| Commit message (Collapse) | Author | Age | Files | Lines |
|\ |
|
| |
| |
| |
| |
| |
| | |
Allow enough shadow memory to avoid thrashing the shadow pages,
rather than just enough for safety.
Signed-off-by: Tim Deegan <Tim.Deegan@xensource.com>
|
| |
| |
| |
| |
| |
| | |
The array offset in set_bits_in_row here comes from an otherwise un-checked
VNC client request.
Signed-off-by: Tim Deegan <Tim.Deegan@xensource.com>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We found Vista polls ACPI timer very frequently (about 15 times
averagely) when handling timer (RTC @ 64HZ) interrupt routine. Though
the exact reason is known, it should be related to system time
adjustment. When it's in Qemu, the overhead is big. After moving,
Vista's idle overhead decreases dramatically from ~10% to 0.9%.=20
Another benefit is that Vista can only pass Performance rating with
this patch. The root cause is that ACPI timer in Qemu isn't
synchronous with other platform timer in HV, which results in Vista
complains "can't measure TSC frequency".
This patch changes vpit.h to vpt.h, for it not only has pit structure
in it, but other platform timer's structure. Another change is moving
ACPI timer and related address from acpi.h to ioreq.h, which can be shared
by HV and ACPI firmware.
Signed-off-by: Xiaowei Yang <xiaowei.yang@intel.com>
|
|
|
|
|
|
| |
This should also avoid (bogus) compiler warnings, as reported
on IA64.
Signed-off-by: Keir Fraser <keir@xensource.com>
|
|
|
|
| |
Signed-off-by: John Levon <john.levon@sun.com>
|
|
|
|
|
|
| |
Also a couple of whitespace fixes.
Signed-off-by: Tony Breeds <tony@bakeyournoodle.com>
|
|
|
|
|
|
| |
don't run.
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
|
|
|
|
|
|
| |
Use the architecture specified idea of minimum memory.
Signed-off-by: Tony Breeds <tony@bakeyournoodle.com>
|
|
|
|
|
|
| |
Signed-off-by: Christian Limpach <Christian.Limpach@xensource.com>
|
|
|
|
|
|
|
|
| |
- it turns off verbose mode of the ACM module
- copies the test policy to the policies directory only if the directory
has been created
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
|
|
|
|
|
|
| |
New README for public ramdisks.
Signed-off-by: Ewan Mellor <ewan@xensource.com>
|
|
|
|
| |
Signed-off-by: Ewan Mellor <ewan@xensource.com>
|
|
|
|
|
|
|
| |
PowerPC needs console information from the command line. Resetting the whole
command line causes false failures.
Signed-off-by: Tony Breeds <tony@bakeyournoodle.com>
|
|
|
|
|
|
| |
Used on PowerPC to FAIL(), if the guest domain hits a BUG() and enters XMON.
Signed-off-by: Tony Breeds <tony@bakeyournoodle.com>
|
|
|
|
|
|
| |
Allows for building of initrd, and running of tests.
Signed-off-by: Tony Breeds <tony@bakeyournoodle.com>
|
|
|
|
|
|
| |
Also includes some whitespace fixes.
Signed-off-by: Tony Breeds <tony@bakeyournoodle.com>
|
|
|
|
|
|
| |
Also update Makefile.
Signed-off-by: Tony Breeds <tony@bakeyournoodle.com>
|
|
|
|
|
| |
From: Glauber de Oliveira Costa <gcosta@redhat.com>
Signed-off-by: Keir Fraser <keir@xensource.com>
|
|
|
|
| |
Signed-off-by: Masami Watanabe <masami.watanabe@jp.fujitsu.com>
|
|
|
|
|
| |
device). Also clean up error/acces-denied path.
Signed-off-by: Keir Fraser <keir@xensource.com>
|
|
|
|
|
| |
From: Jan Beulich <jbeulich@novell.com>
Signed-off-by: Keir Fraser <keir@xensource.com>
|
|
|
|
|
|
|
| |
On solaris mlock requires a page aligned address and mlock doesn't
ensure the pages won't minor page fault.
Signed-off-by: Mark Johnson <mark.johnson@sun.com>
|
|
|
|
| |
Signed-off-by: John Levon <john.levon@sun.com>
|
|
|
|
| |
Signed-off-by: Jeremy Katz <katzj@redhat.com>
|
|
|
|
|
|
|
| |
This patch eliminates redundant security tools information that was
integrated into the Xen user guide and the xm man page.
Signed-off by: Reiner Sailer <sailer@us.ibm.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The specification is as mentioned at
http://lists.xensource.com/archives/html/xen-devel/2006-09/msg00666.html
(However, password came to describe plain text)
The difference is follows.
- protocol_authtype() without the necessity was deleted.
- The check on the protocol version was added.
- And, some small modification.
