[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [xen-unstable] add privileged/unprivileged kernel feature indication



# HG changeset patch
# User Jan Beulich <jbeulich@xxxxxxxxxx>
# Date 1310110469 -3600
# Node ID 3e3c0a8be9f95abbb8649e1206dda58fe4d7360c
# Parent  b8a2443097803feff48a7a79f147cde5cb316d81
add privileged/unprivileged kernel feature indication

With our switching away from supporting 32-bit Dom0 operation, users
complained that attempts (perhaps due to lack of knowledge of that
change) to boot the no longer privileged kernel in Dom0 resulted in
apparently silent failure. To make the mismatch explicit and visible,
add feature flags that the kernel can set to indicate operation in
what modes it supports. For backward compatibility, absence of both
feature flags is taken to indicate a kernel that may be capable of
operating in both modes.

Signed-off-by: Jan Beulich <jbeulich@xxxxxxxxxx>
---


diff -r b8a244309780 -r 3e3c0a8be9f9 tools/libxc/xc_dom_elfloader.c
--- a/tools/libxc/xc_dom_elfloader.c    Fri Jul 08 08:33:01 2011 +0100
+++ b/tools/libxc/xc_dom_elfloader.c    Fri Jul 08 08:34:29 2011 +0100
@@ -286,6 +286,15 @@
     if ( (rc = elf_xen_parse(elf, &dom->parms)) != 0 )
         return rc;
 
+    if ( elf_xen_feature_get(XENFEAT_privileged, dom->parms.f_required) ||
+         (elf_xen_feature_get(XENFEAT_privileged, dom->parms.f_supported) &&
+          !elf_xen_feature_get(XENFEAT_unprivileged, dom->parms.f_supported)) )
+    {
+        xc_dom_panic(dom->xch, XC_INVALID_KERNEL, "%s: Kernel does not"
+                     " support unprivileged (DomU) operation", __FUNCTION__);
+        return -EINVAL;
+    }
+
     /* find kernel segment */
     dom->kernel_seg.vstart = dom->parms.virt_kstart;
     dom->kernel_seg.vend   = dom->parms.virt_kend;
diff -r b8a244309780 -r 3e3c0a8be9f9 xen/arch/ia64/xen/domain.c
--- a/xen/arch/ia64/xen/domain.c        Fri Jul 08 08:33:01 2011 +0100
+++ b/xen/arch/ia64/xen/domain.c        Fri Jul 08 08:34:29 2011 +0100
@@ -2164,6 +2164,14 @@
                return -1;
        }
 
+       if (test_bit(XENFEAT_unprivileged, parms.f_required) ||
+           (test_bit(XENFEAT_unprivileged, parms.f_supported) &&
+            !test_bit(XENFEAT_privileged, parms.f_supported)))
+       {
+               printk("Kernel does not support Dom0 operation\n");
+               return -1;
+       }
+
        p_start = parms.virt_base;
        pkern_start = parms.virt_kstart;
        pkern_end = parms.virt_kend;
diff -r b8a244309780 -r 3e3c0a8be9f9 xen/arch/x86/domain_build.c
--- a/xen/arch/x86/domain_build.c       Fri Jul 08 08:33:01 2011 +0100
+++ b/xen/arch/x86/domain_build.c       Fri Jul 08 08:34:29 2011 +0100
@@ -415,6 +415,14 @@
         return -EINVAL;
     }
 
+    if ( test_bit(XENFEAT_unprivileged, parms.f_required) ||
+         (test_bit(XENFEAT_unprivileged, parms.f_supported) &&
+          !test_bit(XENFEAT_privileged, parms.f_supported)) )
+    {
+        printk("Kernel does not support Dom0 operation\n");
+        return -EINVAL;
+    }
+
 #if defined(__x86_64__)
     if ( compat32 )
     {
diff -r b8a244309780 -r 3e3c0a8be9f9 xen/common/kernel.c
--- a/xen/common/kernel.c       Fri Jul 08 08:33:01 2011 +0100
+++ b/xen/common/kernel.c       Fri Jul 08 08:34:29 2011 +0100
@@ -278,7 +278,8 @@
         switch ( fi.submap_idx )
         {
         case 0:
-            fi.submap = 0;
+            fi.submap = 1U << (IS_PRIV(current->domain) ?
+                               XENFEAT_privileged : XENFEAT_unprivileged);
             if ( VM_ASSIST(d, VMASST_TYPE_pae_extended_cr3) )
                 fi.submap |= (1U << XENFEAT_pae_pgdir_above_4gb);
             if ( paging_mode_translate(current->domain) )
diff -r b8a244309780 -r 3e3c0a8be9f9 xen/common/libelf/libelf-dominfo.c
--- a/xen/common/libelf/libelf-dominfo.c        Fri Jul 08 08:33:01 2011 +0100
+++ b/xen/common/libelf/libelf-dominfo.c        Fri Jul 08 08:34:29 2011 +0100
@@ -26,7 +26,9 @@
     [XENFEAT_writable_descriptor_tables] = "writable_descriptor_tables",
     [XENFEAT_auto_translated_physmap] = "auto_translated_physmap",
     [XENFEAT_supervisor_mode_kernel] = "supervisor_mode_kernel",
-    [XENFEAT_pae_pgdir_above_4gb] = "pae_pgdir_above_4gb"
+    [XENFEAT_pae_pgdir_above_4gb] = "pae_pgdir_above_4gb",
+    [XENFEAT_privileged] = "privileged",
+    [XENFEAT_unprivileged] = "unprivileged"
 };
 static const int elf_xen_features =
 sizeof(elf_xen_feature_names) / sizeof(elf_xen_feature_names[0]);
diff -r b8a244309780 -r 3e3c0a8be9f9 xen/include/public/features.h
--- a/xen/include/public/features.h     Fri Jul 08 08:33:01 2011 +0100
+++ b/xen/include/public/features.h     Fri Jul 08 08:34:29 2011 +0100
@@ -75,7 +75,13 @@
 #define XENFEAT_hvm_safe_pvclock           9
 
 /* x86: pirq can be used by HVM guests */
-#define XENFEAT_hvm_pirqs           10
+#define XENFEAT_hvm_pirqs                 10
+
+/* privileged operation is supported */
+#define XENFEAT_privileged                11
+
+/* un-privileged operation is supported */
+#define XENFEAT_unprivileged              12
 
 #define XENFEAT_NR_SUBMAPS 1
 

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.