From owner-svn-ports-all@freebsd.org Mon Nov 16 00:54:48 2015 Return-Path: Delivered-To: svn-ports-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4DE4FA30E71; Mon, 16 Nov 2015 00:54:48 +0000 (UTC) (envelope-from junovitch@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E56A918E0; Mon, 16 Nov 2015 00:54:47 +0000 (UTC) (envelope-from junovitch@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id tAG0slm3071679; Mon, 16 Nov 2015 00:54:47 GMT (envelope-from junovitch@FreeBSD.org) Received: (from junovitch@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id tAG0sj78071664; Mon, 16 Nov 2015 00:54:45 GMT (envelope-from junovitch@FreeBSD.org) Message-Id: <201511160054.tAG0sj78071664@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: junovitch set sender to junovitch@FreeBSD.org using -f From: Jason Unovitch Date: Mon, 16 Nov 2015 00:54:45 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r401740 - in branches/2015Q4: emulators/xen emulators/xen-kernel emulators/xen-kernel/files sysutils/xen-tools sysutils/xen-tools/files X-SVN-Group: ports-branches MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 16 Nov 2015 00:54:48 -0000 Author: junovitch Date: Mon Nov 16 00:54:45 2015 New Revision: 401740 URL: https://svnweb.freebsd.org/changeset/ports/401740 Log: MFH: r398918, r400020, r400566, r401104, 401564 xen: update to 4.5.2, apply XSAs, pass on maintainership Update xen-kernel to 4.5.1 and add patches to allow live migration, save and restore. Remove qemu-traditional patches (FreeBSD doesn't support qemu-traditional) and add XSA-142. Apply the following XSAs: 148, 149, 150, 151, 152 and 153. More information about the content of each XSA can be found at: http://xenbits.xen.org/xsa/ Update to 4.5.2 and add XSA-156. Sponsored by: Citrix Systems R&D Security: CVE-2015-5307 Security: CVE-2015-7311 Security: CVE-2015-7835 Security: CVE-2015-7969 Security: CVE-2015-7970 Security: CVE-2015-7971 Security: CVE-2015-7972 Security: CVE-2015-8104 Security: https://vuxml.FreeBSD.org/freebsd/301b04d7-881c-11e5-ab94-002590263bf5.html Security: https://vuxml.FreeBSD.org/freebsd/3d9f6260-881d-11e5-ab94-002590263bf5.html Security: https://vuxml.FreeBSD.org/freebsd/83350009-881e-11e5-ab94-002590263bf5.html Security: https://vuxml.FreeBSD.org/freebsd/c0e76d33-8821-11e5-ab94-002590263bf5.html Security: https://vuxml.FreeBSD.org/freebsd/e3792855-881f-11e5-ab94-002590263bf5.html Security: https://vuxml.FreeBSD.org/freebsd/e4848ca4-8820-11e5-ab94-002590263bf5.html Security: https://vuxml.FreeBSD.org/freebsd/fc1f8795-881d-11e5-ab94-002590263bf5.html Security: https://vuxml.FreeBSD.org/freebsd/2cabfbab-8bfb-11e5-bd18-002590263bf5.html Approved by: ports-secteam (feld) Added: branches/2015Q4/emulators/xen-kernel/files/0001-introduce-a-helper-to-allocate-non-contiguous-memory.patch - copied unchanged from r398918, head/emulators/xen-kernel/files/0001-introduce-a-helper-to-allocate-non-contiguous-memory.patch branches/2015Q4/emulators/xen-kernel/files/0002-vmap-avoid-hitting-an-ASSERT-with-vfree-NULL.patch - copied unchanged from r398918, head/emulators/xen-kernel/files/0002-vmap-avoid-hitting-an-ASSERT-with-vfree-NULL.patch branches/2015Q4/emulators/xen-kernel/files/0003-x86-shadow-fix-shadow_track_dirty_vram-to-work-on-hv.patch - copied unchanged from r398918, head/emulators/xen-kernel/files/0003-x86-shadow-fix-shadow_track_dirty_vram-to-work-on-hv.patch branches/2015Q4/emulators/xen-kernel/files/0004-x86-hap-make-hap_track_dirty_vram-use-non-contiguous.patch - copied unchanged from r398918, head/emulators/xen-kernel/files/0004-x86-hap-make-hap_track_dirty_vram-use-non-contiguous.patch branches/2015Q4/emulators/xen-kernel/files/0005-x86-rework-paging_log_dirty_op-to-work-with-hvm-gues.patch - copied unchanged from r398918, head/emulators/xen-kernel/files/0005-x86-rework-paging_log_dirty_op-to-work-with-hvm-gues.patch branches/2015Q4/emulators/xen-kernel/files/0006-xen-pvh-enable-mmu_update-hypercall.patch - copied unchanged from r398918, head/emulators/xen-kernel/files/0006-xen-pvh-enable-mmu_update-hypercall.patch branches/2015Q4/emulators/xen-kernel/files/0007-iommu-fix-usage-of-shared-EPT-IOMMU-page-tables-on-P.patch - copied unchanged from r398918, head/emulators/xen-kernel/files/0007-iommu-fix-usage-of-shared-EPT-IOMMU-page-tables-on-P.patch branches/2015Q4/emulators/xen-kernel/files/xsa156-4.5.patch - copied unchanged from r401564, head/emulators/xen-kernel/files/xsa156-4.5.patch Deleted: branches/2015Q4/emulators/xen-kernel/files/0001-libelf-fix-elf_parse_bsdsyms-call.patch branches/2015Q4/emulators/xen-kernel/files/0001-x86-pvh-disable-posted-interrupts.patch branches/2015Q4/emulators/xen-kernel/files/iommu_share_p2m_table.patch branches/2015Q4/emulators/xen-kernel/files/xsa117.patch branches/2015Q4/emulators/xen-kernel/files/xsa118-4.5-unstable-1.patch branches/2015Q4/emulators/xen-kernel/files/xsa118-4.5-unstable-2.patch branches/2015Q4/emulators/xen-kernel/files/xsa121.patch branches/2015Q4/emulators/xen-kernel/files/xsa122.patch branches/2015Q4/emulators/xen-kernel/files/xsa123.patch