Signed-off-by: Masami Watanabe <masami.watanabe@jp.fujitsu.com>
|
|
|
|
|
|
|
|
| |
kernel version) to determine where to make the entry into the grub
configuration file.
Signed-off-by: Reiner Sailer <sailer@us.ibm.com>
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
|
|
|
|
|
| |
if they are prefixed with $. Fix by placing macro uses in ().
Signed-off-by: Keir Fraser <keir@xensource.com>
|
|
|
|
| |
Signed-off-by: Dexuan Cui <dexuan.cui@intel.com>
|
|
|
|
| |
Signed-off-by: Keir Fraser <keir@xensource.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
limit.
Address space access limit in VMXAssist is 4G, because IA-32 only has
4GB virtual address space which VMXassist can use to map physical
memory. The issue is, win2k3 server with more than 4G memory will put
AP GDT above 4G, so when AP changes its mode from real mode to PAE
paging mode, the long jump instrction it uses need access AP GDT
entries which resides above 4G, but because of this constraint, it can
not access GDT and so fails boot.
Signed-off-by: Xin Li <xin.b.li@intel.com>
|
|
|
|
|
|
| |
will throw an error during 'make' of the test suite. This fixes the problem.
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
|
|
|
|
| |
Signed-off-by: John Levon <john.levon@sun.com>
|
|
|
|
|
| |
Signed-off-by: Yunfeng Zhao <yunfeng.zhao@intel.com>
Signed-off-by: Xin Li <xin.b.li@intel.com>
|
|
|
|
|
|
|
| |
Improve on Linux implementation by looking for any output
on stdout/stderr. This indicates badness.
Signed-off-by: Keir Fraser <keir@xensource.com>
|
|
|
|
| |
Signed-off-by: Winston Wang <winston.l.wang@intel.com
|
|
|
|
|
|
|
| |
This prevents an error from being logged. Use the wrapped command for
reading from the xenstore instead of the native one.
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
|
|
|
|
| |
Signed-off-by: Xiaowei Yang <xiaowei.yang@intel.com>
|
|
|
|
|
|
|
|
|
| |
Many of the tools use C99 features such as bool, or expect certain functions.
Fix the CFLAGS to enable these on Solaris.
Also make sure the correct $CC is passed to Python.
Signed-off-by: John Levon <john.levon@sun.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
file. Without this patch, multiple representations of the same
resource can co-exist in the resource label file and lead to errors
during operation.
Ensures that all resource file names are stored with absolute
path name and are unique. Setting labels of phy-resources, relative
paths will automatically be pre-pended with '/dev/'; labeling
file-resources with relative paths will raise an error.
Signed-off by: Reiner Sailer <sailer@us.ibm.com>
|
|
|
|
|
|
|
| |
triggers a complaint from Windows HCT.
Signed-off-by: Xin Li <xin.b.li@intel.com>
Signed-off-by: Winston Wang <winston.l.wang@intel.com>
|
|
|
|
| |
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
|
|
|
|
| |
Signed-off-by: Tristan Gingold <tristan.gingold@bull.net>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1. GNU ld does not understand -m{32,64}. It must be cooked for it by
the GCC driver program.
2. Where GNU ld is directly called we must use -melf_{i386,x86_64}.
3. We cannot avoid calling GNU ld directly in some cases (e.g., when
specifying GNU-specific linker scripts) as on some host
architectures the GCC driver is configured to call the host
linker.
4. We cannot add -melf_{i386,x86_64} to LDFLAGS as the option is
not recognised by GCC.
Hence we define new LDFLAGS_DIRECT, to be added to the command line
only when invoking GNU ld directly.
Signed-off-by: Keir Fraser <keir@xensource.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
security is turned on in hypervisor. This is done by implicitly
labeling VMs and resources if they have not been labeled through
explicit calls.
To allow the xm tests suite to label resources automatically, run
./configure --enable-full-labeling
once. To turn it off, the '--enable-full-labeling' parameter should be
omitted.
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
the xm test suite. The tests can be run with ACM turned off (not
compiled into Xen; see user doc for this), but most of them will be
skipped then. They can be run with a command like
make -C tests/security-acm check-TESTS
from the xm-test directory. They are also part of the default tests in
the tests suite and part of a new group test 'security'.
Since some of the tests require resources to be labeled, one must
explicitly enable the resources to be allowed to be labeled by the
test
suite by running
./configure --enable-full-labeling
once. To turn it off, the '--enable-full-labeling' parameter should be
omitted.
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
|
|
|
|
|
| |
From: Christoph Egger <Christoph.Egger@amd.com>
Signed-off-by: Keir Fraser <keir@xensource.com>
|
|
|
|
| |
Signed-off-by: John Levon <john.levon@sun.com>
|
|
|
|
|
|
| |
just xend, and we need to disable xend's self-restarter.
Signed-off-by: John Levon <john.levon@sun.com>
|