| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
| |
The wrapper is there already, so better use it in place of
all the stuff required to issue a call to do_domctl() for
XEN_DOMCTL_getdomaininfo.
Signed-off-by: Dario Faggioli <dario.faggioli@citrix.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A sufficiently malformed input to libxc (such as a malformed input ELF
or other guest-controlled data) might cause one of libxc's malloc() to
fail. In this case we need to make sure we don't dereference or do
pointer arithmetic on the result.
Search for all occurrences of \b(m|c|re)alloc in libxc, and all
functions which call them, and add appropriate error checking where
missing.
This includes the functions xc_dom_malloc*, which now print a message
when they fail so that callers don't have to do so.
The function xc_cpuid_to_str wasn't provided with a sane return value
and has a pretty strange API, which now becomes a little stranger.
There are no in-tree callers.
This is part of the fix to a security issue, XSA-55.
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
v8: Move a check in xc_exchange_page to the previous patch
(ie, remove it from this patch).
v7: Add a missing check for a call to alloc_str.
Add arithmetic overflow check in xc_dom_malloc.
Coding style fix.
v6: Fix a missed call `pfn_err = calloc...' in xc_domain_restore.c.
Fix a missed call `new_pfn = xc_map_foreign_range...' in
xc_offline_page.c
v5: This patch is new in this version of the series.
|
| |
|
|
|
|
|
| |
The emacs variable to set the C style from a local variable block is
c-file-style, not c-set-style.
Signed-off-by: David Vrabel <david.vrabel@citrix.com
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
do_mmu_update
In do_mmu_update() (in the hypervisor) the parameter 'foreigndom' is
'unsigned int' and both its high (bits 31-16) and low (bits 15-0) are
parts utilised, as explained here:
http://xenbits.xen.org/docs/unstable/hypercall/include,public,xen.h.html#Func_HYPERVISOR_mmu_update
However, the actual parameter, i.e., the 'subject' field in
struct xc_mmu is declared as domid_t, which typedef-s to uint16_t.
This means we are never able to pass anything via the higher 16 bits
of 'foreigndom', which in turns may cause the hypercall to fail when
called on an actual foreign domain.
Signed-off-by: Dario Faggioli <dario.faggioli@citrix.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Committed-by: Ian Campbell <ian.campbell@citrix.com>
|
| |
|
|
|
|
|
|
|
| |
NetBSD doesn't have a gntdev, but we should not print an error when
falling back to the previous implementation.
Signed-off-by: Roger Pau Monne <roger.pau@citrix.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Committed-by: Ian Campbell <ian.campbell@citrix.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Backends were inconsistent about reporting and it's a pain to edit them all
when adding a new class of osdep.
Signed-off-by: Ian Campbell <Ian.campbell@citrix.com>
Acked-by: Ian Jackson <ian.jackson.citrix.com>
Committed-by: Ian Jackson <ian.jackson.citrix.com>
---
Requires Daniel De Graaf's "libxc: add xc_gntshr_* functions"
|
| |
|
|
|
|
|
|
|
| |
These functions and the xc_gntshr device (/dev/xen/gntalloc on linux)
allow applications to create pages shared with other domains.
Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Committed-by: Ian Jackson <ian.jackson@eu.citrix.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Constantly m(un)locking memory can have significant overhead on
systems with large numbers of CPUs. This was previously fixed by
20841:fbe8f32fa257 but this was dropped during the transition to
hypercall buffers.
Introduce a small cache of single page hypercall buffer allocations
which can be resused to avoid this overhead.
Add some statistics tracking to the hypercall buffer allocations.
The cache size of 4 was chosen based on these statistics since they
indicated that 2 pages was sufficient to satisfy all concurrent single
page hypercall buffer allocations seen during "xl create", "xl
shutdown" and "xl destroy" of both a PV and HVM guest therefore 4
pages should cover the majority of important cases.
This fixes http://bugzilla.xensource.com/bugzilla/show_bug.cgi?id=1719.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Reported-by: Zheng, Shaohui <shaohui.zheng@intel.com>
Tested-by: Haitao Shan <maillists.shan@gmail.com>
Committed-by: Ian Jackson <ian.jackson@eu.citrix.com>
|
| |
|
|
|
|
|
|
| |
Add a dummy backend which always returns ENOSYS. Mainly as a compile
time testbed rather than because it is a useful backend.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Signed-off-by: Ian Jackson <ian.jackson.citrix.com>
|
| |
|
|
|
| |
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Signed-off-by: Ian Jackson <ian.jackson.citrix.com>
|
| |
|
|
|
|
|
|
| |
Transition to xc_osdep_handle is now complete and nothing uses
(or should be using) it.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Signed-off-by: Ian Jackson <ian.jackson.citrix.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
i.e. not running on a real hypervisor
Allows users of the library to adjust behaviour. I don't especially
like this violation of the abstraction but both oxenstored and xapi
use this to avoid difficult to simulate operations when running on the
simulator.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Signed-off-by: Ian Jackson <ian.jackson.citrix.com>
|
| |
|
|
|
|
|
| |
do_privcmd() was only ever used by do_xen_hypercall() so remove it.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Signed-off-by: Ian Jackson <ian.jackson.citrix.com>
|
| |
|
|
|
|
|
|
|
|
| |
interfaces.
