Xen project Mailing List

[Xen-changelog] [xen-unstable] merge with xen-unstable.hg (staging)

From: Xen patchbot-unstable <patchbot-unstable@xxxxxxxxxxxxxxxxxxx>

Date: Tue, 11 Sep 2007 15:30:45 -0700

Delivery-date: Tue, 11 Sep 2007 15:33:37 -0700

List-id: BK change log <xen-changelog.lists.xensource.com>

# HG changeset patch # User Alex Williamson <alex.williamson@xxxxxx> # Date 1189195010 21600 # Node ID f16bff0934d7ea2f000b166c05fb6b2fd8103fa9 # Parent 192f2df46e67f02695e9ed3a39c1d831562ae6c9 # Parent a53aaea4c69813a7143daa677b9e65d1d2f15b6b merge with xen-unstable.hg (staging) --- tools/Makefile | 2 tools/check/Makefile | 4 tools/check/check_xml2 | 2 tools/ioemu/hw/cirrus_vga.c | 2 tools/ioemu/vl.c | 2 tools/libxc/xc_misc.c | 33 +++++ tools/libxc/xenctrl.h | 8 + tools/python/xen/xend/XendDomain.py | 4 tools/python/xen/xend/XendDomainInfo.py | 19 ++ tools/python/xen/xend/server/XMLRPCServer.py | 2 tools/python/xen/xm/main.py | 11 - tools/security/Makefile | 2 tools/xenfb/xenfb.c | 10 - tools/xenstore/xenstored_core.c | 8 - unmodified_drivers/linux-2.6/platform-pci/machine_reboot.c | 12 + xen/arch/x86/domain.c | 4 xen/arch/x86/hvm/hvm.c | 24 --- xen/arch/x86/hvm/svm/svm.c | 56 ++++---- xen/arch/x86/hvm/vmx/vmx.c | 84 ++++++------- xen/arch/x86/mm/shadow/multi.c | 14 -- 20 files changed, 167 insertions(+), 136 deletions(-) diff -r 192f2df46e67 -r f16bff0934d7 tools/Makefile --- a/tools/Makefile Thu Sep 06 15:04:07 2007 -0600 +++ b/tools/Makefile Fri Sep 07 13:56:50 2007 -0600 @@ -10,7 +10,7 @@ SUBDIRS-y += xentrace SUBDIRS-y += xentrace SUBDIRS-$(CONFIG_XCUTILS) += xcutils SUBDIRS-$(CONFIG_X86) += firmware -SUBDIRS-y += security +SUBDIRS-$(ACM_SECURITY) += security SUBDIRS-y += console SUBDIRS-y += xenmon SUBDIRS-y += guest-headers diff -r 192f2df46e67 -r f16bff0934d7 tools/check/Makefile --- a/tools/check/Makefile Thu Sep 06 15:04:07 2007 -0600 +++ b/tools/check/Makefile Fri Sep 07 13:56:50 2007 -0600 @@ -7,7 +7,7 @@ all: build # Check this machine is OK for building on. .PHONY: build build: - XENFB_TOOLS=$(XENFB_TOOLS) LIBXENAPI_BINDINGS=$(LIBXENAPI_BINDINGS) ./chk build + XENFB_TOOLS=$(XENFB_TOOLS) LIBXENAPI_BINDINGS=$(LIBXENAPI_BINDINGS) ACM_SECURITY=$(ACM_SECURITY) ./chk build # Check this machine is OK for installing on. # DO NOT use this check from 'make install' in the parent @@ -15,7 +15,7 @@ build: # copy rather than actually installing. .PHONY: install install: - XENFB_TOOLS=$(XENFB_TOOLS) LIBXENAPI_BINDINGS=$(LIBXENAPI_BINDINGS) ./chk install + XENFB_TOOLS=$(XENFB_TOOLS) LIBXENAPI_BINDINGS=$(LIBXENAPI_BINDINGS) ACM_SECURITY=$(ACM_SECURITY) ./chk install .PHONY: clean clean: diff -r 192f2df46e67 -r f16bff0934d7 tools/check/check_xml2 --- a/tools/check/check_xml2 Thu Sep 06 15:04:07 2007 -0600 +++ b/tools/check/check_xml2 Fri Sep 07 13:56:50 2007 -0600 @@ -1,7 +1,7 @@ #!