branches/2015Q4/emulators/xen-kernel/files/xsa125.patch branches/2015Q4/emulators/xen-kernel/files/xsa127-4.x.patch branches/2015Q4/emulators/xen-kernel/files/xsa132.patch branches/2015Q4/emulators/xen-kernel/files/xsa134.patch branches/2015Q4/emulators/xen-kernel/files/xsa136.patch branches/2015Q4/sysutils/xen-tools/files/xsa135-qemut-1.patch branches/2015Q4/sysutils/xen-tools/files/xsa135-qemut-2.patch branches/2015Q4/sysutils/xen-tools/files/xsa137.patch branches/2015Q4/sysutils/xen-tools/files/xsa138-qemut-1.patch branches/2015Q4/sysutils/xen-tools/files/xsa138-qemut-2.patch branches/2015Q4/sysutils/xen-tools/files/xsa138-qemuu-1.patch branches/2015Q4/sysutils/xen-tools/files/xsa138-qemuu-2.patch branches/2015Q4/sysutils/xen-tools/files/xsa138-qemuu-3.patch branches/2015Q4/sysutils/xen-tools/files/xsa139-qemuu-4.5.patch branches/2015Q4/sysutils/xen-tools/files/xsa140-qemuu-unstable-1.patch branches/2015Q4/sysutils/xen-tools/files/xsa140-qemuu-unstable-2.patch branches/2015Q4/sysutils/xen-tools/files/xsa140-qemuu-unstable-3.patch branches/2015Q4/sysutils/xen-tools/files/xsa140-qemuu-unstable-4.patch branches/2015Q4/sysutils/xen-tools/files/xsa140-qemuu-unstable-5.patch branches/2015Q4/sysutils/xen-tools/files/xsa140-qemuu-unstable-6.patch branches/2015Q4/sysutils/xen-tools/files/xsa140-qemuu-unstable-7.patch Modified: branches/2015Q4/emulators/xen-kernel/Makefile branches/2015Q4/emulators/xen-kernel/distinfo branches/2015Q4/emulators/xen/Makefile branches/2015Q4/sysutils/xen-tools/Makefile branches/2015Q4/sysutils/xen-tools/distinfo Directory Properties: branches/2015Q4/ (props changed) Modified: branches/2015Q4/emulators/xen-kernel/Makefile ============================================================================== --- branches/2015Q4/emulators/xen-kernel/Makefile Mon Nov 16 00:51:00 2015 (r401739) +++ branches/2015Q4/emulators/xen-kernel/Makefile Mon Nov 16 00:54:45 2015 (r401740) @@ -2,12 +2,11 @@ PORTNAME= xen PKGNAMESUFFIX= -kernel -PORTVERSION= 4.5.0 -PORTREVISION= 5 +PORTVERSION= 4.5.2 CATEGORIES= emulators MASTER_SITES= http://bits.xensource.com/oss-xen/release/${PORTVERSION}/ -MAINTAINER= bapt@FreeBSD.org +MAINTAINER= royger@FreeBSD.org COMMENT= Hypervisor using a microkernel design LICENSE= GPLv2 @@ -24,20 +23,14 @@ PLIST_FILES= /boot/xen \ ALL_TARGET= build STRIP= # WRKSRC_SUBDIR= xen -EXTRA_PATCHES= ${FILESDIR}/iommu_share_p2m_table.patch:-p2 \ - ${FILESDIR}/0001-x86-pvh-disable-posted-interrupts.patch:-p2 \ - ${FILESDIR}/xsa117.patch:-p2 \ - ${FILESDIR}/xsa118-4.5-unstable-1.patch:-p2 \ - ${FILESDIR}/xsa118-4.5-unstable-2.patch:-p2 \ - ${FILESDIR}/xsa121.patch:-p2 \ - ${FILESDIR}/xsa122.patch:-p2 \ - ${FILESDIR}/xsa123.patch:-p2 \ - ${FILESDIR}/xsa125.patch:-p2 \ - ${FILESDIR}/xsa127-4.x.patch:-p2 \ - ${FILESDIR}/xsa132.patch:-p2 \ - ${FILESDIR}/xsa134.patch:-p2 \ - ${FILESDIR}/xsa136.patch:-p2 \ - ${FILESDIR}/0001-libelf-fix-elf_parse_bsdsyms-call.patch:-p2 +EXTRA_PATCHES= ${FILESDIR}/0001-introduce-a-helper-to-allocate-non-contiguous-memory.patch:-p2 \ + ${FILESDIR}/0002-vmap-avoid-hitting-an-ASSERT-with-vfree-NULL.patch:-p2 \ + ${FILESDIR}/0003-x86-shadow-fix-shadow_track_dirty_vram-to-work-on-hv.patch:-p2 \ + ${FILESDIR}/0004-x86-hap-make-hap_track_dirty_vram-use-non-contiguous.patch:-p2 \ + ${FILESDIR}/0005-x86-rework-paging_log_dirty_op-to-work-with-hvm-gues.patch:-p2 \ + ${FILESDIR}/0006-xen-pvh-enable-mmu_update-hypercall.patch:-p2 \ + ${FILESDIR}/0007-iommu-fix-usage-of-shared-EPT-IOMMU-page-tables-on-P.patch:-p2 \ + ${FILESDIR}/xsa156-4.5.patch:-p2 .include Modified: branches/2015Q4/emulators/xen-kernel/distinfo ============================================================================== --- branches/2015Q4/emulators/xen-kernel/distinfo Mon Nov 16 00:51:00 2015 (r401739) +++ branches/2015Q4/emulators/xen-kernel/distinfo Mon Nov 16 00:54:45 2015 (r401740) @@ -1,2 +1,2 @@ -SHA256 (xen-4.5.0.tar.gz) = 5bdb40e2b28d2eeb541bd71a9777f40cbe2ae444b987521d33f099541a006f3b -SIZE (xen-4.5.0.tar.gz) = 18404933 +SHA256 (xen-4.5.2.tar.gz) = 4c9e5dac4eea484974e9f76da2756c8e0973b4e884d28d37e955df9ebf00e7e8 +SIZE (xen-4.5.2.tar.gz) = 18416220 Copied: branches/2015Q4/emulators/xen-kernel/files/0001-introduce-a-helper-to-allocate-non-contiguous-memory.patch (from r398918, head/emulators/xen-kernel/files/0001-introduce-a-helper-to-allocate-non-contiguous-memory.patch) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2015Q4/emulators/xen-kernel/files/0001-introduce-a-helper-to-allocate-non-contiguous-memory.patch Mon Nov 16 00:54:45 2015 (r401740, copy of r398918, head/emulators/xen-kernel/files/0001-introduce-a-helper-to-allocate-non-contiguous-memory.patch) @@ -0,0 +1,141 @@ +From 411801087603a1a070de7abbfa4373afe91ca3f5 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= +Date: Fri, 9 Oct 2015 12:57:31 +0200 +Subject: [PATCH 1/8] introduce a helper to allocate non-contiguous memory +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The allocator uses independent calls to alloc_domheap_pages in order to get +the