This patch introduces the basic infrastructure and uses it for open
and close operations on privcmd, evtchn and gnttab devices.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Signed-off-by: Ian Jackson <ian.jackson.citrix.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The xc_interface previously passed to xc_gnttab_* was only used for
logging which can now be done via the xc_gnttab handle instead.
This makes the interface consistent with the changes made to the main
interface in 21483:779c0ef9682c.
Also update QEMU_TAG to pull in the corresponding qemu change.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This makes the interface consistent with the changes made to the main
interface in 21483:779c0ef9682c.
Also fix some references to "struct xc_interface" which should have
been simply "xc_interface" in tools/xenpaging, and update QEMU_TAG to
pull in the corresponding qemu change.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
|
| |
|
|
|
| |
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
interface
Used by language bindings which provide their own re-entrancy which conflicts
with pthreads.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
committer: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
|
| |
|
|
|
|
|
|
|
|
| |
future use.
Make the function public since I have future patches which depend on this.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
committer: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
|
| |
|
|
|
|
|
| |
xend was crashing since 22289:ca4a781c8ae8 due to missing handling of
XENVER_commandline.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rename xc_set_xen_guest_handle to set_xen_guest_handle[0] and remove now
unused functions:
- xc_memalign
- lock_pages
- unlock_pages
- hcall_buf_prep
- hcall_buf_release
[0] sed -i -e 's/xc_set_xen_guest_handle/set_xen_guest_handle/g' \
tools/libxc/*.[ch] \
tools/python/xen/lowlevel/xc/xc.c \
tools/python/xen/lowlevel/acm/acm.c \
tools/libxc/ia64/xc_ia64_stubs.c \
tools/security/secpol_tool.c \
tools/misc/xenpm.c
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Signed-off-by: Ian Jackson <ian.jackson.citrix.com>
|
| |
|
|
|
| |
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Signed-off-by: Ian Jackson <ian.jackson.citrix.com>
|
| |
|
|
|
| |
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Signed-off-by: Ian Jackson <ian.jackson.citrix.com>
|
| |
|
|
|
|
|
| |
(defer save/restore and shadow related interfaces til a later patch)
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Signed-off-by: Ian Jackson <ian.jackson.citrix.com>
|
| |
|
|
|
| |
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Signed-off-by: Ian Jackson <ian.jackson.citrix.com>
|
| |
|
|
|
|
|
|
| |
(Modified version of this patch, with updated #includes in
xc_hcall_buf.c to fix stubdomain build.)
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
|
| |
|
|
|
|
|
|
|
| |
The ia64 specific xc_get_pfn_list doesn't seem any different to the
generic xc_get_pfn_list once the call to xc_ia64_get_pfn_list is
expanded so remove and just use the generic one.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Push responsibility for locking buffers refered to by the memory_op
argument up into the callers (which are now all internal to libxc).
This removes the last of the introspecation from do_memory_op and
generally makes the transistion to hypercall buffers smoother.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Now that all XENMEM_* callers go via an op specific function make
xc_memory_op private to libxc (and rename to do_memory_op for
consistency with other private functions).
Also change the interface to take a size parameter so that
do_memory_op knows how much memory to lock for the top-level argument,
removing some of the introspection.
[ Compatibility note: this breaks qemu-xen before 706bc8c588cb ]
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
|
| |
|
|
|
| |
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
|
| |
|
|
|
| |
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently the wrappers for these hypercalls swallow partial success
and return failure to the caller.
In order to use these functions more widely instead of open-coding
uses of XENMEM_* and xc_memory_op add variants which return the actual
hypercall result.
Therefore add the following functions:
xc_domain_increase_reservation
xc_domain_decrease_reservation
xc_domain_populate_physmap
and implement the existing semantics using these new functions as
xc_domain_increase_reservation_exact
xc_domain_decrease_reservation_exact
xc_domain_populate_physmap_exact
replacing the existing xc_domain_memory_* functions.
Use these new functions to replace all open coded uses of
XENMEM_increase_reservation, XENMEM_decrease_reservation and
XENMEM_populate_physmap.
Also rename xc_domain_memory_*_pod_target to xc_domain_*_pod_target
for consistency.
Temporarily add a compatibility macro for
xc_domain_memory_populate_physmap to allow time for qemu to catch up.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
|
| |
|
|
|
|
|
|
|
| |
Not actually used here but useful to confirm that a handle is passed
down to each location where it will be required once we switch to
hypercall buffers.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
|
| |
|
|
|
|
|
| |
Allows us to do away with safe_unlock and merge into unlock_pages.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
# User Ian Campbell <ian.campbell@citrix.com>
# Date 1282671421 -3600
# Node ID d1dd29a470ef1b9d2c77478a123326036dfe90bb
# Parent d7a4adad9c328decbd384d87b23001aea8951b86
tools/libxc, tools/libelf: Relicense under LGPL v2.1
Relicense these two libraries under LGPL v2.1 only except where
individual files already included the "or later" provision.