/bin/sh # CHECK-BUILD CHECK-INSTALL -if [ ! "$LIBXENAPI_BINDINGS" = "y" ] +if [ ! "$LIBXENAPI_BINDINGS" = "y" -a ! "$ACM_SECURITY" = "y" ] then echo -n "unused, " exit 0 diff -r 192f2df46e67 -r f16bff0934d7 tools/ioemu/hw/cirrus_vga.c --- a/tools/ioemu/hw/cirrus_vga.c Thu Sep 06 15:04:07 2007 -0600 +++ b/tools/ioemu/hw/cirrus_vga.c Fri Sep 07 13:56:50 2007 -0600 @@ -2565,7 +2565,7 @@ static void *set_vram_mapping(unsigned l return NULL; } - vram_pointer = xc_map_foreign_batch(xc_handle, domid, + vram_pointer = xc_map_foreign_pages(xc_handle, domid, PROT_READ|PROT_WRITE, extent_start, nr_extents); if (vram_pointer == NULL) { diff -r 192f2df46e67 -r f16bff0934d7 tools/ioemu/vl.c --- a/tools/ioemu/vl.c Thu Sep 06 15:04:07 2007 -0600 +++ b/tools/ioemu/vl.c Fri Sep 07 13:56:50 2007 -0600 @@ -6948,7 +6948,7 @@ static void qemu_remap_bucket(struct map j = ((i + BITS_PER_LONG) > (MCACHE_BUCKET_SIZE >> PAGE_SHIFT)) ? (MCACHE_BUCKET_SIZE >> PAGE_SHIFT) % BITS_PER_LONG : BITS_PER_LONG; while (j > 0) - word = (word << 1) | !(pfns[i + --j] & 0xF0000000UL); + word = (word << 1) | (((pfns[i + --j] >> 28) & 0xf) != 0xf); entry->valid_mapping[i / BITS_PER_LONG] = word; } } diff -r 192f2df46e67 -r f16bff0934d7 tools/libxc/xc_misc.c --- a/tools/libxc/xc_misc.c Thu Sep 06 15:04:07 2007 -0600 +++ b/tools/libxc/xc_misc.c Fri Sep 07 13:56:50 2007 -0600 @@ -224,6 +224,39 @@ int xc_hvm_set_pci_link_route( unlock_pages(&arg, sizeof(arg)); return rc; +} + +void *xc_map_foreign_pages(int xc_handle, uint32_t dom, int prot, + const xen_pfn_t *arr, int num) +{ + xen_pfn_t *pfn; + void *res; + int i; + + pfn = malloc(num * sizeof(*pfn)); + if (!pfn) + return NULL; + memcpy(pfn, arr, num * sizeof(*pfn)); + + res = xc_map_foreign_batch(xc_handle, dom, prot, pfn, num); + if (res) { + for (i = 0; i < num; i++) { + if ((pfn[i] & 0xF0000000UL) == 0xF0000000UL) { + /* + * xc_map_foreign_batch() doesn't give us an error + * code, so we have to make one up. May not be the + * appropriate one. + */ + errno = EINVAL; + munmap(res, num * PAGE_SIZE); + res = NULL; + break; + } + } + } + + free(pfn); + return res; } /* diff -r 192f2df46e67 -r f16bff0934d7 tools/libxc/xenctrl.h --- a/tools/libxc/xenctrl.h Thu Sep 06 15:04:07 2007 -0600 +++ b/tools/libxc/xenctrl.h Fri Sep 07 13:56:50 2007 -0600 @@ -646,6 +646,14 @@ void *xc_map_foreign_range(int xc_handle int size, int prot, unsigned long mfn ); +void *xc_map_foreign_pages(int xc_handle, uint32_t dom, int prot, + const xen_pfn_t *arr, int num ); + +/** + * Like xc_map_foreign_pages(), except it can succeeed partially. + * When a page cannot be mapped, its PFN in @arr is or'ed with + * 0xF0000000 to indicate the error. + */ void *xc_map_foreign_batch(int xc_handle, uint32_t dom, int prot, xen_pfn_t *arr, int num ); diff -r 192f2df46e67 -r f16bff0934d7 tools/python/xen/xend/XendDomain.py --- a/tools/python/xen/xend/XendDomain.py Thu Sep 06 15:04:07 2007 -0600 +++ b/tools/python/xen/xend/XendDomain.py Fri Sep 07 13:56:50 2007 -0600 @@ -1594,10 +1594,10 @@ class XendDomain: raise VMBadState("Domain '%s' is not started" % domid, POWER_STATE_NAMES[DOM_STATE_RUNNING], POWER_STATE_NAMES[dominfo._stateGet()]) - if trigger_name.lower() in TRIGGER_TYPE: + if trigger_name.lower() in TRIGGER_TYPE.keys(): trigger = TRIGGER_TYPE[trigger_name.lower()] else: - raise XendError("Invalid trigger: %s", trigger_name) + raise XendError("Invalid trigger: %s" % trigger_name) try: return xc.domain_send_trigger(dominfo.getDomid(), trigger, diff -r 192f2df46e67 -r f16bff0934d7 tools/python/xen/xend/XendDomainInfo.py --- a/tools/python/xen/xend/XendDomainInfo.py Thu Sep 06 15:04:07 2007 -0600 +++ b/tools/python/xen/xend/XendDomainInfo.py Fri Sep 07 13:56:50 2007 -0600 @@ -602,16 +602,16 @@ class XendDomainInfo: mac = x[1] break break - dev_info = self.getDeviceInfo_vif(mac) + dev_info = self._getDeviceInfo_vif(mac) else: _, dev_info = sxprs[dev] else: # 'vbd' or 'tap' - dev_info = self.getDeviceInfo_vbd(dev) + dev_info = self._getDeviceInfo_vbd(dev) # To remove the UUID of the device from refs, # deviceClass must be always 'vbd'. deviceClass = 'vbd' if dev_info is None: - return rc + raise XendError("Device %s is not defined" % devid) dev_uuid = sxp.child_value(dev_info, 'uuid') del self.info['devices'][dev_uuid] @@ -632,14 +632,22 @@ class XendDomainInfo: dev_num += 1 return sxprs - def getDeviceInfo_vif(self, mac): + def getBlockDeviceClass(self, devid): + # To get a device number from the devid, + # we temporarily use the device controller of VBD. + dev = self.getDeviceController('vbd').convertToDeviceNumber(devid) + dev_info = self._getDeviceInfo_vbd(dev) + if dev_info: + return dev_info[0] + + def _getDeviceInfo_vif(self, mac): for dev_type, dev_info in self.info.all_devices_sxpr(): if dev_type != 'vif': continue if mac == sxp.child_value(dev_info, 'mac'): return dev_info - def getDeviceInfo_vbd(self, devid): + def _getDeviceInfo_vbd(self, devid): for dev_type, dev_info in self.info.all_devices_sxpr(): if dev_type != 'vbd' and dev_type != 'tap': continue @@ -1309,6 +1317,7 @@ class XendDomainInfo: try: new_dom = XendDomain.instance().domain_create_from_dict( self.info) + new_dom.waitForDevices() new_dom.unpause() rst_cnt = self._readVm('xend/restart_count') rst_cnt = int(rst_cnt) + 1 diff -r 192f2df46e67 -r f16bff0934d7 tools/python/xen/xend/server/XMLRPCServer.py --- a/tools/python/xen/xend/server/XMLRPCServer.py Thu Sep 06 15:04:07 2007 -0600 +++ b/tools/python/xen/xend/server/XMLRPCServer.py Fri Sep 07 13:56:50 2007 -0600 @@ -87,7 +87,7 @@ methods = ['device_create', 