| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
| |
Coverity-ID: 1055269
signed-off-by: Matthew Daley <mattjd@gmail.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
And use it in xc_exchange_page(). This is basically because the
following change need something really similar to the set of
steps that are here abstracted in these two functions.
Despite of the change in the interface and in the signature of
some functions, this is pure code motion. No functional changes
involved.
Signed-off-by: Dario Faggioli <dario.faggioli@citrix.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As a wrapper to XEN_DOMCTL_get_address_size, and use it
wherever the call was being issued directly via do_domctl(),
saving quite some line of code.
Actually, the function returns the guest width in bytes,
rather than directly what XEN_DOMCTL_get_address_size provides
(which is a number of bits), since that is what it is useful
almost everywhere.
Signed-off-by: Dario Faggioli <dario.faggioli@citrix.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The return values from xc_dom_*_to_ptr and xc_map_foreign_range are
sometimes dereferenced, or subjected to pointer arithmetic, without
checking whether the relevant function failed and returned NULL.
Add an appropriate error check at every call site.
This is part of the fix to a security issue, XSA-55.
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
v8: Add a missing check in xc_offline_page.c:xc_exchange_page,
which was in the next patch in v7 of the series.
Also improve the message.
I think in this particular error case it may be that the results
are a broken guest, but turning this from a possible host tools
crash into a guest problem seems to solve the potential security
problem.
v7: Simplify an error DOMPRINTF to not use "load ? : ".
Make DOMPRINTF allocation error messages consistent.
Do not set elf->dest_pages in xc_dom_load_elf_kernel
if xc_dom_seg_to_ptr_pages fails.
v5: This patch is new in this version of the series.
|
|
|
|
|
|
|
|
| |
xc_offline_page doesn't really need xs.h.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
Committed-by: Ian Jackson <ian.jackson@eu.citrix.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rename xc_set_xen_guest_handle to set_xen_guest_handle[0] and remove now
unused functions:
- xc_memalign
- lock_pages
- unlock_pages
- hcall_buf_prep
- hcall_buf_release
[0] sed -i -e 's/xc_set_xen_guest_handle/set_xen_guest_handle/g' \
tools/libxc/*.[ch] \
tools/python/xen/lowlevel/xc/xc.c \
tools/python/xen/lowlevel/acm/acm.c \
tools/libxc/ia64/xc_ia64_stubs.c \
tools/security/secpol_tool.c \
tools/misc/xenpm.c
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Signed-off-by: Ian Jackson <ian.jackson.citrix.com>
|
|
|
|
|
|
|
|
| |
There is no need to lock/bounce minfo->pfn_type in init_mem_info since
xc_get_pfn_type_batch() will take care of that for us.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Signed-off-by: Ian Jackson <ian.jackson.citrix.com>
|
|
|
|
|
| |
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Signed-off-by: Ian Jackson <ian.jackson.citrix.com>
|
|
|
|
|
| |
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
|
|
|
|
|
|
|
| |
Generalised from exchange_page in xc_offline_page.c
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
|
|
|
|
|
|
|
|
|
| |
Not actually used here but useful to confirm that a handle is passed
down to each location where it will be required once we switch to
hypercall buffers.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
# User Ian Campbell <ian.campbell@citrix.com>
# Date 1282671421 -3600
# Node ID d1dd29a470ef1b9d2c77478a123326036dfe90bb
# Parent d7a4adad9c328decbd384d87b23001aea8951b86
tools/libxc, tools/libelf: Relicense under LGPL v2.1
Relicense these two libraries under LGPL v2.1 only except where
individual files already included the "or later" provision.
Copyright holders have been contacted by Stephen Spector and have all
agreed this change.
Removed tools/libxc/ia64/aclinux.h since it appeared to be
unused. There is a separate, more up to date, copy in
xen/include/acpi/platform/aclinux.h which does appear to be used.
Clarify the license of MiniOS privcmd.h under the same terms as other
tools/include/xen-sys headers.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Stephen Spector <stephen.spector@citrix.com>
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch eliminate the global variables in libxenctrl (used for
logging and error reporting).
Instead the information which was in the global variables is now in a
new xc_interface* opaque structure, which xc_interface open returns
instead of the raw file descriptor; furthermore, logging is done via
xentoollog.
There are three new parameters to xc_interface_open to control the
logging, but existing callers can just pass "0" for all three to get
the old behaviour.
All libxc callers have been adjusted accordingly.
Also update QEMU_TAG for corresponding qemu change.
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To support wider than 28-bit MFNs, add XEN_DOMCTL_getpageframeinfo3
(with the type replacing the passed in MFN rather than getting or-ed
into it) to properly back xc_get_pfn_type_batch().
With xc_get_pfn_type_batch() only used internally to libxc, move its
prototype from xenctrl.h to xc_private.h.
This also fixes a couple of bugs in pre-existing code:
- the failure path for init_mem_info() leaked minfo->pfn_type,
- one error path of the XEN_DOMCTL_getpageframeinfo2 handler used
put_domain() where rcu_unlock_domain() was meant, and
- the XEN_DOMCTL_getpageframeinfo2 handler could call
xsm_getpageframeinfo() with an invalid struct page_info pointer.
Signed-off-by: Jan Beulich <jbeulich@novell.com>
|
|
|
|
|
|
|
|
| |
p2m_size for macros.
Macro now refers to guest_width and p2m_size through a dinfo pointer.
Signed-off-by: Vincent Hanquez <vincent.hanquez@eu.citrix.com>
|
|
|
|
| |
Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
|
|
|
|
| |
Signed-off-by: Steven Smith <steven.smith@citrix.com>
|
|
|
|
|
|
| |
isn't in the way when we introduce struct grant_entry_v2.
Signed-off-by: Steven Smith <steven.smith@citrix.com>
|
|
|
|
| |
Signed-off-by: Jiang, Yunhong <yunhong.jiang@intel.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch support exchange a page for a suspended PV guest from user
space.
The basic idea to offline a page is:
1) mark a page offline pending
2) If the page is owned by a HVM domain, user have to live migrate it.
In future, with stub-domain support, we can also exchange the page
without migration.
3) If the page is owned by a PV domain, we will try to exchange the
offline pending page to a new one and free the old page.
This patch achieves item 3.
The method to exchange the offline pending page for PV domain is:
1) Suspend the guest.
2) If the page is being granted out, return with offline pending.
3) Get a copy for the content
4) Scan all page table page to see if any reference to the offending
page, if yes, make the entry to be non-present to reduce the reference
count.
5) After update all page tables, user space tools will try to exchange
the old page. If the new mfn has no reference anymore (i.e.
count_info & count_mask =3D 1), the exchange will allocate a new page,
update the m2p and return success, otherwise it will return fail.
6) If step 5 is success, user space tools will update the content of
the new page change the p2m table, and change all entries scaned in
step 4 to point to new entry.
if step failed, it will try to undo step 4 to revert page table.
7) Resume the guest.
Please refer to thread in
http://www.mailinglistarchive.com/xen-devel@lists.xensource.com/msg63084.html
for more information.
Signed-off-by: Jiang, Yunhong <yunhong.jiang@intel.com>
|
|
Signed-off-by: Jiang, Yunhong <yunhong.jiang@intel.com>
|