Copyright holders have been contacted by Stephen Spector and have all
agreed this change.
Removed tools/libxc/ia64/aclinux.h since it appeared to be
unused. There is a separate, more up to date, copy in
xen/include/acpi/platform/aclinux.h which does appear to be used.
Clarify the license of MiniOS privcmd.h under the same terms as other
tools/include/xen-sys headers.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Stephen Spector <stephen.spector@citrix.com>
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The per-thread hypercall buffer is usually cleaned up on pthread_exit
by the destructor passed to pthread_key_create. However if the calling
application is not threaded then the destructor is never called.
This frees the data for the current thread only but that is OK since
any other threads will be cleaned up by the destructor.
Changed since v1:
* Ensure hcall_buf_pkey is initialised before use. Thanks to
Christoph Egger for his help diagnosing this issue on NetBSD.
* Remove redundant if (hcall_buf) from xc_clean_hcall_buf since
_xc_clean_hcall_buf includes the same check.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The per-thread hypercall buffer is usually cleaned up on pthread_exit
by the destructor passed to pthread_key_create. However if the calling
application is not threaded then the destructor is never called.
This frees the data for the current thread only but that is OK since
any other threads will be cleaned up by the destructor.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Committed-by: Ian Jackson <ian.jackson@eu.citrix.com>
|
| |
|
|
|
|
|
| |
libxc could sometimes free the logger which xl created.
Thanks to report from Yang Hongyang <yanghy@cn.fujitsu.com>.
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
|
| |
|
|
|
|
| |
Nacked-by: Ian Jackson <ian.jackson@eu.citrix.com>
Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
|
| |
|
|
|
|
|
|
| |
If /proc/xen/privcmd cannot be opened,
start xend occurs Segmentation fault.
Add check to fix it.
Signed-off-by: Yu Zhiguo <yuzg@cn.fujitsu.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Make "read_exact" in libxc always set errno.
* Rename "read_exact" macro in xc_domain_restore.c (which shadows
real function) to RDEXACT and change all callers.
* Make RDEXACT anamorphically use xch for error reporting rather than
* stderr.
* Call PERROR rather than ERROR when appropriate, so that log messages
include errno.
* Save errno in noncached_write so that its errno value is always
* right.
Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch eliminate the global variables in libxenctrl (used for
logging and error reporting).
Instead the information which was in the global variables is now in a
new xc_interface* opaque structure, which xc_interface open returns
instead of the raw file descriptor; furthermore, logging is done via
xentoollog.
There are three new parameters to xc_interface_open to control the
logging, but existing callers can just pass "0" for all three to get
the old behaviour.
All libxc callers have been adjusted accordingly.
Also update QEMU_TAG for corresponding qemu change.
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
|
| |
|
|
|
|
|
|
|
|
| |
Allow certain performance-critical hypercall wrappers to register data
buffers via a new interface which allows them to be 'bounced' into a
pre-mlock'ed page-sized per-thread data area. This saves the cost of
mlock/munlock on every such hypercall, which can be very expensive on
modern kernels.
Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To support wider than 28-bit MFNs, add XEN_DOMCTL_getpageframeinfo3
(with the type replacing the passed in MFN rather than getting or-ed
into it) to properly back xc_get_pfn_type_batch().
With xc_get_pfn_type_batch() only used internally to libxc, move its
prototype from xenctrl.h to xc_private.h.
This also fixes a couple of bugs in pre-existing code:
- the failure path for init_mem_info() leaked minfo->pfn_type,
- one error path of the XEN_DOMCTL_getpageframeinfo2 handler used
put_domain() where rcu_unlock_domain() was meant, and
- the XEN_DOMCTL_getpageframeinfo2 handler could call
xsm_getpageframeinfo() with an invalid struct page_info pointer.
Signed-off-by: Jan Beulich <jbeulich@novell.com>
|
| |
|
|
|
|
|
| |
Never present in any stable release of Xen. Introduced for use by
qemu-dm but now not needed.
Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
|
| |
|
|
| |
Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Implement libxc interface to PoD functionality:
* Add xc_hvm_build_target_mem(), which takes both memsize and target.
Memsize is the total memory, allocated in PoD pages and reported in
the e820; target is the size of the cache. If these are the same, the
normal funcitonality is called. (So you can use the same function to
build always, and it will decide whether to use PoD or not.)
* Add xc_domain_memory_[gs]et_pod_target(), which sets and/or returns
information about the PoD cache and p2m entries.
Signed-off-by: George Dunlap <george.dunlap@eu.citrix.com>
|
| |
|
|
| |
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
|
| |
|
|
|
|
|
|
|
| |
The address_bits field will be limited to 8 bits and is now embedded
in the mem_flags member, which additionally contains the node number
(limited to 8 bit).
Signed-off-by: Andre Przywara <andre.przywara@amd.com>
Signed-off-by: Keir Fraser <keir.fraser@citrix.com>
|