'device_conf 'destroyDevice','getDeviceSxprs', 'setMemoryTarget', 'setName', 'setVCpuCount', 'shutdown', 'send_sysrq', 'getVCPUInfo', 'waitForDevices', - 'getRestartCount'] + 'getRestartCount', 'getBlockDeviceClass'] exclude = ['domain_create', 'domain_restore'] diff -r 192f2df46e67 -r f16bff0934d7 tools/python/xen/xm/main.py --- a/tools/python/xen/xm/main.py Thu Sep 06 15:04:07 2007 -0600 +++ b/tools/python/xen/xm/main.py Fri Sep 07 13:56:50 2007 -0600 @@ -2217,12 +2217,13 @@ def xm_block_detach(args): % (dev,dom)) else: arg_check(args, 'block-detach', 2, 3) - try: + dom = args[0] + dev = args[1] + dc = server.xend.domain.getBlockDeviceClass(dom, dev) + if dc == "tap": + detach(args, 'tap') + else: detach(args, 'vbd') - return - except: - pass - detach(args, 'tap') def xm_network_detach(args): if serverType == SERVER_XEN_API: diff -r 192f2df46e67 -r f16bff0934d7 tools/security/Makefile --- a/tools/security/Makefile Thu Sep 06 15:04:07 2007 -0600 +++ b/tools/security/Makefile Fri Sep 07 13:56:50 2007 -0600 @@ -66,7 +66,7 @@ install: all $(ACM_CONFIG_FILE) $(INSTALL_DIR) $(DESTDIR)$(ACM_SECGEN_CGIDIR) $(INSTALL_PROG) $(ACM_INST_CGI) $(DESTDIR)$(ACM_SECGEN_CGIDIR) ifndef XEN_PYTHON_NATIVE_INSTALL - python python/setup.py install --home="$(DESTDIR)/usr" --install-lib="$(DESTDIR)$(LIBPATH)/python" + python python/setup.py install --install-lib="$(DESTDIR)$(LIBPATH)/python" else python python/setup.py install --root="$(DESTDIR)" endif diff -r 192f2df46e67 -r f16bff0934d7 tools/xenfb/xenfb.c --- a/tools/xenfb/xenfb.c Thu Sep 06 15:04:07 2007 -0600 +++ b/tools/xenfb/xenfb.c Fri Sep 07 13:56:50 2007 -0600 @@ -398,21 +398,15 @@ static int xenfb_map_fb(struct xenfb_pri if (!pgmfns || !fbmfns) goto out; - /* - * Bug alert: xc_map_foreign_batch() can fail partly and - * return a non-null value. This is a design flaw. When it - * happens, we happily continue here, and later crash on - * access. - */ xenfb_copy_mfns(mode, n_fbdirs, pgmfns, pd); - map = xc_map_foreign_batch(xenfb->xc, domid, + map = xc_map_foreign_pages(xenfb->xc, domid, PROT_READ, pgmfns, n_fbdirs); if (map == NULL) goto out; xenfb_copy_mfns(mode, n_fbmfns, fbmfns, map); munmap(map, n_fbdirs * XC_PAGE_SIZE); - xenfb->pub.pixels = xc_map_foreign_batch(xenfb->xc, domid, + xenfb->pub.pixels = xc_map_foreign_pages(xenfb->xc, domid, PROT_READ | PROT_WRITE, fbmfns, n_fbmfns); if (xenfb->pub.pixels == NULL) goto out; diff -r 192f2df46e67 -r f16bff0934d7 tools/xenstore/xenstored_core.c --- a/tools/xenstore/xenstored_core.c Thu Sep 06 15:04:07 2007 -0600 +++ b/tools/xenstore/xenstored_core.c Fri Sep 07 13:56:50 2007 -0600 @@ -1878,14 +1878,14 @@ int main(int argc, char *argv[]) fflush(stdout); } - /* close stdin/stdout now we're ready to accept connections */ + /* redirect to /dev/null now