_domain *p2m) +static void __ept_sync_domain(void *info) { + struct ept_data *ept = &((struct p2m_domain *)info)->ept; + + __invept(INVEPT_SINGLE_CONTEXT, ept_get_eptp(ept), 0); +} + +void ept_sync_domain(struct p2m_domain *p2m) +{ + struct domain *d = p2m->domain; + struct ept_data *ept = &p2m->ept; + /* Only if using EPT and this domain has some VCPUs to dirty. */ + if ( !paging_mode_hap(d) || !d->vcpu || !d->vcpu[0] ) + return; + + ASSERT(local_irq_is_enabled()); + + /* + * Flush active cpus synchronously. Flush others the next time this domain + * is scheduled onto them. We accept the race of other CPUs adding to + * the ept_synced mask before on_selected_cpus() reads it, resulting in + * unnecessary extra flushes, to avoid allocating a cpumask_t on the stack. + */ + cpumask_and(ept_get_synced_mask(ept), + d->domain_dirty_cpumask, &cpu_online_map); + + on_selected_cpus(ept_get_synced_mask(ept), + __ept_sync_domain, p2m, 1); +} + +int ept_p2m_init(struct p2m_domain *p2m) +{ + struct ept_data *ept = &p2m->ept; + p2m->set_entry = ept_set_entry; p2m->get_entry = ept_get_entry; p2m->change_entry_type_global = ept_change_entry_type_global; p2m->audit_p2m = NULL; + + /* Set the memory type used when accessing EPT paging structures. */ + ept->ept_mt = EPT_DEFAULT_MT; + + /* set EPT page-walk length, now it's actual walk length - 1, i.e. 3 */ + ept->ept_wl = 3; + + if ( !zalloc_cpumask_var(&ept->synced_mask) ) + return -ENOMEM; + + on_each_cpu(__ept_sync_domain, p2m, 1); + + return 0; +} + +void ept_p2m_uninit(struct p2m_domain *p2m) +{ + struct ept_data *ept = &p2m->ept; + free_cpumask_var(ept->synced_mask); } static void ept_dump_p2m_table(unsigned char key) @@ -811,6 +869,7 @@ static void ept_dump_p2m_table(unsigned unsigned long gfn, gfn_remainder; unsigned long record_counter = 0; struct p2m_domain *p2m; + struct ept_data *ept; for_each_domain(d) { @@ -818,15 +877,16 @@ static void ept_dump_p2m_table(unsigned continue; p2m = p2m_get_hostp2m(d); + ept = &p2m->ept; printk("\ndomain%d EPT p2m table: \n", d->domain_id); for ( gfn = 0; gfn <= p2m->max_mapped_pfn; gfn += (1 << order) ) { gfn_remainder = gfn; mfn = _mfn(INVALID_MFN); - table = map_domain_page(ept_get_asr(d)); + table = map_domain_page(pagetable_get_pfn(p2m_get_pagetable(p2m))); - for ( i = ept_get_wl(d); i > 0; i-- ) + for ( i = ept_get_wl(ept); i > 0; i-- ) { ret = ept_next_level(p2m, 1, &table, &gfn_remainder, i); if ( ret != GUEST_TABLE_NORMAL_PAGE ) diff -r 289f47c01867 -r 4056e5a3d815 xen/arch/x86/mm/p2m.c --- a/xen/arch/x86/mm/p2m.c Tue Jan 15 11:15:29 2013 +0100 +++ b/xen/arch/x86/mm/p2m.c Tue Jan 15 11:17:01 2013 +0100 @@ -57,8 +57,10 @@ boolean_param("hap_2mb", opt_hap_2mb); /* Init the datastructures for later use by the p2m code */ -static void p2m_initialise(struct domain *d, struct p2m_domain *p2m) +static int p2m_initialise(struct domain *d, struct p2m_domain *p2m) { + int ret = 0; + mm_rwlock_init(&p2m->lock); mm_lock_init(&p2m->pod.lock); INIT_LIST_HEAD(&p2m->np2m_list); @@ -72,27 +74,82 @@ static void p2m_initialise(struct domain p2m->np2m_base = P2M_BASE_EADDR; if ( hap_enabled(d) && cpu_has_vmx ) - ept_p2m_init(p2m); + ret = ept_p2m_init(p2m); else p2m_pt_init(p2m); - return; + return ret; } -static int -p2m_init_nestedp2m(struct domain *d) +static struct p2m_domain *p2m_init_one(struct domain *d) +{ + struct p2m_domain *p2m = xzalloc(struct p2m_domain); + + if ( !p2m ) + return NULL; + + if ( !zalloc_cpumask_var(&p2m->dirty_cpumask) ) + goto free_p2m; + + if ( p2m_initialise(d, p2m) ) + goto free_cpumask; + return p2m; + +free_cpumask: + free_cpumask_var(p2m->dirty_cpumask); +free_p2m: + xfree(p2m); + return NULL; +} + +static void p2m_free_one(struct p2m_domain *p2m) +{ + if ( hap_enabled(p2m->domain) && cpu_has_vmx ) + ept_p2m_uninit(p2m); + free_cpumask_var(p2m->dirty_cpumask); + xfree(p2m); +} + +static int p2m_init_hostp2m(struct domain *d) +{ + struct p2m_domain *p2m = p2m_init_one(d); + + if ( p2m ) + { + d->arch.p2m = p2m; + return 0; + } + return -ENOMEM; +} + +static void p2m_teardown_hostp2m(struct domain *d) +{ + /* Iterate over all p2m tables per domain */ + struct p2m_domain *p2m = p2m_get_hostp2m(d); + + if ( p2m ) + { + p2m_free_one(p2m); + d->arch.p2m = NULL; + } +} + +static void p2m_teardown_nestedp2m(struct domain *d); + +static int p2m_init_nestedp2m(struct domain *d) { uint8_t i; struct p2m_domain *p2m; mm_lock_init(&d->arch.nested_p2m_lock); - for (i = 0; i < MAX_NESTEDP2M; i++) { - d->arch.nested_p2m[i] = p2m = xzalloc(struct p2m_domain); - if (p2m == NULL) + for (i = 0; i < MAX_NESTEDP2M; i++) + { + d->arch.nested_p2m[i] = p2m = p2m_init_one(d); + if ( p2m == NULL ) + { + p2m_teardown_nestedp2m(d); return -ENOMEM; - if ( !zalloc_cpumask_var(&p2m->dirty_cpumask) ) - return -ENOMEM; - p2m_initialise(d, p2m); + } p2m->write_p2m_entry = nestedp2m_write_p2m_entry; list_add(&p2m->np2m_list, &p2m_get_hostp2m(d)->np2m_list); } @@ -100,27 +157,37 @@ p2m_init_nestedp2m(struct domain *d) return 0; } +static void p2m_teardown_nestedp2m(struct domain *d) +{ + uint8_t i; + struct p2m_domain *p2m; + + for (i = 0; i < MAX_NESTEDP2M; i++) + { + if ( !d->arch.nested_p2m[i] ) + continue; + p2m = d->arch.nested_p2m[i]; + list_del(&p2m->np2m_list); + p2m_free_one(p2m); + d->arch.nested_p2m[i] = NULL; + } +} + int p2m_init(struct domain *d) { - struct p2m_domain *p2m; int rc; - p2m_get_hostp2m(d) = p2m = xzalloc(struct p2m_domain); - if ( p2m == NULL ) - return -ENOMEM; - if ( !zalloc_cpumask_var(&p2m->dirty_cpumask) ) - { - xfree(p2m); - return -ENOMEM; - } - p2m_initialise(d, p2m); + rc = p2m_init_hostp2m(d); + if ( rc ) + return rc; /* Must initialise nestedp2m unconditionally * since nestedhvm_enabled(d) returns false here. * (p2m_init runs too early for HVM_PARAM_* options) */ rc = p2m_init_nestedp2m(d); - if ( rc ) - p2m_final_teardown(d); + if ( rc ) + p2m_teardown_hostp2m(d); + return rc; } @@ -421,28 +488,12 @@ void p2m_teardown(struct p2m_domain *p2m p2m_unlock(p2m); } -static void p2m_teardown_nestedp2m(struct domain *d) -{ - uint8_t i; - - for (i = 0; i < MAX_NESTEDP2M; i++) { - if ( !d->arch.nested_p2m[i] ) - continue; - free_cpumask_var(d->arch.nested_p2m[i]->dirty_cpumask); - xfree(d->arch.nested_p2m[i]); - d->arch.nested_p2m[i] = NULL; - } -} - void p2m_final_teardown(struct domain *d) { /* Iterate over all p2m tables per domain */ - if ( d->arch.p2m ) - { - free_cpumask_var(d->arch.p2m->dirty_cpumask); - xfree(d->arch.p2m); - d->arch.p2m = NULL; - } + struct p2m_domain *p2m = p2m_get_hostp2m(d); + if ( p2m ) + p2m_teardown_hostp2m(d); /* We must teardown unconditionally because * we initialise them unconditionally. diff -r 289f47c01867 -r 4056e5a3d815 xen/include/asm-x86/hvm/vmx/vmcs.h --- a/xen/include/asm-x86/hvm/vmx/vmcs.h Tue Jan 15 11:15:29 2013 +0100 +++ b/xen/include/asm-x86/hvm/vmx/vmcs.h Tue Jan 15 11:17:01 2013 +0100 @@ -56,26 +56,27 @@ struct vmx_msr_state { #define EPT_DEFAULT_MT MTRR_TYPE_WRBACK -struct vmx_domain { - unsigned long apic_access_mfn; +struct ept_data { union { - struct { + struct { u64 ept_mt :3, ept_wl :3, rsvd :6, asr :52; }; u64 eptp; - } ept_control; - cpumask_var_t ept_synced; + }; + cpumask_var_t synced_mask; }; -#define ept_get_wl(d) \ - ((d)->arch.hvm_domain.vmx.ept_control.ept_wl) -#define ept_get_asr(d) \ - ((d)->arch.hvm_domain.vmx.ept_control.asr) -#define ept_get_eptp(d) \ - ((d)->arch.hvm_domain.vmx.ept_control.eptp) +struct vmx_domain { + unsigned long apic_access_mfn; +}; + +#define ept_get_wl(ept) ((ept)->ept_wl) +#define ept_get_asr(ept) ((ept)->asr) +#define ept_get_eptp(ept) ((ept)->eptp) +#define ept_get_synced_mask(ept) ((ept)->synced_mask) struct arch_vmx_struct { /* Virtual address of VMCS. */ diff -r 289f47c01867 -r 4056e5a3d815 xen/include/asm-x86/hvm/vmx/vmx.h --- a/xen/include/asm-x86/hvm/vmx/vmx.h Tue Jan 15 11:15:29 2013 +0100 +++ b/xen/include/asm-x86/hvm/vmx/vmx.h Tue Jan 15 11:17:01 2013 +0100 @@ -363,7 +363,7 @@ static inline void ept_sync_all(void) __invept(INVEPT_ALL_CONTEXT, 0, 0); } -void ept_sync_domain(struct domain *d); +void ept_sync_domain(struct p2m_domain *p2m); static inline void vpid_sync_vcpu_gva(struct vcpu *v, unsigned long gva) { @@ -425,12 +425,18 @@ void vmx_get_segment_register(struct vcp void vmx_inject_extint(int trap); void vmx_inject_nmi(void); -void ept_p2m_init(struct p2m_domain *p2m); +int ept_p2m_init(struct p2m_domain *p2m); +void ept_p2m_uninit(struct p2m_domain *p2m); + void ept_walk_table(struct domain *d, unsigned long gfn); void setup_ept_dump(void); void update_guest_eip(void); +int alloc_p2m_hap_data(struct p2m_domain *p2m); +void free_p2m_hap_data(struct p2m_domain *p2m); +void p2m_init_hap_data(struct p2m_domain *p2m); + /* EPT violation qualifications definitions */ #define _EPT_READ_VIOLATION 0 #define EPT_READ_VIOLATION (1UL<<_EPT_READ_VIOLATION) diff -r 289f47c01867 -r 4056e5a3d815 xen/include/asm-x86/p2m.h --- a/xen/include/asm-x86/p2m.h Tue Jan 15 11:15:29 2013 +0100 +++ b/xen/include/asm-x86/p2m.h Tue Jan 15 11:17:01 2013 +0100 @@ -277,6 +277,10 @@ struct p2m_domain { mm_lock_t lock; /* Locking of private pod structs, * * not relying on the p2m lock. */ } pod; + union { + struct ept_data ept; + /* NPT-equivalent structure could be added here. */ + }; }; /* get host p2m table */ _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:22:59 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:22:59 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGx-0008AO-4Z; Wed, 16 Jan 2013 08:22:59 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGv-00087u-EJ for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:57 +0000 Received: from [85.158.137.99:58693] by server-11.bemta-3.messagelabs.com id A3/BE-01807-06366F05; Wed, 16 Jan 2013 08:22:56 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-12.tower-217.messagelabs.com!1358324550!14001987!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_DONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 5583 invoked from network); 16 Jan 2013 08:22:31 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-12.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:31 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGT-0003t7-RC for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:29 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGT-0000hB-Pb for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:29 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:29 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] EPT: Make ept data structure or operations neutral X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Zhang Xiantao # Date 1358245021 -3600 # Node ID 4056e5a3d8150303bf8d89bd64b789e3a72321a3 # Parent 289f47c01867013f4f6d0f9b65f7cb532bb60938 EPT: Make ept data structure or operations neutral Share the current EPT logic with nested EPT case, so make the related data structure or operations netural to comment EPT and nested EPT. Signed-off-by: Zhang Xiantao Acked-by: Tim Deegan Acked-by: Jun Nakajima Acked-by: Eddie Dong Committed-by: Jan Beulich --- diff -r 289f47c01867 -r 4056e5a3d815 xen/arch/x86/hvm/vmx/vmcs.c --- a/xen/arch/x86/hvm/vmx/vmcs.c Tue Jan 15 11:15:29 2013 +0100 +++ b/xen/arch/x86/hvm/vmx/vmcs.c Tue Jan 15 11:17:01 2013 +0100 @@ -942,7 +942,13 @@ static int construct_vmcs(struct vcpu *v } if ( paging_mode_hap(d) ) - __vmwrite(EPT_POINTER, d->arch.hvm_domain.vmx.ept_control.eptp); + { + struct p2m_domain *p2m = p2m_get_hostp2m(d); + struct ept_data *ept = &p2m->ept; + + ept->asr = pagetable_get_pfn(p2m_get_pagetable(p2m)); + __vmwrite(EPT_POINTER, ept_get_eptp(ept)); + } if ( cpu_has_vmx_pat && paging_mode_hap(d) ) { diff -r 289f47c01867 -r 4056e5a3d815 xen/arch/x86/hvm/vmx/vmx.c --- a/xen/arch/x86/hvm/vmx/vmx.c Tue Jan 15 11:15:29 2013 +0100 +++ b/xen/arch/x86/hvm/vmx/vmx.c Tue Jan 15 11:17:01 2013 +0100 @@ -74,38 +74,19 @@ static void vmx_fpu_dirty_intercept(void static int vmx_msr_read_intercept(unsigned int msr, uint64_t *msr_content); static int vmx_msr_write_intercept(unsigned int msr, uint64_t msr_content); static void vmx_invlpg_intercept(unsigned long vaddr); -static void __ept_sync_domain(void *info); static int vmx_domain_initialise(struct domain *d) { int rc; - /* Set the memory type used when accessing EPT paging structures. */ - d->arch.hvm_domain.vmx.ept_control.ept_mt = EPT_DEFAULT_MT; - - /* set EPT page-walk length, now it's actual walk length - 1, i.e. 3 */ - d->arch.hvm_domain.vmx.ept_control.ept_wl = 3; - - d->arch.hvm_domain.vmx.ept_control.asr = - pagetable_get_pfn(p2m_get_pagetable(p2m_get_hostp2m(d))); - - if ( !zalloc_cpumask_var(&d->arch.hvm_domain.vmx.ept_synced) ) - return -ENOMEM; - if ( (rc = vmx_alloc_vlapic_mapping(d)) != 0 ) - { - free_cpumask_var(d->arch.hvm_domain.vmx.ept_synced); return rc; - } return 0; } static void vmx_domain_destroy(struct domain *d) { - if ( paging_mode_hap(d) ) - on_each_cpu(__ept_sync_domain, d, 1); - free_cpumask_var(d->arch.hvm_domain.vmx.ept_synced); vmx_free_vlapic_mapping(d); } @@ -641,6 +622,7 @@ static void vmx_ctxt_switch_to(struct vc { struct domain *d = v->domain; unsigned long old_cr4 = read_cr4(), new_cr4 = mmu_cr4_features; + struct ept_data *ept_data = &p2m_get_hostp2m(d)->ept; /* HOST_CR4 in VMCS is always mmu_cr4_features. Sync CR4 now. */ if ( old_cr4 != new_cr4 ) @@ -650,10 +632,10 @@ static void vmx_ctxt_switch_to(struct vc { unsigned int cpu = smp_processor_id(); /* Test-and-test-and-set this CPU in the EPT-is-synced mask. */ - if ( !cpumask_test_cpu(cpu, d->arch.hvm_domain.vmx.ept_synced) && + if ( !cpumask_test_cpu(cpu, ept_get_synced_mask(ept_data)) && !cpumask_test_and_set_cpu(cpu, - d->arch.hvm_domain.vmx.ept_synced) ) - __invept(INVEPT_SINGLE_CONTEXT, ept_get_eptp(d), 0); + ept_get_synced_mask(ept_data)) ) + __invept(INVEPT_SINGLE_CONTEXT, ept_get_eptp(ept_data), 0); } vmx_restore_guest_msrs(v); @@ -1216,33 +1198,6 @@ static void vmx_update_guest_efer(struct (v->arch.hvm_vcpu.guest_efer & EFER_SCE)); } -static void __ept_sync_domain(void *info) -{ - struct domain *d = info; - __invept(INVEPT_SINGLE_CONTEXT, ept_get_eptp(d), 0); -} - -void ept_sync_domain(struct domain *d) -{ - /* Only if using EPT and this domain has some VCPUs to dirty. */ - if ( !paging_mode_hap(d) || !d->vcpu || !d->vcpu[0] ) - return; - - ASSERT(local_irq_is_enabled()); - - /* - * Flush active cpus synchronously. Flush others the next time this domain - * is scheduled onto them. We accept the race of other CPUs adding to - * the ept_synced mask before on_selected_cpus() reads it, resulting in - * unnecessary extra flushes, to avoid allocating a cpumask_t on the stack. - */ - cpumask_and(d->arch.hvm_domain.vmx.ept_synced, - d->domain_dirty_cpumask, &cpu_online_map); - - on_selected_cpus(d->arch.hvm_domain.vmx.ept_synced, - __ept_sync_domain, d, 1); -} - void nvmx_enqueue_n2_exceptions(struct vcpu *v, unsigned long intr_fields, int error_code) { diff -r 289f47c01867 -r 4056e5a3d815 xen/arch/x86/mm/p2m-ept.c --- a/xen/arch/x86/mm/p2m-ept.c Tue Jan 15 11:15:29 2013 +0100 +++ b/xen/arch/x86/mm/p2m-ept.c Tue Jan 15 11:17:01 2013 +0100 @@ -291,9 +291,11 @@ ept_set_entry(struct p2m_domain *p2m, un int need_modify_vtd_table = 1; int vtd_pte_present = 0; int needs_sync = 1; + ept_entry_t old_entry = { .epte = 0 }; + struct ept_data *ept = &p2m->ept; struct domain *d = p2m->domain; - ept_entry_t old_entry = { .epte = 0 }; + ASSERT(ept); /* * the caller must make sure: * 1. passing valid gfn and mfn at order boundary. @@ -301,17 +303,17 @@ ept_set_entry(struct p2m_domain *p2m, un * 3. passing a valid order. */ if ( ((gfn | mfn_x(mfn)) & ((1UL << order) - 1)) || - ((u64)gfn >> ((ept_get_wl(d) + 1) * EPT_TABLE_ORDER)) || + ((u64)gfn >> ((ept_get_wl(ept) + 1) * EPT_TABLE_ORDER)) || (order % EPT_TABLE_ORDER) ) return 0; - ASSERT((target == 2 && hvm_hap_has_1gb(d)) || - (target == 1 && hvm_hap_has_2mb(d)) || + ASSERT((target == 2 && hvm_hap_has_1gb()) || + (target == 1 && hvm_hap_has_2mb()) || (target == 0)); - table = map_domain_page(ept_get_asr(d)); + table = map_domain_page(pagetable_get_pfn(p2m_get_pagetable(p2m))); - for ( i = ept_get_wl(d); i > target; i-- ) + for ( i = ept_get_wl(ept); i > target; i-- ) { ret = ept_next_level(p2m, 0, &table, &gfn_remainder, i); if ( !ret ) @@ -439,9 +441,11 @@ out: unmap_domain_page(table); if ( needs_sync ) - ept_sync_domain(p2m->domain); + ept_sync_domain(p2m); - if ( rv && iommu_enabled && need_iommu(p2m->domain) && need_modify_vtd_table ) + /* For non-nested p2m, may need to change VT-d page table.*/ + if ( rv && !p2m_is_nestedp2m(p2m) && iommu_enabled && + need_iommu(p2m->domain) && need_modify_vtd_table ) { if ( iommu_hap_pt_share ) iommu_pte_flush(d, gfn, (u64*)ept_entry, order, vtd_pte_present); @@ -488,14 +492,14 @@ static mfn_t ept_get_entry(struct p2m_do unsigned long gfn, p2m_type_t *t, p2m_access_t* a, p2m_query_t q, unsigned int *page_order) { - struct domain *d = p2m->domain; - ept_entry_t *table = map_domain_page(ept_get_asr(d)); + ept_entry_t *table = map_domain_page(pagetable_get_pfn(p2m_get_pagetable(p2m))); unsigned long gfn_remainder = gfn; ept_entry_t *ept_entry; u32 index; int i; int ret = 0; mfn_t mfn = _mfn(INVALID_MFN); + struct ept_data *ept = &p2m->ept; *t = p2m_mmio_dm; *a = p2m_access_n; @@ -506,7 +510,7 @@ static mfn_t ept_get_entry(struct p2m_do /* Should check if gfn obeys GAW here. */ - for ( i = ept_get_wl(d); i > 0; i-- ) + for ( i = ept_get_wl(ept); i > 0; i-- ) { retry: ret = ept_next_level(p2m, 1, &table, &gfn_remainder, i); @@ -588,19 +592,20 @@ out: static ept_entry_t ept_get_entry_content(struct p2m_domain *p2m, unsigned long gfn, int *level) { - ept_entry_t *table = map_domain_page(ept_get_asr(p2m->domain)); + ept_entry_t *table = map_domain_page(pagetable_get_pfn(p2m_get_pagetable(p2m))); unsigned long gfn_remainder = gfn; ept_entry_t *ept_entry; ept_entry_t content = { .epte = 0 }; u32 index; int i; int ret=0; + struct ept_data *ept = &p2m->ept; /* This pfn is higher than the highest the p2m map currently holds */ if ( gfn > p2m->max_mapped_pfn ) goto out; - for ( i = ept_get_wl(p2m->domain); i > 0; i-- ) + for ( i = ept_get_wl(ept); i > 0; i-- ) { ret = ept_next_level(p2m, 1, &table, &gfn_remainder, i); if ( !ret || ret == GUEST_TABLE_POD_PAGE ) @@ -622,7 +627,8 @@ static ept_entry_t ept_get_entry_content void ept_walk_table(struct domain *d, unsigned long gfn) { struct p2m_domain *p2m = p2m_get_hostp2m(d); - ept_entry_t *table = map_domain_page(ept_get_asr(d)); + struct ept_data *ept = &p2m->ept; + ept_entry_t *table = map_domain_page(pagetable_get_pfn(p2m_get_pagetable(p2m))); unsigned long gfn_remainder = gfn; int i; @@ -638,7 +644,7 @@ void ept_walk_table(struct domain *d, un goto out; } - for ( i = ept_get_wl(d); i >= 0; i-- ) + for ( i = ept_get_wl(ept); i >= 0; i-- ) { ept_entry_t *ept_entry, *next; u32 index; @@ -778,24 +784,76 @@ static void ept_change_entry_type_page(m static void ept_change_entry_type_global(struct p2m_domain *p2m, p2m_type_t ot, p2m_type_t nt) { - struct domain *d = p2m->domain; - if ( ept_get_asr(d) == 0 ) + struct ept_data *ept = &p2m->ept; + if ( ept_get_asr(ept) == 0 ) return; BUG_ON(p2m_is_grant(ot) || p2m_is_grant(nt)); BUG_ON(ot != nt && (ot == p2m_mmio_direct || nt == p2m_mmio_direct)); - ept_change_entry_type_page(_mfn(ept_get_asr(d)), ept_get_wl(d), ot, nt); + ept_change_entry_type_page(_mfn(ept_get_asr(ept)), + ept_get_wl(ept), ot, nt); - ept_sync_domain(d); + ept_sync_domain(p2m); } -void ept_p2m_init(struct p2m_domain *p2m) +static void __ept_sync_domain(void *info) { + struct ept_data *ept = &((struct p2m_domain *)info)->ept; + + __invept(INVEPT_SINGLE_CONTEXT, ept_get_eptp(ept), 0); +} + +void ept_sync_domain(struct p2m_domain *p2m) +{ + struct domain *d = p2m->domain; + struct ept_data *ept = &p2m->ept; + /* Only if using EPT and this domain has some VCPUs to dirty. */ + if ( !paging_mode_hap(d) || !d->vcpu || !d->vcpu[0] ) + return; + + ASSERT(local_irq_is_enabled()); + + /* + * Flush active cpus synchronously. Flush others the next time this domain + * is scheduled onto them. We accept the race of other CPUs adding to + * the ept_synced mask before on_selected_cpus() reads it, resulting in + * unnecessary extra flushes, to avoid allocating a cpumask_t on the stack. + */ + cpumask_and(ept_get_synced_mask(ept), + d->domain_dirty_cpumask, &cpu_online_map); + + on_selected_cpus(ept_get_synced_mask(ept), + __ept_sync_domain, p2m, 1); +} + +int ept_p2m_init(struct p2m_domain *p2m) +{ + struct ept_data *ept = &p2m->ept; + p2m->set_entry = ept_set_entry; p2m->get_entry = ept_get_entry; p2m->change_entry_type_global = ept_change_entry_type_global; p2m->audit_p2m = NULL; + + /* Set the memory type used when accessing EPT paging structures. */ + ept->ept_mt = EPT_DEFAULT_MT; + + /* set EPT page-walk length, now it's actual walk length - 1, i.e. 3 */ + ept->ept_wl = 3; + + if ( !zalloc_cpumask_var(&ept->synced_mask) ) + return -ENOMEM; + + on_each_cpu(__ept_sync_domain, p2m, 1); + + return 0; +} + +void ept_p2m_uninit(struct p2m_domain *p2m) +{ + struct ept_data *ept = &p2m->ept; + free_cpumask_var(ept->synced_mask); } static void ept_dump_p2m_table(unsigned char key) @@ -811,6 +869,7 @@ static void ept_dump_p2m_table(unsigned unsigned long gfn, gfn_remainder; unsigned long record_counter = 0; struct p2m_domain *p2m; + struct ept_data *ept; for_each_domain(d) { @@ -818,15 +877,16 @@ static void ept_dump_p2m_table(unsigned continue; p2m = p2m_get_hostp2m(d); + ept = &p2m->ept; printk("\ndomain%d EPT p2m table: \n", d->domain_id); for ( gfn = 0; gfn <= p2m->max_mapped_pfn; gfn += (1 << order) ) { gfn_remainder = gfn; mfn = _mfn(INVALID_MFN); - table = map_domain_page(ept_get_asr(d)); + table = map_domain_page(pagetable_get_pfn(p2m_get_pagetable(p2m))); - for ( i = ept_get_wl(d); i > 0; i-- ) + for ( i = ept_get_wl(ept); i > 0; i-- ) { ret = ept_next_level(p2m, 1, &table, &gfn_remainder, i); if ( ret != GUEST_TABLE_NORMAL_PAGE ) diff -r 289f47c01867 -r 4056e5a3d815 xen/arch/x86/mm/p2m.c --- a/xen/arch/x86/mm/p2m.c Tue Jan 15 11:15:29 2013 +0100 +++ b/xen/arch/x86/mm/p2m.c Tue Jan 15 11:17:01 2013 +0100 @@ -57,8 +57,10 @@ boolean_param("hap_2mb", opt_hap_2mb); /* Init the datastructures for later use by the p2m code */ -static void p2m_initialise(struct domain *d, struct p2m_domain *p2m) +static int p2m_initialise(struct domain *d, struct p2m_domain *p2m) { + int ret = 0; + mm_rwlock_init(&p2m->lock); mm_lock_init(&p2m->pod.lock); INIT_LIST_HEAD(&p2m->np2m_list); @@ -72,27 +74,82 @@ static void p2m_initialise(struct domain p2m->np2m_base = P2M_BASE_EADDR; if ( hap_enabled(d) && cpu_has_vmx ) - ept_p2m_init(p2m); + ret = ept_p2m_init(p2m); else p2m_pt_init(p2m); - return; + return ret; } -static int -p2m_init_nestedp2m(struct domain *d) +static struct p2m_domain *p2m_init_one(struct domain *d) +{ + struct p2m_domain *p2m = xzalloc(struct p2m_domain); + + if ( !p2m ) + return NULL; + + if ( !zalloc_cpumask_var(&p2m->dirty_cpumask) ) + goto free_p2m; + + if ( p2m_initialise(d, p2m) ) + goto free_cpumask; + return p2m; + +free_cpumask: + free_cpumask_var(p2m->dirty_cpumask); +free_p2m: + xfree(p2m); + return NULL; +} + +static void p2m_free_one(struct p2m_domain *p2m) +{ + if ( hap_enabled(p2m->domain) && cpu_has_vmx ) + ept_p2m_uninit(p2m); + free_cpumask_var(p2m->dirty_cpumask); + xfree(p2m); +} + +static int p2m_init_hostp2m(struct domain *d) +{ + struct p2m_domain *p2m = p2m_init_one(d); + + if ( p2m ) + { + d->arch.p2m = p2m; + return 0; + } + return -ENOMEM; +} + +static void p2m_teardown_hostp2m(struct domain *d) +{ + /* Iterate over all p2m tables per domain */ + struct p2m_domain *p2m = p2m_get_hostp2m(d); + + if ( p2m ) + { + p2m_free_one(p2m); + d->arch.p2m = NULL; + } +} + +static void p2m_teardown_nestedp2m(struct domain *d); + +static int p2m_init_nestedp2m(struct domain *d) { uint8_t i; struct p2m_domain *p2m; mm_lock_init(&d->arch.nested_p2m_lock); - for (i = 0; i < MAX_NESTEDP2M; i++) { - d->arch.nested_p2m[i] = p2m = xzalloc(struct p2m_domain); - if (p2m == NULL) + for (i = 0; i < MAX_NESTEDP2M; i++) + { + d->arch.nested_p2m[i] = p2m = p2m_init_one(d); + if ( p2m == NULL ) + { + p2m_teardown_nestedp2m(d); return -ENOMEM; - if ( !zalloc_cpumask_var(&p2m->dirty_cpumask) ) - return -ENOMEM; - p2m_initialise(d, p2m); + } p2m->write_p2m_entry = nestedp2m_write_p2m_entry; list_add(&p2m->np2m_list, &p2m_get_hostp2m(d)->np2m_list); } @@ -100,27 +157,37 @@ p2m_init_nestedp2m(struct domain *d) return 0; } +static void p2m_teardown_nestedp2m(struct domain *d) +{ + uint8_t i; + struct p2m_domain *p2m; + + for (i = 0; i < MAX_NESTEDP2M; i++) + { + if ( !d->arch.nested_p2m[i] ) + continue; + p2m = d->arch.nested_p2m[i]; + list_del(&p2m->np2m_list); + p2m_free_one(p2m); + d->arch.nested_p2m[i] = NULL; + } +} + int p2m_init(struct domain *d) { - struct p2m_domain *p2m; int rc; - p2m_get_hostp2m(d) = p2m = xzalloc(struct p2m_domain); - if ( p2m == NULL ) - return -ENOMEM; - if ( !zalloc_cpumask_var(&p2m->dirty_cpumask) ) - { - xfree(p2m); - return -ENOMEM; - } - p2m_initialise(d, p2m); + rc = p2m_init_hostp2m(d); + if ( rc ) + return rc; /* Must initialise nestedp2m unconditionally * since nestedhvm_enabled(d) returns false here. * (p2m_init runs too early for HVM_PARAM_* options) */ rc = p2m_init_nestedp2m(d); - if ( rc ) - p2m_final_teardown(d); + if ( rc ) + p2m_teardown_hostp2m(d); + return rc; } @@ -421,28 +488,12 @@ void p2m_teardown(struct p2m_domain *p2m p2m_unlock(p2m); } -static void p2m_teardown_nestedp2m(struct domain *d) -{ - uint8_t i; - - for (i = 0; i < MAX_NESTEDP2M; i++) { - if ( !d->arch.nested_p2m[i] ) - continue; - free_cpumask_var(d->arch.nested_p2m[i]->dirty_cpumask); - xfree(d->arch.nested_p2m[i]); - d->arch.nested_p2m[i] = NULL; - } -} - void p2m_final_teardown(struct domain *d) { /* Iterate over all p2m tables per domain */ - if ( d->arch.p2m ) - { - free_cpumask_var(d->arch.p2m->dirty_cpumask); - xfree(d->arch.p2m); - d->arch.p2m = NULL; - } + struct p2m_domain *p2m = p2m_get_hostp2m(d); + if ( p2m ) + p2m_teardown_hostp2m(d); /* We must teardown unconditionally because * we initialise them unconditionally. diff -r 289f47c01867 -r 4056e5a3d815 xen/include/asm-x86/hvm/vmx/vmcs.h --- a/xen/include/asm-x86/hvm/vmx/vmcs.h Tue Jan 15 11:15:29 2013 +0100 +++ b/xen/include/asm-x86/hvm/vmx/vmcs.h Tue Jan 15 11:17:01 2013 +0100 @@ -56,26 +56,27 @@ struct vmx_msr_state { #define EPT_DEFAULT_MT MTRR_TYPE_WRBACK -struct vmx_domain { - unsigned long apic_access_mfn; +struct ept_data { union { - struct { + struct { u64 ept_mt :3, ept_wl :3, rsvd :6, asr :52; }; u64 eptp; - } ept_control; - cpumask_var_t ept_synced; + }; + cpumask_var_t synced_mask; }; -#define ept_get_wl(d) \ - ((d)->arch.hvm_domain.vmx.ept_control.ept_wl) -#define ept_get_asr(d) \ - ((d)->arch.hvm_domain.vmx.ept_control.asr) -#define ept_get_eptp(d) \ - ((d)->arch.hvm_domain.vmx.ept_control.eptp) +struct vmx_domain { + unsigned long apic_access_mfn; +}; + +#define ept_get_wl(ept) ((ept)->ept_wl) +#define ept_get_asr(ept) ((ept)->asr) +#define ept_get_eptp(ept) ((ept)->eptp) +#define ept_get_synced_mask(ept) ((ept)->synced_mask) struct arch_vmx_struct { /* Virtual address of VMCS. */ diff -r 289f47c01867 -r 4056e5a3d815 xen/include/asm-x86/hvm/vmx/vmx.h --- a/xen/include/asm-x86/hvm/vmx/vmx.h Tue Jan 15 11:15:29 2013 +0100 +++ b/xen/include/asm-x86/hvm/vmx/vmx.h Tue Jan 15 11:17:01 2013 +0100 @@ -363,7 +363,7 @@ static inline void ept_sync_all(void) __invept(INVEPT_ALL_CONTEXT, 0, 0); } -void ept_sync_domain(struct domain *d); +void ept_sync_domain(struct p2m_domain *p2m); static inline void vpid_sync_vcpu_gva(struct vcpu *v, unsigned long gva) { @@ -425,12 +425,18 @@ void vmx_get_segment_register(struct vcp void vmx_inject_extint(int trap); void vmx_inject_nmi(void); -void ept_p2m_init(struct p2m_domain *p2m); +int ept_p2m_init(struct p2m_domain *p2m); +void ept_p2m_uninit(struct p2m_domain *p2m); + void ept_walk_table(struct domain *d, unsigned long gfn); void setup_ept_dump(void); void update_guest_eip(void); +int alloc_p2m_hap_data(struct p2m_domain *p2m); +void free_p2m_hap_data(struct p2m_domain *p2m); +void p2m_init_hap_data(struct p2m_domain *p2m); + /* EPT violation qualifications definitions */ #define _EPT_READ_VIOLATION 0 #define EPT_READ_VIOLATION (1UL<<_EPT_READ_VIOLATION) diff -r 289f47c01867 -r 4056e5a3d815 xen/include/asm-x86/p2m.h --- a/xen/include/asm-x86/p2m.h Tue Jan 15 11:15:29 2013 +0100 +++ b/xen/include/asm-x86/p2m.h Tue Jan 15 11:17:01 2013 +0100 @@ -277,6 +277,10 @@ struct p2m_domain { mm_lock_t lock; /* Locking of private pod structs, * * not relying on the p2m lock. */ } pod; + union { + struct ept_data ept; + /* NPT-equivalent structure could be added here. */ + }; }; /* get host p2m table */ _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:23:04 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:23:04 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOH2-0008Gk-DY; Wed, 16 Jan 2013 08:23:04 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOH0-0008EN-Bm for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:23:02 +0000 Received: from [193.109.254.147:3189] by server-10.bemta-14.messagelabs.com id DB/9F-13263-56366F05; Wed, 16 Jan 2013 08:23:01 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-13.tower-27.messagelabs.com!1358324546!8988228!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 25666 invoked from network); 16 Jan 2013 08:22:27 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-13.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:27 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGQ-0003sQ-3P for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:26 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGQ-0000fL-22 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:26 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:25 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] merge X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1358072452 0 # Node ID 5db9c4e12fbf1c1ae8d50d6e3676521c06b1183c # Parent 1e2195cb44102c255b3d27c543eea8286420177a # Parent 2347d59ea0cc1023ac0623a2b6fd39909312df88 merge --- diff -r 1e2195cb4410 -r 5db9c4e12fbf tools/console/daemon/io.c --- a/tools/console/daemon/io.c Fri Jan 11 17:30:56 2013 +0100 +++ b/tools/console/daemon/io.c Sun Jan 13 10:20:52 2013 +0000 @@ -28,7 +28,7 @@ #include #include #include -#include +#include #include #include #include @@ -66,12 +66,9 @@ extern int discard_overflowed_data; static int log_time_hv_needts = 1; static int log_time_guest_needts = 1; static int log_hv_fd = -1; - -static struct pollfd *fds; -static unsigned int current_array_size; -static unsigned int nr_fds; - -#define ROUNDUP(_x,_w) (((unsigned long)(_x)+(1UL<<(_w))-1) & ~((1UL<<(_w))-1)) +static evtchn_port_or_error_t log_hv_evtchn = -1; +static xc_interface *xch; /* why does xenconsoled have two xc handles ? */ +static xc_evtchn *xce_handle = NULL; struct buffer { char *data; @@ -84,9 +81,7 @@ struct buffer { struct domain { int domid; int master_fd; - struct pollfd *master_pollfd; int slave_fd; - struct pollfd *slave_pollfd; int log_fd; bool is_dead; unsigned last_seen; @@ -97,7 +92,6 @@ struct domain { evtchn_port_or_error_t local_port; evtchn_port_or_error_t remote_port; xc_evtchn *xce_handle; - struct pollfd *xce_pollfd; struct xencons_interface *interface; int event_count; long long next_period; @@ -775,17 +769,6 @@ static int ring_free_bytes(struct domain return (sizeof(intf->in) - space); } -static void domain_handle_broken_tty(struct domain *dom, int recreate) -{ - domain_close_tty(dom); - - if (recreate) { - domain_create_tty(dom); - } else { - shutdown_domain(dom); - } -} - static void handle_tty_read(struct domain *dom) { ssize_t len = 0; @@ -811,7 +794,13 @@ static void handle_tty_read(struct domai * keep the slave open for the duration. */ if (len < 0) { - domain_handle_broken_tty(dom, domain_is_valid(dom->domid)); + domain_close_tty(dom); + + if (domain_is_valid(dom->domid)) { + domain_create_tty(dom); + } else { + shutdown_domain(dom); + } } else if (domain_is_valid(dom->domid)) { prod = intf->in_prod; for (i = 0; i < len; i++) { @@ -839,7 +828,14 @@ static void handle_tty_write(struct doma if (len < 1) { dolog(LOG_DEBUG, "Write failed on domain %d: %zd, %d\n", dom->domid, len, errno); - domain_handle_broken_tty(dom, domain_is_valid(dom->domid)); + + domain_close_tty(dom); + + if (domain_is_valid(dom->domid)) { + domain_create_tty(dom); + } else { + shutdown_domain(dom); + } } else { buffer_advance(&dom->buffer, len); } @@ -887,7 +883,7 @@ static void handle_xs(void) free(vec); } -static void handle_hv_logs(xc_evtchn *xce_handle) +static void handle_hv_logs(void) { char buffer[1024*16]; char *bufptr = buffer; @@ -898,7 +894,7 @@ static void handle_hv_logs(xc_evtchn *xc if ((port = xc_evtchn_pending(xce_handle)) == -1) return; - if (xc_readconsolering(xc, bufptr, &size, 0, 1, &index) == 0 && size > 0) { + if (xc_readconsolering(xch, bufptr, &size, 0, 1, &index) == 0 && size > 0) { int logret; if (log_time_hv) logret = write_with_timestamp(log_hv_fd, buffer, size, @@ -932,54 +928,18 @@ static void handle_log_reload(void) } } -static struct pollfd *set_fds(int fd, short events) -{ - struct pollfd *ret; - if (current_array_size < nr_fds + 1) { - struct pollfd *new_fds = NULL; - unsigned long newsize; - - /* Round up to 2^8 boundary, in practice this just - * make newsize larger than current_array_size. - */ - newsize = ROUNDUP(nr_fds + 1, 8); - - new_fds = realloc(fds, sizeof(struct pollfd)*newsize); - if (!new_fds) - goto fail; - fds = new_fds; - - memset(&fds[0] + current_array_size, 0, - sizeof(struct pollfd) * (newsize-current_array_size)); - current_array_size = newsize; - } - - fds[nr_fds].fd = fd; - fds[nr_fds].events = events; - ret = &fds[nr_fds]; - nr_fds++; - - return ret; -fail: - dolog(LOG_ERR, "realloc failed, ignoring fd %d\n", fd); - return NULL; -} - -static void reset_fds(void) -{ - nr_fds = 0; - memset(fds, 0, sizeof(struct pollfd) * current_array_size); -} - void handle_io(void) { + fd_set readfds, writefds; int ret; - evtchn_port_or_error_t log_hv_evtchn = -1; - struct pollfd *xce_pollfd = NULL; - struct pollfd *xs_pollfd = NULL; - xc_evtchn *xce_handle = NULL; if (log_hv) { + xch = xc_interface_open(0,0,0); + if (!xch) { + dolog(LOG_ERR, "Failed to open xc handle: %d (%s)", + errno, strerror(errno)); + goto out; + } xce_handle = xc_evtchn_open(NULL, 0); if (xce_handle == NULL) { dolog(LOG_ERR, "Failed to open xce handle: %d (%s)", @@ -999,17 +959,21 @@ void handle_io(void) for (;;) { struct domain *d, *n; - int poll_timeout; /* timeout in milliseconds */ + int max_fd = -1; + struct timeval timeout; struct timespec ts; long long now, next_timeout = 0; - reset_fds(); + FD_ZERO(&readfds); + FD_ZERO(&writefds); - xs_pollfd = set_fds(xs_fileno(xs), POLLIN|POLLPRI); + FD_SET(xs_fileno(xs), &readfds); + max_fd = MAX(xs_fileno(xs), max_fd); - if (log_hv) - xce_pollfd = set_fds(xc_evtchn_fd(xce_handle), - POLLIN|POLLPRI); + if (log_hv) { + FD_SET(xc_evtchn_fd(xce_handle), &readfds); + max_fd = MAX(xc_evtchn_fd(xce_handle), max_fd); + } if (clock_gettime(CLOCK_MONOTONIC, &ts) < 0) return; @@ -1018,12 +982,10 @@ void handle_io(void) /* Re-calculate any event counter allowances & unblock domains with new allowance */ for (d = dom_head; d; d = d->next) { - /* CS 16257:955ee4fa1345 introduces a 5ms fuzz - * for select(), it is not clear poll() has - * similar behavior (returning a couple of ms - * sooner than requested) as well. Just leave - * the fuzz here. Remove it with a separate - * patch if necessary */ + /* Add 5ms of fuzz since select() often returns + a couple of ms sooner than requested. Without + the fuzz we typically do an extra spin in select() + with a 1/2 ms timeout every other iteration */ if ((now+5) > d->next_period) { d->next_period = now + RATE_LIMIT_PERIOD; if (d->event_count >= RATE_LIMIT_ALLOWANCE) { @@ -1044,101 +1006,75 @@ void handle_io(void) !d->buffer.max_capacity || d->buffer.size < d->buffer.max_capacity) { int evtchn_fd = xc_evtchn_fd(d->xce_handle); - d->xce_pollfd = set_fds(evtchn_fd, - POLLIN|POLLPRI); + FD_SET(evtchn_fd, &readfds); + max_fd = MAX(evtchn_fd, max_fd); } } if (d->master_fd != -1) { - short events = 0; if (!d->is_dead && ring_free_bytes(d)) - events |= POLLIN; + FD_SET(d->master_fd, &readfds); if (!buffer_empty(&d->buffer)) - events |= POLLOUT; - - if (events) - d->master_pollfd = - set_fds(d->master_fd, - events|POLLPRI); + FD_SET(d->master_fd, &writefds); + max_fd = MAX(d->master_fd, max_fd); } } /* If any domain has been rate limited, we need to work - out what timeout to supply to poll */ + out what timeout to supply to select */ if (next_timeout) { long long duration = (next_timeout - now); if (duration <= 0) /* sanity check */ duration = 1; - poll_timeout = (int)duration; + timeout.tv_sec = duration / 1000; + timeout.tv_usec = ((duration - (timeout.tv_sec * 1000)) + * 1000); } - ret = poll(fds, nr_fds, next_timeout ? poll_timeout : -1); + ret = select(max_fd + 1, &readfds, &writefds, 0, + next_timeout ? &timeout : NULL); if (log_reload) { handle_log_reload(); log_reload = 0; } - /* Abort if poll failed, except for EINTR cases + /* Abort if select failed, except for EINTR cases which indicate a possible log reload */ if (ret == -1) { if (errno == EINTR) continue; - dolog(LOG_ERR, "Failure in poll: %d (%s)", + dolog(LOG_ERR, "Failure in select: %d (%s)", errno, strerror(errno)); break; } - if (log_hv && xce_pollfd) { - if (xce_pollfd->revents & ~(POLLIN|POLLOUT|POLLPRI)) { - dolog(LOG_ERR, - "Failure in poll xce_handle: %d (%s)", - errno, strerror(errno)); - break; - } else if (xce_pollfd->revents & POLLIN) - handle_hv_logs(xce_handle); - } + if (log_hv && FD_ISSET(xc_evtchn_fd(xce_handle), &readfds)) + handle_hv_logs(); if (ret <= 0) continue; - if (xs_pollfd) { - if (xs_pollfd->revents & ~(POLLIN|POLLOUT|POLLPRI)) { - dolog(LOG_ERR, - "Failure in poll xs_handle: %d (%s)", - errno, strerror(errno)); - break; - } else if (xs_pollfd->revents & POLLIN) - handle_xs(); - } + if (FD_ISSET(xs_fileno(xs), &readfds)) + handle_xs(); for (d = dom_head; d; d = n) { n = d->next; if (d->event_count < RATE_LIMIT_ALLOWANCE) { if (d->xce_handle != NULL && - d->xce_pollfd && - !(d->xce_pollfd->revents & - ~(POLLIN|POLLOUT|POLLPRI)) && - (d->xce_pollfd->revents & - POLLIN)) - handle_ring_read(d); + FD_ISSET(xc_evtchn_fd(d->xce_handle), + &readfds)) + handle_ring_read(d); } - if (d->master_fd != -1 && d->master_pollfd) { - if (d->master_pollfd->revents & - ~(POLLIN|POLLOUT|POLLPRI)) - domain_handle_broken_tty(d, - domain_is_valid(d->domid)); - else { - if (d->master_pollfd->revents & - POLLIN) - handle_tty_read(d); - if (d->master_pollfd->revents & - POLLOUT) - handle_tty_write(d); - } - } + if (d->master_fd != -1 && FD_ISSET(d->master_fd, + &readfds)) + handle_tty_read(d); + + if (d->master_fd != -1 && FD_ISSET(d->master_fd, + &writefds)) + handle_tty_write(d); if (d->last_seen != enum_pass) shutdown_domain(d); @@ -1148,14 +1084,15 @@ void handle_io(void) } } - free(fds); - current_array_size = 0; - out: if (log_hv_fd != -1) { close(log_hv_fd); log_hv_fd = -1; } + if (xch) { + xc_interface_close(xch); + xch = 0; + } if (xce_handle != NULL) { xc_evtchn_close(xce_handle); xce_handle = NULL; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:23:04 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:23:04 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOH2-0008Gk-DY; Wed, 16 Jan 2013 08:23:04 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOH0-0008EN-Bm for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:23:02 +0000 Received: from [193.109.254.147:3189] by server-10.bemta-14.messagelabs.com id DB/9F-13263-56366F05; Wed, 16 Jan 2013 08:23:01 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-13.tower-27.messagelabs.com!1358324546!8988228!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 25666 invoked from network); 16 Jan 2013 08:22:27 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-13.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:27 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGQ-0003sQ-3P for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:26 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGQ-0000fL-22 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:26 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:25 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] merge X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1358072452 0 # Node ID 5db9c4e12fbf1c1ae8d50d6e3676521c06b1183c # Parent 1e2195cb44102c255b3d27c543eea8286420177a # Parent 2347d59ea0cc1023ac0623a2b6fd39909312df88 merge --- diff -r 1e2195cb4410 -r 5db9c4e12fbf tools/console/daemon/io.c --- a/tools/console/daemon/io.c Fri Jan 11 17:30:56 2013 +0100 +++ b/tools/console/daemon/io.c Sun Jan 13 10:20:52 2013 +0000 @@ -28,7 +28,7 @@ #include #include #include -#include +#include #include #include #include @@ -66,12 +66,9 @@ extern int discard_overflowed_data; static int log_time_hv_needts = 1; static int log_time_guest_needts = 1; static int log_hv_fd = -1; - -static struct pollfd *fds; -static unsigned int current_array_size; -static unsigned int nr_fds; - -#define ROUNDUP(_x,_w) (((unsigned long)(_x)+(1UL<<(_w))-1) & ~((1UL<<(_w))-1)) +static evtchn_port_or_error_t log_hv_evtchn = -1; +static xc_interface *xch; /* why does xenconsoled have two xc handles ? */ +static xc_evtchn *xce_handle = NULL; struct buffer { char *data; @@ -84,9 +81,7 @@ struct buffer { struct domain { int domid; int master_fd; - struct pollfd *master_pollfd; int slave_fd; - struct pollfd *slave_pollfd; int log_fd; bool is_dead; unsigned last_seen; @@ -97,7 +92,6 @@ struct domain { evtchn_port_or_error_t local_port; evtchn_port_or_error_t remote_port; xc_evtchn *xce_handle; - struct pollfd *xce_pollfd; struct xencons_interface *interface; int event_count; long long next_period; @@ -775,17 +769,6 @@ static int ring_free_bytes(struct domain return (sizeof(intf->in) - space); } -static void domain_handle_broken_tty(struct domain *dom, int recreate) -{ - domain_close_tty(dom); - - if (recreate) { - domain_create_tty(dom); - } else { - shutdown_domain(dom); - } -} - static void handle_tty_read(struct domain *dom) { ssize_t len = 0; @@ -811,7 +794,13 @@ static void handle_tty_read(struct domai * keep the slave open for the duration. */ if (len < 0) { - domain_handle_broken_tty(dom, domain_is_valid(dom->domid)); + domain_close_tty(dom); + + if (domain_is_valid(dom->domid)) { + domain_create_tty(dom); + } else { + shutdown_domain(dom); + } } else if (domain_is_valid(dom->domid)) { prod = intf->in_prod; for (i = 0; i < len; i++) { @@ -839,7 +828,14 @@ static void handle_tty_write(struct doma if (len < 1) { dolog(LOG_DEBUG, "Write failed on domain %d: %zd, %d\n", dom->domid, len, errno); - domain_handle_broken_tty(dom, domain_is_valid(dom->domid)); + + domain_close_tty(dom); + + if (domain_is_valid(dom->domid)) { + domain_create_tty(dom); + } else { + shutdown_domain(dom); + } } else { buffer_advance(&dom->buffer, len); } @@ -887,7 +883,7 @@ static void handle_xs(void) free(vec); } -static void handle_hv_logs(xc_evtchn *xce_handle) +static void handle_hv_logs(void) { char buffer[1024*16]; char *bufptr = buffer; @@ -898,7 +894,7 @@ static void handle_hv_logs(xc_evtchn *xc if ((port = xc_evtchn_pending(xce_handle)) == -1) return; - if (xc_readconsolering(xc, bufptr, &size, 0, 1, &index) == 0 && size > 0) { + if (xc_readconsolering(xch, bufptr, &size, 0, 1, &index) == 0 && size > 0) { int logret; if (log_time_hv) logret = write_with_timestamp(log_hv_fd, buffer, size, @@ -932,54 +928,18 @@ static void handle_log_reload(void) } } -static struct pollfd *set_fds(int fd, short events) -{ - struct pollfd *ret; - if (current_array_size < nr_fds + 1) { - struct pollfd *new_fds = NULL; - unsigned long newsize; - - /* Round up to 2^8 boundary, in practice this just - * make newsize larger than current_array_size. - */ - newsize = ROUNDUP(nr_fds + 1, 8); - - new_fds = realloc(fds, sizeof(struct pollfd)*newsize); - if (!new_fds) - goto fail; - fds = new_fds; - - memset(&fds[0] + current_array_size, 0, - sizeof(struct pollfd) * (newsize-current_array_size)); - current_array_size = newsize; - } - - fds[nr_fds].fd = fd; - fds[nr_fds].events = events; - ret = &fds[nr_fds]; - nr_fds++; - - return ret; -fail: - dolog(LOG_ERR, "realloc failed, ignoring fd %d\n", fd); - return NULL; -} - -static void reset_fds(void) -{ - nr_fds = 0; - memset(fds, 0, sizeof(struct pollfd) * current_array_size); -} - void handle_io(void) { + fd_set readfds, writefds; int ret; - evtchn_port_or_error_t log_hv_evtchn = -1; - struct pollfd *xce_pollfd = NULL; - struct pollfd *xs_pollfd = NULL; - xc_evtchn *xce_handle = NULL; if (log_hv) { + xch = xc_interface_open(0,0,0); + if (!xch) { + dolog(LOG_ERR, "Failed to open xc handle: %d (%s)", + errno, strerror(errno)); + goto out; + } xce_handle = xc_evtchn_open(NULL, 0); if (xce_handle == NULL) { dolog(LOG_ERR, "Failed to open xce handle: %d (%s)", @@ -999,17 +959,21 @@ void handle_io(void) for (;;) { struct domain *d, *n; - int poll_timeout; /* timeout in milliseconds */ + int max_fd = -1; + struct timeval timeout; struct timespec ts; long long now, next_timeout = 0; - reset_fds(); + FD_ZERO(&readfds); + FD_ZERO(&writefds); - xs_pollfd = set_fds(xs_fileno(xs), POLLIN|POLLPRI); + FD_SET(xs_fileno(xs), &readfds); + max_fd = MAX(xs_fileno(xs), max_fd); - if (log_hv) - xce_pollfd = set_fds(xc_evtchn_fd(xce_handle), - POLLIN|POLLPRI); + if (log_hv) { + FD_SET(xc_evtchn_fd(xce_handle), &readfds); + max_fd = MAX(xc_evtchn_fd(xce_handle), max_fd); + } if (clock_gettime(CLOCK_MONOTONIC, &ts) < 0) return; @@ -1018,12 +982,10 @@ void handle_io(void) /* Re-calculate any event counter allowances & unblock domains with new allowance */ for (d = dom_head; d; d = d->next) { - /* CS 16257:955ee4fa1345 introduces a 5ms fuzz - * for select(), it is not clear poll() has - * similar behavior (returning a couple of ms - * sooner than requested) as well. Just leave - * the fuzz here. Remove it with a separate - * patch if necessary */ + /* Add 5ms of fuzz since select() often returns + a couple of ms sooner than requested. Without + the fuzz we typically do an extra spin in select() + with a 1/2 ms timeout every other iteration */ if ((now+5) > d->next_period) { d->next_period = now + RATE_LIMIT_PERIOD; if (d->event_count >= RATE_LIMIT_ALLOWANCE) { @@ -1044,101 +1006,75 @@ void handle_io(void) !d->buffer.max_capacity || d->buffer.size < d->buffer.max_capacity) { int evtchn_fd = xc_evtchn_fd(d->xce_handle); - d->xce_pollfd = set_fds(evtchn_fd, - POLLIN|POLLPRI); + FD_SET(evtchn_fd, &readfds); + max_fd = MAX(evtchn_fd, max_fd); } } if (d->master_fd != -1) { - short events = 0; if (!d->is_dead && ring_free_bytes(d)) - events |= POLLIN; + FD_SET(d->master_fd, &readfds); if (!buffer_empty(&d->buffer)) - events |= POLLOUT; - - if (events) - d->master_pollfd = - set_fds(d->master_fd, - events|POLLPRI); + FD_SET(d->master_fd, &writefds); + max_fd = MAX(d->master_fd, max_fd); } } /* If any domain has been rate limited, we need to work - out what timeout to supply to poll */ + out what timeout to supply to select */ if (next_timeout) { long long duration = (next_timeout - now); if (duration <= 0) /* sanity check */ duration = 1; - poll_timeout = (int)duration; + timeout.tv_sec = duration / 1000; + timeout.tv_usec = ((duration - (timeout.tv_sec * 1000)) + * 1000); } - ret = poll(fds, nr_fds, next_timeout ? poll_timeout : -1); + ret = select(max_fd + 1, &readfds, &writefds, 0, + next_timeout ? &timeout : NULL); if (log_reload) { handle_log_reload(); log_reload = 0; } - /* Abort if poll failed, except for EINTR cases + /* Abort if select failed, except for EINTR cases which indicate a possible log reload */ if (ret == -1) { if (errno == EINTR) continue; - dolog(LOG_ERR, "Failure in poll: %d (%s)", + dolog(LOG_ERR, "Failure in select: %d (%s)", errno, strerror(errno)); break; } - if (log_hv && xce_pollfd) { - if (xce_pollfd->revents & ~(POLLIN|POLLOUT|POLLPRI)) { - dolog(LOG_ERR, - "Failure in poll xce_handle: %d (%s)", - errno, strerror(errno)); - break; - } else if (xce_pollfd->revents & POLLIN) - handle_hv_logs(xce_handle); - } + if (log_hv && FD_ISSET(xc_evtchn_fd(xce_handle), &readfds)) + handle_hv_logs(); if (ret <= 0) continue; - if (xs_pollfd) { - if (xs_pollfd->revents & ~(POLLIN|POLLOUT|POLLPRI)) { - dolog(LOG_ERR, - "Failure in poll xs_handle: %d (%s)", - errno, strerror(errno)); - break; - } else if (xs_pollfd->revents & POLLIN) - handle_xs(); - } + if (FD_ISSET(xs_fileno(xs), &readfds)) + handle_xs(); for (d = dom_head; d; d = n) { n = d->next; if (d->event_count < RATE_LIMIT_ALLOWANCE) { if (d->xce_handle != NULL && - d->xce_pollfd && - !(d->xce_pollfd->revents & - ~(POLLIN|POLLOUT|POLLPRI)) && - (d->xce_pollfd->revents & - POLLIN)) - handle_ring_read(d); + FD_ISSET(xc_evtchn_fd(d->xce_handle), + &readfds)) + handle_ring_read(d); } - if (d->master_fd != -1 && d->master_pollfd) { - if (d->master_pollfd->revents & - ~(POLLIN|POLLOUT|POLLPRI)) - domain_handle_broken_tty(d, - domain_is_valid(d->domid)); - else { - if (d->master_pollfd->revents & - POLLIN) - handle_tty_read(d); - if (d->master_pollfd->revents & - POLLOUT) - handle_tty_write(d); - } - } + if (d->master_fd != -1 && FD_ISSET(d->master_fd, + &readfds)) + handle_tty_read(d); + + if (d->master_fd != -1 && FD_ISSET(d->master_fd, + &writefds)) + handle_tty_write(d); if (d->last_seen != enum_pass) shutdown_domain(d); @@ -1148,14 +1084,15 @@ void handle_io(void) } } - free(fds); - current_array_size = 0; - out: if (log_hv_fd != -1) { close(log_hv_fd); log_hv_fd = -1; } + if (xch) { + xc_interface_close(xch); + xch = 0; + } if (xce_handle != NULL) { xc_evtchn_close(xce_handle); xce_handle = NULL; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:23:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:23:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOHM-0008WJ-J2; Wed, 16 Jan 2013 08:23:24 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOHL-0008Vg-St for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:23:24 +0000 Received: from [85.158.143.35:56140] by server-2.bemta-4.messagelabs.com id 8D/9D-24322-B7366F05; Wed, 16 Jan 2013 08:23:23 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-5.tower-21.messagelabs.com!1358324552!4635098!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_DONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 11504 invoked from network); 16 Jan 2013 08:22:33 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-5.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:33 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGW-0003tR-Di for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:32 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGW-0000iO-Cb for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:32 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:31 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] nVMX: virutalize VPID capability to nested VMM X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Zhang Xiantao # Date 1358245850 -3600 # Node ID 6c982d14bc4a5aa9dcc119ac49938269799d414e # Parent a16d3f55a3d583bc50ad1c7a79fef5eb75140a5a nVMX: virutalize VPID capability to nested VMM Virtualize VPID for the nested vmm, use host's VPID to emualte guest's VPID. For each virtual vmentry, if guest'v vpid is changed, allocate a new host VPID for L2 guest. Signed-off-by: Zhang Xiantao Acked-by: Tim Deegan Acked-by: Jun Nakajima Acked-by: Eddie Dong Committed-by: Jan Beulich --- diff -r a16d3f55a3d5 -r 6c982d14bc4a xen/arch/x86/hvm/vmx/vmx.c --- a/xen/arch/x86/hvm/vmx/vmx.c Tue Jan 15 11:29:41 2013 +0100 +++ b/xen/arch/x86/hvm/vmx/vmx.c Tue Jan 15 11:30:50 2013 +0100 @@ -2585,10 +2585,14 @@ void vmx_vmexit_handler(struct cpu_user_ update_guest_eip(); break; + case EXIT_REASON_INVVPID: + if ( nvmx_handle_invvpid(regs) == X86EMUL_OKAY ) + update_guest_eip(); + break; + case EXIT_REASON_MWAIT_INSTRUCTION: case EXIT_REASON_MONITOR_INSTRUCTION: case EXIT_REASON_GETSEC: - case EXIT_REASON_INVVPID: /* * We should never exit on GETSEC because CR4.SMXE is always 0 when * running in guest context, and the CPU checks that before getting @@ -2706,8 +2710,11 @@ void vmx_vmenter_helper(void) if ( !cpu_has_vmx_vpid ) goto out; - - p_asid = &curr->arch.hvm_vcpu.n1asid; + if ( nestedhvm_vcpu_in_guestmode(curr) ) + p_asid = &vcpu_nestedhvm(curr).nv_n2asid; + else + p_asid = &curr->arch.hvm_vcpu.n1asid; + old_asid = p_asid->asid; need_flush = hvm_asid_handle_vmenter(p_asid); new_asid = p_asid->asid; diff -r a16d3f55a3d5 -r 6c982d14bc4a xen/arch/x86/hvm/vmx/vvmx.c --- a/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 15 11:29:41 2013 +0100 +++ b/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 15 11:30:50 2013 +0100 @@ -42,6 +42,7 @@ int nvmx_vcpu_initialise(struct vcpu *v) goto out; } nvmx->ept.enabled = 0; + nvmx->guest_vpid = 0; nvmx->vmxon_region_pa = 0; nvcpu->nv_vvmcx = NULL; nvcpu->nv_vvmcxaddr = VMCX_EADDR; @@ -904,6 +905,16 @@ uint64_t get_shadow_eptp(struct vcpu *v) return ept_get_eptp(ept); } +static bool_t nvmx_vpid_enabled(struct nestedvcpu *nvcpu) +{ + uint32_t second_cntl; + + second_cntl = __get_vvmcs(nvcpu->nv_vvmcx, SECONDARY_VM_EXEC_CONTROL); + if ( second_cntl & SECONDARY_EXEC_ENABLE_VPID ) + return 1; + return 0; +} + static void virtual_vmentry(struct cpu_user_regs *regs) { struct vcpu *v = current; @@ -952,6 +963,19 @@ static void virtual_vmentry(struct cpu_u if ( nestedhvm_paging_mode_hap(v) ) __vmwrite(EPT_POINTER, get_shadow_eptp(v)); + /* nested VPID support! */ + if ( cpu_has_vmx_vpid && nvmx_vpid_enabled(nvcpu) ) + { + struct nestedvmx *nvmx = &vcpu_2_nvmx(v); + uint32_t new_vpid = __get_vvmcs(vvmcs, VIRTUAL_PROCESSOR_ID); + + if ( nvmx->guest_vpid != new_vpid ) + { + hvm_asid_flush_vcpu_asid(&vcpu_nestedhvm(v).nv_n2asid); + nvmx->guest_vpid = new_vpid; + } + } + } static void sync_vvmcs_guest_state(struct vcpu *v, struct cpu_user_regs *regs) @@ -1224,7 +1248,7 @@ int nvmx_handle_vmlaunch(struct cpu_user if ( vcpu_nestedhvm(v).nv_vvmcxaddr == VMCX_EADDR ) { vmreturn (regs, VMFAIL_INVALID); - return X86EMUL_OKAY; + return X86EMUL_OKAY; } launched = __get_vvmcs(vcpu_nestedhvm(v).nv_vvmcx, @@ -1426,6 +1450,31 @@ int nvmx_handle_invept(struct cpu_user_r return X86EMUL_OKAY; } +int nvmx_handle_invvpid(struct cpu_user_regs *regs) +{ + struct vmx_inst_decoded decode; + unsigned long vpid; + int ret; + + if ( (ret = decode_vmx_inst(regs, &decode, &vpid, 0)) != X86EMUL_OKAY ) + return ret; + + switch ( reg_read(regs, decode.reg2) ) + { + /* Just invalidate all tlb entries for all types! */ + case INVVPID_INDIVIDUAL_ADDR: + case INVVPID_SINGLE_CONTEXT: + case INVVPID_ALL_CONTEXT: + hvm_asid_flush_vcpu_asid(&vcpu_nestedhvm(current).nv_n2asid); + break; + default: + vmreturn(regs, VMFAIL_INVALID); + return X86EMUL_OKAY; + } + + vmreturn(regs, VMSUCCEED); + return X86EMUL_OKAY; +} #define __emul_value(enable1, default1) \ ((enable1 | default1) << 32 | (default1)) diff -r a16d3f55a3d5 -r 6c982d14bc4a xen/include/asm-x86/hvm/vmx/vvmx.h --- a/xen/include/asm-x86/hvm/vmx/vvmx.h Tue Jan 15 11:29:41 2013 +0100 +++ b/xen/include/asm-x86/hvm/vmx/vvmx.h Tue Jan 15 11:30:50 2013 +0100 @@ -37,6 +37,7 @@ struct nestedvmx { uint32_t exit_reason; uint32_t exit_qual; } ept; + uint32_t guest_vpid; }; #define vcpu_2_nvmx(v) (vcpu_nestedhvm(v).u.nvmx) @@ -192,6 +193,7 @@ int nvmx_handle_vmwrite(struct cpu_user_ int nvmx_handle_vmresume(struct cpu_user_regs *regs); int nvmx_handle_vmlaunch(struct cpu_user_regs *regs); int nvmx_handle_invept(struct cpu_user_regs *regs); +int nvmx_handle_invvpid(struct cpu_user_regs *regs); int nvmx_msr_read_intercept(unsigned int msr, u64 *msr_content); int nvmx_msr_write_intercept(unsigned int msr, _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:23:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:23:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOHM-0008WJ-J2; Wed, 16 Jan 2013 08:23:24 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOHL-0008Vg-St for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:23:24 +0000 Received: from [85.158.143.35:56140] by server-2.bemta-4.messagelabs.com id 8D/9D-24322-B7366F05; Wed, 16 Jan 2013 08:23:23 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-5.tower-21.messagelabs.com!1358324552!4635098!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_DONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 11504 invoked from network); 16 Jan 2013 08:22:33 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-5.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:33 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGW-0003tR-Di for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:32 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGW-0000iO-Cb for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:32 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:31 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] nVMX: virutalize VPID capability to nested VMM X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Zhang Xiantao # Date 1358245850 -3600 # Node ID 6c982d14bc4a5aa9dcc119ac49938269799d414e # Parent a16d3f55a3d583bc50ad1c7a79fef5eb75140a5a nVMX: virutalize VPID capability to nested VMM Virtualize VPID for the nested vmm, use host's VPID to emualte guest's VPID. For each virtual vmentry, if guest'v vpid is changed, allocate a new host VPID for L2 guest. Signed-off-by: Zhang Xiantao Acked-by: Tim Deegan Acked-by: Jun Nakajima Acked-by: Eddie Dong Committed-by: Jan Beulich --- diff -r a16d3f55a3d5 -r 6c982d14bc4a xen/arch/x86/hvm/vmx/vmx.c --- a/xen/arch/x86/hvm/vmx/vmx.c Tue Jan 15 11:29:41 2013 +0100 +++ b/xen/arch/x86/hvm/vmx/vmx.c Tue Jan 15 11:30:50 2013 +0100 @@ -2585,10 +2585,14 @@ void vmx_vmexit_handler(struct cpu_user_ update_guest_eip(); break; + case EXIT_REASON_INVVPID: + if ( nvmx_handle_invvpid(regs) == X86EMUL_OKAY ) + update_guest_eip(); + break; + case EXIT_REASON_MWAIT_INSTRUCTION: case EXIT_REASON_MONITOR_INSTRUCTION: case EXIT_REASON_GETSEC: - case EXIT_REASON_INVVPID: /* * We should never exit on GETSEC because CR4.SMXE is always 0 when * running in guest context, and the CPU checks that before getting @@ -2706,8 +2710,11 @@ void vmx_vmenter_helper(void) if ( !cpu_has_vmx_vpid ) goto out; - - p_asid = &curr->arch.hvm_vcpu.n1asid; + if ( nestedhvm_vcpu_in_guestmode(curr) ) + p_asid = &vcpu_nestedhvm(curr).nv_n2asid; + else + p_asid = &curr->arch.hvm_vcpu.n1asid; + old_asid = p_asid->asid; need_flush = hvm_asid_handle_vmenter(p_asid); new_asid = p_asid->asid; diff -r a16d3f55a3d5 -r 6c982d14bc4a xen/arch/x86/hvm/vmx/vvmx.c --- a/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 15 11:29:41 2013 +0100 +++ b/xen/arch/x86/hvm/vmx/vvmx.c Tue Jan 15 11:30:50 2013 +0100 @@ -42,6 +42,7 @@ int nvmx_vcpu_initialise(struct vcpu *v) goto out; } nvmx->ept.enabled = 0; + nvmx->guest_vpid = 0; nvmx->vmxon_region_pa = 0; nvcpu->nv_vvmcx = NULL; nvcpu->nv_vvmcxaddr = VMCX_EADDR; @@ -904,6 +905,16 @@ uint64_t get_shadow_eptp(struct vcpu *v) return ept_get_eptp(ept); } +static bool_t nvmx_vpid_enabled(struct nestedvcpu *nvcpu) +{ + uint32_t second_cntl; + + second_cntl = __get_vvmcs(nvcpu->nv_vvmcx, SECONDARY_VM_EXEC_CONTROL); + if ( second_cntl & SECONDARY_EXEC_ENABLE_VPID ) + return 1; + return 0; +} + static void virtual_vmentry(struct cpu_user_regs *regs) { struct vcpu *v = current; @@ -952,6 +963,19 @@ static void virtual_vmentry(struct cpu_u if ( nestedhvm_paging_mode_hap(v) ) __vmwrite(EPT_POINTER, get_shadow_eptp(v)); + /* nested VPID support! */ + if ( cpu_has_vmx_vpid && nvmx_vpid_enabled(nvcpu) ) + { + struct nestedvmx *nvmx = &vcpu_2_nvmx(v); + uint32_t new_vpid = __get_vvmcs(vvmcs, VIRTUAL_PROCESSOR_ID); + + if ( nvmx->guest_vpid != new_vpid ) + { + hvm_asid_flush_vcpu_asid(&vcpu_nestedhvm(v).nv_n2asid); + nvmx->guest_vpid = new_vpid; + } + } + } static void sync_vvmcs_guest_state(struct vcpu *v, struct cpu_user_regs *regs) @@ -1224,7 +1248,7 @@ int nvmx_handle_vmlaunch(struct cpu_user if ( vcpu_nestedhvm(v).nv_vvmcxaddr == VMCX_EADDR ) { vmreturn (regs, VMFAIL_INVALID); - return X86EMUL_OKAY; + return X86EMUL_OKAY; } launched = __get_vvmcs(vcpu_nestedhvm(v).nv_vvmcx, @@ -1426,6 +1450,31 @@ int nvmx_handle_invept(struct cpu_user_r return X86EMUL_OKAY; } +int nvmx_handle_invvpid(struct cpu_user_regs *regs) +{ + struct vmx_inst_decoded decode; + unsigned long vpid; + int ret; + + if ( (ret = decode_vmx_inst(regs, &decode, &vpid, 0)) != X86EMUL_OKAY ) + return ret; + + switch ( reg_read(regs, decode.reg2) ) + { + /* Just invalidate all tlb entries for all types! */ + case INVVPID_INDIVIDUAL_ADDR: + case INVVPID_SINGLE_CONTEXT: + case INVVPID_ALL_CONTEXT: + hvm_asid_flush_vcpu_asid(&vcpu_nestedhvm(current).nv_n2asid); + break; + default: + vmreturn(regs, VMFAIL_INVALID); + return X86EMUL_OKAY; + } + + vmreturn(regs, VMSUCCEED); + return X86EMUL_OKAY; +} #define __emul_value(enable1, default1) \ ((enable1 | default1) << 32 | (default1)) diff -r a16d3f55a3d5 -r 6c982d14bc4a xen/include/asm-x86/hvm/vmx/vvmx.h --- a/xen/include/asm-x86/hvm/vmx/vvmx.h Tue Jan 15 11:29:41 2013 +0100 +++ b/xen/include/asm-x86/hvm/vmx/vvmx.h Tue Jan 15 11:30:50 2013 +0100 @@ -37,6 +37,7 @@ struct nestedvmx { uint32_t exit_reason; uint32_t exit_qual; } ept; + uint32_t guest_vpid; }; #define vcpu_2_nvmx(v) (vcpu_nestedhvm(v).u.nvmx) @@ -192,6 +193,7 @@ int nvmx_handle_vmwrite(struct cpu_user_ int nvmx_handle_vmresume(struct cpu_user_regs *regs); int nvmx_handle_vmlaunch(struct cpu_user_regs *regs); int nvmx_handle_invept(struct cpu_user_regs *regs); +int nvmx_handle_invvpid(struct cpu_user_regs *regs); int nvmx_msr_read_intercept(unsigned int msr, u64 *msr_content); int nvmx_msr_write_intercept(unsigned int msr, _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:23:57 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:23:57 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOHs-0000Ca-OR; Wed, 16 Jan 2013 08:23:56 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOHr-0000CI-FV for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:23:55 +0000 Received: from [193.109.254.147:45171] by server-8.bemta-14.messagelabs.com id A5/53-26341-A9366F05; Wed, 16 Jan 2013 08:23:54 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-16.tower-27.messagelabs.com!1358324547!8620352!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 3837 invoked from network); 16 Jan 2013 08:22:29 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-16.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:29 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGR-0003sk-K1 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:27 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGR-0000g6-IV for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:27 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:27 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen: Introduce ASSERT_NOT_IN_ATOMIC() to give more info on in_atomic() crash. X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Keir Fraser # Date 1358182042 0 # Node ID 21a2ecc7318344ffe6e73018c6230292496bb6b7 # Parent f6a81b41ad710464f255fb6e75f569c71f58045e xen: Introduce ASSERT_NOT_IN_ATOMIC() to give more info on in_atomic() crash. Signed-off-by: Keir Fraser --- diff -r f6a81b41ad71 -r 21a2ecc73183 xen/common/preempt.c --- a/xen/common/preempt.c Mon Jan 14 14:06:05 2013 +0000 +++ b/xen/common/preempt.c Mon Jan 14 16:47:22 2013 +0000 @@ -31,8 +31,11 @@ bool_t in_atomic(void) return preempt_count() || in_irq() || !local_irq_is_enabled(); } -/* asm helper */ -void bug_if_in_atomic(void) +#ifndef NDEBUG +void ASSERT_NOT_IN_ATOMIC(void) { - BUG_ON(in_atomic()); + ASSERT(!preempt_count()); + ASSERT(!in_irq()); + ASSERT(local_irq_is_enabled()); } +#endif diff -r f6a81b41ad71 -r 21a2ecc73183 xen/common/schedule.c --- a/xen/common/schedule.c Mon Jan 14 14:06:05 2013 +0000 +++ b/xen/common/schedule.c Mon Jan 14 16:47:22 2013 +0000 @@ -1086,7 +1086,7 @@ static void schedule(void) struct task_slice next_slice; int cpu = smp_processor_id(); - ASSERT(!in_atomic()); + ASSERT_NOT_IN_ATOMIC(); SCHED_STAT_CRANK(sched_run); diff -r f6a81b41ad71 -r 21a2ecc73183 xen/common/softirq.c --- a/xen/common/softirq.c Mon Jan 14 14:06:05 2013 +0000 +++ b/xen/common/softirq.c Mon Jan 14 16:47:22 2013 +0000 @@ -58,7 +58,7 @@ void process_pending_softirqs(void) asmlinkage void do_softirq(void) { - ASSERT(!in_atomic()); + ASSERT_NOT_IN_ATOMIC(); __do_softirq(0); } diff -r f6a81b41ad71 -r 21a2ecc73183 xen/common/wait.c --- a/xen/common/wait.c Mon Jan 14 14:06:05 2013 +0000 +++ b/xen/common/wait.c Mon Jan 14 16:47:22 2013 +0000 @@ -211,7 +211,7 @@ void prepare_to_wait(struct waitqueue_he struct vcpu *curr = current; struct waitqueue_vcpu *wqv = curr->waitqueue_vcpu; - ASSERT(!in_atomic()); + ASSERT_NOT_IN_ATOMIC(); __prepare_to_wait(wqv); ASSERT(list_empty(&wqv->list)); diff -r f6a81b41ad71 -r 21a2ecc73183 xen/include/asm-x86/asm_defns.h --- a/xen/include/asm-x86/asm_defns.h Mon Jan 14 14:06:05 2013 +0000 +++ b/xen/include/asm-x86/asm_defns.h Mon Jan 14 16:47:22 2013 +0000 @@ -62,7 +62,7 @@ void ret_from_intr(void); #ifndef NDEBUG #define ASSERT_NOT_IN_ATOMIC \ sti; /* sometimes called with interrupts disabled: safe to enable */ \ - call bug_if_in_atomic + call ASSERT_NOT_IN_ATOMIC #else #define ASSERT_NOT_IN_ATOMIC #endif diff -r f6a81b41ad71 -r 21a2ecc73183 xen/include/xen/preempt.h --- a/xen/include/xen/preempt.h Mon Jan 14 14:06:05 2013 +0000 +++ b/xen/include/xen/preempt.h Mon Jan 14 16:47:22 2013 +0000 @@ -28,4 +28,10 @@ DECLARE_PER_CPU(unsigned int, __preempt_ bool_t in_atomic(void); +#ifndef NDEBUG +void ASSERT_NOT_IN_ATOMIC(void); +#else +#define ASSERT_NOT_IN_ATOMIC() ((void)0) +#endif + #endif /* __XEN_PREEMPT_H__ */ _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:23:57 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:23:57 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOHs-0000Ca-OR; Wed, 16 Jan 2013 08:23:56 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOHr-0000CI-FV for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:23:55 +0000 Received: from [193.109.254.147:45171] by server-8.bemta-14.messagelabs.com id A5/53-26341-A9366F05; Wed, 16 Jan 2013 08:23:54 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-16.tower-27.messagelabs.com!1358324547!8620352!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 3837 invoked from network); 16 Jan 2013 08:22:29 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-16.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:29 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGR-0003sk-K1 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:27 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGR-0000g6-IV for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:27 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:27 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen: Introduce ASSERT_NOT_IN_ATOMIC() to give more info on in_atomic() crash. X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Keir Fraser # Date 1358182042 0 # Node ID 21a2ecc7318344ffe6e73018c6230292496bb6b7 # Parent f6a81b41ad710464f255fb6e75f569c71f58045e xen: Introduce ASSERT_NOT_IN_ATOMIC() to give more info on in_atomic() crash. Signed-off-by: Keir Fraser --- diff -r f6a81b41ad71 -r 21a2ecc73183 xen/common/preempt.c --- a/xen/common/preempt.c Mon Jan 14 14:06:05 2013 +0000 +++ b/xen/common/preempt.c Mon Jan 14 16:47:22 2013 +0000 @@ -31,8 +31,11 @@ bool_t in_atomic(void) return preempt_count() || in_irq() || !local_irq_is_enabled(); } -/* asm helper */ -void bug_if_in_atomic(void) +#ifndef NDEBUG +void ASSERT_NOT_IN_ATOMIC(void) { - BUG_ON(in_atomic()); + ASSERT(!preempt_count()); + ASSERT(!in_irq()); + ASSERT(local_irq_is_enabled()); } +#endif diff -r f6a81b41ad71 -r 21a2ecc73183 xen/common/schedule.c --- a/xen/common/schedule.c Mon Jan 14 14:06:05 2013 +0000 +++ b/xen/common/schedule.c Mon Jan 14 16:47:22 2013 +0000 @@ -1086,7 +1086,7 @@ static void schedule(void) struct task_slice next_slice; int cpu = smp_processor_id(); - ASSERT(!in_atomic()); + ASSERT_NOT_IN_ATOMIC(); SCHED_STAT_CRANK(sched_run); diff -r f6a81b41ad71 -r 21a2ecc73183 xen/common/softirq.c --- a/xen/common/softirq.c Mon Jan 14 14:06:05 2013 +0000 +++ b/xen/common/softirq.c Mon Jan 14 16:47:22 2013 +0000 @@ -58,7 +58,7 @@ void process_pending_softirqs(void) asmlinkage void do_softirq(void) { - ASSERT(!in_atomic()); + ASSERT_NOT_IN_ATOMIC(); __do_softirq(0); } diff -r f6a81b41ad71 -r 21a2ecc73183 xen/common/wait.c --- a/xen/common/wait.c Mon Jan 14 14:06:05 2013 +0000 +++ b/xen/common/wait.c Mon Jan 14 16:47:22 2013 +0000 @@ -211,7 +211,7 @@ void prepare_to_wait(struct waitqueue_he struct vcpu *curr = current; struct waitqueue_vcpu *wqv = curr->waitqueue_vcpu; - ASSERT(!in_atomic()); + ASSERT_NOT_IN_ATOMIC(); __prepare_to_wait(wqv); ASSERT(list_empty(&wqv->list)); diff -r f6a81b41ad71 -r 21a2ecc73183 xen/include/asm-x86/asm_defns.h --- a/xen/include/asm-x86/asm_defns.h Mon Jan 14 14:06:05 2013 +0000 +++ b/xen/include/asm-x86/asm_defns.h Mon Jan 14 16:47:22 2013 +0000 @@ -62,7 +62,7 @@ void ret_from_intr(void); #ifndef NDEBUG #define ASSERT_NOT_IN_ATOMIC \ sti; /* sometimes called with interrupts disabled: safe to enable */ \ - call bug_if_in_atomic + call ASSERT_NOT_IN_ATOMIC #else #define ASSERT_NOT_IN_ATOMIC #endif diff -r f6a81b41ad71 -r 21a2ecc73183 xen/include/xen/preempt.h --- a/xen/include/xen/preempt.h Mon Jan 14 14:06:05 2013 +0000 +++ b/xen/include/xen/preempt.h Mon Jan 14 16:47:22 2013 +0000 @@ -28,4 +28,10 @@ DECLARE_PER_CPU(unsigned int, __preempt_ bool_t in_atomic(void); +#ifndef NDEBUG +void ASSERT_NOT_IN_ATOMIC(void); +#else +#define ASSERT_NOT_IN_ATOMIC() ((void)0) +#endif + #endif /* __XEN_PREEMPT_H__ */ _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:25:10 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:25:10 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOJ4-0000K9-0E; Wed, 16 Jan 2013 08:25:10 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOJ2-0000Jq-11 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:25:08 +0000 Received: from [85.158.143.35:62316] by server-1.bemta-4.messagelabs.com id 60/56-18740-2E366F05; Wed, 16 Jan 2013 08:25:06 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-12.tower-21.messagelabs.com!1358324536!12566907!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 28218 invoked from network); 16 Jan 2013 08:22:18 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-12.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:18 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGG-0003ra-Ka for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:16 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGG-0000bN-JE for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:16 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:15 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen/xsm: Add xsm_default parameter to XSM hooks X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357901041 0 # Node ID 1d94ac6cf85adbcfc5d5c1e45bc165f9a97f5634 # Parent 4b101bfde4ba2568f3359cf27d38f8dbaf52a0d8 xen/xsm: Add xsm_default parameter to XSM hooks Include the default XSM hook action as the first argument of the hook to facilitate quick understanding of how the call site is expected to be used (dom0-only, arbitrary guest, or device model). This argument does not solely define how a given hook is interpreted, since any changes to the hook's default action need to be made identically to all callers of a hook (if there are multiple callers; most hooks only have one), and may also require changing the arguments of the hook. Signed-off-by: Daniel De Graaf Acked-by: Tim Deegan Committed-by: Keir Fraser --- diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/arch/x86/cpu/mcheck/mce.c --- a/xen/arch/x86/cpu/mcheck/mce.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/arch/x86/cpu/mcheck/mce.c Fri Jan 11 10:44:01 2013 +0000 @@ -1293,7 +1293,7 @@ long do_mca(XEN_GUEST_HANDLE_PARAM(xen_m struct xen_mc_msrinject *mc_msrinject; struct xen_mc_mceinject *mc_mceinject; - ret = xsm_do_mca(); + ret = xsm_do_mca(XSM_PRIV); if ( ret ) return x86_mcerr(NULL, ret); diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/arch/x86/domctl.c --- a/xen/arch/x86/domctl.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/arch/x86/domctl.c Fri Jan 11 10:44:01 2013 +0000 @@ -77,7 +77,7 @@ long arch_do_domctl( if ( np == 0 ) ret = 0; - else if ( xsm_ioport_permission(d, fp, fp + np - 1, allow) ) + else if ( xsm_ioport_permission(XSM_HOOK, d, fp, fp + np - 1, allow) ) ret = -EPERM; else if ( allow ) ret = ioports_permit_access(d, fp, fp + np - 1); @@ -571,7 +571,7 @@ long arch_do_domctl( if ( !is_hvm_domain(d) ) break; - ret = xsm_bind_pt_irq(d, bind); + ret = xsm_bind_pt_irq(XSM_HOOK, d, bind); if ( ret ) break; @@ -604,7 +604,7 @@ long arch_do_domctl( !irq_access_permitted(current->domain, bind->machine_irq) ) break; - ret = xsm_unbind_pt_irq(d, bind); + ret = xsm_unbind_pt_irq(XSM_HOOK, d, bind); if ( ret ) break; @@ -639,7 +639,7 @@ long arch_do_domctl( !iomem_access_permitted(current->domain, mfn, mfn + nr_mfns - 1) ) break; - ret = xsm_iomem_mapping(d, mfn, mfn + nr_mfns - 1, add); + ret = xsm_iomem_mapping(XSM_HOOK, d, mfn, mfn + nr_mfns - 1, add); if ( ret ) break; @@ -717,7 +717,7 @@ long arch_do_domctl( !ioports_access_permitted(current->domain, fmp, fmp + np - 1) ) break; - ret = xsm_ioport_mapping(d, fmp, fmp + np - 1, add); + ret = xsm_ioport_mapping(XSM_HOOK, d, fmp, fmp + np - 1, add); if ( ret ) break; diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/arch/x86/hvm/hvm.c --- a/xen/arch/x86/hvm/hvm.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/arch/x86/hvm/hvm.c Fri Jan 11 10:44:01 2013 +0000 @@ -3396,7 +3396,7 @@ static int hvmop_set_pci_intx_level( if ( !is_hvm_domain(d) ) goto out; - rc = xsm_hvm_set_pci_intx_level(d); + rc = xsm_hvm_set_pci_intx_level(XSM_DM_PRIV, d); if ( rc ) goto out; @@ -3563,7 +3563,7 @@ static int hvmop_set_isa_irq_level( if ( !is_hvm_domain(d) ) goto out; - rc = xsm_hvm_set_isa_irq_level(d); + rc = xsm_hvm_set_isa_irq_level(XSM_DM_PRIV, d); if ( rc ) goto out; @@ -3607,7 +3607,7 @@ static int hvmop_set_pci_link_route( if ( !is_hvm_domain(d) ) goto out; - rc = xsm_hvm_set_pci_link_route(d); + rc = xsm_hvm_set_pci_link_route(XSM_DM_PRIV, d); if ( rc ) goto out; @@ -3637,7 +3637,7 @@ static int hvmop_inject_msi( if ( !is_hvm_domain(d) ) goto out; - rc = xsm_hvm_inject_msi(d); + rc = xsm_hvm_inject_msi(XSM_DM_PRIV, d); if ( rc ) goto out; @@ -3734,7 +3734,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( !is_hvm_domain(d) ) goto param_fail; - rc = xsm_hvm_param(d, op); + rc = xsm_hvm_param(XSM_TARGET, d, op); if ( rc ) goto param_fail; @@ -3983,7 +3983,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( a.nr > GB(1) >> PAGE_SHIFT ) goto param_fail2; - rc = xsm_hvm_param(d, op); + rc = xsm_hvm_param(XSM_TARGET, d, op); if ( rc ) goto param_fail2; @@ -4021,7 +4021,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( !is_hvm_domain(d) ) goto param_fail3; - rc = xsm_hvm_param(d, op); + rc = xsm_hvm_param(XSM_TARGET, d, op); if ( rc ) goto param_fail3; @@ -4082,7 +4082,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( d == NULL ) return -ESRCH; - rc = xsm_hvm_param(d, op); + rc = xsm_hvm_param(XSM_TARGET, d, op); if ( rc ) goto param_fail_getmemtype; @@ -4136,7 +4136,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( !is_hvm_domain(d) ) goto param_fail4; - rc = xsm_hvm_param(d, op); + rc = xsm_hvm_param(XSM_TARGET, d, op); if ( rc ) goto param_fail4; @@ -4229,7 +4229,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( !is_hvm_domain(d) ) goto param_fail5; - rc = xsm_hvm_param(d, op); + rc = xsm_hvm_param(XSM_TARGET, d, op); if ( rc ) goto param_fail5; @@ -4264,7 +4264,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( !is_hvm_domain(d) ) goto param_fail6; - rc = xsm_hvm_param(d, op); + rc = xsm_hvm_param(XSM_TARGET, d, op); if ( rc ) goto param_fail6; @@ -4300,7 +4300,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( !is_hvm_domain(d) || !paging_mode_shadow(d) ) goto param_fail7; - rc = xsm_hvm_param(d, op); + rc = xsm_hvm_param(XSM_TARGET, d, op); if ( rc ) goto param_fail7; @@ -4354,7 +4354,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( !is_hvm_domain(d) ) goto param_fail8; - rc = xsm_hvm_param(d, op); + rc = xsm_hvm_param(XSM_TARGET, d, op); if ( rc ) goto param_fail8; diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/arch/x86/irq.c --- a/xen/arch/x86/irq.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/arch/x86/irq.c Fri Jan 11 10:44:01 2013 +0000 @@ -1874,7 +1874,7 @@ int map_domain_pirq( return 0; } - ret = xsm_map_domain_pirq(d, irq, data); + ret = xsm_map_domain_pirq(XSM_HOOK, d, irq, data); if ( ret ) { dprintk(XENLOG_G_ERR, "dom%d: could not permit access to irq %d mapping to pirq %d\n", diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/arch/x86/mm.c --- a/xen/arch/x86/mm.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/arch/x86/mm.c Fri Jan 11 10:44:01 2013 +0000 @@ -2700,7 +2700,7 @@ long do_mmuext_op( goto out; } - rc = xsm_mmuext_op(d, pg_owner); + rc = xsm_mmuext_op(XSM_TARGET, d, pg_owner); if ( rc ) { rcu_unlock_domain(pg_owner); @@ -2772,7 +2772,7 @@ long do_mmuext_op( break; } - if ( (rc = xsm_memory_pin_page(d, pg_owner, page)) != 0 ) + if ( (rc = xsm_memory_pin_page(XSM_HOOK, d, pg_owner, page)) != 0 ) { put_page_and_type(page); okay = 0; @@ -3230,7 +3230,7 @@ long do_mmu_update( } if ( xsm_needed != xsm_checked ) { - rc = xsm_mmu_update(d, pt_owner, pg_owner, xsm_needed); + rc = xsm_mmu_update(XSM_TARGET, d, pt_owner, pg_owner, xsm_needed); if ( rc ) break; xsm_checked = xsm_needed; @@ -3349,7 +3349,7 @@ long do_mmu_update( xsm_needed |= XSM_MMU_MACHPHYS_UPDATE; if ( xsm_needed != xsm_checked ) { - rc = xsm_mmu_update(d, NULL, pg_owner, xsm_needed); + rc = xsm_mmu_update(XSM_TARGET, d, NULL, pg_owner, xsm_needed); if ( rc ) break; xsm_checked = xsm_needed; @@ -3917,7 +3917,7 @@ static int __do_update_va_mapping( perfc_incr(calls_to_update_va); - rc = xsm_update_va_mapping(d, pg_owner, val); + rc = xsm_update_va_mapping(XSM_TARGET, d, pg_owner, val); if ( rc ) return rc; @@ -4388,7 +4388,7 @@ long arch_memory_op(int op, XEN_GUEST_HA if ( d == NULL ) return -ESRCH; - if ( xsm_add_to_physmap(current->domain, d) ) + if ( xsm_add_to_physmap(XSM_TARGET, current->domain, d) ) { rcu_unlock_domain(d); return -EPERM; @@ -4427,7 +4427,7 @@ long arch_memory_op(int op, XEN_GUEST_HA if ( d == NULL ) return -ESRCH; - rc = xsm_domain_memory_map(d); + rc = xsm_domain_memory_map(XSM_TARGET, d); if ( rc ) { rcu_unlock_domain(d); @@ -4502,7 +4502,7 @@ long arch_memory_op(int op, XEN_GUEST_HA XEN_GUEST_HANDLE_PARAM(e820entry_t) buffer_param; unsigned int i; - rc = xsm_machine_memory_map(); + rc = xsm_machine_memory_map(XSM_PRIV); if ( rc ) return rc; @@ -4586,9 +4586,9 @@ long arch_memory_op(int op, XEN_GUEST_HA return -ESRCH; if ( op == XENMEM_set_pod_target ) - rc = xsm_set_pod_target(d); + rc = xsm_set_pod_target(XSM_PRIV, d); else - rc = xsm_get_pod_target(d); + rc = xsm_get_pod_target(XSM_PRIV, d); if ( rc != 0 ) goto pod_target_out_unlock; diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/arch/x86/mm/mem_event.c --- a/xen/arch/x86/mm/mem_event.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/arch/x86/mm/mem_event.c Fri Jan 11 10:44:01 2013 +0000 @@ -449,7 +449,7 @@ int do_mem_event_op(int op, uint32_t dom if ( ret ) return ret; - ret = xsm_mem_event_op(d, op); + ret = xsm_mem_event_op(XSM_TARGET, d, op); if ( ret ) goto out; @@ -502,7 +502,7 @@ int mem_event_domctl(struct domain *d, x { int rc; - rc = xsm_mem_event_control(d, mec->mode, mec->op); + rc = xsm_mem_event_control(XSM_PRIV, d, mec->mode, mec->op); if ( rc ) return rc; diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/arch/x86/mm/mem_sharing.c --- a/xen/arch/x86/mm/mem_sharing.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/arch/x86/mm/mem_sharing.c Fri Jan 11 10:44:01 2013 +0000 @@ -1351,7 +1351,7 @@ int mem_sharing_memop(struct domain *d, if ( rc ) return rc; - rc = xsm_mem_sharing_op(d, cd, mec->op); + rc = xsm_mem_sharing_op(XSM_TARGET, d, cd, mec->op); if ( rc ) { rcu_unlock_domain(cd); @@ -1415,7 +1415,7 @@ int mem_sharing_memop(struct domain *d, if ( rc ) return rc; - rc = xsm_mem_sharing_op(d, cd, mec->op); + rc = xsm_mem_sharing_op(XSM_TARGET, d, cd, mec->op); if ( rc ) { rcu_unlock_domain(cd); diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/arch/x86/mm/paging.c --- a/xen/arch/x86/mm/paging.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/arch/x86/mm/paging.c Fri Jan 11 10:44:01 2013 +0000 @@ -559,7 +559,7 @@ int paging_domctl(struct domain *d, xen_ return -EINVAL; } - rc = xsm_shadow_control(d, sc->op); + rc = xsm_shadow_control(XSM_HOOK, d, sc->op); if ( rc ) return rc; diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/arch/x86/msi.c --- a/xen/arch/x86/msi.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/arch/x86/msi.c Fri Jan 11 10:44:01 2013 +0000 @@ -1016,7 +1016,7 @@ int pci_restore_msi_state(struct pci_dev if (!pdev) return -EINVAL; - ret = xsm_resource_setup_pci((pdev->seg << 16) | (pdev->bus << 8) | pdev->devfn); + ret = xsm_resource_setup_pci(XSM_PRIV, (pdev->seg << 16) | (pdev->bus << 8) | pdev->devfn); if ( ret ) return ret; diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/arch/x86/physdev.c --- a/xen/arch/x86/physdev.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/arch/x86/physdev.c Fri Jan 11 10:44:01 2013 +0000 @@ -232,7 +232,7 @@ int physdev_unmap_pirq(domid_t domid, in goto free_domain; } - ret = xsm_unmap_domain_pirq(d, domain_pirq_to_irq(d, pirq)); + ret = xsm_unmap_domain_pirq(XSM_TARGET, d, domain_pirq_to_irq(d, pirq)); if ( ret ) goto free_domain; @@ -423,7 +423,7 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H ret = -EFAULT; if ( copy_from_guest(&apic, arg, 1) != 0 ) break; - ret = xsm_apic(v->domain, cmd); + ret = xsm_apic(XSM_PRIV, v->domain, cmd); if ( ret ) break; ret = ioapic_guest_read(apic.apic_physbase, apic.reg, &apic.value); @@ -437,7 +437,7 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H ret = -EFAULT; if ( copy_from_guest(&apic, arg, 1) != 0 ) break; - ret = xsm_apic(v->domain, cmd); + ret = xsm_apic(XSM_PRIV, v->domain, cmd); if ( ret ) break; ret = ioapic_guest_write(apic.apic_physbase, apic.reg, apic.value); @@ -453,7 +453,7 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H /* Use the APIC check since this dummy hypercall should still only * be called by the domain with access to program the ioapic */ - ret = xsm_apic(v->domain, cmd); + ret = xsm_apic(XSM_PRIV, v->domain, cmd); if ( ret ) break; @@ -578,7 +578,7 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H case PHYSDEVOP_pci_mmcfg_reserved: { struct physdev_pci_mmcfg_reserved info; - ret = xsm_resource_setup_misc(); + ret = xsm_resource_setup_misc(XSM_PRIV); if ( ret ) break; @@ -632,7 +632,7 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H if ( setup_gsi.gsi < 0 || setup_gsi.gsi >= nr_irqs_gsi ) break; - ret = xsm_resource_setup_gsi(setup_gsi.gsi); + ret = xsm_resource_setup_gsi(XSM_PRIV, setup_gsi.gsi); if ( ret ) break; diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/arch/x86/platform_hypercall.c --- a/xen/arch/x86/platform_hypercall.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/arch/x86/platform_hypercall.c Fri Jan 11 10:44:01 2013 +0000 @@ -72,7 +72,7 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA if ( op->interface_version != XENPF_INTERFACE_VERSION ) return -EACCES; - ret = xsm_platform_op(op->cmd); + ret = xsm_platform_op(XSM_PRIV, op->cmd); if ( ret ) return ret; @@ -498,7 +498,7 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA { int cpu = op->u.cpu_ol.cpuid; - ret = xsm_resource_plug_core(); + ret = xsm_resource_plug_core(XSM_HOOK); if ( ret ) break; @@ -523,7 +523,7 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA { int cpu = op->u.cpu_ol.cpuid; - ret = xsm_resource_unplug_core(); + ret = xsm_resource_unplug_core(XSM_HOOK); if ( ret ) break; @@ -552,7 +552,7 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA break; case XENPF_cpu_hotadd: - ret = xsm_resource_plug_core(); + ret = xsm_resource_plug_core(XSM_HOOK); if ( ret ) break; @@ -562,7 +562,7 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA break; case XENPF_mem_hotadd: - ret = xsm_resource_plug_core(); + ret = xsm_resource_plug_core(XSM_HOOK); if ( ret ) break; diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/arch/x86/sysctl.c --- a/xen/arch/x86/sysctl.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/arch/x86/sysctl.c Fri Jan 11 10:44:01 2013 +0000 @@ -186,14 +186,14 @@ long arch_do_sysctl( switch ( sysctl->u.cpu_hotplug.op ) { case XEN_SYSCTL_CPU_HOTPLUG_ONLINE: - ret = xsm_resource_plug_core(); + ret = xsm_resource_plug_core(XSM_HOOK); if ( ret ) break; ret = continue_hypercall_on_cpu( 0, cpu_up_helper, (void *)(unsigned long)cpu); break; case XEN_SYSCTL_CPU_HOTPLUG_OFFLINE: - ret = xsm_resource_unplug_core(); + ret = xsm_resource_unplug_core(XSM_HOOK); if ( ret ) break; ret = continue_hypercall_on_cpu( diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/arch/x86/traps.c --- a/xen/arch/x86/traps.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/arch/x86/traps.c Fri Jan 11 10:44:01 2013 +0000 @@ -1643,7 +1643,7 @@ static int pci_cfg_ok(struct domain *d, start |= (d->arch.pci_cf8 >> 16) & 0xF00; } end = start + size - 1; - if (xsm_pci_config_permission(d, machine_bdf, start, end, write)) + if (xsm_pci_config_permission(XSM_HOOK, d, machine_bdf, start, end, write)) return 0; return 1; } diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/common/domain.c --- a/xen/common/domain.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/common/domain.c Fri Jan 11 10:44:01 2013 +0000 @@ -252,7 +252,7 @@ struct domain *domain_create( if ( !is_idle_domain(d) ) { - if ( (err = xsm_domain_create(d, ssidref)) != 0 ) + if ( (err = xsm_domain_create(XSM_HOOK, d, ssidref)) != 0 ) goto fail; d->is_paused_by_controller = 1; diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/common/domctl.c --- a/xen/common/domctl.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/common/domctl.c Fri Jan 11 10:44:01 2013 +0000 @@ -265,7 +265,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe return -ESRCH; } - ret = xsm_domctl(d, op->cmd); + ret = xsm_domctl(XSM_OTHER, d, op->cmd); if ( ret ) goto domctl_out_unlock_domonly; @@ -579,7 +579,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe break; } - ret = xsm_getdomaininfo(d); + ret = xsm_getdomaininfo(XSM_HOOK, d); if ( ret ) goto getdomaininfo_out; @@ -719,7 +719,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe if ( pirq >= d->nr_pirqs ) ret = -EINVAL; - else if ( xsm_irq_permission(d, pirq, allow) ) + else if ( xsm_irq_permission(XSM_HOOK, d, pirq, allow) ) ret = -EPERM; else if ( allow ) ret = irq_permit_access(d, pirq); @@ -738,7 +738,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe if ( (mfn + nr_mfns - 1) < mfn ) /* wrap? */ break; - if ( xsm_iomem_permission(d, mfn, mfn + nr_mfns - 1, allow) ) + if ( xsm_iomem_permission(XSM_HOOK, d, mfn, mfn + nr_mfns - 1, allow) ) ret = -EPERM; else if ( allow ) ret = iomem_permit_access(d, mfn, mfn + nr_mfns - 1); @@ -770,7 +770,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe break; } - ret = xsm_set_target(d, e); + ret = xsm_set_target(XSM_HOOK, d, e); if ( ret ) { put_domain(e); break; diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/common/event_channel.c --- a/xen/common/event_channel.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/common/event_channel.c Fri Jan 11 10:44:01 2013 +0000 @@ -175,7 +175,7 @@ static long evtchn_alloc_unbound(evtchn_ ERROR_EXIT_DOM(port, d); chn = evtchn_from_port(d, port); - rc = xsm_evtchn_unbound(d, chn, alloc->remote_dom); + rc = xsm_evtchn_unbound(XSM_TARGET, d, chn, alloc->remote_dom); if ( rc ) goto out; @@ -231,7 +231,7 @@ static long evtchn_bind_interdomain(evtc (rchn->u.unbound.remote_domid != ld->domain_id) ) ERROR_EXIT_DOM(-EINVAL, rd); - rc = xsm_evtchn_interdomain(ld, lchn, rd, rchn); + rc = xsm_evtchn_interdomain(XSM_HOOK, ld, lchn, rd, rchn); if ( rc ) goto out; @@ -580,7 +580,7 @@ int evtchn_send(struct domain *d, unsign return -EINVAL; } - ret = xsm_evtchn_send(ld, lchn); + ret = xsm_evtchn_send(XSM_HOOK, ld, lchn); if ( ret ) goto out; @@ -812,7 +812,7 @@ static long evtchn_status(evtchn_status_ chn = evtchn_from_port(d, port); - rc = xsm_evtchn_status(d, chn); + rc = xsm_evtchn_status(XSM_TARGET, d, chn); if ( rc ) goto out; @@ -954,7 +954,7 @@ static long evtchn_reset(evtchn_reset_t if ( d == NULL ) return -ESRCH; - rc = xsm_evtchn_reset(current->domain, d); + rc = xsm_evtchn_reset(XSM_TARGET, current->domain, d); if ( rc ) goto out; @@ -1101,7 +1101,7 @@ int alloc_unbound_xen_event_channel( goto out; chn = evtchn_from_port(d, port); - rc = xsm_evtchn_unbound(d, chn, remote_domid); + rc = xsm_evtchn_unbound(XSM_TARGET, d, chn, remote_domid); chn->state = ECS_UNBOUND; chn->xen_consumer = get_xen_consumer(notification_fn); diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/common/grant_table.c --- a/xen/common/grant_table.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/common/grant_table.c Fri Jan 11 10:44:01 2013 +0000 @@ -552,7 +552,7 @@ __gnttab_map_grant_ref( return; } - rc = xsm_grant_mapref(ld, rd, op->flags); + rc = xsm_grant_mapref(XSM_HOOK, ld, rd, op->flags); if ( rc ) { rcu_unlock_domain(rd); @@ -872,7 +872,7 @@ __gnttab_unmap_common( return; } - rc = xsm_grant_unmapref(ld, rd); + rc = xsm_grant_unmapref(XSM_HOOK, ld, rd); if ( rc ) { rcu_unlock_domain(rd); @@ -1336,7 +1336,7 @@ gnttab_setup_table( goto out2; } - if ( xsm_grant_setup(current->domain, d) ) + if ( xsm_grant_setup(XSM_TARGET, current->domain, d) ) { op.status = GNTST_permission_denied; goto out2; @@ -1406,7 +1406,7 @@ gnttab_query_size( goto query_out; } - rc = xsm_grant_query_size(current->domain, d); + rc = xsm_grant_query_size(XSM_TARGET, current->domain, d); if ( rc ) { op.status = GNTST_permission_denied; @@ -1582,7 +1582,7 @@ gnttab_transfer( goto copyback; } - if ( xsm_grant_transfer(d, e) ) + if ( xsm_grant_transfer(XSM_HOOK, d, e) ) { put_gfn(d, gop.mfn); gop.status = GNTST_permission_denied; @@ -2022,7 +2022,7 @@ __gnttab_copy( PIN_FAIL(error_out, GNTST_bad_domain, "couldn't find %d\n", op->dest.domid); - rc = xsm_grant_copy(sd, dd); + rc = xsm_grant_copy(XSM_HOOK, sd, dd); if ( rc ) { rc = GNTST_permission_denied; @@ -2280,7 +2280,7 @@ gnttab_get_status_frames(XEN_GUEST_HANDL op.status = GNTST_bad_domain; goto out1; } - rc = xsm_grant_setup(current->domain, d); + rc = xsm_grant_setup(XSM_TARGET, current->domain, d); if ( rc ) { op.status = GNTST_permission_denied; goto out1; @@ -2331,7 +2331,7 @@ gnttab_get_version(XEN_GUEST_HANDLE_PARA if ( d == NULL ) return -ESRCH; - rc = xsm_grant_query_size(current->domain, d); + rc = xsm_grant_query_size(XSM_TARGET, current->domain, d); if ( rc ) { rcu_unlock_domain(d); diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/common/kexec.c --- a/xen/common/kexec.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/common/kexec.c Fri Jan 11 10:44:01 2013 +0000 @@ -852,7 +852,7 @@ static int do_kexec_op_internal(unsigned unsigned long flags; int ret = -EINVAL; - ret = xsm_kexec(); + ret = xsm_kexec(XSM_PRIV); if ( ret ) return ret; diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/common/memory.c --- a/xen/common/memory.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/common/memory.c Fri Jan 11 10:44:01 2013 +0000 @@ -348,7 +348,7 @@ static long memory_exchange(XEN_GUEST_HA goto fail_early; } - rc = xsm_memory_exchange(d); + rc = xsm_memory_exchange(XSM_TARGET, d); if ( rc ) { rcu_unlock_domain(d); @@ -600,7 +600,7 @@ long do_memory_op(unsigned long cmd, XEN return start_extent; args.domain = d; - rc = xsm_memory_adjust_reservation(current->domain, d); + rc = xsm_memory_adjust_reservation(XSM_TARGET, current->domain, d); if ( rc ) { rcu_unlock_domain(d); @@ -649,7 +649,7 @@ long do_memory_op(unsigned long cmd, XEN if ( d == NULL ) return -ESRCH; - rc = xsm_memory_stat_reservation(current->domain, d); + rc = xsm_memory_stat_reservation(XSM_TARGET, current->domain, d); if ( rc ) { rcu_unlock_domain(d); @@ -687,7 +687,7 @@ long do_memory_op(unsigned long cmd, XEN if ( d == NULL ) return -ESRCH; - if ( xsm_remove_from_physmap(current->domain, d) ) + if ( xsm_remove_from_physmap(XSM_TARGET, current->domain, d) ) { rcu_unlock_domain(d); return -EPERM; diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/common/schedule.c --- a/xen/common/schedule.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/common/schedule.c Fri Jan 11 10:44:01 2013 +0000 @@ -921,7 +921,7 @@ ret_t do_sched_op(int cmd, XEN_GUEST_HAN if ( d == NULL ) break; - ret = xsm_schedop_shutdown(current->domain, d); + ret = xsm_schedop_shutdown(XSM_DM_PRIV, current->domain, d); if ( ret ) { rcu_unlock_domain(d); diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/common/sysctl.c --- a/xen/common/sysctl.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/common/sysctl.c Fri Jan 11 10:44:01 2013 +0000 @@ -40,7 +40,7 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe if ( op->interface_version != XEN_SYSCTL_INTERFACE_VERSION ) return -EACCES; - ret = xsm_sysctl(op->cmd); + ret = xsm_sysctl(XSM_PRIV, op->cmd); if ( ret ) return ret; @@ -57,7 +57,7 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe switch ( op->cmd ) { case XEN_SYSCTL_readconsole: - ret = xsm_readconsole(op->u.readconsole.clear); + ret = xsm_readconsole(XSM_HOOK, op->u.readconsole.clear); if ( ret ) break; @@ -87,7 +87,7 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe if ( num_domains == op->u.getdomaininfolist.max_domains ) break; - ret = xsm_getdomaininfo(d); + ret = xsm_getdomaininfo(XSM_HOOK, d); if ( ret ) continue; @@ -186,7 +186,7 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe uint32_t *status, *ptr; unsigned long pfn; - ret = xsm_page_offline(op->u.page_offline.cmd); + ret = xsm_page_offline(XSM_HOOK, op->u.page_offline.cmd); if ( ret ) break; diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/common/xenoprof.c --- a/xen/common/xenoprof.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/common/xenoprof.c Fri Jan 11 10:44:01 2013 +0000 @@ -677,7 +677,7 @@ ret_t do_xenoprof_op(int op, XEN_GUEST_H return -EPERM; } - ret = xsm_profile(current->domain, op); + ret = xsm_profile(XSM_HOOK, current->domain, op); if ( ret ) return ret; diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/drivers/char/console.c --- a/xen/drivers/char/console.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/drivers/char/console.c Fri Jan 11 10:44:01 2013 +0000 @@ -406,7 +406,7 @@ long do_console_io(int cmd, int count, X long rc; unsigned int idx, len; - rc = xsm_console_io(current->domain, cmd); + rc = xsm_console_io(XSM_OTHER, current->domain, cmd); if ( rc ) return rc; diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/drivers/passthrough/iommu.c --- a/xen/drivers/passthrough/iommu.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/drivers/passthrough/iommu.c Fri Jan 11 10:44:01 2013 +0000 @@ -514,7 +514,7 @@ static int iommu_get_device_group( ((pdev->bus == bus) && (pdev->devfn == devfn)) ) continue; - if ( xsm_get_device_group((seg << 16) | (pdev->bus << 8) | pdev->devfn) ) + if ( xsm_get_device_group(XSM_HOOK, (seg << 16) | (pdev->bus << 8) | pdev->devfn) ) continue; sdev_id = ops->get_device_group_id(seg, pdev->bus, pdev->devfn); @@ -617,7 +617,7 @@ int iommu_do_domctl( u32 max_sdevs; XEN_GUEST_HANDLE_64(uint32) sdevs; - ret = xsm_get_device_group(domctl->u.get_device_group.machine_sbdf); + ret = xsm_get_device_group(XSM_HOOK, domctl->u.get_device_group.machine_sbdf); if ( ret ) break; @@ -645,7 +645,7 @@ int iommu_do_domctl( break; case XEN_DOMCTL_test_assign_device: - ret = xsm_test_assign_device(domctl->u.assign_device.machine_sbdf); + ret = xsm_test_assign_device(XSM_HOOK, domctl->u.assign_device.machine_sbdf); if ( ret ) break; @@ -669,7 +669,7 @@ int iommu_do_domctl( break; } - ret = xsm_assign_device(d, domctl->u.assign_device.machine_sbdf); + ret = xsm_assign_device(XSM_HOOK, d, domctl->u.assign_device.machine_sbdf); if ( ret ) break; @@ -688,7 +688,7 @@ int iommu_do_domctl( break; case XEN_DOMCTL_deassign_device: - ret = xsm_deassign_device(d, domctl->u.assign_device.machine_sbdf); + ret = xsm_deassign_device(XSM_HOOK, d, domctl->u.assign_device.machine_sbdf); if ( ret ) break; diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/drivers/passthrough/pci.c --- a/xen/drivers/passthrough/pci.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/drivers/passthrough/pci.c Fri Jan 11 10:44:01 2013 +0000 @@ -477,7 +477,7 @@ int pci_add_device(u16 seg, u8 bus, u8 d pdev_type = "device"; } - ret = xsm_resource_plug_pci((seg << 16) | (bus << 8) | devfn); + ret = xsm_resource_plug_pci(XSM_PRIV, (seg << 16) | (bus << 8) | devfn); if ( ret ) return ret; @@ -604,7 +604,7 @@ int pci_remove_device(u16 seg, u8 bus, u struct pci_dev *pdev; int ret; - ret = xsm_resource_unplug_pci((seg << 16) | (bus << 8) | devfn); + ret = xsm_resource_unplug_pci(XSM_PRIV, (seg << 16) | (bus << 8) | devfn); if ( ret ) return ret; diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/include/xsm/dummy.h --- a/xen/include/xsm/dummy.h Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/include/xsm/dummy.h Fri Jan 11 10:44:01 2013 +0000 @@ -6,68 +6,132 @@ * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2, * as published by the Free Software Foundation. + * + * + * Each XSM hook implementing an access check should have its first parameter + * preceded by XSM_DEFAULT_ARG (or use XSM_DEFAULT_VOID if it has no + * arguments). The first non-declaration statement shold be XSM_ASSERT_ACTION + * with the expected type of the hook, which will either define or check the + * value of action. */ #include #include +/* Cannot use BUILD_BUG_ON here because the expressions we check are not + * considered constant at compile time. Instead, rely on constant propagation to + * inline out the calls to this invalid function, which will cause linker errors + * if references remain at link time. + */ +#define LINKER_BUG_ON(x) do { if (x) __xsm_action_mismatch_detected(); } while (0) +/* DO NOT implement this function; it is supposed to trigger link errors */ +void __xsm_action_mismatch_detected(void); + +#ifdef XSM_ENABLE + +/* In XSM_ENABLE builds, this header file is included from xsm/dummy.c, and + * contains static (not inline) functions compiled to the dummy XSM module. + * There is no xsm_default_t argument available, so the value from the assertion + * is used to initialize the variable. + */ +#define XSM_INLINE /* */ +#define XSM_DEFAULT_ARG /* */ +#define XSM_DEFAULT_VOID void +#define XSM_ASSERT_ACTION(def) xsm_default_t action = def; (void)action + +#else /* XSM_ENABLE */ + +/* In !XSM_ENABLE builds, this header file is included from xsm/xsm.h, and + * contains inline functions for each XSM hook. These functions also perform + * compile-time checks on the xsm_default_t argument to ensure that the behavior + * of the dummy XSM module is the same as the behavior with XSM disabled. + */ +#define XSM_INLINE inline +#define XSM_DEFAULT_ARG xsm_default_t action, +#define XSM_DEFAULT_VOID xsm_default_t action +#define XSM_ASSERT_ACTION(def) LINKER_BUG_ON(def != action) + +#endif /* XSM_ENABLE */ + +static inline int xsm_default_action(xsm_default_t action, struct domain *src, + struct domain *target) +{ + switch ( action ) { + case XSM_HOOK: + return 0; + case XSM_DM_PRIV: + if ( !IS_PRIV_FOR(src, target) ) + return -EPERM; + return 0; + case XSM_TARGET: + if ( src != target && !IS_PRIV_FOR(src, target) ) + return -EPERM; + return 0; + case XSM_PRIV: + if ( !IS_PRIV(src) ) + return -EPERM; + return 0; + default: + LINKER_BUG_ON(1); + return -EPERM; + } +} + static XSM_INLINE void xsm_security_domaininfo(struct domain *d, struct xen_domctl_getdomaininfo *info) { return; } -static XSM_INLINE int xsm_domain_create(struct domain *d, u32 ssidref) +static XSM_INLINE int xsm_domain_create(XSM_DEFAULT_ARG struct domain *d, u32 ssidref) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_getdomaininfo(struct domain *d) +static XSM_INLINE int xsm_getdomaininfo(XSM_DEFAULT_ARG struct domain *d) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_set_target(struct domain *d, struct domain *e) +static XSM_INLINE int xsm_set_target(XSM_DEFAULT_ARG struct domain *d, struct domain *e) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_domctl(struct domain *d, int cmd) +static XSM_INLINE int xsm_domctl(XSM_DEFAULT_ARG struct domain *d, int cmd) { + XSM_ASSERT_ACTION(XSM_OTHER); switch ( cmd ) { case XEN_DOMCTL_ioport_mapping: case XEN_DOMCTL_memory_mapping: case XEN_DOMCTL_bind_pt_irq: - case XEN_DOMCTL_unbind_pt_irq: { - if ( !IS_PRIV_FOR(current->domain, d) ) - return -EPERM; - break; + case XEN_DOMCTL_unbind_pt_irq: + return xsm_default_action(XSM_DM_PRIV, current->domain, d); + default: + return xsm_default_action(XSM_PRIV, current->domain, d); } - default: - if ( !IS_PRIV(current->domain) ) - return -EPERM; - } - return 0; } -static XSM_INLINE int xsm_sysctl(int cmd) +static XSM_INLINE int xsm_sysctl(XSM_DEFAULT_ARG int cmd) { - if ( !IS_PRIV(current->domain) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_readconsole(uint32_t clear) +static XSM_INLINE int xsm_readconsole(XSM_DEFAULT_ARG uint32_t clear) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_do_mca(void) +static XSM_INLINE int xsm_do_mca(XSM_DEFAULT_VOID) { - if ( !IS_PRIV(current->domain) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } static XSM_INLINE int xsm_alloc_security_domain(struct domain *d) @@ -80,109 +144,109 @@ static XSM_INLINE void xsm_free_security return; } -static XSM_INLINE int xsm_grant_mapref(struct domain *d1, struct domain *d2, +static XSM_INLINE int xsm_grant_mapref(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2, uint32_t flags) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_grant_unmapref(struct domain *d1, struct domain *d2) +static XSM_INLINE int xsm_grant_unmapref(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_grant_setup(struct domain *d1, struct domain *d2) +static XSM_INLINE int xsm_grant_setup(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - if ( d1 != d2 && !IS_PRIV_FOR(d1, d2) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_grant_transfer(struct domain *d1, struct domain *d2) +static XSM_INLINE int xsm_grant_transfer(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_grant_copy(struct domain *d1, struct domain *d2) +static XSM_INLINE int xsm_grant_copy(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_grant_query_size(struct domain *d1, struct domain *d2) +static XSM_INLINE int xsm_grant_query_size(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - if ( d1 != d2 && !IS_PRIV_FOR(d1, d2) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_memory_exchange(struct domain *d) +static XSM_INLINE int xsm_memory_exchange(XSM_DEFAULT_ARG struct domain *d) { - if ( d != current->domain && !IS_PRIV_FOR(current->domain, d) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_memory_adjust_reservation(struct domain *d1, +static XSM_INLINE int xsm_memory_adjust_reservation(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - if ( d1 != d2 && !IS_PRIV_FOR(d1, d2) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_memory_stat_reservation(struct domain *d1, struct domain *d2) +static XSM_INLINE int xsm_memory_stat_reservation(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - if ( d1 != d2 && !IS_PRIV_FOR(d1, d2) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_console_io(struct domain *d, int cmd) +static XSM_INLINE int xsm_console_io(XSM_DEFAULT_ARG struct domain *d, int cmd) { -#ifndef VERBOSE - if ( !IS_PRIV(current->domain) ) - return -EPERM; + XSM_ASSERT_ACTION(XSM_OTHER); +#ifdef VERBOSE + return xsm_default_action(XSM_HOOK, current->domain, NULL); +#else + return xsm_default_action(XSM_PRIV, current->domain, NULL); #endif - return 0; } -static XSM_INLINE int xsm_profile(struct domain *d, int op) +static XSM_INLINE int xsm_profile(XSM_DEFAULT_ARG struct domain *d, int op) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_kexec(void) +static XSM_INLINE int xsm_kexec(XSM_DEFAULT_VOID) { - if ( !IS_PRIV(current->domain) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_schedop_shutdown(struct domain *d1, struct domain *d2) +static XSM_INLINE int xsm_schedop_shutdown(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - if ( !IS_PRIV_FOR(d1, d2) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_DM_PRIV); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_memory_pin_page(struct domain *d1, struct domain *d2, +static XSM_INLINE int xsm_memory_pin_page(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2, struct page_info *page) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_evtchn_unbound(struct domain *d, struct evtchn *chn, +static XSM_INLINE int xsm_evtchn_unbound(XSM_DEFAULT_ARG struct domain *d, struct evtchn *chn, domid_t id2) { - if ( current->domain != d && !IS_PRIV_FOR(current->domain, d) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_evtchn_interdomain(struct domain *d1, struct evtchn +static XSM_INLINE int xsm_evtchn_interdomain(XSM_DEFAULT_ARG struct domain *d1, struct evtchn *chan1, struct domain *d2, struct evtchn *chan2) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, d1, d2); } static XSM_INLINE void xsm_evtchn_close_post(struct evtchn *chn) @@ -190,23 +254,22 @@ static XSM_INLINE void xsm_evtchn_close_ return; } -static XSM_INLINE int xsm_evtchn_send(struct domain *d, struct evtchn *chn) +static XSM_INLINE int xsm_evtchn_send(XSM_DEFAULT_ARG struct domain *d, struct evtchn *chn) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_evtchn_status(struct domain *d, struct evtchn *chn) +static XSM_INLINE int xsm_evtchn_status(XSM_DEFAULT_ARG struct domain *d, struct evtchn *chn) { - if ( current->domain != d && !IS_PRIV_FOR(current->domain, d) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_evtchn_reset(struct domain *d1, struct domain *d2) +static XSM_INLINE int xsm_evtchn_reset(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - if ( d1 != d2 && !IS_PRIV_FOR(d1, d2) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d1, d2); } static XSM_INLINE int xsm_alloc_security_evtchn(struct evtchn *chn) @@ -224,88 +287,88 @@ static XSM_INLINE char *xsm_show_securit return NULL; } -static XSM_INLINE int xsm_get_pod_target(struct domain *d) +static XSM_INLINE int xsm_get_pod_target(XSM_DEFAULT_ARG struct domain *d) { - if ( !IS_PRIV(current->domain) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_set_pod_target(struct domain *d) +static XSM_INLINE int xsm_set_pod_target(XSM_DEFAULT_ARG struct domain *d) { - if ( !IS_PRIV(current->domain) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_get_device_group(uint32_t machine_bdf) +static XSM_INLINE int xsm_get_device_group(XSM_DEFAULT_ARG uint32_t machine_bdf) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_test_assign_device(uint32_t machine_bdf) +static XSM_INLINE int xsm_test_assign_device(XSM_DEFAULT_ARG uint32_t machine_bdf) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_assign_device(struct domain *d, uint32_t machine_bdf) +static XSM_INLINE int xsm_assign_device(XSM_DEFAULT_ARG struct domain *d, uint32_t machine_bdf) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_deassign_device(struct domain *d, uint32_t machine_bdf) +static XSM_INLINE int xsm_deassign_device(XSM_DEFAULT_ARG struct domain *d, uint32_t machine_bdf) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_resource_plug_core(void) +static XSM_INLINE int xsm_resource_plug_core(XSM_DEFAULT_VOID) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_resource_unplug_core(void) +static XSM_INLINE int xsm_resource_unplug_core(XSM_DEFAULT_VOID) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_resource_plug_pci(uint32_t machine_bdf) +static XSM_INLINE int xsm_resource_plug_pci(XSM_DEFAULT_ARG uint32_t machine_bdf) { - if ( !IS_PRIV(current->domain) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_resource_unplug_pci(uint32_t machine_bdf) +static XSM_INLINE int xsm_resource_unplug_pci(XSM_DEFAULT_ARG uint32_t machine_bdf) { - if ( !IS_PRIV(current->domain) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_resource_setup_pci(uint32_t machine_bdf) +static XSM_INLINE int xsm_resource_setup_pci(XSM_DEFAULT_ARG uint32_t machine_bdf) { - if ( !IS_PRIV(current->domain) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_resource_setup_gsi(int gsi) +static XSM_INLINE int xsm_resource_setup_gsi(XSM_DEFAULT_ARG int gsi) { - if ( !IS_PRIV(current->domain) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_resource_setup_misc(void) +static XSM_INLINE int xsm_resource_setup_misc(XSM_DEFAULT_VOID) { - if ( !IS_PRIV(current->domain) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_page_offline(uint32_t cmd) +static XSM_INLINE int xsm_page_offline(XSM_DEFAULT_ARG uint32_t cmd) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } static XSM_INLINE long xsm_do_xsm_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) @@ -318,187 +381,179 @@ static XSM_INLINE char *xsm_show_irq_sid return NULL; } -static XSM_INLINE int xsm_map_domain_pirq(struct domain *d, int irq, void *data) +static XSM_INLINE int xsm_map_domain_pirq(XSM_DEFAULT_ARG struct domain *d, int irq, void *data) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_unmap_domain_pirq(struct domain *d, int irq) +static XSM_INLINE int xsm_unmap_domain_pirq(XSM_DEFAULT_ARG struct domain *d, int irq) { - if ( !IS_PRIV_FOR(current->domain, d) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_irq_permission(struct domain *d, int pirq, uint8_t allow) +static XSM_INLINE int xsm_irq_permission(XSM_DEFAULT_ARG struct domain *d, int pirq, uint8_t allow) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_iomem_permission(struct domain *d, uint64_t s, uint64_t e, uint8_t allow) +static XSM_INLINE int xsm_iomem_permission(XSM_DEFAULT_ARG struct domain *d, uint64_t s, uint64_t e, uint8_t allow) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_iomem_mapping(struct domain *d, uint64_t s, uint64_t e, uint8_t allow) +static XSM_INLINE int xsm_iomem_mapping(XSM_DEFAULT_ARG struct domain *d, uint64_t s, uint64_t e, uint8_t allow) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_pci_config_permission(struct domain *d, uint32_t machine_bdf, +static XSM_INLINE int xsm_pci_config_permission(XSM_DEFAULT_ARG struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } #ifdef CONFIG_X86 -static XSM_INLINE int xsm_shadow_control(struct domain *d, uint32_t op) +static XSM_INLINE int xsm_shadow_control(XSM_DEFAULT_ARG struct domain *d, uint32_t op) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_hvm_param(struct domain *d, unsigned long op) +static XSM_INLINE int xsm_hvm_param(XSM_DEFAULT_ARG struct domain *d, unsigned long op) { - if ( current->domain != d && !IS_PRIV_FOR(current->domain, d) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_hvm_set_pci_intx_level(struct domain *d) +static XSM_INLINE int xsm_hvm_set_pci_intx_level(XSM_DEFAULT_ARG struct domain *d) { - if ( !IS_PRIV_FOR(current->domain, d) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_DM_PRIV); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_hvm_set_isa_irq_level(struct domain *d) +static XSM_INLINE int xsm_hvm_set_isa_irq_level(XSM_DEFAULT_ARG struct domain *d) { - if ( !IS_PRIV_FOR(current->domain, d) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_DM_PRIV); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_hvm_set_pci_link_route(struct domain *d) +static XSM_INLINE int xsm_hvm_set_pci_link_route(XSM_DEFAULT_ARG struct domain *d) { - if ( !IS_PRIV_FOR(current->domain, d) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_DM_PRIV); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_hvm_inject_msi(struct domain *d) +static XSM_INLINE int xsm_hvm_inject_msi(XSM_DEFAULT_ARG struct domain *d) { - if ( !IS_PRIV_FOR(current->domain, d) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_DM_PRIV); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_mem_event_control(struct domain *d, int mode, int op) +static XSM_INLINE int xsm_mem_event_control(XSM_DEFAULT_ARG struct domain *d, int mode, int op) { - if ( !IS_PRIV(current->domain) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_mem_event_op(struct domain *d, int op) +static XSM_INLINE int xsm_mem_event_op(XSM_DEFAULT_ARG struct domain *d, int op) { - if ( !IS_PRIV_FOR(current->domain, d) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_mem_sharing_op(struct domain *d, struct domain *cd, int op) +static XSM_INLINE int xsm_mem_sharing_op(XSM_DEFAULT_ARG struct domain *d, struct domain *cd, int op) { - if ( !IS_PRIV_FOR(current->domain, cd) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, current->domain, cd); } -static XSM_INLINE int xsm_apic(struct domain *d, int cmd) +static XSM_INLINE int xsm_apic(XSM_DEFAULT_ARG struct domain *d, int cmd) { - if ( !IS_PRIV(d) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, d, NULL); } -static XSM_INLINE int xsm_platform_op(uint32_t op) +static XSM_INLINE int xsm_platform_op(XSM_DEFAULT_ARG uint32_t op) { - if ( !IS_PRIV(current->domain) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_machine_memory_map(void) +static XSM_INLINE int xsm_machine_memory_map(XSM_DEFAULT_VOID) { - if ( !IS_PRIV(current->domain) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_domain_memory_map(struct domain *d) +static XSM_INLINE int xsm_domain_memory_map(XSM_DEFAULT_ARG struct domain *d) { - if ( current->domain != d && !IS_PRIV_FOR(current->domain, d) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_mmu_update(struct domain *d, struct domain *t, +static XSM_INLINE int xsm_mmu_update(XSM_DEFAULT_ARG struct domain *d, struct domain *t, struct domain *f, uint32_t flags) { + XSM_ASSERT_ACTION(XSM_TARGET); if ( t && d != t && !IS_PRIV_FOR(d, t) ) return -EPERM; - if ( d != f && !IS_PRIV_FOR(d, f) ) - return -EPERM; - return 0; + return xsm_default_action(action, d, f); } -static XSM_INLINE int xsm_mmuext_op(struct domain *d, struct domain *f) +static XSM_INLINE int xsm_mmuext_op(XSM_DEFAULT_ARG struct domain *d, struct domain *f) { - if ( d != f && !IS_PRIV_FOR(d, f) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d, f); } -static XSM_INLINE int xsm_update_va_mapping(struct domain *d, struct domain *f, +static XSM_INLINE int xsm_update_va_mapping(XSM_DEFAULT_ARG struct domain *d, struct domain *f, l1_pgentry_t pte) { - if ( d != f && !IS_PRIV_FOR(d, f) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d, f); } -static XSM_INLINE int xsm_add_to_physmap(struct domain *d1, struct domain *d2) +static XSM_INLINE int xsm_add_to_physmap(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - if ( d1 != d2 && !IS_PRIV_FOR(d1, d2) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_remove_from_physmap(struct domain *d1, struct domain *d2) +static XSM_INLINE int xsm_remove_from_physmap(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - if ( d1 != d2 && !IS_PRIV_FOR(d1, d2) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_bind_pt_irq(struct domain *d, struct xen_domctl_bind_pt_irq *bind) +static XSM_INLINE int xsm_bind_pt_irq(XSM_DEFAULT_ARG struct domain *d, struct xen_domctl_bind_pt_irq *bind) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_unbind_pt_irq(struct domain *d, struct xen_domctl_bind_pt_irq *bind) +static XSM_INLINE int xsm_unbind_pt_irq(XSM_DEFAULT_ARG struct domain *d, struct xen_domctl_bind_pt_irq *bind) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_ioport_permission(struct domain *d, uint32_t s, uint32_t e, uint8_t allow) +static XSM_INLINE int xsm_ioport_permission(XSM_DEFAULT_ARG struct domain *d, uint32_t s, uint32_t e, uint8_t allow) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_ioport_mapping(struct domain *d, uint32_t s, uint32_t e, uint8_t allow) +static XSM_INLINE int xsm_ioport_mapping(XSM_DEFAULT_ARG struct domain *d, uint32_t s, uint32_t e, uint8_t allow) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } #endif diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/include/xsm/xsm.h --- a/xen/include/xsm/xsm.h Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/include/xsm/xsm.h Fri Jan 11 10:44:01 2013 +0000 @@ -27,6 +27,18 @@ typedef u32 xsm_magic_t; #define XSM_MAGIC 0x00000000 #endif +/* These annotations are used by callers and in dummy.h to document the + * default actions of XSM hooks. They should be compiled out otherwise. + */ +enum xsm_default { + XSM_HOOK, /* Guests can normally access the hypercall */ + XSM_DM_PRIV, /* Device model can perform on its target domain */ + XSM_TARGET, /* Can perform on self or your target domain */ + XSM_PRIV, /* Privileged - normally restricted to dom0 */ + XSM_OTHER /* Something more complex */ +}; +typedef enum xsm_default xsm_default_t; + extern char *policy_buffer; extern u32 policy_size; @@ -153,48 +165,48 @@ static inline void xsm_security_domainin xsm_ops->security_domaininfo(d, info); } -static inline int xsm_domain_create (struct domain *d, u32 ssidref) +static inline int xsm_domain_create (xsm_default_t def, struct domain *d, u32 ssidref) { return xsm_ops->domain_create(d, ssidref); } -static inline int xsm_getdomaininfo (struct domain *d) +static inline int xsm_getdomaininfo (xsm_default_t def, struct domain *d) { return xsm_ops->getdomaininfo(d); } -static inline int xsm_set_target (struct domain *d, struct domain *e) +static inline int xsm_set_target (xsm_default_t def, struct domain *d, struct domain *e) { return xsm_ops->set_target(d, e); } -static inline int xsm_domctl (struct domain *d, int cmd) +static inline int xsm_domctl (xsm_default_t def, struct domain *d, int cmd) { return xsm_ops->domctl(d, cmd); } -static inline int xsm_sysctl (int cmd) +static inline int xsm_sysctl (xsm_default_t def, int cmd) { return xsm_ops->sysctl(cmd); } -static inline int xsm_readconsole (uint32_t clear) +static inline int xsm_readconsole (xsm_default_t def, uint32_t clear) { return xsm_ops->readconsole(clear); } -static inline int xsm_do_mca(void) +static inline int xsm_do_mca(xsm_default_t def) { return xsm_ops->do_mca(); } -static inline int xsm_evtchn_unbound (struct domain *d1, struct evtchn *chn, +static inline int xsm_evtchn_unbound (xsm_default_t def, struct domain *d1, struct evtchn *chn, domid_t id2) { return xsm_ops->evtchn_unbound(d1, chn, id2); } -static inline int xsm_evtchn_interdomain (struct domain *d1, +static inline int xsm_evtchn_interdomain (xsm_default_t def, struct domain *d1, struct evtchn *chan1, struct domain *d2, struct evtchn *chan2) { return xsm_ops->evtchn_interdomain(d1, chan1, d2, chan2); @@ -205,48 +217,48 @@ static inline void xsm_evtchn_close_post xsm_ops->evtchn_close_post(chn); } -static inline int xsm_evtchn_send (struct domain *d, struct evtchn *chn) +static inline int xsm_evtchn_send (xsm_default_t def, struct domain *d, struct evtchn *chn) { return xsm_ops->evtchn_send(d, chn); } -static inline int xsm_evtchn_status (struct domain *d, struct evtchn *chn) +static inline int xsm_evtchn_status (xsm_default_t def, struct domain *d, struct evtchn *chn) { return xsm_ops->evtchn_status(d, chn); } -static inline int xsm_evtchn_reset (struct domain *d1, struct domain *d2) +static inline int xsm_evtchn_reset (xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->evtchn_reset(d1, d2); } -static inline int xsm_grant_mapref (struct domain *d1, struct domain *d2, +static inline int xsm_grant_mapref (xsm_default_t def, struct domain *d1, struct domain *d2, uint32_t flags) { return xsm_ops->grant_mapref(d1, d2, flags); } -static inline int xsm_grant_unmapref (struct domain *d1, struct domain *d2) +static inline int xsm_grant_unmapref (xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->grant_unmapref(d1, d2); } -static inline int xsm_grant_setup (struct domain *d1, struct domain *d2) +static inline int xsm_grant_setup (xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->grant_setup(d1, d2); } -static inline int xsm_grant_transfer (struct domain *d1, struct domain *d2) +static inline int xsm_grant_transfer (xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->grant_transfer(d1, d2); } -static inline int xsm_grant_copy (struct domain *d1, struct domain *d2) +static inline int xsm_grant_copy (xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->grant_copy(d1, d2); } -static inline int xsm_grant_query_size (struct domain *d1, struct domain *d2) +static inline int xsm_grant_query_size (xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->grant_query_size(d1, d2); } @@ -276,60 +288,60 @@ static inline char *xsm_show_security_ev return xsm_ops->show_security_evtchn(d, chn); } -static inline int xsm_get_pod_target (struct domain *d) +static inline int xsm_get_pod_target (xsm_default_t def, struct domain *d) { return xsm_ops->get_pod_target(d); } -static inline int xsm_set_pod_target (struct domain *d) +static inline int xsm_set_pod_target (xsm_default_t def, struct domain *d) { return xsm_ops->set_pod_target(d); } -static inline int xsm_memory_exchange (struct domain *d) +static inline int xsm_memory_exchange (xsm_default_t def, struct domain *d) { return xsm_ops->memory_exchange(d); } -static inline int xsm_memory_adjust_reservation (struct domain *d1, struct +static inline int xsm_memory_adjust_reservation (xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->memory_adjust_reservation(d1, d2); } -static inline int xsm_memory_stat_reservation (struct domain *d1, +static inline int xsm_memory_stat_reservation (xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->memory_stat_reservation(d1, d2); } -static inline int xsm_memory_pin_page(struct domain *d1, struct domain *d2, +static inline int xsm_memory_pin_page(xsm_default_t def, struct domain *d1, struct domain *d2, struct page_info *page) { return xsm_ops->memory_pin_page(d1, d2, page); } -static inline int xsm_remove_from_physmap(struct domain *d1, struct domain *d2) +static inline int xsm_remove_from_physmap(xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->remove_from_physmap(d1, d2); } -static inline int xsm_console_io (struct domain *d, int cmd) +static inline int xsm_console_io (xsm_default_t def, struct domain *d, int cmd) { return xsm_ops->console_io(d, cmd); } -static inline int xsm_profile (struct domain *d, int op) +static inline int xsm_profile (xsm_default_t def, struct domain *d, int op) { return xsm_ops->profile(d, op); } -static inline int xsm_kexec (void) +static inline int xsm_kexec (xsm_default_t def) { return xsm_ops->kexec(); } -static inline int xsm_schedop_shutdown (struct domain *d1, struct domain *d2) +static inline int xsm_schedop_shutdown (xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->schedop_shutdown(d1, d2); } @@ -339,92 +351,92 @@ static inline char *xsm_show_irq_sid (in return xsm_ops->show_irq_sid(irq); } -static inline int xsm_map_domain_pirq (struct domain *d, int irq, void *data) +static inline int xsm_map_domain_pirq (xsm_default_t def, struct domain *d, int irq, void *data) { return xsm_ops->map_domain_pirq(d, irq, data); } -static inline int xsm_unmap_domain_pirq (struct domain *d, int irq) +static inline int xsm_unmap_domain_pirq (xsm_default_t def, struct domain *d, int irq) { return xsm_ops->unmap_domain_pirq(d, irq); } -static inline int xsm_irq_permission (struct domain *d, int pirq, uint8_t allow) +static inline int xsm_irq_permission (xsm_default_t def, struct domain *d, int pirq, uint8_t allow) { return xsm_ops->irq_permission(d, pirq, allow); } -static inline int xsm_iomem_permission (struct domain *d, uint64_t s, uint64_t e, uint8_t allow) +static inline int xsm_iomem_permission (xsm_default_t def, struct domain *d, uint64_t s, uint64_t e, uint8_t allow) { return xsm_ops->iomem_permission(d, s, e, allow); } -static inline int xsm_iomem_mapping (struct domain *d, uint64_t s, uint64_t e, uint8_t allow) +static inline int xsm_iomem_mapping (xsm_default_t def, struct domain *d, uint64_t s, uint64_t e, uint8_t allow) { return xsm_ops->iomem_mapping(d, s, e, allow); } -static inline int xsm_pci_config_permission (struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access) +static inline int xsm_pci_config_permission (xsm_default_t def, struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access) { return xsm_ops->pci_config_permission(d, machine_bdf, start, end, access); } -static inline int xsm_get_device_group(uint32_t machine_bdf) +static inline int xsm_get_device_group(xsm_default_t def, uint32_t machine_bdf) { return xsm_ops->get_device_group(machine_bdf); } -static inline int xsm_test_assign_device(uint32_t machine_bdf) +static inline int xsm_test_assign_device(xsm_default_t def, uint32_t machine_bdf) { return xsm_ops->test_assign_device(machine_bdf); } -static inline int xsm_assign_device(struct domain *d, uint32_t machine_bdf) +static inline int xsm_assign_device(xsm_default_t def, struct domain *d, uint32_t machine_bdf) { return xsm_ops->assign_device(d, machine_bdf); } -static inline int xsm_deassign_device(struct domain *d, uint32_t machine_bdf) +static inline int xsm_deassign_device(xsm_default_t def, struct domain *d, uint32_t machine_bdf) { return xsm_ops->deassign_device(d, machine_bdf); } -static inline int xsm_resource_plug_pci (uint32_t machine_bdf) +static inline int xsm_resource_plug_pci (xsm_default_t def, uint32_t machine_bdf) { return xsm_ops->resource_plug_pci(machine_bdf); } -static inline int xsm_resource_unplug_pci (uint32_t machine_bdf) +static inline int xsm_resource_unplug_pci (xsm_default_t def, uint32_t machine_bdf) { return xsm_ops->resource_unplug_pci(machine_bdf); } -static inline int xsm_resource_plug_core (void) +static inline int xsm_resource_plug_core (xsm_default_t def) { return xsm_ops->resource_plug_core(); } -static inline int xsm_resource_unplug_core (void) +static inline int xsm_resource_unplug_core (xsm_default_t def) { return xsm_ops->resource_unplug_core(); } -static inline int xsm_resource_setup_pci (uint32_t machine_bdf) +static inline int xsm_resource_setup_pci (xsm_default_t def, uint32_t machine_bdf) { return xsm_ops->resource_setup_pci(machine_bdf); } -static inline int xsm_resource_setup_gsi (int gsi) +static inline int xsm_resource_setup_gsi (xsm_default_t def, int gsi) { return xsm_ops->resource_setup_gsi(gsi); } -static inline int xsm_resource_setup_misc (void) +static inline int xsm_resource_setup_misc (xsm_default_t def) { return xsm_ops->resource_setup_misc(); } -static inline int xsm_page_offline(uint32_t cmd) +static inline int xsm_page_offline(xsm_default_t def, uint32_t cmd) { return xsm_ops->page_offline(cmd); } @@ -435,116 +447,116 @@ static inline long xsm_do_xsm_op (XEN_GU } #ifdef CONFIG_X86 -static inline int xsm_shadow_control (struct domain *d, uint32_t op) +static inline int xsm_shadow_control (xsm_default_t def, struct domain *d, uint32_t op) { return xsm_ops->shadow_control(d, op); } -static inline int xsm_hvm_param (struct domain *d, unsigned long op) +static inline int xsm_hvm_param (xsm_default_t def, struct domain *d, unsigned long op) { return xsm_ops->hvm_param(d, op); } -static inline int xsm_hvm_set_pci_intx_level (struct domain *d) +static inline int xsm_hvm_set_pci_intx_level (xsm_default_t def, struct domain *d) { return xsm_ops->hvm_set_pci_intx_level(d); } -static inline int xsm_hvm_set_isa_irq_level (struct domain *d) +static inline int xsm_hvm_set_isa_irq_level (xsm_default_t def, struct domain *d) { return xsm_ops->hvm_set_isa_irq_level(d); } -static inline int xsm_hvm_set_pci_link_route (struct domain *d) +static inline int xsm_hvm_set_pci_link_route (xsm_default_t def, struct domain *d) { return xsm_ops->hvm_set_pci_link_route(d); } -static inline int xsm_hvm_inject_msi (struct domain *d) +static inline int xsm_hvm_inject_msi (xsm_default_t def, struct domain *d) { return xsm_ops->hvm_inject_msi(d); } -static inline int xsm_mem_event_control (struct domain *d, int mode, int op) +static inline int xsm_mem_event_control (xsm_default_t def, struct domain *d, int mode, int op) { return xsm_ops->mem_event_control(d, mode, op); } -static inline int xsm_mem_event_op (struct domain *d, int op) +static inline int xsm_mem_event_op (xsm_default_t def, struct domain *d, int op) { return xsm_ops->mem_event_op(d, op); } -static inline int xsm_mem_sharing_op (struct domain *d, struct domain *cd, int op) +static inline int xsm_mem_sharing_op (xsm_default_t def, struct domain *d, struct domain *cd, int op) { return xsm_ops->mem_sharing_op(d, cd, op); } -static inline int xsm_apic (struct domain *d, int cmd) +static inline int xsm_apic (xsm_default_t def, struct domain *d, int cmd) { return xsm_ops->apic(d, cmd); } -static inline int xsm_memtype (uint32_t access) +static inline int xsm_memtype (xsm_default_t def, uint32_t access) { return xsm_ops->memtype(access); } -static inline int xsm_platform_op (uint32_t op) +static inline int xsm_platform_op (xsm_default_t def, uint32_t op) { return xsm_ops->platform_op(op); } -static inline int xsm_machine_memory_map(void) +static inline int xsm_machine_memory_map(xsm_default_t def) { return xsm_ops->machine_memory_map(); } -static inline int xsm_domain_memory_map(struct domain *d) +static inline int xsm_domain_memory_map(xsm_default_t def, struct domain *d) { return xsm_ops->domain_memory_map(d); } -static inline int xsm_mmu_update (struct domain *d, struct domain *t, +static inline int xsm_mmu_update (xsm_default_t def, struct domain *d, struct domain *t, struct domain *f, uint32_t flags) { return xsm_ops->mmu_update(d, t, f, flags); } -static inline int xsm_mmuext_op (struct domain *d, struct domain *f) +static inline int xsm_mmuext_op (xsm_default_t def, struct domain *d, struct domain *f) { return xsm_ops->mmuext_op(d, f); } -static inline int xsm_update_va_mapping(struct domain *d, struct domain *f, +static inline int xsm_update_va_mapping(xsm_default_t def, struct domain *d, struct domain *f, l1_pgentry_t pte) { return xsm_ops->update_va_mapping(d, f, pte); } -static inline int xsm_add_to_physmap(struct domain *d1, struct domain *d2) +static inline int xsm_add_to_physmap(xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->add_to_physmap(d1, d2); } -static inline int xsm_bind_pt_irq(struct domain *d, +static inline int xsm_bind_pt_irq(xsm_default_t def, struct domain *d, struct xen_domctl_bind_pt_irq *bind) { return xsm_ops->bind_pt_irq(d, bind); } -static inline int xsm_unbind_pt_irq(struct domain *d, +static inline int xsm_unbind_pt_irq(xsm_default_t def, struct domain *d, struct xen_domctl_bind_pt_irq *bind) { return xsm_ops->unbind_pt_irq(d, bind); } -static inline int xsm_ioport_permission (struct domain *d, uint32_t s, uint32_t e, uint8_t allow) +static inline int xsm_ioport_permission (xsm_default_t def, struct domain *d, uint32_t s, uint32_t e, uint8_t allow) { return xsm_ops->ioport_permission(d, s, e, allow); } -static inline int xsm_ioport_mapping (struct domain *d, uint32_t s, uint32_t e, uint8_t allow) +static inline int xsm_ioport_mapping (xsm_default_t def, struct domain *d, uint32_t s, uint32_t e, uint8_t allow) { return xsm_ops->ioport_mapping(d, s, e, allow); } @@ -564,7 +576,6 @@ extern void xsm_fixup_ops(struct xsm_ope #else /* XSM_ENABLE */ -#define XSM_INLINE inline #include static inline int xsm_init (unsigned long *module_map, _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:25:10 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:25:10 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOJ4-0000K9-0E; Wed, 16 Jan 2013 08:25:10 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOJ2-0000Jq-11 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:25:08 +0000 Received: from [85.158.143.35:62316] by server-1.bemta-4.messagelabs.com id 60/56-18740-2E366F05; Wed, 16 Jan 2013 08:25:06 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-12.tower-21.messagelabs.com!1358324536!12566907!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 28218 invoked from network); 16 Jan 2013 08:22:18 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-12.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:18 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGG-0003ra-Ka for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:16 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGG-0000bN-JE for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:16 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:15 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen/xsm: Add xsm_default parameter to XSM hooks X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357901041 0 # Node ID 1d94ac6cf85adbcfc5d5c1e45bc165f9a97f5634 # Parent 4b101bfde4ba2568f3359cf27d38f8dbaf52a0d8 xen/xsm: Add xsm_default parameter to XSM hooks Include the default XSM hook action as the first argument of the hook to facilitate quick understanding of how the call site is expected to be used (dom0-only, arbitrary guest, or device model). This argument does not solely define how a given hook is interpreted, since any changes to the hook's default action need to be made identically to all callers of a hook (if there are multiple callers; most hooks only have one), and may also require changing the arguments of the hook. Signed-off-by: Daniel De Graaf Acked-by: Tim Deegan Committed-by: Keir Fraser --- diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/arch/x86/cpu/mcheck/mce.c --- a/xen/arch/x86/cpu/mcheck/mce.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/arch/x86/cpu/mcheck/mce.c Fri Jan 11 10:44:01 2013 +0000 @@ -1293,7 +1293,7 @@ long do_mca(XEN_GUEST_HANDLE_PARAM(xen_m struct xen_mc_msrinject *mc_msrinject; struct xen_mc_mceinject *mc_mceinject; - ret = xsm_do_mca(); + ret = xsm_do_mca(XSM_PRIV); if ( ret ) return x86_mcerr(NULL, ret); diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/arch/x86/domctl.c --- a/xen/arch/x86/domctl.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/arch/x86/domctl.c Fri Jan 11 10:44:01 2013 +0000 @@ -77,7 +77,7 @@ long arch_do_domctl( if ( np == 0 ) ret = 0; - else if ( xsm_ioport_permission(d, fp, fp + np - 1, allow) ) + else if ( xsm_ioport_permission(XSM_HOOK, d, fp, fp + np - 1, allow) ) ret = -EPERM; else if ( allow ) ret = ioports_permit_access(d, fp, fp + np - 1); @@ -571,7 +571,7 @@ long arch_do_domctl( if ( !is_hvm_domain(d) ) break; - ret = xsm_bind_pt_irq(d, bind); + ret = xsm_bind_pt_irq(XSM_HOOK, d, bind); if ( ret ) break; @@ -604,7 +604,7 @@ long arch_do_domctl( !irq_access_permitted(current->domain, bind->machine_irq) ) break; - ret = xsm_unbind_pt_irq(d, bind); + ret = xsm_unbind_pt_irq(XSM_HOOK, d, bind); if ( ret ) break; @@ -639,7 +639,7 @@ long arch_do_domctl( !iomem_access_permitted(current->domain, mfn, mfn + nr_mfns - 1) ) break; - ret = xsm_iomem_mapping(d, mfn, mfn + nr_mfns - 1, add); + ret = xsm_iomem_mapping(XSM_HOOK, d, mfn, mfn + nr_mfns - 1, add); if ( ret ) break; @@ -717,7 +717,7 @@ long arch_do_domctl( !ioports_access_permitted(current->domain, fmp, fmp + np - 1) ) break; - ret = xsm_ioport_mapping(d, fmp, fmp + np - 1, add); + ret = xsm_ioport_mapping(XSM_HOOK, d, fmp, fmp + np - 1, add); if ( ret ) break; diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/arch/x86/hvm/hvm.c --- a/xen/arch/x86/hvm/hvm.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/arch/x86/hvm/hvm.c Fri Jan 11 10:44:01 2013 +0000 @@ -3396,7 +3396,7 @@ static int hvmop_set_pci_intx_level( if ( !is_hvm_domain(d) ) goto out; - rc = xsm_hvm_set_pci_intx_level(d); + rc = xsm_hvm_set_pci_intx_level(XSM_DM_PRIV, d); if ( rc ) goto out; @@ -3563,7 +3563,7 @@ static int hvmop_set_isa_irq_level( if ( !is_hvm_domain(d) ) goto out; - rc = xsm_hvm_set_isa_irq_level(d); + rc = xsm_hvm_set_isa_irq_level(XSM_DM_PRIV, d); if ( rc ) goto out; @@ -3607,7 +3607,7 @@ static int hvmop_set_pci_link_route( if ( !is_hvm_domain(d) ) goto out; - rc = xsm_hvm_set_pci_link_route(d); + rc = xsm_hvm_set_pci_link_route(XSM_DM_PRIV, d); if ( rc ) goto out; @@ -3637,7 +3637,7 @@ static int hvmop_inject_msi( if ( !is_hvm_domain(d) ) goto out; - rc = xsm_hvm_inject_msi(d); + rc = xsm_hvm_inject_msi(XSM_DM_PRIV, d); if ( rc ) goto out; @@ -3734,7 +3734,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( !is_hvm_domain(d) ) goto param_fail; - rc = xsm_hvm_param(d, op); + rc = xsm_hvm_param(XSM_TARGET, d, op); if ( rc ) goto param_fail; @@ -3983,7 +3983,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( a.nr > GB(1) >> PAGE_SHIFT ) goto param_fail2; - rc = xsm_hvm_param(d, op); + rc = xsm_hvm_param(XSM_TARGET, d, op); if ( rc ) goto param_fail2; @@ -4021,7 +4021,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( !is_hvm_domain(d) ) goto param_fail3; - rc = xsm_hvm_param(d, op); + rc = xsm_hvm_param(XSM_TARGET, d, op); if ( rc ) goto param_fail3; @@ -4082,7 +4082,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( d == NULL ) return -ESRCH; - rc = xsm_hvm_param(d, op); + rc = xsm_hvm_param(XSM_TARGET, d, op); if ( rc ) goto param_fail_getmemtype; @@ -4136,7 +4136,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( !is_hvm_domain(d) ) goto param_fail4; - rc = xsm_hvm_param(d, op); + rc = xsm_hvm_param(XSM_TARGET, d, op); if ( rc ) goto param_fail4; @@ -4229,7 +4229,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( !is_hvm_domain(d) ) goto param_fail5; - rc = xsm_hvm_param(d, op); + rc = xsm_hvm_param(XSM_TARGET, d, op); if ( rc ) goto param_fail5; @@ -4264,7 +4264,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( !is_hvm_domain(d) ) goto param_fail6; - rc = xsm_hvm_param(d, op); + rc = xsm_hvm_param(XSM_TARGET, d, op); if ( rc ) goto param_fail6; @@ -4300,7 +4300,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( !is_hvm_domain(d) || !paging_mode_shadow(d) ) goto param_fail7; - rc = xsm_hvm_param(d, op); + rc = xsm_hvm_param(XSM_TARGET, d, op); if ( rc ) goto param_fail7; @@ -4354,7 +4354,7 @@ long do_hvm_op(unsigned long op, XEN_GUE if ( !is_hvm_domain(d) ) goto param_fail8; - rc = xsm_hvm_param(d, op); + rc = xsm_hvm_param(XSM_TARGET, d, op); if ( rc ) goto param_fail8; diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/arch/x86/irq.c --- a/xen/arch/x86/irq.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/arch/x86/irq.c Fri Jan 11 10:44:01 2013 +0000 @@ -1874,7 +1874,7 @@ int map_domain_pirq( return 0; } - ret = xsm_map_domain_pirq(d, irq, data); + ret = xsm_map_domain_pirq(XSM_HOOK, d, irq, data); if ( ret ) { dprintk(XENLOG_G_ERR, "dom%d: could not permit access to irq %d mapping to pirq %d\n", diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/arch/x86/mm.c --- a/xen/arch/x86/mm.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/arch/x86/mm.c Fri Jan 11 10:44:01 2013 +0000 @@ -2700,7 +2700,7 @@ long do_mmuext_op( goto out; } - rc = xsm_mmuext_op(d, pg_owner); + rc = xsm_mmuext_op(XSM_TARGET, d, pg_owner); if ( rc ) { rcu_unlock_domain(pg_owner); @@ -2772,7 +2772,7 @@ long do_mmuext_op( break; } - if ( (rc = xsm_memory_pin_page(d, pg_owner, page)) != 0 ) + if ( (rc = xsm_memory_pin_page(XSM_HOOK, d, pg_owner, page)) != 0 ) { put_page_and_type(page); okay = 0; @@ -3230,7 +3230,7 @@ long do_mmu_update( } if ( xsm_needed != xsm_checked ) { - rc = xsm_mmu_update(d, pt_owner, pg_owner, xsm_needed); + rc = xsm_mmu_update(XSM_TARGET, d, pt_owner, pg_owner, xsm_needed); if ( rc ) break; xsm_checked = xsm_needed; @@ -3349,7 +3349,7 @@ long do_mmu_update( xsm_needed |= XSM_MMU_MACHPHYS_UPDATE; if ( xsm_needed != xsm_checked ) { - rc = xsm_mmu_update(d, NULL, pg_owner, xsm_needed); + rc = xsm_mmu_update(XSM_TARGET, d, NULL, pg_owner, xsm_needed); if ( rc ) break; xsm_checked = xsm_needed; @@ -3917,7 +3917,7 @@ static int __do_update_va_mapping( perfc_incr(calls_to_update_va); - rc = xsm_update_va_mapping(d, pg_owner, val); + rc = xsm_update_va_mapping(XSM_TARGET, d, pg_owner, val); if ( rc ) return rc; @@ -4388,7 +4388,7 @@ long arch_memory_op(int op, XEN_GUEST_HA if ( d == NULL ) return -ESRCH; - if ( xsm_add_to_physmap(current->domain, d) ) + if ( xsm_add_to_physmap(XSM_TARGET, current->domain, d) ) { rcu_unlock_domain(d); return -EPERM; @@ -4427,7 +4427,7 @@ long arch_memory_op(int op, XEN_GUEST_HA if ( d == NULL ) return -ESRCH; - rc = xsm_domain_memory_map(d); + rc = xsm_domain_memory_map(XSM_TARGET, d); if ( rc ) { rcu_unlock_domain(d); @@ -4502,7 +4502,7 @@ long arch_memory_op(int op, XEN_GUEST_HA XEN_GUEST_HANDLE_PARAM(e820entry_t) buffer_param; unsigned int i; - rc = xsm_machine_memory_map(); + rc = xsm_machine_memory_map(XSM_PRIV); if ( rc ) return rc; @@ -4586,9 +4586,9 @@ long arch_memory_op(int op, XEN_GUEST_HA return -ESRCH; if ( op == XENMEM_set_pod_target ) - rc = xsm_set_pod_target(d); + rc = xsm_set_pod_target(XSM_PRIV, d); else - rc = xsm_get_pod_target(d); + rc = xsm_get_pod_target(XSM_PRIV, d); if ( rc != 0 ) goto pod_target_out_unlock; diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/arch/x86/mm/mem_event.c --- a/xen/arch/x86/mm/mem_event.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/arch/x86/mm/mem_event.c Fri Jan 11 10:44:01 2013 +0000 @@ -449,7 +449,7 @@ int do_mem_event_op(int op, uint32_t dom if ( ret ) return ret; - ret = xsm_mem_event_op(d, op); + ret = xsm_mem_event_op(XSM_TARGET, d, op); if ( ret ) goto out; @@ -502,7 +502,7 @@ int mem_event_domctl(struct domain *d, x { int rc; - rc = xsm_mem_event_control(d, mec->mode, mec->op); + rc = xsm_mem_event_control(XSM_PRIV, d, mec->mode, mec->op); if ( rc ) return rc; diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/arch/x86/mm/mem_sharing.c --- a/xen/arch/x86/mm/mem_sharing.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/arch/x86/mm/mem_sharing.c Fri Jan 11 10:44:01 2013 +0000 @@ -1351,7 +1351,7 @@ int mem_sharing_memop(struct domain *d, if ( rc ) return rc; - rc = xsm_mem_sharing_op(d, cd, mec->op); + rc = xsm_mem_sharing_op(XSM_TARGET, d, cd, mec->op); if ( rc ) { rcu_unlock_domain(cd); @@ -1415,7 +1415,7 @@ int mem_sharing_memop(struct domain *d, if ( rc ) return rc; - rc = xsm_mem_sharing_op(d, cd, mec->op); + rc = xsm_mem_sharing_op(XSM_TARGET, d, cd, mec->op); if ( rc ) { rcu_unlock_domain(cd); diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/arch/x86/mm/paging.c --- a/xen/arch/x86/mm/paging.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/arch/x86/mm/paging.c Fri Jan 11 10:44:01 2013 +0000 @@ -559,7 +559,7 @@ int paging_domctl(struct domain *d, xen_ return -EINVAL; } - rc = xsm_shadow_control(d, sc->op); + rc = xsm_shadow_control(XSM_HOOK, d, sc->op); if ( rc ) return rc; diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/arch/x86/msi.c --- a/xen/arch/x86/msi.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/arch/x86/msi.c Fri Jan 11 10:44:01 2013 +0000 @@ -1016,7 +1016,7 @@ int pci_restore_msi_state(struct pci_dev if (!pdev) return -EINVAL; - ret = xsm_resource_setup_pci((pdev->seg << 16) | (pdev->bus << 8) | pdev->devfn); + ret = xsm_resource_setup_pci(XSM_PRIV, (pdev->seg << 16) | (pdev->bus << 8) | pdev->devfn); if ( ret ) return ret; diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/arch/x86/physdev.c --- a/xen/arch/x86/physdev.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/arch/x86/physdev.c Fri Jan 11 10:44:01 2013 +0000 @@ -232,7 +232,7 @@ int physdev_unmap_pirq(domid_t domid, in goto free_domain; } - ret = xsm_unmap_domain_pirq(d, domain_pirq_to_irq(d, pirq)); + ret = xsm_unmap_domain_pirq(XSM_TARGET, d, domain_pirq_to_irq(d, pirq)); if ( ret ) goto free_domain; @@ -423,7 +423,7 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H ret = -EFAULT; if ( copy_from_guest(&apic, arg, 1) != 0 ) break; - ret = xsm_apic(v->domain, cmd); + ret = xsm_apic(XSM_PRIV, v->domain, cmd); if ( ret ) break; ret = ioapic_guest_read(apic.apic_physbase, apic.reg, &apic.value); @@ -437,7 +437,7 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H ret = -EFAULT; if ( copy_from_guest(&apic, arg, 1) != 0 ) break; - ret = xsm_apic(v->domain, cmd); + ret = xsm_apic(XSM_PRIV, v->domain, cmd); if ( ret ) break; ret = ioapic_guest_write(apic.apic_physbase, apic.reg, apic.value); @@ -453,7 +453,7 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H /* Use the APIC check since this dummy hypercall should still only * be called by the domain with access to program the ioapic */ - ret = xsm_apic(v->domain, cmd); + ret = xsm_apic(XSM_PRIV, v->domain, cmd); if ( ret ) break; @@ -578,7 +578,7 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H case PHYSDEVOP_pci_mmcfg_reserved: { struct physdev_pci_mmcfg_reserved info; - ret = xsm_resource_setup_misc(); + ret = xsm_resource_setup_misc(XSM_PRIV); if ( ret ) break; @@ -632,7 +632,7 @@ ret_t do_physdev_op(int cmd, XEN_GUEST_H if ( setup_gsi.gsi < 0 || setup_gsi.gsi >= nr_irqs_gsi ) break; - ret = xsm_resource_setup_gsi(setup_gsi.gsi); + ret = xsm_resource_setup_gsi(XSM_PRIV, setup_gsi.gsi); if ( ret ) break; diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/arch/x86/platform_hypercall.c --- a/xen/arch/x86/platform_hypercall.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/arch/x86/platform_hypercall.c Fri Jan 11 10:44:01 2013 +0000 @@ -72,7 +72,7 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA if ( op->interface_version != XENPF_INTERFACE_VERSION ) return -EACCES; - ret = xsm_platform_op(op->cmd); + ret = xsm_platform_op(XSM_PRIV, op->cmd); if ( ret ) return ret; @@ -498,7 +498,7 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA { int cpu = op->u.cpu_ol.cpuid; - ret = xsm_resource_plug_core(); + ret = xsm_resource_plug_core(XSM_HOOK); if ( ret ) break; @@ -523,7 +523,7 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA { int cpu = op->u.cpu_ol.cpuid; - ret = xsm_resource_unplug_core(); + ret = xsm_resource_unplug_core(XSM_HOOK); if ( ret ) break; @@ -552,7 +552,7 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA break; case XENPF_cpu_hotadd: - ret = xsm_resource_plug_core(); + ret = xsm_resource_plug_core(XSM_HOOK); if ( ret ) break; @@ -562,7 +562,7 @@ ret_t do_platform_op(XEN_GUEST_HANDLE_PA break; case XENPF_mem_hotadd: - ret = xsm_resource_plug_core(); + ret = xsm_resource_plug_core(XSM_HOOK); if ( ret ) break; diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/arch/x86/sysctl.c --- a/xen/arch/x86/sysctl.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/arch/x86/sysctl.c Fri Jan 11 10:44:01 2013 +0000 @@ -186,14 +186,14 @@ long arch_do_sysctl( switch ( sysctl->u.cpu_hotplug.op ) { case XEN_SYSCTL_CPU_HOTPLUG_ONLINE: - ret = xsm_resource_plug_core(); + ret = xsm_resource_plug_core(XSM_HOOK); if ( ret ) break; ret = continue_hypercall_on_cpu( 0, cpu_up_helper, (void *)(unsigned long)cpu); break; case XEN_SYSCTL_CPU_HOTPLUG_OFFLINE: - ret = xsm_resource_unplug_core(); + ret = xsm_resource_unplug_core(XSM_HOOK); if ( ret ) break; ret = continue_hypercall_on_cpu( diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/arch/x86/traps.c --- a/xen/arch/x86/traps.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/arch/x86/traps.c Fri Jan 11 10:44:01 2013 +0000 @@ -1643,7 +1643,7 @@ static int pci_cfg_ok(struct domain *d, start |= (d->arch.pci_cf8 >> 16) & 0xF00; } end = start + size - 1; - if (xsm_pci_config_permission(d, machine_bdf, start, end, write)) + if (xsm_pci_config_permission(XSM_HOOK, d, machine_bdf, start, end, write)) return 0; return 1; } diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/common/domain.c --- a/xen/common/domain.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/common/domain.c Fri Jan 11 10:44:01 2013 +0000 @@ -252,7 +252,7 @@ struct domain *domain_create( if ( !is_idle_domain(d) ) { - if ( (err = xsm_domain_create(d, ssidref)) != 0 ) + if ( (err = xsm_domain_create(XSM_HOOK, d, ssidref)) != 0 ) goto fail; d->is_paused_by_controller = 1; diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/common/domctl.c --- a/xen/common/domctl.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/common/domctl.c Fri Jan 11 10:44:01 2013 +0000 @@ -265,7 +265,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe return -ESRCH; } - ret = xsm_domctl(d, op->cmd); + ret = xsm_domctl(XSM_OTHER, d, op->cmd); if ( ret ) goto domctl_out_unlock_domonly; @@ -579,7 +579,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe break; } - ret = xsm_getdomaininfo(d); + ret = xsm_getdomaininfo(XSM_HOOK, d); if ( ret ) goto getdomaininfo_out; @@ -719,7 +719,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe if ( pirq >= d->nr_pirqs ) ret = -EINVAL; - else if ( xsm_irq_permission(d, pirq, allow) ) + else if ( xsm_irq_permission(XSM_HOOK, d, pirq, allow) ) ret = -EPERM; else if ( allow ) ret = irq_permit_access(d, pirq); @@ -738,7 +738,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe if ( (mfn + nr_mfns - 1) < mfn ) /* wrap? */ break; - if ( xsm_iomem_permission(d, mfn, mfn + nr_mfns - 1, allow) ) + if ( xsm_iomem_permission(XSM_HOOK, d, mfn, mfn + nr_mfns - 1, allow) ) ret = -EPERM; else if ( allow ) ret = iomem_permit_access(d, mfn, mfn + nr_mfns - 1); @@ -770,7 +770,7 @@ long do_domctl(XEN_GUEST_HANDLE_PARAM(xe break; } - ret = xsm_set_target(d, e); + ret = xsm_set_target(XSM_HOOK, d, e); if ( ret ) { put_domain(e); break; diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/common/event_channel.c --- a/xen/common/event_channel.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/common/event_channel.c Fri Jan 11 10:44:01 2013 +0000 @@ -175,7 +175,7 @@ static long evtchn_alloc_unbound(evtchn_ ERROR_EXIT_DOM(port, d); chn = evtchn_from_port(d, port); - rc = xsm_evtchn_unbound(d, chn, alloc->remote_dom); + rc = xsm_evtchn_unbound(XSM_TARGET, d, chn, alloc->remote_dom); if ( rc ) goto out; @@ -231,7 +231,7 @@ static long evtchn_bind_interdomain(evtc (rchn->u.unbound.remote_domid != ld->domain_id) ) ERROR_EXIT_DOM(-EINVAL, rd); - rc = xsm_evtchn_interdomain(ld, lchn, rd, rchn); + rc = xsm_evtchn_interdomain(XSM_HOOK, ld, lchn, rd, rchn); if ( rc ) goto out; @@ -580,7 +580,7 @@ int evtchn_send(struct domain *d, unsign return -EINVAL; } - ret = xsm_evtchn_send(ld, lchn); + ret = xsm_evtchn_send(XSM_HOOK, ld, lchn); if ( ret ) goto out; @@ -812,7 +812,7 @@ static long evtchn_status(evtchn_status_ chn = evtchn_from_port(d, port); - rc = xsm_evtchn_status(d, chn); + rc = xsm_evtchn_status(XSM_TARGET, d, chn); if ( rc ) goto out; @@ -954,7 +954,7 @@ static long evtchn_reset(evtchn_reset_t if ( d == NULL ) return -ESRCH; - rc = xsm_evtchn_reset(current->domain, d); + rc = xsm_evtchn_reset(XSM_TARGET, current->domain, d); if ( rc ) goto out; @@ -1101,7 +1101,7 @@ int alloc_unbound_xen_event_channel( goto out; chn = evtchn_from_port(d, port); - rc = xsm_evtchn_unbound(d, chn, remote_domid); + rc = xsm_evtchn_unbound(XSM_TARGET, d, chn, remote_domid); chn->state = ECS_UNBOUND; chn->xen_consumer = get_xen_consumer(notification_fn); diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/common/grant_table.c --- a/xen/common/grant_table.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/common/grant_table.c Fri Jan 11 10:44:01 2013 +0000 @@ -552,7 +552,7 @@ __gnttab_map_grant_ref( return; } - rc = xsm_grant_mapref(ld, rd, op->flags); + rc = xsm_grant_mapref(XSM_HOOK, ld, rd, op->flags); if ( rc ) { rcu_unlock_domain(rd); @@ -872,7 +872,7 @@ __gnttab_unmap_common( return; } - rc = xsm_grant_unmapref(ld, rd); + rc = xsm_grant_unmapref(XSM_HOOK, ld, rd); if ( rc ) { rcu_unlock_domain(rd); @@ -1336,7 +1336,7 @@ gnttab_setup_table( goto out2; } - if ( xsm_grant_setup(current->domain, d) ) + if ( xsm_grant_setup(XSM_TARGET, current->domain, d) ) { op.status = GNTST_permission_denied; goto out2; @@ -1406,7 +1406,7 @@ gnttab_query_size( goto query_out; } - rc = xsm_grant_query_size(current->domain, d); + rc = xsm_grant_query_size(XSM_TARGET, current->domain, d); if ( rc ) { op.status = GNTST_permission_denied; @@ -1582,7 +1582,7 @@ gnttab_transfer( goto copyback; } - if ( xsm_grant_transfer(d, e) ) + if ( xsm_grant_transfer(XSM_HOOK, d, e) ) { put_gfn(d, gop.mfn); gop.status = GNTST_permission_denied; @@ -2022,7 +2022,7 @@ __gnttab_copy( PIN_FAIL(error_out, GNTST_bad_domain, "couldn't find %d\n", op->dest.domid); - rc = xsm_grant_copy(sd, dd); + rc = xsm_grant_copy(XSM_HOOK, sd, dd); if ( rc ) { rc = GNTST_permission_denied; @@ -2280,7 +2280,7 @@ gnttab_get_status_frames(XEN_GUEST_HANDL op.status = GNTST_bad_domain; goto out1; } - rc = xsm_grant_setup(current->domain, d); + rc = xsm_grant_setup(XSM_TARGET, current->domain, d); if ( rc ) { op.status = GNTST_permission_denied; goto out1; @@ -2331,7 +2331,7 @@ gnttab_get_version(XEN_GUEST_HANDLE_PARA if ( d == NULL ) return -ESRCH; - rc = xsm_grant_query_size(current->domain, d); + rc = xsm_grant_query_size(XSM_TARGET, current->domain, d); if ( rc ) { rcu_unlock_domain(d); diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/common/kexec.c --- a/xen/common/kexec.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/common/kexec.c Fri Jan 11 10:44:01 2013 +0000 @@ -852,7 +852,7 @@ static int do_kexec_op_internal(unsigned unsigned long flags; int ret = -EINVAL; - ret = xsm_kexec(); + ret = xsm_kexec(XSM_PRIV); if ( ret ) return ret; diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/common/memory.c --- a/xen/common/memory.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/common/memory.c Fri Jan 11 10:44:01 2013 +0000 @@ -348,7 +348,7 @@ static long memory_exchange(XEN_GUEST_HA goto fail_early; } - rc = xsm_memory_exchange(d); + rc = xsm_memory_exchange(XSM_TARGET, d); if ( rc ) { rcu_unlock_domain(d); @@ -600,7 +600,7 @@ long do_memory_op(unsigned long cmd, XEN return start_extent; args.domain = d; - rc = xsm_memory_adjust_reservation(current->domain, d); + rc = xsm_memory_adjust_reservation(XSM_TARGET, current->domain, d); if ( rc ) { rcu_unlock_domain(d); @@ -649,7 +649,7 @@ long do_memory_op(unsigned long cmd, XEN if ( d == NULL ) return -ESRCH; - rc = xsm_memory_stat_reservation(current->domain, d); + rc = xsm_memory_stat_reservation(XSM_TARGET, current->domain, d); if ( rc ) { rcu_unlock_domain(d); @@ -687,7 +687,7 @@ long do_memory_op(unsigned long cmd, XEN if ( d == NULL ) return -ESRCH; - if ( xsm_remove_from_physmap(current->domain, d) ) + if ( xsm_remove_from_physmap(XSM_TARGET, current->domain, d) ) { rcu_unlock_domain(d); return -EPERM; diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/common/schedule.c --- a/xen/common/schedule.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/common/schedule.c Fri Jan 11 10:44:01 2013 +0000 @@ -921,7 +921,7 @@ ret_t do_sched_op(int cmd, XEN_GUEST_HAN if ( d == NULL ) break; - ret = xsm_schedop_shutdown(current->domain, d); + ret = xsm_schedop_shutdown(XSM_DM_PRIV, current->domain, d); if ( ret ) { rcu_unlock_domain(d); diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/common/sysctl.c --- a/xen/common/sysctl.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/common/sysctl.c Fri Jan 11 10:44:01 2013 +0000 @@ -40,7 +40,7 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe if ( op->interface_version != XEN_SYSCTL_INTERFACE_VERSION ) return -EACCES; - ret = xsm_sysctl(op->cmd); + ret = xsm_sysctl(XSM_PRIV, op->cmd); if ( ret ) return ret; @@ -57,7 +57,7 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe switch ( op->cmd ) { case XEN_SYSCTL_readconsole: - ret = xsm_readconsole(op->u.readconsole.clear); + ret = xsm_readconsole(XSM_HOOK, op->u.readconsole.clear); if ( ret ) break; @@ -87,7 +87,7 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe if ( num_domains == op->u.getdomaininfolist.max_domains ) break; - ret = xsm_getdomaininfo(d); + ret = xsm_getdomaininfo(XSM_HOOK, d); if ( ret ) continue; @@ -186,7 +186,7 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xe uint32_t *status, *ptr; unsigned long pfn; - ret = xsm_page_offline(op->u.page_offline.cmd); + ret = xsm_page_offline(XSM_HOOK, op->u.page_offline.cmd); if ( ret ) break; diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/common/xenoprof.c --- a/xen/common/xenoprof.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/common/xenoprof.c Fri Jan 11 10:44:01 2013 +0000 @@ -677,7 +677,7 @@ ret_t do_xenoprof_op(int op, XEN_GUEST_H return -EPERM; } - ret = xsm_profile(current->domain, op); + ret = xsm_profile(XSM_HOOK, current->domain, op); if ( ret ) return ret; diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/drivers/char/console.c --- a/xen/drivers/char/console.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/drivers/char/console.c Fri Jan 11 10:44:01 2013 +0000 @@ -406,7 +406,7 @@ long do_console_io(int cmd, int count, X long rc; unsigned int idx, len; - rc = xsm_console_io(current->domain, cmd); + rc = xsm_console_io(XSM_OTHER, current->domain, cmd); if ( rc ) return rc; diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/drivers/passthrough/iommu.c --- a/xen/drivers/passthrough/iommu.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/drivers/passthrough/iommu.c Fri Jan 11 10:44:01 2013 +0000 @@ -514,7 +514,7 @@ static int iommu_get_device_group( ((pdev->bus == bus) && (pdev->devfn == devfn)) ) continue; - if ( xsm_get_device_group((seg << 16) | (pdev->bus << 8) | pdev->devfn) ) + if ( xsm_get_device_group(XSM_HOOK, (seg << 16) | (pdev->bus << 8) | pdev->devfn) ) continue; sdev_id = ops->get_device_group_id(seg, pdev->bus, pdev->devfn); @@ -617,7 +617,7 @@ int iommu_do_domctl( u32 max_sdevs; XEN_GUEST_HANDLE_64(uint32) sdevs; - ret = xsm_get_device_group(domctl->u.get_device_group.machine_sbdf); + ret = xsm_get_device_group(XSM_HOOK, domctl->u.get_device_group.machine_sbdf); if ( ret ) break; @@ -645,7 +645,7 @@ int iommu_do_domctl( break; case XEN_DOMCTL_test_assign_device: - ret = xsm_test_assign_device(domctl->u.assign_device.machine_sbdf); + ret = xsm_test_assign_device(XSM_HOOK, domctl->u.assign_device.machine_sbdf); if ( ret ) break; @@ -669,7 +669,7 @@ int iommu_do_domctl( break; } - ret = xsm_assign_device(d, domctl->u.assign_device.machine_sbdf); + ret = xsm_assign_device(XSM_HOOK, d, domctl->u.assign_device.machine_sbdf); if ( ret ) break; @@ -688,7 +688,7 @@ int iommu_do_domctl( break; case XEN_DOMCTL_deassign_device: - ret = xsm_deassign_device(d, domctl->u.assign_device.machine_sbdf); + ret = xsm_deassign_device(XSM_HOOK, d, domctl->u.assign_device.machine_sbdf); if ( ret ) break; diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/drivers/passthrough/pci.c --- a/xen/drivers/passthrough/pci.c Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/drivers/passthrough/pci.c Fri Jan 11 10:44:01 2013 +0000 @@ -477,7 +477,7 @@ int pci_add_device(u16 seg, u8 bus, u8 d pdev_type = "device"; } - ret = xsm_resource_plug_pci((seg << 16) | (bus << 8) | devfn); + ret = xsm_resource_plug_pci(XSM_PRIV, (seg << 16) | (bus << 8) | devfn); if ( ret ) return ret; @@ -604,7 +604,7 @@ int pci_remove_device(u16 seg, u8 bus, u struct pci_dev *pdev; int ret; - ret = xsm_resource_unplug_pci((seg << 16) | (bus << 8) | devfn); + ret = xsm_resource_unplug_pci(XSM_PRIV, (seg << 16) | (bus << 8) | devfn); if ( ret ) return ret; diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/include/xsm/dummy.h --- a/xen/include/xsm/dummy.h Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/include/xsm/dummy.h Fri Jan 11 10:44:01 2013 +0000 @@ -6,68 +6,132 @@ * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2, * as published by the Free Software Foundation. + * + * + * Each XSM hook implementing an access check should have its first parameter + * preceded by XSM_DEFAULT_ARG (or use XSM_DEFAULT_VOID if it has no + * arguments). The first non-declaration statement shold be XSM_ASSERT_ACTION + * with the expected type of the hook, which will either define or check the + * value of action. */ #include #include +/* Cannot use BUILD_BUG_ON here because the expressions we check are not + * considered constant at compile time. Instead, rely on constant propagation to + * inline out the calls to this invalid function, which will cause linker errors + * if references remain at link time. + */ +#define LINKER_BUG_ON(x) do { if (x) __xsm_action_mismatch_detected(); } while (0) +/* DO NOT implement this function; it is supposed to trigger link errors */ +void __xsm_action_mismatch_detected(void); + +#ifdef XSM_ENABLE + +/* In XSM_ENABLE builds, this header file is included from xsm/dummy.c, and + * contains static (not inline) functions compiled to the dummy XSM module. + * There is no xsm_default_t argument available, so the value from the assertion + * is used to initialize the variable. + */ +#define XSM_INLINE /* */ +#define XSM_DEFAULT_ARG /* */ +#define XSM_DEFAULT_VOID void +#define XSM_ASSERT_ACTION(def) xsm_default_t action = def; (void)action + +#else /* XSM_ENABLE */ + +/* In !XSM_ENABLE builds, this header file is included from xsm/xsm.h, and + * contains inline functions for each XSM hook. These functions also perform + * compile-time checks on the xsm_default_t argument to ensure that the behavior + * of the dummy XSM module is the same as the behavior with XSM disabled. + */ +#define XSM_INLINE inline +#define XSM_DEFAULT_ARG xsm_default_t action, +#define XSM_DEFAULT_VOID xsm_default_t action +#define XSM_ASSERT_ACTION(def) LINKER_BUG_ON(def != action) + +#endif /* XSM_ENABLE */ + +static inline int xsm_default_action(xsm_default_t action, struct domain *src, + struct domain *target) +{ + switch ( action ) { + case XSM_HOOK: + return 0; + case XSM_DM_PRIV: + if ( !IS_PRIV_FOR(src, target) ) + return -EPERM; + return 0; + case XSM_TARGET: + if ( src != target && !IS_PRIV_FOR(src, target) ) + return -EPERM; + return 0; + case XSM_PRIV: + if ( !IS_PRIV(src) ) + return -EPERM; + return 0; + default: + LINKER_BUG_ON(1); + return -EPERM; + } +} + static XSM_INLINE void xsm_security_domaininfo(struct domain *d, struct xen_domctl_getdomaininfo *info) { return; } -static XSM_INLINE int xsm_domain_create(struct domain *d, u32 ssidref) +static XSM_INLINE int xsm_domain_create(XSM_DEFAULT_ARG struct domain *d, u32 ssidref) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_getdomaininfo(struct domain *d) +static XSM_INLINE int xsm_getdomaininfo(XSM_DEFAULT_ARG struct domain *d) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_set_target(struct domain *d, struct domain *e) +static XSM_INLINE int xsm_set_target(XSM_DEFAULT_ARG struct domain *d, struct domain *e) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_domctl(struct domain *d, int cmd) +static XSM_INLINE int xsm_domctl(XSM_DEFAULT_ARG struct domain *d, int cmd) { + XSM_ASSERT_ACTION(XSM_OTHER); switch ( cmd ) { case XEN_DOMCTL_ioport_mapping: case XEN_DOMCTL_memory_mapping: case XEN_DOMCTL_bind_pt_irq: - case XEN_DOMCTL_unbind_pt_irq: { - if ( !IS_PRIV_FOR(current->domain, d) ) - return -EPERM; - break; + case XEN_DOMCTL_unbind_pt_irq: + return xsm_default_action(XSM_DM_PRIV, current->domain, d); + default: + return xsm_default_action(XSM_PRIV, current->domain, d); } - default: - if ( !IS_PRIV(current->domain) ) - return -EPERM; - } - return 0; } -static XSM_INLINE int xsm_sysctl(int cmd) +static XSM_INLINE int xsm_sysctl(XSM_DEFAULT_ARG int cmd) { - if ( !IS_PRIV(current->domain) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_readconsole(uint32_t clear) +static XSM_INLINE int xsm_readconsole(XSM_DEFAULT_ARG uint32_t clear) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_do_mca(void) +static XSM_INLINE int xsm_do_mca(XSM_DEFAULT_VOID) { - if ( !IS_PRIV(current->domain) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } static XSM_INLINE int xsm_alloc_security_domain(struct domain *d) @@ -80,109 +144,109 @@ static XSM_INLINE void xsm_free_security return; } -static XSM_INLINE int xsm_grant_mapref(struct domain *d1, struct domain *d2, +static XSM_INLINE int xsm_grant_mapref(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2, uint32_t flags) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_grant_unmapref(struct domain *d1, struct domain *d2) +static XSM_INLINE int xsm_grant_unmapref(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_grant_setup(struct domain *d1, struct domain *d2) +static XSM_INLINE int xsm_grant_setup(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - if ( d1 != d2 && !IS_PRIV_FOR(d1, d2) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_grant_transfer(struct domain *d1, struct domain *d2) +static XSM_INLINE int xsm_grant_transfer(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_grant_copy(struct domain *d1, struct domain *d2) +static XSM_INLINE int xsm_grant_copy(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_grant_query_size(struct domain *d1, struct domain *d2) +static XSM_INLINE int xsm_grant_query_size(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - if ( d1 != d2 && !IS_PRIV_FOR(d1, d2) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_memory_exchange(struct domain *d) +static XSM_INLINE int xsm_memory_exchange(XSM_DEFAULT_ARG struct domain *d) { - if ( d != current->domain && !IS_PRIV_FOR(current->domain, d) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_memory_adjust_reservation(struct domain *d1, +static XSM_INLINE int xsm_memory_adjust_reservation(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - if ( d1 != d2 && !IS_PRIV_FOR(d1, d2) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_memory_stat_reservation(struct domain *d1, struct domain *d2) +static XSM_INLINE int xsm_memory_stat_reservation(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - if ( d1 != d2 && !IS_PRIV_FOR(d1, d2) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_console_io(struct domain *d, int cmd) +static XSM_INLINE int xsm_console_io(XSM_DEFAULT_ARG struct domain *d, int cmd) { -#ifndef VERBOSE - if ( !IS_PRIV(current->domain) ) - return -EPERM; + XSM_ASSERT_ACTION(XSM_OTHER); +#ifdef VERBOSE + return xsm_default_action(XSM_HOOK, current->domain, NULL); +#else + return xsm_default_action(XSM_PRIV, current->domain, NULL); #endif - return 0; } -static XSM_INLINE int xsm_profile(struct domain *d, int op) +static XSM_INLINE int xsm_profile(XSM_DEFAULT_ARG struct domain *d, int op) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_kexec(void) +static XSM_INLINE int xsm_kexec(XSM_DEFAULT_VOID) { - if ( !IS_PRIV(current->domain) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_schedop_shutdown(struct domain *d1, struct domain *d2) +static XSM_INLINE int xsm_schedop_shutdown(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - if ( !IS_PRIV_FOR(d1, d2) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_DM_PRIV); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_memory_pin_page(struct domain *d1, struct domain *d2, +static XSM_INLINE int xsm_memory_pin_page(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2, struct page_info *page) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_evtchn_unbound(struct domain *d, struct evtchn *chn, +static XSM_INLINE int xsm_evtchn_unbound(XSM_DEFAULT_ARG struct domain *d, struct evtchn *chn, domid_t id2) { - if ( current->domain != d && !IS_PRIV_FOR(current->domain, d) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_evtchn_interdomain(struct domain *d1, struct evtchn +static XSM_INLINE int xsm_evtchn_interdomain(XSM_DEFAULT_ARG struct domain *d1, struct evtchn *chan1, struct domain *d2, struct evtchn *chan2) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, d1, d2); } static XSM_INLINE void xsm_evtchn_close_post(struct evtchn *chn) @@ -190,23 +254,22 @@ static XSM_INLINE void xsm_evtchn_close_ return; } -static XSM_INLINE int xsm_evtchn_send(struct domain *d, struct evtchn *chn) +static XSM_INLINE int xsm_evtchn_send(XSM_DEFAULT_ARG struct domain *d, struct evtchn *chn) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_evtchn_status(struct domain *d, struct evtchn *chn) +static XSM_INLINE int xsm_evtchn_status(XSM_DEFAULT_ARG struct domain *d, struct evtchn *chn) { - if ( current->domain != d && !IS_PRIV_FOR(current->domain, d) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_evtchn_reset(struct domain *d1, struct domain *d2) +static XSM_INLINE int xsm_evtchn_reset(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - if ( d1 != d2 && !IS_PRIV_FOR(d1, d2) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d1, d2); } static XSM_INLINE int xsm_alloc_security_evtchn(struct evtchn *chn) @@ -224,88 +287,88 @@ static XSM_INLINE char *xsm_show_securit return NULL; } -static XSM_INLINE int xsm_get_pod_target(struct domain *d) +static XSM_INLINE int xsm_get_pod_target(XSM_DEFAULT_ARG struct domain *d) { - if ( !IS_PRIV(current->domain) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_set_pod_target(struct domain *d) +static XSM_INLINE int xsm_set_pod_target(XSM_DEFAULT_ARG struct domain *d) { - if ( !IS_PRIV(current->domain) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_get_device_group(uint32_t machine_bdf) +static XSM_INLINE int xsm_get_device_group(XSM_DEFAULT_ARG uint32_t machine_bdf) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_test_assign_device(uint32_t machine_bdf) +static XSM_INLINE int xsm_test_assign_device(XSM_DEFAULT_ARG uint32_t machine_bdf) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_assign_device(struct domain *d, uint32_t machine_bdf) +static XSM_INLINE int xsm_assign_device(XSM_DEFAULT_ARG struct domain *d, uint32_t machine_bdf) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_deassign_device(struct domain *d, uint32_t machine_bdf) +static XSM_INLINE int xsm_deassign_device(XSM_DEFAULT_ARG struct domain *d, uint32_t machine_bdf) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_resource_plug_core(void) +static XSM_INLINE int xsm_resource_plug_core(XSM_DEFAULT_VOID) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_resource_unplug_core(void) +static XSM_INLINE int xsm_resource_unplug_core(XSM_DEFAULT_VOID) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_resource_plug_pci(uint32_t machine_bdf) +static XSM_INLINE int xsm_resource_plug_pci(XSM_DEFAULT_ARG uint32_t machine_bdf) { - if ( !IS_PRIV(current->domain) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_resource_unplug_pci(uint32_t machine_bdf) +static XSM_INLINE int xsm_resource_unplug_pci(XSM_DEFAULT_ARG uint32_t machine_bdf) { - if ( !IS_PRIV(current->domain) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_resource_setup_pci(uint32_t machine_bdf) +static XSM_INLINE int xsm_resource_setup_pci(XSM_DEFAULT_ARG uint32_t machine_bdf) { - if ( !IS_PRIV(current->domain) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_resource_setup_gsi(int gsi) +static XSM_INLINE int xsm_resource_setup_gsi(XSM_DEFAULT_ARG int gsi) { - if ( !IS_PRIV(current->domain) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_resource_setup_misc(void) +static XSM_INLINE int xsm_resource_setup_misc(XSM_DEFAULT_VOID) { - if ( !IS_PRIV(current->domain) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_page_offline(uint32_t cmd) +static XSM_INLINE int xsm_page_offline(XSM_DEFAULT_ARG uint32_t cmd) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, NULL); } static XSM_INLINE long xsm_do_xsm_op(XEN_GUEST_HANDLE_PARAM(xsm_op_t) op) @@ -318,187 +381,179 @@ static XSM_INLINE char *xsm_show_irq_sid return NULL; } -static XSM_INLINE int xsm_map_domain_pirq(struct domain *d, int irq, void *data) +static XSM_INLINE int xsm_map_domain_pirq(XSM_DEFAULT_ARG struct domain *d, int irq, void *data) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_unmap_domain_pirq(struct domain *d, int irq) +static XSM_INLINE int xsm_unmap_domain_pirq(XSM_DEFAULT_ARG struct domain *d, int irq) { - if ( !IS_PRIV_FOR(current->domain, d) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_irq_permission(struct domain *d, int pirq, uint8_t allow) +static XSM_INLINE int xsm_irq_permission(XSM_DEFAULT_ARG struct domain *d, int pirq, uint8_t allow) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_iomem_permission(struct domain *d, uint64_t s, uint64_t e, uint8_t allow) +static XSM_INLINE int xsm_iomem_permission(XSM_DEFAULT_ARG struct domain *d, uint64_t s, uint64_t e, uint8_t allow) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_iomem_mapping(struct domain *d, uint64_t s, uint64_t e, uint8_t allow) +static XSM_INLINE int xsm_iomem_mapping(XSM_DEFAULT_ARG struct domain *d, uint64_t s, uint64_t e, uint8_t allow) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_pci_config_permission(struct domain *d, uint32_t machine_bdf, +static XSM_INLINE int xsm_pci_config_permission(XSM_DEFAULT_ARG struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } #ifdef CONFIG_X86 -static XSM_INLINE int xsm_shadow_control(struct domain *d, uint32_t op) +static XSM_INLINE int xsm_shadow_control(XSM_DEFAULT_ARG struct domain *d, uint32_t op) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_hvm_param(struct domain *d, unsigned long op) +static XSM_INLINE int xsm_hvm_param(XSM_DEFAULT_ARG struct domain *d, unsigned long op) { - if ( current->domain != d && !IS_PRIV_FOR(current->domain, d) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_hvm_set_pci_intx_level(struct domain *d) +static XSM_INLINE int xsm_hvm_set_pci_intx_level(XSM_DEFAULT_ARG struct domain *d) { - if ( !IS_PRIV_FOR(current->domain, d) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_DM_PRIV); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_hvm_set_isa_irq_level(struct domain *d) +static XSM_INLINE int xsm_hvm_set_isa_irq_level(XSM_DEFAULT_ARG struct domain *d) { - if ( !IS_PRIV_FOR(current->domain, d) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_DM_PRIV); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_hvm_set_pci_link_route(struct domain *d) +static XSM_INLINE int xsm_hvm_set_pci_link_route(XSM_DEFAULT_ARG struct domain *d) { - if ( !IS_PRIV_FOR(current->domain, d) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_DM_PRIV); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_hvm_inject_msi(struct domain *d) +static XSM_INLINE int xsm_hvm_inject_msi(XSM_DEFAULT_ARG struct domain *d) { - if ( !IS_PRIV_FOR(current->domain, d) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_DM_PRIV); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_mem_event_control(struct domain *d, int mode, int op) +static XSM_INLINE int xsm_mem_event_control(XSM_DEFAULT_ARG struct domain *d, int mode, int op) { - if ( !IS_PRIV(current->domain) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_mem_event_op(struct domain *d, int op) +static XSM_INLINE int xsm_mem_event_op(XSM_DEFAULT_ARG struct domain *d, int op) { - if ( !IS_PRIV_FOR(current->domain, d) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_mem_sharing_op(struct domain *d, struct domain *cd, int op) +static XSM_INLINE int xsm_mem_sharing_op(XSM_DEFAULT_ARG struct domain *d, struct domain *cd, int op) { - if ( !IS_PRIV_FOR(current->domain, cd) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, current->domain, cd); } -static XSM_INLINE int xsm_apic(struct domain *d, int cmd) +static XSM_INLINE int xsm_apic(XSM_DEFAULT_ARG struct domain *d, int cmd) { - if ( !IS_PRIV(d) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, d, NULL); } -static XSM_INLINE int xsm_platform_op(uint32_t op) +static XSM_INLINE int xsm_platform_op(XSM_DEFAULT_ARG uint32_t op) { - if ( !IS_PRIV(current->domain) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_machine_memory_map(void) +static XSM_INLINE int xsm_machine_memory_map(XSM_DEFAULT_VOID) { - if ( !IS_PRIV(current->domain) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_PRIV); + return xsm_default_action(action, current->domain, NULL); } -static XSM_INLINE int xsm_domain_memory_map(struct domain *d) +static XSM_INLINE int xsm_domain_memory_map(XSM_DEFAULT_ARG struct domain *d) { - if ( current->domain != d && !IS_PRIV_FOR(current->domain, d) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_mmu_update(struct domain *d, struct domain *t, +static XSM_INLINE int xsm_mmu_update(XSM_DEFAULT_ARG struct domain *d, struct domain *t, struct domain *f, uint32_t flags) { + XSM_ASSERT_ACTION(XSM_TARGET); if ( t && d != t && !IS_PRIV_FOR(d, t) ) return -EPERM; - if ( d != f && !IS_PRIV_FOR(d, f) ) - return -EPERM; - return 0; + return xsm_default_action(action, d, f); } -static XSM_INLINE int xsm_mmuext_op(struct domain *d, struct domain *f) +static XSM_INLINE int xsm_mmuext_op(XSM_DEFAULT_ARG struct domain *d, struct domain *f) { - if ( d != f && !IS_PRIV_FOR(d, f) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d, f); } -static XSM_INLINE int xsm_update_va_mapping(struct domain *d, struct domain *f, +static XSM_INLINE int xsm_update_va_mapping(XSM_DEFAULT_ARG struct domain *d, struct domain *f, l1_pgentry_t pte) { - if ( d != f && !IS_PRIV_FOR(d, f) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d, f); } -static XSM_INLINE int xsm_add_to_physmap(struct domain *d1, struct domain *d2) +static XSM_INLINE int xsm_add_to_physmap(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - if ( d1 != d2 && !IS_PRIV_FOR(d1, d2) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_remove_from_physmap(struct domain *d1, struct domain *d2) +static XSM_INLINE int xsm_remove_from_physmap(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) { - if ( d1 != d2 && !IS_PRIV_FOR(d1, d2) ) - return -EPERM; - return 0; + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d1, d2); } -static XSM_INLINE int xsm_bind_pt_irq(struct domain *d, struct xen_domctl_bind_pt_irq *bind) +static XSM_INLINE int xsm_bind_pt_irq(XSM_DEFAULT_ARG struct domain *d, struct xen_domctl_bind_pt_irq *bind) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_unbind_pt_irq(struct domain *d, struct xen_domctl_bind_pt_irq *bind) +static XSM_INLINE int xsm_unbind_pt_irq(XSM_DEFAULT_ARG struct domain *d, struct xen_domctl_bind_pt_irq *bind) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_ioport_permission(struct domain *d, uint32_t s, uint32_t e, uint8_t allow) +static XSM_INLINE int xsm_ioport_permission(XSM_DEFAULT_ARG struct domain *d, uint32_t s, uint32_t e, uint8_t allow) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } -static XSM_INLINE int xsm_ioport_mapping(struct domain *d, uint32_t s, uint32_t e, uint8_t allow) +static XSM_INLINE int xsm_ioport_mapping(XSM_DEFAULT_ARG struct domain *d, uint32_t s, uint32_t e, uint8_t allow) { - return 0; + XSM_ASSERT_ACTION(XSM_HOOK); + return xsm_default_action(action, current->domain, d); } #endif diff -r 4b101bfde4ba -r 1d94ac6cf85a xen/include/xsm/xsm.h --- a/xen/include/xsm/xsm.h Fri Jan 11 10:43:02 2013 +0000 +++ b/xen/include/xsm/xsm.h Fri Jan 11 10:44:01 2013 +0000 @@ -27,6 +27,18 @@ typedef u32 xsm_magic_t; #define XSM_MAGIC 0x00000000 #endif +/* These annotations are used by callers and in dummy.h to document the + * default actions of XSM hooks. They should be compiled out otherwise. + */ +enum xsm_default { + XSM_HOOK, /* Guests can normally access the hypercall */ + XSM_DM_PRIV, /* Device model can perform on its target domain */ + XSM_TARGET, /* Can perform on self or your target domain */ + XSM_PRIV, /* Privileged - normally restricted to dom0 */ + XSM_OTHER /* Something more complex */ +}; +typedef enum xsm_default xsm_default_t; + extern char *policy_buffer; extern u32 policy_size; @@ -153,48 +165,48 @@ static inline void xsm_security_domainin xsm_ops->security_domaininfo(d, info); } -static inline int xsm_domain_create (struct domain *d, u32 ssidref) +static inline int xsm_domain_create (xsm_default_t def, struct domain *d, u32 ssidref) { return xsm_ops->domain_create(d, ssidref); } -static inline int xsm_getdomaininfo (struct domain *d) +static inline int xsm_getdomaininfo (xsm_default_t def, struct domain *d) { return xsm_ops->getdomaininfo(d); } -static inline int xsm_set_target (struct domain *d, struct domain *e) +static inline int xsm_set_target (xsm_default_t def, struct domain *d, struct domain *e) { return xsm_ops->set_target(d, e); } -static inline int xsm_domctl (struct domain *d, int cmd) +static inline int xsm_domctl (xsm_default_t def, struct domain *d, int cmd) { return xsm_ops->domctl(d, cmd); } -static inline int xsm_sysctl (int cmd) +static inline int xsm_sysctl (xsm_default_t def, int cmd) { return xsm_ops->sysctl(cmd); } -static inline int xsm_readconsole (uint32_t clear) +static inline int xsm_readconsole (xsm_default_t def, uint32_t clear) { return xsm_ops->readconsole(clear); } -static inline int xsm_do_mca(void) +static inline int xsm_do_mca(xsm_default_t def) { return xsm_ops->do_mca(); } -static inline int xsm_evtchn_unbound (struct domain *d1, struct evtchn *chn, +static inline int xsm_evtchn_unbound (xsm_default_t def, struct domain *d1, struct evtchn *chn, domid_t id2) { return xsm_ops->evtchn_unbound(d1, chn, id2); } -static inline int xsm_evtchn_interdomain (struct domain *d1, +static inline int xsm_evtchn_interdomain (xsm_default_t def, struct domain *d1, struct evtchn *chan1, struct domain *d2, struct evtchn *chan2) { return xsm_ops->evtchn_interdomain(d1, chan1, d2, chan2); @@ -205,48 +217,48 @@ static inline void xsm_evtchn_close_post xsm_ops->evtchn_close_post(chn); } -static inline int xsm_evtchn_send (struct domain *d, struct evtchn *chn) +static inline int xsm_evtchn_send (xsm_default_t def, struct domain *d, struct evtchn *chn) { return xsm_ops->evtchn_send(d, chn); } -static inline int xsm_evtchn_status (struct domain *d, struct evtchn *chn) +static inline int xsm_evtchn_status (xsm_default_t def, struct domain *d, struct evtchn *chn) { return xsm_ops->evtchn_status(d, chn); } -static inline int xsm_evtchn_reset (struct domain *d1, struct domain *d2) +static inline int xsm_evtchn_reset (xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->evtchn_reset(d1, d2); } -static inline int xsm_grant_mapref (struct domain *d1, struct domain *d2, +static inline int xsm_grant_mapref (xsm_default_t def, struct domain *d1, struct domain *d2, uint32_t flags) { return xsm_ops->grant_mapref(d1, d2, flags); } -static inline int xsm_grant_unmapref (struct domain *d1, struct domain *d2) +static inline int xsm_grant_unmapref (xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->grant_unmapref(d1, d2); } -static inline int xsm_grant_setup (struct domain *d1, struct domain *d2) +static inline int xsm_grant_setup (xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->grant_setup(d1, d2); } -static inline int xsm_grant_transfer (struct domain *d1, struct domain *d2) +static inline int xsm_grant_transfer (xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->grant_transfer(d1, d2); } -static inline int xsm_grant_copy (struct domain *d1, struct domain *d2) +static inline int xsm_grant_copy (xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->grant_copy(d1, d2); } -static inline int xsm_grant_query_size (struct domain *d1, struct domain *d2) +static inline int xsm_grant_query_size (xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->grant_query_size(d1, d2); } @@ -276,60 +288,60 @@ static inline char *xsm_show_security_ev return xsm_ops->show_security_evtchn(d, chn); } -static inline int xsm_get_pod_target (struct domain *d) +static inline int xsm_get_pod_target (xsm_default_t def, struct domain *d) { return xsm_ops->get_pod_target(d); } -static inline int xsm_set_pod_target (struct domain *d) +static inline int xsm_set_pod_target (xsm_default_t def, struct domain *d) { return xsm_ops->set_pod_target(d); } -static inline int xsm_memory_exchange (struct domain *d) +static inline int xsm_memory_exchange (xsm_default_t def, struct domain *d) { return xsm_ops->memory_exchange(d); } -static inline int xsm_memory_adjust_reservation (struct domain *d1, struct +static inline int xsm_memory_adjust_reservation (xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->memory_adjust_reservation(d1, d2); } -static inline int xsm_memory_stat_reservation (struct domain *d1, +static inline int xsm_memory_stat_reservation (xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->memory_stat_reservation(d1, d2); } -static inline int xsm_memory_pin_page(struct domain *d1, struct domain *d2, +static inline int xsm_memory_pin_page(xsm_default_t def, struct domain *d1, struct domain *d2, struct page_info *page) { return xsm_ops->memory_pin_page(d1, d2, page); } -static inline int xsm_remove_from_physmap(struct domain *d1, struct domain *d2) +static inline int xsm_remove_from_physmap(xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->remove_from_physmap(d1, d2); } -static inline int xsm_console_io (struct domain *d, int cmd) +static inline int xsm_console_io (xsm_default_t def, struct domain *d, int cmd) { return xsm_ops->console_io(d, cmd); } -static inline int xsm_profile (struct domain *d, int op) +static inline int xsm_profile (xsm_default_t def, struct domain *d, int op) { return xsm_ops->profile(d, op); } -static inline int xsm_kexec (void) +static inline int xsm_kexec (xsm_default_t def) { return xsm_ops->kexec(); } -static inline int xsm_schedop_shutdown (struct domain *d1, struct domain *d2) +static inline int xsm_schedop_shutdown (xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->schedop_shutdown(d1, d2); } @@ -339,92 +351,92 @@ static inline char *xsm_show_irq_sid (in return xsm_ops->show_irq_sid(irq); } -static inline int xsm_map_domain_pirq (struct domain *d, int irq, void *data) +static inline int xsm_map_domain_pirq (xsm_default_t def, struct domain *d, int irq, void *data) { return xsm_ops->map_domain_pirq(d, irq, data); } -static inline int xsm_unmap_domain_pirq (struct domain *d, int irq) +static inline int xsm_unmap_domain_pirq (xsm_default_t def, struct domain *d, int irq) { return xsm_ops->unmap_domain_pirq(d, irq); } -static inline int xsm_irq_permission (struct domain *d, int pirq, uint8_t allow) +static inline int xsm_irq_permission (xsm_default_t def, struct domain *d, int pirq, uint8_t allow) { return xsm_ops->irq_permission(d, pirq, allow); } -static inline int xsm_iomem_permission (struct domain *d, uint64_t s, uint64_t e, uint8_t allow) +static inline int xsm_iomem_permission (xsm_default_t def, struct domain *d, uint64_t s, uint64_t e, uint8_t allow) { return xsm_ops->iomem_permission(d, s, e, allow); } -static inline int xsm_iomem_mapping (struct domain *d, uint64_t s, uint64_t e, uint8_t allow) +static inline int xsm_iomem_mapping (xsm_default_t def, struct domain *d, uint64_t s, uint64_t e, uint8_t allow) { return xsm_ops->iomem_mapping(d, s, e, allow); } -static inline int xsm_pci_config_permission (struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access) +static inline int xsm_pci_config_permission (xsm_default_t def, struct domain *d, uint32_t machine_bdf, uint16_t start, uint16_t end, uint8_t access) { return xsm_ops->pci_config_permission(d, machine_bdf, start, end, access); } -static inline int xsm_get_device_group(uint32_t machine_bdf) +static inline int xsm_get_device_group(xsm_default_t def, uint32_t machine_bdf) { return xsm_ops->get_device_group(machine_bdf); } -static inline int xsm_test_assign_device(uint32_t machine_bdf) +static inline int xsm_test_assign_device(xsm_default_t def, uint32_t machine_bdf) { return xsm_ops->test_assign_device(machine_bdf); } -static inline int xsm_assign_device(struct domain *d, uint32_t machine_bdf) +static inline int xsm_assign_device(xsm_default_t def, struct domain *d, uint32_t machine_bdf) { return xsm_ops->assign_device(d, machine_bdf); } -static inline int xsm_deassign_device(struct domain *d, uint32_t machine_bdf) +static inline int xsm_deassign_device(xsm_default_t def, struct domain *d, uint32_t machine_bdf) { return xsm_ops->deassign_device(d, machine_bdf); } -static inline int xsm_resource_plug_pci (uint32_t machine_bdf) +static inline int xsm_resource_plug_pci (xsm_default_t def, uint32_t machine_bdf) { return xsm_ops->resource_plug_pci(machine_bdf); } -static inline int xsm_resource_unplug_pci (uint32_t machine_bdf) +static inline int xsm_resource_unplug_pci (xsm_default_t def, uint32_t machine_bdf) { return xsm_ops->resource_unplug_pci(machine_bdf); } -static inline int xsm_resource_plug_core (void) +static inline int xsm_resource_plug_core (xsm_default_t def) { return xsm_ops->resource_plug_core(); } -static inline int xsm_resource_unplug_core (void) +static inline int xsm_resource_unplug_core (xsm_default_t def) { return xsm_ops->resource_unplug_core(); } -static inline int xsm_resource_setup_pci (uint32_t machine_bdf) +static inline int xsm_resource_setup_pci (xsm_default_t def, uint32_t machine_bdf) { return xsm_ops->resource_setup_pci(machine_bdf); } -static inline int xsm_resource_setup_gsi (int gsi) +static inline int xsm_resource_setup_gsi (xsm_default_t def, int gsi) { return xsm_ops->resource_setup_gsi(gsi); } -static inline int xsm_resource_setup_misc (void) +static inline int xsm_resource_setup_misc (xsm_default_t def) { return xsm_ops->resource_setup_misc(); } -static inline int xsm_page_offline(uint32_t cmd) +static inline int xsm_page_offline(xsm_default_t def, uint32_t cmd) { return xsm_ops->page_offline(cmd); } @@ -435,116 +447,116 @@ static inline long xsm_do_xsm_op (XEN_GU } #ifdef CONFIG_X86 -static inline int xsm_shadow_control (struct domain *d, uint32_t op) +static inline int xsm_shadow_control (xsm_default_t def, struct domain *d, uint32_t op) { return xsm_ops->shadow_control(d, op); } -static inline int xsm_hvm_param (struct domain *d, unsigned long op) +static inline int xsm_hvm_param (xsm_default_t def, struct domain *d, unsigned long op) { return xsm_ops->hvm_param(d, op); } -static inline int xsm_hvm_set_pci_intx_level (struct domain *d) +static inline int xsm_hvm_set_pci_intx_level (xsm_default_t def, struct domain *d) { return xsm_ops->hvm_set_pci_intx_level(d); } -static inline int xsm_hvm_set_isa_irq_level (struct domain *d) +static inline int xsm_hvm_set_isa_irq_level (xsm_default_t def, struct domain *d) { return xsm_ops->hvm_set_isa_irq_level(d); } -static inline int xsm_hvm_set_pci_link_route (struct domain *d) +static inline int xsm_hvm_set_pci_link_route (xsm_default_t def, struct domain *d) { return xsm_ops->hvm_set_pci_link_route(d); } -static inline int xsm_hvm_inject_msi (struct domain *d) +static inline int xsm_hvm_inject_msi (xsm_default_t def, struct domain *d) { return xsm_ops->hvm_inject_msi(d); } -static inline int xsm_mem_event_control (struct domain *d, int mode, int op) +static inline int xsm_mem_event_control (xsm_default_t def, struct domain *d, int mode, int op) { return xsm_ops->mem_event_control(d, mode, op); } -static inline int xsm_mem_event_op (struct domain *d, int op) +static inline int xsm_mem_event_op (xsm_default_t def, struct domain *d, int op) { return xsm_ops->mem_event_op(d, op); } -static inline int xsm_mem_sharing_op (struct domain *d, struct domain *cd, int op) +static inline int xsm_mem_sharing_op (xsm_default_t def, struct domain *d, struct domain *cd, int op) { return xsm_ops->mem_sharing_op(d, cd, op); } -static inline int xsm_apic (struct domain *d, int cmd) +static inline int xsm_apic (xsm_default_t def, struct domain *d, int cmd) { return xsm_ops->apic(d, cmd); } -static inline int xsm_memtype (uint32_t access) +static inline int xsm_memtype (xsm_default_t def, uint32_t access) { return xsm_ops->memtype(access); } -static inline int xsm_platform_op (uint32_t op) +static inline int xsm_platform_op (xsm_default_t def, uint32_t op) { return xsm_ops->platform_op(op); } -static inline int xsm_machine_memory_map(void) +static inline int xsm_machine_memory_map(xsm_default_t def) { return xsm_ops->machine_memory_map(); } -static inline int xsm_domain_memory_map(struct domain *d) +static inline int xsm_domain_memory_map(xsm_default_t def, struct domain *d) { return xsm_ops->domain_memory_map(d); } -static inline int xsm_mmu_update (struct domain *d, struct domain *t, +static inline int xsm_mmu_update (xsm_default_t def, struct domain *d, struct domain *t, struct domain *f, uint32_t flags) { return xsm_ops->mmu_update(d, t, f, flags); } -static inline int xsm_mmuext_op (struct domain *d, struct domain *f) +static inline int xsm_mmuext_op (xsm_default_t def, struct domain *d, struct domain *f) { return xsm_ops->mmuext_op(d, f); } -static inline int xsm_update_va_mapping(struct domain *d, struct domain *f, +static inline int xsm_update_va_mapping(xsm_default_t def, struct domain *d, struct domain *f, l1_pgentry_t pte) { return xsm_ops->update_va_mapping(d, f, pte); } -static inline int xsm_add_to_physmap(struct domain *d1, struct domain *d2) +static inline int xsm_add_to_physmap(xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->add_to_physmap(d1, d2); } -static inline int xsm_bind_pt_irq(struct domain *d, +static inline int xsm_bind_pt_irq(xsm_default_t def, struct domain *d, struct xen_domctl_bind_pt_irq *bind) { return xsm_ops->bind_pt_irq(d, bind); } -static inline int xsm_unbind_pt_irq(struct domain *d, +static inline int xsm_unbind_pt_irq(xsm_default_t def, struct domain *d, struct xen_domctl_bind_pt_irq *bind) { return xsm_ops->unbind_pt_irq(d, bind); } -static inline int xsm_ioport_permission (struct domain *d, uint32_t s, uint32_t e, uint8_t allow) +static inline int xsm_ioport_permission (xsm_default_t def, struct domain *d, uint32_t s, uint32_t e, uint8_t allow) { return xsm_ops->ioport_permission(d, s, e, allow); } -static inline int xsm_ioport_mapping (struct domain *d, uint32_t s, uint32_t e, uint8_t allow) +static inline int xsm_ioport_mapping (xsm_default_t def, struct domain *d, uint32_t s, uint32_t e, uint8_t allow) { return xsm_ops->ioport_mapping(d, s, e, allow); } @@ -564,7 +576,6 @@ extern void xsm_fixup_ops(struct xsm_ope #else /* XSM_ENABLE */ -#define XSM_INLINE inline #include static inline int xsm_init (unsigned long *module_map, _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:25:18 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:25:18 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOJC-0000La-9G; Wed, 16 Jan 2013 08:25:18 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOJA-0000LH-Jj for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:25:16 +0000 Received: from [85.158.143.35:41169] by server-3.bemta-4.messagelabs.com id F1/51-19220-BE366F05; Wed, 16 Jan 2013 08:25:15 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-11.tower-21.messagelabs.com!1358324546!11313978!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 25735 invoked from network); 16 Jan 2013 08:22:27 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-11.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:27 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGQ-0003sU-Jk for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:26 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGQ-0000fa-Ia for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:26 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:26 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] x86: Assert !in_atomic() before exiting to guest context. X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Keir Fraser # Date 1358171745 0 # Node ID e6f74afc78d26e0201c64d08b8a3ed089c2120ff # Parent 5db9c4e12fbf1c1ae8d50d6e3676521c06b1183c x86: Assert !in_atomic() before exiting to guest context. Signed-off-by: Keir Fraser --- diff -r 5db9c4e12fbf -r e6f74afc78d2 xen/arch/x86/hvm/svm/entry.S --- a/xen/arch/x86/hvm/svm/entry.S Sun Jan 13 10:20:52 2013 +0000 +++ b/xen/arch/x86/hvm/svm/entry.S Mon Jan 14 13:55:45 2013 +0000 @@ -42,6 +42,7 @@ ENTRY(svm_asm_do_resume) call svm_intr_assist call_with_regs(nsvm_vcpu_switch) + ASSERT_NOT_IN_ATOMIC get_current(bx) CLGI diff -r 5db9c4e12fbf -r e6f74afc78d2 xen/arch/x86/hvm/vmx/entry.S --- a/xen/arch/x86/hvm/vmx/entry.S Sun Jan 13 10:20:52 2013 +0000 +++ b/xen/arch/x86/hvm/vmx/entry.S Mon Jan 14 13:55:45 2013 +0000 @@ -98,6 +98,7 @@ vmx_asm_vmexit_handler: vmx_asm_do_vmentry: call vmx_intr_assist call nvmx_switch_guest + ASSERT_NOT_IN_ATOMIC get_current(bx) cli diff -r 5db9c4e12fbf -r e6f74afc78d2 xen/arch/x86/x86_64/compat/entry.S --- a/xen/arch/x86/x86_64/compat/entry.S Sun Jan 13 10:20:52 2013 +0000 +++ b/xen/arch/x86/x86_64/compat/entry.S Mon Jan 14 13:55:45 2013 +0000 @@ -92,6 +92,7 @@ compat_skip_clobber: /* %rbx: struct vcpu */ ENTRY(compat_test_all_events) + ASSERT_NOT_IN_ATOMIC cli # tests must not race interrupts /*compat_test_softirqs:*/ movl VCPU_processor(%rbx),%eax diff -r 5db9c4e12fbf -r e6f74afc78d2 xen/arch/x86/x86_64/entry.S --- a/xen/arch/x86/x86_64/entry.S Sun Jan 13 10:20:52 2013 +0000 +++ b/xen/arch/x86/x86_64/entry.S Mon Jan 14 13:55:45 2013 +0000 @@ -190,6 +190,7 @@ skip_clobber: /* %rbx: struct vcpu */ test_all_events: + ASSERT_NOT_IN_ATOMIC cli # tests must not race interrupts /*test_softirqs:*/ movl VCPU_processor(%rbx),%eax diff -r 5db9c4e12fbf -r e6f74afc78d2 xen/common/preempt.c --- a/xen/common/preempt.c Sun Jan 13 10:20:52 2013 +0000 +++ b/xen/common/preempt.c Mon Jan 14 13:55:45 2013 +0000 @@ -30,3 +30,9 @@ bool_t in_atomic(void) { return preempt_count() || in_irq() || !local_irq_is_enabled(); } + +/* asm helper */ +void bug_if_in_atomic(void) +{ + BUG_ON(in_atomic()); +} diff -r 5db9c4e12fbf -r e6f74afc78d2 xen/include/asm-x86/asm_defns.h --- a/xen/include/asm-x86/asm_defns.h Sun Jan 13 10:20:52 2013 +0000 +++ b/xen/include/asm-x86/asm_defns.h Mon Jan 14 13:55:45 2013 +0000 @@ -59,6 +59,14 @@ void ret_from_intr(void); GET_STACK_BASE(reg); \ __GET_CURRENT(reg) +#ifndef NDEBUG +#define ASSERT_NOT_IN_ATOMIC \ + sti; /* sometimes called with interrupts disabled: safe to enable */ \ + call bug_if_in_atomic +#else +#define ASSERT_NOT_IN_ATOMIC +#endif + #endif #endif /* __X86_ASM_DEFNS_H__ */ _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:25:18 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:25:18 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOJC-0000La-9G; Wed, 16 Jan 2013 08:25:18 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOJA-0000LH-Jj for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:25:16 +0000 Received: from [85.158.143.35:41169] by server-3.bemta-4.messagelabs.com id F1/51-19220-BE366F05; Wed, 16 Jan 2013 08:25:15 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-11.tower-21.messagelabs.com!1358324546!11313978!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 25735 invoked from network); 16 Jan 2013 08:22:27 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-11.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:27 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGQ-0003sU-Jk for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:26 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGQ-0000fa-Ia for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:26 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:26 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] x86: Assert !in_atomic() before exiting to guest context. X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Keir Fraser # Date 1358171745 0 # Node ID e6f74afc78d26e0201c64d08b8a3ed089c2120ff # Parent 5db9c4e12fbf1c1ae8d50d6e3676521c06b1183c x86: Assert !in_atomic() before exiting to guest context. Signed-off-by: Keir Fraser --- diff -r 5db9c4e12fbf -r e6f74afc78d2 xen/arch/x86/hvm/svm/entry.S --- a/xen/arch/x86/hvm/svm/entry.S Sun Jan 13 10:20:52 2013 +0000 +++ b/xen/arch/x86/hvm/svm/entry.S Mon Jan 14 13:55:45 2013 +0000 @@ -42,6 +42,7 @@ ENTRY(svm_asm_do_resume) call svm_intr_assist call_with_regs(nsvm_vcpu_switch) + ASSERT_NOT_IN_ATOMIC get_current(bx) CLGI diff -r 5db9c4e12fbf -r e6f74afc78d2 xen/arch/x86/hvm/vmx/entry.S --- a/xen/arch/x86/hvm/vmx/entry.S Sun Jan 13 10:20:52 2013 +0000 +++ b/xen/arch/x86/hvm/vmx/entry.S Mon Jan 14 13:55:45 2013 +0000 @@ -98,6 +98,7 @@ vmx_asm_vmexit_handler: vmx_asm_do_vmentry: call vmx_intr_assist call nvmx_switch_guest + ASSERT_NOT_IN_ATOMIC get_current(bx) cli diff -r 5db9c4e12fbf -r e6f74afc78d2 xen/arch/x86/x86_64/compat/entry.S --- a/xen/arch/x86/x86_64/compat/entry.S Sun Jan 13 10:20:52 2013 +0000 +++ b/xen/arch/x86/x86_64/compat/entry.S Mon Jan 14 13:55:45 2013 +0000 @@ -92,6 +92,7 @@ compat_skip_clobber: /* %rbx: struct vcpu */ ENTRY(compat_test_all_events) + ASSERT_NOT_IN_ATOMIC cli # tests must not race interrupts /*compat_test_softirqs:*/ movl VCPU_processor(%rbx),%eax diff -r 5db9c4e12fbf -r e6f74afc78d2 xen/arch/x86/x86_64/entry.S --- a/xen/arch/x86/x86_64/entry.S Sun Jan 13 10:20:52 2013 +0000 +++ b/xen/arch/x86/x86_64/entry.S Mon Jan 14 13:55:45 2013 +0000 @@ -190,6 +190,7 @@ skip_clobber: /* %rbx: struct vcpu */ test_all_events: + ASSERT_NOT_IN_ATOMIC cli # tests must not race interrupts /*test_softirqs:*/ movl VCPU_processor(%rbx),%eax diff -r 5db9c4e12fbf -r e6f74afc78d2 xen/common/preempt.c --- a/xen/common/preempt.c Sun Jan 13 10:20:52 2013 +0000 +++ b/xen/common/preempt.c Mon Jan 14 13:55:45 2013 +0000 @@ -30,3 +30,9 @@ bool_t in_atomic(void) { return preempt_count() || in_irq() || !local_irq_is_enabled(); } + +/* asm helper */ +void bug_if_in_atomic(void) +{ + BUG_ON(in_atomic()); +} diff -r 5db9c4e12fbf -r e6f74afc78d2 xen/include/asm-x86/asm_defns.h --- a/xen/include/asm-x86/asm_defns.h Sun Jan 13 10:20:52 2013 +0000 +++ b/xen/include/asm-x86/asm_defns.h Mon Jan 14 13:55:45 2013 +0000 @@ -59,6 +59,14 @@ void ret_from_intr(void); GET_STACK_BASE(reg); \ __GET_CURRENT(reg) +#ifndef NDEBUG +#define ASSERT_NOT_IN_ATOMIC \ + sti; /* sometimes called with interrupts disabled: safe to enable */ \ + call bug_if_in_atomic +#else +#define ASSERT_NOT_IN_ATOMIC +#endif + #endif #endif /* __X86_ASM_DEFNS_H__ */ _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:31:44 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:31:44 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOPO-0000d4-Sj; Wed, 16 Jan 2013 08:31:42 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOPN-0000cy-07 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:31:41 +0000 Received: from [193.109.254.147:36164] by server-13.bemta-14.messagelabs.com id 78/73-01725-C6566F05; Wed, 16 Jan 2013 08:31:40 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-11.tower-27.messagelabs.com!1358324533!2207088!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 27195 invoked from network); 16 Jan 2013 08:22:14 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-11.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:14 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGD-0003rI-A4 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:13 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGD-0000Zv-8z for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:13 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:12 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] arch/x86: Add missing mem_sharing XSM hooks X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357900760 0 # Node ID 62dcb40caa1d3ff6e0d47ad3e6616a4dbe433258 # Parent b0ab408cb0b9e668edcc9340f7688f6fb3d998dd arch/x86: Add missing mem_sharing XSM hooks This patch adds splits up the mem_sharing and mem_event XSM hooks to better cover what the code is doing. It also changes the utility function get_mem_event_op_target to rcu_lock_live_remote_domain_by_id because there is no mm-specific logic in there. Signed-off-by: Daniel De Graaf Acked-by: Tim Deegan Acked-by: Jan Beulich Committed-by: Keir Fraser --- diff -r b0ab408cb0b9 -r 62dcb40caa1d xen/arch/x86/domctl.c --- a/xen/arch/x86/domctl.c Fri Jan 11 10:38:39 2013 +0000 +++ b/xen/arch/x86/domctl.c Fri Jan 11 10:39:20 2013 +0000 @@ -1223,10 +1223,8 @@ long arch_do_domctl( case XEN_DOMCTL_mem_event_op: { - ret = xsm_mem_event(d); - if ( !ret ) - ret = mem_event_domctl(d, &domctl->u.mem_event_op, - guest_handle_cast(u_domctl, void)); + ret = mem_event_domctl(d, &domctl->u.mem_event_op, + guest_handle_cast(u_domctl, void)); copyback = 1; } break; @@ -1265,7 +1263,7 @@ long arch_do_domctl( if ( current->domain == d ) break; - ret = xsm_mem_event(d); + ret = xsm_mem_event_setup(d); if ( !ret ) { p2m = p2m_get_hostp2m(d); p2m->access_required = domctl->u.access_required.access_required; diff -r b0ab408cb0b9 -r 62dcb40caa1d xen/arch/x86/mm/mem_event.c --- a/xen/arch/x86/mm/mem_event.c Fri Jan 11 10:38:39 2013 +0000 +++ b/xen/arch/x86/mm/mem_event.c Fri Jan 11 10:39:20 2013 +0000 @@ -29,6 +29,7 @@ #include #include #include +#include /* for public/io/ring.h macros */ #define xen_mb() mb() @@ -439,35 +440,19 @@ static void mem_sharing_notification(str mem_sharing_sharing_resume(v->domain); } -struct domain *get_mem_event_op_target(uint32_t domain, int *rc) -{ - struct domain *d; - - /* Get the target domain */ - *rc = rcu_lock_remote_target_domain_by_id(domain, &d); - if ( *rc != 0 ) - return NULL; - - /* Not dying? */ - if ( d->is_dying ) - { - rcu_unlock_domain(d); - *rc = -EINVAL; - return NULL; - } - - return d; -} - int do_mem_event_op(int op, uint32_t domain, void *arg) { int ret; struct domain *d; - d = get_mem_event_op_target(domain, &ret); - if ( !d ) + ret = rcu_lock_live_remote_domain_by_id(domain, &d); + if ( ret ) return ret; + ret = xsm_mem_event_op(d, op); + if ( ret ) + goto out; + switch (op) { case XENMEM_paging_op: @@ -483,6 +468,7 @@ int do_mem_event_op(int op, uint32_t dom ret = -ENOSYS; } + out: rcu_unlock_domain(d); return ret; } @@ -516,6 +502,10 @@ int mem_event_domctl(struct domain *d, x { int rc; + rc = xsm_mem_event_control(d, mec->mode, mec->op); + if ( rc ) + return rc; + if ( unlikely(d == current->domain) ) { gdprintk(XENLOG_INFO, "Tried to do a memory event op on itself.\n"); @@ -537,13 +527,6 @@ int mem_event_domctl(struct domain *d, x return -EINVAL; } - /* TODO: XSM hook */ -#if 0 - rc = xsm_mem_event_control(d, mec->op); - if ( rc ) - return rc; -#endif - rc = -ENOSYS; switch ( mec->mode ) diff -r b0ab408cb0b9 -r 62dcb40caa1d xen/arch/x86/mm/mem_sharing.c --- a/xen/arch/x86/mm/mem_sharing.c Fri Jan 11 10:38:39 2013 +0000 +++ b/xen/arch/x86/mm/mem_sharing.c Fri Jan 11 10:39:20 2013 +0000 @@ -34,6 +34,7 @@ #include #include #include +#include #include "mm-locks.h" @@ -1345,10 +1346,18 @@ int mem_sharing_memop(struct domain *d, if ( !mem_sharing_enabled(d) ) return -EINVAL; - cd = get_mem_event_op_target(mec->u.share.client_domain, &rc); - if ( !cd ) + rc = rcu_lock_live_remote_domain_by_id(mec->u.share.client_domain, + &cd); + if ( rc ) return rc; + rc = xsm_mem_sharing_op(d, cd, mec->op); + if ( rc ) + { + rcu_unlock_domain(cd); + return rc; + } + if ( !mem_sharing_enabled(cd) ) { rcu_unlock_domain(cd); @@ -1401,10 +1410,18 @@ int mem_sharing_memop(struct domain *d, if ( !mem_sharing_enabled(d) ) return -EINVAL; - cd = get_mem_event_op_target(mec->u.share.client_domain, &rc); - if ( !cd ) + rc = rcu_lock_live_remote_domain_by_id(mec->u.share.client_domain, + &cd); + if ( rc ) return rc; + rc = xsm_mem_sharing_op(d, cd, mec->op); + if ( rc ) + { + rcu_unlock_domain(cd); + return rc; + } + if ( !mem_sharing_enabled(cd) ) { rcu_unlock_domain(cd); diff -r b0ab408cb0b9 -r 62dcb40caa1d xen/common/domain.c --- a/xen/common/domain.c Fri Jan 11 10:38:39 2013 +0000 +++ b/xen/common/domain.c Fri Jan 11 10:39:20 2013 +0000 @@ -475,6 +475,21 @@ int rcu_lock_remote_domain_by_id(domid_t return 0; } +int rcu_lock_live_remote_domain_by_id(domid_t dom, struct domain **d) +{ + int rv; + rv = rcu_lock_remote_domain_by_id(dom, d); + if ( rv ) + return rv; + if ( (*d)->is_dying ) + { + rcu_unlock_domain(*d); + return -EINVAL; + } + + return 0; +} + int domain_kill(struct domain *d) { int rc = 0; diff -r b0ab408cb0b9 -r 62dcb40caa1d xen/include/asm-x86/mem_event.h --- a/xen/include/asm-x86/mem_event.h Fri Jan 11 10:38:39 2013 +0000 +++ b/xen/include/asm-x86/mem_event.h Fri Jan 11 10:39:20 2013 +0000 @@ -62,7 +62,6 @@ void mem_event_put_request(struct domain int mem_event_get_response(struct domain *d, struct mem_event_domain *med, mem_event_response_t *rsp); -struct domain *get_mem_event_op_target(uint32_t domain, int *rc); int do_mem_event_op(int op, uint32_t domain, void *arg); int mem_event_domctl(struct domain *d, xen_domctl_mem_event_op_t *mec, XEN_GUEST_HANDLE_PARAM(void) u_domctl); diff -r b0ab408cb0b9 -r 62dcb40caa1d xen/include/xen/sched.h --- a/xen/include/xen/sched.h Fri Jan 11 10:38:39 2013 +0000 +++ b/xen/include/xen/sched.h Fri Jan 11 10:39:20 2013 +0000 @@ -484,6 +484,12 @@ int rcu_lock_remote_target_domain_by_id( */ int rcu_lock_remote_domain_by_id(domid_t dom, struct domain **d); +/* + * As rcu_lock_remote_domain_by_id() but will fail EINVAL if the domain is + * dying. + */ +int rcu_lock_live_remote_domain_by_id(domid_t dom, struct domain **d); + /* Finish a RCU critical region started by rcu_lock_domain_by_id(). */ static inline void rcu_unlock_domain(struct domain *d) { diff -r b0ab408cb0b9 -r 62dcb40caa1d xen/include/xsm/dummy.h --- a/xen/include/xsm/dummy.h Fri Jan 11 10:38:39 2013 +0000 +++ b/xen/include/xsm/dummy.h Fri Jan 11 10:39:20 2013 +0000 @@ -551,16 +551,37 @@ static XSM_INLINE int xsm_hvm_inject_msi return 0; } -static XSM_INLINE int xsm_mem_event(struct domain *d) +static XSM_INLINE int xsm_mem_event_setup(struct domain *d) { return 0; } +static XSM_INLINE int xsm_mem_event_control(struct domain *d, int mode, int op) +{ + if ( !IS_PRIV(current->domain) ) + return -EPERM; + return 0; +} + +static XSM_INLINE int xsm_mem_event_op(struct domain *d, int op) +{ + if ( !IS_PRIV_FOR(current->domain, d) ) + return -EPERM; + return 0; +} + static XSM_INLINE int xsm_mem_sharing(struct domain *d) { return 0; } +static XSM_INLINE int xsm_mem_sharing_op(struct domain *d, struct domain *cd, int op) +{ + if ( !IS_PRIV_FOR(current->domain, cd) ) + return -EPERM; + return 0; +} + static XSM_INLINE int xsm_apic(struct domain *d, int cmd) { if ( !IS_PRIV(d) ) diff -r b0ab408cb0b9 -r 62dcb40caa1d xen/include/xsm/xsm.h --- a/xen/include/xsm/xsm.h Fri Jan 11 10:38:39 2013 +0000 +++ b/xen/include/xsm/xsm.h Fri Jan 11 10:39:20 2013 +0000 @@ -151,8 +151,11 @@ struct xsm_operations { int (*hvm_set_isa_irq_level) (struct domain *d); int (*hvm_set_pci_link_route) (struct domain *d); int (*hvm_inject_msi) (struct domain *d); - int (*mem_event) (struct domain *d); + int (*mem_event_setup) (struct domain *d); + int (*mem_event_control) (struct domain *d, int mode, int op); + int (*mem_event_op) (struct domain *d, int op); int (*mem_sharing) (struct domain *d); + int (*mem_sharing_op) (struct domain *d, struct domain *cd, int op); int (*apic) (struct domain *d, int cmd); int (*xen_settime) (void); int (*memtype) (uint32_t access); @@ -665,9 +668,19 @@ static inline int xsm_hvm_inject_msi (st return xsm_ops->hvm_inject_msi(d); } -static inline int xsm_mem_event (struct domain *d) +static inline int xsm_mem_event_setup (struct domain *d) { - return xsm_ops->mem_event(d); + return xsm_ops->mem_event_setup(d); +} + +static inline int xsm_mem_event_control (struct domain *d, int mode, int op) +{ + return xsm_ops->mem_event_control(d, mode, op); +} + +static inline int xsm_mem_event_op (struct domain *d, int op) +{ + return xsm_ops->mem_event_op(d, op); } static inline int xsm_mem_sharing (struct domain *d) @@ -675,6 +688,11 @@ static inline int xsm_mem_sharing (struc return xsm_ops->mem_sharing(d); } +static inline int xsm_mem_sharing_op (struct domain *d, struct domain *cd, int op) +{ + return xsm_ops->mem_sharing_op(d, cd, op); +} + static inline int xsm_apic (struct domain *d, int cmd) { return xsm_ops->apic(d, cmd); diff -r b0ab408cb0b9 -r 62dcb40caa1d xen/xsm/dummy.c --- a/xen/xsm/dummy.c Fri Jan 11 10:38:39 2013 +0000 +++ b/xen/xsm/dummy.c Fri Jan 11 10:39:20 2013 +0000 @@ -136,8 +136,11 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, hvm_set_isa_irq_level); set_to_dummy_if_null(ops, hvm_set_pci_link_route); set_to_dummy_if_null(ops, hvm_inject_msi); - set_to_dummy_if_null(ops, mem_event); + set_to_dummy_if_null(ops, mem_event_setup); + set_to_dummy_if_null(ops, mem_event_control); + set_to_dummy_if_null(ops, mem_event_op); set_to_dummy_if_null(ops, mem_sharing); + set_to_dummy_if_null(ops, mem_sharing_op); set_to_dummy_if_null(ops, apic); set_to_dummy_if_null(ops, xen_settime); set_to_dummy_if_null(ops, memtype); diff -r b0ab408cb0b9 -r 62dcb40caa1d xen/xsm/flask/hooks.c --- a/xen/xsm/flask/hooks.c Fri Jan 11 10:38:39 2013 +0000 +++ b/xen/xsm/flask/hooks.c Fri Jan 11 10:39:20 2013 +0000 @@ -1278,7 +1278,17 @@ static int flask_hvm_inject_msi(struct d return current_has_perm(d, SECCLASS_HVM, HVM__SEND_IRQ); } -static int flask_mem_event(struct domain *d) +static int flask_mem_event_setup(struct domain *d) +{ + return current_has_perm(d, SECCLASS_HVM, HVM__MEM_EVENT); +} + +static int flask_mem_event_control(struct domain *d, int mode, int op) +{ + return current_has_perm(d, SECCLASS_HVM, HVM__MEM_EVENT); +} + +static int flask_mem_event_op(struct domain *d, int op) { return current_has_perm(d, SECCLASS_HVM, HVM__MEM_EVENT); } @@ -1288,6 +1298,14 @@ static int flask_mem_sharing(struct doma return current_has_perm(d, SECCLASS_HVM, HVM__MEM_SHARING); } +static int flask_mem_sharing_op(struct domain *d, struct domain *cd, int op) +{ + int rc = current_has_perm(cd, SECCLASS_HVM, HVM__MEM_SHARING); + if ( rc ) + return rc; + return domain_has_perm(d, cd, SECCLASS_HVM, HVM__SHARE_MEM); +} + static int flask_apic(struct domain *d, int cmd) { u32 perm; @@ -1737,8 +1755,11 @@ static struct xsm_operations flask_ops = .hvm_set_isa_irq_level = flask_hvm_set_isa_irq_level, .hvm_set_pci_link_route = flask_hvm_set_pci_link_route, .hvm_inject_msi = flask_hvm_inject_msi, - .mem_event = flask_mem_event, + .mem_event_setup = flask_mem_event_setup, + .mem_event_control = flask_mem_event_control, + .mem_event_op = flask_mem_event_op, .mem_sharing = flask_mem_sharing, + .mem_sharing_op = flask_mem_sharing_op, .apic = flask_apic, .xen_settime = flask_xen_settime, .memtype = flask_memtype, diff -r b0ab408cb0b9 -r 62dcb40caa1d xen/xsm/flask/policy/access_vectors --- a/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:38:39 2013 +0000 +++ b/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:39:20 2013 +0000 @@ -102,6 +102,7 @@ class hvm mem_sharing audit_p2m send_irq + share_mem } class event _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:31:44 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:31:44 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOPO-0000d4-Sj; Wed, 16 Jan 2013 08:31:42 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOPN-0000cy-07 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:31:41 +0000 Received: from [193.109.254.147:36164] by server-13.bemta-14.messagelabs.com id 78/73-01725-C6566F05; Wed, 16 Jan 2013 08:31:40 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-11.tower-27.messagelabs.com!1358324533!2207088!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 27195 invoked from network); 16 Jan 2013 08:22:14 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-11.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:14 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGD-0003rI-A4 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:13 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGD-0000Zv-8z for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:13 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:12 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] arch/x86: Add missing mem_sharing XSM hooks X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1357900760 0 # Node ID 62dcb40caa1d3ff6e0d47ad3e6616a4dbe433258 # Parent b0ab408cb0b9e668edcc9340f7688f6fb3d998dd arch/x86: Add missing mem_sharing XSM hooks This patch adds splits up the mem_sharing and mem_event XSM hooks to better cover what the code is doing. It also changes the utility function get_mem_event_op_target to rcu_lock_live_remote_domain_by_id because there is no mm-specific logic in there. Signed-off-by: Daniel De Graaf Acked-by: Tim Deegan Acked-by: Jan Beulich Committed-by: Keir Fraser --- diff -r b0ab408cb0b9 -r 62dcb40caa1d xen/arch/x86/domctl.c --- a/xen/arch/x86/domctl.c Fri Jan 11 10:38:39 2013 +0000 +++ b/xen/arch/x86/domctl.c Fri Jan 11 10:39:20 2013 +0000 @@ -1223,10 +1223,8 @@ long arch_do_domctl( case XEN_DOMCTL_mem_event_op: { - ret = xsm_mem_event(d); - if ( !ret ) - ret = mem_event_domctl(d, &domctl->u.mem_event_op, - guest_handle_cast(u_domctl, void)); + ret = mem_event_domctl(d, &domctl->u.mem_event_op, + guest_handle_cast(u_domctl, void)); copyback = 1; } break; @@ -1265,7 +1263,7 @@ long arch_do_domctl( if ( current->domain == d ) break; - ret = xsm_mem_event(d); + ret = xsm_mem_event_setup(d); if ( !ret ) { p2m = p2m_get_hostp2m(d); p2m->access_required = domctl->u.access_required.access_required; diff -r b0ab408cb0b9 -r 62dcb40caa1d xen/arch/x86/mm/mem_event.c --- a/xen/arch/x86/mm/mem_event.c Fri Jan 11 10:38:39 2013 +0000 +++ b/xen/arch/x86/mm/mem_event.c Fri Jan 11 10:39:20 2013 +0000 @@ -29,6 +29,7 @@ #include #include #include +#include /* for public/io/ring.h macros */ #define xen_mb() mb() @@ -439,35 +440,19 @@ static void mem_sharing_notification(str mem_sharing_sharing_resume(v->domain); } -struct domain *get_mem_event_op_target(uint32_t domain, int *rc) -{ - struct domain *d; - - /* Get the target domain */ - *rc = rcu_lock_remote_target_domain_by_id(domain, &d); - if ( *rc != 0 ) - return NULL; - - /* Not dying? */ - if ( d->is_dying ) - { - rcu_unlock_domain(d); - *rc = -EINVAL; - return NULL; - } - - return d; -} - int do_mem_event_op(int op, uint32_t domain, void *arg) { int ret; struct domain *d; - d = get_mem_event_op_target(domain, &ret); - if ( !d ) + ret = rcu_lock_live_remote_domain_by_id(domain, &d); + if ( ret ) return ret; + ret = xsm_mem_event_op(d, op); + if ( ret ) + goto out; + switch (op) { case XENMEM_paging_op: @@ -483,6 +468,7 @@ int do_mem_event_op(int op, uint32_t dom ret = -ENOSYS; } + out: rcu_unlock_domain(d); return ret; } @@ -516,6 +502,10 @@ int mem_event_domctl(struct domain *d, x { int rc; + rc = xsm_mem_event_control(d, mec->mode, mec->op); + if ( rc ) + return rc; + if ( unlikely(d == current->domain) ) { gdprintk(XENLOG_INFO, "Tried to do a memory event op on itself.\n"); @@ -537,13 +527,6 @@ int mem_event_domctl(struct domain *d, x return -EINVAL; } - /* TODO: XSM hook */ -#if 0 - rc = xsm_mem_event_control(d, mec->op); - if ( rc ) - return rc; -#endif - rc = -ENOSYS; switch ( mec->mode ) diff -r b0ab408cb0b9 -r 62dcb40caa1d xen/arch/x86/mm/mem_sharing.c --- a/xen/arch/x86/mm/mem_sharing.c Fri Jan 11 10:38:39 2013 +0000 +++ b/xen/arch/x86/mm/mem_sharing.c Fri Jan 11 10:39:20 2013 +0000 @@ -34,6 +34,7 @@ #include #include #include +#include #include "mm-locks.h" @@ -1345,10 +1346,18 @@ int mem_sharing_memop(struct domain *d, if ( !mem_sharing_enabled(d) ) return -EINVAL; - cd = get_mem_event_op_target(mec->u.share.client_domain, &rc); - if ( !cd ) + rc = rcu_lock_live_remote_domain_by_id(mec->u.share.client_domain, + &cd); + if ( rc ) return rc; + rc = xsm_mem_sharing_op(d, cd, mec->op); + if ( rc ) + { + rcu_unlock_domain(cd); + return rc; + } + if ( !mem_sharing_enabled(cd) ) { rcu_unlock_domain(cd); @@ -1401,10 +1410,18 @@ int mem_sharing_memop(struct domain *d, if ( !mem_sharing_enabled(d) ) return -EINVAL; - cd = get_mem_event_op_target(mec->u.share.client_domain, &rc); - if ( !cd ) + rc = rcu_lock_live_remote_domain_by_id(mec->u.share.client_domain, + &cd); + if ( rc ) return rc; + rc = xsm_mem_sharing_op(d, cd, mec->op); + if ( rc ) + { + rcu_unlock_domain(cd); + return rc; + } + if ( !mem_sharing_enabled(cd) ) { rcu_unlock_domain(cd); diff -r b0ab408cb0b9 -r 62dcb40caa1d xen/common/domain.c --- a/xen/common/domain.c Fri Jan 11 10:38:39 2013 +0000 +++ b/xen/common/domain.c Fri Jan 11 10:39:20 2013 +0000 @@ -475,6 +475,21 @@ int rcu_lock_remote_domain_by_id(domid_t return 0; } +int rcu_lock_live_remote_domain_by_id(domid_t dom, struct domain **d) +{ + int rv; + rv = rcu_lock_remote_domain_by_id(dom, d); + if ( rv ) + return rv; + if ( (*d)->is_dying ) + { + rcu_unlock_domain(*d); + return -EINVAL; + } + + return 0; +} + int domain_kill(struct domain *d) { int rc = 0; diff -r b0ab408cb0b9 -r 62dcb40caa1d xen/include/asm-x86/mem_event.h --- a/xen/include/asm-x86/mem_event.h Fri Jan 11 10:38:39 2013 +0000 +++ b/xen/include/asm-x86/mem_event.h Fri Jan 11 10:39:20 2013 +0000 @@ -62,7 +62,6 @@ void mem_event_put_request(struct domain int mem_event_get_response(struct domain *d, struct mem_event_domain *med, mem_event_response_t *rsp); -struct domain *get_mem_event_op_target(uint32_t domain, int *rc); int do_mem_event_op(int op, uint32_t domain, void *arg); int mem_event_domctl(struct domain *d, xen_domctl_mem_event_op_t *mec, XEN_GUEST_HANDLE_PARAM(void) u_domctl); diff -r b0ab408cb0b9 -r 62dcb40caa1d xen/include/xen/sched.h --- a/xen/include/xen/sched.h Fri Jan 11 10:38:39 2013 +0000 +++ b/xen/include/xen/sched.h Fri Jan 11 10:39:20 2013 +0000 @@ -484,6 +484,12 @@ int rcu_lock_remote_target_domain_by_id( */ int rcu_lock_remote_domain_by_id(domid_t dom, struct domain **d); +/* + * As rcu_lock_remote_domain_by_id() but will fail EINVAL if the domain is + * dying. + */ +int rcu_lock_live_remote_domain_by_id(domid_t dom, struct domain **d); + /* Finish a RCU critical region started by rcu_lock_domain_by_id(). */ static inline void rcu_unlock_domain(struct domain *d) { diff -r b0ab408cb0b9 -r 62dcb40caa1d xen/include/xsm/dummy.h --- a/xen/include/xsm/dummy.h Fri Jan 11 10:38:39 2013 +0000 +++ b/xen/include/xsm/dummy.h Fri Jan 11 10:39:20 2013 +0000 @@ -551,16 +551,37 @@ static XSM_INLINE int xsm_hvm_inject_msi return 0; } -static XSM_INLINE int xsm_mem_event(struct domain *d) +static XSM_INLINE int xsm_mem_event_setup(struct domain *d) { return 0; } +static XSM_INLINE int xsm_mem_event_control(struct domain *d, int mode, int op) +{ + if ( !IS_PRIV(current->domain) ) + return -EPERM; + return 0; +} + +static XSM_INLINE int xsm_mem_event_op(struct domain *d, int op) +{ + if ( !IS_PRIV_FOR(current->domain, d) ) + return -EPERM; + return 0; +} + static XSM_INLINE int xsm_mem_sharing(struct domain *d) { return 0; } +static XSM_INLINE int xsm_mem_sharing_op(struct domain *d, struct domain *cd, int op) +{ + if ( !IS_PRIV_FOR(current->domain, cd) ) + return -EPERM; + return 0; +} + static XSM_INLINE int xsm_apic(struct domain *d, int cmd) { if ( !IS_PRIV(d) ) diff -r b0ab408cb0b9 -r 62dcb40caa1d xen/include/xsm/xsm.h --- a/xen/include/xsm/xsm.h Fri Jan 11 10:38:39 2013 +0000 +++ b/xen/include/xsm/xsm.h Fri Jan 11 10:39:20 2013 +0000 @@ -151,8 +151,11 @@ struct xsm_operations { int (*hvm_set_isa_irq_level) (struct domain *d); int (*hvm_set_pci_link_route) (struct domain *d); int (*hvm_inject_msi) (struct domain *d); - int (*mem_event) (struct domain *d); + int (*mem_event_setup) (struct domain *d); + int (*mem_event_control) (struct domain *d, int mode, int op); + int (*mem_event_op) (struct domain *d, int op); int (*mem_sharing) (struct domain *d); + int (*mem_sharing_op) (struct domain *d, struct domain *cd, int op); int (*apic) (struct domain *d, int cmd); int (*xen_settime) (void); int (*memtype) (uint32_t access); @@ -665,9 +668,19 @@ static inline int xsm_hvm_inject_msi (st return xsm_ops->hvm_inject_msi(d); } -static inline int xsm_mem_event (struct domain *d) +static inline int xsm_mem_event_setup (struct domain *d) { - return xsm_ops->mem_event(d); + return xsm_ops->mem_event_setup(d); +} + +static inline int xsm_mem_event_control (struct domain *d, int mode, int op) +{ + return xsm_ops->mem_event_control(d, mode, op); +} + +static inline int xsm_mem_event_op (struct domain *d, int op) +{ + return xsm_ops->mem_event_op(d, op); } static inline int xsm_mem_sharing (struct domain *d) @@ -675,6 +688,11 @@ static inline int xsm_mem_sharing (struc return xsm_ops->mem_sharing(d); } +static inline int xsm_mem_sharing_op (struct domain *d, struct domain *cd, int op) +{ + return xsm_ops->mem_sharing_op(d, cd, op); +} + static inline int xsm_apic (struct domain *d, int cmd) { return xsm_ops->apic(d, cmd); diff -r b0ab408cb0b9 -r 62dcb40caa1d xen/xsm/dummy.c --- a/xen/xsm/dummy.c Fri Jan 11 10:38:39 2013 +0000 +++ b/xen/xsm/dummy.c Fri Jan 11 10:39:20 2013 +0000 @@ -136,8 +136,11 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, hvm_set_isa_irq_level); set_to_dummy_if_null(ops, hvm_set_pci_link_route); set_to_dummy_if_null(ops, hvm_inject_msi); - set_to_dummy_if_null(ops, mem_event); + set_to_dummy_if_null(ops, mem_event_setup); + set_to_dummy_if_null(ops, mem_event_control); + set_to_dummy_if_null(ops, mem_event_op); set_to_dummy_if_null(ops, mem_sharing); + set_to_dummy_if_null(ops, mem_sharing_op); set_to_dummy_if_null(ops, apic); set_to_dummy_if_null(ops, xen_settime); set_to_dummy_if_null(ops, memtype); diff -r b0ab408cb0b9 -r 62dcb40caa1d xen/xsm/flask/hooks.c --- a/xen/xsm/flask/hooks.c Fri Jan 11 10:38:39 2013 +0000 +++ b/xen/xsm/flask/hooks.c Fri Jan 11 10:39:20 2013 +0000 @@ -1278,7 +1278,17 @@ static int flask_hvm_inject_msi(struct d return current_has_perm(d, SECCLASS_HVM, HVM__SEND_IRQ); } -static int flask_mem_event(struct domain *d) +static int flask_mem_event_setup(struct domain *d) +{ + return current_has_perm(d, SECCLASS_HVM, HVM__MEM_EVENT); +} + +static int flask_mem_event_control(struct domain *d, int mode, int op) +{ + return current_has_perm(d, SECCLASS_HVM, HVM__MEM_EVENT); +} + +static int flask_mem_event_op(struct domain *d, int op) { return current_has_perm(d, SECCLASS_HVM, HVM__MEM_EVENT); } @@ -1288,6 +1298,14 @@ static int flask_mem_sharing(struct doma return current_has_perm(d, SECCLASS_HVM, HVM__MEM_SHARING); } +static int flask_mem_sharing_op(struct domain *d, struct domain *cd, int op) +{ + int rc = current_has_perm(cd, SECCLASS_HVM, HVM__MEM_SHARING); + if ( rc ) + return rc; + return domain_has_perm(d, cd, SECCLASS_HVM, HVM__SHARE_MEM); +} + static int flask_apic(struct domain *d, int cmd) { u32 perm; @@ -1737,8 +1755,11 @@ static struct xsm_operations flask_ops = .hvm_set_isa_irq_level = flask_hvm_set_isa_irq_level, .hvm_set_pci_link_route = flask_hvm_set_pci_link_route, .hvm_inject_msi = flask_hvm_inject_msi, - .mem_event = flask_mem_event, + .mem_event_setup = flask_mem_event_setup, + .mem_event_control = flask_mem_event_control, + .mem_event_op = flask_mem_event_op, .mem_sharing = flask_mem_sharing, + .mem_sharing_op = flask_mem_sharing_op, .apic = flask_apic, .xen_settime = flask_xen_settime, .memtype = flask_memtype, diff -r b0ab408cb0b9 -r 62dcb40caa1d xen/xsm/flask/policy/access_vectors --- a/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:38:39 2013 +0000 +++ b/xen/xsm/flask/policy/access_vectors Fri Jan 11 10:39:20 2013 +0000 @@ -102,6 +102,7 @@ class hvm mem_sharing audit_p2m send_irq + share_mem } class event _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:31:52 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:31:52 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOPX-0000e2-WC; Wed, 16 Jan 2013 08:31:52 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOPW-0000dm-SI for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:31:50 +0000 Received: from [85.158.143.35:64746] by server-1.bemta-4.messagelabs.com id E7/3F-18740-47566F05; Wed, 16 Jan 2013 08:31:48 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-12.tower-21.messagelabs.com!1358324553!12566952!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 28870 invoked from network); 16 Jan 2013 08:22:34 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-12.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:34 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGX-0003tY-D2 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:33 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGX-0000is-Br for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:33 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:32 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] fix XENMEM_remove_from_physmap return value X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1358262664 -3600 # Node ID 327b812026fe62a990f1d81041729c42196983ca # Parent 78ed15cfd96aba346030df399ae04dd196475267 fix XENMEM_remove_from_physmap return value A random value is being returned as of c/s 26350:ba386fd2bf17 in the success case. Signed-off-by: Jan Beulich Acked-by: Ian Campbell Acked-by: Daniel De Graaf --- diff -r 78ed15cfd96a -r 327b812026fe xen/common/memory.c --- a/xen/common/memory.c Tue Jan 15 11:33:41 2013 +0100 +++ b/xen/common/memory.c Tue Jan 15 16:11:04 2013 +0100 @@ -687,10 +687,11 @@ long do_memory_op(unsigned long cmd, XEN if ( d == NULL ) return -ESRCH; - if ( xsm_remove_from_physmap(XSM_TARGET, current->domain, d) ) + rc = xsm_remove_from_physmap(XSM_TARGET, current->domain, d); + if ( rc ) { rcu_unlock_domain(d); - return -EPERM; + return rc; } domain_lock(d); _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:31:52 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:31:52 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOPX-0000e2-WC; Wed, 16 Jan 2013 08:31:52 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOPW-0000dm-SI for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:31:50 +0000 Received: from [85.158.143.35:64746] by server-1.bemta-4.messagelabs.com id E7/3F-18740-47566F05; Wed, 16 Jan 2013 08:31:48 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-12.tower-21.messagelabs.com!1358324553!12566952!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 28870 invoked from network); 16 Jan 2013 08:22:34 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-12.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:34 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGX-0003tY-D2 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:33 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGX-0000is-Br for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:33 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:32 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] fix XENMEM_remove_from_physmap return value X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1358262664 -3600 # Node ID 327b812026fe62a990f1d81041729c42196983ca # Parent 78ed15cfd96aba346030df399ae04dd196475267 fix XENMEM_remove_from_physmap return value A random value is being returned as of c/s 26350:ba386fd2bf17 in the success case. Signed-off-by: Jan Beulich Acked-by: Ian Campbell Acked-by: Daniel De Graaf --- diff -r 78ed15cfd96a -r 327b812026fe xen/common/memory.c --- a/xen/common/memory.c Tue Jan 15 11:33:41 2013 +0100 +++ b/xen/common/memory.c Tue Jan 15 16:11:04 2013 +0100 @@ -687,10 +687,11 @@ long do_memory_op(unsigned long cmd, XEN if ( d == NULL ) return -ESRCH; - if ( xsm_remove_from_physmap(XSM_TARGET, current->domain, d) ) + rc = xsm_remove_from_physmap(XSM_TARGET, current->domain, d); + if ( rc ) { rcu_unlock_domain(d); - return -EPERM; + return rc; } domain_lock(d); _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:36:16 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:36:16 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOTn-0000jF-Dg; Wed, 16 Jan 2013 08:36:15 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOTl-0000jA-S1 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:36:14 +0000 Received: from [85.158.143.35:63385] by server-2.bemta-4.messagelabs.com id 9B/DC-24322-D7666F05; Wed, 16 Jan 2013 08:36:13 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-9.tower-21.messagelabs.com!1358324544!4652441!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_DONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 26026 invoked from network); 16 Jan 2013 08:22:25 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-9.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:25 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGO-0003sH-9c for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:24 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGO-0000en-1X for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:24 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:23 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] nested vmx: fix CR0/CR4 emulation X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Dongxiao Xu # Date 1357921856 -3600 # Node ID 1e2195cb44102c255b3d27c543eea8286420177a # Parent 32758c974bf8a2302c3ce9fc21c1e77d55bbc9a5 nested vmx: fix CR0/CR4 emulation While emulate CR0 and CR4 for nested virtualization, set the CR0/CR4 guest host mask to 0xffffffff in shadow VMCS, then calculate the corresponding read shadow separately for CR0 and CR4. While getting the VM exit for CR0/CR4 access, check if L1 VMM owns the bit. If so, inject the VM exit to L1 VMM. Otherwise, L0 will handle it and sync the value to L1 virtual VMCS. Signed-off-by: Dongxiao Xu Acked-by: Eddie Dong Committed-by: Jan Beulich --- diff -r 32758c974bf8 -r 1e2195cb4410 xen/arch/x86/hvm/vmx/vvmx.c --- a/xen/arch/x86/hvm/vmx/vvmx.c Fri Jan 11 13:45:09 2013 +0000 +++ b/xen/arch/x86/hvm/vmx/vvmx.c Fri Jan 11 17:30:56 2013 +0100 @@ -833,6 +833,7 @@ static void load_shadow_guest_state(stru void *vvmcs = nvcpu->nv_vvmcx; int i; u32 control; + u64 cr_gh_mask, cr_read_shadow; /* vvmcs.gstate to shadow vmcs.gstate */ for ( i = 0; i < ARRAY_SIZE(vmcs_gstate_field); i++ ) @@ -854,10 +855,20 @@ static void load_shadow_guest_state(stru vvmcs_to_shadow(vvmcs, VM_ENTRY_EXCEPTION_ERROR_CODE); vvmcs_to_shadow(vvmcs, VM_ENTRY_INSTRUCTION_LEN); - vvmcs_to_shadow(vvmcs, CR0_READ_SHADOW); - vvmcs_to_shadow(vvmcs, CR4_READ_SHADOW); - vvmcs_to_shadow(vvmcs, CR0_GUEST_HOST_MASK); - vvmcs_to_shadow(vvmcs, CR4_GUEST_HOST_MASK); + /* + * While emulate CR0 and CR4 for nested virtualization, set the CR0/CR4 + * guest host mask to 0xffffffff in shadow VMCS (follow the host L1 VMCS), + * then calculate the corresponding read shadow separately for CR0 and CR4. + */ + cr_gh_mask = __get_vvmcs(vvmcs, CR0_GUEST_HOST_MASK); + cr_read_shadow = (__get_vvmcs(vvmcs, GUEST_CR0) & ~cr_gh_mask) | + (__get_vvmcs(vvmcs, CR0_READ_SHADOW) & cr_gh_mask); + __vmwrite(CR0_READ_SHADOW, cr_read_shadow); + + cr_gh_mask = __get_vvmcs(vvmcs, CR4_GUEST_HOST_MASK); + cr_read_shadow = (__get_vvmcs(vvmcs, GUEST_CR4) & ~cr_gh_mask) | + (__get_vvmcs(vvmcs, CR4_READ_SHADOW) & cr_gh_mask); + __vmwrite(CR4_READ_SHADOW, cr_read_shadow); /* TODO: PDPTRs for nested ept */ /* TODO: CR3 target control */ @@ -913,8 +924,6 @@ static void virtual_vmentry(struct cpu_u static void sync_vvmcs_guest_state(struct vcpu *v, struct cpu_user_regs *regs) { int i; - unsigned long mask; - unsigned long cr; struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v); void *vvmcs = nvcpu->nv_vvmcx; @@ -925,23 +934,6 @@ static void sync_vvmcs_guest_state(struc __set_vvmcs(vvmcs, GUEST_RIP, regs->eip); __set_vvmcs(vvmcs, GUEST_RSP, regs->esp); - /* SDM 20.6.6: L2 guest execution may change GUEST CR0/CR4 */ - mask = __get_vvmcs(vvmcs, CR0_GUEST_HOST_MASK); - if ( ~mask ) - { - cr = __get_vvmcs(vvmcs, GUEST_CR0); - cr = (cr & mask) | (__vmread(GUEST_CR0) & ~mask); - __set_vvmcs(vvmcs, GUEST_CR0, cr); - } - - mask = __get_vvmcs(vvmcs, CR4_GUEST_HOST_MASK); - if ( ~mask ) - { - cr = __get_vvmcs(vvmcs, GUEST_CR4); - cr = (cr & mask) | (__vmread(GUEST_CR4) & ~mask); - __set_vvmcs(vvmcs, GUEST_CR4, cr); - } - /* CR3 sync if exec doesn't want cr3 load exiting: i.e. nested EPT */ if ( !(__n2_exec_control(v) & CPU_BASED_CR3_LOAD_EXITING) ) shadow_to_vvmcs(vvmcs, GUEST_CR3); @@ -1745,8 +1737,94 @@ int nvmx_n2_vmexit_handler(struct cpu_us nvcpu->nv_vmexit_pending = 1; } else /* CR0, CR4, CLTS, LMSW */ - nvcpu->nv_vmexit_pending = 1; + { + /* + * While getting the VM exit for CR0/CR4 access, check if L1 VMM owns + * the bit. + * If so, inject the VM exit to L1 VMM. + * Otherwise, L0 will handle it and sync the value to L1 virtual VMCS. + */ + unsigned long old_val, val, changed_bits; + switch ( VMX_CONTROL_REG_ACCESS_TYPE(exit_qualification) ) + { + case VMX_CONTROL_REG_ACCESS_TYPE_MOV_TO_CR: + { + unsigned long gp = VMX_CONTROL_REG_ACCESS_GPR(exit_qualification); + unsigned long *reg; + if ( (reg = decode_register(gp, guest_cpu_user_regs(), 0)) == NULL ) + { + gdprintk(XENLOG_ERR, "invalid gpr: %lx\n", gp); + break; + } + val = *reg; + if ( cr == 0 ) + { + u64 cr0_gh_mask = __get_vvmcs(nvcpu->nv_vvmcx, CR0_GUEST_HOST_MASK); + + old_val = __vmread(CR0_READ_SHADOW); + changed_bits = old_val ^ val; + if ( changed_bits & cr0_gh_mask ) + nvcpu->nv_vmexit_pending = 1; + else + { + u64 guest_cr0 = __get_vvmcs(nvcpu->nv_vvmcx, GUEST_CR0); + __set_vvmcs(nvcpu->nv_vvmcx, GUEST_CR0, + (guest_cr0 & cr0_gh_mask) | (val & ~cr0_gh_mask)); + } + } + else if ( cr == 4 ) + { + u64 cr4_gh_mask = __get_vvmcs(nvcpu->nv_vvmcx, CR4_GUEST_HOST_MASK); + + old_val = __vmread(CR4_READ_SHADOW); + changed_bits = old_val ^ val; + if ( changed_bits & cr4_gh_mask ) + nvcpu->nv_vmexit_pending = 1; + else + { + u64 guest_cr4 = __get_vvmcs(nvcpu->nv_vvmcx, GUEST_CR4); + __set_vvmcs(nvcpu->nv_vvmcx, GUEST_CR4, + (guest_cr4 & cr4_gh_mask) | (val & ~cr4_gh_mask)); + } + } + else + nvcpu->nv_vmexit_pending = 1; + break; + } + case VMX_CONTROL_REG_ACCESS_TYPE_CLTS: + { + u64 cr0_gh_mask = __get_vvmcs(nvcpu->nv_vvmcx, CR0_GUEST_HOST_MASK); + + if ( cr0_gh_mask & X86_CR0_TS ) + nvcpu->nv_vmexit_pending = 1; + else + { + u64 guest_cr0 = __get_vvmcs(nvcpu->nv_vvmcx, GUEST_CR0); + __set_vvmcs(nvcpu->nv_vvmcx, GUEST_CR0, (guest_cr0 & ~X86_CR0_TS)); + } + break; + } + case VMX_CONTROL_REG_ACCESS_TYPE_LMSW: + { + u64 cr0_gh_mask = __get_vvmcs(nvcpu->nv_vvmcx, CR0_GUEST_HOST_MASK); + + old_val = __vmread(CR0_READ_SHADOW) & 0xf; + val = (exit_qualification >> 16) & 0xf; + changed_bits = old_val ^ val; + if ( changed_bits & cr0_gh_mask ) + nvcpu->nv_vmexit_pending = 1; + else + { + u64 guest_cr0 = __get_vvmcs(nvcpu->nv_vvmcx, GUEST_CR0); + __set_vvmcs(nvcpu->nv_vvmcx, GUEST_CR0, (guest_cr0 & cr0_gh_mask) | (val & ~cr0_gh_mask)); + } + break; + } + default: + break; + } + } break; } case EXIT_REASON_APIC_ACCESS: _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 08:36:16 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 08:36:16 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOTn-0000jF-Dg; Wed, 16 Jan 2013 08:36:15 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOTl-0000jA-S1 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:36:14 +0000 Received: from [85.158.143.35:63385] by server-2.bemta-4.messagelabs.com id 9B/DC-24322-D7666F05; Wed, 16 Jan 2013 08:36:13 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-9.tower-21.messagelabs.com!1358324544!4652441!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_DONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 26026 invoked from network); 16 Jan 2013 08:22:25 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-9.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 08:22:25 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvOGO-0003sH-9c for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:24 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvOGO-0000en-1X for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 08:22:24 +0000 Message-Id: Date: Wed, 16 Jan 2013 08:22:23 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] nested vmx: fix CR0/CR4 emulation X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Dongxiao Xu # Date 1357921856 -3600 # Node ID 1e2195cb44102c255b3d27c543eea8286420177a # Parent 32758c974bf8a2302c3ce9fc21c1e77d55bbc9a5 nested vmx: fix CR0/CR4 emulation While emulate CR0 and CR4 for nested virtualization, set the CR0/CR4 guest host mask to 0xffffffff in shadow VMCS, then calculate the corresponding read shadow separately for CR0 and CR4. While getting the VM exit for CR0/CR4 access, check if L1 VMM owns the bit. If so, inject the VM exit to L1 VMM. Otherwise, L0 will handle it and sync the value to L1 virtual VMCS. Signed-off-by: Dongxiao Xu Acked-by: Eddie Dong Committed-by: Jan Beulich --- diff -r 32758c974bf8 -r 1e2195cb4410 xen/arch/x86/hvm/vmx/vvmx.c --- a/xen/arch/x86/hvm/vmx/vvmx.c Fri Jan 11 13:45:09 2013 +0000 +++ b/xen/arch/x86/hvm/vmx/vvmx.c Fri Jan 11 17:30:56 2013 +0100 @@ -833,6 +833,7 @@ static void load_shadow_guest_state(stru void *vvmcs = nvcpu->nv_vvmcx; int i; u32 control; + u64 cr_gh_mask, cr_read_shadow; /* vvmcs.gstate to shadow vmcs.gstate */ for ( i = 0; i < ARRAY_SIZE(vmcs_gstate_field); i++ ) @@ -854,10 +855,20 @@ static void load_shadow_guest_state(stru vvmcs_to_shadow(vvmcs, VM_ENTRY_EXCEPTION_ERROR_CODE); vvmcs_to_shadow(vvmcs, VM_ENTRY_INSTRUCTION_LEN); - vvmcs_to_shadow(vvmcs, CR0_READ_SHADOW); - vvmcs_to_shadow(vvmcs, CR4_READ_SHADOW); - vvmcs_to_shadow(vvmcs, CR0_GUEST_HOST_MASK); - vvmcs_to_shadow(vvmcs, CR4_GUEST_HOST_MASK); + /* + * While emulate CR0 and CR4 for nested virtualization, set the CR0/CR4 + * guest host mask to 0xffffffff in shadow VMCS (follow the host L1 VMCS), + * then calculate the corresponding read shadow separately for CR0 and CR4. + */ + cr_gh_mask = __get_vvmcs(vvmcs, CR0_GUEST_HOST_MASK); + cr_read_shadow = (__get_vvmcs(vvmcs, GUEST_CR0) & ~cr_gh_mask) | + (__get_vvmcs(vvmcs, CR0_READ_SHADOW) & cr_gh_mask); + __vmwrite(CR0_READ_SHADOW, cr_read_shadow); + + cr_gh_mask = __get_vvmcs(vvmcs, CR4_GUEST_HOST_MASK); + cr_read_shadow = (__get_vvmcs(vvmcs, GUEST_CR4) & ~cr_gh_mask) | + (__get_vvmcs(vvmcs, CR4_READ_SHADOW) & cr_gh_mask); + __vmwrite(CR4_READ_SHADOW, cr_read_shadow); /* TODO: PDPTRs for nested ept */ /* TODO: CR3 target control */ @@ -913,8 +924,6 @@ static void virtual_vmentry(struct cpu_u static void sync_vvmcs_guest_state(struct vcpu *v, struct cpu_user_regs *regs) { int i; - unsigned long mask; - unsigned long cr; struct nestedvcpu *nvcpu = &vcpu_nestedhvm(v); void *vvmcs = nvcpu->nv_vvmcx; @@ -925,23 +934,6 @@ static void sync_vvmcs_guest_state(struc __set_vvmcs(vvmcs, GUEST_RIP, regs->eip); __set_vvmcs(vvmcs, GUEST_RSP, regs->esp); - /* SDM 20.6.6: L2 guest execution may change GUEST CR0/CR4 */ - mask = __get_vvmcs(vvmcs, CR0_GUEST_HOST_MASK); - if ( ~mask ) - { - cr = __get_vvmcs(vvmcs, GUEST_CR0); - cr = (cr & mask) | (__vmread(GUEST_CR0) & ~mask); - __set_vvmcs(vvmcs, GUEST_CR0, cr); - } - - mask = __get_vvmcs(vvmcs, CR4_GUEST_HOST_MASK); - if ( ~mask ) - { - cr = __get_vvmcs(vvmcs, GUEST_CR4); - cr = (cr & mask) | (__vmread(GUEST_CR4) & ~mask); - __set_vvmcs(vvmcs, GUEST_CR4, cr); - } - /* CR3 sync if exec doesn't want cr3 load exiting: i.e. nested EPT */ if ( !(__n2_exec_control(v) & CPU_BASED_CR3_LOAD_EXITING) ) shadow_to_vvmcs(vvmcs, GUEST_CR3); @@ -1745,8 +1737,94 @@ int nvmx_n2_vmexit_handler(struct cpu_us nvcpu->nv_vmexit_pending = 1; } else /* CR0, CR4, CLTS, LMSW */ - nvcpu->nv_vmexit_pending = 1; + { + /* + * While getting the VM exit for CR0/CR4 access, check if L1 VMM owns + * the bit. + * If so, inject the VM exit to L1 VMM. + * Otherwise, L0 will handle it and sync the value to L1 virtual VMCS. + */ + unsigned long old_val, val, changed_bits; + switch ( VMX_CONTROL_REG_ACCESS_TYPE(exit_qualification) ) + { + case VMX_CONTROL_REG_ACCESS_TYPE_MOV_TO_CR: + { + unsigned long gp = VMX_CONTROL_REG_ACCESS_GPR(exit_qualification); + unsigned long *reg; + if ( (reg = decode_register(gp, guest_cpu_user_regs(), 0)) == NULL ) + { + gdprintk(XENLOG_ERR, "invalid gpr: %lx\n", gp); + break; + } + val = *reg; + if ( cr == 0 ) + { + u64 cr0_gh_mask = __get_vvmcs(nvcpu->nv_vvmcx, CR0_GUEST_HOST_MASK); + + old_val = __vmread(CR0_READ_SHADOW); + changed_bits = old_val ^ val; + if ( changed_bits & cr0_gh_mask ) + nvcpu->nv_vmexit_pending = 1; + else + { + u64 guest_cr0 = __get_vvmcs(nvcpu->nv_vvmcx, GUEST_CR0); + __set_vvmcs(nvcpu->nv_vvmcx, GUEST_CR0, + (guest_cr0 & cr0_gh_mask) | (val & ~cr0_gh_mask)); + } + } + else if ( cr == 4 ) + { + u64 cr4_gh_mask = __get_vvmcs(nvcpu->nv_vvmcx, CR4_GUEST_HOST_MASK); + + old_val = __vmread(CR4_READ_SHADOW); + changed_bits = old_val ^ val; + if ( changed_bits & cr4_gh_mask ) + nvcpu->nv_vmexit_pending = 1; + else + { + u64 guest_cr4 = __get_vvmcs(nvcpu->nv_vvmcx, GUEST_CR4); + __set_vvmcs(nvcpu->nv_vvmcx, GUEST_CR4, + (guest_cr4 & cr4_gh_mask) | (val & ~cr4_gh_mask)); + } + } + else + nvcpu->nv_vmexit_pending = 1; + break; + } + case VMX_CONTROL_REG_ACCESS_TYPE_CLTS: + { + u64 cr0_gh_mask = __get_vvmcs(nvcpu->nv_vvmcx, CR0_GUEST_HOST_MASK); + + if ( cr0_gh_mask & X86_CR0_TS ) + nvcpu->nv_vmexit_pending = 1; + else + { + u64 guest_cr0 = __get_vvmcs(nvcpu->nv_vvmcx, GUEST_CR0); + __set_vvmcs(nvcpu->nv_vvmcx, GUEST_CR0, (guest_cr0 & ~X86_CR0_TS)); + } + break; + } + case VMX_CONTROL_REG_ACCESS_TYPE_LMSW: + { + u64 cr0_gh_mask = __get_vvmcs(nvcpu->nv_vvmcx, CR0_GUEST_HOST_MASK); + + old_val = __vmread(CR0_READ_SHADOW) & 0xf; + val = (exit_qualification >> 16) & 0xf; + changed_bits = old_val ^ val; + if ( changed_bits & cr0_gh_mask ) + nvcpu->nv_vmexit_pending = 1; + else + { + u64 guest_cr0 = __get_vvmcs(nvcpu->nv_vvmcx, GUEST_CR0); + __set_vvmcs(nvcpu->nv_vvmcx, GUEST_CR0, (guest_cr0 & cr0_gh_mask) | (val & ~cr0_gh_mask)); + } + break; + } + default: + break; + } + } break; } case EXIT_REASON_APIC_ACCESS: _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 14:12:17 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 14:12:17 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvTiu-0000Fn-WC; Wed, 16 Jan 2013 14:12:12 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvTiu-0000Ff-ES for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 14:12:12 +0000 Received: from [85.158.143.35:9473] by server-3.bemta-4.messagelabs.com id BA/63-19220-B35B6F05; Wed, 16 Jan 2013 14:12:11 +0000 X-Env-Sender: ian.jackson@eu.citrix.com X-Msg-Ref: server-14.tower-21.messagelabs.com!1358345464!16510467!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.8 required=7.0 tests=MANY_EXCLAMATIONS X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 8886 invoked from network); 16 Jan 2013 14:11:14 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-14.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 14:11:14 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvTho-0007qI-8v for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 14:11:04 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvThn-0001IA-QX for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 14:11:04 +0000 Date: Wed, 16 Jan 2013 14:11:03 +0000 Message-Id: From: patchbot@xen.org To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [qemu-xen-unstable] e1000: Discard packets that are too long if !SBP and !LPE X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org commit 4c2cae2a882db4d2a231b27b3b31a5bbec6dacbf Author: Michael Contreras Date: Sun Dec 2 20:11:22 2012 -0800 e1000: Discard packets that are too long if !SBP and !LPE The e1000_receive function for the e1000 needs to discard packets longer than 1522 bytes if the SBP and LPE flags are disabled. The linux driver assumes this behavior and allocates memory based on this assumption. Signed-off-by: Michael Contreras Signed-off-by: Anthony Liguori [ This is a security vulnerability, CVE-2012-6075 / XSA-41. ] --- hw/e1000.c | 10 ++++++++++ 1 files changed, 10 insertions(+), 0 deletions(-) diff --git a/hw/e1000.c b/hw/e1000.c index 97104ed..f0673f0 100644 --- a/hw/e1000.c +++ b/hw/e1000.c @@ -55,6 +55,9 @@ static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL); #define REG_IOADDR 0x0 #define REG_IODATA 0x4 +/* this is the size past which hardware will drop packets when setting LPE=0 */ +#define MAXIMUM_ETHERNET_VLAN_SIZE 1522 + /* * HW models: * E1000_DEV_ID_82540EM works with Windows and Linux @@ -628,6 +631,13 @@ e1000_receive(void *opaque, const uint8_t *buf, int size) return; } + /* Discard oversized packets if !LPE and !SBP. */ + if (size > MAXIMUM_ETHERNET_VLAN_SIZE + && !(s->mac_reg[RCTL] & E1000_RCTL_LPE) + && !(s->mac_reg[RCTL] & E1000_RCTL_SBP)) { + return size; + } + if (!receive_filter(s, buf, size)) return; -- generated by git-patchbot for /home/xen/git/qemu-xen-unstable.git _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 14:12:17 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 14:12:17 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvTiu-0000Fn-WC; Wed, 16 Jan 2013 14:12:12 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvTiu-0000Ff-ES for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 14:12:12 +0000 Received: from [85.158.143.35:9473] by server-3.bemta-4.messagelabs.com id BA/63-19220-B35B6F05; Wed, 16 Jan 2013 14:12:11 +0000 X-Env-Sender: ian.jackson@eu.citrix.com X-Msg-Ref: server-14.tower-21.messagelabs.com!1358345464!16510467!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.8 required=7.0 tests=MANY_EXCLAMATIONS X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 8886 invoked from network); 16 Jan 2013 14:11:14 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-14.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 14:11:14 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvTho-0007qI-8v for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 14:11:04 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvThn-0001IA-QX for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 14:11:04 +0000 Date: Wed, 16 Jan 2013 14:11:03 +0000 Message-Id: From: patchbot@xen.org To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [qemu-xen-unstable] e1000: Discard packets that are too long if !SBP and !LPE X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org commit 4c2cae2a882db4d2a231b27b3b31a5bbec6dacbf Author: Michael Contreras Date: Sun Dec 2 20:11:22 2012 -0800 e1000: Discard packets that are too long if !SBP and !LPE The e1000_receive function for the e1000 needs to discard packets longer than 1522 bytes if the SBP and LPE flags are disabled. The linux driver assumes this behavior and allocates memory based on this assumption. Signed-off-by: Michael Contreras Signed-off-by: Anthony Liguori [ This is a security vulnerability, CVE-2012-6075 / XSA-41. ] --- hw/e1000.c | 10 ++++++++++ 1 files changed, 10 insertions(+), 0 deletions(-) diff --git a/hw/e1000.c b/hw/e1000.c index 97104ed..f0673f0 100644 --- a/hw/e1000.c +++ b/hw/e1000.c @@ -55,6 +55,9 @@ static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL); #define REG_IOADDR 0x0 #define REG_IODATA 0x4 +/* this is the size past which hardware will drop packets when setting LPE=0 */ +#define MAXIMUM_ETHERNET_VLAN_SIZE 1522 + /* * HW models: * E1000_DEV_ID_82540EM works with Windows and Linux @@ -628,6 +631,13 @@ e1000_receive(void *opaque, const uint8_t *buf, int size) return; } + /* Discard oversized packets if !LPE and !SBP. */ + if (size > MAXIMUM_ETHERNET_VLAN_SIZE + && !(s->mac_reg[RCTL] & E1000_RCTL_LPE) + && !(s->mac_reg[RCTL] & E1000_RCTL_SBP)) { + return size; + } + if (!receive_filter(s, buf, size)) return; -- generated by git-patchbot for /home/xen/git/qemu-xen-unstable.git _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 14:22:19 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 14:22:19 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvTsY-0000Yt-7C; Wed, 16 Jan 2013 14:22:10 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvTsW-0000Yo-C4 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 14:22:08 +0000 Received: from [85.158.139.211:22100] by server-9.bemta-5.messagelabs.com id 59/CF-04901-F87B6F05; Wed, 16 Jan 2013 14:22:07 +0000 X-Env-Sender: ian.jackson@eu.citrix.com X-Msg-Ref: server-6.tower-206.messagelabs.com!1358346125!18390818!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.8 required=7.0 tests=MANY_EXCLAMATIONS X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 3861 invoked from network); 16 Jan 2013 14:22:06 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-6.tower-206.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 14:22:06 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvTsT-0007yP-9n for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 14:22:05 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvTsT-0001cE-1R for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 14:22:05 +0000 Date: Wed, 16 Jan 2013 14:22:05 +0000 Message-Id: From: patchbot@xen.org To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [qemu-xen-4.1-testing] e1000: Discard packets that are too long if !SBP and !LPE X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org commit b4e9b8169dedc0bcf0d3abe07642f761ac70aeea Author: Michael Contreras Date: Sun Dec 2 20:11:22 2012 -0800 e1000: Discard packets that are too long if !SBP and !LPE The e1000_receive function for the e1000 needs to discard packets longer than 1522 bytes if the SBP and LPE flags are disabled. The linux driver assumes this behavior and allocates memory based on this assumption. Signed-off-by: Michael Contreras Signed-off-by: Anthony Liguori [ This is a security vulnerability, CVE-2012-6075 / XSA-41. ] (cherry picked from commit 4c2cae2a882db4d2a231b27b3b31a5bbec6dacbf) --- hw/e1000.c | 10 ++++++++++ 1 files changed, 10 insertions(+), 0 deletions(-) diff --git a/hw/e1000.c b/hw/e1000.c index 97104ed..f0673f0 100644 --- a/hw/e1000.c +++ b/hw/e1000.c @@ -55,6 +55,9 @@ static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL); #define REG_IOADDR 0x0 #define REG_IODATA 0x4 +/* this is the size past which hardware will drop packets when setting LPE=0 */ +#define MAXIMUM_ETHERNET_VLAN_SIZE 1522 + /* * HW models: * E1000_DEV_ID_82540EM works with Windows and Linux @@ -628,6 +631,13 @@ e1000_receive(void *opaque, const uint8_t *buf, int size) return; } + /* Discard oversized packets if !LPE and !SBP. */ + if (size > MAXIMUM_ETHERNET_VLAN_SIZE + && !(s->mac_reg[RCTL] & E1000_RCTL_LPE) + && !(s->mac_reg[RCTL] & E1000_RCTL_SBP)) { + return size; + } + if (!receive_filter(s, buf, size)) return; -- generated by git-patchbot for /home/xen/git/qemu-xen-4.1-testing.git _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 14:22:19 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 14:22:19 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvTsY-0000Yt-7C; Wed, 16 Jan 2013 14:22:10 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvTsW-0000Yo-C4 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 14:22:08 +0000 Received: from [85.158.139.211:22100] by server-9.bemta-5.messagelabs.com id 59/CF-04901-F87B6F05; Wed, 16 Jan 2013 14:22:07 +0000 X-Env-Sender: ian.jackson@eu.citrix.com X-Msg-Ref: server-6.tower-206.messagelabs.com!1358346125!18390818!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.8 required=7.0 tests=MANY_EXCLAMATIONS X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 3861 invoked from network); 16 Jan 2013 14:22:06 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-6.tower-206.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 14:22:06 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvTsT-0007yP-9n for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 14:22:05 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvTsT-0001cE-1R for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 14:22:05 +0000 Date: Wed, 16 Jan 2013 14:22:05 +0000 Message-Id: From: patchbot@xen.org To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [qemu-xen-4.1-testing] e1000: Discard packets that are too long if !SBP and !LPE X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org commit b4e9b8169dedc0bcf0d3abe07642f761ac70aeea Author: Michael Contreras Date: Sun Dec 2 20:11:22 2012 -0800 e1000: Discard packets that are too long if !SBP and !LPE The e1000_receive function for the e1000 needs to discard packets longer than 1522 bytes if the SBP and LPE flags are disabled. The linux driver assumes this behavior and allocates memory based on this assumption. Signed-off-by: Michael Contreras Signed-off-by: Anthony Liguori [ This is a security vulnerability, CVE-2012-6075 / XSA-41. ] (cherry picked from commit 4c2cae2a882db4d2a231b27b3b31a5bbec6dacbf) --- hw/e1000.c | 10 ++++++++++ 1 files changed, 10 insertions(+), 0 deletions(-) diff --git a/hw/e1000.c b/hw/e1000.c index 97104ed..f0673f0 100644 --- a/hw/e1000.c +++ b/hw/e1000.c @@ -55,6 +55,9 @@ static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL); #define REG_IOADDR 0x0 #define REG_IODATA 0x4 +/* this is the size past which hardware will drop packets when setting LPE=0 */ +#define MAXIMUM_ETHERNET_VLAN_SIZE 1522 + /* * HW models: * E1000_DEV_ID_82540EM works with Windows and Linux @@ -628,6 +631,13 @@ e1000_receive(void *opaque, const uint8_t *buf, int size) return; } + /* Discard oversized packets if !LPE and !SBP. */ + if (size > MAXIMUM_ETHERNET_VLAN_SIZE + && !(s->mac_reg[RCTL] & E1000_RCTL_LPE) + && !(s->mac_reg[RCTL] & E1000_RCTL_SBP)) { + return size; + } + if (!receive_filter(s, buf, size)) return; -- generated by git-patchbot for /home/xen/git/qemu-xen-4.1-testing.git _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 14:22:32 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 14:22:32 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvTsr-0000Zn-Aq; Wed, 16 Jan 2013 14:22:29 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvTsq-0000Zf-7x for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 14:22:28 +0000 Received: from [85.158.143.35:32514] by server-2.bemta-4.messagelabs.com id 4D/C4-24322-3A7B6F05; Wed, 16 Jan 2013 14:22:27 +0000 X-Env-Sender: ian.jackson@eu.citrix.com X-Msg-Ref: server-16.tower-21.messagelabs.com!1358346145!13151923!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.8 required=7.0 tests=MANY_EXCLAMATIONS X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 31096 invoked from network); 16 Jan 2013 14:22:26 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-16.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 14:22:26 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvTsm-0007yV-Ub for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 14:22:24 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvTsm-0001df-L1 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 14:22:24 +0000 Date: Wed, 16 Jan 2013 14:22:24 +0000 Message-Id: From: patchbot@xen.org To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [qemu-xen-4.2-testing] e1000: Discard packets that are too long if !SBP and !LPE X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org commit 48d332ba8ef0bd9754b9d16f9e5629b00f85d735 Author: Michael Contreras Date: Sun Dec 2 20:11:22 2012 -0800 e1000: Discard packets that are too long if !SBP and !LPE The e1000_receive function for the e1000 needs to discard packets longer than 1522 bytes if the SBP and LPE flags are disabled. The linux driver assumes this behavior and allocates memory based on this assumption. Signed-off-by: Michael Contreras Signed-off-by: Anthony Liguori [ This is a security vulnerability, CVE-2012-6075 / XSA-41. ] (cherry picked from commit 4c2cae2a882db4d2a231b27b3b31a5bbec6dacbf) --- hw/e1000.c | 10 ++++++++++ 1 files changed, 10 insertions(+), 0 deletions(-) diff --git a/hw/e1000.c b/hw/e1000.c index 97104ed..f0673f0 100644 --- a/hw/e1000.c +++ b/hw/e1000.c @@ -55,6 +55,9 @@ static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL); #define REG_IOADDR 0x0 #define REG_IODATA 0x4 +/* this is the size past which hardware will drop packets when setting LPE=0 */ +#define MAXIMUM_ETHERNET_VLAN_SIZE 1522 + /* * HW models: * E1000_DEV_ID_82540EM works with Windows and Linux @@ -628,6 +631,13 @@ e1000_receive(void *opaque, const uint8_t *buf, int size) return; } + /* Discard oversized packets if !LPE and !SBP. */ + if (size > MAXIMUM_ETHERNET_VLAN_SIZE + && !(s->mac_reg[RCTL] & E1000_RCTL_LPE) + && !(s->mac_reg[RCTL] & E1000_RCTL_SBP)) { + return size; + } + if (!receive_filter(s, buf, size)) return; -- generated by git-patchbot for /home/xen/git/qemu-xen-4.2-testing.git _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 14:22:32 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 14:22:32 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvTsr-0000Zn-Aq; Wed, 16 Jan 2013 14:22:29 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvTsq-0000Zf-7x for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 14:22:28 +0000 Received: from [85.158.143.35:32514] by server-2.bemta-4.messagelabs.com id 4D/C4-24322-3A7B6F05; Wed, 16 Jan 2013 14:22:27 +0000 X-Env-Sender: ian.jackson@eu.citrix.com X-Msg-Ref: server-16.tower-21.messagelabs.com!1358346145!13151923!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.8 required=7.0 tests=MANY_EXCLAMATIONS X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 31096 invoked from network); 16 Jan 2013 14:22:26 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-16.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 14:22:26 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvTsm-0007yV-Ub for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 14:22:24 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvTsm-0001df-L1 for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 14:22:24 +0000 Date: Wed, 16 Jan 2013 14:22:24 +0000 Message-Id: From: patchbot@xen.org To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [qemu-xen-4.2-testing] e1000: Discard packets that are too long if !SBP and !LPE X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org commit 48d332ba8ef0bd9754b9d16f9e5629b00f85d735 Author: Michael Contreras Date: Sun Dec 2 20:11:22 2012 -0800 e1000: Discard packets that are too long if !SBP and !LPE The e1000_receive function for the e1000 needs to discard packets longer than 1522 bytes if the SBP and LPE flags are disabled. The linux driver assumes this behavior and allocates memory based on this assumption. Signed-off-by: Michael Contreras Signed-off-by: Anthony Liguori [ This is a security vulnerability, CVE-2012-6075 / XSA-41. ] (cherry picked from commit 4c2cae2a882db4d2a231b27b3b31a5bbec6dacbf) --- hw/e1000.c | 10 ++++++++++ 1 files changed, 10 insertions(+), 0 deletions(-) diff --git a/hw/e1000.c b/hw/e1000.c index 97104ed..f0673f0 100644 --- a/hw/e1000.c +++ b/hw/e1000.c @@ -55,6 +55,9 @@ static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL); #define REG_IOADDR 0x0 #define REG_IODATA 0x4 +/* this is the size past which hardware will drop packets when setting LPE=0 */ +#define MAXIMUM_ETHERNET_VLAN_SIZE 1522 + /* * HW models: * E1000_DEV_ID_82540EM works with Windows and Linux @@ -628,6 +631,13 @@ e1000_receive(void *opaque, const uint8_t *buf, int size) return; } + /* Discard oversized packets if !LPE and !SBP. */ + if (size > MAXIMUM_ETHERNET_VLAN_SIZE + && !(s->mac_reg[RCTL] & E1000_RCTL_LPE) + && !(s->mac_reg[RCTL] & E1000_RCTL_SBP)) { + return size; + } + if (!receive_filter(s, buf, size)) return; -- generated by git-patchbot for /home/xen/git/qemu-xen-4.2-testing.git _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 19:00:20 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 19:00:20 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvYDh-0003HK-JZ; Wed, 16 Jan 2013 19:00:17 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvYDf-0003GY-KK for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 19:00:15 +0000 Received: from [85.158.138.51:6974] by server-9.bemta-3.messagelabs.com id F7/CB-04352-EB8F6F05; Wed, 16 Jan 2013 19:00:14 +0000 X-Env-Sender: ian.jackson@eu.citrix.com X-Msg-Ref: server-8.tower-174.messagelabs.com!1358362813!28254294!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 3073 invoked from network); 16 Jan 2013 19:00:14 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-8.tower-174.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 19:00:14 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvYDc-000364-Rh for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 19:00:12 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvYDY-0000rz-0D for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 19:00:11 +0000 Date: Wed, 16 Jan 2013 19:00:08 +0000 Message-Id: From: patchbot@xen.org To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [qemu-upstream-unstable] xen_disk: fix memory leak X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============3322049636580343265==" Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org --===============3322049636580343265== Content-Type: text/plain commit 7dc2caee5569a7d6aed019fe2bd6e43d83f9845e Author: Roger Pau Monne Date: Mon Jan 14 18:26:53 2013 +0000 xen_disk: fix memory leak On ioreq_release the full ioreq was memset to 0, loosing all the data and memory allocations inside the QEMUIOVector, which leads to a memory leak. Create a new function to specifically reset ioreq. upstream-commit-id: 282c6a2f292705f823554447ca0b7731b6f81a97 Reported-by: Maik Wessler Signed-off-by: Roger Pau Monné Signed-off-by: Stefano Stabellini --- hw/xen_disk.c | 28 ++++++++++++++++++++++++++-- 1 files changed, 26 insertions(+), 2 deletions(-) diff --git a/hw/xen_disk.c b/hw/xen_disk.c index e6bb2f2..ecb8834 100644 --- a/hw/xen_disk.c +++ b/hw/xen_disk.c @@ -113,6 +113,31 @@ struct XenBlkDev { /* ------------------------------------------------------------- */ +static void ioreq_reset(struct ioreq *ioreq) +{ + memset(&ioreq->req, 0, sizeof(ioreq->req)); + ioreq->status = 0; + ioreq->start = 0; + ioreq->presync = 0; + ioreq->postsync = 0; + ioreq->mapped = 0; + + memset(ioreq->domids, 0, sizeof(ioreq->domids)); + memset(ioreq->refs, 0, sizeof(ioreq->refs)); + ioreq->prot = 0; + memset(ioreq->page, 0, sizeof(ioreq->page)); + ioreq->pages = NULL; + + ioreq->aio_inflight = 0; + ioreq->aio_errors = 0; + + ioreq->blkdev = NULL; + memset(&ioreq->list, 0, sizeof(ioreq->list)); + memset(&ioreq->acct, 0, sizeof(ioreq->acct)); + + qemu_iovec_reset(&ioreq->v); +} + static struct ioreq *ioreq_start(struct XenBlkDev *blkdev) { struct ioreq *ioreq = NULL; @@ -130,7 +155,6 @@ static struct ioreq *ioreq_start(struct XenBlkDev *blkdev) /* get one from freelist */ ioreq = QLIST_FIRST(&blkdev->freelist); QLIST_REMOVE(ioreq, list); - qemu_iovec_reset(&ioreq->v); } QLIST_INSERT_HEAD(&blkdev->inflight, ioreq, list); blkdev->requests_inflight++; @@ -154,7 +178,7 @@ static void ioreq_release(struct ioreq *ioreq, bool finish) struct XenBlkDev *blkdev = ioreq->blkdev; QLIST_REMOVE(ioreq, list); - memset(ioreq, 0, sizeof(*ioreq)); + ioreq_reset(ioreq); ioreq->blkdev = blkdev; QLIST_INSERT_HEAD(&blkdev->freelist, ioreq, list); if (finish) { -- generated by git-patchbot for /home/xen/git/qemu-upstream-unstable.git --===============3322049636580343265== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog --===============3322049636580343265==-- From xen-changelog-bounces@lists.xen.org Wed Jan 16 19:00:20 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 19:00:20 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvYDh-0003HK-JZ; Wed, 16 Jan 2013 19:00:17 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvYDf-0003GY-KK for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 19:00:15 +0000 Received: from [85.158.138.51:6974] by server-9.bemta-3.messagelabs.com id F7/CB-04352-EB8F6F05; Wed, 16 Jan 2013 19:00:14 +0000 X-Env-Sender: ian.jackson@eu.citrix.com X-Msg-Ref: server-8.tower-174.messagelabs.com!1358362813!28254294!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 3073 invoked from network); 16 Jan 2013 19:00:14 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-8.tower-174.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 19:00:14 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvYDc-000364-Rh for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 19:00:12 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvYDY-0000rz-0D for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 19:00:11 +0000 Date: Wed, 16 Jan 2013 19:00:08 +0000 Message-Id: From: patchbot@xen.org To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [qemu-upstream-unstable] xen_disk: fix memory leak X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============3322049636580343265==" Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org --===============3322049636580343265== Content-Type: text/plain commit 7dc2caee5569a7d6aed019fe2bd6e43d83f9845e Author: Roger Pau Monne Date: Mon Jan 14 18:26:53 2013 +0000 xen_disk: fix memory leak On ioreq_release the full ioreq was memset to 0, loosing all the data and memory allocations inside the QEMUIOVector, which leads to a memory leak. Create a new function to specifically reset ioreq. upstream-commit-id: 282c6a2f292705f823554447ca0b7731b6f81a97 Reported-by: Maik Wessler Signed-off-by: Roger Pau Monné Signed-off-by: Stefano Stabellini --- hw/xen_disk.c | 28 ++++++++++++++++++++++++++-- 1 files changed, 26 insertions(+), 2 deletions(-) diff --git a/hw/xen_disk.c b/hw/xen_disk.c index e6bb2f2..ecb8834 100644 --- a/hw/xen_disk.c +++ b/hw/xen_disk.c @@ -113,6 +113,31 @@ struct XenBlkDev { /* ------------------------------------------------------------- */ +static void ioreq_reset(struct ioreq *ioreq) +{ + memset(&ioreq->req, 0, sizeof(ioreq->req)); + ioreq->status = 0; + ioreq->start = 0; + ioreq->presync = 0; + ioreq->postsync = 0; + ioreq->mapped = 0; + + memset(ioreq->domids, 0, sizeof(ioreq->domids)); + memset(ioreq->refs, 0, sizeof(ioreq->refs)); + ioreq->prot = 0; + memset(ioreq->page, 0, sizeof(ioreq->page)); + ioreq->pages = NULL; + + ioreq->aio_inflight = 0; + ioreq->aio_errors = 0; + + ioreq->blkdev = NULL; + memset(&ioreq->list, 0, sizeof(ioreq->list)); + memset(&ioreq->acct, 0, sizeof(ioreq->acct)); + + qemu_iovec_reset(&ioreq->v); +} + static struct ioreq *ioreq_start(struct XenBlkDev *blkdev) { struct ioreq *ioreq = NULL; @@ -130,7 +155,6 @@ static struct ioreq *ioreq_start(struct XenBlkDev *blkdev) /* get one from freelist */ ioreq = QLIST_FIRST(&blkdev->freelist); QLIST_REMOVE(ioreq, list); - qemu_iovec_reset(&ioreq->v); } QLIST_INSERT_HEAD(&blkdev->inflight, ioreq, list); blkdev->requests_inflight++; @@ -154,7 +178,7 @@ static void ioreq_release(struct ioreq *ioreq, bool finish) struct XenBlkDev *blkdev = ioreq->blkdev; QLIST_REMOVE(ioreq, list); - memset(ioreq, 0, sizeof(*ioreq)); + ioreq_reset(ioreq); ioreq->blkdev = blkdev; QLIST_INSERT_HEAD(&blkdev->freelist, ioreq, list); if (finish) { -- generated by git-patchbot for /home/xen/git/qemu-upstream-unstable.git --===============3322049636580343265== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog --===============3322049636580343265==-- From xen-changelog-bounces@lists.xen.org Wed Jan 16 19:01:04 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 19:01:04 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvYEP-0003UF-79; Wed, 16 Jan 2013 19:01:01 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvYEO-0003TX-Bh for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 19:01:00 +0000 Received: from [85.158.143.35:62207] by server-3.bemta-4.messagelabs.com id 6B/DF-19220-BE8F6F05; Wed, 16 Jan 2013 19:00:59 +0000 X-Env-Sender: ian.jackson@eu.citrix.com X-Msg-Ref: server-5.tower-21.messagelabs.com!1358362856!4723842!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 5621 invoked from network); 16 Jan 2013 19:00:57 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-5.