desired amount of memory and then maps all the independent physical +addresses into a contiguous virtual address space. + +Signed-off-by: Roger Pau Monné +Tested-by: Julien Grall (ARM) +Reviewed-by: Tim Deegan +--- + xen/common/vmap.c | 67 ++++++++++++++++++++++++++++++++++++++++++++++ + xen/include/asm-arm/mm.h | 2 ++ + xen/include/asm-x86/page.h | 2 ++ + xen/include/xen/vmap.h | 3 +++ + 4 files changed, 74 insertions(+) + +diff --git a/xen/common/vmap.c b/xen/common/vmap.c +index 783cea3..b6827b5 100644 +--- a/xen/common/vmap.c ++++ b/xen/common/vmap.c +@@ -215,4 +215,71 @@ void vunmap(const void *va) + #endif + vm_free(va); + } ++ ++void *vmalloc(size_t size) ++{ ++ unsigned long *mfn; ++ size_t pages, i; ++ struct page_info *pg; ++ void *va; ++ ++ ASSERT(size); ++ ++ pages = PFN_UP(size); ++ mfn = xmalloc_array(unsigned long, pages); ++ if ( mfn == NULL ) ++ return NULL; ++ ++ for ( i = 0; i < pages; i++ ) ++ { ++ pg = alloc_domheap_page(NULL, 0); ++ if ( pg == NULL ) ++ goto error; ++ mfn[i] = page_to_mfn(pg); ++ } ++ ++ va = vmap(mfn, pages); ++ if ( va == NULL ) ++ goto error; ++ ++ xfree(mfn); ++ return va; ++ ++ error: ++ while ( i-- ) ++ free_domheap_page(mfn_to_page(mfn[i])); ++ xfree(mfn); ++ return NULL; ++} ++ ++void *vzalloc(size_t size) ++{ ++ void *p = vmalloc(size); ++ int i; ++ ++ if ( p == NULL ) ++ return NULL; ++ ++ for ( i = 0; i < size; i += PAGE_SIZE ) ++ clear_page(p + i); ++ ++ return p; ++} ++ ++void vfree(void *va) ++{ ++ unsigned int i, pages = vm_size(va); ++ struct page_info *pg; ++ PAGE_LIST_HEAD(pg_list); ++ ++ ASSERT(pages); ++ ++ for ( i = 0; i < pages; i++ ) ++ page_list_add(vmap_to_page(va + i * PAGE_SIZE), &pg_list); ++ ++ vunmap(va); ++ ++ while ( (pg = page_list_remove_head(&pg_list)) != NULL ) ++ free_domheap_page(pg); ++} + #endif +diff --git a/xen/include/asm-arm/mm.h b/xen/include/asm-arm/mm.h +index d25e485..c0afcec 100644 +--- a/xen/include/asm-arm/mm.h ++++ b/xen/include/asm-arm/mm.h +@@ -208,6 +208,8 @@ static inline void __iomem *ioremap_wc(paddr_t start, size_t len) + #define pfn_to_paddr(pfn) ((paddr_t)(pfn) << PAGE_SHIFT) + #define paddr_to_pfn(pa) ((unsigned long)((pa) >> PAGE_SHIFT)) + #define paddr_to_pdx(pa) pfn_to_pdx(paddr_to_pfn(pa)) ++#define vmap_to_mfn(va) paddr_to_pfn(virt_to_maddr((vaddr_t)va)) ++#define vmap_to_page(va) mfn_to_page(vmap_to_mfn(va)) + + /* Page-align address and convert to frame number format */ + #define paddr_to_pfn_aligned(paddr) paddr_to_pfn(PAGE_ALIGN(paddr)) +diff --git a/xen/include/asm-x86/page.h b/xen/include/asm-x86/page.h +index ccf0752..27c2ae7 100644 +--- a/xen/include/asm-x86/page.h ++++ b/xen/include/asm-x86/page.h +@@ -262,6 +262,8 @@ void copy_page_sse2(void *, const void *); + #define pfn_to_paddr(pfn) __pfn_to_paddr(pfn) + #define paddr_to_pfn(pa) __paddr_to_pfn(pa) + #define paddr_to_pdx(pa) pfn_to_pdx(paddr_to_pfn(pa)) ++#define vmap_to_mfn(va) l1e_get_pfn(*virt_to_xen_l1e((unsigned long)(va))) ++#define vmap_to_page(va) mfn_to_page(vmap_to_mfn(va)) + + #endif /* !defined(__ASSEMBLY__) */ + +diff --git a/xen/include/xen/vmap.h b/xen/include/xen/vmap.h +index b1923dd..a13591d 100644 +--- a/xen/include/xen/vmap.h ++++ b/xen/include/xen/vmap.h +@@ -11,6 +11,9 @@ void *__vmap(const unsigned long *mfn, unsigned int granularity, + unsigned int nr, unsigned int align, unsigned int flags); + void *vmap(const unsigned long *mfn, unsigned int nr); + void vunmap(const void *); ++void *vmalloc(size_t size); ++void *vzalloc(size_t size); ++void vfree(void *va); + + void __iomem *ioremap(paddr_t, size_t); + +-- +1.9.5 (Apple Git-50.3) + Copied: branches/2015Q4/emulators/xen-kernel/files/0002-vmap-avoid-hitting-an-ASSERT-with-vfree-NULL.patch (from r398918, head/emulators/xen-kernel/files/0002-vmap-avoid-hitting-an-ASSERT-with-vfree-NULL.patch) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2015Q4/emulators/xen-kernel/files/0002-vmap-avoid-hitting-an-ASSERT-with-vfree-NULL.patch Mon Nov 16 00:54:45 2015 (r401740, copy of r398918, head/emulators/xen-kernel/files/0002-vmap-avoid-hitting-an-ASSERT-with-vfree-NULL.patch) @@ -0,0 +1,43 @@ +From ed4a7917a6faa8b7e8f211eaeda270f96e45de7d Mon Sep 17 00:00:00 2001 +From: Andrew Cooper +Date: Fri, 9 Oct 2015 12:57:31 +0200 +Subject: [PATCH 2/8] vmap: avoid hitting an ASSERT with vfree(NULL) +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +and unconditionally defer the vm_size() call, as it doesn't have a NULL +short circuit. + +Reported-by: Wei Liu +Signed-off-by: Andrew Cooper +Tested-by: Wei Liu +Reviewed-by: Roger Pau Monné +Acked-by: Tim Deegan +--- + xen/common/vmap.c | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/xen/common/vmap.c b/xen/common/vmap.c +index b6827b5..9028802 100644 +--- a/xen/common/vmap.c ++++ b/xen/common/vmap.c +@@ -268,10 +268,14 @@ void *vzalloc(size_t size) + + void vfree(void *va) + { +- unsigned int i, pages = vm_size(va); ++ unsigned int i, pages; + struct page_info *pg; + PAGE_LIST_HEAD(pg_list); + ++ if ( !va ) ++ return; ++ ++ pages = vm_size(va); + ASSERT(pages); + + for ( i = 0; i < pages; i++ ) +-- +1.9.5 (Apple Git-50.3) + Copied: branches/2015Q4/emulators/xen-kernel/files/0003-x86-shadow-fix-shadow_track_dirty_vram-to-work-on-hv.patch (from r398918, head/emulators/xen-kernel/files/0003-x86-shadow-fix-shadow_track_dirty_vram-to-work-on-hv.patch) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2015Q4/emulators/xen-kernel/files/0003-x86-shadow-fix-shadow_track_dirty_vram-to-work-on-hv.patch Mon Nov 16 00:54:45 2015 (r401740, copy of r398918, head/emulators/xen-kernel/files/0003-x86-shadow-fix-shadow_track_dirty_vram-to-work-on-hv.patch) @@ -0,0 +1,120 @@ +From 055ee44e3cc7c40dc3a3319370d287591771a7f3 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= +Date: Fri, 9 Oct 2015 12:57:32 +0200 +Subject: [PATCH 3/8] x86/shadow: fix shadow_track_dirty_vram to work on hvm + guests +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Modify shadow_track_dirty_vram to use a local buffer and then flush to the +guest without the paging_lock held. This is modeled after +hap_track_dirty_vram. + +Signed-off-by: Roger Pau Monné +Reviewed-by: Tim Deegan +--- + xen/arch/x86/mm/shadow/common.c | 49 +++++++++++++++++++++++++---------------- + 1 file changed, 30 insertions(+), 19 deletions(-) + +diff --git a/xen/arch/x86/mm/shadow/common.c b/xen/arch/x86/mm/shadow/common.c +index a5eed28..6b91b8c 100644 +--- a/xen/arch/x86/mm/shadow/common.c ++++ b/xen/arch/x86/mm/shadow/common.c +@@ -3478,7 +3478,7 @@ void shadow_clean_dirty_bitmap(struct domain *d) + int shadow_track_dirty_vram(struct domain *d, + unsigned long begin_pfn, + unsigned long nr, +- XEN_GUEST_HANDLE_64(uint8) dirty_bitmap) ++ XEN_GUEST_HANDLE_64(uint8) guest_dirty_bitmap) + { + int rc; + unsigned long end_pfn = begin_pfn + nr; +@@ -3488,6 +3488,7 @@ int shadow_track_dirty_vram(struct domain *d, + p2m_type_t t; + struct sh_dirty_vram *dirty_vram; + struct p2m_domain *p2m = p2m_get_hostp2m(d); ++ uint8_t *dirty_bitmap = NULL; + + if ( end_pfn < begin_pfn || end_pfn > p2m->max_mapped_pfn + 1 ) + return -EINVAL; +@@ -3516,6 +3517,12 @@ int shadow_track_dirty_vram(struct domain *d, + goto out; + } + ++ dirty_bitmap = vzalloc(dirty_size); ++ if ( dirty_bitmap == NULL ) ++ { ++ rc = -ENOMEM; ++ goto out; ++ } + /* This should happen seldomly (Video mode change), + * no need to be careful. */ + if ( !dirty_vram ) +@@ -3546,12 +3553,8 @@ int shadow_track_dirty_vram(struct domain *d, + rc = -ENODATA; + } + else if (dirty_vram->last_dirty == -1) +- { + /* still completely clean, just copy our empty bitmap */ +- rc = -EFAULT; +- if ( copy_to_guest(dirty_bitmap, dirty_vram->dirty_bitmap, dirty_size) == 0 ) +- rc = 0; +- } ++ memcpy(dirty_bitmap, dirty_vram->dirty_bitmap, dirty_size); + else + { + unsigned long map_mfn = INVALID_MFN; +@@ -3630,21 +3633,19 @@ int shadow_track_dirty_vram(struct domain *d, + if ( map_sl1p ) + sh_unmap_domain_page(map_sl1p); + +- rc = -EFAULT; +- if ( copy_to_guest(dirty_bitmap, dirty_vram->dirty_bitmap, dirty_size) == 0 ) { +- memset(dirty_vram->dirty_bitmap, 0, dirty_size); +- if (dirty_vram->last_dirty + SECONDS(2) < NOW()) ++ memcpy(dirty_bitmap, dirty_vram->dirty_bitmap, dirty_size); ++ memset(dirty_vram->dirty_bitmap, 0, dirty_size); ++ if ( dirty_vram->last_dirty + SECONDS(2) < NOW() ) ++ { ++ /* was clean for more than two seconds, try to disable guest ++ * write access */ ++ for ( i = begin_pfn; i < end_pfn; i++ ) + { +- /* was clean for more than two seconds, try to disable guest +- * write access */ +- for ( i = begin_pfn; i < end_pfn; i++ ) { +- mfn_t mfn = get_gfn_query_unlocked(d, i, &t); +- if (mfn_x(mfn) != INVALID_MFN) +- flush_tlb |= sh_remove_write_access(d->vcpu[0], mfn, 1, 0); +- } +- dirty_vram->last_dirty = -1; ++ mfn_t mfn = get_gfn_query_unlocked(d, i, &t); ++ if ( mfn_x(mfn) != INVALID_MFN ) ++ flush_tlb |= sh_remove_write_access(d->vcpu[0], mfn, 1, 0); + } +- rc = 0; ++ dirty_vram->last_dirty = -1; + } + } + if ( flush_tlb ) +@@ -3659,6 +3660,16 @@ out_dirty_vram: + + out: + paging_unlock(d); ++ if ( rc == 0 && dirty_bitmap != NULL && ++ copy_to_guest(guest_dirty_bitmap, dirty_bitmap, dirty_size) ) ++ { ++ paging_lock(d); ++ for ( i = 0; i < dirty_size; i++ ) ++ dirty_vram->dirty_bitmap[i] |= dirty_bitmap[i]; ++ paging_unlock(d); ++ rc = -EFAULT; ++ } ++ vfree(dirty_bitmap); + p2m_unlock(p2m_get_hostp2m(d)); + return rc; + } +-- +1.9.5 (Apple Git-50.3) + Copied: branches/2015Q4/emulators/xen-kernel/files/0004-x86-hap-make-hap_track_dirty_vram-use-non-contiguous.patch (from r398918, head/emulators/xen-kernel/files/0004-x86-hap-make-hap_track_dirty_vram-use-non-contiguous.patch) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2015Q4/emulators/xen-kernel/files/0004-x86-hap-make-hap_track_dirty_vram-use-non-contiguous.patch Mon Nov 16 00:54:45 2015 (r401740, copy of r398918, head/emulators/xen-kernel/files/0004-x86-hap-make-hap_track_dirty_vram-use-non-contiguous.patch) @@ -0,0 +1,44 @@ +From 50ca52274eda838f0562938fae3432a0f05f2585 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= +Date: Fri, 9 Oct 2015 12:57:32 +0200 +Subject: [PATCH 