Branch: refs/heads/master
Home: https://github.com/siemens/jailhouse
Commit: ef2722cc0660647a97abd0f03ab6792e6f578067
https://github.com/siemens/jailhouse/commit/ef2722cc0660647a97abd0f03ab6792e6f578067
Author: Jan Kiszka <[email protected]>
Date: 2018-07-16 (Mon, 16 Jul 2018)
Changed paths:
M configs/x86/apic-demo.c
M configs/x86/e1000-demo.c
M configs/x86/ioapic-demo.c
M configs/x86/ivshmem-demo.c
M configs/x86/pci-demo.c
M configs/x86/smp-demo.c
M configs/x86/tiny-demo.c
Log Message:
-----------
configs: x86: Allow virtual console in demo inmates
Useful on platforms that do not have UART.
Signed-off-by: Jan Kiszka <[email protected]>
Commit: 31a76e08b09443ae43f1c08c6fc87fa497837a22
https://github.com/siemens/jailhouse/commit/31a76e08b09443ae43f1c08c6fc87fa497837a22
Author: Ralf Ramsauer <[email protected]>
Date: 2018-07-16 (Mon, 16 Jul 2018)
Changed paths:
M inmates/demos/x86/32-bit-demo.c
M inmates/demos/x86/apic-demo.c
M inmates/demos/x86/tiny-demo.c
M inmates/lib/include/inmate_common.h
M inmates/tests/x86/mmio-access-32.c
Log Message:
-----------
inmates: x86: surround printk by __attribute__((format))
And fix all errors that popped up.
Signed-off-by: Ralf Ramsauer <[email protected]>
Signed-off-by: Jan Kiszka <[email protected]>
Commit: 509d3061eed51f9c26befe876ecd1effb3ea51cf
https://github.com/siemens/jailhouse/commit/509d3061eed51f9c26befe876ecd1effb3ea51cf
Author: Jan Kiszka <[email protected]>
Date: 2018-07-16 (Mon, 16 Jul 2018)
Changed paths:
M configs/x86/e1000-demo.c
M configs/x86/smp-demo.c
Log Message:
-----------
configs: x86: Add missing console definition to smp and e1000e demos
Fixes: 8198734e380b ("inmates: x86: Add consoles to inmate definition")
Signed-off-by: Jan Kiszka <[email protected]>
Commit: a01b22310b93410f92683061f821809ffd2587c6
https://github.com/siemens/jailhouse/commit/a01b22310b93410f92683061f821809ffd2587c6
Author: Jan Kiszka <[email protected]>
Date: 2018-07-16 (Mon, 16 Jul 2018)
Changed paths:
M inmates/lib/x86/header-32.S
M inmates/lib/x86/header.S
Log Message:
-----------
Revert "inmates: x86: move stop label to the top"
This reverts commit 91ac3cae573acc9601feee4489eed27bf2f115a0.
We need this for SMP: The secondary entry handler may return and expects
us to stop the CPU then.
Signed-off-by: Jan Kiszka <[email protected]>
Commit: a741f5f8a713c279f92d232fd5d26884258d3ad2
https://github.com/siemens/jailhouse/commit/a741f5f8a713c279f92d232fd5d26884258d3ad2
Author: Jan Kiszka <[email protected]>
Date: 2018-07-16 (Mon, 16 Jul 2018)
Changed paths:
M hypervisor/printk.c
Log Message:
-----------
core: Respect ongoing panic also in virtual console
This is analogously to UART and framebuffer drivers. If the panic
happens for non-root CPUs, we can still analyze them via the virtual
console, provided they were not mangled.
Signed-off-by: Jan Kiszka <[email protected]>
Commit: 905bbc43ba797b52822d40537808035b19821fa7
https://github.com/siemens/jailhouse/commit/905bbc43ba797b52822d40537808035b19821fa7
Author: Ralf Ramsauer <[email protected]>
Date: 2018-07-18 (Wed, 18 Jul 2018)
Changed paths:
M hypervisor/arch/arm-common/gic-v3.c
Log Message:
-----------
core: arm64: Fix gicv3_get_cpu_target
Shifting has precedence. But we need to shift _after_ we applied the
bitmask. Otherwise, the bitmask will applied after shifting the bits.
This is wrong.