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 19:00:57 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvYEK-00036F-7j for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 19:00:56 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvYDn-0000tA-3C for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 19:00:55 +0000 Date: Wed, 16 Jan 2013 19:00:23 +0000 Message-Id: From: patchbot@xen.org To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [qemu-upstream-unstable] xen_disk: add persistent grant support to xen_disk backend X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============3240249723108258387==" Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org --===============3240249723108258387== Content-Type: text/plain commit b0acf299c1dc6b1d40193399659f06bacc14c5e6 Author: Roger Pau Monne Date: Mon Jan 14 18:28:19 2013 +0000 xen_disk: add persistent grant support to xen_disk backend This protocol extension reuses the same set of grant pages for all transactions between the front/back drivers, avoiding expensive tlb flushes, grant table lock contention and switches between userspace and kernel space. The full description of the protocol can be found in the public blkif.h header. http://xenbits.xen.org/gitweb/?p=xen.git;a=blob_plain;f=xen/include/public/io/blkif.h Speed improvement with 15 guests performing I/O is ~450%. upstream-commit-id: 9e496d7458bb01b717afe22db10a724db57d53fd Signed-off-by: Roger Pau Monné Signed-off-by: Stefano Stabellini --- hw/xen_disk.c | 171 +++++++++++++++++++++++++++++++++++++++++++++++++++------ 1 files changed, 154 insertions(+), 17 deletions(-) diff --git a/hw/xen_disk.c b/hw/xen_disk.c index ecb8834..1ffc80c 100644 --- a/hw/xen_disk.c +++ b/hw/xen_disk.c @@ -52,6 +52,13 @@ static int max_requests = 32; #define BLOCK_SIZE 512 #define IOCB_COUNT (BLKIF_MAX_SEGMENTS_PER_REQUEST + 2) +struct PersistentGrant { + void *page; + struct XenBlkDev *blkdev; +}; + +typedef struct PersistentGrant PersistentGrant; + struct ioreq { blkif_request_t req; int16_t status; @@ -69,6 +76,7 @@ struct ioreq { int prot; void *page[BLKIF_MAX_SEGMENTS_PER_REQUEST]; void *pages; + int num_unmap; /* aio status */ int aio_inflight; @@ -105,6 +113,12 @@ struct XenBlkDev { int requests_inflight; int requests_finished; + /* Persistent grants extension */ + gboolean feature_persistent; + GTree *persistent_gnts; + unsigned int persistent_gnt_count; + unsigned int max_grants; + /* qemu block driver */ DriveInfo *dinfo; BlockDriverState *bs; @@ -138,6 +152,29 @@ static void ioreq_reset(struct ioreq *ioreq) qemu_iovec_reset(&ioreq->v); } +static gint int_cmp(gconstpointer a, gconstpointer b, gpointer user_data) +{ + uint ua = GPOINTER_TO_UINT(a); + uint ub = GPOINTER_TO_UINT(b); + return (ua > ub) - (ua < ub); +} + +static void destroy_grant(gpointer pgnt) +{ + PersistentGrant *grant = pgnt; + XenGnttab gnt = grant->blkdev->xendev.gnttabdev; + + if (xc_gnttab_munmap(gnt, grant->page, 1) != 0) { + xen_be_printf(&grant->blkdev->xendev, 0, + "xc_gnttab_munmap failed: %s\n", + strerror(errno)); + } + grant->blkdev->persistent_gnt_count--; + xen_be_printf(&grant->blkdev->xendev, 3, + "unmapped grant %p\n", grant->page); + g_free(grant); +} + static struct ioreq *ioreq_start(struct XenBlkDev *blkdev) { struct ioreq *ioreq = NULL; @@ -266,21 +303,21 @@ static void ioreq_unmap(struct ioreq *ioreq) XenGnttab gnt = ioreq->blkdev->xendev.gnttabdev; int i; - if (ioreq->v.niov == 0 || ioreq->mapped == 0) { + if (ioreq->num_unmap == 0 || ioreq->mapped == 0) { return; } if (batch_maps) { if (!ioreq->pages) { return; } - if (xc_gnttab_munmap(gnt, ioreq->pages, ioreq->v.niov) != 0) { + if (xc_gnttab_munmap(gnt, ioreq->pages, ioreq->num_unmap) != 0) { xen_be_printf(&ioreq->blkdev->xendev, 0, "xc_gnttab_munmap failed: %s\n", strerror(errno)); } - ioreq->blkdev->cnt_map -= ioreq->v.niov; + ioreq->blkdev->cnt_map -= ioreq->num_unmap; ioreq->pages = NULL; } else { - for (i = 0; i < ioreq->v.niov; i++) { + for (i = 0; i < ioreq->num_unmap; i++) { if (!ioreq->page[i]) { continue; } @@ -298,41 +335,120 @@ static void ioreq_unmap(struct ioreq *ioreq) static int ioreq_map(struct ioreq *ioreq) { XenGnttab gnt = ioreq->blkdev->xendev.gnttabdev; - int i; + uint32_t domids[BLKIF_MAX_SEGMENTS_PER_REQUEST]; + uint32_t refs[BLKIF_MAX_SEGMENTS_PER_REQUEST]; + void *page[BLKIF_MAX_SEGMENTS_PER_REQUEST]; + int i, j, new_maps = 0; + PersistentGrant *grant; + /* domids and refs variables will contain the information necessary + * to map the grants that are needed to fulfill this request. + * + * After mapping the needed grants, the page array will contain the + * memory address of each granted page in the order specified in ioreq + * (disregarding if it's a persistent grant or not). + */ if (ioreq->v.niov == 0 || ioreq->mapped == 1) { return 0; } - if (batch_maps) { + if (ioreq->blkdev->feature_persistent) { + for (i = 0; i < ioreq->v.niov; i++) { + grant = g_tree_lookup(ioreq->blkdev->persistent_gnts, + GUINT_TO_POINTER(ioreq->refs[i])); + + if (grant != NULL) { + page[i] = grant->page; + xen_be_printf(&ioreq->blkdev->xendev, 3, + "using persistent-grant %" PRIu32 "\n", + ioreq->refs[i]); + } else { + /* Add the grant to the list of grants that + * should be mapped + */ + domids[new_maps] = ioreq->domids[i]; + refs[new_maps] = ioreq->refs[i]; + page[i] = NULL; + new_maps++; + } + } + /* Set the protection to RW, since grants may be reused later + * with a different protection than the one needed for this request + */ + ioreq->prot = PROT_WRITE | PROT_READ; + } else { + /* All grants in the request should be mapped */ + memcpy(refs, ioreq->refs, sizeof(refs)); + memcpy(domids, ioreq->domids, sizeof(domids)); + memset(page, 0, sizeof(page)); + new_maps = ioreq->v.niov; + } + + if (batch_maps && new_maps) { ioreq->pages = xc_gnttab_map_grant_refs - (gnt, ioreq->v.niov, ioreq->domids, ioreq->refs, ioreq->prot); + (gnt, new_maps, domids, refs, ioreq->prot); if (ioreq->pages == NULL) { xen_be_printf(&ioreq->blkdev->xendev, 0, "can't map %d grant refs (%s, %d maps)\n", - ioreq->v.niov, strerror(errno), ioreq->blkdev->cnt_map); + new_maps, strerror(errno), ioreq->blkdev->cnt_map); return -1; } - for (i = 0; i < ioreq->v.niov; i++) { - ioreq->v.iov[i].iov_base = ioreq->pages + i * XC_PAGE_SIZE + - (uintptr_t)ioreq->v.iov[i].iov_base; + for (i = 0, j = 0; i < ioreq->v.niov; i++) { + if (page[i] == NULL) { + page[i] = ioreq->pages + (j++) * XC_PAGE_SIZE; + } } - ioreq->blkdev->cnt_map += ioreq->v.niov; - } else { - for (i = 0; i < ioreq->v.niov; i++) { + ioreq->blkdev->cnt_map += new_maps; + } else if (new_maps) { + for (i = 0; i < new_maps; i++) { ioreq->page[i] = xc_gnttab_map_grant_ref - (gnt, ioreq->domids[i], ioreq->refs[i], ioreq->prot); + (gnt, domids[i], refs[i], ioreq->prot); if (ioreq->page[i] == NULL) { xen_be_printf(&ioreq->blkdev->xendev, 0, "can't map grant ref %d (%s, %d maps)\n", - ioreq->refs[i], strerror(errno), ioreq->blkdev->cnt_map); + refs[i], strerror(errno), ioreq->blkdev->cnt_map); ioreq_unmap(ioreq); return -1; } - ioreq->v.iov[i].iov_base = ioreq->page[i] + (uintptr_t)ioreq->v.iov[i].iov_base; ioreq->blkdev->cnt_map++; } + for (i = 0, j = 0; i < ioreq->v.niov; i++) { + if (page[i] == NULL) { + page[i] = ioreq->page[j++]; + } + } + } + if (ioreq->blkdev->feature_persistent) { + while ((ioreq->blkdev->persistent_gnt_count < ioreq->blkdev->max_grants) + && new_maps) { + /* Go through the list of newly mapped grants and add as many + * as possible to the list of persistently mapped grants. + * + * Since we start at the end of ioreq->page(s), we only need + * to decrease new_maps to prevent this granted pages from + * being unmapped in ioreq_unmap. + */ + grant = g_malloc0(sizeof(*grant)); + new_maps--; + if (batch_maps) { + grant->page = ioreq->pages + (new_maps) * XC_PAGE_SIZE; + } else { + grant->page = ioreq->page[new_maps]; + } + grant->blkdev = ioreq->blkdev; + xen_be_printf(&ioreq->blkdev->xendev, 3, + "adding grant %" PRIu32 " page: %p\n", + refs[new_maps], grant->page); + g_tree_insert(ioreq->blkdev->persistent_gnts, + GUINT_TO_POINTER(refs[new_maps]), + grant); + ioreq->blkdev->persistent_gnt_count++; + } + } + for (i = 0; i < ioreq->v.niov; i++) { + ioreq->v.iov[i].iov_base += (uintptr_t)page[i]; } ioreq->mapped = 1; + ioreq->num_unmap = new_maps; return 0; } @@ -680,6 +796,7 @@ static int blk_init(struct XenDevice *xendev) /* fill info */ xenstore_write_be_int(&blkdev->xendev, "feature-barrier", 1); + xenstore_write_be_int(&blkdev->xendev, "feature-persistent", 1); xenstore_write_be_int(&blkdev->xendev, "info", info); xenstore_write_be_int(&blkdev->xendev, "sector-size", blkdev->file_blk); xenstore_write_be_int(&blkdev->xendev, "sectors", @@ -703,6 +820,7 @@ out_error: static int blk_connect(struct XenDevice *xendev) { struct XenBlkDev *blkdev = container_of(xendev, struct XenBlkDev, xendev); + int pers; if (xenstore_read_fe_int(&blkdev->xendev, "ring-ref", &blkdev->ring_ref) == -1) { return -1; @@ -711,6 +829,11 @@ static int blk_connect(struct XenDevice *xendev) &blkdev->xendev.remote_port) == -1) { return -1; } + if (xenstore_read_fe_int(&blkdev->xendev, "feature-persistent", &pers)) { + blkdev->feature_persistent = FALSE; + } else { + blkdev->feature_persistent = !!pers; + } blkdev->protocol = BLKIF_PROTOCOL_NATIVE; if (blkdev->xendev.protocol) { @@ -754,6 +877,15 @@ static int blk_connect(struct XenDevice *xendev) } } + if (blkdev->feature_persistent) { + /* Init persistent grants */ + blkdev->max_grants = max_requests * BLKIF_MAX_SEGMENTS_PER_REQUEST; + blkdev->persistent_gnts = g_tree_new_full((GCompareDataFunc)int_cmp, + NULL, NULL, + (GDestroyNotify)destroy_grant); + blkdev->persistent_gnt_count = 0; + } + xen_be_bind_evtchn(&blkdev->xendev); xen_be_printf(&blkdev->xendev, 1, "ok: proto %s, ring-ref %d, " @@ -794,6 +926,11 @@ static int blk_free(struct XenDevice *xendev) blk_disconnect(xendev); } + /* Free persistent grants */ + if (blkdev->feature_persistent) { + g_tree_destroy(blkdev->persistent_gnts); + } + while (!QLIST_EMPTY(&blkdev->freelist)) { ioreq = QLIST_FIRST(&blkdev->freelist); QLIST_REMOVE(ioreq, list); -- generated by git-patchbot for /home/xen/git/qemu-upstream-unstable.git --===============3240249723108258387== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog --===============3240249723108258387==-- From xen-changelog-bounces@lists.xen.org Wed Jan 16 19:01:04 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 19:01:04 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvYEP-0003UF-79; Wed, 16 Jan 2013 19:01:01 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvYEO-0003TX-Bh for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 19:01:00 +0000 Received: from [85.158.143.35:62207] by server-3.bemta-4.messagelabs.com id 6B/DF-19220-BE8F6F05; Wed, 16 Jan 2013 19:00:59 +0000 X-Env-Sender: ian.jackson@eu.citrix.com X-Msg-Ref: server-5.tower-21.messagelabs.com!1358362856!4723842!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 5621 invoked from network); 16 Jan 2013 19:00:57 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-5.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 19:00:57 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvYEK-00036F-7j for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 19:00:56 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvYDn-0000tA-3C for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 19:00:55 +0000 Date: Wed, 16 Jan 2013 19:00:23 +0000 Message-Id: From: patchbot@xen.org To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [qemu-upstream-unstable] xen_disk: add persistent grant support to xen_disk backend X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============3240249723108258387==" Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org --===============3240249723108258387== Content-Type: text/plain commit b0acf299c1dc6b1d40193399659f06bacc14c5e6 Author: Roger Pau Monne Date: Mon Jan 14 18:28:19 2013 +0000 xen_disk: add persistent grant support to xen_disk backend This protocol extension reuses the same set of grant pages for all transactions between the front/back drivers, avoiding expensive tlb flushes, grant table lock contention and switches between userspace and kernel space. The full description of the protocol can be found in the public blkif.h header. http://xenbits.xen.org/gitweb/?p=xen.git;a=blob_plain;f=xen/include/public/io/blkif.h Speed improvement with 15 guests performing I/O is ~450%. upstream-commit-id: 9e496d7458bb01b717afe22db10a724db57d53fd Signed-off-by: Roger Pau Monné Signed-off-by: Stefano Stabellini --- hw/xen_disk.c | 171 +++++++++++++++++++++++++++++++++++++++++++++++++++------ 1 files changed, 154 insertions(+), 17 deletions(-) diff --git a/hw/xen_disk.c b/hw/xen_disk.c index ecb8834..1ffc80c 100644 --- a/hw/xen_disk.c +++ b/hw/xen_disk.c @@ -52,6 +52,13 @@ static int max_requests = 32; #define BLOCK_SIZE 512 #define IOCB_COUNT (BLKIF_MAX_SEGMENTS_PER_REQUEST + 2) +struct PersistentGrant { + void *page; + struct XenBlkDev *blkdev; +}; + +typedef struct PersistentGrant PersistentGrant; + struct ioreq { blkif_request_t req; int16_t status; @@ -69,6 +76,7 @@ struct ioreq { int prot; void *page[BLKIF_MAX_SEGMENTS_PER_REQUEST]; void *pages; + int num_unmap; /* aio status */ int aio_inflight; @@ -105,6 +113,12 @@ struct XenBlkDev { int requests_inflight; int requests_finished; + /* Persistent grants extension */ + gboolean feature_persistent; + GTree *persistent_gnts; + unsigned int persistent_gnt_count; + unsigned int max_grants; + /* qemu block driver */ DriveInfo *dinfo; BlockDriverState *bs; @@ -138,6 +152,29 @@ static void ioreq_reset(struct ioreq *ioreq) qemu_iovec_reset(&ioreq->v); } +static gint int_cmp(gconstpointer a, gconstpointer b, gpointer user_data) +{ + uint ua = GPOINTER_TO_UINT(a); + uint ub = GPOINTER_TO_UINT(b); + return (ua > ub) - (ua < ub); +} + +static void destroy_grant(gpointer pgnt) +{ + PersistentGrant *grant = pgnt; + XenGnttab gnt = grant->blkdev->xendev.gnttabdev; + + if (xc_gnttab_munmap(gnt, grant->page, 1) != 0) { + xen_be_printf(&grant->blkdev->xendev, 0, + "xc_gnttab_munmap failed: %s\n", + strerror(errno)); + } + grant->blkdev->persistent_gnt_count--; + xen_be_printf(&grant->blkdev->xendev, 3, + "unmapped grant %p\n", grant->page); + g_free(grant); +} + static struct ioreq *ioreq_start(struct XenBlkDev *blkdev) { struct ioreq *ioreq = NULL; @@ -266,21 +303,21 @@ static void ioreq_unmap(struct ioreq *ioreq) XenGnttab gnt = ioreq->blkdev->xendev.gnttabdev; int i; - if (ioreq->v.niov == 0 || ioreq->mapped == 0) { + if (ioreq->num_unmap == 0 || ioreq->mapped == 0) { return; } if (batch_maps) { if (!ioreq->pages) { return; } - if (xc_gnttab_munmap(gnt, ioreq->pages, ioreq->v.niov) != 0) { + if (xc_gnttab_munmap(gnt, ioreq->pages, ioreq->num_unmap) != 0) { xen_be_printf(&ioreq->blkdev->xendev, 0, "xc_gnttab_munmap failed: %s\n", strerror(errno)); } - ioreq->blkdev->cnt_map -= ioreq->v.niov; + ioreq->blkdev->cnt_map -= ioreq->num_unmap; ioreq->pages = NULL; } else { - for (i = 0; i < ioreq->v.niov; i++) { + for (i = 0; i < ioreq->num_unmap; i++) { if (!ioreq->page[i]) { continue; } @@ -298,41 +335,120 @@ static void ioreq_unmap(struct ioreq *ioreq) static int ioreq_map(struct ioreq *ioreq) { XenGnttab gnt = ioreq->blkdev->xendev.gnttabdev; - int i; + uint32_t domids[BLKIF_MAX_SEGMENTS_PER_REQUEST]; + uint32_t refs[BLKIF_MAX_SEGMENTS_PER_REQUEST]; + void *page[BLKIF_MAX_SEGMENTS_PER_REQUEST]; + int i, j, new_maps = 0; + PersistentGrant *grant; + /* domids and refs variables will contain the information necessary + * to map the grants that are needed to fulfill this request. + * + * After mapping the needed grants, the page array will contain the + * memory address of each granted page in the order specified in ioreq + * (disregarding if it's a persistent grant or not). + */ if (ioreq->v.niov == 0 || ioreq->mapped == 1) { return 0; } - if (batch_maps) { + if (ioreq->blkdev->feature_persistent) { + for (i = 0; i < ioreq->v.niov; i++) { + grant = g_tree_lookup(ioreq->blkdev->persistent_gnts, + GUINT_TO_POINTER(ioreq->refs[i])); + + if (grant != NULL) { + page[i] = grant->page; + xen_be_printf(&ioreq->blkdev->xendev, 3, + "using persistent-grant %" PRIu32 "\n", + ioreq->refs[i]); + } else { + /* Add the grant to the list of grants that + * should be mapped + */ + domids[new_maps] = ioreq->domids[i]; + refs[new_maps] = ioreq->refs[i]; + page[i] = NULL; + new_maps++; + } + } + /* Set the protection to RW, since grants may be reused later + * with a different protection than the one needed for this request + */ + ioreq->prot = PROT_WRITE | PROT_READ; + } else { + /* All grants in the request should be mapped */ + memcpy(refs, ioreq->refs, sizeof(refs)); + memcpy(domids, ioreq->domids, sizeof(domids)); + memset(page, 0, sizeof(page)); + new_maps = ioreq->v.niov; + } + + if (batch_maps && new_maps) { ioreq->pages = xc_gnttab_map_grant_refs - (gnt, ioreq->v.niov, ioreq->domids, ioreq->refs, ioreq->prot); + (gnt, new_maps, domids, refs, ioreq->prot); if (ioreq->pages == NULL) { xen_be_printf(&ioreq->blkdev->xendev, 0, "can't map %d grant refs (%s, %d maps)\n", - ioreq->v.niov, strerror(errno), ioreq->blkdev->cnt_map); + new_maps, strerror(errno), ioreq->blkdev->cnt_map); return -1; } - for (i = 0; i < ioreq->v.niov; i++) { - ioreq->v.iov[i].iov_base = ioreq->pages + i * XC_PAGE_SIZE + - (uintptr_t)ioreq->v.iov[i].iov_base; + for (i = 0, j = 0; i < ioreq->v.niov; i++) { + if (page[i] == NULL) { + page[i] = ioreq->pages + (j++) * XC_PAGE_SIZE; + } } - ioreq->blkdev->cnt_map += ioreq->v.niov; - } else { - for (i = 0; i < ioreq->v.niov; i++) { + ioreq->blkdev->cnt_map += new_maps; + } else if (new_maps) { + for (i = 0; i < new_maps; i++) { ioreq->page[i] = xc_gnttab_map_grant_ref - (gnt, ioreq->domids[i], ioreq->refs[i], ioreq->prot); + (gnt, domids[i], refs[i], ioreq->prot); if (ioreq->page[i] == NULL) { xen_be_printf(&ioreq->blkdev->xendev, 0, "can't map grant ref %d (%s, %d maps)\n", - ioreq->refs[i], strerror(errno), ioreq->blkdev->cnt_map); + refs[i], strerror(errno), ioreq->blkdev->cnt_map); ioreq_unmap(ioreq); return -1; } - ioreq->v.iov[i].iov_base = ioreq->page[i] + (uintptr_t)ioreq->v.iov[i].iov_base; ioreq->blkdev->cnt_map++; } + for (i = 0, j = 0; i < ioreq->v.niov; i++) { + if (page[i] == NULL) { + page[i] = ioreq->page[j++]; + } + } + } + if (ioreq->blkdev->feature_persistent) { + while ((ioreq->blkdev->persistent_gnt_count < ioreq->blkdev->max_grants) + && new_maps) { + /* Go through the list of newly mapped grants and add as many + * as possible to the list of persistently mapped grants. + * + * Since we start at the end of ioreq->page(s), we only need + * to decrease new_maps to prevent this granted pages from + * being unmapped in ioreq_unmap. + */ + grant = g_malloc0(sizeof(*grant)); + new_maps--; + if (batch_maps) { + grant->page = ioreq->pages + (new_maps) * XC_PAGE_SIZE; + } else { + grant->page = ioreq->page[new_maps]; + } + grant->blkdev = ioreq->blkdev; + xen_be_printf(&ioreq->blkdev->xendev, 3, + "adding grant %" PRIu32 " page: %p\n", + refs[new_maps], grant->page); + g_tree_insert(ioreq->blkdev->persistent_gnts, + GUINT_TO_POINTER(refs[new_maps]), + grant); + ioreq->blkdev->persistent_gnt_count++; + } + } + for (i = 0; i < ioreq->v.niov; i++) { + ioreq->v.iov[i].iov_base += (uintptr_t)page[i]; } ioreq->mapped = 1; + ioreq->num_unmap = new_maps; return 0; } @@ -680,6 +796,7 @@ static int blk_init(struct XenDevice *xendev) /* fill info */ xenstore_write_be_int(&blkdev->xendev, "feature-barrier", 1); + xenstore_write_be_int(&blkdev->xendev, "feature-persistent", 1); xenstore_write_be_int(&blkdev->xendev, "info", info); xenstore_write_be_int(&blkdev->xendev, "sector-size", blkdev->file_blk); xenstore_write_be_int(&blkdev->xendev, "sectors", @@ -703,6 +820,7 @@ out_error: static int blk_connect(struct XenDevice *xendev) { struct XenBlkDev *blkdev = container_of(xendev, struct XenBlkDev, xendev); + int pers; if (xenstore_read_fe_int(&blkdev->xendev, "ring-ref", &blkdev->ring_ref) == -1) { return -1; @@ -711,6 +829,11 @@ static int blk_connect(struct XenDevice *xendev) &blkdev->xendev.remote_port) == -1) { return -1; } + if (xenstore_read_fe_int(&blkdev->xendev, "feature-persistent", &pers)) { + blkdev->feature_persistent = FALSE; + } else { + blkdev->feature_persistent = !!pers; + } blkdev->protocol = BLKIF_PROTOCOL_NATIVE; if (blkdev->xendev.protocol) { @@ -754,6 +877,15 @@ static int blk_connect(struct XenDevice *xendev) } } + if (blkdev->feature_persistent) { + /* Init persistent grants */ + blkdev->max_grants = max_requests * BLKIF_MAX_SEGMENTS_PER_REQUEST; + blkdev->persistent_gnts = g_tree_new_full((GCompareDataFunc)int_cmp, + NULL, NULL, + (GDestroyNotify)destroy_grant); + blkdev->persistent_gnt_count = 0; + } + xen_be_bind_evtchn(&blkdev->xendev); xen_be_printf(&blkdev->xendev, 1, "ok: proto %s, ring-ref %d, " @@ -794,6 +926,11 @@ static int blk_free(struct XenDevice *xendev) blk_disconnect(xendev); } + /* Free persistent grants */ + if (blkdev->feature_persistent) { + g_tree_destroy(blkdev->persistent_gnts); + } + while (!QLIST_EMPTY(&blkdev->freelist)) { ioreq = QLIST_FIRST(&blkdev->freelist); QLIST_REMOVE(ioreq, list); -- generated by git-patchbot for /home/xen/git/qemu-upstream-unstable.git --===============3240249723108258387== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog --===============3240249723108258387==-- From xen-changelog-bounces@lists.xen.org Wed Jan 16 19:02:25 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 19:02:25 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvYFj-0003tD-DL; Wed, 16 Jan 2013 19:02:23 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvYFi-0003sx-7v for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 19:02:22 +0000 Received: from [85.158.139.83:28349] by server-13.bemta-5.messagelabs.com id F8/56-06386-D39F6F05; Wed, 16 Jan 2013 19:02:21 +0000 X-Env-Sender: ian.jackson@eu.citrix.com X-Msg-Ref: server-16.tower-182.messagelabs.com!1358362927!20831657!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 1435 invoked from network); 16 Jan 2013 19:02:08 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-16.tower-182.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 19:02:08 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvYEU-00036p-QH for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 19:01:06 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvYEU-0000uR-He for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 19:01:06 +0000 Date: Wed, 16 Jan 2013 19:01:06 +0000 Message-Id: From: patchbot@xen.org To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [qemu-upstream-unstable] xen_disk: implement BLKIF_OP_FLUSH_DISKCACHE, remove BLKIF_OP_WRITE_BARRIER X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org commit 656365a38e41a5b8a2c4d5ab2ada9fbf231f1ebc Author: Stefano Stabellini Date: Mon Jan 14 18:30:30 2013 +0000 xen_disk: implement BLKIF_OP_FLUSH_DISKCACHE, remove BLKIF_OP_WRITE_BARRIER upstream-commit-id: 7e7b7cba16faa7b721b822fa9ed8bebafa35700f Signed-off-by: Stefano Stabellini --- hw/xen_disk.c | 9 ++++----- 1 files changed, 4 insertions(+), 5 deletions(-) diff --git a/hw/xen_disk.c b/hw/xen_disk.c index 1ffc80c..69e1d9d 100644 --- a/hw/xen_disk.c +++ b/hw/xen_disk.c @@ -244,12 +244,11 @@ static int ioreq_parse(struct ioreq *ioreq) case BLKIF_OP_READ: ioreq->prot = PROT_WRITE; /* to memory */ break; - case BLKIF_OP_WRITE_BARRIER: + case BLKIF_OP_FLUSH_DISKCACHE: + ioreq->presync = 1; if (!ioreq->req.nr_segments) { - ioreq->presync = 1; return 0; } - ioreq->presync = ioreq->postsync = 1; /* fall through */ case BLKIF_OP_WRITE: ioreq->prot = PROT_READ; /* from memory */ @@ -510,7 +509,7 @@ static int ioreq_runio_qemu_aio(struct ioreq *ioreq) qemu_aio_complete, ioreq); break; case BLKIF_OP_WRITE: - case BLKIF_OP_WRITE_BARRIER: + case BLKIF_OP_FLUSH_DISKCACHE: if (!ioreq->req.nr_segments) { break; } @@ -795,7 +794,7 @@ static int blk_init(struct XenDevice *xendev) blkdev->file_size, blkdev->file_size >> 20); /* fill info */ - xenstore_write_be_int(&blkdev->xendev, "feature-barrier", 1); + xenstore_write_be_int(&blkdev->xendev, "feature-flush-cache", 1); xenstore_write_be_int(&blkdev->xendev, "feature-persistent", 1); xenstore_write_be_int(&blkdev->xendev, "info", info); xenstore_write_be_int(&blkdev->xendev, "sector-size", blkdev->file_blk); -- generated by git-patchbot for /home/xen/git/qemu-upstream-unstable.git _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 16 19:02:25 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 16 Jan 2013 19:02:25 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvYFj-0003tD-DL; Wed, 16 Jan 2013 19:02:23 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvYFi-0003sx-7v for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 19:02:22 +0000 Received: from [85.158.139.83:28349] by server-13.bemta-5.messagelabs.com id F8/56-06386-D39F6F05; Wed, 16 Jan 2013 19:02:21 +0000 X-Env-Sender: ian.jackson@eu.citrix.com X-Msg-Ref: server-16.tower-182.messagelabs.com!1358362927!20831657!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 1435 invoked from network); 16 Jan 2013 19:02:08 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-16.tower-182.messagelabs.com with AES256-SHA encrypted SMTP; 16 Jan 2013 19:02:08 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvYEU-00036p-QH for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 19:01:06 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvYEU-0000uR-He for xen-changelog@lists.xensource.com; Wed, 16 Jan 2013 19:01:06 +0000 Date: Wed, 16 Jan 2013 19:01:06 +0000 Message-Id: From: patchbot@xen.org To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [qemu-upstream-unstable] xen_disk: implement BLKIF_OP_FLUSH_DISKCACHE, remove BLKIF_OP_WRITE_BARRIER X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org commit 656365a38e41a5b8a2c4d5ab2ada9fbf231f1ebc Author: Stefano Stabellini Date: Mon Jan 14 18:30:30 2013 +0000 xen_disk: implement BLKIF_OP_FLUSH_DISKCACHE, remove BLKIF_OP_WRITE_BARRIER upstream-commit-id: 7e7b7cba16faa7b721b822fa9ed8bebafa35700f Signed-off-by: Stefano Stabellini --- hw/xen_disk.c | 9 ++++----- 1 files changed, 4 insertions(+), 5 deletions(-) diff --git a/hw/xen_disk.c b/hw/xen_disk.c index 1ffc80c..69e1d9d 100644 --- a/hw/xen_disk.c +++ b/hw/xen_disk.c @@ -244,12 +244,11 @@ static int ioreq_parse(struct ioreq *ioreq) case BLKIF_OP_READ: ioreq->prot = PROT_WRITE; /* to memory */ break; - case BLKIF_OP_WRITE_BARRIER: + case BLKIF_OP_FLUSH_DISKCACHE: + ioreq->presync = 1; if (!ioreq->req.nr_segments) { - ioreq->presync = 1; return 0; } - ioreq->presync = ioreq->postsync = 1; /* fall through */ case BLKIF_OP_WRITE: ioreq->prot = PROT_READ; /* from memory */ @@ -510,7 +509,7 @@ static int ioreq_runio_qemu_aio(struct ioreq *ioreq) qemu_aio_complete, ioreq); break; case BLKIF_OP_WRITE: - case BLKIF_OP_WRITE_BARRIER: + case BLKIF_OP_FLUSH_DISKCACHE: if (!ioreq->req.nr_segments) { break; } @@ -795,7 +794,7 @@ static int blk_init(struct XenDevice *xendev) blkdev->file_size, blkdev->file_size >> 20); /* fill info */ - xenstore_write_be_int(&blkdev->xendev, "feature-barrier", 1); + xenstore_write_be_int(&blkdev->xendev, "feature-flush-cache", 1); xenstore_write_be_int(&blkdev->xendev, "feature-persistent", 1); xenstore_write_be_int(&blkdev->xendev, "info", info); xenstore_write_be_int(&blkdev->xendev, "sector-size", blkdev->file_blk); -- generated by git-patchbot for /home/xen/git/qemu-upstream-unstable.git _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Thu Jan 17 06:11:18 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Thu, 17 Jan 2013 06:11:18 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tvigz-0007dm-Ot; Thu, 17 Jan 2013 06:11:13 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tvigy-0007df-Pn for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 06:11:12 +0000 Received: from [85.158.138.51:23488] by server-7.bemta-3.messagelabs.com id 1B/AE-23876-FF597F05; Thu, 17 Jan 2013 06:11:11 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-3.tower-174.messagelabs.com!1358403070!20199315!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 15591 invoked from network); 17 Jan 2013 06:11:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-3.tower-174.messagelabs.com with AES256-SHA encrypted SMTP; 17 Jan 2013 06:11:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tvigv-0000os-Sb for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 06:11:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tvigv-0000ma-J9 for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 06:11:09 +0000 Message-Id: Date: Thu, 17 Jan 2013 06:11:08 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] QEMU_TAG update X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Jackson # Date 1358345744 0 # Node ID b6195e277da52129d5d79f29ccac0e7290643e37 # Parent b4cbb83f9a1f57b4f26f2d35998cda42b904ea69 QEMU_TAG update --- diff -r b4cbb83f9a1f -r b6195e277da5 Config.mk --- a/Config.mk Wed Jan 16 13:56:55 2013 +0100 +++ b/Config.mk Wed Jan 16 14:15:44 2013 +0000 @@ -220,9 +220,9 @@ ETHERBOOT_NICS ?= rtl8139 8086100e # CONFIG_QEMU ?= `pwd`/$(XEN_ROOT)/../qemu-xen.git CONFIG_QEMU ?= $(QEMU_REMOTE) -QEMU_TAG ?= 6a0cf3786f1964fdf5a17f88f26cb499f4e89c81 -# Thu Dec 6 12:35:58 2012 +0000 -# qemu-stubdom: prevent useless medium change +QEMU_TAG ?= 4c2cae2a882db4d2a231b27b3b31a5bbec6dacbf +# Sun Dec 2 20:11:22 2012 -0800 +# e1000: Discard packets that are too long if !SBP and !LPE # Short answer -- do not enable this unless you know what you are # doing and are prepared for some pain. _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Thu Jan 17 06:11:18 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Thu, 17 Jan 2013 06:11:18 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tvigz-0007dm-Ot; Thu, 17 Jan 2013 06:11:13 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tvigy-0007df-Pn for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 06:11:12 +0000 Received: from [85.158.138.51:23488] by server-7.bemta-3.messagelabs.com id 1B/AE-23876-FF597F05; Thu, 17 Jan 2013 06:11:11 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-3.tower-174.messagelabs.com!1358403070!20199315!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 15591 invoked from network); 17 Jan 2013 06:11:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-3.tower-174.messagelabs.com with AES256-SHA encrypted SMTP; 17 Jan 2013 06:11:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tvigv-0000os-Sb for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 06:11:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tvigv-0000ma-J9 for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 06:11:09 +0000 Message-Id: Date: Thu, 17 Jan 2013 06:11:08 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] QEMU_TAG update X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Jackson # Date 1358345744 0 # Node ID b6195e277da52129d5d79f29ccac0e7290643e37 # Parent b4cbb83f9a1f57b4f26f2d35998cda42b904ea69 QEMU_TAG update --- diff -r b4cbb83f9a1f -r b6195e277da5 Config.mk --- a/Config.mk Wed Jan 16 13:56:55 2013 +0100 +++ b/Config.mk Wed Jan 16 14:15:44 2013 +0000 @@ -220,9 +220,9 @@ ETHERBOOT_NICS ?= rtl8139 8086100e # CONFIG_QEMU ?= `pwd`/$(XEN_ROOT)/../qemu-xen.git CONFIG_QEMU ?= $(QEMU_REMOTE) -QEMU_TAG ?= 6a0cf3786f1964fdf5a17f88f26cb499f4e89c81 -# Thu Dec 6 12:35:58 2012 +0000 -# qemu-stubdom: prevent useless medium change +QEMU_TAG ?= 4c2cae2a882db4d2a231b27b3b31a5bbec6dacbf +# Sun Dec 2 20:11:22 2012 -0800 +# e1000: Discard packets that are too long if !SBP and !LPE # Short answer -- do not enable this unless you know what you are # doing and are prepared for some pain. _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Thu Jan 17 06:11:59 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Thu, 17 Jan 2013 06:11:59 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tvihb-0007l7-UY; Thu, 17 Jan 2013 06:11:51 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tviha-0007kG-BE for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 06:11:50 +0000 Received: from [85.158.143.35:60892] by server-1.bemta-4.messagelabs.com id A4/CC-18740-52697F05; Thu, 17 Jan 2013 06:11:49 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-2.tower-21.messagelabs.com!1358403106!4738287!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 10306 invoked from network); 17 Jan 2013 06:11:47 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-2.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 17 Jan 2013 06:11:47 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tvigv-0000op-Bf for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 06:11:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tvigu-0000mL-RS for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 06:11:08 +0000 Message-Id: Date: Thu, 17 Jan 2013 06:11:08 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] x86: consistently mask floating point exceptions X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1358341015 -3600 # Node ID b4cbb83f9a1f57b4f26f2d35998cda42b904ea69 # Parent 327b812026fe62a990f1d81041729c42196983ca x86: consistently mask floating point exceptions c/s 23142:f5e8d152a565 resulted in v->arch.fpu_ctxt to point into the save area allocated for xsave/xrstor (when they're available). The way vcpu_restore_fpu_lazy() works (using fpu_init() for an uninitialized vCPU only when there's no xsave support) causes this to load whatever arch_set_info_guest() put there, irrespective of whether the i387 state was specified to be valid in the respective input structure. Consequently, with a cleared (al zeroes) incoming FPU context, and with xsave available, one gets all exceptions unmasked (as opposed to to the legacy case, where FINIT and LDMXCSR get used, masking all exceptions). This causes e.g. para-virtualized NetWare to crash. The behavior of arch_set_info_guest() is thus being made more hardware- like for the FPU portion of it: Considering it to be similar to INIT, it will leave untouched all floating point state now. An alternative would be to make the behavior RESET-like, forcing all state to known values, albeit - taking into account legacy behavior - not to precisely the values RESET would enforce (which masks only SSE exceptions, but not x87 ones); that would come closest to mimicing FINIT behavior in the xsave case. Another option would be to continue copying whatever was provided, but override (at least) FCW and MXCSR if VGCF_I387_VALID isn't set. Signed-off-by: Jan Beulich Acked-by: Keir Fraser --- diff -r 327b812026fe -r b4cbb83f9a1f xen/arch/x86/domain.c --- a/xen/arch/x86/domain.c Tue Jan 15 16:11:04 2013 +0100 +++ b/xen/arch/x86/domain.c Wed Jan 16 13:56:55 2013 +0100 @@ -748,7 +748,9 @@ int arch_set_info_guest( v->arch.vgc_flags = flags; - memcpy(v->arch.fpu_ctxt, &c.nat->fpu_ctxt, sizeof(c.nat->fpu_ctxt)); + if ( flags & VGCF_I387_VALID ) + memcpy(v->arch.fpu_ctxt, &c.nat->fpu_ctxt, sizeof(c.nat->fpu_ctxt)); + if ( !compat ) { memcpy(&v->arch.user_regs, &c.nat->user_regs, sizeof(c.nat->user_regs)); _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Thu Jan 17 06:11:59 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Thu, 17 Jan 2013 06:11:59 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tvihb-0007l7-UY; Thu, 17 Jan 2013 06:11:51 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tviha-0007kG-BE for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 06:11:50 +0000 Received: from [85.158.143.35:60892] by server-1.bemta-4.messagelabs.com id A4/CC-18740-52697F05; Thu, 17 Jan 2013 06:11:49 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-2.tower-21.messagelabs.com!1358403106!4738287!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 10306 invoked from network); 17 Jan 2013 06:11:47 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-2.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 17 Jan 2013 06:11:47 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tvigv-0000op-Bf for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 06:11:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tvigu-0000mL-RS for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 06:11:08 +0000 Message-Id: Date: Thu, 17 Jan 2013 06:11:08 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] x86: consistently mask floating point exceptions X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1358341015 -3600 # Node ID b4cbb83f9a1f57b4f26f2d35998cda42b904ea69 # Parent 327b812026fe62a990f1d81041729c42196983ca x86: consistently mask floating point exceptions c/s 23142:f5e8d152a565 resulted in v->arch.fpu_ctxt to point into the save area allocated for xsave/xrstor (when they're available). The way vcpu_restore_fpu_lazy() works (using fpu_init() for an uninitialized vCPU only when there's no xsave support) causes this to load whatever arch_set_info_guest() put there, irrespective of whether the i387 state was specified to be valid in the respective input structure. Consequently, with a cleared (al zeroes) incoming FPU context, and with xsave available, one gets all exceptions unmasked (as opposed to to the legacy case, where FINIT and LDMXCSR get used, masking all exceptions). This causes e.g. para-virtualized NetWare to crash. The behavior of arch_set_info_guest() is thus being made more hardware- like for the FPU portion of it: Considering it to be similar to INIT, it will leave untouched all floating point state now. An alternative would be to make the behavior RESET-like, forcing all state to known values, albeit - taking into account legacy behavior - not to precisely the values RESET would enforce (which masks only SSE exceptions, but not x87 ones); that would come closest to mimicing FINIT behavior in the xsave case. Another option would be to continue copying whatever was provided, but override (at least) FCW and MXCSR if VGCF_I387_VALID isn't set. Signed-off-by: Jan Beulich Acked-by: Keir Fraser --- diff -r 327b812026fe -r b4cbb83f9a1f xen/arch/x86/domain.c --- a/xen/arch/x86/domain.c Tue Jan 15 16:11:04 2013 +0100 +++ b/xen/arch/x86/domain.c Wed Jan 16 13:56:55 2013 +0100 @@ -748,7 +748,9 @@ int arch_set_info_guest( v->arch.vgc_flags = flags; - memcpy(v->arch.fpu_ctxt, &c.nat->fpu_ctxt, sizeof(c.nat->fpu_ctxt)); + if ( flags & VGCF_I387_VALID ) + memcpy(v->arch.fpu_ctxt, &c.nat->fpu_ctxt, sizeof(c.nat->fpu_ctxt)); + if ( !compat ) { memcpy(&v->arch.user_regs, &c.nat->user_regs, sizeof(c.nat->user_regs)); _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Thu Jan 17 12:11:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Thu, 17 Jan 2013 12:11:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvoJT-0005Ze-Ni; Thu, 17 Jan 2013 12:11:19 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvoJS-0005ZZ-Ig for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 12:11:18 +0000 Received: from [85.158.143.99:5377] by server-3.bemta-4.messagelabs.com id D9/C1-19220-56AE7F05; Thu, 17 Jan 2013 12:11:17 +0000 X-Env-Sender: ian.jackson@eu.citrix.com X-Msg-Ref: server-10.tower-216.messagelabs.com!1358424676!21916848!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 23766 invoked from network); 17 Jan 2013 12:11:17 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-10.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 17 Jan 2013 12:11:17 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvoJQ-00057A-0h for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 12:11:16 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvoJP-0002M1-G2 for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 12:11:15 +0000 Date: Thu, 17 Jan 2013 12:11:15 +0000 Message-Id: From: patchbot@xen.org To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [qemu-xen-4.1-testing] e1000: Discard oversized packets based on SBP|LPE X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org commit deb53183e0274a3eaae1577b0d47eb5ef1d8986c Author: Michael Contreras Date: Wed Dec 5 13:31:30 2012 -0500 e1000: Discard oversized packets based on SBP|LPE Discard packets longer than 16384 when !SBP to match the hardware behavior. Signed-off-by: Michael Contreras Signed-off-by: Stefan Hajnoczi (cherry picked from commit 2c0331f4f7d241995452b99afaf0aab00493334a) [ This is a security vulnerablity, XSA-41 / CVE-2012-6075 (2nd patch). ] (cherry picked from commit e33f918c19e393900b95a2bb6b10668dfe96a8f2) --- hw/e1000.c | 7 +++++-- 1 files changed, 5 insertions(+), 2 deletions(-) diff --git a/hw/e1000.c b/hw/e1000.c index f0673f0..67d2651 100644 --- a/hw/e1000.c +++ b/hw/e1000.c @@ -57,6 +57,8 @@ static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL); /* this is the size past which hardware will drop packets when setting LPE=0 */ #define MAXIMUM_ETHERNET_VLAN_SIZE 1522 +/* this is the size past which hardware will drop packets when setting LPE=1 */ +#define MAXIMUM_ETHERNET_LPE_SIZE 16384 /* * HW models: @@ -632,8 +634,9 @@ e1000_receive(void *opaque, const uint8_t *buf, int size) } /* Discard oversized packets if !LPE and !SBP. */ - if (size > MAXIMUM_ETHERNET_VLAN_SIZE - && !(s->mac_reg[RCTL] & E1000_RCTL_LPE) + if ((size > MAXIMUM_ETHERNET_LPE_SIZE || + (size > MAXIMUM_ETHERNET_VLAN_SIZE + && !(s->mac_reg[RCTL] & E1000_RCTL_LPE))) && !(s->mac_reg[RCTL] & E1000_RCTL_SBP)) { return size; } -- generated by git-patchbot for /home/xen/git/qemu-xen-4.1-testing.git _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Thu Jan 17 12:11:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Thu, 17 Jan 2013 12:11:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvoJT-0005Ze-Ni; Thu, 17 Jan 2013 12:11:19 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvoJS-0005ZZ-Ig for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 12:11:18 +0000 Received: from [85.158.143.99:5377] by server-3.bemta-4.messagelabs.com id D9/C1-19220-56AE7F05; Thu, 17 Jan 2013 12:11:17 +0000 X-Env-Sender: ian.jackson@eu.citrix.com X-Msg-Ref: server-10.tower-216.messagelabs.com!1358424676!21916848!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 23766 invoked from network); 17 Jan 2013 12:11:17 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-10.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 17 Jan 2013 12:11:17 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvoJQ-00057A-0h for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 12:11:16 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvoJP-0002M1-G2 for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 12:11:15 +0000 Date: Thu, 17 Jan 2013 12:11:15 +0000 Message-Id: From: patchbot@xen.org To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [qemu-xen-4.1-testing] e1000: Discard oversized packets based on SBP|LPE X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org commit deb53183e0274a3eaae1577b0d47eb5ef1d8986c Author: Michael Contreras Date: Wed Dec 5 13:31:30 2012 -0500 e1000: Discard oversized packets based on SBP|LPE Discard packets longer than 16384 when !SBP to match the hardware behavior. Signed-off-by: Michael Contreras Signed-off-by: Stefan Hajnoczi (cherry picked from commit 2c0331f4f7d241995452b99afaf0aab00493334a) [ This is a security vulnerablity, XSA-41 / CVE-2012-6075 (2nd patch). ] (cherry picked from commit e33f918c19e393900b95a2bb6b10668dfe96a8f2) --- hw/e1000.c | 7 +++++-- 1 files changed, 5 insertions(+), 2 deletions(-) diff --git a/hw/e1000.c b/hw/e1000.c index f0673f0..67d2651 100644 --- a/hw/e1000.c +++ b/hw/e1000.c @@ -57,6 +57,8 @@ static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL); /* this is the size past which hardware will drop packets when setting LPE=0 */ #define MAXIMUM_ETHERNET_VLAN_SIZE 1522 +/* this is the size past which hardware will drop packets when setting LPE=1 */ +#define MAXIMUM_ETHERNET_LPE_SIZE 16384 /* * HW models: @@ -632,8 +634,9 @@ e1000_receive(void *opaque, const uint8_t *buf, int size) } /* Discard oversized packets if !LPE and !SBP. */ - if (size > MAXIMUM_ETHERNET_VLAN_SIZE - && !(s->mac_reg[RCTL] & E1000_RCTL_LPE) + if ((size > MAXIMUM_ETHERNET_LPE_SIZE || + (size > MAXIMUM_ETHERNET_VLAN_SIZE + && !(s->mac_reg[RCTL] & E1000_RCTL_LPE))) && !(s->mac_reg[RCTL] & E1000_RCTL_SBP)) { return size; } -- generated by git-patchbot for /home/xen/git/qemu-xen-4.1-testing.git _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Thu Jan 17 12:11:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Thu, 17 Jan 2013 12:11:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvoJV-0005Zq-Qc; Thu, 17 Jan 2013 12:11:21 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvoJU-0005Zj-Jn for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 12:11:20 +0000 Received: from [193.109.254.147:13560] by server-8.bemta-14.messagelabs.com id 45/04-26341-76AE7F05; Thu, 17 Jan 2013 12:11:19 +0000 X-Env-Sender: ian.jackson@eu.citrix.com X-Msg-Ref: server-6.tower-27.messagelabs.com!1358424664!3392880!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 30601 invoked from network); 17 Jan 2013 12:11:06 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-6.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 17 Jan 2013 12:11:06 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvoJE-000577-FS for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 12:11:04 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvoJD-0002Kf-RO for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 12:11:04 +0000 Date: Thu, 17 Jan 2013 12:11:03 +0000 Message-Id: From: patchbot@xen.org To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [qemu-xen-unstable] e1000: Discard oversized packets based on SBP|LPE X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org commit e33f918c19e393900b95a2bb6b10668dfe96a8f2 Author: Michael Contreras Date: Wed Dec 5 13:31:30 2012 -0500 e1000: Discard oversized packets based on SBP|LPE Discard packets longer than 16384 when !SBP to match the hardware behavior. Signed-off-by: Michael Contreras Signed-off-by: Stefan Hajnoczi (cherry picked from commit 2c0331f4f7d241995452b99afaf0aab00493334a) [ This is a security vulnerablity, XSA-41 / CVE-2012-6075 (2nd patch). ] --- hw/e1000.c | 7 +++++-- 1 files changed, 5 insertions(+), 2 deletions(-) diff --git a/hw/e1000.c b/hw/e1000.c index f0673f0..67d2651 100644 --- a/hw/e1000.c +++ b/hw/e1000.c @@ -57,6 +57,8 @@ static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL); /* this is the size past which hardware will drop packets when setting LPE=0 */ #define MAXIMUM_ETHERNET_VLAN_SIZE 1522 +/* this is the size past which hardware will drop packets when setting LPE=1 */ +#define MAXIMUM_ETHERNET_LPE_SIZE 16384 /* * HW models: @@ -632,8 +634,9 @@ e1000_receive(void *opaque, const uint8_t *buf, int size) } /* Discard oversized packets if !LPE and !SBP. */ - if (size > MAXIMUM_ETHERNET_VLAN_SIZE - && !(s->mac_reg[RCTL] & E1000_RCTL_LPE) + if ((size > MAXIMUM_ETHERNET_LPE_SIZE || + (size > MAXIMUM_ETHERNET_VLAN_SIZE + && !(s->mac_reg[RCTL] & E1000_RCTL_LPE))) && !(s->mac_reg[RCTL] & E1000_RCTL_SBP)) { return size; } -- generated by git-patchbot for /home/xen/git/qemu-xen-unstable.git _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Thu Jan 17 12:11:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Thu, 17 Jan 2013 12:11:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvoJV-0005Zq-Qc; Thu, 17 Jan 2013 12:11:21 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvoJU-0005Zj-Jn for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 12:11:20 +0000 Received: from [193.109.254.147:13560] by server-8.bemta-14.messagelabs.com id 45/04-26341-76AE7F05; Thu, 17 Jan 2013 12:11:19 +0000 X-Env-Sender: ian.jackson@eu.citrix.com X-Msg-Ref: server-6.tower-27.messagelabs.com!1358424664!3392880!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 30601 invoked from network); 17 Jan 2013 12:11:06 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-6.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 17 Jan 2013 12:11:06 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvoJE-000577-FS for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 12:11:04 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvoJD-0002Kf-RO for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 12:11:04 +0000 Date: Thu, 17 Jan 2013 12:11:03 +0000 Message-Id: From: patchbot@xen.org To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [qemu-xen-unstable] e1000: Discard oversized packets based on SBP|LPE X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org commit e33f918c19e393900b95a2bb6b10668dfe96a8f2 Author: Michael Contreras Date: Wed Dec 5 13:31:30 2012 -0500 e1000: Discard oversized packets based on SBP|LPE Discard packets longer than 16384 when !SBP to match the hardware behavior. Signed-off-by: Michael Contreras Signed-off-by: Stefan Hajnoczi (cherry picked from commit 2c0331f4f7d241995452b99afaf0aab00493334a) [ This is a security vulnerablity, XSA-41 / CVE-2012-6075 (2nd patch). ] --- hw/e1000.c | 7 +++++-- 1 files changed, 5 insertions(+), 2 deletions(-) diff --git a/hw/e1000.c b/hw/e1000.c index f0673f0..67d2651 100644 --- a/hw/e1000.c +++ b/hw/e1000.c @@ -57,6 +57,8 @@ static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL); /* this is the size past which hardware will drop packets when setting LPE=0 */ #define MAXIMUM_ETHERNET_VLAN_SIZE 1522 +/* this is the size past which hardware will drop packets when setting LPE=1 */ +#define MAXIMUM_ETHERNET_LPE_SIZE 16384 /* * HW models: @@ -632,8 +634,9 @@ e1000_receive(void *opaque, const uint8_t *buf, int size) } /* Discard oversized packets if !LPE and !SBP. */ - if (size > MAXIMUM_ETHERNET_VLAN_SIZE - && !(s->mac_reg[RCTL] & E1000_RCTL_LPE) + if ((size > MAXIMUM_ETHERNET_LPE_SIZE || + (size > MAXIMUM_ETHERNET_VLAN_SIZE + && !(s->mac_reg[RCTL] & E1000_RCTL_LPE))) && !(s->mac_reg[RCTL] & E1000_RCTL_SBP)) { return size; } -- generated by git-patchbot for /home/xen/git/qemu-xen-unstable.git _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Thu Jan 17 12:22:28 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Thu, 17 Jan 2013 12:22:28 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvoUD-00069n-89; Thu, 17 Jan 2013 12:22:25 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvoUB-00069D-90 for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 12:22:23 +0000 Received: from [85.158.139.83:25783] by server-14.bemta-5.messagelabs.com id 84/07-07459-EFCE7F05; Thu, 17 Jan 2013 12:22:22 +0000 X-Env-Sender: ian.jackson@eu.citrix.com X-Msg-Ref: server-14.tower-182.messagelabs.com!1358425341!23996443!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 15204 invoked from network); 17 Jan 2013 12:22:22 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-14.tower-182.messagelabs.com with AES256-SHA encrypted SMTP; 17 Jan 2013 12:22:22 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvoU8-0005Fq-Ri for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 12:22:20 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvoU8-0002je-NC for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 12:22:20 +0000 Date: Thu, 17 Jan 2013 12:22:20 +0000 Message-Id: From: patchbot@xen.org To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [qemu-xen-4.2-testing] e1000: Discard oversized packets based on SBP|LPE X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org commit abe5aac3cd62018fa15802b07f975aba14fa75f5 Author: Michael Contreras Date: Wed Dec 5 13:31:30 2012 -0500 e1000: Discard oversized packets based on SBP|LPE Discard packets longer than 16384 when !SBP to match the hardware behavior. Signed-off-by: Michael Contreras Signed-off-by: Stefan Hajnoczi (cherry picked from commit 2c0331f4f7d241995452b99afaf0aab00493334a) [ This is a security vulnerablity, XSA-41 / CVE-2012-6075 (2nd patch). ] (cherry picked from commit e33f918c19e393900b95a2bb6b10668dfe96a8f2) --- hw/e1000.c | 7 +++++-- 1 files changed, 5 insertions(+), 2 deletions(-) diff --git a/hw/e1000.c b/hw/e1000.c index f0673f0..67d2651 100644 --- a/hw/e1000.c +++ b/hw/e1000.c @@ -57,6 +57,8 @@ static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL); /* this is the size past which hardware will drop packets when setting LPE=0 */ #define MAXIMUM_ETHERNET_VLAN_SIZE 1522 +/* this is the size past which hardware will drop packets when setting LPE=1 */ +#define MAXIMUM_ETHERNET_LPE_SIZE 16384 /* * HW models: @@ -632,8 +634,9 @@ e1000_receive(void *opaque, const uint8_t *buf, int size) } /* Discard oversized packets if !LPE and !SBP. */ - if (size > MAXIMUM_ETHERNET_VLAN_SIZE - && !(s->mac_reg[RCTL] & E1000_RCTL_LPE) + if ((size > MAXIMUM_ETHERNET_LPE_SIZE || + (size > MAXIMUM_ETHERNET_VLAN_SIZE + && !(s->mac_reg[RCTL] & E1000_RCTL_LPE))) && !(s->mac_reg[RCTL] & E1000_RCTL_SBP)) { return size; } -- generated by git-patchbot for /home/xen/git/qemu-xen-4.2-testing.git _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Thu Jan 17 12:22:28 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Thu, 17 Jan 2013 12:22:28 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvoUD-00069n-89; Thu, 17 Jan 2013 12:22:25 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvoUB-00069D-90 for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 12:22:23 +0000 Received: from [85.158.139.83:25783] by server-14.bemta-5.messagelabs.com id 84/07-07459-EFCE7F05; Thu, 17 Jan 2013 12:22:22 +0000 X-Env-Sender: ian.jackson@eu.citrix.com X-Msg-Ref: server-14.tower-182.messagelabs.com!1358425341!23996443!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 15204 invoked from network); 17 Jan 2013 12:22:22 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-14.tower-182.messagelabs.com with AES256-SHA encrypted SMTP; 17 Jan 2013 12:22:22 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TvoU8-0005Fq-Ri for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 12:22:20 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TvoU8-0002je-NC for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 12:22:20 +0000 Date: Thu, 17 Jan 2013 12:22:20 +0000 Message-Id: From: patchbot@xen.org To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [qemu-xen-4.2-testing] e1000: Discard oversized packets based on SBP|LPE X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org commit abe5aac3cd62018fa15802b07f975aba14fa75f5 Author: Michael Contreras Date: Wed Dec 5 13:31:30 2012 -0500 e1000: Discard oversized packets based on SBP|LPE Discard packets longer than 16384 when !SBP to match the hardware behavior. Signed-off-by: Michael Contreras Signed-off-by: Stefan Hajnoczi (cherry picked from commit 2c0331f4f7d241995452b99afaf0aab00493334a) [ This is a security vulnerablity, XSA-41 / CVE-2012-6075 (2nd patch). ] (cherry picked from commit e33f918c19e393900b95a2bb6b10668dfe96a8f2) --- hw/e1000.c | 7 +++++-- 1 files changed, 5 insertions(+), 2 deletions(-) diff --git a/hw/e1000.c b/hw/e1000.c index f0673f0..67d2651 100644 --- a/hw/e1000.c +++ b/hw/e1000.c @@ -57,6 +57,8 @@ static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL); /* this is the size past which hardware will drop packets when setting LPE=0 */ #define MAXIMUM_ETHERNET_VLAN_SIZE 1522 +/* this is the size past which hardware will drop packets when setting LPE=1 */ +#define MAXIMUM_ETHERNET_LPE_SIZE 16384 /* * HW models: @@ -632,8 +634,9 @@ e1000_receive(void *opaque, const uint8_t *buf, int size) } /* Discard oversized packets if !LPE and !SBP. */ - if (size > MAXIMUM_ETHERNET_VLAN_SIZE - && !(s->mac_reg[RCTL] & E1000_RCTL_LPE) + if ((size > MAXIMUM_ETHERNET_LPE_SIZE || + (size > MAXIMUM_ETHERNET_VLAN_SIZE + && !(s->mac_reg[RCTL] & E1000_RCTL_LPE))) && !(s->mac_reg[RCTL] & E1000_RCTL_SBP)) { return size; } -- generated by git-patchbot for /home/xen/git/qemu-xen-4.2-testing.git _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Thu Jan 17 14:00:20 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Thu, 17 Jan 2013 14:00:20 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tvq0v-0006ZU-O8; Thu, 17 Jan 2013 14:00:17 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tvq0t-0006ZC-Ux for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 14:00:16 +0000 Received: from [85.158.137.99:60244] by server-11.bemta-3.messagelabs.com id BF/A5-01807-EE308F05; Thu, 17 Jan 2013 14:00:14 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-11.tower-217.messagelabs.com!1358431210!16477112!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 4007 invoked from network); 17 Jan 2013 14:00:12 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-11.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 17 Jan 2013 14:00:12 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tvq0o-0006XS-KU for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 14:00:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tvq0n-0005qF-V5 for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 14:00:10 +0000 Message-Id: Date: Thu, 17 Jan 2013 14:00:09 +0000 From: Xen patchbot-4.2-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.2-testing] QEMU_TAG update X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Jackson # Date 1358345659 0 # Node ID 85fcb5621c2bbe22a6dfc94b60260bb702040794 # Parent 2fff08507addd9626abdf3ad2f9321586236e4f2 QEMU_TAG update --- diff -r 2fff08507add -r 85fcb5621c2b Config.mk --- a/Config.mk Wed Jan 09 17:16:00 2013 +0100 +++ b/Config.mk Wed Jan 16 14:14:19 2013 +0000 @@ -214,7 +214,10 @@ ETHERBOOT_NICS ?= rtl8139 8086100e # CONFIG_QEMU ?= `pwd`/$(XEN_ROOT)/../qemu-xen.git CONFIG_QEMU ?= $(QEMU_REMOTE) -QEMU_TAG ?= xen-4.2.1 +QEMU_TAG ?= 48d332ba8ef0bd9754b9d16f9e5629b00f85d735 +# Author: Michael Contreras +# Date: Sun Dec 2 20:11:22 2012 -0800 +# e1000: Discard packets that are too long if !SBP and !LPE # Short answer -- do not enable this unless you know what you are # doing and are prepared for some pain. _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Thu Jan 17 14:00:20 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Thu, 17 Jan 2013 14:00:20 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tvq0v-0006ZU-O8; Thu, 17 Jan 2013 14:00:17 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tvq0t-0006ZC-Ux for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 14:00:16 +0000 Received: from [85.158.137.99:60244] by server-11.bemta-3.messagelabs.com id BF/A5-01807-EE308F05; Thu, 17 Jan 2013 14:00:14 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-11.tower-217.messagelabs.com!1358431210!16477112!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 4007 invoked from network); 17 Jan 2013 14:00:12 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-11.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 17 Jan 2013 14:00:12 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tvq0o-0006XS-KU for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 14:00:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tvq0n-0005qF-V5 for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 14:00:10 +0000 Message-Id: Date: Thu, 17 Jan 2013 14:00:09 +0000 From: Xen patchbot-4.2-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.2-testing] QEMU_TAG update X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Jackson # Date 1358345659 0 # Node ID 85fcb5621c2bbe22a6dfc94b60260bb702040794 # Parent 2fff08507addd9626abdf3ad2f9321586236e4f2 QEMU_TAG update --- diff -r 2fff08507add -r 85fcb5621c2b Config.mk --- a/Config.mk Wed Jan 09 17:16:00 2013 +0100 +++ b/Config.mk Wed Jan 16 14:14:19 2013 +0000 @@ -214,7 +214,10 @@ ETHERBOOT_NICS ?= rtl8139 8086100e # CONFIG_QEMU ?= `pwd`/$(XEN_ROOT)/../qemu-xen.git CONFIG_QEMU ?= $(QEMU_REMOTE) -QEMU_TAG ?= xen-4.2.1 +QEMU_TAG ?= 48d332ba8ef0bd9754b9d16f9e5629b00f85d735 +# Author: Michael Contreras +# Date: Sun Dec 2 20:11:22 2012 -0800 +# e1000: Discard packets that are too long if !SBP and !LPE # Short answer -- do not enable this unless you know what you are # doing and are prepared for some pain. _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Thu Jan 17 16:00:16 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Thu, 17 Jan 2013 16:00:16 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tvrsy-0008No-FV; Thu, 17 Jan 2013 16:00:12 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tvrsx-0008NS-Ao for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 16:00:11 +0000 Received: from [85.158.139.83:55142] by server-15.bemta-5.messagelabs.com id 50/9B-18817-A0028F05; Thu, 17 Jan 2013 16:00:10 +0000 X-Env-Sender: ian.jackson@eu.citrix.com X-Msg-Ref: server-4.tower-182.messagelabs.com!1358438405!25588043!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 14526 invoked from network); 17 Jan 2013 16:00:06 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-4.tower-182.messagelabs.com with AES256-SHA encrypted SMTP; 17 Jan 2013 16:00:06 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tvrsr-0008AO-CK for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 16:00:05 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tvrsq-0000fn-Mj for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 16:00:04 +0000 Date: Thu, 17 Jan 2013 16:00:04 +0000 Message-Id: From: patchbot@xen.org To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [qemu-xen-unstable] e1000: fix compile warning introduced by security fix, and debugging X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org commit 2a1354d655d816feaad7dbdb8364f40a208439c1 Author: Ian Jackson Date: Thu Jan 17 15:52:16 2013 +0000 e1000: fix compile warning introduced by security fix, and debugging e33f918c19e393900b95a2bb6b10668dfe96a8f2, the fix for XSA-41, and its cherry picks in 4.2 and 4.1 introduced this compiler warning: hw/e1000.c:641: warning: 'return' with a value, in function returning void In upstream qemu (where this change came from), e1000_receive returns a value used by queueing machinery to decide whether to try resubmitting the packet later. Returning "size" means that the packet has been dealt with and should not be retried. In this old branch (aka qemu-xen-traditional), this machinery is absent and e1000_receive returns void. Fix the return statement. Also add a debugging statement along the lines of the others in this function. Signed-off-by: Ian Jackson --- hw/e1000.c | 3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diff --git a/hw/e1000.c b/hw/e1000.c index 67d2651..c75bc5e 100644 --- a/hw/e1000.c +++ b/hw/e1000.c @@ -638,7 +638,8 @@ e1000_receive(void *opaque, const uint8_t *buf, int size) (size > MAXIMUM_ETHERNET_VLAN_SIZE && !(s->mac_reg[RCTL] & E1000_RCTL_LPE))) && !(s->mac_reg[RCTL] & E1000_RCTL_SBP)) { - return size; + DBGOUT(RX, "packet too large for applicable LPE/VLAN size\n"); + return; } if (!receive_filter(s, buf, size)) -- generated by git-patchbot for /home/xen/git/qemu-xen-unstable.git _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Thu Jan 17 16:00:16 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Thu, 17 Jan 2013 16:00:16 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tvrsy-0008No-FV; Thu, 17 Jan 2013 16:00:12 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tvrsx-0008NS-Ao for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 16:00:11 +0000 Received: from [85.158.139.83:55142] by server-15.bemta-5.messagelabs.com id 50/9B-18817-A0028F05; Thu, 17 Jan 2013 16:00:10 +0000 X-Env-Sender: ian.jackson@eu.citrix.com X-Msg-Ref: server-4.tower-182.messagelabs.com!1358438405!25588043!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 14526 invoked from network); 17 Jan 2013 16:00:06 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-4.tower-182.messagelabs.com with AES256-SHA encrypted SMTP; 17 Jan 2013 16:00:06 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tvrsr-0008AO-CK for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 16:00:05 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tvrsq-0000fn-Mj for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 16:00:04 +0000 Date: Thu, 17 Jan 2013 16:00:04 +0000 Message-Id: From: patchbot@xen.org To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [qemu-xen-unstable] e1000: fix compile warning introduced by security fix, and debugging X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org commit 2a1354d655d816feaad7dbdb8364f40a208439c1 Author: Ian Jackson Date: Thu Jan 17 15:52:16 2013 +0000 e1000: fix compile warning introduced by security fix, and debugging e33f918c19e393900b95a2bb6b10668dfe96a8f2, the fix for XSA-41, and its cherry picks in 4.2 and 4.1 introduced this compiler warning: hw/e1000.c:641: warning: 'return' with a value, in function returning void In upstream qemu (where this change came from), e1000_receive returns a value used by queueing machinery to decide whether to try resubmitting the packet later. Returning "size" means that the packet has been dealt with and should not be retried. In this old branch (aka qemu-xen-traditional), this machinery is absent and e1000_receive returns void. Fix the return statement. Also add a debugging statement along the lines of the others in this function. Signed-off-by: Ian Jackson --- hw/e1000.c | 3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diff --git a/hw/e1000.c b/hw/e1000.c index 67d2651..c75bc5e 100644 --- a/hw/e1000.c +++ b/hw/e1000.c @@ -638,7 +638,8 @@ e1000_receive(void *opaque, const uint8_t *buf, int size) (size > MAXIMUM_ETHERNET_VLAN_SIZE && !(s->mac_reg[RCTL] & E1000_RCTL_LPE))) && !(s->mac_reg[RCTL] & E1000_RCTL_SBP)) { - return size; + DBGOUT(RX, "packet too large for applicable LPE/VLAN size\n"); + return; } if (!receive_filter(s, buf, size)) -- generated by git-patchbot for /home/xen/git/qemu-xen-unstable.git _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Thu Jan 17 16:11:19 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Thu, 17 Jan 2013 16:11:19 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tvs3f-0001b6-Sa; Thu, 17 Jan 2013 16:11:15 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tvs3e-0001a0-2Y for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 16:11:14 +0000 Received: from [193.109.254.147:36059] by server-9.bemta-14.messagelabs.com id 74/9E-24482-1A228F05; Thu, 17 Jan 2013 16:11:13 +0000 X-Env-Sender: ian.jackson@eu.citrix.com X-Msg-Ref: server-2.tower-27.messagelabs.com!1358439071!9126436!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 22999 invoked from network); 17 Jan 2013 16:11:12 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-2.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 17 Jan 2013 16:11:12 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tvs3a-0008O3-Sj for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 16:11:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tvs3a-00012i-Gp for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 16:11:10 +0000 Date: Thu, 17 Jan 2013 16:11:10 +0000 Message-Id: From: patchbot@xen.org To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [qemu-xen-4.1-testing] e1000: fix compile warning introduced by security fix, and debugging X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org commit 7a3a2aaa8fd1049fa0f033c5113e165900c84758 Author: Ian Jackson Date: Thu Jan 17 15:52:16 2013 +0000 e1000: fix compile warning introduced by security fix, and debugging e33f918c19e393900b95a2bb6b10668dfe96a8f2, the fix for XSA-41, and its cherry picks in 4.2 and 4.1 introduced this compiler warning: hw/e1000.c:641: warning: 'return' with a value, in function returning void In upstream qemu (where this change came from), e1000_receive returns a value used by queueing machinery to decide whether to try resubmitting the packet later. Returning "size" means that the packet has been dealt with and should not be retried. In this old branch (aka qemu-xen-traditional), this machinery is absent and e1000_receive returns void. Fix the return statement. Also add a debugging statement along the lines of the others in this function. Signed-off-by: Ian Jackson (cherry picked from commit 2a1354d655d816feaad7dbdb8364f40a208439c1) --- hw/e1000.c | 3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diff --git a/hw/e1000.c b/hw/e1000.c index 67d2651..c75bc5e 100644 --- a/hw/e1000.c +++ b/hw/e1000.c @@ -638,7 +638,8 @@ e1000_receive(void *opaque, const uint8_t *buf, int size) (size > MAXIMUM_ETHERNET_VLAN_SIZE && !(s->mac_reg[RCTL] & E1000_RCTL_LPE))) && !(s->mac_reg[RCTL] & E1000_RCTL_SBP)) { - return size; + DBGOUT(RX, "packet too large for applicable LPE/VLAN size\n"); + return; } if (!receive_filter(s, buf, size)) -- generated by git-patchbot for /home/xen/git/qemu-xen-4.1-testing.git _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Thu Jan 17 16:11:19 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Thu, 17 Jan 2013 16:11:19 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tvs3f-0001b6-Sa; Thu, 17 Jan 2013 16:11:15 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tvs3e-0001a0-2Y for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 16:11:14 +0000 Received: from [193.109.254.147:36059] by server-9.bemta-14.messagelabs.com id 74/9E-24482-1A228F05; Thu, 17 Jan 2013 16:11:13 +0000 X-Env-Sender: ian.jackson@eu.citrix.com X-Msg-Ref: server-2.tower-27.messagelabs.com!1358439071!9126436!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 22999 invoked from network); 17 Jan 2013 16:11:12 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-2.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 17 Jan 2013 16:11:12 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tvs3a-0008O3-Sj for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 16:11:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tvs3a-00012i-Gp for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 16:11:10 +0000 Date: Thu, 17 Jan 2013 16:11:10 +0000 Message-Id: From: patchbot@xen.org To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [qemu-xen-4.1-testing] e1000: fix compile warning introduced by security fix, and debugging X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org commit 7a3a2aaa8fd1049fa0f033c5113e165900c84758 Author: Ian Jackson Date: Thu Jan 17 15:52:16 2013 +0000 e1000: fix compile warning introduced by security fix, and debugging e33f918c19e393900b95a2bb6b10668dfe96a8f2, the fix for XSA-41, and its cherry picks in 4.2 and 4.1 introduced this compiler warning: hw/e1000.c:641: warning: 'return' with a value, in function returning void In upstream qemu (where this change came from), e1000_receive returns a value used by queueing machinery to decide whether to try resubmitting the packet later. Returning "size" means that the packet has been dealt with and should not be retried. In this old branch (aka qemu-xen-traditional), this machinery is absent and e1000_receive returns void. Fix the return statement. Also add a debugging statement along the lines of the others in this function. Signed-off-by: Ian Jackson (cherry picked from commit 2a1354d655d816feaad7dbdb8364f40a208439c1) --- hw/e1000.c | 3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diff --git a/hw/e1000.c b/hw/e1000.c index 67d2651..c75bc5e 100644 --- a/hw/e1000.c +++ b/hw/e1000.c @@ -638,7 +638,8 @@ e1000_receive(void *opaque, const uint8_t *buf, int size) (size > MAXIMUM_ETHERNET_VLAN_SIZE && !(s->mac_reg[RCTL] & E1000_RCTL_LPE))) && !(s->mac_reg[RCTL] & E1000_RCTL_SBP)) { - return size; + DBGOUT(RX, "packet too large for applicable LPE/VLAN size\n"); + return; } if (!receive_filter(s, buf, size)) -- generated by git-patchbot for /home/xen/git/qemu-xen-4.1-testing.git _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Thu Jan 17 16:14:57 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Thu, 17 Jan 2013 16:14:57 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tvs7D-0002Bo-Qa; Thu, 17 Jan 2013 16:14:55 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tvs7B-0002Bd-Rp for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 16:14:54 +0000 Received: from [85.158.143.35:52900] by server-1.bemta-4.messagelabs.com id 63/F3-18740-D7328F05; Thu, 17 Jan 2013 16:14:53 +0000 X-Env-Sender: ian.jackson@eu.citrix.com X-Msg-Ref: server-7.tower-21.messagelabs.com!1358439087!11890179!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 27128 invoked from network); 17 Jan 2013 16:11:31 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-7.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 17 Jan 2013 16:11:31 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tvs3r-0008OH-7i for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 16:11:27 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tvs3q-000144-Rq for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 16:11:26 +0000 Date: Thu, 17 Jan 2013 16:11:26 +0000 Message-Id: From: patchbot@xen.org To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [qemu-xen-4.2-testing] e1000: fix compile warning introduced by security fix, and debugging X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org commit ad6cb8a6550d0f0550252db4e05c305086ea9a65 Author: Ian Jackson Date: Thu Jan 17 15:52:16 2013 +0000 e1000: fix compile warning introduced by security fix, and debugging e33f918c19e393900b95a2bb6b10668dfe96a8f2, the fix for XSA-41, and its cherry picks in 4.2 and 4.1 introduced this compiler warning: hw/e1000.c:641: warning: 'return' with a value, in function returning void In upstream qemu (where this change came from), e1000_receive returns a value used by queueing machinery to decide whether to try resubmitting the packet later. Returning "size" means that the packet has been dealt with and should not be retried. In this old branch (aka qemu-xen-traditional), this machinery is absent and e1000_receive returns void. Fix the return statement. Also add a debugging statement along the lines of the others in this function. Signed-off-by: Ian Jackson (cherry picked from commit 2a1354d655d816feaad7dbdb8364f40a208439c1) --- hw/e1000.c | 3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diff --git a/hw/e1000.c b/hw/e1000.c index 67d2651..c75bc5e 100644 --- a/hw/e1000.c +++ b/hw/e1000.c @@ -638,7 +638,8 @@ e1000_receive(void *opaque, const uint8_t *buf, int size) (size > MAXIMUM_ETHERNET_VLAN_SIZE && !(s->mac_reg[RCTL] & E1000_RCTL_LPE))) && !(s->mac_reg[RCTL] & E1000_RCTL_SBP)) { - return size; + DBGOUT(RX, "packet too large for applicable LPE/VLAN size\n"); + return; } if (!receive_filter(s, buf, size)) -- generated by git-patchbot for /home/xen/git/qemu-xen-4.2-testing.git _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Thu Jan 17 16:14:57 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Thu, 17 Jan 2013 16:14:57 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tvs7D-0002Bo-Qa; Thu, 17 Jan 2013 16:14:55 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tvs7B-0002Bd-Rp for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 16:14:54 +0000 Received: from [85.158.143.35:52900] by server-1.bemta-4.messagelabs.com id 63/F3-18740-D7328F05; Thu, 17 Jan 2013 16:14:53 +0000 X-Env-Sender: ian.jackson@eu.citrix.com X-Msg-Ref: server-7.tower-21.messagelabs.com!1358439087!11890179!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 27128 invoked from network); 17 Jan 2013 16:11:31 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-7.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 17 Jan 2013 16:11:31 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tvs3r-0008OH-7i for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 16:11:27 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tvs3q-000144-Rq for xen-changelog@lists.xensource.com; Thu, 17 Jan 2013 16:11:26 +0000 Date: Thu, 17 Jan 2013 16:11:26 +0000 Message-Id: From: patchbot@xen.org To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [qemu-xen-4.2-testing] e1000: fix compile warning introduced by security fix, and debugging X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org commit ad6cb8a6550d0f0550252db4e05c305086ea9a65 Author: Ian Jackson Date: Thu Jan 17 15:52:16 2013 +0000 e1000: fix compile warning introduced by security fix, and debugging e33f918c19e393900b95a2bb6b10668dfe96a8f2, the fix for XSA-41, and its cherry picks in 4.2 and 4.1 introduced this compiler warning: hw/e1000.c:641: warning: 'return' with a value, in function returning void In upstream qemu (where this change came from), e1000_receive returns a value used by queueing machinery to decide whether to try resubmitting the packet later. Returning "size" means that the packet has been dealt with and should not be retried. In this old branch (aka qemu-xen-traditional), this machinery is absent and e1000_receive returns void. Fix the return statement. Also add a debugging statement along the lines of the others in this function. Signed-off-by: Ian Jackson (cherry picked from commit 2a1354d655d816feaad7dbdb8364f40a208439c1) --- hw/e1000.c | 3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diff --git a/hw/e1000.c b/hw/e1000.c index 67d2651..c75bc5e 100644 --- a/hw/e1000.c +++ b/hw/e1000.c @@ -638,7 +638,8 @@ e1000_receive(void *opaque, const uint8_t *buf, int size) (size > MAXIMUM_ETHERNET_VLAN_SIZE && !(s->mac_reg[RCTL] & E1000_RCTL_LPE))) && !(s->mac_reg[RCTL] & E1000_RCTL_SBP)) { - return size; + DBGOUT(RX, "packet too large for applicable LPE/VLAN size\n"); + return; } if (!receive_filter(s, buf, size)) -- generated by git-patchbot for /home/xen/git/qemu-xen-4.2-testing.git _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 03:11:20 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 03:11:20 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw2MM-0007gA-NJ; Fri, 18 Jan 2013 03:11:14 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw2ML-0007eu-8b for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 03:11:13 +0000 Received: from [85.158.137.99:48894] by server-9.bemta-3.messagelabs.com id FD/86-08786-05DB8F05; Fri, 18 Jan 2013 03:11:12 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-12.tower-217.messagelabs.com!1358478670!14308170!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 21059 invoked from network); 18 Jan 2013 03:11:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-12.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 03:11:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw2MH-0005sv-SI for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 03:11:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tw2MH-0001MB-8U for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 03:11:09 +0000 Message-Id: Date: Fri, 18 Jan 2013 03:11:08 +0000 From: Xen patchbot-4.2-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.2-testing] QEMU_TAG update X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Jackson # Date 1358424741 0 # Node ID 033ebaabdca2361aab5f03f8c829b252d90004ca # Parent 85fcb5621c2bbe22a6dfc94b60260bb702040794 QEMU_TAG update --- diff -r 85fcb5621c2b -r 033ebaabdca2 Config.mk --- a/Config.mk Wed Jan 16 14:14:19 2013 +0000 +++ b/Config.mk Thu Jan 17 12:12:21 2013 +0000 @@ -1,3 +1,6 @@ +pulling from ssh://xenbits.xen.org//home/xen/HG/staging/xen-4.2-testing.hg +searching for changes +no changes found # -*- mode: Makefile; -*- ifeq ($(filter /%,$(XEN_ROOT)),) @@ -214,10 +217,9 @@ ETHERBOOT_NICS ?= rtl8139 8086100e # CONFIG_QEMU ?= `pwd`/$(XEN_ROOT)/../qemu-xen.git CONFIG_QEMU ?= $(QEMU_REMOTE) -QEMU_TAG ?= 48d332ba8ef0bd9754b9d16f9e5629b00f85d735 -# Author: Michael Contreras -# Date: Sun Dec 2 20:11:22 2012 -0800 -# e1000: Discard packets that are too long if !SBP and !LPE +QEMU_TAG ?= abe5aac3cd62018fa15802b07f975aba14fa75f5 +# Wed Dec 5 13:31:30 2012 -0500 +# e1000: Discard oversized packets based on SBP|LPE # Short answer -- do not enable this unless you know what you are # doing and are prepared for some pain. _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 03:11:20 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 03:11:20 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw2MM-0007gA-NJ; Fri, 18 Jan 2013 03:11:14 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw2ML-0007eu-8b for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 03:11:13 +0000 Received: from [85.158.137.99:48894] by server-9.bemta-3.messagelabs.com id FD/86-08786-05DB8F05; Fri, 18 Jan 2013 03:11:12 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-12.tower-217.messagelabs.com!1358478670!14308170!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 21059 invoked from network); 18 Jan 2013 03:11:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-12.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 03:11:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw2MH-0005sv-SI for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 03:11:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tw2MH-0001MB-8U for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 03:11:09 +0000 Message-Id: Date: Fri, 18 Jan 2013 03:11:08 +0000 From: Xen patchbot-4.2-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.2-testing] QEMU_TAG update X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Jackson # Date 1358424741 0 # Node ID 033ebaabdca2361aab5f03f8c829b252d90004ca # Parent 85fcb5621c2bbe22a6dfc94b60260bb702040794 QEMU_TAG update --- diff -r 85fcb5621c2b -r 033ebaabdca2 Config.mk --- a/Config.mk Wed Jan 16 14:14:19 2013 +0000 +++ b/Config.mk Thu Jan 17 12:12:21 2013 +0000 @@ -1,3 +1,6 @@ +pulling from ssh://xenbits.xen.org//home/xen/HG/staging/xen-4.2-testing.hg +searching for changes +no changes found # -*- mode: Makefile; -*- ifeq ($(filter /%,$(XEN_ROOT)),) @@ -214,10 +217,9 @@ ETHERBOOT_NICS ?= rtl8139 8086100e # CONFIG_QEMU ?= `pwd`/$(XEN_ROOT)/../qemu-xen.git CONFIG_QEMU ?= $(QEMU_REMOTE) -QEMU_TAG ?= 48d332ba8ef0bd9754b9d16f9e5629b00f85d735 -# Author: Michael Contreras -# Date: Sun Dec 2 20:11:22 2012 -0800 -# e1000: Discard packets that are too long if !SBP and !LPE +QEMU_TAG ?= abe5aac3cd62018fa15802b07f975aba14fa75f5 +# Wed Dec 5 13:31:30 2012 -0500 +# e1000: Discard oversized packets based on SBP|LPE # Short answer -- do not enable this unless you know what you are # doing and are prepared for some pain. _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 03:11:28 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 03:11:28 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw2MV-0007l6-R8; Fri, 18 Jan 2013 03:11:23 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw2MU-0007jh-3M for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 03:11:22 +0000 Received: from [193.109.254.147:13203] by server-8.bemta-14.messagelabs.com id 3C/0D-26341-95DB8F05; Fri, 18 Jan 2013 03:11:21 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-15.tower-27.messagelabs.com!1358478670!2443298!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 32186 invoked from network); 18 Jan 2013 03:11:12 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-15.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 03:11:12 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw2MI-0005sy-6w for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 03:11:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tw2MH-0001MQ-Rw for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 03:11:09 +0000 Message-Id: Date: Fri, 18 Jan 2013 03:11:09 +0000 From: Xen patchbot-4.2-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.2-testing] Config.mk: delete accidentally introduced drivel X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Jackson # Date 1358425392 0 # Node ID 40d86973267337f38f58503c34d3437c9adb893a # Parent 033ebaabdca2361aab5f03f8c829b252d90004ca Config.mk: delete accidentally introduced drivel --- diff -r 033ebaabdca2 -r 40d869732673 Config.mk --- a/Config.mk Thu Jan 17 12:12:21 2013 +0000 +++ b/Config.mk Thu Jan 17 12:23:12 2013 +0000 @@ -1,6 +1,3 @@ -pulling from ssh://xenbits.xen.org//home/xen/HG/staging/xen-4.2-testing.hg -searching for changes -no changes found # -*- mode: Makefile; -*- ifeq ($(filter /%,$(XEN_ROOT)),) _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 03:11:28 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 03:11:28 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw2MV-0007l6-R8; Fri, 18 Jan 2013 03:11:23 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw2MU-0007jh-3M for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 03:11:22 +0000 Received: from [193.109.254.147:13203] by server-8.bemta-14.messagelabs.com id 3C/0D-26341-95DB8F05; Fri, 18 Jan 2013 03:11:21 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-15.tower-27.messagelabs.com!1358478670!2443298!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 32186 invoked from network); 18 Jan 2013 03:11:12 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-15.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 03:11:12 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw2MI-0005sy-6w for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 03:11:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tw2MH-0001MQ-Rw for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 03:11:09 +0000 Message-Id: Date: Fri, 18 Jan 2013 03:11:09 +0000 From: Xen patchbot-4.2-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.2-testing] Config.mk: delete accidentally introduced drivel X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Jackson # Date 1358425392 0 # Node ID 40d86973267337f38f58503c34d3437c9adb893a # Parent 033ebaabdca2361aab5f03f8c829b252d90004ca Config.mk: delete accidentally introduced drivel --- diff -r 033ebaabdca2 -r 40d869732673 Config.mk --- a/Config.mk Thu Jan 17 12:12:21 2013 +0000 +++ b/Config.mk Thu Jan 17 12:23:12 2013 +0000 @@ -1,6 +1,3 @@ -pulling from ssh://xenbits.xen.org//home/xen/HG/staging/xen-4.2-testing.hg -searching for changes -no changes found # -*- mode: Makefile; -*- ifeq ($(filter /%,$(XEN_ROOT)),) _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 04:11:13 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 04:11:13 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw3IL-0001T2-Ur; Fri, 18 Jan 2013 04:11:09 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw3IJ-0001Su-Ve for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 04:11:08 +0000 Received: from [85.158.139.83:18770] by server-9.bemta-5.messagelabs.com id 11/1B-29536-B5BC8F05; Fri, 18 Jan 2013 04:11:07 +0000 X-Env-Sender: ian.jackson@eu.citrix.com X-Msg-Ref: server-8.tower-182.messagelabs.com!1358482264!17100601!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 15664 invoked from network); 18 Jan 2013 04:11:06 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-8.tower-182.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 04:11:06 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw3IG-0006Xk-G3 for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 04:11:04 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tw3IF-0002mk-Tv for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 04:11:04 +0000 Date: Fri, 18 Jan 2013 04:11:03 +0000 Message-Id: From: patchbot@xen.org To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [qemu-upstream-unstable] e1000: Discard oversized packets based on SBP|LPE X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org commit e6e112f5f1b8a9dde8dd037d6a48f621d8a6ca01 Author: Michael Contreras Date: Wed Dec 5 13:31:30 2012 -0500 e1000: Discard oversized packets based on SBP|LPE Discard packets longer than 16384 when !SBP to match the hardware behavior. upstream-commit-id: 2c0331f4f7d241995452b99afaf0aab00493334a security-tags: XSA-41, CVE-2012-6075 Signed-off-by: Michael Contreras Signed-off-by: Stefan Hajnoczi --- hw/e1000.c | 7 +++++-- 1 files changed, 5 insertions(+), 2 deletions(-) diff --git a/hw/e1000.c b/hw/e1000.c index 5537ad2..e772c8e 100644 --- a/hw/e1000.c +++ b/hw/e1000.c @@ -61,6 +61,8 @@ static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL); /* this is the size past which hardware will drop packets when setting LPE=0 */ #define MAXIMUM_ETHERNET_VLAN_SIZE 1522 +/* this is the size past which hardware will drop packets when setting LPE=1 */ +#define MAXIMUM_ETHERNET_LPE_SIZE 16384 /* * HW models: @@ -809,8 +811,9 @@ e1000_receive(NetClientState *nc, const uint8_t *buf, size_t size) } /* Discard oversized packets if !LPE and !SBP. */ - if (size > MAXIMUM_ETHERNET_VLAN_SIZE - && !(s->mac_reg[RCTL] & E1000_RCTL_LPE) + if ((size > MAXIMUM_ETHERNET_LPE_SIZE || + (size > MAXIMUM_ETHERNET_VLAN_SIZE + && !(s->mac_reg[RCTL] & E1000_RCTL_LPE))) && !(s->mac_reg[RCTL] & E1000_RCTL_SBP)) { return size; } -- generated by git-patchbot for /home/xen/git/qemu-upstream-unstable.git _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 04:11:13 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 04:11:13 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw3IL-0001T2-Ur; Fri, 18 Jan 2013 04:11:09 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw3IJ-0001Su-Ve for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 04:11:08 +0000 Received: from [85.158.139.83:18770] by server-9.bemta-5.messagelabs.com id 11/1B-29536-B5BC8F05; Fri, 18 Jan 2013 04:11:07 +0000 X-Env-Sender: ian.jackson@eu.citrix.com X-Msg-Ref: server-8.tower-182.messagelabs.com!1358482264!17100601!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 15664 invoked from network); 18 Jan 2013 04:11:06 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-8.tower-182.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 04:11:06 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw3IG-0006Xk-G3 for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 04:11:04 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tw3IF-0002mk-Tv for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 04:11:04 +0000 Date: Fri, 18 Jan 2013 04:11:03 +0000 Message-Id: From: patchbot@xen.org To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [qemu-upstream-unstable] e1000: Discard oversized packets based on SBP|LPE X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org commit e6e112f5f1b8a9dde8dd037d6a48f621d8a6ca01 Author: Michael Contreras Date: Wed Dec 5 13:31:30 2012 -0500 e1000: Discard oversized packets based on SBP|LPE Discard packets longer than 16384 when !SBP to match the hardware behavior. upstream-commit-id: 2c0331f4f7d241995452b99afaf0aab00493334a security-tags: XSA-41, CVE-2012-6075 Signed-off-by: Michael Contreras Signed-off-by: Stefan Hajnoczi --- hw/e1000.c | 7 +++++-- 1 files changed, 5 insertions(+), 2 deletions(-) diff --git a/hw/e1000.c b/hw/e1000.c index 5537ad2..e772c8e 100644 --- a/hw/e1000.c +++ b/hw/e1000.c @@ -61,6 +61,8 @@ static int debugflags = DBGBIT(TXERR) | DBGBIT(GENERAL); /* this is the size past which hardware will drop packets when setting LPE=0 */ #define MAXIMUM_ETHERNET_VLAN_SIZE 1522 +/* this is the size past which hardware will drop packets when setting LPE=1 */ +#define MAXIMUM_ETHERNET_LPE_SIZE 16384 /* * HW models: @@ -809,8 +811,9 @@ e1000_receive(NetClientState *nc, const uint8_t *buf, size_t size) } /* Discard oversized packets if !LPE and !SBP. */ - if (size > MAXIMUM_ETHERNET_VLAN_SIZE - && !(s->mac_reg[RCTL] & E1000_RCTL_LPE) + if ((size > MAXIMUM_ETHERNET_LPE_SIZE || + (size > MAXIMUM_ETHERNET_VLAN_SIZE + && !(s->mac_reg[RCTL] & E1000_RCTL_LPE))) && !(s->mac_reg[RCTL] & E1000_RCTL_SBP)) { return size; } -- generated by git-patchbot for /home/xen/git/qemu-upstream-unstable.git _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 10:33:21 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 10:33:21 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9GA-0000Ji-7e; Fri, 18 Jan 2013 10:33:18 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9G8-0000JK-9r for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:16 +0000 Received: from [193.109.254.147:2525] by server-8.bemta-14.messagelabs.com id 0A/62-26341-BE429F05; Fri, 18 Jan 2013 10:33:15 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-10.tower-27.messagelabs.com!1358505193!3486344!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 21154 invoked from network); 18 Jan 2013 10:33:14 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-10.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 10:33:14 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9G5-0002nU-Hf for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:13 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tw9G5-0003qr-GP for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:13 +0000 Message-Id: Date: Fri, 18 Jan 2013 10:33:13 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] libxl: don't continue to create the domain if the device model is not spawned X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Julien Grall # Date 1358430789 0 # Node ID cdbfe54df8afb72379462a9aafd1d3d72739462e # Parent 414e6d1c9680614e283d48dbe9d91452de8c27b6 libxl: don't continue to create the domain if the device model is not spawned When the device model can't be spawned, rc variable is cleared in device_model_spawn_outcome (libxl_dm.c). In this case libxl will continue to create the domain and let it between life and death. Signed-off-by: Julien Grall Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r 414e6d1c9680 -r cdbfe54df8af tools/libxl/libxl_dm.c --- a/tools/libxl/libxl_dm.c Thu Jan 17 13:53:07 2013 +0000 +++ b/tools/libxl/libxl_dm.c Thu Jan 17 13:53:09 2013 +0000 @@ -1215,8 +1215,6 @@ static void device_model_spawn_outcome(l } } - rc = 0; - out: dmss->callback(egc, dmss, rc); } _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 10:33:21 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 10:33:21 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9GA-0000Ji-7e; Fri, 18 Jan 2013 10:33:18 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9G8-0000JK-9r for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:16 +0000 Received: from [193.109.254.147:2525] by server-8.bemta-14.messagelabs.com id 0A/62-26341-BE429F05; Fri, 18 Jan 2013 10:33:15 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-10.tower-27.messagelabs.com!1358505193!3486344!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 21154 invoked from network); 18 Jan 2013 10:33:14 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-10.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 10:33:14 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9G5-0002nU-Hf for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:13 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tw9G5-0003qr-GP for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:13 +0000 Message-Id: Date: Fri, 18 Jan 2013 10:33:13 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] libxl: don't continue to create the domain if the device model is not spawned X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Julien Grall # Date 1358430789 0 # Node ID cdbfe54df8afb72379462a9aafd1d3d72739462e # Parent 414e6d1c9680614e283d48dbe9d91452de8c27b6 libxl: don't continue to create the domain if the device model is not spawned When the device model can't be spawned, rc variable is cleared in device_model_spawn_outcome (libxl_dm.c). In this case libxl will continue to create the domain and let it between life and death. Signed-off-by: Julien Grall Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r 414e6d1c9680 -r cdbfe54df8af tools/libxl/libxl_dm.c --- a/tools/libxl/libxl_dm.c Thu Jan 17 13:53:07 2013 +0000 +++ b/tools/libxl/libxl_dm.c Thu Jan 17 13:53:09 2013 +0000 @@ -1215,8 +1215,6 @@ static void device_model_spawn_outcome(l } } - rc = 0; - out: dmss->callback(egc, dmss, rc); } _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 10:33:21 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 10:33:21 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9GA-0000Jn-AJ; Fri, 18 Jan 2013 10:33:18 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9G8-0000JP-KC for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:16 +0000 Received: from [85.158.143.99:21387] by server-1.bemta-4.messagelabs.com id 6F/E4-18740-BE429F05; Fri, 18 Jan 2013 10:33:15 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-5.tower-216.messagelabs.com!1358505193!28147453!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 7777 invoked from network); 18 Jan 2013 10:33:14 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-5.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 10:33:14 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9G5-0002nR-4t for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:13 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tw9G5-0003qc-0H for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:13 +0000 Message-Id: Date: Fri, 18 Jan 2013 10:33:12 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] Fix pygrub handling non-default entry X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Miroslav Rezanina # Date 1358430787 0 # Node ID 414e6d1c9680614e283d48dbe9d91452de8c27b6 # Parent 7359c3122c5d935476ee494706db5249c8df6abc Fix pygrub handling non-default entry If we pass 0 as pygrub --entry argument (i.e. we want to boot first item), default value is used instead. This is dueto wrong check for range of allowed values of index - 0 is index of first item. Signed-off-by: Miroslav Rezanina Acked-by: Matt Wilson Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r 7359c3122c5d -r 414e6d1c9680 tools/pygrub/src/pygrub --- a/tools/pygrub/src/pygrub Thu Jan 17 13:53:03 2013 +0000 +++ b/tools/pygrub/src/pygrub Thu Jan 17 13:53:07 2013 +0000 @@ -613,7 +613,7 @@ def run_grub(file, entry, fs, cfg_args): # set the entry to boot as requested if entry is not None: idx = get_entry_idx(g.cf, entry) - if idx is not None and idx > 0 and idx < len(g.cf.images): + if idx is not None and idx >= 0 and idx < len(g.cf.images): sel = idx if sel == -1: _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 10:33:21 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 10:33:21 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9GA-0000Jn-AJ; Fri, 18 Jan 2013 10:33:18 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9G8-0000JP-KC for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:16 +0000 Received: from [85.158.143.99:21387] by server-1.bemta-4.messagelabs.com id 6F/E4-18740-BE429F05; Fri, 18 Jan 2013 10:33:15 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-5.tower-216.messagelabs.com!1358505193!28147453!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 7777 invoked from network); 18 Jan 2013 10:33:14 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-5.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 10:33:14 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9G5-0002nR-4t for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:13 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tw9G5-0003qc-0H for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:13 +0000 Message-Id: Date: Fri, 18 Jan 2013 10:33:12 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] Fix pygrub handling non-default entry X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Miroslav Rezanina # Date 1358430787 0 # Node ID 414e6d1c9680614e283d48dbe9d91452de8c27b6 # Parent 7359c3122c5d935476ee494706db5249c8df6abc Fix pygrub handling non-default entry If we pass 0 as pygrub --entry argument (i.e. we want to boot first item), default value is used instead. This is dueto wrong check for range of allowed values of index - 0 is index of first item. Signed-off-by: Miroslav Rezanina Acked-by: Matt Wilson Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r 7359c3122c5d -r 414e6d1c9680 tools/pygrub/src/pygrub --- a/tools/pygrub/src/pygrub Thu Jan 17 13:53:03 2013 +0000 +++ b/tools/pygrub/src/pygrub Thu Jan 17 13:53:07 2013 +0000 @@ -613,7 +613,7 @@ def run_grub(file, entry, fs, cfg_args): # set the entry to boot as requested if entry is not None: idx = get_entry_idx(g.cf, entry) - if idx is not None and idx > 0 and idx < len(g.cf.images): + if idx is not None and idx >= 0 and idx < len(g.cf.images): sel = idx if sel == -1: _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 10:33:21 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 10:33:21 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9G9-0000Ja-55; Fri, 18 Jan 2013 10:33:17 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9G7-0000JJ-TD for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:16 +0000 Received: from [85.158.139.83:62975] by server-12.bemta-5.messagelabs.com id 79/E4-31102-BE429F05; Fri, 18 Jan 2013 10:33:15 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-4.tower-182.messagelabs.com!1358505190!25690885!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 24431 invoked from network); 18 Jan 2013 10:33:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-4.tower-182.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 10:33:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9G2-0002n9-6g for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tw9G1-0003pA-So for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:09 +0000 Message-Id: Date: Fri, 18 Jan 2013 10:33:09 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] QEMU_TAG update X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Jackson # Date 1358424584 0 # Node ID 8887c543a24ac42a6018652f791ef7949485d618 # Parent b0e618cb0233471028cf5db14eaa7f45b8538131 QEMU_TAG update --- diff -r b0e618cb0233 -r 8887c543a24a Config.mk --- a/Config.mk Thu Jan 17 11:53:42 2013 +0000 +++ b/Config.mk Thu Jan 17 12:09:44 2013 +0000 @@ -1,3 +1,6 @@ +pulling from ssh://xenbits.xen.org//home/xen/HG/staging/xen-unstable.hg +searching for changes +no changes found # -*- mode: Makefile; -*- ifeq ($(filter /%,$(XEN_ROOT)),) @@ -220,9 +223,9 @@ ETHERBOOT_NICS ?= rtl8139 8086100e # CONFIG_QEMU ?= `pwd`/$(XEN_ROOT)/../qemu-xen.git CONFIG_QEMU ?= $(QEMU_REMOTE) -QEMU_TAG ?= 4c2cae2a882db4d2a231b27b3b31a5bbec6dacbf -# Sun Dec 2 20:11:22 2012 -0800 -# e1000: Discard packets that are too long if !SBP and !LPE +QEMU_TAG ?= e33f918c19e393900b95a2bb6b10668dfe96a8f2 +# Wed Dec 5 13:31:30 2012 -0500 +# e1000: Discard oversized packets based on SBP|LPE # Short answer -- do not enable this unless you know what you are # doing and are prepared for some pain. _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 10:33:21 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 10:33:21 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9G9-0000Ja-55; Fri, 18 Jan 2013 10:33:17 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9G7-0000JJ-TD for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:16 +0000 Received: from [85.158.139.83:62975] by server-12.bemta-5.messagelabs.com id 79/E4-31102-BE429F05; Fri, 18 Jan 2013 10:33:15 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-4.tower-182.messagelabs.com!1358505190!25690885!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 24431 invoked from network); 18 Jan 2013 10:33:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-4.tower-182.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 10:33:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9G2-0002n9-6g for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tw9G1-0003pA-So for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:09 +0000 Message-Id: Date: Fri, 18 Jan 2013 10:33:09 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] QEMU_TAG update X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Jackson # Date 1358424584 0 # Node ID 8887c543a24ac42a6018652f791ef7949485d618 # Parent b0e618cb0233471028cf5db14eaa7f45b8538131 QEMU_TAG update --- diff -r b0e618cb0233 -r 8887c543a24a Config.mk --- a/Config.mk Thu Jan 17 11:53:42 2013 +0000 +++ b/Config.mk Thu Jan 17 12:09:44 2013 +0000 @@ -1,3 +1,6 @@ +pulling from ssh://xenbits.xen.org//home/xen/HG/staging/xen-unstable.hg +searching for changes +no changes found # -*- mode: Makefile; -*- ifeq ($(filter /%,$(XEN_ROOT)),) @@ -220,9 +223,9 @@ ETHERBOOT_NICS ?= rtl8139 8086100e # CONFIG_QEMU ?= `pwd`/$(XEN_ROOT)/../qemu-xen.git CONFIG_QEMU ?= $(QEMU_REMOTE) -QEMU_TAG ?= 4c2cae2a882db4d2a231b27b3b31a5bbec6dacbf -# Sun Dec 2 20:11:22 2012 -0800 -# e1000: Discard packets that are too long if !SBP and !LPE +QEMU_TAG ?= e33f918c19e393900b95a2bb6b10668dfe96a8f2 +# Wed Dec 5 13:31:30 2012 -0500 +# e1000: Discard oversized packets based on SBP|LPE # Short answer -- do not enable this unless you know what you are # doing and are prepared for some pain. _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 10:33:22 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 10:33:22 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9GB-0000K2-Cj; Fri, 18 Jan 2013 10:33:19 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9GA-0000Jh-Nl for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:18 +0000 Received: from [85.158.138.51:36573] by server-12.bemta-3.messagelabs.com id 10/3E-30381-9E429F05; Fri, 18 Jan 2013 10:33:13 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-15.tower-174.messagelabs.com!1358505190!26776671!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 30868 invoked from network); 18 Jan 2013 10:33:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-15.tower-174.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 10:33:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9G2-0002nC-HU for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tw9G2-0003pP-Cc for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:10 +0000 Message-Id: Date: Fri, 18 Jan 2013 10:33:09 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] QEMU_TAG update X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Jackson # Date 1358424621 0 # Node ID 748fe2a001daffd28461b436a8e1b8728567875e # Parent 8887c543a24ac42a6018652f791ef7949485d618 QEMU_TAG update --- diff -r 8887c543a24a -r 748fe2a001da Config.mk --- a/Config.mk Thu Jan 17 12:09:44 2013 +0000 +++ b/Config.mk Thu Jan 17 12:10:21 2013 +0000 @@ -1,3 +1,6 @@ +pulling from ssh://xenbits.xen.org//home/xen/HG/staging/xen-unstable.hg +searching for changes +no changes found pulling from ssh://xenbits.xen.org//home/xen/HG/staging/xen-unstable.hg searching for changes no changes found _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 10:33:22 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 10:33:22 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9GB-0000K2-Cj; Fri, 18 Jan 2013 10:33:19 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9GA-0000Jh-Nl for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:18 +0000 Received: from [85.158.138.51:36573] by server-12.bemta-3.messagelabs.com id 10/3E-30381-9E429F05; Fri, 18 Jan 2013 10:33:13 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-15.tower-174.messagelabs.com!1358505190!26776671!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 30868 invoked from network); 18 Jan 2013 10:33:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-15.tower-174.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 10:33:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9G2-0002nC-HU for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tw9G2-0003pP-Cc for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:10 +0000 Message-Id: Date: Fri, 18 Jan 2013 10:33:09 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] QEMU_TAG update X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Jackson # Date 1358424621 0 # Node ID 748fe2a001daffd28461b436a8e1b8728567875e # Parent 8887c543a24ac42a6018652f791ef7949485d618 QEMU_TAG update --- diff -r 8887c543a24a -r 748fe2a001da Config.mk --- a/Config.mk Thu Jan 17 12:09:44 2013 +0000 +++ b/Config.mk Thu Jan 17 12:10:21 2013 +0000 @@ -1,3 +1,6 @@ +pulling from ssh://xenbits.xen.org//home/xen/HG/staging/xen-unstable.hg +searching for changes +no changes found pulling from ssh://xenbits.xen.org//home/xen/HG/staging/xen-unstable.hg searching for changes no changes found _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 10:33:23 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 10:33:23 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9GD-0000L0-GK; Fri, 18 Jan 2013 10:33:21 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9GC-0000JP-TK for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:21 +0000 Received: from [85.158.143.35:17120] by server-1.bemta-4.messagelabs.com id 8A/15-18740-0F429F05; Fri, 18 Jan 2013 10:33:20 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-11.tower-21.messagelabs.com!1358505195!11614027!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 4511 invoked from network); 18 Jan 2013 10:33:16 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-11.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 10:33:16 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9G7-0002nd-5y for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:15 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tw9G7-0003ra-3j for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:15 +0000 Message-Id: Date: Fri, 18 Jan 2013 10:33:14 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] QEMU_TAG update X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Jackson # Date 1358438151 0 # Node ID 126ce5f1855ba21ae24fc1c0981e5c05a3245bad # Parent d81f9832a082768c454b7dc6530834a0017f0683 QEMU_TAG update --- diff -r d81f9832a082 -r 126ce5f1855b Config.mk --- a/Config.mk Thu Jan 17 15:55:02 2013 +0000 +++ b/Config.mk Thu Jan 17 15:55:51 2013 +0000 @@ -220,9 +220,9 @@ ETHERBOOT_NICS ?= rtl8139 8086100e # CONFIG_QEMU ?= `pwd`/$(XEN_ROOT)/../qemu-xen.git CONFIG_QEMU ?= $(QEMU_REMOTE) -QEMU_TAG ?= e33f918c19e393900b95a2bb6b10668dfe96a8f2 -# Wed Dec 5 13:31:30 2012 -0500 -# e1000: Discard oversized packets based on SBP|LPE +QEMU_TAG ?= 2a1354d655d816feaad7dbdb8364f40a208439c1 +# Thu Jan 17 15:52:16 2013 +0000 +# e1000: fix compile warning introduced by security fix, and debugging # Short answer -- do not enable this unless you know what you are # doing and are prepared for some pain. _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 10:33:23 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 10:33:23 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9GD-0000L0-GK; Fri, 18 Jan 2013 10:33:21 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9GC-0000JP-TK for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:21 +0000 Received: from [85.158.143.35:17120] by server-1.bemta-4.messagelabs.com id 8A/15-18740-0F429F05; Fri, 18 Jan 2013 10:33:20 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-11.tower-21.messagelabs.com!1358505195!11614027!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 4511 invoked from network); 18 Jan 2013 10:33:16 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-11.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 10:33:16 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9G7-0002nd-5y for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:15 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tw9G7-0003ra-3j for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:15 +0000 Message-Id: Date: Fri, 18 Jan 2013 10:33:14 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] QEMU_TAG update X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Jackson # Date 1358438151 0 # Node ID 126ce5f1855ba21ae24fc1c0981e5c05a3245bad # Parent d81f9832a082768c454b7dc6530834a0017f0683 QEMU_TAG update --- diff -r d81f9832a082 -r 126ce5f1855b Config.mk --- a/Config.mk Thu Jan 17 15:55:02 2013 +0000 +++ b/Config.mk Thu Jan 17 15:55:51 2013 +0000 @@ -220,9 +220,9 @@ ETHERBOOT_NICS ?= rtl8139 8086100e # CONFIG_QEMU ?= `pwd`/$(XEN_ROOT)/../qemu-xen.git CONFIG_QEMU ?= $(QEMU_REMOTE) -QEMU_TAG ?= e33f918c19e393900b95a2bb6b10668dfe96a8f2 -# Wed Dec 5 13:31:30 2012 -0500 -# e1000: Discard oversized packets based on SBP|LPE +QEMU_TAG ?= 2a1354d655d816feaad7dbdb8364f40a208439c1 +# Thu Jan 17 15:52:16 2013 +0000 +# e1000: fix compile warning introduced by security fix, and debugging # Short answer -- do not enable this unless you know what you are # doing and are prepared for some pain. _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 10:33:23 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 10:33:23 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9GE-0000Ly-T4; Fri, 18 Jan 2013 10:33:22 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9GD-0000KY-RX for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:22 +0000 Received: from [85.158.137.99:7444] by server-13.bemta-3.messagelabs.com id 2E/B5-05145-CE429F05; Fri, 18 Jan 2013 10:33:16 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-11.tower-217.messagelabs.com!1358505194!16605339!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests=UPPERCASE_25_50 X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 25228 invoked from network); 18 Jan 2013 10:33:15 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-11.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 10:33:15 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9G6-0002nX-4m for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:14 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tw9G6-0003r6-0a for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:14 +0000 Message-Id: Date: Fri, 18 Jan 2013 10:33:13 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] tools: Update to SeaBIOS 1.7.1 X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1358430794 0 # Node ID 7927b79daa474d32b500331fe3f50d3019d606ab # Parent cdbfe54df8afb72379462a9aafd1d3d72739462e tools: Update to SeaBIOS 1.7.1 Only lightly tested with a Linux HVM guest PXE boot. Accept the defaults for the config options. Many of them are not relevant to Xen but this matches what others (at least the Debian SeaBIOS packages and the binary shipped by Qemu) are doing. The Debian Xen packages are built against Debian's SeaBIOS package so there is value in being similar. Signed-off-by: Ian Campbell Acked-by: Ian Jackson Committed-by: Ian Campbell --- diff -r cdbfe54df8af -r 7927b79daa47 Config.mk --- a/Config.mk Thu Jan 17 13:53:09 2013 +0000 +++ b/Config.mk Thu Jan 17 13:53:14 2013 +0000 @@ -209,9 +209,9 @@ SEABIOS_UPSTREAM_URL ?= git://xenbits.xe endif OVMF_UPSTREAM_REVISION ?= b0855f925c6e2e0b21fbb03fab4b5fb5b6876871 QEMU_UPSTREAM_REVISION ?= master -SEABIOS_UPSTREAM_TAG ?= rel-1.6.3.2 -# Sun Mar 11 09:27:07 2012 -0400 -# Update version to 1.6.3.2 +SEABIOS_UPSTREAM_TAG ?= rel-1.7.1 +# Wed Aug 29 21:27:37 2012 -0400 +# Make iasl option check work with older versions of iasl. ETHERBOOT_NICS ?= rtl8139 8086100e diff -r cdbfe54df8af -r 7927b79daa47 tools/firmware/seabios-config --- a/tools/firmware/seabios-config Thu Jan 17 13:53:09 2013 +0000 +++ b/tools/firmware/seabios-config Thu Jan 17 13:53:14 2013 +0000 @@ -1,7 +1,7 @@ # # Automatically generated make config: don't edit # SeaBIOS Configuration -# Wed Sep 7 13:03:21 2011 +# Thu Jan 3 17:25:45 2013 # # @@ -24,6 +24,9 @@ CONFIG_ATA_DMA=y CONFIG_ATA_PIO32=y CONFIG_AHCI=y CONFIG_VIRTIO_BLK=y +CONFIG_VIRTIO_SCSI=y +CONFIG_ESP_SCSI=y +CONFIG_LSI_SCSI=y CONFIG_FLOPPY=y CONFIG_PS2PORT=y CONFIG_USB=y @@ -31,12 +34,13 @@ CONFIG_USB_UHCI=y CONFIG_USB_OHCI=y CONFIG_USB_EHCI=y CONFIG_USB_MSC=y +CONFIG_USB_UAS=y CONFIG_USB_HUB=y CONFIG_USB_KEYBOARD=y CONFIG_USB_MOUSE=y CONFIG_SERIAL=y CONFIG_LPT=y -# CONFIG_USE_SMM is not set +CONFIG_USE_SMM=y CONFIG_MTRR_INIT=y # @@ -56,6 +60,7 @@ CONFIG_KEYBOARD=y CONFIG_KBD_CALL_INT15_4F=y CONFIG_MOUSE=y CONFIG_S3_RESUME=y +CONFIG_VGAHOOKS=y # CONFIG_DISABLE_A20 is not set # @@ -67,7 +72,19 @@ CONFIG_SMBIOS=y CONFIG_ACPI=y # +# VGA ROM +# +CONFIG_NO_VGABIOS=y +# CONFIG_VGA_STANDARD_VGA is not set +# CONFIG_VGA_CIRRUS is not set +# CONFIG_VGA_BOCHS is not set +# CONFIG_VGA_GEODEGX2 is not set +# CONFIG_VGA_GEODELX is not set +# CONFIG_BUILD_VGABIOS is not set + +# # Debugging # CONFIG_DEBUG_LEVEL=1 # CONFIG_DEBUG_SERIAL is not set +CONFIG_DEBUG_IO=y _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 10:33:23 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 10:33:23 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9GE-0000Ly-T4; Fri, 18 Jan 2013 10:33:22 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9GD-0000KY-RX for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:22 +0000 Received: from [85.158.137.99:7444] by server-13.bemta-3.messagelabs.com id 2E/B5-05145-CE429F05; Fri, 18 Jan 2013 10:33:16 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-11.tower-217.messagelabs.com!1358505194!16605339!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests=UPPERCASE_25_50 X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 25228 invoked from network); 18 Jan 2013 10:33:15 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-11.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 10:33:15 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9G6-0002nX-4m for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:14 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tw9G6-0003r6-0a for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:14 +0000 Message-Id: Date: Fri, 18 Jan 2013 10:33:13 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] tools: Update to SeaBIOS 1.7.1 X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1358430794 0 # Node ID 7927b79daa474d32b500331fe3f50d3019d606ab # Parent cdbfe54df8afb72379462a9aafd1d3d72739462e tools: Update to SeaBIOS 1.7.1 Only lightly tested with a Linux HVM guest PXE boot. Accept the defaults for the config options. Many of them are not relevant to Xen but this matches what others (at least the Debian SeaBIOS packages and the binary shipped by Qemu) are doing. The Debian Xen packages are built against Debian's SeaBIOS package so there is value in being similar. Signed-off-by: Ian Campbell Acked-by: Ian Jackson Committed-by: Ian Campbell --- diff -r cdbfe54df8af -r 7927b79daa47 Config.mk --- a/Config.mk Thu Jan 17 13:53:09 2013 +0000 +++ b/Config.mk Thu Jan 17 13:53:14 2013 +0000 @@ -209,9 +209,9 @@ SEABIOS_UPSTREAM_URL ?= git://xenbits.xe endif OVMF_UPSTREAM_REVISION ?= b0855f925c6e2e0b21fbb03fab4b5fb5b6876871 QEMU_UPSTREAM_REVISION ?= master -SEABIOS_UPSTREAM_TAG ?= rel-1.6.3.2 -# Sun Mar 11 09:27:07 2012 -0400 -# Update version to 1.6.3.2 +SEABIOS_UPSTREAM_TAG ?= rel-1.7.1 +# Wed Aug 29 21:27:37 2012 -0400 +# Make iasl option check work with older versions of iasl. ETHERBOOT_NICS ?= rtl8139 8086100e diff -r cdbfe54df8af -r 7927b79daa47 tools/firmware/seabios-config --- a/tools/firmware/seabios-config Thu Jan 17 13:53:09 2013 +0000 +++ b/tools/firmware/seabios-config Thu Jan 17 13:53:14 2013 +0000 @@ -1,7 +1,7 @@ # # Automatically generated make config: don't edit # SeaBIOS Configuration -# Wed Sep 7 13:03:21 2011 +# Thu Jan 3 17:25:45 2013 # # @@ -24,6 +24,9 @@ CONFIG_ATA_DMA=y CONFIG_ATA_PIO32=y CONFIG_AHCI=y CONFIG_VIRTIO_BLK=y +CONFIG_VIRTIO_SCSI=y +CONFIG_ESP_SCSI=y +CONFIG_LSI_SCSI=y CONFIG_FLOPPY=y CONFIG_PS2PORT=y CONFIG_USB=y @@ -31,12 +34,13 @@ CONFIG_USB_UHCI=y CONFIG_USB_OHCI=y CONFIG_USB_EHCI=y CONFIG_USB_MSC=y +CONFIG_USB_UAS=y CONFIG_USB_HUB=y CONFIG_USB_KEYBOARD=y CONFIG_USB_MOUSE=y CONFIG_SERIAL=y CONFIG_LPT=y -# CONFIG_USE_SMM is not set +CONFIG_USE_SMM=y CONFIG_MTRR_INIT=y # @@ -56,6 +60,7 @@ CONFIG_KEYBOARD=y CONFIG_KBD_CALL_INT15_4F=y CONFIG_MOUSE=y CONFIG_S3_RESUME=y +CONFIG_VGAHOOKS=y # CONFIG_DISABLE_A20 is not set # @@ -67,7 +72,19 @@ CONFIG_SMBIOS=y CONFIG_ACPI=y # +# VGA ROM +# +CONFIG_NO_VGABIOS=y +# CONFIG_VGA_STANDARD_VGA is not set +# CONFIG_VGA_CIRRUS is not set +# CONFIG_VGA_BOCHS is not set +# CONFIG_VGA_GEODEGX2 is not set +# CONFIG_VGA_GEODELX is not set +# CONFIG_BUILD_VGABIOS is not set + +# # Debugging # CONFIG_DEBUG_LEVEL=1 # CONFIG_DEBUG_SERIAL is not set +CONFIG_DEBUG_IO=y _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 10:33:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 10:33:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9GE-0000Lm-N9; Fri, 18 Jan 2013 10:33:22 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9GC-0000KA-NG for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:21 +0000 Received: from [85.158.137.99:54766] by server-7.bemta-3.messagelabs.com id DE/E5-07262-BE429F05; Fri, 18 Jan 2013 10:33:15 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-5.tower-217.messagelabs.com!1358505190!12747875!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 27042 invoked from network); 18 Jan 2013 10:33:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-5.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 10:33:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9G1-0002n6-OX for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tw9G1-0003ov-Am for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:09 +0000 Message-Id: Date: Fri, 18 Jan 2013 10:33:08 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] x86/mm: Provide support for multiple frame buffers in HVM guests. X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Robert Phillips # Date 1358423622 0 # Node ID b0e618cb0233471028cf5db14eaa7f45b8538131 # Parent 431bc26eda5b4d5d5a22807750f7b328e6197e71 x86/mm: Provide support for multiple frame buffers in HVM guests. Support is provided for both shadow and hardware assisted paging (HAP) modes. This code bookkeeps the set of video frame buffers (vram), detects when the guest has modified any of those buffers and, upon request, returns a bitmap of the modified pages. This lets other software components re-paint the portions of the monitor (or monitors) that have changed. Each monitor has a frame buffer of some size at some position in guest physical memory. The set of frame buffers being tracked can change over time as monitors are plugged and unplugged. Signed-off-by: Robert Phillips Acked-by: Tim Deegan Removed a stray #include and a few hard tabs. Signed-off-by: Tim Deegan Committed-by: Tim Deegan --- diff -r 431bc26eda5b -r b0e618cb0233 tools/libxc/xenctrl.h --- a/tools/libxc/xenctrl.h Thu Jan 17 10:56:34 2013 +0100 +++ b/tools/libxc/xenctrl.h Thu Jan 17 11:53:42 2013 +0000 @@ -1563,15 +1563,23 @@ int xc_hvm_inject_msi( xc_interface *xch, domid_t dom, uint64_t addr, uint32_t data); /* - * Track dirty bit changes in the VRAM area + * Track dirty bit changes in a VRAM region defined by + * [ first_pfn : first_pfn + nr - 1 ] * * All of this is done atomically: - * - get the dirty bitmap since the last call - * - set up dirty tracking area for period up to the next call - * - clear the dirty tracking area. + * - gets the dirty bitmap since the last call, all zeroes for + * the first call with some new region + * - sets up a dirty tracking region for period up to the next call + * - clears the specified dirty tracking region. * - * Returns -ENODATA and does not fill bitmap if the area has changed since the - * last call. + * Creating a new region causes any existing regions that it overlaps + * to be discarded. + * + * Specifying nr == 0 causes all regions to be discarded and + * disables dirty bit tracking. + * + * If nr is not a multiple of 64, only the first nr bits of bitmap + * are well defined. */ int xc_hvm_track_dirty_vram( xc_interface *xch, domid_t dom, diff -r 431bc26eda5b -r b0e618cb0233 xen/arch/x86/hvm/hvm.c --- a/xen/arch/x86/hvm/hvm.c Thu Jan 17 10:56:34 2013 +0100 +++ b/xen/arch/x86/hvm/hvm.c Thu Jan 17 11:53:42 2013 +0000 @@ -57,6 +57,7 @@ #include #include #include +#include #include #include #include @@ -1436,8 +1437,11 @@ int hvm_hap_nested_page_fault(paddr_t gp */ if ( access_w ) { - paging_mark_dirty(v->domain, mfn_x(mfn)); - p2m_change_type(v->domain, gfn, p2m_ram_logdirty, p2m_ram_rw); + if ( p2m_change_type(v->domain, gfn, p2m_ram_logdirty, + p2m_ram_rw) == p2m_ram_logdirty ) + { + paging_mark_dirty_gpfn(v->domain, gfn); + } } rc = 1; goto out_put_gfn; diff -r 431bc26eda5b -r b0e618cb0233 xen/arch/x86/mm/Makefile --- a/xen/arch/x86/mm/Makefile Thu Jan 17 10:56:34 2013 +0100 +++ b/xen/arch/x86/mm/Makefile Thu Jan 17 11:53:42 2013 +0000 @@ -5,6 +5,7 @@ obj-y += paging.o obj-y += p2m.o p2m-pt.o p2m-ept.o p2m-pod.o obj-y += guest_walk_2.o obj-y += guest_walk_3.o +obj-y += dirty_vram.o obj-$(x86_64) += guest_walk_4.o obj-$(x86_64) += mem_event.o obj-$(x86_64) += mem_paging.o diff -r 431bc26eda5b -r b0e618cb0233 xen/arch/x86/mm/dirty_vram.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/xen/arch/x86/mm/dirty_vram.c Thu Jan 17 11:53:42 2013 +0000 @@ -0,0 +1,864 @@ +/* + * arch/x86/mm/dirty_vram.c: Bookkeep/query dirty VRAM pages + * with support for multiple frame buffers. + * + * Copyright (c) 2012, Citrix Systems, Inc. (Robert Phillips) + * Parts of this code are Copyright (c) 2007 Advanced Micro Devices (Wei Huang) + * Parts of this code are Copyright (c) 2007 XenSource Inc. + * Parts of this code are Copyright (c) 2006 by Michael A Fetterman + * Parts based on earlier work by Michael A Fetterman, Ian Pratt et al. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms and conditions of the GNU General Public License, + * version 2, as published by the Free Software Foundation. + * + * This program is distributed in the hope it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along with + * this program; if not, write to the Free Software Foundation, Inc., 59 Temple + * Place - Suite 330, Boston, MA 02111-1307 USA. + */ + + +#include +#include +#include +#include +#include +#include +#include +#include "mm-locks.h" + +#define DEBUG_stop_tracking_all_vram 0 +#define DEBUG_allocating_dirty_vram_range 0 +#define DEBUG_high_water_mark_for_vram_ranges 0 +#define DEBUG_freeing_dirty_vram_range 0 +#define DEBUG_allocate_paddr_links_page 0 +#define DEBUG_update_vram_mapping 0 +#define DEBUG_alloc_paddr_inject_fault 0 +#define DEBUG_link_limit_exceeded 0 + +/* Allocates domain's dirty_vram structure */ +dv_dirty_vram_t * +dirty_vram_alloc(struct domain *d) +{ + dv_dirty_vram_t *dirty_vram; + ASSERT( paging_locked_by_me(d) ); + dirty_vram = d->arch.hvm_domain.dirty_vram = xzalloc(dv_dirty_vram_t); + if ( dirty_vram ) + { + INIT_LIST_HEAD(&dirty_vram->range_head); + INIT_LIST_HEAD(&dirty_vram->ext_head); + } + return dirty_vram; +} + +/* + * Returns domain's dirty_vram structure, + * allocating it if necessary + */ +dv_dirty_vram_t * +dirty_vram_find_or_alloc(struct domain *d) +{ + dv_dirty_vram_t *dirty_vram = d->arch.hvm_domain.dirty_vram; + ASSERT( paging_locked_by_me(d) ); + if ( !dirty_vram ) + dirty_vram = dirty_vram_alloc(d); + return dirty_vram; +} + + +/* Free domain's dirty_vram structure */ +void dirty_vram_free(struct domain *d) +{ + dv_dirty_vram_t *dirty_vram = d->arch.hvm_domain.dirty_vram; + ASSERT( paging_locked_by_me(d) ); + if ( dirty_vram ) + { + struct list_head *curr, *next; + /* Free all the ranges */ + list_for_each_safe(curr, next, &dirty_vram->range_head) + { + dv_range_t *range = list_entry(curr, dv_range_t, range_link); +#if DEBUG_stop_tracking_all_vram + gdprintk(XENLOG_DEBUG, "[%05lx:%05lx] stop tracking all vram\n", + range->begin_pfn, range->end_pfn); +#endif + xfree(range->pl_tab); + xfree(range); + } + /* Free all the extension pages */ + list_for_each_safe(curr, next, &dirty_vram->ext_head) + { + struct dv_paddr_link_ext *ext = + container_of( + curr, struct dv_paddr_link_ext, ext_link); + struct page_info *pg = __virt_to_page(ext); + d->arch.paging.free_page(d, pg); + } + + xfree(dirty_vram); + d->arch.hvm_domain.dirty_vram = NULL; + } +} + +/* Returns dirty vram range containing gfn, NULL if none */ +struct dv_range * +dirty_vram_range_find_gfn(struct domain *d, + unsigned long gfn) +{ + struct dv_dirty_vram *dirty_vram = d->arch.hvm_domain.dirty_vram; + ASSERT( paging_locked_by_me(d) ); + if ( dirty_vram ) + { + struct list_head *curr; + list_for_each(curr, &dirty_vram->range_head) + { + dv_range_t *range = list_entry(curr, dv_range_t, range_link); + if ( gfn >= range->begin_pfn && + gfn < range->end_pfn ) + return range; + } + } + return NULL; +} + +/* + * Returns pointer to dirty vram range matching [begin_pfn .. end_pfn ), + * NULL if none. + */ +dv_range_t * +dirty_vram_range_find(struct domain *d, + unsigned long begin_pfn, + unsigned long nr) +{ + unsigned long end_pfn = begin_pfn + nr; + dv_dirty_vram_t *dirty_vram = d->arch.hvm_domain.dirty_vram; + ASSERT( paging_locked_by_me(d) ); + if ( dirty_vram ) + { + struct list_head *curr; + list_for_each(curr, &dirty_vram->range_head) + { + dv_range_t *range = list_entry(curr, dv_range_t, range_link); + if ( begin_pfn == range->begin_pfn && + end_pfn == range->end_pfn ) + return range; + } + } + return NULL; +} + +/* Allocate specified dirty_vram range */ +static dv_range_t * +_dirty_vram_range_alloc(struct domain *d, + unsigned long begin_pfn, + unsigned long nr) +{ + dv_dirty_vram_t *dirty_vram = d->arch.hvm_domain.dirty_vram; + dv_range_t *range = NULL; + unsigned long end_pfn = begin_pfn + nr; + dv_pl_entry_t *pl_tab = NULL; + int i; + + ASSERT( paging_locked_by_me(d) ); + ASSERT( dirty_vram != NULL ); + +#if DEBUG_allocating_dirty_vram_range + gdprintk(XENLOG_DEBUG, + "[%05lx:%05lx] Allocating dirty vram range hap:%d\n", + begin_pfn, end_pfn, + d->arch.hvm_domain.hap_enabled); +#endif + + range = xzalloc(dv_range_t); + if ( range == NULL ) + goto err_out; + + INIT_LIST_HEAD(&range->range_link); + + range->begin_pfn = begin_pfn; + range->end_pfn = end_pfn; + + if ( !hap_enabled(d) ) + { + if ( (pl_tab = xzalloc_array(dv_pl_entry_t, nr)) == NULL ) + goto err_out; + + for ( i = 0; i != nr; i++ ) + { + pl_tab[i].mapping.sl1ma = INVALID_PADDR; + } + } + + range->pl_tab = pl_tab; + range->mappings_hwm = 1; + + list_add(&range->range_link, &dirty_vram->range_head); + if ( ++dirty_vram->nr_ranges > dirty_vram->ranges_hwm ) + { + dirty_vram->ranges_hwm = dirty_vram->nr_ranges; +#if DEBUG_high_water_mark_for_vram_ranges + gdprintk(XENLOG_DEBUG, + "High water mark for number of vram ranges is now:%d\n", + dirty_vram->ranges_hwm); +#endif + } + return range; + + err_out: + xfree(pl_tab); + xfree(range); + return NULL; +} + + +/* Frees specified dirty_vram range */ +void dirty_vram_range_free(struct domain *d, + dv_range_t *range) +{ + dv_dirty_vram_t *dirty_vram = d->arch.hvm_domain.dirty_vram; + ASSERT( paging_locked_by_me(d) ); + if ( dirty_vram ) + { + int i, nr = range->end_pfn - range->begin_pfn; + +#if DEBUG_freeing_dirty_vram_range + gdprintk(XENLOG_DEBUG, + "[%05lx:%05lx] Freeing dirty vram range\n", + range->begin_pfn, range->end_pfn); +#endif + + if ( range->pl_tab ) + { + for ( i = 0; i != nr; i++ ) + { + dv_paddr_link_t *plx; + plx = range->pl_tab[i].mapping.pl_next; + /* Does current FB page have multiple mappings? */ + if ( plx ) /* yes */ + { + /* Find the last element in singly-linked list */ + while ( plx->pl_next != NULL ) + plx = plx->pl_next; + + /* Prepend whole list to the free list */ + plx->pl_next = dirty_vram->pl_free; + dirty_vram->pl_free = range->pl_tab[i].mapping.pl_next; + } + } + xfree(range->pl_tab); + range->pl_tab = NULL; + } + + /* Remove range from the linked list, free it, and adjust count*/ + list_del(&range->range_link); + xfree(range); + dirty_vram->nr_ranges--; + } +} + +/* + * dirty_vram_range_alloc() + * This function ensures that the new range does not overlap any existing + * ranges -- deleting them if necessary -- and then calls + * _dirty_vram_range_alloc to actually allocate the new range. + */ +dv_range_t * +dirty_vram_range_alloc(struct domain *d, + unsigned long begin_pfn, + unsigned long nr) +{ + unsigned long end_pfn = begin_pfn + nr; + dv_dirty_vram_t *dirty_vram = d->arch.hvm_domain.dirty_vram; + dv_range_t *range; + struct list_head *curr, *next; + + ASSERT( paging_locked_by_me(d) ); + ASSERT( dirty_vram != NULL ); + + /* + * Ranges cannot overlap so + * free any range that overlaps [ begin_pfn .. end_pfn ) + */ + list_for_each_safe(curr, next, &dirty_vram->range_head) + { + dv_range_t *rng = list_entry(curr, dv_range_t, range_link); + if ( ( ( rng->begin_pfn <= begin_pfn ) && + ( begin_pfn < rng->end_pfn ) + ) || + ( ( begin_pfn <= rng->begin_pfn ) && + ( rng->begin_pfn < end_pfn ) + ) ) + { + /* Different tracking, tear the previous down. */ + dirty_vram_range_free(d, rng); + } + } + + range = _dirty_vram_range_alloc(d, begin_pfn, nr); + if ( !range ) + goto out; + + out: + return range; +} + +/* + * dirty_vram_range_find_or_alloc() + * Find the range for [begin_pfn:begin_pfn+nr). + * If it doesn't exists, create it. + */ +dv_range_t * +dirty_vram_range_find_or_alloc(struct domain *d, + unsigned long begin_pfn, + unsigned long nr) +{ + dv_range_t *range; + ASSERT( paging_locked_by_me(d) ); + range = dirty_vram_range_find(d, begin_pfn, nr); + if ( !range ) + range = dirty_vram_range_alloc(d, begin_pfn, nr); + + return range; +} + + + +/* Allocate a dv_paddr_link struct */ +static dv_paddr_link_t * +alloc_paddr_link(struct domain *d) +{ + dv_paddr_link_t * pl = NULL; + dv_dirty_vram_t *dirty_vram = d->arch.hvm_domain.dirty_vram; + dv_paddr_link_ext_t *ext = NULL; + + + ASSERT( paging_locked_by_me(d) ); + BUILD_BUG_ON(sizeof(dv_paddr_link_ext_t) > PAGE_SIZE); + /* Is the list of free pl's empty? */ + if ( dirty_vram->pl_free == NULL ) /* yes */ + { + /* + * Allocate another page of pl's. + * Link them all together and point the free list head at them + */ + int i; + struct page_info *pg = d->arch.paging.alloc_page(d); + + ext = map_domain_page(pg); + if ( ext == NULL ) + goto out; + +#if DEBUG_allocate_paddr_links_page + gdprintk(XENLOG_DEBUG, "Allocated another page of paddr_links\n"); +#endif + list_add(&ext->ext_link, &dirty_vram->ext_head); + + /* initialize and link together the new pl entries */ + for ( i = 0; i != ARRAY_SIZE(ext->entries); i++ ) + { + ext->entries[i].sl1ma = INVALID_PADDR; + ext->entries[i].pl_next = &ext->entries[i+1]; + } + ext->entries[ARRAY_SIZE(ext->entries) - 1].pl_next = NULL; + dirty_vram->pl_free = &ext->entries[0]; + } + pl = dirty_vram->pl_free; + dirty_vram->pl_free = pl->pl_next; + + pl->sl1ma = INVALID_PADDR; + pl->pl_next = NULL; + out: + if ( ext ) + unmap_domain_page(ext); + + return pl; +} + + +/* + * Free a paddr_link struct. + * + * The caller has walked the singly-linked list of elements + * that have, as their head, an element in a pl_tab cell. + * The list walks has reached the element to be freed. + * (Each element is a dv_paddr_link_t struct.) + * + * @pl points to the element to be freed. + * @ppl points to its predecessor element's next member. + * + * After linking the precessor to the element's successor, + * we can free @pl by prepending it to the list of free + * elements. + * + * As a boundary case (which happens to be the common case), + * @pl points to a cell in the pl_tab rather than to some + * extension element danging from that cell. + * We recognize this case because @ppl is NULL. + * In that case we promote the first extension element by + * copying it into the pl_tab cell and free it. + */ + +dv_paddr_link_t * +free_paddr_link(struct domain *d, + dv_paddr_link_t **ppl, + dv_paddr_link_t *pl) +{ + dv_dirty_vram_t *dirty_vram = d->arch.hvm_domain.dirty_vram; + dv_paddr_link_t *npl; /* next pl */ + + ASSERT( paging_locked_by_me(d) ); + /* extension mapping? */ + if ( ppl ) /* yes. free it */ + { + ASSERT(pl == (*ppl)); + (*ppl) = npl = pl->pl_next; + } + else /* main table */ + { + /* + * move 2nd mapping to main table. + * and free 2nd mapping + */ + dv_paddr_link_t * spl; + spl = pl->pl_next; + if ( spl == NULL ) + { + pl->sl1ma = INVALID_PADDR; + return pl; + } + pl->sl1ma = spl->sl1ma; + pl->pl_next = spl->pl_next; + npl = pl; /* reprocess main table entry again */ + pl = spl; + } + pl->sl1ma = INVALID_PADDR; + pl->pl_next = dirty_vram->pl_free; + dirty_vram->pl_free = pl; + return npl; +} + + +/* + * dirty_vram_range_update() + * + * This is called whenever a level 1 page table entry is modified. + * If the L1PTE is being cleared, the function removes any paddr_links + * that refer to it. + * If the L1PTE is being set to a frame buffer page, a paddr_link is + * created for that page's entry in pl_tab. + * Returns 1 iff entry found and set or cleared. + */ +int dirty_vram_range_update(struct domain *d, + unsigned long gfn, + paddr_t sl1ma, + int set) +{ + int effective = 0; + dv_range_t *range; + unsigned long i; + dv_paddr_link_t *pl; + dv_paddr_link_t **ppl; + int len = 0; + + ASSERT(paging_locked_by_me(d)); + range = dirty_vram_range_find_gfn(d, gfn); + if ( !range ) + return effective; + + + i = gfn - range->begin_pfn; + pl = &range->pl_tab[ i ].mapping; + ppl = NULL; + + /* + * find matching entry (pl), if any, and its predecessor + * in linked list (ppl) + */ + while ( pl != NULL ) + { + if ( pl->sl1ma == sl1ma || pl->sl1ma == INVALID_PADDR ) + break; + + ppl = &pl->pl_next; + pl = *ppl; + len++; + } + + if ( set ) + { + /* Did we find sl1ma in either the main table or the linked list? */ + if ( pl == NULL ) /* no, so we'll need to alloc a link */ + { + ASSERT(ppl != NULL); + +#if DEBUG_alloc_paddr_inject_fault + { + static int counter; + + /* Test stuck_dirty logic for some cases */ + if ( (++counter) % 4 == 0 ) + { + /* Simply mark the frame buffer page as always dirty */ + range->pl_tab[ i ].stuck_dirty = 1; + gdprintk(XENLOG_DEBUG, + "[%lx] inject stuck dirty fault\n", + gfn ); + goto out; + } + } +#endif + /* + * Have we reached the limit of mappings we're willing + * to bookkeep? + */ + if ( len > DV_ADDR_LINK_LIST_LIMIT ) /* yes */ + { +#if DEBUG_link_limit_exceeded + if ( !range->pl_tab[ i ].stuck_dirty ) + gdprintk(XENLOG_DEBUG, + "[%lx] link limit exceeded\n", + gfn ); +#endif + /* Simply mark the frame buffer page as always dirty */ + range->pl_tab[ i ].stuck_dirty = 1; + goto out; + } + + /* alloc link and append it to list */ + (*ppl) = pl = alloc_paddr_link(d); + /* Were we able to allocate a link? */ + if ( pl == NULL ) /* no */ + { + /* Simply mark the frame buffer page as always dirty */ + range->pl_tab[ i ].stuck_dirty = 1; + + gdprintk(XENLOG_DEBUG, + "[%lx] alloc failure\n", + gfn ); + + goto out; + } + } + if ( pl->sl1ma != sl1ma ) + { + ASSERT(pl->sl1ma == INVALID_PADDR); + pl->sl1ma = sl1ma; + range->nr_mappings++; + } + effective = 1; + if ( len > range->mappings_hwm ) + { + range->mappings_hwm = len; +#if DEBUG_update_vram_mapping + gdprintk(XENLOG_DEBUG, + "[%lx] set sl1ma:%lx hwm:%d mappings:%d " + "freepages:%d\n", + gfn, sl1ma, + range->mappings_hwm, + range->nr_mappings, + d->arch.paging.shadow.free_pages); +#endif + } + } + else /* clear */ + { + if ( pl && pl->sl1ma == sl1ma ) + { +#if DEBUG_update_vram_mapping + gdprintk(XENLOG_DEBUG, + "[%lx] clear sl1ma:%lx mappings:%d\n", + gfn, sl1ma, + range->nr_mappings - 1); +#endif + free_paddr_link(d, ppl, pl); + --range->nr_mappings; + effective = 1; + } + } + out: + return effective; +} + + +/* + * shadow_scan_dirty_flags() + * This produces a dirty bitmap for the range by examining every + * L1PTE referenced by some dv_paddr_link in the range's pl_tab table. + * It tests and clears each such L1PTE's dirty flag. + */ +static int shadow_scan_dirty_flags(struct domain *d, + dv_range_t *range, + uint8_t *dirty_bitmap) +{ + int flush_tlb = 0; + unsigned long i; + unsigned long nr = range->end_pfn - range->begin_pfn; + l1_pgentry_t *sl1e = NULL; + + ASSERT( paging_locked_by_me(d) ); + /* Iterate over VRAM to track dirty bits. */ + for ( i = 0; i < nr; i++ ) + { + int dirty = 0, len = 1; + dv_paddr_link_t *pl; + /* Does the frame buffer have an incomplete set of mappings? */ + if ( unlikely(range->pl_tab[i].stuck_dirty) ) /* yes */ + dirty = 1; + else /* The frame buffer's set of mappings is complete. Scan it. */ + for ( pl = &range->pl_tab[i].mapping; + pl; + pl = pl->pl_next, len++ ) + { + paddr_t sl1ma = pl->sl1ma; + if ( sl1ma == INVALID_PADDR ) /* FB page is unmapped */ + continue; + + if ( sl1e ) /* cleanup from previous iteration */ + unmap_domain_page(sl1e); + + sl1e = map_domain_page(sl1ma >> PAGE_SHIFT); + if ( l1e_get_flags(*sl1e) & _PAGE_DIRTY ) + { + dirty = 1; + /* Clear dirty so we can detect if page gets re-dirtied. + * Note: this is atomic, so we may clear a + * _PAGE_ACCESSED set by another processor. + */ + l1e_remove_flags(*sl1e, _PAGE_DIRTY); + flush_tlb = 1; + } + } /* for */ + + if ( dirty ) + dirty_bitmap[i >> 3] |= (1 << (i & 7)); + + } + + if ( sl1e ) + unmap_domain_page(sl1e); + + return flush_tlb; +} + + +/* + * shadow_track_dirty_vram() + * This is the API called by the guest to determine which pages in the range + * from [begin_pfn:begin_pfn+nr) have been dirtied since the last call. + * It creates the domain's dv_dirty_vram on demand. + * It creates ranges on demand when some [begin_pfn:nr) is first encountered. + * To collect the dirty bitmask it calls shadow_scan_dirty_flags(). + * It copies the dirty bitmask into guest storage. + */ +int shadow_track_dirty_vram(struct domain *d, + unsigned long begin_pfn, + unsigned long nr, + XEN_GUEST_HANDLE_64(uint8) guest_dirty_bitmap) +{ + int rc = 0; + unsigned long end_pfn = begin_pfn + nr; + int flush_tlb = 0; + dv_range_t *range; + struct p2m_domain *p2m = p2m_get_hostp2m(d); + uint8_t *dirty_bitmap = NULL; + + /* + * This range test is tricky. + * + * The range [begin_pfn..end_pfn) is an open interval, so end_pfn + * is a pfn beyond the end of the range. + * + * p2m->max_mapped_pfn is a valid PFN so p2m->max_mapped_pfn + 1 is an + * invalid PFN. + * + * If end_pfn is beyond *that* then the range is invalid. + */ + if ( end_pfn < begin_pfn + || begin_pfn > p2m->max_mapped_pfn + || end_pfn > p2m->max_mapped_pfn + 1 ) + return -EINVAL; + + paging_lock(d); + + if ( !nr ) + { + dirty_vram_free(d); + goto out; + } + + if ( guest_handle_is_null(guest_dirty_bitmap) ) + goto out; + + if ( !dirty_vram_find_or_alloc(d) ) + { + rc = -ENOMEM; + goto out; + } + + range = dirty_vram_range_find(d, begin_pfn, nr); + if ( !range ) + { + range = dirty_vram_range_alloc(d, begin_pfn, nr); + if ( range ) + sh_find_all_vram_mappings(d->vcpu[0], range); + } + if ( range ) + { + int size = ( nr + BITS_PER_BYTE - 1 ) / BITS_PER_BYTE; + + rc = -ENOMEM; + dirty_bitmap = xzalloc_bytes( size ); + if ( !dirty_bitmap ) + goto out; + + flush_tlb |= shadow_scan_dirty_flags(d, range, dirty_bitmap); + + rc = -EFAULT; + if ( copy_to_guest(guest_dirty_bitmap, + dirty_bitmap, + size) == 0 ) + rc = 0; + } + + if ( flush_tlb ) + flush_tlb_mask(d->domain_dirty_cpumask); + +out: + paging_unlock(d); + + if ( dirty_bitmap ) + xfree(dirty_bitmap); + return rc; +} + + +/************************************************/ +/* HAP VRAM TRACKING SUPPORT */ +/************************************************/ + +/* + * hap_track_dirty_vram() + * Create the domain's dv_dirty_vram struct on demand. + * Create a dirty vram range on demand when some [begin_pfn:begin_pfn+nr] is + * first encountered. + * Collect the guest_dirty bitmask, a bit mask of the dirty vram pages, by + * calling paging_log_dirty_range(), which interrogates each vram + * page's p2m type looking for pages that have been made writable. + */ +int hap_track_dirty_vram(struct domain *d, + unsigned long begin_pfn, + unsigned long nr, + XEN_GUEST_HANDLE_64(uint8) guest_dirty_bitmap) +{ + long rc = 0; + dv_dirty_vram_t *dirty_vram; + uint8_t *dirty_bitmap = NULL; + + if ( nr ) + { + dv_range_t *range = NULL; + int size = ( nr + BITS_PER_BYTE - 1 ) / BITS_PER_BYTE; + + if ( !paging_mode_log_dirty(d) ) + { + hap_logdirty_init(d); + rc = paging_log_dirty_enable(d); + if ( rc ) + goto out; + } + + rc = -ENOMEM; + dirty_bitmap = xzalloc_bytes( size ); + if ( !dirty_bitmap ) + goto out; + + paging_lock(d); + + dirty_vram = d->arch.hvm_domain.dirty_vram; + if ( !dirty_vram ) + { + rc = -ENOMEM; + if ( !(dirty_vram = dirty_vram_alloc(d)) ) + { + paging_unlock(d); + goto out; + } + } + + range = dirty_vram_range_find(d, begin_pfn, nr); + if ( !range ) + { + rc = -ENOMEM; + if ( !(range = dirty_vram_range_alloc(d, begin_pfn, nr)) ) + { + paging_unlock(d); + goto out; + } + + paging_unlock(d); + + /* set l1e entries of range within P2M table to be read-only. */ + p2m_change_type_range(d, begin_pfn, begin_pfn + nr, + p2m_ram_rw, p2m_ram_logdirty); + + flush_tlb_mask(d->domain_dirty_cpumask); + + memset(dirty_bitmap, 0xff, size); /* consider all pages dirty */ + } + else + { + paging_unlock(d); + + domain_pause(d); + + /* get the bitmap */ + paging_log_dirty_range(d, begin_pfn, nr, dirty_bitmap); + + domain_unpause(d); + } + + + rc = -EFAULT; + if ( copy_to_guest(guest_dirty_bitmap, + dirty_bitmap, + size) == 0 ) + { + rc = 0; + } + } + else { + paging_lock(d); + + dirty_vram = d->arch.hvm_domain.dirty_vram; + if ( dirty_vram ) + { + /* + * If zero pages specified while tracking dirty vram + * then stop tracking + */ + dirty_vram_free(d); + + } + + paging_unlock(d); + } +out: + if ( dirty_bitmap ) + xfree(dirty_bitmap); + + return rc; +} + +/* + * Local variables: + * mode: C + * c-file-style: "BSD" + * c-basic-offset: 4 + * indent-tabs-mode: nil + * End: + */ diff -r 431bc26eda5b -r b0e618cb0233 xen/arch/x86/mm/hap/hap.c --- a/xen/arch/x86/mm/hap/hap.c Thu Jan 17 10:56:34 2013 +0100 +++ b/xen/arch/x86/mm/hap/hap.c Thu Jan 17 11:53:42 2013 +0000 @@ -53,117 +53,6 @@ #define page_to_mfn(_pg) _mfn(__page_to_mfn(_pg)) /************************************************/ -/* HAP VRAM TRACKING SUPPORT */ -/************************************************/ - -/* - * hap_track_dirty_vram() - * Create the domain's dv_dirty_vram struct on demand. - * Create a dirty vram range on demand when some [begin_pfn:begin_pfn+nr] is - * first encountered. - * Collect the guest_dirty bitmask, a bit mask of the dirty vram pages, by - * calling paging_log_dirty_range(), which interrogates each vram - * page's p2m type looking for pages that have been made writable. - */ - -int hap_track_dirty_vram(struct domain *d, - unsigned long begin_pfn, - unsigned long nr, - XEN_GUEST_HANDLE_64(uint8) guest_dirty_bitmap) -{ - long rc = 0; - struct sh_dirty_vram *dirty_vram; - uint8_t *dirty_bitmap = NULL; - - if ( nr ) - { - int size = (nr + BITS_PER_BYTE - 1) / BITS_PER_BYTE; - - if ( !paging_mode_log_dirty(d) ) - { - hap_logdirty_init(d); - rc = paging_log_dirty_enable(d); - if ( rc ) - goto out; - } - - rc = -ENOMEM; - dirty_bitmap = xzalloc_bytes(size); - if ( !dirty_bitmap ) - goto out; - - paging_lock(d); - - dirty_vram = d->arch.hvm_domain.dirty_vram; - if ( !dirty_vram ) - { - rc = -ENOMEM; - if ( (dirty_vram = xzalloc(struct sh_dirty_vram)) == NULL ) - { - paging_unlock(d); - goto out; - } - - d->arch.hvm_domain.dirty_vram = dirty_vram; - } - - if ( begin_pfn != dirty_vram->begin_pfn || - begin_pfn + nr != dirty_vram->end_pfn ) - { - dirty_vram->begin_pfn = begin_pfn; - dirty_vram->end_pfn = begin_pfn + nr; - - paging_unlock(d); - - /* set l1e entries of range within P2M table to be read-only. */ - p2m_change_type_range(d, begin_pfn, begin_pfn + nr, - p2m_ram_rw, p2m_ram_logdirty); - - flush_tlb_mask(d->domain_dirty_cpumask); - - memset(dirty_bitmap, 0xff, size); /* consider all pages dirty */ - } - else - { - paging_unlock(d); - - domain_pause(d); - - /* get the bitmap */ - paging_log_dirty_range(d, begin_pfn, nr, dirty_bitmap); - - domain_unpause(d); - } - - rc = -EFAULT; - if ( copy_to_guest(guest_dirty_bitmap, dirty_bitmap, size) == 0 ) - rc = 0; - } - else - { - paging_lock(d); - - dirty_vram = d->arch.hvm_domain.dirty_vram; - if ( dirty_vram ) - { - /* - * If zero pages specified while tracking dirty vram - * then stop tracking - */ - xfree(dirty_vram); - d->arch.hvm_domain.dirty_vram = NULL; - } - - paging_unlock(d); - } -out: - if ( dirty_bitmap ) - xfree(dirty_bitmap); - - return rc; -} - -/************************************************/ /* HAP LOG DIRTY SUPPORT */ /************************************************/ diff -r 431bc26eda5b -r b0e618cb0233 xen/arch/x86/mm/p2m.c --- a/xen/arch/x86/mm/p2m.c Thu Jan 17 10:56:34 2013 +0100 +++ b/xen/arch/x86/mm/p2m.c Thu Jan 17 11:53:42 2013 +0000 @@ -741,20 +741,23 @@ void p2m_change_type_range(struct domain struct p2m_domain *p2m = p2m_get_hostp2m(d); BUG_ON(p2m_is_grant(ot) || p2m_is_grant(nt)); + p2m_lock(p2m); - p2m_lock(p2m); p2m->defer_nested_flush = 1; - + for ( gfn = start; gfn < end; gfn++ ) { mfn = p2m->get_entry(p2m, gfn, &pt, &a, 0, NULL); if ( pt == ot ) - set_p2m_entry(p2m, gfn, mfn, PAGE_ORDER_4K, nt, p2m->default_access); + set_p2m_entry(p2m, gfn, mfn, PAGE_ORDER_4K, nt, + p2m->default_access); } + + p2m->defer_nested_flush = 0; - p2m->defer_nested_flush = 0; if ( nestedhvm_enabled(d) ) p2m_flush_nestedp2m(d); + p2m_unlock(p2m); } diff -r 431bc26eda5b -r b0e618cb0233 xen/arch/x86/mm/paging.c --- a/xen/arch/x86/mm/paging.c Thu Jan 17 10:56:34 2013 +0100 +++ b/xen/arch/x86/mm/paging.c Thu Jan 17 11:53:42 2013 +0000 @@ -27,6 +27,7 @@ #include #include #include +#include #include #include @@ -192,15 +193,11 @@ int paging_log_dirty_disable(struct doma return ret; } -/* Mark a page as dirty */ +/* Given a guest mfn, mark a page as dirty */ void paging_mark_dirty(struct domain *d, unsigned long guest_mfn) { unsigned long pfn; mfn_t gmfn; - int changed; - mfn_t mfn, *l4, *l3, *l2; - unsigned long *l1; - int i1, i2, i3, i4; gmfn = _mfn(guest_mfn); @@ -210,6 +207,19 @@ void paging_mark_dirty(struct domain *d, /* We /really/ mean PFN here, even for non-translated guests. */ pfn = get_gpfn_from_mfn(mfn_x(gmfn)); + paging_mark_dirty_gpfn(d, pfn); +} + + +/* Given a guest pfn, mark a page as dirty */ +void paging_mark_dirty_gpfn(struct domain *d, unsigned long pfn) +{ + int changed; + mfn_t mfn, *l4, *l3, *l2; + unsigned long *l1; + int i1, i2, i3, i4; + dv_range_t *range; + /* Shared MFNs should NEVER be marked dirty */ BUG_ON(SHARED_M2P(pfn)); @@ -229,6 +239,11 @@ void paging_mark_dirty(struct domain *d, /* Recursive: this is called from inside the shadow code */ paging_lock_recursive(d); + d->arch.paging.log_dirty.dirty_count++; + range = dirty_vram_range_find_gfn(d, pfn); + if ( range ) + range->dirty_count++; + if ( unlikely(!mfn_valid(d->arch.paging.log_dirty.top)) ) { d->arch.paging.log_dirty.top = paging_new_log_dirty_node(d); @@ -445,7 +460,31 @@ void paging_log_dirty_range(struct domai struct p2m_domain *p2m = p2m_get_hostp2m(d); int i; unsigned long pfn; + dv_range_t *range; + unsigned int range_dirty_count; + paging_lock(d); + range = dirty_vram_range_find_gfn(d, begin_pfn); + if ( !range ) + { + paging_unlock(d); + goto out; + } + + range_dirty_count = range->dirty_count; + range->dirty_count = 0; + + paging_unlock(d); + + if ( !range_dirty_count) + goto out; + + PAGING_DEBUG(LOGDIRTY, + "log-dirty-range: dom %u [%05lx:%05lx] range_dirty=%u\n", + d->domain_id, + begin_pfn, + begin_pfn + nr, + range_dirty_count); /* * Set l1e entries of P2M table to be read-only. * @@ -460,15 +499,17 @@ void paging_log_dirty_range(struct domai for ( i = 0, pfn = begin_pfn; pfn < begin_pfn + nr; i++, pfn++ ) { - p2m_type_t pt; - pt = p2m_change_type(d, pfn, p2m_ram_rw, p2m_ram_logdirty); - if ( pt == p2m_ram_rw ) + if ( p2m_change_type(d, pfn, p2m_ram_rw, p2m_ram_logdirty) == + p2m_ram_rw ) dirty_bitmap[i >> 3] |= (1 << (i & 7)); } p2m_unlock(p2m); flush_tlb_mask(d->domain_dirty_cpumask); + + out: + return; } /* Note that this function takes three function pointers. Callers must supply diff -r 431bc26eda5b -r b0e618cb0233 xen/arch/x86/mm/shadow/common.c --- a/xen/arch/x86/mm/shadow/common.c Thu Jan 17 10:56:34 2013 +0100 +++ b/xen/arch/x86/mm/shadow/common.c Thu Jan 17 11:53:42 2013 +0000 @@ -36,6 +36,7 @@ #include #include #include +#include #include #include "private.h" @@ -3121,12 +3122,7 @@ void shadow_teardown(struct domain *d) * calls now that we've torn down the bitmap */ d->arch.paging.mode &= ~PG_log_dirty; - if (d->arch.hvm_domain.dirty_vram) { - xfree(d->arch.hvm_domain.dirty_vram->sl1ma); - xfree(d->arch.hvm_domain.dirty_vram->dirty_bitmap); - xfree(d->arch.hvm_domain.dirty_vram); - d->arch.hvm_domain.dirty_vram = NULL; - } + dirty_vram_free(d); paging_unlock(d); @@ -3464,178 +3460,217 @@ void shadow_clean_dirty_bitmap(struct do /**************************************************************************/ /* VRAM dirty tracking support */ -int shadow_track_dirty_vram(struct domain *d, - unsigned long begin_pfn, - unsigned long nr, - XEN_GUEST_HANDLE_64(uint8) dirty_bitmap) + + +/* Support functions for shadow-based dirty VRAM code */ + +#define DEBUG_unshadow_sl1ma 0 +#define DEBUG_unshadow_sl1ma_detail 0 +#define DEBUG_count_initial_mappings 0 + +/* smfn is no longer a shadow page. Remove it from any + * dirty vram range mapping. */ +void +dirty_vram_delete_shadow(struct vcpu *v, + unsigned long gfn, + unsigned int shadow_type, + mfn_t smfn) { - int rc; - unsigned long end_pfn = begin_pfn + nr; - unsigned long dirty_size = (nr + 7) / 8; - int flush_tlb = 0; - unsigned long i; - p2m_type_t t; - struct sh_dirty_vram *dirty_vram = d->arch.hvm_domain.dirty_vram; - struct p2m_domain *p2m = p2m_get_hostp2m(d); - - if (end_pfn < begin_pfn - || begin_pfn > p2m->max_mapped_pfn - || end_pfn >= p2m->max_mapped_pfn) - return -EINVAL; - - /* We perform p2m lookups, so lock the p2m upfront to avoid deadlock */ - p2m_lock(p2m_get_hostp2m(d)); - paging_lock(d); - - if ( dirty_vram && (!nr || - ( begin_pfn != dirty_vram->begin_pfn - || end_pfn != dirty_vram->end_pfn )) ) + static unsigned int l1_shadow_mask = + 1 << SH_type_l1_32_shadow + | 1 << SH_type_fl1_32_shadow + | 1 << SH_type_l1_pae_shadow + | 1 << SH_type_fl1_pae_shadow + | 1 << SH_type_l1_64_shadow + | 1 << SH_type_fl1_64_shadow + ; + struct domain *d = v->domain; + dv_dirty_vram_t *dirty_vram; + struct list_head *curr, *next; + + ASSERT(paging_locked_by_me(d)); + /* Ignore all but level 1 shadows */ + + if ( (l1_shadow_mask & (1 << shadow_type)) == 0 ) { - /* Different tracking, tear the previous down. */ - gdprintk(XENLOG_INFO, "stopping tracking VRAM %lx - %lx\n", dirty_vram->begin_pfn, dirty_vram->end_pfn); - xfree(dirty_vram->sl1ma); - xfree(dirty_vram->dirty_bitmap); - xfree(dirty_vram); - dirty_vram = d->arch.hvm_domain.dirty_vram = NULL; - } - - if ( !nr ) - { - rc = 0; goto out; } - /* This should happen seldomly (Video mode change), - * no need to be careful. */ + dirty_vram = d->arch.hvm_domain.dirty_vram; if ( !dirty_vram ) { - /* Throw away all the shadows rather than walking through them - * up to nr times getting rid of mappings of each pfn */ - shadow_blow_tables(d); - - gdprintk(XENLOG_INFO, "tracking VRAM %lx - %lx\n", begin_pfn, end_pfn); - - rc = -ENOMEM; - if ( (dirty_vram = xmalloc(struct sh_dirty_vram)) == NULL ) - goto out; - dirty_vram->begin_pfn = begin_pfn; - dirty_vram->end_pfn = end_pfn; - d->arch.hvm_domain.dirty_vram = dirty_vram; - - if ( (dirty_vram->sl1ma = xmalloc_array(paddr_t, nr)) == NULL ) - goto out_dirty_vram; - memset(dirty_vram->sl1ma, ~0, sizeof(paddr_t) * nr); - - if ( (dirty_vram->dirty_bitmap = xzalloc_array(uint8_t, dirty_size)) == NULL ) - goto out_sl1ma; - - dirty_vram->last_dirty = NOW(); - - /* Tell the caller that this time we could not track dirty bits. */ - rc = -ENODATA; + goto out; } - else if (dirty_vram->last_dirty == -1) + + list_for_each_safe(curr, next, &dirty_vram->range_head) { - /* still completely clean, just copy our empty bitmap */ - rc = -EFAULT; - if ( copy_to_guest(dirty_bitmap, dirty_vram->dirty_bitmap, dirty_size) == 0 ) - rc = 0; - } - else - { - /* Iterate over VRAM to track dirty bits. */ - for ( i = 0; i < nr; i++ ) { - mfn_t mfn = get_gfn_query_unlocked(d, begin_pfn + i, &t); - struct page_info *page; - int dirty = 0; - paddr_t sl1ma = dirty_vram->sl1ma[i]; - - if (mfn_x(mfn) == INVALID_MFN) + dv_range_t *range = list_entry(curr, dv_range_t, range_link); + unsigned long i; + int max_mappings = 1, mappings = 0; + int unshadowed = 0; + for ( i = 0; i != range->end_pfn - range->begin_pfn; i++ ) + { + dv_paddr_link_t *pl = &range->pl_tab[ i ].mapping; + dv_paddr_link_t **ppl = NULL; + mappings = 0; + + while ( pl != NULL ) { - dirty = 1; - } - else - { - page = mfn_to_page(mfn); - switch (page->u.inuse.type_info & PGT_count_mask) + paddr_t sl1ma = pl->sl1ma; + unsigned long sl1mn; + + if ( sl1ma == INVALID_PADDR ) + break; + + sl1mn = sl1ma >> PAGE_SHIFT; + if ( sl1mn == mfn_x(smfn) ) { +#if DEBUG_unshadow_sl1ma_detail + gdprintk(XENLOG_DEBUG, + "[%lx] gfn[%lx] unshadow sl1ma:%lx\n", + mfn_x(smfn), + range->begin_pfn + i, + sl1ma); +#endif + unshadowed++; + pl = free_paddr_link(d, ppl, pl); + --range->nr_mappings; + } + else { - case 0: - /* No guest reference, nothing to track. */ - break; - case 1: - /* One guest reference. */ - if ( sl1ma == INVALID_PADDR ) - { - /* We don't know which sl1e points to this, too bad. */ - dirty = 1; - /* TODO: Heuristics for finding the single mapping of - * this gmfn */ - flush_tlb |= sh_remove_all_mappings(d->vcpu[0], mfn); - } - else - { - /* Hopefully the most common case: only one mapping, - * whose dirty bit we can use. */ - l1_pgentry_t *sl1e = maddr_to_virt(sl1ma); - - if ( l1e_get_flags(*sl1e) & _PAGE_DIRTY ) - { - dirty = 1; - /* Note: this is atomic, so we may clear a - * _PAGE_ACCESSED set by another processor. */ - l1e_remove_flags(*sl1e, _PAGE_DIRTY); - flush_tlb = 1; - } - } - break; - default: - /* More than one guest reference, - * we don't afford tracking that. */ - dirty = 1; - break; + ppl = &pl->pl_next; + pl = *ppl; + mappings++; } } - - if ( dirty ) + } + if ( mappings > max_mappings ) + max_mappings = mappings; + + if ( unshadowed ) { +#if DEBUG_unshadow_sl1ma + gdprintk(XENLOG_DEBUG, + "[%lx] gfn[%05lx:%05lx] unshadowed:%d mappings:0x%x " + "max_mappings:%d\n", + mfn_x(smfn), + range->begin_pfn, range->end_pfn, + unshadowed, range->nr_mappings, max_mappings); +#endif + if ( range->nr_mappings == 0 ) { - dirty_vram->dirty_bitmap[i / 8] |= 1 << (i % 8); - dirty_vram->last_dirty = NOW(); + dirty_vram_range_free(d, range); } } - - rc = -EFAULT; - if ( copy_to_guest(dirty_bitmap, dirty_vram->dirty_bitmap, dirty_size) == 0 ) { - memset(dirty_vram->dirty_bitmap, 0, dirty_size); - if (dirty_vram->last_dirty + SECONDS(2) < NOW()) + } + out: + return; +} + + +typedef int (*hash_pfn_callback_t)(struct vcpu *v, + mfn_t smfn, + unsigned long begin_pfn, + unsigned long end_pfn, + int *removed); + +static int hash_pfn_foreach(struct vcpu *v, + unsigned int callback_mask, + hash_pfn_callback_t callbacks[], + unsigned long begin_pfn, + unsigned long end_pfn) +/* Walk the hash table looking at the types of the entries and + * calling the appropriate callback function for each entry. + * The mask determines which shadow types we call back for, and the array + * of callbacks tells us which function to call. + * Any callback may return non-zero to let us skip the rest of the scan. + * + * WARNING: Callbacks MUST NOT add or remove hash entries unless they + * then return non-zero to terminate the scan. */ +{ + int i, done = 0, removed = 0; + struct domain *d = v->domain; + struct page_info *x; + + /* Say we're here, to stop hash-lookups reordering the chains */ + ASSERT(paging_locked_by_me(d)); + ASSERT(d->arch.paging.shadow.hash_walking == 0); + d->arch.paging.shadow.hash_walking = 1; + + for ( i = 0; i < SHADOW_HASH_BUCKETS; i++ ) + { + /* WARNING: This is not safe against changes to the hash table. + * The callback *must* return non-zero if it has inserted or + * deleted anything from the hash (lookups are OK, though). */ + for ( x = d->arch.paging.shadow.hash_table[i]; + x; + x = next_shadow(x) ) + { + if ( callback_mask & (1 << x->u.sh.type) ) { - /* was clean for more than two seconds, try to disable guest - * write access */ - for ( i = begin_pfn; i < end_pfn; i++ ) { - mfn_t mfn = get_gfn_query_unlocked(d, i, &t); - if (mfn_x(mfn) != INVALID_MFN) - flush_tlb |= sh_remove_write_access(d->vcpu[0], mfn, 1, 0); - } - dirty_vram->last_dirty = -1; + ASSERT(x->u.sh.type <= 15); + ASSERT(callbacks[x->u.sh.type] != NULL); + done = callbacks[x->u.sh.type](v, page_to_mfn(x), + begin_pfn, end_pfn, + &removed); + if ( done ) break; } - rc = 0; } + if ( done ) break; } - if ( flush_tlb ) - flush_tlb_mask(d->domain_dirty_cpumask); - goto out; - -out_sl1ma: - xfree(dirty_vram->sl1ma); -out_dirty_vram: - xfree(dirty_vram); - dirty_vram = d->arch.hvm_domain.dirty_vram = NULL; - -out: - paging_unlock(d); - p2m_unlock(p2m_get_hostp2m(d)); - return rc; + d->arch.paging.shadow.hash_walking = 0; + return removed; } +void sh_find_all_vram_mappings(struct vcpu *v, + dv_range_t *range) +{ + /* Dispatch table for getting per-type functions */ + static hash_pfn_callback_t callbacks[SH_type_unused] = { + NULL, /* none */ + SHADOW_INTERNAL_NAME(sh_find_vram_mappings_in_l1, 2), /* l1_32 */ + SHADOW_INTERNAL_NAME(sh_find_vram_mappings_in_l1, 2), /* fl1_32 */ + NULL, /* l2_32 */ + SHADOW_INTERNAL_NAME(sh_find_vram_mappings_in_l1, 3), /* l1_pae */ + SHADOW_INTERNAL_NAME(sh_find_vram_mappings_in_l1, 3), /* fl1_pae */ + NULL, /* l2_pae */ + NULL, /* l2h_pae */ +#if CONFIG_PAGING_LEVELS >= 4 + SHADOW_INTERNAL_NAME(sh_find_vram_mappings_in_l1, 4), /* l1_64 */ + SHADOW_INTERNAL_NAME(sh_find_vram_mappings_in_l1, 4), /* fl1_64 */ +#else + NULL, /* l1_64 */ + NULL, /* fl1_64 */ +#endif + NULL, /* l2_64 */ + NULL, /* l2h_64 */ + NULL, /* l3_64 */ + NULL, /* l4_64 */ + NULL, /* p2m */ + NULL /* unused */ + }; + + static unsigned int callback_mask = + 1 << SH_type_l1_32_shadow + | 1 << SH_type_fl1_32_shadow + | 1 << SH_type_l1_pae_shadow + | 1 << SH_type_fl1_pae_shadow + | 1 << SH_type_l1_64_shadow + | 1 << SH_type_fl1_64_shadow + ; + + perfc_incr(shadow_mappings); + + hash_pfn_foreach(v, callback_mask, callbacks, + range->begin_pfn, + range->end_pfn); + +#if DEBUG_count_initial_mappings + gdprintk(XENLOG_DEBUG, "[%05lx:%05lx] count of initial mappings:%d\n", + range->begin_pfn, range->end_pfn, + range->nr_mappings); +#endif +} + + /**************************************************************************/ /* Shadow-control XEN_DOMCTL dispatcher */ diff -r 431bc26eda5b -r b0e618cb0233 xen/arch/x86/mm/shadow/multi.c --- a/xen/arch/x86/mm/shadow/multi.c Thu Jan 17 10:56:34 2013 +0100 +++ b/xen/arch/x86/mm/shadow/multi.c Thu Jan 17 11:53:42 2013 +0000 @@ -35,6 +35,7 @@ #include #include #include +#include #include #include #include @@ -149,6 +150,10 @@ delete_fl1_shadow_status(struct vcpu *v, SHADOW_PRINTK("gfn=%"SH_PRI_gfn", type=%08x, smfn=%05lx\n", gfn_x(gfn), SH_type_fl1_shadow, mfn_x(smfn)); ASSERT(mfn_to_page(smfn)->u.sh.head); + + /* Removing any dv_paddr_links to the erstwhile shadow page */ + dirty_vram_delete_shadow(v, gfn_x(gfn), SH_type_fl1_shadow, smfn); + shadow_hash_delete(v, gfn_x(gfn), SH_type_fl1_shadow, smfn); } @@ -160,6 +165,10 @@ delete_shadow_status(struct vcpu *v, mfn v->domain->domain_id, v->vcpu_id, mfn_x(gmfn), shadow_type, mfn_x(smfn)); ASSERT(mfn_to_page(smfn)->u.sh.head); + + /* Removing any dv_paddr_links to the erstwhile shadow page */ + dirty_vram_delete_shadow(v, mfn_x(gmfn), shadow_type, smfn); + shadow_hash_delete(v, mfn_x(gmfn), shadow_type, smfn); /* 32-on-64 PV guests don't own their l4 pages; see set_shadow_status */ if ( !is_pv_32on64_vcpu(v) || shadow_type != SH_type_l4_64_shadow ) @@ -516,7 +525,6 @@ _sh_propagate(struct vcpu *v, guest_l1e_t guest_entry = { guest_intpte }; shadow_l1e_t *sp = shadow_entry_ptr; struct domain *d = v->domain; - struct sh_dirty_vram *dirty_vram = d->arch.hvm_domain.dirty_vram; gfn_t target_gfn = guest_l1e_get_gfn(guest_entry); u32 pass_thru_flags; u32 gflags, sflags; @@ -663,17 +671,6 @@ _sh_propagate(struct vcpu *v, } } - if ( unlikely((level == 1) && dirty_vram - && dirty_vram->last_dirty == -1 - && gfn_x(target_gfn) >= dirty_vram->begin_pfn - && gfn_x(target_gfn) < dirty_vram->end_pfn) ) - { - if ( ft & FETCH_TYPE_WRITE ) - dirty_vram->last_dirty = NOW(); - else - sflags &= ~_PAGE_RW; - } - /* Read-only memory */ if ( p2m_is_readonly(p2mt) || (p2mt == p2m_mmio_direct && @@ -1072,101 +1069,60 @@ static int shadow_set_l2e(struct vcpu *v return flags; } -static inline void shadow_vram_get_l1e(shadow_l1e_t new_sl1e, +/* shadow_vram_fix_l1e() + * + * Tests L1PTEs as they are modified, looking for when they start to (or + * cease to) point to frame buffer pages. If the old and new gfns differ, + * calls dirty_vram_range_update() to updates the dirty_vram structures. + */ +static inline void shadow_vram_fix_l1e(shadow_l1e_t old_sl1e, + shadow_l1e_t new_sl1e, shadow_l1e_t *sl1e, mfn_t sl1mfn, struct domain *d) { - mfn_t mfn = shadow_l1e_get_mfn(new_sl1e); - int flags = shadow_l1e_get_flags(new_sl1e); - unsigned long gfn; - struct sh_dirty_vram *dirty_vram = d->arch.hvm_domain.dirty_vram; - - if ( !dirty_vram /* tracking disabled? */ - || !(flags & _PAGE_RW) /* read-only mapping? */ - || !mfn_valid(mfn) ) /* mfn can be invalid in mmio_direct */ + mfn_t new_mfn, old_mfn; + unsigned long new_gfn = INVALID_M2P_ENTRY, old_gfn = INVALID_M2P_ENTRY; + paddr_t sl1ma; + dv_dirty_vram_t *dirty_vram = d->arch.hvm_domain.dirty_vram; + + if ( !dirty_vram ) return; - gfn = mfn_to_gfn(d, mfn); - /* Page sharing not supported on shadow PTs */ - BUG_ON(SHARED_M2P(gfn)); - - if ( (gfn >= dirty_vram->begin_pfn) && (gfn < dirty_vram->end_pfn) ) + sl1ma = pfn_to_paddr(mfn_x(sl1mfn)) | ((unsigned long)sl1e & ~PAGE_MASK); + + old_mfn = shadow_l1e_get_mfn(old_sl1e); + + if ( !sh_l1e_is_magic(old_sl1e) && + (l1e_get_flags(old_sl1e) & _PAGE_PRESENT) && + mfn_valid(old_mfn)) { - unsigned long i = gfn - dirty_vram->begin_pfn; - struct page_info *page = mfn_to_page(mfn); - - if ( (page->u.inuse.type_info & PGT_count_mask) == 1 ) - /* Initial guest reference, record it */ - dirty_vram->sl1ma[i] = pfn_to_paddr(mfn_x(sl1mfn)) - | ((unsigned long)sl1e & ~PAGE_MASK); + old_gfn = mfn_to_gfn(d, old_mfn); } -} - -static inline void shadow_vram_put_l1e(shadow_l1e_t old_sl1e, - shadow_l1e_t *sl1e, - mfn_t sl1mfn, - struct domain *d) -{ - mfn_t mfn = shadow_l1e_get_mfn(old_sl1e); - int flags = shadow_l1e_get_flags(old_sl1e); - unsigned long gfn; - struct sh_dirty_vram *dirty_vram = d->arch.hvm_domain.dirty_vram; - - if ( !dirty_vram /* tracking disabled? */ - || !(flags & _PAGE_RW) /* read-only mapping? */ - || !mfn_valid(mfn) ) /* mfn can be invalid in mmio_direct */ - return; - - gfn = mfn_to_gfn(d, mfn); - /* Page sharing not supported on shadow PTs */ - BUG_ON(SHARED_M2P(gfn)); - - if ( (gfn >= dirty_vram->begin_pfn) && (gfn < dirty_vram->end_pfn) ) + + new_mfn = shadow_l1e_get_mfn(new_sl1e); + if ( !sh_l1e_is_magic(new_sl1e) && + (l1e_get_flags(new_sl1e) & _PAGE_PRESENT) && + mfn_valid(new_mfn)) { - unsigned long i = gfn - dirty_vram->begin_pfn; - struct page_info *page = mfn_to_page(mfn); - int dirty = 0; - paddr_t sl1ma = pfn_to_paddr(mfn_x(sl1mfn)) - | ((unsigned long)sl1e & ~PAGE_MASK); - - if ( (page->u.inuse.type_info & PGT_count_mask) == 1 ) + new_gfn = mfn_to_gfn(d, new_mfn); + } + + if ( old_gfn == new_gfn ) return; + + if ( VALID_M2P(old_gfn) ) + if ( dirty_vram_range_update(d, old_gfn, sl1ma, 0/*clear*/) ) { - /* Last reference */ - if ( dirty_vram->sl1ma[i] == INVALID_PADDR ) { - /* We didn't know it was that one, let's say it is dirty */ - dirty = 1; - } - else - { - ASSERT(dirty_vram->sl1ma[i] == sl1ma); - dirty_vram->sl1ma[i] = INVALID_PADDR; - if ( flags & _PAGE_DIRTY ) - dirty = 1; - } + SHADOW_PRINTK("gfn %lx (mfn %lx) cleared vram pte\n", + old_gfn, mfn_x(old_mfn)); } - else + + if ( VALID_M2P(new_gfn) ) + if ( dirty_vram_range_update(d, new_gfn, sl1ma, 1/*set*/) ) { - /* We had more than one reference, just consider the page dirty. */ - dirty = 1; - /* Check that it's not the one we recorded. */ - if ( dirty_vram->sl1ma[i] == sl1ma ) - { - /* Too bad, we remembered the wrong one... */ - dirty_vram->sl1ma[i] = INVALID_PADDR; - } - else - { - /* Ok, our recorded sl1e is still pointing to this page, let's - * just hope it will remain. */ - } + SHADOW_PRINTK("gfn %lx (mfn %lx) set vram pte\n", + new_gfn, mfn_x(new_mfn)); } - if ( dirty ) - { - dirty_vram->dirty_bitmap[i / 8] |= 1 << (i % 8); - dirty_vram->last_dirty = NOW(); - } - } } static int shadow_set_l1e(struct vcpu *v, @@ -1211,12 +1167,13 @@ static int shadow_set_l1e(struct vcpu *v shadow_l1e_remove_flags(new_sl1e, _PAGE_RW); /* fall through */ case 0: - shadow_vram_get_l1e(new_sl1e, sl1e, sl1mfn, d); break; } } } + shadow_vram_fix_l1e(old_sl1e, new_sl1e, sl1e, sl1mfn, d); + /* Write the new entry */ shadow_write_entries(sl1e, &new_sl1e, 1, sl1mfn); flags |= SHADOW_SET_CHANGED; @@ -1231,7 +1188,6 @@ static int shadow_set_l1e(struct vcpu *v * trigger a flush later. */ if ( shadow_mode_refcounts(d) ) { - shadow_vram_put_l1e(old_sl1e, sl1e, sl1mfn, d); shadow_put_page_from_l1e(old_sl1e, d); TRACE_SHADOW_PATH_FLAG(TRCE_SFLAG_SHADOW_L1_PUT_REF); } @@ -2018,7 +1974,6 @@ void sh_destroy_l1_shadow(struct vcpu *v SHADOW_FOREACH_L1E(sl1mfn, sl1e, 0, 0, { if ( (shadow_l1e_get_flags(*sl1e) & _PAGE_PRESENT) && !sh_l1e_is_magic(*sl1e) ) { - shadow_vram_put_l1e(*sl1e, sl1e, sl1mfn, d); shadow_put_page_from_l1e(*sl1e, d); } }); @@ -4336,6 +4291,37 @@ int sh_rm_mappings_from_l1(struct vcpu * return done; } + +int sh_find_vram_mappings_in_l1(struct vcpu *v, + mfn_t sl1mfn, + unsigned long begin_pfn, + unsigned long end_pfn, + int *removed) +/* Find all VRAM mappings in this shadow l1 table */ +{ + struct domain *d = v->domain; + shadow_l1e_t *sl1e; + int done = 0; + + /* only returns _PAGE_PRESENT entries */ + SHADOW_FOREACH_L1E(sl1mfn, sl1e, 0, done, + { + unsigned long gfn; + mfn_t gmfn = shadow_l1e_get_mfn(*sl1e); + if ( !mfn_valid(gmfn) ) + continue; + gfn = mfn_to_gfn(d, gmfn); + if ( VALID_M2P(gfn) && (begin_pfn <= gfn) && (gfn < end_pfn) ) + { + paddr_t sl1ma = + pfn_to_paddr(mfn_x(sl1mfn)) | + ( (unsigned long)sl1e & ~PAGE_MASK ); + dirty_vram_range_update(v->domain, gfn, sl1ma, 1/*set*/); + } + }); + return 0; +} + /**************************************************************************/ /* Functions to excise all pointers to shadows from higher-level shadows. */ diff -r 431bc26eda5b -r b0e618cb0233 xen/arch/x86/mm/shadow/multi.h --- a/xen/arch/x86/mm/shadow/multi.h Thu Jan 17 10:56:34 2013 +0100 +++ b/xen/arch/x86/mm/shadow/multi.h Thu Jan 17 11:53:42 2013 +0000 @@ -66,7 +66,12 @@ SHADOW_INTERNAL_NAME(sh_rm_write_access_ extern int SHADOW_INTERNAL_NAME(sh_rm_mappings_from_l1, GUEST_LEVELS) (struct vcpu *v, mfn_t sl1mfn, mfn_t target_mfn); - +extern int +SHADOW_INTERNAL_NAME(sh_find_vram_mappings_in_l1, GUEST_LEVELS) + (struct vcpu *v, mfn_t sl1mfn, + unsigned long begin_pfn, + unsigned long end_pfn, + int *removed); extern void SHADOW_INTERNAL_NAME(sh_clear_shadow_entry, GUEST_LEVELS) (struct vcpu *v, void *ep, mfn_t smfn); diff -r 431bc26eda5b -r b0e618cb0233 xen/arch/x86/mm/shadow/types.h --- a/xen/arch/x86/mm/shadow/types.h Thu Jan 17 10:56:34 2013 +0100 +++ b/xen/arch/x86/mm/shadow/types.h Thu Jan 17 11:53:42 2013 +0000 @@ -229,6 +229,7 @@ static inline shadow_l4e_t shadow_l4e_fr #define sh_update_cr3 INTERNAL_NAME(sh_update_cr3) #define sh_rm_write_access_from_l1 INTERNAL_NAME(sh_rm_write_access_from_l1) #define sh_rm_mappings_from_l1 INTERNAL_NAME(sh_rm_mappings_from_l1) +#define sh_find_vram_mappings_in_l1 INTERNAL_NAME(sh_find_vram_mappings_in_l1) #define sh_remove_l1_shadow INTERNAL_NAME(sh_remove_l1_shadow) #define sh_remove_l2_shadow INTERNAL_NAME(sh_remove_l2_shadow) #define sh_remove_l3_shadow INTERNAL_NAME(sh_remove_l3_shadow) diff -r 431bc26eda5b -r b0e618cb0233 xen/include/asm-x86/dirty_vram.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/xen/include/asm-x86/dirty_vram.h Thu Jan 17 11:53:42 2013 +0000 @@ -0,0 +1,202 @@ +/**************************************************************************** + * include/asm-x86/dirty_vram.h + * + * Interface for tracking dirty VRAM pages + * + * Copyright (c) 2012 Citrix Systems, Inc. (Robert Phillips) + * Parts of this code are Copyright (c) 2007 Advanced Micro Devices (Wei Huang) + * Parts of this code are Copyright (c) 2006 by XenSource Inc. + * Parts of this code are Copyright (c) 2006 by Michael A Fetterman + * Parts based on earlier work by Michael A Fetterman, Ian Pratt et al. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + +#ifndef _DIRTY_VRAM_H +#define _DIRTY_VRAM_H + +/* + * In shadow mode we need to bookkeep all the L1 page table entries that + * map a frame buffer page. Struct dv_paddr_link does this by + * recording the address of a L1 page table entry for some frame buffer page. + * Also has a link to additional pl entries if the frame buffer page + * has multiple mappings. + * In practice very few pages have multiple mappings. + * But to rule out some pathological situation, we limit the number of + * mappings we're willing to bookkeep. + */ + +#define DV_ADDR_LINK_LIST_LIMIT 64 + +typedef struct dv_paddr_link { + paddr_t sl1ma; + struct dv_paddr_link *pl_next; +} dv_paddr_link_t; + +typedef struct dv_pl_entry { + dv_paddr_link_t mapping; + bool_t stuck_dirty; +} dv_pl_entry_t; + +/* + * This defines an extension page of pl entries for FB pages with multiple + * mappings. All such pages (of a domain) are linked together. + */ +typedef struct dv_paddr_link_ext { + struct list_head ext_link; + dv_paddr_link_t entries[ ( PAGE_SIZE - sizeof( struct list_head ) ) / + sizeof( dv_paddr_link_t ) ]; +} dv_paddr_link_ext_t; + +/* + * This defines a single frame buffer range. It bookkeeps all the + * level 1 PTEs that map guest pages within that range. + * All such ranges (of a domain) are linked together. + */ +typedef struct dv_range { + struct list_head range_link; /* the several ranges form a linked list */ + unsigned long begin_pfn; + unsigned long end_pfn; + dv_pl_entry_t *pl_tab; /* table has 1 pl entry per pfn in range */ + int nr_mappings; /* total number of mappings in this range */ + int mappings_hwm; /* high water mark of max mapping count */ + unsigned int dirty_count; +} dv_range_t; + +/* + * This contains all the data structures required by a domain to + * bookkeep the dirty pages within its frame buffers. + */ +typedef struct dv_dirty_vram { + struct list_head range_head; /* head of the linked list of ranges */ + struct list_head ext_head; /* head of list of extension pages */ + dv_paddr_link_t *pl_free; /* free list of pl's within extension pages */ + int nr_ranges; /* bookkeeps number of ranges */ + int ranges_hwm; /* high water mark of max number of ranges */ +} dv_dirty_vram_t; + +/* Allocates domain's dirty_vram structure */ +dv_dirty_vram_t * +dirty_vram_alloc(struct domain *d); + +/* + * Returns domain's dirty_vram structure, + * allocating it if necessary + */ +dv_dirty_vram_t * +dirty_vram_find_or_alloc(struct domain *d); + +/* Frees domain's dirty_vram structure */ +void dirty_vram_free(struct domain *d); + +/* Returns dirty vram range containing gfn, NULL if none */ +struct dv_range * +dirty_vram_range_find_gfn(struct domain *d, + unsigned long gfn); + +/* + * Returns dirty vram range matching [ begin_pfn .. begin_pfn+nr ), + * NULL if none + */ +dv_range_t * +dirty_vram_range_find(struct domain *d, + unsigned long begin_pfn, + unsigned long nr); + +/* + * Allocate dirty vram range containing [ begin_pfn .. begin_pfn+nr ), + * freeing any existing range that overlaps the new range. + */ +dv_range_t * +dirty_vram_range_alloc(struct domain *d, + unsigned long begin_pfn, + unsigned long nr); + +/* + * Returns dirty vram range matching [ begin_pfn .. begin_pfn+nr ), + * creating a range if none already exists and + * freeing any existing range that overlaps the new range. + */ +dv_range_t * +dirty_vram_range_find_or_alloc(struct domain *d, + unsigned long begin_pfn, + unsigned long nr); + +void dirty_vram_range_free(struct domain *d, + dv_range_t *range); + +/* Bookkeep PTE address of a frame buffer page */ +int dirty_vram_range_update(struct domain *d, + unsigned long gfn, + paddr_t sl1ma, + int set); + +/* + * smfn is no longer a shadow page. Remove it from any + * dirty vram range mapping. + */ +void +dirty_vram_delete_shadow(struct vcpu *v, + unsigned long gfn, + unsigned int shadow_type, + mfn_t smfn); + + +/* + * Scan all the L1 tables looking for VRAM mappings. + * Record them in the domain's dv_dirty_vram structure + */ +void sh_find_all_vram_mappings(struct vcpu *v, + dv_range_t *range); + +/* + * Free a paddr_link struct, given address of its + * predecessor in singly-linked list + */ +dv_paddr_link_t * +free_paddr_link(struct domain *d, + dv_paddr_link_t **ppl, + dv_paddr_link_t *pl); + + +/* Enable VRAM dirty tracking. */ +int +shadow_track_dirty_vram(struct domain *d, + unsigned long first_pfn, + unsigned long nr, + XEN_GUEST_HANDLE_64(uint8) dirty_bitmap); + +int +hap_track_dirty_vram(struct domain *d, + unsigned long begin_pfn, + unsigned long nr, + XEN_GUEST_HANDLE_64(uint8) dirty_bitmap); + +void +hap_clean_vram_tracking_range(struct domain *d, + unsigned long begin_pfn, + unsigned long nr, + uint8_t *dirty_bitmap); + +#endif /* _DIRTY_VRAM_H */ + +/* + * Local variables: + * mode: C + * c-file-style: "BSD" + * c-basic-offset: 4 + * indent-tabs-mode: nil + * End: + */ diff -r 431bc26eda5b -r b0e618cb0233 xen/include/asm-x86/hap.h --- a/xen/include/asm-x86/hap.h Thu Jan 17 10:56:34 2013 +0100 +++ b/xen/include/asm-x86/hap.h Thu Jan 17 11:53:42 2013 +0000 @@ -57,10 +57,6 @@ void hap_final_teardown(struct domain * void hap_teardown(struct domain *d); void hap_vcpu_init(struct vcpu *v); void hap_logdirty_init(struct domain *d); -int hap_track_dirty_vram(struct domain *d, - unsigned long begin_pfn, - unsigned long nr, - XEN_GUEST_HANDLE_64(uint8) dirty_bitmap); extern const struct paging_mode *hap_paging_get_mode(struct vcpu *); diff -r 431bc26eda5b -r b0e618cb0233 xen/include/asm-x86/hvm/domain.h --- a/xen/include/asm-x86/hvm/domain.h Thu Jan 17 10:56:34 2013 +0100 +++ b/xen/include/asm-x86/hvm/domain.h Thu Jan 17 11:53:42 2013 +0000 @@ -74,7 +74,7 @@ struct hvm_domain { struct list_head pinned_cacheattr_ranges; /* VRAM dirty support. */ - struct sh_dirty_vram *dirty_vram; + struct dv_dirty_vram *dirty_vram; /* If one of vcpus of this domain is in no_fill_mode or * mtrr/pat between vcpus is not the same, set is_in_uc_mode diff -r 431bc26eda5b -r b0e618cb0233 xen/include/asm-x86/paging.h --- a/xen/include/asm-x86/paging.h Thu Jan 17 10:56:34 2013 +0100 +++ b/xen/include/asm-x86/paging.h Thu Jan 17 11:53:42 2013 +0000 @@ -154,9 +154,13 @@ void paging_log_dirty_init(struct domain int (*disable_log_dirty)(struct domain *d), void (*clean_dirty_bitmap)(struct domain *d)); -/* mark a page as dirty */ +/* mark a gmfn as dirty, a wrapper around marking a gpfn as dirty */ void paging_mark_dirty(struct domain *d, unsigned long guest_mfn); +/* mark a gpfn as dirty */ +void paging_mark_dirty_gpfn(struct domain *d, unsigned long gpfn); + + /* is this guest page dirty? * This is called from inside paging code, with the paging lock held. */ int paging_mfn_is_dirty(struct domain *d, mfn_t gmfn); @@ -183,15 +187,6 @@ int paging_mfn_is_dirty(struct domain *d #define L4_LOGDIRTY_IDX(pfn) 0 #endif -/* VRAM dirty tracking support */ -struct sh_dirty_vram { - unsigned long begin_pfn; - unsigned long end_pfn; - paddr_t *sl1ma; - uint8_t *dirty_bitmap; - s_time_t last_dirty; -}; - /***************************************************************************** * Entry points into the paging-assistance code */ diff -r 431bc26eda5b -r b0e618cb0233 xen/include/asm-x86/shadow.h --- a/xen/include/asm-x86/shadow.h Thu Jan 17 10:56:34 2013 +0100 +++ b/xen/include/asm-x86/shadow.h Thu Jan 17 11:53:42 2013 +0000 @@ -62,12 +62,6 @@ void shadow_vcpu_init(struct vcpu *v); /* Enable an arbitrary shadow mode. Call once at domain creation. */ int shadow_enable(struct domain *d, u32 mode); -/* Enable VRAM dirty bit tracking. */ -int shadow_track_dirty_vram(struct domain *d, - unsigned long first_pfn, - unsigned long nr, - XEN_GUEST_HANDLE_64(uint8) dirty_bitmap); - /* Handler for shadow control ops: operations from user-space to enable * and disable ephemeral shadow modes (test mode and log-dirty mode) and * manipulate the log-dirty bitmap. */ _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 10:33:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 10:33:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9GE-0000Lm-N9; Fri, 18 Jan 2013 10:33:22 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9GC-0000KA-NG for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:21 +0000 Received: from [85.158.137.99:54766] by server-7.bemta-3.messagelabs.com id DE/E5-07262-BE429F05; Fri, 18 Jan 2013 10:33:15 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-5.tower-217.messagelabs.com!1358505190!12747875!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 27042 invoked from network); 18 Jan 2013 10:33:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-5.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 10:33:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9G1-0002n6-OX for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tw9G1-0003ov-Am for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:09 +0000 Message-Id: Date: Fri, 18 Jan 2013 10:33:08 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] x86/mm: Provide support for multiple frame buffers in HVM guests. X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Robert Phillips # Date 1358423622 0 # Node ID b0e618cb0233471028cf5db14eaa7f45b8538131 # Parent 431bc26eda5b4d5d5a22807750f7b328e6197e71 x86/mm: Provide support for multiple frame buffers in HVM guests. Support is provided for both shadow and hardware assisted paging (HAP) modes. This code bookkeeps the set of video frame buffers (vram), detects when the guest has modified any of those buffers and, upon request, returns a bitmap of the modified pages. This lets other software components re-paint the portions of the monitor (or monitors) that have changed. Each monitor has a frame buffer of some size at some position in guest physical memory. The set of frame buffers being tracked can change over time as monitors are plugged and unplugged. Signed-off-by: Robert Phillips Acked-by: Tim Deegan Removed a stray #include and a few hard tabs. Signed-off-by: Tim Deegan Committed-by: Tim Deegan --- diff -r 431bc26eda5b -r b0e618cb0233 tools/libxc/xenctrl.h --- a/tools/libxc/xenctrl.h Thu Jan 17 10:56:34 2013 +0100 +++ b/tools/libxc/xenctrl.h Thu Jan 17 11:53:42 2013 +0000 @@ -1563,15 +1563,23 @@ int xc_hvm_inject_msi( xc_interface *xch, domid_t dom, uint64_t addr, uint32_t data); /* - * Track dirty bit changes in the VRAM area + * Track dirty bit changes in a VRAM region defined by + * [ first_pfn : first_pfn + nr - 1 ] * * All of this is done atomically: - * - get the dirty bitmap since the last call - * - set up dirty tracking area for period up to the next call - * - clear the dirty tracking area. + * - gets the dirty bitmap since the last call, all zeroes for + * the first call with some new region + * - sets up a dirty tracking region for period up to the next call + * - clears the specified dirty tracking region. * - * Returns -ENODATA and does not fill bitmap if the area has changed since the - * last call. + * Creating a new region causes any existing regions that it overlaps + * to be discarded. + * + * Specifying nr == 0 causes all regions to be discarded and + * disables dirty bit tracking. + * + * If nr is not a multiple of 64, only the first nr bits of bitmap + * are well defined. */ int xc_hvm_track_dirty_vram( xc_interface *xch, domid_t dom, diff -r 431bc26eda5b -r b0e618cb0233 xen/arch/x86/hvm/hvm.c --- a/xen/arch/x86/hvm/hvm.c Thu Jan 17 10:56:34 2013 +0100 +++ b/xen/arch/x86/hvm/hvm.c Thu Jan 17 11:53:42 2013 +0000 @@ -57,6 +57,7 @@ #include #include #include +#include #include #include #include @@ -1436,8 +1437,11 @@ int hvm_hap_nested_page_fault(paddr_t gp */ if ( access_w ) { - paging_mark_dirty(v->domain, mfn_x(mfn)); - p2m_change_type(v->domain, gfn, p2m_ram_logdirty, p2m_ram_rw); + if ( p2m_change_type(v->domain, gfn, p2m_ram_logdirty, + p2m_ram_rw) == p2m_ram_logdirty ) + { + paging_mark_dirty_gpfn(v->domain, gfn); + } } rc = 1; goto out_put_gfn; diff -r 431bc26eda5b -r b0e618cb0233 xen/arch/x86/mm/Makefile --- a/xen/arch/x86/mm/Makefile Thu Jan 17 10:56:34 2013 +0100 +++ b/xen/arch/x86/mm/Makefile Thu Jan 17 11:53:42 2013 +0000 @@ -5,6 +5,7 @@ obj-y += paging.o obj-y += p2m.o p2m-pt.o p2m-ept.o p2m-pod.o obj-y += guest_walk_2.o obj-y += guest_walk_3.o +obj-y += dirty_vram.o obj-$(x86_64) += guest_walk_4.o obj-$(x86_64) += mem_event.o obj-$(x86_64) += mem_paging.o diff -r 431bc26eda5b -r b0e618cb0233 xen/arch/x86/mm/dirty_vram.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/xen/arch/x86/mm/dirty_vram.c Thu Jan 17 11:53:42 2013 +0000 @@ -0,0 +1,864 @@ +/* + * arch/x86/mm/dirty_vram.c: Bookkeep/query dirty VRAM pages + * with support for multiple frame buffers. + * + * Copyright (c) 2012, Citrix Systems, Inc. (Robert Phillips) + * Parts of this code are Copyright (c) 2007 Advanced Micro Devices (Wei Huang) + * Parts of this code are Copyright (c) 2007 XenSource Inc. + * Parts of this code are Copyright (c) 2006 by Michael A Fetterman + * Parts based on earlier work by Michael A Fetterman, Ian Pratt et al. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms and conditions of the GNU General Public License, + * version 2, as published by the Free Software Foundation. + * + * This program is distributed in the hope it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along with + * this program; if not, write to the Free Software Foundation, Inc., 59 Temple + * Place - Suite 330, Boston, MA 02111-1307 USA. + */ + + +#include +#include +#include +#include +#include +#include +#include +#include "mm-locks.h" + +#define DEBUG_stop_tracking_all_vram 0 +#define DEBUG_allocating_dirty_vram_range 0 +#define DEBUG_high_water_mark_for_vram_ranges 0 +#define DEBUG_freeing_dirty_vram_range 0 +#define DEBUG_allocate_paddr_links_page 0 +#define DEBUG_update_vram_mapping 0 +#define DEBUG_alloc_paddr_inject_fault 0 +#define DEBUG_link_limit_exceeded 0 + +/* Allocates domain's dirty_vram structure */ +dv_dirty_vram_t * +dirty_vram_alloc(struct domain *d) +{ + dv_dirty_vram_t *dirty_vram; + ASSERT( paging_locked_by_me(d) ); + dirty_vram = d->arch.hvm_domain.dirty_vram = xzalloc(dv_dirty_vram_t); + if ( dirty_vram ) + { + INIT_LIST_HEAD(&dirty_vram->range_head); + INIT_LIST_HEAD(&dirty_vram->ext_head); + } + return dirty_vram; +} + +/* + * Returns domain's dirty_vram structure, + * allocating it if necessary + */ +dv_dirty_vram_t * +dirty_vram_find_or_alloc(struct domain *d) +{ + dv_dirty_vram_t *dirty_vram = d->arch.hvm_domain.dirty_vram; + ASSERT( paging_locked_by_me(d) ); + if ( !dirty_vram ) + dirty_vram = dirty_vram_alloc(d); + return dirty_vram; +} + + +/* Free domain's dirty_vram structure */ +void dirty_vram_free(struct domain *d) +{ + dv_dirty_vram_t *dirty_vram = d->arch.hvm_domain.dirty_vram; + ASSERT( paging_locked_by_me(d) ); + if ( dirty_vram ) + { + struct list_head *curr, *next; + /* Free all the ranges */ + list_for_each_safe(curr, next, &dirty_vram->range_head) + { + dv_range_t *range = list_entry(curr, dv_range_t, range_link); +#if DEBUG_stop_tracking_all_vram + gdprintk(XENLOG_DEBUG, "[%05lx:%05lx] stop tracking all vram\n", + range->begin_pfn, range->end_pfn); +#endif + xfree(range->pl_tab); + xfree(range); + } + /* Free all the extension pages */ + list_for_each_safe(curr, next, &dirty_vram->ext_head) + { + struct dv_paddr_link_ext *ext = + container_of( + curr, struct dv_paddr_link_ext, ext_link); + struct page_info *pg = __virt_to_page(ext); + d->arch.paging.free_page(d, pg); + } + + xfree(dirty_vram); + d->arch.hvm_domain.dirty_vram = NULL; + } +} + +/* Returns dirty vram range containing gfn, NULL if none */ +struct dv_range * +dirty_vram_range_find_gfn(struct domain *d, + unsigned long gfn) +{ + struct dv_dirty_vram *dirty_vram = d->arch.hvm_domain.dirty_vram; + ASSERT( paging_locked_by_me(d) ); + if ( dirty_vram ) + { + struct list_head *curr; + list_for_each(curr, &dirty_vram->range_head) + { + dv_range_t *range = list_entry(curr, dv_range_t, range_link); + if ( gfn >= range->begin_pfn && + gfn < range->end_pfn ) + return range; + } + } + return NULL; +} + +/* + * Returns pointer to dirty vram range matching [begin_pfn .. end_pfn ), + * NULL if none. + */ +dv_range_t * +dirty_vram_range_find(struct domain *d, + unsigned long begin_pfn, + unsigned long nr) +{ + unsigned long end_pfn = begin_pfn + nr; + dv_dirty_vram_t *dirty_vram = d->arch.hvm_domain.dirty_vram; + ASSERT( paging_locked_by_me(d) ); + if ( dirty_vram ) + { + struct list_head *curr; + list_for_each(curr, &dirty_vram->range_head) + { + dv_range_t *range = list_entry(curr, dv_range_t, range_link); + if ( begin_pfn == range->begin_pfn && + end_pfn == range->end_pfn ) + return range; + } + } + return NULL; +} + +/* Allocate specified dirty_vram range */ +static dv_range_t * +_dirty_vram_range_alloc(struct domain *d, + unsigned long begin_pfn, + unsigned long nr) +{ + dv_dirty_vram_t *dirty_vram = d->arch.hvm_domain.dirty_vram; + dv_range_t *range = NULL; + unsigned long end_pfn = begin_pfn + nr; + dv_pl_entry_t *pl_tab = NULL; + int i; + + ASSERT( paging_locked_by_me(d) ); + ASSERT( dirty_vram != NULL ); + +#if DEBUG_allocating_dirty_vram_range + gdprintk(XENLOG_DEBUG, + "[%05lx:%05lx] Allocating dirty vram range hap:%d\n", + begin_pfn, end_pfn, + d->arch.hvm_domain.hap_enabled); +#endif + + range = xzalloc(dv_range_t); + if ( range == NULL ) + goto err_out; + + INIT_LIST_HEAD(&range->range_link); + + range->begin_pfn = begin_pfn; + range->end_pfn = end_pfn; + + if ( !hap_enabled(d) ) + { + if ( (pl_tab = xzalloc_array(dv_pl_entry_t, nr)) == NULL ) + goto err_out; + + for ( i = 0; i != nr; i++ ) + { + pl_tab[i].mapping.sl1ma = INVALID_PADDR; + } + } + + range->pl_tab = pl_tab; + range->mappings_hwm = 1; + + list_add(&range->range_link, &dirty_vram->range_head); + if ( ++dirty_vram->nr_ranges > dirty_vram->ranges_hwm ) + { + dirty_vram->ranges_hwm = dirty_vram->nr_ranges; +#if DEBUG_high_water_mark_for_vram_ranges + gdprintk(XENLOG_DEBUG, + "High water mark for number of vram ranges is now:%d\n", + dirty_vram->ranges_hwm); +#endif + } + return range; + + err_out: + xfree(pl_tab); + xfree(range); + return NULL; +} + + +/* Frees specified dirty_vram range */ +void dirty_vram_range_free(struct domain *d, + dv_range_t *range) +{ + dv_dirty_vram_t *dirty_vram = d->arch.hvm_domain.dirty_vram; + ASSERT( paging_locked_by_me(d) ); + if ( dirty_vram ) + { + int i, nr = range->end_pfn - range->begin_pfn; + +#if DEBUG_freeing_dirty_vram_range + gdprintk(XENLOG_DEBUG, + "[%05lx:%05lx] Freeing dirty vram range\n", + range->begin_pfn, range->end_pfn); +#endif + + if ( range->pl_tab ) + { + for ( i = 0; i != nr; i++ ) + { + dv_paddr_link_t *plx; + plx = range->pl_tab[i].mapping.pl_next; + /* Does current FB page have multiple mappings? */ + if ( plx ) /* yes */ + { + /* Find the last element in singly-linked list */ + while ( plx->pl_next != NULL ) + plx = plx->pl_next; + + /* Prepend whole list to the free list */ + plx->pl_next = dirty_vram->pl_free; + dirty_vram->pl_free = range->pl_tab[i].mapping.pl_next; + } + } + xfree(range->pl_tab); + range->pl_tab = NULL; + } + + /* Remove range from the linked list, free it, and adjust count*/ + list_del(&range->range_link); + xfree(range); + dirty_vram->nr_ranges--; + } +} + +/* + * dirty_vram_range_alloc() + * This function ensures that the new range does not overlap any existing + * ranges -- deleting them if necessary -- and then calls + * _dirty_vram_range_alloc to actually allocate the new range. + */ +dv_range_t * +dirty_vram_range_alloc(struct domain *d, + unsigned long begin_pfn, + unsigned long nr) +{ + unsigned long end_pfn = begin_pfn + nr; + dv_dirty_vram_t *dirty_vram = d->arch.hvm_domain.dirty_vram; + dv_range_t *range; + struct list_head *curr, *next; + + ASSERT( paging_locked_by_me(d) ); + ASSERT( dirty_vram != NULL ); + + /* + * Ranges cannot overlap so + * free any range that overlaps [ begin_pfn .. end_pfn ) + */ + list_for_each_safe(curr, next, &dirty_vram->range_head) + { + dv_range_t *rng = list_entry(curr, dv_range_t, range_link); + if ( ( ( rng->begin_pfn <= begin_pfn ) && + ( begin_pfn < rng->end_pfn ) + ) || + ( ( begin_pfn <= rng->begin_pfn ) && + ( rng->begin_pfn < end_pfn ) + ) ) + { + /* Different tracking, tear the previous down. */ + dirty_vram_range_free(d, rng); + } + } + + range = _dirty_vram_range_alloc(d, begin_pfn, nr); + if ( !range ) + goto out; + + out: + return range; +} + +/* + * dirty_vram_range_find_or_alloc() + * Find the range for [begin_pfn:begin_pfn+nr). + * If it doesn't exists, create it. + */ +dv_range_t * +dirty_vram_range_find_or_alloc(struct domain *d, + unsigned long begin_pfn, + unsigned long nr) +{ + dv_range_t *range; + ASSERT( paging_locked_by_me(d) ); + range = dirty_vram_range_find(d, begin_pfn, nr); + if ( !range ) + range = dirty_vram_range_alloc(d, begin_pfn, nr); + + return range; +} + + + +/* Allocate a dv_paddr_link struct */ +static dv_paddr_link_t * +alloc_paddr_link(struct domain *d) +{ + dv_paddr_link_t * pl = NULL; + dv_dirty_vram_t *dirty_vram = d->arch.hvm_domain.dirty_vram; + dv_paddr_link_ext_t *ext = NULL; + + + ASSERT( paging_locked_by_me(d) ); + BUILD_BUG_ON(sizeof(dv_paddr_link_ext_t) > PAGE_SIZE); + /* Is the list of free pl's empty? */ + if ( dirty_vram->pl_free == NULL ) /* yes */ + { + /* + * Allocate another page of pl's. + * Link them all together and point the free list head at them + */ + int i; + struct page_info *pg = d->arch.paging.alloc_page(d); + + ext = map_domain_page(pg); + if ( ext == NULL ) + goto out; + +#if DEBUG_allocate_paddr_links_page + gdprintk(XENLOG_DEBUG, "Allocated another page of paddr_links\n"); +#endif + list_add(&ext->ext_link, &dirty_vram->ext_head); + + /* initialize and link together the new pl entries */ + for ( i = 0; i != ARRAY_SIZE(ext->entries); i++ ) + { + ext->entries[i].sl1ma = INVALID_PADDR; + ext->entries[i].pl_next = &ext->entries[i+1]; + } + ext->entries[ARRAY_SIZE(ext->entries) - 1].pl_next = NULL; + dirty_vram->pl_free = &ext->entries[0]; + } + pl = dirty_vram->pl_free; + dirty_vram->pl_free = pl->pl_next; + + pl->sl1ma = INVALID_PADDR; + pl->pl_next = NULL; + out: + if ( ext ) + unmap_domain_page(ext); + + return pl; +} + + +/* + * Free a paddr_link struct. + * + * The caller has walked the singly-linked list of elements + * that have, as their head, an element in a pl_tab cell. + * The list walks has reached the element to be freed. + * (Each element is a dv_paddr_link_t struct.) + * + * @pl points to the element to be freed. + * @ppl points to its predecessor element's next member. + * + * After linking the precessor to the element's successor, + * we can free @pl by prepending it to the list of free + * elements. + * + * As a boundary case (which happens to be the common case), + * @pl points to a cell in the pl_tab rather than to some + * extension element danging from that cell. + * We recognize this case because @ppl is NULL. + * In that case we promote the first extension element by + * copying it into the pl_tab cell and free it. + */ + +dv_paddr_link_t * +free_paddr_link(struct domain *d, + dv_paddr_link_t **ppl, + dv_paddr_link_t *pl) +{ + dv_dirty_vram_t *dirty_vram = d->arch.hvm_domain.dirty_vram; + dv_paddr_link_t *npl; /* next pl */ + + ASSERT( paging_locked_by_me(d) ); + /* extension mapping? */ + if ( ppl ) /* yes. free it */ + { + ASSERT(pl == (*ppl)); + (*ppl) = npl = pl->pl_next; + } + else /* main table */ + { + /* + * move 2nd mapping to main table. + * and free 2nd mapping + */ + dv_paddr_link_t * spl; + spl = pl->pl_next; + if ( spl == NULL ) + { + pl->sl1ma = INVALID_PADDR; + return pl; + } + pl->sl1ma = spl->sl1ma; + pl->pl_next = spl->pl_next; + npl = pl; /* reprocess main table entry again */ + pl = spl; + } + pl->sl1ma = INVALID_PADDR; + pl->pl_next = dirty_vram->pl_free; + dirty_vram->pl_free = pl; + return npl; +} + + +/* + * dirty_vram_range_update() + * + * This is called whenever a level 1 page table entry is modified. + * If the L1PTE is being cleared, the function removes any paddr_links + * that refer to it. + * If the L1PTE is being set to a frame buffer page, a paddr_link is + * created for that page's entry in pl_tab. + * Returns 1 iff entry found and set or cleared. + */ +int dirty_vram_range_update(struct domain *d, + unsigned long gfn, + paddr_t sl1ma, + int set) +{ + int effective = 0; + dv_range_t *range; + unsigned long i; + dv_paddr_link_t *pl; + dv_paddr_link_t **ppl; + int len = 0; + + ASSERT(paging_locked_by_me(d)); + range = dirty_vram_range_find_gfn(d, gfn); + if ( !range ) + return effective; + + + i = gfn - range->begin_pfn; + pl = &range->pl_tab[ i ].mapping; + ppl = NULL; + + /* + * find matching entry (pl), if any, and its predecessor + * in linked list (ppl) + */ + while ( pl != NULL ) + { + if ( pl->sl1ma == sl1ma || pl->sl1ma == INVALID_PADDR ) + break; + + ppl = &pl->pl_next; + pl = *ppl; + len++; + } + + if ( set ) + { + /* Did we find sl1ma in either the main table or the linked list? */ + if ( pl == NULL ) /* no, so we'll need to alloc a link */ + { + ASSERT(ppl != NULL); + +#if DEBUG_alloc_paddr_inject_fault + { + static int counter; + + /* Test stuck_dirty logic for some cases */ + if ( (++counter) % 4 == 0 ) + { + /* Simply mark the frame buffer page as always dirty */ + range->pl_tab[ i ].stuck_dirty = 1; + gdprintk(XENLOG_DEBUG, + "[%lx] inject stuck dirty fault\n", + gfn ); + goto out; + } + } +#endif + /* + * Have we reached the limit of mappings we're willing + * to bookkeep? + */ + if ( len > DV_ADDR_LINK_LIST_LIMIT ) /* yes */ + { +#if DEBUG_link_limit_exceeded + if ( !range->pl_tab[ i ].stuck_dirty ) + gdprintk(XENLOG_DEBUG, + "[%lx] link limit exceeded\n", + gfn ); +#endif + /* Simply mark the frame buffer page as always dirty */ + range->pl_tab[ i ].stuck_dirty = 1; + goto out; + } + + /* alloc link and append it to list */ + (*ppl) = pl = alloc_paddr_link(d); + /* Were we able to allocate a link? */ + if ( pl == NULL ) /* no */ + { + /* Simply mark the frame buffer page as always dirty */ + range->pl_tab[ i ].stuck_dirty = 1; + + gdprintk(XENLOG_DEBUG, + "[%lx] alloc failure\n", + gfn ); + + goto out; + } + } + if ( pl->sl1ma != sl1ma ) + { + ASSERT(pl->sl1ma == INVALID_PADDR); + pl->sl1ma = sl1ma; + range->nr_mappings++; + } + effective = 1; + if ( len > range->mappings_hwm ) + { + range->mappings_hwm = len; +#if DEBUG_update_vram_mapping + gdprintk(XENLOG_DEBUG, + "[%lx] set sl1ma:%lx hwm:%d mappings:%d " + "freepages:%d\n", + gfn, sl1ma, + range->mappings_hwm, + range->nr_mappings, + d->arch.paging.shadow.free_pages); +#endif + } + } + else /* clear */ + { + if ( pl && pl->sl1ma == sl1ma ) + { +#if DEBUG_update_vram_mapping + gdprintk(XENLOG_DEBUG, + "[%lx] clear sl1ma:%lx mappings:%d\n", + gfn, sl1ma, + range->nr_mappings - 1); +#endif + free_paddr_link(d, ppl, pl); + --range->nr_mappings; + effective = 1; + } + } + out: + return effective; +} + + +/* + * shadow_scan_dirty_flags() + * This produces a dirty bitmap for the range by examining every + * L1PTE referenced by some dv_paddr_link in the range's pl_tab table. + * It tests and clears each such L1PTE's dirty flag. + */ +static int shadow_scan_dirty_flags(struct domain *d, + dv_range_t *range, + uint8_t *dirty_bitmap) +{ + int flush_tlb = 0; + unsigned long i; + unsigned long nr = range->end_pfn - range->begin_pfn; + l1_pgentry_t *sl1e = NULL; + + ASSERT( paging_locked_by_me(d) ); + /* Iterate over VRAM to track dirty bits. */ + for ( i = 0; i < nr; i++ ) + { + int dirty = 0, len = 1; + dv_paddr_link_t *pl; + /* Does the frame buffer have an incomplete set of mappings? */ + if ( unlikely(range->pl_tab[i].stuck_dirty) ) /* yes */ + dirty = 1; + else /* The frame buffer's set of mappings is complete. Scan it. */ + for ( pl = &range->pl_tab[i].mapping; + pl; + pl = pl->pl_next, len++ ) + { + paddr_t sl1ma = pl->sl1ma; + if ( sl1ma == INVALID_PADDR ) /* FB page is unmapped */ + continue; + + if ( sl1e ) /* cleanup from previous iteration */ + unmap_domain_page(sl1e); + + sl1e = map_domain_page(sl1ma >> PAGE_SHIFT); + if ( l1e_get_flags(*sl1e) & _PAGE_DIRTY ) + { + dirty = 1; + /* Clear dirty so we can detect if page gets re-dirtied. + * Note: this is atomic, so we may clear a + * _PAGE_ACCESSED set by another processor. + */ + l1e_remove_flags(*sl1e, _PAGE_DIRTY); + flush_tlb = 1; + } + } /* for */ + + if ( dirty ) + dirty_bitmap[i >> 3] |= (1 << (i & 7)); + + } + + if ( sl1e ) + unmap_domain_page(sl1e); + + return flush_tlb; +} + + +/* + * shadow_track_dirty_vram() + * This is the API called by the guest to determine which pages in the range + * from [begin_pfn:begin_pfn+nr) have been dirtied since the last call. + * It creates the domain's dv_dirty_vram on demand. + * It creates ranges on demand when some [begin_pfn:nr) is first encountered. + * To collect the dirty bitmask it calls shadow_scan_dirty_flags(). + * It copies the dirty bitmask into guest storage. + */ +int shadow_track_dirty_vram(struct domain *d, + unsigned long begin_pfn, + unsigned long nr, + XEN_GUEST_HANDLE_64(uint8) guest_dirty_bitmap) +{ + int rc = 0; + unsigned long end_pfn = begin_pfn + nr; + int flush_tlb = 0; + dv_range_t *range; + struct p2m_domain *p2m = p2m_get_hostp2m(d); + uint8_t *dirty_bitmap = NULL; + + /* + * This range test is tricky. + * + * The range [begin_pfn..end_pfn) is an open interval, so end_pfn + * is a pfn beyond the end of the range. + * + * p2m->max_mapped_pfn is a valid PFN so p2m->max_mapped_pfn + 1 is an + * invalid PFN. + * + * If end_pfn is beyond *that* then the range is invalid. + */ + if ( end_pfn < begin_pfn + || begin_pfn > p2m->max_mapped_pfn + || end_pfn > p2m->max_mapped_pfn + 1 ) + return -EINVAL; + + paging_lock(d); + + if ( !nr ) + { + dirty_vram_free(d); + goto out; + } + + if ( guest_handle_is_null(guest_dirty_bitmap) ) + goto out; + + if ( !dirty_vram_find_or_alloc(d) ) + { + rc = -ENOMEM; + goto out; + } + + range = dirty_vram_range_find(d, begin_pfn, nr); + if ( !range ) + { + range = dirty_vram_range_alloc(d, begin_pfn, nr); + if ( range ) + sh_find_all_vram_mappings(d->vcpu[0], range); + } + if ( range ) + { + int size = ( nr + BITS_PER_BYTE - 1 ) / BITS_PER_BYTE; + + rc = -ENOMEM; + dirty_bitmap = xzalloc_bytes( size ); + if ( !dirty_bitmap ) + goto out; + + flush_tlb |= shadow_scan_dirty_flags(d, range, dirty_bitmap); + + rc = -EFAULT; + if ( copy_to_guest(guest_dirty_bitmap, + dirty_bitmap, + size) == 0 ) + rc = 0; + } + + if ( flush_tlb ) + flush_tlb_mask(d->domain_dirty_cpumask); + +out: + paging_unlock(d); + + if ( dirty_bitmap ) + xfree(dirty_bitmap); + return rc; +} + + +/************************************************/ +/* HAP VRAM TRACKING SUPPORT */ +/************************************************/ + +/* + * hap_track_dirty_vram() + * Create the domain's dv_dirty_vram struct on demand. + * Create a dirty vram range on demand when some [begin_pfn:begin_pfn+nr] is + * first encountered. + * Collect the guest_dirty bitmask, a bit mask of the dirty vram pages, by + * calling paging_log_dirty_range(), which interrogates each vram + * page's p2m type looking for pages that have been made writable. + */ +int hap_track_dirty_vram(struct domain *d, + unsigned long begin_pfn, + unsigned long nr, + XEN_GUEST_HANDLE_64(uint8) guest_dirty_bitmap) +{ + long rc = 0; + dv_dirty_vram_t *dirty_vram; + uint8_t *dirty_bitmap = NULL; + + if ( nr ) + { + dv_range_t *range = NULL; + int size = ( nr + BITS_PER_BYTE - 1 ) / BITS_PER_BYTE; + + if ( !paging_mode_log_dirty(d) ) + { + hap_logdirty_init(d); + rc = paging_log_dirty_enable(d); + if ( rc ) + goto out; + } + + rc = -ENOMEM; + dirty_bitmap = xzalloc_bytes( size ); + if ( !dirty_bitmap ) + goto out; + + paging_lock(d); + + dirty_vram = d->arch.hvm_domain.dirty_vram; + if ( !dirty_vram ) + { + rc = -ENOMEM; + if ( !(dirty_vram = dirty_vram_alloc(d)) ) + { + paging_unlock(d); + goto out; + } + } + + range = dirty_vram_range_find(d, begin_pfn, nr); + if ( !range ) + { + rc = -ENOMEM; + if ( !(range = dirty_vram_range_alloc(d, begin_pfn, nr)) ) + { + paging_unlock(d); + goto out; + } + + paging_unlock(d); + + /* set l1e entries of range within P2M table to be read-only. */ + p2m_change_type_range(d, begin_pfn, begin_pfn + nr, + p2m_ram_rw, p2m_ram_logdirty); + + flush_tlb_mask(d->domain_dirty_cpumask); + + memset(dirty_bitmap, 0xff, size); /* consider all pages dirty */ + } + else + { + paging_unlock(d); + + domain_pause(d); + + /* get the bitmap */ + paging_log_dirty_range(d, begin_pfn, nr, dirty_bitmap); + + domain_unpause(d); + } + + + rc = -EFAULT; + if ( copy_to_guest(guest_dirty_bitmap, + dirty_bitmap, + size) == 0 ) + { + rc = 0; + } + } + else { + paging_lock(d); + + dirty_vram = d->arch.hvm_domain.dirty_vram; + if ( dirty_vram ) + { + /* + * If zero pages specified while tracking dirty vram + * then stop tracking + */ + dirty_vram_free(d); + + } + + paging_unlock(d); + } +out: + if ( dirty_bitmap ) + xfree(dirty_bitmap); + + return rc; +} + +/* + * Local variables: + * mode: C + * c-file-style: "BSD" + * c-basic-offset: 4 + * indent-tabs-mode: nil + * End: + */ diff -r 431bc26eda5b -r b0e618cb0233 xen/arch/x86/mm/hap/hap.c --- a/xen/arch/x86/mm/hap/hap.c Thu Jan 17 10:56:34 2013 +0100 +++ b/xen/arch/x86/mm/hap/hap.c Thu Jan 17 11:53:42 2013 +0000 @@ -53,117 +53,6 @@ #define page_to_mfn(_pg) _mfn(__page_to_mfn(_pg)) /************************************************/ -/* HAP VRAM TRACKING SUPPORT */ -/************************************************/ - -/* - * hap_track_dirty_vram() - * Create the domain's dv_dirty_vram struct on demand. - * Create a dirty vram range on demand when some [begin_pfn:begin_pfn+nr] is - * first encountered. - * Collect the guest_dirty bitmask, a bit mask of the dirty vram pages, by - * calling paging_log_dirty_range(), which interrogates each vram - * page's p2m type looking for pages that have been made writable. - */ - -int hap_track_dirty_vram(struct domain *d, - unsigned long begin_pfn, - unsigned long nr, - XEN_GUEST_HANDLE_64(uint8) guest_dirty_bitmap) -{ - long rc = 0; - struct sh_dirty_vram *dirty_vram; - uint8_t *dirty_bitmap = NULL; - - if ( nr ) - { - int size = (nr + BITS_PER_BYTE - 1) / BITS_PER_BYTE; - - if ( !paging_mode_log_dirty(d) ) - { - hap_logdirty_init(d); - rc = paging_log_dirty_enable(d); - if ( rc ) - goto out; - } - - rc = -ENOMEM; - dirty_bitmap = xzalloc_bytes(size); - if ( !dirty_bitmap ) - goto out; - - paging_lock(d); - - dirty_vram = d->arch.hvm_domain.dirty_vram; - if ( !dirty_vram ) - { - rc = -ENOMEM; - if ( (dirty_vram = xzalloc(struct sh_dirty_vram)) == NULL ) - { - paging_unlock(d); - goto out; - } - - d->arch.hvm_domain.dirty_vram = dirty_vram; - } - - if ( begin_pfn != dirty_vram->begin_pfn || - begin_pfn + nr != dirty_vram->end_pfn ) - { - dirty_vram->begin_pfn = begin_pfn; - dirty_vram->end_pfn = begin_pfn + nr; - - paging_unlock(d); - - /* set l1e entries of range within P2M table to be read-only. */ - p2m_change_type_range(d, begin_pfn, begin_pfn + nr, - p2m_ram_rw, p2m_ram_logdirty); - - flush_tlb_mask(d->domain_dirty_cpumask); - - memset(dirty_bitmap, 0xff, size); /* consider all pages dirty */ - } - else - { - paging_unlock(d); - - domain_pause(d); - - /* get the bitmap */ - paging_log_dirty_range(d, begin_pfn, nr, dirty_bitmap); - - domain_unpause(d); - } - - rc = -EFAULT; - if ( copy_to_guest(guest_dirty_bitmap, dirty_bitmap, size) == 0 ) - rc = 0; - } - else - { - paging_lock(d); - - dirty_vram = d->arch.hvm_domain.dirty_vram; - if ( dirty_vram ) - { - /* - * If zero pages specified while tracking dirty vram - * then stop tracking - */ - xfree(dirty_vram); - d->arch.hvm_domain.dirty_vram = NULL; - } - - paging_unlock(d); - } -out: - if ( dirty_bitmap ) - xfree(dirty_bitmap); - - return rc; -} - -/************************************************/ /* HAP LOG DIRTY SUPPORT */ /************************************************/ diff -r 431bc26eda5b -r b0e618cb0233 xen/arch/x86/mm/p2m.c --- a/xen/arch/x86/mm/p2m.c Thu Jan 17 10:56:34 2013 +0100 +++ b/xen/arch/x86/mm/p2m.c Thu Jan 17 11:53:42 2013 +0000 @@ -741,20 +741,23 @@ void p2m_change_type_range(struct domain struct p2m_domain *p2m = p2m_get_hostp2m(d); BUG_ON(p2m_is_grant(ot) || p2m_is_grant(nt)); + p2m_lock(p2m); - p2m_lock(p2m); p2m->defer_nested_flush = 1; - + for ( gfn = start; gfn < end; gfn++ ) { mfn = p2m->get_entry(p2m, gfn, &pt, &a, 0, NULL); if ( pt == ot ) - set_p2m_entry(p2m, gfn, mfn, PAGE_ORDER_4K, nt, p2m->default_access); + set_p2m_entry(p2m, gfn, mfn, PAGE_ORDER_4K, nt, + p2m->default_access); } + + p2m->defer_nested_flush = 0; - p2m->defer_nested_flush = 0; if ( nestedhvm_enabled(d) ) p2m_flush_nestedp2m(d); + p2m_unlock(p2m); } diff -r 431bc26eda5b -r b0e618cb0233 xen/arch/x86/mm/paging.c --- a/xen/arch/x86/mm/paging.c Thu Jan 17 10:56:34 2013 +0100 +++ b/xen/arch/x86/mm/paging.c Thu Jan 17 11:53:42 2013 +0000 @@ -27,6 +27,7 @@ #include #include #include +#include #include #include @@ -192,15 +193,11 @@ int paging_log_dirty_disable(struct doma return ret; } -/* Mark a page as dirty */ +/* Given a guest mfn, mark a page as dirty */ void paging_mark_dirty(struct domain *d, unsigned long guest_mfn) { unsigned long pfn; mfn_t gmfn; - int changed; - mfn_t mfn, *l4, *l3, *l2; - unsigned long *l1; - int i1, i2, i3, i4; gmfn = _mfn(guest_mfn); @@ -210,6 +207,19 @@ void paging_mark_dirty(struct domain *d, /* We /really/ mean PFN here, even for non-translated guests. */ pfn = get_gpfn_from_mfn(mfn_x(gmfn)); + paging_mark_dirty_gpfn(d, pfn); +} + + +/* Given a guest pfn, mark a page as dirty */ +void paging_mark_dirty_gpfn(struct domain *d, unsigned long pfn) +{ + int changed; + mfn_t mfn, *l4, *l3, *l2; + unsigned long *l1; + int i1, i2, i3, i4; + dv_range_t *range; + /* Shared MFNs should NEVER be marked dirty */ BUG_ON(SHARED_M2P(pfn)); @@ -229,6 +239,11 @@ void paging_mark_dirty(struct domain *d, /* Recursive: this is called from inside the shadow code */ paging_lock_recursive(d); + d->arch.paging.log_dirty.dirty_count++; + range = dirty_vram_range_find_gfn(d, pfn); + if ( range ) + range->dirty_count++; + if ( unlikely(!mfn_valid(d->arch.paging.log_dirty.top)) ) { d->arch.paging.log_dirty.top = paging_new_log_dirty_node(d); @@ -445,7 +460,31 @@ void paging_log_dirty_range(struct domai struct p2m_domain *p2m = p2m_get_hostp2m(d); int i; unsigned long pfn; + dv_range_t *range; + unsigned int range_dirty_count; + paging_lock(d); + range = dirty_vram_range_find_gfn(d, begin_pfn); + if ( !range ) + { + paging_unlock(d); + goto out; + } + + range_dirty_count = range->dirty_count; + range->dirty_count = 0; + + paging_unlock(d); + + if ( !range_dirty_count) + goto out; + + PAGING_DEBUG(LOGDIRTY, + "log-dirty-range: dom %u [%05lx:%05lx] range_dirty=%u\n", + d->domain_id, + begin_pfn, + begin_pfn + nr, + range_dirty_count); /* * Set l1e entries of P2M table to be read-only. * @@ -460,15 +499,17 @@ void paging_log_dirty_range(struct domai for ( i = 0, pfn = begin_pfn; pfn < begin_pfn + nr; i++, pfn++ ) { - p2m_type_t pt; - pt = p2m_change_type(d, pfn, p2m_ram_rw, p2m_ram_logdirty); - if ( pt == p2m_ram_rw ) + if ( p2m_change_type(d, pfn, p2m_ram_rw, p2m_ram_logdirty) == + p2m_ram_rw ) dirty_bitmap[i >> 3] |= (1 << (i & 7)); } p2m_unlock(p2m); flush_tlb_mask(d->domain_dirty_cpumask); + + out: + return; } /* Note that this function takes three function pointers. Callers must supply diff -r 431bc26eda5b -r b0e618cb0233 xen/arch/x86/mm/shadow/common.c --- a/xen/arch/x86/mm/shadow/common.c Thu Jan 17 10:56:34 2013 +0100 +++ b/xen/arch/x86/mm/shadow/common.c Thu Jan 17 11:53:42 2013 +0000 @@ -36,6 +36,7 @@ #include #include #include +#include #include #include "private.h" @@ -3121,12 +3122,7 @@ void shadow_teardown(struct domain *d) * calls now that we've torn down the bitmap */ d->arch.paging.mode &= ~PG_log_dirty; - if (d->arch.hvm_domain.dirty_vram) { - xfree(d->arch.hvm_domain.dirty_vram->sl1ma); - xfree(d->arch.hvm_domain.dirty_vram->dirty_bitmap); - xfree(d->arch.hvm_domain.dirty_vram); - d->arch.hvm_domain.dirty_vram = NULL; - } + dirty_vram_free(d); paging_unlock(d); @@ -3464,178 +3460,217 @@ void shadow_clean_dirty_bitmap(struct do /**************************************************************************/ /* VRAM dirty tracking support */ -int shadow_track_dirty_vram(struct domain *d, - unsigned long begin_pfn, - unsigned long nr, - XEN_GUEST_HANDLE_64(uint8) dirty_bitmap) + + +/* Support functions for shadow-based dirty VRAM code */ + +#define DEBUG_unshadow_sl1ma 0 +#define DEBUG_unshadow_sl1ma_detail 0 +#define DEBUG_count_initial_mappings 0 + +/* smfn is no longer a shadow page. Remove it from any + * dirty vram range mapping. */ +void +dirty_vram_delete_shadow(struct vcpu *v, + unsigned long gfn, + unsigned int shadow_type, + mfn_t smfn) { - int rc; - unsigned long end_pfn = begin_pfn + nr; - unsigned long dirty_size = (nr + 7) / 8; - int flush_tlb = 0; - unsigned long i; - p2m_type_t t; - struct sh_dirty_vram *dirty_vram = d->arch.hvm_domain.dirty_vram; - struct p2m_domain *p2m = p2m_get_hostp2m(d); - - if (end_pfn < begin_pfn - || begin_pfn > p2m->max_mapped_pfn - || end_pfn >= p2m->max_mapped_pfn) - return -EINVAL; - - /* We perform p2m lookups, so lock the p2m upfront to avoid deadlock */ - p2m_lock(p2m_get_hostp2m(d)); - paging_lock(d); - - if ( dirty_vram && (!nr || - ( begin_pfn != dirty_vram->begin_pfn - || end_pfn != dirty_vram->end_pfn )) ) + static unsigned int l1_shadow_mask = + 1 << SH_type_l1_32_shadow + | 1 << SH_type_fl1_32_shadow + | 1 << SH_type_l1_pae_shadow + | 1 << SH_type_fl1_pae_shadow + | 1 << SH_type_l1_64_shadow + | 1 << SH_type_fl1_64_shadow + ; + struct domain *d = v->domain; + dv_dirty_vram_t *dirty_vram; + struct list_head *curr, *next; + + ASSERT(paging_locked_by_me(d)); + /* Ignore all but level 1 shadows */ + + if ( (l1_shadow_mask & (1 << shadow_type)) == 0 ) { - /* Different tracking, tear the previous down. */ - gdprintk(XENLOG_INFO, "stopping tracking VRAM %lx - %lx\n", dirty_vram->begin_pfn, dirty_vram->end_pfn); - xfree(dirty_vram->sl1ma); - xfree(dirty_vram->dirty_bitmap); - xfree(dirty_vram); - dirty_vram = d->arch.hvm_domain.dirty_vram = NULL; - } - - if ( !nr ) - { - rc = 0; goto out; } - /* This should happen seldomly (Video mode change), - * no need to be careful. */ + dirty_vram = d->arch.hvm_domain.dirty_vram; if ( !dirty_vram ) { - /* Throw away all the shadows rather than walking through them - * up to nr times getting rid of mappings of each pfn */ - shadow_blow_tables(d); - - gdprintk(XENLOG_INFO, "tracking VRAM %lx - %lx\n", begin_pfn, end_pfn); - - rc = -ENOMEM; - if ( (dirty_vram = xmalloc(struct sh_dirty_vram)) == NULL ) - goto out; - dirty_vram->begin_pfn = begin_pfn; - dirty_vram->end_pfn = end_pfn; - d->arch.hvm_domain.dirty_vram = dirty_vram; - - if ( (dirty_vram->sl1ma = xmalloc_array(paddr_t, nr)) == NULL ) - goto out_dirty_vram; - memset(dirty_vram->sl1ma, ~0, sizeof(paddr_t) * nr); - - if ( (dirty_vram->dirty_bitmap = xzalloc_array(uint8_t, dirty_size)) == NULL ) - goto out_sl1ma; - - dirty_vram->last_dirty = NOW(); - - /* Tell the caller that this time we could not track dirty bits. */ - rc = -ENODATA; + goto out; } - else if (dirty_vram->last_dirty == -1) + + list_for_each_safe(curr, next, &dirty_vram->range_head) { - /* still completely clean, just copy our empty bitmap */ - rc = -EFAULT; - if ( copy_to_guest(dirty_bitmap, dirty_vram->dirty_bitmap, dirty_size) == 0 ) - rc = 0; - } - else - { - /* Iterate over VRAM to track dirty bits. */ - for ( i = 0; i < nr; i++ ) { - mfn_t mfn = get_gfn_query_unlocked(d, begin_pfn + i, &t); - struct page_info *page; - int dirty = 0; - paddr_t sl1ma = dirty_vram->sl1ma[i]; - - if (mfn_x(mfn) == INVALID_MFN) + dv_range_t *range = list_entry(curr, dv_range_t, range_link); + unsigned long i; + int max_mappings = 1, mappings = 0; + int unshadowed = 0; + for ( i = 0; i != range->end_pfn - range->begin_pfn; i++ ) + { + dv_paddr_link_t *pl = &range->pl_tab[ i ].mapping; + dv_paddr_link_t **ppl = NULL; + mappings = 0; + + while ( pl != NULL ) { - dirty = 1; - } - else - { - page = mfn_to_page(mfn); - switch (page->u.inuse.type_info & PGT_count_mask) + paddr_t sl1ma = pl->sl1ma; + unsigned long sl1mn; + + if ( sl1ma == INVALID_PADDR ) + break; + + sl1mn = sl1ma >> PAGE_SHIFT; + if ( sl1mn == mfn_x(smfn) ) { +#if DEBUG_unshadow_sl1ma_detail + gdprintk(XENLOG_DEBUG, + "[%lx] gfn[%lx] unshadow sl1ma:%lx\n", + mfn_x(smfn), + range->begin_pfn + i, + sl1ma); +#endif + unshadowed++; + pl = free_paddr_link(d, ppl, pl); + --range->nr_mappings; + } + else { - case 0: - /* No guest reference, nothing to track. */ - break; - case 1: - /* One guest reference. */ - if ( sl1ma == INVALID_PADDR ) - { - /* We don't know which sl1e points to this, too bad. */ - dirty = 1; - /* TODO: Heuristics for finding the single mapping of - * this gmfn */ - flush_tlb |= sh_remove_all_mappings(d->vcpu[0], mfn); - } - else - { - /* Hopefully the most common case: only one mapping, - * whose dirty bit we can use. */ - l1_pgentry_t *sl1e = maddr_to_virt(sl1ma); - - if ( l1e_get_flags(*sl1e) & _PAGE_DIRTY ) - { - dirty = 1; - /* Note: this is atomic, so we may clear a - * _PAGE_ACCESSED set by another processor. */ - l1e_remove_flags(*sl1e, _PAGE_DIRTY); - flush_tlb = 1; - } - } - break; - default: - /* More than one guest reference, - * we don't afford tracking that. */ - dirty = 1; - break; + ppl = &pl->pl_next; + pl = *ppl; + mappings++; } } - - if ( dirty ) + } + if ( mappings > max_mappings ) + max_mappings = mappings; + + if ( unshadowed ) { +#if DEBUG_unshadow_sl1ma + gdprintk(XENLOG_DEBUG, + "[%lx] gfn[%05lx:%05lx] unshadowed:%d mappings:0x%x " + "max_mappings:%d\n", + mfn_x(smfn), + range->begin_pfn, range->end_pfn, + unshadowed, range->nr_mappings, max_mappings); +#endif + if ( range->nr_mappings == 0 ) { - dirty_vram->dirty_bitmap[i / 8] |= 1 << (i % 8); - dirty_vram->last_dirty = NOW(); + dirty_vram_range_free(d, range); } } - - rc = -EFAULT; - if ( copy_to_guest(dirty_bitmap, dirty_vram->dirty_bitmap, dirty_size) == 0 ) { - memset(dirty_vram->dirty_bitmap, 0, dirty_size); - if (dirty_vram->last_dirty + SECONDS(2) < NOW()) + } + out: + return; +} + + +typedef int (*hash_pfn_callback_t)(struct vcpu *v, + mfn_t smfn, + unsigned long begin_pfn, + unsigned long end_pfn, + int *removed); + +static int hash_pfn_foreach(struct vcpu *v, + unsigned int callback_mask, + hash_pfn_callback_t callbacks[], + unsigned long begin_pfn, + unsigned long end_pfn) +/* Walk the hash table looking at the types of the entries and + * calling the appropriate callback function for each entry. + * The mask determines which shadow types we call back for, and the array + * of callbacks tells us which function to call. + * Any callback may return non-zero to let us skip the rest of the scan. + * + * WARNING: Callbacks MUST NOT add or remove hash entries unless they + * then return non-zero to terminate the scan. */ +{ + int i, done = 0, removed = 0; + struct domain *d = v->domain; + struct page_info *x; + + /* Say we're here, to stop hash-lookups reordering the chains */ + ASSERT(paging_locked_by_me(d)); + ASSERT(d->arch.paging.shadow.hash_walking == 0); + d->arch.paging.shadow.hash_walking = 1; + + for ( i = 0; i < SHADOW_HASH_BUCKETS; i++ ) + { + /* WARNING: This is not safe against changes to the hash table. + * The callback *must* return non-zero if it has inserted or + * deleted anything from the hash (lookups are OK, though). */ + for ( x = d->arch.paging.shadow.hash_table[i]; + x; + x = next_shadow(x) ) + { + if ( callback_mask & (1 << x->u.sh.type) ) { - /* was clean for more than two seconds, try to disable guest - * write access */ - for ( i = begin_pfn; i < end_pfn; i++ ) { - mfn_t mfn = get_gfn_query_unlocked(d, i, &t); - if (mfn_x(mfn) != INVALID_MFN) - flush_tlb |= sh_remove_write_access(d->vcpu[0], mfn, 1, 0); - } - dirty_vram->last_dirty = -1; + ASSERT(x->u.sh.type <= 15); + ASSERT(callbacks[x->u.sh.type] != NULL); + done = callbacks[x->u.sh.type](v, page_to_mfn(x), + begin_pfn, end_pfn, + &removed); + if ( done ) break; } - rc = 0; } + if ( done ) break; } - if ( flush_tlb ) - flush_tlb_mask(d->domain_dirty_cpumask); - goto out; - -out_sl1ma: - xfree(dirty_vram->sl1ma); -out_dirty_vram: - xfree(dirty_vram); - dirty_vram = d->arch.hvm_domain.dirty_vram = NULL; - -out: - paging_unlock(d); - p2m_unlock(p2m_get_hostp2m(d)); - return rc; + d->arch.paging.shadow.hash_walking = 0; + return removed; } +void sh_find_all_vram_mappings(struct vcpu *v, + dv_range_t *range) +{ + /* Dispatch table for getting per-type functions */ + static hash_pfn_callback_t callbacks[SH_type_unused] = { + NULL, /* none */ + SHADOW_INTERNAL_NAME(sh_find_vram_mappings_in_l1, 2), /* l1_32 */ + SHADOW_INTERNAL_NAME(sh_find_vram_mappings_in_l1, 2), /* fl1_32 */ + NULL, /* l2_32 */ + SHADOW_INTERNAL_NAME(sh_find_vram_mappings_in_l1, 3), /* l1_pae */ + SHADOW_INTERNAL_NAME(sh_find_vram_mappings_in_l1, 3), /* fl1_pae */ + NULL, /* l2_pae */ + NULL, /* l2h_pae */ +#if CONFIG_PAGING_LEVELS >= 4 + SHADOW_INTERNAL_NAME(sh_find_vram_mappings_in_l1, 4), /* l1_64 */ + SHADOW_INTERNAL_NAME(sh_find_vram_mappings_in_l1, 4), /* fl1_64 */ +#else + NULL, /* l1_64 */ + NULL, /* fl1_64 */ +#endif + NULL, /* l2_64 */ + NULL, /* l2h_64 */ + NULL, /* l3_64 */ + NULL, /* l4_64 */ + NULL, /* p2m */ + NULL /* unused */ + }; + + static unsigned int callback_mask = + 1 << SH_type_l1_32_shadow + | 1 << SH_type_fl1_32_shadow + | 1 << SH_type_l1_pae_shadow + | 1 << SH_type_fl1_pae_shadow + | 1 << SH_type_l1_64_shadow + | 1 << SH_type_fl1_64_shadow + ; + + perfc_incr(shadow_mappings); + + hash_pfn_foreach(v, callback_mask, callbacks, + range->begin_pfn, + range->end_pfn); + +#if DEBUG_count_initial_mappings + gdprintk(XENLOG_DEBUG, "[%05lx:%05lx] count of initial mappings:%d\n", + range->begin_pfn, range->end_pfn, + range->nr_mappings); +#endif +} + + /**************************************************************************/ /* Shadow-control XEN_DOMCTL dispatcher */ diff -r 431bc26eda5b -r b0e618cb0233 xen/arch/x86/mm/shadow/multi.c --- a/xen/arch/x86/mm/shadow/multi.c Thu Jan 17 10:56:34 2013 +0100 +++ b/xen/arch/x86/mm/shadow/multi.c Thu Jan 17 11:53:42 2013 +0000 @@ -35,6 +35,7 @@ #include #include #include +#include #include #include #include @@ -149,6 +150,10 @@ delete_fl1_shadow_status(struct vcpu *v, SHADOW_PRINTK("gfn=%"SH_PRI_gfn", type=%08x, smfn=%05lx\n", gfn_x(gfn), SH_type_fl1_shadow, mfn_x(smfn)); ASSERT(mfn_to_page(smfn)->u.sh.head); + + /* Removing any dv_paddr_links to the erstwhile shadow page */ + dirty_vram_delete_shadow(v, gfn_x(gfn), SH_type_fl1_shadow, smfn); + shadow_hash_delete(v, gfn_x(gfn), SH_type_fl1_shadow, smfn); } @@ -160,6 +165,10 @@ delete_shadow_status(struct vcpu *v, mfn v->domain->domain_id, v->vcpu_id, mfn_x(gmfn), shadow_type, mfn_x(smfn)); ASSERT(mfn_to_page(smfn)->u.sh.head); + + /* Removing any dv_paddr_links to the erstwhile shadow page */ + dirty_vram_delete_shadow(v, mfn_x(gmfn), shadow_type, smfn); + shadow_hash_delete(v, mfn_x(gmfn), shadow_type, smfn); /* 32-on-64 PV guests don't own their l4 pages; see set_shadow_status */ if ( !is_pv_32on64_vcpu(v) || shadow_type != SH_type_l4_64_shadow ) @@ -516,7 +525,6 @@ _sh_propagate(struct vcpu *v, guest_l1e_t guest_entry = { guest_intpte }; shadow_l1e_t *sp = shadow_entry_ptr; struct domain *d = v->domain; - struct sh_dirty_vram *dirty_vram = d->arch.hvm_domain.dirty_vram; gfn_t target_gfn = guest_l1e_get_gfn(guest_entry); u32 pass_thru_flags; u32 gflags, sflags; @@ -663,17 +671,6 @@ _sh_propagate(struct vcpu *v, } } - if ( unlikely((level == 1) && dirty_vram - && dirty_vram->last_dirty == -1 - && gfn_x(target_gfn) >= dirty_vram->begin_pfn - && gfn_x(target_gfn) < dirty_vram->end_pfn) ) - { - if ( ft & FETCH_TYPE_WRITE ) - dirty_vram->last_dirty = NOW(); - else - sflags &= ~_PAGE_RW; - } - /* Read-only memory */ if ( p2m_is_readonly(p2mt) || (p2mt == p2m_mmio_direct && @@ -1072,101 +1069,60 @@ static int shadow_set_l2e(struct vcpu *v return flags; } -static inline void shadow_vram_get_l1e(shadow_l1e_t new_sl1e, +/* shadow_vram_fix_l1e() + * + * Tests L1PTEs as they are modified, looking for when they start to (or + * cease to) point to frame buffer pages. If the old and new gfns differ, + * calls dirty_vram_range_update() to updates the dirty_vram structures. + */ +static inline void shadow_vram_fix_l1e(shadow_l1e_t old_sl1e, + shadow_l1e_t new_sl1e, shadow_l1e_t *sl1e, mfn_t sl1mfn, struct domain *d) { - mfn_t mfn = shadow_l1e_get_mfn(new_sl1e); - int flags = shadow_l1e_get_flags(new_sl1e); - unsigned long gfn; - struct sh_dirty_vram *dirty_vram = d->arch.hvm_domain.dirty_vram; - - if ( !dirty_vram /* tracking disabled? */ - || !(flags & _PAGE_RW) /* read-only mapping? */ - || !mfn_valid(mfn) ) /* mfn can be invalid in mmio_direct */ + mfn_t new_mfn, old_mfn; + unsigned long new_gfn = INVALID_M2P_ENTRY, old_gfn = INVALID_M2P_ENTRY; + paddr_t sl1ma; + dv_dirty_vram_t *dirty_vram = d->arch.hvm_domain.dirty_vram; + + if ( !dirty_vram ) return; - gfn = mfn_to_gfn(d, mfn); - /* Page sharing not supported on shadow PTs */ - BUG_ON(SHARED_M2P(gfn)); - - if ( (gfn >= dirty_vram->begin_pfn) && (gfn < dirty_vram->end_pfn) ) + sl1ma = pfn_to_paddr(mfn_x(sl1mfn)) | ((unsigned long)sl1e & ~PAGE_MASK); + + old_mfn = shadow_l1e_get_mfn(old_sl1e); + + if ( !sh_l1e_is_magic(old_sl1e) && + (l1e_get_flags(old_sl1e) & _PAGE_PRESENT) && + mfn_valid(old_mfn)) { - unsigned long i = gfn - dirty_vram->begin_pfn; - struct page_info *page = mfn_to_page(mfn); - - if ( (page->u.inuse.type_info & PGT_count_mask) == 1 ) - /* Initial guest reference, record it */ - dirty_vram->sl1ma[i] = pfn_to_paddr(mfn_x(sl1mfn)) - | ((unsigned long)sl1e & ~PAGE_MASK); + old_gfn = mfn_to_gfn(d, old_mfn); } -} - -static inline void shadow_vram_put_l1e(shadow_l1e_t old_sl1e, - shadow_l1e_t *sl1e, - mfn_t sl1mfn, - struct domain *d) -{ - mfn_t mfn = shadow_l1e_get_mfn(old_sl1e); - int flags = shadow_l1e_get_flags(old_sl1e); - unsigned long gfn; - struct sh_dirty_vram *dirty_vram = d->arch.hvm_domain.dirty_vram; - - if ( !dirty_vram /* tracking disabled? */ - || !(flags & _PAGE_RW) /* read-only mapping? */ - || !mfn_valid(mfn) ) /* mfn can be invalid in mmio_direct */ - return; - - gfn = mfn_to_gfn(d, mfn); - /* Page sharing not supported on shadow PTs */ - BUG_ON(SHARED_M2P(gfn)); - - if ( (gfn >= dirty_vram->begin_pfn) && (gfn < dirty_vram->end_pfn) ) + + new_mfn = shadow_l1e_get_mfn(new_sl1e); + if ( !sh_l1e_is_magic(new_sl1e) && + (l1e_get_flags(new_sl1e) & _PAGE_PRESENT) && + mfn_valid(new_mfn)) { - unsigned long i = gfn - dirty_vram->begin_pfn; - struct page_info *page = mfn_to_page(mfn); - int dirty = 0; - paddr_t sl1ma = pfn_to_paddr(mfn_x(sl1mfn)) - | ((unsigned long)sl1e & ~PAGE_MASK); - - if ( (page->u.inuse.type_info & PGT_count_mask) == 1 ) + new_gfn = mfn_to_gfn(d, new_mfn); + } + + if ( old_gfn == new_gfn ) return; + + if ( VALID_M2P(old_gfn) ) + if ( dirty_vram_range_update(d, old_gfn, sl1ma, 0/*clear*/) ) { - /* Last reference */ - if ( dirty_vram->sl1ma[i] == INVALID_PADDR ) { - /* We didn't know it was that one, let's say it is dirty */ - dirty = 1; - } - else - { - ASSERT(dirty_vram->sl1ma[i] == sl1ma); - dirty_vram->sl1ma[i] = INVALID_PADDR; - if ( flags & _PAGE_DIRTY ) - dirty = 1; - } + SHADOW_PRINTK("gfn %lx (mfn %lx) cleared vram pte\n", + old_gfn, mfn_x(old_mfn)); } - else + + if ( VALID_M2P(new_gfn) ) + if ( dirty_vram_range_update(d, new_gfn, sl1ma, 1/*set*/) ) { - /* We had more than one reference, just consider the page dirty. */ - dirty = 1; - /* Check that it's not the one we recorded. */ - if ( dirty_vram->sl1ma[i] == sl1ma ) - { - /* Too bad, we remembered the wrong one... */ - dirty_vram->sl1ma[i] = INVALID_PADDR; - } - else - { - /* Ok, our recorded sl1e is still pointing to this page, let's - * just hope it will remain. */ - } + SHADOW_PRINTK("gfn %lx (mfn %lx) set vram pte\n", + new_gfn, mfn_x(new_mfn)); } - if ( dirty ) - { - dirty_vram->dirty_bitmap[i / 8] |= 1 << (i % 8); - dirty_vram->last_dirty = NOW(); - } - } } static int shadow_set_l1e(struct vcpu *v, @@ -1211,12 +1167,13 @@ static int shadow_set_l1e(struct vcpu *v shadow_l1e_remove_flags(new_sl1e, _PAGE_RW); /* fall through */ case 0: - shadow_vram_get_l1e(new_sl1e, sl1e, sl1mfn, d); break; } } } + shadow_vram_fix_l1e(old_sl1e, new_sl1e, sl1e, sl1mfn, d); + /* Write the new entry */ shadow_write_entries(sl1e, &new_sl1e, 1, sl1mfn); flags |= SHADOW_SET_CHANGED; @@ -1231,7 +1188,6 @@ static int shadow_set_l1e(struct vcpu *v * trigger a flush later. */ if ( shadow_mode_refcounts(d) ) { - shadow_vram_put_l1e(old_sl1e, sl1e, sl1mfn, d); shadow_put_page_from_l1e(old_sl1e, d); TRACE_SHADOW_PATH_FLAG(TRCE_SFLAG_SHADOW_L1_PUT_REF); } @@ -2018,7 +1974,6 @@ void sh_destroy_l1_shadow(struct vcpu *v SHADOW_FOREACH_L1E(sl1mfn, sl1e, 0, 0, { if ( (shadow_l1e_get_flags(*sl1e) & _PAGE_PRESENT) && !sh_l1e_is_magic(*sl1e) ) { - shadow_vram_put_l1e(*sl1e, sl1e, sl1mfn, d); shadow_put_page_from_l1e(*sl1e, d); } }); @@ -4336,6 +4291,37 @@ int sh_rm_mappings_from_l1(struct vcpu * return done; } + +int sh_find_vram_mappings_in_l1(struct vcpu *v, + mfn_t sl1mfn, + unsigned long begin_pfn, + unsigned long end_pfn, + int *removed) +/* Find all VRAM mappings in this shadow l1 table */ +{ + struct domain *d = v->domain; + shadow_l1e_t *sl1e; + int done = 0; + + /* only returns _PAGE_PRESENT entries */ + SHADOW_FOREACH_L1E(sl1mfn, sl1e, 0, done, + { + unsigned long gfn; + mfn_t gmfn = shadow_l1e_get_mfn(*sl1e); + if ( !mfn_valid(gmfn) ) + continue; + gfn = mfn_to_gfn(d, gmfn); + if ( VALID_M2P(gfn) && (begin_pfn <= gfn) && (gfn < end_pfn) ) + { + paddr_t sl1ma = + pfn_to_paddr(mfn_x(sl1mfn)) | + ( (unsigned long)sl1e & ~PAGE_MASK ); + dirty_vram_range_update(v->domain, gfn, sl1ma, 1/*set*/); + } + }); + return 0; +} + /**************************************************************************/ /* Functions to excise all pointers to shadows from higher-level shadows. */ diff -r 431bc26eda5b -r b0e618cb0233 xen/arch/x86/mm/shadow/multi.h --- a/xen/arch/x86/mm/shadow/multi.h Thu Jan 17 10:56:34 2013 +0100 +++ b/xen/arch/x86/mm/shadow/multi.h Thu Jan 17 11:53:42 2013 +0000 @@ -66,7 +66,12 @@ SHADOW_INTERNAL_NAME(sh_rm_write_access_ extern int SHADOW_INTERNAL_NAME(sh_rm_mappings_from_l1, GUEST_LEVELS) (struct vcpu *v, mfn_t sl1mfn, mfn_t target_mfn); - +extern int +SHADOW_INTERNAL_NAME(sh_find_vram_mappings_in_l1, GUEST_LEVELS) + (struct vcpu *v, mfn_t sl1mfn, + unsigned long begin_pfn, + unsigned long end_pfn, + int *removed); extern void SHADOW_INTERNAL_NAME(sh_clear_shadow_entry, GUEST_LEVELS) (struct vcpu *v, void *ep, mfn_t smfn); diff -r 431bc26eda5b -r b0e618cb0233 xen/arch/x86/mm/shadow/types.h --- a/xen/arch/x86/mm/shadow/types.h Thu Jan 17 10:56:34 2013 +0100 +++ b/xen/arch/x86/mm/shadow/types.h Thu Jan 17 11:53:42 2013 +0000 @@ -229,6 +229,7 @@ static inline shadow_l4e_t shadow_l4e_fr #define sh_update_cr3 INTERNAL_NAME(sh_update_cr3) #define sh_rm_write_access_from_l1 INTERNAL_NAME(sh_rm_write_access_from_l1) #define sh_rm_mappings_from_l1 INTERNAL_NAME(sh_rm_mappings_from_l1) +#define sh_find_vram_mappings_in_l1 INTERNAL_NAME(sh_find_vram_mappings_in_l1) #define sh_remove_l1_shadow INTERNAL_NAME(sh_remove_l1_shadow) #define sh_remove_l2_shadow INTERNAL_NAME(sh_remove_l2_shadow) #define sh_remove_l3_shadow INTERNAL_NAME(sh_remove_l3_shadow) diff -r 431bc26eda5b -r b0e618cb0233 xen/include/asm-x86/dirty_vram.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/xen/include/asm-x86/dirty_vram.h Thu Jan 17 11:53:42 2013 +0000 @@ -0,0 +1,202 @@ +/**************************************************************************** + * include/asm-x86/dirty_vram.h + * + * Interface for tracking dirty VRAM pages + * + * Copyright (c) 2012 Citrix Systems, Inc. (Robert Phillips) + * Parts of this code are Copyright (c) 2007 Advanced Micro Devices (Wei Huang) + * Parts of this code are Copyright (c) 2006 by XenSource Inc. + * Parts of this code are Copyright (c) 2006 by Michael A Fetterman + * Parts based on earlier work by Michael A Fetterman, Ian Pratt et al. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + +#ifndef _DIRTY_VRAM_H +#define _DIRTY_VRAM_H + +/* + * In shadow mode we need to bookkeep all the L1 page table entries that + * map a frame buffer page. Struct dv_paddr_link does this by + * recording the address of a L1 page table entry for some frame buffer page. + * Also has a link to additional pl entries if the frame buffer page + * has multiple mappings. + * In practice very few pages have multiple mappings. + * But to rule out some pathological situation, we limit the number of + * mappings we're willing to bookkeep. + */ + +#define DV_ADDR_LINK_LIST_LIMIT 64 + +typedef struct dv_paddr_link { + paddr_t sl1ma; + struct dv_paddr_link *pl_next; +} dv_paddr_link_t; + +typedef struct dv_pl_entry { + dv_paddr_link_t mapping; + bool_t stuck_dirty; +} dv_pl_entry_t; + +/* + * This defines an extension page of pl entries for FB pages with multiple + * mappings. All such pages (of a domain) are linked together. + */ +typedef struct dv_paddr_link_ext { + struct list_head ext_link; + dv_paddr_link_t entries[ ( PAGE_SIZE - sizeof( struct list_head ) ) / + sizeof( dv_paddr_link_t ) ]; +} dv_paddr_link_ext_t; + +/* + * This defines a single frame buffer range. It bookkeeps all the + * level 1 PTEs that map guest pages within that range. + * All such ranges (of a domain) are linked together. + */ +typedef struct dv_range { + struct list_head range_link; /* the several ranges form a linked list */ + unsigned long begin_pfn; + unsigned long end_pfn; + dv_pl_entry_t *pl_tab; /* table has 1 pl entry per pfn in range */ + int nr_mappings; /* total number of mappings in this range */ + int mappings_hwm; /* high water mark of max mapping count */ + unsigned int dirty_count; +} dv_range_t; + +/* + * This contains all the data structures required by a domain to + * bookkeep the dirty pages within its frame buffers. + */ +typedef struct dv_dirty_vram { + struct list_head range_head; /* head of the linked list of ranges */ + struct list_head ext_head; /* head of list of extension pages */ + dv_paddr_link_t *pl_free; /* free list of pl's within extension pages */ + int nr_ranges; /* bookkeeps number of ranges */ + int ranges_hwm; /* high water mark of max number of ranges */ +} dv_dirty_vram_t; + +/* Allocates domain's dirty_vram structure */ +dv_dirty_vram_t * +dirty_vram_alloc(struct domain *d); + +/* + * Returns domain's dirty_vram structure, + * allocating it if necessary + */ +dv_dirty_vram_t * +dirty_vram_find_or_alloc(struct domain *d); + +/* Frees domain's dirty_vram structure */ +void dirty_vram_free(struct domain *d); + +/* Returns dirty vram range containing gfn, NULL if none */ +struct dv_range * +dirty_vram_range_find_gfn(struct domain *d, + unsigned long gfn); + +/* + * Returns dirty vram range matching [ begin_pfn .. begin_pfn+nr ), + * NULL if none + */ +dv_range_t * +dirty_vram_range_find(struct domain *d, + unsigned long begin_pfn, + unsigned long nr); + +/* + * Allocate dirty vram range containing [ begin_pfn .. begin_pfn+nr ), + * freeing any existing range that overlaps the new range. + */ +dv_range_t * +dirty_vram_range_alloc(struct domain *d, + unsigned long begin_pfn, + unsigned long nr); + +/* + * Returns dirty vram range matching [ begin_pfn .. begin_pfn+nr ), + * creating a range if none already exists and + * freeing any existing range that overlaps the new range. + */ +dv_range_t * +dirty_vram_range_find_or_alloc(struct domain *d, + unsigned long begin_pfn, + unsigned long nr); + +void dirty_vram_range_free(struct domain *d, + dv_range_t *range); + +/* Bookkeep PTE address of a frame buffer page */ +int dirty_vram_range_update(struct domain *d, + unsigned long gfn, + paddr_t sl1ma, + int set); + +/* + * smfn is no longer a shadow page. Remove it from any + * dirty vram range mapping. + */ +void +dirty_vram_delete_shadow(struct vcpu *v, + unsigned long gfn, + unsigned int shadow_type, + mfn_t smfn); + + +/* + * Scan all the L1 tables looking for VRAM mappings. + * Record them in the domain's dv_dirty_vram structure + */ +void sh_find_all_vram_mappings(struct vcpu *v, + dv_range_t *range); + +/* + * Free a paddr_link struct, given address of its + * predecessor in singly-linked list + */ +dv_paddr_link_t * +free_paddr_link(struct domain *d, + dv_paddr_link_t **ppl, + dv_paddr_link_t *pl); + + +/* Enable VRAM dirty tracking. */ +int +shadow_track_dirty_vram(struct domain *d, + unsigned long first_pfn, + unsigned long nr, + XEN_GUEST_HANDLE_64(uint8) dirty_bitmap); + +int +hap_track_dirty_vram(struct domain *d, + unsigned long begin_pfn, + unsigned long nr, + XEN_GUEST_HANDLE_64(uint8) dirty_bitmap); + +void +hap_clean_vram_tracking_range(struct domain *d, + unsigned long begin_pfn, + unsigned long nr, + uint8_t *dirty_bitmap); + +#endif /* _DIRTY_VRAM_H */ + +/* + * Local variables: + * mode: C + * c-file-style: "BSD" + * c-basic-offset: 4 + * indent-tabs-mode: nil + * End: + */ diff -r 431bc26eda5b -r b0e618cb0233 xen/include/asm-x86/hap.h --- a/xen/include/asm-x86/hap.h Thu Jan 17 10:56:34 2013 +0100 +++ b/xen/include/asm-x86/hap.h Thu Jan 17 11:53:42 2013 +0000 @@ -57,10 +57,6 @@ void hap_final_teardown(struct domain * void hap_teardown(struct domain *d); void hap_vcpu_init(struct vcpu *v); void hap_logdirty_init(struct domain *d); -int hap_track_dirty_vram(struct domain *d, - unsigned long begin_pfn, - unsigned long nr, - XEN_GUEST_HANDLE_64(uint8) dirty_bitmap); extern const struct paging_mode *hap_paging_get_mode(struct vcpu *); diff -r 431bc26eda5b -r b0e618cb0233 xen/include/asm-x86/hvm/domain.h --- a/xen/include/asm-x86/hvm/domain.h Thu Jan 17 10:56:34 2013 +0100 +++ b/xen/include/asm-x86/hvm/domain.h Thu Jan 17 11:53:42 2013 +0000 @@ -74,7 +74,7 @@ struct hvm_domain { struct list_head pinned_cacheattr_ranges; /* VRAM dirty support. */ - struct sh_dirty_vram *dirty_vram; + struct dv_dirty_vram *dirty_vram; /* If one of vcpus of this domain is in no_fill_mode or * mtrr/pat between vcpus is not the same, set is_in_uc_mode diff -r 431bc26eda5b -r b0e618cb0233 xen/include/asm-x86/paging.h --- a/xen/include/asm-x86/paging.h Thu Jan 17 10:56:34 2013 +0100 +++ b/xen/include/asm-x86/paging.h Thu Jan 17 11:53:42 2013 +0000 @@ -154,9 +154,13 @@ void paging_log_dirty_init(struct domain int (*disable_log_dirty)(struct domain *d), void (*clean_dirty_bitmap)(struct domain *d)); -/* mark a page as dirty */ +/* mark a gmfn as dirty, a wrapper around marking a gpfn as dirty */ void paging_mark_dirty(struct domain *d, unsigned long guest_mfn); +/* mark a gpfn as dirty */ +void paging_mark_dirty_gpfn(struct domain *d, unsigned long gpfn); + + /* is this guest page dirty? * This is called from inside paging code, with the paging lock held. */ int paging_mfn_is_dirty(struct domain *d, mfn_t gmfn); @@ -183,15 +187,6 @@ int paging_mfn_is_dirty(struct domain *d #define L4_LOGDIRTY_IDX(pfn) 0 #endif -/* VRAM dirty tracking support */ -struct sh_dirty_vram { - unsigned long begin_pfn; - unsigned long end_pfn; - paddr_t *sl1ma; - uint8_t *dirty_bitmap; - s_time_t last_dirty; -}; - /***************************************************************************** * Entry points into the paging-assistance code */ diff -r 431bc26eda5b -r b0e618cb0233 xen/include/asm-x86/shadow.h --- a/xen/include/asm-x86/shadow.h Thu Jan 17 10:56:34 2013 +0100 +++ b/xen/include/asm-x86/shadow.h Thu Jan 17 11:53:42 2013 +0000 @@ -62,12 +62,6 @@ void shadow_vcpu_init(struct vcpu *v); /* Enable an arbitrary shadow mode. Call once at domain creation. */ int shadow_enable(struct domain *d, u32 mode); -/* Enable VRAM dirty bit tracking. */ -int shadow_track_dirty_vram(struct domain *d, - unsigned long first_pfn, - unsigned long nr, - XEN_GUEST_HANDLE_64(uint8) dirty_bitmap); - /* Handler for shadow control ops: operations from user-space to enable * and disable ephemeral shadow modes (test mode and log-dirty mode) and * manipulate the log-dirty bitmap. */ _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 10:33:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 10:33:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9GE-0000Lr-QF; Fri, 18 Jan 2013 10:33:22 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9GD-0000KM-MQ for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:21 +0000 Received: from [85.158.137.99:54902] by server-15.bemta-3.messagelabs.com id 8D/06-25008-CE429F05; Fri, 18 Jan 2013 10:33:16 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-9.tower-217.messagelabs.com!1358505191!14326548!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 20069 invoked from network); 18 Jan 2013 10:33:13 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-9.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 10:33:13 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9G3-0002nI-J5 for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:11 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tw9G3-0003pt-EZ for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:11 +0000 Message-Id: Date: Fri, 18 Jan 2013 10:33:10 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] mem_event: Add support for MEM_EVENT_REASON_MSR X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Razvan Cojocaru # Date 1358425620 0 # Node ID 0dee85c061addb7124d77c5f6cfe2ea7bc03b760 # Parent 5ab6a6354684a985ea6e572c524a23027eae3649 mem_event: Add support for MEM_EVENT_REASON_MSR Add the new MEM_EVENT_REASON_MSR event type. Works similarly to the other register events, except event.gla always contains the MSR address (in addition to event.gfn, which holds the value). MEM_EVENT_REASON_MSR does not honour the HVMPME_onchangeonly bit, as doing so would complicate the hvm_msr_write_intercept() switch-based handling of writes for different MSR addresses, with little added benefit. Signed-off-by: Razvan Cojocaru Acked-by: Tim Deegan Committed-by: Tim Deegan --- diff -r 5ab6a6354684 -r 0dee85c061ad xen/arch/x86/hvm/hvm.c --- a/xen/arch/x86/hvm/hvm.c Thu Jan 17 12:22:25 2013 +0000 +++ b/xen/arch/x86/hvm/hvm.c Thu Jan 17 12:27:00 2013 +0000 @@ -2934,6 +2934,8 @@ int hvm_msr_write_intercept(unsigned int hvm_cpuid(1, &cpuid[0], &cpuid[1], &cpuid[2], &cpuid[3]); mtrr = !!(cpuid[3] & cpufeat_mask(X86_FEATURE_MTRR)); + hvm_memory_event_msr(msr, msr_content); + switch ( msr ) { case MSR_EFER: @@ -3869,6 +3871,7 @@ long do_hvm_op(unsigned long op, XEN_GUE break; case HVM_PARAM_MEMORY_EVENT_INT3: case HVM_PARAM_MEMORY_EVENT_SINGLE_STEP: + case HVM_PARAM_MEMORY_EVENT_MSR: if ( d == current->domain ) { rc = -EPERM; @@ -4492,6 +4495,14 @@ void hvm_memory_event_cr4(unsigned long value, old, 0, 0); } +void hvm_memory_event_msr(unsigned long msr, unsigned long value) +{ + hvm_memory_event_traps(current->domain->arch.hvm_domain + .params[HVM_PARAM_MEMORY_EVENT_MSR], + MEM_EVENT_REASON_MSR, + value, ~value, 1, msr); +} + int hvm_memory_event_int3(unsigned long gla) { uint32_t pfec = PFEC_page_present; diff -r 5ab6a6354684 -r 0dee85c061ad xen/include/asm-x86/hvm/hvm.h --- a/xen/include/asm-x86/hvm/hvm.h Thu Jan 17 12:22:25 2013 +0000 +++ b/xen/include/asm-x86/hvm/hvm.h Thu Jan 17 12:27:00 2013 +0000 @@ -454,6 +454,7 @@ int hvm_x2apic_msr_write(struct vcpu *v, void hvm_memory_event_cr0(unsigned long value, unsigned long old); void hvm_memory_event_cr3(unsigned long value, unsigned long old); void hvm_memory_event_cr4(unsigned long value, unsigned long old); +void hvm_memory_event_msr(unsigned long msr, unsigned long value); /* Called for current VCPU on int3: returns -1 if no listener */ int hvm_memory_event_int3(unsigned long gla); diff -r 5ab6a6354684 -r 0dee85c061ad xen/include/public/hvm/params.h --- a/xen/include/public/hvm/params.h Thu Jan 17 12:22:25 2013 +0000 +++ b/xen/include/public/hvm/params.h Thu Jan 17 12:27:00 2013 +0000 @@ -126,6 +126,7 @@ #define HVM_PARAM_MEMORY_EVENT_CR4 22 #define HVM_PARAM_MEMORY_EVENT_INT3 23 #define HVM_PARAM_MEMORY_EVENT_SINGLE_STEP 25 +#define HVM_PARAM_MEMORY_EVENT_MSR 30 #define HVMPME_MODE_MASK (3 << 0) #define HVMPME_mode_disabled 0 @@ -141,6 +142,6 @@ #define HVM_PARAM_ACCESS_RING_PFN 28 #define HVM_PARAM_SHARING_RING_PFN 29 -#define HVM_NR_PARAMS 30 +#define HVM_NR_PARAMS 31 #endif /* __XEN_PUBLIC_HVM_PARAMS_H__ */ diff -r 5ab6a6354684 -r 0dee85c061ad xen/include/public/mem_event.h --- a/xen/include/public/mem_event.h Thu Jan 17 12:22:25 2013 +0000 +++ b/xen/include/public/mem_event.h Thu Jan 17 12:27:00 2013 +0000 @@ -45,6 +45,8 @@ #define MEM_EVENT_REASON_CR4 4 /* CR4 was hit: gfn is CR4 value */ #define MEM_EVENT_REASON_INT3 5 /* int3 was hit: gla/gfn are RIP */ #define MEM_EVENT_REASON_SINGLESTEP 6 /* single step was invoked: gla/gfn are RIP */ +#define MEM_EVENT_REASON_MSR 7 /* MSR was hit: gfn is MSR value, gla is MSR address; + does NOT honour HVMPME_onchangeonly */ typedef struct mem_event_st { uint32_t flags; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 10:33:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 10:33:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9GE-0000Lr-QF; Fri, 18 Jan 2013 10:33:22 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9GD-0000KM-MQ for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:21 +0000 Received: from [85.158.137.99:54902] by server-15.bemta-3.messagelabs.com id 8D/06-25008-CE429F05; Fri, 18 Jan 2013 10:33:16 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-9.tower-217.messagelabs.com!1358505191!14326548!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 20069 invoked from network); 18 Jan 2013 10:33:13 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-9.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 10:33:13 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9G3-0002nI-J5 for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:11 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tw9G3-0003pt-EZ for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:11 +0000 Message-Id: Date: Fri, 18 Jan 2013 10:33:10 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] mem_event: Add support for MEM_EVENT_REASON_MSR X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Razvan Cojocaru # Date 1358425620 0 # Node ID 0dee85c061addb7124d77c5f6cfe2ea7bc03b760 # Parent 5ab6a6354684a985ea6e572c524a23027eae3649 mem_event: Add support for MEM_EVENT_REASON_MSR Add the new MEM_EVENT_REASON_MSR event type. Works similarly to the other register events, except event.gla always contains the MSR address (in addition to event.gfn, which holds the value). MEM_EVENT_REASON_MSR does not honour the HVMPME_onchangeonly bit, as doing so would complicate the hvm_msr_write_intercept() switch-based handling of writes for different MSR addresses, with little added benefit. Signed-off-by: Razvan Cojocaru Acked-by: Tim Deegan Committed-by: Tim Deegan --- diff -r 5ab6a6354684 -r 0dee85c061ad xen/arch/x86/hvm/hvm.c --- a/xen/arch/x86/hvm/hvm.c Thu Jan 17 12:22:25 2013 +0000 +++ b/xen/arch/x86/hvm/hvm.c Thu Jan 17 12:27:00 2013 +0000 @@ -2934,6 +2934,8 @@ int hvm_msr_write_intercept(unsigned int hvm_cpuid(1, &cpuid[0], &cpuid[1], &cpuid[2], &cpuid[3]); mtrr = !!(cpuid[3] & cpufeat_mask(X86_FEATURE_MTRR)); + hvm_memory_event_msr(msr, msr_content); + switch ( msr ) { case MSR_EFER: @@ -3869,6 +3871,7 @@ long do_hvm_op(unsigned long op, XEN_GUE break; case HVM_PARAM_MEMORY_EVENT_INT3: case HVM_PARAM_MEMORY_EVENT_SINGLE_STEP: + case HVM_PARAM_MEMORY_EVENT_MSR: if ( d == current->domain ) { rc = -EPERM; @@ -4492,6 +4495,14 @@ void hvm_memory_event_cr4(unsigned long value, old, 0, 0); } +void hvm_memory_event_msr(unsigned long msr, unsigned long value) +{ + hvm_memory_event_traps(current->domain->arch.hvm_domain + .params[HVM_PARAM_MEMORY_EVENT_MSR], + MEM_EVENT_REASON_MSR, + value, ~value, 1, msr); +} + int hvm_memory_event_int3(unsigned long gla) { uint32_t pfec = PFEC_page_present; diff -r 5ab6a6354684 -r 0dee85c061ad xen/include/asm-x86/hvm/hvm.h --- a/xen/include/asm-x86/hvm/hvm.h Thu Jan 17 12:22:25 2013 +0000 +++ b/xen/include/asm-x86/hvm/hvm.h Thu Jan 17 12:27:00 2013 +0000 @@ -454,6 +454,7 @@ int hvm_x2apic_msr_write(struct vcpu *v, void hvm_memory_event_cr0(unsigned long value, unsigned long old); void hvm_memory_event_cr3(unsigned long value, unsigned long old); void hvm_memory_event_cr4(unsigned long value, unsigned long old); +void hvm_memory_event_msr(unsigned long msr, unsigned long value); /* Called for current VCPU on int3: returns -1 if no listener */ int hvm_memory_event_int3(unsigned long gla); diff -r 5ab6a6354684 -r 0dee85c061ad xen/include/public/hvm/params.h --- a/xen/include/public/hvm/params.h Thu Jan 17 12:22:25 2013 +0000 +++ b/xen/include/public/hvm/params.h Thu Jan 17 12:27:00 2013 +0000 @@ -126,6 +126,7 @@ #define HVM_PARAM_MEMORY_EVENT_CR4 22 #define HVM_PARAM_MEMORY_EVENT_INT3 23 #define HVM_PARAM_MEMORY_EVENT_SINGLE_STEP 25 +#define HVM_PARAM_MEMORY_EVENT_MSR 30 #define HVMPME_MODE_MASK (3 << 0) #define HVMPME_mode_disabled 0 @@ -141,6 +142,6 @@ #define HVM_PARAM_ACCESS_RING_PFN 28 #define HVM_PARAM_SHARING_RING_PFN 29 -#define HVM_NR_PARAMS 30 +#define HVM_NR_PARAMS 31 #endif /* __XEN_PUBLIC_HVM_PARAMS_H__ */ diff -r 5ab6a6354684 -r 0dee85c061ad xen/include/public/mem_event.h --- a/xen/include/public/mem_event.h Thu Jan 17 12:22:25 2013 +0000 +++ b/xen/include/public/mem_event.h Thu Jan 17 12:27:00 2013 +0000 @@ -45,6 +45,8 @@ #define MEM_EVENT_REASON_CR4 4 /* CR4 was hit: gfn is CR4 value */ #define MEM_EVENT_REASON_INT3 5 /* int3 was hit: gla/gfn are RIP */ #define MEM_EVENT_REASON_SINGLESTEP 6 /* single step was invoked: gla/gfn are RIP */ +#define MEM_EVENT_REASON_MSR 7 /* MSR was hit: gfn is MSR value, gla is MSR address; + does NOT honour HVMPME_onchangeonly */ typedef struct mem_event_st { uint32_t flags; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 10:33:32 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 10:33:32 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9GM-0000PP-6p; Fri, 18 Jan 2013 10:33:30 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9GK-0000OS-7z for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:28 +0000 Received: from [85.158.143.35:17736] by server-1.bemta-4.messagelabs.com id 41/55-18740-7F429F05; Fri, 18 Jan 2013 10:33:27 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-12.tower-21.messagelabs.com!1358505192!12846892!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 9635 invoked from network); 18 Jan 2013 10:33:15 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-12.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 10:33:15 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9G4-0002nO-H5 for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:12 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tw9G4-0003qN-G0 for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:12 +0000 Message-Id: Date: Fri, 18 Jan 2013 10:33:12 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] Switch from select() to poll() in xenconsoled's IO loop X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Wei Liu # Date 1358430783 0 # Node ID 7359c3122c5d935476ee494706db5249c8df6abc # Parent 76598d4bf61ef0c575deba539ff99078c80e651e Switch from select() to poll() in xenconsoled's IO loop In Linux select() typically supports up to 1024 file descriptors. This can be a problem when user tries to boot up many guests. Switching to poll() has minimum impact on existing code and has better scalibility. pollfd array is dynamically allocated / reallocated. If the array fails to expand, we just ignore the incoming fd. Updated: reset *_pollfd after use. This fixes regression 14869. Also remove unused slave_pollfd in strcut domain. Signed-off-by: Wei Liu Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r 76598d4bf61e -r 7359c3122c5d tools/console/daemon/io.c --- a/tools/console/daemon/io.c Thu Jan 17 13:59:51 2013 +0100 +++ b/tools/console/daemon/io.c Thu Jan 17 13:53:03 2013 +0000 @@ -28,7 +28,7 @@ #include #include #include -#include +#include #include #include #include @@ -66,9 +66,12 @@ extern int discard_overflowed_data; static int log_time_hv_needts = 1; static int log_time_guest_needts = 1; static int log_hv_fd = -1; -static evtchn_port_or_error_t log_hv_evtchn = -1; -static xc_interface *xch; /* why does xenconsoled have two xc handles ? */ -static xc_evtchn *xce_handle = NULL; + +static struct pollfd *fds; +static unsigned int current_array_size; +static unsigned int nr_fds; + +#define ROUNDUP(_x,_w) (((unsigned long)(_x)+(1UL<<(_w))-1) & ~((1UL<<(_w))-1)) struct buffer { char *data; @@ -81,6 +84,7 @@ struct buffer { struct domain { int domid; int master_fd; + struct pollfd *master_pollfd; int slave_fd; int log_fd; bool is_dead; @@ -92,6 +96,7 @@ struct domain { evtchn_port_or_error_t local_port; evtchn_port_or_error_t remote_port; xc_evtchn *xce_handle; + struct pollfd *xce_pollfd; struct xencons_interface *interface; int event_count; long long next_period; @@ -769,6 +774,17 @@ static int ring_free_bytes(struct domain return (sizeof(intf->in) - space); } +static void domain_handle_broken_tty(struct domain *dom, int recreate) +{ + domain_close_tty(dom); + + if (recreate) { + domain_create_tty(dom); + } else { + shutdown_domain(dom); + } +} + static void handle_tty_read(struct domain *dom) { ssize_t len = 0; @@ -794,13 +810,7 @@ static void handle_tty_read(struct domai * keep the slave open for the duration. */ if (len < 0) { - domain_close_tty(dom); - - if (domain_is_valid(dom->domid)) { - domain_create_tty(dom); - } else { - shutdown_domain(dom); - } + domain_handle_broken_tty(dom, domain_is_valid(dom->domid)); } else if (domain_is_valid(dom->domid)) { prod = intf->in_prod; for (i = 0; i < len; i++) { @@ -828,14 +838,7 @@ static void handle_tty_write(struct doma if (len < 1) { dolog(LOG_DEBUG, "Write failed on domain %d: %zd, %d\n", dom->domid, len, errno); - - domain_close_tty(dom); - - if (domain_is_valid(dom->domid)) { - domain_create_tty(dom); - } else { - shutdown_domain(dom); - } + domain_handle_broken_tty(dom, domain_is_valid(dom->domid)); } else { buffer_advance(&dom->buffer, len); } @@ -883,7 +886,7 @@ static void handle_xs(void) free(vec); } -static void handle_hv_logs(void) +static void handle_hv_logs(xc_evtchn *xce_handle) { char buffer[1024*16]; char *bufptr = buffer; @@ -894,7 +897,7 @@ static void handle_hv_logs(void) if ((port = xc_evtchn_pending(xce_handle)) == -1) return; - if (xc_readconsolering(xch, bufptr, &size, 0, 1, &index) == 0 && size > 0) { + if (xc_readconsolering(xc, bufptr, &size, 0, 1, &index) == 0 && size > 0) { int logret; if (log_time_hv) logret = write_with_timestamp(log_hv_fd, buffer, size, @@ -928,18 +931,54 @@ static void handle_log_reload(void) } } +static struct pollfd *set_fds(int fd, short events) +{ + struct pollfd *ret; + if (current_array_size < nr_fds + 1) { + struct pollfd *new_fds = NULL; + unsigned long newsize; + + /* Round up to 2^8 boundary, in practice this just + * make newsize larger than current_array_size. + */ + newsize = ROUNDUP(nr_fds + 1, 8); + + new_fds = realloc(fds, sizeof(struct pollfd)*newsize); + if (!new_fds) + goto fail; + fds = new_fds; + + memset(&fds[0] + current_array_size, 0, + sizeof(struct pollfd) * (newsize-current_array_size)); + current_array_size = newsize; + } + + fds[nr_fds].fd = fd; + fds[nr_fds].events = events; + ret = &fds[nr_fds]; + nr_fds++; + + return ret; +fail: + dolog(LOG_ERR, "realloc failed, ignoring fd %d\n", fd); + return NULL; +} + +static void reset_fds(void) +{ + nr_fds = 0; + memset(fds, 0, sizeof(struct pollfd) * current_array_size); +} + void handle_io(void) { - fd_set readfds, writefds; int ret; + evtchn_port_or_error_t log_hv_evtchn = -1; + struct pollfd *xce_pollfd = NULL; + struct pollfd *xs_pollfd = NULL; + xc_evtchn *xce_handle = NULL; if (log_hv) { - xch = xc_interface_open(0,0,0); - if (!xch) { - dolog(LOG_ERR, "Failed to open xc handle: %d (%s)", - errno, strerror(errno)); - goto out; - } xce_handle = xc_evtchn_open(NULL, 0); if (xce_handle == NULL) { dolog(LOG_ERR, "Failed to open xce handle: %d (%s)", @@ -959,21 +998,17 @@ void handle_io(void) for (;;) { struct domain *d, *n; - int max_fd = -1; - struct timeval timeout; + int poll_timeout; /* timeout in milliseconds */ struct timespec ts; long long now, next_timeout = 0; - FD_ZERO(&readfds); - FD_ZERO(&writefds); + reset_fds(); - FD_SET(xs_fileno(xs), &readfds); - max_fd = MAX(xs_fileno(xs), max_fd); + xs_pollfd = set_fds(xs_fileno(xs), POLLIN|POLLPRI); - if (log_hv) { - FD_SET(xc_evtchn_fd(xce_handle), &readfds); - max_fd = MAX(xc_evtchn_fd(xce_handle), max_fd); - } + if (log_hv) + xce_pollfd = set_fds(xc_evtchn_fd(xce_handle), + POLLIN|POLLPRI); if (clock_gettime(CLOCK_MONOTONIC, &ts) < 0) return; @@ -982,10 +1017,12 @@ void handle_io(void) /* Re-calculate any event counter allowances & unblock domains with new allowance */ for (d = dom_head; d; d = d->next) { - /* Add 5ms of fuzz since select() often returns - a couple of ms sooner than requested. Without - the fuzz we typically do an extra spin in select() - with a 1/2 ms timeout every other iteration */ + /* CS 16257:955ee4fa1345 introduces a 5ms fuzz + * for select(), it is not clear poll() has + * similar behavior (returning a couple of ms + * sooner than requested) as well. Just leave + * the fuzz here. Remove it with a separate + * patch if necessary */ if ((now+5) > d->next_period) { d->next_period = now + RATE_LIMIT_PERIOD; if (d->event_count >= RATE_LIMIT_ALLOWANCE) { @@ -1006,75 +1043,107 @@ void handle_io(void) !d->buffer.max_capacity || d->buffer.size < d->buffer.max_capacity) { int evtchn_fd = xc_evtchn_fd(d->xce_handle); - FD_SET(evtchn_fd, &readfds); - max_fd = MAX(evtchn_fd, max_fd); + d->xce_pollfd = set_fds(evtchn_fd, + POLLIN|POLLPRI); } } if (d->master_fd != -1) { + short events = 0; if (!d->is_dead && ring_free_bytes(d)) - FD_SET(d->master_fd, &readfds); + events |= POLLIN; if (!buffer_empty(&d->buffer)) - FD_SET(d->master_fd, &writefds); - max_fd = MAX(d->master_fd, max_fd); + events |= POLLOUT; + + if (events) + d->master_pollfd = + set_fds(d->master_fd, + events|POLLPRI); } } /* If any domain has been rate limited, we need to work - out what timeout to supply to select */ + out what timeout to supply to poll */ if (next_timeout) { long long duration = (next_timeout - now); if (duration <= 0) /* sanity check */ duration = 1; - timeout.tv_sec = duration / 1000; - timeout.tv_usec = ((duration - (timeout.tv_sec * 1000)) - * 1000); + poll_timeout = (int)duration; } - ret = select(max_fd + 1, &readfds, &writefds, 0, - next_timeout ? &timeout : NULL); + ret = poll(fds, nr_fds, next_timeout ? poll_timeout : -1); if (log_reload) { handle_log_reload(); log_reload = 0; } - /* Abort if select failed, except for EINTR cases + /* Abort if poll failed, except for EINTR cases which indicate a possible log reload */ if (ret == -1) { if (errno == EINTR) continue; - dolog(LOG_ERR, "Failure in select: %d (%s)", + dolog(LOG_ERR, "Failure in poll: %d (%s)", errno, strerror(errno)); break; } - if (log_hv && FD_ISSET(xc_evtchn_fd(xce_handle), &readfds)) - handle_hv_logs(); + if (log_hv && xce_pollfd) { + if (xce_pollfd->revents & ~(POLLIN|POLLOUT|POLLPRI)) { + dolog(LOG_ERR, + "Failure in poll xce_handle: %d (%s)", + errno, strerror(errno)); + break; + } else if (xce_pollfd->revents & POLLIN) + handle_hv_logs(xce_handle); + + xce_pollfd = NULL; + } if (ret <= 0) continue; - if (FD_ISSET(xs_fileno(xs), &readfds)) - handle_xs(); + if (xs_pollfd) { + if (xs_pollfd->revents & ~(POLLIN|POLLOUT|POLLPRI)) { + dolog(LOG_ERR, + "Failure in poll xs_handle: %d (%s)", + errno, strerror(errno)); + break; + } else if (xs_pollfd->revents & POLLIN) + handle_xs(); + + xs_pollfd = NULL; + } for (d = dom_head; d; d = n) { n = d->next; if (d->event_count < RATE_LIMIT_ALLOWANCE) { if (d->xce_handle != NULL && - FD_ISSET(xc_evtchn_fd(d->xce_handle), - &readfds)) - handle_ring_read(d); + d->xce_pollfd && + !(d->xce_pollfd->revents & + ~(POLLIN|POLLOUT|POLLPRI)) && + (d->xce_pollfd->revents & + POLLIN)) + handle_ring_read(d); } - if (d->master_fd != -1 && FD_ISSET(d->master_fd, - &readfds)) - handle_tty_read(d); + if (d->master_fd != -1 && d->master_pollfd) { + if (d->master_pollfd->revents & + ~(POLLIN|POLLOUT|POLLPRI)) + domain_handle_broken_tty(d, + domain_is_valid(d->domid)); + else { + if (d->master_pollfd->revents & + POLLIN) + handle_tty_read(d); + if (d->master_pollfd->revents & + POLLOUT) + handle_tty_write(d); + } + } - if (d->master_fd != -1 && FD_ISSET(d->master_fd, - &writefds)) - handle_tty_write(d); + d->xce_pollfd = d->master_pollfd = NULL; if (d->last_seen != enum_pass) shutdown_domain(d); @@ -1084,15 +1153,14 @@ void handle_io(void) } } + free(fds); + current_array_size = 0; + out: if (log_hv_fd != -1) { close(log_hv_fd); log_hv_fd = -1; } - if (xch) { - xc_interface_close(xch); - xch = 0; - } if (xce_handle != NULL) { xc_evtchn_close(xce_handle); xce_handle = NULL; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 10:33:32 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 10:33:32 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9GM-0000PP-6p; Fri, 18 Jan 2013 10:33:30 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9GK-0000OS-7z for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:28 +0000 Received: from [85.158.143.35:17736] by server-1.bemta-4.messagelabs.com id 41/55-18740-7F429F05; Fri, 18 Jan 2013 10:33:27 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-12.tower-21.messagelabs.com!1358505192!12846892!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 9635 invoked from network); 18 Jan 2013 10:33:15 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-12.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 10:33:15 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9G4-0002nO-H5 for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:12 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tw9G4-0003qN-G0 for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:12 +0000 Message-Id: Date: Fri, 18 Jan 2013 10:33:12 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] Switch from select() to poll() in xenconsoled's IO loop X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Wei Liu # Date 1358430783 0 # Node ID 7359c3122c5d935476ee494706db5249c8df6abc # Parent 76598d4bf61ef0c575deba539ff99078c80e651e Switch from select() to poll() in xenconsoled's IO loop In Linux select() typically supports up to 1024 file descriptors. This can be a problem when user tries to boot up many guests. Switching to poll() has minimum impact on existing code and has better scalibility. pollfd array is dynamically allocated / reallocated. If the array fails to expand, we just ignore the incoming fd. Updated: reset *_pollfd after use. This fixes regression 14869. Also remove unused slave_pollfd in strcut domain. Signed-off-by: Wei Liu Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r 76598d4bf61e -r 7359c3122c5d tools/console/daemon/io.c --- a/tools/console/daemon/io.c Thu Jan 17 13:59:51 2013 +0100 +++ b/tools/console/daemon/io.c Thu Jan 17 13:53:03 2013 +0000 @@ -28,7 +28,7 @@ #include #include #include -#include +#include #include #include #include @@ -66,9 +66,12 @@ extern int discard_overflowed_data; static int log_time_hv_needts = 1; static int log_time_guest_needts = 1; static int log_hv_fd = -1; -static evtchn_port_or_error_t log_hv_evtchn = -1; -static xc_interface *xch; /* why does xenconsoled have two xc handles ? */ -static xc_evtchn *xce_handle = NULL; + +static struct pollfd *fds; +static unsigned int current_array_size; +static unsigned int nr_fds; + +#define ROUNDUP(_x,_w) (((unsigned long)(_x)+(1UL<<(_w))-1) & ~((1UL<<(_w))-1)) struct buffer { char *data; @@ -81,6 +84,7 @@ struct buffer { struct domain { int domid; int master_fd; + struct pollfd *master_pollfd; int slave_fd; int log_fd; bool is_dead; @@ -92,6 +96,7 @@ struct domain { evtchn_port_or_error_t local_port; evtchn_port_or_error_t remote_port; xc_evtchn *xce_handle; + struct pollfd *xce_pollfd; struct xencons_interface *interface; int event_count; long long next_period; @@ -769,6 +774,17 @@ static int ring_free_bytes(struct domain return (sizeof(intf->in) - space); } +static void domain_handle_broken_tty(struct domain *dom, int recreate) +{ + domain_close_tty(dom); + + if (recreate) { + domain_create_tty(dom); + } else { + shutdown_domain(dom); + } +} + static void handle_tty_read(struct domain *dom) { ssize_t len = 0; @@ -794,13 +810,7 @@ static void handle_tty_read(struct domai * keep the slave open for the duration. */ if (len < 0) { - domain_close_tty(dom); - - if (domain_is_valid(dom->domid)) { - domain_create_tty(dom); - } else { - shutdown_domain(dom); - } + domain_handle_broken_tty(dom, domain_is_valid(dom->domid)); } else if (domain_is_valid(dom->domid)) { prod = intf->in_prod; for (i = 0; i < len; i++) { @@ -828,14 +838,7 @@ static void handle_tty_write(struct doma if (len < 1) { dolog(LOG_DEBUG, "Write failed on domain %d: %zd, %d\n", dom->domid, len, errno); - - domain_close_tty(dom); - - if (domain_is_valid(dom->domid)) { - domain_create_tty(dom); - } else { - shutdown_domain(dom); - } + domain_handle_broken_tty(dom, domain_is_valid(dom->domid)); } else { buffer_advance(&dom->buffer, len); } @@ -883,7 +886,7 @@ static void handle_xs(void) free(vec); } -static void handle_hv_logs(void) +static void handle_hv_logs(xc_evtchn *xce_handle) { char buffer[1024*16]; char *bufptr = buffer; @@ -894,7 +897,7 @@ static void handle_hv_logs(void) if ((port = xc_evtchn_pending(xce_handle)) == -1) return; - if (xc_readconsolering(xch, bufptr, &size, 0, 1, &index) == 0 && size > 0) { + if (xc_readconsolering(xc, bufptr, &size, 0, 1, &index) == 0 && size > 0) { int logret; if (log_time_hv) logret = write_with_timestamp(log_hv_fd, buffer, size, @@ -928,18 +931,54 @@ static void handle_log_reload(void) } } +static struct pollfd *set_fds(int fd, short events) +{ + struct pollfd *ret; + if (current_array_size < nr_fds + 1) { + struct pollfd *new_fds = NULL; + unsigned long newsize; + + /* Round up to 2^8 boundary, in practice this just + * make newsize larger than current_array_size. + */ + newsize = ROUNDUP(nr_fds + 1, 8); + + new_fds = realloc(fds, sizeof(struct pollfd)*newsize); + if (!new_fds) + goto fail; + fds = new_fds; + + memset(&fds[0] + current_array_size, 0, + sizeof(struct pollfd) * (newsize-current_array_size)); + current_array_size = newsize; + } + + fds[nr_fds].fd = fd; + fds[nr_fds].events = events; + ret = &fds[nr_fds]; + nr_fds++; + + return ret; +fail: + dolog(LOG_ERR, "realloc failed, ignoring fd %d\n", fd); + return NULL; +} + +static void reset_fds(void) +{ + nr_fds = 0; + memset(fds, 0, sizeof(struct pollfd) * current_array_size); +} + void handle_io(void) { - fd_set readfds, writefds; int ret; + evtchn_port_or_error_t log_hv_evtchn = -1; + struct pollfd *xce_pollfd = NULL; + struct pollfd *xs_pollfd = NULL; + xc_evtchn *xce_handle = NULL; if (log_hv) { - xch = xc_interface_open(0,0,0); - if (!xch) { - dolog(LOG_ERR, "Failed to open xc handle: %d (%s)", - errno, strerror(errno)); - goto out; - } xce_handle = xc_evtchn_open(NULL, 0); if (xce_handle == NULL) { dolog(LOG_ERR, "Failed to open xce handle: %d (%s)", @@ -959,21 +998,17 @@ void handle_io(void) for (;;) { struct domain *d, *n; - int max_fd = -1; - struct timeval timeout; + int poll_timeout; /* timeout in milliseconds */ struct timespec ts; long long now, next_timeout = 0; - FD_ZERO(&readfds); - FD_ZERO(&writefds); + reset_fds(); - FD_SET(xs_fileno(xs), &readfds); - max_fd = MAX(xs_fileno(xs), max_fd); + xs_pollfd = set_fds(xs_fileno(xs), POLLIN|POLLPRI); - if (log_hv) { - FD_SET(xc_evtchn_fd(xce_handle), &readfds); - max_fd = MAX(xc_evtchn_fd(xce_handle), max_fd); - } + if (log_hv) + xce_pollfd = set_fds(xc_evtchn_fd(xce_handle), + POLLIN|POLLPRI); if (clock_gettime(CLOCK_MONOTONIC, &ts) < 0) return; @@ -982,10 +1017,12 @@ void handle_io(void) /* Re-calculate any event counter allowances & unblock domains with new allowance */ for (d = dom_head; d; d = d->next) { - /* Add 5ms of fuzz since select() often returns - a couple of ms sooner than requested. Without - the fuzz we typically do an extra spin in select() - with a 1/2 ms timeout every other iteration */ + /* CS 16257:955ee4fa1345 introduces a 5ms fuzz + * for select(), it is not clear poll() has + * similar behavior (returning a couple of ms + * sooner than requested) as well. Just leave + * the fuzz here. Remove it with a separate + * patch if necessary */ if ((now+5) > d->next_period) { d->next_period = now + RATE_LIMIT_PERIOD; if (d->event_count >= RATE_LIMIT_ALLOWANCE) { @@ -1006,75 +1043,107 @@ void handle_io(void) !d->buffer.max_capacity || d->buffer.size < d->buffer.max_capacity) { int evtchn_fd = xc_evtchn_fd(d->xce_handle); - FD_SET(evtchn_fd, &readfds); - max_fd = MAX(evtchn_fd, max_fd); + d->xce_pollfd = set_fds(evtchn_fd, + POLLIN|POLLPRI); } } if (d->master_fd != -1) { + short events = 0; if (!d->is_dead && ring_free_bytes(d)) - FD_SET(d->master_fd, &readfds); + events |= POLLIN; if (!buffer_empty(&d->buffer)) - FD_SET(d->master_fd, &writefds); - max_fd = MAX(d->master_fd, max_fd); + events |= POLLOUT; + + if (events) + d->master_pollfd = + set_fds(d->master_fd, + events|POLLPRI); } } /* If any domain has been rate limited, we need to work - out what timeout to supply to select */ + out what timeout to supply to poll */ if (next_timeout) { long long duration = (next_timeout - now); if (duration <= 0) /* sanity check */ duration = 1; - timeout.tv_sec = duration / 1000; - timeout.tv_usec = ((duration - (timeout.tv_sec * 1000)) - * 1000); + poll_timeout = (int)duration; } - ret = select(max_fd + 1, &readfds, &writefds, 0, - next_timeout ? &timeout : NULL); + ret = poll(fds, nr_fds, next_timeout ? poll_timeout : -1); if (log_reload) { handle_log_reload(); log_reload = 0; } - /* Abort if select failed, except for EINTR cases + /* Abort if poll failed, except for EINTR cases which indicate a possible log reload */ if (ret == -1) { if (errno == EINTR) continue; - dolog(LOG_ERR, "Failure in select: %d (%s)", + dolog(LOG_ERR, "Failure in poll: %d (%s)", errno, strerror(errno)); break; } - if (log_hv && FD_ISSET(xc_evtchn_fd(xce_handle), &readfds)) - handle_hv_logs(); + if (log_hv && xce_pollfd) { + if (xce_pollfd->revents & ~(POLLIN|POLLOUT|POLLPRI)) { + dolog(LOG_ERR, + "Failure in poll xce_handle: %d (%s)", + errno, strerror(errno)); + break; + } else if (xce_pollfd->revents & POLLIN) + handle_hv_logs(xce_handle); + + xce_pollfd = NULL; + } if (ret <= 0) continue; - if (FD_ISSET(xs_fileno(xs), &readfds)) - handle_xs(); + if (xs_pollfd) { + if (xs_pollfd->revents & ~(POLLIN|POLLOUT|POLLPRI)) { + dolog(LOG_ERR, + "Failure in poll xs_handle: %d (%s)", + errno, strerror(errno)); + break; + } else if (xs_pollfd->revents & POLLIN) + handle_xs(); + + xs_pollfd = NULL; + } for (d = dom_head; d; d = n) { n = d->next; if (d->event_count < RATE_LIMIT_ALLOWANCE) { if (d->xce_handle != NULL && - FD_ISSET(xc_evtchn_fd(d->xce_handle), - &readfds)) - handle_ring_read(d); + d->xce_pollfd && + !(d->xce_pollfd->revents & + ~(POLLIN|POLLOUT|POLLPRI)) && + (d->xce_pollfd->revents & + POLLIN)) + handle_ring_read(d); } - if (d->master_fd != -1 && FD_ISSET(d->master_fd, - &readfds)) - handle_tty_read(d); + if (d->master_fd != -1 && d->master_pollfd) { + if (d->master_pollfd->revents & + ~(POLLIN|POLLOUT|POLLPRI)) + domain_handle_broken_tty(d, + domain_is_valid(d->domid)); + else { + if (d->master_pollfd->revents & + POLLIN) + handle_tty_read(d); + if (d->master_pollfd->revents & + POLLOUT) + handle_tty_write(d); + } + } - if (d->master_fd != -1 && FD_ISSET(d->master_fd, - &writefds)) - handle_tty_write(d); + d->xce_pollfd = d->master_pollfd = NULL; if (d->last_seen != enum_pass) shutdown_domain(d); @@ -1084,15 +1153,14 @@ void handle_io(void) } } + free(fds); + current_array_size = 0; + out: if (log_hv_fd != -1) { close(log_hv_fd); log_hv_fd = -1; } - if (xch) { - xc_interface_close(xch); - xch = 0; - } if (xce_handle != NULL) { xc_evtchn_close(xce_handle); xce_handle = NULL; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 10:33:32 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 10:33:32 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9GM-0000PF-3R; Fri, 18 Jan 2013 10:33:30 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9GK-0000OV-AM for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:28 +0000 Received: from [85.158.143.35:17733] by server-3.bemta-4.messagelabs.com id 4B/F9-19220-7F429F05; Fri, 18 Jan 2013 10:33:27 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-12.tower-21.messagelabs.com!1358505192!12846889!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 9636 invoked from network); 18 Jan 2013 10:33:15 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-12.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 10:33:15 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9G4-0002nL-12 for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:12 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tw9G3-0003q8-Vv for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:12 +0000 Message-Id: Date: Fri, 18 Jan 2013 10:33:11 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] x86: handle both NMI kinds if they occur simultaneously X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1358427591 -3600 # Node ID 76598d4bf61ef0c575deba539ff99078c80e651e # Parent 0dee85c061addb7124d77c5f6cfe2ea7bc03b760 x86: handle both NMI kinds if they occur simultaneously We shouldn't assume PCI SERR excludes IOCHK. Once at it, also remove the doubly redundant range restriction on "reason" - the variable already is "unsigned char". Signed-off-by: Jan Beulich Acked-by: Andrew Cooper Acked-by: Keir Fraser --- diff -r 0dee85c061ad -r 76598d4bf61e xen/arch/x86/traps.c --- a/xen/arch/x86/traps.c Thu Jan 17 12:27:00 2013 +0000 +++ b/xen/arch/x86/traps.c Thu Jan 17 13:59:51 2013 +0100 @@ -3201,10 +3201,10 @@ void do_nmi(struct cpu_user_regs *regs) reason = inb(0x61); if ( reason & 0x80 ) pci_serr_error(regs); - else if ( reason & 0x40 ) + if ( reason & 0x40 ) io_check_error(regs); - else if ( !nmi_watchdog ) - unknown_nmi_error(regs, (unsigned char)(reason&0xff)); + if ( !(reason & 0xc0) && !nmi_watchdog ) + unknown_nmi_error(regs, reason); } } _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 10:33:32 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 10:33:32 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9GM-0000PF-3R; Fri, 18 Jan 2013 10:33:30 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9GK-0000OV-AM for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:28 +0000 Received: from [85.158.143.35:17733] by server-3.bemta-4.messagelabs.com id 4B/F9-19220-7F429F05; Fri, 18 Jan 2013 10:33:27 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-12.tower-21.messagelabs.com!1358505192!12846889!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 9636 invoked from network); 18 Jan 2013 10:33:15 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-12.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 10:33:15 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9G4-0002nL-12 for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:12 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tw9G3-0003q8-Vv for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:12 +0000 Message-Id: Date: Fri, 18 Jan 2013 10:33:11 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] x86: handle both NMI kinds if they occur simultaneously X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1358427591 -3600 # Node ID 76598d4bf61ef0c575deba539ff99078c80e651e # Parent 0dee85c061addb7124d77c5f6cfe2ea7bc03b760 x86: handle both NMI kinds if they occur simultaneously We shouldn't assume PCI SERR excludes IOCHK. Once at it, also remove the doubly redundant range restriction on "reason" - the variable already is "unsigned char". Signed-off-by: Jan Beulich Acked-by: Andrew Cooper Acked-by: Keir Fraser --- diff -r 0dee85c061ad -r 76598d4bf61e xen/arch/x86/traps.c --- a/xen/arch/x86/traps.c Thu Jan 17 12:27:00 2013 +0000 +++ b/xen/arch/x86/traps.c Thu Jan 17 13:59:51 2013 +0100 @@ -3201,10 +3201,10 @@ void do_nmi(struct cpu_user_regs *regs) reason = inb(0x61); if ( reason & 0x80 ) pci_serr_error(regs); - else if ( reason & 0x40 ) + if ( reason & 0x40 ) io_check_error(regs); - else if ( !nmi_watchdog ) - unknown_nmi_error(regs, (unsigned char)(reason&0xff)); + if ( !(reason & 0xc0) && !nmi_watchdog ) + unknown_nmi_error(regs, reason); } } _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 10:33:51 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 10:33:51 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9Gg-0000Xp-AB; Fri, 18 Jan 2013 10:33:50 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9Ge-0000X5-MS for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:49 +0000 Received: from [85.158.143.35:15349] by server-2.bemta-4.messagelabs.com id A2/C0-24322-B0529F05; Fri, 18 Jan 2013 10:33:47 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-7.tower-21.messagelabs.com!1358505194!11625368!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 13135 invoked from network); 18 Jan 2013 10:33:19 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-7.