we're ready to accept connections */ if (dofork) { int devnull = open("/dev/null", O_RDWR); if (devnull == -1) barf_perror("Could not open /dev/null\n"); - close(STDIN_FILENO); dup2(STDIN_FILENO, devnull); - close(STDOUT_FILENO); dup2(STDOUT_FILENO, devnull); - close(STDERR_FILENO); dup2(STDERR_FILENO, devnull); + dup2(devnull, STDIN_FILENO); + dup2(devnull, STDOUT_FILENO); + dup2(devnull, STDERR_FILENO); close(devnull); xprintf = trace; } diff -r 192f2df46e67 -r f16bff0934d7 unmodified_drivers/linux-2.6/platform-pci/machine_reboot.c --- a/unmodified_drivers/linux-2.6/platform-pci/machine_reboot.c Thu Sep 06 15:04:07 2007 -0600 +++ b/unmodified_drivers/linux-2.6/platform-pci/machine_reboot.c Fri Sep 07 13:56:50 2007 -0600 @@ -17,6 +17,8 @@ struct ap_suspend_info { * while the BSP is re-initializing it after restore. */ static DEFINE_RWLOCK(suspend_lock); + +#ifdef CONFIG_SMP /* * Spinning prevents, for example, APs touching grant table entries while @@ -42,6 +44,14 @@ static void ap_suspend(void *_info) mb(); atomic_dec(&info->nr_spinning); } + +#define initiate_ap_suspend(i) smp_call_function(ap_suspend, i, 0, 0) + +#else /* !defined(CONFIG_SMP) */ + +#define initiate_ap_suspend(i) 0 + +#endif static int bp_suspend(void) { @@ -80,7 +90,7 @@ int __xen_suspend(int fast_suspend) nr_cpus = num_online_cpus() - 1; - err = smp_call_function(ap_suspend, &info, 0, 0); + err = initiate_ap_suspend(&info); if (err < 0) { preempt_enable(); xenbus_suspend_cancel(); diff -r 192f2df46e67 -r f16bff0934d7 xen/arch/x86/domain.c --- a/xen/arch/x86/domain.c Thu Sep 06 15:04:07 2007 -0600 +++ b/xen/arch/x86/domain.c Fri Sep 07 13:56:50 2007 -0600 @@ -1761,8 +1761,8 @@ int domain_relinquish_resources(struct d /* fallthrough */ /* Relinquish every page of memory. */ + case RELMEM_xen_l4: #if CONFIG_PAGING_LEVELS >= 4 - case RELMEM_xen_l4: ret = relinquish_memory(d, &d->xenpage_list, PGT_l4_page_table); if ( ret ) return ret; @@ -1776,8 +1776,8 @@ int domain_relinquish_resources(struct d /* fallthrough */ #endif + case RELMEM_xen_l3: #if CONFIG_PAGING_LEVELS >= 3 - case RELMEM_xen_l3: ret = relinquish_memory(d, &d->xenpage_list, PGT_l3_page_table); if ( ret ) return ret; diff -r 192f2df46e67 -r f16bff0934d7 xen/arch/x86/hvm/hvm.c --- a/xen/arch/x86/hvm/hvm.c Thu Sep 06 15:04:07 2007 -0600 +++ b/xen/arch/x86/hvm/hvm.c Fri Sep 07 13:56:50 2007 -0600 @@ -586,8 +586,7 @@ int hvm_set_cr0(unsigned long value) if ( !paging_mode_hap(v->domain) ) { - put_page(mfn_to_page(get_mfn_from_gpfn( - v->arch.hvm_vcpu.guest_cr[3] >> PAGE_SHIFT))); + put_page(pagetable_get_page(v->arch.guest_table)); v->arch.guest_table = pagetable_null(); } } @@ -603,21 +602,11 @@ int hvm_set_cr0(unsigned long value) int hvm_set_cr3(unsigned long value) { - unsigned long old_base_mfn, mfn; + unsigned