4/8] x86/hap: make hap_track_dirty_vram use non-contiguous + memory for temporary map +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Just like it's done for shadow_track_dirty_vram allocate the temporary +buffer using non-contiguous memory. + +Signed-off-by: Roger Pau Monné +Reviewed-by: Tim Deegan +--- + xen/arch/x86/mm/hap/hap.c | 5 ++--- + 1 file changed, 2 insertions(+), 3 deletions(-) + +diff --git a/xen/arch/x86/mm/hap/hap.c b/xen/arch/x86/mm/hap/hap.c +index abf3d7a..f7b12a8 100644 +--- a/xen/arch/x86/mm/hap/hap.c ++++ b/xen/arch/x86/mm/hap/hap.c +@@ -87,7 +87,7 @@ int hap_track_dirty_vram(struct domain *d, + } + + rc = -ENOMEM; +- dirty_bitmap = xzalloc_bytes(size); ++ dirty_bitmap = vzalloc(size); + if ( !dirty_bitmap ) + goto out; + +@@ -168,8 +168,7 @@ int hap_track_dirty_vram(struct domain *d, + p2m_ram_logdirty, p2m_ram_rw); + } + out: +- if ( dirty_bitmap ) +- xfree(dirty_bitmap); ++ vfree(dirty_bitmap); + + return rc; + } +-- +1.9.5 (Apple Git-50.3) + Copied: branches/2015Q4/emulators/xen-kernel/files/0005-x86-rework-paging_log_dirty_op-to-work-with-hvm-gues.patch (from r398918, head/emulators/xen-kernel/files/0005-x86-rework-paging_log_dirty_op-to-work-with-hvm-gues.patch) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2015Q4/emulators/xen-kernel/files/0005-x86-rework-paging_log_dirty_op-to-work-with-hvm-gues.patch Mon Nov 16 00:54:45 2015 (r401740, copy of r398918, head/emulators/xen-kernel/files/0005-x86-rework-paging_log_dirty_op-to-work-with-hvm-gues.patch) @@ -0,0 +1,214 @@ +From 63d4838f2f5644060c064f356078a748ca413364 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= +Date: Fri, 9 Oct 2015 12:57:32 +0200 +Subject: [PATCH 5/8] x86: rework paging_log_dirty_op to work with hvm guests +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +When the caller of paging_log_dirty_op is a hvm guest Xen would choke when +trying to copy the dirty bitmap to the guest because the paging lock is +already held. + +Fix this by independently mapping each page of the guest bitmap as needed +without the paging lock held. + +Signed-off-by: Roger Pau Monné +Reviewed-by: Tim Deegan +--- + xen/arch/x86/mm/paging.c | 98 +++++++++++++++++++++++++++++++++++++++----- + xen/include/asm-x86/domain.h | 1 + + 2 files changed, 88 insertions(+), 11 deletions(-) + +diff --git a/xen/arch/x86/mm/paging.c b/xen/arch/x86/mm/paging.c +index 6b788f7..06dc7fa 100644 +--- a/xen/arch/x86/mm/paging.c ++++ b/xen/arch/x86/mm/paging.c +@@ -397,6 +397,51 @@ int paging_mfn_is_dirty(struct domain *d, mfn_t gmfn) + return rv; + } + ++static inline void *map_dirty_bitmap(XEN_GUEST_HANDLE_64(uint8) dirty_bitmap, ++ unsigned long pages, ++ struct page_info **page) ++{ ++ uint32_t pfec = PFEC_page_present | PFEC_write_access; ++ unsigned long gfn; ++ p2m_type_t p2mt; ++ ++ gfn = paging_gva_to_gfn(current, ++ (unsigned long)(dirty_bitmap.p + (pages >> 3)), ++ &pfec); ++ if ( gfn == INVALID_GFN ) ++ return NULL; ++ ++ *page = get_page_from_gfn(current->domain, gfn, &p2mt, P2M_UNSHARE); ++ ++ if ( !p2m_is_ram(p2mt) ) ++ { ++ put_page(*page); ++ return NULL; ++ } ++ if ( p2m_is_paging(p2mt) ) ++ { ++ put_page(*page); ++ p2m_mem_paging_populate(current->domain, gfn); ++ return NULL; ++ } ++ if ( p2m_is_shared(p2mt) ) ++ { ++ put_page(*page); ++ return NULL; ++ } ++ ++ return __map_domain_page(*page); ++} ++ ++static inline void unmap_dirty_bitmap(void *addr, struct page_info *page) ++{ ++ if ( addr != NULL ) ++ { ++ unmap_domain_page(addr); ++ put_page(page); ++ } ++} ++ + + /* Read a domain's log-dirty bitmap and stats. If the operation is a CLEAN, + * clear the bitmap and stats as well. */ +@@ -409,9 +454,22 @@ static int paging_log_dirty_op(struct domain *d, + mfn_t *l4 = NULL, *l3 = NULL, *l2 = NULL; + unsigned long *l1 = NULL; + int i4, i3, i2; ++ uint8_t *dirty_bitmap; ++ struct page_info *page; ++ unsigned long index_mapped; + ++ again: + if ( !resuming ) + domain_pause(d); ++ ++ index_mapped = resuming ? d->arch.paging.preempt.log_dirty.done : 0; ++ dirty_bitmap = map_dirty_bitmap(sc->dirty_bitmap, index_mapped, &page); ++ if ( dirty_bitmap == NULL ) ++ { ++ domain_unpause(d); ++ return -EFAULT; ++ } ++ + paging_lock(d); + + if ( !d->arch.paging.preempt.dom ) +@@ -451,18 +509,18 @@ static int paging_log_dirty_op(struct domain *d, + l4 = paging_map_log_dirty_bitmap(d); + i4 = d->arch.paging.preempt.log_dirty.i4; + i3 = d->arch.paging.preempt.log_dirty.i3; ++ i2 = d->arch.paging.preempt.log_dirty.i2; + pages = d->arch.paging.preempt.log_dirty.done; + + for ( ; (pages < sc->pages) && (i4 < LOGDIRTY_NODE_ENTRIES); i4++, i3 = 0 ) + { + l3 = (l4 && mfn_valid(l4[i4])) ? map_domain_page(mfn_x(l4[i4])) : NULL; +- for ( ; (pages < sc->pages) && (i3 < LOGDIRTY_NODE_ENTRIES); i3++ ) ++ for ( ; (pages < sc->pages) && (i3 < LOGDIRTY_NODE_ENTRIES); ++ i3++, i2 = 0 ) + { + l2 = ((l3 && mfn_valid(l3[i3])) ? + map_domain_page(mfn_x(l3[i3])) : NULL); +- for ( i2 = 0; +- (pages < sc->pages) && (i2 < LOGDIRTY_NODE_ENTRIES); +- i2++ ) ++ for ( ; (pages < sc->pages) && (i2 < LOGDIRTY_NODE_ENTRIES); i2++ ) + { + unsigned int bytes = PAGE_SIZE; + l1 = ((l2 && mfn_valid(l2[i2])) ? +@@ -471,15 +529,28 @@ static int paging_log_dirty_op(struct domain *d, + bytes = (unsigned int)((sc->pages - pages + 7) >> 3); + if ( likely(peek) ) + { +- if ( (l1 ? copy_to_guest_offset(sc->dirty_bitmap, +- pages >> 3, (uint8_t *)l1, +- bytes) +- : clear_guest_offset(sc->dirty_bitmap, +- pages >> 3, bytes)) != 0 ) ++ if ( pages >> (3 + PAGE_SHIFT) != ++ index_mapped >> (3 + PAGE_SHIFT) ) + { +- rv = -EFAULT; +- goto out; ++ /* We need to map next page */ ++ d->arch.paging.preempt.log_dirty.i4 = i4; ++ d->arch.paging.preempt.log_dirty.i3 = i3; ++ d->arch.paging.preempt.log_dirty.i2 = i2; ++ d->arch.paging.preempt.log_dirty.done = pages; ++ d->arch.paging.preempt.dom = current->domain; ++ d->arch.paging.preempt.op = sc->op; ++ resuming = 1; ++ paging_unlock(d); ++ unmap_dirty_bitmap(dirty_bitmap, page); ++ goto again; + } ++ ASSERT(((pages >> 3) % PAGE_SIZE) + bytes <= PAGE_SIZE); ++ if ( l1 ) ++ memcpy(dirty_bitmap + ((pages >> 3) % PAGE_SIZE), l1, ++ bytes); ++ else ++ memset(dirty_bitmap + ((pages >> 3) % PAGE_SIZE), 0, ++ bytes); + } + pages += bytes << 3; + if ( l1 ) +@@ -496,6 +567,7 @@ static int paging_log_dirty_op(struct domain *d, + { + d->arch.paging.preempt.log_dirty.i4 = i4; + d->arch.paging.preempt.log_dirty.i3 = i3 + 1; ++ d->arch.paging.preempt.log_dirty.i2 = 0; + rv = -ERESTART; + break; + } +@@ -508,6 +580,7 @@ static int paging_log_dirty_op(struct domain *d, + { + d->arch.paging.preempt.log_dirty.i4 = i4 + 1; + d->arch.paging.preempt.log_dirty.i3 = 0; ++ d->arch.paging.preempt.log_dirty.i2 = 0; + rv = -ERESTART; + } + if ( rv ) +@@ -537,6 +610,7 @@ static int paging_log_dirty_op(struct domain *d, + if ( rv ) + { + /* Never leave the domain paused on real errors. */ ++ unmap_dirty_bitmap(dirty_bitmap, page); + ASSERT(rv == -ERESTART); + return rv; + } +@@ -549,12 +623,14 @@ static int paging_log_dirty_op(struct domain *d, + * paging modes (shadow or hap). Safe because the domain is paused. */ + d->arch.paging.log_dirty.clean_dirty_bitmap(d); + } ++ unmap_dirty_bitmap(dirty_bitmap, page); + domain_unpause(d); + return rv; + + out: + d->arch.paging.preempt.dom = NULL; + paging_unlock(d); ++ unmap_dirty_bitmap(dirty_bitmap, page); + domain_unpause(d); + + if ( l1 ) +diff --git a/xen/include/asm-x86/domain.h b/xen/include/asm-x86/domain.h +index 6a77a93..63dea9c 100644 +--- a/xen/include/asm-x86/domain.h ++++ b/xen/include/asm-x86/domain.h +@@ -197,6 +197,7 @@ struct paging_domain { + unsigned long done:PADDR_BITS - PAGE_SHIFT; + unsigned long i4:PAGETABLE_ORDER; + unsigned long i3:PAGETABLE_ORDER; ++ unsigned long i2:PAGETABLE_ORDER; + } log_dirty; + }; + } preempt; +-- +1.9.5 (Apple Git-50.3) + Copied: branches/2015Q4/emulators/xen-kernel/files/0006-xen-pvh-enable-mmu_update-hypercall.patch (from r398918, head/emulators/xen-kernel/files/0006-xen-pvh-enable-mmu_update-hypercall.patch) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2015Q4/emulators/xen-kernel/files/0006-xen-pvh-enable-mmu_update-hypercall.patch Mon Nov 16 00:54:45 2015 (r401740, copy of r398918, head/emulators/xen-kernel/files/0006-xen-pvh-enable-mmu_update-hypercall.patch) @@ -0,0 +1,33 @@ +From bec71ff2b61acc42e71a2bd79ec5cf172130e5f8 Mon Sep 17 00:00:00 2001 +From: Roger Pau Monne +Date: Fri, 9 Oct 2015 12:57:32 +0200 +Subject: [PATCH 6/8] xen/pvh: enable mmu_update hypercall +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This is needed for performing save/restore of PV guests. + +Signed-off-by: Roger Pau Monné +Cc: Tim Deegan +Cc: Jan Beulich +Cc: Andrew Cooper +--- + xen/arch/x86/hvm/hvm.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c +index 7d53c6c..d3fdc3d 100644 +--- a/xen/arch/x86/hvm/hvm.c ++++ b/xen/arch/x86/hvm/hvm.c +@@ -4843,6 +4843,7 @@ static hvm_hypercall_t *const pvh_hypercall64_table[NR_hypercalls] = { + [ __HYPERVISOR_grant_table_op ] = (hvm_hypercall_t *)hvm_grant_table_op, + HYPERCALL(vcpu_op), + HYPERCALL(mmuext_op), ++ HYPERCALL(mmu_update), + HYPERCALL(xsm_op), + HYPERCALL(sched_op), + HYPERCALL(event_channel_op), +-- +1.9.5 (Apple Git-50.3) + Copied: branches/2015Q4/emulators/xen-kernel/files/0007-iommu-fix-usage-of-shared-EPT-IOMMU-page-tables-on-P.patch (from r398918, head/emulators/xen-kernel/files/0007-iommu-fix-usage-of-shared-EPT-IOMMU-page-tables-on-P.patch) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2015Q4/emulators/xen-kernel/files/0007-iommu-fix-usage-of-shared-EPT-IOMMU-page-tables-on-P.patch Mon Nov 16 00:54:45 2015 (r401740, copy of r398918, head/emulators/xen-kernel/files/0007-iommu-fix-usage-of-shared-EPT-IOMMU-page-tables-on-P.patch) @@ -0,0 +1,86 @@ +From 43f76b1443c8fc3b54dbb9fb466becbb9d584d6d Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= +Date: Fri, 9 Oct 2015 12:57:33 +0200 +Subject: [PATCH 7/8] iommu: fix usage of shared EPT/IOMMU page tables on PVH + guests +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +iommu_share_p2m_table should not prevent PVH guests from using a shared page +table between the IOMMU and