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 10:33:19 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9G6-0002na-LO for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:14 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tw9G6-0003rL-JV for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:14 +0000 Message-Id: Date: Fri, 18 Jan 2013 10:33:14 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] x86/mm: revert 26399:b0e618cb0233 (multiple vram areas) X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Tim Deegan # Date 1358438102 0 # Node ID d81f9832a082768c454b7dc6530834a0017f0683 # Parent 7927b79daa474d32b500331fe3f50d3019d606ab x86/mm: revert 26399:b0e618cb0233 (multiple vram areas) Although this passed my smoke-tests at commit time, I'm now seeing screen corruption on 32-bit WinXP guests. Reverting for now. :( Signed-off-by: Tim Deegan Committed-by: Tim Deegan --- diff -r 7927b79daa47 -r d81f9832a082 tools/libxc/xenctrl.h --- a/tools/libxc/xenctrl.h Thu Jan 17 13:53:14 2013 +0000 +++ b/tools/libxc/xenctrl.h Thu Jan 17 15:55:02 2013 +0000 @@ -1563,23 +1563,15 @@ int xc_hvm_inject_msi( xc_interface *xch, domid_t dom, uint64_t addr, uint32_t data); /* - * Track dirty bit changes in a VRAM region defined by - * [ first_pfn : first_pfn + nr - 1 ] + * Track dirty bit changes in the VRAM area * * All of this is done atomically: - * - gets the dirty bitmap since the last call, all zeroes for - * the first call with some new region - * - sets up a dirty tracking region for period up to the next call - * - clears the specified dirty tracking region. + * - get the dirty bitmap since the last call + * - set up dirty tracking area for period up to the next call + * - clear the dirty tracking area. * - * Creating a new region causes any existing regions that it overlaps - * to be discarded. - * - * Specifying nr == 0 causes all regions to be discarded and - * disables dirty bit tracking. - * - * If nr is not a multiple of 64, only the first nr bits of bitmap - * are well defined. + * Returns -ENODATA and does not fill bitmap if the area has changed since the + * last call. */ int xc_hvm_track_dirty_vram( xc_interface *xch, domid_t dom, diff -r 7927b79daa47 -r d81f9832a082 xen/arch/x86/hvm/hvm.c --- a/xen/arch/x86/hvm/hvm.c Thu Jan 17 13:53:14 2013 +0000 +++ b/xen/arch/x86/hvm/hvm.c Thu Jan 17 15:55:02 2013 +0000 @@ -57,7 +57,6 @@ #include #include #include -#include #include #include #include @@ -1437,11 +1436,8 @@ int hvm_hap_nested_page_fault(paddr_t gp */ if ( access_w ) { - if ( p2m_change_type(v->domain, gfn, p2m_ram_logdirty, - p2m_ram_rw) == p2m_ram_logdirty ) - { - paging_mark_dirty_gpfn(v->domain, gfn); - } + paging_mark_dirty(v->domain, mfn_x(mfn)); + p2m_change_type(v->domain, gfn, p2m_ram_logdirty, p2m_ram_rw); } rc = 1; goto out_put_gfn; diff -r 7927b79daa47 -r d81f9832a082 xen/arch/x86/mm/Makefile --- a/xen/arch/x86/mm/Makefile Thu Jan 17 13:53:14 2013 +0000 +++ b/xen/arch/x86/mm/Makefile Thu Jan 17 15:55:02 2013 +0000 @@ -5,7 +5,6 @@ obj-y += paging.o obj-y += p2m.o p2m-pt.o p2m-ept.o p2m-pod.o obj-y += guest_walk_2.o obj-y += guest_walk_3.o -obj-y += dirty_vram.o obj-$(x86_64) += guest_walk_4.o obj-$(x86_64) += mem_event.o obj-$(x86_64) += mem_paging.o diff -r 7927b79daa47 -r d81f9832a082 xen/arch/x86/mm/hap/hap.c --- a/xen/arch/x86/mm/hap/hap.c Thu Jan 17 13:53:14 2013 +0000 +++ b/xen/arch/x86/mm/hap/hap.c Thu Jan 17 15:55:02 2013 +0000 @@ -53,6 +53,117 @@ #define page_to_mfn(_pg) _mfn(__page_to_mfn(_pg)) /************************************************/ +/* HAP VRAM TRACKING SUPPORT */ +/************************************************/ + +/* + * hap_track_dirty_vram() + * Create the domain's dv_dirty_vram struct on demand. + * Create a dirty vram range on demand when some [begin_pfn:begin_pfn+nr] is + * first encountered. + * Collect the guest_dirty bitmask, a bit mask of the dirty vram pages, by + * calling paging_log_dirty_range(), which interrogates each vram + * page's p2m type looking for pages that have been made writable. + */ + +int hap_track_dirty_vram(struct domain *d, + unsigned long begin_pfn, + unsigned long nr, + XEN_GUEST_HANDLE_64(uint8) guest_dirty_bitmap) +{ + long rc = 0; + struct sh_dirty_vram *dirty_vram; + uint8_t *dirty_bitmap = NULL; + + if ( nr ) + { + int size = (nr + BITS_PER_BYTE - 1) / BITS_PER_BYTE; + + if ( !paging_mode_log_dirty(d) ) + { + hap_logdirty_init(d); + rc = paging_log_dirty_enable(d); + if ( rc ) + goto out; + } + + rc = -ENOMEM; + dirty_bitmap = xzalloc_bytes(size); + if ( !dirty_bitmap ) + goto out; + + paging_lock(d); + + dirty_vram = d->arch.hvm_domain.dirty_vram; + if ( !dirty_vram ) + { + rc = -ENOMEM; + if ( (dirty_vram = xzalloc(struct sh_dirty_vram)) == NULL ) + { + paging_unlock(d); + goto out; + } + + d->arch.hvm_domain.dirty_vram = dirty_vram; + } + + if ( begin_pfn != dirty_vram->begin_pfn || + begin_pfn + nr != dirty_vram->end_pfn ) + { + dirty_vram->begin_pfn = begin_pfn; + dirty_vram->end_pfn = begin_pfn + nr; + + paging_unlock(d); + + /* set l1e entries of range within P2M table to be read-only. */ + p2m_change_type_range(d, begin_pfn, begin_pfn + nr, + p2m_ram_rw, p2m_ram_logdirty); + + flush_tlb_mask(d->domain_dirty_cpumask); + + memset(dirty_bitmap, 0xff, size); /* consider all pages dirty */ + } + else + { + paging_unlock(d); + + domain_pause(d); + + /* get the bitmap */ + paging_log_dirty_range(d, begin_pfn, nr, dirty_bitmap); + + domain_unpause(d); + } + + rc = -EFAULT; + if ( copy_to_guest(guest_dirty_bitmap, dirty_bitmap, size) == 0 ) + rc = 0; + } + else + { + paging_lock(d); + + dirty_vram = d->arch.hvm_domain.dirty_vram; + if ( dirty_vram ) + { + /* + * If zero pages specified while tracking dirty vram + * then stop tracking + */ + xfree(dirty_vram); + d->arch.hvm_domain.dirty_vram = NULL; + } + + paging_unlock(d); + } +out: + if ( dirty_bitmap ) + xfree(dirty_bitmap); + + return rc; +} + +/************************************************/ /* HAP LOG DIRTY SUPPORT */ /************************************************/ diff -r 7927b79daa47 -r d81f9832a082 xen/arch/x86/mm/p2m.c --- a/xen/arch/x86/mm/p2m.c Thu Jan 17 13:53:14 2013 +0000 +++ b/xen/arch/x86/mm/p2m.c Thu Jan 17 15:55:02 2013 +0000 @@ -741,23 +741,20 @@ void p2m_change_type_range(struct domain struct p2m_domain *p2m = p2m_get_hostp2m(d); BUG_ON(p2m_is_grant(ot) || p2m_is_grant(nt)); + p2m_lock(p2m); + p2m->defer_nested_flush = 1; - p2m->defer_nested_flush = 1; - for ( gfn = start; gfn < end; gfn++ ) { mfn = p2m->get_entry(p2m, gfn, &pt, &a, 0, NULL); if ( pt == ot ) - set_p2m_entry(p2m, gfn, mfn, PAGE_ORDER_4K, nt, - p2m->default_access); + set_p2m_entry(p2m, gfn, mfn, PAGE_ORDER_4K, nt, p2m->default_access); } - + p2m->defer_nested_flush = 0; - if ( nestedhvm_enabled(d) ) p2m_flush_nestedp2m(d); - p2m_unlock(p2m); } diff -r 7927b79daa47 -r d81f9832a082 xen/arch/x86/mm/paging.c --- a/xen/arch/x86/mm/paging.c Thu Jan 17 13:53:14 2013 +0000 +++ b/xen/arch/x86/mm/paging.c Thu Jan 17 15:55:02 2013 +0000 @@ -27,7 +27,6 @@ #include #include #include -#include #include #include @@ -193,11 +192,15 @@ int paging_log_dirty_disable(struct doma return ret; } -/* Given a guest mfn, mark a page as dirty */ +/* Mark a page as dirty */ void paging_mark_dirty(struct domain *d, unsigned long guest_mfn) { unsigned long pfn; mfn_t gmfn; + int changed; + mfn_t mfn, *l4, *l3, *l2; + unsigned long *l1; + int i1, i2, i3, i4; gmfn = _mfn(guest_mfn); @@ -207,19 +210,6 @@ void paging_mark_dirty(struct domain *d, /* We /really/ mean PFN here, even for non-translated guests. */ pfn = get_gpfn_from_mfn(mfn_x(gmfn)); - paging_mark_dirty_gpfn(d, pfn); -} - - -/* Given a guest pfn, mark a page as dirty */ -void paging_mark_dirty_gpfn(struct domain *d, unsigned long pfn) -{ - int changed; - mfn_t mfn, *l4, *l3, *l2; - unsigned long *l1; - int i1, i2, i3, i4; - dv_range_t *range; - /* Shared MFNs should NEVER be marked dirty */ BUG_ON(SHARED_M2P(pfn)); @@ -239,11 +229,6 @@ void paging_mark_dirty_gpfn(struct domai /* Recursive: this is called from inside the shadow code */ paging_lock_recursive(d); - d->arch.paging.log_dirty.dirty_count++; - range = dirty_vram_range_find_gfn(d, pfn); - if ( range ) - range->dirty_count++; - if ( unlikely(!mfn_valid(d->arch.paging.log_dirty.top)) ) { d->arch.paging.log_dirty.top = paging_new_log_dirty_node(d); @@ -460,31 +445,7 @@ void paging_log_dirty_range(struct domai struct p2m_domain *p2m = p2m_get_hostp2m(d); int i; unsigned long pfn; - dv_range_t *range; - unsigned int range_dirty_count; - paging_lock(d); - range = dirty_vram_range_find_gfn(d, begin_pfn); - if ( !range ) - { - paging_unlock(d); - goto out; - } - - range_dirty_count = range->dirty_count; - range->dirty_count = 0; - - paging_unlock(d); - - if ( !range_dirty_count) - goto out; - - PAGING_DEBUG(LOGDIRTY, - "log-dirty-range: dom %u [%05lx:%05lx] range_dirty=%u\n", - d->domain_id, - begin_pfn, - begin_pfn + nr, - range_dirty_count); /* * Set l1e entries of P2M table to be read-only. * @@ -499,17 +460,15 @@ void paging_log_dirty_range(struct domai for ( i = 0, pfn = begin_pfn; pfn < begin_pfn + nr; i++, pfn++ ) { - if ( p2m_change_type(d, pfn, p2m_ram_rw, p2m_ram_logdirty) == - p2m_ram_rw ) + p2m_type_t pt; + pt = p2m_change_type(d, pfn, p2m_ram_rw, p2m_ram_logdirty); + if ( pt == p2m_ram_rw ) dirty_bitmap[i >> 3] |= (1 << (i & 7)); } p2m_unlock(p2m); flush_tlb_mask(d->domain_dirty_cpumask); - - out: - return; } /* Note that this function takes three function pointers. Callers must supply diff -r 7927b79daa47 -r d81f9832a082 xen/arch/x86/mm/shadow/common.c --- a/xen/arch/x86/mm/shadow/common.c Thu Jan 17 13:53:14 2013 +0000 +++ b/xen/arch/x86/mm/shadow/common.c Thu Jan 17 15:55:02 2013 +0000 @@ -36,7 +36,6 @@ #include #include #include -#include #include #include "private.h" @@ -3122,7 +3121,12 @@ void shadow_teardown(struct domain *d) * calls now that we've torn down the bitmap */ d->arch.paging.mode &= ~PG_log_dirty; - dirty_vram_free(d); + if (d->arch.hvm_domain.dirty_vram) { + xfree(d->arch.hvm_domain.dirty_vram->sl1ma); + xfree(d->arch.hvm_domain.dirty_vram->dirty_bitmap); + xfree(d->arch.hvm_domain.dirty_vram); + d->arch.hvm_domain.dirty_vram = NULL; + } paging_unlock(d); @@ -3460,217 +3464,178 @@ void shadow_clean_dirty_bitmap(struct do /**************************************************************************/ /* VRAM dirty tracking support */ - - -/* Support functions for shadow-based dirty VRAM code */ - -#define DEBUG_unshadow_sl1ma 0 -#define DEBUG_unshadow_sl1ma_detail 0 -#define DEBUG_count_initial_mappings 0 - -/* smfn is no longer a shadow page. Remove it from any - * dirty vram range mapping. */ -void -dirty_vram_delete_shadow(struct vcpu *v, - unsigned long gfn, - unsigned int shadow_type, - mfn_t smfn) +int shadow_track_dirty_vram(struct domain *d, + unsigned long begin_pfn, + unsigned long nr, + XEN_GUEST_HANDLE_64(uint8) dirty_bitmap) { - static unsigned int l1_shadow_mask = - 1 << SH_type_l1_32_shadow - | 1 << SH_type_fl1_32_shadow - | 1 << SH_type_l1_pae_shadow - | 1 << SH_type_fl1_pae_shadow - | 1 << SH_type_l1_64_shadow - | 1 << SH_type_fl1_64_shadow - ; - struct domain *d = v->domain; - dv_dirty_vram_t *dirty_vram; - struct list_head *curr, *next; - - ASSERT(paging_locked_by_me(d)); - /* Ignore all but level 1 shadows */ - - if ( (l1_shadow_mask & (1 << shadow_type)) == 0 ) + int rc; + unsigned long end_pfn = begin_pfn + nr; + unsigned long dirty_size = (nr + 7) / 8; + int flush_tlb = 0; + unsigned long i; + p2m_type_t t; + struct sh_dirty_vram *dirty_vram = d->arch.hvm_domain.dirty_vram; + struct p2m_domain *p2m = p2m_get_hostp2m(d); + + if (end_pfn < begin_pfn + || begin_pfn > p2m->max_mapped_pfn + || end_pfn >= p2m->max_mapped_pfn) + return -EINVAL; + + /* We perform p2m lookups, so lock the p2m upfront to avoid deadlock */ + p2m_lock(p2m_get_hostp2m(d)); + paging_lock(d); + + if ( dirty_vram && (!nr || + ( begin_pfn != dirty_vram->begin_pfn + || end_pfn != dirty_vram->end_pfn )) ) { + /* Different tracking, tear the previous down. */ + gdprintk(XENLOG_INFO, "stopping tracking VRAM %lx - %lx\n", dirty_vram->begin_pfn, dirty_vram->end_pfn); + xfree(dirty_vram->sl1ma); + xfree(dirty_vram->dirty_bitmap); + xfree(dirty_vram); + dirty_vram = d->arch.hvm_domain.dirty_vram = NULL; + } + + if ( !nr ) + { + rc = 0; goto out; } - dirty_vram = d->arch.hvm_domain.dirty_vram; + /* This should happen seldomly (Video mode change), + * no need to be careful. */ if ( !dirty_vram ) { - goto out; + /* Throw away all the shadows rather than walking through them + * up to nr times getting rid of mappings of each pfn */ + shadow_blow_tables(d); + + gdprintk(XENLOG_INFO, "tracking VRAM %lx - %lx\n", begin_pfn, end_pfn); + + rc = -ENOMEM; + if ( (dirty_vram = xmalloc(struct sh_dirty_vram)) == NULL ) + goto out; + dirty_vram->begin_pfn = begin_pfn; + dirty_vram->end_pfn = end_pfn; + d->arch.hvm_domain.dirty_vram = dirty_vram; + + if ( (dirty_vram->sl1ma = xmalloc_array(paddr_t, nr)) == NULL ) + goto out_dirty_vram; + memset(dirty_vram->sl1ma, ~0, sizeof(paddr_t) * nr); + + if ( (dirty_vram->dirty_bitmap = xzalloc_array(uint8_t, dirty_size)) == NULL ) + goto out_sl1ma; + + dirty_vram->last_dirty = NOW(); + + /* Tell the caller that this time we could not track dirty bits. */ + rc = -ENODATA; } - - list_for_each_safe(curr, next, &dirty_vram->range_head) + else if (dirty_vram->last_dirty == -1) { - dv_range_t *range = list_entry(curr, dv_range_t, range_link); - unsigned long i; - int max_mappings = 1, mappings = 0; - int unshadowed = 0; - for ( i = 0; i != range->end_pfn - range->begin_pfn; i++ ) - { - dv_paddr_link_t *pl = &range->pl_tab[ i ].mapping; - dv_paddr_link_t **ppl = NULL; - mappings = 0; - - while ( pl != NULL ) + /* still completely clean, just copy our empty bitmap */ + rc = -EFAULT; + if ( copy_to_guest(dirty_bitmap, dirty_vram->dirty_bitmap, dirty_size) == 0 ) + rc = 0; + } + else + { + /* Iterate over VRAM to track dirty bits. */ + for ( i = 0; i < nr; i++ ) { + mfn_t mfn = get_gfn_query_unlocked(d, begin_pfn + i, &t); + struct page_info *page; + int dirty = 0; + paddr_t sl1ma = dirty_vram->sl1ma[i]; + + if (mfn_x(mfn) == INVALID_MFN) { - paddr_t sl1ma = pl->sl1ma; - unsigned long sl1mn; - - if ( sl1ma == INVALID_PADDR ) + dirty = 1; + } + else + { + page = mfn_to_page(mfn); + switch (page->u.inuse.type_info & PGT_count_mask) + { + case 0: + /* No guest reference, nothing to track. */ break; - - sl1mn = sl1ma >> PAGE_SHIFT; - if ( sl1mn == mfn_x(smfn) ) { -#if DEBUG_unshadow_sl1ma_detail - gdprintk(XENLOG_DEBUG, - "[%lx] gfn[%lx] unshadow sl1ma:%lx\n", - mfn_x(smfn), - range->begin_pfn + i, - sl1ma); -#endif - unshadowed++; - pl = free_paddr_link(d, ppl, pl); - --range->nr_mappings; - } - else - { - ppl = &pl->pl_next; - pl = *ppl; - mappings++; + case 1: + /* One guest reference. */ + if ( sl1ma == INVALID_PADDR ) + { + /* We don't know which sl1e points to this, too bad. */ + dirty = 1; + /* TODO: Heuristics for finding the single mapping of + * this gmfn */ + flush_tlb |= sh_remove_all_mappings(d->vcpu[0], mfn); + } + else + { + /* Hopefully the most common case: only one mapping, + * whose dirty bit we can use. */ + l1_pgentry_t *sl1e = maddr_to_virt(sl1ma); + + if ( l1e_get_flags(*sl1e) & _PAGE_DIRTY ) + { + dirty = 1; + /* Note: this is atomic, so we may clear a + * _PAGE_ACCESSED set by another processor. */ + l1e_remove_flags(*sl1e, _PAGE_DIRTY); + flush_tlb = 1; + } + } + break; + default: + /* More than one guest reference, + * we don't afford tracking that. */ + dirty = 1; + break; } } - } - if ( mappings > max_mappings ) - max_mappings = mappings; - - if ( unshadowed ) { -#if DEBUG_unshadow_sl1ma - gdprintk(XENLOG_DEBUG, - "[%lx] gfn[%05lx:%05lx] unshadowed:%d mappings:0x%x " - "max_mappings:%d\n", - mfn_x(smfn), - range->begin_pfn, range->end_pfn, - unshadowed, range->nr_mappings, max_mappings); -#endif - if ( range->nr_mappings == 0 ) + + if ( dirty ) { - dirty_vram_range_free(d, range); + dirty_vram->dirty_bitmap[i / 8] |= 1 << (i % 8); + dirty_vram->last_dirty = NOW(); } } + + rc = -EFAULT; + if ( copy_to_guest(dirty_bitmap, dirty_vram->dirty_bitmap, dirty_size) == 0 ) { + memset(dirty_vram->dirty_bitmap, 0, dirty_size); + if (dirty_vram->last_dirty + SECONDS(2) < NOW()) + { + /* was clean for more than two seconds, try to disable guest + * write access */ + for ( i = begin_pfn; i < end_pfn; i++ ) { + mfn_t mfn = get_gfn_query_unlocked(d, i, &t); + if (mfn_x(mfn) != INVALID_MFN) + flush_tlb |= sh_remove_write_access(d->vcpu[0], mfn, 1, 0); + } + dirty_vram->last_dirty = -1; + } + rc = 0; + } } - out: - return; + if ( flush_tlb ) + flush_tlb_mask(d->domain_dirty_cpumask); + goto out; + +out_sl1ma: + xfree(dirty_vram->sl1ma); +out_dirty_vram: + xfree(dirty_vram); + dirty_vram = d->arch.hvm_domain.dirty_vram = NULL; + +out: + paging_unlock(d); + p2m_unlock(p2m_get_hostp2m(d)); + return rc; } - -typedef int (*hash_pfn_callback_t)(struct vcpu *v, - mfn_t smfn, - unsigned long begin_pfn, - unsigned long end_pfn, - int *removed); - -static int hash_pfn_foreach(struct vcpu *v, - unsigned int callback_mask, - hash_pfn_callback_t callbacks[], - unsigned long begin_pfn, - unsigned long end_pfn) -/* Walk the hash table looking at the types of the entries and - * calling the appropriate callback function for each entry. - * The mask determines which shadow types we call back for, and the array - * of callbacks tells us which function to call. - * Any callback may return non-zero to let us skip the rest of the scan. - * - * WARNING: Callbacks MUST NOT add or remove hash entries unless they - * then return non-zero to terminate the scan. */ -{ - int i, done = 0, removed = 0; - struct domain *d = v->domain; - struct page_info *x; - - /* Say we're here, to stop hash-lookups reordering the chains */ - ASSERT(paging_locked_by_me(d)); - ASSERT(d->arch.paging.shadow.hash_walking == 0); - d->arch.paging.shadow.hash_walking = 1; - - for ( i = 0; i < SHADOW_HASH_BUCKETS; i++ ) - { - /* WARNING: This is not safe against changes to the hash table. - * The callback *must* return non-zero if it has inserted or - * deleted anything from the hash (lookups are OK, though). */ - for ( x = d->arch.paging.shadow.hash_table[i]; - x; - x = next_shadow(x) ) - { - if ( callback_mask & (1 << x->u.sh.type) ) - { - ASSERT(x->u.sh.type <= 15); - ASSERT(callbacks[x->u.sh.type] != NULL); - done = callbacks[x->u.sh.type](v, page_to_mfn(x), - begin_pfn, end_pfn, - &removed); - if ( done ) break; - } - } - if ( done ) break; - } - d->arch.paging.shadow.hash_walking = 0; - return removed; -} - -void sh_find_all_vram_mappings(struct vcpu *v, - dv_range_t *range) -{ - /* Dispatch table for getting per-type functions */ - static hash_pfn_callback_t callbacks[SH_type_unused] = { - NULL, /* none */ - SHADOW_INTERNAL_NAME(sh_find_vram_mappings_in_l1, 2), /* l1_32 */ - SHADOW_INTERNAL_NAME(sh_find_vram_mappings_in_l1, 2), /* fl1_32 */ - NULL, /* l2_32 */ - SHADOW_INTERNAL_NAME(sh_find_vram_mappings_in_l1, 3), /* l1_pae */ - SHADOW_INTERNAL_NAME(sh_find_vram_mappings_in_l1, 3), /* fl1_pae */ - NULL, /* l2_pae */ - NULL, /* l2h_pae */ -#if CONFIG_PAGING_LEVELS >= 4 - SHADOW_INTERNAL_NAME(sh_find_vram_mappings_in_l1, 4), /* l1_64 */ - SHADOW_INTERNAL_NAME(sh_find_vram_mappings_in_l1, 4), /* fl1_64 */ -#else - NULL, /* l1_64 */ - NULL, /* fl1_64 */ -#endif - NULL, /* l2_64 */ - NULL, /* l2h_64 */ - NULL, /* l3_64 */ - NULL, /* l4_64 */ - NULL, /* p2m */ - NULL /* unused */ - }; - - static unsigned int callback_mask = - 1 << SH_type_l1_32_shadow - | 1 << SH_type_fl1_32_shadow - | 1 << SH_type_l1_pae_shadow - | 1 << SH_type_fl1_pae_shadow - | 1 << SH_type_l1_64_shadow - | 1 << SH_type_fl1_64_shadow - ; - - perfc_incr(shadow_mappings); - - hash_pfn_foreach(v, callback_mask, callbacks, - range->begin_pfn, - range->end_pfn); - -#if DEBUG_count_initial_mappings - gdprintk(XENLOG_DEBUG, "[%05lx:%05lx] count of initial mappings:%d\n", - range->begin_pfn, range->end_pfn, - range->nr_mappings); -#endif -} - - /**************************************************************************/ /* Shadow-control XEN_DOMCTL dispatcher */ diff -r 7927b79daa47 -r d81f9832a082 xen/arch/x86/mm/shadow/multi.c --- a/xen/arch/x86/mm/shadow/multi.c Thu Jan 17 13:53:14 2013 +0000 +++ b/xen/arch/x86/mm/shadow/multi.c Thu Jan 17 15:55:02 2013 +0000 @@ -35,7 +35,6 @@ #include #include #include -#include #include #include #include @@ -150,10 +149,6 @@ delete_fl1_shadow_status(struct vcpu *v, SHADOW_PRINTK("gfn=%"SH_PRI_gfn", type=%08x, smfn=%05lx\n", gfn_x(gfn), SH_type_fl1_shadow, mfn_x(smfn)); ASSERT(mfn_to_page(smfn)->u.sh.head); - - /* Removing any dv_paddr_links to the erstwhile shadow page */ - dirty_vram_delete_shadow(v, gfn_x(gfn), SH_type_fl1_shadow, smfn); - shadow_hash_delete(v, gfn_x(gfn), SH_type_fl1_shadow, smfn); } @@ -165,10 +160,6 @@ delete_shadow_status(struct vcpu *v, mfn v->domain->domain_id, v->vcpu_id, mfn_x(gmfn), shadow_type, mfn_x(smfn)); ASSERT(mfn_to_page(smfn)->u.sh.head); - - /* Removing any dv_paddr_links to the erstwhile shadow page */ - dirty_vram_delete_shadow(v, mfn_x(gmfn), shadow_type, smfn); - shadow_hash_delete(v, mfn_x(gmfn), shadow_type, smfn); /* 32-on-64 PV guests don't own their l4 pages; see set_shadow_status */ if ( !is_pv_32on64_vcpu(v) || shadow_type != SH_type_l4_64_shadow ) @@ -525,6 +516,7 @@ _sh_propagate(struct vcpu *v, guest_l1e_t guest_entry = { guest_intpte }; shadow_l1e_t *sp = shadow_entry_ptr; struct domain *d = v->domain; + struct sh_dirty_vram *dirty_vram = d->arch.hvm_domain.dirty_vram; gfn_t target_gfn = guest_l1e_get_gfn(guest_entry); u32 pass_thru_flags; u32 gflags, sflags; @@ -671,6 +663,17 @@ _sh_propagate(struct vcpu *v, } } + if ( unlikely((level == 1) && dirty_vram + && dirty_vram->last_dirty == -1 + && gfn_x(target_gfn) >= dirty_vram->begin_pfn + && gfn_x(target_gfn) < dirty_vram->end_pfn) ) + { + if ( ft & FETCH_TYPE_WRITE ) + dirty_vram->last_dirty = NOW(); + else + sflags &= ~_PAGE_RW; + } + /* Read-only memory */ if ( p2m_is_readonly(p2mt) || (p2mt == p2m_mmio_direct && @@ -1069,60 +1072,101 @@ static int shadow_set_l2e(struct vcpu *v return flags; } -/* shadow_vram_fix_l1e() - * - * Tests L1PTEs as they are modified, looking for when they start to (or - * cease to) point to frame buffer pages. If the old and new gfns differ, - * calls dirty_vram_range_update() to updates the dirty_vram structures. - */ -static inline void shadow_vram_fix_l1e(shadow_l1e_t old_sl1e, - shadow_l1e_t new_sl1e, +static inline void shadow_vram_get_l1e(shadow_l1e_t new_sl1e, shadow_l1e_t *sl1e, mfn_t sl1mfn, struct domain *d) { - mfn_t new_mfn, old_mfn; - unsigned long new_gfn = INVALID_M2P_ENTRY, old_gfn = INVALID_M2P_ENTRY; - paddr_t sl1ma; - dv_dirty_vram_t *dirty_vram = d->arch.hvm_domain.dirty_vram; - - if ( !dirty_vram ) + mfn_t mfn = shadow_l1e_get_mfn(new_sl1e); + int flags = shadow_l1e_get_flags(new_sl1e); + unsigned long gfn; + struct sh_dirty_vram *dirty_vram = d->arch.hvm_domain.dirty_vram; + + if ( !dirty_vram /* tracking disabled? */ + || !(flags & _PAGE_RW) /* read-only mapping? */ + || !mfn_valid(mfn) ) /* mfn can be invalid in mmio_direct */ return; - sl1ma = pfn_to_paddr(mfn_x(sl1mfn)) | ((unsigned long)sl1e & ~PAGE_MASK); - - old_mfn = shadow_l1e_get_mfn(old_sl1e); - - if ( !sh_l1e_is_magic(old_sl1e) && - (l1e_get_flags(old_sl1e) & _PAGE_PRESENT) && - mfn_valid(old_mfn)) + gfn = mfn_to_gfn(d, mfn); + /* Page sharing not supported on shadow PTs */ + BUG_ON(SHARED_M2P(gfn)); + + if ( (gfn >= dirty_vram->begin_pfn) && (gfn < dirty_vram->end_pfn) ) { - old_gfn = mfn_to_gfn(d, old_mfn); + unsigned long i = gfn - dirty_vram->begin_pfn; + struct page_info *page = mfn_to_page(mfn); + + if ( (page->u.inuse.type_info & PGT_count_mask) == 1 ) + /* Initial guest reference, record it */ + dirty_vram->sl1ma[i] = pfn_to_paddr(mfn_x(sl1mfn)) + | ((unsigned long)sl1e & ~PAGE_MASK); } - - new_mfn = shadow_l1e_get_mfn(new_sl1e); - if ( !sh_l1e_is_magic(new_sl1e) && - (l1e_get_flags(new_sl1e) & _PAGE_PRESENT) && - mfn_valid(new_mfn)) +} + +static inline void shadow_vram_put_l1e(shadow_l1e_t old_sl1e, + shadow_l1e_t *sl1e, + mfn_t sl1mfn, + struct domain *d) +{ + mfn_t mfn = shadow_l1e_get_mfn(old_sl1e); + int flags = shadow_l1e_get_flags(old_sl1e); + unsigned long gfn; + struct sh_dirty_vram *dirty_vram = d->arch.hvm_domain.dirty_vram; + + if ( !dirty_vram /* tracking disabled? */ + || !(flags & _PAGE_RW) /* read-only mapping? */ + || !mfn_valid(mfn) ) /* mfn can be invalid in mmio_direct */ + return; + + gfn = mfn_to_gfn(d, mfn); + /* Page sharing not supported on shadow PTs */ + BUG_ON(SHARED_M2P(gfn)); + + if ( (gfn >= dirty_vram->begin_pfn) && (gfn < dirty_vram->end_pfn) ) { - new_gfn = mfn_to_gfn(d, new_mfn); + unsigned long i = gfn - dirty_vram->begin_pfn; + struct page_info *page = mfn_to_page(mfn); + int dirty = 0; + paddr_t sl1ma = pfn_to_paddr(mfn_x(sl1mfn)) + | ((unsigned long)sl1e & ~PAGE_MASK); + + if ( (page->u.inuse.type_info & PGT_count_mask) == 1 ) + { + /* Last reference */ + if ( dirty_vram->sl1ma[i] == INVALID_PADDR ) { + /* We didn't know it was that one, let's say it is dirty */ + dirty = 1; + } + else + { + ASSERT(dirty_vram->sl1ma[i] == sl1ma); + dirty_vram->sl1ma[i] = INVALID_PADDR; + if ( flags & _PAGE_DIRTY ) + dirty = 1; + } + } + else + { + /* We had more than one reference, just consider the page dirty. */ + dirty = 1; + /* Check that it's not the one we recorded. */ + if ( dirty_vram->sl1ma[i] == sl1ma ) + { + /* Too bad, we remembered the wrong one... */ + dirty_vram->sl1ma[i] = INVALID_PADDR; + } + else + { + /* Ok, our recorded sl1e is still pointing to this page, let's + * just hope it will remain. */ + } + } + if ( dirty ) + { + dirty_vram->dirty_bitmap[i / 8] |= 1 << (i % 8); + dirty_vram->last_dirty = NOW(); + } } - - if ( old_gfn == new_gfn ) return; - - if ( VALID_M2P(old_gfn) ) - if ( dirty_vram_range_update(d, old_gfn, sl1ma, 0/*clear*/) ) - { - SHADOW_PRINTK("gfn %lx (mfn %lx) cleared vram pte\n", - old_gfn, mfn_x(old_mfn)); - } - - if ( VALID_M2P(new_gfn) ) - if ( dirty_vram_range_update(d, new_gfn, sl1ma, 1/*set*/) ) - { - SHADOW_PRINTK("gfn %lx (mfn %lx) set vram pte\n", - new_gfn, mfn_x(new_mfn)); - } } static int shadow_set_l1e(struct vcpu *v, @@ -1167,13 +1211,12 @@ static int shadow_set_l1e(struct vcpu *v shadow_l1e_remove_flags(new_sl1e, _PAGE_RW); /* fall through */ case 0: + shadow_vram_get_l1e(new_sl1e, sl1e, sl1mfn, d); break; } } } - shadow_vram_fix_l1e(old_sl1e, new_sl1e, sl1e, sl1mfn, d); - /* Write the new entry */ shadow_write_entries(sl1e, &new_sl1e, 1, sl1mfn); flags |= SHADOW_SET_CHANGED; @@ -1188,6 +1231,7 @@ static int shadow_set_l1e(struct vcpu *v * trigger a flush later. */ if ( shadow_mode_refcounts(d) ) { + shadow_vram_put_l1e(old_sl1e, sl1e, sl1mfn, d); shadow_put_page_from_l1e(old_sl1e, d); TRACE_SHADOW_PATH_FLAG(TRCE_SFLAG_SHADOW_L1_PUT_REF); } @@ -1974,6 +2018,7 @@ void sh_destroy_l1_shadow(struct vcpu *v SHADOW_FOREACH_L1E(sl1mfn, sl1e, 0, 0, { if ( (shadow_l1e_get_flags(*sl1e) & _PAGE_PRESENT) && !sh_l1e_is_magic(*sl1e) ) { + shadow_vram_put_l1e(*sl1e, sl1e, sl1mfn, d); shadow_put_page_from_l1e(*sl1e, d); } }); @@ -4291,37 +4336,6 @@ int sh_rm_mappings_from_l1(struct vcpu * return done; } - -int sh_find_vram_mappings_in_l1(struct vcpu *v, - mfn_t sl1mfn, - unsigned long begin_pfn, - unsigned long end_pfn, - int *removed) -/* Find all VRAM mappings in this shadow l1 table */ -{ - struct domain *d = v->domain; - shadow_l1e_t *sl1e; - int done = 0; - - /* only returns _PAGE_PRESENT entries */ - SHADOW_FOREACH_L1E(sl1mfn, sl1e, 0, done, - { - unsigned long gfn; - mfn_t gmfn = shadow_l1e_get_mfn(*sl1e); - if ( !mfn_valid(gmfn) ) - continue; - gfn = mfn_to_gfn(d, gmfn); - if ( VALID_M2P(gfn) && (begin_pfn <= gfn) && (gfn < end_pfn) ) - { - paddr_t sl1ma = - pfn_to_paddr(mfn_x(sl1mfn)) | - ( (unsigned long)sl1e & ~PAGE_MASK ); - dirty_vram_range_update(v->domain, gfn, sl1ma, 1/*set*/); - } - }); - return 0; -} - /**************************************************************************/ /* Functions to excise all pointers to shadows from higher-level shadows. */ diff -r 7927b79daa47 -r d81f9832a082 xen/arch/x86/mm/shadow/multi.h --- a/xen/arch/x86/mm/shadow/multi.h Thu Jan 17 13:53:14 2013 +0000 +++ b/xen/arch/x86/mm/shadow/multi.h Thu Jan 17 15:55:02 2013 +0000 @@ -66,12 +66,7 @@ SHADOW_INTERNAL_NAME(sh_rm_write_access_ extern int SHADOW_INTERNAL_NAME(sh_rm_mappings_from_l1, GUEST_LEVELS) (struct vcpu *v, mfn_t sl1mfn, mfn_t target_mfn); -extern int -SHADOW_INTERNAL_NAME(sh_find_vram_mappings_in_l1, GUEST_LEVELS) - (struct vcpu *v, mfn_t sl1mfn, - unsigned long begin_pfn, - unsigned long end_pfn, - int *removed); + extern void SHADOW_INTERNAL_NAME(sh_clear_shadow_entry, GUEST_LEVELS) (struct vcpu *v, void *ep, mfn_t smfn); diff -r 7927b79daa47 -r d81f9832a082 xen/arch/x86/mm/shadow/types.h --- a/xen/arch/x86/mm/shadow/types.h Thu Jan 17 13:53:14 2013 +0000 +++ b/xen/arch/x86/mm/shadow/types.h Thu Jan 17 15:55:02 2013 +0000 @@ -229,7 +229,6 @@ static inline shadow_l4e_t shadow_l4e_fr #define sh_update_cr3 INTERNAL_NAME(sh_update_cr3) #define sh_rm_write_access_from_l1 INTERNAL_NAME(sh_rm_write_access_from_l1) #define sh_rm_mappings_from_l1 INTERNAL_NAME(sh_rm_mappings_from_l1) -#define sh_find_vram_mappings_in_l1 INTERNAL_NAME(sh_find_vram_mappings_in_l1) #define sh_remove_l1_shadow INTERNAL_NAME(sh_remove_l1_shadow) #define sh_remove_l2_shadow INTERNAL_NAME(sh_remove_l2_shadow) #define sh_remove_l3_shadow INTERNAL_NAME(sh_remove_l3_shadow) diff -r 7927b79daa47 -r d81f9832a082 xen/include/asm-x86/hap.h --- a/xen/include/asm-x86/hap.h Thu Jan 17 13:53:14 2013 +0000 +++ b/xen/include/asm-x86/hap.h Thu Jan 17 15:55:02 2013 +0000 @@ -57,6 +57,10 @@ void hap_final_teardown(struct domain * void hap_teardown(struct domain *d); void hap_vcpu_init(struct vcpu *v); void hap_logdirty_init(struct domain *d); +int hap_track_dirty_vram(struct domain *d, + unsigned long begin_pfn, + unsigned long nr, + XEN_GUEST_HANDLE_64(uint8) dirty_bitmap); extern const struct paging_mode *hap_paging_get_mode(struct vcpu *); diff -r 7927b79daa47 -r d81f9832a082 xen/include/asm-x86/hvm/domain.h --- a/xen/include/asm-x86/hvm/domain.h Thu Jan 17 13:53:14 2013 +0000 +++ b/xen/include/asm-x86/hvm/domain.h Thu Jan 17 15:55:02 2013 +0000 @@ -74,7 +74,7 @@ struct hvm_domain { struct list_head pinned_cacheattr_ranges; /* VRAM dirty support. */ - struct dv_dirty_vram *dirty_vram; + struct sh_dirty_vram *dirty_vram; /* If one of vcpus of this domain is in no_fill_mode or * mtrr/pat between vcpus is not the same, set is_in_uc_mode diff -r 7927b79daa47 -r d81f9832a082 xen/include/asm-x86/paging.h --- a/xen/include/asm-x86/paging.h Thu Jan 17 13:53:14 2013 +0000 +++ b/xen/include/asm-x86/paging.h Thu Jan 17 15:55:02 2013 +0000 @@ -154,13 +154,9 @@ void paging_log_dirty_init(struct domain int (*disable_log_dirty)(struct domain *d), void (*clean_dirty_bitmap)(struct domain *d)); -/* mark a gmfn as dirty, a wrapper around marking a gpfn as dirty */ +/* mark a page as dirty */ void paging_mark_dirty(struct domain *d, unsigned long guest_mfn); -/* mark a gpfn as dirty */ -void paging_mark_dirty_gpfn(struct domain *d, unsigned long gpfn); - - /* is this guest page dirty? * This is called from inside paging code, with the paging lock held. */ int paging_mfn_is_dirty(struct domain *d, mfn_t gmfn); @@ -187,6 +183,15 @@ int paging_mfn_is_dirty(struct domain *d #define L4_LOGDIRTY_IDX(pfn) 0 #endif +/* VRAM dirty tracking support */ +struct sh_dirty_vram { + unsigned long begin_pfn; + unsigned long end_pfn; + paddr_t *sl1ma; + uint8_t *dirty_bitmap; + s_time_t last_dirty; +}; + /***************************************************************************** * Entry points into the paging-assistance code */ diff -r 7927b79daa47 -r d81f9832a082 xen/include/asm-x86/shadow.h --- a/xen/include/asm-x86/shadow.h Thu Jan 17 13:53:14 2013 +0000 +++ b/xen/include/asm-x86/shadow.h Thu Jan 17 15:55:02 2013 +0000 @@ -62,6 +62,12 @@ void shadow_vcpu_init(struct vcpu *v); /* Enable an arbitrary shadow mode. Call once at domain creation. */ int shadow_enable(struct domain *d, u32 mode); +/* Enable VRAM dirty bit tracking. */ +int shadow_track_dirty_vram(struct domain *d, + unsigned long first_pfn, + unsigned long nr, + XEN_GUEST_HANDLE_64(uint8) dirty_bitmap); + /* Handler for shadow control ops: operations from user-space to enable * and disable ephemeral shadow modes (test mode and log-dirty mode) and * manipulate the log-dirty bitmap. */ _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 10:33:51 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 10:33:51 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9Gg-0000Xp-AB; Fri, 18 Jan 2013 10:33:50 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9Ge-0000X5-MS for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:49 +0000 Received: from [85.158.143.35:15349] by server-2.bemta-4.messagelabs.com id A2/C0-24322-B0529F05; Fri, 18 Jan 2013 10:33:47 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-7.tower-21.messagelabs.com!1358505194!11625368!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 13135 invoked from network); 18 Jan 2013 10:33:19 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-7.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 10:33:19 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9G6-0002na-LO for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:14 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tw9G6-0003rL-JV for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:14 +0000 Message-Id: Date: Fri, 18 Jan 2013 10:33:14 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] x86/mm: revert 26399:b0e618cb0233 (multiple vram areas) X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Tim Deegan # Date 1358438102 0 # Node ID d81f9832a082768c454b7dc6530834a0017f0683 # Parent 7927b79daa474d32b500331fe3f50d3019d606ab x86/mm: revert 26399:b0e618cb0233 (multiple vram areas) Although this passed my smoke-tests at commit time, I'm now seeing screen corruption on 32-bit WinXP guests. Reverting for now. :( Signed-off-by: Tim Deegan Committed-by: Tim Deegan --- diff -r 7927b79daa47 -r d81f9832a082 tools/libxc/xenctrl.h --- a/tools/libxc/xenctrl.h Thu Jan 17 13:53:14 2013 +0000 +++ b/tools/libxc/xenctrl.h Thu Jan 17 15:55:02 2013 +0000 @@ -1563,23 +1563,15 @@ int xc_hvm_inject_msi( xc_interface *xch, domid_t dom, uint64_t addr, uint32_t data); /* - * Track dirty bit changes in a VRAM region defined by - * [ first_pfn : first_pfn + nr - 1 ] + * Track dirty bit changes in the VRAM area * * All of this is done atomically: - * - gets the dirty bitmap since the last call, all zeroes for - * the first call with some new region - * - sets up a dirty tracking region for period up to the next call - * - clears the specified dirty tracking region. + * - get the dirty bitmap since the last call + * - set up dirty tracking area for period up to the next call + * - clear the dirty tracking area. * - * Creating a new region causes any existing regions that it overlaps - * to be discarded. - * - * Specifying nr == 0 causes all regions to be discarded and - * disables dirty bit tracking. - * - * If nr is not a multiple of 64, only the first nr bits of bitmap - * are well defined. + * Returns -ENODATA and does not fill bitmap if the area has changed since the + * last call. */ int xc_hvm_track_dirty_vram( xc_interface *xch, domid_t dom, diff -r 7927b79daa47 -r d81f9832a082 xen/arch/x86/hvm/hvm.c --- a/xen/arch/x86/hvm/hvm.c Thu Jan 17 13:53:14 2013 +0000 +++ b/xen/arch/x86/hvm/hvm.c Thu Jan 17 15:55:02 2013 +0000 @@ -57,7 +57,6 @@ #include #include #include -#include #include #include #include @@ -1437,11 +1436,8 @@ int hvm_hap_nested_page_fault(paddr_t gp */ if ( access_w ) { - if ( p2m_change_type(v->domain, gfn, p2m_ram_logdirty, - p2m_ram_rw) == p2m_ram_logdirty ) - { - paging_mark_dirty_gpfn(v->domain, gfn); - } + paging_mark_dirty(v->domain, mfn_x(mfn)); + p2m_change_type(v->domain, gfn, p2m_ram_logdirty, p2m_ram_rw); } rc = 1; goto out_put_gfn; diff -r 7927b79daa47 -r d81f9832a082 xen/arch/x86/mm/Makefile --- a/xen/arch/x86/mm/Makefile Thu Jan 17 13:53:14 2013 +0000 +++ b/xen/arch/x86/mm/Makefile Thu Jan 17 15:55:02 2013 +0000 @@ -5,7 +5,6 @@ obj-y += paging.o obj-y += p2m.o p2m-pt.o p2m-ept.o p2m-pod.o obj-y += guest_walk_2.o obj-y += guest_walk_3.o -obj-y += dirty_vram.o obj-$(x86_64) += guest_walk_4.o obj-$(x86_64) += mem_event.o obj-$(x86_64) += mem_paging.o diff -r 7927b79daa47 -r d81f9832a082 xen/arch/x86/mm/hap/hap.c --- a/xen/arch/x86/mm/hap/hap.c Thu Jan 17 13:53:14 2013 +0000 +++ b/xen/arch/x86/mm/hap/hap.c Thu Jan 17 15:55:02 2013 +0000 @@ -53,6 +53,117 @@ #define page_to_mfn(_pg) _mfn(__page_to_mfn(_pg)) /************************************************/ +/* HAP VRAM TRACKING SUPPORT */ +/************************************************/ + +/* + * hap_track_dirty_vram() + * Create the domain's dv_dirty_vram struct on demand. + * Create a dirty vram range on demand when some [begin_pfn:begin_pfn+nr] is + * first encountered. + * Collect the guest_dirty bitmask, a bit mask of the dirty vram pages, by + * calling paging_log_dirty_range(), which interrogates each vram + * page's p2m type looking for pages that have been made writable. + */ + +int hap_track_dirty_vram(struct domain *d, + unsigned long begin_pfn, + unsigned long nr, + XEN_GUEST_HANDLE_64(uint8) guest_dirty_bitmap) +{ + long rc = 0; + struct sh_dirty_vram *dirty_vram; + uint8_t *dirty_bitmap = NULL; + + if ( nr ) + { + int size = (nr + BITS_PER_BYTE - 1) / BITS_PER_BYTE; + + if ( !paging_mode_log_dirty(d) ) + { + hap_logdirty_init(d); + rc = paging_log_dirty_enable(d); + if ( rc ) + goto out; + } + + rc = -ENOMEM; + dirty_bitmap = xzalloc_bytes(size); + if ( !dirty_bitmap ) + goto out; + + paging_lock(d); + + dirty_vram = d->arch.hvm_domain.dirty_vram; + if ( !dirty_vram ) + { + rc = -ENOMEM; + if ( (dirty_vram = xzalloc(struct sh_dirty_vram)) == NULL ) + { + paging_unlock(d); + goto out; + } + + d->arch.hvm_domain.dirty_vram = dirty_vram; + } + + if ( begin_pfn != dirty_vram->begin_pfn || + begin_pfn + nr != dirty_vram->end_pfn ) + { + dirty_vram->begin_pfn = begin_pfn; + dirty_vram->end_pfn = begin_pfn + nr; + + paging_unlock(d); + + /* set l1e entries of range within P2M table to be read-only. */ + p2m_change_type_range(d, begin_pfn, begin_pfn + nr, + p2m_ram_rw, p2m_ram_logdirty); + + flush_tlb_mask(d->domain_dirty_cpumask); + + memset(dirty_bitmap, 0xff, size); /* consider all pages dirty */ + } + else + { + paging_unlock(d); + + domain_pause(d); + + /* get the bitmap */ + paging_log_dirty_range(d, begin_pfn, nr, dirty_bitmap); + + domain_unpause(d); + } + + rc = -EFAULT; + if ( copy_to_guest(guest_dirty_bitmap, dirty_bitmap, size) == 0 ) + rc = 0; + } + else + { + paging_lock(d); + + dirty_vram = d->arch.hvm_domain.dirty_vram; + if ( dirty_vram ) + { + /* + * If zero pages specified while tracking dirty vram + * then stop tracking + */ + xfree(dirty_vram); + d->arch.hvm_domain.dirty_vram = NULL; + } + + paging_unlock(d); + } +out: + if ( dirty_bitmap ) + xfree(dirty_bitmap); + + return rc; +} + +/************************************************/ /* HAP LOG DIRTY SUPPORT */ /************************************************/ diff -r 7927b79daa47 -r d81f9832a082 xen/arch/x86/mm/p2m.c --- a/xen/arch/x86/mm/p2m.c Thu Jan 17 13:53:14 2013 +0000 +++ b/xen/arch/x86/mm/p2m.c Thu Jan 17 15:55:02 2013 +0000 @@ -741,23 +741,20 @@ void p2m_change_type_range(struct domain struct p2m_domain *p2m = p2m_get_hostp2m(d); BUG_ON(p2m_is_grant(ot) || p2m_is_grant(nt)); + p2m_lock(p2m); + p2m->defer_nested_flush = 1; - p2m->defer_nested_flush = 1; - for ( gfn = start; gfn < end; gfn++ ) { mfn = p2m->get_entry(p2m, gfn, &pt, &a, 0, NULL); if ( pt == ot ) - set_p2m_entry(p2m, gfn, mfn, PAGE_ORDER_4K, nt, - p2m->default_access); + set_p2m_entry(p2m, gfn, mfn, PAGE_ORDER_4K, nt, p2m->default_access); } - + p2m->defer_nested_flush = 0; - if ( nestedhvm_enabled(d) ) p2m_flush_nestedp2m(d); - p2m_unlock(p2m); } diff -r 7927b79daa47 -r d81f9832a082 xen/arch/x86/mm/paging.c --- a/xen/arch/x86/mm/paging.c Thu Jan 17 13:53:14 2013 +0000 +++ b/xen/arch/x86/mm/paging.c Thu Jan 17 15:55:02 2013 +0000 @@ -27,7 +27,6 @@ #include #include #include -#include #include #include @@ -193,11 +192,15 @@ int paging_log_dirty_disable(struct doma return ret; } -/* Given a guest mfn, mark a page as dirty */ +/* Mark a page as dirty */ void paging_mark_dirty(struct domain *d, unsigned long guest_mfn) { unsigned long pfn; mfn_t gmfn; + int changed; + mfn_t mfn, *l4, *l3, *l2; + unsigned long *l1; + int i1, i2, i3, i4; gmfn = _mfn(guest_mfn); @@ -207,19 +210,6 @@ void paging_mark_dirty(struct domain *d, /* We /really/ mean PFN here, even for non-translated guests. */ pfn = get_gpfn_from_mfn(mfn_x(gmfn)); - paging_mark_dirty_gpfn(d, pfn); -} - - -/* Given a guest pfn, mark a page as dirty */ -void paging_mark_dirty_gpfn(struct domain *d, unsigned long pfn) -{ - int changed; - mfn_t mfn, *l4, *l3, *l2; - unsigned long *l1; - int i1, i2, i3, i4; - dv_range_t *range; - /* Shared MFNs should NEVER be marked dirty */ BUG_ON(SHARED_M2P(pfn)); @@ -239,11 +229,6 @@ void paging_mark_dirty_gpfn(struct domai /* Recursive: this is called from inside the shadow code */ paging_lock_recursive(d); - d->arch.paging.log_dirty.dirty_count++; - range = dirty_vram_range_find_gfn(d, pfn); - if ( range ) - range->dirty_count++; - if ( unlikely(!mfn_valid(d->arch.paging.log_dirty.top)) ) { d->arch.paging.log_dirty.top = paging_new_log_dirty_node(d); @@ -460,31 +445,7 @@ void paging_log_dirty_range(struct domai struct p2m_domain *p2m = p2m_get_hostp2m(d); int i; unsigned long pfn; - dv_range_t *range; - unsigned int range_dirty_count; - paging_lock(d); - range = dirty_vram_range_find_gfn(d, begin_pfn); - if ( !range ) - { - paging_unlock(d); - goto out; - } - - range_dirty_count = range->dirty_count; - range->dirty_count = 0; - - paging_unlock(d); - - if ( !range_dirty_count) - goto out; - - PAGING_DEBUG(LOGDIRTY, - "log-dirty-range: dom %u [%05lx:%05lx] range_dirty=%u\n", - d->domain_id, - begin_pfn, - begin_pfn + nr, - range_dirty_count); /* * Set l1e entries of P2M table to be read-only. * @@ -499,17 +460,15 @@ void paging_log_dirty_range(struct domai for ( i = 0, pfn = begin_pfn; pfn < begin_pfn + nr; i++, pfn++ ) { - if ( p2m_change_type(d, pfn, p2m_ram_rw, p2m_ram_logdirty) == - p2m_ram_rw ) + p2m_type_t pt; + pt = p2m_change_type(d, pfn, p2m_ram_rw, p2m_ram_logdirty); + if ( pt == p2m_ram_rw ) dirty_bitmap[i >> 3] |= (1 << (i & 7)); } p2m_unlock(p2m); flush_tlb_mask(d->domain_dirty_cpumask); - - out: - return; } /* Note that this function takes three function pointers. Callers must supply diff -r 7927b79daa47 -r d81f9832a082 xen/arch/x86/mm/shadow/common.c --- a/xen/arch/x86/mm/shadow/common.c Thu Jan 17 13:53:14 2013 +0000 +++ b/xen/arch/x86/mm/shadow/common.c Thu Jan 17 15:55:02 2013 +0000 @@ -36,7 +36,6 @@ #include #include #include -#include #include #include "private.h" @@ -3122,7 +3121,12 @@ void shadow_teardown(struct domain *d) * calls now that we've torn down the bitmap */ d->arch.paging.mode &= ~PG_log_dirty; - dirty_vram_free(d); + if (d->arch.hvm_domain.dirty_vram) { + xfree(d->arch.hvm_domain.dirty_vram->sl1ma); + xfree(d->arch.hvm_domain.dirty_vram->dirty_bitmap); + xfree(d->arch.hvm_domain.dirty_vram); + d->arch.hvm_domain.dirty_vram = NULL; + } paging_unlock(d); @@ -3460,217 +3464,178 @@ void shadow_clean_dirty_bitmap(struct do /**************************************************************************/ /* VRAM dirty tracking support */ - - -/* Support functions for shadow-based dirty VRAM code */ - -#define DEBUG_unshadow_sl1ma 0 -#define DEBUG_unshadow_sl1ma_detail 0 -#define DEBUG_count_initial_mappings 0 - -/* smfn is no longer a shadow page. Remove it from any - * dirty vram range mapping. */ -void -dirty_vram_delete_shadow(struct vcpu *v, - unsigned long gfn, - unsigned int shadow_type, - mfn_t smfn) +int shadow_track_dirty_vram(struct domain *d, + unsigned long begin_pfn, + unsigned long nr, + XEN_GUEST_HANDLE_64(uint8) dirty_bitmap) { - static unsigned int l1_shadow_mask = - 1 << SH_type_l1_32_shadow - | 1 << SH_type_fl1_32_shadow - | 1 << SH_type_l1_pae_shadow - | 1 << SH_type_fl1_pae_shadow - | 1 << SH_type_l1_64_shadow - | 1 << SH_type_fl1_64_shadow - ; - struct domain *d = v->domain; - dv_dirty_vram_t *dirty_vram; - struct list_head *curr, *next; - - ASSERT(paging_locked_by_me(d)); - /* Ignore all but level 1 shadows */ - - if ( (l1_shadow_mask & (1 << shadow_type)) == 0 ) + int rc; + unsigned long end_pfn = begin_pfn + nr; + unsigned long dirty_size = (nr + 7) / 8; + int flush_tlb = 0; + unsigned long i; + p2m_type_t t; + struct sh_dirty_vram *dirty_vram = d->arch.hvm_domain.dirty_vram; + struct p2m_domain *p2m = p2m_get_hostp2m(d); + + if (end_pfn < begin_pfn + || begin_pfn > p2m->max_mapped_pfn + || end_pfn >= p2m->max_mapped_pfn) + return -EINVAL; + + /* We perform p2m lookups, so lock the p2m upfront to avoid deadlock */ + p2m_lock(p2m_get_hostp2m(d)); + paging_lock(d); + + if ( dirty_vram && (!nr || + ( begin_pfn != dirty_vram->begin_pfn + || end_pfn != dirty_vram->end_pfn )) ) { + /* Different tracking, tear the previous down. */ + gdprintk(XENLOG_INFO, "stopping tracking VRAM %lx - %lx\n", dirty_vram->begin_pfn, dirty_vram->end_pfn); + xfree(dirty_vram->sl1ma); + xfree(dirty_vram->dirty_bitmap); + xfree(dirty_vram); + dirty_vram = d->arch.hvm_domain.dirty_vram = NULL; + } + + if ( !nr ) + { + rc = 0; goto out; } - dirty_vram = d->arch.hvm_domain.dirty_vram; + /* This should happen seldomly (Video mode change), + * no need to be careful. */ if ( !dirty_vram ) { - goto out; + /* Throw away all the shadows rather than walking through them + * up to nr times getting rid of mappings of each pfn */ + shadow_blow_tables(d); + + gdprintk(XENLOG_INFO, "tracking VRAM %lx - %lx\n", begin_pfn, end_pfn); + + rc = -ENOMEM; + if ( (dirty_vram = xmalloc(struct sh_dirty_vram)) == NULL ) + goto out; + dirty_vram->begin_pfn = begin_pfn; + dirty_vram->end_pfn = end_pfn; + d->arch.hvm_domain.dirty_vram = dirty_vram; + + if ( (dirty_vram->sl1ma = xmalloc_array(paddr_t, nr)) == NULL ) + goto out_dirty_vram; + memset(dirty_vram->sl1ma, ~0, sizeof(paddr_t) * nr); + + if ( (dirty_vram->dirty_bitmap = xzalloc_array(uint8_t, dirty_size)) == NULL ) + goto out_sl1ma; + + dirty_vram->last_dirty = NOW(); + + /* Tell the caller that this time we could not track dirty bits. */ + rc = -ENODATA; } - - list_for_each_safe(curr, next, &dirty_vram->range_head) + else if (dirty_vram->last_dirty == -1) { - dv_range_t *range = list_entry(curr, dv_range_t, range_link); - unsigned long i; - int max_mappings = 1, mappings = 0; - int unshadowed = 0; - for ( i = 0; i != range->end_pfn - range->begin_pfn; i++ ) - { - dv_paddr_link_t *pl = &range->pl_tab[ i ].mapping; - dv_paddr_link_t **ppl = NULL; - mappings = 0; - - while ( pl != NULL ) + /* still completely clean, just copy our empty bitmap */ + rc = -EFAULT; + if ( copy_to_guest(dirty_bitmap, dirty_vram->dirty_bitmap, dirty_size) == 0 ) + rc = 0; + } + else + { + /* Iterate over VRAM to track dirty bits. */ + for ( i = 0; i < nr; i++ ) { + mfn_t mfn = get_gfn_query_unlocked(d, begin_pfn + i, &t); + struct page_info *page; + int dirty = 0; + paddr_t sl1ma = dirty_vram->sl1ma[i]; + + if (mfn_x(mfn) == INVALID_MFN) { - paddr_t sl1ma = pl->sl1ma; - unsigned long sl1mn; - - if ( sl1ma == INVALID_PADDR ) + dirty = 1; + } + else + { + page = mfn_to_page(mfn); + switch (page->u.inuse.type_info & PGT_count_mask) + { + case 0: + /* No guest reference, nothing to track. */ break; - - sl1mn = sl1ma >> PAGE_SHIFT; - if ( sl1mn == mfn_x(smfn) ) { -#if DEBUG_unshadow_sl1ma_detail - gdprintk(XENLOG_DEBUG, - "[%lx] gfn[%lx] unshadow sl1ma:%lx\n", - mfn_x(smfn), - range->begin_pfn + i, - sl1ma); -#endif - unshadowed++; - pl = free_paddr_link(d, ppl, pl); - --range->nr_mappings; - } - else - { - ppl = &pl->pl_next; - pl = *ppl; - mappings++; + case 1: + /* One guest reference. */ + if ( sl1ma == INVALID_PADDR ) + { + /* We don't know which sl1e points to this, too bad. */ + dirty = 1; + /* TODO: Heuristics for finding the single mapping of + * this gmfn */ + flush_tlb |= sh_remove_all_mappings(d->vcpu[0], mfn); + } + else + { + /* Hopefully the most common case: only one mapping, + * whose dirty bit we can use. */ + l1_pgentry_t *sl1e = maddr_to_virt(sl1ma); + + if ( l1e_get_flags(*sl1e) & _PAGE_DIRTY ) + { + dirty = 1; + /* Note: this is atomic, so we may clear a + * _PAGE_ACCESSED set by another processor. */ + l1e_remove_flags(*sl1e, _PAGE_DIRTY); + flush_tlb = 1; + } + } + break; + default: + /* More than one guest reference, + * we don't afford tracking that. */ + dirty = 1; + break; } } - } - if ( mappings > max_mappings ) - max_mappings = mappings; - - if ( unshadowed ) { -#if DEBUG_unshadow_sl1ma - gdprintk(XENLOG_DEBUG, - "[%lx] gfn[%05lx:%05lx] unshadowed:%d mappings:0x%x " - "max_mappings:%d\n", - mfn_x(smfn), - range->begin_pfn, range->end_pfn, - unshadowed, range->nr_mappings, max_mappings); -#endif - if ( range->nr_mappings == 0 ) + + if ( dirty ) { - dirty_vram_range_free(d, range); + dirty_vram->dirty_bitmap[i / 8] |= 1 << (i % 8); + dirty_vram->last_dirty = NOW(); } } + + rc = -EFAULT; + if ( copy_to_guest(dirty_bitmap, dirty_vram->dirty_bitmap, dirty_size) == 0 ) { + memset(dirty_vram->dirty_bitmap, 0, dirty_size); + if (dirty_vram->last_dirty + SECONDS(2) < NOW()) + { + /* was clean for more than two seconds, try to disable guest + * write access */ + for ( i = begin_pfn; i < end_pfn; i++ ) { + mfn_t mfn = get_gfn_query_unlocked(d, i, &t); + if (mfn_x(mfn) != INVALID_MFN) + flush_tlb |= sh_remove_write_access(d->vcpu[0], mfn, 1, 0); + } + dirty_vram->last_dirty = -1; + } + rc = 0; + } } - out: - return; + if ( flush_tlb ) + flush_tlb_mask(d->domain_dirty_cpumask); + goto out; + +out_sl1ma: + xfree(dirty_vram->sl1ma); +out_dirty_vram: + xfree(dirty_vram); + dirty_vram = d->arch.hvm_domain.dirty_vram = NULL; + +out: + paging_unlock(d); + p2m_unlock(p2m_get_hostp2m(d)); + return rc; } - -typedef int (*hash_pfn_callback_t)(struct vcpu *v, - mfn_t smfn, - unsigned long begin_pfn, - unsigned long end_pfn, - int *removed); - -static int hash_pfn_foreach(struct vcpu *v, - unsigned int callback_mask, - hash_pfn_callback_t callbacks[], - unsigned long begin_pfn, - unsigned long end_pfn) -/* Walk the hash table looking at the types of the entries and - * calling the appropriate callback function for each entry. - * The mask determines which shadow types we call back for, and the array - * of callbacks tells us which function to call. - * Any callback may return non-zero to let us skip the rest of the scan. - * - * WARNING: Callbacks MUST NOT add or remove hash entries unless they - * then return non-zero to terminate the scan. */ -{ - int i, done = 0, removed = 0; - struct domain *d = v->domain; - struct page_info *x; - - /* Say we're here, to stop hash-lookups reordering the chains */ - ASSERT(paging_locked_by_me(d)); - ASSERT(d->arch.paging.shadow.hash_walking == 0); - d->arch.paging.shadow.hash_walking = 1; - - for ( i = 0; i < SHADOW_HASH_BUCKETS; i++ ) - { - /* WARNING: This is not safe against changes to the hash table. - * The callback *must* return non-zero if it has inserted or - * deleted anything from the hash (lookups are OK, though). */ - for ( x = d->arch.paging.shadow.hash_table[i]; - x; - x = next_shadow(x) ) - { - if ( callback_mask & (1 << x->u.sh.type) ) - { - ASSERT(x->u.sh.type <= 15); - ASSERT(callbacks[x->u.sh.type] != NULL); - done = callbacks[x->u.sh.type](v, page_to_mfn(x), - begin_pfn, end_pfn, - &removed); - if ( done ) break; - } - } - if ( done ) break; - } - d->arch.paging.shadow.hash_walking = 0; - return removed; -} - -void sh_find_all_vram_mappings(struct vcpu *v, - dv_range_t *range) -{ - /* Dispatch table for getting per-type functions */ - static hash_pfn_callback_t callbacks[SH_type_unused] = { - NULL, /* none */ - SHADOW_INTERNAL_NAME(sh_find_vram_mappings_in_l1, 2), /* l1_32 */ - SHADOW_INTERNAL_NAME(sh_find_vram_mappings_in_l1, 2), /* fl1_32 */ - NULL, /* l2_32 */ - SHADOW_INTERNAL_NAME(sh_find_vram_mappings_in_l1, 3), /* l1_pae */ - SHADOW_INTERNAL_NAME(sh_find_vram_mappings_in_l1, 3), /* fl1_pae */ - NULL, /* l2_pae */ - NULL, /* l2h_pae */ -#if CONFIG_PAGING_LEVELS >= 4 - SHADOW_INTERNAL_NAME(sh_find_vram_mappings_in_l1, 4), /* l1_64 */ - SHADOW_INTERNAL_NAME(sh_find_vram_mappings_in_l1, 4), /* fl1_64 */ -#else - NULL, /* l1_64 */ - NULL, /* fl1_64 */ -#endif - NULL, /* l2_64 */ - NULL, /* l2h_64 */ - NULL, /* l3_64 */ - NULL, /* l4_64 */ - NULL, /* p2m */ - NULL /* unused */ - }; - - static unsigned int callback_mask = - 1 << SH_type_l1_32_shadow - | 1 << SH_type_fl1_32_shadow - | 1 << SH_type_l1_pae_shadow - | 1 << SH_type_fl1_pae_shadow - | 1 << SH_type_l1_64_shadow - | 1 << SH_type_fl1_64_shadow - ; - - perfc_incr(shadow_mappings); - - hash_pfn_foreach(v, callback_mask, callbacks, - range->begin_pfn, - range->end_pfn); - -#if DEBUG_count_initial_mappings - gdprintk(XENLOG_DEBUG, "[%05lx:%05lx] count of initial mappings:%d\n", - range->begin_pfn, range->end_pfn, - range->nr_mappings); -#endif -} - - /**************************************************************************/ /* Shadow-control XEN_DOMCTL dispatcher */ diff -r 7927b79daa47 -r d81f9832a082 xen/arch/x86/mm/shadow/multi.c --- a/xen/arch/x86/mm/shadow/multi.c Thu Jan 17 13:53:14 2013 +0000 +++ b/xen/arch/x86/mm/shadow/multi.c Thu Jan 17 15:55:02 2013 +0000 @@ -35,7 +35,6 @@ #include #include #include -#include #include #include #include @@ -150,10 +149,6 @@ delete_fl1_shadow_status(struct vcpu *v, SHADOW_PRINTK("gfn=%"SH_PRI_gfn", type=%08x, smfn=%05lx\n", gfn_x(gfn), SH_type_fl1_shadow, mfn_x(smfn)); ASSERT(mfn_to_page(smfn)->u.sh.head); - - /* Removing any dv_paddr_links to the erstwhile shadow page */ - dirty_vram_delete_shadow(v, gfn_x(gfn), SH_type_fl1_shadow, smfn); - shadow_hash_delete(v, gfn_x(gfn), SH_type_fl1_shadow, smfn); } @@ -165,10 +160,6 @@ delete_shadow_status(struct vcpu *v, mfn v->domain->domain_id, v->vcpu_id, mfn_x(gmfn), shadow_type, mfn_x(smfn)); ASSERT(mfn_to_page(smfn)->u.sh.head); - - /* Removing any dv_paddr_links to the erstwhile shadow page */ - dirty_vram_delete_shadow(v, mfn_x(gmfn), shadow_type, smfn); - shadow_hash_delete(v, mfn_x(gmfn), shadow_type, smfn); /* 32-on-64 PV guests don't own their l4 pages; see set_shadow_status */ if ( !is_pv_32on64_vcpu(v) || shadow_type != SH_type_l4_64_shadow ) @@ -525,6 +516,7 @@ _sh_propagate(struct vcpu *v, guest_l1e_t guest_entry = { guest_intpte }; shadow_l1e_t *sp = shadow_entry_ptr; struct domain *d = v->domain; + struct sh_dirty_vram *dirty_vram = d->arch.hvm_domain.dirty_vram; gfn_t target_gfn = guest_l1e_get_gfn(guest_entry); u32 pass_thru_flags; u32 gflags, sflags; @@ -671,6 +663,17 @@ _sh_propagate(struct vcpu *v, } } + if ( unlikely((level == 1) && dirty_vram + && dirty_vram->last_dirty == -1 + && gfn_x(target_gfn) >= dirty_vram->begin_pfn + && gfn_x(target_gfn) < dirty_vram->end_pfn) ) + { + if ( ft & FETCH_TYPE_WRITE ) + dirty_vram->last_dirty = NOW(); + else + sflags &= ~_PAGE_RW; + } + /* Read-only memory */ if ( p2m_is_readonly(p2mt) || (p2mt == p2m_mmio_direct && @@ -1069,60 +1072,101 @@ static int shadow_set_l2e(struct vcpu *v return flags; } -/* shadow_vram_fix_l1e() - * - * Tests L1PTEs as they are modified, looking for when they start to (or - * cease to) point to frame buffer pages. If the old and new gfns differ, - * calls dirty_vram_range_update() to updates the dirty_vram structures. - */ -static inline void shadow_vram_fix_l1e(shadow_l1e_t old_sl1e, - shadow_l1e_t new_sl1e, +static inline void shadow_vram_get_l1e(shadow_l1e_t new_sl1e, shadow_l1e_t *sl1e, mfn_t sl1mfn, struct domain *d) { - mfn_t new_mfn, old_mfn; - unsigned long new_gfn = INVALID_M2P_ENTRY, old_gfn = INVALID_M2P_ENTRY; - paddr_t sl1ma; - dv_dirty_vram_t *dirty_vram = d->arch.hvm_domain.dirty_vram; - - if ( !dirty_vram ) + mfn_t mfn = shadow_l1e_get_mfn(new_sl1e); + int flags = shadow_l1e_get_flags(new_sl1e); + unsigned long gfn; + struct sh_dirty_vram *dirty_vram = d->arch.hvm_domain.dirty_vram; + + if ( !dirty_vram /* tracking disabled? */ + || !(flags & _PAGE_RW) /* read-only mapping? */ + || !mfn_valid(mfn) ) /* mfn can be invalid in mmio_direct */ return; - sl1ma = pfn_to_paddr(mfn_x(sl1mfn)) | ((unsigned long)sl1e & ~PAGE_MASK); - - old_mfn = shadow_l1e_get_mfn(old_sl1e); - - if ( !sh_l1e_is_magic(old_sl1e) && - (l1e_get_flags(old_sl1e) & _PAGE_PRESENT) && - mfn_valid(old_mfn)) + gfn = mfn_to_gfn(d, mfn); + /* Page sharing not supported on shadow PTs */ + BUG_ON(SHARED_M2P(gfn)); + + if ( (gfn >= dirty_vram->begin_pfn) && (gfn < dirty_vram->end_pfn) ) { - old_gfn = mfn_to_gfn(d, old_mfn); + unsigned long i = gfn - dirty_vram->begin_pfn; + struct page_info *page = mfn_to_page(mfn); + + if ( (page->u.inuse.type_info & PGT_count_mask) == 1 ) + /* Initial guest reference, record it */ + dirty_vram->sl1ma[i] = pfn_to_paddr(mfn_x(sl1mfn)) + | ((unsigned long)sl1e & ~PAGE_MASK); } - - new_mfn = shadow_l1e_get_mfn(new_sl1e); - if ( !sh_l1e_is_magic(new_sl1e) && - (l1e_get_flags(new_sl1e) & _PAGE_PRESENT) && - mfn_valid(new_mfn)) +} + +static inline void shadow_vram_put_l1e(shadow_l1e_t old_sl1e, + shadow_l1e_t *sl1e, + mfn_t sl1mfn, + struct domain *d) +{ + mfn_t mfn = shadow_l1e_get_mfn(old_sl1e); + int flags = shadow_l1e_get_flags(old_sl1e); + unsigned long gfn; + struct sh_dirty_vram *dirty_vram = d->arch.hvm_domain.dirty_vram; + + if ( !dirty_vram /* tracking disabled? */ + || !(flags & _PAGE_RW) /* read-only mapping? */ + || !mfn_valid(mfn) ) /* mfn can be invalid in mmio_direct */ + return; + + gfn = mfn_to_gfn(d, mfn); + /* Page sharing not supported on shadow PTs */ + BUG_ON(SHARED_M2P(gfn)); + + if ( (gfn >= dirty_vram->begin_pfn) && (gfn < dirty_vram->end_pfn) ) { - new_gfn = mfn_to_gfn(d, new_mfn); + unsigned long i = gfn - dirty_vram->begin_pfn; + struct page_info *page = mfn_to_page(mfn); + int dirty = 0; + paddr_t sl1ma = pfn_to_paddr(mfn_x(sl1mfn)) + | ((unsigned long)sl1e & ~PAGE_MASK); + + if ( (page->u.inuse.type_info & PGT_count_mask) == 1 ) + { + /* Last reference */ + if ( dirty_vram->sl1ma[i] == INVALID_PADDR ) { + /* We didn't know it was that one, let's say it is dirty */ + dirty = 1; + } + else + { + ASSERT(dirty_vram->sl1ma[i] == sl1ma); + dirty_vram->sl1ma[i] = INVALID_PADDR; + if ( flags & _PAGE_DIRTY ) + dirty = 1; + } + } + else + { + /* We had more than one reference, just consider the page dirty. */ + dirty = 1; + /* Check that it's not the one we recorded. */ + if ( dirty_vram->sl1ma[i] == sl1ma ) + { + /* Too bad, we remembered the wrong one... */ + dirty_vram->sl1ma[i] = INVALID_PADDR; + } + else + { + /* Ok, our recorded sl1e is still pointing to this page, let's + * just hope it will remain. */ + } + } + if ( dirty ) + { + dirty_vram->dirty_bitmap[i / 8] |= 1 << (i % 8); + dirty_vram->last_dirty = NOW(); + } } - - if ( old_gfn == new_gfn ) return; - - if ( VALID_M2P(old_gfn) ) - if ( dirty_vram_range_update(d, old_gfn, sl1ma, 0/*clear*/) ) - { - SHADOW_PRINTK("gfn %lx (mfn %lx) cleared vram pte\n", - old_gfn, mfn_x(old_mfn)); - } - - if ( VALID_M2P(new_gfn) ) - if ( dirty_vram_range_update(d, new_gfn, sl1ma, 1/*set*/) ) - { - SHADOW_PRINTK("gfn %lx (mfn %lx) set vram pte\n", - new_gfn, mfn_x(new_mfn)); - } } static int shadow_set_l1e(struct vcpu *v, @@ -1167,13 +1211,12 @@ static int shadow_set_l1e(struct vcpu *v shadow_l1e_remove_flags(new_sl1e, _PAGE_RW); /* fall through */ case 0: + shadow_vram_get_l1e(new_sl1e, sl1e, sl1mfn, d); break; } } } - shadow_vram_fix_l1e(old_sl1e, new_sl1e, sl1e, sl1mfn, d); - /* Write the new entry */ shadow_write_entries(sl1e, &new_sl1e, 1, sl1mfn); flags |= SHADOW_SET_CHANGED; @@ -1188,6 +1231,7 @@ static int shadow_set_l1e(struct vcpu *v * trigger a flush later. */ if ( shadow_mode_refcounts(d) ) { + shadow_vram_put_l1e(old_sl1e, sl1e, sl1mfn, d); shadow_put_page_from_l1e(old_sl1e, d); TRACE_SHADOW_PATH_FLAG(TRCE_SFLAG_SHADOW_L1_PUT_REF); } @@ -1974,6 +2018,7 @@ void sh_destroy_l1_shadow(struct vcpu *v SHADOW_FOREACH_L1E(sl1mfn, sl1e, 0, 0, { if ( (shadow_l1e_get_flags(*sl1e) & _PAGE_PRESENT) && !sh_l1e_is_magic(*sl1e) ) { + shadow_vram_put_l1e(*sl1e, sl1e, sl1mfn, d); shadow_put_page_from_l1e(*sl1e, d); } }); @@ -4291,37 +4336,6 @@ int sh_rm_mappings_from_l1(struct vcpu * return done; } - -int sh_find_vram_mappings_in_l1(struct vcpu *v, - mfn_t sl1mfn, - unsigned long begin_pfn, - unsigned long end_pfn, - int *removed) -/* Find all VRAM mappings in this shadow l1 table */ -{ - struct domain *d = v->domain; - shadow_l1e_t *sl1e; - int done = 0; - - /* only returns _PAGE_PRESENT entries */ - SHADOW_FOREACH_L1E(sl1mfn, sl1e, 0, done, - { - unsigned long gfn; - mfn_t gmfn = shadow_l1e_get_mfn(*sl1e); - if ( !mfn_valid(gmfn) ) - continue; - gfn = mfn_to_gfn(d, gmfn); - if ( VALID_M2P(gfn) && (begin_pfn <= gfn) && (gfn < end_pfn) ) - { - paddr_t sl1ma = - pfn_to_paddr(mfn_x(sl1mfn)) | - ( (unsigned long)sl1e & ~PAGE_MASK ); - dirty_vram_range_update(v->domain, gfn, sl1ma, 1/*set*/); - } - }); - return 0; -} - /**************************************************************************/ /* Functions to excise all pointers to shadows from higher-level shadows. */ diff -r 7927b79daa47 -r d81f9832a082 xen/arch/x86/mm/shadow/multi.h --- a/xen/arch/x86/mm/shadow/multi.h Thu Jan 17 13:53:14 2013 +0000 +++ b/xen/arch/x86/mm/shadow/multi.h Thu Jan 17 15:55:02 2013 +0000 @@ -66,12 +66,7 @@ SHADOW_INTERNAL_NAME(sh_rm_write_access_ extern int SHADOW_INTERNAL_NAME(sh_rm_mappings_from_l1, GUEST_LEVELS) (struct vcpu *v, mfn_t sl1mfn, mfn_t target_mfn); -extern int -SHADOW_INTERNAL_NAME(sh_find_vram_mappings_in_l1, GUEST_LEVELS) - (struct vcpu *v, mfn_t sl1mfn, - unsigned long begin_pfn, - unsigned long end_pfn, - int *removed); + extern void SHADOW_INTERNAL_NAME(sh_clear_shadow_entry, GUEST_LEVELS) (struct vcpu *v, void *ep, mfn_t smfn); diff -r 7927b79daa47 -r d81f9832a082 xen/arch/x86/mm/shadow/types.h --- a/xen/arch/x86/mm/shadow/types.h Thu Jan 17 13:53:14 2013 +0000 +++ b/xen/arch/x86/mm/shadow/types.h Thu Jan 17 15:55:02 2013 +0000 @@ -229,7 +229,6 @@ static inline shadow_l4e_t shadow_l4e_fr #define sh_update_cr3 INTERNAL_NAME(sh_update_cr3) #define sh_rm_write_access_from_l1 INTERNAL_NAME(sh_rm_write_access_from_l1) #define sh_rm_mappings_from_l1 INTERNAL_NAME(sh_rm_mappings_from_l1) -#define sh_find_vram_mappings_in_l1 INTERNAL_NAME(sh_find_vram_mappings_in_l1) #define sh_remove_l1_shadow INTERNAL_NAME(sh_remove_l1_shadow) #define sh_remove_l2_shadow INTERNAL_NAME(sh_remove_l2_shadow) #define sh_remove_l3_shadow INTERNAL_NAME(sh_remove_l3_shadow) diff -r 7927b79daa47 -r d81f9832a082 xen/include/asm-x86/hap.h --- a/xen/include/asm-x86/hap.h Thu Jan 17 13:53:14 2013 +0000 +++ b/xen/include/asm-x86/hap.h Thu Jan 17 15:55:02 2013 +0000 @@ -57,6 +57,10 @@ void hap_final_teardown(struct domain * void hap_teardown(struct domain *d); void hap_vcpu_init(struct vcpu *v); void hap_logdirty_init(struct domain *d); +int hap_track_dirty_vram(struct domain *d, + unsigned long begin_pfn, + unsigned long nr, + XEN_GUEST_HANDLE_64(uint8) dirty_bitmap); extern const struct paging_mode *hap_paging_get_mode(struct vcpu *); diff -r 7927b79daa47 -r d81f9832a082 xen/include/asm-x86/hvm/domain.h --- a/xen/include/asm-x86/hvm/domain.h Thu Jan 17 13:53:14 2013 +0000 +++ b/xen/include/asm-x86/hvm/domain.h Thu Jan 17 15:55:02 2013 +0000 @@ -74,7 +74,7 @@ struct hvm_domain { struct list_head pinned_cacheattr_ranges; /* VRAM dirty support. */ - struct dv_dirty_vram *dirty_vram; + struct sh_dirty_vram *dirty_vram; /* If one of vcpus of this domain is in no_fill_mode or * mtrr/pat between vcpus is not the same, set is_in_uc_mode diff -r 7927b79daa47 -r d81f9832a082 xen/include/asm-x86/paging.h --- a/xen/include/asm-x86/paging.h Thu Jan 17 13:53:14 2013 +0000 +++ b/xen/include/asm-x86/paging.h Thu Jan 17 15:55:02 2013 +0000 @@ -154,13 +154,9 @@ void paging_log_dirty_init(struct domain int (*disable_log_dirty)(struct domain *d), void (*clean_dirty_bitmap)(struct domain *d)); -/* mark a gmfn as dirty, a wrapper around marking a gpfn as dirty */ +/* mark a page as dirty */ void paging_mark_dirty(struct domain *d, unsigned long guest_mfn); -/* mark a gpfn as dirty */ -void paging_mark_dirty_gpfn(struct domain *d, unsigned long gpfn); - - /* is this guest page dirty? * This is called from inside paging code, with the paging lock held. */ int paging_mfn_is_dirty(struct domain *d, mfn_t gmfn); @@ -187,6 +183,15 @@ int paging_mfn_is_dirty(struct domain *d #define L4_LOGDIRTY_IDX(pfn) 0 #endif +/* VRAM dirty tracking support */ +struct sh_dirty_vram { + unsigned long begin_pfn; + unsigned long end_pfn; + paddr_t *sl1ma; + uint8_t *dirty_bitmap; + s_time_t last_dirty; +}; + /***************************************************************************** * Entry points into the paging-assistance code */ diff -r 7927b79daa47 -r d81f9832a082 xen/include/asm-x86/shadow.h --- a/xen/include/asm-x86/shadow.h Thu Jan 17 13:53:14 2013 +0000 +++ b/xen/include/asm-x86/shadow.h Thu Jan 17 15:55:02 2013 +0000 @@ -62,6 +62,12 @@ void shadow_vcpu_init(struct vcpu *v); /* Enable an arbitrary shadow mode. Call once at domain creation. */ int shadow_enable(struct domain *d, u32 mode); +/* Enable VRAM dirty bit tracking. */ +int shadow_track_dirty_vram(struct domain *d, + unsigned long first_pfn, + unsigned long nr, + XEN_GUEST_HANDLE_64(uint8) dirty_bitmap); + /* Handler for shadow control ops: operations from user-space to enable * and disable ephemeral shadow modes (test mode and log-dirty mode) and * manipulate the log-dirty bitmap. */ _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 10:33:58 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 10:33:58 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9Go-0000bW-GD; Fri, 18 Jan 2013 10:33:58 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9Gn-0000ad-3B for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:57 +0000 Received: from [193.109.254.147:61267] by server-14.bemta-14.messagelabs.com id 03/A3-10022-41529F05; Fri, 18 Jan 2013 10:33:56 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-7.tower-27.messagelabs.com!1358505189!1011776!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 30434 invoked from network); 18 Jan 2013 10:33:10 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-7.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 10:33:10 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9G0-0002n3-Sc for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:08 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tw9G0-0003og-OW for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:08 +0000 Message-Id: Date: Fri, 18 Jan 2013 10:33:08 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] miscellaneous cleanup X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1358416594 -3600 # Node ID 431bc26eda5b4d5d5a22807750f7b328e6197e71 # Parent d9c7b82aa7b11fac96d8cbafbd9c9ab6de4a11a9 miscellaneous cleanup ... noticed while putting together the 16Tb support patches for x86. Briefly, this (in order of the changes below) - fixes an inefficiency in x86's context switch code (translations to/ from struct page are more involved than to/from MFNs) - drop unnecessary MFM-to-page conversions - drop a redundant call to destroy_xen_mappings() (an indentical call is being made a few lines up) - simplify a VA-to-MFN translation - drop dead code (several occurrences) - add a missing __init annotation Signed-off-by: Jan Beulich Acked-by: Keir Fraser --- diff -r d9c7b82aa7b1 -r 431bc26eda5b xen/arch/x86/domain.c --- a/xen/arch/x86/domain.c Thu Jan 17 10:55:00 2013 +0100 +++ b/xen/arch/x86/domain.c Thu Jan 17 10:56:34 2013 +0100 @@ -1512,12 +1512,12 @@ static void __context_switch(void) per_cpu(compat_gdt_table, cpu); if ( need_full_gdt(n) ) { - struct page_info *page = virt_to_page(gdt); + unsigned long mfn = virt_to_mfn(gdt); unsigned int i; for ( i = 0; i < NR_RESERVED_GDT_PAGES; i++ ) l1e_write(n->arch.perdomain_ptes + FIRST_RESERVED_GDT_PAGE + i, - l1e_from_page(page + i, __PAGE_HYPERVISOR)); + l1e_from_pfn(mfn + i, __PAGE_HYPERVISOR)); } if ( need_full_gdt(p) && diff -r d9c7b82aa7b1 -r 431bc26eda5b xen/arch/x86/x86_64/mm.c --- a/xen/arch/x86/x86_64/mm.c Thu Jan 17 10:55:00 2013 +0100 +++ b/xen/arch/x86/x86_64/mm.c Thu Jan 17 10:56:34 2013 +0100 @@ -422,11 +422,10 @@ void destroy_m2p_mapping(struct mem_hota */ static int setup_compat_m2p_table(struct mem_hotadd_info *info) { - unsigned long i, va, smap, emap, rwva, epfn = info->epfn; + unsigned long i, va, smap, emap, rwva, epfn = info->epfn, mfn; unsigned int n; l3_pgentry_t *l3_ro_mpt = NULL; l2_pgentry_t *l2_ro_mpt = NULL; - struct page_info *l1_pg; int err = 0; smap = info->spfn & (~((1UL << (L2_PAGETABLE_SHIFT - 2)) -1)); @@ -475,16 +474,16 @@ static int setup_compat_m2p_table(struct if ( n == CNT ) continue; - l1_pg = mfn_to_page(alloc_hotadd_mfn(info)); - err = map_pages_to_xen(rwva, page_to_mfn(l1_pg), - 1UL << PAGETABLE_ORDER, + mfn = alloc_hotadd_mfn(info); + err = map_pages_to_xen(rwva, mfn, 1UL << PAGETABLE_ORDER, PAGE_HYPERVISOR); if ( err ) break; /* Fill with INVALID_M2P_ENTRY. */ memset((void *)rwva, 0xFF, 1UL << L2_PAGETABLE_SHIFT); /* NB. Cannot be GLOBAL as the ptes get copied into per-VM space. */ - l2e_write(&l2_ro_mpt[l2_table_offset(va)], l2e_from_page(l1_pg, _PAGE_PSE|_PAGE_PRESENT)); + l2e_write(&l2_ro_mpt[l2_table_offset(va)], + l2e_from_pfn(mfn, _PAGE_PSE|_PAGE_PRESENT)); } #undef CNT #undef MFN @@ -501,7 +500,7 @@ static int setup_m2p_table(struct mem_ho unsigned int n, memflags; l2_pgentry_t *l2_ro_mpt = NULL; l3_pgentry_t *l3_ro_mpt = NULL; - struct page_info *l1_pg, *l2_pg; + struct page_info *l2_pg; int ret = 0; ASSERT(l4e_get_flags(idle_pg_table[l4_table_offset(RO_MPT_VIRT_START)]) @@ -544,15 +543,13 @@ static int setup_m2p_table(struct mem_ho for ( n = 0; n < CNT; ++n) if ( mfn_valid(i + n * PDX_GROUP_COUNT) ) break; - if ( n == CNT ) - l1_pg = NULL; - else + if ( n < CNT ) { - l1_pg = mfn_to_page(alloc_hotadd_mfn(info)); + unsigned long mfn = alloc_hotadd_mfn(info); + ret = map_pages_to_xen( RDWR_MPT_VIRT_START + i * sizeof(unsigned long), - page_to_mfn(l1_pg), - 1UL << PAGETABLE_ORDER, + mfn, 1UL << PAGETABLE_ORDER, PAGE_HYPERVISOR); if ( ret ) goto error; @@ -584,7 +581,7 @@ static int setup_m2p_table(struct mem_ho } /* NB. Cannot be GLOBAL as shadow_mode_translate reuses this area. */ - l2e_write(l2_ro_mpt, l2e_from_page(l1_pg, + l2e_write(l2_ro_mpt, l2e_from_pfn(mfn, /*_PAGE_GLOBAL|*/_PAGE_PSE|_PAGE_USER|_PAGE_PRESENT)); } if ( !((unsigned long)l2_ro_mpt & ~PAGE_MASK) ) @@ -1548,8 +1545,6 @@ destroy_frametable: NODE_DATA(node)->node_start_pfn = old_node_start; NODE_DATA(node)->node_spanned_pages = old_node_span; - destroy_xen_mappings((unsigned long)mfn_to_virt(spfn), - (unsigned long)mfn_to_virt(epfn)); return ret; } diff -r d9c7b82aa7b1 -r 431bc26eda5b xen/common/domctl.c --- a/xen/common/domctl.c Thu Jan 17 10:55:00 2013 +0100 +++ b/xen/common/domctl.c Thu Jan 17 10:56:34 2013 +0100 @@ -156,7 +156,7 @@ void getdomaininfo(struct domain *d, str info->max_pages = d->max_pages; info->shr_pages = atomic_read(&d->shr_pages); info->paged_pages = atomic_read(&d->paged_pages); - info->shared_info_frame = mfn_to_gmfn(d, __pa(d->shared_info)>>PAGE_SHIFT); + info->shared_info_frame = mfn_to_gmfn(d, virt_to_mfn(d->shared_info)); BUG_ON(SHARED_M2P(info->shared_info_frame)); info->cpupool = d->cpupool ? d->cpupool->cpupool_id : CPUPOOLID_NONE; diff -r d9c7b82aa7b1 -r 431bc26eda5b xen/include/asm-arm/mm.h --- a/xen/include/asm-arm/mm.h Thu Jan 17 10:55:00 2013 +0100 +++ b/xen/include/asm-arm/mm.h Thu Jan 17 10:56:34 2013 +0100 @@ -121,7 +121,6 @@ extern unsigned long xenheap_virt_end; #define page_set_owner(_p,_d) ((_p)->v.inuse.domain = (_d)) #define maddr_get_owner(ma) (page_get_owner(maddr_to_page((ma)))) -#define vaddr_get_owner(va) (page_get_owner(virt_to_page((va)))) #define XENSHARE_writable 0 #define XENSHARE_readonly 1 diff -r d9c7b82aa7b1 -r 431bc26eda5b xen/include/asm-x86/config.h --- a/xen/include/asm-x86/config.h Thu Jan 17 10:55:00 2013 +0100 +++ b/xen/include/asm-x86/config.h Thu Jan 17 10:56:34 2013 +0100 @@ -275,12 +275,8 @@ extern unsigned long xen_phys_start; /* GDT/LDT shadow mapping area. The first per-domain-mapping sub-area. */ #define GDT_LDT_VCPU_SHIFT 5 #define GDT_LDT_VCPU_VA_SHIFT (GDT_LDT_VCPU_SHIFT + PAGE_SHIFT) -#ifdef MAX_VIRT_CPUS -#define GDT_LDT_MBYTES (MAX_VIRT_CPUS >> (20-GDT_LDT_VCPU_VA_SHIFT)) -#else #define GDT_LDT_MBYTES PERDOMAIN_MBYTES #define MAX_VIRT_CPUS (GDT_LDT_MBYTES << (20-GDT_LDT_VCPU_VA_SHIFT)) -#endif #define GDT_LDT_VIRT_START PERDOMAIN_VIRT_START #define GDT_LDT_VIRT_END (GDT_LDT_VIRT_START + (GDT_LDT_MBYTES << 20)) diff -r d9c7b82aa7b1 -r 431bc26eda5b xen/include/asm-x86/mm.h --- a/xen/include/asm-x86/mm.h Thu Jan 17 10:55:00 2013 +0100 +++ b/xen/include/asm-x86/mm.h Thu Jan 17 10:56:34 2013 +0100 @@ -265,7 +265,6 @@ struct spage_info ((_p)->v.inuse._domain = (_d) ? virt_to_pdx(_d) : 0) #define maddr_get_owner(ma) (page_get_owner(maddr_to_page((ma)))) -#define vaddr_get_owner(va) (page_get_owner(virt_to_page((va)))) #define XENSHARE_writable 0 #define XENSHARE_readonly 1 diff -r d9c7b82aa7b1 -r 431bc26eda5b xen/include/asm-x86/page.h --- a/xen/include/asm-x86/page.h Thu Jan 17 10:55:00 2013 +0100 +++ b/xen/include/asm-x86/page.h Thu Jan 17 10:56:34 2013 +0100 @@ -261,18 +261,6 @@ void copy_page_sse2(void *, const void * #endif /* !defined(__ASSEMBLY__) */ -/* High table entries are reserved by the hypervisor. */ -#define DOMAIN_ENTRIES_PER_L2_PAGETABLE 0 -#define HYPERVISOR_ENTRIES_PER_L2_PAGETABLE 0 - -#define DOMAIN_ENTRIES_PER_L4_PAGETABLE \ - (l4_table_offset(HYPERVISOR_VIRT_START)) -#define GUEST_ENTRIES_PER_L4_PAGETABLE \ - (l4_table_offset(HYPERVISOR_VIRT_END)) -#define HYPERVISOR_ENTRIES_PER_L4_PAGETABLE \ - (L4_PAGETABLE_ENTRIES - GUEST_ENTRIES_PER_L4_PAGETABLE \ - + DOMAIN_ENTRIES_PER_L4_PAGETABLE) - /* Where to find each level of the linear mapping */ #define __linear_l1_table ((l1_pgentry_t *)(LINEAR_PT_VIRT_START)) #define __linear_l2_table \ diff -r d9c7b82aa7b1 -r 431bc26eda5b xen/xsm/xsm_policy.c --- a/xen/xsm/xsm_policy.c Thu Jan 17 10:55:00 2013 +0100 +++ b/xen/xsm/xsm_policy.c Thu Jan 17 10:56:34 2013 +0100 @@ -25,8 +25,9 @@ char *__initdata policy_buffer = NULL; u32 __initdata policy_size = 0; -int xsm_policy_init(unsigned long *module_map, const multiboot_info_t *mbi, - void *(*bootstrap_map)(const module_t *)) +int __init xsm_policy_init(unsigned long *module_map, + const multiboot_info_t *mbi, + void *(*bootstrap_map)(const module_t *)) { int i; module_t *mod = (module_t *)__va(mbi->mods_addr); _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 10:33:58 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 10:33:58 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9Go-0000bW-GD; Fri, 18 Jan 2013 10:33:58 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9Gn-0000ad-3B for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:57 +0000 Received: from [193.109.254.147:61267] by server-14.bemta-14.messagelabs.com id 03/A3-10022-41529F05; Fri, 18 Jan 2013 10:33:56 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-7.tower-27.messagelabs.com!1358505189!1011776!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 30434 invoked from network); 18 Jan 2013 10:33:10 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-7.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 10:33:10 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9G0-0002n3-Sc for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:08 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tw9G0-0003og-OW for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:08 +0000 Message-Id: Date: Fri, 18 Jan 2013 10:33:08 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] miscellaneous cleanup X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1358416594 -3600 # Node ID 431bc26eda5b4d5d5a22807750f7b328e6197e71 # Parent d9c7b82aa7b11fac96d8cbafbd9c9ab6de4a11a9 miscellaneous cleanup ... noticed while putting together the 16Tb support patches for x86. Briefly, this (in order of the changes below) - fixes an inefficiency in x86's context switch code (translations to/ from struct page are more involved than to/from MFNs) - drop unnecessary MFM-to-page conversions - drop a redundant call to destroy_xen_mappings() (an indentical call is being made a few lines up) - simplify a VA-to-MFN translation - drop dead code (several occurrences) - add a missing __init annotation Signed-off-by: Jan Beulich Acked-by: Keir Fraser --- diff -r d9c7b82aa7b1 -r 431bc26eda5b xen/arch/x86/domain.c --- a/xen/arch/x86/domain.c Thu Jan 17 10:55:00 2013 +0100 +++ b/xen/arch/x86/domain.c Thu Jan 17 10:56:34 2013 +0100 @@ -1512,12 +1512,12 @@ static void __context_switch(void) per_cpu(compat_gdt_table, cpu); if ( need_full_gdt(n) ) { - struct page_info *page = virt_to_page(gdt); + unsigned long mfn = virt_to_mfn(gdt); unsigned int i; for ( i = 0; i < NR_RESERVED_GDT_PAGES; i++ ) l1e_write(n->arch.perdomain_ptes + FIRST_RESERVED_GDT_PAGE + i, - l1e_from_page(page + i, __PAGE_HYPERVISOR)); + l1e_from_pfn(mfn + i, __PAGE_HYPERVISOR)); } if ( need_full_gdt(p) && diff -r d9c7b82aa7b1 -r 431bc26eda5b xen/arch/x86/x86_64/mm.c --- a/xen/arch/x86/x86_64/mm.c Thu Jan 17 10:55:00 2013 +0100 +++ b/xen/arch/x86/x86_64/mm.c Thu Jan 17 10:56:34 2013 +0100 @@ -422,11 +422,10 @@ void destroy_m2p_mapping(struct mem_hota */ static int setup_compat_m2p_table(struct mem_hotadd_info *info) { - unsigned long i, va, smap, emap, rwva, epfn = info->epfn; + unsigned long i, va, smap, emap, rwva, epfn = info->epfn, mfn; unsigned int n; l3_pgentry_t *l3_ro_mpt = NULL; l2_pgentry_t *l2_ro_mpt = NULL; - struct page_info *l1_pg; int err = 0; smap = info->spfn & (~((1UL << (L2_PAGETABLE_SHIFT - 2)) -1)); @@ -475,16 +474,16 @@ static int setup_compat_m2p_table(struct if ( n == CNT ) continue; - l1_pg = mfn_to_page(alloc_hotadd_mfn(info)); - err = map_pages_to_xen(rwva, page_to_mfn(l1_pg), - 1UL << PAGETABLE_ORDER, + mfn = alloc_hotadd_mfn(info); + err = map_pages_to_xen(rwva, mfn, 1UL << PAGETABLE_ORDER, PAGE_HYPERVISOR); if ( err ) break; /* Fill with INVALID_M2P_ENTRY. */ memset((void *)rwva, 0xFF, 1UL << L2_PAGETABLE_SHIFT); /* NB. Cannot be GLOBAL as the ptes get copied into per-VM space. */ - l2e_write(&l2_ro_mpt[l2_table_offset(va)], l2e_from_page(l1_pg, _PAGE_PSE|_PAGE_PRESENT)); + l2e_write(&l2_ro_mpt[l2_table_offset(va)], + l2e_from_pfn(mfn, _PAGE_PSE|_PAGE_PRESENT)); } #undef CNT #undef MFN @@ -501,7 +500,7 @@ static int setup_m2p_table(struct mem_ho unsigned int n, memflags; l2_pgentry_t *l2_ro_mpt = NULL; l3_pgentry_t *l3_ro_mpt = NULL; - struct page_info *l1_pg, *l2_pg; + struct page_info *l2_pg; int ret = 0; ASSERT(l4e_get_flags(idle_pg_table[l4_table_offset(RO_MPT_VIRT_START)]) @@ -544,15 +543,13 @@ static int setup_m2p_table(struct mem_ho for ( n = 0; n < CNT; ++n) if ( mfn_valid(i + n * PDX_GROUP_COUNT) ) break; - if ( n == CNT ) - l1_pg = NULL; - else + if ( n < CNT ) { - l1_pg = mfn_to_page(alloc_hotadd_mfn(info)); + unsigned long mfn = alloc_hotadd_mfn(info); + ret = map_pages_to_xen( RDWR_MPT_VIRT_START + i * sizeof(unsigned long), - page_to_mfn(l1_pg), - 1UL << PAGETABLE_ORDER, + mfn, 1UL << PAGETABLE_ORDER, PAGE_HYPERVISOR); if ( ret ) goto error; @@ -584,7 +581,7 @@ static int setup_m2p_table(struct mem_ho } /* NB. Cannot be GLOBAL as shadow_mode_translate reuses this area. */ - l2e_write(l2_ro_mpt, l2e_from_page(l1_pg, + l2e_write(l2_ro_mpt, l2e_from_pfn(mfn, /*_PAGE_GLOBAL|*/_PAGE_PSE|_PAGE_USER|_PAGE_PRESENT)); } if ( !((unsigned long)l2_ro_mpt & ~PAGE_MASK) ) @@ -1548,8 +1545,6 @@ destroy_frametable: NODE_DATA(node)->node_start_pfn = old_node_start; NODE_DATA(node)->node_spanned_pages = old_node_span; - destroy_xen_mappings((unsigned long)mfn_to_virt(spfn), - (unsigned long)mfn_to_virt(epfn)); return ret; } diff -r d9c7b82aa7b1 -r 431bc26eda5b xen/common/domctl.c --- a/xen/common/domctl.c Thu Jan 17 10:55:00 2013 +0100 +++ b/xen/common/domctl.c Thu Jan 17 10:56:34 2013 +0100 @@ -156,7 +156,7 @@ void getdomaininfo(struct domain *d, str info->max_pages = d->max_pages; info->shr_pages = atomic_read(&d->shr_pages); info->paged_pages = atomic_read(&d->paged_pages); - info->shared_info_frame = mfn_to_gmfn(d, __pa(d->shared_info)>>PAGE_SHIFT); + info->shared_info_frame = mfn_to_gmfn(d, virt_to_mfn(d->shared_info)); BUG_ON(SHARED_M2P(info->shared_info_frame)); info->cpupool = d->cpupool ? d->cpupool->cpupool_id : CPUPOOLID_NONE; diff -r d9c7b82aa7b1 -r 431bc26eda5b xen/include/asm-arm/mm.h --- a/xen/include/asm-arm/mm.h Thu Jan 17 10:55:00 2013 +0100 +++ b/xen/include/asm-arm/mm.h Thu Jan 17 10:56:34 2013 +0100 @@ -121,7 +121,6 @@ extern unsigned long xenheap_virt_end; #define page_set_owner(_p,_d) ((_p)->v.inuse.domain = (_d)) #define maddr_get_owner(ma) (page_get_owner(maddr_to_page((ma)))) -#define vaddr_get_owner(va) (page_get_owner(virt_to_page((va)))) #define XENSHARE_writable 0 #define XENSHARE_readonly 1 diff -r d9c7b82aa7b1 -r 431bc26eda5b xen/include/asm-x86/config.h --- a/xen/include/asm-x86/config.h Thu Jan 17 10:55:00 2013 +0100 +++ b/xen/include/asm-x86/config.h Thu Jan 17 10:56:34 2013 +0100 @@ -275,12 +275,8 @@ extern unsigned long xen_phys_start; /* GDT/LDT shadow mapping area. The first per-domain-mapping sub-area. */ #define GDT_LDT_VCPU_SHIFT 5 #define GDT_LDT_VCPU_VA_SHIFT (GDT_LDT_VCPU_SHIFT + PAGE_SHIFT) -#ifdef MAX_VIRT_CPUS -#define GDT_LDT_MBYTES (MAX_VIRT_CPUS >> (20-GDT_LDT_VCPU_VA_SHIFT)) -#else #define GDT_LDT_MBYTES PERDOMAIN_MBYTES #define MAX_VIRT_CPUS (GDT_LDT_MBYTES << (20-GDT_LDT_VCPU_VA_SHIFT)) -#endif #define GDT_LDT_VIRT_START PERDOMAIN_VIRT_START #define GDT_LDT_VIRT_END (GDT_LDT_VIRT_START + (GDT_LDT_MBYTES << 20)) diff -r d9c7b82aa7b1 -r 431bc26eda5b xen/include/asm-x86/mm.h --- a/xen/include/asm-x86/mm.h Thu Jan 17 10:55:00 2013 +0100 +++ b/xen/include/asm-x86/mm.h Thu Jan 17 10:56:34 2013 +0100 @@ -265,7 +265,6 @@ struct spage_info ((_p)->v.inuse._domain = (_d) ? virt_to_pdx(_d) : 0) #define maddr_get_owner(ma) (page_get_owner(maddr_to_page((ma)))) -#define vaddr_get_owner(va) (page_get_owner(virt_to_page((va)))) #define XENSHARE_writable 0 #define XENSHARE_readonly 1 diff -r d9c7b82aa7b1 -r 431bc26eda5b xen/include/asm-x86/page.h --- a/xen/include/asm-x86/page.h Thu Jan 17 10:55:00 2013 +0100 +++ b/xen/include/asm-x86/page.h Thu Jan 17 10:56:34 2013 +0100 @@ -261,18 +261,6 @@ void copy_page_sse2(void *, const void * #endif /* !defined(__ASSEMBLY__) */ -/* High table entries are reserved by the hypervisor. */ -#define DOMAIN_ENTRIES_PER_L2_PAGETABLE 0 -#define HYPERVISOR_ENTRIES_PER_L2_PAGETABLE 0 - -#define DOMAIN_ENTRIES_PER_L4_PAGETABLE \ - (l4_table_offset(HYPERVISOR_VIRT_START)) -#define GUEST_ENTRIES_PER_L4_PAGETABLE \ - (l4_table_offset(HYPERVISOR_VIRT_END)) -#define HYPERVISOR_ENTRIES_PER_L4_PAGETABLE \ - (L4_PAGETABLE_ENTRIES - GUEST_ENTRIES_PER_L4_PAGETABLE \ - + DOMAIN_ENTRIES_PER_L4_PAGETABLE) - /* Where to find each level of the linear mapping */ #define __linear_l1_table ((l1_pgentry_t *)(LINEAR_PT_VIRT_START)) #define __linear_l2_table \ diff -r d9c7b82aa7b1 -r 431bc26eda5b xen/xsm/xsm_policy.c --- a/xen/xsm/xsm_policy.c Thu Jan 17 10:55:00 2013 +0100 +++ b/xen/xsm/xsm_policy.c Thu Jan 17 10:56:34 2013 +0100 @@ -25,8 +25,9 @@ char *__initdata policy_buffer = NULL; u32 __initdata policy_size = 0; -int xsm_policy_init(unsigned long *module_map, const multiboot_info_t *mbi, - void *(*bootstrap_map)(const module_t *)) +int __init xsm_policy_init(unsigned long *module_map, + const multiboot_info_t *mbi, + void *(*bootstrap_map)(const module_t *)) { int i; module_t *mod = (module_t *)__va(mbi->mods_addr); _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 10:34:03 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 10:34:03 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9Gs-0000dF-NN; Fri, 18 Jan 2013 10:34:02 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9Gr-0000cs-CK for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:34:01 +0000 Received: from [85.158.143.35:20423] by server-2.bemta-4.messagelabs.com id 30/21-24322-81529F05; Fri, 18 Jan 2013 10:34:00 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-9.tower-21.messagelabs.com!1358505191!4943926!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 23539 invoked from network); 18 Jan 2013 10:33:13 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-9.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 10:33:13 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9G2-0002nF-VK for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tw9G2-0003pe-Ti for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:10 +0000 Message-Id: Date: Fri, 18 Jan 2013 10:33:10 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] Config.mk: delete accidentally introduced drivel X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Jackson # Date 1358425345 0 # Node ID 5ab6a6354684a985ea6e572c524a23027eae3649 # Parent 748fe2a001daffd28461b436a8e1b8728567875e Config.mk: delete accidentally introduced drivel --- diff -r 748fe2a001da -r 5ab6a6354684 Config.mk --- a/Config.mk Thu Jan 17 12:10:21 2013 +0000 +++ b/Config.mk Thu Jan 17 12:22:25 2013 +0000 @@ -1,9 +1,3 @@ -pulling from ssh://xenbits.xen.org//home/xen/HG/staging/xen-unstable.hg -searching for changes -no changes found -pulling from ssh://xenbits.xen.org//home/xen/HG/staging/xen-unstable.hg -searching for changes -no changes found # -*- mode: Makefile; -*- ifeq ($(filter /%,$(XEN_ROOT)),) _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 10:34:03 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 10:34:03 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9Gs-0000dF-NN; Fri, 18 Jan 2013 10:34:02 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9Gr-0000cs-CK for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:34:01 +0000 Received: from [85.158.143.35:20423] by server-2.bemta-4.messagelabs.com id 30/21-24322-81529F05; Fri, 18 Jan 2013 10:34:00 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-9.tower-21.messagelabs.com!1358505191!4943926!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 23539 invoked from network); 18 Jan 2013 10:33:13 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-9.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 10:33:13 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9G2-0002nF-VK for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tw9G2-0003pe-Ti for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:10 +0000 Message-Id: Date: Fri, 18 Jan 2013 10:33:10 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] Config.mk: delete accidentally introduced drivel X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Jackson # Date 1358425345 0 # Node ID 5ab6a6354684a985ea6e572c524a23027eae3649 # Parent 748fe2a001daffd28461b436a8e1b8728567875e Config.mk: delete accidentally introduced drivel --- diff -r 748fe2a001da -r 5ab6a6354684 Config.mk --- a/Config.mk Thu Jan 17 12:10:21 2013 +0000 +++ b/Config.mk Thu Jan 17 12:22:25 2013 +0000 @@ -1,9 +1,3 @@ -pulling from ssh://xenbits.xen.org//home/xen/HG/staging/xen-unstable.hg -searching for changes -no changes found -pulling from ssh://xenbits.xen.org//home/xen/HG/staging/xen-unstable.hg -searching for changes -no changes found # -*- mode: Makefile; -*- ifeq ($(filter /%,$(XEN_ROOT)),) _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 10:35:27 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 10:35:27 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9IE-0000sH-TH; Fri, 18 Jan 2013 10:35:26 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9ID-0000sC-KM for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:35:26 +0000 Received: from [85.158.139.211:27413] by server-7.bemta-5.messagelabs.com id 77/37-12612-C6529F05; Fri, 18 Jan 2013 10:35:24 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-3.tower-206.messagelabs.com!1358505307!18655351!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests=UPPERCASE_25_50 X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 19696 invoked from network); 18 Jan 2013 10:35:09 -0000 Received: from unknown (HELO mail.xen.org) (50.57.168.107) by server-3.tower-206.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 10:35:09 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9G0-0002n0-Kj for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:08 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tw9G0-0003oP-3x for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:08 +0000 Message-Id: Date: Fri, 18 Jan 2013 10:33:07 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] x86/EFI: retrieve PCI ROM contents not accessible through BARs X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1358416500 -3600 # Node ID d9c7b82aa7b11fac96d8cbafbd9c9ab6de4a11a9 # Parent b6195e277da52129d5d79f29ccac0e7290643e37 x86/EFI: retrieve PCI ROM contents not accessible through BARs Linux 3.8-rc added code to do this, so we need to support this in the hypervisor for Dom0 to be able to get at the same information as a native kernel. Signed-off-by: Jan Beulich Acked-by: Keir Fraser --- diff -r b6195e277da5 -r d9c7b82aa7b1 xen/arch/x86/efi/boot.c --- a/xen/arch/x86/efi/boot.c Wed Jan 16 14:15:44 2013 +0000 +++ b/xen/arch/x86/efi/boot.c Thu Jan 17 10:55:00 2013 +0100 @@ -1,5 +1,6 @@ #include "efi.h" #include +#include #include #include #include @@ -8,6 +9,7 @@ #include #include #include +#include #include #if EFI_PAGE_SIZE != PAGE_SIZE # error Cannot use xen/pfn.h here! @@ -570,6 +572,92 @@ static void __init edd_put_string(u8 *ds } #define edd_put_string(d, s) edd_put_string(d, ARRAY_SIZE(d), s) +static void __init setup_efi_pci(void) +{ + EFI_STATUS status; + EFI_HANDLE *handles; + static EFI_GUID __initdata pci_guid = EFI_PCI_IO_PROTOCOL; + UINTN i, nr_pci, size = 0; + struct efi_pci_rom *last = NULL; + + status = efi_bs->LocateHandle(ByProtocol, &pci_guid, NULL, &size, NULL); + if ( status == EFI_BUFFER_TOO_SMALL ) + status = efi_bs->AllocatePool(EfiLoaderData, size, (void **)&handles); + if ( !EFI_ERROR(status) ) + status = efi_bs->LocateHandle(ByProtocol, &pci_guid, NULL, &size, + handles); + if ( EFI_ERROR(status) ) + size = 0; + + nr_pci = size / sizeof(*handles); + for ( i = 0; i < nr_pci; ++i ) + { + EFI_PCI_IO *pci = NULL; + u64 attributes; + struct efi_pci_rom *rom, *va; + UINTN segment, bus, device, function; + + status = efi_bs->HandleProtocol(handles[i], &pci_guid, (void **)&pci); + if ( EFI_ERROR(status) || !pci || !pci->RomImage || !pci->RomSize ) + continue; + + status = pci->Attributes(pci, EfiPciIoAttributeOperationGet, 0, + &attributes); + if ( EFI_ERROR(status) || + !(attributes & EFI_PCI_IO_ATTRIBUTE_EMBEDDED_ROM) || + EFI_ERROR(pci->GetLocation(pci, &segment, &bus, &device, + &function)) ) + continue; + + DisplayUint(segment, 4); + PrintStr(L":"); + DisplayUint(bus, 2); + PrintStr(L":"); + DisplayUint(device, 2); + PrintStr(L"."); + DisplayUint(function, 1); + PrintStr(L": ROM: "); + DisplayUint(pci->RomSize, 0); + PrintStr(L" bytes at "); + DisplayUint((UINTN)pci->RomImage, 0); + PrintStr(newline); + + size = pci->RomSize + sizeof(*rom); + status = efi_bs->AllocatePool(EfiRuntimeServicesData, size, + (void **)&rom); + if ( EFI_ERROR(status) ) + continue; + + rom->next = NULL; + rom->size = pci->RomSize; + + status = pci->Pci.Read(pci, EfiPciIoWidthUint16, PCI_VENDOR_ID, 1, + &rom->vendor); + if ( !EFI_ERROR(status) ) + status = pci->Pci.Read(pci, EfiPciIoWidthUint16, PCI_DEVICE_ID, 1, + &rom->devid); + if ( EFI_ERROR(status) ) + { + efi_bs->FreePool(rom); + continue; + } + + rom->segment = segment; + rom->bus = bus; + rom->devfn = (device << 3) | function; + memcpy(rom->data, pci->RomImage, pci->RomSize); + + va = (void *)rom + DIRECTMAP_VIRT_START; + if ( last ) + last->next = va; + else + efi_pci_roms = va; + last = rom; + } + + efi_bs->FreePool(handles); +} + static int __init set_color(u32 mask, int bpp, u8 *pos, u8 *sz) { if ( bpp < 0 ) @@ -1140,6 +1228,9 @@ efi_start(EFI_HANDLE ImageHandle, EFI_SY if (efi.smbios != EFI_INVALID_TABLE_ADDR) dmi_efi_get_table((void *)(long)efi.smbios); + /* Collect PCI ROM contents. */ + setup_efi_pci(); + /* Allocate space for trampoline (in first Mb). */ cfg.addr = 0x100000; cfg.size = trampoline_end - trampoline_start; diff -r b6195e277da5 -r d9c7b82aa7b1 xen/arch/x86/efi/efi.h --- a/xen/arch/x86/efi/efi.h Wed Jan 16 14:15:44 2013 +0000 +++ b/xen/arch/x86/efi/efi.h Thu Jan 17 10:55:00 2013 +0100 @@ -9,6 +9,14 @@ #include #include +struct efi_pci_rom { + const struct efi_pci_rom *next; + u16 vendor, devid, segment; + u8 bus, devfn; + unsigned long size; + unsigned char data[]; +}; + extern unsigned int efi_num_ct; extern EFI_CONFIGURATION_TABLE *efi_ct; @@ -22,5 +30,7 @@ extern void *efi_memmap; extern l4_pgentry_t *efi_l4_pgtable; +extern const struct efi_pci_rom *efi_pci_roms; + unsigned long efi_rs_enter(void); void efi_rs_leave(unsigned long); diff -r b6195e277da5 -r d9c7b82aa7b1 xen/arch/x86/efi/runtime.c --- a/xen/arch/x86/efi/runtime.c Wed Jan 16 14:15:44 2013 +0000 +++ b/xen/arch/x86/efi/runtime.c Thu Jan 17 10:55:00 2013 +0100 @@ -37,6 +37,8 @@ struct efi __read_mostly efi = { l4_pgentry_t *__read_mostly efi_l4_pgtable; +const struct efi_pci_rom *__read_mostly efi_pci_roms; + unsigned long efi_rs_enter(void) { unsigned long cr3 = read_cr3(); @@ -177,6 +179,29 @@ int efi_get_info(uint32_t idx, union xen } } return -ESRCH; + case XEN_FW_EFI_PCI_ROM: { + const struct efi_pci_rom *ent; + + for ( ent = efi_pci_roms; ent; ent = ent->next ) + if ( info->pci_rom.segment == ent->segment && + info->pci_rom.bus == ent->bus && + info->pci_rom.devfn == ent->devfn && + info->pci_rom.vendor == ent->vendor && + info->pci_rom.devid == ent->devid ) + { + int rc = 0; + + if ( info->pci_rom.size < ent->size ) + rc = -ENOSPC; + else if ( copy_to_guest(info->pci_rom.data, + ent->data, ent->size) ) + rc = -EFAULT; + info->pci_rom.size = ent->size; + + return rc; + } + return -ESRCH; + } default: return -EINVAL; } diff -r b6195e277da5 -r d9c7b82aa7b1 xen/include/efi/efipciio.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/xen/include/efi/efipciio.h Thu Jan 17 10:55:00 2013 +0100 @@ -0,0 +1,219 @@ +#ifndef _EFI_PCI_IO_H +#define _EFI_PCI_IO_H + +#define EFI_PCI_IO_PROTOCOL \ + { 0x4cf5b200, 0x68b8, 0x4ca5, {0x9e, 0xec, 0xb2, 0x3e, 0x3f, 0x50, 0x02, 0x9a} } + +INTERFACE_DECL(_EFI_PCI_IO); + +typedef enum { + EfiPciIoWidthUint8, + EfiPciIoWidthUint16, + EfiPciIoWidthUint32, + EfiPciIoWidthUint64, + EfiPciIoWidthFifoUint8, + EfiPciIoWidthFifoUint16, + EfiPciIoWidthFifoUint32, + EfiPciIoWidthFifoUint64, + EfiPciIoWidthFillUint8, + EfiPciIoWidthFillUint16, + EfiPciIoWidthFillUint32, + EfiPciIoWidthFillUint64, + EfiPciIoWidthMaximum +} EFI_PCI_IO_PROTOCOL_WIDTH; + +#define EFI_PCI_IO_PASS_THROUGH_BAR 0xff + +typedef +EFI_STATUS +(EFIAPI *EFI_PCI_IO_PROTOCOL_POLL_IO_MEM) ( + IN struct _EFI_PCI_IO *This, + IN EFI_PCI_IO_PROTOCOL_WIDTH Width, + IN UINT8 BarIndex, + IN UINT64 Offset, + IN UINT64 Mask, + IN UINT64 Value, + IN UINT64 Delay, + OUT UINT64 *Result + ); + +typedef +EFI_STATUS +(EFIAPI *EFI_PCI_IO_PROTOCOL_IO_MEM) ( + IN struct _EFI_PCI_IO *This, + IN EFI_PCI_IO_PROTOCOL_WIDTH Width, + IN UINT8 BarIndex, + IN UINT64 Offset, + IN UINTN Count, + IN OUT VOID *Buffer +); + +typedef struct { + EFI_PCI_IO_PROTOCOL_IO_MEM Read; + EFI_PCI_IO_PROTOCOL_IO_MEM Write; +} EFI_PCI_IO_PROTOCOL_ACCESS; + +typedef +EFI_STATUS +(EFIAPI *EFI_PCI_IO_PROTOCOL_CONFIG) ( + IN struct _EFI_PCI_IO *This, + IN EFI_PCI_IO_PROTOCOL_WIDTH Width, + IN UINT32 Offset, + IN UINTN Count, + IN OUT VOID *Buffer +); + +typedef struct { + EFI_PCI_IO_PROTOCOL_CONFIG Read; + EFI_PCI_IO_PROTOCOL_CONFIG Write; +} EFI_PCI_IO_PROTOCOL_CONFIG_ACCESS; + +typedef +EFI_STATUS +(EFIAPI *EFI_PCI_IO_PROTOCOL_COPY_MEM) ( + IN struct _EFI_PCI_IO *This, + IN EFI_PCI_IO_PROTOCOL_WIDTH Width, + IN UINT8 DestBarIndex, + IN UINT64 DestOffset, + IN UINT8 SrcBarIndex, + IN UINT64 SrcOffset, + IN UINTN Count + ); + +typedef enum { + EfiPciIoOperationBusMasterRead, + EfiPciIoOperationBusMasterWrite, + EfiPciIoOperationBusMasterCommonBuffer, + EfiPciIoOperationMaximum +} EFI_PCI_IO_PROTOCOL_OPERATION; + +typedef +EFI_STATUS +(EFIAPI *EFI_PCI_IO_PROTOCOL_MAP) ( + IN struct _EFI_PCI_IO *This, + IN EFI_PCI_IO_PROTOCOL_OPERATION Operation, + IN VOID *HostAddress, + IN OUT UINTN *NumberOfBytes, + OUT EFI_PHYSICAL_ADDRESS *DeviceAddress, + OUT VOID **Mapping + ); + +typedef +EFI_STATUS +(EFIAPI *EFI_PCI_IO_PROTOCOL_UNMAP) ( + IN struct _EFI_PCI_IO *This, + IN VOID *Mapping +); + +typedef +EFI_STATUS +(EFIAPI *EFI_PCI_IO_PROTOCOL_ALLOCATE_BUFFER) ( + IN struct _EFI_PCI_IO *This, + IN EFI_ALLOCATE_TYPE Type, + IN EFI_MEMORY_TYPE MemoryType, + IN UINTN Pages, + OUT VOID **HostAddress, + IN UINT64 Attributes + ); + +typedef +EFI_STATUS +(EFIAPI *EFI_PCI_IO_PROTOCOL_FREE_BUFFER) ( + IN struct _EFI_PCI_IO *This, + IN UINTN Pages, + IN VOID *HostAddress + ); + +typedef +EFI_STATUS +(EFIAPI *EFI_PCI_IO_PROTOCOL_FLUSH) ( + IN struct _EFI_PCI_IO *This + ); + +typedef +EFI_STATUS +(EFIAPI *EFI_PCI_IO_PROTOCOL_GET_LOCATION) ( + IN struct _EFI_PCI_IO *This, + OUT UINTN *SegmentNumber, + OUT UINTN *BusNumber, + OUT UINTN *DeviceNumber, + OUT UINTN *FunctionNumber + ); + +#define EFI_PCI_IO_ATTRIBUTE_ISA_IO 0x0002 +#define EFI_PCI_IO_ATTRIBUTE_VGA_PALETTE_IO 0x0004 +#define EFI_PCI_IO_ATTRIBUTE_VGA_MEMORY 0x0008 +#define EFI_PCI_IO_ATTRIBUTE_VGA_IO 0x0010 +#define EFI_PCI_IO_ATTRIBUTE_IDE_PRIMARY_IO 0x0020 +#define EFI_PCI_IO_ATTRIBUTE_IDE_SECONDARY_IO 0x0040 +#define EFI_PCI_IO_ATTRIBUTE_MEMORY_WRITE_COMBINE 0x0080 +#define EFI_PCI_IO_ATTRIBUTE_IO 0x0100 +#define EFI_PCI_IO_ATTRIBUTE_MEMORY 0x0200 +#define EFI_PCI_IO_ATTRIBUTE_BUS_MASTER 0x0400 +#define EFI_PCI_IO_ATTRIBUTE_MEMORY_CACHED 0x0800 +#define EFI_PCI_IO_ATTRIBUTE_MEMORY_DISABLE 0x1000 +#define EFI_PCI_IO_ATTRIBUTE_EMBEDDED_DEVICE 0x2000 +#define EFI_PCI_IO_ATTRIBUTE_EMBEDDED_ROM 0x4000 +#define EFI_PCI_IO_ATTRIBUTE_DUAL_ADDRESS_CYCLE 0x8000 +#define EFI_PCI_IO_ATTRIBUTE_ISA_IO_16 0x10000 +#define EFI_PCI_IO_ATTRIBUTE_VGA_PALETTE_IO_16 0x20000 +#define EFI_PCI_IO_ATTRIBUTE_VGA_IO_16 0x40000 + +typedef enum { + EfiPciIoAttributeOperationGet, + EfiPciIoAttributeOperationSet, + EfiPciIoAttributeOperationEnable, + EfiPciIoAttributeOperationDisable, + EfiPciIoAttributeOperationSupported, + EfiPciIoAttributeOperationMaximum +} EFI_PCI_IO_PROTOCOL_ATTRIBUTE_OPERATION; + +typedef +EFI_STATUS +(EFIAPI *EFI_PCI_IO_PROTOCOL_ATTRIBUTES) ( + IN struct _EFI_PCI_IO *This, + IN EFI_PCI_IO_PROTOCOL_ATTRIBUTE_OPERATION Operation, + IN UINT64 Attributes, + OUT UINT64 *Result OPTIONAL + ); + +typedef +EFI_STATUS +(EFIAPI *EFI_PCI_IO_PROTOCOL_GET_BAR_ATTRIBUTES) ( + IN struct _EFI_PCI_IO *This, + IN UINT8 BarIndex, + OUT UINT64 *Supports OPTIONAL, + OUT VOID **Resources OPTIONAL + ); + +typedef +EFI_STATUS +(EFIAPI *EFI_PCI_IO_PROTOCOL_SET_BAR_ATTRIBUTES) ( + IN struct _EFI_PCI_IO *This, + IN UINT64 Attributes, + IN UINT8 BarIndex, + IN OUT UINT64 *Offset, + IN OUT UINT64 *Length + ); + +typedef struct _EFI_PCI_IO { + EFI_PCI_IO_PROTOCOL_POLL_IO_MEM PollMem; + EFI_PCI_IO_PROTOCOL_POLL_IO_MEM PollIo; + EFI_PCI_IO_PROTOCOL_ACCESS Mem; + EFI_PCI_IO_PROTOCOL_ACCESS Io; + EFI_PCI_IO_PROTOCOL_CONFIG_ACCESS Pci; + EFI_PCI_IO_PROTOCOL_COPY_MEM CopyMem; + EFI_PCI_IO_PROTOCOL_MAP Map; + EFI_PCI_IO_PROTOCOL_UNMAP Unmap; + EFI_PCI_IO_PROTOCOL_ALLOCATE_BUFFER AllocateBuffer; + EFI_PCI_IO_PROTOCOL_FREE_BUFFER FreeBuffer; + EFI_PCI_IO_PROTOCOL_FLUSH Flush; + EFI_PCI_IO_PROTOCOL_GET_LOCATION GetLocation; + EFI_PCI_IO_PROTOCOL_ATTRIBUTES Attributes; + EFI_PCI_IO_PROTOCOL_GET_BAR_ATTRIBUTES GetBarAttributes; + EFI_PCI_IO_PROTOCOL_SET_BAR_ATTRIBUTES SetBarAttributes; + UINT64 RomSize; + VOID *RomImage; +} EFI_PCI_IO; + +#endif /* _EFI_PCI_IO_H */ diff -r b6195e277da5 -r d9c7b82aa7b1 xen/include/public/platform.h --- a/xen/include/public/platform.h Wed Jan 16 14:15:44 2013 +0000 +++ b/xen/include/public/platform.h Thu Jan 17 10:55:00 2013 +0100 @@ -218,6 +218,7 @@ DEFINE_XEN_GUEST_HANDLE(xenpf_efi_runtim #define XEN_FW_EFI_VENDOR 2 #define XEN_FW_EFI_MEM_INFO 3 #define XEN_FW_EFI_RT_VERSION 4 +#define XEN_FW_EFI_PCI_ROM 5 #define XEN_FW_KBD_SHIFT_FLAGS 5 struct xenpf_firmware_info { /* IN variables. */ @@ -266,6 +267,17 @@ struct xenpf_firmware_info { uint64_t attr; uint32_t type; } mem; + struct { + /* IN variables */ + uint16_t segment; + uint8_t bus; + uint8_t devfn; + uint16_t vendor; + uint16_t devid; + /* IN/OUT variables */ + xen_ulong_t size; + XEN_GUEST_HANDLE(void) data; + } pci_rom; } efi_info; /* XEN_FW_EFI_INFO */ /* Int16, Fn02: Get keyboard shift flags. */ _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 10:35:27 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 10:35:27 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9IE-0000sH-TH; Fri, 18 Jan 2013 10:35:26 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9ID-0000sC-KM for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:35:26 +0000 Received: from [85.158.139.211:27413] by server-7.bemta-5.messagelabs.com id 77/37-12612-C6529F05; Fri, 18 Jan 2013 10:35:24 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-3.tower-206.messagelabs.com!1358505307!18655351!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests=UPPERCASE_25_50 X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 19696 invoked from network); 18 Jan 2013 10:35:09 -0000 Received: from unknown (HELO mail.xen.org) (50.57.168.107) by server-3.tower-206.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 10:35:09 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Tw9G0-0002n0-Kj for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:08 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Tw9G0-0003oP-3x for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 10:33:08 +0000 Message-Id: Date: Fri, 18 Jan 2013 10:33:07 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] x86/EFI: retrieve PCI ROM contents not accessible through BARs X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1358416500 -3600 # Node ID d9c7b82aa7b11fac96d8cbafbd9c9ab6de4a11a9 # Parent b6195e277da52129d5d79f29ccac0e7290643e37 x86/EFI: retrieve PCI ROM contents not accessible through BARs Linux 3.8-rc added code to do this, so we need to support this in the hypervisor for Dom0 to be able to get at the same information as a native kernel. Signed-off-by: Jan Beulich Acked-by: Keir Fraser --- diff -r b6195e277da5 -r d9c7b82aa7b1 xen/arch/x86/efi/boot.c --- a/xen/arch/x86/efi/boot.c Wed Jan 16 14:15:44 2013 +0000 +++ b/xen/arch/x86/efi/boot.c Thu Jan 17 10:55:00 2013 +0100 @@ -1,5 +1,6 @@ #include "efi.h" #include +#include #include #include #include @@ -8,6 +9,7 @@ #include #include #include +#include #include #if EFI_PAGE_SIZE != PAGE_SIZE # error Cannot use xen/pfn.h here! @@ -570,6 +572,92 @@ static void __init edd_put_string(u8 *ds } #define edd_put_string(d, s) edd_put_string(d, ARRAY_SIZE(d), s) +static void __init setup_efi_pci(void) +{ + EFI_STATUS status; + EFI_HANDLE *handles; + static EFI_GUID __initdata pci_guid = EFI_PCI_IO_PROTOCOL; + UINTN i, nr_pci, size = 0; + struct efi_pci_rom *last = NULL; + + status = efi_bs->LocateHandle(ByProtocol, &pci_guid, NULL, &size, NULL); + if ( status == EFI_BUFFER_TOO_SMALL ) + status = efi_bs->AllocatePool(EfiLoaderData, size, (void **)&handles); + if ( !EFI_ERROR(status) ) + status = efi_bs->LocateHandle(ByProtocol, &pci_guid, NULL, &size, + handles); + if ( EFI_ERROR(status) ) + size = 0; + + nr_pci = size / sizeof(*handles); + for ( i = 0; i < nr_pci; ++i ) + { + EFI_PCI_IO *pci = NULL; + u64 attributes; + struct efi_pci_rom *rom, *va; + UINTN segment, bus, device, function; + + status = efi_bs->HandleProtocol(handles[i], &pci_guid, (void **)&pci); + if ( EFI_ERROR(status) || !pci || !pci->RomImage || !pci->RomSize ) + continue; + + status = pci->Attributes(pci, EfiPciIoAttributeOperationGet, 0, + &attributes); + if ( EFI_ERROR(status) || + !(attributes & EFI_PCI_IO_ATTRIBUTE_EMBEDDED_ROM) || + EFI_ERROR(pci->GetLocation(pci, &segment, &bus, &device, + &function)) ) + continue; + + DisplayUint(segment, 4); + PrintStr(L":"); + DisplayUint(bus, 2); + PrintStr(L":"); + DisplayUint(device, 2); + PrintStr(L"."); + DisplayUint(function, 1); + PrintStr(L": ROM: "); + DisplayUint(pci->RomSize, 0); + PrintStr(L" bytes at "); + DisplayUint((UINTN)pci->RomImage, 0); + PrintStr(newline); + + size = pci->RomSize + sizeof(*rom); + status = efi_bs->AllocatePool(EfiRuntimeServicesData, size, + (void **)&rom); + if ( EFI_ERROR(status) ) + continue; + + rom->next = NULL; + rom->size = pci->RomSize; + + status = pci->Pci.Read(pci, EfiPciIoWidthUint16, PCI_VENDOR_ID, 1, + &rom->vendor); + if ( !EFI_ERROR(status) ) + status = pci->Pci.Read(pci, EfiPciIoWidthUint16, PCI_DEVICE_ID, 1, + &rom->devid); + if ( EFI_ERROR(status) ) + { + efi_bs->FreePool(rom); + continue; + } + + rom->segment = segment; + rom->bus = bus; + rom->devfn = (device << 3) | function; + memcpy(rom->data, pci->RomImage, pci->RomSize); + + va = (void *)rom + DIRECTMAP_VIRT_START; + if ( last ) + last->next = va; + else + efi_pci_roms = va; + last = rom; + } + + efi_bs->FreePool(handles); +} + static int __init set_color(u32 mask, int bpp, u8 *pos, u8 *sz) { if ( bpp < 0 ) @@ -1140,6 +1228,9 @@ efi_start(EFI_HANDLE ImageHandle, EFI_SY if (efi.smbios != EFI_INVALID_TABLE_ADDR) dmi_efi_get_table((void *)(long)efi.smbios); + /* Collect PCI ROM contents. */ + setup_efi_pci(); + /* Allocate space for trampoline (in first Mb). */ cfg.addr = 0x100000; cfg.size = trampoline_end - trampoline_start; diff -r b6195e277da5 -r d9c7b82aa7b1 xen/arch/x86/efi/efi.h --- a/xen/arch/x86/efi/efi.h Wed Jan 16 14:15:44 2013 +0000 +++ b/xen/arch/x86/efi/efi.h Thu Jan 17 10:55:00 2013 +0100 @@ -9,6 +9,14 @@ #include #include +struct efi_pci_rom { + const struct efi_pci_rom *next; + u16 vendor, devid, segment; + u8 bus, devfn; + unsigned long size; + unsigned char data[]; +}; + extern unsigned int efi_num_ct; extern EFI_CONFIGURATION_TABLE *efi_ct; @@ -22,5 +30,7 @@ extern void *efi_memmap; extern l4_pgentry_t *efi_l4_pgtable; +extern const struct efi_pci_rom *efi_pci_roms; + unsigned long efi_rs_enter(void); void efi_rs_leave(unsigned long); diff -r b6195e277da5 -r d9c7b82aa7b1 xen/arch/x86/efi/runtime.c --- a/xen/arch/x86/efi/runtime.c Wed Jan 16 14:15:44 2013 +0000 +++ b/xen/arch/x86/efi/runtime.c Thu Jan 17 10:55:00 2013 +0100 @@ -37,6 +37,8 @@ struct efi __read_mostly efi = { l4_pgentry_t *__read_mostly efi_l4_pgtable; +const struct efi_pci_rom *__read_mostly efi_pci_roms; + unsigned long efi_rs_enter(void) { unsigned long cr3 = read_cr3(); @@ -177,6 +179,29 @@ int efi_get_info(uint32_t idx, union xen } } return -ESRCH; + case XEN_FW_EFI_PCI_ROM: { + const struct efi_pci_rom *ent; + + for ( ent = efi_pci_roms; ent; ent = ent->next ) + if ( info->pci_rom.segment == ent->segment && + info->pci_rom.bus == ent->bus && + info->pci_rom.devfn == ent->devfn && + info->pci_rom.vendor == ent->vendor && + info->pci_rom.devid == ent->devid ) + { + int rc = 0; + + if ( info->pci_rom.size < ent->size ) + rc = -ENOSPC; + else if ( copy_to_guest(info->pci_rom.data, + ent->data, ent->size) ) + rc = -EFAULT; + info->pci_rom.size = ent->size; + + return rc; + } + return -ESRCH; + } default: return -EINVAL; } diff -r b6195e277da5 -r d9c7b82aa7b1 xen/include/efi/efipciio.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/xen/include/efi/efipciio.h Thu Jan 17 10:55:00 2013 +0100 @@ -0,0 +1,219 @@ +#ifndef _EFI_PCI_IO_H +#define _EFI_PCI_IO_H + +#define EFI_PCI_IO_PROTOCOL \ + { 0x4cf5b200, 0x68b8, 0x4ca5, {0x9e, 0xec, 0xb2, 0x3e, 0x3f, 0x50, 0x02, 0x9a} } + +INTERFACE_DECL(_EFI_PCI_IO); + +typedef enum { + EfiPciIoWidthUint8, + EfiPciIoWidthUint16, + EfiPciIoWidthUint32, + EfiPciIoWidthUint64, + EfiPciIoWidthFifoUint8, + EfiPciIoWidthFifoUint16, + EfiPciIoWidthFifoUint32, + EfiPciIoWidthFifoUint64, + EfiPciIoWidthFillUint8, + EfiPciIoWidthFillUint16, + EfiPciIoWidthFillUint32, + EfiPciIoWidthFillUint64, + EfiPciIoWidthMaximum +} EFI_PCI_IO_PROTOCOL_WIDTH; + +#define EFI_PCI_IO_PASS_THROUGH_BAR 0xff + +typedef +EFI_STATUS +(EFIAPI *EFI_PCI_IO_PROTOCOL_POLL_IO_MEM) ( + IN struct _EFI_PCI_IO *This, + IN EFI_PCI_IO_PROTOCOL_WIDTH Width, + IN UINT8 BarIndex, + IN UINT64 Offset, + IN UINT64 Mask, + IN UINT64 Value, + IN UINT64 Delay, + OUT UINT64 *Result + ); + +typedef +EFI_STATUS +(EFIAPI *EFI_PCI_IO_PROTOCOL_IO_MEM) ( + IN struct _EFI_PCI_IO *This, + IN EFI_PCI_IO_PROTOCOL_WIDTH Width, + IN UINT8 BarIndex, + IN UINT64 Offset, + IN UINTN Count, + IN OUT VOID *Buffer +); + +typedef struct { + EFI_PCI_IO_PROTOCOL_IO_MEM Read; + EFI_PCI_IO_PROTOCOL_IO_MEM Write; +} EFI_PCI_IO_PROTOCOL_ACCESS; + +typedef +EFI_STATUS +(EFIAPI *EFI_PCI_IO_PROTOCOL_CONFIG) ( + IN struct _EFI_PCI_IO *This, + IN EFI_PCI_IO_PROTOCOL_WIDTH Width, + IN UINT32 Offset, + IN UINTN Count, + IN OUT VOID *Buffer +); + +typedef struct { + EFI_PCI_IO_PROTOCOL_CONFIG Read; + EFI_PCI_IO_PROTOCOL_CONFIG Write; +} EFI_PCI_IO_PROTOCOL_CONFIG_ACCESS; + +typedef +EFI_STATUS +(EFIAPI *EFI_PCI_IO_PROTOCOL_COPY_MEM) ( + IN struct _EFI_PCI_IO *This, + IN EFI_PCI_IO_PROTOCOL_WIDTH Width, + IN UINT8 DestBarIndex, + IN UINT64 DestOffset, + IN UINT8 SrcBarIndex, + IN UINT64 SrcOffset, + IN UINTN Count + ); + +typedef enum { + EfiPciIoOperationBusMasterRead, + EfiPciIoOperationBusMasterWrite, + EfiPciIoOperationBusMasterCommonBuffer, + EfiPciIoOperationMaximum +} EFI_PCI_IO_PROTOCOL_OPERATION; + +typedef +EFI_STATUS +(EFIAPI *EFI_PCI_IO_PROTOCOL_MAP) ( + IN struct _EFI_PCI_IO *This, + IN EFI_PCI_IO_PROTOCOL_OPERATION Operation, + IN VOID *HostAddress, + IN OUT UINTN *NumberOfBytes, + OUT EFI_PHYSICAL_ADDRESS *DeviceAddress, + OUT VOID **Mapping + ); + +typedef +EFI_STATUS +(EFIAPI *EFI_PCI_IO_PROTOCOL_UNMAP) ( + IN struct _EFI_PCI_IO *This, + IN VOID *Mapping +); + +typedef +EFI_STATUS +(EFIAPI *EFI_PCI_IO_PROTOCOL_ALLOCATE_BUFFER) ( + IN struct _EFI_PCI_IO *This, + IN EFI_ALLOCATE_TYPE Type, + IN EFI_MEMORY_TYPE MemoryType, + IN UINTN Pages, + OUT VOID **HostAddress, + IN UINT64 Attributes + ); + +typedef +EFI_STATUS +(EFIAPI *EFI_PCI_IO_PROTOCOL_FREE_BUFFER) ( + IN struct _EFI_PCI_IO *This, + IN UINTN Pages, + IN VOID *HostAddress + ); + +typedef +EFI_STATUS +(EFIAPI *EFI_PCI_IO_PROTOCOL_FLUSH) ( + IN struct _EFI_PCI_IO *This + ); + +typedef +EFI_STATUS +(EFIAPI *EFI_PCI_IO_PROTOCOL_GET_LOCATION) ( + IN struct _EFI_PCI_IO *This, + OUT UINTN *SegmentNumber, + OUT UINTN *BusNumber, + OUT UINTN *DeviceNumber, + OUT UINTN *FunctionNumber + ); + +#define EFI_PCI_IO_ATTRIBUTE_ISA_IO 0x0002 +#define EFI_PCI_IO_ATTRIBUTE_VGA_PALETTE_IO 0x0004 +#define EFI_PCI_IO_ATTRIBUTE_VGA_MEMORY 0x0008 +#define EFI_PCI_IO_ATTRIBUTE_VGA_IO 0x0010 +#define EFI_PCI_IO_ATTRIBUTE_IDE_PRIMARY_IO 0x0020 +#define EFI_PCI_IO_ATTRIBUTE_IDE_SECONDARY_IO 0x0040 +#define EFI_PCI_IO_ATTRIBUTE_MEMORY_WRITE_COMBINE 0x0080 +#define EFI_PCI_IO_ATTRIBUTE_IO 0x0100 +#define EFI_PCI_IO_ATTRIBUTE_MEMORY 0x0200 +#define EFI_PCI_IO_ATTRIBUTE_BUS_MASTER 0x0400 +#define EFI_PCI_IO_ATTRIBUTE_MEMORY_CACHED 0x0800 +#define EFI_PCI_IO_ATTRIBUTE_MEMORY_DISABLE 0x1000 +#define EFI_PCI_IO_ATTRIBUTE_EMBEDDED_DEVICE 0x2000 +#define EFI_PCI_IO_ATTRIBUTE_EMBEDDED_ROM 0x4000 +#define EFI_PCI_IO_ATTRIBUTE_DUAL_ADDRESS_CYCLE 0x8000 +#define EFI_PCI_IO_ATTRIBUTE_ISA_IO_16 0x10000 +#define EFI_PCI_IO_ATTRIBUTE_VGA_PALETTE_IO_16 0x20000 +#define EFI_PCI_IO_ATTRIBUTE_VGA_IO_16 0x40000 + +typedef enum { + EfiPciIoAttributeOperationGet, + EfiPciIoAttributeOperationSet, + EfiPciIoAttributeOperationEnable, + EfiPciIoAttributeOperationDisable, + EfiPciIoAttributeOperationSupported, + EfiPciIoAttributeOperationMaximum +} EFI_PCI_IO_PROTOCOL_ATTRIBUTE_OPERATION; + +typedef +EFI_STATUS +(EFIAPI *EFI_PCI_IO_PROTOCOL_ATTRIBUTES) ( + IN struct _EFI_PCI_IO *This, + IN EFI_PCI_IO_PROTOCOL_ATTRIBUTE_OPERATION Operation, + IN UINT64 Attributes, + OUT UINT64 *Result OPTIONAL + ); + +typedef +EFI_STATUS +(EFIAPI *EFI_PCI_IO_PROTOCOL_GET_BAR_ATTRIBUTES) ( + IN struct _EFI_PCI_IO *This, + IN UINT8 BarIndex, + OUT UINT64 *Supports OPTIONAL, + OUT VOID **Resources OPTIONAL + ); + +typedef +EFI_STATUS +(EFIAPI *EFI_PCI_IO_PROTOCOL_SET_BAR_ATTRIBUTES) ( + IN struct _EFI_PCI_IO *This, + IN UINT64 Attributes, + IN UINT8 BarIndex, + IN OUT UINT64 *Offset, + IN OUT UINT64 *Length + ); + +typedef struct _EFI_PCI_IO { + EFI_PCI_IO_PROTOCOL_POLL_IO_MEM PollMem; + EFI_PCI_IO_PROTOCOL_POLL_IO_MEM PollIo; + EFI_PCI_IO_PROTOCOL_ACCESS Mem; + EFI_PCI_IO_PROTOCOL_ACCESS Io; + EFI_PCI_IO_PROTOCOL_CONFIG_ACCESS Pci; + EFI_PCI_IO_PROTOCOL_COPY_MEM CopyMem; + EFI_PCI_IO_PROTOCOL_MAP Map; + EFI_PCI_IO_PROTOCOL_UNMAP Unmap; + EFI_PCI_IO_PROTOCOL_ALLOCATE_BUFFER AllocateBuffer; + EFI_PCI_IO_PROTOCOL_FREE_BUFFER FreeBuffer; + EFI_PCI_IO_PROTOCOL_FLUSH Flush; + EFI_PCI_IO_PROTOCOL_GET_LOCATION GetLocation; + EFI_PCI_IO_PROTOCOL_ATTRIBUTES Attributes; + EFI_PCI_IO_PROTOCOL_GET_BAR_ATTRIBUTES GetBarAttributes; + EFI_PCI_IO_PROTOCOL_SET_BAR_ATTRIBUTES SetBarAttributes; + UINT64 RomSize; + VOID *RomImage; +} EFI_PCI_IO; + +#endif /* _EFI_PCI_IO_H */ diff -r b6195e277da5 -r d9c7b82aa7b1 xen/include/public/platform.h --- a/xen/include/public/platform.h Wed Jan 16 14:15:44 2013 +0000 +++ b/xen/include/public/platform.h Thu Jan 17 10:55:00 2013 +0100 @@ -218,6 +218,7 @@ DEFINE_XEN_GUEST_HANDLE(xenpf_efi_runtim #define XEN_FW_EFI_VENDOR 2 #define XEN_FW_EFI_MEM_INFO 3 #define XEN_FW_EFI_RT_VERSION 4 +#define XEN_FW_EFI_PCI_ROM 5 #define XEN_FW_KBD_SHIFT_FLAGS 5 struct xenpf_firmware_info { /* IN variables. */ @@ -266,6 +267,17 @@ struct xenpf_firmware_info { uint64_t attr; uint32_t type; } mem; + struct { + /* IN variables */ + uint16_t segment; + uint8_t bus; + uint8_t devfn; + uint16_t vendor; + uint16_t devid; + /* IN/OUT variables */ + xen_ulong_t size; + XEN_GUEST_HANDLE(void) data; + } pci_rom; } efi_info; /* XEN_FW_EFI_INFO */ /* Int16, Fn02: Get keyboard shift flags. */ _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 11:55:13 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 11:55:13 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwAXM-0003b9-Fh; Fri, 18 Jan 2013 11:55:08 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwAXL-0003aw-7s for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 11:55:07 +0000 Received: from [85.158.139.83:59419] by server-15.bemta-5.messagelabs.com id 85/2E-12730-A1839F05; Fri, 18 Jan 2013 11:55:06 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-2.tower-182.messagelabs.com!1358510104!27993816!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 30868 invoked from network); 18 Jan 2013 11:55:05 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-2.tower-182.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 11:55:05 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwAXI-0003hx-9S for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 11:55:04 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TwAXI-0006EQ-5V for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 11:55:04 +0000 Message-Id: Date: Fri, 18 Jan 2013 11:55:03 +0000 From: Xen patchbot-linux-2.6.18-xen To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [linux-2.6.18-xen] i386: fix unwind annotations in failsafe callback X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1358509649 -3600 # Node ID feb110c9141c2efcdaa8cbc92268b8515771377d # Parent cba2a1740833211cf5befca1fbe11a44ab911948 i386: fix unwind annotations in failsafe callback This amends c/s 14245:b1f33c3a97fa (when the sparse Linux tree was still part of the main Xen repo) in that it - adds a missing annotation to the "pushl $-1" - moves the RING0_INT_FRAME earlier (after adjusting the code to do the stack pointer adjustment before the conditional branch), thus increasing the covered region Reported-by: Matthew Daley Signed-off-by: Jan Beulich --- diff -r cba2a1740833 -r feb110c9141c arch/i386/kernel/entry-xen.S --- a/arch/i386/kernel/entry-xen.S Fri Jan 18 12:39:54 2013 +0100 +++ b/arch/i386/kernel/entry-xen.S Fri Jan 18 12:47:29 2013 +0100 @@ -872,12 +872,11 @@ 3: mov 12(%esp),%fs 4: mov 16(%esp),%gs testl %eax,%eax popl %eax - jz 5f - addl $16,%esp # EAX != 0 => Category 2 (Bad IRET) - jmp iret_exc -5: addl $16,%esp # EAX == 0 => Category 1 (Bad segment) + leal 16(%esp),%esp RING0_INT_FRAME - pushl $-1 + jnz iret_exc # EAX != 0 => Category 2 (Bad IRET) + pushl $-1 # EAX == 0 => Category 1 (Bad segment) + CFI_ADJUST_CFA_OFFSET 4 SAVE_ALL jmp ret_from_exception .section .fixup,"ax"; \ _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 11:55:13 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 11:55:13 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwAXM-0003b9-Fh; Fri, 18 Jan 2013 11:55:08 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwAXL-0003aw-7s for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 11:55:07 +0000 Received: from [85.158.139.83:59419] by server-15.bemta-5.messagelabs.com id 85/2E-12730-A1839F05; Fri, 18 Jan 2013 11:55:06 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-2.tower-182.messagelabs.com!1358510104!27993816!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 30868 invoked from network); 18 Jan 2013 11:55:05 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-2.tower-182.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 11:55:05 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwAXI-0003hx-9S for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 11:55:04 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TwAXI-0006EQ-5V for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 11:55:04 +0000 Message-Id: Date: Fri, 18 Jan 2013 11:55:03 +0000 From: Xen patchbot-linux-2.6.18-xen To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [linux-2.6.18-xen] i386: fix unwind annotations in failsafe callback X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1358509649 -3600 # Node ID feb110c9141c2efcdaa8cbc92268b8515771377d # Parent cba2a1740833211cf5befca1fbe11a44ab911948 i386: fix unwind annotations in failsafe callback This amends c/s 14245:b1f33c3a97fa (when the sparse Linux tree was still part of the main Xen repo) in that it - adds a missing annotation to the "pushl $-1" - moves the RING0_INT_FRAME earlier (after adjusting the code to do the stack pointer adjustment before the conditional branch), thus increasing the covered region Reported-by: Matthew Daley Signed-off-by: Jan Beulich --- diff -r cba2a1740833 -r feb110c9141c arch/i386/kernel/entry-xen.S --- a/arch/i386/kernel/entry-xen.S Fri Jan 18 12:39:54 2013 +0100 +++ b/arch/i386/kernel/entry-xen.S Fri Jan 18 12:47:29 2013 +0100 @@ -872,12 +872,11 @@ 3: mov 12(%esp),%fs 4: mov 16(%esp),%gs testl %eax,%eax popl %eax - jz 5f - addl $16,%esp # EAX != 0 => Category 2 (Bad IRET) - jmp iret_exc -5: addl $16,%esp # EAX == 0 => Category 1 (Bad segment) + leal 16(%esp),%esp RING0_INT_FRAME - pushl $-1 + jnz iret_exc # EAX != 0 => Category 2 (Bad IRET) + pushl $-1 # EAX == 0 => Category 1 (Bad segment) + CFI_ADJUST_CFA_OFFSET 4 SAVE_ALL jmp ret_from_exception .section .fixup,"ax"; \ _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 11:55:13 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 11:55:13 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwAXM-0003bE-ID; Fri, 18 Jan 2013 11:55:08 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwAXL-0003ax-Fc for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 11:55:07 +0000 Received: from [85.158.143.99:19888] by server-1.bemta-4.messagelabs.com id A8/2D-18740-A1839F05; Fri, 18 Jan 2013 11:55:06 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-7.tower-216.messagelabs.com!1358510104!24519187!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 9797 invoked from network); 18 Jan 2013 11:55:05 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-7.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 11:55:05 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwAXH-0003hu-V2 for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 11:55:03 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TwAXH-0006EB-Ny for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 11:55:03 +0000 Message-Id: Date: Fri, 18 Jan 2013 11:55:03 +0000 From: Xen patchbot-linux-2.6.18-xen To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [linux-2.6.18-xen] properly bound buffer access when parsing cpu/*/availability X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1358509194 -3600 # Node ID cba2a1740833211cf5befca1fbe11a44ab911948 # Parent c340a22a3a6339aadffc9a7d4d9eef10d52b7b94 properly bound buffer access when parsing cpu/*/availability At the same time reduce the local buffers to 16 bytes each. Reported-by: Matthew Daley Signed-off-by: Jan Beulich --- diff -r c340a22a3a63 -r cba2a1740833 drivers/xen/core/cpu_hotplug.c --- a/drivers/xen/core/cpu_hotplug.c Fri Dec 21 10:01:11 2012 +0100 +++ b/drivers/xen/core/cpu_hotplug.c Fri Jan 18 12:39:54 2013 +0100 @@ -28,13 +28,13 @@ static int local_cpu_hotplug_request(voi static void vcpu_hotplug(unsigned int cpu, struct sys_device *dev) { int err; - char dir[32], state[32]; + char dir[16], state[16]; if ((cpu >= NR_CPUS) || !cpu_possible(cpu)) return; sprintf(dir, "cpu/%u", cpu); - err = xenbus_scanf(XBT_NIL, dir, "availability", "%s", state); + err = xenbus_scanf(XBT_NIL, dir, "availability", "%15s", state); if (err != 1) { printk(KERN_ERR "XENBUS: Unable to read cpu state\n"); return; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 11:55:13 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 11:55:13 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwAXM-0003bE-ID; Fri, 18 Jan 2013 11:55:08 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwAXL-0003ax-Fc for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 11:55:07 +0000 Received: from [85.158.143.99:19888] by server-1.bemta-4.messagelabs.com id A8/2D-18740-A1839F05; Fri, 18 Jan 2013 11:55:06 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-7.tower-216.messagelabs.com!1358510104!24519187!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 9797 invoked from network); 18 Jan 2013 11:55:05 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-7.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 11:55:05 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwAXH-0003hu-V2 for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 11:55:03 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TwAXH-0006EB-Ny for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 11:55:03 +0000 Message-Id: Date: Fri, 18 Jan 2013 11:55:03 +0000 From: Xen patchbot-linux-2.6.18-xen To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [linux-2.6.18-xen] properly bound buffer access when parsing cpu/*/availability X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1358509194 -3600 # Node ID cba2a1740833211cf5befca1fbe11a44ab911948 # Parent c340a22a3a6339aadffc9a7d4d9eef10d52b7b94 properly bound buffer access when parsing cpu/*/availability At the same time reduce the local buffers to 16 bytes each. Reported-by: Matthew Daley Signed-off-by: Jan Beulich --- diff -r c340a22a3a63 -r cba2a1740833 drivers/xen/core/cpu_hotplug.c --- a/drivers/xen/core/cpu_hotplug.c Fri Dec 21 10:01:11 2012 +0100 +++ b/drivers/xen/core/cpu_hotplug.c Fri Jan 18 12:39:54 2013 +0100 @@ -28,13 +28,13 @@ static int local_cpu_hotplug_request(voi static void vcpu_hotplug(unsigned int cpu, struct sys_device *dev) { int err; - char dir[32], state[32]; + char dir[16], state[16]; if ((cpu >= NR_CPUS) || !cpu_possible(cpu)) return; sprintf(dir, "cpu/%u", cpu); - err = xenbus_scanf(XBT_NIL, dir, "availability", "%s", state); + err = xenbus_scanf(XBT_NIL, dir, "availability", "%15s", state); if (err != 1) { printk(KERN_ERR "XENBUS: Unable to read cpu state\n"); return; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 16:11:16 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 16:11:16 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwEXB-0002sZ-MG; Fri, 18 Jan 2013 16:11:13 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwEXA-0002rH-7R for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 16:11:12 +0000 Received: from [85.158.143.99:33014] by server-3.bemta-4.messagelabs.com id FF/13-19220-F1479F05; Fri, 18 Jan 2013 16:11:11 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-2.tower-216.messagelabs.com!1358525470!23231344!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 2335 invoked from network); 18 Jan 2013 16:11:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-2.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 16:11:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwEX8-0006xa-4M for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 16:11:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TwEX7-0004Ue-TC for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 16:11:09 +0000 Message-Id: Date: Fri, 18 Jan 2013 16:11:09 +0000 From: Xen patchbot-4.1-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.1-testing] x86/mm: Fix loop increment in paging_log_dirty_range() X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Tim Deegan # Date 1358426606 -3600 # Node ID 0db8dfa1a378df5a3ec10485164b57e8b3b3e573 # Parent a064a93a1eadff8adc14b488c6beb4ccdc7931ae x86/mm: Fix loop increment in paging_log_dirty_range() In 23417:53ef1f35a0f8 (the fix for XSA-27 / CVE-2012-5511), the loop variable gets incremented twice, so the loop only clears every second page of the bitmap. This might cause the tools to think that pages are dirty when they are not. Reported-by: Steven Noonan Reported-by: Matt Wilson Signed-off-by: Tim Deegan Acked-by: Ian Campbell Committed-by: Jan Beulich --- diff -r a064a93a1ead -r 0db8dfa1a378 xen/arch/x86/mm/paging.c --- a/xen/arch/x86/mm/paging.c Thu Jan 17 12:22:48 2013 +0000 +++ b/xen/arch/x86/mm/paging.c Thu Jan 17 13:43:26 2013 +0100 @@ -534,7 +534,8 @@ int paging_log_dirty_range(struct domain size = ((nr + BITS_PER_LONG - 1) / BITS_PER_LONG) * sizeof (long); rv = 0; - for ( off = 0; !rv && off < size; off += sizeof zeroes ) + off = 0; + while ( !rv && off < size ) { int todo = min(size - off, (int) PAGE_SIZE); if ( copy_to_guest_offset(dirty_bitmap, off, zeroes, todo) ) _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 16:11:16 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 16:11:16 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwEXB-0002sZ-MG; Fri, 18 Jan 2013 16:11:13 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwEXA-0002rH-7R for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 16:11:12 +0000 Received: from [85.158.143.99:33014] by server-3.bemta-4.messagelabs.com id FF/13-19220-F1479F05; Fri, 18 Jan 2013 16:11:11 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-2.tower-216.messagelabs.com!1358525470!23231344!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 2335 invoked from network); 18 Jan 2013 16:11:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-2.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 16:11:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwEX8-0006xa-4M for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 16:11:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TwEX7-0004Ue-TC for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 16:11:09 +0000 Message-Id: Date: Fri, 18 Jan 2013 16:11:09 +0000 From: Xen patchbot-4.1-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.1-testing] x86/mm: Fix loop increment in paging_log_dirty_range() X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Tim Deegan # Date 1358426606 -3600 # Node ID 0db8dfa1a378df5a3ec10485164b57e8b3b3e573 # Parent a064a93a1eadff8adc14b488c6beb4ccdc7931ae x86/mm: Fix loop increment in paging_log_dirty_range() In 23417:53ef1f35a0f8 (the fix for XSA-27 / CVE-2012-5511), the loop variable gets incremented twice, so the loop only clears every second page of the bitmap. This might cause the tools to think that pages are dirty when they are not. Reported-by: Steven Noonan Reported-by: Matt Wilson Signed-off-by: Tim Deegan Acked-by: Ian Campbell Committed-by: Jan Beulich --- diff -r a064a93a1ead -r 0db8dfa1a378 xen/arch/x86/mm/paging.c --- a/xen/arch/x86/mm/paging.c Thu Jan 17 12:22:48 2013 +0000 +++ b/xen/arch/x86/mm/paging.c Thu Jan 17 13:43:26 2013 +0100 @@ -534,7 +534,8 @@ int paging_log_dirty_range(struct domain size = ((nr + BITS_PER_LONG - 1) / BITS_PER_LONG) * sizeof (long); rv = 0; - for ( off = 0; !rv && off < size; off += sizeof zeroes ) + off = 0; + while ( !rv && off < size ) { int todo = min(size - off, (int) PAGE_SIZE); if ( copy_to_guest_offset(dirty_bitmap, off, zeroes, todo) ) _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 16:11:17 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 16:11:17 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwEXB-0002sE-JV; Fri, 18 Jan 2013 16:11:13 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwEX9-0002rH-Ry for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 16:11:11 +0000 Received: from [85.158.143.35:30950] by server-3.bemta-4.messagelabs.com id 0A/13-19220-F1479F05; Fri, 18 Jan 2013 16:11:11 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-4.tower-21.messagelabs.com!1358525469!5978113!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 16996 invoked from network); 18 Jan 2013 16:11:10 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-4.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 16:11:10 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwEX6-0006xR-LG for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 16:11:08 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TwEX6-0004Tt-7M for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 16:11:08 +0000 Message-Id: Date: Fri, 18 Jan 2013 16:11:07 +0000 From: Xen patchbot-4.1-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.1-testing] QEMU_TAG update X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Jackson # Date 1358345712 0 # Node ID 8fe0e86c2ac27e22121aa9c70ddf5eacbb3051d0 # Parent 2a91623a5807d8a8a718968d89cb586b32a1dfd3 QEMU_TAG update --- diff -r 2a91623a5807 -r 8fe0e86c2ac2 Config.mk --- a/Config.mk Wed Jan 09 17:19:01 2013 +0100 +++ b/Config.mk Wed Jan 16 14:15:12 2013 +0000 @@ -179,9 +179,9 @@ endif # CONFIG_QEMU ?= `pwd`/$(XEN_ROOT)/../qemu-xen.git CONFIG_QEMU ?= $(QEMU_REMOTE) -QEMU_TAG ?= xen-4.1.4 -# Tue Nov 13 18:25:17 2012 +0000 -# mapcache: Fix invalidate if memory requested was not bucket aligned +QEMU_TAG ?= b4e9b8169dedc0bcf0d3abe07642f761ac70aeea +# Sun Dec 2 20:11:22 2012 -0800 +# e1000: Discard packets that are too long if !SBP and !LPE # Optional components XENSTAT_XENTOP ?= y _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 16:11:17 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 16:11:17 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwEXC-0002so-P6; Fri, 18 Jan 2013 16:11:14 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwEXB-0002ry-HM for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 16:11:13 +0000 Received: from [85.158.137.99:60159] by server-4.bemta-3.messagelabs.com id 55/8D-28566-02479F05; Fri, 18 Jan 2013 16:11:12 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-15.tower-217.messagelabs.com!1358525470!15183098!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 26348 invoked from network); 18 Jan 2013 16:11:12 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-15.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 16:11:12 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwEX8-0006xd-Kb for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 16:11:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TwEX8-0004Ut-Cq for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 16:11:10 +0000 Message-Id: Date: Fri, 18 Jan 2013 16:11:09 +0000 From: Xen patchbot-4.1-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.1-testing] x86: compat_show_guest_stack() should not truncate MFN X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1358432381 -3600 # Node ID a98031db0f288dee01ab6a0d695929bbbfc297cb # Parent 0db8dfa1a378df5a3ec10485164b57e8b3b3e573 x86: compat_show_guest_stack() should not truncate MFN Re-using "addr" here was a mistake, as it is a 32-bit quantity. Signed-off-by: Jan Beulich Acked-by: Ian Campbell Acked-by: Keir Fraser xen-unstable changeset: 26332:8e942f2f3b45 xen-unstable date: Mon Jan 7 12:28:29 UTC 2013 --- diff -r 0db8dfa1a378 -r a98031db0f28 xen/arch/x86/x86_64/compat/traps.c --- a/xen/arch/x86/x86_64/compat/traps.c Thu Jan 17 13:43:26 2013 +0100 +++ b/xen/arch/x86/x86_64/compat/traps.c Thu Jan 17 15:19:41 2013 +0100 @@ -20,11 +20,12 @@ void compat_show_guest_stack(struct vcpu if ( v != current ) { struct vcpu *vcpu; + unsigned long mfn; ASSERT(guest_kernel_mode(v, regs)); - addr = read_cr3() >> PAGE_SHIFT; + mfn = read_cr3() >> PAGE_SHIFT; for_each_vcpu( v->domain, vcpu ) - if ( pagetable_get_pfn(vcpu->arch.guest_table) == addr ) + if ( pagetable_get_pfn(vcpu->arch.guest_table) == mfn ) break; if ( !vcpu ) { _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 16:11:17 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 16:11:17 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwEXB-0002sE-JV; Fri, 18 Jan 2013 16:11:13 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwEX9-0002rH-Ry for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 16:11:11 +0000 Received: from [85.158.143.35:30950] by server-3.bemta-4.messagelabs.com id 0A/13-19220-F1479F05; Fri, 18 Jan 2013 16:11:11 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-4.tower-21.messagelabs.com!1358525469!5978113!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 16996 invoked from network); 18 Jan 2013 16:11:10 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-4.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 16:11:10 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwEX6-0006xR-LG for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 16:11:08 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TwEX6-0004Tt-7M for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 16:11:08 +0000 Message-Id: Date: Fri, 18 Jan 2013 16:11:07 +0000 From: Xen patchbot-4.1-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.1-testing] QEMU_TAG update X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Jackson # Date 1358345712 0 # Node ID 8fe0e86c2ac27e22121aa9c70ddf5eacbb3051d0 # Parent 2a91623a5807d8a8a718968d89cb586b32a1dfd3 QEMU_TAG update --- diff -r 2a91623a5807 -r 8fe0e86c2ac2 Config.mk --- a/Config.mk Wed Jan 09 17:19:01 2013 +0100 +++ b/Config.mk Wed Jan 16 14:15:12 2013 +0000 @@ -179,9 +179,9 @@ endif # CONFIG_QEMU ?= `pwd`/$(XEN_ROOT)/../qemu-xen.git CONFIG_QEMU ?= $(QEMU_REMOTE) -QEMU_TAG ?= xen-4.1.4 -# Tue Nov 13 18:25:17 2012 +0000 -# mapcache: Fix invalidate if memory requested was not bucket aligned +QEMU_TAG ?= b4e9b8169dedc0bcf0d3abe07642f761ac70aeea +# Sun Dec 2 20:11:22 2012 -0800 +# e1000: Discard packets that are too long if !SBP and !LPE # Optional components XENSTAT_XENTOP ?= y _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 16:11:17 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 16:11:17 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwEXC-0002so-P6; Fri, 18 Jan 2013 16:11:14 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwEXB-0002ry-HM for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 16:11:13 +0000 Received: from [85.158.137.99:60159] by server-4.bemta-3.messagelabs.com id 55/8D-28566-02479F05; Fri, 18 Jan 2013 16:11:12 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-15.tower-217.messagelabs.com!1358525470!15183098!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 26348 invoked from network); 18 Jan 2013 16:11:12 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-15.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 16:11:12 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwEX8-0006xd-Kb for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 16:11:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TwEX8-0004Ut-Cq for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 16:11:10 +0000 Message-Id: Date: Fri, 18 Jan 2013 16:11:09 +0000 From: Xen patchbot-4.1-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.1-testing] x86: compat_show_guest_stack() should not truncate MFN X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1358432381 -3600 # Node ID a98031db0f288dee01ab6a0d695929bbbfc297cb # Parent 0db8dfa1a378df5a3ec10485164b57e8b3b3e573 x86: compat_show_guest_stack() should not truncate MFN Re-using "addr" here was a mistake, as it is a 32-bit quantity. Signed-off-by: Jan Beulich Acked-by: Ian Campbell Acked-by: Keir Fraser xen-unstable changeset: 26332:8e942f2f3b45 xen-unstable date: Mon Jan 7 12:28:29 UTC 2013 --- diff -r 0db8dfa1a378 -r a98031db0f28 xen/arch/x86/x86_64/compat/traps.c --- a/xen/arch/x86/x86_64/compat/traps.c Thu Jan 17 13:43:26 2013 +0100 +++ b/xen/arch/x86/x86_64/compat/traps.c Thu Jan 17 15:19:41 2013 +0100 @@ -20,11 +20,12 @@ void compat_show_guest_stack(struct vcpu if ( v != current ) { struct vcpu *vcpu; + unsigned long mfn; ASSERT(guest_kernel_mode(v, regs)); - addr = read_cr3() >> PAGE_SHIFT; + mfn = read_cr3() >> PAGE_SHIFT; for_each_vcpu( v->domain, vcpu ) - if ( pagetable_get_pfn(vcpu->arch.guest_table) == addr ) + if ( pagetable_get_pfn(vcpu->arch.guest_table) == mfn ) break; if ( !vcpu ) { _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 16:11:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 16:11:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwEXJ-0002zz-SH; Fri, 18 Jan 2013 16:11:21 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwEXI-0002xs-J5 for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 16:11:20 +0000 Received: from [85.158.137.99:45666] by server-5.bemta-3.messagelabs.com id EA/FD-06676-72479F05; Fri, 18 Jan 2013 16:11:19 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-13.tower-217.messagelabs.com!1358525469!17579219!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 7736 invoked from network); 18 Jan 2013 16:11:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-13.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 16:11:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwEX7-0006xW-HG for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 16:11:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TwEX7-0004UP-DK for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 16:11:09 +0000 Message-Id: Date: Fri, 18 Jan 2013 16:11:08 +0000 From: Xen patchbot-4.1-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.1-testing] Config.mk: delete accidentally introduced drivel X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Jackson # Date 1358425368 0 # Node ID a064a93a1eadff8adc14b488c6beb4ccdc7931ae # Parent e380ec481308cf38247bbe6d605836fc31d9db94 Config.mk: delete accidentally introduced drivel --- diff -r e380ec481308 -r a064a93a1ead Config.mk --- a/Config.mk Thu Jan 17 12:11:34 2013 +0000 +++ b/Config.mk Thu Jan 17 12:22:48 2013 +0000 @@ -1,6 +1,3 @@ -pulling from ssh://xenbits.xen.org//home/xen/HG/staging/xen-4.1-testing.hg -searching for changes -no changes found # -*- mode: Makefile; -*- # A debug build of Xen and tools? _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 16:11:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 16:11:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwEXJ-0002zz-SH; Fri, 18 Jan 2013 16:11:21 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwEXI-0002xs-J5 for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 16:11:20 +0000 Received: from [85.158.137.99:45666] by server-5.bemta-3.messagelabs.com id EA/FD-06676-72479F05; Fri, 18 Jan 2013 16:11:19 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-13.tower-217.messagelabs.com!1358525469!17579219!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 7736 invoked from network); 18 Jan 2013 16:11:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-13.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 16:11:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwEX7-0006xW-HG for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 16:11:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TwEX7-0004UP-DK for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 16:11:09 +0000 Message-Id: Date: Fri, 18 Jan 2013 16:11:08 +0000 From: Xen patchbot-4.1-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.1-testing] Config.mk: delete accidentally introduced drivel X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Jackson # Date 1358425368 0 # Node ID a064a93a1eadff8adc14b488c6beb4ccdc7931ae # Parent e380ec481308cf38247bbe6d605836fc31d9db94 Config.mk: delete accidentally introduced drivel --- diff -r e380ec481308 -r a064a93a1ead Config.mk --- a/Config.mk Thu Jan 17 12:11:34 2013 +0000 +++ b/Config.mk Thu Jan 17 12:22:48 2013 +0000 @@ -1,6 +1,3 @@ -pulling from ssh://xenbits.xen.org//home/xen/HG/staging/xen-4.1-testing.hg -searching for changes -no changes found # -*- mode: Makefile; -*- # A debug build of Xen and tools? _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 16:12:29 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 16:12:29 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwEYM-000383-LS; Fri, 18 Jan 2013 16:12:26 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwEYL-00037p-Bg for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 16:12:25 +0000 Received: from [85.158.139.83:11309] by server-7.bemta-5.messagelabs.com id AB/88-12612-86479F05; Fri, 18 Jan 2013 16:12:24 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-4.tower-182.messagelabs.com!1358525542!25751135!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 28266 invoked from network); 18 Jan 2013 16:12:23 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-4.tower-182.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 16:12:23 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwEX7-0006xU-88 for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 16:11:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TwEX6-0004UA-To for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 16:11:08 +0000 Message-Id: Date: Fri, 18 Jan 2013 16:11:08 +0000 From: Xen patchbot-4.1-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.1-testing] QEMU_TAG update X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Jackson # Date 1358424694 0 # Node ID e380ec481308cf38247bbe6d605836fc31d9db94 # Parent 8fe0e86c2ac27e22121aa9c70ddf5eacbb3051d0 QEMU_TAG update --- diff -r 8fe0e86c2ac2 -r e380ec481308 Config.mk --- a/Config.mk Wed Jan 16 14:15:12 2013 +0000 +++ b/Config.mk Thu Jan 17 12:11:34 2013 +0000 @@ -1,3 +1,6 @@ +pulling from ssh://xenbits.xen.org//home/xen/HG/staging/xen-4.1-testing.hg +searching for changes +no changes found # -*- mode: Makefile; -*- # A debug build of Xen and tools? @@ -179,9 +182,9 @@ endif # CONFIG_QEMU ?= `pwd`/$(XEN_ROOT)/../qemu-xen.git CONFIG_QEMU ?= $(QEMU_REMOTE) -QEMU_TAG ?= b4e9b8169dedc0bcf0d3abe07642f761ac70aeea -# Sun Dec 2 20:11:22 2012 -0800 -# e1000: Discard packets that are too long if !SBP and !LPE +QEMU_TAG ?= deb53183e0274a3eaae1577b0d47eb5ef1d8986c +# Wed Dec 5 13:31:30 2012 -0500 +# e1000: Discard oversized packets based on SBP|LPE # Optional components XENSTAT_XENTOP ?= y _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 16:12:29 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 16:12:29 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwEYM-000383-LS; Fri, 18 Jan 2013 16:12:26 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwEYL-00037p-Bg for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 16:12:25 +0000 Received: from [85.158.139.83:11309] by server-7.bemta-5.messagelabs.com id AB/88-12612-86479F05; Fri, 18 Jan 2013 16:12:24 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-4.tower-182.messagelabs.com!1358525542!25751135!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 28266 invoked from network); 18 Jan 2013 16:12:23 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-4.tower-182.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 16:12:23 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwEX7-0006xU-88 for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 16:11:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TwEX6-0004UA-To for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 16:11:08 +0000 Message-Id: Date: Fri, 18 Jan 2013 16:11:08 +0000 From: Xen patchbot-4.1-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.1-testing] QEMU_TAG update X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Jackson # Date 1358424694 0 # Node ID e380ec481308cf38247bbe6d605836fc31d9db94 # Parent 8fe0e86c2ac27e22121aa9c70ddf5eacbb3051d0 QEMU_TAG update --- diff -r 8fe0e86c2ac2 -r e380ec481308 Config.mk --- a/Config.mk Wed Jan 16 14:15:12 2013 +0000 +++ b/Config.mk Thu Jan 17 12:11:34 2013 +0000 @@ -1,3 +1,6 @@ +pulling from ssh://xenbits.xen.org//home/xen/HG/staging/xen-4.1-testing.hg +searching for changes +no changes found # -*- mode: Makefile; -*- # A debug build of Xen and tools? @@ -179,9 +182,9 @@ endif # CONFIG_QEMU ?= `pwd`/$(XEN_ROOT)/../qemu-xen.git CONFIG_QEMU ?= $(QEMU_REMOTE) -QEMU_TAG ?= b4e9b8169dedc0bcf0d3abe07642f761ac70aeea -# Sun Dec 2 20:11:22 2012 -0800 -# e1000: Discard packets that are too long if !SBP and !LPE +QEMU_TAG ?= deb53183e0274a3eaae1577b0d47eb5ef1d8986c +# Wed Dec 5 13:31:30 2012 -0500 +# e1000: Discard oversized packets based on SBP|LPE # Optional components XENSTAT_XENTOP ?= y _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 16:13:16 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 16:13:16 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwEZ8-0003ET-83; Fri, 18 Jan 2013 16:13:14 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwEZ7-0003E2-8T for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 16:13:13 +0000 Received: from [85.158.139.211:5883] by server-8.bemta-5.messagelabs.com id 14/FE-10544-89479F05; Fri, 18 Jan 2013 16:13:12 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-6.tower-206.messagelabs.com!1358525589!18732275!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 9846 invoked from network); 18 Jan 2013 16:13:10 -0000 Received: from unknown (HELO mail.xen.org) (50.57.168.107) by server-6.tower-206.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 16:13:10 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwEX9-0006xg-1N for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 16:11:11 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TwEX8-0004V8-Te for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 16:11:10 +0000 Message-Id: Date: Fri, 18 Jan 2013 16:11:10 +0000 From: Xen patchbot-4.1-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.1-testing] QEMU_TAG update X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Jackson # Date 1358439062 0 # Node ID 546308d166834ae45113e44e5ba09ba4e76e98e6 # Parent a98031db0f288dee01ab6a0d695929bbbfc297cb QEMU_TAG update --- diff -r a98031db0f28 -r 546308d16683 Config.mk --- a/Config.mk Thu Jan 17 15:19:41 2013 +0100 +++ b/Config.mk Thu Jan 17 16:11:02 2013 +0000 @@ -179,9 +179,9 @@ endif # CONFIG_QEMU ?= `pwd`/$(XEN_ROOT)/../qemu-xen.git CONFIG_QEMU ?= $(QEMU_REMOTE) -QEMU_TAG ?= deb53183e0274a3eaae1577b0d47eb5ef1d8986c -# Wed Dec 5 13:31:30 2012 -0500 -# e1000: Discard oversized packets based on SBP|LPE +QEMU_TAG ?= 7a3a2aaa8fd1049fa0f033c5113e165900c84758 +# Thu Jan 17 15:52:16 2013 +0000 +# e1000: fix compile warning introduced by security fix, and debugging # Optional components XENSTAT_XENTOP ?= y _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Fri Jan 18 16:13:16 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Fri, 18 Jan 2013 16:13:16 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwEZ8-0003ET-83; Fri, 18 Jan 2013 16:13:14 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwEZ7-0003E2-8T for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 16:13:13 +0000 Received: from [85.158.139.211:5883] by server-8.bemta-5.messagelabs.com id 14/FE-10544-89479F05; Fri, 18 Jan 2013 16:13:12 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-6.tower-206.messagelabs.com!1358525589!18732275!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 9846 invoked from network); 18 Jan 2013 16:13:10 -0000 Received: from unknown (HELO mail.xen.org) (50.57.168.107) by server-6.tower-206.messagelabs.com with AES256-SHA encrypted SMTP; 18 Jan 2013 16:13:10 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwEX9-0006xg-1N for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 16:11:11 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TwEX8-0004V8-Te for xen-changelog@lists.xensource.com; Fri, 18 Jan 2013 16:11:10 +0000 Message-Id: Date: Fri, 18 Jan 2013 16:11:10 +0000 From: Xen patchbot-4.1-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.1-testing] QEMU_TAG update X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Jackson # Date 1358439062 0 # Node ID 546308d166834ae45113e44e5ba09ba4e76e98e6 # Parent a98031db0f288dee01ab6a0d695929bbbfc297cb QEMU_TAG update --- diff -r a98031db0f28 -r 546308d16683 Config.mk --- a/Config.mk Thu Jan 17 15:19:41 2013 +0100 +++ b/Config.mk Thu Jan 17 16:11:02 2013 +0000 @@ -179,9 +179,9 @@ endif # CONFIG_QEMU ?= `pwd`/$(XEN_ROOT)/../qemu-xen.git CONFIG_QEMU ?= $(QEMU_REMOTE) -QEMU_TAG ?= deb53183e0274a3eaae1577b0d47eb5ef1d8986c -# Wed Dec 5 13:31:30 2012 -0500 -# e1000: Discard oversized packets based on SBP|LPE +QEMU_TAG ?= 7a3a2aaa8fd1049fa0f033c5113e165900c84758 +# Thu Jan 17 15:52:16 2013 +0000 +# e1000: fix compile warning introduced by security fix, and debugging # Optional components XENSTAT_XENTOP ?= y _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Sat Jan 19 01:33:18 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Sat, 19 Jan 2013 01:33:18 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNJ3-0007Vj-LF; Sat, 19 Jan 2013 01:33:13 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNJ1-0007VI-Rt for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:12 +0000 Received: from [85.158.137.99:2273] by server-16.bemta-3.messagelabs.com id 25/57-31306-6D7F9F05; Sat, 19 Jan 2013 01:33:10 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-14.tower-217.messagelabs.com!1358559189!17572722!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 14836 invoked from network); 19 Jan 2013 01:33:10 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-14.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 19 Jan 2013 01:33:10 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNIy-00030d-I0 for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:08 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TwNIx-0001mI-VN for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:08 +0000 Message-Id: Date: Sat, 19 Jan 2013 01:33:07 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xenconsoled: use grant references instead of map_foreign_range X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1358441301 0 # Node ID e9d949a0798e60472f6f7ffbc5e117e7adb6e37c # Parent 126ce5f1855ba21ae24fc1c0981e5c05a3245bad xenconsoled: use grant references instead of map_foreign_range Grant references for the xenstore and xenconsole shared pages exist, but currently only xenstore uses these references. Change the xenconsole daemon to prefer using the grant reference over map_foreign_range when mapping the shared console ring. This allows xenconsoled to be run in a domain other than dom0 if set up correctly - for libxl, the xenstore path /tool/xenconsoled/domid specifies the domain containing xenconsoled. Signed-off-by: Daniel De Graaf Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r 126ce5f1855b -r e9d949a0798e tools/console/daemon/io.c --- a/tools/console/daemon/io.c Thu Jan 17 15:55:51 2013 +0000 +++ b/tools/console/daemon/io.c Thu Jan 17 16:48:21 2013 +0000 @@ -24,6 +24,7 @@ #include "io.h" #include #include +#include #include #include @@ -67,6 +68,8 @@ static int log_time_hv_needts = 1; static int log_time_guest_needts = 1; static int log_hv_fd = -1; +static xc_gnttab *xcg_handle = NULL; + static struct pollfd *fds; static unsigned int current_array_size; static unsigned int nr_fds; @@ -506,6 +509,18 @@ static int xs_gather(struct xs_handle *x va_end(ap); return ret; } + +static void domain_unmap_interface(struct domain *dom) +{ + if (dom->interface == NULL) + return; + if (xcg_handle && dom->ring_ref == -1) + xc_gnttab_munmap(xcg_handle, dom->interface, 1); + else + munmap(dom->interface, getpagesize()); + dom->interface = NULL; + dom->ring_ref = -1; +} static int domain_create_ring(struct domain *dom) { @@ -527,9 +542,19 @@ static int domain_create_ring(struct dom } free(type); - if (ring_ref != dom->ring_ref) { - if (dom->interface != NULL) - munmap(dom->interface, getpagesize()); + /* If using ring_ref and it has changed, remap */ + if (ring_ref != dom->ring_ref && dom->ring_ref != -1) + domain_unmap_interface(dom); + + if (!dom->interface && xcg_handle) { + /* Prefer using grant table */ + dom->interface = xc_gnttab_map_grant_ref(xcg_handle, + dom->domid, GNTTAB_RESERVED_CONSOLE, + PROT_READ|PROT_WRITE); + dom->ring_ref = -1; + } + if (!dom->interface) { + /* Fall back to xc_map_foreign_range */ dom->interface = xc_map_foreign_range( xc, dom->domid, getpagesize(), PROT_READ|PROT_WRITE, @@ -725,9 +750,7 @@ static void shutdown_domain(struct domai { d->is_dead = true; watch_domain(d, false); - if (d->interface != NULL) - munmap(d->interface, getpagesize()); - d->interface = NULL; + domain_unmap_interface(d); if (d->xce_handle != NULL) xc_evtchn_close(d->xce_handle); d->xce_handle = NULL; @@ -735,7 +758,7 @@ static void shutdown_domain(struct domai static unsigned enum_pass = 0; -void enum_domains(void) +static void enum_domains(void) { int domid = 1; xc_dominfo_t dominfo; @@ -996,6 +1019,14 @@ void handle_io(void) } } + xcg_handle = xc_gnttab_open(NULL, 0); + if (xcg_handle == NULL) { + dolog(LOG_DEBUG, "Failed to open xcg handle: %d (%s)", + errno, strerror(errno)); + } + + enum_domains(); + for (;;) { struct domain *d, *n; int poll_timeout; /* timeout in milliseconds */ @@ -1165,6 +1196,10 @@ void handle_io(void) xc_evtchn_close(xce_handle); xce_handle = NULL; } + if (xcg_handle != NULL) { + xc_gnttab_close(xcg_handle); + xcg_handle = NULL; + } log_hv_evtchn = -1; } diff -r 126ce5f1855b -r e9d949a0798e tools/console/daemon/io.h --- a/tools/console/daemon/io.h Thu Jan 17 15:55:51 2013 +0000 +++ b/tools/console/daemon/io.h Thu Jan 17 16:48:21 2013 +0000 @@ -21,7 +21,6 @@ #ifndef CONSOLED_IO_H #define CONSOLED_IO_H -void enum_domains(void); void handle_io(void); #endif diff -r 126ce5f1855b -r e9d949a0798e tools/console/daemon/main.c --- a/tools/console/daemon/main.c Thu Jan 17 15:55:51 2013 +0000 +++ b/tools/console/daemon/main.c Thu Jan 17 16:48:21 2013 +0000 @@ -161,8 +161,6 @@ int main(int argc, char **argv) if (!xen_setup()) exit(1); - enum_domains(); - handle_io(); closelog(); _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Sat Jan 19 01:33:18 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Sat, 19 Jan 2013 01:33:18 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNJ3-0007Vj-LF; Sat, 19 Jan 2013 01:33:13 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNJ1-0007VI-Rt for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:12 +0000 Received: from [85.158.137.99:2273] by server-16.bemta-3.messagelabs.com id 25/57-31306-6D7F9F05; Sat, 19 Jan 2013 01:33:10 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-14.tower-217.messagelabs.com!1358559189!17572722!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 14836 invoked from network); 19 Jan 2013 01:33:10 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-14.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 19 Jan 2013 01:33:10 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNIy-00030d-I0 for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:08 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TwNIx-0001mI-VN for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:08 +0000 Message-Id: Date: Sat, 19 Jan 2013 01:33:07 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xenconsoled: use grant references instead of map_foreign_range X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1358441301 0 # Node ID e9d949a0798e60472f6f7ffbc5e117e7adb6e37c # Parent 126ce5f1855ba21ae24fc1c0981e5c05a3245bad xenconsoled: use grant references instead of map_foreign_range Grant references for the xenstore and xenconsole shared pages exist, but currently only xenstore uses these references. Change the xenconsole daemon to prefer using the grant reference over map_foreign_range when mapping the shared console ring. This allows xenconsoled to be run in a domain other than dom0 if set up correctly - for libxl, the xenstore path /tool/xenconsoled/domid specifies the domain containing xenconsoled. Signed-off-by: Daniel De Graaf Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r 126ce5f1855b -r e9d949a0798e tools/console/daemon/io.c --- a/tools/console/daemon/io.c Thu Jan 17 15:55:51 2013 +0000 +++ b/tools/console/daemon/io.c Thu Jan 17 16:48:21 2013 +0000 @@ -24,6 +24,7 @@ #include "io.h" #include #include +#include #include #include @@ -67,6 +68,8 @@ static int log_time_hv_needts = 1; static int log_time_guest_needts = 1; static int log_hv_fd = -1; +static xc_gnttab *xcg_handle = NULL; + static struct pollfd *fds; static unsigned int current_array_size; static unsigned int nr_fds; @@ -506,6 +509,18 @@ static int xs_gather(struct xs_handle *x va_end(ap); return ret; } + +static void domain_unmap_interface(struct domain *dom) +{ + if (dom->interface == NULL) + return; + if (xcg_handle && dom->ring_ref == -1) + xc_gnttab_munmap(xcg_handle, dom->interface, 1); + else + munmap(dom->interface, getpagesize()); + dom->interface = NULL; + dom->ring_ref = -1; +} static int domain_create_ring(struct domain *dom) { @@ -527,9 +542,19 @@ static int domain_create_ring(struct dom } free(type); - if (ring_ref != dom->ring_ref) { - if (dom->interface != NULL) - munmap(dom->interface, getpagesize()); + /* If using ring_ref and it has changed, remap */ + if (ring_ref != dom->ring_ref && dom->ring_ref != -1) + domain_unmap_interface(dom); + + if (!dom->interface && xcg_handle) { + /* Prefer using grant table */ + dom->interface = xc_gnttab_map_grant_ref(xcg_handle, + dom->domid, GNTTAB_RESERVED_CONSOLE, + PROT_READ|PROT_WRITE); + dom->ring_ref = -1; + } + if (!dom->interface) { + /* Fall back to xc_map_foreign_range */ dom->interface = xc_map_foreign_range( xc, dom->domid, getpagesize(), PROT_READ|PROT_WRITE, @@ -725,9 +750,7 @@ static void shutdown_domain(struct domai { d->is_dead = true; watch_domain(d, false); - if (d->interface != NULL) - munmap(d->interface, getpagesize()); - d->interface = NULL; + domain_unmap_interface(d); if (d->xce_handle != NULL) xc_evtchn_close(d->xce_handle); d->xce_handle = NULL; @@ -735,7 +758,7 @@ static void shutdown_domain(struct domai static unsigned enum_pass = 0; -void enum_domains(void) +static void enum_domains(void) { int domid = 1; xc_dominfo_t dominfo; @@ -996,6 +1019,14 @@ void handle_io(void) } } + xcg_handle = xc_gnttab_open(NULL, 0); + if (xcg_handle == NULL) { + dolog(LOG_DEBUG, "Failed to open xcg handle: %d (%s)", + errno, strerror(errno)); + } + + enum_domains(); + for (;;) { struct domain *d, *n; int poll_timeout; /* timeout in milliseconds */ @@ -1165,6 +1196,10 @@ void handle_io(void) xc_evtchn_close(xce_handle); xce_handle = NULL; } + if (xcg_handle != NULL) { + xc_gnttab_close(xcg_handle); + xcg_handle = NULL; + } log_hv_evtchn = -1; } diff -r 126ce5f1855b -r e9d949a0798e tools/console/daemon/io.h --- a/tools/console/daemon/io.h Thu Jan 17 15:55:51 2013 +0000 +++ b/tools/console/daemon/io.h Thu Jan 17 16:48:21 2013 +0000 @@ -21,7 +21,6 @@ #ifndef CONSOLED_IO_H #define CONSOLED_IO_H -void enum_domains(void); void handle_io(void); #endif diff -r 126ce5f1855b -r e9d949a0798e tools/console/daemon/main.c --- a/tools/console/daemon/main.c Thu Jan 17 15:55:51 2013 +0000 +++ b/tools/console/daemon/main.c Thu Jan 17 16:48:21 2013 +0000 @@ -161,8 +161,6 @@ int main(int argc, char **argv) if (!xen_setup()) exit(1); - enum_domains(); - handle_io(); closelog(); _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Sat Jan 19 01:33:18 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Sat, 19 Jan 2013 01:33:18 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNJ6-0007Wj-1l; Sat, 19 Jan 2013 01:33:16 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNJ4-0007Vy-QL for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:14 +0000 Received: from [85.158.138.51:9196] by server-1.bemta-3.messagelabs.com id A0/00-26046-9D7F9F05; Sat, 19 Jan 2013 01:33:13 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-12.tower-174.messagelabs.com!1358559192!19821257!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 12575 invoked from network); 19 Jan 2013 01:33:13 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-12.tower-174.messagelabs.com with AES256-SHA encrypted SMTP; 19 Jan 2013 01:33:13 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNJ1-00030v-QE for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:11 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TwNJ1-0001np-MA for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:11 +0000 Message-Id: Date: Sat, 19 Jan 2013 01:33:11 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen: arm: fix assert in select_user_reg X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1358441305 0 # Node ID 025f202f3022c30d1ec3b6ffcb72861c43a32cf7 # Parent 89cb9808e7bb864fd6bb3d5177d216c31c10fa85 xen: arm: fix assert in select_user_reg The condition was inverted. Signed-off-by: Ian Campbell Acked-by: Stefano Stabellini Committed-by: Ian Campbell --- diff -r 89cb9808e7bb -r 025f202f3022 xen/arch/arm/traps.c --- a/xen/arch/arm/traps.c Thu Jan 17 16:48:24 2013 +0000 +++ b/xen/arch/arm/traps.c Thu Jan 17 16:48:25 2013 +0000 @@ -75,7 +75,7 @@ static void print_xen_info(void) uint32_t *select_user_reg(struct cpu_user_regs *regs, int reg) { - BUG_ON( guest_mode(regs) ); + BUG_ON( !guest_mode(regs) ); /* * We rely heavily on the layout of cpu_user_regs to avoid having _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Sat Jan 19 01:33:18 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Sat, 19 Jan 2013 01:33:18 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNJ6-0007Wj-1l; Sat, 19 Jan 2013 01:33:16 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNJ4-0007Vy-QL for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:14 +0000 Received: from [85.158.138.51:9196] by server-1.bemta-3.messagelabs.com id A0/00-26046-9D7F9F05; Sat, 19 Jan 2013 01:33:13 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-12.tower-174.messagelabs.com!1358559192!19821257!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 12575 invoked from network); 19 Jan 2013 01:33:13 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-12.tower-174.messagelabs.com with AES256-SHA encrypted SMTP; 19 Jan 2013 01:33:13 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNJ1-00030v-QE for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:11 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TwNJ1-0001np-MA for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:11 +0000 Message-Id: Date: Sat, 19 Jan 2013 01:33:11 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen: arm: fix assert in select_user_reg X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1358441305 0 # Node ID 025f202f3022c30d1ec3b6ffcb72861c43a32cf7 # Parent 89cb9808e7bb864fd6bb3d5177d216c31c10fa85 xen: arm: fix assert in select_user_reg The condition was inverted. Signed-off-by: Ian Campbell Acked-by: Stefano Stabellini Committed-by: Ian Campbell --- diff -r 89cb9808e7bb -r 025f202f3022 xen/arch/arm/traps.c --- a/xen/arch/arm/traps.c Thu Jan 17 16:48:24 2013 +0000 +++ b/xen/arch/arm/traps.c Thu Jan 17 16:48:25 2013 +0000 @@ -75,7 +75,7 @@ static void print_xen_info(void) uint32_t *select_user_reg(struct cpu_user_regs *regs, int reg) { - BUG_ON( guest_mode(regs) ); + BUG_ON( !guest_mode(regs) ); /* * We rely heavily on the layout of cpu_user_regs to avoid having _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Sat Jan 19 01:33:18 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Sat, 19 Jan 2013 01:33:18 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNJ4-0007WH-TC; Sat, 19 Jan 2013 01:33:14 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNJ3-0007VU-AM for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:13 +0000 Received: from [85.158.138.51:9131] by server-6.bemta-3.messagelabs.com id 4E/01-25504-7D7F9F05; Sat, 19 Jan 2013 01:33:11 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-13.tower-174.messagelabs.com!1358559189!9951288!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 30413 invoked from network); 19 Jan 2013 01:33:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-13.tower-174.messagelabs.com with AES256-SHA encrypted SMTP; 19 Jan 2013 01:33:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNIz-00030j-M7 for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TwNIz-0001mo-HC for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:09 +0000 Message-Id: Date: Sat, 19 Jan 2013 01:33:08 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen: arm: Correct register values and comment in early init_uart. X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Lars Rasmusson # Date 1358441302 0 # Node ID afe9bed5e25bd02daf7adcdd31777bb54f0ee567 # Parent e490bf88e0d856ca9281bd131d0972a463b32b68 xen: arm: Correct register values and comment in early init_uart. Set register values and comment in early init_uart to match documentation of PL011 UART Reading the PL011 UART documentation on http://infocenter.arm.com/help/topic/com.arm.doc.ddi0183f/DDI0183.pdf in sec 3.2 shows the early initialisation of the UART on the Versatile Express is incorrect. This fixes it. Signed-off-by: Lars Rasmusson Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r e490bf88e0d8 -r afe9bed5e25b xen/arch/arm/arm32/head.S --- a/xen/arch/arm/arm32/head.S Thu Jan 17 16:48:21 2013 +0000 +++ b/xen/arch/arm/arm32/head.S Thu Jan 17 16:48:22 2013 +0000 @@ -352,11 +352,11 @@ 1: wfe * Clobbers r0-r2 */ init_uart: mov r1, #0x0 - str r1, [r11, #0x24] /* -> UARTIBRD (Baud divisor fraction) */ + str r1, [r11, #0x28] /* -> UARTFBRD (Baud divisor fraction) */ mov r1, #0x4 /* 7.3728MHz / 0x4 == 16 * 115200 */ str r1, [r11, #0x24] /* -> UARTIBRD (Baud divisor integer) */ mov r1, #0x60 /* 8n1 */ - str r1, [r11, #0x24] /* -> UARTLCR_H (Line control) */ + str r1, [r11, #0x2C] /* -> UARTLCR_H (Line control) */ ldr r1, =0x00000301 /* RXE | TXE | UARTEN */ str r1, [r11, #0x30] /* -> UARTCR (Control Register) */ adr r0, 1f _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Sat Jan 19 01:33:18 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Sat, 19 Jan 2013 01:33:18 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNJ4-0007WH-TC; Sat, 19 Jan 2013 01:33:14 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNJ3-0007VU-AM for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:13 +0000 Received: from [85.158.138.51:9131] by server-6.bemta-3.messagelabs.com id 4E/01-25504-7D7F9F05; Sat, 19 Jan 2013 01:33:11 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-13.tower-174.messagelabs.com!1358559189!9951288!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 30413 invoked from network); 19 Jan 2013 01:33:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-13.tower-174.messagelabs.com with AES256-SHA encrypted SMTP; 19 Jan 2013 01:33:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNIz-00030j-M7 for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TwNIz-0001mo-HC for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:09 +0000 Message-Id: Date: Sat, 19 Jan 2013 01:33:08 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen: arm: Correct register values and comment in early init_uart. X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Lars Rasmusson # Date 1358441302 0 # Node ID afe9bed5e25bd02daf7adcdd31777bb54f0ee567 # Parent e490bf88e0d856ca9281bd131d0972a463b32b68 xen: arm: Correct register values and comment in early init_uart. Set register values and comment in early init_uart to match documentation of PL011 UART Reading the PL011 UART documentation on http://infocenter.arm.com/help/topic/com.arm.doc.ddi0183f/DDI0183.pdf in sec 3.2 shows the early initialisation of the UART on the Versatile Express is incorrect. This fixes it. Signed-off-by: Lars Rasmusson Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r e490bf88e0d8 -r afe9bed5e25b xen/arch/arm/arm32/head.S --- a/xen/arch/arm/arm32/head.S Thu Jan 17 16:48:21 2013 +0000 +++ b/xen/arch/arm/arm32/head.S Thu Jan 17 16:48:22 2013 +0000 @@ -352,11 +352,11 @@ 1: wfe * Clobbers r0-r2 */ init_uart: mov r1, #0x0 - str r1, [r11, #0x24] /* -> UARTIBRD (Baud divisor fraction) */ + str r1, [r11, #0x28] /* -> UARTFBRD (Baud divisor fraction) */ mov r1, #0x4 /* 7.3728MHz / 0x4 == 16 * 115200 */ str r1, [r11, #0x24] /* -> UARTIBRD (Baud divisor integer) */ mov r1, #0x60 /* 8n1 */ - str r1, [r11, #0x24] /* -> UARTLCR_H (Line control) */ + str r1, [r11, #0x2C] /* -> UARTLCR_H (Line control) */ ldr r1, =0x00000301 /* RXE | TXE | UARTEN */ str r1, [r11, #0x30] /* -> UARTCR (Control Register) */ adr r0, 1f _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Sat Jan 19 01:33:18 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Sat, 19 Jan 2013 01:33:18 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNJ4-0007WC-Qc; Sat, 19 Jan 2013 01:33:14 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNJ2-0007VQ-V9 for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:13 +0000 Received: from [85.158.143.99:54542] by server-3.bemta-4.messagelabs.com id 02/58-10689-8D7F9F05; Sat, 19 Jan 2013 01:33:12 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-16.tower-216.messagelabs.com!1358559190!17372738!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 28436 invoked from network); 19 Jan 2013 01:33:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-16.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 19 Jan 2013 01:33:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNJ0-00030m-8j for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TwNJ0-0001n6-3F for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:10 +0000 Message-Id: Date: Sat, 19 Jan 2013 01:33:09 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen: return a per-mapping error from XENMEM_add_to_physmap_range. X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1358441303 0 # Node ID 15a02be467b5ba2cc1dd0eb80e6355af5cb19567 # Parent afe9bed5e25bd02daf7adcdd31777bb54f0ee567 xen: return a per-mapping error from XENMEM_add_to_physmap_range. Since ARM and PVH dom0 kernel use this to map foreign domain pages they could in the future hit paged out or shared pages etc and therefore need to propagate which frames are -ENOENT and which failed for some other reason. We have not yet released a version of Xen with this particular hypercall subop so we can change the interface without worrying about compatibility (I think/hope). This would be used by the privcmd driver, in particular it relates to Mats' patch "improve performance of MMAPBATCH_V2." NB I have only implemented the ARM side since the PVH side isn't in tree yet. Signed-off-by: Ian Campbell Acked-by: Stefano Stabellini Acked-by: Keir Fraser Acked-by: Mats Petersson Committed-by: Ian Campbell --- diff -r afe9bed5e25b -r 15a02be467b5 xen/arch/arm/mm.c --- a/xen/arch/arm/mm.c Thu Jan 17 16:48:22 2013 +0000 +++ b/xen/arch/arm/mm.c Thu Jan 17 16:48:23 2013 +0000 @@ -612,6 +612,10 @@ static int xenmem_add_to_physmap_range(s xatpr->foreign_domid, idx, gpfn); + rc = copy_to_guest_offset(xatpr->errs, xatpr->size-1, &rc, 1); + if ( rc < 0 ) + goto out; + xatpr->size--; /* Check for continuation if it's not the last interation */ diff -r afe9bed5e25b -r 15a02be467b5 xen/include/public/memory.h --- a/xen/include/public/memory.h Thu Jan 17 16:48:22 2013 +0000 +++ b/xen/include/public/memory.h Thu Jan 17 16:48:23 2013 +0000 @@ -236,6 +236,7 @@ DEFINE_XEN_GUEST_HANDLE(xen_add_to_physm /* A batched version of add_to_physmap. */ #define XENMEM_add_to_physmap_range 23 struct xen_add_to_physmap_range { + /* IN */ /* Which domain to change the mapping for. */ domid_t domid; uint16_t space; /* => enum phys_map_space */ @@ -247,8 +248,13 @@ struct xen_add_to_physmap_range { /* Indexes into space being mapped. */ XEN_GUEST_HANDLE(xen_ulong_t) idxs; - /* GPFN in domdwhere the source mapping page should appear. */ + /* GPFN in domid where the source mapping page should appear. */ XEN_GUEST_HANDLE(xen_pfn_t) gpfns; + + /* OUT */ + + /* Per index error code. */ + XEN_GUEST_HANDLE(int) errs; }; typedef struct xen_add_to_physmap_range xen_add_to_physmap_range_t; DEFINE_XEN_GUEST_HANDLE(xen_add_to_physmap_range_t); _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Sat Jan 19 01:33:18 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Sat, 19 Jan 2013 01:33:18 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNJ4-0007WC-Qc; Sat, 19 Jan 2013 01:33:14 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNJ2-0007VQ-V9 for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:13 +0000 Received: from [85.158.143.99:54542] by server-3.bemta-4.messagelabs.com id 02/58-10689-8D7F9F05; Sat, 19 Jan 2013 01:33:12 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-16.tower-216.messagelabs.com!1358559190!17372738!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 28436 invoked from network); 19 Jan 2013 01:33:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-16.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 19 Jan 2013 01:33:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNJ0-00030m-8j for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TwNJ0-0001n6-3F for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:10 +0000 Message-Id: Date: Sat, 19 Jan 2013 01:33:09 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen: return a per-mapping error from XENMEM_add_to_physmap_range. X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1358441303 0 # Node ID 15a02be467b5ba2cc1dd0eb80e6355af5cb19567 # Parent afe9bed5e25bd02daf7adcdd31777bb54f0ee567 xen: return a per-mapping error from XENMEM_add_to_physmap_range. Since ARM and PVH dom0 kernel use this to map foreign domain pages they could in the future hit paged out or shared pages etc and therefore need to propagate which frames are -ENOENT and which failed for some other reason. We have not yet released a version of Xen with this particular hypercall subop so we can change the interface without worrying about compatibility (I think/hope). This would be used by the privcmd driver, in particular it relates to Mats' patch "improve performance of MMAPBATCH_V2." NB I have only implemented the ARM side since the PVH side isn't in tree yet. Signed-off-by: Ian Campbell Acked-by: Stefano Stabellini Acked-by: Keir Fraser Acked-by: Mats Petersson Committed-by: Ian Campbell --- diff -r afe9bed5e25b -r 15a02be467b5 xen/arch/arm/mm.c --- a/xen/arch/arm/mm.c Thu Jan 17 16:48:22 2013 +0000 +++ b/xen/arch/arm/mm.c Thu Jan 17 16:48:23 2013 +0000 @@ -612,6 +612,10 @@ static int xenmem_add_to_physmap_range(s xatpr->foreign_domid, idx, gpfn); + rc = copy_to_guest_offset(xatpr->errs, xatpr->size-1, &rc, 1); + if ( rc < 0 ) + goto out; + xatpr->size--; /* Check for continuation if it's not the last interation */ diff -r afe9bed5e25b -r 15a02be467b5 xen/include/public/memory.h --- a/xen/include/public/memory.h Thu Jan 17 16:48:22 2013 +0000 +++ b/xen/include/public/memory.h Thu Jan 17 16:48:23 2013 +0000 @@ -236,6 +236,7 @@ DEFINE_XEN_GUEST_HANDLE(xen_add_to_physm /* A batched version of add_to_physmap. */ #define XENMEM_add_to_physmap_range 23 struct xen_add_to_physmap_range { + /* IN */ /* Which domain to change the mapping for. */ domid_t domid; uint16_t space; /* => enum phys_map_space */ @@ -247,8 +248,13 @@ struct xen_add_to_physmap_range { /* Indexes into space being mapped. */ XEN_GUEST_HANDLE(xen_ulong_t) idxs; - /* GPFN in domdwhere the source mapping page should appear. */ + /* GPFN in domid where the source mapping page should appear. */ XEN_GUEST_HANDLE(xen_pfn_t) gpfns; + + /* OUT */ + + /* Per index error code. */ + XEN_GUEST_HANDLE(int) errs; }; typedef struct xen_add_to_physmap_range xen_add_to_physmap_range_t; DEFINE_XEN_GUEST_HANDLE(xen_add_to_physmap_range_t); _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Sat Jan 19 01:33:19 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Sat, 19 Jan 2013 01:33:19 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNJ3-0007Vo-O8; Sat, 19 Jan 2013 01:33:13 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNJ2-0007VL-OQ for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:12 +0000 Received: from [85.158.138.51:7895] by server-14.bemta-3.messagelabs.com id E4/65-21737-7D7F9F05; Sat, 19 Jan 2013 01:33:11 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-9.tower-174.messagelabs.com!1358559189!28695024!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 4470 invoked from network); 19 Jan 2013 01:33:10 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-9.tower-174.messagelabs.com with AES256-SHA encrypted SMTP; 19 Jan 2013 01:33:10 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNIz-00030g-60 for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TwNIy-0001mZ-NE for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:08 +0000 Message-Id: Date: Sat, 19 Jan 2013 01:33:08 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] libxl: correct xenstore permissions on console device X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1358441301 0 # Node ID e490bf88e0d856ca9281bd131d0972a463b32b68 # Parent e9d949a0798e60472f6f7ffbc5e117e7adb6e37c libxl: correct xenstore permissions on console device When the console is connected to a domain other than dom0, the console device's backend field should be set so the xenstore permissions for the console device reflect the domain that will be accessing them. Signed-off-by: Daniel De Graaf Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r e9d949a0798e -r e490bf88e0d8 tools/libxl/libxl_create.c --- a/tools/libxl/libxl_create.c Thu Jan 17 16:48:21 2013 +0000 +++ b/tools/libxl/libxl_create.c Thu Jan 17 16:48:21 2013 +0000 @@ -967,6 +967,7 @@ static void domcreate_launch_dm(libxl__e ret = init_console_info(&console, 0); if ( ret ) goto error_out; + console.backend_domid = state->console_domid; libxl__device_console_add(gc, domid, &console, state); libxl__device_console_dispose(&console); @@ -999,6 +1000,7 @@ static void domcreate_launch_dm(libxl__e d_config->num_vfbs, d_config->vfbs, d_config->num_disks, &d_config->disks[0]); + console.backend_domid = state->console_domid; libxl__device_console_add(gc, domid, &console, state); libxl__device_console_dispose(&console); _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Sat Jan 19 01:33:19 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Sat, 19 Jan 2013 01:33:19 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNJ3-0007Vo-O8; Sat, 19 Jan 2013 01:33:13 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNJ2-0007VL-OQ for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:12 +0000 Received: from [85.158.138.51:7895] by server-14.bemta-3.messagelabs.com id E4/65-21737-7D7F9F05; Sat, 19 Jan 2013 01:33:11 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-9.tower-174.messagelabs.com!1358559189!28695024!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 4470 invoked from network); 19 Jan 2013 01:33:10 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-9.tower-174.messagelabs.com with AES256-SHA encrypted SMTP; 19 Jan 2013 01:33:10 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNIz-00030g-60 for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TwNIy-0001mZ-NE for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:08 +0000 Message-Id: Date: Sat, 19 Jan 2013 01:33:08 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] libxl: correct xenstore permissions on console device X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Daniel De Graaf # Date 1358441301 0 # Node ID e490bf88e0d856ca9281bd131d0972a463b32b68 # Parent e9d949a0798e60472f6f7ffbc5e117e7adb6e37c libxl: correct xenstore permissions on console device When the console is connected to a domain other than dom0, the console device's backend field should be set so the xenstore permissions for the console device reflect the domain that will be accessing them. Signed-off-by: Daniel De Graaf Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r e9d949a0798e -r e490bf88e0d8 tools/libxl/libxl_create.c --- a/tools/libxl/libxl_create.c Thu Jan 17 16:48:21 2013 +0000 +++ b/tools/libxl/libxl_create.c Thu Jan 17 16:48:21 2013 +0000 @@ -967,6 +967,7 @@ static void domcreate_launch_dm(libxl__e ret = init_console_info(&console, 0); if ( ret ) goto error_out; + console.backend_domid = state->console_domid; libxl__device_console_add(gc, domid, &console, state); libxl__device_console_dispose(&console); @@ -999,6 +1000,7 @@ static void domcreate_launch_dm(libxl__e d_config->num_vfbs, d_config->vfbs, d_config->num_disks, &d_config->disks[0]); + console.backend_domid = state->console_domid; libxl__device_console_add(gc, domid, &console, state); libxl__device_console_dispose(&console); _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Sat Jan 19 01:33:22 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Sat, 19 Jan 2013 01:33:22 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNJ8-0007XE-5z; Sat, 19 Jan 2013 01:33:18 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNJ6-0007Wd-3g for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:16 +0000 Received: from [85.158.143.35:52605] by server-2.bemta-4.messagelabs.com id 91/E6-03518-BD7F9F05; Sat, 19 Jan 2013 01:33:15 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-11.tower-21.messagelabs.com!1358559191!11698310!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 30525 invoked from network); 19 Jan 2013 01:33:13 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-11.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 19 Jan 2013 01:33:13 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNJ1-00030s-9u for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:11 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TwNJ1-0001na-5l for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:11 +0000 Message-Id: Date: Sat, 19 Jan 2013 01:33:10 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen/arm: initialize the GIC irq properties of interrupts routed to guests X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Stefano Stabellini # Date 1358441304 0 # Node ID 89cb9808e7bb864fd6bb3d5177d216c31c10fa85 # Parent adc707c1ebd509673b51c4d321adf7bd7fdd8354 xen/arm: initialize the GIC irq properties of interrupts routed to guests We are currently initializing GIC irq properties (ITARGETSR, IPRIORITYR, and GICD_ICFGR) only in gic_route_irq, that is not called for guest interrupts at all. Move the initialization into a separate function (gic_set_irq_properties) and call it from gic_route_irq_to_guest. Signed-off-by: Stefano Stabellini Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r adc707c1ebd5 -r 89cb9808e7bb xen/arch/arm/gic.c --- a/xen/arch/arm/gic.c Thu Jan 17 16:48:24 2013 +0000 +++ b/xen/arch/arm/gic.c Thu Jan 17 16:48:24 2013 +0000 @@ -174,12 +174,36 @@ static hw_irq_controller gic_guest_irq_t .set_affinity = gic_irq_set_affinity, }; +/* needs to be called with gic.lock held */ +static void gic_set_irq_properties(unsigned int irq, bool_t level, + unsigned int cpu_mask, unsigned int priority) +{ + volatile unsigned char *bytereg; + uint32_t cfg, edgebit; + + /* Set edge / level */ + cfg = GICD[GICD_ICFGR + irq / 16]; + edgebit = 2u << (2 * (irq % 16)); + if ( level ) + cfg &= ~edgebit; + else + cfg |= edgebit; + GICD[GICD_ICFGR + irq / 16] = cfg; + + /* Set target CPU mask (RAZ/WI on uniprocessor) */ + bytereg = (unsigned char *) (GICD + GICD_ITARGETSR); + bytereg[irq] = cpu_mask; + + /* Set priority */ + bytereg = (unsigned char *) (GICD + GICD_IPRIORITYR); + bytereg[irq] = priority; + +} + /* Program the GIC to route an interrupt */ static int gic_route_irq(unsigned int irq, bool_t level, unsigned int cpu_mask, unsigned int priority) { - volatile unsigned char *bytereg; - uint32_t cfg, edgebit; struct irq_desc *desc = irq_to_desc(irq); unsigned long flags; @@ -202,22 +226,7 @@ static int gic_route_irq(unsigned int ir /* Disable interrupt */ desc->handler->shutdown(desc); - /* Set edge / level */ - cfg = GICD[GICD_ICFGR + irq / 16]; - edgebit = 2u << (2 * (irq % 16)); - if ( level ) - cfg &= ~edgebit; - else - cfg |= edgebit; - GICD[GICD_ICFGR + irq / 16] = cfg; - - /* Set target CPU mask (RAZ/WI on uniprocessor) */ - bytereg = (unsigned char *) (GICD + GICD_ITARGETSR); - bytereg[irq] = cpu_mask; - - /* Set priority */ - bytereg = (unsigned char *) (GICD + GICD_IPRIORITYR); - bytereg[irq] = priority; + gic_set_irq_properties(irq, level, cpu_mask, priority); spin_unlock(&gic.lock); spin_unlock_irqrestore(&desc->lock, flags); @@ -561,10 +570,13 @@ int gic_route_irq_to_guest(struct domain action->name = devname; spin_lock_irqsave(&desc->lock, flags); + spin_lock(&gic.lock); desc->handler = &gic_guest_irq_type; desc->status |= IRQ_GUEST; + gic_set_irq_properties(irq, 1, 1u << smp_processor_id(), 0xa0); + retval = __setup_irq(desc, irq, action); if (retval) { xfree(action); @@ -572,6 +584,7 @@ int gic_route_irq_to_guest(struct domain } out: + spin_unlock(&gic.lock); spin_unlock_irqrestore(&desc->lock, flags); return retval; } _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Sat Jan 19 01:33:22 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Sat, 19 Jan 2013 01:33:22 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNJ8-0007XE-5z; Sat, 19 Jan 2013 01:33:18 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNJ6-0007Wd-3g for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:16 +0000 Received: from [85.158.143.35:52605] by server-2.bemta-4.messagelabs.com id 91/E6-03518-BD7F9F05; Sat, 19 Jan 2013 01:33:15 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-11.tower-21.messagelabs.com!1358559191!11698310!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 30525 invoked from network); 19 Jan 2013 01:33:13 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-11.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 19 Jan 2013 01:33:13 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNJ1-00030s-9u for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:11 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TwNJ1-0001na-5l for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:11 +0000 Message-Id: Date: Sat, 19 Jan 2013 01:33:10 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen/arm: initialize the GIC irq properties of interrupts routed to guests X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Stefano Stabellini # Date 1358441304 0 # Node ID 89cb9808e7bb864fd6bb3d5177d216c31c10fa85 # Parent adc707c1ebd509673b51c4d321adf7bd7fdd8354 xen/arm: initialize the GIC irq properties of interrupts routed to guests We are currently initializing GIC irq properties (ITARGETSR, IPRIORITYR, and GICD_ICFGR) only in gic_route_irq, that is not called for guest interrupts at all. Move the initialization into a separate function (gic_set_irq_properties) and call it from gic_route_irq_to_guest. Signed-off-by: Stefano Stabellini Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r adc707c1ebd5 -r 89cb9808e7bb xen/arch/arm/gic.c --- a/xen/arch/arm/gic.c Thu Jan 17 16:48:24 2013 +0000 +++ b/xen/arch/arm/gic.c Thu Jan 17 16:48:24 2013 +0000 @@ -174,12 +174,36 @@ static hw_irq_controller gic_guest_irq_t .set_affinity = gic_irq_set_affinity, }; +/* needs to be called with gic.lock held */ +static void gic_set_irq_properties(unsigned int irq, bool_t level, + unsigned int cpu_mask, unsigned int priority) +{ + volatile unsigned char *bytereg; + uint32_t cfg, edgebit; + + /* Set edge / level */ + cfg = GICD[GICD_ICFGR + irq / 16]; + edgebit = 2u << (2 * (irq % 16)); + if ( level ) + cfg &= ~edgebit; + else + cfg |= edgebit; + GICD[GICD_ICFGR + irq / 16] = cfg; + + /* Set target CPU mask (RAZ/WI on uniprocessor) */ + bytereg = (unsigned char *) (GICD + GICD_ITARGETSR); + bytereg[irq] = cpu_mask; + + /* Set priority */ + bytereg = (unsigned char *) (GICD + GICD_IPRIORITYR); + bytereg[irq] = priority; + +} + /* Program the GIC to route an interrupt */ static int gic_route_irq(unsigned int irq, bool_t level, unsigned int cpu_mask, unsigned int priority) { - volatile unsigned char *bytereg; - uint32_t cfg, edgebit; struct irq_desc *desc = irq_to_desc(irq); unsigned long flags; @@ -202,22 +226,7 @@ static int gic_route_irq(unsigned int ir /* Disable interrupt */ desc->handler->shutdown(desc); - /* Set edge / level */ - cfg = GICD[GICD_ICFGR + irq / 16]; - edgebit = 2u << (2 * (irq % 16)); - if ( level ) - cfg &= ~edgebit; - else - cfg |= edgebit; - GICD[GICD_ICFGR + irq / 16] = cfg; - - /* Set target CPU mask (RAZ/WI on uniprocessor) */ - bytereg = (unsigned char *) (GICD + GICD_ITARGETSR); - bytereg[irq] = cpu_mask; - - /* Set priority */ - bytereg = (unsigned char *) (GICD + GICD_IPRIORITYR); - bytereg[irq] = priority; + gic_set_irq_properties(irq, level, cpu_mask, priority); spin_unlock(&gic.lock); spin_unlock_irqrestore(&desc->lock, flags); @@ -561,10 +570,13 @@ int gic_route_irq_to_guest(struct domain action->name = devname; spin_lock_irqsave(&desc->lock, flags); + spin_lock(&gic.lock); desc->handler = &gic_guest_irq_type; desc->status |= IRQ_GUEST; + gic_set_irq_properties(irq, 1, 1u << smp_processor_id(), 0xa0); + retval = __setup_irq(desc, irq, action); if (retval) { xfree(action); @@ -572,6 +584,7 @@ int gic_route_irq_to_guest(struct domain } out: + spin_unlock(&gic.lock); spin_unlock_irqrestore(&desc->lock, flags); return retval; } _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Sat Jan 19 01:34:17 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Sat, 19 Jan 2013 01:34:17 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNK3-0007s8-Am; Sat, 19 Jan 2013 01:34:15 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNK1-0007pQ-2y for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:34:13 +0000 Received: from [85.158.139.211:28524] by server-3.bemta-5.messagelabs.com id 63/C7-15993-418F9F05; Sat, 19 Jan 2013 01:34:12 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-6.tower-206.messagelabs.com!1358559250!18773213!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 21446 invoked from network); 19 Jan 2013 01:34:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-6.tower-206.messagelabs.com with AES256-SHA encrypted SMTP; 19 Jan 2013 01:34:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNJ0-00030p-PW for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TwNJ0-0001nL-LQ for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:10 +0000 Message-Id: Date: Sat, 19 Jan 2013 01:33:10 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen/arm: support the ARM generic virtual timer X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Stefano Stabellini # Date 1358441304 0 # Node ID adc707c1ebd509673b51c4d321adf7bd7fdd8354 # Parent 15a02be467b5ba2cc1dd0eb80e6355af5cb19567 xen/arm: support the ARM generic virtual timer Save and restore the virtual timer registers during the context switch. At save time initialize an internal Xen timer to make sure that Xen schedules the guest vcpu at the time of the next virtual timer interrupt. Receive the virtual timer interrupt into the hypervisor and inject it into the running guest. Signed-off-by: Stefano Stabellini Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r 15a02be467b5 -r adc707c1ebd5 xen/arch/arm/domain.c --- a/xen/arch/arm/domain.c Thu Jan 17 16:48:23 2013 +0000 +++ b/xen/arch/arm/domain.c Thu Jan 17 16:48:24 2013 +0000 @@ -51,9 +51,7 @@ static void ctxt_switch_from(struct vcpu p->arch.tpidrprw = READ_CP32(TPIDRPRW); /* Arch timer */ - p->arch.cntvoff = READ_CP64(CNTVOFF); - p->arch.cntv_cval = READ_CP64(CNTV_CVAL); - p->arch.cntv_ctl = READ_CP32(CNTV_CTL); + virt_timer_save(p); /* XXX only save these if ThumbEE e.g. ID_PFR0.THUMB_EE_SUPPORT */ p->arch.teecr = READ_CP32(TEECR); @@ -134,11 +132,6 @@ static void ctxt_switch_to(struct vcpu * WRITE_CP32(n->arch.mair1, MAIR1); isb(); - /* Arch timer */ - WRITE_CP64(n->arch.cntvoff, CNTVOFF); - WRITE_CP64(n->arch.cntv_cval, CNTV_CVAL); - WRITE_CP32(n->arch.cntv_ctl, CNTV_CTL); - /* Control Registers */ WRITE_CP32(n->arch.actlr, ACTLR); WRITE_CP32(n->arch.sctlr, SCTLR); @@ -165,6 +158,10 @@ static void ctxt_switch_to(struct vcpu * WRITE_CP32(hcr, HCR); isb(); + + /* This is could trigger an hardware interrupt from the virtual + * timer. The interrupt needs to be injected into the guest. */ + virt_timer_restore(n); } static void schedule_tail(struct vcpu *prev) diff -r 15a02be467b5 -r adc707c1ebd5 xen/arch/arm/gic.c --- a/xen/arch/arm/gic.c Thu Jan 17 16:48:23 2013 +0000 +++ b/xen/arch/arm/gic.c Thu Jan 17 16:48:24 2013 +0000 @@ -379,7 +379,9 @@ void gic_route_ppis(void) gic_route_irq(25, 1, 1u << smp_processor_id(), 0xa0); /* Hypervisor Timer */ gic_route_irq(26, 1, 1u << smp_processor_id(), 0xa0); - /* Timer */ + /* Virtual Timer */ + gic_route_irq(27, 1, 1u << smp_processor_id(), 0xa0); + /* Physical Timer */ gic_route_irq(30, 1, 1u << smp_processor_id(), 0xa0); } diff -r 15a02be467b5 -r adc707c1ebd5 xen/arch/arm/time.c --- a/xen/arch/arm/time.c Thu Jan 17 16:48:23 2013 +0000 +++ b/xen/arch/arm/time.c Thu Jan 17 16:48:24 2013 +0000 @@ -24,10 +24,13 @@ #include #include #include +#include #include #include #include #include +#include +#include /* * Unfortunately the hypervisor timer interrupt appears to be buggy in @@ -36,10 +39,11 @@ */ #define USE_HYP_TIMER 1 +uint64_t __read_mostly boot_count; + /* For fine-grained timekeeping, we use the ARM "Generic Timer", a * register-mapped time source in the SoC. */ static uint32_t __read_mostly cntfrq; /* Ticks per second */ -static uint64_t __read_mostly boot_count; /* Counter value at boot time */ /*static inline*/ s_time_t ticks_to_ns(uint64_t ticks) { @@ -155,6 +159,13 @@ static void timer_interrupt(int irq, voi } } +static void vtimer_interrupt(int irq, void *dev_id, struct cpu_user_regs *regs) +{ + current->arch.virt_timer.ctl = READ_CP32(CNTV_CTL); + WRITE_CP32(current->arch.virt_timer.ctl | CNTx_CTL_MASK, CNTV_CTL); + vgic_vcpu_inject_irq(current, irq, 1); +} + /* Set up the timer interrupt on this CPU */ void __cpuinit init_timer_interrupt(void) { @@ -174,6 +185,7 @@ void __cpuinit init_timer_interrupt(void /* XXX Need to find this IRQ number from devicetree? */ request_irq(26, timer_interrupt, 0, "hyptimer", NULL); + request_irq(27, vtimer_interrupt, 0, "virtimer", NULL); request_irq(30, timer_interrupt, 0, "phytimer", NULL); } diff -r 15a02be467b5 -r adc707c1ebd5 xen/arch/arm/vtimer.c --- a/xen/arch/arm/vtimer.c Thu Jan 17 16:48:23 2013 +0000 +++ b/xen/arch/arm/vtimer.c Thu Jan 17 16:48:24 2013 +0000 @@ -21,31 +21,74 @@ #include #include #include +#include +#include #include #include extern s_time_t ticks_to_ns(uint64_t ticks); extern uint64_t ns_to_ticks(s_time_t ns); -static void vtimer_expired(void *data) +static void phys_timer_expired(void *data) { - struct vcpu *v = data; - v->arch.vtimer.ctl |= CNTx_CTL_PENDING; - v->arch.vtimer.ctl &= ~CNTx_CTL_MASK; - vgic_vcpu_inject_irq(v, 30, 1); + struct vtimer *t = data; + t->ctl |= CNTx_CTL_PENDING; + t->ctl &= ~CNTx_CTL_MASK; + vgic_vcpu_inject_irq(t->v, 30, 1); } +static void virt_timer_expired(void *data) +{ + struct vtimer *t = data; + vcpu_wake(t->v); +} + int vcpu_vtimer_init(struct vcpu *v) { - init_timer(&v->arch.vtimer.timer, - vtimer_expired, v, - smp_processor_id()); - v->arch.vtimer.ctl = 0; - v->arch.vtimer.offset = NOW(); - v->arch.vtimer.cval = NOW(); + struct vtimer *t = &v->arch.phys_timer; + + init_timer(&t->timer, phys_timer_expired, t, smp_processor_id()); + t->ctl = 0; + t->offset = NOW(); + t->cval = NOW(); + t->irq = 30; + t->v = v; + + t = &v->arch.virt_timer; + init_timer(&t->timer, virt_timer_expired, t, smp_processor_id()); + t->ctl = 0; + t->offset = READ_CP64(CNTVCT) + READ_CP64(CNTVOFF); + t->cval = 0; + t->irq = 27; + t->v = v; + return 0; } +int virt_timer_save(struct vcpu *v) +{ + v->arch.virt_timer.ctl = READ_CP32(CNTV_CTL); + WRITE_CP32(v->arch.virt_timer.ctl & ~CNTx_CTL_ENABLE, CNTV_CTL); + v->arch.virt_timer.cval = READ_CP64(CNTV_CVAL); + if ( v->arch.virt_timer.ctl & CNTx_CTL_ENABLE ) + { + set_timer(&v->arch.virt_timer.timer, ticks_to_ns(v->arch.virt_timer.cval + + v->arch.virt_timer.offset - boot_count)); + } + return 0; +} + +int virt_timer_restore(struct vcpu *v) +{ + stop_timer(&v->arch.virt_timer.timer); + + WRITE_CP32(v->arch.virt_timer.ctl & ~CNTx_CTL_ENABLE, CNTV_CTL); + WRITE_CP64(v->arch.virt_timer.offset, CNTVOFF); + WRITE_CP64(v->arch.virt_timer.cval, CNTV_CVAL); + WRITE_CP32(v->arch.virt_timer.ctl, CNTV_CTL); + return 0; +} + static int vtimer_emulate_32(struct cpu_user_regs *regs, union hsr hsr) { struct vcpu *v = current; @@ -58,36 +101,36 @@ static int vtimer_emulate_32(struct cpu_ case HSR_CPREG32(CNTP_CTL): if ( cp32.read ) { - *r = v->arch.vtimer.ctl; + *r = v->arch.phys_timer.ctl; } else { - v->arch.vtimer.ctl = *r; + v->arch.phys_timer.ctl = *r; - if ( v->arch.vtimer.ctl & CNTx_CTL_ENABLE ) + if ( v->arch.phys_timer.ctl & CNTx_CTL_ENABLE ) { - set_timer(&v->arch.vtimer.timer, - v->arch.vtimer.cval + v->arch.vtimer.offset); + set_timer(&v->arch.phys_timer.timer, + v->arch.phys_timer.cval + v->arch.phys_timer.offset); } else - stop_timer(&v->arch.vtimer.timer); + stop_timer(&v->arch.phys_timer.timer); } return 1; case HSR_CPREG32(CNTP_TVAL): - now = NOW() - v->arch.vtimer.offset; + now = NOW() - v->arch.phys_timer.offset; if ( cp32.read ) { - *r = (uint32_t)(ns_to_ticks(v->arch.vtimer.cval - now) & 0xffffffffull); + *r = (uint32_t)(ns_to_ticks(v->arch.phys_timer.cval - now) & 0xffffffffull); } else { - v->arch.vtimer.cval = now + ticks_to_ns(*r); - if ( v->arch.vtimer.ctl & CNTx_CTL_ENABLE ) + v->arch.phys_timer.cval = now + ticks_to_ns(*r); + if ( v->arch.phys_timer.ctl & CNTx_CTL_ENABLE ) { - set_timer(&v->arch.vtimer.timer, - v->arch.vtimer.cval + v->arch.vtimer.offset); + set_timer(&v->arch.phys_timer.timer, + v->arch.phys_timer.cval + v->arch.phys_timer.offset); } } @@ -112,7 +155,7 @@ static int vtimer_emulate_64(struct cpu_ case HSR_CPREG64(CNTPCT): if ( cp64.read ) { - now = NOW() - v->arch.vtimer.offset; + now = NOW() - v->arch.phys_timer.offset; ticks = ns_to_ticks(now); *r1 = (uint32_t)(ticks & 0xffffffff); *r2 = (uint32_t)(ticks >> 32); diff -r 15a02be467b5 -r adc707c1ebd5 xen/arch/arm/vtimer.h --- a/xen/arch/arm/vtimer.h Thu Jan 17 16:48:23 2013 +0000 +++ b/xen/arch/arm/vtimer.h Thu Jan 17 16:48:24 2013 +0000 @@ -22,6 +22,8 @@ extern int vcpu_vtimer_init(struct vcpu *v); extern int vtimer_emulate(struct cpu_user_regs *regs, union hsr hsr); +extern int virt_timer_save(struct vcpu *v); +extern int virt_timer_restore(struct vcpu *v); #endif diff -r 15a02be467b5 -r adc707c1ebd5 xen/include/asm-arm/domain.h --- a/xen/include/asm-arm/domain.h Thu Jan 17 16:48:23 2013 +0000 +++ b/xen/include/asm-arm/domain.h Thu Jan 17 16:48:24 2013 +0000 @@ -3,6 +3,7 @@ #include #include +#include #include #include #include @@ -69,6 +70,15 @@ struct arch_domain } __cacheline_aligned; +struct vtimer { + struct vcpu *v; + int irq; + struct timer timer; + uint32_t ctl; + s_time_t offset; + s_time_t cval; +}; + struct arch_vcpu { struct { @@ -118,11 +128,6 @@ struct arch_vcpu uint32_t teecr, teehbr; uint32_t joscr, jmcr; - /* Arch timers */ - uint64_t cntvoff; - uint64_t cntv_cval; - uint32_t cntv_ctl; - /* CP 15 */ uint32_t csselr; @@ -157,12 +162,8 @@ struct arch_vcpu spinlock_t lock; } vgic; - struct { - struct timer timer; - uint32_t ctl; - s_time_t offset; - s_time_t cval; - } vtimer; + struct vtimer phys_timer; + struct vtimer virt_timer; } __cacheline_aligned; void vcpu_show_execution_state(struct vcpu *); diff -r 15a02be467b5 -r adc707c1ebd5 xen/include/asm-arm/time.h --- a/xen/include/asm-arm/time.h Thu Jan 17 16:48:23 2013 +0000 +++ b/xen/include/asm-arm/time.h Thu Jan 17 16:48:24 2013 +0000 @@ -15,6 +15,9 @@ struct tm wallclock_time(void); /* Set up the timer interrupt on this CPU */ extern void __cpuinit init_timer_interrupt(void); +/* Counter value at boot time */ +extern uint64_t boot_count; + #endif /* __ARM_TIME_H__ */ /* * Local variables: _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Sat Jan 19 01:34:17 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Sat, 19 Jan 2013 01:34:17 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNK3-0007s8-Am; Sat, 19 Jan 2013 01:34:15 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNK1-0007pQ-2y for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:34:13 +0000 Received: from [85.158.139.211:28524] by server-3.bemta-5.messagelabs.com id 63/C7-15993-418F9F05; Sat, 19 Jan 2013 01:34:12 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-6.tower-206.messagelabs.com!1358559250!18773213!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 21446 invoked from network); 19 Jan 2013 01:34:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-6.tower-206.messagelabs.com with AES256-SHA encrypted SMTP; 19 Jan 2013 01:34:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwNJ0-00030p-PW for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TwNJ0-0001nL-LQ for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 01:33:10 +0000 Message-Id: Date: Sat, 19 Jan 2013 01:33:10 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen/arm: support the ARM generic virtual timer X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Stefano Stabellini # Date 1358441304 0 # Node ID adc707c1ebd509673b51c4d321adf7bd7fdd8354 # Parent 15a02be467b5ba2cc1dd0eb80e6355af5cb19567 xen/arm: support the ARM generic virtual timer Save and restore the virtual timer registers during the context switch. At save time initialize an internal Xen timer to make sure that Xen schedules the guest vcpu at the time of the next virtual timer interrupt. Receive the virtual timer interrupt into the hypervisor and inject it into the running guest. Signed-off-by: Stefano Stabellini Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r 15a02be467b5 -r adc707c1ebd5 xen/arch/arm/domain.c --- a/xen/arch/arm/domain.c Thu Jan 17 16:48:23 2013 +0000 +++ b/xen/arch/arm/domain.c Thu Jan 17 16:48:24 2013 +0000 @@ -51,9 +51,7 @@ static void ctxt_switch_from(struct vcpu p->arch.tpidrprw = READ_CP32(TPIDRPRW); /* Arch timer */ - p->arch.cntvoff = READ_CP64(CNTVOFF); - p->arch.cntv_cval = READ_CP64(CNTV_CVAL); - p->arch.cntv_ctl = READ_CP32(CNTV_CTL); + virt_timer_save(p); /* XXX only save these if ThumbEE e.g. ID_PFR0.THUMB_EE_SUPPORT */ p->arch.teecr = READ_CP32(TEECR); @@ -134,11 +132,6 @@ static void ctxt_switch_to(struct vcpu * WRITE_CP32(n->arch.mair1, MAIR1); isb(); - /* Arch timer */ - WRITE_CP64(n->arch.cntvoff, CNTVOFF); - WRITE_CP64(n->arch.cntv_cval, CNTV_CVAL); - WRITE_CP32(n->arch.cntv_ctl, CNTV_CTL); - /* Control Registers */ WRITE_CP32(n->arch.actlr, ACTLR); WRITE_CP32(n->arch.sctlr, SCTLR); @@ -165,6 +158,10 @@ static void ctxt_switch_to(struct vcpu * WRITE_CP32(hcr, HCR); isb(); + + /* This is could trigger an hardware interrupt from the virtual + * timer. The interrupt needs to be injected into the guest. */ + virt_timer_restore(n); } static void schedule_tail(struct vcpu *prev) diff -r 15a02be467b5 -r adc707c1ebd5 xen/arch/arm/gic.c --- a/xen/arch/arm/gic.c Thu Jan 17 16:48:23 2013 +0000 +++ b/xen/arch/arm/gic.c Thu Jan 17 16:48:24 2013 +0000 @@ -379,7 +379,9 @@ void gic_route_ppis(void) gic_route_irq(25, 1, 1u << smp_processor_id(), 0xa0); /* Hypervisor Timer */ gic_route_irq(26, 1, 1u << smp_processor_id(), 0xa0); - /* Timer */ + /* Virtual Timer */ + gic_route_irq(27, 1, 1u << smp_processor_id(), 0xa0); + /* Physical Timer */ gic_route_irq(30, 1, 1u << smp_processor_id(), 0xa0); } diff -r 15a02be467b5 -r adc707c1ebd5 xen/arch/arm/time.c --- a/xen/arch/arm/time.c Thu Jan 17 16:48:23 2013 +0000 +++ b/xen/arch/arm/time.c Thu Jan 17 16:48:24 2013 +0000 @@ -24,10 +24,13 @@ #include #include #include +#include #include #include #include #include +#include +#include /* * Unfortunately the hypervisor timer interrupt appears to be buggy in @@ -36,10 +39,11 @@ */ #define USE_HYP_TIMER 1 +uint64_t __read_mostly boot_count; + /* For fine-grained timekeeping, we use the ARM "Generic Timer", a * register-mapped time source in the SoC. */ static uint32_t __read_mostly cntfrq; /* Ticks per second */ -static uint64_t __read_mostly boot_count; /* Counter value at boot time */ /*static inline*/ s_time_t ticks_to_ns(uint64_t ticks) { @@ -155,6 +159,13 @@ static void timer_interrupt(int irq, voi } } +static void vtimer_interrupt(int irq, void *dev_id, struct cpu_user_regs *regs) +{ + current->arch.virt_timer.ctl = READ_CP32(CNTV_CTL); + WRITE_CP32(current->arch.virt_timer.ctl | CNTx_CTL_MASK, CNTV_CTL); + vgic_vcpu_inject_irq(current, irq, 1); +} + /* Set up the timer interrupt on this CPU */ void __cpuinit init_timer_interrupt(void) { @@ -174,6 +185,7 @@ void __cpuinit init_timer_interrupt(void /* XXX Need to find this IRQ number from devicetree? */ request_irq(26, timer_interrupt, 0, "hyptimer", NULL); + request_irq(27, vtimer_interrupt, 0, "virtimer", NULL); request_irq(30, timer_interrupt, 0, "phytimer", NULL); } diff -r 15a02be467b5 -r adc707c1ebd5 xen/arch/arm/vtimer.c --- a/xen/arch/arm/vtimer.c Thu Jan 17 16:48:23 2013 +0000 +++ b/xen/arch/arm/vtimer.c Thu Jan 17 16:48:24 2013 +0000 @@ -21,31 +21,74 @@ #include #include #include +#include +#include #include #include extern s_time_t ticks_to_ns(uint64_t ticks); extern uint64_t ns_to_ticks(s_time_t ns); -static void vtimer_expired(void *data) +static void phys_timer_expired(void *data) { - struct vcpu *v = data; - v->arch.vtimer.ctl |= CNTx_CTL_PENDING; - v->arch.vtimer.ctl &= ~CNTx_CTL_MASK; - vgic_vcpu_inject_irq(v, 30, 1); + struct vtimer *t = data; + t->ctl |= CNTx_CTL_PENDING; + t->ctl &= ~CNTx_CTL_MASK; + vgic_vcpu_inject_irq(t->v, 30, 1); } +static void virt_timer_expired(void *data) +{ + struct vtimer *t = data; + vcpu_wake(t->v); +} + int vcpu_vtimer_init(struct vcpu *v) { - init_timer(&v->arch.vtimer.timer, - vtimer_expired, v, - smp_processor_id()); - v->arch.vtimer.ctl = 0; - v->arch.vtimer.offset = NOW(); - v->arch.vtimer.cval = NOW(); + struct vtimer *t = &v->arch.phys_timer; + + init_timer(&t->timer, phys_timer_expired, t, smp_processor_id()); + t->ctl = 0; + t->offset = NOW(); + t->cval = NOW(); + t->irq = 30; + t->v = v; + + t = &v->arch.virt_timer; + init_timer(&t->timer, virt_timer_expired, t, smp_processor_id()); + t->ctl = 0; + t->offset = READ_CP64(CNTVCT) + READ_CP64(CNTVOFF); + t->cval = 0; + t->irq = 27; + t->v = v; + return 0; } +int virt_timer_save(struct vcpu *v) +{ + v->arch.virt_timer.ctl = READ_CP32(CNTV_CTL); + WRITE_CP32(v->arch.virt_timer.ctl & ~CNTx_CTL_ENABLE, CNTV_CTL); + v->arch.virt_timer.cval = READ_CP64(CNTV_CVAL); + if ( v->arch.virt_timer.ctl & CNTx_CTL_ENABLE ) + { + set_timer(&v->arch.virt_timer.timer, ticks_to_ns(v->arch.virt_timer.cval + + v->arch.virt_timer.offset - boot_count)); + } + return 0; +} + +int virt_timer_restore(struct vcpu *v) +{ + stop_timer(&v->arch.virt_timer.timer); + + WRITE_CP32(v->arch.virt_timer.ctl & ~CNTx_CTL_ENABLE, CNTV_CTL); + WRITE_CP64(v->arch.virt_timer.offset, CNTVOFF); + WRITE_CP64(v->arch.virt_timer.cval, CNTV_CVAL); + WRITE_CP32(v->arch.virt_timer.ctl, CNTV_CTL); + return 0; +} + static int vtimer_emulate_32(struct cpu_user_regs *regs, union hsr hsr) { struct vcpu *v = current; @@ -58,36 +101,36 @@ static int vtimer_emulate_32(struct cpu_ case HSR_CPREG32(CNTP_CTL): if ( cp32.read ) { - *r = v->arch.vtimer.ctl; + *r = v->arch.phys_timer.ctl; } else { - v->arch.vtimer.ctl = *r; + v->arch.phys_timer.ctl = *r; - if ( v->arch.vtimer.ctl & CNTx_CTL_ENABLE ) + if ( v->arch.phys_timer.ctl & CNTx_CTL_ENABLE ) { - set_timer(&v->arch.vtimer.timer, - v->arch.vtimer.cval + v->arch.vtimer.offset); + set_timer(&v->arch.phys_timer.timer, + v->arch.phys_timer.cval + v->arch.phys_timer.offset); } else - stop_timer(&v->arch.vtimer.timer); + stop_timer(&v->arch.phys_timer.timer); } return 1; case HSR_CPREG32(CNTP_TVAL): - now = NOW() - v->arch.vtimer.offset; + now = NOW() - v->arch.phys_timer.offset; if ( cp32.read ) { - *r = (uint32_t)(ns_to_ticks(v->arch.vtimer.cval - now) & 0xffffffffull); + *r = (uint32_t)(ns_to_ticks(v->arch.phys_timer.cval - now) & 0xffffffffull); } else { - v->arch.vtimer.cval = now + ticks_to_ns(*r); - if ( v->arch.vtimer.ctl & CNTx_CTL_ENABLE ) + v->arch.phys_timer.cval = now + ticks_to_ns(*r); + if ( v->arch.phys_timer.ctl & CNTx_CTL_ENABLE ) { - set_timer(&v->arch.vtimer.timer, - v->arch.vtimer.cval + v->arch.vtimer.offset); + set_timer(&v->arch.phys_timer.timer, + v->arch.phys_timer.cval + v->arch.phys_timer.offset); } } @@ -112,7 +155,7 @@ static int vtimer_emulate_64(struct cpu_ case HSR_CPREG64(CNTPCT): if ( cp64.read ) { - now = NOW() - v->arch.vtimer.offset; + now = NOW() - v->arch.phys_timer.offset; ticks = ns_to_ticks(now); *r1 = (uint32_t)(ticks & 0xffffffff); *r2 = (uint32_t)(ticks >> 32); diff -r 15a02be467b5 -r adc707c1ebd5 xen/arch/arm/vtimer.h --- a/xen/arch/arm/vtimer.h Thu Jan 17 16:48:23 2013 +0000 +++ b/xen/arch/arm/vtimer.h Thu Jan 17 16:48:24 2013 +0000 @@ -22,6 +22,8 @@ extern int vcpu_vtimer_init(struct vcpu *v); extern int vtimer_emulate(struct cpu_user_regs *regs, union hsr hsr); +extern int virt_timer_save(struct vcpu *v); +extern int virt_timer_restore(struct vcpu *v); #endif diff -r 15a02be467b5 -r adc707c1ebd5 xen/include/asm-arm/domain.h --- a/xen/include/asm-arm/domain.h Thu Jan 17 16:48:23 2013 +0000 +++ b/xen/include/asm-arm/domain.h Thu Jan 17 16:48:24 2013 +0000 @@ -3,6 +3,7 @@ #include #include +#include #include #include #include @@ -69,6 +70,15 @@ struct arch_domain } __cacheline_aligned; +struct vtimer { + struct vcpu *v; + int irq; + struct timer timer; + uint32_t ctl; + s_time_t offset; + s_time_t cval; +}; + struct arch_vcpu { struct { @@ -118,11 +128,6 @@ struct arch_vcpu uint32_t teecr, teehbr; uint32_t joscr, jmcr; - /* Arch timers */ - uint64_t cntvoff; - uint64_t cntv_cval; - uint32_t cntv_ctl; - /* CP 15 */ uint32_t csselr; @@ -157,12 +162,8 @@ struct arch_vcpu spinlock_t lock; } vgic; - struct { - struct timer timer; - uint32_t ctl; - s_time_t offset; - s_time_t cval; - } vtimer; + struct vtimer phys_timer; + struct vtimer virt_timer; } __cacheline_aligned; void vcpu_show_execution_state(struct vcpu *); diff -r 15a02be467b5 -r adc707c1ebd5 xen/include/asm-arm/time.h --- a/xen/include/asm-arm/time.h Thu Jan 17 16:48:23 2013 +0000 +++ b/xen/include/asm-arm/time.h Thu Jan 17 16:48:24 2013 +0000 @@ -15,6 +15,9 @@ struct tm wallclock_time(void); /* Set up the timer interrupt on this CPU */ extern void __cpuinit init_timer_interrupt(void); +/* Counter value at boot time */ +extern uint64_t boot_count; + #endif /* __ARM_TIME_H__ */ /* * Local variables: _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Sat Jan 19 09:44:26 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Sat, 19 Jan 2013 09:44:26 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwUyJ-0005ty-EV; Sat, 19 Jan 2013 09:44:19 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwUyI-0005tq-2x for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 09:44:18 +0000 Received: from [85.158.143.35:45365] by server-1.bemta-4.messagelabs.com id E1/F9-05635-1FA6AF05; Sat, 19 Jan 2013 09:44:17 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-3.tower-21.messagelabs.com!1358588649!13953236!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 29368 invoked from network); 19 Jan 2013 09:44:10 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-3.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 19 Jan 2013 09:44:10 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwUy9-0000Xk-9a for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 09:44:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TwUy8-0005Am-Tb for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 09:44:08 +0000 Message-Id: Date: Sat, 19 Jan 2013 09:44:08 +0000 From: Xen patchbot-4.2-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.2-testing] QEMU_TAG update X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Jackson # Date 1358438449 0 # Node ID 99376b5882f71877acf74dec9fdd25d5f9d83bbb # Parent 40d86973267337f38f58503c34d3437c9adb893a QEMU_TAG update --- diff -r 40d869732673 -r 99376b5882f7 Config.mk --- a/Config.mk Thu Jan 17 12:23:12 2013 +0000 +++ b/Config.mk Thu Jan 17 16:00:49 2013 +0000 @@ -214,9 +214,9 @@ ETHERBOOT_NICS ?= rtl8139 8086100e # CONFIG_QEMU ?= `pwd`/$(XEN_ROOT)/../qemu-xen.git CONFIG_QEMU ?= $(QEMU_REMOTE) -QEMU_TAG ?= abe5aac3cd62018fa15802b07f975aba14fa75f5 -# Wed Dec 5 13:31:30 2012 -0500 -# e1000: Discard oversized packets based on SBP|LPE +QEMU_TAG ?= ad6cb8a6550d0f0550252db4e05c305086ea9a65 +# Thu Jan 17 15:52:16 2013 +0000 +# e1000: fix compile warning introduced by security fix, and debugging # Short answer -- do not enable this unless you know what you are # doing and are prepared for some pain. _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Sat Jan 19 09:44:26 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Sat, 19 Jan 2013 09:44:26 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwUyJ-0005ty-EV; Sat, 19 Jan 2013 09:44:19 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwUyI-0005tq-2x for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 09:44:18 +0000 Received: from [85.158.143.35:45365] by server-1.bemta-4.messagelabs.com id E1/F9-05635-1FA6AF05; Sat, 19 Jan 2013 09:44:17 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-3.tower-21.messagelabs.com!1358588649!13953236!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 29368 invoked from network); 19 Jan 2013 09:44:10 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-3.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 19 Jan 2013 09:44:10 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TwUy9-0000Xk-9a for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 09:44:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TwUy8-0005Am-Tb for xen-changelog@lists.xensource.com; Sat, 19 Jan 2013 09:44:08 +0000 Message-Id: Date: Sat, 19 Jan 2013 09:44:08 +0000 From: Xen patchbot-4.2-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.2-testing] QEMU_TAG update X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Jackson # Date 1358438449 0 # Node ID 99376b5882f71877acf74dec9fdd25d5f9d83bbb # Parent 40d86973267337f38f58503c34d3437c9adb893a QEMU_TAG update --- diff -r 40d869732673 -r 99376b5882f7 Config.mk --- a/Config.mk Thu Jan 17 12:23:12 2013 +0000 +++ b/Config.mk Thu Jan 17 16:00:49 2013 +0000 @@ -214,9 +214,9 @@ ETHERBOOT_NICS ?= rtl8139 8086100e # CONFIG_QEMU ?= `pwd`/$(XEN_ROOT)/../qemu-xen.git CONFIG_QEMU ?= $(QEMU_REMOTE) -QEMU_TAG ?= abe5aac3cd62018fa15802b07f975aba14fa75f5 -# Wed Dec 5 13:31:30 2012 -0500 -# e1000: Discard oversized packets based on SBP|LPE +QEMU_TAG ?= ad6cb8a6550d0f0550252db4e05c305086ea9a65 +# Thu Jan 17 15:52:16 2013 +0000 +# e1000: fix compile warning introduced by security fix, and debugging # Short answer -- do not enable this unless you know what you are # doing and are prepared for some pain. _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:33:19 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:33:19 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvW-00016V-6Q; Mon, 21 Jan 2013 22:33:14 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvU-00016M-FE for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:12 +0000 Received: from [85.158.143.99:34963] by server-3.bemta-4.messagelabs.com id 01/F3-10689-722CDF05; Mon, 21 Jan 2013 22:33:11 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-16.tower-216.messagelabs.com!1358807590!17694741!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 22938 invoked from network); 21 Jan 2013 22:33:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-16.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:33:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvR-0005fj-Si for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPvQ-0003gO-U5 for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:09 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:08 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] x86: find a better location for the real-mode trampoline X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Paolo Bonzini # Date 1358505311 -3600 # Node ID 3b59a6c3e9b0fb5009bdfff97c8493bb9f0bec54 # Parent 025f202f3022c30d1ec3b6ffcb72861c43a32cf7 x86: find a better location for the real-mode trampoline On some machines, the location at 0x40e does not point to the beginning of the EBDA. Rather, it points to the beginning of the BIOS-reserved area of the EBDA, while the option ROMs place their data below that segment. For this reason, 0x413 is actually a better source than 0x40e to get the location of the real-mode trampoline. Xen was already using it as a second source, and this patch keeps that working. However, just in case, let's also fetch the information from the multiboot structure, where the boot loader should have placed it. This way we don't necessarily trust one of the BIOS or the multiboot loader more than the other. Signed-off-by: Paolo Bonzini Retain the previous code, thus using the multiboot value only if it's sane but lower than the BDA computed one. Also use the full 32-bit mem_lower value and prefer MBI_MEMLIMITS over open coding it (requiring a slight adjustment to multiboot.h to make its constants actually usable in assembly code, which previously they were only meant to be). Signed-off-by: Jan Beulich Acked-by: Keir Fraser Committed-by: Jan Beulich --- diff -r 025f202f3022 -r 3b59a6c3e9b0 xen/arch/x86/boot/head.S --- a/xen/arch/x86/boot/head.S Thu Jan 17 16:48:25 2013 +0000 +++ b/xen/arch/x86/boot/head.S Fri Jan 18 11:35:11 2013 +0100 @@ -88,6 +88,20 @@ 0: movzwl 0x413,%eax /* use base memory size on failure */ shl $10-4,%eax 1: + /* + * Compare the value in the BDA with the information from the + * multiboot structure (if available) and use the smallest. + */ + testb $MBI_MEMLIMITS,(%ebx) + jz 2f /* not available? BDA value will be fine */ + mov 4(%ebx),%edx + cmp $0x100,%edx /* is the multiboot value too small? */ + jb 2f /* if so, do not use it */ + shl $10-4,%edx + cmp %eax,%edx /* compare with BDA value */ + cmovb %edx,%eax /* and use the smaller */ + +2: /* Reserve 64kb for the trampoline */ sub $0x1000,%eax /* From arch/x86/smpboot.c: start_eip had better be page-aligned! */ diff -r 025f202f3022 -r 3b59a6c3e9b0 xen/include/xen/multiboot.h --- a/xen/include/xen/multiboot.h Thu Jan 17 16:48:25 2013 +0000 +++ b/xen/include/xen/multiboot.h Fri Jan 18 11:35:11 2013 +0100 @@ -18,6 +18,7 @@ #ifndef __MULTIBOOT_H__ #define __MULTIBOOT_H__ +#include "const.h" /* * Multiboot header structure. @@ -31,17 +32,17 @@ /* The magic number passed by a Multiboot-compliant boot loader. */ #define MULTIBOOT_BOOTLOADER_MAGIC 0x2BADB002 -#define MBI_MEMLIMITS (1u<< 0) -#define MBI_BOOTDEV (1u<< 1) -#define MBI_CMDLINE (1u<< 2) -#define MBI_MODULES (1u<< 3) -#define MBI_AOUT_SYMS (1u<< 4) -#define MBI_ELF_SYMS (1u<< 5) -#define MBI_MEMMAP (1u<< 6) -#define MBI_DRIVES (1u<< 7) -#define MBI_BIOSCONFIG (1u<< 8) -#define MBI_LOADERNAME (1u<< 9) -#define MBI_APM (1u<<10) +#define MBI_MEMLIMITS (_AC(1,u) << 0) +#define MBI_BOOTDEV (_AC(1,u) << 1) +#define MBI_CMDLINE (_AC(1,u) << 2) +#define MBI_MODULES (_AC(1,u) << 3) +#define MBI_AOUT_SYMS (_AC(1,u) << 4) +#define MBI_ELF_SYMS (_AC(1,u) << 5) +#define MBI_MEMMAP (_AC(1,u) << 6) +#define MBI_DRIVES (_AC(1,u) << 7) +#define MBI_BIOSCONFIG (_AC(1,u) << 8) +#define MBI_LOADERNAME (_AC(1,u) << 9) +#define MBI_APM (_AC(1,u) << 10) #ifndef __ASSEMBLY__ _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:33:19 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:33:19 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvW-00016V-6Q; Mon, 21 Jan 2013 22:33:14 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvU-00016M-FE for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:12 +0000 Received: from [85.158.143.99:34963] by server-3.bemta-4.messagelabs.com id 01/F3-10689-722CDF05; Mon, 21 Jan 2013 22:33:11 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-16.tower-216.messagelabs.com!1358807590!17694741!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 22938 invoked from network); 21 Jan 2013 22:33:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-16.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:33:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvR-0005fj-Si for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:09 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPvQ-0003gO-U5 for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:09 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:08 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] x86: find a better location for the real-mode trampoline X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Paolo Bonzini # Date 1358505311 -3600 # Node ID 3b59a6c3e9b0fb5009bdfff97c8493bb9f0bec54 # Parent 025f202f3022c30d1ec3b6ffcb72861c43a32cf7 x86: find a better location for the real-mode trampoline On some machines, the location at 0x40e does not point to the beginning of the EBDA. Rather, it points to the beginning of the BIOS-reserved area of the EBDA, while the option ROMs place their data below that segment. For this reason, 0x413 is actually a better source than 0x40e to get the location of the real-mode trampoline. Xen was already using it as a second source, and this patch keeps that working. However, just in case, let's also fetch the information from the multiboot structure, where the boot loader should have placed it. This way we don't necessarily trust one of the BIOS or the multiboot loader more than the other. Signed-off-by: Paolo Bonzini Retain the previous code, thus using the multiboot value only if it's sane but lower than the BDA computed one. Also use the full 32-bit mem_lower value and prefer MBI_MEMLIMITS over open coding it (requiring a slight adjustment to multiboot.h to make its constants actually usable in assembly code, which previously they were only meant to be). Signed-off-by: Jan Beulich Acked-by: Keir Fraser Committed-by: Jan Beulich --- diff -r 025f202f3022 -r 3b59a6c3e9b0 xen/arch/x86/boot/head.S --- a/xen/arch/x86/boot/head.S Thu Jan 17 16:48:25 2013 +0000 +++ b/xen/arch/x86/boot/head.S Fri Jan 18 11:35:11 2013 +0100 @@ -88,6 +88,20 @@ 0: movzwl 0x413,%eax /* use base memory size on failure */ shl $10-4,%eax 1: + /* + * Compare the value in the BDA with the information from the + * multiboot structure (if available) and use the smallest. + */ + testb $MBI_MEMLIMITS,(%ebx) + jz 2f /* not available? BDA value will be fine */ + mov 4(%ebx),%edx + cmp $0x100,%edx /* is the multiboot value too small? */ + jb 2f /* if so, do not use it */ + shl $10-4,%edx + cmp %eax,%edx /* compare with BDA value */ + cmovb %edx,%eax /* and use the smaller */ + +2: /* Reserve 64kb for the trampoline */ sub $0x1000,%eax /* From arch/x86/smpboot.c: start_eip had better be page-aligned! */ diff -r 025f202f3022 -r 3b59a6c3e9b0 xen/include/xen/multiboot.h --- a/xen/include/xen/multiboot.h Thu Jan 17 16:48:25 2013 +0000 +++ b/xen/include/xen/multiboot.h Fri Jan 18 11:35:11 2013 +0100 @@ -18,6 +18,7 @@ #ifndef __MULTIBOOT_H__ #define __MULTIBOOT_H__ +#include "const.h" /* * Multiboot header structure. @@ -31,17 +32,17 @@ /* The magic number passed by a Multiboot-compliant boot loader. */ #define MULTIBOOT_BOOTLOADER_MAGIC 0x2BADB002 -#define MBI_MEMLIMITS (1u<< 0) -#define MBI_BOOTDEV (1u<< 1) -#define MBI_CMDLINE (1u<< 2) -#define MBI_MODULES (1u<< 3) -#define MBI_AOUT_SYMS (1u<< 4) -#define MBI_ELF_SYMS (1u<< 5) -#define MBI_MEMMAP (1u<< 6) -#define MBI_DRIVES (1u<< 7) -#define MBI_BIOSCONFIG (1u<< 8) -#define MBI_LOADERNAME (1u<< 9) -#define MBI_APM (1u<<10) +#define MBI_MEMLIMITS (_AC(1,u) << 0) +#define MBI_BOOTDEV (_AC(1,u) << 1) +#define MBI_CMDLINE (_AC(1,u) << 2) +#define MBI_MODULES (_AC(1,u) << 3) +#define MBI_AOUT_SYMS (_AC(1,u) << 4) +#define MBI_ELF_SYMS (_AC(1,u) << 5) +#define MBI_MEMMAP (_AC(1,u) << 6) +#define MBI_DRIVES (_AC(1,u) << 7) +#define MBI_BIOSCONFIG (_AC(1,u) << 8) +#define MBI_LOADERNAME (_AC(1,u) << 9) +#define MBI_APM (_AC(1,u) << 10) #ifndef __ASSEMBLY__ _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:33:20 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:33:20 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvY-000175-9l; Mon, 21 Jan 2013 22:33:16 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvW-00016T-7g for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:14 +0000 Received: from [85.158.143.99:34993] by server-2.bemta-4.messagelabs.com id 51/3D-03518-922CDF05; Mon, 21 Jan 2013 22:33:13 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-12.tower-216.messagelabs.com!1358807591!23589617!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests=UPPERCASE_25_50 X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 18877 invoked from network); 21 Jan 2013 22:33:12 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-12.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:33:12 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvT-0005fs-2D for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:11 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPvS-0003h9-RF for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:10 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:10 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] vtpm/vtpmmgr and required libs to stubdom/Makefile X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Matthew Fioravante # Date 1358506544 0 # Node ID 21b5491281c4298560bfdd0946b73ec8ef4ccd4d # Parent 600a6694754aacc2fbd0daa99d6ec994f15cfbbe vtpm/vtpmmgr and required libs to stubdom/Makefile Add 3 new libraries to stubdom: libgmp polarssl Berlios TPM Emulator 0.7.4 Add makefile structure for vtpm and vtpmmgrdom. Both vtpm domains are optional builds as vtpm depends on cmake. To build either of them, you must do so explicitly. make vtpm-stubdom vtpmmgrdom Finally, also update .*ignore Signed-off-by: Matthew Fioravante Acked-by: Ian Campbell [ijc, folded in fix from Matthew to workaround cmake 2.8.2 build failure] Committed-by: Ian Campbell --- diff -r 600a6694754a -r 21b5491281c4 .gitignore --- a/.gitignore Fri Jan 18 10:55:43 2013 +0000 +++ b/.gitignore Fri Jan 18 10:55:44 2013 +0000 @@ -109,6 +109,9 @@ stubdom/pciutils-* stubdom/zlib-* stubdom/grub-* stubdom/ocaml-* +stubdom/polarssl-* +stubdom/gmp-* +stubdom/tpm_emulator-* stubdom/lwip/ stubdom/ioemu/ stubdom/stubdompath.sh diff -r 600a6694754a -r 21b5491281c4 .hgignore --- a/.hgignore Fri Jan 18 10:55:43 2013 +0000 +++ b/.hgignore Fri Jan 18 10:55:44 2013 +0000 @@ -103,6 +103,9 @@ ^stubdom/pciutils-.*$ ^stubdom/zlib-.*$ ^stubdom/grub-.*$ +^stubdom/polarssl-.*$ +^stubdom/gmp-.*$ +^stubdom/tpm_emulator-.*$ ^stubdom/ocaml-.*$ ^stubdom/lwip/ ^stubdom/ioemu/ diff -r 600a6694754a -r 21b5491281c4 stubdom/Makefile --- a/stubdom/Makefile Fri Jan 18 10:55:43 2013 +0000 +++ b/stubdom/Makefile Fri Jan 18 10:55:44 2013 +0000 @@ -31,6 +31,18 @@ GRUB_VERSION=0.97 OCAML_URL?=http://caml.inria.fr/pub/distrib/ocaml-3.11 OCAML_VERSION=3.11.0 +GMP_VERSION=4.3.2 +GMP_URL?=$(XEN_EXTFILES_URL) +#GMP_URL?=ftp://ftp.gmplib.org/pub/gmp-$(GMP_VERSION) + +POLARSSL_VERSION=1.1.4 +POLARSSL_URL?=$(XEN_EXTFILES_URL) +#POLARSSL_URL?=http://polarssl.org/code/releases + +TPMEMU_VERSION=0.7.4 +TPMEMU_URL?=$(XEN_EXTFILES_URL) +#TPMEMU_URL?=http://download.berlios.de/tpm-emulator + WGET=wget -c GNU_TARGET_ARCH:=$(XEN_TARGET_ARCH) @@ -74,7 +86,7 @@ TARGET_CPPFLAGS += -I$(XEN_ROOT)/xen/inc TARGET_LDFLAGS += -nostdlib -L$(CROSS_PREFIX)/$(GNU_TARGET_ARCH)-xen-elf/lib -TARGETS=ioemu c caml grub xenstore +TARGETS=ioemu c caml grub xenstore vtpm vtpmmgr .PHONY: all all: build @@ -176,6 +188,76 @@ lwip-$(XEN_TARGET_ARCH): lwip-$(LWIP_VER touch $@ ############# +# cross-gmp +############# +gmp-$(GMP_VERSION).tar.bz2: + $(WGET) $(GMP_URL)/$@ + +.PHONY: cross-gmp +ifeq ($(XEN_TARGET_ARCH), x86_32) + GMPEXT=ABI=32 +endif +gmp-$(XEN_TARGET_ARCH): gmp-$(GMP_VERSION).tar.bz2 $(NEWLIB_STAMPFILE) + tar xjf $< + mv gmp-$(GMP_VERSION) $@ + #patch -d $@ -p0 < gmp.patch + cd $@; CPPFLAGS="-isystem $(CROSS_PREFIX)/$(GNU_TARGET_ARCH)-xen-elf/include $(TARGET_CPPFLAGS)" CFLAGS="$(TARGET_CFLAGS)" CC=$(CC) $(GMPEXT) ./configure --disable-shared --enable-static --disable-fft --without-readline --prefix=$(CROSS_PREFIX)/$(GNU_TARGET_ARCH)-xen-elf + sed -i 's/#define HAVE_OBSTACK_VPRINTF 1/\/\/#define HAVE_OBSTACK_VPRINTF 1/' $@/config.h + touch $@ + +GMP_STAMPFILE=$(CROSS_ROOT)/$(GNU_TARGET_ARCH)-xen-elf/lib/libgmp.a +cross-gmp: $(GMP_STAMPFILE) +$(GMP_STAMPFILE): gmp-$(XEN_TARGET_ARCH) + ( cd $< && \ + $(MAKE) && \ + $(MAKE) DESTDIR= install ) + +############# +# cross-polarssl +############# +polarssl-$(POLARSSL_VERSION)-gpl.tgz: + $(WGET) $(POLARSSL_URL)/$@ + +polarssl-$(XEN_TARGET_ARCH): polarssl-$(POLARSSL_VERSION)-gpl.tgz + tar xzf $< + mv polarssl-$(POLARSSL_VERSION) $@ + patch -d $@ -p1 < polarssl.patch + touch $@ + +POLARSSL_STAMPFILE=$(CROSS_ROOT)/$(GNU_TARGET_ARCH)-xen-elf/lib/libpolarssl.a +cross-polarssl: $(POLARSSL_STAMPFILE) +$(POLARSSL_STAMPFILE): polarssl-$(XEN_TARGET_ARCH) $(NEWLIB_STAMPFILE) lwip-$(XEN_TARGET_ARCH) + ( cd $ Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:33:20 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvY-000175-9l; Mon, 21 Jan 2013 22:33:16 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvW-00016T-7g for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:14 +0000 Received: from [85.158.143.99:34993] by server-2.bemta-4.messagelabs.com id 51/3D-03518-922CDF05; Mon, 21 Jan 2013 22:33:13 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-12.tower-216.messagelabs.com!1358807591!23589617!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests=UPPERCASE_25_50 X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 18877 invoked from network); 21 Jan 2013 22:33:12 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-12.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:33:12 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvT-0005fs-2D for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:11 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPvS-0003h9-RF for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:10 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:10 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] vtpm/vtpmmgr and required libs to stubdom/Makefile X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Matthew Fioravante # Date 1358506544 0 # Node ID 21b5491281c4298560bfdd0946b73ec8ef4ccd4d # Parent 600a6694754aacc2fbd0daa99d6ec994f15cfbbe vtpm/vtpmmgr and required libs to stubdom/Makefile Add 3 new libraries to stubdom: libgmp polarssl Berlios TPM Emulator 0.7.4 Add makefile structure for vtpm and vtpmmgrdom. Both vtpm domains are optional builds as vtpm depends on cmake. To build either of them, you must do so explicitly. make vtpm-stubdom vtpmmgrdom Finally, also update .*ignore Signed-off-by: Matthew Fioravante Acked-by: Ian Campbell [ijc, folded in fix from Matthew to workaround cmake 2.8.2 build failure] Committed-by: Ian Campbell --- diff -r 600a6694754a -r 21b5491281c4 .gitignore --- a/.gitignore Fri Jan 18 10:55:43 2013 +0000 +++ b/.gitignore Fri Jan 18 10:55:44 2013 +0000 @@ -109,6 +109,9 @@ stubdom/pciutils-* stubdom/zlib-* stubdom/grub-* stubdom/ocaml-* +stubdom/polarssl-* +stubdom/gmp-* +stubdom/tpm_emulator-* stubdom/lwip/ stubdom/ioemu/ stubdom/stubdompath.sh diff -r 600a6694754a -r 21b5491281c4 .hgignore --- a/.hgignore Fri Jan 18 10:55:43 2013 +0000 +++ b/.hgignore Fri Jan 18 10:55:44 2013 +0000 @@ -103,6 +103,9 @@ ^stubdom/pciutils-.*$ ^stubdom/zlib-.*$ ^stubdom/grub-.*$ +^stubdom/polarssl-.*$ +^stubdom/gmp-.*$ +^stubdom/tpm_emulator-.*$ ^stubdom/ocaml-.*$ ^stubdom/lwip/ ^stubdom/ioemu/ diff -r 600a6694754a -r 21b5491281c4 stubdom/Makefile --- a/stubdom/Makefile Fri Jan 18 10:55:43 2013 +0000 +++ b/stubdom/Makefile Fri Jan 18 10:55:44 2013 +0000 @@ -31,6 +31,18 @@ GRUB_VERSION=0.97 OCAML_URL?=http://caml.inria.fr/pub/distrib/ocaml-3.11 OCAML_VERSION=3.11.0 +GMP_VERSION=4.3.2 +GMP_URL?=$(XEN_EXTFILES_URL) +#GMP_URL?=ftp://ftp.gmplib.org/pub/gmp-$(GMP_VERSION) + +POLARSSL_VERSION=1.1.4 +POLARSSL_URL?=$(XEN_EXTFILES_URL) +#POLARSSL_URL?=http://polarssl.org/code/releases + +TPMEMU_VERSION=0.7.4 +TPMEMU_URL?=$(XEN_EXTFILES_URL) +#TPMEMU_URL?=http://download.berlios.de/tpm-emulator + WGET=wget -c GNU_TARGET_ARCH:=$(XEN_TARGET_ARCH) @@ -74,7 +86,7 @@ TARGET_CPPFLAGS += -I$(XEN_ROOT)/xen/inc TARGET_LDFLAGS += -nostdlib -L$(CROSS_PREFIX)/$(GNU_TARGET_ARCH)-xen-elf/lib -TARGETS=ioemu c caml grub xenstore +TARGETS=ioemu c caml grub xenstore vtpm vtpmmgr .PHONY: all all: build @@ -176,6 +188,76 @@ lwip-$(XEN_TARGET_ARCH): lwip-$(LWIP_VER touch $@ ############# +# cross-gmp +############# +gmp-$(GMP_VERSION).tar.bz2: + $(WGET) $(GMP_URL)/$@ + +.PHONY: cross-gmp +ifeq ($(XEN_TARGET_ARCH), x86_32) + GMPEXT=ABI=32 +endif +gmp-$(XEN_TARGET_ARCH): gmp-$(GMP_VERSION).tar.bz2 $(NEWLIB_STAMPFILE) + tar xjf $< + mv gmp-$(GMP_VERSION) $@ + #patch -d $@ -p0 < gmp.patch + cd $@; CPPFLAGS="-isystem $(CROSS_PREFIX)/$(GNU_TARGET_ARCH)-xen-elf/include $(TARGET_CPPFLAGS)" CFLAGS="$(TARGET_CFLAGS)" CC=$(CC) $(GMPEXT) ./configure --disable-shared --enable-static --disable-fft --without-readline --prefix=$(CROSS_PREFIX)/$(GNU_TARGET_ARCH)-xen-elf + sed -i 's/#define HAVE_OBSTACK_VPRINTF 1/\/\/#define HAVE_OBSTACK_VPRINTF 1/' $@/config.h + touch $@ + +GMP_STAMPFILE=$(CROSS_ROOT)/$(GNU_TARGET_ARCH)-xen-elf/lib/libgmp.a +cross-gmp: $(GMP_STAMPFILE) +$(GMP_STAMPFILE): gmp-$(XEN_TARGET_ARCH) + ( cd $< && \ + $(MAKE) && \ + $(MAKE) DESTDIR= install ) + +############# +# cross-polarssl +############# +polarssl-$(POLARSSL_VERSION)-gpl.tgz: + $(WGET) $(POLARSSL_URL)/$@ + +polarssl-$(XEN_TARGET_ARCH): polarssl-$(POLARSSL_VERSION)-gpl.tgz + tar xzf $< + mv polarssl-$(POLARSSL_VERSION) $@ + patch -d $@ -p1 < polarssl.patch + touch $@ + +POLARSSL_STAMPFILE=$(CROSS_ROOT)/$(GNU_TARGET_ARCH)-xen-elf/lib/libpolarssl.a +cross-polarssl: $(POLARSSL_STAMPFILE) +$(POLARSSL_STAMPFILE): polarssl-$(XEN_TARGET_ARCH) $(NEWLIB_STAMPFILE) lwip-$(XEN_TARGET_ARCH) + ( cd $ Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:33:20 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvY-00017A-EQ; Mon, 21 Jan 2013 22:33:16 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvW-00016c-R6 for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:15 +0000 Received: from [193.109.254.147:26841] by server-15.bemta-14.messagelabs.com id 7A/C8-08323-A22CDF05; Mon, 21 Jan 2013 22:33:14 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-15.tower-27.messagelabs.com!1358807592!1681259!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 11496 invoked from network); 21 Jan 2013 22:33:13 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-15.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:33:13 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvU-0005fy-5e for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:12 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPvT-0003hd-Tv for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:11 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:11 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] README: Add cmake dependency X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Matthew Fioravante # Date 1358506546 0 # Node ID 712419ef207b6897e58e6b6474f1054e43d65a3a # Parent 18326c674f9be71d81101c2a398c36b35b5c5452 README: Add cmake dependency cmake is an optional dependency for vtpm. Signed-off-by: Matthew Fioravante Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r 18326c674f9b -r 712419ef207b README --- a/README Fri Jan 18 10:55:45 2013 +0000 +++ b/README Fri Jan 18 10:55:46 2013 +0000 @@ -65,6 +65,7 @@ disabled at compile time: * Development install of Ocaml (e.g. ocaml-nox and ocaml-findlib). Required to build ocaml components which includes the alternative ocaml xenstored. + * cmake (if building vtpm stub domains) Second, you need to acquire a suitable kernel for use in domain 0. If possible you should use a kernel provided by your OS distributor. If _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:33:20 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:33:20 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvY-00017A-EQ; Mon, 21 Jan 2013 22:33:16 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvW-00016c-R6 for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:15 +0000 Received: from [193.109.254.147:26841] by server-15.bemta-14.messagelabs.com id 7A/C8-08323-A22CDF05; Mon, 21 Jan 2013 22:33:14 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-15.tower-27.messagelabs.com!1358807592!1681259!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 11496 invoked from network); 21 Jan 2013 22:33:13 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-15.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:33:13 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvU-0005fy-5e for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:12 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPvT-0003hd-Tv for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:11 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:11 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] README: Add cmake dependency X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Matthew Fioravante # Date 1358506546 0 # Node ID 712419ef207b6897e58e6b6474f1054e43d65a3a # Parent 18326c674f9be71d81101c2a398c36b35b5c5452 README: Add cmake dependency cmake is an optional dependency for vtpm. Signed-off-by: Matthew Fioravante Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r 18326c674f9b -r 712419ef207b README --- a/README Fri Jan 18 10:55:45 2013 +0000 +++ b/README Fri Jan 18 10:55:46 2013 +0000 @@ -65,6 +65,7 @@ disabled at compile time: * Development install of Ocaml (e.g. ocaml-nox and ocaml-findlib). Required to build ocaml components which includes the alternative ocaml xenstored. + * cmake (if building vtpm stub domains) Second, you need to acquire a suitable kernel for use in domain 0. If possible you should use a kernel provided by your OS distributor. If _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:33:21 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:33:21 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPva-00017q-Kr; Mon, 21 Jan 2013 22:33:18 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvZ-00016M-3F for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:17 +0000 Received: from [85.158.143.99:35057] by server-3.bemta-4.messagelabs.com id F6/F3-10689-C22CDF05; Mon, 21 Jan 2013 22:33:16 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-15.tower-216.messagelabs.com!1358807595!28881615!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 8594 invoked from network); 21 Jan 2013 22:33:16 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-15.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:33:16 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvW-0005gD-W6 for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:14 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPvW-0003iq-ST for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:14 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:14 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] x86/hvm: fix RTC setting. X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Tim Deegan # Date 1358508717 -3600 # Node ID 9e8c39bdc1fedd5dfc5aa7209cc5f77f813476c7 # Parent 8f6dd5dc5d6cdd56050ed917a0c30903bbddcbf0 x86/hvm: fix RTC setting. When the guest writes one field of the RTC time, we must bring all the other fields up to date for the current second before calculating the new RTC time. Signed-off-by: Tim Deegan Tested-by: Phil Evans Committed-by: Jan Beulich --- diff -r 8f6dd5dc5d6c -r 9e8c39bdc1fe xen/arch/x86/hvm/rtc.c --- a/xen/arch/x86/hvm/rtc.c Fri Jan 18 12:20:58 2013 +0100 +++ b/xen/arch/x86/hvm/rtc.c Fri Jan 18 12:31:57 2013 +0100 @@ -399,10 +399,17 @@ static int rtc_ioport_write(void *opaque case RTC_DAY_OF_MONTH: case RTC_MONTH: case RTC_YEAR: - s->hw.cmos_data[s->hw.cmos_index] = data; - /* if in set mode, do not update the time */ - if ( !(s->hw.cmos_data[RTC_REG_B] & RTC_SET) ) + /* if in set mode, just write the register */ + if ( (s->hw.cmos_data[RTC_REG_B] & RTC_SET) ) + s->hw.cmos_data[s->hw.cmos_index] = data; + else + { + /* Fetch the current time and update just this field. */ + s->current_tm = gmtime(get_localtime(d)); + rtc_copy_date(s); + s->hw.cmos_data[s->hw.cmos_index] = data; rtc_set_time(s); + } alarm_timer_update(s); break; case RTC_REG_A: _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:33:21 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:33:21 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPva-00017q-Kr; Mon, 21 Jan 2013 22:33:18 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvZ-00016M-3F for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:17 +0000 Received: from [85.158.143.99:35057] by server-3.bemta-4.messagelabs.com id F6/F3-10689-C22CDF05; Mon, 21 Jan 2013 22:33:16 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-15.tower-216.messagelabs.com!1358807595!28881615!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 8594 invoked from network); 21 Jan 2013 22:33:16 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-15.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:33:16 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvW-0005gD-W6 for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:14 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPvW-0003iq-ST for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:14 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:14 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] x86/hvm: fix RTC setting. X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Tim Deegan # Date 1358508717 -3600 # Node ID 9e8c39bdc1fedd5dfc5aa7209cc5f77f813476c7 # Parent 8f6dd5dc5d6cdd56050ed917a0c30903bbddcbf0 x86/hvm: fix RTC setting. When the guest writes one field of the RTC time, we must bring all the other fields up to date for the current second before calculating the new RTC time. Signed-off-by: Tim Deegan Tested-by: Phil Evans Committed-by: Jan Beulich --- diff -r 8f6dd5dc5d6c -r 9e8c39bdc1fe xen/arch/x86/hvm/rtc.c --- a/xen/arch/x86/hvm/rtc.c Fri Jan 18 12:20:58 2013 +0100 +++ b/xen/arch/x86/hvm/rtc.c Fri Jan 18 12:31:57 2013 +0100 @@ -399,10 +399,17 @@ static int rtc_ioport_write(void *opaque case RTC_DAY_OF_MONTH: case RTC_MONTH: case RTC_YEAR: - s->hw.cmos_data[s->hw.cmos_index] = data; - /* if in set mode, do not update the time */ - if ( !(s->hw.cmos_data[RTC_REG_B] & RTC_SET) ) + /* if in set mode, just write the register */ + if ( (s->hw.cmos_data[RTC_REG_B] & RTC_SET) ) + s->hw.cmos_data[s->hw.cmos_index] = data; + else + { + /* Fetch the current time and update just this field. */ + s->current_tm = gmtime(get_localtime(d)); + rtc_copy_date(s); + s->hw.cmos_data[s->hw.cmos_index] = data; rtc_set_time(s); + } alarm_timer_update(s); break; case RTC_REG_A: _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:33:22 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:33:22 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPva-00017g-HO; Mon, 21 Jan 2013 22:33:18 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvY-00016T-Fq for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:16 +0000 Received: from [85.158.143.99:35045] by server-2.bemta-4.messagelabs.com id D4/3D-03518-C22CDF05; Mon, 21 Jan 2013 22:33:16 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-2.tower-216.messagelabs.com!1358807594!23605727!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 18769 invoked from network); 21 Jan 2013 22:33:15 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-2.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:33:15 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvW-0005gA-D8 for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:14 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPvW-0003ib-Bf for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:14 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:13 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] x86/AMD: Enable WC+ memory type on family 10 processors X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Boris Ostrovsky # Date 1358508058 -3600 # Node ID 8f6dd5dc5d6cdd56050ed917a0c30903bbddcbf0 # Parent eb8e9a23925d7b77c344a4a99679a45f96754a17 x86/AMD: Enable WC+ memory type on family 10 processors In some cases BIOS may not enable WC+ memory type on family 10 processors, instead converting what would be WC+ memory to CD type. On guests using nested pages this could result in performance degradation. This patch enables WC+. Signed-off-by: Boris Ostrovsky Committed-by: Jan Beulich --- diff -r eb8e9a23925d -r 8f6dd5dc5d6c xen/arch/x86/cpu/amd.c --- a/xen/arch/x86/cpu/amd.c Fri Jan 18 10:55:48 2013 +0000 +++ b/xen/arch/x86/cpu/amd.c Fri Jan 18 12:20:58 2013 +0100 @@ -485,6 +485,17 @@ static void __devinit init_amd(struct cp check_enable_amd_mmconf_dmi(); fam10h_check_enable_mmcfg(); + + /* + * On family 10h BIOS may not have properly enabled WC+ + * support, causing it to be converted to CD memtype. This may + * result in performance degradation for certain nested-paging + * guests. Prevent this conversion by clearing bit 24 in + * MSR_F10_BU_CFG2. + */ + rdmsrl(MSR_F10_BU_CFG2, value); + value &= ~(1ULL << 24); + wrmsrl(MSR_F10_BU_CFG2, value); } /* diff -r eb8e9a23925d -r 8f6dd5dc5d6c xen/include/asm-x86/msr-index.h --- a/xen/include/asm-x86/msr-index.h Fri Jan 18 10:55:48 2013 +0000 +++ b/xen/include/asm-x86/msr-index.h Fri Jan 18 12:20:58 2013 +0100 @@ -220,8 +220,9 @@ #define MSR_F10_MC4_MISC2 0xc0000409 #define MSR_F10_MC4_MISC3 0xc000040A -/* AMD Family10h MMU control MSRs */ -#define MSR_F10_BU_CFG 0xc0011023 +/* AMD Family10h Bus Unit MSRs */ +#define MSR_F10_BU_CFG 0xc0011023 +#define MSR_F10_BU_CFG2 0xc001102a /* Other AMD Fam10h MSRs */ #define MSR_FAM10H_MMIO_CONF_BASE 0xc0010058 _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:33:22 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:33:22 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPva-00017g-HO; Mon, 21 Jan 2013 22:33:18 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvY-00016T-Fq for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:16 +0000 Received: from [85.158.143.99:35045] by server-2.bemta-4.messagelabs.com id D4/3D-03518-C22CDF05; Mon, 21 Jan 2013 22:33:16 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-2.tower-216.messagelabs.com!1358807594!23605727!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 18769 invoked from network); 21 Jan 2013 22:33:15 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-2.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:33:15 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvW-0005gA-D8 for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:14 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPvW-0003ib-Bf for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:14 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:13 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] x86/AMD: Enable WC+ memory type on family 10 processors X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Boris Ostrovsky # Date 1358508058 -3600 # Node ID 8f6dd5dc5d6cdd56050ed917a0c30903bbddcbf0 # Parent eb8e9a23925d7b77c344a4a99679a45f96754a17 x86/AMD: Enable WC+ memory type on family 10 processors In some cases BIOS may not enable WC+ memory type on family 10 processors, instead converting what would be WC+ memory to CD type. On guests using nested pages this could result in performance degradation. This patch enables WC+. Signed-off-by: Boris Ostrovsky Committed-by: Jan Beulich --- diff -r eb8e9a23925d -r 8f6dd5dc5d6c xen/arch/x86/cpu/amd.c --- a/xen/arch/x86/cpu/amd.c Fri Jan 18 10:55:48 2013 +0000 +++ b/xen/arch/x86/cpu/amd.c Fri Jan 18 12:20:58 2013 +0100 @@ -485,6 +485,17 @@ static void __devinit init_amd(struct cp check_enable_amd_mmconf_dmi(); fam10h_check_enable_mmcfg(); + + /* + * On family 10h BIOS may not have properly enabled WC+ + * support, causing it to be converted to CD memtype. This may + * result in performance degradation for certain nested-paging + * guests. Prevent this conversion by clearing bit 24 in + * MSR_F10_BU_CFG2. + */ + rdmsrl(MSR_F10_BU_CFG2, value); + value &= ~(1ULL << 24); + wrmsrl(MSR_F10_BU_CFG2, value); } /* diff -r eb8e9a23925d -r 8f6dd5dc5d6c xen/include/asm-x86/msr-index.h --- a/xen/include/asm-x86/msr-index.h Fri Jan 18 10:55:48 2013 +0000 +++ b/xen/include/asm-x86/msr-index.h Fri Jan 18 12:20:58 2013 +0100 @@ -220,8 +220,9 @@ #define MSR_F10_MC4_MISC2 0xc0000409 #define MSR_F10_MC4_MISC3 0xc000040A -/* AMD Family10h MMU control MSRs */ -#define MSR_F10_BU_CFG 0xc0011023 +/* AMD Family10h Bus Unit MSRs */ +#define MSR_F10_BU_CFG 0xc0011023 +#define MSR_F10_BU_CFG2 0xc001102a /* Other AMD Fam10h MSRs */ #define MSR_FAM10H_MMIO_CONF_BASE 0xc0010058 _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:33:22 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:33:22 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvb-00018g-SF; Mon, 21 Jan 2013 22:33:19 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPva-00017Y-6G for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:18 +0000 Received: from [85.158.139.83:26106] by server-3.bemta-5.messagelabs.com id 74/EF-15993-D22CDF05; Mon, 21 Jan 2013 22:33:17 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-12.tower-182.messagelabs.com!1358807591!28831130!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests=ML_RADAR_SPEW_LINKS_23, spamassassin: X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 9756 invoked from network); 21 Jan 2013 22:33:14 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-12.tower-182.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:33:14 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvT-0005fv-K9 for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:11 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPvT-0003hO-Bu for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:11 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:10 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] Add vtpm documentation X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Matthew Fioravante # Date 1358506545 0 # Node ID 18326c674f9be71d81101c2a398c36b35b5c5452 # Parent 21b5491281c4298560bfdd0946b73ec8ef4ccd4d Add vtpm documentation See the files included in this patch for details Signed-off-by: Matthew Fioravante Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r 21b5491281c4 -r 18326c674f9b docs/misc/vtpm.txt --- a/docs/misc/vtpm.txt Fri Jan 18 10:55:44 2013 +0000 +++ b/docs/misc/vtpm.txt Fri Jan 18 10:55:45 2013 +0000 @@ -1,152 +1,297 @@ -Copyright: IBM Corporation (C), Intel Corporation -29 June 2006 -Authors: Stefan Berger (IBM), - Employees of Intel Corp +Copyright (c) 2010-2012 United States Government, as represented by +the Secretary of Defense. All rights reserved. +November 12 2012 +Authors: Matthew Fioravante (JHUAPL), -This document gives a short introduction to the virtual TPM support -in XEN and goes as far as connecting a user domain to a virtual TPM -instance and doing a short test to verify success. It is assumed -that the user is fairly familiar with compiling and installing XEN -and Linux on a machine. +This document describes the virtual Trusted Platform Module (vTPM) subsystem +for Xen. The reader is assumed to have familiarity with building and installing +Xen, Linux, and a basic understanding of the TPM and vTPM concepts. + +------------------------------ +INTRODUCTION +------------------------------ +The goal of this work is to provide a TPM functionality to a virtual guest +operating system (a DomU). This allows programs to interact with a TPM in a +virtual system the same way they interact with a TPM on the physical system. +Each guest gets its own unique, emulated, software TPM. However, each of the +vTPM's secrets (Keys, NVRAM, etc) are managed by a vTPM Manager domain, which +seals the secrets to the Physical TPM. Thus, the vTPM subsystem extends the +chain of trust rooted in the hardware TPM to virtual machines in Xen. Each +major component of vTPM is implemented as a separate domain, providing secure +separation guaranteed by the hypervisor. The vTPM domains are implemented in +mini-os to reduce memory and processor overhead. + +This mini-os vTPM subsystem was built on top of the previous vTPM +work done by IBM and Intel corporation. -Production Prerequisites: An x86-based machine machine with a -Linux-supported TPM on the motherboard (NSC, Atmel, Infineon, TPM V1.2). -Development Prerequisites: An emulator for TESTING ONLY is provided +------------------------------ +DESIGN OVERVIEW +------------------------------ +The architecture of vTPM is described below: + ++------------------+ +| Linux DomU | ... +| | ^ | +| v | | +| xen-tpmfront | ++------------------+ + | ^ + v | ++------------------+ +| mini-os/tpmback | +| | ^ | +| v | | +| vtpm-stubdom | ... +| | ^ | +| v | | +| mini-os/tpmfront | ++------------------+ + | ^ + v | ++------------------+ +| mini-os/tpmback | +| | ^ | +| v | | +| vtpmmgrdom | +| | ^ | +| v | | +| mini-os/tpm_tis | ++------------------+ + | ^ + v | ++------------------+ +| Hardware TPM | ++------------------+ + * Linux DomU: The Linux based guest that wants to use a vTPM. There many be + more than one of these. + + * xen-tpmfront.ko: Linux kernel virtual TPM frontend driver. This driver + provides vTPM access to a para-virtualized Linux based DomU. + + * mini-os/tpmback: Mini-os TPM backend driver. The Linux frontend driver + connects to this backend driver to facilitate + communications between the Linux DomU and its vTPM. This + driver is also used by vtpmmgrdom to communicate with + vtpm-stubdom. + + * vtpm-stubdom: A mini-os stub domain that implements a vTPM. There is a + one to one mapping between running vtpm-stubdom instances and + logical vtpms on the system. The vTPM Platform Configuration + Registers (PCRs) are all initialized to zero. + + * mini-os/tpmfront: Mini-os TPM frontend driver. The vTPM mini-os domain + vtpm-stubdom uses this driver to communicate with + vtpmmgrdom. This driver could also be used separately to + implement a mini-os domain that wishes to use a vTPM of + its own. + + * vtpmmgrdom: A mini-os domain that implements the vTPM manager. + There is only one vTPM manager and it should be running during + the entire lifetime of the machine. This domain regulates + access to the physical TPM on the system and secures the + persistent state of each vTPM. + + * mini-os/tpm_tis: Mini-os TPM version 1.2 TPM Interface Specification (TIS) + driver. This driver used by vtpmmgrdom to talk directly to + the hardware TPM. Communication is facilitated by mapping + hardware memory pages into vtpmmgrdom. + + * Hardware TPM: The physical TPM that is soldered onto the motherboard. + +------------------------------ +INSTALLATION +------------------------------ + +Prerequisites: +-------------- +You must have an x86 machine with a TPM on the motherboard. +The only software requirement to compiling vTPM is cmake. +You must use libxl to manage domains with vTPMs. 'xm' is +deprecated and does not support vTPM. Compiling the XEN tree: ----------------------- -Compile the XEN tree as usual after the following lines set in the -linux-2.6.??-xen/.config file: +Compile and install the XEN tree as usual. Be sure to build and install +the stubdom tree. -CONFIG_XEN_TPMDEV_BACKEND=m +Compiling the LINUX dom0 kernel: +-------------------------------- -CONFIG_TCG_TPM=m -CONFIG_TCG_TIS=m (supported after 2.6.17-rc4) -CONFIG_TCG_NSC=m -CONFIG_TCG_ATMEL=m -CONFIG_TCG_INFINEON=m -CONFIG_TCG_XEN=m - +The Linux dom0 kernel has no special prerequisites. -If the frontend driver needs to be compiled into the user domain -kernel, then the following two lines should be changed. +Compiling the LINUX domU kernel: +-------------------------------- + +The domU kernel used by domains with vtpms must +include the xen-tpmfront.ko driver. It can be built +directly into the kernel or as a module. CONFIG_TCG_TPM=y CONFIG_TCG_XEN=y +------------------------------ +VTPM MANAGER SETUP +------------------------------ -You must also enable the virtual TPM to be built: +Manager disk image setup: +------------------------- -In Config.mk in the Xen root directory set the line +The vTPM Manager requires a disk image to store its +encrypted data. The image does not require a filesystem +and can live anywhere on the host disk. The image does not need +to be large. 8 to 16 Mb should be sufficient. -VTPM_TOOLS ?= y +# dd if=/dev/zero of=/var/vtpmmgrdom.img bs=16M count=1 -and in +Manager config file: +-------------------- -tools/vtpm/Rules.mk set the line +The vTPM Manager domain (vtpmmgrdom) must be started like +any other Xen virtual machine and requires a config file. +The manager requires a disk image for storage and permission +to access the hardware memory pages for the TPM. An +example configuration looks like the following. -BUILD_EMULATOR = y +kernel="/usr/lib/xen/boot/vtpmmgrdom.gz" +memory=16 +disk=["file:/var/vtpmmgrdom.img,hda,w"] +name="vtpmmgrdom" +iomem=["fed40,5"] -Now build the Xen sources from Xen's root directory: +The iomem line tells xl to allow access to the TPM +IO memory pages, which are 5 pages that start at +0xfed40000. -make install +Starting and stopping the manager: +---------------------------------- +The vTPM manager should be started at boot, you may wish to +create an init script to do this. -Also build the initial RAM disk if necessary. +# xl create -c vtpmmgrdom.cfg -Reboot the machine with the created Xen kernel. +Once initialization is complete you should see the following: +INFO[VTPM]: Waiting for commands from vTPM's: -Note: If you do not want any TPM-related code compiled into your -kernel or built as module then comment all the above lines like -this example: -# CONFIG_TCG_TPM is not set +To shutdown the manager you must destroy it. To avoid data corruption, +only destroy the manager when you see the above "Waiting for commands" +message. This ensures the disk is in a consistent state. +# xl destroy vtpmmgrdom -Modifying VM Configuration files: ---------------------------------- +------------------------------ +VTPM AND LINUX PVM SETUP +------------------------------ -VM configuration files need to be adapted to make a TPM instance -available to a user domain. The following VM configuration file is -an example of how a user domain can be configured to have a TPM -available. It works similar to making a network interface -available to a domain. +In the following examples we will assume we have Linux +guest named "domu" with its associated configuration +located at /home/user/domu. It's vtpm will be named +domu-vtpm. -kernel = "/boot/vmlinuz-2.6.x" -ramdisk = "/xen/initrd_domU/U1_ramdisk.img" -memory = 32 -name = "TPMUserDomain0" -vtpm = ['instance=1,backend=0'] -root = "/dev/ram0 console=tty ro" -vif = ['backend=0'] +vTPM disk image setup: +---------------------- -In the above configuration file the line 'vtpm = ...' provides -information about the domain where the virtual TPM is running and -where the TPM backend has been compiled into - this has to be -domain 0 at the moment - and which TPM instance the user domain -is supposed to talk to. Note that each running VM must use a -different instance and that using instance 0 is NOT allowed. The -instance parameter is taken as the desired instance number, but -the actual instance number that is assigned to the virtual machine -can be different. This is the case if for example that particular -instance is already used by another virtual machine. The association -of which TPM instance number is used by which virtual machine is -kept in the file /var/vtpm/vtpm.db. Associations are maintained by -a xend-internal vTPM UUID and vTPM instance number. +The vTPM requires a disk image to store its persistent +data. The image does not require a filesystem. The image +does not need to be large. 8 Mb should be sufficient. -Note: If you do not want TPM functionality for your user domain simply -leave out the 'vtpm' line in the configuration file. +# dd if=/dev/zero of=/home/user/domu/vtpm.img bs=8M count=1 +vTPM config file: +----------------- -Running the TPM: ----------------- +The vTPM domain requires a configuration file like +any other domain. The vTPM requires a disk image for +storage and a TPM frontend driver to communicate +with the manager. An example configuration is given: -To run the vTPM, the device /dev/vtpm must be available. -Verify that 'ls -l /dev/vtpm' shows the following output: +kernel="/usr/lib/xen/boot/vtpm-stubdom.gz" +memory=8 +disk=["file:/home/user/domu/vtpm.img,hda,w"] +name="domu-vtpm" +vtpm=["backend=vtpmmgrdom,uuid=ac0a5b9e-cbe2-4c07-b43b-1d69e46fb839"] -crw------- 1 root root 10, 225 Aug 11 06:58 /dev/vtpm +The vtpm= line sets up the tpm frontend driver. The backend must set +to vtpmmgrdom. You are required to generate a uuid for this vtpm. +You can use the uuidgen unix program or some other method to create a +uuid. The uuid uniquely identifies this vtpm to manager. -If it is not available, run the following command as 'root'. -mknod /dev/vtpm c 10 225 +If you wish to clear the vTPM data you can either recreate the +disk image or change the uuid. -Make sure that the vTPM is running in domain 0. To do this run the -following: +Linux Guest config file: +------------------------ -modprobe tpmbk +The Linux guest config file needs to be modified to include +the Linux tpmfront driver. Add the following line: -/usr/bin/vtpm_managerd +vtpm=["backend=domu-vtpm"] -Start a user domain using the 'xm create' command. Once you are in the -shell of the user domain, you should be able to do the following as -user 'root': +Currently only paravirtualized guests are supported. -Insert the TPM frontend into the kernel if it has been compiled as a -kernel module. +Launching and shut down: +------------------------ -> modprobe tpm_xenu +To launch a Linux guest with a vTPM we first have to start the vTPM domain. -Check the status of the TPM +# xl create -c /home/user/domu/vtpm.cfg -> cd /sys/devices/xen/vtpm-0 -> ls -[...] cancel caps pcrs pubek [...] -> cat pcrs -PCR-00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 -PCR-01: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 -PCR-02: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 -PCR-03: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 -PCR-04: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 -PCR-05: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 -PCR-06: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 -PCR-07: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 -PCR-08: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 -[...] +After initialization is complete, you should see the following: +Info: Waiting for frontend domain to connect.. -At this point the user domain has been successfully connected to its -virtual TPM instance. +Next, launch the Linux guest -For further information please read the documentation in -tools/vtpm_manager/README and tools/vtpm/README +# xl create -c /home/user/domu/domu.cfg -Stefan Berger and Employees of the Intel Corp +If xen-tpmfront was compiled as a module, be sure to load it +in the guest. + +# modprobe xen-tpmfront + +After the Linux domain boots and the xen-tpmfront driver is loaded, +you should see the following on the vtpm console: + +Info: VTPM attached to Frontend X/Y + +If you have trousers and tpm_tools installed on the guest, you can test the +vtpm. + +On guest: +# tcsd (if tcsd is not running already) +# tpm_version + +The version command should return the following: + TPM 1.2 Version Info: + Chip Version: 1.2.0.7 + Spec Level: 2 + Errata Revision: 1 + TPM Vendor ID: ETHZ + TPM Version: 01010000 + Manufacturer Info: 4554485a + +You should also see the command being sent to the vtpm console as well +as the vtpm saving its state. You should see the vtpm key being +encrypted and stored on the vtpmmgrdom console. + +To shutdown the guest and its vtpm, you just have to shutdown the guest +normally. As soon as the guest vm disconnects, the vtpm will shut itself +down automatically. + +On guest: +# shutdown -h now + +You may wish to write a script to start your vtpm and guest together. + +------------------------------ +MORE INFORMATION +------------------------------ + +See stubdom/vtpmmgr/README for more details about how +the manager domain works, how to use it, and its command line +parameters. + +See stubdom/vtpm/README for more specifics about how vtpm-stubdom +operates and the command line options it accepts. + diff -r 21b5491281c4 -r 18326c674f9b stubdom/vtpm/README --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpm/README Fri Jan 18 10:55:45 2013 +0000 @@ -0,0 +1,75 @@ +Copyright (c) 2010-2012 United States Government, as represented by +the Secretary of Defense. All rights reserved. +November 12 2012 +Authors: Matthew Fioravante (JHUAPL), + +This document describes the operation and command line interface +of vtpm-stubdom. See docs/misc/vtpm.txt for details on the +vTPM subsystem as a whole. + + +------------------------------ +OPERATION +------------------------------ + +The vtpm-stubdom is a mini-OS domain that emulates a TPM for the guest OS to +use. It is a small wrapper around the Berlios TPM emulator +version 0.7.4. Commands are passed from the linux guest via the +mini-os TPM backend driver. vTPM data is encrypted and stored via a disk image +provided to the virtual machine. The key used to encrypt the data along +with a hash of the vTPM's data is sent to the vTPM manager for secure storage +and later retrieval. The vTPM domain communicates with the manager using a +mini-os tpm front/back device pair. + +------------------------------ +COMMAND LINE ARGUMENTS +------------------------------ + +Command line arguments are passed to the domain via the 'extra' +parameter in the VM config file. Each parameter is separated +by white space. For example: + +extra="foo=bar baz" + +List of Arguments: +------------------ + +loglevel=: Controls the amount of logging printed to the console. + The possible values for are: + error + info (default) + debug + +clear: Start the Berlios emulator in "clear" mode. (default) + +save: Start the Berlios emulator in "save" mode. + +deactivated: Start the Berlios emulator in "deactivated" mode. + See the Berlios TPM emulator documentation for details + about the startup mode. For all normal use, always use clear + which is the default. You should not need to specify any of these. + +maintcmds=<1|0>: Enable to disable the TPM maintenance commands. + These commands are used by tpm manufacturers and thus + open a security hole. They are disabled by default. + +hwinitpcr=: Initialize the virtual Platform Configuration Registers + (PCRs) with PCR values from the hardware TPM. Each pcr specified by + will be initialized with the value of that same PCR in TPM + once at startup. By default all PCRs are zero initialized. + Value values of are: + all: copy all pcrs + none: copy no pcrs (default) + : copy pcr n + : copy pcrs x to y (inclusive) + + These can also be combined by comma separation, for example: + hwinitpcrs=5,12-16 + will copy pcrs 5, 12, 13, 14, 15, and 16. + +------------------------------ +REFERENCES +------------------------------ + +Berlios TPM Emulator: +http://tpm-emulator.berlios.de/ diff -r 21b5491281c4 -r 18326c674f9b stubdom/vtpmmgr/README --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpmmgr/README Fri Jan 18 10:55:45 2013 +0000 @@ -0,0 +1,75 @@ +Copyright (c) 2010-2012 United States Government, as represented by +the Secretary of Defense. All rights reserved. +November 12 2012 +Authors: Matthew Fioravante (JHUAPL), + +This document describes the operation and command line interface +of vtpmmgrdom. See docs/misc/vtpm.txt for details on the +vTPM subsystem as a whole. + + +------------------------------ +OPERATION +------------------------------ + +The vtpmmgrdom implements a vTPM manager who has two major functions: + + - Securely store encryption keys for each of the vTPMS + - Regulate access to the hardware TPM for the entire system + +The manager accepts commands from the vtpm-stubdom domains via the mini-os +TPM backend driver. The vTPM manager communicates directly with hardware TPM +using the mini-os tpm_tis driver. + + +When the manager starts for the first time it will check if the TPM +has an owner. If the TPM is unowned, it will attempt to take ownership +with the supplied owner_auth (see below) and then create a TPM +storage key which will be used to secure vTPM key data. Currently the +manager only binds vTPM keys to the disk. In the future support +for sealing to PCRs should be added. + +------------------------------ +COMMAND LINE ARGUMENTS +------------------------------ + +Command line arguments are passed to the domain via the 'extra' +parameter in the VM config file. Each parameter is separated +by white space. For example: + +extra="foo=bar baz" + +List of Arguments: +------------------ + +owner_auth=: Set the owner auth of the TPM. The default + is the well known owner auth of all ones. + +srk_auth=: Set the SRK auth for the TPM. The default is + the well known srk auth of all zeroes. + The possible values of are: + well-known: Use the well known auth (default) + random: Randomly generate an auth + hash: : Use the given 40 character ASCII hex string + text: : Use sha1 hash of . + +tpmdriver=: Which driver to use to talk to the hardware TPM. + Don't change this unless you know what you're doing. + The possible values of are: + tpm_tis: Use the tpm_tis driver to talk directly to the TPM. + The domain must have access to TPM IO memory. (default) + tpmfront: Use tpmfront to talk to the TPM. The domain must have + a tpmfront device setup to talk to another domain + which provides access to the TPM. + +The following options only apply to the tpm_tis driver: + +tpmiomem=: The base address of the hardware memory pages of the + TPM (default 0xfed40000). + +tpmirq=: The irq of the hardware TPM if using interrupts. A value of + "probe" can be set to probe for the irq. A value of 0 + disabled interrupts and uses polling (default 0). + +tpmlocality=: Attempt to use locality of the hardware TPM. + (default 0) _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:33:22 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:33:22 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvb-00018g-SF; Mon, 21 Jan 2013 22:33:19 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPva-00017Y-6G for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:18 +0000 Received: from [85.158.139.83:26106] by server-3.bemta-5.messagelabs.com id 74/EF-15993-D22CDF05; Mon, 21 Jan 2013 22:33:17 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-12.tower-182.messagelabs.com!1358807591!28831130!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests=ML_RADAR_SPEW_LINKS_23, spamassassin: X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 9756 invoked from network); 21 Jan 2013 22:33:14 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-12.tower-182.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:33:14 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvT-0005fv-K9 for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:11 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPvT-0003hO-Bu for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:11 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:10 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] Add vtpm documentation X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Matthew Fioravante # Date 1358506545 0 # Node ID 18326c674f9be71d81101c2a398c36b35b5c5452 # Parent 21b5491281c4298560bfdd0946b73ec8ef4ccd4d Add vtpm documentation See the files included in this patch for details Signed-off-by: Matthew Fioravante Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r 21b5491281c4 -r 18326c674f9b docs/misc/vtpm.txt --- a/docs/misc/vtpm.txt Fri Jan 18 10:55:44 2013 +0000 +++ b/docs/misc/vtpm.txt Fri Jan 18 10:55:45 2013 +0000 @@ -1,152 +1,297 @@ -Copyright: IBM Corporation (C), Intel Corporation -29 June 2006 -Authors: Stefan Berger (IBM), - Employees of Intel Corp +Copyright (c) 2010-2012 United States Government, as represented by +the Secretary of Defense. All rights reserved. +November 12 2012 +Authors: Matthew Fioravante (JHUAPL), -This document gives a short introduction to the virtual TPM support -in XEN and goes as far as connecting a user domain to a virtual TPM -instance and doing a short test to verify success. It is assumed -that the user is fairly familiar with compiling and installing XEN -and Linux on a machine. +This document describes the virtual Trusted Platform Module (vTPM) subsystem +for Xen. The reader is assumed to have familiarity with building and installing +Xen, Linux, and a basic understanding of the TPM and vTPM concepts. + +------------------------------ +INTRODUCTION +------------------------------ +The goal of this work is to provide a TPM functionality to a virtual guest +operating system (a DomU). This allows programs to interact with a TPM in a +virtual system the same way they interact with a TPM on the physical system. +Each guest gets its own unique, emulated, software TPM. However, each of the +vTPM's secrets (Keys, NVRAM, etc) are managed by a vTPM Manager domain, which +seals the secrets to the Physical TPM. Thus, the vTPM subsystem extends the +chain of trust rooted in the hardware TPM to virtual machines in Xen. Each +major component of vTPM is implemented as a separate domain, providing secure +separation guaranteed by the hypervisor. The vTPM domains are implemented in +mini-os to reduce memory and processor overhead. + +This mini-os vTPM subsystem was built on top of the previous vTPM +work done by IBM and Intel corporation. -Production Prerequisites: An x86-based machine machine with a -Linux-supported TPM on the motherboard (NSC, Atmel, Infineon, TPM V1.2). -Development Prerequisites: An emulator for TESTING ONLY is provided +------------------------------ +DESIGN OVERVIEW +------------------------------ +The architecture of vTPM is described below: + ++------------------+ +| Linux DomU | ... +| | ^ | +| v | | +| xen-tpmfront | ++------------------+ + | ^ + v | ++------------------+ +| mini-os/tpmback | +| | ^ | +| v | | +| vtpm-stubdom | ... +| | ^ | +| v | | +| mini-os/tpmfront | ++------------------+ + | ^ + v | ++------------------+ +| mini-os/tpmback | +| | ^ | +| v | | +| vtpmmgrdom | +| | ^ | +| v | | +| mini-os/tpm_tis | ++------------------+ + | ^ + v | ++------------------+ +| Hardware TPM | ++------------------+ + * Linux DomU: The Linux based guest that wants to use a vTPM. There many be + more than one of these. + + * xen-tpmfront.ko: Linux kernel virtual TPM frontend driver. This driver + provides vTPM access to a para-virtualized Linux based DomU. + + * mini-os/tpmback: Mini-os TPM backend driver. The Linux frontend driver + connects to this backend driver to facilitate + communications between the Linux DomU and its vTPM. This + driver is also used by vtpmmgrdom to communicate with + vtpm-stubdom. + + * vtpm-stubdom: A mini-os stub domain that implements a vTPM. There is a + one to one mapping between running vtpm-stubdom instances and + logical vtpms on the system. The vTPM Platform Configuration + Registers (PCRs) are all initialized to zero. + + * mini-os/tpmfront: Mini-os TPM frontend driver. The vTPM mini-os domain + vtpm-stubdom uses this driver to communicate with + vtpmmgrdom. This driver could also be used separately to + implement a mini-os domain that wishes to use a vTPM of + its own. + + * vtpmmgrdom: A mini-os domain that implements the vTPM manager. + There is only one vTPM manager and it should be running during + the entire lifetime of the machine. This domain regulates + access to the physical TPM on the system and secures the + persistent state of each vTPM. + + * mini-os/tpm_tis: Mini-os TPM version 1.2 TPM Interface Specification (TIS) + driver. This driver used by vtpmmgrdom to talk directly to + the hardware TPM. Communication is facilitated by mapping + hardware memory pages into vtpmmgrdom. + + * Hardware TPM: The physical TPM that is soldered onto the motherboard. + +------------------------------ +INSTALLATION +------------------------------ + +Prerequisites: +-------------- +You must have an x86 machine with a TPM on the motherboard. +The only software requirement to compiling vTPM is cmake. +You must use libxl to manage domains with vTPMs. 