long mfn; struct vcpu *v = current; - if ( paging_mode_hap(v->domain) || !hvm_paging_enabled(v) ) - { - /* Nothing to do. */ - } - else if ( value == v->arch.hvm_vcpu.guest_cr[3] ) - { - /* Shadow-mode TLB flush. Invalidate the shadow. */ - mfn = get_mfn_from_gpfn(value >> PAGE_SHIFT); - if ( mfn != pagetable_get_pfn(v->arch.guest_table) ) - goto bad_cr3; - } - else + if ( hvm_paging_enabled(v) && !paging_mode_hap(v->domain) && + (value != v->arch.hvm_vcpu.guest_cr[3]) ) { /* Shadow-mode CR3 change. Check PDBR and then make a new shadow. */ HVM_DBG_LOG(DBG_LEVEL_VMMU, "CR3 value = %lx", value); @@ -625,11 +614,8 @@ int hvm_set_cr3(unsigned long value) if ( !mfn_valid(mfn) || !get_page(mfn_to_page(mfn), v->domain) ) goto bad_cr3; - old_base_mfn = pagetable_get_pfn(v->arch.guest_table); + put_page(pagetable_get_page(v->arch.guest_table)); v->arch.guest_table = pagetable_from_pfn(mfn); - - if ( old_base_mfn ) - put_page(mfn_to_page(old_base_mfn)); HVM_DBG_LOG(DBG_LEVEL_VMMU, "Update CR3 value = %lx", value); } diff -r 192f2df46e67 -r f16bff0934d7 xen/arch/x86/hvm/svm/svm.c --- a/xen/arch/x86/hvm/svm/svm.c Thu Sep 06 15:04:07 2007 -0600 +++ b/xen/arch/x86/hvm/svm/svm.c Fri Sep 07 13:56:50 2007 -0600 @@ -337,8 +337,36 @@ int svm_vmcb_save(struct vcpu *v, struct int svm_vmcb_restore(struct vcpu *v, struct hvm_hw_cpu *c) { - unsigned long mfn, old_base_mfn; - struct vmcb_struct *vmcb = v->arch.hvm_svm.vmcb; + unsigned long mfn = 0; + struct vmcb_struct *vmcb = v->arch.hvm_svm.vmcb; + + if ( c->pending_valid && + ((c->pending_type == 1) || (c->pending_type > 6) || + (c->pending_reserved != 0)) ) + { + gdprintk(XENLOG_ERR, "Invalid pending event 0x%"PRIx32".\n", + c->pending_event); + return -EINVAL; + } + + if ( !paging_mode_hap(v->domain) ) + { + if ( c->cr0 & X86_CR0_PG ) + { + mfn = gmfn_to_mfn(v->domain, c->cr3 >> PAGE_SHIFT); + if ( !mfn_valid(mfn) || !get_page(mfn_to_page(mfn), v->domain) ) + { + gdprintk(XENLOG_ERR, "Invalid CR3 value=0x%"PRIx64"\n", + c->cr3); + return -EINVAL; + } + } + + if ( v->arch.hvm_vcpu.guest_cr[0] & X86_CR0_PG ) + put_page(pagetable_get_page(v->arch.guest_table)); + + v->arch.guest_table = pagetable_from_pfn(mfn); + } vmcb->rip = c->rip; vmcb->rsp = c->rsp; @@ -357,18 +385,6 @@ int svm_vmcb_restore(struct vcpu *v, str __func__, c->cr3, c->cr0, c->cr4); #endif - if ( hvm_paging_enabled(v) && !paging_mode_hap(v->domain) ) - { - HVM_DBG_LOG(DBG_LEVEL_VMMU, "CR3 = %"PRIx64, c->cr3); - mfn = gmfn_to_mfn(v->domain, c->cr3 >> PAGE_SHIFT); - if( !mfn_valid(mfn) || !get_page(mfn_to_page(mfn), v->domain) ) - goto bad_cr3; - old_base_mfn = pagetable_get_pfn(v->arch.guest_table); - v->arch.guest_table = pagetable_from_pfn(mfn); - if ( old_base_mfn ) - put_page(mfn_to_page(old_base_mfn)); - } - vmcb->idtr.limit = c->idtr_limit; vmcb->idtr.base = c->idtr_base; @@ -435,14 +451,6 @@ int svm_vmcb_restore(struct vcpu *v, str gdprintk(XENLOG_INFO, "Re-injecting 0x%"PRIx32", 0x%"PRIx32"\n", c->pending_event, c->error_code); - if ( (c->pending_type == 1) || (c->pending_type > 6) || - (c->pending_reserved != 0) ) - { - gdprintk(XENLOG_ERR, "Invalid pending event 0x%"PRIx32"\n", - c->pending_event); - return -EINVAL; - } - if ( hvm_event_needs_reinjection(c->pending_type, c->pending_vector) ) { vmcb->eventinj.bytes = c->pending_event; @@ -453,10 +461,6 @@ int svm_vmcb_restore(struct vcpu *v, str paging_update_paging_modes(v); return 0; - - bad_cr3: - gdprintk(XENLOG_ERR, "Invalid CR3 value=0x%"PRIx64"\n", c->cr3); - return -EINVAL; } diff -r 192f2df46e67 -r f16bff0934d7 xen/arch/x86/hvm/vmx/vmx.c --- a/xen/arch/x86/hvm/vmx/vmx.c Thu Sep 06 15:04:07 2007 -0600 +++ b/xen/arch/x86/hvm/vmx/vmx.c Fri Sep 07 13:56:50 2007 -0600 @@ -565,7 +565,31 @@ void vmx_vmcs_save(struct vcpu *v, struc int vmx_vmcs_restore(struct vcpu *v, struct hvm_hw_cpu *c) { - unsigned long mfn, old_base_mfn; + unsigned long mfn = 0; + + if ( c->pending_valid && + ((c->pending_type == 1) || (c->pending_type > 6) || + (c->pending_reserved != 0)) ) + { + gdprintk(XENLOG_ERR, "Invalid pending event 0x%"PRIx32".\n", + c->pending_event); + return -EINVAL; + } + + if ( c->cr0 & X86_CR0_PG ) + { + mfn = gmfn_to_mfn(v->domain, c->cr3 >> PAGE_SHIFT); + if ( !mfn_valid(mfn) || !get_page(mfn_to_page(mfn), v->domain) ) + { + gdprintk(XENLOG_ERR, "Invalid CR3 value=0x%"PRIx64"\n", c->cr3); + return -EINVAL; + } + } + + if ( v->arch.hvm_vcpu.guest_cr[0] & X86_CR0_PG ) + put_page(pagetable_get_page(v->arch.guest_table)); + + v->arch.guest_table = pagetable_from_pfn(mfn); vmx_vmcs_enter(v); @@ -586,18 +610,6 @@ int vmx_vmcs_restore(struct vcpu *v, str __func__, c->cr3, c->cr0, c->cr4); #endif - if ( hvm_paging_enabled(v) ) - { - HVM_DBG_LOG(DBG_LEVEL_VMMU, "CR3 = %"PRIx64, c->cr3); - mfn = gmfn_to_mfn(v->domain, c->cr3 >> PAGE_SHIFT); - if ( !mfn_valid(mfn) || !get_page(mfn_to_page(mfn), v->domain) ) - goto bad_cr3; - old_base_mfn = pagetable_get_pfn(v->arch.guest_table); - v->arch.guest_table = pagetable_from_pfn(mfn); - if ( old_base_mfn ) - put_page(mfn_to_page(old_base_mfn)); - } - v->arch.hvm_vcpu.guest_efer = c->msr_efer; vmx_update_guest_efer(v); @@ -661,14 +673,6 @@ int vmx_vmcs_restore(struct vcpu *v, str { gdprintk(XENLOG_INFO, "Re-injecting 0x%"PRIx32", 0x%"PRIx32"\n", c->pending_event, c->error_code); - - if ( (c->pending_type == 1) || (c->pending_type > 6) || - (c->pending_reserved != 0) ) - { - gdprintk(XENLOG_ERR, "Invalid pending event 0x%"PRIx32".