EPT. Clean the code by removing the asserts in +the vendor specific implementations (amd_iommu_share_p2m, iommu_set_pgd), +and moving the hap_enabled assert to the caller (iommu_share_p2m_table). + +Also fix another incorrect usage of is_hvm_domain usage in +arch_iommu_populate_page_table. This has not given problems so far because +all the pages in PVH guests are of type PGT_writable_page. + +Signed-off-by: Roger Pau Monné +Reviewed-by: Jan Beulich +Tested-by: David Vrabel +Reviewed-by: Tim Deegan +Acked-by: Kevin Tian +--- + xen/drivers/passthrough/amd/iommu_map.c | 2 -- + xen/drivers/passthrough/iommu.c | 3 ++- + xen/drivers/passthrough/vtd/iommu.c | 2 -- + xen/drivers/passthrough/x86/iommu.c | 2 +- + 4 files changed, 3 insertions(+), 6 deletions(-) + +diff --git a/xen/drivers/passthrough/amd/iommu_map.c b/xen/drivers/passthrough/amd/iommu_map.c +index a8c60ec..31dc05d 100644 +--- a/xen/drivers/passthrough/amd/iommu_map.c ++++ b/xen/drivers/passthrough/amd/iommu_map.c +@@ -785,8 +785,6 @@ void amd_iommu_share_p2m(struct domain *d) + struct page_info *p2m_table; + mfn_t pgd_mfn; + +- ASSERT( is_hvm_domain(d) && d->arch.hvm_domain.hap_enabled ); +- + if ( !iommu_use_hap_pt(d) ) + return; + +diff --git a/xen/drivers/passthrough/iommu.c b/xen/drivers/passthrough/iommu.c +index cc12735..7fcbbb1 100644 +--- a/xen/drivers/passthrough/iommu.c ++++ b/xen/drivers/passthrough/iommu.c +@@ -332,7 +332,8 @@ void iommu_share_p2m_table(struct domain* d) + { + const struct iommu_ops *ops = iommu_get_ops(); + +- if ( iommu_enabled && is_hvm_domain(d) ) ++ ASSERT( hap_enabled(d) ); ++ if ( iommu_enabled ) + ops->share_p2m(d); + } + +diff --git a/xen/drivers/passthrough/vtd/iommu.c b/xen/drivers/passthrough/vtd/iommu.c +index 5a946d4..a5a111c 100644 +--- a/xen/drivers/passthrough/vtd/iommu.c ++++ b/xen/drivers/passthrough/vtd/iommu.c +@@ -1802,8 +1802,6 @@ static void iommu_set_pgd(struct domain *d) + struct hvm_iommu *hd = domain_hvm_iommu(d); + mfn_t pgd_mfn; + +- ASSERT( is_hvm_domain(d) && d->arch.hvm_domain.hap_enabled ); +- + if ( !iommu_use_hap_pt(d) ) + return; + +diff --git a/xen/drivers/passthrough/x86/iommu.c b/xen/drivers/passthrough/x86/iommu.c +index ce0ca5a..3d2c12a 100644 +--- a/xen/drivers/passthrough/x86/iommu.c ++++ b/xen/drivers/passthrough/x86/iommu.c +@@ -56,7 +56,7 @@ int arch_iommu_populate_page_table(struct domain *d) + + while ( !rc && (page = page_list_remove_head(&d->page_list)) ) + { +- if ( is_hvm_domain(d) || ++ if ( has_hvm_container_domain(d) || + (page->u.inuse.type_info & PGT_type_mask) == PGT_writable_page ) + { + BUG_ON(SHARED_M2P(mfn_to_gmfn(d, page_to_mfn(page)))); +-- +1.9.5 (Apple Git-50.3) + Copied: branches/2015Q4/emulators/xen-kernel/files/xsa156-4.5.patch (from r401564, head/emulators/xen-kernel/files/xsa156-4.5.patch) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2015Q4/emulators/xen-kernel/files/xsa156-4.5.patch Mon Nov 16 00:54:45 2015 (r401740, copy of r401564, head/emulators/xen-kernel/files/xsa156-4.5.patch) @@ -0,0 +1,127 @@ +x86/HVM: always intercept #AC and #DB + +Both being benign exceptions, and both being possible to get triggered +by exception delivery, this is required to prevent a guest from locking +up a CPU (resulting from no other VM exits occurring once getting into +such a loop). + +The specific scenarios: + +1) #AC may be raised during exception delivery if the handler is set to +be a ring-3 one by a 32-bit guest, and the stack is misaligned. + +2) #DB may be raised during exception delivery when a breakpoint got +placed on a data structure involved in delivering the exception. This +can result in an endless loop when a 64-bit guest uses a non-zero IST +for the vector 1 IDT entry, but even without use of IST the time it +takes until a contributory fault would get raised (results depending +on the handler) may be quite long. + +This is XSA-156. + +Reported-by: Benjamin Serebrin +Signed-off-by: Jan Beulich +Reviewed-by: Andrew Cooper +Tested-by: Andrew Cooper + +--- a/xen/arch/x86/hvm/svm/svm.c ++++ b/xen/arch/x86/hvm/svm/svm.c +@@ -1045,10 +1045,11 @@ static void noreturn svm_do_resume(struc + unlikely(v->arch.hvm_vcpu.debug_state_latch != debug_state) ) + { + uint32_t intercepts = vmcb_get_exception_intercepts(vmcb); +- uint32_t mask = (1U << TRAP_debug) | (1U << TRAP_int3); ++ + v->arch.hvm_vcpu.debug_state_latch = debug_state; + vmcb_set_exception_intercepts( +- vmcb, debug_state ? (intercepts | mask) : (intercepts & ~mask)); ++ vmcb, debug_state ? (intercepts | (1U << TRAP_int3)) ++ : (intercepts & ~(1U << TRAP_int3))); + } + + if ( v->arch.hvm_svm.launch_core != smp_processor_id() ) +@@ -2435,8 +2436,9 @@ void svm_vmexit_handler(struct cpu_user_ + + case VMEXIT_EXCEPTION_DB: + if ( !v->domain->debugger_attached ) +- goto unexpected_exit_type; +- domain_pause_for_debugger(); ++ hvm_inject_hw_exception(TRAP_debug, HVM_DELIVER_NO_ERROR_CODE); ++ else ++ domain_pause_for_debugger(); + break; + + case VMEXIT_EXCEPTION_BP: +@@ -2484,6 +2486,11 @@ void svm_vmexit_handler(struct cpu_user_ + break; + } + ++ case