'xm' is +deprecated and does not support vTPM. Compiling the XEN tree: ----------------------- -Compile the XEN tree as usual after the following lines set in the -linux-2.6.??-xen/.config file: +Compile and install the XEN tree as usual. Be sure to build and install +the stubdom tree. -CONFIG_XEN_TPMDEV_BACKEND=m +Compiling the LINUX dom0 kernel: +-------------------------------- -CONFIG_TCG_TPM=m -CONFIG_TCG_TIS=m (supported after 2.6.17-rc4) -CONFIG_TCG_NSC=m -CONFIG_TCG_ATMEL=m -CONFIG_TCG_INFINEON=m -CONFIG_TCG_XEN=m - +The Linux dom0 kernel has no special prerequisites. -If the frontend driver needs to be compiled into the user domain -kernel, then the following two lines should be changed. +Compiling the LINUX domU kernel: +-------------------------------- + +The domU kernel used by domains with vtpms must +include the xen-tpmfront.ko driver. It can be built +directly into the kernel or as a module. CONFIG_TCG_TPM=y CONFIG_TCG_XEN=y +------------------------------ +VTPM MANAGER SETUP +------------------------------ -You must also enable the virtual TPM to be built: +Manager disk image setup: +------------------------- -In Config.mk in the Xen root directory set the line +The vTPM Manager requires a disk image to store its +encrypted data. The image does not require a filesystem +and can live anywhere on the host disk. The image does not need +to be large. 8 to 16 Mb should be sufficient. -VTPM_TOOLS ?= y +# dd if=/dev/zero of=/var/vtpmmgrdom.img bs=16M count=1 -and in +Manager config file: +-------------------- -tools/vtpm/Rules.mk set the line +The vTPM Manager domain (vtpmmgrdom) must be started like +any other Xen virtual machine and requires a config file. +The manager requires a disk image for storage and permission +to access the hardware memory pages for the TPM. An +example configuration looks like the following. -BUILD_EMULATOR = y +kernel="/usr/lib/xen/boot/vtpmmgrdom.gz" +memory=16 +disk=["file:/var/vtpmmgrdom.img,hda,w"] +name="vtpmmgrdom" +iomem=["fed40,5"] -Now build the Xen sources from Xen's root directory: +The iomem line tells xl to allow access to the TPM +IO memory pages, which are 5 pages that start at +0xfed40000. -make install +Starting and stopping the manager: +---------------------------------- +The vTPM manager should be started at boot, you may wish to +create an init script to do this. -Also build the initial RAM disk if necessary. +# xl create -c vtpmmgrdom.cfg -Reboot the machine with the created Xen kernel. +Once initialization is complete you should see the following: +INFO[VTPM]: Waiting for commands from vTPM's: -Note: If you do not want any TPM-related code compiled into your -kernel or built as module then comment all the above lines like -this example: -# CONFIG_TCG_TPM is not set +To shutdown the manager you must destroy it. To avoid data corruption, +only destroy the manager when you see the above "Waiting for commands" +message. This ensures the disk is in a consistent state. +# xl destroy vtpmmgrdom -Modifying VM Configuration files: ---------------------------------- +------------------------------ +VTPM AND LINUX PVM SETUP +------------------------------ -VM configuration files need to be adapted to make a TPM instance -available to a user domain. The following VM configuration file is -an example of how a user domain can be configured to have a TPM -available. It works similar to making a network interface -available to a domain. +In the following examples we will assume we have Linux +guest named "domu" with its associated configuration +located at /home/user/domu. It's vtpm will be named +domu-vtpm. -kernel = "/boot/vmlinuz-2.6.x" -ramdisk = "/xen/initrd_domU/U1_ramdisk.img" -memory = 32 -name = "TPMUserDomain0" -vtpm = ['instance=1,backend=0'] -root = "/dev/ram0 console=tty ro" -vif = ['backend=0'] +vTPM disk image setup: +---------------------- -In the above configuration file the line 'vtpm = ...' provides -information about the domain where the virtual TPM is running and -where the TPM backend has been compiled into - this has to be -domain 0 at the moment - and which TPM instance the user domain -is supposed to talk to. Note that each running VM must use a -different instance and that using instance 0 is NOT allowed. The -instance parameter is taken as the desired instance number, but -the actual instance number that is assigned to the virtual machine -can be different. This is the case if for example that particular -instance is already used by another virtual machine. The association -of which TPM instance number is used by which virtual machine is -kept in the file /var/vtpm/vtpm.db. Associations are maintained by -a xend-internal vTPM UUID and vTPM instance number. +The vTPM requires a disk image to store its persistent +data. The image does not require a filesystem. The image +does not need to be large. 8 Mb should be sufficient. -Note: If you do not want TPM functionality for your user domain simply -leave out the 'vtpm' line in the configuration file. +# dd if=/dev/zero of=/home/user/domu/vtpm.img bs=8M count=1 +vTPM config file: +----------------- -Running the TPM: ----------------- +The vTPM domain requires a configuration file like +any other domain. The vTPM requires a disk image for +storage and a TPM frontend driver to communicate +with the manager. An example configuration is given: -To run the vTPM, the device /dev/vtpm must be available. -Verify that 'ls -l /dev/vtpm' shows the following output: +kernel="/usr/lib/xen/boot/vtpm-stubdom.gz" +memory=8 +disk=["file:/home/user/domu/vtpm.img,hda,w"] +name="domu-vtpm" +vtpm=["backend=vtpmmgrdom,uuid=ac0a5b9e-cbe2-4c07-b43b-1d69e46fb839"] -crw------- 1 root root 10, 225 Aug 11 06:58 /dev/vtpm +The vtpm= line sets up the tpm frontend driver. The backend must set +to vtpmmgrdom. You are required to generate a uuid for this vtpm. +You can use the uuidgen unix program or some other method to create a +uuid. The uuid uniquely identifies this vtpm to manager. -If it is not available, run the following command as 'root'. -mknod /dev/vtpm c 10 225 +If you wish to clear the vTPM data you can either recreate the +disk image or change the uuid. -Make sure that the vTPM is running in domain 0. To do this run the -following: +Linux Guest config file: +------------------------ -modprobe tpmbk +The Linux guest config file needs to be modified to include +the Linux tpmfront driver. Add the following line: -/usr/bin/vtpm_managerd +vtpm=["backend=domu-vtpm"] -Start a user domain using the 'xm create' command. Once you are in the -shell of the user domain, you should be able to do the following as -user 'root': +Currently only paravirtualized guests are supported. -Insert the TPM frontend into the kernel if it has been compiled as a -kernel module. +Launching and shut down: +------------------------ -> modprobe tpm_xenu +To launch a Linux guest with a vTPM we first have to start the vTPM domain. -Check the status of the TPM +# xl create -c /home/user/domu/vtpm.cfg -> cd /sys/devices/xen/vtpm-0 -> ls -[...] cancel caps pcrs pubek [...] -> cat pcrs -PCR-00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 -PCR-01: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 -PCR-02: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 -PCR-03: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 -PCR-04: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 -PCR-05: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 -PCR-06: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 -PCR-07: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 -PCR-08: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 -[...] +After initialization is complete, you should see the following: +Info: Waiting for frontend domain to connect.. -At this point the user domain has been successfully connected to its -virtual TPM instance. +Next, launch the Linux guest -For further information please read the documentation in -tools/vtpm_manager/README and tools/vtpm/README +# xl create -c /home/user/domu/domu.cfg -Stefan Berger and Employees of the Intel Corp +If xen-tpmfront was compiled as a module, be sure to load it +in the guest. + +# modprobe xen-tpmfront + +After the Linux domain boots and the xen-tpmfront driver is loaded, +you should see the following on the vtpm console: + +Info: VTPM attached to Frontend X/Y + +If you have trousers and tpm_tools installed on the guest, you can test the +vtpm. + +On guest: +# tcsd (if tcsd is not running already) +# tpm_version + +The version command should return the following: + TPM 1.2 Version Info: + Chip Version: 1.2.0.7 + Spec Level: 2 + Errata Revision: 1 + TPM Vendor ID: ETHZ + TPM Version: 01010000 + Manufacturer Info: 4554485a + +You should also see the command being sent to the vtpm console as well +as the vtpm saving its state. You should see the vtpm key being +encrypted and stored on the vtpmmgrdom console. + +To shutdown the guest and its vtpm, you just have to shutdown the guest +normally. As soon as the guest vm disconnects, the vtpm will shut itself +down automatically. + +On guest: +# shutdown -h now + +You may wish to write a script to start your vtpm and guest together. + +------------------------------ +MORE INFORMATION +------------------------------ + +See stubdom/vtpmmgr/README for more details about how +the manager domain works, how to use it, and its command line +parameters. + +See stubdom/vtpm/README for more specifics about how vtpm-stubdom +operates and the command line options it accepts. + diff -r 21b5491281c4 -r 18326c674f9b stubdom/vtpm/README --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpm/README Fri Jan 18 10:55:45 2013 +0000 @@ -0,0 +1,75 @@ +Copyright (c) 2010-2012 United States Government, as represented by +the Secretary of Defense. All rights reserved. +November 12 2012 +Authors: Matthew Fioravante (JHUAPL), + +This document describes the operation and command line interface +of vtpm-stubdom. See docs/misc/vtpm.txt for details on the +vTPM subsystem as a whole. + + +------------------------------ +OPERATION +------------------------------ + +The vtpm-stubdom is a mini-OS domain that emulates a TPM for the guest OS to +use. It is a small wrapper around the Berlios TPM emulator +version 0.7.4. Commands are passed from the linux guest via the +mini-os TPM backend driver. vTPM data is encrypted and stored via a disk image +provided to the virtual machine. The key used to encrypt the data along +with a hash of the vTPM's data is sent to the vTPM manager for secure storage +and later retrieval. The vTPM domain communicates with the manager using a +mini-os tpm front/back device pair. + +------------------------------ +COMMAND LINE ARGUMENTS +------------------------------ + +Command line arguments are passed to the domain via the 'extra' +parameter in the VM config file. Each parameter is separated +by white space. For example: + +extra="foo=bar baz" + +List of Arguments: +------------------ + +loglevel=: Controls the amount of logging printed to the console. + The possible values for are: + error + info (default) + debug + +clear: Start the Berlios emulator in "clear" mode. (default) + +save: Start the Berlios emulator in "save" mode. + +deactivated: Start the Berlios emulator in "deactivated" mode. + See the Berlios TPM emulator documentation for details + about the startup mode. For all normal use, always use clear + which is the default. You should not need to specify any of these. + +maintcmds=<1|0>: Enable to disable the TPM maintenance commands. + These commands are used by tpm manufacturers and thus + open a security hole. They are disabled by default. + +hwinitpcr=: Initialize the virtual Platform Configuration Registers + (PCRs) with PCR values from the hardware TPM. Each pcr specified by + will be initialized with the value of that same PCR in TPM + once at startup. By default all PCRs are zero initialized. + Value values of are: + all: copy all pcrs + none: copy no pcrs (default) + : copy pcr n + : copy pcrs x to y (inclusive) + + These can also be combined by comma separation, for example: + hwinitpcrs=5,12-16 + will copy pcrs 5, 12, 13, 14, 15, and 16. + +------------------------------ +REFERENCES +------------------------------ + +Berlios TPM Emulator: +http://tpm-emulator.berlios.de/ diff -r 21b5491281c4 -r 18326c674f9b stubdom/vtpmmgr/README --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpmmgr/README Fri Jan 18 10:55:45 2013 +0000 @@ -0,0 +1,75 @@ +Copyright (c) 2010-2012 United States Government, as represented by +the Secretary of Defense. All rights reserved. +November 12 2012 +Authors: Matthew Fioravante (JHUAPL), + +This document describes the operation and command line interface +of vtpmmgrdom. See docs/misc/vtpm.txt for details on the +vTPM subsystem as a whole. + + +------------------------------ +OPERATION +------------------------------ + +The vtpmmgrdom implements a vTPM manager who has two major functions: + + - Securely store encryption keys for each of the vTPMS + - Regulate access to the hardware TPM for the entire system + +The manager accepts commands from the vtpm-stubdom domains via the mini-os +TPM backend driver. The vTPM manager communicates directly with hardware TPM +using the mini-os tpm_tis driver. + + +When the manager starts for the first time it will check if the TPM +has an owner. If the TPM is unowned, it will attempt to take ownership +with the supplied owner_auth (see below) and then create a TPM +storage key which will be used to secure vTPM key data. Currently the +manager only binds vTPM keys to the disk. In the future support +for sealing to PCRs should be added. + +------------------------------ +COMMAND LINE ARGUMENTS +------------------------------ + +Command line arguments are passed to the domain via the 'extra' +parameter in the VM config file. Each parameter is separated +by white space. For example: + +extra="foo=bar baz" + +List of Arguments: +------------------ + +owner_auth=: Set the owner auth of the TPM. The default + is the well known owner auth of all ones. + +srk_auth=: Set the SRK auth for the TPM. The default is + the well known srk auth of all zeroes. + The possible values of are: + well-known: Use the well known auth (default) + random: Randomly generate an auth + hash: : Use the given 40 character ASCII hex string + text: : Use sha1 hash of . + +tpmdriver=: Which driver to use to talk to the hardware TPM. + Don't change this unless you know what you're doing. + The possible values of are: + tpm_tis: Use the tpm_tis driver to talk directly to the TPM. + The domain must have access to TPM IO memory. (default) + tpmfront: Use tpmfront to talk to the TPM. The domain must have + a tpmfront device setup to talk to another domain + which provides access to the TPM. + +The following options only apply to the tpm_tis driver: + +tpmiomem=: The base address of the hardware memory pages of the + TPM (default 0xfed40000). + +tpmirq=: The irq of the hardware TPM if using interrupts. A value of + "probe" can be set to probe for the irq. A value of 0 + disabled interrupts and uses polling (default 0). + +tpmlocality=: Attempt to use locality of the hardware TPM. + (default 0) _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:33:22 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:33:22 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvb-00018o-VX; Mon, 21 Jan 2013 22:33:19 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPva-00017Z-S2 for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:19 +0000 Received: from [85.158.143.35:30377] by server-1.bemta-4.messagelabs.com id 5F/37-05635-E22CDF05; Mon, 21 Jan 2013 22:33:18 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-11.tower-21.messagelabs.com!1358807596!11962908!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 30244 invoked from network); 21 Jan 2013 22:33:17 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-11.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:33:17 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvY-0005gM-Lw for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:16 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPvY-0003jZ-GX for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:16 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:16 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] arm: avoid placing Xen over any modules. X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1358772027 0 # Node ID 5a245dc8aa137bb8387cec3451b56a5f26b59c5e # Parent 70bf273b3b6b9daade34e26375d1fcf737e9748e arm: avoid placing Xen over any modules. This will still fail if the modules are such that Xen is pushed out of the top 32M of RAM since it will then overlap with the domheap (or possibly xenheap). This will be dealt with later. Signed-off-by: Ian Campbell Acked-by: Tim Deegan Committed-by: Ian Campbell --- diff -r 70bf273b3b6b -r 5a245dc8aa13 xen/arch/arm/setup.c --- a/xen/arch/arm/setup.c Mon Jan 21 12:40:26 2013 +0000 +++ b/xen/arch/arm/setup.c Mon Jan 21 12:40:27 2013 +0000 @@ -68,17 +68,55 @@ static void __init processor_id(void) READ_CP32(ID_ISAR3), READ_CP32(ID_ISAR4), READ_CP32(ID_ISAR5)); } +/* + * Returns the end address of the highest region in the range s..e + * with required size and alignment that does not conflict with the + * modules from first_mod to nr_modules. + * + * For non-recursive callers first_mod should normally be 1. + */ +static paddr_t __init consider_modules(paddr_t s, paddr_t e, + uint32_t size, paddr_t align, + int first_mod) +{ + const struct dt_module_info *mi = &early_info.modules; + int i; + + s = (s+align-1) & ~(align-1); + e = e & ~(align-1); + + if ( s > e || e - s < size ) + return 0; + + for ( i = first_mod; i <= mi->nr_mods; i++ ) + { + paddr_t mod_s = mi->module[i].start; + paddr_t mod_e = mod_s + mi->module[i].size; + + if ( s < mod_e && mod_s < e ) + { + mod_e = consider_modules(mod_e, e, size, align, i+1); + if ( mod_e ) + return mod_e; + + return consider_modules(s, mod_s, size, align, i+1); + } + } + + return e; +} + /** * get_xen_paddr - get physical address to relocate Xen to * - * Xen is relocated to the top of RAM and aligned to a XEN_PADDR_ALIGN - * boundary. + * Xen is relocated to as near to the top of RAM as possible and + * aligned to a XEN_PADDR_ALIGN boundary. */ static paddr_t __init get_xen_paddr(void) { struct dt_mem_info *mi = &early_info.mem; paddr_t min_size; - paddr_t paddr = 0, t; + paddr_t paddr = 0; int i; min_size = (_end - _start + (XEN_PADDR_ALIGN-1)) & ~(XEN_PADDR_ALIGN-1); @@ -86,17 +124,33 @@ static paddr_t __init get_xen_paddr(void /* Find the highest bank with enough space. */ for ( i = 0; i < mi->nr_banks; i++ ) { - if ( mi->bank[i].size >= min_size ) + const struct membank *bank = &mi->bank[i]; + paddr_t s, e; + + if ( bank->size >= min_size ) { - t = mi->bank[i].start + mi->bank[i].size - min_size; - if ( t > paddr ) - paddr = t; + e = consider_modules(bank->start, bank->start + bank->size, + min_size, XEN_PADDR_ALIGN, 1); + if ( !e ) + continue; + + s = e - min_size; + + if ( s > paddr ) + paddr = s; } } if ( !paddr ) early_panic("Not enough memory to relocate Xen\n"); + early_printk("Placing Xen at 0x%"PRIpaddr"-0x%"PRIpaddr"\n", + paddr, paddr + min_size); + + /* Xen is module 0 */ + early_info.modules.module[0].start = paddr; + early_info.modules.module[0].size = min_size; + return paddr; } _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:33:22 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:33:22 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvb-00018o-VX; Mon, 21 Jan 2013 22:33:19 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPva-00017Z-S2 for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:19 +0000 Received: from [85.158.143.35:30377] by server-1.bemta-4.messagelabs.com id 5F/37-05635-E22CDF05; Mon, 21 Jan 2013 22:33:18 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-11.tower-21.messagelabs.com!1358807596!11962908!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 30244 invoked from network); 21 Jan 2013 22:33:17 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-11.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:33:17 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvY-0005gM-Lw for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:16 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPvY-0003jZ-GX for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:16 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:16 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] arm: avoid placing Xen over any modules. X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1358772027 0 # Node ID 5a245dc8aa137bb8387cec3451b56a5f26b59c5e # Parent 70bf273b3b6b9daade34e26375d1fcf737e9748e arm: avoid placing Xen over any modules. This will still fail if the modules are such that Xen is pushed out of the top 32M of RAM since it will then overlap with the domheap (or possibly xenheap). This will be dealt with later. Signed-off-by: Ian Campbell Acked-by: Tim Deegan Committed-by: Ian Campbell --- diff -r 70bf273b3b6b -r 5a245dc8aa13 xen/arch/arm/setup.c --- a/xen/arch/arm/setup.c Mon Jan 21 12:40:26 2013 +0000 +++ b/xen/arch/arm/setup.c Mon Jan 21 12:40:27 2013 +0000 @@ -68,17 +68,55 @@ static void __init processor_id(void) READ_CP32(ID_ISAR3), READ_CP32(ID_ISAR4), READ_CP32(ID_ISAR5)); } +/* + * Returns the end address of the highest region in the range s..e + * with required size and alignment that does not conflict with the + * modules from first_mod to nr_modules. + * + * For non-recursive callers first_mod should normally be 1. + */ +static paddr_t __init consider_modules(paddr_t s, paddr_t e, + uint32_t size, paddr_t align, + int first_mod) +{ + const struct dt_module_info *mi = &early_info.modules; + int i; + + s = (s+align-1) & ~(align-1); + e = e & ~(align-1); + + if ( s > e || e - s < size ) + return 0; + + for ( i = first_mod; i <= mi->nr_mods; i++ ) + { + paddr_t mod_s = mi->module[i].start; + paddr_t mod_e = mod_s + mi->module[i].size; + + if ( s < mod_e && mod_s < e ) + { + mod_e = consider_modules(mod_e, e, size, align, i+1); + if ( mod_e ) + return mod_e; + + return consider_modules(s, mod_s, size, align, i+1); + } + } + + return e; +} + /** * get_xen_paddr - get physical address to relocate Xen to * - * Xen is relocated to the top of RAM and aligned to a XEN_PADDR_ALIGN - * boundary. + * Xen is relocated to as near to the top of RAM as possible and + * aligned to a XEN_PADDR_ALIGN boundary. */ static paddr_t __init get_xen_paddr(void) { struct dt_mem_info *mi = &early_info.mem; paddr_t min_size; - paddr_t paddr = 0, t; + paddr_t paddr = 0; int i; min_size = (_end - _start + (XEN_PADDR_ALIGN-1)) & ~(XEN_PADDR_ALIGN-1); @@ -86,17 +124,33 @@ static paddr_t __init get_xen_paddr(void /* Find the highest bank with enough space. */ for ( i = 0; i < mi->nr_banks; i++ ) { - if ( mi->bank[i].size >= min_size ) + const struct membank *bank = &mi->bank[i]; + paddr_t s, e; + + if ( bank->size >= min_size ) { - t = mi->bank[i].start + mi->bank[i].size - min_size; - if ( t > paddr ) - paddr = t; + e = consider_modules(bank->start, bank->start + bank->size, + min_size, XEN_PADDR_ALIGN, 1); + if ( !e ) + continue; + + s = e - min_size; + + if ( s > paddr ) + paddr = s; } } if ( !paddr ) early_panic("Not enough memory to relocate Xen\n"); + early_printk("Placing Xen at 0x%"PRIpaddr"-0x%"PRIpaddr"\n", + paddr, paddr + min_size); + + /* Xen is module 0 */ + early_info.modules.module[0].start = paddr; + early_info.modules.module[0].size = min_size; + return paddr; } _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:33:22 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:33:22 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvb-00018a-Pe; Mon, 21 Jan 2013 22:33:19 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPva-00017Z-Cn for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:18 +0000 Received: from [85.158.143.99:35075] by server-1.bemta-4.messagelabs.com id DD/37-05635-D22CDF05; Mon, 21 Jan 2013 22:33:17 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-9.tower-216.messagelabs.com!1358807596!27897711!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 18425 invoked from network); 21 Jan 2013 22:33:17 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-9.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:33:17 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvY-0005gJ-0r for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:16 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPvX-0003jK-VH for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:15 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:15 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen: arm: introduce concept of modules which can be in RAM at start of day X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1358772026 0 # Node ID 70bf273b3b6b9daade34e26375d1fcf737e9748e # Parent f07742a1a3c6ac673d6189e27a19a48f6c3b385c xen: arm: introduce concept of modules which can be in RAM at start of day The intention is that these will eventually be filled in with information from the bootloader, perhaps via a DTB binding. Allow for 2 modules (kernel and initrd), plus a third pseudo-module which is the hypervisor itself. Currently we neither parse nor do anything with them. Signed-off-by: Ian Campbell Acked-by: Stefano Stabellini Committed-by: Ian Campbell --- diff -r f07742a1a3c6 -r 70bf273b3b6b xen/include/xen/device_tree.h --- a/xen/include/xen/device_tree.h Fri Jan 18 14:14:31 2013 +0000 +++ b/xen/include/xen/device_tree.h Mon Jan 21 12:40:26 2013 +0000 @@ -15,6 +15,7 @@ #define DEVICE_TREE_MAX_DEPTH 16 #define NR_MEM_BANKS 8 +#define NR_MODULES 2 struct membank { paddr_t start; @@ -33,9 +34,22 @@ struct dt_gic_info { paddr_t gic_vcpu_addr; }; +struct dt_mb_module { + paddr_t start; + paddr_t size; + char cmdline[1024]; +}; + +struct dt_module_info { + int nr_mods; + /* Module 0 is Xen itself, followed by the provided modules-proper */ + struct dt_mb_module module[NR_MODULES + 1]; +}; + struct dt_early_info { struct dt_mem_info mem; struct dt_gic_info gic; + struct dt_module_info modules; }; typedef int (*device_tree_node_func)(const void *fdt, _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:33:22 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:33:22 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvb-00018a-Pe; Mon, 21 Jan 2013 22:33:19 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPva-00017Z-Cn for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:18 +0000 Received: from [85.158.143.99:35075] by server-1.bemta-4.messagelabs.com id DD/37-05635-D22CDF05; Mon, 21 Jan 2013 22:33:17 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-9.tower-216.messagelabs.com!1358807596!27897711!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 18425 invoked from network); 21 Jan 2013 22:33:17 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-9.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:33:17 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvY-0005gJ-0r for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:16 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPvX-0003jK-VH for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:15 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:15 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen: arm: introduce concept of modules which can be in RAM at start of day X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1358772026 0 # Node ID 70bf273b3b6b9daade34e26375d1fcf737e9748e # Parent f07742a1a3c6ac673d6189e27a19a48f6c3b385c xen: arm: introduce concept of modules which can be in RAM at start of day The intention is that these will eventually be filled in with information from the bootloader, perhaps via a DTB binding. Allow for 2 modules (kernel and initrd), plus a third pseudo-module which is the hypervisor itself. Currently we neither parse nor do anything with them. Signed-off-by: Ian Campbell Acked-by: Stefano Stabellini Committed-by: Ian Campbell --- diff -r f07742a1a3c6 -r 70bf273b3b6b xen/include/xen/device_tree.h --- a/xen/include/xen/device_tree.h Fri Jan 18 14:14:31 2013 +0000 +++ b/xen/include/xen/device_tree.h Mon Jan 21 12:40:26 2013 +0000 @@ -15,6 +15,7 @@ #define DEVICE_TREE_MAX_DEPTH 16 #define NR_MEM_BANKS 8 +#define NR_MODULES 2 struct membank { paddr_t start; @@ -33,9 +34,22 @@ struct dt_gic_info { paddr_t gic_vcpu_addr; }; +struct dt_mb_module { + paddr_t start; + paddr_t size; + char cmdline[1024]; +}; + +struct dt_module_info { + int nr_mods; + /* Module 0 is Xen itself, followed by the provided modules-proper */ + struct dt_mb_module module[NR_MODULES + 1]; +}; + struct dt_early_info { struct dt_mem_info mem; struct dt_gic_info gic; + struct dt_module_info modules; }; typedef int (*device_tree_node_func)(const void *fdt, _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:33:23 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:33:23 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPve-0001AV-5a; Mon, 21 Jan 2013 22:33:22 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvc-00019Q-T4 for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:21 +0000 Received: from [193.109.254.147:26997] by server-9.bemta-14.messagelabs.com id 44/C0-17118-032CDF05; Mon, 21 Jan 2013 22:33:20 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-9.tower-27.messagelabs.com!1358807597!8823373!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 18833 invoked from network); 21 Jan 2013 22:33:18 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-9.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:33:18 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvZ-0005gP-5O for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:17 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPvZ-0003jo-1R for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:17 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:16 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] arm: avoid allocating the heaps over modules or xen itself. X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1358772027 0 # Node ID 7962cb743400de7c155522f6bf7f4cd25f09b093 # Parent 5a245dc8aa137bb8387cec3451b56a5f26b59c5e arm: avoid allocating the heaps over modules or xen itself. Signed-off-by: Ian Campbell Acked-by: Tim Deegan Committed-by: Ian Campbell --- diff -r 5a245dc8aa13 -r 7962cb743400 xen/arch/arm/setup.c --- a/xen/arch/arm/setup.c Mon Jan 21 12:40:27 2013 +0000 +++ b/xen/arch/arm/setup.c Mon Jan 21 12:40:27 2013 +0000 @@ -73,7 +73,8 @@ static void __init processor_id(void) * with required size and alignment that does not conflict with the * modules from first_mod to nr_modules. * - * For non-recursive callers first_mod should normally be 1. + * For non-recursive callers first_mod should normally be 0 (all + * modules and Xen itself) or 1 (all modules but not Xen). */ static paddr_t __init consider_modules(paddr_t s, paddr_t e, uint32_t size, paddr_t align, @@ -106,6 +107,34 @@ static paddr_t __init consider_modules(p return e; } +/* + * Return the end of the non-module region starting at s. In other + * words return s the start of the next modules after s. + * + * Also returns the end of that module in *n. + */ +static paddr_t __init next_module(paddr_t s, paddr_t *n) +{ + struct dt_module_info *mi = &early_info.modules; + paddr_t lowest = ~(paddr_t)0; + int i; + + for ( i = 0; i <= mi->nr_mods; i++ ) + { + paddr_t mod_s = mi->module[i].start; + paddr_t mod_e = mod_s + mi->module[i].size; + + if ( mod_s < s ) + continue; + if ( mod_s > lowest ) + continue; + lowest = mod_s; + *n = mod_e; + } + return lowest; +} + + /** * get_xen_paddr - get physical address to relocate Xen to * @@ -159,6 +188,7 @@ static void __init setup_mm(unsigned lon paddr_t ram_start; paddr_t ram_end; paddr_t ram_size; + paddr_t s, e; unsigned long ram_pages; unsigned long heap_pages, xenheap_pages, domheap_pages; unsigned long dtb_pages; @@ -176,22 +206,37 @@ static void __init setup_mm(unsigned lon ram_pages = ram_size >> PAGE_SHIFT; /* - * Calculate the sizes for the heaps using these constraints: + * Locate the xenheap using these constraints: * - * - heaps must be 32 MiB aligned - * - must not include Xen itself - * - xen heap must be at most 1 GiB + * - must be 32 MiB aligned + * - must not include Xen itself or the boot modules + * - must be at most 1 GiB + * - must be at least 128M * - * XXX: needs a platform with at least 1GiB of RAM or the dom - * heap will be empty and no domains can be created. + * We try to allocate the largest xenheap possible within these + * constraints. */ - heap_pages = (ram_size >> PAGE_SHIFT) - (32 << (20 - PAGE_SHIFT)); + heap_pages = (ram_size >> PAGE_SHIFT); xenheap_pages = min(1ul << (30 - PAGE_SHIFT), heap_pages); + + do + { + e = consider_modules(ram_start, ram_end, xenheap_pages<>= 1; + } while ( xenheap_pages > 128<<(20-PAGE_SHIFT) ); + + if ( ! e ) + panic("Not not enough space for xenheap\n"); + domheap_pages = heap_pages - xenheap_pages; printk("Xen heap: %lu pages Dom heap: %lu pages\n", xenheap_pages, domheap_pages); - setup_xenheap_mappings(ram_start >> PAGE_SHIFT, xenheap_pages); + setup_xenheap_mappings((e >> PAGE_SHIFT) - xenheap_pages, xenheap_pages); /* * Need a single mapped page for populating bootmem_region_list @@ -215,8 +260,30 @@ static void __init setup_mm(unsigned lon copy_from_paddr(device_tree_flattened, dtb_paddr, dtb_size, BUFFERABLE); /* Add non-xenheap memory */ - init_boot_pages(pfn_to_paddr(xenheap_mfn_start + xenheap_pages), - pfn_to_paddr(xenheap_mfn_start + xenheap_pages + domheap_pages)); + s = ram_start; + while ( s < ram_end ) + { + paddr_t n = ram_end; + + e = next_module(s, &n); + + if ( e == ~(paddr_t)0 ) + { + e = n = ram_end; + } + + /* Avoid the xenheap */ + if ( s < ((xenheap_mfn_start+xenheap_pages) << PAGE_SHIFT) + && (xenheap_mfn_start << PAGE_SHIFT) < e ) + { + e = pfn_to_paddr(xenheap_mfn_start); + n = pfn_to_paddr(xenheap_mfn_start+xenheap_pages); + } + + init_boot_pages(s, e); + + s = n; + } setup_frametable_mappings(ram_start, ram_end); max_page = PFN_DOWN(ram_end); _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:33:23 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:33:23 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPve-0001AV-5a; Mon, 21 Jan 2013 22:33:22 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvc-00019Q-T4 for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:21 +0000 Received: from [193.109.254.147:26997] by server-9.bemta-14.messagelabs.com id 44/C0-17118-032CDF05; Mon, 21 Jan 2013 22:33:20 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-9.tower-27.messagelabs.com!1358807597!8823373!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 18833 invoked from network); 21 Jan 2013 22:33:18 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-9.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:33:18 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvZ-0005gP-5O for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:17 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPvZ-0003jo-1R for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:17 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:16 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] arm: avoid allocating the heaps over modules or xen itself. X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1358772027 0 # Node ID 7962cb743400de7c155522f6bf7f4cd25f09b093 # Parent 5a245dc8aa137bb8387cec3451b56a5f26b59c5e arm: avoid allocating the heaps over modules or xen itself. Signed-off-by: Ian Campbell Acked-by: Tim Deegan Committed-by: Ian Campbell --- diff -r 5a245dc8aa13 -r 7962cb743400 xen/arch/arm/setup.c --- a/xen/arch/arm/setup.c Mon Jan 21 12:40:27 2013 +0000 +++ b/xen/arch/arm/setup.c Mon Jan 21 12:40:27 2013 +0000 @@ -73,7 +73,8 @@ static void __init processor_id(void) * with required size and alignment that does not conflict with the * modules from first_mod to nr_modules. * - * For non-recursive callers first_mod should normally be 1. + * For non-recursive callers first_mod should normally be 0 (all + * modules and Xen itself) or 1 (all modules but not Xen). */ static paddr_t __init consider_modules(paddr_t s, paddr_t e, uint32_t size, paddr_t align, @@ -106,6 +107,34 @@ static paddr_t __init consider_modules(p return e; } +/* + * Return the end of the non-module region starting at s. In other + * words return s the start of the next modules after s. + * + * Also returns the end of that module in *n. + */ +static paddr_t __init next_module(paddr_t s, paddr_t *n) +{ + struct dt_module_info *mi = &early_info.modules; + paddr_t lowest = ~(paddr_t)0; + int i; + + for ( i = 0; i <= mi->nr_mods; i++ ) + { + paddr_t mod_s = mi->module[i].start; + paddr_t mod_e = mod_s + mi->module[i].size; + + if ( mod_s < s ) + continue; + if ( mod_s > lowest ) + continue; + lowest = mod_s; + *n = mod_e; + } + return lowest; +} + + /** * get_xen_paddr - get physical address to relocate Xen to * @@ -159,6 +188,7 @@ static void __init setup_mm(unsigned lon paddr_t ram_start; paddr_t ram_end; paddr_t ram_size; + paddr_t s, e; unsigned long ram_pages; unsigned long heap_pages, xenheap_pages, domheap_pages; unsigned long dtb_pages; @@ -176,22 +206,37 @@ static void __init setup_mm(unsigned lon ram_pages = ram_size >> PAGE_SHIFT; /* - * Calculate the sizes for the heaps using these constraints: + * Locate the xenheap using these constraints: * - * - heaps must be 32 MiB aligned - * - must not include Xen itself - * - xen heap must be at most 1 GiB + * - must be 32 MiB aligned + * - must not include Xen itself or the boot modules + * - must be at most 1 GiB + * - must be at least 128M * - * XXX: needs a platform with at least 1GiB of RAM or the dom - * heap will be empty and no domains can be created. + * We try to allocate the largest xenheap possible within these + * constraints. */ - heap_pages = (ram_size >> PAGE_SHIFT) - (32 << (20 - PAGE_SHIFT)); + heap_pages = (ram_size >> PAGE_SHIFT); xenheap_pages = min(1ul << (30 - PAGE_SHIFT), heap_pages); + + do + { + e = consider_modules(ram_start, ram_end, xenheap_pages<>= 1; + } while ( xenheap_pages > 128<<(20-PAGE_SHIFT) ); + + if ( ! e ) + panic("Not not enough space for xenheap\n"); + domheap_pages = heap_pages - xenheap_pages; printk("Xen heap: %lu pages Dom heap: %lu pages\n", xenheap_pages, domheap_pages); - setup_xenheap_mappings(ram_start >> PAGE_SHIFT, xenheap_pages); + setup_xenheap_mappings((e >> PAGE_SHIFT) - xenheap_pages, xenheap_pages); /* * Need a single mapped page for populating bootmem_region_list @@ -215,8 +260,30 @@ static void __init setup_mm(unsigned lon copy_from_paddr(device_tree_flattened, dtb_paddr, dtb_size, BUFFERABLE); /* Add non-xenheap memory */ - init_boot_pages(pfn_to_paddr(xenheap_mfn_start + xenheap_pages), - pfn_to_paddr(xenheap_mfn_start + xenheap_pages + domheap_pages)); + s = ram_start; + while ( s < ram_end ) + { + paddr_t n = ram_end; + + e = next_module(s, &n); + + if ( e == ~(paddr_t)0 ) + { + e = n = ram_end; + } + + /* Avoid the xenheap */ + if ( s < ((xenheap_mfn_start+xenheap_pages) << PAGE_SHIFT) + && (xenheap_mfn_start << PAGE_SHIFT) < e ) + { + e = pfn_to_paddr(xenheap_mfn_start); + n = pfn_to_paddr(xenheap_mfn_start+xenheap_pages); + } + + init_boot_pages(s, e); + + s = n; + } setup_frametable_mappings(ram_start, ram_end); max_page = PFN_DOWN(ram_end); _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:33:23 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:33:23 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPve-0001Ad-8Q; Mon, 21 Jan 2013 22:33:22 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvd-00017Z-5l for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:21 +0000 Received: from [85.158.143.99:45296] by server-1.bemta-4.messagelabs.com id 54/47-05635-032CDF05; Mon, 21 Jan 2013 22:33:20 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-16.tower-216.messagelabs.com!1358807598!17694750!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 23323 invoked from network); 21 Jan 2013 22:33:19 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-16.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:33:19 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPva-0005gV-6M for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:18 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPva-0003kI-5A for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:18 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:17 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] arm: load dom0 kernel from first boot module X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1358772029 0 # Node ID 983813670ef997cdb5ccdc6526248f419366b741 # Parent 85aaa7a64131f59f374028ece7eb6746bc8779cc arm: load dom0 kernel from first boot module Signed-off-by: Ian Campbell Acked-by: Tim Deegan Committed-by: Ian Campbell --- diff -r 85aaa7a64131 -r 983813670ef9 xen/arch/arm/kernel.c --- a/xen/arch/arm/kernel.c Mon Jan 21 12:40:28 2013 +0000 +++ b/xen/arch/arm/kernel.c Mon Jan 21 12:40:29 2013 +0000 @@ -22,6 +22,7 @@ #define ZIMAGE_MAGIC_OFFSET 0x24 #define ZIMAGE_START_OFFSET 0x28 #define ZIMAGE_END_OFFSET 0x2c +#define ZIMAGE_HEADER_LEN 0x30 #define ZIMAGE_MAGIC 0x016f2818 @@ -65,40 +66,42 @@ void copy_from_paddr(void *dst, paddr_t static void kernel_zimage_load(struct kernel_info *info) { paddr_t load_addr = info->zimage.load_addr; + paddr_t paddr = info->zimage.kernel_addr; + paddr_t attr = info->load_attr; paddr_t len = info->zimage.len; - paddr_t flash = KERNEL_FLASH_ADDRESS; - void *src = (void *)FIXMAP_ADDR(FIXMAP_MISC); unsigned long offs; - printk("Loading %"PRIpaddr" byte zImage from flash %"PRIpaddr" to %"PRIpaddr"-%"PRIpaddr": [", - len, flash, load_addr, load_addr + len); - for ( offs = 0; offs < len; offs += PAGE_SIZE ) + printk("Loading zImage from %"PRIpaddr" to %"PRIpaddr"-%"PRIpaddr"\n", + paddr, load_addr, load_addr + len); + for ( offs = 0; offs < len; ) { - paddr_t ma = gvirt_to_maddr(load_addr + offs); + paddr_t s, l, ma = gvirt_to_maddr(load_addr + offs); void *dst = map_domain_page(ma>>PAGE_SHIFT); - if ( ( offs % (1<<20) ) == 0 ) - printk("."); + s = offs & ~PAGE_MASK; + l = min(PAGE_SIZE - s, len); - set_fixmap(FIXMAP_MISC, (flash+offs) >> PAGE_SHIFT, DEV_SHARED); - memcpy(dst, src, PAGE_SIZE); - clear_fixmap(FIXMAP_MISC); + copy_from_paddr(dst + s, paddr + offs, l, attr); unmap_domain_page(dst); + offs += l; } - printk("]\n"); } /** * Check the image is a zImage and return the load address and length */ -static int kernel_try_zimage_prepare(struct kernel_info *info) +static int kernel_try_zimage_prepare(struct kernel_info *info, + paddr_t addr, paddr_t size) { - uint32_t *zimage = (void *)FIXMAP_ADDR(FIXMAP_MISC); + uint32_t zimage[ZIMAGE_HEADER_LEN/4]; uint32_t start, end; struct minimal_dtb_header dtb_hdr; - set_fixmap(FIXMAP_MISC, KERNEL_FLASH_ADDRESS >> PAGE_SHIFT, DEV_SHARED); + if ( size < ZIMAGE_HEADER_LEN ) + return -EINVAL; + + copy_from_paddr(zimage, addr, sizeof(zimage), DEV_SHARED); if (zimage[ZIMAGE_MAGIC_OFFSET/4] != ZIMAGE_MAGIC) return -EINVAL; @@ -106,16 +109,26 @@ static int kernel_try_zimage_prepare(str start = zimage[ZIMAGE_START_OFFSET/4]; end = zimage[ZIMAGE_END_OFFSET/4]; - clear_fixmap(FIXMAP_MISC); + if ( (end - start) > size ) + return -EINVAL; /* * Check for an appended DTB. */ - copy_from_paddr(&dtb_hdr, KERNEL_FLASH_ADDRESS + end - start, sizeof(dtb_hdr), DEV_SHARED); - if (be32_to_cpu(dtb_hdr.magic) == DTB_MAGIC) { - end += be32_to_cpu(dtb_hdr.total_size); + if ( addr + end - start + sizeof(dtb_hdr) <= size ) + { + copy_from_paddr(&dtb_hdr, addr + end - start, + sizeof(dtb_hdr), DEV_SHARED); + if (be32_to_cpu(dtb_hdr.magic) == DTB_MAGIC) { + end += be32_to_cpu(dtb_hdr.total_size); + + if ( end > addr + size ) + return -EINVAL; + } } + info->zimage.kernel_addr = addr; + /* * If start is zero, the zImage is position independent -- load it * at 32k from start of RAM. @@ -142,25 +155,26 @@ static void kernel_elf_load(struct kerne free_xenheap_pages(info->kernel_img, info->kernel_order); } -static int kernel_try_elf_prepare(struct kernel_info *info) +static int kernel_try_elf_prepare(struct kernel_info *info, + paddr_t addr, paddr_t size) { int rc; - info->kernel_order = get_order_from_bytes(KERNEL_FLASH_SIZE); + info->kernel_order = get_order_from_bytes(size); info->kernel_img = alloc_xenheap_pages(info->kernel_order, 0); if ( info->kernel_img == NULL ) panic("Cannot allocate temporary buffer for kernel.\n"); - copy_from_paddr(info->kernel_img, KERNEL_FLASH_ADDRESS, KERNEL_FLASH_SIZE, DEV_SHARED); + copy_from_paddr(info->kernel_img, addr, size, info->load_attr); - if ( (rc = elf_init(&info->elf.elf, info->kernel_img, KERNEL_FLASH_SIZE )) != 0 ) - return rc; + if ( (rc = elf_init(&info->elf.elf, info->kernel_img, size )) != 0 ) + goto err; #ifdef VERBOSE elf_set_verbose(&info->elf.elf); #endif elf_parse_binary(&info->elf.elf); if ( (rc = elf_xen_parse(&info->elf.elf, &info->elf.parms)) != 0 ) - return rc; + goto err; /* * TODO: can the ELF header be used to find the physical address @@ -170,15 +184,38 @@ static int kernel_try_elf_prepare(struct info->load = kernel_elf_load; return 0; +err: + free_xenheap_pages(info->kernel_img, info->kernel_order); + return rc; } int kernel_prepare(struct kernel_info *info) { int rc; - rc = kernel_try_zimage_prepare(info); + paddr_t start, size; + + if ( early_info.modules.nr_mods > 1 ) + panic("Cannot handle dom0 initrd yet\n"); + + if ( early_info.modules.nr_mods < 1 ) + { + printk("No boot modules found, trying flash\n"); + start = KERNEL_FLASH_ADDRESS; + size = KERNEL_FLASH_SIZE; + info->load_attr = DEV_SHARED; + } + else + { + printk("Loading kernel from boot module 1\n"); + start = early_info.modules.module[1].start; + size = early_info.modules.module[1].size; + info->load_attr = BUFFERABLE; + } + + rc = kernel_try_zimage_prepare(info, start, size); if (rc < 0) - rc = kernel_try_elf_prepare(info); + rc = kernel_try_elf_prepare(info, start, size); return rc; } diff -r 85aaa7a64131 -r 983813670ef9 xen/arch/arm/kernel.h --- a/xen/arch/arm/kernel.h Mon Jan 21 12:40:28 2013 +0000 +++ b/xen/arch/arm/kernel.h Mon Jan 21 12:40:29 2013 +0000 @@ -22,6 +22,7 @@ struct kernel_info { union { struct { + paddr_t kernel_addr; paddr_t load_addr; paddr_t len; } zimage; @@ -33,9 +34,19 @@ struct kernel_info { }; void (*load)(struct kernel_info *info); + int load_attr; }; int kernel_prepare(struct kernel_info *info); void kernel_load(struct kernel_info *info); #endif /* #ifdef __ARCH_ARM_KERNEL_H__ */ + +/* + * Local variables: + * mode: C + * c-set-style: "BSD" + * c-basic-offset: 4 + * indent-tabs-mode: nil + * End: + */ _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:33:23 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:33:23 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPve-0001Ad-8Q; Mon, 21 Jan 2013 22:33:22 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvd-00017Z-5l for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:21 +0000 Received: from [85.158.143.99:45296] by server-1.bemta-4.messagelabs.com id 54/47-05635-032CDF05; Mon, 21 Jan 2013 22:33:20 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-16.tower-216.messagelabs.com!1358807598!17694750!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 23323 invoked from network); 21 Jan 2013 22:33:19 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-16.tower-216.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:33:19 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPva-0005gV-6M for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:18 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPva-0003kI-5A for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:18 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:17 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] arm: load dom0 kernel from first boot module X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1358772029 0 # Node ID 983813670ef997cdb5ccdc6526248f419366b741 # Parent 85aaa7a64131f59f374028ece7eb6746bc8779cc arm: load dom0 kernel from first boot module Signed-off-by: Ian Campbell Acked-by: Tim Deegan Committed-by: Ian Campbell --- diff -r 85aaa7a64131 -r 983813670ef9 xen/arch/arm/kernel.c --- a/xen/arch/arm/kernel.c Mon Jan 21 12:40:28 2013 +0000 +++ b/xen/arch/arm/kernel.c Mon Jan 21 12:40:29 2013 +0000 @@ -22,6 +22,7 @@ #define ZIMAGE_MAGIC_OFFSET 0x24 #define ZIMAGE_START_OFFSET 0x28 #define ZIMAGE_END_OFFSET 0x2c +#define ZIMAGE_HEADER_LEN 0x30 #define ZIMAGE_MAGIC 0x016f2818 @@ -65,40 +66,42 @@ void copy_from_paddr(void *dst, paddr_t static void kernel_zimage_load(struct kernel_info *info) { paddr_t load_addr = info->zimage.load_addr; + paddr_t paddr = info->zimage.kernel_addr; + paddr_t attr = info->load_attr; paddr_t len = info->zimage.len; - paddr_t flash = KERNEL_FLASH_ADDRESS; - void *src = (void *)FIXMAP_ADDR(FIXMAP_MISC); unsigned long offs; - printk("Loading %"PRIpaddr" byte zImage from flash %"PRIpaddr" to %"PRIpaddr"-%"PRIpaddr": [", - len, flash, load_addr, load_addr + len); - for ( offs = 0; offs < len; offs += PAGE_SIZE ) + printk("Loading zImage from %"PRIpaddr" to %"PRIpaddr"-%"PRIpaddr"\n", + paddr, load_addr, load_addr + len); + for ( offs = 0; offs < len; ) { - paddr_t ma = gvirt_to_maddr(load_addr + offs); + paddr_t s, l, ma = gvirt_to_maddr(load_addr + offs); void *dst = map_domain_page(ma>>PAGE_SHIFT); - if ( ( offs % (1<<20) ) == 0 ) - printk("."); + s = offs & ~PAGE_MASK; + l = min(PAGE_SIZE - s, len); - set_fixmap(FIXMAP_MISC, (flash+offs) >> PAGE_SHIFT, DEV_SHARED); - memcpy(dst, src, PAGE_SIZE); - clear_fixmap(FIXMAP_MISC); + copy_from_paddr(dst + s, paddr + offs, l, attr); unmap_domain_page(dst); + offs += l; } - printk("]\n"); } /** * Check the image is a zImage and return the load address and length */ -static int kernel_try_zimage_prepare(struct kernel_info *info) +static int kernel_try_zimage_prepare(struct kernel_info *info, + paddr_t addr, paddr_t size) { - uint32_t *zimage = (void *)FIXMAP_ADDR(FIXMAP_MISC); + uint32_t zimage[ZIMAGE_HEADER_LEN/4]; uint32_t start, end; struct minimal_dtb_header dtb_hdr; - set_fixmap(FIXMAP_MISC, KERNEL_FLASH_ADDRESS >> PAGE_SHIFT, DEV_SHARED); + if ( size < ZIMAGE_HEADER_LEN ) + return -EINVAL; + + copy_from_paddr(zimage, addr, sizeof(zimage), DEV_SHARED); if (zimage[ZIMAGE_MAGIC_OFFSET/4] != ZIMAGE_MAGIC) return -EINVAL; @@ -106,16 +109,26 @@ static int kernel_try_zimage_prepare(str start = zimage[ZIMAGE_START_OFFSET/4]; end = zimage[ZIMAGE_END_OFFSET/4]; - clear_fixmap(FIXMAP_MISC); + if ( (end - start) > size ) + return -EINVAL; /* * Check for an appended DTB. */ - copy_from_paddr(&dtb_hdr, KERNEL_FLASH_ADDRESS + end - start, sizeof(dtb_hdr), DEV_SHARED); - if (be32_to_cpu(dtb_hdr.magic) == DTB_MAGIC) { - end += be32_to_cpu(dtb_hdr.total_size); + if ( addr + end - start + sizeof(dtb_hdr) <= size ) + { + copy_from_paddr(&dtb_hdr, addr + end - start, + sizeof(dtb_hdr), DEV_SHARED); + if (be32_to_cpu(dtb_hdr.magic) == DTB_MAGIC) { + end += be32_to_cpu(dtb_hdr.total_size); + + if ( end > addr + size ) + return -EINVAL; + } } + info->zimage.kernel_addr = addr; + /* * If start is zero, the zImage is position independent -- load it * at 32k from start of RAM. @@ -142,25 +155,26 @@ static void kernel_elf_load(struct kerne free_xenheap_pages(info->kernel_img, info->kernel_order); } -static int kernel_try_elf_prepare(struct kernel_info *info) +static int kernel_try_elf_prepare(struct kernel_info *info, + paddr_t addr, paddr_t size) { int rc; - info->kernel_order = get_order_from_bytes(KERNEL_FLASH_SIZE); + info->kernel_order = get_order_from_bytes(size); info->kernel_img = alloc_xenheap_pages(info->kernel_order, 0); if ( info->kernel_img == NULL ) panic("Cannot allocate temporary buffer for kernel.\n"); - copy_from_paddr(info->kernel_img, KERNEL_FLASH_ADDRESS, KERNEL_FLASH_SIZE, DEV_SHARED); + copy_from_paddr(info->kernel_img, addr, size, info->load_attr); - if ( (rc = elf_init(&info->elf.elf, info->kernel_img, KERNEL_FLASH_SIZE )) != 0 ) - return rc; + if ( (rc = elf_init(&info->elf.elf, info->kernel_img, size )) != 0 ) + goto err; #ifdef VERBOSE elf_set_verbose(&info->elf.elf); #endif elf_parse_binary(&info->elf.elf); if ( (rc = elf_xen_parse(&info->elf.elf, &info->elf.parms)) != 0 ) - return rc; + goto err; /* * TODO: can the ELF header be used to find the physical address @@ -170,15 +184,38 @@ static int kernel_try_elf_prepare(struct info->load = kernel_elf_load; return 0; +err: + free_xenheap_pages(info->kernel_img, info->kernel_order); + return rc; } int kernel_prepare(struct kernel_info *info) { int rc; - rc = kernel_try_zimage_prepare(info); + paddr_t start, size; + + if ( early_info.modules.nr_mods > 1 ) + panic("Cannot handle dom0 initrd yet\n"); + + if ( early_info.modules.nr_mods < 1 ) + { + printk("No boot modules found, trying flash\n"); + start = KERNEL_FLASH_ADDRESS; + size = KERNEL_FLASH_SIZE; + info->load_attr = DEV_SHARED; + } + else + { + printk("Loading kernel from boot module 1\n"); + start = early_info.modules.module[1].start; + size = early_info.modules.module[1].size; + info->load_attr = BUFFERABLE; + } + + rc = kernel_try_zimage_prepare(info, start, size); if (rc < 0) - rc = kernel_try_elf_prepare(info); + rc = kernel_try_elf_prepare(info, start, size); return rc; } diff -r 85aaa7a64131 -r 983813670ef9 xen/arch/arm/kernel.h --- a/xen/arch/arm/kernel.h Mon Jan 21 12:40:28 2013 +0000 +++ b/xen/arch/arm/kernel.h Mon Jan 21 12:40:29 2013 +0000 @@ -22,6 +22,7 @@ struct kernel_info { union { struct { + paddr_t kernel_addr; paddr_t load_addr; paddr_t len; } zimage; @@ -33,9 +34,19 @@ struct kernel_info { }; void (*load)(struct kernel_info *info); + int load_attr; }; int kernel_prepare(struct kernel_info *info); void kernel_load(struct kernel_info *info); #endif /* #ifdef __ARCH_ARM_KERNEL_H__ */ + +/* + * Local variables: + * mode: C + * c-set-style: "BSD" + * c-basic-offset: 4 + * indent-tabs-mode: nil + * End: + */ _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:33:23 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:33:23 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPve-0001Ay-CI; Mon, 21 Jan 2013 22:33:22 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvc-00019S-Sk for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:21 +0000 Received: from [193.109.254.147:26993] by server-15.bemta-14.messagelabs.com id 90/D8-08323-032CDF05; Mon, 21 Jan 2013 22:33:20 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-11.tower-27.messagelabs.com!1358807590!2789823!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=1.4 required=7.0 tests=INFO_TLD,UPPERCASE_25_50 X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 8872 invoked from network); 21 Jan 2013 22:33:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-11.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:33:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvS-0005fm-6C for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPvR-0003ge-Mg for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:09 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:09 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] add vtpm-stubdom code X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Matthew Fioravante # Date 1358506542 0 # Node ID 06b884fed150c91eb1506d1b33d9356d12d85293 # Parent 3b59a6c3e9b0fb5009bdfff97c8493bb9f0bec54 add vtpm-stubdom code Add the code base for vtpm-stubdom to the stubdom heirarchy. Makefile changes in later patch. Signed-off-by: Matthew Fioravante Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r 3b59a6c3e9b0 -r 06b884fed150 .gitignore --- a/.gitignore Fri Jan 18 11:35:11 2013 +0100 +++ b/.gitignore Fri Jan 18 10:55:42 2013 +0000 @@ -112,6 +112,7 @@ stubdom/ocaml-* stubdom/lwip/ stubdom/ioemu/ stubdom/stubdompath.sh +stubdom/vtpm/vtpm_manager.h tools/*/build/lib*/*.py tools/autom4te.cache tools/config.h diff -r 3b59a6c3e9b0 -r 06b884fed150 .hgignore --- a/.hgignore Fri Jan 18 11:35:11 2013 +0100 +++ b/.hgignore Fri Jan 18 10:55:42 2013 +0000 @@ -107,6 +107,7 @@ ^stubdom/lwip/ ^stubdom/ioemu/ ^stubdom/stubdompath\.sh$ +^stubdom/vtpm/vtpm_manager\.h$ ^tools/.*/build/lib.*/.*\.py$ ^tools/blktap2/control/tap-ctl$ ^tools/blktap2/drivers/img2qcow$ diff -r 3b59a6c3e9b0 -r 06b884fed150 stubdom/vtpm/Makefile --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpm/Makefile Fri Jan 18 10:55:42 2013 +0000 @@ -0,0 +1,37 @@ +# Copyright (c) 2010-2012 United States Government, as represented by +# the Secretary of Defense. All rights reserved. +# +# THIS SOFTWARE AND ITS DOCUMENTATION ARE PROVIDED AS IS AND WITHOUT +# ANY EXPRESS OR IMPLIED WARRANTIES WHATSOEVER. ALL WARRANTIES +# INCLUDING, BUT NOT LIMITED TO, PERFORMANCE, MERCHANTABILITY, FITNESS +# FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT ARE HEREBY +# DISCLAIMED. USERS ASSUME THE ENTIRE RISK AND LIABILITY OF USING THE +# SOFTWARE. +# + +XEN_ROOT=../.. + +PSSL_DIR=../polarssl-$(XEN_TARGET_ARCH)/library +PSSL_OBJS=aes.o sha1.o entropy.o ctr_drbg.o sha4.o + +TARGET=vtpm.a +OBJS=vtpm.o vtpm_cmd.o vtpmblk.o vtpm_pcrs.o + + +CPPFLAGS+=-I../tpm_emulator-$(XEN_TARGET_ARCH)/build +CPPFLAGS+=-I../tpm_emulator-$(XEN_TARGET_ARCH)/tpm +CPPFLAGS+=-I../tpm_emulator-$(XEN_TARGET_ARCH)/crypto +CPPFLAGS+=-I../tpm_emulator-$(XEN_TARGET_ARCH) + +$(TARGET): $(OBJS) + ar -cr $@ $(OBJS) $(TPMEMU_OBJS) $(foreach obj,$(PSSL_OBJS),$(PSSL_DIR)/$(obj)) + +$(OBJS): vtpm_manager.h + +vtpm_manager.h: + ln -s ../vtpmmgr/vtpm_manager.h vtpm_manager.h + +clean: + -rm $(TARGET) $(OBJS) vtpm_manager.h + +.PHONY: clean diff -r 3b59a6c3e9b0 -r 06b884fed150 stubdom/vtpm/minios.cfg --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpm/minios.cfg Fri Jan 18 10:55:42 2013 +0000 @@ -0,0 +1,14 @@ +CONFIG_TPMFRONT=y +CONFIG_TPM_TIS=n +CONFIG_TPMBACK=y +CONFIG_START_NETWORK=n +CONFIG_TEST=n +CONFIG_PCIFRONT=n +CONFIG_BLKFRONT=y +CONFIG_NETFRONT=n +CONFIG_FBFRONT=n +CONFIG_KBDFRONT=n +CONFIG_CONSFRONT=n +CONFIG_XENBUS=y +CONFIG_LWIP=n +CONFIG_XC=n diff -r 3b59a6c3e9b0 -r 06b884fed150 stubdom/vtpm/vtpm.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpm/vtpm.c Fri Jan 18 10:55:42 2013 +0000 @@ -0,0 +1,404 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * THIS SOFTWARE AND ITS DOCUMENTATION ARE PROVIDED AS IS AND WITHOUT + * ANY EXPRESS OR IMPLIED WARRANTIES WHATSOEVER. ALL WARRANTIES + * INCLUDING, BUT NOT LIMITED TO, PERFORMANCE, MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT ARE HEREBY + * DISCLAIMED. USERS ASSUME THE ENTIRE RISK AND LIABILITY OF USING THE + * SOFTWARE. + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#include + +#include "tpm/tpm_emulator_extern.h" +#include "tpm/tpm_marshalling.h" +#include "vtpm.h" +#include "vtpm_cmd.h" +#include "vtpm_pcrs.h" +#include "vtpmblk.h" + +#define TPM_LOG_INFO LOG_INFO +#define TPM_LOG_ERROR LOG_ERR +#define TPM_LOG_DEBUG LOG_DEBUG + +/* Global commandline options - default values */ +struct Opt_args opt_args = { + .startup = ST_CLEAR, + .loglevel = TPM_LOG_INFO, + .hwinitpcrs = VTPM_PCRNONE, + .tpmconf = 0, + .enable_maint_cmds = false, +}; + +static uint32_t badords[32]; +static unsigned int n_badords = 0; + +entropy_context entropy; +ctr_drbg_context ctr_drbg; + +struct tpmfront_dev* tpmfront_dev; + +void vtpm_get_extern_random_bytes(void *buf, size_t nbytes) +{ + ctr_drbg_random(&ctr_drbg, buf, nbytes); +} + +int vtpm_read_from_file(uint8_t **data, size_t *data_length) { + return read_vtpmblk(tpmfront_dev, data, data_length); +} + +int vtpm_write_to_file(uint8_t *data, size_t data_length) { + return write_vtpmblk(tpmfront_dev, data, data_length); +} + +int vtpm_extern_init_fake(void) { + return 0; +} + +void vtpm_extern_release_fake(void) { +} + + +void vtpm_log(int priority, const char *fmt, ...) +{ + if(opt_args.loglevel >= priority) { + va_list v; + va_start(v, fmt); + vprintf(fmt, v); + va_end(v); + } +} + +static uint64_t vtpm_get_ticks(void) +{ + static uint64_t old_t = 0; + uint64_t new_t, res_t; + struct timeval tv; + gettimeofday(&tv, NULL); + new_t = (uint64_t)tv.tv_sec * 1000000 + (uint64_t)tv.tv_usec; + res_t = (old_t > 0) ? new_t - old_t : 0; + old_t = new_t; + return res_t; +} + + +static int tpm_entropy_source(void* dummy, unsigned char* data, size_t len, size_t* olen) { + UINT32 sz = len; + TPM_RESULT rc = VTPM_GetRandom(tpmfront_dev, data, &sz); + *olen = sz; + return rc == TPM_SUCCESS ? 0 : POLARSSL_ERR_ENTROPY_SOURCE_FAILED; +} + +int init_random(void) { + /* Initialize the rng */ + entropy_init(&entropy); + entropy_add_source(&entropy, tpm_entropy_source, NULL, 0); + entropy_gather(&entropy); + ctr_drbg_init(&ctr_drbg, entropy_func, &entropy, NULL, 0); + ctr_drbg_set_prediction_resistance( &ctr_drbg, CTR_DRBG_PR_OFF ); + + return 0; +} + +int check_ordinal(tpmcmd_t* tpmcmd) { + TPM_COMMAND_CODE ord; + UINT32 len = 4; + BYTE* ptr; + unsigned int i; + + if(tpmcmd->req_len < 10) { + return true; + } + + ptr = tpmcmd->req + 6; + tpm_unmarshal_UINT32(&ptr, &len, &ord); + + for(i = 0; i < n_badords; ++i) { + if(ord == badords[i]) { + error("Disabled command ordinal (%" PRIu32") requested!\n"); + return false; + } + } + return true; +} + +static void main_loop(void) { + tpmcmd_t* tpmcmd = NULL; + domid_t domid; /* Domid of frontend */ + unsigned int handle; /* handle of frontend */ + int res = -1; + + info("VTPM Initializing\n"); + + /* Set required tpm config args */ + opt_args.tpmconf |= TPM_CONF_STRONG_PERSISTENCE; + opt_args.tpmconf &= ~TPM_CONF_USE_INTERNAL_PRNG; + opt_args.tpmconf |= TPM_CONF_GENERATE_EK; + opt_args.tpmconf |= TPM_CONF_GENERATE_SEED_DAA; + + /* Initialize the emulator */ + tpm_emulator_init(opt_args.startup, opt_args.tpmconf); + + /* Initialize any requested PCRs with hardware TPM values */ + if(vtpm_initialize_hw_pcrs(tpmfront_dev, opt_args.hwinitpcrs) != TPM_SUCCESS) { + error("Failed to initialize PCRs with hardware TPM values"); + goto abort_postpcrs; + } + + /* Wait for the frontend domain to connect */ + info("Waiting for frontend domain to connect.."); + if(tpmback_wait_for_frontend_connect(&domid, &handle) == 0) { + info("VTPM attached to Frontend %u/%u", (unsigned int) domid, handle); + } else { + error("Unable to attach to a frontend"); + } + + tpmcmd = tpmback_req(domid, handle); + while(tpmcmd) { + /* Handle the request */ + if(tpmcmd->req_len) { + tpmcmd->resp = NULL; + tpmcmd->resp_len = 0; + + /* First check for disabled ordinals */ + if(!check_ordinal(tpmcmd)) { + create_error_response(tpmcmd, TPM_BAD_ORDINAL); + } + /* If not disabled, do the command */ + else { + if((res = tpm_handle_command(tpmcmd->req, tpmcmd->req_len, &tpmcmd->resp, &tpmcmd->resp_len)) != 0) { + error("tpm_handle_command() failed"); + create_error_response(tpmcmd, TPM_FAIL); + } + } + } + + /* Send the response */ + tpmback_resp(tpmcmd); + + /* Wait for the next request */ + tpmcmd = tpmback_req(domid, handle); + + } + +abort_postpcrs: + info("VTPM Shutting down\n"); + + tpm_emulator_shutdown(); +} + +int parse_cmd_line(int argc, char** argv) +{ + char sval[25]; + char* logstr = NULL; + /* Parse the command strings */ + for(unsigned int i = 1; i < argc; ++i) { + if (sscanf(argv[i], "loglevel=%25s", sval) == 1){ + if (!strcmp(sval, "debug")) { + opt_args.loglevel = TPM_LOG_DEBUG; + logstr = "debug"; + } + else if (!strcmp(sval, "info")) { + logstr = "info"; + opt_args.loglevel = TPM_LOG_INFO; + } + else if (!strcmp(sval, "error")) { + logstr = "error"; + opt_args.loglevel = TPM_LOG_ERROR; + } + } + else if (!strcmp(argv[i], "clear")) { + opt_args.startup = ST_CLEAR; + } + else if (!strcmp(argv[i], "save")) { + opt_args.startup = ST_SAVE; + } + else if (!strcmp(argv[i], "deactivated")) { + opt_args.startup = ST_DEACTIVATED; + } + else if (!strncmp(argv[i], "maintcmds=", 10)) { + if(!strcmp(argv[i] + 10, "1")) { + opt_args.enable_maint_cmds = true; + } else if(!strcmp(argv[i] + 10, "0")) { + opt_args.enable_maint_cmds = false; + } + } + else if(!strncmp(argv[i], "hwinitpcr=", 10)) { + char *pch = argv[i] + 10; + unsigned int v1, v2; + pch = strtok(pch, ","); + while(pch != NULL) { + if(!strcmp(pch, "all")) { + //Set all + opt_args.hwinitpcrs = VTPM_PCRALL; + } else if(!strcmp(pch, "none")) { + //Set none + opt_args.hwinitpcrs = VTPM_PCRNONE; + } else if(sscanf(pch, "%u", &v1) == 1) { + //Set one + if(v1 >= TPM_NUM_PCR) { + error("hwinitpcr error: Invalid PCR index %u", v1); + return -1; + } + opt_args.hwinitpcrs |= (1 << v1); + } else if(sscanf(pch, "%u-%u", &v1, &v2) == 2) { + //Set range + if(v1 >= TPM_NUM_PCR) { + error("hwinitpcr error: Invalid PCR index %u", v1); + return -1; + } + if(v2 >= TPM_NUM_PCR) { + error("hwinitpcr error: Invalid PCR index %u", v1); + return -1; + } + if(v2 < v1) { + unsigned tp = v1; + v1 = v2; + v2 = tp; + } + for(unsigned int i = v1; i <= v2; ++i) { + opt_args.hwinitpcrs |= (1 << i); + } + } else { + error("hwintipcr error: Invalid PCR specification : %s", pch); + return -1; + } + pch = strtok(NULL, ","); + } + } + else { + error("Invalid command line option `%s'", argv[i]); + } + + } + + /* Check Errors and print results */ + switch(opt_args.startup) { + case ST_CLEAR: + info("Startup mode is `clear'"); + break; + case ST_SAVE: + info("Startup mode is `save'"); + break; + case ST_DEACTIVATED: + info("Startup mode is `deactivated'"); + break; + default: + error("Invalid startup mode %d", opt_args.startup); + return -1; + } + + if(opt_args.hwinitpcrs & (VTPM_PCRALL)) + { + char pcrstr[1024]; + char* ptr = pcrstr; + + pcrstr[0] = '\0'; + info("The following PCRs will be initialized with values from the hardware TPM:"); + for(unsigned int i = 0; i < TPM_NUM_PCR; ++i) { + if(opt_args.hwinitpcrs & (1 << i)) { + ptr += sprintf(ptr, "%u, ", i); + } + } + /* get rid of the last comma if any numbers were printed */ + *(ptr -2) = '\0'; + + info("\t%s", pcrstr); + } else { + info("All PCRs initialized to default values"); + } + + if(!opt_args.enable_maint_cmds) { + info("TPM Maintenance Commands disabled"); + badords[n_badords++] = TPM_ORD_CreateMaintenanceArchive; + badords[n_badords++] = TPM_ORD_LoadMaintenanceArchive; + badords[n_badords++] = TPM_ORD_KillMaintenanceFeature; + badords[n_badords++] = TPM_ORD_LoadManuMaintPub; + badords[n_badords++] = TPM_ORD_ReadManuMaintPub; + } else { + info("TPM Maintenance Commands enabled"); + } + + info("Log level set to %s", logstr); + + return 0; +} + +void cleanup_opt_args(void) { +} + +int main(int argc, char **argv) +{ + //FIXME: initializing blkfront without this sleep causes the domain to crash on boot + sleep(2); + + /* Setup extern function pointers */ + tpm_extern_init = vtpm_extern_init_fake; + tpm_extern_release = vtpm_extern_release_fake; + tpm_malloc = malloc; + tpm_free = free; + tpm_log = vtpm_log; + tpm_get_ticks = vtpm_get_ticks; + tpm_get_extern_random_bytes = vtpm_get_extern_random_bytes; + tpm_write_to_storage = vtpm_write_to_file; + tpm_read_from_storage = vtpm_read_from_file; + + info("starting TPM Emulator (1.2.%d.%d-%d)", VERSION_MAJOR, VERSION_MINOR, VERSION_BUILD); + if(parse_cmd_line(argc, argv)) { + error("Error parsing commandline\n"); + return -1; + } + + /* Initialize devices */ + init_tpmback(); + if((tpmfront_dev = init_tpmfront(NULL)) == NULL) { + error("Unable to initialize tpmfront device"); + goto abort_posttpmfront; + } + + /* Seed the RNG with entropy from hardware TPM */ + if(init_random()) { + error("Unable to initialize RNG"); + goto abort_postrng; + } + + /* Initialize blkfront device */ + if(init_vtpmblk(tpmfront_dev)) { + error("Unable to initialize Blkfront persistent storage"); + goto abort_postvtpmblk; + } + + /* Run main loop */ + main_loop(); + + /* Shutdown blkfront */ + shutdown_vtpmblk(); +abort_postvtpmblk: +abort_postrng: + + /* Close devices */ + shutdown_tpmfront(tpmfront_dev); +abort_posttpmfront: + shutdown_tpmback(); + + cleanup_opt_args(); + + return 0; +} diff -r 3b59a6c3e9b0 -r 06b884fed150 stubdom/vtpm/vtpm.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpm/vtpm.h Fri Jan 18 10:55:42 2013 +0000 @@ -0,0 +1,36 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * THIS SOFTWARE AND ITS DOCUMENTATION ARE PROVIDED AS IS AND WITHOUT + * ANY EXPRESS OR IMPLIED WARRANTIES WHATSOEVER. ALL WARRANTIES + * INCLUDING, BUT NOT LIMITED TO, PERFORMANCE, MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT ARE HEREBY + * DISCLAIMED. USERS ASSUME THE ENTIRE RISK AND LIABILITY OF USING THE + * SOFTWARE. + */ + +#ifndef VTPM_H +#define VTPM_H + +#include + +/* For testing */ +#define VERS_CMD "\x00\xC1\x00\x00\x00\x16\x00\x00\x00\x65\x00\x00\x00\x05\x00\x00\x00\x04\x00\x00\x01\x03" +#define VERS_CMD_LEN 22 + +/* Global commandline options */ +struct Opt_args { + enum StartUp { + ST_CLEAR = 1, + ST_SAVE = 2, + ST_DEACTIVATED = 3 + } startup; + unsigned long hwinitpcrs; + int loglevel; + uint32_t tpmconf; + bool enable_maint_cmds; +}; +extern struct Opt_args opt_args; + +#endif diff -r 3b59a6c3e9b0 -r 06b884fed150 stubdom/vtpm/vtpm_cmd.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpm/vtpm_cmd.c Fri Jan 18 10:55:42 2013 +0000 @@ -0,0 +1,256 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * THIS SOFTWARE AND ITS DOCUMENTATION ARE PROVIDED AS IS AND WITHOUT + * ANY EXPRESS OR IMPLIED WARRANTIES WHATSOEVER. ALL WARRANTIES + * INCLUDING, BUT NOT LIMITED TO, PERFORMANCE, MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT ARE HEREBY + * DISCLAIMED. USERS ASSUME THE ENTIRE RISK AND LIABILITY OF USING THE + * SOFTWARE. + */ + +#include +#include +#include +#include +#include "tpm/tpm_marshalling.h" +#include "vtpm_manager.h" +#include "vtpm_cmd.h" +#include + +#define TRYFAILGOTO(C) \ + if((C)) { \ + status = TPM_FAIL; \ + goto abort_egress; \ + } +#define TRYFAILGOTOMSG(C, msg) \ + if((C)) { \ + status = TPM_FAIL; \ + error(msg); \ + goto abort_egress; \ + } +#define CHECKSTATUSGOTO(ret, fname) \ + if((ret) != TPM_SUCCESS) { \ + error("%s failed with error code (%lu)", fname, (unsigned long) ret); \ + status = ord; \ + goto abort_egress; \ + } + +#define ERR_MALFORMED "Malformed response from backend" +#define ERR_TPMFRONT "Error sending command through frontend device" + +struct shpage { + void* page; + grant_ref_t grantref; +}; + +typedef struct shpage shpage_t; + +static inline int pack_header(uint8_t** bptr, UINT32* len, TPM_TAG tag, UINT32 size, TPM_COMMAND_CODE ord) +{ + return *bptr == NULL || + tpm_marshal_UINT16(bptr, len, tag) || + tpm_marshal_UINT32(bptr, len, size) || + tpm_marshal_UINT32(bptr, len, ord); +} + +static inline int unpack_header(uint8_t** bptr, UINT32* len, TPM_TAG* tag, UINT32* size, TPM_COMMAND_CODE* ord) +{ + return *bptr == NULL || + tpm_unmarshal_UINT16(bptr, len, tag) || + tpm_unmarshal_UINT32(bptr, len, size) || + tpm_unmarshal_UINT32(bptr, len, ord); +} + +int create_error_response(tpmcmd_t* tpmcmd, TPM_RESULT errorcode) +{ + TPM_TAG tag; + UINT32 len = tpmcmd->req_len; + uint8_t* respptr; + uint8_t* cmdptr = tpmcmd->req; + + if(!tpm_unmarshal_UINT16(&cmdptr, &len, &tag)) { + switch (tag) { + case TPM_TAG_RQU_COMMAND: + tag = TPM_TAG_RSP_COMMAND; + break; + case TPM_TAG_RQU_AUTH1_COMMAND: + tag = TPM_TAG_RQU_AUTH2_COMMAND; + break; + case TPM_TAG_RQU_AUTH2_COMMAND: + tag = TPM_TAG_RQU_AUTH2_COMMAND; + break; + } + } else { + tag = TPM_TAG_RSP_COMMAND; + } + + tpmcmd->resp_len = len = 10; + tpmcmd->resp = respptr = tpm_malloc(tpmcmd->resp_len); + + return pack_header(&respptr, &len, tag, len, errorcode); +} + +TPM_RESULT VTPM_GetRandom(struct tpmfront_dev* tpmfront_dev, BYTE* bytes, UINT32 *numbytes) { + TPM_RESULT status = TPM_SUCCESS; + uint8_t* cmdbuf, *resp, *bptr; + size_t resplen = 0; + UINT32 len; + + /*Ask the real tpm for random bytes for the seed */ + TPM_TAG tag = TPM_TAG_RQU_COMMAND; + UINT32 size; + TPM_COMMAND_CODE ord = TPM_ORD_GetRandom; + len = size = sizeof(TPM_TAG) + sizeof(UINT32) + sizeof(TPM_COMMAND_CODE) + sizeof(UINT32); + + /*Create the raw tpm command */ + bptr = cmdbuf = malloc(size); + TRYFAILGOTO(pack_header(&bptr, &len, tag, size, ord)); + TRYFAILGOTO(tpm_marshal_UINT32(&bptr, &len, *numbytes)); + + /* Send cmd, wait for response */ + TRYFAILGOTOMSG(tpmfront_cmd(tpmfront_dev, cmdbuf, size, &resp, &resplen), + ERR_TPMFRONT); + + bptr = resp; len = resplen; + TRYFAILGOTOMSG(unpack_header(&bptr, &len, &tag, &size, &ord), ERR_MALFORMED); + + //Check return status of command + CHECKSTATUSGOTO(ord, "TPM_GetRandom()"); + + // Get the number of random bytes in the response + TRYFAILGOTOMSG(tpm_unmarshal_UINT32(&bptr, &len, &size), ERR_MALFORMED); + *numbytes = size; + + //Get the random bytes out, tpm may give us less bytes than what we wanrt + TRYFAILGOTOMSG(tpm_unmarshal_BYTE_ARRAY(&bptr, &len, bytes, *numbytes), ERR_MALFORMED); + + goto egress; +abort_egress: +egress: + free(cmdbuf); + return status; + +} + +TPM_RESULT VTPM_LoadHashKey(struct tpmfront_dev* tpmfront_dev, uint8_t** data, size_t* data_length) +{ + TPM_RESULT status = TPM_SUCCESS; + uint8_t* bptr, *resp; + uint8_t* cmdbuf = NULL; + size_t resplen = 0; + UINT32 len; + + TPM_TAG tag = VTPM_TAG_REQ; + UINT32 size; + TPM_COMMAND_CODE ord = VTPM_ORD_LOADHASHKEY; + + /*Create the command*/ + len = size = VTPM_COMMAND_HEADER_SIZE; + bptr = cmdbuf = malloc(size); + TRYFAILGOTO(pack_header(&bptr, &len, tag, size, ord)); + + /* Send the command to vtpm_manager */ + info("Requesting Encryption key from backend"); + TRYFAILGOTOMSG(tpmfront_cmd(tpmfront_dev, cmdbuf, size, &resp, &resplen), ERR_TPMFRONT); + + /* Unpack response header */ + bptr = resp; + len = resplen; + TRYFAILGOTOMSG(unpack_header(&bptr, &len, &tag, &size, &ord), ERR_MALFORMED); + + /* Check return code */ + CHECKSTATUSGOTO(ord, "VTPM_LoadHashKey()"); + + /* Get the size of the key */ + *data_length = size - VTPM_COMMAND_HEADER_SIZE; + + /* Copy the key bits */ + *data = malloc(*data_length); + memcpy(*data, bptr, *data_length); + + goto egress; +abort_egress: + error("VTPM_LoadHashKey failed"); +egress: + free(cmdbuf); + return status; +} + +TPM_RESULT VTPM_SaveHashKey(struct tpmfront_dev* tpmfront_dev, uint8_t* data, size_t data_length) +{ + TPM_RESULT status = TPM_SUCCESS; + uint8_t* bptr, *resp; + uint8_t* cmdbuf = NULL; + size_t resplen = 0; + UINT32 len; + + TPM_TAG tag = VTPM_TAG_REQ; + UINT32 size; + TPM_COMMAND_CODE ord = VTPM_ORD_SAVEHASHKEY; + + /*Create the command*/ + len = size = VTPM_COMMAND_HEADER_SIZE + data_length; + bptr = cmdbuf = malloc(size); + TRYFAILGOTO(pack_header(&bptr, &len, tag, size, ord)); + memcpy(bptr, data, data_length); + bptr += data_length; + + /* Send the command to vtpm_manager */ + info("Sending encryption key to backend"); + TRYFAILGOTOMSG(tpmfront_cmd(tpmfront_dev, cmdbuf, size, &resp, &resplen), ERR_TPMFRONT); + + /* Unpack response header */ + bptr = resp; + len = resplen; + TRYFAILGOTOMSG(unpack_header(&bptr, &len, &tag, &size, &ord), ERR_MALFORMED); + + /* Check return code */ + CHECKSTATUSGOTO(ord, "VTPM_SaveHashKey()"); + + goto egress; +abort_egress: + error("VTPM_SaveHashKey failed"); +egress: + free(cmdbuf); + return status; +} + +TPM_RESULT VTPM_PCRRead(struct tpmfront_dev* tpmfront_dev, UINT32 pcrIndex, BYTE* outDigest) +{ + TPM_RESULT status = TPM_SUCCESS; + uint8_t *cmdbuf, *resp, *bptr; + size_t resplen = 0; + UINT32 len; + + /*Just send a TPM_PCRRead Command to the HW tpm */ + TPM_TAG tag = TPM_TAG_RQU_COMMAND; + UINT32 size; + TPM_COMMAND_CODE ord = TPM_ORD_PCRRead; + len = size = sizeof(TPM_TAG) + sizeof(UINT32) + sizeof(TPM_COMMAND_CODE) + sizeof(UINT32); + + /*Create the raw tpm cmd */ + bptr = cmdbuf = malloc(size); + TRYFAILGOTO(pack_header(&bptr, &len, tag, size, ord)); + TRYFAILGOTO(tpm_marshal_UINT32(&bptr, &len, pcrIndex)); + + /*Send Cmd wait for response */ + TRYFAILGOTOMSG(tpmfront_cmd(tpmfront_dev, cmdbuf, size, &resp, &resplen), ERR_TPMFRONT); + + bptr = resp; len = resplen; + TRYFAILGOTOMSG(unpack_header(&bptr, &len, &tag, &size, &ord), ERR_MALFORMED); + + //Check return status of command + CHECKSTATUSGOTO(ord, "TPM_PCRRead"); + + //Get the ptr value + memcpy(outDigest, bptr, sizeof(TPM_PCRVALUE)); + + goto egress; +abort_egress: +egress: + free(cmdbuf); + return status; + +} diff -r 3b59a6c3e9b0 -r 06b884fed150 stubdom/vtpm/vtpm_cmd.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpm/vtpm_cmd.h Fri Jan 18 10:55:42 2013 +0000 @@ -0,0 +1,31 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * THIS SOFTWARE AND ITS DOCUMENTATION ARE PROVIDED AS IS AND WITHOUT + * ANY EXPRESS OR IMPLIED WARRANTIES WHATSOEVER. ALL WARRANTIES + * INCLUDING, BUT NOT LIMITED TO, PERFORMANCE, MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT ARE HEREBY + * DISCLAIMED. USERS ASSUME THE ENTIRE RISK AND LIABILITY OF USING THE + * SOFTWARE. + */ + +#ifndef MANAGER_H +#define MANAGER_H + +#include +#include +#include "tpm/tpm_structures.h" + +/* Create a command response error header */ +int create_error_response(tpmcmd_t* tpmcmd, TPM_RESULT errorcode); +/* Request random bytes from hardware tpm, returns 0 on success */ +TPM_RESULT VTPM_GetRandom(struct tpmfront_dev* tpmfront_dev, BYTE* bytes, UINT32* numbytes); +/* Retreive 256 bit AES encryption key from manager */ +TPM_RESULT VTPM_LoadHashKey(struct tpmfront_dev* tpmfront_dev, uint8_t** data, size_t* data_length); +/* Manager securely saves our 256 bit AES encryption key */ +TPM_RESULT VTPM_SaveHashKey(struct tpmfront_dev* tpmfront_dev, uint8_t* data, size_t data_length); +/* Send a TPM_PCRRead command passthrough the manager to the hw tpm */ +TPM_RESULT VTPM_PCRRead(struct tpmfront_dev* tpmfront_dev, UINT32 pcrIndex, BYTE* outDigest); + +#endif diff -r 3b59a6c3e9b0 -r 06b884fed150 stubdom/vtpm/vtpm_pcrs.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpm/vtpm_pcrs.c Fri Jan 18 10:55:42 2013 +0000 @@ -0,0 +1,43 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * THIS SOFTWARE AND ITS DOCUMENTATION ARE PROVIDED AS IS AND WITHOUT + * ANY EXPRESS OR IMPLIED WARRANTIES WHATSOEVER. ALL WARRANTIES + * INCLUDING, BUT NOT LIMITED TO, PERFORMANCE, MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT ARE HEREBY + * DISCLAIMED. USERS ASSUME THE ENTIRE RISK AND LIABILITY OF USING THE + * SOFTWARE. + */ + +#include "vtpm_pcrs.h" +#include "vtpm_cmd.h" +#include "tpm/tpm_data.h" + +#define PCR_VALUE tpmData.permanent.data.pcrValue + +static int write_pcr_direct(unsigned int pcrIndex, uint8_t* val) { + if(pcrIndex > TPM_NUM_PCR) { + return TPM_BADINDEX; + } + memcpy(&PCR_VALUE[pcrIndex], val, sizeof(TPM_PCRVALUE)); + return TPM_SUCCESS; +} + +TPM_RESULT vtpm_initialize_hw_pcrs(struct tpmfront_dev* tpmfront_dev, unsigned long pcrs) +{ + TPM_RESULT rc = TPM_SUCCESS; + uint8_t digest[sizeof(TPM_PCRVALUE)]; + + for(unsigned int i = 0; i < TPM_NUM_PCR; ++i) { + if(pcrs & 1 << i) { + if((rc = VTPM_PCRRead(tpmfront_dev, i, digest)) != TPM_SUCCESS) { + error("TPM_PCRRead failed with error : %d", rc); + return rc; + } + write_pcr_direct(i, digest); + } + } + + return rc; +} diff -r 3b59a6c3e9b0 -r 06b884fed150 stubdom/vtpm/vtpm_pcrs.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpm/vtpm_pcrs.h Fri Jan 18 10:55:42 2013 +0000 @@ -0,0 +1,53 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * THIS SOFTWARE AND ITS DOCUMENTATION ARE PROVIDED AS IS AND WITHOUT + * ANY EXPRESS OR IMPLIED WARRANTIES WHATSOEVER. ALL WARRANTIES + * INCLUDING, BUT NOT LIMITED TO, PERFORMANCE, MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT ARE HEREBY + * DISCLAIMED. USERS ASSUME THE ENTIRE RISK AND LIABILITY OF USING THE + * SOFTWARE. + */ + +#ifndef VTPM_PCRS_H +#define VTPM_PCRS_H + +#include "tpm/tpm_structures.h" + +#define VTPM_PCR0 1 +#define VTPM_PCR1 1 << 1 +#define VTPM_PCR2 1 << 2 +#define VTPM_PCR3 1 << 3 +#define VTPM_PCR4 1 << 4 +#define VTPM_PCR5 1 << 5 +#define VTPM_PCR6 1 << 6 +#define VTPM_PCR7 1 << 7 +#define VTPM_PCR8 1 << 8 +#define VTPM_PCR9 1 << 9 +#define VTPM_PCR10 1 << 10 +#define VTPM_PCR11 1 << 11 +#define VTPM_PCR12 1 << 12 +#define VTPM_PCR13 1 << 13 +#define VTPM_PCR14 1 << 14 +#define VTPM_PCR15 1 << 15 +#define VTPM_PCR16 1 << 16 +#define VTPM_PCR17 1 << 17 +#define VTPM_PCR18 1 << 18 +#define VTPM_PCR19 1 << 19 +#define VTPM_PCR20 1 << 20 +#define VTPM_PCR21 1 << 21 +#define VTPM_PCR22 1 << 22 +#define VTPM_PCR23 1 << 23 + +#define VTPM_PCRALL (1 << TPM_NUM_PCR) - 1 +#define VTPM_PCRNONE 0 + +#define VTPM_NUMPCRS 24 + +struct tpmfront_dev; + +TPM_RESULT vtpm_initialize_hw_pcrs(struct tpmfront_dev* tpmfront_dev, unsigned long pcrs); + + +#endif diff -r 3b59a6c3e9b0 -r 06b884fed150 stubdom/vtpm/vtpmblk.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpm/vtpmblk.c Fri Jan 18 10:55:42 2013 +0000 @@ -0,0 +1,307 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * THIS SOFTWARE AND ITS DOCUMENTATION ARE PROVIDED AS IS AND WITHOUT + * ANY EXPRESS OR IMPLIED WARRANTIES WHATSOEVER. ALL WARRANTIES + * INCLUDING, BUT NOT LIMITED TO, PERFORMANCE, MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT ARE HEREBY + * DISCLAIMED. USERS ASSUME THE ENTIRE RISK AND LIABILITY OF USING THE + * SOFTWARE. + */ + +#include +#include "vtpmblk.h" +#include "tpm/tpm_marshalling.h" +#include "vtpm_cmd.h" +#include "polarssl/aes.h" +#include "polarssl/sha1.h" +#include +#include +#include +#include + +/*Encryption key and block sizes */ +#define BLKSZ 16 + +static struct blkfront_dev* blkdev = NULL; +static int blkfront_fd = -1; + +int init_vtpmblk(struct tpmfront_dev* tpmfront_dev) +{ + struct blkfront_info blkinfo; + info("Initializing persistent NVM storage\n"); + + if((blkdev = init_blkfront(NULL, &blkinfo)) == NULL) { + error("BLKIO: ERROR Unable to initialize blkfront"); + return -1; + } + if (blkinfo.info & VDISK_READONLY || blkinfo.mode != O_RDWR) { + error("BLKIO: ERROR block device is read only!"); + goto error; + } + if((blkfront_fd = blkfront_open(blkdev)) == -1) { + error("Unable to open blkfront file descriptor!"); + goto error; + } + + return 0; +error: + shutdown_blkfront(blkdev); + blkdev = NULL; + return -1; +} + +void shutdown_vtpmblk(void) +{ + close(blkfront_fd); + blkfront_fd = -1; + blkdev = NULL; +} + +int write_vtpmblk_raw(uint8_t *data, size_t data_length) +{ + int rc; + uint32_t lenbuf; + debug("Begin Write data=%p len=%u", data, data_length); + + lenbuf = cpu_to_be32((uint32_t)data_length); + + lseek(blkfront_fd, 0, SEEK_SET); + if((rc = write(blkfront_fd, (uint8_t*)&lenbuf, 4)) != 4) { + error("write(length) failed! error was %s", strerror(errno)); + return -1; + } + if((rc = write(blkfront_fd, data, data_length)) != data_length) { + error("write(data) failed! error was %s", strerror(errno)); + return -1; + } + + info("Wrote %u bytes to NVM persistent storage", data_length); + + return 0; +} + +int read_vtpmblk_raw(uint8_t **data, size_t *data_length) +{ + int rc; + uint32_t lenbuf; + + lseek(blkfront_fd, 0, SEEK_SET); + if(( rc = read(blkfront_fd, (uint8_t*)&lenbuf, 4)) != 4) { + error("read(length) failed! error was %s", strerror(errno)); + return -1; + } + *data_length = (size_t) cpu_to_be32(lenbuf); + if(*data_length == 0) { + error("read 0 data_length for NVM"); + return -1; + } + + *data = tpm_malloc(*data_length); + if((rc = read(blkfront_fd, *data, *data_length)) != *data_length) { + error("read(data) failed! error was %s", strerror(errno)); + return -1; + } + + info("Read %u bytes from NVM persistent storage", *data_length); + return 0; +} + +int encrypt_vtpmblk(uint8_t* clear, size_t clear_len, uint8_t** cipher, size_t* cipher_len, uint8_t* symkey) +{ + int rc = 0; + uint8_t iv[BLKSZ]; + aes_context aes_ctx; + UINT32 temp; + int mod; + + uint8_t* clbuf = NULL; + + uint8_t* ivptr; + int ivlen; + + uint8_t* cptr; //Cipher block pointer + int clen; //Cipher block length + + /*Create a new 256 bit encryption key */ + if(symkey == NULL) { + rc = -1; + goto abort_egress; + } + tpm_get_extern_random_bytes(symkey, NVMKEYSZ); + + /*Setup initialization vector - random bits and then 4 bytes clear text size at the end*/ + temp = sizeof(UINT32); + ivlen = BLKSZ - temp; + tpm_get_extern_random_bytes(iv, ivlen); + ivptr = iv + ivlen; + tpm_marshal_UINT32(&ivptr, &temp, (UINT32) clear_len); + + /*The clear text needs to be padded out to a multiple of BLKSZ */ + mod = clear_len % BLKSZ; + clen = mod ? clear_len + BLKSZ - mod : clear_len; + clbuf = malloc(clen); + if (clbuf == NULL) { + rc = -1; + goto abort_egress; + } + memcpy(clbuf, clear, clear_len); + /* zero out the padding bits - FIXME: better / more secure way to handle these? */ + if(clen - clear_len) { + memset(clbuf + clear_len, 0, clen - clear_len); + } + + /* Setup the ciphertext buffer */ + *cipher_len = BLKSZ + clen; /*iv + ciphertext */ + cptr = *cipher = malloc(*cipher_len); + if (*cipher == NULL) { + rc = -1; + goto abort_egress; + } + + /* Copy the IV to cipher text blob*/ + memcpy(cptr, iv, BLKSZ); + cptr += BLKSZ; + + /* Setup encryption */ + aes_setkey_enc(&aes_ctx, symkey, 256); + + /* Do encryption now */ + aes_crypt_cbc(&aes_ctx, AES_ENCRYPT, clen, iv, clbuf, cptr); + + goto egress; +abort_egress: +egress: + free(clbuf); + return rc; +} +int decrypt_vtpmblk(uint8_t* cipher, size_t cipher_len, uint8_t** clear, size_t* clear_len, uint8_t* symkey) +{ + int rc = 0; + uint8_t iv[BLKSZ]; + uint8_t* ivptr; + UINT32 u32, temp; + aes_context aes_ctx; + + uint8_t* cptr = cipher; //cipher block pointer + int clen = cipher_len; //cipher block length + + /* Pull out the initialization vector */ + memcpy(iv, cipher, BLKSZ); + cptr += BLKSZ; + clen -= BLKSZ; + + /* Setup the clear text buffer */ + if((*clear = malloc(clen)) == NULL) { + rc = -1; + goto abort_egress; + } + + /* Get the length of clear text from last 4 bytes of iv */ + temp = sizeof(UINT32); + ivptr = iv + BLKSZ - temp; + tpm_unmarshal_UINT32(&ivptr, &temp, &u32); + *clear_len = u32; + + /* Setup decryption */ + aes_setkey_dec(&aes_ctx, symkey, 256); + + /* Do decryption now */ + if ((clen % BLKSZ) != 0) { + error("Decryption Error: Cipher block size was not a multiple of %u", BLKSZ); + rc = -1; + goto abort_egress; + } + aes_crypt_cbc(&aes_ctx, AES_DECRYPT, clen, iv, cptr, *clear); + + goto egress; +abort_egress: +egress: + return rc; +} + +int write_vtpmblk(struct tpmfront_dev* tpmfront_dev, uint8_t* data, size_t data_length) { + int rc; + uint8_t* cipher = NULL; + size_t cipher_len = 0; + uint8_t hashkey[HASHKEYSZ]; + uint8_t* symkey = hashkey + HASHSZ; + + /* Encrypt the data */ + if((rc = encrypt_vtpmblk(data, data_length, &cipher, &cipher_len, symkey))) { + goto abort_egress; + } + /* Write to disk */ + if((rc = write_vtpmblk_raw(cipher, cipher_len))) { + goto abort_egress; + } + /* Get sha1 hash of data */ + sha1(cipher, cipher_len, hashkey); + + /* Send hash and key to manager */ + if((rc = VTPM_SaveHashKey(tpmfront_dev, hashkey, HASHKEYSZ)) != TPM_SUCCESS) { + goto abort_egress; + } + goto egress; +abort_egress: +egress: + free(cipher); + return rc; +} + +int read_vtpmblk(struct tpmfront_dev* tpmfront_dev, uint8_t** data, size_t *data_length) { + int rc; + uint8_t* cipher = NULL; + size_t cipher_len = 0; + size_t keysize; + uint8_t* hashkey = NULL; + uint8_t hash[HASHSZ]; + uint8_t* symkey; + + /* Retreive the hash and the key from the manager */ + if((rc = VTPM_LoadHashKey(tpmfront_dev, &hashkey, &keysize)) != TPM_SUCCESS) { + goto abort_egress; + } + if(keysize != HASHKEYSZ) { + error("Manager returned a hashkey of invalid size! expected %d, actual %d", NVMKEYSZ, keysize); + rc = -1; + goto abort_egress; + } + symkey = hashkey + HASHSZ; + + /* Read from disk now */ + if((rc = read_vtpmblk_raw(&cipher, &cipher_len))) { + goto abort_egress; + } + + /* Compute the hash of the cipher text and compare */ + sha1(cipher, cipher_len, hash); + if(memcmp(hash, hashkey, HASHSZ)) { + int i; + error("NVM Storage Checksum failed!"); + printf("Expected: "); + for(i = 0; i < HASHSZ; ++i) { + printf("%02hhX ", hashkey[i]); + } + printf("\n"); + printf("Actual: "); + for(i = 0; i < HASHSZ; ++i) { + printf("%02hhX ", hash[i]); + } + printf("\n"); + rc = -1; + goto abort_egress; + } + + /* Decrypt the blob */ + if((rc = decrypt_vtpmblk(cipher, cipher_len, data, data_length, symkey))) { + goto abort_egress; + } + goto egress; +abort_egress: +egress: + free(cipher); + free(hashkey); + return rc; +} diff -r 3b59a6c3e9b0 -r 06b884fed150 stubdom/vtpm/vtpmblk.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpm/vtpmblk.h Fri Jan 18 10:55:42 2013 +0000 @@ -0,0 +1,31 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * THIS SOFTWARE AND ITS DOCUMENTATION ARE PROVIDED AS IS AND WITHOUT + * ANY EXPRESS OR IMPLIED WARRANTIES WHATSOEVER. ALL WARRANTIES + * INCLUDING, BUT NOT LIMITED TO, PERFORMANCE, MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT ARE HEREBY + * DISCLAIMED. USERS ASSUME THE ENTIRE RISK AND LIABILITY OF USING THE + * SOFTWARE. + */ + +#ifndef NVM_H +#define NVM_H +#include +#include +#include + +#define NVMKEYSZ 32 +#define HASHSZ 20 +#define HASHKEYSZ (NVMKEYSZ + HASHSZ) + +int init_vtpmblk(struct tpmfront_dev* tpmfront_dev); +void shutdown_vtpmblk(void); + +/* Encrypts and writes data to blk device */ +int write_vtpmblk(struct tpmfront_dev* tpmfront_dev, uint8_t *data, size_t data_length); +/* Reads, Decrypts, and returns data from blk device */ +int read_vtpmblk(struct tpmfront_dev* tpmfront_dev, uint8_t **data, size_t *data_length); + +#endif _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:33:23 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:33:23 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPve-0001Ay-CI; Mon, 21 Jan 2013 22:33:22 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvc-00019S-Sk for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:21 +0000 Received: from [193.109.254.147:26993] by server-15.bemta-14.messagelabs.com id 90/D8-08323-032CDF05; Mon, 21 Jan 2013 22:33:20 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-11.tower-27.messagelabs.com!1358807590!2789823!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=1.4 required=7.0 tests=INFO_TLD,UPPERCASE_25_50 X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 8872 invoked from network); 21 Jan 2013 22:33:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-11.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:33:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvS-0005fm-6C for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPvR-0003ge-Mg for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:09 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:09 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] add vtpm-stubdom code X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Matthew Fioravante # Date 1358506542 0 # Node ID 06b884fed150c91eb1506d1b33d9356d12d85293 # Parent 3b59a6c3e9b0fb5009bdfff97c8493bb9f0bec54 add vtpm-stubdom code Add the code base for vtpm-stubdom to the stubdom heirarchy. Makefile changes in later patch. Signed-off-by: Matthew Fioravante Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r 3b59a6c3e9b0 -r 06b884fed150 .gitignore --- a/.gitignore Fri Jan 18 11:35:11 2013 +0100 +++ b/.gitignore Fri Jan 18 10:55:42 2013 +0000 @@ -112,6 +112,7 @@ stubdom/ocaml-* stubdom/lwip/ stubdom/ioemu/ stubdom/stubdompath.sh +stubdom/vtpm/vtpm_manager.h tools/*/build/lib*/*.py tools/autom4te.cache tools/config.h diff -r 3b59a6c3e9b0 -r 06b884fed150 .hgignore --- a/.hgignore Fri Jan 18 11:35:11 2013 +0100 +++ b/.hgignore Fri Jan 18 10:55:42 2013 +0000 @@ -107,6 +107,7 @@ ^stubdom/lwip/ ^stubdom/ioemu/ ^stubdom/stubdompath\.sh$ +^stubdom/vtpm/vtpm_manager\.h$ ^tools/.*/build/lib.*/.*\.py$ ^tools/blktap2/control/tap-ctl$ ^tools/blktap2/drivers/img2qcow$ diff -r 3b59a6c3e9b0 -r 06b884fed150 stubdom/vtpm/Makefile --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpm/Makefile Fri Jan 18 10:55:42 2013 +0000 @@ -0,0 +1,37 @@ +# Copyright (c) 2010-2012 United States Government, as represented by +# the Secretary of Defense. All rights reserved. +# +# THIS SOFTWARE AND ITS DOCUMENTATION ARE PROVIDED AS IS AND WITHOUT +# ANY EXPRESS OR IMPLIED WARRANTIES WHATSOEVER. ALL WARRANTIES +# INCLUDING, BUT NOT LIMITED TO, PERFORMANCE, MERCHANTABILITY, FITNESS +# FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT ARE HEREBY +# DISCLAIMED. USERS ASSUME THE ENTIRE RISK AND LIABILITY OF USING THE +# SOFTWARE. +# + +XEN_ROOT=../.. + +PSSL_DIR=../polarssl-$(XEN_TARGET_ARCH)/library +PSSL_OBJS=aes.o sha1.o entropy.o ctr_drbg.o sha4.o + +TARGET=vtpm.a +OBJS=vtpm.o vtpm_cmd.o vtpmblk.o vtpm_pcrs.o + + +CPPFLAGS+=-I../tpm_emulator-$(XEN_TARGET_ARCH)/build +CPPFLAGS+=-I../tpm_emulator-$(XEN_TARGET_ARCH)/tpm +CPPFLAGS+=-I../tpm_emulator-$(XEN_TARGET_ARCH)/crypto +CPPFLAGS+=-I../tpm_emulator-$(XEN_TARGET_ARCH) + +$(TARGET): $(OBJS) + ar -cr $@ $(OBJS) $(TPMEMU_OBJS) $(foreach obj,$(PSSL_OBJS),$(PSSL_DIR)/$(obj)) + +$(OBJS): vtpm_manager.h + +vtpm_manager.h: + ln -s ../vtpmmgr/vtpm_manager.h vtpm_manager.h + +clean: + -rm $(TARGET) $(OBJS) vtpm_manager.h + +.PHONY: clean diff -r 3b59a6c3e9b0 -r 06b884fed150 stubdom/vtpm/minios.cfg --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpm/minios.cfg Fri Jan 18 10:55:42 2013 +0000 @@ -0,0 +1,14 @@ +CONFIG_TPMFRONT=y +CONFIG_TPM_TIS=n +CONFIG_TPMBACK=y +CONFIG_START_NETWORK=n +CONFIG_TEST=n +CONFIG_PCIFRONT=n +CONFIG_BLKFRONT=y +CONFIG_NETFRONT=n +CONFIG_FBFRONT=n +CONFIG_KBDFRONT=n +CONFIG_CONSFRONT=n +CONFIG_XENBUS=y +CONFIG_LWIP=n +CONFIG_XC=n diff -r 3b59a6c3e9b0 -r 06b884fed150 stubdom/vtpm/vtpm.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpm/vtpm.c Fri Jan 18 10:55:42 2013 +0000 @@ -0,0 +1,404 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * THIS SOFTWARE AND ITS DOCUMENTATION ARE PROVIDED AS IS AND WITHOUT + * ANY EXPRESS OR IMPLIED WARRANTIES WHATSOEVER. ALL WARRANTIES + * INCLUDING, BUT NOT LIMITED TO, PERFORMANCE, MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT ARE HEREBY + * DISCLAIMED. USERS ASSUME THE ENTIRE RISK AND LIABILITY OF USING THE + * SOFTWARE. + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#include + +#include "tpm/tpm_emulator_extern.h" +#include "tpm/tpm_marshalling.h" +#include "vtpm.h" +#include "vtpm_cmd.h" +#include "vtpm_pcrs.h" +#include "vtpmblk.h" + +#define TPM_LOG_INFO LOG_INFO +#define TPM_LOG_ERROR LOG_ERR +#define TPM_LOG_DEBUG LOG_DEBUG + +/* Global commandline options - default values */ +struct Opt_args opt_args = { + .startup = ST_CLEAR, + .loglevel = TPM_LOG_INFO, + .hwinitpcrs = VTPM_PCRNONE, + .tpmconf = 0, + .enable_maint_cmds = false, +}; + +static uint32_t badords[32]; +static unsigned int n_badords = 0; + +entropy_context entropy; +ctr_drbg_context ctr_drbg; + +struct tpmfront_dev* tpmfront_dev; + +void vtpm_get_extern_random_bytes(void *buf, size_t nbytes) +{ + ctr_drbg_random(&ctr_drbg, buf, nbytes); +} + +int vtpm_read_from_file(uint8_t **data, size_t *data_length) { + return read_vtpmblk(tpmfront_dev, data, data_length); +} + +int vtpm_write_to_file(uint8_t *data, size_t data_length) { + return write_vtpmblk(tpmfront_dev, data, data_length); +} + +int vtpm_extern_init_fake(void) { + return 0; +} + +void vtpm_extern_release_fake(void) { +} + + +void vtpm_log(int priority, const char *fmt, ...) +{ + if(opt_args.loglevel >= priority) { + va_list v; + va_start(v, fmt); + vprintf(fmt, v); + va_end(v); + } +} + +static uint64_t vtpm_get_ticks(void) +{ + static uint64_t old_t = 0; + uint64_t new_t, res_t; + struct timeval tv; + gettimeofday(&tv, NULL); + new_t = (uint64_t)tv.tv_sec * 1000000 + (uint64_t)tv.tv_usec; + res_t = (old_t > 0) ? new_t - old_t : 0; + old_t = new_t; + return res_t; +} + + +static int tpm_entropy_source(void* dummy, unsigned char* data, size_t len, size_t* olen) { + UINT32 sz = len; + TPM_RESULT rc = VTPM_GetRandom(tpmfront_dev, data, &sz); + *olen = sz; + return rc == TPM_SUCCESS ? 0 : POLARSSL_ERR_ENTROPY_SOURCE_FAILED; +} + +int init_random(void) { + /* Initialize the rng */ + entropy_init(&entropy); + entropy_add_source(&entropy, tpm_entropy_source, NULL, 0); + entropy_gather(&entropy); + ctr_drbg_init(&ctr_drbg, entropy_func, &entropy, NULL, 0); + ctr_drbg_set_prediction_resistance( &ctr_drbg, CTR_DRBG_PR_OFF ); + + return 0; +} + +int check_ordinal(tpmcmd_t* tpmcmd) { + TPM_COMMAND_CODE ord; + UINT32 len = 4; + BYTE* ptr; + unsigned int i; + + if(tpmcmd->req_len < 10) { + return true; + } + + ptr = tpmcmd->req + 6; + tpm_unmarshal_UINT32(&ptr, &len, &ord); + + for(i = 0; i < n_badords; ++i) { + if(ord == badords[i]) { + error("Disabled command ordinal (%" PRIu32") requested!\n"); + return false; + } + } + return true; +} + +static void main_loop(void) { + tpmcmd_t* tpmcmd = NULL; + domid_t domid; /* Domid of frontend */ + unsigned int handle; /* handle of frontend */ + int res = -1; + + info("VTPM Initializing\n"); + + /* Set required tpm config args */ + opt_args.tpmconf |= TPM_CONF_STRONG_PERSISTENCE; + opt_args.tpmconf &= ~TPM_CONF_USE_INTERNAL_PRNG; + opt_args.tpmconf |= TPM_CONF_GENERATE_EK; + opt_args.tpmconf |= TPM_CONF_GENERATE_SEED_DAA; + + /* Initialize the emulator */ + tpm_emulator_init(opt_args.startup, opt_args.tpmconf); + + /* Initialize any requested PCRs with hardware TPM values */ + if(vtpm_initialize_hw_pcrs(tpmfront_dev, opt_args.hwinitpcrs) != TPM_SUCCESS) { + error("Failed to initialize PCRs with hardware TPM values"); + goto abort_postpcrs; + } + + /* Wait for the frontend domain to connect */ + info("Waiting for frontend domain to connect.."); + if(tpmback_wait_for_frontend_connect(&domid, &handle) == 0) { + info("VTPM attached to Frontend %u/%u", (unsigned int) domid, handle); + } else { + error("Unable to attach to a frontend"); + } + + tpmcmd = tpmback_req(domid, handle); + while(tpmcmd) { + /* Handle the request */ + if(tpmcmd->req_len) { + tpmcmd->resp = NULL; + tpmcmd->resp_len = 0; + + /* First check for disabled ordinals */ + if(!check_ordinal(tpmcmd)) { + create_error_response(tpmcmd, TPM_BAD_ORDINAL); + } + /* If not disabled, do the command */ + else { + if((res = tpm_handle_command(tpmcmd->req, tpmcmd->req_len, &tpmcmd->resp, &tpmcmd->resp_len)) != 0) { + error("tpm_handle_command() failed"); + create_error_response(tpmcmd, TPM_FAIL); + } + } + } + + /* Send the response */ + tpmback_resp(tpmcmd); + + /* Wait for the next request */ + tpmcmd = tpmback_req(domid, handle); + + } + +abort_postpcrs: + info("VTPM Shutting down\n"); + + tpm_emulator_shutdown(); +} + +int parse_cmd_line(int argc, char** argv) +{ + char sval[25]; + char* logstr = NULL; + /* Parse the command strings */ + for(unsigned int i = 1; i < argc; ++i) { + if (sscanf(argv[i], "loglevel=%25s", sval) == 1){ + if (!strcmp(sval, "debug")) { + opt_args.loglevel = TPM_LOG_DEBUG; + logstr = "debug"; + } + else if (!strcmp(sval, "info")) { + logstr = "info"; + opt_args.loglevel = TPM_LOG_INFO; + } + else if (!strcmp(sval, "error")) { + logstr = "error"; + opt_args.loglevel = TPM_LOG_ERROR; + } + } + else if (!strcmp(argv[i], "clear")) { + opt_args.startup = ST_CLEAR; + } + else if (!strcmp(argv[i], "save")) { + opt_args.startup = ST_SAVE; + } + else if (!strcmp(argv[i], "deactivated")) { + opt_args.startup = ST_DEACTIVATED; + } + else if (!strncmp(argv[i], "maintcmds=", 10)) { + if(!strcmp(argv[i] + 10, "1")) { + opt_args.enable_maint_cmds = true; + } else if(!strcmp(argv[i] + 10, "0")) { + opt_args.enable_maint_cmds = false; + } + } + else if(!strncmp(argv[i], "hwinitpcr=", 10)) { + char *pch = argv[i] + 10; + unsigned int v1, v2; + pch = strtok(pch, ","); + while(pch != NULL) { + if(!strcmp(pch, "all")) { + //Set all + opt_args.hwinitpcrs = VTPM_PCRALL; + } else if(!strcmp(pch, "none")) { + //Set none + opt_args.hwinitpcrs = VTPM_PCRNONE; + } else if(sscanf(pch, "%u", &v1) == 1) { + //Set one + if(v1 >= TPM_NUM_PCR) { + error("hwinitpcr error: Invalid PCR index %u", v1); + return -1; + } + opt_args.hwinitpcrs |= (1 << v1); + } else if(sscanf(pch, "%u-%u", &v1, &v2) == 2) { + //Set range + if(v1 >= TPM_NUM_PCR) { + error("hwinitpcr error: Invalid PCR index %u", v1); + return -1; + } + if(v2 >= TPM_NUM_PCR) { + error("hwinitpcr error: Invalid PCR index %u", v1); + return -1; + } + if(v2 < v1) { + unsigned tp = v1; + v1 = v2; + v2 = tp; + } + for(unsigned int i = v1; i <= v2; ++i) { + opt_args.hwinitpcrs |= (1 << i); + } + } else { + error("hwintipcr error: Invalid PCR specification : %s", pch); + return -1; + } + pch = strtok(NULL, ","); + } + } + else { + error("Invalid command line option `%s'", argv[i]); + } + + } + + /* Check Errors and print results */ + switch(opt_args.startup) { + case ST_CLEAR: + info("Startup mode is `clear'"); + break; + case ST_SAVE: + info("Startup mode is `save'"); + break; + case ST_DEACTIVATED: + info("Startup mode is `deactivated'"); + break; + default: + error("Invalid startup mode %d", opt_args.startup); + return -1; + } + + if(opt_args.hwinitpcrs & (VTPM_PCRALL)) + { + char pcrstr[1024]; + char* ptr = pcrstr; + + pcrstr[0] = '\0'; + info("The following PCRs will be initialized with values from the hardware TPM:"); + for(unsigned int i = 0; i < TPM_NUM_PCR; ++i) { + if(opt_args.hwinitpcrs & (1 << i)) { + ptr += sprintf(ptr, "%u, ", i); + } + } + /* get rid of the last comma if any numbers were printed */ + *(ptr -2) = '\0'; + + info("\t%s", pcrstr); + } else { + info("All PCRs initialized to default values"); + } + + if(!opt_args.enable_maint_cmds) { + info("TPM Maintenance Commands disabled"); + badords[n_badords++] = TPM_ORD_CreateMaintenanceArchive; + badords[n_badords++] = TPM_ORD_LoadMaintenanceArchive; + badords[n_badords++] = TPM_ORD_KillMaintenanceFeature; + badords[n_badords++] = TPM_ORD_LoadManuMaintPub; + badords[n_badords++] = TPM_ORD_ReadManuMaintPub; + } else { + info("TPM Maintenance Commands enabled"); + } + + info("Log level set to %s", logstr); + + return 0; +} + +void cleanup_opt_args(void) { +} + +int main(int argc, char **argv) +{ + //FIXME: initializing blkfront without this sleep causes the domain to crash on boot + sleep(2); + + /* Setup extern function pointers */ + tpm_extern_init = vtpm_extern_init_fake; + tpm_extern_release = vtpm_extern_release_fake; + tpm_malloc = malloc; + tpm_free = free; + tpm_log = vtpm_log; + tpm_get_ticks = vtpm_get_ticks; + tpm_get_extern_random_bytes = vtpm_get_extern_random_bytes; + tpm_write_to_storage = vtpm_write_to_file; + tpm_read_from_storage = vtpm_read_from_file; + + info("starting TPM Emulator (1.2.%d.%d-%d)", VERSION_MAJOR, VERSION_MINOR, VERSION_BUILD); + if(parse_cmd_line(argc, argv)) { + error("Error parsing commandline\n"); + return -1; + } + + /* Initialize devices */ + init_tpmback(); + if((tpmfront_dev = init_tpmfront(NULL)) == NULL) { + error("Unable to initialize tpmfront device"); + goto abort_posttpmfront; + } + + /* Seed the RNG with entropy from hardware TPM */ + if(init_random()) { + error("Unable to initialize RNG"); + goto abort_postrng; + } + + /* Initialize blkfront device */ + if(init_vtpmblk(tpmfront_dev)) { + error("Unable to initialize Blkfront persistent storage"); + goto abort_postvtpmblk; + } + + /* Run main loop */ + main_loop(); + + /* Shutdown blkfront */ + shutdown_vtpmblk(); +abort_postvtpmblk: +abort_postrng: + + /* Close devices */ + shutdown_tpmfront(tpmfront_dev); +abort_posttpmfront: + shutdown_tpmback(); + + cleanup_opt_args(); + + return 0; +} diff -r 3b59a6c3e9b0 -r 06b884fed150 stubdom/vtpm/vtpm.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpm/vtpm.h Fri Jan 18 10:55:42 2013 +0000 @@ -0,0 +1,36 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * THIS SOFTWARE AND ITS DOCUMENTATION ARE PROVIDED AS IS AND WITHOUT + * ANY EXPRESS OR IMPLIED WARRANTIES WHATSOEVER. ALL WARRANTIES + * INCLUDING, BUT NOT LIMITED TO, PERFORMANCE, MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT ARE HEREBY + * DISCLAIMED. USERS ASSUME THE ENTIRE RISK AND LIABILITY OF USING THE + * SOFTWARE. + */ + +#ifndef VTPM_H +#define VTPM_H + +#include + +/* For testing */ +#define VERS_CMD "\x00\xC1\x00\x00\x00\x16\x00\x00\x00\x65\x00\x00\x00\x05\x00\x00\x00\x04\x00\x00\x01\x03" +#define VERS_CMD_LEN 22 + +/* Global commandline options */ +struct Opt_args { + enum StartUp { + ST_CLEAR = 1, + ST_SAVE = 2, + ST_DEACTIVATED = 3 + } startup; + unsigned long hwinitpcrs; + int loglevel; + uint32_t tpmconf; + bool enable_maint_cmds; +}; +extern struct Opt_args opt_args; + +#endif diff -r 3b59a6c3e9b0 -r 06b884fed150 stubdom/vtpm/vtpm_cmd.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpm/vtpm_cmd.c Fri Jan 18 10:55:42 2013 +0000 @@ -0,0 +1,256 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * THIS SOFTWARE AND ITS DOCUMENTATION ARE PROVIDED AS IS AND WITHOUT + * ANY EXPRESS OR IMPLIED WARRANTIES WHATSOEVER. ALL WARRANTIES + * INCLUDING, BUT NOT LIMITED TO, PERFORMANCE, MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT ARE HEREBY + * DISCLAIMED. USERS ASSUME THE ENTIRE RISK AND LIABILITY OF USING THE + * SOFTWARE. + */ + +#include +#include +#include +#include +#include "tpm/tpm_marshalling.h" +#include "vtpm_manager.h" +#include "vtpm_cmd.h" +#include + +#define TRYFAILGOTO(C) \ + if((C)) { \ + status = TPM_FAIL; \ + goto abort_egress; \ + } +#define TRYFAILGOTOMSG(C, msg) \ + if((C)) { \ + status = TPM_FAIL; \ + error(msg); \ + goto abort_egress; \ + } +#define CHECKSTATUSGOTO(ret, fname) \ + if((ret) != TPM_SUCCESS) { \ + error("%s failed with error code (%lu)", fname, (unsigned long) ret); \ + status = ord; \ + goto abort_egress; \ + } + +#define ERR_MALFORMED "Malformed response from backend" +#define ERR_TPMFRONT "Error sending command through frontend device" + +struct shpage { + void* page; + grant_ref_t grantref; +}; + +typedef struct shpage shpage_t; + +static inline int pack_header(uint8_t** bptr, UINT32* len, TPM_TAG tag, UINT32 size, TPM_COMMAND_CODE ord) +{ + return *bptr == NULL || + tpm_marshal_UINT16(bptr, len, tag) || + tpm_marshal_UINT32(bptr, len, size) || + tpm_marshal_UINT32(bptr, len, ord); +} + +static inline int unpack_header(uint8_t** bptr, UINT32* len, TPM_TAG* tag, UINT32* size, TPM_COMMAND_CODE* ord) +{ + return *bptr == NULL || + tpm_unmarshal_UINT16(bptr, len, tag) || + tpm_unmarshal_UINT32(bptr, len, size) || + tpm_unmarshal_UINT32(bptr, len, ord); +} + +int create_error_response(tpmcmd_t* tpmcmd, TPM_RESULT errorcode) +{ + TPM_TAG tag; + UINT32 len = tpmcmd->req_len; + uint8_t* respptr; + uint8_t* cmdptr = tpmcmd->req; + + if(!tpm_unmarshal_UINT16(&cmdptr, &len, &tag)) { + switch (tag) { + case TPM_TAG_RQU_COMMAND: + tag = TPM_TAG_RSP_COMMAND; + break; + case TPM_TAG_RQU_AUTH1_COMMAND: + tag = TPM_TAG_RQU_AUTH2_COMMAND; + break; + case TPM_TAG_RQU_AUTH2_COMMAND: + tag = TPM_TAG_RQU_AUTH2_COMMAND; + break; + } + } else { + tag = TPM_TAG_RSP_COMMAND; + } + + tpmcmd->resp_len = len = 10; + tpmcmd->resp = respptr = tpm_malloc(tpmcmd->resp_len); + + return pack_header(&respptr, &len, tag, len, errorcode); +} + +TPM_RESULT VTPM_GetRandom(struct tpmfront_dev* tpmfront_dev, BYTE* bytes, UINT32 *numbytes) { + TPM_RESULT status = TPM_SUCCESS; + uint8_t* cmdbuf, *resp, *bptr; + size_t resplen = 0; + UINT32 len; + + /*Ask the real tpm for random bytes for the seed */ + TPM_TAG tag = TPM_TAG_RQU_COMMAND; + UINT32 size; + TPM_COMMAND_CODE ord = TPM_ORD_GetRandom; + len = size = sizeof(TPM_TAG) + sizeof(UINT32) + sizeof(TPM_COMMAND_CODE) + sizeof(UINT32); + + /*Create the raw tpm command */ + bptr = cmdbuf = malloc(size); + TRYFAILGOTO(pack_header(&bptr, &len, tag, size, ord)); + TRYFAILGOTO(tpm_marshal_UINT32(&bptr, &len, *numbytes)); + + /* Send cmd, wait for response */ + TRYFAILGOTOMSG(tpmfront_cmd(tpmfront_dev, cmdbuf, size, &resp, &resplen), + ERR_TPMFRONT); + + bptr = resp; len = resplen; + TRYFAILGOTOMSG(unpack_header(&bptr, &len, &tag, &size, &ord), ERR_MALFORMED); + + //Check return status of command + CHECKSTATUSGOTO(ord, "TPM_GetRandom()"); + + // Get the number of random bytes in the response + TRYFAILGOTOMSG(tpm_unmarshal_UINT32(&bptr, &len, &size), ERR_MALFORMED); + *numbytes = size; + + //Get the random bytes out, tpm may give us less bytes than what we wanrt + TRYFAILGOTOMSG(tpm_unmarshal_BYTE_ARRAY(&bptr, &len, bytes, *numbytes), ERR_MALFORMED); + + goto egress; +abort_egress: +egress: + free(cmdbuf); + return status; + +} + +TPM_RESULT VTPM_LoadHashKey(struct tpmfront_dev* tpmfront_dev, uint8_t** data, size_t* data_length) +{ + TPM_RESULT status = TPM_SUCCESS; + uint8_t* bptr, *resp; + uint8_t* cmdbuf = NULL; + size_t resplen = 0; + UINT32 len; + + TPM_TAG tag = VTPM_TAG_REQ; + UINT32 size; + TPM_COMMAND_CODE ord = VTPM_ORD_LOADHASHKEY; + + /*Create the command*/ + len = size = VTPM_COMMAND_HEADER_SIZE; + bptr = cmdbuf = malloc(size); + TRYFAILGOTO(pack_header(&bptr, &len, tag, size, ord)); + + /* Send the command to vtpm_manager */ + info("Requesting Encryption key from backend"); + TRYFAILGOTOMSG(tpmfront_cmd(tpmfront_dev, cmdbuf, size, &resp, &resplen), ERR_TPMFRONT); + + /* Unpack response header */ + bptr = resp; + len = resplen; + TRYFAILGOTOMSG(unpack_header(&bptr, &len, &tag, &size, &ord), ERR_MALFORMED); + + /* Check return code */ + CHECKSTATUSGOTO(ord, "VTPM_LoadHashKey()"); + + /* Get the size of the key */ + *data_length = size - VTPM_COMMAND_HEADER_SIZE; + + /* Copy the key bits */ + *data = malloc(*data_length); + memcpy(*data, bptr, *data_length); + + goto egress; +abort_egress: + error("VTPM_LoadHashKey failed"); +egress: + free(cmdbuf); + return status; +} + +TPM_RESULT VTPM_SaveHashKey(struct tpmfront_dev* tpmfront_dev, uint8_t* data, size_t data_length) +{ + TPM_RESULT status = TPM_SUCCESS; + uint8_t* bptr, *resp; + uint8_t* cmdbuf = NULL; + size_t resplen = 0; + UINT32 len; + + TPM_TAG tag = VTPM_TAG_REQ; + UINT32 size; + TPM_COMMAND_CODE ord = VTPM_ORD_SAVEHASHKEY; + + /*Create the command*/ + len = size = VTPM_COMMAND_HEADER_SIZE + data_length; + bptr = cmdbuf = malloc(size); + TRYFAILGOTO(pack_header(&bptr, &len, tag, size, ord)); + memcpy(bptr, data, data_length); + bptr += data_length; + + /* Send the command to vtpm_manager */ + info("Sending encryption key to backend"); + TRYFAILGOTOMSG(tpmfront_cmd(tpmfront_dev, cmdbuf, size, &resp, &resplen), ERR_TPMFRONT); + + /* Unpack response header */ + bptr = resp; + len = resplen; + TRYFAILGOTOMSG(unpack_header(&bptr, &len, &tag, &size, &ord), ERR_MALFORMED); + + /* Check return code */ + CHECKSTATUSGOTO(ord, "VTPM_SaveHashKey()"); + + goto egress; +abort_egress: + error("VTPM_SaveHashKey failed"); +egress: + free(cmdbuf); + return status; +} + +TPM_RESULT VTPM_PCRRead(struct tpmfront_dev* tpmfront_dev, UINT32 pcrIndex, BYTE* outDigest) +{ + TPM_RESULT status = TPM_SUCCESS; + uint8_t *cmdbuf, *resp, *bptr; + size_t resplen = 0; + UINT32 len; + + /*Just send a TPM_PCRRead Command to the HW tpm */ + TPM_TAG tag = TPM_TAG_RQU_COMMAND; + UINT32 size; + TPM_COMMAND_CODE ord = TPM_ORD_PCRRead; + len = size = sizeof(TPM_TAG) + sizeof(UINT32) + sizeof(TPM_COMMAND_CODE) + sizeof(UINT32); + + /*Create the raw tpm cmd */ + bptr = cmdbuf = malloc(size); + TRYFAILGOTO(pack_header(&bptr, &len, tag, size, ord)); + TRYFAILGOTO(tpm_marshal_UINT32(&bptr, &len, pcrIndex)); + + /*Send Cmd wait for response */ + TRYFAILGOTOMSG(tpmfront_cmd(tpmfront_dev, cmdbuf, size, &resp, &resplen), ERR_TPMFRONT); + + bptr = resp; len = resplen; + TRYFAILGOTOMSG(unpack_header(&bptr, &len, &tag, &size, &ord), ERR_MALFORMED); + + //Check return status of command + CHECKSTATUSGOTO(ord, "TPM_PCRRead"); + + //Get the ptr value + memcpy(outDigest, bptr, sizeof(TPM_PCRVALUE)); + + goto egress; +abort_egress: +egress: + free(cmdbuf); + return status; + +} diff -r 3b59a6c3e9b0 -r 06b884fed150 stubdom/vtpm/vtpm_cmd.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpm/vtpm_cmd.h Fri Jan 18 10:55:42 2013 +0000 @@ -0,0 +1,31 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * THIS SOFTWARE AND ITS DOCUMENTATION ARE PROVIDED AS IS AND WITHOUT + * ANY EXPRESS OR IMPLIED WARRANTIES WHATSOEVER. ALL WARRANTIES + * INCLUDING, BUT NOT LIMITED TO, PERFORMANCE, MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT ARE HEREBY + * DISCLAIMED. USERS ASSUME THE ENTIRE RISK AND LIABILITY OF USING THE + * SOFTWARE. + */ + +#ifndef MANAGER_H +#define MANAGER_H + +#include +#include +#include "tpm/tpm_structures.h" + +/* Create a command response error header */ +int create_error_response(tpmcmd_t* tpmcmd, TPM_RESULT errorcode); +/* Request random bytes from hardware tpm, returns 0 on success */ +TPM_RESULT VTPM_GetRandom(struct tpmfront_dev* tpmfront_dev, BYTE* bytes, UINT32* numbytes); +/* Retreive 256 bit AES encryption key from manager */ +TPM_RESULT VTPM_LoadHashKey(struct tpmfront_dev* tpmfront_dev, uint8_t** data, size_t* data_length); +/* Manager securely saves our 256 bit AES encryption key */ +TPM_RESULT VTPM_SaveHashKey(struct tpmfront_dev* tpmfront_dev, uint8_t* data, size_t data_length); +/* Send a TPM_PCRRead command passthrough the manager to the hw tpm */ +TPM_RESULT VTPM_PCRRead(struct tpmfront_dev* tpmfront_dev, UINT32 pcrIndex, BYTE* outDigest); + +#endif diff -r 3b59a6c3e9b0 -r 06b884fed150 stubdom/vtpm/vtpm_pcrs.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpm/vtpm_pcrs.c Fri Jan 18 10:55:42 2013 +0000 @@ -0,0 +1,43 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * THIS SOFTWARE AND ITS DOCUMENTATION ARE PROVIDED AS IS AND WITHOUT + * ANY EXPRESS OR IMPLIED WARRANTIES WHATSOEVER. ALL WARRANTIES + * INCLUDING, BUT NOT LIMITED TO, PERFORMANCE, MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT ARE HEREBY + * DISCLAIMED. USERS ASSUME THE ENTIRE RISK AND LIABILITY OF USING THE + * SOFTWARE. + */ + +#include "vtpm_pcrs.h" +#include "vtpm_cmd.h" +#include "tpm/tpm_data.h" + +#define PCR_VALUE tpmData.permanent.data.pcrValue + +static int write_pcr_direct(unsigned int pcrIndex, uint8_t* val) { + if(pcrIndex > TPM_NUM_PCR) { + return TPM_BADINDEX; + } + memcpy(&PCR_VALUE[pcrIndex], val, sizeof(TPM_PCRVALUE)); + return TPM_SUCCESS; +} + +TPM_RESULT vtpm_initialize_hw_pcrs(struct tpmfront_dev* tpmfront_dev, unsigned long pcrs) +{ + TPM_RESULT rc = TPM_SUCCESS; + uint8_t digest[sizeof(TPM_PCRVALUE)]; + + for(unsigned int i = 0; i < TPM_NUM_PCR; ++i) { + if(pcrs & 1 << i) { + if((rc = VTPM_PCRRead(tpmfront_dev, i, digest)) != TPM_SUCCESS) { + error("TPM_PCRRead failed with error : %d", rc); + return rc; + } + write_pcr_direct(i, digest); + } + } + + return rc; +} diff -r 3b59a6c3e9b0 -r 06b884fed150 stubdom/vtpm/vtpm_pcrs.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpm/vtpm_pcrs.h Fri Jan 18 10:55:42 2013 +0000 @@ -0,0 +1,53 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * THIS SOFTWARE AND ITS DOCUMENTATION ARE PROVIDED AS IS AND WITHOUT + * ANY EXPRESS OR IMPLIED WARRANTIES WHATSOEVER. ALL WARRANTIES + * INCLUDING, BUT NOT LIMITED TO, PERFORMANCE, MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT ARE HEREBY + * DISCLAIMED. USERS ASSUME THE ENTIRE RISK AND LIABILITY OF USING THE + * SOFTWARE. + */ + +#ifndef VTPM_PCRS_H +#define VTPM_PCRS_H + +#include "tpm/tpm_structures.h" + +#define VTPM_PCR0 1 +#define VTPM_PCR1 1 << 1 +#define VTPM_PCR2 1 << 2 +#define VTPM_PCR3 1 << 3 +#define VTPM_PCR4 1 << 4 +#define VTPM_PCR5 1 << 5 +#define VTPM_PCR6 1 << 6 +#define VTPM_PCR7 1 << 7 +#define VTPM_PCR8 1 << 8 +#define VTPM_PCR9 1 << 9 +#define VTPM_PCR10 1 << 10 +#define VTPM_PCR11 1 << 11 +#define VTPM_PCR12 1 << 12 +#define VTPM_PCR13 1 << 13 +#define VTPM_PCR14 1 << 14 +#define VTPM_PCR15 1 << 15 +#define VTPM_PCR16 1 << 16 +#define VTPM_PCR17 1 << 17 +#define VTPM_PCR18 1 << 18 +#define VTPM_PCR19 1 << 19 +#define VTPM_PCR20 1 << 20 +#define VTPM_PCR21 1 << 21 +#define VTPM_PCR22 1 << 22 +#define VTPM_PCR23 1 << 23 + +#define VTPM_PCRALL (1 << TPM_NUM_PCR) - 1 +#define VTPM_PCRNONE 0 + +#define VTPM_NUMPCRS 24 + +struct tpmfront_dev; + +TPM_RESULT vtpm_initialize_hw_pcrs(struct tpmfront_dev* tpmfront_dev, unsigned long pcrs); + + +#endif diff -r 3b59a6c3e9b0 -r 06b884fed150 stubdom/vtpm/vtpmblk.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpm/vtpmblk.c Fri Jan 18 10:55:42 2013 +0000 @@ -0,0 +1,307 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * THIS SOFTWARE AND ITS DOCUMENTATION ARE PROVIDED AS IS AND WITHOUT + * ANY EXPRESS OR IMPLIED WARRANTIES WHATSOEVER. ALL WARRANTIES + * INCLUDING, BUT NOT LIMITED TO, PERFORMANCE, MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT ARE HEREBY + * DISCLAIMED. USERS ASSUME THE ENTIRE RISK AND LIABILITY OF USING THE + * SOFTWARE. + */ + +#include +#include "vtpmblk.h" +#include "tpm/tpm_marshalling.h" +#include "vtpm_cmd.h" +#include "polarssl/aes.h" +#include "polarssl/sha1.h" +#include +#include +#include +#include + +/*Encryption key and block sizes */ +#define BLKSZ 16 + +static struct blkfront_dev* blkdev = NULL; +static int blkfront_fd = -1; + +int init_vtpmblk(struct tpmfront_dev* tpmfront_dev) +{ + struct blkfront_info blkinfo; + info("Initializing persistent NVM storage\n"); + + if((blkdev = init_blkfront(NULL, &blkinfo)) == NULL) { + error("BLKIO: ERROR Unable to initialize blkfront"); + return -1; + } + if (blkinfo.info & VDISK_READONLY || blkinfo.mode != O_RDWR) { + error("BLKIO: ERROR block device is read only!"); + goto error; + } + if((blkfront_fd = blkfront_open(blkdev)) == -1) { + error("Unable to open blkfront file descriptor!"); + goto error; + } + + return 0; +error: + shutdown_blkfront(blkdev); + blkdev = NULL; + return -1; +} + +void shutdown_vtpmblk(void) +{ + close(blkfront_fd); + blkfront_fd = -1; + blkdev = NULL; +} + +int write_vtpmblk_raw(uint8_t *data, size_t data_length) +{ + int rc; + uint32_t lenbuf; + debug("Begin Write data=%p len=%u", data, data_length); + + lenbuf = cpu_to_be32((uint32_t)data_length); + + lseek(blkfront_fd, 0, SEEK_SET); + if((rc = write(blkfront_fd, (uint8_t*)&lenbuf, 4)) != 4) { + error("write(length) failed! error was %s", strerror(errno)); + return -1; + } + if((rc = write(blkfront_fd, data, data_length)) != data_length) { + error("write(data) failed! error was %s", strerror(errno)); + return -1; + } + + info("Wrote %u bytes to NVM persistent storage", data_length); + + return 0; +} + +int read_vtpmblk_raw(uint8_t **data, size_t *data_length) +{ + int rc; + uint32_t lenbuf; + + lseek(blkfront_fd, 0, SEEK_SET); + if(( rc = read(blkfront_fd, (uint8_t*)&lenbuf, 4)) != 4) { + error("read(length) failed! error was %s", strerror(errno)); + return -1; + } + *data_length = (size_t) cpu_to_be32(lenbuf); + if(*data_length == 0) { + error("read 0 data_length for NVM"); + return -1; + } + + *data = tpm_malloc(*data_length); + if((rc = read(blkfront_fd, *data, *data_length)) != *data_length) { + error("read(data) failed! error was %s", strerror(errno)); + return -1; + } + + info("Read %u bytes from NVM persistent storage", *data_length); + return 0; +} + +int encrypt_vtpmblk(uint8_t* clear, size_t clear_len, uint8_t** cipher, size_t* cipher_len, uint8_t* symkey) +{ + int rc = 0; + uint8_t iv[BLKSZ]; + aes_context aes_ctx; + UINT32 temp; + int mod; + + uint8_t* clbuf = NULL; + + uint8_t* ivptr; + int ivlen; + + uint8_t* cptr; //Cipher block pointer + int clen; //Cipher block length + + /*Create a new 256 bit encryption key */ + if(symkey == NULL) { + rc = -1; + goto abort_egress; + } + tpm_get_extern_random_bytes(symkey, NVMKEYSZ); + + /*Setup initialization vector - random bits and then 4 bytes clear text size at the end*/ + temp = sizeof(UINT32); + ivlen = BLKSZ - temp; + tpm_get_extern_random_bytes(iv, ivlen); + ivptr = iv + ivlen; + tpm_marshal_UINT32(&ivptr, &temp, (UINT32) clear_len); + + /*The clear text needs to be padded out to a multiple of BLKSZ */ + mod = clear_len % BLKSZ; + clen = mod ? clear_len + BLKSZ - mod : clear_len; + clbuf = malloc(clen); + if (clbuf == NULL) { + rc = -1; + goto abort_egress; + } + memcpy(clbuf, clear, clear_len); + /* zero out the padding bits - FIXME: better / more secure way to handle these? */ + if(clen - clear_len) { + memset(clbuf + clear_len, 0, clen - clear_len); + } + + /* Setup the ciphertext buffer */ + *cipher_len = BLKSZ + clen; /*iv + ciphertext */ + cptr = *cipher = malloc(*cipher_len); + if (*cipher == NULL) { + rc = -1; + goto abort_egress; + } + + /* Copy the IV to cipher text blob*/ + memcpy(cptr, iv, BLKSZ); + cptr += BLKSZ; + + /* Setup encryption */ + aes_setkey_enc(&aes_ctx, symkey, 256); + + /* Do encryption now */ + aes_crypt_cbc(&aes_ctx, AES_ENCRYPT, clen, iv, clbuf, cptr); + + goto egress; +abort_egress: +egress: + free(clbuf); + return rc; +} +int decrypt_vtpmblk(uint8_t* cipher, size_t cipher_len, uint8_t** clear, size_t* clear_len, uint8_t* symkey) +{ + int rc = 0; + uint8_t iv[BLKSZ]; + uint8_t* ivptr; + UINT32 u32, temp; + aes_context aes_ctx; + + uint8_t* cptr = cipher; //cipher block pointer + int clen = cipher_len; //cipher block length + + /* Pull out the initialization vector */ + memcpy(iv, cipher, BLKSZ); + cptr += BLKSZ; + clen -= BLKSZ; + + /* Setup the clear text buffer */ + if((*clear = malloc(clen)) == NULL) { + rc = -1; + goto abort_egress; + } + + /* Get the length of clear text from last 4 bytes of iv */ + temp = sizeof(UINT32); + ivptr = iv + BLKSZ - temp; + tpm_unmarshal_UINT32(&ivptr, &temp, &u32); + *clear_len = u32; + + /* Setup decryption */ + aes_setkey_dec(&aes_ctx, symkey, 256); + + /* Do decryption now */ + if ((clen % BLKSZ) != 0) { + error("Decryption Error: Cipher block size was not a multiple of %u", BLKSZ); + rc = -1; + goto abort_egress; + } + aes_crypt_cbc(&aes_ctx, AES_DECRYPT, clen, iv, cptr, *clear); + + goto egress; +abort_egress: +egress: + return rc; +} + +int write_vtpmblk(struct tpmfront_dev* tpmfront_dev, uint8_t* data, size_t data_length) { + int rc; + uint8_t* cipher = NULL; + size_t cipher_len = 0; + uint8_t hashkey[HASHKEYSZ]; + uint8_t* symkey = hashkey + HASHSZ; + + /* Encrypt the data */ + if((rc = encrypt_vtpmblk(data, data_length, &cipher, &cipher_len, symkey))) { + goto abort_egress; + } + /* Write to disk */ + if((rc = write_vtpmblk_raw(cipher, cipher_len))) { + goto abort_egress; + } + /* Get sha1 hash of data */ + sha1(cipher, cipher_len, hashkey); + + /* Send hash and key to manager */ + if((rc = VTPM_SaveHashKey(tpmfront_dev, hashkey, HASHKEYSZ)) != TPM_SUCCESS) { + goto abort_egress; + } + goto egress; +abort_egress: +egress: + free(cipher); + return rc; +} + +int read_vtpmblk(struct tpmfront_dev* tpmfront_dev, uint8_t** data, size_t *data_length) { + int rc; + uint8_t* cipher = NULL; + size_t cipher_len = 0; + size_t keysize; + uint8_t* hashkey = NULL; + uint8_t hash[HASHSZ]; + uint8_t* symkey; + + /* Retreive the hash and the key from the manager */ + if((rc = VTPM_LoadHashKey(tpmfront_dev, &hashkey, &keysize)) != TPM_SUCCESS) { + goto abort_egress; + } + if(keysize != HASHKEYSZ) { + error("Manager returned a hashkey of invalid size! expected %d, actual %d", NVMKEYSZ, keysize); + rc = -1; + goto abort_egress; + } + symkey = hashkey + HASHSZ; + + /* Read from disk now */ + if((rc = read_vtpmblk_raw(&cipher, &cipher_len))) { + goto abort_egress; + } + + /* Compute the hash of the cipher text and compare */ + sha1(cipher, cipher_len, hash); + if(memcmp(hash, hashkey, HASHSZ)) { + int i; + error("NVM Storage Checksum failed!"); + printf("Expected: "); + for(i = 0; i < HASHSZ; ++i) { + printf("%02hhX ", hashkey[i]); + } + printf("\n"); + printf("Actual: "); + for(i = 0; i < HASHSZ; ++i) { + printf("%02hhX ", hash[i]); + } + printf("\n"); + rc = -1; + goto abort_egress; + } + + /* Decrypt the blob */ + if((rc = decrypt_vtpmblk(cipher, cipher_len, data, data_length, symkey))) { + goto abort_egress; + } + goto egress; +abort_egress: +egress: + free(cipher); + free(hashkey); + return rc; +} diff -r 3b59a6c3e9b0 -r 06b884fed150 stubdom/vtpm/vtpmblk.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpm/vtpmblk.h Fri Jan 18 10:55:42 2013 +0000 @@ -0,0 +1,31 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * THIS SOFTWARE AND ITS DOCUMENTATION ARE PROVIDED AS IS AND WITHOUT + * ANY EXPRESS OR IMPLIED WARRANTIES WHATSOEVER. ALL WARRANTIES + * INCLUDING, BUT NOT LIMITED TO, PERFORMANCE, MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT ARE HEREBY + * DISCLAIMED. USERS ASSUME THE ENTIRE RISK AND LIABILITY OF USING THE + * SOFTWARE. + */ + +#ifndef NVM_H +#define NVM_H +#include +#include +#include + +#define NVMKEYSZ 32 +#define HASHSZ 20 +#define HASHKEYSZ (NVMKEYSZ + HASHSZ) + +int init_vtpmblk(struct tpmfront_dev* tpmfront_dev); +void shutdown_vtpmblk(void); + +/* Encrypts and writes data to blk device */ +int write_vtpmblk(struct tpmfront_dev* tpmfront_dev, uint8_t *data, size_t data_length); +/* Reads, Decrypts, and returns data from blk device */ +int read_vtpmblk(struct tpmfront_dev* tpmfront_dev, uint8_t **data, size_t *data_length); + +#endif _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:33:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:33:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvf-0001Cc-NK; Mon, 21 Jan 2013 22:33:23 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPve-0001AU-JN for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:22 +0000 Received: from [193.109.254.147:9894] by server-11.bemta-14.messagelabs.com id 2A/CD-18979-132CDF05; Mon, 21 Jan 2013 22:33:21 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-11.tower-27.messagelabs.com!1358807599!2789832!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 9381 invoked from network); 21 Jan 2013 22:33:20 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-11.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:33:20 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvb-0005ge-P4 for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:19 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPvb-0003l1-Ny for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:19 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:19 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen/arm: flush dcache after memcpy'ing the kernel image X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Stefano Stabellini # Date 1358772031 0 # Node ID b5212ea378292bb6564c215c733d81433a5b5083 # Parent 002f86162d7e836acc2a00966cc1dc0ab36c2de2 xen/arm: flush dcache after memcpy'ing the kernel image After memcpy'ing the kernel in guest memory we need to flush the dcache to make sure that the data actually reaches the memory before we start executing guest code with caches disabled. copy_from_paddr is the function that does the copy, so add a flush_xen_dcache_va_range there. Signed-off-by: Stefano Stabellini Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r 002f86162d7e -r b5212ea37829 xen/arch/arm/kernel.c --- a/xen/arch/arm/kernel.c Mon Jan 21 12:40:31 2013 +0000 +++ b/xen/arch/arm/kernel.c Mon Jan 21 12:40:31 2013 +0000 @@ -54,6 +54,7 @@ void copy_from_paddr(void *dst, paddr_t set_fixmap(FIXMAP_MISC, p, attrindx); memcpy(dst, src + s, l); + flush_xen_dcache_va_range(dst, l); paddr += l; dst += l; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:33:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:33:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvf-0001Cc-NK; Mon, 21 Jan 2013 22:33:23 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPve-0001AU-JN for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:22 +0000 Received: from [193.109.254.147:9894] by server-11.bemta-14.messagelabs.com id 2A/CD-18979-132CDF05; Mon, 21 Jan 2013 22:33:21 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-11.tower-27.messagelabs.com!1358807599!2789832!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 9381 invoked from network); 21 Jan 2013 22:33:20 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-11.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:33:20 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvb-0005ge-P4 for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:19 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPvb-0003l1-Ny for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:19 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:19 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen/arm: flush dcache after memcpy'ing the kernel image X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Stefano Stabellini # Date 1358772031 0 # Node ID b5212ea378292bb6564c215c733d81433a5b5083 # Parent 002f86162d7e836acc2a00966cc1dc0ab36c2de2 xen/arm: flush dcache after memcpy'ing the kernel image After memcpy'ing the kernel in guest memory we need to flush the dcache to make sure that the data actually reaches the memory before we start executing guest code with caches disabled. copy_from_paddr is the function that does the copy, so add a flush_xen_dcache_va_range there. Signed-off-by: Stefano Stabellini Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r 002f86162d7e -r b5212ea37829 xen/arch/arm/kernel.c --- a/xen/arch/arm/kernel.c Mon Jan 21 12:40:31 2013 +0000 +++ b/xen/arch/arm/kernel.c Mon Jan 21 12:40:31 2013 +0000 @@ -54,6 +54,7 @@ void copy_from_paddr(void *dst, paddr_t set_fixmap(FIXMAP_MISC, p, attrindx); memcpy(dst, src + s, l); + flush_xen_dcache_va_range(dst, l); paddr += l; dst += l; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:33:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:33:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvf-0001CO-Hp; Mon, 21 Jan 2013 22:33:23 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPve-00016M-Dc for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:22 +0000 Received: from [85.158.143.35:8481] by server-3.bemta-4.messagelabs.com id 6E/F3-10689-232CDF05; Mon, 21 Jan 2013 22:33:22 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-16.tower-21.messagelabs.com!1358807600!13767303!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 7231 invoked from network); 21 Jan 2013 22:33:21 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-16.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:33:21 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvc-0005gh-Bk for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:20 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPvc-0003lG-8G for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:20 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:19 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] vtpmmgr: fix build on 32-bit X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1358784296 0 # Node ID 0369fd99e9529bedcd72539575cd04a279765137 # Parent b5212ea378292bb6564c215c733d81433a5b5083 vtpmmgr: fix build on 32-bit Correct format string, fixing: vtpm_storage.c: In function 'vtpm_storage_load_header': vtpm_storage.c:658: error: format '%ld' expects type 'long int', but argument 5 has type 'unsigned int' vtpm_storage.c:658: error: format '%ld' expects type 'long int', but argument 5 has type 'unsigned int' make[2]: *** [vtpm_storage.o] Error 1 Add padlock.o to PSSL_OBJS, fixing: /local/scratch/ianc/devel/xen-unstable.git/stubdom/mini-os-x86_32-vtpmmgr/mini-os.o: In function `aes_crypt_ecb': /local/scratch/ianc/devel/xen-unstable.git/stubdom/polarssl-x86_32/library/aes.c:659: undefined reference to `padlock_supports' /local/scratch/ianc/devel/xen-unstable.git/stubdom/polarssl-x86_32/library/aes.c:661: undefined reference to `padlock_xcryptecb' /local/scratch/ianc/devel/xen-unstable.git/stubdom/mini-os-x86_32-vtpmmgr/mini-os.o: In function `aes_crypt_cbc': /local/scratch/ianc/devel/xen-unstable.git/stubdom/polarssl-x86_32/library/aes.c:771: undefined reference to `padlock_supports' /local/scratch/ianc/devel/xen-unstable.git/stubdom/polarssl-x86_32/library/aes.c:773: undefined reference to `padlock_xcryptcbc' make[1]: *** [/local/scratch/ianc/devel/xen-unstable.git/stubdom/mini-os-x86_32-vtpmmgr/mini-os] Error 1 Signed-off-by: Ian Campbell Acked by: Matthew Fioravante [ ijc -- applied same fix to stubdom/vtpm/Makefile ] Committed-by: Ian Campbell --- diff -r b5212ea37829 -r 0369fd99e952 stubdom/vtpm/Makefile --- a/stubdom/vtpm/Makefile Mon Jan 21 12:40:31 2013 +0000 +++ b/stubdom/vtpm/Makefile Mon Jan 21 16:04:56 2013 +0000 @@ -12,7 +12,7 @@ XEN_ROOT=../.. PSSL_DIR=../polarssl-$(XEN_TARGET_ARCH)/library -PSSL_OBJS=aes.o sha1.o entropy.o ctr_drbg.o sha4.o +PSSL_OBJS=aes.o sha1.o entropy.o ctr_drbg.o sha4.o padlock.o TARGET=vtpm.a OBJS=vtpm.o vtpm_cmd.o vtpmblk.o vtpm_pcrs.o diff -r b5212ea37829 -r 0369fd99e952 stubdom/vtpmmgr/Makefile --- a/stubdom/vtpmmgr/Makefile Mon Jan 21 12:40:31 2013 +0000 +++ b/stubdom/vtpmmgr/Makefile Mon Jan 21 16:04:56 2013 +0000 @@ -12,7 +12,7 @@ XEN_ROOT=../.. PSSL_DIR=../polarssl-$(XEN_TARGET_ARCH)/library -PSSL_OBJS=aes.o sha1.o entropy.o ctr_drbg.o bignum.o sha4.o havege.o timing.o entropy_poll.o +PSSL_OBJS=aes.o sha1.o entropy.o ctr_drbg.o bignum.o sha4.o havege.o timing.o entropy_poll.o padlock.o TARGET=vtpmmgr.a OBJS=vtpmmgr.o vtpm_cmd_handler.o vtpm_storage.o init.o tpmrsa.o tpm.o log.o diff -r b5212ea37829 -r 0369fd99e952 stubdom/vtpmmgr/vtpm_storage.c --- a/stubdom/vtpmmgr/vtpm_storage.c Mon Jan 21 12:40:31 2013 +0000 +++ b/stubdom/vtpmmgr/vtpm_storage.c Mon Jan 21 16:04:56 2013 +0000 @@ -655,7 +655,7 @@ TPM_RESULT vtpm_storage_load_header(void /* Validate the length of the output buffer */ if(datalen < AES_KEY_SIZE + sizeof(UINT32)) { - vtpmlogerror(VTPM_LOG_VTPM, "Unbound AES key size (%d) was too small! expected (%ld)\n", datalen, AES_KEY_SIZE + sizeof(UINT32)); + vtpmlogerror(VTPM_LOG_VTPM, "Unbound AES key size (%d) was too small! expected (%zu)\n", datalen, AES_KEY_SIZE + sizeof(UINT32)); status = TPM_IOERROR; goto abort_egress; } _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:33:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:33:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvf-0001CO-Hp; Mon, 21 Jan 2013 22:33:23 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPve-00016M-Dc for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:22 +0000 Received: from [85.158.143.35:8481] by server-3.bemta-4.messagelabs.com id 6E/F3-10689-232CDF05; Mon, 21 Jan 2013 22:33:22 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-16.tower-21.messagelabs.com!1358807600!13767303!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 7231 invoked from network); 21 Jan 2013 22:33:21 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-16.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:33:21 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvc-0005gh-Bk for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:20 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPvc-0003lG-8G for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:20 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:19 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] vtpmmgr: fix build on 32-bit X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1358784296 0 # Node ID 0369fd99e9529bedcd72539575cd04a279765137 # Parent b5212ea378292bb6564c215c733d81433a5b5083 vtpmmgr: fix build on 32-bit Correct format string, fixing: vtpm_storage.c: In function 'vtpm_storage_load_header': vtpm_storage.c:658: error: format '%ld' expects type 'long int', but argument 5 has type 'unsigned int' vtpm_storage.c:658: error: format '%ld' expects type 'long int', but argument 5 has type 'unsigned int' make[2]: *** [vtpm_storage.o] Error 1 Add padlock.o to PSSL_OBJS, fixing: /local/scratch/ianc/devel/xen-unstable.git/stubdom/mini-os-x86_32-vtpmmgr/mini-os.o: In function `aes_crypt_ecb': /local/scratch/ianc/devel/xen-unstable.git/stubdom/polarssl-x86_32/library/aes.c:659: undefined reference to `padlock_supports' /local/scratch/ianc/devel/xen-unstable.git/stubdom/polarssl-x86_32/library/aes.c:661: undefined reference to `padlock_xcryptecb' /local/scratch/ianc/devel/xen-unstable.git/stubdom/mini-os-x86_32-vtpmmgr/mini-os.o: In function `aes_crypt_cbc': /local/scratch/ianc/devel/xen-unstable.git/stubdom/polarssl-x86_32/library/aes.c:771: undefined reference to `padlock_supports' /local/scratch/ianc/devel/xen-unstable.git/stubdom/polarssl-x86_32/library/aes.c:773: undefined reference to `padlock_xcryptcbc' make[1]: *** [/local/scratch/ianc/devel/xen-unstable.git/stubdom/mini-os-x86_32-vtpmmgr/mini-os] Error 1 Signed-off-by: Ian Campbell Acked by: Matthew Fioravante [ ijc -- applied same fix to stubdom/vtpm/Makefile ] Committed-by: Ian Campbell --- diff -r b5212ea37829 -r 0369fd99e952 stubdom/vtpm/Makefile --- a/stubdom/vtpm/Makefile Mon Jan 21 12:40:31 2013 +0000 +++ b/stubdom/vtpm/Makefile Mon Jan 21 16:04:56 2013 +0000 @@ -12,7 +12,7 @@ XEN_ROOT=../.. PSSL_DIR=../polarssl-$(XEN_TARGET_ARCH)/library -PSSL_OBJS=aes.o sha1.o entropy.o ctr_drbg.o sha4.o +PSSL_OBJS=aes.o sha1.o entropy.o ctr_drbg.o sha4.o padlock.o TARGET=vtpm.a OBJS=vtpm.o vtpm_cmd.o vtpmblk.o vtpm_pcrs.o diff -r b5212ea37829 -r 0369fd99e952 stubdom/vtpmmgr/Makefile --- a/stubdom/vtpmmgr/Makefile Mon Jan 21 12:40:31 2013 +0000 +++ b/stubdom/vtpmmgr/Makefile Mon Jan 21 16:04:56 2013 +0000 @@ -12,7 +12,7 @@ XEN_ROOT=../.. PSSL_DIR=../polarssl-$(XEN_TARGET_ARCH)/library -PSSL_OBJS=aes.o sha1.o entropy.o ctr_drbg.o bignum.o sha4.o havege.o timing.o entropy_poll.o +PSSL_OBJS=aes.o sha1.o entropy.o ctr_drbg.o bignum.o sha4.o havege.o timing.o entropy_poll.o padlock.o TARGET=vtpmmgr.a OBJS=vtpmmgr.o vtpm_cmd_handler.o vtpm_storage.o init.o tpmrsa.o tpm.o log.o diff -r b5212ea37829 -r 0369fd99e952 stubdom/vtpmmgr/vtpm_storage.c --- a/stubdom/vtpmmgr/vtpm_storage.c Mon Jan 21 12:40:31 2013 +0000 +++ b/stubdom/vtpmmgr/vtpm_storage.c Mon Jan 21 16:04:56 2013 +0000 @@ -655,7 +655,7 @@ TPM_RESULT vtpm_storage_load_header(void /* Validate the length of the output buffer */ if(datalen < AES_KEY_SIZE + sizeof(UINT32)) { - vtpmlogerror(VTPM_LOG_VTPM, "Unbound AES key size (%d) was too small! expected (%ld)\n", datalen, AES_KEY_SIZE + sizeof(UINT32)); + vtpmlogerror(VTPM_LOG_VTPM, "Unbound AES key size (%d) was too small! expected (%zu)\n", datalen, AES_KEY_SIZE + sizeof(UINT32)); status = TPM_IOERROR; goto abort_egress; } _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:33:25 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:33:25 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvf-0001CU-K8; Mon, 21 Jan 2013 22:33:23 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPve-00017Z-7p for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:22 +0000 Received: from [85.158.143.35:30413] by server-1.bemta-4.messagelabs.com id 35/47-05635-132CDF05; Mon, 21 Jan 2013 22:33:21 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-2.tower-21.messagelabs.com!1358807595!5261039!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 5424 invoked from network); 21 Jan 2013 22:33:17 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-2.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:33:17 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvX-0005gG-GK for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:15 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPvX-0003j5-F2 for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:15 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:14 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] stubdom: rerun autogen.sh X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1358518471 0 # Node ID f07742a1a3c6ac673d6189e27a19a48f6c3b385c # Parent 9e8c39bdc1fedd5dfc5aa7209cc5f77f813476c7 stubdom: rerun autogen.sh I forgot to do this while checking in 26424:e1d7053e4d45. Refresh now so as to not cause confusing looking changes next time it is run. Signed-off-by: Ian Campbell Committed-by: Ian Campbell --- diff -r 9e8c39bdc1fe -r f07742a1a3c6 stubdom/configure --- a/stubdom/configure Fri Jan 18 12:31:57 2013 +0100 +++ b/stubdom/configure Fri Jan 18 14:14:31 2013 +0000 @@ -1,11 +1,13 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for Xen Hypervisor Stub Domains 4.3. +# Generated by GNU Autoconf 2.67 for Xen Hypervisor Stub Domains 4.3. # # Report bugs to . # # -# Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. +# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001, +# 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free Software +# Foundation, Inc. # # # This configure script is free software; the Free Software Foundation @@ -89,7 +91,6 @@ fi IFS=" "" $as_nl" # Find who we are. Look in the path if we contain no directory separator. -as_myself= case $0 in #(( *[\\/]* ) as_myself=$0 ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -134,31 +135,6 @@ export LANGUAGE # CDPATH. (unset CDPATH) >/dev/null 2>&1 && unset CDPATH -# Use a proper internal environment variable to ensure we don't fall - # into an infinite loop, continuously re-executing ourselves. - if test x"${_as_can_reexec}" != xno && test "x$CONFIG_SHELL" != x; then - _as_can_reexec=no; export _as_can_reexec; - # We cannot yet assume a decent shell, so we have to provide a -# neutralization value for shells without unset; and this also -# works around shells that cannot unset nonexistent variables. -# Preserve -v and -x to the replacement shell. -BASH_ENV=/dev/null -ENV=/dev/null -(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV -case $- in # (((( - *v*x* | *x*v* ) as_opts=-vx ;; - *v* ) as_opts=-v ;; - *x* ) as_opts=-x ;; - * ) as_opts= ;; -esac -exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} -# Admittedly, this is quite paranoid, since all the known shells bail -# out after a failed `exec'. -$as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 -as_fn_exit 255 - fi - # We don't want this to propagate to other subprocesses. - { _as_can_reexec=; unset _as_can_reexec;} if test "x$CONFIG_SHELL" = x; then as_bourne_compatible="if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then : emulate sh @@ -192,8 +168,7 @@ if ( set x; as_fn_ret_success y && test else exitcode=1; echo positional parameters were not saved. fi -test x\$exitcode = x0 || exit 1 -test -x / || exit 1" +test x\$exitcode = x0 || exit 1" as_suggested=" as_lineno_1=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_1a=\$LINENO as_lineno_2=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_2a=\$LINENO eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" && @@ -237,25 +212,14 @@ IFS=$as_save_IFS if test "x$CONFIG_SHELL" != x; then : - export CONFIG_SHELL - # We cannot yet assume a decent shell, so we have to provide a -# neutralization value for shells without unset; and this also -# works around shells that cannot unset nonexistent variables. -# Preserve -v and -x to the replacement shell. -BASH_ENV=/dev/null -ENV=/dev/null -(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV -case $- in # (((( - *v*x* | *x*v* ) as_opts=-vx ;; - *v* ) as_opts=-v ;; - *x* ) as_opts=-x ;; - * ) as_opts= ;; -esac -exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} -# Admittedly, this is quite paranoid, since all the known shells bail -# out after a failed `exec'. -$as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 -exit 255 + # We cannot yet assume a decent shell, so we have to provide a + # neutralization value for shells without unset; and this also + # works around shells that cannot unset nonexistent variables. + BASH_ENV=/dev/null + ENV=/dev/null + (unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV + export CONFIG_SHELL + exec "$CONFIG_SHELL" "$as_myself" ${1+"$@"} fi if test x$as_have_required = xno; then : @@ -358,14 +322,6 @@ as_fn_mkdir_p () } # as_fn_mkdir_p - -# as_fn_executable_p FILE -# ----------------------- -# Test if FILE is an executable regular file. -as_fn_executable_p () -{ - test -f "$1" && test -x "$1" -} # as_fn_executable_p # as_fn_append VAR VALUE # ---------------------- # Append the text in VALUE to the end of the definition contained in VAR. Take @@ -487,10 +443,6 @@ as_cr_alnum=$as_cr_Letters$as_cr_digits chmod +x "$as_me.lineno" || { $as_echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; } - # If we had to re-execute with $CONFIG_SHELL, we're ensured to have - # already done that, so ensure we don't try to do so again and fall - # in an infinite loop. This has already happened in practice. - _as_can_reexec=no; export _as_can_reexec # Don't try to exec as it changes $[0], causing all sort of problems # (the dirname of $[0] is not the place where we might find the # original and so on. Autoconf is especially sensitive to this). @@ -525,16 +477,16 @@ if (echo >conf$$.file) 2>/dev/null; then # ... but there are two gotchas: # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. - # In both cases, we have to default to `cp -pR'. + # In both cases, we have to default to `cp -p'. ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || - as_ln_s='cp -pR' + as_ln_s='cp -p' elif ln conf$$.file conf$$ 2>/dev/null; then as_ln_s=ln else - as_ln_s='cp -pR' + as_ln_s='cp -p' fi else - as_ln_s='cp -pR' + as_ln_s='cp -p' fi rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file rmdir conf$$.dir 2>/dev/null @@ -546,8 +498,28 @@ else as_mkdir_p=false fi -as_test_x='test -x' -as_executable_p=as_fn_executable_p +if test -x / >/dev/null 2>&1; then + as_test_x='test -x' +else + if ls -dL / >/dev/null 2>&1; then + as_ls_L_option=L + else + as_ls_L_option= + fi + as_test_x=' + eval sh -c '\'' + if test -d "$1"; then + test -d "$1/."; + else + case $1 in #( + -*)set "./$1";; + esac; + case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in #(( + ???[sx]*):;;*)false;;esac;fi + '\'' sh + ' +fi +as_executable_p=$as_test_x # Sed expression to map a string onto a valid CPP name. as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" @@ -1105,7 +1077,7 @@ Try \`$0 --help' for more information" $as_echo "$as_me: WARNING: you should use --build, --host, --target" >&2 expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null && $as_echo "$as_me: WARNING: invalid host type: $ac_option" >&2 - : "${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option}" + : ${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option} ;; esac @@ -1156,6 +1128,8 @@ target=$target_alias if test "x$host_alias" != x; then if test "x$build_alias" = x; then cross_compiling=maybe + $as_echo "$as_me: WARNING: if you wanted to set the --build type, don't use --host. + If a cross compiler is detected then cross compile mode will be used" >&2 elif test "x$build_alias" != "x$host_alias"; then cross_compiling=yes fi @@ -1413,9 +1387,9 @@ test -n "$ac_init_help" && exit $ac_stat if $ac_init_version; then cat <<\_ACEOF Xen Hypervisor Stub Domains configure 4.3 -generated by GNU Autoconf 2.69 - -Copyright (C) 2012 Free Software Foundation, Inc. +generated by GNU Autoconf 2.67 + +Copyright (C) 2010 Free Software Foundation, Inc. This configure script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it. _ACEOF @@ -1459,7 +1433,7 @@ sed 's/^/| /' conftest.$ac_ext >&5 ac_retval=1 fi - eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno + eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;} as_fn_set_status $ac_retval } # ac_fn_c_try_compile @@ -1468,7 +1442,7 @@ This file contains any messages produced running configure, to aid debugging if configure makes a mistake. It was created by Xen Hypervisor Stub Domains $as_me 4.3, which was -generated by GNU Autoconf 2.69. Invocation command line was +generated by GNU Autoconf 2.67. Invocation command line was $ $0 $@ @@ -1726,7 +1700,7 @@ do || { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "failed to load site script $ac_site_file -See \`config.log' for more details" "$LINENO" 5; } +See \`config.log' for more details" "$LINENO" 5 ; } fi done @@ -2202,7 +2176,7 @@ if test -n "$ac_tool_prefix"; then set dummy ${ac_tool_prefix}gcc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_CC+:} false; then : +if test "${ac_cv_prog_CC+set}" = set; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then @@ -2214,7 +2188,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ac_cv_prog_CC="${ac_tool_prefix}gcc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -2242,7 +2216,7 @@ if test -z "$ac_cv_prog_CC"; then set dummy gcc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_CC+:} false; then : +if test "${ac_cv_prog_ac_ct_CC+set}" = set; then : $as_echo_n "(cached) " >&6 else if test -n "$ac_ct_CC"; then @@ -2254,7 +2228,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ac_cv_prog_ac_ct_CC="gcc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -2295,7 +2269,7 @@ if test -z "$CC"; then set dummy ${ac_tool_prefix}cc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_CC+:} false; then : +if test "${ac_cv_prog_CC+set}" = set; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then @@ -2307,7 +2281,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ac_cv_prog_CC="${ac_tool_prefix}cc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -2335,7 +2309,7 @@ if test -z "$CC"; then set dummy cc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_CC+:} false; then : +if test "${ac_cv_prog_CC+set}" = set; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then @@ -2348,7 +2322,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then ac_prog_rejected=yes continue @@ -2394,7 +2368,7 @@ if test -z "$CC"; then set dummy $ac_tool_prefix$ac_prog; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_CC+:} false; then : +if test "${ac_cv_prog_CC+set}" = set; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then @@ -2406,7 +2380,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ac_cv_prog_CC="$ac_tool_prefix$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -2438,7 +2412,7 @@ do set dummy $ac_prog; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_CC+:} false; then : +if test "${ac_cv_prog_ac_ct_CC+set}" = set; then : $as_echo_n "(cached) " >&6 else if test -n "$ac_ct_CC"; then @@ -2450,7 +2424,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ac_cv_prog_ac_ct_CC="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -2493,7 +2467,7 @@ fi test -z "$CC" && { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "no acceptable C compiler found in \$PATH -See \`config.log' for more details" "$LINENO" 5; } +See \`config.log' for more details" "$LINENO" 5 ; } # Provide some information about the compiler. $as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5 @@ -2608,7 +2582,7 @@ sed 's/^/| /' conftest.$ac_ext >&5 { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error 77 "C compiler cannot create executables -See \`config.log' for more details" "$LINENO" 5; } +See \`config.log' for more details" "$LINENO" 5 ; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } @@ -2651,7 +2625,7 @@ else { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "cannot compute suffix of executables: cannot compile and link -See \`config.log' for more details" "$LINENO" 5; } +See \`config.log' for more details" "$LINENO" 5 ; } fi rm -f conftest conftest$ac_cv_exeext { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_exeext" >&5 @@ -2710,7 +2684,7 @@ eval ac_try_echo="\"\$as_me:${as_lineno- $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "cannot run C compiled programs. If you meant to cross compile, use \`--host'. -See \`config.log' for more details" "$LINENO" 5; } +See \`config.log' for more details" "$LINENO" 5 ; } fi fi fi @@ -2721,7 +2695,7 @@ rm -f conftest.$ac_ext conftest$ac_cv_ex ac_clean_files=$ac_clean_files_save { $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of object files" >&5 $as_echo_n "checking for suffix of object files... " >&6; } -if ${ac_cv_objext+:} false; then : +if test "${ac_cv_objext+set}" = set; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -2762,7 +2736,7 @@ sed 's/^/| /' conftest.$ac_ext >&5 { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "cannot compute suffix of object files: cannot compile -See \`config.log' for more details" "$LINENO" 5; } +See \`config.log' for more details" "$LINENO" 5 ; } fi rm -f conftest.$ac_cv_objext conftest.$ac_ext fi @@ -2772,7 +2746,7 @@ OBJEXT=$ac_cv_objext ac_objext=$OBJEXT { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C compiler" >&5 $as_echo_n "checking whether we are using the GNU C compiler... " >&6; } -if ${ac_cv_c_compiler_gnu+:} false; then : +if test "${ac_cv_c_compiler_gnu+set}" = set; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -2809,7 +2783,7 @@ ac_test_CFLAGS=${CFLAGS+set} ac_save_CFLAGS=$CFLAGS { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts -g" >&5 $as_echo_n "checking whether $CC accepts -g... " >&6; } -if ${ac_cv_prog_cc_g+:} false; then : +if test "${ac_cv_prog_cc_g+set}" = set; then : $as_echo_n "(cached) " >&6 else ac_save_c_werror_flag=$ac_c_werror_flag @@ -2887,7 +2861,7 @@ else fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C89" >&5 $as_echo_n "checking for $CC option to accept ISO C89... " >&6; } -if ${ac_cv_prog_cc_c89+:} false; then : +if test "${ac_cv_prog_cc_c89+set}" = set; then : $as_echo_n "(cached) " >&6 else ac_cv_prog_cc_c89=no @@ -2896,7 +2870,8 @@ cat confdefs.h - <<_ACEOF >conftest.$ac_ /* end confdefs.h. */ #include #include -struct stat; +#include +#include /* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */ struct buf { int x; }; FILE * (*rcsopen) (struct buf *, struct stat *, int); @@ -2985,7 +2960,7 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu $as_echo_n "checking whether ${MAKE-make} sets \$(MAKE)... " >&6; } set x ${MAKE-make} ac_make=`$as_echo "$2" | sed 's/+/p/g; s/[^a-zA-Z0-9_]/_/g'` -if eval \${ac_cv_prog_make_${ac_make}_set+:} false; then : +if eval "test \"\${ac_cv_prog_make_${ac_make}_set+set}\"" = set; then : $as_echo_n "(cached) " >&6 else cat >conftest.make <<\_ACEOF @@ -3029,7 +3004,7 @@ fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for a BSD-compatible install" >&5 $as_echo_n "checking for a BSD-compatible install... " >&6; } if test -z "$INSTALL"; then -if ${ac_cv_path_install+:} false; then : +if test "${ac_cv_path_install+set}" = set; then : $as_echo_n "(cached) " >&6 else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -3049,7 +3024,7 @@ case $as_dir/ in #(( # by default. for ac_prog in ginstall scoinst install; do for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_prog$ac_exec_ext"; then + if { test -f "$as_dir/$ac_prog$ac_exec_ext" && $as_test_x "$as_dir/$ac_prog$ac_exec_ext"; }; then if test $ac_prog = install && grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then # AIX install. It has an incompatible calling convention. @@ -3109,7 +3084,7 @@ test -z "$INSTALL_DATA" && INSTALL_DATA= set dummy wget; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_path_WGET+:} false; then : +if test "${ac_cv_path_WGET+set}" = set; then : $as_echo_n "(cached) " >&6 else case $WGET in @@ -3123,7 +3098,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ac_cv_path_WGET="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -3158,7 +3133,7 @@ if test "x$vtpm" = "xy"; then : set dummy cmake; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_path_CMAKE+:} false; then : +if test "${ac_cv_path_CMAKE+set}" = set; then : $as_echo_n "(cached) " >&6 else case $CMAKE in @@ -3172,7 +3147,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ac_cv_path_CMAKE="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -3211,7 +3186,7 @@ else set dummy cmake; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_path_CMAKE+:} false; then : +if test "${ac_cv_path_CMAKE+set}" = set; then : $as_echo_n "(cached) " >&6 else case $CMAKE in @@ -3225,7 +3200,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ac_cv_path_CMAKE="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -3516,21 +3491,10 @@ _ACEOF :end' >>confcache if diff "$cache_file" confcache >/dev/null 2>&1; then :; else if test -w "$cache_file"; then - if test "x$cache_file" != "x/dev/null"; then + test "x$cache_file" != "x/dev/null" && { $as_echo "$as_me:${as_lineno-$LINENO}: updating cache $cache_file" >&5 $as_echo "$as_me: updating cache $cache_file" >&6;} - if test ! -f "$cache_file" || test -h "$cache_file"; then - cat confcache >"$cache_file" - else - case $cache_file in #( - */* | ?:*) - mv -f confcache "$cache_file"$$ && - mv -f "$cache_file"$$ "$cache_file" ;; #( - *) - mv -f confcache "$cache_file" ;; - esac - fi - fi + cat confcache >$cache_file else { $as_echo "$as_me:${as_lineno-$LINENO}: not updating unwritable cache $cache_file" >&5 $as_echo "$as_me: not updating unwritable cache $cache_file" >&6;} @@ -3598,7 +3562,7 @@ LTLIBOBJS=$ac_ltlibobjs -: "${CONFIG_STATUS=./config.status}" +: ${CONFIG_STATUS=./config.status} ac_write_fail=0 ac_clean_files_save=$ac_clean_files ac_clean_files="$ac_clean_files $CONFIG_STATUS" @@ -3699,7 +3663,6 @@ fi IFS=" "" $as_nl" # Find who we are. Look in the path if we contain no directory separator. -as_myself= case $0 in #(( *[\\/]* ) as_myself=$0 ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -3895,16 +3858,16 @@ if (echo >conf$$.file) 2>/dev/null; then # ... but there are two gotchas: # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. - # In both cases, we have to default to `cp -pR'. + # In both cases, we have to default to `cp -p'. ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || - as_ln_s='cp -pR' + as_ln_s='cp -p' elif ln conf$$.file conf$$ 2>/dev/null; then as_ln_s=ln else - as_ln_s='cp -pR' + as_ln_s='cp -p' fi else - as_ln_s='cp -pR' + as_ln_s='cp -p' fi rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file rmdir conf$$.dir 2>/dev/null @@ -3964,16 +3927,28 @@ else as_mkdir_p=false fi - -# as_fn_executable_p FILE -# ----------------------- -# Test if FILE is an executable regular file. -as_fn_executable_p () -{ - test -f "$1" && test -x "$1" -} # as_fn_executable_p -as_test_x='test -x' -as_executable_p=as_fn_executable_p +if test -x / >/dev/null 2>&1; then + as_test_x='test -x' +else + if ls -dL / >/dev/null 2>&1; then + as_ls_L_option=L + else + as_ls_L_option= + fi + as_test_x=' + eval sh -c '\'' + if test -d "$1"; then + test -d "$1/."; + else + case $1 in #( + -*)set "./$1";; + esac; + case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in #(( + ???[sx]*):;;*)false;;esac;fi + '\'' sh + ' +fi +as_executable_p=$as_test_x # Sed expression to map a string onto a valid CPP name. as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" @@ -3995,7 +3970,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_wri # values after options handling. ac_log=" This file was extended by Xen Hypervisor Stub Domains $as_me 4.3, which was -generated by GNU Autoconf 2.69. Invocation command line was +generated by GNU Autoconf 2.67. Invocation command line was CONFIG_FILES = $CONFIG_FILES CONFIG_HEADERS = $CONFIG_HEADERS @@ -4049,10 +4024,10 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_writ ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ Xen Hypervisor Stub Domains config.status 4.3 -configured by $0, generated by GNU Autoconf 2.69, +configured by $0, generated by GNU Autoconf 2.67, with options \\"\$ac_cs_config\\" -Copyright (C) 2012 Free Software Foundation, Inc. +Copyright (C) 2010 Free Software Foundation, Inc. This config.status script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it." @@ -4130,7 +4105,7 @@ fi _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 if \$ac_cs_recheck; then - set X $SHELL '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion + set X '$SHELL' '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion shift \$as_echo "running CONFIG_SHELL=$SHELL \$*" >&6 CONFIG_SHELL='$SHELL' @@ -4161,7 +4136,7 @@ do case $ac_config_target in "../config/Stubdom.mk") CONFIG_FILES="$CONFIG_FILES ../config/Stubdom.mk" ;; - *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;; + *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5 ;; esac done @@ -4182,10 +4157,9 @@ fi # after its creation but before its name has been assigned to `$tmp'. $debug || { - tmp= ac_tmp= + tmp= trap 'exit_status=$? - : "${ac_tmp:=$tmp}" - { test ! -d "$ac_tmp" || rm -fr "$ac_tmp"; } && exit $exit_status + { test -z "$tmp" || test ! -d "$tmp" || rm -fr "$tmp"; } && exit $exit_status ' 0 trap 'as_fn_exit 1' 1 2 13 15 } @@ -4193,13 +4167,12 @@ fi { tmp=`(umask 077 && mktemp -d "./confXXXXXX") 2>/dev/null` && - test -d "$tmp" + test -n "$tmp" && test -d "$tmp" } || { tmp=./conf$$-$RANDOM (umask 077 && mkdir "$tmp") } || as_fn_error $? "cannot create a temporary directory in ." "$LINENO" 5 -ac_tmp=$tmp # Set up the scripts for CONFIG_FILES section. # No need to generate them if there are no CONFIG_FILES. @@ -4221,7 +4194,7 @@ else ac_cs_awk_cr=$ac_cr fi -echo 'BEGIN {' >"$ac_tmp/subs1.awk" && +echo 'BEGIN {' >"$tmp/subs1.awk" && _ACEOF @@ -4249,7 +4222,7 @@ done rm -f conf$$subs.sh cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 -cat >>"\$ac_tmp/subs1.awk" <<\\_ACAWK && +cat >>"\$tmp/subs1.awk" <<\\_ACAWK && _ACEOF sed -n ' h @@ -4297,7 +4270,7 @@ t delim rm -f conf$$subs.awk cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 _ACAWK -cat >>"\$ac_tmp/subs1.awk" <<_ACAWK && +cat >>"\$tmp/subs1.awk" <<_ACAWK && for (key in S) S_is_set[key] = 1 FS = "" @@ -4329,7 +4302,7 @@ if sed "s/$ac_cr//" < /dev/null > /dev/n sed "s/$ac_cr\$//; s/$ac_cr/$ac_cs_awk_cr/g" else cat -fi < "$ac_tmp/subs1.awk" > "$ac_tmp/subs.awk" \ +fi < "$tmp/subs1.awk" > "$tmp/subs.awk" \ || as_fn_error $? "could not setup config files machinery" "$LINENO" 5 _ACEOF @@ -4369,7 +4342,7 @@ do esac case $ac_mode$ac_tag in :[FHL]*:*);; - :L* | :C*:*) as_fn_error $? "invalid tag \`$ac_tag'" "$LINENO" 5;; + :L* | :C*:*) as_fn_error $? "invalid tag \`$ac_tag'" "$LINENO" 5 ;; :[FH]-) ac_tag=-:-;; :[FH]*) ac_tag=$ac_tag:$ac_tag.in;; esac @@ -4388,7 +4361,7 @@ do for ac_f do case $ac_f in - -) ac_f="$ac_tmp/stdin";; + -) ac_f="$tmp/stdin";; *) # Look for the file first in the build tree, then in the source tree # (if the path is not absolute). The absolute path cannot be DOS-style, # because $ac_f cannot contain `:'. @@ -4397,7 +4370,7 @@ do [\\/$]*) false;; *) test -f "$srcdir/$ac_f" && ac_f="$srcdir/$ac_f";; esac || - as_fn_error 1 "cannot find input file: \`$ac_f'" "$LINENO" 5;; + as_fn_error 1 "cannot find input file: \`$ac_f'" "$LINENO" 5 ;; esac case $ac_f in *\'*) ac_f=`$as_echo "$ac_f" | sed "s/'/'\\\\\\\\''/g"`;; esac as_fn_append ac_file_inputs " '$ac_f'" @@ -4423,8 +4396,8 @@ do esac case $ac_tag in - *:-:* | *:-) cat >"$ac_tmp/stdin" \ - || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;; + *:-:* | *:-) cat >"$tmp/stdin" \ + || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;; esac ;; esac @@ -4554,22 +4527,21 @@ s&@abs_top_builddir@&$ac_abs_top_builddi s&@INSTALL@&$ac_INSTALL&;t t $ac_datarootdir_hack " -eval sed \"\$ac_sed_extra\" "$ac_file_inputs" | $AWK -f "$ac_tmp/subs.awk" \ - >$ac_tmp/out || as_fn_error $? "could not create $ac_file" "$LINENO" 5 +eval sed \"\$ac_sed_extra\" "$ac_file_inputs" | $AWK -f "$tmp/subs.awk" >$tmp/out \ + || as_fn_error $? "could not create $ac_file" "$LINENO" 5 test -z "$ac_datarootdir_hack$ac_datarootdir_seen" && - { ac_out=`sed -n '/\${datarootdir}/p' "$ac_tmp/out"`; test -n "$ac_out"; } && - { ac_out=`sed -n '/^[ ]*datarootdir[ ]*:*=/p' \ - "$ac_tmp/out"`; test -z "$ac_out"; } && + { ac_out=`sed -n '/\${datarootdir}/p' "$tmp/out"`; test -n "$ac_out"; } && + { ac_out=`sed -n '/^[ ]*datarootdir[ ]*:*=/p' "$tmp/out"`; test -z "$ac_out"; } && { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file contains a reference to the variable \`datarootdir' which seems to be undefined. Please make sure it is defined" >&5 $as_echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir' which seems to be undefined. Please make sure it is defined" >&2;} - rm -f "$ac_tmp/stdin" + rm -f "$tmp/stdin" case $ac_file in - -) cat "$ac_tmp/out" && rm -f "$ac_tmp/out";; - *) rm -f "$ac_file" && mv "$ac_tmp/out" "$ac_file";; + -) cat "$tmp/out" && rm -f "$tmp/out";; + *) rm -f "$ac_file" && mv "$tmp/out" "$ac_file";; esac \ || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:33:25 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:33:25 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvf-0001CU-K8; Mon, 21 Jan 2013 22:33:23 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPve-00017Z-7p for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:22 +0000 Received: from [85.158.143.35:30413] by server-1.bemta-4.messagelabs.com id 35/47-05635-132CDF05; Mon, 21 Jan 2013 22:33:21 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-2.tower-21.messagelabs.com!1358807595!5261039!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 5424 invoked from network); 21 Jan 2013 22:33:17 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-2.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:33:17 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvX-0005gG-GK for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:15 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPvX-0003j5-F2 for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:15 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:14 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] stubdom: rerun autogen.sh X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1358518471 0 # Node ID f07742a1a3c6ac673d6189e27a19a48f6c3b385c # Parent 9e8c39bdc1fedd5dfc5aa7209cc5f77f813476c7 stubdom: rerun autogen.sh I forgot to do this while checking in 26424:e1d7053e4d45. Refresh now so as to not cause confusing looking changes next time it is run. Signed-off-by: Ian Campbell Committed-by: Ian Campbell --- diff -r 9e8c39bdc1fe -r f07742a1a3c6 stubdom/configure --- a/stubdom/configure Fri Jan 18 12:31:57 2013 +0100 +++ b/stubdom/configure Fri Jan 18 14:14:31 2013 +0000 @@ -1,11 +1,13 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for Xen Hypervisor Stub Domains 4.3. +# Generated by GNU Autoconf 2.67 for Xen Hypervisor Stub Domains 4.3. # # Report bugs to . # # -# Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. +# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001, +# 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free Software +# Foundation, Inc. # # # This configure script is free software; the Free Software Foundation @@ -89,7 +91,6 @@ fi IFS=" "" $as_nl" # Find who we are. Look in the path if we contain no directory separator. -as_myself= case $0 in #(( *[\\/]* ) as_myself=$0 ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -134,31 +135,6 @@ export LANGUAGE # CDPATH. (unset CDPATH) >/dev/null 2>&1 && unset CDPATH -# Use a proper internal environment variable to ensure we don't fall - # into an infinite loop, continuously re-executing ourselves. - if test x"${_as_can_reexec}" != xno && test "x$CONFIG_SHELL" != x; then - _as_can_reexec=no; export _as_can_reexec; - # We cannot yet assume a decent shell, so we have to provide a -# neutralization value for shells without unset; and this also -# works around shells that cannot unset nonexistent variables. -# Preserve -v and -x to the replacement shell. -BASH_ENV=/dev/null -ENV=/dev/null -(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV -case $- in # (((( - *v*x* | *x*v* ) as_opts=-vx ;; - *v* ) as_opts=-v ;; - *x* ) as_opts=-x ;; - * ) as_opts= ;; -esac -exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} -# Admittedly, this is quite paranoid, since all the known shells bail -# out after a failed `exec'. -$as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 -as_fn_exit 255 - fi - # We don't want this to propagate to other subprocesses. - { _as_can_reexec=; unset _as_can_reexec;} if test "x$CONFIG_SHELL" = x; then as_bourne_compatible="if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then : emulate sh @@ -192,8 +168,7 @@ if ( set x; as_fn_ret_success y && test else exitcode=1; echo positional parameters were not saved. fi -test x\$exitcode = x0 || exit 1 -test -x / || exit 1" +test x\$exitcode = x0 || exit 1" as_suggested=" as_lineno_1=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_1a=\$LINENO as_lineno_2=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_2a=\$LINENO eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" && @@ -237,25 +212,14 @@ IFS=$as_save_IFS if test "x$CONFIG_SHELL" != x; then : - export CONFIG_SHELL - # We cannot yet assume a decent shell, so we have to provide a -# neutralization value for shells without unset; and this also -# works around shells that cannot unset nonexistent variables. -# Preserve -v and -x to the replacement shell. -BASH_ENV=/dev/null -ENV=/dev/null -(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV -case $- in # (((( - *v*x* | *x*v* ) as_opts=-vx ;; - *v* ) as_opts=-v ;; - *x* ) as_opts=-x ;; - * ) as_opts= ;; -esac -exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} -# Admittedly, this is quite paranoid, since all the known shells bail -# out after a failed `exec'. -$as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 -exit 255 + # We cannot yet assume a decent shell, so we have to provide a + # neutralization value for shells without unset; and this also + # works around shells that cannot unset nonexistent variables. + BASH_ENV=/dev/null + ENV=/dev/null + (unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV + export CONFIG_SHELL + exec "$CONFIG_SHELL" "$as_myself" ${1+"$@"} fi if test x$as_have_required = xno; then : @@ -358,14 +322,6 @@ as_fn_mkdir_p () } # as_fn_mkdir_p - -# as_fn_executable_p FILE -# ----------------------- -# Test if FILE is an executable regular file. -as_fn_executable_p () -{ - test -f "$1" && test -x "$1" -} # as_fn_executable_p # as_fn_append VAR VALUE # ---------------------- # Append the text in VALUE to the end of the definition contained in VAR. Take @@ -487,10 +443,6 @@ as_cr_alnum=$as_cr_Letters$as_cr_digits chmod +x "$as_me.lineno" || { $as_echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; } - # If we had to re-execute with $CONFIG_SHELL, we're ensured to have - # already done that, so ensure we don't try to do so again and fall - # in an infinite loop. This has already happened in practice. - _as_can_reexec=no; export _as_can_reexec # Don't try to exec as it changes $[0], causing all sort of problems # (the dirname of $[0] is not the place where we might find the # original and so on. Autoconf is especially sensitive to this). @@ -525,16 +477,16 @@ if (echo >conf$$.file) 2>/dev/null; then # ... but there are two gotchas: # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. - # In both cases, we have to default to `cp -pR'. + # In both cases, we have to default to `cp -p'. ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || - as_ln_s='cp -pR' + as_ln_s='cp -p' elif ln conf$$.file conf$$ 2>/dev/null; then as_ln_s=ln else - as_ln_s='cp -pR' + as_ln_s='cp -p' fi else - as_ln_s='cp -pR' + as_ln_s='cp -p' fi rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file rmdir conf$$.dir 2>/dev/null @@ -546,8 +498,28 @@ else as_mkdir_p=false fi -as_test_x='test -x' -as_executable_p=as_fn_executable_p +if test -x / >/dev/null 2>&1; then + as_test_x='test -x' +else + if ls -dL / >/dev/null 2>&1; then + as_ls_L_option=L + else + as_ls_L_option= + fi + as_test_x=' + eval sh -c '\'' + if test -d "$1"; then + test -d "$1/."; + else + case $1 in #( + -*)set "./$1";; + esac; + case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in #(( + ???[sx]*):;;*)false;;esac;fi + '\'' sh + ' +fi +as_executable_p=$as_test_x # Sed expression to map a string onto a valid CPP name. as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" @@ -1105,7 +1077,7 @@ Try \`$0 --help' for more information" $as_echo "$as_me: WARNING: you should use --build, --host, --target" >&2 expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null && $as_echo "$as_me: WARNING: invalid host type: $ac_option" >&2 - : "${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option}" + : ${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option} ;; esac @@ -1156,6 +1128,8 @@ target=$target_alias if test "x$host_alias" != x; then if test "x$build_alias" = x; then cross_compiling=maybe + $as_echo "$as_me: WARNING: if you wanted to set the --build type, don't use --host. + If a cross compiler is detected then cross compile mode will be used" >&2 elif test "x$build_alias" != "x$host_alias"; then cross_compiling=yes fi @@ -1413,9 +1387,9 @@ test -n "$ac_init_help" && exit $ac_stat if $ac_init_version; then cat <<\_ACEOF Xen Hypervisor Stub Domains configure 4.3 -generated by GNU Autoconf 2.69 - -Copyright (C) 2012 Free Software Foundation, Inc. +generated by GNU Autoconf 2.67 + +Copyright (C) 2010 Free Software Foundation, Inc. This configure script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it. _ACEOF @@ -1459,7 +1433,7 @@ sed 's/^/| /' conftest.$ac_ext >&5 ac_retval=1 fi - eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno + eval $as_lineno_stack; test "x$as_lineno_stack" = x && { as_lineno=; unset as_lineno;} as_fn_set_status $ac_retval } # ac_fn_c_try_compile @@ -1468,7 +1442,7 @@ This file contains any messages produced running configure, to aid debugging if configure makes a mistake. It was created by Xen Hypervisor Stub Domains $as_me 4.3, which was -generated by GNU Autoconf 2.69. Invocation command line was +generated by GNU Autoconf 2.67. Invocation command line was $ $0 $@ @@ -1726,7 +1700,7 @@ do || { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "failed to load site script $ac_site_file -See \`config.log' for more details" "$LINENO" 5; } +See \`config.log' for more details" "$LINENO" 5 ; } fi done @@ -2202,7 +2176,7 @@ if test -n "$ac_tool_prefix"; then set dummy ${ac_tool_prefix}gcc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_CC+:} false; then : +if test "${ac_cv_prog_CC+set}" = set; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then @@ -2214,7 +2188,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ac_cv_prog_CC="${ac_tool_prefix}gcc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -2242,7 +2216,7 @@ if test -z "$ac_cv_prog_CC"; then set dummy gcc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_CC+:} false; then : +if test "${ac_cv_prog_ac_ct_CC+set}" = set; then : $as_echo_n "(cached) " >&6 else if test -n "$ac_ct_CC"; then @@ -2254,7 +2228,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ac_cv_prog_ac_ct_CC="gcc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -2295,7 +2269,7 @@ if test -z "$CC"; then set dummy ${ac_tool_prefix}cc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_CC+:} false; then : +if test "${ac_cv_prog_CC+set}" = set; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then @@ -2307,7 +2281,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ac_cv_prog_CC="${ac_tool_prefix}cc" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -2335,7 +2309,7 @@ if test -z "$CC"; then set dummy cc; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_CC+:} false; then : +if test "${ac_cv_prog_CC+set}" = set; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then @@ -2348,7 +2322,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then ac_prog_rejected=yes continue @@ -2394,7 +2368,7 @@ if test -z "$CC"; then set dummy $ac_tool_prefix$ac_prog; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_CC+:} false; then : +if test "${ac_cv_prog_CC+set}" = set; then : $as_echo_n "(cached) " >&6 else if test -n "$CC"; then @@ -2406,7 +2380,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ac_cv_prog_CC="$ac_tool_prefix$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -2438,7 +2412,7 @@ do set dummy $ac_prog; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_prog_ac_ct_CC+:} false; then : +if test "${ac_cv_prog_ac_ct_CC+set}" = set; then : $as_echo_n "(cached) " >&6 else if test -n "$ac_ct_CC"; then @@ -2450,7 +2424,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ac_cv_prog_ac_ct_CC="$ac_prog" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -2493,7 +2467,7 @@ fi test -z "$CC" && { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "no acceptable C compiler found in \$PATH -See \`config.log' for more details" "$LINENO" 5; } +See \`config.log' for more details" "$LINENO" 5 ; } # Provide some information about the compiler. $as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5 @@ -2608,7 +2582,7 @@ sed 's/^/| /' conftest.$ac_ext >&5 { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error 77 "C compiler cannot create executables -See \`config.log' for more details" "$LINENO" 5; } +See \`config.log' for more details" "$LINENO" 5 ; } else { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 $as_echo "yes" >&6; } @@ -2651,7 +2625,7 @@ else { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "cannot compute suffix of executables: cannot compile and link -See \`config.log' for more details" "$LINENO" 5; } +See \`config.log' for more details" "$LINENO" 5 ; } fi rm -f conftest conftest$ac_cv_exeext { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_exeext" >&5 @@ -2710,7 +2684,7 @@ eval ac_try_echo="\"\$as_me:${as_lineno- $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "cannot run C compiled programs. If you meant to cross compile, use \`--host'. -See \`config.log' for more details" "$LINENO" 5; } +See \`config.log' for more details" "$LINENO" 5 ; } fi fi fi @@ -2721,7 +2695,7 @@ rm -f conftest.$ac_ext conftest$ac_cv_ex ac_clean_files=$ac_clean_files_save { $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of object files" >&5 $as_echo_n "checking for suffix of object files... " >&6; } -if ${ac_cv_objext+:} false; then : +if test "${ac_cv_objext+set}" = set; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -2762,7 +2736,7 @@ sed 's/^/| /' conftest.$ac_ext >&5 { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} as_fn_error $? "cannot compute suffix of object files: cannot compile -See \`config.log' for more details" "$LINENO" 5; } +See \`config.log' for more details" "$LINENO" 5 ; } fi rm -f conftest.$ac_cv_objext conftest.$ac_ext fi @@ -2772,7 +2746,7 @@ OBJEXT=$ac_cv_objext ac_objext=$OBJEXT { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C compiler" >&5 $as_echo_n "checking whether we are using the GNU C compiler... " >&6; } -if ${ac_cv_c_compiler_gnu+:} false; then : +if test "${ac_cv_c_compiler_gnu+set}" = set; then : $as_echo_n "(cached) " >&6 else cat confdefs.h - <<_ACEOF >conftest.$ac_ext @@ -2809,7 +2783,7 @@ ac_test_CFLAGS=${CFLAGS+set} ac_save_CFLAGS=$CFLAGS { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts -g" >&5 $as_echo_n "checking whether $CC accepts -g... " >&6; } -if ${ac_cv_prog_cc_g+:} false; then : +if test "${ac_cv_prog_cc_g+set}" = set; then : $as_echo_n "(cached) " >&6 else ac_save_c_werror_flag=$ac_c_werror_flag @@ -2887,7 +2861,7 @@ else fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C89" >&5 $as_echo_n "checking for $CC option to accept ISO C89... " >&6; } -if ${ac_cv_prog_cc_c89+:} false; then : +if test "${ac_cv_prog_cc_c89+set}" = set; then : $as_echo_n "(cached) " >&6 else ac_cv_prog_cc_c89=no @@ -2896,7 +2870,8 @@ cat confdefs.h - <<_ACEOF >conftest.$ac_ /* end confdefs.h. */ #include #include -struct stat; +#include +#include /* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */ struct buf { int x; }; FILE * (*rcsopen) (struct buf *, struct stat *, int); @@ -2985,7 +2960,7 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu $as_echo_n "checking whether ${MAKE-make} sets \$(MAKE)... " >&6; } set x ${MAKE-make} ac_make=`$as_echo "$2" | sed 's/+/p/g; s/[^a-zA-Z0-9_]/_/g'` -if eval \${ac_cv_prog_make_${ac_make}_set+:} false; then : +if eval "test \"\${ac_cv_prog_make_${ac_make}_set+set}\"" = set; then : $as_echo_n "(cached) " >&6 else cat >conftest.make <<\_ACEOF @@ -3029,7 +3004,7 @@ fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for a BSD-compatible install" >&5 $as_echo_n "checking for a BSD-compatible install... " >&6; } if test -z "$INSTALL"; then -if ${ac_cv_path_install+:} false; then : +if test "${ac_cv_path_install+set}" = set; then : $as_echo_n "(cached) " >&6 else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -3049,7 +3024,7 @@ case $as_dir/ in #(( # by default. for ac_prog in ginstall scoinst install; do for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_prog$ac_exec_ext"; then + if { test -f "$as_dir/$ac_prog$ac_exec_ext" && $as_test_x "$as_dir/$ac_prog$ac_exec_ext"; }; then if test $ac_prog = install && grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then # AIX install. It has an incompatible calling convention. @@ -3109,7 +3084,7 @@ test -z "$INSTALL_DATA" && INSTALL_DATA= set dummy wget; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_path_WGET+:} false; then : +if test "${ac_cv_path_WGET+set}" = set; then : $as_echo_n "(cached) " >&6 else case $WGET in @@ -3123,7 +3098,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ac_cv_path_WGET="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -3158,7 +3133,7 @@ if test "x$vtpm" = "xy"; then : set dummy cmake; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_path_CMAKE+:} false; then : +if test "${ac_cv_path_CMAKE+set}" = set; then : $as_echo_n "(cached) " >&6 else case $CMAKE in @@ -3172,7 +3147,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ac_cv_path_CMAKE="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -3211,7 +3186,7 @@ else set dummy cmake; ac_word=$2 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 $as_echo_n "checking for $ac_word... " >&6; } -if ${ac_cv_path_CMAKE+:} false; then : +if test "${ac_cv_path_CMAKE+set}" = set; then : $as_echo_n "(cached) " >&6 else case $CMAKE in @@ -3225,7 +3200,7 @@ do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then ac_cv_path_CMAKE="$as_dir/$ac_word$ac_exec_ext" $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 @@ -3516,21 +3491,10 @@ _ACEOF :end' >>confcache if diff "$cache_file" confcache >/dev/null 2>&1; then :; else if test -w "$cache_file"; then - if test "x$cache_file" != "x/dev/null"; then + test "x$cache_file" != "x/dev/null" && { $as_echo "$as_me:${as_lineno-$LINENO}: updating cache $cache_file" >&5 $as_echo "$as_me: updating cache $cache_file" >&6;} - if test ! -f "$cache_file" || test -h "$cache_file"; then - cat confcache >"$cache_file" - else - case $cache_file in #( - */* | ?:*) - mv -f confcache "$cache_file"$$ && - mv -f "$cache_file"$$ "$cache_file" ;; #( - *) - mv -f confcache "$cache_file" ;; - esac - fi - fi + cat confcache >$cache_file else { $as_echo "$as_me:${as_lineno-$LINENO}: not updating unwritable cache $cache_file" >&5 $as_echo "$as_me: not updating unwritable cache $cache_file" >&6;} @@ -3598,7 +3562,7 @@ LTLIBOBJS=$ac_ltlibobjs -: "${CONFIG_STATUS=./config.status}" +: ${CONFIG_STATUS=./config.status} ac_write_fail=0 ac_clean_files_save=$ac_clean_files ac_clean_files="$ac_clean_files $CONFIG_STATUS" @@ -3699,7 +3663,6 @@ fi IFS=" "" $as_nl" # Find who we are. Look in the path if we contain no directory separator. -as_myself= case $0 in #(( *[\\/]* ) as_myself=$0 ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR @@ -3895,16 +3858,16 @@ if (echo >conf$$.file) 2>/dev/null; then # ... but there are two gotchas: # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. - # In both cases, we have to default to `cp -pR'. + # In both cases, we have to default to `cp -p'. ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || - as_ln_s='cp -pR' + as_ln_s='cp -p' elif ln conf$$.file conf$$ 2>/dev/null; then as_ln_s=ln else - as_ln_s='cp -pR' + as_ln_s='cp -p' fi else - as_ln_s='cp -pR' + as_ln_s='cp -p' fi rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file rmdir conf$$.dir 2>/dev/null @@ -3964,16 +3927,28 @@ else as_mkdir_p=false fi - -# as_fn_executable_p FILE -# ----------------------- -# Test if FILE is an executable regular file. -as_fn_executable_p () -{ - test -f "$1" && test -x "$1" -} # as_fn_executable_p -as_test_x='test -x' -as_executable_p=as_fn_executable_p +if test -x / >/dev/null 2>&1; then + as_test_x='test -x' +else + if ls -dL / >/dev/null 2>&1; then + as_ls_L_option=L + else + as_ls_L_option= + fi + as_test_x=' + eval sh -c '\'' + if test -d "$1"; then + test -d "$1/."; + else + case $1 in #( + -*)set "./$1";; + esac; + case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in #(( + ???[sx]*):;;*)false;;esac;fi + '\'' sh + ' +fi +as_executable_p=$as_test_x # Sed expression to map a string onto a valid CPP name. as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" @@ -3995,7 +3970,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_wri # values after options handling. ac_log=" This file was extended by Xen Hypervisor Stub Domains $as_me 4.3, which was -generated by GNU Autoconf 2.69. Invocation command line was +generated by GNU Autoconf 2.67. Invocation command line was CONFIG_FILES = $CONFIG_FILES CONFIG_HEADERS = $CONFIG_HEADERS @@ -4049,10 +4024,10 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_writ ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ Xen Hypervisor Stub Domains config.status 4.3 -configured by $0, generated by GNU Autoconf 2.69, +configured by $0, generated by GNU Autoconf 2.67, with options \\"\$ac_cs_config\\" -Copyright (C) 2012 Free Software Foundation, Inc. +Copyright (C) 2010 Free Software Foundation, Inc. This config.status script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it." @@ -4130,7 +4105,7 @@ fi _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 if \$ac_cs_recheck; then - set X $SHELL '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion + set X '$SHELL' '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion shift \$as_echo "running CONFIG_SHELL=$SHELL \$*" >&6 CONFIG_SHELL='$SHELL' @@ -4161,7 +4136,7 @@ do case $ac_config_target in "../config/Stubdom.mk") CONFIG_FILES="$CONFIG_FILES ../config/Stubdom.mk" ;; - *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;; + *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5 ;; esac done @@ -4182,10 +4157,9 @@ fi # after its creation but before its name has been assigned to `$tmp'. $debug || { - tmp= ac_tmp= + tmp= trap 'exit_status=$? - : "${ac_tmp:=$tmp}" - { test ! -d "$ac_tmp" || rm -fr "$ac_tmp"; } && exit $exit_status + { test -z "$tmp" || test ! -d "$tmp" || rm -fr "$tmp"; } && exit $exit_status ' 0 trap 'as_fn_exit 1' 1 2 13 15 } @@ -4193,13 +4167,12 @@ fi { tmp=`(umask 077 && mktemp -d "./confXXXXXX") 2>/dev/null` && - test -d "$tmp" + test -n "$tmp" && test -d "$tmp" } || { tmp=./conf$$-$RANDOM (umask 077 && mkdir "$tmp") } || as_fn_error $? "cannot create a temporary directory in ." "$LINENO" 5 -ac_tmp=$tmp # Set up the scripts for CONFIG_FILES section. # No need to generate them if there are no CONFIG_FILES. @@ -4221,7 +4194,7 @@ else ac_cs_awk_cr=$ac_cr fi -echo 'BEGIN {' >"$ac_tmp/subs1.awk" && +echo 'BEGIN {' >"$tmp/subs1.awk" && _ACEOF @@ -4249,7 +4222,7 @@ done rm -f conf$$subs.sh cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 -cat >>"\$ac_tmp/subs1.awk" <<\\_ACAWK && +cat >>"\$tmp/subs1.awk" <<\\_ACAWK && _ACEOF sed -n ' h @@ -4297,7 +4270,7 @@ t delim rm -f conf$$subs.awk cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 _ACAWK -cat >>"\$ac_tmp/subs1.awk" <<_ACAWK && +cat >>"\$tmp/subs1.awk" <<_ACAWK && for (key in S) S_is_set[key] = 1 FS = "" @@ -4329,7 +4302,7 @@ if sed "s/$ac_cr//" < /dev/null > /dev/n sed "s/$ac_cr\$//; s/$ac_cr/$ac_cs_awk_cr/g" else cat -fi < "$ac_tmp/subs1.awk" > "$ac_tmp/subs.awk" \ +fi < "$tmp/subs1.awk" > "$tmp/subs.awk" \ || as_fn_error $? "could not setup config files machinery" "$LINENO" 5 _ACEOF @@ -4369,7 +4342,7 @@ do esac case $ac_mode$ac_tag in :[FHL]*:*);; - :L* | :C*:*) as_fn_error $? "invalid tag \`$ac_tag'" "$LINENO" 5;; + :L* | :C*:*) as_fn_error $? "invalid tag \`$ac_tag'" "$LINENO" 5 ;; :[FH]-) ac_tag=-:-;; :[FH]*) ac_tag=$ac_tag:$ac_tag.in;; esac @@ -4388,7 +4361,7 @@ do for ac_f do case $ac_f in - -) ac_f="$ac_tmp/stdin";; + -) ac_f="$tmp/stdin";; *) # Look for the file first in the build tree, then in the source tree # (if the path is not absolute). The absolute path cannot be DOS-style, # because $ac_f cannot contain `:'. @@ -4397,7 +4370,7 @@ do [\\/$]*) false;; *) test -f "$srcdir/$ac_f" && ac_f="$srcdir/$ac_f";; esac || - as_fn_error 1 "cannot find input file: \`$ac_f'" "$LINENO" 5;; + as_fn_error 1 "cannot find input file: \`$ac_f'" "$LINENO" 5 ;; esac case $ac_f in *\'*) ac_f=`$as_echo "$ac_f" | sed "s/'/'\\\\\\\\''/g"`;; esac as_fn_append ac_file_inputs " '$ac_f'" @@ -4423,8 +4396,8 @@ do esac case $ac_tag in - *:-:* | *:-) cat >"$ac_tmp/stdin" \ - || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;; + *:-:* | *:-) cat >"$tmp/stdin" \ + || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;; esac ;; esac @@ -4554,22 +4527,21 @@ s&@abs_top_builddir@&$ac_abs_top_builddi s&@INSTALL@&$ac_INSTALL&;t t $ac_datarootdir_hack " -eval sed \"\$ac_sed_extra\" "$ac_file_inputs" | $AWK -f "$ac_tmp/subs.awk" \ - >$ac_tmp/out || as_fn_error $? "could not create $ac_file" "$LINENO" 5 +eval sed \"\$ac_sed_extra\" "$ac_file_inputs" | $AWK -f "$tmp/subs.awk" >$tmp/out \ + || as_fn_error $? "could not create $ac_file" "$LINENO" 5 test -z "$ac_datarootdir_hack$ac_datarootdir_seen" && - { ac_out=`sed -n '/\${datarootdir}/p' "$ac_tmp/out"`; test -n "$ac_out"; } && - { ac_out=`sed -n '/^[ ]*datarootdir[ ]*:*=/p' \ - "$ac_tmp/out"`; test -z "$ac_out"; } && + { ac_out=`sed -n '/\${datarootdir}/p' "$tmp/out"`; test -n "$ac_out"; } && + { ac_out=`sed -n '/^[ ]*datarootdir[ ]*:*=/p' "$tmp/out"`; test -z "$ac_out"; } && { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file contains a reference to the variable \`datarootdir' which seems to be undefined. Please make sure it is defined" >&5 $as_echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir' which seems to be undefined. Please make sure it is defined" >&2;} - rm -f "$ac_tmp/stdin" + rm -f "$tmp/stdin" case $ac_file in - -) cat "$ac_tmp/out" && rm -f "$ac_tmp/out";; - *) rm -f "$ac_file" && mv "$ac_tmp/out" "$ac_file";; + -) cat "$tmp/out" && rm -f "$tmp/out";; + *) rm -f "$ac_file" && mv "$tmp/out" "$ac_file";; esac \ || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:33:27 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:33:27 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvi-0001Fq-Tt; Mon, 21 Jan 2013 22:33:26 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvg-0001Dc-Pa for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:25 +0000 Received: from [85.158.137.99:12852] by server-8.bemta-3.messagelabs.com id B6/DE-22802-F22CDF05; Mon, 21 Jan 2013 22:33:19 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-12.tower-217.messagelabs.com!1358807590!14784290!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG, UPPERCASE_25_50 X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 505 invoked from network); 21 Jan 2013 22:33:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-12.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:33:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvS-0005fp-G1 for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPvS-0003gu-AV for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:10 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:09 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] add stubdom/vtpmmgr code X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Matthew Fioravante # Date 1358506543 0 # Node ID 600a6694754aacc2fbd0daa99d6ec994f15cfbbe # Parent 06b884fed150c91eb1506d1b33d9356d12d85293 add stubdom/vtpmmgr code Add the code base for vtpmmgrdom. Makefile changes next patch. Signed-off-by: Matthew Fioravante Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r 06b884fed150 -r 600a6694754a stubdom/vtpmmgr/Makefile --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpmmgr/Makefile Fri Jan 18 10:55:43 2013 +0000 @@ -0,0 +1,32 @@ +# Copyright (c) 2010-2012 United States Government, as represented by +# the Secretary of Defense. All rights reserved. +# +# THIS SOFTWARE AND ITS DOCUMENTATION ARE PROVIDED AS IS AND WITHOUT +# ANY EXPRESS OR IMPLIED WARRANTIES WHATSOEVER. ALL WARRANTIES +# INCLUDING, BUT NOT LIMITED TO, PERFORMANCE, MERCHANTABILITY, FITNESS +# FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT ARE HEREBY +# DISCLAIMED. USERS ASSUME THE ENTIRE RISK AND LIABILITY OF USING THE +# SOFTWARE. +# + +XEN_ROOT=../.. + +PSSL_DIR=../polarssl-$(XEN_TARGET_ARCH)/library +PSSL_OBJS=aes.o sha1.o entropy.o ctr_drbg.o bignum.o sha4.o havege.o timing.o entropy_poll.o + +TARGET=vtpmmgr.a +OBJS=vtpmmgr.o vtpm_cmd_handler.o vtpm_storage.o init.o tpmrsa.o tpm.o log.o + +CFLAGS+=-Werror -Iutil -Icrypto -Itcs +CFLAGS+=-Wno-declaration-after-statement -Wno-unused-label + +build: $(TARGET) +$(TARGET): $(OBJS) + ar -rcs $@ $^ $(foreach obj,$(PSSL_OBJS),$(PSSL_DIR)/$(obj)) + +clean: + rm -f $(TARGET) $(OBJS) + +distclean: clean + +.PHONY: clean distclean diff -r 06b884fed150 -r 600a6694754a stubdom/vtpmmgr/init.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpmmgr/init.c Fri Jan 18 10:55:43 2013 +0000 @@ -0,0 +1,553 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * based off of the original tools/vtpm_manager code base which is: + * Copyright (c) 2005, Intel Corp. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * * Neither the name of Intel Corporation nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. +*/ +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "log.h" +#include "vtpmmgr.h" +#include "vtpm_storage.h" +#include "tpm.h" +#include "marshal.h" + +struct Opts { + enum { + TPMDRV_TPM_TIS, + TPMDRV_TPMFRONT, + } tpmdriver; + unsigned long tpmiomem; + unsigned int tpmirq; + unsigned int tpmlocality; + int gen_owner_auth; +}; + +// --------------------------- Well Known Auths -------------------------- +const TPM_AUTHDATA WELLKNOWN_SRK_AUTH = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}; + +const TPM_AUTHDATA WELLKNOWN_OWNER_AUTH = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}; + +struct vtpm_globals vtpm_globals = { + .tpm_fd = -1, + .storage_key = TPM_KEY_INIT, + .storage_key_handle = 0, + .oiap = { .AuthHandle = 0 } +}; + +static int tpm_entropy_source(void* dummy, unsigned char* data, size_t len, size_t* olen) { + UINT32 sz = len; + TPM_RESULT rc = TPM_GetRandom(&sz, data); + *olen = sz; + return rc == TPM_SUCCESS ? 0 : POLARSSL_ERR_ENTROPY_SOURCE_FAILED; +} + +static TPM_RESULT check_tpm_version(void) { + TPM_RESULT status; + UINT32 rsize; + BYTE* res = NULL; + TPM_CAP_VERSION_INFO vinfo; + + TPMTRYRETURN(TPM_GetCapability( + TPM_CAP_VERSION_VAL, + 0, + NULL, + &rsize, + &res)); + if(rsize < 4) { + vtpmlogerror(VTPM_LOG_VTPM, "Invalid size returned by GetCapability!\n"); + status = TPM_BAD_PARAMETER; + goto abort_egress; + } + + unpack_TPM_CAP_VERSION_INFO(res, &vinfo, UNPACK_ALIAS); + + vtpmloginfo(VTPM_LOG_VTPM, "Hardware TPM:\n"); + vtpmloginfo(VTPM_LOG_VTPM, " version: %hhd %hhd %hhd %hhd\n", + vinfo.version.major, vinfo.version.minor, vinfo.version.revMajor, vinfo.version.revMinor); + vtpmloginfo(VTPM_LOG_VTPM, " specLevel: %hd\n", vinfo.specLevel); + vtpmloginfo(VTPM_LOG_VTPM, " errataRev: %hhd\n", vinfo.errataRev); + vtpmloginfo(VTPM_LOG_VTPM, " vendorID: %c%c%c%c\n", + vinfo.tpmVendorID[0], vinfo.tpmVendorID[1], + vinfo.tpmVendorID[2], vinfo.tpmVendorID[3]); + vtpmloginfo(VTPM_LOG_VTPM, " vendorSpecificSize: %hd\n", vinfo.vendorSpecificSize); + vtpmloginfo(VTPM_LOG_VTPM, " vendorSpecific: "); + for(int i = 0; i < vinfo.vendorSpecificSize; ++i) { + vtpmloginfomore(VTPM_LOG_VTPM, "%02hhx", vinfo.vendorSpecific[i]); + } + vtpmloginfomore(VTPM_LOG_VTPM, "\n"); + +abort_egress: + free(res); + return status; +} + +static TPM_RESULT flush_tpm(void) { + TPM_RESULT status = TPM_SUCCESS; + const TPM_RESOURCE_TYPE reslist[] = { TPM_RT_KEY, TPM_RT_AUTH, TPM_RT_TRANS, TPM_RT_COUNTER, TPM_RT_DAA_TPM, TPM_RT_CONTEXT }; + BYTE* keylist = NULL; + UINT32 keylistSize; + BYTE* ptr; + + //Iterate through each resource type and flush all handles + for(int i = 0; i < sizeof(reslist) / sizeof(TPM_RESOURCE_TYPE); ++i) { + TPM_RESOURCE_TYPE beres = cpu_to_be32(reslist[i]); + UINT16 size; + TPMTRYRETURN(TPM_GetCapability( + TPM_CAP_HANDLE, + sizeof(TPM_RESOURCE_TYPE), + (BYTE*)(&beres), + &keylistSize, + &keylist)); + + ptr = keylist; + ptr = unpack_UINT16(ptr, &size); + + //Flush each handle + if(size) { + vtpmloginfo(VTPM_LOG_VTPM, "Flushing %u handle(s) of type %lu\n", size, (unsigned long) reslist[i]); + for(int j = 0; j < size; ++j) { + TPM_HANDLE h; + ptr = unpack_TPM_HANDLE(ptr, &h); + TPMTRYRETURN(TPM_FlushSpecific(h, reslist[i])); + } + } + + free(keylist); + keylist = NULL; + } + + goto egress; +abort_egress: + free(keylist); +egress: + return status; +} + + +static TPM_RESULT try_take_ownership(void) { + TPM_RESULT status = TPM_SUCCESS; + TPM_PUBKEY pubEK = TPM_PUBKEY_INIT; + + // If we can read PubEK then there is no owner and we should take it. + status = TPM_ReadPubek(&pubEK); + + switch(status) { + case TPM_DISABLED_CMD: + //Cannot read ek? TPM has owner + vtpmloginfo(VTPM_LOG_VTPM, "Failed to readEK meaning TPM has an owner. Creating Keys off existing SRK.\n"); + status = TPM_SUCCESS; + break; + case TPM_NO_ENDORSEMENT: + { + //If theres no ek, we have to create one + TPM_KEY_PARMS keyInfo = { + .algorithmID = TPM_ALG_RSA, + .encScheme = TPM_ES_RSAESOAEP_SHA1_MGF1, + .sigScheme = TPM_SS_NONE, + .parmSize = 12, + .parms.rsa = { + .keyLength = RSA_KEY_SIZE, + .numPrimes = 2, + .exponentSize = 0, + .exponent = NULL, + }, + }; + TPMTRYRETURN(TPM_CreateEndorsementKeyPair(&keyInfo, &pubEK)); + } + //fall through to take ownership + case TPM_SUCCESS: + { + //Construct the Srk + TPM_KEY srk = { + .ver = TPM_STRUCT_VER_1_1, + .keyUsage = TPM_KEY_STORAGE, + .keyFlags = 0x00, + .authDataUsage = TPM_AUTH_ALWAYS, + .algorithmParms = { + .algorithmID = TPM_ALG_RSA, + .encScheme = TPM_ES_RSAESOAEP_SHA1_MGF1, + .sigScheme = TPM_SS_NONE, + .parmSize = 12, + .parms.rsa = { + .keyLength = RSA_KEY_SIZE, + .numPrimes = 2, + .exponentSize = 0, + .exponent = NULL, + }, + }, + .PCRInfoSize = 0, + .pubKey = { + .keyLength = 0, + .key = NULL, + }, + .encDataSize = 0, + }; + + TPMTRYRETURN(TPM_TakeOwnership( + &pubEK, + (const TPM_AUTHDATA*)&vtpm_globals.owner_auth, + (const TPM_AUTHDATA*)&vtpm_globals.srk_auth, + &srk, + NULL, + &vtpm_globals.oiap)); + + TPMTRYRETURN(TPM_DisablePubekRead( + (const TPM_AUTHDATA*)&vtpm_globals.owner_auth, + &vtpm_globals.oiap)); + } + break; + default: + break; + } +abort_egress: + free_TPM_PUBKEY(&pubEK); + return status; +} + +static void init_storage_key(TPM_KEY* key) { + key->ver.major = 1; + key->ver.minor = 1; + key->ver.revMajor = 0; + key->ver.revMinor = 0; + + key->keyUsage = TPM_KEY_BIND; + key->keyFlags = 0; + key->authDataUsage = TPM_AUTH_ALWAYS; + + TPM_KEY_PARMS* p = &key->algorithmParms; + p->algorithmID = TPM_ALG_RSA; + p->encScheme = TPM_ES_RSAESOAEP_SHA1_MGF1; + p->sigScheme = TPM_SS_NONE; + p->parmSize = 12; + + TPM_RSA_KEY_PARMS* r = &p->parms.rsa; + r->keyLength = RSA_KEY_SIZE; + r->numPrimes = 2; + r->exponentSize = 0; + r->exponent = NULL; + + key->PCRInfoSize = 0; + key->encDataSize = 0; + key->encData = NULL; +} + +static int parse_auth_string(char* authstr, BYTE* target, const TPM_AUTHDATA wellknown, int allowrandom) { + int rc; + /* well known owner auth */ + if(!strcmp(authstr, "well-known")) { + memcpy(target, wellknown, sizeof(TPM_AUTHDATA)); + } + /* Create a randomly generated owner auth */ + else if(allowrandom && !strcmp(authstr, "random")) { + return 1; + } + /* owner auth is a raw hash */ + else if(!strncmp(authstr, "hash:", 5)) { + authstr += 5; + if((rc = strlen(authstr)) != 40) { + vtpmlogerror(VTPM_LOG_VTPM, "Supplied owner auth hex string `%s' must be exactly 40 characters (20 bytes) long, length=%d\n", authstr, rc); + return -1; + } + for(int j = 0; j < 20; ++j) { + if(sscanf(authstr, "%hhX", target + j) != 1) { + vtpmlogerror(VTPM_LOG_VTPM, "Supplied owner auth string `%s' is not a valid hex string\n", authstr); + return -1; + } + authstr += 2; + } + } + /* owner auth is a string that will be hashed */ + else if(!strncmp(authstr, "text:", 5)) { + authstr += 5; + sha1((const unsigned char*)authstr, strlen(authstr), target); + } + else { + vtpmlogerror(VTPM_LOG_VTPM, "Invalid auth string %s\n", authstr); + return -1; + } + + return 0; +} + +int parse_cmdline_opts(int argc, char** argv, struct Opts* opts) +{ + int rc; + int i; + + //Set defaults + memcpy(vtpm_globals.owner_auth, WELLKNOWN_OWNER_AUTH, sizeof(TPM_AUTHDATA)); + memcpy(vtpm_globals.srk_auth, WELLKNOWN_SRK_AUTH, sizeof(TPM_AUTHDATA)); + + for(i = 1; i < argc; ++i) { + if(!strncmp(argv[i], "owner_auth:", 10)) { + if((rc = parse_auth_string(argv[i] + 10, vtpm_globals.owner_auth, WELLKNOWN_OWNER_AUTH, 1)) < 0) { + goto err_invalid; + } + if(rc == 1) { + opts->gen_owner_auth = 1; + } + } + else if(!strncmp(argv[i], "srk_auth:", 8)) { + if((rc = parse_auth_string(argv[i] + 8, vtpm_globals.srk_auth, WELLKNOWN_SRK_AUTH, 0)) != 0) { + goto err_invalid; + } + } + else if(!strncmp(argv[i], "tpmdriver=", 10)) { + if(!strcmp(argv[i] + 10, "tpm_tis")) { + opts->tpmdriver = TPMDRV_TPM_TIS; + } else if(!strcmp(argv[i] + 10, "tpmfront")) { + opts->tpmdriver = TPMDRV_TPMFRONT; + } else { + goto err_invalid; + } + } + else if(!strncmp(argv[i], "tpmiomem=",9)) { + if(sscanf(argv[i] + 9, "0x%lX", &opts->tpmiomem) != 1) { + goto err_invalid; + } + } + else if(!strncmp(argv[i], "tpmirq=",7)) { + if(!strcmp(argv[i] + 7, "probe")) { + opts->tpmirq = TPM_PROBE_IRQ; + } else if( sscanf(argv[i] + 7, "%u", &opts->tpmirq) != 1) { + goto err_invalid; + } + } + else if(!strncmp(argv[i], "tpmlocality=",12)) { + if(sscanf(argv[i] + 12, "%u", &opts->tpmlocality) != 1 || opts->tpmlocality > 4) { + goto err_invalid; + } + } + } + + switch(opts->tpmdriver) { + case TPMDRV_TPM_TIS: + vtpmloginfo(VTPM_LOG_VTPM, "Option: Using tpm_tis driver\n"); + break; + case TPMDRV_TPMFRONT: + vtpmloginfo(VTPM_LOG_VTPM, "Option: Using tpmfront driver\n"); + break; + } + + return 0; +err_invalid: + vtpmlogerror(VTPM_LOG_VTPM, "Invalid Option %s\n", argv[i]); + return -1; +} + + + +static TPM_RESULT vtpmmgr_create(void) { + TPM_RESULT status = TPM_SUCCESS; + TPM_AUTH_SESSION osap = TPM_AUTH_SESSION_INIT; + TPM_AUTHDATA sharedsecret; + + // Take ownership if TPM is unowned + TPMTRYRETURN(try_take_ownership()); + + // Generate storage key's auth + memset(&vtpm_globals.storage_key_usage_auth, 0, sizeof(TPM_AUTHDATA)); + + TPMTRYRETURN( TPM_OSAP( + TPM_ET_KEYHANDLE, + TPM_SRK_KEYHANDLE, + (const TPM_AUTHDATA*)&vtpm_globals.srk_auth, + &sharedsecret, + &osap) ); + + init_storage_key(&vtpm_globals.storage_key); + + //initialize the storage key + TPMTRYRETURN( TPM_CreateWrapKey( + TPM_SRK_KEYHANDLE, + (const TPM_AUTHDATA*)&sharedsecret, + (const TPM_AUTHDATA*)&vtpm_globals.storage_key_usage_auth, + (const TPM_AUTHDATA*)&vtpm_globals.storage_key_usage_auth, + &vtpm_globals.storage_key, + &osap) ); + + //Load Storage Key + TPMTRYRETURN( TPM_LoadKey( + TPM_SRK_KEYHANDLE, + &vtpm_globals.storage_key, + &vtpm_globals.storage_key_handle, + (const TPM_AUTHDATA*) &vtpm_globals.srk_auth, + &vtpm_globals.oiap)); + + //Make sure TPM has commited changes + TPMTRYRETURN( TPM_SaveState() ); + + //Create new disk image + TPMTRYRETURN(vtpm_storage_new_header()); + + goto egress; +abort_egress: +egress: + vtpmloginfo(VTPM_LOG_VTPM, "Finished initialized new VTPM manager\n"); + + //End the OSAP session + if(osap.AuthHandle) { + TPM_TerminateHandle(osap.AuthHandle); + } + + return status; +} + +TPM_RESULT vtpmmgr_init(int argc, char** argv) { + TPM_RESULT status = TPM_SUCCESS; + + /* Default commandline options */ + struct Opts opts = { + .tpmdriver = TPMDRV_TPM_TIS, + .tpmiomem = TPM_BASEADDR, + .tpmirq = 0, + .tpmlocality = 0, + .gen_owner_auth = 0, + }; + + if(parse_cmdline_opts(argc, argv, &opts) != 0) { + vtpmlogerror(VTPM_LOG_VTPM, "Command line parsing failed! exiting..\n"); + status = TPM_BAD_PARAMETER; + goto abort_egress; + } + + //Setup storage system + if(vtpm_storage_init() != 0) { + vtpmlogerror(VTPM_LOG_VTPM, "Unable to initialize storage subsystem!\n"); + status = TPM_IOERROR; + goto abort_egress; + } + + //Setup tpmback device + init_tpmback(); + + //Setup tpm access + switch(opts.tpmdriver) { + case TPMDRV_TPM_TIS: + { + struct tpm_chip* tpm; + if((tpm = init_tpm_tis(opts.tpmiomem, TPM_TIS_LOCL_INT_TO_FLAG(opts.tpmlocality), opts.tpmirq)) == NULL) { + vtpmlogerror(VTPM_LOG_VTPM, "Unable to initialize tpmfront device\n"); + status = TPM_IOERROR; + goto abort_egress; + } + vtpm_globals.tpm_fd = tpm_tis_open(tpm); + tpm_tis_request_locality(tpm, opts.tpmlocality); + } + break; + case TPMDRV_TPMFRONT: + { + struct tpmfront_dev* tpmfront_dev; + if((tpmfront_dev = init_tpmfront(NULL)) == NULL) { + vtpmlogerror(VTPM_LOG_VTPM, "Unable to initialize tpmfront device\n"); + status = TPM_IOERROR; + goto abort_egress; + } + vtpm_globals.tpm_fd = tpmfront_open(tpmfront_dev); + } + break; + } + + //Get the version of the tpm + TPMTRYRETURN(check_tpm_version()); + + // Blow away all stale handles left in the tpm + if(flush_tpm() != TPM_SUCCESS) { + vtpmlogerror(VTPM_LOG_VTPM, "VTPM_FlushResources failed, continuing anyway..\n"); + } + + /* Initialize the rng */ + entropy_init(&vtpm_globals.entropy); + entropy_add_source(&vtpm_globals.entropy, tpm_entropy_source, NULL, 0); + entropy_gather(&vtpm_globals.entropy); + ctr_drbg_init(&vtpm_globals.ctr_drbg, entropy_func, &vtpm_globals.entropy, NULL, 0); + ctr_drbg_set_prediction_resistance( &vtpm_globals.ctr_drbg, CTR_DRBG_PR_OFF ); + + // Generate Auth for Owner + if(opts.gen_owner_auth) { + vtpmmgr_rand(vtpm_globals.owner_auth, sizeof(TPM_AUTHDATA)); + } + + // Create OIAP session for service's authorized commands + TPMTRYRETURN( TPM_OIAP(&vtpm_globals.oiap) ); + + /* Load the Manager data, if it fails create a new manager */ + if (vtpm_storage_load_header() != TPM_SUCCESS) { + /* If the OIAP session was closed by an error, create a new one */ + if(vtpm_globals.oiap.AuthHandle == 0) { + TPMTRYRETURN( TPM_OIAP(&vtpm_globals.oiap) ); + } + vtpmloginfo(VTPM_LOG_VTPM, "Failed to read manager file. Assuming first time initialization.\n"); + TPMTRYRETURN( vtpmmgr_create() ); + } + + goto egress; +abort_egress: + vtpmmgr_shutdown(); +egress: + return status; +} + +void vtpmmgr_shutdown(void) +{ + /* Cleanup resources */ + free_TPM_KEY(&vtpm_globals.storage_key); + + /* Cleanup TPM resources */ + TPM_EvictKey(vtpm_globals.storage_key_handle); + TPM_TerminateHandle(vtpm_globals.oiap.AuthHandle); + + /* Close tpmback */ + shutdown_tpmback(); + + /* Close the storage system and blkfront */ + vtpm_storage_shutdown(); + + /* Close tpmfront/tpm_tis */ + close(vtpm_globals.tpm_fd); + + vtpmloginfo(VTPM_LOG_VTPM, "VTPM Manager stopped.\n"); +} diff -r 06b884fed150 -r 600a6694754a stubdom/vtpmmgr/log.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpmmgr/log.c Fri Jan 18 10:55:43 2013 +0000 @@ -0,0 +1,151 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * based off of the original tools/vtpm_manager code base which is: + * Copyright (c) 2005, Intel Corp. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * * Neither the name of Intel Corporation nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + +#include +#include +#include + +#include "tcg.h" + +char *module_names[] = { "", + "TPM", + "TPM", + "VTPM", + "VTPM", + "TXDATA", + }; +// Helper code for the consts, eg. to produce messages for error codes. + +typedef struct error_code_entry_t { + TPM_RESULT code; + char * code_name; + char * msg; +} error_code_entry_t; + +static const error_code_entry_t error_msgs [] = { + { TPM_SUCCESS, "TPM_SUCCESS", "Successful completion of the operation" }, + { TPM_AUTHFAIL, "TPM_AUTHFAIL", "Authentication failed" }, + { TPM_BADINDEX, "TPM_BADINDEX", "The index to a PCR, DIR or other register is incorrect" }, + { TPM_BAD_PARAMETER, "TPM_BAD_PARAMETER", "One or more parameter is bad" }, + { TPM_AUDITFAILURE, "TPM_AUDITFAILURE", "An operation completed successfully but the auditing of that operation failed." }, + { TPM_CLEAR_DISABLED, "TPM_CLEAR_DISABLED", "The clear disable flag is set and all clear operations now require physical access" }, + { TPM_DEACTIVATED, "TPM_DEACTIVATED", "The TPM is deactivated" }, + { TPM_DISABLED, "TPM_DISABLED", "The TPM is disabled" }, + { TPM_DISABLED_CMD, "TPM_DISABLED_CMD", "The target command has been disabled" }, + { TPM_FAIL, "TPM_FAIL", "The operation failed" }, + { TPM_BAD_ORDINAL, "TPM_BAD_ORDINAL", "The ordinal was unknown or inconsistent" }, + { TPM_INSTALL_DISABLED, "TPM_INSTALL_DISABLED", "The ability to install an owner is disabled" }, + { TPM_INVALID_KEYHANDLE, "TPM_INVALID_KEYHANDLE", "The key handle presented was invalid" }, + { TPM_KEYNOTFOUND, "TPM_KEYNOTFOUND", "The target key was not found" }, + { TPM_INAPPROPRIATE_ENC, "TPM_INAPPROPRIATE_ENC", "Unacceptable encryption scheme" }, + { TPM_MIGRATEFAIL, "TPM_MIGRATEFAIL", "Migration authorization failed" }, + { TPM_INVALID_PCR_INFO, "TPM_INVALID_PCR_INFO", "PCR information could not be interpreted" }, + { TPM_NOSPACE, "TPM_NOSPACE", "No room to load key." }, + { TPM_NOSRK, "TPM_NOSRK", "There is no SRK set" }, + { TPM_NOTSEALED_BLOB, "TPM_NOTSEALED_BLOB", "An encrypted blob is invalid or was not created by this TPM" }, + { TPM_OWNER_SET, "TPM_OWNER_SET", "There is already an Owner" }, + { TPM_RESOURCES, "TPM_RESOURCES", "The TPM has insufficient internal resources to perform the requested action." }, + { TPM_SHORTRANDOM, "TPM_SHORTRANDOM", "A random string was too short" }, + { TPM_SIZE, "TPM_SIZE", "The TPM does not have the space to perform the operation." }, + { TPM_WRONGPCRVAL, "TPM_WRONGPCRVAL", "The named PCR value does not match the current PCR value." }, + { TPM_BAD_PARAM_SIZE, "TPM_BAD_PARAM_SIZE", "The paramSize argument to the command has the incorrect value" }, + { TPM_SHA_THREAD, "TPM_SHA_THREAD", "There is no existing SHA-1 thread." }, + { TPM_SHA_ERROR, "TPM_SHA_ERROR", "The calculation is unable to proceed because the existing SHA-1 thread has already encountered an error." }, + { TPM_FAILEDSELFTEST, "TPM_FAILEDSELFTEST", "Self-test has failed and the TPM has shutdown." }, + { TPM_AUTH2FAIL, "TPM_AUTH2FAIL", "The authorization for the second key in a 2 key function failed authorization" }, + { TPM_BADTAG, "TPM_BADTAG", "The tag value sent to for a command is invalid" }, + { TPM_IOERROR, "TPM_IOERROR", "An IO error occurred transmitting information to the TPM" }, + { TPM_ENCRYPT_ERROR, "TPM_ENCRYPT_ERROR", "The encryption process had a problem." }, + { TPM_DECRYPT_ERROR, "TPM_DECRYPT_ERROR", "The decryption process did not complete." }, + { TPM_INVALID_AUTHHANDLE, "TPM_INVALID_AUTHHANDLE", "An invalid handle was used." }, + { TPM_NO_ENDORSEMENT, "TPM_NO_ENDORSEMENT", "The TPM does not a EK installed" }, + { TPM_INVALID_KEYUSAGE, "TPM_INVALID_KEYUSAGE", "The usage of a key is not allowed" }, + { TPM_WRONG_ENTITYTYPE, "TPM_WRONG_ENTITYTYPE", "The submitted entity type is not allowed" }, + { TPM_INVALID_POSTINIT, "TPM_INVALID_POSTINIT", "The command was received in the wrong sequence relative to TPM_Init and a subsequent TPM_Startup" }, + { TPM_INAPPROPRIATE_SIG, "TPM_INAPPROPRIATE_SIG", "Signed data cannot include additional DER information" }, + { TPM_BAD_KEY_PROPERTY, "TPM_BAD_KEY_PROPERTY", "The key properties in TPM_KEY_PARMs are not supported by this TPM" }, + + { TPM_BAD_MIGRATION, "TPM_BAD_MIGRATION", "The migration properties of this key are incorrect." }, + { TPM_BAD_SCHEME, "TPM_BAD_SCHEME", "The signature or encryption scheme for this key is incorrect or not permitted in this situation." }, + { TPM_BAD_DATASIZE, "TPM_BAD_DATASIZE", "The size of the data (or blob) parameter is bad or inconsistent with the referenced key" }, + { TPM_BAD_MODE, "TPM_BAD_MODE", "A mode parameter is bad, such as capArea or subCapArea for TPM_GetCapability, phsicalPresence parameter for TPM_PhysicalPresence, or migrationType for TPM_CreateMigrationBlob." }, + { TPM_BAD_PRESENCE, "TPM_BAD_PRESENCE", "Either the physicalPresence or physicalPresenceLock bits have the wrong value" }, + { TPM_BAD_VERSION, "TPM_BAD_VERSION", "The TPM cannot perform this version of the capability" }, + { TPM_NO_WRAP_TRANSPORT, "TPM_NO_WRAP_TRANSPORT", "The TPM does not allow for wrapped transport sessions" }, + { TPM_AUDITFAIL_UNSUCCESSFUL, "TPM_AUDITFAIL_UNSUCCESSFUL", "TPM audit construction failed and the underlying command was returning a failure code also" }, + { TPM_AUDITFAIL_SUCCESSFUL, "TPM_AUDITFAIL_SUCCESSFUL", "TPM audit construction failed and the underlying command was returning success" }, + { TPM_NOTRESETABLE, "TPM_NOTRESETABLE", "Attempt to reset a PCR register that does not have the resettable attribute" }, + { TPM_NOTLOCAL, "TPM_NOTLOCAL", "Attempt to reset a PCR register that requires locality and locality modifier not part of command transport" }, + { TPM_BAD_TYPE, "TPM_BAD_TYPE", "Make identity blob not properly typed" }, + { TPM_INVALID_RESOURCE, "TPM_INVALID_RESOURCE", "When saving context identified resource type does not match actual resource" }, + { TPM_NOTFIPS, "TPM_NOTFIPS", "The TPM is attempting to execute a command only available when in FIPS mode" }, + { TPM_INVALID_FAMILY, "TPM_INVALID_FAMILY", "The command is attempting to use an invalid family ID" }, + { TPM_NO_NV_PERMISSION, "TPM_NO_NV_PERMISSION", "The permission to manipulate the NV storage is not available" }, + { TPM_REQUIRES_SIGN, "TPM_REQUIRES_SIGN", "The operation requires a signed command" }, + { TPM_KEY_NOTSUPPORTED, "TPM_KEY_NOTSUPPORTED", "Wrong operation to load an NV key" }, + { TPM_AUTH_CONFLICT, "TPM_AUTH_CONFLICT", "NV_LoadKey blob requires both owner and blob authorization" }, + { TPM_AREA_LOCKED, "TPM_AREA_LOCKED", "The NV area is locked and not writtable" }, + { TPM_BAD_LOCALITY, "TPM_BAD_LOCALITY", "The locality is incorrect for the attempted operation" }, + { TPM_READ_ONLY, "TPM_READ_ONLY", "The NV area is read only and can't be written to" }, + { TPM_PER_NOWRITE, "TPM_PER_NOWRITE", "There is no protection on the write to the NV area" }, + { TPM_FAMILYCOUNT, "TPM_FAMILYCOUNT", "The family count value does not match" }, + { TPM_WRITE_LOCKED, "TPM_WRITE_LOCKED", "The NV area has already been written to" }, + { TPM_BAD_ATTRIBUTES, "TPM_BAD_ATTRIBUTES", "The NV area attributes conflict" }, + { TPM_INVALID_STRUCTURE, "TPM_INVALID_STRUCTURE", "The structure tag and version are invalid or inconsistent" }, + { TPM_KEY_OWNER_CONTROL, "TPM_KEY_OWNER_CONTROL", "The key is under control of the TPM Owner and can only be evicted by the TPM Owner." }, + { TPM_BAD_COUNTER, "TPM_BAD_COUNTER", "The counter handle is incorrect" }, + { TPM_NOT_FULLWRITE, "TPM_NOT_FULLWRITE", "The write is not a complete write of the area" }, + { TPM_CONTEXT_GAP, "TPM_CONTEXT_GAP", "The gap between saved context counts is too large" }, + { TPM_MAXNVWRITES, "TPM_MAXNVWRITES", "The maximum number of NV writes without an owner has been exceeded" }, + { TPM_NOOPERATOR, "TPM_NOOPERATOR", "No operator authorization value is set" }, + { TPM_RESOURCEMISSING, "TPM_RESOURCEMISSING", "The resource pointed to by context is not loaded" }, + { TPM_DELEGATE_LOCK, "TPM_DELEGATE_LOCK", "The delegate administration is locked" }, + { TPM_DELEGATE_FAMILY, "TPM_DELEGATE_FAMILY", "Attempt to manage a family other then the delegated family" }, + { TPM_DELEGATE_ADMIN, "TPM_DELEGATE_ADMIN", "Delegation table management not enabled" }, + { TPM_TRANSPORT_EXCLUSIVE, "TPM_TRANSPORT_EXCLUSIVE", "There was a command executed outside of an exclusive transport session" }, +}; + + +// helper function for the error codes: +const char* tpm_get_error_name (TPM_RESULT code) { + // just do a linear scan for now + unsigned i; + for (i = 0; i < sizeof(error_msgs)/sizeof(error_msgs[0]); i++) + if (code == error_msgs[i].code) + return error_msgs[i].code_name; + + return("Unknown Error Code"); +} diff -r 06b884fed150 -r 600a6694754a stubdom/vtpmmgr/log.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpmmgr/log.h Fri Jan 18 10:55:43 2013 +0000 @@ -0,0 +1,85 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * based off of the original tools/vtpm_manager code base which is: + * Copyright (c) 2005, Intel Corp. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * * Neither the name of Intel Corporation nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + +#ifndef __VTPM_LOG_H__ +#define __VTPM_LOG_H__ + +#include // for uint32_t +#include // for pointer NULL +#include +#include "tcg.h" + +// =========================== LOGGING ============================== + +// the logging module numbers +#define VTPM_LOG_TPM 1 +#define VTPM_LOG_TPM_DEEP 2 +#define VTPM_LOG_VTPM 3 +#define VTPM_LOG_VTPM_DEEP 4 +#define VTPM_LOG_TXDATA 5 + +extern char *module_names[]; + +// Default to standard logging +#ifndef LOGGING_MODULES +#define LOGGING_MODULES (BITMASK(VTPM_LOG_VTPM)|BITMASK(VTPM_LOG_TPM)) +#endif + +// bit-access macros +#define BITMASK(idx) ( 1U << (idx) ) +#define GETBIT(num,idx) ( ((num) & BITMASK(idx)) >> idx ) +#define SETBIT(num,idx) (num) |= BITMASK(idx) +#define CLEARBIT(num,idx) (num) &= ( ~ BITMASK(idx) ) + +#define vtpmloginfo(module, fmt, args...) \ + if (GETBIT (LOGGING_MODULES, module) == 1) { \ + fprintf (stdout, "INFO[%s]: " fmt, module_names[module], ##args); \ + } + +#define vtpmloginfomore(module, fmt, args...) \ + if (GETBIT (LOGGING_MODULES, module) == 1) { \ + fprintf (stdout, fmt,##args); \ + } + +#define vtpmlogerror(module, fmt, args...) \ + fprintf (stderr, "ERROR[%s]: " fmt, module_names[module], ##args); + +//typedef UINT32 tpm_size_t; + +// helper function for the error codes: +const char* tpm_get_error_name (TPM_RESULT code); + +#endif // _VTPM_LOG_H_ diff -r 06b884fed150 -r 600a6694754a stubdom/vtpmmgr/marshal.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpmmgr/marshal.h Fri Jan 18 10:55:43 2013 +0000 @@ -0,0 +1,528 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * based off of the original tools/vtpm_manager code base which is: + * Copyright (c) 2005, Intel Corp. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * * Neither the name of Intel Corporation nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + +#ifndef MARSHAL_H +#define MARSHAL_H + +#include +#include +#include +#include "tcg.h" + +typedef enum UnpackPtr { + UNPACK_ALIAS, + UNPACK_ALLOC +} UnpackPtr; + +inline BYTE* pack_BYTE(BYTE* ptr, BYTE t) { + ptr[0] = t; + return ++ptr; +} + +inline BYTE* unpack_BYTE(BYTE* ptr, BYTE* t) { + t[0] = ptr[0]; + return ++ptr; +} + +#define pack_BOOL(p, t) pack_BYTE(p, t) +#define unpack_BOOL(p, t) unpack_BYTE(p, t) + +inline BYTE* pack_UINT16(BYTE* ptr, UINT16 t) { + BYTE* b = (BYTE*)&t; +#if __BYTE_ORDER == __LITTLE_ENDIAN + ptr[0] = b[1]; + ptr[1] = b[0]; +#elif __BYTE_ORDER == __BIG_ENDIAN + ptr[0] = b[0]; + ptr[1] = b[1]; +#endif + return ptr + sizeof(UINT16); +} + +inline BYTE* unpack_UINT16(BYTE* ptr, UINT16* t) { + BYTE* b = (BYTE*)t; +#if __BYTE_ORDER == __LITTLE_ENDIAN + b[0] = ptr[1]; + b[1] = ptr[0]; +#elif __BYTE_ORDER == __BIG_ENDIAN + b[0] = ptr[0]; + b[1] = ptr[1]; +#endif + return ptr + sizeof(UINT16); +} + +inline BYTE* pack_UINT32(BYTE* ptr, UINT32 t) { + BYTE* b = (BYTE*)&t; +#if __BYTE_ORDER == __LITTLE_ENDIAN + ptr[3] = b[0]; + ptr[2] = b[1]; + ptr[1] = b[2]; + ptr[0] = b[3]; +#elif __BYTE_ORDER == __BIG_ENDIAN + ptr[0] = b[0]; + ptr[1] = b[1]; + ptr[2] = b[2]; + ptr[3] = b[3]; +#endif + return ptr + sizeof(UINT32); +} + +inline BYTE* unpack_UINT32(BYTE* ptr, UINT32* t) { + BYTE* b = (BYTE*)t; +#if __BYTE_ORDER == __LITTLE_ENDIAN + b[0] = ptr[3]; + b[1] = ptr[2]; + b[2] = ptr[1]; + b[3] = ptr[0]; +#elif __BYTE_ORDER == __BIG_ENDIAN + b[0] = ptr[0]; + b[1] = ptr[1]; + b[2] = ptr[2]; + b[3] = ptr[3]; +#endif + return ptr + sizeof(UINT32); +} + +#define pack_TPM_RESULT(p, t) pack_UINT32(p, t) +#define pack_TPM_PCRINDEX(p, t) pack_UINT32(p, t) +#define pack_TPM_DIRINDEX(p, t) pack_UINT32(p, t) +#define pack_TPM_HANDLE(p, t) pack_UINT32(p, t) +#define pack_TPM_AUTHHANDLE(p, t) pack_TPM_HANDLE(p, t) +#define pack_TCPA_HASHHANDLE(p, t) pack_TPM_HANDLE(p, t) +#define pack_TCPA_HMACHANDLE(p, t) pack_TPM_HANDLE(p, t) +#define pack_TCPA_ENCHANDLE(p, t) pack_TPM_HANDLE(p, t) +#define pack_TPM_KEY_HANDLE(p, t) pack_TPM_HANDLE(p, t) +#define pack_TCPA_ENTITYHANDLE(p, t) pack_TPM_HANDLE(p, t) +#define pack_TPM_RESOURCE_TYPE(p, t) pack_UINT32(p, t) +#define pack_TPM_COMMAND_CODE(p, t) pack_UINT32(p, t) +#define pack_TPM_PROTOCOL_ID(p, t) pack_UINT16(p, t) +#define pack_TPM_AUTH_DATA_USAGE(p, t) pack_BYTE(p, t) +#define pack_TPM_ENTITY_TYPE(p, t) pack_UINT16(p, t) +#define pack_TPM_ALGORITHM_ID(p, t) pack_UINT32(p, t) +#define pack_TPM_KEY_USAGE(p, t) pack_UINT16(p, t) +#define pack_TPM_STARTUP_TYPE(p, t) pack_UINT16(p, t) +#define pack_TPM_CAPABILITY_AREA(p, t) pack_UINT32(p, t) +#define pack_TPM_ENC_SCHEME(p, t) pack_UINT16(p, t) +#define pack_TPM_SIG_SCHEME(p, t) pack_UINT16(p, t) +#define pack_TPM_MIGRATE_SCHEME(p, t) pack_UINT16(p, t) +#define pack_TPM_PHYSICAL_PRESENCE(p, t) pack_UINT16(p, t) +#define pack_TPM_KEY_FLAGS(p, t) pack_UINT32(p, t) + +#define unpack_TPM_RESULT(p, t) unpack_UINT32(p, t) +#define unpack_TPM_PCRINDEX(p, t) unpack_UINT32(p, t) +#define unpack_TPM_DIRINDEX(p, t) unpack_UINT32(p, t) +#define unpack_TPM_HANDLE(p, t) unpack_UINT32(p, t) +#define unpack_TPM_AUTHHANDLE(p, t) unpack_TPM_HANDLE(p, t) +#define unpack_TCPA_HASHHANDLE(p, t) unpack_TPM_HANDLE(p, t) +#define unpack_TCPA_HMACHANDLE(p, t) unpack_TPM_HANDLE(p, t) +#define unpack_TCPA_ENCHANDLE(p, t) unpack_TPM_HANDLE(p, t) +#define unpack_TPM_KEY_HANDLE(p, t) unpack_TPM_HANDLE(p, t) +#define unpack_TCPA_ENTITYHANDLE(p, t) unpack_TPM_HANDLE(p, t) +#define unpack_TPM_RESOURCE_TYPE(p, t) unpack_UINT32(p, t) +#define unpack_TPM_COMMAND_CODE(p, t) unpack_UINT32(p, t) +#define unpack_TPM_PROTOCOL_ID(p, t) unpack_UINT16(p, t) +#define unpack_TPM_AUTH_DATA_USAGE(p, t) unpack_BYTE(p, t) +#define unpack_TPM_ENTITY_TYPE(p, t) unpack_UINT16(p, t) +#define unpack_TPM_ALGORITHM_ID(p, t) unpack_UINT32(p, t) +#define unpack_TPM_KEY_USAGE(p, t) unpack_UINT16(p, t) +#define unpack_TPM_STARTUP_TYPE(p, t) unpack_UINT16(p, t) +#define unpack_TPM_CAPABILITY_AREA(p, t) unpack_UINT32(p, t) +#define unpack_TPM_ENC_SCHEME(p, t) unpack_UINT16(p, t) +#define unpack_TPM_SIG_SCHEME(p, t) unpack_UINT16(p, t) +#define unpack_TPM_MIGRATE_SCHEME(p, t) unpack_UINT16(p, t) +#define unpack_TPM_PHYSICAL_PRESENCE(p, t) unpack_UINT16(p, t) +#define unpack_TPM_KEY_FLAGS(p, t) unpack_UINT32(p, t) + +#define pack_TPM_AUTH_HANDLE(p, t) pack_UINT32(p, t); +#define pack_TCS_CONTEXT_HANDLE(p, t) pack_UINT32(p, t); +#define pack_TCS_KEY_HANDLE(p, t) pack_UINT32(p, t); + +#define unpack_TPM_AUTH_HANDLE(p, t) unpack_UINT32(p, t); +#define unpack_TCS_CONTEXT_HANDLE(p, t) unpack_UINT32(p, t); +#define unpack_TCS_KEY_HANDLE(p, t) unpack_UINT32(p, t); + +inline BYTE* pack_BUFFER(BYTE* ptr, const BYTE* buf, UINT32 size) { + memcpy(ptr, buf, size); + return ptr + size; +} + +inline BYTE* unpack_BUFFER(BYTE* ptr, BYTE* buf, UINT32 size) { + memcpy(buf, ptr, size); + return ptr + size; +} + +inline BYTE* unpack_ALIAS(BYTE* ptr, BYTE** buf, UINT32 size) { + *buf = ptr; + return ptr + size; +} + +inline BYTE* unpack_ALLOC(BYTE* ptr, BYTE** buf, UINT32 size) { + if(size) { + *buf = malloc(size); + memcpy(*buf, ptr, size); + } else { + *buf = NULL; + } + return ptr + size; +} + +inline BYTE* unpack_PTR(BYTE* ptr, BYTE** buf, UINT32 size, UnpackPtr alloc) { + if(alloc == UNPACK_ALLOC) { + return unpack_ALLOC(ptr, buf, size); + } else { + return unpack_ALIAS(ptr, buf, size); + } +} + +inline BYTE* pack_TPM_AUTHDATA(BYTE* ptr, const TPM_AUTHDATA* d) { + return pack_BUFFER(ptr, *d, TPM_DIGEST_SIZE); +} + +inline BYTE* unpack_TPM_AUTHDATA(BYTE* ptr, TPM_AUTHDATA* d) { + return unpack_BUFFER(ptr, *d, TPM_DIGEST_SIZE); +} + +#define pack_TPM_SECRET(p, t) pack_TPM_AUTHDATA(p, t) +#define pack_TPM_ENCAUTH(p, t) pack_TPM_AUTHDATA(p, t) +#define pack_TPM_PAYLOAD_TYPE(p, t) pack_BYTE(p, t) +#define pack_TPM_TAG(p, t) pack_UINT16(p, t) +#define pack_TPM_STRUCTURE_TAG(p, t) pack_UINT16(p, t) + +#define unpack_TPM_SECRET(p, t) unpack_TPM_AUTHDATA(p, t) +#define unpack_TPM_ENCAUTH(p, t) unpack_TPM_AUTHDATA(p, t) +#define unpack_TPM_PAYLOAD_TYPE(p, t) unpack_BYTE(p, t) +#define unpack_TPM_TAG(p, t) unpack_UINT16(p, t) +#define unpack_TPM_STRUCTURE_TAG(p, t) unpack_UINT16(p, t) + +inline BYTE* pack_TPM_VERSION(BYTE* ptr, const TPM_VERSION* t) { + ptr[0] = t->major; + ptr[1] = t->minor; + ptr[2] = t->revMajor; + ptr[3] = t->revMinor; + return ptr + 4; +} + +inline BYTE* unpack_TPM_VERSION(BYTE* ptr, TPM_VERSION* t) { + t->major = ptr[0]; + t->minor = ptr[1]; + t->revMajor = ptr[2]; + t->revMinor = ptr[3]; + return ptr + 4; +} + +inline BYTE* pack_TPM_CAP_VERSION_INFO(BYTE* ptr, const TPM_CAP_VERSION_INFO* v) { + ptr = pack_TPM_STRUCTURE_TAG(ptr, v->tag); + ptr = pack_TPM_VERSION(ptr, &v->version); + ptr = pack_UINT16(ptr, v->specLevel); + ptr = pack_BYTE(ptr, v->errataRev); + ptr = pack_BUFFER(ptr, v->tpmVendorID, sizeof(v->tpmVendorID)); + ptr = pack_UINT16(ptr, v->vendorSpecificSize); + ptr = pack_BUFFER(ptr, v->vendorSpecific, v->vendorSpecificSize); + return ptr; +} + +inline BYTE* unpack_TPM_CAP_VERSION_INFO(BYTE* ptr, TPM_CAP_VERSION_INFO* v, UnpackPtr alloc) { + ptr = unpack_TPM_STRUCTURE_TAG(ptr, &v->tag); + ptr = unpack_TPM_VERSION(ptr, &v->version); + ptr = unpack_UINT16(ptr, &v->specLevel); + ptr = unpack_BYTE(ptr, &v->errataRev); + ptr = unpack_BUFFER(ptr, v->tpmVendorID, sizeof(v->tpmVendorID)); + ptr = unpack_UINT16(ptr, &v->vendorSpecificSize); + ptr = unpack_PTR(ptr, &v->vendorSpecific, v->vendorSpecificSize, alloc); + return ptr; +} + +inline BYTE* pack_TPM_DIGEST(BYTE* ptr, const TPM_DIGEST* d) { + return pack_BUFFER(ptr, d->digest, TPM_DIGEST_SIZE); +} + +inline BYTE* unpack_TPM_DIGEST(BYTE* ptr, TPM_DIGEST* d) { + return unpack_BUFFER(ptr, d->digest, TPM_DIGEST_SIZE); +} + +#define pack_TPM_PCRVALUE(ptr, d) pack_TPM_DIGEST(ptr, d); +#define unpack_TPM_PCRVALUE(ptr, d) unpack_TPM_DIGEST(ptr, d); + +#define pack_TPM_COMPOSITE_HASH(ptr, d) pack_TPM_DIGEST(ptr, d); +#define unpack_TPM_COMPOSITE_HASH(ptr, d) unpack_TPM_DIGEST(ptr, d); + +#define pack_TPM_DIRVALUE(ptr, d) pack_TPM_DIGEST(ptr, d); +#define unpack_TPM_DIRVALUE(ptr, d) unpack_TPM_DIGEST(ptr, d); + +#define pack_TPM_HMAC(ptr, d) pack_TPM_DIGEST(ptr, d); +#define unpack_TPM_HMAC(ptr, d) unpack_TPM_DIGEST(ptr, d); + +#define pack_TPM_CHOSENID_HASH(ptr, d) pack_TPM_DIGEST(ptr, d); +#define unpack_TPM_CHOSENID_HASH(ptr, d) unpack_TPM_DIGEST(ptr, d); + +inline BYTE* pack_TPM_NONCE(BYTE* ptr, const TPM_NONCE* n) { + return pack_BUFFER(ptr, n->nonce, TPM_DIGEST_SIZE); +} + +inline BYTE* unpack_TPM_NONCE(BYTE* ptr, TPM_NONCE* n) { + return unpack_BUFFER(ptr, n->nonce, TPM_DIGEST_SIZE); +} + +inline BYTE* pack_TPM_SYMMETRIC_KEY_PARMS(BYTE* ptr, const TPM_SYMMETRIC_KEY_PARMS* k) { + ptr = pack_UINT32(ptr, k->keyLength); + ptr = pack_UINT32(ptr, k->blockSize); + ptr = pack_UINT32(ptr, k->ivSize); + return pack_BUFFER(ptr, k->IV, k->ivSize); +} + +inline BYTE* unpack_TPM_SYMMETRIC_KEY_PARMS(BYTE* ptr, TPM_SYMMETRIC_KEY_PARMS* k, UnpackPtr alloc) { + ptr = unpack_UINT32(ptr, &k->keyLength); + ptr = unpack_UINT32(ptr, &k->blockSize); + ptr = unpack_UINT32(ptr, &k->ivSize); + return unpack_PTR(ptr, &k->IV, k->ivSize, alloc); +} + +inline BYTE* pack_TPM_RSA_KEY_PARMS(BYTE* ptr, const TPM_RSA_KEY_PARMS* k) { + ptr = pack_UINT32(ptr, k->keyLength); + ptr = pack_UINT32(ptr, k->numPrimes); + ptr = pack_UINT32(ptr, k->exponentSize); + return pack_BUFFER(ptr, k->exponent, k->exponentSize); +} + +inline BYTE* unpack_TPM_RSA_KEY_PARMS(BYTE* ptr, TPM_RSA_KEY_PARMS* k, UnpackPtr alloc) { + ptr = unpack_UINT32(ptr, &k->keyLength); + ptr = unpack_UINT32(ptr, &k->numPrimes); + ptr = unpack_UINT32(ptr, &k->exponentSize); + return unpack_PTR(ptr, &k->exponent, k->exponentSize, alloc); +} + +inline BYTE* pack_TPM_KEY_PARMS(BYTE* ptr, const TPM_KEY_PARMS* k) { + ptr = pack_TPM_ALGORITHM_ID(ptr, k->algorithmID); + ptr = pack_TPM_ENC_SCHEME(ptr, k->encScheme); + ptr = pack_TPM_SIG_SCHEME(ptr, k->sigScheme); + ptr = pack_UINT32(ptr, k->parmSize); + + if(k->parmSize) { + switch(k->algorithmID) { + case TPM_ALG_RSA: + return pack_TPM_RSA_KEY_PARMS(ptr, &k->parms.rsa); + case TPM_ALG_AES128: + case TPM_ALG_AES192: + case TPM_ALG_AES256: + return pack_TPM_SYMMETRIC_KEY_PARMS(ptr, &k->parms.sym); + } + } + return ptr; +} + +inline BYTE* unpack_TPM_KEY_PARMS(BYTE* ptr, TPM_KEY_PARMS* k, UnpackPtr alloc) { + ptr = unpack_TPM_ALGORITHM_ID(ptr, &k->algorithmID); + ptr = unpack_TPM_ENC_SCHEME(ptr, &k->encScheme); + ptr = unpack_TPM_SIG_SCHEME(ptr, &k->sigScheme); + ptr = unpack_UINT32(ptr, &k->parmSize); + + if(k->parmSize) { + switch(k->algorithmID) { + case TPM_ALG_RSA: + return unpack_TPM_RSA_KEY_PARMS(ptr, &k->parms.rsa, alloc); + case TPM_ALG_AES128: + case TPM_ALG_AES192: + case TPM_ALG_AES256: + return unpack_TPM_SYMMETRIC_KEY_PARMS(ptr, &k->parms.sym, alloc); + } + } + return ptr; +} + +inline BYTE* pack_TPM_STORE_PUBKEY(BYTE* ptr, const TPM_STORE_PUBKEY* k) { + ptr = pack_UINT32(ptr, k->keyLength); + ptr = pack_BUFFER(ptr, k->key, k->keyLength); + return ptr; +} + +inline BYTE* unpack_TPM_STORE_PUBKEY(BYTE* ptr, TPM_STORE_PUBKEY* k, UnpackPtr alloc) { + ptr = unpack_UINT32(ptr, &k->keyLength); + ptr = unpack_PTR(ptr, &k->key, k->keyLength, alloc); + return ptr; +} + +inline BYTE* pack_TPM_PUBKEY(BYTE* ptr, const TPM_PUBKEY* k) { + ptr = pack_TPM_KEY_PARMS(ptr, &k->algorithmParms); + return pack_TPM_STORE_PUBKEY(ptr, &k->pubKey); +} + +inline BYTE* unpack_TPM_PUBKEY(BYTE* ptr, TPM_PUBKEY* k, UnpackPtr alloc) { + ptr = unpack_TPM_KEY_PARMS(ptr, &k->algorithmParms, alloc); + return unpack_TPM_STORE_PUBKEY(ptr, &k->pubKey, alloc); +} + +inline BYTE* pack_TPM_PCR_SELECTION(BYTE* ptr, const TPM_PCR_SELECTION* p) { + ptr = pack_UINT16(ptr, p->sizeOfSelect); + ptr = pack_BUFFER(ptr, p->pcrSelect, p->sizeOfSelect); + return ptr; +} + +inline BYTE* unpack_TPM_PCR_SELECTION(BYTE* ptr, TPM_PCR_SELECTION* p, UnpackPtr alloc) { + ptr = unpack_UINT16(ptr, &p->sizeOfSelect); + ptr = unpack_PTR(ptr, &p->pcrSelect, p->sizeOfSelect, alloc); + return ptr; +} + +inline BYTE* pack_TPM_PCR_INFO(BYTE* ptr, const TPM_PCR_INFO* p) { + ptr = pack_TPM_PCR_SELECTION(ptr, &p->pcrSelection); + ptr = pack_TPM_COMPOSITE_HASH(ptr, &p->digestAtRelease); + ptr = pack_TPM_COMPOSITE_HASH(ptr, &p->digestAtCreation); + return ptr; +} + +inline BYTE* unpack_TPM_PCR_INFO(BYTE* ptr, TPM_PCR_INFO* p, UnpackPtr alloc) { + ptr = unpack_TPM_PCR_SELECTION(ptr, &p->pcrSelection, alloc); + ptr = unpack_TPM_COMPOSITE_HASH(ptr, &p->digestAtRelease); + ptr = unpack_TPM_COMPOSITE_HASH(ptr, &p->digestAtCreation); + return ptr; +} + +inline BYTE* pack_TPM_PCR_COMPOSITE(BYTE* ptr, const TPM_PCR_COMPOSITE* p) { + ptr = pack_TPM_PCR_SELECTION(ptr, &p->select); + ptr = pack_UINT32(ptr, p->valueSize); + ptr = pack_BUFFER(ptr, (const BYTE*)p->pcrValue, p->valueSize); + return ptr; +} + +inline BYTE* unpack_TPM_PCR_COMPOSITE(BYTE* ptr, TPM_PCR_COMPOSITE* p, UnpackPtr alloc) { + ptr = unpack_TPM_PCR_SELECTION(ptr, &p->select, alloc); + ptr = unpack_UINT32(ptr, &p->valueSize); + ptr = unpack_PTR(ptr, (BYTE**)&p->pcrValue, p->valueSize, alloc); + return ptr; +} + +inline BYTE* pack_TPM_KEY(BYTE* ptr, const TPM_KEY* k) { + ptr = pack_TPM_VERSION(ptr, &k->ver); + ptr = pack_TPM_KEY_USAGE(ptr, k->keyUsage); + ptr = pack_TPM_KEY_FLAGS(ptr, k->keyFlags); + ptr = pack_TPM_AUTH_DATA_USAGE(ptr, k->authDataUsage); + ptr = pack_TPM_KEY_PARMS(ptr, &k->algorithmParms); + ptr = pack_UINT32(ptr, k->PCRInfoSize); + if(k->PCRInfoSize) { + ptr = pack_TPM_PCR_INFO(ptr, &k->PCRInfo); + } + ptr = pack_TPM_STORE_PUBKEY(ptr, &k->pubKey); + ptr = pack_UINT32(ptr, k->encDataSize); + return pack_BUFFER(ptr, k->encData, k->encDataSize); +} + +inline BYTE* unpack_TPM_KEY(BYTE* ptr, TPM_KEY* k, UnpackPtr alloc) { + ptr = unpack_TPM_VERSION(ptr, &k->ver); + ptr = unpack_TPM_KEY_USAGE(ptr, &k->keyUsage); + ptr = unpack_TPM_KEY_FLAGS(ptr, &k->keyFlags); + ptr = unpack_TPM_AUTH_DATA_USAGE(ptr, &k->authDataUsage); + ptr = unpack_TPM_KEY_PARMS(ptr, &k->algorithmParms, alloc); + ptr = unpack_UINT32(ptr, &k->PCRInfoSize); + if(k->PCRInfoSize) { + ptr = unpack_TPM_PCR_INFO(ptr, &k->PCRInfo, alloc); + } + ptr = unpack_TPM_STORE_PUBKEY(ptr, &k->pubKey, alloc); + ptr = unpack_UINT32(ptr, &k->encDataSize); + return unpack_PTR(ptr, &k->encData, k->encDataSize, alloc); +} + +inline BYTE* pack_TPM_BOUND_DATA(BYTE* ptr, const TPM_BOUND_DATA* b, UINT32 payloadSize) { + ptr = pack_TPM_VERSION(ptr, &b->ver); + ptr = pack_TPM_PAYLOAD_TYPE(ptr, b->payload); + return pack_BUFFER(ptr, b->payloadData, payloadSize); +} + +inline BYTE* unpack_TPM_BOUND_DATA(BYTE* ptr, TPM_BOUND_DATA* b, UINT32 payloadSize, UnpackPtr alloc) { + ptr = unpack_TPM_VERSION(ptr, &b->ver); + ptr = unpack_TPM_PAYLOAD_TYPE(ptr, &b->payload); + return unpack_PTR(ptr, &b->payloadData, payloadSize, alloc); +} + +inline BYTE* pack_TPM_STORED_DATA(BYTE* ptr, const TPM_STORED_DATA* d) { + ptr = pack_TPM_VERSION(ptr, &d->ver); + ptr = pack_UINT32(ptr, d->sealInfoSize); + if(d->sealInfoSize) { + ptr = pack_TPM_PCR_INFO(ptr, &d->sealInfo); + } + ptr = pack_UINT32(ptr, d->encDataSize); + ptr = pack_BUFFER(ptr, d->encData, d->encDataSize); + return ptr; +} + +inline BYTE* unpack_TPM_STORED_DATA(BYTE* ptr, TPM_STORED_DATA* d, UnpackPtr alloc) { + ptr = unpack_TPM_VERSION(ptr, &d->ver); + ptr = unpack_UINT32(ptr, &d->sealInfoSize); + if(d->sealInfoSize) { + ptr = unpack_TPM_PCR_INFO(ptr, &d->sealInfo, alloc); + } + ptr = unpack_UINT32(ptr, &d->encDataSize); + ptr = unpack_PTR(ptr, &d->encData, d->encDataSize, alloc); + return ptr; +} + +inline BYTE* pack_TPM_AUTH_SESSION(BYTE* ptr, const TPM_AUTH_SESSION* auth) { + ptr = pack_TPM_AUTH_HANDLE(ptr, auth->AuthHandle); + ptr = pack_TPM_NONCE(ptr, &auth->NonceOdd); + ptr = pack_BOOL(ptr, auth->fContinueAuthSession); + ptr = pack_TPM_AUTHDATA(ptr, &auth->HMAC); + return ptr; +} + +inline BYTE* unpack_TPM_AUTH_SESSION(BYTE* ptr, TPM_AUTH_SESSION* auth) { + ptr = unpack_TPM_NONCE(ptr, &auth->NonceEven); + ptr = unpack_BOOL(ptr, &auth->fContinueAuthSession); + ptr = unpack_TPM_AUTHDATA(ptr, &auth->HMAC); + return ptr; +} + +inline BYTE* pack_TPM_RQU_HEADER(BYTE* ptr, + TPM_TAG tag, + UINT32 size, + TPM_COMMAND_CODE ord) { + ptr = pack_UINT16(ptr, tag); + ptr = pack_UINT32(ptr, size); + return pack_UINT32(ptr, ord); +} + +inline BYTE* unpack_TPM_RQU_HEADER(BYTE* ptr, + TPM_TAG* tag, + UINT32* size, + TPM_COMMAND_CODE* ord) { + ptr = unpack_UINT16(ptr, tag); + ptr = unpack_UINT32(ptr, size); + ptr = unpack_UINT32(ptr, ord); + return ptr; +} + +#define pack_TPM_RSP_HEADER(p, t, s, r) pack_TPM_RQU_HEADER(p, t, s, r); +#define unpack_TPM_RSP_HEADER(p, t, s, r) unpack_TPM_RQU_HEADER(p, t, s, r); + +#endif diff -r 06b884fed150 -r 600a6694754a stubdom/vtpmmgr/minios.cfg --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpmmgr/minios.cfg Fri Jan 18 10:55:43 2013 +0000 @@ -0,0 +1,14 @@ +CONFIG_TPMFRONT=y +CONFIG_TPM_TIS=y +CONFIG_TPMBACK=y +CONFIG_START_NETWORK=n +CONFIG_TEST=n +CONFIG_PCIFRONT=n +CONFIG_BLKFRONT=y +CONFIG_NETFRONT=n +CONFIG_FBFRONT=n +CONFIG_KBDFRONT=n +CONFIG_CONSFRONT=n +CONFIG_XENBUS=y +CONFIG_LWIP=n +CONFIG_XC=n diff -r 06b884fed150 -r 600a6694754a stubdom/vtpmmgr/tcg.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpmmgr/tcg.h Fri Jan 18 10:55:43 2013 +0000 @@ -0,0 +1,707 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * based off of the original tools/vtpm_manager code base which is: + * Copyright (c) 2005 Intel Corp. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * * Neither the name of Intel Corporation nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + +#ifndef __TCG_H__ +#define __TCG_H__ + +#include +#include + +// **************************** CONSTANTS ********************************* + +// BOOL values +#define TRUE 0x01 +#define FALSE 0x00 + +#define TCPA_MAX_BUFFER_LENGTH 0x2000 + +// +// TPM_COMMAND_CODE values +#define TPM_PROTECTED_ORDINAL 0x00000000UL +#define TPM_UNPROTECTED_ORDINAL 0x80000000UL +#define TPM_CONNECTION_ORDINAL 0x40000000UL +#define TPM_VENDOR_ORDINAL 0x20000000UL + +#define TPM_ORD_OIAP (10UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_OSAP (11UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_ChangeAuth (12UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_TakeOwnership (13UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_ChangeAuthAsymStart (14UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_ChangeAuthAsymFinish (15UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_ChangeAuthOwner (16UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_Extend (20UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_PcrRead (21UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_Quote (22UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_Seal (23UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_Unseal (24UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_DirWriteAuth (25UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_DirRead (26UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_UnBind (30UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_CreateWrapKey (31UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_LoadKey (32UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_GetPubKey (33UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_EvictKey (34UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_CreateMigrationBlob (40UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_ReWrapKey (41UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_ConvertMigrationBlob (42UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_AuthorizeMigrationKey (43UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_CreateMaintenanceArchive (44UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_LoadMaintenanceArchive (45UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_KillMaintenanceFeature (46UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_LoadManuMaintPub (47UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_ReadManuMaintPub (48UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_CertifyKey (50UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_Sign (60UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_GetRandom (70UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_StirRandom (71UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_SelfTestFull (80UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_SelfTestStartup (81UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_CertifySelfTest (82UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_ContinueSelfTest (83UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_GetTestResult (84UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_Reset (90UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_OwnerClear (91UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_DisableOwnerClear (92UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_ForceClear (93UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_DisableForceClear (94UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_GetCapabilitySigned (100UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_GetCapability (101UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_GetCapabilityOwner (102UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_OwnerSetDisable (110UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_PhysicalEnable (111UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_PhysicalDisable (112UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_SetOwnerInstall (113UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_PhysicalSetDeactivated (114UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_SetTempDeactivated (115UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_CreateEndorsementKeyPair (120UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_MakeIdentity (121UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_ActivateIdentity (122UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_ReadPubek (124UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_OwnerReadPubek (125UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_DisablePubekRead (126UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_GetAuditEvent (130UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_GetAuditEventSigned (131UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_GetOrdinalAuditStatus (140UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_SetOrdinalAuditStatus (141UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_Terminate_Handle (150UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_Init (151UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_SaveState (152UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_Startup (153UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_SetRedirection (154UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_SHA1Start (160UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_SHA1Update (161UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_SHA1Complete (162UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_SHA1CompleteExtend (163UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_FieldUpgrade (170UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_SaveKeyContext (180UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_LoadKeyContext (181UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_SaveAuthContext (182UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_LoadAuthContext (183UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_SaveContext (184UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_LoadContext (185UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_FlushSpecific (186UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_PCR_Reset (200UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_NV_DefineSpace (204UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_NV_WriteValue (205UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_NV_WriteValueAuth (206UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_NV_ReadValue (207UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_NV_ReadValueAuth (208UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_Delegate_UpdateVerification (209UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_Delegate_Manage (210UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_Delegate_CreateKeyDelegation (212UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_Delegate_CreateOwnerDelegation (213UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_Delegate_VerifyDelegation (214UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_Delegate_LoadOwnerDelegation (216UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_Delegate_ReadAuth (217UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_Delegate_ReadTable (219UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_CreateCounter (220UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_IncrementCounter (221UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_ReadCounter (222UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_ReleaseCounter (223UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_ReleaseCounterOwner (224UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_EstablishTransport (230UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_ExecuteTransport (231UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_ReleaseTransportSigned (232UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_GetTicks (241UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_TickStampBlob (242UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_MAX (256UL + TPM_PROTECTED_ORDINAL) + +#define TSC_ORD_PhysicalPresence (10UL + TPM_CONNECTION_ORDINAL) + + + +// +// TPM_RESULT values +// +// just put in the whole table from spec 1.2 + +#define TPM_BASE 0x0 // The start of TPM return codes +#define TPM_VENDOR_ERROR 0x00000400 // Mask to indicate that the error code is vendor specific for vendor specific commands +#define TPM_NON_FATAL 0x00000800 // Mask to indicate that the error code is a non-fatal failure. + +#define TPM_SUCCESS TPM_BASE // Successful completion of the operation +#define TPM_AUTHFAIL TPM_BASE + 1 // Authentication failed +#define TPM_BADINDEX TPM_BASE + 2 // The index to a PCR, DIR or other register is incorrect +#define TPM_BAD_PARAMETER TPM_BASE + 3 // One or more parameter is bad +#define TPM_AUDITFAILURE TPM_BASE + 4 // An operation completed successfully but the auditing of that operation failed. +#define TPM_CLEAR_DISABLED TPM_BASE + 5 // The clear disable flag is set and all clear operations now require physical access +#define TPM_DEACTIVATED TPM_BASE + 6 // The TPM is deactivated +#define TPM_DISABLED TPM_BASE + 7 // The TPM is disabled +#define TPM_DISABLED_CMD TPM_BASE + 8 // The target command has been disabled +#define TPM_FAIL TPM_BASE + 9 // The operation failed +#define TPM_BAD_ORDINAL TPM_BASE + 10 // The ordinal was unknown or inconsistent +#define TPM_INSTALL_DISABLED TPM_BASE + 11 // The ability to install an owner is disabled +#define TPM_INVALID_KEYHANDLE TPM_BASE + 12 // The key handle presented was invalid +#define TPM_KEYNOTFOUND TPM_BASE + 13 // The target key was not found +#define TPM_INAPPROPRIATE_ENC TPM_BASE + 14 // Unacceptable encryption scheme +#define TPM_MIGRATEFAIL TPM_BASE + 15 // Migration authorization failed +#define TPM_INVALID_PCR_INFO TPM_BASE + 16 // PCR information could not be interpreted +#define TPM_NOSPACE TPM_BASE + 17 // No room to load key. +#define TPM_NOSRK TPM_BASE + 18 // There is no SRK set +#define TPM_NOTSEALED_BLOB TPM_BASE + 19 // An encrypted blob is invalid or was not created by this TPM +#define TPM_OWNER_SET TPM_BASE + 20 // There is already an Owner +#define TPM_RESOURCES TPM_BASE + 21 // The TPM has insufficient internal resources to perform the requested action. +#define TPM_SHORTRANDOM TPM_BASE + 22 // A random string was too short +#define TPM_SIZE TPM_BASE + 23 // The TPM does not have the space to perform the operation. +#define TPM_WRONGPCRVAL TPM_BASE + 24 // The named PCR value does not match the current PCR value. +#define TPM_BAD_PARAM_SIZE TPM_BASE + 25 // The paramSize argument to the command has the incorrect value +#define TPM_SHA_THREAD TPM_BASE + 26 // There is no existing SHA-1 thread. +#define TPM_SHA_ERROR TPM_BASE + 27 // The calculation is unable to proceed because the existing SHA-1 thread has already encountered an error. +#define TPM_FAILEDSELFTEST TPM_BASE + 28 // Self-test has failed and the TPM has shutdown. +#define TPM_AUTH2FAIL TPM_BASE + 29 // The authorization for the second key in a 2 key function failed authorization +#define TPM_BADTAG TPM_BASE + 30 // The tag value sent to for a command is invalid +#define TPM_IOERROR TPM_BASE + 31 // An IO error occurred transmitting information to the TPM +#define TPM_ENCRYPT_ERROR TPM_BASE + 32 // The encryption process had a problem. +#define TPM_DECRYPT_ERROR TPM_BASE + 33 // The decryption process did not complete. +#define TPM_INVALID_AUTHHANDLE TPM_BASE + 34 // An invalid handle was used. +#define TPM_NO_ENDORSEMENT TPM_BASE + 35 // The TPM does not a EK installed +#define TPM_INVALID_KEYUSAGE TPM_BASE + 36 // The usage of a key is not allowed +#define TPM_WRONG_ENTITYTYPE TPM_BASE + 37 // The submitted entity type is not allowed +#define TPM_INVALID_POSTINIT TPM_BASE + 38 // The command was received in the wrong sequence relative to TPM_Init and a subsequent TPM_Startup +#define TPM_INAPPROPRIATE_SIG TPM_BASE + 39 // Signed data cannot include additional DER information +#define TPM_BAD_KEY_PROPERTY TPM_BASE + 40 // The key properties in TPM_KEY_PARMs are not supported by this TPM + +#define TPM_BAD_MIGRATION TPM_BASE + 41 // The migration properties of this key are incorrect. +#define TPM_BAD_SCHEME TPM_BASE + 42 // The signature or encryption scheme for this key is incorrect or not permitted in this situation. +#define TPM_BAD_DATASIZE TPM_BASE + 43 // The size of the data (or blob) parameter is bad or inconsistent with the referenced key +#define TPM_BAD_MODE TPM_BASE + 44 // A mode parameter is bad, such as capArea or subCapArea for TPM_GetCapability, phsicalPresence parameter for TPM_PhysicalPresence, or migrationType for TPM_CreateMigrationBlob. +#define TPM_BAD_PRESENCE TPM_BASE + 45 // Either the physicalPresence or physicalPresenceLock bits have the wrong value +#define TPM_BAD_VERSION TPM_BASE + 46 // The TPM cannot perform this version of the capability +#define TPM_NO_WRAP_TRANSPORT TPM_BASE + 47 // The TPM does not allow for wrapped transport sessions +#define TPM_AUDITFAIL_UNSUCCESSFUL TPM_BASE + 48 // TPM audit construction failed and the underlying command was returning a failure code also +#define TPM_AUDITFAIL_SUCCESSFUL TPM_BASE + 49 // TPM audit construction failed and the underlying command was returning success +#define TPM_NOTRESETABLE TPM_BASE + 50 // Attempt to reset a PCR register that does not have the resettable attribute +#define TPM_NOTLOCAL TPM_BASE + 51 // Attempt to reset a PCR register that requires locality and locality modifier not part of command transport +#define TPM_BAD_TYPE TPM_BASE + 52 // Make identity blob not properly typed +#define TPM_INVALID_RESOURCE TPM_BASE + 53 // When saving context identified resource type does not match actual resource +#define TPM_NOTFIPS TPM_BASE + 54 // The TPM is attempting to execute a command only available when in FIPS mode +#define TPM_INVALID_FAMILY TPM_BASE + 55 // The command is attempting to use an invalid family ID +#define TPM_NO_NV_PERMISSION TPM_BASE + 56 // The permission to manipulate the NV storage is not available +#define TPM_REQUIRES_SIGN TPM_BASE + 57 // The operation requires a signed command +#define TPM_KEY_NOTSUPPORTED TPM_BASE + 58 // Wrong operation to load an NV key +#define TPM_AUTH_CONFLICT TPM_BASE + 59 // NV_LoadKey blob requires both owner and blob authorization +#define TPM_AREA_LOCKED TPM_BASE + 60 // The NV area is locked and not writtable +#define TPM_BAD_LOCALITY TPM_BASE + 61 // The locality is incorrect for the attempted operation +#define TPM_READ_ONLY TPM_BASE + 62 // The NV area is read only and can't be written to +#define TPM_PER_NOWRITE TPM_BASE + 63 // There is no protection on the write to the NV area +#define TPM_FAMILYCOUNT TPM_BASE + 64 // The family count value does not match +#define TPM_WRITE_LOCKED TPM_BASE + 65 // The NV area has already been written to +#define TPM_BAD_ATTRIBUTES TPM_BASE + 66 // The NV area attributes conflict +#define TPM_INVALID_STRUCTURE TPM_BASE + 67 // The structure tag and version are invalid or inconsistent +#define TPM_KEY_OWNER_CONTROL TPM_BASE + 68 // The key is under control of the TPM Owner and can only be evicted by the TPM Owner. +#define TPM_BAD_COUNTER TPM_BASE + 69 // The counter handle is incorrect +#define TPM_NOT_FULLWRITE TPM_BASE + 70 // The write is not a complete write of the area +#define TPM_CONTEXT_GAP TPM_BASE + 71 // The gap between saved context counts is too large +#define TPM_MAXNVWRITES TPM_BASE + 72 // The maximum number of NV writes without an owner has been exceeded +#define TPM_NOOPERATOR TPM_BASE + 73 // No operator authorization value is set +#define TPM_RESOURCEMISSING TPM_BASE + 74 // The resource pointed to by context is not loaded +#define TPM_DELEGATE_LOCK TPM_BASE + 75 // The delegate administration is locked +#define TPM_DELEGATE_FAMILY TPM_BASE + 76 // Attempt to manage a family other then the delegated family +#define TPM_DELEGATE_ADMIN TPM_BASE + 77 // Delegation table management not enabled +#define TPM_TRANSPORT_EXCLUSIVE TPM_BASE + 78 // There was a command executed outside of an exclusive transport session + +// TPM_STARTUP_TYPE values +#define TPM_ST_CLEAR 0x0001 +#define TPM_ST_STATE 0x0002 +#define TPM_ST_DEACTIVATED 0x003 + +// TPM_TAG values +#define TPM_TAG_RQU_COMMAND 0x00c1 +#define TPM_TAG_RQU_AUTH1_COMMAND 0x00c2 +#define TPM_TAG_RQU_AUTH2_COMMAND 0x00c3 +#define TPM_TAG_RSP_COMMAND 0x00c4 +#define TPM_TAG_RSP_AUTH1_COMMAND 0x00c5 +#define TPM_TAG_RSP_AUTH2_COMMAND 0x00c6 + +// TPM_PAYLOAD_TYPE values +#define TPM_PT_ASYM 0x01 +#define TPM_PT_BIND 0x02 +#define TPM_PT_MIGRATE 0x03 +#define TPM_PT_MAINT 0x04 +#define TPM_PT_SEAL 0x05 + +// TPM_ENTITY_TYPE values +#define TPM_ET_KEYHANDLE 0x0001 +#define TPM_ET_OWNER 0x0002 +#define TPM_ET_DATA 0x0003 +#define TPM_ET_SRK 0x0004 +#define TPM_ET_KEY 0x0005 + +/// TPM_ResourceTypes +#define TPM_RT_KEY 0x00000001 +#define TPM_RT_AUTH 0x00000002 +#define TPM_RT_HASH 0x00000003 +#define TPM_RT_TRANS 0x00000004 +#define TPM_RT_CONTEXT 0x00000005 +#define TPM_RT_COUNTER 0x00000006 +#define TPM_RT_DELEGATE 0x00000007 +#define TPM_RT_DAA_TPM 0x00000008 +#define TPM_RT_DAA_V0 0x00000009 +#define TPM_RT_DAA_V1 0x0000000A + + + +// TPM_PROTOCOL_ID values +#define TPM_PID_OIAP 0x0001 +#define TPM_PID_OSAP 0x0002 +#define TPM_PID_ADIP 0x0003 +#define TPM_PID_ADCP 0x0004 +#define TPM_PID_OWNER 0x0005 + +// TPM_ALGORITHM_ID values +#define TPM_ALG_RSA 0x00000001 +#define TPM_ALG_SHA 0x00000004 +#define TPM_ALG_HMAC 0x00000005 +#define TPM_ALG_AES128 0x00000006 +#define TPM_ALG_MFG1 0x00000007 +#define TPM_ALG_AES192 0x00000008 +#define TPM_ALG_AES256 0x00000009 +#define TPM_ALG_XOR 0x0000000A + +// TPM_ENC_SCHEME values +#define TPM_ES_NONE 0x0001 +#define TPM_ES_RSAESPKCSv15 0x0002 +#define TPM_ES_RSAESOAEP_SHA1_MGF1 0x0003 + +// TPM_SIG_SCHEME values +#define TPM_SS_NONE 0x0001 +#define TPM_SS_RSASSAPKCS1v15_SHA1 0x0002 +#define TPM_SS_RSASSAPKCS1v15_DER 0x0003 + +/* + * TPM_CAPABILITY_AREA Values for TPM_GetCapability ([TPM_Part2], Section 21.1) + */ +#define TPM_CAP_ORD 0x00000001 +#define TPM_CAP_ALG 0x00000002 +#define TPM_CAP_PID 0x00000003 +#define TPM_CAP_FLAG 0x00000004 +#define TPM_CAP_PROPERTY 0x00000005 +#define TPM_CAP_VERSION 0x00000006 +#define TPM_CAP_KEY_HANDLE 0x00000007 +#define TPM_CAP_CHECK_LOADED 0x00000008 +#define TPM_CAP_SYM_MODE 0x00000009 +#define TPM_CAP_KEY_STATUS 0x0000000C +#define TPM_CAP_NV_LIST 0x0000000D +#define TPM_CAP_MFR 0x00000010 +#define TPM_CAP_NV_INDEX 0x00000011 +#define TPM_CAP_TRANS_ALG 0x00000012 +#define TPM_CAP_HANDLE 0x00000014 +#define TPM_CAP_TRANS_ES 0x00000015 +#define TPM_CAP_AUTH_ENCRYPT 0x00000017 +#define TPM_CAP_SELECT_SIZE 0x00000018 +#define TPM_CAP_DA_LOGIC 0x00000019 +#define TPM_CAP_VERSION_VAL 0x0000001A + +/* subCap definitions ([TPM_Part2], Section 21.2) */ +#define TPM_CAP_PROP_PCR 0x00000101 +#define TPM_CAP_PROP_DIR 0x00000102 +#define TPM_CAP_PROP_MANUFACTURER 0x00000103 +#define TPM_CAP_PROP_KEYS 0x00000104 +#define TPM_CAP_PROP_MIN_COUNTER 0x00000107 +#define TPM_CAP_FLAG_PERMANENT 0x00000108 +#define TPM_CAP_FLAG_VOLATILE 0x00000109 +#define TPM_CAP_PROP_AUTHSESS 0x0000010A +#define TPM_CAP_PROP_TRANSESS 0x0000010B +#define TPM_CAP_PROP_COUNTERS 0x0000010C +#define TPM_CAP_PROP_MAX_AUTHSESS 0x0000010D +#define TPM_CAP_PROP_MAX_TRANSESS 0x0000010E +#define TPM_CAP_PROP_MAX_COUNTERS 0x0000010F +#define TPM_CAP_PROP_MAX_KEYS 0x00000110 +#define TPM_CAP_PROP_OWNER 0x00000111 +#define TPM_CAP_PROP_CONTEXT 0x00000112 +#define TPM_CAP_PROP_MAX_CONTEXT 0x00000113 +#define TPM_CAP_PROP_FAMILYROWS 0x00000114 +#define TPM_CAP_PROP_TIS_TIMEOUT 0x00000115 +#define TPM_CAP_PROP_STARTUP_EFFECT 0x00000116 +#define TPM_CAP_PROP_DELEGATE_ROW 0x00000117 +#define TPM_CAP_PROP_MAX_DAASESS 0x00000119 +#define TPM_CAP_PROP_DAASESS 0x0000011A +#define TPM_CAP_PROP_CONTEXT_DIST 0x0000011B +#define TPM_CAP_PROP_DAA_INTERRUPT 0x0000011C +#define TPM_CAP_PROP_SESSIONS 0x0000011D +#define TPM_CAP_PROP_MAX_SESSIONS 0x0000011E +#define TPM_CAP_PROP_CMK_RESTRICTION 0x0000011F +#define TPM_CAP_PROP_DURATION 0x00000120 +#define TPM_CAP_PROP_ACTIVE_COUNTER 0x00000122 +#define TPM_CAP_PROP_MAX_NV_AVAILABLE 0x00000123 +#define TPM_CAP_PROP_INPUT_BUFFER 0x00000124 + +// TPM_KEY_USAGE values +#define TPM_KEY_EK 0x0000 +#define TPM_KEY_SIGNING 0x0010 +#define TPM_KEY_STORAGE 0x0011 +#define TPM_KEY_IDENTITY 0x0012 +#define TPM_KEY_AUTHCHANGE 0X0013 +#define TPM_KEY_BIND 0x0014 +#define TPM_KEY_LEGACY 0x0015 + +// TPM_AUTH_DATA_USAGE values +#define TPM_AUTH_NEVER 0x00 +#define TPM_AUTH_ALWAYS 0x01 + +// Key Handle of owner and srk +#define TPM_OWNER_KEYHANDLE 0x40000001 +#define TPM_SRK_KEYHANDLE 0x40000000 + + + +// *************************** TYPEDEFS ********************************* +typedef unsigned char BYTE; +typedef unsigned char BOOL; +typedef uint16_t UINT16; +typedef uint32_t UINT32; +typedef uint64_t UINT64; + +typedef UINT32 TPM_RESULT; +typedef UINT32 TPM_PCRINDEX; +typedef UINT32 TPM_DIRINDEX; +typedef UINT32 TPM_HANDLE; +typedef TPM_HANDLE TPM_AUTHHANDLE; +typedef TPM_HANDLE TCPA_HASHHANDLE; +typedef TPM_HANDLE TCPA_HMACHANDLE; +typedef TPM_HANDLE TCPA_ENCHANDLE; +typedef TPM_HANDLE TPM_KEY_HANDLE; +typedef TPM_HANDLE TCPA_ENTITYHANDLE; +typedef UINT32 TPM_RESOURCE_TYPE; +typedef UINT32 TPM_COMMAND_CODE; +typedef UINT16 TPM_PROTOCOL_ID; +typedef BYTE TPM_AUTH_DATA_USAGE; +typedef UINT16 TPM_ENTITY_TYPE; +typedef UINT32 TPM_ALGORITHM_ID; +typedef UINT16 TPM_KEY_USAGE; +typedef UINT16 TPM_STARTUP_TYPE; +typedef UINT32 TPM_CAPABILITY_AREA; +typedef UINT16 TPM_ENC_SCHEME; +typedef UINT16 TPM_SIG_SCHEME; +typedef UINT16 TPM_MIGRATE_SCHEME; +typedef UINT16 TPM_PHYSICAL_PRESENCE; +typedef UINT32 TPM_KEY_FLAGS; + +#define TPM_DIGEST_SIZE 20 // Don't change this +typedef BYTE TPM_AUTHDATA[TPM_DIGEST_SIZE]; +typedef TPM_AUTHDATA TPM_SECRET; +typedef TPM_AUTHDATA TPM_ENCAUTH; +typedef BYTE TPM_PAYLOAD_TYPE; +typedef UINT16 TPM_TAG; +typedef UINT16 TPM_STRUCTURE_TAG; + +// Data Types of the TCS +typedef UINT32 TCS_AUTHHANDLE; // Handle addressing a authorization session +typedef UINT32 TCS_CONTEXT_HANDLE; // Basic context handle +typedef UINT32 TCS_KEY_HANDLE; // Basic key handle + +// ************************* STRUCTURES ********************************** + +typedef struct TPM_VERSION { + BYTE major; + BYTE minor; + BYTE revMajor; + BYTE revMinor; +} TPM_VERSION; + +static const TPM_VERSION TPM_STRUCT_VER_1_1 = { 1,1,0,0 }; + +typedef struct TPM_CAP_VERSION_INFO { + TPM_STRUCTURE_TAG tag; + TPM_VERSION version; + UINT16 specLevel; + BYTE errataRev; + BYTE tpmVendorID[4]; + UINT16 vendorSpecificSize; + BYTE* vendorSpecific; +} TPM_CAP_VERSION_INFO; + +inline void free_TPM_CAP_VERSION_INFO(TPM_CAP_VERSION_INFO* v) { + free(v->vendorSpecific); + v->vendorSpecific = NULL; +} + +typedef struct TPM_DIGEST { + BYTE digest[TPM_DIGEST_SIZE]; +} TPM_DIGEST; + +typedef TPM_DIGEST TPM_PCRVALUE; +typedef TPM_DIGEST TPM_COMPOSITE_HASH; +typedef TPM_DIGEST TPM_DIRVALUE; +typedef TPM_DIGEST TPM_HMAC; +typedef TPM_DIGEST TPM_CHOSENID_HASH; + +typedef struct TPM_NONCE { + BYTE nonce[TPM_DIGEST_SIZE]; +} TPM_NONCE; + +typedef struct TPM_SYMMETRIC_KEY_PARMS { + UINT32 keyLength; + UINT32 blockSize; + UINT32 ivSize; + BYTE* IV; +} TPM_SYMMETRIC_KEY_PARMS; + +inline void free_TPM_SYMMETRIC_KEY_PARMS(TPM_SYMMETRIC_KEY_PARMS* p) { + free(p->IV); + p->IV = NULL; +} + +#define TPM_SYMMETRIC_KEY_PARMS_INIT { 0, 0, 0, NULL } + +typedef struct TPM_RSA_KEY_PARMS { + UINT32 keyLength; + UINT32 numPrimes; + UINT32 exponentSize; + BYTE* exponent; +} TPM_RSA_KEY_PARMS; + +#define TPM_RSA_KEY_PARMS_INIT { 0, 0, 0, NULL } + +inline void free_TPM_RSA_KEY_PARMS(TPM_RSA_KEY_PARMS* p) { + free(p->exponent); + p->exponent = NULL; +} + +typedef struct TPM_KEY_PARMS { + TPM_ALGORITHM_ID algorithmID; + TPM_ENC_SCHEME encScheme; + TPM_SIG_SCHEME sigScheme; + UINT32 parmSize; + union { + TPM_SYMMETRIC_KEY_PARMS sym; + TPM_RSA_KEY_PARMS rsa; + } parms; +} TPM_KEY_PARMS; + +#define TPM_KEY_PARMS_INIT { 0, 0, 0, 0 } + +inline void free_TPM_KEY_PARMS(TPM_KEY_PARMS* p) { + if(p->parmSize) { + switch(p->algorithmID) { + case TPM_ALG_RSA: + free_TPM_RSA_KEY_PARMS(&p->parms.rsa); + break; + case TPM_ALG_AES128: + case TPM_ALG_AES192: + case TPM_ALG_AES256: + free_TPM_SYMMETRIC_KEY_PARMS(&p->parms.sym); + break; + } + } +} + +typedef struct TPM_STORE_PUBKEY { + UINT32 keyLength; + BYTE* key; +} TPM_STORE_PUBKEY; + +#define TPM_STORE_PUBKEY_INIT { 0, NULL } + +inline void free_TPM_STORE_PUBKEY(TPM_STORE_PUBKEY* p) { + free(p->key); + p->key = NULL; +} + +typedef struct TPM_PUBKEY { + TPM_KEY_PARMS algorithmParms; + TPM_STORE_PUBKEY pubKey; +} TPM_PUBKEY; + +#define TPM_PUBKEY_INIT { TPM_KEY_PARMS_INIT, TPM_STORE_PUBKEY_INIT } + +inline void free_TPM_PUBKEY(TPM_PUBKEY* k) { + free_TPM_KEY_PARMS(&k->algorithmParms); + free_TPM_STORE_PUBKEY(&k->pubKey); +} + +typedef struct TPM_PCR_SELECTION { + UINT16 sizeOfSelect; + BYTE* pcrSelect; +} TPM_PCR_SELECTION; + +#define TPM_PCR_SELECTION_INIT { 0, NULL } + +inline void free_TPM_PCR_SELECTION(TPM_PCR_SELECTION* p) { + free(p->pcrSelect); + p->pcrSelect = NULL; +} + +typedef struct TPM_PCR_INFO { + TPM_PCR_SELECTION pcrSelection; + TPM_COMPOSITE_HASH digestAtRelease; + TPM_COMPOSITE_HASH digestAtCreation; +} TPM_PCR_INFO; + +#define TPM_PCR_INFO_INIT { TPM_PCR_SELECTION_INIT } + +inline void free_TPM_PCR_INFO(TPM_PCR_INFO* p) { + free_TPM_PCR_SELECTION(&p->pcrSelection); +} + +typedef struct TPM_PCR_COMPOSITE { + TPM_PCR_SELECTION select; + UINT32 valueSize; + TPM_PCRVALUE* pcrValue; +} TPM_PCR_COMPOSITE; + +#define TPM_PCR_COMPOSITE_INIT { TPM_PCR_SELECTION_INIT, 0, NULL } + +inline void free_TPM_PCR_COMPOSITE(TPM_PCR_COMPOSITE* p) { + free_TPM_PCR_SELECTION(&p->select); + free(p->pcrValue); + p->pcrValue = NULL; +} + +typedef struct TPM_KEY { + TPM_VERSION ver; + TPM_KEY_USAGE keyUsage; + TPM_KEY_FLAGS keyFlags; + TPM_AUTH_DATA_USAGE authDataUsage; + TPM_KEY_PARMS algorithmParms; + UINT32 PCRInfoSize; + TPM_PCR_INFO PCRInfo; + TPM_STORE_PUBKEY pubKey; + UINT32 encDataSize; + BYTE* encData; +} TPM_KEY; + +#define TPM_KEY_INIT { .algorithmParms = TPM_KEY_PARMS_INIT,\ + .PCRInfoSize = 0, .PCRInfo = TPM_PCR_INFO_INIT, \ + .pubKey = TPM_STORE_PUBKEY_INIT, \ + .encDataSize = 0, .encData = NULL } + +inline void free_TPM_KEY(TPM_KEY* k) { + if(k->PCRInfoSize) { + free_TPM_PCR_INFO(&k->PCRInfo); + } + free_TPM_STORE_PUBKEY(&k->pubKey); + free(k->encData); + k->encData = NULL; +} + +typedef struct TPM_BOUND_DATA { + TPM_VERSION ver; + TPM_PAYLOAD_TYPE payload; + BYTE* payloadData; +} TPM_BOUND_DATA; + +#define TPM_BOUND_DATA_INIT { .payloadData = NULL } + +inline void free_TPM_BOUND_DATA(TPM_BOUND_DATA* d) { + free(d->payloadData); + d->payloadData = NULL; +} + +typedef struct TPM_STORED_DATA { + TPM_VERSION ver; + UINT32 sealInfoSize; + TPM_PCR_INFO sealInfo; + UINT32 encDataSize; + BYTE* encData; +} TPM_STORED_DATA; + +#define TPM_STORED_DATA_INIT { .sealInfoSize = 0, sealInfo = TPM_PCR_INFO_INIT,\ + .encDataSize = 0, .encData = NULL } + +inline void free_TPM_STORED_DATA(TPM_STORED_DATA* d) { + if(d->sealInfoSize) { + free_TPM_PCR_INFO(&d->sealInfo); + } + free(d->encData); + d->encData = NULL; +} + +typedef struct TPM_AUTH_SESSION { + TPM_AUTHHANDLE AuthHandle; + TPM_NONCE NonceOdd; // system + TPM_NONCE NonceEven; // TPM + BOOL fContinueAuthSession; + TPM_AUTHDATA HMAC; +} TPM_AUTH_SESSION; + +#define TPM_AUTH_SESSION_INIT { .AuthHandle = 0, .fContinueAuthSession = FALSE } + +// ---------------------- Functions for checking TPM_RESULTs ----------------- + +#include + +// FIXME: Review use of these and delete unneeded ones. + +// these are really badly dependent on local structure: +// DEPENDS: local var 'status' of type TPM_RESULT +// DEPENDS: label 'abort_egress' which cleans up and returns the status +#define ERRORDIE(s) do { status = s; \ + fprintf (stderr, "*** ERRORDIE in %s at %s: %i\n", __func__, __FILE__, __LINE__); \ + goto abort_egress; } \ + while (0) + +// DEPENDS: local var 'status' of type TPM_RESULT +// DEPENDS: label 'abort_egress' which cleans up and returns the status +// Try command c. If it fails, set status to s and goto abort. +#define TPMTRY(s,c) if (c != TPM_SUCCESS) { \ + status = s; \ + printf("ERROR in %s at %s:%i code: %s.\n", __func__, __FILE__, __LINE__, tpm_get_error_name(status)); \ + goto abort_egress; \ + } else {\ + status = c; \ + } + +// Try command c. If it fails, print error message, set status to actual return code. Goto abort +#define TPMTRYRETURN(c) do { status = c; \ + if (status != TPM_SUCCESS) { \ + fprintf(stderr, "ERROR in %s at %s:%i code: %s.\n", __func__, __FILE__, __LINE__, tpm_get_error_name(status)); \ + goto abort_egress; \ + } \ + } while(0) + + +#endif //__TCPA_H__ diff -r 06b884fed150 -r 600a6694754a stubdom/vtpmmgr/tpm.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpmmgr/tpm.c Fri Jan 18 10:55:43 2013 +0000 @@ -0,0 +1,938 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * based off of the original tools/vtpm_manager code base which is: + * Copyright (c) 2005, Intel Corp. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * * Neither the name of Intel Corporation nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + +#include +#include +#include +#include +#include + +#include + +#include "tcg.h" +#include "tpm.h" +#include "log.h" +#include "marshal.h" +#include "tpmrsa.h" +#include "vtpmmgr.h" + +#define TCPA_MAX_BUFFER_LENGTH 0x2000 + +#define TPM_BEGIN(TAG, ORD) \ + const TPM_TAG intag = TAG;\ +TPM_TAG tag = intag;\ +UINT32 paramSize;\ +const TPM_COMMAND_CODE ordinal = ORD;\ +TPM_RESULT status = TPM_SUCCESS;\ +BYTE in_buf[TCPA_MAX_BUFFER_LENGTH];\ +BYTE out_buf[TCPA_MAX_BUFFER_LENGTH];\ +UINT32 out_len = sizeof(out_buf);\ +BYTE* ptr = in_buf;\ +/*Print a log message */\ +vtpmloginfo(VTPM_LOG_TPM, "%s\n", __func__);\ +/* Pack the header*/\ +ptr = pack_TPM_TAG(ptr, tag);\ +ptr += sizeof(UINT32);\ +ptr = pack_TPM_COMMAND_CODE(ptr, ordinal)\ + +#define TPM_AUTH_BEGIN() \ + sha1_context sha1_ctx;\ +BYTE* authbase = ptr - sizeof(TPM_COMMAND_CODE);\ +TPM_DIGEST paramDigest;\ +sha1_starts(&sha1_ctx) + +#define TPM_AUTH1_GEN(HMACkey, auth) do {\ + sha1_finish(&sha1_ctx, paramDigest.digest);\ + generateAuth(¶mDigest, HMACkey, auth);\ + ptr = pack_TPM_AUTH_SESSION(ptr, auth);\ +} while(0) + +#define TPM_AUTH2_GEN(HMACkey, auth) do {\ + generateAuth(¶mDigest, HMACkey, auth);\ + ptr = pack_TPM_AUTH_SESSION(ptr, auth);\ +} while(0) + +#define TPM_TRANSMIT() do {\ + /* Pack the command size */\ + paramSize = ptr - in_buf;\ + pack_UINT32(in_buf + sizeof(TPM_TAG), paramSize);\ + if((status = TPM_TransmitData(in_buf, paramSize, out_buf, &out_len)) != TPM_SUCCESS) {\ + goto abort_egress;\ + }\ +} while(0) + +#define TPM_AUTH_VERIFY_BEGIN() do {\ + UINT32 buf[2] = { cpu_to_be32(status), cpu_to_be32(ordinal) };\ + sha1_starts(&sha1_ctx);\ + sha1_update(&sha1_ctx, (unsigned char*)buf, sizeof(buf));\ + authbase = ptr;\ +} while(0) + +#define TPM_AUTH1_VERIFY(HMACkey, auth) do {\ + sha1_finish(&sha1_ctx, paramDigest.digest);\ + ptr = unpack_TPM_AUTH_SESSION(ptr, auth);\ + if((status = verifyAuth(¶mDigest, HMACkey, auth)) != TPM_SUCCESS) {\ + goto abort_egress;\ + }\ +} while(0) + +#define TPM_AUTH2_VERIFY(HMACkey, auth) do {\ + ptr = unpack_TPM_AUTH_SESSION(ptr, auth);\ + if((status = verifyAuth(¶mDigest, HMACkey, auth)) != TPM_SUCCESS) {\ + goto abort_egress;\ + }\ +} while(0) + + + +#define TPM_UNPACK_VERIFY() do { \ + ptr = out_buf;\ + ptr = unpack_TPM_RSP_HEADER(ptr, \ + &(tag), &(paramSize), &(status));\ + if((status) != TPM_SUCCESS || (tag) != (intag +3)) { \ + vtpmlogerror(VTPM_LOG_TPM, "Failed with return code %s\n", tpm_get_error_name(status));\ + goto abort_egress;\ + }\ +} while(0) + +#define TPM_AUTH_HASH() do {\ + sha1_update(&sha1_ctx, authbase, ptr - authbase);\ + authbase = ptr;\ +} while(0) + +#define TPM_AUTH_SKIP() do {\ + authbase = ptr;\ +} while(0) + +#define TPM_AUTH_ERR_CHECK(auth) do {\ + if(status != TPM_SUCCESS || auth->fContinueAuthSession == FALSE) {\ + vtpmloginfo(VTPM_LOG_TPM, "Auth Session: 0x%x closed by TPM\n", auth->AuthHandle);\ + auth->AuthHandle = 0;\ + }\ +} while(0) + +static void xorEncrypt(const TPM_SECRET* sharedSecret, + TPM_NONCE* nonce, + const TPM_AUTHDATA* inAuth0, + TPM_ENCAUTH outAuth0, + const TPM_AUTHDATA* inAuth1, + TPM_ENCAUTH outAuth1) { + BYTE XORbuffer[sizeof(TPM_SECRET) + sizeof(TPM_NONCE)]; + BYTE XORkey[TPM_DIGEST_SIZE]; + BYTE* ptr = XORbuffer; + ptr = pack_TPM_SECRET(ptr, sharedSecret); + ptr = pack_TPM_NONCE(ptr, nonce); + + sha1(XORbuffer, ptr - XORbuffer, XORkey); + + if(inAuth0) { + for(int i = 0; i < TPM_DIGEST_SIZE; ++i) { + outAuth0[i] = XORkey[i] ^ (*inAuth0)[i]; + } + } + if(inAuth1) { + for(int i = 0; i < TPM_DIGEST_SIZE; ++i) { + outAuth1[i] = XORkey[i] ^ (*inAuth1)[i]; + } + } + +} + +static void generateAuth(const TPM_DIGEST* paramDigest, + const TPM_SECRET* HMACkey, + TPM_AUTH_SESSION *auth) +{ + //Generate new OddNonce + vtpmmgr_rand((BYTE*)auth->NonceOdd.nonce, sizeof(TPM_NONCE)); + + // Create HMAC text. (Concat inParamsDigest with inAuthSetupParams). + BYTE hmacText[sizeof(TPM_DIGEST) + (2 * sizeof(TPM_NONCE)) + sizeof(BOOL)]; + BYTE* ptr = hmacText; + + ptr = pack_TPM_DIGEST(ptr, paramDigest); + ptr = pack_TPM_NONCE(ptr, &auth->NonceEven); + ptr = pack_TPM_NONCE(ptr, &auth->NonceOdd); + ptr = pack_BOOL(ptr, auth->fContinueAuthSession); + + sha1_hmac((BYTE *) HMACkey, sizeof(TPM_DIGEST), + (BYTE *) hmacText, sizeof(hmacText), + auth->HMAC); +} + +static TPM_RESULT verifyAuth(const TPM_DIGEST* paramDigest, + /*[IN]*/ const TPM_SECRET *HMACkey, + /*[IN,OUT]*/ TPM_AUTH_SESSION *auth) +{ + + // Create HMAC text. (Concat inParamsDigest with inAuthSetupParams). + TPM_AUTHDATA hm; + BYTE hmacText[sizeof(TPM_DIGEST) + (2 * sizeof(TPM_NONCE)) + sizeof(BOOL)]; + BYTE* ptr = hmacText; + + ptr = pack_TPM_DIGEST(ptr, paramDigest); + ptr = pack_TPM_NONCE(ptr, &auth->NonceEven); + ptr = pack_TPM_NONCE(ptr, &auth->NonceOdd); + ptr = pack_BOOL(ptr, auth->fContinueAuthSession); + + sha1_hmac( (BYTE *) HMACkey, sizeof(TPM_DIGEST), + (BYTE *) hmacText, sizeof(hmacText), + hm); + + // Compare correct HMAC with provided one. + if (memcmp(hm, auth->HMAC, sizeof(TPM_DIGEST)) == 0) { // 0 indicates equality + return TPM_SUCCESS; + } else { + vtpmlogerror(VTPM_LOG_TPM, "Auth Session verification failed!\n"); + return TPM_AUTHFAIL; + } +} + + + +// ------------------------------------------------------------------ +// Authorization Commands +// ------------------------------------------------------------------ + +TPM_RESULT TPM_OIAP(TPM_AUTH_SESSION* auth) // out +{ + TPM_BEGIN(TPM_TAG_RQU_COMMAND, TPM_ORD_OIAP); + + TPM_TRANSMIT(); + TPM_UNPACK_VERIFY(); + + memset(&auth->HMAC, 0, sizeof(TPM_DIGEST)); + auth->fContinueAuthSession = TRUE; + + ptr = unpack_UINT32(ptr, &auth->AuthHandle); + ptr = unpack_TPM_NONCE(ptr, &auth->NonceEven); + + vtpmloginfo(VTPM_LOG_TPM, "Auth Session: 0x%x opened by TPM_OIAP.\n", auth->AuthHandle); + +abort_egress: + return status; +} + +TPM_RESULT TPM_OSAP(TPM_ENTITY_TYPE entityType, // in + UINT32 entityValue, // in + const TPM_AUTHDATA* usageAuth, //in + TPM_SECRET *sharedSecret, //out + TPM_AUTH_SESSION *auth) +{ + BYTE* nonceOddOSAP; + TPM_BEGIN(TPM_TAG_RQU_COMMAND, TPM_ORD_OSAP); + + ptr = pack_TPM_ENTITY_TYPE(ptr, entityType); + ptr = pack_UINT32(ptr, entityValue); + + //nonce Odd OSAP + nonceOddOSAP = ptr; + vtpmmgr_rand(ptr, TPM_DIGEST_SIZE); + ptr += TPM_DIGEST_SIZE; + + TPM_TRANSMIT(); + TPM_UNPACK_VERIFY(); + + ptr = unpack_UINT32(ptr, &auth->AuthHandle); + ptr = unpack_TPM_NONCE(ptr, &auth->NonceEven); + + //Calculate session secret + sha1_context ctx; + sha1_hmac_starts(&ctx, *usageAuth, TPM_DIGEST_SIZE); + sha1_hmac_update(&ctx, ptr, TPM_DIGEST_SIZE); //ptr = nonceEvenOSAP + sha1_hmac_update(&ctx, nonceOddOSAP, TPM_DIGEST_SIZE); + sha1_hmac_finish(&ctx, *sharedSecret); + + memset(&auth->HMAC, 0, sizeof(TPM_DIGEST)); + auth->fContinueAuthSession = FALSE; + + vtpmloginfo(VTPM_LOG_TPM, "Auth Session: 0x%x opened by TPM_OSAP.\n", auth->AuthHandle); + +abort_egress: + return status; +} + +TPM_RESULT TPM_TakeOwnership( + const TPM_PUBKEY *pubEK, //in + const TPM_AUTHDATA* ownerAuth, //in + const TPM_AUTHDATA* srkAuth, //in + const TPM_KEY* inSrk, //in + TPM_KEY* outSrk, //out, optional + TPM_AUTH_SESSION* auth) // in, out +{ + int keyAlloced = 0; + tpmrsa_context ek_rsa = TPMRSA_CTX_INIT; + + TPM_BEGIN(TPM_TAG_RQU_AUTH1_COMMAND, TPM_ORD_TakeOwnership); + TPM_AUTH_BEGIN(); + + tpmrsa_set_pubkey(&ek_rsa, + pubEK->pubKey.key, pubEK->pubKey.keyLength, + pubEK->algorithmParms.parms.rsa.exponent, + pubEK->algorithmParms.parms.rsa.exponentSize); + + /* Pack the protocol ID */ + ptr = pack_UINT16(ptr, TPM_PID_OWNER); + + /* Pack the encrypted owner auth */ + ptr = pack_UINT32(ptr, pubEK->algorithmParms.parms.rsa.keyLength / 8); + tpmrsa_pub_encrypt_oaep(&ek_rsa, + ctr_drbg_random, &vtpm_globals.ctr_drbg, + sizeof(TPM_SECRET), + (BYTE*) ownerAuth, + ptr); + ptr += pubEK->algorithmParms.parms.rsa.keyLength / 8; + + /* Pack the encrypted srk auth */ + ptr = pack_UINT32(ptr, pubEK->algorithmParms.parms.rsa.keyLength / 8); + tpmrsa_pub_encrypt_oaep(&ek_rsa, + ctr_drbg_random, &vtpm_globals.ctr_drbg, + sizeof(TPM_SECRET), + (BYTE*) srkAuth, + ptr); + ptr += pubEK->algorithmParms.parms.rsa.keyLength / 8; + + /* Pack the Srk key */ + ptr = pack_TPM_KEY(ptr, inSrk); + + /* Hash everything up to here */ + TPM_AUTH_HASH(); + + /* Generate the authorization */ + TPM_AUTH1_GEN(ownerAuth, auth); + + /* Send the command to the tpm*/ + TPM_TRANSMIT(); + /* Unpack and validate the header */ + TPM_UNPACK_VERIFY(); + TPM_AUTH_VERIFY_BEGIN(); + + if(outSrk != NULL) { + /* If the user wants a copy of the srk we give it to them */ + keyAlloced = 1; + ptr = unpack_TPM_KEY(ptr, outSrk, UNPACK_ALLOC); + } else { + /*otherwise just parse past it */ + TPM_KEY temp; + ptr = unpack_TPM_KEY(ptr, &temp, UNPACK_ALIAS); + } + + /* Hash the output key */ + TPM_AUTH_HASH(); + + /* Verify authorizaton */ + TPM_AUTH1_VERIFY(ownerAuth, auth); + + goto egress; +abort_egress: + if(keyAlloced) { + free_TPM_KEY(outSrk); + } +egress: + tpmrsa_free(&ek_rsa); + TPM_AUTH_ERR_CHECK(auth); + return status; +} + + +TPM_RESULT TPM_DisablePubekRead ( + const TPM_AUTHDATA* ownerAuth, + TPM_AUTH_SESSION* auth) +{ + TPM_BEGIN(TPM_TAG_RQU_AUTH1_COMMAND, TPM_ORD_DisablePubekRead); + TPM_AUTH_BEGIN(); + + TPM_AUTH_HASH(); + + TPM_AUTH1_GEN(ownerAuth, auth); + TPM_TRANSMIT(); + TPM_UNPACK_VERIFY(); + TPM_AUTH_VERIFY_BEGIN(); + + TPM_AUTH1_VERIFY(ownerAuth, auth); + +abort_egress: + TPM_AUTH_ERR_CHECK(auth); + return status; +} + + +TPM_RESULT TPM_TerminateHandle(TPM_AUTHHANDLE handle) // in +{ + if(handle == 0) { + return TPM_SUCCESS; + } + + TPM_BEGIN(TPM_TAG_RQU_COMMAND, TPM_ORD_Terminate_Handle); + + ptr = pack_TPM_AUTHHANDLE(ptr, handle); + + TPM_TRANSMIT(); + TPM_UNPACK_VERIFY(); + + vtpmloginfo(VTPM_LOG_TPM, "Auth Session: 0x%x closed by TPM_TerminateHandle\n", handle); + +abort_egress: + return status; +} + +TPM_RESULT TPM_Extend( TPM_PCRINDEX pcrNum, // in + TPM_DIGEST inDigest, // in + TPM_PCRVALUE* outDigest) // out +{ + TPM_BEGIN(TPM_TAG_RQU_COMMAND, TPM_ORD_Extend); + + ptr = pack_TPM_PCRINDEX(ptr, pcrNum); + ptr = pack_TPM_DIGEST(ptr, &inDigest); + + TPM_TRANSMIT(); + TPM_UNPACK_VERIFY(); + + ptr = unpack_TPM_PCRVALUE(ptr, outDigest); + +abort_egress: + return status; +} + +TPM_RESULT TPM_Seal( + TPM_KEY_HANDLE keyHandle, // in + UINT32 pcrInfoSize, // in + TPM_PCR_INFO* pcrInfo, // in + UINT32 inDataSize, // in + const BYTE* inData, // in + TPM_STORED_DATA* sealedData, //out + const TPM_SECRET* osapSharedSecret, //in + const TPM_AUTHDATA* sealedDataAuth, //in + TPM_AUTH_SESSION* pubAuth // in, out + ) +{ + int dataAlloced = 0; + TPM_BEGIN(TPM_TAG_RQU_AUTH1_COMMAND, TPM_ORD_Seal); + TPM_AUTH_BEGIN(); + + TPM_AUTH_HASH(); + + ptr = pack_TPM_KEY_HANDLE(ptr, keyHandle); + + TPM_AUTH_SKIP(); + + xorEncrypt(osapSharedSecret, &pubAuth->NonceEven, + sealedDataAuth, ptr, + NULL, NULL); + ptr += sizeof(TPM_ENCAUTH); + + ptr = pack_UINT32(ptr, pcrInfoSize); + ptr = pack_TPM_PCR_INFO(ptr, pcrInfo); + + ptr = pack_UINT32(ptr, inDataSize); + ptr = pack_BUFFER(ptr, inData, inDataSize); + + TPM_AUTH_HASH(); + + TPM_AUTH1_GEN(osapSharedSecret, pubAuth); + TPM_TRANSMIT(); + TPM_UNPACK_VERIFY(); + TPM_AUTH_VERIFY_BEGIN(); + + ptr = unpack_TPM_STORED_DATA(ptr, sealedData, UNPACK_ALLOC); + dataAlloced = 1; + + TPM_AUTH_HASH(); + + TPM_AUTH1_VERIFY(osapSharedSecret, pubAuth); + + goto egress; +abort_egress: + if(dataAlloced) { + free_TPM_STORED_DATA(sealedData); + } +egress: + TPM_AUTH_ERR_CHECK(pubAuth); + return status; +} + +TPM_RESULT TPM_Unseal( + TPM_KEY_HANDLE parentHandle, // in + const TPM_STORED_DATA* sealedData, + UINT32* outSize, // out + BYTE** out, //out + const TPM_AUTHDATA* key_usage_auth, //in + const TPM_AUTHDATA* data_usage_auth, //in + TPM_AUTH_SESSION* keyAuth, // in, out + TPM_AUTH_SESSION* dataAuth // in, out + ) +{ + TPM_BEGIN(TPM_TAG_RQU_AUTH2_COMMAND, TPM_ORD_Unseal); + TPM_AUTH_BEGIN(); + + TPM_AUTH_HASH(); + + ptr = pack_TPM_KEY_HANDLE(ptr, parentHandle); + + TPM_AUTH_SKIP(); + + ptr = pack_TPM_STORED_DATA(ptr, sealedData); + + TPM_AUTH_HASH(); + + TPM_AUTH1_GEN(key_usage_auth, keyAuth); + TPM_AUTH2_GEN(data_usage_auth, dataAuth); + TPM_TRANSMIT(); + TPM_UNPACK_VERIFY(); + TPM_AUTH_VERIFY_BEGIN(); + + ptr = unpack_UINT32(ptr, outSize); + ptr = unpack_ALLOC(ptr, out, *outSize); + + TPM_AUTH_HASH(); + + TPM_AUTH1_VERIFY(key_usage_auth, keyAuth); + TPM_AUTH2_VERIFY(data_usage_auth, dataAuth); + +abort_egress: + TPM_AUTH_ERR_CHECK(keyAuth); + TPM_AUTH_ERR_CHECK(dataAuth); + return status; +} + +TPM_RESULT TPM_Bind( + const TPM_KEY* key, + const BYTE* in, + UINT32 ilen, + BYTE* out) +{ + TPM_RESULT status; + tpmrsa_context rsa = TPMRSA_CTX_INIT; + TPM_BOUND_DATA boundData; + uint8_t plain[TCPA_MAX_BUFFER_LENGTH]; + BYTE* ptr = plain; + + vtpmloginfo(VTPM_LOG_TPM, "%s\n", __func__); + + tpmrsa_set_pubkey(&rsa, + key->pubKey.key, key->pubKey.keyLength, + key->algorithmParms.parms.rsa.exponent, + key->algorithmParms.parms.rsa.exponentSize); + + // Fill boundData's accessory information + boundData.ver = TPM_STRUCT_VER_1_1; + boundData.payload = TPM_PT_BIND; + boundData.payloadData = (BYTE*)in; + + //marshall the bound data object + ptr = pack_TPM_BOUND_DATA(ptr, &boundData, ilen); + + // Encrypt the data + TPMTRYRETURN(tpmrsa_pub_encrypt_oaep(&rsa, + ctr_drbg_random, &vtpm_globals.ctr_drbg, + ptr - plain, + plain, + out)); + +abort_egress: + tpmrsa_free(&rsa); + return status; + +} + +TPM_RESULT TPM_UnBind( + TPM_KEY_HANDLE keyHandle, // in + UINT32 ilen, //in + const BYTE* in, // + UINT32* olen, // + BYTE* out, //out + const TPM_AUTHDATA* usage_auth, + TPM_AUTH_SESSION* auth //in, out + ) +{ + TPM_BEGIN(TPM_TAG_RQU_AUTH1_COMMAND, TPM_ORD_UnBind); + TPM_AUTH_BEGIN(); + + TPM_AUTH_HASH(); + + ptr = pack_TPM_KEY_HANDLE(ptr, keyHandle); + + TPM_AUTH_SKIP(); + + ptr = pack_UINT32(ptr, ilen); + ptr = pack_BUFFER(ptr, in, ilen); + + TPM_AUTH_HASH(); + + TPM_AUTH1_GEN(usage_auth, auth); + TPM_TRANSMIT(); + TPM_UNPACK_VERIFY(); + TPM_AUTH_VERIFY_BEGIN(); + + ptr = unpack_UINT32(ptr, olen); + if(*olen > ilen) { + vtpmlogerror(VTPM_LOG_TPM, "Output length < input length!