\n", - c->pending_event); - return -EINVAL; - } if ( hvm_event_needs_reinjection(c->pending_type, c->pending_vector) ) { @@ -680,11 +684,6 @@ int vmx_vmcs_restore(struct vcpu *v, str } return 0; - - bad_cr3: - gdprintk(XENLOG_ERR, "Invalid CR3 value=0x%"PRIx64"\n", c->cr3); - vmx_vmcs_exit(v); - return -EINVAL; } #if defined(__x86_64__) && defined(HVM_DEBUG_SUSPEND) @@ -1905,7 +1904,22 @@ static void vmx_world_save(struct vcpu * static int vmx_world_restore(struct vcpu *v, struct vmx_assist_context *c) { - unsigned long mfn, old_base_mfn; + unsigned long mfn = 0; + + if ( c->cr0 & X86_CR0_PG ) + { + mfn = gmfn_to_mfn(v->domain, c->cr3 >> PAGE_SHIFT); + if ( !mfn_valid(mfn) || !get_page(mfn_to_page(mfn), v->domain) ) + { + gdprintk(XENLOG_ERR, "Invalid CR3 value=%x", c->cr3); + return -EINVAL; + } + } + + if ( v->arch.hvm_vcpu.guest_cr[0] & X86_CR0_PG ) + put_page(pagetable_get_page(v->arch.guest_table)); + + v->arch.guest_table = pagetable_from_pfn(mfn); __vmwrite(GUEST_RIP, c->eip); __vmwrite(GUEST_RSP, c->esp); @@ -1917,18 +1931,6 @@ static int vmx_world_restore(struct vcpu vmx_update_guest_cr(v, 0); vmx_update_guest_cr(v, 4); - if ( hvm_paging_enabled(v) ) - { - HVM_DBG_LOG(DBG_LEVEL_VMMU, "CR3 = %x", c->cr3); - mfn = get_mfn_from_gpfn(c->cr3 >> PAGE_SHIFT); - if ( !mfn_valid(mfn) || !get_page(mfn_to_page(mfn), v->domain) ) - goto bad_cr3; - old_base_mfn = pagetable_get_pfn(v->arch.guest_table); - v->arch.guest_table = pagetable_from_pfn(mfn); - if ( old_base_mfn ) - put_page(mfn_to_page(old_base_mfn)); - } - __vmwrite(GUEST_IDTR_LIMIT, c->idtr_limit); __vmwrite(GUEST_IDTR_BASE, c->idtr_base); @@ -1977,10 +1979,6 @@ static int vmx_world_restore(struct vcpu paging_update_paging_modes(v); return 0; - - bad_cr3: - gdprintk(XENLOG_ERR, "Invalid CR3 value=%x", c->cr3); - return -EINVAL; } enum { VMX_ASSIST_INVOKE = 0, VMX_ASSIST_RESTORE }; diff -r 192f2df46e67 -r f16bff0934d7 xen/arch/x86/mm/shadow/multi.c --- a/xen/arch/x86/mm/shadow/multi.c Thu Sep 06 15:04:07 2007 -0600 +++ b/xen/arch/x86/mm/shadow/multi.c Fri Sep 07 13:56:50 2007 -0600 @@ -3502,24 +3502,12 @@ sh_update_cr3(struct vcpu *v, int do_loc /* Double-check that the HVM code has sent us a sane guest_table */ if ( is_hvm_domain(d) ) { - gfn_t gfn; - ASSERT(shadow_mode_external(d)); - - // Is paging enabled on this vcpu? if ( hvm_paging_enabled(v) ) - { - gfn = _gfn(paddr_to_pfn(v->arch.hvm_vcpu.guest_cr[3])); - gmfn = gfn_to_mfn(d, gfn); - ASSERT(mfn_valid(gmfn)); - ASSERT(pagetable_get_pfn(v->arch.guest_table) == mfn_x(gmfn)); - } + ASSERT(pagetable_get_pfn(v->arch.guest_table)); else - { - /* Paging disabled: guest_table points at a 32-bit 1-to-1 map */ ASSERT(v->arch.guest_table.pfn == d->arch.paging.shadow.unpaged_pagetable.pfn); - } } #endif _______________________________________________ Xen-changelog mailing list Xen-changelog@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-changelog

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.