VMEXIT_EXCEPTION_AC: ++ HVMTRACE_1D(TRAP, TRAP_alignment_check); ++ hvm_inject_hw_exception(TRAP_alignment_check, vmcb->exitinfo1); ++ break; ++ + case VMEXIT_EXCEPTION_UD: + svm_vmexit_ud_intercept(regs); + break; +--- a/xen/arch/x86/hvm/vmx/vmx.c ++++ b/xen/arch/x86/hvm/vmx/vmx.c +@@ -1186,16 +1186,10 @@ static void vmx_update_host_cr3(struct v + + void vmx_update_debug_state(struct vcpu *v) + { +- unsigned long mask; +- +- mask = 1u << TRAP_int3; +- if ( !cpu_has_monitor_trap_flag ) +- mask |= 1u << TRAP_debug; +- + if ( v->arch.hvm_vcpu.debug_state_latch ) +- v->arch.hvm_vmx.exception_bitmap |= mask; ++ v->arch.hvm_vmx.exception_bitmap |= 1U << TRAP_int3; + else +- v->arch.hvm_vmx.exception_bitmap &= ~mask; ++ v->arch.hvm_vmx.exception_bitmap &= ~(1U << TRAP_int3); + + vmx_vmcs_enter(v); + vmx_update_exception_bitmap(v); +@@ -2801,9 +2795,10 @@ void vmx_vmexit_handler(struct cpu_user_ + __vmread(EXIT_QUALIFICATION, &exit_qualification); + HVMTRACE_1D(TRAP_DEBUG, exit_qualification); + write_debugreg(6, exit_qualification | 0xffff0ff0); +- if ( !v->domain->debugger_attached || cpu_has_monitor_trap_flag ) +- goto exit_and_crash; +- domain_pause_for_debugger(); ++ if ( !v->domain->debugger_attached ) ++ hvm_inject_hw_exception(vector, HVM_DELIVER_NO_ERROR_CODE); ++ else ++ domain_pause_for_debugger(); + break; + case TRAP_int3: + { +@@ -2868,6 +2863,11 @@ void vmx_vmexit_handler(struct cpu_user_ + + hvm_inject_page_fault(regs->error_code, exit_qualification); + break; ++ case TRAP_alignment_check: ++ HVMTRACE_1D(TRAP, vector); ++ __vmread(VM_EXIT_INTR_ERROR_CODE, &ecode); ++ hvm_inject_hw_exception(vector, ecode); ++ break; + case TRAP_nmi: + if ( (intr_info & INTR_INFO_INTR_TYPE_MASK) != + (X86_EVENTTYPE_NMI << 8) ) +--- a/xen/include/asm-x86/hvm/hvm.h ++++ b/xen/include/asm-x86/hvm/hvm.h +@@ -378,7 +378,10 @@ static inline int hvm_event_pending(stru + (X86_CR4_VMXE | X86_CR4_PAE | X86_CR4_MCE)) + + /* These exceptions must always be intercepted. */ +-#define HVM_TRAP_MASK ((1U << TRAP_machine_check) | (1U << TRAP_invalid_op)) ++#define HVM_TRAP_MASK ((1U << TRAP_debug) | \ ++ (1U << TRAP_invalid_op) | \ ++ (1U << TRAP_alignment_check) | \ ++ (1U << TRAP_machine_check)) + + /* + * x86 event types. This enumeration is valid for: Modified: branches/2015Q4/emulators/xen/Makefile ============================================================================== --- branches/2015Q4/emulators/xen/Makefile Mon Nov 16 00:51:00 2015 (r401739) +++ branches/2015Q4/emulators/xen/Makefile Mon Nov 16 00:54:45 2015 (r401740) @@ -1,10 +1,10 @@ # $FreeBSD$ PORTNAME= xen -PORTVERSION= 4.5.0 +PORTVERSION= 4.5.2 CATEGORIES= emulators -MAINTAINER= bapt@FreeBSD.org +MAINTAINER= royger@FreeBSD.org COMMENT= Xen Hyvervisor meta port LICENSE= GPLv2 Modified: branches/2015Q4/sysutils/xen-tools/Makefile ============================================================================== --- branches/2015Q4/sysutils/xen-tools/Makefile Mon Nov 16 00:51:00 2015 (r401739) +++ branches/2015Q4/sysutils/xen-tools/Makefile Mon Nov 16 00:54:45 2015 (r401740) @@ -1,13 +1,13 @@ # $FreeBSD$ PORTNAME= xen -PORTVERSION= 4.5.1 +PORTVERSION= 4.5.2 CATEGORIES= sysutils emulators MASTER_SITES= http://bits.xensource.com/oss-xen/release/${PORTVERSION}/ \ http://code.coreboot.org/p/seabios/downloads/get/:seabios PKGNAMESUFFIX= -tools -MAINTAINER= bapt@FreeBSD.org +MAINTAINER= royger@FreeBSD.org COMMENT= Xen management tool, based on LibXenlight LICENSE= GPLv2 LGPL3 @@ -47,8 +47,7 @@ QEMU_ARGS= --disable-gtk \ --disable-curl \ --cxx=c++ -EXTRA_PATCHES= ${FILESDIR}/xsa137.patch:-p1 \ - ${FILESDIR}/0002-libxc-fix-xc_dom_load_elf_symtab.patch:-p1 +EXTRA_PATCHES= ${FILESDIR}/0002-libxc-fix-xc_dom_load_elf_symtab.patch:-p1 CONFIGURE_ARGS+= --with-extra-qemuu-configure-args="${QEMU_ARGS}" SHEBANG_FILES= tools/misc/xencov_split \ @@ -75,14 +74,6 @@ post-patch: ${WRKSRC}/tools/libxl/libxl_dm.c \ ${WRKSRC}/tools/qemu-xen-traditional/i386-dm/helper2.c \ ${WRKSRC}/docs/man/* - @for p in ${FILESDIR}/*qemut*.patch; do \ - ${ECHO_CMD} "====> Applying $${p##*/}" ; \ - ${PATCH} -s -p1 -i $${p} -d ${WRKSRC}/tools/qemu-xen-traditional ; \ - done - @for p in ${FILESDIR}/*qemuu*.patch; do \ - ${ECHO_CMD} "====> Applying $${p##*/}" ; \ - ${PATCH} -s -p1 -i $${p} -d ${WRKSRC}/tools/qemu-xen ; \ - done post-install: ${MKDIR} ${STAGEDIR}/var/run/xen Modified: branches/2015Q4/sysutils/xen-tools/distinfo ============================================================================== --- branches/2015Q4/sysutils/xen-tools/distinfo Mon Nov 16 00:51:00 2015 (r401739) +++ branches/2015Q4/sysutils/xen-tools/distinfo Mon Nov 16 00:54:45 2015 (r401740) @@ -1,4 +1,4 @@ -SHA256 (xen-4.5.1.tar.gz) = 668c11d4fca67ac44329e369f810356eacd37b28d28fb96e66aac77f3c5e1371 -SIZE (xen-4.5.1.tar.gz) = 18410400 +SHA256 (xen-4.5.2.tar.gz) = 4c9e5dac4eea484974e9f76da2756c8e0973b4e884d28d37e955df9ebf00e7e8 +SIZE (xen-4.5.2.tar.gz) = 18416220 SHA256 (seabios-1.8.1.tar.gz) = 283bd848f5ce9d4bc52add973a856347e02c9ce89a9e6bc92c99359b87c9871d SIZE (seabios-1.8.1.tar.gz) = 537712