\n"); + status = TPM_IOERROR; + goto abort_egress; + } + ptr = unpack_BUFFER(ptr, out, *olen); + + TPM_AUTH_HASH(); + + TPM_AUTH1_VERIFY(usage_auth, auth); + +abort_egress: +egress: + TPM_AUTH_ERR_CHECK(auth); + return status; +} + +TPM_RESULT TPM_CreateWrapKey( + TPM_KEY_HANDLE hWrappingKey, // in + const TPM_AUTHDATA* osapSharedSecret, + const TPM_AUTHDATA* dataUsageAuth, //in + const TPM_AUTHDATA* dataMigrationAuth, //in + TPM_KEY* key, //in, out + TPM_AUTH_SESSION* pAuth) // in, out +{ + int keyAlloced = 0; + TPM_BEGIN(TPM_TAG_RQU_AUTH1_COMMAND, TPM_ORD_CreateWrapKey); + TPM_AUTH_BEGIN(); + + TPM_AUTH_HASH(); + + ptr = pack_TPM_KEY_HANDLE(ptr, hWrappingKey); + + TPM_AUTH_SKIP(); + + //Encrypted auths + xorEncrypt(osapSharedSecret, &pAuth->NonceEven, + dataUsageAuth, ptr, + dataMigrationAuth, ptr + sizeof(TPM_ENCAUTH)); + ptr += sizeof(TPM_ENCAUTH) * 2; + + ptr = pack_TPM_KEY(ptr, key); + + TPM_AUTH_HASH(); + + TPM_AUTH1_GEN(osapSharedSecret, pAuth); + TPM_TRANSMIT(); + TPM_UNPACK_VERIFY(); + TPM_AUTH_VERIFY_BEGIN(); + + keyAlloced = 1; + ptr = unpack_TPM_KEY(ptr, key, UNPACK_ALLOC); + + TPM_AUTH_HASH(); + + TPM_AUTH1_VERIFY(osapSharedSecret, pAuth); + + goto egress; +abort_egress: + if(keyAlloced) { + free_TPM_KEY(key); + } +egress: + TPM_AUTH_ERR_CHECK(pAuth); + return status; +} + +TPM_RESULT TPM_LoadKey( + TPM_KEY_HANDLE parentHandle, // + const TPM_KEY* key, //in + TPM_HANDLE* keyHandle, // out + const TPM_AUTHDATA* usage_auth, + TPM_AUTH_SESSION* auth) +{ + TPM_BEGIN(TPM_TAG_RQU_AUTH1_COMMAND, TPM_ORD_LoadKey); + TPM_AUTH_BEGIN(); + + TPM_AUTH_HASH(); + + ptr = pack_TPM_KEY_HANDLE(ptr, parentHandle); + + TPM_AUTH_SKIP(); + + ptr = pack_TPM_KEY(ptr, key); + + TPM_AUTH_HASH(); + + TPM_AUTH1_GEN(usage_auth, auth); + TPM_TRANSMIT(); + TPM_UNPACK_VERIFY(); + TPM_AUTH_VERIFY_BEGIN(); + + ptr = unpack_UINT32(ptr, keyHandle); + + TPM_AUTH_HASH(); + + TPM_AUTH1_VERIFY(usage_auth, auth); + + vtpmloginfo(VTPM_LOG_TPM, "Key Handle: 0x%x opened by TPM_LoadKey\n", *keyHandle); + +abort_egress: + TPM_AUTH_ERR_CHECK(auth); + return status; +} + +TPM_RESULT TPM_EvictKey( TPM_KEY_HANDLE hKey) // in +{ + if(hKey == 0) { + return TPM_SUCCESS; + } + + TPM_BEGIN(TPM_TAG_RQU_COMMAND, TPM_ORD_EvictKey); + + ptr = pack_TPM_KEY_HANDLE(ptr, hKey); + + TPM_TRANSMIT(); + TPM_UNPACK_VERIFY(); + + vtpmloginfo(VTPM_LOG_TPM, "Key handle: 0x%x closed by TPM_EvictKey\n", hKey); + +abort_egress: + return status; +} + +TPM_RESULT TPM_FlushSpecific(TPM_HANDLE handle, + TPM_RESOURCE_TYPE rt) { + if(handle == 0) { + return TPM_SUCCESS; + } + + TPM_BEGIN(TPM_TAG_RQU_COMMAND, TPM_ORD_FlushSpecific); + + ptr = pack_TPM_HANDLE(ptr, handle); + ptr = pack_TPM_RESOURCE_TYPE(ptr, rt); + + TPM_TRANSMIT(); + TPM_UNPACK_VERIFY(); + +abort_egress: + return status; +} + +TPM_RESULT TPM_GetRandom( UINT32* bytesRequested, // in, out + BYTE* randomBytes) // out +{ + TPM_BEGIN(TPM_TAG_RQU_COMMAND, TPM_ORD_GetRandom); + + // check input params + if (bytesRequested == NULL || randomBytes == NULL){ + return TPM_BAD_PARAMETER; + } + + ptr = pack_UINT32(ptr, *bytesRequested); + + TPM_TRANSMIT(); + TPM_UNPACK_VERIFY(); + + ptr = unpack_UINT32(ptr, bytesRequested); + ptr = unpack_BUFFER(ptr, randomBytes, *bytesRequested); + +abort_egress: + return status; +} + + +TPM_RESULT TPM_ReadPubek( + TPM_PUBKEY* pubEK //out + ) +{ + BYTE* antiReplay = NULL; + BYTE* kptr = NULL; + BYTE digest[TPM_DIGEST_SIZE]; + sha1_context ctx; + + TPM_BEGIN(TPM_TAG_RQU_COMMAND, TPM_ORD_ReadPubek); + + //antiReplay nonce + vtpmmgr_rand(ptr, TPM_DIGEST_SIZE); + antiReplay = ptr; + ptr += TPM_DIGEST_SIZE; + + TPM_TRANSMIT(); + TPM_UNPACK_VERIFY(); + + //unpack and allocate the key + kptr = ptr; + ptr = unpack_TPM_PUBKEY(ptr, pubEK, UNPACK_ALLOC); + + //Verify the checksum + sha1_starts(&ctx); + sha1_update(&ctx, kptr, ptr - kptr); + sha1_update(&ctx, antiReplay, TPM_DIGEST_SIZE); + sha1_finish(&ctx, digest); + + //ptr points to the checksum computed by TPM + if(memcmp(digest, ptr, TPM_DIGEST_SIZE)) { + vtpmlogerror(VTPM_LOG_TPM, "TPM_ReadPubek: Checksum returned by TPM was invalid!\n"); + status = TPM_FAIL; + goto abort_egress; + } + + goto egress; +abort_egress: + if(kptr != NULL) { //If we unpacked the pubEK, we have to free it + free_TPM_PUBKEY(pubEK); + } +egress: + return status; +} + + +TPM_RESULT TPM_SaveState(void) +{ + TPM_BEGIN(TPM_TAG_RQU_COMMAND, TPM_ORD_SaveState); + + TPM_TRANSMIT(); + TPM_UNPACK_VERIFY(); + +abort_egress: + return status; +} + +TPM_RESULT TPM_GetCapability( + TPM_CAPABILITY_AREA capArea, + UINT32 subCapSize, + const BYTE* subCap, + UINT32* respSize, + BYTE** resp) +{ + TPM_BEGIN(TPM_TAG_RQU_COMMAND, TPM_ORD_GetCapability); + + ptr = pack_TPM_CAPABILITY_AREA(ptr, capArea); + ptr = pack_UINT32(ptr, subCapSize); + ptr = pack_BUFFER(ptr, subCap, subCapSize); + + TPM_TRANSMIT(); + TPM_UNPACK_VERIFY(); + + ptr = unpack_UINT32(ptr, respSize); + ptr = unpack_ALLOC(ptr, resp, *respSize); + +abort_egress: + return status; +} + +TPM_RESULT TPM_CreateEndorsementKeyPair( + const TPM_KEY_PARMS* keyInfo, + TPM_PUBKEY* pubEK) +{ + BYTE* kptr = NULL; + sha1_context ctx; + TPM_DIGEST checksum; + TPM_DIGEST hash; + TPM_NONCE antiReplay; + TPM_BEGIN(TPM_TAG_RQU_COMMAND, TPM_ORD_CreateEndorsementKeyPair); + + //Make anti replay nonce + vtpmmgr_rand(antiReplay.nonce, sizeof(antiReplay.nonce)); + + ptr = pack_TPM_NONCE(ptr, &antiReplay); + ptr = pack_TPM_KEY_PARMS(ptr, keyInfo); + + TPM_TRANSMIT(); + TPM_UNPACK_VERIFY(); + + sha1_starts(&ctx); + + kptr = ptr; + ptr = unpack_TPM_PUBKEY(ptr, pubEK, UNPACK_ALLOC); + + /* Hash the pub key blob */ + sha1_update(&ctx, kptr, ptr - kptr); + ptr = unpack_TPM_DIGEST(ptr, &checksum); + + sha1_update(&ctx, antiReplay.nonce, sizeof(antiReplay.nonce)); + + sha1_finish(&ctx, hash.digest); + if(memcmp(checksum.digest, hash.digest, TPM_DIGEST_SIZE)) { + vtpmloginfo(VTPM_LOG_VTPM, "TPM_CreateEndorsementKey: Checkum verification failed!\n"); + status = TPM_FAIL; + goto abort_egress; + } + + goto egress; +abort_egress: + if(kptr) { + free_TPM_PUBKEY(pubEK); + } +egress: + return status; +} + +TPM_RESULT TPM_TransmitData( + BYTE* in, + UINT32 insize, + BYTE* out, + UINT32* outsize) { + TPM_RESULT status = TPM_SUCCESS; + + UINT32 i; + vtpmloginfo(VTPM_LOG_TXDATA, "Sending buffer = 0x"); + for(i = 0 ; i < insize ; i++) + vtpmloginfomore(VTPM_LOG_TXDATA, "%2.2x ", in[i]); + + vtpmloginfomore(VTPM_LOG_TXDATA, "\n"); + + ssize_t size = 0; + + // send the request + size = write (vtpm_globals.tpm_fd, in, insize); + if (size < 0) { + vtpmlogerror(VTPM_LOG_TXDATA, "write() failed : %s\n", strerror(errno)); + ERRORDIE (TPM_IOERROR); + } + else if ((UINT32) size < insize) { + vtpmlogerror(VTPM_LOG_TXDATA, "Wrote %d instead of %d bytes!\n", (int) size, insize); + ERRORDIE (TPM_IOERROR); + } + + // read the response + size = read (vtpm_globals.tpm_fd, out, *outsize); + if (size < 0) { + vtpmlogerror(VTPM_LOG_TXDATA, "read() failed : %s\n", strerror(errno)); + ERRORDIE (TPM_IOERROR); + } + + vtpmloginfo(VTPM_LOG_TXDATA, "Receiving buffer = 0x"); + for(i = 0 ; i < size ; i++) + vtpmloginfomore(VTPM_LOG_TXDATA, "%2.2x ", out[i]); + + vtpmloginfomore(VTPM_LOG_TXDATA, "\n"); + + *outsize = size; + goto egress; + +abort_egress: +egress: + return status; +} diff -r 06b884fed150 -r 600a6694754a stubdom/vtpmmgr/tpm.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpmmgr/tpm.h Fri Jan 18 10:55:43 2013 +0000 @@ -0,0 +1,218 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * based off of the original tools/vtpm_manager code base which is: + * Copyright (c) 2005/2006, Intel Corp. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * * Neither the name of Intel Corporation nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + +#ifndef __TPM_H__ +#define __TPM_H__ + +#include "tcg.h" + +// ------------------------------------------------------------------ +// Exposed API +// ------------------------------------------------------------------ + +// TPM v1.1B Command Set + +// Authorzation +TPM_RESULT TPM_OIAP( + TPM_AUTH_SESSION* auth //out + ); + +TPM_RESULT TPM_OSAP ( + TPM_ENTITY_TYPE entityType, // in + UINT32 entityValue, // in + const TPM_AUTHDATA* usageAuth, //in + TPM_SECRET *sharedSecret, //out + TPM_AUTH_SESSION *auth); + +TPM_RESULT TPM_TakeOwnership( + const TPM_PUBKEY *pubEK, //in + const TPM_AUTHDATA* ownerAuth, //in + const TPM_AUTHDATA* srkAuth, //in + const TPM_KEY* inSrk, //in + TPM_KEY* outSrk, //out, optional + TPM_AUTH_SESSION* auth // in, out + ); + +TPM_RESULT TPM_DisablePubekRead ( + const TPM_AUTHDATA* ownerAuth, + TPM_AUTH_SESSION* auth + ); + +TPM_RESULT TPM_TerminateHandle ( TPM_AUTHHANDLE handle // in + ); + +TPM_RESULT TPM_FlushSpecific ( TPM_HANDLE handle, // in + TPM_RESOURCE_TYPE resourceType //in + ); + +// TPM Mandatory +TPM_RESULT TPM_Extend ( TPM_PCRINDEX pcrNum, // in + TPM_DIGEST inDigest, // in + TPM_PCRVALUE* outDigest // out + ); + +TPM_RESULT TPM_PcrRead ( TPM_PCRINDEX pcrNum, // in + TPM_PCRVALUE* outDigest // out + ); + +TPM_RESULT TPM_Quote ( TCS_KEY_HANDLE keyHandle, // in + TPM_NONCE antiReplay, // in + UINT32* PcrDataSize, // in, out + BYTE** PcrData, // in, out + TPM_AUTH_SESSION* privAuth, // in, out + UINT32* sigSize, // out + BYTE** sig // out + ); + +TPM_RESULT TPM_Seal( + TCS_KEY_HANDLE keyHandle, // in + UINT32 pcrInfoSize, // in + TPM_PCR_INFO* pcrInfo, // in + UINT32 inDataSize, // in + const BYTE* inData, // in + TPM_STORED_DATA* sealedData, //out + const TPM_SECRET* osapSharedSecret, //in + const TPM_AUTHDATA* sealDataAuth, //in + TPM_AUTH_SESSION* pubAuth // in, out + ); + +TPM_RESULT TPM_Unseal ( + TPM_KEY_HANDLE parentHandle, // in + const TPM_STORED_DATA* sealedData, + UINT32* outSize, // out + BYTE** out, //out + const TPM_AUTHDATA* key_usage_auth, //in + const TPM_AUTHDATA* data_usage_auth, //in + TPM_AUTH_SESSION* keyAuth, // in, out + TPM_AUTH_SESSION* dataAuth // in, out + ); + +TPM_RESULT TPM_DirWriteAuth ( TPM_DIRINDEX dirIndex, // in + TPM_DIRVALUE newContents, // in + TPM_AUTH_SESSION* ownerAuth // in, out + ); + +TPM_RESULT TPM_DirRead ( TPM_DIRINDEX dirIndex, // in + TPM_DIRVALUE* dirValue // out + ); + +TPM_RESULT TPM_Bind( + const TPM_KEY* key, //in + const BYTE* in, //in + UINT32 ilen, //in + BYTE* out //out, must be at least cipher block size + ); + +TPM_RESULT TPM_UnBind ( + TCS_KEY_HANDLE keyHandle, // in + UINT32 ilen, //in + const BYTE* in, // + UINT32* outDataSize, // out + BYTE* outData, //out + const TPM_AUTHDATA* usage_auth, + TPM_AUTH_SESSION* auth //in, out + ); + +TPM_RESULT TPM_CreateWrapKey ( + TCS_KEY_HANDLE hWrappingKey, // in + const TPM_AUTHDATA* osapSharedSecret, + const TPM_AUTHDATA* dataUsageAuth, //in + const TPM_AUTHDATA* dataMigrationAuth, //in + TPM_KEY* key, //in + TPM_AUTH_SESSION* pAuth // in, out + ); + +TPM_RESULT TPM_LoadKey ( + TPM_KEY_HANDLE parentHandle, // + const TPM_KEY* key, //in + TPM_HANDLE* keyHandle, // out + const TPM_AUTHDATA* usage_auth, + TPM_AUTH_SESSION* auth + ); + +TPM_RESULT TPM_GetPubKey ( TCS_KEY_HANDLE hKey, // in + TPM_AUTH_SESSION* pAuth, // in, out + UINT32* pcPubKeySize, // out + BYTE** prgbPubKey // out + ); + +TPM_RESULT TPM_EvictKey ( TCS_KEY_HANDLE hKey // in + ); + +TPM_RESULT TPM_FlushSpecific(TPM_HANDLE handle, //in + TPM_RESOURCE_TYPE rt //in + ); + +TPM_RESULT TPM_Sign ( TCS_KEY_HANDLE keyHandle, // in + UINT32 areaToSignSize, // in + BYTE* areaToSign, // in + TPM_AUTH_SESSION* privAuth, // in, out + UINT32* sigSize, // out + BYTE** sig // out + ); + +TPM_RESULT TPM_GetRandom ( UINT32* bytesRequested, // in, out + BYTE* randomBytes // out + ); + +TPM_RESULT TPM_StirRandom ( UINT32 inDataSize, // in + BYTE* inData // in + ); + +TPM_RESULT TPM_ReadPubek ( + TPM_PUBKEY* pubEK //out + ); + +TPM_RESULT TPM_GetCapability( + TPM_CAPABILITY_AREA capArea, + UINT32 subCapSize, + const BYTE* subCap, + UINT32* respSize, + BYTE** resp); + +TPM_RESULT TPM_SaveState(void); + +TPM_RESULT TPM_CreateEndorsementKeyPair( + const TPM_KEY_PARMS* keyInfo, + TPM_PUBKEY* pubEK); + +TPM_RESULT TPM_TransmitData( + BYTE* in, + UINT32 insize, + BYTE* out, + UINT32* outsize); + +#endif //TPM_H diff -r 06b884fed150 -r 600a6694754a stubdom/vtpmmgr/tpmrsa.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpmmgr/tpmrsa.c Fri Jan 18 10:55:43 2013 +0000 @@ -0,0 +1,175 @@ +/* + * The RSA public-key cryptosystem + * + * Copyright (C) 2006-2011, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +/* + * RSA was designed by Ron Rivest, Adi Shamir and Len Adleman. + * + * http://theory.lcs.mit.edu/~rivest/rsapaper.pdf + * http://www.cacr.math.uwaterloo.ca/hac/about/chap8.pdf + */ + +#include "tcg.h" +#include "polarssl/sha1.h" + +#include +#include + +#include "tpmrsa.h" + +#define HASH_LEN 20 + +void tpmrsa_set_pubkey(tpmrsa_context* ctx, + const unsigned char* key, + int keylen, + const unsigned char* exponent, + int explen) { + + tpmrsa_free(ctx); + + if(explen == 0) { //Default e= 2^16+1 + mpi_lset(&ctx->E, 65537); + } else { + mpi_read_binary(&ctx->E, exponent, explen); + } + mpi_read_binary(&ctx->N, key, keylen); + + ctx->len = ( mpi_msb(&ctx->N) + 7) >> 3; +} + +static TPM_RESULT tpmrsa_public( tpmrsa_context *ctx, + const unsigned char *input, + unsigned char *output ) +{ + int ret; + size_t olen; + mpi T; + + mpi_init( &T ); + + MPI_CHK( mpi_read_binary( &T, input, ctx->len ) ); + + if( mpi_cmp_mpi( &T, &ctx->N ) >= 0 ) + { + mpi_free( &T ); + return TPM_ENCRYPT_ERROR; + } + + olen = ctx->len; + MPI_CHK( mpi_exp_mod( &T, &T, &ctx->E, &ctx->N, &ctx->RN ) ); + MPI_CHK( mpi_write_binary( &T, output, olen ) ); + +cleanup: + + mpi_free( &T ); + + if( ret != 0 ) + return TPM_ENCRYPT_ERROR; + + return TPM_SUCCESS; +} + +static void mgf_mask( unsigned char *dst, int dlen, unsigned char *src, int slen) +{ + unsigned char mask[HASH_LEN]; + unsigned char counter[4] = {0, 0, 0, 0}; + int i; + sha1_context mctx; + + //We always hash the src with the counter, so save the partial hash + sha1_starts(&mctx); + sha1_update(&mctx, src, slen); + + // Generate and apply dbMask + while(dlen > 0) { + //Copy the sha1 context + sha1_context ctx = mctx; + + //compute hash for input || counter + sha1_update(&ctx, counter, sizeof(counter)); + sha1_finish(&ctx, mask); + + //Apply the mask + for(i = 0; i < (dlen < HASH_LEN ? dlen : HASH_LEN); ++i) { + *(dst++) ^= mask[i]; + } + + //Increment counter + ++counter[3]; + + dlen -= HASH_LEN; + } +} + +/* + * Add the message padding, then do an RSA operation + */ +TPM_RESULT tpmrsa_pub_encrypt_oaep( tpmrsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + size_t ilen, + const unsigned char *input, + unsigned char *output ) +{ + int ret; + int olen; + unsigned char* seed = output + 1; + unsigned char* db = output + HASH_LEN +1; + + olen = ctx->len-1; + + if( f_rng == NULL ) + return TPM_ENCRYPT_ERROR; + + if( ilen > olen - 2 * HASH_LEN - 1) + return TPM_ENCRYPT_ERROR; + + output[0] = 0; + + //Encoding parameter p + sha1((unsigned char*)"TCPA", 4, db); + + //PS + memset(db + HASH_LEN, 0, + olen - ilen - 2 * HASH_LEN - 1); + + //constant 1 byte + db[olen - ilen - HASH_LEN -1] = 0x01; + + //input string + memcpy(db + olen - ilen - HASH_LEN, + input, ilen); + + //Generate random seed + if( ( ret = f_rng( p_rng, seed, HASH_LEN ) ) != 0 ) + return TPM_ENCRYPT_ERROR; + + // maskedDB: Apply dbMask to DB + mgf_mask( db, olen - HASH_LEN, seed, HASH_LEN); + + // maskedSeed: Apply seedMask to seed + mgf_mask( seed, HASH_LEN, db, olen - HASH_LEN); + + // Do the crypto op + return tpmrsa_public(ctx, output, output); +} diff -r 06b884fed150 -r 600a6694754a stubdom/vtpmmgr/tpmrsa.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpmmgr/tpmrsa.h Fri Jan 18 10:55:43 2013 +0000 @@ -0,0 +1,67 @@ +/** + * \file rsa.h + * + * \brief The RSA public-key cryptosystem + * + * Copyright (C) 2006-2010, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef TPMRSA_H +#define TPMRSA_H + +#include "tcg.h" +#include + +/* tpm software key */ +typedef struct +{ + size_t len; /*!< size(N) in chars */ + + mpi N; /*!< public modulus */ + mpi E; /*!< public exponent */ + + mpi RN; /*!< cached R^2 mod N */ +} +tpmrsa_context; + +#define TPMRSA_CTX_INIT { 0, {0, 0, NULL}, {0, 0, NULL}, {0, 0, NULL}} + +/* Setup the rsa context using tpm public key data */ +void tpmrsa_set_pubkey(tpmrsa_context* ctx, + const unsigned char* key, + int keylen, + const unsigned char* exponent, + int explen); + +/* Do rsa public crypto */ +TPM_RESULT tpmrsa_pub_encrypt_oaep( tpmrsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + size_t ilen, + const unsigned char *input, + unsigned char *output ); + +/* free tpmrsa key */ +inline void tpmrsa_free( tpmrsa_context *ctx ) { + mpi_free( &ctx->RN ); mpi_free( &ctx->E ); mpi_free( &ctx->N ); +} + +#endif /* tpmrsa.h */ diff -r 06b884fed150 -r 600a6694754a stubdom/vtpmmgr/uuid.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpmmgr/uuid.h Fri Jan 18 10:55:43 2013 +0000 @@ -0,0 +1,50 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * based off of the original tools/vtpm_manager code base which is: + * Copyright (c) 2005, Intel Corp. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * * Neither the name of Intel Corporation nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + +#ifndef VTPMMGR_UUID_H +#define VTPMMGR_UUID_H + +#define UUID_FMT "%02hhx%02hhx%02hhx%02hhx-%02hhx%02hhx-%02hhx%02hhx-%02hhx%02hhx-%02hhx%02hhx%02hhx%02hhx%02hhx%02hhx" +#define UUID_FMTLEN ((2*16)+4) /* 16 hex bytes plus 4 hypens */ +#define UUID_BYTES(uuid) uuid[0], uuid[1], uuid[2], uuid[3], \ + uuid[4], uuid[5], uuid[6], uuid[7], \ + uuid[8], uuid[9], uuid[10], uuid[11], \ + uuid[12], uuid[13], uuid[14], uuid[15] + + +typedef uint8_t uuid_t[16]; + +#endif diff -r 06b884fed150 -r 600a6694754a stubdom/vtpmmgr/vtpm_cmd_handler.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpmmgr/vtpm_cmd_handler.c Fri Jan 18 10:55:43 2013 +0000 @@ -0,0 +1,152 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * based off of the original tools/vtpm_manager code base which is: + * Copyright (c) 2005, Intel Corp. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * * Neither the name of Intel Corporation nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + +#include +#include +#include + +#include "marshal.h" +#include "log.h" +#include "vtpm_storage.h" +#include "vtpmmgr.h" +#include "tpm.h" +#include "tcg.h" + +static TPM_RESULT vtpmmgr_SaveHashKey( + const uuid_t uuid, + tpmcmd_t* tpmcmd) +{ + TPM_RESULT status = TPM_SUCCESS; + + if(tpmcmd->req_len != VTPM_COMMAND_HEADER_SIZE + HASHKEYSZ) { + vtpmlogerror(VTPM_LOG_VTPM, "VTPM_ORD_SAVEHASHKEY hashkey too short!\n"); + status = TPM_BAD_PARAMETER; + goto abort_egress; + } + + /* Do the command */ + TPMTRYRETURN(vtpm_storage_save_hashkey(uuid, tpmcmd->req + VTPM_COMMAND_HEADER_SIZE)); + +abort_egress: + pack_TPM_RSP_HEADER(tpmcmd->resp, + VTPM_TAG_RSP, VTPM_COMMAND_HEADER_SIZE, status); + tpmcmd->resp_len = VTPM_COMMAND_HEADER_SIZE; + + return status; +} + +static TPM_RESULT vtpmmgr_LoadHashKey( + const uuid_t uuid, + tpmcmd_t* tpmcmd) { + TPM_RESULT status = TPM_SUCCESS; + + tpmcmd->resp_len = VTPM_COMMAND_HEADER_SIZE; + + TPMTRYRETURN(vtpm_storage_load_hashkey(uuid, tpmcmd->resp + VTPM_COMMAND_HEADER_SIZE)); + + tpmcmd->resp_len += HASHKEYSZ; + +abort_egress: + pack_TPM_RSP_HEADER(tpmcmd->resp, + VTPM_TAG_RSP, tpmcmd->resp_len, status); + + return status; +} + + +TPM_RESULT vtpmmgr_handle_cmd( + const uuid_t uuid, + tpmcmd_t* tpmcmd) +{ + TPM_RESULT status = TPM_SUCCESS; + TPM_TAG tag; + UINT32 size; + TPM_COMMAND_CODE ord; + + unpack_TPM_RQU_HEADER(tpmcmd->req, + &tag, &size, &ord); + + /* Handle the command now */ + switch(tag) { + case VTPM_TAG_REQ: + //This is a vTPM command + switch(ord) { + case VTPM_ORD_SAVEHASHKEY: + return vtpmmgr_SaveHashKey(uuid, tpmcmd); + case VTPM_ORD_LOADHASHKEY: + return vtpmmgr_LoadHashKey(uuid, tpmcmd); + default: + vtpmlogerror(VTPM_LOG_VTPM, "Invalid vTPM Ordinal %" PRIu32 "\n", ord); + status = TPM_BAD_ORDINAL; + } + break; + case TPM_TAG_RQU_COMMAND: + case TPM_TAG_RQU_AUTH1_COMMAND: + case TPM_TAG_RQU_AUTH2_COMMAND: + //This is a TPM passthrough command + switch(ord) { + case TPM_ORD_GetRandom: + vtpmloginfo(VTPM_LOG_VTPM, "Passthrough: TPM_GetRandom\n"); + break; + case TPM_ORD_PcrRead: + vtpmloginfo(VTPM_LOG_VTPM, "Passthrough: TPM_PcrRead\n"); + break; + default: + vtpmlogerror(VTPM_LOG_VTPM, "TPM Disallowed Passthrough ord=%" PRIu32 "\n", ord); + status = TPM_DISABLED_CMD; + goto abort_egress; + } + + size = TCPA_MAX_BUFFER_LENGTH; + TPMTRYRETURN(TPM_TransmitData(tpmcmd->req, tpmcmd->req_len, tpmcmd->resp, &size)); + tpmcmd->resp_len = size; + + unpack_TPM_RESULT(tpmcmd->resp + sizeof(TPM_TAG) + sizeof(UINT32), &status); + return status; + + break; + default: + vtpmlogerror(VTPM_LOG_VTPM, "Invalid tag=%" PRIu16 "\n", tag); + status = TPM_BADTAG; + } + +abort_egress: + tpmcmd->resp_len = VTPM_COMMAND_HEADER_SIZE; + pack_TPM_RSP_HEADER(tpmcmd->resp, + tag + 3, tpmcmd->resp_len, status); + + return status; +} diff -r 06b884fed150 -r 600a6694754a stubdom/vtpmmgr/vtpm_manager.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpmmgr/vtpm_manager.h Fri Jan 18 10:55:43 2013 +0000 @@ -0,0 +1,64 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * based off of the original tools/vtpm_manager code base which is: + * Copyright (c) 2005, Intel Corp. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * * Neither the name of Intel Corporation nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + +#ifndef VTPM_MANAGER_H +#define VTPM_MANAGER_H + +#define VTPM_TAG_REQ 0x01c1 +#define VTPM_TAG_RSP 0x01c4 +#define COMMAND_BUFFER_SIZE 4096 + +// Header size +#define VTPM_COMMAND_HEADER_SIZE ( 2 + 4 + 4) + +//************************ Command Codes **************************** +#define VTPM_ORD_BASE 0x0000 +#define VTPM_PRIV_MASK 0x01000000 // Priviledged VTPM Command +#define VTPM_PRIV_BASE (VTPM_ORD_BASE | VTPM_PRIV_MASK) + +// Non-priviledged VTPM Commands (From DMI's) +#define VTPM_ORD_SAVEHASHKEY (VTPM_ORD_BASE + 1) // DMI requests encryption key for persistent storage +#define VTPM_ORD_LOADHASHKEY (VTPM_ORD_BASE + 2) // DMI requests symkey to be regenerated + +//************************ Return Codes **************************** +#define VTPM_SUCCESS 0 +#define VTPM_FAIL 1 +#define VTPM_UNSUPPORTED 2 +#define VTPM_FORBIDDEN 3 +#define VTPM_RESTORE_CONTEXT_FAILED 4 +#define VTPM_INVALID_REQUEST 5 + +#endif diff -r 06b884fed150 -r 600a6694754a stubdom/vtpmmgr/vtpm_storage.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpmmgr/vtpm_storage.c Fri Jan 18 10:55:43 2013 +0000 @@ -0,0 +1,794 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * THIS SOFTWARE AND ITS DOCUMENTATION ARE PROVIDED AS IS AND WITHOUT + * ANY EXPRESS OR IMPLIED WARRANTIES WHATSOEVER. ALL WARRANTIES + * INCLUDING, BUT NOT LIMITED TO, PERFORMANCE, MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT ARE HEREBY + * DISCLAIMED. USERS ASSUME THE ENTIRE RISK AND LIABILITY OF USING THE + * SOFTWARE. + */ + +/*************************************************************** + * DISK IMAGE LAYOUT + * ************************************************************* + * All data is stored in BIG ENDIAN format + * ************************************************************* + * Section 1: Header + * + * 10 bytes id ID String "VTPMMGRDOM" + * uint32_t version Disk Image version number (current == 1) + * uint32_t storage_key_len Length of the storage Key + * TPM_KEY storage_key Marshalled TPM_KEY structure (See TPM spec v2) + * RSA_BLOCK aes_crypto Encrypted aes key data (RSA_CIPHER_SIZE bytes), bound by the storage_key + * BYTE[32] aes_key Aes key for encrypting the uuid table + * uint32_t cipher_sz Encrypted size of the uuid table + * + * ************************************************************* + * Section 2: Uuid Table + * + * This table is encrypted by the aes_key in the header. The cipher text size is just + * large enough to hold all of the entries plus required padding. + * + * Each entry is as follows + * BYTE[16] uuid Uuid of a vtpm that is stored on this disk + * uint32_t offset Disk offset where the vtpm data is stored + * + * ************************************************************* + * Section 3: Vtpm Table + * + * The rest of the disk stores vtpms. Each vtpm is an RSA_BLOCK encrypted + * by the storage key. Each vtpm must exist on an RSA_BLOCK aligned boundary, + * starting at the first RSA_BLOCK aligned offset after the uuid table. + * As the uuid table grows, vtpms may be relocated. + * + * RSA_BLOCK vtpm_crypto Vtpm data encrypted by storage_key + * BYTE[20] hash Sha1 hash of vtpm encrypted data + * BYTE[16] vtpm_aes_key Encryption key for vtpm data + * + ************************************************************* + */ +#define DISKVERS 1 +#define IDSTR "VTPMMGRDOM" +#define IDSTRLEN 10 +#define AES_BLOCK_SIZE 16 +#define AES_KEY_BITS 256 +#define AES_KEY_SIZE (AES_KEY_BITS/8) +#define BUF_SIZE 4096 + +#define UUID_TBL_ENT_SIZE (sizeof(uuid_t) + sizeof(uint32_t)) + +#define HEADERSZ (10 + 4 + 4) + +#define TRY_READ(buf, size, msg) do {\ + int rc; \ + if((rc = read(blkfront_fd, buf, (size))) != (size)) { \ + vtpmlogerror(VTPM_LOG_VTPM, "read() failed! " msg " : rc=(%d/%d), error=(%s)\n", rc, (int)(size), strerror(errno)); \ + status = TPM_IOERROR;\ + goto abort_egress;\ + } \ +} while(0) + +#define TRY_WRITE(buf, size, msg) do {\ + int rc; \ + if((rc = write(blkfront_fd, buf, (size))) != (size)) { \ + vtpmlogerror(VTPM_LOG_VTPM, "write() failed! " msg " : rc=(%d/%d), error=(%s)\n", rc, (int)(size), strerror(errno)); \ + status = TPM_IOERROR;\ + goto abort_egress;\ + } \ +} while(0) + +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "vtpm_manager.h" +#include "log.h" +#include "marshal.h" +#include "tpm.h" +#include "uuid.h" + +#include "vtpmmgr.h" +#include "vtpm_storage.h" + +#define MAX(a,b) ( ((a) > (b)) ? (a) : (b) ) +#define MIN(a,b) ( ((a) < (b)) ? (a) : (b) ) + +/* blkfront device objets */ +static struct blkfront_dev* blkdev = NULL; +static int blkfront_fd = -1; + +struct Vtpm { + uuid_t uuid; + int offset; +}; +struct Storage { + int aes_offset; + int uuid_offset; + int end_offset; + + int num_vtpms; + int num_vtpms_alloced; + struct Vtpm* vtpms; +}; + +/* Global storage data */ +static struct Storage g_store = { + .vtpms = NULL, +}; + +static int get_offset(void) { + return lseek(blkfront_fd, 0, SEEK_CUR); +} + +static void reset_store(void) { + g_store.aes_offset = 0; + g_store.uuid_offset = 0; + g_store.end_offset = 0; + + g_store.num_vtpms = 0; + g_store.num_vtpms_alloced = 0; + free(g_store.vtpms); + g_store.vtpms = NULL; +} + +static int vtpm_get_index(const uuid_t uuid) { + int st = 0; + int ed = g_store.num_vtpms-1; + while(st <= ed) { + int mid = ((unsigned int)st + (unsigned int)ed) >> 1; //avoid overflow + int c = memcmp(uuid, &g_store.vtpms[mid].uuid, sizeof(uuid_t)); + if(c == 0) { + return mid; + } else if(c > 0) { + st = mid + 1; + } else { + ed = mid - 1; + } + } + return -(st + 1); +} + +static void vtpm_add(const uuid_t uuid, int offset, int index) { + /* Realloc more space if needed */ + if(g_store.num_vtpms >= g_store.num_vtpms_alloced) { + g_store.num_vtpms_alloced += 16; + g_store.vtpms = realloc( + g_store.vtpms, + sizeof(struct Vtpm) * g_store.num_vtpms_alloced); + } + + /* Move everybody after the new guy */ + for(int i = g_store.num_vtpms; i > index; --i) { + g_store.vtpms[i] = g_store.vtpms[i-1]; + } + + vtpmloginfo(VTPM_LOG_VTPM, "Registered vtpm " UUID_FMT "\n", UUID_BYTES(uuid)); + + /* Finally add new one */ + memcpy(g_store.vtpms[index].uuid, uuid, sizeof(uuid_t)); + g_store.vtpms[index].offset = offset; + ++g_store.num_vtpms; +} + +#if 0 +static void vtpm_remove(int index) { + for(i = index; i < g_store.num_vtpms; ++i) { + g_store.vtpms[i] = g_store.vtpms[i+1]; + } + --g_store.num_vtpms; +} +#endif + +static int pack_uuid_table(uint8_t* table, int size, int* nvtpms) { + uint8_t* ptr = table; + while(*nvtpms < g_store.num_vtpms && size >= 0) + { + /* Pack the uuid */ + memcpy(ptr, (uint8_t*)g_store.vtpms[*nvtpms].uuid, sizeof(uuid_t)); + ptr+= sizeof(uuid_t); + + + /* Pack the offset */ + ptr = pack_UINT32(ptr, g_store.vtpms[*nvtpms].offset); + + ++*nvtpms; + size -= UUID_TBL_ENT_SIZE; + } + return ptr - table; +} + +/* Extract the uuids */ +static int extract_uuid_table(uint8_t* table, int size) { + uint8_t* ptr = table; + for(;size >= UUID_TBL_ENT_SIZE; size -= UUID_TBL_ENT_SIZE) { + int index; + uint32_t v32; + + /*uuid_t is just an array of bytes, so we can do a direct cast here */ + uint8_t* uuid = ptr; + ptr += sizeof(uuid_t); + + /* Get the offset of the key */ + ptr = unpack_UINT32(ptr, &v32); + + /* Insert the new vtpm in sorted order */ + if((index = vtpm_get_index(uuid)) >= 0) { + vtpmlogerror(VTPM_LOG_VTPM, "Vtpm (" UUID_FMT ") exists multiple times! ignoring...\n", UUID_BYTES(uuid)); + continue; + } + index = -index -1; + + vtpm_add(uuid, v32, index); + + } + return ptr - table; +} + +static void vtpm_decrypt_block(aes_context* aes, + uint8_t* iv, + uint8_t* cipher, + uint8_t* plain, + int cipher_sz, + int* overlap) +{ + int bytes_ext; + /* Decrypt */ + aes_crypt_cbc(aes, AES_DECRYPT, + cipher_sz, + iv, cipher, plain + *overlap); + + /* Extract */ + bytes_ext = extract_uuid_table(plain, cipher_sz + *overlap); + + /* Copy left overs to the beginning */ + *overlap = cipher_sz + *overlap - bytes_ext; + memcpy(plain, plain + bytes_ext, *overlap); +} + +static int vtpm_encrypt_block(aes_context* aes, + uint8_t* iv, + uint8_t* plain, + uint8_t* cipher, + int block_sz, + int* overlap, + int* num_vtpms) +{ + int bytes_to_crypt; + int bytes_packed; + + /* Pack the uuid table */ + bytes_packed = *overlap + pack_uuid_table(plain + *overlap, block_sz - *overlap, num_vtpms); + bytes_to_crypt = MIN(bytes_packed, block_sz); + + /* Add padding if we aren't on a multiple of the block size */ + if(bytes_to_crypt & (AES_BLOCK_SIZE-1)) { + int oldsz = bytes_to_crypt; + //add padding + bytes_to_crypt += AES_BLOCK_SIZE - (bytes_to_crypt & (AES_BLOCK_SIZE-1)); + //fill padding with random bytes + vtpmmgr_rand(plain + oldsz, bytes_to_crypt - oldsz); + *overlap = 0; + } else { + *overlap = bytes_packed - bytes_to_crypt; + } + + /* Encrypt this chunk */ + aes_crypt_cbc(aes, AES_ENCRYPT, + bytes_to_crypt, + iv, plain, cipher); + + /* Copy the left over partials to the beginning */ + memcpy(plain, plain + bytes_to_crypt, *overlap); + + return bytes_to_crypt; +} + +static TPM_RESULT vtpm_storage_new_vtpm(const uuid_t uuid, int index) { + TPM_RESULT status = TPM_SUCCESS; + uint8_t plain[BUF_SIZE + AES_BLOCK_SIZE]; + uint8_t buf[BUF_SIZE]; + uint8_t* ptr; + int cipher_sz; + aes_context aes; + + /* Add new vtpm to the table */ + vtpm_add(uuid, g_store.end_offset, index); + g_store.end_offset += RSA_CIPHER_SIZE; + + /* Compute the new end location of the encrypted uuid table */ + cipher_sz = AES_BLOCK_SIZE; //IV + cipher_sz += g_store.num_vtpms * UUID_TBL_ENT_SIZE; //uuid table + cipher_sz += (AES_BLOCK_SIZE - (cipher_sz & (AES_BLOCK_SIZE -1))) & (AES_BLOCK_SIZE-1); //aes padding + + /* Does this overlap any key data? If so they need to be relocated */ + int uuid_end = (g_store.uuid_offset + cipher_sz + RSA_CIPHER_SIZE) & ~(RSA_CIPHER_SIZE -1); + for(int i = 0; i < g_store.num_vtpms; ++i) { + if(g_store.vtpms[i].offset < uuid_end) { + + vtpmloginfo(VTPM_LOG_VTPM, "Relocating vtpm data\n"); + + //Read the hashkey cipher text + lseek(blkfront_fd, g_store.vtpms[i].offset, SEEK_SET); + TRY_READ(buf, RSA_CIPHER_SIZE, "vtpm hashkey relocate"); + + //Write the cipher text to new offset + lseek(blkfront_fd, g_store.end_offset, SEEK_SET); + TRY_WRITE(buf, RSA_CIPHER_SIZE, "vtpm hashkey relocate"); + + //Save new offset + g_store.vtpms[i].offset = g_store.end_offset; + g_store.end_offset += RSA_CIPHER_SIZE; + } + } + + vtpmloginfo(VTPM_LOG_VTPM, "Generating a new symmetric key\n"); + + /* Generate an aes key */ + TPMTRYRETURN(vtpmmgr_rand(plain, AES_KEY_SIZE)); + aes_setkey_enc(&aes, plain, AES_KEY_BITS); + ptr = plain + AES_KEY_SIZE; + + /* Pack the crypted size */ + ptr = pack_UINT32(ptr, cipher_sz); + + vtpmloginfo(VTPM_LOG_VTPM, "Binding encrypted key\n"); + + /* Seal the key and size */ + TPMTRYRETURN(TPM_Bind(&vtpm_globals.storage_key, + plain, + ptr - plain, + buf)); + + /* Write the sealed key to disk */ + lseek(blkfront_fd, g_store.aes_offset, SEEK_SET); + TRY_WRITE(buf, RSA_CIPHER_SIZE, "vtpm aes key"); + + /* ENCRYPT AND WRITE UUID TABLE */ + + vtpmloginfo(VTPM_LOG_VTPM, "Encrypting the uuid table\n"); + + int num_vtpms = 0; + int overlap = 0; + int bytes_crypted; + uint8_t iv[AES_BLOCK_SIZE]; + + /* Generate the iv for the first block */ + TPMTRYRETURN(vtpmmgr_rand(iv, AES_BLOCK_SIZE)); + + /* Copy the iv to the cipher text buffer to be written to disk */ + memcpy(buf, iv, AES_BLOCK_SIZE); + ptr = buf + AES_BLOCK_SIZE; + + /* Encrypt the first block of the uuid table */ + bytes_crypted = vtpm_encrypt_block(&aes, + iv, //iv + plain, //plaintext + ptr, //cipher text + BUF_SIZE - AES_BLOCK_SIZE, + &overlap, + &num_vtpms); + + /* Write the iv followed by the crypted table*/ + TRY_WRITE(buf, bytes_crypted + AES_BLOCK_SIZE, "vtpm uuid table"); + + /* Decrement the number of bytes encrypted */ + cipher_sz -= bytes_crypted + AES_BLOCK_SIZE; + + /* If there are more vtpms, encrypt and write them block by block */ + while(cipher_sz > 0) { + /* Encrypt the next block of the uuid table */ + bytes_crypted = vtpm_encrypt_block(&aes, + iv, + plain, + buf, + BUF_SIZE, + &overlap, + &num_vtpms); + + /* Write the cipher text to disk */ + TRY_WRITE(buf, bytes_crypted, "vtpm uuid table"); + + cipher_sz -= bytes_crypted; + } + + goto egress; +abort_egress: +egress: + return status; +} + + +/************************************** + * PUBLIC FUNCTIONS + * ***********************************/ + +int vtpm_storage_init(void) { + struct blkfront_info info; + if((blkdev = init_blkfront(NULL, &info)) == NULL) { + return -1; + } + if((blkfront_fd = blkfront_open(blkdev)) < 0) { + return -1; + } + return 0; +} + +void vtpm_storage_shutdown(void) { + reset_store(); + close(blkfront_fd); +} + +TPM_RESULT vtpm_storage_load_hashkey(const uuid_t uuid, uint8_t hashkey[HASHKEYSZ]) +{ + TPM_RESULT status = TPM_SUCCESS; + int index; + uint8_t cipher[RSA_CIPHER_SIZE]; + uint8_t clear[RSA_CIPHER_SIZE]; + UINT32 clear_size; + + /* Find the index of this uuid */ + if((index = vtpm_get_index(uuid)) < 0) { + index = -index-1; + vtpmlogerror(VTPM_LOG_VTPM, "LoadKey failure: Unrecognized uuid! " UUID_FMT "\n", UUID_BYTES(uuid)); + status = TPM_BAD_PARAMETER; + goto abort_egress; + } + + /* Read the table entry */ + lseek(blkfront_fd, g_store.vtpms[index].offset, SEEK_SET); + TRY_READ(cipher, RSA_CIPHER_SIZE, "vtpm hashkey data"); + + /* Decrypt the table entry */ + TPMTRYRETURN(TPM_UnBind( + vtpm_globals.storage_key_handle, + RSA_CIPHER_SIZE, + cipher, + &clear_size, + clear, + (const TPM_AUTHDATA*)&vtpm_globals.storage_key_usage_auth, + &vtpm_globals.oiap)); + + if(clear_size < HASHKEYSZ) { + vtpmloginfo(VTPM_LOG_VTPM, "Decrypted Hash key size (%" PRIu32 ") was too small!\n", clear_size); + status = TPM_RESOURCES; + goto abort_egress; + } + + memcpy(hashkey, clear, HASHKEYSZ); + + vtpmloginfo(VTPM_LOG_VTPM, "Loaded hash and key for vtpm " UUID_FMT "\n", UUID_BYTES(uuid)); + goto egress; +abort_egress: + vtpmlogerror(VTPM_LOG_VTPM, "Failed to load key\n"); +egress: + return status; +} + +TPM_RESULT vtpm_storage_save_hashkey(const uuid_t uuid, uint8_t hashkey[HASHKEYSZ]) +{ + TPM_RESULT status = TPM_SUCCESS; + int index; + uint8_t buf[RSA_CIPHER_SIZE]; + + /* Find the index of this uuid */ + if((index = vtpm_get_index(uuid)) < 0) { + index = -index-1; + /* Create a new vtpm */ + TPMTRYRETURN( vtpm_storage_new_vtpm(uuid, index) ); + } + + /* Encrypt the hash and key */ + TPMTRYRETURN( TPM_Bind(&vtpm_globals.storage_key, + hashkey, + HASHKEYSZ, + buf)); + + /* Write to disk */ + lseek(blkfront_fd, g_store.vtpms[index].offset, SEEK_SET); + TRY_WRITE(buf, RSA_CIPHER_SIZE, "vtpm hashkey data"); + + vtpmloginfo(VTPM_LOG_VTPM, "Saved hash and key for vtpm " UUID_FMT "\n", UUID_BYTES(uuid)); + goto egress; +abort_egress: + vtpmlogerror(VTPM_LOG_VTPM, "Failed to save key\n"); +egress: + return status; +} + +TPM_RESULT vtpm_storage_new_header() +{ + TPM_RESULT status = TPM_SUCCESS; + uint8_t buf[BUF_SIZE]; + uint8_t keybuf[AES_KEY_SIZE + sizeof(uint32_t)]; + uint8_t* ptr = buf; + uint8_t* sptr; + + /* Clear everything first */ + reset_store(); + + vtpmloginfo(VTPM_LOG_VTPM, "Creating new disk image header\n"); + + /*Copy the ID string */ + memcpy(ptr, IDSTR, IDSTRLEN); + ptr += IDSTRLEN; + + /*Copy the version */ + ptr = pack_UINT32(ptr, DISKVERS); + + /*Save the location of the key size */ + sptr = ptr; + ptr += sizeof(UINT32); + + vtpmloginfo(VTPM_LOG_VTPM, "Saving root storage key..\n"); + + /* Copy the storage key */ + ptr = pack_TPM_KEY(ptr, &vtpm_globals.storage_key); + + /* Now save the size */ + pack_UINT32(sptr, ptr - (sptr + 4)); + + /* Create a fake aes key and set cipher text size to 0 */ + memset(keybuf, 0, sizeof(keybuf)); + + vtpmloginfo(VTPM_LOG_VTPM, "Binding uuid table symmetric key..\n"); + + /* Save the location of the aes key */ + g_store.aes_offset = ptr - buf; + + /* Store the fake aes key and vtpm count */ + TPMTRYRETURN(TPM_Bind(&vtpm_globals.storage_key, + keybuf, + sizeof(keybuf), + ptr)); + ptr+= RSA_CIPHER_SIZE; + + /* Write the header to disk */ + lseek(blkfront_fd, 0, SEEK_SET); + TRY_WRITE(buf, ptr-buf, "vtpm header"); + + /* Save the location of the uuid table */ + g_store.uuid_offset = get_offset(); + + /* Save the end offset */ + g_store.end_offset = (g_store.uuid_offset + RSA_CIPHER_SIZE) & ~(RSA_CIPHER_SIZE -1); + + vtpmloginfo(VTPM_LOG_VTPM, "Saved new manager disk header.\n"); + + goto egress; +abort_egress: +egress: + return status; +} + + +TPM_RESULT vtpm_storage_load_header(void) +{ + TPM_RESULT status = TPM_SUCCESS; + uint32_t v32; + uint8_t buf[BUF_SIZE]; + uint8_t* ptr = buf; + aes_context aes; + + /* Clear everything first */ + reset_store(); + + /* Read the header from disk */ + lseek(blkfront_fd, 0, SEEK_SET); + TRY_READ(buf, IDSTRLEN + sizeof(UINT32) + sizeof(UINT32), "vtpm header"); + + vtpmloginfo(VTPM_LOG_VTPM, "Loading disk image header\n"); + + /* Verify the ID string */ + if(memcmp(ptr, IDSTR, IDSTRLEN)) { + vtpmlogerror(VTPM_LOG_VTPM, "Invalid ID string in disk image!\n"); + status = TPM_FAIL; + goto abort_egress; + } + ptr+=IDSTRLEN; + + /* Unpack the version */ + ptr = unpack_UINT32(ptr, &v32); + + /* Verify the version */ + if(v32 != DISKVERS) { + vtpmlogerror(VTPM_LOG_VTPM, "Unsupported disk image version number %" PRIu32 "\n", v32); + status = TPM_FAIL; + goto abort_egress; + } + + /* Size of the storage key */ + ptr = unpack_UINT32(ptr, &v32); + + /* Sanity check */ + if(v32 > BUF_SIZE) { + vtpmlogerror(VTPM_LOG_VTPM, "Size of storage key (%" PRIu32 ") is too large!\n", v32); + status = TPM_IOERROR; + goto abort_egress; + } + + /* read the storage key */ + TRY_READ(buf, v32, "storage pub key"); + + vtpmloginfo(VTPM_LOG_VTPM, "Unpacking storage key\n"); + + /* unpack the storage key */ + ptr = unpack_TPM_KEY(buf, &vtpm_globals.storage_key, UNPACK_ALLOC); + + /* Load Storage Key into the TPM */ + TPMTRYRETURN( TPM_LoadKey( + TPM_SRK_KEYHANDLE, + &vtpm_globals.storage_key, + &vtpm_globals.storage_key_handle, + (const TPM_AUTHDATA*)&vtpm_globals.srk_auth, + &vtpm_globals.oiap)); + + /* Initialize the storage key auth */ + memset(vtpm_globals.storage_key_usage_auth, 0, sizeof(TPM_AUTHDATA)); + + /* Store the offset of the aes key */ + g_store.aes_offset = get_offset(); + + /* Read the rsa cipher text for the aes key */ + TRY_READ(buf, RSA_CIPHER_SIZE, "aes key"); + ptr = buf + RSA_CIPHER_SIZE; + + vtpmloginfo(VTPM_LOG_VTPM, "Unbinding uuid table symmetric key\n"); + + /* Decrypt the aes key protecting the uuid table */ + UINT32 datalen; + TPMTRYRETURN(TPM_UnBind( + vtpm_globals.storage_key_handle, + RSA_CIPHER_SIZE, + buf, + &datalen, + ptr, + (const TPM_AUTHDATA*)&vtpm_globals.storage_key_usage_auth, + &vtpm_globals.oiap)); + + /* Validate the length of the output buffer */ + if(datalen < AES_KEY_SIZE + sizeof(UINT32)) { + vtpmlogerror(VTPM_LOG_VTPM, "Unbound AES key size (%d) was too small! expected (%ld)\n", datalen, AES_KEY_SIZE + sizeof(UINT32)); + status = TPM_IOERROR; + goto abort_egress; + } + + /* Extract the aes key */ + aes_setkey_dec(&aes, ptr, AES_KEY_BITS); + ptr+= AES_KEY_SIZE; + + /* Extract the ciphertext size */ + ptr = unpack_UINT32(ptr, &v32); + int cipher_size = v32; + + /* Sanity check */ + if(cipher_size & (AES_BLOCK_SIZE-1)) { + vtpmlogerror(VTPM_LOG_VTPM, "Cipher text size (%" PRIu32 ") is not a multiple of the aes block size! (%d)\n", v32, AES_BLOCK_SIZE); + status = TPM_IOERROR; + goto abort_egress; + } + + /* Save the location of the uuid table */ + g_store.uuid_offset = get_offset(); + + /* Only decrypt the table if there are vtpms to decrypt */ + if(cipher_size > 0) { + int rbytes; + int overlap = 0; + uint8_t plain[BUF_SIZE + AES_BLOCK_SIZE]; + uint8_t iv[AES_BLOCK_SIZE]; + + vtpmloginfo(VTPM_LOG_VTPM, "Decrypting uuid table\n"); + + /* Pre allocate the vtpm array */ + g_store.num_vtpms_alloced = cipher_size / UUID_TBL_ENT_SIZE; + g_store.vtpms = malloc(sizeof(struct Vtpm) * g_store.num_vtpms_alloced); + + /* Read the iv and the first chunk of cipher text */ + rbytes = MIN(cipher_size, BUF_SIZE); + TRY_READ(buf, rbytes, "vtpm uuid table\n"); + cipher_size -= rbytes; + + /* Copy the iv */ + memcpy(iv, buf, AES_BLOCK_SIZE); + ptr = buf + AES_BLOCK_SIZE; + + /* Remove the iv from the number of bytes to decrypt */ + rbytes -= AES_BLOCK_SIZE; + + /* Decrypt and extract vtpms */ + vtpm_decrypt_block(&aes, + iv, ptr, plain, + rbytes, &overlap); + + /* Read the rest of the table if there is more */ + while(cipher_size > 0) { + /* Read next chunk of cipher text */ + rbytes = MIN(cipher_size, BUF_SIZE); + TRY_READ(buf, rbytes, "vtpm uuid table"); + cipher_size -= rbytes; + + /* Decrypt a block of text */ + vtpm_decrypt_block(&aes, + iv, buf, plain, + rbytes, &overlap); + + } + vtpmloginfo(VTPM_LOG_VTPM, "Loaded %d vtpms!\n", g_store.num_vtpms); + } + + /* The end of the key table, new vtpms go here */ + int uuid_end = (get_offset() + RSA_CIPHER_SIZE) & ~(RSA_CIPHER_SIZE -1); + g_store.end_offset = uuid_end; + + /* Compute the end offset while validating vtpms*/ + for(int i = 0; i < g_store.num_vtpms; ++i) { + /* offset must not collide with previous data */ + if(g_store.vtpms[i].offset < uuid_end) { + vtpmlogerror(VTPM_LOG_VTPM, "vtpm: " UUID_FMT + " offset (%d) is before end of uuid table (%d)!\n", + UUID_BYTES(g_store.vtpms[i].uuid), + g_store.vtpms[i].offset, uuid_end); + status = TPM_IOERROR; + goto abort_egress; + } + /* offset must be at a multiple of cipher size */ + if(g_store.vtpms[i].offset & (RSA_CIPHER_SIZE-1)) { + vtpmlogerror(VTPM_LOG_VTPM, "vtpm: " UUID_FMT + " offset(%d) is not at a multiple of the rsa cipher text size (%d)!\n", + UUID_BYTES(g_store.vtpms[i].uuid), + g_store.vtpms[i].offset, RSA_CIPHER_SIZE); + status = TPM_IOERROR; + goto abort_egress; + } + /* Save the last offset */ + if(g_store.vtpms[i].offset >= g_store.end_offset) { + g_store.end_offset = g_store.vtpms[i].offset + RSA_CIPHER_SIZE; + } + } + + goto egress; +abort_egress: + //An error occured somewhere + vtpmlogerror(VTPM_LOG_VTPM, "Failed to load manager data!\n"); + + //Clear the data store + reset_store(); + + //Reset the storage key structure + free_TPM_KEY(&vtpm_globals.storage_key); + { + TPM_KEY key = TPM_KEY_INIT; + vtpm_globals.storage_key = key; + } + + //Reset the storage key handle + TPM_EvictKey(vtpm_globals.storage_key_handle); + vtpm_globals.storage_key_handle = 0; +egress: + return status; +} + +#if 0 +/* For testing disk IO */ +void add_fake_vtpms(int num) { + for(int i = 0; i < num; ++i) { + uint32_t ind = cpu_to_be32(i); + + uuid_t uuid; + memset(uuid, 0, sizeof(uuid_t)); + memcpy(uuid, &ind, sizeof(ind)); + int index = vtpm_get_index(uuid); + index = -index-1; + + vtpm_storage_new_vtpm(uuid, index); + } +} +#endif diff -r 06b884fed150 -r 600a6694754a stubdom/vtpmmgr/vtpm_storage.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpmmgr/vtpm_storage.h Fri Jan 18 10:55:43 2013 +0000 @@ -0,0 +1,68 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * based off of the original tools/vtpm_manager code base which is: + * Copyright (c) 2005, Intel Corp. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * * Neither the name of Intel Corporation nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + +#ifndef VTPM_STORAGE_H +#define VTPM_STORAGE_h + +#include "uuid.h" + +#define VTPM_NVMKEY_SIZE 32 +#define HASHKEYSZ (sizeof(TPM_DIGEST) + VTPM_NVMKEY_SIZE) + +/* Initialize the storage system and its virtual disk */ +int vtpm_storage_init(void); + +/* Shutdown the storage system and its virtual disk */ +void vtpm_storage_shutdown(void); + +/* Loads Sha1 hash and 256 bit AES key from disk and stores them + * packed together in outbuf. outbuf must be freed + * by the caller using buffer_free() + */ +TPM_RESULT vtpm_storage_load_hashkey(const uuid_t uuid, uint8_t hashkey[HASHKEYSZ]); + +/* inbuf must contain a sha1 hash followed by a 256 bit AES key. + * Encrypts and stores the hash and key to disk */ +TPM_RESULT vtpm_storage_save_hashkey(const uuid_t uuid, uint8_t hashkey[HASHKEYSZ]); + +/* Load the vtpm manager data - call this on startup */ +TPM_RESULT vtpm_storage_load_header(void); + +/* Saves the vtpm manager data - call this on shutdown */ +TPM_RESULT vtpm_storage_new_header(void); + + +#endif diff -r 06b884fed150 -r 600a6694754a stubdom/vtpmmgr/vtpmmgr.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpmmgr/vtpmmgr.c Fri Jan 18 10:55:43 2013 +0000 @@ -0,0 +1,93 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * based off of the original tools/vtpm_manager code base which is: + * Copyright (c) 2005, Intel Corp. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * * Neither the name of Intel Corporation nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + +#include +#include +#include +#include +#include +#include +#include "log.h" + +#include "vtpmmgr.h" +#include "tcg.h" + + +void main_loop(void) { + tpmcmd_t* tpmcmd; + uint8_t respbuf[TCPA_MAX_BUFFER_LENGTH]; + + while(1) { + /* Wait for requests from a vtpm */ + vtpmloginfo(VTPM_LOG_VTPM, "Waiting for commands from vTPM's:\n"); + if((tpmcmd = tpmback_req_any()) == NULL) { + vtpmlogerror(VTPM_LOG_VTPM, "NULL tpmcmd\n"); + continue; + } + + tpmcmd->resp = respbuf; + + /* Process the command */ + vtpmmgr_handle_cmd(tpmcmd->uuid, tpmcmd); + + /* Send response */ + tpmback_resp(tpmcmd); + } +} + +int main(int argc, char** argv) +{ + int rc = 0; + sleep(2); + vtpmloginfo(VTPM_LOG_VTPM, "Starting vTPM manager domain\n"); + + /* Initialize the vtpm manager */ + if(vtpmmgr_init(argc, argv) != TPM_SUCCESS) { + vtpmlogerror(VTPM_LOG_VTPM, "Unable to initialize vtpmmgr domain!\n"); + rc = -1; + goto exit; + } + + main_loop(); + + vtpmloginfo(VTPM_LOG_VTPM, "vTPM Manager shutting down...\n"); + + vtpmmgr_shutdown(); + +exit: + return rc; + +} diff -r 06b884fed150 -r 600a6694754a stubdom/vtpmmgr/vtpmmgr.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpmmgr/vtpmmgr.h Fri Jan 18 10:55:43 2013 +0000 @@ -0,0 +1,77 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * based off of the original tools/vtpm_manager code base which is: + * Copyright (c) 2005, Intel Corp. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * * Neither the name of Intel Corporation nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + +#ifndef VTPMMGR_H +#define VTPMMGR_H + +#include +#include +#include + +#include "uuid.h" +#include "tcg.h" +#include "vtpm_manager.h" + +#define RSA_KEY_SIZE 0x0800 +#define RSA_CIPHER_SIZE (RSA_KEY_SIZE / 8) + +struct vtpm_globals { + int tpm_fd; + TPM_KEY storage_key; + TPM_HANDLE storage_key_handle; // Key used by persistent store + TPM_AUTH_SESSION oiap; // OIAP session for storageKey + TPM_AUTHDATA storage_key_usage_auth; + + TPM_AUTHDATA owner_auth; + TPM_AUTHDATA srk_auth; + + entropy_context entropy; + ctr_drbg_context ctr_drbg; +}; + +// --------------------------- Global Values -------------------------- +extern struct vtpm_globals vtpm_globals; // Key info and DMI states + +TPM_RESULT vtpmmgr_init(int argc, char** argv); +void vtpmmgr_shutdown(void); + +TPM_RESULT vtpmmgr_handle_cmd(const uuid_t uuid, tpmcmd_t* tpmcmd); + +inline TPM_RESULT vtpmmgr_rand(unsigned char* bytes, size_t num_bytes) { + return ctr_drbg_random(&vtpm_globals.ctr_drbg, bytes, num_bytes) == 0 ? 0 : TPM_FAIL; +} + +#endif _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:33:27 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:33:27 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvi-0001Fq-Tt; Mon, 21 Jan 2013 22:33:26 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvg-0001Dc-Pa for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:25 +0000 Received: from [85.158.137.99:12852] by server-8.bemta-3.messagelabs.com id B6/DE-22802-F22CDF05; Mon, 21 Jan 2013 22:33:19 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-12.tower-217.messagelabs.com!1358807590!14784290!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG, UPPERCASE_25_50 X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 505 invoked from network); 21 Jan 2013 22:33:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-12.tower-217.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:33:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvS-0005fp-G1 for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPvS-0003gu-AV for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:10 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:09 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] add stubdom/vtpmmgr code X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Matthew Fioravante # Date 1358506543 0 # Node ID 600a6694754aacc2fbd0daa99d6ec994f15cfbbe # Parent 06b884fed150c91eb1506d1b33d9356d12d85293 add stubdom/vtpmmgr code Add the code base for vtpmmgrdom. Makefile changes next patch. Signed-off-by: Matthew Fioravante Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r 06b884fed150 -r 600a6694754a stubdom/vtpmmgr/Makefile --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpmmgr/Makefile Fri Jan 18 10:55:43 2013 +0000 @@ -0,0 +1,32 @@ +# Copyright (c) 2010-2012 United States Government, as represented by +# the Secretary of Defense. All rights reserved. +# +# THIS SOFTWARE AND ITS DOCUMENTATION ARE PROVIDED AS IS AND WITHOUT +# ANY EXPRESS OR IMPLIED WARRANTIES WHATSOEVER. ALL WARRANTIES +# INCLUDING, BUT NOT LIMITED TO, PERFORMANCE, MERCHANTABILITY, FITNESS +# FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT ARE HEREBY +# DISCLAIMED. USERS ASSUME THE ENTIRE RISK AND LIABILITY OF USING THE +# SOFTWARE. +# + +XEN_ROOT=../.. + +PSSL_DIR=../polarssl-$(XEN_TARGET_ARCH)/library +PSSL_OBJS=aes.o sha1.o entropy.o ctr_drbg.o bignum.o sha4.o havege.o timing.o entropy_poll.o + +TARGET=vtpmmgr.a +OBJS=vtpmmgr.o vtpm_cmd_handler.o vtpm_storage.o init.o tpmrsa.o tpm.o log.o + +CFLAGS+=-Werror -Iutil -Icrypto -Itcs +CFLAGS+=-Wno-declaration-after-statement -Wno-unused-label + +build: $(TARGET) +$(TARGET): $(OBJS) + ar -rcs $@ $^ $(foreach obj,$(PSSL_OBJS),$(PSSL_DIR)/$(obj)) + +clean: + rm -f $(TARGET) $(OBJS) + +distclean: clean + +.PHONY: clean distclean diff -r 06b884fed150 -r 600a6694754a stubdom/vtpmmgr/init.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpmmgr/init.c Fri Jan 18 10:55:43 2013 +0000 @@ -0,0 +1,553 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * based off of the original tools/vtpm_manager code base which is: + * Copyright (c) 2005, Intel Corp. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * * Neither the name of Intel Corporation nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. +*/ +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "log.h" +#include "vtpmmgr.h" +#include "vtpm_storage.h" +#include "tpm.h" +#include "marshal.h" + +struct Opts { + enum { + TPMDRV_TPM_TIS, + TPMDRV_TPMFRONT, + } tpmdriver; + unsigned long tpmiomem; + unsigned int tpmirq; + unsigned int tpmlocality; + int gen_owner_auth; +}; + +// --------------------------- Well Known Auths -------------------------- +const TPM_AUTHDATA WELLKNOWN_SRK_AUTH = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}; + +const TPM_AUTHDATA WELLKNOWN_OWNER_AUTH = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff}; + +struct vtpm_globals vtpm_globals = { + .tpm_fd = -1, + .storage_key = TPM_KEY_INIT, + .storage_key_handle = 0, + .oiap = { .AuthHandle = 0 } +}; + +static int tpm_entropy_source(void* dummy, unsigned char* data, size_t len, size_t* olen) { + UINT32 sz = len; + TPM_RESULT rc = TPM_GetRandom(&sz, data); + *olen = sz; + return rc == TPM_SUCCESS ? 0 : POLARSSL_ERR_ENTROPY_SOURCE_FAILED; +} + +static TPM_RESULT check_tpm_version(void) { + TPM_RESULT status; + UINT32 rsize; + BYTE* res = NULL; + TPM_CAP_VERSION_INFO vinfo; + + TPMTRYRETURN(TPM_GetCapability( + TPM_CAP_VERSION_VAL, + 0, + NULL, + &rsize, + &res)); + if(rsize < 4) { + vtpmlogerror(VTPM_LOG_VTPM, "Invalid size returned by GetCapability!\n"); + status = TPM_BAD_PARAMETER; + goto abort_egress; + } + + unpack_TPM_CAP_VERSION_INFO(res, &vinfo, UNPACK_ALIAS); + + vtpmloginfo(VTPM_LOG_VTPM, "Hardware TPM:\n"); + vtpmloginfo(VTPM_LOG_VTPM, " version: %hhd %hhd %hhd %hhd\n", + vinfo.version.major, vinfo.version.minor, vinfo.version.revMajor, vinfo.version.revMinor); + vtpmloginfo(VTPM_LOG_VTPM, " specLevel: %hd\n", vinfo.specLevel); + vtpmloginfo(VTPM_LOG_VTPM, " errataRev: %hhd\n", vinfo.errataRev); + vtpmloginfo(VTPM_LOG_VTPM, " vendorID: %c%c%c%c\n", + vinfo.tpmVendorID[0], vinfo.tpmVendorID[1], + vinfo.tpmVendorID[2], vinfo.tpmVendorID[3]); + vtpmloginfo(VTPM_LOG_VTPM, " vendorSpecificSize: %hd\n", vinfo.vendorSpecificSize); + vtpmloginfo(VTPM_LOG_VTPM, " vendorSpecific: "); + for(int i = 0; i < vinfo.vendorSpecificSize; ++i) { + vtpmloginfomore(VTPM_LOG_VTPM, "%02hhx", vinfo.vendorSpecific[i]); + } + vtpmloginfomore(VTPM_LOG_VTPM, "\n"); + +abort_egress: + free(res); + return status; +} + +static TPM_RESULT flush_tpm(void) { + TPM_RESULT status = TPM_SUCCESS; + const TPM_RESOURCE_TYPE reslist[] = { TPM_RT_KEY, TPM_RT_AUTH, TPM_RT_TRANS, TPM_RT_COUNTER, TPM_RT_DAA_TPM, TPM_RT_CONTEXT }; + BYTE* keylist = NULL; + UINT32 keylistSize; + BYTE* ptr; + + //Iterate through each resource type and flush all handles + for(int i = 0; i < sizeof(reslist) / sizeof(TPM_RESOURCE_TYPE); ++i) { + TPM_RESOURCE_TYPE beres = cpu_to_be32(reslist[i]); + UINT16 size; + TPMTRYRETURN(TPM_GetCapability( + TPM_CAP_HANDLE, + sizeof(TPM_RESOURCE_TYPE), + (BYTE*)(&beres), + &keylistSize, + &keylist)); + + ptr = keylist; + ptr = unpack_UINT16(ptr, &size); + + //Flush each handle + if(size) { + vtpmloginfo(VTPM_LOG_VTPM, "Flushing %u handle(s) of type %lu\n", size, (unsigned long) reslist[i]); + for(int j = 0; j < size; ++j) { + TPM_HANDLE h; + ptr = unpack_TPM_HANDLE(ptr, &h); + TPMTRYRETURN(TPM_FlushSpecific(h, reslist[i])); + } + } + + free(keylist); + keylist = NULL; + } + + goto egress; +abort_egress: + free(keylist); +egress: + return status; +} + + +static TPM_RESULT try_take_ownership(void) { + TPM_RESULT status = TPM_SUCCESS; + TPM_PUBKEY pubEK = TPM_PUBKEY_INIT; + + // If we can read PubEK then there is no owner and we should take it. + status = TPM_ReadPubek(&pubEK); + + switch(status) { + case TPM_DISABLED_CMD: + //Cannot read ek? TPM has owner + vtpmloginfo(VTPM_LOG_VTPM, "Failed to readEK meaning TPM has an owner. Creating Keys off existing SRK.\n"); + status = TPM_SUCCESS; + break; + case TPM_NO_ENDORSEMENT: + { + //If theres no ek, we have to create one + TPM_KEY_PARMS keyInfo = { + .algorithmID = TPM_ALG_RSA, + .encScheme = TPM_ES_RSAESOAEP_SHA1_MGF1, + .sigScheme = TPM_SS_NONE, + .parmSize = 12, + .parms.rsa = { + .keyLength = RSA_KEY_SIZE, + .numPrimes = 2, + .exponentSize = 0, + .exponent = NULL, + }, + }; + TPMTRYRETURN(TPM_CreateEndorsementKeyPair(&keyInfo, &pubEK)); + } + //fall through to take ownership + case TPM_SUCCESS: + { + //Construct the Srk + TPM_KEY srk = { + .ver = TPM_STRUCT_VER_1_1, + .keyUsage = TPM_KEY_STORAGE, + .keyFlags = 0x00, + .authDataUsage = TPM_AUTH_ALWAYS, + .algorithmParms = { + .algorithmID = TPM_ALG_RSA, + .encScheme = TPM_ES_RSAESOAEP_SHA1_MGF1, + .sigScheme = TPM_SS_NONE, + .parmSize = 12, + .parms.rsa = { + .keyLength = RSA_KEY_SIZE, + .numPrimes = 2, + .exponentSize = 0, + .exponent = NULL, + }, + }, + .PCRInfoSize = 0, + .pubKey = { + .keyLength = 0, + .key = NULL, + }, + .encDataSize = 0, + }; + + TPMTRYRETURN(TPM_TakeOwnership( + &pubEK, + (const TPM_AUTHDATA*)&vtpm_globals.owner_auth, + (const TPM_AUTHDATA*)&vtpm_globals.srk_auth, + &srk, + NULL, + &vtpm_globals.oiap)); + + TPMTRYRETURN(TPM_DisablePubekRead( + (const TPM_AUTHDATA*)&vtpm_globals.owner_auth, + &vtpm_globals.oiap)); + } + break; + default: + break; + } +abort_egress: + free_TPM_PUBKEY(&pubEK); + return status; +} + +static void init_storage_key(TPM_KEY* key) { + key->ver.major = 1; + key->ver.minor = 1; + key->ver.revMajor = 0; + key->ver.revMinor = 0; + + key->keyUsage = TPM_KEY_BIND; + key->keyFlags = 0; + key->authDataUsage = TPM_AUTH_ALWAYS; + + TPM_KEY_PARMS* p = &key->algorithmParms; + p->algorithmID = TPM_ALG_RSA; + p->encScheme = TPM_ES_RSAESOAEP_SHA1_MGF1; + p->sigScheme = TPM_SS_NONE; + p->parmSize = 12; + + TPM_RSA_KEY_PARMS* r = &p->parms.rsa; + r->keyLength = RSA_KEY_SIZE; + r->numPrimes = 2; + r->exponentSize = 0; + r->exponent = NULL; + + key->PCRInfoSize = 0; + key->encDataSize = 0; + key->encData = NULL; +} + +static int parse_auth_string(char* authstr, BYTE* target, const TPM_AUTHDATA wellknown, int allowrandom) { + int rc; + /* well known owner auth */ + if(!strcmp(authstr, "well-known")) { + memcpy(target, wellknown, sizeof(TPM_AUTHDATA)); + } + /* Create a randomly generated owner auth */ + else if(allowrandom && !strcmp(authstr, "random")) { + return 1; + } + /* owner auth is a raw hash */ + else if(!strncmp(authstr, "hash:", 5)) { + authstr += 5; + if((rc = strlen(authstr)) != 40) { + vtpmlogerror(VTPM_LOG_VTPM, "Supplied owner auth hex string `%s' must be exactly 40 characters (20 bytes) long, length=%d\n", authstr, rc); + return -1; + } + for(int j = 0; j < 20; ++j) { + if(sscanf(authstr, "%hhX", target + j) != 1) { + vtpmlogerror(VTPM_LOG_VTPM, "Supplied owner auth string `%s' is not a valid hex string\n", authstr); + return -1; + } + authstr += 2; + } + } + /* owner auth is a string that will be hashed */ + else if(!strncmp(authstr, "text:", 5)) { + authstr += 5; + sha1((const unsigned char*)authstr, strlen(authstr), target); + } + else { + vtpmlogerror(VTPM_LOG_VTPM, "Invalid auth string %s\n", authstr); + return -1; + } + + return 0; +} + +int parse_cmdline_opts(int argc, char** argv, struct Opts* opts) +{ + int rc; + int i; + + //Set defaults + memcpy(vtpm_globals.owner_auth, WELLKNOWN_OWNER_AUTH, sizeof(TPM_AUTHDATA)); + memcpy(vtpm_globals.srk_auth, WELLKNOWN_SRK_AUTH, sizeof(TPM_AUTHDATA)); + + for(i = 1; i < argc; ++i) { + if(!strncmp(argv[i], "owner_auth:", 10)) { + if((rc = parse_auth_string(argv[i] + 10, vtpm_globals.owner_auth, WELLKNOWN_OWNER_AUTH, 1)) < 0) { + goto err_invalid; + } + if(rc == 1) { + opts->gen_owner_auth = 1; + } + } + else if(!strncmp(argv[i], "srk_auth:", 8)) { + if((rc = parse_auth_string(argv[i] + 8, vtpm_globals.srk_auth, WELLKNOWN_SRK_AUTH, 0)) != 0) { + goto err_invalid; + } + } + else if(!strncmp(argv[i], "tpmdriver=", 10)) { + if(!strcmp(argv[i] + 10, "tpm_tis")) { + opts->tpmdriver = TPMDRV_TPM_TIS; + } else if(!strcmp(argv[i] + 10, "tpmfront")) { + opts->tpmdriver = TPMDRV_TPMFRONT; + } else { + goto err_invalid; + } + } + else if(!strncmp(argv[i], "tpmiomem=",9)) { + if(sscanf(argv[i] + 9, "0x%lX", &opts->tpmiomem) != 1) { + goto err_invalid; + } + } + else if(!strncmp(argv[i], "tpmirq=",7)) { + if(!strcmp(argv[i] + 7, "probe")) { + opts->tpmirq = TPM_PROBE_IRQ; + } else if( sscanf(argv[i] + 7, "%u", &opts->tpmirq) != 1) { + goto err_invalid; + } + } + else if(!strncmp(argv[i], "tpmlocality=",12)) { + if(sscanf(argv[i] + 12, "%u", &opts->tpmlocality) != 1 || opts->tpmlocality > 4) { + goto err_invalid; + } + } + } + + switch(opts->tpmdriver) { + case TPMDRV_TPM_TIS: + vtpmloginfo(VTPM_LOG_VTPM, "Option: Using tpm_tis driver\n"); + break; + case TPMDRV_TPMFRONT: + vtpmloginfo(VTPM_LOG_VTPM, "Option: Using tpmfront driver\n"); + break; + } + + return 0; +err_invalid: + vtpmlogerror(VTPM_LOG_VTPM, "Invalid Option %s\n", argv[i]); + return -1; +} + + + +static TPM_RESULT vtpmmgr_create(void) { + TPM_RESULT status = TPM_SUCCESS; + TPM_AUTH_SESSION osap = TPM_AUTH_SESSION_INIT; + TPM_AUTHDATA sharedsecret; + + // Take ownership if TPM is unowned + TPMTRYRETURN(try_take_ownership()); + + // Generate storage key's auth + memset(&vtpm_globals.storage_key_usage_auth, 0, sizeof(TPM_AUTHDATA)); + + TPMTRYRETURN( TPM_OSAP( + TPM_ET_KEYHANDLE, + TPM_SRK_KEYHANDLE, + (const TPM_AUTHDATA*)&vtpm_globals.srk_auth, + &sharedsecret, + &osap) ); + + init_storage_key(&vtpm_globals.storage_key); + + //initialize the storage key + TPMTRYRETURN( TPM_CreateWrapKey( + TPM_SRK_KEYHANDLE, + (const TPM_AUTHDATA*)&sharedsecret, + (const TPM_AUTHDATA*)&vtpm_globals.storage_key_usage_auth, + (const TPM_AUTHDATA*)&vtpm_globals.storage_key_usage_auth, + &vtpm_globals.storage_key, + &osap) ); + + //Load Storage Key + TPMTRYRETURN( TPM_LoadKey( + TPM_SRK_KEYHANDLE, + &vtpm_globals.storage_key, + &vtpm_globals.storage_key_handle, + (const TPM_AUTHDATA*) &vtpm_globals.srk_auth, + &vtpm_globals.oiap)); + + //Make sure TPM has commited changes + TPMTRYRETURN( TPM_SaveState() ); + + //Create new disk image + TPMTRYRETURN(vtpm_storage_new_header()); + + goto egress; +abort_egress: +egress: + vtpmloginfo(VTPM_LOG_VTPM, "Finished initialized new VTPM manager\n"); + + //End the OSAP session + if(osap.AuthHandle) { + TPM_TerminateHandle(osap.AuthHandle); + } + + return status; +} + +TPM_RESULT vtpmmgr_init(int argc, char** argv) { + TPM_RESULT status = TPM_SUCCESS; + + /* Default commandline options */ + struct Opts opts = { + .tpmdriver = TPMDRV_TPM_TIS, + .tpmiomem = TPM_BASEADDR, + .tpmirq = 0, + .tpmlocality = 0, + .gen_owner_auth = 0, + }; + + if(parse_cmdline_opts(argc, argv, &opts) != 0) { + vtpmlogerror(VTPM_LOG_VTPM, "Command line parsing failed! exiting..\n"); + status = TPM_BAD_PARAMETER; + goto abort_egress; + } + + //Setup storage system + if(vtpm_storage_init() != 0) { + vtpmlogerror(VTPM_LOG_VTPM, "Unable to initialize storage subsystem!\n"); + status = TPM_IOERROR; + goto abort_egress; + } + + //Setup tpmback device + init_tpmback(); + + //Setup tpm access + switch(opts.tpmdriver) { + case TPMDRV_TPM_TIS: + { + struct tpm_chip* tpm; + if((tpm = init_tpm_tis(opts.tpmiomem, TPM_TIS_LOCL_INT_TO_FLAG(opts.tpmlocality), opts.tpmirq)) == NULL) { + vtpmlogerror(VTPM_LOG_VTPM, "Unable to initialize tpmfront device\n"); + status = TPM_IOERROR; + goto abort_egress; + } + vtpm_globals.tpm_fd = tpm_tis_open(tpm); + tpm_tis_request_locality(tpm, opts.tpmlocality); + } + break; + case TPMDRV_TPMFRONT: + { + struct tpmfront_dev* tpmfront_dev; + if((tpmfront_dev = init_tpmfront(NULL)) == NULL) { + vtpmlogerror(VTPM_LOG_VTPM, "Unable to initialize tpmfront device\n"); + status = TPM_IOERROR; + goto abort_egress; + } + vtpm_globals.tpm_fd = tpmfront_open(tpmfront_dev); + } + break; + } + + //Get the version of the tpm + TPMTRYRETURN(check_tpm_version()); + + // Blow away all stale handles left in the tpm + if(flush_tpm() != TPM_SUCCESS) { + vtpmlogerror(VTPM_LOG_VTPM, "VTPM_FlushResources failed, continuing anyway..\n"); + } + + /* Initialize the rng */ + entropy_init(&vtpm_globals.entropy); + entropy_add_source(&vtpm_globals.entropy, tpm_entropy_source, NULL, 0); + entropy_gather(&vtpm_globals.entropy); + ctr_drbg_init(&vtpm_globals.ctr_drbg, entropy_func, &vtpm_globals.entropy, NULL, 0); + ctr_drbg_set_prediction_resistance( &vtpm_globals.ctr_drbg, CTR_DRBG_PR_OFF ); + + // Generate Auth for Owner + if(opts.gen_owner_auth) { + vtpmmgr_rand(vtpm_globals.owner_auth, sizeof(TPM_AUTHDATA)); + } + + // Create OIAP session for service's authorized commands + TPMTRYRETURN( TPM_OIAP(&vtpm_globals.oiap) ); + + /* Load the Manager data, if it fails create a new manager */ + if (vtpm_storage_load_header() != TPM_SUCCESS) { + /* If the OIAP session was closed by an error, create a new one */ + if(vtpm_globals.oiap.AuthHandle == 0) { + TPMTRYRETURN( TPM_OIAP(&vtpm_globals.oiap) ); + } + vtpmloginfo(VTPM_LOG_VTPM, "Failed to read manager file. Assuming first time initialization.\n"); + TPMTRYRETURN( vtpmmgr_create() ); + } + + goto egress; +abort_egress: + vtpmmgr_shutdown(); +egress: + return status; +} + +void vtpmmgr_shutdown(void) +{ + /* Cleanup resources */ + free_TPM_KEY(&vtpm_globals.storage_key); + + /* Cleanup TPM resources */ + TPM_EvictKey(vtpm_globals.storage_key_handle); + TPM_TerminateHandle(vtpm_globals.oiap.AuthHandle); + + /* Close tpmback */ + shutdown_tpmback(); + + /* Close the storage system and blkfront */ + vtpm_storage_shutdown(); + + /* Close tpmfront/tpm_tis */ + close(vtpm_globals.tpm_fd); + + vtpmloginfo(VTPM_LOG_VTPM, "VTPM Manager stopped.\n"); +} diff -r 06b884fed150 -r 600a6694754a stubdom/vtpmmgr/log.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpmmgr/log.c Fri Jan 18 10:55:43 2013 +0000 @@ -0,0 +1,151 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * based off of the original tools/vtpm_manager code base which is: + * Copyright (c) 2005, Intel Corp. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * * Neither the name of Intel Corporation nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + +#include +#include +#include + +#include "tcg.h" + +char *module_names[] = { "", + "TPM", + "TPM", + "VTPM", + "VTPM", + "TXDATA", + }; +// Helper code for the consts, eg. to produce messages for error codes. + +typedef struct error_code_entry_t { + TPM_RESULT code; + char * code_name; + char * msg; +} error_code_entry_t; + +static const error_code_entry_t error_msgs [] = { + { TPM_SUCCESS, "TPM_SUCCESS", "Successful completion of the operation" }, + { TPM_AUTHFAIL, "TPM_AUTHFAIL", "Authentication failed" }, + { TPM_BADINDEX, "TPM_BADINDEX", "The index to a PCR, DIR or other register is incorrect" }, + { TPM_BAD_PARAMETER, "TPM_BAD_PARAMETER", "One or more parameter is bad" }, + { TPM_AUDITFAILURE, "TPM_AUDITFAILURE", "An operation completed successfully but the auditing of that operation failed." }, + { TPM_CLEAR_DISABLED, "TPM_CLEAR_DISABLED", "The clear disable flag is set and all clear operations now require physical access" }, + { TPM_DEACTIVATED, "TPM_DEACTIVATED", "The TPM is deactivated" }, + { TPM_DISABLED, "TPM_DISABLED", "The TPM is disabled" }, + { TPM_DISABLED_CMD, "TPM_DISABLED_CMD", "The target command has been disabled" }, + { TPM_FAIL, "TPM_FAIL", "The operation failed" }, + { TPM_BAD_ORDINAL, "TPM_BAD_ORDINAL", "The ordinal was unknown or inconsistent" }, + { TPM_INSTALL_DISABLED, "TPM_INSTALL_DISABLED", "The ability to install an owner is disabled" }, + { TPM_INVALID_KEYHANDLE, "TPM_INVALID_KEYHANDLE", "The key handle presented was invalid" }, + { TPM_KEYNOTFOUND, "TPM_KEYNOTFOUND", "The target key was not found" }, + { TPM_INAPPROPRIATE_ENC, "TPM_INAPPROPRIATE_ENC", "Unacceptable encryption scheme" }, + { TPM_MIGRATEFAIL, "TPM_MIGRATEFAIL", "Migration authorization failed" }, + { TPM_INVALID_PCR_INFO, "TPM_INVALID_PCR_INFO", "PCR information could not be interpreted" }, + { TPM_NOSPACE, "TPM_NOSPACE", "No room to load key." }, + { TPM_NOSRK, "TPM_NOSRK", "There is no SRK set" }, + { TPM_NOTSEALED_BLOB, "TPM_NOTSEALED_BLOB", "An encrypted blob is invalid or was not created by this TPM" }, + { TPM_OWNER_SET, "TPM_OWNER_SET", "There is already an Owner" }, + { TPM_RESOURCES, "TPM_RESOURCES", "The TPM has insufficient internal resources to perform the requested action." }, + { TPM_SHORTRANDOM, "TPM_SHORTRANDOM", "A random string was too short" }, + { TPM_SIZE, "TPM_SIZE", "The TPM does not have the space to perform the operation." }, + { TPM_WRONGPCRVAL, "TPM_WRONGPCRVAL", "The named PCR value does not match the current PCR value." }, + { TPM_BAD_PARAM_SIZE, "TPM_BAD_PARAM_SIZE", "The paramSize argument to the command has the incorrect value" }, + { TPM_SHA_THREAD, "TPM_SHA_THREAD", "There is no existing SHA-1 thread." }, + { TPM_SHA_ERROR, "TPM_SHA_ERROR", "The calculation is unable to proceed because the existing SHA-1 thread has already encountered an error." }, + { TPM_FAILEDSELFTEST, "TPM_FAILEDSELFTEST", "Self-test has failed and the TPM has shutdown." }, + { TPM_AUTH2FAIL, "TPM_AUTH2FAIL", "The authorization for the second key in a 2 key function failed authorization" }, + { TPM_BADTAG, "TPM_BADTAG", "The tag value sent to for a command is invalid" }, + { TPM_IOERROR, "TPM_IOERROR", "An IO error occurred transmitting information to the TPM" }, + { TPM_ENCRYPT_ERROR, "TPM_ENCRYPT_ERROR", "The encryption process had a problem." }, + { TPM_DECRYPT_ERROR, "TPM_DECRYPT_ERROR", "The decryption process did not complete." }, + { TPM_INVALID_AUTHHANDLE, "TPM_INVALID_AUTHHANDLE", "An invalid handle was used." }, + { TPM_NO_ENDORSEMENT, "TPM_NO_ENDORSEMENT", "The TPM does not a EK installed" }, + { TPM_INVALID_KEYUSAGE, "TPM_INVALID_KEYUSAGE", "The usage of a key is not allowed" }, + { TPM_WRONG_ENTITYTYPE, "TPM_WRONG_ENTITYTYPE", "The submitted entity type is not allowed" }, + { TPM_INVALID_POSTINIT, "TPM_INVALID_POSTINIT", "The command was received in the wrong sequence relative to TPM_Init and a subsequent TPM_Startup" }, + { TPM_INAPPROPRIATE_SIG, "TPM_INAPPROPRIATE_SIG", "Signed data cannot include additional DER information" }, + { TPM_BAD_KEY_PROPERTY, "TPM_BAD_KEY_PROPERTY", "The key properties in TPM_KEY_PARMs are not supported by this TPM" }, + + { TPM_BAD_MIGRATION, "TPM_BAD_MIGRATION", "The migration properties of this key are incorrect." }, + { TPM_BAD_SCHEME, "TPM_BAD_SCHEME", "The signature or encryption scheme for this key is incorrect or not permitted in this situation." }, + { TPM_BAD_DATASIZE, "TPM_BAD_DATASIZE", "The size of the data (or blob) parameter is bad or inconsistent with the referenced key" }, + { TPM_BAD_MODE, "TPM_BAD_MODE", "A mode parameter is bad, such as capArea or subCapArea for TPM_GetCapability, phsicalPresence parameter for TPM_PhysicalPresence, or migrationType for TPM_CreateMigrationBlob." }, + { TPM_BAD_PRESENCE, "TPM_BAD_PRESENCE", "Either the physicalPresence or physicalPresenceLock bits have the wrong value" }, + { TPM_BAD_VERSION, "TPM_BAD_VERSION", "The TPM cannot perform this version of the capability" }, + { TPM_NO_WRAP_TRANSPORT, "TPM_NO_WRAP_TRANSPORT", "The TPM does not allow for wrapped transport sessions" }, + { TPM_AUDITFAIL_UNSUCCESSFUL, "TPM_AUDITFAIL_UNSUCCESSFUL", "TPM audit construction failed and the underlying command was returning a failure code also" }, + { TPM_AUDITFAIL_SUCCESSFUL, "TPM_AUDITFAIL_SUCCESSFUL", "TPM audit construction failed and the underlying command was returning success" }, + { TPM_NOTRESETABLE, "TPM_NOTRESETABLE", "Attempt to reset a PCR register that does not have the resettable attribute" }, + { TPM_NOTLOCAL, "TPM_NOTLOCAL", "Attempt to reset a PCR register that requires locality and locality modifier not part of command transport" }, + { TPM_BAD_TYPE, "TPM_BAD_TYPE", "Make identity blob not properly typed" }, + { TPM_INVALID_RESOURCE, "TPM_INVALID_RESOURCE", "When saving context identified resource type does not match actual resource" }, + { TPM_NOTFIPS, "TPM_NOTFIPS", "The TPM is attempting to execute a command only available when in FIPS mode" }, + { TPM_INVALID_FAMILY, "TPM_INVALID_FAMILY", "The command is attempting to use an invalid family ID" }, + { TPM_NO_NV_PERMISSION, "TPM_NO_NV_PERMISSION", "The permission to manipulate the NV storage is not available" }, + { TPM_REQUIRES_SIGN, "TPM_REQUIRES_SIGN", "The operation requires a signed command" }, + { TPM_KEY_NOTSUPPORTED, "TPM_KEY_NOTSUPPORTED", "Wrong operation to load an NV key" }, + { TPM_AUTH_CONFLICT, "TPM_AUTH_CONFLICT", "NV_LoadKey blob requires both owner and blob authorization" }, + { TPM_AREA_LOCKED, "TPM_AREA_LOCKED", "The NV area is locked and not writtable" }, + { TPM_BAD_LOCALITY, "TPM_BAD_LOCALITY", "The locality is incorrect for the attempted operation" }, + { TPM_READ_ONLY, "TPM_READ_ONLY", "The NV area is read only and can't be written to" }, + { TPM_PER_NOWRITE, "TPM_PER_NOWRITE", "There is no protection on the write to the NV area" }, + { TPM_FAMILYCOUNT, "TPM_FAMILYCOUNT", "The family count value does not match" }, + { TPM_WRITE_LOCKED, "TPM_WRITE_LOCKED", "The NV area has already been written to" }, + { TPM_BAD_ATTRIBUTES, "TPM_BAD_ATTRIBUTES", "The NV area attributes conflict" }, + { TPM_INVALID_STRUCTURE, "TPM_INVALID_STRUCTURE", "The structure tag and version are invalid or inconsistent" }, + { TPM_KEY_OWNER_CONTROL, "TPM_KEY_OWNER_CONTROL", "The key is under control of the TPM Owner and can only be evicted by the TPM Owner." }, + { TPM_BAD_COUNTER, "TPM_BAD_COUNTER", "The counter handle is incorrect" }, + { TPM_NOT_FULLWRITE, "TPM_NOT_FULLWRITE", "The write is not a complete write of the area" }, + { TPM_CONTEXT_GAP, "TPM_CONTEXT_GAP", "The gap between saved context counts is too large" }, + { TPM_MAXNVWRITES, "TPM_MAXNVWRITES", "The maximum number of NV writes without an owner has been exceeded" }, + { TPM_NOOPERATOR, "TPM_NOOPERATOR", "No operator authorization value is set" }, + { TPM_RESOURCEMISSING, "TPM_RESOURCEMISSING", "The resource pointed to by context is not loaded" }, + { TPM_DELEGATE_LOCK, "TPM_DELEGATE_LOCK", "The delegate administration is locked" }, + { TPM_DELEGATE_FAMILY, "TPM_DELEGATE_FAMILY", "Attempt to manage a family other then the delegated family" }, + { TPM_DELEGATE_ADMIN, "TPM_DELEGATE_ADMIN", "Delegation table management not enabled" }, + { TPM_TRANSPORT_EXCLUSIVE, "TPM_TRANSPORT_EXCLUSIVE", "There was a command executed outside of an exclusive transport session" }, +}; + + +// helper function for the error codes: +const char* tpm_get_error_name (TPM_RESULT code) { + // just do a linear scan for now + unsigned i; + for (i = 0; i < sizeof(error_msgs)/sizeof(error_msgs[0]); i++) + if (code == error_msgs[i].code) + return error_msgs[i].code_name; + + return("Unknown Error Code"); +} diff -r 06b884fed150 -r 600a6694754a stubdom/vtpmmgr/log.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpmmgr/log.h Fri Jan 18 10:55:43 2013 +0000 @@ -0,0 +1,85 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * based off of the original tools/vtpm_manager code base which is: + * Copyright (c) 2005, Intel Corp. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * * Neither the name of Intel Corporation nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + +#ifndef __VTPM_LOG_H__ +#define __VTPM_LOG_H__ + +#include // for uint32_t +#include // for pointer NULL +#include +#include "tcg.h" + +// =========================== LOGGING ============================== + +// the logging module numbers +#define VTPM_LOG_TPM 1 +#define VTPM_LOG_TPM_DEEP 2 +#define VTPM_LOG_VTPM 3 +#define VTPM_LOG_VTPM_DEEP 4 +#define VTPM_LOG_TXDATA 5 + +extern char *module_names[]; + +// Default to standard logging +#ifndef LOGGING_MODULES +#define LOGGING_MODULES (BITMASK(VTPM_LOG_VTPM)|BITMASK(VTPM_LOG_TPM)) +#endif + +// bit-access macros +#define BITMASK(idx) ( 1U << (idx) ) +#define GETBIT(num,idx) ( ((num) & BITMASK(idx)) >> idx ) +#define SETBIT(num,idx) (num) |= BITMASK(idx) +#define CLEARBIT(num,idx) (num) &= ( ~ BITMASK(idx) ) + +#define vtpmloginfo(module, fmt, args...) \ + if (GETBIT (LOGGING_MODULES, module) == 1) { \ + fprintf (stdout, "INFO[%s]: " fmt, module_names[module], ##args); \ + } + +#define vtpmloginfomore(module, fmt, args...) \ + if (GETBIT (LOGGING_MODULES, module) == 1) { \ + fprintf (stdout, fmt,##args); \ + } + +#define vtpmlogerror(module, fmt, args...) \ + fprintf (stderr, "ERROR[%s]: " fmt, module_names[module], ##args); + +//typedef UINT32 tpm_size_t; + +// helper function for the error codes: +const char* tpm_get_error_name (TPM_RESULT code); + +#endif // _VTPM_LOG_H_ diff -r 06b884fed150 -r 600a6694754a stubdom/vtpmmgr/marshal.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpmmgr/marshal.h Fri Jan 18 10:55:43 2013 +0000 @@ -0,0 +1,528 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * based off of the original tools/vtpm_manager code base which is: + * Copyright (c) 2005, Intel Corp. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * * Neither the name of Intel Corporation nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + +#ifndef MARSHAL_H +#define MARSHAL_H + +#include +#include +#include +#include "tcg.h" + +typedef enum UnpackPtr { + UNPACK_ALIAS, + UNPACK_ALLOC +} UnpackPtr; + +inline BYTE* pack_BYTE(BYTE* ptr, BYTE t) { + ptr[0] = t; + return ++ptr; +} + +inline BYTE* unpack_BYTE(BYTE* ptr, BYTE* t) { + t[0] = ptr[0]; + return ++ptr; +} + +#define pack_BOOL(p, t) pack_BYTE(p, t) +#define unpack_BOOL(p, t) unpack_BYTE(p, t) + +inline BYTE* pack_UINT16(BYTE* ptr, UINT16 t) { + BYTE* b = (BYTE*)&t; +#if __BYTE_ORDER == __LITTLE_ENDIAN + ptr[0] = b[1]; + ptr[1] = b[0]; +#elif __BYTE_ORDER == __BIG_ENDIAN + ptr[0] = b[0]; + ptr[1] = b[1]; +#endif + return ptr + sizeof(UINT16); +} + +inline BYTE* unpack_UINT16(BYTE* ptr, UINT16* t) { + BYTE* b = (BYTE*)t; +#if __BYTE_ORDER == __LITTLE_ENDIAN + b[0] = ptr[1]; + b[1] = ptr[0]; +#elif __BYTE_ORDER == __BIG_ENDIAN + b[0] = ptr[0]; + b[1] = ptr[1]; +#endif + return ptr + sizeof(UINT16); +} + +inline BYTE* pack_UINT32(BYTE* ptr, UINT32 t) { + BYTE* b = (BYTE*)&t; +#if __BYTE_ORDER == __LITTLE_ENDIAN + ptr[3] = b[0]; + ptr[2] = b[1]; + ptr[1] = b[2]; + ptr[0] = b[3]; +#elif __BYTE_ORDER == __BIG_ENDIAN + ptr[0] = b[0]; + ptr[1] = b[1]; + ptr[2] = b[2]; + ptr[3] = b[3]; +#endif + return ptr + sizeof(UINT32); +} + +inline BYTE* unpack_UINT32(BYTE* ptr, UINT32* t) { + BYTE* b = (BYTE*)t; +#if __BYTE_ORDER == __LITTLE_ENDIAN + b[0] = ptr[3]; + b[1] = ptr[2]; + b[2] = ptr[1]; + b[3] = ptr[0]; +#elif __BYTE_ORDER == __BIG_ENDIAN + b[0] = ptr[0]; + b[1] = ptr[1]; + b[2] = ptr[2]; + b[3] = ptr[3]; +#endif + return ptr + sizeof(UINT32); +} + +#define pack_TPM_RESULT(p, t) pack_UINT32(p, t) +#define pack_TPM_PCRINDEX(p, t) pack_UINT32(p, t) +#define pack_TPM_DIRINDEX(p, t) pack_UINT32(p, t) +#define pack_TPM_HANDLE(p, t) pack_UINT32(p, t) +#define pack_TPM_AUTHHANDLE(p, t) pack_TPM_HANDLE(p, t) +#define pack_TCPA_HASHHANDLE(p, t) pack_TPM_HANDLE(p, t) +#define pack_TCPA_HMACHANDLE(p, t) pack_TPM_HANDLE(p, t) +#define pack_TCPA_ENCHANDLE(p, t) pack_TPM_HANDLE(p, t) +#define pack_TPM_KEY_HANDLE(p, t) pack_TPM_HANDLE(p, t) +#define pack_TCPA_ENTITYHANDLE(p, t) pack_TPM_HANDLE(p, t) +#define pack_TPM_RESOURCE_TYPE(p, t) pack_UINT32(p, t) +#define pack_TPM_COMMAND_CODE(p, t) pack_UINT32(p, t) +#define pack_TPM_PROTOCOL_ID(p, t) pack_UINT16(p, t) +#define pack_TPM_AUTH_DATA_USAGE(p, t) pack_BYTE(p, t) +#define pack_TPM_ENTITY_TYPE(p, t) pack_UINT16(p, t) +#define pack_TPM_ALGORITHM_ID(p, t) pack_UINT32(p, t) +#define pack_TPM_KEY_USAGE(p, t) pack_UINT16(p, t) +#define pack_TPM_STARTUP_TYPE(p, t) pack_UINT16(p, t) +#define pack_TPM_CAPABILITY_AREA(p, t) pack_UINT32(p, t) +#define pack_TPM_ENC_SCHEME(p, t) pack_UINT16(p, t) +#define pack_TPM_SIG_SCHEME(p, t) pack_UINT16(p, t) +#define pack_TPM_MIGRATE_SCHEME(p, t) pack_UINT16(p, t) +#define pack_TPM_PHYSICAL_PRESENCE(p, t) pack_UINT16(p, t) +#define pack_TPM_KEY_FLAGS(p, t) pack_UINT32(p, t) + +#define unpack_TPM_RESULT(p, t) unpack_UINT32(p, t) +#define unpack_TPM_PCRINDEX(p, t) unpack_UINT32(p, t) +#define unpack_TPM_DIRINDEX(p, t) unpack_UINT32(p, t) +#define unpack_TPM_HANDLE(p, t) unpack_UINT32(p, t) +#define unpack_TPM_AUTHHANDLE(p, t) unpack_TPM_HANDLE(p, t) +#define unpack_TCPA_HASHHANDLE(p, t) unpack_TPM_HANDLE(p, t) +#define unpack_TCPA_HMACHANDLE(p, t) unpack_TPM_HANDLE(p, t) +#define unpack_TCPA_ENCHANDLE(p, t) unpack_TPM_HANDLE(p, t) +#define unpack_TPM_KEY_HANDLE(p, t) unpack_TPM_HANDLE(p, t) +#define unpack_TCPA_ENTITYHANDLE(p, t) unpack_TPM_HANDLE(p, t) +#define unpack_TPM_RESOURCE_TYPE(p, t) unpack_UINT32(p, t) +#define unpack_TPM_COMMAND_CODE(p, t) unpack_UINT32(p, t) +#define unpack_TPM_PROTOCOL_ID(p, t) unpack_UINT16(p, t) +#define unpack_TPM_AUTH_DATA_USAGE(p, t) unpack_BYTE(p, t) +#define unpack_TPM_ENTITY_TYPE(p, t) unpack_UINT16(p, t) +#define unpack_TPM_ALGORITHM_ID(p, t) unpack_UINT32(p, t) +#define unpack_TPM_KEY_USAGE(p, t) unpack_UINT16(p, t) +#define unpack_TPM_STARTUP_TYPE(p, t) unpack_UINT16(p, t) +#define unpack_TPM_CAPABILITY_AREA(p, t) unpack_UINT32(p, t) +#define unpack_TPM_ENC_SCHEME(p, t) unpack_UINT16(p, t) +#define unpack_TPM_SIG_SCHEME(p, t) unpack_UINT16(p, t) +#define unpack_TPM_MIGRATE_SCHEME(p, t) unpack_UINT16(p, t) +#define unpack_TPM_PHYSICAL_PRESENCE(p, t) unpack_UINT16(p, t) +#define unpack_TPM_KEY_FLAGS(p, t) unpack_UINT32(p, t) + +#define pack_TPM_AUTH_HANDLE(p, t) pack_UINT32(p, t); +#define pack_TCS_CONTEXT_HANDLE(p, t) pack_UINT32(p, t); +#define pack_TCS_KEY_HANDLE(p, t) pack_UINT32(p, t); + +#define unpack_TPM_AUTH_HANDLE(p, t) unpack_UINT32(p, t); +#define unpack_TCS_CONTEXT_HANDLE(p, t) unpack_UINT32(p, t); +#define unpack_TCS_KEY_HANDLE(p, t) unpack_UINT32(p, t); + +inline BYTE* pack_BUFFER(BYTE* ptr, const BYTE* buf, UINT32 size) { + memcpy(ptr, buf, size); + return ptr + size; +} + +inline BYTE* unpack_BUFFER(BYTE* ptr, BYTE* buf, UINT32 size) { + memcpy(buf, ptr, size); + return ptr + size; +} + +inline BYTE* unpack_ALIAS(BYTE* ptr, BYTE** buf, UINT32 size) { + *buf = ptr; + return ptr + size; +} + +inline BYTE* unpack_ALLOC(BYTE* ptr, BYTE** buf, UINT32 size) { + if(size) { + *buf = malloc(size); + memcpy(*buf, ptr, size); + } else { + *buf = NULL; + } + return ptr + size; +} + +inline BYTE* unpack_PTR(BYTE* ptr, BYTE** buf, UINT32 size, UnpackPtr alloc) { + if(alloc == UNPACK_ALLOC) { + return unpack_ALLOC(ptr, buf, size); + } else { + return unpack_ALIAS(ptr, buf, size); + } +} + +inline BYTE* pack_TPM_AUTHDATA(BYTE* ptr, const TPM_AUTHDATA* d) { + return pack_BUFFER(ptr, *d, TPM_DIGEST_SIZE); +} + +inline BYTE* unpack_TPM_AUTHDATA(BYTE* ptr, TPM_AUTHDATA* d) { + return unpack_BUFFER(ptr, *d, TPM_DIGEST_SIZE); +} + +#define pack_TPM_SECRET(p, t) pack_TPM_AUTHDATA(p, t) +#define pack_TPM_ENCAUTH(p, t) pack_TPM_AUTHDATA(p, t) +#define pack_TPM_PAYLOAD_TYPE(p, t) pack_BYTE(p, t) +#define pack_TPM_TAG(p, t) pack_UINT16(p, t) +#define pack_TPM_STRUCTURE_TAG(p, t) pack_UINT16(p, t) + +#define unpack_TPM_SECRET(p, t) unpack_TPM_AUTHDATA(p, t) +#define unpack_TPM_ENCAUTH(p, t) unpack_TPM_AUTHDATA(p, t) +#define unpack_TPM_PAYLOAD_TYPE(p, t) unpack_BYTE(p, t) +#define unpack_TPM_TAG(p, t) unpack_UINT16(p, t) +#define unpack_TPM_STRUCTURE_TAG(p, t) unpack_UINT16(p, t) + +inline BYTE* pack_TPM_VERSION(BYTE* ptr, const TPM_VERSION* t) { + ptr[0] = t->major; + ptr[1] = t->minor; + ptr[2] = t->revMajor; + ptr[3] = t->revMinor; + return ptr + 4; +} + +inline BYTE* unpack_TPM_VERSION(BYTE* ptr, TPM_VERSION* t) { + t->major = ptr[0]; + t->minor = ptr[1]; + t->revMajor = ptr[2]; + t->revMinor = ptr[3]; + return ptr + 4; +} + +inline BYTE* pack_TPM_CAP_VERSION_INFO(BYTE* ptr, const TPM_CAP_VERSION_INFO* v) { + ptr = pack_TPM_STRUCTURE_TAG(ptr, v->tag); + ptr = pack_TPM_VERSION(ptr, &v->version); + ptr = pack_UINT16(ptr, v->specLevel); + ptr = pack_BYTE(ptr, v->errataRev); + ptr = pack_BUFFER(ptr, v->tpmVendorID, sizeof(v->tpmVendorID)); + ptr = pack_UINT16(ptr, v->vendorSpecificSize); + ptr = pack_BUFFER(ptr, v->vendorSpecific, v->vendorSpecificSize); + return ptr; +} + +inline BYTE* unpack_TPM_CAP_VERSION_INFO(BYTE* ptr, TPM_CAP_VERSION_INFO* v, UnpackPtr alloc) { + ptr = unpack_TPM_STRUCTURE_TAG(ptr, &v->tag); + ptr = unpack_TPM_VERSION(ptr, &v->version); + ptr = unpack_UINT16(ptr, &v->specLevel); + ptr = unpack_BYTE(ptr, &v->errataRev); + ptr = unpack_BUFFER(ptr, v->tpmVendorID, sizeof(v->tpmVendorID)); + ptr = unpack_UINT16(ptr, &v->vendorSpecificSize); + ptr = unpack_PTR(ptr, &v->vendorSpecific, v->vendorSpecificSize, alloc); + return ptr; +} + +inline BYTE* pack_TPM_DIGEST(BYTE* ptr, const TPM_DIGEST* d) { + return pack_BUFFER(ptr, d->digest, TPM_DIGEST_SIZE); +} + +inline BYTE* unpack_TPM_DIGEST(BYTE* ptr, TPM_DIGEST* d) { + return unpack_BUFFER(ptr, d->digest, TPM_DIGEST_SIZE); +} + +#define pack_TPM_PCRVALUE(ptr, d) pack_TPM_DIGEST(ptr, d); +#define unpack_TPM_PCRVALUE(ptr, d) unpack_TPM_DIGEST(ptr, d); + +#define pack_TPM_COMPOSITE_HASH(ptr, d) pack_TPM_DIGEST(ptr, d); +#define unpack_TPM_COMPOSITE_HASH(ptr, d) unpack_TPM_DIGEST(ptr, d); + +#define pack_TPM_DIRVALUE(ptr, d) pack_TPM_DIGEST(ptr, d); +#define unpack_TPM_DIRVALUE(ptr, d) unpack_TPM_DIGEST(ptr, d); + +#define pack_TPM_HMAC(ptr, d) pack_TPM_DIGEST(ptr, d); +#define unpack_TPM_HMAC(ptr, d) unpack_TPM_DIGEST(ptr, d); + +#define pack_TPM_CHOSENID_HASH(ptr, d) pack_TPM_DIGEST(ptr, d); +#define unpack_TPM_CHOSENID_HASH(ptr, d) unpack_TPM_DIGEST(ptr, d); + +inline BYTE* pack_TPM_NONCE(BYTE* ptr, const TPM_NONCE* n) { + return pack_BUFFER(ptr, n->nonce, TPM_DIGEST_SIZE); +} + +inline BYTE* unpack_TPM_NONCE(BYTE* ptr, TPM_NONCE* n) { + return unpack_BUFFER(ptr, n->nonce, TPM_DIGEST_SIZE); +} + +inline BYTE* pack_TPM_SYMMETRIC_KEY_PARMS(BYTE* ptr, const TPM_SYMMETRIC_KEY_PARMS* k) { + ptr = pack_UINT32(ptr, k->keyLength); + ptr = pack_UINT32(ptr, k->blockSize); + ptr = pack_UINT32(ptr, k->ivSize); + return pack_BUFFER(ptr, k->IV, k->ivSize); +} + +inline BYTE* unpack_TPM_SYMMETRIC_KEY_PARMS(BYTE* ptr, TPM_SYMMETRIC_KEY_PARMS* k, UnpackPtr alloc) { + ptr = unpack_UINT32(ptr, &k->keyLength); + ptr = unpack_UINT32(ptr, &k->blockSize); + ptr = unpack_UINT32(ptr, &k->ivSize); + return unpack_PTR(ptr, &k->IV, k->ivSize, alloc); +} + +inline BYTE* pack_TPM_RSA_KEY_PARMS(BYTE* ptr, const TPM_RSA_KEY_PARMS* k) { + ptr = pack_UINT32(ptr, k->keyLength); + ptr = pack_UINT32(ptr, k->numPrimes); + ptr = pack_UINT32(ptr, k->exponentSize); + return pack_BUFFER(ptr, k->exponent, k->exponentSize); +} + +inline BYTE* unpack_TPM_RSA_KEY_PARMS(BYTE* ptr, TPM_RSA_KEY_PARMS* k, UnpackPtr alloc) { + ptr = unpack_UINT32(ptr, &k->keyLength); + ptr = unpack_UINT32(ptr, &k->numPrimes); + ptr = unpack_UINT32(ptr, &k->exponentSize); + return unpack_PTR(ptr, &k->exponent, k->exponentSize, alloc); +} + +inline BYTE* pack_TPM_KEY_PARMS(BYTE* ptr, const TPM_KEY_PARMS* k) { + ptr = pack_TPM_ALGORITHM_ID(ptr, k->algorithmID); + ptr = pack_TPM_ENC_SCHEME(ptr, k->encScheme); + ptr = pack_TPM_SIG_SCHEME(ptr, k->sigScheme); + ptr = pack_UINT32(ptr, k->parmSize); + + if(k->parmSize) { + switch(k->algorithmID) { + case TPM_ALG_RSA: + return pack_TPM_RSA_KEY_PARMS(ptr, &k->parms.rsa); + case TPM_ALG_AES128: + case TPM_ALG_AES192: + case TPM_ALG_AES256: + return pack_TPM_SYMMETRIC_KEY_PARMS(ptr, &k->parms.sym); + } + } + return ptr; +} + +inline BYTE* unpack_TPM_KEY_PARMS(BYTE* ptr, TPM_KEY_PARMS* k, UnpackPtr alloc) { + ptr = unpack_TPM_ALGORITHM_ID(ptr, &k->algorithmID); + ptr = unpack_TPM_ENC_SCHEME(ptr, &k->encScheme); + ptr = unpack_TPM_SIG_SCHEME(ptr, &k->sigScheme); + ptr = unpack_UINT32(ptr, &k->parmSize); + + if(k->parmSize) { + switch(k->algorithmID) { + case TPM_ALG_RSA: + return unpack_TPM_RSA_KEY_PARMS(ptr, &k->parms.rsa, alloc); + case TPM_ALG_AES128: + case TPM_ALG_AES192: + case TPM_ALG_AES256: + return unpack_TPM_SYMMETRIC_KEY_PARMS(ptr, &k->parms.sym, alloc); + } + } + return ptr; +} + +inline BYTE* pack_TPM_STORE_PUBKEY(BYTE* ptr, const TPM_STORE_PUBKEY* k) { + ptr = pack_UINT32(ptr, k->keyLength); + ptr = pack_BUFFER(ptr, k->key, k->keyLength); + return ptr; +} + +inline BYTE* unpack_TPM_STORE_PUBKEY(BYTE* ptr, TPM_STORE_PUBKEY* k, UnpackPtr alloc) { + ptr = unpack_UINT32(ptr, &k->keyLength); + ptr = unpack_PTR(ptr, &k->key, k->keyLength, alloc); + return ptr; +} + +inline BYTE* pack_TPM_PUBKEY(BYTE* ptr, const TPM_PUBKEY* k) { + ptr = pack_TPM_KEY_PARMS(ptr, &k->algorithmParms); + return pack_TPM_STORE_PUBKEY(ptr, &k->pubKey); +} + +inline BYTE* unpack_TPM_PUBKEY(BYTE* ptr, TPM_PUBKEY* k, UnpackPtr alloc) { + ptr = unpack_TPM_KEY_PARMS(ptr, &k->algorithmParms, alloc); + return unpack_TPM_STORE_PUBKEY(ptr, &k->pubKey, alloc); +} + +inline BYTE* pack_TPM_PCR_SELECTION(BYTE* ptr, const TPM_PCR_SELECTION* p) { + ptr = pack_UINT16(ptr, p->sizeOfSelect); + ptr = pack_BUFFER(ptr, p->pcrSelect, p->sizeOfSelect); + return ptr; +} + +inline BYTE* unpack_TPM_PCR_SELECTION(BYTE* ptr, TPM_PCR_SELECTION* p, UnpackPtr alloc) { + ptr = unpack_UINT16(ptr, &p->sizeOfSelect); + ptr = unpack_PTR(ptr, &p->pcrSelect, p->sizeOfSelect, alloc); + return ptr; +} + +inline BYTE* pack_TPM_PCR_INFO(BYTE* ptr, const TPM_PCR_INFO* p) { + ptr = pack_TPM_PCR_SELECTION(ptr, &p->pcrSelection); + ptr = pack_TPM_COMPOSITE_HASH(ptr, &p->digestAtRelease); + ptr = pack_TPM_COMPOSITE_HASH(ptr, &p->digestAtCreation); + return ptr; +} + +inline BYTE* unpack_TPM_PCR_INFO(BYTE* ptr, TPM_PCR_INFO* p, UnpackPtr alloc) { + ptr = unpack_TPM_PCR_SELECTION(ptr, &p->pcrSelection, alloc); + ptr = unpack_TPM_COMPOSITE_HASH(ptr, &p->digestAtRelease); + ptr = unpack_TPM_COMPOSITE_HASH(ptr, &p->digestAtCreation); + return ptr; +} + +inline BYTE* pack_TPM_PCR_COMPOSITE(BYTE* ptr, const TPM_PCR_COMPOSITE* p) { + ptr = pack_TPM_PCR_SELECTION(ptr, &p->select); + ptr = pack_UINT32(ptr, p->valueSize); + ptr = pack_BUFFER(ptr, (const BYTE*)p->pcrValue, p->valueSize); + return ptr; +} + +inline BYTE* unpack_TPM_PCR_COMPOSITE(BYTE* ptr, TPM_PCR_COMPOSITE* p, UnpackPtr alloc) { + ptr = unpack_TPM_PCR_SELECTION(ptr, &p->select, alloc); + ptr = unpack_UINT32(ptr, &p->valueSize); + ptr = unpack_PTR(ptr, (BYTE**)&p->pcrValue, p->valueSize, alloc); + return ptr; +} + +inline BYTE* pack_TPM_KEY(BYTE* ptr, const TPM_KEY* k) { + ptr = pack_TPM_VERSION(ptr, &k->ver); + ptr = pack_TPM_KEY_USAGE(ptr, k->keyUsage); + ptr = pack_TPM_KEY_FLAGS(ptr, k->keyFlags); + ptr = pack_TPM_AUTH_DATA_USAGE(ptr, k->authDataUsage); + ptr = pack_TPM_KEY_PARMS(ptr, &k->algorithmParms); + ptr = pack_UINT32(ptr, k->PCRInfoSize); + if(k->PCRInfoSize) { + ptr = pack_TPM_PCR_INFO(ptr, &k->PCRInfo); + } + ptr = pack_TPM_STORE_PUBKEY(ptr, &k->pubKey); + ptr = pack_UINT32(ptr, k->encDataSize); + return pack_BUFFER(ptr, k->encData, k->encDataSize); +} + +inline BYTE* unpack_TPM_KEY(BYTE* ptr, TPM_KEY* k, UnpackPtr alloc) { + ptr = unpack_TPM_VERSION(ptr, &k->ver); + ptr = unpack_TPM_KEY_USAGE(ptr, &k->keyUsage); + ptr = unpack_TPM_KEY_FLAGS(ptr, &k->keyFlags); + ptr = unpack_TPM_AUTH_DATA_USAGE(ptr, &k->authDataUsage); + ptr = unpack_TPM_KEY_PARMS(ptr, &k->algorithmParms, alloc); + ptr = unpack_UINT32(ptr, &k->PCRInfoSize); + if(k->PCRInfoSize) { + ptr = unpack_TPM_PCR_INFO(ptr, &k->PCRInfo, alloc); + } + ptr = unpack_TPM_STORE_PUBKEY(ptr, &k->pubKey, alloc); + ptr = unpack_UINT32(ptr, &k->encDataSize); + return unpack_PTR(ptr, &k->encData, k->encDataSize, alloc); +} + +inline BYTE* pack_TPM_BOUND_DATA(BYTE* ptr, const TPM_BOUND_DATA* b, UINT32 payloadSize) { + ptr = pack_TPM_VERSION(ptr, &b->ver); + ptr = pack_TPM_PAYLOAD_TYPE(ptr, b->payload); + return pack_BUFFER(ptr, b->payloadData, payloadSize); +} + +inline BYTE* unpack_TPM_BOUND_DATA(BYTE* ptr, TPM_BOUND_DATA* b, UINT32 payloadSize, UnpackPtr alloc) { + ptr = unpack_TPM_VERSION(ptr, &b->ver); + ptr = unpack_TPM_PAYLOAD_TYPE(ptr, &b->payload); + return unpack_PTR(ptr, &b->payloadData, payloadSize, alloc); +} + +inline BYTE* pack_TPM_STORED_DATA(BYTE* ptr, const TPM_STORED_DATA* d) { + ptr = pack_TPM_VERSION(ptr, &d->ver); + ptr = pack_UINT32(ptr, d->sealInfoSize); + if(d->sealInfoSize) { + ptr = pack_TPM_PCR_INFO(ptr, &d->sealInfo); + } + ptr = pack_UINT32(ptr, d->encDataSize); + ptr = pack_BUFFER(ptr, d->encData, d->encDataSize); + return ptr; +} + +inline BYTE* unpack_TPM_STORED_DATA(BYTE* ptr, TPM_STORED_DATA* d, UnpackPtr alloc) { + ptr = unpack_TPM_VERSION(ptr, &d->ver); + ptr = unpack_UINT32(ptr, &d->sealInfoSize); + if(d->sealInfoSize) { + ptr = unpack_TPM_PCR_INFO(ptr, &d->sealInfo, alloc); + } + ptr = unpack_UINT32(ptr, &d->encDataSize); + ptr = unpack_PTR(ptr, &d->encData, d->encDataSize, alloc); + return ptr; +} + +inline BYTE* pack_TPM_AUTH_SESSION(BYTE* ptr, const TPM_AUTH_SESSION* auth) { + ptr = pack_TPM_AUTH_HANDLE(ptr, auth->AuthHandle); + ptr = pack_TPM_NONCE(ptr, &auth->NonceOdd); + ptr = pack_BOOL(ptr, auth->fContinueAuthSession); + ptr = pack_TPM_AUTHDATA(ptr, &auth->HMAC); + return ptr; +} + +inline BYTE* unpack_TPM_AUTH_SESSION(BYTE* ptr, TPM_AUTH_SESSION* auth) { + ptr = unpack_TPM_NONCE(ptr, &auth->NonceEven); + ptr = unpack_BOOL(ptr, &auth->fContinueAuthSession); + ptr = unpack_TPM_AUTHDATA(ptr, &auth->HMAC); + return ptr; +} + +inline BYTE* pack_TPM_RQU_HEADER(BYTE* ptr, + TPM_TAG tag, + UINT32 size, + TPM_COMMAND_CODE ord) { + ptr = pack_UINT16(ptr, tag); + ptr = pack_UINT32(ptr, size); + return pack_UINT32(ptr, ord); +} + +inline BYTE* unpack_TPM_RQU_HEADER(BYTE* ptr, + TPM_TAG* tag, + UINT32* size, + TPM_COMMAND_CODE* ord) { + ptr = unpack_UINT16(ptr, tag); + ptr = unpack_UINT32(ptr, size); + ptr = unpack_UINT32(ptr, ord); + return ptr; +} + +#define pack_TPM_RSP_HEADER(p, t, s, r) pack_TPM_RQU_HEADER(p, t, s, r); +#define unpack_TPM_RSP_HEADER(p, t, s, r) unpack_TPM_RQU_HEADER(p, t, s, r); + +#endif diff -r 06b884fed150 -r 600a6694754a stubdom/vtpmmgr/minios.cfg --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpmmgr/minios.cfg Fri Jan 18 10:55:43 2013 +0000 @@ -0,0 +1,14 @@ +CONFIG_TPMFRONT=y +CONFIG_TPM_TIS=y +CONFIG_TPMBACK=y +CONFIG_START_NETWORK=n +CONFIG_TEST=n +CONFIG_PCIFRONT=n +CONFIG_BLKFRONT=y +CONFIG_NETFRONT=n +CONFIG_FBFRONT=n +CONFIG_KBDFRONT=n +CONFIG_CONSFRONT=n +CONFIG_XENBUS=y +CONFIG_LWIP=n +CONFIG_XC=n diff -r 06b884fed150 -r 600a6694754a stubdom/vtpmmgr/tcg.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpmmgr/tcg.h Fri Jan 18 10:55:43 2013 +0000 @@ -0,0 +1,707 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * based off of the original tools/vtpm_manager code base which is: + * Copyright (c) 2005 Intel Corp. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * * Neither the name of Intel Corporation nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + +#ifndef __TCG_H__ +#define __TCG_H__ + +#include +#include + +// **************************** CONSTANTS ********************************* + +// BOOL values +#define TRUE 0x01 +#define FALSE 0x00 + +#define TCPA_MAX_BUFFER_LENGTH 0x2000 + +// +// TPM_COMMAND_CODE values +#define TPM_PROTECTED_ORDINAL 0x00000000UL +#define TPM_UNPROTECTED_ORDINAL 0x80000000UL +#define TPM_CONNECTION_ORDINAL 0x40000000UL +#define TPM_VENDOR_ORDINAL 0x20000000UL + +#define TPM_ORD_OIAP (10UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_OSAP (11UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_ChangeAuth (12UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_TakeOwnership (13UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_ChangeAuthAsymStart (14UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_ChangeAuthAsymFinish (15UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_ChangeAuthOwner (16UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_Extend (20UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_PcrRead (21UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_Quote (22UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_Seal (23UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_Unseal (24UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_DirWriteAuth (25UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_DirRead (26UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_UnBind (30UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_CreateWrapKey (31UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_LoadKey (32UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_GetPubKey (33UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_EvictKey (34UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_CreateMigrationBlob (40UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_ReWrapKey (41UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_ConvertMigrationBlob (42UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_AuthorizeMigrationKey (43UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_CreateMaintenanceArchive (44UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_LoadMaintenanceArchive (45UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_KillMaintenanceFeature (46UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_LoadManuMaintPub (47UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_ReadManuMaintPub (48UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_CertifyKey (50UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_Sign (60UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_GetRandom (70UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_StirRandom (71UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_SelfTestFull (80UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_SelfTestStartup (81UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_CertifySelfTest (82UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_ContinueSelfTest (83UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_GetTestResult (84UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_Reset (90UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_OwnerClear (91UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_DisableOwnerClear (92UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_ForceClear (93UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_DisableForceClear (94UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_GetCapabilitySigned (100UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_GetCapability (101UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_GetCapabilityOwner (102UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_OwnerSetDisable (110UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_PhysicalEnable (111UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_PhysicalDisable (112UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_SetOwnerInstall (113UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_PhysicalSetDeactivated (114UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_SetTempDeactivated (115UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_CreateEndorsementKeyPair (120UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_MakeIdentity (121UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_ActivateIdentity (122UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_ReadPubek (124UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_OwnerReadPubek (125UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_DisablePubekRead (126UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_GetAuditEvent (130UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_GetAuditEventSigned (131UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_GetOrdinalAuditStatus (140UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_SetOrdinalAuditStatus (141UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_Terminate_Handle (150UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_Init (151UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_SaveState (152UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_Startup (153UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_SetRedirection (154UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_SHA1Start (160UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_SHA1Update (161UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_SHA1Complete (162UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_SHA1CompleteExtend (163UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_FieldUpgrade (170UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_SaveKeyContext (180UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_LoadKeyContext (181UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_SaveAuthContext (182UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_LoadAuthContext (183UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_SaveContext (184UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_LoadContext (185UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_FlushSpecific (186UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_PCR_Reset (200UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_NV_DefineSpace (204UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_NV_WriteValue (205UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_NV_WriteValueAuth (206UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_NV_ReadValue (207UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_NV_ReadValueAuth (208UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_Delegate_UpdateVerification (209UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_Delegate_Manage (210UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_Delegate_CreateKeyDelegation (212UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_Delegate_CreateOwnerDelegation (213UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_Delegate_VerifyDelegation (214UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_Delegate_LoadOwnerDelegation (216UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_Delegate_ReadAuth (217UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_Delegate_ReadTable (219UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_CreateCounter (220UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_IncrementCounter (221UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_ReadCounter (222UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_ReleaseCounter (223UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_ReleaseCounterOwner (224UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_EstablishTransport (230UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_ExecuteTransport (231UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_ReleaseTransportSigned (232UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_GetTicks (241UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_TickStampBlob (242UL + TPM_PROTECTED_ORDINAL) +#define TPM_ORD_MAX (256UL + TPM_PROTECTED_ORDINAL) + +#define TSC_ORD_PhysicalPresence (10UL + TPM_CONNECTION_ORDINAL) + + + +// +// TPM_RESULT values +// +// just put in the whole table from spec 1.2 + +#define TPM_BASE 0x0 // The start of TPM return codes +#define TPM_VENDOR_ERROR 0x00000400 // Mask to indicate that the error code is vendor specific for vendor specific commands +#define TPM_NON_FATAL 0x00000800 // Mask to indicate that the error code is a non-fatal failure. + +#define TPM_SUCCESS TPM_BASE // Successful completion of the operation +#define TPM_AUTHFAIL TPM_BASE + 1 // Authentication failed +#define TPM_BADINDEX TPM_BASE + 2 // The index to a PCR, DIR or other register is incorrect +#define TPM_BAD_PARAMETER TPM_BASE + 3 // One or more parameter is bad +#define TPM_AUDITFAILURE TPM_BASE + 4 // An operation completed successfully but the auditing of that operation failed. +#define TPM_CLEAR_DISABLED TPM_BASE + 5 // The clear disable flag is set and all clear operations now require physical access +#define TPM_DEACTIVATED TPM_BASE + 6 // The TPM is deactivated +#define TPM_DISABLED TPM_BASE + 7 // The TPM is disabled +#define TPM_DISABLED_CMD TPM_BASE + 8 // The target command has been disabled +#define TPM_FAIL TPM_BASE + 9 // The operation failed +#define TPM_BAD_ORDINAL TPM_BASE + 10 // The ordinal was unknown or inconsistent +#define TPM_INSTALL_DISABLED TPM_BASE + 11 // The ability to install an owner is disabled +#define TPM_INVALID_KEYHANDLE TPM_BASE + 12 // The key handle presented was invalid +#define TPM_KEYNOTFOUND TPM_BASE + 13 // The target key was not found +#define TPM_INAPPROPRIATE_ENC TPM_BASE + 14 // Unacceptable encryption scheme +#define TPM_MIGRATEFAIL TPM_BASE + 15 // Migration authorization failed +#define TPM_INVALID_PCR_INFO TPM_BASE + 16 // PCR information could not be interpreted +#define TPM_NOSPACE TPM_BASE + 17 // No room to load key. +#define TPM_NOSRK TPM_BASE + 18 // There is no SRK set +#define TPM_NOTSEALED_BLOB TPM_BASE + 19 // An encrypted blob is invalid or was not created by this TPM +#define TPM_OWNER_SET TPM_BASE + 20 // There is already an Owner +#define TPM_RESOURCES TPM_BASE + 21 // The TPM has insufficient internal resources to perform the requested action. +#define TPM_SHORTRANDOM TPM_BASE + 22 // A random string was too short +#define TPM_SIZE TPM_BASE + 23 // The TPM does not have the space to perform the operation. +#define TPM_WRONGPCRVAL TPM_BASE + 24 // The named PCR value does not match the current PCR value. +#define TPM_BAD_PARAM_SIZE TPM_BASE + 25 // The paramSize argument to the command has the incorrect value +#define TPM_SHA_THREAD TPM_BASE + 26 // There is no existing SHA-1 thread. +#define TPM_SHA_ERROR TPM_BASE + 27 // The calculation is unable to proceed because the existing SHA-1 thread has already encountered an error. +#define TPM_FAILEDSELFTEST TPM_BASE + 28 // Self-test has failed and the TPM has shutdown. +#define TPM_AUTH2FAIL TPM_BASE + 29 // The authorization for the second key in a 2 key function failed authorization +#define TPM_BADTAG TPM_BASE + 30 // The tag value sent to for a command is invalid +#define TPM_IOERROR TPM_BASE + 31 // An IO error occurred transmitting information to the TPM +#define TPM_ENCRYPT_ERROR TPM_BASE + 32 // The encryption process had a problem. +#define TPM_DECRYPT_ERROR TPM_BASE + 33 // The decryption process did not complete. +#define TPM_INVALID_AUTHHANDLE TPM_BASE + 34 // An invalid handle was used. +#define TPM_NO_ENDORSEMENT TPM_BASE + 35 // The TPM does not a EK installed +#define TPM_INVALID_KEYUSAGE TPM_BASE + 36 // The usage of a key is not allowed +#define TPM_WRONG_ENTITYTYPE TPM_BASE + 37 // The submitted entity type is not allowed +#define TPM_INVALID_POSTINIT TPM_BASE + 38 // The command was received in the wrong sequence relative to TPM_Init and a subsequent TPM_Startup +#define TPM_INAPPROPRIATE_SIG TPM_BASE + 39 // Signed data cannot include additional DER information +#define TPM_BAD_KEY_PROPERTY TPM_BASE + 40 // The key properties in TPM_KEY_PARMs are not supported by this TPM + +#define TPM_BAD_MIGRATION TPM_BASE + 41 // The migration properties of this key are incorrect. +#define TPM_BAD_SCHEME TPM_BASE + 42 // The signature or encryption scheme for this key is incorrect or not permitted in this situation. +#define TPM_BAD_DATASIZE TPM_BASE + 43 // The size of the data (or blob) parameter is bad or inconsistent with the referenced key +#define TPM_BAD_MODE TPM_BASE + 44 // A mode parameter is bad, such as capArea or subCapArea for TPM_GetCapability, phsicalPresence parameter for TPM_PhysicalPresence, or migrationType for TPM_CreateMigrationBlob. +#define TPM_BAD_PRESENCE TPM_BASE + 45 // Either the physicalPresence or physicalPresenceLock bits have the wrong value +#define TPM_BAD_VERSION TPM_BASE + 46 // The TPM cannot perform this version of the capability +#define TPM_NO_WRAP_TRANSPORT TPM_BASE + 47 // The TPM does not allow for wrapped transport sessions +#define TPM_AUDITFAIL_UNSUCCESSFUL TPM_BASE + 48 // TPM audit construction failed and the underlying command was returning a failure code also +#define TPM_AUDITFAIL_SUCCESSFUL TPM_BASE + 49 // TPM audit construction failed and the underlying command was returning success +#define TPM_NOTRESETABLE TPM_BASE + 50 // Attempt to reset a PCR register that does not have the resettable attribute +#define TPM_NOTLOCAL TPM_BASE + 51 // Attempt to reset a PCR register that requires locality and locality modifier not part of command transport +#define TPM_BAD_TYPE TPM_BASE + 52 // Make identity blob not properly typed +#define TPM_INVALID_RESOURCE TPM_BASE + 53 // When saving context identified resource type does not match actual resource +#define TPM_NOTFIPS TPM_BASE + 54 // The TPM is attempting to execute a command only available when in FIPS mode +#define TPM_INVALID_FAMILY TPM_BASE + 55 // The command is attempting to use an invalid family ID +#define TPM_NO_NV_PERMISSION TPM_BASE + 56 // The permission to manipulate the NV storage is not available +#define TPM_REQUIRES_SIGN TPM_BASE + 57 // The operation requires a signed command +#define TPM_KEY_NOTSUPPORTED TPM_BASE + 58 // Wrong operation to load an NV key +#define TPM_AUTH_CONFLICT TPM_BASE + 59 // NV_LoadKey blob requires both owner and blob authorization +#define TPM_AREA_LOCKED TPM_BASE + 60 // The NV area is locked and not writtable +#define TPM_BAD_LOCALITY TPM_BASE + 61 // The locality is incorrect for the attempted operation +#define TPM_READ_ONLY TPM_BASE + 62 // The NV area is read only and can't be written to +#define TPM_PER_NOWRITE TPM_BASE + 63 // There is no protection on the write to the NV area +#define TPM_FAMILYCOUNT TPM_BASE + 64 // The family count value does not match +#define TPM_WRITE_LOCKED TPM_BASE + 65 // The NV area has already been written to +#define TPM_BAD_ATTRIBUTES TPM_BASE + 66 // The NV area attributes conflict +#define TPM_INVALID_STRUCTURE TPM_BASE + 67 // The structure tag and version are invalid or inconsistent +#define TPM_KEY_OWNER_CONTROL TPM_BASE + 68 // The key is under control of the TPM Owner and can only be evicted by the TPM Owner. +#define TPM_BAD_COUNTER TPM_BASE + 69 // The counter handle is incorrect +#define TPM_NOT_FULLWRITE TPM_BASE + 70 // The write is not a complete write of the area +#define TPM_CONTEXT_GAP TPM_BASE + 71 // The gap between saved context counts is too large +#define TPM_MAXNVWRITES TPM_BASE + 72 // The maximum number of NV writes without an owner has been exceeded +#define TPM_NOOPERATOR TPM_BASE + 73 // No operator authorization value is set +#define TPM_RESOURCEMISSING TPM_BASE + 74 // The resource pointed to by context is not loaded +#define TPM_DELEGATE_LOCK TPM_BASE + 75 // The delegate administration is locked +#define TPM_DELEGATE_FAMILY TPM_BASE + 76 // Attempt to manage a family other then the delegated family +#define TPM_DELEGATE_ADMIN TPM_BASE + 77 // Delegation table management not enabled +#define TPM_TRANSPORT_EXCLUSIVE TPM_BASE + 78 // There was a command executed outside of an exclusive transport session + +// TPM_STARTUP_TYPE values +#define TPM_ST_CLEAR 0x0001 +#define TPM_ST_STATE 0x0002 +#define TPM_ST_DEACTIVATED 0x003 + +// TPM_TAG values +#define TPM_TAG_RQU_COMMAND 0x00c1 +#define TPM_TAG_RQU_AUTH1_COMMAND 0x00c2 +#define TPM_TAG_RQU_AUTH2_COMMAND 0x00c3 +#define TPM_TAG_RSP_COMMAND 0x00c4 +#define TPM_TAG_RSP_AUTH1_COMMAND 0x00c5 +#define TPM_TAG_RSP_AUTH2_COMMAND 0x00c6 + +// TPM_PAYLOAD_TYPE values +#define TPM_PT_ASYM 0x01 +#define TPM_PT_BIND 0x02 +#define TPM_PT_MIGRATE 0x03 +#define TPM_PT_MAINT 0x04 +#define TPM_PT_SEAL 0x05 + +// TPM_ENTITY_TYPE values +#define TPM_ET_KEYHANDLE 0x0001 +#define TPM_ET_OWNER 0x0002 +#define TPM_ET_DATA 0x0003 +#define TPM_ET_SRK 0x0004 +#define TPM_ET_KEY 0x0005 + +/// TPM_ResourceTypes +#define TPM_RT_KEY 0x00000001 +#define TPM_RT_AUTH 0x00000002 +#define TPM_RT_HASH 0x00000003 +#define TPM_RT_TRANS 0x00000004 +#define TPM_RT_CONTEXT 0x00000005 +#define TPM_RT_COUNTER 0x00000006 +#define TPM_RT_DELEGATE 0x00000007 +#define TPM_RT_DAA_TPM 0x00000008 +#define TPM_RT_DAA_V0 0x00000009 +#define TPM_RT_DAA_V1 0x0000000A + + + +// TPM_PROTOCOL_ID values +#define TPM_PID_OIAP 0x0001 +#define TPM_PID_OSAP 0x0002 +#define TPM_PID_ADIP 0x0003 +#define TPM_PID_ADCP 0x0004 +#define TPM_PID_OWNER 0x0005 + +// TPM_ALGORITHM_ID values +#define TPM_ALG_RSA 0x00000001 +#define TPM_ALG_SHA 0x00000004 +#define TPM_ALG_HMAC 0x00000005 +#define TPM_ALG_AES128 0x00000006 +#define TPM_ALG_MFG1 0x00000007 +#define TPM_ALG_AES192 0x00000008 +#define TPM_ALG_AES256 0x00000009 +#define TPM_ALG_XOR 0x0000000A + +// TPM_ENC_SCHEME values +#define TPM_ES_NONE 0x0001 +#define TPM_ES_RSAESPKCSv15 0x0002 +#define TPM_ES_RSAESOAEP_SHA1_MGF1 0x0003 + +// TPM_SIG_SCHEME values +#define TPM_SS_NONE 0x0001 +#define TPM_SS_RSASSAPKCS1v15_SHA1 0x0002 +#define TPM_SS_RSASSAPKCS1v15_DER 0x0003 + +/* + * TPM_CAPABILITY_AREA Values for TPM_GetCapability ([TPM_Part2], Section 21.1) + */ +#define TPM_CAP_ORD 0x00000001 +#define TPM_CAP_ALG 0x00000002 +#define TPM_CAP_PID 0x00000003 +#define TPM_CAP_FLAG 0x00000004 +#define TPM_CAP_PROPERTY 0x00000005 +#define TPM_CAP_VERSION 0x00000006 +#define TPM_CAP_KEY_HANDLE 0x00000007 +#define TPM_CAP_CHECK_LOADED 0x00000008 +#define TPM_CAP_SYM_MODE 0x00000009 +#define TPM_CAP_KEY_STATUS 0x0000000C +#define TPM_CAP_NV_LIST 0x0000000D +#define TPM_CAP_MFR 0x00000010 +#define TPM_CAP_NV_INDEX 0x00000011 +#define TPM_CAP_TRANS_ALG 0x00000012 +#define TPM_CAP_HANDLE 0x00000014 +#define TPM_CAP_TRANS_ES 0x00000015 +#define TPM_CAP_AUTH_ENCRYPT 0x00000017 +#define TPM_CAP_SELECT_SIZE 0x00000018 +#define TPM_CAP_DA_LOGIC 0x00000019 +#define TPM_CAP_VERSION_VAL 0x0000001A + +/* subCap definitions ([TPM_Part2], Section 21.2) */ +#define TPM_CAP_PROP_PCR 0x00000101 +#define TPM_CAP_PROP_DIR 0x00000102 +#define TPM_CAP_PROP_MANUFACTURER 0x00000103 +#define TPM_CAP_PROP_KEYS 0x00000104 +#define TPM_CAP_PROP_MIN_COUNTER 0x00000107 +#define TPM_CAP_FLAG_PERMANENT 0x00000108 +#define TPM_CAP_FLAG_VOLATILE 0x00000109 +#define TPM_CAP_PROP_AUTHSESS 0x0000010A +#define TPM_CAP_PROP_TRANSESS 0x0000010B +#define TPM_CAP_PROP_COUNTERS 0x0000010C +#define TPM_CAP_PROP_MAX_AUTHSESS 0x0000010D +#define TPM_CAP_PROP_MAX_TRANSESS 0x0000010E +#define TPM_CAP_PROP_MAX_COUNTERS 0x0000010F +#define TPM_CAP_PROP_MAX_KEYS 0x00000110 +#define TPM_CAP_PROP_OWNER 0x00000111 +#define TPM_CAP_PROP_CONTEXT 0x00000112 +#define TPM_CAP_PROP_MAX_CONTEXT 0x00000113 +#define TPM_CAP_PROP_FAMILYROWS 0x00000114 +#define TPM_CAP_PROP_TIS_TIMEOUT 0x00000115 +#define TPM_CAP_PROP_STARTUP_EFFECT 0x00000116 +#define TPM_CAP_PROP_DELEGATE_ROW 0x00000117 +#define TPM_CAP_PROP_MAX_DAASESS 0x00000119 +#define TPM_CAP_PROP_DAASESS 0x0000011A +#define TPM_CAP_PROP_CONTEXT_DIST 0x0000011B +#define TPM_CAP_PROP_DAA_INTERRUPT 0x0000011C +#define TPM_CAP_PROP_SESSIONS 0x0000011D +#define TPM_CAP_PROP_MAX_SESSIONS 0x0000011E +#define TPM_CAP_PROP_CMK_RESTRICTION 0x0000011F +#define TPM_CAP_PROP_DURATION 0x00000120 +#define TPM_CAP_PROP_ACTIVE_COUNTER 0x00000122 +#define TPM_CAP_PROP_MAX_NV_AVAILABLE 0x00000123 +#define TPM_CAP_PROP_INPUT_BUFFER 0x00000124 + +// TPM_KEY_USAGE values +#define TPM_KEY_EK 0x0000 +#define TPM_KEY_SIGNING 0x0010 +#define TPM_KEY_STORAGE 0x0011 +#define TPM_KEY_IDENTITY 0x0012 +#define TPM_KEY_AUTHCHANGE 0X0013 +#define TPM_KEY_BIND 0x0014 +#define TPM_KEY_LEGACY 0x0015 + +// TPM_AUTH_DATA_USAGE values +#define TPM_AUTH_NEVER 0x00 +#define TPM_AUTH_ALWAYS 0x01 + +// Key Handle of owner and srk +#define TPM_OWNER_KEYHANDLE 0x40000001 +#define TPM_SRK_KEYHANDLE 0x40000000 + + + +// *************************** TYPEDEFS ********************************* +typedef unsigned char BYTE; +typedef unsigned char BOOL; +typedef uint16_t UINT16; +typedef uint32_t UINT32; +typedef uint64_t UINT64; + +typedef UINT32 TPM_RESULT; +typedef UINT32 TPM_PCRINDEX; +typedef UINT32 TPM_DIRINDEX; +typedef UINT32 TPM_HANDLE; +typedef TPM_HANDLE TPM_AUTHHANDLE; +typedef TPM_HANDLE TCPA_HASHHANDLE; +typedef TPM_HANDLE TCPA_HMACHANDLE; +typedef TPM_HANDLE TCPA_ENCHANDLE; +typedef TPM_HANDLE TPM_KEY_HANDLE; +typedef TPM_HANDLE TCPA_ENTITYHANDLE; +typedef UINT32 TPM_RESOURCE_TYPE; +typedef UINT32 TPM_COMMAND_CODE; +typedef UINT16 TPM_PROTOCOL_ID; +typedef BYTE TPM_AUTH_DATA_USAGE; +typedef UINT16 TPM_ENTITY_TYPE; +typedef UINT32 TPM_ALGORITHM_ID; +typedef UINT16 TPM_KEY_USAGE; +typedef UINT16 TPM_STARTUP_TYPE; +typedef UINT32 TPM_CAPABILITY_AREA; +typedef UINT16 TPM_ENC_SCHEME; +typedef UINT16 TPM_SIG_SCHEME; +typedef UINT16 TPM_MIGRATE_SCHEME; +typedef UINT16 TPM_PHYSICAL_PRESENCE; +typedef UINT32 TPM_KEY_FLAGS; + +#define TPM_DIGEST_SIZE 20 // Don't change this +typedef BYTE TPM_AUTHDATA[TPM_DIGEST_SIZE]; +typedef TPM_AUTHDATA TPM_SECRET; +typedef TPM_AUTHDATA TPM_ENCAUTH; +typedef BYTE TPM_PAYLOAD_TYPE; +typedef UINT16 TPM_TAG; +typedef UINT16 TPM_STRUCTURE_TAG; + +// Data Types of the TCS +typedef UINT32 TCS_AUTHHANDLE; // Handle addressing a authorization session +typedef UINT32 TCS_CONTEXT_HANDLE; // Basic context handle +typedef UINT32 TCS_KEY_HANDLE; // Basic key handle + +// ************************* STRUCTURES ********************************** + +typedef struct TPM_VERSION { + BYTE major; + BYTE minor; + BYTE revMajor; + BYTE revMinor; +} TPM_VERSION; + +static const TPM_VERSION TPM_STRUCT_VER_1_1 = { 1,1,0,0 }; + +typedef struct TPM_CAP_VERSION_INFO { + TPM_STRUCTURE_TAG tag; + TPM_VERSION version; + UINT16 specLevel; + BYTE errataRev; + BYTE tpmVendorID[4]; + UINT16 vendorSpecificSize; + BYTE* vendorSpecific; +} TPM_CAP_VERSION_INFO; + +inline void free_TPM_CAP_VERSION_INFO(TPM_CAP_VERSION_INFO* v) { + free(v->vendorSpecific); + v->vendorSpecific = NULL; +} + +typedef struct TPM_DIGEST { + BYTE digest[TPM_DIGEST_SIZE]; +} TPM_DIGEST; + +typedef TPM_DIGEST TPM_PCRVALUE; +typedef TPM_DIGEST TPM_COMPOSITE_HASH; +typedef TPM_DIGEST TPM_DIRVALUE; +typedef TPM_DIGEST TPM_HMAC; +typedef TPM_DIGEST TPM_CHOSENID_HASH; + +typedef struct TPM_NONCE { + BYTE nonce[TPM_DIGEST_SIZE]; +} TPM_NONCE; + +typedef struct TPM_SYMMETRIC_KEY_PARMS { + UINT32 keyLength; + UINT32 blockSize; + UINT32 ivSize; + BYTE* IV; +} TPM_SYMMETRIC_KEY_PARMS; + +inline void free_TPM_SYMMETRIC_KEY_PARMS(TPM_SYMMETRIC_KEY_PARMS* p) { + free(p->IV); + p->IV = NULL; +} + +#define TPM_SYMMETRIC_KEY_PARMS_INIT { 0, 0, 0, NULL } + +typedef struct TPM_RSA_KEY_PARMS { + UINT32 keyLength; + UINT32 numPrimes; + UINT32 exponentSize; + BYTE* exponent; +} TPM_RSA_KEY_PARMS; + +#define TPM_RSA_KEY_PARMS_INIT { 0, 0, 0, NULL } + +inline void free_TPM_RSA_KEY_PARMS(TPM_RSA_KEY_PARMS* p) { + free(p->exponent); + p->exponent = NULL; +} + +typedef struct TPM_KEY_PARMS { + TPM_ALGORITHM_ID algorithmID; + TPM_ENC_SCHEME encScheme; + TPM_SIG_SCHEME sigScheme; + UINT32 parmSize; + union { + TPM_SYMMETRIC_KEY_PARMS sym; + TPM_RSA_KEY_PARMS rsa; + } parms; +} TPM_KEY_PARMS; + +#define TPM_KEY_PARMS_INIT { 0, 0, 0, 0 } + +inline void free_TPM_KEY_PARMS(TPM_KEY_PARMS* p) { + if(p->parmSize) { + switch(p->algorithmID) { + case TPM_ALG_RSA: + free_TPM_RSA_KEY_PARMS(&p->parms.rsa); + break; + case TPM_ALG_AES128: + case TPM_ALG_AES192: + case TPM_ALG_AES256: + free_TPM_SYMMETRIC_KEY_PARMS(&p->parms.sym); + break; + } + } +} + +typedef struct TPM_STORE_PUBKEY { + UINT32 keyLength; + BYTE* key; +} TPM_STORE_PUBKEY; + +#define TPM_STORE_PUBKEY_INIT { 0, NULL } + +inline void free_TPM_STORE_PUBKEY(TPM_STORE_PUBKEY* p) { + free(p->key); + p->key = NULL; +} + +typedef struct TPM_PUBKEY { + TPM_KEY_PARMS algorithmParms; + TPM_STORE_PUBKEY pubKey; +} TPM_PUBKEY; + +#define TPM_PUBKEY_INIT { TPM_KEY_PARMS_INIT, TPM_STORE_PUBKEY_INIT } + +inline void free_TPM_PUBKEY(TPM_PUBKEY* k) { + free_TPM_KEY_PARMS(&k->algorithmParms); + free_TPM_STORE_PUBKEY(&k->pubKey); +} + +typedef struct TPM_PCR_SELECTION { + UINT16 sizeOfSelect; + BYTE* pcrSelect; +} TPM_PCR_SELECTION; + +#define TPM_PCR_SELECTION_INIT { 0, NULL } + +inline void free_TPM_PCR_SELECTION(TPM_PCR_SELECTION* p) { + free(p->pcrSelect); + p->pcrSelect = NULL; +} + +typedef struct TPM_PCR_INFO { + TPM_PCR_SELECTION pcrSelection; + TPM_COMPOSITE_HASH digestAtRelease; + TPM_COMPOSITE_HASH digestAtCreation; +} TPM_PCR_INFO; + +#define TPM_PCR_INFO_INIT { TPM_PCR_SELECTION_INIT } + +inline void free_TPM_PCR_INFO(TPM_PCR_INFO* p) { + free_TPM_PCR_SELECTION(&p->pcrSelection); +} + +typedef struct TPM_PCR_COMPOSITE { + TPM_PCR_SELECTION select; + UINT32 valueSize; + TPM_PCRVALUE* pcrValue; +} TPM_PCR_COMPOSITE; + +#define TPM_PCR_COMPOSITE_INIT { TPM_PCR_SELECTION_INIT, 0, NULL } + +inline void free_TPM_PCR_COMPOSITE(TPM_PCR_COMPOSITE* p) { + free_TPM_PCR_SELECTION(&p->select); + free(p->pcrValue); + p->pcrValue = NULL; +} + +typedef struct TPM_KEY { + TPM_VERSION ver; + TPM_KEY_USAGE keyUsage; + TPM_KEY_FLAGS keyFlags; + TPM_AUTH_DATA_USAGE authDataUsage; + TPM_KEY_PARMS algorithmParms; + UINT32 PCRInfoSize; + TPM_PCR_INFO PCRInfo; + TPM_STORE_PUBKEY pubKey; + UINT32 encDataSize; + BYTE* encData; +} TPM_KEY; + +#define TPM_KEY_INIT { .algorithmParms = TPM_KEY_PARMS_INIT,\ + .PCRInfoSize = 0, .PCRInfo = TPM_PCR_INFO_INIT, \ + .pubKey = TPM_STORE_PUBKEY_INIT, \ + .encDataSize = 0, .encData = NULL } + +inline void free_TPM_KEY(TPM_KEY* k) { + if(k->PCRInfoSize) { + free_TPM_PCR_INFO(&k->PCRInfo); + } + free_TPM_STORE_PUBKEY(&k->pubKey); + free(k->encData); + k->encData = NULL; +} + +typedef struct TPM_BOUND_DATA { + TPM_VERSION ver; + TPM_PAYLOAD_TYPE payload; + BYTE* payloadData; +} TPM_BOUND_DATA; + +#define TPM_BOUND_DATA_INIT { .payloadData = NULL } + +inline void free_TPM_BOUND_DATA(TPM_BOUND_DATA* d) { + free(d->payloadData); + d->payloadData = NULL; +} + +typedef struct TPM_STORED_DATA { + TPM_VERSION ver; + UINT32 sealInfoSize; + TPM_PCR_INFO sealInfo; + UINT32 encDataSize; + BYTE* encData; +} TPM_STORED_DATA; + +#define TPM_STORED_DATA_INIT { .sealInfoSize = 0, sealInfo = TPM_PCR_INFO_INIT,\ + .encDataSize = 0, .encData = NULL } + +inline void free_TPM_STORED_DATA(TPM_STORED_DATA* d) { + if(d->sealInfoSize) { + free_TPM_PCR_INFO(&d->sealInfo); + } + free(d->encData); + d->encData = NULL; +} + +typedef struct TPM_AUTH_SESSION { + TPM_AUTHHANDLE AuthHandle; + TPM_NONCE NonceOdd; // system + TPM_NONCE NonceEven; // TPM + BOOL fContinueAuthSession; + TPM_AUTHDATA HMAC; +} TPM_AUTH_SESSION; + +#define TPM_AUTH_SESSION_INIT { .AuthHandle = 0, .fContinueAuthSession = FALSE } + +// ---------------------- Functions for checking TPM_RESULTs ----------------- + +#include + +// FIXME: Review use of these and delete unneeded ones. + +// these are really badly dependent on local structure: +// DEPENDS: local var 'status' of type TPM_RESULT +// DEPENDS: label 'abort_egress' which cleans up and returns the status +#define ERRORDIE(s) do { status = s; \ + fprintf (stderr, "*** ERRORDIE in %s at %s: %i\n", __func__, __FILE__, __LINE__); \ + goto abort_egress; } \ + while (0) + +// DEPENDS: local var 'status' of type TPM_RESULT +// DEPENDS: label 'abort_egress' which cleans up and returns the status +// Try command c. If it fails, set status to s and goto abort. +#define TPMTRY(s,c) if (c != TPM_SUCCESS) { \ + status = s; \ + printf("ERROR in %s at %s:%i code: %s.\n", __func__, __FILE__, __LINE__, tpm_get_error_name(status)); \ + goto abort_egress; \ + } else {\ + status = c; \ + } + +// Try command c. If it fails, print error message, set status to actual return code. Goto abort +#define TPMTRYRETURN(c) do { status = c; \ + if (status != TPM_SUCCESS) { \ + fprintf(stderr, "ERROR in %s at %s:%i code: %s.\n", __func__, __FILE__, __LINE__, tpm_get_error_name(status)); \ + goto abort_egress; \ + } \ + } while(0) + + +#endif //__TCPA_H__ diff -r 06b884fed150 -r 600a6694754a stubdom/vtpmmgr/tpm.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpmmgr/tpm.c Fri Jan 18 10:55:43 2013 +0000 @@ -0,0 +1,938 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * based off of the original tools/vtpm_manager code base which is: + * Copyright (c) 2005, Intel Corp. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * * Neither the name of Intel Corporation nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + +#include +#include +#include +#include +#include + +#include + +#include "tcg.h" +#include "tpm.h" +#include "log.h" +#include "marshal.h" +#include "tpmrsa.h" +#include "vtpmmgr.h" + +#define TCPA_MAX_BUFFER_LENGTH 0x2000 + +#define TPM_BEGIN(TAG, ORD) \ + const TPM_TAG intag = TAG;\ +TPM_TAG tag = intag;\ +UINT32 paramSize;\ +const TPM_COMMAND_CODE ordinal = ORD;\ +TPM_RESULT status = TPM_SUCCESS;\ +BYTE in_buf[TCPA_MAX_BUFFER_LENGTH];\ +BYTE out_buf[TCPA_MAX_BUFFER_LENGTH];\ +UINT32 out_len = sizeof(out_buf);\ +BYTE* ptr = in_buf;\ +/*Print a log message */\ +vtpmloginfo(VTPM_LOG_TPM, "%s\n", __func__);\ +/* Pack the header*/\ +ptr = pack_TPM_TAG(ptr, tag);\ +ptr += sizeof(UINT32);\ +ptr = pack_TPM_COMMAND_CODE(ptr, ordinal)\ + +#define TPM_AUTH_BEGIN() \ + sha1_context sha1_ctx;\ +BYTE* authbase = ptr - sizeof(TPM_COMMAND_CODE);\ +TPM_DIGEST paramDigest;\ +sha1_starts(&sha1_ctx) + +#define TPM_AUTH1_GEN(HMACkey, auth) do {\ + sha1_finish(&sha1_ctx, paramDigest.digest);\ + generateAuth(¶mDigest, HMACkey, auth);\ + ptr = pack_TPM_AUTH_SESSION(ptr, auth);\ +} while(0) + +#define TPM_AUTH2_GEN(HMACkey, auth) do {\ + generateAuth(¶mDigest, HMACkey, auth);\ + ptr = pack_TPM_AUTH_SESSION(ptr, auth);\ +} while(0) + +#define TPM_TRANSMIT() do {\ + /* Pack the command size */\ + paramSize = ptr - in_buf;\ + pack_UINT32(in_buf + sizeof(TPM_TAG), paramSize);\ + if((status = TPM_TransmitData(in_buf, paramSize, out_buf, &out_len)) != TPM_SUCCESS) {\ + goto abort_egress;\ + }\ +} while(0) + +#define TPM_AUTH_VERIFY_BEGIN() do {\ + UINT32 buf[2] = { cpu_to_be32(status), cpu_to_be32(ordinal) };\ + sha1_starts(&sha1_ctx);\ + sha1_update(&sha1_ctx, (unsigned char*)buf, sizeof(buf));\ + authbase = ptr;\ +} while(0) + +#define TPM_AUTH1_VERIFY(HMACkey, auth) do {\ + sha1_finish(&sha1_ctx, paramDigest.digest);\ + ptr = unpack_TPM_AUTH_SESSION(ptr, auth);\ + if((status = verifyAuth(¶mDigest, HMACkey, auth)) != TPM_SUCCESS) {\ + goto abort_egress;\ + }\ +} while(0) + +#define TPM_AUTH2_VERIFY(HMACkey, auth) do {\ + ptr = unpack_TPM_AUTH_SESSION(ptr, auth);\ + if((status = verifyAuth(¶mDigest, HMACkey, auth)) != TPM_SUCCESS) {\ + goto abort_egress;\ + }\ +} while(0) + + + +#define TPM_UNPACK_VERIFY() do { \ + ptr = out_buf;\ + ptr = unpack_TPM_RSP_HEADER(ptr, \ + &(tag), &(paramSize), &(status));\ + if((status) != TPM_SUCCESS || (tag) != (intag +3)) { \ + vtpmlogerror(VTPM_LOG_TPM, "Failed with return code %s\n", tpm_get_error_name(status));\ + goto abort_egress;\ + }\ +} while(0) + +#define TPM_AUTH_HASH() do {\ + sha1_update(&sha1_ctx, authbase, ptr - authbase);\ + authbase = ptr;\ +} while(0) + +#define TPM_AUTH_SKIP() do {\ + authbase = ptr;\ +} while(0) + +#define TPM_AUTH_ERR_CHECK(auth) do {\ + if(status != TPM_SUCCESS || auth->fContinueAuthSession == FALSE) {\ + vtpmloginfo(VTPM_LOG_TPM, "Auth Session: 0x%x closed by TPM\n", auth->AuthHandle);\ + auth->AuthHandle = 0;\ + }\ +} while(0) + +static void xorEncrypt(const TPM_SECRET* sharedSecret, + TPM_NONCE* nonce, + const TPM_AUTHDATA* inAuth0, + TPM_ENCAUTH outAuth0, + const TPM_AUTHDATA* inAuth1, + TPM_ENCAUTH outAuth1) { + BYTE XORbuffer[sizeof(TPM_SECRET) + sizeof(TPM_NONCE)]; + BYTE XORkey[TPM_DIGEST_SIZE]; + BYTE* ptr = XORbuffer; + ptr = pack_TPM_SECRET(ptr, sharedSecret); + ptr = pack_TPM_NONCE(ptr, nonce); + + sha1(XORbuffer, ptr - XORbuffer, XORkey); + + if(inAuth0) { + for(int i = 0; i < TPM_DIGEST_SIZE; ++i) { + outAuth0[i] = XORkey[i] ^ (*inAuth0)[i]; + } + } + if(inAuth1) { + for(int i = 0; i < TPM_DIGEST_SIZE; ++i) { + outAuth1[i] = XORkey[i] ^ (*inAuth1)[i]; + } + } + +} + +static void generateAuth(const TPM_DIGEST* paramDigest, + const TPM_SECRET* HMACkey, + TPM_AUTH_SESSION *auth) +{ + //Generate new OddNonce + vtpmmgr_rand((BYTE*)auth->NonceOdd.nonce, sizeof(TPM_NONCE)); + + // Create HMAC text. (Concat inParamsDigest with inAuthSetupParams). + BYTE hmacText[sizeof(TPM_DIGEST) + (2 * sizeof(TPM_NONCE)) + sizeof(BOOL)]; + BYTE* ptr = hmacText; + + ptr = pack_TPM_DIGEST(ptr, paramDigest); + ptr = pack_TPM_NONCE(ptr, &auth->NonceEven); + ptr = pack_TPM_NONCE(ptr, &auth->NonceOdd); + ptr = pack_BOOL(ptr, auth->fContinueAuthSession); + + sha1_hmac((BYTE *) HMACkey, sizeof(TPM_DIGEST), + (BYTE *) hmacText, sizeof(hmacText), + auth->HMAC); +} + +static TPM_RESULT verifyAuth(const TPM_DIGEST* paramDigest, + /*[IN]*/ const TPM_SECRET *HMACkey, + /*[IN,OUT]*/ TPM_AUTH_SESSION *auth) +{ + + // Create HMAC text. (Concat inParamsDigest with inAuthSetupParams). + TPM_AUTHDATA hm; + BYTE hmacText[sizeof(TPM_DIGEST) + (2 * sizeof(TPM_NONCE)) + sizeof(BOOL)]; + BYTE* ptr = hmacText; + + ptr = pack_TPM_DIGEST(ptr, paramDigest); + ptr = pack_TPM_NONCE(ptr, &auth->NonceEven); + ptr = pack_TPM_NONCE(ptr, &auth->NonceOdd); + ptr = pack_BOOL(ptr, auth->fContinueAuthSession); + + sha1_hmac( (BYTE *) HMACkey, sizeof(TPM_DIGEST), + (BYTE *) hmacText, sizeof(hmacText), + hm); + + // Compare correct HMAC with provided one. + if (memcmp(hm, auth->HMAC, sizeof(TPM_DIGEST)) == 0) { // 0 indicates equality + return TPM_SUCCESS; + } else { + vtpmlogerror(VTPM_LOG_TPM, "Auth Session verification failed!\n"); + return TPM_AUTHFAIL; + } +} + + + +// ------------------------------------------------------------------ +// Authorization Commands +// ------------------------------------------------------------------ + +TPM_RESULT TPM_OIAP(TPM_AUTH_SESSION* auth) // out +{ + TPM_BEGIN(TPM_TAG_RQU_COMMAND, TPM_ORD_OIAP); + + TPM_TRANSMIT(); + TPM_UNPACK_VERIFY(); + + memset(&auth->HMAC, 0, sizeof(TPM_DIGEST)); + auth->fContinueAuthSession = TRUE; + + ptr = unpack_UINT32(ptr, &auth->AuthHandle); + ptr = unpack_TPM_NONCE(ptr, &auth->NonceEven); + + vtpmloginfo(VTPM_LOG_TPM, "Auth Session: 0x%x opened by TPM_OIAP.\n", auth->AuthHandle); + +abort_egress: + return status; +} + +TPM_RESULT TPM_OSAP(TPM_ENTITY_TYPE entityType, // in + UINT32 entityValue, // in + const TPM_AUTHDATA* usageAuth, //in + TPM_SECRET *sharedSecret, //out + TPM_AUTH_SESSION *auth) +{ + BYTE* nonceOddOSAP; + TPM_BEGIN(TPM_TAG_RQU_COMMAND, TPM_ORD_OSAP); + + ptr = pack_TPM_ENTITY_TYPE(ptr, entityType); + ptr = pack_UINT32(ptr, entityValue); + + //nonce Odd OSAP + nonceOddOSAP = ptr; + vtpmmgr_rand(ptr, TPM_DIGEST_SIZE); + ptr += TPM_DIGEST_SIZE; + + TPM_TRANSMIT(); + TPM_UNPACK_VERIFY(); + + ptr = unpack_UINT32(ptr, &auth->AuthHandle); + ptr = unpack_TPM_NONCE(ptr, &auth->NonceEven); + + //Calculate session secret + sha1_context ctx; + sha1_hmac_starts(&ctx, *usageAuth, TPM_DIGEST_SIZE); + sha1_hmac_update(&ctx, ptr, TPM_DIGEST_SIZE); //ptr = nonceEvenOSAP + sha1_hmac_update(&ctx, nonceOddOSAP, TPM_DIGEST_SIZE); + sha1_hmac_finish(&ctx, *sharedSecret); + + memset(&auth->HMAC, 0, sizeof(TPM_DIGEST)); + auth->fContinueAuthSession = FALSE; + + vtpmloginfo(VTPM_LOG_TPM, "Auth Session: 0x%x opened by TPM_OSAP.\n", auth->AuthHandle); + +abort_egress: + return status; +} + +TPM_RESULT TPM_TakeOwnership( + const TPM_PUBKEY *pubEK, //in + const TPM_AUTHDATA* ownerAuth, //in + const TPM_AUTHDATA* srkAuth, //in + const TPM_KEY* inSrk, //in + TPM_KEY* outSrk, //out, optional + TPM_AUTH_SESSION* auth) // in, out +{ + int keyAlloced = 0; + tpmrsa_context ek_rsa = TPMRSA_CTX_INIT; + + TPM_BEGIN(TPM_TAG_RQU_AUTH1_COMMAND, TPM_ORD_TakeOwnership); + TPM_AUTH_BEGIN(); + + tpmrsa_set_pubkey(&ek_rsa, + pubEK->pubKey.key, pubEK->pubKey.keyLength, + pubEK->algorithmParms.parms.rsa.exponent, + pubEK->algorithmParms.parms.rsa.exponentSize); + + /* Pack the protocol ID */ + ptr = pack_UINT16(ptr, TPM_PID_OWNER); + + /* Pack the encrypted owner auth */ + ptr = pack_UINT32(ptr, pubEK->algorithmParms.parms.rsa.keyLength / 8); + tpmrsa_pub_encrypt_oaep(&ek_rsa, + ctr_drbg_random, &vtpm_globals.ctr_drbg, + sizeof(TPM_SECRET), + (BYTE*) ownerAuth, + ptr); + ptr += pubEK->algorithmParms.parms.rsa.keyLength / 8; + + /* Pack the encrypted srk auth */ + ptr = pack_UINT32(ptr, pubEK->algorithmParms.parms.rsa.keyLength / 8); + tpmrsa_pub_encrypt_oaep(&ek_rsa, + ctr_drbg_random, &vtpm_globals.ctr_drbg, + sizeof(TPM_SECRET), + (BYTE*) srkAuth, + ptr); + ptr += pubEK->algorithmParms.parms.rsa.keyLength / 8; + + /* Pack the Srk key */ + ptr = pack_TPM_KEY(ptr, inSrk); + + /* Hash everything up to here */ + TPM_AUTH_HASH(); + + /* Generate the authorization */ + TPM_AUTH1_GEN(ownerAuth, auth); + + /* Send the command to the tpm*/ + TPM_TRANSMIT(); + /* Unpack and validate the header */ + TPM_UNPACK_VERIFY(); + TPM_AUTH_VERIFY_BEGIN(); + + if(outSrk != NULL) { + /* If the user wants a copy of the srk we give it to them */ + keyAlloced = 1; + ptr = unpack_TPM_KEY(ptr, outSrk, UNPACK_ALLOC); + } else { + /*otherwise just parse past it */ + TPM_KEY temp; + ptr = unpack_TPM_KEY(ptr, &temp, UNPACK_ALIAS); + } + + /* Hash the output key */ + TPM_AUTH_HASH(); + + /* Verify authorizaton */ + TPM_AUTH1_VERIFY(ownerAuth, auth); + + goto egress; +abort_egress: + if(keyAlloced) { + free_TPM_KEY(outSrk); + } +egress: + tpmrsa_free(&ek_rsa); + TPM_AUTH_ERR_CHECK(auth); + return status; +} + + +TPM_RESULT TPM_DisablePubekRead ( + const TPM_AUTHDATA* ownerAuth, + TPM_AUTH_SESSION* auth) +{ + TPM_BEGIN(TPM_TAG_RQU_AUTH1_COMMAND, TPM_ORD_DisablePubekRead); + TPM_AUTH_BEGIN(); + + TPM_AUTH_HASH(); + + TPM_AUTH1_GEN(ownerAuth, auth); + TPM_TRANSMIT(); + TPM_UNPACK_VERIFY(); + TPM_AUTH_VERIFY_BEGIN(); + + TPM_AUTH1_VERIFY(ownerAuth, auth); + +abort_egress: + TPM_AUTH_ERR_CHECK(auth); + return status; +} + + +TPM_RESULT TPM_TerminateHandle(TPM_AUTHHANDLE handle) // in +{ + if(handle == 0) { + return TPM_SUCCESS; + } + + TPM_BEGIN(TPM_TAG_RQU_COMMAND, TPM_ORD_Terminate_Handle); + + ptr = pack_TPM_AUTHHANDLE(ptr, handle); + + TPM_TRANSMIT(); + TPM_UNPACK_VERIFY(); + + vtpmloginfo(VTPM_LOG_TPM, "Auth Session: 0x%x closed by TPM_TerminateHandle\n", handle); + +abort_egress: + return status; +} + +TPM_RESULT TPM_Extend( TPM_PCRINDEX pcrNum, // in + TPM_DIGEST inDigest, // in + TPM_PCRVALUE* outDigest) // out +{ + TPM_BEGIN(TPM_TAG_RQU_COMMAND, TPM_ORD_Extend); + + ptr = pack_TPM_PCRINDEX(ptr, pcrNum); + ptr = pack_TPM_DIGEST(ptr, &inDigest); + + TPM_TRANSMIT(); + TPM_UNPACK_VERIFY(); + + ptr = unpack_TPM_PCRVALUE(ptr, outDigest); + +abort_egress: + return status; +} + +TPM_RESULT TPM_Seal( + TPM_KEY_HANDLE keyHandle, // in + UINT32 pcrInfoSize, // in + TPM_PCR_INFO* pcrInfo, // in + UINT32 inDataSize, // in + const BYTE* inData, // in + TPM_STORED_DATA* sealedData, //out + const TPM_SECRET* osapSharedSecret, //in + const TPM_AUTHDATA* sealedDataAuth, //in + TPM_AUTH_SESSION* pubAuth // in, out + ) +{ + int dataAlloced = 0; + TPM_BEGIN(TPM_TAG_RQU_AUTH1_COMMAND, TPM_ORD_Seal); + TPM_AUTH_BEGIN(); + + TPM_AUTH_HASH(); + + ptr = pack_TPM_KEY_HANDLE(ptr, keyHandle); + + TPM_AUTH_SKIP(); + + xorEncrypt(osapSharedSecret, &pubAuth->NonceEven, + sealedDataAuth, ptr, + NULL, NULL); + ptr += sizeof(TPM_ENCAUTH); + + ptr = pack_UINT32(ptr, pcrInfoSize); + ptr = pack_TPM_PCR_INFO(ptr, pcrInfo); + + ptr = pack_UINT32(ptr, inDataSize); + ptr = pack_BUFFER(ptr, inData, inDataSize); + + TPM_AUTH_HASH(); + + TPM_AUTH1_GEN(osapSharedSecret, pubAuth); + TPM_TRANSMIT(); + TPM_UNPACK_VERIFY(); + TPM_AUTH_VERIFY_BEGIN(); + + ptr = unpack_TPM_STORED_DATA(ptr, sealedData, UNPACK_ALLOC); + dataAlloced = 1; + + TPM_AUTH_HASH(); + + TPM_AUTH1_VERIFY(osapSharedSecret, pubAuth); + + goto egress; +abort_egress: + if(dataAlloced) { + free_TPM_STORED_DATA(sealedData); + } +egress: + TPM_AUTH_ERR_CHECK(pubAuth); + return status; +} + +TPM_RESULT TPM_Unseal( + TPM_KEY_HANDLE parentHandle, // in + const TPM_STORED_DATA* sealedData, + UINT32* outSize, // out + BYTE** out, //out + const TPM_AUTHDATA* key_usage_auth, //in + const TPM_AUTHDATA* data_usage_auth, //in + TPM_AUTH_SESSION* keyAuth, // in, out + TPM_AUTH_SESSION* dataAuth // in, out + ) +{ + TPM_BEGIN(TPM_TAG_RQU_AUTH2_COMMAND, TPM_ORD_Unseal); + TPM_AUTH_BEGIN(); + + TPM_AUTH_HASH(); + + ptr = pack_TPM_KEY_HANDLE(ptr, parentHandle); + + TPM_AUTH_SKIP(); + + ptr = pack_TPM_STORED_DATA(ptr, sealedData); + + TPM_AUTH_HASH(); + + TPM_AUTH1_GEN(key_usage_auth, keyAuth); + TPM_AUTH2_GEN(data_usage_auth, dataAuth); + TPM_TRANSMIT(); + TPM_UNPACK_VERIFY(); + TPM_AUTH_VERIFY_BEGIN(); + + ptr = unpack_UINT32(ptr, outSize); + ptr = unpack_ALLOC(ptr, out, *outSize); + + TPM_AUTH_HASH(); + + TPM_AUTH1_VERIFY(key_usage_auth, keyAuth); + TPM_AUTH2_VERIFY(data_usage_auth, dataAuth); + +abort_egress: + TPM_AUTH_ERR_CHECK(keyAuth); + TPM_AUTH_ERR_CHECK(dataAuth); + return status; +} + +TPM_RESULT TPM_Bind( + const TPM_KEY* key, + const BYTE* in, + UINT32 ilen, + BYTE* out) +{ + TPM_RESULT status; + tpmrsa_context rsa = TPMRSA_CTX_INIT; + TPM_BOUND_DATA boundData; + uint8_t plain[TCPA_MAX_BUFFER_LENGTH]; + BYTE* ptr = plain; + + vtpmloginfo(VTPM_LOG_TPM, "%s\n", __func__); + + tpmrsa_set_pubkey(&rsa, + key->pubKey.key, key->pubKey.keyLength, + key->algorithmParms.parms.rsa.exponent, + key->algorithmParms.parms.rsa.exponentSize); + + // Fill boundData's accessory information + boundData.ver = TPM_STRUCT_VER_1_1; + boundData.payload = TPM_PT_BIND; + boundData.payloadData = (BYTE*)in; + + //marshall the bound data object + ptr = pack_TPM_BOUND_DATA(ptr, &boundData, ilen); + + // Encrypt the data + TPMTRYRETURN(tpmrsa_pub_encrypt_oaep(&rsa, + ctr_drbg_random, &vtpm_globals.ctr_drbg, + ptr - plain, + plain, + out)); + +abort_egress: + tpmrsa_free(&rsa); + return status; + +} + +TPM_RESULT TPM_UnBind( + TPM_KEY_HANDLE keyHandle, // in + UINT32 ilen, //in + const BYTE* in, // + UINT32* olen, // + BYTE* out, //out + const TPM_AUTHDATA* usage_auth, + TPM_AUTH_SESSION* auth //in, out + ) +{ + TPM_BEGIN(TPM_TAG_RQU_AUTH1_COMMAND, TPM_ORD_UnBind); + TPM_AUTH_BEGIN(); + + TPM_AUTH_HASH(); + + ptr = pack_TPM_KEY_HANDLE(ptr, keyHandle); + + TPM_AUTH_SKIP(); + + ptr = pack_UINT32(ptr, ilen); + ptr = pack_BUFFER(ptr, in, ilen); + + TPM_AUTH_HASH(); + + TPM_AUTH1_GEN(usage_auth, auth); + TPM_TRANSMIT(); + TPM_UNPACK_VERIFY(); + TPM_AUTH_VERIFY_BEGIN(); + + ptr = unpack_UINT32(ptr, olen); + if(*olen > ilen) { + vtpmlogerror(VTPM_LOG_TPM, "Output length < input length!\n"); + status = TPM_IOERROR; + goto abort_egress; + } + ptr = unpack_BUFFER(ptr, out, *olen); + + TPM_AUTH_HASH(); + + TPM_AUTH1_VERIFY(usage_auth, auth); + +abort_egress: +egress: + TPM_AUTH_ERR_CHECK(auth); + return status; +} + +TPM_RESULT TPM_CreateWrapKey( + TPM_KEY_HANDLE hWrappingKey, // in + const TPM_AUTHDATA* osapSharedSecret, + const TPM_AUTHDATA* dataUsageAuth, //in + const TPM_AUTHDATA* dataMigrationAuth, //in + TPM_KEY* key, //in, out + TPM_AUTH_SESSION* pAuth) // in, out +{ + int keyAlloced = 0; + TPM_BEGIN(TPM_TAG_RQU_AUTH1_COMMAND, TPM_ORD_CreateWrapKey); + TPM_AUTH_BEGIN(); + + TPM_AUTH_HASH(); + + ptr = pack_TPM_KEY_HANDLE(ptr, hWrappingKey); + + TPM_AUTH_SKIP(); + + //Encrypted auths + xorEncrypt(osapSharedSecret, &pAuth->NonceEven, + dataUsageAuth, ptr, + dataMigrationAuth, ptr + sizeof(TPM_ENCAUTH)); + ptr += sizeof(TPM_ENCAUTH) * 2; + + ptr = pack_TPM_KEY(ptr, key); + + TPM_AUTH_HASH(); + + TPM_AUTH1_GEN(osapSharedSecret, pAuth); + TPM_TRANSMIT(); + TPM_UNPACK_VERIFY(); + TPM_AUTH_VERIFY_BEGIN(); + + keyAlloced = 1; + ptr = unpack_TPM_KEY(ptr, key, UNPACK_ALLOC); + + TPM_AUTH_HASH(); + + TPM_AUTH1_VERIFY(osapSharedSecret, pAuth); + + goto egress; +abort_egress: + if(keyAlloced) { + free_TPM_KEY(key); + } +egress: + TPM_AUTH_ERR_CHECK(pAuth); + return status; +} + +TPM_RESULT TPM_LoadKey( + TPM_KEY_HANDLE parentHandle, // + const TPM_KEY* key, //in + TPM_HANDLE* keyHandle, // out + const TPM_AUTHDATA* usage_auth, + TPM_AUTH_SESSION* auth) +{ + TPM_BEGIN(TPM_TAG_RQU_AUTH1_COMMAND, TPM_ORD_LoadKey); + TPM_AUTH_BEGIN(); + + TPM_AUTH_HASH(); + + ptr = pack_TPM_KEY_HANDLE(ptr, parentHandle); + + TPM_AUTH_SKIP(); + + ptr = pack_TPM_KEY(ptr, key); + + TPM_AUTH_HASH(); + + TPM_AUTH1_GEN(usage_auth, auth); + TPM_TRANSMIT(); + TPM_UNPACK_VERIFY(); + TPM_AUTH_VERIFY_BEGIN(); + + ptr = unpack_UINT32(ptr, keyHandle); + + TPM_AUTH_HASH(); + + TPM_AUTH1_VERIFY(usage_auth, auth); + + vtpmloginfo(VTPM_LOG_TPM, "Key Handle: 0x%x opened by TPM_LoadKey\n", *keyHandle); + +abort_egress: + TPM_AUTH_ERR_CHECK(auth); + return status; +} + +TPM_RESULT TPM_EvictKey( TPM_KEY_HANDLE hKey) // in +{ + if(hKey == 0) { + return TPM_SUCCESS; + } + + TPM_BEGIN(TPM_TAG_RQU_COMMAND, TPM_ORD_EvictKey); + + ptr = pack_TPM_KEY_HANDLE(ptr, hKey); + + TPM_TRANSMIT(); + TPM_UNPACK_VERIFY(); + + vtpmloginfo(VTPM_LOG_TPM, "Key handle: 0x%x closed by TPM_EvictKey\n", hKey); + +abort_egress: + return status; +} + +TPM_RESULT TPM_FlushSpecific(TPM_HANDLE handle, + TPM_RESOURCE_TYPE rt) { + if(handle == 0) { + return TPM_SUCCESS; + } + + TPM_BEGIN(TPM_TAG_RQU_COMMAND, TPM_ORD_FlushSpecific); + + ptr = pack_TPM_HANDLE(ptr, handle); + ptr = pack_TPM_RESOURCE_TYPE(ptr, rt); + + TPM_TRANSMIT(); + TPM_UNPACK_VERIFY(); + +abort_egress: + return status; +} + +TPM_RESULT TPM_GetRandom( UINT32* bytesRequested, // in, out + BYTE* randomBytes) // out +{ + TPM_BEGIN(TPM_TAG_RQU_COMMAND, TPM_ORD_GetRandom); + + // check input params + if (bytesRequested == NULL || randomBytes == NULL){ + return TPM_BAD_PARAMETER; + } + + ptr = pack_UINT32(ptr, *bytesRequested); + + TPM_TRANSMIT(); + TPM_UNPACK_VERIFY(); + + ptr = unpack_UINT32(ptr, bytesRequested); + ptr = unpack_BUFFER(ptr, randomBytes, *bytesRequested); + +abort_egress: + return status; +} + + +TPM_RESULT TPM_ReadPubek( + TPM_PUBKEY* pubEK //out + ) +{ + BYTE* antiReplay = NULL; + BYTE* kptr = NULL; + BYTE digest[TPM_DIGEST_SIZE]; + sha1_context ctx; + + TPM_BEGIN(TPM_TAG_RQU_COMMAND, TPM_ORD_ReadPubek); + + //antiReplay nonce + vtpmmgr_rand(ptr, TPM_DIGEST_SIZE); + antiReplay = ptr; + ptr += TPM_DIGEST_SIZE; + + TPM_TRANSMIT(); + TPM_UNPACK_VERIFY(); + + //unpack and allocate the key + kptr = ptr; + ptr = unpack_TPM_PUBKEY(ptr, pubEK, UNPACK_ALLOC); + + //Verify the checksum + sha1_starts(&ctx); + sha1_update(&ctx, kptr, ptr - kptr); + sha1_update(&ctx, antiReplay, TPM_DIGEST_SIZE); + sha1_finish(&ctx, digest); + + //ptr points to the checksum computed by TPM + if(memcmp(digest, ptr, TPM_DIGEST_SIZE)) { + vtpmlogerror(VTPM_LOG_TPM, "TPM_ReadPubek: Checksum returned by TPM was invalid!\n"); + status = TPM_FAIL; + goto abort_egress; + } + + goto egress; +abort_egress: + if(kptr != NULL) { //If we unpacked the pubEK, we have to free it + free_TPM_PUBKEY(pubEK); + } +egress: + return status; +} + + +TPM_RESULT TPM_SaveState(void) +{ + TPM_BEGIN(TPM_TAG_RQU_COMMAND, TPM_ORD_SaveState); + + TPM_TRANSMIT(); + TPM_UNPACK_VERIFY(); + +abort_egress: + return status; +} + +TPM_RESULT TPM_GetCapability( + TPM_CAPABILITY_AREA capArea, + UINT32 subCapSize, + const BYTE* subCap, + UINT32* respSize, + BYTE** resp) +{ + TPM_BEGIN(TPM_TAG_RQU_COMMAND, TPM_ORD_GetCapability); + + ptr = pack_TPM_CAPABILITY_AREA(ptr, capArea); + ptr = pack_UINT32(ptr, subCapSize); + ptr = pack_BUFFER(ptr, subCap, subCapSize); + + TPM_TRANSMIT(); + TPM_UNPACK_VERIFY(); + + ptr = unpack_UINT32(ptr, respSize); + ptr = unpack_ALLOC(ptr, resp, *respSize); + +abort_egress: + return status; +} + +TPM_RESULT TPM_CreateEndorsementKeyPair( + const TPM_KEY_PARMS* keyInfo, + TPM_PUBKEY* pubEK) +{ + BYTE* kptr = NULL; + sha1_context ctx; + TPM_DIGEST checksum; + TPM_DIGEST hash; + TPM_NONCE antiReplay; + TPM_BEGIN(TPM_TAG_RQU_COMMAND, TPM_ORD_CreateEndorsementKeyPair); + + //Make anti replay nonce + vtpmmgr_rand(antiReplay.nonce, sizeof(antiReplay.nonce)); + + ptr = pack_TPM_NONCE(ptr, &antiReplay); + ptr = pack_TPM_KEY_PARMS(ptr, keyInfo); + + TPM_TRANSMIT(); + TPM_UNPACK_VERIFY(); + + sha1_starts(&ctx); + + kptr = ptr; + ptr = unpack_TPM_PUBKEY(ptr, pubEK, UNPACK_ALLOC); + + /* Hash the pub key blob */ + sha1_update(&ctx, kptr, ptr - kptr); + ptr = unpack_TPM_DIGEST(ptr, &checksum); + + sha1_update(&ctx, antiReplay.nonce, sizeof(antiReplay.nonce)); + + sha1_finish(&ctx, hash.digest); + if(memcmp(checksum.digest, hash.digest, TPM_DIGEST_SIZE)) { + vtpmloginfo(VTPM_LOG_VTPM, "TPM_CreateEndorsementKey: Checkum verification failed!\n"); + status = TPM_FAIL; + goto abort_egress; + } + + goto egress; +abort_egress: + if(kptr) { + free_TPM_PUBKEY(pubEK); + } +egress: + return status; +} + +TPM_RESULT TPM_TransmitData( + BYTE* in, + UINT32 insize, + BYTE* out, + UINT32* outsize) { + TPM_RESULT status = TPM_SUCCESS; + + UINT32 i; + vtpmloginfo(VTPM_LOG_TXDATA, "Sending buffer = 0x"); + for(i = 0 ; i < insize ; i++) + vtpmloginfomore(VTPM_LOG_TXDATA, "%2.2x ", in[i]); + + vtpmloginfomore(VTPM_LOG_TXDATA, "\n"); + + ssize_t size = 0; + + // send the request + size = write (vtpm_globals.tpm_fd, in, insize); + if (size < 0) { + vtpmlogerror(VTPM_LOG_TXDATA, "write() failed : %s\n", strerror(errno)); + ERRORDIE (TPM_IOERROR); + } + else if ((UINT32) size < insize) { + vtpmlogerror(VTPM_LOG_TXDATA, "Wrote %d instead of %d bytes!\n", (int) size, insize); + ERRORDIE (TPM_IOERROR); + } + + // read the response + size = read (vtpm_globals.tpm_fd, out, *outsize); + if (size < 0) { + vtpmlogerror(VTPM_LOG_TXDATA, "read() failed : %s\n", strerror(errno)); + ERRORDIE (TPM_IOERROR); + } + + vtpmloginfo(VTPM_LOG_TXDATA, "Receiving buffer = 0x"); + for(i = 0 ; i < size ; i++) + vtpmloginfomore(VTPM_LOG_TXDATA, "%2.2x ", out[i]); + + vtpmloginfomore(VTPM_LOG_TXDATA, "\n"); + + *outsize = size; + goto egress; + +abort_egress: +egress: + return status; +} diff -r 06b884fed150 -r 600a6694754a stubdom/vtpmmgr/tpm.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpmmgr/tpm.h Fri Jan 18 10:55:43 2013 +0000 @@ -0,0 +1,218 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * based off of the original tools/vtpm_manager code base which is: + * Copyright (c) 2005/2006, Intel Corp. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * * Neither the name of Intel Corporation nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + +#ifndef __TPM_H__ +#define __TPM_H__ + +#include "tcg.h" + +// ------------------------------------------------------------------ +// Exposed API +// ------------------------------------------------------------------ + +// TPM v1.1B Command Set + +// Authorzation +TPM_RESULT TPM_OIAP( + TPM_AUTH_SESSION* auth //out + ); + +TPM_RESULT TPM_OSAP ( + TPM_ENTITY_TYPE entityType, // in + UINT32 entityValue, // in + const TPM_AUTHDATA* usageAuth, //in + TPM_SECRET *sharedSecret, //out + TPM_AUTH_SESSION *auth); + +TPM_RESULT TPM_TakeOwnership( + const TPM_PUBKEY *pubEK, //in + const TPM_AUTHDATA* ownerAuth, //in + const TPM_AUTHDATA* srkAuth, //in + const TPM_KEY* inSrk, //in + TPM_KEY* outSrk, //out, optional + TPM_AUTH_SESSION* auth // in, out + ); + +TPM_RESULT TPM_DisablePubekRead ( + const TPM_AUTHDATA* ownerAuth, + TPM_AUTH_SESSION* auth + ); + +TPM_RESULT TPM_TerminateHandle ( TPM_AUTHHANDLE handle // in + ); + +TPM_RESULT TPM_FlushSpecific ( TPM_HANDLE handle, // in + TPM_RESOURCE_TYPE resourceType //in + ); + +// TPM Mandatory +TPM_RESULT TPM_Extend ( TPM_PCRINDEX pcrNum, // in + TPM_DIGEST inDigest, // in + TPM_PCRVALUE* outDigest // out + ); + +TPM_RESULT TPM_PcrRead ( TPM_PCRINDEX pcrNum, // in + TPM_PCRVALUE* outDigest // out + ); + +TPM_RESULT TPM_Quote ( TCS_KEY_HANDLE keyHandle, // in + TPM_NONCE antiReplay, // in + UINT32* PcrDataSize, // in, out + BYTE** PcrData, // in, out + TPM_AUTH_SESSION* privAuth, // in, out + UINT32* sigSize, // out + BYTE** sig // out + ); + +TPM_RESULT TPM_Seal( + TCS_KEY_HANDLE keyHandle, // in + UINT32 pcrInfoSize, // in + TPM_PCR_INFO* pcrInfo, // in + UINT32 inDataSize, // in + const BYTE* inData, // in + TPM_STORED_DATA* sealedData, //out + const TPM_SECRET* osapSharedSecret, //in + const TPM_AUTHDATA* sealDataAuth, //in + TPM_AUTH_SESSION* pubAuth // in, out + ); + +TPM_RESULT TPM_Unseal ( + TPM_KEY_HANDLE parentHandle, // in + const TPM_STORED_DATA* sealedData, + UINT32* outSize, // out + BYTE** out, //out + const TPM_AUTHDATA* key_usage_auth, //in + const TPM_AUTHDATA* data_usage_auth, //in + TPM_AUTH_SESSION* keyAuth, // in, out + TPM_AUTH_SESSION* dataAuth // in, out + ); + +TPM_RESULT TPM_DirWriteAuth ( TPM_DIRINDEX dirIndex, // in + TPM_DIRVALUE newContents, // in + TPM_AUTH_SESSION* ownerAuth // in, out + ); + +TPM_RESULT TPM_DirRead ( TPM_DIRINDEX dirIndex, // in + TPM_DIRVALUE* dirValue // out + ); + +TPM_RESULT TPM_Bind( + const TPM_KEY* key, //in + const BYTE* in, //in + UINT32 ilen, //in + BYTE* out //out, must be at least cipher block size + ); + +TPM_RESULT TPM_UnBind ( + TCS_KEY_HANDLE keyHandle, // in + UINT32 ilen, //in + const BYTE* in, // + UINT32* outDataSize, // out + BYTE* outData, //out + const TPM_AUTHDATA* usage_auth, + TPM_AUTH_SESSION* auth //in, out + ); + +TPM_RESULT TPM_CreateWrapKey ( + TCS_KEY_HANDLE hWrappingKey, // in + const TPM_AUTHDATA* osapSharedSecret, + const TPM_AUTHDATA* dataUsageAuth, //in + const TPM_AUTHDATA* dataMigrationAuth, //in + TPM_KEY* key, //in + TPM_AUTH_SESSION* pAuth // in, out + ); + +TPM_RESULT TPM_LoadKey ( + TPM_KEY_HANDLE parentHandle, // + const TPM_KEY* key, //in + TPM_HANDLE* keyHandle, // out + const TPM_AUTHDATA* usage_auth, + TPM_AUTH_SESSION* auth + ); + +TPM_RESULT TPM_GetPubKey ( TCS_KEY_HANDLE hKey, // in + TPM_AUTH_SESSION* pAuth, // in, out + UINT32* pcPubKeySize, // out + BYTE** prgbPubKey // out + ); + +TPM_RESULT TPM_EvictKey ( TCS_KEY_HANDLE hKey // in + ); + +TPM_RESULT TPM_FlushSpecific(TPM_HANDLE handle, //in + TPM_RESOURCE_TYPE rt //in + ); + +TPM_RESULT TPM_Sign ( TCS_KEY_HANDLE keyHandle, // in + UINT32 areaToSignSize, // in + BYTE* areaToSign, // in + TPM_AUTH_SESSION* privAuth, // in, out + UINT32* sigSize, // out + BYTE** sig // out + ); + +TPM_RESULT TPM_GetRandom ( UINT32* bytesRequested, // in, out + BYTE* randomBytes // out + ); + +TPM_RESULT TPM_StirRandom ( UINT32 inDataSize, // in + BYTE* inData // in + ); + +TPM_RESULT TPM_ReadPubek ( + TPM_PUBKEY* pubEK //out + ); + +TPM_RESULT TPM_GetCapability( + TPM_CAPABILITY_AREA capArea, + UINT32 subCapSize, + const BYTE* subCap, + UINT32* respSize, + BYTE** resp); + +TPM_RESULT TPM_SaveState(void); + +TPM_RESULT TPM_CreateEndorsementKeyPair( + const TPM_KEY_PARMS* keyInfo, + TPM_PUBKEY* pubEK); + +TPM_RESULT TPM_TransmitData( + BYTE* in, + UINT32 insize, + BYTE* out, + UINT32* outsize); + +#endif //TPM_H diff -r 06b884fed150 -r 600a6694754a stubdom/vtpmmgr/tpmrsa.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpmmgr/tpmrsa.c Fri Jan 18 10:55:43 2013 +0000 @@ -0,0 +1,175 @@ +/* + * The RSA public-key cryptosystem + * + * Copyright (C) 2006-2011, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +/* + * RSA was designed by Ron Rivest, Adi Shamir and Len Adleman. + * + * http://theory.lcs.mit.edu/~rivest/rsapaper.pdf + * http://www.cacr.math.uwaterloo.ca/hac/about/chap8.pdf + */ + +#include "tcg.h" +#include "polarssl/sha1.h" + +#include +#include + +#include "tpmrsa.h" + +#define HASH_LEN 20 + +void tpmrsa_set_pubkey(tpmrsa_context* ctx, + const unsigned char* key, + int keylen, + const unsigned char* exponent, + int explen) { + + tpmrsa_free(ctx); + + if(explen == 0) { //Default e= 2^16+1 + mpi_lset(&ctx->E, 65537); + } else { + mpi_read_binary(&ctx->E, exponent, explen); + } + mpi_read_binary(&ctx->N, key, keylen); + + ctx->len = ( mpi_msb(&ctx->N) + 7) >> 3; +} + +static TPM_RESULT tpmrsa_public( tpmrsa_context *ctx, + const unsigned char *input, + unsigned char *output ) +{ + int ret; + size_t olen; + mpi T; + + mpi_init( &T ); + + MPI_CHK( mpi_read_binary( &T, input, ctx->len ) ); + + if( mpi_cmp_mpi( &T, &ctx->N ) >= 0 ) + { + mpi_free( &T ); + return TPM_ENCRYPT_ERROR; + } + + olen = ctx->len; + MPI_CHK( mpi_exp_mod( &T, &T, &ctx->E, &ctx->N, &ctx->RN ) ); + MPI_CHK( mpi_write_binary( &T, output, olen ) ); + +cleanup: + + mpi_free( &T ); + + if( ret != 0 ) + return TPM_ENCRYPT_ERROR; + + return TPM_SUCCESS; +} + +static void mgf_mask( unsigned char *dst, int dlen, unsigned char *src, int slen) +{ + unsigned char mask[HASH_LEN]; + unsigned char counter[4] = {0, 0, 0, 0}; + int i; + sha1_context mctx; + + //We always hash the src with the counter, so save the partial hash + sha1_starts(&mctx); + sha1_update(&mctx, src, slen); + + // Generate and apply dbMask + while(dlen > 0) { + //Copy the sha1 context + sha1_context ctx = mctx; + + //compute hash for input || counter + sha1_update(&ctx, counter, sizeof(counter)); + sha1_finish(&ctx, mask); + + //Apply the mask + for(i = 0; i < (dlen < HASH_LEN ? dlen : HASH_LEN); ++i) { + *(dst++) ^= mask[i]; + } + + //Increment counter + ++counter[3]; + + dlen -= HASH_LEN; + } +} + +/* + * Add the message padding, then do an RSA operation + */ +TPM_RESULT tpmrsa_pub_encrypt_oaep( tpmrsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + size_t ilen, + const unsigned char *input, + unsigned char *output ) +{ + int ret; + int olen; + unsigned char* seed = output + 1; + unsigned char* db = output + HASH_LEN +1; + + olen = ctx->len-1; + + if( f_rng == NULL ) + return TPM_ENCRYPT_ERROR; + + if( ilen > olen - 2 * HASH_LEN - 1) + return TPM_ENCRYPT_ERROR; + + output[0] = 0; + + //Encoding parameter p + sha1((unsigned char*)"TCPA", 4, db); + + //PS + memset(db + HASH_LEN, 0, + olen - ilen - 2 * HASH_LEN - 1); + + //constant 1 byte + db[olen - ilen - HASH_LEN -1] = 0x01; + + //input string + memcpy(db + olen - ilen - HASH_LEN, + input, ilen); + + //Generate random seed + if( ( ret = f_rng( p_rng, seed, HASH_LEN ) ) != 0 ) + return TPM_ENCRYPT_ERROR; + + // maskedDB: Apply dbMask to DB + mgf_mask( db, olen - HASH_LEN, seed, HASH_LEN); + + // maskedSeed: Apply seedMask to seed + mgf_mask( seed, HASH_LEN, db, olen - HASH_LEN); + + // Do the crypto op + return tpmrsa_public(ctx, output, output); +} diff -r 06b884fed150 -r 600a6694754a stubdom/vtpmmgr/tpmrsa.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpmmgr/tpmrsa.h Fri Jan 18 10:55:43 2013 +0000 @@ -0,0 +1,67 @@ +/** + * \file rsa.h + * + * \brief The RSA public-key cryptosystem + * + * Copyright (C) 2006-2010, Brainspark B.V. + * + * This file is part of PolarSSL (http://www.polarssl.org) + * Lead Maintainer: Paul Bakker + * + * All rights reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ +#ifndef TPMRSA_H +#define TPMRSA_H + +#include "tcg.h" +#include + +/* tpm software key */ +typedef struct +{ + size_t len; /*!< size(N) in chars */ + + mpi N; /*!< public modulus */ + mpi E; /*!< public exponent */ + + mpi RN; /*!< cached R^2 mod N */ +} +tpmrsa_context; + +#define TPMRSA_CTX_INIT { 0, {0, 0, NULL}, {0, 0, NULL}, {0, 0, NULL}} + +/* Setup the rsa context using tpm public key data */ +void tpmrsa_set_pubkey(tpmrsa_context* ctx, + const unsigned char* key, + int keylen, + const unsigned char* exponent, + int explen); + +/* Do rsa public crypto */ +TPM_RESULT tpmrsa_pub_encrypt_oaep( tpmrsa_context *ctx, + int (*f_rng)(void *, unsigned char *, size_t), + void *p_rng, + size_t ilen, + const unsigned char *input, + unsigned char *output ); + +/* free tpmrsa key */ +inline void tpmrsa_free( tpmrsa_context *ctx ) { + mpi_free( &ctx->RN ); mpi_free( &ctx->E ); mpi_free( &ctx->N ); +} + +#endif /* tpmrsa.h */ diff -r 06b884fed150 -r 600a6694754a stubdom/vtpmmgr/uuid.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpmmgr/uuid.h Fri Jan 18 10:55:43 2013 +0000 @@ -0,0 +1,50 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * based off of the original tools/vtpm_manager code base which is: + * Copyright (c) 2005, Intel Corp. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * * Neither the name of Intel Corporation nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + +#ifndef VTPMMGR_UUID_H +#define VTPMMGR_UUID_H + +#define UUID_FMT "%02hhx%02hhx%02hhx%02hhx-%02hhx%02hhx-%02hhx%02hhx-%02hhx%02hhx-%02hhx%02hhx%02hhx%02hhx%02hhx%02hhx" +#define UUID_FMTLEN ((2*16)+4) /* 16 hex bytes plus 4 hypens */ +#define UUID_BYTES(uuid) uuid[0], uuid[1], uuid[2], uuid[3], \ + uuid[4], uuid[5], uuid[6], uuid[7], \ + uuid[8], uuid[9], uuid[10], uuid[11], \ + uuid[12], uuid[13], uuid[14], uuid[15] + + +typedef uint8_t uuid_t[16]; + +#endif diff -r 06b884fed150 -r 600a6694754a stubdom/vtpmmgr/vtpm_cmd_handler.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpmmgr/vtpm_cmd_handler.c Fri Jan 18 10:55:43 2013 +0000 @@ -0,0 +1,152 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * based off of the original tools/vtpm_manager code base which is: + * Copyright (c) 2005, Intel Corp. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * * Neither the name of Intel Corporation nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + +#include +#include +#include + +#include "marshal.h" +#include "log.h" +#include "vtpm_storage.h" +#include "vtpmmgr.h" +#include "tpm.h" +#include "tcg.h" + +static TPM_RESULT vtpmmgr_SaveHashKey( + const uuid_t uuid, + tpmcmd_t* tpmcmd) +{ + TPM_RESULT status = TPM_SUCCESS; + + if(tpmcmd->req_len != VTPM_COMMAND_HEADER_SIZE + HASHKEYSZ) { + vtpmlogerror(VTPM_LOG_VTPM, "VTPM_ORD_SAVEHASHKEY hashkey too short!\n"); + status = TPM_BAD_PARAMETER; + goto abort_egress; + } + + /* Do the command */ + TPMTRYRETURN(vtpm_storage_save_hashkey(uuid, tpmcmd->req + VTPM_COMMAND_HEADER_SIZE)); + +abort_egress: + pack_TPM_RSP_HEADER(tpmcmd->resp, + VTPM_TAG_RSP, VTPM_COMMAND_HEADER_SIZE, status); + tpmcmd->resp_len = VTPM_COMMAND_HEADER_SIZE; + + return status; +} + +static TPM_RESULT vtpmmgr_LoadHashKey( + const uuid_t uuid, + tpmcmd_t* tpmcmd) { + TPM_RESULT status = TPM_SUCCESS; + + tpmcmd->resp_len = VTPM_COMMAND_HEADER_SIZE; + + TPMTRYRETURN(vtpm_storage_load_hashkey(uuid, tpmcmd->resp + VTPM_COMMAND_HEADER_SIZE)); + + tpmcmd->resp_len += HASHKEYSZ; + +abort_egress: + pack_TPM_RSP_HEADER(tpmcmd->resp, + VTPM_TAG_RSP, tpmcmd->resp_len, status); + + return status; +} + + +TPM_RESULT vtpmmgr_handle_cmd( + const uuid_t uuid, + tpmcmd_t* tpmcmd) +{ + TPM_RESULT status = TPM_SUCCESS; + TPM_TAG tag; + UINT32 size; + TPM_COMMAND_CODE ord; + + unpack_TPM_RQU_HEADER(tpmcmd->req, + &tag, &size, &ord); + + /* Handle the command now */ + switch(tag) { + case VTPM_TAG_REQ: + //This is a vTPM command + switch(ord) { + case VTPM_ORD_SAVEHASHKEY: + return vtpmmgr_SaveHashKey(uuid, tpmcmd); + case VTPM_ORD_LOADHASHKEY: + return vtpmmgr_LoadHashKey(uuid, tpmcmd); + default: + vtpmlogerror(VTPM_LOG_VTPM, "Invalid vTPM Ordinal %" PRIu32 "\n", ord); + status = TPM_BAD_ORDINAL; + } + break; + case TPM_TAG_RQU_COMMAND: + case TPM_TAG_RQU_AUTH1_COMMAND: + case TPM_TAG_RQU_AUTH2_COMMAND: + //This is a TPM passthrough command + switch(ord) { + case TPM_ORD_GetRandom: + vtpmloginfo(VTPM_LOG_VTPM, "Passthrough: TPM_GetRandom\n"); + break; + case TPM_ORD_PcrRead: + vtpmloginfo(VTPM_LOG_VTPM, "Passthrough: TPM_PcrRead\n"); + break; + default: + vtpmlogerror(VTPM_LOG_VTPM, "TPM Disallowed Passthrough ord=%" PRIu32 "\n", ord); + status = TPM_DISABLED_CMD; + goto abort_egress; + } + + size = TCPA_MAX_BUFFER_LENGTH; + TPMTRYRETURN(TPM_TransmitData(tpmcmd->req, tpmcmd->req_len, tpmcmd->resp, &size)); + tpmcmd->resp_len = size; + + unpack_TPM_RESULT(tpmcmd->resp + sizeof(TPM_TAG) + sizeof(UINT32), &status); + return status; + + break; + default: + vtpmlogerror(VTPM_LOG_VTPM, "Invalid tag=%" PRIu16 "\n", tag); + status = TPM_BADTAG; + } + +abort_egress: + tpmcmd->resp_len = VTPM_COMMAND_HEADER_SIZE; + pack_TPM_RSP_HEADER(tpmcmd->resp, + tag + 3, tpmcmd->resp_len, status); + + return status; +} diff -r 06b884fed150 -r 600a6694754a stubdom/vtpmmgr/vtpm_manager.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpmmgr/vtpm_manager.h Fri Jan 18 10:55:43 2013 +0000 @@ -0,0 +1,64 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * based off of the original tools/vtpm_manager code base which is: + * Copyright (c) 2005, Intel Corp. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * * Neither the name of Intel Corporation nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + +#ifndef VTPM_MANAGER_H +#define VTPM_MANAGER_H + +#define VTPM_TAG_REQ 0x01c1 +#define VTPM_TAG_RSP 0x01c4 +#define COMMAND_BUFFER_SIZE 4096 + +// Header size +#define VTPM_COMMAND_HEADER_SIZE ( 2 + 4 + 4) + +//************************ Command Codes **************************** +#define VTPM_ORD_BASE 0x0000 +#define VTPM_PRIV_MASK 0x01000000 // Priviledged VTPM Command +#define VTPM_PRIV_BASE (VTPM_ORD_BASE | VTPM_PRIV_MASK) + +// Non-priviledged VTPM Commands (From DMI's) +#define VTPM_ORD_SAVEHASHKEY (VTPM_ORD_BASE + 1) // DMI requests encryption key for persistent storage +#define VTPM_ORD_LOADHASHKEY (VTPM_ORD_BASE + 2) // DMI requests symkey to be regenerated + +//************************ Return Codes **************************** +#define VTPM_SUCCESS 0 +#define VTPM_FAIL 1 +#define VTPM_UNSUPPORTED 2 +#define VTPM_FORBIDDEN 3 +#define VTPM_RESTORE_CONTEXT_FAILED 4 +#define VTPM_INVALID_REQUEST 5 + +#endif diff -r 06b884fed150 -r 600a6694754a stubdom/vtpmmgr/vtpm_storage.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpmmgr/vtpm_storage.c Fri Jan 18 10:55:43 2013 +0000 @@ -0,0 +1,794 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * THIS SOFTWARE AND ITS DOCUMENTATION ARE PROVIDED AS IS AND WITHOUT + * ANY EXPRESS OR IMPLIED WARRANTIES WHATSOEVER. ALL WARRANTIES + * INCLUDING, BUT NOT LIMITED TO, PERFORMANCE, MERCHANTABILITY, FITNESS + * FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT ARE HEREBY + * DISCLAIMED. USERS ASSUME THE ENTIRE RISK AND LIABILITY OF USING THE + * SOFTWARE. + */ + +/*************************************************************** + * DISK IMAGE LAYOUT + * ************************************************************* + * All data is stored in BIG ENDIAN format + * ************************************************************* + * Section 1: Header + * + * 10 bytes id ID String "VTPMMGRDOM" + * uint32_t version Disk Image version number (current == 1) + * uint32_t storage_key_len Length of the storage Key + * TPM_KEY storage_key Marshalled TPM_KEY structure (See TPM spec v2) + * RSA_BLOCK aes_crypto Encrypted aes key data (RSA_CIPHER_SIZE bytes), bound by the storage_key + * BYTE[32] aes_key Aes key for encrypting the uuid table + * uint32_t cipher_sz Encrypted size of the uuid table + * + * ************************************************************* + * Section 2: Uuid Table + * + * This table is encrypted by the aes_key in the header. The cipher text size is just + * large enough to hold all of the entries plus required padding. + * + * Each entry is as follows + * BYTE[16] uuid Uuid of a vtpm that is stored on this disk + * uint32_t offset Disk offset where the vtpm data is stored + * + * ************************************************************* + * Section 3: Vtpm Table + * + * The rest of the disk stores vtpms. Each vtpm is an RSA_BLOCK encrypted + * by the storage key. Each vtpm must exist on an RSA_BLOCK aligned boundary, + * starting at the first RSA_BLOCK aligned offset after the uuid table. + * As the uuid table grows, vtpms may be relocated. + * + * RSA_BLOCK vtpm_crypto Vtpm data encrypted by storage_key + * BYTE[20] hash Sha1 hash of vtpm encrypted data + * BYTE[16] vtpm_aes_key Encryption key for vtpm data + * + ************************************************************* + */ +#define DISKVERS 1 +#define IDSTR "VTPMMGRDOM" +#define IDSTRLEN 10 +#define AES_BLOCK_SIZE 16 +#define AES_KEY_BITS 256 +#define AES_KEY_SIZE (AES_KEY_BITS/8) +#define BUF_SIZE 4096 + +#define UUID_TBL_ENT_SIZE (sizeof(uuid_t) + sizeof(uint32_t)) + +#define HEADERSZ (10 + 4 + 4) + +#define TRY_READ(buf, size, msg) do {\ + int rc; \ + if((rc = read(blkfront_fd, buf, (size))) != (size)) { \ + vtpmlogerror(VTPM_LOG_VTPM, "read() failed! " msg " : rc=(%d/%d), error=(%s)\n", rc, (int)(size), strerror(errno)); \ + status = TPM_IOERROR;\ + goto abort_egress;\ + } \ +} while(0) + +#define TRY_WRITE(buf, size, msg) do {\ + int rc; \ + if((rc = write(blkfront_fd, buf, (size))) != (size)) { \ + vtpmlogerror(VTPM_LOG_VTPM, "write() failed! " msg " : rc=(%d/%d), error=(%s)\n", rc, (int)(size), strerror(errno)); \ + status = TPM_IOERROR;\ + goto abort_egress;\ + } \ +} while(0) + +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "vtpm_manager.h" +#include "log.h" +#include "marshal.h" +#include "tpm.h" +#include "uuid.h" + +#include "vtpmmgr.h" +#include "vtpm_storage.h" + +#define MAX(a,b) ( ((a) > (b)) ? (a) : (b) ) +#define MIN(a,b) ( ((a) < (b)) ? (a) : (b) ) + +/* blkfront device objets */ +static struct blkfront_dev* blkdev = NULL; +static int blkfront_fd = -1; + +struct Vtpm { + uuid_t uuid; + int offset; +}; +struct Storage { + int aes_offset; + int uuid_offset; + int end_offset; + + int num_vtpms; + int num_vtpms_alloced; + struct Vtpm* vtpms; +}; + +/* Global storage data */ +static struct Storage g_store = { + .vtpms = NULL, +}; + +static int get_offset(void) { + return lseek(blkfront_fd, 0, SEEK_CUR); +} + +static void reset_store(void) { + g_store.aes_offset = 0; + g_store.uuid_offset = 0; + g_store.end_offset = 0; + + g_store.num_vtpms = 0; + g_store.num_vtpms_alloced = 0; + free(g_store.vtpms); + g_store.vtpms = NULL; +} + +static int vtpm_get_index(const uuid_t uuid) { + int st = 0; + int ed = g_store.num_vtpms-1; + while(st <= ed) { + int mid = ((unsigned int)st + (unsigned int)ed) >> 1; //avoid overflow + int c = memcmp(uuid, &g_store.vtpms[mid].uuid, sizeof(uuid_t)); + if(c == 0) { + return mid; + } else if(c > 0) { + st = mid + 1; + } else { + ed = mid - 1; + } + } + return -(st + 1); +} + +static void vtpm_add(const uuid_t uuid, int offset, int index) { + /* Realloc more space if needed */ + if(g_store.num_vtpms >= g_store.num_vtpms_alloced) { + g_store.num_vtpms_alloced += 16; + g_store.vtpms = realloc( + g_store.vtpms, + sizeof(struct Vtpm) * g_store.num_vtpms_alloced); + } + + /* Move everybody after the new guy */ + for(int i = g_store.num_vtpms; i > index; --i) { + g_store.vtpms[i] = g_store.vtpms[i-1]; + } + + vtpmloginfo(VTPM_LOG_VTPM, "Registered vtpm " UUID_FMT "\n", UUID_BYTES(uuid)); + + /* Finally add new one */ + memcpy(g_store.vtpms[index].uuid, uuid, sizeof(uuid_t)); + g_store.vtpms[index].offset = offset; + ++g_store.num_vtpms; +} + +#if 0 +static void vtpm_remove(int index) { + for(i = index; i < g_store.num_vtpms; ++i) { + g_store.vtpms[i] = g_store.vtpms[i+1]; + } + --g_store.num_vtpms; +} +#endif + +static int pack_uuid_table(uint8_t* table, int size, int* nvtpms) { + uint8_t* ptr = table; + while(*nvtpms < g_store.num_vtpms && size >= 0) + { + /* Pack the uuid */ + memcpy(ptr, (uint8_t*)g_store.vtpms[*nvtpms].uuid, sizeof(uuid_t)); + ptr+= sizeof(uuid_t); + + + /* Pack the offset */ + ptr = pack_UINT32(ptr, g_store.vtpms[*nvtpms].offset); + + ++*nvtpms; + size -= UUID_TBL_ENT_SIZE; + } + return ptr - table; +} + +/* Extract the uuids */ +static int extract_uuid_table(uint8_t* table, int size) { + uint8_t* ptr = table; + for(;size >= UUID_TBL_ENT_SIZE; size -= UUID_TBL_ENT_SIZE) { + int index; + uint32_t v32; + + /*uuid_t is just an array of bytes, so we can do a direct cast here */ + uint8_t* uuid = ptr; + ptr += sizeof(uuid_t); + + /* Get the offset of the key */ + ptr = unpack_UINT32(ptr, &v32); + + /* Insert the new vtpm in sorted order */ + if((index = vtpm_get_index(uuid)) >= 0) { + vtpmlogerror(VTPM_LOG_VTPM, "Vtpm (" UUID_FMT ") exists multiple times! ignoring...\n", UUID_BYTES(uuid)); + continue; + } + index = -index -1; + + vtpm_add(uuid, v32, index); + + } + return ptr - table; +} + +static void vtpm_decrypt_block(aes_context* aes, + uint8_t* iv, + uint8_t* cipher, + uint8_t* plain, + int cipher_sz, + int* overlap) +{ + int bytes_ext; + /* Decrypt */ + aes_crypt_cbc(aes, AES_DECRYPT, + cipher_sz, + iv, cipher, plain + *overlap); + + /* Extract */ + bytes_ext = extract_uuid_table(plain, cipher_sz + *overlap); + + /* Copy left overs to the beginning */ + *overlap = cipher_sz + *overlap - bytes_ext; + memcpy(plain, plain + bytes_ext, *overlap); +} + +static int vtpm_encrypt_block(aes_context* aes, + uint8_t* iv, + uint8_t* plain, + uint8_t* cipher, + int block_sz, + int* overlap, + int* num_vtpms) +{ + int bytes_to_crypt; + int bytes_packed; + + /* Pack the uuid table */ + bytes_packed = *overlap + pack_uuid_table(plain + *overlap, block_sz - *overlap, num_vtpms); + bytes_to_crypt = MIN(bytes_packed, block_sz); + + /* Add padding if we aren't on a multiple of the block size */ + if(bytes_to_crypt & (AES_BLOCK_SIZE-1)) { + int oldsz = bytes_to_crypt; + //add padding + bytes_to_crypt += AES_BLOCK_SIZE - (bytes_to_crypt & (AES_BLOCK_SIZE-1)); + //fill padding with random bytes + vtpmmgr_rand(plain + oldsz, bytes_to_crypt - oldsz); + *overlap = 0; + } else { + *overlap = bytes_packed - bytes_to_crypt; + } + + /* Encrypt this chunk */ + aes_crypt_cbc(aes, AES_ENCRYPT, + bytes_to_crypt, + iv, plain, cipher); + + /* Copy the left over partials to the beginning */ + memcpy(plain, plain + bytes_to_crypt, *overlap); + + return bytes_to_crypt; +} + +static TPM_RESULT vtpm_storage_new_vtpm(const uuid_t uuid, int index) { + TPM_RESULT status = TPM_SUCCESS; + uint8_t plain[BUF_SIZE + AES_BLOCK_SIZE]; + uint8_t buf[BUF_SIZE]; + uint8_t* ptr; + int cipher_sz; + aes_context aes; + + /* Add new vtpm to the table */ + vtpm_add(uuid, g_store.end_offset, index); + g_store.end_offset += RSA_CIPHER_SIZE; + + /* Compute the new end location of the encrypted uuid table */ + cipher_sz = AES_BLOCK_SIZE; //IV + cipher_sz += g_store.num_vtpms * UUID_TBL_ENT_SIZE; //uuid table + cipher_sz += (AES_BLOCK_SIZE - (cipher_sz & (AES_BLOCK_SIZE -1))) & (AES_BLOCK_SIZE-1); //aes padding + + /* Does this overlap any key data? If so they need to be relocated */ + int uuid_end = (g_store.uuid_offset + cipher_sz + RSA_CIPHER_SIZE) & ~(RSA_CIPHER_SIZE -1); + for(int i = 0; i < g_store.num_vtpms; ++i) { + if(g_store.vtpms[i].offset < uuid_end) { + + vtpmloginfo(VTPM_LOG_VTPM, "Relocating vtpm data\n"); + + //Read the hashkey cipher text + lseek(blkfront_fd, g_store.vtpms[i].offset, SEEK_SET); + TRY_READ(buf, RSA_CIPHER_SIZE, "vtpm hashkey relocate"); + + //Write the cipher text to new offset + lseek(blkfront_fd, g_store.end_offset, SEEK_SET); + TRY_WRITE(buf, RSA_CIPHER_SIZE, "vtpm hashkey relocate"); + + //Save new offset + g_store.vtpms[i].offset = g_store.end_offset; + g_store.end_offset += RSA_CIPHER_SIZE; + } + } + + vtpmloginfo(VTPM_LOG_VTPM, "Generating a new symmetric key\n"); + + /* Generate an aes key */ + TPMTRYRETURN(vtpmmgr_rand(plain, AES_KEY_SIZE)); + aes_setkey_enc(&aes, plain, AES_KEY_BITS); + ptr = plain + AES_KEY_SIZE; + + /* Pack the crypted size */ + ptr = pack_UINT32(ptr, cipher_sz); + + vtpmloginfo(VTPM_LOG_VTPM, "Binding encrypted key\n"); + + /* Seal the key and size */ + TPMTRYRETURN(TPM_Bind(&vtpm_globals.storage_key, + plain, + ptr - plain, + buf)); + + /* Write the sealed key to disk */ + lseek(blkfront_fd, g_store.aes_offset, SEEK_SET); + TRY_WRITE(buf, RSA_CIPHER_SIZE, "vtpm aes key"); + + /* ENCRYPT AND WRITE UUID TABLE */ + + vtpmloginfo(VTPM_LOG_VTPM, "Encrypting the uuid table\n"); + + int num_vtpms = 0; + int overlap = 0; + int bytes_crypted; + uint8_t iv[AES_BLOCK_SIZE]; + + /* Generate the iv for the first block */ + TPMTRYRETURN(vtpmmgr_rand(iv, AES_BLOCK_SIZE)); + + /* Copy the iv to the cipher text buffer to be written to disk */ + memcpy(buf, iv, AES_BLOCK_SIZE); + ptr = buf + AES_BLOCK_SIZE; + + /* Encrypt the first block of the uuid table */ + bytes_crypted = vtpm_encrypt_block(&aes, + iv, //iv + plain, //plaintext + ptr, //cipher text + BUF_SIZE - AES_BLOCK_SIZE, + &overlap, + &num_vtpms); + + /* Write the iv followed by the crypted table*/ + TRY_WRITE(buf, bytes_crypted + AES_BLOCK_SIZE, "vtpm uuid table"); + + /* Decrement the number of bytes encrypted */ + cipher_sz -= bytes_crypted + AES_BLOCK_SIZE; + + /* If there are more vtpms, encrypt and write them block by block */ + while(cipher_sz > 0) { + /* Encrypt the next block of the uuid table */ + bytes_crypted = vtpm_encrypt_block(&aes, + iv, + plain, + buf, + BUF_SIZE, + &overlap, + &num_vtpms); + + /* Write the cipher text to disk */ + TRY_WRITE(buf, bytes_crypted, "vtpm uuid table"); + + cipher_sz -= bytes_crypted; + } + + goto egress; +abort_egress: +egress: + return status; +} + + +/************************************** + * PUBLIC FUNCTIONS + * ***********************************/ + +int vtpm_storage_init(void) { + struct blkfront_info info; + if((blkdev = init_blkfront(NULL, &info)) == NULL) { + return -1; + } + if((blkfront_fd = blkfront_open(blkdev)) < 0) { + return -1; + } + return 0; +} + +void vtpm_storage_shutdown(void) { + reset_store(); + close(blkfront_fd); +} + +TPM_RESULT vtpm_storage_load_hashkey(const uuid_t uuid, uint8_t hashkey[HASHKEYSZ]) +{ + TPM_RESULT status = TPM_SUCCESS; + int index; + uint8_t cipher[RSA_CIPHER_SIZE]; + uint8_t clear[RSA_CIPHER_SIZE]; + UINT32 clear_size; + + /* Find the index of this uuid */ + if((index = vtpm_get_index(uuid)) < 0) { + index = -index-1; + vtpmlogerror(VTPM_LOG_VTPM, "LoadKey failure: Unrecognized uuid! " UUID_FMT "\n", UUID_BYTES(uuid)); + status = TPM_BAD_PARAMETER; + goto abort_egress; + } + + /* Read the table entry */ + lseek(blkfront_fd, g_store.vtpms[index].offset, SEEK_SET); + TRY_READ(cipher, RSA_CIPHER_SIZE, "vtpm hashkey data"); + + /* Decrypt the table entry */ + TPMTRYRETURN(TPM_UnBind( + vtpm_globals.storage_key_handle, + RSA_CIPHER_SIZE, + cipher, + &clear_size, + clear, + (const TPM_AUTHDATA*)&vtpm_globals.storage_key_usage_auth, + &vtpm_globals.oiap)); + + if(clear_size < HASHKEYSZ) { + vtpmloginfo(VTPM_LOG_VTPM, "Decrypted Hash key size (%" PRIu32 ") was too small!\n", clear_size); + status = TPM_RESOURCES; + goto abort_egress; + } + + memcpy(hashkey, clear, HASHKEYSZ); + + vtpmloginfo(VTPM_LOG_VTPM, "Loaded hash and key for vtpm " UUID_FMT "\n", UUID_BYTES(uuid)); + goto egress; +abort_egress: + vtpmlogerror(VTPM_LOG_VTPM, "Failed to load key\n"); +egress: + return status; +} + +TPM_RESULT vtpm_storage_save_hashkey(const uuid_t uuid, uint8_t hashkey[HASHKEYSZ]) +{ + TPM_RESULT status = TPM_SUCCESS; + int index; + uint8_t buf[RSA_CIPHER_SIZE]; + + /* Find the index of this uuid */ + if((index = vtpm_get_index(uuid)) < 0) { + index = -index-1; + /* Create a new vtpm */ + TPMTRYRETURN( vtpm_storage_new_vtpm(uuid, index) ); + } + + /* Encrypt the hash and key */ + TPMTRYRETURN( TPM_Bind(&vtpm_globals.storage_key, + hashkey, + HASHKEYSZ, + buf)); + + /* Write to disk */ + lseek(blkfront_fd, g_store.vtpms[index].offset, SEEK_SET); + TRY_WRITE(buf, RSA_CIPHER_SIZE, "vtpm hashkey data"); + + vtpmloginfo(VTPM_LOG_VTPM, "Saved hash and key for vtpm " UUID_FMT "\n", UUID_BYTES(uuid)); + goto egress; +abort_egress: + vtpmlogerror(VTPM_LOG_VTPM, "Failed to save key\n"); +egress: + return status; +} + +TPM_RESULT vtpm_storage_new_header() +{ + TPM_RESULT status = TPM_SUCCESS; + uint8_t buf[BUF_SIZE]; + uint8_t keybuf[AES_KEY_SIZE + sizeof(uint32_t)]; + uint8_t* ptr = buf; + uint8_t* sptr; + + /* Clear everything first */ + reset_store(); + + vtpmloginfo(VTPM_LOG_VTPM, "Creating new disk image header\n"); + + /*Copy the ID string */ + memcpy(ptr, IDSTR, IDSTRLEN); + ptr += IDSTRLEN; + + /*Copy the version */ + ptr = pack_UINT32(ptr, DISKVERS); + + /*Save the location of the key size */ + sptr = ptr; + ptr += sizeof(UINT32); + + vtpmloginfo(VTPM_LOG_VTPM, "Saving root storage key..\n"); + + /* Copy the storage key */ + ptr = pack_TPM_KEY(ptr, &vtpm_globals.storage_key); + + /* Now save the size */ + pack_UINT32(sptr, ptr - (sptr + 4)); + + /* Create a fake aes key and set cipher text size to 0 */ + memset(keybuf, 0, sizeof(keybuf)); + + vtpmloginfo(VTPM_LOG_VTPM, "Binding uuid table symmetric key..\n"); + + /* Save the location of the aes key */ + g_store.aes_offset = ptr - buf; + + /* Store the fake aes key and vtpm count */ + TPMTRYRETURN(TPM_Bind(&vtpm_globals.storage_key, + keybuf, + sizeof(keybuf), + ptr)); + ptr+= RSA_CIPHER_SIZE; + + /* Write the header to disk */ + lseek(blkfront_fd, 0, SEEK_SET); + TRY_WRITE(buf, ptr-buf, "vtpm header"); + + /* Save the location of the uuid table */ + g_store.uuid_offset = get_offset(); + + /* Save the end offset */ + g_store.end_offset = (g_store.uuid_offset + RSA_CIPHER_SIZE) & ~(RSA_CIPHER_SIZE -1); + + vtpmloginfo(VTPM_LOG_VTPM, "Saved new manager disk header.\n"); + + goto egress; +abort_egress: +egress: + return status; +} + + +TPM_RESULT vtpm_storage_load_header(void) +{ + TPM_RESULT status = TPM_SUCCESS; + uint32_t v32; + uint8_t buf[BUF_SIZE]; + uint8_t* ptr = buf; + aes_context aes; + + /* Clear everything first */ + reset_store(); + + /* Read the header from disk */ + lseek(blkfront_fd, 0, SEEK_SET); + TRY_READ(buf, IDSTRLEN + sizeof(UINT32) + sizeof(UINT32), "vtpm header"); + + vtpmloginfo(VTPM_LOG_VTPM, "Loading disk image header\n"); + + /* Verify the ID string */ + if(memcmp(ptr, IDSTR, IDSTRLEN)) { + vtpmlogerror(VTPM_LOG_VTPM, "Invalid ID string in disk image!\n"); + status = TPM_FAIL; + goto abort_egress; + } + ptr+=IDSTRLEN; + + /* Unpack the version */ + ptr = unpack_UINT32(ptr, &v32); + + /* Verify the version */ + if(v32 != DISKVERS) { + vtpmlogerror(VTPM_LOG_VTPM, "Unsupported disk image version number %" PRIu32 "\n", v32); + status = TPM_FAIL; + goto abort_egress; + } + + /* Size of the storage key */ + ptr = unpack_UINT32(ptr, &v32); + + /* Sanity check */ + if(v32 > BUF_SIZE) { + vtpmlogerror(VTPM_LOG_VTPM, "Size of storage key (%" PRIu32 ") is too large!\n", v32); + status = TPM_IOERROR; + goto abort_egress; + } + + /* read the storage key */ + TRY_READ(buf, v32, "storage pub key"); + + vtpmloginfo(VTPM_LOG_VTPM, "Unpacking storage key\n"); + + /* unpack the storage key */ + ptr = unpack_TPM_KEY(buf, &vtpm_globals.storage_key, UNPACK_ALLOC); + + /* Load Storage Key into the TPM */ + TPMTRYRETURN( TPM_LoadKey( + TPM_SRK_KEYHANDLE, + &vtpm_globals.storage_key, + &vtpm_globals.storage_key_handle, + (const TPM_AUTHDATA*)&vtpm_globals.srk_auth, + &vtpm_globals.oiap)); + + /* Initialize the storage key auth */ + memset(vtpm_globals.storage_key_usage_auth, 0, sizeof(TPM_AUTHDATA)); + + /* Store the offset of the aes key */ + g_store.aes_offset = get_offset(); + + /* Read the rsa cipher text for the aes key */ + TRY_READ(buf, RSA_CIPHER_SIZE, "aes key"); + ptr = buf + RSA_CIPHER_SIZE; + + vtpmloginfo(VTPM_LOG_VTPM, "Unbinding uuid table symmetric key\n"); + + /* Decrypt the aes key protecting the uuid table */ + UINT32 datalen; + TPMTRYRETURN(TPM_UnBind( + vtpm_globals.storage_key_handle, + RSA_CIPHER_SIZE, + buf, + &datalen, + ptr, + (const TPM_AUTHDATA*)&vtpm_globals.storage_key_usage_auth, + &vtpm_globals.oiap)); + + /* Validate the length of the output buffer */ + if(datalen < AES_KEY_SIZE + sizeof(UINT32)) { + vtpmlogerror(VTPM_LOG_VTPM, "Unbound AES key size (%d) was too small! expected (%ld)\n", datalen, AES_KEY_SIZE + sizeof(UINT32)); + status = TPM_IOERROR; + goto abort_egress; + } + + /* Extract the aes key */ + aes_setkey_dec(&aes, ptr, AES_KEY_BITS); + ptr+= AES_KEY_SIZE; + + /* Extract the ciphertext size */ + ptr = unpack_UINT32(ptr, &v32); + int cipher_size = v32; + + /* Sanity check */ + if(cipher_size & (AES_BLOCK_SIZE-1)) { + vtpmlogerror(VTPM_LOG_VTPM, "Cipher text size (%" PRIu32 ") is not a multiple of the aes block size! (%d)\n", v32, AES_BLOCK_SIZE); + status = TPM_IOERROR; + goto abort_egress; + } + + /* Save the location of the uuid table */ + g_store.uuid_offset = get_offset(); + + /* Only decrypt the table if there are vtpms to decrypt */ + if(cipher_size > 0) { + int rbytes; + int overlap = 0; + uint8_t plain[BUF_SIZE + AES_BLOCK_SIZE]; + uint8_t iv[AES_BLOCK_SIZE]; + + vtpmloginfo(VTPM_LOG_VTPM, "Decrypting uuid table\n"); + + /* Pre allocate the vtpm array */ + g_store.num_vtpms_alloced = cipher_size / UUID_TBL_ENT_SIZE; + g_store.vtpms = malloc(sizeof(struct Vtpm) * g_store.num_vtpms_alloced); + + /* Read the iv and the first chunk of cipher text */ + rbytes = MIN(cipher_size, BUF_SIZE); + TRY_READ(buf, rbytes, "vtpm uuid table\n"); + cipher_size -= rbytes; + + /* Copy the iv */ + memcpy(iv, buf, AES_BLOCK_SIZE); + ptr = buf + AES_BLOCK_SIZE; + + /* Remove the iv from the number of bytes to decrypt */ + rbytes -= AES_BLOCK_SIZE; + + /* Decrypt and extract vtpms */ + vtpm_decrypt_block(&aes, + iv, ptr, plain, + rbytes, &overlap); + + /* Read the rest of the table if there is more */ + while(cipher_size > 0) { + /* Read next chunk of cipher text */ + rbytes = MIN(cipher_size, BUF_SIZE); + TRY_READ(buf, rbytes, "vtpm uuid table"); + cipher_size -= rbytes; + + /* Decrypt a block of text */ + vtpm_decrypt_block(&aes, + iv, buf, plain, + rbytes, &overlap); + + } + vtpmloginfo(VTPM_LOG_VTPM, "Loaded %d vtpms!\n", g_store.num_vtpms); + } + + /* The end of the key table, new vtpms go here */ + int uuid_end = (get_offset() + RSA_CIPHER_SIZE) & ~(RSA_CIPHER_SIZE -1); + g_store.end_offset = uuid_end; + + /* Compute the end offset while validating vtpms*/ + for(int i = 0; i < g_store.num_vtpms; ++i) { + /* offset must not collide with previous data */ + if(g_store.vtpms[i].offset < uuid_end) { + vtpmlogerror(VTPM_LOG_VTPM, "vtpm: " UUID_FMT + " offset (%d) is before end of uuid table (%d)!\n", + UUID_BYTES(g_store.vtpms[i].uuid), + g_store.vtpms[i].offset, uuid_end); + status = TPM_IOERROR; + goto abort_egress; + } + /* offset must be at a multiple of cipher size */ + if(g_store.vtpms[i].offset & (RSA_CIPHER_SIZE-1)) { + vtpmlogerror(VTPM_LOG_VTPM, "vtpm: " UUID_FMT + " offset(%d) is not at a multiple of the rsa cipher text size (%d)!\n", + UUID_BYTES(g_store.vtpms[i].uuid), + g_store.vtpms[i].offset, RSA_CIPHER_SIZE); + status = TPM_IOERROR; + goto abort_egress; + } + /* Save the last offset */ + if(g_store.vtpms[i].offset >= g_store.end_offset) { + g_store.end_offset = g_store.vtpms[i].offset + RSA_CIPHER_SIZE; + } + } + + goto egress; +abort_egress: + //An error occured somewhere + vtpmlogerror(VTPM_LOG_VTPM, "Failed to load manager data!\n"); + + //Clear the data store + reset_store(); + + //Reset the storage key structure + free_TPM_KEY(&vtpm_globals.storage_key); + { + TPM_KEY key = TPM_KEY_INIT; + vtpm_globals.storage_key = key; + } + + //Reset the storage key handle + TPM_EvictKey(vtpm_globals.storage_key_handle); + vtpm_globals.storage_key_handle = 0; +egress: + return status; +} + +#if 0 +/* For testing disk IO */ +void add_fake_vtpms(int num) { + for(int i = 0; i < num; ++i) { + uint32_t ind = cpu_to_be32(i); + + uuid_t uuid; + memset(uuid, 0, sizeof(uuid_t)); + memcpy(uuid, &ind, sizeof(ind)); + int index = vtpm_get_index(uuid); + index = -index-1; + + vtpm_storage_new_vtpm(uuid, index); + } +} +#endif diff -r 06b884fed150 -r 600a6694754a stubdom/vtpmmgr/vtpm_storage.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpmmgr/vtpm_storage.h Fri Jan 18 10:55:43 2013 +0000 @@ -0,0 +1,68 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * based off of the original tools/vtpm_manager code base which is: + * Copyright (c) 2005, Intel Corp. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * * Neither the name of Intel Corporation nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + +#ifndef VTPM_STORAGE_H +#define VTPM_STORAGE_h + +#include "uuid.h" + +#define VTPM_NVMKEY_SIZE 32 +#define HASHKEYSZ (sizeof(TPM_DIGEST) + VTPM_NVMKEY_SIZE) + +/* Initialize the storage system and its virtual disk */ +int vtpm_storage_init(void); + +/* Shutdown the storage system and its virtual disk */ +void vtpm_storage_shutdown(void); + +/* Loads Sha1 hash and 256 bit AES key from disk and stores them + * packed together in outbuf. outbuf must be freed + * by the caller using buffer_free() + */ +TPM_RESULT vtpm_storage_load_hashkey(const uuid_t uuid, uint8_t hashkey[HASHKEYSZ]); + +/* inbuf must contain a sha1 hash followed by a 256 bit AES key. + * Encrypts and stores the hash and key to disk */ +TPM_RESULT vtpm_storage_save_hashkey(const uuid_t uuid, uint8_t hashkey[HASHKEYSZ]); + +/* Load the vtpm manager data - call this on startup */ +TPM_RESULT vtpm_storage_load_header(void); + +/* Saves the vtpm manager data - call this on shutdown */ +TPM_RESULT vtpm_storage_new_header(void); + + +#endif diff -r 06b884fed150 -r 600a6694754a stubdom/vtpmmgr/vtpmmgr.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpmmgr/vtpmmgr.c Fri Jan 18 10:55:43 2013 +0000 @@ -0,0 +1,93 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * based off of the original tools/vtpm_manager code base which is: + * Copyright (c) 2005, Intel Corp. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * * Neither the name of Intel Corporation nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + +#include +#include +#include +#include +#include +#include +#include "log.h" + +#include "vtpmmgr.h" +#include "tcg.h" + + +void main_loop(void) { + tpmcmd_t* tpmcmd; + uint8_t respbuf[TCPA_MAX_BUFFER_LENGTH]; + + while(1) { + /* Wait for requests from a vtpm */ + vtpmloginfo(VTPM_LOG_VTPM, "Waiting for commands from vTPM's:\n"); + if((tpmcmd = tpmback_req_any()) == NULL) { + vtpmlogerror(VTPM_LOG_VTPM, "NULL tpmcmd\n"); + continue; + } + + tpmcmd->resp = respbuf; + + /* Process the command */ + vtpmmgr_handle_cmd(tpmcmd->uuid, tpmcmd); + + /* Send response */ + tpmback_resp(tpmcmd); + } +} + +int main(int argc, char** argv) +{ + int rc = 0; + sleep(2); + vtpmloginfo(VTPM_LOG_VTPM, "Starting vTPM manager domain\n"); + + /* Initialize the vtpm manager */ + if(vtpmmgr_init(argc, argv) != TPM_SUCCESS) { + vtpmlogerror(VTPM_LOG_VTPM, "Unable to initialize vtpmmgr domain!\n"); + rc = -1; + goto exit; + } + + main_loop(); + + vtpmloginfo(VTPM_LOG_VTPM, "vTPM Manager shutting down...\n"); + + vtpmmgr_shutdown(); + +exit: + return rc; + +} diff -r 06b884fed150 -r 600a6694754a stubdom/vtpmmgr/vtpmmgr.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/vtpmmgr/vtpmmgr.h Fri Jan 18 10:55:43 2013 +0000 @@ -0,0 +1,77 @@ +/* + * Copyright (c) 2010-2012 United States Government, as represented by + * the Secretary of Defense. All rights reserved. + * + * based off of the original tools/vtpm_manager code base which is: + * Copyright (c) 2005, Intel Corp. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * * Neither the name of Intel Corporation nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. +*/ + +#ifndef VTPMMGR_H +#define VTPMMGR_H + +#include +#include +#include + +#include "uuid.h" +#include "tcg.h" +#include "vtpm_manager.h" + +#define RSA_KEY_SIZE 0x0800 +#define RSA_CIPHER_SIZE (RSA_KEY_SIZE / 8) + +struct vtpm_globals { + int tpm_fd; + TPM_KEY storage_key; + TPM_HANDLE storage_key_handle; // Key used by persistent store + TPM_AUTH_SESSION oiap; // OIAP session for storageKey + TPM_AUTHDATA storage_key_usage_auth; + + TPM_AUTHDATA owner_auth; + TPM_AUTHDATA srk_auth; + + entropy_context entropy; + ctr_drbg_context ctr_drbg; +}; + +// --------------------------- Global Values -------------------------- +extern struct vtpm_globals vtpm_globals; // Key info and DMI states + +TPM_RESULT vtpmmgr_init(int argc, char** argv); +void vtpmmgr_shutdown(void); + +TPM_RESULT vtpmmgr_handle_cmd(const uuid_t uuid, tpmcmd_t* tpmcmd); + +inline TPM_RESULT vtpmmgr_rand(unsigned char* bytes, size_t num_bytes) { + return ctr_drbg_random(&vtpm_globals.ctr_drbg, bytes, num_bytes) == 0 ? 0 : TPM_FAIL; +} + +#endif _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:33:27 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:33:27 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvj-0001Fz-3H; Mon, 21 Jan 2013 22:33:27 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvh-0001AU-0D for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:25 +0000 Received: from [193.109.254.147:9942] by server-11.bemta-14.messagelabs.com id 4D/CD-18979-432CDF05; Mon, 21 Jan 2013 22:33:24 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-8.tower-27.messagelabs.com!1358807593!9336375!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG, ML_RADAR_SPEW_LINKS_23,spamassassin: X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 588 invoked from network); 21 Jan 2013 22:33:14 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-8.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:33:14 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvU-0005g1-Uz for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:12 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPvU-0003hs-G9 for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:12 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:11 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] stubdom: Add autoconf X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============4009296181241248125==" Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org --===============4009296181241248125== Content-Type: text/plain # HG changeset patch # User Matthew Fioravante # Date 1358506547 0 # Node ID e1d7053e4d4575d052bd72cb4a44718281bdd35d # Parent 712419ef207b6897e58e6b6474f1054e43d65a3a stubdom: Add autoconf Stub domains now use autoconf to build. This configure script can enable or disable specific domains and also specify custom download locations for stubdom library packages. See ./configure --help for details. C and Caml are disabled by default. vtpm-stubdom is conditional on the presense of cmake. Rename vtpmmgrdom to vtpmmgr-stubdom Also update .*ignore Signed-off-by: Matthew Fioravante Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r 712419ef207b -r e1d7053e4d45 .gitignore --- a/.gitignore Fri Jan 18 10:55:46 2013 +0000 +++ b/.gitignore Fri Jan 18 10:55:47 2013 +0000 @@ -93,7 +93,10 @@ patches/tmp/* pristine-* ref-* tmp-* +stubdom/autom4te.cache stubdom/binutils-* +stubdom/config.log +stubdom/config.status stubdom/cross-root-* stubdom/gcc-* stubdom/include @@ -123,6 +126,7 @@ tools/config.log tools/config.status tools/config.cache config/Tools.mk +config/Stubdom.mk tools/blktap2/daemon/blktapctrl tools/blktap2/drivers/img2qcow tools/blktap2/drivers/lock-util diff -r 712419ef207b -r e1d7053e4d45 .hgignore --- a/.hgignore Fri Jan 18 10:55:46 2013 +0000 +++ b/.hgignore Fri Jan 18 10:55:47 2013 +0000 @@ -89,7 +89,10 @@ ^pristine-.*$ ^ref-.*$ ^tmp-.*$ +^stubdom/autom4te\.cache$ ^stubdom/binutils-.*$ +^stubdom/config\.log$ +^stubdom/config\.status$ ^stubdom/cross-root-.*$ ^stubdom/gcc-.*$ ^stubdom/include$ diff -r 712419ef207b -r e1d7053e4d45 autogen.sh --- a/autogen.sh Fri Jan 18 10:55:46 2013 +0000 +++ b/autogen.sh Fri Jan 18 10:55:47 2013 +0000 @@ -2,3 +2,5 @@ cd tools autoconf autoheader +cd ../stubdom +autoconf diff -r 712419ef207b -r e1d7053e4d45 config/Stubdom.mk.in --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/config/Stubdom.mk.in Fri Jan 18 10:55:47 2013 +0000 @@ -0,0 +1,45 @@ +# Prefix and install folder +prefix := @prefix@ +PREFIX := $(prefix) +exec_prefix := @exec_prefix@ +libdir := @libdir@ +LIBDIR := $(libdir) + +# Path Programs +CMAKE := @CMAKE@ +WGET := @WGET@ -c + +# A debug build of stubdom? //FIXME: Someone make this do something +debug := @debug@ +vtpm = @vtpm@ + +STUBDOM_TARGETS := @STUBDOM_TARGETS@ +STUBDOM_BUILD := @STUBDOM_BUILD@ +STUBDOM_INSTALL := @STUBDOM_INSTALL@ + +ZLIB_VERSION := @ZLIB_VERSION@ +ZLIB_URL := @ZLIB_URL@ + +LIBPCI_VERSION := @LIBPCI_VERSION@ +LIBPCI_URL := @LIBPCI_URL@ + +NEWLIB_VERSION := @NEWLIB_VERSION@ +NEWLIB_URL := @NEWLIB_URL@ + +LWIP_VERSION := @LWIP_VERSION@ +LWIP_URL := @LWIP_URL@ + +GRUB_VERSION := @GRUB_VERSION@ +GRUB_URL := @GRUB_URL@ + +OCAML_VERSION := @OCAML_VERSION@ +OCAML_URL := @OCAML_URL@ + +GMP_VERSION := @GMP_VERSION@ +GMP_URL := @GMP_URL@ + +POLARSSL_VERSION := @POLARSSL_VERSION@ +POLARSSL_URL := @POLARSSL_URL@ + +TPMEMU_VERSION := @TPMEMU_VERSION@ +TPMEMU_URL := @TPMEMU_URL@ diff -r 712419ef207b -r e1d7053e4d45 docs/misc/vtpm.txt --- a/docs/misc/vtpm.txt Fri Jan 18 10:55:46 2013 +0000 +++ b/docs/misc/vtpm.txt Fri Jan 18 10:55:47 2013 +0000 @@ -20,7 +20,7 @@ chain of trust rooted in the hardware TP major component of vTPM is implemented as a separate domain, providing secure separation guaranteed by the hypervisor. The vTPM domains are implemented in mini-os to reduce memory and processor overhead. - + This mini-os vTPM subsystem was built on top of the previous vTPM work done by IBM and Intel corporation. @@ -53,7 +53,7 @@ The architecture of vTPM is described be | mini-os/tpmback | | | ^ | | v | | -| vtpmmgrdom | +| vtpmmgr-stubdom | | | ^ | | v | | | mini-os/tpm_tis | @@ -72,7 +72,7 @@ The architecture of vTPM is described be * mini-os/tpmback: Mini-os TPM backend driver. The Linux frontend driver connects to this backend driver to facilitate communications between the Linux DomU and its vTPM. This - driver is also used by vtpmmgrdom to communicate with + driver is also used by vtpmmgr-stubdom to communicate with vtpm-stubdom. * vtpm-stubdom: A mini-os stub domain that implements a vTPM. There is a @@ -82,20 +82,20 @@ The architecture of vTPM is described be * mini-os/tpmfront: Mini-os TPM frontend driver. The vTPM mini-os domain vtpm-stubdom uses this driver to communicate with - vtpmmgrdom. This driver could also be used separately to + vtpmmgr-stubdom. This driver could also be used separately to implement a mini-os domain that wishes to use a vTPM of its own. - * vtpmmgrdom: A mini-os domain that implements the vTPM manager. + * vtpmmgr-stubdom: A mini-os domain that implements the vTPM manager. There is only one vTPM manager and it should be running during the entire lifetime of the machine. This domain regulates access to the physical TPM on the system and secures the persistent state of each vTPM. * mini-os/tpm_tis: Mini-os TPM version 1.2 TPM Interface Specification (TIS) - driver. This driver used by vtpmmgrdom to talk directly to + driver. This driver used by vtpmmgr-stubdom to talk directly to the hardware TPM. Communication is facilitated by mapping - hardware memory pages into vtpmmgrdom. + hardware memory pages into vtpmmgr-stubdom. * Hardware TPM: The physical TPM that is soldered onto the motherboard. @@ -143,21 +143,21 @@ encrypted data. The image does not requi and can live anywhere on the host disk. The image does not need to be large. 8 to 16 Mb should be sufficient. -# dd if=/dev/zero of=/var/vtpmmgrdom.img bs=16M count=1 +# dd if=/dev/zero of=/var/vtpmmgr-stubdom.img bs=16M count=1 Manager config file: -------------------- -The vTPM Manager domain (vtpmmgrdom) must be started like +The vTPM Manager domain (vtpmmgr-stubdom) must be started like any other Xen virtual machine and requires a config file. The manager requires a disk image for storage and permission to access the hardware memory pages for the TPM. An example configuration looks like the following. -kernel="/usr/lib/xen/boot/vtpmmgrdom.gz" +kernel="/usr/lib/xen/boot/vtpmmgr-stubdom.gz" memory=16 -disk=["file:/var/vtpmmgrdom.img,hda,w"] -name="vtpmmgrdom" +disk=["file:/var/vtpmmgr-stubdom.img,hda,w"] +name="vtpmmgr" iomem=["fed40,5"] The iomem line tells xl to allow access to the TPM @@ -170,7 +170,7 @@ Starting and stopping the manager: The vTPM manager should be started at boot, you may wish to create an init script to do this. -# xl create -c vtpmmgrdom.cfg +# xl create -c vtpmmgr-stubdom.cfg Once initialization is complete you should see the following: INFO[VTPM]: Waiting for commands from vTPM's: @@ -179,7 +179,7 @@ To shutdown the manager you must destroy only destroy the manager when you see the above "Waiting for commands" message. This ensures the disk is in a consistent state. -# xl destroy vtpmmgrdom +# xl destroy vtpmmgr-stubdom ------------------------------ VTPM AND LINUX PVM SETUP @@ -211,10 +211,10 @@ kernel="/usr/lib/xen/boot/vtpm-stubdom.g memory=8 disk=["file:/home/user/domu/vtpm.img,hda,w"] name="domu-vtpm" -vtpm=["backend=vtpmmgrdom,uuid=ac0a5b9e-cbe2-4c07-b43b-1d69e46fb839"] +vtpm=["backend=vtpmmgr,uuid=ac0a5b9e-cbe2-4c07-b43b-1d69e46fb839"] The vtpm= line sets up the tpm frontend driver. The backend must set -to vtpmmgrdom. You are required to generate a uuid for this vtpm. +to vtpmmgr. You are required to generate a uuid for this vtpm. You can use the uuidgen unix program or some other method to create a uuid. The uuid uniquely identifies this vtpm to manager. @@ -273,7 +273,7 @@ The version command should return the fo You should also see the command being sent to the vtpm console as well as the vtpm saving its state. You should see the vtpm key being -encrypted and stored on the vtpmmgrdom console. +encrypted and stored on the vtpmmgr console. To shutdown the guest and its vtpm, you just have to shutdown the guest normally. As soon as the guest vm disconnects, the vtpm will shut itself diff -r 712419ef207b -r e1d7053e4d45 m4/curses.m4 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/m4/curses.m4 Fri Jan 18 10:55:47 2013 +0000 @@ -0,0 +1,20 @@ +AC_DEFUN([AX_CHECK_CURSES], [ +AC_CHECK_HEADER([curses.h], [ + AC_CHECK_LIB([curses], [clear], [curses="y"], [curses="n"]) +], [curses="n"]) +AC_CHECK_HEADER([ncurses.h], [ + AC_CHECK_LIB([ncurses], [clear], [ncurses="y"], [ncurses="n"]) +], [ncurses="n"]) +AS_IF([test "$curses" = "n" && test "$ncurses" = "n"], [ + AC_MSG_ERROR([Unable to find a suitable curses library]) +]) +# Prefer ncurses over curses if both are present +AS_IF([test "$ncurses" = "y"], [ + CURSES_LIBS="-lncurses" + AC_DEFINE([INCLUDE_CURSES_H], [], [Define curses header to use]) +], [ + CURSES_LIBS="-lcurses" + AC_DEFINE([INCLUDE_CURSES_H], [], [Define curses header to use]) +]) +AC_SUBST(CURSES_LIBS) +]) diff -r 712419ef207b -r e1d7053e4d45 m4/depends.m4 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/m4/depends.m4 Fri Jan 18 10:55:47 2013 +0000 @@ -0,0 +1,15 @@ + +AC_DEFUN([AX_DEPENDS_PATH_PROG], [ +AS_IF([test "x$$1" = "xy"], [AX_PATH_PROG_OR_FAIL([$2], [$3])], [ +AS_IF([test "x$$1" = "xn"], [ +$2="/$3-disabled-in-configure-script" +], [ +AC_PATH_PROG([$2], [$3], [no]) +AS_IF([test x"${$2}" = "xno"], [ +$1=n +$2="/$3-disabled-in-configure-script" +]) +]) +]) +AC_SUBST($2) +]) diff -r 712419ef207b -r e1d7053e4d45 m4/extfs.m4 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/m4/extfs.m4 Fri Jan 18 10:55:47 2013 +0000 @@ -0,0 +1,20 @@ +AC_DEFUN([AX_CHECK_EXTFS], [ +AC_CHECK_HEADER([ext2fs/ext2fs.h], [ +AC_CHECK_LIB([ext2fs], [ext2fs_open2], [ + AC_DEFINE([INCLUDE_EXTFS_H], [], + [Define extfs header to use]) + EXTFS_LIBS="-lext2fs" +]) +]) +dnl This is a temporary hack for CentOS 5.x, which split the ext4 support +dnl of ext2fs in a different package. Once CentOS 5.x is no longer supported +dnl we can remove this. +AC_CHECK_HEADER([ext4fs/ext2fs.h], [ +AC_CHECK_LIB([ext4fs], [ext2fs_open2], [ + AC_DEFINE([INCLUDE_EXTFS_H], [], + [Define extfs header to use]) + EXTFS_LIBS="-lext4fs" +]) +]) +AC_SUBST(EXTFS_LIBS) +]) diff -r 712419ef207b -r e1d7053e4d45 m4/features.m4 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/m4/features.m4 Fri Jan 18 10:55:47 2013 +0000 @@ -0,0 +1,21 @@ +AC_DEFUN([AX_ARG_DEFAULT_ENABLE], [ +AC_ARG_ENABLE([$1], AS_HELP_STRING([--disable-$1], [$2 (default is ENABLED)])) +AX_PARSE_VALUE([$1], [y]) +]) + +AC_DEFUN([AX_ARG_DEFAULT_DISABLE], [ +AC_ARG_ENABLE([$1], AS_HELP_STRING([--enable-$1], [$2 (default is DISABLED)])) +AX_PARSE_VALUE([$1], [n]) +]) + +dnl This function should not be called outside of this file +AC_DEFUN([AX_PARSE_VALUE], [ +AS_IF([test "x$enable_$1" = "xno"], [ + ax_cv_$1="n" +], [test "x$enable_$1" = "xyes"], [ + ax_cv_$1="y" +], [test -z $ax_cv_$1], [ + ax_cv_$1="$2" +]) +$1=$ax_cv_$1 +AC_SUBST($1)]) diff -r 712419ef207b -r e1d7053e4d45 m4/fetcher.m4 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/m4/fetcher.m4 Fri Jan 18 10:55:47 2013 +0000 @@ -0,0 +1,14 @@ +AC_DEFUN([AX_CHECK_FETCHER], [ +AC_PATH_PROG([WGET],[wget], [no]) +AS_IF([test x"$WGET" != x"no"], [ + FETCHER="$WGET -c -O" +], [ + AC_PATH_PROG([FTP],[ftp], [no]) + AS_IF([test x"$FTP" != x"no"], [ + FETCHER="$FTP -o" + ], [ + AC_MSG_ERROR([cannot find wget or ftp]) + ]) +]) +AC_SUBST(FETCHER) +]) diff -r 712419ef207b -r e1d7053e4d45 m4/ocaml.m4 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/m4/ocaml.m4 Fri Jan 18 10:55:47 2013 +0000 @@ -0,0 +1,241 @@ +dnl autoconf macros for OCaml +dnl from http://forge.ocamlcore.org/ +dnl +dnl Copyright © 2009 Richard W.M. Jones +dnl Copyright © 2009 Stefano Zacchiroli +dnl Copyright © 2000-2005 Olivier Andrieu +dnl Copyright © 2000-2005 Jean-Christophe Filliâtre +dnl Copyright © 2000-2005 Georges Mariano +dnl +dnl For documentation, please read the ocaml.m4 man page. + +AC_DEFUN([AC_PROG_OCAML], +[dnl + # checking for ocamlc + AC_CHECK_TOOL([OCAMLC],[ocamlc],[no]) + + if test "$OCAMLC" != "no"; then + OCAMLVERSION=`$OCAMLC -v | sed -n -e 's|.*version* *\(.*\)$|\1|p'` + AC_MSG_RESULT([OCaml version is $OCAMLVERSION]) + # If OCAMLLIB is set, use it + if test "$OCAMLLIB" = ""; then + OCAMLLIB=`$OCAMLC -where 2>/dev/null || $OCAMLC -v|tail -1|cut -d ' ' -f 4` + else + AC_MSG_RESULT([OCAMLLIB previously set; preserving it.]) + fi + AC_MSG_RESULT([OCaml library path is $OCAMLLIB]) + + AC_SUBST([OCAMLVERSION]) + AC_SUBST([OCAMLLIB]) + + # checking for ocamlopt + AC_CHECK_TOOL([OCAMLOPT],[ocamlopt],[no]) + OCAMLBEST=byte + if test "$OCAMLOPT" = "no"; then + AC_MSG_WARN([Cannot find ocamlopt; bytecode compilation only.]) + else + TMPVERSION=`$OCAMLOPT -v | sed -n -e 's|.*version* *\(.*\)$|\1|p' ` + if test "$TMPVERSION" != "$OCAMLVERSION" ; then + AC_MSG_RESULT([versions differs from ocamlc; ocamlopt discarded.]) + OCAMLOPT=no + else + OCAMLBEST=opt + fi + fi + + AC_SUBST([OCAMLBEST]) + + # checking for ocamlc.opt + AC_CHECK_TOOL([OCAMLCDOTOPT],[ocamlc.opt],[no]) + if test "$OCAMLCDOTOPT" != "no"; then + TMPVERSION=`$OCAMLCDOTOPT -v | sed -n -e 's|.*version* *\(.*\)$|\1|p' ` + if test "$TMPVERSION" != "$OCAMLVERSION" ; then + AC_MSG_RESULT([versions differs from ocamlc; ocamlc.opt discarded.]) + else + OCAMLC=$OCAMLCDOTOPT + fi + fi + + # checking for ocamlopt.opt + if test "$OCAMLOPT" != "no" ; then + AC_CHECK_TOOL([OCAMLOPTDOTOPT],[ocamlopt.opt],[no]) + if test "$OCAMLOPTDOTOPT" != "no"; then + TMPVERSION=`$OCAMLOPTDOTOPT -v | sed -n -e 's|.*version* *\(.*\)$|\1|p' ` + if test "$TMPVERSION" != "$OCAMLVERSION" ; then + AC_MSG_RESULT([version differs from ocamlc; ocamlopt.opt discarded.]) + else + OCAMLOPT=$OCAMLOPTDOTOPT + fi + fi + fi + + AC_SUBST([OCAMLOPT]) + fi + + AC_SUBST([OCAMLC]) + + # checking for ocaml toplevel + AC_CHECK_TOOL([OCAML],[ocaml],[no]) + + # checking for ocamldep + AC_CHECK_TOOL([OCAMLDEP],[ocamldep],[no]) + + # checking for ocamlmktop + AC_CHECK_TOOL([OCAMLMKTOP],[ocamlmktop],[no]) + + # checking for ocamlmklib + AC_CHECK_TOOL([OCAMLMKLIB],[ocamlmklib],[no]) + + # checking for ocamldoc + AC_CHECK_TOOL([OCAMLDOC],[ocamldoc],[no]) + + # checking for ocamlbuild + AC_CHECK_TOOL([OCAMLBUILD],[ocamlbuild],[no]) +]) + + +AC_DEFUN([AC_PROG_OCAMLLEX], +[dnl + # checking for ocamllex + AC_CHECK_TOOL([OCAMLLEX],[ocamllex],[no]) + if test "$OCAMLLEX" != "no"; then + AC_CHECK_TOOL([OCAMLLEXDOTOPT],[ocamllex.opt],[no]) + if test "$OCAMLLEXDOTOPT" != "no"; then + OCAMLLEX=$OCAMLLEXDOTOPT + fi + fi + AC_SUBST([OCAMLLEX]) +]) + +AC_DEFUN([AC_PROG_OCAMLYACC], +[dnl + AC_CHECK_TOOL([OCAMLYACC],[ocamlyacc],[no]) + AC_SUBST([OCAMLYACC]) +]) + + +AC_DEFUN([AC_PROG_CAMLP4], +[dnl + AC_REQUIRE([AC_PROG_OCAML])dnl + + # checking for camlp4 + AC_CHECK_TOOL([CAMLP4],[camlp4],[no]) + if test "$CAMLP4" != "no"; then + TMPVERSION=`$CAMLP4 -v 2>&1| sed -n -e 's|.*version *\(.*\)$|\1|p'` + if test "$TMPVERSION" != "$OCAMLVERSION" ; then + AC_MSG_RESULT([versions differs from ocamlc]) + CAMLP4=no + fi + fi + AC_SUBST([CAMLP4]) + + # checking for companion tools + AC_CHECK_TOOL([CAMLP4BOOT],[camlp4boot],[no]) + AC_CHECK_TOOL([CAMLP4O],[camlp4o],[no]) + AC_CHECK_TOOL([CAMLP4OF],[camlp4of],[no]) + AC_CHECK_TOOL([CAMLP4OOF],[camlp4oof],[no]) + AC_CHECK_TOOL([CAMLP4ORF],[camlp4orf],[no]) + AC_CHECK_TOOL([CAMLP4PROF],[camlp4prof],[no]) + AC_CHECK_TOOL([CAMLP4R],[camlp4r],[no]) + AC_CHECK_TOOL([CAMLP4RF],[camlp4rf],[no]) + AC_SUBST([CAMLP4BOOT]) + AC_SUBST([CAMLP4O]) + AC_SUBST([CAMLP4OF]) + AC_SUBST([CAMLP4OOF]) + AC_SUBST([CAMLP4ORF]) + AC_SUBST([CAMLP4PROF]) + AC_SUBST([CAMLP4R]) + AC_SUBST([CAMLP4RF]) +]) + + +AC_DEFUN([AC_PROG_FINDLIB], +[dnl + AC_REQUIRE([AC_PROG_OCAML])dnl + + # checking for ocamlfind + AC_CHECK_TOOL([OCAMLFIND],[ocamlfind],[no]) + AC_SUBST([OCAMLFIND]) +]) + + +dnl Thanks to Jim Meyering for working this next bit out for us. +dnl XXX We should define AS_TR_SH if it's not defined already +dnl (eg. for old autoconf). +AC_DEFUN([AC_CHECK_OCAML_PKG], +[dnl + AC_REQUIRE([AC_PROG_FINDLIB])dnl + + AC_MSG_CHECKING([for OCaml findlib package $1]) + + unset found + unset pkg + found=no + for pkg in $1 $2 ; do + if $OCAMLFIND query $pkg >/dev/null 2>/dev/null; then + AC_MSG_RESULT([found]) + AS_TR_SH([OCAML_PKG_$1])=$pkg + found=yes + break + fi + done + if test "$found" = "no" ; then + AC_MSG_RESULT([not found]) + AS_TR_SH([OCAML_PKG_$1])=no + fi + + AC_SUBST(AS_TR_SH([OCAML_PKG_$1])) +]) + + +AC_DEFUN([AC_CHECK_OCAML_MODULE], +[dnl + AC_MSG_CHECKING([for OCaml module $2]) + + cat > conftest.ml <&5 2>&5 ; then + found=yes + break + fi + done + + if test "$found" ; then + AC_MSG_RESULT([$$1]) + else + AC_MSG_RESULT([not found]) + $1=no + fi + AC_SUBST([$1]) +]) + + +dnl XXX Cross-compiling +AC_DEFUN([AC_CHECK_OCAML_WORD_SIZE], +[dnl + AC_REQUIRE([AC_PROG_OCAML])dnl + AC_MSG_CHECKING([for OCaml compiler word size]) + cat > conftest.ml < conftest.ml <. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +# +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that program. + +# PKG_PROG_PKG_CONFIG([MIN-VERSION]) +# ---------------------------------- +AC_DEFUN([PKG_PROG_PKG_CONFIG], +[m4_pattern_forbid([^_?PKG_[A-Z_]+$]) +m4_pattern_allow([^PKG_CONFIG(_PATH)?$]) +AC_ARG_VAR([PKG_CONFIG], [path to pkg-config utility]) +AC_ARG_VAR([PKG_CONFIG_PATH], [directories to add to pkg-config's search path]) +AC_ARG_VAR([PKG_CONFIG_LIBDIR], [path overriding pkg-config's built-in search path]) + +if test "x$ac_cv_env_PKG_CONFIG_set" != "xset"; then + AC_PATH_TOOL([PKG_CONFIG], [pkg-config]) +fi +if test -n "$PKG_CONFIG"; then + _pkg_min_version=m4_default([$1], [0.9.0]) + AC_MSG_CHECKING([pkg-config is at least version $_pkg_min_version]) + if $PKG_CONFIG --atleast-pkgconfig-version $_pkg_min_version; then + AC_MSG_RESULT([yes]) + else + AC_MSG_RESULT([no]) + PKG_CONFIG="" + fi +fi[]dnl +])# PKG_PROG_PKG_CONFIG + +# PKG_CHECK_EXISTS(MODULES, [ACTION-IF-FOUND], [ACTION-IF-NOT-FOUND]) +# +# Check to see whether a particular set of modules exists. Similar +# to PKG_CHECK_MODULES(), but does not set variables or print errors. +# +# Please remember that m4 expands AC_REQUIRE([PKG_PROG_PKG_CONFIG]) +# only at the first occurence in configure.ac, so if the first place +# it's called might be skipped (such as if it is within an "if", you +# have to call PKG_CHECK_EXISTS manually +# -------------------------------------------------------------- +AC_DEFUN([PKG_CHECK_EXISTS], +[AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl +if test -n "$PKG_CONFIG" && \ + AC_RUN_LOG([$PKG_CONFIG --exists --print-errors "$1"]); then + m4_default([$2], [:]) +m4_ifvaln([$3], [else + $3])dnl +fi]) + +# _PKG_CONFIG([VARIABLE], [COMMAND], [MODULES]) +# --------------------------------------------- +m4_define([_PKG_CONFIG], +[if test -n "$$1"; then + pkg_cv_[]$1="$$1" + elif test -n "$PKG_CONFIG"; then + PKG_CHECK_EXISTS([$3], + [pkg_cv_[]$1=`$PKG_CONFIG --[]$2 "$3" 2>/dev/null`], + [pkg_failed=yes]) + else + pkg_failed=untried +fi[]dnl +])# _PKG_CONFIG + +# _PKG_SHORT_ERRORS_SUPPORTED +# ----------------------------- +AC_DEFUN([_PKG_SHORT_ERRORS_SUPPORTED], +[AC_REQUIRE([PKG_PROG_PKG_CONFIG]) +if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then + _pkg_short_errors_supported=yes +else + _pkg_short_errors_supported=no +fi[]dnl +])# _PKG_SHORT_ERRORS_SUPPORTED + + +# PKG_CHECK_MODULES(VARIABLE-PREFIX, MODULES, [ACTION-IF-FOUND], +# [ACTION-IF-NOT-FOUND]) +# +# +# Note that if there is a possibility the first call to +# PKG_CHECK_MODULES might not happen, you should be sure to include an +# explicit call to PKG_PROG_PKG_CONFIG in your configure.ac +# +# +# -------------------------------------------------------------- +AC_DEFUN([PKG_CHECK_MODULES], +[AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl +AC_ARG_VAR([$1][_CFLAGS], [C compiler flags for $1, overriding pkg-config])dnl +AC_ARG_VAR([$1][_LIBS], [linker flags for $1, overriding pkg-config])dnl + +pkg_failed=no +AC_MSG_CHECKING([for $1]) + +_PKG_CONFIG([$1][_CFLAGS], [cflags], [$2]) +_PKG_CONFIG([$1][_LIBS], [libs], [$2]) + +m4_define([_PKG_TEXT], [Alternatively, you may set the environment variables $1[]_CFLAGS +and $1[]_LIBS to avoid the need to call pkg-config. +See the pkg-config man page for more details.]) + +if test $pkg_failed = yes; then + AC_MSG_RESULT([no]) + _PKG_SHORT_ERRORS_SUPPORTED + if test $_pkg_short_errors_supported = yes; then + $1[]_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors "$2" 2>&1` + else + $1[]_PKG_ERRORS=`$PKG_CONFIG --print-errors "$2" 2>&1` + fi + # Put the nasty error message in config.log where it belongs + echo "$$1[]_PKG_ERRORS" >&AS_MESSAGE_LOG_FD + + m4_default([$4], [AC_MSG_ERROR( +[Package requirements ($2) were not met: + +$$1_PKG_ERRORS + +Consider adjusting the PKG_CONFIG_PATH environment variable if you +installed software in a non-standard prefix. + +_PKG_TEXT])dnl + ]) +elif test $pkg_failed = untried; then + AC_MSG_RESULT([no]) + m4_default([$4], [AC_MSG_FAILURE( +[The pkg-config script could not be found or is too old. Make sure it +is in your PATH or set the PKG_CONFIG environment variable to the full +path to pkg-config. + +_PKG_TEXT + +To get pkg-config, see .])dnl + ]) +else + $1[]_CFLAGS=$pkg_cv_[]$1[]_CFLAGS + $1[]_LIBS=$pkg_cv_[]$1[]_LIBS + AC_MSG_RESULT([yes]) + $3 +fi[]dnl +])# PKG_CHECK_MODULES diff -r 712419ef207b -r e1d7053e4d45 m4/pthread.m4 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/m4/pthread.m4 Fri Jan 18 10:55:47 2013 +0000 @@ -0,0 +1,41 @@ +# We define, separately, PTHREAD_CFLAGS, _LDFLAGS and _LIBS +# even though currently we don't set them very separately. +# This means that the makefiles will not need to change in +# the future if we make the test more sophisticated. + +AC_DEFUN([AX_PTHREAD_CV2VARS],[ + PTHREAD_CFLAGS="$ax_cv_pthread_flags" + PTHREAD_LDFLAGS="$ax_cv_pthread_flags" + PTHREAD_LIBS="" +]) + +# We invoke AX_PTHREAD_VARS with the name of another macro +# which is then expanded once for each variable. +AC_DEFUN([AX_PTHREAD_VARS],[$1(CFLAGS) $1(LDFLAGS) $1(LIBS)]) + +AC_DEFUN([AX_PTHREAD_VAR_APPLY],[ + $1="$$1 $PTHREAD_$1" +]) +AC_DEFUN([AX_PTHREAD_VAR_SUBST],[AC_SUBST(PTHREAD_$1)]) + +AC_DEFUN([AX_CHECK_PTHREAD],[ + AC_CACHE_CHECK([for pthread flag], [ax_cv_pthread_flags], [ + ax_cv_pthread_flags=-pthread + AX_PTHREAD_CV2VARS + AX_PTHREAD_VARS([AX_SAVEVAR_SAVE]) + AX_PTHREAD_VARS([AX_PTHREAD_VAR_APPLY]) + AC_LINK_IFELSE([AC_LANG_SOURCE([ +#include +int main(void) { + pthread_atfork(0,0,0); + pthread_create(0,0,0,0); +} +])],[],[ax_cv_pthread_flags=failed]) + AX_PTHREAD_VARS([AX_SAVEVAR_RESTORE]) + ]) + if test "x$ax_cv_pthread_flags" = xfailed; then + AC_MSG_ERROR([-pthread does not work]) + fi + AX_PTHREAD_CV2VARS + AX_PTHREAD_VARS([AX_PTHREAD_VAR_SUBST]) +]) diff -r 712419ef207b -r e1d7053e4d45 m4/ptyfuncs.m4 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/m4/ptyfuncs.m4 Fri Jan 18 10:55:47 2013 +0000 @@ -0,0 +1,35 @@ +AC_DEFUN([AX_CHECK_PTYFUNCS], [ + dnl This is a workaround for a bug in Debian package + dnl libbsd-dev-0.3.0-1. Once we no longer support that + dnl package we can remove the addition of -Werror to + dnl CPPFLAGS. + AX_SAVEVAR_SAVE(CPPFLAGS) + CPPFLAGS="$CPPFLAGS -Werror" + AC_CHECK_HEADER([libutil.h],[ + AC_DEFINE([INCLUDE_LIBUTIL_H],[],[libutil header file name]) + ]) + AX_SAVEVAR_RESTORE(CPPFLAGS) + AC_CACHE_CHECK([for openpty et al], [ax_cv_ptyfuncs_libs], [ + for ax_cv_ptyfuncs_libs in -lutil "" NOT_FOUND; do + if test "x$ax_cv_ptyfuncs_libs" = "xNOT_FOUND"; then + AC_MSG_FAILURE([Unable to find library for openpty and login_tty]) + fi + AX_SAVEVAR_SAVE(LIBS) + LIBS="$LIBS $ax_cv_ptyfuncs_libs" + AC_LINK_IFELSE([AC_LANG_SOURCE([ +#ifdef INCLUDE_LIBUTIL_H +#include INCLUDE_LIBUTIL_H +#endif +int main(void) { + openpty(0,0,0,0,0); + login_tty(0); +} +])],[ + break + ],[]) + AX_SAVEVAR_RESTORE(LIBS) + done + ]) + PTYFUNCS_LIBS="$ax_cv_ptyfuncs_libs" + AC_SUBST(PTYFUNCS_LIBS) +]) diff -r 712419ef207b -r e1d7053e4d45 m4/python_devel.m4 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/m4/python_devel.m4 Fri Jan 18 10:55:47 2013 +0000 @@ -0,0 +1,36 @@ +AC_DEFUN([AX_CHECK_PYTHON_DEVEL], [ +ac_previous_cppflags=$CPPFLAGS +ac_previous_ldflags=$LDFLAGS +ac_python_version=`$PYTHON -c 'import distutils.sysconfig; \ + print distutils.sysconfig.get_config_var("VERSION")'` +AC_PATH_PROG([pyconfig], [$PYTHON-config], [no]) +AS_IF([test x"$pyconfig" == x"no"], [ + dnl For those that don't have python-config + CPPFLAGS="$CFLAGS `$PYTHON -c 'import distutils.sysconfig; \ + print "-I" + distutils.sysconfig.get_config_var("INCLUDEPY")'`" + CPPFLAGS="$CPPFLAGS `$PYTHON -c 'import distutils.sysconfig; \ + print distutils.sysconfig.get_config_var("CFLAGS")'`" + LDFLAGS="$LDFLAGS `$PYTHON -c 'import distutils.sysconfig; \ + print distutils.sysconfig.get_config_var("LIBS")'`" + LDFLAGS="$LDFLAGS `$PYTHON -c 'import distutils.sysconfig; \ + print distutils.sysconfig.get_config_var("SYSLIBS")'`" + LDFLAGS="$LDFLAGS `$PYTHON -c 'import distutils.sysconfig; \ + print "-L" + distutils.sysconfig.get_python_lib(plat_specific=1,\ + standard_lib=1) + "/config"'`" + LDFLAGS="$LDFLAGS `$PYTHON -c 'import distutils.sysconfig; \ + print distutils.sysconfig.get_config_var("LINKFORSHARED")'`" + LDFLAGS="$LDFLAGS `$PYTHON -c 'import distutils.sysconfig; \ + print distutils.sysconfig.get_config_var("LDFLAGS")'`" +], [ + dnl If python-config is found use it + CPPFLAGS="$CFLAGS `$PYTHON-config --cflags`" + LDFLAGS="$LDFLAGS `$PYTHON-config --ldflags`" +]) + +AC_CHECK_HEADER([Python.h], [], + [AC_MSG_ERROR([Unable to find Python development headers])],) +AC_CHECK_LIB(python$ac_python_version, PyArg_ParseTuple, [], + [AC_MSG_ERROR([Unable to find a suitable python development library])]) +CPPFLAGS=$ac_previous_cppflags +LDLFAGS=$ac_previous_ldflags +]) diff -r 712419ef207b -r e1d7053e4d45 m4/python_version.m4 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/m4/python_version.m4 Fri Jan 18 10:55:47 2013 +0000 @@ -0,0 +1,12 @@ +AC_DEFUN([AX_CHECK_PYTHON_VERSION], +[AC_MSG_CHECKING([for python version >= $1.$2 ]) +`$PYTHON -c 'import sys; sys.exit(eval("sys.version_info < ($1, $2)"))'` +if test "$?" != "0" +then + python_version=`$PYTHON -V 2>&1` + AC_MSG_RESULT([no]) + AC_MSG_ERROR( + [$python_version is too old, minimum required version is $1.$2]) +else + AC_MSG_RESULT([yes]) +fi]) diff -r 712419ef207b -r e1d7053e4d45 m4/savevar.m4 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/m4/savevar.m4 Fri Jan 18 10:55:47 2013 +0000 @@ -0,0 +1,6 @@ +AC_DEFUN([AX_SAVEVAR_SAVE],[ + saved_$1="$$1" +]) +AC_DEFUN([AX_SAVEVAR_RESTORE],[ + $1="$saved_$1" +]) diff -r 712419ef207b -r e1d7053e4d45 m4/set_cflags_ldflags.m4 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/m4/set_cflags_ldflags.m4 Fri Jan 18 10:55:47 2013 +0000 @@ -0,0 +1,20 @@ +AC_DEFUN([AX_SET_FLAGS], +[for cppflag in $PREPEND_INCLUDES +do + PREPEND_CPPFLAGS="$PREPEND_CPPFLAGS -I$cppflag" +done +for ldflag in $PREPEND_LIB +do + PREPEND_LDFLAGS="$PREPEND_LDFLAGS -L$ldflag" +done +for cppflag in $APPEND_INCLUDES +do + APPEND_CPPFLAGS="$APPEND_CPPFLAGS -I$cppflag" +done +for ldflag in $APPEND_LIB +do + APPEND_LDFLAGS="$APPEND_LDFLAGS -L$ldflag" +done +CPPFLAGS="$PREPEND_CPPFLAGS $CPPFLAGS $APPEND_CPPFLAGS" +LDFLAGS="$PREPEND_LDFLAGS $LDFLAGS $APPEND_LDFLAGS"]) + diff -r 712419ef207b -r e1d7053e4d45 m4/stubdom.m4 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/m4/stubdom.m4 Fri Jan 18 10:55:47 2013 +0000 @@ -0,0 +1,96 @@ +AC_DEFUN([AX_STUBDOM_DEFAULT_ENABLE], [ +AC_ARG_ENABLE([$1], +AS_HELP_STRING([--disable-$1], [Build and install $1 (default is ENABLED)]),[ +AX_STUBDOM_INTERNAL([$1], [$2]) +],[ +AX_ENABLE_STUBDOM([$1], [$2]) +]) +AC_SUBST([$2]) +]) + +AC_DEFUN([AX_STUBDOM_DEFAULT_DISABLE], [ +AC_ARG_ENABLE([$1], +AS_HELP_STRING([--enable-$1], [Build and install $1 (default is DISABLED)]),[ +AX_STUBDOM_INTERNAL([$1], [$2]) +],[ +AX_DISABLE_STUBDOM([$1], [$2]) +]) +AC_SUBST([$2]) +]) + +AC_DEFUN([AX_STUBDOM_CONDITIONAL], [ +AC_ARG_ENABLE([$1], +AS_HELP_STRING([--enable-$1], [Build and install $1]),[ +AX_STUBDOM_INTERNAL([$1], [$2]) +]) +]) + +AC_DEFUN([AX_STUBDOM_CONDITIONAL_FINISH], [ +AS_IF([test "x$$2" = "xy" || test "x$$2" = "x"], [ +AX_ENABLE_STUBDOM([$1],[$2]) +],[ +AX_DISABLE_STUBDOM([$1],[$2]) +]) +AC_SUBST([$2]) +]) + +AC_DEFUN([AX_STUBDOM_AUTO_DEPENDS], [ +AS_IF([test "x$$1" = "x" && test "x$$2" = "xn"], [ +$1="n" +]) +]) + + +AC_DEFUN([AX_ENABLE_STUBDOM], [ +$2=y +STUBDOM_TARGETS="$STUBDOM_TARGETS $2" +STUBDOM_BUILD="$STUBDOM_BUILD $1" +STUBDOM_INSTALL="$STUBDOM_INSTALL install-$2" +]) + +AC_DEFUN([AX_DISABLE_STUBDOM], [ +$2=n +]) + +dnl Don't call this outside of this file +AC_DEFUN([AX_STUBDOM_INTERNAL], [ +AS_IF([test "x$enableval" = "xyes"], [ +AX_ENABLE_STUBDOM([$1], [$2]) +],[ +AS_IF([test "x$enableval" = "xno"],[ +AX_DISABLE_STUBDOM([$1], [$2]) +]) +]) +]) + +AC_DEFUN([AX_STUBDOM_FINISH], [ +AC_SUBST(STUBDOM_TARGETS) +AC_SUBST(STUBDOM_BUILD) +AC_SUBST(STUBDOM_INSTALL) +echo "Will build the following stub domains:" +for x in $STUBDOM_BUILD; do + echo " $x" +done +]) + +AC_DEFUN([AX_STUBDOM_LIB], [ +AC_ARG_VAR([$1_URL], [Download url for $2]) +AS_IF([test "x$$1_URL" = "x"], [ + AS_IF([test "x$extfiles" = "xy"], + [$1_URL=\@S|@\@{:@XEN_EXTFILES_URL\@:}@], + [$1_URL="$4"]) + ]) +$1_VERSION="$3" +AC_SUBST($1_URL) +AC_SUBST($1_VERSION) +]) + +AC_DEFUN([AX_STUBDOM_LIB_NOEXT], [ +AC_ARG_VAR([$1_URL], [Download url for $2]) +AS_IF([test "x$$1_URL" = "x"], [ + $1_URL="$4" + ]) +$1_VERSION="$3" +AC_SUBST($1_URL) +AC_SUBST($1_VERSION) +]) diff -r 712419ef207b -r e1d7053e4d45 m4/uuid.m4 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/m4/uuid.m4 Fri Jan 18 10:55:47 2013 +0000 @@ -0,0 +1,9 @@ +AC_DEFUN([AX_CHECK_UUID], [ +AC_CHECK_HEADER([uuid/uuid.h],[ + AC_CHECK_LIB([uuid], [uuid_clear], [libuuid="y"]) +]) +AC_CHECK_HEADER([uuid.h],[libuuid="y"]) +AS_IF([test "$libuuid" != "y"], [ + AC_MSG_ERROR([cannot find a valid uuid library]) +]) +]) diff -r 712419ef207b -r e1d7053e4d45 stubdom/Makefile --- a/stubdom/Makefile Fri Jan 18 10:55:46 2013 +0000 +++ b/stubdom/Makefile Fri Jan 18 10:55:47 2013 +0000 @@ -6,44 +6,7 @@ export XEN_OS=MiniOS export stubdom=y export debug=y include $(XEN_ROOT)/Config.mk - -#ZLIB_URL?=http://www.zlib.net -ZLIB_URL=$(XEN_EXTFILES_URL) -ZLIB_VERSION=1.2.3 - -#LIBPCI_URL?=http://www.kernel.org/pub/software/utils/pciutils -LIBPCI_URL?=$(XEN_EXTFILES_URL) -LIBPCI_VERSION=2.2.9 - -#NEWLIB_URL?=ftp://sources.redhat.com/pub/newlib -NEWLIB_URL?=$(XEN_EXTFILES_URL) -NEWLIB_VERSION=1.16.0 - -#LWIP_URL?=http://download.savannah.gnu.org/releases/lwip -LWIP_URL?=$(XEN_EXTFILES_URL) -LWIP_VERSION=1.3.0 - -#GRUB_URL?=http://alpha.gnu.org/gnu/grub -GRUB_URL?=$(XEN_EXTFILES_URL) -GRUB_VERSION=0.97 - -#OCAML_URL?=$(XEN_EXTFILES_URL) -OCAML_URL?=http://caml.inria.fr/pub/distrib/ocaml-3.11 -OCAML_VERSION=3.11.0 - -GMP_VERSION=4.3.2 -GMP_URL?=$(XEN_EXTFILES_URL) -#GMP_URL?=ftp://ftp.gmplib.org/pub/gmp-$(GMP_VERSION) - -POLARSSL_VERSION=1.1.4 -POLARSSL_URL?=$(XEN_EXTFILES_URL) -#POLARSSL_URL?=http://polarssl.org/code/releases - -TPMEMU_VERSION=0.7.4 -TPMEMU_URL?=$(XEN_EXTFILES_URL) -#TPMEMU_URL?=http://download.berlios.de/tpm-emulator - -WGET=wget -c +-include $(XEN_ROOT)/config/Stubdom.mk GNU_TARGET_ARCH:=$(XEN_TARGET_ARCH) ifeq ($(XEN_TARGET_ARCH),x86_32) @@ -86,12 +49,12 @@ TARGET_CPPFLAGS += -I$(XEN_ROOT)/xen/inc TARGET_LDFLAGS += -nostdlib -L$(CROSS_PREFIX)/$(GNU_TARGET_ARCH)-xen-elf/lib -TARGETS=ioemu c caml grub xenstore vtpm vtpmmgr +TARGETS=$(STUBDOM_TARGETS) .PHONY: all all: build ifeq ($(STUBDOM_SUPPORTED),1) -build: genpath ioemu-stubdom c-stubdom pv-grub xenstore-stubdom +build: genpath $(STUBDOM_BUILD) else build: genpath endif @@ -241,11 +204,12 @@ tpm_emulator-$(TPMEMU_VERSION).tar.gz: $(WGET) $(TPMEMU_URL)/$@ tpm_emulator-$(XEN_TARGET_ARCH): tpm_emulator-$(TPMEMU_VERSION).tar.gz + @if [ ! -f "$(CMAKE)" ]; then echo "cmake not installed! Install it and then rerun ./configure!"; false; fi tar xzf $< mv tpm_emulator-$(TPMEMU_VERSION) $@ patch -d $@ -p1 < tpmemu-$(TPMEMU_VERSION).patch; mkdir $@/build - cd $@/build; CC=${CC} cmake .. -DCMAKE_C_FLAGS:STRING="-std=c99 -DTPM_NO_EXTERN $(TARGET_CPPFLAGS) $(TARGET_CFLAGS) -Wno-declaration-after-statement" + cd $@/build; CC=${CC} $(CMAKE) .. -DCMAKE_C_FLAGS:STRING="-std=c99 -DTPM_NO_EXTERN $(TARGET_CPPFLAGS) $(TARGET_CFLAGS) -Wno-declaration-after-statement" touch $@ TPMEMU_STAMPFILE=$(CROSS_ROOT)/$(GNU_TARGET_ARCH)-xen-elf/lib/libtpm.a @@ -466,8 +430,8 @@ c-stubdom: mini-os-$(XEN_TARGET_ARCH)-c vtpm-stubdom: mini-os-$(XEN_TARGET_ARCH)-vtpm vtpm DEF_CPPFLAGS="$(TARGET_CPPFLAGS)" DEF_CFLAGS="$(TARGET_CFLAGS)" DEF_LDFLAGS="$(TARGET_LDFLAGS)" MINIOS_CONFIG="$(CURDIR)/vtpm/minios.cfg" $(MAKE) -C $(MINI_OS) OBJ_DIR=$(CURDIR)/$< APP_OBJS="$(CURDIR)/vtpm/vtpm.a" APP_LDLIBS="-ltpm -ltpm_crypto -lgmp" -.PHONY: vtpmmgrdom -vtpmmgrdom: mini-os-$(XEN_TARGET_ARCH)-vtpmmgr vtpmmgr +.PHONY: vtpmmgr-stubdom +vtpmmgr-stubdom: mini-os-$(XEN_TARGET_ARCH)-vtpmmgr vtpmmgr DEF_CPPFLAGS="$(TARGET_CPPFLAGS)" DEF_CFLAGS="$(TARGET_CFLAGS)" DEF_LDFLAGS="$(TARGET_LDFLAGS)" MINIOS_CONFIG="$(CURDIR)/vtpmmgr/minios.cfg" $(MAKE) -C $(MINI_OS) OBJ_DIR=$(CURDIR)/$< APP_OBJS="$(CURDIR)/vtpmmgr/vtpmmgr.a" APP_LDLIBS="-lm" .PHONY: pv-grub @@ -483,7 +447,7 @@ xenstore-stubdom: mini-os-$(XEN_TARGET_A ######### ifeq ($(STUBDOM_SUPPORTED),1) -install: genpath install-readme install-ioemu install-grub install-xenstore +install: genpath install-readme $(STUBDOM_INSTALL) else install: genpath endif @@ -503,6 +467,8 @@ install-grub: pv-grub $(INSTALL_DIR) "$(DESTDIR)$(XENFIRMWAREDIR)" $(INSTALL_DATA) mini-os-$(XEN_TARGET_ARCH)-grub/mini-os.gz "$(DESTDIR)$(XENFIRMWAREDIR)/pv-grub-$(XEN_TARGET_ARCH).gz" +install-caml: caml-stubdom + install-xenstore: xenstore-stubdom $(INSTALL_DIR) "$(DESTDIR)/usr/lib/xen/boot" $(INSTALL_DATA) mini-os-$(XEN_TARGET_ARCH)-xenstore/mini-os.gz "$(DESTDIR)/usr/lib/xen/boot/xenstore-stubdom.gz" @@ -511,9 +477,9 @@ install-vtpm: vtpm-stubdom $(INSTALL_DIR) "$(DESTDIR)$(XENFIRMWAREDIR)" $(INSTALL_PROG) mini-os-$(XEN_TARGET_ARCH)-vtpm/mini-os.gz "$(DESTDIR)$(XENFIRMWAREDIR)/vtpm-stubdom.gz" -install-vtpmmgr: vtpm-stubdom +install-vtpmmgr: vtpmmgr-stubdom $(INSTALL_DIR) "$(DESTDIR)$(XENFIRMWAREDIR)" - $(INSTALL_PROG) mini-os-$(XEN_TARGET_ARCH)-vtpmmgr/mini-os.gz "$(DESTDIR)$(XENFIRMWAREDIR)/vtpmmgrdom.gz" + $(INSTALL_PROG) mini-os-$(XEN_TARGET_ARCH)-vtpmmgr/mini-os.gz "$(DESTDIR)$(XENFIRMWAREDIR)/vtpmmgr-stubdom.gz" ####### # clean @@ -581,3 +547,9 @@ downloadclean: patchclean .PHONY: distclean distclean: downloadclean + -rm ../config/Stubdom.mk + +ifeq (,$(findstring clean,$(MAKECMDGOALS))) +$(XEN_ROOT)/config/Stubdom.mk: + $(error You have to run ./configure before building or installing stubdom) +endif diff -r 712419ef207b -r e1d7053e4d45 stubdom/configure --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/configure Fri Jan 18 10:55:47 2013 +0000 @@ -0,0 +1,4616 @@ +#! /bin/sh +# Guess values for system-dependent variables and create Makefiles. +# Generated by GNU Autoconf 2.69 for Xen Hypervisor Stub Domains 4.3. +# +# Report bugs to . +# +# +# Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. +# +# +# This configure script is free software; the Free Software Foundation +# gives unlimited permission to copy, distribute and modify it. +## -------------------- ## +## M4sh Initialization. ## +## -------------------- ## + +# Be more Bourne compatible +DUALCASE=1; export DUALCASE # for MKS sh +if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : + emulate sh + NULLCMD=: + # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which + # is contrary to our usage. Disable this feature. + alias -g '${1+"$@"}'='"$@"' + setopt NO_GLOB_SUBST +else + case `(set -o) 2>/dev/null` in #( + *posix*) : + set -o posix ;; #( + *) : + ;; +esac +fi + + +as_nl=' +' +export as_nl +# Printing a long string crashes Solaris 7 /usr/bin/printf. +as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo +# Prefer a ksh shell builtin over an external printf program on Solaris, +# but without wasting forks for bash or zsh. +if test -z "$BASH_VERSION$ZSH_VERSION" \ + && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then + as_echo='print -r --' + as_echo_n='print -rn --' +elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then + as_echo='printf %s\n' + as_echo_n='printf %s' +else + if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then + as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"' + as_echo_n='/usr/ucb/echo -n' + else + as_echo_body='eval expr "X$1" : "X\\(.*\\)"' + as_echo_n_body='eval + arg=$1; + case $arg in #( + *"$as_nl"*) + expr "X$arg" : "X\\(.*\\)$as_nl"; + arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;; + esac; + expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl" + ' + export as_echo_n_body + as_echo_n='sh -c $as_echo_n_body as_echo' + fi + export as_echo_body + as_echo='sh -c $as_echo_body as_echo' +fi + +# The user is always right. +if test "${PATH_SEPARATOR+set}" != set; then + PATH_SEPARATOR=: + (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { + (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || + PATH_SEPARATOR=';' + } +fi + + +# IFS +# We need space, tab and new line, in precisely that order. Quoting is +# there to prevent editors from complaining about space-tab. +# (If _AS_PATH_WALK were called with IFS unset, it would disable word +# splitting by setting IFS to empty value.) +IFS=" "" $as_nl" + +# Find who we are. Look in the path if we contain no directory separator. +as_myself= +case $0 in #(( + *[\\/]* ) as_myself=$0 ;; + *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break + done +IFS=$as_save_IFS + + ;; +esac +# We did not find ourselves, most probably we were run as `sh COMMAND' +# in which case we are not to be found in the path. +if test "x$as_myself" = x; then + as_myself=$0 +fi +if test ! -f "$as_myself"; then + $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 + exit 1 +fi + +# Unset variables that we do not need and which cause bugs (e.g. in +# pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1" +# suppresses any "Segmentation fault" message there. '((' could +# trigger a bug in pdksh 5.2.14. +for as_var in BASH_ENV ENV MAIL MAILPATH +do eval test x\${$as_var+set} = xset \ + && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : +done +PS1='$ ' +PS2='> ' +PS4='+ ' + +# NLS nuisances. +LC_ALL=C +export LC_ALL +LANGUAGE=C +export LANGUAGE + +# CDPATH. +(unset CDPATH) >/dev/null 2>&1 && unset CDPATH + +# Use a proper internal environment variable to ensure we don't fall + # into an infinite loop, continuously re-executing ourselves. + if test x"${_as_can_reexec}" != xno && test "x$CONFIG_SHELL" != x; then + _as_can_reexec=no; export _as_can_reexec; + # We cannot yet assume a decent shell, so we have to provide a +# neutralization value for shells without unset; and this also +# works around shells that cannot unset nonexistent variables. +# Preserve -v and -x to the replacement shell. +BASH_ENV=/dev/null +ENV=/dev/null +(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV +case $- in # (((( + *v*x* | *x*v* ) as_opts=-vx ;; + *v* ) as_opts=-v ;; + *x* ) as_opts=-x ;; + * ) as_opts= ;; +esac +exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} +# Admittedly, this is quite paranoid, since all the known shells bail +# out after a failed `exec'. +$as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 +as_fn_exit 255 + fi + # We don't want this to propagate to other subprocesses. + { _as_can_reexec=; unset _as_can_reexec;} +if test "x$CONFIG_SHELL" = x; then + as_bourne_compatible="if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then : + emulate sh + NULLCMD=: + # Pre-4.2 versions of Zsh do word splitting on \${1+\"\$@\"}, which + # is contrary to our usage. Disable this feature. + alias -g '\${1+\"\$@\"}'='\"\$@\"' + setopt NO_GLOB_SUBST +else + case \`(set -o) 2>/dev/null\` in #( + *posix*) : + set -o posix ;; #( + *) : + ;; +esac +fi +" + as_required="as_fn_return () { (exit \$1); } +as_fn_success () { as_fn_return 0; } +as_fn_failure () { as_fn_return 1; } +as_fn_ret_success () { return 0; } +as_fn_ret_failure () { return 1; } + +exitcode=0 +as_fn_success || { exitcode=1; echo as_fn_success failed.; } +as_fn_failure && { exitcode=1; echo as_fn_failure succeeded.; } +as_fn_ret_success || { exitcode=1; echo as_fn_ret_success failed.; } +as_fn_ret_failure && { exitcode=1; echo as_fn_ret_failure succeeded.; } +if ( set x; as_fn_ret_success y && test x = \"\$1\" ); then : + +else + exitcode=1; echo positional parameters were not saved. +fi +test x\$exitcode = x0 || exit 1 +test -x / || exit 1" + as_suggested=" as_lineno_1=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_1a=\$LINENO + as_lineno_2=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_2a=\$LINENO + eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" && + test \"x\`expr \$as_lineno_1'\$as_run' + 1\`\" = \"x\$as_lineno_2'\$as_run'\"' || exit 1" + if (eval "$as_required") 2>/dev/null; then : + as_have_required=yes +else + as_have_required=no +fi + if test x$as_have_required = xyes && (eval "$as_suggested") 2>/dev/null; then : + +else + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +as_found=false +for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + as_found=: + case $as_dir in #( + /*) + for as_base in sh bash ksh sh5; do + # Try only shells that exist, to save several forks. + as_shell=$as_dir/$as_base + if { test -f "$as_shell" || test -f "$as_shell.exe"; } && + { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$as_shell"; } 2>/dev/null; then : + CONFIG_SHELL=$as_shell as_have_required=yes + if { $as_echo "$as_bourne_compatible""$as_suggested" | as_run=a "$as_shell"; } 2>/dev/null; then : + break 2 +fi +fi + done;; + esac + as_found=false +done +$as_found || { if { test -f "$SHELL" || test -f "$SHELL.exe"; } && + { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$SHELL"; } 2>/dev/null; then : + CONFIG_SHELL=$SHELL as_have_required=yes +fi; } +IFS=$as_save_IFS + + + if test "x$CONFIG_SHELL" != x; then : + export CONFIG_SHELL + # We cannot yet assume a decent shell, so we have to provide a +# neutralization value for shells without unset; and this also +# works around shells that cannot unset nonexistent variables. +# Preserve -v and -x to the replacement shell. +BASH_ENV=/dev/null +ENV=/dev/null +(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV +case $- in # (((( + *v*x* | *x*v* ) as_opts=-vx ;; + *v* ) as_opts=-v ;; + *x* ) as_opts=-x ;; + * ) as_opts= ;; +esac +exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} +# Admittedly, this is quite paranoid, since all the known shells bail +# out after a failed `exec'. +$as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 +exit 255 +fi + + if test x$as_have_required = xno; then : + $as_echo "$0: This script requires a shell more modern than all" + $as_echo "$0: the shells that I found on your system." + if test x${ZSH_VERSION+set} = xset ; then + $as_echo "$0: In particular, zsh $ZSH_VERSION has bugs and should" + $as_echo "$0: be upgraded to zsh 4.3.4 or later." + else + $as_echo "$0: Please tell bug-autoconf@gnu.org and +$0: xen-devel@lists.xen.org about your system, including +$0: any error possibly output before this message. Then +$0: install a modern shell, or manually run the script +$0: under such a shell if you do have one." + fi + exit 1 +fi +fi +fi +SHELL=${CONFIG_SHELL-/bin/sh} +export SHELL +# Unset more variables known to interfere with behavior of common tools. +CLICOLOR_FORCE= GREP_OPTIONS= +unset CLICOLOR_FORCE GREP_OPTIONS + +## --------------------- ## +## M4sh Shell Functions. ## +## --------------------- ## +# as_fn_unset VAR +# --------------- +# Portably unset VAR. +as_fn_unset () +{ + { eval $1=; unset $1;} +} +as_unset=as_fn_unset + +# as_fn_set_status STATUS +# ----------------------- +# Set $? to STATUS, without forking. +as_fn_set_status () +{ + return $1 +} # as_fn_set_status + +# as_fn_exit STATUS +# ----------------- +# Exit the shell with STATUS, even in a "trap 0" or "set -e" context. +as_fn_exit () +{ + set +e + as_fn_set_status $1 + exit $1 +} # as_fn_exit + +# as_fn_mkdir_p +# ------------- +# Create "$as_dir" as a directory, including parents if necessary. +as_fn_mkdir_p () +{ + + case $as_dir in #( + -*) as_dir=./$as_dir;; + esac + test -d "$as_dir" || eval $as_mkdir_p || { + as_dirs= + while :; do + case $as_dir in #( + *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( + *) as_qdir=$as_dir;; + esac + as_dirs="'$as_qdir' $as_dirs" + as_dir=`$as_dirname -- "$as_dir" || +$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$as_dir" : 'X\(//\)[^/]' \| \ + X"$as_dir" : 'X\(//\)$' \| \ + X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$as_dir" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + test -d "$as_dir" && break + done + test -z "$as_dirs" || eval "mkdir $as_dirs" + } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" + + +} # as_fn_mkdir_p + +# as_fn_executable_p FILE +# ----------------------- +# Test if FILE is an executable regular file. +as_fn_executable_p () +{ + test -f "$1" && test -x "$1" +} # as_fn_executable_p +# as_fn_append VAR VALUE +# ---------------------- +# Append the text in VALUE to the end of the definition contained in VAR. Take +# advantage of any shell optimizations that allow amortized linear growth over +# repeated appends, instead of the typical quadratic growth present in naive +# implementations. +if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then : + eval 'as_fn_append () + { + eval $1+=\$2 + }' +else + as_fn_append () + { + eval $1=\$$1\$2 + } +fi # as_fn_append + +# as_fn_arith ARG... +# ------------------ +# Perform arithmetic evaluation on the ARGs, and store the result in the +# global $as_val. Take advantage of shells that can avoid forks. The arguments +# must be portable across $(()) and expr. +if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then : + eval 'as_fn_arith () + { + as_val=$(( $* )) + }' +else + as_fn_arith () + { + as_val=`expr "$@" || test $? -eq 1` + } +fi # as_fn_arith + + +# as_fn_error STATUS ERROR [LINENO LOG_FD] +# ---------------------------------------- +# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are +# provided, also output the error to LOG_FD, referencing LINENO. Then exit the +# script with STATUS, using 1 if that was 0. +as_fn_error () +{ + as_status=$1; test $as_status -eq 0 && as_status=1 + if test "$4"; then + as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 + fi + $as_echo "$as_me: error: $2" >&2 + as_fn_exit $as_status +} # as_fn_error + +if expr a : '\(a\)' >/dev/null 2>&1 && + test "X`expr 00001 : '.*\(...\)'`" = X001; then + as_expr=expr +else + as_expr=false +fi + +if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then + as_basename=basename +else + as_basename=false +fi + +if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then + as_dirname=dirname +else + as_dirname=false +fi + +as_me=`$as_basename -- "$0" || +$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ + X"$0" : 'X\(//\)$' \| \ + X"$0" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X/"$0" | + sed '/^.*\/\([^/][^/]*\)\/*$/{ + s//\1/ + q + } + /^X\/\(\/\/\)$/{ + s//\1/ + q + } + /^X\/\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + +# Avoid depending upon Character Ranges. +as_cr_letters='abcdefghijklmnopqrstuvwxyz' +as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' +as_cr_Letters=$as_cr_letters$as_cr_LETTERS +as_cr_digits='0123456789' +as_cr_alnum=$as_cr_Letters$as_cr_digits + + + as_lineno_1=$LINENO as_lineno_1a=$LINENO + as_lineno_2=$LINENO as_lineno_2a=$LINENO + eval 'test "x$as_lineno_1'$as_run'" != "x$as_lineno_2'$as_run'" && + test "x`expr $as_lineno_1'$as_run' + 1`" = "x$as_lineno_2'$as_run'"' || { + # Blame Lee E. McMahon (1931-1989) for sed's syntax. :-) + sed -n ' + p + /[$]LINENO/= + ' <$as_myself | + sed ' + s/[$]LINENO.*/&-/ + t lineno + b + :lineno + N + :loop + s/[$]LINENO\([^'$as_cr_alnum'_].*\n\)\(.*\)/\2\1\2/ + t loop + s/-\n.*// + ' >$as_me.lineno && + chmod +x "$as_me.lineno" || + { $as_echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; } + + # If we had to re-execute with $CONFIG_SHELL, we're ensured to have + # already done that, so ensure we don't try to do so again and fall + # in an infinite loop. This has already happened in practice. + _as_can_reexec=no; export _as_can_reexec + # Don't try to exec as it changes $[0], causing all sort of problems + # (the dirname of $[0] is not the place where we might find the + # original and so on. Autoconf is especially sensitive to this). + . "./$as_me.lineno" + # Exit status is that of the last command. + exit +} + +ECHO_C= ECHO_N= ECHO_T= +case `echo -n x` in #((((( +-n*) + case `echo 'xy\c'` in + *c*) ECHO_T=' ';; # ECHO_T is single tab character. + xy) ECHO_C='\c';; + *) echo `echo ksh88 bug on AIX 6.1` > /dev/null + ECHO_T=' ';; + esac;; +*) + ECHO_N='-n';; +esac + +rm -f conf$$ conf$$.exe conf$$.file +if test -d conf$$.dir; then + rm -f conf$$.dir/conf$$.file +else + rm -f conf$$.dir + mkdir conf$$.dir 2>/dev/null +fi +if (echo >conf$$.file) 2>/dev/null; then + if ln -s conf$$.file conf$$ 2>/dev/null; then + as_ln_s='ln -s' + # ... but there are two gotchas: + # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. + # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. + # In both cases, we have to default to `cp -pR'. + ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || + as_ln_s='cp -pR' + elif ln conf$$.file conf$$ 2>/dev/null; then + as_ln_s=ln + else + as_ln_s='cp -pR' + fi +else + as_ln_s='cp -pR' +fi +rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file +rmdir conf$$.dir 2>/dev/null + +if mkdir -p . 2>/dev/null; then + as_mkdir_p='mkdir -p "$as_dir"' +else + test -d ./-p && rmdir ./-p + as_mkdir_p=false +fi + +as_test_x='test -x' +as_executable_p=as_fn_executable_p + +# Sed expression to map a string onto a valid CPP name. +as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" + +# Sed expression to map a string onto a valid variable name. +as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" + + +test -n "$DJDIR" || exec 7<&0 &1 + +# Name of the host. +# hostname on some systems (SVR3.2, old GNU/Linux) returns a bogus exit status, +# so uname gets run too. +ac_hostname=`(hostname || uname -n) 2>/dev/null | sed 1q` + +# +# Initializations. +# +ac_default_prefix=/usr/local +ac_clean_files= +ac_config_libobj_dir=. +LIBOBJS= +cross_compiling=no +subdirs= +MFLAGS= +MAKEFLAGS= + +# Identity of this package. +PACKAGE_NAME='Xen Hypervisor Stub Domains' +PACKAGE_TARNAME='xen' +PACKAGE_VERSION='4.3' +PACKAGE_STRING='Xen Hypervisor Stub Domains 4.3' +PACKAGE_BUGREPORT='xen-devel@lists.xen.org' +PACKAGE_URL='http://www.xen.org/' + +ac_unique_file="../extras/mini-os/kernel.c" +ac_default_prefix=/usr +ac_subst_vars='LTLIBOBJS +LIBOBJS +STUBDOM_INSTALL +STUBDOM_BUILD +STUBDOM_TARGETS +vtpmmgr +vtpm +TPMEMU_VERSION +TPMEMU_URL +POLARSSL_VERSION +POLARSSL_URL +GMP_VERSION +GMP_URL +OCAML_VERSION +OCAML_URL +GRUB_VERSION +GRUB_URL +LWIP_VERSION +LWIP_URL +NEWLIB_VERSION +NEWLIB_URL +LIBPCI_VERSION +LIBPCI_URL +ZLIB_VERSION +ZLIB_URL +INSTALL_DATA +INSTALL_SCRIPT +INSTALL_PROGRAM +SET_MAKE +OBJEXT +EXEEXT +ac_ct_CC +CPPFLAGS +LDFLAGS +CFLAGS +CC +WGET +CMAKE +extfiles +debug +xenstore +grub +caml +c +ioemu +target_alias +host_alias +build_alias +LIBS +ECHO_T +ECHO_N +ECHO_C +DEFS +mandir +localedir +libdir +psdir +pdfdir +dvidir +htmldir +infodir +docdir +oldincludedir +includedir +localstatedir +sharedstatedir +sysconfdir +datadir +datarootdir +libexecdir +sbindir +bindir +program_transform_name +prefix +exec_prefix +PACKAGE_URL +PACKAGE_BUGREPORT +PACKAGE_STRING +PACKAGE_VERSION +PACKAGE_TARNAME +PACKAGE_NAME +PATH_SEPARATOR +SHELL' +ac_subst_files='' +ac_user_opts=' +enable_option_checking +enable_ioemu_stubdom +enable_c_stubdom +enable_caml_stubdom +enable_pv_grub +enable_xenstore_stubdom +enable_vtpm_stubdom +enable_vtpmmgr_stubdom +enable_debug +enable_extfiles +' + ac_precious_vars='build_alias +host_alias +target_alias +CMAKE +WGET +CC +CFLAGS +LDFLAGS +LIBS +CPPFLAGS +ZLIB_URL +LIBPCI_URL +NEWLIB_URL +LWIP_URL +GRUB_URL +OCAML_URL +GMP_URL +POLARSSL_URL +TPMEMU_URL' + + +# Initialize some variables set by options. +ac_init_help= +ac_init_version=false +ac_unrecognized_opts= +ac_unrecognized_sep= +# The variables have the same names as the options, with +# dashes changed to underlines. +cache_file=/dev/null +exec_prefix=NONE +no_create= +no_recursion= +prefix=NONE +program_prefix=NONE +program_suffix=NONE +program_transform_name=s,x,x, +silent= +site= +srcdir= +verbose= +x_includes=NONE +x_libraries=NONE + +# Installation directory options. +# These are left unexpanded so users can "make install exec_prefix=/foo" +# and all the variables that are supposed to be based on exec_prefix +# by default will actually change. +# Use braces instead of parens because sh, perl, etc. also accept them. +# (The list follows the same order as the GNU Coding Standards.) +bindir='${exec_prefix}/bin' +sbindir='${exec_prefix}/sbin' +libexecdir='${exec_prefix}/libexec' +datarootdir='${prefix}/share' +datadir='${datarootdir}' +sysconfdir='${prefix}/etc' +sharedstatedir='${prefix}/com' +localstatedir='${prefix}/var' +includedir='${prefix}/include' +oldincludedir='/usr/include' +docdir='${datarootdir}/doc/${PACKAGE_TARNAME}' +infodir='${datarootdir}/info' +htmldir='${docdir}' +dvidir='${docdir}' +pdfdir='${docdir}' +psdir='${docdir}' +libdir='${exec_prefix}/lib' +localedir='${datarootdir}/locale' +mandir='${datarootdir}/man' + +ac_prev= +ac_dashdash= +for ac_option +do + # If the previous option needs an argument, assign it. + if test -n "$ac_prev"; then + eval $ac_prev=\$ac_option + ac_prev= + continue + fi + + case $ac_option in + *=?*) ac_optarg=`expr "X$ac_option" : '[^=]*=\(.*\)'` ;; + *=) ac_optarg= ;; + *) ac_optarg=yes ;; + esac + + # Accept the important Cygnus configure options, so we can diagnose typos. + + case $ac_dashdash$ac_option in + --) + ac_dashdash=yes ;; + + -bindir | --bindir | --bindi | --bind | --bin | --bi) + ac_prev=bindir ;; + -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*) + bindir=$ac_optarg ;; + + -build | --build | --buil | --bui | --bu) + ac_prev=build_alias ;; + -build=* | --build=* | --buil=* | --bui=* | --bu=*) + build_alias=$ac_optarg ;; + + -cache-file | --cache-file | --cache-fil | --cache-fi \ + | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c) + ac_prev=cache_file ;; + -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \ + | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*) + cache_file=$ac_optarg ;; + + --config-cache | -C) + cache_file=config.cache ;; + + -datadir | --datadir | --datadi | --datad) + ac_prev=datadir ;; + -datadir=* | --datadir=* | --datadi=* | --datad=*) + datadir=$ac_optarg ;; + + -datarootdir | --datarootdir | --datarootdi | --datarootd | --dataroot \ + | --dataroo | --dataro | --datar) + ac_prev=datarootdir ;; + -datarootdir=* | --datarootdir=* | --datarootdi=* | --datarootd=* \ + | --dataroot=* | --dataroo=* | --dataro=* | --datar=*) + datarootdir=$ac_optarg ;; + + -disable-* | --disable-*) + ac_useropt=`expr "x$ac_option" : 'x-*disable-\(.*\)'` + # Reject names that are not valid shell variable names. + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error $? "invalid feature name: $ac_useropt" + ac_useropt_orig=$ac_useropt + ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"enable_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--disable-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval enable_$ac_useropt=no ;; + + -docdir | --docdir | --docdi | --doc | --do) + ac_prev=docdir ;; + -docdir=* | --docdir=* | --docdi=* | --doc=* | --do=*) + docdir=$ac_optarg ;; + + -dvidir | --dvidir | --dvidi | --dvid | --dvi | --dv) + ac_prev=dvidir ;; + -dvidir=* | --dvidir=* | --dvidi=* | --dvid=* | --dvi=* | --dv=*) + dvidir=$ac_optarg ;; + + -enable-* | --enable-*) + ac_useropt=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'` + # Reject names that are not valid shell variable names. + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error $? "invalid feature name: $ac_useropt" + ac_useropt_orig=$ac_useropt + ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"enable_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--enable-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval enable_$ac_useropt=\$ac_optarg ;; + + -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \ + | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \ + | --exec | --exe | --ex) + ac_prev=exec_prefix ;; + -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \ + | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \ + | --exec=* | --exe=* | --ex=*) + exec_prefix=$ac_optarg ;; + + -gas | --gas | --ga | --g) + # Obsolete; use --with-gas. + with_gas=yes ;; + + -help | --help | --hel | --he | -h) + ac_init_help=long ;; + -help=r* | --help=r* | --hel=r* | --he=r* | -hr*) + ac_init_help=recursive ;; + -help=s* | --help=s* | --hel=s* | --he=s* | -hs*) + ac_init_help=short ;; + + -host | --host | --hos | --ho) + ac_prev=host_alias ;; + -host=* | --host=* | --hos=* | --ho=*) + host_alias=$ac_optarg ;; + + -htmldir | --htmldir | --htmldi | --htmld | --html | --htm | --ht) + ac_prev=htmldir ;; + -htmldir=* | --htmldir=* | --htmldi=* | --htmld=* | --html=* | --htm=* \ + | --ht=*) + htmldir=$ac_optarg ;; + + -includedir | --includedir | --includedi | --included | --include \ + | --includ | --inclu | --incl | --inc) + ac_prev=includedir ;; + -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \ + | --includ=* | --inclu=* | --incl=* | --inc=*) + includedir=$ac_optarg ;; + + -infodir | --infodir | --infodi | --infod | --info | --inf) + ac_prev=infodir ;; + -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*) + infodir=$ac_optarg ;; + + -libdir | --libdir | --libdi | --libd) + ac_prev=libdir ;; + -libdir=* | --libdir=* | --libdi=* | --libd=*) + libdir=$ac_optarg ;; + + -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \ + | --libexe | --libex | --libe) + ac_prev=libexecdir ;; + -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \ + | --libexe=* | --libex=* | --libe=*) + libexecdir=$ac_optarg ;; + + -localedir | --localedir | --localedi | --localed | --locale) + ac_prev=localedir ;; + -localedir=* | --localedir=* | --localedi=* | --localed=* | --locale=*) + localedir=$ac_optarg ;; + + -localstatedir | --localstatedir | --localstatedi | --localstated \ + | --localstate | --localstat | --localsta | --localst | --locals) + ac_prev=localstatedir ;; + -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \ + | --localstate=* | --localstat=* | --localsta=* | --localst=* | --locals=*) + localstatedir=$ac_optarg ;; + + -mandir | --mandir | --mandi | --mand | --man | --ma | --m) + ac_prev=mandir ;; + -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*) + mandir=$ac_optarg ;; + + -nfp | --nfp | --nf) + # Obsolete; use --without-fp. + with_fp=no ;; + + -no-create | --no-create | --no-creat | --no-crea | --no-cre \ + | --no-cr | --no-c | -n) + no_create=yes ;; + + -no-recursion | --no-recursion | --no-recursio | --no-recursi \ + | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) + no_recursion=yes ;; + + -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \ + | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \ + | --oldin | --oldi | --old | --ol | --o) + ac_prev=oldincludedir ;; + -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \ + | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \ + | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*) + oldincludedir=$ac_optarg ;; + + -prefix | --prefix | --prefi | --pref | --pre | --pr | --p) + ac_prev=prefix ;; + -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*) + prefix=$ac_optarg ;; + + -program-prefix | --program-prefix | --program-prefi | --program-pref \ + | --program-pre | --program-pr | --program-p) + ac_prev=program_prefix ;; + -program-prefix=* | --program-prefix=* | --program-prefi=* \ + | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*) + program_prefix=$ac_optarg ;; + + -program-suffix | --program-suffix | --program-suffi | --program-suff \ + | --program-suf | --program-su | --program-s) + ac_prev=program_suffix ;; + -program-suffix=* | --program-suffix=* | --program-suffi=* \ + | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*) + program_suffix=$ac_optarg ;; + + -program-transform-name | --program-transform-name \ + | --program-transform-nam | --program-transform-na \ + | --program-transform-n | --program-transform- \ + | --program-transform | --program-transfor \ + | --program-transfo | --program-transf \ + | --program-trans | --program-tran \ + | --progr-tra | --program-tr | --program-t) + ac_prev=program_transform_name ;; + -program-transform-name=* | --program-transform-name=* \ + | --program-transform-nam=* | --program-transform-na=* \ + | --program-transform-n=* | --program-transform-=* \ + | --program-transform=* | --program-transfor=* \ + | --program-transfo=* | --program-transf=* \ + | --program-trans=* | --program-tran=* \ + | --progr-tra=* | --program-tr=* | --program-t=*) + program_transform_name=$ac_optarg ;; + + -pdfdir | --pdfdir | --pdfdi | --pdfd | --pdf | --pd) + ac_prev=pdfdir ;; + -pdfdir=* | --pdfdir=* | --pdfdi=* | --pdfd=* | --pdf=* | --pd=*) + pdfdir=$ac_optarg ;; + + -psdir | --psdir | --psdi | --psd | --ps) + ac_prev=psdir ;; + -psdir=* | --psdir=* | --psdi=* | --psd=* | --ps=*) + psdir=$ac_optarg ;; + + -q | -quiet | --quiet | --quie | --qui | --qu | --q \ + | -silent | --silent | --silen | --sile | --sil) + silent=yes ;; + + -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) + ac_prev=sbindir ;; + -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ + | --sbi=* | --sb=*) + sbindir=$ac_optarg ;; + + -sharedstatedir | --sharedstatedir | --sharedstatedi \ + | --sharedstated | --sharedstate | --sharedstat | --sharedsta \ + | --sharedst | --shareds | --shared | --share | --shar \ + | --sha | --sh) + ac_prev=sharedstatedir ;; + -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \ + | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \ + | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \ + | --sha=* | --sh=*) + sharedstatedir=$ac_optarg ;; + + -site | --site | --sit) + ac_prev=site ;; + -site=* | --site=* | --sit=*) + site=$ac_optarg ;; + + -srcdir | --srcdir | --srcdi | --srcd | --src | --sr) + ac_prev=srcdir ;; + -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*) + srcdir=$ac_optarg ;; + + -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \ + | --syscon | --sysco | --sysc | --sys | --sy) + ac_prev=sysconfdir ;; + -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \ + | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*) + sysconfdir=$ac_optarg ;; + + -target | --target | --targe | --targ | --tar | --ta | --t) + ac_prev=target_alias ;; + -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*) + target_alias=$ac_optarg ;; + + -v | -verbose | --verbose | --verbos | --verbo | --verb) + verbose=yes ;; + + -version | --version | --versio | --versi | --vers | -V) + ac_init_version=: ;; + + -with-* | --with-*) + ac_useropt=`expr "x$ac_option" : 'x-*with-\([^=]*\)'` + # Reject names that are not valid shell variable names. + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error $? "invalid package name: $ac_useropt" + ac_useropt_orig=$ac_useropt + ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"with_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--with-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval with_$ac_useropt=\$ac_optarg ;; + + -without-* | --without-*) + ac_useropt=`expr "x$ac_option" : 'x-*without-\(.*\)'` + # Reject names that are not valid shell variable names. + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error $? "invalid package name: $ac_useropt" + ac_useropt_orig=$ac_useropt + ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"with_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--without-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval with_$ac_useropt=no ;; + + --x) + # Obsolete; use --with-x. + with_x=yes ;; + + -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \ + | --x-incl | --x-inc | --x-in | --x-i) + ac_prev=x_includes ;; + -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \ + | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*) + x_includes=$ac_optarg ;; + + -x-libraries | --x-libraries | --x-librarie | --x-librari \ + | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l) + ac_prev=x_libraries ;; + -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \ + | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*) + x_libraries=$ac_optarg ;; + + -*) as_fn_error $? "unrecognized option: \`$ac_option' +Try \`$0 --help' for more information" + ;; + + *=*) + ac_envvar=`expr "x$ac_option" : 'x\([^=]*\)='` + # Reject names that are not valid shell variable names. + case $ac_envvar in #( + '' | [0-9]* | *[!_$as_cr_alnum]* ) + as_fn_error $? "invalid variable name: \`$ac_envvar'" ;; + esac + eval $ac_envvar=\$ac_optarg + export $ac_envvar ;; + + *) + # FIXME: should be removed in autoconf 3.0. + $as_echo "$as_me: WARNING: you should use --build, --host, --target" >&2 + expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null && + $as_echo "$as_me: WARNING: invalid host type: $ac_option" >&2 + : "${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option}" + ;; + + esac +done + +if test -n "$ac_prev"; then + ac_option=--`echo $ac_prev | sed 's/_/-/g'` + as_fn_error $? "missing argument to $ac_option" +fi + +if test -n "$ac_unrecognized_opts"; then + case $enable_option_checking in + no) ;; + fatal) as_fn_error $? "unrecognized options: $ac_unrecognized_opts" ;; + *) $as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2 ;; + esac +fi + +# Check all directory arguments for consistency. +for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \ + datadir sysconfdir sharedstatedir localstatedir includedir \ + oldincludedir docdir infodir htmldir dvidir pdfdir psdir \ + libdir localedir mandir +do + eval ac_val=\$$ac_var + # Remove trailing slashes. + case $ac_val in + */ ) + ac_val=`expr "X$ac_val" : 'X\(.*[^/]\)' \| "X$ac_val" : 'X\(.*\)'` + eval $ac_var=\$ac_val;; + esac + # Be sure to have absolute directory names. + case $ac_val in + [\\/$]* | ?:[\\/]* ) continue;; + NONE | '' ) case $ac_var in *prefix ) continue;; esac;; + esac + as_fn_error $? "expected an absolute directory name for --$ac_var: $ac_val" +done + +# There might be people who depend on the old broken behavior: `$host' +# used to hold the argument of --host etc. +# FIXME: To remove some day. +build=$build_alias +host=$host_alias +target=$target_alias + +# FIXME: To remove some day. +if test "x$host_alias" != x; then + if test "x$build_alias" = x; then + cross_compiling=maybe + elif test "x$build_alias" != "x$host_alias"; then + cross_compiling=yes + fi +fi + +ac_tool_prefix= +test -n "$host_alias" && ac_tool_prefix=$host_alias- + +test "$silent" = yes && exec 6>/dev/null + + +ac_pwd=`pwd` && test -n "$ac_pwd" && +ac_ls_di=`ls -di .` && +ac_pwd_ls_di=`cd "$ac_pwd" && ls -di .` || + as_fn_error $? "working directory cannot be determined" +test "X$ac_ls_di" = "X$ac_pwd_ls_di" || + as_fn_error $? "pwd does not report name of working directory" + + +# Find the source files, if location was not specified. +if test -z "$srcdir"; then + ac_srcdir_defaulted=yes + # Try the directory containing this script, then the parent directory. + ac_confdir=`$as_dirname -- "$as_myself" || +$as_expr X"$as_myself" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$as_myself" : 'X\(//\)[^/]' \| \ + X"$as_myself" : 'X\(//\)$' \| \ + X"$as_myself" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$as_myself" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + srcdir=$ac_confdir + if test ! -r "$srcdir/$ac_unique_file"; then + srcdir=.. + fi +else + ac_srcdir_defaulted=no +fi +if test ! -r "$srcdir/$ac_unique_file"; then + test "$ac_srcdir_defaulted" = yes && srcdir="$ac_confdir or .." + as_fn_error $? "cannot find sources ($ac_unique_file) in $srcdir" +fi +ac_msg="sources are in $srcdir, but \`cd $srcdir' does not work" +ac_abs_confdir=`( + cd "$srcdir" && test -r "./$ac_unique_file" || as_fn_error $? "$ac_msg" + pwd)` +# When building in place, set srcdir=. +if test "$ac_abs_confdir" = "$ac_pwd"; then + srcdir=. +fi +# Remove unnecessary trailing slashes from srcdir. +# Double slashes in file names in object file debugging info +# mess up M-x gdb in Emacs. +case $srcdir in +*/) srcdir=`expr "X$srcdir" : 'X\(.*[^/]\)' \| "X$srcdir" : 'X\(.*\)'`;; +esac +for ac_var in $ac_precious_vars; do + eval ac_env_${ac_var}_set=\${${ac_var}+set} + eval ac_env_${ac_var}_value=\$${ac_var} + eval ac_cv_env_${ac_var}_set=\${${ac_var}+set} + eval ac_cv_env_${ac_var}_value=\$${ac_var} +done + +# +# Report the --help message. +# +if test "$ac_init_help" = "long"; then + # Omit some internal or obsolete options to make the list less imposing. + # This message is too long to be a string in the A/UX 3.1 sh. + cat <<_ACEOF +\`configure' configures Xen Hypervisor Stub Domains 4.3 to adapt to many kinds of systems. + +Usage: $0 [OPTION]... [VAR=VALUE]... + +To assign environment variables (e.g., CC, CFLAGS...), specify them as +VAR=VALUE. See below for descriptions of some of the useful variables. + +Defaults for the options are specified in brackets. + +Configuration: + -h, --help display this help and exit + --help=short display options specific to this package + --help=recursive display the short help of all the included packages + -V, --version display version information and exit + -q, --quiet, --silent do not print \`checking ...' messages + --cache-file=FILE cache test results in FILE [disabled] + -C, --config-cache alias for \`--cache-file=config.cache' + -n, --no-create do not create output files + --srcdir=DIR find the sources in DIR [configure dir or \`..'] + +Installation directories: + --prefix=PREFIX install architecture-independent files in PREFIX + [$ac_default_prefix] + --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX + [PREFIX] + +By default, \`make install' will install all the files in +\`$ac_default_prefix/bin', \`$ac_default_prefix/lib' etc. You can specify +an installation prefix other than \`$ac_default_prefix' using \`--prefix', +for instance \`--prefix=\$HOME'. + +For better control, use the options below. + +Fine tuning of the installation directories: + --bindir=DIR user executables [EPREFIX/bin] + --sbindir=DIR system admin executables [EPREFIX/sbin] + --libexecdir=DIR program executables [EPREFIX/libexec] + --sysconfdir=DIR read-only single-machine data [PREFIX/etc] + --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] + --localstatedir=DIR modifiable single-machine data [PREFIX/var] + --libdir=DIR object code libraries [EPREFIX/lib] + --includedir=DIR C header files [PREFIX/include] + --oldincludedir=DIR C header files for non-gcc [/usr/include] + --datarootdir=DIR read-only arch.-independent data root [PREFIX/share] + --datadir=DIR read-only architecture-independent data [DATAROOTDIR] + --infodir=DIR info documentation [DATAROOTDIR/info] + --localedir=DIR locale-dependent data [DATAROOTDIR/locale] + --mandir=DIR man documentation [DATAROOTDIR/man] + --docdir=DIR documentation root [DATAROOTDIR/doc/xen] + --htmldir=DIR html documentation [DOCDIR] + --dvidir=DIR dvi documentation [DOCDIR] + --pdfdir=DIR pdf documentation [DOCDIR] + --psdir=DIR ps documentation [DOCDIR] +_ACEOF + + cat <<\_ACEOF +_ACEOF +fi + +if test -n "$ac_init_help"; then + case $ac_init_help in + short | recursive ) echo "Configuration of Xen Hypervisor Stub Domains 4.3:";; + esac + cat <<\_ACEOF + +Optional Features: + --disable-option-checking ignore unrecognized --enable/--with options + --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) + --enable-FEATURE[=ARG] include FEATURE [ARG=yes] + --disable-ioemu-stubdom Build and install ioemu-stubdom (default is ENABLED) + --enable-c-stubdom Build and install c-stubdom (default is DISABLED) + --enable-caml-stubdom Build and install caml-stubdom (default is DISABLED) + --disable-pv-grub Build and install pv-grub (default is ENABLED) + --disable-xenstore-stubdom + Build and install xenstore-stubdom (default is + ENABLED) + --enable-vtpm-stubdom Build and install vtpm-stubdom + --enable-vtpmmgr-stubdom + Build and install vtpmmgr-stubdom + --disable-debug Disable debug build of stubdom (default is ENABLED) + --disable-extfiles Use xen extfiles repository for libraries (default + is ENABLED) + +Some influential environment variables: + CMAKE Path to the cmake program + WGET Path to wget program + CC C compiler command + CFLAGS C compiler flags + LDFLAGS linker flags, e.g. -L if you have libraries in a + nonstandard directory + LIBS libraries to pass to the linker, e.g. -l + CPPFLAGS (Objective) C/C++ preprocessor flags, e.g. -I if + you have headers in a nonstandard directory + ZLIB_URL Download url for zlib + LIBPCI_URL Download url for libpci + NEWLIB_URL Download url for newlib + LWIP_URL Download url for lwip + GRUB_URL Download url for grub + OCAML_URL Download url for ocaml + GMP_URL Download url for libgmp + POLARSSL_URL + Download url for polarssl + TPMEMU_URL Download url for berlios tpm emulator + +Use these variables to override the choices made by `configure' or to help +it to find libraries and programs with nonstandard names/locations. + +Report bugs to . +Xen Hypervisor Stub Domains home page: . +_ACEOF +ac_status=$? +fi + +if test "$ac_init_help" = "recursive"; then + # If there are subdirs, report their specific --help. + for ac_dir in : $ac_subdirs_all; do test "x$ac_dir" = x: && continue + test -d "$ac_dir" || + { cd "$srcdir" && ac_pwd=`pwd` && srcdir=. && test -d "$ac_dir"; } || + continue + ac_builddir=. + +case "$ac_dir" in +.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; +*) + ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'` + # A ".." for each directory in $ac_dir_suffix. + ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` + case $ac_top_builddir_sub in + "") ac_top_builddir_sub=. ac_top_build_prefix= ;; + *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; + esac ;; +esac +ac_abs_top_builddir=$ac_pwd +ac_abs_builddir=$ac_pwd$ac_dir_suffix +# for backward compatibility: +ac_top_builddir=$ac_top_build_prefix + +case $srcdir in + .) # We are building in place. + ac_srcdir=. + ac_top_srcdir=$ac_top_builddir_sub + ac_abs_top_srcdir=$ac_pwd ;; + [\\/]* | ?:[\\/]* ) # Absolute name. + ac_srcdir=$srcdir$ac_dir_suffix; + ac_top_srcdir=$srcdir + ac_abs_top_srcdir=$srcdir ;; + *) # Relative name. + ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix + ac_top_srcdir=$ac_top_build_prefix$srcdir + ac_abs_top_srcdir=$ac_pwd/$srcdir ;; +esac +ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix + + cd "$ac_dir" || { ac_status=$?; continue; } + # Check for guested configure. + if test -f "$ac_srcdir/configure.gnu"; then + echo && + $SHELL "$ac_srcdir/configure.gnu" --help=recursive + elif test -f "$ac_srcdir/configure"; then + echo && + $SHELL "$ac_srcdir/configure" --help=recursive + else + $as_echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2 + fi || ac_status=$? + cd "$ac_pwd" || { ac_status=$?; break; } + done +fi + +test -n "$ac_init_help" && exit $ac_status +if $ac_init_version; then + cat <<\_ACEOF +Xen Hypervisor Stub Domains configure 4.3 +generated by GNU Autoconf 2.69 + +Copyright (C) 2012 Free Software Foundation, Inc. +This configure script is free software; the Free Software Foundation +gives unlimited permission to copy, distribute and modify it. +_ACEOF + exit +fi + +## ------------------------ ## +## Autoconf initialization. ## +## ------------------------ ## + +# ac_fn_c_try_compile LINENO +# -------------------------- +# Try to compile conftest.$ac_ext, and return whether this succeeded. +ac_fn_c_try_compile () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + rm -f conftest.$ac_objext + if { { ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_compile") 2>conftest.err + ac_status=$? + if test -s conftest.err; then + grep -v '^ *+' conftest.err >conftest.er1 + cat conftest.er1 >&5 + mv -f conftest.er1 conftest.err + fi + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then : + ac_retval=0 +else + $as_echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_retval=1 +fi + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno + as_fn_set_status $ac_retval + +} # ac_fn_c_try_compile +cat >config.log <<_ACEOF +This file contains any messages produced by compilers while +running configure, to aid debugging if configure makes a mistake. + +It was created by Xen Hypervisor Stub Domains $as_me 4.3, which was +generated by GNU Autoconf 2.69. Invocation command line was + + $ $0 $@ + +_ACEOF +exec 5>>config.log +{ +cat <<_ASUNAME +## --------- ## +## Platform. ## +## --------- ## + +hostname = `(hostname || uname -n) 2>/dev/null | sed 1q` +uname -m = `(uname -m) 2>/dev/null || echo unknown` +uname -r = `(uname -r) 2>/dev/null || echo unknown` +uname -s = `(uname -s) 2>/dev/null || echo unknown` +uname -v = `(uname -v) 2>/dev/null || echo unknown` + +/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null || echo unknown` +/bin/uname -X = `(/bin/uname -X) 2>/dev/null || echo unknown` + +/bin/arch = `(/bin/arch) 2>/dev/null || echo unknown` +/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null || echo unknown` +/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null || echo unknown` +/usr/bin/hostinfo = `(/usr/bin/hostinfo) 2>/dev/null || echo unknown` +/bin/machine = `(/bin/machine) 2>/dev/null || echo unknown` +/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null || echo unknown` +/bin/universe = `(/bin/universe) 2>/dev/null || echo unknown` + +_ASUNAME + +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + $as_echo "PATH: $as_dir" + done +IFS=$as_save_IFS + +} >&5 + +cat >&5 <<_ACEOF + + +## ----------- ## +## Core tests. ## +## ----------- ## + +_ACEOF + + +# Keep a trace of the command line. +# Strip out --no-create and --no-recursion so they do not pile up. +# Strip out --silent because we don't want to record it for future runs. +# Also quote any args containing shell meta-characters. +# Make two passes to allow for proper duplicate-argument suppression. +ac_configure_args= +ac_configure_args0= +ac_configure_args1= +ac_must_keep_next=false +for ac_pass in 1 2 +do + for ac_arg + do + case $ac_arg in + -no-create | --no-c* | -n | -no-recursion | --no-r*) continue ;; + -q | -quiet | --quiet | --quie | --qui | --qu | --q \ + | -silent | --silent | --silen | --sile | --sil) + continue ;; + *\'*) + ac_arg=`$as_echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;; + esac + case $ac_pass in + 1) as_fn_append ac_configure_args0 " '$ac_arg'" ;; + 2) + as_fn_append ac_configure_args1 " '$ac_arg'" + if test $ac_must_keep_next = true; then + ac_must_keep_next=false # Got value, back to normal. + else + case $ac_arg in + *=* | --config-cache | -C | -disable-* | --disable-* \ + | -enable-* | --enable-* | -gas | --g* | -nfp | --nf* \ + | -q | -quiet | --q* | -silent | --sil* | -v | -verb* \ + | -with-* | --with-* | -without-* | --without-* | --x) + case "$ac_configure_args0 " in + "$ac_configure_args1"*" '$ac_arg' "* ) continue ;; + esac + ;; + -* ) ac_must_keep_next=true ;; + esac + fi + as_fn_append ac_configure_args " '$ac_arg'" + ;; + esac + done +done +{ ac_configure_args0=; unset ac_configure_args0;} +{ ac_configure_args1=; unset ac_configure_args1;} + +# When interrupted or exit'd, cleanup temporary files, and complete +# config.log. We remove comments because anyway the quotes in there +# would cause problems or look ugly. +# WARNING: Use '\'' to represent an apostrophe within the trap. +# WARNING: Do not start the trap code with a newline, due to a FreeBSD 4.0 bug. +trap 'exit_status=$? + # Save into config.log some information that might help in debugging. + { + echo + + $as_echo "## ---------------- ## +## Cache variables. ## +## ---------------- ##" + echo + # The following way of writing the cache mishandles newlines in values, +( + for ac_var in `(set) 2>&1 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`; do + eval ac_val=\$$ac_var + case $ac_val in #( + *${as_nl}*) + case $ac_var in #( + *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 +$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; + esac + case $ac_var in #( + _ | IFS | as_nl) ;; #( + BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #( + *) { eval $ac_var=; unset $ac_var;} ;; + esac ;; + esac + done + (set) 2>&1 | + case $as_nl`(ac_space='\'' '\''; set) 2>&1` in #( + *${as_nl}ac_space=\ *) + sed -n \ + "s/'\''/'\''\\\\'\'''\''/g; + s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\''\\2'\''/p" + ;; #( + *) + sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" + ;; + esac | + sort +) + echo + + $as_echo "## ----------------- ## +## Output variables. ## +## ----------------- ##" + echo + for ac_var in $ac_subst_vars + do + eval ac_val=\$$ac_var + case $ac_val in + *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; + esac + $as_echo "$ac_var='\''$ac_val'\''" + done | sort + echo + + if test -n "$ac_subst_files"; then + $as_echo "## ------------------- ## +## File substitutions. ## +## ------------------- ##" + echo + for ac_var in $ac_subst_files + do + eval ac_val=\$$ac_var + case $ac_val in + *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; + esac + $as_echo "$ac_var='\''$ac_val'\''" + done | sort + echo + fi + + if test -s confdefs.h; then + $as_echo "## ----------- ## +## confdefs.h. ## +## ----------- ##" + echo + cat confdefs.h + echo + fi + test "$ac_signal" != 0 && + $as_echo "$as_me: caught signal $ac_signal" + $as_echo "$as_me: exit $exit_status" + } >&5 + rm -f core *.core core.conftest.* && + rm -f -r conftest* confdefs* conf$$* $ac_clean_files && + exit $exit_status +' 0 +for ac_signal in 1 2 13 15; do + trap 'ac_signal='$ac_signal'; as_fn_exit 1' $ac_signal +done +ac_signal=0 + +# confdefs.h avoids OS command line length limits that DEFS can exceed. +rm -f -r conftest* confdefs.h + +$as_echo "/* confdefs.h */" > confdefs.h + +# Predefined preprocessor variables. + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_NAME "$PACKAGE_NAME" +_ACEOF + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_TARNAME "$PACKAGE_TARNAME" +_ACEOF + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_VERSION "$PACKAGE_VERSION" +_ACEOF + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_STRING "$PACKAGE_STRING" +_ACEOF + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_BUGREPORT "$PACKAGE_BUGREPORT" +_ACEOF + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_URL "$PACKAGE_URL" +_ACEOF + + +# Let the site file select an alternate cache file if it wants to. +# Prefer an explicitly selected file to automatically selected ones. +ac_site_file1=NONE +ac_site_file2=NONE +if test -n "$CONFIG_SITE"; then + # We do not want a PATH search for config.site. + case $CONFIG_SITE in #(( + -*) ac_site_file1=./$CONFIG_SITE;; + */*) ac_site_file1=$CONFIG_SITE;; + *) ac_site_file1=./$CONFIG_SITE;; + esac +elif test "x$prefix" != xNONE; then + ac_site_file1=$prefix/share/config.site + ac_site_file2=$prefix/etc/config.site +else + ac_site_file1=$ac_default_prefix/share/config.site + ac_site_file2=$ac_default_prefix/etc/config.site +fi +for ac_site_file in "$ac_site_file1" "$ac_site_file2" +do + test "x$ac_site_file" = xNONE && continue + if test /dev/null != "$ac_site_file" && test -r "$ac_site_file"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: loading site script $ac_site_file" >&5 +$as_echo "$as_me: loading site script $ac_site_file" >&6;} + sed 's/^/| /' "$ac_site_file" >&5 + . "$ac_site_file" \ + || { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "failed to load site script $ac_site_file +See \`config.log' for more details" "$LINENO" 5; } + fi +done + +if test -r "$cache_file"; then + # Some versions of bash will fail to source /dev/null (special files + # actually), so we avoid doing that. DJGPP emulates it as a regular file. + if test /dev/null != "$cache_file" && test -f "$cache_file"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: loading cache $cache_file" >&5 +$as_echo "$as_me: loading cache $cache_file" >&6;} + case $cache_file in + [\\/]* | ?:[\\/]* ) . "$cache_file";; + *) . "./$cache_file";; + esac + fi +else + { $as_echo "$as_me:${as_lineno-$LINENO}: creating cache $cache_file" >&5 +$as_echo "$as_me: creating cache $cache_file" >&6;} + >$cache_file +fi + +# Check that the precious variables saved in the cache have kept the same +# value. +ac_cache_corrupted=false +for ac_var in $ac_precious_vars; do + eval ac_old_set=\$ac_cv_env_${ac_var}_set + eval ac_new_set=\$ac_env_${ac_var}_set + eval ac_old_val=\$ac_cv_env_${ac_var}_value + eval ac_new_val=\$ac_env_${ac_var}_value + case $ac_old_set,$ac_new_set in + set,) + { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5 +$as_echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;} + ac_cache_corrupted=: ;; + ,set) + { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was not set in the previous run" >&5 +$as_echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;} + ac_cache_corrupted=: ;; + ,);; + *) + if test "x$ac_old_val" != "x$ac_new_val"; then + # differences in whitespace do not lead to failure. + ac_old_val_w=`echo x $ac_old_val` + ac_new_val_w=`echo x $ac_new_val` + if test "$ac_old_val_w" != "$ac_new_val_w"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' has changed since the previous run:" >&5 +$as_echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;} + ac_cache_corrupted=: + else + { $as_echo "$as_me:${as_lineno-$LINENO}: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&5 +$as_echo "$as_me: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&2;} + eval $ac_var=\$ac_old_val + fi + { $as_echo "$as_me:${as_lineno-$LINENO}: former value: \`$ac_old_val'" >&5 +$as_echo "$as_me: former value: \`$ac_old_val'" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: current value: \`$ac_new_val'" >&5 +$as_echo "$as_me: current value: \`$ac_new_val'" >&2;} + fi;; + esac + # Pass precious variables to config.status. + if test "$ac_new_set" = set; then + case $ac_new_val in + *\'*) ac_arg=$ac_var=`$as_echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;; + *) ac_arg=$ac_var=$ac_new_val ;; + esac + case " $ac_configure_args " in + *" '$ac_arg' "*) ;; # Avoid dups. Use of quotes ensures accuracy. + *) as_fn_append ac_configure_args " '$ac_arg'" ;; + esac + fi +done +if $ac_cache_corrupted; then + { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: error: changes in the environment can compromise the build" >&5 +$as_echo "$as_me: error: changes in the environment can compromise the build" >&2;} + as_fn_error $? "run \`make distclean' and/or \`rm $cache_file' and start over" "$LINENO" 5 +fi +## -------------------- ## +## Main body of script. ## +## -------------------- ## + +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + + + +ac_config_files="$ac_config_files ../config/Stubdom.mk" + + +ac_aux_dir= +for ac_dir in ../ "$srcdir"/../; do + if test -f "$ac_dir/install-sh"; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/install-sh -c" + break + elif test -f "$ac_dir/install.sh"; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/install.sh -c" + break + elif test -f "$ac_dir/shtool"; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/shtool install -c" + break + fi +done +if test -z "$ac_aux_dir"; then + as_fn_error $? "cannot find install-sh, install.sh, or shtool in ../ \"$srcdir\"/../" "$LINENO" 5 +fi + +# These three variables are undocumented and unsupported, +# and are intended to be withdrawn in a future Autoconf release. +# They can cause serious problems if a builder's source tree is in a directory +# whose full name contains unusual characters. +ac_config_guess="$SHELL $ac_aux_dir/config.guess" # Please don't use this var. +ac_config_sub="$SHELL $ac_aux_dir/config.sub" # Please don't use this var. +ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var. + + + +# M4 Macro includes + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +# Enable/disable stub domains + +# Check whether --enable-ioemu-stubdom was given. +if test "${enable_ioemu_stubdom+set}" = set; then : + enableval=$enable_ioemu_stubdom; + +if test "x$enableval" = "xyes"; then : + + +ioemu=y +STUBDOM_TARGETS="$STUBDOM_TARGETS ioemu" +STUBDOM_BUILD="$STUBDOM_BUILD ioemu-stubdom" +STUBDOM_INSTALL="$STUBDOM_INSTALL install-ioemu" + + +else + +if test "x$enableval" = "xno"; then : + + +ioemu=n + + +fi + +fi + + +else + + +ioemu=y +STUBDOM_TARGETS="$STUBDOM_TARGETS ioemu" +STUBDOM_BUILD="$STUBDOM_BUILD ioemu-stubdom" +STUBDOM_INSTALL="$STUBDOM_INSTALL install-ioemu" + + +fi + + + + +# Check whether --enable-c-stubdom was given. +if test "${enable_c_stubdom+set}" = set; then : + enableval=$enable_c_stubdom; + +if test "x$enableval" = "xyes"; then : + + +c=y +STUBDOM_TARGETS="$STUBDOM_TARGETS c" +STUBDOM_BUILD="$STUBDOM_BUILD c-stubdom" +STUBDOM_INSTALL="$STUBDOM_INSTALL install-c" + + +else + +if test "x$enableval" = "xno"; then : + + +c=n + + +fi + +fi + + +else + + +c=n + + +fi + + + + +# Check whether --enable-caml-stubdom was given. +if test "${enable_caml_stubdom+set}" = set; then : + enableval=$enable_caml_stubdom; + +if test "x$enableval" = "xyes"; then : + + +caml=y +STUBDOM_TARGETS="$STUBDOM_TARGETS caml" +STUBDOM_BUILD="$STUBDOM_BUILD caml-stubdom" +STUBDOM_INSTALL="$STUBDOM_INSTALL install-caml" + + +else + +if test "x$enableval" = "xno"; then : + + +caml=n + + +fi + +fi + + +else + + +caml=n + + +fi + + + + +# Check whether --enable-pv-grub was given. +if test "${enable_pv_grub+set}" = set; then : + enableval=$enable_pv_grub; + +if test "x$enableval" = "xyes"; then : + + +grub=y +STUBDOM_TARGETS="$STUBDOM_TARGETS grub" +STUBDOM_BUILD="$STUBDOM_BUILD pv-grub" +STUBDOM_INSTALL="$STUBDOM_INSTALL install-grub" + + +else + +if test "x$enableval" = "xno"; then : + + +grub=n + + +fi + +fi + + +else + + +grub=y +STUBDOM_TARGETS="$STUBDOM_TARGETS grub" +STUBDOM_BUILD="$STUBDOM_BUILD pv-grub" +STUBDOM_INSTALL="$STUBDOM_INSTALL install-grub" + + +fi + + + + +# Check whether --enable-xenstore-stubdom was given. +if test "${enable_xenstore_stubdom+set}" = set; then : + enableval=$enable_xenstore_stubdom; + +if test "x$enableval" = "xyes"; then : + + +xenstore=y +STUBDOM_TARGETS="$STUBDOM_TARGETS xenstore" +STUBDOM_BUILD="$STUBDOM_BUILD xenstore-stubdom" +STUBDOM_INSTALL="$STUBDOM_INSTALL install-xenstore" + + +else + +if test "x$enableval" = "xno"; then : + + +xenstore=n + + +fi + +fi + + +else + + +xenstore=y +STUBDOM_TARGETS="$STUBDOM_TARGETS xenstore" +STUBDOM_BUILD="$STUBDOM_BUILD xenstore-stubdom" +STUBDOM_INSTALL="$STUBDOM_INSTALL install-xenstore" + + +fi + + + + +# Check whether --enable-vtpm-stubdom was given. +if test "${enable_vtpm_stubdom+set}" = set; then : + enableval=$enable_vtpm_stubdom; + +if test "x$enableval" = "xyes"; then : + + +vtpm=y +STUBDOM_TARGETS="$STUBDOM_TARGETS vtpm" +STUBDOM_BUILD="$STUBDOM_BUILD vtpm-stubdom" +STUBDOM_INSTALL="$STUBDOM_INSTALL install-vtpm" + + +else + +if test "x$enableval" = "xno"; then : + + +vtpm=n + + +fi + +fi + + +fi + + + +# Check whether --enable-vtpmmgr-stubdom was given. +if test "${enable_vtpmmgr_stubdom+set}" = set; then : + enableval=$enable_vtpmmgr_stubdom; + +if test "x$enableval" = "xyes"; then : + + +vtpmmgr=y +STUBDOM_TARGETS="$STUBDOM_TARGETS vtpmmgr" +STUBDOM_BUILD="$STUBDOM_BUILD vtpmmgr-stubdom" +STUBDOM_INSTALL="$STUBDOM_INSTALL install-vtpmmgr" + + +else + +if test "x$enableval" = "xno"; then : + + +vtpmmgr=n + + +fi + +fi + + +fi + + + + +# Check whether --enable-debug was given. +if test "${enable_debug+set}" = set; then : + enableval=$enable_debug; +fi + + +if test "x$enable_debug" = "xno"; then : + + ax_cv_debug="n" + +elif test "x$enable_debug" = "xyes"; then : + + ax_cv_debug="y" + +elif test -z $ax_cv_debug; then : + + ax_cv_debug="y" + +fi +debug=$ax_cv_debug + + + +# Check whether --enable-extfiles was given. +if test "${enable_extfiles+set}" = set; then : + enableval=$enable_extfiles; +fi + + +if test "x$enable_extfiles" = "xno"; then : + + ax_cv_extfiles="n" + +elif test "x$enable_extfiles" = "xyes"; then : + + ax_cv_extfiles="y" + +elif test -z $ax_cv_extfiles; then : + + ax_cv_extfiles="y" + +fi +extfiles=$ax_cv_extfiles + + + + + + +# Checks for programs. +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu +if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args. +set dummy ${ac_tool_prefix}gcc; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_CC+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_CC="${ac_tool_prefix}gcc" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +CC=$ac_cv_prog_CC +if test -n "$CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +$as_echo "$CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$ac_cv_prog_CC"; then + ac_ct_CC=$CC + # Extract the first word of "gcc", so it can be a program name with args. +set dummy gcc; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_ac_ct_CC+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_CC"; then + ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_CC="gcc" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_CC=$ac_cv_prog_ac_ct_CC +if test -n "$ac_ct_CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 +$as_echo "$ac_ct_CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + if test "x$ac_ct_CC" = x; then + CC="" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + CC=$ac_ct_CC + fi +else + CC="$ac_cv_prog_CC" +fi + +if test -z "$CC"; then + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args. +set dummy ${ac_tool_prefix}cc; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_CC+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_CC="${ac_tool_prefix}cc" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +CC=$ac_cv_prog_CC +if test -n "$CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +$as_echo "$CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + fi +fi +if test -z "$CC"; then + # Extract the first word of "cc", so it can be a program name with args. +set dummy cc; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_CC+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. +else + ac_prog_rejected=no +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then + ac_prog_rejected=yes + continue + fi + ac_cv_prog_CC="cc" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +if test $ac_prog_rejected = yes; then + # We found a bogon in the path, so make sure we never use it. + set dummy $ac_cv_prog_CC + shift + if test $# != 0; then + # We chose a different compiler from the bogus one. + # However, it has the same basename, so the bogon will be chosen + # first if we set CC to just the basename; use the full file name. + shift + ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@" + fi +fi +fi +fi +CC=$ac_cv_prog_CC +if test -n "$CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +$as_echo "$CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$CC"; then + if test -n "$ac_tool_prefix"; then + for ac_prog in cl.exe + do + # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. +set dummy $ac_tool_prefix$ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_CC+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_CC="$ac_tool_prefix$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +CC=$ac_cv_prog_CC +if test -n "$CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +$as_echo "$CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + test -n "$CC" && break + done +fi +if test -z "$CC"; then + ac_ct_CC=$CC + for ac_prog in cl.exe +do + # Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_ac_ct_CC+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_CC"; then + ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_CC="$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_CC=$ac_cv_prog_ac_ct_CC +if test -n "$ac_ct_CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 +$as_echo "$ac_ct_CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + test -n "$ac_ct_CC" && break +done + + if test "x$ac_ct_CC" = x; then + CC="" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + CC=$ac_ct_CC + fi +fi + +fi + + +test -z "$CC" && { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "no acceptable C compiler found in \$PATH +See \`config.log' for more details" "$LINENO" 5; } + +# Provide some information about the compiler. +$as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5 +set X $ac_compile +ac_compiler=$2 +for ac_option in --version -v -V -qversion; do + { { ac_try="$ac_compiler $ac_option >&5" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_compiler $ac_option >&5") 2>conftest.err + ac_status=$? + if test -s conftest.err; then + sed '10a\ +... rest of stderr output deleted ... + 10q' conftest.err >conftest.er1 + cat conftest.er1 >&5 + fi + rm -f conftest.er1 conftest.err + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } +done + +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +ac_clean_files_save=$ac_clean_files +ac_clean_files="$ac_clean_files a.out a.out.dSYM a.exe b.out" +# Try to create an executable without -o first, disregard a.out. +# It will help us diagnose broken compilers, and finding out an intuition +# of exeext. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the C compiler works" >&5 +$as_echo_n "checking whether the C compiler works... " >&6; } +ac_link_default=`$as_echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'` + +# The possible output files: +ac_files="a.out conftest.exe conftest a.exe a_out.exe b.out conftest.*" + +ac_rmfiles= +for ac_file in $ac_files +do + case $ac_file in + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; + * ) ac_rmfiles="$ac_rmfiles $ac_file";; + esac +done +rm -f $ac_rmfiles + +if { { ac_try="$ac_link_default" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_link_default") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then : + # Autoconf-2.13 could set the ac_cv_exeext variable to `no'. +# So ignore a value of `no', otherwise this would lead to `EXEEXT = no' +# in a Makefile. We should not override ac_cv_exeext if it was cached, +# so that the user can short-circuit this test for compilers unknown to +# Autoconf. +for ac_file in $ac_files '' +do + test -f "$ac_file" || continue + case $ac_file in + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) + ;; + [ab].out ) + # We found the default executable, but exeext='' is most + # certainly right. + break;; + *.* ) + if test "${ac_cv_exeext+set}" = set && test "$ac_cv_exeext" != no; + then :; else + ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` + fi + # We set ac_cv_exeext here because the later test for it is not + # safe: cross compilers may not add the suffix if given an `-o' + # argument, so we may need to know it at that point already. + # Even if this section looks crufty: it has the advantage of + # actually working. + break;; + * ) + break;; + esac +done +test "$ac_cv_exeext" = no && ac_cv_exeext= + +else + ac_file='' +fi +if test -z "$ac_file"; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +$as_echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error 77 "C compiler cannot create executables +See \`config.log' for more details" "$LINENO" 5; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler default output file name" >&5 +$as_echo_n "checking for C compiler default output file name... " >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_file" >&5 +$as_echo "$ac_file" >&6; } +ac_exeext=$ac_cv_exeext + +rm -f -r a.out a.out.dSYM a.exe conftest$ac_cv_exeext b.out +ac_clean_files=$ac_clean_files_save +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of executables" >&5 +$as_echo_n "checking for suffix of executables... " >&6; } +if { { ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_link") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then : + # If both `conftest.exe' and `conftest' are `present' (well, observable) +# catch `conftest.exe'. For instance with Cygwin, `ls conftest' will +# work properly (i.e., refer to `conftest.exe'), while it won't with +# `rm'. +for ac_file in conftest.exe conftest conftest.*; do + test -f "$ac_file" || continue + case $ac_file in + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; + *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` + break;; + * ) break;; + esac +done +else + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "cannot compute suffix of executables: cannot compile and link +See \`config.log' for more details" "$LINENO" 5; } +fi +rm -f conftest conftest$ac_cv_exeext +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_exeext" >&5 +$as_echo "$ac_cv_exeext" >&6; } + +rm -f conftest.$ac_ext +EXEEXT=$ac_cv_exeext +ac_exeext=$EXEEXT +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main () +{ +FILE *f = fopen ("conftest.out", "w"); + return ferror (f) || fclose (f) != 0; + + ; + return 0; +} +_ACEOF +ac_clean_files="$ac_clean_files conftest.out" +# Check that the compiler produces executables we can run. If not, either +# the compiler is broken, or we cross compile. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are cross compiling" >&5 +$as_echo_n "checking whether we are cross compiling... " >&6; } +if test "$cross_compiling" != yes; then + { { ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_link") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + if { ac_try='./conftest$ac_cv_exeext' + { { case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_try") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; }; then + cross_compiling=no + else + if test "$cross_compiling" = maybe; then + cross_compiling=yes + else + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "cannot run C compiled programs. +If you meant to cross compile, use \`--host'. +See \`config.log' for more details" "$LINENO" 5; } + fi + fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $cross_compiling" >&5 +$as_echo "$cross_compiling" >&6; } + +rm -f conftest.$ac_ext conftest$ac_cv_exeext conftest.out +ac_clean_files=$ac_clean_files_save +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of object files" >&5 +$as_echo_n "checking for suffix of object files... " >&6; } +if ${ac_cv_objext+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +rm -f conftest.o conftest.obj +if { { ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_compile") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then : + for ac_file in conftest.o conftest.obj conftest.*; do + test -f "$ac_file" || continue; + case $ac_file in + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM ) ;; + *) ac_cv_objext=`expr "$ac_file" : '.*\.\(.*\)'` + break;; + esac +done +else + $as_echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "cannot compute suffix of object files: cannot compile +See \`config.log' for more details" "$LINENO" 5; } +fi +rm -f conftest.$ac_cv_objext conftest.$ac_ext +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_objext" >&5 +$as_echo "$ac_cv_objext" >&6; } +OBJEXT=$ac_cv_objext +ac_objext=$OBJEXT +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C compiler" >&5 +$as_echo_n "checking whether we are using the GNU C compiler... " >&6; } +if ${ac_cv_c_compiler_gnu+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ +#ifndef __GNUC__ + choke me +#endif + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_compiler_gnu=yes +else + ac_compiler_gnu=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +ac_cv_c_compiler_gnu=$ac_compiler_gnu + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_compiler_gnu" >&5 +$as_echo "$ac_cv_c_compiler_gnu" >&6; } +if test $ac_compiler_gnu = yes; then + GCC=yes +else + GCC= +fi +ac_test_CFLAGS=${CFLAGS+set} +ac_save_CFLAGS=$CFLAGS +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts -g" >&5 +$as_echo_n "checking whether $CC accepts -g... " >&6; } +if ${ac_cv_prog_cc_g+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_save_c_werror_flag=$ac_c_werror_flag + ac_c_werror_flag=yes + ac_cv_prog_cc_g=no + CFLAGS="-g" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_prog_cc_g=yes +else + CFLAGS="" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + +else + ac_c_werror_flag=$ac_save_c_werror_flag + CFLAGS="-g" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_prog_cc_g=yes +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + ac_c_werror_flag=$ac_save_c_werror_flag +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_g" >&5 +$as_echo "$ac_cv_prog_cc_g" >&6; } +if test "$ac_test_CFLAGS" = set; then + CFLAGS=$ac_save_CFLAGS +elif test $ac_cv_prog_cc_g = yes; then + if test "$GCC" = yes; then + CFLAGS="-g -O2" + else + CFLAGS="-g" + fi +else + if test "$GCC" = yes; then + CFLAGS="-O2" + else + CFLAGS= + fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C89" >&5 +$as_echo_n "checking for $CC option to accept ISO C89... " >&6; } +if ${ac_cv_prog_cc_c89+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_cv_prog_cc_c89=no +ac_save_CC=$CC +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +#include +struct stat; +/* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */ +struct buf { int x; }; +FILE * (*rcsopen) (struct buf *, struct stat *, int); +static char *e (p, i) + char **p; + int i; +{ + return p[i]; +} +static char *f (char * (*g) (char **, int), char **p, ...) +{ + char *s; + va_list v; + va_start (v,p); + s = g (p, va_arg (v,int)); + va_end (v); + return s; +} + +/* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has + function prototypes and stuff, but not '\xHH' hex character constants. + These don't provoke an error unfortunately, instead are silently treated + as 'x'. The following induces an error, until -std is added to get + proper ANSI mode. Curiously '\x00'!='x' always comes out true, for an + array size at least. It's necessary to write '\x00'==0 to get something + that's true only with -std. */ +int osf4_cc_array ['\x00' == 0 ? 1 : -1]; + +/* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters + inside strings and character constants. */ +#define FOO(x) 'x' +int xlc6_cc_array[FOO(a) == 'x' ? 1 : -1]; + +int test (int i, double x); +struct s1 {int (*f) (int a);}; +struct s2 {int (*f) (double a);}; +int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int); +int argc; +char **argv; +int +main () +{ +return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1]; + ; + return 0; +} +_ACEOF +for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std \ + -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__" +do + CC="$ac_save_CC $ac_arg" + if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_prog_cc_c89=$ac_arg +fi +rm -f core conftest.err conftest.$ac_objext + test "x$ac_cv_prog_cc_c89" != "xno" && break +done +rm -f conftest.$ac_ext +CC=$ac_save_CC + +fi +# AC_CACHE_VAL +case "x$ac_cv_prog_cc_c89" in + x) + { $as_echo "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 +$as_echo "none needed" >&6; } ;; + xno) + { $as_echo "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 +$as_echo "unsupported" >&6; } ;; + *) + CC="$CC $ac_cv_prog_cc_c89" + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c89" >&5 +$as_echo "$ac_cv_prog_cc_c89" >&6; } ;; +esac +if test "x$ac_cv_prog_cc_c89" != xno; then : + +fi + +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ${MAKE-make} sets \$(MAKE)" >&5 +$as_echo_n "checking whether ${MAKE-make} sets \$(MAKE)... " >&6; } +set x ${MAKE-make} +ac_make=`$as_echo "$2" | sed 's/+/p/g; s/[^a-zA-Z0-9_]/_/g'` +if eval \${ac_cv_prog_make_${ac_make}_set+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat >conftest.make <<\_ACEOF +SHELL = /bin/sh +all: + @echo '@@@%%%=$(MAKE)=@@@%%%' +_ACEOF +# GNU make sometimes prints "make[1]: Entering ...", which would confuse us. +case `${MAKE-make} -f conftest.make 2>/dev/null` in + *@@@%%%=?*=@@@%%%*) + eval ac_cv_prog_make_${ac_make}_set=yes;; + *) + eval ac_cv_prog_make_${ac_make}_set=no;; +esac +rm -f conftest.make +fi +if eval test \$ac_cv_prog_make_${ac_make}_set = yes; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + SET_MAKE= +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + SET_MAKE="MAKE=${MAKE-make}" +fi + +# Find a good install program. We prefer a C program (faster), +# so one script is as good as another. But avoid the broken or +# incompatible versions: +# SysV /etc/install, /usr/sbin/install +# SunOS /usr/etc/install +# IRIX /sbin/install +# AIX /bin/install +# AmigaOS /C/install, which installs bootblocks on floppy discs +# AIX 4 /usr/bin/installbsd, which doesn't work without a -g flag +# AFS /usr/afsws/bin/install, which mishandles nonexistent args +# SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff" +# OS/2's system install, which has a completely different semantic +# ./install, which can be erroneously created by make from ./install.sh. +# Reject install programs that cannot install multiple files. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for a BSD-compatible install" >&5 +$as_echo_n "checking for a BSD-compatible install... " >&6; } +if test -z "$INSTALL"; then +if ${ac_cv_path_install+:} false; then : + $as_echo_n "(cached) " >&6 +else + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + # Account for people who put trailing slashes in PATH elements. +case $as_dir/ in #(( + ./ | .// | /[cC]/* | \ + /etc/* | /usr/sbin/* | /usr/etc/* | /sbin/* | /usr/afsws/bin/* | \ + ?:[\\/]os2[\\/]install[\\/]* | ?:[\\/]OS2[\\/]INSTALL[\\/]* | \ + /usr/ucb/* ) ;; + *) + # OSF1 and SCO ODT 3.0 have their own names for install. + # Don't use installbsd from OSF since it installs stuff as root + # by default. + for ac_prog in ginstall scoinst install; do + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_prog$ac_exec_ext"; then + if test $ac_prog = install && + grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then + # AIX install. It has an incompatible calling convention. + : + elif test $ac_prog = install && + grep pwplus "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then + # program-specific install script used by HP pwplus--don't use. + : + else + rm -rf conftest.one conftest.two conftest.dir + echo one > conftest.one + echo two > conftest.two + mkdir conftest.dir + if "$as_dir/$ac_prog$ac_exec_ext" -c conftest.one conftest.two "`pwd`/conftest.dir" && + test -s conftest.one && test -s conftest.two && + test -s conftest.dir/conftest.one && + test -s conftest.dir/conftest.two + then + ac_cv_path_install="$as_dir/$ac_prog$ac_exec_ext -c" + break 3 + fi + fi + fi + done + done + ;; +esac + + done +IFS=$as_save_IFS + +rm -rf conftest.one conftest.two conftest.dir + +fi + if test "${ac_cv_path_install+set}" = set; then + INSTALL=$ac_cv_path_install + else + # As a last resort, use the slow shell script. Don't cache a + # value for INSTALL within a source directory, because that will + # break other packages using the cache if that directory is + # removed, or if the value is a relative name. + INSTALL=$ac_install_sh + fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $INSTALL" >&5 +$as_echo "$INSTALL" >&6; } + +# Use test -z because SunOS4 sh mishandles braces in ${var-val}. +# It thinks the first close brace ends the variable substitution. +test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}' + +test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL}' + +test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644' + +# Extract the first word of "wget", so it can be a program name with args. +set dummy wget; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_path_WGET+:} false; then : + $as_echo_n "(cached) " >&6 +else + case $WGET in + [\\/]* | ?:[\\/]*) + ac_cv_path_WGET="$WGET" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_WGET="$as_dir/$ac_word$ac_exec_ext" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + test -z "$ac_cv_path_WGET" && ac_cv_path_WGET="no" + ;; +esac +fi +WGET=$ac_cv_path_WGET +if test -n "$WGET"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $WGET" >&5 +$as_echo "$WGET" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +if test x"${WGET}" == x"no" +then + as_fn_error $? "Unable to find wget, please install wget" "$LINENO" 5 +fi + +# Checks for programs that depend on a feature + +if test "x$vtpm" = "xy"; then : + # Extract the first word of "cmake", so it can be a program name with args. +set dummy cmake; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_path_CMAKE+:} false; then : + $as_echo_n "(cached) " >&6 +else + case $CMAKE in + [\\/]* | ?:[\\/]*) + ac_cv_path_CMAKE="$CMAKE" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_CMAKE="$as_dir/$ac_word$ac_exec_ext" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + test -z "$ac_cv_path_CMAKE" && ac_cv_path_CMAKE="no" + ;; +esac +fi +CMAKE=$ac_cv_path_CMAKE +if test -n "$CMAKE"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CMAKE" >&5 +$as_echo "$CMAKE" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +if test x"${CMAKE}" == x"no" +then + as_fn_error $? "Unable to find cmake, please install cmake" "$LINENO" 5 +fi +else + +if test "x$vtpm" = "xn"; then : + +CMAKE="/cmake-disabled-in-configure-script" + +else + +# Extract the first word of "cmake", so it can be a program name with args. +set dummy cmake; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_path_CMAKE+:} false; then : + $as_echo_n "(cached) " >&6 +else + case $CMAKE in + [\\/]* | ?:[\\/]*) + ac_cv_path_CMAKE="$CMAKE" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_CMAKE="$as_dir/$ac_word$ac_exec_ext" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + test -z "$ac_cv_path_CMAKE" && ac_cv_path_CMAKE="no" + ;; +esac +fi +CMAKE=$ac_cv_path_CMAKE +if test -n "$CMAKE"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CMAKE" >&5 +$as_echo "$CMAKE" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +if test x"${CMAKE}" = "xno"; then : + +vtpm=n +CMAKE="/cmake-disabled-in-configure-script" + +fi + +fi + +fi + + + +# Stubdom libraries version and url setup + + +if test "x$ZLIB_URL" = "x"; then : + + if test "x$extfiles" = "xy"; then : + ZLIB_URL=\$\(XEN_EXTFILES_URL\) +else + ZLIB_URL="http://www.zlib.net" +fi + +fi +ZLIB_VERSION="1.2.3" + + + + + +if test "x$LIBPCI_URL" = "x"; then : + + if test "x$extfiles" = "xy"; then : + LIBPCI_URL=\$\(XEN_EXTFILES_URL\) +else + LIBPCI_URL="http://www.kernel.org/pub/software/utils/pciutils" +fi + +fi +LIBPCI_VERSION="2.2.9" + + + + + +if test "x$NEWLIB_URL" = "x"; then : + + if test "x$extfiles" = "xy"; then : + NEWLIB_URL=\$\(XEN_EXTFILES_URL\) +else + NEWLIB_URL="ftp://sources.redhat.com/pub/newlib" +fi + +fi +NEWLIB_VERSION="1.16.0" + + + + + +if test "x$LWIP_URL" = "x"; then : + + if test "x$extfiles" = "xy"; then : + LWIP_URL=\$\(XEN_EXTFILES_URL\) +else + LWIP_URL="http://download.savannah.gnu.org/releases/lwip" +fi + +fi +LWIP_VERSION="1.3.0" + + + + + +if test "x$GRUB_URL" = "x"; then : + + if test "x$extfiles" = "xy"; then : + GRUB_URL=\$\(XEN_EXTFILES_URL\) +else + GRUB_URL="http://alpha.gnu.org/gnu/grub" +fi + +fi +GRUB_VERSION="0.97" + + + + + +if test "x$OCAML_URL" = "x"; then : + + OCAML_URL="http://caml.inria.fr/pub/distrib/ocaml-3.11" + +fi +OCAML_VERSION="3.11.0" + + + + + +if test "x$GMP_URL" = "x"; then : + + if test "x$extfiles" = "xy"; then : + GMP_URL=\$\(XEN_EXTFILES_URL\) +else + GMP_URL="ftp://ftp.gmplib.org/pub/gmp-4.3.2" +fi + +fi +GMP_VERSION="4.3.2" + + + + + +if test "x$POLARSSL_URL" = "x"; then : + + if test "x$extfiles" = "xy"; then : + POLARSSL_URL=\$\(XEN_EXTFILES_URL\) +else + POLARSSL_URL="http://polarssl.org/code/releases" +fi + +fi +POLARSSL_VERSION="1.1.4" + + + + + +if test "x$TPMEMU_URL" = "x"; then : + + if test "x$extfiles" = "xy"; then : + TPMEMU_URL=\$\(XEN_EXTFILES_URL\) +else + TPMEMU_URL="http://download.berlios.de/tpm-emulator" +fi + +fi +TPMEMU_VERSION="0.7.4" + + + + +#These stubdoms should be enabled if the dependent one is + +if test "x$vtpmmgr" = "x" && test "x$vtpm" = "xn"; then : + +vtpmmgr="n" + +fi + + +#Conditionally enable these stubdoms based on the presense of dependencies + +if test "x$vtpm" = "xy" || test "x$vtpm" = "x"; then : + + +vtpm=y +STUBDOM_TARGETS="$STUBDOM_TARGETS vtpm" +STUBDOM_BUILD="$STUBDOM_BUILD vtpm-stubdom" +STUBDOM_INSTALL="$STUBDOM_INSTALL install-vtpm" + + +else + + +vtpm=n + + +fi + + + +if test "x$vtpmmgr" = "xy" || test "x$vtpmmgr" = "x"; then : + + +vtpmmgr=y +STUBDOM_TARGETS="$STUBDOM_TARGETS vtpmmgr" +STUBDOM_BUILD="$STUBDOM_BUILD vtpmmgr-stubdom" +STUBDOM_INSTALL="$STUBDOM_INSTALL install-vtpmmgr" + + +else + + +vtpmmgr=n + + +fi + + + + + + + +echo "Will build the following stub domains:" +for x in $STUBDOM_BUILD; do + echo " $x" +done + +cat >confcache <<\_ACEOF +# This file is a shell script that caches the results of configure +# tests run on this system so they can be shared between configure +# scripts and configure runs, see configure's option --config-cache. +# It is not useful on other systems. If it contains results you don't +# want to keep, you may remove or edit it. +# +# config.status only pays attention to the cache file if you give it +# the --recheck option to rerun configure. +# +# `ac_cv_env_foo' variables (set or unset) will be overridden when +# loading this file, other *unset* `ac_cv_foo' will be assigned the +# following values. + +_ACEOF + +# The following way of writing the cache mishandles newlines in values, +# but we know of no workaround that is simple, portable, and efficient. +# So, we kill variables containing newlines. +# Ultrix sh set writes to stderr and can't be redirected directly, +# and sets the high bit in the cache file unless we assign to the vars. +( + for ac_var in `(set) 2>&1 | sed -n 's/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'`; do + eval ac_val=\$$ac_var + case $ac_val in #( + *${as_nl}*) + case $ac_var in #( + *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 +$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; + esac + case $ac_var in #( + _ | IFS | as_nl) ;; #( + BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #( + *) { eval $ac_var=; unset $ac_var;} ;; + esac ;; + esac + done + + (set) 2>&1 | + case $as_nl`(ac_space=' '; set) 2>&1` in #( + *${as_nl}ac_space=\ *) + # `set' does not quote correctly, so add quotes: double-quote + # substitution turns \\\\ into \\, and sed turns \\ into \. + sed -n \ + "s/'/'\\\\''/g; + s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\\2'/p" + ;; #( + *) + # `set' quotes correctly as required by POSIX, so do not add quotes. + sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" + ;; + esac | + sort +) | + sed ' + /^ac_cv_env_/b end + t clear + :clear + s/^\([^=]*\)=\(.*[{}].*\)$/test "${\1+set}" = set || &/ + t end + s/^\([^=]*\)=\(.*\)$/\1=${\1=\2}/ + :end' >>confcache +if diff "$cache_file" confcache >/dev/null 2>&1; then :; else + if test -w "$cache_file"; then + if test "x$cache_file" != "x/dev/null"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: updating cache $cache_file" >&5 +$as_echo "$as_me: updating cache $cache_file" >&6;} + if test ! -f "$cache_file" || test -h "$cache_file"; then + cat confcache >"$cache_file" + else + case $cache_file in #( + */* | ?:*) + mv -f confcache "$cache_file"$$ && + mv -f "$cache_file"$$ "$cache_file" ;; #( + *) + mv -f confcache "$cache_file" ;; + esac + fi + fi + else + { $as_echo "$as_me:${as_lineno-$LINENO}: not updating unwritable cache $cache_file" >&5 +$as_echo "$as_me: not updating unwritable cache $cache_file" >&6;} + fi +fi +rm -f confcache + +test "x$prefix" = xNONE && prefix=$ac_default_prefix +# Let make expand exec_prefix. +test "x$exec_prefix" = xNONE && exec_prefix='${prefix}' + +# Transform confdefs.h into DEFS. +# Protect against shell expansion while executing Makefile rules. +# Protect against Makefile macro expansion. +# +# If the first sed substitution is executed (which looks for macros that +# take arguments), then branch to the quote section. Otherwise, +# look for a macro that doesn't take arguments. +ac_script=' +:mline +/\\$/{ + N + s,\\\n,, + b mline +} +t clear +:clear +s/^[ ]*#[ ]*define[ ][ ]*\([^ (][^ (]*([^)]*)\)[ ]*\(.*\)/-D\1=\2/g +t quote +s/^[ ]*#[ ]*define[ ][ ]*\([^ ][^ ]*\)[ ]*\(.*\)/-D\1=\2/g +t quote +b any +:quote +s/[ `~#$^&*(){}\\|;'\''"<>?]/\\&/g +s/\[/\\&/g +s/\]/\\&/g +s/\$/$$/g +H +:any +${ + g + s/^\n// + s/\n/ /g + p +} +' +DEFS=`sed -n "$ac_script" confdefs.h` + + +ac_libobjs= +ac_ltlibobjs= +U= +for ac_i in : $LIBOBJS; do test "x$ac_i" = x: && continue + # 1. Remove the extension, and $U if already installed. + ac_script='s/\$U\././;s/\.o$//;s/\.obj$//' + ac_i=`$as_echo "$ac_i" | sed "$ac_script"` + # 2. Prepend LIBOBJDIR. When used with automake>=1.10 LIBOBJDIR + # will be set to the directory where LIBOBJS objects are built. + as_fn_append ac_libobjs " \${LIBOBJDIR}$ac_i\$U.$ac_objext" + as_fn_append ac_ltlibobjs " \${LIBOBJDIR}$ac_i"'$U.lo' +done +LIBOBJS=$ac_libobjs + +LTLIBOBJS=$ac_ltlibobjs + + + +: "${CONFIG_STATUS=./config.status}" +ac_write_fail=0 +ac_clean_files_save=$ac_clean_files +ac_clean_files="$ac_clean_files $CONFIG_STATUS" +{ $as_echo "$as_me:${as_lineno-$LINENO}: creating $CONFIG_STATUS" >&5 +$as_echo "$as_me: creating $CONFIG_STATUS" >&6;} +as_write_fail=0 +cat >$CONFIG_STATUS <<_ASEOF || as_write_fail=1 +#! $SHELL +# Generated by $as_me. +# Run this file to recreate the current configuration. +# Compiler output produced by configure, useful for debugging +# configure, is in config.log if it exists. + +debug=false +ac_cs_recheck=false +ac_cs_silent=false + +SHELL=\${CONFIG_SHELL-$SHELL} +export SHELL +_ASEOF +cat >>$CONFIG_STATUS <<\_ASEOF || as_write_fail=1 +## -------------------- ## +## M4sh Initialization. ## +## -------------------- ## + +# Be more Bourne compatible +DUALCASE=1; export DUALCASE # for MKS sh +if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : + emulate sh + NULLCMD=: + # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which + # is contrary to our usage. Disable this feature. + alias -g '${1+"$@"}'='"$@"' + setopt NO_GLOB_SUBST +else + case `(set -o) 2>/dev/null` in #( + *posix*) : + set -o posix ;; #( + *) : + ;; +esac +fi + + +as_nl=' +' +export as_nl +# Printing a long string crashes Solaris 7 /usr/bin/printf. +as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo +# Prefer a ksh shell builtin over an external printf program on Solaris, +# but without wasting forks for bash or zsh. +if test -z "$BASH_VERSION$ZSH_VERSION" \ + && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then + as_echo='print -r --' + as_echo_n='print -rn --' +elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then + as_echo='printf %s\n' + as_echo_n='printf %s' +else + if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then + as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"' + as_echo_n='/usr/ucb/echo -n' + else + as_echo_body='eval expr "X$1" : "X\\(.*\\)"' + as_echo_n_body='eval + arg=$1; + case $arg in #( + *"$as_nl"*) + expr "X$arg" : "X\\(.*\\)$as_nl"; + arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;; + esac; + expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl" + ' + export as_echo_n_body + as_echo_n='sh -c $as_echo_n_body as_echo' + fi + export as_echo_body + as_echo='sh -c $as_echo_body as_echo' +fi + +# The user is always right. +if test "${PATH_SEPARATOR+set}" != set; then + PATH_SEPARATOR=: + (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { + (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || + PATH_SEPARATOR=';' + } +fi + + +# IFS +# We need space, tab and new line, in precisely that order. Quoting is +# there to prevent editors from complaining about space-tab. +# (If _AS_PATH_WALK were called with IFS unset, it would disable word +# splitting by setting IFS to empty value.) +IFS=" "" $as_nl" + +# Find who we are. Look in the path if we contain no directory separator. +as_myself= +case $0 in #(( + *[\\/]* ) as_myself=$0 ;; + *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break + done +IFS=$as_save_IFS + + ;; +esac +# We did not find ourselves, most probably we were run as `sh COMMAND' +# in which case we are not to be found in the path. +if test "x$as_myself" = x; then + as_myself=$0 +fi +if test ! -f "$as_myself"; then + $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 + exit 1 +fi + +# Unset variables that we do not need and which cause bugs (e.g. in +# pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1" +# suppresses any "Segmentation fault" message there. '((' could +# trigger a bug in pdksh 5.2.14. +for as_var in BASH_ENV ENV MAIL MAILPATH +do eval test x\${$as_var+set} = xset \ + && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : +done +PS1='$ ' +PS2='> ' +PS4='+ ' + +# NLS nuisances. +LC_ALL=C +export LC_ALL +LANGUAGE=C +export LANGUAGE + +# CDPATH. +(unset CDPATH) >/dev/null 2>&1 && unset CDPATH + + +# as_fn_error STATUS ERROR [LINENO LOG_FD] +# ---------------------------------------- +# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are +# provided, also output the error to LOG_FD, referencing LINENO. Then exit the +# script with STATUS, using 1 if that was 0. +as_fn_error () +{ + as_status=$1; test $as_status -eq 0 && as_status=1 + if test "$4"; then + as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 + fi + $as_echo "$as_me: error: $2" >&2 + as_fn_exit $as_status +} # as_fn_error + + +# as_fn_set_status STATUS +# ----------------------- +# Set $? to STATUS, without forking. +as_fn_set_status () +{ + return $1 +} # as_fn_set_status + +# as_fn_exit STATUS +# ----------------- +# Exit the shell with STATUS, even in a "trap 0" or "set -e" context. +as_fn_exit () +{ + set +e + as_fn_set_status $1 + exit $1 +} # as_fn_exit + +# as_fn_unset VAR +# --------------- +# Portably unset VAR. +as_fn_unset () +{ + { eval $1=; unset $1;} +} +as_unset=as_fn_unset +# as_fn_append VAR VALUE +# ---------------------- +# Append the text in VALUE to the end of the definition contained in VAR. Take +# advantage of any shell optimizations that allow amortized linear growth over +# repeated appends, instead of the typical quadratic growth present in naive +# implementations. +if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then : + eval 'as_fn_append () + { + eval $1+=\$2 + }' +else + as_fn_append () + { + eval $1=\$$1\$2 + } +fi # as_fn_append + +# as_fn_arith ARG... +# ------------------ +# Perform arithmetic evaluation on the ARGs, and store the result in the +# global $as_val. Take advantage of shells that can avoid forks. The arguments +# must be portable across $(()) and expr. +if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then : + eval 'as_fn_arith () + { + as_val=$(( $* )) + }' +else + as_fn_arith () + { + as_val=`expr "$@" || test $? -eq 1` + } +fi # as_fn_arith + + +if expr a : '\(a\)' >/dev/null 2>&1 && + test "X`expr 00001 : '.*\(...\)'`" = X001; then + as_expr=expr +else + as_expr=false +fi + +if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then + as_basename=basename +else + as_basename=false +fi + +if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then + as_dirname=dirname +else + as_dirname=false +fi + +as_me=`$as_basename -- "$0" || +$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ + X"$0" : 'X\(//\)$' \| \ + X"$0" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X/"$0" | + sed '/^.*\/\([^/][^/]*\)\/*$/{ + s//\1/ + q + } + /^X\/\(\/\/\)$/{ + s//\1/ + q + } + /^X\/\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + +# Avoid depending upon Character Ranges. +as_cr_letters='abcdefghijklmnopqrstuvwxyz' +as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' +as_cr_Letters=$as_cr_letters$as_cr_LETTERS +as_cr_digits='0123456789' +as_cr_alnum=$as_cr_Letters$as_cr_digits + +ECHO_C= ECHO_N= ECHO_T= +case `echo -n x` in #((((( +-n*) + case `echo 'xy\c'` in + *c*) ECHO_T=' ';; # ECHO_T is single tab character. + xy) ECHO_C='\c';; + *) echo `echo ksh88 bug on AIX 6.1` > /dev/null + ECHO_T=' ';; + esac;; +*) + ECHO_N='-n';; +esac + +rm -f conf$$ conf$$.exe conf$$.file +if test -d conf$$.dir; then + rm -f conf$$.dir/conf$$.file +else + rm -f conf$$.dir + mkdir conf$$.dir 2>/dev/null +fi +if (echo >conf$$.file) 2>/dev/null; then + if ln -s conf$$.file conf$$ 2>/dev/null; then + as_ln_s='ln -s' + # ... but there are two gotchas: + # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. + # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. + # In both cases, we have to default to `cp -pR'. + ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || + as_ln_s='cp -pR' + elif ln conf$$.file conf$$ 2>/dev/null; then + as_ln_s=ln + else + as_ln_s='cp -pR' + fi +else + as_ln_s='cp -pR' +fi +rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file +rmdir conf$$.dir 2>/dev/null + + +# as_fn_mkdir_p +# ------------- +# Create "$as_dir" as a directory, including parents if necessary. +as_fn_mkdir_p () +{ + + case $as_dir in #( + -*) as_dir=./$as_dir;; + esac + test -d "$as_dir" || eval $as_mkdir_p || { + as_dirs= + while :; do + case $as_dir in #( + *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( + *) as_qdir=$as_dir;; + esac + as_dirs="'$as_qdir' $as_dirs" + as_dir=`$as_dirname -- "$as_dir" || +$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$as_dir" : 'X\(//\)[^/]' \| \ + X"$as_dir" : 'X\(//\)$' \| \ + X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$as_dir" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + test -d "$as_dir" && break + done + test -z "$as_dirs" || eval "mkdir $as_dirs" + } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" + + +} # as_fn_mkdir_p +if mkdir -p . 2>/dev/null; then + as_mkdir_p='mkdir -p "$as_dir"' +else + test -d ./-p && rmdir ./-p + as_mkdir_p=false +fi + + +# as_fn_executable_p FILE +# ----------------------- +# Test if FILE is an executable regular file. +as_fn_executable_p () +{ + test -f "$1" && test -x "$1" +} # as_fn_executable_p +as_test_x='test -x' +as_executable_p=as_fn_executable_p + +# Sed expression to map a string onto a valid CPP name. +as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" + +# Sed expression to map a string onto a valid variable name. +as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" + + +exec 6>&1 +## ----------------------------------- ## +## Main body of $CONFIG_STATUS script. ## +## ----------------------------------- ## +_ASEOF +test $as_write_fail = 0 && chmod +x $CONFIG_STATUS || ac_write_fail=1 + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +# Save the log message, to keep $0 and so on meaningful, and to +# report actual input values of CONFIG_FILES etc. instead of their +# values after options handling. +ac_log=" +This file was extended by Xen Hypervisor Stub Domains $as_me 4.3, which was +generated by GNU Autoconf 2.69. Invocation command line was + + CONFIG_FILES = $CONFIG_FILES + CONFIG_HEADERS = $CONFIG_HEADERS + CONFIG_LINKS = $CONFIG_LINKS + CONFIG_COMMANDS = $CONFIG_COMMANDS + $ $0 $@ + +on `(hostname || uname -n) 2>/dev/null | sed 1q` +" + +_ACEOF + +case $ac_config_files in *" +"*) set x $ac_config_files; shift; ac_config_files=$*;; +esac + + + +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +# Files that config.status was made for. +config_files="$ac_config_files" + +_ACEOF + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +ac_cs_usage="\ +\`$as_me' instantiates files and other configuration actions +from templates according to the current configuration. Unless the files +and actions are specified as TAGs, all are instantiated by default. + +Usage: $0 [OPTION]... [TAG]... + + -h, --help print this help, then exit + -V, --version print version number and configuration settings, then exit + --config print configuration, then exit + -q, --quiet, --silent + do not print progress messages + -d, --debug don't remove temporary files + --recheck update $as_me by reconfiguring in the same conditions + --file=FILE[:TEMPLATE] + instantiate the configuration file FILE + +Configuration files: +$config_files + +Report bugs to . +Xen Hypervisor Stub Domains home page: ." + +_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" +ac_cs_version="\\ +Xen Hypervisor Stub Domains config.status 4.3 +configured by $0, generated by GNU Autoconf 2.69, + with options \\"\$ac_cs_config\\" + +Copyright (C) 2012 Free Software Foundation, Inc. +This config.status script is free software; the Free Software Foundation +gives unlimited permission to copy, distribute and modify it." + +ac_pwd='$ac_pwd' +srcdir='$srcdir' +INSTALL='$INSTALL' +test -n "\$AWK" || AWK=awk +_ACEOF + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +# The default lists apply if the user does not specify any file. +ac_need_defaults=: +while test $# != 0 +do + case $1 in + --*=?*) + ac_option=`expr "X$1" : 'X\([^=]*\)='` + ac_optarg=`expr "X$1" : 'X[^=]*=\(.*\)'` + ac_shift=: + ;; + --*=) + ac_option=`expr "X$1" : 'X\([^=]*\)='` + ac_optarg= + ac_shift=: + ;; + *) + ac_option=$1 + ac_optarg=$2 + ac_shift=shift + ;; + esac + + case $ac_option in + # Handling of the options. + -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r) + ac_cs_recheck=: ;; + --version | --versio | --versi | --vers | --ver | --ve | --v | -V ) + $as_echo "$ac_cs_version"; exit ;; + --config | --confi | --conf | --con | --co | --c ) + $as_echo "$ac_cs_config"; exit ;; + --debug | --debu | --deb | --de | --d | -d ) + debug=: ;; + --file | --fil | --fi | --f ) + $ac_shift + case $ac_optarg in + *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;; + '') as_fn_error $? "missing file argument" ;; + esac + as_fn_append CONFIG_FILES " '$ac_optarg'" + ac_need_defaults=false;; + --he | --h | --help | --hel | -h ) + $as_echo "$ac_cs_usage"; exit ;; + -q | -quiet | --quiet | --quie | --qui | --qu | --q \ + | -silent | --silent | --silen | --sile | --sil | --si | --s) + ac_cs_silent=: ;; + + # This is an error. + -*) as_fn_error $? "unrecognized option: \`$1' +Try \`$0 --help' for more information." ;; + + *) as_fn_append ac_config_targets " $1" + ac_need_defaults=false ;; + + esac + shift +done + +ac_configure_extra_args= + +if $ac_cs_silent; then + exec 6>/dev/null + ac_configure_extra_args="$ac_configure_extra_args --silent" +fi + +_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +if \$ac_cs_recheck; then + set X $SHELL '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion + shift + \$as_echo "running CONFIG_SHELL=$SHELL \$*" >&6 + CONFIG_SHELL='$SHELL' + export CONFIG_SHELL + exec "\$@" +fi + +_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +exec 5>>config.log +{ + echo + sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX +## Running $as_me. ## +_ASBOX + $as_echo "$ac_log" +} >&5 + +_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +_ACEOF + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 + +# Handling of arguments. +for ac_config_target in $ac_config_targets +do + case $ac_config_target in + "../config/Stubdom.mk") CONFIG_FILES="$CONFIG_FILES ../config/Stubdom.mk" ;; + + *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;; + esac +done + + +# If the user did not use the arguments to specify the items to instantiate, +# then the envvar interface is used. Set only those that are not. +# We use the long form for the default assignment because of an extremely +# bizarre bug on SunOS 4.1.3. +if $ac_need_defaults; then + test "${CONFIG_FILES+set}" = set || CONFIG_FILES=$config_files +fi + +# Have a temporary directory for convenience. Make it in the build tree +# simply because there is no reason against having it here, and in addition, +# creating and moving files from /tmp can sometimes cause problems. +# Hook for its removal unless debugging. +# Note that there is a small window in which the directory will not be cleaned: +# after its creation but before its name has been assigned to `$tmp'. +$debug || +{ + tmp= ac_tmp= + trap 'exit_status=$? + : "${ac_tmp:=$tmp}" + { test ! -d "$ac_tmp" || rm -fr "$ac_tmp"; } && exit $exit_status +' 0 + trap 'as_fn_exit 1' 1 2 13 15 +} +# Create a (secure) tmp directory for tmp files. + +{ + tmp=`(umask 077 && mktemp -d "./confXXXXXX") 2>/dev/null` && + test -d "$tmp" +} || +{ + tmp=./conf$$-$RANDOM + (umask 077 && mkdir "$tmp") +} || as_fn_error $? "cannot create a temporary directory in ." "$LINENO" 5 +ac_tmp=$tmp + +# Set up the scripts for CONFIG_FILES section. +# No need to generate them if there are no CONFIG_FILES. +# This happens for instance with `./config.status config.h'. +if test -n "$CONFIG_FILES"; then + + +ac_cr=`echo X | tr X '\015'` +# On cygwin, bash can eat \r inside `` if the user requested igncr. +# But we know of no other shell where ac_cr would be empty at this +# point, so we can use a bashism as a fallback. +if test "x$ac_cr" = x; then + eval ac_cr=\$\'\\r\' +fi +ac_cs_awk_cr=`$AWK 'BEGIN { print "a\rb" }' /dev/null` +if test "$ac_cs_awk_cr" = "a${ac_cr}b"; then + ac_cs_awk_cr='\\r' +else + ac_cs_awk_cr=$ac_cr +fi + +echo 'BEGIN {' >"$ac_tmp/subs1.awk" && +_ACEOF + + +{ + echo "cat >conf$$subs.awk <<_ACEOF" && + echo "$ac_subst_vars" | sed 's/.*/&!$&$ac_delim/' && + echo "_ACEOF" +} >conf$$subs.sh || + as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 +ac_delim_num=`echo "$ac_subst_vars" | grep -c '^'` +ac_delim='%!_!# ' +for ac_last_try in false false false false false :; do + . ./conf$$subs.sh || + as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 + + ac_delim_n=`sed -n "s/.*$ac_delim\$/X/p" conf$$subs.awk | grep -c X` + if test $ac_delim_n = $ac_delim_num; then + break + elif $ac_last_try; then + as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 + else + ac_delim="$ac_delim!$ac_delim _$ac_delim!! " + fi +done +rm -f conf$$subs.sh + +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +cat >>"\$ac_tmp/subs1.awk" <<\\_ACAWK && +_ACEOF +sed -n ' +h +s/^/S["/; s/!.*/"]=/ +p +g +s/^[^!]*!// +:repl +t repl +s/'"$ac_delim"'$// +t delim +:nl +h +s/\(.\{148\}\)..*/\1/ +t more1 +s/["\\]/\\&/g; s/^/"/; s/$/\\n"\\/ +p +n +b repl +:more1 +s/["\\]/\\&/g; s/^/"/; s/$/"\\/ +p +g +s/.\{148\}// +t nl +:delim +h +s/\(.\{148\}\)..*/\1/ +t more2 +s/["\\]/\\&/g; s/^/"/; s/$/"/ +p +b +:more2 +s/["\\]/\\&/g; s/^/"/; s/$/"\\/ +p +g +s/.\{148\}// +t delim +' >$CONFIG_STATUS || ac_write_fail=1 +rm -f conf$$subs.awk +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +_ACAWK +cat >>"\$ac_tmp/subs1.awk" <<_ACAWK && + for (key in S) S_is_set[key] = 1 + FS = "" + +} +{ + line = $ 0 + nfields = split(line, field, "@") + substed = 0 + len = length(field[1]) + for (i = 2; i < nfields; i++) { + key = field[i] + keylen = length(key) + if (S_is_set[key]) { + value = S[key] + line = substr(line, 1, len) "" value "" substr(line, len + keylen + 3) + len += length(value) + length(field[++i]) + substed = 1 + } else + len += 1 + keylen + } + + print line +} + +_ACAWK +_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +if sed "s/$ac_cr//" < /dev/null > /dev/null 2>&1; then + sed "s/$ac_cr\$//; s/$ac_cr/$ac_cs_awk_cr/g" +else + cat +fi < "$ac_tmp/subs1.awk" > "$ac_tmp/subs.awk" \ + || as_fn_error $? "could not setup config files machinery" "$LINENO" 5 +_ACEOF + +# VPATH may cause trouble with some makes, so we remove sole $(srcdir), +# ${srcdir} and @srcdir@ entries from VPATH if srcdir is ".", strip leading and +# trailing colons and then remove the whole line if VPATH becomes empty +# (actually we leave an empty line to preserve line numbers). +if test "x$srcdir" = x.; then + ac_vpsub='/^[ ]*VPATH[ ]*=[ ]*/{ +h +s/// +s/^/:/ +s/[ ]*$/:/ +s/:\$(srcdir):/:/g +s/:\${srcdir}:/:/g +s/:@srcdir@:/:/g +s/^:*// +s/:*$// +x +s/\(=[ ]*\).*/\1/ +G +s/\n// +s/^[^=]*=[ ]*$// +}' +fi + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +fi # test -n "$CONFIG_FILES" + + +eval set X " :F $CONFIG_FILES " +shift +for ac_tag +do + case $ac_tag in + :[FHLC]) ac_mode=$ac_tag; continue;; + esac + case $ac_mode$ac_tag in + :[FHL]*:*);; + :L* | :C*:*) as_fn_error $? "invalid tag \`$ac_tag'" "$LINENO" 5;; + :[FH]-) ac_tag=-:-;; + :[FH]*) ac_tag=$ac_tag:$ac_tag.in;; + esac + ac_save_IFS=$IFS + IFS=: + set x $ac_tag + IFS=$ac_save_IFS + shift + ac_file=$1 + shift + + case $ac_mode in + :L) ac_source=$1;; + :[FH]) + ac_file_inputs= + for ac_f + do + case $ac_f in + -) ac_f="$ac_tmp/stdin";; + *) # Look for the file first in the build tree, then in the source tree + # (if the path is not absolute). The absolute path cannot be DOS-style, + # because $ac_f cannot contain `:'. + test -f "$ac_f" || + case $ac_f in + [\\/$]*) false;; + *) test -f "$srcdir/$ac_f" && ac_f="$srcdir/$ac_f";; + esac || + as_fn_error 1 "cannot find input file: \`$ac_f'" "$LINENO" 5;; + esac + case $ac_f in *\'*) ac_f=`$as_echo "$ac_f" | sed "s/'/'\\\\\\\\''/g"`;; esac + as_fn_append ac_file_inputs " '$ac_f'" + done + + # Let's still pretend it is `configure' which instantiates (i.e., don't + # use $as_me), people would be surprised to read: + # /* config.h. Generated by config.status. */ + configure_input='Generated from '` + $as_echo "$*" | sed 's|^[^:]*/||;s|:[^:]*/|, |g' + `' by configure.' + if test x"$ac_file" != x-; then + configure_input="$ac_file. $configure_input" + { $as_echo "$as_me:${as_lineno-$LINENO}: creating $ac_file" >&5 +$as_echo "$as_me: creating $ac_file" >&6;} + fi + # Neutralize special characters interpreted by sed in replacement strings. + case $configure_input in #( + *\&* | *\|* | *\\* ) + ac_sed_conf_input=`$as_echo "$configure_input" | + sed 's/[\\\\&|]/\\\\&/g'`;; #( + *) ac_sed_conf_input=$configure_input;; + esac + + case $ac_tag in + *:-:* | *:-) cat >"$ac_tmp/stdin" \ + || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;; + esac + ;; + esac + + ac_dir=`$as_dirname -- "$ac_file" || +$as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$ac_file" : 'X\(//\)[^/]' \| \ + X"$ac_file" : 'X\(//\)$' \| \ + X"$ac_file" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$ac_file" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + as_dir="$ac_dir"; as_fn_mkdir_p + ac_builddir=. + +case "$ac_dir" in +.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; +*) + ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'` + # A ".." for each directory in $ac_dir_suffix. + ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` + case $ac_top_builddir_sub in + "") ac_top_builddir_sub=. ac_top_build_prefix= ;; + *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; + esac ;; +esac +ac_abs_top_builddir=$ac_pwd +ac_abs_builddir=$ac_pwd$ac_dir_suffix +# for backward compatibility: +ac_top_builddir=$ac_top_build_prefix + +case $srcdir in + .) # We are building in place. + ac_srcdir=. + ac_top_srcdir=$ac_top_builddir_sub + ac_abs_top_srcdir=$ac_pwd ;; + [\\/]* | ?:[\\/]* ) # Absolute name. + ac_srcdir=$srcdir$ac_dir_suffix; + ac_top_srcdir=$srcdir + ac_abs_top_srcdir=$srcdir ;; + *) # Relative name. + ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix + ac_top_srcdir=$ac_top_build_prefix$srcdir + ac_abs_top_srcdir=$ac_pwd/$srcdir ;; +esac +ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix + + + case $ac_mode in + :F) + # + # CONFIG_FILE + # + + case $INSTALL in + [\\/$]* | ?:[\\/]* ) ac_INSTALL=$INSTALL ;; + *) ac_INSTALL=$ac_top_build_prefix$INSTALL ;; + esac +_ACEOF + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +# If the template does not know about datarootdir, expand it. +# FIXME: This hack should be removed a few years after 2.60. +ac_datarootdir_hack=; ac_datarootdir_seen= +ac_sed_dataroot=' +/datarootdir/ { + p + q +} +/@datadir@/p +/@docdir@/p +/@infodir@/p +/@localedir@/p +/@mandir@/p' +case `eval "sed -n \"\$ac_sed_dataroot\" $ac_file_inputs"` in +*datarootdir*) ac_datarootdir_seen=yes;; +*@datadir@*|*@docdir@*|*@infodir@*|*@localedir@*|*@mandir@*) + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5 +$as_echo "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;} +_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 + ac_datarootdir_hack=' + s&@datadir@&$datadir&g + s&@docdir@&$docdir&g + s&@infodir@&$infodir&g + s&@localedir@&$localedir&g + s&@mandir@&$mandir&g + s&\\\${datarootdir}&$datarootdir&g' ;; +esac +_ACEOF + +# Neutralize VPATH when `$srcdir' = `.'. +# Shell code in configure.ac might set extrasub. +# FIXME: do we really want to maintain this feature? +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +ac_sed_extra="$ac_vpsub +$extrasub +_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +:t +/@[a-zA-Z_][a-zA-Z_0-9]*@/!b +s|@configure_input@|$ac_sed_conf_input|;t t +s&@top_builddir@&$ac_top_builddir_sub&;t t +s&@top_build_prefix@&$ac_top_build_prefix&;t t +s&@srcdir@&$ac_srcdir&;t t +s&@abs_srcdir@&$ac_abs_srcdir&;t t +s&@top_srcdir@&$ac_top_srcdir&;t t +s&@abs_top_srcdir@&$ac_abs_top_srcdir&;t t +s&@builddir@&$ac_builddir&;t t +s&@abs_builddir@&$ac_abs_builddir&;t t +s&@abs_top_builddir@&$ac_abs_top_builddir&;t t +s&@INSTALL@&$ac_INSTALL&;t t +$ac_datarootdir_hack +" +eval sed \"\$ac_sed_extra\" "$ac_file_inputs" | $AWK -f "$ac_tmp/subs.awk" \ + >$ac_tmp/out || as_fn_error $? "could not create $ac_file" "$LINENO" 5 + +test -z "$ac_datarootdir_hack$ac_datarootdir_seen" && + { ac_out=`sed -n '/\${datarootdir}/p' "$ac_tmp/out"`; test -n "$ac_out"; } && + { ac_out=`sed -n '/^[ ]*datarootdir[ ]*:*=/p' \ + "$ac_tmp/out"`; test -z "$ac_out"; } && + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file contains a reference to the variable \`datarootdir' +which seems to be undefined. Please make sure it is defined" >&5 +$as_echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir' +which seems to be undefined. Please make sure it is defined" >&2;} + + rm -f "$ac_tmp/stdin" + case $ac_file in + -) cat "$ac_tmp/out" && rm -f "$ac_tmp/out";; + *) rm -f "$ac_file" && mv "$ac_tmp/out" "$ac_file";; + esac \ + || as_fn_error $? "could not create $ac_file" "$LINENO" 5 + ;; + + + + esac + +done # for ac_tag + + +as_fn_exit 0 +_ACEOF +ac_clean_files=$ac_clean_files_save + +test $ac_write_fail = 0 || + as_fn_error $? "write failure creating $CONFIG_STATUS" "$LINENO" 5 + + +# configure is writing to config.log, and then calls config.status. +# config.status does its own redirection, appending to config.log. +# Unfortunately, on DOS this fails, as config.log is still kept open +# by configure, so config.status won't be able to write to it; its +# output is simply discarded. So we exec the FD to /dev/null, +# effectively closing config.log, so it can be properly (re)opened and +# appended to by config.status. When coming back to configure, we +# need to make the FD available again. +if test "$no_create" != yes; then + ac_cs_success=: + ac_config_status_args= + test "$silent" = yes && + ac_config_status_args="$ac_config_status_args --quiet" + exec 5>/dev/null + $SHELL $CONFIG_STATUS $ac_config_status_args || ac_cs_success=false + exec 5>>config.log + # Use ||, not &&, to avoid exiting from the if with $? = 1, which + # would make configure fail if this is the last instruction. + $ac_cs_success || as_fn_exit 1 +fi +if test -n "$ac_unrecognized_opts" && test "$enable_option_checking" != no; then + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: unrecognized options: $ac_unrecognized_opts" >&5 +$as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2;} +fi + diff -r 712419ef207b -r e1d7053e4d45 stubdom/configure.ac --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/configure.ac Fri Jan 18 10:55:47 2013 +0000 @@ -0,0 +1,61 @@ +# -*- Autoconf -*- +# Process this file with autoconf to produce a configure script. + +AC_PREREQ([2.67]) +AC_INIT([Xen Hypervisor Stub Domains], m4_esyscmd([../version.sh ../xen/Makefile]), + [xen-devel@lists.xen.org], [xen], [http://www.xen.org/]) +AC_CONFIG_SRCDIR([../extras/mini-os/kernel.c]) +AC_CONFIG_FILES([../config/Stubdom.mk]) +AC_PREFIX_DEFAULT([/usr]) +AC_CONFIG_AUX_DIR([../]) + +# M4 Macro includes +m4_include([../m4/stubdom.m4]) +m4_include([../m4/features.m4]) +m4_include([../m4/path_or_fail.m4]) +m4_include([../m4/depends.m4]) + +# Enable/disable stub domains +AX_STUBDOM_DEFAULT_ENABLE([ioemu-stubdom], [ioemu]) +AX_STUBDOM_DEFAULT_DISABLE([c-stubdom], [c]) +AX_STUBDOM_DEFAULT_DISABLE([caml-stubdom], [caml]) +AX_STUBDOM_DEFAULT_ENABLE([pv-grub], [grub]) +AX_STUBDOM_DEFAULT_ENABLE([xenstore-stubdom], [xenstore]) +AX_STUBDOM_CONDITIONAL([vtpm-stubdom], [vtpm]) +AX_STUBDOM_CONDITIONAL([vtpmmgr-stubdom], [vtpmmgr]) + +AX_ARG_DEFAULT_ENABLE([debug], [Disable debug build of stubdom]) +AX_ARG_DEFAULT_ENABLE([extfiles], [Use xen extfiles repository for libraries]) + +AC_ARG_VAR([CMAKE], [Path to the cmake program]) +AC_ARG_VAR([WGET], [Path to wget program]) + +# Checks for programs. +AC_PROG_CC +AC_PROG_MAKE_SET +AC_PROG_INSTALL +AX_PATH_PROG_OR_FAIL([WGET], [wget]) + +# Checks for programs that depend on a feature +AX_DEPENDS_PATH_PROG([vtpm], [CMAKE], [cmake]) + +# Stubdom libraries version and url setup +AX_STUBDOM_LIB([ZLIB], [zlib], [1.2.3], [http://www.zlib.net]) +AX_STUBDOM_LIB([LIBPCI], [libpci], [2.2.9], [http://www.kernel.org/pub/software/utils/pciutils]) +AX_STUBDOM_LIB([NEWLIB], [newlib], [1.16.0], [ftp://sources.redhat.com/pub/newlib]) +AX_STUBDOM_LIB([LWIP], [lwip], [1.3.0], [http://download.savannah.gnu.org/releases/lwip]) +AX_STUBDOM_LIB([GRUB], [grub], [0.97], [http://alpha.gnu.org/gnu/grub]) +AX_STUBDOM_LIB_NOEXT([OCAML], [ocaml], [3.11.0], [http://caml.inria.fr/pub/distrib/ocaml-3.11]) +AX_STUBDOM_LIB([GMP], [libgmp], [4.3.2], [ftp://ftp.gmplib.org/pub/gmp-4.3.2]) +AX_STUBDOM_LIB([POLARSSL], [polarssl], [1.1.4], [http://polarssl.org/code/releases]) +AX_STUBDOM_LIB([TPMEMU], [berlios tpm emulator], [0.7.4], [http://download.berlios.de/tpm-emulator]) + +#These stubdoms should be enabled if the dependent one is +AX_STUBDOM_AUTO_DEPENDS([vtpmmgr], [vtpm]) + +#Conditionally enable these stubdoms based on the presense of dependencies +AX_STUBDOM_CONDITIONAL_FINISH([vtpm-stubdom], [vtpm]) +AX_STUBDOM_CONDITIONAL_FINISH([vtpmmgr-stubdom], [vtpmmgr]) + +AX_STUBDOM_FINISH +AC_OUTPUT() diff -r 712419ef207b -r e1d7053e4d45 stubdom/vtpmmgr/README --- a/stubdom/vtpmmgr/README Fri Jan 18 10:55:46 2013 +0000 +++ b/stubdom/vtpmmgr/README Fri Jan 18 10:55:47 2013 +0000 @@ -4,7 +4,7 @@ November 12 2012 Authors: Matthew Fioravante (JHUAPL), This document describes the operation and command line interface -of vtpmmgrdom. See docs/misc/vtpm.txt for details on the +of vtpmmgr-stubdom. See docs/misc/vtpm.txt for details on the vTPM subsystem as a whole. @@ -12,7 +12,7 @@ vTPM subsystem as a whole. OPERATION ------------------------------ -The vtpmmgrdom implements a vTPM manager who has two major functions: +The vtpmmgr-stubdom implements a vTPM manager who has two major functions: - Securely store encryption keys for each of the vTPMS - Regulate access to the hardware TPM for the entire system diff -r 712419ef207b -r e1d7053e4d45 tools/configure.ac --- a/tools/configure.ac Fri Jan 18 10:55:46 2013 +0000 +++ b/tools/configure.ac Fri Jan 18 10:55:47 2013 +0000 @@ -22,20 +22,20 @@ APPEND_INCLUDES and APPEND_LIB instead w AC_CANONICAL_HOST # M4 Macro includes -m4_include([m4/savevar.m4]) -m4_include([m4/features.m4]) -m4_include([m4/path_or_fail.m4]) -m4_include([m4/python_version.m4]) -m4_include([m4/python_devel.m4]) -m4_include([m4/ocaml.m4]) -m4_include([m4/set_cflags_ldflags.m4]) -m4_include([m4/uuid.m4]) -m4_include([m4/pkg.m4]) -m4_include([m4/curses.m4]) -m4_include([m4/pthread.m4]) -m4_include([m4/ptyfuncs.m4]) -m4_include([m4/extfs.m4]) -m4_include([m4/fetcher.m4]) +m4_include([../m4/savevar.m4]) +m4_include([../m4/features.m4]) +m4_include([../m4/path_or_fail.m4]) +m4_include([../m4/python_version.m4]) +m4_include([../m4/python_devel.m4]) +m4_include([../m4/ocaml.m4]) +m4_include([../m4/set_cflags_ldflags.m4]) +m4_include([../m4/uuid.m4]) +m4_include([../m4/pkg.m4]) +m4_include([../m4/curses.m4]) +m4_include([../m4/pthread.m4]) +m4_include([../m4/ptyfuncs.m4]) +m4_include([../m4/extfs.m4]) +m4_include([../m4/fetcher.m4]) # Enable/disable options AX_ARG_DEFAULT_DISABLE([githttp], [Download GIT repositories via HTTP]) diff -r 712419ef207b -r e1d7053e4d45 tools/m4/curses.m4 --- a/tools/m4/curses.m4 Fri Jan 18 10:55:46 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,20 +0,0 @@ -AC_DEFUN([AX_CHECK_CURSES], [ -AC_CHECK_HEADER([curses.h], [ - AC_CHECK_LIB([curses], [clear], [curses="y"], [curses="n"]) -], [curses="n"]) -AC_CHECK_HEADER([ncurses.h], [ - AC_CHECK_LIB([ncurses], [clear], [ncurses="y"], [ncurses="n"]) -], [ncurses="n"]) -AS_IF([test "$curses" = "n" && test "$ncurses" = "n"], [ - AC_MSG_ERROR([Unable to find a suitable curses library]) -]) -# Prefer ncurses over curses if both are present -AS_IF([test "$ncurses" = "y"], [ - CURSES_LIBS="-lncurses" - AC_DEFINE([INCLUDE_CURSES_H], [], [Define curses header to use]) -], [ - CURSES_LIBS="-lcurses" - AC_DEFINE([INCLUDE_CURSES_H], [], [Define curses header to use]) -]) -AC_SUBST(CURSES_LIBS) -]) diff -r 712419ef207b -r e1d7053e4d45 tools/m4/extfs.m4 --- a/tools/m4/extfs.m4 Fri Jan 18 10:55:46 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,20 +0,0 @@ -AC_DEFUN([AX_CHECK_EXTFS], [ -AC_CHECK_HEADER([ext2fs/ext2fs.h], [ -AC_CHECK_LIB([ext2fs], [ext2fs_open2], [ - AC_DEFINE([INCLUDE_EXTFS_H], [], - [Define extfs header to use]) - EXTFS_LIBS="-lext2fs" -]) -]) -dnl This is a temporary hack for CentOS 5.x, which split the ext4 support -dnl of ext2fs in a different package. Once CentOS 5.x is no longer supported -dnl we can remove this. -AC_CHECK_HEADER([ext4fs/ext2fs.h], [ -AC_CHECK_LIB([ext4fs], [ext2fs_open2], [ - AC_DEFINE([INCLUDE_EXTFS_H], [], - [Define extfs header to use]) - EXTFS_LIBS="-lext4fs" -]) -]) -AC_SUBST(EXTFS_LIBS) -]) diff -r 712419ef207b -r e1d7053e4d45 tools/m4/features.m4 --- a/tools/m4/features.m4 Fri Jan 18 10:55:46 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,21 +0,0 @@ -AC_DEFUN([AX_ARG_DEFAULT_ENABLE], [ -AC_ARG_ENABLE([$1], AS_HELP_STRING([--disable-$1], [$2 (default is ENABLED)])) -AX_PARSE_VALUE([$1], [y]) -]) - -AC_DEFUN([AX_ARG_DEFAULT_DISABLE], [ -AC_ARG_ENABLE([$1], AS_HELP_STRING([--enable-$1], [$2 (default is DISABLED)])) -AX_PARSE_VALUE([$1], [n]) -]) - -dnl This function should not be called outside of this file -AC_DEFUN([AX_PARSE_VALUE], [ -AS_IF([test "x$enable_$1" = "xno"], [ - ax_cv_$1="n" -], [test "x$enable_$1" = "xyes"], [ - ax_cv_$1="y" -], [test -z $ax_cv_$1], [ - ax_cv_$1="$2" -]) -$1=$ax_cv_$1 -AC_SUBST($1)]) diff -r 712419ef207b -r e1d7053e4d45 tools/m4/fetcher.m4 --- a/tools/m4/fetcher.m4 Fri Jan 18 10:55:46 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,14 +0,0 @@ -AC_DEFUN([AX_CHECK_FETCHER], [ -AC_PATH_PROG([WGET],[wget], [no]) -AS_IF([test x"$WGET" != x"no"], [ - FETCHER="$WGET -c -O" -], [ - AC_PATH_PROG([FTP],[ftp], [no]) - AS_IF([test x"$FTP" != x"no"], [ - FETCHER="$FTP -o" - ], [ - AC_MSG_ERROR([cannot find wget or ftp]) - ]) -]) -AC_SUBST(FETCHER) -]) diff -r 712419ef207b -r e1d7053e4d45 tools/m4/ocaml.m4 --- a/tools/m4/ocaml.m4 Fri Jan 18 10:55:46 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,241 +0,0 @@ -dnl autoconf macros for OCaml -dnl from http://forge.ocamlcore.org/ -dnl -dnl Copyright © 2009 Richard W.M. Jones -dnl Copyright © 2009 Stefano Zacchiroli -dnl Copyright © 2000-2005 Olivier Andrieu -dnl Copyright © 2000-2005 Jean-Christophe Filliâtre -dnl Copyright © 2000-2005 Georges Mariano -dnl -dnl For documentation, please read the ocaml.m4 man page. - -AC_DEFUN([AC_PROG_OCAML], -[dnl - # checking for ocamlc - AC_CHECK_TOOL([OCAMLC],[ocamlc],[no]) - - if test "$OCAMLC" != "no"; then - OCAMLVERSION=`$OCAMLC -v | sed -n -e 's|.*version* *\(.*\)$|\1|p'` - AC_MSG_RESULT([OCaml version is $OCAMLVERSION]) - # If OCAMLLIB is set, use it - if test "$OCAMLLIB" = ""; then - OCAMLLIB=`$OCAMLC -where 2>/dev/null || $OCAMLC -v|tail -1|cut -d ' ' -f 4` - else - AC_MSG_RESULT([OCAMLLIB previously set; preserving it.]) - fi - AC_MSG_RESULT([OCaml library path is $OCAMLLIB]) - - AC_SUBST([OCAMLVERSION]) - AC_SUBST([OCAMLLIB]) - - # checking for ocamlopt - AC_CHECK_TOOL([OCAMLOPT],[ocamlopt],[no]) - OCAMLBEST=byte - if test "$OCAMLOPT" = "no"; then - AC_MSG_WARN([Cannot find ocamlopt; bytecode compilation only.]) - else - TMPVERSION=`$OCAMLOPT -v | sed -n -e 's|.*version* *\(.*\)$|\1|p' ` - if test "$TMPVERSION" != "$OCAMLVERSION" ; then - AC_MSG_RESULT([versions differs from ocamlc; ocamlopt discarded.]) - OCAMLOPT=no - else - OCAMLBEST=opt - fi - fi - - AC_SUBST([OCAMLBEST]) - - # checking for ocamlc.opt - AC_CHECK_TOOL([OCAMLCDOTOPT],[ocamlc.opt],[no]) - if test "$OCAMLCDOTOPT" != "no"; then - TMPVERSION=`$OCAMLCDOTOPT -v | sed -n -e 's|.*version* *\(.*\)$|\1|p' ` - if test "$TMPVERSION" != "$OCAMLVERSION" ; then - AC_MSG_RESULT([versions differs from ocamlc; ocamlc.opt discarded.]) - else - OCAMLC=$OCAMLCDOTOPT - fi - fi - - # checking for ocamlopt.opt - if test "$OCAMLOPT" != "no" ; then - AC_CHECK_TOOL([OCAMLOPTDOTOPT],[ocamlopt.opt],[no]) - if test "$OCAMLOPTDOTOPT" != "no"; then - TMPVERSION=`$OCAMLOPTDOTOPT -v | sed -n -e 's|.*version* *\(.*\)$|\1|p' ` - if test "$TMPVERSION" != "$OCAMLVERSION" ; then - AC_MSG_RESULT([version differs from ocamlc; ocamlopt.opt discarded.]) - else - OCAMLOPT=$OCAMLOPTDOTOPT - fi - fi - fi - - AC_SUBST([OCAMLOPT]) - fi - - AC_SUBST([OCAMLC]) - - # checking for ocaml toplevel - AC_CHECK_TOOL([OCAML],[ocaml],[no]) - - # checking for ocamldep - AC_CHECK_TOOL([OCAMLDEP],[ocamldep],[no]) - - # checking for ocamlmktop - AC_CHECK_TOOL([OCAMLMKTOP],[ocamlmktop],[no]) - - # checking for ocamlmklib - AC_CHECK_TOOL([OCAMLMKLIB],[ocamlmklib],[no]) - - # checking for ocamldoc - AC_CHECK_TOOL([OCAMLDOC],[ocamldoc],[no]) - - # checking for ocamlbuild - AC_CHECK_TOOL([OCAMLBUILD],[ocamlbuild],[no]) -]) - - -AC_DEFUN([AC_PROG_OCAMLLEX], -[dnl - # checking for ocamllex - AC_CHECK_TOOL([OCAMLLEX],[ocamllex],[no]) - if test "$OCAMLLEX" != "no"; then - AC_CHECK_TOOL([OCAMLLEXDOTOPT],[ocamllex.opt],[no]) - if test "$OCAMLLEXDOTOPT" != "no"; then - OCAMLLEX=$OCAMLLEXDOTOPT - fi - fi - AC_SUBST([OCAMLLEX]) -]) - -AC_DEFUN([AC_PROG_OCAMLYACC], -[dnl - AC_CHECK_TOOL([OCAMLYACC],[ocamlyacc],[no]) - AC_SUBST([OCAMLYACC]) -]) - - -AC_DEFUN([AC_PROG_CAMLP4], -[dnl - AC_REQUIRE([AC_PROG_OCAML])dnl - - # checking for camlp4 - AC_CHECK_TOOL([CAMLP4],[camlp4],[no]) - if test "$CAMLP4" != "no"; then - TMPVERSION=`$CAMLP4 -v 2>&1| sed -n -e 's|.*version *\(.*\)$|\1|p'` - if test "$TMPVERSION" != "$OCAMLVERSION" ; then - AC_MSG_RESULT([versions differs from ocamlc]) - CAMLP4=no - fi - fi - AC_SUBST([CAMLP4]) - - # checking for companion tools - AC_CHECK_TOOL([CAMLP4BOOT],[camlp4boot],[no]) - AC_CHECK_TOOL([CAMLP4O],[camlp4o],[no]) - AC_CHECK_TOOL([CAMLP4OF],[camlp4of],[no]) - AC_CHECK_TOOL([CAMLP4OOF],[camlp4oof],[no]) - AC_CHECK_TOOL([CAMLP4ORF],[camlp4orf],[no]) - AC_CHECK_TOOL([CAMLP4PROF],[camlp4prof],[no]) - AC_CHECK_TOOL([CAMLP4R],[camlp4r],[no]) - AC_CHECK_TOOL([CAMLP4RF],[camlp4rf],[no]) - AC_SUBST([CAMLP4BOOT]) - AC_SUBST([CAMLP4O]) - AC_SUBST([CAMLP4OF]) - AC_SUBST([CAMLP4OOF]) - AC_SUBST([CAMLP4ORF]) - AC_SUBST([CAMLP4PROF]) - AC_SUBST([CAMLP4R]) - AC_SUBST([CAMLP4RF]) -]) - - -AC_DEFUN([AC_PROG_FINDLIB], -[dnl - AC_REQUIRE([AC_PROG_OCAML])dnl - - # checking for ocamlfind - AC_CHECK_TOOL([OCAMLFIND],[ocamlfind],[no]) - AC_SUBST([OCAMLFIND]) -]) - - -dnl Thanks to Jim Meyering for working this next bit out for us. -dnl XXX We should define AS_TR_SH if it's not defined already -dnl (eg. for old autoconf). -AC_DEFUN([AC_CHECK_OCAML_PKG], -[dnl - AC_REQUIRE([AC_PROG_FINDLIB])dnl - - AC_MSG_CHECKING([for OCaml findlib package $1]) - - unset found - unset pkg - found=no - for pkg in $1 $2 ; do - if $OCAMLFIND query $pkg >/dev/null 2>/dev/null; then - AC_MSG_RESULT([found]) - AS_TR_SH([OCAML_PKG_$1])=$pkg - found=yes - break - fi - done - if test "$found" = "no" ; then - AC_MSG_RESULT([not found]) - AS_TR_SH([OCAML_PKG_$1])=no - fi - - AC_SUBST(AS_TR_SH([OCAML_PKG_$1])) -]) - - -AC_DEFUN([AC_CHECK_OCAML_MODULE], -[dnl - AC_MSG_CHECKING([for OCaml module $2]) - - cat > conftest.ml <&5 2>&5 ; then - found=yes - break - fi - done - - if test "$found" ; then - AC_MSG_RESULT([$$1]) - else - AC_MSG_RESULT([not found]) - $1=no - fi - AC_SUBST([$1]) -]) - - -dnl XXX Cross-compiling -AC_DEFUN([AC_CHECK_OCAML_WORD_SIZE], -[dnl - AC_REQUIRE([AC_PROG_OCAML])dnl - AC_MSG_CHECKING([for OCaml compiler word size]) - cat > conftest.ml < conftest.ml <. -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. -# -# As a special exception to the GNU General Public License, if you -# distribute this file as part of a program that contains a -# configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that program. - -# PKG_PROG_PKG_CONFIG([MIN-VERSION]) -# ---------------------------------- -AC_DEFUN([PKG_PROG_PKG_CONFIG], -[m4_pattern_forbid([^_?PKG_[A-Z_]+$]) -m4_pattern_allow([^PKG_CONFIG(_PATH)?$]) -AC_ARG_VAR([PKG_CONFIG], [path to pkg-config utility]) -AC_ARG_VAR([PKG_CONFIG_PATH], [directories to add to pkg-config's search path]) -AC_ARG_VAR([PKG_CONFIG_LIBDIR], [path overriding pkg-config's built-in search path]) - -if test "x$ac_cv_env_PKG_CONFIG_set" != "xset"; then - AC_PATH_TOOL([PKG_CONFIG], [pkg-config]) -fi -if test -n "$PKG_CONFIG"; then - _pkg_min_version=m4_default([$1], [0.9.0]) - AC_MSG_CHECKING([pkg-config is at least version $_pkg_min_version]) - if $PKG_CONFIG --atleast-pkgconfig-version $_pkg_min_version; then - AC_MSG_RESULT([yes]) - else - AC_MSG_RESULT([no]) - PKG_CONFIG="" - fi -fi[]dnl -])# PKG_PROG_PKG_CONFIG - -# PKG_CHECK_EXISTS(MODULES, [ACTION-IF-FOUND], [ACTION-IF-NOT-FOUND]) -# -# Check to see whether a particular set of modules exists. Similar -# to PKG_CHECK_MODULES(), but does not set variables or print errors. -# -# Please remember that m4 expands AC_REQUIRE([PKG_PROG_PKG_CONFIG]) -# only at the first occurence in configure.ac, so if the first place -# it's called might be skipped (such as if it is within an "if", you -# have to call PKG_CHECK_EXISTS manually -# -------------------------------------------------------------- -AC_DEFUN([PKG_CHECK_EXISTS], -[AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl -if test -n "$PKG_CONFIG" && \ - AC_RUN_LOG([$PKG_CONFIG --exists --print-errors "$1"]); then - m4_default([$2], [:]) -m4_ifvaln([$3], [else - $3])dnl -fi]) - -# _PKG_CONFIG([VARIABLE], [COMMAND], [MODULES]) -# --------------------------------------------- -m4_define([_PKG_CONFIG], -[if test -n "$$1"; then - pkg_cv_[]$1="$$1" - elif test -n "$PKG_CONFIG"; then - PKG_CHECK_EXISTS([$3], - [pkg_cv_[]$1=`$PKG_CONFIG --[]$2 "$3" 2>/dev/null`], - [pkg_failed=yes]) - else - pkg_failed=untried -fi[]dnl -])# _PKG_CONFIG - -# _PKG_SHORT_ERRORS_SUPPORTED -# ----------------------------- -AC_DEFUN([_PKG_SHORT_ERRORS_SUPPORTED], -[AC_REQUIRE([PKG_PROG_PKG_CONFIG]) -if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then - _pkg_short_errors_supported=yes -else - _pkg_short_errors_supported=no -fi[]dnl -])# _PKG_SHORT_ERRORS_SUPPORTED - - -# PKG_CHECK_MODULES(VARIABLE-PREFIX, MODULES, [ACTION-IF-FOUND], -# [ACTION-IF-NOT-FOUND]) -# -# -# Note that if there is a possibility the first call to -# PKG_CHECK_MODULES might not happen, you should be sure to include an -# explicit call to PKG_PROG_PKG_CONFIG in your configure.ac -# -# -# -------------------------------------------------------------- -AC_DEFUN([PKG_CHECK_MODULES], -[AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl -AC_ARG_VAR([$1][_CFLAGS], [C compiler flags for $1, overriding pkg-config])dnl -AC_ARG_VAR([$1][_LIBS], [linker flags for $1, overriding pkg-config])dnl - -pkg_failed=no -AC_MSG_CHECKING([for $1]) - -_PKG_CONFIG([$1][_CFLAGS], [cflags], [$2]) -_PKG_CONFIG([$1][_LIBS], [libs], [$2]) - -m4_define([_PKG_TEXT], [Alternatively, you may set the environment variables $1[]_CFLAGS -and $1[]_LIBS to avoid the need to call pkg-config. -See the pkg-config man page for more details.]) - -if test $pkg_failed = yes; then - AC_MSG_RESULT([no]) - _PKG_SHORT_ERRORS_SUPPORTED - if test $_pkg_short_errors_supported = yes; then - $1[]_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors "$2" 2>&1` - else - $1[]_PKG_ERRORS=`$PKG_CONFIG --print-errors "$2" 2>&1` - fi - # Put the nasty error message in config.log where it belongs - echo "$$1[]_PKG_ERRORS" >&AS_MESSAGE_LOG_FD - - m4_default([$4], [AC_MSG_ERROR( -[Package requirements ($2) were not met: - -$$1_PKG_ERRORS - -Consider adjusting the PKG_CONFIG_PATH environment variable if you -installed software in a non-standard prefix. - -_PKG_TEXT])dnl - ]) -elif test $pkg_failed = untried; then - AC_MSG_RESULT([no]) - m4_default([$4], [AC_MSG_FAILURE( -[The pkg-config script could not be found or is too old. Make sure it -is in your PATH or set the PKG_CONFIG environment variable to the full -path to pkg-config. - -_PKG_TEXT - -To get pkg-config, see .])dnl - ]) -else - $1[]_CFLAGS=$pkg_cv_[]$1[]_CFLAGS - $1[]_LIBS=$pkg_cv_[]$1[]_LIBS - AC_MSG_RESULT([yes]) - $3 -fi[]dnl -])# PKG_CHECK_MODULES diff -r 712419ef207b -r e1d7053e4d45 tools/m4/pthread.m4 --- a/tools/m4/pthread.m4 Fri Jan 18 10:55:46 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,41 +0,0 @@ -# We define, separately, PTHREAD_CFLAGS, _LDFLAGS and _LIBS -# even though currently we don't set them very separately. -# This means that the makefiles will not need to change in -# the future if we make the test more sophisticated. - -AC_DEFUN([AX_PTHREAD_CV2VARS],[ - PTHREAD_CFLAGS="$ax_cv_pthread_flags" - PTHREAD_LDFLAGS="$ax_cv_pthread_flags" - PTHREAD_LIBS="" -]) - -# We invoke AX_PTHREAD_VARS with the name of another macro -# which is then expanded once for each variable. -AC_DEFUN([AX_PTHREAD_VARS],[$1(CFLAGS) $1(LDFLAGS) $1(LIBS)]) - -AC_DEFUN([AX_PTHREAD_VAR_APPLY],[ - $1="$$1 $PTHREAD_$1" -]) -AC_DEFUN([AX_PTHREAD_VAR_SUBST],[AC_SUBST(PTHREAD_$1)]) - -AC_DEFUN([AX_CHECK_PTHREAD],[ - AC_CACHE_CHECK([for pthread flag], [ax_cv_pthread_flags], [ - ax_cv_pthread_flags=-pthread - AX_PTHREAD_CV2VARS - AX_PTHREAD_VARS([AX_SAVEVAR_SAVE]) - AX_PTHREAD_VARS([AX_PTHREAD_VAR_APPLY]) - AC_LINK_IFELSE([AC_LANG_SOURCE([ -#include -int main(void) { - pthread_atfork(0,0,0); - pthread_create(0,0,0,0); -} -])],[],[ax_cv_pthread_flags=failed]) - AX_PTHREAD_VARS([AX_SAVEVAR_RESTORE]) - ]) - if test "x$ax_cv_pthread_flags" = xfailed; then - AC_MSG_ERROR([-pthread does not work]) - fi - AX_PTHREAD_CV2VARS - AX_PTHREAD_VARS([AX_PTHREAD_VAR_SUBST]) -]) diff -r 712419ef207b -r e1d7053e4d45 tools/m4/ptyfuncs.m4 --- a/tools/m4/ptyfuncs.m4 Fri Jan 18 10:55:46 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,35 +0,0 @@ -AC_DEFUN([AX_CHECK_PTYFUNCS], [ - dnl This is a workaround for a bug in Debian package - dnl libbsd-dev-0.3.0-1. Once we no longer support that - dnl package we can remove the addition of -Werror to - dnl CPPFLAGS. - AX_SAVEVAR_SAVE(CPPFLAGS) - CPPFLAGS="$CPPFLAGS -Werror" - AC_CHECK_HEADER([libutil.h],[ - AC_DEFINE([INCLUDE_LIBUTIL_H],[],[libutil header file name]) - ]) - AX_SAVEVAR_RESTORE(CPPFLAGS) - AC_CACHE_CHECK([for openpty et al], [ax_cv_ptyfuncs_libs], [ - for ax_cv_ptyfuncs_libs in -lutil "" NOT_FOUND; do - if test "x$ax_cv_ptyfuncs_libs" = "xNOT_FOUND"; then - AC_MSG_FAILURE([Unable to find library for openpty and login_tty]) - fi - AX_SAVEVAR_SAVE(LIBS) - LIBS="$LIBS $ax_cv_ptyfuncs_libs" - AC_LINK_IFELSE([AC_LANG_SOURCE([ -#ifdef INCLUDE_LIBUTIL_H -#include INCLUDE_LIBUTIL_H -#endif -int main(void) { - openpty(0,0,0,0,0); - login_tty(0); -} -])],[ - break - ],[]) - AX_SAVEVAR_RESTORE(LIBS) - done - ]) - PTYFUNCS_LIBS="$ax_cv_ptyfuncs_libs" - AC_SUBST(PTYFUNCS_LIBS) -]) diff -r 712419ef207b -r e1d7053e4d45 tools/m4/python_devel.m4 --- a/tools/m4/python_devel.m4 Fri Jan 18 10:55:46 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,36 +0,0 @@ -AC_DEFUN([AX_CHECK_PYTHON_DEVEL], [ -ac_previous_cppflags=$CPPFLAGS -ac_previous_ldflags=$LDFLAGS -ac_python_version=`$PYTHON -c 'import distutils.sysconfig; \ - print distutils.sysconfig.get_config_var("VERSION")'` -AC_PATH_PROG([pyconfig], [$PYTHON-config], [no]) -AS_IF([test x"$pyconfig" == x"no"], [ - dnl For those that don't have python-config - CPPFLAGS="$CFLAGS `$PYTHON -c 'import distutils.sysconfig; \ - print "-I" + distutils.sysconfig.get_config_var("INCLUDEPY")'`" - CPPFLAGS="$CPPFLAGS `$PYTHON -c 'import distutils.sysconfig; \ - print distutils.sysconfig.get_config_var("CFLAGS")'`" - LDFLAGS="$LDFLAGS `$PYTHON -c 'import distutils.sysconfig; \ - print distutils.sysconfig.get_config_var("LIBS")'`" - LDFLAGS="$LDFLAGS `$PYTHON -c 'import distutils.sysconfig; \ - print distutils.sysconfig.get_config_var("SYSLIBS")'`" - LDFLAGS="$LDFLAGS `$PYTHON -c 'import distutils.sysconfig; \ - print "-L" + distutils.sysconfig.get_python_lib(plat_specific=1,\ - standard_lib=1) + "/config"'`" - LDFLAGS="$LDFLAGS `$PYTHON -c 'import distutils.sysconfig; \ - print distutils.sysconfig.get_config_var("LINKFORSHARED")'`" - LDFLAGS="$LDFLAGS `$PYTHON -c 'import distutils.sysconfig; \ - print distutils.sysconfig.get_config_var("LDFLAGS")'`" -], [ - dnl If python-config is found use it - CPPFLAGS="$CFLAGS `$PYTHON-config --cflags`" - LDFLAGS="$LDFLAGS `$PYTHON-config --ldflags`" -]) - -AC_CHECK_HEADER([Python.h], [], - [AC_MSG_ERROR([Unable to find Python development headers])],) -AC_CHECK_LIB(python$ac_python_version, PyArg_ParseTuple, [], - [AC_MSG_ERROR([Unable to find a suitable python development library])]) -CPPFLAGS=$ac_previous_cppflags -LDLFAGS=$ac_previous_ldflags -]) diff -r 712419ef207b -r e1d7053e4d45 tools/m4/python_version.m4 --- a/tools/m4/python_version.m4 Fri Jan 18 10:55:46 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,12 +0,0 @@ -AC_DEFUN([AX_CHECK_PYTHON_VERSION], -[AC_MSG_CHECKING([for python version >= $1.$2 ]) -`$PYTHON -c 'import sys; sys.exit(eval("sys.version_info < ($1, $2)"))'` -if test "$?" != "0" -then - python_version=`$PYTHON -V 2>&1` - AC_MSG_RESULT([no]) - AC_MSG_ERROR( - [$python_version is too old, minimum required version is $1.$2]) -else - AC_MSG_RESULT([yes]) -fi]) diff -r 712419ef207b -r e1d7053e4d45 tools/m4/savevar.m4 --- a/tools/m4/savevar.m4 Fri Jan 18 10:55:46 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,6 +0,0 @@ -AC_DEFUN([AX_SAVEVAR_SAVE],[ - saved_$1="$$1" -]) -AC_DEFUN([AX_SAVEVAR_RESTORE],[ - $1="$saved_$1" -]) diff -r 712419ef207b -r e1d7053e4d45 tools/m4/set_cflags_ldflags.m4 --- a/tools/m4/set_cflags_ldflags.m4 Fri Jan 18 10:55:46 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,20 +0,0 @@ -AC_DEFUN([AX_SET_FLAGS], -[for cppflag in $PREPEND_INCLUDES -do - PREPEND_CPPFLAGS="$PREPEND_CPPFLAGS -I$cppflag" -done -for ldflag in $PREPEND_LIB -do - PREPEND_LDFLAGS="$PREPEND_LDFLAGS -L$ldflag" -done -for cppflag in $APPEND_INCLUDES -do - APPEND_CPPFLAGS="$APPEND_CPPFLAGS -I$cppflag" -done -for ldflag in $APPEND_LIB -do - APPEND_LDFLAGS="$APPEND_LDFLAGS -L$ldflag" -done -CPPFLAGS="$PREPEND_CPPFLAGS $CPPFLAGS $APPEND_CPPFLAGS" -LDFLAGS="$PREPEND_LDFLAGS $LDFLAGS $APPEND_LDFLAGS"]) - diff -r 712419ef207b -r e1d7053e4d45 tools/m4/uuid.m4 --- a/tools/m4/uuid.m4 Fri Jan 18 10:55:46 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,9 +0,0 @@ -AC_DEFUN([AX_CHECK_UUID], [ -AC_CHECK_HEADER([uuid/uuid.h],[ - AC_CHECK_LIB([uuid], [uuid_clear], [libuuid="y"]) -]) -AC_CHECK_HEADER([uuid.h],[libuuid="y"]) -AS_IF([test "$libuuid" != "y"], [ - AC_MSG_ERROR([cannot find a valid uuid library]) -]) -]) --===============4009296181241248125== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog --===============4009296181241248125==-- From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:33:27 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:33:27 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvj-0001Fz-3H; Mon, 21 Jan 2013 22:33:27 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvh-0001AU-0D for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:25 +0000 Received: from [193.109.254.147:9942] by server-11.bemta-14.messagelabs.com id 4D/CD-18979-432CDF05; Mon, 21 Jan 2013 22:33:24 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-8.tower-27.messagelabs.com!1358807593!9336375!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG, ML_RADAR_SPEW_LINKS_23,spamassassin: X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 588 invoked from network); 21 Jan 2013 22:33:14 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-8.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:33:14 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvU-0005g1-Uz for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:12 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPvU-0003hs-G9 for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:12 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:11 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] stubdom: Add autoconf X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============4009296181241248125==" Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org --===============4009296181241248125== Content-Type: text/plain # HG changeset patch # User Matthew Fioravante # Date 1358506547 0 # Node ID e1d7053e4d4575d052bd72cb4a44718281bdd35d # Parent 712419ef207b6897e58e6b6474f1054e43d65a3a stubdom: Add autoconf Stub domains now use autoconf to build. This configure script can enable or disable specific domains and also specify custom download locations for stubdom library packages. See ./configure --help for details. C and Caml are disabled by default. vtpm-stubdom is conditional on the presense of cmake. Rename vtpmmgrdom to vtpmmgr-stubdom Also update .*ignore Signed-off-by: Matthew Fioravante Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r 712419ef207b -r e1d7053e4d45 .gitignore --- a/.gitignore Fri Jan 18 10:55:46 2013 +0000 +++ b/.gitignore Fri Jan 18 10:55:47 2013 +0000 @@ -93,7 +93,10 @@ patches/tmp/* pristine-* ref-* tmp-* +stubdom/autom4te.cache stubdom/binutils-* +stubdom/config.log +stubdom/config.status stubdom/cross-root-* stubdom/gcc-* stubdom/include @@ -123,6 +126,7 @@ tools/config.log tools/config.status tools/config.cache config/Tools.mk +config/Stubdom.mk tools/blktap2/daemon/blktapctrl tools/blktap2/drivers/img2qcow tools/blktap2/drivers/lock-util diff -r 712419ef207b -r e1d7053e4d45 .hgignore --- a/.hgignore Fri Jan 18 10:55:46 2013 +0000 +++ b/.hgignore Fri Jan 18 10:55:47 2013 +0000 @@ -89,7 +89,10 @@ ^pristine-.*$ ^ref-.*$ ^tmp-.*$ +^stubdom/autom4te\.cache$ ^stubdom/binutils-.*$ +^stubdom/config\.log$ +^stubdom/config\.status$ ^stubdom/cross-root-.*$ ^stubdom/gcc-.*$ ^stubdom/include$ diff -r 712419ef207b -r e1d7053e4d45 autogen.sh --- a/autogen.sh Fri Jan 18 10:55:46 2013 +0000 +++ b/autogen.sh Fri Jan 18 10:55:47 2013 +0000 @@ -2,3 +2,5 @@ cd tools autoconf autoheader +cd ../stubdom +autoconf diff -r 712419ef207b -r e1d7053e4d45 config/Stubdom.mk.in --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/config/Stubdom.mk.in Fri Jan 18 10:55:47 2013 +0000 @@ -0,0 +1,45 @@ +# Prefix and install folder +prefix := @prefix@ +PREFIX := $(prefix) +exec_prefix := @exec_prefix@ +libdir := @libdir@ +LIBDIR := $(libdir) + +# Path Programs +CMAKE := @CMAKE@ +WGET := @WGET@ -c + +# A debug build of stubdom? //FIXME: Someone make this do something +debug := @debug@ +vtpm = @vtpm@ + +STUBDOM_TARGETS := @STUBDOM_TARGETS@ +STUBDOM_BUILD := @STUBDOM_BUILD@ +STUBDOM_INSTALL := @STUBDOM_INSTALL@ + +ZLIB_VERSION := @ZLIB_VERSION@ +ZLIB_URL := @ZLIB_URL@ + +LIBPCI_VERSION := @LIBPCI_VERSION@ +LIBPCI_URL := @LIBPCI_URL@ + +NEWLIB_VERSION := @NEWLIB_VERSION@ +NEWLIB_URL := @NEWLIB_URL@ + +LWIP_VERSION := @LWIP_VERSION@ +LWIP_URL := @LWIP_URL@ + +GRUB_VERSION := @GRUB_VERSION@ +GRUB_URL := @GRUB_URL@ + +OCAML_VERSION := @OCAML_VERSION@ +OCAML_URL := @OCAML_URL@ + +GMP_VERSION := @GMP_VERSION@ +GMP_URL := @GMP_URL@ + +POLARSSL_VERSION := @POLARSSL_VERSION@ +POLARSSL_URL := @POLARSSL_URL@ + +TPMEMU_VERSION := @TPMEMU_VERSION@ +TPMEMU_URL := @TPMEMU_URL@ diff -r 712419ef207b -r e1d7053e4d45 docs/misc/vtpm.txt --- a/docs/misc/vtpm.txt Fri Jan 18 10:55:46 2013 +0000 +++ b/docs/misc/vtpm.txt Fri Jan 18 10:55:47 2013 +0000 @@ -20,7 +20,7 @@ chain of trust rooted in the hardware TP major component of vTPM is implemented as a separate domain, providing secure separation guaranteed by the hypervisor. The vTPM domains are implemented in mini-os to reduce memory and processor overhead. - + This mini-os vTPM subsystem was built on top of the previous vTPM work done by IBM and Intel corporation. @@ -53,7 +53,7 @@ The architecture of vTPM is described be | mini-os/tpmback | | | ^ | | v | | -| vtpmmgrdom | +| vtpmmgr-stubdom | | | ^ | | v | | | mini-os/tpm_tis | @@ -72,7 +72,7 @@ The architecture of vTPM is described be * mini-os/tpmback: Mini-os TPM backend driver. The Linux frontend driver connects to this backend driver to facilitate communications between the Linux DomU and its vTPM. This - driver is also used by vtpmmgrdom to communicate with + driver is also used by vtpmmgr-stubdom to communicate with vtpm-stubdom. * vtpm-stubdom: A mini-os stub domain that implements a vTPM. There is a @@ -82,20 +82,20 @@ The architecture of vTPM is described be * mini-os/tpmfront: Mini-os TPM frontend driver. The vTPM mini-os domain vtpm-stubdom uses this driver to communicate with - vtpmmgrdom. This driver could also be used separately to + vtpmmgr-stubdom. This driver could also be used separately to implement a mini-os domain that wishes to use a vTPM of its own. - * vtpmmgrdom: A mini-os domain that implements the vTPM manager. + * vtpmmgr-stubdom: A mini-os domain that implements the vTPM manager. There is only one vTPM manager and it should be running during the entire lifetime of the machine. This domain regulates access to the physical TPM on the system and secures the persistent state of each vTPM. * mini-os/tpm_tis: Mini-os TPM version 1.2 TPM Interface Specification (TIS) - driver. This driver used by vtpmmgrdom to talk directly to + driver. This driver used by vtpmmgr-stubdom to talk directly to the hardware TPM. Communication is facilitated by mapping - hardware memory pages into vtpmmgrdom. + hardware memory pages into vtpmmgr-stubdom. * Hardware TPM: The physical TPM that is soldered onto the motherboard. @@ -143,21 +143,21 @@ encrypted data. The image does not requi and can live anywhere on the host disk. The image does not need to be large. 8 to 16 Mb should be sufficient. -# dd if=/dev/zero of=/var/vtpmmgrdom.img bs=16M count=1 +# dd if=/dev/zero of=/var/vtpmmgr-stubdom.img bs=16M count=1 Manager config file: -------------------- -The vTPM Manager domain (vtpmmgrdom) must be started like +The vTPM Manager domain (vtpmmgr-stubdom) must be started like any other Xen virtual machine and requires a config file. The manager requires a disk image for storage and permission to access the hardware memory pages for the TPM. An example configuration looks like the following. -kernel="/usr/lib/xen/boot/vtpmmgrdom.gz" +kernel="/usr/lib/xen/boot/vtpmmgr-stubdom.gz" memory=16 -disk=["file:/var/vtpmmgrdom.img,hda,w"] -name="vtpmmgrdom" +disk=["file:/var/vtpmmgr-stubdom.img,hda,w"] +name="vtpmmgr" iomem=["fed40,5"] The iomem line tells xl to allow access to the TPM @@ -170,7 +170,7 @@ Starting and stopping the manager: The vTPM manager should be started at boot, you may wish to create an init script to do this. -# xl create -c vtpmmgrdom.cfg +# xl create -c vtpmmgr-stubdom.cfg Once initialization is complete you should see the following: INFO[VTPM]: Waiting for commands from vTPM's: @@ -179,7 +179,7 @@ To shutdown the manager you must destroy only destroy the manager when you see the above "Waiting for commands" message. This ensures the disk is in a consistent state. -# xl destroy vtpmmgrdom +# xl destroy vtpmmgr-stubdom ------------------------------ VTPM AND LINUX PVM SETUP @@ -211,10 +211,10 @@ kernel="/usr/lib/xen/boot/vtpm-stubdom.g memory=8 disk=["file:/home/user/domu/vtpm.img,hda,w"] name="domu-vtpm" -vtpm=["backend=vtpmmgrdom,uuid=ac0a5b9e-cbe2-4c07-b43b-1d69e46fb839"] +vtpm=["backend=vtpmmgr,uuid=ac0a5b9e-cbe2-4c07-b43b-1d69e46fb839"] The vtpm= line sets up the tpm frontend driver. The backend must set -to vtpmmgrdom. You are required to generate a uuid for this vtpm. +to vtpmmgr. You are required to generate a uuid for this vtpm. You can use the uuidgen unix program or some other method to create a uuid. The uuid uniquely identifies this vtpm to manager. @@ -273,7 +273,7 @@ The version command should return the fo You should also see the command being sent to the vtpm console as well as the vtpm saving its state. You should see the vtpm key being -encrypted and stored on the vtpmmgrdom console. +encrypted and stored on the vtpmmgr console. To shutdown the guest and its vtpm, you just have to shutdown the guest normally. As soon as the guest vm disconnects, the vtpm will shut itself diff -r 712419ef207b -r e1d7053e4d45 m4/curses.m4 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/m4/curses.m4 Fri Jan 18 10:55:47 2013 +0000 @@ -0,0 +1,20 @@ +AC_DEFUN([AX_CHECK_CURSES], [ +AC_CHECK_HEADER([curses.h], [ + AC_CHECK_LIB([curses], [clear], [curses="y"], [curses="n"]) +], [curses="n"]) +AC_CHECK_HEADER([ncurses.h], [ + AC_CHECK_LIB([ncurses], [clear], [ncurses="y"], [ncurses="n"]) +], [ncurses="n"]) +AS_IF([test "$curses" = "n" && test "$ncurses" = "n"], [ + AC_MSG_ERROR([Unable to find a suitable curses library]) +]) +# Prefer ncurses over curses if both are present +AS_IF([test "$ncurses" = "y"], [ + CURSES_LIBS="-lncurses" + AC_DEFINE([INCLUDE_CURSES_H], [], [Define curses header to use]) +], [ + CURSES_LIBS="-lcurses" + AC_DEFINE([INCLUDE_CURSES_H], [], [Define curses header to use]) +]) +AC_SUBST(CURSES_LIBS) +]) diff -r 712419ef207b -r e1d7053e4d45 m4/depends.m4 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/m4/depends.m4 Fri Jan 18 10:55:47 2013 +0000 @@ -0,0 +1,15 @@ + +AC_DEFUN([AX_DEPENDS_PATH_PROG], [ +AS_IF([test "x$$1" = "xy"], [AX_PATH_PROG_OR_FAIL([$2], [$3])], [ +AS_IF([test "x$$1" = "xn"], [ +$2="/$3-disabled-in-configure-script" +], [ +AC_PATH_PROG([$2], [$3], [no]) +AS_IF([test x"${$2}" = "xno"], [ +$1=n +$2="/$3-disabled-in-configure-script" +]) +]) +]) +AC_SUBST($2) +]) diff -r 712419ef207b -r e1d7053e4d45 m4/extfs.m4 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/m4/extfs.m4 Fri Jan 18 10:55:47 2013 +0000 @@ -0,0 +1,20 @@ +AC_DEFUN([AX_CHECK_EXTFS], [ +AC_CHECK_HEADER([ext2fs/ext2fs.h], [ +AC_CHECK_LIB([ext2fs], [ext2fs_open2], [ + AC_DEFINE([INCLUDE_EXTFS_H], [], + [Define extfs header to use]) + EXTFS_LIBS="-lext2fs" +]) +]) +dnl This is a temporary hack for CentOS 5.x, which split the ext4 support +dnl of ext2fs in a different package. Once CentOS 5.x is no longer supported +dnl we can remove this. +AC_CHECK_HEADER([ext4fs/ext2fs.h], [ +AC_CHECK_LIB([ext4fs], [ext2fs_open2], [ + AC_DEFINE([INCLUDE_EXTFS_H], [], + [Define extfs header to use]) + EXTFS_LIBS="-lext4fs" +]) +]) +AC_SUBST(EXTFS_LIBS) +]) diff -r 712419ef207b -r e1d7053e4d45 m4/features.m4 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/m4/features.m4 Fri Jan 18 10:55:47 2013 +0000 @@ -0,0 +1,21 @@ +AC_DEFUN([AX_ARG_DEFAULT_ENABLE], [ +AC_ARG_ENABLE([$1], AS_HELP_STRING([--disable-$1], [$2 (default is ENABLED)])) +AX_PARSE_VALUE([$1], [y]) +]) + +AC_DEFUN([AX_ARG_DEFAULT_DISABLE], [ +AC_ARG_ENABLE([$1], AS_HELP_STRING([--enable-$1], [$2 (default is DISABLED)])) +AX_PARSE_VALUE([$1], [n]) +]) + +dnl This function should not be called outside of this file +AC_DEFUN([AX_PARSE_VALUE], [ +AS_IF([test "x$enable_$1" = "xno"], [ + ax_cv_$1="n" +], [test "x$enable_$1" = "xyes"], [ + ax_cv_$1="y" +], [test -z $ax_cv_$1], [ + ax_cv_$1="$2" +]) +$1=$ax_cv_$1 +AC_SUBST($1)]) diff -r 712419ef207b -r e1d7053e4d45 m4/fetcher.m4 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/m4/fetcher.m4 Fri Jan 18 10:55:47 2013 +0000 @@ -0,0 +1,14 @@ +AC_DEFUN([AX_CHECK_FETCHER], [ +AC_PATH_PROG([WGET],[wget], [no]) +AS_IF([test x"$WGET" != x"no"], [ + FETCHER="$WGET -c -O" +], [ + AC_PATH_PROG([FTP],[ftp], [no]) + AS_IF([test x"$FTP" != x"no"], [ + FETCHER="$FTP -o" + ], [ + AC_MSG_ERROR([cannot find wget or ftp]) + ]) +]) +AC_SUBST(FETCHER) +]) diff -r 712419ef207b -r e1d7053e4d45 m4/ocaml.m4 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/m4/ocaml.m4 Fri Jan 18 10:55:47 2013 +0000 @@ -0,0 +1,241 @@ +dnl autoconf macros for OCaml +dnl from http://forge.ocamlcore.org/ +dnl +dnl Copyright © 2009 Richard W.M. Jones +dnl Copyright © 2009 Stefano Zacchiroli +dnl Copyright © 2000-2005 Olivier Andrieu +dnl Copyright © 2000-2005 Jean-Christophe Filliâtre +dnl Copyright © 2000-2005 Georges Mariano +dnl +dnl For documentation, please read the ocaml.m4 man page. + +AC_DEFUN([AC_PROG_OCAML], +[dnl + # checking for ocamlc + AC_CHECK_TOOL([OCAMLC],[ocamlc],[no]) + + if test "$OCAMLC" != "no"; then + OCAMLVERSION=`$OCAMLC -v | sed -n -e 's|.*version* *\(.*\)$|\1|p'` + AC_MSG_RESULT([OCaml version is $OCAMLVERSION]) + # If OCAMLLIB is set, use it + if test "$OCAMLLIB" = ""; then + OCAMLLIB=`$OCAMLC -where 2>/dev/null || $OCAMLC -v|tail -1|cut -d ' ' -f 4` + else + AC_MSG_RESULT([OCAMLLIB previously set; preserving it.]) + fi + AC_MSG_RESULT([OCaml library path is $OCAMLLIB]) + + AC_SUBST([OCAMLVERSION]) + AC_SUBST([OCAMLLIB]) + + # checking for ocamlopt + AC_CHECK_TOOL([OCAMLOPT],[ocamlopt],[no]) + OCAMLBEST=byte + if test "$OCAMLOPT" = "no"; then + AC_MSG_WARN([Cannot find ocamlopt; bytecode compilation only.]) + else + TMPVERSION=`$OCAMLOPT -v | sed -n -e 's|.*version* *\(.*\)$|\1|p' ` + if test "$TMPVERSION" != "$OCAMLVERSION" ; then + AC_MSG_RESULT([versions differs from ocamlc; ocamlopt discarded.]) + OCAMLOPT=no + else + OCAMLBEST=opt + fi + fi + + AC_SUBST([OCAMLBEST]) + + # checking for ocamlc.opt + AC_CHECK_TOOL([OCAMLCDOTOPT],[ocamlc.opt],[no]) + if test "$OCAMLCDOTOPT" != "no"; then + TMPVERSION=`$OCAMLCDOTOPT -v | sed -n -e 's|.*version* *\(.*\)$|\1|p' ` + if test "$TMPVERSION" != "$OCAMLVERSION" ; then + AC_MSG_RESULT([versions differs from ocamlc; ocamlc.opt discarded.]) + else + OCAMLC=$OCAMLCDOTOPT + fi + fi + + # checking for ocamlopt.opt + if test "$OCAMLOPT" != "no" ; then + AC_CHECK_TOOL([OCAMLOPTDOTOPT],[ocamlopt.opt],[no]) + if test "$OCAMLOPTDOTOPT" != "no"; then + TMPVERSION=`$OCAMLOPTDOTOPT -v | sed -n -e 's|.*version* *\(.*\)$|\1|p' ` + if test "$TMPVERSION" != "$OCAMLVERSION" ; then + AC_MSG_RESULT([version differs from ocamlc; ocamlopt.opt discarded.]) + else + OCAMLOPT=$OCAMLOPTDOTOPT + fi + fi + fi + + AC_SUBST([OCAMLOPT]) + fi + + AC_SUBST([OCAMLC]) + + # checking for ocaml toplevel + AC_CHECK_TOOL([OCAML],[ocaml],[no]) + + # checking for ocamldep + AC_CHECK_TOOL([OCAMLDEP],[ocamldep],[no]) + + # checking for ocamlmktop + AC_CHECK_TOOL([OCAMLMKTOP],[ocamlmktop],[no]) + + # checking for ocamlmklib + AC_CHECK_TOOL([OCAMLMKLIB],[ocamlmklib],[no]) + + # checking for ocamldoc + AC_CHECK_TOOL([OCAMLDOC],[ocamldoc],[no]) + + # checking for ocamlbuild + AC_CHECK_TOOL([OCAMLBUILD],[ocamlbuild],[no]) +]) + + +AC_DEFUN([AC_PROG_OCAMLLEX], +[dnl + # checking for ocamllex + AC_CHECK_TOOL([OCAMLLEX],[ocamllex],[no]) + if test "$OCAMLLEX" != "no"; then + AC_CHECK_TOOL([OCAMLLEXDOTOPT],[ocamllex.opt],[no]) + if test "$OCAMLLEXDOTOPT" != "no"; then + OCAMLLEX=$OCAMLLEXDOTOPT + fi + fi + AC_SUBST([OCAMLLEX]) +]) + +AC_DEFUN([AC_PROG_OCAMLYACC], +[dnl + AC_CHECK_TOOL([OCAMLYACC],[ocamlyacc],[no]) + AC_SUBST([OCAMLYACC]) +]) + + +AC_DEFUN([AC_PROG_CAMLP4], +[dnl + AC_REQUIRE([AC_PROG_OCAML])dnl + + # checking for camlp4 + AC_CHECK_TOOL([CAMLP4],[camlp4],[no]) + if test "$CAMLP4" != "no"; then + TMPVERSION=`$CAMLP4 -v 2>&1| sed -n -e 's|.*version *\(.*\)$|\1|p'` + if test "$TMPVERSION" != "$OCAMLVERSION" ; then + AC_MSG_RESULT([versions differs from ocamlc]) + CAMLP4=no + fi + fi + AC_SUBST([CAMLP4]) + + # checking for companion tools + AC_CHECK_TOOL([CAMLP4BOOT],[camlp4boot],[no]) + AC_CHECK_TOOL([CAMLP4O],[camlp4o],[no]) + AC_CHECK_TOOL([CAMLP4OF],[camlp4of],[no]) + AC_CHECK_TOOL([CAMLP4OOF],[camlp4oof],[no]) + AC_CHECK_TOOL([CAMLP4ORF],[camlp4orf],[no]) + AC_CHECK_TOOL([CAMLP4PROF],[camlp4prof],[no]) + AC_CHECK_TOOL([CAMLP4R],[camlp4r],[no]) + AC_CHECK_TOOL([CAMLP4RF],[camlp4rf],[no]) + AC_SUBST([CAMLP4BOOT]) + AC_SUBST([CAMLP4O]) + AC_SUBST([CAMLP4OF]) + AC_SUBST([CAMLP4OOF]) + AC_SUBST([CAMLP4ORF]) + AC_SUBST([CAMLP4PROF]) + AC_SUBST([CAMLP4R]) + AC_SUBST([CAMLP4RF]) +]) + + +AC_DEFUN([AC_PROG_FINDLIB], +[dnl + AC_REQUIRE([AC_PROG_OCAML])dnl + + # checking for ocamlfind + AC_CHECK_TOOL([OCAMLFIND],[ocamlfind],[no]) + AC_SUBST([OCAMLFIND]) +]) + + +dnl Thanks to Jim Meyering for working this next bit out for us. +dnl XXX We should define AS_TR_SH if it's not defined already +dnl (eg. for old autoconf). +AC_DEFUN([AC_CHECK_OCAML_PKG], +[dnl + AC_REQUIRE([AC_PROG_FINDLIB])dnl + + AC_MSG_CHECKING([for OCaml findlib package $1]) + + unset found + unset pkg + found=no + for pkg in $1 $2 ; do + if $OCAMLFIND query $pkg >/dev/null 2>/dev/null; then + AC_MSG_RESULT([found]) + AS_TR_SH([OCAML_PKG_$1])=$pkg + found=yes + break + fi + done + if test "$found" = "no" ; then + AC_MSG_RESULT([not found]) + AS_TR_SH([OCAML_PKG_$1])=no + fi + + AC_SUBST(AS_TR_SH([OCAML_PKG_$1])) +]) + + +AC_DEFUN([AC_CHECK_OCAML_MODULE], +[dnl + AC_MSG_CHECKING([for OCaml module $2]) + + cat > conftest.ml <&5 2>&5 ; then + found=yes + break + fi + done + + if test "$found" ; then + AC_MSG_RESULT([$$1]) + else + AC_MSG_RESULT([not found]) + $1=no + fi + AC_SUBST([$1]) +]) + + +dnl XXX Cross-compiling +AC_DEFUN([AC_CHECK_OCAML_WORD_SIZE], +[dnl + AC_REQUIRE([AC_PROG_OCAML])dnl + AC_MSG_CHECKING([for OCaml compiler word size]) + cat > conftest.ml < conftest.ml <. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +# +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that program. + +# PKG_PROG_PKG_CONFIG([MIN-VERSION]) +# ---------------------------------- +AC_DEFUN([PKG_PROG_PKG_CONFIG], +[m4_pattern_forbid([^_?PKG_[A-Z_]+$]) +m4_pattern_allow([^PKG_CONFIG(_PATH)?$]) +AC_ARG_VAR([PKG_CONFIG], [path to pkg-config utility]) +AC_ARG_VAR([PKG_CONFIG_PATH], [directories to add to pkg-config's search path]) +AC_ARG_VAR([PKG_CONFIG_LIBDIR], [path overriding pkg-config's built-in search path]) + +if test "x$ac_cv_env_PKG_CONFIG_set" != "xset"; then + AC_PATH_TOOL([PKG_CONFIG], [pkg-config]) +fi +if test -n "$PKG_CONFIG"; then + _pkg_min_version=m4_default([$1], [0.9.0]) + AC_MSG_CHECKING([pkg-config is at least version $_pkg_min_version]) + if $PKG_CONFIG --atleast-pkgconfig-version $_pkg_min_version; then + AC_MSG_RESULT([yes]) + else + AC_MSG_RESULT([no]) + PKG_CONFIG="" + fi +fi[]dnl +])# PKG_PROG_PKG_CONFIG + +# PKG_CHECK_EXISTS(MODULES, [ACTION-IF-FOUND], [ACTION-IF-NOT-FOUND]) +# +# Check to see whether a particular set of modules exists. Similar +# to PKG_CHECK_MODULES(), but does not set variables or print errors. +# +# Please remember that m4 expands AC_REQUIRE([PKG_PROG_PKG_CONFIG]) +# only at the first occurence in configure.ac, so if the first place +# it's called might be skipped (such as if it is within an "if", you +# have to call PKG_CHECK_EXISTS manually +# -------------------------------------------------------------- +AC_DEFUN([PKG_CHECK_EXISTS], +[AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl +if test -n "$PKG_CONFIG" && \ + AC_RUN_LOG([$PKG_CONFIG --exists --print-errors "$1"]); then + m4_default([$2], [:]) +m4_ifvaln([$3], [else + $3])dnl +fi]) + +# _PKG_CONFIG([VARIABLE], [COMMAND], [MODULES]) +# --------------------------------------------- +m4_define([_PKG_CONFIG], +[if test -n "$$1"; then + pkg_cv_[]$1="$$1" + elif test -n "$PKG_CONFIG"; then + PKG_CHECK_EXISTS([$3], + [pkg_cv_[]$1=`$PKG_CONFIG --[]$2 "$3" 2>/dev/null`], + [pkg_failed=yes]) + else + pkg_failed=untried +fi[]dnl +])# _PKG_CONFIG + +# _PKG_SHORT_ERRORS_SUPPORTED +# ----------------------------- +AC_DEFUN([_PKG_SHORT_ERRORS_SUPPORTED], +[AC_REQUIRE([PKG_PROG_PKG_CONFIG]) +if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then + _pkg_short_errors_supported=yes +else + _pkg_short_errors_supported=no +fi[]dnl +])# _PKG_SHORT_ERRORS_SUPPORTED + + +# PKG_CHECK_MODULES(VARIABLE-PREFIX, MODULES, [ACTION-IF-FOUND], +# [ACTION-IF-NOT-FOUND]) +# +# +# Note that if there is a possibility the first call to +# PKG_CHECK_MODULES might not happen, you should be sure to include an +# explicit call to PKG_PROG_PKG_CONFIG in your configure.ac +# +# +# -------------------------------------------------------------- +AC_DEFUN([PKG_CHECK_MODULES], +[AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl +AC_ARG_VAR([$1][_CFLAGS], [C compiler flags for $1, overriding pkg-config])dnl +AC_ARG_VAR([$1][_LIBS], [linker flags for $1, overriding pkg-config])dnl + +pkg_failed=no +AC_MSG_CHECKING([for $1]) + +_PKG_CONFIG([$1][_CFLAGS], [cflags], [$2]) +_PKG_CONFIG([$1][_LIBS], [libs], [$2]) + +m4_define([_PKG_TEXT], [Alternatively, you may set the environment variables $1[]_CFLAGS +and $1[]_LIBS to avoid the need to call pkg-config. +See the pkg-config man page for more details.]) + +if test $pkg_failed = yes; then + AC_MSG_RESULT([no]) + _PKG_SHORT_ERRORS_SUPPORTED + if test $_pkg_short_errors_supported = yes; then + $1[]_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors "$2" 2>&1` + else + $1[]_PKG_ERRORS=`$PKG_CONFIG --print-errors "$2" 2>&1` + fi + # Put the nasty error message in config.log where it belongs + echo "$$1[]_PKG_ERRORS" >&AS_MESSAGE_LOG_FD + + m4_default([$4], [AC_MSG_ERROR( +[Package requirements ($2) were not met: + +$$1_PKG_ERRORS + +Consider adjusting the PKG_CONFIG_PATH environment variable if you +installed software in a non-standard prefix. + +_PKG_TEXT])dnl + ]) +elif test $pkg_failed = untried; then + AC_MSG_RESULT([no]) + m4_default([$4], [AC_MSG_FAILURE( +[The pkg-config script could not be found or is too old. Make sure it +is in your PATH or set the PKG_CONFIG environment variable to the full +path to pkg-config. + +_PKG_TEXT + +To get pkg-config, see .])dnl + ]) +else + $1[]_CFLAGS=$pkg_cv_[]$1[]_CFLAGS + $1[]_LIBS=$pkg_cv_[]$1[]_LIBS + AC_MSG_RESULT([yes]) + $3 +fi[]dnl +])# PKG_CHECK_MODULES diff -r 712419ef207b -r e1d7053e4d45 m4/pthread.m4 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/m4/pthread.m4 Fri Jan 18 10:55:47 2013 +0000 @@ -0,0 +1,41 @@ +# We define, separately, PTHREAD_CFLAGS, _LDFLAGS and _LIBS +# even though currently we don't set them very separately. +# This means that the makefiles will not need to change in +# the future if we make the test more sophisticated. + +AC_DEFUN([AX_PTHREAD_CV2VARS],[ + PTHREAD_CFLAGS="$ax_cv_pthread_flags" + PTHREAD_LDFLAGS="$ax_cv_pthread_flags" + PTHREAD_LIBS="" +]) + +# We invoke AX_PTHREAD_VARS with the name of another macro +# which is then expanded once for each variable. +AC_DEFUN([AX_PTHREAD_VARS],[$1(CFLAGS) $1(LDFLAGS) $1(LIBS)]) + +AC_DEFUN([AX_PTHREAD_VAR_APPLY],[ + $1="$$1 $PTHREAD_$1" +]) +AC_DEFUN([AX_PTHREAD_VAR_SUBST],[AC_SUBST(PTHREAD_$1)]) + +AC_DEFUN([AX_CHECK_PTHREAD],[ + AC_CACHE_CHECK([for pthread flag], [ax_cv_pthread_flags], [ + ax_cv_pthread_flags=-pthread + AX_PTHREAD_CV2VARS + AX_PTHREAD_VARS([AX_SAVEVAR_SAVE]) + AX_PTHREAD_VARS([AX_PTHREAD_VAR_APPLY]) + AC_LINK_IFELSE([AC_LANG_SOURCE([ +#include +int main(void) { + pthread_atfork(0,0,0); + pthread_create(0,0,0,0); +} +])],[],[ax_cv_pthread_flags=failed]) + AX_PTHREAD_VARS([AX_SAVEVAR_RESTORE]) + ]) + if test "x$ax_cv_pthread_flags" = xfailed; then + AC_MSG_ERROR([-pthread does not work]) + fi + AX_PTHREAD_CV2VARS + AX_PTHREAD_VARS([AX_PTHREAD_VAR_SUBST]) +]) diff -r 712419ef207b -r e1d7053e4d45 m4/ptyfuncs.m4 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/m4/ptyfuncs.m4 Fri Jan 18 10:55:47 2013 +0000 @@ -0,0 +1,35 @@ +AC_DEFUN([AX_CHECK_PTYFUNCS], [ + dnl This is a workaround for a bug in Debian package + dnl libbsd-dev-0.3.0-1. Once we no longer support that + dnl package we can remove the addition of -Werror to + dnl CPPFLAGS. + AX_SAVEVAR_SAVE(CPPFLAGS) + CPPFLAGS="$CPPFLAGS -Werror" + AC_CHECK_HEADER([libutil.h],[ + AC_DEFINE([INCLUDE_LIBUTIL_H],[],[libutil header file name]) + ]) + AX_SAVEVAR_RESTORE(CPPFLAGS) + AC_CACHE_CHECK([for openpty et al], [ax_cv_ptyfuncs_libs], [ + for ax_cv_ptyfuncs_libs in -lutil "" NOT_FOUND; do + if test "x$ax_cv_ptyfuncs_libs" = "xNOT_FOUND"; then + AC_MSG_FAILURE([Unable to find library for openpty and login_tty]) + fi + AX_SAVEVAR_SAVE(LIBS) + LIBS="$LIBS $ax_cv_ptyfuncs_libs" + AC_LINK_IFELSE([AC_LANG_SOURCE([ +#ifdef INCLUDE_LIBUTIL_H +#include INCLUDE_LIBUTIL_H +#endif +int main(void) { + openpty(0,0,0,0,0); + login_tty(0); +} +])],[ + break + ],[]) + AX_SAVEVAR_RESTORE(LIBS) + done + ]) + PTYFUNCS_LIBS="$ax_cv_ptyfuncs_libs" + AC_SUBST(PTYFUNCS_LIBS) +]) diff -r 712419ef207b -r e1d7053e4d45 m4/python_devel.m4 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/m4/python_devel.m4 Fri Jan 18 10:55:47 2013 +0000 @@ -0,0 +1,36 @@ +AC_DEFUN([AX_CHECK_PYTHON_DEVEL], [ +ac_previous_cppflags=$CPPFLAGS +ac_previous_ldflags=$LDFLAGS +ac_python_version=`$PYTHON -c 'import distutils.sysconfig; \ + print distutils.sysconfig.get_config_var("VERSION")'` +AC_PATH_PROG([pyconfig], [$PYTHON-config], [no]) +AS_IF([test x"$pyconfig" == x"no"], [ + dnl For those that don't have python-config + CPPFLAGS="$CFLAGS `$PYTHON -c 'import distutils.sysconfig; \ + print "-I" + distutils.sysconfig.get_config_var("INCLUDEPY")'`" + CPPFLAGS="$CPPFLAGS `$PYTHON -c 'import distutils.sysconfig; \ + print distutils.sysconfig.get_config_var("CFLAGS")'`" + LDFLAGS="$LDFLAGS `$PYTHON -c 'import distutils.sysconfig; \ + print distutils.sysconfig.get_config_var("LIBS")'`" + LDFLAGS="$LDFLAGS `$PYTHON -c 'import distutils.sysconfig; \ + print distutils.sysconfig.get_config_var("SYSLIBS")'`" + LDFLAGS="$LDFLAGS `$PYTHON -c 'import distutils.sysconfig; \ + print "-L" + distutils.sysconfig.get_python_lib(plat_specific=1,\ + standard_lib=1) + "/config"'`" + LDFLAGS="$LDFLAGS `$PYTHON -c 'import distutils.sysconfig; \ + print distutils.sysconfig.get_config_var("LINKFORSHARED")'`" + LDFLAGS="$LDFLAGS `$PYTHON -c 'import distutils.sysconfig; \ + print distutils.sysconfig.get_config_var("LDFLAGS")'`" +], [ + dnl If python-config is found use it + CPPFLAGS="$CFLAGS `$PYTHON-config --cflags`" + LDFLAGS="$LDFLAGS `$PYTHON-config --ldflags`" +]) + +AC_CHECK_HEADER([Python.h], [], + [AC_MSG_ERROR([Unable to find Python development headers])],) +AC_CHECK_LIB(python$ac_python_version, PyArg_ParseTuple, [], + [AC_MSG_ERROR([Unable to find a suitable python development library])]) +CPPFLAGS=$ac_previous_cppflags +LDLFAGS=$ac_previous_ldflags +]) diff -r 712419ef207b -r e1d7053e4d45 m4/python_version.m4 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/m4/python_version.m4 Fri Jan 18 10:55:47 2013 +0000 @@ -0,0 +1,12 @@ +AC_DEFUN([AX_CHECK_PYTHON_VERSION], +[AC_MSG_CHECKING([for python version >= $1.$2 ]) +`$PYTHON -c 'import sys; sys.exit(eval("sys.version_info < ($1, $2)"))'` +if test "$?" != "0" +then + python_version=`$PYTHON -V 2>&1` + AC_MSG_RESULT([no]) + AC_MSG_ERROR( + [$python_version is too old, minimum required version is $1.$2]) +else + AC_MSG_RESULT([yes]) +fi]) diff -r 712419ef207b -r e1d7053e4d45 m4/savevar.m4 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/m4/savevar.m4 Fri Jan 18 10:55:47 2013 +0000 @@ -0,0 +1,6 @@ +AC_DEFUN([AX_SAVEVAR_SAVE],[ + saved_$1="$$1" +]) +AC_DEFUN([AX_SAVEVAR_RESTORE],[ + $1="$saved_$1" +]) diff -r 712419ef207b -r e1d7053e4d45 m4/set_cflags_ldflags.m4 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/m4/set_cflags_ldflags.m4 Fri Jan 18 10:55:47 2013 +0000 @@ -0,0 +1,20 @@ +AC_DEFUN([AX_SET_FLAGS], +[for cppflag in $PREPEND_INCLUDES +do + PREPEND_CPPFLAGS="$PREPEND_CPPFLAGS -I$cppflag" +done +for ldflag in $PREPEND_LIB +do + PREPEND_LDFLAGS="$PREPEND_LDFLAGS -L$ldflag" +done +for cppflag in $APPEND_INCLUDES +do + APPEND_CPPFLAGS="$APPEND_CPPFLAGS -I$cppflag" +done +for ldflag in $APPEND_LIB +do + APPEND_LDFLAGS="$APPEND_LDFLAGS -L$ldflag" +done +CPPFLAGS="$PREPEND_CPPFLAGS $CPPFLAGS $APPEND_CPPFLAGS" +LDFLAGS="$PREPEND_LDFLAGS $LDFLAGS $APPEND_LDFLAGS"]) + diff -r 712419ef207b -r e1d7053e4d45 m4/stubdom.m4 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/m4/stubdom.m4 Fri Jan 18 10:55:47 2013 +0000 @@ -0,0 +1,96 @@ +AC_DEFUN([AX_STUBDOM_DEFAULT_ENABLE], [ +AC_ARG_ENABLE([$1], +AS_HELP_STRING([--disable-$1], [Build and install $1 (default is ENABLED)]),[ +AX_STUBDOM_INTERNAL([$1], [$2]) +],[ +AX_ENABLE_STUBDOM([$1], [$2]) +]) +AC_SUBST([$2]) +]) + +AC_DEFUN([AX_STUBDOM_DEFAULT_DISABLE], [ +AC_ARG_ENABLE([$1], +AS_HELP_STRING([--enable-$1], [Build and install $1 (default is DISABLED)]),[ +AX_STUBDOM_INTERNAL([$1], [$2]) +],[ +AX_DISABLE_STUBDOM([$1], [$2]) +]) +AC_SUBST([$2]) +]) + +AC_DEFUN([AX_STUBDOM_CONDITIONAL], [ +AC_ARG_ENABLE([$1], +AS_HELP_STRING([--enable-$1], [Build and install $1]),[ +AX_STUBDOM_INTERNAL([$1], [$2]) +]) +]) + +AC_DEFUN([AX_STUBDOM_CONDITIONAL_FINISH], [ +AS_IF([test "x$$2" = "xy" || test "x$$2" = "x"], [ +AX_ENABLE_STUBDOM([$1],[$2]) +],[ +AX_DISABLE_STUBDOM([$1],[$2]) +]) +AC_SUBST([$2]) +]) + +AC_DEFUN([AX_STUBDOM_AUTO_DEPENDS], [ +AS_IF([test "x$$1" = "x" && test "x$$2" = "xn"], [ +$1="n" +]) +]) + + +AC_DEFUN([AX_ENABLE_STUBDOM], [ +$2=y +STUBDOM_TARGETS="$STUBDOM_TARGETS $2" +STUBDOM_BUILD="$STUBDOM_BUILD $1" +STUBDOM_INSTALL="$STUBDOM_INSTALL install-$2" +]) + +AC_DEFUN([AX_DISABLE_STUBDOM], [ +$2=n +]) + +dnl Don't call this outside of this file +AC_DEFUN([AX_STUBDOM_INTERNAL], [ +AS_IF([test "x$enableval" = "xyes"], [ +AX_ENABLE_STUBDOM([$1], [$2]) +],[ +AS_IF([test "x$enableval" = "xno"],[ +AX_DISABLE_STUBDOM([$1], [$2]) +]) +]) +]) + +AC_DEFUN([AX_STUBDOM_FINISH], [ +AC_SUBST(STUBDOM_TARGETS) +AC_SUBST(STUBDOM_BUILD) +AC_SUBST(STUBDOM_INSTALL) +echo "Will build the following stub domains:" +for x in $STUBDOM_BUILD; do + echo " $x" +done +]) + +AC_DEFUN([AX_STUBDOM_LIB], [ +AC_ARG_VAR([$1_URL], [Download url for $2]) +AS_IF([test "x$$1_URL" = "x"], [ + AS_IF([test "x$extfiles" = "xy"], + [$1_URL=\@S|@\@{:@XEN_EXTFILES_URL\@:}@], + [$1_URL="$4"]) + ]) +$1_VERSION="$3" +AC_SUBST($1_URL) +AC_SUBST($1_VERSION) +]) + +AC_DEFUN([AX_STUBDOM_LIB_NOEXT], [ +AC_ARG_VAR([$1_URL], [Download url for $2]) +AS_IF([test "x$$1_URL" = "x"], [ + $1_URL="$4" + ]) +$1_VERSION="$3" +AC_SUBST($1_URL) +AC_SUBST($1_VERSION) +]) diff -r 712419ef207b -r e1d7053e4d45 m4/uuid.m4 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/m4/uuid.m4 Fri Jan 18 10:55:47 2013 +0000 @@ -0,0 +1,9 @@ +AC_DEFUN([AX_CHECK_UUID], [ +AC_CHECK_HEADER([uuid/uuid.h],[ + AC_CHECK_LIB([uuid], [uuid_clear], [libuuid="y"]) +]) +AC_CHECK_HEADER([uuid.h],[libuuid="y"]) +AS_IF([test "$libuuid" != "y"], [ + AC_MSG_ERROR([cannot find a valid uuid library]) +]) +]) diff -r 712419ef207b -r e1d7053e4d45 stubdom/Makefile --- a/stubdom/Makefile Fri Jan 18 10:55:46 2013 +0000 +++ b/stubdom/Makefile Fri Jan 18 10:55:47 2013 +0000 @@ -6,44 +6,7 @@ export XEN_OS=MiniOS export stubdom=y export debug=y include $(XEN_ROOT)/Config.mk - -#ZLIB_URL?=http://www.zlib.net -ZLIB_URL=$(XEN_EXTFILES_URL) -ZLIB_VERSION=1.2.3 - -#LIBPCI_URL?=http://www.kernel.org/pub/software/utils/pciutils -LIBPCI_URL?=$(XEN_EXTFILES_URL) -LIBPCI_VERSION=2.2.9 - -#NEWLIB_URL?=ftp://sources.redhat.com/pub/newlib -NEWLIB_URL?=$(XEN_EXTFILES_URL) -NEWLIB_VERSION=1.16.0 - -#LWIP_URL?=http://download.savannah.gnu.org/releases/lwip -LWIP_URL?=$(XEN_EXTFILES_URL) -LWIP_VERSION=1.3.0 - -#GRUB_URL?=http://alpha.gnu.org/gnu/grub -GRUB_URL?=$(XEN_EXTFILES_URL) -GRUB_VERSION=0.97 - -#OCAML_URL?=$(XEN_EXTFILES_URL) -OCAML_URL?=http://caml.inria.fr/pub/distrib/ocaml-3.11 -OCAML_VERSION=3.11.0 - -GMP_VERSION=4.3.2 -GMP_URL?=$(XEN_EXTFILES_URL) -#GMP_URL?=ftp://ftp.gmplib.org/pub/gmp-$(GMP_VERSION) - -POLARSSL_VERSION=1.1.4 -POLARSSL_URL?=$(XEN_EXTFILES_URL) -#POLARSSL_URL?=http://polarssl.org/code/releases - -TPMEMU_VERSION=0.7.4 -TPMEMU_URL?=$(XEN_EXTFILES_URL) -#TPMEMU_URL?=http://download.berlios.de/tpm-emulator - -WGET=wget -c +-include $(XEN_ROOT)/config/Stubdom.mk GNU_TARGET_ARCH:=$(XEN_TARGET_ARCH) ifeq ($(XEN_TARGET_ARCH),x86_32) @@ -86,12 +49,12 @@ TARGET_CPPFLAGS += -I$(XEN_ROOT)/xen/inc TARGET_LDFLAGS += -nostdlib -L$(CROSS_PREFIX)/$(GNU_TARGET_ARCH)-xen-elf/lib -TARGETS=ioemu c caml grub xenstore vtpm vtpmmgr +TARGETS=$(STUBDOM_TARGETS) .PHONY: all all: build ifeq ($(STUBDOM_SUPPORTED),1) -build: genpath ioemu-stubdom c-stubdom pv-grub xenstore-stubdom +build: genpath $(STUBDOM_BUILD) else build: genpath endif @@ -241,11 +204,12 @@ tpm_emulator-$(TPMEMU_VERSION).tar.gz: $(WGET) $(TPMEMU_URL)/$@ tpm_emulator-$(XEN_TARGET_ARCH): tpm_emulator-$(TPMEMU_VERSION).tar.gz + @if [ ! -f "$(CMAKE)" ]; then echo "cmake not installed! Install it and then rerun ./configure!"; false; fi tar xzf $< mv tpm_emulator-$(TPMEMU_VERSION) $@ patch -d $@ -p1 < tpmemu-$(TPMEMU_VERSION).patch; mkdir $@/build - cd $@/build; CC=${CC} cmake .. -DCMAKE_C_FLAGS:STRING="-std=c99 -DTPM_NO_EXTERN $(TARGET_CPPFLAGS) $(TARGET_CFLAGS) -Wno-declaration-after-statement" + cd $@/build; CC=${CC} $(CMAKE) .. -DCMAKE_C_FLAGS:STRING="-std=c99 -DTPM_NO_EXTERN $(TARGET_CPPFLAGS) $(TARGET_CFLAGS) -Wno-declaration-after-statement" touch $@ TPMEMU_STAMPFILE=$(CROSS_ROOT)/$(GNU_TARGET_ARCH)-xen-elf/lib/libtpm.a @@ -466,8 +430,8 @@ c-stubdom: mini-os-$(XEN_TARGET_ARCH)-c vtpm-stubdom: mini-os-$(XEN_TARGET_ARCH)-vtpm vtpm DEF_CPPFLAGS="$(TARGET_CPPFLAGS)" DEF_CFLAGS="$(TARGET_CFLAGS)" DEF_LDFLAGS="$(TARGET_LDFLAGS)" MINIOS_CONFIG="$(CURDIR)/vtpm/minios.cfg" $(MAKE) -C $(MINI_OS) OBJ_DIR=$(CURDIR)/$< APP_OBJS="$(CURDIR)/vtpm/vtpm.a" APP_LDLIBS="-ltpm -ltpm_crypto -lgmp" -.PHONY: vtpmmgrdom -vtpmmgrdom: mini-os-$(XEN_TARGET_ARCH)-vtpmmgr vtpmmgr +.PHONY: vtpmmgr-stubdom +vtpmmgr-stubdom: mini-os-$(XEN_TARGET_ARCH)-vtpmmgr vtpmmgr DEF_CPPFLAGS="$(TARGET_CPPFLAGS)" DEF_CFLAGS="$(TARGET_CFLAGS)" DEF_LDFLAGS="$(TARGET_LDFLAGS)" MINIOS_CONFIG="$(CURDIR)/vtpmmgr/minios.cfg" $(MAKE) -C $(MINI_OS) OBJ_DIR=$(CURDIR)/$< APP_OBJS="$(CURDIR)/vtpmmgr/vtpmmgr.a" APP_LDLIBS="-lm" .PHONY: pv-grub @@ -483,7 +447,7 @@ xenstore-stubdom: mini-os-$(XEN_TARGET_A ######### ifeq ($(STUBDOM_SUPPORTED),1) -install: genpath install-readme install-ioemu install-grub install-xenstore +install: genpath install-readme $(STUBDOM_INSTALL) else install: genpath endif @@ -503,6 +467,8 @@ install-grub: pv-grub $(INSTALL_DIR) "$(DESTDIR)$(XENFIRMWAREDIR)" $(INSTALL_DATA) mini-os-$(XEN_TARGET_ARCH)-grub/mini-os.gz "$(DESTDIR)$(XENFIRMWAREDIR)/pv-grub-$(XEN_TARGET_ARCH).gz" +install-caml: caml-stubdom + install-xenstore: xenstore-stubdom $(INSTALL_DIR) "$(DESTDIR)/usr/lib/xen/boot" $(INSTALL_DATA) mini-os-$(XEN_TARGET_ARCH)-xenstore/mini-os.gz "$(DESTDIR)/usr/lib/xen/boot/xenstore-stubdom.gz" @@ -511,9 +477,9 @@ install-vtpm: vtpm-stubdom $(INSTALL_DIR) "$(DESTDIR)$(XENFIRMWAREDIR)" $(INSTALL_PROG) mini-os-$(XEN_TARGET_ARCH)-vtpm/mini-os.gz "$(DESTDIR)$(XENFIRMWAREDIR)/vtpm-stubdom.gz" -install-vtpmmgr: vtpm-stubdom +install-vtpmmgr: vtpmmgr-stubdom $(INSTALL_DIR) "$(DESTDIR)$(XENFIRMWAREDIR)" - $(INSTALL_PROG) mini-os-$(XEN_TARGET_ARCH)-vtpmmgr/mini-os.gz "$(DESTDIR)$(XENFIRMWAREDIR)/vtpmmgrdom.gz" + $(INSTALL_PROG) mini-os-$(XEN_TARGET_ARCH)-vtpmmgr/mini-os.gz "$(DESTDIR)$(XENFIRMWAREDIR)/vtpmmgr-stubdom.gz" ####### # clean @@ -581,3 +547,9 @@ downloadclean: patchclean .PHONY: distclean distclean: downloadclean + -rm ../config/Stubdom.mk + +ifeq (,$(findstring clean,$(MAKECMDGOALS))) +$(XEN_ROOT)/config/Stubdom.mk: + $(error You have to run ./configure before building or installing stubdom) +endif diff -r 712419ef207b -r e1d7053e4d45 stubdom/configure --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/configure Fri Jan 18 10:55:47 2013 +0000 @@ -0,0 +1,4616 @@ +#! /bin/sh +# Guess values for system-dependent variables and create Makefiles. +# Generated by GNU Autoconf 2.69 for Xen Hypervisor Stub Domains 4.3. +# +# Report bugs to . +# +# +# Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. +# +# +# This configure script is free software; the Free Software Foundation +# gives unlimited permission to copy, distribute and modify it. +## -------------------- ## +## M4sh Initialization. ## +## -------------------- ## + +# Be more Bourne compatible +DUALCASE=1; export DUALCASE # for MKS sh +if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : + emulate sh + NULLCMD=: + # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which + # is contrary to our usage. Disable this feature. + alias -g '${1+"$@"}'='"$@"' + setopt NO_GLOB_SUBST +else + case `(set -o) 2>/dev/null` in #( + *posix*) : + set -o posix ;; #( + *) : + ;; +esac +fi + + +as_nl=' +' +export as_nl +# Printing a long string crashes Solaris 7 /usr/bin/printf. +as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo +# Prefer a ksh shell builtin over an external printf program on Solaris, +# but without wasting forks for bash or zsh. +if test -z "$BASH_VERSION$ZSH_VERSION" \ + && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then + as_echo='print -r --' + as_echo_n='print -rn --' +elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then + as_echo='printf %s\n' + as_echo_n='printf %s' +else + if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then + as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"' + as_echo_n='/usr/ucb/echo -n' + else + as_echo_body='eval expr "X$1" : "X\\(.*\\)"' + as_echo_n_body='eval + arg=$1; + case $arg in #( + *"$as_nl"*) + expr "X$arg" : "X\\(.*\\)$as_nl"; + arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;; + esac; + expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl" + ' + export as_echo_n_body + as_echo_n='sh -c $as_echo_n_body as_echo' + fi + export as_echo_body + as_echo='sh -c $as_echo_body as_echo' +fi + +# The user is always right. +if test "${PATH_SEPARATOR+set}" != set; then + PATH_SEPARATOR=: + (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { + (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || + PATH_SEPARATOR=';' + } +fi + + +# IFS +# We need space, tab and new line, in precisely that order. Quoting is +# there to prevent editors from complaining about space-tab. +# (If _AS_PATH_WALK were called with IFS unset, it would disable word +# splitting by setting IFS to empty value.) +IFS=" "" $as_nl" + +# Find who we are. Look in the path if we contain no directory separator. +as_myself= +case $0 in #(( + *[\\/]* ) as_myself=$0 ;; + *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break + done +IFS=$as_save_IFS + + ;; +esac +# We did not find ourselves, most probably we were run as `sh COMMAND' +# in which case we are not to be found in the path. +if test "x$as_myself" = x; then + as_myself=$0 +fi +if test ! -f "$as_myself"; then + $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 + exit 1 +fi + +# Unset variables that we do not need and which cause bugs (e.g. in +# pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1" +# suppresses any "Segmentation fault" message there. '((' could +# trigger a bug in pdksh 5.2.14. +for as_var in BASH_ENV ENV MAIL MAILPATH +do eval test x\${$as_var+set} = xset \ + && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : +done +PS1='$ ' +PS2='> ' +PS4='+ ' + +# NLS nuisances. +LC_ALL=C +export LC_ALL +LANGUAGE=C +export LANGUAGE + +# CDPATH. +(unset CDPATH) >/dev/null 2>&1 && unset CDPATH + +# Use a proper internal environment variable to ensure we don't fall + # into an infinite loop, continuously re-executing ourselves. + if test x"${_as_can_reexec}" != xno && test "x$CONFIG_SHELL" != x; then + _as_can_reexec=no; export _as_can_reexec; + # We cannot yet assume a decent shell, so we have to provide a +# neutralization value for shells without unset; and this also +# works around shells that cannot unset nonexistent variables. +# Preserve -v and -x to the replacement shell. +BASH_ENV=/dev/null +ENV=/dev/null +(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV +case $- in # (((( + *v*x* | *x*v* ) as_opts=-vx ;; + *v* ) as_opts=-v ;; + *x* ) as_opts=-x ;; + * ) as_opts= ;; +esac +exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} +# Admittedly, this is quite paranoid, since all the known shells bail +# out after a failed `exec'. +$as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 +as_fn_exit 255 + fi + # We don't want this to propagate to other subprocesses. + { _as_can_reexec=; unset _as_can_reexec;} +if test "x$CONFIG_SHELL" = x; then + as_bourne_compatible="if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then : + emulate sh + NULLCMD=: + # Pre-4.2 versions of Zsh do word splitting on \${1+\"\$@\"}, which + # is contrary to our usage. Disable this feature. + alias -g '\${1+\"\$@\"}'='\"\$@\"' + setopt NO_GLOB_SUBST +else + case \`(set -o) 2>/dev/null\` in #( + *posix*) : + set -o posix ;; #( + *) : + ;; +esac +fi +" + as_required="as_fn_return () { (exit \$1); } +as_fn_success () { as_fn_return 0; } +as_fn_failure () { as_fn_return 1; } +as_fn_ret_success () { return 0; } +as_fn_ret_failure () { return 1; } + +exitcode=0 +as_fn_success || { exitcode=1; echo as_fn_success failed.; } +as_fn_failure && { exitcode=1; echo as_fn_failure succeeded.; } +as_fn_ret_success || { exitcode=1; echo as_fn_ret_success failed.; } +as_fn_ret_failure && { exitcode=1; echo as_fn_ret_failure succeeded.; } +if ( set x; as_fn_ret_success y && test x = \"\$1\" ); then : + +else + exitcode=1; echo positional parameters were not saved. +fi +test x\$exitcode = x0 || exit 1 +test -x / || exit 1" + as_suggested=" as_lineno_1=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_1a=\$LINENO + as_lineno_2=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_2a=\$LINENO + eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" && + test \"x\`expr \$as_lineno_1'\$as_run' + 1\`\" = \"x\$as_lineno_2'\$as_run'\"' || exit 1" + if (eval "$as_required") 2>/dev/null; then : + as_have_required=yes +else + as_have_required=no +fi + if test x$as_have_required = xyes && (eval "$as_suggested") 2>/dev/null; then : + +else + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +as_found=false +for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + as_found=: + case $as_dir in #( + /*) + for as_base in sh bash ksh sh5; do + # Try only shells that exist, to save several forks. + as_shell=$as_dir/$as_base + if { test -f "$as_shell" || test -f "$as_shell.exe"; } && + { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$as_shell"; } 2>/dev/null; then : + CONFIG_SHELL=$as_shell as_have_required=yes + if { $as_echo "$as_bourne_compatible""$as_suggested" | as_run=a "$as_shell"; } 2>/dev/null; then : + break 2 +fi +fi + done;; + esac + as_found=false +done +$as_found || { if { test -f "$SHELL" || test -f "$SHELL.exe"; } && + { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$SHELL"; } 2>/dev/null; then : + CONFIG_SHELL=$SHELL as_have_required=yes +fi; } +IFS=$as_save_IFS + + + if test "x$CONFIG_SHELL" != x; then : + export CONFIG_SHELL + # We cannot yet assume a decent shell, so we have to provide a +# neutralization value for shells without unset; and this also +# works around shells that cannot unset nonexistent variables. +# Preserve -v and -x to the replacement shell. +BASH_ENV=/dev/null +ENV=/dev/null +(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV +case $- in # (((( + *v*x* | *x*v* ) as_opts=-vx ;; + *v* ) as_opts=-v ;; + *x* ) as_opts=-x ;; + * ) as_opts= ;; +esac +exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} +# Admittedly, this is quite paranoid, since all the known shells bail +# out after a failed `exec'. +$as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 +exit 255 +fi + + if test x$as_have_required = xno; then : + $as_echo "$0: This script requires a shell more modern than all" + $as_echo "$0: the shells that I found on your system." + if test x${ZSH_VERSION+set} = xset ; then + $as_echo "$0: In particular, zsh $ZSH_VERSION has bugs and should" + $as_echo "$0: be upgraded to zsh 4.3.4 or later." + else + $as_echo "$0: Please tell bug-autoconf@gnu.org and +$0: xen-devel@lists.xen.org about your system, including +$0: any error possibly output before this message. Then +$0: install a modern shell, or manually run the script +$0: under such a shell if you do have one." + fi + exit 1 +fi +fi +fi +SHELL=${CONFIG_SHELL-/bin/sh} +export SHELL +# Unset more variables known to interfere with behavior of common tools. +CLICOLOR_FORCE= GREP_OPTIONS= +unset CLICOLOR_FORCE GREP_OPTIONS + +## --------------------- ## +## M4sh Shell Functions. ## +## --------------------- ## +# as_fn_unset VAR +# --------------- +# Portably unset VAR. +as_fn_unset () +{ + { eval $1=; unset $1;} +} +as_unset=as_fn_unset + +# as_fn_set_status STATUS +# ----------------------- +# Set $? to STATUS, without forking. +as_fn_set_status () +{ + return $1 +} # as_fn_set_status + +# as_fn_exit STATUS +# ----------------- +# Exit the shell with STATUS, even in a "trap 0" or "set -e" context. +as_fn_exit () +{ + set +e + as_fn_set_status $1 + exit $1 +} # as_fn_exit + +# as_fn_mkdir_p +# ------------- +# Create "$as_dir" as a directory, including parents if necessary. +as_fn_mkdir_p () +{ + + case $as_dir in #( + -*) as_dir=./$as_dir;; + esac + test -d "$as_dir" || eval $as_mkdir_p || { + as_dirs= + while :; do + case $as_dir in #( + *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( + *) as_qdir=$as_dir;; + esac + as_dirs="'$as_qdir' $as_dirs" + as_dir=`$as_dirname -- "$as_dir" || +$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$as_dir" : 'X\(//\)[^/]' \| \ + X"$as_dir" : 'X\(//\)$' \| \ + X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$as_dir" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + test -d "$as_dir" && break + done + test -z "$as_dirs" || eval "mkdir $as_dirs" + } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" + + +} # as_fn_mkdir_p + +# as_fn_executable_p FILE +# ----------------------- +# Test if FILE is an executable regular file. +as_fn_executable_p () +{ + test -f "$1" && test -x "$1" +} # as_fn_executable_p +# as_fn_append VAR VALUE +# ---------------------- +# Append the text in VALUE to the end of the definition contained in VAR. Take +# advantage of any shell optimizations that allow amortized linear growth over +# repeated appends, instead of the typical quadratic growth present in naive +# implementations. +if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then : + eval 'as_fn_append () + { + eval $1+=\$2 + }' +else + as_fn_append () + { + eval $1=\$$1\$2 + } +fi # as_fn_append + +# as_fn_arith ARG... +# ------------------ +# Perform arithmetic evaluation on the ARGs, and store the result in the +# global $as_val. Take advantage of shells that can avoid forks. The arguments +# must be portable across $(()) and expr. +if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then : + eval 'as_fn_arith () + { + as_val=$(( $* )) + }' +else + as_fn_arith () + { + as_val=`expr "$@" || test $? -eq 1` + } +fi # as_fn_arith + + +# as_fn_error STATUS ERROR [LINENO LOG_FD] +# ---------------------------------------- +# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are +# provided, also output the error to LOG_FD, referencing LINENO. Then exit the +# script with STATUS, using 1 if that was 0. +as_fn_error () +{ + as_status=$1; test $as_status -eq 0 && as_status=1 + if test "$4"; then + as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 + fi + $as_echo "$as_me: error: $2" >&2 + as_fn_exit $as_status +} # as_fn_error + +if expr a : '\(a\)' >/dev/null 2>&1 && + test "X`expr 00001 : '.*\(...\)'`" = X001; then + as_expr=expr +else + as_expr=false +fi + +if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then + as_basename=basename +else + as_basename=false +fi + +if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then + as_dirname=dirname +else + as_dirname=false +fi + +as_me=`$as_basename -- "$0" || +$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ + X"$0" : 'X\(//\)$' \| \ + X"$0" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X/"$0" | + sed '/^.*\/\([^/][^/]*\)\/*$/{ + s//\1/ + q + } + /^X\/\(\/\/\)$/{ + s//\1/ + q + } + /^X\/\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + +# Avoid depending upon Character Ranges. +as_cr_letters='abcdefghijklmnopqrstuvwxyz' +as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' +as_cr_Letters=$as_cr_letters$as_cr_LETTERS +as_cr_digits='0123456789' +as_cr_alnum=$as_cr_Letters$as_cr_digits + + + as_lineno_1=$LINENO as_lineno_1a=$LINENO + as_lineno_2=$LINENO as_lineno_2a=$LINENO + eval 'test "x$as_lineno_1'$as_run'" != "x$as_lineno_2'$as_run'" && + test "x`expr $as_lineno_1'$as_run' + 1`" = "x$as_lineno_2'$as_run'"' || { + # Blame Lee E. McMahon (1931-1989) for sed's syntax. :-) + sed -n ' + p + /[$]LINENO/= + ' <$as_myself | + sed ' + s/[$]LINENO.*/&-/ + t lineno + b + :lineno + N + :loop + s/[$]LINENO\([^'$as_cr_alnum'_].*\n\)\(.*\)/\2\1\2/ + t loop + s/-\n.*// + ' >$as_me.lineno && + chmod +x "$as_me.lineno" || + { $as_echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; } + + # If we had to re-execute with $CONFIG_SHELL, we're ensured to have + # already done that, so ensure we don't try to do so again and fall + # in an infinite loop. This has already happened in practice. + _as_can_reexec=no; export _as_can_reexec + # Don't try to exec as it changes $[0], causing all sort of problems + # (the dirname of $[0] is not the place where we might find the + # original and so on. Autoconf is especially sensitive to this). + . "./$as_me.lineno" + # Exit status is that of the last command. + exit +} + +ECHO_C= ECHO_N= ECHO_T= +case `echo -n x` in #((((( +-n*) + case `echo 'xy\c'` in + *c*) ECHO_T=' ';; # ECHO_T is single tab character. + xy) ECHO_C='\c';; + *) echo `echo ksh88 bug on AIX 6.1` > /dev/null + ECHO_T=' ';; + esac;; +*) + ECHO_N='-n';; +esac + +rm -f conf$$ conf$$.exe conf$$.file +if test -d conf$$.dir; then + rm -f conf$$.dir/conf$$.file +else + rm -f conf$$.dir + mkdir conf$$.dir 2>/dev/null +fi +if (echo >conf$$.file) 2>/dev/null; then + if ln -s conf$$.file conf$$ 2>/dev/null; then + as_ln_s='ln -s' + # ... but there are two gotchas: + # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. + # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. + # In both cases, we have to default to `cp -pR'. + ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || + as_ln_s='cp -pR' + elif ln conf$$.file conf$$ 2>/dev/null; then + as_ln_s=ln + else + as_ln_s='cp -pR' + fi +else + as_ln_s='cp -pR' +fi +rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file +rmdir conf$$.dir 2>/dev/null + +if mkdir -p . 2>/dev/null; then + as_mkdir_p='mkdir -p "$as_dir"' +else + test -d ./-p && rmdir ./-p + as_mkdir_p=false +fi + +as_test_x='test -x' +as_executable_p=as_fn_executable_p + +# Sed expression to map a string onto a valid CPP name. +as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" + +# Sed expression to map a string onto a valid variable name. +as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" + + +test -n "$DJDIR" || exec 7<&0 &1 + +# Name of the host. +# hostname on some systems (SVR3.2, old GNU/Linux) returns a bogus exit status, +# so uname gets run too. +ac_hostname=`(hostname || uname -n) 2>/dev/null | sed 1q` + +# +# Initializations. +# +ac_default_prefix=/usr/local +ac_clean_files= +ac_config_libobj_dir=. +LIBOBJS= +cross_compiling=no +subdirs= +MFLAGS= +MAKEFLAGS= + +# Identity of this package. +PACKAGE_NAME='Xen Hypervisor Stub Domains' +PACKAGE_TARNAME='xen' +PACKAGE_VERSION='4.3' +PACKAGE_STRING='Xen Hypervisor Stub Domains 4.3' +PACKAGE_BUGREPORT='xen-devel@lists.xen.org' +PACKAGE_URL='http://www.xen.org/' + +ac_unique_file="../extras/mini-os/kernel.c" +ac_default_prefix=/usr +ac_subst_vars='LTLIBOBJS +LIBOBJS +STUBDOM_INSTALL +STUBDOM_BUILD +STUBDOM_TARGETS +vtpmmgr +vtpm +TPMEMU_VERSION +TPMEMU_URL +POLARSSL_VERSION +POLARSSL_URL +GMP_VERSION +GMP_URL +OCAML_VERSION +OCAML_URL +GRUB_VERSION +GRUB_URL +LWIP_VERSION +LWIP_URL +NEWLIB_VERSION +NEWLIB_URL +LIBPCI_VERSION +LIBPCI_URL +ZLIB_VERSION +ZLIB_URL +INSTALL_DATA +INSTALL_SCRIPT +INSTALL_PROGRAM +SET_MAKE +OBJEXT +EXEEXT +ac_ct_CC +CPPFLAGS +LDFLAGS +CFLAGS +CC +WGET +CMAKE +extfiles +debug +xenstore +grub +caml +c +ioemu +target_alias +host_alias +build_alias +LIBS +ECHO_T +ECHO_N +ECHO_C +DEFS +mandir +localedir +libdir +psdir +pdfdir +dvidir +htmldir +infodir +docdir +oldincludedir +includedir +localstatedir +sharedstatedir +sysconfdir +datadir +datarootdir +libexecdir +sbindir +bindir +program_transform_name +prefix +exec_prefix +PACKAGE_URL +PACKAGE_BUGREPORT +PACKAGE_STRING +PACKAGE_VERSION +PACKAGE_TARNAME +PACKAGE_NAME +PATH_SEPARATOR +SHELL' +ac_subst_files='' +ac_user_opts=' +enable_option_checking +enable_ioemu_stubdom +enable_c_stubdom +enable_caml_stubdom +enable_pv_grub +enable_xenstore_stubdom +enable_vtpm_stubdom +enable_vtpmmgr_stubdom +enable_debug +enable_extfiles +' + ac_precious_vars='build_alias +host_alias +target_alias +CMAKE +WGET +CC +CFLAGS +LDFLAGS +LIBS +CPPFLAGS +ZLIB_URL +LIBPCI_URL +NEWLIB_URL +LWIP_URL +GRUB_URL +OCAML_URL +GMP_URL +POLARSSL_URL +TPMEMU_URL' + + +# Initialize some variables set by options. +ac_init_help= +ac_init_version=false +ac_unrecognized_opts= +ac_unrecognized_sep= +# The variables have the same names as the options, with +# dashes changed to underlines. +cache_file=/dev/null +exec_prefix=NONE +no_create= +no_recursion= +prefix=NONE +program_prefix=NONE +program_suffix=NONE +program_transform_name=s,x,x, +silent= +site= +srcdir= +verbose= +x_includes=NONE +x_libraries=NONE + +# Installation directory options. +# These are left unexpanded so users can "make install exec_prefix=/foo" +# and all the variables that are supposed to be based on exec_prefix +# by default will actually change. +# Use braces instead of parens because sh, perl, etc. also accept them. +# (The list follows the same order as the GNU Coding Standards.) +bindir='${exec_prefix}/bin' +sbindir='${exec_prefix}/sbin' +libexecdir='${exec_prefix}/libexec' +datarootdir='${prefix}/share' +datadir='${datarootdir}' +sysconfdir='${prefix}/etc' +sharedstatedir='${prefix}/com' +localstatedir='${prefix}/var' +includedir='${prefix}/include' +oldincludedir='/usr/include' +docdir='${datarootdir}/doc/${PACKAGE_TARNAME}' +infodir='${datarootdir}/info' +htmldir='${docdir}' +dvidir='${docdir}' +pdfdir='${docdir}' +psdir='${docdir}' +libdir='${exec_prefix}/lib' +localedir='${datarootdir}/locale' +mandir='${datarootdir}/man' + +ac_prev= +ac_dashdash= +for ac_option +do + # If the previous option needs an argument, assign it. + if test -n "$ac_prev"; then + eval $ac_prev=\$ac_option + ac_prev= + continue + fi + + case $ac_option in + *=?*) ac_optarg=`expr "X$ac_option" : '[^=]*=\(.*\)'` ;; + *=) ac_optarg= ;; + *) ac_optarg=yes ;; + esac + + # Accept the important Cygnus configure options, so we can diagnose typos. + + case $ac_dashdash$ac_option in + --) + ac_dashdash=yes ;; + + -bindir | --bindir | --bindi | --bind | --bin | --bi) + ac_prev=bindir ;; + -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*) + bindir=$ac_optarg ;; + + -build | --build | --buil | --bui | --bu) + ac_prev=build_alias ;; + -build=* | --build=* | --buil=* | --bui=* | --bu=*) + build_alias=$ac_optarg ;; + + -cache-file | --cache-file | --cache-fil | --cache-fi \ + | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c) + ac_prev=cache_file ;; + -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \ + | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*) + cache_file=$ac_optarg ;; + + --config-cache | -C) + cache_file=config.cache ;; + + -datadir | --datadir | --datadi | --datad) + ac_prev=datadir ;; + -datadir=* | --datadir=* | --datadi=* | --datad=*) + datadir=$ac_optarg ;; + + -datarootdir | --datarootdir | --datarootdi | --datarootd | --dataroot \ + | --dataroo | --dataro | --datar) + ac_prev=datarootdir ;; + -datarootdir=* | --datarootdir=* | --datarootdi=* | --datarootd=* \ + | --dataroot=* | --dataroo=* | --dataro=* | --datar=*) + datarootdir=$ac_optarg ;; + + -disable-* | --disable-*) + ac_useropt=`expr "x$ac_option" : 'x-*disable-\(.*\)'` + # Reject names that are not valid shell variable names. + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error $? "invalid feature name: $ac_useropt" + ac_useropt_orig=$ac_useropt + ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"enable_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--disable-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval enable_$ac_useropt=no ;; + + -docdir | --docdir | --docdi | --doc | --do) + ac_prev=docdir ;; + -docdir=* | --docdir=* | --docdi=* | --doc=* | --do=*) + docdir=$ac_optarg ;; + + -dvidir | --dvidir | --dvidi | --dvid | --dvi | --dv) + ac_prev=dvidir ;; + -dvidir=* | --dvidir=* | --dvidi=* | --dvid=* | --dvi=* | --dv=*) + dvidir=$ac_optarg ;; + + -enable-* | --enable-*) + ac_useropt=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'` + # Reject names that are not valid shell variable names. + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error $? "invalid feature name: $ac_useropt" + ac_useropt_orig=$ac_useropt + ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"enable_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--enable-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval enable_$ac_useropt=\$ac_optarg ;; + + -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \ + | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \ + | --exec | --exe | --ex) + ac_prev=exec_prefix ;; + -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \ + | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \ + | --exec=* | --exe=* | --ex=*) + exec_prefix=$ac_optarg ;; + + -gas | --gas | --ga | --g) + # Obsolete; use --with-gas. + with_gas=yes ;; + + -help | --help | --hel | --he | -h) + ac_init_help=long ;; + -help=r* | --help=r* | --hel=r* | --he=r* | -hr*) + ac_init_help=recursive ;; + -help=s* | --help=s* | --hel=s* | --he=s* | -hs*) + ac_init_help=short ;; + + -host | --host | --hos | --ho) + ac_prev=host_alias ;; + -host=* | --host=* | --hos=* | --ho=*) + host_alias=$ac_optarg ;; + + -htmldir | --htmldir | --htmldi | --htmld | --html | --htm | --ht) + ac_prev=htmldir ;; + -htmldir=* | --htmldir=* | --htmldi=* | --htmld=* | --html=* | --htm=* \ + | --ht=*) + htmldir=$ac_optarg ;; + + -includedir | --includedir | --includedi | --included | --include \ + | --includ | --inclu | --incl | --inc) + ac_prev=includedir ;; + -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \ + | --includ=* | --inclu=* | --incl=* | --inc=*) + includedir=$ac_optarg ;; + + -infodir | --infodir | --infodi | --infod | --info | --inf) + ac_prev=infodir ;; + -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*) + infodir=$ac_optarg ;; + + -libdir | --libdir | --libdi | --libd) + ac_prev=libdir ;; + -libdir=* | --libdir=* | --libdi=* | --libd=*) + libdir=$ac_optarg ;; + + -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \ + | --libexe | --libex | --libe) + ac_prev=libexecdir ;; + -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \ + | --libexe=* | --libex=* | --libe=*) + libexecdir=$ac_optarg ;; + + -localedir | --localedir | --localedi | --localed | --locale) + ac_prev=localedir ;; + -localedir=* | --localedir=* | --localedi=* | --localed=* | --locale=*) + localedir=$ac_optarg ;; + + -localstatedir | --localstatedir | --localstatedi | --localstated \ + | --localstate | --localstat | --localsta | --localst | --locals) + ac_prev=localstatedir ;; + -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \ + | --localstate=* | --localstat=* | --localsta=* | --localst=* | --locals=*) + localstatedir=$ac_optarg ;; + + -mandir | --mandir | --mandi | --mand | --man | --ma | --m) + ac_prev=mandir ;; + -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*) + mandir=$ac_optarg ;; + + -nfp | --nfp | --nf) + # Obsolete; use --without-fp. + with_fp=no ;; + + -no-create | --no-create | --no-creat | --no-crea | --no-cre \ + | --no-cr | --no-c | -n) + no_create=yes ;; + + -no-recursion | --no-recursion | --no-recursio | --no-recursi \ + | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) + no_recursion=yes ;; + + -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \ + | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \ + | --oldin | --oldi | --old | --ol | --o) + ac_prev=oldincludedir ;; + -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \ + | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \ + | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*) + oldincludedir=$ac_optarg ;; + + -prefix | --prefix | --prefi | --pref | --pre | --pr | --p) + ac_prev=prefix ;; + -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*) + prefix=$ac_optarg ;; + + -program-prefix | --program-prefix | --program-prefi | --program-pref \ + | --program-pre | --program-pr | --program-p) + ac_prev=program_prefix ;; + -program-prefix=* | --program-prefix=* | --program-prefi=* \ + | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*) + program_prefix=$ac_optarg ;; + + -program-suffix | --program-suffix | --program-suffi | --program-suff \ + | --program-suf | --program-su | --program-s) + ac_prev=program_suffix ;; + -program-suffix=* | --program-suffix=* | --program-suffi=* \ + | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*) + program_suffix=$ac_optarg ;; + + -program-transform-name | --program-transform-name \ + | --program-transform-nam | --program-transform-na \ + | --program-transform-n | --program-transform- \ + | --program-transform | --program-transfor \ + | --program-transfo | --program-transf \ + | --program-trans | --program-tran \ + | --progr-tra | --program-tr | --program-t) + ac_prev=program_transform_name ;; + -program-transform-name=* | --program-transform-name=* \ + | --program-transform-nam=* | --program-transform-na=* \ + | --program-transform-n=* | --program-transform-=* \ + | --program-transform=* | --program-transfor=* \ + | --program-transfo=* | --program-transf=* \ + | --program-trans=* | --program-tran=* \ + | --progr-tra=* | --program-tr=* | --program-t=*) + program_transform_name=$ac_optarg ;; + + -pdfdir | --pdfdir | --pdfdi | --pdfd | --pdf | --pd) + ac_prev=pdfdir ;; + -pdfdir=* | --pdfdir=* | --pdfdi=* | --pdfd=* | --pdf=* | --pd=*) + pdfdir=$ac_optarg ;; + + -psdir | --psdir | --psdi | --psd | --ps) + ac_prev=psdir ;; + -psdir=* | --psdir=* | --psdi=* | --psd=* | --ps=*) + psdir=$ac_optarg ;; + + -q | -quiet | --quiet | --quie | --qui | --qu | --q \ + | -silent | --silent | --silen | --sile | --sil) + silent=yes ;; + + -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) + ac_prev=sbindir ;; + -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ + | --sbi=* | --sb=*) + sbindir=$ac_optarg ;; + + -sharedstatedir | --sharedstatedir | --sharedstatedi \ + | --sharedstated | --sharedstate | --sharedstat | --sharedsta \ + | --sharedst | --shareds | --shared | --share | --shar \ + | --sha | --sh) + ac_prev=sharedstatedir ;; + -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \ + | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \ + | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \ + | --sha=* | --sh=*) + sharedstatedir=$ac_optarg ;; + + -site | --site | --sit) + ac_prev=site ;; + -site=* | --site=* | --sit=*) + site=$ac_optarg ;; + + -srcdir | --srcdir | --srcdi | --srcd | --src | --sr) + ac_prev=srcdir ;; + -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*) + srcdir=$ac_optarg ;; + + -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \ + | --syscon | --sysco | --sysc | --sys | --sy) + ac_prev=sysconfdir ;; + -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \ + | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*) + sysconfdir=$ac_optarg ;; + + -target | --target | --targe | --targ | --tar | --ta | --t) + ac_prev=target_alias ;; + -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*) + target_alias=$ac_optarg ;; + + -v | -verbose | --verbose | --verbos | --verbo | --verb) + verbose=yes ;; + + -version | --version | --versio | --versi | --vers | -V) + ac_init_version=: ;; + + -with-* | --with-*) + ac_useropt=`expr "x$ac_option" : 'x-*with-\([^=]*\)'` + # Reject names that are not valid shell variable names. + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error $? "invalid package name: $ac_useropt" + ac_useropt_orig=$ac_useropt + ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"with_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--with-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval with_$ac_useropt=\$ac_optarg ;; + + -without-* | --without-*) + ac_useropt=`expr "x$ac_option" : 'x-*without-\(.*\)'` + # Reject names that are not valid shell variable names. + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error $? "invalid package name: $ac_useropt" + ac_useropt_orig=$ac_useropt + ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"with_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--without-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval with_$ac_useropt=no ;; + + --x) + # Obsolete; use --with-x. + with_x=yes ;; + + -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \ + | --x-incl | --x-inc | --x-in | --x-i) + ac_prev=x_includes ;; + -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \ + | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*) + x_includes=$ac_optarg ;; + + -x-libraries | --x-libraries | --x-librarie | --x-librari \ + | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l) + ac_prev=x_libraries ;; + -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \ + | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*) + x_libraries=$ac_optarg ;; + + -*) as_fn_error $? "unrecognized option: \`$ac_option' +Try \`$0 --help' for more information" + ;; + + *=*) + ac_envvar=`expr "x$ac_option" : 'x\([^=]*\)='` + # Reject names that are not valid shell variable names. + case $ac_envvar in #( + '' | [0-9]* | *[!_$as_cr_alnum]* ) + as_fn_error $? "invalid variable name: \`$ac_envvar'" ;; + esac + eval $ac_envvar=\$ac_optarg + export $ac_envvar ;; + + *) + # FIXME: should be removed in autoconf 3.0. + $as_echo "$as_me: WARNING: you should use --build, --host, --target" >&2 + expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null && + $as_echo "$as_me: WARNING: invalid host type: $ac_option" >&2 + : "${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option}" + ;; + + esac +done + +if test -n "$ac_prev"; then + ac_option=--`echo $ac_prev | sed 's/_/-/g'` + as_fn_error $? "missing argument to $ac_option" +fi + +if test -n "$ac_unrecognized_opts"; then + case $enable_option_checking in + no) ;; + fatal) as_fn_error $? "unrecognized options: $ac_unrecognized_opts" ;; + *) $as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2 ;; + esac +fi + +# Check all directory arguments for consistency. +for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \ + datadir sysconfdir sharedstatedir localstatedir includedir \ + oldincludedir docdir infodir htmldir dvidir pdfdir psdir \ + libdir localedir mandir +do + eval ac_val=\$$ac_var + # Remove trailing slashes. + case $ac_val in + */ ) + ac_val=`expr "X$ac_val" : 'X\(.*[^/]\)' \| "X$ac_val" : 'X\(.*\)'` + eval $ac_var=\$ac_val;; + esac + # Be sure to have absolute directory names. + case $ac_val in + [\\/$]* | ?:[\\/]* ) continue;; + NONE | '' ) case $ac_var in *prefix ) continue;; esac;; + esac + as_fn_error $? "expected an absolute directory name for --$ac_var: $ac_val" +done + +# There might be people who depend on the old broken behavior: `$host' +# used to hold the argument of --host etc. +# FIXME: To remove some day. +build=$build_alias +host=$host_alias +target=$target_alias + +# FIXME: To remove some day. +if test "x$host_alias" != x; then + if test "x$build_alias" = x; then + cross_compiling=maybe + elif test "x$build_alias" != "x$host_alias"; then + cross_compiling=yes + fi +fi + +ac_tool_prefix= +test -n "$host_alias" && ac_tool_prefix=$host_alias- + +test "$silent" = yes && exec 6>/dev/null + + +ac_pwd=`pwd` && test -n "$ac_pwd" && +ac_ls_di=`ls -di .` && +ac_pwd_ls_di=`cd "$ac_pwd" && ls -di .` || + as_fn_error $? "working directory cannot be determined" +test "X$ac_ls_di" = "X$ac_pwd_ls_di" || + as_fn_error $? "pwd does not report name of working directory" + + +# Find the source files, if location was not specified. +if test -z "$srcdir"; then + ac_srcdir_defaulted=yes + # Try the directory containing this script, then the parent directory. + ac_confdir=`$as_dirname -- "$as_myself" || +$as_expr X"$as_myself" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$as_myself" : 'X\(//\)[^/]' \| \ + X"$as_myself" : 'X\(//\)$' \| \ + X"$as_myself" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$as_myself" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + srcdir=$ac_confdir + if test ! -r "$srcdir/$ac_unique_file"; then + srcdir=.. + fi +else + ac_srcdir_defaulted=no +fi +if test ! -r "$srcdir/$ac_unique_file"; then + test "$ac_srcdir_defaulted" = yes && srcdir="$ac_confdir or .." + as_fn_error $? "cannot find sources ($ac_unique_file) in $srcdir" +fi +ac_msg="sources are in $srcdir, but \`cd $srcdir' does not work" +ac_abs_confdir=`( + cd "$srcdir" && test -r "./$ac_unique_file" || as_fn_error $? "$ac_msg" + pwd)` +# When building in place, set srcdir=. +if test "$ac_abs_confdir" = "$ac_pwd"; then + srcdir=. +fi +# Remove unnecessary trailing slashes from srcdir. +# Double slashes in file names in object file debugging info +# mess up M-x gdb in Emacs. +case $srcdir in +*/) srcdir=`expr "X$srcdir" : 'X\(.*[^/]\)' \| "X$srcdir" : 'X\(.*\)'`;; +esac +for ac_var in $ac_precious_vars; do + eval ac_env_${ac_var}_set=\${${ac_var}+set} + eval ac_env_${ac_var}_value=\$${ac_var} + eval ac_cv_env_${ac_var}_set=\${${ac_var}+set} + eval ac_cv_env_${ac_var}_value=\$${ac_var} +done + +# +# Report the --help message. +# +if test "$ac_init_help" = "long"; then + # Omit some internal or obsolete options to make the list less imposing. + # This message is too long to be a string in the A/UX 3.1 sh. + cat <<_ACEOF +\`configure' configures Xen Hypervisor Stub Domains 4.3 to adapt to many kinds of systems. + +Usage: $0 [OPTION]... [VAR=VALUE]... + +To assign environment variables (e.g., CC, CFLAGS...), specify them as +VAR=VALUE. See below for descriptions of some of the useful variables. + +Defaults for the options are specified in brackets. + +Configuration: + -h, --help display this help and exit + --help=short display options specific to this package + --help=recursive display the short help of all the included packages + -V, --version display version information and exit + -q, --quiet, --silent do not print \`checking ...' messages + --cache-file=FILE cache test results in FILE [disabled] + -C, --config-cache alias for \`--cache-file=config.cache' + -n, --no-create do not create output files + --srcdir=DIR find the sources in DIR [configure dir or \`..'] + +Installation directories: + --prefix=PREFIX install architecture-independent files in PREFIX + [$ac_default_prefix] + --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX + [PREFIX] + +By default, \`make install' will install all the files in +\`$ac_default_prefix/bin', \`$ac_default_prefix/lib' etc. You can specify +an installation prefix other than \`$ac_default_prefix' using \`--prefix', +for instance \`--prefix=\$HOME'. + +For better control, use the options below. + +Fine tuning of the installation directories: + --bindir=DIR user executables [EPREFIX/bin] + --sbindir=DIR system admin executables [EPREFIX/sbin] + --libexecdir=DIR program executables [EPREFIX/libexec] + --sysconfdir=DIR read-only single-machine data [PREFIX/etc] + --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] + --localstatedir=DIR modifiable single-machine data [PREFIX/var] + --libdir=DIR object code libraries [EPREFIX/lib] + --includedir=DIR C header files [PREFIX/include] + --oldincludedir=DIR C header files for non-gcc [/usr/include] + --datarootdir=DIR read-only arch.-independent data root [PREFIX/share] + --datadir=DIR read-only architecture-independent data [DATAROOTDIR] + --infodir=DIR info documentation [DATAROOTDIR/info] + --localedir=DIR locale-dependent data [DATAROOTDIR/locale] + --mandir=DIR man documentation [DATAROOTDIR/man] + --docdir=DIR documentation root [DATAROOTDIR/doc/xen] + --htmldir=DIR html documentation [DOCDIR] + --dvidir=DIR dvi documentation [DOCDIR] + --pdfdir=DIR pdf documentation [DOCDIR] + --psdir=DIR ps documentation [DOCDIR] +_ACEOF + + cat <<\_ACEOF +_ACEOF +fi + +if test -n "$ac_init_help"; then + case $ac_init_help in + short | recursive ) echo "Configuration of Xen Hypervisor Stub Domains 4.3:";; + esac + cat <<\_ACEOF + +Optional Features: + --disable-option-checking ignore unrecognized --enable/--with options + --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) + --enable-FEATURE[=ARG] include FEATURE [ARG=yes] + --disable-ioemu-stubdom Build and install ioemu-stubdom (default is ENABLED) + --enable-c-stubdom Build and install c-stubdom (default is DISABLED) + --enable-caml-stubdom Build and install caml-stubdom (default is DISABLED) + --disable-pv-grub Build and install pv-grub (default is ENABLED) + --disable-xenstore-stubdom + Build and install xenstore-stubdom (default is + ENABLED) + --enable-vtpm-stubdom Build and install vtpm-stubdom + --enable-vtpmmgr-stubdom + Build and install vtpmmgr-stubdom + --disable-debug Disable debug build of stubdom (default is ENABLED) + --disable-extfiles Use xen extfiles repository for libraries (default + is ENABLED) + +Some influential environment variables: + CMAKE Path to the cmake program + WGET Path to wget program + CC C compiler command + CFLAGS C compiler flags + LDFLAGS linker flags, e.g. -L if you have libraries in a + nonstandard directory + LIBS libraries to pass to the linker, e.g. -l + CPPFLAGS (Objective) C/C++ preprocessor flags, e.g. -I if + you have headers in a nonstandard directory + ZLIB_URL Download url for zlib + LIBPCI_URL Download url for libpci + NEWLIB_URL Download url for newlib + LWIP_URL Download url for lwip + GRUB_URL Download url for grub + OCAML_URL Download url for ocaml + GMP_URL Download url for libgmp + POLARSSL_URL + Download url for polarssl + TPMEMU_URL Download url for berlios tpm emulator + +Use these variables to override the choices made by `configure' or to help +it to find libraries and programs with nonstandard names/locations. + +Report bugs to . +Xen Hypervisor Stub Domains home page: . +_ACEOF +ac_status=$? +fi + +if test "$ac_init_help" = "recursive"; then + # If there are subdirs, report their specific --help. + for ac_dir in : $ac_subdirs_all; do test "x$ac_dir" = x: && continue + test -d "$ac_dir" || + { cd "$srcdir" && ac_pwd=`pwd` && srcdir=. && test -d "$ac_dir"; } || + continue + ac_builddir=. + +case "$ac_dir" in +.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; +*) + ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'` + # A ".." for each directory in $ac_dir_suffix. + ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` + case $ac_top_builddir_sub in + "") ac_top_builddir_sub=. ac_top_build_prefix= ;; + *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; + esac ;; +esac +ac_abs_top_builddir=$ac_pwd +ac_abs_builddir=$ac_pwd$ac_dir_suffix +# for backward compatibility: +ac_top_builddir=$ac_top_build_prefix + +case $srcdir in + .) # We are building in place. + ac_srcdir=. + ac_top_srcdir=$ac_top_builddir_sub + ac_abs_top_srcdir=$ac_pwd ;; + [\\/]* | ?:[\\/]* ) # Absolute name. + ac_srcdir=$srcdir$ac_dir_suffix; + ac_top_srcdir=$srcdir + ac_abs_top_srcdir=$srcdir ;; + *) # Relative name. + ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix + ac_top_srcdir=$ac_top_build_prefix$srcdir + ac_abs_top_srcdir=$ac_pwd/$srcdir ;; +esac +ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix + + cd "$ac_dir" || { ac_status=$?; continue; } + # Check for guested configure. + if test -f "$ac_srcdir/configure.gnu"; then + echo && + $SHELL "$ac_srcdir/configure.gnu" --help=recursive + elif test -f "$ac_srcdir/configure"; then + echo && + $SHELL "$ac_srcdir/configure" --help=recursive + else + $as_echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2 + fi || ac_status=$? + cd "$ac_pwd" || { ac_status=$?; break; } + done +fi + +test -n "$ac_init_help" && exit $ac_status +if $ac_init_version; then + cat <<\_ACEOF +Xen Hypervisor Stub Domains configure 4.3 +generated by GNU Autoconf 2.69 + +Copyright (C) 2012 Free Software Foundation, Inc. +This configure script is free software; the Free Software Foundation +gives unlimited permission to copy, distribute and modify it. +_ACEOF + exit +fi + +## ------------------------ ## +## Autoconf initialization. ## +## ------------------------ ## + +# ac_fn_c_try_compile LINENO +# -------------------------- +# Try to compile conftest.$ac_ext, and return whether this succeeded. +ac_fn_c_try_compile () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + rm -f conftest.$ac_objext + if { { ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_compile") 2>conftest.err + ac_status=$? + if test -s conftest.err; then + grep -v '^ *+' conftest.err >conftest.er1 + cat conftest.er1 >&5 + mv -f conftest.er1 conftest.err + fi + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then : + ac_retval=0 +else + $as_echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_retval=1 +fi + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno + as_fn_set_status $ac_retval + +} # ac_fn_c_try_compile +cat >config.log <<_ACEOF +This file contains any messages produced by compilers while +running configure, to aid debugging if configure makes a mistake. + +It was created by Xen Hypervisor Stub Domains $as_me 4.3, which was +generated by GNU Autoconf 2.69. Invocation command line was + + $ $0 $@ + +_ACEOF +exec 5>>config.log +{ +cat <<_ASUNAME +## --------- ## +## Platform. ## +## --------- ## + +hostname = `(hostname || uname -n) 2>/dev/null | sed 1q` +uname -m = `(uname -m) 2>/dev/null || echo unknown` +uname -r = `(uname -r) 2>/dev/null || echo unknown` +uname -s = `(uname -s) 2>/dev/null || echo unknown` +uname -v = `(uname -v) 2>/dev/null || echo unknown` + +/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null || echo unknown` +/bin/uname -X = `(/bin/uname -X) 2>/dev/null || echo unknown` + +/bin/arch = `(/bin/arch) 2>/dev/null || echo unknown` +/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null || echo unknown` +/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null || echo unknown` +/usr/bin/hostinfo = `(/usr/bin/hostinfo) 2>/dev/null || echo unknown` +/bin/machine = `(/bin/machine) 2>/dev/null || echo unknown` +/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null || echo unknown` +/bin/universe = `(/bin/universe) 2>/dev/null || echo unknown` + +_ASUNAME + +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + $as_echo "PATH: $as_dir" + done +IFS=$as_save_IFS + +} >&5 + +cat >&5 <<_ACEOF + + +## ----------- ## +## Core tests. ## +## ----------- ## + +_ACEOF + + +# Keep a trace of the command line. +# Strip out --no-create and --no-recursion so they do not pile up. +# Strip out --silent because we don't want to record it for future runs. +# Also quote any args containing shell meta-characters. +# Make two passes to allow for proper duplicate-argument suppression. +ac_configure_args= +ac_configure_args0= +ac_configure_args1= +ac_must_keep_next=false +for ac_pass in 1 2 +do + for ac_arg + do + case $ac_arg in + -no-create | --no-c* | -n | -no-recursion | --no-r*) continue ;; + -q | -quiet | --quiet | --quie | --qui | --qu | --q \ + | -silent | --silent | --silen | --sile | --sil) + continue ;; + *\'*) + ac_arg=`$as_echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;; + esac + case $ac_pass in + 1) as_fn_append ac_configure_args0 " '$ac_arg'" ;; + 2) + as_fn_append ac_configure_args1 " '$ac_arg'" + if test $ac_must_keep_next = true; then + ac_must_keep_next=false # Got value, back to normal. + else + case $ac_arg in + *=* | --config-cache | -C | -disable-* | --disable-* \ + | -enable-* | --enable-* | -gas | --g* | -nfp | --nf* \ + | -q | -quiet | --q* | -silent | --sil* | -v | -verb* \ + | -with-* | --with-* | -without-* | --without-* | --x) + case "$ac_configure_args0 " in + "$ac_configure_args1"*" '$ac_arg' "* ) continue ;; + esac + ;; + -* ) ac_must_keep_next=true ;; + esac + fi + as_fn_append ac_configure_args " '$ac_arg'" + ;; + esac + done +done +{ ac_configure_args0=; unset ac_configure_args0;} +{ ac_configure_args1=; unset ac_configure_args1;} + +# When interrupted or exit'd, cleanup temporary files, and complete +# config.log. We remove comments because anyway the quotes in there +# would cause problems or look ugly. +# WARNING: Use '\'' to represent an apostrophe within the trap. +# WARNING: Do not start the trap code with a newline, due to a FreeBSD 4.0 bug. +trap 'exit_status=$? + # Save into config.log some information that might help in debugging. + { + echo + + $as_echo "## ---------------- ## +## Cache variables. ## +## ---------------- ##" + echo + # The following way of writing the cache mishandles newlines in values, +( + for ac_var in `(set) 2>&1 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`; do + eval ac_val=\$$ac_var + case $ac_val in #( + *${as_nl}*) + case $ac_var in #( + *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 +$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; + esac + case $ac_var in #( + _ | IFS | as_nl) ;; #( + BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #( + *) { eval $ac_var=; unset $ac_var;} ;; + esac ;; + esac + done + (set) 2>&1 | + case $as_nl`(ac_space='\'' '\''; set) 2>&1` in #( + *${as_nl}ac_space=\ *) + sed -n \ + "s/'\''/'\''\\\\'\'''\''/g; + s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\''\\2'\''/p" + ;; #( + *) + sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" + ;; + esac | + sort +) + echo + + $as_echo "## ----------------- ## +## Output variables. ## +## ----------------- ##" + echo + for ac_var in $ac_subst_vars + do + eval ac_val=\$$ac_var + case $ac_val in + *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; + esac + $as_echo "$ac_var='\''$ac_val'\''" + done | sort + echo + + if test -n "$ac_subst_files"; then + $as_echo "## ------------------- ## +## File substitutions. ## +## ------------------- ##" + echo + for ac_var in $ac_subst_files + do + eval ac_val=\$$ac_var + case $ac_val in + *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; + esac + $as_echo "$ac_var='\''$ac_val'\''" + done | sort + echo + fi + + if test -s confdefs.h; then + $as_echo "## ----------- ## +## confdefs.h. ## +## ----------- ##" + echo + cat confdefs.h + echo + fi + test "$ac_signal" != 0 && + $as_echo "$as_me: caught signal $ac_signal" + $as_echo "$as_me: exit $exit_status" + } >&5 + rm -f core *.core core.conftest.* && + rm -f -r conftest* confdefs* conf$$* $ac_clean_files && + exit $exit_status +' 0 +for ac_signal in 1 2 13 15; do + trap 'ac_signal='$ac_signal'; as_fn_exit 1' $ac_signal +done +ac_signal=0 + +# confdefs.h avoids OS command line length limits that DEFS can exceed. +rm -f -r conftest* confdefs.h + +$as_echo "/* confdefs.h */" > confdefs.h + +# Predefined preprocessor variables. + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_NAME "$PACKAGE_NAME" +_ACEOF + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_TARNAME "$PACKAGE_TARNAME" +_ACEOF + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_VERSION "$PACKAGE_VERSION" +_ACEOF + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_STRING "$PACKAGE_STRING" +_ACEOF + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_BUGREPORT "$PACKAGE_BUGREPORT" +_ACEOF + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_URL "$PACKAGE_URL" +_ACEOF + + +# Let the site file select an alternate cache file if it wants to. +# Prefer an explicitly selected file to automatically selected ones. +ac_site_file1=NONE +ac_site_file2=NONE +if test -n "$CONFIG_SITE"; then + # We do not want a PATH search for config.site. + case $CONFIG_SITE in #(( + -*) ac_site_file1=./$CONFIG_SITE;; + */*) ac_site_file1=$CONFIG_SITE;; + *) ac_site_file1=./$CONFIG_SITE;; + esac +elif test "x$prefix" != xNONE; then + ac_site_file1=$prefix/share/config.site + ac_site_file2=$prefix/etc/config.site +else + ac_site_file1=$ac_default_prefix/share/config.site + ac_site_file2=$ac_default_prefix/etc/config.site +fi +for ac_site_file in "$ac_site_file1" "$ac_site_file2" +do + test "x$ac_site_file" = xNONE && continue + if test /dev/null != "$ac_site_file" && test -r "$ac_site_file"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: loading site script $ac_site_file" >&5 +$as_echo "$as_me: loading site script $ac_site_file" >&6;} + sed 's/^/| /' "$ac_site_file" >&5 + . "$ac_site_file" \ + || { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "failed to load site script $ac_site_file +See \`config.log' for more details" "$LINENO" 5; } + fi +done + +if test -r "$cache_file"; then + # Some versions of bash will fail to source /dev/null (special files + # actually), so we avoid doing that. DJGPP emulates it as a regular file. + if test /dev/null != "$cache_file" && test -f "$cache_file"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: loading cache $cache_file" >&5 +$as_echo "$as_me: loading cache $cache_file" >&6;} + case $cache_file in + [\\/]* | ?:[\\/]* ) . "$cache_file";; + *) . "./$cache_file";; + esac + fi +else + { $as_echo "$as_me:${as_lineno-$LINENO}: creating cache $cache_file" >&5 +$as_echo "$as_me: creating cache $cache_file" >&6;} + >$cache_file +fi + +# Check that the precious variables saved in the cache have kept the same +# value. +ac_cache_corrupted=false +for ac_var in $ac_precious_vars; do + eval ac_old_set=\$ac_cv_env_${ac_var}_set + eval ac_new_set=\$ac_env_${ac_var}_set + eval ac_old_val=\$ac_cv_env_${ac_var}_value + eval ac_new_val=\$ac_env_${ac_var}_value + case $ac_old_set,$ac_new_set in + set,) + { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5 +$as_echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;} + ac_cache_corrupted=: ;; + ,set) + { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was not set in the previous run" >&5 +$as_echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;} + ac_cache_corrupted=: ;; + ,);; + *) + if test "x$ac_old_val" != "x$ac_new_val"; then + # differences in whitespace do not lead to failure. + ac_old_val_w=`echo x $ac_old_val` + ac_new_val_w=`echo x $ac_new_val` + if test "$ac_old_val_w" != "$ac_new_val_w"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' has changed since the previous run:" >&5 +$as_echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;} + ac_cache_corrupted=: + else + { $as_echo "$as_me:${as_lineno-$LINENO}: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&5 +$as_echo "$as_me: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&2;} + eval $ac_var=\$ac_old_val + fi + { $as_echo "$as_me:${as_lineno-$LINENO}: former value: \`$ac_old_val'" >&5 +$as_echo "$as_me: former value: \`$ac_old_val'" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: current value: \`$ac_new_val'" >&5 +$as_echo "$as_me: current value: \`$ac_new_val'" >&2;} + fi;; + esac + # Pass precious variables to config.status. + if test "$ac_new_set" = set; then + case $ac_new_val in + *\'*) ac_arg=$ac_var=`$as_echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;; + *) ac_arg=$ac_var=$ac_new_val ;; + esac + case " $ac_configure_args " in + *" '$ac_arg' "*) ;; # Avoid dups. Use of quotes ensures accuracy. + *) as_fn_append ac_configure_args " '$ac_arg'" ;; + esac + fi +done +if $ac_cache_corrupted; then + { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: error: changes in the environment can compromise the build" >&5 +$as_echo "$as_me: error: changes in the environment can compromise the build" >&2;} + as_fn_error $? "run \`make distclean' and/or \`rm $cache_file' and start over" "$LINENO" 5 +fi +## -------------------- ## +## Main body of script. ## +## -------------------- ## + +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + + + +ac_config_files="$ac_config_files ../config/Stubdom.mk" + + +ac_aux_dir= +for ac_dir in ../ "$srcdir"/../; do + if test -f "$ac_dir/install-sh"; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/install-sh -c" + break + elif test -f "$ac_dir/install.sh"; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/install.sh -c" + break + elif test -f "$ac_dir/shtool"; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/shtool install -c" + break + fi +done +if test -z "$ac_aux_dir"; then + as_fn_error $? "cannot find install-sh, install.sh, or shtool in ../ \"$srcdir\"/../" "$LINENO" 5 +fi + +# These three variables are undocumented and unsupported, +# and are intended to be withdrawn in a future Autoconf release. +# They can cause serious problems if a builder's source tree is in a directory +# whose full name contains unusual characters. +ac_config_guess="$SHELL $ac_aux_dir/config.guess" # Please don't use this var. +ac_config_sub="$SHELL $ac_aux_dir/config.sub" # Please don't use this var. +ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var. + + + +# M4 Macro includes + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +# Enable/disable stub domains + +# Check whether --enable-ioemu-stubdom was given. +if test "${enable_ioemu_stubdom+set}" = set; then : + enableval=$enable_ioemu_stubdom; + +if test "x$enableval" = "xyes"; then : + + +ioemu=y +STUBDOM_TARGETS="$STUBDOM_TARGETS ioemu" +STUBDOM_BUILD="$STUBDOM_BUILD ioemu-stubdom" +STUBDOM_INSTALL="$STUBDOM_INSTALL install-ioemu" + + +else + +if test "x$enableval" = "xno"; then : + + +ioemu=n + + +fi + +fi + + +else + + +ioemu=y +STUBDOM_TARGETS="$STUBDOM_TARGETS ioemu" +STUBDOM_BUILD="$STUBDOM_BUILD ioemu-stubdom" +STUBDOM_INSTALL="$STUBDOM_INSTALL install-ioemu" + + +fi + + + + +# Check whether --enable-c-stubdom was given. +if test "${enable_c_stubdom+set}" = set; then : + enableval=$enable_c_stubdom; + +if test "x$enableval" = "xyes"; then : + + +c=y +STUBDOM_TARGETS="$STUBDOM_TARGETS c" +STUBDOM_BUILD="$STUBDOM_BUILD c-stubdom" +STUBDOM_INSTALL="$STUBDOM_INSTALL install-c" + + +else + +if test "x$enableval" = "xno"; then : + + +c=n + + +fi + +fi + + +else + + +c=n + + +fi + + + + +# Check whether --enable-caml-stubdom was given. +if test "${enable_caml_stubdom+set}" = set; then : + enableval=$enable_caml_stubdom; + +if test "x$enableval" = "xyes"; then : + + +caml=y +STUBDOM_TARGETS="$STUBDOM_TARGETS caml" +STUBDOM_BUILD="$STUBDOM_BUILD caml-stubdom" +STUBDOM_INSTALL="$STUBDOM_INSTALL install-caml" + + +else + +if test "x$enableval" = "xno"; then : + + +caml=n + + +fi + +fi + + +else + + +caml=n + + +fi + + + + +# Check whether --enable-pv-grub was given. +if test "${enable_pv_grub+set}" = set; then : + enableval=$enable_pv_grub; + +if test "x$enableval" = "xyes"; then : + + +grub=y +STUBDOM_TARGETS="$STUBDOM_TARGETS grub" +STUBDOM_BUILD="$STUBDOM_BUILD pv-grub" +STUBDOM_INSTALL="$STUBDOM_INSTALL install-grub" + + +else + +if test "x$enableval" = "xno"; then : + + +grub=n + + +fi + +fi + + +else + + +grub=y +STUBDOM_TARGETS="$STUBDOM_TARGETS grub" +STUBDOM_BUILD="$STUBDOM_BUILD pv-grub" +STUBDOM_INSTALL="$STUBDOM_INSTALL install-grub" + + +fi + + + + +# Check whether --enable-xenstore-stubdom was given. +if test "${enable_xenstore_stubdom+set}" = set; then : + enableval=$enable_xenstore_stubdom; + +if test "x$enableval" = "xyes"; then : + + +xenstore=y +STUBDOM_TARGETS="$STUBDOM_TARGETS xenstore" +STUBDOM_BUILD="$STUBDOM_BUILD xenstore-stubdom" +STUBDOM_INSTALL="$STUBDOM_INSTALL install-xenstore" + + +else + +if test "x$enableval" = "xno"; then : + + +xenstore=n + + +fi + +fi + + +else + + +xenstore=y +STUBDOM_TARGETS="$STUBDOM_TARGETS xenstore" +STUBDOM_BUILD="$STUBDOM_BUILD xenstore-stubdom" +STUBDOM_INSTALL="$STUBDOM_INSTALL install-xenstore" + + +fi + + + + +# Check whether --enable-vtpm-stubdom was given. +if test "${enable_vtpm_stubdom+set}" = set; then : + enableval=$enable_vtpm_stubdom; + +if test "x$enableval" = "xyes"; then : + + +vtpm=y +STUBDOM_TARGETS="$STUBDOM_TARGETS vtpm" +STUBDOM_BUILD="$STUBDOM_BUILD vtpm-stubdom" +STUBDOM_INSTALL="$STUBDOM_INSTALL install-vtpm" + + +else + +if test "x$enableval" = "xno"; then : + + +vtpm=n + + +fi + +fi + + +fi + + + +# Check whether --enable-vtpmmgr-stubdom was given. +if test "${enable_vtpmmgr_stubdom+set}" = set; then : + enableval=$enable_vtpmmgr_stubdom; + +if test "x$enableval" = "xyes"; then : + + +vtpmmgr=y +STUBDOM_TARGETS="$STUBDOM_TARGETS vtpmmgr" +STUBDOM_BUILD="$STUBDOM_BUILD vtpmmgr-stubdom" +STUBDOM_INSTALL="$STUBDOM_INSTALL install-vtpmmgr" + + +else + +if test "x$enableval" = "xno"; then : + + +vtpmmgr=n + + +fi + +fi + + +fi + + + + +# Check whether --enable-debug was given. +if test "${enable_debug+set}" = set; then : + enableval=$enable_debug; +fi + + +if test "x$enable_debug" = "xno"; then : + + ax_cv_debug="n" + +elif test "x$enable_debug" = "xyes"; then : + + ax_cv_debug="y" + +elif test -z $ax_cv_debug; then : + + ax_cv_debug="y" + +fi +debug=$ax_cv_debug + + + +# Check whether --enable-extfiles was given. +if test "${enable_extfiles+set}" = set; then : + enableval=$enable_extfiles; +fi + + +if test "x$enable_extfiles" = "xno"; then : + + ax_cv_extfiles="n" + +elif test "x$enable_extfiles" = "xyes"; then : + + ax_cv_extfiles="y" + +elif test -z $ax_cv_extfiles; then : + + ax_cv_extfiles="y" + +fi +extfiles=$ax_cv_extfiles + + + + + + +# Checks for programs. +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu +if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args. +set dummy ${ac_tool_prefix}gcc; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_CC+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_CC="${ac_tool_prefix}gcc" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +CC=$ac_cv_prog_CC +if test -n "$CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +$as_echo "$CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$ac_cv_prog_CC"; then + ac_ct_CC=$CC + # Extract the first word of "gcc", so it can be a program name with args. +set dummy gcc; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_ac_ct_CC+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_CC"; then + ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_CC="gcc" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_CC=$ac_cv_prog_ac_ct_CC +if test -n "$ac_ct_CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 +$as_echo "$ac_ct_CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + if test "x$ac_ct_CC" = x; then + CC="" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + CC=$ac_ct_CC + fi +else + CC="$ac_cv_prog_CC" +fi + +if test -z "$CC"; then + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args. +set dummy ${ac_tool_prefix}cc; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_CC+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_CC="${ac_tool_prefix}cc" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +CC=$ac_cv_prog_CC +if test -n "$CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +$as_echo "$CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + fi +fi +if test -z "$CC"; then + # Extract the first word of "cc", so it can be a program name with args. +set dummy cc; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_CC+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. +else + ac_prog_rejected=no +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then + ac_prog_rejected=yes + continue + fi + ac_cv_prog_CC="cc" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +if test $ac_prog_rejected = yes; then + # We found a bogon in the path, so make sure we never use it. + set dummy $ac_cv_prog_CC + shift + if test $# != 0; then + # We chose a different compiler from the bogus one. + # However, it has the same basename, so the bogon will be chosen + # first if we set CC to just the basename; use the full file name. + shift + ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@" + fi +fi +fi +fi +CC=$ac_cv_prog_CC +if test -n "$CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +$as_echo "$CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$CC"; then + if test -n "$ac_tool_prefix"; then + for ac_prog in cl.exe + do + # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. +set dummy $ac_tool_prefix$ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_CC+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_CC="$ac_tool_prefix$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +CC=$ac_cv_prog_CC +if test -n "$CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +$as_echo "$CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + test -n "$CC" && break + done +fi +if test -z "$CC"; then + ac_ct_CC=$CC + for ac_prog in cl.exe +do + # Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_ac_ct_CC+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_CC"; then + ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_CC="$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_CC=$ac_cv_prog_ac_ct_CC +if test -n "$ac_ct_CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 +$as_echo "$ac_ct_CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + test -n "$ac_ct_CC" && break +done + + if test "x$ac_ct_CC" = x; then + CC="" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + CC=$ac_ct_CC + fi +fi + +fi + + +test -z "$CC" && { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "no acceptable C compiler found in \$PATH +See \`config.log' for more details" "$LINENO" 5; } + +# Provide some information about the compiler. +$as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5 +set X $ac_compile +ac_compiler=$2 +for ac_option in --version -v -V -qversion; do + { { ac_try="$ac_compiler $ac_option >&5" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_compiler $ac_option >&5") 2>conftest.err + ac_status=$? + if test -s conftest.err; then + sed '10a\ +... rest of stderr output deleted ... + 10q' conftest.err >conftest.er1 + cat conftest.er1 >&5 + fi + rm -f conftest.er1 conftest.err + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } +done + +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +ac_clean_files_save=$ac_clean_files +ac_clean_files="$ac_clean_files a.out a.out.dSYM a.exe b.out" +# Try to create an executable without -o first, disregard a.out. +# It will help us diagnose broken compilers, and finding out an intuition +# of exeext. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the C compiler works" >&5 +$as_echo_n "checking whether the C compiler works... " >&6; } +ac_link_default=`$as_echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'` + +# The possible output files: +ac_files="a.out conftest.exe conftest a.exe a_out.exe b.out conftest.*" + +ac_rmfiles= +for ac_file in $ac_files +do + case $ac_file in + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; + * ) ac_rmfiles="$ac_rmfiles $ac_file";; + esac +done +rm -f $ac_rmfiles + +if { { ac_try="$ac_link_default" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_link_default") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then : + # Autoconf-2.13 could set the ac_cv_exeext variable to `no'. +# So ignore a value of `no', otherwise this would lead to `EXEEXT = no' +# in a Makefile. We should not override ac_cv_exeext if it was cached, +# so that the user can short-circuit this test for compilers unknown to +# Autoconf. +for ac_file in $ac_files '' +do + test -f "$ac_file" || continue + case $ac_file in + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) + ;; + [ab].out ) + # We found the default executable, but exeext='' is most + # certainly right. + break;; + *.* ) + if test "${ac_cv_exeext+set}" = set && test "$ac_cv_exeext" != no; + then :; else + ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` + fi + # We set ac_cv_exeext here because the later test for it is not + # safe: cross compilers may not add the suffix if given an `-o' + # argument, so we may need to know it at that point already. + # Even if this section looks crufty: it has the advantage of + # actually working. + break;; + * ) + break;; + esac +done +test "$ac_cv_exeext" = no && ac_cv_exeext= + +else + ac_file='' +fi +if test -z "$ac_file"; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +$as_echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error 77 "C compiler cannot create executables +See \`config.log' for more details" "$LINENO" 5; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler default output file name" >&5 +$as_echo_n "checking for C compiler default output file name... " >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_file" >&5 +$as_echo "$ac_file" >&6; } +ac_exeext=$ac_cv_exeext + +rm -f -r a.out a.out.dSYM a.exe conftest$ac_cv_exeext b.out +ac_clean_files=$ac_clean_files_save +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of executables" >&5 +$as_echo_n "checking for suffix of executables... " >&6; } +if { { ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_link") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then : + # If both `conftest.exe' and `conftest' are `present' (well, observable) +# catch `conftest.exe'. For instance with Cygwin, `ls conftest' will +# work properly (i.e., refer to `conftest.exe'), while it won't with +# `rm'. +for ac_file in conftest.exe conftest conftest.*; do + test -f "$ac_file" || continue + case $ac_file in + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; + *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` + break;; + * ) break;; + esac +done +else + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "cannot compute suffix of executables: cannot compile and link +See \`config.log' for more details" "$LINENO" 5; } +fi +rm -f conftest conftest$ac_cv_exeext +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_exeext" >&5 +$as_echo "$ac_cv_exeext" >&6; } + +rm -f conftest.$ac_ext +EXEEXT=$ac_cv_exeext +ac_exeext=$EXEEXT +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main () +{ +FILE *f = fopen ("conftest.out", "w"); + return ferror (f) || fclose (f) != 0; + + ; + return 0; +} +_ACEOF +ac_clean_files="$ac_clean_files conftest.out" +# Check that the compiler produces executables we can run. If not, either +# the compiler is broken, or we cross compile. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are cross compiling" >&5 +$as_echo_n "checking whether we are cross compiling... " >&6; } +if test "$cross_compiling" != yes; then + { { ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_link") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + if { ac_try='./conftest$ac_cv_exeext' + { { case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_try") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; }; then + cross_compiling=no + else + if test "$cross_compiling" = maybe; then + cross_compiling=yes + else + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "cannot run C compiled programs. +If you meant to cross compile, use \`--host'. +See \`config.log' for more details" "$LINENO" 5; } + fi + fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $cross_compiling" >&5 +$as_echo "$cross_compiling" >&6; } + +rm -f conftest.$ac_ext conftest$ac_cv_exeext conftest.out +ac_clean_files=$ac_clean_files_save +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of object files" >&5 +$as_echo_n "checking for suffix of object files... " >&6; } +if ${ac_cv_objext+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +rm -f conftest.o conftest.obj +if { { ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_compile") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then : + for ac_file in conftest.o conftest.obj conftest.*; do + test -f "$ac_file" || continue; + case $ac_file in + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM ) ;; + *) ac_cv_objext=`expr "$ac_file" : '.*\.\(.*\)'` + break;; + esac +done +else + $as_echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + +{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "cannot compute suffix of object files: cannot compile +See \`config.log' for more details" "$LINENO" 5; } +fi +rm -f conftest.$ac_cv_objext conftest.$ac_ext +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_objext" >&5 +$as_echo "$ac_cv_objext" >&6; } +OBJEXT=$ac_cv_objext +ac_objext=$OBJEXT +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C compiler" >&5 +$as_echo_n "checking whether we are using the GNU C compiler... " >&6; } +if ${ac_cv_c_compiler_gnu+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ +#ifndef __GNUC__ + choke me +#endif + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_compiler_gnu=yes +else + ac_compiler_gnu=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +ac_cv_c_compiler_gnu=$ac_compiler_gnu + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_compiler_gnu" >&5 +$as_echo "$ac_cv_c_compiler_gnu" >&6; } +if test $ac_compiler_gnu = yes; then + GCC=yes +else + GCC= +fi +ac_test_CFLAGS=${CFLAGS+set} +ac_save_CFLAGS=$CFLAGS +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts -g" >&5 +$as_echo_n "checking whether $CC accepts -g... " >&6; } +if ${ac_cv_prog_cc_g+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_save_c_werror_flag=$ac_c_werror_flag + ac_c_werror_flag=yes + ac_cv_prog_cc_g=no + CFLAGS="-g" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_prog_cc_g=yes +else + CFLAGS="" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + +else + ac_c_werror_flag=$ac_save_c_werror_flag + CFLAGS="-g" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_prog_cc_g=yes +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + ac_c_werror_flag=$ac_save_c_werror_flag +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_g" >&5 +$as_echo "$ac_cv_prog_cc_g" >&6; } +if test "$ac_test_CFLAGS" = set; then + CFLAGS=$ac_save_CFLAGS +elif test $ac_cv_prog_cc_g = yes; then + if test "$GCC" = yes; then + CFLAGS="-g -O2" + else + CFLAGS="-g" + fi +else + if test "$GCC" = yes; then + CFLAGS="-O2" + else + CFLAGS= + fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C89" >&5 +$as_echo_n "checking for $CC option to accept ISO C89... " >&6; } +if ${ac_cv_prog_cc_c89+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_cv_prog_cc_c89=no +ac_save_CC=$CC +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +#include +struct stat; +/* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */ +struct buf { int x; }; +FILE * (*rcsopen) (struct buf *, struct stat *, int); +static char *e (p, i) + char **p; + int i; +{ + return p[i]; +} +static char *f (char * (*g) (char **, int), char **p, ...) +{ + char *s; + va_list v; + va_start (v,p); + s = g (p, va_arg (v,int)); + va_end (v); + return s; +} + +/* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has + function prototypes and stuff, but not '\xHH' hex character constants. + These don't provoke an error unfortunately, instead are silently treated + as 'x'. The following induces an error, until -std is added to get + proper ANSI mode. Curiously '\x00'!='x' always comes out true, for an + array size at least. It's necessary to write '\x00'==0 to get something + that's true only with -std. */ +int osf4_cc_array ['\x00' == 0 ? 1 : -1]; + +/* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters + inside strings and character constants. */ +#define FOO(x) 'x' +int xlc6_cc_array[FOO(a) == 'x' ? 1 : -1]; + +int test (int i, double x); +struct s1 {int (*f) (int a);}; +struct s2 {int (*f) (double a);}; +int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int); +int argc; +char **argv; +int +main () +{ +return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1]; + ; + return 0; +} +_ACEOF +for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std \ + -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__" +do + CC="$ac_save_CC $ac_arg" + if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_prog_cc_c89=$ac_arg +fi +rm -f core conftest.err conftest.$ac_objext + test "x$ac_cv_prog_cc_c89" != "xno" && break +done +rm -f conftest.$ac_ext +CC=$ac_save_CC + +fi +# AC_CACHE_VAL +case "x$ac_cv_prog_cc_c89" in + x) + { $as_echo "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 +$as_echo "none needed" >&6; } ;; + xno) + { $as_echo "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 +$as_echo "unsupported" >&6; } ;; + *) + CC="$CC $ac_cv_prog_cc_c89" + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c89" >&5 +$as_echo "$ac_cv_prog_cc_c89" >&6; } ;; +esac +if test "x$ac_cv_prog_cc_c89" != xno; then : + +fi + +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ${MAKE-make} sets \$(MAKE)" >&5 +$as_echo_n "checking whether ${MAKE-make} sets \$(MAKE)... " >&6; } +set x ${MAKE-make} +ac_make=`$as_echo "$2" | sed 's/+/p/g; s/[^a-zA-Z0-9_]/_/g'` +if eval \${ac_cv_prog_make_${ac_make}_set+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat >conftest.make <<\_ACEOF +SHELL = /bin/sh +all: + @echo '@@@%%%=$(MAKE)=@@@%%%' +_ACEOF +# GNU make sometimes prints "make[1]: Entering ...", which would confuse us. +case `${MAKE-make} -f conftest.make 2>/dev/null` in + *@@@%%%=?*=@@@%%%*) + eval ac_cv_prog_make_${ac_make}_set=yes;; + *) + eval ac_cv_prog_make_${ac_make}_set=no;; +esac +rm -f conftest.make +fi +if eval test \$ac_cv_prog_make_${ac_make}_set = yes; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + SET_MAKE= +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + SET_MAKE="MAKE=${MAKE-make}" +fi + +# Find a good install program. We prefer a C program (faster), +# so one script is as good as another. But avoid the broken or +# incompatible versions: +# SysV /etc/install, /usr/sbin/install +# SunOS /usr/etc/install +# IRIX /sbin/install +# AIX /bin/install +# AmigaOS /C/install, which installs bootblocks on floppy discs +# AIX 4 /usr/bin/installbsd, which doesn't work without a -g flag +# AFS /usr/afsws/bin/install, which mishandles nonexistent args +# SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff" +# OS/2's system install, which has a completely different semantic +# ./install, which can be erroneously created by make from ./install.sh. +# Reject install programs that cannot install multiple files. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for a BSD-compatible install" >&5 +$as_echo_n "checking for a BSD-compatible install... " >&6; } +if test -z "$INSTALL"; then +if ${ac_cv_path_install+:} false; then : + $as_echo_n "(cached) " >&6 +else + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + # Account for people who put trailing slashes in PATH elements. +case $as_dir/ in #(( + ./ | .// | /[cC]/* | \ + /etc/* | /usr/sbin/* | /usr/etc/* | /sbin/* | /usr/afsws/bin/* | \ + ?:[\\/]os2[\\/]install[\\/]* | ?:[\\/]OS2[\\/]INSTALL[\\/]* | \ + /usr/ucb/* ) ;; + *) + # OSF1 and SCO ODT 3.0 have their own names for install. + # Don't use installbsd from OSF since it installs stuff as root + # by default. + for ac_prog in ginstall scoinst install; do + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_prog$ac_exec_ext"; then + if test $ac_prog = install && + grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then + # AIX install. It has an incompatible calling convention. + : + elif test $ac_prog = install && + grep pwplus "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then + # program-specific install script used by HP pwplus--don't use. + : + else + rm -rf conftest.one conftest.two conftest.dir + echo one > conftest.one + echo two > conftest.two + mkdir conftest.dir + if "$as_dir/$ac_prog$ac_exec_ext" -c conftest.one conftest.two "`pwd`/conftest.dir" && + test -s conftest.one && test -s conftest.two && + test -s conftest.dir/conftest.one && + test -s conftest.dir/conftest.two + then + ac_cv_path_install="$as_dir/$ac_prog$ac_exec_ext -c" + break 3 + fi + fi + fi + done + done + ;; +esac + + done +IFS=$as_save_IFS + +rm -rf conftest.one conftest.two conftest.dir + +fi + if test "${ac_cv_path_install+set}" = set; then + INSTALL=$ac_cv_path_install + else + # As a last resort, use the slow shell script. Don't cache a + # value for INSTALL within a source directory, because that will + # break other packages using the cache if that directory is + # removed, or if the value is a relative name. + INSTALL=$ac_install_sh + fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $INSTALL" >&5 +$as_echo "$INSTALL" >&6; } + +# Use test -z because SunOS4 sh mishandles braces in ${var-val}. +# It thinks the first close brace ends the variable substitution. +test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}' + +test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL}' + +test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644' + +# Extract the first word of "wget", so it can be a program name with args. +set dummy wget; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_path_WGET+:} false; then : + $as_echo_n "(cached) " >&6 +else + case $WGET in + [\\/]* | ?:[\\/]*) + ac_cv_path_WGET="$WGET" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_WGET="$as_dir/$ac_word$ac_exec_ext" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + test -z "$ac_cv_path_WGET" && ac_cv_path_WGET="no" + ;; +esac +fi +WGET=$ac_cv_path_WGET +if test -n "$WGET"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $WGET" >&5 +$as_echo "$WGET" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +if test x"${WGET}" == x"no" +then + as_fn_error $? "Unable to find wget, please install wget" "$LINENO" 5 +fi + +# Checks for programs that depend on a feature + +if test "x$vtpm" = "xy"; then : + # Extract the first word of "cmake", so it can be a program name with args. +set dummy cmake; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_path_CMAKE+:} false; then : + $as_echo_n "(cached) " >&6 +else + case $CMAKE in + [\\/]* | ?:[\\/]*) + ac_cv_path_CMAKE="$CMAKE" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_CMAKE="$as_dir/$ac_word$ac_exec_ext" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + test -z "$ac_cv_path_CMAKE" && ac_cv_path_CMAKE="no" + ;; +esac +fi +CMAKE=$ac_cv_path_CMAKE +if test -n "$CMAKE"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CMAKE" >&5 +$as_echo "$CMAKE" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +if test x"${CMAKE}" == x"no" +then + as_fn_error $? "Unable to find cmake, please install cmake" "$LINENO" 5 +fi +else + +if test "x$vtpm" = "xn"; then : + +CMAKE="/cmake-disabled-in-configure-script" + +else + +# Extract the first word of "cmake", so it can be a program name with args. +set dummy cmake; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_path_CMAKE+:} false; then : + $as_echo_n "(cached) " >&6 +else + case $CMAKE in + [\\/]* | ?:[\\/]*) + ac_cv_path_CMAKE="$CMAKE" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_CMAKE="$as_dir/$ac_word$ac_exec_ext" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + test -z "$ac_cv_path_CMAKE" && ac_cv_path_CMAKE="no" + ;; +esac +fi +CMAKE=$ac_cv_path_CMAKE +if test -n "$CMAKE"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CMAKE" >&5 +$as_echo "$CMAKE" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +if test x"${CMAKE}" = "xno"; then : + +vtpm=n +CMAKE="/cmake-disabled-in-configure-script" + +fi + +fi + +fi + + + +# Stubdom libraries version and url setup + + +if test "x$ZLIB_URL" = "x"; then : + + if test "x$extfiles" = "xy"; then : + ZLIB_URL=\$\(XEN_EXTFILES_URL\) +else + ZLIB_URL="http://www.zlib.net" +fi + +fi +ZLIB_VERSION="1.2.3" + + + + + +if test "x$LIBPCI_URL" = "x"; then : + + if test "x$extfiles" = "xy"; then : + LIBPCI_URL=\$\(XEN_EXTFILES_URL\) +else + LIBPCI_URL="http://www.kernel.org/pub/software/utils/pciutils" +fi + +fi +LIBPCI_VERSION="2.2.9" + + + + + +if test "x$NEWLIB_URL" = "x"; then : + + if test "x$extfiles" = "xy"; then : + NEWLIB_URL=\$\(XEN_EXTFILES_URL\) +else + NEWLIB_URL="ftp://sources.redhat.com/pub/newlib" +fi + +fi +NEWLIB_VERSION="1.16.0" + + + + + +if test "x$LWIP_URL" = "x"; then : + + if test "x$extfiles" = "xy"; then : + LWIP_URL=\$\(XEN_EXTFILES_URL\) +else + LWIP_URL="http://download.savannah.gnu.org/releases/lwip" +fi + +fi +LWIP_VERSION="1.3.0" + + + + + +if test "x$GRUB_URL" = "x"; then : + + if test "x$extfiles" = "xy"; then : + GRUB_URL=\$\(XEN_EXTFILES_URL\) +else + GRUB_URL="http://alpha.gnu.org/gnu/grub" +fi + +fi +GRUB_VERSION="0.97" + + + + + +if test "x$OCAML_URL" = "x"; then : + + OCAML_URL="http://caml.inria.fr/pub/distrib/ocaml-3.11" + +fi +OCAML_VERSION="3.11.0" + + + + + +if test "x$GMP_URL" = "x"; then : + + if test "x$extfiles" = "xy"; then : + GMP_URL=\$\(XEN_EXTFILES_URL\) +else + GMP_URL="ftp://ftp.gmplib.org/pub/gmp-4.3.2" +fi + +fi +GMP_VERSION="4.3.2" + + + + + +if test "x$POLARSSL_URL" = "x"; then : + + if test "x$extfiles" = "xy"; then : + POLARSSL_URL=\$\(XEN_EXTFILES_URL\) +else + POLARSSL_URL="http://polarssl.org/code/releases" +fi + +fi +POLARSSL_VERSION="1.1.4" + + + + + +if test "x$TPMEMU_URL" = "x"; then : + + if test "x$extfiles" = "xy"; then : + TPMEMU_URL=\$\(XEN_EXTFILES_URL\) +else + TPMEMU_URL="http://download.berlios.de/tpm-emulator" +fi + +fi +TPMEMU_VERSION="0.7.4" + + + + +#These stubdoms should be enabled if the dependent one is + +if test "x$vtpmmgr" = "x" && test "x$vtpm" = "xn"; then : + +vtpmmgr="n" + +fi + + +#Conditionally enable these stubdoms based on the presense of dependencies + +if test "x$vtpm" = "xy" || test "x$vtpm" = "x"; then : + + +vtpm=y +STUBDOM_TARGETS="$STUBDOM_TARGETS vtpm" +STUBDOM_BUILD="$STUBDOM_BUILD vtpm-stubdom" +STUBDOM_INSTALL="$STUBDOM_INSTALL install-vtpm" + + +else + + +vtpm=n + + +fi + + + +if test "x$vtpmmgr" = "xy" || test "x$vtpmmgr" = "x"; then : + + +vtpmmgr=y +STUBDOM_TARGETS="$STUBDOM_TARGETS vtpmmgr" +STUBDOM_BUILD="$STUBDOM_BUILD vtpmmgr-stubdom" +STUBDOM_INSTALL="$STUBDOM_INSTALL install-vtpmmgr" + + +else + + +vtpmmgr=n + + +fi + + + + + + + +echo "Will build the following stub domains:" +for x in $STUBDOM_BUILD; do + echo " $x" +done + +cat >confcache <<\_ACEOF +# This file is a shell script that caches the results of configure +# tests run on this system so they can be shared between configure +# scripts and configure runs, see configure's option --config-cache. +# It is not useful on other systems. If it contains results you don't +# want to keep, you may remove or edit it. +# +# config.status only pays attention to the cache file if you give it +# the --recheck option to rerun configure. +# +# `ac_cv_env_foo' variables (set or unset) will be overridden when +# loading this file, other *unset* `ac_cv_foo' will be assigned the +# following values. + +_ACEOF + +# The following way of writing the cache mishandles newlines in values, +# but we know of no workaround that is simple, portable, and efficient. +# So, we kill variables containing newlines. +# Ultrix sh set writes to stderr and can't be redirected directly, +# and sets the high bit in the cache file unless we assign to the vars. +( + for ac_var in `(set) 2>&1 | sed -n 's/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'`; do + eval ac_val=\$$ac_var + case $ac_val in #( + *${as_nl}*) + case $ac_var in #( + *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 +$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; + esac + case $ac_var in #( + _ | IFS | as_nl) ;; #( + BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #( + *) { eval $ac_var=; unset $ac_var;} ;; + esac ;; + esac + done + + (set) 2>&1 | + case $as_nl`(ac_space=' '; set) 2>&1` in #( + *${as_nl}ac_space=\ *) + # `set' does not quote correctly, so add quotes: double-quote + # substitution turns \\\\ into \\, and sed turns \\ into \. + sed -n \ + "s/'/'\\\\''/g; + s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\\2'/p" + ;; #( + *) + # `set' quotes correctly as required by POSIX, so do not add quotes. + sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" + ;; + esac | + sort +) | + sed ' + /^ac_cv_env_/b end + t clear + :clear + s/^\([^=]*\)=\(.*[{}].*\)$/test "${\1+set}" = set || &/ + t end + s/^\([^=]*\)=\(.*\)$/\1=${\1=\2}/ + :end' >>confcache +if diff "$cache_file" confcache >/dev/null 2>&1; then :; else + if test -w "$cache_file"; then + if test "x$cache_file" != "x/dev/null"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: updating cache $cache_file" >&5 +$as_echo "$as_me: updating cache $cache_file" >&6;} + if test ! -f "$cache_file" || test -h "$cache_file"; then + cat confcache >"$cache_file" + else + case $cache_file in #( + */* | ?:*) + mv -f confcache "$cache_file"$$ && + mv -f "$cache_file"$$ "$cache_file" ;; #( + *) + mv -f confcache "$cache_file" ;; + esac + fi + fi + else + { $as_echo "$as_me:${as_lineno-$LINENO}: not updating unwritable cache $cache_file" >&5 +$as_echo "$as_me: not updating unwritable cache $cache_file" >&6;} + fi +fi +rm -f confcache + +test "x$prefix" = xNONE && prefix=$ac_default_prefix +# Let make expand exec_prefix. +test "x$exec_prefix" = xNONE && exec_prefix='${prefix}' + +# Transform confdefs.h into DEFS. +# Protect against shell expansion while executing Makefile rules. +# Protect against Makefile macro expansion. +# +# If the first sed substitution is executed (which looks for macros that +# take arguments), then branch to the quote section. Otherwise, +# look for a macro that doesn't take arguments. +ac_script=' +:mline +/\\$/{ + N + s,\\\n,, + b mline +} +t clear +:clear +s/^[ ]*#[ ]*define[ ][ ]*\([^ (][^ (]*([^)]*)\)[ ]*\(.*\)/-D\1=\2/g +t quote +s/^[ ]*#[ ]*define[ ][ ]*\([^ ][^ ]*\)[ ]*\(.*\)/-D\1=\2/g +t quote +b any +:quote +s/[ `~#$^&*(){}\\|;'\''"<>?]/\\&/g +s/\[/\\&/g +s/\]/\\&/g +s/\$/$$/g +H +:any +${ + g + s/^\n// + s/\n/ /g + p +} +' +DEFS=`sed -n "$ac_script" confdefs.h` + + +ac_libobjs= +ac_ltlibobjs= +U= +for ac_i in : $LIBOBJS; do test "x$ac_i" = x: && continue + # 1. Remove the extension, and $U if already installed. + ac_script='s/\$U\././;s/\.o$//;s/\.obj$//' + ac_i=`$as_echo "$ac_i" | sed "$ac_script"` + # 2. Prepend LIBOBJDIR. When used with automake>=1.10 LIBOBJDIR + # will be set to the directory where LIBOBJS objects are built. + as_fn_append ac_libobjs " \${LIBOBJDIR}$ac_i\$U.$ac_objext" + as_fn_append ac_ltlibobjs " \${LIBOBJDIR}$ac_i"'$U.lo' +done +LIBOBJS=$ac_libobjs + +LTLIBOBJS=$ac_ltlibobjs + + + +: "${CONFIG_STATUS=./config.status}" +ac_write_fail=0 +ac_clean_files_save=$ac_clean_files +ac_clean_files="$ac_clean_files $CONFIG_STATUS" +{ $as_echo "$as_me:${as_lineno-$LINENO}: creating $CONFIG_STATUS" >&5 +$as_echo "$as_me: creating $CONFIG_STATUS" >&6;} +as_write_fail=0 +cat >$CONFIG_STATUS <<_ASEOF || as_write_fail=1 +#! $SHELL +# Generated by $as_me. +# Run this file to recreate the current configuration. +# Compiler output produced by configure, useful for debugging +# configure, is in config.log if it exists. + +debug=false +ac_cs_recheck=false +ac_cs_silent=false + +SHELL=\${CONFIG_SHELL-$SHELL} +export SHELL +_ASEOF +cat >>$CONFIG_STATUS <<\_ASEOF || as_write_fail=1 +## -------------------- ## +## M4sh Initialization. ## +## -------------------- ## + +# Be more Bourne compatible +DUALCASE=1; export DUALCASE # for MKS sh +if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : + emulate sh + NULLCMD=: + # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which + # is contrary to our usage. Disable this feature. + alias -g '${1+"$@"}'='"$@"' + setopt NO_GLOB_SUBST +else + case `(set -o) 2>/dev/null` in #( + *posix*) : + set -o posix ;; #( + *) : + ;; +esac +fi + + +as_nl=' +' +export as_nl +# Printing a long string crashes Solaris 7 /usr/bin/printf. +as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo +# Prefer a ksh shell builtin over an external printf program on Solaris, +# but without wasting forks for bash or zsh. +if test -z "$BASH_VERSION$ZSH_VERSION" \ + && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then + as_echo='print -r --' + as_echo_n='print -rn --' +elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then + as_echo='printf %s\n' + as_echo_n='printf %s' +else + if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then + as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"' + as_echo_n='/usr/ucb/echo -n' + else + as_echo_body='eval expr "X$1" : "X\\(.*\\)"' + as_echo_n_body='eval + arg=$1; + case $arg in #( + *"$as_nl"*) + expr "X$arg" : "X\\(.*\\)$as_nl"; + arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;; + esac; + expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl" + ' + export as_echo_n_body + as_echo_n='sh -c $as_echo_n_body as_echo' + fi + export as_echo_body + as_echo='sh -c $as_echo_body as_echo' +fi + +# The user is always right. +if test "${PATH_SEPARATOR+set}" != set; then + PATH_SEPARATOR=: + (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { + (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || + PATH_SEPARATOR=';' + } +fi + + +# IFS +# We need space, tab and new line, in precisely that order. Quoting is +# there to prevent editors from complaining about space-tab. +# (If _AS_PATH_WALK were called with IFS unset, it would disable word +# splitting by setting IFS to empty value.) +IFS=" "" $as_nl" + +# Find who we are. Look in the path if we contain no directory separator. +as_myself= +case $0 in #(( + *[\\/]* ) as_myself=$0 ;; + *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break + done +IFS=$as_save_IFS + + ;; +esac +# We did not find ourselves, most probably we were run as `sh COMMAND' +# in which case we are not to be found in the path. +if test "x$as_myself" = x; then + as_myself=$0 +fi +if test ! -f "$as_myself"; then + $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 + exit 1 +fi + +# Unset variables that we do not need and which cause bugs (e.g. in +# pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1" +# suppresses any "Segmentation fault" message there. '((' could +# trigger a bug in pdksh 5.2.14. +for as_var in BASH_ENV ENV MAIL MAILPATH +do eval test x\${$as_var+set} = xset \ + && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : +done +PS1='$ ' +PS2='> ' +PS4='+ ' + +# NLS nuisances. +LC_ALL=C +export LC_ALL +LANGUAGE=C +export LANGUAGE + +# CDPATH. +(unset CDPATH) >/dev/null 2>&1 && unset CDPATH + + +# as_fn_error STATUS ERROR [LINENO LOG_FD] +# ---------------------------------------- +# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are +# provided, also output the error to LOG_FD, referencing LINENO. Then exit the +# script with STATUS, using 1 if that was 0. +as_fn_error () +{ + as_status=$1; test $as_status -eq 0 && as_status=1 + if test "$4"; then + as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 + fi + $as_echo "$as_me: error: $2" >&2 + as_fn_exit $as_status +} # as_fn_error + + +# as_fn_set_status STATUS +# ----------------------- +# Set $? to STATUS, without forking. +as_fn_set_status () +{ + return $1 +} # as_fn_set_status + +# as_fn_exit STATUS +# ----------------- +# Exit the shell with STATUS, even in a "trap 0" or "set -e" context. +as_fn_exit () +{ + set +e + as_fn_set_status $1 + exit $1 +} # as_fn_exit + +# as_fn_unset VAR +# --------------- +# Portably unset VAR. +as_fn_unset () +{ + { eval $1=; unset $1;} +} +as_unset=as_fn_unset +# as_fn_append VAR VALUE +# ---------------------- +# Append the text in VALUE to the end of the definition contained in VAR. Take +# advantage of any shell optimizations that allow amortized linear growth over +# repeated appends, instead of the typical quadratic growth present in naive +# implementations. +if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then : + eval 'as_fn_append () + { + eval $1+=\$2 + }' +else + as_fn_append () + { + eval $1=\$$1\$2 + } +fi # as_fn_append + +# as_fn_arith ARG... +# ------------------ +# Perform arithmetic evaluation on the ARGs, and store the result in the +# global $as_val. Take advantage of shells that can avoid forks. The arguments +# must be portable across $(()) and expr. +if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then : + eval 'as_fn_arith () + { + as_val=$(( $* )) + }' +else + as_fn_arith () + { + as_val=`expr "$@" || test $? -eq 1` + } +fi # as_fn_arith + + +if expr a : '\(a\)' >/dev/null 2>&1 && + test "X`expr 00001 : '.*\(...\)'`" = X001; then + as_expr=expr +else + as_expr=false +fi + +if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then + as_basename=basename +else + as_basename=false +fi + +if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then + as_dirname=dirname +else + as_dirname=false +fi + +as_me=`$as_basename -- "$0" || +$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ + X"$0" : 'X\(//\)$' \| \ + X"$0" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X/"$0" | + sed '/^.*\/\([^/][^/]*\)\/*$/{ + s//\1/ + q + } + /^X\/\(\/\/\)$/{ + s//\1/ + q + } + /^X\/\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + +# Avoid depending upon Character Ranges. +as_cr_letters='abcdefghijklmnopqrstuvwxyz' +as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' +as_cr_Letters=$as_cr_letters$as_cr_LETTERS +as_cr_digits='0123456789' +as_cr_alnum=$as_cr_Letters$as_cr_digits + +ECHO_C= ECHO_N= ECHO_T= +case `echo -n x` in #((((( +-n*) + case `echo 'xy\c'` in + *c*) ECHO_T=' ';; # ECHO_T is single tab character. + xy) ECHO_C='\c';; + *) echo `echo ksh88 bug on AIX 6.1` > /dev/null + ECHO_T=' ';; + esac;; +*) + ECHO_N='-n';; +esac + +rm -f conf$$ conf$$.exe conf$$.file +if test -d conf$$.dir; then + rm -f conf$$.dir/conf$$.file +else + rm -f conf$$.dir + mkdir conf$$.dir 2>/dev/null +fi +if (echo >conf$$.file) 2>/dev/null; then + if ln -s conf$$.file conf$$ 2>/dev/null; then + as_ln_s='ln -s' + # ... but there are two gotchas: + # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. + # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. + # In both cases, we have to default to `cp -pR'. + ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || + as_ln_s='cp -pR' + elif ln conf$$.file conf$$ 2>/dev/null; then + as_ln_s=ln + else + as_ln_s='cp -pR' + fi +else + as_ln_s='cp -pR' +fi +rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file +rmdir conf$$.dir 2>/dev/null + + +# as_fn_mkdir_p +# ------------- +# Create "$as_dir" as a directory, including parents if necessary. +as_fn_mkdir_p () +{ + + case $as_dir in #( + -*) as_dir=./$as_dir;; + esac + test -d "$as_dir" || eval $as_mkdir_p || { + as_dirs= + while :; do + case $as_dir in #( + *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( + *) as_qdir=$as_dir;; + esac + as_dirs="'$as_qdir' $as_dirs" + as_dir=`$as_dirname -- "$as_dir" || +$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$as_dir" : 'X\(//\)[^/]' \| \ + X"$as_dir" : 'X\(//\)$' \| \ + X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$as_dir" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + test -d "$as_dir" && break + done + test -z "$as_dirs" || eval "mkdir $as_dirs" + } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" + + +} # as_fn_mkdir_p +if mkdir -p . 2>/dev/null; then + as_mkdir_p='mkdir -p "$as_dir"' +else + test -d ./-p && rmdir ./-p + as_mkdir_p=false +fi + + +# as_fn_executable_p FILE +# ----------------------- +# Test if FILE is an executable regular file. +as_fn_executable_p () +{ + test -f "$1" && test -x "$1" +} # as_fn_executable_p +as_test_x='test -x' +as_executable_p=as_fn_executable_p + +# Sed expression to map a string onto a valid CPP name. +as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" + +# Sed expression to map a string onto a valid variable name. +as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" + + +exec 6>&1 +## ----------------------------------- ## +## Main body of $CONFIG_STATUS script. ## +## ----------------------------------- ## +_ASEOF +test $as_write_fail = 0 && chmod +x $CONFIG_STATUS || ac_write_fail=1 + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +# Save the log message, to keep $0 and so on meaningful, and to +# report actual input values of CONFIG_FILES etc. instead of their +# values after options handling. +ac_log=" +This file was extended by Xen Hypervisor Stub Domains $as_me 4.3, which was +generated by GNU Autoconf 2.69. Invocation command line was + + CONFIG_FILES = $CONFIG_FILES + CONFIG_HEADERS = $CONFIG_HEADERS + CONFIG_LINKS = $CONFIG_LINKS + CONFIG_COMMANDS = $CONFIG_COMMANDS + $ $0 $@ + +on `(hostname || uname -n) 2>/dev/null | sed 1q` +" + +_ACEOF + +case $ac_config_files in *" +"*) set x $ac_config_files; shift; ac_config_files=$*;; +esac + + + +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +# Files that config.status was made for. +config_files="$ac_config_files" + +_ACEOF + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +ac_cs_usage="\ +\`$as_me' instantiates files and other configuration actions +from templates according to the current configuration. Unless the files +and actions are specified as TAGs, all are instantiated by default. + +Usage: $0 [OPTION]... [TAG]... + + -h, --help print this help, then exit + -V, --version print version number and configuration settings, then exit + --config print configuration, then exit + -q, --quiet, --silent + do not print progress messages + -d, --debug don't remove temporary files + --recheck update $as_me by reconfiguring in the same conditions + --file=FILE[:TEMPLATE] + instantiate the configuration file FILE + +Configuration files: +$config_files + +Report bugs to . +Xen Hypervisor Stub Domains home page: ." + +_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" +ac_cs_version="\\ +Xen Hypervisor Stub Domains config.status 4.3 +configured by $0, generated by GNU Autoconf 2.69, + with options \\"\$ac_cs_config\\" + +Copyright (C) 2012 Free Software Foundation, Inc. +This config.status script is free software; the Free Software Foundation +gives unlimited permission to copy, distribute and modify it." + +ac_pwd='$ac_pwd' +srcdir='$srcdir' +INSTALL='$INSTALL' +test -n "\$AWK" || AWK=awk +_ACEOF + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +# The default lists apply if the user does not specify any file. +ac_need_defaults=: +while test $# != 0 +do + case $1 in + --*=?*) + ac_option=`expr "X$1" : 'X\([^=]*\)='` + ac_optarg=`expr "X$1" : 'X[^=]*=\(.*\)'` + ac_shift=: + ;; + --*=) + ac_option=`expr "X$1" : 'X\([^=]*\)='` + ac_optarg= + ac_shift=: + ;; + *) + ac_option=$1 + ac_optarg=$2 + ac_shift=shift + ;; + esac + + case $ac_option in + # Handling of the options. + -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r) + ac_cs_recheck=: ;; + --version | --versio | --versi | --vers | --ver | --ve | --v | -V ) + $as_echo "$ac_cs_version"; exit ;; + --config | --confi | --conf | --con | --co | --c ) + $as_echo "$ac_cs_config"; exit ;; + --debug | --debu | --deb | --de | --d | -d ) + debug=: ;; + --file | --fil | --fi | --f ) + $ac_shift + case $ac_optarg in + *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;; + '') as_fn_error $? "missing file argument" ;; + esac + as_fn_append CONFIG_FILES " '$ac_optarg'" + ac_need_defaults=false;; + --he | --h | --help | --hel | -h ) + $as_echo "$ac_cs_usage"; exit ;; + -q | -quiet | --quiet | --quie | --qui | --qu | --q \ + | -silent | --silent | --silen | --sile | --sil | --si | --s) + ac_cs_silent=: ;; + + # This is an error. + -*) as_fn_error $? "unrecognized option: \`$1' +Try \`$0 --help' for more information." ;; + + *) as_fn_append ac_config_targets " $1" + ac_need_defaults=false ;; + + esac + shift +done + +ac_configure_extra_args= + +if $ac_cs_silent; then + exec 6>/dev/null + ac_configure_extra_args="$ac_configure_extra_args --silent" +fi + +_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +if \$ac_cs_recheck; then + set X $SHELL '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion + shift + \$as_echo "running CONFIG_SHELL=$SHELL \$*" >&6 + CONFIG_SHELL='$SHELL' + export CONFIG_SHELL + exec "\$@" +fi + +_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +exec 5>>config.log +{ + echo + sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX +## Running $as_me. ## +_ASBOX + $as_echo "$ac_log" +} >&5 + +_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +_ACEOF + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 + +# Handling of arguments. +for ac_config_target in $ac_config_targets +do + case $ac_config_target in + "../config/Stubdom.mk") CONFIG_FILES="$CONFIG_FILES ../config/Stubdom.mk" ;; + + *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;; + esac +done + + +# If the user did not use the arguments to specify the items to instantiate, +# then the envvar interface is used. Set only those that are not. +# We use the long form for the default assignment because of an extremely +# bizarre bug on SunOS 4.1.3. +if $ac_need_defaults; then + test "${CONFIG_FILES+set}" = set || CONFIG_FILES=$config_files +fi + +# Have a temporary directory for convenience. Make it in the build tree +# simply because there is no reason against having it here, and in addition, +# creating and moving files from /tmp can sometimes cause problems. +# Hook for its removal unless debugging. +# Note that there is a small window in which the directory will not be cleaned: +# after its creation but before its name has been assigned to `$tmp'. +$debug || +{ + tmp= ac_tmp= + trap 'exit_status=$? + : "${ac_tmp:=$tmp}" + { test ! -d "$ac_tmp" || rm -fr "$ac_tmp"; } && exit $exit_status +' 0 + trap 'as_fn_exit 1' 1 2 13 15 +} +# Create a (secure) tmp directory for tmp files. + +{ + tmp=`(umask 077 && mktemp -d "./confXXXXXX") 2>/dev/null` && + test -d "$tmp" +} || +{ + tmp=./conf$$-$RANDOM + (umask 077 && mkdir "$tmp") +} || as_fn_error $? "cannot create a temporary directory in ." "$LINENO" 5 +ac_tmp=$tmp + +# Set up the scripts for CONFIG_FILES section. +# No need to generate them if there are no CONFIG_FILES. +# This happens for instance with `./config.status config.h'. +if test -n "$CONFIG_FILES"; then + + +ac_cr=`echo X | tr X '\015'` +# On cygwin, bash can eat \r inside `` if the user requested igncr. +# But we know of no other shell where ac_cr would be empty at this +# point, so we can use a bashism as a fallback. +if test "x$ac_cr" = x; then + eval ac_cr=\$\'\\r\' +fi +ac_cs_awk_cr=`$AWK 'BEGIN { print "a\rb" }' /dev/null` +if test "$ac_cs_awk_cr" = "a${ac_cr}b"; then + ac_cs_awk_cr='\\r' +else + ac_cs_awk_cr=$ac_cr +fi + +echo 'BEGIN {' >"$ac_tmp/subs1.awk" && +_ACEOF + + +{ + echo "cat >conf$$subs.awk <<_ACEOF" && + echo "$ac_subst_vars" | sed 's/.*/&!$&$ac_delim/' && + echo "_ACEOF" +} >conf$$subs.sh || + as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 +ac_delim_num=`echo "$ac_subst_vars" | grep -c '^'` +ac_delim='%!_!# ' +for ac_last_try in false false false false false :; do + . ./conf$$subs.sh || + as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 + + ac_delim_n=`sed -n "s/.*$ac_delim\$/X/p" conf$$subs.awk | grep -c X` + if test $ac_delim_n = $ac_delim_num; then + break + elif $ac_last_try; then + as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 + else + ac_delim="$ac_delim!$ac_delim _$ac_delim!! " + fi +done +rm -f conf$$subs.sh + +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +cat >>"\$ac_tmp/subs1.awk" <<\\_ACAWK && +_ACEOF +sed -n ' +h +s/^/S["/; s/!.*/"]=/ +p +g +s/^[^!]*!// +:repl +t repl +s/'"$ac_delim"'$// +t delim +:nl +h +s/\(.\{148\}\)..*/\1/ +t more1 +s/["\\]/\\&/g; s/^/"/; s/$/\\n"\\/ +p +n +b repl +:more1 +s/["\\]/\\&/g; s/^/"/; s/$/"\\/ +p +g +s/.\{148\}// +t nl +:delim +h +s/\(.\{148\}\)..*/\1/ +t more2 +s/["\\]/\\&/g; s/^/"/; s/$/"/ +p +b +:more2 +s/["\\]/\\&/g; s/^/"/; s/$/"\\/ +p +g +s/.\{148\}// +t delim +' >$CONFIG_STATUS || ac_write_fail=1 +rm -f conf$$subs.awk +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +_ACAWK +cat >>"\$ac_tmp/subs1.awk" <<_ACAWK && + for (key in S) S_is_set[key] = 1 + FS = "" + +} +{ + line = $ 0 + nfields = split(line, field, "@") + substed = 0 + len = length(field[1]) + for (i = 2; i < nfields; i++) { + key = field[i] + keylen = length(key) + if (S_is_set[key]) { + value = S[key] + line = substr(line, 1, len) "" value "" substr(line, len + keylen + 3) + len += length(value) + length(field[++i]) + substed = 1 + } else + len += 1 + keylen + } + + print line +} + +_ACAWK +_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +if sed "s/$ac_cr//" < /dev/null > /dev/null 2>&1; then + sed "s/$ac_cr\$//; s/$ac_cr/$ac_cs_awk_cr/g" +else + cat +fi < "$ac_tmp/subs1.awk" > "$ac_tmp/subs.awk" \ + || as_fn_error $? "could not setup config files machinery" "$LINENO" 5 +_ACEOF + +# VPATH may cause trouble with some makes, so we remove sole $(srcdir), +# ${srcdir} and @srcdir@ entries from VPATH if srcdir is ".", strip leading and +# trailing colons and then remove the whole line if VPATH becomes empty +# (actually we leave an empty line to preserve line numbers). +if test "x$srcdir" = x.; then + ac_vpsub='/^[ ]*VPATH[ ]*=[ ]*/{ +h +s/// +s/^/:/ +s/[ ]*$/:/ +s/:\$(srcdir):/:/g +s/:\${srcdir}:/:/g +s/:@srcdir@:/:/g +s/^:*// +s/:*$// +x +s/\(=[ ]*\).*/\1/ +G +s/\n// +s/^[^=]*=[ ]*$// +}' +fi + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +fi # test -n "$CONFIG_FILES" + + +eval set X " :F $CONFIG_FILES " +shift +for ac_tag +do + case $ac_tag in + :[FHLC]) ac_mode=$ac_tag; continue;; + esac + case $ac_mode$ac_tag in + :[FHL]*:*);; + :L* | :C*:*) as_fn_error $? "invalid tag \`$ac_tag'" "$LINENO" 5;; + :[FH]-) ac_tag=-:-;; + :[FH]*) ac_tag=$ac_tag:$ac_tag.in;; + esac + ac_save_IFS=$IFS + IFS=: + set x $ac_tag + IFS=$ac_save_IFS + shift + ac_file=$1 + shift + + case $ac_mode in + :L) ac_source=$1;; + :[FH]) + ac_file_inputs= + for ac_f + do + case $ac_f in + -) ac_f="$ac_tmp/stdin";; + *) # Look for the file first in the build tree, then in the source tree + # (if the path is not absolute). The absolute path cannot be DOS-style, + # because $ac_f cannot contain `:'. + test -f "$ac_f" || + case $ac_f in + [\\/$]*) false;; + *) test -f "$srcdir/$ac_f" && ac_f="$srcdir/$ac_f";; + esac || + as_fn_error 1 "cannot find input file: \`$ac_f'" "$LINENO" 5;; + esac + case $ac_f in *\'*) ac_f=`$as_echo "$ac_f" | sed "s/'/'\\\\\\\\''/g"`;; esac + as_fn_append ac_file_inputs " '$ac_f'" + done + + # Let's still pretend it is `configure' which instantiates (i.e., don't + # use $as_me), people would be surprised to read: + # /* config.h. Generated by config.status. */ + configure_input='Generated from '` + $as_echo "$*" | sed 's|^[^:]*/||;s|:[^:]*/|, |g' + `' by configure.' + if test x"$ac_file" != x-; then + configure_input="$ac_file. $configure_input" + { $as_echo "$as_me:${as_lineno-$LINENO}: creating $ac_file" >&5 +$as_echo "$as_me: creating $ac_file" >&6;} + fi + # Neutralize special characters interpreted by sed in replacement strings. + case $configure_input in #( + *\&* | *\|* | *\\* ) + ac_sed_conf_input=`$as_echo "$configure_input" | + sed 's/[\\\\&|]/\\\\&/g'`;; #( + *) ac_sed_conf_input=$configure_input;; + esac + + case $ac_tag in + *:-:* | *:-) cat >"$ac_tmp/stdin" \ + || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;; + esac + ;; + esac + + ac_dir=`$as_dirname -- "$ac_file" || +$as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$ac_file" : 'X\(//\)[^/]' \| \ + X"$ac_file" : 'X\(//\)$' \| \ + X"$ac_file" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$ac_file" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + as_dir="$ac_dir"; as_fn_mkdir_p + ac_builddir=. + +case "$ac_dir" in +.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; +*) + ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'` + # A ".." for each directory in $ac_dir_suffix. + ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` + case $ac_top_builddir_sub in + "") ac_top_builddir_sub=. ac_top_build_prefix= ;; + *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; + esac ;; +esac +ac_abs_top_builddir=$ac_pwd +ac_abs_builddir=$ac_pwd$ac_dir_suffix +# for backward compatibility: +ac_top_builddir=$ac_top_build_prefix + +case $srcdir in + .) # We are building in place. + ac_srcdir=. + ac_top_srcdir=$ac_top_builddir_sub + ac_abs_top_srcdir=$ac_pwd ;; + [\\/]* | ?:[\\/]* ) # Absolute name. + ac_srcdir=$srcdir$ac_dir_suffix; + ac_top_srcdir=$srcdir + ac_abs_top_srcdir=$srcdir ;; + *) # Relative name. + ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix + ac_top_srcdir=$ac_top_build_prefix$srcdir + ac_abs_top_srcdir=$ac_pwd/$srcdir ;; +esac +ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix + + + case $ac_mode in + :F) + # + # CONFIG_FILE + # + + case $INSTALL in + [\\/$]* | ?:[\\/]* ) ac_INSTALL=$INSTALL ;; + *) ac_INSTALL=$ac_top_build_prefix$INSTALL ;; + esac +_ACEOF + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +# If the template does not know about datarootdir, expand it. +# FIXME: This hack should be removed a few years after 2.60. +ac_datarootdir_hack=; ac_datarootdir_seen= +ac_sed_dataroot=' +/datarootdir/ { + p + q +} +/@datadir@/p +/@docdir@/p +/@infodir@/p +/@localedir@/p +/@mandir@/p' +case `eval "sed -n \"\$ac_sed_dataroot\" $ac_file_inputs"` in +*datarootdir*) ac_datarootdir_seen=yes;; +*@datadir@*|*@docdir@*|*@infodir@*|*@localedir@*|*@mandir@*) + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5 +$as_echo "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;} +_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 + ac_datarootdir_hack=' + s&@datadir@&$datadir&g + s&@docdir@&$docdir&g + s&@infodir@&$infodir&g + s&@localedir@&$localedir&g + s&@mandir@&$mandir&g + s&\\\${datarootdir}&$datarootdir&g' ;; +esac +_ACEOF + +# Neutralize VPATH when `$srcdir' = `.'. +# Shell code in configure.ac might set extrasub. +# FIXME: do we really want to maintain this feature? +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +ac_sed_extra="$ac_vpsub +$extrasub +_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +:t +/@[a-zA-Z_][a-zA-Z_0-9]*@/!b +s|@configure_input@|$ac_sed_conf_input|;t t +s&@top_builddir@&$ac_top_builddir_sub&;t t +s&@top_build_prefix@&$ac_top_build_prefix&;t t +s&@srcdir@&$ac_srcdir&;t t +s&@abs_srcdir@&$ac_abs_srcdir&;t t +s&@top_srcdir@&$ac_top_srcdir&;t t +s&@abs_top_srcdir@&$ac_abs_top_srcdir&;t t +s&@builddir@&$ac_builddir&;t t +s&@abs_builddir@&$ac_abs_builddir&;t t +s&@abs_top_builddir@&$ac_abs_top_builddir&;t t +s&@INSTALL@&$ac_INSTALL&;t t +$ac_datarootdir_hack +" +eval sed \"\$ac_sed_extra\" "$ac_file_inputs" | $AWK -f "$ac_tmp/subs.awk" \ + >$ac_tmp/out || as_fn_error $? "could not create $ac_file" "$LINENO" 5 + +test -z "$ac_datarootdir_hack$ac_datarootdir_seen" && + { ac_out=`sed -n '/\${datarootdir}/p' "$ac_tmp/out"`; test -n "$ac_out"; } && + { ac_out=`sed -n '/^[ ]*datarootdir[ ]*:*=/p' \ + "$ac_tmp/out"`; test -z "$ac_out"; } && + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file contains a reference to the variable \`datarootdir' +which seems to be undefined. Please make sure it is defined" >&5 +$as_echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir' +which seems to be undefined. Please make sure it is defined" >&2;} + + rm -f "$ac_tmp/stdin" + case $ac_file in + -) cat "$ac_tmp/out" && rm -f "$ac_tmp/out";; + *) rm -f "$ac_file" && mv "$ac_tmp/out" "$ac_file";; + esac \ + || as_fn_error $? "could not create $ac_file" "$LINENO" 5 + ;; + + + + esac + +done # for ac_tag + + +as_fn_exit 0 +_ACEOF +ac_clean_files=$ac_clean_files_save + +test $ac_write_fail = 0 || + as_fn_error $? "write failure creating $CONFIG_STATUS" "$LINENO" 5 + + +# configure is writing to config.log, and then calls config.status. +# config.status does its own redirection, appending to config.log. +# Unfortunately, on DOS this fails, as config.log is still kept open +# by configure, so config.status won't be able to write to it; its +# output is simply discarded. So we exec the FD to /dev/null, +# effectively closing config.log, so it can be properly (re)opened and +# appended to by config.status. When coming back to configure, we +# need to make the FD available again. +if test "$no_create" != yes; then + ac_cs_success=: + ac_config_status_args= + test "$silent" = yes && + ac_config_status_args="$ac_config_status_args --quiet" + exec 5>/dev/null + $SHELL $CONFIG_STATUS $ac_config_status_args || ac_cs_success=false + exec 5>>config.log + # Use ||, not &&, to avoid exiting from the if with $? = 1, which + # would make configure fail if this is the last instruction. + $ac_cs_success || as_fn_exit 1 +fi +if test -n "$ac_unrecognized_opts" && test "$enable_option_checking" != no; then + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: unrecognized options: $ac_unrecognized_opts" >&5 +$as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2;} +fi + diff -r 712419ef207b -r e1d7053e4d45 stubdom/configure.ac --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/stubdom/configure.ac Fri Jan 18 10:55:47 2013 +0000 @@ -0,0 +1,61 @@ +# -*- Autoconf -*- +# Process this file with autoconf to produce a configure script. + +AC_PREREQ([2.67]) +AC_INIT([Xen Hypervisor Stub Domains], m4_esyscmd([../version.sh ../xen/Makefile]), + [xen-devel@lists.xen.org], [xen], [http://www.xen.org/]) +AC_CONFIG_SRCDIR([../extras/mini-os/kernel.c]) +AC_CONFIG_FILES([../config/Stubdom.mk]) +AC_PREFIX_DEFAULT([/usr]) +AC_CONFIG_AUX_DIR([../]) + +# M4 Macro includes +m4_include([../m4/stubdom.m4]) +m4_include([../m4/features.m4]) +m4_include([../m4/path_or_fail.m4]) +m4_include([../m4/depends.m4]) + +# Enable/disable stub domains +AX_STUBDOM_DEFAULT_ENABLE([ioemu-stubdom], [ioemu]) +AX_STUBDOM_DEFAULT_DISABLE([c-stubdom], [c]) +AX_STUBDOM_DEFAULT_DISABLE([caml-stubdom], [caml]) +AX_STUBDOM_DEFAULT_ENABLE([pv-grub], [grub]) +AX_STUBDOM_DEFAULT_ENABLE([xenstore-stubdom], [xenstore]) +AX_STUBDOM_CONDITIONAL([vtpm-stubdom], [vtpm]) +AX_STUBDOM_CONDITIONAL([vtpmmgr-stubdom], [vtpmmgr]) + +AX_ARG_DEFAULT_ENABLE([debug], [Disable debug build of stubdom]) +AX_ARG_DEFAULT_ENABLE([extfiles], [Use xen extfiles repository for libraries]) + +AC_ARG_VAR([CMAKE], [Path to the cmake program]) +AC_ARG_VAR([WGET], [Path to wget program]) + +# Checks for programs. +AC_PROG_CC +AC_PROG_MAKE_SET +AC_PROG_INSTALL +AX_PATH_PROG_OR_FAIL([WGET], [wget]) + +# Checks for programs that depend on a feature +AX_DEPENDS_PATH_PROG([vtpm], [CMAKE], [cmake]) + +# Stubdom libraries version and url setup +AX_STUBDOM_LIB([ZLIB], [zlib], [1.2.3], [http://www.zlib.net]) +AX_STUBDOM_LIB([LIBPCI], [libpci], [2.2.9], [http://www.kernel.org/pub/software/utils/pciutils]) +AX_STUBDOM_LIB([NEWLIB], [newlib], [1.16.0], [ftp://sources.redhat.com/pub/newlib]) +AX_STUBDOM_LIB([LWIP], [lwip], [1.3.0], [http://download.savannah.gnu.org/releases/lwip]) +AX_STUBDOM_LIB([GRUB], [grub], [0.97], [http://alpha.gnu.org/gnu/grub]) +AX_STUBDOM_LIB_NOEXT([OCAML], [ocaml], [3.11.0], [http://caml.inria.fr/pub/distrib/ocaml-3.11]) +AX_STUBDOM_LIB([GMP], [libgmp], [4.3.2], [ftp://ftp.gmplib.org/pub/gmp-4.3.2]) +AX_STUBDOM_LIB([POLARSSL], [polarssl], [1.1.4], [http://polarssl.org/code/releases]) +AX_STUBDOM_LIB([TPMEMU], [berlios tpm emulator], [0.7.4], [http://download.berlios.de/tpm-emulator]) + +#These stubdoms should be enabled if the dependent one is +AX_STUBDOM_AUTO_DEPENDS([vtpmmgr], [vtpm]) + +#Conditionally enable these stubdoms based on the presense of dependencies +AX_STUBDOM_CONDITIONAL_FINISH([vtpm-stubdom], [vtpm]) +AX_STUBDOM_CONDITIONAL_FINISH([vtpmmgr-stubdom], [vtpmmgr]) + +AX_STUBDOM_FINISH +AC_OUTPUT() diff -r 712419ef207b -r e1d7053e4d45 stubdom/vtpmmgr/README --- a/stubdom/vtpmmgr/README Fri Jan 18 10:55:46 2013 +0000 +++ b/stubdom/vtpmmgr/README Fri Jan 18 10:55:47 2013 +0000 @@ -4,7 +4,7 @@ November 12 2012 Authors: Matthew Fioravante (JHUAPL), This document describes the operation and command line interface -of vtpmmgrdom. See docs/misc/vtpm.txt for details on the +of vtpmmgr-stubdom. See docs/misc/vtpm.txt for details on the vTPM subsystem as a whole. @@ -12,7 +12,7 @@ vTPM subsystem as a whole. OPERATION ------------------------------ -The vtpmmgrdom implements a vTPM manager who has two major functions: +The vtpmmgr-stubdom implements a vTPM manager who has two major functions: - Securely store encryption keys for each of the vTPMS - Regulate access to the hardware TPM for the entire system diff -r 712419ef207b -r e1d7053e4d45 tools/configure.ac --- a/tools/configure.ac Fri Jan 18 10:55:46 2013 +0000 +++ b/tools/configure.ac Fri Jan 18 10:55:47 2013 +0000 @@ -22,20 +22,20 @@ APPEND_INCLUDES and APPEND_LIB instead w AC_CANONICAL_HOST # M4 Macro includes -m4_include([m4/savevar.m4]) -m4_include([m4/features.m4]) -m4_include([m4/path_or_fail.m4]) -m4_include([m4/python_version.m4]) -m4_include([m4/python_devel.m4]) -m4_include([m4/ocaml.m4]) -m4_include([m4/set_cflags_ldflags.m4]) -m4_include([m4/uuid.m4]) -m4_include([m4/pkg.m4]) -m4_include([m4/curses.m4]) -m4_include([m4/pthread.m4]) -m4_include([m4/ptyfuncs.m4]) -m4_include([m4/extfs.m4]) -m4_include([m4/fetcher.m4]) +m4_include([../m4/savevar.m4]) +m4_include([../m4/features.m4]) +m4_include([../m4/path_or_fail.m4]) +m4_include([../m4/python_version.m4]) +m4_include([../m4/python_devel.m4]) +m4_include([../m4/ocaml.m4]) +m4_include([../m4/set_cflags_ldflags.m4]) +m4_include([../m4/uuid.m4]) +m4_include([../m4/pkg.m4]) +m4_include([../m4/curses.m4]) +m4_include([../m4/pthread.m4]) +m4_include([../m4/ptyfuncs.m4]) +m4_include([../m4/extfs.m4]) +m4_include([../m4/fetcher.m4]) # Enable/disable options AX_ARG_DEFAULT_DISABLE([githttp], [Download GIT repositories via HTTP]) diff -r 712419ef207b -r e1d7053e4d45 tools/m4/curses.m4 --- a/tools/m4/curses.m4 Fri Jan 18 10:55:46 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,20 +0,0 @@ -AC_DEFUN([AX_CHECK_CURSES], [ -AC_CHECK_HEADER([curses.h], [ - AC_CHECK_LIB([curses], [clear], [curses="y"], [curses="n"]) -], [curses="n"]) -AC_CHECK_HEADER([ncurses.h], [ - AC_CHECK_LIB([ncurses], [clear], [ncurses="y"], [ncurses="n"]) -], [ncurses="n"]) -AS_IF([test "$curses" = "n" && test "$ncurses" = "n"], [ - AC_MSG_ERROR([Unable to find a suitable curses library]) -]) -# Prefer ncurses over curses if both are present -AS_IF([test "$ncurses" = "y"], [ - CURSES_LIBS="-lncurses" - AC_DEFINE([INCLUDE_CURSES_H], [], [Define curses header to use]) -], [ - CURSES_LIBS="-lcurses" - AC_DEFINE([INCLUDE_CURSES_H], [], [Define curses header to use]) -]) -AC_SUBST(CURSES_LIBS) -]) diff -r 712419ef207b -r e1d7053e4d45 tools/m4/extfs.m4 --- a/tools/m4/extfs.m4 Fri Jan 18 10:55:46 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,20 +0,0 @@ -AC_DEFUN([AX_CHECK_EXTFS], [ -AC_CHECK_HEADER([ext2fs/ext2fs.h], [ -AC_CHECK_LIB([ext2fs], [ext2fs_open2], [ - AC_DEFINE([INCLUDE_EXTFS_H], [], - [Define extfs header to use]) - EXTFS_LIBS="-lext2fs" -]) -]) -dnl This is a temporary hack for CentOS 5.x, which split the ext4 support -dnl of ext2fs in a different package. Once CentOS 5.x is no longer supported -dnl we can remove this. -AC_CHECK_HEADER([ext4fs/ext2fs.h], [ -AC_CHECK_LIB([ext4fs], [ext2fs_open2], [ - AC_DEFINE([INCLUDE_EXTFS_H], [], - [Define extfs header to use]) - EXTFS_LIBS="-lext4fs" -]) -]) -AC_SUBST(EXTFS_LIBS) -]) diff -r 712419ef207b -r e1d7053e4d45 tools/m4/features.m4 --- a/tools/m4/features.m4 Fri Jan 18 10:55:46 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,21 +0,0 @@ -AC_DEFUN([AX_ARG_DEFAULT_ENABLE], [ -AC_ARG_ENABLE([$1], AS_HELP_STRING([--disable-$1], [$2 (default is ENABLED)])) -AX_PARSE_VALUE([$1], [y]) -]) - -AC_DEFUN([AX_ARG_DEFAULT_DISABLE], [ -AC_ARG_ENABLE([$1], AS_HELP_STRING([--enable-$1], [$2 (default is DISABLED)])) -AX_PARSE_VALUE([$1], [n]) -]) - -dnl This function should not be called outside of this file -AC_DEFUN([AX_PARSE_VALUE], [ -AS_IF([test "x$enable_$1" = "xno"], [ - ax_cv_$1="n" -], [test "x$enable_$1" = "xyes"], [ - ax_cv_$1="y" -], [test -z $ax_cv_$1], [ - ax_cv_$1="$2" -]) -$1=$ax_cv_$1 -AC_SUBST($1)]) diff -r 712419ef207b -r e1d7053e4d45 tools/m4/fetcher.m4 --- a/tools/m4/fetcher.m4 Fri Jan 18 10:55:46 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,14 +0,0 @@ -AC_DEFUN([AX_CHECK_FETCHER], [ -AC_PATH_PROG([WGET],[wget], [no]) -AS_IF([test x"$WGET" != x"no"], [ - FETCHER="$WGET -c -O" -], [ - AC_PATH_PROG([FTP],[ftp], [no]) - AS_IF([test x"$FTP" != x"no"], [ - FETCHER="$FTP -o" - ], [ - AC_MSG_ERROR([cannot find wget or ftp]) - ]) -]) -AC_SUBST(FETCHER) -]) diff -r 712419ef207b -r e1d7053e4d45 tools/m4/ocaml.m4 --- a/tools/m4/ocaml.m4 Fri Jan 18 10:55:46 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,241 +0,0 @@ -dnl autoconf macros for OCaml -dnl from http://forge.ocamlcore.org/ -dnl -dnl Copyright © 2009 Richard W.M. Jones -dnl Copyright © 2009 Stefano Zacchiroli -dnl Copyright © 2000-2005 Olivier Andrieu -dnl Copyright © 2000-2005 Jean-Christophe Filliâtre -dnl Copyright © 2000-2005 Georges Mariano -dnl -dnl For documentation, please read the ocaml.m4 man page. - -AC_DEFUN([AC_PROG_OCAML], -[dnl - # checking for ocamlc - AC_CHECK_TOOL([OCAMLC],[ocamlc],[no]) - - if test "$OCAMLC" != "no"; then - OCAMLVERSION=`$OCAMLC -v | sed -n -e 's|.*version* *\(.*\)$|\1|p'` - AC_MSG_RESULT([OCaml version is $OCAMLVERSION]) - # If OCAMLLIB is set, use it - if test "$OCAMLLIB" = ""; then - OCAMLLIB=`$OCAMLC -where 2>/dev/null || $OCAMLC -v|tail -1|cut -d ' ' -f 4` - else - AC_MSG_RESULT([OCAMLLIB previously set; preserving it.]) - fi - AC_MSG_RESULT([OCaml library path is $OCAMLLIB]) - - AC_SUBST([OCAMLVERSION]) - AC_SUBST([OCAMLLIB]) - - # checking for ocamlopt - AC_CHECK_TOOL([OCAMLOPT],[ocamlopt],[no]) - OCAMLBEST=byte - if test "$OCAMLOPT" = "no"; then - AC_MSG_WARN([Cannot find ocamlopt; bytecode compilation only.]) - else - TMPVERSION=`$OCAMLOPT -v | sed -n -e 's|.*version* *\(.*\)$|\1|p' ` - if test "$TMPVERSION" != "$OCAMLVERSION" ; then - AC_MSG_RESULT([versions differs from ocamlc; ocamlopt discarded.]) - OCAMLOPT=no - else - OCAMLBEST=opt - fi - fi - - AC_SUBST([OCAMLBEST]) - - # checking for ocamlc.opt - AC_CHECK_TOOL([OCAMLCDOTOPT],[ocamlc.opt],[no]) - if test "$OCAMLCDOTOPT" != "no"; then - TMPVERSION=`$OCAMLCDOTOPT -v | sed -n -e 's|.*version* *\(.*\)$|\1|p' ` - if test "$TMPVERSION" != "$OCAMLVERSION" ; then - AC_MSG_RESULT([versions differs from ocamlc; ocamlc.opt discarded.]) - else - OCAMLC=$OCAMLCDOTOPT - fi - fi - - # checking for ocamlopt.opt - if test "$OCAMLOPT" != "no" ; then - AC_CHECK_TOOL([OCAMLOPTDOTOPT],[ocamlopt.opt],[no]) - if test "$OCAMLOPTDOTOPT" != "no"; then - TMPVERSION=`$OCAMLOPTDOTOPT -v | sed -n -e 's|.*version* *\(.*\)$|\1|p' ` - if test "$TMPVERSION" != "$OCAMLVERSION" ; then - AC_MSG_RESULT([version differs from ocamlc; ocamlopt.opt discarded.]) - else - OCAMLOPT=$OCAMLOPTDOTOPT - fi - fi - fi - - AC_SUBST([OCAMLOPT]) - fi - - AC_SUBST([OCAMLC]) - - # checking for ocaml toplevel - AC_CHECK_TOOL([OCAML],[ocaml],[no]) - - # checking for ocamldep - AC_CHECK_TOOL([OCAMLDEP],[ocamldep],[no]) - - # checking for ocamlmktop - AC_CHECK_TOOL([OCAMLMKTOP],[ocamlmktop],[no]) - - # checking for ocamlmklib - AC_CHECK_TOOL([OCAMLMKLIB],[ocamlmklib],[no]) - - # checking for ocamldoc - AC_CHECK_TOOL([OCAMLDOC],[ocamldoc],[no]) - - # checking for ocamlbuild - AC_CHECK_TOOL([OCAMLBUILD],[ocamlbuild],[no]) -]) - - -AC_DEFUN([AC_PROG_OCAMLLEX], -[dnl - # checking for ocamllex - AC_CHECK_TOOL([OCAMLLEX],[ocamllex],[no]) - if test "$OCAMLLEX" != "no"; then - AC_CHECK_TOOL([OCAMLLEXDOTOPT],[ocamllex.opt],[no]) - if test "$OCAMLLEXDOTOPT" != "no"; then - OCAMLLEX=$OCAMLLEXDOTOPT - fi - fi - AC_SUBST([OCAMLLEX]) -]) - -AC_DEFUN([AC_PROG_OCAMLYACC], -[dnl - AC_CHECK_TOOL([OCAMLYACC],[ocamlyacc],[no]) - AC_SUBST([OCAMLYACC]) -]) - - -AC_DEFUN([AC_PROG_CAMLP4], -[dnl - AC_REQUIRE([AC_PROG_OCAML])dnl - - # checking for camlp4 - AC_CHECK_TOOL([CAMLP4],[camlp4],[no]) - if test "$CAMLP4" != "no"; then - TMPVERSION=`$CAMLP4 -v 2>&1| sed -n -e 's|.*version *\(.*\)$|\1|p'` - if test "$TMPVERSION" != "$OCAMLVERSION" ; then - AC_MSG_RESULT([versions differs from ocamlc]) - CAMLP4=no - fi - fi - AC_SUBST([CAMLP4]) - - # checking for companion tools - AC_CHECK_TOOL([CAMLP4BOOT],[camlp4boot],[no]) - AC_CHECK_TOOL([CAMLP4O],[camlp4o],[no]) - AC_CHECK_TOOL([CAMLP4OF],[camlp4of],[no]) - AC_CHECK_TOOL([CAMLP4OOF],[camlp4oof],[no]) - AC_CHECK_TOOL([CAMLP4ORF],[camlp4orf],[no]) - AC_CHECK_TOOL([CAMLP4PROF],[camlp4prof],[no]) - AC_CHECK_TOOL([CAMLP4R],[camlp4r],[no]) - AC_CHECK_TOOL([CAMLP4RF],[camlp4rf],[no]) - AC_SUBST([CAMLP4BOOT]) - AC_SUBST([CAMLP4O]) - AC_SUBST([CAMLP4OF]) - AC_SUBST([CAMLP4OOF]) - AC_SUBST([CAMLP4ORF]) - AC_SUBST([CAMLP4PROF]) - AC_SUBST([CAMLP4R]) - AC_SUBST([CAMLP4RF]) -]) - - -AC_DEFUN([AC_PROG_FINDLIB], -[dnl - AC_REQUIRE([AC_PROG_OCAML])dnl - - # checking for ocamlfind - AC_CHECK_TOOL([OCAMLFIND],[ocamlfind],[no]) - AC_SUBST([OCAMLFIND]) -]) - - -dnl Thanks to Jim Meyering for working this next bit out for us. -dnl XXX We should define AS_TR_SH if it's not defined already -dnl (eg. for old autoconf). -AC_DEFUN([AC_CHECK_OCAML_PKG], -[dnl - AC_REQUIRE([AC_PROG_FINDLIB])dnl - - AC_MSG_CHECKING([for OCaml findlib package $1]) - - unset found - unset pkg - found=no - for pkg in $1 $2 ; do - if $OCAMLFIND query $pkg >/dev/null 2>/dev/null; then - AC_MSG_RESULT([found]) - AS_TR_SH([OCAML_PKG_$1])=$pkg - found=yes - break - fi - done - if test "$found" = "no" ; then - AC_MSG_RESULT([not found]) - AS_TR_SH([OCAML_PKG_$1])=no - fi - - AC_SUBST(AS_TR_SH([OCAML_PKG_$1])) -]) - - -AC_DEFUN([AC_CHECK_OCAML_MODULE], -[dnl - AC_MSG_CHECKING([for OCaml module $2]) - - cat > conftest.ml <&5 2>&5 ; then - found=yes - break - fi - done - - if test "$found" ; then - AC_MSG_RESULT([$$1]) - else - AC_MSG_RESULT([not found]) - $1=no - fi - AC_SUBST([$1]) -]) - - -dnl XXX Cross-compiling -AC_DEFUN([AC_CHECK_OCAML_WORD_SIZE], -[dnl - AC_REQUIRE([AC_PROG_OCAML])dnl - AC_MSG_CHECKING([for OCaml compiler word size]) - cat > conftest.ml < conftest.ml <. -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. -# -# As a special exception to the GNU General Public License, if you -# distribute this file as part of a program that contains a -# configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that program. - -# PKG_PROG_PKG_CONFIG([MIN-VERSION]) -# ---------------------------------- -AC_DEFUN([PKG_PROG_PKG_CONFIG], -[m4_pattern_forbid([^_?PKG_[A-Z_]+$]) -m4_pattern_allow([^PKG_CONFIG(_PATH)?$]) -AC_ARG_VAR([PKG_CONFIG], [path to pkg-config utility]) -AC_ARG_VAR([PKG_CONFIG_PATH], [directories to add to pkg-config's search path]) -AC_ARG_VAR([PKG_CONFIG_LIBDIR], [path overriding pkg-config's built-in search path]) - -if test "x$ac_cv_env_PKG_CONFIG_set" != "xset"; then - AC_PATH_TOOL([PKG_CONFIG], [pkg-config]) -fi -if test -n "$PKG_CONFIG"; then - _pkg_min_version=m4_default([$1], [0.9.0]) - AC_MSG_CHECKING([pkg-config is at least version $_pkg_min_version]) - if $PKG_CONFIG --atleast-pkgconfig-version $_pkg_min_version; then - AC_MSG_RESULT([yes]) - else - AC_MSG_RESULT([no]) - PKG_CONFIG="" - fi -fi[]dnl -])# PKG_PROG_PKG_CONFIG - -# PKG_CHECK_EXISTS(MODULES, [ACTION-IF-FOUND], [ACTION-IF-NOT-FOUND]) -# -# Check to see whether a particular set of modules exists. Similar -# to PKG_CHECK_MODULES(), but does not set variables or print errors. -# -# Please remember that m4 expands AC_REQUIRE([PKG_PROG_PKG_CONFIG]) -# only at the first occurence in configure.ac, so if the first place -# it's called might be skipped (such as if it is within an "if", you -# have to call PKG_CHECK_EXISTS manually -# -------------------------------------------------------------- -AC_DEFUN([PKG_CHECK_EXISTS], -[AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl -if test -n "$PKG_CONFIG" && \ - AC_RUN_LOG([$PKG_CONFIG --exists --print-errors "$1"]); then - m4_default([$2], [:]) -m4_ifvaln([$3], [else - $3])dnl -fi]) - -# _PKG_CONFIG([VARIABLE], [COMMAND], [MODULES]) -# --------------------------------------------- -m4_define([_PKG_CONFIG], -[if test -n "$$1"; then - pkg_cv_[]$1="$$1" - elif test -n "$PKG_CONFIG"; then - PKG_CHECK_EXISTS([$3], - [pkg_cv_[]$1=`$PKG_CONFIG --[]$2 "$3" 2>/dev/null`], - [pkg_failed=yes]) - else - pkg_failed=untried -fi[]dnl -])# _PKG_CONFIG - -# _PKG_SHORT_ERRORS_SUPPORTED -# ----------------------------- -AC_DEFUN([_PKG_SHORT_ERRORS_SUPPORTED], -[AC_REQUIRE([PKG_PROG_PKG_CONFIG]) -if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then - _pkg_short_errors_supported=yes -else - _pkg_short_errors_supported=no -fi[]dnl -])# _PKG_SHORT_ERRORS_SUPPORTED - - -# PKG_CHECK_MODULES(VARIABLE-PREFIX, MODULES, [ACTION-IF-FOUND], -# [ACTION-IF-NOT-FOUND]) -# -# -# Note that if there is a possibility the first call to -# PKG_CHECK_MODULES might not happen, you should be sure to include an -# explicit call to PKG_PROG_PKG_CONFIG in your configure.ac -# -# -# -------------------------------------------------------------- -AC_DEFUN([PKG_CHECK_MODULES], -[AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl -AC_ARG_VAR([$1][_CFLAGS], [C compiler flags for $1, overriding pkg-config])dnl -AC_ARG_VAR([$1][_LIBS], [linker flags for $1, overriding pkg-config])dnl - -pkg_failed=no -AC_MSG_CHECKING([for $1]) - -_PKG_CONFIG([$1][_CFLAGS], [cflags], [$2]) -_PKG_CONFIG([$1][_LIBS], [libs], [$2]) - -m4_define([_PKG_TEXT], [Alternatively, you may set the environment variables $1[]_CFLAGS -and $1[]_LIBS to avoid the need to call pkg-config. -See the pkg-config man page for more details.]) - -if test $pkg_failed = yes; then - AC_MSG_RESULT([no]) - _PKG_SHORT_ERRORS_SUPPORTED - if test $_pkg_short_errors_supported = yes; then - $1[]_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors "$2" 2>&1` - else - $1[]_PKG_ERRORS=`$PKG_CONFIG --print-errors "$2" 2>&1` - fi - # Put the nasty error message in config.log where it belongs - echo "$$1[]_PKG_ERRORS" >&AS_MESSAGE_LOG_FD - - m4_default([$4], [AC_MSG_ERROR( -[Package requirements ($2) were not met: - -$$1_PKG_ERRORS - -Consider adjusting the PKG_CONFIG_PATH environment variable if you -installed software in a non-standard prefix. - -_PKG_TEXT])dnl - ]) -elif test $pkg_failed = untried; then - AC_MSG_RESULT([no]) - m4_default([$4], [AC_MSG_FAILURE( -[The pkg-config script could not be found or is too old. Make sure it -is in your PATH or set the PKG_CONFIG environment variable to the full -path to pkg-config. - -_PKG_TEXT - -To get pkg-config, see .])dnl - ]) -else - $1[]_CFLAGS=$pkg_cv_[]$1[]_CFLAGS - $1[]_LIBS=$pkg_cv_[]$1[]_LIBS - AC_MSG_RESULT([yes]) - $3 -fi[]dnl -])# PKG_CHECK_MODULES diff -r 712419ef207b -r e1d7053e4d45 tools/m4/pthread.m4 --- a/tools/m4/pthread.m4 Fri Jan 18 10:55:46 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,41 +0,0 @@ -# We define, separately, PTHREAD_CFLAGS, _LDFLAGS and _LIBS -# even though currently we don't set them very separately. -# This means that the makefiles will not need to change in -# the future if we make the test more sophisticated. - -AC_DEFUN([AX_PTHREAD_CV2VARS],[ - PTHREAD_CFLAGS="$ax_cv_pthread_flags" - PTHREAD_LDFLAGS="$ax_cv_pthread_flags" - PTHREAD_LIBS="" -]) - -# We invoke AX_PTHREAD_VARS with the name of another macro -# which is then expanded once for each variable. -AC_DEFUN([AX_PTHREAD_VARS],[$1(CFLAGS) $1(LDFLAGS) $1(LIBS)]) - -AC_DEFUN([AX_PTHREAD_VAR_APPLY],[ - $1="$$1 $PTHREAD_$1" -]) -AC_DEFUN([AX_PTHREAD_VAR_SUBST],[AC_SUBST(PTHREAD_$1)]) - -AC_DEFUN([AX_CHECK_PTHREAD],[ - AC_CACHE_CHECK([for pthread flag], [ax_cv_pthread_flags], [ - ax_cv_pthread_flags=-pthread - AX_PTHREAD_CV2VARS - AX_PTHREAD_VARS([AX_SAVEVAR_SAVE]) - AX_PTHREAD_VARS([AX_PTHREAD_VAR_APPLY]) - AC_LINK_IFELSE([AC_LANG_SOURCE([ -#include -int main(void) { - pthread_atfork(0,0,0); - pthread_create(0,0,0,0); -} -])],[],[ax_cv_pthread_flags=failed]) - AX_PTHREAD_VARS([AX_SAVEVAR_RESTORE]) - ]) - if test "x$ax_cv_pthread_flags" = xfailed; then - AC_MSG_ERROR([-pthread does not work]) - fi - AX_PTHREAD_CV2VARS - AX_PTHREAD_VARS([AX_PTHREAD_VAR_SUBST]) -]) diff -r 712419ef207b -r e1d7053e4d45 tools/m4/ptyfuncs.m4 --- a/tools/m4/ptyfuncs.m4 Fri Jan 18 10:55:46 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,35 +0,0 @@ -AC_DEFUN([AX_CHECK_PTYFUNCS], [ - dnl This is a workaround for a bug in Debian package - dnl libbsd-dev-0.3.0-1. Once we no longer support that - dnl package we can remove the addition of -Werror to - dnl CPPFLAGS. - AX_SAVEVAR_SAVE(CPPFLAGS) - CPPFLAGS="$CPPFLAGS -Werror" - AC_CHECK_HEADER([libutil.h],[ - AC_DEFINE([INCLUDE_LIBUTIL_H],[],[libutil header file name]) - ]) - AX_SAVEVAR_RESTORE(CPPFLAGS) - AC_CACHE_CHECK([for openpty et al], [ax_cv_ptyfuncs_libs], [ - for ax_cv_ptyfuncs_libs in -lutil "" NOT_FOUND; do - if test "x$ax_cv_ptyfuncs_libs" = "xNOT_FOUND"; then - AC_MSG_FAILURE([Unable to find library for openpty and login_tty]) - fi - AX_SAVEVAR_SAVE(LIBS) - LIBS="$LIBS $ax_cv_ptyfuncs_libs" - AC_LINK_IFELSE([AC_LANG_SOURCE([ -#ifdef INCLUDE_LIBUTIL_H -#include INCLUDE_LIBUTIL_H -#endif -int main(void) { - openpty(0,0,0,0,0); - login_tty(0); -} -])],[ - break - ],[]) - AX_SAVEVAR_RESTORE(LIBS) - done - ]) - PTYFUNCS_LIBS="$ax_cv_ptyfuncs_libs" - AC_SUBST(PTYFUNCS_LIBS) -]) diff -r 712419ef207b -r e1d7053e4d45 tools/m4/python_devel.m4 --- a/tools/m4/python_devel.m4 Fri Jan 18 10:55:46 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,36 +0,0 @@ -AC_DEFUN([AX_CHECK_PYTHON_DEVEL], [ -ac_previous_cppflags=$CPPFLAGS -ac_previous_ldflags=$LDFLAGS -ac_python_version=`$PYTHON -c 'import distutils.sysconfig; \ - print distutils.sysconfig.get_config_var("VERSION")'` -AC_PATH_PROG([pyconfig], [$PYTHON-config], [no]) -AS_IF([test x"$pyconfig" == x"no"], [ - dnl For those that don't have python-config - CPPFLAGS="$CFLAGS `$PYTHON -c 'import distutils.sysconfig; \ - print "-I" + distutils.sysconfig.get_config_var("INCLUDEPY")'`" - CPPFLAGS="$CPPFLAGS `$PYTHON -c 'import distutils.sysconfig; \ - print distutils.sysconfig.get_config_var("CFLAGS")'`" - LDFLAGS="$LDFLAGS `$PYTHON -c 'import distutils.sysconfig; \ - print distutils.sysconfig.get_config_var("LIBS")'`" - LDFLAGS="$LDFLAGS `$PYTHON -c 'import distutils.sysconfig; \ - print distutils.sysconfig.get_config_var("SYSLIBS")'`" - LDFLAGS="$LDFLAGS `$PYTHON -c 'import distutils.sysconfig; \ - print "-L" + distutils.sysconfig.get_python_lib(plat_specific=1,\ - standard_lib=1) + "/config"'`" - LDFLAGS="$LDFLAGS `$PYTHON -c 'import distutils.sysconfig; \ - print distutils.sysconfig.get_config_var("LINKFORSHARED")'`" - LDFLAGS="$LDFLAGS `$PYTHON -c 'import distutils.sysconfig; \ - print distutils.sysconfig.get_config_var("LDFLAGS")'`" -], [ - dnl If python-config is found use it - CPPFLAGS="$CFLAGS `$PYTHON-config --cflags`" - LDFLAGS="$LDFLAGS `$PYTHON-config --ldflags`" -]) - -AC_CHECK_HEADER([Python.h], [], - [AC_MSG_ERROR([Unable to find Python development headers])],) -AC_CHECK_LIB(python$ac_python_version, PyArg_ParseTuple, [], - [AC_MSG_ERROR([Unable to find a suitable python development library])]) -CPPFLAGS=$ac_previous_cppflags -LDLFAGS=$ac_previous_ldflags -]) diff -r 712419ef207b -r e1d7053e4d45 tools/m4/python_version.m4 --- a/tools/m4/python_version.m4 Fri Jan 18 10:55:46 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,12 +0,0 @@ -AC_DEFUN([AX_CHECK_PYTHON_VERSION], -[AC_MSG_CHECKING([for python version >= $1.$2 ]) -`$PYTHON -c 'import sys; sys.exit(eval("sys.version_info < ($1, $2)"))'` -if test "$?" != "0" -then - python_version=`$PYTHON -V 2>&1` - AC_MSG_RESULT([no]) - AC_MSG_ERROR( - [$python_version is too old, minimum required version is $1.$2]) -else - AC_MSG_RESULT([yes]) -fi]) diff -r 712419ef207b -r e1d7053e4d45 tools/m4/savevar.m4 --- a/tools/m4/savevar.m4 Fri Jan 18 10:55:46 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,6 +0,0 @@ -AC_DEFUN([AX_SAVEVAR_SAVE],[ - saved_$1="$$1" -]) -AC_DEFUN([AX_SAVEVAR_RESTORE],[ - $1="$saved_$1" -]) diff -r 712419ef207b -r e1d7053e4d45 tools/m4/set_cflags_ldflags.m4 --- a/tools/m4/set_cflags_ldflags.m4 Fri Jan 18 10:55:46 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,20 +0,0 @@ -AC_DEFUN([AX_SET_FLAGS], -[for cppflag in $PREPEND_INCLUDES -do - PREPEND_CPPFLAGS="$PREPEND_CPPFLAGS -I$cppflag" -done -for ldflag in $PREPEND_LIB -do - PREPEND_LDFLAGS="$PREPEND_LDFLAGS -L$ldflag" -done -for cppflag in $APPEND_INCLUDES -do - APPEND_CPPFLAGS="$APPEND_CPPFLAGS -I$cppflag" -done -for ldflag in $APPEND_LIB -do - APPEND_LDFLAGS="$APPEND_LDFLAGS -L$ldflag" -done -CPPFLAGS="$PREPEND_CPPFLAGS $CPPFLAGS $APPEND_CPPFLAGS" -LDFLAGS="$PREPEND_LDFLAGS $LDFLAGS $APPEND_LDFLAGS"]) - diff -r 712419ef207b -r e1d7053e4d45 tools/m4/uuid.m4 --- a/tools/m4/uuid.m4 Fri Jan 18 10:55:46 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,9 +0,0 @@ -AC_DEFUN([AX_CHECK_UUID], [ -AC_CHECK_HEADER([uuid/uuid.h],[ - AC_CHECK_LIB([uuid], [uuid_clear], [libuuid="y"]) -]) -AC_CHECK_HEADER([uuid.h],[libuuid="y"]) -AS_IF([test "$libuuid" != "y"], [ - AC_MSG_ERROR([cannot find a valid uuid library]) -]) -]) --===============4009296181241248125== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog --===============4009296181241248125==-- From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:33:46 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:33:46 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPw2-0001SA-J4; Mon, 21 Jan 2013 22:33:46 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPw1-0001RR-M2 for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:45 +0000 Received: from [85.158.143.35:8760] by server-1.bemta-4.messagelabs.com id A0/67-05635-942CDF05; Mon, 21 Jan 2013 22:33:45 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-12.tower-21.messagelabs.com!1358807598!13194562!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 6134 invoked from network); 21 Jan 2013 22:33:21 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-12.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:33:21 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPva-0005gY-OX for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:18 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPva-0003kX-Ld for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:18 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:18 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] arm: discard boot modules after building domain 0. X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1358772030 0 # Node ID 55f10b71880a50f52ad02f4658bc28825af0fb81 # Parent 983813670ef997cdb5ccdc6526248f419366b741 arm: discard boot modules after building domain 0. Signed-off-by: Ian Campbell Acked-by: Tim Deegan Committed-by: Ian Campbell --- diff -r 983813670ef9 -r 55f10b71880a xen/arch/arm/domain_build.c --- a/xen/arch/arm/domain_build.c Mon Jan 21 12:40:29 2013 +0000 +++ b/xen/arch/arm/domain_build.c Mon Jan 21 12:40:30 2013 +0000 @@ -10,6 +10,7 @@ #include #include #include +#include #include #include "kernel.h" @@ -306,6 +307,8 @@ int construct_dom0(struct domain *d) dtb_load(&kinfo); kernel_load(&kinfo); + discard_initial_modules(); + clear_bit(_VPF_down, &v->pause_flags); memset(regs, 0, sizeof(*regs)); diff -r 983813670ef9 -r 55f10b71880a xen/arch/arm/setup.c --- a/xen/arch/arm/setup.c Mon Jan 21 12:40:29 2013 +0000 +++ b/xen/arch/arm/setup.c Mon Jan 21 12:40:30 2013 +0000 @@ -68,6 +68,22 @@ static void __init processor_id(void) READ_CP32(ID_ISAR3), READ_CP32(ID_ISAR4), READ_CP32(ID_ISAR5)); } +void __init discard_initial_modules(void) +{ + struct dt_module_info *mi = &early_info.modules; + int i; + + for ( i = 1; i <= mi->nr_mods; i++ ) + { + paddr_t s = mi->module[i].start; + paddr_t e = s + PAGE_ALIGN(mi->module[i].size); + + init_domheap_pages(s, e); + } + + mi->nr_mods = 0; +} + /* * Returns the end address of the highest region in the range s..e * with required size and alignment that does not conflict with the diff -r 983813670ef9 -r 55f10b71880a xen/include/asm-arm/setup.h --- a/xen/include/asm-arm/setup.h Mon Jan 21 12:40:29 2013 +0000 +++ b/xen/include/asm-arm/setup.h Mon Jan 21 12:40:30 2013 +0000 @@ -11,6 +11,8 @@ void arch_get_xen_caps(xen_capabilities_ int construct_dom0(struct domain *d); +void discard_initial_modules(void); + #endif /* * Local variables: _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:33:46 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:33:46 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPw2-0001SA-J4; Mon, 21 Jan 2013 22:33:46 +0000 Received: from mail6.bemta4.messagelabs.com ([85.158.143.247]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPw1-0001RR-M2 for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:45 +0000 Received: from [85.158.143.35:8760] by server-1.bemta-4.messagelabs.com id A0/67-05635-942CDF05; Mon, 21 Jan 2013 22:33:45 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-12.tower-21.messagelabs.com!1358807598!13194562!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 6134 invoked from network); 21 Jan 2013 22:33:21 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-12.tower-21.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:33:21 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPva-0005gY-OX for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:18 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPva-0003kX-Ld for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:18 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:18 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] arm: discard boot modules after building domain 0. X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1358772030 0 # Node ID 55f10b71880a50f52ad02f4658bc28825af0fb81 # Parent 983813670ef997cdb5ccdc6526248f419366b741 arm: discard boot modules after building domain 0. Signed-off-by: Ian Campbell Acked-by: Tim Deegan Committed-by: Ian Campbell --- diff -r 983813670ef9 -r 55f10b71880a xen/arch/arm/domain_build.c --- a/xen/arch/arm/domain_build.c Mon Jan 21 12:40:29 2013 +0000 +++ b/xen/arch/arm/domain_build.c Mon Jan 21 12:40:30 2013 +0000 @@ -10,6 +10,7 @@ #include #include #include +#include #include #include "kernel.h" @@ -306,6 +307,8 @@ int construct_dom0(struct domain *d) dtb_load(&kinfo); kernel_load(&kinfo); + discard_initial_modules(); + clear_bit(_VPF_down, &v->pause_flags); memset(regs, 0, sizeof(*regs)); diff -r 983813670ef9 -r 55f10b71880a xen/arch/arm/setup.c --- a/xen/arch/arm/setup.c Mon Jan 21 12:40:29 2013 +0000 +++ b/xen/arch/arm/setup.c Mon Jan 21 12:40:30 2013 +0000 @@ -68,6 +68,22 @@ static void __init processor_id(void) READ_CP32(ID_ISAR3), READ_CP32(ID_ISAR4), READ_CP32(ID_ISAR5)); } +void __init discard_initial_modules(void) +{ + struct dt_module_info *mi = &early_info.modules; + int i; + + for ( i = 1; i <= mi->nr_mods; i++ ) + { + paddr_t s = mi->module[i].start; + paddr_t e = s + PAGE_ALIGN(mi->module[i].size); + + init_domheap_pages(s, e); + } + + mi->nr_mods = 0; +} + /* * Returns the end address of the highest region in the range s..e * with required size and alignment that does not conflict with the diff -r 983813670ef9 -r 55f10b71880a xen/include/asm-arm/setup.h --- a/xen/include/asm-arm/setup.h Mon Jan 21 12:40:29 2013 +0000 +++ b/xen/include/asm-arm/setup.h Mon Jan 21 12:40:30 2013 +0000 @@ -11,6 +11,8 @@ void arch_get_xen_caps(xen_capabilities_ int construct_dom0(struct domain *d); +void discard_initial_modules(void); + #endif /* * Local variables: _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:34:18 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:34:18 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPwX-0001df-NP; Mon, 21 Jan 2013 22:34:17 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPwW-0001dK-Rv for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:34:17 +0000 Received: from [85.158.139.211:42673] by server-16.bemta-5.messagelabs.com id 8F/0E-14025-862CDF05; Mon, 21 Jan 2013 22:34:16 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-7.tower-206.messagelabs.com!1358807653!18655488!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 11363 invoked from network); 21 Jan 2013 22:34:14 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-7.tower-206.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:34:14 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvW-0005g7-2B for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:14 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPvV-0003iM-PZ for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:13 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:13 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] Add conditional build of subsystems to configure.ac X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Matthew Fioravante # Date 1358506548 0 # Node ID eb8e9a23925d7b77c344a4a99679a45f96754a17 # Parent 76dce3b9468e7202ee4846785e7e21187df24b86 Add conditional build of subsystems to configure.ac The toplevel Makefile still works without running configure and will default build everything Signed-off-by: Matthew Fioravante Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r 76dce3b9468e -r eb8e9a23925d Makefile --- a/Makefile Fri Jan 18 10:55:48 2013 +0000 +++ b/Makefile Fri Jan 18 10:55:48 2013 +0000 @@ -6,6 +6,11 @@ .PHONY: all all: dist +-include config/Toplevel.mk +SUBSYSTEMS?=xen kernels tools stubdom docs +TARGS_DIST=$(patsubst %, dist-%, $(SUBSYSTEMS)) +TARGS_INSTALL=$(patsubst %, install-%, $(SUBSYSTEMS)) + export XEN_ROOT=$(CURDIR) include Config.mk @@ -15,7 +20,7 @@ include buildconfigs/Rules.mk # build and install everything into the standard system directories .PHONY: install -install: install-xen install-kernels install-tools install-stubdom install-docs +install: $(TARGS_INSTALL) .PHONY: build build: kernels @@ -37,7 +42,7 @@ test: # build and install everything into local dist directory .PHONY: dist dist: DESTDIR=$(DISTDIR)/install -dist: dist-xen dist-kernels dist-tools dist-stubdom dist-docs dist-misc +dist: $(TARGS_DIST) dist-misc dist-misc: $(INSTALL_DIR) $(DISTDIR)/ @@ -151,6 +156,7 @@ endif # clean, but blow away kernel build tree plus tarballs .PHONY: distclean distclean: + -rm config/Toplevel.mk $(MAKE) -C xen distclean $(MAKE) -C tools distclean $(MAKE) -C stubdom distclean diff -r 76dce3b9468e -r eb8e9a23925d config/Toplevel.mk.in --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/config/Toplevel.mk.in Fri Jan 18 10:55:48 2013 +0000 @@ -0,0 +1,1 @@ +SUBSYSTEMS := @SUBSYSTEMS@ diff -r 76dce3b9468e -r eb8e9a23925d configure --- a/configure Fri Jan 18 10:55:48 2013 +0000 +++ b/configure Fri Jan 18 10:55:48 2013 +0000 @@ -561,6 +561,12 @@ ac_default_prefix=/usr enable_option_checking=no ac_subst_vars='LTLIBOBJS LIBOBJS +SUBSYSTEMS +docs +stubdom +tools +kernels +xen subdirs target_alias host_alias @@ -603,11 +609,20 @@ SHELL' ac_subst_files='' ac_user_opts=' enable_option_checking +enable_xen +enable_kernels +enable_tools +enable_stubdom +enable_docs ' ac_precious_vars='build_alias host_alias target_alias' -ac_subdirs_all='tools stubdom' +ac_subdirs_all='xen +kernels +tools +stubdom +docs' # Initialize some variables set by options. ac_init_help= @@ -1214,6 +1229,16 @@ if test -n "$ac_init_help"; then esac cat <<\_ACEOF +Optional Features: + --disable-option-checking ignore unrecognized --enable/--with options + --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) + --enable-FEATURE[=ARG] include FEATURE [ARG=yes] + --disable-xen Disable build and install of xen + --disable-kernels Disable build and install of kernels + --disable-tools Disable build and install of tools + --disable-stubdom Disable build and install of stubdom + --disable-docs Disable build and install of docs + Report bugs to . Xen Hypervisor home page: . _ACEOF @@ -1645,6 +1670,22 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu +ac_config_files="$ac_config_files ./config/Toplevel.mk" + + + + + + + + + + + + + + + ac_aux_dir= for ac_dir in "$srcdir" "$srcdir/.." "$srcdir/../.."; do @@ -1677,7 +1718,113 @@ ac_configure="$SHELL $ac_aux_dir/configu -subdirs="$subdirs tools stubdom" + +# Check whether --enable-xen was given. +if test "${enable_xen+set}" = set; then : + enableval=$enable_xen; +xen=n + +else + +xen=y +SUBSYSTEMS="$SUBSYSTEMS xen" +if test -e "xen/configure"; then : + +subdirs="$subdirs xen" + + +fi + +fi + + + + +# Check whether --enable-kernels was given. +if test "${enable_kernels+set}" = set; then : + enableval=$enable_kernels; +kernels=n + +else + +kernels=y +SUBSYSTEMS="$SUBSYSTEMS kernels" +if test -e "kernels/configure"; then : + +subdirs="$subdirs kernels" + + +fi + +fi + + + + +# Check whether --enable-tools was given. +if test "${enable_tools+set}" = set; then : + enableval=$enable_tools; +tools=n + +else + +tools=y +SUBSYSTEMS="$SUBSYSTEMS tools" +if test -e "tools/configure"; then : + +subdirs="$subdirs tools" + + +fi + +fi + + + + +# Check whether --enable-stubdom was given. +if test "${enable_stubdom+set}" = set; then : + enableval=$enable_stubdom; +stubdom=n + +else + +stubdom=y +SUBSYSTEMS="$SUBSYSTEMS stubdom" +if test -e "stubdom/configure"; then : + +subdirs="$subdirs stubdom" + + +fi + +fi + + + + +# Check whether --enable-docs was given. +if test "${enable_docs+set}" = set; then : + enableval=$enable_docs; +docs=n + +else + +docs=y +SUBSYSTEMS="$SUBSYSTEMS docs" +if test -e "docs/configure"; then : + +subdirs="$subdirs docs" + + +fi + +fi + + + + + cat >confcache <<\_ACEOF @@ -2236,11 +2383,15 @@ on `(hostname || uname -n) 2>/dev/null | _ACEOF +case $ac_config_files in *" +"*) set x $ac_config_files; shift; ac_config_files=$*;; +esac cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 # Files that config.status was made for. +config_files="$ac_config_files" _ACEOF @@ -2259,6 +2410,11 @@ Usage: $0 [OPTION]... [TAG]... do not print progress messages -d, --debug don't remove temporary files --recheck update $as_me by reconfiguring in the same conditions + --file=FILE[:TEMPLATE] + instantiate the configuration file FILE + +Configuration files: +$config_files Report bugs to . Xen Hypervisor home page: ." @@ -2313,6 +2469,14 @@ do $as_echo "$ac_cs_config"; exit ;; --debug | --debu | --deb | --de | --d | -d ) debug=: ;; + --file | --fil | --fi | --f ) + $ac_shift + case $ac_optarg in + *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;; + '') as_fn_error $? "missing file argument" ;; + esac + as_fn_append CONFIG_FILES " '$ac_optarg'" + ac_need_defaults=false;; --he | --h | --help | --hel | -h ) $as_echo "$ac_cs_usage"; exit ;; -q | -quiet | --quiet | --quie | --qui | --qu | --q \ @@ -2369,12 +2533,420 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_wri for ac_config_target in $ac_config_targets do case $ac_config_target in + "./config/Toplevel.mk") CONFIG_FILES="$CONFIG_FILES ./config/Toplevel.mk" ;; *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5 ;; esac done +# If the user did not use the arguments to specify the items to instantiate, +# then the envvar interface is used. Set only those that are not. +# We use the long form for the default assignment because of an extremely +# bizarre bug on SunOS 4.1.3. +if $ac_need_defaults; then + test "${CONFIG_FILES+set}" = set || CONFIG_FILES=$config_files +fi + +# Have a temporary directory for convenience. Make it in the build tree +# simply because there is no reason against having it here, and in addition, +# creating and moving files from /tmp can sometimes cause problems. +# Hook for its removal unless debugging. +# Note that there is a small window in which the directory will not be cleaned: +# after its creation but before its name has been assigned to `$tmp'. +$debug || +{ + tmp= + trap 'exit_status=$? + { test -z "$tmp" || test ! -d "$tmp" || rm -fr "$tmp"; } && exit $exit_status +' 0 + trap 'as_fn_exit 1' 1 2 13 15 +} +# Create a (secure) tmp directory for tmp files. + +{ + tmp=`(umask 077 && mktemp -d "./confXXXXXX") 2>/dev/null` && + test -n "$tmp" && test -d "$tmp" +} || +{ + tmp=./conf$$-$RANDOM + (umask 077 && mkdir "$tmp") +} || as_fn_error $? "cannot create a temporary directory in ." "$LINENO" 5 + +# Set up the scripts for CONFIG_FILES section. +# No need to generate them if there are no CONFIG_FILES. +# This happens for instance with `./config.status config.h'. +if test -n "$CONFIG_FILES"; then + + +ac_cr=`echo X | tr X '\015'` +# On cygwin, bash can eat \r inside `` if the user requested igncr. +# But we know of no other shell where ac_cr would be empty at this +# point, so we can use a bashism as a fallback. +if test "x$ac_cr" = x; then + eval ac_cr=\$\'\\r\' +fi +ac_cs_awk_cr=`$AWK 'BEGIN { print "a\rb" }' /dev/null` +if test "$ac_cs_awk_cr" = "a${ac_cr}b"; then + ac_cs_awk_cr='\\r' +else + ac_cs_awk_cr=$ac_cr +fi + +echo 'BEGIN {' >"$tmp/subs1.awk" && +_ACEOF + + +{ + echo "cat >conf$$subs.awk <<_ACEOF" && + echo "$ac_subst_vars" | sed 's/.*/&!$&$ac_delim/' && + echo "_ACEOF" +} >conf$$subs.sh || + as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 +ac_delim_num=`echo "$ac_subst_vars" | grep -c '^'` +ac_delim='%!_!# ' +for ac_last_try in false false false false false :; do + . ./conf$$subs.sh || + as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 + + ac_delim_n=`sed -n "s/.*$ac_delim\$/X/p" conf$$subs.awk | grep -c X` + if test $ac_delim_n = $ac_delim_num; then + break + elif $ac_last_try; then + as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 + else + ac_delim="$ac_delim!$ac_delim _$ac_delim!! " + fi +done +rm -f conf$$subs.sh + +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +cat >>"\$tmp/subs1.awk" <<\\_ACAWK && +_ACEOF +sed -n ' +h +s/^/S["/; s/!.*/"]=/ +p +g +s/^[^!]*!// +:repl +t repl +s/'"$ac_delim"'$// +t delim +:nl +h +s/\(.\{148\}\)..*/\1/ +t more1 +s/["\\]/\\&/g; s/^/"/; s/$/\\n"\\/ +p +n +b repl +:more1 +s/["\\]/\\&/g; s/^/"/; s/$/"\\/ +p +g +s/.\{148\}// +t nl +:delim +h +s/\(.\{148\}\)..*/\1/ +t more2 +s/["\\]/\\&/g; s/^/"/; s/$/"/ +p +b +:more2 +s/["\\]/\\&/g; s/^/"/; s/$/"\\/ +p +g +s/.\{148\}// +t delim +' >$CONFIG_STATUS || ac_write_fail=1 +rm -f conf$$subs.awk +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +_ACAWK +cat >>"\$tmp/subs1.awk" <<_ACAWK && + for (key in S) S_is_set[key] = 1 + FS = "" + +} +{ + line = $ 0 + nfields = split(line, field, "@") + substed = 0 + len = length(field[1]) + for (i = 2; i < nfields; i++) { + key = field[i] + keylen = length(key) + if (S_is_set[key]) { + value = S[key] + line = substr(line, 1, len) "" value "" substr(line, len + keylen + 3) + len += length(value) + length(field[++i]) + substed = 1 + } else + len += 1 + keylen + } + + print line +} + +_ACAWK +_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +if sed "s/$ac_cr//" < /dev/null > /dev/null 2>&1; then + sed "s/$ac_cr\$//; s/$ac_cr/$ac_cs_awk_cr/g" +else + cat +fi < "$tmp/subs1.awk" > "$tmp/subs.awk" \ + || as_fn_error $? "could not setup config files machinery" "$LINENO" 5 +_ACEOF + +# VPATH may cause trouble with some makes, so we remove sole $(srcdir), +# ${srcdir} and @srcdir@ entries from VPATH if srcdir is ".", strip leading and +# trailing colons and then remove the whole line if VPATH becomes empty +# (actually we leave an empty line to preserve line numbers). +if test "x$srcdir" = x.; then + ac_vpsub='/^[ ]*VPATH[ ]*=[ ]*/{ +h +s/// +s/^/:/ +s/[ ]*$/:/ +s/:\$(srcdir):/:/g +s/:\${srcdir}:/:/g +s/:@srcdir@:/:/g +s/^:*// +s/:*$// +x +s/\(=[ ]*\).*/\1/ +G +s/\n// +s/^[^=]*=[ ]*$// +}' +fi + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +fi # test -n "$CONFIG_FILES" + + +eval set X " :F $CONFIG_FILES " +shift +for ac_tag +do + case $ac_tag in + :[FHLC]) ac_mode=$ac_tag; continue;; + esac + case $ac_mode$ac_tag in + :[FHL]*:*);; + :L* | :C*:*) as_fn_error $? "invalid tag \`$ac_tag'" "$LINENO" 5 ;; + :[FH]-) ac_tag=-:-;; + :[FH]*) ac_tag=$ac_tag:$ac_tag.in;; + esac + ac_save_IFS=$IFS + IFS=: + set x $ac_tag + IFS=$ac_save_IFS + shift + ac_file=$1 + shift + + case $ac_mode in + :L) ac_source=$1;; + :[FH]) + ac_file_inputs= + for ac_f + do + case $ac_f in + -) ac_f="$tmp/stdin";; + *) # Look for the file first in the build tree, then in the source tree + # (if the path is not absolute). The absolute path cannot be DOS-style, + # because $ac_f cannot contain `:'. + test -f "$ac_f" || + case $ac_f in + [\\/$]*) false;; + *) test -f "$srcdir/$ac_f" && ac_f="$srcdir/$ac_f";; + esac || + as_fn_error 1 "cannot find input file: \`$ac_f'" "$LINENO" 5 ;; + esac + case $ac_f in *\'*) ac_f=`$as_echo "$ac_f" | sed "s/'/'\\\\\\\\''/g"`;; esac + as_fn_append ac_file_inputs " '$ac_f'" + done + + # Let's still pretend it is `configure' which instantiates (i.e., don't + # use $as_me), people would be surprised to read: + # /* config.h. Generated by config.status. */ + configure_input='Generated from '` + $as_echo "$*" | sed 's|^[^:]*/||;s|:[^:]*/|, |g' + `' by configure.' + if test x"$ac_file" != x-; then + configure_input="$ac_file. $configure_input" + { $as_echo "$as_me:${as_lineno-$LINENO}: creating $ac_file" >&5 +$as_echo "$as_me: creating $ac_file" >&6;} + fi + # Neutralize special characters interpreted by sed in replacement strings. + case $configure_input in #( + *\&* | *\|* | *\\* ) + ac_sed_conf_input=`$as_echo "$configure_input" | + sed 's/[\\\\&|]/\\\\&/g'`;; #( + *) ac_sed_conf_input=$configure_input;; + esac + + case $ac_tag in + *:-:* | *:-) cat >"$tmp/stdin" \ + || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;; + esac + ;; + esac + + ac_dir=`$as_dirname -- "$ac_file" || +$as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$ac_file" : 'X\(//\)[^/]' \| \ + X"$ac_file" : 'X\(//\)$' \| \ + X"$ac_file" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$ac_file" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + as_dir="$ac_dir"; as_fn_mkdir_p + ac_builddir=. + +case "$ac_dir" in +.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; +*) + ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'` + # A ".." for each directory in $ac_dir_suffix. + ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` + case $ac_top_builddir_sub in + "") ac_top_builddir_sub=. ac_top_build_prefix= ;; + *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; + esac ;; +esac +ac_abs_top_builddir=$ac_pwd +ac_abs_builddir=$ac_pwd$ac_dir_suffix +# for backward compatibility: +ac_top_builddir=$ac_top_build_prefix + +case $srcdir in + .) # We are building in place. + ac_srcdir=. + ac_top_srcdir=$ac_top_builddir_sub + ac_abs_top_srcdir=$ac_pwd ;; + [\\/]* | ?:[\\/]* ) # Absolute name. + ac_srcdir=$srcdir$ac_dir_suffix; + ac_top_srcdir=$srcdir + ac_abs_top_srcdir=$srcdir ;; + *) # Relative name. + ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix + ac_top_srcdir=$ac_top_build_prefix$srcdir + ac_abs_top_srcdir=$ac_pwd/$srcdir ;; +esac +ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix + + + case $ac_mode in + :F) + # + # CONFIG_FILE + # + +_ACEOF + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +# If the template does not know about datarootdir, expand it. +# FIXME: This hack should be removed a few years after 2.60. +ac_datarootdir_hack=; ac_datarootdir_seen= +ac_sed_dataroot=' +/datarootdir/ { + p + q +} +/@datadir@/p +/@docdir@/p +/@infodir@/p +/@localedir@/p +/@mandir@/p' +case `eval "sed -n \"\$ac_sed_dataroot\" $ac_file_inputs"` in +*datarootdir*) ac_datarootdir_seen=yes;; +*@datadir@*|*@docdir@*|*@infodir@*|*@localedir@*|*@mandir@*) + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5 +$as_echo "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;} +_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 + ac_datarootdir_hack=' + s&@datadir@&$datadir&g + s&@docdir@&$docdir&g + s&@infodir@&$infodir&g + s&@localedir@&$localedir&g + s&@mandir@&$mandir&g + s&\\\${datarootdir}&$datarootdir&g' ;; +esac +_ACEOF + +# Neutralize VPATH when `$srcdir' = `.'. +# Shell code in configure.ac might set extrasub. +# FIXME: do we really want to maintain this feature? +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +ac_sed_extra="$ac_vpsub +$extrasub +_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +:t +/@[a-zA-Z_][a-zA-Z_0-9]*@/!b +s|@configure_input@|$ac_sed_conf_input|;t t +s&@top_builddir@&$ac_top_builddir_sub&;t t +s&@top_build_prefix@&$ac_top_build_prefix&;t t +s&@srcdir@&$ac_srcdir&;t t +s&@abs_srcdir@&$ac_abs_srcdir&;t t +s&@top_srcdir@&$ac_top_srcdir&;t t +s&@abs_top_srcdir@&$ac_abs_top_srcdir&;t t +s&@builddir@&$ac_builddir&;t t +s&@abs_builddir@&$ac_abs_builddir&;t t +s&@abs_top_builddir@&$ac_abs_top_builddir&;t t +$ac_datarootdir_hack +" +eval sed \"\$ac_sed_extra\" "$ac_file_inputs" | $AWK -f "$tmp/subs.awk" >$tmp/out \ + || as_fn_error $? "could not create $ac_file" "$LINENO" 5 + +test -z "$ac_datarootdir_hack$ac_datarootdir_seen" && + { ac_out=`sed -n '/\${datarootdir}/p' "$tmp/out"`; test -n "$ac_out"; } && + { ac_out=`sed -n '/^[ ]*datarootdir[ ]*:*=/p' "$tmp/out"`; test -z "$ac_out"; } && + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file contains a reference to the variable \`datarootdir' +which seems to be undefined. Please make sure it is defined" >&5 +$as_echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir' +which seems to be undefined. Please make sure it is defined" >&2;} + + rm -f "$tmp/stdin" + case $ac_file in + -) cat "$tmp/out" && rm -f "$tmp/out";; + *) rm -f "$ac_file" && mv "$tmp/out" "$ac_file";; + esac \ + || as_fn_error $? "could not create $ac_file" "$LINENO" 5 + ;; + + + + esac + +done # for ac_tag + + as_fn_exit 0 _ACEOF ac_clean_files=$ac_clean_files_save diff -r 76dce3b9468e -r eb8e9a23925d configure.ac --- a/configure.ac Fri Jan 18 10:55:48 2013 +0000 +++ b/configure.ac Fri Jan 18 10:55:48 2013 +0000 @@ -6,7 +6,16 @@ AC_INIT([Xen Hypervisor], m4_esyscmd([./ [xen-devel@lists.xen.org], [xen], [http://www.xen.org/]) AC_CONFIG_SRCDIR([./xen/common/kernel.c]) AC_PREFIX_DEFAULT([/usr]) +AC_CONFIG_FILES([./config/Toplevel.mk]) -AC_CONFIG_SUBDIRS([tools stubdom]) +m4_include([m4/features.m4]) +m4_include([m4/subsystem.m4]) + +AX_SUBSYSTEM_DEFAULT_ENABLE([xen]) +AX_SUBSYSTEM_DEFAULT_ENABLE([kernels]) +AX_SUBSYSTEM_DEFAULT_ENABLE([tools]) +AX_SUBSYSTEM_DEFAULT_ENABLE([stubdom]) +AX_SUBSYSTEM_DEFAULT_ENABLE([docs]) +AX_SUBSYSTEM_FINISH AC_OUTPUT() diff -r 76dce3b9468e -r eb8e9a23925d m4/subsystem.m4 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/m4/subsystem.m4 Fri Jan 18 10:55:48 2013 +0000 @@ -0,0 +1,32 @@ +AC_DEFUN([AX_SUBSYSTEM_DEFAULT_ENABLE], [ +AC_ARG_ENABLE([$1], +AS_HELP_STRING([--disable-$1], [Disable build and install of $1]),[ +$1=n +],[ +$1=y +SUBSYSTEMS="$SUBSYSTEMS $1" +AS_IF([test -e "$1/configure"], [ +AC_CONFIG_SUBDIRS([$1]) +]) +]) +AC_SUBST($1) +]) + +AC_DEFUN([AX_SUBSYSTEM_DEFAULT_DISABLE], [ +AC_ARG_ENABLE([$1], +AS_HELP_STRING([--enable-$1], [Enable build and install of $1]),[ +$1=y +SUBSYSTEMS="$SUBSYSTEMS $1" +AS_IF([test -e "$1/configure"], [ +AC_CONFIG_SUBDIRS([$1]) +]) +],[ +$1=n +]) +AC_SUBST($1) +]) + + +AC_DEFUN([AX_SUBSYSTEM_FINISH], [ +AC_SUBST(SUBSYSTEMS) +]) _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:34:18 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:34:18 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPwX-0001df-NP; Mon, 21 Jan 2013 22:34:17 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPwW-0001dK-Rv for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:34:17 +0000 Received: from [85.158.139.211:42673] by server-16.bemta-5.messagelabs.com id 8F/0E-14025-862CDF05; Mon, 21 Jan 2013 22:34:16 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-7.tower-206.messagelabs.com!1358807653!18655488!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 11363 invoked from network); 21 Jan 2013 22:34:14 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-7.tower-206.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:34:14 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvW-0005g7-2B for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:14 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPvV-0003iM-PZ for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:13 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:13 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] Add conditional build of subsystems to configure.ac X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Matthew Fioravante # Date 1358506548 0 # Node ID eb8e9a23925d7b77c344a4a99679a45f96754a17 # Parent 76dce3b9468e7202ee4846785e7e21187df24b86 Add conditional build of subsystems to configure.ac The toplevel Makefile still works without running configure and will default build everything Signed-off-by: Matthew Fioravante Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r 76dce3b9468e -r eb8e9a23925d Makefile --- a/Makefile Fri Jan 18 10:55:48 2013 +0000 +++ b/Makefile Fri Jan 18 10:55:48 2013 +0000 @@ -6,6 +6,11 @@ .PHONY: all all: dist +-include config/Toplevel.mk +SUBSYSTEMS?=xen kernels tools stubdom docs +TARGS_DIST=$(patsubst %, dist-%, $(SUBSYSTEMS)) +TARGS_INSTALL=$(patsubst %, install-%, $(SUBSYSTEMS)) + export XEN_ROOT=$(CURDIR) include Config.mk @@ -15,7 +20,7 @@ include buildconfigs/Rules.mk # build and install everything into the standard system directories .PHONY: install -install: install-xen install-kernels install-tools install-stubdom install-docs +install: $(TARGS_INSTALL) .PHONY: build build: kernels @@ -37,7 +42,7 @@ test: # build and install everything into local dist directory .PHONY: dist dist: DESTDIR=$(DISTDIR)/install -dist: dist-xen dist-kernels dist-tools dist-stubdom dist-docs dist-misc +dist: $(TARGS_DIST) dist-misc dist-misc: $(INSTALL_DIR) $(DISTDIR)/ @@ -151,6 +156,7 @@ endif # clean, but blow away kernel build tree plus tarballs .PHONY: distclean distclean: + -rm config/Toplevel.mk $(MAKE) -C xen distclean $(MAKE) -C tools distclean $(MAKE) -C stubdom distclean diff -r 76dce3b9468e -r eb8e9a23925d config/Toplevel.mk.in --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/config/Toplevel.mk.in Fri Jan 18 10:55:48 2013 +0000 @@ -0,0 +1,1 @@ +SUBSYSTEMS := @SUBSYSTEMS@ diff -r 76dce3b9468e -r eb8e9a23925d configure --- a/configure Fri Jan 18 10:55:48 2013 +0000 +++ b/configure Fri Jan 18 10:55:48 2013 +0000 @@ -561,6 +561,12 @@ ac_default_prefix=/usr enable_option_checking=no ac_subst_vars='LTLIBOBJS LIBOBJS +SUBSYSTEMS +docs +stubdom +tools +kernels +xen subdirs target_alias host_alias @@ -603,11 +609,20 @@ SHELL' ac_subst_files='' ac_user_opts=' enable_option_checking +enable_xen +enable_kernels +enable_tools +enable_stubdom +enable_docs ' ac_precious_vars='build_alias host_alias target_alias' -ac_subdirs_all='tools stubdom' +ac_subdirs_all='xen +kernels +tools +stubdom +docs' # Initialize some variables set by options. ac_init_help= @@ -1214,6 +1229,16 @@ if test -n "$ac_init_help"; then esac cat <<\_ACEOF +Optional Features: + --disable-option-checking ignore unrecognized --enable/--with options + --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) + --enable-FEATURE[=ARG] include FEATURE [ARG=yes] + --disable-xen Disable build and install of xen + --disable-kernels Disable build and install of kernels + --disable-tools Disable build and install of tools + --disable-stubdom Disable build and install of stubdom + --disable-docs Disable build and install of docs + Report bugs to . Xen Hypervisor home page: . _ACEOF @@ -1645,6 +1670,22 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu +ac_config_files="$ac_config_files ./config/Toplevel.mk" + + + + + + + + + + + + + + + ac_aux_dir= for ac_dir in "$srcdir" "$srcdir/.." "$srcdir/../.."; do @@ -1677,7 +1718,113 @@ ac_configure="$SHELL $ac_aux_dir/configu -subdirs="$subdirs tools stubdom" + +# Check whether --enable-xen was given. +if test "${enable_xen+set}" = set; then : + enableval=$enable_xen; +xen=n + +else + +xen=y +SUBSYSTEMS="$SUBSYSTEMS xen" +if test -e "xen/configure"; then : + +subdirs="$subdirs xen" + + +fi + +fi + + + + +# Check whether --enable-kernels was given. +if test "${enable_kernels+set}" = set; then : + enableval=$enable_kernels; +kernels=n + +else + +kernels=y +SUBSYSTEMS="$SUBSYSTEMS kernels" +if test -e "kernels/configure"; then : + +subdirs="$subdirs kernels" + + +fi + +fi + + + + +# Check whether --enable-tools was given. +if test "${enable_tools+set}" = set; then : + enableval=$enable_tools; +tools=n + +else + +tools=y +SUBSYSTEMS="$SUBSYSTEMS tools" +if test -e "tools/configure"; then : + +subdirs="$subdirs tools" + + +fi + +fi + + + + +# Check whether --enable-stubdom was given. +if test "${enable_stubdom+set}" = set; then : + enableval=$enable_stubdom; +stubdom=n + +else + +stubdom=y +SUBSYSTEMS="$SUBSYSTEMS stubdom" +if test -e "stubdom/configure"; then : + +subdirs="$subdirs stubdom" + + +fi + +fi + + + + +# Check whether --enable-docs was given. +if test "${enable_docs+set}" = set; then : + enableval=$enable_docs; +docs=n + +else + +docs=y +SUBSYSTEMS="$SUBSYSTEMS docs" +if test -e "docs/configure"; then : + +subdirs="$subdirs docs" + + +fi + +fi + + + + + cat >confcache <<\_ACEOF @@ -2236,11 +2383,15 @@ on `(hostname || uname -n) 2>/dev/null | _ACEOF +case $ac_config_files in *" +"*) set x $ac_config_files; shift; ac_config_files=$*;; +esac cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 # Files that config.status was made for. +config_files="$ac_config_files" _ACEOF @@ -2259,6 +2410,11 @@ Usage: $0 [OPTION]... [TAG]... do not print progress messages -d, --debug don't remove temporary files --recheck update $as_me by reconfiguring in the same conditions + --file=FILE[:TEMPLATE] + instantiate the configuration file FILE + +Configuration files: +$config_files Report bugs to . Xen Hypervisor home page: ." @@ -2313,6 +2469,14 @@ do $as_echo "$ac_cs_config"; exit ;; --debug | --debu | --deb | --de | --d | -d ) debug=: ;; + --file | --fil | --fi | --f ) + $ac_shift + case $ac_optarg in + *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;; + '') as_fn_error $? "missing file argument" ;; + esac + as_fn_append CONFIG_FILES " '$ac_optarg'" + ac_need_defaults=false;; --he | --h | --help | --hel | -h ) $as_echo "$ac_cs_usage"; exit ;; -q | -quiet | --quiet | --quie | --qui | --qu | --q \ @@ -2369,12 +2533,420 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_wri for ac_config_target in $ac_config_targets do case $ac_config_target in + "./config/Toplevel.mk") CONFIG_FILES="$CONFIG_FILES ./config/Toplevel.mk" ;; *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5 ;; esac done +# If the user did not use the arguments to specify the items to instantiate, +# then the envvar interface is used. Set only those that are not. +# We use the long form for the default assignment because of an extremely +# bizarre bug on SunOS 4.1.3. +if $ac_need_defaults; then + test "${CONFIG_FILES+set}" = set || CONFIG_FILES=$config_files +fi + +# Have a temporary directory for convenience. Make it in the build tree +# simply because there is no reason against having it here, and in addition, +# creating and moving files from /tmp can sometimes cause problems. +# Hook for its removal unless debugging. +# Note that there is a small window in which the directory will not be cleaned: +# after its creation but before its name has been assigned to `$tmp'. +$debug || +{ + tmp= + trap 'exit_status=$? + { test -z "$tmp" || test ! -d "$tmp" || rm -fr "$tmp"; } && exit $exit_status +' 0 + trap 'as_fn_exit 1' 1 2 13 15 +} +# Create a (secure) tmp directory for tmp files. + +{ + tmp=`(umask 077 && mktemp -d "./confXXXXXX") 2>/dev/null` && + test -n "$tmp" && test -d "$tmp" +} || +{ + tmp=./conf$$-$RANDOM + (umask 077 && mkdir "$tmp") +} || as_fn_error $? "cannot create a temporary directory in ." "$LINENO" 5 + +# Set up the scripts for CONFIG_FILES section. +# No need to generate them if there are no CONFIG_FILES. +# This happens for instance with `./config.status config.h'. +if test -n "$CONFIG_FILES"; then + + +ac_cr=`echo X | tr X '\015'` +# On cygwin, bash can eat \r inside `` if the user requested igncr. +# But we know of no other shell where ac_cr would be empty at this +# point, so we can use a bashism as a fallback. +if test "x$ac_cr" = x; then + eval ac_cr=\$\'\\r\' +fi +ac_cs_awk_cr=`$AWK 'BEGIN { print "a\rb" }' /dev/null` +if test "$ac_cs_awk_cr" = "a${ac_cr}b"; then + ac_cs_awk_cr='\\r' +else + ac_cs_awk_cr=$ac_cr +fi + +echo 'BEGIN {' >"$tmp/subs1.awk" && +_ACEOF + + +{ + echo "cat >conf$$subs.awk <<_ACEOF" && + echo "$ac_subst_vars" | sed 's/.*/&!$&$ac_delim/' && + echo "_ACEOF" +} >conf$$subs.sh || + as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 +ac_delim_num=`echo "$ac_subst_vars" | grep -c '^'` +ac_delim='%!_!# ' +for ac_last_try in false false false false false :; do + . ./conf$$subs.sh || + as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 + + ac_delim_n=`sed -n "s/.*$ac_delim\$/X/p" conf$$subs.awk | grep -c X` + if test $ac_delim_n = $ac_delim_num; then + break + elif $ac_last_try; then + as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 + else + ac_delim="$ac_delim!$ac_delim _$ac_delim!! " + fi +done +rm -f conf$$subs.sh + +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +cat >>"\$tmp/subs1.awk" <<\\_ACAWK && +_ACEOF +sed -n ' +h +s/^/S["/; s/!.*/"]=/ +p +g +s/^[^!]*!// +:repl +t repl +s/'"$ac_delim"'$// +t delim +:nl +h +s/\(.\{148\}\)..*/\1/ +t more1 +s/["\\]/\\&/g; s/^/"/; s/$/\\n"\\/ +p +n +b repl +:more1 +s/["\\]/\\&/g; s/^/"/; s/$/"\\/ +p +g +s/.\{148\}// +t nl +:delim +h +s/\(.\{148\}\)..*/\1/ +t more2 +s/["\\]/\\&/g; s/^/"/; s/$/"/ +p +b +:more2 +s/["\\]/\\&/g; s/^/"/; s/$/"\\/ +p +g +s/.\{148\}// +t delim +' >$CONFIG_STATUS || ac_write_fail=1 +rm -f conf$$subs.awk +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +_ACAWK +cat >>"\$tmp/subs1.awk" <<_ACAWK && + for (key in S) S_is_set[key] = 1 + FS = "" + +} +{ + line = $ 0 + nfields = split(line, field, "@") + substed = 0 + len = length(field[1]) + for (i = 2; i < nfields; i++) { + key = field[i] + keylen = length(key) + if (S_is_set[key]) { + value = S[key] + line = substr(line, 1, len) "" value "" substr(line, len + keylen + 3) + len += length(value) + length(field[++i]) + substed = 1 + } else + len += 1 + keylen + } + + print line +} + +_ACAWK +_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +if sed "s/$ac_cr//" < /dev/null > /dev/null 2>&1; then + sed "s/$ac_cr\$//; s/$ac_cr/$ac_cs_awk_cr/g" +else + cat +fi < "$tmp/subs1.awk" > "$tmp/subs.awk" \ + || as_fn_error $? "could not setup config files machinery" "$LINENO" 5 +_ACEOF + +# VPATH may cause trouble with some makes, so we remove sole $(srcdir), +# ${srcdir} and @srcdir@ entries from VPATH if srcdir is ".", strip leading and +# trailing colons and then remove the whole line if VPATH becomes empty +# (actually we leave an empty line to preserve line numbers). +if test "x$srcdir" = x.; then + ac_vpsub='/^[ ]*VPATH[ ]*=[ ]*/{ +h +s/// +s/^/:/ +s/[ ]*$/:/ +s/:\$(srcdir):/:/g +s/:\${srcdir}:/:/g +s/:@srcdir@:/:/g +s/^:*// +s/:*$// +x +s/\(=[ ]*\).*/\1/ +G +s/\n// +s/^[^=]*=[ ]*$// +}' +fi + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +fi # test -n "$CONFIG_FILES" + + +eval set X " :F $CONFIG_FILES " +shift +for ac_tag +do + case $ac_tag in + :[FHLC]) ac_mode=$ac_tag; continue;; + esac + case $ac_mode$ac_tag in + :[FHL]*:*);; + :L* | :C*:*) as_fn_error $? "invalid tag \`$ac_tag'" "$LINENO" 5 ;; + :[FH]-) ac_tag=-:-;; + :[FH]*) ac_tag=$ac_tag:$ac_tag.in;; + esac + ac_save_IFS=$IFS + IFS=: + set x $ac_tag + IFS=$ac_save_IFS + shift + ac_file=$1 + shift + + case $ac_mode in + :L) ac_source=$1;; + :[FH]) + ac_file_inputs= + for ac_f + do + case $ac_f in + -) ac_f="$tmp/stdin";; + *) # Look for the file first in the build tree, then in the source tree + # (if the path is not absolute). The absolute path cannot be DOS-style, + # because $ac_f cannot contain `:'. + test -f "$ac_f" || + case $ac_f in + [\\/$]*) false;; + *) test -f "$srcdir/$ac_f" && ac_f="$srcdir/$ac_f";; + esac || + as_fn_error 1 "cannot find input file: \`$ac_f'" "$LINENO" 5 ;; + esac + case $ac_f in *\'*) ac_f=`$as_echo "$ac_f" | sed "s/'/'\\\\\\\\''/g"`;; esac + as_fn_append ac_file_inputs " '$ac_f'" + done + + # Let's still pretend it is `configure' which instantiates (i.e., don't + # use $as_me), people would be surprised to read: + # /* config.h. Generated by config.status. */ + configure_input='Generated from '` + $as_echo "$*" | sed 's|^[^:]*/||;s|:[^:]*/|, |g' + `' by configure.' + if test x"$ac_file" != x-; then + configure_input="$ac_file. $configure_input" + { $as_echo "$as_me:${as_lineno-$LINENO}: creating $ac_file" >&5 +$as_echo "$as_me: creating $ac_file" >&6;} + fi + # Neutralize special characters interpreted by sed in replacement strings. + case $configure_input in #( + *\&* | *\|* | *\\* ) + ac_sed_conf_input=`$as_echo "$configure_input" | + sed 's/[\\\\&|]/\\\\&/g'`;; #( + *) ac_sed_conf_input=$configure_input;; + esac + + case $ac_tag in + *:-:* | *:-) cat >"$tmp/stdin" \ + || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;; + esac + ;; + esac + + ac_dir=`$as_dirname -- "$ac_file" || +$as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$ac_file" : 'X\(//\)[^/]' \| \ + X"$ac_file" : 'X\(//\)$' \| \ + X"$ac_file" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$ac_file" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + as_dir="$ac_dir"; as_fn_mkdir_p + ac_builddir=. + +case "$ac_dir" in +.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; +*) + ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'` + # A ".." for each directory in $ac_dir_suffix. + ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` + case $ac_top_builddir_sub in + "") ac_top_builddir_sub=. ac_top_build_prefix= ;; + *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; + esac ;; +esac +ac_abs_top_builddir=$ac_pwd +ac_abs_builddir=$ac_pwd$ac_dir_suffix +# for backward compatibility: +ac_top_builddir=$ac_top_build_prefix + +case $srcdir in + .) # We are building in place. + ac_srcdir=. + ac_top_srcdir=$ac_top_builddir_sub + ac_abs_top_srcdir=$ac_pwd ;; + [\\/]* | ?:[\\/]* ) # Absolute name. + ac_srcdir=$srcdir$ac_dir_suffix; + ac_top_srcdir=$srcdir + ac_abs_top_srcdir=$srcdir ;; + *) # Relative name. + ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix + ac_top_srcdir=$ac_top_build_prefix$srcdir + ac_abs_top_srcdir=$ac_pwd/$srcdir ;; +esac +ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix + + + case $ac_mode in + :F) + # + # CONFIG_FILE + # + +_ACEOF + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +# If the template does not know about datarootdir, expand it. +# FIXME: This hack should be removed a few years after 2.60. +ac_datarootdir_hack=; ac_datarootdir_seen= +ac_sed_dataroot=' +/datarootdir/ { + p + q +} +/@datadir@/p +/@docdir@/p +/@infodir@/p +/@localedir@/p +/@mandir@/p' +case `eval "sed -n \"\$ac_sed_dataroot\" $ac_file_inputs"` in +*datarootdir*) ac_datarootdir_seen=yes;; +*@datadir@*|*@docdir@*|*@infodir@*|*@localedir@*|*@mandir@*) + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5 +$as_echo "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;} +_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 + ac_datarootdir_hack=' + s&@datadir@&$datadir&g + s&@docdir@&$docdir&g + s&@infodir@&$infodir&g + s&@localedir@&$localedir&g + s&@mandir@&$mandir&g + s&\\\${datarootdir}&$datarootdir&g' ;; +esac +_ACEOF + +# Neutralize VPATH when `$srcdir' = `.'. +# Shell code in configure.ac might set extrasub. +# FIXME: do we really want to maintain this feature? +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +ac_sed_extra="$ac_vpsub +$extrasub +_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +:t +/@[a-zA-Z_][a-zA-Z_0-9]*@/!b +s|@configure_input@|$ac_sed_conf_input|;t t +s&@top_builddir@&$ac_top_builddir_sub&;t t +s&@top_build_prefix@&$ac_top_build_prefix&;t t +s&@srcdir@&$ac_srcdir&;t t +s&@abs_srcdir@&$ac_abs_srcdir&;t t +s&@top_srcdir@&$ac_top_srcdir&;t t +s&@abs_top_srcdir@&$ac_abs_top_srcdir&;t t +s&@builddir@&$ac_builddir&;t t +s&@abs_builddir@&$ac_abs_builddir&;t t +s&@abs_top_builddir@&$ac_abs_top_builddir&;t t +$ac_datarootdir_hack +" +eval sed \"\$ac_sed_extra\" "$ac_file_inputs" | $AWK -f "$tmp/subs.awk" >$tmp/out \ + || as_fn_error $? "could not create $ac_file" "$LINENO" 5 + +test -z "$ac_datarootdir_hack$ac_datarootdir_seen" && + { ac_out=`sed -n '/\${datarootdir}/p' "$tmp/out"`; test -n "$ac_out"; } && + { ac_out=`sed -n '/^[ ]*datarootdir[ ]*:*=/p' "$tmp/out"`; test -z "$ac_out"; } && + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file contains a reference to the variable \`datarootdir' +which seems to be undefined. Please make sure it is defined" >&5 +$as_echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir' +which seems to be undefined. Please make sure it is defined" >&2;} + + rm -f "$tmp/stdin" + case $ac_file in + -) cat "$tmp/out" && rm -f "$tmp/out";; + *) rm -f "$ac_file" && mv "$tmp/out" "$ac_file";; + esac \ + || as_fn_error $? "could not create $ac_file" "$LINENO" 5 + ;; + + + + esac + +done # for ac_tag + + as_fn_exit 0 _ACEOF ac_clean_files=$ac_clean_files_save diff -r 76dce3b9468e -r eb8e9a23925d configure.ac --- a/configure.ac Fri Jan 18 10:55:48 2013 +0000 +++ b/configure.ac Fri Jan 18 10:55:48 2013 +0000 @@ -6,7 +6,16 @@ AC_INIT([Xen Hypervisor], m4_esyscmd([./ [xen-devel@lists.xen.org], [xen], [http://www.xen.org/]) AC_CONFIG_SRCDIR([./xen/common/kernel.c]) AC_PREFIX_DEFAULT([/usr]) +AC_CONFIG_FILES([./config/Toplevel.mk]) -AC_CONFIG_SUBDIRS([tools stubdom]) +m4_include([m4/features.m4]) +m4_include([m4/subsystem.m4]) + +AX_SUBSYSTEM_DEFAULT_ENABLE([xen]) +AX_SUBSYSTEM_DEFAULT_ENABLE([kernels]) +AX_SUBSYSTEM_DEFAULT_ENABLE([tools]) +AX_SUBSYSTEM_DEFAULT_ENABLE([stubdom]) +AX_SUBSYSTEM_DEFAULT_ENABLE([docs]) +AX_SUBSYSTEM_FINISH AC_OUTPUT() diff -r 76dce3b9468e -r eb8e9a23925d m4/subsystem.m4 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/m4/subsystem.m4 Fri Jan 18 10:55:48 2013 +0000 @@ -0,0 +1,32 @@ +AC_DEFUN([AX_SUBSYSTEM_DEFAULT_ENABLE], [ +AC_ARG_ENABLE([$1], +AS_HELP_STRING([--disable-$1], [Disable build and install of $1]),[ +$1=n +],[ +$1=y +SUBSYSTEMS="$SUBSYSTEMS $1" +AS_IF([test -e "$1/configure"], [ +AC_CONFIG_SUBDIRS([$1]) +]) +]) +AC_SUBST($1) +]) + +AC_DEFUN([AX_SUBSYSTEM_DEFAULT_DISABLE], [ +AC_ARG_ENABLE([$1], +AS_HELP_STRING([--enable-$1], [Enable build and install of $1]),[ +$1=y +SUBSYSTEMS="$SUBSYSTEMS $1" +AS_IF([test -e "$1/configure"], [ +AC_CONFIG_SUBDIRS([$1]) +]) +],[ +$1=n +]) +AC_SUBST($1) +]) + + +AC_DEFUN([AX_SUBSYSTEM_FINISH], [ +AC_SUBST(SUBSYSTEMS) +]) _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:34:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:34:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPwc-0001ey-QZ; Mon, 21 Jan 2013 22:34:22 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPwb-0001ec-DX for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:34:21 +0000 Received: from [85.158.138.51:54889] by server-3.bemta-3.messagelabs.com id 17/CD-17026-C62CDF05; Mon, 21 Jan 2013 22:34:20 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-6.tower-174.messagelabs.com!1358807658!20920552!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 12869 invoked from network); 21 Jan 2013 22:34:19 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-6.tower-174.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:34:19 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvb-0005gb-8R for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:19 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPvb-0003km-7L for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:19 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:18 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] arm: use module provided command line for domain 0 command line X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1358772031 0 # Node ID 002f86162d7e836acc2a00966cc1dc0ab36c2de2 # Parent 55f10b71880a50f52ad02f4658bc28825af0fb81 arm: use module provided command line for domain 0 command line Fallback to xen,dom0-bootargs if this isn't present. Ideally this would use module1-args iff the kernel came from the modules and the existing xen,dom0-bootargs if the kernel came from flash, but this approach is simpler and has the same effect in practice. Signed-off-by: Ian Campbell Acked-by: Tim Deegan Committed-by: Ian Campbell --- diff -r 55f10b71880a -r 002f86162d7e xen/arch/arm/domain_build.c --- a/xen/arch/arm/domain_build.c Mon Jan 21 12:40:30 2013 +0000 +++ b/xen/arch/arm/domain_build.c Mon Jan 21 12:40:31 2013 +0000 @@ -86,8 +86,13 @@ static int write_properties(struct domai int node, const char *name, int depth, u32 address_cells, u32 size_cells) { + const char *bootargs = NULL; int prop; + if ( early_info.modules.nr_mods >= 1 && + early_info.modules.module[1].cmdline[0] ) + bootargs = &early_info.modules.module[1].cmdline[0]; + for ( prop = fdt_first_property_offset(fdt, node); prop >= 0; prop = fdt_next_property_offset(fdt, prop) ) @@ -104,15 +109,22 @@ static int write_properties(struct domai prop_len = fdt32_to_cpu(p->len); /* - * In chosen node: replace bootargs with value from - * xen,dom0-bootargs. + * In chosen node: + * + * * remember xen,dom0-bootargs if we don't already have + * bootargs (from module #1, above). + * * remove bootargs and xen,dom0-bootargs. */ if ( device_tree_node_matches(fdt, node, "chosen") ) { if ( strcmp(prop_name, "bootargs") == 0 ) continue; - if ( strcmp(prop_name, "xen,dom0-bootargs") == 0 ) - prop_name = "bootargs"; + else if ( strcmp(prop_name, "xen,dom0-bootargs") == 0 ) + { + if ( !bootargs ) + bootargs = prop_data; + continue; + } } /* * In a memory node: adjust reg property. @@ -147,6 +159,14 @@ static int write_properties(struct domai xfree(new_data); } + if ( device_tree_node_matches(fdt, node, "chosen") && bootargs ) + fdt_property(kinfo->fdt, "bootargs", bootargs, strlen(bootargs) + 1); + + /* + * XXX should populate /chosen/linux,initrd-{start,end} here if we + * have module[2] + */ + if ( prop == -FDT_ERR_NOTFOUND ) return 0; return prop; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:34:24 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:34:24 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPwc-0001ey-QZ; Mon, 21 Jan 2013 22:34:22 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPwb-0001ec-DX for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:34:21 +0000 Received: from [85.158.138.51:54889] by server-3.bemta-3.messagelabs.com id 17/CD-17026-C62CDF05; Mon, 21 Jan 2013 22:34:20 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-6.tower-174.messagelabs.com!1358807658!20920552!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 12869 invoked from network); 21 Jan 2013 22:34:19 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-6.tower-174.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:34:19 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvb-0005gb-8R for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:19 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPvb-0003km-7L for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:19 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:18 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] arm: use module provided command line for domain 0 command line X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1358772031 0 # Node ID 002f86162d7e836acc2a00966cc1dc0ab36c2de2 # Parent 55f10b71880a50f52ad02f4658bc28825af0fb81 arm: use module provided command line for domain 0 command line Fallback to xen,dom0-bootargs if this isn't present. Ideally this would use module1-args iff the kernel came from the modules and the existing xen,dom0-bootargs if the kernel came from flash, but this approach is simpler and has the same effect in practice. Signed-off-by: Ian Campbell Acked-by: Tim Deegan Committed-by: Ian Campbell --- diff -r 55f10b71880a -r 002f86162d7e xen/arch/arm/domain_build.c --- a/xen/arch/arm/domain_build.c Mon Jan 21 12:40:30 2013 +0000 +++ b/xen/arch/arm/domain_build.c Mon Jan 21 12:40:31 2013 +0000 @@ -86,8 +86,13 @@ static int write_properties(struct domai int node, const char *name, int depth, u32 address_cells, u32 size_cells) { + const char *bootargs = NULL; int prop; + if ( early_info.modules.nr_mods >= 1 && + early_info.modules.module[1].cmdline[0] ) + bootargs = &early_info.modules.module[1].cmdline[0]; + for ( prop = fdt_first_property_offset(fdt, node); prop >= 0; prop = fdt_next_property_offset(fdt, prop) ) @@ -104,15 +109,22 @@ static int write_properties(struct domai prop_len = fdt32_to_cpu(p->len); /* - * In chosen node: replace bootargs with value from - * xen,dom0-bootargs. + * In chosen node: + * + * * remember xen,dom0-bootargs if we don't already have + * bootargs (from module #1, above). + * * remove bootargs and xen,dom0-bootargs. */ if ( device_tree_node_matches(fdt, node, "chosen") ) { if ( strcmp(prop_name, "bootargs") == 0 ) continue; - if ( strcmp(prop_name, "xen,dom0-bootargs") == 0 ) - prop_name = "bootargs"; + else if ( strcmp(prop_name, "xen,dom0-bootargs") == 0 ) + { + if ( !bootargs ) + bootargs = prop_data; + continue; + } } /* * In a memory node: adjust reg property. @@ -147,6 +159,14 @@ static int write_properties(struct domai xfree(new_data); } + if ( device_tree_node_matches(fdt, node, "chosen") && bootargs ) + fdt_property(kinfo->fdt, "bootargs", bootargs, strlen(bootargs) + 1); + + /* + * XXX should populate /chosen/linux,initrd-{start,end} here if we + * have module[2] + */ + if ( prop == -FDT_ERR_NOTFOUND ) return 0; return prop; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:34:26 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:34:26 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPwg-0001gC-0g; Mon, 21 Jan 2013 22:34:26 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPwe-0001fH-5I for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:34:25 +0000 Received: from [85.158.138.51:54994] by server-6.bemta-3.messagelabs.com id 23/FE-25504-F62CDF05; Mon, 21 Jan 2013 22:34:23 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-5.tower-174.messagelabs.com!1358807652!29028293!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 25799 invoked from network); 21 Jan 2013 22:34:13 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-5.tower-174.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:34:13 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvV-0005g4-AC for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:13 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPvV-0003i7-8X for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:13 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:12 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] Add a top level configure script X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Matthew Fioravante # Date 1358506548 0 # Node ID 76dce3b9468e7202ee4846785e7e21187df24b86 # Parent e1d7053e4d4575d052bd72cb4a44718281bdd35d Add a top level configure script Signed-off-by: Matthew Fioravante Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r e1d7053e4d45 -r 76dce3b9468e .gitignore --- a/.gitignore Fri Jan 18 10:55:47 2013 +0000 +++ b/.gitignore Fri Jan 18 10:55:48 2013 +0000 @@ -28,6 +28,11 @@ cscope.po.out dist stubdom/*.tar.gz +autom4te.cache/ +config.log +config.status +config/Toplevel.mk + build-* dist/* docs/*.aux diff -r e1d7053e4d45 -r 76dce3b9468e .hgignore --- a/.hgignore Fri Jan 18 10:55:47 2013 +0000 +++ b/.hgignore Fri Jan 18 10:55:48 2013 +0000 @@ -26,6 +26,10 @@ ^\.pc (^|/)(tags|TAGS)$ (^|/)(GTAGS|GPATH|GSYMS|GRTAGS)$ +^autom4te\.cache$ +^config\.log$ +^config\.status +^config/Toplevel\.mk ^build-.*$ ^dist/.*$ ^docs/.*\.aux$ diff -r e1d7053e4d45 -r 76dce3b9468e autogen.sh --- a/autogen.sh Fri Jan 18 10:55:47 2013 +0000 +++ b/autogen.sh Fri Jan 18 10:55:48 2013 +0000 @@ -1,4 +1,5 @@ #!/bin/sh -e +autoconf cd tools autoconf autoheader diff -r e1d7053e4d45 -r 76dce3b9468e config.guess --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/config.guess Fri Jan 18 10:55:48 2013 +0000 @@ -0,0 +1,1502 @@ +#! /bin/sh +# Attempt to guess a canonical system name. +# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, +# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 +# Free Software Foundation, Inc. + +timestamp='2009-12-30' + +# This file is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA +# 02110-1301, USA. +# +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that program. + + +# Originally written by Per Bothner. Please send patches (context +# diff format) to and include a ChangeLog +# entry. +# +# This script attempts to guess a canonical system name similar to +# config.sub. If it succeeds, it prints the system name on stdout, and +# exits with 0. Otherwise, it exits with 1. +# +# You can get the latest version of this script from: +# http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess;hb=HEAD + +me=`echo "$0" | sed -e 's,.*/,,'` + +usage="\ +Usage: $0 [OPTION] + +Output the configuration name of the system \`$me' is run on. + +Operation modes: + -h, --help print this help, then exit + -t, --time-stamp print date of last modification, then exit + -v, --version print version number, then exit + +Report bugs and patches to ." + +version="\ +GNU config.guess ($timestamp) + +Originally written by Per Bothner. +Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, +2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free +Software Foundation, Inc. + +This is free software; see the source for copying conditions. There is NO +warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." + +help=" +Try \`$me --help' for more information." + +# Parse command line +while test $# -gt 0 ; do + case $1 in + --time-stamp | --time* | -t ) + echo "$timestamp" ; exit ;; + --version | -v ) + echo "$version" ; exit ;; + --help | --h* | -h ) + echo "$usage"; exit ;; + -- ) # Stop option processing + shift; break ;; + - ) # Use stdin as input. + break ;; + -* ) + echo "$me: invalid option $1$help" >&2 + exit 1 ;; + * ) + break ;; + esac +done + +if test $# != 0; then + echo "$me: too many arguments$help" >&2 + exit 1 +fi + +trap 'exit 1' 1 2 15 + +# CC_FOR_BUILD -- compiler used by this script. Note that the use of a +# compiler to aid in system detection is discouraged as it requires +# temporary files to be created and, as you can see below, it is a +# headache to deal with in a portable fashion. + +# Historically, `CC_FOR_BUILD' used to be named `HOST_CC'. We still +# use `HOST_CC' if defined, but it is deprecated. + +# Portable tmp directory creation inspired by the Autoconf team. + +set_cc_for_build=' +trap "exitcode=\$?; (rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null) && exit \$exitcode" 0 ; +trap "rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null; exit 1" 1 2 13 15 ; +: ${TMPDIR=/tmp} ; + { tmp=`(umask 077 && mktemp -d "$TMPDIR/cgXXXXXX") 2>/dev/null` && test -n "$tmp" && test -d "$tmp" ; } || + { test -n "$RANDOM" && tmp=$TMPDIR/cg$$-$RANDOM && (umask 077 && mkdir $tmp) ; } || + { tmp=$TMPDIR/cg-$$ && (umask 077 && mkdir $tmp) && echo "Warning: creating insecure temp directory" >&2 ; } || + { echo "$me: cannot create a temporary directory in $TMPDIR" >&2 ; exit 1 ; } ; +dummy=$tmp/dummy ; +tmpfiles="$dummy.c $dummy.o $dummy.rel $dummy" ; +case $CC_FOR_BUILD,$HOST_CC,$CC in + ,,) echo "int x;" > $dummy.c ; + for c in cc gcc c89 c99 ; do + if ($c -c -o $dummy.o $dummy.c) >/dev/null 2>&1 ; then + CC_FOR_BUILD="$c"; break ; + fi ; + done ; + if test x"$CC_FOR_BUILD" = x ; then + CC_FOR_BUILD=no_compiler_found ; + fi + ;; + ,,*) CC_FOR_BUILD=$CC ;; + ,*,*) CC_FOR_BUILD=$HOST_CC ;; +esac ; set_cc_for_build= ;' + +# This is needed to find uname on a Pyramid OSx when run in the BSD universe. +# (ghazi@noc.rutgers.edu 1994-08-24) +if (test -f /.attbin/uname) >/dev/null 2>&1 ; then + PATH=$PATH:/.attbin ; export PATH +fi + +UNAME_MACHINE=`(uname -m) 2>/dev/null` || UNAME_MACHINE=unknown +UNAME_RELEASE=`(uname -r) 2>/dev/null` || UNAME_RELEASE=unknown +UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown +UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown + +# Note: order is significant - the case branches are not exclusive. + +case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in + *:NetBSD:*:*) + # NetBSD (nbsd) targets should (where applicable) match one or + # more of the tupples: *-*-netbsdelf*, *-*-netbsdaout*, + # *-*-netbsdecoff* and *-*-netbsd*. For targets that recently + # switched to ELF, *-*-netbsd* would select the old + # object file format. This provides both forward + # compatibility and a consistent mechanism for selecting the + # object file format. + # + # Note: NetBSD doesn't particularly care about the vendor + # portion of the name. We always set it to "unknown". + sysctl="sysctl -n hw.machine_arch" + UNAME_MACHINE_ARCH=`(/sbin/$sysctl 2>/dev/null || \ + /usr/sbin/$sysctl 2>/dev/null || echo unknown)` + case "${UNAME_MACHINE_ARCH}" in + armeb) machine=armeb-unknown ;; + arm*) machine=arm-unknown ;; + sh3el) machine=shl-unknown ;; + sh3eb) machine=sh-unknown ;; + sh5el) machine=sh5le-unknown ;; + *) machine=${UNAME_MACHINE_ARCH}-unknown ;; + esac + # The Operating System including object format, if it has switched + # to ELF recently, or will in the future. + case "${UNAME_MACHINE_ARCH}" in + arm*|i386|m68k|ns32k|sh3*|sparc|vax) + eval $set_cc_for_build + if echo __ELF__ | $CC_FOR_BUILD -E - 2>/dev/null \ + | grep -q __ELF__ + then + # Once all utilities can be ECOFF (netbsdecoff) or a.out (netbsdaout). + # Return netbsd for either. FIX? + os=netbsd + else + os=netbsdelf + fi + ;; + *) + os=netbsd + ;; + esac + # The OS release + # Debian GNU/NetBSD machines have a different userland, and + # thus, need a distinct triplet. However, they do not need + # kernel version information, so it can be replaced with a + # suitable tag, in the style of linux-gnu. + case "${UNAME_VERSION}" in + Debian*) + release='-gnu' + ;; + *) + release=`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'` + ;; + esac + # Since CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM: + # contains redundant information, the shorter form: + # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used. + echo "${machine}-${os}${release}" + exit ;; + *:OpenBSD:*:*) + UNAME_MACHINE_ARCH=`arch | sed 's/OpenBSD.//'` + echo ${UNAME_MACHINE_ARCH}-unknown-openbsd${UNAME_RELEASE} + exit ;; + *:ekkoBSD:*:*) + echo ${UNAME_MACHINE}-unknown-ekkobsd${UNAME_RELEASE} + exit ;; + *:SolidBSD:*:*) + echo ${UNAME_MACHINE}-unknown-solidbsd${UNAME_RELEASE} + exit ;; + macppc:MirBSD:*:*) + echo powerpc-unknown-mirbsd${UNAME_RELEASE} + exit ;; + *:MirBSD:*:*) + echo ${UNAME_MACHINE}-unknown-mirbsd${UNAME_RELEASE} + exit ;; + alpha:OSF1:*:*) + case $UNAME_RELEASE in + *4.0) + UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'` + ;; + *5.*) + UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $4}'` + ;; + esac + # According to Compaq, /usr/sbin/psrinfo has been available on + # OSF/1 and Tru64 systems produced since 1995. I hope that + # covers most systems running today. This code pipes the CPU + # types through head -n 1, so we only detect the type of CPU 0. + ALPHA_CPU_TYPE=`/usr/sbin/psrinfo -v | sed -n -e 's/^ The alpha \(.*\) processor.*$/\1/p' | head -n 1` + case "$ALPHA_CPU_TYPE" in + "EV4 (21064)") + UNAME_MACHINE="alpha" ;; + "EV4.5 (21064)") + UNAME_MACHINE="alpha" ;; + "LCA4 (21066/21068)") + UNAME_MACHINE="alpha" ;; + "EV5 (21164)") + UNAME_MACHINE="alphaev5" ;; + "EV5.6 (21164A)") + UNAME_MACHINE="alphaev56" ;; + "EV5.6 (21164PC)") + UNAME_MACHINE="alphapca56" ;; + "EV5.7 (21164PC)") + UNAME_MACHINE="alphapca57" ;; + "EV6 (21264)") + UNAME_MACHINE="alphaev6" ;; + "EV6.7 (21264A)") + UNAME_MACHINE="alphaev67" ;; + "EV6.8CB (21264C)") + UNAME_MACHINE="alphaev68" ;; + "EV6.8AL (21264B)") + UNAME_MACHINE="alphaev68" ;; + "EV6.8CX (21264D)") + UNAME_MACHINE="alphaev68" ;; + "EV6.9A (21264/EV69A)") + UNAME_MACHINE="alphaev69" ;; + "EV7 (21364)") + UNAME_MACHINE="alphaev7" ;; + "EV7.9 (21364A)") + UNAME_MACHINE="alphaev79" ;; + esac + # A Pn.n version is a patched version. + # A Vn.n version is a released version. + # A Tn.n version is a released field test version. + # A Xn.n version is an unreleased experimental baselevel. + # 1.2 uses "1.2" for uname -r. + echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[PVTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` + exit ;; + Alpha\ *:Windows_NT*:*) + # How do we know it's Interix rather than the generic POSIX subsystem? + # Should we change UNAME_MACHINE based on the output of uname instead + # of the specific Alpha model? + echo alpha-pc-interix + exit ;; + 21064:Windows_NT:50:3) + echo alpha-dec-winnt3.5 + exit ;; + Amiga*:UNIX_System_V:4.0:*) + echo m68k-unknown-sysv4 + exit ;; + *:[Aa]miga[Oo][Ss]:*:*) + echo ${UNAME_MACHINE}-unknown-amigaos + exit ;; + *:[Mm]orph[Oo][Ss]:*:*) + echo ${UNAME_MACHINE}-unknown-morphos + exit ;; + *:OS/390:*:*) + echo i370-ibm-openedition + exit ;; + *:z/VM:*:*) + echo s390-ibm-zvmoe + exit ;; + *:OS400:*:*) + echo powerpc-ibm-os400 + exit ;; + arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*) + echo arm-acorn-riscix${UNAME_RELEASE} + exit ;; + arm:riscos:*:*|arm:RISCOS:*:*) + echo arm-unknown-riscos + exit ;; + SR2?01:HI-UX/MPP:*:* | SR8000:HI-UX/MPP:*:*) + echo hppa1.1-hitachi-hiuxmpp + exit ;; + Pyramid*:OSx*:*:* | MIS*:OSx*:*:* | MIS*:SMP_DC-OSx*:*:*) + # akee@wpdis03.wpafb.af.mil (Earle F. Ake) contributed MIS and NILE. + if test "`(/bin/universe) 2>/dev/null`" = att ; then + echo pyramid-pyramid-sysv3 + else + echo pyramid-pyramid-bsd + fi + exit ;; + NILE*:*:*:dcosx) + echo pyramid-pyramid-svr4 + exit ;; + DRS?6000:unix:4.0:6*) + echo sparc-icl-nx6 + exit ;; + DRS?6000:UNIX_SV:4.2*:7* | DRS?6000:isis:4.2*:7*) + case `/usr/bin/uname -p` in + sparc) echo sparc-icl-nx7; exit ;; + esac ;; + s390x:SunOS:*:*) + echo ${UNAME_MACHINE}-ibm-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; + sun4H:SunOS:5.*:*) + echo sparc-hal-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; + sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*) + echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; + i86pc:AuroraUX:5.*:* | i86xen:AuroraUX:5.*:*) + echo i386-pc-auroraux${UNAME_RELEASE} + exit ;; + i86pc:SunOS:5.*:* | i86xen:SunOS:5.*:*) + eval $set_cc_for_build + SUN_ARCH="i386" + # If there is a compiler, see if it is configured for 64-bit objects. + # Note that the Sun cc does not turn __LP64__ into 1 like gcc does. + # This test works for both compilers. + if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then + if (echo '#ifdef __amd64'; echo IS_64BIT_ARCH; echo '#endif') | \ + (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \ + grep IS_64BIT_ARCH >/dev/null + then + SUN_ARCH="x86_64" + fi + fi + echo ${SUN_ARCH}-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; + sun4*:SunOS:6*:*) + # According to config.sub, this is the proper way to canonicalize + # SunOS6. Hard to guess exactly what SunOS6 will be like, but + # it's likely to be more like Solaris than SunOS4. + echo sparc-sun-solaris3`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; + sun4*:SunOS:*:*) + case "`/usr/bin/arch -k`" in + Series*|S4*) + UNAME_RELEASE=`uname -v` + ;; + esac + # Japanese Language versions have a version number like `4.1.3-JL'. + echo sparc-sun-sunos`echo ${UNAME_RELEASE}|sed -e 's/-/_/'` + exit ;; + sun3*:SunOS:*:*) + echo m68k-sun-sunos${UNAME_RELEASE} + exit ;; + sun*:*:4.2BSD:*) + UNAME_RELEASE=`(sed 1q /etc/motd | awk '{print substr($5,1,3)}') 2>/dev/null` + test "x${UNAME_RELEASE}" = "x" && UNAME_RELEASE=3 + case "`/bin/arch`" in + sun3) + echo m68k-sun-sunos${UNAME_RELEASE} + ;; + sun4) + echo sparc-sun-sunos${UNAME_RELEASE} + ;; + esac + exit ;; + aushp:SunOS:*:*) + echo sparc-auspex-sunos${UNAME_RELEASE} + exit ;; + # The situation for MiNT is a little confusing. The machine name + # can be virtually everything (everything which is not + # "atarist" or "atariste" at least should have a processor + # > m68000). The system name ranges from "MiNT" over "FreeMiNT" + # to the lowercase version "mint" (or "freemint"). Finally + # the system name "TOS" denotes a system which is actually not + # MiNT. But MiNT is downward compatible to TOS, so this should + # be no problem. + atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*) + echo m68k-atari-mint${UNAME_RELEASE} + exit ;; + atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*) + echo m68k-atari-mint${UNAME_RELEASE} + exit ;; + *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*) + echo m68k-atari-mint${UNAME_RELEASE} + exit ;; + milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*) + echo m68k-milan-mint${UNAME_RELEASE} + exit ;; + hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*) + echo m68k-hades-mint${UNAME_RELEASE} + exit ;; + *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*) + echo m68k-unknown-mint${UNAME_RELEASE} + exit ;; + m68k:machten:*:*) + echo m68k-apple-machten${UNAME_RELEASE} + exit ;; + powerpc:machten:*:*) + echo powerpc-apple-machten${UNAME_RELEASE} + exit ;; + RISC*:Mach:*:*) + echo mips-dec-mach_bsd4.3 + exit ;; + RISC*:ULTRIX:*:*) + echo mips-dec-ultrix${UNAME_RELEASE} + exit ;; + VAX*:ULTRIX*:*:*) + echo vax-dec-ultrix${UNAME_RELEASE} + exit ;; + 2020:CLIX:*:* | 2430:CLIX:*:*) + echo clipper-intergraph-clix${UNAME_RELEASE} + exit ;; + mips:*:*:UMIPS | mips:*:*:RISCos) + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c +#ifdef __cplusplus +#include /* for printf() prototype */ + int main (int argc, char *argv[]) { +#else + int main (argc, argv) int argc; char *argv[]; { +#endif + #if defined (host_mips) && defined (MIPSEB) + #if defined (SYSTYPE_SYSV) + printf ("mips-mips-riscos%ssysv\n", argv[1]); exit (0); + #endif + #if defined (SYSTYPE_SVR4) + printf ("mips-mips-riscos%ssvr4\n", argv[1]); exit (0); + #endif + #if defined (SYSTYPE_BSD43) || defined(SYSTYPE_BSD) + printf ("mips-mips-riscos%sbsd\n", argv[1]); exit (0); + #endif + #endif + exit (-1); + } +EOF + $CC_FOR_BUILD -o $dummy $dummy.c && + dummyarg=`echo "${UNAME_RELEASE}" | sed -n 's/\([0-9]*\).*/\1/p'` && + SYSTEM_NAME=`$dummy $dummyarg` && + { echo "$SYSTEM_NAME"; exit; } + echo mips-mips-riscos${UNAME_RELEASE} + exit ;; + Motorola:PowerMAX_OS:*:*) + echo powerpc-motorola-powermax + exit ;; + Motorola:*:4.3:PL8-*) + echo powerpc-harris-powermax + exit ;; + Night_Hawk:*:*:PowerMAX_OS | Synergy:PowerMAX_OS:*:*) + echo powerpc-harris-powermax + exit ;; + Night_Hawk:Power_UNIX:*:*) + echo powerpc-harris-powerunix + exit ;; + m88k:CX/UX:7*:*) + echo m88k-harris-cxux7 + exit ;; + m88k:*:4*:R4*) + echo m88k-motorola-sysv4 + exit ;; + m88k:*:3*:R3*) + echo m88k-motorola-sysv3 + exit ;; + AViiON:dgux:*:*) + # DG/UX returns AViiON for all architectures + UNAME_PROCESSOR=`/usr/bin/uname -p` + if [ $UNAME_PROCESSOR = mc88100 ] || [ $UNAME_PROCESSOR = mc88110 ] + then + if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx ] || \ + [ ${TARGET_BINARY_INTERFACE}x = x ] + then + echo m88k-dg-dgux${UNAME_RELEASE} + else + echo m88k-dg-dguxbcs${UNAME_RELEASE} + fi + else + echo i586-dg-dgux${UNAME_RELEASE} + fi + exit ;; + M88*:DolphinOS:*:*) # DolphinOS (SVR3) + echo m88k-dolphin-sysv3 + exit ;; + M88*:*:R3*:*) + # Delta 88k system running SVR3 + echo m88k-motorola-sysv3 + exit ;; + XD88*:*:*:*) # Tektronix XD88 system running UTekV (SVR3) + echo m88k-tektronix-sysv3 + exit ;; + Tek43[0-9][0-9]:UTek:*:*) # Tektronix 4300 system running UTek (BSD) + echo m68k-tektronix-bsd + exit ;; + *:IRIX*:*:*) + echo mips-sgi-irix`echo ${UNAME_RELEASE}|sed -e 's/-/_/g'` + exit ;; + ????????:AIX?:[12].1:2) # AIX 2.2.1 or AIX 2.1.1 is RT/PC AIX. + echo romp-ibm-aix # uname -m gives an 8 hex-code CPU id + exit ;; # Note that: echo "'`uname -s`'" gives 'AIX ' + i*86:AIX:*:*) + echo i386-ibm-aix + exit ;; + ia64:AIX:*:*) + if [ -x /usr/bin/oslevel ] ; then + IBM_REV=`/usr/bin/oslevel` + else + IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE} + fi + echo ${UNAME_MACHINE}-ibm-aix${IBM_REV} + exit ;; + *:AIX:2:3) + if grep bos325 /usr/include/stdio.h >/dev/null 2>&1; then + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + #include + + main() + { + if (!__power_pc()) + exit(1); + puts("powerpc-ibm-aix3.2.5"); + exit(0); + } +EOF + if $CC_FOR_BUILD -o $dummy $dummy.c && SYSTEM_NAME=`$dummy` + then + echo "$SYSTEM_NAME" + else + echo rs6000-ibm-aix3.2.5 + fi + elif grep bos324 /usr/include/stdio.h >/dev/null 2>&1; then + echo rs6000-ibm-aix3.2.4 + else + echo rs6000-ibm-aix3.2 + fi + exit ;; + *:AIX:*:[456]) + IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | sed 1q | awk '{ print $1 }'` + if /usr/sbin/lsattr -El ${IBM_CPU_ID} | grep ' POWER' >/dev/null 2>&1; then + IBM_ARCH=rs6000 + else + IBM_ARCH=powerpc + fi + if [ -x /usr/bin/oslevel ] ; then + IBM_REV=`/usr/bin/oslevel` + else + IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE} + fi + echo ${IBM_ARCH}-ibm-aix${IBM_REV} + exit ;; + *:AIX:*:*) + echo rs6000-ibm-aix + exit ;; + ibmrt:4.4BSD:*|romp-ibm:BSD:*) + echo romp-ibm-bsd4.4 + exit ;; + ibmrt:*BSD:*|romp-ibm:BSD:*) # covers RT/PC BSD and + echo romp-ibm-bsd${UNAME_RELEASE} # 4.3 with uname added to + exit ;; # report: romp-ibm BSD 4.3 + *:BOSX:*:*) + echo rs6000-bull-bosx + exit ;; + DPX/2?00:B.O.S.:*:*) + echo m68k-bull-sysv3 + exit ;; + 9000/[34]??:4.3bsd:1.*:*) + echo m68k-hp-bsd + exit ;; + hp300:4.4BSD:*:* | 9000/[34]??:4.3bsd:2.*:*) + echo m68k-hp-bsd4.4 + exit ;; + 9000/[34678]??:HP-UX:*:*) + HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` + case "${UNAME_MACHINE}" in + 9000/31? ) HP_ARCH=m68000 ;; + 9000/[34]?? ) HP_ARCH=m68k ;; + 9000/[678][0-9][0-9]) + if [ -x /usr/bin/getconf ]; then + sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null` + sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null` + case "${sc_cpu_version}" in + 523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0 + 528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1 + 532) # CPU_PA_RISC2_0 + case "${sc_kernel_bits}" in + 32) HP_ARCH="hppa2.0n" ;; + 64) HP_ARCH="hppa2.0w" ;; + '') HP_ARCH="hppa2.0" ;; # HP-UX 10.20 + esac ;; + esac + fi + if [ "${HP_ARCH}" = "" ]; then + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + + #define _HPUX_SOURCE + #include + #include + + int main () + { + #if defined(_SC_KERNEL_BITS) + long bits = sysconf(_SC_KERNEL_BITS); + #endif + long cpu = sysconf (_SC_CPU_VERSION); + + switch (cpu) + { + case CPU_PA_RISC1_0: puts ("hppa1.0"); break; + case CPU_PA_RISC1_1: puts ("hppa1.1"); break; + case CPU_PA_RISC2_0: + #if defined(_SC_KERNEL_BITS) + switch (bits) + { + case 64: puts ("hppa2.0w"); break; + case 32: puts ("hppa2.0n"); break; + default: puts ("hppa2.0"); break; + } break; + #else /* !defined(_SC_KERNEL_BITS) */ + puts ("hppa2.0"); break; + #endif + default: puts ("hppa1.0"); break; + } + exit (0); + } +EOF + (CCOPTS= $CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null) && HP_ARCH=`$dummy` + test -z "$HP_ARCH" && HP_ARCH=hppa + fi ;; + esac + if [ ${HP_ARCH} = "hppa2.0w" ] + then + eval $set_cc_for_build + + # hppa2.0w-hp-hpux* has a 64-bit kernel and a compiler generating + # 32-bit code. hppa64-hp-hpux* has the same kernel and a compiler + # generating 64-bit code. GNU and HP use different nomenclature: + # + # $ CC_FOR_BUILD=cc ./config.guess + # => hppa2.0w-hp-hpux11.23 + # $ CC_FOR_BUILD="cc +DA2.0w" ./config.guess + # => hppa64-hp-hpux11.23 + + if echo __LP64__ | (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | + grep -q __LP64__ + then + HP_ARCH="hppa2.0w" + else + HP_ARCH="hppa64" + fi + fi + echo ${HP_ARCH}-hp-hpux${HPUX_REV} + exit ;; + ia64:HP-UX:*:*) + HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` + echo ia64-hp-hpux${HPUX_REV} + exit ;; + 3050*:HI-UX:*:*) + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + #include + int + main () + { + long cpu = sysconf (_SC_CPU_VERSION); + /* The order matters, because CPU_IS_HP_MC68K erroneously returns + true for CPU_PA_RISC1_0. CPU_IS_PA_RISC returns correct + results, however. */ + if (CPU_IS_PA_RISC (cpu)) + { + switch (cpu) + { + case CPU_PA_RISC1_0: puts ("hppa1.0-hitachi-hiuxwe2"); break; + case CPU_PA_RISC1_1: puts ("hppa1.1-hitachi-hiuxwe2"); break; + case CPU_PA_RISC2_0: puts ("hppa2.0-hitachi-hiuxwe2"); break; + default: puts ("hppa-hitachi-hiuxwe2"); break; + } + } + else if (CPU_IS_HP_MC68K (cpu)) + puts ("m68k-hitachi-hiuxwe2"); + else puts ("unknown-hitachi-hiuxwe2"); + exit (0); + } +EOF + $CC_FOR_BUILD -o $dummy $dummy.c && SYSTEM_NAME=`$dummy` && + { echo "$SYSTEM_NAME"; exit; } + echo unknown-hitachi-hiuxwe2 + exit ;; + 9000/7??:4.3bsd:*:* | 9000/8?[79]:4.3bsd:*:* ) + echo hppa1.1-hp-bsd + exit ;; + 9000/8??:4.3bsd:*:*) + echo hppa1.0-hp-bsd + exit ;; + *9??*:MPE/iX:*:* | *3000*:MPE/iX:*:*) + echo hppa1.0-hp-mpeix + exit ;; + hp7??:OSF1:*:* | hp8?[79]:OSF1:*:* ) + echo hppa1.1-hp-osf + exit ;; + hp8??:OSF1:*:*) + echo hppa1.0-hp-osf + exit ;; + i*86:OSF1:*:*) + if [ -x /usr/sbin/sysversion ] ; then + echo ${UNAME_MACHINE}-unknown-osf1mk + else + echo ${UNAME_MACHINE}-unknown-osf1 + fi + exit ;; + parisc*:Lites*:*:*) + echo hppa1.1-hp-lites + exit ;; + C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*) + echo c1-convex-bsd + exit ;; + C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*) + if getsysinfo -f scalar_acc + then echo c32-convex-bsd + else echo c2-convex-bsd + fi + exit ;; + C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*) + echo c34-convex-bsd + exit ;; + C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*) + echo c38-convex-bsd + exit ;; + C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*) + echo c4-convex-bsd + exit ;; + CRAY*Y-MP:*:*:*) + echo ymp-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' + exit ;; + CRAY*[A-Z]90:*:*:*) + echo ${UNAME_MACHINE}-cray-unicos${UNAME_RELEASE} \ + | sed -e 's/CRAY.*\([A-Z]90\)/\1/' \ + -e y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/ \ + -e 's/\.[^.]*$/.X/' + exit ;; + CRAY*TS:*:*:*) + echo t90-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' + exit ;; + CRAY*T3E:*:*:*) + echo alphaev5-cray-unicosmk${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' + exit ;; + CRAY*SV1:*:*:*) + echo sv1-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' + exit ;; + *:UNICOS/mp:*:*) + echo craynv-cray-unicosmp${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' + exit ;; + F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*) + FUJITSU_PROC=`uname -m | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` + FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` + FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'` + echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" + exit ;; + 5000:UNIX_System_V:4.*:*) + FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` + FUJITSU_REL=`echo ${UNAME_RELEASE} | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/ /_/'` + echo "sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" + exit ;; + i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*) + echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE} + exit ;; + sparc*:BSD/OS:*:*) + echo sparc-unknown-bsdi${UNAME_RELEASE} + exit ;; + *:BSD/OS:*:*) + echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE} + exit ;; + *:FreeBSD:*:*) + case ${UNAME_MACHINE} in + pc98) + echo i386-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; + amd64) + echo x86_64-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; + *) + echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; + esac + exit ;; + i*:CYGWIN*:*) + echo ${UNAME_MACHINE}-pc-cygwin + exit ;; + *:MINGW*:*) + echo ${UNAME_MACHINE}-pc-mingw32 + exit ;; + i*:windows32*:*) + # uname -m includes "-pc" on this system. + echo ${UNAME_MACHINE}-mingw32 + exit ;; + i*:PW*:*) + echo ${UNAME_MACHINE}-pc-pw32 + exit ;; + *:Interix*:*) + case ${UNAME_MACHINE} in + x86) + echo i586-pc-interix${UNAME_RELEASE} + exit ;; + authenticamd | genuineintel | EM64T) + echo x86_64-unknown-interix${UNAME_RELEASE} + exit ;; + IA64) + echo ia64-unknown-interix${UNAME_RELEASE} + exit ;; + esac ;; + [345]86:Windows_95:* | [345]86:Windows_98:* | [345]86:Windows_NT:*) + echo i${UNAME_MACHINE}-pc-mks + exit ;; + 8664:Windows_NT:*) + echo x86_64-pc-mks + exit ;; + i*:Windows_NT*:* | Pentium*:Windows_NT*:*) + # How do we know it's Interix rather than the generic POSIX subsystem? + # It also conflicts with pre-2.0 versions of AT&T UWIN. Should we + # UNAME_MACHINE based on the output of uname instead of i386? + echo i586-pc-interix + exit ;; + i*:UWIN*:*) + echo ${UNAME_MACHINE}-pc-uwin + exit ;; + amd64:CYGWIN*:*:* | x86_64:CYGWIN*:*:*) + echo x86_64-unknown-cygwin + exit ;; + p*:CYGWIN*:*) + echo powerpcle-unknown-cygwin + exit ;; + prep*:SunOS:5.*:*) + echo powerpcle-unknown-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; + *:GNU:*:*) + # the GNU system + echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-gnu`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'` + exit ;; + *:GNU/*:*:*) + # other systems with GNU libc and userland + echo ${UNAME_MACHINE}-unknown-`echo ${UNAME_SYSTEM} | sed 's,^[^/]*/,,' | tr '[A-Z]' '[a-z]'``echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`-gnu + exit ;; + i*86:Minix:*:*) + echo ${UNAME_MACHINE}-pc-minix + exit ;; + alpha:Linux:*:*) + case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in + EV5) UNAME_MACHINE=alphaev5 ;; + EV56) UNAME_MACHINE=alphaev56 ;; + PCA56) UNAME_MACHINE=alphapca56 ;; + PCA57) UNAME_MACHINE=alphapca56 ;; + EV6) UNAME_MACHINE=alphaev6 ;; + EV67) UNAME_MACHINE=alphaev67 ;; + EV68*) UNAME_MACHINE=alphaev68 ;; + esac + objdump --private-headers /bin/sh | grep -q ld.so.1 + if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi + echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC} + exit ;; + arm*:Linux:*:*) + eval $set_cc_for_build + if echo __ARM_EABI__ | $CC_FOR_BUILD -E - 2>/dev/null \ + | grep -q __ARM_EABI__ + then + echo ${UNAME_MACHINE}-unknown-linux-gnu + else + echo ${UNAME_MACHINE}-unknown-linux-gnueabi + fi + exit ;; + avr32*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + cris:Linux:*:*) + echo cris-axis-linux-gnu + exit ;; + crisv32:Linux:*:*) + echo crisv32-axis-linux-gnu + exit ;; + frv:Linux:*:*) + echo frv-unknown-linux-gnu + exit ;; + i*86:Linux:*:*) + LIBC=gnu + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + #ifdef __dietlibc__ + LIBC=dietlibc + #endif +EOF + eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^LIBC'` + echo "${UNAME_MACHINE}-pc-linux-${LIBC}" + exit ;; + ia64:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + m32r*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + m68*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + mips:Linux:*:* | mips64:Linux:*:*) + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + #undef CPU + #undef ${UNAME_MACHINE} + #undef ${UNAME_MACHINE}el + #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL) + CPU=${UNAME_MACHINE}el + #else + #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB) + CPU=${UNAME_MACHINE} + #else + CPU= + #endif + #endif +EOF + eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^CPU'` + test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; } + ;; + or32:Linux:*:*) + echo or32-unknown-linux-gnu + exit ;; + padre:Linux:*:*) + echo sparc-unknown-linux-gnu + exit ;; + parisc64:Linux:*:* | hppa64:Linux:*:*) + echo hppa64-unknown-linux-gnu + exit ;; + parisc:Linux:*:* | hppa:Linux:*:*) + # Look for CPU level + case `grep '^cpu[^a-z]*:' /proc/cpuinfo 2>/dev/null | cut -d' ' -f2` in + PA7*) echo hppa1.1-unknown-linux-gnu ;; + PA8*) echo hppa2.0-unknown-linux-gnu ;; + *) echo hppa-unknown-linux-gnu ;; + esac + exit ;; + ppc64:Linux:*:*) + echo powerpc64-unknown-linux-gnu + exit ;; + ppc:Linux:*:*) + echo powerpc-unknown-linux-gnu + exit ;; + s390:Linux:*:* | s390x:Linux:*:*) + echo ${UNAME_MACHINE}-ibm-linux + exit ;; + sh64*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + sh*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + sparc:Linux:*:* | sparc64:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + vax:Linux:*:*) + echo ${UNAME_MACHINE}-dec-linux-gnu + exit ;; + x86_64:Linux:*:*) + echo x86_64-unknown-linux-gnu + exit ;; + xtensa*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + i*86:DYNIX/ptx:4*:*) + # ptx 4.0 does uname -s correctly, with DYNIX/ptx in there. + # earlier versions are messed up and put the nodename in both + # sysname and nodename. + echo i386-sequent-sysv4 + exit ;; + i*86:UNIX_SV:4.2MP:2.*) + # Unixware is an offshoot of SVR4, but it has its own version + # number series starting with 2... + # I am not positive that other SVR4 systems won't match this, + # I just have to hope. -- rms. + # Use sysv4.2uw... so that sysv4* matches it. + echo ${UNAME_MACHINE}-pc-sysv4.2uw${UNAME_VERSION} + exit ;; + i*86:OS/2:*:*) + # If we were able to find `uname', then EMX Unix compatibility + # is probably installed. + echo ${UNAME_MACHINE}-pc-os2-emx + exit ;; + i*86:XTS-300:*:STOP) + echo ${UNAME_MACHINE}-unknown-stop + exit ;; + i*86:atheos:*:*) + echo ${UNAME_MACHINE}-unknown-atheos + exit ;; + i*86:syllable:*:*) + echo ${UNAME_MACHINE}-pc-syllable + exit ;; + i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.[02]*:*) + echo i386-unknown-lynxos${UNAME_RELEASE} + exit ;; + i*86:*DOS:*:*) + echo ${UNAME_MACHINE}-pc-msdosdjgpp + exit ;; + i*86:*:4.*:* | i*86:SYSTEM_V:4.*:*) + UNAME_REL=`echo ${UNAME_RELEASE} | sed 's/\/MP$//'` + if grep Novell /usr/include/link.h >/dev/null 2>/dev/null; then + echo ${UNAME_MACHINE}-univel-sysv${UNAME_REL} + else + echo ${UNAME_MACHINE}-pc-sysv${UNAME_REL} + fi + exit ;; + i*86:*:5:[678]*) + # UnixWare 7.x, OpenUNIX and OpenServer 6. + case `/bin/uname -X | grep "^Machine"` in + *486*) UNAME_MACHINE=i486 ;; + *Pentium) UNAME_MACHINE=i586 ;; + *Pent*|*Celeron) UNAME_MACHINE=i686 ;; + esac + echo ${UNAME_MACHINE}-unknown-sysv${UNAME_RELEASE}${UNAME_SYSTEM}${UNAME_VERSION} + exit ;; + i*86:*:3.2:*) + if test -f /usr/options/cb.name; then + UNAME_REL=`sed -n 's/.*Version //p' /dev/null >/dev/null ; then + UNAME_REL=`(/bin/uname -X|grep Release|sed -e 's/.*= //')` + (/bin/uname -X|grep i80486 >/dev/null) && UNAME_MACHINE=i486 + (/bin/uname -X|grep '^Machine.*Pentium' >/dev/null) \ + && UNAME_MACHINE=i586 + (/bin/uname -X|grep '^Machine.*Pent *II' >/dev/null) \ + && UNAME_MACHINE=i686 + (/bin/uname -X|grep '^Machine.*Pentium Pro' >/dev/null) \ + && UNAME_MACHINE=i686 + echo ${UNAME_MACHINE}-pc-sco$UNAME_REL + else + echo ${UNAME_MACHINE}-pc-sysv32 + fi + exit ;; + pc:*:*:*) + # Left here for compatibility: + # uname -m prints for DJGPP always 'pc', but it prints nothing about + # the processor, so we play safe by assuming i586. + # Note: whatever this is, it MUST be the same as what config.sub + # prints for the "djgpp" host, or else GDB configury will decide that + # this is a cross-build. + echo i586-pc-msdosdjgpp + exit ;; + Intel:Mach:3*:*) + echo i386-pc-mach3 + exit ;; + paragon:*:*:*) + echo i860-intel-osf1 + exit ;; + i860:*:4.*:*) # i860-SVR4 + if grep Stardent /usr/include/sys/uadmin.h >/dev/null 2>&1 ; then + echo i860-stardent-sysv${UNAME_RELEASE} # Stardent Vistra i860-SVR4 + else # Add other i860-SVR4 vendors below as they are discovered. + echo i860-unknown-sysv${UNAME_RELEASE} # Unknown i860-SVR4 + fi + exit ;; + mini*:CTIX:SYS*5:*) + # "miniframe" + echo m68010-convergent-sysv + exit ;; + mc68k:UNIX:SYSTEM5:3.51m) + echo m68k-convergent-sysv + exit ;; + M680?0:D-NIX:5.3:*) + echo m68k-diab-dnix + exit ;; + M68*:*:R3V[5678]*:*) + test -r /sysV68 && { echo 'm68k-motorola-sysv'; exit; } ;; + 3[345]??:*:4.0:3.0 | 3[34]??A:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 3[34]??/*:*:4.0:3.0 | 4400:*:4.0:3.0 | 4850:*:4.0:3.0 | SKA40:*:4.0:3.0 | SDS2:*:4.0:3.0 | SHG2:*:4.0:3.0 | S7501*:*:4.0:3.0) + OS_REL='' + test -r /etc/.relid \ + && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid` + /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ + && { echo i486-ncr-sysv4.3${OS_REL}; exit; } + /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ + && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;; + 3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*) + /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ + && { echo i486-ncr-sysv4; exit; } ;; + NCR*:*:4.2:* | MPRAS*:*:4.2:*) + OS_REL='.3' + test -r /etc/.relid \ + && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid` + /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ + && { echo i486-ncr-sysv4.3${OS_REL}; exit; } + /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ + && { echo i586-ncr-sysv4.3${OS_REL}; exit; } + /bin/uname -p 2>/dev/null | /bin/grep pteron >/dev/null \ + && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;; + m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*) + echo m68k-unknown-lynxos${UNAME_RELEASE} + exit ;; + mc68030:UNIX_System_V:4.*:*) + echo m68k-atari-sysv4 + exit ;; + TSUNAMI:LynxOS:2.*:*) + echo sparc-unknown-lynxos${UNAME_RELEASE} + exit ;; + rs6000:LynxOS:2.*:*) + echo rs6000-unknown-lynxos${UNAME_RELEASE} + exit ;; + PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.[02]*:*) + echo powerpc-unknown-lynxos${UNAME_RELEASE} + exit ;; + SM[BE]S:UNIX_SV:*:*) + echo mips-dde-sysv${UNAME_RELEASE} + exit ;; + RM*:ReliantUNIX-*:*:*) + echo mips-sni-sysv4 + exit ;; + RM*:SINIX-*:*:*) + echo mips-sni-sysv4 + exit ;; + *:SINIX-*:*:*) + if uname -p 2>/dev/null >/dev/null ; then + UNAME_MACHINE=`(uname -p) 2>/dev/null` + echo ${UNAME_MACHINE}-sni-sysv4 + else + echo ns32k-sni-sysv + fi + exit ;; + PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort + # says + echo i586-unisys-sysv4 + exit ;; + *:UNIX_System_V:4*:FTX*) + # From Gerald Hewes . + # How about differentiating between stratus architectures? -djm + echo hppa1.1-stratus-sysv4 + exit ;; + *:*:*:FTX*) + # From seanf@swdc.stratus.com. + echo i860-stratus-sysv4 + exit ;; + i*86:VOS:*:*) + # From Paul.Green@stratus.com. + echo ${UNAME_MACHINE}-stratus-vos + exit ;; + *:VOS:*:*) + # From Paul.Green@stratus.com. + echo hppa1.1-stratus-vos + exit ;; + mc68*:A/UX:*:*) + echo m68k-apple-aux${UNAME_RELEASE} + exit ;; + news*:NEWS-OS:6*:*) + echo mips-sony-newsos6 + exit ;; + R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*) + if [ -d /usr/nec ]; then + echo mips-nec-sysv${UNAME_RELEASE} + else + echo mips-unknown-sysv${UNAME_RELEASE} + fi + exit ;; + BeBox:BeOS:*:*) # BeOS running on hardware made by Be, PPC only. + echo powerpc-be-beos + exit ;; + BeMac:BeOS:*:*) # BeOS running on Mac or Mac clone, PPC only. + echo powerpc-apple-beos + exit ;; + BePC:BeOS:*:*) # BeOS running on Intel PC compatible. + echo i586-pc-beos + exit ;; + BePC:Haiku:*:*) # Haiku running on Intel PC compatible. + echo i586-pc-haiku + exit ;; + SX-4:SUPER-UX:*:*) + echo sx4-nec-superux${UNAME_RELEASE} + exit ;; + SX-5:SUPER-UX:*:*) + echo sx5-nec-superux${UNAME_RELEASE} + exit ;; + SX-6:SUPER-UX:*:*) + echo sx6-nec-superux${UNAME_RELEASE} + exit ;; + SX-7:SUPER-UX:*:*) + echo sx7-nec-superux${UNAME_RELEASE} + exit ;; + SX-8:SUPER-UX:*:*) + echo sx8-nec-superux${UNAME_RELEASE} + exit ;; + SX-8R:SUPER-UX:*:*) + echo sx8r-nec-superux${UNAME_RELEASE} + exit ;; + Power*:Rhapsody:*:*) + echo powerpc-apple-rhapsody${UNAME_RELEASE} + exit ;; + *:Rhapsody:*:*) + echo ${UNAME_MACHINE}-apple-rhapsody${UNAME_RELEASE} + exit ;; + *:Darwin:*:*) + UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown + case $UNAME_PROCESSOR in + i386) + eval $set_cc_for_build + if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then + if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \ + (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \ + grep IS_64BIT_ARCH >/dev/null + then + UNAME_PROCESSOR="x86_64" + fi + fi ;; + unknown) UNAME_PROCESSOR=powerpc ;; + esac + echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE} + exit ;; + *:procnto*:*:* | *:QNX:[0123456789]*:*) + UNAME_PROCESSOR=`uname -p` + if test "$UNAME_PROCESSOR" = "x86"; then + UNAME_PROCESSOR=i386 + UNAME_MACHINE=pc + fi + echo ${UNAME_PROCESSOR}-${UNAME_MACHINE}-nto-qnx${UNAME_RELEASE} + exit ;; + *:QNX:*:4*) + echo i386-pc-qnx + exit ;; + NSE-?:NONSTOP_KERNEL:*:*) + echo nse-tandem-nsk${UNAME_RELEASE} + exit ;; + NSR-?:NONSTOP_KERNEL:*:*) + echo nsr-tandem-nsk${UNAME_RELEASE} + exit ;; + *:NonStop-UX:*:*) + echo mips-compaq-nonstopux + exit ;; + BS2000:POSIX*:*:*) + echo bs2000-siemens-sysv + exit ;; + DS/*:UNIX_System_V:*:*) + echo ${UNAME_MACHINE}-${UNAME_SYSTEM}-${UNAME_RELEASE} + exit ;; + *:Plan9:*:*) + # "uname -m" is not consistent, so use $cputype instead. 386 + # is converted to i386 for consistency with other x86 + # operating systems. + if test "$cputype" = "386"; then + UNAME_MACHINE=i386 + else + UNAME_MACHINE="$cputype" + fi + echo ${UNAME_MACHINE}-unknown-plan9 + exit ;; + *:TOPS-10:*:*) + echo pdp10-unknown-tops10 + exit ;; + *:TENEX:*:*) + echo pdp10-unknown-tenex + exit ;; + KS10:TOPS-20:*:* | KL10:TOPS-20:*:* | TYPE4:TOPS-20:*:*) + echo pdp10-dec-tops20 + exit ;; + XKL-1:TOPS-20:*:* | TYPE5:TOPS-20:*:*) + echo pdp10-xkl-tops20 + exit ;; + *:TOPS-20:*:*) + echo pdp10-unknown-tops20 + exit ;; + *:ITS:*:*) + echo pdp10-unknown-its + exit ;; + SEI:*:*:SEIUX) + echo mips-sei-seiux${UNAME_RELEASE} + exit ;; + *:DragonFly:*:*) + echo ${UNAME_MACHINE}-unknown-dragonfly`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` + exit ;; + *:*VMS:*:*) + UNAME_MACHINE=`(uname -p) 2>/dev/null` + case "${UNAME_MACHINE}" in + A*) echo alpha-dec-vms ; exit ;; + I*) echo ia64-dec-vms ; exit ;; + V*) echo vax-dec-vms ; exit ;; + esac ;; + *:XENIX:*:SysV) + echo i386-pc-xenix + exit ;; + i*86:skyos:*:*) + echo ${UNAME_MACHINE}-pc-skyos`echo ${UNAME_RELEASE}` | sed -e 's/ .*$//' + exit ;; + i*86:rdos:*:*) + echo ${UNAME_MACHINE}-pc-rdos + exit ;; + i*86:AROS:*:*) + echo ${UNAME_MACHINE}-pc-aros + exit ;; +esac + +#echo '(No uname command or uname output not recognized.)' 1>&2 +#echo "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" 1>&2 + +eval $set_cc_for_build +cat >$dummy.c < +# include +#endif +main () +{ +#if defined (sony) +#if defined (MIPSEB) + /* BFD wants "bsd" instead of "newsos". Perhaps BFD should be changed, + I don't know.... */ + printf ("mips-sony-bsd\n"); exit (0); +#else +#include + printf ("m68k-sony-newsos%s\n", +#ifdef NEWSOS4 + "4" +#else + "" +#endif + ); exit (0); +#endif +#endif + +#if defined (__arm) && defined (__acorn) && defined (__unix) + printf ("arm-acorn-riscix\n"); exit (0); +#endif + +#if defined (hp300) && !defined (hpux) + printf ("m68k-hp-bsd\n"); exit (0); +#endif + +#if defined (NeXT) +#if !defined (__ARCHITECTURE__) +#define __ARCHITECTURE__ "m68k" +#endif + int version; + version=`(hostinfo | sed -n 's/.*NeXT Mach \([0-9]*\).*/\1/p') 2>/dev/null`; + if (version < 4) + printf ("%s-next-nextstep%d\n", __ARCHITECTURE__, version); + else + printf ("%s-next-openstep%d\n", __ARCHITECTURE__, version); + exit (0); +#endif + +#if defined (MULTIMAX) || defined (n16) +#if defined (UMAXV) + printf ("ns32k-encore-sysv\n"); exit (0); +#else +#if defined (CMU) + printf ("ns32k-encore-mach\n"); exit (0); +#else + printf ("ns32k-encore-bsd\n"); exit (0); +#endif +#endif +#endif + +#if defined (__386BSD__) + printf ("i386-pc-bsd\n"); exit (0); +#endif + +#if defined (sequent) +#if defined (i386) + printf ("i386-sequent-dynix\n"); exit (0); +#endif +#if defined (ns32000) + printf ("ns32k-sequent-dynix\n"); exit (0); +#endif +#endif + +#if defined (_SEQUENT_) + struct utsname un; + + uname(&un); + + if (strncmp(un.version, "V2", 2) == 0) { + printf ("i386-sequent-ptx2\n"); exit (0); + } + if (strncmp(un.version, "V1", 2) == 0) { /* XXX is V1 correct? */ + printf ("i386-sequent-ptx1\n"); exit (0); + } + printf ("i386-sequent-ptx\n"); exit (0); + +#endif + +#if defined (vax) +# if !defined (ultrix) +# include +# if defined (BSD) +# if BSD == 43 + printf ("vax-dec-bsd4.3\n"); exit (0); +# else +# if BSD == 199006 + printf ("vax-dec-bsd4.3reno\n"); exit (0); +# else + printf ("vax-dec-bsd\n"); exit (0); +# endif +# endif +# else + printf ("vax-dec-bsd\n"); exit (0); +# endif +# else + printf ("vax-dec-ultrix\n"); exit (0); +# endif +#endif + +#if defined (alliant) && defined (i860) + printf ("i860-alliant-bsd\n"); exit (0); +#endif + + exit (1); +} +EOF + +$CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null && SYSTEM_NAME=`$dummy` && + { echo "$SYSTEM_NAME"; exit; } + +# Apollos put the system type in the environment. + +test -d /usr/apollo && { echo ${ISP}-apollo-${SYSTYPE}; exit; } + +# Convex versions that predate uname can use getsysinfo(1) + +if [ -x /usr/convex/getsysinfo ] +then + case `getsysinfo -f cpu_type` in + c1*) + echo c1-convex-bsd + exit ;; + c2*) + if getsysinfo -f scalar_acc + then echo c32-convex-bsd + else echo c2-convex-bsd + fi + exit ;; + c34*) + echo c34-convex-bsd + exit ;; + c38*) + echo c38-convex-bsd + exit ;; + c4*) + echo c4-convex-bsd + exit ;; + esac +fi + +cat >&2 < in order to provide the needed +information to handle your system. + +config.guess timestamp = $timestamp + +uname -m = `(uname -m) 2>/dev/null || echo unknown` +uname -r = `(uname -r) 2>/dev/null || echo unknown` +uname -s = `(uname -s) 2>/dev/null || echo unknown` +uname -v = `(uname -v) 2>/dev/null || echo unknown` + +/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null` +/bin/uname -X = `(/bin/uname -X) 2>/dev/null` + +hostinfo = `(hostinfo) 2>/dev/null` +/bin/universe = `(/bin/universe) 2>/dev/null` +/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null` +/bin/arch = `(/bin/arch) 2>/dev/null` +/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null` +/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null` + +UNAME_MACHINE = ${UNAME_MACHINE} +UNAME_RELEASE = ${UNAME_RELEASE} +UNAME_SYSTEM = ${UNAME_SYSTEM} +UNAME_VERSION = ${UNAME_VERSION} +EOF + +exit 1 + +# Local variables: +# eval: (add-hook 'write-file-hooks 'time-stamp) +# time-stamp-start: "timestamp='" +# time-stamp-format: "%:y-%02m-%02d" +# time-stamp-end: "'" +# End: diff -r e1d7053e4d45 -r 76dce3b9468e config.sub --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/config.sub Fri Jan 18 10:55:48 2013 +0000 @@ -0,0 +1,1714 @@ +#! /bin/sh +# Configuration validation subroutine script. +# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, +# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 +# Free Software Foundation, Inc. + +timestamp='2010-01-22' + +# This file is (in principle) common to ALL GNU software. +# The presence of a machine in this file suggests that SOME GNU software +# can handle that machine. It does not imply ALL GNU software can. +# +# This file is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA +# 02110-1301, USA. +# +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that program. + + +# Please send patches to . Submit a context +# diff and a properly formatted GNU ChangeLog entry. +# +# Configuration subroutine to validate and canonicalize a configuration type. +# Supply the specified configuration type as an argument. +# If it is invalid, we print an error message on stderr and exit with code 1. +# Otherwise, we print the canonical config type on stdout and succeed. + +# You can get the latest version of this script from: +# http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub;hb=HEAD + +# This file is supposed to be the same for all GNU packages +# and recognize all the CPU types, system types and aliases +# that are meaningful with *any* GNU software. +# Each package is responsible for reporting which valid configurations +# it does not support. The user should be able to distinguish +# a failure to support a valid configuration from a meaningless +# configuration. + +# The goal of this file is to map all the various variations of a given +# machine specification into a single specification in the form: +# CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM +# or in some cases, the newer four-part form: +# CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM +# It is wrong to echo any other type of specification. + +me=`echo "$0" | sed -e 's,.*/,,'` + +usage="\ +Usage: $0 [OPTION] CPU-MFR-OPSYS + $0 [OPTION] ALIAS + +Canonicalize a configuration name. + +Operation modes: + -h, --help print this help, then exit + -t, --time-stamp print date of last modification, then exit + -v, --version print version number, then exit + +Report bugs and patches to ." + +version="\ +GNU config.sub ($timestamp) + +Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, +2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free +Software Foundation, Inc. + +This is free software; see the source for copying conditions. There is NO +warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." + +help=" +Try \`$me --help' for more information." + +# Parse command line +while test $# -gt 0 ; do + case $1 in + --time-stamp | --time* | -t ) + echo "$timestamp" ; exit ;; + --version | -v ) + echo "$version" ; exit ;; + --help | --h* | -h ) + echo "$usage"; exit ;; + -- ) # Stop option processing + shift; break ;; + - ) # Use stdin as input. + break ;; + -* ) + echo "$me: invalid option $1$help" + exit 1 ;; + + *local*) + # First pass through any local machine types. + echo $1 + exit ;; + + * ) + break ;; + esac +done + +case $# in + 0) echo "$me: missing argument$help" >&2 + exit 1;; + 1) ;; + *) echo "$me: too many arguments$help" >&2 + exit 1;; +esac + +# Separate what the user gave into CPU-COMPANY and OS or KERNEL-OS (if any). +# Here we must recognize all the valid KERNEL-OS combinations. +maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'` +case $maybe_os in + nto-qnx* | linux-gnu* | linux-dietlibc | linux-newlib* | linux-uclibc* | \ + uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* | \ + kopensolaris*-gnu* | \ + storm-chaos* | os2-emx* | rtmk-nova*) + os=-$maybe_os + basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'` + ;; + *) + basic_machine=`echo $1 | sed 's/-[^-]*$//'` + if [ $basic_machine != $1 ] + then os=`echo $1 | sed 's/.*-/-/'` + else os=; fi + ;; +esac + +### Let's recognize common machines as not being operating systems so +### that things like config.sub decstation-3100 work. We also +### recognize some manufacturers as not being operating systems, so we +### can provide default operating systems below. +case $os in + -sun*os*) + # Prevent following clause from handling this invalid input. + ;; + -dec* | -mips* | -sequent* | -encore* | -pc532* | -sgi* | -sony* | \ + -att* | -7300* | -3300* | -delta* | -motorola* | -sun[234]* | \ + -unicom* | -ibm* | -next | -hp | -isi* | -apollo | -altos* | \ + -convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\ + -c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \ + -harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \ + -apple | -axis | -knuth | -cray | -microblaze) + os= + basic_machine=$1 + ;; + -bluegene*) + os=-cnk + ;; + -sim | -cisco | -oki | -wec | -winbond) + os= + basic_machine=$1 + ;; + -scout) + ;; + -wrs) + os=-vxworks + basic_machine=$1 + ;; + -chorusos*) + os=-chorusos + basic_machine=$1 + ;; + -chorusrdb) + os=-chorusrdb + basic_machine=$1 + ;; + -hiux*) + os=-hiuxwe2 + ;; + -sco6) + os=-sco5v6 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco5) + os=-sco3.2v5 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco4) + os=-sco3.2v4 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco3.2.[4-9]*) + os=`echo $os | sed -e 's/sco3.2./sco3.2v/'` + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco3.2v[4-9]*) + # Don't forget version if it is 3.2v4 or newer. + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco5v6*) + # Don't forget version if it is 3.2v4 or newer. + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco*) + os=-sco3.2v2 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -udk*) + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -isc) + os=-isc2.2 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -clix*) + basic_machine=clipper-intergraph + ;; + -isc*) + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -lynx*) + os=-lynxos + ;; + -ptx*) + basic_machine=`echo $1 | sed -e 's/86-.*/86-sequent/'` + ;; + -windowsnt*) + os=`echo $os | sed -e 's/windowsnt/winnt/'` + ;; + -psos*) + os=-psos + ;; + -mint | -mint[0-9]*) + basic_machine=m68k-atari + os=-mint + ;; +esac + +# Decode aliases for certain CPU-COMPANY combinations. +case $basic_machine in + # Recognize the basic CPU types without company name. + # Some are omitted here because they have special meanings below. + 1750a | 580 \ + | a29k \ + | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \ + | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \ + | am33_2.0 \ + | arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr | avr32 \ + | bfin \ + | c4x | clipper \ + | d10v | d30v | dlx | dsp16xx \ + | fido | fr30 | frv \ + | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \ + | i370 | i860 | i960 | ia64 \ + | ip2k | iq2000 \ + | lm32 \ + | m32c | m32r | m32rle | m68000 | m68k | m88k \ + | maxq | mb | microblaze | mcore | mep | metag \ + | mips | mipsbe | mipseb | mipsel | mipsle \ + | mips16 \ + | mips64 | mips64el \ + | mips64octeon | mips64octeonel \ + | mips64orion | mips64orionel \ + | mips64r5900 | mips64r5900el \ + | mips64vr | mips64vrel \ + | mips64vr4100 | mips64vr4100el \ + | mips64vr4300 | mips64vr4300el \ + | mips64vr5000 | mips64vr5000el \ + | mips64vr5900 | mips64vr5900el \ + | mipsisa32 | mipsisa32el \ + | mipsisa32r2 | mipsisa32r2el \ + | mipsisa64 | mipsisa64el \ + | mipsisa64r2 | mipsisa64r2el \ + | mipsisa64sb1 | mipsisa64sb1el \ + | mipsisa64sr71k | mipsisa64sr71kel \ + | mipstx39 | mipstx39el \ + | mn10200 | mn10300 \ + | moxie \ + | mt \ + | msp430 \ + | nios | nios2 \ + | ns16k | ns32k \ + | or32 \ + | pdp10 | pdp11 | pj | pjl \ + | powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \ + | pyramid \ + | rx \ + | score \ + | sh | sh[1234] | sh[24]a | sh[24]aeb | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \ + | sh64 | sh64le \ + | sparc | sparc64 | sparc64b | sparc64v | sparc86x | sparclet | sparclite \ + | sparcv8 | sparcv9 | sparcv9b | sparcv9v \ + | spu | strongarm \ + | tahoe | thumb | tic4x | tic80 | tron \ + | ubicom32 \ + | v850 | v850e \ + | we32k \ + | x86 | xc16x | xscale | xscalee[bl] | xstormy16 | xtensa \ + | z8k | z80) + basic_machine=$basic_machine-unknown + ;; + m6811 | m68hc11 | m6812 | m68hc12 | picochip) + # Motorola 68HC11/12. + basic_machine=$basic_machine-unknown + os=-none + ;; + m88110 | m680[12346]0 | m683?2 | m68360 | m5200 | v70 | w65 | z8k) + ;; + ms1) + basic_machine=mt-unknown + ;; + + # We use `pc' rather than `unknown' + # because (1) that's what they normally are, and + # (2) the word "unknown" tends to confuse beginning users. + i*86 | x86_64) + basic_machine=$basic_machine-pc + ;; + # Object if more than one company name word. + *-*-*) + echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2 + exit 1 + ;; + # Recognize the basic CPU types with company name. + 580-* \ + | a29k-* \ + | alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \ + | alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \ + | alphapca5[67]-* | alpha64pca5[67]-* | arc-* \ + | arm-* | armbe-* | armle-* | armeb-* | armv*-* \ + | avr-* | avr32-* \ + | bfin-* | bs2000-* \ + | c[123]* | c30-* | [cjt]90-* | c4x-* | c54x-* | c55x-* | c6x-* \ + | clipper-* | craynv-* | cydra-* \ + | d10v-* | d30v-* | dlx-* \ + | elxsi-* \ + | f30[01]-* | f700-* | fido-* | fr30-* | frv-* | fx80-* \ + | h8300-* | h8500-* \ + | hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \ + | i*86-* | i860-* | i960-* | ia64-* \ + | ip2k-* | iq2000-* \ + | lm32-* \ + | m32c-* | m32r-* | m32rle-* \ + | m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \ + | m88110-* | m88k-* | maxq-* | mcore-* | metag-* | microblaze-* \ + | mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \ + | mips16-* \ + | mips64-* | mips64el-* \ + | mips64octeon-* | mips64octeonel-* \ + | mips64orion-* | mips64orionel-* \ + | mips64r5900-* | mips64r5900el-* \ + | mips64vr-* | mips64vrel-* \ + | mips64vr4100-* | mips64vr4100el-* \ + | mips64vr4300-* | mips64vr4300el-* \ + | mips64vr5000-* | mips64vr5000el-* \ + | mips64vr5900-* | mips64vr5900el-* \ + | mipsisa32-* | mipsisa32el-* \ + | mipsisa32r2-* | mipsisa32r2el-* \ + | mipsisa64-* | mipsisa64el-* \ + | mipsisa64r2-* | mipsisa64r2el-* \ + | mipsisa64sb1-* | mipsisa64sb1el-* \ + | mipsisa64sr71k-* | mipsisa64sr71kel-* \ + | mipstx39-* | mipstx39el-* \ + | mmix-* \ + | mt-* \ + | msp430-* \ + | nios-* | nios2-* \ + | none-* | np1-* | ns16k-* | ns32k-* \ + | orion-* \ + | pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \ + | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \ + | pyramid-* \ + | romp-* | rs6000-* | rx-* \ + | sh-* | sh[1234]-* | sh[24]a-* | sh[24]aeb-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \ + | shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \ + | sparc-* | sparc64-* | sparc64b-* | sparc64v-* | sparc86x-* | sparclet-* \ + | sparclite-* \ + | sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | strongarm-* | sv1-* | sx?-* \ + | tahoe-* | thumb-* \ + | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \ + | tile-* | tilegx-* \ + | tron-* \ + | ubicom32-* \ + | v850-* | v850e-* | vax-* \ + | we32k-* \ + | x86-* | x86_64-* | xc16x-* | xps100-* | xscale-* | xscalee[bl]-* \ + | xstormy16-* | xtensa*-* \ + | ymp-* \ + | z8k-* | z80-*) + ;; + # Recognize the basic CPU types without company name, with glob match. + xtensa*) + basic_machine=$basic_machine-unknown + ;; + # Recognize the various machine names and aliases which stand + # for a CPU type and a company and sometimes even an OS. + 386bsd) + basic_machine=i386-unknown + os=-bsd + ;; + 3b1 | 7300 | 7300-att | att-7300 | pc7300 | safari | unixpc) + basic_machine=m68000-att + ;; + 3b*) + basic_machine=we32k-att + ;; + a29khif) + basic_machine=a29k-amd + os=-udi + ;; + abacus) + basic_machine=abacus-unknown + ;; + adobe68k) + basic_machine=m68010-adobe + os=-scout + ;; + alliant | fx80) + basic_machine=fx80-alliant + ;; + altos | altos3068) + basic_machine=m68k-altos + ;; + am29k) + basic_machine=a29k-none + os=-bsd + ;; + amd64) + basic_machine=x86_64-pc + ;; + amd64-*) + basic_machine=x86_64-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + amdahl) + basic_machine=580-amdahl + os=-sysv + ;; + amiga | amiga-*) + basic_machine=m68k-unknown + ;; + amigaos | amigados) + basic_machine=m68k-unknown + os=-amigaos + ;; + amigaunix | amix) + basic_machine=m68k-unknown + os=-sysv4 + ;; + apollo68) + basic_machine=m68k-apollo + os=-sysv + ;; + apollo68bsd) + basic_machine=m68k-apollo + os=-bsd + ;; + aros) + basic_machine=i386-pc + os=-aros + ;; + aux) + basic_machine=m68k-apple + os=-aux + ;; + balance) + basic_machine=ns32k-sequent + os=-dynix + ;; + blackfin) + basic_machine=bfin-unknown + os=-linux + ;; + blackfin-*) + basic_machine=bfin-`echo $basic_machine | sed 's/^[^-]*-//'` + os=-linux + ;; + bluegene*) + basic_machine=powerpc-ibm + os=-cnk + ;; + c90) + basic_machine=c90-cray + os=-unicos + ;; + cegcc) + basic_machine=arm-unknown + os=-cegcc + ;; + convex-c1) + basic_machine=c1-convex + os=-bsd + ;; + convex-c2) + basic_machine=c2-convex + os=-bsd + ;; + convex-c32) + basic_machine=c32-convex + os=-bsd + ;; + convex-c34) + basic_machine=c34-convex + os=-bsd + ;; + convex-c38) + basic_machine=c38-convex + os=-bsd + ;; + cray | j90) + basic_machine=j90-cray + os=-unicos + ;; + craynv) + basic_machine=craynv-cray + os=-unicosmp + ;; + cr16) + basic_machine=cr16-unknown + os=-elf + ;; + crds | unos) + basic_machine=m68k-crds + ;; + crisv32 | crisv32-* | etraxfs*) + basic_machine=crisv32-axis + ;; + cris | cris-* | etrax*) + basic_machine=cris-axis + ;; + crx) + basic_machine=crx-unknown + os=-elf + ;; + da30 | da30-*) + basic_machine=m68k-da30 + ;; + decstation | decstation-3100 | pmax | pmax-* | pmin | dec3100 | decstatn) + basic_machine=mips-dec + ;; + decsystem10* | dec10*) + basic_machine=pdp10-dec + os=-tops10 + ;; + decsystem20* | dec20*) + basic_machine=pdp10-dec + os=-tops20 + ;; + delta | 3300 | motorola-3300 | motorola-delta \ + | 3300-motorola | delta-motorola) + basic_machine=m68k-motorola + ;; + delta88) + basic_machine=m88k-motorola + os=-sysv3 + ;; + dicos) + basic_machine=i686-pc + os=-dicos + ;; + djgpp) + basic_machine=i586-pc + os=-msdosdjgpp + ;; + dpx20 | dpx20-*) + basic_machine=rs6000-bull + os=-bosx + ;; + dpx2* | dpx2*-bull) + basic_machine=m68k-bull + os=-sysv3 + ;; + ebmon29k) + basic_machine=a29k-amd + os=-ebmon + ;; + elxsi) + basic_machine=elxsi-elxsi + os=-bsd + ;; + encore | umax | mmax) + basic_machine=ns32k-encore + ;; + es1800 | OSE68k | ose68k | ose | OSE) + basic_machine=m68k-ericsson + os=-ose + ;; + fx2800) + basic_machine=i860-alliant + ;; + genix) + basic_machine=ns32k-ns + ;; + gmicro) + basic_machine=tron-gmicro + os=-sysv + ;; + go32) + basic_machine=i386-pc + os=-go32 + ;; + h3050r* | hiux*) + basic_machine=hppa1.1-hitachi + os=-hiuxwe2 + ;; + h8300hms) + basic_machine=h8300-hitachi + os=-hms + ;; + h8300xray) + basic_machine=h8300-hitachi + os=-xray + ;; + h8500hms) + basic_machine=h8500-hitachi + os=-hms + ;; + harris) + basic_machine=m88k-harris + os=-sysv3 + ;; + hp300-*) + basic_machine=m68k-hp + ;; + hp300bsd) + basic_machine=m68k-hp + os=-bsd + ;; + hp300hpux) + basic_machine=m68k-hp + os=-hpux + ;; + hp3k9[0-9][0-9] | hp9[0-9][0-9]) + basic_machine=hppa1.0-hp + ;; + hp9k2[0-9][0-9] | hp9k31[0-9]) + basic_machine=m68000-hp + ;; + hp9k3[2-9][0-9]) + basic_machine=m68k-hp + ;; + hp9k6[0-9][0-9] | hp6[0-9][0-9]) + basic_machine=hppa1.0-hp + ;; + hp9k7[0-79][0-9] | hp7[0-79][0-9]) + basic_machine=hppa1.1-hp + ;; + hp9k78[0-9] | hp78[0-9]) + # FIXME: really hppa2.0-hp + basic_machine=hppa1.1-hp + ;; + hp9k8[67]1 | hp8[67]1 | hp9k80[24] | hp80[24] | hp9k8[78]9 | hp8[78]9 | hp9k893 | hp893) + # FIXME: really hppa2.0-hp + basic_machine=hppa1.1-hp + ;; + hp9k8[0-9][13679] | hp8[0-9][13679]) + basic_machine=hppa1.1-hp + ;; + hp9k8[0-9][0-9] | hp8[0-9][0-9]) + basic_machine=hppa1.0-hp + ;; + hppa-next) + os=-nextstep3 + ;; + hppaosf) + basic_machine=hppa1.1-hp + os=-osf + ;; + hppro) + basic_machine=hppa1.1-hp + os=-proelf + ;; + i370-ibm* | ibm*) + basic_machine=i370-ibm + ;; +# I'm not sure what "Sysv32" means. Should this be sysv3.2? + i*86v32) + basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` + os=-sysv32 + ;; + i*86v4*) + basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` + os=-sysv4 + ;; + i*86v) + basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` + os=-sysv + ;; + i*86sol2) + basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` + os=-solaris2 + ;; + i386mach) + basic_machine=i386-mach + os=-mach + ;; + i386-vsta | vsta) + basic_machine=i386-unknown + os=-vsta + ;; + iris | iris4d) + basic_machine=mips-sgi + case $os in + -irix*) + ;; + *) + os=-irix4 + ;; + esac + ;; + isi68 | isi) + basic_machine=m68k-isi + os=-sysv + ;; + m68knommu) + basic_machine=m68k-unknown + os=-linux + ;; + m68knommu-*) + basic_machine=m68k-`echo $basic_machine | sed 's/^[^-]*-//'` + os=-linux + ;; + m88k-omron*) + basic_machine=m88k-omron + ;; + magnum | m3230) + basic_machine=mips-mips + os=-sysv + ;; + merlin) + basic_machine=ns32k-utek + os=-sysv + ;; + microblaze) + basic_machine=microblaze-xilinx + ;; + mingw32) + basic_machine=i386-pc + os=-mingw32 + ;; + mingw32ce) + basic_machine=arm-unknown + os=-mingw32ce + ;; + miniframe) + basic_machine=m68000-convergent + ;; + *mint | -mint[0-9]* | *MiNT | *MiNT[0-9]*) + basic_machine=m68k-atari + os=-mint + ;; + mips3*-*) + basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'` + ;; + mips3*) + basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`-unknown + ;; + monitor) + basic_machine=m68k-rom68k + os=-coff + ;; + morphos) + basic_machine=powerpc-unknown + os=-morphos + ;; + msdos) + basic_machine=i386-pc + os=-msdos + ;; + ms1-*) + basic_machine=`echo $basic_machine | sed -e 's/ms1-/mt-/'` + ;; + mvs) + basic_machine=i370-ibm + os=-mvs + ;; + ncr3000) + basic_machine=i486-ncr + os=-sysv4 + ;; + netbsd386) + basic_machine=i386-unknown + os=-netbsd + ;; + netwinder) + basic_machine=armv4l-rebel + os=-linux + ;; + news | news700 | news800 | news900) + basic_machine=m68k-sony + os=-newsos + ;; + news1000) + basic_machine=m68030-sony + os=-newsos + ;; + news-3600 | risc-news) + basic_machine=mips-sony + os=-newsos + ;; + necv70) + basic_machine=v70-nec + os=-sysv + ;; + next | m*-next ) + basic_machine=m68k-next + case $os in + -nextstep* ) + ;; + -ns2*) + os=-nextstep2 + ;; + *) + os=-nextstep3 + ;; + esac + ;; + nh3000) + basic_machine=m68k-harris + os=-cxux + ;; + nh[45]000) + basic_machine=m88k-harris + os=-cxux + ;; + nindy960) + basic_machine=i960-intel + os=-nindy + ;; + mon960) + basic_machine=i960-intel + os=-mon960 + ;; + nonstopux) + basic_machine=mips-compaq + os=-nonstopux + ;; + np1) + basic_machine=np1-gould + ;; + nsr-tandem) + basic_machine=nsr-tandem + ;; + op50n-* | op60c-*) + basic_machine=hppa1.1-oki + os=-proelf + ;; + openrisc | openrisc-*) + basic_machine=or32-unknown + ;; + os400) + basic_machine=powerpc-ibm + os=-os400 + ;; + OSE68000 | ose68000) + basic_machine=m68000-ericsson + os=-ose + ;; + os68k) + basic_machine=m68k-none + os=-os68k + ;; + pa-hitachi) + basic_machine=hppa1.1-hitachi + os=-hiuxwe2 + ;; + paragon) + basic_machine=i860-intel + os=-osf + ;; + parisc) + basic_machine=hppa-unknown + os=-linux + ;; + parisc-*) + basic_machine=hppa-`echo $basic_machine | sed 's/^[^-]*-//'` + os=-linux + ;; + pbd) + basic_machine=sparc-tti + ;; + pbb) + basic_machine=m68k-tti + ;; + pc532 | pc532-*) + basic_machine=ns32k-pc532 + ;; + pc98) + basic_machine=i386-pc + ;; + pc98-*) + basic_machine=i386-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + pentium | p5 | k5 | k6 | nexgen | viac3) + basic_machine=i586-pc + ;; + pentiumpro | p6 | 6x86 | athlon | athlon_*) + basic_machine=i686-pc + ;; + pentiumii | pentium2 | pentiumiii | pentium3) + basic_machine=i686-pc + ;; + pentium4) + basic_machine=i786-pc + ;; + pentium-* | p5-* | k5-* | k6-* | nexgen-* | viac3-*) + basic_machine=i586-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + pentiumpro-* | p6-* | 6x86-* | athlon-*) + basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + pentiumii-* | pentium2-* | pentiumiii-* | pentium3-*) + basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + pentium4-*) + basic_machine=i786-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + pn) + basic_machine=pn-gould + ;; + power) basic_machine=power-ibm + ;; + ppc) basic_machine=powerpc-unknown + ;; + ppc-*) basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + ppcle | powerpclittle | ppc-le | powerpc-little) + basic_machine=powerpcle-unknown + ;; + ppcle-* | powerpclittle-*) + basic_machine=powerpcle-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + ppc64) basic_machine=powerpc64-unknown + ;; + ppc64-*) basic_machine=powerpc64-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + ppc64le | powerpc64little | ppc64-le | powerpc64-little) + basic_machine=powerpc64le-unknown + ;; + ppc64le-* | powerpc64little-*) + basic_machine=powerpc64le-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + ps2) + basic_machine=i386-ibm + ;; + pw32) + basic_machine=i586-unknown + os=-pw32 + ;; + rdos) + basic_machine=i386-pc + os=-rdos + ;; + rom68k) + basic_machine=m68k-rom68k + os=-coff + ;; + rm[46]00) + basic_machine=mips-siemens + ;; + rtpc | rtpc-*) + basic_machine=romp-ibm + ;; + s390 | s390-*) + basic_machine=s390-ibm + ;; + s390x | s390x-*) + basic_machine=s390x-ibm + ;; + sa29200) + basic_machine=a29k-amd + os=-udi + ;; + sb1) + basic_machine=mipsisa64sb1-unknown + ;; + sb1el) + basic_machine=mipsisa64sb1el-unknown + ;; + sde) + basic_machine=mipsisa32-sde + os=-elf + ;; + sei) + basic_machine=mips-sei + os=-seiux + ;; + sequent) + basic_machine=i386-sequent + ;; + sh) + basic_machine=sh-hitachi + os=-hms + ;; + sh5el) + basic_machine=sh5le-unknown + ;; + sh64) + basic_machine=sh64-unknown + ;; + sparclite-wrs | simso-wrs) + basic_machine=sparclite-wrs + os=-vxworks + ;; + sps7) + basic_machine=m68k-bull + os=-sysv2 + ;; + spur) + basic_machine=spur-unknown + ;; + st2000) + basic_machine=m68k-tandem + ;; + stratus) + basic_machine=i860-stratus + os=-sysv4 + ;; + sun2) + basic_machine=m68000-sun + ;; + sun2os3) + basic_machine=m68000-sun + os=-sunos3 + ;; + sun2os4) + basic_machine=m68000-sun + os=-sunos4 + ;; + sun3os3) + basic_machine=m68k-sun + os=-sunos3 + ;; + sun3os4) + basic_machine=m68k-sun + os=-sunos4 + ;; + sun4os3) + basic_machine=sparc-sun + os=-sunos3 + ;; + sun4os4) + basic_machine=sparc-sun + os=-sunos4 + ;; + sun4sol2) + basic_machine=sparc-sun + os=-solaris2 + ;; + sun3 | sun3-*) + basic_machine=m68k-sun + ;; + sun4) + basic_machine=sparc-sun + ;; + sun386 | sun386i | roadrunner) + basic_machine=i386-sun + ;; + sv1) + basic_machine=sv1-cray + os=-unicos + ;; + symmetry) + basic_machine=i386-sequent + os=-dynix + ;; + t3e) + basic_machine=alphaev5-cray + os=-unicos + ;; + t90) + basic_machine=t90-cray + os=-unicos + ;; + tic54x | c54x*) + basic_machine=tic54x-unknown + os=-coff + ;; + tic55x | c55x*) + basic_machine=tic55x-unknown + os=-coff + ;; + tic6x | c6x*) + basic_machine=tic6x-unknown + os=-coff + ;; + # This must be matched before tile*. + tilegx*) + basic_machine=tilegx-unknown + os=-linux-gnu + ;; + tile*) + basic_machine=tile-unknown + os=-linux-gnu + ;; + tx39) + basic_machine=mipstx39-unknown + ;; + tx39el) + basic_machine=mipstx39el-unknown + ;; + toad1) + basic_machine=pdp10-xkl + os=-tops20 + ;; + tower | tower-32) + basic_machine=m68k-ncr + ;; + tpf) + basic_machine=s390x-ibm + os=-tpf + ;; + udi29k) + basic_machine=a29k-amd + os=-udi + ;; + ultra3) + basic_machine=a29k-nyu + os=-sym1 + ;; + v810 | necv810) + basic_machine=v810-nec + os=-none + ;; + vaxv) + basic_machine=vax-dec + os=-sysv + ;; + vms) + basic_machine=vax-dec + os=-vms + ;; + vpp*|vx|vx-*) + basic_machine=f301-fujitsu + ;; + vxworks960) + basic_machine=i960-wrs + os=-vxworks + ;; + vxworks68) + basic_machine=m68k-wrs + os=-vxworks + ;; + vxworks29k) + basic_machine=a29k-wrs + os=-vxworks + ;; + w65*) + basic_machine=w65-wdc + os=-none + ;; + w89k-*) + basic_machine=hppa1.1-winbond + os=-proelf + ;; + xbox) + basic_machine=i686-pc + os=-mingw32 + ;; + xps | xps100) + basic_machine=xps100-honeywell + ;; + ymp) + basic_machine=ymp-cray + os=-unicos + ;; + z8k-*-coff) + basic_machine=z8k-unknown + os=-sim + ;; + z80-*-coff) + basic_machine=z80-unknown + os=-sim + ;; + none) + basic_machine=none-none + os=-none + ;; + +# Here we handle the default manufacturer of certain CPU types. It is in +# some cases the only manufacturer, in others, it is the most popular. + w89k) + basic_machine=hppa1.1-winbond + ;; + op50n) + basic_machine=hppa1.1-oki + ;; + op60c) + basic_machine=hppa1.1-oki + ;; + romp) + basic_machine=romp-ibm + ;; + mmix) + basic_machine=mmix-knuth + ;; + rs6000) + basic_machine=rs6000-ibm + ;; + vax) + basic_machine=vax-dec + ;; + pdp10) + # there are many clones, so DEC is not a safe bet + basic_machine=pdp10-unknown + ;; + pdp11) + basic_machine=pdp11-dec + ;; + we32k) + basic_machine=we32k-att + ;; + sh[1234] | sh[24]a | sh[24]aeb | sh[34]eb | sh[1234]le | sh[23]ele) + basic_machine=sh-unknown + ;; + sparc | sparcv8 | sparcv9 | sparcv9b | sparcv9v) + basic_machine=sparc-sun + ;; + cydra) + basic_machine=cydra-cydrome + ;; + orion) + basic_machine=orion-highlevel + ;; + orion105) + basic_machine=clipper-highlevel + ;; + mac | mpw | mac-mpw) + basic_machine=m68k-apple + ;; + pmac | pmac-mpw) + basic_machine=powerpc-apple + ;; + *-unknown) + # Make sure to match an already-canonicalized machine name. + ;; + *) + echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2 + exit 1 + ;; +esac + +# Here we canonicalize certain aliases for manufacturers. +case $basic_machine in + *-digital*) + basic_machine=`echo $basic_machine | sed 's/digital.*/dec/'` + ;; + *-commodore*) + basic_machine=`echo $basic_machine | sed 's/commodore.*/cbm/'` + ;; + *) + ;; +esac + +# Decode manufacturer-specific aliases for certain operating systems. + +if [ x"$os" != x"" ] +then +case $os in + # First match some system type aliases + # that might get confused with valid system types. + # -solaris* is a basic system type, with this one exception. + -auroraux) + os=-auroraux + ;; + -solaris1 | -solaris1.*) + os=`echo $os | sed -e 's|solaris1|sunos4|'` + ;; + -solaris) + os=-solaris2 + ;; + -svr4*) + os=-sysv4 + ;; + -unixware*) + os=-sysv4.2uw + ;; + -gnu/linux*) + os=`echo $os | sed -e 's|gnu/linux|linux-gnu|'` + ;; + # First accept the basic system types. + # The portable systems comes first. + # Each alternative MUST END IN A *, to match a version number. + # -sysv* is not here because it comes later, after sysvr4. + -gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \ + | -*vms* | -sco* | -esix* | -isc* | -aix* | -cnk* | -sunos | -sunos[34]*\ + | -hpux* | -unos* | -osf* | -luna* | -dgux* | -auroraux* | -solaris* \ + | -sym* | -kopensolaris* \ + | -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \ + | -aos* | -aros* \ + | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \ + | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \ + | -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* \ + | -openbsd* | -solidbsd* \ + | -ekkobsd* | -kfreebsd* | -freebsd* | -riscix* | -lynxos* \ + | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \ + | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \ + | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \ + | -chorusos* | -chorusrdb* | -cegcc* \ + | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ + | -mingw32* | -linux-gnu* | -linux-newlib* | -linux-uclibc* \ + | -uxpv* | -beos* | -mpeix* | -udk* \ + | -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \ + | -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \ + | -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \ + | -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \ + | -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \ + | -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \ + | -skyos* | -haiku* | -rdos* | -toppers* | -drops* | -es*) + # Remember, each alternative MUST END IN *, to match a version number. + ;; + -qnx*) + case $basic_machine in + x86-* | i*86-*) + ;; + *) + os=-nto$os + ;; + esac + ;; + -nto-qnx*) + ;; + -nto*) + os=`echo $os | sed -e 's|nto|nto-qnx|'` + ;; + -sim | -es1800* | -hms* | -xray | -os68k* | -none* | -v88r* \ + | -windows* | -osx | -abug | -netware* | -os9* | -beos* | -haiku* \ + | -macos* | -mpw* | -magic* | -mmixware* | -mon960* | -lnews*) + ;; + -mac*) + os=`echo $os | sed -e 's|mac|macos|'` + ;; + -linux-dietlibc) + os=-linux-dietlibc + ;; + -linux*) + os=`echo $os | sed -e 's|linux|linux-gnu|'` + ;; + -sunos5*) + os=`echo $os | sed -e 's|sunos5|solaris2|'` + ;; + -sunos6*) + os=`echo $os | sed -e 's|sunos6|solaris3|'` + ;; + -opened*) + os=-openedition + ;; + -os400*) + os=-os400 + ;; + -wince*) + os=-wince + ;; + -osfrose*) + os=-osfrose + ;; + -osf*) + os=-osf + ;; + -utek*) + os=-bsd + ;; + -dynix*) + os=-bsd + ;; + -acis*) + os=-aos + ;; + -atheos*) + os=-atheos + ;; + -syllable*) + os=-syllable + ;; + -386bsd) + os=-bsd + ;; + -ctix* | -uts*) + os=-sysv + ;; + -nova*) + os=-rtmk-nova + ;; + -ns2 ) + os=-nextstep2 + ;; + -nsk*) + os=-nsk + ;; + # Preserve the version number of sinix5. + -sinix5.*) + os=`echo $os | sed -e 's|sinix|sysv|'` + ;; + -sinix*) + os=-sysv4 + ;; + -tpf*) + os=-tpf + ;; + -triton*) + os=-sysv3 + ;; + -oss*) + os=-sysv3 + ;; + -svr4) + os=-sysv4 + ;; + -svr3) + os=-sysv3 + ;; + -sysvr4) + os=-sysv4 + ;; + # This must come after -sysvr4. + -sysv*) + ;; + -ose*) + os=-ose + ;; + -es1800*) + os=-ose + ;; + -xenix) + os=-xenix + ;; + -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) + os=-mint + ;; + -aros*) + os=-aros + ;; + -kaos*) + os=-kaos + ;; + -zvmoe) + os=-zvmoe + ;; + -dicos*) + os=-dicos + ;; + -nacl*) + ;; + -none) + ;; + *) + # Get rid of the `-' at the beginning of $os. + os=`echo $os | sed 's/[^-]*-//'` + echo Invalid configuration \`$1\': system \`$os\' not recognized 1>&2 + exit 1 + ;; +esac +else + +# Here we handle the default operating systems that come with various machines. +# The value should be what the vendor currently ships out the door with their +# machine or put another way, the most popular os provided with the machine. + +# Note that if you're going to try to match "-MANUFACTURER" here (say, +# "-sun"), then you have to tell the case statement up towards the top +# that MANUFACTURER isn't an operating system. Otherwise, code above +# will signal an error saying that MANUFACTURER isn't an operating +# system, and we'll never get to this point. + +case $basic_machine in + score-*) + os=-elf + ;; + spu-*) + os=-elf + ;; + *-acorn) + os=-riscix1.2 + ;; + arm*-rebel) + os=-linux + ;; + arm*-semi) + os=-aout + ;; + c4x-* | tic4x-*) + os=-coff + ;; + # This must come before the *-dec entry. + pdp10-*) + os=-tops20 + ;; + pdp11-*) + os=-none + ;; + *-dec | vax-*) + os=-ultrix4.2 + ;; + m68*-apollo) + os=-domain + ;; + i386-sun) + os=-sunos4.0.2 + ;; + m68000-sun) + os=-sunos3 + # This also exists in the configure program, but was not the + # default. + # os=-sunos4 + ;; + m68*-cisco) + os=-aout + ;; + mep-*) + os=-elf + ;; + mips*-cisco) + os=-elf + ;; + mips*-*) + os=-elf + ;; + or32-*) + os=-coff + ;; + *-tti) # must be before sparc entry or we get the wrong os. + os=-sysv3 + ;; + sparc-* | *-sun) + os=-sunos4.1.1 + ;; + *-be) + os=-beos + ;; + *-haiku) + os=-haiku + ;; + *-ibm) + os=-aix + ;; + *-knuth) + os=-mmixware + ;; + *-wec) + os=-proelf + ;; + *-winbond) + os=-proelf + ;; + *-oki) + os=-proelf + ;; + *-hp) + os=-hpux + ;; + *-hitachi) + os=-hiux + ;; + i860-* | *-att | *-ncr | *-altos | *-motorola | *-convergent) + os=-sysv + ;; + *-cbm) + os=-amigaos + ;; + *-dg) + os=-dgux + ;; + *-dolphin) + os=-sysv3 + ;; + m68k-ccur) + os=-rtu + ;; + m88k-omron*) + os=-luna + ;; + *-next ) + os=-nextstep + ;; + *-sequent) + os=-ptx + ;; + *-crds) + os=-unos + ;; + *-ns) + os=-genix + ;; + i370-*) + os=-mvs + ;; + *-next) + os=-nextstep3 + ;; + *-gould) + os=-sysv + ;; + *-highlevel) + os=-bsd + ;; + *-encore) + os=-bsd + ;; + *-sgi) + os=-irix + ;; + *-siemens) + os=-sysv4 + ;; + *-masscomp) + os=-rtu + ;; + f30[01]-fujitsu | f700-fujitsu) + os=-uxpv + ;; + *-rom68k) + os=-coff + ;; + *-*bug) + os=-coff + ;; + *-apple) + os=-macos + ;; + *-atari*) + os=-mint + ;; + *) + os=-none + ;; +esac +fi + +# Here we handle the case where we know the os, and the CPU type, but not the +# manufacturer. We pick the logical manufacturer. +vendor=unknown +case $basic_machine in + *-unknown) + case $os in + -riscix*) + vendor=acorn + ;; + -sunos*) + vendor=sun + ;; + -cnk*|-aix*) + vendor=ibm + ;; + -beos*) + vendor=be + ;; + -hpux*) + vendor=hp + ;; + -mpeix*) + vendor=hp + ;; + -hiux*) + vendor=hitachi + ;; + -unos*) + vendor=crds + ;; + -dgux*) + vendor=dg + ;; + -luna*) + vendor=omron + ;; + -genix*) + vendor=ns + ;; + -mvs* | -opened*) + vendor=ibm + ;; + -os400*) + vendor=ibm + ;; + -ptx*) + vendor=sequent + ;; + -tpf*) + vendor=ibm + ;; + -vxsim* | -vxworks* | -windiss*) + vendor=wrs + ;; + -aux*) + vendor=apple + ;; + -hms*) + vendor=hitachi + ;; + -mpw* | -macos*) + vendor=apple + ;; + -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) + vendor=atari + ;; + -vos*) + vendor=stratus + ;; + esac + basic_machine=`echo $basic_machine | sed "s/unknown/$vendor/"` + ;; +esac + +echo $basic_machine$os +exit + +# Local variables: +# eval: (add-hook 'write-file-hooks 'time-stamp) +# time-stamp-start: "timestamp='" +# time-stamp-format: "%:y-%02m-%02d" +# time-stamp-end: "'" +# End: diff -r e1d7053e4d45 -r 76dce3b9468e configure --- a/configure Fri Jan 18 10:55:47 2013 +0000 +++ b/configure Fri Jan 18 10:55:48 2013 +0000 @@ -1,2 +1,2555 @@ -#!/bin/sh -e -cd tools && ./configure $@ +#! /bin/sh +# Guess values for system-dependent variables and create Makefiles. +# Generated by GNU Autoconf 2.67 for Xen Hypervisor 4.3. +# +# Report bugs to . +# +# +# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001, +# 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free Software +# Foundation, Inc. +# +# +# This configure script is free software; the Free Software Foundation +# gives unlimited permission to copy, distribute and modify it. +## -------------------- ## +## M4sh Initialization. ## +## -------------------- ## + +# Be more Bourne compatible +DUALCASE=1; export DUALCASE # for MKS sh +if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : + emulate sh + NULLCMD=: + # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which + # is contrary to our usage. Disable this feature. + alias -g '${1+"$@"}'='"$@"' + setopt NO_GLOB_SUBST +else + case `(set -o) 2>/dev/null` in #( + *posix*) : + set -o posix ;; #( + *) : + ;; +esac +fi + + +as_nl=' +' +export as_nl +# Printing a long string crashes Solaris 7 /usr/bin/printf. +as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo +# Prefer a ksh shell builtin over an external printf program on Solaris, +# but without wasting forks for bash or zsh. +if test -z "$BASH_VERSION$ZSH_VERSION" \ + && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then + as_echo='print -r --' + as_echo_n='print -rn --' +elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then + as_echo='printf %s\n' + as_echo_n='printf %s' +else + if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then + as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"' + as_echo_n='/usr/ucb/echo -n' + else + as_echo_body='eval expr "X$1" : "X\\(.*\\)"' + as_echo_n_body='eval + arg=$1; + case $arg in #( + *"$as_nl"*) + expr "X$arg" : "X\\(.*\\)$as_nl"; + arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;; + esac; + expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl" + ' + export as_echo_n_body + as_echo_n='sh -c $as_echo_n_body as_echo' + fi + export as_echo_body + as_echo='sh -c $as_echo_body as_echo' +fi + +# The user is always right. +if test "${PATH_SEPARATOR+set}" != set; then + PATH_SEPARATOR=: + (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { + (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || + PATH_SEPARATOR=';' + } +fi + + +# IFS +# We need space, tab and new line, in precisely that order. Quoting is +# there to prevent editors from complaining about space-tab. +# (If _AS_PATH_WALK were called with IFS unset, it would disable word +# splitting by setting IFS to empty value.) +IFS=" "" $as_nl" + +# Find who we are. Look in the path if we contain no directory separator. +case $0 in #(( + *[\\/]* ) as_myself=$0 ;; + *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break + done +IFS=$as_save_IFS + + ;; +esac +# We did not find ourselves, most probably we were run as `sh COMMAND' +# in which case we are not to be found in the path. +if test "x$as_myself" = x; then + as_myself=$0 +fi +if test ! -f "$as_myself"; then + $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 + exit 1 +fi + +# Unset variables that we do not need and which cause bugs (e.g. in +# pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1" +# suppresses any "Segmentation fault" message there. '((' could +# trigger a bug in pdksh 5.2.14. +for as_var in BASH_ENV ENV MAIL MAILPATH +do eval test x\${$as_var+set} = xset \ + && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : +done +PS1='$ ' +PS2='> ' +PS4='+ ' + +# NLS nuisances. +LC_ALL=C +export LC_ALL +LANGUAGE=C +export LANGUAGE + +# CDPATH. +(unset CDPATH) >/dev/null 2>&1 && unset CDPATH + +if test "x$CONFIG_SHELL" = x; then + as_bourne_compatible="if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then : + emulate sh + NULLCMD=: + # Pre-4.2 versions of Zsh do word splitting on \${1+\"\$@\"}, which + # is contrary to our usage. Disable this feature. + alias -g '\${1+\"\$@\"}'='\"\$@\"' + setopt NO_GLOB_SUBST +else + case \`(set -o) 2>/dev/null\` in #( + *posix*) : + set -o posix ;; #( + *) : + ;; +esac +fi +" + as_required="as_fn_return () { (exit \$1); } +as_fn_success () { as_fn_return 0; } +as_fn_failure () { as_fn_return 1; } +as_fn_ret_success () { return 0; } +as_fn_ret_failure () { return 1; } + +exitcode=0 +as_fn_success || { exitcode=1; echo as_fn_success failed.; } +as_fn_failure && { exitcode=1; echo as_fn_failure succeeded.; } +as_fn_ret_success || { exitcode=1; echo as_fn_ret_success failed.; } +as_fn_ret_failure && { exitcode=1; echo as_fn_ret_failure succeeded.; } +if ( set x; as_fn_ret_success y && test x = \"\$1\" ); then : + +else + exitcode=1; echo positional parameters were not saved. +fi +test x\$exitcode = x0 || exit 1" + as_suggested=" as_lineno_1=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_1a=\$LINENO + as_lineno_2=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_2a=\$LINENO + eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" && + test \"x\`expr \$as_lineno_1'\$as_run' + 1\`\" = \"x\$as_lineno_2'\$as_run'\"' || exit 1" + if (eval "$as_required") 2>/dev/null; then : + as_have_required=yes +else + as_have_required=no +fi + if test x$as_have_required = xyes && (eval "$as_suggested") 2>/dev/null; then : + +else + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +as_found=false +for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + as_found=: + case $as_dir in #( + /*) + for as_base in sh bash ksh sh5; do + # Try only shells that exist, to save several forks. + as_shell=$as_dir/$as_base + if { test -f "$as_shell" || test -f "$as_shell.exe"; } && + { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$as_shell"; } 2>/dev/null; then : + CONFIG_SHELL=$as_shell as_have_required=yes + if { $as_echo "$as_bourne_compatible""$as_suggested" | as_run=a "$as_shell"; } 2>/dev/null; then : + break 2 +fi +fi + done;; + esac + as_found=false +done +$as_found || { if { test -f "$SHELL" || test -f "$SHELL.exe"; } && + { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$SHELL"; } 2>/dev/null; then : + CONFIG_SHELL=$SHELL as_have_required=yes +fi; } +IFS=$as_save_IFS + + + if test "x$CONFIG_SHELL" != x; then : + # We cannot yet assume a decent shell, so we have to provide a + # neutralization value for shells without unset; and this also + # works around shells that cannot unset nonexistent variables. + BASH_ENV=/dev/null + ENV=/dev/null + (unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV + export CONFIG_SHELL + exec "$CONFIG_SHELL" "$as_myself" ${1+"$@"} +fi + + if test x$as_have_required = xno; then : + $as_echo "$0: This script requires a shell more modern than all" + $as_echo "$0: the shells that I found on your system." + if test x${ZSH_VERSION+set} = xset ; then + $as_echo "$0: In particular, zsh $ZSH_VERSION has bugs and should" + $as_echo "$0: be upgraded to zsh 4.3.4 or later." + else + $as_echo "$0: Please tell bug-autoconf@gnu.org and +$0: xen-devel@lists.xen.org about your system, including +$0: any error possibly output before this message. Then +$0: install a modern shell, or manually run the script +$0: under such a shell if you do have one." + fi + exit 1 +fi +fi +fi +SHELL=${CONFIG_SHELL-/bin/sh} +export SHELL +# Unset more variables known to interfere with behavior of common tools. +CLICOLOR_FORCE= GREP_OPTIONS= +unset CLICOLOR_FORCE GREP_OPTIONS + +## --------------------- ## +## M4sh Shell Functions. ## +## --------------------- ## +# as_fn_unset VAR +# --------------- +# Portably unset VAR. +as_fn_unset () +{ + { eval $1=; unset $1;} +} +as_unset=as_fn_unset + +# as_fn_set_status STATUS +# ----------------------- +# Set $? to STATUS, without forking. +as_fn_set_status () +{ + return $1 +} # as_fn_set_status + +# as_fn_exit STATUS +# ----------------- +# Exit the shell with STATUS, even in a "trap 0" or "set -e" context. +as_fn_exit () +{ + set +e + as_fn_set_status $1 + exit $1 +} # as_fn_exit + +# as_fn_mkdir_p +# ------------- +# Create "$as_dir" as a directory, including parents if necessary. +as_fn_mkdir_p () +{ + + case $as_dir in #( + -*) as_dir=./$as_dir;; + esac + test -d "$as_dir" || eval $as_mkdir_p || { + as_dirs= + while :; do + case $as_dir in #( + *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( + *) as_qdir=$as_dir;; + esac + as_dirs="'$as_qdir' $as_dirs" + as_dir=`$as_dirname -- "$as_dir" || +$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$as_dir" : 'X\(//\)[^/]' \| \ + X"$as_dir" : 'X\(//\)$' \| \ + X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$as_dir" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + test -d "$as_dir" && break + done + test -z "$as_dirs" || eval "mkdir $as_dirs" + } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" + + +} # as_fn_mkdir_p +# as_fn_append VAR VALUE +# ---------------------- +# Append the text in VALUE to the end of the definition contained in VAR. Take +# advantage of any shell optimizations that allow amortized linear growth over +# repeated appends, instead of the typical quadratic growth present in naive +# implementations. +if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then : + eval 'as_fn_append () + { + eval $1+=\$2 + }' +else + as_fn_append () + { + eval $1=\$$1\$2 + } +fi # as_fn_append + +# as_fn_arith ARG... +# ------------------ +# Perform arithmetic evaluation on the ARGs, and store the result in the +# global $as_val. Take advantage of shells that can avoid forks. The arguments +# must be portable across $(()) and expr. +if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then : + eval 'as_fn_arith () + { + as_val=$(( $* )) + }' +else + as_fn_arith () + { + as_val=`expr "$@" || test $? -eq 1` + } +fi # as_fn_arith + + +# as_fn_error STATUS ERROR [LINENO LOG_FD] +# ---------------------------------------- +# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are +# provided, also output the error to LOG_FD, referencing LINENO. Then exit the +# script with STATUS, using 1 if that was 0. +as_fn_error () +{ + as_status=$1; test $as_status -eq 0 && as_status=1 + if test "$4"; then + as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 + fi + $as_echo "$as_me: error: $2" >&2 + as_fn_exit $as_status +} # as_fn_error + +if expr a : '\(a\)' >/dev/null 2>&1 && + test "X`expr 00001 : '.*\(...\)'`" = X001; then + as_expr=expr +else + as_expr=false +fi + +if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then + as_basename=basename +else + as_basename=false +fi + +if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then + as_dirname=dirname +else + as_dirname=false +fi + +as_me=`$as_basename -- "$0" || +$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ + X"$0" : 'X\(//\)$' \| \ + X"$0" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X/"$0" | + sed '/^.*\/\([^/][^/]*\)\/*$/{ + s//\1/ + q + } + /^X\/\(\/\/\)$/{ + s//\1/ + q + } + /^X\/\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + +# Avoid depending upon Character Ranges. +as_cr_letters='abcdefghijklmnopqrstuvwxyz' +as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' +as_cr_Letters=$as_cr_letters$as_cr_LETTERS +as_cr_digits='0123456789' +as_cr_alnum=$as_cr_Letters$as_cr_digits + + + as_lineno_1=$LINENO as_lineno_1a=$LINENO + as_lineno_2=$LINENO as_lineno_2a=$LINENO + eval 'test "x$as_lineno_1'$as_run'" != "x$as_lineno_2'$as_run'" && + test "x`expr $as_lineno_1'$as_run' + 1`" = "x$as_lineno_2'$as_run'"' || { + # Blame Lee E. McMahon (1931-1989) for sed's syntax. :-) + sed -n ' + p + /[$]LINENO/= + ' <$as_myself | + sed ' + s/[$]LINENO.*/&-/ + t lineno + b + :lineno + N + :loop + s/[$]LINENO\([^'$as_cr_alnum'_].*\n\)\(.*\)/\2\1\2/ + t loop + s/-\n.*// + ' >$as_me.lineno && + chmod +x "$as_me.lineno" || + { $as_echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; } + + # Don't try to exec as it changes $[0], causing all sort of problems + # (the dirname of $[0] is not the place where we might find the + # original and so on. Autoconf is especially sensitive to this). + . "./$as_me.lineno" + # Exit status is that of the last command. + exit +} + +ECHO_C= ECHO_N= ECHO_T= +case `echo -n x` in #((((( +-n*) + case `echo 'xy\c'` in + *c*) ECHO_T=' ';; # ECHO_T is single tab character. + xy) ECHO_C='\c';; + *) echo `echo ksh88 bug on AIX 6.1` > /dev/null + ECHO_T=' ';; + esac;; +*) + ECHO_N='-n';; +esac + +rm -f conf$$ conf$$.exe conf$$.file +if test -d conf$$.dir; then + rm -f conf$$.dir/conf$$.file +else + rm -f conf$$.dir + mkdir conf$$.dir 2>/dev/null +fi +if (echo >conf$$.file) 2>/dev/null; then + if ln -s conf$$.file conf$$ 2>/dev/null; then + as_ln_s='ln -s' + # ... but there are two gotchas: + # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. + # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. + # In both cases, we have to default to `cp -p'. + ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || + as_ln_s='cp -p' + elif ln conf$$.file conf$$ 2>/dev/null; then + as_ln_s=ln + else + as_ln_s='cp -p' + fi +else + as_ln_s='cp -p' +fi +rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file +rmdir conf$$.dir 2>/dev/null + +if mkdir -p . 2>/dev/null; then + as_mkdir_p='mkdir -p "$as_dir"' +else + test -d ./-p && rmdir ./-p + as_mkdir_p=false +fi + +if test -x / >/dev/null 2>&1; then + as_test_x='test -x' +else + if ls -dL / >/dev/null 2>&1; then + as_ls_L_option=L + else + as_ls_L_option= + fi + as_test_x=' + eval sh -c '\'' + if test -d "$1"; then + test -d "$1/."; + else + case $1 in #( + -*)set "./$1";; + esac; + case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in #(( + ???[sx]*):;;*)false;;esac;fi + '\'' sh + ' +fi +as_executable_p=$as_test_x + +# Sed expression to map a string onto a valid CPP name. +as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" + +# Sed expression to map a string onto a valid variable name. +as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" + + +test -n "$DJDIR" || exec 7<&0 &1 + +# Name of the host. +# hostname on some systems (SVR3.2, old GNU/Linux) returns a bogus exit status, +# so uname gets run too. +ac_hostname=`(hostname || uname -n) 2>/dev/null | sed 1q` + +# +# Initializations. +# +ac_default_prefix=/usr/local +ac_clean_files= +ac_config_libobj_dir=. +LIBOBJS= +cross_compiling=no +subdirs= +MFLAGS= +MAKEFLAGS= + +# Identity of this package. +PACKAGE_NAME='Xen Hypervisor' +PACKAGE_TARNAME='xen' +PACKAGE_VERSION='4.3' +PACKAGE_STRING='Xen Hypervisor 4.3' +PACKAGE_BUGREPORT='xen-devel@lists.xen.org' +PACKAGE_URL='http://www.xen.org/' + +ac_unique_file="./xen/common/kernel.c" +ac_default_prefix=/usr +enable_option_checking=no +ac_subst_vars='LTLIBOBJS +LIBOBJS +subdirs +target_alias +host_alias +build_alias +LIBS +ECHO_T +ECHO_N +ECHO_C +DEFS +mandir +localedir +libdir +psdir +pdfdir +dvidir +htmldir +infodir +docdir +oldincludedir +includedir +localstatedir +sharedstatedir +sysconfdir +datadir +datarootdir +libexecdir +sbindir +bindir +program_transform_name +prefix +exec_prefix +PACKAGE_URL +PACKAGE_BUGREPORT +PACKAGE_STRING +PACKAGE_VERSION +PACKAGE_TARNAME +PACKAGE_NAME +PATH_SEPARATOR +SHELL' +ac_subst_files='' +ac_user_opts=' +enable_option_checking +' + ac_precious_vars='build_alias +host_alias +target_alias' +ac_subdirs_all='tools stubdom' + +# Initialize some variables set by options. +ac_init_help= +ac_init_version=false +ac_unrecognized_opts= +ac_unrecognized_sep= +# The variables have the same names as the options, with +# dashes changed to underlines. +cache_file=/dev/null +exec_prefix=NONE +no_create= +no_recursion= +prefix=NONE +program_prefix=NONE +program_suffix=NONE +program_transform_name=s,x,x, +silent= +site= +srcdir= +verbose= +x_includes=NONE +x_libraries=NONE + +# Installation directory options. +# These are left unexpanded so users can "make install exec_prefix=/foo" +# and all the variables that are supposed to be based on exec_prefix +# by default will actually change. +# Use braces instead of parens because sh, perl, etc. also accept them. +# (The list follows the same order as the GNU Coding Standards.) +bindir='${exec_prefix}/bin' +sbindir='${exec_prefix}/sbin' +libexecdir='${exec_prefix}/libexec' +datarootdir='${prefix}/share' +datadir='${datarootdir}' +sysconfdir='${prefix}/etc' +sharedstatedir='${prefix}/com' +localstatedir='${prefix}/var' +includedir='${prefix}/include' +oldincludedir='/usr/include' +docdir='${datarootdir}/doc/${PACKAGE_TARNAME}' +infodir='${datarootdir}/info' +htmldir='${docdir}' +dvidir='${docdir}' +pdfdir='${docdir}' +psdir='${docdir}' +libdir='${exec_prefix}/lib' +localedir='${datarootdir}/locale' +mandir='${datarootdir}/man' + +ac_prev= +ac_dashdash= +for ac_option +do + # If the previous option needs an argument, assign it. + if test -n "$ac_prev"; then + eval $ac_prev=\$ac_option + ac_prev= + continue + fi + + case $ac_option in + *=?*) ac_optarg=`expr "X$ac_option" : '[^=]*=\(.*\)'` ;; + *=) ac_optarg= ;; + *) ac_optarg=yes ;; + esac + + # Accept the important Cygnus configure options, so we can diagnose typos. + + case $ac_dashdash$ac_option in + --) + ac_dashdash=yes ;; + + -bindir | --bindir | --bindi | --bind | --bin | --bi) + ac_prev=bindir ;; + -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*) + bindir=$ac_optarg ;; + + -build | --build | --buil | --bui | --bu) + ac_prev=build_alias ;; + -build=* | --build=* | --buil=* | --bui=* | --bu=*) + build_alias=$ac_optarg ;; + + -cache-file | --cache-file | --cache-fil | --cache-fi \ + | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c) + ac_prev=cache_file ;; + -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \ + | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*) + cache_file=$ac_optarg ;; + + --config-cache | -C) + cache_file=config.cache ;; + + -datadir | --datadir | --datadi | --datad) + ac_prev=datadir ;; + -datadir=* | --datadir=* | --datadi=* | --datad=*) + datadir=$ac_optarg ;; + + -datarootdir | --datarootdir | --datarootdi | --datarootd | --dataroot \ + | --dataroo | --dataro | --datar) + ac_prev=datarootdir ;; + -datarootdir=* | --datarootdir=* | --datarootdi=* | --datarootd=* \ + | --dataroot=* | --dataroo=* | --dataro=* | --datar=*) + datarootdir=$ac_optarg ;; + + -disable-* | --disable-*) + ac_useropt=`expr "x$ac_option" : 'x-*disable-\(.*\)'` + # Reject names that are not valid shell variable names. + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error $? "invalid feature name: $ac_useropt" + ac_useropt_orig=$ac_useropt + ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"enable_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--disable-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval enable_$ac_useropt=no ;; + + -docdir | --docdir | --docdi | --doc | --do) + ac_prev=docdir ;; + -docdir=* | --docdir=* | --docdi=* | --doc=* | --do=*) + docdir=$ac_optarg ;; + + -dvidir | --dvidir | --dvidi | --dvid | --dvi | --dv) + ac_prev=dvidir ;; + -dvidir=* | --dvidir=* | --dvidi=* | --dvid=* | --dvi=* | --dv=*) + dvidir=$ac_optarg ;; + + -enable-* | --enable-*) + ac_useropt=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'` + # Reject names that are not valid shell variable names. + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error $? "invalid feature name: $ac_useropt" + ac_useropt_orig=$ac_useropt + ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"enable_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--enable-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval enable_$ac_useropt=\$ac_optarg ;; + + -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \ + | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \ + | --exec | --exe | --ex) + ac_prev=exec_prefix ;; + -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \ + | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \ + | --exec=* | --exe=* | --ex=*) + exec_prefix=$ac_optarg ;; + + -gas | --gas | --ga | --g) + # Obsolete; use --with-gas. + with_gas=yes ;; + + -help | --help | --hel | --he | -h) + ac_init_help=long ;; + -help=r* | --help=r* | --hel=r* | --he=r* | -hr*) + ac_init_help=recursive ;; + -help=s* | --help=s* | --hel=s* | --he=s* | -hs*) + ac_init_help=short ;; + + -host | --host | --hos | --ho) + ac_prev=host_alias ;; + -host=* | --host=* | --hos=* | --ho=*) + host_alias=$ac_optarg ;; + + -htmldir | --htmldir | --htmldi | --htmld | --html | --htm | --ht) + ac_prev=htmldir ;; + -htmldir=* | --htmldir=* | --htmldi=* | --htmld=* | --html=* | --htm=* \ + | --ht=*) + htmldir=$ac_optarg ;; + + -includedir | --includedir | --includedi | --included | --include \ + | --includ | --inclu | --incl | --inc) + ac_prev=includedir ;; + -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \ + | --includ=* | --inclu=* | --incl=* | --inc=*) + includedir=$ac_optarg ;; + + -infodir | --infodir | --infodi | --infod | --info | --inf) + ac_prev=infodir ;; + -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*) + infodir=$ac_optarg ;; + + -libdir | --libdir | --libdi | --libd) + ac_prev=libdir ;; + -libdir=* | --libdir=* | --libdi=* | --libd=*) + libdir=$ac_optarg ;; + + -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \ + | --libexe | --libex | --libe) + ac_prev=libexecdir ;; + -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \ + | --libexe=* | --libex=* | --libe=*) + libexecdir=$ac_optarg ;; + + -localedir | --localedir | --localedi | --localed | --locale) + ac_prev=localedir ;; + -localedir=* | --localedir=* | --localedi=* | --localed=* | --locale=*) + localedir=$ac_optarg ;; + + -localstatedir | --localstatedir | --localstatedi | --localstated \ + | --localstate | --localstat | --localsta | --localst | --locals) + ac_prev=localstatedir ;; + -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \ + | --localstate=* | --localstat=* | --localsta=* | --localst=* | --locals=*) + localstatedir=$ac_optarg ;; + + -mandir | --mandir | --mandi | --mand | --man | --ma | --m) + ac_prev=mandir ;; + -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*) + mandir=$ac_optarg ;; + + -nfp | --nfp | --nf) + # Obsolete; use --without-fp. + with_fp=no ;; + + -no-create | --no-create | --no-creat | --no-crea | --no-cre \ + | --no-cr | --no-c | -n) + no_create=yes ;; + + -no-recursion | --no-recursion | --no-recursio | --no-recursi \ + | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) + no_recursion=yes ;; + + -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \ + | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \ + | --oldin | --oldi | --old | --ol | --o) + ac_prev=oldincludedir ;; + -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \ + | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \ + | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*) + oldincludedir=$ac_optarg ;; + + -prefix | --prefix | --prefi | --pref | --pre | --pr | --p) + ac_prev=prefix ;; + -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*) + prefix=$ac_optarg ;; + + -program-prefix | --program-prefix | --program-prefi | --program-pref \ + | --program-pre | --program-pr | --program-p) + ac_prev=program_prefix ;; + -program-prefix=* | --program-prefix=* | --program-prefi=* \ + | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*) + program_prefix=$ac_optarg ;; + + -program-suffix | --program-suffix | --program-suffi | --program-suff \ + | --program-suf | --program-su | --program-s) + ac_prev=program_suffix ;; + -program-suffix=* | --program-suffix=* | --program-suffi=* \ + | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*) + program_suffix=$ac_optarg ;; + + -program-transform-name | --program-transform-name \ + | --program-transform-nam | --program-transform-na \ + | --program-transform-n | --program-transform- \ + | --program-transform | --program-transfor \ + | --program-transfo | --program-transf \ + | --program-trans | --program-tran \ + | --progr-tra | --program-tr | --program-t) + ac_prev=program_transform_name ;; + -program-transform-name=* | --program-transform-name=* \ + | --program-transform-nam=* | --program-transform-na=* \ + | --program-transform-n=* | --program-transform-=* \ + | --program-transform=* | --program-transfor=* \ + | --program-transfo=* | --program-transf=* \ + | --program-trans=* | --program-tran=* \ + | --progr-tra=* | --program-tr=* | --program-t=*) + program_transform_name=$ac_optarg ;; + + -pdfdir | --pdfdir | --pdfdi | --pdfd | --pdf | --pd) + ac_prev=pdfdir ;; + -pdfdir=* | --pdfdir=* | --pdfdi=* | --pdfd=* | --pdf=* | --pd=*) + pdfdir=$ac_optarg ;; + + -psdir | --psdir | --psdi | --psd | --ps) + ac_prev=psdir ;; + -psdir=* | --psdir=* | --psdi=* | --psd=* | --ps=*) + psdir=$ac_optarg ;; + + -q | -quiet | --quiet | --quie | --qui | --qu | --q \ + | -silent | --silent | --silen | --sile | --sil) + silent=yes ;; + + -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) + ac_prev=sbindir ;; + -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ + | --sbi=* | --sb=*) + sbindir=$ac_optarg ;; + + -sharedstatedir | --sharedstatedir | --sharedstatedi \ + | --sharedstated | --sharedstate | --sharedstat | --sharedsta \ + | --sharedst | --shareds | --shared | --share | --shar \ + | --sha | --sh) + ac_prev=sharedstatedir ;; + -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \ + | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \ + | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \ + | --sha=* | --sh=*) + sharedstatedir=$ac_optarg ;; + + -site | --site | --sit) + ac_prev=site ;; + -site=* | --site=* | --sit=*) + site=$ac_optarg ;; + + -srcdir | --srcdir | --srcdi | --srcd | --src | --sr) + ac_prev=srcdir ;; + -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*) + srcdir=$ac_optarg ;; + + -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \ + | --syscon | --sysco | --sysc | --sys | --sy) + ac_prev=sysconfdir ;; + -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \ + | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*) + sysconfdir=$ac_optarg ;; + + -target | --target | --targe | --targ | --tar | --ta | --t) + ac_prev=target_alias ;; + -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*) + target_alias=$ac_optarg ;; + + -v | -verbose | --verbose | --verbos | --verbo | --verb) + verbose=yes ;; + + -version | --version | --versio | --versi | --vers | -V) + ac_init_version=: ;; + + -with-* | --with-*) + ac_useropt=`expr "x$ac_option" : 'x-*with-\([^=]*\)'` + # Reject names that are not valid shell variable names. + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error $? "invalid package name: $ac_useropt" + ac_useropt_orig=$ac_useropt + ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"with_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--with-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval with_$ac_useropt=\$ac_optarg ;; + + -without-* | --without-*) + ac_useropt=`expr "x$ac_option" : 'x-*without-\(.*\)'` + # Reject names that are not valid shell variable names. + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error $? "invalid package name: $ac_useropt" + ac_useropt_orig=$ac_useropt + ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"with_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--without-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval with_$ac_useropt=no ;; + + --x) + # Obsolete; use --with-x. + with_x=yes ;; + + -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \ + | --x-incl | --x-inc | --x-in | --x-i) + ac_prev=x_includes ;; + -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \ + | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*) + x_includes=$ac_optarg ;; + + -x-libraries | --x-libraries | --x-librarie | --x-librari \ + | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l) + ac_prev=x_libraries ;; + -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \ + | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*) + x_libraries=$ac_optarg ;; + + -*) as_fn_error $? "unrecognized option: \`$ac_option' +Try \`$0 --help' for more information" + ;; + + *=*) + ac_envvar=`expr "x$ac_option" : 'x\([^=]*\)='` + # Reject names that are not valid shell variable names. + case $ac_envvar in #( + '' | [0-9]* | *[!_$as_cr_alnum]* ) + as_fn_error $? "invalid variable name: \`$ac_envvar'" ;; + esac + eval $ac_envvar=\$ac_optarg + export $ac_envvar ;; + + *) + # FIXME: should be removed in autoconf 3.0. + $as_echo "$as_me: WARNING: you should use --build, --host, --target" >&2 + expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null && + $as_echo "$as_me: WARNING: invalid host type: $ac_option" >&2 + : ${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option} + ;; + + esac +done + +if test -n "$ac_prev"; then + ac_option=--`echo $ac_prev | sed 's/_/-/g'` + as_fn_error $? "missing argument to $ac_option" +fi + +if test -n "$ac_unrecognized_opts"; then + case $enable_option_checking in + no) ;; + fatal) as_fn_error $? "unrecognized options: $ac_unrecognized_opts" ;; + *) $as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2 ;; + esac +fi + +# Check all directory arguments for consistency. +for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \ + datadir sysconfdir sharedstatedir localstatedir includedir \ + oldincludedir docdir infodir htmldir dvidir pdfdir psdir \ + libdir localedir mandir +do + eval ac_val=\$$ac_var + # Remove trailing slashes. + case $ac_val in + */ ) + ac_val=`expr "X$ac_val" : 'X\(.*[^/]\)' \| "X$ac_val" : 'X\(.*\)'` + eval $ac_var=\$ac_val;; + esac + # Be sure to have absolute directory names. + case $ac_val in + [\\/$]* | ?:[\\/]* ) continue;; + NONE | '' ) case $ac_var in *prefix ) continue;; esac;; + esac + as_fn_error $? "expected an absolute directory name for --$ac_var: $ac_val" +done + +# There might be people who depend on the old broken behavior: `$host' +# used to hold the argument of --host etc. +# FIXME: To remove some day. +build=$build_alias +host=$host_alias +target=$target_alias + +# FIXME: To remove some day. +if test "x$host_alias" != x; then + if test "x$build_alias" = x; then + cross_compiling=maybe + $as_echo "$as_me: WARNING: if you wanted to set the --build type, don't use --host. + If a cross compiler is detected then cross compile mode will be used" >&2 + elif test "x$build_alias" != "x$host_alias"; then + cross_compiling=yes + fi +fi + +ac_tool_prefix= +test -n "$host_alias" && ac_tool_prefix=$host_alias- + +test "$silent" = yes && exec 6>/dev/null + + +ac_pwd=`pwd` && test -n "$ac_pwd" && +ac_ls_di=`ls -di .` && +ac_pwd_ls_di=`cd "$ac_pwd" && ls -di .` || + as_fn_error $? "working directory cannot be determined" +test "X$ac_ls_di" = "X$ac_pwd_ls_di" || + as_fn_error $? "pwd does not report name of working directory" + + +# Find the source files, if location was not specified. +if test -z "$srcdir"; then + ac_srcdir_defaulted=yes + # Try the directory containing this script, then the parent directory. + ac_confdir=`$as_dirname -- "$as_myself" || +$as_expr X"$as_myself" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$as_myself" : 'X\(//\)[^/]' \| \ + X"$as_myself" : 'X\(//\)$' \| \ + X"$as_myself" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$as_myself" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + srcdir=$ac_confdir + if test ! -r "$srcdir/$ac_unique_file"; then + srcdir=.. + fi +else + ac_srcdir_defaulted=no +fi +if test ! -r "$srcdir/$ac_unique_file"; then + test "$ac_srcdir_defaulted" = yes && srcdir="$ac_confdir or .." + as_fn_error $? "cannot find sources ($ac_unique_file) in $srcdir" +fi +ac_msg="sources are in $srcdir, but \`cd $srcdir' does not work" +ac_abs_confdir=`( + cd "$srcdir" && test -r "./$ac_unique_file" || as_fn_error $? "$ac_msg" + pwd)` +# When building in place, set srcdir=. +if test "$ac_abs_confdir" = "$ac_pwd"; then + srcdir=. +fi +# Remove unnecessary trailing slashes from srcdir. +# Double slashes in file names in object file debugging info +# mess up M-x gdb in Emacs. +case $srcdir in +*/) srcdir=`expr "X$srcdir" : 'X\(.*[^/]\)' \| "X$srcdir" : 'X\(.*\)'`;; +esac +for ac_var in $ac_precious_vars; do + eval ac_env_${ac_var}_set=\${${ac_var}+set} + eval ac_env_${ac_var}_value=\$${ac_var} + eval ac_cv_env_${ac_var}_set=\${${ac_var}+set} + eval ac_cv_env_${ac_var}_value=\$${ac_var} +done + +# +# Report the --help message. +# +if test "$ac_init_help" = "long"; then + # Omit some internal or obsolete options to make the list less imposing. + # This message is too long to be a string in the A/UX 3.1 sh. + cat <<_ACEOF +\`configure' configures Xen Hypervisor 4.3 to adapt to many kinds of systems. + +Usage: $0 [OPTION]... [VAR=VALUE]... + +To assign environment variables (e.g., CC, CFLAGS...), specify them as +VAR=VALUE. See below for descriptions of some of the useful variables. + +Defaults for the options are specified in brackets. + +Configuration: + -h, --help display this help and exit + --help=short display options specific to this package + --help=recursive display the short help of all the included packages + -V, --version display version information and exit + -q, --quiet, --silent do not print \`checking ...' messages + --cache-file=FILE cache test results in FILE [disabled] + -C, --config-cache alias for \`--cache-file=config.cache' + -n, --no-create do not create output files + --srcdir=DIR find the sources in DIR [configure dir or \`..'] + +Installation directories: + --prefix=PREFIX install architecture-independent files in PREFIX + [$ac_default_prefix] + --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX + [PREFIX] + +By default, \`make install' will install all the files in +\`$ac_default_prefix/bin', \`$ac_default_prefix/lib' etc. You can specify +an installation prefix other than \`$ac_default_prefix' using \`--prefix', +for instance \`--prefix=\$HOME'. + +For better control, use the options below. + +Fine tuning of the installation directories: + --bindir=DIR user executables [EPREFIX/bin] + --sbindir=DIR system admin executables [EPREFIX/sbin] + --libexecdir=DIR program executables [EPREFIX/libexec] + --sysconfdir=DIR read-only single-machine data [PREFIX/etc] + --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] + --localstatedir=DIR modifiable single-machine data [PREFIX/var] + --libdir=DIR object code libraries [EPREFIX/lib] + --includedir=DIR C header files [PREFIX/include] + --oldincludedir=DIR C header files for non-gcc [/usr/include] + --datarootdir=DIR read-only arch.-independent data root [PREFIX/share] + --datadir=DIR read-only architecture-independent data [DATAROOTDIR] + --infodir=DIR info documentation [DATAROOTDIR/info] + --localedir=DIR locale-dependent data [DATAROOTDIR/locale] + --mandir=DIR man documentation [DATAROOTDIR/man] + --docdir=DIR documentation root [DATAROOTDIR/doc/xen] + --htmldir=DIR html documentation [DOCDIR] + --dvidir=DIR dvi documentation [DOCDIR] + --pdfdir=DIR pdf documentation [DOCDIR] + --psdir=DIR ps documentation [DOCDIR] +_ACEOF + + cat <<\_ACEOF +_ACEOF +fi + +if test -n "$ac_init_help"; then + case $ac_init_help in + short | recursive ) echo "Configuration of Xen Hypervisor 4.3:";; + esac + cat <<\_ACEOF + +Report bugs to . +Xen Hypervisor home page: . +_ACEOF +ac_status=$? +fi + +if test "$ac_init_help" = "recursive"; then + # If there are subdirs, report their specific --help. + for ac_dir in : $ac_subdirs_all; do test "x$ac_dir" = x: && continue + test -d "$ac_dir" || + { cd "$srcdir" && ac_pwd=`pwd` && srcdir=. && test -d "$ac_dir"; } || + continue + ac_builddir=. + +case "$ac_dir" in +.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; +*) + ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'` + # A ".." for each directory in $ac_dir_suffix. + ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` + case $ac_top_builddir_sub in + "") ac_top_builddir_sub=. ac_top_build_prefix= ;; + *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; + esac ;; +esac +ac_abs_top_builddir=$ac_pwd +ac_abs_builddir=$ac_pwd$ac_dir_suffix +# for backward compatibility: +ac_top_builddir=$ac_top_build_prefix + +case $srcdir in + .) # We are building in place. + ac_srcdir=. + ac_top_srcdir=$ac_top_builddir_sub + ac_abs_top_srcdir=$ac_pwd ;; + [\\/]* | ?:[\\/]* ) # Absolute name. + ac_srcdir=$srcdir$ac_dir_suffix; + ac_top_srcdir=$srcdir + ac_abs_top_srcdir=$srcdir ;; + *) # Relative name. + ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix + ac_top_srcdir=$ac_top_build_prefix$srcdir + ac_abs_top_srcdir=$ac_pwd/$srcdir ;; +esac +ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix + + cd "$ac_dir" || { ac_status=$?; continue; } + # Check for guested configure. + if test -f "$ac_srcdir/configure.gnu"; then + echo && + $SHELL "$ac_srcdir/configure.gnu" --help=recursive + elif test -f "$ac_srcdir/configure"; then + echo && + $SHELL "$ac_srcdir/configure" --help=recursive + else + $as_echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2 + fi || ac_status=$? + cd "$ac_pwd" || { ac_status=$?; break; } + done +fi + +test -n "$ac_init_help" && exit $ac_status +if $ac_init_version; then + cat <<\_ACEOF +Xen Hypervisor configure 4.3 +generated by GNU Autoconf 2.67 + +Copyright (C) 2010 Free Software Foundation, Inc. +This configure script is free software; the Free Software Foundation +gives unlimited permission to copy, distribute and modify it. +_ACEOF + exit +fi + +## ------------------------ ## +## Autoconf initialization. ## +## ------------------------ ## +cat >config.log <<_ACEOF +This file contains any messages produced by compilers while +running configure, to aid debugging if configure makes a mistake. + +It was created by Xen Hypervisor $as_me 4.3, which was +generated by GNU Autoconf 2.67. Invocation command line was + + $ $0 $@ + +_ACEOF +exec 5>>config.log +{ +cat <<_ASUNAME +## --------- ## +## Platform. ## +## --------- ## + +hostname = `(hostname || uname -n) 2>/dev/null | sed 1q` +uname -m = `(uname -m) 2>/dev/null || echo unknown` +uname -r = `(uname -r) 2>/dev/null || echo unknown` +uname -s = `(uname -s) 2>/dev/null || echo unknown` +uname -v = `(uname -v) 2>/dev/null || echo unknown` + +/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null || echo unknown` +/bin/uname -X = `(/bin/uname -X) 2>/dev/null || echo unknown` + +/bin/arch = `(/bin/arch) 2>/dev/null || echo unknown` +/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null || echo unknown` +/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null || echo unknown` +/usr/bin/hostinfo = `(/usr/bin/hostinfo) 2>/dev/null || echo unknown` +/bin/machine = `(/bin/machine) 2>/dev/null || echo unknown` +/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null || echo unknown` +/bin/universe = `(/bin/universe) 2>/dev/null || echo unknown` + +_ASUNAME + +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + $as_echo "PATH: $as_dir" + done +IFS=$as_save_IFS + +} >&5 + +cat >&5 <<_ACEOF + + +## ----------- ## +## Core tests. ## +## ----------- ## + +_ACEOF + + +# Keep a trace of the command line. +# Strip out --no-create and --no-recursion so they do not pile up. +# Strip out --silent because we don't want to record it for future runs. +# Also quote any args containing shell meta-characters. +# Make two passes to allow for proper duplicate-argument suppression. +ac_configure_args= +ac_configure_args0= +ac_configure_args1= +ac_must_keep_next=false +for ac_pass in 1 2 +do + for ac_arg + do + case $ac_arg in + -no-create | --no-c* | -n | -no-recursion | --no-r*) continue ;; + -q | -quiet | --quiet | --quie | --qui | --qu | --q \ + | -silent | --silent | --silen | --sile | --sil) + continue ;; + *\'*) + ac_arg=`$as_echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;; + esac + case $ac_pass in + 1) as_fn_append ac_configure_args0 " '$ac_arg'" ;; + 2) + as_fn_append ac_configure_args1 " '$ac_arg'" + if test $ac_must_keep_next = true; then + ac_must_keep_next=false # Got value, back to normal. + else + case $ac_arg in + *=* | --config-cache | -C | -disable-* | --disable-* \ + | -enable-* | --enable-* | -gas | --g* | -nfp | --nf* \ + | -q | -quiet | --q* | -silent | --sil* | -v | -verb* \ + | -with-* | --with-* | -without-* | --without-* | --x) + case "$ac_configure_args0 " in + "$ac_configure_args1"*" '$ac_arg' "* ) continue ;; + esac + ;; + -* ) ac_must_keep_next=true ;; + esac + fi + as_fn_append ac_configure_args " '$ac_arg'" + ;; + esac + done +done +{ ac_configure_args0=; unset ac_configure_args0;} +{ ac_configure_args1=; unset ac_configure_args1;} + +# When interrupted or exit'd, cleanup temporary files, and complete +# config.log. We remove comments because anyway the quotes in there +# would cause problems or look ugly. +# WARNING: Use '\'' to represent an apostrophe within the trap. +# WARNING: Do not start the trap code with a newline, due to a FreeBSD 4.0 bug. +trap 'exit_status=$? + # Save into config.log some information that might help in debugging. + { + echo + + $as_echo "## ---------------- ## +## Cache variables. ## +## ---------------- ##" + echo + # The following way of writing the cache mishandles newlines in values, +( + for ac_var in `(set) 2>&1 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`; do + eval ac_val=\$$ac_var + case $ac_val in #( + *${as_nl}*) + case $ac_var in #( + *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 +$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; + esac + case $ac_var in #( + _ | IFS | as_nl) ;; #( + BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #( + *) { eval $ac_var=; unset $ac_var;} ;; + esac ;; + esac + done + (set) 2>&1 | + case $as_nl`(ac_space='\'' '\''; set) 2>&1` in #( + *${as_nl}ac_space=\ *) + sed -n \ + "s/'\''/'\''\\\\'\'''\''/g; + s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\''\\2'\''/p" + ;; #( + *) + sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" + ;; + esac | + sort +) + echo + + $as_echo "## ----------------- ## +## Output variables. ## +## ----------------- ##" + echo + for ac_var in $ac_subst_vars + do + eval ac_val=\$$ac_var + case $ac_val in + *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; + esac + $as_echo "$ac_var='\''$ac_val'\''" + done | sort + echo + + if test -n "$ac_subst_files"; then + $as_echo "## ------------------- ## +## File substitutions. ## +## ------------------- ##" + echo + for ac_var in $ac_subst_files + do + eval ac_val=\$$ac_var + case $ac_val in + *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; + esac + $as_echo "$ac_var='\''$ac_val'\''" + done | sort + echo + fi + + if test -s confdefs.h; then + $as_echo "## ----------- ## +## confdefs.h. ## +## ----------- ##" + echo + cat confdefs.h + echo + fi + test "$ac_signal" != 0 && + $as_echo "$as_me: caught signal $ac_signal" + $as_echo "$as_me: exit $exit_status" + } >&5 + rm -f core *.core core.conftest.* && + rm -f -r conftest* confdefs* conf$$* $ac_clean_files && + exit $exit_status +' 0 +for ac_signal in 1 2 13 15; do + trap 'ac_signal='$ac_signal'; as_fn_exit 1' $ac_signal +done +ac_signal=0 + +# confdefs.h avoids OS command line length limits that DEFS can exceed. +rm -f -r conftest* confdefs.h + +$as_echo "/* confdefs.h */" > confdefs.h + +# Predefined preprocessor variables. + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_NAME "$PACKAGE_NAME" +_ACEOF + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_TARNAME "$PACKAGE_TARNAME" +_ACEOF + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_VERSION "$PACKAGE_VERSION" +_ACEOF + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_STRING "$PACKAGE_STRING" +_ACEOF + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_BUGREPORT "$PACKAGE_BUGREPORT" +_ACEOF + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_URL "$PACKAGE_URL" +_ACEOF + + +# Let the site file select an alternate cache file if it wants to. +# Prefer an explicitly selected file to automatically selected ones. +ac_site_file1=NONE +ac_site_file2=NONE +if test -n "$CONFIG_SITE"; then + # We do not want a PATH search for config.site. + case $CONFIG_SITE in #(( + -*) ac_site_file1=./$CONFIG_SITE;; + */*) ac_site_file1=$CONFIG_SITE;; + *) ac_site_file1=./$CONFIG_SITE;; + esac +elif test "x$prefix" != xNONE; then + ac_site_file1=$prefix/share/config.site + ac_site_file2=$prefix/etc/config.site +else + ac_site_file1=$ac_default_prefix/share/config.site + ac_site_file2=$ac_default_prefix/etc/config.site +fi +for ac_site_file in "$ac_site_file1" "$ac_site_file2" +do + test "x$ac_site_file" = xNONE && continue + if test /dev/null != "$ac_site_file" && test -r "$ac_site_file"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: loading site script $ac_site_file" >&5 +$as_echo "$as_me: loading site script $ac_site_file" >&6;} + sed 's/^/| /' "$ac_site_file" >&5 + . "$ac_site_file" \ + || { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "failed to load site script $ac_site_file +See \`config.log' for more details" "$LINENO" 5 ; } + fi +done + +if test -r "$cache_file"; then + # Some versions of bash will fail to source /dev/null (special files + # actually), so we avoid doing that. DJGPP emulates it as a regular file. + if test /dev/null != "$cache_file" && test -f "$cache_file"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: loading cache $cache_file" >&5 +$as_echo "$as_me: loading cache $cache_file" >&6;} + case $cache_file in + [\\/]* | ?:[\\/]* ) . "$cache_file";; + *) . "./$cache_file";; + esac + fi +else + { $as_echo "$as_me:${as_lineno-$LINENO}: creating cache $cache_file" >&5 +$as_echo "$as_me: creating cache $cache_file" >&6;} + >$cache_file +fi + +# Check that the precious variables saved in the cache have kept the same +# value. +ac_cache_corrupted=false +for ac_var in $ac_precious_vars; do + eval ac_old_set=\$ac_cv_env_${ac_var}_set + eval ac_new_set=\$ac_env_${ac_var}_set + eval ac_old_val=\$ac_cv_env_${ac_var}_value + eval ac_new_val=\$ac_env_${ac_var}_value + case $ac_old_set,$ac_new_set in + set,) + { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5 +$as_echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;} + ac_cache_corrupted=: ;; + ,set) + { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was not set in the previous run" >&5 +$as_echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;} + ac_cache_corrupted=: ;; + ,);; + *) + if test "x$ac_old_val" != "x$ac_new_val"; then + # differences in whitespace do not lead to failure. + ac_old_val_w=`echo x $ac_old_val` + ac_new_val_w=`echo x $ac_new_val` + if test "$ac_old_val_w" != "$ac_new_val_w"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' has changed since the previous run:" >&5 +$as_echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;} + ac_cache_corrupted=: + else + { $as_echo "$as_me:${as_lineno-$LINENO}: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&5 +$as_echo "$as_me: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&2;} + eval $ac_var=\$ac_old_val + fi + { $as_echo "$as_me:${as_lineno-$LINENO}: former value: \`$ac_old_val'" >&5 +$as_echo "$as_me: former value: \`$ac_old_val'" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: current value: \`$ac_new_val'" >&5 +$as_echo "$as_me: current value: \`$ac_new_val'" >&2;} + fi;; + esac + # Pass precious variables to config.status. + if test "$ac_new_set" = set; then + case $ac_new_val in + *\'*) ac_arg=$ac_var=`$as_echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;; + *) ac_arg=$ac_var=$ac_new_val ;; + esac + case " $ac_configure_args " in + *" '$ac_arg' "*) ;; # Avoid dups. Use of quotes ensures accuracy. + *) as_fn_append ac_configure_args " '$ac_arg'" ;; + esac + fi +done +if $ac_cache_corrupted; then + { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: error: changes in the environment can compromise the build" >&5 +$as_echo "$as_me: error: changes in the environment can compromise the build" >&2;} + as_fn_error $? "run \`make distclean' and/or \`rm $cache_file' and start over" "$LINENO" 5 +fi +## -------------------- ## +## Main body of script. ## +## -------------------- ## + +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + + + + + +ac_aux_dir= +for ac_dir in "$srcdir" "$srcdir/.." "$srcdir/../.."; do + if test -f "$ac_dir/install-sh"; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/install-sh -c" + break + elif test -f "$ac_dir/install.sh"; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/install.sh -c" + break + elif test -f "$ac_dir/shtool"; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/shtool install -c" + break + fi +done +if test -z "$ac_aux_dir"; then + as_fn_error $? "cannot find install-sh, install.sh, or shtool in \"$srcdir\" \"$srcdir/..\" \"$srcdir/../..\"" "$LINENO" 5 +fi + +# These three variables are undocumented and unsupported, +# and are intended to be withdrawn in a future Autoconf release. +# They can cause serious problems if a builder's source tree is in a directory +# whose full name contains unusual characters. +ac_config_guess="$SHELL $ac_aux_dir/config.guess" # Please don't use this var. +ac_config_sub="$SHELL $ac_aux_dir/config.sub" # Please don't use this var. +ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var. + + + + +subdirs="$subdirs tools stubdom" + + +cat >confcache <<\_ACEOF +# This file is a shell script that caches the results of configure +# tests run on this system so they can be shared between configure +# scripts and configure runs, see configure's option --config-cache. +# It is not useful on other systems. If it contains results you don't +# want to keep, you may remove or edit it. +# +# config.status only pays attention to the cache file if you give it +# the --recheck option to rerun configure. +# +# `ac_cv_env_foo' variables (set or unset) will be overridden when +# loading this file, other *unset* `ac_cv_foo' will be assigned the +# following values. + +_ACEOF + +# The following way of writing the cache mishandles newlines in values, +# but we know of no workaround that is simple, portable, and efficient. +# So, we kill variables containing newlines. +# Ultrix sh set writes to stderr and can't be redirected directly, +# and sets the high bit in the cache file unless we assign to the vars. +( + for ac_var in `(set) 2>&1 | sed -n 's/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'`; do + eval ac_val=\$$ac_var + case $ac_val in #( + *${as_nl}*) + case $ac_var in #( + *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 +$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; + esac + case $ac_var in #( + _ | IFS | as_nl) ;; #( + BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #( + *) { eval $ac_var=; unset $ac_var;} ;; + esac ;; + esac + done + + (set) 2>&1 | + case $as_nl`(ac_space=' '; set) 2>&1` in #( + *${as_nl}ac_space=\ *) + # `set' does not quote correctly, so add quotes: double-quote + # substitution turns \\\\ into \\, and sed turns \\ into \. + sed -n \ + "s/'/'\\\\''/g; + s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\\2'/p" + ;; #( + *) + # `set' quotes correctly as required by POSIX, so do not add quotes. + sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" + ;; + esac | + sort +) | + sed ' + /^ac_cv_env_/b end + t clear + :clear + s/^\([^=]*\)=\(.*[{}].*\)$/test "${\1+set}" = set || &/ + t end + s/^\([^=]*\)=\(.*\)$/\1=${\1=\2}/ + :end' >>confcache +if diff "$cache_file" confcache >/dev/null 2>&1; then :; else + if test -w "$cache_file"; then + test "x$cache_file" != "x/dev/null" && + { $as_echo "$as_me:${as_lineno-$LINENO}: updating cache $cache_file" >&5 +$as_echo "$as_me: updating cache $cache_file" >&6;} + cat confcache >$cache_file + else + { $as_echo "$as_me:${as_lineno-$LINENO}: not updating unwritable cache $cache_file" >&5 +$as_echo "$as_me: not updating unwritable cache $cache_file" >&6;} + fi +fi +rm -f confcache + +test "x$prefix" = xNONE && prefix=$ac_default_prefix +# Let make expand exec_prefix. +test "x$exec_prefix" = xNONE && exec_prefix='${prefix}' + +# Transform confdefs.h into DEFS. +# Protect against shell expansion while executing Makefile rules. +# Protect against Makefile macro expansion. +# +# If the first sed substitution is executed (which looks for macros that +# take arguments), then branch to the quote section. Otherwise, +# look for a macro that doesn't take arguments. +ac_script=' +:mline +/\\$/{ + N + s,\\\n,, + b mline +} +t clear +:clear +s/^[ ]*#[ ]*define[ ][ ]*\([^ (][^ (]*([^)]*)\)[ ]*\(.*\)/-D\1=\2/g +t quote +s/^[ ]*#[ ]*define[ ][ ]*\([^ ][^ ]*\)[ ]*\(.*\)/-D\1=\2/g +t quote +b any +:quote +s/[ `~#$^&*(){}\\|;'\''"<>?]/\\&/g +s/\[/\\&/g +s/\]/\\&/g +s/\$/$$/g +H +:any +${ + g + s/^\n// + s/\n/ /g + p +} +' +DEFS=`sed -n "$ac_script" confdefs.h` + + +ac_libobjs= +ac_ltlibobjs= +U= +for ac_i in : $LIBOBJS; do test "x$ac_i" = x: && continue + # 1. Remove the extension, and $U if already installed. + ac_script='s/\$U\././;s/\.o$//;s/\.obj$//' + ac_i=`$as_echo "$ac_i" | sed "$ac_script"` + # 2. Prepend LIBOBJDIR. When used with automake>=1.10 LIBOBJDIR + # will be set to the directory where LIBOBJS objects are built. + as_fn_append ac_libobjs " \${LIBOBJDIR}$ac_i\$U.$ac_objext" + as_fn_append ac_ltlibobjs " \${LIBOBJDIR}$ac_i"'$U.lo' +done +LIBOBJS=$ac_libobjs + +LTLIBOBJS=$ac_ltlibobjs + + + +: ${CONFIG_STATUS=./config.status} +ac_write_fail=0 +ac_clean_files_save=$ac_clean_files +ac_clean_files="$ac_clean_files $CONFIG_STATUS" +{ $as_echo "$as_me:${as_lineno-$LINENO}: creating $CONFIG_STATUS" >&5 +$as_echo "$as_me: creating $CONFIG_STATUS" >&6;} +as_write_fail=0 +cat >$CONFIG_STATUS <<_ASEOF || as_write_fail=1 +#! $SHELL +# Generated by $as_me. +# Run this file to recreate the current configuration. +# Compiler output produced by configure, useful for debugging +# configure, is in config.log if it exists. + +debug=false +ac_cs_recheck=false +ac_cs_silent=false + +SHELL=\${CONFIG_SHELL-$SHELL} +export SHELL +_ASEOF +cat >>$CONFIG_STATUS <<\_ASEOF || as_write_fail=1 +## -------------------- ## +## M4sh Initialization. ## +## -------------------- ## + +# Be more Bourne compatible +DUALCASE=1; export DUALCASE # for MKS sh +if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : + emulate sh + NULLCMD=: + # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which + # is contrary to our usage. Disable this feature. + alias -g '${1+"$@"}'='"$@"' + setopt NO_GLOB_SUBST +else + case `(set -o) 2>/dev/null` in #( + *posix*) : + set -o posix ;; #( + *) : + ;; +esac +fi + + +as_nl=' +' +export as_nl +# Printing a long string crashes Solaris 7 /usr/bin/printf. +as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo +# Prefer a ksh shell builtin over an external printf program on Solaris, +# but without wasting forks for bash or zsh. +if test -z "$BASH_VERSION$ZSH_VERSION" \ + && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then + as_echo='print -r --' + as_echo_n='print -rn --' +elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then + as_echo='printf %s\n' + as_echo_n='printf %s' +else + if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then + as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"' + as_echo_n='/usr/ucb/echo -n' + else + as_echo_body='eval expr "X$1" : "X\\(.*\\)"' + as_echo_n_body='eval + arg=$1; + case $arg in #( + *"$as_nl"*) + expr "X$arg" : "X\\(.*\\)$as_nl"; + arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;; + esac; + expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl" + ' + export as_echo_n_body + as_echo_n='sh -c $as_echo_n_body as_echo' + fi + export as_echo_body + as_echo='sh -c $as_echo_body as_echo' +fi + +# The user is always right. +if test "${PATH_SEPARATOR+set}" != set; then + PATH_SEPARATOR=: + (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { + (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || + PATH_SEPARATOR=';' + } +fi + + +# IFS +# We need space, tab and new line, in precisely that order. Quoting is +# there to prevent editors from complaining about space-tab. +# (If _AS_PATH_WALK were called with IFS unset, it would disable word +# splitting by setting IFS to empty value.) +IFS=" "" $as_nl" + +# Find who we are. Look in the path if we contain no directory separator. +case $0 in #(( + *[\\/]* ) as_myself=$0 ;; + *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break + done +IFS=$as_save_IFS + + ;; +esac +# We did not find ourselves, most probably we were run as `sh COMMAND' +# in which case we are not to be found in the path. +if test "x$as_myself" = x; then + as_myself=$0 +fi +if test ! -f "$as_myself"; then + $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 + exit 1 +fi + +# Unset variables that we do not need and which cause bugs (e.g. in +# pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1" +# suppresses any "Segmentation fault" message there. '((' could +# trigger a bug in pdksh 5.2.14. +for as_var in BASH_ENV ENV MAIL MAILPATH +do eval test x\${$as_var+set} = xset \ + && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : +done +PS1='$ ' +PS2='> ' +PS4='+ ' + +# NLS nuisances. +LC_ALL=C +export LC_ALL +LANGUAGE=C +export LANGUAGE + +# CDPATH. +(unset CDPATH) >/dev/null 2>&1 && unset CDPATH + + +# as_fn_error STATUS ERROR [LINENO LOG_FD] +# ---------------------------------------- +# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are +# provided, also output the error to LOG_FD, referencing LINENO. Then exit the +# script with STATUS, using 1 if that was 0. +as_fn_error () +{ + as_status=$1; test $as_status -eq 0 && as_status=1 + if test "$4"; then + as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 + fi + $as_echo "$as_me: error: $2" >&2 + as_fn_exit $as_status +} # as_fn_error + + +# as_fn_set_status STATUS +# ----------------------- +# Set $? to STATUS, without forking. +as_fn_set_status () +{ + return $1 +} # as_fn_set_status + +# as_fn_exit STATUS +# ----------------- +# Exit the shell with STATUS, even in a "trap 0" or "set -e" context. +as_fn_exit () +{ + set +e + as_fn_set_status $1 + exit $1 +} # as_fn_exit + +# as_fn_unset VAR +# --------------- +# Portably unset VAR. +as_fn_unset () +{ + { eval $1=; unset $1;} +} +as_unset=as_fn_unset +# as_fn_append VAR VALUE +# ---------------------- +# Append the text in VALUE to the end of the definition contained in VAR. Take +# advantage of any shell optimizations that allow amortized linear growth over +# repeated appends, instead of the typical quadratic growth present in naive +# implementations. +if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then : + eval 'as_fn_append () + { + eval $1+=\$2 + }' +else + as_fn_append () + { + eval $1=\$$1\$2 + } +fi # as_fn_append + +# as_fn_arith ARG... +# ------------------ +# Perform arithmetic evaluation on the ARGs, and store the result in the +# global $as_val. Take advantage of shells that can avoid forks. The arguments +# must be portable across $(()) and expr. +if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then : + eval 'as_fn_arith () + { + as_val=$(( $* )) + }' +else + as_fn_arith () + { + as_val=`expr "$@" || test $? -eq 1` + } +fi # as_fn_arith + + +if expr a : '\(a\)' >/dev/null 2>&1 && + test "X`expr 00001 : '.*\(...\)'`" = X001; then + as_expr=expr +else + as_expr=false +fi + +if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then + as_basename=basename +else + as_basename=false +fi + +if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then + as_dirname=dirname +else + as_dirname=false +fi + +as_me=`$as_basename -- "$0" || +$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ + X"$0" : 'X\(//\)$' \| \ + X"$0" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X/"$0" | + sed '/^.*\/\([^/][^/]*\)\/*$/{ + s//\1/ + q + } + /^X\/\(\/\/\)$/{ + s//\1/ + q + } + /^X\/\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + +# Avoid depending upon Character Ranges. +as_cr_letters='abcdefghijklmnopqrstuvwxyz' +as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' +as_cr_Letters=$as_cr_letters$as_cr_LETTERS +as_cr_digits='0123456789' +as_cr_alnum=$as_cr_Letters$as_cr_digits + +ECHO_C= ECHO_N= ECHO_T= +case `echo -n x` in #((((( +-n*) + case `echo 'xy\c'` in + *c*) ECHO_T=' ';; # ECHO_T is single tab character. + xy) ECHO_C='\c';; + *) echo `echo ksh88 bug on AIX 6.1` > /dev/null + ECHO_T=' ';; + esac;; +*) + ECHO_N='-n';; +esac + +rm -f conf$$ conf$$.exe conf$$.file +if test -d conf$$.dir; then + rm -f conf$$.dir/conf$$.file +else + rm -f conf$$.dir + mkdir conf$$.dir 2>/dev/null +fi +if (echo >conf$$.file) 2>/dev/null; then + if ln -s conf$$.file conf$$ 2>/dev/null; then + as_ln_s='ln -s' + # ... but there are two gotchas: + # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. + # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. + # In both cases, we have to default to `cp -p'. + ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || + as_ln_s='cp -p' + elif ln conf$$.file conf$$ 2>/dev/null; then + as_ln_s=ln + else + as_ln_s='cp -p' + fi +else + as_ln_s='cp -p' +fi +rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file +rmdir conf$$.dir 2>/dev/null + + +# as_fn_mkdir_p +# ------------- +# Create "$as_dir" as a directory, including parents if necessary. +as_fn_mkdir_p () +{ + + case $as_dir in #( + -*) as_dir=./$as_dir;; + esac + test -d "$as_dir" || eval $as_mkdir_p || { + as_dirs= + while :; do + case $as_dir in #( + *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( + *) as_qdir=$as_dir;; + esac + as_dirs="'$as_qdir' $as_dirs" + as_dir=`$as_dirname -- "$as_dir" || +$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$as_dir" : 'X\(//\)[^/]' \| \ + X"$as_dir" : 'X\(//\)$' \| \ + X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$as_dir" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + test -d "$as_dir" && break + done + test -z "$as_dirs" || eval "mkdir $as_dirs" + } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" + + +} # as_fn_mkdir_p +if mkdir -p . 2>/dev/null; then + as_mkdir_p='mkdir -p "$as_dir"' +else + test -d ./-p && rmdir ./-p + as_mkdir_p=false +fi + +if test -x / >/dev/null 2>&1; then + as_test_x='test -x' +else + if ls -dL / >/dev/null 2>&1; then + as_ls_L_option=L + else + as_ls_L_option= + fi + as_test_x=' + eval sh -c '\'' + if test -d "$1"; then + test -d "$1/."; + else + case $1 in #( + -*)set "./$1";; + esac; + case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in #(( + ???[sx]*):;;*)false;;esac;fi + '\'' sh + ' +fi +as_executable_p=$as_test_x + +# Sed expression to map a string onto a valid CPP name. +as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" + +# Sed expression to map a string onto a valid variable name. +as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" + + +exec 6>&1 +## ----------------------------------- ## +## Main body of $CONFIG_STATUS script. ## +## ----------------------------------- ## +_ASEOF +test $as_write_fail = 0 && chmod +x $CONFIG_STATUS || ac_write_fail=1 + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +# Save the log message, to keep $0 and so on meaningful, and to +# report actual input values of CONFIG_FILES etc. instead of their +# values after options handling. +ac_log=" +This file was extended by Xen Hypervisor $as_me 4.3, which was +generated by GNU Autoconf 2.67. Invocation command line was + + CONFIG_FILES = $CONFIG_FILES + CONFIG_HEADERS = $CONFIG_HEADERS + CONFIG_LINKS = $CONFIG_LINKS + CONFIG_COMMANDS = $CONFIG_COMMANDS + $ $0 $@ + +on `(hostname || uname -n) 2>/dev/null | sed 1q` +" + +_ACEOF + + + + +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +# Files that config.status was made for. + +_ACEOF + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +ac_cs_usage="\ +\`$as_me' instantiates files and other configuration actions +from templates according to the current configuration. Unless the files +and actions are specified as TAGs, all are instantiated by default. + +Usage: $0 [OPTION]... [TAG]... + + -h, --help print this help, then exit + -V, --version print version number and configuration settings, then exit + --config print configuration, then exit + -q, --quiet, --silent + do not print progress messages + -d, --debug don't remove temporary files + --recheck update $as_me by reconfiguring in the same conditions + +Report bugs to . +Xen Hypervisor home page: ." + +_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" +ac_cs_version="\\ +Xen Hypervisor config.status 4.3 +configured by $0, generated by GNU Autoconf 2.67, + with options \\"\$ac_cs_config\\" + +Copyright (C) 2010 Free Software Foundation, Inc. +This config.status script is free software; the Free Software Foundation +gives unlimited permission to copy, distribute and modify it." + +ac_pwd='$ac_pwd' +srcdir='$srcdir' +test -n "\$AWK" || AWK=awk +_ACEOF + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +# The default lists apply if the user does not specify any file. +ac_need_defaults=: +while test $# != 0 +do + case $1 in + --*=?*) + ac_option=`expr "X$1" : 'X\([^=]*\)='` + ac_optarg=`expr "X$1" : 'X[^=]*=\(.*\)'` + ac_shift=: + ;; + --*=) + ac_option=`expr "X$1" : 'X\([^=]*\)='` + ac_optarg= + ac_shift=: + ;; + *) + ac_option=$1 + ac_optarg=$2 + ac_shift=shift + ;; + esac + + case $ac_option in + # Handling of the options. + -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r) + ac_cs_recheck=: ;; + --version | --versio | --versi | --vers | --ver | --ve | --v | -V ) + $as_echo "$ac_cs_version"; exit ;; + --config | --confi | --conf | --con | --co | --c ) + $as_echo "$ac_cs_config"; exit ;; + --debug | --debu | --deb | --de | --d | -d ) + debug=: ;; + --he | --h | --help | --hel | -h ) + $as_echo "$ac_cs_usage"; exit ;; + -q | -quiet | --quiet | --quie | --qui | --qu | --q \ + | -silent | --silent | --silen | --sile | --sil | --si | --s) + ac_cs_silent=: ;; + + # This is an error. + -*) as_fn_error $? "unrecognized option: \`$1' +Try \`$0 --help' for more information." ;; + + *) as_fn_append ac_config_targets " $1" + ac_need_defaults=false ;; + + esac + shift +done + +ac_configure_extra_args= + +if $ac_cs_silent; then + exec 6>/dev/null + ac_configure_extra_args="$ac_configure_extra_args --silent" +fi + +_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +if \$ac_cs_recheck; then + set X '$SHELL' '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion + shift + \$as_echo "running CONFIG_SHELL=$SHELL \$*" >&6 + CONFIG_SHELL='$SHELL' + export CONFIG_SHELL + exec "\$@" +fi + +_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +exec 5>>config.log +{ + echo + sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX +## Running $as_me. ## +_ASBOX + $as_echo "$ac_log" +} >&5 + +_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +_ACEOF + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 + +# Handling of arguments. +for ac_config_target in $ac_config_targets +do + case $ac_config_target in + + *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5 ;; + esac +done + + +as_fn_exit 0 +_ACEOF +ac_clean_files=$ac_clean_files_save + +test $ac_write_fail = 0 || + as_fn_error $? "write failure creating $CONFIG_STATUS" "$LINENO" 5 + + +# configure is writing to config.log, and then calls config.status. +# config.status does its own redirection, appending to config.log. +# Unfortunately, on DOS this fails, as config.log is still kept open +# by configure, so config.status won't be able to write to it; its +# output is simply discarded. So we exec the FD to /dev/null, +# effectively closing config.log, so it can be properly (re)opened and +# appended to by config.status. When coming back to configure, we +# need to make the FD available again. +if test "$no_create" != yes; then + ac_cs_success=: + ac_config_status_args= + test "$silent" = yes && + ac_config_status_args="$ac_config_status_args --quiet" + exec 5>/dev/null + $SHELL $CONFIG_STATUS $ac_config_status_args || ac_cs_success=false + exec 5>>config.log + # Use ||, not &&, to avoid exiting from the if with $? = 1, which + # would make configure fail if this is the last instruction. + $ac_cs_success || as_fn_exit 1 +fi + +# +# CONFIG_SUBDIRS section. +# +if test "$no_recursion" != yes; then + + # Remove --cache-file, --srcdir, and --disable-option-checking arguments + # so they do not pile up. + ac_sub_configure_args= + ac_prev= + eval "set x $ac_configure_args" + shift + for ac_arg + do + if test -n "$ac_prev"; then + ac_prev= + continue + fi + case $ac_arg in + -cache-file | --cache-file | --cache-fil | --cache-fi \ + | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c) + ac_prev=cache_file ;; + -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \ + | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* \ + | --c=*) + ;; + --config-cache | -C) + ;; + -srcdir | --srcdir | --srcdi | --srcd | --src | --sr) + ac_prev=srcdir ;; + -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*) + ;; + -prefix | --prefix | --prefi | --pref | --pre | --pr | --p) + ac_prev=prefix ;; + -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*) + ;; + --disable-option-checking) + ;; + *) + case $ac_arg in + *\'*) ac_arg=`$as_echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;; + esac + as_fn_append ac_sub_configure_args " '$ac_arg'" ;; + esac + done + + # Always prepend --prefix to ensure using the same prefix + # in subdir configurations. + ac_arg="--prefix=$prefix" + case $ac_arg in + *\'*) ac_arg=`$as_echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;; + esac + ac_sub_configure_args="'$ac_arg' $ac_sub_configure_args" + + # Pass --silent + if test "$silent" = yes; then + ac_sub_configure_args="--silent $ac_sub_configure_args" + fi + + # Always prepend --disable-option-checking to silence warnings, since + # different subdirs can have different --enable and --with options. + ac_sub_configure_args="--disable-option-checking $ac_sub_configure_args" + + ac_popdir=`pwd` + for ac_dir in : $subdirs; do test "x$ac_dir" = x: && continue + + # Do not complain, so a configure script can configure whichever + # parts of a large source tree are present. + test -d "$srcdir/$ac_dir" || continue + + ac_msg="=== configuring in $ac_dir (`pwd`/$ac_dir)" + $as_echo "$as_me:${as_lineno-$LINENO}: $ac_msg" >&5 + $as_echo "$ac_msg" >&6 + as_dir="$ac_dir"; as_fn_mkdir_p + ac_builddir=. + +case "$ac_dir" in +.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; +*) + ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'` + # A ".." for each directory in $ac_dir_suffix. + ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` + case $ac_top_builddir_sub in + "") ac_top_builddir_sub=. ac_top_build_prefix= ;; + *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; + esac ;; +esac +ac_abs_top_builddir=$ac_pwd +ac_abs_builddir=$ac_pwd$ac_dir_suffix +# for backward compatibility: +ac_top_builddir=$ac_top_build_prefix + +case $srcdir in + .) # We are building in place. + ac_srcdir=. + ac_top_srcdir=$ac_top_builddir_sub + ac_abs_top_srcdir=$ac_pwd ;; + [\\/]* | ?:[\\/]* ) # Absolute name. + ac_srcdir=$srcdir$ac_dir_suffix; + ac_top_srcdir=$srcdir + ac_abs_top_srcdir=$srcdir ;; + *) # Relative name. + ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix + ac_top_srcdir=$ac_top_build_prefix$srcdir + ac_abs_top_srcdir=$ac_pwd/$srcdir ;; +esac +ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix + + + cd "$ac_dir" + + # Check for guested configure; otherwise get Cygnus style configure. + if test -f "$ac_srcdir/configure.gnu"; then + ac_sub_configure=$ac_srcdir/configure.gnu + elif test -f "$ac_srcdir/configure"; then + ac_sub_configure=$ac_srcdir/configure + elif test -f "$ac_srcdir/configure.in"; then + # This should be Cygnus configure. + ac_sub_configure=$ac_aux_dir/configure + else + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: no configuration information is in $ac_dir" >&5 +$as_echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2;} + ac_sub_configure= + fi + + # The recursion is here. + if test -n "$ac_sub_configure"; then + # Make the cache file name correct relative to the subdirectory. + case $cache_file in + [\\/]* | ?:[\\/]* ) ac_sub_cache_file=$cache_file ;; + *) # Relative name. + ac_sub_cache_file=$ac_top_build_prefix$cache_file ;; + esac + + { $as_echo "$as_me:${as_lineno-$LINENO}: running $SHELL $ac_sub_configure $ac_sub_configure_args --cache-file=$ac_sub_cache_file --srcdir=$ac_srcdir" >&5 +$as_echo "$as_me: running $SHELL $ac_sub_configure $ac_sub_configure_args --cache-file=$ac_sub_cache_file --srcdir=$ac_srcdir" >&6;} + # The eval makes quoting arguments work. + eval "\$SHELL \"\$ac_sub_configure\" $ac_sub_configure_args \ + --cache-file=\"\$ac_sub_cache_file\" --srcdir=\"\$ac_srcdir\"" || + as_fn_error $? "$ac_sub_configure failed for $ac_dir" "$LINENO" 5 + fi + + cd "$ac_popdir" + done +fi +if test -n "$ac_unrecognized_opts" && test "$enable_option_checking" != no; then + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: unrecognized options: $ac_unrecognized_opts" >&5 +$as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2;} +fi + diff -r e1d7053e4d45 -r 76dce3b9468e configure.ac --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/configure.ac Fri Jan 18 10:55:48 2013 +0000 @@ -0,0 +1,12 @@ +# -*- Autoconf -*- +# Process this file with autoconf to produce a configure script. + +AC_PREREQ([2.67]) +AC_INIT([Xen Hypervisor], m4_esyscmd([./version.sh ./xen/Makefile]), + [xen-devel@lists.xen.org], [xen], [http://www.xen.org/]) +AC_CONFIG_SRCDIR([./xen/common/kernel.c]) +AC_PREFIX_DEFAULT([/usr]) + +AC_CONFIG_SUBDIRS([tools stubdom]) + +AC_OUTPUT() diff -r e1d7053e4d45 -r 76dce3b9468e tools/config.guess --- a/tools/config.guess Fri Jan 18 10:55:47 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,1502 +0,0 @@ -#! /bin/sh -# Attempt to guess a canonical system name. -# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, -# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 -# Free Software Foundation, Inc. - -timestamp='2009-12-30' - -# This file is free software; you can redistribute it and/or modify it -# under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA -# 02110-1301, USA. -# -# As a special exception to the GNU General Public License, if you -# distribute this file as part of a program that contains a -# configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that program. - - -# Originally written by Per Bothner. Please send patches (context -# diff format) to and include a ChangeLog -# entry. -# -# This script attempts to guess a canonical system name similar to -# config.sub. If it succeeds, it prints the system name on stdout, and -# exits with 0. Otherwise, it exits with 1. -# -# You can get the latest version of this script from: -# http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess;hb=HEAD - -me=`echo "$0" | sed -e 's,.*/,,'` - -usage="\ -Usage: $0 [OPTION] - -Output the configuration name of the system \`$me' is run on. - -Operation modes: - -h, --help print this help, then exit - -t, --time-stamp print date of last modification, then exit - -v, --version print version number, then exit - -Report bugs and patches to ." - -version="\ -GNU config.guess ($timestamp) - -Originally written by Per Bothner. -Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, -2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free -Software Foundation, Inc. - -This is free software; see the source for copying conditions. There is NO -warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." - -help=" -Try \`$me --help' for more information." - -# Parse command line -while test $# -gt 0 ; do - case $1 in - --time-stamp | --time* | -t ) - echo "$timestamp" ; exit ;; - --version | -v ) - echo "$version" ; exit ;; - --help | --h* | -h ) - echo "$usage"; exit ;; - -- ) # Stop option processing - shift; break ;; - - ) # Use stdin as input. - break ;; - -* ) - echo "$me: invalid option $1$help" >&2 - exit 1 ;; - * ) - break ;; - esac -done - -if test $# != 0; then - echo "$me: too many arguments$help" >&2 - exit 1 -fi - -trap 'exit 1' 1 2 15 - -# CC_FOR_BUILD -- compiler used by this script. Note that the use of a -# compiler to aid in system detection is discouraged as it requires -# temporary files to be created and, as you can see below, it is a -# headache to deal with in a portable fashion. - -# Historically, `CC_FOR_BUILD' used to be named `HOST_CC'. We still -# use `HOST_CC' if defined, but it is deprecated. - -# Portable tmp directory creation inspired by the Autoconf team. - -set_cc_for_build=' -trap "exitcode=\$?; (rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null) && exit \$exitcode" 0 ; -trap "rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null; exit 1" 1 2 13 15 ; -: ${TMPDIR=/tmp} ; - { tmp=`(umask 077 && mktemp -d "$TMPDIR/cgXXXXXX") 2>/dev/null` && test -n "$tmp" && test -d "$tmp" ; } || - { test -n "$RANDOM" && tmp=$TMPDIR/cg$$-$RANDOM && (umask 077 && mkdir $tmp) ; } || - { tmp=$TMPDIR/cg-$$ && (umask 077 && mkdir $tmp) && echo "Warning: creating insecure temp directory" >&2 ; } || - { echo "$me: cannot create a temporary directory in $TMPDIR" >&2 ; exit 1 ; } ; -dummy=$tmp/dummy ; -tmpfiles="$dummy.c $dummy.o $dummy.rel $dummy" ; -case $CC_FOR_BUILD,$HOST_CC,$CC in - ,,) echo "int x;" > $dummy.c ; - for c in cc gcc c89 c99 ; do - if ($c -c -o $dummy.o $dummy.c) >/dev/null 2>&1 ; then - CC_FOR_BUILD="$c"; break ; - fi ; - done ; - if test x"$CC_FOR_BUILD" = x ; then - CC_FOR_BUILD=no_compiler_found ; - fi - ;; - ,,*) CC_FOR_BUILD=$CC ;; - ,*,*) CC_FOR_BUILD=$HOST_CC ;; -esac ; set_cc_for_build= ;' - -# This is needed to find uname on a Pyramid OSx when run in the BSD universe. -# (ghazi@noc.rutgers.edu 1994-08-24) -if (test -f /.attbin/uname) >/dev/null 2>&1 ; then - PATH=$PATH:/.attbin ; export PATH -fi - -UNAME_MACHINE=`(uname -m) 2>/dev/null` || UNAME_MACHINE=unknown -UNAME_RELEASE=`(uname -r) 2>/dev/null` || UNAME_RELEASE=unknown -UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown -UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown - -# Note: order is significant - the case branches are not exclusive. - -case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in - *:NetBSD:*:*) - # NetBSD (nbsd) targets should (where applicable) match one or - # more of the tupples: *-*-netbsdelf*, *-*-netbsdaout*, - # *-*-netbsdecoff* and *-*-netbsd*. For targets that recently - # switched to ELF, *-*-netbsd* would select the old - # object file format. This provides both forward - # compatibility and a consistent mechanism for selecting the - # object file format. - # - # Note: NetBSD doesn't particularly care about the vendor - # portion of the name. We always set it to "unknown". - sysctl="sysctl -n hw.machine_arch" - UNAME_MACHINE_ARCH=`(/sbin/$sysctl 2>/dev/null || \ - /usr/sbin/$sysctl 2>/dev/null || echo unknown)` - case "${UNAME_MACHINE_ARCH}" in - armeb) machine=armeb-unknown ;; - arm*) machine=arm-unknown ;; - sh3el) machine=shl-unknown ;; - sh3eb) machine=sh-unknown ;; - sh5el) machine=sh5le-unknown ;; - *) machine=${UNAME_MACHINE_ARCH}-unknown ;; - esac - # The Operating System including object format, if it has switched - # to ELF recently, or will in the future. - case "${UNAME_MACHINE_ARCH}" in - arm*|i386|m68k|ns32k|sh3*|sparc|vax) - eval $set_cc_for_build - if echo __ELF__ | $CC_FOR_BUILD -E - 2>/dev/null \ - | grep -q __ELF__ - then - # Once all utilities can be ECOFF (netbsdecoff) or a.out (netbsdaout). - # Return netbsd for either. FIX? - os=netbsd - else - os=netbsdelf - fi - ;; - *) - os=netbsd - ;; - esac - # The OS release - # Debian GNU/NetBSD machines have a different userland, and - # thus, need a distinct triplet. However, they do not need - # kernel version information, so it can be replaced with a - # suitable tag, in the style of linux-gnu. - case "${UNAME_VERSION}" in - Debian*) - release='-gnu' - ;; - *) - release=`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'` - ;; - esac - # Since CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM: - # contains redundant information, the shorter form: - # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used. - echo "${machine}-${os}${release}" - exit ;; - *:OpenBSD:*:*) - UNAME_MACHINE_ARCH=`arch | sed 's/OpenBSD.//'` - echo ${UNAME_MACHINE_ARCH}-unknown-openbsd${UNAME_RELEASE} - exit ;; - *:ekkoBSD:*:*) - echo ${UNAME_MACHINE}-unknown-ekkobsd${UNAME_RELEASE} - exit ;; - *:SolidBSD:*:*) - echo ${UNAME_MACHINE}-unknown-solidbsd${UNAME_RELEASE} - exit ;; - macppc:MirBSD:*:*) - echo powerpc-unknown-mirbsd${UNAME_RELEASE} - exit ;; - *:MirBSD:*:*) - echo ${UNAME_MACHINE}-unknown-mirbsd${UNAME_RELEASE} - exit ;; - alpha:OSF1:*:*) - case $UNAME_RELEASE in - *4.0) - UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'` - ;; - *5.*) - UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $4}'` - ;; - esac - # According to Compaq, /usr/sbin/psrinfo has been available on - # OSF/1 and Tru64 systems produced since 1995. I hope that - # covers most systems running today. This code pipes the CPU - # types through head -n 1, so we only detect the type of CPU 0. - ALPHA_CPU_TYPE=`/usr/sbin/psrinfo -v | sed -n -e 's/^ The alpha \(.*\) processor.*$/\1/p' | head -n 1` - case "$ALPHA_CPU_TYPE" in - "EV4 (21064)") - UNAME_MACHINE="alpha" ;; - "EV4.5 (21064)") - UNAME_MACHINE="alpha" ;; - "LCA4 (21066/21068)") - UNAME_MACHINE="alpha" ;; - "EV5 (21164)") - UNAME_MACHINE="alphaev5" ;; - "EV5.6 (21164A)") - UNAME_MACHINE="alphaev56" ;; - "EV5.6 (21164PC)") - UNAME_MACHINE="alphapca56" ;; - "EV5.7 (21164PC)") - UNAME_MACHINE="alphapca57" ;; - "EV6 (21264)") - UNAME_MACHINE="alphaev6" ;; - "EV6.7 (21264A)") - UNAME_MACHINE="alphaev67" ;; - "EV6.8CB (21264C)") - UNAME_MACHINE="alphaev68" ;; - "EV6.8AL (21264B)") - UNAME_MACHINE="alphaev68" ;; - "EV6.8CX (21264D)") - UNAME_MACHINE="alphaev68" ;; - "EV6.9A (21264/EV69A)") - UNAME_MACHINE="alphaev69" ;; - "EV7 (21364)") - UNAME_MACHINE="alphaev7" ;; - "EV7.9 (21364A)") - UNAME_MACHINE="alphaev79" ;; - esac - # A Pn.n version is a patched version. - # A Vn.n version is a released version. - # A Tn.n version is a released field test version. - # A Xn.n version is an unreleased experimental baselevel. - # 1.2 uses "1.2" for uname -r. - echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[PVTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` - exit ;; - Alpha\ *:Windows_NT*:*) - # How do we know it's Interix rather than the generic POSIX subsystem? - # Should we change UNAME_MACHINE based on the output of uname instead - # of the specific Alpha model? - echo alpha-pc-interix - exit ;; - 21064:Windows_NT:50:3) - echo alpha-dec-winnt3.5 - exit ;; - Amiga*:UNIX_System_V:4.0:*) - echo m68k-unknown-sysv4 - exit ;; - *:[Aa]miga[Oo][Ss]:*:*) - echo ${UNAME_MACHINE}-unknown-amigaos - exit ;; - *:[Mm]orph[Oo][Ss]:*:*) - echo ${UNAME_MACHINE}-unknown-morphos - exit ;; - *:OS/390:*:*) - echo i370-ibm-openedition - exit ;; - *:z/VM:*:*) - echo s390-ibm-zvmoe - exit ;; - *:OS400:*:*) - echo powerpc-ibm-os400 - exit ;; - arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*) - echo arm-acorn-riscix${UNAME_RELEASE} - exit ;; - arm:riscos:*:*|arm:RISCOS:*:*) - echo arm-unknown-riscos - exit ;; - SR2?01:HI-UX/MPP:*:* | SR8000:HI-UX/MPP:*:*) - echo hppa1.1-hitachi-hiuxmpp - exit ;; - Pyramid*:OSx*:*:* | MIS*:OSx*:*:* | MIS*:SMP_DC-OSx*:*:*) - # akee@wpdis03.wpafb.af.mil (Earle F. Ake) contributed MIS and NILE. - if test "`(/bin/universe) 2>/dev/null`" = att ; then - echo pyramid-pyramid-sysv3 - else - echo pyramid-pyramid-bsd - fi - exit ;; - NILE*:*:*:dcosx) - echo pyramid-pyramid-svr4 - exit ;; - DRS?6000:unix:4.0:6*) - echo sparc-icl-nx6 - exit ;; - DRS?6000:UNIX_SV:4.2*:7* | DRS?6000:isis:4.2*:7*) - case `/usr/bin/uname -p` in - sparc) echo sparc-icl-nx7; exit ;; - esac ;; - s390x:SunOS:*:*) - echo ${UNAME_MACHINE}-ibm-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit ;; - sun4H:SunOS:5.*:*) - echo sparc-hal-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit ;; - sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*) - echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit ;; - i86pc:AuroraUX:5.*:* | i86xen:AuroraUX:5.*:*) - echo i386-pc-auroraux${UNAME_RELEASE} - exit ;; - i86pc:SunOS:5.*:* | i86xen:SunOS:5.*:*) - eval $set_cc_for_build - SUN_ARCH="i386" - # If there is a compiler, see if it is configured for 64-bit objects. - # Note that the Sun cc does not turn __LP64__ into 1 like gcc does. - # This test works for both compilers. - if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then - if (echo '#ifdef __amd64'; echo IS_64BIT_ARCH; echo '#endif') | \ - (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \ - grep IS_64BIT_ARCH >/dev/null - then - SUN_ARCH="x86_64" - fi - fi - echo ${SUN_ARCH}-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit ;; - sun4*:SunOS:6*:*) - # According to config.sub, this is the proper way to canonicalize - # SunOS6. Hard to guess exactly what SunOS6 will be like, but - # it's likely to be more like Solaris than SunOS4. - echo sparc-sun-solaris3`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit ;; - sun4*:SunOS:*:*) - case "`/usr/bin/arch -k`" in - Series*|S4*) - UNAME_RELEASE=`uname -v` - ;; - esac - # Japanese Language versions have a version number like `4.1.3-JL'. - echo sparc-sun-sunos`echo ${UNAME_RELEASE}|sed -e 's/-/_/'` - exit ;; - sun3*:SunOS:*:*) - echo m68k-sun-sunos${UNAME_RELEASE} - exit ;; - sun*:*:4.2BSD:*) - UNAME_RELEASE=`(sed 1q /etc/motd | awk '{print substr($5,1,3)}') 2>/dev/null` - test "x${UNAME_RELEASE}" = "x" && UNAME_RELEASE=3 - case "`/bin/arch`" in - sun3) - echo m68k-sun-sunos${UNAME_RELEASE} - ;; - sun4) - echo sparc-sun-sunos${UNAME_RELEASE} - ;; - esac - exit ;; - aushp:SunOS:*:*) - echo sparc-auspex-sunos${UNAME_RELEASE} - exit ;; - # The situation for MiNT is a little confusing. The machine name - # can be virtually everything (everything which is not - # "atarist" or "atariste" at least should have a processor - # > m68000). The system name ranges from "MiNT" over "FreeMiNT" - # to the lowercase version "mint" (or "freemint"). Finally - # the system name "TOS" denotes a system which is actually not - # MiNT. But MiNT is downward compatible to TOS, so this should - # be no problem. - atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*) - echo m68k-atari-mint${UNAME_RELEASE} - exit ;; - atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*) - echo m68k-atari-mint${UNAME_RELEASE} - exit ;; - *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*) - echo m68k-atari-mint${UNAME_RELEASE} - exit ;; - milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*) - echo m68k-milan-mint${UNAME_RELEASE} - exit ;; - hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*) - echo m68k-hades-mint${UNAME_RELEASE} - exit ;; - *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*) - echo m68k-unknown-mint${UNAME_RELEASE} - exit ;; - m68k:machten:*:*) - echo m68k-apple-machten${UNAME_RELEASE} - exit ;; - powerpc:machten:*:*) - echo powerpc-apple-machten${UNAME_RELEASE} - exit ;; - RISC*:Mach:*:*) - echo mips-dec-mach_bsd4.3 - exit ;; - RISC*:ULTRIX:*:*) - echo mips-dec-ultrix${UNAME_RELEASE} - exit ;; - VAX*:ULTRIX*:*:*) - echo vax-dec-ultrix${UNAME_RELEASE} - exit ;; - 2020:CLIX:*:* | 2430:CLIX:*:*) - echo clipper-intergraph-clix${UNAME_RELEASE} - exit ;; - mips:*:*:UMIPS | mips:*:*:RISCos) - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c -#ifdef __cplusplus -#include /* for printf() prototype */ - int main (int argc, char *argv[]) { -#else - int main (argc, argv) int argc; char *argv[]; { -#endif - #if defined (host_mips) && defined (MIPSEB) - #if defined (SYSTYPE_SYSV) - printf ("mips-mips-riscos%ssysv\n", argv[1]); exit (0); - #endif - #if defined (SYSTYPE_SVR4) - printf ("mips-mips-riscos%ssvr4\n", argv[1]); exit (0); - #endif - #if defined (SYSTYPE_BSD43) || defined(SYSTYPE_BSD) - printf ("mips-mips-riscos%sbsd\n", argv[1]); exit (0); - #endif - #endif - exit (-1); - } -EOF - $CC_FOR_BUILD -o $dummy $dummy.c && - dummyarg=`echo "${UNAME_RELEASE}" | sed -n 's/\([0-9]*\).*/\1/p'` && - SYSTEM_NAME=`$dummy $dummyarg` && - { echo "$SYSTEM_NAME"; exit; } - echo mips-mips-riscos${UNAME_RELEASE} - exit ;; - Motorola:PowerMAX_OS:*:*) - echo powerpc-motorola-powermax - exit ;; - Motorola:*:4.3:PL8-*) - echo powerpc-harris-powermax - exit ;; - Night_Hawk:*:*:PowerMAX_OS | Synergy:PowerMAX_OS:*:*) - echo powerpc-harris-powermax - exit ;; - Night_Hawk:Power_UNIX:*:*) - echo powerpc-harris-powerunix - exit ;; - m88k:CX/UX:7*:*) - echo m88k-harris-cxux7 - exit ;; - m88k:*:4*:R4*) - echo m88k-motorola-sysv4 - exit ;; - m88k:*:3*:R3*) - echo m88k-motorola-sysv3 - exit ;; - AViiON:dgux:*:*) - # DG/UX returns AViiON for all architectures - UNAME_PROCESSOR=`/usr/bin/uname -p` - if [ $UNAME_PROCESSOR = mc88100 ] || [ $UNAME_PROCESSOR = mc88110 ] - then - if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx ] || \ - [ ${TARGET_BINARY_INTERFACE}x = x ] - then - echo m88k-dg-dgux${UNAME_RELEASE} - else - echo m88k-dg-dguxbcs${UNAME_RELEASE} - fi - else - echo i586-dg-dgux${UNAME_RELEASE} - fi - exit ;; - M88*:DolphinOS:*:*) # DolphinOS (SVR3) - echo m88k-dolphin-sysv3 - exit ;; - M88*:*:R3*:*) - # Delta 88k system running SVR3 - echo m88k-motorola-sysv3 - exit ;; - XD88*:*:*:*) # Tektronix XD88 system running UTekV (SVR3) - echo m88k-tektronix-sysv3 - exit ;; - Tek43[0-9][0-9]:UTek:*:*) # Tektronix 4300 system running UTek (BSD) - echo m68k-tektronix-bsd - exit ;; - *:IRIX*:*:*) - echo mips-sgi-irix`echo ${UNAME_RELEASE}|sed -e 's/-/_/g'` - exit ;; - ????????:AIX?:[12].1:2) # AIX 2.2.1 or AIX 2.1.1 is RT/PC AIX. - echo romp-ibm-aix # uname -m gives an 8 hex-code CPU id - exit ;; # Note that: echo "'`uname -s`'" gives 'AIX ' - i*86:AIX:*:*) - echo i386-ibm-aix - exit ;; - ia64:AIX:*:*) - if [ -x /usr/bin/oslevel ] ; then - IBM_REV=`/usr/bin/oslevel` - else - IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE} - fi - echo ${UNAME_MACHINE}-ibm-aix${IBM_REV} - exit ;; - *:AIX:2:3) - if grep bos325 /usr/include/stdio.h >/dev/null 2>&1; then - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c - #include - - main() - { - if (!__power_pc()) - exit(1); - puts("powerpc-ibm-aix3.2.5"); - exit(0); - } -EOF - if $CC_FOR_BUILD -o $dummy $dummy.c && SYSTEM_NAME=`$dummy` - then - echo "$SYSTEM_NAME" - else - echo rs6000-ibm-aix3.2.5 - fi - elif grep bos324 /usr/include/stdio.h >/dev/null 2>&1; then - echo rs6000-ibm-aix3.2.4 - else - echo rs6000-ibm-aix3.2 - fi - exit ;; - *:AIX:*:[456]) - IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | sed 1q | awk '{ print $1 }'` - if /usr/sbin/lsattr -El ${IBM_CPU_ID} | grep ' POWER' >/dev/null 2>&1; then - IBM_ARCH=rs6000 - else - IBM_ARCH=powerpc - fi - if [ -x /usr/bin/oslevel ] ; then - IBM_REV=`/usr/bin/oslevel` - else - IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE} - fi - echo ${IBM_ARCH}-ibm-aix${IBM_REV} - exit ;; - *:AIX:*:*) - echo rs6000-ibm-aix - exit ;; - ibmrt:4.4BSD:*|romp-ibm:BSD:*) - echo romp-ibm-bsd4.4 - exit ;; - ibmrt:*BSD:*|romp-ibm:BSD:*) # covers RT/PC BSD and - echo romp-ibm-bsd${UNAME_RELEASE} # 4.3 with uname added to - exit ;; # report: romp-ibm BSD 4.3 - *:BOSX:*:*) - echo rs6000-bull-bosx - exit ;; - DPX/2?00:B.O.S.:*:*) - echo m68k-bull-sysv3 - exit ;; - 9000/[34]??:4.3bsd:1.*:*) - echo m68k-hp-bsd - exit ;; - hp300:4.4BSD:*:* | 9000/[34]??:4.3bsd:2.*:*) - echo m68k-hp-bsd4.4 - exit ;; - 9000/[34678]??:HP-UX:*:*) - HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` - case "${UNAME_MACHINE}" in - 9000/31? ) HP_ARCH=m68000 ;; - 9000/[34]?? ) HP_ARCH=m68k ;; - 9000/[678][0-9][0-9]) - if [ -x /usr/bin/getconf ]; then - sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null` - sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null` - case "${sc_cpu_version}" in - 523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0 - 528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1 - 532) # CPU_PA_RISC2_0 - case "${sc_kernel_bits}" in - 32) HP_ARCH="hppa2.0n" ;; - 64) HP_ARCH="hppa2.0w" ;; - '') HP_ARCH="hppa2.0" ;; # HP-UX 10.20 - esac ;; - esac - fi - if [ "${HP_ARCH}" = "" ]; then - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c - - #define _HPUX_SOURCE - #include - #include - - int main () - { - #if defined(_SC_KERNEL_BITS) - long bits = sysconf(_SC_KERNEL_BITS); - #endif - long cpu = sysconf (_SC_CPU_VERSION); - - switch (cpu) - { - case CPU_PA_RISC1_0: puts ("hppa1.0"); break; - case CPU_PA_RISC1_1: puts ("hppa1.1"); break; - case CPU_PA_RISC2_0: - #if defined(_SC_KERNEL_BITS) - switch (bits) - { - case 64: puts ("hppa2.0w"); break; - case 32: puts ("hppa2.0n"); break; - default: puts ("hppa2.0"); break; - } break; - #else /* !defined(_SC_KERNEL_BITS) */ - puts ("hppa2.0"); break; - #endif - default: puts ("hppa1.0"); break; - } - exit (0); - } -EOF - (CCOPTS= $CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null) && HP_ARCH=`$dummy` - test -z "$HP_ARCH" && HP_ARCH=hppa - fi ;; - esac - if [ ${HP_ARCH} = "hppa2.0w" ] - then - eval $set_cc_for_build - - # hppa2.0w-hp-hpux* has a 64-bit kernel and a compiler generating - # 32-bit code. hppa64-hp-hpux* has the same kernel and a compiler - # generating 64-bit code. GNU and HP use different nomenclature: - # - # $ CC_FOR_BUILD=cc ./config.guess - # => hppa2.0w-hp-hpux11.23 - # $ CC_FOR_BUILD="cc +DA2.0w" ./config.guess - # => hppa64-hp-hpux11.23 - - if echo __LP64__ | (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | - grep -q __LP64__ - then - HP_ARCH="hppa2.0w" - else - HP_ARCH="hppa64" - fi - fi - echo ${HP_ARCH}-hp-hpux${HPUX_REV} - exit ;; - ia64:HP-UX:*:*) - HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` - echo ia64-hp-hpux${HPUX_REV} - exit ;; - 3050*:HI-UX:*:*) - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c - #include - int - main () - { - long cpu = sysconf (_SC_CPU_VERSION); - /* The order matters, because CPU_IS_HP_MC68K erroneously returns - true for CPU_PA_RISC1_0. CPU_IS_PA_RISC returns correct - results, however. */ - if (CPU_IS_PA_RISC (cpu)) - { - switch (cpu) - { - case CPU_PA_RISC1_0: puts ("hppa1.0-hitachi-hiuxwe2"); break; - case CPU_PA_RISC1_1: puts ("hppa1.1-hitachi-hiuxwe2"); break; - case CPU_PA_RISC2_0: puts ("hppa2.0-hitachi-hiuxwe2"); break; - default: puts ("hppa-hitachi-hiuxwe2"); break; - } - } - else if (CPU_IS_HP_MC68K (cpu)) - puts ("m68k-hitachi-hiuxwe2"); - else puts ("unknown-hitachi-hiuxwe2"); - exit (0); - } -EOF - $CC_FOR_BUILD -o $dummy $dummy.c && SYSTEM_NAME=`$dummy` && - { echo "$SYSTEM_NAME"; exit; } - echo unknown-hitachi-hiuxwe2 - exit ;; - 9000/7??:4.3bsd:*:* | 9000/8?[79]:4.3bsd:*:* ) - echo hppa1.1-hp-bsd - exit ;; - 9000/8??:4.3bsd:*:*) - echo hppa1.0-hp-bsd - exit ;; - *9??*:MPE/iX:*:* | *3000*:MPE/iX:*:*) - echo hppa1.0-hp-mpeix - exit ;; - hp7??:OSF1:*:* | hp8?[79]:OSF1:*:* ) - echo hppa1.1-hp-osf - exit ;; - hp8??:OSF1:*:*) - echo hppa1.0-hp-osf - exit ;; - i*86:OSF1:*:*) - if [ -x /usr/sbin/sysversion ] ; then - echo ${UNAME_MACHINE}-unknown-osf1mk - else - echo ${UNAME_MACHINE}-unknown-osf1 - fi - exit ;; - parisc*:Lites*:*:*) - echo hppa1.1-hp-lites - exit ;; - C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*) - echo c1-convex-bsd - exit ;; - C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*) - if getsysinfo -f scalar_acc - then echo c32-convex-bsd - else echo c2-convex-bsd - fi - exit ;; - C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*) - echo c34-convex-bsd - exit ;; - C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*) - echo c38-convex-bsd - exit ;; - C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*) - echo c4-convex-bsd - exit ;; - CRAY*Y-MP:*:*:*) - echo ymp-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' - exit ;; - CRAY*[A-Z]90:*:*:*) - echo ${UNAME_MACHINE}-cray-unicos${UNAME_RELEASE} \ - | sed -e 's/CRAY.*\([A-Z]90\)/\1/' \ - -e y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/ \ - -e 's/\.[^.]*$/.X/' - exit ;; - CRAY*TS:*:*:*) - echo t90-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' - exit ;; - CRAY*T3E:*:*:*) - echo alphaev5-cray-unicosmk${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' - exit ;; - CRAY*SV1:*:*:*) - echo sv1-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' - exit ;; - *:UNICOS/mp:*:*) - echo craynv-cray-unicosmp${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' - exit ;; - F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*) - FUJITSU_PROC=`uname -m | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` - FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` - FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'` - echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" - exit ;; - 5000:UNIX_System_V:4.*:*) - FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` - FUJITSU_REL=`echo ${UNAME_RELEASE} | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/ /_/'` - echo "sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" - exit ;; - i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*) - echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE} - exit ;; - sparc*:BSD/OS:*:*) - echo sparc-unknown-bsdi${UNAME_RELEASE} - exit ;; - *:BSD/OS:*:*) - echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE} - exit ;; - *:FreeBSD:*:*) - case ${UNAME_MACHINE} in - pc98) - echo i386-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; - amd64) - echo x86_64-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; - *) - echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; - esac - exit ;; - i*:CYGWIN*:*) - echo ${UNAME_MACHINE}-pc-cygwin - exit ;; - *:MINGW*:*) - echo ${UNAME_MACHINE}-pc-mingw32 - exit ;; - i*:windows32*:*) - # uname -m includes "-pc" on this system. - echo ${UNAME_MACHINE}-mingw32 - exit ;; - i*:PW*:*) - echo ${UNAME_MACHINE}-pc-pw32 - exit ;; - *:Interix*:*) - case ${UNAME_MACHINE} in - x86) - echo i586-pc-interix${UNAME_RELEASE} - exit ;; - authenticamd | genuineintel | EM64T) - echo x86_64-unknown-interix${UNAME_RELEASE} - exit ;; - IA64) - echo ia64-unknown-interix${UNAME_RELEASE} - exit ;; - esac ;; - [345]86:Windows_95:* | [345]86:Windows_98:* | [345]86:Windows_NT:*) - echo i${UNAME_MACHINE}-pc-mks - exit ;; - 8664:Windows_NT:*) - echo x86_64-pc-mks - exit ;; - i*:Windows_NT*:* | Pentium*:Windows_NT*:*) - # How do we know it's Interix rather than the generic POSIX subsystem? - # It also conflicts with pre-2.0 versions of AT&T UWIN. Should we - # UNAME_MACHINE based on the output of uname instead of i386? - echo i586-pc-interix - exit ;; - i*:UWIN*:*) - echo ${UNAME_MACHINE}-pc-uwin - exit ;; - amd64:CYGWIN*:*:* | x86_64:CYGWIN*:*:*) - echo x86_64-unknown-cygwin - exit ;; - p*:CYGWIN*:*) - echo powerpcle-unknown-cygwin - exit ;; - prep*:SunOS:5.*:*) - echo powerpcle-unknown-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit ;; - *:GNU:*:*) - # the GNU system - echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-gnu`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'` - exit ;; - *:GNU/*:*:*) - # other systems with GNU libc and userland - echo ${UNAME_MACHINE}-unknown-`echo ${UNAME_SYSTEM} | sed 's,^[^/]*/,,' | tr '[A-Z]' '[a-z]'``echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`-gnu - exit ;; - i*86:Minix:*:*) - echo ${UNAME_MACHINE}-pc-minix - exit ;; - alpha:Linux:*:*) - case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in - EV5) UNAME_MACHINE=alphaev5 ;; - EV56) UNAME_MACHINE=alphaev56 ;; - PCA56) UNAME_MACHINE=alphapca56 ;; - PCA57) UNAME_MACHINE=alphapca56 ;; - EV6) UNAME_MACHINE=alphaev6 ;; - EV67) UNAME_MACHINE=alphaev67 ;; - EV68*) UNAME_MACHINE=alphaev68 ;; - esac - objdump --private-headers /bin/sh | grep -q ld.so.1 - if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi - echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC} - exit ;; - arm*:Linux:*:*) - eval $set_cc_for_build - if echo __ARM_EABI__ | $CC_FOR_BUILD -E - 2>/dev/null \ - | grep -q __ARM_EABI__ - then - echo ${UNAME_MACHINE}-unknown-linux-gnu - else - echo ${UNAME_MACHINE}-unknown-linux-gnueabi - fi - exit ;; - avr32*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu - exit ;; - cris:Linux:*:*) - echo cris-axis-linux-gnu - exit ;; - crisv32:Linux:*:*) - echo crisv32-axis-linux-gnu - exit ;; - frv:Linux:*:*) - echo frv-unknown-linux-gnu - exit ;; - i*86:Linux:*:*) - LIBC=gnu - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c - #ifdef __dietlibc__ - LIBC=dietlibc - #endif -EOF - eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^LIBC'` - echo "${UNAME_MACHINE}-pc-linux-${LIBC}" - exit ;; - ia64:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu - exit ;; - m32r*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu - exit ;; - m68*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu - exit ;; - mips:Linux:*:* | mips64:Linux:*:*) - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c - #undef CPU - #undef ${UNAME_MACHINE} - #undef ${UNAME_MACHINE}el - #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL) - CPU=${UNAME_MACHINE}el - #else - #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB) - CPU=${UNAME_MACHINE} - #else - CPU= - #endif - #endif -EOF - eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^CPU'` - test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; } - ;; - or32:Linux:*:*) - echo or32-unknown-linux-gnu - exit ;; - padre:Linux:*:*) - echo sparc-unknown-linux-gnu - exit ;; - parisc64:Linux:*:* | hppa64:Linux:*:*) - echo hppa64-unknown-linux-gnu - exit ;; - parisc:Linux:*:* | hppa:Linux:*:*) - # Look for CPU level - case `grep '^cpu[^a-z]*:' /proc/cpuinfo 2>/dev/null | cut -d' ' -f2` in - PA7*) echo hppa1.1-unknown-linux-gnu ;; - PA8*) echo hppa2.0-unknown-linux-gnu ;; - *) echo hppa-unknown-linux-gnu ;; - esac - exit ;; - ppc64:Linux:*:*) - echo powerpc64-unknown-linux-gnu - exit ;; - ppc:Linux:*:*) - echo powerpc-unknown-linux-gnu - exit ;; - s390:Linux:*:* | s390x:Linux:*:*) - echo ${UNAME_MACHINE}-ibm-linux - exit ;; - sh64*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu - exit ;; - sh*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu - exit ;; - sparc:Linux:*:* | sparc64:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu - exit ;; - vax:Linux:*:*) - echo ${UNAME_MACHINE}-dec-linux-gnu - exit ;; - x86_64:Linux:*:*) - echo x86_64-unknown-linux-gnu - exit ;; - xtensa*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu - exit ;; - i*86:DYNIX/ptx:4*:*) - # ptx 4.0 does uname -s correctly, with DYNIX/ptx in there. - # earlier versions are messed up and put the nodename in both - # sysname and nodename. - echo i386-sequent-sysv4 - exit ;; - i*86:UNIX_SV:4.2MP:2.*) - # Unixware is an offshoot of SVR4, but it has its own version - # number series starting with 2... - # I am not positive that other SVR4 systems won't match this, - # I just have to hope. -- rms. - # Use sysv4.2uw... so that sysv4* matches it. - echo ${UNAME_MACHINE}-pc-sysv4.2uw${UNAME_VERSION} - exit ;; - i*86:OS/2:*:*) - # If we were able to find `uname', then EMX Unix compatibility - # is probably installed. - echo ${UNAME_MACHINE}-pc-os2-emx - exit ;; - i*86:XTS-300:*:STOP) - echo ${UNAME_MACHINE}-unknown-stop - exit ;; - i*86:atheos:*:*) - echo ${UNAME_MACHINE}-unknown-atheos - exit ;; - i*86:syllable:*:*) - echo ${UNAME_MACHINE}-pc-syllable - exit ;; - i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.[02]*:*) - echo i386-unknown-lynxos${UNAME_RELEASE} - exit ;; - i*86:*DOS:*:*) - echo ${UNAME_MACHINE}-pc-msdosdjgpp - exit ;; - i*86:*:4.*:* | i*86:SYSTEM_V:4.*:*) - UNAME_REL=`echo ${UNAME_RELEASE} | sed 's/\/MP$//'` - if grep Novell /usr/include/link.h >/dev/null 2>/dev/null; then - echo ${UNAME_MACHINE}-univel-sysv${UNAME_REL} - else - echo ${UNAME_MACHINE}-pc-sysv${UNAME_REL} - fi - exit ;; - i*86:*:5:[678]*) - # UnixWare 7.x, OpenUNIX and OpenServer 6. - case `/bin/uname -X | grep "^Machine"` in - *486*) UNAME_MACHINE=i486 ;; - *Pentium) UNAME_MACHINE=i586 ;; - *Pent*|*Celeron) UNAME_MACHINE=i686 ;; - esac - echo ${UNAME_MACHINE}-unknown-sysv${UNAME_RELEASE}${UNAME_SYSTEM}${UNAME_VERSION} - exit ;; - i*86:*:3.2:*) - if test -f /usr/options/cb.name; then - UNAME_REL=`sed -n 's/.*Version //p' /dev/null >/dev/null ; then - UNAME_REL=`(/bin/uname -X|grep Release|sed -e 's/.*= //')` - (/bin/uname -X|grep i80486 >/dev/null) && UNAME_MACHINE=i486 - (/bin/uname -X|grep '^Machine.*Pentium' >/dev/null) \ - && UNAME_MACHINE=i586 - (/bin/uname -X|grep '^Machine.*Pent *II' >/dev/null) \ - && UNAME_MACHINE=i686 - (/bin/uname -X|grep '^Machine.*Pentium Pro' >/dev/null) \ - && UNAME_MACHINE=i686 - echo ${UNAME_MACHINE}-pc-sco$UNAME_REL - else - echo ${UNAME_MACHINE}-pc-sysv32 - fi - exit ;; - pc:*:*:*) - # Left here for compatibility: - # uname -m prints for DJGPP always 'pc', but it prints nothing about - # the processor, so we play safe by assuming i586. - # Note: whatever this is, it MUST be the same as what config.sub - # prints for the "djgpp" host, or else GDB configury will decide that - # this is a cross-build. - echo i586-pc-msdosdjgpp - exit ;; - Intel:Mach:3*:*) - echo i386-pc-mach3 - exit ;; - paragon:*:*:*) - echo i860-intel-osf1 - exit ;; - i860:*:4.*:*) # i860-SVR4 - if grep Stardent /usr/include/sys/uadmin.h >/dev/null 2>&1 ; then - echo i860-stardent-sysv${UNAME_RELEASE} # Stardent Vistra i860-SVR4 - else # Add other i860-SVR4 vendors below as they are discovered. - echo i860-unknown-sysv${UNAME_RELEASE} # Unknown i860-SVR4 - fi - exit ;; - mini*:CTIX:SYS*5:*) - # "miniframe" - echo m68010-convergent-sysv - exit ;; - mc68k:UNIX:SYSTEM5:3.51m) - echo m68k-convergent-sysv - exit ;; - M680?0:D-NIX:5.3:*) - echo m68k-diab-dnix - exit ;; - M68*:*:R3V[5678]*:*) - test -r /sysV68 && { echo 'm68k-motorola-sysv'; exit; } ;; - 3[345]??:*:4.0:3.0 | 3[34]??A:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 3[34]??/*:*:4.0:3.0 | 4400:*:4.0:3.0 | 4850:*:4.0:3.0 | SKA40:*:4.0:3.0 | SDS2:*:4.0:3.0 | SHG2:*:4.0:3.0 | S7501*:*:4.0:3.0) - OS_REL='' - test -r /etc/.relid \ - && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid` - /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ - && { echo i486-ncr-sysv4.3${OS_REL}; exit; } - /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ - && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;; - 3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*) - /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ - && { echo i486-ncr-sysv4; exit; } ;; - NCR*:*:4.2:* | MPRAS*:*:4.2:*) - OS_REL='.3' - test -r /etc/.relid \ - && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid` - /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ - && { echo i486-ncr-sysv4.3${OS_REL}; exit; } - /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ - && { echo i586-ncr-sysv4.3${OS_REL}; exit; } - /bin/uname -p 2>/dev/null | /bin/grep pteron >/dev/null \ - && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;; - m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*) - echo m68k-unknown-lynxos${UNAME_RELEASE} - exit ;; - mc68030:UNIX_System_V:4.*:*) - echo m68k-atari-sysv4 - exit ;; - TSUNAMI:LynxOS:2.*:*) - echo sparc-unknown-lynxos${UNAME_RELEASE} - exit ;; - rs6000:LynxOS:2.*:*) - echo rs6000-unknown-lynxos${UNAME_RELEASE} - exit ;; - PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.[02]*:*) - echo powerpc-unknown-lynxos${UNAME_RELEASE} - exit ;; - SM[BE]S:UNIX_SV:*:*) - echo mips-dde-sysv${UNAME_RELEASE} - exit ;; - RM*:ReliantUNIX-*:*:*) - echo mips-sni-sysv4 - exit ;; - RM*:SINIX-*:*:*) - echo mips-sni-sysv4 - exit ;; - *:SINIX-*:*:*) - if uname -p 2>/dev/null >/dev/null ; then - UNAME_MACHINE=`(uname -p) 2>/dev/null` - echo ${UNAME_MACHINE}-sni-sysv4 - else - echo ns32k-sni-sysv - fi - exit ;; - PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort - # says - echo i586-unisys-sysv4 - exit ;; - *:UNIX_System_V:4*:FTX*) - # From Gerald Hewes . - # How about differentiating between stratus architectures? -djm - echo hppa1.1-stratus-sysv4 - exit ;; - *:*:*:FTX*) - # From seanf@swdc.stratus.com. - echo i860-stratus-sysv4 - exit ;; - i*86:VOS:*:*) - # From Paul.Green@stratus.com. - echo ${UNAME_MACHINE}-stratus-vos - exit ;; - *:VOS:*:*) - # From Paul.Green@stratus.com. - echo hppa1.1-stratus-vos - exit ;; - mc68*:A/UX:*:*) - echo m68k-apple-aux${UNAME_RELEASE} - exit ;; - news*:NEWS-OS:6*:*) - echo mips-sony-newsos6 - exit ;; - R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*) - if [ -d /usr/nec ]; then - echo mips-nec-sysv${UNAME_RELEASE} - else - echo mips-unknown-sysv${UNAME_RELEASE} - fi - exit ;; - BeBox:BeOS:*:*) # BeOS running on hardware made by Be, PPC only. - echo powerpc-be-beos - exit ;; - BeMac:BeOS:*:*) # BeOS running on Mac or Mac clone, PPC only. - echo powerpc-apple-beos - exit ;; - BePC:BeOS:*:*) # BeOS running on Intel PC compatible. - echo i586-pc-beos - exit ;; - BePC:Haiku:*:*) # Haiku running on Intel PC compatible. - echo i586-pc-haiku - exit ;; - SX-4:SUPER-UX:*:*) - echo sx4-nec-superux${UNAME_RELEASE} - exit ;; - SX-5:SUPER-UX:*:*) - echo sx5-nec-superux${UNAME_RELEASE} - exit ;; - SX-6:SUPER-UX:*:*) - echo sx6-nec-superux${UNAME_RELEASE} - exit ;; - SX-7:SUPER-UX:*:*) - echo sx7-nec-superux${UNAME_RELEASE} - exit ;; - SX-8:SUPER-UX:*:*) - echo sx8-nec-superux${UNAME_RELEASE} - exit ;; - SX-8R:SUPER-UX:*:*) - echo sx8r-nec-superux${UNAME_RELEASE} - exit ;; - Power*:Rhapsody:*:*) - echo powerpc-apple-rhapsody${UNAME_RELEASE} - exit ;; - *:Rhapsody:*:*) - echo ${UNAME_MACHINE}-apple-rhapsody${UNAME_RELEASE} - exit ;; - *:Darwin:*:*) - UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown - case $UNAME_PROCESSOR in - i386) - eval $set_cc_for_build - if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then - if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \ - (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \ - grep IS_64BIT_ARCH >/dev/null - then - UNAME_PROCESSOR="x86_64" - fi - fi ;; - unknown) UNAME_PROCESSOR=powerpc ;; - esac - echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE} - exit ;; - *:procnto*:*:* | *:QNX:[0123456789]*:*) - UNAME_PROCESSOR=`uname -p` - if test "$UNAME_PROCESSOR" = "x86"; then - UNAME_PROCESSOR=i386 - UNAME_MACHINE=pc - fi - echo ${UNAME_PROCESSOR}-${UNAME_MACHINE}-nto-qnx${UNAME_RELEASE} - exit ;; - *:QNX:*:4*) - echo i386-pc-qnx - exit ;; - NSE-?:NONSTOP_KERNEL:*:*) - echo nse-tandem-nsk${UNAME_RELEASE} - exit ;; - NSR-?:NONSTOP_KERNEL:*:*) - echo nsr-tandem-nsk${UNAME_RELEASE} - exit ;; - *:NonStop-UX:*:*) - echo mips-compaq-nonstopux - exit ;; - BS2000:POSIX*:*:*) - echo bs2000-siemens-sysv - exit ;; - DS/*:UNIX_System_V:*:*) - echo ${UNAME_MACHINE}-${UNAME_SYSTEM}-${UNAME_RELEASE} - exit ;; - *:Plan9:*:*) - # "uname -m" is not consistent, so use $cputype instead. 386 - # is converted to i386 for consistency with other x86 - # operating systems. - if test "$cputype" = "386"; then - UNAME_MACHINE=i386 - else - UNAME_MACHINE="$cputype" - fi - echo ${UNAME_MACHINE}-unknown-plan9 - exit ;; - *:TOPS-10:*:*) - echo pdp10-unknown-tops10 - exit ;; - *:TENEX:*:*) - echo pdp10-unknown-tenex - exit ;; - KS10:TOPS-20:*:* | KL10:TOPS-20:*:* | TYPE4:TOPS-20:*:*) - echo pdp10-dec-tops20 - exit ;; - XKL-1:TOPS-20:*:* | TYPE5:TOPS-20:*:*) - echo pdp10-xkl-tops20 - exit ;; - *:TOPS-20:*:*) - echo pdp10-unknown-tops20 - exit ;; - *:ITS:*:*) - echo pdp10-unknown-its - exit ;; - SEI:*:*:SEIUX) - echo mips-sei-seiux${UNAME_RELEASE} - exit ;; - *:DragonFly:*:*) - echo ${UNAME_MACHINE}-unknown-dragonfly`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` - exit ;; - *:*VMS:*:*) - UNAME_MACHINE=`(uname -p) 2>/dev/null` - case "${UNAME_MACHINE}" in - A*) echo alpha-dec-vms ; exit ;; - I*) echo ia64-dec-vms ; exit ;; - V*) echo vax-dec-vms ; exit ;; - esac ;; - *:XENIX:*:SysV) - echo i386-pc-xenix - exit ;; - i*86:skyos:*:*) - echo ${UNAME_MACHINE}-pc-skyos`echo ${UNAME_RELEASE}` | sed -e 's/ .*$//' - exit ;; - i*86:rdos:*:*) - echo ${UNAME_MACHINE}-pc-rdos - exit ;; - i*86:AROS:*:*) - echo ${UNAME_MACHINE}-pc-aros - exit ;; -esac - -#echo '(No uname command or uname output not recognized.)' 1>&2 -#echo "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" 1>&2 - -eval $set_cc_for_build -cat >$dummy.c < -# include -#endif -main () -{ -#if defined (sony) -#if defined (MIPSEB) - /* BFD wants "bsd" instead of "newsos". Perhaps BFD should be changed, - I don't know.... */ - printf ("mips-sony-bsd\n"); exit (0); -#else -#include - printf ("m68k-sony-newsos%s\n", -#ifdef NEWSOS4 - "4" -#else - "" -#endif - ); exit (0); -#endif -#endif - -#if defined (__arm) && defined (__acorn) && defined (__unix) - printf ("arm-acorn-riscix\n"); exit (0); -#endif - -#if defined (hp300) && !defined (hpux) - printf ("m68k-hp-bsd\n"); exit (0); -#endif - -#if defined (NeXT) -#if !defined (__ARCHITECTURE__) -#define __ARCHITECTURE__ "m68k" -#endif - int version; - version=`(hostinfo | sed -n 's/.*NeXT Mach \([0-9]*\).*/\1/p') 2>/dev/null`; - if (version < 4) - printf ("%s-next-nextstep%d\n", __ARCHITECTURE__, version); - else - printf ("%s-next-openstep%d\n", __ARCHITECTURE__, version); - exit (0); -#endif - -#if defined (MULTIMAX) || defined (n16) -#if defined (UMAXV) - printf ("ns32k-encore-sysv\n"); exit (0); -#else -#if defined (CMU) - printf ("ns32k-encore-mach\n"); exit (0); -#else - printf ("ns32k-encore-bsd\n"); exit (0); -#endif -#endif -#endif - -#if defined (__386BSD__) - printf ("i386-pc-bsd\n"); exit (0); -#endif - -#if defined (sequent) -#if defined (i386) - printf ("i386-sequent-dynix\n"); exit (0); -#endif -#if defined (ns32000) - printf ("ns32k-sequent-dynix\n"); exit (0); -#endif -#endif - -#if defined (_SEQUENT_) - struct utsname un; - - uname(&un); - - if (strncmp(un.version, "V2", 2) == 0) { - printf ("i386-sequent-ptx2\n"); exit (0); - } - if (strncmp(un.version, "V1", 2) == 0) { /* XXX is V1 correct? */ - printf ("i386-sequent-ptx1\n"); exit (0); - } - printf ("i386-sequent-ptx\n"); exit (0); - -#endif - -#if defined (vax) -# if !defined (ultrix) -# include -# if defined (BSD) -# if BSD == 43 - printf ("vax-dec-bsd4.3\n"); exit (0); -# else -# if BSD == 199006 - printf ("vax-dec-bsd4.3reno\n"); exit (0); -# else - printf ("vax-dec-bsd\n"); exit (0); -# endif -# endif -# else - printf ("vax-dec-bsd\n"); exit (0); -# endif -# else - printf ("vax-dec-ultrix\n"); exit (0); -# endif -#endif - -#if defined (alliant) && defined (i860) - printf ("i860-alliant-bsd\n"); exit (0); -#endif - - exit (1); -} -EOF - -$CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null && SYSTEM_NAME=`$dummy` && - { echo "$SYSTEM_NAME"; exit; } - -# Apollos put the system type in the environment. - -test -d /usr/apollo && { echo ${ISP}-apollo-${SYSTYPE}; exit; } - -# Convex versions that predate uname can use getsysinfo(1) - -if [ -x /usr/convex/getsysinfo ] -then - case `getsysinfo -f cpu_type` in - c1*) - echo c1-convex-bsd - exit ;; - c2*) - if getsysinfo -f scalar_acc - then echo c32-convex-bsd - else echo c2-convex-bsd - fi - exit ;; - c34*) - echo c34-convex-bsd - exit ;; - c38*) - echo c38-convex-bsd - exit ;; - c4*) - echo c4-convex-bsd - exit ;; - esac -fi - -cat >&2 < in order to provide the needed -information to handle your system. - -config.guess timestamp = $timestamp - -uname -m = `(uname -m) 2>/dev/null || echo unknown` -uname -r = `(uname -r) 2>/dev/null || echo unknown` -uname -s = `(uname -s) 2>/dev/null || echo unknown` -uname -v = `(uname -v) 2>/dev/null || echo unknown` - -/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null` -/bin/uname -X = `(/bin/uname -X) 2>/dev/null` - -hostinfo = `(hostinfo) 2>/dev/null` -/bin/universe = `(/bin/universe) 2>/dev/null` -/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null` -/bin/arch = `(/bin/arch) 2>/dev/null` -/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null` -/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null` - -UNAME_MACHINE = ${UNAME_MACHINE} -UNAME_RELEASE = ${UNAME_RELEASE} -UNAME_SYSTEM = ${UNAME_SYSTEM} -UNAME_VERSION = ${UNAME_VERSION} -EOF - -exit 1 - -# Local variables: -# eval: (add-hook 'write-file-hooks 'time-stamp) -# time-stamp-start: "timestamp='" -# time-stamp-format: "%:y-%02m-%02d" -# time-stamp-end: "'" -# End: diff -r e1d7053e4d45 -r 76dce3b9468e tools/config.sub --- a/tools/config.sub Fri Jan 18 10:55:47 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,1714 +0,0 @@ -#! /bin/sh -# Configuration validation subroutine script. -# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, -# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 -# Free Software Foundation, Inc. - -timestamp='2010-01-22' - -# This file is (in principle) common to ALL GNU software. -# The presence of a machine in this file suggests that SOME GNU software -# can handle that machine. It does not imply ALL GNU software can. -# -# This file is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA -# 02110-1301, USA. -# -# As a special exception to the GNU General Public License, if you -# distribute this file as part of a program that contains a -# configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that program. - - -# Please send patches to . Submit a context -# diff and a properly formatted GNU ChangeLog entry. -# -# Configuration subroutine to validate and canonicalize a configuration type. -# Supply the specified configuration type as an argument. -# If it is invalid, we print an error message on stderr and exit with code 1. -# Otherwise, we print the canonical config type on stdout and succeed. - -# You can get the latest version of this script from: -# http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub;hb=HEAD - -# This file is supposed to be the same for all GNU packages -# and recognize all the CPU types, system types and aliases -# that are meaningful with *any* GNU software. -# Each package is responsible for reporting which valid configurations -# it does not support. The user should be able to distinguish -# a failure to support a valid configuration from a meaningless -# configuration. - -# The goal of this file is to map all the various variations of a given -# machine specification into a single specification in the form: -# CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM -# or in some cases, the newer four-part form: -# CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM -# It is wrong to echo any other type of specification. - -me=`echo "$0" | sed -e 's,.*/,,'` - -usage="\ -Usage: $0 [OPTION] CPU-MFR-OPSYS - $0 [OPTION] ALIAS - -Canonicalize a configuration name. - -Operation modes: - -h, --help print this help, then exit - -t, --time-stamp print date of last modification, then exit - -v, --version print version number, then exit - -Report bugs and patches to ." - -version="\ -GNU config.sub ($timestamp) - -Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, -2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free -Software Foundation, Inc. - -This is free software; see the source for copying conditions. There is NO -warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." - -help=" -Try \`$me --help' for more information." - -# Parse command line -while test $# -gt 0 ; do - case $1 in - --time-stamp | --time* | -t ) - echo "$timestamp" ; exit ;; - --version | -v ) - echo "$version" ; exit ;; - --help | --h* | -h ) - echo "$usage"; exit ;; - -- ) # Stop option processing - shift; break ;; - - ) # Use stdin as input. - break ;; - -* ) - echo "$me: invalid option $1$help" - exit 1 ;; - - *local*) - # First pass through any local machine types. - echo $1 - exit ;; - - * ) - break ;; - esac -done - -case $# in - 0) echo "$me: missing argument$help" >&2 - exit 1;; - 1) ;; - *) echo "$me: too many arguments$help" >&2 - exit 1;; -esac - -# Separate what the user gave into CPU-COMPANY and OS or KERNEL-OS (if any). -# Here we must recognize all the valid KERNEL-OS combinations. -maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'` -case $maybe_os in - nto-qnx* | linux-gnu* | linux-dietlibc | linux-newlib* | linux-uclibc* | \ - uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* | \ - kopensolaris*-gnu* | \ - storm-chaos* | os2-emx* | rtmk-nova*) - os=-$maybe_os - basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'` - ;; - *) - basic_machine=`echo $1 | sed 's/-[^-]*$//'` - if [ $basic_machine != $1 ] - then os=`echo $1 | sed 's/.*-/-/'` - else os=; fi - ;; -esac - -### Let's recognize common machines as not being operating systems so -### that things like config.sub decstation-3100 work. We also -### recognize some manufacturers as not being operating systems, so we -### can provide default operating systems below. -case $os in - -sun*os*) - # Prevent following clause from handling this invalid input. - ;; - -dec* | -mips* | -sequent* | -encore* | -pc532* | -sgi* | -sony* | \ - -att* | -7300* | -3300* | -delta* | -motorola* | -sun[234]* | \ - -unicom* | -ibm* | -next | -hp | -isi* | -apollo | -altos* | \ - -convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\ - -c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \ - -harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \ - -apple | -axis | -knuth | -cray | -microblaze) - os= - basic_machine=$1 - ;; - -bluegene*) - os=-cnk - ;; - -sim | -cisco | -oki | -wec | -winbond) - os= - basic_machine=$1 - ;; - -scout) - ;; - -wrs) - os=-vxworks - basic_machine=$1 - ;; - -chorusos*) - os=-chorusos - basic_machine=$1 - ;; - -chorusrdb) - os=-chorusrdb - basic_machine=$1 - ;; - -hiux*) - os=-hiuxwe2 - ;; - -sco6) - os=-sco5v6 - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -sco5) - os=-sco3.2v5 - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -sco4) - os=-sco3.2v4 - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -sco3.2.[4-9]*) - os=`echo $os | sed -e 's/sco3.2./sco3.2v/'` - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -sco3.2v[4-9]*) - # Don't forget version if it is 3.2v4 or newer. - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -sco5v6*) - # Don't forget version if it is 3.2v4 or newer. - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -sco*) - os=-sco3.2v2 - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -udk*) - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -isc) - os=-isc2.2 - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -clix*) - basic_machine=clipper-intergraph - ;; - -isc*) - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -lynx*) - os=-lynxos - ;; - -ptx*) - basic_machine=`echo $1 | sed -e 's/86-.*/86-sequent/'` - ;; - -windowsnt*) - os=`echo $os | sed -e 's/windowsnt/winnt/'` - ;; - -psos*) - os=-psos - ;; - -mint | -mint[0-9]*) - basic_machine=m68k-atari - os=-mint - ;; -esac - -# Decode aliases for certain CPU-COMPANY combinations. -case $basic_machine in - # Recognize the basic CPU types without company name. - # Some are omitted here because they have special meanings below. - 1750a | 580 \ - | a29k \ - | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \ - | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \ - | am33_2.0 \ - | arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr | avr32 \ - | bfin \ - | c4x | clipper \ - | d10v | d30v | dlx | dsp16xx \ - | fido | fr30 | frv \ - | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \ - | i370 | i860 | i960 | ia64 \ - | ip2k | iq2000 \ - | lm32 \ - | m32c | m32r | m32rle | m68000 | m68k | m88k \ - | maxq | mb | microblaze | mcore | mep | metag \ - | mips | mipsbe | mipseb | mipsel | mipsle \ - | mips16 \ - | mips64 | mips64el \ - | mips64octeon | mips64octeonel \ - | mips64orion | mips64orionel \ - | mips64r5900 | mips64r5900el \ - | mips64vr | mips64vrel \ - | mips64vr4100 | mips64vr4100el \ - | mips64vr4300 | mips64vr4300el \ - | mips64vr5000 | mips64vr5000el \ - | mips64vr5900 | mips64vr5900el \ - | mipsisa32 | mipsisa32el \ - | mipsisa32r2 | mipsisa32r2el \ - | mipsisa64 | mipsisa64el \ - | mipsisa64r2 | mipsisa64r2el \ - | mipsisa64sb1 | mipsisa64sb1el \ - | mipsisa64sr71k | mipsisa64sr71kel \ - | mipstx39 | mipstx39el \ - | mn10200 | mn10300 \ - | moxie \ - | mt \ - | msp430 \ - | nios | nios2 \ - | ns16k | ns32k \ - | or32 \ - | pdp10 | pdp11 | pj | pjl \ - | powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \ - | pyramid \ - | rx \ - | score \ - | sh | sh[1234] | sh[24]a | sh[24]aeb | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \ - | sh64 | sh64le \ - | sparc | sparc64 | sparc64b | sparc64v | sparc86x | sparclet | sparclite \ - | sparcv8 | sparcv9 | sparcv9b | sparcv9v \ - | spu | strongarm \ - | tahoe | thumb | tic4x | tic80 | tron \ - | ubicom32 \ - | v850 | v850e \ - | we32k \ - | x86 | xc16x | xscale | xscalee[bl] | xstormy16 | xtensa \ - | z8k | z80) - basic_machine=$basic_machine-unknown - ;; - m6811 | m68hc11 | m6812 | m68hc12 | picochip) - # Motorola 68HC11/12. - basic_machine=$basic_machine-unknown - os=-none - ;; - m88110 | m680[12346]0 | m683?2 | m68360 | m5200 | v70 | w65 | z8k) - ;; - ms1) - basic_machine=mt-unknown - ;; - - # We use `pc' rather than `unknown' - # because (1) that's what they normally are, and - # (2) the word "unknown" tends to confuse beginning users. - i*86 | x86_64) - basic_machine=$basic_machine-pc - ;; - # Object if more than one company name word. - *-*-*) - echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2 - exit 1 - ;; - # Recognize the basic CPU types with company name. - 580-* \ - | a29k-* \ - | alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \ - | alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \ - | alphapca5[67]-* | alpha64pca5[67]-* | arc-* \ - | arm-* | armbe-* | armle-* | armeb-* | armv*-* \ - | avr-* | avr32-* \ - | bfin-* | bs2000-* \ - | c[123]* | c30-* | [cjt]90-* | c4x-* | c54x-* | c55x-* | c6x-* \ - | clipper-* | craynv-* | cydra-* \ - | d10v-* | d30v-* | dlx-* \ - | elxsi-* \ - | f30[01]-* | f700-* | fido-* | fr30-* | frv-* | fx80-* \ - | h8300-* | h8500-* \ - | hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \ - | i*86-* | i860-* | i960-* | ia64-* \ - | ip2k-* | iq2000-* \ - | lm32-* \ - | m32c-* | m32r-* | m32rle-* \ - | m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \ - | m88110-* | m88k-* | maxq-* | mcore-* | metag-* | microblaze-* \ - | mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \ - | mips16-* \ - | mips64-* | mips64el-* \ - | mips64octeon-* | mips64octeonel-* \ - | mips64orion-* | mips64orionel-* \ - | mips64r5900-* | mips64r5900el-* \ - | mips64vr-* | mips64vrel-* \ - | mips64vr4100-* | mips64vr4100el-* \ - | mips64vr4300-* | mips64vr4300el-* \ - | mips64vr5000-* | mips64vr5000el-* \ - | mips64vr5900-* | mips64vr5900el-* \ - | mipsisa32-* | mipsisa32el-* \ - | mipsisa32r2-* | mipsisa32r2el-* \ - | mipsisa64-* | mipsisa64el-* \ - | mipsisa64r2-* | mipsisa64r2el-* \ - | mipsisa64sb1-* | mipsisa64sb1el-* \ - | mipsisa64sr71k-* | mipsisa64sr71kel-* \ - | mipstx39-* | mipstx39el-* \ - | mmix-* \ - | mt-* \ - | msp430-* \ - | nios-* | nios2-* \ - | none-* | np1-* | ns16k-* | ns32k-* \ - | orion-* \ - | pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \ - | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \ - | pyramid-* \ - | romp-* | rs6000-* | rx-* \ - | sh-* | sh[1234]-* | sh[24]a-* | sh[24]aeb-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \ - | shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \ - | sparc-* | sparc64-* | sparc64b-* | sparc64v-* | sparc86x-* | sparclet-* \ - | sparclite-* \ - | sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | strongarm-* | sv1-* | sx?-* \ - | tahoe-* | thumb-* \ - | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \ - | tile-* | tilegx-* \ - | tron-* \ - | ubicom32-* \ - | v850-* | v850e-* | vax-* \ - | we32k-* \ - | x86-* | x86_64-* | xc16x-* | xps100-* | xscale-* | xscalee[bl]-* \ - | xstormy16-* | xtensa*-* \ - | ymp-* \ - | z8k-* | z80-*) - ;; - # Recognize the basic CPU types without company name, with glob match. - xtensa*) - basic_machine=$basic_machine-unknown - ;; - # Recognize the various machine names and aliases which stand - # for a CPU type and a company and sometimes even an OS. - 386bsd) - basic_machine=i386-unknown - os=-bsd - ;; - 3b1 | 7300 | 7300-att | att-7300 | pc7300 | safari | unixpc) - basic_machine=m68000-att - ;; - 3b*) - basic_machine=we32k-att - ;; - a29khif) - basic_machine=a29k-amd - os=-udi - ;; - abacus) - basic_machine=abacus-unknown - ;; - adobe68k) - basic_machine=m68010-adobe - os=-scout - ;; - alliant | fx80) - basic_machine=fx80-alliant - ;; - altos | altos3068) - basic_machine=m68k-altos - ;; - am29k) - basic_machine=a29k-none - os=-bsd - ;; - amd64) - basic_machine=x86_64-pc - ;; - amd64-*) - basic_machine=x86_64-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - amdahl) - basic_machine=580-amdahl - os=-sysv - ;; - amiga | amiga-*) - basic_machine=m68k-unknown - ;; - amigaos | amigados) - basic_machine=m68k-unknown - os=-amigaos - ;; - amigaunix | amix) - basic_machine=m68k-unknown - os=-sysv4 - ;; - apollo68) - basic_machine=m68k-apollo - os=-sysv - ;; - apollo68bsd) - basic_machine=m68k-apollo - os=-bsd - ;; - aros) - basic_machine=i386-pc - os=-aros - ;; - aux) - basic_machine=m68k-apple - os=-aux - ;; - balance) - basic_machine=ns32k-sequent - os=-dynix - ;; - blackfin) - basic_machine=bfin-unknown - os=-linux - ;; - blackfin-*) - basic_machine=bfin-`echo $basic_machine | sed 's/^[^-]*-//'` - os=-linux - ;; - bluegene*) - basic_machine=powerpc-ibm - os=-cnk - ;; - c90) - basic_machine=c90-cray - os=-unicos - ;; - cegcc) - basic_machine=arm-unknown - os=-cegcc - ;; - convex-c1) - basic_machine=c1-convex - os=-bsd - ;; - convex-c2) - basic_machine=c2-convex - os=-bsd - ;; - convex-c32) - basic_machine=c32-convex - os=-bsd - ;; - convex-c34) - basic_machine=c34-convex - os=-bsd - ;; - convex-c38) - basic_machine=c38-convex - os=-bsd - ;; - cray | j90) - basic_machine=j90-cray - os=-unicos - ;; - craynv) - basic_machine=craynv-cray - os=-unicosmp - ;; - cr16) - basic_machine=cr16-unknown - os=-elf - ;; - crds | unos) - basic_machine=m68k-crds - ;; - crisv32 | crisv32-* | etraxfs*) - basic_machine=crisv32-axis - ;; - cris | cris-* | etrax*) - basic_machine=cris-axis - ;; - crx) - basic_machine=crx-unknown - os=-elf - ;; - da30 | da30-*) - basic_machine=m68k-da30 - ;; - decstation | decstation-3100 | pmax | pmax-* | pmin | dec3100 | decstatn) - basic_machine=mips-dec - ;; - decsystem10* | dec10*) - basic_machine=pdp10-dec - os=-tops10 - ;; - decsystem20* | dec20*) - basic_machine=pdp10-dec - os=-tops20 - ;; - delta | 3300 | motorola-3300 | motorola-delta \ - | 3300-motorola | delta-motorola) - basic_machine=m68k-motorola - ;; - delta88) - basic_machine=m88k-motorola - os=-sysv3 - ;; - dicos) - basic_machine=i686-pc - os=-dicos - ;; - djgpp) - basic_machine=i586-pc - os=-msdosdjgpp - ;; - dpx20 | dpx20-*) - basic_machine=rs6000-bull - os=-bosx - ;; - dpx2* | dpx2*-bull) - basic_machine=m68k-bull - os=-sysv3 - ;; - ebmon29k) - basic_machine=a29k-amd - os=-ebmon - ;; - elxsi) - basic_machine=elxsi-elxsi - os=-bsd - ;; - encore | umax | mmax) - basic_machine=ns32k-encore - ;; - es1800 | OSE68k | ose68k | ose | OSE) - basic_machine=m68k-ericsson - os=-ose - ;; - fx2800) - basic_machine=i860-alliant - ;; - genix) - basic_machine=ns32k-ns - ;; - gmicro) - basic_machine=tron-gmicro - os=-sysv - ;; - go32) - basic_machine=i386-pc - os=-go32 - ;; - h3050r* | hiux*) - basic_machine=hppa1.1-hitachi - os=-hiuxwe2 - ;; - h8300hms) - basic_machine=h8300-hitachi - os=-hms - ;; - h8300xray) - basic_machine=h8300-hitachi - os=-xray - ;; - h8500hms) - basic_machine=h8500-hitachi - os=-hms - ;; - harris) - basic_machine=m88k-harris - os=-sysv3 - ;; - hp300-*) - basic_machine=m68k-hp - ;; - hp300bsd) - basic_machine=m68k-hp - os=-bsd - ;; - hp300hpux) - basic_machine=m68k-hp - os=-hpux - ;; - hp3k9[0-9][0-9] | hp9[0-9][0-9]) - basic_machine=hppa1.0-hp - ;; - hp9k2[0-9][0-9] | hp9k31[0-9]) - basic_machine=m68000-hp - ;; - hp9k3[2-9][0-9]) - basic_machine=m68k-hp - ;; - hp9k6[0-9][0-9] | hp6[0-9][0-9]) - basic_machine=hppa1.0-hp - ;; - hp9k7[0-79][0-9] | hp7[0-79][0-9]) - basic_machine=hppa1.1-hp - ;; - hp9k78[0-9] | hp78[0-9]) - # FIXME: really hppa2.0-hp - basic_machine=hppa1.1-hp - ;; - hp9k8[67]1 | hp8[67]1 | hp9k80[24] | hp80[24] | hp9k8[78]9 | hp8[78]9 | hp9k893 | hp893) - # FIXME: really hppa2.0-hp - basic_machine=hppa1.1-hp - ;; - hp9k8[0-9][13679] | hp8[0-9][13679]) - basic_machine=hppa1.1-hp - ;; - hp9k8[0-9][0-9] | hp8[0-9][0-9]) - basic_machine=hppa1.0-hp - ;; - hppa-next) - os=-nextstep3 - ;; - hppaosf) - basic_machine=hppa1.1-hp - os=-osf - ;; - hppro) - basic_machine=hppa1.1-hp - os=-proelf - ;; - i370-ibm* | ibm*) - basic_machine=i370-ibm - ;; -# I'm not sure what "Sysv32" means. Should this be sysv3.2? - i*86v32) - basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` - os=-sysv32 - ;; - i*86v4*) - basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` - os=-sysv4 - ;; - i*86v) - basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` - os=-sysv - ;; - i*86sol2) - basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` - os=-solaris2 - ;; - i386mach) - basic_machine=i386-mach - os=-mach - ;; - i386-vsta | vsta) - basic_machine=i386-unknown - os=-vsta - ;; - iris | iris4d) - basic_machine=mips-sgi - case $os in - -irix*) - ;; - *) - os=-irix4 - ;; - esac - ;; - isi68 | isi) - basic_machine=m68k-isi - os=-sysv - ;; - m68knommu) - basic_machine=m68k-unknown - os=-linux - ;; - m68knommu-*) - basic_machine=m68k-`echo $basic_machine | sed 's/^[^-]*-//'` - os=-linux - ;; - m88k-omron*) - basic_machine=m88k-omron - ;; - magnum | m3230) - basic_machine=mips-mips - os=-sysv - ;; - merlin) - basic_machine=ns32k-utek - os=-sysv - ;; - microblaze) - basic_machine=microblaze-xilinx - ;; - mingw32) - basic_machine=i386-pc - os=-mingw32 - ;; - mingw32ce) - basic_machine=arm-unknown - os=-mingw32ce - ;; - miniframe) - basic_machine=m68000-convergent - ;; - *mint | -mint[0-9]* | *MiNT | *MiNT[0-9]*) - basic_machine=m68k-atari - os=-mint - ;; - mips3*-*) - basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'` - ;; - mips3*) - basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`-unknown - ;; - monitor) - basic_machine=m68k-rom68k - os=-coff - ;; - morphos) - basic_machine=powerpc-unknown - os=-morphos - ;; - msdos) - basic_machine=i386-pc - os=-msdos - ;; - ms1-*) - basic_machine=`echo $basic_machine | sed -e 's/ms1-/mt-/'` - ;; - mvs) - basic_machine=i370-ibm - os=-mvs - ;; - ncr3000) - basic_machine=i486-ncr - os=-sysv4 - ;; - netbsd386) - basic_machine=i386-unknown - os=-netbsd - ;; - netwinder) - basic_machine=armv4l-rebel - os=-linux - ;; - news | news700 | news800 | news900) - basic_machine=m68k-sony - os=-newsos - ;; - news1000) - basic_machine=m68030-sony - os=-newsos - ;; - news-3600 | risc-news) - basic_machine=mips-sony - os=-newsos - ;; - necv70) - basic_machine=v70-nec - os=-sysv - ;; - next | m*-next ) - basic_machine=m68k-next - case $os in - -nextstep* ) - ;; - -ns2*) - os=-nextstep2 - ;; - *) - os=-nextstep3 - ;; - esac - ;; - nh3000) - basic_machine=m68k-harris - os=-cxux - ;; - nh[45]000) - basic_machine=m88k-harris - os=-cxux - ;; - nindy960) - basic_machine=i960-intel - os=-nindy - ;; - mon960) - basic_machine=i960-intel - os=-mon960 - ;; - nonstopux) - basic_machine=mips-compaq - os=-nonstopux - ;; - np1) - basic_machine=np1-gould - ;; - nsr-tandem) - basic_machine=nsr-tandem - ;; - op50n-* | op60c-*) - basic_machine=hppa1.1-oki - os=-proelf - ;; - openrisc | openrisc-*) - basic_machine=or32-unknown - ;; - os400) - basic_machine=powerpc-ibm - os=-os400 - ;; - OSE68000 | ose68000) - basic_machine=m68000-ericsson - os=-ose - ;; - os68k) - basic_machine=m68k-none - os=-os68k - ;; - pa-hitachi) - basic_machine=hppa1.1-hitachi - os=-hiuxwe2 - ;; - paragon) - basic_machine=i860-intel - os=-osf - ;; - parisc) - basic_machine=hppa-unknown - os=-linux - ;; - parisc-*) - basic_machine=hppa-`echo $basic_machine | sed 's/^[^-]*-//'` - os=-linux - ;; - pbd) - basic_machine=sparc-tti - ;; - pbb) - basic_machine=m68k-tti - ;; - pc532 | pc532-*) - basic_machine=ns32k-pc532 - ;; - pc98) - basic_machine=i386-pc - ;; - pc98-*) - basic_machine=i386-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - pentium | p5 | k5 | k6 | nexgen | viac3) - basic_machine=i586-pc - ;; - pentiumpro | p6 | 6x86 | athlon | athlon_*) - basic_machine=i686-pc - ;; - pentiumii | pentium2 | pentiumiii | pentium3) - basic_machine=i686-pc - ;; - pentium4) - basic_machine=i786-pc - ;; - pentium-* | p5-* | k5-* | k6-* | nexgen-* | viac3-*) - basic_machine=i586-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - pentiumpro-* | p6-* | 6x86-* | athlon-*) - basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - pentiumii-* | pentium2-* | pentiumiii-* | pentium3-*) - basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - pentium4-*) - basic_machine=i786-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - pn) - basic_machine=pn-gould - ;; - power) basic_machine=power-ibm - ;; - ppc) basic_machine=powerpc-unknown - ;; - ppc-*) basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - ppcle | powerpclittle | ppc-le | powerpc-little) - basic_machine=powerpcle-unknown - ;; - ppcle-* | powerpclittle-*) - basic_machine=powerpcle-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - ppc64) basic_machine=powerpc64-unknown - ;; - ppc64-*) basic_machine=powerpc64-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - ppc64le | powerpc64little | ppc64-le | powerpc64-little) - basic_machine=powerpc64le-unknown - ;; - ppc64le-* | powerpc64little-*) - basic_machine=powerpc64le-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - ps2) - basic_machine=i386-ibm - ;; - pw32) - basic_machine=i586-unknown - os=-pw32 - ;; - rdos) - basic_machine=i386-pc - os=-rdos - ;; - rom68k) - basic_machine=m68k-rom68k - os=-coff - ;; - rm[46]00) - basic_machine=mips-siemens - ;; - rtpc | rtpc-*) - basic_machine=romp-ibm - ;; - s390 | s390-*) - basic_machine=s390-ibm - ;; - s390x | s390x-*) - basic_machine=s390x-ibm - ;; - sa29200) - basic_machine=a29k-amd - os=-udi - ;; - sb1) - basic_machine=mipsisa64sb1-unknown - ;; - sb1el) - basic_machine=mipsisa64sb1el-unknown - ;; - sde) - basic_machine=mipsisa32-sde - os=-elf - ;; - sei) - basic_machine=mips-sei - os=-seiux - ;; - sequent) - basic_machine=i386-sequent - ;; - sh) - basic_machine=sh-hitachi - os=-hms - ;; - sh5el) - basic_machine=sh5le-unknown - ;; - sh64) - basic_machine=sh64-unknown - ;; - sparclite-wrs | simso-wrs) - basic_machine=sparclite-wrs - os=-vxworks - ;; - sps7) - basic_machine=m68k-bull - os=-sysv2 - ;; - spur) - basic_machine=spur-unknown - ;; - st2000) - basic_machine=m68k-tandem - ;; - stratus) - basic_machine=i860-stratus - os=-sysv4 - ;; - sun2) - basic_machine=m68000-sun - ;; - sun2os3) - basic_machine=m68000-sun - os=-sunos3 - ;; - sun2os4) - basic_machine=m68000-sun - os=-sunos4 - ;; - sun3os3) - basic_machine=m68k-sun - os=-sunos3 - ;; - sun3os4) - basic_machine=m68k-sun - os=-sunos4 - ;; - sun4os3) - basic_machine=sparc-sun - os=-sunos3 - ;; - sun4os4) - basic_machine=sparc-sun - os=-sunos4 - ;; - sun4sol2) - basic_machine=sparc-sun - os=-solaris2 - ;; - sun3 | sun3-*) - basic_machine=m68k-sun - ;; - sun4) - basic_machine=sparc-sun - ;; - sun386 | sun386i | roadrunner) - basic_machine=i386-sun - ;; - sv1) - basic_machine=sv1-cray - os=-unicos - ;; - symmetry) - basic_machine=i386-sequent - os=-dynix - ;; - t3e) - basic_machine=alphaev5-cray - os=-unicos - ;; - t90) - basic_machine=t90-cray - os=-unicos - ;; - tic54x | c54x*) - basic_machine=tic54x-unknown - os=-coff - ;; - tic55x | c55x*) - basic_machine=tic55x-unknown - os=-coff - ;; - tic6x | c6x*) - basic_machine=tic6x-unknown - os=-coff - ;; - # This must be matched before tile*. - tilegx*) - basic_machine=tilegx-unknown - os=-linux-gnu - ;; - tile*) - basic_machine=tile-unknown - os=-linux-gnu - ;; - tx39) - basic_machine=mipstx39-unknown - ;; - tx39el) - basic_machine=mipstx39el-unknown - ;; - toad1) - basic_machine=pdp10-xkl - os=-tops20 - ;; - tower | tower-32) - basic_machine=m68k-ncr - ;; - tpf) - basic_machine=s390x-ibm - os=-tpf - ;; - udi29k) - basic_machine=a29k-amd - os=-udi - ;; - ultra3) - basic_machine=a29k-nyu - os=-sym1 - ;; - v810 | necv810) - basic_machine=v810-nec - os=-none - ;; - vaxv) - basic_machine=vax-dec - os=-sysv - ;; - vms) - basic_machine=vax-dec - os=-vms - ;; - vpp*|vx|vx-*) - basic_machine=f301-fujitsu - ;; - vxworks960) - basic_machine=i960-wrs - os=-vxworks - ;; - vxworks68) - basic_machine=m68k-wrs - os=-vxworks - ;; - vxworks29k) - basic_machine=a29k-wrs - os=-vxworks - ;; - w65*) - basic_machine=w65-wdc - os=-none - ;; - w89k-*) - basic_machine=hppa1.1-winbond - os=-proelf - ;; - xbox) - basic_machine=i686-pc - os=-mingw32 - ;; - xps | xps100) - basic_machine=xps100-honeywell - ;; - ymp) - basic_machine=ymp-cray - os=-unicos - ;; - z8k-*-coff) - basic_machine=z8k-unknown - os=-sim - ;; - z80-*-coff) - basic_machine=z80-unknown - os=-sim - ;; - none) - basic_machine=none-none - os=-none - ;; - -# Here we handle the default manufacturer of certain CPU types. It is in -# some cases the only manufacturer, in others, it is the most popular. - w89k) - basic_machine=hppa1.1-winbond - ;; - op50n) - basic_machine=hppa1.1-oki - ;; - op60c) - basic_machine=hppa1.1-oki - ;; - romp) - basic_machine=romp-ibm - ;; - mmix) - basic_machine=mmix-knuth - ;; - rs6000) - basic_machine=rs6000-ibm - ;; - vax) - basic_machine=vax-dec - ;; - pdp10) - # there are many clones, so DEC is not a safe bet - basic_machine=pdp10-unknown - ;; - pdp11) - basic_machine=pdp11-dec - ;; - we32k) - basic_machine=we32k-att - ;; - sh[1234] | sh[24]a | sh[24]aeb | sh[34]eb | sh[1234]le | sh[23]ele) - basic_machine=sh-unknown - ;; - sparc | sparcv8 | sparcv9 | sparcv9b | sparcv9v) - basic_machine=sparc-sun - ;; - cydra) - basic_machine=cydra-cydrome - ;; - orion) - basic_machine=orion-highlevel - ;; - orion105) - basic_machine=clipper-highlevel - ;; - mac | mpw | mac-mpw) - basic_machine=m68k-apple - ;; - pmac | pmac-mpw) - basic_machine=powerpc-apple - ;; - *-unknown) - # Make sure to match an already-canonicalized machine name. - ;; - *) - echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2 - exit 1 - ;; -esac - -# Here we canonicalize certain aliases for manufacturers. -case $basic_machine in - *-digital*) - basic_machine=`echo $basic_machine | sed 's/digital.*/dec/'` - ;; - *-commodore*) - basic_machine=`echo $basic_machine | sed 's/commodore.*/cbm/'` - ;; - *) - ;; -esac - -# Decode manufacturer-specific aliases for certain operating systems. - -if [ x"$os" != x"" ] -then -case $os in - # First match some system type aliases - # that might get confused with valid system types. - # -solaris* is a basic system type, with this one exception. - -auroraux) - os=-auroraux - ;; - -solaris1 | -solaris1.*) - os=`echo $os | sed -e 's|solaris1|sunos4|'` - ;; - -solaris) - os=-solaris2 - ;; - -svr4*) - os=-sysv4 - ;; - -unixware*) - os=-sysv4.2uw - ;; - -gnu/linux*) - os=`echo $os | sed -e 's|gnu/linux|linux-gnu|'` - ;; - # First accept the basic system types. - # The portable systems comes first. - # Each alternative MUST END IN A *, to match a version number. - # -sysv* is not here because it comes later, after sysvr4. - -gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \ - | -*vms* | -sco* | -esix* | -isc* | -aix* | -cnk* | -sunos | -sunos[34]*\ - | -hpux* | -unos* | -osf* | -luna* | -dgux* | -auroraux* | -solaris* \ - | -sym* | -kopensolaris* \ - | -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \ - | -aos* | -aros* \ - | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \ - | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \ - | -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* \ - | -openbsd* | -solidbsd* \ - | -ekkobsd* | -kfreebsd* | -freebsd* | -riscix* | -lynxos* \ - | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \ - | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \ - | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \ - | -chorusos* | -chorusrdb* | -cegcc* \ - | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ - | -mingw32* | -linux-gnu* | -linux-newlib* | -linux-uclibc* \ - | -uxpv* | -beos* | -mpeix* | -udk* \ - | -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \ - | -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \ - | -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \ - | -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \ - | -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \ - | -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \ - | -skyos* | -haiku* | -rdos* | -toppers* | -drops* | -es*) - # Remember, each alternative MUST END IN *, to match a version number. - ;; - -qnx*) - case $basic_machine in - x86-* | i*86-*) - ;; - *) - os=-nto$os - ;; - esac - ;; - -nto-qnx*) - ;; - -nto*) - os=`echo $os | sed -e 's|nto|nto-qnx|'` - ;; - -sim | -es1800* | -hms* | -xray | -os68k* | -none* | -v88r* \ - | -windows* | -osx | -abug | -netware* | -os9* | -beos* | -haiku* \ - | -macos* | -mpw* | -magic* | -mmixware* | -mon960* | -lnews*) - ;; - -mac*) - os=`echo $os | sed -e 's|mac|macos|'` - ;; - -linux-dietlibc) - os=-linux-dietlibc - ;; - -linux*) - os=`echo $os | sed -e 's|linux|linux-gnu|'` - ;; - -sunos5*) - os=`echo $os | sed -e 's|sunos5|solaris2|'` - ;; - -sunos6*) - os=`echo $os | sed -e 's|sunos6|solaris3|'` - ;; - -opened*) - os=-openedition - ;; - -os400*) - os=-os400 - ;; - -wince*) - os=-wince - ;; - -osfrose*) - os=-osfrose - ;; - -osf*) - os=-osf - ;; - -utek*) - os=-bsd - ;; - -dynix*) - os=-bsd - ;; - -acis*) - os=-aos - ;; - -atheos*) - os=-atheos - ;; - -syllable*) - os=-syllable - ;; - -386bsd) - os=-bsd - ;; - -ctix* | -uts*) - os=-sysv - ;; - -nova*) - os=-rtmk-nova - ;; - -ns2 ) - os=-nextstep2 - ;; - -nsk*) - os=-nsk - ;; - # Preserve the version number of sinix5. - -sinix5.*) - os=`echo $os | sed -e 's|sinix|sysv|'` - ;; - -sinix*) - os=-sysv4 - ;; - -tpf*) - os=-tpf - ;; - -triton*) - os=-sysv3 - ;; - -oss*) - os=-sysv3 - ;; - -svr4) - os=-sysv4 - ;; - -svr3) - os=-sysv3 - ;; - -sysvr4) - os=-sysv4 - ;; - # This must come after -sysvr4. - -sysv*) - ;; - -ose*) - os=-ose - ;; - -es1800*) - os=-ose - ;; - -xenix) - os=-xenix - ;; - -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) - os=-mint - ;; - -aros*) - os=-aros - ;; - -kaos*) - os=-kaos - ;; - -zvmoe) - os=-zvmoe - ;; - -dicos*) - os=-dicos - ;; - -nacl*) - ;; - -none) - ;; - *) - # Get rid of the `-' at the beginning of $os. - os=`echo $os | sed 's/[^-]*-//'` - echo Invalid configuration \`$1\': system \`$os\' not recognized 1>&2 - exit 1 - ;; -esac -else - -# Here we handle the default operating systems that come with various machines. -# The value should be what the vendor currently ships out the door with their -# machine or put another way, the most popular os provided with the machine. - -# Note that if you're going to try to match "-MANUFACTURER" here (say, -# "-sun"), then you have to tell the case statement up towards the top -# that MANUFACTURER isn't an operating system. Otherwise, code above -# will signal an error saying that MANUFACTURER isn't an operating -# system, and we'll never get to this point. - -case $basic_machine in - score-*) - os=-elf - ;; - spu-*) - os=-elf - ;; - *-acorn) - os=-riscix1.2 - ;; - arm*-rebel) - os=-linux - ;; - arm*-semi) - os=-aout - ;; - c4x-* | tic4x-*) - os=-coff - ;; - # This must come before the *-dec entry. - pdp10-*) - os=-tops20 - ;; - pdp11-*) - os=-none - ;; - *-dec | vax-*) - os=-ultrix4.2 - ;; - m68*-apollo) - os=-domain - ;; - i386-sun) - os=-sunos4.0.2 - ;; - m68000-sun) - os=-sunos3 - # This also exists in the configure program, but was not the - # default. - # os=-sunos4 - ;; - m68*-cisco) - os=-aout - ;; - mep-*) - os=-elf - ;; - mips*-cisco) - os=-elf - ;; - mips*-*) - os=-elf - ;; - or32-*) - os=-coff - ;; - *-tti) # must be before sparc entry or we get the wrong os. - os=-sysv3 - ;; - sparc-* | *-sun) - os=-sunos4.1.1 - ;; - *-be) - os=-beos - ;; - *-haiku) - os=-haiku - ;; - *-ibm) - os=-aix - ;; - *-knuth) - os=-mmixware - ;; - *-wec) - os=-proelf - ;; - *-winbond) - os=-proelf - ;; - *-oki) - os=-proelf - ;; - *-hp) - os=-hpux - ;; - *-hitachi) - os=-hiux - ;; - i860-* | *-att | *-ncr | *-altos | *-motorola | *-convergent) - os=-sysv - ;; - *-cbm) - os=-amigaos - ;; - *-dg) - os=-dgux - ;; - *-dolphin) - os=-sysv3 - ;; - m68k-ccur) - os=-rtu - ;; - m88k-omron*) - os=-luna - ;; - *-next ) - os=-nextstep - ;; - *-sequent) - os=-ptx - ;; - *-crds) - os=-unos - ;; - *-ns) - os=-genix - ;; - i370-*) - os=-mvs - ;; - *-next) - os=-nextstep3 - ;; - *-gould) - os=-sysv - ;; - *-highlevel) - os=-bsd - ;; - *-encore) - os=-bsd - ;; - *-sgi) - os=-irix - ;; - *-siemens) - os=-sysv4 - ;; - *-masscomp) - os=-rtu - ;; - f30[01]-fujitsu | f700-fujitsu) - os=-uxpv - ;; - *-rom68k) - os=-coff - ;; - *-*bug) - os=-coff - ;; - *-apple) - os=-macos - ;; - *-atari*) - os=-mint - ;; - *) - os=-none - ;; -esac -fi - -# Here we handle the case where we know the os, and the CPU type, but not the -# manufacturer. We pick the logical manufacturer. -vendor=unknown -case $basic_machine in - *-unknown) - case $os in - -riscix*) - vendor=acorn - ;; - -sunos*) - vendor=sun - ;; - -cnk*|-aix*) - vendor=ibm - ;; - -beos*) - vendor=be - ;; - -hpux*) - vendor=hp - ;; - -mpeix*) - vendor=hp - ;; - -hiux*) - vendor=hitachi - ;; - -unos*) - vendor=crds - ;; - -dgux*) - vendor=dg - ;; - -luna*) - vendor=omron - ;; - -genix*) - vendor=ns - ;; - -mvs* | -opened*) - vendor=ibm - ;; - -os400*) - vendor=ibm - ;; - -ptx*) - vendor=sequent - ;; - -tpf*) - vendor=ibm - ;; - -vxsim* | -vxworks* | -windiss*) - vendor=wrs - ;; - -aux*) - vendor=apple - ;; - -hms*) - vendor=hitachi - ;; - -mpw* | -macos*) - vendor=apple - ;; - -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) - vendor=atari - ;; - -vos*) - vendor=stratus - ;; - esac - basic_machine=`echo $basic_machine | sed "s/unknown/$vendor/"` - ;; -esac - -echo $basic_machine$os -exit - -# Local variables: -# eval: (add-hook 'write-file-hooks 'time-stamp) -# time-stamp-start: "timestamp='" -# time-stamp-format: "%:y-%02m-%02d" -# time-stamp-end: "'" -# End: diff -r e1d7053e4d45 -r 76dce3b9468e tools/configure --- a/tools/configure Fri Jan 18 10:55:47 2013 +0000 +++ b/tools/configure Fri Jan 18 10:55:48 2013 +0000 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.67 for Xen Hypervisor 4.3. +# Generated by GNU Autoconf 2.67 for Xen Hypervisor Tools 4.3. # # Report bugs to . # @@ -550,10 +550,10 @@ MFLAGS= MAKEFLAGS= # Identity of this package. -PACKAGE_NAME='Xen Hypervisor' +PACKAGE_NAME='Xen Hypervisor Tools' PACKAGE_TARNAME='xen' PACKAGE_VERSION='4.3' -PACKAGE_STRING='Xen Hypervisor 4.3' +PACKAGE_STRING='Xen Hypervisor Tools 4.3' PACKAGE_BUGREPORT='xen-devel@lists.xen.org' PACKAGE_URL='http://www.xen.org/' @@ -1302,7 +1302,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures Xen Hypervisor 4.3 to adapt to many kinds of systems. +\`configure' configures Xen Hypervisor Tools 4.3 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1367,7 +1367,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of Xen Hypervisor 4.3:";; + short | recursive ) echo "Configuration of Xen Hypervisor Tools 4.3:";; esac cat <<\_ACEOF @@ -1427,7 +1427,7 @@ Use these variables to override the choi it to find libraries and programs with nonstandard names/locations. Report bugs to . -Xen Hypervisor home page: . +Xen Hypervisor Tools home page: . _ACEOF ac_status=$? fi @@ -1490,7 +1490,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -Xen Hypervisor configure 4.3 +Xen Hypervisor Tools configure 4.3 generated by GNU Autoconf 2.67 Copyright (C) 2010 Free Software Foundation, Inc. @@ -1792,7 +1792,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by Xen Hypervisor $as_me 4.3, which was +It was created by Xen Hypervisor Tools $as_me 4.3, which was generated by GNU Autoconf 2.67. Invocation command line was $ $0 $@ @@ -2147,7 +2147,7 @@ ac_config_headers="$ac_config_headers co ac_aux_dir= -for ac_dir in . "$srcdir"/.; do +for ac_dir in ../ "$srcdir"/../; do if test -f "$ac_dir/install-sh"; then ac_aux_dir=$ac_dir ac_install_sh="$ac_aux_dir/install-sh -c" @@ -2163,7 +2163,7 @@ for ac_dir in . "$srcdir"/.; do fi done if test -z "$ac_aux_dir"; then - as_fn_error $? "cannot find install-sh, install.sh, or shtool in . \"$srcdir\"/." "$LINENO" 5 + as_fn_error $? "cannot find install-sh, install.sh, or shtool in ../ \"$srcdir\"/../" "$LINENO" 5 fi # These three variables are undocumented and unsupported, @@ -7346,7 +7346,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_wri # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by Xen Hypervisor $as_me 4.3, which was +This file was extended by Xen Hypervisor Tools $as_me 4.3, which was generated by GNU Autoconf 2.67. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -7403,13 +7403,13 @@ Configuration headers: $config_headers Report bugs to . -Xen Hypervisor home page: ." +Xen Hypervisor Tools home page: ." _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -Xen Hypervisor config.status 4.3 +Xen Hypervisor Tools config.status 4.3 configured by $0, generated by GNU Autoconf 2.67, with options \\"\$ac_cs_config\\" diff -r e1d7053e4d45 -r 76dce3b9468e tools/configure.ac --- a/tools/configure.ac Fri Jan 18 10:55:47 2013 +0000 +++ b/tools/configure.ac Fri Jan 18 10:55:48 2013 +0000 @@ -2,13 +2,13 @@ # Process this file with autoconf to produce a configure script. AC_PREREQ([2.67]) -AC_INIT([Xen Hypervisor], m4_esyscmd([../version.sh ../xen/Makefile]), +AC_INIT([Xen Hypervisor Tools], m4_esyscmd([../version.sh ../xen/Makefile]), [xen-devel@lists.xen.org], [xen], [http://www.xen.org/]) AC_CONFIG_SRCDIR([libxl/libxl.c]) AC_CONFIG_FILES([../config/Tools.mk]) AC_CONFIG_HEADERS([config.h]) AC_PREFIX_DEFAULT([/usr]) -AC_CONFIG_AUX_DIR([.]) +AC_CONFIG_AUX_DIR([../]) # Check if CFLAGS, LDFLAGS, LIBS, CPPFLAGS or CPP is set and print a warning diff -r e1d7053e4d45 -r 76dce3b9468e tools/install.sh --- a/tools/install.sh Fri Jan 18 10:55:47 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,1 +0,0 @@ -../install.sh \ No newline at end of file _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:34:26 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:34:26 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPwg-0001gC-0g; Mon, 21 Jan 2013 22:34:26 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPwe-0001fH-5I for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:34:25 +0000 Received: from [85.158.138.51:54994] by server-6.bemta-3.messagelabs.com id 23/FE-25504-F62CDF05; Mon, 21 Jan 2013 22:34:23 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-5.tower-174.messagelabs.com!1358807652!29028293!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.5 required=7.0 tests=BODY_RANDOM_LONG X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 25799 invoked from network); 21 Jan 2013 22:34:13 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-5.tower-174.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:34:13 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvV-0005g4-AC for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:13 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPvV-0003i7-8X for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:13 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:12 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] Add a top level configure script X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Matthew Fioravante # Date 1358506548 0 # Node ID 76dce3b9468e7202ee4846785e7e21187df24b86 # Parent e1d7053e4d4575d052bd72cb4a44718281bdd35d Add a top level configure script Signed-off-by: Matthew Fioravante Acked-by: Ian Campbell Committed-by: Ian Campbell --- diff -r e1d7053e4d45 -r 76dce3b9468e .gitignore --- a/.gitignore Fri Jan 18 10:55:47 2013 +0000 +++ b/.gitignore Fri Jan 18 10:55:48 2013 +0000 @@ -28,6 +28,11 @@ cscope.po.out dist stubdom/*.tar.gz +autom4te.cache/ +config.log +config.status +config/Toplevel.mk + build-* dist/* docs/*.aux diff -r e1d7053e4d45 -r 76dce3b9468e .hgignore --- a/.hgignore Fri Jan 18 10:55:47 2013 +0000 +++ b/.hgignore Fri Jan 18 10:55:48 2013 +0000 @@ -26,6 +26,10 @@ ^\.pc (^|/)(tags|TAGS)$ (^|/)(GTAGS|GPATH|GSYMS|GRTAGS)$ +^autom4te\.cache$ +^config\.log$ +^config\.status +^config/Toplevel\.mk ^build-.*$ ^dist/.*$ ^docs/.*\.aux$ diff -r e1d7053e4d45 -r 76dce3b9468e autogen.sh --- a/autogen.sh Fri Jan 18 10:55:47 2013 +0000 +++ b/autogen.sh Fri Jan 18 10:55:48 2013 +0000 @@ -1,4 +1,5 @@ #!/bin/sh -e +autoconf cd tools autoconf autoheader diff -r e1d7053e4d45 -r 76dce3b9468e config.guess --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/config.guess Fri Jan 18 10:55:48 2013 +0000 @@ -0,0 +1,1502 @@ +#! /bin/sh +# Attempt to guess a canonical system name. +# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, +# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 +# Free Software Foundation, Inc. + +timestamp='2009-12-30' + +# This file is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA +# 02110-1301, USA. +# +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that program. + + +# Originally written by Per Bothner. Please send patches (context +# diff format) to and include a ChangeLog +# entry. +# +# This script attempts to guess a canonical system name similar to +# config.sub. If it succeeds, it prints the system name on stdout, and +# exits with 0. Otherwise, it exits with 1. +# +# You can get the latest version of this script from: +# http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess;hb=HEAD + +me=`echo "$0" | sed -e 's,.*/,,'` + +usage="\ +Usage: $0 [OPTION] + +Output the configuration name of the system \`$me' is run on. + +Operation modes: + -h, --help print this help, then exit + -t, --time-stamp print date of last modification, then exit + -v, --version print version number, then exit + +Report bugs and patches to ." + +version="\ +GNU config.guess ($timestamp) + +Originally written by Per Bothner. +Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, +2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free +Software Foundation, Inc. + +This is free software; see the source for copying conditions. There is NO +warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." + +help=" +Try \`$me --help' for more information." + +# Parse command line +while test $# -gt 0 ; do + case $1 in + --time-stamp | --time* | -t ) + echo "$timestamp" ; exit ;; + --version | -v ) + echo "$version" ; exit ;; + --help | --h* | -h ) + echo "$usage"; exit ;; + -- ) # Stop option processing + shift; break ;; + - ) # Use stdin as input. + break ;; + -* ) + echo "$me: invalid option $1$help" >&2 + exit 1 ;; + * ) + break ;; + esac +done + +if test $# != 0; then + echo "$me: too many arguments$help" >&2 + exit 1 +fi + +trap 'exit 1' 1 2 15 + +# CC_FOR_BUILD -- compiler used by this script. Note that the use of a +# compiler to aid in system detection is discouraged as it requires +# temporary files to be created and, as you can see below, it is a +# headache to deal with in a portable fashion. + +# Historically, `CC_FOR_BUILD' used to be named `HOST_CC'. We still +# use `HOST_CC' if defined, but it is deprecated. + +# Portable tmp directory creation inspired by the Autoconf team. + +set_cc_for_build=' +trap "exitcode=\$?; (rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null) && exit \$exitcode" 0 ; +trap "rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null; exit 1" 1 2 13 15 ; +: ${TMPDIR=/tmp} ; + { tmp=`(umask 077 && mktemp -d "$TMPDIR/cgXXXXXX") 2>/dev/null` && test -n "$tmp" && test -d "$tmp" ; } || + { test -n "$RANDOM" && tmp=$TMPDIR/cg$$-$RANDOM && (umask 077 && mkdir $tmp) ; } || + { tmp=$TMPDIR/cg-$$ && (umask 077 && mkdir $tmp) && echo "Warning: creating insecure temp directory" >&2 ; } || + { echo "$me: cannot create a temporary directory in $TMPDIR" >&2 ; exit 1 ; } ; +dummy=$tmp/dummy ; +tmpfiles="$dummy.c $dummy.o $dummy.rel $dummy" ; +case $CC_FOR_BUILD,$HOST_CC,$CC in + ,,) echo "int x;" > $dummy.c ; + for c in cc gcc c89 c99 ; do + if ($c -c -o $dummy.o $dummy.c) >/dev/null 2>&1 ; then + CC_FOR_BUILD="$c"; break ; + fi ; + done ; + if test x"$CC_FOR_BUILD" = x ; then + CC_FOR_BUILD=no_compiler_found ; + fi + ;; + ,,*) CC_FOR_BUILD=$CC ;; + ,*,*) CC_FOR_BUILD=$HOST_CC ;; +esac ; set_cc_for_build= ;' + +# This is needed to find uname on a Pyramid OSx when run in the BSD universe. +# (ghazi@noc.rutgers.edu 1994-08-24) +if (test -f /.attbin/uname) >/dev/null 2>&1 ; then + PATH=$PATH:/.attbin ; export PATH +fi + +UNAME_MACHINE=`(uname -m) 2>/dev/null` || UNAME_MACHINE=unknown +UNAME_RELEASE=`(uname -r) 2>/dev/null` || UNAME_RELEASE=unknown +UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown +UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown + +# Note: order is significant - the case branches are not exclusive. + +case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in + *:NetBSD:*:*) + # NetBSD (nbsd) targets should (where applicable) match one or + # more of the tupples: *-*-netbsdelf*, *-*-netbsdaout*, + # *-*-netbsdecoff* and *-*-netbsd*. For targets that recently + # switched to ELF, *-*-netbsd* would select the old + # object file format. This provides both forward + # compatibility and a consistent mechanism for selecting the + # object file format. + # + # Note: NetBSD doesn't particularly care about the vendor + # portion of the name. We always set it to "unknown". + sysctl="sysctl -n hw.machine_arch" + UNAME_MACHINE_ARCH=`(/sbin/$sysctl 2>/dev/null || \ + /usr/sbin/$sysctl 2>/dev/null || echo unknown)` + case "${UNAME_MACHINE_ARCH}" in + armeb) machine=armeb-unknown ;; + arm*) machine=arm-unknown ;; + sh3el) machine=shl-unknown ;; + sh3eb) machine=sh-unknown ;; + sh5el) machine=sh5le-unknown ;; + *) machine=${UNAME_MACHINE_ARCH}-unknown ;; + esac + # The Operating System including object format, if it has switched + # to ELF recently, or will in the future. + case "${UNAME_MACHINE_ARCH}" in + arm*|i386|m68k|ns32k|sh3*|sparc|vax) + eval $set_cc_for_build + if echo __ELF__ | $CC_FOR_BUILD -E - 2>/dev/null \ + | grep -q __ELF__ + then + # Once all utilities can be ECOFF (netbsdecoff) or a.out (netbsdaout). + # Return netbsd for either. FIX? + os=netbsd + else + os=netbsdelf + fi + ;; + *) + os=netbsd + ;; + esac + # The OS release + # Debian GNU/NetBSD machines have a different userland, and + # thus, need a distinct triplet. However, they do not need + # kernel version information, so it can be replaced with a + # suitable tag, in the style of linux-gnu. + case "${UNAME_VERSION}" in + Debian*) + release='-gnu' + ;; + *) + release=`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'` + ;; + esac + # Since CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM: + # contains redundant information, the shorter form: + # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used. + echo "${machine}-${os}${release}" + exit ;; + *:OpenBSD:*:*) + UNAME_MACHINE_ARCH=`arch | sed 's/OpenBSD.//'` + echo ${UNAME_MACHINE_ARCH}-unknown-openbsd${UNAME_RELEASE} + exit ;; + *:ekkoBSD:*:*) + echo ${UNAME_MACHINE}-unknown-ekkobsd${UNAME_RELEASE} + exit ;; + *:SolidBSD:*:*) + echo ${UNAME_MACHINE}-unknown-solidbsd${UNAME_RELEASE} + exit ;; + macppc:MirBSD:*:*) + echo powerpc-unknown-mirbsd${UNAME_RELEASE} + exit ;; + *:MirBSD:*:*) + echo ${UNAME_MACHINE}-unknown-mirbsd${UNAME_RELEASE} + exit ;; + alpha:OSF1:*:*) + case $UNAME_RELEASE in + *4.0) + UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'` + ;; + *5.*) + UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $4}'` + ;; + esac + # According to Compaq, /usr/sbin/psrinfo has been available on + # OSF/1 and Tru64 systems produced since 1995. I hope that + # covers most systems running today. This code pipes the CPU + # types through head -n 1, so we only detect the type of CPU 0. + ALPHA_CPU_TYPE=`/usr/sbin/psrinfo -v | sed -n -e 's/^ The alpha \(.*\) processor.*$/\1/p' | head -n 1` + case "$ALPHA_CPU_TYPE" in + "EV4 (21064)") + UNAME_MACHINE="alpha" ;; + "EV4.5 (21064)") + UNAME_MACHINE="alpha" ;; + "LCA4 (21066/21068)") + UNAME_MACHINE="alpha" ;; + "EV5 (21164)") + UNAME_MACHINE="alphaev5" ;; + "EV5.6 (21164A)") + UNAME_MACHINE="alphaev56" ;; + "EV5.6 (21164PC)") + UNAME_MACHINE="alphapca56" ;; + "EV5.7 (21164PC)") + UNAME_MACHINE="alphapca57" ;; + "EV6 (21264)") + UNAME_MACHINE="alphaev6" ;; + "EV6.7 (21264A)") + UNAME_MACHINE="alphaev67" ;; + "EV6.8CB (21264C)") + UNAME_MACHINE="alphaev68" ;; + "EV6.8AL (21264B)") + UNAME_MACHINE="alphaev68" ;; + "EV6.8CX (21264D)") + UNAME_MACHINE="alphaev68" ;; + "EV6.9A (21264/EV69A)") + UNAME_MACHINE="alphaev69" ;; + "EV7 (21364)") + UNAME_MACHINE="alphaev7" ;; + "EV7.9 (21364A)") + UNAME_MACHINE="alphaev79" ;; + esac + # A Pn.n version is a patched version. + # A Vn.n version is a released version. + # A Tn.n version is a released field test version. + # A Xn.n version is an unreleased experimental baselevel. + # 1.2 uses "1.2" for uname -r. + echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[PVTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` + exit ;; + Alpha\ *:Windows_NT*:*) + # How do we know it's Interix rather than the generic POSIX subsystem? + # Should we change UNAME_MACHINE based on the output of uname instead + # of the specific Alpha model? + echo alpha-pc-interix + exit ;; + 21064:Windows_NT:50:3) + echo alpha-dec-winnt3.5 + exit ;; + Amiga*:UNIX_System_V:4.0:*) + echo m68k-unknown-sysv4 + exit ;; + *:[Aa]miga[Oo][Ss]:*:*) + echo ${UNAME_MACHINE}-unknown-amigaos + exit ;; + *:[Mm]orph[Oo][Ss]:*:*) + echo ${UNAME_MACHINE}-unknown-morphos + exit ;; + *:OS/390:*:*) + echo i370-ibm-openedition + exit ;; + *:z/VM:*:*) + echo s390-ibm-zvmoe + exit ;; + *:OS400:*:*) + echo powerpc-ibm-os400 + exit ;; + arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*) + echo arm-acorn-riscix${UNAME_RELEASE} + exit ;; + arm:riscos:*:*|arm:RISCOS:*:*) + echo arm-unknown-riscos + exit ;; + SR2?01:HI-UX/MPP:*:* | SR8000:HI-UX/MPP:*:*) + echo hppa1.1-hitachi-hiuxmpp + exit ;; + Pyramid*:OSx*:*:* | MIS*:OSx*:*:* | MIS*:SMP_DC-OSx*:*:*) + # akee@wpdis03.wpafb.af.mil (Earle F. Ake) contributed MIS and NILE. + if test "`(/bin/universe) 2>/dev/null`" = att ; then + echo pyramid-pyramid-sysv3 + else + echo pyramid-pyramid-bsd + fi + exit ;; + NILE*:*:*:dcosx) + echo pyramid-pyramid-svr4 + exit ;; + DRS?6000:unix:4.0:6*) + echo sparc-icl-nx6 + exit ;; + DRS?6000:UNIX_SV:4.2*:7* | DRS?6000:isis:4.2*:7*) + case `/usr/bin/uname -p` in + sparc) echo sparc-icl-nx7; exit ;; + esac ;; + s390x:SunOS:*:*) + echo ${UNAME_MACHINE}-ibm-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; + sun4H:SunOS:5.*:*) + echo sparc-hal-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; + sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*) + echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; + i86pc:AuroraUX:5.*:* | i86xen:AuroraUX:5.*:*) + echo i386-pc-auroraux${UNAME_RELEASE} + exit ;; + i86pc:SunOS:5.*:* | i86xen:SunOS:5.*:*) + eval $set_cc_for_build + SUN_ARCH="i386" + # If there is a compiler, see if it is configured for 64-bit objects. + # Note that the Sun cc does not turn __LP64__ into 1 like gcc does. + # This test works for both compilers. + if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then + if (echo '#ifdef __amd64'; echo IS_64BIT_ARCH; echo '#endif') | \ + (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \ + grep IS_64BIT_ARCH >/dev/null + then + SUN_ARCH="x86_64" + fi + fi + echo ${SUN_ARCH}-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; + sun4*:SunOS:6*:*) + # According to config.sub, this is the proper way to canonicalize + # SunOS6. Hard to guess exactly what SunOS6 will be like, but + # it's likely to be more like Solaris than SunOS4. + echo sparc-sun-solaris3`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; + sun4*:SunOS:*:*) + case "`/usr/bin/arch -k`" in + Series*|S4*) + UNAME_RELEASE=`uname -v` + ;; + esac + # Japanese Language versions have a version number like `4.1.3-JL'. + echo sparc-sun-sunos`echo ${UNAME_RELEASE}|sed -e 's/-/_/'` + exit ;; + sun3*:SunOS:*:*) + echo m68k-sun-sunos${UNAME_RELEASE} + exit ;; + sun*:*:4.2BSD:*) + UNAME_RELEASE=`(sed 1q /etc/motd | awk '{print substr($5,1,3)}') 2>/dev/null` + test "x${UNAME_RELEASE}" = "x" && UNAME_RELEASE=3 + case "`/bin/arch`" in + sun3) + echo m68k-sun-sunos${UNAME_RELEASE} + ;; + sun4) + echo sparc-sun-sunos${UNAME_RELEASE} + ;; + esac + exit ;; + aushp:SunOS:*:*) + echo sparc-auspex-sunos${UNAME_RELEASE} + exit ;; + # The situation for MiNT is a little confusing. The machine name + # can be virtually everything (everything which is not + # "atarist" or "atariste" at least should have a processor + # > m68000). The system name ranges from "MiNT" over "FreeMiNT" + # to the lowercase version "mint" (or "freemint"). Finally + # the system name "TOS" denotes a system which is actually not + # MiNT. But MiNT is downward compatible to TOS, so this should + # be no problem. + atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*) + echo m68k-atari-mint${UNAME_RELEASE} + exit ;; + atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*) + echo m68k-atari-mint${UNAME_RELEASE} + exit ;; + *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*) + echo m68k-atari-mint${UNAME_RELEASE} + exit ;; + milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*) + echo m68k-milan-mint${UNAME_RELEASE} + exit ;; + hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*) + echo m68k-hades-mint${UNAME_RELEASE} + exit ;; + *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*) + echo m68k-unknown-mint${UNAME_RELEASE} + exit ;; + m68k:machten:*:*) + echo m68k-apple-machten${UNAME_RELEASE} + exit ;; + powerpc:machten:*:*) + echo powerpc-apple-machten${UNAME_RELEASE} + exit ;; + RISC*:Mach:*:*) + echo mips-dec-mach_bsd4.3 + exit ;; + RISC*:ULTRIX:*:*) + echo mips-dec-ultrix${UNAME_RELEASE} + exit ;; + VAX*:ULTRIX*:*:*) + echo vax-dec-ultrix${UNAME_RELEASE} + exit ;; + 2020:CLIX:*:* | 2430:CLIX:*:*) + echo clipper-intergraph-clix${UNAME_RELEASE} + exit ;; + mips:*:*:UMIPS | mips:*:*:RISCos) + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c +#ifdef __cplusplus +#include /* for printf() prototype */ + int main (int argc, char *argv[]) { +#else + int main (argc, argv) int argc; char *argv[]; { +#endif + #if defined (host_mips) && defined (MIPSEB) + #if defined (SYSTYPE_SYSV) + printf ("mips-mips-riscos%ssysv\n", argv[1]); exit (0); + #endif + #if defined (SYSTYPE_SVR4) + printf ("mips-mips-riscos%ssvr4\n", argv[1]); exit (0); + #endif + #if defined (SYSTYPE_BSD43) || defined(SYSTYPE_BSD) + printf ("mips-mips-riscos%sbsd\n", argv[1]); exit (0); + #endif + #endif + exit (-1); + } +EOF + $CC_FOR_BUILD -o $dummy $dummy.c && + dummyarg=`echo "${UNAME_RELEASE}" | sed -n 's/\([0-9]*\).*/\1/p'` && + SYSTEM_NAME=`$dummy $dummyarg` && + { echo "$SYSTEM_NAME"; exit; } + echo mips-mips-riscos${UNAME_RELEASE} + exit ;; + Motorola:PowerMAX_OS:*:*) + echo powerpc-motorola-powermax + exit ;; + Motorola:*:4.3:PL8-*) + echo powerpc-harris-powermax + exit ;; + Night_Hawk:*:*:PowerMAX_OS | Synergy:PowerMAX_OS:*:*) + echo powerpc-harris-powermax + exit ;; + Night_Hawk:Power_UNIX:*:*) + echo powerpc-harris-powerunix + exit ;; + m88k:CX/UX:7*:*) + echo m88k-harris-cxux7 + exit ;; + m88k:*:4*:R4*) + echo m88k-motorola-sysv4 + exit ;; + m88k:*:3*:R3*) + echo m88k-motorola-sysv3 + exit ;; + AViiON:dgux:*:*) + # DG/UX returns AViiON for all architectures + UNAME_PROCESSOR=`/usr/bin/uname -p` + if [ $UNAME_PROCESSOR = mc88100 ] || [ $UNAME_PROCESSOR = mc88110 ] + then + if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx ] || \ + [ ${TARGET_BINARY_INTERFACE}x = x ] + then + echo m88k-dg-dgux${UNAME_RELEASE} + else + echo m88k-dg-dguxbcs${UNAME_RELEASE} + fi + else + echo i586-dg-dgux${UNAME_RELEASE} + fi + exit ;; + M88*:DolphinOS:*:*) # DolphinOS (SVR3) + echo m88k-dolphin-sysv3 + exit ;; + M88*:*:R3*:*) + # Delta 88k system running SVR3 + echo m88k-motorola-sysv3 + exit ;; + XD88*:*:*:*) # Tektronix XD88 system running UTekV (SVR3) + echo m88k-tektronix-sysv3 + exit ;; + Tek43[0-9][0-9]:UTek:*:*) # Tektronix 4300 system running UTek (BSD) + echo m68k-tektronix-bsd + exit ;; + *:IRIX*:*:*) + echo mips-sgi-irix`echo ${UNAME_RELEASE}|sed -e 's/-/_/g'` + exit ;; + ????????:AIX?:[12].1:2) # AIX 2.2.1 or AIX 2.1.1 is RT/PC AIX. + echo romp-ibm-aix # uname -m gives an 8 hex-code CPU id + exit ;; # Note that: echo "'`uname -s`'" gives 'AIX ' + i*86:AIX:*:*) + echo i386-ibm-aix + exit ;; + ia64:AIX:*:*) + if [ -x /usr/bin/oslevel ] ; then + IBM_REV=`/usr/bin/oslevel` + else + IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE} + fi + echo ${UNAME_MACHINE}-ibm-aix${IBM_REV} + exit ;; + *:AIX:2:3) + if grep bos325 /usr/include/stdio.h >/dev/null 2>&1; then + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + #include + + main() + { + if (!__power_pc()) + exit(1); + puts("powerpc-ibm-aix3.2.5"); + exit(0); + } +EOF + if $CC_FOR_BUILD -o $dummy $dummy.c && SYSTEM_NAME=`$dummy` + then + echo "$SYSTEM_NAME" + else + echo rs6000-ibm-aix3.2.5 + fi + elif grep bos324 /usr/include/stdio.h >/dev/null 2>&1; then + echo rs6000-ibm-aix3.2.4 + else + echo rs6000-ibm-aix3.2 + fi + exit ;; + *:AIX:*:[456]) + IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | sed 1q | awk '{ print $1 }'` + if /usr/sbin/lsattr -El ${IBM_CPU_ID} | grep ' POWER' >/dev/null 2>&1; then + IBM_ARCH=rs6000 + else + IBM_ARCH=powerpc + fi + if [ -x /usr/bin/oslevel ] ; then + IBM_REV=`/usr/bin/oslevel` + else + IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE} + fi + echo ${IBM_ARCH}-ibm-aix${IBM_REV} + exit ;; + *:AIX:*:*) + echo rs6000-ibm-aix + exit ;; + ibmrt:4.4BSD:*|romp-ibm:BSD:*) + echo romp-ibm-bsd4.4 + exit ;; + ibmrt:*BSD:*|romp-ibm:BSD:*) # covers RT/PC BSD and + echo romp-ibm-bsd${UNAME_RELEASE} # 4.3 with uname added to + exit ;; # report: romp-ibm BSD 4.3 + *:BOSX:*:*) + echo rs6000-bull-bosx + exit ;; + DPX/2?00:B.O.S.:*:*) + echo m68k-bull-sysv3 + exit ;; + 9000/[34]??:4.3bsd:1.*:*) + echo m68k-hp-bsd + exit ;; + hp300:4.4BSD:*:* | 9000/[34]??:4.3bsd:2.*:*) + echo m68k-hp-bsd4.4 + exit ;; + 9000/[34678]??:HP-UX:*:*) + HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` + case "${UNAME_MACHINE}" in + 9000/31? ) HP_ARCH=m68000 ;; + 9000/[34]?? ) HP_ARCH=m68k ;; + 9000/[678][0-9][0-9]) + if [ -x /usr/bin/getconf ]; then + sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null` + sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null` + case "${sc_cpu_version}" in + 523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0 + 528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1 + 532) # CPU_PA_RISC2_0 + case "${sc_kernel_bits}" in + 32) HP_ARCH="hppa2.0n" ;; + 64) HP_ARCH="hppa2.0w" ;; + '') HP_ARCH="hppa2.0" ;; # HP-UX 10.20 + esac ;; + esac + fi + if [ "${HP_ARCH}" = "" ]; then + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + + #define _HPUX_SOURCE + #include + #include + + int main () + { + #if defined(_SC_KERNEL_BITS) + long bits = sysconf(_SC_KERNEL_BITS); + #endif + long cpu = sysconf (_SC_CPU_VERSION); + + switch (cpu) + { + case CPU_PA_RISC1_0: puts ("hppa1.0"); break; + case CPU_PA_RISC1_1: puts ("hppa1.1"); break; + case CPU_PA_RISC2_0: + #if defined(_SC_KERNEL_BITS) + switch (bits) + { + case 64: puts ("hppa2.0w"); break; + case 32: puts ("hppa2.0n"); break; + default: puts ("hppa2.0"); break; + } break; + #else /* !defined(_SC_KERNEL_BITS) */ + puts ("hppa2.0"); break; + #endif + default: puts ("hppa1.0"); break; + } + exit (0); + } +EOF + (CCOPTS= $CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null) && HP_ARCH=`$dummy` + test -z "$HP_ARCH" && HP_ARCH=hppa + fi ;; + esac + if [ ${HP_ARCH} = "hppa2.0w" ] + then + eval $set_cc_for_build + + # hppa2.0w-hp-hpux* has a 64-bit kernel and a compiler generating + # 32-bit code. hppa64-hp-hpux* has the same kernel and a compiler + # generating 64-bit code. GNU and HP use different nomenclature: + # + # $ CC_FOR_BUILD=cc ./config.guess + # => hppa2.0w-hp-hpux11.23 + # $ CC_FOR_BUILD="cc +DA2.0w" ./config.guess + # => hppa64-hp-hpux11.23 + + if echo __LP64__ | (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | + grep -q __LP64__ + then + HP_ARCH="hppa2.0w" + else + HP_ARCH="hppa64" + fi + fi + echo ${HP_ARCH}-hp-hpux${HPUX_REV} + exit ;; + ia64:HP-UX:*:*) + HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` + echo ia64-hp-hpux${HPUX_REV} + exit ;; + 3050*:HI-UX:*:*) + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + #include + int + main () + { + long cpu = sysconf (_SC_CPU_VERSION); + /* The order matters, because CPU_IS_HP_MC68K erroneously returns + true for CPU_PA_RISC1_0. CPU_IS_PA_RISC returns correct + results, however. */ + if (CPU_IS_PA_RISC (cpu)) + { + switch (cpu) + { + case CPU_PA_RISC1_0: puts ("hppa1.0-hitachi-hiuxwe2"); break; + case CPU_PA_RISC1_1: puts ("hppa1.1-hitachi-hiuxwe2"); break; + case CPU_PA_RISC2_0: puts ("hppa2.0-hitachi-hiuxwe2"); break; + default: puts ("hppa-hitachi-hiuxwe2"); break; + } + } + else if (CPU_IS_HP_MC68K (cpu)) + puts ("m68k-hitachi-hiuxwe2"); + else puts ("unknown-hitachi-hiuxwe2"); + exit (0); + } +EOF + $CC_FOR_BUILD -o $dummy $dummy.c && SYSTEM_NAME=`$dummy` && + { echo "$SYSTEM_NAME"; exit; } + echo unknown-hitachi-hiuxwe2 + exit ;; + 9000/7??:4.3bsd:*:* | 9000/8?[79]:4.3bsd:*:* ) + echo hppa1.1-hp-bsd + exit ;; + 9000/8??:4.3bsd:*:*) + echo hppa1.0-hp-bsd + exit ;; + *9??*:MPE/iX:*:* | *3000*:MPE/iX:*:*) + echo hppa1.0-hp-mpeix + exit ;; + hp7??:OSF1:*:* | hp8?[79]:OSF1:*:* ) + echo hppa1.1-hp-osf + exit ;; + hp8??:OSF1:*:*) + echo hppa1.0-hp-osf + exit ;; + i*86:OSF1:*:*) + if [ -x /usr/sbin/sysversion ] ; then + echo ${UNAME_MACHINE}-unknown-osf1mk + else + echo ${UNAME_MACHINE}-unknown-osf1 + fi + exit ;; + parisc*:Lites*:*:*) + echo hppa1.1-hp-lites + exit ;; + C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*) + echo c1-convex-bsd + exit ;; + C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*) + if getsysinfo -f scalar_acc + then echo c32-convex-bsd + else echo c2-convex-bsd + fi + exit ;; + C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*) + echo c34-convex-bsd + exit ;; + C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*) + echo c38-convex-bsd + exit ;; + C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*) + echo c4-convex-bsd + exit ;; + CRAY*Y-MP:*:*:*) + echo ymp-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' + exit ;; + CRAY*[A-Z]90:*:*:*) + echo ${UNAME_MACHINE}-cray-unicos${UNAME_RELEASE} \ + | sed -e 's/CRAY.*\([A-Z]90\)/\1/' \ + -e y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/ \ + -e 's/\.[^.]*$/.X/' + exit ;; + CRAY*TS:*:*:*) + echo t90-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' + exit ;; + CRAY*T3E:*:*:*) + echo alphaev5-cray-unicosmk${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' + exit ;; + CRAY*SV1:*:*:*) + echo sv1-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' + exit ;; + *:UNICOS/mp:*:*) + echo craynv-cray-unicosmp${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' + exit ;; + F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*) + FUJITSU_PROC=`uname -m | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` + FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` + FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'` + echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" + exit ;; + 5000:UNIX_System_V:4.*:*) + FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` + FUJITSU_REL=`echo ${UNAME_RELEASE} | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/ /_/'` + echo "sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" + exit ;; + i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*) + echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE} + exit ;; + sparc*:BSD/OS:*:*) + echo sparc-unknown-bsdi${UNAME_RELEASE} + exit ;; + *:BSD/OS:*:*) + echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE} + exit ;; + *:FreeBSD:*:*) + case ${UNAME_MACHINE} in + pc98) + echo i386-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; + amd64) + echo x86_64-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; + *) + echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; + esac + exit ;; + i*:CYGWIN*:*) + echo ${UNAME_MACHINE}-pc-cygwin + exit ;; + *:MINGW*:*) + echo ${UNAME_MACHINE}-pc-mingw32 + exit ;; + i*:windows32*:*) + # uname -m includes "-pc" on this system. + echo ${UNAME_MACHINE}-mingw32 + exit ;; + i*:PW*:*) + echo ${UNAME_MACHINE}-pc-pw32 + exit ;; + *:Interix*:*) + case ${UNAME_MACHINE} in + x86) + echo i586-pc-interix${UNAME_RELEASE} + exit ;; + authenticamd | genuineintel | EM64T) + echo x86_64-unknown-interix${UNAME_RELEASE} + exit ;; + IA64) + echo ia64-unknown-interix${UNAME_RELEASE} + exit ;; + esac ;; + [345]86:Windows_95:* | [345]86:Windows_98:* | [345]86:Windows_NT:*) + echo i${UNAME_MACHINE}-pc-mks + exit ;; + 8664:Windows_NT:*) + echo x86_64-pc-mks + exit ;; + i*:Windows_NT*:* | Pentium*:Windows_NT*:*) + # How do we know it's Interix rather than the generic POSIX subsystem? + # It also conflicts with pre-2.0 versions of AT&T UWIN. Should we + # UNAME_MACHINE based on the output of uname instead of i386? + echo i586-pc-interix + exit ;; + i*:UWIN*:*) + echo ${UNAME_MACHINE}-pc-uwin + exit ;; + amd64:CYGWIN*:*:* | x86_64:CYGWIN*:*:*) + echo x86_64-unknown-cygwin + exit ;; + p*:CYGWIN*:*) + echo powerpcle-unknown-cygwin + exit ;; + prep*:SunOS:5.*:*) + echo powerpcle-unknown-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; + *:GNU:*:*) + # the GNU system + echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-gnu`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'` + exit ;; + *:GNU/*:*:*) + # other systems with GNU libc and userland + echo ${UNAME_MACHINE}-unknown-`echo ${UNAME_SYSTEM} | sed 's,^[^/]*/,,' | tr '[A-Z]' '[a-z]'``echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`-gnu + exit ;; + i*86:Minix:*:*) + echo ${UNAME_MACHINE}-pc-minix + exit ;; + alpha:Linux:*:*) + case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in + EV5) UNAME_MACHINE=alphaev5 ;; + EV56) UNAME_MACHINE=alphaev56 ;; + PCA56) UNAME_MACHINE=alphapca56 ;; + PCA57) UNAME_MACHINE=alphapca56 ;; + EV6) UNAME_MACHINE=alphaev6 ;; + EV67) UNAME_MACHINE=alphaev67 ;; + EV68*) UNAME_MACHINE=alphaev68 ;; + esac + objdump --private-headers /bin/sh | grep -q ld.so.1 + if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi + echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC} + exit ;; + arm*:Linux:*:*) + eval $set_cc_for_build + if echo __ARM_EABI__ | $CC_FOR_BUILD -E - 2>/dev/null \ + | grep -q __ARM_EABI__ + then + echo ${UNAME_MACHINE}-unknown-linux-gnu + else + echo ${UNAME_MACHINE}-unknown-linux-gnueabi + fi + exit ;; + avr32*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + cris:Linux:*:*) + echo cris-axis-linux-gnu + exit ;; + crisv32:Linux:*:*) + echo crisv32-axis-linux-gnu + exit ;; + frv:Linux:*:*) + echo frv-unknown-linux-gnu + exit ;; + i*86:Linux:*:*) + LIBC=gnu + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + #ifdef __dietlibc__ + LIBC=dietlibc + #endif +EOF + eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^LIBC'` + echo "${UNAME_MACHINE}-pc-linux-${LIBC}" + exit ;; + ia64:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + m32r*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + m68*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + mips:Linux:*:* | mips64:Linux:*:*) + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + #undef CPU + #undef ${UNAME_MACHINE} + #undef ${UNAME_MACHINE}el + #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL) + CPU=${UNAME_MACHINE}el + #else + #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB) + CPU=${UNAME_MACHINE} + #else + CPU= + #endif + #endif +EOF + eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^CPU'` + test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; } + ;; + or32:Linux:*:*) + echo or32-unknown-linux-gnu + exit ;; + padre:Linux:*:*) + echo sparc-unknown-linux-gnu + exit ;; + parisc64:Linux:*:* | hppa64:Linux:*:*) + echo hppa64-unknown-linux-gnu + exit ;; + parisc:Linux:*:* | hppa:Linux:*:*) + # Look for CPU level + case `grep '^cpu[^a-z]*:' /proc/cpuinfo 2>/dev/null | cut -d' ' -f2` in + PA7*) echo hppa1.1-unknown-linux-gnu ;; + PA8*) echo hppa2.0-unknown-linux-gnu ;; + *) echo hppa-unknown-linux-gnu ;; + esac + exit ;; + ppc64:Linux:*:*) + echo powerpc64-unknown-linux-gnu + exit ;; + ppc:Linux:*:*) + echo powerpc-unknown-linux-gnu + exit ;; + s390:Linux:*:* | s390x:Linux:*:*) + echo ${UNAME_MACHINE}-ibm-linux + exit ;; + sh64*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + sh*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + sparc:Linux:*:* | sparc64:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + vax:Linux:*:*) + echo ${UNAME_MACHINE}-dec-linux-gnu + exit ;; + x86_64:Linux:*:*) + echo x86_64-unknown-linux-gnu + exit ;; + xtensa*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + i*86:DYNIX/ptx:4*:*) + # ptx 4.0 does uname -s correctly, with DYNIX/ptx in there. + # earlier versions are messed up and put the nodename in both + # sysname and nodename. + echo i386-sequent-sysv4 + exit ;; + i*86:UNIX_SV:4.2MP:2.*) + # Unixware is an offshoot of SVR4, but it has its own version + # number series starting with 2... + # I am not positive that other SVR4 systems won't match this, + # I just have to hope. -- rms. + # Use sysv4.2uw... so that sysv4* matches it. + echo ${UNAME_MACHINE}-pc-sysv4.2uw${UNAME_VERSION} + exit ;; + i*86:OS/2:*:*) + # If we were able to find `uname', then EMX Unix compatibility + # is probably installed. + echo ${UNAME_MACHINE}-pc-os2-emx + exit ;; + i*86:XTS-300:*:STOP) + echo ${UNAME_MACHINE}-unknown-stop + exit ;; + i*86:atheos:*:*) + echo ${UNAME_MACHINE}-unknown-atheos + exit ;; + i*86:syllable:*:*) + echo ${UNAME_MACHINE}-pc-syllable + exit ;; + i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.[02]*:*) + echo i386-unknown-lynxos${UNAME_RELEASE} + exit ;; + i*86:*DOS:*:*) + echo ${UNAME_MACHINE}-pc-msdosdjgpp + exit ;; + i*86:*:4.*:* | i*86:SYSTEM_V:4.*:*) + UNAME_REL=`echo ${UNAME_RELEASE} | sed 's/\/MP$//'` + if grep Novell /usr/include/link.h >/dev/null 2>/dev/null; then + echo ${UNAME_MACHINE}-univel-sysv${UNAME_REL} + else + echo ${UNAME_MACHINE}-pc-sysv${UNAME_REL} + fi + exit ;; + i*86:*:5:[678]*) + # UnixWare 7.x, OpenUNIX and OpenServer 6. + case `/bin/uname -X | grep "^Machine"` in + *486*) UNAME_MACHINE=i486 ;; + *Pentium) UNAME_MACHINE=i586 ;; + *Pent*|*Celeron) UNAME_MACHINE=i686 ;; + esac + echo ${UNAME_MACHINE}-unknown-sysv${UNAME_RELEASE}${UNAME_SYSTEM}${UNAME_VERSION} + exit ;; + i*86:*:3.2:*) + if test -f /usr/options/cb.name; then + UNAME_REL=`sed -n 's/.*Version //p' /dev/null >/dev/null ; then + UNAME_REL=`(/bin/uname -X|grep Release|sed -e 's/.*= //')` + (/bin/uname -X|grep i80486 >/dev/null) && UNAME_MACHINE=i486 + (/bin/uname -X|grep '^Machine.*Pentium' >/dev/null) \ + && UNAME_MACHINE=i586 + (/bin/uname -X|grep '^Machine.*Pent *II' >/dev/null) \ + && UNAME_MACHINE=i686 + (/bin/uname -X|grep '^Machine.*Pentium Pro' >/dev/null) \ + && UNAME_MACHINE=i686 + echo ${UNAME_MACHINE}-pc-sco$UNAME_REL + else + echo ${UNAME_MACHINE}-pc-sysv32 + fi + exit ;; + pc:*:*:*) + # Left here for compatibility: + # uname -m prints for DJGPP always 'pc', but it prints nothing about + # the processor, so we play safe by assuming i586. + # Note: whatever this is, it MUST be the same as what config.sub + # prints for the "djgpp" host, or else GDB configury will decide that + # this is a cross-build. + echo i586-pc-msdosdjgpp + exit ;; + Intel:Mach:3*:*) + echo i386-pc-mach3 + exit ;; + paragon:*:*:*) + echo i860-intel-osf1 + exit ;; + i860:*:4.*:*) # i860-SVR4 + if grep Stardent /usr/include/sys/uadmin.h >/dev/null 2>&1 ; then + echo i860-stardent-sysv${UNAME_RELEASE} # Stardent Vistra i860-SVR4 + else # Add other i860-SVR4 vendors below as they are discovered. + echo i860-unknown-sysv${UNAME_RELEASE} # Unknown i860-SVR4 + fi + exit ;; + mini*:CTIX:SYS*5:*) + # "miniframe" + echo m68010-convergent-sysv + exit ;; + mc68k:UNIX:SYSTEM5:3.51m) + echo m68k-convergent-sysv + exit ;; + M680?0:D-NIX:5.3:*) + echo m68k-diab-dnix + exit ;; + M68*:*:R3V[5678]*:*) + test -r /sysV68 && { echo 'm68k-motorola-sysv'; exit; } ;; + 3[345]??:*:4.0:3.0 | 3[34]??A:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 3[34]??/*:*:4.0:3.0 | 4400:*:4.0:3.0 | 4850:*:4.0:3.0 | SKA40:*:4.0:3.0 | SDS2:*:4.0:3.0 | SHG2:*:4.0:3.0 | S7501*:*:4.0:3.0) + OS_REL='' + test -r /etc/.relid \ + && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid` + /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ + && { echo i486-ncr-sysv4.3${OS_REL}; exit; } + /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ + && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;; + 3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*) + /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ + && { echo i486-ncr-sysv4; exit; } ;; + NCR*:*:4.2:* | MPRAS*:*:4.2:*) + OS_REL='.3' + test -r /etc/.relid \ + && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid` + /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ + && { echo i486-ncr-sysv4.3${OS_REL}; exit; } + /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ + && { echo i586-ncr-sysv4.3${OS_REL}; exit; } + /bin/uname -p 2>/dev/null | /bin/grep pteron >/dev/null \ + && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;; + m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*) + echo m68k-unknown-lynxos${UNAME_RELEASE} + exit ;; + mc68030:UNIX_System_V:4.*:*) + echo m68k-atari-sysv4 + exit ;; + TSUNAMI:LynxOS:2.*:*) + echo sparc-unknown-lynxos${UNAME_RELEASE} + exit ;; + rs6000:LynxOS:2.*:*) + echo rs6000-unknown-lynxos${UNAME_RELEASE} + exit ;; + PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.[02]*:*) + echo powerpc-unknown-lynxos${UNAME_RELEASE} + exit ;; + SM[BE]S:UNIX_SV:*:*) + echo mips-dde-sysv${UNAME_RELEASE} + exit ;; + RM*:ReliantUNIX-*:*:*) + echo mips-sni-sysv4 + exit ;; + RM*:SINIX-*:*:*) + echo mips-sni-sysv4 + exit ;; + *:SINIX-*:*:*) + if uname -p 2>/dev/null >/dev/null ; then + UNAME_MACHINE=`(uname -p) 2>/dev/null` + echo ${UNAME_MACHINE}-sni-sysv4 + else + echo ns32k-sni-sysv + fi + exit ;; + PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort + # says + echo i586-unisys-sysv4 + exit ;; + *:UNIX_System_V:4*:FTX*) + # From Gerald Hewes . + # How about differentiating between stratus architectures? -djm + echo hppa1.1-stratus-sysv4 + exit ;; + *:*:*:FTX*) + # From seanf@swdc.stratus.com. + echo i860-stratus-sysv4 + exit ;; + i*86:VOS:*:*) + # From Paul.Green@stratus.com. + echo ${UNAME_MACHINE}-stratus-vos + exit ;; + *:VOS:*:*) + # From Paul.Green@stratus.com. + echo hppa1.1-stratus-vos + exit ;; + mc68*:A/UX:*:*) + echo m68k-apple-aux${UNAME_RELEASE} + exit ;; + news*:NEWS-OS:6*:*) + echo mips-sony-newsos6 + exit ;; + R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*) + if [ -d /usr/nec ]; then + echo mips-nec-sysv${UNAME_RELEASE} + else + echo mips-unknown-sysv${UNAME_RELEASE} + fi + exit ;; + BeBox:BeOS:*:*) # BeOS running on hardware made by Be, PPC only. + echo powerpc-be-beos + exit ;; + BeMac:BeOS:*:*) # BeOS running on Mac or Mac clone, PPC only. + echo powerpc-apple-beos + exit ;; + BePC:BeOS:*:*) # BeOS running on Intel PC compatible. + echo i586-pc-beos + exit ;; + BePC:Haiku:*:*) # Haiku running on Intel PC compatible. + echo i586-pc-haiku + exit ;; + SX-4:SUPER-UX:*:*) + echo sx4-nec-superux${UNAME_RELEASE} + exit ;; + SX-5:SUPER-UX:*:*) + echo sx5-nec-superux${UNAME_RELEASE} + exit ;; + SX-6:SUPER-UX:*:*) + echo sx6-nec-superux${UNAME_RELEASE} + exit ;; + SX-7:SUPER-UX:*:*) + echo sx7-nec-superux${UNAME_RELEASE} + exit ;; + SX-8:SUPER-UX:*:*) + echo sx8-nec-superux${UNAME_RELEASE} + exit ;; + SX-8R:SUPER-UX:*:*) + echo sx8r-nec-superux${UNAME_RELEASE} + exit ;; + Power*:Rhapsody:*:*) + echo powerpc-apple-rhapsody${UNAME_RELEASE} + exit ;; + *:Rhapsody:*:*) + echo ${UNAME_MACHINE}-apple-rhapsody${UNAME_RELEASE} + exit ;; + *:Darwin:*:*) + UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown + case $UNAME_PROCESSOR in + i386) + eval $set_cc_for_build + if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then + if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \ + (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \ + grep IS_64BIT_ARCH >/dev/null + then + UNAME_PROCESSOR="x86_64" + fi + fi ;; + unknown) UNAME_PROCESSOR=powerpc ;; + esac + echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE} + exit ;; + *:procnto*:*:* | *:QNX:[0123456789]*:*) + UNAME_PROCESSOR=`uname -p` + if test "$UNAME_PROCESSOR" = "x86"; then + UNAME_PROCESSOR=i386 + UNAME_MACHINE=pc + fi + echo ${UNAME_PROCESSOR}-${UNAME_MACHINE}-nto-qnx${UNAME_RELEASE} + exit ;; + *:QNX:*:4*) + echo i386-pc-qnx + exit ;; + NSE-?:NONSTOP_KERNEL:*:*) + echo nse-tandem-nsk${UNAME_RELEASE} + exit ;; + NSR-?:NONSTOP_KERNEL:*:*) + echo nsr-tandem-nsk${UNAME_RELEASE} + exit ;; + *:NonStop-UX:*:*) + echo mips-compaq-nonstopux + exit ;; + BS2000:POSIX*:*:*) + echo bs2000-siemens-sysv + exit ;; + DS/*:UNIX_System_V:*:*) + echo ${UNAME_MACHINE}-${UNAME_SYSTEM}-${UNAME_RELEASE} + exit ;; + *:Plan9:*:*) + # "uname -m" is not consistent, so use $cputype instead. 386 + # is converted to i386 for consistency with other x86 + # operating systems. + if test "$cputype" = "386"; then + UNAME_MACHINE=i386 + else + UNAME_MACHINE="$cputype" + fi + echo ${UNAME_MACHINE}-unknown-plan9 + exit ;; + *:TOPS-10:*:*) + echo pdp10-unknown-tops10 + exit ;; + *:TENEX:*:*) + echo pdp10-unknown-tenex + exit ;; + KS10:TOPS-20:*:* | KL10:TOPS-20:*:* | TYPE4:TOPS-20:*:*) + echo pdp10-dec-tops20 + exit ;; + XKL-1:TOPS-20:*:* | TYPE5:TOPS-20:*:*) + echo pdp10-xkl-tops20 + exit ;; + *:TOPS-20:*:*) + echo pdp10-unknown-tops20 + exit ;; + *:ITS:*:*) + echo pdp10-unknown-its + exit ;; + SEI:*:*:SEIUX) + echo mips-sei-seiux${UNAME_RELEASE} + exit ;; + *:DragonFly:*:*) + echo ${UNAME_MACHINE}-unknown-dragonfly`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` + exit ;; + *:*VMS:*:*) + UNAME_MACHINE=`(uname -p) 2>/dev/null` + case "${UNAME_MACHINE}" in + A*) echo alpha-dec-vms ; exit ;; + I*) echo ia64-dec-vms ; exit ;; + V*) echo vax-dec-vms ; exit ;; + esac ;; + *:XENIX:*:SysV) + echo i386-pc-xenix + exit ;; + i*86:skyos:*:*) + echo ${UNAME_MACHINE}-pc-skyos`echo ${UNAME_RELEASE}` | sed -e 's/ .*$//' + exit ;; + i*86:rdos:*:*) + echo ${UNAME_MACHINE}-pc-rdos + exit ;; + i*86:AROS:*:*) + echo ${UNAME_MACHINE}-pc-aros + exit ;; +esac + +#echo '(No uname command or uname output not recognized.)' 1>&2 +#echo "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" 1>&2 + +eval $set_cc_for_build +cat >$dummy.c < +# include +#endif +main () +{ +#if defined (sony) +#if defined (MIPSEB) + /* BFD wants "bsd" instead of "newsos". Perhaps BFD should be changed, + I don't know.... */ + printf ("mips-sony-bsd\n"); exit (0); +#else +#include + printf ("m68k-sony-newsos%s\n", +#ifdef NEWSOS4 + "4" +#else + "" +#endif + ); exit (0); +#endif +#endif + +#if defined (__arm) && defined (__acorn) && defined (__unix) + printf ("arm-acorn-riscix\n"); exit (0); +#endif + +#if defined (hp300) && !defined (hpux) + printf ("m68k-hp-bsd\n"); exit (0); +#endif + +#if defined (NeXT) +#if !defined (__ARCHITECTURE__) +#define __ARCHITECTURE__ "m68k" +#endif + int version; + version=`(hostinfo | sed -n 's/.*NeXT Mach \([0-9]*\).*/\1/p') 2>/dev/null`; + if (version < 4) + printf ("%s-next-nextstep%d\n", __ARCHITECTURE__, version); + else + printf ("%s-next-openstep%d\n", __ARCHITECTURE__, version); + exit (0); +#endif + +#if defined (MULTIMAX) || defined (n16) +#if defined (UMAXV) + printf ("ns32k-encore-sysv\n"); exit (0); +#else +#if defined (CMU) + printf ("ns32k-encore-mach\n"); exit (0); +#else + printf ("ns32k-encore-bsd\n"); exit (0); +#endif +#endif +#endif + +#if defined (__386BSD__) + printf ("i386-pc-bsd\n"); exit (0); +#endif + +#if defined (sequent) +#if defined (i386) + printf ("i386-sequent-dynix\n"); exit (0); +#endif +#if defined (ns32000) + printf ("ns32k-sequent-dynix\n"); exit (0); +#endif +#endif + +#if defined (_SEQUENT_) + struct utsname un; + + uname(&un); + + if (strncmp(un.version, "V2", 2) == 0) { + printf ("i386-sequent-ptx2\n"); exit (0); + } + if (strncmp(un.version, "V1", 2) == 0) { /* XXX is V1 correct? */ + printf ("i386-sequent-ptx1\n"); exit (0); + } + printf ("i386-sequent-ptx\n"); exit (0); + +#endif + +#if defined (vax) +# if !defined (ultrix) +# include +# if defined (BSD) +# if BSD == 43 + printf ("vax-dec-bsd4.3\n"); exit (0); +# else +# if BSD == 199006 + printf ("vax-dec-bsd4.3reno\n"); exit (0); +# else + printf ("vax-dec-bsd\n"); exit (0); +# endif +# endif +# else + printf ("vax-dec-bsd\n"); exit (0); +# endif +# else + printf ("vax-dec-ultrix\n"); exit (0); +# endif +#endif + +#if defined (alliant) && defined (i860) + printf ("i860-alliant-bsd\n"); exit (0); +#endif + + exit (1); +} +EOF + +$CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null && SYSTEM_NAME=`$dummy` && + { echo "$SYSTEM_NAME"; exit; } + +# Apollos put the system type in the environment. + +test -d /usr/apollo && { echo ${ISP}-apollo-${SYSTYPE}; exit; } + +# Convex versions that predate uname can use getsysinfo(1) + +if [ -x /usr/convex/getsysinfo ] +then + case `getsysinfo -f cpu_type` in + c1*) + echo c1-convex-bsd + exit ;; + c2*) + if getsysinfo -f scalar_acc + then echo c32-convex-bsd + else echo c2-convex-bsd + fi + exit ;; + c34*) + echo c34-convex-bsd + exit ;; + c38*) + echo c38-convex-bsd + exit ;; + c4*) + echo c4-convex-bsd + exit ;; + esac +fi + +cat >&2 < in order to provide the needed +information to handle your system. + +config.guess timestamp = $timestamp + +uname -m = `(uname -m) 2>/dev/null || echo unknown` +uname -r = `(uname -r) 2>/dev/null || echo unknown` +uname -s = `(uname -s) 2>/dev/null || echo unknown` +uname -v = `(uname -v) 2>/dev/null || echo unknown` + +/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null` +/bin/uname -X = `(/bin/uname -X) 2>/dev/null` + +hostinfo = `(hostinfo) 2>/dev/null` +/bin/universe = `(/bin/universe) 2>/dev/null` +/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null` +/bin/arch = `(/bin/arch) 2>/dev/null` +/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null` +/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null` + +UNAME_MACHINE = ${UNAME_MACHINE} +UNAME_RELEASE = ${UNAME_RELEASE} +UNAME_SYSTEM = ${UNAME_SYSTEM} +UNAME_VERSION = ${UNAME_VERSION} +EOF + +exit 1 + +# Local variables: +# eval: (add-hook 'write-file-hooks 'time-stamp) +# time-stamp-start: "timestamp='" +# time-stamp-format: "%:y-%02m-%02d" +# time-stamp-end: "'" +# End: diff -r e1d7053e4d45 -r 76dce3b9468e config.sub --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/config.sub Fri Jan 18 10:55:48 2013 +0000 @@ -0,0 +1,1714 @@ +#! /bin/sh +# Configuration validation subroutine script. +# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, +# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 +# Free Software Foundation, Inc. + +timestamp='2010-01-22' + +# This file is (in principle) common to ALL GNU software. +# The presence of a machine in this file suggests that SOME GNU software +# can handle that machine. It does not imply ALL GNU software can. +# +# This file is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA +# 02110-1301, USA. +# +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that program. + + +# Please send patches to . Submit a context +# diff and a properly formatted GNU ChangeLog entry. +# +# Configuration subroutine to validate and canonicalize a configuration type. +# Supply the specified configuration type as an argument. +# If it is invalid, we print an error message on stderr and exit with code 1. +# Otherwise, we print the canonical config type on stdout and succeed. + +# You can get the latest version of this script from: +# http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub;hb=HEAD + +# This file is supposed to be the same for all GNU packages +# and recognize all the CPU types, system types and aliases +# that are meaningful with *any* GNU software. +# Each package is responsible for reporting which valid configurations +# it does not support. The user should be able to distinguish +# a failure to support a valid configuration from a meaningless +# configuration. + +# The goal of this file is to map all the various variations of a given +# machine specification into a single specification in the form: +# CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM +# or in some cases, the newer four-part form: +# CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM +# It is wrong to echo any other type of specification. + +me=`echo "$0" | sed -e 's,.*/,,'` + +usage="\ +Usage: $0 [OPTION] CPU-MFR-OPSYS + $0 [OPTION] ALIAS + +Canonicalize a configuration name. + +Operation modes: + -h, --help print this help, then exit + -t, --time-stamp print date of last modification, then exit + -v, --version print version number, then exit + +Report bugs and patches to ." + +version="\ +GNU config.sub ($timestamp) + +Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, +2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free +Software Foundation, Inc. + +This is free software; see the source for copying conditions. There is NO +warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." + +help=" +Try \`$me --help' for more information." + +# Parse command line +while test $# -gt 0 ; do + case $1 in + --time-stamp | --time* | -t ) + echo "$timestamp" ; exit ;; + --version | -v ) + echo "$version" ; exit ;; + --help | --h* | -h ) + echo "$usage"; exit ;; + -- ) # Stop option processing + shift; break ;; + - ) # Use stdin as input. + break ;; + -* ) + echo "$me: invalid option $1$help" + exit 1 ;; + + *local*) + # First pass through any local machine types. + echo $1 + exit ;; + + * ) + break ;; + esac +done + +case $# in + 0) echo "$me: missing argument$help" >&2 + exit 1;; + 1) ;; + *) echo "$me: too many arguments$help" >&2 + exit 1;; +esac + +# Separate what the user gave into CPU-COMPANY and OS or KERNEL-OS (if any). +# Here we must recognize all the valid KERNEL-OS combinations. +maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'` +case $maybe_os in + nto-qnx* | linux-gnu* | linux-dietlibc | linux-newlib* | linux-uclibc* | \ + uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* | \ + kopensolaris*-gnu* | \ + storm-chaos* | os2-emx* | rtmk-nova*) + os=-$maybe_os + basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'` + ;; + *) + basic_machine=`echo $1 | sed 's/-[^-]*$//'` + if [ $basic_machine != $1 ] + then os=`echo $1 | sed 's/.*-/-/'` + else os=; fi + ;; +esac + +### Let's recognize common machines as not being operating systems so +### that things like config.sub decstation-3100 work. We also +### recognize some manufacturers as not being operating systems, so we +### can provide default operating systems below. +case $os in + -sun*os*) + # Prevent following clause from handling this invalid input. + ;; + -dec* | -mips* | -sequent* | -encore* | -pc532* | -sgi* | -sony* | \ + -att* | -7300* | -3300* | -delta* | -motorola* | -sun[234]* | \ + -unicom* | -ibm* | -next | -hp | -isi* | -apollo | -altos* | \ + -convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\ + -c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \ + -harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \ + -apple | -axis | -knuth | -cray | -microblaze) + os= + basic_machine=$1 + ;; + -bluegene*) + os=-cnk + ;; + -sim | -cisco | -oki | -wec | -winbond) + os= + basic_machine=$1 + ;; + -scout) + ;; + -wrs) + os=-vxworks + basic_machine=$1 + ;; + -chorusos*) + os=-chorusos + basic_machine=$1 + ;; + -chorusrdb) + os=-chorusrdb + basic_machine=$1 + ;; + -hiux*) + os=-hiuxwe2 + ;; + -sco6) + os=-sco5v6 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco5) + os=-sco3.2v5 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco4) + os=-sco3.2v4 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco3.2.[4-9]*) + os=`echo $os | sed -e 's/sco3.2./sco3.2v/'` + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco3.2v[4-9]*) + # Don't forget version if it is 3.2v4 or newer. + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco5v6*) + # Don't forget version if it is 3.2v4 or newer. + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco*) + os=-sco3.2v2 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -udk*) + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -isc) + os=-isc2.2 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -clix*) + basic_machine=clipper-intergraph + ;; + -isc*) + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -lynx*) + os=-lynxos + ;; + -ptx*) + basic_machine=`echo $1 | sed -e 's/86-.*/86-sequent/'` + ;; + -windowsnt*) + os=`echo $os | sed -e 's/windowsnt/winnt/'` + ;; + -psos*) + os=-psos + ;; + -mint | -mint[0-9]*) + basic_machine=m68k-atari + os=-mint + ;; +esac + +# Decode aliases for certain CPU-COMPANY combinations. +case $basic_machine in + # Recognize the basic CPU types without company name. + # Some are omitted here because they have special meanings below. + 1750a | 580 \ + | a29k \ + | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \ + | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \ + | am33_2.0 \ + | arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr | avr32 \ + | bfin \ + | c4x | clipper \ + | d10v | d30v | dlx | dsp16xx \ + | fido | fr30 | frv \ + | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \ + | i370 | i860 | i960 | ia64 \ + | ip2k | iq2000 \ + | lm32 \ + | m32c | m32r | m32rle | m68000 | m68k | m88k \ + | maxq | mb | microblaze | mcore | mep | metag \ + | mips | mipsbe | mipseb | mipsel | mipsle \ + | mips16 \ + | mips64 | mips64el \ + | mips64octeon | mips64octeonel \ + | mips64orion | mips64orionel \ + | mips64r5900 | mips64r5900el \ + | mips64vr | mips64vrel \ + | mips64vr4100 | mips64vr4100el \ + | mips64vr4300 | mips64vr4300el \ + | mips64vr5000 | mips64vr5000el \ + | mips64vr5900 | mips64vr5900el \ + | mipsisa32 | mipsisa32el \ + | mipsisa32r2 | mipsisa32r2el \ + | mipsisa64 | mipsisa64el \ + | mipsisa64r2 | mipsisa64r2el \ + | mipsisa64sb1 | mipsisa64sb1el \ + | mipsisa64sr71k | mipsisa64sr71kel \ + | mipstx39 | mipstx39el \ + | mn10200 | mn10300 \ + | moxie \ + | mt \ + | msp430 \ + | nios | nios2 \ + | ns16k | ns32k \ + | or32 \ + | pdp10 | pdp11 | pj | pjl \ + | powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \ + | pyramid \ + | rx \ + | score \ + | sh | sh[1234] | sh[24]a | sh[24]aeb | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \ + | sh64 | sh64le \ + | sparc | sparc64 | sparc64b | sparc64v | sparc86x | sparclet | sparclite \ + | sparcv8 | sparcv9 | sparcv9b | sparcv9v \ + | spu | strongarm \ + | tahoe | thumb | tic4x | tic80 | tron \ + | ubicom32 \ + | v850 | v850e \ + | we32k \ + | x86 | xc16x | xscale | xscalee[bl] | xstormy16 | xtensa \ + | z8k | z80) + basic_machine=$basic_machine-unknown + ;; + m6811 | m68hc11 | m6812 | m68hc12 | picochip) + # Motorola 68HC11/12. + basic_machine=$basic_machine-unknown + os=-none + ;; + m88110 | m680[12346]0 | m683?2 | m68360 | m5200 | v70 | w65 | z8k) + ;; + ms1) + basic_machine=mt-unknown + ;; + + # We use `pc' rather than `unknown' + # because (1) that's what they normally are, and + # (2) the word "unknown" tends to confuse beginning users. + i*86 | x86_64) + basic_machine=$basic_machine-pc + ;; + # Object if more than one company name word. + *-*-*) + echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2 + exit 1 + ;; + # Recognize the basic CPU types with company name. + 580-* \ + | a29k-* \ + | alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \ + | alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \ + | alphapca5[67]-* | alpha64pca5[67]-* | arc-* \ + | arm-* | armbe-* | armle-* | armeb-* | armv*-* \ + | avr-* | avr32-* \ + | bfin-* | bs2000-* \ + | c[123]* | c30-* | [cjt]90-* | c4x-* | c54x-* | c55x-* | c6x-* \ + | clipper-* | craynv-* | cydra-* \ + | d10v-* | d30v-* | dlx-* \ + | elxsi-* \ + | f30[01]-* | f700-* | fido-* | fr30-* | frv-* | fx80-* \ + | h8300-* | h8500-* \ + | hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \ + | i*86-* | i860-* | i960-* | ia64-* \ + | ip2k-* | iq2000-* \ + | lm32-* \ + | m32c-* | m32r-* | m32rle-* \ + | m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \ + | m88110-* | m88k-* | maxq-* | mcore-* | metag-* | microblaze-* \ + | mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \ + | mips16-* \ + | mips64-* | mips64el-* \ + | mips64octeon-* | mips64octeonel-* \ + | mips64orion-* | mips64orionel-* \ + | mips64r5900-* | mips64r5900el-* \ + | mips64vr-* | mips64vrel-* \ + | mips64vr4100-* | mips64vr4100el-* \ + | mips64vr4300-* | mips64vr4300el-* \ + | mips64vr5000-* | mips64vr5000el-* \ + | mips64vr5900-* | mips64vr5900el-* \ + | mipsisa32-* | mipsisa32el-* \ + | mipsisa32r2-* | mipsisa32r2el-* \ + | mipsisa64-* | mipsisa64el-* \ + | mipsisa64r2-* | mipsisa64r2el-* \ + | mipsisa64sb1-* | mipsisa64sb1el-* \ + | mipsisa64sr71k-* | mipsisa64sr71kel-* \ + | mipstx39-* | mipstx39el-* \ + | mmix-* \ + | mt-* \ + | msp430-* \ + | nios-* | nios2-* \ + | none-* | np1-* | ns16k-* | ns32k-* \ + | orion-* \ + | pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \ + | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \ + | pyramid-* \ + | romp-* | rs6000-* | rx-* \ + | sh-* | sh[1234]-* | sh[24]a-* | sh[24]aeb-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \ + | shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \ + | sparc-* | sparc64-* | sparc64b-* | sparc64v-* | sparc86x-* | sparclet-* \ + | sparclite-* \ + | sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | strongarm-* | sv1-* | sx?-* \ + | tahoe-* | thumb-* \ + | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \ + | tile-* | tilegx-* \ + | tron-* \ + | ubicom32-* \ + | v850-* | v850e-* | vax-* \ + | we32k-* \ + | x86-* | x86_64-* | xc16x-* | xps100-* | xscale-* | xscalee[bl]-* \ + | xstormy16-* | xtensa*-* \ + | ymp-* \ + | z8k-* | z80-*) + ;; + # Recognize the basic CPU types without company name, with glob match. + xtensa*) + basic_machine=$basic_machine-unknown + ;; + # Recognize the various machine names and aliases which stand + # for a CPU type and a company and sometimes even an OS. + 386bsd) + basic_machine=i386-unknown + os=-bsd + ;; + 3b1 | 7300 | 7300-att | att-7300 | pc7300 | safari | unixpc) + basic_machine=m68000-att + ;; + 3b*) + basic_machine=we32k-att + ;; + a29khif) + basic_machine=a29k-amd + os=-udi + ;; + abacus) + basic_machine=abacus-unknown + ;; + adobe68k) + basic_machine=m68010-adobe + os=-scout + ;; + alliant | fx80) + basic_machine=fx80-alliant + ;; + altos | altos3068) + basic_machine=m68k-altos + ;; + am29k) + basic_machine=a29k-none + os=-bsd + ;; + amd64) + basic_machine=x86_64-pc + ;; + amd64-*) + basic_machine=x86_64-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + amdahl) + basic_machine=580-amdahl + os=-sysv + ;; + amiga | amiga-*) + basic_machine=m68k-unknown + ;; + amigaos | amigados) + basic_machine=m68k-unknown + os=-amigaos + ;; + amigaunix | amix) + basic_machine=m68k-unknown + os=-sysv4 + ;; + apollo68) + basic_machine=m68k-apollo + os=-sysv + ;; + apollo68bsd) + basic_machine=m68k-apollo + os=-bsd + ;; + aros) + basic_machine=i386-pc + os=-aros + ;; + aux) + basic_machine=m68k-apple + os=-aux + ;; + balance) + basic_machine=ns32k-sequent + os=-dynix + ;; + blackfin) + basic_machine=bfin-unknown + os=-linux + ;; + blackfin-*) + basic_machine=bfin-`echo $basic_machine | sed 's/^[^-]*-//'` + os=-linux + ;; + bluegene*) + basic_machine=powerpc-ibm + os=-cnk + ;; + c90) + basic_machine=c90-cray + os=-unicos + ;; + cegcc) + basic_machine=arm-unknown + os=-cegcc + ;; + convex-c1) + basic_machine=c1-convex + os=-bsd + ;; + convex-c2) + basic_machine=c2-convex + os=-bsd + ;; + convex-c32) + basic_machine=c32-convex + os=-bsd + ;; + convex-c34) + basic_machine=c34-convex + os=-bsd + ;; + convex-c38) + basic_machine=c38-convex + os=-bsd + ;; + cray | j90) + basic_machine=j90-cray + os=-unicos + ;; + craynv) + basic_machine=craynv-cray + os=-unicosmp + ;; + cr16) + basic_machine=cr16-unknown + os=-elf + ;; + crds | unos) + basic_machine=m68k-crds + ;; + crisv32 | crisv32-* | etraxfs*) + basic_machine=crisv32-axis + ;; + cris | cris-* | etrax*) + basic_machine=cris-axis + ;; + crx) + basic_machine=crx-unknown + os=-elf + ;; + da30 | da30-*) + basic_machine=m68k-da30 + ;; + decstation | decstation-3100 | pmax | pmax-* | pmin | dec3100 | decstatn) + basic_machine=mips-dec + ;; + decsystem10* | dec10*) + basic_machine=pdp10-dec + os=-tops10 + ;; + decsystem20* | dec20*) + basic_machine=pdp10-dec + os=-tops20 + ;; + delta | 3300 | motorola-3300 | motorola-delta \ + | 3300-motorola | delta-motorola) + basic_machine=m68k-motorola + ;; + delta88) + basic_machine=m88k-motorola + os=-sysv3 + ;; + dicos) + basic_machine=i686-pc + os=-dicos + ;; + djgpp) + basic_machine=i586-pc + os=-msdosdjgpp + ;; + dpx20 | dpx20-*) + basic_machine=rs6000-bull + os=-bosx + ;; + dpx2* | dpx2*-bull) + basic_machine=m68k-bull + os=-sysv3 + ;; + ebmon29k) + basic_machine=a29k-amd + os=-ebmon + ;; + elxsi) + basic_machine=elxsi-elxsi + os=-bsd + ;; + encore | umax | mmax) + basic_machine=ns32k-encore + ;; + es1800 | OSE68k | ose68k | ose | OSE) + basic_machine=m68k-ericsson + os=-ose + ;; + fx2800) + basic_machine=i860-alliant + ;; + genix) + basic_machine=ns32k-ns + ;; + gmicro) + basic_machine=tron-gmicro + os=-sysv + ;; + go32) + basic_machine=i386-pc + os=-go32 + ;; + h3050r* | hiux*) + basic_machine=hppa1.1-hitachi + os=-hiuxwe2 + ;; + h8300hms) + basic_machine=h8300-hitachi + os=-hms + ;; + h8300xray) + basic_machine=h8300-hitachi + os=-xray + ;; + h8500hms) + basic_machine=h8500-hitachi + os=-hms + ;; + harris) + basic_machine=m88k-harris + os=-sysv3 + ;; + hp300-*) + basic_machine=m68k-hp + ;; + hp300bsd) + basic_machine=m68k-hp + os=-bsd + ;; + hp300hpux) + basic_machine=m68k-hp + os=-hpux + ;; + hp3k9[0-9][0-9] | hp9[0-9][0-9]) + basic_machine=hppa1.0-hp + ;; + hp9k2[0-9][0-9] | hp9k31[0-9]) + basic_machine=m68000-hp + ;; + hp9k3[2-9][0-9]) + basic_machine=m68k-hp + ;; + hp9k6[0-9][0-9] | hp6[0-9][0-9]) + basic_machine=hppa1.0-hp + ;; + hp9k7[0-79][0-9] | hp7[0-79][0-9]) + basic_machine=hppa1.1-hp + ;; + hp9k78[0-9] | hp78[0-9]) + # FIXME: really hppa2.0-hp + basic_machine=hppa1.1-hp + ;; + hp9k8[67]1 | hp8[67]1 | hp9k80[24] | hp80[24] | hp9k8[78]9 | hp8[78]9 | hp9k893 | hp893) + # FIXME: really hppa2.0-hp + basic_machine=hppa1.1-hp + ;; + hp9k8[0-9][13679] | hp8[0-9][13679]) + basic_machine=hppa1.1-hp + ;; + hp9k8[0-9][0-9] | hp8[0-9][0-9]) + basic_machine=hppa1.0-hp + ;; + hppa-next) + os=-nextstep3 + ;; + hppaosf) + basic_machine=hppa1.1-hp + os=-osf + ;; + hppro) + basic_machine=hppa1.1-hp + os=-proelf + ;; + i370-ibm* | ibm*) + basic_machine=i370-ibm + ;; +# I'm not sure what "Sysv32" means. Should this be sysv3.2? + i*86v32) + basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` + os=-sysv32 + ;; + i*86v4*) + basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` + os=-sysv4 + ;; + i*86v) + basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` + os=-sysv + ;; + i*86sol2) + basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` + os=-solaris2 + ;; + i386mach) + basic_machine=i386-mach + os=-mach + ;; + i386-vsta | vsta) + basic_machine=i386-unknown + os=-vsta + ;; + iris | iris4d) + basic_machine=mips-sgi + case $os in + -irix*) + ;; + *) + os=-irix4 + ;; + esac + ;; + isi68 | isi) + basic_machine=m68k-isi + os=-sysv + ;; + m68knommu) + basic_machine=m68k-unknown + os=-linux + ;; + m68knommu-*) + basic_machine=m68k-`echo $basic_machine | sed 's/^[^-]*-//'` + os=-linux + ;; + m88k-omron*) + basic_machine=m88k-omron + ;; + magnum | m3230) + basic_machine=mips-mips + os=-sysv + ;; + merlin) + basic_machine=ns32k-utek + os=-sysv + ;; + microblaze) + basic_machine=microblaze-xilinx + ;; + mingw32) + basic_machine=i386-pc + os=-mingw32 + ;; + mingw32ce) + basic_machine=arm-unknown + os=-mingw32ce + ;; + miniframe) + basic_machine=m68000-convergent + ;; + *mint | -mint[0-9]* | *MiNT | *MiNT[0-9]*) + basic_machine=m68k-atari + os=-mint + ;; + mips3*-*) + basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'` + ;; + mips3*) + basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`-unknown + ;; + monitor) + basic_machine=m68k-rom68k + os=-coff + ;; + morphos) + basic_machine=powerpc-unknown + os=-morphos + ;; + msdos) + basic_machine=i386-pc + os=-msdos + ;; + ms1-*) + basic_machine=`echo $basic_machine | sed -e 's/ms1-/mt-/'` + ;; + mvs) + basic_machine=i370-ibm + os=-mvs + ;; + ncr3000) + basic_machine=i486-ncr + os=-sysv4 + ;; + netbsd386) + basic_machine=i386-unknown + os=-netbsd + ;; + netwinder) + basic_machine=armv4l-rebel + os=-linux + ;; + news | news700 | news800 | news900) + basic_machine=m68k-sony + os=-newsos + ;; + news1000) + basic_machine=m68030-sony + os=-newsos + ;; + news-3600 | risc-news) + basic_machine=mips-sony + os=-newsos + ;; + necv70) + basic_machine=v70-nec + os=-sysv + ;; + next | m*-next ) + basic_machine=m68k-next + case $os in + -nextstep* ) + ;; + -ns2*) + os=-nextstep2 + ;; + *) + os=-nextstep3 + ;; + esac + ;; + nh3000) + basic_machine=m68k-harris + os=-cxux + ;; + nh[45]000) + basic_machine=m88k-harris + os=-cxux + ;; + nindy960) + basic_machine=i960-intel + os=-nindy + ;; + mon960) + basic_machine=i960-intel + os=-mon960 + ;; + nonstopux) + basic_machine=mips-compaq + os=-nonstopux + ;; + np1) + basic_machine=np1-gould + ;; + nsr-tandem) + basic_machine=nsr-tandem + ;; + op50n-* | op60c-*) + basic_machine=hppa1.1-oki + os=-proelf + ;; + openrisc | openrisc-*) + basic_machine=or32-unknown + ;; + os400) + basic_machine=powerpc-ibm + os=-os400 + ;; + OSE68000 | ose68000) + basic_machine=m68000-ericsson + os=-ose + ;; + os68k) + basic_machine=m68k-none + os=-os68k + ;; + pa-hitachi) + basic_machine=hppa1.1-hitachi + os=-hiuxwe2 + ;; + paragon) + basic_machine=i860-intel + os=-osf + ;; + parisc) + basic_machine=hppa-unknown + os=-linux + ;; + parisc-*) + basic_machine=hppa-`echo $basic_machine | sed 's/^[^-]*-//'` + os=-linux + ;; + pbd) + basic_machine=sparc-tti + ;; + pbb) + basic_machine=m68k-tti + ;; + pc532 | pc532-*) + basic_machine=ns32k-pc532 + ;; + pc98) + basic_machine=i386-pc + ;; + pc98-*) + basic_machine=i386-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + pentium | p5 | k5 | k6 | nexgen | viac3) + basic_machine=i586-pc + ;; + pentiumpro | p6 | 6x86 | athlon | athlon_*) + basic_machine=i686-pc + ;; + pentiumii | pentium2 | pentiumiii | pentium3) + basic_machine=i686-pc + ;; + pentium4) + basic_machine=i786-pc + ;; + pentium-* | p5-* | k5-* | k6-* | nexgen-* | viac3-*) + basic_machine=i586-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + pentiumpro-* | p6-* | 6x86-* | athlon-*) + basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + pentiumii-* | pentium2-* | pentiumiii-* | pentium3-*) + basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + pentium4-*) + basic_machine=i786-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + pn) + basic_machine=pn-gould + ;; + power) basic_machine=power-ibm + ;; + ppc) basic_machine=powerpc-unknown + ;; + ppc-*) basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + ppcle | powerpclittle | ppc-le | powerpc-little) + basic_machine=powerpcle-unknown + ;; + ppcle-* | powerpclittle-*) + basic_machine=powerpcle-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + ppc64) basic_machine=powerpc64-unknown + ;; + ppc64-*) basic_machine=powerpc64-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + ppc64le | powerpc64little | ppc64-le | powerpc64-little) + basic_machine=powerpc64le-unknown + ;; + ppc64le-* | powerpc64little-*) + basic_machine=powerpc64le-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + ps2) + basic_machine=i386-ibm + ;; + pw32) + basic_machine=i586-unknown + os=-pw32 + ;; + rdos) + basic_machine=i386-pc + os=-rdos + ;; + rom68k) + basic_machine=m68k-rom68k + os=-coff + ;; + rm[46]00) + basic_machine=mips-siemens + ;; + rtpc | rtpc-*) + basic_machine=romp-ibm + ;; + s390 | s390-*) + basic_machine=s390-ibm + ;; + s390x | s390x-*) + basic_machine=s390x-ibm + ;; + sa29200) + basic_machine=a29k-amd + os=-udi + ;; + sb1) + basic_machine=mipsisa64sb1-unknown + ;; + sb1el) + basic_machine=mipsisa64sb1el-unknown + ;; + sde) + basic_machine=mipsisa32-sde + os=-elf + ;; + sei) + basic_machine=mips-sei + os=-seiux + ;; + sequent) + basic_machine=i386-sequent + ;; + sh) + basic_machine=sh-hitachi + os=-hms + ;; + sh5el) + basic_machine=sh5le-unknown + ;; + sh64) + basic_machine=sh64-unknown + ;; + sparclite-wrs | simso-wrs) + basic_machine=sparclite-wrs + os=-vxworks + ;; + sps7) + basic_machine=m68k-bull + os=-sysv2 + ;; + spur) + basic_machine=spur-unknown + ;; + st2000) + basic_machine=m68k-tandem + ;; + stratus) + basic_machine=i860-stratus + os=-sysv4 + ;; + sun2) + basic_machine=m68000-sun + ;; + sun2os3) + basic_machine=m68000-sun + os=-sunos3 + ;; + sun2os4) + basic_machine=m68000-sun + os=-sunos4 + ;; + sun3os3) + basic_machine=m68k-sun + os=-sunos3 + ;; + sun3os4) + basic_machine=m68k-sun + os=-sunos4 + ;; + sun4os3) + basic_machine=sparc-sun + os=-sunos3 + ;; + sun4os4) + basic_machine=sparc-sun + os=-sunos4 + ;; + sun4sol2) + basic_machine=sparc-sun + os=-solaris2 + ;; + sun3 | sun3-*) + basic_machine=m68k-sun + ;; + sun4) + basic_machine=sparc-sun + ;; + sun386 | sun386i | roadrunner) + basic_machine=i386-sun + ;; + sv1) + basic_machine=sv1-cray + os=-unicos + ;; + symmetry) + basic_machine=i386-sequent + os=-dynix + ;; + t3e) + basic_machine=alphaev5-cray + os=-unicos + ;; + t90) + basic_machine=t90-cray + os=-unicos + ;; + tic54x | c54x*) + basic_machine=tic54x-unknown + os=-coff + ;; + tic55x | c55x*) + basic_machine=tic55x-unknown + os=-coff + ;; + tic6x | c6x*) + basic_machine=tic6x-unknown + os=-coff + ;; + # This must be matched before tile*. + tilegx*) + basic_machine=tilegx-unknown + os=-linux-gnu + ;; + tile*) + basic_machine=tile-unknown + os=-linux-gnu + ;; + tx39) + basic_machine=mipstx39-unknown + ;; + tx39el) + basic_machine=mipstx39el-unknown + ;; + toad1) + basic_machine=pdp10-xkl + os=-tops20 + ;; + tower | tower-32) + basic_machine=m68k-ncr + ;; + tpf) + basic_machine=s390x-ibm + os=-tpf + ;; + udi29k) + basic_machine=a29k-amd + os=-udi + ;; + ultra3) + basic_machine=a29k-nyu + os=-sym1 + ;; + v810 | necv810) + basic_machine=v810-nec + os=-none + ;; + vaxv) + basic_machine=vax-dec + os=-sysv + ;; + vms) + basic_machine=vax-dec + os=-vms + ;; + vpp*|vx|vx-*) + basic_machine=f301-fujitsu + ;; + vxworks960) + basic_machine=i960-wrs + os=-vxworks + ;; + vxworks68) + basic_machine=m68k-wrs + os=-vxworks + ;; + vxworks29k) + basic_machine=a29k-wrs + os=-vxworks + ;; + w65*) + basic_machine=w65-wdc + os=-none + ;; + w89k-*) + basic_machine=hppa1.1-winbond + os=-proelf + ;; + xbox) + basic_machine=i686-pc + os=-mingw32 + ;; + xps | xps100) + basic_machine=xps100-honeywell + ;; + ymp) + basic_machine=ymp-cray + os=-unicos + ;; + z8k-*-coff) + basic_machine=z8k-unknown + os=-sim + ;; + z80-*-coff) + basic_machine=z80-unknown + os=-sim + ;; + none) + basic_machine=none-none + os=-none + ;; + +# Here we handle the default manufacturer of certain CPU types. It is in +# some cases the only manufacturer, in others, it is the most popular. + w89k) + basic_machine=hppa1.1-winbond + ;; + op50n) + basic_machine=hppa1.1-oki + ;; + op60c) + basic_machine=hppa1.1-oki + ;; + romp) + basic_machine=romp-ibm + ;; + mmix) + basic_machine=mmix-knuth + ;; + rs6000) + basic_machine=rs6000-ibm + ;; + vax) + basic_machine=vax-dec + ;; + pdp10) + # there are many clones, so DEC is not a safe bet + basic_machine=pdp10-unknown + ;; + pdp11) + basic_machine=pdp11-dec + ;; + we32k) + basic_machine=we32k-att + ;; + sh[1234] | sh[24]a | sh[24]aeb | sh[34]eb | sh[1234]le | sh[23]ele) + basic_machine=sh-unknown + ;; + sparc | sparcv8 | sparcv9 | sparcv9b | sparcv9v) + basic_machine=sparc-sun + ;; + cydra) + basic_machine=cydra-cydrome + ;; + orion) + basic_machine=orion-highlevel + ;; + orion105) + basic_machine=clipper-highlevel + ;; + mac | mpw | mac-mpw) + basic_machine=m68k-apple + ;; + pmac | pmac-mpw) + basic_machine=powerpc-apple + ;; + *-unknown) + # Make sure to match an already-canonicalized machine name. + ;; + *) + echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2 + exit 1 + ;; +esac + +# Here we canonicalize certain aliases for manufacturers. +case $basic_machine in + *-digital*) + basic_machine=`echo $basic_machine | sed 's/digital.*/dec/'` + ;; + *-commodore*) + basic_machine=`echo $basic_machine | sed 's/commodore.*/cbm/'` + ;; + *) + ;; +esac + +# Decode manufacturer-specific aliases for certain operating systems. + +if [ x"$os" != x"" ] +then +case $os in + # First match some system type aliases + # that might get confused with valid system types. + # -solaris* is a basic system type, with this one exception. + -auroraux) + os=-auroraux + ;; + -solaris1 | -solaris1.*) + os=`echo $os | sed -e 's|solaris1|sunos4|'` + ;; + -solaris) + os=-solaris2 + ;; + -svr4*) + os=-sysv4 + ;; + -unixware*) + os=-sysv4.2uw + ;; + -gnu/linux*) + os=`echo $os | sed -e 's|gnu/linux|linux-gnu|'` + ;; + # First accept the basic system types. + # The portable systems comes first. + # Each alternative MUST END IN A *, to match a version number. + # -sysv* is not here because it comes later, after sysvr4. + -gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \ + | -*vms* | -sco* | -esix* | -isc* | -aix* | -cnk* | -sunos | -sunos[34]*\ + | -hpux* | -unos* | -osf* | -luna* | -dgux* | -auroraux* | -solaris* \ + | -sym* | -kopensolaris* \ + | -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \ + | -aos* | -aros* \ + | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \ + | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \ + | -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* \ + | -openbsd* | -solidbsd* \ + | -ekkobsd* | -kfreebsd* | -freebsd* | -riscix* | -lynxos* \ + | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \ + | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \ + | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \ + | -chorusos* | -chorusrdb* | -cegcc* \ + | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ + | -mingw32* | -linux-gnu* | -linux-newlib* | -linux-uclibc* \ + | -uxpv* | -beos* | -mpeix* | -udk* \ + | -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \ + | -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \ + | -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \ + | -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \ + | -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \ + | -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \ + | -skyos* | -haiku* | -rdos* | -toppers* | -drops* | -es*) + # Remember, each alternative MUST END IN *, to match a version number. + ;; + -qnx*) + case $basic_machine in + x86-* | i*86-*) + ;; + *) + os=-nto$os + ;; + esac + ;; + -nto-qnx*) + ;; + -nto*) + os=`echo $os | sed -e 's|nto|nto-qnx|'` + ;; + -sim | -es1800* | -hms* | -xray | -os68k* | -none* | -v88r* \ + | -windows* | -osx | -abug | -netware* | -os9* | -beos* | -haiku* \ + | -macos* | -mpw* | -magic* | -mmixware* | -mon960* | -lnews*) + ;; + -mac*) + os=`echo $os | sed -e 's|mac|macos|'` + ;; + -linux-dietlibc) + os=-linux-dietlibc + ;; + -linux*) + os=`echo $os | sed -e 's|linux|linux-gnu|'` + ;; + -sunos5*) + os=`echo $os | sed -e 's|sunos5|solaris2|'` + ;; + -sunos6*) + os=`echo $os | sed -e 's|sunos6|solaris3|'` + ;; + -opened*) + os=-openedition + ;; + -os400*) + os=-os400 + ;; + -wince*) + os=-wince + ;; + -osfrose*) + os=-osfrose + ;; + -osf*) + os=-osf + ;; + -utek*) + os=-bsd + ;; + -dynix*) + os=-bsd + ;; + -acis*) + os=-aos + ;; + -atheos*) + os=-atheos + ;; + -syllable*) + os=-syllable + ;; + -386bsd) + os=-bsd + ;; + -ctix* | -uts*) + os=-sysv + ;; + -nova*) + os=-rtmk-nova + ;; + -ns2 ) + os=-nextstep2 + ;; + -nsk*) + os=-nsk + ;; + # Preserve the version number of sinix5. + -sinix5.*) + os=`echo $os | sed -e 's|sinix|sysv|'` + ;; + -sinix*) + os=-sysv4 + ;; + -tpf*) + os=-tpf + ;; + -triton*) + os=-sysv3 + ;; + -oss*) + os=-sysv3 + ;; + -svr4) + os=-sysv4 + ;; + -svr3) + os=-sysv3 + ;; + -sysvr4) + os=-sysv4 + ;; + # This must come after -sysvr4. + -sysv*) + ;; + -ose*) + os=-ose + ;; + -es1800*) + os=-ose + ;; + -xenix) + os=-xenix + ;; + -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) + os=-mint + ;; + -aros*) + os=-aros + ;; + -kaos*) + os=-kaos + ;; + -zvmoe) + os=-zvmoe + ;; + -dicos*) + os=-dicos + ;; + -nacl*) + ;; + -none) + ;; + *) + # Get rid of the `-' at the beginning of $os. + os=`echo $os | sed 's/[^-]*-//'` + echo Invalid configuration \`$1\': system \`$os\' not recognized 1>&2 + exit 1 + ;; +esac +else + +# Here we handle the default operating systems that come with various machines. +# The value should be what the vendor currently ships out the door with their +# machine or put another way, the most popular os provided with the machine. + +# Note that if you're going to try to match "-MANUFACTURER" here (say, +# "-sun"), then you have to tell the case statement up towards the top +# that MANUFACTURER isn't an operating system. Otherwise, code above +# will signal an error saying that MANUFACTURER isn't an operating +# system, and we'll never get to this point. + +case $basic_machine in + score-*) + os=-elf + ;; + spu-*) + os=-elf + ;; + *-acorn) + os=-riscix1.2 + ;; + arm*-rebel) + os=-linux + ;; + arm*-semi) + os=-aout + ;; + c4x-* | tic4x-*) + os=-coff + ;; + # This must come before the *-dec entry. + pdp10-*) + os=-tops20 + ;; + pdp11-*) + os=-none + ;; + *-dec | vax-*) + os=-ultrix4.2 + ;; + m68*-apollo) + os=-domain + ;; + i386-sun) + os=-sunos4.0.2 + ;; + m68000-sun) + os=-sunos3 + # This also exists in the configure program, but was not the + # default. + # os=-sunos4 + ;; + m68*-cisco) + os=-aout + ;; + mep-*) + os=-elf + ;; + mips*-cisco) + os=-elf + ;; + mips*-*) + os=-elf + ;; + or32-*) + os=-coff + ;; + *-tti) # must be before sparc entry or we get the wrong os. + os=-sysv3 + ;; + sparc-* | *-sun) + os=-sunos4.1.1 + ;; + *-be) + os=-beos + ;; + *-haiku) + os=-haiku + ;; + *-ibm) + os=-aix + ;; + *-knuth) + os=-mmixware + ;; + *-wec) + os=-proelf + ;; + *-winbond) + os=-proelf + ;; + *-oki) + os=-proelf + ;; + *-hp) + os=-hpux + ;; + *-hitachi) + os=-hiux + ;; + i860-* | *-att | *-ncr | *-altos | *-motorola | *-convergent) + os=-sysv + ;; + *-cbm) + os=-amigaos + ;; + *-dg) + os=-dgux + ;; + *-dolphin) + os=-sysv3 + ;; + m68k-ccur) + os=-rtu + ;; + m88k-omron*) + os=-luna + ;; + *-next ) + os=-nextstep + ;; + *-sequent) + os=-ptx + ;; + *-crds) + os=-unos + ;; + *-ns) + os=-genix + ;; + i370-*) + os=-mvs + ;; + *-next) + os=-nextstep3 + ;; + *-gould) + os=-sysv + ;; + *-highlevel) + os=-bsd + ;; + *-encore) + os=-bsd + ;; + *-sgi) + os=-irix + ;; + *-siemens) + os=-sysv4 + ;; + *-masscomp) + os=-rtu + ;; + f30[01]-fujitsu | f700-fujitsu) + os=-uxpv + ;; + *-rom68k) + os=-coff + ;; + *-*bug) + os=-coff + ;; + *-apple) + os=-macos + ;; + *-atari*) + os=-mint + ;; + *) + os=-none + ;; +esac +fi + +# Here we handle the case where we know the os, and the CPU type, but not the +# manufacturer. We pick the logical manufacturer. +vendor=unknown +case $basic_machine in + *-unknown) + case $os in + -riscix*) + vendor=acorn + ;; + -sunos*) + vendor=sun + ;; + -cnk*|-aix*) + vendor=ibm + ;; + -beos*) + vendor=be + ;; + -hpux*) + vendor=hp + ;; + -mpeix*) + vendor=hp + ;; + -hiux*) + vendor=hitachi + ;; + -unos*) + vendor=crds + ;; + -dgux*) + vendor=dg + ;; + -luna*) + vendor=omron + ;; + -genix*) + vendor=ns + ;; + -mvs* | -opened*) + vendor=ibm + ;; + -os400*) + vendor=ibm + ;; + -ptx*) + vendor=sequent + ;; + -tpf*) + vendor=ibm + ;; + -vxsim* | -vxworks* | -windiss*) + vendor=wrs + ;; + -aux*) + vendor=apple + ;; + -hms*) + vendor=hitachi + ;; + -mpw* | -macos*) + vendor=apple + ;; + -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) + vendor=atari + ;; + -vos*) + vendor=stratus + ;; + esac + basic_machine=`echo $basic_machine | sed "s/unknown/$vendor/"` + ;; +esac + +echo $basic_machine$os +exit + +# Local variables: +# eval: (add-hook 'write-file-hooks 'time-stamp) +# time-stamp-start: "timestamp='" +# time-stamp-format: "%:y-%02m-%02d" +# time-stamp-end: "'" +# End: diff -r e1d7053e4d45 -r 76dce3b9468e configure --- a/configure Fri Jan 18 10:55:47 2013 +0000 +++ b/configure Fri Jan 18 10:55:48 2013 +0000 @@ -1,2 +1,2555 @@ -#!/bin/sh -e -cd tools && ./configure $@ +#! /bin/sh +# Guess values for system-dependent variables and create Makefiles. +# Generated by GNU Autoconf 2.67 for Xen Hypervisor 4.3. +# +# Report bugs to . +# +# +# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001, +# 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free Software +# Foundation, Inc. +# +# +# This configure script is free software; the Free Software Foundation +# gives unlimited permission to copy, distribute and modify it. +## -------------------- ## +## M4sh Initialization. ## +## -------------------- ## + +# Be more Bourne compatible +DUALCASE=1; export DUALCASE # for MKS sh +if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : + emulate sh + NULLCMD=: + # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which + # is contrary to our usage. Disable this feature. + alias -g '${1+"$@"}'='"$@"' + setopt NO_GLOB_SUBST +else + case `(set -o) 2>/dev/null` in #( + *posix*) : + set -o posix ;; #( + *) : + ;; +esac +fi + + +as_nl=' +' +export as_nl +# Printing a long string crashes Solaris 7 /usr/bin/printf. +as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo +# Prefer a ksh shell builtin over an external printf program on Solaris, +# but without wasting forks for bash or zsh. +if test -z "$BASH_VERSION$ZSH_VERSION" \ + && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then + as_echo='print -r --' + as_echo_n='print -rn --' +elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then + as_echo='printf %s\n' + as_echo_n='printf %s' +else + if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then + as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"' + as_echo_n='/usr/ucb/echo -n' + else + as_echo_body='eval expr "X$1" : "X\\(.*\\)"' + as_echo_n_body='eval + arg=$1; + case $arg in #( + *"$as_nl"*) + expr "X$arg" : "X\\(.*\\)$as_nl"; + arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;; + esac; + expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl" + ' + export as_echo_n_body + as_echo_n='sh -c $as_echo_n_body as_echo' + fi + export as_echo_body + as_echo='sh -c $as_echo_body as_echo' +fi + +# The user is always right. +if test "${PATH_SEPARATOR+set}" != set; then + PATH_SEPARATOR=: + (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { + (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || + PATH_SEPARATOR=';' + } +fi + + +# IFS +# We need space, tab and new line, in precisely that order. Quoting is +# there to prevent editors from complaining about space-tab. +# (If _AS_PATH_WALK were called with IFS unset, it would disable word +# splitting by setting IFS to empty value.) +IFS=" "" $as_nl" + +# Find who we are. Look in the path if we contain no directory separator. +case $0 in #(( + *[\\/]* ) as_myself=$0 ;; + *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break + done +IFS=$as_save_IFS + + ;; +esac +# We did not find ourselves, most probably we were run as `sh COMMAND' +# in which case we are not to be found in the path. +if test "x$as_myself" = x; then + as_myself=$0 +fi +if test ! -f "$as_myself"; then + $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 + exit 1 +fi + +# Unset variables that we do not need and which cause bugs (e.g. in +# pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1" +# suppresses any "Segmentation fault" message there. '((' could +# trigger a bug in pdksh 5.2.14. +for as_var in BASH_ENV ENV MAIL MAILPATH +do eval test x\${$as_var+set} = xset \ + && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : +done +PS1='$ ' +PS2='> ' +PS4='+ ' + +# NLS nuisances. +LC_ALL=C +export LC_ALL +LANGUAGE=C +export LANGUAGE + +# CDPATH. +(unset CDPATH) >/dev/null 2>&1 && unset CDPATH + +if test "x$CONFIG_SHELL" = x; then + as_bourne_compatible="if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then : + emulate sh + NULLCMD=: + # Pre-4.2 versions of Zsh do word splitting on \${1+\"\$@\"}, which + # is contrary to our usage. Disable this feature. + alias -g '\${1+\"\$@\"}'='\"\$@\"' + setopt NO_GLOB_SUBST +else + case \`(set -o) 2>/dev/null\` in #( + *posix*) : + set -o posix ;; #( + *) : + ;; +esac +fi +" + as_required="as_fn_return () { (exit \$1); } +as_fn_success () { as_fn_return 0; } +as_fn_failure () { as_fn_return 1; } +as_fn_ret_success () { return 0; } +as_fn_ret_failure () { return 1; } + +exitcode=0 +as_fn_success || { exitcode=1; echo as_fn_success failed.; } +as_fn_failure && { exitcode=1; echo as_fn_failure succeeded.; } +as_fn_ret_success || { exitcode=1; echo as_fn_ret_success failed.; } +as_fn_ret_failure && { exitcode=1; echo as_fn_ret_failure succeeded.; } +if ( set x; as_fn_ret_success y && test x = \"\$1\" ); then : + +else + exitcode=1; echo positional parameters were not saved. +fi +test x\$exitcode = x0 || exit 1" + as_suggested=" as_lineno_1=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_1a=\$LINENO + as_lineno_2=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_2a=\$LINENO + eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" && + test \"x\`expr \$as_lineno_1'\$as_run' + 1\`\" = \"x\$as_lineno_2'\$as_run'\"' || exit 1" + if (eval "$as_required") 2>/dev/null; then : + as_have_required=yes +else + as_have_required=no +fi + if test x$as_have_required = xyes && (eval "$as_suggested") 2>/dev/null; then : + +else + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +as_found=false +for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + as_found=: + case $as_dir in #( + /*) + for as_base in sh bash ksh sh5; do + # Try only shells that exist, to save several forks. + as_shell=$as_dir/$as_base + if { test -f "$as_shell" || test -f "$as_shell.exe"; } && + { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$as_shell"; } 2>/dev/null; then : + CONFIG_SHELL=$as_shell as_have_required=yes + if { $as_echo "$as_bourne_compatible""$as_suggested" | as_run=a "$as_shell"; } 2>/dev/null; then : + break 2 +fi +fi + done;; + esac + as_found=false +done +$as_found || { if { test -f "$SHELL" || test -f "$SHELL.exe"; } && + { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$SHELL"; } 2>/dev/null; then : + CONFIG_SHELL=$SHELL as_have_required=yes +fi; } +IFS=$as_save_IFS + + + if test "x$CONFIG_SHELL" != x; then : + # We cannot yet assume a decent shell, so we have to provide a + # neutralization value for shells without unset; and this also + # works around shells that cannot unset nonexistent variables. + BASH_ENV=/dev/null + ENV=/dev/null + (unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV + export CONFIG_SHELL + exec "$CONFIG_SHELL" "$as_myself" ${1+"$@"} +fi + + if test x$as_have_required = xno; then : + $as_echo "$0: This script requires a shell more modern than all" + $as_echo "$0: the shells that I found on your system." + if test x${ZSH_VERSION+set} = xset ; then + $as_echo "$0: In particular, zsh $ZSH_VERSION has bugs and should" + $as_echo "$0: be upgraded to zsh 4.3.4 or later." + else + $as_echo "$0: Please tell bug-autoconf@gnu.org and +$0: xen-devel@lists.xen.org about your system, including +$0: any error possibly output before this message. Then +$0: install a modern shell, or manually run the script +$0: under such a shell if you do have one." + fi + exit 1 +fi +fi +fi +SHELL=${CONFIG_SHELL-/bin/sh} +export SHELL +# Unset more variables known to interfere with behavior of common tools. +CLICOLOR_FORCE= GREP_OPTIONS= +unset CLICOLOR_FORCE GREP_OPTIONS + +## --------------------- ## +## M4sh Shell Functions. ## +## --------------------- ## +# as_fn_unset VAR +# --------------- +# Portably unset VAR. +as_fn_unset () +{ + { eval $1=; unset $1;} +} +as_unset=as_fn_unset + +# as_fn_set_status STATUS +# ----------------------- +# Set $? to STATUS, without forking. +as_fn_set_status () +{ + return $1 +} # as_fn_set_status + +# as_fn_exit STATUS +# ----------------- +# Exit the shell with STATUS, even in a "trap 0" or "set -e" context. +as_fn_exit () +{ + set +e + as_fn_set_status $1 + exit $1 +} # as_fn_exit + +# as_fn_mkdir_p +# ------------- +# Create "$as_dir" as a directory, including parents if necessary. +as_fn_mkdir_p () +{ + + case $as_dir in #( + -*) as_dir=./$as_dir;; + esac + test -d "$as_dir" || eval $as_mkdir_p || { + as_dirs= + while :; do + case $as_dir in #( + *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( + *) as_qdir=$as_dir;; + esac + as_dirs="'$as_qdir' $as_dirs" + as_dir=`$as_dirname -- "$as_dir" || +$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$as_dir" : 'X\(//\)[^/]' \| \ + X"$as_dir" : 'X\(//\)$' \| \ + X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$as_dir" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + test -d "$as_dir" && break + done + test -z "$as_dirs" || eval "mkdir $as_dirs" + } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" + + +} # as_fn_mkdir_p +# as_fn_append VAR VALUE +# ---------------------- +# Append the text in VALUE to the end of the definition contained in VAR. Take +# advantage of any shell optimizations that allow amortized linear growth over +# repeated appends, instead of the typical quadratic growth present in naive +# implementations. +if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then : + eval 'as_fn_append () + { + eval $1+=\$2 + }' +else + as_fn_append () + { + eval $1=\$$1\$2 + } +fi # as_fn_append + +# as_fn_arith ARG... +# ------------------ +# Perform arithmetic evaluation on the ARGs, and store the result in the +# global $as_val. Take advantage of shells that can avoid forks. The arguments +# must be portable across $(()) and expr. +if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then : + eval 'as_fn_arith () + { + as_val=$(( $* )) + }' +else + as_fn_arith () + { + as_val=`expr "$@" || test $? -eq 1` + } +fi # as_fn_arith + + +# as_fn_error STATUS ERROR [LINENO LOG_FD] +# ---------------------------------------- +# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are +# provided, also output the error to LOG_FD, referencing LINENO. Then exit the +# script with STATUS, using 1 if that was 0. +as_fn_error () +{ + as_status=$1; test $as_status -eq 0 && as_status=1 + if test "$4"; then + as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 + fi + $as_echo "$as_me: error: $2" >&2 + as_fn_exit $as_status +} # as_fn_error + +if expr a : '\(a\)' >/dev/null 2>&1 && + test "X`expr 00001 : '.*\(...\)'`" = X001; then + as_expr=expr +else + as_expr=false +fi + +if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then + as_basename=basename +else + as_basename=false +fi + +if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then + as_dirname=dirname +else + as_dirname=false +fi + +as_me=`$as_basename -- "$0" || +$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ + X"$0" : 'X\(//\)$' \| \ + X"$0" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X/"$0" | + sed '/^.*\/\([^/][^/]*\)\/*$/{ + s//\1/ + q + } + /^X\/\(\/\/\)$/{ + s//\1/ + q + } + /^X\/\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + +# Avoid depending upon Character Ranges. +as_cr_letters='abcdefghijklmnopqrstuvwxyz' +as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' +as_cr_Letters=$as_cr_letters$as_cr_LETTERS +as_cr_digits='0123456789' +as_cr_alnum=$as_cr_Letters$as_cr_digits + + + as_lineno_1=$LINENO as_lineno_1a=$LINENO + as_lineno_2=$LINENO as_lineno_2a=$LINENO + eval 'test "x$as_lineno_1'$as_run'" != "x$as_lineno_2'$as_run'" && + test "x`expr $as_lineno_1'$as_run' + 1`" = "x$as_lineno_2'$as_run'"' || { + # Blame Lee E. McMahon (1931-1989) for sed's syntax. :-) + sed -n ' + p + /[$]LINENO/= + ' <$as_myself | + sed ' + s/[$]LINENO.*/&-/ + t lineno + b + :lineno + N + :loop + s/[$]LINENO\([^'$as_cr_alnum'_].*\n\)\(.*\)/\2\1\2/ + t loop + s/-\n.*// + ' >$as_me.lineno && + chmod +x "$as_me.lineno" || + { $as_echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; } + + # Don't try to exec as it changes $[0], causing all sort of problems + # (the dirname of $[0] is not the place where we might find the + # original and so on. Autoconf is especially sensitive to this). + . "./$as_me.lineno" + # Exit status is that of the last command. + exit +} + +ECHO_C= ECHO_N= ECHO_T= +case `echo -n x` in #((((( +-n*) + case `echo 'xy\c'` in + *c*) ECHO_T=' ';; # ECHO_T is single tab character. + xy) ECHO_C='\c';; + *) echo `echo ksh88 bug on AIX 6.1` > /dev/null + ECHO_T=' ';; + esac;; +*) + ECHO_N='-n';; +esac + +rm -f conf$$ conf$$.exe conf$$.file +if test -d conf$$.dir; then + rm -f conf$$.dir/conf$$.file +else + rm -f conf$$.dir + mkdir conf$$.dir 2>/dev/null +fi +if (echo >conf$$.file) 2>/dev/null; then + if ln -s conf$$.file conf$$ 2>/dev/null; then + as_ln_s='ln -s' + # ... but there are two gotchas: + # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. + # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. + # In both cases, we have to default to `cp -p'. + ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || + as_ln_s='cp -p' + elif ln conf$$.file conf$$ 2>/dev/null; then + as_ln_s=ln + else + as_ln_s='cp -p' + fi +else + as_ln_s='cp -p' +fi +rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file +rmdir conf$$.dir 2>/dev/null + +if mkdir -p . 2>/dev/null; then + as_mkdir_p='mkdir -p "$as_dir"' +else + test -d ./-p && rmdir ./-p + as_mkdir_p=false +fi + +if test -x / >/dev/null 2>&1; then + as_test_x='test -x' +else + if ls -dL / >/dev/null 2>&1; then + as_ls_L_option=L + else + as_ls_L_option= + fi + as_test_x=' + eval sh -c '\'' + if test -d "$1"; then + test -d "$1/."; + else + case $1 in #( + -*)set "./$1";; + esac; + case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in #(( + ???[sx]*):;;*)false;;esac;fi + '\'' sh + ' +fi +as_executable_p=$as_test_x + +# Sed expression to map a string onto a valid CPP name. +as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" + +# Sed expression to map a string onto a valid variable name. +as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" + + +test -n "$DJDIR" || exec 7<&0 &1 + +# Name of the host. +# hostname on some systems (SVR3.2, old GNU/Linux) returns a bogus exit status, +# so uname gets run too. +ac_hostname=`(hostname || uname -n) 2>/dev/null | sed 1q` + +# +# Initializations. +# +ac_default_prefix=/usr/local +ac_clean_files= +ac_config_libobj_dir=. +LIBOBJS= +cross_compiling=no +subdirs= +MFLAGS= +MAKEFLAGS= + +# Identity of this package. +PACKAGE_NAME='Xen Hypervisor' +PACKAGE_TARNAME='xen' +PACKAGE_VERSION='4.3' +PACKAGE_STRING='Xen Hypervisor 4.3' +PACKAGE_BUGREPORT='xen-devel@lists.xen.org' +PACKAGE_URL='http://www.xen.org/' + +ac_unique_file="./xen/common/kernel.c" +ac_default_prefix=/usr +enable_option_checking=no +ac_subst_vars='LTLIBOBJS +LIBOBJS +subdirs +target_alias +host_alias +build_alias +LIBS +ECHO_T +ECHO_N +ECHO_C +DEFS +mandir +localedir +libdir +psdir +pdfdir +dvidir +htmldir +infodir +docdir +oldincludedir +includedir +localstatedir +sharedstatedir +sysconfdir +datadir +datarootdir +libexecdir +sbindir +bindir +program_transform_name +prefix +exec_prefix +PACKAGE_URL +PACKAGE_BUGREPORT +PACKAGE_STRING +PACKAGE_VERSION +PACKAGE_TARNAME +PACKAGE_NAME +PATH_SEPARATOR +SHELL' +ac_subst_files='' +ac_user_opts=' +enable_option_checking +' + ac_precious_vars='build_alias +host_alias +target_alias' +ac_subdirs_all='tools stubdom' + +# Initialize some variables set by options. +ac_init_help= +ac_init_version=false +ac_unrecognized_opts= +ac_unrecognized_sep= +# The variables have the same names as the options, with +# dashes changed to underlines. +cache_file=/dev/null +exec_prefix=NONE +no_create= +no_recursion= +prefix=NONE +program_prefix=NONE +program_suffix=NONE +program_transform_name=s,x,x, +silent= +site= +srcdir= +verbose= +x_includes=NONE +x_libraries=NONE + +# Installation directory options. +# These are left unexpanded so users can "make install exec_prefix=/foo" +# and all the variables that are supposed to be based on exec_prefix +# by default will actually change. +# Use braces instead of parens because sh, perl, etc. also accept them. +# (The list follows the same order as the GNU Coding Standards.) +bindir='${exec_prefix}/bin' +sbindir='${exec_prefix}/sbin' +libexecdir='${exec_prefix}/libexec' +datarootdir='${prefix}/share' +datadir='${datarootdir}' +sysconfdir='${prefix}/etc' +sharedstatedir='${prefix}/com' +localstatedir='${prefix}/var' +includedir='${prefix}/include' +oldincludedir='/usr/include' +docdir='${datarootdir}/doc/${PACKAGE_TARNAME}' +infodir='${datarootdir}/info' +htmldir='${docdir}' +dvidir='${docdir}' +pdfdir='${docdir}' +psdir='${docdir}' +libdir='${exec_prefix}/lib' +localedir='${datarootdir}/locale' +mandir='${datarootdir}/man' + +ac_prev= +ac_dashdash= +for ac_option +do + # If the previous option needs an argument, assign it. + if test -n "$ac_prev"; then + eval $ac_prev=\$ac_option + ac_prev= + continue + fi + + case $ac_option in + *=?*) ac_optarg=`expr "X$ac_option" : '[^=]*=\(.*\)'` ;; + *=) ac_optarg= ;; + *) ac_optarg=yes ;; + esac + + # Accept the important Cygnus configure options, so we can diagnose typos. + + case $ac_dashdash$ac_option in + --) + ac_dashdash=yes ;; + + -bindir | --bindir | --bindi | --bind | --bin | --bi) + ac_prev=bindir ;; + -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*) + bindir=$ac_optarg ;; + + -build | --build | --buil | --bui | --bu) + ac_prev=build_alias ;; + -build=* | --build=* | --buil=* | --bui=* | --bu=*) + build_alias=$ac_optarg ;; + + -cache-file | --cache-file | --cache-fil | --cache-fi \ + | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c) + ac_prev=cache_file ;; + -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \ + | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*) + cache_file=$ac_optarg ;; + + --config-cache | -C) + cache_file=config.cache ;; + + -datadir | --datadir | --datadi | --datad) + ac_prev=datadir ;; + -datadir=* | --datadir=* | --datadi=* | --datad=*) + datadir=$ac_optarg ;; + + -datarootdir | --datarootdir | --datarootdi | --datarootd | --dataroot \ + | --dataroo | --dataro | --datar) + ac_prev=datarootdir ;; + -datarootdir=* | --datarootdir=* | --datarootdi=* | --datarootd=* \ + | --dataroot=* | --dataroo=* | --dataro=* | --datar=*) + datarootdir=$ac_optarg ;; + + -disable-* | --disable-*) + ac_useropt=`expr "x$ac_option" : 'x-*disable-\(.*\)'` + # Reject names that are not valid shell variable names. + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error $? "invalid feature name: $ac_useropt" + ac_useropt_orig=$ac_useropt + ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"enable_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--disable-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval enable_$ac_useropt=no ;; + + -docdir | --docdir | --docdi | --doc | --do) + ac_prev=docdir ;; + -docdir=* | --docdir=* | --docdi=* | --doc=* | --do=*) + docdir=$ac_optarg ;; + + -dvidir | --dvidir | --dvidi | --dvid | --dvi | --dv) + ac_prev=dvidir ;; + -dvidir=* | --dvidir=* | --dvidi=* | --dvid=* | --dvi=* | --dv=*) + dvidir=$ac_optarg ;; + + -enable-* | --enable-*) + ac_useropt=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'` + # Reject names that are not valid shell variable names. + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error $? "invalid feature name: $ac_useropt" + ac_useropt_orig=$ac_useropt + ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"enable_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--enable-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval enable_$ac_useropt=\$ac_optarg ;; + + -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \ + | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \ + | --exec | --exe | --ex) + ac_prev=exec_prefix ;; + -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \ + | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \ + | --exec=* | --exe=* | --ex=*) + exec_prefix=$ac_optarg ;; + + -gas | --gas | --ga | --g) + # Obsolete; use --with-gas. + with_gas=yes ;; + + -help | --help | --hel | --he | -h) + ac_init_help=long ;; + -help=r* | --help=r* | --hel=r* | --he=r* | -hr*) + ac_init_help=recursive ;; + -help=s* | --help=s* | --hel=s* | --he=s* | -hs*) + ac_init_help=short ;; + + -host | --host | --hos | --ho) + ac_prev=host_alias ;; + -host=* | --host=* | --hos=* | --ho=*) + host_alias=$ac_optarg ;; + + -htmldir | --htmldir | --htmldi | --htmld | --html | --htm | --ht) + ac_prev=htmldir ;; + -htmldir=* | --htmldir=* | --htmldi=* | --htmld=* | --html=* | --htm=* \ + | --ht=*) + htmldir=$ac_optarg ;; + + -includedir | --includedir | --includedi | --included | --include \ + | --includ | --inclu | --incl | --inc) + ac_prev=includedir ;; + -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \ + | --includ=* | --inclu=* | --incl=* | --inc=*) + includedir=$ac_optarg ;; + + -infodir | --infodir | --infodi | --infod | --info | --inf) + ac_prev=infodir ;; + -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*) + infodir=$ac_optarg ;; + + -libdir | --libdir | --libdi | --libd) + ac_prev=libdir ;; + -libdir=* | --libdir=* | --libdi=* | --libd=*) + libdir=$ac_optarg ;; + + -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \ + | --libexe | --libex | --libe) + ac_prev=libexecdir ;; + -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \ + | --libexe=* | --libex=* | --libe=*) + libexecdir=$ac_optarg ;; + + -localedir | --localedir | --localedi | --localed | --locale) + ac_prev=localedir ;; + -localedir=* | --localedir=* | --localedi=* | --localed=* | --locale=*) + localedir=$ac_optarg ;; + + -localstatedir | --localstatedir | --localstatedi | --localstated \ + | --localstate | --localstat | --localsta | --localst | --locals) + ac_prev=localstatedir ;; + -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \ + | --localstate=* | --localstat=* | --localsta=* | --localst=* | --locals=*) + localstatedir=$ac_optarg ;; + + -mandir | --mandir | --mandi | --mand | --man | --ma | --m) + ac_prev=mandir ;; + -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*) + mandir=$ac_optarg ;; + + -nfp | --nfp | --nf) + # Obsolete; use --without-fp. + with_fp=no ;; + + -no-create | --no-create | --no-creat | --no-crea | --no-cre \ + | --no-cr | --no-c | -n) + no_create=yes ;; + + -no-recursion | --no-recursion | --no-recursio | --no-recursi \ + | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) + no_recursion=yes ;; + + -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \ + | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \ + | --oldin | --oldi | --old | --ol | --o) + ac_prev=oldincludedir ;; + -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \ + | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \ + | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*) + oldincludedir=$ac_optarg ;; + + -prefix | --prefix | --prefi | --pref | --pre | --pr | --p) + ac_prev=prefix ;; + -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*) + prefix=$ac_optarg ;; + + -program-prefix | --program-prefix | --program-prefi | --program-pref \ + | --program-pre | --program-pr | --program-p) + ac_prev=program_prefix ;; + -program-prefix=* | --program-prefix=* | --program-prefi=* \ + | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*) + program_prefix=$ac_optarg ;; + + -program-suffix | --program-suffix | --program-suffi | --program-suff \ + | --program-suf | --program-su | --program-s) + ac_prev=program_suffix ;; + -program-suffix=* | --program-suffix=* | --program-suffi=* \ + | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*) + program_suffix=$ac_optarg ;; + + -program-transform-name | --program-transform-name \ + | --program-transform-nam | --program-transform-na \ + | --program-transform-n | --program-transform- \ + | --program-transform | --program-transfor \ + | --program-transfo | --program-transf \ + | --program-trans | --program-tran \ + | --progr-tra | --program-tr | --program-t) + ac_prev=program_transform_name ;; + -program-transform-name=* | --program-transform-name=* \ + | --program-transform-nam=* | --program-transform-na=* \ + | --program-transform-n=* | --program-transform-=* \ + | --program-transform=* | --program-transfor=* \ + | --program-transfo=* | --program-transf=* \ + | --program-trans=* | --program-tran=* \ + | --progr-tra=* | --program-tr=* | --program-t=*) + program_transform_name=$ac_optarg ;; + + -pdfdir | --pdfdir | --pdfdi | --pdfd | --pdf | --pd) + ac_prev=pdfdir ;; + -pdfdir=* | --pdfdir=* | --pdfdi=* | --pdfd=* | --pdf=* | --pd=*) + pdfdir=$ac_optarg ;; + + -psdir | --psdir | --psdi | --psd | --ps) + ac_prev=psdir ;; + -psdir=* | --psdir=* | --psdi=* | --psd=* | --ps=*) + psdir=$ac_optarg ;; + + -q | -quiet | --quiet | --quie | --qui | --qu | --q \ + | -silent | --silent | --silen | --sile | --sil) + silent=yes ;; + + -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) + ac_prev=sbindir ;; + -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ + | --sbi=* | --sb=*) + sbindir=$ac_optarg ;; + + -sharedstatedir | --sharedstatedir | --sharedstatedi \ + | --sharedstated | --sharedstate | --sharedstat | --sharedsta \ + | --sharedst | --shareds | --shared | --share | --shar \ + | --sha | --sh) + ac_prev=sharedstatedir ;; + -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \ + | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \ + | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \ + | --sha=* | --sh=*) + sharedstatedir=$ac_optarg ;; + + -site | --site | --sit) + ac_prev=site ;; + -site=* | --site=* | --sit=*) + site=$ac_optarg ;; + + -srcdir | --srcdir | --srcdi | --srcd | --src | --sr) + ac_prev=srcdir ;; + -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*) + srcdir=$ac_optarg ;; + + -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \ + | --syscon | --sysco | --sysc | --sys | --sy) + ac_prev=sysconfdir ;; + -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \ + | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*) + sysconfdir=$ac_optarg ;; + + -target | --target | --targe | --targ | --tar | --ta | --t) + ac_prev=target_alias ;; + -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*) + target_alias=$ac_optarg ;; + + -v | -verbose | --verbose | --verbos | --verbo | --verb) + verbose=yes ;; + + -version | --version | --versio | --versi | --vers | -V) + ac_init_version=: ;; + + -with-* | --with-*) + ac_useropt=`expr "x$ac_option" : 'x-*with-\([^=]*\)'` + # Reject names that are not valid shell variable names. + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error $? "invalid package name: $ac_useropt" + ac_useropt_orig=$ac_useropt + ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"with_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--with-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval with_$ac_useropt=\$ac_optarg ;; + + -without-* | --without-*) + ac_useropt=`expr "x$ac_option" : 'x-*without-\(.*\)'` + # Reject names that are not valid shell variable names. + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error $? "invalid package name: $ac_useropt" + ac_useropt_orig=$ac_useropt + ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"with_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--without-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval with_$ac_useropt=no ;; + + --x) + # Obsolete; use --with-x. + with_x=yes ;; + + -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \ + | --x-incl | --x-inc | --x-in | --x-i) + ac_prev=x_includes ;; + -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \ + | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*) + x_includes=$ac_optarg ;; + + -x-libraries | --x-libraries | --x-librarie | --x-librari \ + | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l) + ac_prev=x_libraries ;; + -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \ + | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*) + x_libraries=$ac_optarg ;; + + -*) as_fn_error $? "unrecognized option: \`$ac_option' +Try \`$0 --help' for more information" + ;; + + *=*) + ac_envvar=`expr "x$ac_option" : 'x\([^=]*\)='` + # Reject names that are not valid shell variable names. + case $ac_envvar in #( + '' | [0-9]* | *[!_$as_cr_alnum]* ) + as_fn_error $? "invalid variable name: \`$ac_envvar'" ;; + esac + eval $ac_envvar=\$ac_optarg + export $ac_envvar ;; + + *) + # FIXME: should be removed in autoconf 3.0. + $as_echo "$as_me: WARNING: you should use --build, --host, --target" >&2 + expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null && + $as_echo "$as_me: WARNING: invalid host type: $ac_option" >&2 + : ${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option} + ;; + + esac +done + +if test -n "$ac_prev"; then + ac_option=--`echo $ac_prev | sed 's/_/-/g'` + as_fn_error $? "missing argument to $ac_option" +fi + +if test -n "$ac_unrecognized_opts"; then + case $enable_option_checking in + no) ;; + fatal) as_fn_error $? "unrecognized options: $ac_unrecognized_opts" ;; + *) $as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2 ;; + esac +fi + +# Check all directory arguments for consistency. +for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \ + datadir sysconfdir sharedstatedir localstatedir includedir \ + oldincludedir docdir infodir htmldir dvidir pdfdir psdir \ + libdir localedir mandir +do + eval ac_val=\$$ac_var + # Remove trailing slashes. + case $ac_val in + */ ) + ac_val=`expr "X$ac_val" : 'X\(.*[^/]\)' \| "X$ac_val" : 'X\(.*\)'` + eval $ac_var=\$ac_val;; + esac + # Be sure to have absolute directory names. + case $ac_val in + [\\/$]* | ?:[\\/]* ) continue;; + NONE | '' ) case $ac_var in *prefix ) continue;; esac;; + esac + as_fn_error $? "expected an absolute directory name for --$ac_var: $ac_val" +done + +# There might be people who depend on the old broken behavior: `$host' +# used to hold the argument of --host etc. +# FIXME: To remove some day. +build=$build_alias +host=$host_alias +target=$target_alias + +# FIXME: To remove some day. +if test "x$host_alias" != x; then + if test "x$build_alias" = x; then + cross_compiling=maybe + $as_echo "$as_me: WARNING: if you wanted to set the --build type, don't use --host. + If a cross compiler is detected then cross compile mode will be used" >&2 + elif test "x$build_alias" != "x$host_alias"; then + cross_compiling=yes + fi +fi + +ac_tool_prefix= +test -n "$host_alias" && ac_tool_prefix=$host_alias- + +test "$silent" = yes && exec 6>/dev/null + + +ac_pwd=`pwd` && test -n "$ac_pwd" && +ac_ls_di=`ls -di .` && +ac_pwd_ls_di=`cd "$ac_pwd" && ls -di .` || + as_fn_error $? "working directory cannot be determined" +test "X$ac_ls_di" = "X$ac_pwd_ls_di" || + as_fn_error $? "pwd does not report name of working directory" + + +# Find the source files, if location was not specified. +if test -z "$srcdir"; then + ac_srcdir_defaulted=yes + # Try the directory containing this script, then the parent directory. + ac_confdir=`$as_dirname -- "$as_myself" || +$as_expr X"$as_myself" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$as_myself" : 'X\(//\)[^/]' \| \ + X"$as_myself" : 'X\(//\)$' \| \ + X"$as_myself" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$as_myself" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + srcdir=$ac_confdir + if test ! -r "$srcdir/$ac_unique_file"; then + srcdir=.. + fi +else + ac_srcdir_defaulted=no +fi +if test ! -r "$srcdir/$ac_unique_file"; then + test "$ac_srcdir_defaulted" = yes && srcdir="$ac_confdir or .." + as_fn_error $? "cannot find sources ($ac_unique_file) in $srcdir" +fi +ac_msg="sources are in $srcdir, but \`cd $srcdir' does not work" +ac_abs_confdir=`( + cd "$srcdir" && test -r "./$ac_unique_file" || as_fn_error $? "$ac_msg" + pwd)` +# When building in place, set srcdir=. +if test "$ac_abs_confdir" = "$ac_pwd"; then + srcdir=. +fi +# Remove unnecessary trailing slashes from srcdir. +# Double slashes in file names in object file debugging info +# mess up M-x gdb in Emacs. +case $srcdir in +*/) srcdir=`expr "X$srcdir" : 'X\(.*[^/]\)' \| "X$srcdir" : 'X\(.*\)'`;; +esac +for ac_var in $ac_precious_vars; do + eval ac_env_${ac_var}_set=\${${ac_var}+set} + eval ac_env_${ac_var}_value=\$${ac_var} + eval ac_cv_env_${ac_var}_set=\${${ac_var}+set} + eval ac_cv_env_${ac_var}_value=\$${ac_var} +done + +# +# Report the --help message. +# +if test "$ac_init_help" = "long"; then + # Omit some internal or obsolete options to make the list less imposing. + # This message is too long to be a string in the A/UX 3.1 sh. + cat <<_ACEOF +\`configure' configures Xen Hypervisor 4.3 to adapt to many kinds of systems. + +Usage: $0 [OPTION]... [VAR=VALUE]... + +To assign environment variables (e.g., CC, CFLAGS...), specify them as +VAR=VALUE. See below for descriptions of some of the useful variables. + +Defaults for the options are specified in brackets. + +Configuration: + -h, --help display this help and exit + --help=short display options specific to this package + --help=recursive display the short help of all the included packages + -V, --version display version information and exit + -q, --quiet, --silent do not print \`checking ...' messages + --cache-file=FILE cache test results in FILE [disabled] + -C, --config-cache alias for \`--cache-file=config.cache' + -n, --no-create do not create output files + --srcdir=DIR find the sources in DIR [configure dir or \`..'] + +Installation directories: + --prefix=PREFIX install architecture-independent files in PREFIX + [$ac_default_prefix] + --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX + [PREFIX] + +By default, \`make install' will install all the files in +\`$ac_default_prefix/bin', \`$ac_default_prefix/lib' etc. You can specify +an installation prefix other than \`$ac_default_prefix' using \`--prefix', +for instance \`--prefix=\$HOME'. + +For better control, use the options below. + +Fine tuning of the installation directories: + --bindir=DIR user executables [EPREFIX/bin] + --sbindir=DIR system admin executables [EPREFIX/sbin] + --libexecdir=DIR program executables [EPREFIX/libexec] + --sysconfdir=DIR read-only single-machine data [PREFIX/etc] + --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] + --localstatedir=DIR modifiable single-machine data [PREFIX/var] + --libdir=DIR object code libraries [EPREFIX/lib] + --includedir=DIR C header files [PREFIX/include] + --oldincludedir=DIR C header files for non-gcc [/usr/include] + --datarootdir=DIR read-only arch.-independent data root [PREFIX/share] + --datadir=DIR read-only architecture-independent data [DATAROOTDIR] + --infodir=DIR info documentation [DATAROOTDIR/info] + --localedir=DIR locale-dependent data [DATAROOTDIR/locale] + --mandir=DIR man documentation [DATAROOTDIR/man] + --docdir=DIR documentation root [DATAROOTDIR/doc/xen] + --htmldir=DIR html documentation [DOCDIR] + --dvidir=DIR dvi documentation [DOCDIR] + --pdfdir=DIR pdf documentation [DOCDIR] + --psdir=DIR ps documentation [DOCDIR] +_ACEOF + + cat <<\_ACEOF +_ACEOF +fi + +if test -n "$ac_init_help"; then + case $ac_init_help in + short | recursive ) echo "Configuration of Xen Hypervisor 4.3:";; + esac + cat <<\_ACEOF + +Report bugs to . +Xen Hypervisor home page: . +_ACEOF +ac_status=$? +fi + +if test "$ac_init_help" = "recursive"; then + # If there are subdirs, report their specific --help. + for ac_dir in : $ac_subdirs_all; do test "x$ac_dir" = x: && continue + test -d "$ac_dir" || + { cd "$srcdir" && ac_pwd=`pwd` && srcdir=. && test -d "$ac_dir"; } || + continue + ac_builddir=. + +case "$ac_dir" in +.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; +*) + ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'` + # A ".." for each directory in $ac_dir_suffix. + ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` + case $ac_top_builddir_sub in + "") ac_top_builddir_sub=. ac_top_build_prefix= ;; + *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; + esac ;; +esac +ac_abs_top_builddir=$ac_pwd +ac_abs_builddir=$ac_pwd$ac_dir_suffix +# for backward compatibility: +ac_top_builddir=$ac_top_build_prefix + +case $srcdir in + .) # We are building in place. + ac_srcdir=. + ac_top_srcdir=$ac_top_builddir_sub + ac_abs_top_srcdir=$ac_pwd ;; + [\\/]* | ?:[\\/]* ) # Absolute name. + ac_srcdir=$srcdir$ac_dir_suffix; + ac_top_srcdir=$srcdir + ac_abs_top_srcdir=$srcdir ;; + *) # Relative name. + ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix + ac_top_srcdir=$ac_top_build_prefix$srcdir + ac_abs_top_srcdir=$ac_pwd/$srcdir ;; +esac +ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix + + cd "$ac_dir" || { ac_status=$?; continue; } + # Check for guested configure. + if test -f "$ac_srcdir/configure.gnu"; then + echo && + $SHELL "$ac_srcdir/configure.gnu" --help=recursive + elif test -f "$ac_srcdir/configure"; then + echo && + $SHELL "$ac_srcdir/configure" --help=recursive + else + $as_echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2 + fi || ac_status=$? + cd "$ac_pwd" || { ac_status=$?; break; } + done +fi + +test -n "$ac_init_help" && exit $ac_status +if $ac_init_version; then + cat <<\_ACEOF +Xen Hypervisor configure 4.3 +generated by GNU Autoconf 2.67 + +Copyright (C) 2010 Free Software Foundation, Inc. +This configure script is free software; the Free Software Foundation +gives unlimited permission to copy, distribute and modify it. +_ACEOF + exit +fi + +## ------------------------ ## +## Autoconf initialization. ## +## ------------------------ ## +cat >config.log <<_ACEOF +This file contains any messages produced by compilers while +running configure, to aid debugging if configure makes a mistake. + +It was created by Xen Hypervisor $as_me 4.3, which was +generated by GNU Autoconf 2.67. Invocation command line was + + $ $0 $@ + +_ACEOF +exec 5>>config.log +{ +cat <<_ASUNAME +## --------- ## +## Platform. ## +## --------- ## + +hostname = `(hostname || uname -n) 2>/dev/null | sed 1q` +uname -m = `(uname -m) 2>/dev/null || echo unknown` +uname -r = `(uname -r) 2>/dev/null || echo unknown` +uname -s = `(uname -s) 2>/dev/null || echo unknown` +uname -v = `(uname -v) 2>/dev/null || echo unknown` + +/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null || echo unknown` +/bin/uname -X = `(/bin/uname -X) 2>/dev/null || echo unknown` + +/bin/arch = `(/bin/arch) 2>/dev/null || echo unknown` +/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null || echo unknown` +/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null || echo unknown` +/usr/bin/hostinfo = `(/usr/bin/hostinfo) 2>/dev/null || echo unknown` +/bin/machine = `(/bin/machine) 2>/dev/null || echo unknown` +/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null || echo unknown` +/bin/universe = `(/bin/universe) 2>/dev/null || echo unknown` + +_ASUNAME + +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + $as_echo "PATH: $as_dir" + done +IFS=$as_save_IFS + +} >&5 + +cat >&5 <<_ACEOF + + +## ----------- ## +## Core tests. ## +## ----------- ## + +_ACEOF + + +# Keep a trace of the command line. +# Strip out --no-create and --no-recursion so they do not pile up. +# Strip out --silent because we don't want to record it for future runs. +# Also quote any args containing shell meta-characters. +# Make two passes to allow for proper duplicate-argument suppression. +ac_configure_args= +ac_configure_args0= +ac_configure_args1= +ac_must_keep_next=false +for ac_pass in 1 2 +do + for ac_arg + do + case $ac_arg in + -no-create | --no-c* | -n | -no-recursion | --no-r*) continue ;; + -q | -quiet | --quiet | --quie | --qui | --qu | --q \ + | -silent | --silent | --silen | --sile | --sil) + continue ;; + *\'*) + ac_arg=`$as_echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;; + esac + case $ac_pass in + 1) as_fn_append ac_configure_args0 " '$ac_arg'" ;; + 2) + as_fn_append ac_configure_args1 " '$ac_arg'" + if test $ac_must_keep_next = true; then + ac_must_keep_next=false # Got value, back to normal. + else + case $ac_arg in + *=* | --config-cache | -C | -disable-* | --disable-* \ + | -enable-* | --enable-* | -gas | --g* | -nfp | --nf* \ + | -q | -quiet | --q* | -silent | --sil* | -v | -verb* \ + | -with-* | --with-* | -without-* | --without-* | --x) + case "$ac_configure_args0 " in + "$ac_configure_args1"*" '$ac_arg' "* ) continue ;; + esac + ;; + -* ) ac_must_keep_next=true ;; + esac + fi + as_fn_append ac_configure_args " '$ac_arg'" + ;; + esac + done +done +{ ac_configure_args0=; unset ac_configure_args0;} +{ ac_configure_args1=; unset ac_configure_args1;} + +# When interrupted or exit'd, cleanup temporary files, and complete +# config.log. We remove comments because anyway the quotes in there +# would cause problems or look ugly. +# WARNING: Use '\'' to represent an apostrophe within the trap. +# WARNING: Do not start the trap code with a newline, due to a FreeBSD 4.0 bug. +trap 'exit_status=$? + # Save into config.log some information that might help in debugging. + { + echo + + $as_echo "## ---------------- ## +## Cache variables. ## +## ---------------- ##" + echo + # The following way of writing the cache mishandles newlines in values, +( + for ac_var in `(set) 2>&1 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`; do + eval ac_val=\$$ac_var + case $ac_val in #( + *${as_nl}*) + case $ac_var in #( + *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 +$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; + esac + case $ac_var in #( + _ | IFS | as_nl) ;; #( + BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #( + *) { eval $ac_var=; unset $ac_var;} ;; + esac ;; + esac + done + (set) 2>&1 | + case $as_nl`(ac_space='\'' '\''; set) 2>&1` in #( + *${as_nl}ac_space=\ *) + sed -n \ + "s/'\''/'\''\\\\'\'''\''/g; + s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\''\\2'\''/p" + ;; #( + *) + sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" + ;; + esac | + sort +) + echo + + $as_echo "## ----------------- ## +## Output variables. ## +## ----------------- ##" + echo + for ac_var in $ac_subst_vars + do + eval ac_val=\$$ac_var + case $ac_val in + *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; + esac + $as_echo "$ac_var='\''$ac_val'\''" + done | sort + echo + + if test -n "$ac_subst_files"; then + $as_echo "## ------------------- ## +## File substitutions. ## +## ------------------- ##" + echo + for ac_var in $ac_subst_files + do + eval ac_val=\$$ac_var + case $ac_val in + *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; + esac + $as_echo "$ac_var='\''$ac_val'\''" + done | sort + echo + fi + + if test -s confdefs.h; then + $as_echo "## ----------- ## +## confdefs.h. ## +## ----------- ##" + echo + cat confdefs.h + echo + fi + test "$ac_signal" != 0 && + $as_echo "$as_me: caught signal $ac_signal" + $as_echo "$as_me: exit $exit_status" + } >&5 + rm -f core *.core core.conftest.* && + rm -f -r conftest* confdefs* conf$$* $ac_clean_files && + exit $exit_status +' 0 +for ac_signal in 1 2 13 15; do + trap 'ac_signal='$ac_signal'; as_fn_exit 1' $ac_signal +done +ac_signal=0 + +# confdefs.h avoids OS command line length limits that DEFS can exceed. +rm -f -r conftest* confdefs.h + +$as_echo "/* confdefs.h */" > confdefs.h + +# Predefined preprocessor variables. + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_NAME "$PACKAGE_NAME" +_ACEOF + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_TARNAME "$PACKAGE_TARNAME" +_ACEOF + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_VERSION "$PACKAGE_VERSION" +_ACEOF + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_STRING "$PACKAGE_STRING" +_ACEOF + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_BUGREPORT "$PACKAGE_BUGREPORT" +_ACEOF + +cat >>confdefs.h <<_ACEOF +#define PACKAGE_URL "$PACKAGE_URL" +_ACEOF + + +# Let the site file select an alternate cache file if it wants to. +# Prefer an explicitly selected file to automatically selected ones. +ac_site_file1=NONE +ac_site_file2=NONE +if test -n "$CONFIG_SITE"; then + # We do not want a PATH search for config.site. + case $CONFIG_SITE in #(( + -*) ac_site_file1=./$CONFIG_SITE;; + */*) ac_site_file1=$CONFIG_SITE;; + *) ac_site_file1=./$CONFIG_SITE;; + esac +elif test "x$prefix" != xNONE; then + ac_site_file1=$prefix/share/config.site + ac_site_file2=$prefix/etc/config.site +else + ac_site_file1=$ac_default_prefix/share/config.site + ac_site_file2=$ac_default_prefix/etc/config.site +fi +for ac_site_file in "$ac_site_file1" "$ac_site_file2" +do + test "x$ac_site_file" = xNONE && continue + if test /dev/null != "$ac_site_file" && test -r "$ac_site_file"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: loading site script $ac_site_file" >&5 +$as_echo "$as_me: loading site script $ac_site_file" >&6;} + sed 's/^/| /' "$ac_site_file" >&5 + . "$ac_site_file" \ + || { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "failed to load site script $ac_site_file +See \`config.log' for more details" "$LINENO" 5 ; } + fi +done + +if test -r "$cache_file"; then + # Some versions of bash will fail to source /dev/null (special files + # actually), so we avoid doing that. DJGPP emulates it as a regular file. + if test /dev/null != "$cache_file" && test -f "$cache_file"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: loading cache $cache_file" >&5 +$as_echo "$as_me: loading cache $cache_file" >&6;} + case $cache_file in + [\\/]* | ?:[\\/]* ) . "$cache_file";; + *) . "./$cache_file";; + esac + fi +else + { $as_echo "$as_me:${as_lineno-$LINENO}: creating cache $cache_file" >&5 +$as_echo "$as_me: creating cache $cache_file" >&6;} + >$cache_file +fi + +# Check that the precious variables saved in the cache have kept the same +# value. +ac_cache_corrupted=false +for ac_var in $ac_precious_vars; do + eval ac_old_set=\$ac_cv_env_${ac_var}_set + eval ac_new_set=\$ac_env_${ac_var}_set + eval ac_old_val=\$ac_cv_env_${ac_var}_value + eval ac_new_val=\$ac_env_${ac_var}_value + case $ac_old_set,$ac_new_set in + set,) + { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5 +$as_echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;} + ac_cache_corrupted=: ;; + ,set) + { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was not set in the previous run" >&5 +$as_echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;} + ac_cache_corrupted=: ;; + ,);; + *) + if test "x$ac_old_val" != "x$ac_new_val"; then + # differences in whitespace do not lead to failure. + ac_old_val_w=`echo x $ac_old_val` + ac_new_val_w=`echo x $ac_new_val` + if test "$ac_old_val_w" != "$ac_new_val_w"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' has changed since the previous run:" >&5 +$as_echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;} + ac_cache_corrupted=: + else + { $as_echo "$as_me:${as_lineno-$LINENO}: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&5 +$as_echo "$as_me: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&2;} + eval $ac_var=\$ac_old_val + fi + { $as_echo "$as_me:${as_lineno-$LINENO}: former value: \`$ac_old_val'" >&5 +$as_echo "$as_me: former value: \`$ac_old_val'" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: current value: \`$ac_new_val'" >&5 +$as_echo "$as_me: current value: \`$ac_new_val'" >&2;} + fi;; + esac + # Pass precious variables to config.status. + if test "$ac_new_set" = set; then + case $ac_new_val in + *\'*) ac_arg=$ac_var=`$as_echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;; + *) ac_arg=$ac_var=$ac_new_val ;; + esac + case " $ac_configure_args " in + *" '$ac_arg' "*) ;; # Avoid dups. Use of quotes ensures accuracy. + *) as_fn_append ac_configure_args " '$ac_arg'" ;; + esac + fi +done +if $ac_cache_corrupted; then + { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: error: changes in the environment can compromise the build" >&5 +$as_echo "$as_me: error: changes in the environment can compromise the build" >&2;} + as_fn_error $? "run \`make distclean' and/or \`rm $cache_file' and start over" "$LINENO" 5 +fi +## -------------------- ## +## Main body of script. ## +## -------------------- ## + +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + + + + + +ac_aux_dir= +for ac_dir in "$srcdir" "$srcdir/.." "$srcdir/../.."; do + if test -f "$ac_dir/install-sh"; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/install-sh -c" + break + elif test -f "$ac_dir/install.sh"; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/install.sh -c" + break + elif test -f "$ac_dir/shtool"; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/shtool install -c" + break + fi +done +if test -z "$ac_aux_dir"; then + as_fn_error $? "cannot find install-sh, install.sh, or shtool in \"$srcdir\" \"$srcdir/..\" \"$srcdir/../..\"" "$LINENO" 5 +fi + +# These three variables are undocumented and unsupported, +# and are intended to be withdrawn in a future Autoconf release. +# They can cause serious problems if a builder's source tree is in a directory +# whose full name contains unusual characters. +ac_config_guess="$SHELL $ac_aux_dir/config.guess" # Please don't use this var. +ac_config_sub="$SHELL $ac_aux_dir/config.sub" # Please don't use this var. +ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var. + + + + +subdirs="$subdirs tools stubdom" + + +cat >confcache <<\_ACEOF +# This file is a shell script that caches the results of configure +# tests run on this system so they can be shared between configure +# scripts and configure runs, see configure's option --config-cache. +# It is not useful on other systems. If it contains results you don't +# want to keep, you may remove or edit it. +# +# config.status only pays attention to the cache file if you give it +# the --recheck option to rerun configure. +# +# `ac_cv_env_foo' variables (set or unset) will be overridden when +# loading this file, other *unset* `ac_cv_foo' will be assigned the +# following values. + +_ACEOF + +# The following way of writing the cache mishandles newlines in values, +# but we know of no workaround that is simple, portable, and efficient. +# So, we kill variables containing newlines. +# Ultrix sh set writes to stderr and can't be redirected directly, +# and sets the high bit in the cache file unless we assign to the vars. +( + for ac_var in `(set) 2>&1 | sed -n 's/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'`; do + eval ac_val=\$$ac_var + case $ac_val in #( + *${as_nl}*) + case $ac_var in #( + *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 +$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; + esac + case $ac_var in #( + _ | IFS | as_nl) ;; #( + BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #( + *) { eval $ac_var=; unset $ac_var;} ;; + esac ;; + esac + done + + (set) 2>&1 | + case $as_nl`(ac_space=' '; set) 2>&1` in #( + *${as_nl}ac_space=\ *) + # `set' does not quote correctly, so add quotes: double-quote + # substitution turns \\\\ into \\, and sed turns \\ into \. + sed -n \ + "s/'/'\\\\''/g; + s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\\2'/p" + ;; #( + *) + # `set' quotes correctly as required by POSIX, so do not add quotes. + sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" + ;; + esac | + sort +) | + sed ' + /^ac_cv_env_/b end + t clear + :clear + s/^\([^=]*\)=\(.*[{}].*\)$/test "${\1+set}" = set || &/ + t end + s/^\([^=]*\)=\(.*\)$/\1=${\1=\2}/ + :end' >>confcache +if diff "$cache_file" confcache >/dev/null 2>&1; then :; else + if test -w "$cache_file"; then + test "x$cache_file" != "x/dev/null" && + { $as_echo "$as_me:${as_lineno-$LINENO}: updating cache $cache_file" >&5 +$as_echo "$as_me: updating cache $cache_file" >&6;} + cat confcache >$cache_file + else + { $as_echo "$as_me:${as_lineno-$LINENO}: not updating unwritable cache $cache_file" >&5 +$as_echo "$as_me: not updating unwritable cache $cache_file" >&6;} + fi +fi +rm -f confcache + +test "x$prefix" = xNONE && prefix=$ac_default_prefix +# Let make expand exec_prefix. +test "x$exec_prefix" = xNONE && exec_prefix='${prefix}' + +# Transform confdefs.h into DEFS. +# Protect against shell expansion while executing Makefile rules. +# Protect against Makefile macro expansion. +# +# If the first sed substitution is executed (which looks for macros that +# take arguments), then branch to the quote section. Otherwise, +# look for a macro that doesn't take arguments. +ac_script=' +:mline +/\\$/{ + N + s,\\\n,, + b mline +} +t clear +:clear +s/^[ ]*#[ ]*define[ ][ ]*\([^ (][^ (]*([^)]*)\)[ ]*\(.*\)/-D\1=\2/g +t quote +s/^[ ]*#[ ]*define[ ][ ]*\([^ ][^ ]*\)[ ]*\(.*\)/-D\1=\2/g +t quote +b any +:quote +s/[ `~#$^&*(){}\\|;'\''"<>?]/\\&/g +s/\[/\\&/g +s/\]/\\&/g +s/\$/$$/g +H +:any +${ + g + s/^\n// + s/\n/ /g + p +} +' +DEFS=`sed -n "$ac_script" confdefs.h` + + +ac_libobjs= +ac_ltlibobjs= +U= +for ac_i in : $LIBOBJS; do test "x$ac_i" = x: && continue + # 1. Remove the extension, and $U if already installed. + ac_script='s/\$U\././;s/\.o$//;s/\.obj$//' + ac_i=`$as_echo "$ac_i" | sed "$ac_script"` + # 2. Prepend LIBOBJDIR. When used with automake>=1.10 LIBOBJDIR + # will be set to the directory where LIBOBJS objects are built. + as_fn_append ac_libobjs " \${LIBOBJDIR}$ac_i\$U.$ac_objext" + as_fn_append ac_ltlibobjs " \${LIBOBJDIR}$ac_i"'$U.lo' +done +LIBOBJS=$ac_libobjs + +LTLIBOBJS=$ac_ltlibobjs + + + +: ${CONFIG_STATUS=./config.status} +ac_write_fail=0 +ac_clean_files_save=$ac_clean_files +ac_clean_files="$ac_clean_files $CONFIG_STATUS" +{ $as_echo "$as_me:${as_lineno-$LINENO}: creating $CONFIG_STATUS" >&5 +$as_echo "$as_me: creating $CONFIG_STATUS" >&6;} +as_write_fail=0 +cat >$CONFIG_STATUS <<_ASEOF || as_write_fail=1 +#! $SHELL +# Generated by $as_me. +# Run this file to recreate the current configuration. +# Compiler output produced by configure, useful for debugging +# configure, is in config.log if it exists. + +debug=false +ac_cs_recheck=false +ac_cs_silent=false + +SHELL=\${CONFIG_SHELL-$SHELL} +export SHELL +_ASEOF +cat >>$CONFIG_STATUS <<\_ASEOF || as_write_fail=1 +## -------------------- ## +## M4sh Initialization. ## +## -------------------- ## + +# Be more Bourne compatible +DUALCASE=1; export DUALCASE # for MKS sh +if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : + emulate sh + NULLCMD=: + # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which + # is contrary to our usage. Disable this feature. + alias -g '${1+"$@"}'='"$@"' + setopt NO_GLOB_SUBST +else + case `(set -o) 2>/dev/null` in #( + *posix*) : + set -o posix ;; #( + *) : + ;; +esac +fi + + +as_nl=' +' +export as_nl +# Printing a long string crashes Solaris 7 /usr/bin/printf. +as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo +# Prefer a ksh shell builtin over an external printf program on Solaris, +# but without wasting forks for bash or zsh. +if test -z "$BASH_VERSION$ZSH_VERSION" \ + && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then + as_echo='print -r --' + as_echo_n='print -rn --' +elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then + as_echo='printf %s\n' + as_echo_n='printf %s' +else + if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then + as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"' + as_echo_n='/usr/ucb/echo -n' + else + as_echo_body='eval expr "X$1" : "X\\(.*\\)"' + as_echo_n_body='eval + arg=$1; + case $arg in #( + *"$as_nl"*) + expr "X$arg" : "X\\(.*\\)$as_nl"; + arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;; + esac; + expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl" + ' + export as_echo_n_body + as_echo_n='sh -c $as_echo_n_body as_echo' + fi + export as_echo_body + as_echo='sh -c $as_echo_body as_echo' +fi + +# The user is always right. +if test "${PATH_SEPARATOR+set}" != set; then + PATH_SEPARATOR=: + (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { + (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || + PATH_SEPARATOR=';' + } +fi + + +# IFS +# We need space, tab and new line, in precisely that order. Quoting is +# there to prevent editors from complaining about space-tab. +# (If _AS_PATH_WALK were called with IFS unset, it would disable word +# splitting by setting IFS to empty value.) +IFS=" "" $as_nl" + +# Find who we are. Look in the path if we contain no directory separator. +case $0 in #(( + *[\\/]* ) as_myself=$0 ;; + *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break + done +IFS=$as_save_IFS + + ;; +esac +# We did not find ourselves, most probably we were run as `sh COMMAND' +# in which case we are not to be found in the path. +if test "x$as_myself" = x; then + as_myself=$0 +fi +if test ! -f "$as_myself"; then + $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 + exit 1 +fi + +# Unset variables that we do not need and which cause bugs (e.g. in +# pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1" +# suppresses any "Segmentation fault" message there. '((' could +# trigger a bug in pdksh 5.2.14. +for as_var in BASH_ENV ENV MAIL MAILPATH +do eval test x\${$as_var+set} = xset \ + && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : +done +PS1='$ ' +PS2='> ' +PS4='+ ' + +# NLS nuisances. +LC_ALL=C +export LC_ALL +LANGUAGE=C +export LANGUAGE + +# CDPATH. +(unset CDPATH) >/dev/null 2>&1 && unset CDPATH + + +# as_fn_error STATUS ERROR [LINENO LOG_FD] +# ---------------------------------------- +# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are +# provided, also output the error to LOG_FD, referencing LINENO. Then exit the +# script with STATUS, using 1 if that was 0. +as_fn_error () +{ + as_status=$1; test $as_status -eq 0 && as_status=1 + if test "$4"; then + as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 + fi + $as_echo "$as_me: error: $2" >&2 + as_fn_exit $as_status +} # as_fn_error + + +# as_fn_set_status STATUS +# ----------------------- +# Set $? to STATUS, without forking. +as_fn_set_status () +{ + return $1 +} # as_fn_set_status + +# as_fn_exit STATUS +# ----------------- +# Exit the shell with STATUS, even in a "trap 0" or "set -e" context. +as_fn_exit () +{ + set +e + as_fn_set_status $1 + exit $1 +} # as_fn_exit + +# as_fn_unset VAR +# --------------- +# Portably unset VAR. +as_fn_unset () +{ + { eval $1=; unset $1;} +} +as_unset=as_fn_unset +# as_fn_append VAR VALUE +# ---------------------- +# Append the text in VALUE to the end of the definition contained in VAR. Take +# advantage of any shell optimizations that allow amortized linear growth over +# repeated appends, instead of the typical quadratic growth present in naive +# implementations. +if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then : + eval 'as_fn_append () + { + eval $1+=\$2 + }' +else + as_fn_append () + { + eval $1=\$$1\$2 + } +fi # as_fn_append + +# as_fn_arith ARG... +# ------------------ +# Perform arithmetic evaluation on the ARGs, and store the result in the +# global $as_val. Take advantage of shells that can avoid forks. The arguments +# must be portable across $(()) and expr. +if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then : + eval 'as_fn_arith () + { + as_val=$(( $* )) + }' +else + as_fn_arith () + { + as_val=`expr "$@" || test $? -eq 1` + } +fi # as_fn_arith + + +if expr a : '\(a\)' >/dev/null 2>&1 && + test "X`expr 00001 : '.*\(...\)'`" = X001; then + as_expr=expr +else + as_expr=false +fi + +if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then + as_basename=basename +else + as_basename=false +fi + +if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then + as_dirname=dirname +else + as_dirname=false +fi + +as_me=`$as_basename -- "$0" || +$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ + X"$0" : 'X\(//\)$' \| \ + X"$0" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X/"$0" | + sed '/^.*\/\([^/][^/]*\)\/*$/{ + s//\1/ + q + } + /^X\/\(\/\/\)$/{ + s//\1/ + q + } + /^X\/\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + +# Avoid depending upon Character Ranges. +as_cr_letters='abcdefghijklmnopqrstuvwxyz' +as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' +as_cr_Letters=$as_cr_letters$as_cr_LETTERS +as_cr_digits='0123456789' +as_cr_alnum=$as_cr_Letters$as_cr_digits + +ECHO_C= ECHO_N= ECHO_T= +case `echo -n x` in #((((( +-n*) + case `echo 'xy\c'` in + *c*) ECHO_T=' ';; # ECHO_T is single tab character. + xy) ECHO_C='\c';; + *) echo `echo ksh88 bug on AIX 6.1` > /dev/null + ECHO_T=' ';; + esac;; +*) + ECHO_N='-n';; +esac + +rm -f conf$$ conf$$.exe conf$$.file +if test -d conf$$.dir; then + rm -f conf$$.dir/conf$$.file +else + rm -f conf$$.dir + mkdir conf$$.dir 2>/dev/null +fi +if (echo >conf$$.file) 2>/dev/null; then + if ln -s conf$$.file conf$$ 2>/dev/null; then + as_ln_s='ln -s' + # ... but there are two gotchas: + # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. + # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. + # In both cases, we have to default to `cp -p'. + ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || + as_ln_s='cp -p' + elif ln conf$$.file conf$$ 2>/dev/null; then + as_ln_s=ln + else + as_ln_s='cp -p' + fi +else + as_ln_s='cp -p' +fi +rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file +rmdir conf$$.dir 2>/dev/null + + +# as_fn_mkdir_p +# ------------- +# Create "$as_dir" as a directory, including parents if necessary. +as_fn_mkdir_p () +{ + + case $as_dir in #( + -*) as_dir=./$as_dir;; + esac + test -d "$as_dir" || eval $as_mkdir_p || { + as_dirs= + while :; do + case $as_dir in #( + *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( + *) as_qdir=$as_dir;; + esac + as_dirs="'$as_qdir' $as_dirs" + as_dir=`$as_dirname -- "$as_dir" || +$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$as_dir" : 'X\(//\)[^/]' \| \ + X"$as_dir" : 'X\(//\)$' \| \ + X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$as_dir" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + test -d "$as_dir" && break + done + test -z "$as_dirs" || eval "mkdir $as_dirs" + } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" + + +} # as_fn_mkdir_p +if mkdir -p . 2>/dev/null; then + as_mkdir_p='mkdir -p "$as_dir"' +else + test -d ./-p && rmdir ./-p + as_mkdir_p=false +fi + +if test -x / >/dev/null 2>&1; then + as_test_x='test -x' +else + if ls -dL / >/dev/null 2>&1; then + as_ls_L_option=L + else + as_ls_L_option= + fi + as_test_x=' + eval sh -c '\'' + if test -d "$1"; then + test -d "$1/."; + else + case $1 in #( + -*)set "./$1";; + esac; + case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in #(( + ???[sx]*):;;*)false;;esac;fi + '\'' sh + ' +fi +as_executable_p=$as_test_x + +# Sed expression to map a string onto a valid CPP name. +as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" + +# Sed expression to map a string onto a valid variable name. +as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" + + +exec 6>&1 +## ----------------------------------- ## +## Main body of $CONFIG_STATUS script. ## +## ----------------------------------- ## +_ASEOF +test $as_write_fail = 0 && chmod +x $CONFIG_STATUS || ac_write_fail=1 + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +# Save the log message, to keep $0 and so on meaningful, and to +# report actual input values of CONFIG_FILES etc. instead of their +# values after options handling. +ac_log=" +This file was extended by Xen Hypervisor $as_me 4.3, which was +generated by GNU Autoconf 2.67. Invocation command line was + + CONFIG_FILES = $CONFIG_FILES + CONFIG_HEADERS = $CONFIG_HEADERS + CONFIG_LINKS = $CONFIG_LINKS + CONFIG_COMMANDS = $CONFIG_COMMANDS + $ $0 $@ + +on `(hostname || uname -n) 2>/dev/null | sed 1q` +" + +_ACEOF + + + + +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +# Files that config.status was made for. + +_ACEOF + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +ac_cs_usage="\ +\`$as_me' instantiates files and other configuration actions +from templates according to the current configuration. Unless the files +and actions are specified as TAGs, all are instantiated by default. + +Usage: $0 [OPTION]... [TAG]... + + -h, --help print this help, then exit + -V, --version print version number and configuration settings, then exit + --config print configuration, then exit + -q, --quiet, --silent + do not print progress messages + -d, --debug don't remove temporary files + --recheck update $as_me by reconfiguring in the same conditions + +Report bugs to . +Xen Hypervisor home page: ." + +_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" +ac_cs_version="\\ +Xen Hypervisor config.status 4.3 +configured by $0, generated by GNU Autoconf 2.67, + with options \\"\$ac_cs_config\\" + +Copyright (C) 2010 Free Software Foundation, Inc. +This config.status script is free software; the Free Software Foundation +gives unlimited permission to copy, distribute and modify it." + +ac_pwd='$ac_pwd' +srcdir='$srcdir' +test -n "\$AWK" || AWK=awk +_ACEOF + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +# The default lists apply if the user does not specify any file. +ac_need_defaults=: +while test $# != 0 +do + case $1 in + --*=?*) + ac_option=`expr "X$1" : 'X\([^=]*\)='` + ac_optarg=`expr "X$1" : 'X[^=]*=\(.*\)'` + ac_shift=: + ;; + --*=) + ac_option=`expr "X$1" : 'X\([^=]*\)='` + ac_optarg= + ac_shift=: + ;; + *) + ac_option=$1 + ac_optarg=$2 + ac_shift=shift + ;; + esac + + case $ac_option in + # Handling of the options. + -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r) + ac_cs_recheck=: ;; + --version | --versio | --versi | --vers | --ver | --ve | --v | -V ) + $as_echo "$ac_cs_version"; exit ;; + --config | --confi | --conf | --con | --co | --c ) + $as_echo "$ac_cs_config"; exit ;; + --debug | --debu | --deb | --de | --d | -d ) + debug=: ;; + --he | --h | --help | --hel | -h ) + $as_echo "$ac_cs_usage"; exit ;; + -q | -quiet | --quiet | --quie | --qui | --qu | --q \ + | -silent | --silent | --silen | --sile | --sil | --si | --s) + ac_cs_silent=: ;; + + # This is an error. + -*) as_fn_error $? "unrecognized option: \`$1' +Try \`$0 --help' for more information." ;; + + *) as_fn_append ac_config_targets " $1" + ac_need_defaults=false ;; + + esac + shift +done + +ac_configure_extra_args= + +if $ac_cs_silent; then + exec 6>/dev/null + ac_configure_extra_args="$ac_configure_extra_args --silent" +fi + +_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +if \$ac_cs_recheck; then + set X '$SHELL' '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion + shift + \$as_echo "running CONFIG_SHELL=$SHELL \$*" >&6 + CONFIG_SHELL='$SHELL' + export CONFIG_SHELL + exec "\$@" +fi + +_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +exec 5>>config.log +{ + echo + sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX +## Running $as_me. ## +_ASBOX + $as_echo "$ac_log" +} >&5 + +_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +_ACEOF + +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 + +# Handling of arguments. +for ac_config_target in $ac_config_targets +do + case $ac_config_target in + + *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5 ;; + esac +done + + +as_fn_exit 0 +_ACEOF +ac_clean_files=$ac_clean_files_save + +test $ac_write_fail = 0 || + as_fn_error $? "write failure creating $CONFIG_STATUS" "$LINENO" 5 + + +# configure is writing to config.log, and then calls config.status. +# config.status does its own redirection, appending to config.log. +# Unfortunately, on DOS this fails, as config.log is still kept open +# by configure, so config.status won't be able to write to it; its +# output is simply discarded. So we exec the FD to /dev/null, +# effectively closing config.log, so it can be properly (re)opened and +# appended to by config.status. When coming back to configure, we +# need to make the FD available again. +if test "$no_create" != yes; then + ac_cs_success=: + ac_config_status_args= + test "$silent" = yes && + ac_config_status_args="$ac_config_status_args --quiet" + exec 5>/dev/null + $SHELL $CONFIG_STATUS $ac_config_status_args || ac_cs_success=false + exec 5>>config.log + # Use ||, not &&, to avoid exiting from the if with $? = 1, which + # would make configure fail if this is the last instruction. + $ac_cs_success || as_fn_exit 1 +fi + +# +# CONFIG_SUBDIRS section. +# +if test "$no_recursion" != yes; then + + # Remove --cache-file, --srcdir, and --disable-option-checking arguments + # so they do not pile up. + ac_sub_configure_args= + ac_prev= + eval "set x $ac_configure_args" + shift + for ac_arg + do + if test -n "$ac_prev"; then + ac_prev= + continue + fi + case $ac_arg in + -cache-file | --cache-file | --cache-fil | --cache-fi \ + | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c) + ac_prev=cache_file ;; + -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \ + | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* \ + | --c=*) + ;; + --config-cache | -C) + ;; + -srcdir | --srcdir | --srcdi | --srcd | --src | --sr) + ac_prev=srcdir ;; + -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*) + ;; + -prefix | --prefix | --prefi | --pref | --pre | --pr | --p) + ac_prev=prefix ;; + -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*) + ;; + --disable-option-checking) + ;; + *) + case $ac_arg in + *\'*) ac_arg=`$as_echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;; + esac + as_fn_append ac_sub_configure_args " '$ac_arg'" ;; + esac + done + + # Always prepend --prefix to ensure using the same prefix + # in subdir configurations. + ac_arg="--prefix=$prefix" + case $ac_arg in + *\'*) ac_arg=`$as_echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;; + esac + ac_sub_configure_args="'$ac_arg' $ac_sub_configure_args" + + # Pass --silent + if test "$silent" = yes; then + ac_sub_configure_args="--silent $ac_sub_configure_args" + fi + + # Always prepend --disable-option-checking to silence warnings, since + # different subdirs can have different --enable and --with options. + ac_sub_configure_args="--disable-option-checking $ac_sub_configure_args" + + ac_popdir=`pwd` + for ac_dir in : $subdirs; do test "x$ac_dir" = x: && continue + + # Do not complain, so a configure script can configure whichever + # parts of a large source tree are present. + test -d "$srcdir/$ac_dir" || continue + + ac_msg="=== configuring in $ac_dir (`pwd`/$ac_dir)" + $as_echo "$as_me:${as_lineno-$LINENO}: $ac_msg" >&5 + $as_echo "$ac_msg" >&6 + as_dir="$ac_dir"; as_fn_mkdir_p + ac_builddir=. + +case "$ac_dir" in +.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; +*) + ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'` + # A ".." for each directory in $ac_dir_suffix. + ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` + case $ac_top_builddir_sub in + "") ac_top_builddir_sub=. ac_top_build_prefix= ;; + *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; + esac ;; +esac +ac_abs_top_builddir=$ac_pwd +ac_abs_builddir=$ac_pwd$ac_dir_suffix +# for backward compatibility: +ac_top_builddir=$ac_top_build_prefix + +case $srcdir in + .) # We are building in place. + ac_srcdir=. + ac_top_srcdir=$ac_top_builddir_sub + ac_abs_top_srcdir=$ac_pwd ;; + [\\/]* | ?:[\\/]* ) # Absolute name. + ac_srcdir=$srcdir$ac_dir_suffix; + ac_top_srcdir=$srcdir + ac_abs_top_srcdir=$srcdir ;; + *) # Relative name. + ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix + ac_top_srcdir=$ac_top_build_prefix$srcdir + ac_abs_top_srcdir=$ac_pwd/$srcdir ;; +esac +ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix + + + cd "$ac_dir" + + # Check for guested configure; otherwise get Cygnus style configure. + if test -f "$ac_srcdir/configure.gnu"; then + ac_sub_configure=$ac_srcdir/configure.gnu + elif test -f "$ac_srcdir/configure"; then + ac_sub_configure=$ac_srcdir/configure + elif test -f "$ac_srcdir/configure.in"; then + # This should be Cygnus configure. + ac_sub_configure=$ac_aux_dir/configure + else + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: no configuration information is in $ac_dir" >&5 +$as_echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2;} + ac_sub_configure= + fi + + # The recursion is here. + if test -n "$ac_sub_configure"; then + # Make the cache file name correct relative to the subdirectory. + case $cache_file in + [\\/]* | ?:[\\/]* ) ac_sub_cache_file=$cache_file ;; + *) # Relative name. + ac_sub_cache_file=$ac_top_build_prefix$cache_file ;; + esac + + { $as_echo "$as_me:${as_lineno-$LINENO}: running $SHELL $ac_sub_configure $ac_sub_configure_args --cache-file=$ac_sub_cache_file --srcdir=$ac_srcdir" >&5 +$as_echo "$as_me: running $SHELL $ac_sub_configure $ac_sub_configure_args --cache-file=$ac_sub_cache_file --srcdir=$ac_srcdir" >&6;} + # The eval makes quoting arguments work. + eval "\$SHELL \"\$ac_sub_configure\" $ac_sub_configure_args \ + --cache-file=\"\$ac_sub_cache_file\" --srcdir=\"\$ac_srcdir\"" || + as_fn_error $? "$ac_sub_configure failed for $ac_dir" "$LINENO" 5 + fi + + cd "$ac_popdir" + done +fi +if test -n "$ac_unrecognized_opts" && test "$enable_option_checking" != no; then + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: unrecognized options: $ac_unrecognized_opts" >&5 +$as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2;} +fi + diff -r e1d7053e4d45 -r 76dce3b9468e configure.ac --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/configure.ac Fri Jan 18 10:55:48 2013 +0000 @@ -0,0 +1,12 @@ +# -*- Autoconf -*- +# Process this file with autoconf to produce a configure script. + +AC_PREREQ([2.67]) +AC_INIT([Xen Hypervisor], m4_esyscmd([./version.sh ./xen/Makefile]), + [xen-devel@lists.xen.org], [xen], [http://www.xen.org/]) +AC_CONFIG_SRCDIR([./xen/common/kernel.c]) +AC_PREFIX_DEFAULT([/usr]) + +AC_CONFIG_SUBDIRS([tools stubdom]) + +AC_OUTPUT() diff -r e1d7053e4d45 -r 76dce3b9468e tools/config.guess --- a/tools/config.guess Fri Jan 18 10:55:47 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,1502 +0,0 @@ -#! /bin/sh -# Attempt to guess a canonical system name. -# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, -# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 -# Free Software Foundation, Inc. - -timestamp='2009-12-30' - -# This file is free software; you can redistribute it and/or modify it -# under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA -# 02110-1301, USA. -# -# As a special exception to the GNU General Public License, if you -# distribute this file as part of a program that contains a -# configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that program. - - -# Originally written by Per Bothner. Please send patches (context -# diff format) to and include a ChangeLog -# entry. -# -# This script attempts to guess a canonical system name similar to -# config.sub. If it succeeds, it prints the system name on stdout, and -# exits with 0. Otherwise, it exits with 1. -# -# You can get the latest version of this script from: -# http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess;hb=HEAD - -me=`echo "$0" | sed -e 's,.*/,,'` - -usage="\ -Usage: $0 [OPTION] - -Output the configuration name of the system \`$me' is run on. - -Operation modes: - -h, --help print this help, then exit - -t, --time-stamp print date of last modification, then exit - -v, --version print version number, then exit - -Report bugs and patches to ." - -version="\ -GNU config.guess ($timestamp) - -Originally written by Per Bothner. -Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, -2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free -Software Foundation, Inc. - -This is free software; see the source for copying conditions. There is NO -warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." - -help=" -Try \`$me --help' for more information." - -# Parse command line -while test $# -gt 0 ; do - case $1 in - --time-stamp | --time* | -t ) - echo "$timestamp" ; exit ;; - --version | -v ) - echo "$version" ; exit ;; - --help | --h* | -h ) - echo "$usage"; exit ;; - -- ) # Stop option processing - shift; break ;; - - ) # Use stdin as input. - break ;; - -* ) - echo "$me: invalid option $1$help" >&2 - exit 1 ;; - * ) - break ;; - esac -done - -if test $# != 0; then - echo "$me: too many arguments$help" >&2 - exit 1 -fi - -trap 'exit 1' 1 2 15 - -# CC_FOR_BUILD -- compiler used by this script. Note that the use of a -# compiler to aid in system detection is discouraged as it requires -# temporary files to be created and, as you can see below, it is a -# headache to deal with in a portable fashion. - -# Historically, `CC_FOR_BUILD' used to be named `HOST_CC'. We still -# use `HOST_CC' if defined, but it is deprecated. - -# Portable tmp directory creation inspired by the Autoconf team. - -set_cc_for_build=' -trap "exitcode=\$?; (rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null) && exit \$exitcode" 0 ; -trap "rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null; exit 1" 1 2 13 15 ; -: ${TMPDIR=/tmp} ; - { tmp=`(umask 077 && mktemp -d "$TMPDIR/cgXXXXXX") 2>/dev/null` && test -n "$tmp" && test -d "$tmp" ; } || - { test -n "$RANDOM" && tmp=$TMPDIR/cg$$-$RANDOM && (umask 077 && mkdir $tmp) ; } || - { tmp=$TMPDIR/cg-$$ && (umask 077 && mkdir $tmp) && echo "Warning: creating insecure temp directory" >&2 ; } || - { echo "$me: cannot create a temporary directory in $TMPDIR" >&2 ; exit 1 ; } ; -dummy=$tmp/dummy ; -tmpfiles="$dummy.c $dummy.o $dummy.rel $dummy" ; -case $CC_FOR_BUILD,$HOST_CC,$CC in - ,,) echo "int x;" > $dummy.c ; - for c in cc gcc c89 c99 ; do - if ($c -c -o $dummy.o $dummy.c) >/dev/null 2>&1 ; then - CC_FOR_BUILD="$c"; break ; - fi ; - done ; - if test x"$CC_FOR_BUILD" = x ; then - CC_FOR_BUILD=no_compiler_found ; - fi - ;; - ,,*) CC_FOR_BUILD=$CC ;; - ,*,*) CC_FOR_BUILD=$HOST_CC ;; -esac ; set_cc_for_build= ;' - -# This is needed to find uname on a Pyramid OSx when run in the BSD universe. -# (ghazi@noc.rutgers.edu 1994-08-24) -if (test -f /.attbin/uname) >/dev/null 2>&1 ; then - PATH=$PATH:/.attbin ; export PATH -fi - -UNAME_MACHINE=`(uname -m) 2>/dev/null` || UNAME_MACHINE=unknown -UNAME_RELEASE=`(uname -r) 2>/dev/null` || UNAME_RELEASE=unknown -UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown -UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown - -# Note: order is significant - the case branches are not exclusive. - -case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in - *:NetBSD:*:*) - # NetBSD (nbsd) targets should (where applicable) match one or - # more of the tupples: *-*-netbsdelf*, *-*-netbsdaout*, - # *-*-netbsdecoff* and *-*-netbsd*. For targets that recently - # switched to ELF, *-*-netbsd* would select the old - # object file format. This provides both forward - # compatibility and a consistent mechanism for selecting the - # object file format. - # - # Note: NetBSD doesn't particularly care about the vendor - # portion of the name. We always set it to "unknown". - sysctl="sysctl -n hw.machine_arch" - UNAME_MACHINE_ARCH=`(/sbin/$sysctl 2>/dev/null || \ - /usr/sbin/$sysctl 2>/dev/null || echo unknown)` - case "${UNAME_MACHINE_ARCH}" in - armeb) machine=armeb-unknown ;; - arm*) machine=arm-unknown ;; - sh3el) machine=shl-unknown ;; - sh3eb) machine=sh-unknown ;; - sh5el) machine=sh5le-unknown ;; - *) machine=${UNAME_MACHINE_ARCH}-unknown ;; - esac - # The Operating System including object format, if it has switched - # to ELF recently, or will in the future. - case "${UNAME_MACHINE_ARCH}" in - arm*|i386|m68k|ns32k|sh3*|sparc|vax) - eval $set_cc_for_build - if echo __ELF__ | $CC_FOR_BUILD -E - 2>/dev/null \ - | grep -q __ELF__ - then - # Once all utilities can be ECOFF (netbsdecoff) or a.out (netbsdaout). - # Return netbsd for either. FIX? - os=netbsd - else - os=netbsdelf - fi - ;; - *) - os=netbsd - ;; - esac - # The OS release - # Debian GNU/NetBSD machines have a different userland, and - # thus, need a distinct triplet. However, they do not need - # kernel version information, so it can be replaced with a - # suitable tag, in the style of linux-gnu. - case "${UNAME_VERSION}" in - Debian*) - release='-gnu' - ;; - *) - release=`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'` - ;; - esac - # Since CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM: - # contains redundant information, the shorter form: - # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used. - echo "${machine}-${os}${release}" - exit ;; - *:OpenBSD:*:*) - UNAME_MACHINE_ARCH=`arch | sed 's/OpenBSD.//'` - echo ${UNAME_MACHINE_ARCH}-unknown-openbsd${UNAME_RELEASE} - exit ;; - *:ekkoBSD:*:*) - echo ${UNAME_MACHINE}-unknown-ekkobsd${UNAME_RELEASE} - exit ;; - *:SolidBSD:*:*) - echo ${UNAME_MACHINE}-unknown-solidbsd${UNAME_RELEASE} - exit ;; - macppc:MirBSD:*:*) - echo powerpc-unknown-mirbsd${UNAME_RELEASE} - exit ;; - *:MirBSD:*:*) - echo ${UNAME_MACHINE}-unknown-mirbsd${UNAME_RELEASE} - exit ;; - alpha:OSF1:*:*) - case $UNAME_RELEASE in - *4.0) - UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'` - ;; - *5.*) - UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $4}'` - ;; - esac - # According to Compaq, /usr/sbin/psrinfo has been available on - # OSF/1 and Tru64 systems produced since 1995. I hope that - # covers most systems running today. This code pipes the CPU - # types through head -n 1, so we only detect the type of CPU 0. - ALPHA_CPU_TYPE=`/usr/sbin/psrinfo -v | sed -n -e 's/^ The alpha \(.*\) processor.*$/\1/p' | head -n 1` - case "$ALPHA_CPU_TYPE" in - "EV4 (21064)") - UNAME_MACHINE="alpha" ;; - "EV4.5 (21064)") - UNAME_MACHINE="alpha" ;; - "LCA4 (21066/21068)") - UNAME_MACHINE="alpha" ;; - "EV5 (21164)") - UNAME_MACHINE="alphaev5" ;; - "EV5.6 (21164A)") - UNAME_MACHINE="alphaev56" ;; - "EV5.6 (21164PC)") - UNAME_MACHINE="alphapca56" ;; - "EV5.7 (21164PC)") - UNAME_MACHINE="alphapca57" ;; - "EV6 (21264)") - UNAME_MACHINE="alphaev6" ;; - "EV6.7 (21264A)") - UNAME_MACHINE="alphaev67" ;; - "EV6.8CB (21264C)") - UNAME_MACHINE="alphaev68" ;; - "EV6.8AL (21264B)") - UNAME_MACHINE="alphaev68" ;; - "EV6.8CX (21264D)") - UNAME_MACHINE="alphaev68" ;; - "EV6.9A (21264/EV69A)") - UNAME_MACHINE="alphaev69" ;; - "EV7 (21364)") - UNAME_MACHINE="alphaev7" ;; - "EV7.9 (21364A)") - UNAME_MACHINE="alphaev79" ;; - esac - # A Pn.n version is a patched version. - # A Vn.n version is a released version. - # A Tn.n version is a released field test version. - # A Xn.n version is an unreleased experimental baselevel. - # 1.2 uses "1.2" for uname -r. - echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[PVTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` - exit ;; - Alpha\ *:Windows_NT*:*) - # How do we know it's Interix rather than the generic POSIX subsystem? - # Should we change UNAME_MACHINE based on the output of uname instead - # of the specific Alpha model? - echo alpha-pc-interix - exit ;; - 21064:Windows_NT:50:3) - echo alpha-dec-winnt3.5 - exit ;; - Amiga*:UNIX_System_V:4.0:*) - echo m68k-unknown-sysv4 - exit ;; - *:[Aa]miga[Oo][Ss]:*:*) - echo ${UNAME_MACHINE}-unknown-amigaos - exit ;; - *:[Mm]orph[Oo][Ss]:*:*) - echo ${UNAME_MACHINE}-unknown-morphos - exit ;; - *:OS/390:*:*) - echo i370-ibm-openedition - exit ;; - *:z/VM:*:*) - echo s390-ibm-zvmoe - exit ;; - *:OS400:*:*) - echo powerpc-ibm-os400 - exit ;; - arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*) - echo arm-acorn-riscix${UNAME_RELEASE} - exit ;; - arm:riscos:*:*|arm:RISCOS:*:*) - echo arm-unknown-riscos - exit ;; - SR2?01:HI-UX/MPP:*:* | SR8000:HI-UX/MPP:*:*) - echo hppa1.1-hitachi-hiuxmpp - exit ;; - Pyramid*:OSx*:*:* | MIS*:OSx*:*:* | MIS*:SMP_DC-OSx*:*:*) - # akee@wpdis03.wpafb.af.mil (Earle F. Ake) contributed MIS and NILE. - if test "`(/bin/universe) 2>/dev/null`" = att ; then - echo pyramid-pyramid-sysv3 - else - echo pyramid-pyramid-bsd - fi - exit ;; - NILE*:*:*:dcosx) - echo pyramid-pyramid-svr4 - exit ;; - DRS?6000:unix:4.0:6*) - echo sparc-icl-nx6 - exit ;; - DRS?6000:UNIX_SV:4.2*:7* | DRS?6000:isis:4.2*:7*) - case `/usr/bin/uname -p` in - sparc) echo sparc-icl-nx7; exit ;; - esac ;; - s390x:SunOS:*:*) - echo ${UNAME_MACHINE}-ibm-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit ;; - sun4H:SunOS:5.*:*) - echo sparc-hal-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit ;; - sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*) - echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit ;; - i86pc:AuroraUX:5.*:* | i86xen:AuroraUX:5.*:*) - echo i386-pc-auroraux${UNAME_RELEASE} - exit ;; - i86pc:SunOS:5.*:* | i86xen:SunOS:5.*:*) - eval $set_cc_for_build - SUN_ARCH="i386" - # If there is a compiler, see if it is configured for 64-bit objects. - # Note that the Sun cc does not turn __LP64__ into 1 like gcc does. - # This test works for both compilers. - if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then - if (echo '#ifdef __amd64'; echo IS_64BIT_ARCH; echo '#endif') | \ - (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \ - grep IS_64BIT_ARCH >/dev/null - then - SUN_ARCH="x86_64" - fi - fi - echo ${SUN_ARCH}-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit ;; - sun4*:SunOS:6*:*) - # According to config.sub, this is the proper way to canonicalize - # SunOS6. Hard to guess exactly what SunOS6 will be like, but - # it's likely to be more like Solaris than SunOS4. - echo sparc-sun-solaris3`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit ;; - sun4*:SunOS:*:*) - case "`/usr/bin/arch -k`" in - Series*|S4*) - UNAME_RELEASE=`uname -v` - ;; - esac - # Japanese Language versions have a version number like `4.1.3-JL'. - echo sparc-sun-sunos`echo ${UNAME_RELEASE}|sed -e 's/-/_/'` - exit ;; - sun3*:SunOS:*:*) - echo m68k-sun-sunos${UNAME_RELEASE} - exit ;; - sun*:*:4.2BSD:*) - UNAME_RELEASE=`(sed 1q /etc/motd | awk '{print substr($5,1,3)}') 2>/dev/null` - test "x${UNAME_RELEASE}" = "x" && UNAME_RELEASE=3 - case "`/bin/arch`" in - sun3) - echo m68k-sun-sunos${UNAME_RELEASE} - ;; - sun4) - echo sparc-sun-sunos${UNAME_RELEASE} - ;; - esac - exit ;; - aushp:SunOS:*:*) - echo sparc-auspex-sunos${UNAME_RELEASE} - exit ;; - # The situation for MiNT is a little confusing. The machine name - # can be virtually everything (everything which is not - # "atarist" or "atariste" at least should have a processor - # > m68000). The system name ranges from "MiNT" over "FreeMiNT" - # to the lowercase version "mint" (or "freemint"). Finally - # the system name "TOS" denotes a system which is actually not - # MiNT. But MiNT is downward compatible to TOS, so this should - # be no problem. - atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*) - echo m68k-atari-mint${UNAME_RELEASE} - exit ;; - atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*) - echo m68k-atari-mint${UNAME_RELEASE} - exit ;; - *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*) - echo m68k-atari-mint${UNAME_RELEASE} - exit ;; - milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*) - echo m68k-milan-mint${UNAME_RELEASE} - exit ;; - hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*) - echo m68k-hades-mint${UNAME_RELEASE} - exit ;; - *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*) - echo m68k-unknown-mint${UNAME_RELEASE} - exit ;; - m68k:machten:*:*) - echo m68k-apple-machten${UNAME_RELEASE} - exit ;; - powerpc:machten:*:*) - echo powerpc-apple-machten${UNAME_RELEASE} - exit ;; - RISC*:Mach:*:*) - echo mips-dec-mach_bsd4.3 - exit ;; - RISC*:ULTRIX:*:*) - echo mips-dec-ultrix${UNAME_RELEASE} - exit ;; - VAX*:ULTRIX*:*:*) - echo vax-dec-ultrix${UNAME_RELEASE} - exit ;; - 2020:CLIX:*:* | 2430:CLIX:*:*) - echo clipper-intergraph-clix${UNAME_RELEASE} - exit ;; - mips:*:*:UMIPS | mips:*:*:RISCos) - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c -#ifdef __cplusplus -#include /* for printf() prototype */ - int main (int argc, char *argv[]) { -#else - int main (argc, argv) int argc; char *argv[]; { -#endif - #if defined (host_mips) && defined (MIPSEB) - #if defined (SYSTYPE_SYSV) - printf ("mips-mips-riscos%ssysv\n", argv[1]); exit (0); - #endif - #if defined (SYSTYPE_SVR4) - printf ("mips-mips-riscos%ssvr4\n", argv[1]); exit (0); - #endif - #if defined (SYSTYPE_BSD43) || defined(SYSTYPE_BSD) - printf ("mips-mips-riscos%sbsd\n", argv[1]); exit (0); - #endif - #endif - exit (-1); - } -EOF - $CC_FOR_BUILD -o $dummy $dummy.c && - dummyarg=`echo "${UNAME_RELEASE}" | sed -n 's/\([0-9]*\).*/\1/p'` && - SYSTEM_NAME=`$dummy $dummyarg` && - { echo "$SYSTEM_NAME"; exit; } - echo mips-mips-riscos${UNAME_RELEASE} - exit ;; - Motorola:PowerMAX_OS:*:*) - echo powerpc-motorola-powermax - exit ;; - Motorola:*:4.3:PL8-*) - echo powerpc-harris-powermax - exit ;; - Night_Hawk:*:*:PowerMAX_OS | Synergy:PowerMAX_OS:*:*) - echo powerpc-harris-powermax - exit ;; - Night_Hawk:Power_UNIX:*:*) - echo powerpc-harris-powerunix - exit ;; - m88k:CX/UX:7*:*) - echo m88k-harris-cxux7 - exit ;; - m88k:*:4*:R4*) - echo m88k-motorola-sysv4 - exit ;; - m88k:*:3*:R3*) - echo m88k-motorola-sysv3 - exit ;; - AViiON:dgux:*:*) - # DG/UX returns AViiON for all architectures - UNAME_PROCESSOR=`/usr/bin/uname -p` - if [ $UNAME_PROCESSOR = mc88100 ] || [ $UNAME_PROCESSOR = mc88110 ] - then - if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx ] || \ - [ ${TARGET_BINARY_INTERFACE}x = x ] - then - echo m88k-dg-dgux${UNAME_RELEASE} - else - echo m88k-dg-dguxbcs${UNAME_RELEASE} - fi - else - echo i586-dg-dgux${UNAME_RELEASE} - fi - exit ;; - M88*:DolphinOS:*:*) # DolphinOS (SVR3) - echo m88k-dolphin-sysv3 - exit ;; - M88*:*:R3*:*) - # Delta 88k system running SVR3 - echo m88k-motorola-sysv3 - exit ;; - XD88*:*:*:*) # Tektronix XD88 system running UTekV (SVR3) - echo m88k-tektronix-sysv3 - exit ;; - Tek43[0-9][0-9]:UTek:*:*) # Tektronix 4300 system running UTek (BSD) - echo m68k-tektronix-bsd - exit ;; - *:IRIX*:*:*) - echo mips-sgi-irix`echo ${UNAME_RELEASE}|sed -e 's/-/_/g'` - exit ;; - ????????:AIX?:[12].1:2) # AIX 2.2.1 or AIX 2.1.1 is RT/PC AIX. - echo romp-ibm-aix # uname -m gives an 8 hex-code CPU id - exit ;; # Note that: echo "'`uname -s`'" gives 'AIX ' - i*86:AIX:*:*) - echo i386-ibm-aix - exit ;; - ia64:AIX:*:*) - if [ -x /usr/bin/oslevel ] ; then - IBM_REV=`/usr/bin/oslevel` - else - IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE} - fi - echo ${UNAME_MACHINE}-ibm-aix${IBM_REV} - exit ;; - *:AIX:2:3) - if grep bos325 /usr/include/stdio.h >/dev/null 2>&1; then - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c - #include - - main() - { - if (!__power_pc()) - exit(1); - puts("powerpc-ibm-aix3.2.5"); - exit(0); - } -EOF - if $CC_FOR_BUILD -o $dummy $dummy.c && SYSTEM_NAME=`$dummy` - then - echo "$SYSTEM_NAME" - else - echo rs6000-ibm-aix3.2.5 - fi - elif grep bos324 /usr/include/stdio.h >/dev/null 2>&1; then - echo rs6000-ibm-aix3.2.4 - else - echo rs6000-ibm-aix3.2 - fi - exit ;; - *:AIX:*:[456]) - IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | sed 1q | awk '{ print $1 }'` - if /usr/sbin/lsattr -El ${IBM_CPU_ID} | grep ' POWER' >/dev/null 2>&1; then - IBM_ARCH=rs6000 - else - IBM_ARCH=powerpc - fi - if [ -x /usr/bin/oslevel ] ; then - IBM_REV=`/usr/bin/oslevel` - else - IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE} - fi - echo ${IBM_ARCH}-ibm-aix${IBM_REV} - exit ;; - *:AIX:*:*) - echo rs6000-ibm-aix - exit ;; - ibmrt:4.4BSD:*|romp-ibm:BSD:*) - echo romp-ibm-bsd4.4 - exit ;; - ibmrt:*BSD:*|romp-ibm:BSD:*) # covers RT/PC BSD and - echo romp-ibm-bsd${UNAME_RELEASE} # 4.3 with uname added to - exit ;; # report: romp-ibm BSD 4.3 - *:BOSX:*:*) - echo rs6000-bull-bosx - exit ;; - DPX/2?00:B.O.S.:*:*) - echo m68k-bull-sysv3 - exit ;; - 9000/[34]??:4.3bsd:1.*:*) - echo m68k-hp-bsd - exit ;; - hp300:4.4BSD:*:* | 9000/[34]??:4.3bsd:2.*:*) - echo m68k-hp-bsd4.4 - exit ;; - 9000/[34678]??:HP-UX:*:*) - HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` - case "${UNAME_MACHINE}" in - 9000/31? ) HP_ARCH=m68000 ;; - 9000/[34]?? ) HP_ARCH=m68k ;; - 9000/[678][0-9][0-9]) - if [ -x /usr/bin/getconf ]; then - sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null` - sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null` - case "${sc_cpu_version}" in - 523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0 - 528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1 - 532) # CPU_PA_RISC2_0 - case "${sc_kernel_bits}" in - 32) HP_ARCH="hppa2.0n" ;; - 64) HP_ARCH="hppa2.0w" ;; - '') HP_ARCH="hppa2.0" ;; # HP-UX 10.20 - esac ;; - esac - fi - if [ "${HP_ARCH}" = "" ]; then - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c - - #define _HPUX_SOURCE - #include - #include - - int main () - { - #if defined(_SC_KERNEL_BITS) - long bits = sysconf(_SC_KERNEL_BITS); - #endif - long cpu = sysconf (_SC_CPU_VERSION); - - switch (cpu) - { - case CPU_PA_RISC1_0: puts ("hppa1.0"); break; - case CPU_PA_RISC1_1: puts ("hppa1.1"); break; - case CPU_PA_RISC2_0: - #if defined(_SC_KERNEL_BITS) - switch (bits) - { - case 64: puts ("hppa2.0w"); break; - case 32: puts ("hppa2.0n"); break; - default: puts ("hppa2.0"); break; - } break; - #else /* !defined(_SC_KERNEL_BITS) */ - puts ("hppa2.0"); break; - #endif - default: puts ("hppa1.0"); break; - } - exit (0); - } -EOF - (CCOPTS= $CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null) && HP_ARCH=`$dummy` - test -z "$HP_ARCH" && HP_ARCH=hppa - fi ;; - esac - if [ ${HP_ARCH} = "hppa2.0w" ] - then - eval $set_cc_for_build - - # hppa2.0w-hp-hpux* has a 64-bit kernel and a compiler generating - # 32-bit code. hppa64-hp-hpux* has the same kernel and a compiler - # generating 64-bit code. GNU and HP use different nomenclature: - # - # $ CC_FOR_BUILD=cc ./config.guess - # => hppa2.0w-hp-hpux11.23 - # $ CC_FOR_BUILD="cc +DA2.0w" ./config.guess - # => hppa64-hp-hpux11.23 - - if echo __LP64__ | (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | - grep -q __LP64__ - then - HP_ARCH="hppa2.0w" - else - HP_ARCH="hppa64" - fi - fi - echo ${HP_ARCH}-hp-hpux${HPUX_REV} - exit ;; - ia64:HP-UX:*:*) - HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` - echo ia64-hp-hpux${HPUX_REV} - exit ;; - 3050*:HI-UX:*:*) - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c - #include - int - main () - { - long cpu = sysconf (_SC_CPU_VERSION); - /* The order matters, because CPU_IS_HP_MC68K erroneously returns - true for CPU_PA_RISC1_0. CPU_IS_PA_RISC returns correct - results, however. */ - if (CPU_IS_PA_RISC (cpu)) - { - switch (cpu) - { - case CPU_PA_RISC1_0: puts ("hppa1.0-hitachi-hiuxwe2"); break; - case CPU_PA_RISC1_1: puts ("hppa1.1-hitachi-hiuxwe2"); break; - case CPU_PA_RISC2_0: puts ("hppa2.0-hitachi-hiuxwe2"); break; - default: puts ("hppa-hitachi-hiuxwe2"); break; - } - } - else if (CPU_IS_HP_MC68K (cpu)) - puts ("m68k-hitachi-hiuxwe2"); - else puts ("unknown-hitachi-hiuxwe2"); - exit (0); - } -EOF - $CC_FOR_BUILD -o $dummy $dummy.c && SYSTEM_NAME=`$dummy` && - { echo "$SYSTEM_NAME"; exit; } - echo unknown-hitachi-hiuxwe2 - exit ;; - 9000/7??:4.3bsd:*:* | 9000/8?[79]:4.3bsd:*:* ) - echo hppa1.1-hp-bsd - exit ;; - 9000/8??:4.3bsd:*:*) - echo hppa1.0-hp-bsd - exit ;; - *9??*:MPE/iX:*:* | *3000*:MPE/iX:*:*) - echo hppa1.0-hp-mpeix - exit ;; - hp7??:OSF1:*:* | hp8?[79]:OSF1:*:* ) - echo hppa1.1-hp-osf - exit ;; - hp8??:OSF1:*:*) - echo hppa1.0-hp-osf - exit ;; - i*86:OSF1:*:*) - if [ -x /usr/sbin/sysversion ] ; then - echo ${UNAME_MACHINE}-unknown-osf1mk - else - echo ${UNAME_MACHINE}-unknown-osf1 - fi - exit ;; - parisc*:Lites*:*:*) - echo hppa1.1-hp-lites - exit ;; - C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*) - echo c1-convex-bsd - exit ;; - C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*) - if getsysinfo -f scalar_acc - then echo c32-convex-bsd - else echo c2-convex-bsd - fi - exit ;; - C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*) - echo c34-convex-bsd - exit ;; - C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*) - echo c38-convex-bsd - exit ;; - C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*) - echo c4-convex-bsd - exit ;; - CRAY*Y-MP:*:*:*) - echo ymp-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' - exit ;; - CRAY*[A-Z]90:*:*:*) - echo ${UNAME_MACHINE}-cray-unicos${UNAME_RELEASE} \ - | sed -e 's/CRAY.*\([A-Z]90\)/\1/' \ - -e y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/ \ - -e 's/\.[^.]*$/.X/' - exit ;; - CRAY*TS:*:*:*) - echo t90-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' - exit ;; - CRAY*T3E:*:*:*) - echo alphaev5-cray-unicosmk${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' - exit ;; - CRAY*SV1:*:*:*) - echo sv1-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' - exit ;; - *:UNICOS/mp:*:*) - echo craynv-cray-unicosmp${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' - exit ;; - F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*) - FUJITSU_PROC=`uname -m | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` - FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` - FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'` - echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" - exit ;; - 5000:UNIX_System_V:4.*:*) - FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` - FUJITSU_REL=`echo ${UNAME_RELEASE} | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/ /_/'` - echo "sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" - exit ;; - i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*) - echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE} - exit ;; - sparc*:BSD/OS:*:*) - echo sparc-unknown-bsdi${UNAME_RELEASE} - exit ;; - *:BSD/OS:*:*) - echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE} - exit ;; - *:FreeBSD:*:*) - case ${UNAME_MACHINE} in - pc98) - echo i386-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; - amd64) - echo x86_64-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; - *) - echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; - esac - exit ;; - i*:CYGWIN*:*) - echo ${UNAME_MACHINE}-pc-cygwin - exit ;; - *:MINGW*:*) - echo ${UNAME_MACHINE}-pc-mingw32 - exit ;; - i*:windows32*:*) - # uname -m includes "-pc" on this system. - echo ${UNAME_MACHINE}-mingw32 - exit ;; - i*:PW*:*) - echo ${UNAME_MACHINE}-pc-pw32 - exit ;; - *:Interix*:*) - case ${UNAME_MACHINE} in - x86) - echo i586-pc-interix${UNAME_RELEASE} - exit ;; - authenticamd | genuineintel | EM64T) - echo x86_64-unknown-interix${UNAME_RELEASE} - exit ;; - IA64) - echo ia64-unknown-interix${UNAME_RELEASE} - exit ;; - esac ;; - [345]86:Windows_95:* | [345]86:Windows_98:* | [345]86:Windows_NT:*) - echo i${UNAME_MACHINE}-pc-mks - exit ;; - 8664:Windows_NT:*) - echo x86_64-pc-mks - exit ;; - i*:Windows_NT*:* | Pentium*:Windows_NT*:*) - # How do we know it's Interix rather than the generic POSIX subsystem? - # It also conflicts with pre-2.0 versions of AT&T UWIN. Should we - # UNAME_MACHINE based on the output of uname instead of i386? - echo i586-pc-interix - exit ;; - i*:UWIN*:*) - echo ${UNAME_MACHINE}-pc-uwin - exit ;; - amd64:CYGWIN*:*:* | x86_64:CYGWIN*:*:*) - echo x86_64-unknown-cygwin - exit ;; - p*:CYGWIN*:*) - echo powerpcle-unknown-cygwin - exit ;; - prep*:SunOS:5.*:*) - echo powerpcle-unknown-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit ;; - *:GNU:*:*) - # the GNU system - echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-gnu`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'` - exit ;; - *:GNU/*:*:*) - # other systems with GNU libc and userland - echo ${UNAME_MACHINE}-unknown-`echo ${UNAME_SYSTEM} | sed 's,^[^/]*/,,' | tr '[A-Z]' '[a-z]'``echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`-gnu - exit ;; - i*86:Minix:*:*) - echo ${UNAME_MACHINE}-pc-minix - exit ;; - alpha:Linux:*:*) - case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in - EV5) UNAME_MACHINE=alphaev5 ;; - EV56) UNAME_MACHINE=alphaev56 ;; - PCA56) UNAME_MACHINE=alphapca56 ;; - PCA57) UNAME_MACHINE=alphapca56 ;; - EV6) UNAME_MACHINE=alphaev6 ;; - EV67) UNAME_MACHINE=alphaev67 ;; - EV68*) UNAME_MACHINE=alphaev68 ;; - esac - objdump --private-headers /bin/sh | grep -q ld.so.1 - if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi - echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC} - exit ;; - arm*:Linux:*:*) - eval $set_cc_for_build - if echo __ARM_EABI__ | $CC_FOR_BUILD -E - 2>/dev/null \ - | grep -q __ARM_EABI__ - then - echo ${UNAME_MACHINE}-unknown-linux-gnu - else - echo ${UNAME_MACHINE}-unknown-linux-gnueabi - fi - exit ;; - avr32*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu - exit ;; - cris:Linux:*:*) - echo cris-axis-linux-gnu - exit ;; - crisv32:Linux:*:*) - echo crisv32-axis-linux-gnu - exit ;; - frv:Linux:*:*) - echo frv-unknown-linux-gnu - exit ;; - i*86:Linux:*:*) - LIBC=gnu - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c - #ifdef __dietlibc__ - LIBC=dietlibc - #endif -EOF - eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^LIBC'` - echo "${UNAME_MACHINE}-pc-linux-${LIBC}" - exit ;; - ia64:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu - exit ;; - m32r*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu - exit ;; - m68*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu - exit ;; - mips:Linux:*:* | mips64:Linux:*:*) - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c - #undef CPU - #undef ${UNAME_MACHINE} - #undef ${UNAME_MACHINE}el - #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL) - CPU=${UNAME_MACHINE}el - #else - #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB) - CPU=${UNAME_MACHINE} - #else - CPU= - #endif - #endif -EOF - eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^CPU'` - test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; } - ;; - or32:Linux:*:*) - echo or32-unknown-linux-gnu - exit ;; - padre:Linux:*:*) - echo sparc-unknown-linux-gnu - exit ;; - parisc64:Linux:*:* | hppa64:Linux:*:*) - echo hppa64-unknown-linux-gnu - exit ;; - parisc:Linux:*:* | hppa:Linux:*:*) - # Look for CPU level - case `grep '^cpu[^a-z]*:' /proc/cpuinfo 2>/dev/null | cut -d' ' -f2` in - PA7*) echo hppa1.1-unknown-linux-gnu ;; - PA8*) echo hppa2.0-unknown-linux-gnu ;; - *) echo hppa-unknown-linux-gnu ;; - esac - exit ;; - ppc64:Linux:*:*) - echo powerpc64-unknown-linux-gnu - exit ;; - ppc:Linux:*:*) - echo powerpc-unknown-linux-gnu - exit ;; - s390:Linux:*:* | s390x:Linux:*:*) - echo ${UNAME_MACHINE}-ibm-linux - exit ;; - sh64*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu - exit ;; - sh*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu - exit ;; - sparc:Linux:*:* | sparc64:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu - exit ;; - vax:Linux:*:*) - echo ${UNAME_MACHINE}-dec-linux-gnu - exit ;; - x86_64:Linux:*:*) - echo x86_64-unknown-linux-gnu - exit ;; - xtensa*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu - exit ;; - i*86:DYNIX/ptx:4*:*) - # ptx 4.0 does uname -s correctly, with DYNIX/ptx in there. - # earlier versions are messed up and put the nodename in both - # sysname and nodename. - echo i386-sequent-sysv4 - exit ;; - i*86:UNIX_SV:4.2MP:2.*) - # Unixware is an offshoot of SVR4, but it has its own version - # number series starting with 2... - # I am not positive that other SVR4 systems won't match this, - # I just have to hope. -- rms. - # Use sysv4.2uw... so that sysv4* matches it. - echo ${UNAME_MACHINE}-pc-sysv4.2uw${UNAME_VERSION} - exit ;; - i*86:OS/2:*:*) - # If we were able to find `uname', then EMX Unix compatibility - # is probably installed. - echo ${UNAME_MACHINE}-pc-os2-emx - exit ;; - i*86:XTS-300:*:STOP) - echo ${UNAME_MACHINE}-unknown-stop - exit ;; - i*86:atheos:*:*) - echo ${UNAME_MACHINE}-unknown-atheos - exit ;; - i*86:syllable:*:*) - echo ${UNAME_MACHINE}-pc-syllable - exit ;; - i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.[02]*:*) - echo i386-unknown-lynxos${UNAME_RELEASE} - exit ;; - i*86:*DOS:*:*) - echo ${UNAME_MACHINE}-pc-msdosdjgpp - exit ;; - i*86:*:4.*:* | i*86:SYSTEM_V:4.*:*) - UNAME_REL=`echo ${UNAME_RELEASE} | sed 's/\/MP$//'` - if grep Novell /usr/include/link.h >/dev/null 2>/dev/null; then - echo ${UNAME_MACHINE}-univel-sysv${UNAME_REL} - else - echo ${UNAME_MACHINE}-pc-sysv${UNAME_REL} - fi - exit ;; - i*86:*:5:[678]*) - # UnixWare 7.x, OpenUNIX and OpenServer 6. - case `/bin/uname -X | grep "^Machine"` in - *486*) UNAME_MACHINE=i486 ;; - *Pentium) UNAME_MACHINE=i586 ;; - *Pent*|*Celeron) UNAME_MACHINE=i686 ;; - esac - echo ${UNAME_MACHINE}-unknown-sysv${UNAME_RELEASE}${UNAME_SYSTEM}${UNAME_VERSION} - exit ;; - i*86:*:3.2:*) - if test -f /usr/options/cb.name; then - UNAME_REL=`sed -n 's/.*Version //p' /dev/null >/dev/null ; then - UNAME_REL=`(/bin/uname -X|grep Release|sed -e 's/.*= //')` - (/bin/uname -X|grep i80486 >/dev/null) && UNAME_MACHINE=i486 - (/bin/uname -X|grep '^Machine.*Pentium' >/dev/null) \ - && UNAME_MACHINE=i586 - (/bin/uname -X|grep '^Machine.*Pent *II' >/dev/null) \ - && UNAME_MACHINE=i686 - (/bin/uname -X|grep '^Machine.*Pentium Pro' >/dev/null) \ - && UNAME_MACHINE=i686 - echo ${UNAME_MACHINE}-pc-sco$UNAME_REL - else - echo ${UNAME_MACHINE}-pc-sysv32 - fi - exit ;; - pc:*:*:*) - # Left here for compatibility: - # uname -m prints for DJGPP always 'pc', but it prints nothing about - # the processor, so we play safe by assuming i586. - # Note: whatever this is, it MUST be the same as what config.sub - # prints for the "djgpp" host, or else GDB configury will decide that - # this is a cross-build. - echo i586-pc-msdosdjgpp - exit ;; - Intel:Mach:3*:*) - echo i386-pc-mach3 - exit ;; - paragon:*:*:*) - echo i860-intel-osf1 - exit ;; - i860:*:4.*:*) # i860-SVR4 - if grep Stardent /usr/include/sys/uadmin.h >/dev/null 2>&1 ; then - echo i860-stardent-sysv${UNAME_RELEASE} # Stardent Vistra i860-SVR4 - else # Add other i860-SVR4 vendors below as they are discovered. - echo i860-unknown-sysv${UNAME_RELEASE} # Unknown i860-SVR4 - fi - exit ;; - mini*:CTIX:SYS*5:*) - # "miniframe" - echo m68010-convergent-sysv - exit ;; - mc68k:UNIX:SYSTEM5:3.51m) - echo m68k-convergent-sysv - exit ;; - M680?0:D-NIX:5.3:*) - echo m68k-diab-dnix - exit ;; - M68*:*:R3V[5678]*:*) - test -r /sysV68 && { echo 'm68k-motorola-sysv'; exit; } ;; - 3[345]??:*:4.0:3.0 | 3[34]??A:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 3[34]??/*:*:4.0:3.0 | 4400:*:4.0:3.0 | 4850:*:4.0:3.0 | SKA40:*:4.0:3.0 | SDS2:*:4.0:3.0 | SHG2:*:4.0:3.0 | S7501*:*:4.0:3.0) - OS_REL='' - test -r /etc/.relid \ - && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid` - /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ - && { echo i486-ncr-sysv4.3${OS_REL}; exit; } - /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ - && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;; - 3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*) - /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ - && { echo i486-ncr-sysv4; exit; } ;; - NCR*:*:4.2:* | MPRAS*:*:4.2:*) - OS_REL='.3' - test -r /etc/.relid \ - && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid` - /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ - && { echo i486-ncr-sysv4.3${OS_REL}; exit; } - /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ - && { echo i586-ncr-sysv4.3${OS_REL}; exit; } - /bin/uname -p 2>/dev/null | /bin/grep pteron >/dev/null \ - && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;; - m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*) - echo m68k-unknown-lynxos${UNAME_RELEASE} - exit ;; - mc68030:UNIX_System_V:4.*:*) - echo m68k-atari-sysv4 - exit ;; - TSUNAMI:LynxOS:2.*:*) - echo sparc-unknown-lynxos${UNAME_RELEASE} - exit ;; - rs6000:LynxOS:2.*:*) - echo rs6000-unknown-lynxos${UNAME_RELEASE} - exit ;; - PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.[02]*:*) - echo powerpc-unknown-lynxos${UNAME_RELEASE} - exit ;; - SM[BE]S:UNIX_SV:*:*) - echo mips-dde-sysv${UNAME_RELEASE} - exit ;; - RM*:ReliantUNIX-*:*:*) - echo mips-sni-sysv4 - exit ;; - RM*:SINIX-*:*:*) - echo mips-sni-sysv4 - exit ;; - *:SINIX-*:*:*) - if uname -p 2>/dev/null >/dev/null ; then - UNAME_MACHINE=`(uname -p) 2>/dev/null` - echo ${UNAME_MACHINE}-sni-sysv4 - else - echo ns32k-sni-sysv - fi - exit ;; - PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort - # says - echo i586-unisys-sysv4 - exit ;; - *:UNIX_System_V:4*:FTX*) - # From Gerald Hewes . - # How about differentiating between stratus architectures? -djm - echo hppa1.1-stratus-sysv4 - exit ;; - *:*:*:FTX*) - # From seanf@swdc.stratus.com. - echo i860-stratus-sysv4 - exit ;; - i*86:VOS:*:*) - # From Paul.Green@stratus.com. - echo ${UNAME_MACHINE}-stratus-vos - exit ;; - *:VOS:*:*) - # From Paul.Green@stratus.com. - echo hppa1.1-stratus-vos - exit ;; - mc68*:A/UX:*:*) - echo m68k-apple-aux${UNAME_RELEASE} - exit ;; - news*:NEWS-OS:6*:*) - echo mips-sony-newsos6 - exit ;; - R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*) - if [ -d /usr/nec ]; then - echo mips-nec-sysv${UNAME_RELEASE} - else - echo mips-unknown-sysv${UNAME_RELEASE} - fi - exit ;; - BeBox:BeOS:*:*) # BeOS running on hardware made by Be, PPC only. - echo powerpc-be-beos - exit ;; - BeMac:BeOS:*:*) # BeOS running on Mac or Mac clone, PPC only. - echo powerpc-apple-beos - exit ;; - BePC:BeOS:*:*) # BeOS running on Intel PC compatible. - echo i586-pc-beos - exit ;; - BePC:Haiku:*:*) # Haiku running on Intel PC compatible. - echo i586-pc-haiku - exit ;; - SX-4:SUPER-UX:*:*) - echo sx4-nec-superux${UNAME_RELEASE} - exit ;; - SX-5:SUPER-UX:*:*) - echo sx5-nec-superux${UNAME_RELEASE} - exit ;; - SX-6:SUPER-UX:*:*) - echo sx6-nec-superux${UNAME_RELEASE} - exit ;; - SX-7:SUPER-UX:*:*) - echo sx7-nec-superux${UNAME_RELEASE} - exit ;; - SX-8:SUPER-UX:*:*) - echo sx8-nec-superux${UNAME_RELEASE} - exit ;; - SX-8R:SUPER-UX:*:*) - echo sx8r-nec-superux${UNAME_RELEASE} - exit ;; - Power*:Rhapsody:*:*) - echo powerpc-apple-rhapsody${UNAME_RELEASE} - exit ;; - *:Rhapsody:*:*) - echo ${UNAME_MACHINE}-apple-rhapsody${UNAME_RELEASE} - exit ;; - *:Darwin:*:*) - UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown - case $UNAME_PROCESSOR in - i386) - eval $set_cc_for_build - if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then - if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \ - (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \ - grep IS_64BIT_ARCH >/dev/null - then - UNAME_PROCESSOR="x86_64" - fi - fi ;; - unknown) UNAME_PROCESSOR=powerpc ;; - esac - echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE} - exit ;; - *:procnto*:*:* | *:QNX:[0123456789]*:*) - UNAME_PROCESSOR=`uname -p` - if test "$UNAME_PROCESSOR" = "x86"; then - UNAME_PROCESSOR=i386 - UNAME_MACHINE=pc - fi - echo ${UNAME_PROCESSOR}-${UNAME_MACHINE}-nto-qnx${UNAME_RELEASE} - exit ;; - *:QNX:*:4*) - echo i386-pc-qnx - exit ;; - NSE-?:NONSTOP_KERNEL:*:*) - echo nse-tandem-nsk${UNAME_RELEASE} - exit ;; - NSR-?:NONSTOP_KERNEL:*:*) - echo nsr-tandem-nsk${UNAME_RELEASE} - exit ;; - *:NonStop-UX:*:*) - echo mips-compaq-nonstopux - exit ;; - BS2000:POSIX*:*:*) - echo bs2000-siemens-sysv - exit ;; - DS/*:UNIX_System_V:*:*) - echo ${UNAME_MACHINE}-${UNAME_SYSTEM}-${UNAME_RELEASE} - exit ;; - *:Plan9:*:*) - # "uname -m" is not consistent, so use $cputype instead. 386 - # is converted to i386 for consistency with other x86 - # operating systems. - if test "$cputype" = "386"; then - UNAME_MACHINE=i386 - else - UNAME_MACHINE="$cputype" - fi - echo ${UNAME_MACHINE}-unknown-plan9 - exit ;; - *:TOPS-10:*:*) - echo pdp10-unknown-tops10 - exit ;; - *:TENEX:*:*) - echo pdp10-unknown-tenex - exit ;; - KS10:TOPS-20:*:* | KL10:TOPS-20:*:* | TYPE4:TOPS-20:*:*) - echo pdp10-dec-tops20 - exit ;; - XKL-1:TOPS-20:*:* | TYPE5:TOPS-20:*:*) - echo pdp10-xkl-tops20 - exit ;; - *:TOPS-20:*:*) - echo pdp10-unknown-tops20 - exit ;; - *:ITS:*:*) - echo pdp10-unknown-its - exit ;; - SEI:*:*:SEIUX) - echo mips-sei-seiux${UNAME_RELEASE} - exit ;; - *:DragonFly:*:*) - echo ${UNAME_MACHINE}-unknown-dragonfly`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` - exit ;; - *:*VMS:*:*) - UNAME_MACHINE=`(uname -p) 2>/dev/null` - case "${UNAME_MACHINE}" in - A*) echo alpha-dec-vms ; exit ;; - I*) echo ia64-dec-vms ; exit ;; - V*) echo vax-dec-vms ; exit ;; - esac ;; - *:XENIX:*:SysV) - echo i386-pc-xenix - exit ;; - i*86:skyos:*:*) - echo ${UNAME_MACHINE}-pc-skyos`echo ${UNAME_RELEASE}` | sed -e 's/ .*$//' - exit ;; - i*86:rdos:*:*) - echo ${UNAME_MACHINE}-pc-rdos - exit ;; - i*86:AROS:*:*) - echo ${UNAME_MACHINE}-pc-aros - exit ;; -esac - -#echo '(No uname command or uname output not recognized.)' 1>&2 -#echo "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" 1>&2 - -eval $set_cc_for_build -cat >$dummy.c < -# include -#endif -main () -{ -#if defined (sony) -#if defined (MIPSEB) - /* BFD wants "bsd" instead of "newsos". Perhaps BFD should be changed, - I don't know.... */ - printf ("mips-sony-bsd\n"); exit (0); -#else -#include - printf ("m68k-sony-newsos%s\n", -#ifdef NEWSOS4 - "4" -#else - "" -#endif - ); exit (0); -#endif -#endif - -#if defined (__arm) && defined (__acorn) && defined (__unix) - printf ("arm-acorn-riscix\n"); exit (0); -#endif - -#if defined (hp300) && !defined (hpux) - printf ("m68k-hp-bsd\n"); exit (0); -#endif - -#if defined (NeXT) -#if !defined (__ARCHITECTURE__) -#define __ARCHITECTURE__ "m68k" -#endif - int version; - version=`(hostinfo | sed -n 's/.*NeXT Mach \([0-9]*\).*/\1/p') 2>/dev/null`; - if (version < 4) - printf ("%s-next-nextstep%d\n", __ARCHITECTURE__, version); - else - printf ("%s-next-openstep%d\n", __ARCHITECTURE__, version); - exit (0); -#endif - -#if defined (MULTIMAX) || defined (n16) -#if defined (UMAXV) - printf ("ns32k-encore-sysv\n"); exit (0); -#else -#if defined (CMU) - printf ("ns32k-encore-mach\n"); exit (0); -#else - printf ("ns32k-encore-bsd\n"); exit (0); -#endif -#endif -#endif - -#if defined (__386BSD__) - printf ("i386-pc-bsd\n"); exit (0); -#endif - -#if defined (sequent) -#if defined (i386) - printf ("i386-sequent-dynix\n"); exit (0); -#endif -#if defined (ns32000) - printf ("ns32k-sequent-dynix\n"); exit (0); -#endif -#endif - -#if defined (_SEQUENT_) - struct utsname un; - - uname(&un); - - if (strncmp(un.version, "V2", 2) == 0) { - printf ("i386-sequent-ptx2\n"); exit (0); - } - if (strncmp(un.version, "V1", 2) == 0) { /* XXX is V1 correct? */ - printf ("i386-sequent-ptx1\n"); exit (0); - } - printf ("i386-sequent-ptx\n"); exit (0); - -#endif - -#if defined (vax) -# if !defined (ultrix) -# include -# if defined (BSD) -# if BSD == 43 - printf ("vax-dec-bsd4.3\n"); exit (0); -# else -# if BSD == 199006 - printf ("vax-dec-bsd4.3reno\n"); exit (0); -# else - printf ("vax-dec-bsd\n"); exit (0); -# endif -# endif -# else - printf ("vax-dec-bsd\n"); exit (0); -# endif -# else - printf ("vax-dec-ultrix\n"); exit (0); -# endif -#endif - -#if defined (alliant) && defined (i860) - printf ("i860-alliant-bsd\n"); exit (0); -#endif - - exit (1); -} -EOF - -$CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null && SYSTEM_NAME=`$dummy` && - { echo "$SYSTEM_NAME"; exit; } - -# Apollos put the system type in the environment. - -test -d /usr/apollo && { echo ${ISP}-apollo-${SYSTYPE}; exit; } - -# Convex versions that predate uname can use getsysinfo(1) - -if [ -x /usr/convex/getsysinfo ] -then - case `getsysinfo -f cpu_type` in - c1*) - echo c1-convex-bsd - exit ;; - c2*) - if getsysinfo -f scalar_acc - then echo c32-convex-bsd - else echo c2-convex-bsd - fi - exit ;; - c34*) - echo c34-convex-bsd - exit ;; - c38*) - echo c38-convex-bsd - exit ;; - c4*) - echo c4-convex-bsd - exit ;; - esac -fi - -cat >&2 < in order to provide the needed -information to handle your system. - -config.guess timestamp = $timestamp - -uname -m = `(uname -m) 2>/dev/null || echo unknown` -uname -r = `(uname -r) 2>/dev/null || echo unknown` -uname -s = `(uname -s) 2>/dev/null || echo unknown` -uname -v = `(uname -v) 2>/dev/null || echo unknown` - -/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null` -/bin/uname -X = `(/bin/uname -X) 2>/dev/null` - -hostinfo = `(hostinfo) 2>/dev/null` -/bin/universe = `(/bin/universe) 2>/dev/null` -/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null` -/bin/arch = `(/bin/arch) 2>/dev/null` -/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null` -/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null` - -UNAME_MACHINE = ${UNAME_MACHINE} -UNAME_RELEASE = ${UNAME_RELEASE} -UNAME_SYSTEM = ${UNAME_SYSTEM} -UNAME_VERSION = ${UNAME_VERSION} -EOF - -exit 1 - -# Local variables: -# eval: (add-hook 'write-file-hooks 'time-stamp) -# time-stamp-start: "timestamp='" -# time-stamp-format: "%:y-%02m-%02d" -# time-stamp-end: "'" -# End: diff -r e1d7053e4d45 -r 76dce3b9468e tools/config.sub --- a/tools/config.sub Fri Jan 18 10:55:47 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,1714 +0,0 @@ -#! /bin/sh -# Configuration validation subroutine script. -# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, -# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 -# Free Software Foundation, Inc. - -timestamp='2010-01-22' - -# This file is (in principle) common to ALL GNU software. -# The presence of a machine in this file suggests that SOME GNU software -# can handle that machine. It does not imply ALL GNU software can. -# -# This file is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA -# 02110-1301, USA. -# -# As a special exception to the GNU General Public License, if you -# distribute this file as part of a program that contains a -# configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that program. - - -# Please send patches to . Submit a context -# diff and a properly formatted GNU ChangeLog entry. -# -# Configuration subroutine to validate and canonicalize a configuration type. -# Supply the specified configuration type as an argument. -# If it is invalid, we print an error message on stderr and exit with code 1. -# Otherwise, we print the canonical config type on stdout and succeed. - -# You can get the latest version of this script from: -# http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub;hb=HEAD - -# This file is supposed to be the same for all GNU packages -# and recognize all the CPU types, system types and aliases -# that are meaningful with *any* GNU software. -# Each package is responsible for reporting which valid configurations -# it does not support. The user should be able to distinguish -# a failure to support a valid configuration from a meaningless -# configuration. - -# The goal of this file is to map all the various variations of a given -# machine specification into a single specification in the form: -# CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM -# or in some cases, the newer four-part form: -# CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM -# It is wrong to echo any other type of specification. - -me=`echo "$0" | sed -e 's,.*/,,'` - -usage="\ -Usage: $0 [OPTION] CPU-MFR-OPSYS - $0 [OPTION] ALIAS - -Canonicalize a configuration name. - -Operation modes: - -h, --help print this help, then exit - -t, --time-stamp print date of last modification, then exit - -v, --version print version number, then exit - -Report bugs and patches to ." - -version="\ -GNU config.sub ($timestamp) - -Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, -2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free -Software Foundation, Inc. - -This is free software; see the source for copying conditions. There is NO -warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." - -help=" -Try \`$me --help' for more information." - -# Parse command line -while test $# -gt 0 ; do - case $1 in - --time-stamp | --time* | -t ) - echo "$timestamp" ; exit ;; - --version | -v ) - echo "$version" ; exit ;; - --help | --h* | -h ) - echo "$usage"; exit ;; - -- ) # Stop option processing - shift; break ;; - - ) # Use stdin as input. - break ;; - -* ) - echo "$me: invalid option $1$help" - exit 1 ;; - - *local*) - # First pass through any local machine types. - echo $1 - exit ;; - - * ) - break ;; - esac -done - -case $# in - 0) echo "$me: missing argument$help" >&2 - exit 1;; - 1) ;; - *) echo "$me: too many arguments$help" >&2 - exit 1;; -esac - -# Separate what the user gave into CPU-COMPANY and OS or KERNEL-OS (if any). -# Here we must recognize all the valid KERNEL-OS combinations. -maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'` -case $maybe_os in - nto-qnx* | linux-gnu* | linux-dietlibc | linux-newlib* | linux-uclibc* | \ - uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* | \ - kopensolaris*-gnu* | \ - storm-chaos* | os2-emx* | rtmk-nova*) - os=-$maybe_os - basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'` - ;; - *) - basic_machine=`echo $1 | sed 's/-[^-]*$//'` - if [ $basic_machine != $1 ] - then os=`echo $1 | sed 's/.*-/-/'` - else os=; fi - ;; -esac - -### Let's recognize common machines as not being operating systems so -### that things like config.sub decstation-3100 work. We also -### recognize some manufacturers as not being operating systems, so we -### can provide default operating systems below. -case $os in - -sun*os*) - # Prevent following clause from handling this invalid input. - ;; - -dec* | -mips* | -sequent* | -encore* | -pc532* | -sgi* | -sony* | \ - -att* | -7300* | -3300* | -delta* | -motorola* | -sun[234]* | \ - -unicom* | -ibm* | -next | -hp | -isi* | -apollo | -altos* | \ - -convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\ - -c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \ - -harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \ - -apple | -axis | -knuth | -cray | -microblaze) - os= - basic_machine=$1 - ;; - -bluegene*) - os=-cnk - ;; - -sim | -cisco | -oki | -wec | -winbond) - os= - basic_machine=$1 - ;; - -scout) - ;; - -wrs) - os=-vxworks - basic_machine=$1 - ;; - -chorusos*) - os=-chorusos - basic_machine=$1 - ;; - -chorusrdb) - os=-chorusrdb - basic_machine=$1 - ;; - -hiux*) - os=-hiuxwe2 - ;; - -sco6) - os=-sco5v6 - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -sco5) - os=-sco3.2v5 - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -sco4) - os=-sco3.2v4 - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -sco3.2.[4-9]*) - os=`echo $os | sed -e 's/sco3.2./sco3.2v/'` - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -sco3.2v[4-9]*) - # Don't forget version if it is 3.2v4 or newer. - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -sco5v6*) - # Don't forget version if it is 3.2v4 or newer. - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -sco*) - os=-sco3.2v2 - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -udk*) - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -isc) - os=-isc2.2 - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -clix*) - basic_machine=clipper-intergraph - ;; - -isc*) - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -lynx*) - os=-lynxos - ;; - -ptx*) - basic_machine=`echo $1 | sed -e 's/86-.*/86-sequent/'` - ;; - -windowsnt*) - os=`echo $os | sed -e 's/windowsnt/winnt/'` - ;; - -psos*) - os=-psos - ;; - -mint | -mint[0-9]*) - basic_machine=m68k-atari - os=-mint - ;; -esac - -# Decode aliases for certain CPU-COMPANY combinations. -case $basic_machine in - # Recognize the basic CPU types without company name. - # Some are omitted here because they have special meanings below. - 1750a | 580 \ - | a29k \ - | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \ - | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \ - | am33_2.0 \ - | arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr | avr32 \ - | bfin \ - | c4x | clipper \ - | d10v | d30v | dlx | dsp16xx \ - | fido | fr30 | frv \ - | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \ - | i370 | i860 | i960 | ia64 \ - | ip2k | iq2000 \ - | lm32 \ - | m32c | m32r | m32rle | m68000 | m68k | m88k \ - | maxq | mb | microblaze | mcore | mep | metag \ - | mips | mipsbe | mipseb | mipsel | mipsle \ - | mips16 \ - | mips64 | mips64el \ - | mips64octeon | mips64octeonel \ - | mips64orion | mips64orionel \ - | mips64r5900 | mips64r5900el \ - | mips64vr | mips64vrel \ - | mips64vr4100 | mips64vr4100el \ - | mips64vr4300 | mips64vr4300el \ - | mips64vr5000 | mips64vr5000el \ - | mips64vr5900 | mips64vr5900el \ - | mipsisa32 | mipsisa32el \ - | mipsisa32r2 | mipsisa32r2el \ - | mipsisa64 | mipsisa64el \ - | mipsisa64r2 | mipsisa64r2el \ - | mipsisa64sb1 | mipsisa64sb1el \ - | mipsisa64sr71k | mipsisa64sr71kel \ - | mipstx39 | mipstx39el \ - | mn10200 | mn10300 \ - | moxie \ - | mt \ - | msp430 \ - | nios | nios2 \ - | ns16k | ns32k \ - | or32 \ - | pdp10 | pdp11 | pj | pjl \ - | powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \ - | pyramid \ - | rx \ - | score \ - | sh | sh[1234] | sh[24]a | sh[24]aeb | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \ - | sh64 | sh64le \ - | sparc | sparc64 | sparc64b | sparc64v | sparc86x | sparclet | sparclite \ - | sparcv8 | sparcv9 | sparcv9b | sparcv9v \ - | spu | strongarm \ - | tahoe | thumb | tic4x | tic80 | tron \ - | ubicom32 \ - | v850 | v850e \ - | we32k \ - | x86 | xc16x | xscale | xscalee[bl] | xstormy16 | xtensa \ - | z8k | z80) - basic_machine=$basic_machine-unknown - ;; - m6811 | m68hc11 | m6812 | m68hc12 | picochip) - # Motorola 68HC11/12. - basic_machine=$basic_machine-unknown - os=-none - ;; - m88110 | m680[12346]0 | m683?2 | m68360 | m5200 | v70 | w65 | z8k) - ;; - ms1) - basic_machine=mt-unknown - ;; - - # We use `pc' rather than `unknown' - # because (1) that's what they normally are, and - # (2) the word "unknown" tends to confuse beginning users. - i*86 | x86_64) - basic_machine=$basic_machine-pc - ;; - # Object if more than one company name word. - *-*-*) - echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2 - exit 1 - ;; - # Recognize the basic CPU types with company name. - 580-* \ - | a29k-* \ - | alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \ - | alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \ - | alphapca5[67]-* | alpha64pca5[67]-* | arc-* \ - | arm-* | armbe-* | armle-* | armeb-* | armv*-* \ - | avr-* | avr32-* \ - | bfin-* | bs2000-* \ - | c[123]* | c30-* | [cjt]90-* | c4x-* | c54x-* | c55x-* | c6x-* \ - | clipper-* | craynv-* | cydra-* \ - | d10v-* | d30v-* | dlx-* \ - | elxsi-* \ - | f30[01]-* | f700-* | fido-* | fr30-* | frv-* | fx80-* \ - | h8300-* | h8500-* \ - | hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \ - | i*86-* | i860-* | i960-* | ia64-* \ - | ip2k-* | iq2000-* \ - | lm32-* \ - | m32c-* | m32r-* | m32rle-* \ - | m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \ - | m88110-* | m88k-* | maxq-* | mcore-* | metag-* | microblaze-* \ - | mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \ - | mips16-* \ - | mips64-* | mips64el-* \ - | mips64octeon-* | mips64octeonel-* \ - | mips64orion-* | mips64orionel-* \ - | mips64r5900-* | mips64r5900el-* \ - | mips64vr-* | mips64vrel-* \ - | mips64vr4100-* | mips64vr4100el-* \ - | mips64vr4300-* | mips64vr4300el-* \ - | mips64vr5000-* | mips64vr5000el-* \ - | mips64vr5900-* | mips64vr5900el-* \ - | mipsisa32-* | mipsisa32el-* \ - | mipsisa32r2-* | mipsisa32r2el-* \ - | mipsisa64-* | mipsisa64el-* \ - | mipsisa64r2-* | mipsisa64r2el-* \ - | mipsisa64sb1-* | mipsisa64sb1el-* \ - | mipsisa64sr71k-* | mipsisa64sr71kel-* \ - | mipstx39-* | mipstx39el-* \ - | mmix-* \ - | mt-* \ - | msp430-* \ - | nios-* | nios2-* \ - | none-* | np1-* | ns16k-* | ns32k-* \ - | orion-* \ - | pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \ - | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \ - | pyramid-* \ - | romp-* | rs6000-* | rx-* \ - | sh-* | sh[1234]-* | sh[24]a-* | sh[24]aeb-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \ - | shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \ - | sparc-* | sparc64-* | sparc64b-* | sparc64v-* | sparc86x-* | sparclet-* \ - | sparclite-* \ - | sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | strongarm-* | sv1-* | sx?-* \ - | tahoe-* | thumb-* \ - | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \ - | tile-* | tilegx-* \ - | tron-* \ - | ubicom32-* \ - | v850-* | v850e-* | vax-* \ - | we32k-* \ - | x86-* | x86_64-* | xc16x-* | xps100-* | xscale-* | xscalee[bl]-* \ - | xstormy16-* | xtensa*-* \ - | ymp-* \ - | z8k-* | z80-*) - ;; - # Recognize the basic CPU types without company name, with glob match. - xtensa*) - basic_machine=$basic_machine-unknown - ;; - # Recognize the various machine names and aliases which stand - # for a CPU type and a company and sometimes even an OS. - 386bsd) - basic_machine=i386-unknown - os=-bsd - ;; - 3b1 | 7300 | 7300-att | att-7300 | pc7300 | safari | unixpc) - basic_machine=m68000-att - ;; - 3b*) - basic_machine=we32k-att - ;; - a29khif) - basic_machine=a29k-amd - os=-udi - ;; - abacus) - basic_machine=abacus-unknown - ;; - adobe68k) - basic_machine=m68010-adobe - os=-scout - ;; - alliant | fx80) - basic_machine=fx80-alliant - ;; - altos | altos3068) - basic_machine=m68k-altos - ;; - am29k) - basic_machine=a29k-none - os=-bsd - ;; - amd64) - basic_machine=x86_64-pc - ;; - amd64-*) - basic_machine=x86_64-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - amdahl) - basic_machine=580-amdahl - os=-sysv - ;; - amiga | amiga-*) - basic_machine=m68k-unknown - ;; - amigaos | amigados) - basic_machine=m68k-unknown - os=-amigaos - ;; - amigaunix | amix) - basic_machine=m68k-unknown - os=-sysv4 - ;; - apollo68) - basic_machine=m68k-apollo - os=-sysv - ;; - apollo68bsd) - basic_machine=m68k-apollo - os=-bsd - ;; - aros) - basic_machine=i386-pc - os=-aros - ;; - aux) - basic_machine=m68k-apple - os=-aux - ;; - balance) - basic_machine=ns32k-sequent - os=-dynix - ;; - blackfin) - basic_machine=bfin-unknown - os=-linux - ;; - blackfin-*) - basic_machine=bfin-`echo $basic_machine | sed 's/^[^-]*-//'` - os=-linux - ;; - bluegene*) - basic_machine=powerpc-ibm - os=-cnk - ;; - c90) - basic_machine=c90-cray - os=-unicos - ;; - cegcc) - basic_machine=arm-unknown - os=-cegcc - ;; - convex-c1) - basic_machine=c1-convex - os=-bsd - ;; - convex-c2) - basic_machine=c2-convex - os=-bsd - ;; - convex-c32) - basic_machine=c32-convex - os=-bsd - ;; - convex-c34) - basic_machine=c34-convex - os=-bsd - ;; - convex-c38) - basic_machine=c38-convex - os=-bsd - ;; - cray | j90) - basic_machine=j90-cray - os=-unicos - ;; - craynv) - basic_machine=craynv-cray - os=-unicosmp - ;; - cr16) - basic_machine=cr16-unknown - os=-elf - ;; - crds | unos) - basic_machine=m68k-crds - ;; - crisv32 | crisv32-* | etraxfs*) - basic_machine=crisv32-axis - ;; - cris | cris-* | etrax*) - basic_machine=cris-axis - ;; - crx) - basic_machine=crx-unknown - os=-elf - ;; - da30 | da30-*) - basic_machine=m68k-da30 - ;; - decstation | decstation-3100 | pmax | pmax-* | pmin | dec3100 | decstatn) - basic_machine=mips-dec - ;; - decsystem10* | dec10*) - basic_machine=pdp10-dec - os=-tops10 - ;; - decsystem20* | dec20*) - basic_machine=pdp10-dec - os=-tops20 - ;; - delta | 3300 | motorola-3300 | motorola-delta \ - | 3300-motorola | delta-motorola) - basic_machine=m68k-motorola - ;; - delta88) - basic_machine=m88k-motorola - os=-sysv3 - ;; - dicos) - basic_machine=i686-pc - os=-dicos - ;; - djgpp) - basic_machine=i586-pc - os=-msdosdjgpp - ;; - dpx20 | dpx20-*) - basic_machine=rs6000-bull - os=-bosx - ;; - dpx2* | dpx2*-bull) - basic_machine=m68k-bull - os=-sysv3 - ;; - ebmon29k) - basic_machine=a29k-amd - os=-ebmon - ;; - elxsi) - basic_machine=elxsi-elxsi - os=-bsd - ;; - encore | umax | mmax) - basic_machine=ns32k-encore - ;; - es1800 | OSE68k | ose68k | ose | OSE) - basic_machine=m68k-ericsson - os=-ose - ;; - fx2800) - basic_machine=i860-alliant - ;; - genix) - basic_machine=ns32k-ns - ;; - gmicro) - basic_machine=tron-gmicro - os=-sysv - ;; - go32) - basic_machine=i386-pc - os=-go32 - ;; - h3050r* | hiux*) - basic_machine=hppa1.1-hitachi - os=-hiuxwe2 - ;; - h8300hms) - basic_machine=h8300-hitachi - os=-hms - ;; - h8300xray) - basic_machine=h8300-hitachi - os=-xray - ;; - h8500hms) - basic_machine=h8500-hitachi - os=-hms - ;; - harris) - basic_machine=m88k-harris - os=-sysv3 - ;; - hp300-*) - basic_machine=m68k-hp - ;; - hp300bsd) - basic_machine=m68k-hp - os=-bsd - ;; - hp300hpux) - basic_machine=m68k-hp - os=-hpux - ;; - hp3k9[0-9][0-9] | hp9[0-9][0-9]) - basic_machine=hppa1.0-hp - ;; - hp9k2[0-9][0-9] | hp9k31[0-9]) - basic_machine=m68000-hp - ;; - hp9k3[2-9][0-9]) - basic_machine=m68k-hp - ;; - hp9k6[0-9][0-9] | hp6[0-9][0-9]) - basic_machine=hppa1.0-hp - ;; - hp9k7[0-79][0-9] | hp7[0-79][0-9]) - basic_machine=hppa1.1-hp - ;; - hp9k78[0-9] | hp78[0-9]) - # FIXME: really hppa2.0-hp - basic_machine=hppa1.1-hp - ;; - hp9k8[67]1 | hp8[67]1 | hp9k80[24] | hp80[24] | hp9k8[78]9 | hp8[78]9 | hp9k893 | hp893) - # FIXME: really hppa2.0-hp - basic_machine=hppa1.1-hp - ;; - hp9k8[0-9][13679] | hp8[0-9][13679]) - basic_machine=hppa1.1-hp - ;; - hp9k8[0-9][0-9] | hp8[0-9][0-9]) - basic_machine=hppa1.0-hp - ;; - hppa-next) - os=-nextstep3 - ;; - hppaosf) - basic_machine=hppa1.1-hp - os=-osf - ;; - hppro) - basic_machine=hppa1.1-hp - os=-proelf - ;; - i370-ibm* | ibm*) - basic_machine=i370-ibm - ;; -# I'm not sure what "Sysv32" means. Should this be sysv3.2? - i*86v32) - basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` - os=-sysv32 - ;; - i*86v4*) - basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` - os=-sysv4 - ;; - i*86v) - basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` - os=-sysv - ;; - i*86sol2) - basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` - os=-solaris2 - ;; - i386mach) - basic_machine=i386-mach - os=-mach - ;; - i386-vsta | vsta) - basic_machine=i386-unknown - os=-vsta - ;; - iris | iris4d) - basic_machine=mips-sgi - case $os in - -irix*) - ;; - *) - os=-irix4 - ;; - esac - ;; - isi68 | isi) - basic_machine=m68k-isi - os=-sysv - ;; - m68knommu) - basic_machine=m68k-unknown - os=-linux - ;; - m68knommu-*) - basic_machine=m68k-`echo $basic_machine | sed 's/^[^-]*-//'` - os=-linux - ;; - m88k-omron*) - basic_machine=m88k-omron - ;; - magnum | m3230) - basic_machine=mips-mips - os=-sysv - ;; - merlin) - basic_machine=ns32k-utek - os=-sysv - ;; - microblaze) - basic_machine=microblaze-xilinx - ;; - mingw32) - basic_machine=i386-pc - os=-mingw32 - ;; - mingw32ce) - basic_machine=arm-unknown - os=-mingw32ce - ;; - miniframe) - basic_machine=m68000-convergent - ;; - *mint | -mint[0-9]* | *MiNT | *MiNT[0-9]*) - basic_machine=m68k-atari - os=-mint - ;; - mips3*-*) - basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'` - ;; - mips3*) - basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`-unknown - ;; - monitor) - basic_machine=m68k-rom68k - os=-coff - ;; - morphos) - basic_machine=powerpc-unknown - os=-morphos - ;; - msdos) - basic_machine=i386-pc - os=-msdos - ;; - ms1-*) - basic_machine=`echo $basic_machine | sed -e 's/ms1-/mt-/'` - ;; - mvs) - basic_machine=i370-ibm - os=-mvs - ;; - ncr3000) - basic_machine=i486-ncr - os=-sysv4 - ;; - netbsd386) - basic_machine=i386-unknown - os=-netbsd - ;; - netwinder) - basic_machine=armv4l-rebel - os=-linux - ;; - news | news700 | news800 | news900) - basic_machine=m68k-sony - os=-newsos - ;; - news1000) - basic_machine=m68030-sony - os=-newsos - ;; - news-3600 | risc-news) - basic_machine=mips-sony - os=-newsos - ;; - necv70) - basic_machine=v70-nec - os=-sysv - ;; - next | m*-next ) - basic_machine=m68k-next - case $os in - -nextstep* ) - ;; - -ns2*) - os=-nextstep2 - ;; - *) - os=-nextstep3 - ;; - esac - ;; - nh3000) - basic_machine=m68k-harris - os=-cxux - ;; - nh[45]000) - basic_machine=m88k-harris - os=-cxux - ;; - nindy960) - basic_machine=i960-intel - os=-nindy - ;; - mon960) - basic_machine=i960-intel - os=-mon960 - ;; - nonstopux) - basic_machine=mips-compaq - os=-nonstopux - ;; - np1) - basic_machine=np1-gould - ;; - nsr-tandem) - basic_machine=nsr-tandem - ;; - op50n-* | op60c-*) - basic_machine=hppa1.1-oki - os=-proelf - ;; - openrisc | openrisc-*) - basic_machine=or32-unknown - ;; - os400) - basic_machine=powerpc-ibm - os=-os400 - ;; - OSE68000 | ose68000) - basic_machine=m68000-ericsson - os=-ose - ;; - os68k) - basic_machine=m68k-none - os=-os68k - ;; - pa-hitachi) - basic_machine=hppa1.1-hitachi - os=-hiuxwe2 - ;; - paragon) - basic_machine=i860-intel - os=-osf - ;; - parisc) - basic_machine=hppa-unknown - os=-linux - ;; - parisc-*) - basic_machine=hppa-`echo $basic_machine | sed 's/^[^-]*-//'` - os=-linux - ;; - pbd) - basic_machine=sparc-tti - ;; - pbb) - basic_machine=m68k-tti - ;; - pc532 | pc532-*) - basic_machine=ns32k-pc532 - ;; - pc98) - basic_machine=i386-pc - ;; - pc98-*) - basic_machine=i386-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - pentium | p5 | k5 | k6 | nexgen | viac3) - basic_machine=i586-pc - ;; - pentiumpro | p6 | 6x86 | athlon | athlon_*) - basic_machine=i686-pc - ;; - pentiumii | pentium2 | pentiumiii | pentium3) - basic_machine=i686-pc - ;; - pentium4) - basic_machine=i786-pc - ;; - pentium-* | p5-* | k5-* | k6-* | nexgen-* | viac3-*) - basic_machine=i586-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - pentiumpro-* | p6-* | 6x86-* | athlon-*) - basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - pentiumii-* | pentium2-* | pentiumiii-* | pentium3-*) - basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - pentium4-*) - basic_machine=i786-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - pn) - basic_machine=pn-gould - ;; - power) basic_machine=power-ibm - ;; - ppc) basic_machine=powerpc-unknown - ;; - ppc-*) basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - ppcle | powerpclittle | ppc-le | powerpc-little) - basic_machine=powerpcle-unknown - ;; - ppcle-* | powerpclittle-*) - basic_machine=powerpcle-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - ppc64) basic_machine=powerpc64-unknown - ;; - ppc64-*) basic_machine=powerpc64-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - ppc64le | powerpc64little | ppc64-le | powerpc64-little) - basic_machine=powerpc64le-unknown - ;; - ppc64le-* | powerpc64little-*) - basic_machine=powerpc64le-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - ps2) - basic_machine=i386-ibm - ;; - pw32) - basic_machine=i586-unknown - os=-pw32 - ;; - rdos) - basic_machine=i386-pc - os=-rdos - ;; - rom68k) - basic_machine=m68k-rom68k - os=-coff - ;; - rm[46]00) - basic_machine=mips-siemens - ;; - rtpc | rtpc-*) - basic_machine=romp-ibm - ;; - s390 | s390-*) - basic_machine=s390-ibm - ;; - s390x | s390x-*) - basic_machine=s390x-ibm - ;; - sa29200) - basic_machine=a29k-amd - os=-udi - ;; - sb1) - basic_machine=mipsisa64sb1-unknown - ;; - sb1el) - basic_machine=mipsisa64sb1el-unknown - ;; - sde) - basic_machine=mipsisa32-sde - os=-elf - ;; - sei) - basic_machine=mips-sei - os=-seiux - ;; - sequent) - basic_machine=i386-sequent - ;; - sh) - basic_machine=sh-hitachi - os=-hms - ;; - sh5el) - basic_machine=sh5le-unknown - ;; - sh64) - basic_machine=sh64-unknown - ;; - sparclite-wrs | simso-wrs) - basic_machine=sparclite-wrs - os=-vxworks - ;; - sps7) - basic_machine=m68k-bull - os=-sysv2 - ;; - spur) - basic_machine=spur-unknown - ;; - st2000) - basic_machine=m68k-tandem - ;; - stratus) - basic_machine=i860-stratus - os=-sysv4 - ;; - sun2) - basic_machine=m68000-sun - ;; - sun2os3) - basic_machine=m68000-sun - os=-sunos3 - ;; - sun2os4) - basic_machine=m68000-sun - os=-sunos4 - ;; - sun3os3) - basic_machine=m68k-sun - os=-sunos3 - ;; - sun3os4) - basic_machine=m68k-sun - os=-sunos4 - ;; - sun4os3) - basic_machine=sparc-sun - os=-sunos3 - ;; - sun4os4) - basic_machine=sparc-sun - os=-sunos4 - ;; - sun4sol2) - basic_machine=sparc-sun - os=-solaris2 - ;; - sun3 | sun3-*) - basic_machine=m68k-sun - ;; - sun4) - basic_machine=sparc-sun - ;; - sun386 | sun386i | roadrunner) - basic_machine=i386-sun - ;; - sv1) - basic_machine=sv1-cray - os=-unicos - ;; - symmetry) - basic_machine=i386-sequent - os=-dynix - ;; - t3e) - basic_machine=alphaev5-cray - os=-unicos - ;; - t90) - basic_machine=t90-cray - os=-unicos - ;; - tic54x | c54x*) - basic_machine=tic54x-unknown - os=-coff - ;; - tic55x | c55x*) - basic_machine=tic55x-unknown - os=-coff - ;; - tic6x | c6x*) - basic_machine=tic6x-unknown - os=-coff - ;; - # This must be matched before tile*. - tilegx*) - basic_machine=tilegx-unknown - os=-linux-gnu - ;; - tile*) - basic_machine=tile-unknown - os=-linux-gnu - ;; - tx39) - basic_machine=mipstx39-unknown - ;; - tx39el) - basic_machine=mipstx39el-unknown - ;; - toad1) - basic_machine=pdp10-xkl - os=-tops20 - ;; - tower | tower-32) - basic_machine=m68k-ncr - ;; - tpf) - basic_machine=s390x-ibm - os=-tpf - ;; - udi29k) - basic_machine=a29k-amd - os=-udi - ;; - ultra3) - basic_machine=a29k-nyu - os=-sym1 - ;; - v810 | necv810) - basic_machine=v810-nec - os=-none - ;; - vaxv) - basic_machine=vax-dec - os=-sysv - ;; - vms) - basic_machine=vax-dec - os=-vms - ;; - vpp*|vx|vx-*) - basic_machine=f301-fujitsu - ;; - vxworks960) - basic_machine=i960-wrs - os=-vxworks - ;; - vxworks68) - basic_machine=m68k-wrs - os=-vxworks - ;; - vxworks29k) - basic_machine=a29k-wrs - os=-vxworks - ;; - w65*) - basic_machine=w65-wdc - os=-none - ;; - w89k-*) - basic_machine=hppa1.1-winbond - os=-proelf - ;; - xbox) - basic_machine=i686-pc - os=-mingw32 - ;; - xps | xps100) - basic_machine=xps100-honeywell - ;; - ymp) - basic_machine=ymp-cray - os=-unicos - ;; - z8k-*-coff) - basic_machine=z8k-unknown - os=-sim - ;; - z80-*-coff) - basic_machine=z80-unknown - os=-sim - ;; - none) - basic_machine=none-none - os=-none - ;; - -# Here we handle the default manufacturer of certain CPU types. It is in -# some cases the only manufacturer, in others, it is the most popular. - w89k) - basic_machine=hppa1.1-winbond - ;; - op50n) - basic_machine=hppa1.1-oki - ;; - op60c) - basic_machine=hppa1.1-oki - ;; - romp) - basic_machine=romp-ibm - ;; - mmix) - basic_machine=mmix-knuth - ;; - rs6000) - basic_machine=rs6000-ibm - ;; - vax) - basic_machine=vax-dec - ;; - pdp10) - # there are many clones, so DEC is not a safe bet - basic_machine=pdp10-unknown - ;; - pdp11) - basic_machine=pdp11-dec - ;; - we32k) - basic_machine=we32k-att - ;; - sh[1234] | sh[24]a | sh[24]aeb | sh[34]eb | sh[1234]le | sh[23]ele) - basic_machine=sh-unknown - ;; - sparc | sparcv8 | sparcv9 | sparcv9b | sparcv9v) - basic_machine=sparc-sun - ;; - cydra) - basic_machine=cydra-cydrome - ;; - orion) - basic_machine=orion-highlevel - ;; - orion105) - basic_machine=clipper-highlevel - ;; - mac | mpw | mac-mpw) - basic_machine=m68k-apple - ;; - pmac | pmac-mpw) - basic_machine=powerpc-apple - ;; - *-unknown) - # Make sure to match an already-canonicalized machine name. - ;; - *) - echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2 - exit 1 - ;; -esac - -# Here we canonicalize certain aliases for manufacturers. -case $basic_machine in - *-digital*) - basic_machine=`echo $basic_machine | sed 's/digital.*/dec/'` - ;; - *-commodore*) - basic_machine=`echo $basic_machine | sed 's/commodore.*/cbm/'` - ;; - *) - ;; -esac - -# Decode manufacturer-specific aliases for certain operating systems. - -if [ x"$os" != x"" ] -then -case $os in - # First match some system type aliases - # that might get confused with valid system types. - # -solaris* is a basic system type, with this one exception. - -auroraux) - os=-auroraux - ;; - -solaris1 | -solaris1.*) - os=`echo $os | sed -e 's|solaris1|sunos4|'` - ;; - -solaris) - os=-solaris2 - ;; - -svr4*) - os=-sysv4 - ;; - -unixware*) - os=-sysv4.2uw - ;; - -gnu/linux*) - os=`echo $os | sed -e 's|gnu/linux|linux-gnu|'` - ;; - # First accept the basic system types. - # The portable systems comes first. - # Each alternative MUST END IN A *, to match a version number. - # -sysv* is not here because it comes later, after sysvr4. - -gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \ - | -*vms* | -sco* | -esix* | -isc* | -aix* | -cnk* | -sunos | -sunos[34]*\ - | -hpux* | -unos* | -osf* | -luna* | -dgux* | -auroraux* | -solaris* \ - | -sym* | -kopensolaris* \ - | -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \ - | -aos* | -aros* \ - | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \ - | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \ - | -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* \ - | -openbsd* | -solidbsd* \ - | -ekkobsd* | -kfreebsd* | -freebsd* | -riscix* | -lynxos* \ - | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \ - | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \ - | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \ - | -chorusos* | -chorusrdb* | -cegcc* \ - | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ - | -mingw32* | -linux-gnu* | -linux-newlib* | -linux-uclibc* \ - | -uxpv* | -beos* | -mpeix* | -udk* \ - | -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \ - | -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \ - | -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \ - | -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \ - | -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \ - | -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \ - | -skyos* | -haiku* | -rdos* | -toppers* | -drops* | -es*) - # Remember, each alternative MUST END IN *, to match a version number. - ;; - -qnx*) - case $basic_machine in - x86-* | i*86-*) - ;; - *) - os=-nto$os - ;; - esac - ;; - -nto-qnx*) - ;; - -nto*) - os=`echo $os | sed -e 's|nto|nto-qnx|'` - ;; - -sim | -es1800* | -hms* | -xray | -os68k* | -none* | -v88r* \ - | -windows* | -osx | -abug | -netware* | -os9* | -beos* | -haiku* \ - | -macos* | -mpw* | -magic* | -mmixware* | -mon960* | -lnews*) - ;; - -mac*) - os=`echo $os | sed -e 's|mac|macos|'` - ;; - -linux-dietlibc) - os=-linux-dietlibc - ;; - -linux*) - os=`echo $os | sed -e 's|linux|linux-gnu|'` - ;; - -sunos5*) - os=`echo $os | sed -e 's|sunos5|solaris2|'` - ;; - -sunos6*) - os=`echo $os | sed -e 's|sunos6|solaris3|'` - ;; - -opened*) - os=-openedition - ;; - -os400*) - os=-os400 - ;; - -wince*) - os=-wince - ;; - -osfrose*) - os=-osfrose - ;; - -osf*) - os=-osf - ;; - -utek*) - os=-bsd - ;; - -dynix*) - os=-bsd - ;; - -acis*) - os=-aos - ;; - -atheos*) - os=-atheos - ;; - -syllable*) - os=-syllable - ;; - -386bsd) - os=-bsd - ;; - -ctix* | -uts*) - os=-sysv - ;; - -nova*) - os=-rtmk-nova - ;; - -ns2 ) - os=-nextstep2 - ;; - -nsk*) - os=-nsk - ;; - # Preserve the version number of sinix5. - -sinix5.*) - os=`echo $os | sed -e 's|sinix|sysv|'` - ;; - -sinix*) - os=-sysv4 - ;; - -tpf*) - os=-tpf - ;; - -triton*) - os=-sysv3 - ;; - -oss*) - os=-sysv3 - ;; - -svr4) - os=-sysv4 - ;; - -svr3) - os=-sysv3 - ;; - -sysvr4) - os=-sysv4 - ;; - # This must come after -sysvr4. - -sysv*) - ;; - -ose*) - os=-ose - ;; - -es1800*) - os=-ose - ;; - -xenix) - os=-xenix - ;; - -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) - os=-mint - ;; - -aros*) - os=-aros - ;; - -kaos*) - os=-kaos - ;; - -zvmoe) - os=-zvmoe - ;; - -dicos*) - os=-dicos - ;; - -nacl*) - ;; - -none) - ;; - *) - # Get rid of the `-' at the beginning of $os. - os=`echo $os | sed 's/[^-]*-//'` - echo Invalid configuration \`$1\': system \`$os\' not recognized 1>&2 - exit 1 - ;; -esac -else - -# Here we handle the default operating systems that come with various machines. -# The value should be what the vendor currently ships out the door with their -# machine or put another way, the most popular os provided with the machine. - -# Note that if you're going to try to match "-MANUFACTURER" here (say, -# "-sun"), then you have to tell the case statement up towards the top -# that MANUFACTURER isn't an operating system. Otherwise, code above -# will signal an error saying that MANUFACTURER isn't an operating -# system, and we'll never get to this point. - -case $basic_machine in - score-*) - os=-elf - ;; - spu-*) - os=-elf - ;; - *-acorn) - os=-riscix1.2 - ;; - arm*-rebel) - os=-linux - ;; - arm*-semi) - os=-aout - ;; - c4x-* | tic4x-*) - os=-coff - ;; - # This must come before the *-dec entry. - pdp10-*) - os=-tops20 - ;; - pdp11-*) - os=-none - ;; - *-dec | vax-*) - os=-ultrix4.2 - ;; - m68*-apollo) - os=-domain - ;; - i386-sun) - os=-sunos4.0.2 - ;; - m68000-sun) - os=-sunos3 - # This also exists in the configure program, but was not the - # default. - # os=-sunos4 - ;; - m68*-cisco) - os=-aout - ;; - mep-*) - os=-elf - ;; - mips*-cisco) - os=-elf - ;; - mips*-*) - os=-elf - ;; - or32-*) - os=-coff - ;; - *-tti) # must be before sparc entry or we get the wrong os. - os=-sysv3 - ;; - sparc-* | *-sun) - os=-sunos4.1.1 - ;; - *-be) - os=-beos - ;; - *-haiku) - os=-haiku - ;; - *-ibm) - os=-aix - ;; - *-knuth) - os=-mmixware - ;; - *-wec) - os=-proelf - ;; - *-winbond) - os=-proelf - ;; - *-oki) - os=-proelf - ;; - *-hp) - os=-hpux - ;; - *-hitachi) - os=-hiux - ;; - i860-* | *-att | *-ncr | *-altos | *-motorola | *-convergent) - os=-sysv - ;; - *-cbm) - os=-amigaos - ;; - *-dg) - os=-dgux - ;; - *-dolphin) - os=-sysv3 - ;; - m68k-ccur) - os=-rtu - ;; - m88k-omron*) - os=-luna - ;; - *-next ) - os=-nextstep - ;; - *-sequent) - os=-ptx - ;; - *-crds) - os=-unos - ;; - *-ns) - os=-genix - ;; - i370-*) - os=-mvs - ;; - *-next) - os=-nextstep3 - ;; - *-gould) - os=-sysv - ;; - *-highlevel) - os=-bsd - ;; - *-encore) - os=-bsd - ;; - *-sgi) - os=-irix - ;; - *-siemens) - os=-sysv4 - ;; - *-masscomp) - os=-rtu - ;; - f30[01]-fujitsu | f700-fujitsu) - os=-uxpv - ;; - *-rom68k) - os=-coff - ;; - *-*bug) - os=-coff - ;; - *-apple) - os=-macos - ;; - *-atari*) - os=-mint - ;; - *) - os=-none - ;; -esac -fi - -# Here we handle the case where we know the os, and the CPU type, but not the -# manufacturer. We pick the logical manufacturer. -vendor=unknown -case $basic_machine in - *-unknown) - case $os in - -riscix*) - vendor=acorn - ;; - -sunos*) - vendor=sun - ;; - -cnk*|-aix*) - vendor=ibm - ;; - -beos*) - vendor=be - ;; - -hpux*) - vendor=hp - ;; - -mpeix*) - vendor=hp - ;; - -hiux*) - vendor=hitachi - ;; - -unos*) - vendor=crds - ;; - -dgux*) - vendor=dg - ;; - -luna*) - vendor=omron - ;; - -genix*) - vendor=ns - ;; - -mvs* | -opened*) - vendor=ibm - ;; - -os400*) - vendor=ibm - ;; - -ptx*) - vendor=sequent - ;; - -tpf*) - vendor=ibm - ;; - -vxsim* | -vxworks* | -windiss*) - vendor=wrs - ;; - -aux*) - vendor=apple - ;; - -hms*) - vendor=hitachi - ;; - -mpw* | -macos*) - vendor=apple - ;; - -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) - vendor=atari - ;; - -vos*) - vendor=stratus - ;; - esac - basic_machine=`echo $basic_machine | sed "s/unknown/$vendor/"` - ;; -esac - -echo $basic_machine$os -exit - -# Local variables: -# eval: (add-hook 'write-file-hooks 'time-stamp) -# time-stamp-start: "timestamp='" -# time-stamp-format: "%:y-%02m-%02d" -# time-stamp-end: "'" -# End: diff -r e1d7053e4d45 -r 76dce3b9468e tools/configure --- a/tools/configure Fri Jan 18 10:55:47 2013 +0000 +++ b/tools/configure Fri Jan 18 10:55:48 2013 +0000 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.67 for Xen Hypervisor 4.3. +# Generated by GNU Autoconf 2.67 for Xen Hypervisor Tools 4.3. # # Report bugs to . # @@ -550,10 +550,10 @@ MFLAGS= MAKEFLAGS= # Identity of this package. -PACKAGE_NAME='Xen Hypervisor' +PACKAGE_NAME='Xen Hypervisor Tools' PACKAGE_TARNAME='xen' PACKAGE_VERSION='4.3' -PACKAGE_STRING='Xen Hypervisor 4.3' +PACKAGE_STRING='Xen Hypervisor Tools 4.3' PACKAGE_BUGREPORT='xen-devel@lists.xen.org' PACKAGE_URL='http://www.xen.org/' @@ -1302,7 +1302,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures Xen Hypervisor 4.3 to adapt to many kinds of systems. +\`configure' configures Xen Hypervisor Tools 4.3 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1367,7 +1367,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of Xen Hypervisor 4.3:";; + short | recursive ) echo "Configuration of Xen Hypervisor Tools 4.3:";; esac cat <<\_ACEOF @@ -1427,7 +1427,7 @@ Use these variables to override the choi it to find libraries and programs with nonstandard names/locations. Report bugs to . -Xen Hypervisor home page: . +Xen Hypervisor Tools home page: . _ACEOF ac_status=$? fi @@ -1490,7 +1490,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -Xen Hypervisor configure 4.3 +Xen Hypervisor Tools configure 4.3 generated by GNU Autoconf 2.67 Copyright (C) 2010 Free Software Foundation, Inc. @@ -1792,7 +1792,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by Xen Hypervisor $as_me 4.3, which was +It was created by Xen Hypervisor Tools $as_me 4.3, which was generated by GNU Autoconf 2.67. Invocation command line was $ $0 $@ @@ -2147,7 +2147,7 @@ ac_config_headers="$ac_config_headers co ac_aux_dir= -for ac_dir in . "$srcdir"/.; do +for ac_dir in ../ "$srcdir"/../; do if test -f "$ac_dir/install-sh"; then ac_aux_dir=$ac_dir ac_install_sh="$ac_aux_dir/install-sh -c" @@ -2163,7 +2163,7 @@ for ac_dir in . "$srcdir"/.; do fi done if test -z "$ac_aux_dir"; then - as_fn_error $? "cannot find install-sh, install.sh, or shtool in . \"$srcdir\"/." "$LINENO" 5 + as_fn_error $? "cannot find install-sh, install.sh, or shtool in ../ \"$srcdir\"/../" "$LINENO" 5 fi # These three variables are undocumented and unsupported, @@ -7346,7 +7346,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_wri # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by Xen Hypervisor $as_me 4.3, which was +This file was extended by Xen Hypervisor Tools $as_me 4.3, which was generated by GNU Autoconf 2.67. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -7403,13 +7403,13 @@ Configuration headers: $config_headers Report bugs to . -Xen Hypervisor home page: ." +Xen Hypervisor Tools home page: ." _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -Xen Hypervisor config.status 4.3 +Xen Hypervisor Tools config.status 4.3 configured by $0, generated by GNU Autoconf 2.67, with options \\"\$ac_cs_config\\" diff -r e1d7053e4d45 -r 76dce3b9468e tools/configure.ac --- a/tools/configure.ac Fri Jan 18 10:55:47 2013 +0000 +++ b/tools/configure.ac Fri Jan 18 10:55:48 2013 +0000 @@ -2,13 +2,13 @@ # Process this file with autoconf to produce a configure script. AC_PREREQ([2.67]) -AC_INIT([Xen Hypervisor], m4_esyscmd([../version.sh ../xen/Makefile]), +AC_INIT([Xen Hypervisor Tools], m4_esyscmd([../version.sh ../xen/Makefile]), [xen-devel@lists.xen.org], [xen], [http://www.xen.org/]) AC_CONFIG_SRCDIR([libxl/libxl.c]) AC_CONFIG_FILES([../config/Tools.mk]) AC_CONFIG_HEADERS([config.h]) AC_PREFIX_DEFAULT([/usr]) -AC_CONFIG_AUX_DIR([.]) +AC_CONFIG_AUX_DIR([../]) # Check if CFLAGS, LDFLAGS, LIBS, CPPFLAGS or CPP is set and print a warning diff -r e1d7053e4d45 -r 76dce3b9468e tools/install.sh --- a/tools/install.sh Fri Jan 18 10:55:47 2013 +0000 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,1 +0,0 @@ -../install.sh \ No newline at end of file _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:34:41 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:34:41 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPwv-0001jA-BZ; Mon, 21 Jan 2013 22:34:41 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPwu-0001is-FL for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:34:40 +0000 Received: from [85.158.139.211:43521] by server-10.bemta-5.messagelabs.com id 56/69-11507-F72CDF05; Mon, 21 Jan 2013 22:34:39 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-16.tower-206.messagelabs.com!1358807677!19132170!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 19763 invoked from network); 21 Jan 2013 22:34:38 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-16.tower-206.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:34:38 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvZ-0005gS-Lz for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:17 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPvZ-0003k3-IQ for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:17 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:17 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] device-tree: get_val cannot cope with cells > 2, add early_panic X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1358772028 0 # Node ID 85aaa7a64131f59f374028ece7eb6746bc8779cc # Parent 7962cb743400de7c155522f6bf7f4cd25f09b093 device-tree: get_val cannot cope with cells > 2, add early_panic Signed-off-by: Ian Campbell Acked-by: Tim Deegan Committed-by: Ian Campbell --- diff -r 7962cb743400 -r 85aaa7a64131 xen/common/device_tree.c --- a/xen/common/device_tree.c Mon Jan 21 12:40:27 2013 +0000 +++ b/xen/common/device_tree.c Mon Jan 21 12:40:28 2013 +0000 @@ -84,6 +84,9 @@ static void __init get_val(const u32 **c { *val = 0; + if ( cells > 2 ) + early_panic("dtb value contains > 2 cells\n"); + while ( cells-- ) { *val <<= 32; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 21 22:34:41 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 21 Jan 2013 22:34:41 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPwv-0001jA-BZ; Mon, 21 Jan 2013 22:34:41 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPwu-0001is-FL for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:34:40 +0000 Received: from [85.158.139.211:43521] by server-10.bemta-5.messagelabs.com id 56/69-11507-F72CDF05; Mon, 21 Jan 2013 22:34:39 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-16.tower-206.messagelabs.com!1358807677!19132170!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 19763 invoked from network); 21 Jan 2013 22:34:38 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-16.tower-206.messagelabs.com with AES256-SHA encrypted SMTP; 21 Jan 2013 22:34:38 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxPvZ-0005gS-Lz for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:17 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxPvZ-0003k3-IQ for xen-changelog@lists.xensource.com; Mon, 21 Jan 2013 22:33:17 +0000 Message-Id: Date: Mon, 21 Jan 2013 22:33:17 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] device-tree: get_val cannot cope with cells > 2, add early_panic X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1358772028 0 # Node ID 85aaa7a64131f59f374028ece7eb6746bc8779cc # Parent 7962cb743400de7c155522f6bf7f4cd25f09b093 device-tree: get_val cannot cope with cells > 2, add early_panic Signed-off-by: Ian Campbell Acked-by: Tim Deegan Committed-by: Ian Campbell --- diff -r 7962cb743400 -r 85aaa7a64131 xen/common/device_tree.c --- a/xen/common/device_tree.c Mon Jan 21 12:40:27 2013 +0000 +++ b/xen/common/device_tree.c Mon Jan 21 12:40:28 2013 +0000 @@ -84,6 +84,9 @@ static void __init get_val(const u32 **c { *val = 0; + if ( cells > 2 ) + early_panic("dtb value contains > 2 cells\n"); + while ( cells-- ) { *val <<= 32; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 22 05:11:20 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 22 Jan 2013 05:11:20 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxW8g-00012I-VR; Tue, 22 Jan 2013 05:11:14 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxW8f-00012C-H4 for xen-changelog@lists.xensource.com; Tue, 22 Jan 2013 05:11:13 +0000 Received: from [193.109.254.147:27605] by server-12.bemta-14.messagelabs.com id 11/78-20034-07F1EF05; Tue, 22 Jan 2013 05:11:12 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-6.tower-27.messagelabs.com!1358831468!3853125!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 26939 invoked from network); 22 Jan 2013 05:11:10 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-6.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 22 Jan 2013 05:11:10 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxW8a-0000KA-GV for xen-changelog@lists.xensource.com; Tue, 22 Jan 2013 05:11:08 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxW8a-0005Do-08 for xen-changelog@lists.xensource.com; Tue, 22 Jan 2013 05:11:08 +0000 Message-Id: Date: Tue, 22 Jan 2013 05:11:07 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen arm: add XSM hooks to arch_memory_op X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1358787790 0 # Node ID 4b476378fc35e776196c29dc0e24b71529393a4c # Parent 0369fd99e9529bedcd72539575cd04a279765137 xen arm: add XSM hooks to arch_memory_op Treat XENMEM_add_to_physmap_range the same as XENMEM_add_to_physmap. Reported-by: Lars Rasmusson Signed-off-by: Ian Campbell Acked-by: Stefano Stabellini Acked-by: Keir Fraser Committed-by: Ian Campbell --- diff -r 0369fd99e952 -r 4b476378fc35 xen/arch/arm/mm.c --- a/xen/arch/arm/mm.c Mon Jan 21 16:04:56 2013 +0000 +++ b/xen/arch/arm/mm.c Mon Jan 21 17:03:10 2013 +0000 @@ -35,6 +35,7 @@ #include #include #include +#include struct domain *dom_xen, *dom_io, *dom_cow; @@ -655,6 +656,13 @@ long arch_memory_op(int op, XEN_GUEST_HA if ( rc != 0 ) return rc; + rc = xsm_add_to_physmap(XSM_TARGET, current->domain, d); + if ( rc ) + { + rcu_unlock_domain(d); + return rc; + } + rc = xenmem_add_to_physmap_one(d, xatp.space, DOMID_INVALID, xatp.idx, xatp.gpfn); @@ -675,6 +683,13 @@ long arch_memory_op(int op, XEN_GUEST_HA if ( rc != 0 ) return rc; + rc = xsm_add_to_physmap(XSM_TARGET, current->domain, d); + if ( rc ) + { + rcu_unlock_domain(d); + return rc; + } + rc = xenmem_add_to_physmap_range(d, &xatpr); rcu_unlock_domain(d); diff -r 0369fd99e952 -r 4b476378fc35 xen/include/xsm/dummy.h --- a/xen/include/xsm/dummy.h Mon Jan 21 16:04:56 2013 +0000 +++ b/xen/include/xsm/dummy.h Mon Jan 21 17:03:10 2013 +0000 @@ -443,6 +443,18 @@ static XSM_INLINE int xsm_pci_config_per return xsm_default_action(action, current->domain, d); } +static XSM_INLINE int xsm_add_to_physmap(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) +{ + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d1, d2); +} + +static XSM_INLINE int xsm_remove_from_physmap(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) +{ + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d1, d2); +} + #ifdef CONFIG_X86 static XSM_INLINE int xsm_shadow_control(XSM_DEFAULT_ARG struct domain *d, uint32_t op) { @@ -544,18 +556,6 @@ static XSM_INLINE int xsm_update_va_mapp return xsm_default_action(action, d, f); } -static XSM_INLINE int xsm_add_to_physmap(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) -{ - XSM_ASSERT_ACTION(XSM_TARGET); - return xsm_default_action(action, d1, d2); -} - -static XSM_INLINE int xsm_remove_from_physmap(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) -{ - XSM_ASSERT_ACTION(XSM_TARGET); - return xsm_default_action(action, d1, d2); -} - static XSM_INLINE int xsm_bind_pt_irq(XSM_DEFAULT_ARG struct domain *d, struct xen_domctl_bind_pt_irq *bind) { XSM_ASSERT_ACTION(XSM_HOOK); diff -r 0369fd99e952 -r 4b476378fc35 xen/include/xsm/xsm.h --- a/xen/include/xsm/xsm.h Mon Jan 21 16:04:56 2013 +0000 +++ b/xen/include/xsm/xsm.h Mon Jan 21 17:03:10 2013 +0000 @@ -90,6 +90,7 @@ struct xsm_operations { int (*memory_adjust_reservation) (struct domain *d1, struct domain *d2); int (*memory_stat_reservation) (struct domain *d1, struct domain *d2); int (*memory_pin_page) (struct domain *d1, struct domain *d2, struct page_info *page); + int (*add_to_physmap) (struct domain *d1, struct domain *d2); int (*remove_from_physmap) (struct domain *d1, struct domain *d2); int (*console_io) (struct domain *d, int cmd); @@ -149,7 +150,6 @@ struct xsm_operations { struct domain *f, uint32_t flags); int (*mmuext_op) (struct domain *d, struct domain *f); int (*update_va_mapping) (struct domain *d, struct domain *f, l1_pgentry_t pte); - int (*add_to_physmap) (struct domain *d1, struct domain *d2); int (*bind_pt_irq) (struct domain *d, struct xen_domctl_bind_pt_irq *bind); int (*unbind_pt_irq) (struct domain *d, struct xen_domctl_bind_pt_irq *bind); int (*ioport_permission) (struct domain *d, uint32_t s, uint32_t e, uint8_t allow); @@ -335,6 +335,11 @@ static inline int xsm_memory_pin_page(xs return xsm_ops->memory_pin_page(d1, d2, page); } +static inline int xsm_add_to_physmap(xsm_default_t def, struct domain *d1, struct domain *d2) +{ + return xsm_ops->add_to_physmap(d1, d2); +} + static inline int xsm_remove_from_physmap(xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->remove_from_physmap(d1, d2); @@ -558,11 +563,6 @@ static inline int xsm_update_va_mapping( return xsm_ops->update_va_mapping(d, f, pte); } -static inline int xsm_add_to_physmap(xsm_default_t def, struct domain *d1, struct domain *d2) -{ - return xsm_ops->add_to_physmap(d1, d2); -} - static inline int xsm_bind_pt_irq(xsm_default_t def, struct domain *d, struct xen_domctl_bind_pt_irq *bind) { diff -r 0369fd99e952 -r 4b476378fc35 xen/xsm/dummy.c --- a/xen/xsm/dummy.c Mon Jan 21 16:04:56 2013 +0000 +++ b/xen/xsm/dummy.c Mon Jan 21 17:03:10 2013 +0000 @@ -101,6 +101,9 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, do_xsm_op); + set_to_dummy_if_null(ops, add_to_physmap); + set_to_dummy_if_null(ops, remove_from_physmap); + #ifdef CONFIG_X86 set_to_dummy_if_null(ops, shadow_control); set_to_dummy_if_null(ops, hvm_param); @@ -118,8 +121,6 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, mmu_update); set_to_dummy_if_null(ops, mmuext_op); set_to_dummy_if_null(ops, update_va_mapping); - set_to_dummy_if_null(ops, add_to_physmap); - set_to_dummy_if_null(ops, remove_from_physmap); set_to_dummy_if_null(ops, bind_pt_irq); set_to_dummy_if_null(ops, unbind_pt_irq); set_to_dummy_if_null(ops, ioport_permission); diff -r 0369fd99e952 -r 4b476378fc35 xen/xsm/flask/hooks.c --- a/xen/xsm/flask/hooks.c Mon Jan 21 16:04:56 2013 +0000 +++ b/xen/xsm/flask/hooks.c Mon Jan 21 17:03:10 2013 +0000 @@ -1055,6 +1055,16 @@ static inline int flask_tmem_control(voi return domain_has_xen(current->domain, XEN__TMEM_CONTROL); } +static int flask_add_to_physmap(struct domain *d1, struct domain *d2) +{ + return domain_has_perm(d1, d2, SECCLASS_MMU, MMU__PHYSMAP); +} + +static int flask_remove_from_physmap(struct domain *d1, struct domain *d2) +{ + return domain_has_perm(d1, d2, SECCLASS_MMU, MMU__PHYSMAP); +} + #ifdef CONFIG_X86 static int flask_shadow_control(struct domain *d, uint32_t op) { @@ -1325,16 +1335,6 @@ static int flask_update_va_mapping(struc return domain_has_perm(d, f, SECCLASS_MMU, map_perms); } -static int flask_add_to_physmap(struct domain *d1, struct domain *d2) -{ - return domain_has_perm(d1, d2, SECCLASS_MMU, MMU__PHYSMAP); -} - -static int flask_remove_from_physmap(struct domain *d1, struct domain *d2) -{ - return domain_has_perm(d1, d2, SECCLASS_MMU, MMU__PHYSMAP); -} - static int flask_get_device_group(uint32_t machine_bdf) { u32 rsid; @@ -1501,6 +1501,9 @@ static struct xsm_operations flask_ops = .do_xsm_op = do_flask_op, + .add_to_physmap = flask_add_to_physmap, + .remove_from_physmap = flask_remove_from_physmap, + #ifdef CONFIG_X86 .shadow_control = flask_shadow_control, .hvm_param = flask_hvm_param, @@ -1518,8 +1521,6 @@ static struct xsm_operations flask_ops = .mmu_update = flask_mmu_update, .mmuext_op = flask_mmuext_op, .update_va_mapping = flask_update_va_mapping, - .add_to_physmap = flask_add_to_physmap, - .remove_from_physmap = flask_remove_from_physmap, .get_device_group = flask_get_device_group, .test_assign_device = flask_test_assign_device, .assign_device = flask_assign_device, _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 22 05:11:20 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 22 Jan 2013 05:11:20 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxW8g-00012I-VR; Tue, 22 Jan 2013 05:11:14 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxW8f-00012C-H4 for xen-changelog@lists.xensource.com; Tue, 22 Jan 2013 05:11:13 +0000 Received: from [193.109.254.147:27605] by server-12.bemta-14.messagelabs.com id 11/78-20034-07F1EF05; Tue, 22 Jan 2013 05:11:12 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-6.tower-27.messagelabs.com!1358831468!3853125!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 26939 invoked from network); 22 Jan 2013 05:11:10 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-6.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 22 Jan 2013 05:11:10 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxW8a-0000KA-GV for xen-changelog@lists.xensource.com; Tue, 22 Jan 2013 05:11:08 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxW8a-0005Do-08 for xen-changelog@lists.xensource.com; Tue, 22 Jan 2013 05:11:08 +0000 Message-Id: Date: Tue, 22 Jan 2013 05:11:07 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] xen arm: add XSM hooks to arch_memory_op X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1358787790 0 # Node ID 4b476378fc35e776196c29dc0e24b71529393a4c # Parent 0369fd99e9529bedcd72539575cd04a279765137 xen arm: add XSM hooks to arch_memory_op Treat XENMEM_add_to_physmap_range the same as XENMEM_add_to_physmap. Reported-by: Lars Rasmusson Signed-off-by: Ian Campbell Acked-by: Stefano Stabellini Acked-by: Keir Fraser Committed-by: Ian Campbell --- diff -r 0369fd99e952 -r 4b476378fc35 xen/arch/arm/mm.c --- a/xen/arch/arm/mm.c Mon Jan 21 16:04:56 2013 +0000 +++ b/xen/arch/arm/mm.c Mon Jan 21 17:03:10 2013 +0000 @@ -35,6 +35,7 @@ #include #include #include +#include struct domain *dom_xen, *dom_io, *dom_cow; @@ -655,6 +656,13 @@ long arch_memory_op(int op, XEN_GUEST_HA if ( rc != 0 ) return rc; + rc = xsm_add_to_physmap(XSM_TARGET, current->domain, d); + if ( rc ) + { + rcu_unlock_domain(d); + return rc; + } + rc = xenmem_add_to_physmap_one(d, xatp.space, DOMID_INVALID, xatp.idx, xatp.gpfn); @@ -675,6 +683,13 @@ long arch_memory_op(int op, XEN_GUEST_HA if ( rc != 0 ) return rc; + rc = xsm_add_to_physmap(XSM_TARGET, current->domain, d); + if ( rc ) + { + rcu_unlock_domain(d); + return rc; + } + rc = xenmem_add_to_physmap_range(d, &xatpr); rcu_unlock_domain(d); diff -r 0369fd99e952 -r 4b476378fc35 xen/include/xsm/dummy.h --- a/xen/include/xsm/dummy.h Mon Jan 21 16:04:56 2013 +0000 +++ b/xen/include/xsm/dummy.h Mon Jan 21 17:03:10 2013 +0000 @@ -443,6 +443,18 @@ static XSM_INLINE int xsm_pci_config_per return xsm_default_action(action, current->domain, d); } +static XSM_INLINE int xsm_add_to_physmap(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) +{ + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d1, d2); +} + +static XSM_INLINE int xsm_remove_from_physmap(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) +{ + XSM_ASSERT_ACTION(XSM_TARGET); + return xsm_default_action(action, d1, d2); +} + #ifdef CONFIG_X86 static XSM_INLINE int xsm_shadow_control(XSM_DEFAULT_ARG struct domain *d, uint32_t op) { @@ -544,18 +556,6 @@ static XSM_INLINE int xsm_update_va_mapp return xsm_default_action(action, d, f); } -static XSM_INLINE int xsm_add_to_physmap(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) -{ - XSM_ASSERT_ACTION(XSM_TARGET); - return xsm_default_action(action, d1, d2); -} - -static XSM_INLINE int xsm_remove_from_physmap(XSM_DEFAULT_ARG struct domain *d1, struct domain *d2) -{ - XSM_ASSERT_ACTION(XSM_TARGET); - return xsm_default_action(action, d1, d2); -} - static XSM_INLINE int xsm_bind_pt_irq(XSM_DEFAULT_ARG struct domain *d, struct xen_domctl_bind_pt_irq *bind) { XSM_ASSERT_ACTION(XSM_HOOK); diff -r 0369fd99e952 -r 4b476378fc35 xen/include/xsm/xsm.h --- a/xen/include/xsm/xsm.h Mon Jan 21 16:04:56 2013 +0000 +++ b/xen/include/xsm/xsm.h Mon Jan 21 17:03:10 2013 +0000 @@ -90,6 +90,7 @@ struct xsm_operations { int (*memory_adjust_reservation) (struct domain *d1, struct domain *d2); int (*memory_stat_reservation) (struct domain *d1, struct domain *d2); int (*memory_pin_page) (struct domain *d1, struct domain *d2, struct page_info *page); + int (*add_to_physmap) (struct domain *d1, struct domain *d2); int (*remove_from_physmap) (struct domain *d1, struct domain *d2); int (*console_io) (struct domain *d, int cmd); @@ -149,7 +150,6 @@ struct xsm_operations { struct domain *f, uint32_t flags); int (*mmuext_op) (struct domain *d, struct domain *f); int (*update_va_mapping) (struct domain *d, struct domain *f, l1_pgentry_t pte); - int (*add_to_physmap) (struct domain *d1, struct domain *d2); int (*bind_pt_irq) (struct domain *d, struct xen_domctl_bind_pt_irq *bind); int (*unbind_pt_irq) (struct domain *d, struct xen_domctl_bind_pt_irq *bind); int (*ioport_permission) (struct domain *d, uint32_t s, uint32_t e, uint8_t allow); @@ -335,6 +335,11 @@ static inline int xsm_memory_pin_page(xs return xsm_ops->memory_pin_page(d1, d2, page); } +static inline int xsm_add_to_physmap(xsm_default_t def, struct domain *d1, struct domain *d2) +{ + return xsm_ops->add_to_physmap(d1, d2); +} + static inline int xsm_remove_from_physmap(xsm_default_t def, struct domain *d1, struct domain *d2) { return xsm_ops->remove_from_physmap(d1, d2); @@ -558,11 +563,6 @@ static inline int xsm_update_va_mapping( return xsm_ops->update_va_mapping(d, f, pte); } -static inline int xsm_add_to_physmap(xsm_default_t def, struct domain *d1, struct domain *d2) -{ - return xsm_ops->add_to_physmap(d1, d2); -} - static inline int xsm_bind_pt_irq(xsm_default_t def, struct domain *d, struct xen_domctl_bind_pt_irq *bind) { diff -r 0369fd99e952 -r 4b476378fc35 xen/xsm/dummy.c --- a/xen/xsm/dummy.c Mon Jan 21 16:04:56 2013 +0000 +++ b/xen/xsm/dummy.c Mon Jan 21 17:03:10 2013 +0000 @@ -101,6 +101,9 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, do_xsm_op); + set_to_dummy_if_null(ops, add_to_physmap); + set_to_dummy_if_null(ops, remove_from_physmap); + #ifdef CONFIG_X86 set_to_dummy_if_null(ops, shadow_control); set_to_dummy_if_null(ops, hvm_param); @@ -118,8 +121,6 @@ void xsm_fixup_ops (struct xsm_operation set_to_dummy_if_null(ops, mmu_update); set_to_dummy_if_null(ops, mmuext_op); set_to_dummy_if_null(ops, update_va_mapping); - set_to_dummy_if_null(ops, add_to_physmap); - set_to_dummy_if_null(ops, remove_from_physmap); set_to_dummy_if_null(ops, bind_pt_irq); set_to_dummy_if_null(ops, unbind_pt_irq); set_to_dummy_if_null(ops, ioport_permission); diff -r 0369fd99e952 -r 4b476378fc35 xen/xsm/flask/hooks.c --- a/xen/xsm/flask/hooks.c Mon Jan 21 16:04:56 2013 +0000 +++ b/xen/xsm/flask/hooks.c Mon Jan 21 17:03:10 2013 +0000 @@ -1055,6 +1055,16 @@ static inline int flask_tmem_control(voi return domain_has_xen(current->domain, XEN__TMEM_CONTROL); } +static int flask_add_to_physmap(struct domain *d1, struct domain *d2) +{ + return domain_has_perm(d1, d2, SECCLASS_MMU, MMU__PHYSMAP); +} + +static int flask_remove_from_physmap(struct domain *d1, struct domain *d2) +{ + return domain_has_perm(d1, d2, SECCLASS_MMU, MMU__PHYSMAP); +} + #ifdef CONFIG_X86 static int flask_shadow_control(struct domain *d, uint32_t op) { @@ -1325,16 +1335,6 @@ static int flask_update_va_mapping(struc return domain_has_perm(d, f, SECCLASS_MMU, map_perms); } -static int flask_add_to_physmap(struct domain *d1, struct domain *d2) -{ - return domain_has_perm(d1, d2, SECCLASS_MMU, MMU__PHYSMAP); -} - -static int flask_remove_from_physmap(struct domain *d1, struct domain *d2) -{ - return domain_has_perm(d1, d2, SECCLASS_MMU, MMU__PHYSMAP); -} - static int flask_get_device_group(uint32_t machine_bdf) { u32 rsid; @@ -1501,6 +1501,9 @@ static struct xsm_operations flask_ops = .do_xsm_op = do_flask_op, + .add_to_physmap = flask_add_to_physmap, + .remove_from_physmap = flask_remove_from_physmap, + #ifdef CONFIG_X86 .shadow_control = flask_shadow_control, .hvm_param = flask_hvm_param, @@ -1518,8 +1521,6 @@ static struct xsm_operations flask_ops = .mmu_update = flask_mmu_update, .mmuext_op = flask_mmuext_op, .update_va_mapping = flask_update_va_mapping, - .add_to_physmap = flask_add_to_physmap, - .remove_from_physmap = flask_remove_from_physmap, .get_device_group = flask_get_device_group, .test_assign_device = flask_test_assign_device, .assign_device = flask_assign_device, _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 22 19:22:40 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 22 Jan 2013 19:22:40 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxjQY-0000hE-LC; Tue, 22 Jan 2013 19:22:34 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxjQX-0000h9-8p for xen-changelog@lists.xensource.com; Tue, 22 Jan 2013 19:22:33 +0000 Received: from [85.158.138.51:37222] by server-3.bemta-3.messagelabs.com id 89/53-17026-8F6EEF05; Tue, 22 Jan 2013 19:22:32 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-5.tower-174.messagelabs.com!1358882545!27554741!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 20172 invoked from network); 22 Jan 2013 19:22:31 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-5.tower-174.messagelabs.com with AES256-SHA encrypted SMTP; 22 Jan 2013 19:22:31 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxjQK-00021z-GM for xen-changelog@lists.xensource.com; Tue, 22 Jan 2013 19:22:21 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxjQF-0001Jv-GJ for xen-changelog@lists.xensource.com; Tue, 22 Jan 2013 19:22:16 +0000 Message-Id: Date: Tue, 22 Jan 2013 19:22:11 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] x86: restore (optional) forwarding of PCI SERR induced NMI to Dom0 X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1358843590 -3600 # Node ID 5af4f2ab06f33ce441fa550333a9049c09a9ef28 # Parent 4b476378fc35e776196c29dc0e24b71529393a4c x86: restore (optional) forwarding of PCI SERR induced NMI to Dom0 c/s 22949:54fe1011f86b removed the forwarding of NMIs to Dom0 when they were caused by PCI SERR. NMI buttons as well as BMCs (like HP's iLO) may however want such events to be seen in Dom0 (e.g. to trigger a dump). Therefore restore most of the functionality which named c/s removed (adjusted for subsequent changes, and adjusting the public interface to use the modern term, retaining the old one for backwards compatibility). Signed-off-by: Jan Beulich Acked-by: Stefano Stabellini Acked-by: Keir Fraser --- diff -r 4b476378fc35 -r 5af4f2ab06f3 xen/arch/x86/traps.c --- a/xen/arch/x86/traps.c Mon Jan 21 17:03:10 2013 +0000 +++ b/xen/arch/x86/traps.c Tue Jan 22 09:33:10 2013 +0100 @@ -3089,6 +3089,7 @@ static void nmi_mce_softirq(void) static void pci_serr_softirq(void) { printk("\n\nNMI - PCI system error (SERR)\n"); + outb(inb(0x61) & 0x0b, 0x61); /* re-enable the PCI SERR error line. */ } void async_exception_cleanup(struct vcpu *curr) @@ -3135,9 +3136,20 @@ static void pci_serr_error(struct cpu_us { outb((inb(0x61) & 0x0f) | 0x04, 0x61); /* clear-and-disable the PCI SERR error line. */ - /* Would like to print a diagnostic here but can't call printk() - from NMI context -- raise a softirq instead. */ - raise_softirq(PCI_SERR_SOFTIRQ); + switch ( opt_nmi[0] ) + { + case 'd': /* 'dom0' */ + nmi_dom0_report(_XEN_NMIREASON_pci_serr); + case 'i': /* 'ignore' */ + /* Would like to print a diagnostic here but can't call printk() + from NMI context -- raise a softirq instead. */ + raise_softirq(PCI_SERR_SOFTIRQ); + break; + default: /* 'fatal' */ + console_force_unlock(); + printk("\n\nNMI - PCI system error (SERR)\n"); + fatal_trap(TRAP_nmi, regs); + } } static void io_check_error(struct cpu_user_regs *regs) diff -r 4b476378fc35 -r 5af4f2ab06f3 xen/include/public/nmi.h --- a/xen/include/public/nmi.h Mon Jan 21 17:03:10 2013 +0000 +++ b/xen/include/public/nmi.h Tue Jan 22 09:33:10 2013 +0100 @@ -36,9 +36,14 @@ /* I/O-check error reported via ISA port 0x61, bit 6. */ #define _XEN_NMIREASON_io_error 0 #define XEN_NMIREASON_io_error (1UL << _XEN_NMIREASON_io_error) + /* PCI SERR reported via ISA port 0x61, bit 7. */ +#define _XEN_NMIREASON_pci_serr 1 +#define XEN_NMIREASON_pci_serr (1UL << _XEN_NMIREASON_pci_serr) +#if __XEN_INTERFACE_VERSION__ < 0x00040300 /* legacy alias of the above */ /* Parity error reported via ISA port 0x61, bit 7. */ #define _XEN_NMIREASON_parity_error 1 #define XEN_NMIREASON_parity_error (1UL << _XEN_NMIREASON_parity_error) +#endif /* Unknown hardware-generated NMI. */ #define _XEN_NMIREASON_unknown 2 #define XEN_NMIREASON_unknown (1UL << _XEN_NMIREASON_unknown) _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Tue Jan 22 19:22:40 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Tue, 22 Jan 2013 19:22:40 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxjQY-0000hE-LC; Tue, 22 Jan 2013 19:22:34 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxjQX-0000h9-8p for xen-changelog@lists.xensource.com; Tue, 22 Jan 2013 19:22:33 +0000 Received: from [85.158.138.51:37222] by server-3.bemta-3.messagelabs.com id 89/53-17026-8F6EEF05; Tue, 22 Jan 2013 19:22:32 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-5.tower-174.messagelabs.com!1358882545!27554741!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 20172 invoked from network); 22 Jan 2013 19:22:31 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-5.tower-174.messagelabs.com with AES256-SHA encrypted SMTP; 22 Jan 2013 19:22:31 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TxjQK-00021z-GM for xen-changelog@lists.xensource.com; Tue, 22 Jan 2013 19:22:21 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TxjQF-0001Jv-GJ for xen-changelog@lists.xensource.com; Tue, 22 Jan 2013 19:22:16 +0000 Message-Id: Date: Tue, 22 Jan 2013 19:22:11 +0000 From: Xen patchbot-unstable To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-unstable] x86: restore (optional) forwarding of PCI SERR induced NMI to Dom0 X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1358843590 -3600 # Node ID 5af4f2ab06f33ce441fa550333a9049c09a9ef28 # Parent 4b476378fc35e776196c29dc0e24b71529393a4c x86: restore (optional) forwarding of PCI SERR induced NMI to Dom0 c/s 22949:54fe1011f86b removed the forwarding of NMIs to Dom0 when they were caused by PCI SERR. NMI buttons as well as BMCs (like HP's iLO) may however want such events to be seen in Dom0 (e.g. to trigger a dump). Therefore restore most of the functionality which named c/s removed (adjusted for subsequent changes, and adjusting the public interface to use the modern term, retaining the old one for backwards compatibility). Signed-off-by: Jan Beulich Acked-by: Stefano Stabellini Acked-by: Keir Fraser --- diff -r 4b476378fc35 -r 5af4f2ab06f3 xen/arch/x86/traps.c --- a/xen/arch/x86/traps.c Mon Jan 21 17:03:10 2013 +0000 +++ b/xen/arch/x86/traps.c Tue Jan 22 09:33:10 2013 +0100 @@ -3089,6 +3089,7 @@ static void nmi_mce_softirq(void) static void pci_serr_softirq(void) { printk("\n\nNMI - PCI system error (SERR)\n"); + outb(inb(0x61) & 0x0b, 0x61); /* re-enable the PCI SERR error line. */ } void async_exception_cleanup(struct vcpu *curr) @@ -3135,9 +3136,20 @@ static void pci_serr_error(struct cpu_us { outb((inb(0x61) & 0x0f) | 0x04, 0x61); /* clear-and-disable the PCI SERR error line. */ - /* Would like to print a diagnostic here but can't call printk() - from NMI context -- raise a softirq instead. */ - raise_softirq(PCI_SERR_SOFTIRQ); + switch ( opt_nmi[0] ) + { + case 'd': /* 'dom0' */ + nmi_dom0_report(_XEN_NMIREASON_pci_serr); + case 'i': /* 'ignore' */ + /* Would like to print a diagnostic here but can't call printk() + from NMI context -- raise a softirq instead. */ + raise_softirq(PCI_SERR_SOFTIRQ); + break; + default: /* 'fatal' */ + console_force_unlock(); + printk("\n\nNMI - PCI system error (SERR)\n"); + fatal_trap(TRAP_nmi, regs); + } } static void io_check_error(struct cpu_user_regs *regs) diff -r 4b476378fc35 -r 5af4f2ab06f3 xen/include/public/nmi.h --- a/xen/include/public/nmi.h Mon Jan 21 17:03:10 2013 +0000 +++ b/xen/include/public/nmi.h Tue Jan 22 09:33:10 2013 +0100 @@ -36,9 +36,14 @@ /* I/O-check error reported via ISA port 0x61, bit 6. */ #define _XEN_NMIREASON_io_error 0 #define XEN_NMIREASON_io_error (1UL << _XEN_NMIREASON_io_error) + /* PCI SERR reported via ISA port 0x61, bit 7. */ +#define _XEN_NMIREASON_pci_serr 1 +#define XEN_NMIREASON_pci_serr (1UL << _XEN_NMIREASON_pci_serr) +#if __XEN_INTERFACE_VERSION__ < 0x00040300 /* legacy alias of the above */ /* Parity error reported via ISA port 0x61, bit 7. */ #define _XEN_NMIREASON_parity_error 1 #define XEN_NMIREASON_parity_error (1UL << _XEN_NMIREASON_parity_error) +#endif /* Unknown hardware-generated NMI. */ #define _XEN_NMIREASON_unknown 2 #define XEN_NMIREASON_unknown (1UL << _XEN_NMIREASON_unknown) _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 23 19:55:18 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 23 Jan 2013 19:55:18 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Ty6Ph-0002hT-8M; Wed, 23 Jan 2013 19:55:13 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Ty6Pg-0002h4-I2 for xen-changelog@lists.xensource.com; Wed, 23 Jan 2013 19:55:12 +0000 Received: from [85.158.139.211:45328] by server-2.bemta-5.messagelabs.com id 4A/53-17076-F1040015; Wed, 23 Jan 2013 19:55:11 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-8.tower-206.messagelabs.com!1358970910!19399578!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 2751 invoked from network); 23 Jan 2013 19:55:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-8.tower-206.messagelabs.com with AES256-SHA encrypted SMTP; 23 Jan 2013 19:55:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Ty6Pe-0000v8-0v for xen-changelog@lists.xensource.com; Wed, 23 Jan 2013 19:55:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Ty6Pd-0005Hv-HN for xen-changelog@lists.xensource.com; Wed, 23 Jan 2013 19:55:09 +0000 Message-Id: Date: Wed, 23 Jan 2013 19:55:08 +0000 From: Xen patchbot-4.2-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.2-testing] x86_32: don't allow use of nested HVM X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1358938276 -3600 # Node ID fef7ef92f08e46d6f7b04551394d17a835dbe110 # Parent 99376b5882f71877acf74dec9fdd25d5f9d83bbb x86_32: don't allow use of nested HVM There are (indirect) uses of map_domain_page() in the nested HVM code that are unsafe when not just using the 1:1 mapping. This is XSA-34 / CVE-2013-0151. Signed-off-by: Jan Beulich --- diff -r 99376b5882f7 -r fef7ef92f08e xen/arch/x86/hvm/hvm.c --- a/xen/arch/x86/hvm/hvm.c Thu Jan 17 16:00:49 2013 +0000 +++ b/xen/arch/x86/hvm/hvm.c Wed Jan 23 11:51:16 2013 +0100 @@ -3862,6 +3862,10 @@ long do_hvm_op(unsigned long op, XEN_GUE rc = -EINVAL; break; case HVM_PARAM_NESTEDHVM: +#ifdef __i386__ + if ( a.value ) + rc = -EINVAL; +#else if ( a.value > 1 ) rc = -EINVAL; if ( !is_hvm_domain(d) ) @@ -3876,6 +3880,7 @@ long do_hvm_op(unsigned long op, XEN_GUE for_each_vcpu(d, v) if ( rc == 0 ) rc = nestedhvm_vcpu_initialise(v); +#endif break; case HVM_PARAM_BUFIOREQ_EVTCHN: rc = -EINVAL; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 23 19:55:18 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 23 Jan 2013 19:55:18 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Ty6Ph-0002hT-8M; Wed, 23 Jan 2013 19:55:13 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Ty6Pg-0002h4-I2 for xen-changelog@lists.xensource.com; Wed, 23 Jan 2013 19:55:12 +0000 Received: from [85.158.139.211:45328] by server-2.bemta-5.messagelabs.com id 4A/53-17076-F1040015; Wed, 23 Jan 2013 19:55:11 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-8.tower-206.messagelabs.com!1358970910!19399578!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 2751 invoked from network); 23 Jan 2013 19:55:11 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-8.tower-206.messagelabs.com with AES256-SHA encrypted SMTP; 23 Jan 2013 19:55:11 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Ty6Pe-0000v8-0v for xen-changelog@lists.xensource.com; Wed, 23 Jan 2013 19:55:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Ty6Pd-0005Hv-HN for xen-changelog@lists.xensource.com; Wed, 23 Jan 2013 19:55:09 +0000 Message-Id: Date: Wed, 23 Jan 2013 19:55:08 +0000 From: Xen patchbot-4.2-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.2-testing] x86_32: don't allow use of nested HVM X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1358938276 -3600 # Node ID fef7ef92f08e46d6f7b04551394d17a835dbe110 # Parent 99376b5882f71877acf74dec9fdd25d5f9d83bbb x86_32: don't allow use of nested HVM There are (indirect) uses of map_domain_page() in the nested HVM code that are unsafe when not just using the 1:1 mapping. This is XSA-34 / CVE-2013-0151. Signed-off-by: Jan Beulich --- diff -r 99376b5882f7 -r fef7ef92f08e xen/arch/x86/hvm/hvm.c --- a/xen/arch/x86/hvm/hvm.c Thu Jan 17 16:00:49 2013 +0000 +++ b/xen/arch/x86/hvm/hvm.c Wed Jan 23 11:51:16 2013 +0100 @@ -3862,6 +3862,10 @@ long do_hvm_op(unsigned long op, XEN_GUE rc = -EINVAL; break; case HVM_PARAM_NESTEDHVM: +#ifdef __i386__ + if ( a.value ) + rc = -EINVAL; +#else if ( a.value > 1 ) rc = -EINVAL; if ( !is_hvm_domain(d) ) @@ -3876,6 +3880,7 @@ long do_hvm_op(unsigned long op, XEN_GUE for_each_vcpu(d, v) if ( rc == 0 ) rc = nestedhvm_vcpu_initialise(v); +#endif break; case HVM_PARAM_BUFIOREQ_EVTCHN: rc = -EINVAL; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 23 19:55:19 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 23 Jan 2013 19:55:19 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Ty6Pj-0002hl-B8; Wed, 23 Jan 2013 19:55:15 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Ty6Pi-0002hY-0p for xen-changelog@lists.xensource.com; Wed, 23 Jan 2013 19:55:14 +0000 Received: from [193.109.254.147:51763] by server-12.bemta-14.messagelabs.com id EA/96-20034-12040015; Wed, 23 Jan 2013 19:55:13 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-11.tower-27.messagelabs.com!1358970910!3036153!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 27243 invoked from network); 23 Jan 2013 19:55:12 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-11.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 23 Jan 2013 19:55:12 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Ty6Pe-0000vB-Jj for xen-changelog@lists.xensource.com; Wed, 23 Jan 2013 19:55:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Ty6Pe-0005IA-8E for xen-changelog@lists.xensource.com; Wed, 23 Jan 2013 19:55:10 +0000 Message-Id: Date: Wed, 23 Jan 2013 19:55:09 +0000 From: Xen patchbot-4.2-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.2-testing] xen: Do not allow guests to enable nested HVM on themselves X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1358938364 -3600 # Node ID 7c04074a0a0f897f6745fb3328746bc50bb91d71 # Parent fef7ef92f08e46d6f7b04551394d17a835dbe110 xen: Do not allow guests to enable nested HVM on themselves There is no reason for this and doing so exposes a memory leak to guests. Only toolstacks need write access to this HVM param. This is XSA-35 / CVE-2013-0152. Signed-off-by: Ian Campbell Acked-by: Jan Beulich xen-unstable changeset: 26444:621b1a889e9b xen-unstable date: Wed Jan 23 10:47:24 UTC 2013 --- diff -r fef7ef92f08e -r 7c04074a0a0f xen/arch/x86/hvm/hvm.c --- a/xen/arch/x86/hvm/hvm.c Wed Jan 23 11:51:16 2013 +0100 +++ b/xen/arch/x86/hvm/hvm.c Wed Jan 23 11:52:44 2013 +0100 @@ -3862,6 +3862,11 @@ long do_hvm_op(unsigned long op, XEN_GUE rc = -EINVAL; break; case HVM_PARAM_NESTEDHVM: + if ( !IS_PRIV(current->domain) ) + { + rc = -EPERM; + break; + } #ifdef __i386__ if ( a.value ) rc = -EINVAL; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 23 19:55:19 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 23 Jan 2013 19:55:19 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Ty6Pj-0002hl-B8; Wed, 23 Jan 2013 19:55:15 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Ty6Pi-0002hY-0p for xen-changelog@lists.xensource.com; Wed, 23 Jan 2013 19:55:14 +0000 Received: from [193.109.254.147:51763] by server-12.bemta-14.messagelabs.com id EA/96-20034-12040015; Wed, 23 Jan 2013 19:55:13 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-11.tower-27.messagelabs.com!1358970910!3036153!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 27243 invoked from network); 23 Jan 2013 19:55:12 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-11.tower-27.messagelabs.com with AES256-SHA encrypted SMTP; 23 Jan 2013 19:55:12 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1Ty6Pe-0000vB-Jj for xen-changelog@lists.xensource.com; Wed, 23 Jan 2013 19:55:10 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1Ty6Pe-0005IA-8E for xen-changelog@lists.xensource.com; Wed, 23 Jan 2013 19:55:10 +0000 Message-Id: Date: Wed, 23 Jan 2013 19:55:09 +0000 From: Xen patchbot-4.2-testing To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [xen-4.2-testing] xen: Do not allow guests to enable nested HVM on themselves X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Ian Campbell # Date 1358938364 -3600 # Node ID 7c04074a0a0f897f6745fb3328746bc50bb91d71 # Parent fef7ef92f08e46d6f7b04551394d17a835dbe110 xen: Do not allow guests to enable nested HVM on themselves There is no reason for this and doing so exposes a memory leak to guests. Only toolstacks need write access to this HVM param. This is XSA-35 / CVE-2013-0152. Signed-off-by: Ian Campbell Acked-by: Jan Beulich xen-unstable changeset: 26444:621b1a889e9b xen-unstable date: Wed Jan 23 10:47:24 UTC 2013 --- diff -r fef7ef92f08e -r 7c04074a0a0f xen/arch/x86/hvm/hvm.c --- a/xen/arch/x86/hvm/hvm.c Wed Jan 23 11:51:16 2013 +0100 +++ b/xen/arch/x86/hvm/hvm.c Wed Jan 23 11:52:44 2013 +0100 @@ -3862,6 +3862,11 @@ long do_hvm_op(unsigned long op, XEN_GUE rc = -EINVAL; break; case HVM_PARAM_NESTEDHVM: + if ( !IS_PRIV(current->domain) ) + { + rc = -EPERM; + break; + } #ifdef __i386__ if ( a.value ) rc = -EINVAL; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 28 11:00:12 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 28 Jan 2013 11:00:12 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TzmRc-0001Pc-1o; Mon, 28 Jan 2013 11:00:08 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TzmRb-0001PU-Fi for xen-changelog@lists.xensource.com; Mon, 28 Jan 2013 11:00:07 +0000 Received: from [85.158.139.211:45267] by server-1.bemta-5.messagelabs.com id 95/E5-25676-63A56015; Mon, 28 Jan 2013 11:00:06 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-9.tower-206.messagelabs.com!1359370805!18480477!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 11426 invoked from network); 28 Jan 2013 11:00:06 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-9.tower-206.messagelabs.com with AES256-SHA encrypted SMTP; 28 Jan 2013 11:00:06 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TzmRY-0002uQ-I3 for xen-changelog@lists.xensource.com; Mon, 28 Jan 2013 11:00:04 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TzmRY-0002Le-45 for xen-changelog@lists.xensource.com; Mon, 28 Jan 2013 11:00:04 +0000 Message-Id: Date: Mon, 28 Jan 2013 11:00:03 +0000 From: Xen patchbot-linux-2.6.18-xen To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [linux-2.6.18-xen] blkback: Don't trust the handle from the frontend X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Konrad Rzeszutek Wilk # Date 1359370526 -3600 # Node ID d207555739095b1e4babed58bda341ffa5271dd4 # Parent feb110c9141c2efcdaa8cbc92268b8515771377d blkback: Don't trust the handle from the frontend The 'handle' is the device that the request is from. For the life-time of the ring we copy it from a request to a response so that the frontend is not surprised by it. But we do not need it - when we start processing I/Os we have our own 'struct phys_req' which has only most essential information about the request. In fact the 'vbd_translate' ends up over-writing the preq.dev with a value from the backend. This assignment of preq.dev with the 'handle' value is superfluous so lets not do it. Signed-off-by: Konrad Rzeszutek Wilk Acked-by: Ian Campbell Committed-by: Jan Beulich --- diff -r feb110c9141c -r d20755573909 drivers/xen/blkback/blkback.c --- a/drivers/xen/blkback/blkback.c Fri Jan 18 12:47:29 2013 +0100 +++ b/drivers/xen/blkback/blkback.c Mon Jan 28 11:55:26 2013 +0100 @@ -440,7 +440,6 @@ static void dispatch_rw_block_io(blkif_t goto fail_response; } - preq.dev = req->handle; preq.sector_number = req->sector_number; preq.nr_sects = 0; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Mon Jan 28 11:00:12 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Mon, 28 Jan 2013 11:00:12 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TzmRc-0001Pc-1o; Mon, 28 Jan 2013 11:00:08 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TzmRb-0001PU-Fi for xen-changelog@lists.xensource.com; Mon, 28 Jan 2013 11:00:07 +0000 Received: from [85.158.139.211:45267] by server-1.bemta-5.messagelabs.com id 95/E5-25676-63A56015; Mon, 28 Jan 2013 11:00:06 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-9.tower-206.messagelabs.com!1359370805!18480477!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 11426 invoked from network); 28 Jan 2013 11:00:06 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-9.tower-206.messagelabs.com with AES256-SHA encrypted SMTP; 28 Jan 2013 11:00:06 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1TzmRY-0002uQ-I3 for xen-changelog@lists.xensource.com; Mon, 28 Jan 2013 11:00:04 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1TzmRY-0002Le-45 for xen-changelog@lists.xensource.com; Mon, 28 Jan 2013 11:00:04 +0000 Message-Id: Date: Mon, 28 Jan 2013 11:00:03 +0000 From: Xen patchbot-linux-2.6.18-xen To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [linux-2.6.18-xen] blkback: Don't trust the handle from the frontend X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Konrad Rzeszutek Wilk # Date 1359370526 -3600 # Node ID d207555739095b1e4babed58bda341ffa5271dd4 # Parent feb110c9141c2efcdaa8cbc92268b8515771377d blkback: Don't trust the handle from the frontend The 'handle' is the device that the request is from. For the life-time of the ring we copy it from a request to a response so that the frontend is not surprised by it. But we do not need it - when we start processing I/Os we have our own 'struct phys_req' which has only most essential information about the request. In fact the 'vbd_translate' ends up over-writing the preq.dev with a value from the backend. This assignment of preq.dev with the 'handle' value is superfluous so lets not do it. Signed-off-by: Konrad Rzeszutek Wilk Acked-by: Ian Campbell Committed-by: Jan Beulich --- diff -r feb110c9141c -r d20755573909 drivers/xen/blkback/blkback.c --- a/drivers/xen/blkback/blkback.c Fri Jan 18 12:47:29 2013 +0100 +++ b/drivers/xen/blkback/blkback.c Mon Jan 28 11:55:26 2013 +0100 @@ -440,7 +440,6 @@ static void dispatch_rw_block_io(blkif_t goto fail_response; } - preq.dev = req->handle; preq.sector_number = req->sector_number; preq.nr_sects = 0; _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 30 09:33:19 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 30 Jan 2013 09:33:19 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1U0U2d-0008VK-2x; Wed, 30 Jan 2013 09:33:15 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1U0U2b-0008VF-Os for xen-changelog@lists.xensource.com; Wed, 30 Jan 2013 09:33:13 +0000 Received: from [85.158.138.51:5498] by server-16.bemta-3.messagelabs.com id 74/93-02727-4D8E8015; Wed, 30 Jan 2013 09:33:08 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-6.tower-174.messagelabs.com!1359538384!22104751!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 31927 invoked from network); 30 Jan 2013 09:33:06 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-6.tower-174.messagelabs.com with AES256-SHA encrypted SMTP; 30 Jan 2013 09:33:06 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1U0U2R-0007PL-N4 for xen-changelog@lists.xensource.com; Wed, 30 Jan 2013 09:33:03 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1U0U2R-0005Bd-AH for xen-changelog@lists.xensource.com; Wed, 30 Jan 2013 09:33:03 +0000 Message-Id: Date: Wed, 30 Jan 2013 09:33:02 +0000 From: Xen patchbot-linux-2.6.18-xen To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [linux-2.6.18-xen] xencons: drop pre-2.6 relics X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1359537724 -3600 # Node ID 008c65d4caed95fb356741e20c20b1d63bca5333 # Parent d207555739095b1e4babed58bda341ffa5271dd4 xencons: drop pre-2.6 relics Allocating/reserving the termios pointer arrays may have been needed in 2.4.x or 2.5.x, but even 2.6.0 didn't require this anymore. Signed-off-by: Jan Beulich --- diff -r d20755573909 -r 008c65d4caed drivers/xen/console/console.c --- a/drivers/xen/console/console.c Mon Jan 28 11:55:26 2013 +0100 +++ b/drivers/xen/console/console.c Wed Jan 30 10:22:04 2013 +0100 @@ -347,8 +347,6 @@ void __init dom0_init_screen_info(const #define DUMMY_TTY(_tty) ((xc_mode == XC_TTY) && \ ((_tty)->index != (xc_num - 1))) -static struct termios *xencons_termios[MAX_NR_CONSOLES]; -static struct termios *xencons_termios_locked[MAX_NR_CONSOLES]; static struct tty_struct *xencons_tty; static int xencons_priv_irq; static char x_char; @@ -683,8 +681,6 @@ static int __init xencons_init(void) DRV(xencons_driver)->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_RESET_TERMIOS; - DRV(xencons_driver)->termios = xencons_termios; - DRV(xencons_driver)->termios_locked = xencons_termios_locked; switch (xc_mode) { case XC_XVC: _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog From xen-changelog-bounces@lists.xen.org Wed Jan 30 09:33:19 2013 Return-path: Envelope-to: archives@lists.xen.org Delivery-date: Wed, 30 Jan 2013 09:33:19 +0000 Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1U0U2d-0008VK-2x; Wed, 30 Jan 2013 09:33:15 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1U0U2b-0008VF-Os for xen-changelog@lists.xensource.com; Wed, 30 Jan 2013 09:33:13 +0000 Received: from [85.158.138.51:5498] by server-16.bemta-3.messagelabs.com id 74/93-02727-4D8E8015; Wed, 30 Jan 2013 09:33:08 +0000 X-Env-Sender: xen@xenbits.xen.org X-Msg-Ref: server-6.tower-174.messagelabs.com!1359538384!22104751!1 X-Originating-IP: [50.57.168.107] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.7; banners=-,-,- X-VirusChecked: Checked Received: (qmail 31927 invoked from network); 30 Jan 2013 09:33:06 -0000 Received: from mail.xen.org (HELO mail.xen.org) (50.57.168.107) by server-6.tower-174.messagelabs.com with AES256-SHA encrypted SMTP; 30 Jan 2013 09:33:06 -0000 Received: from xenbits.xen.org ([50.57.170.242]) by mail.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1U0U2R-0007PL-N4 for xen-changelog@lists.xensource.com; Wed, 30 Jan 2013 09:33:03 +0000 Received: from xen by xenbits.xen.org with local (Exim 4.72) (envelope-from ) id 1U0U2R-0005Bd-AH for xen-changelog@lists.xensource.com; Wed, 30 Jan 2013 09:33:03 +0000 Message-Id: Date: Wed, 30 Jan 2013 09:33:02 +0000 From: Xen patchbot-linux-2.6.18-xen To: xen-changelog@lists.xensource.com Subject: [Xen-changelog] [linux-2.6.18-xen] xencons: drop pre-2.6 relics X-BeenThere: xen-changelog@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list Reply-To: xen-devel@lists.xensource.com List-Id: "Change log for Mercurial \(receive only\)" List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: xen-changelog-bounces@lists.xen.org Errors-To: xen-changelog-bounces@lists.xen.org # HG changeset patch # User Jan Beulich # Date 1359537724 -3600 # Node ID 008c65d4caed95fb356741e20c20b1d63bca5333 # Parent d207555739095b1e4babed58bda341ffa5271dd4 xencons: drop pre-2.6 relics Allocating/reserving the termios pointer arrays may have been needed in 2.4.x or 2.5.x, but even 2.6.0 didn't require this anymore. Signed-off-by: Jan Beulich --- diff -r d20755573909 -r 008c65d4caed drivers/xen/console/console.c --- a/drivers/xen/console/console.c Mon Jan 28 11:55:26 2013 +0100 +++ b/drivers/xen/console/console.c Wed Jan 30 10:22:04 2013 +0100 @@ -347,8 +347,6 @@ void __init dom0_init_screen_info(const #define DUMMY_TTY(_tty) ((xc_mode == XC_TTY) && \ ((_tty)->index != (xc_num - 1))) -static struct termios *xencons_termios[MAX_NR_CONSOLES]; -static struct termios *xencons_termios_locked[MAX_NR_CONSOLES]; static struct tty_struct *xencons_tty; static int xencons_priv_irq; static char x_char; @@ -683,8 +681,6 @@ static int __init xencons_init(void) DRV(xencons_driver)->flags = TTY_DRIVER_REAL_RAW | TTY_DRIVER_RESET_TERMIOS; - DRV(xencons_driver)->termios = xencons_termios; - DRV(xencons_driver)->termios_locked = xencons_termios_locked; switch (xc_mode) { case XC_XVC: _______________________________________________ Xen-changelog mailing list Xen-changelog@lists.xen.org http://lists.xensource.com/xen-changelog