This raises an error if we have more than eight CPUs: The eighth CPU
will be target 256, which will be masked out and result in 0.
Signed-off-by: Ralf Ramsauer <[email protected]>
Signed-off-by: Jan Kiszka <[email protected]>
Commit: 7688e96c815ba2f7c713228ecdd75241bcb8102a
https://github.com/siemens/jailhouse/commit/7688e96c815ba2f7c713228ecdd75241bcb8102a
Author: Lokesh Vutla <[email protected]>
Date: 2018-07-22 (Sun, 22 Jul 2018)
Changed paths:
M hypervisor/arch/arm-common/Kbuild
M hypervisor/arch/arm-common/include/asm/psci.h
R hypervisor/arch/arm-common/include/asm/sip.h
A hypervisor/arch/arm-common/include/asm/smccc.h
M hypervisor/arch/arm-common/psci.c
A hypervisor/arch/arm-common/smccc.c
M hypervisor/arch/arm/traps.c
M hypervisor/arch/arm64/traps.c
Log Message:
-----------
arm-common: Rework handling of SMC
Latest versions of SMC have more services to handle
other than PSCI and SIP. In order to handle newer versions
and not to clutter smc handling for arm and arm64 separately,
consolidating the SMC handling into arm-common/smccc.c.
This is similar to the method implemented in kernel.
Signed-off-by: Lokesh Vutla <[email protected]>
Tested-by: Ralf Ramsauer <[email protected]>
[Jan: reformatted header of new files,
added missing instruction skip to arch_handle_smc]
Signed-off-by: Jan Kiszka <[email protected]>
Commit: c21c91b2c1f8d3b5a8b756cb373dda0fbd105071
https://github.com/siemens/jailhouse/commit/c21c91b2c1f8d3b5a8b756cb373dda0fbd105071
Author: Lokesh Vutla <[email protected]>
Date: 2018-07-22 (Sun, 22 Jul 2018)
Changed paths:
M hypervisor/arch/arm-common/include/asm/psci.h
M hypervisor/arch/arm-common/psci.c
Log Message:
-----------
arm-common: Add support for PSCI 1.1
Implement the latest PSCI version 1.1[1]
>From an implementation perspective only PSCI_FEAURES is
mandatory. Rest is optional and return unsupported for now.
Also bump the version to v1.1.
[1]
http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.den0022d/index.html
Signed-off-by: Lokesh Vutla <[email protected]>
Tested-by: Ralf Ramsauer <[email protected]>
Signed-off-by: Jan Kiszka <[email protected]>
Commit: 83de08caef34ad3dae8edf4095a0476e741bd6f1
https://github.com/siemens/jailhouse/commit/83de08caef34ad3dae8edf4095a0476e741bd6f1
Author: Lokesh Vutla <[email protected]>
Date: 2018-07-22 (Sun, 22 Jul 2018)
Changed paths:
M hypervisor/arch/arm-common/include/asm/smccc.h
M hypervisor/arch/arm-common/psci.c
M hypervisor/arch/arm-common/smccc.c
Log Message:
-----------
arm-common: Add support for SMCCC 1.1
Implement new SMC calling convention (v1.1)[1] that includes adding
support for arch specific service calls. Mark all arch specific features
as not supported for now.
[1]
http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.den0028b/index.html
Signed-off-by: Lokesh Vutla <[email protected]>
Tested-by: Ralf Ramsauer <[email protected]>
Signed-off-by: Jan Kiszka <[email protected]>
Commit: cac029cf440d5f388cab6095a1423b6702153189
https://github.com/siemens/jailhouse/commit/cac029cf440d5f388cab6095a1423b6702153189
Author: Ralf Ramsauer <[email protected]>
Date: 2018-07-22 (Sun, 22 Jul 2018)
Changed paths:
M hypervisor/arch/arm-common/gic-v3.c
Log Message:
-----------
arm-common: improve calculation of redistributor size
No need for setting redist_size in every iteration. The version of the
GIC won't change once we know if we probed for v3 or v4.
Additionally, use some defines for the size of the redistributor.
Signed-off-by: Ralf Ramsauer <[email protected]>
Signed-off-by: Jan Kiszka <[email protected]>
Commit: 14c522cacd182fd79b7c7779389a6f1e538d158b
https://github.com/siemens/jailhouse/commit/14c522cacd182fd79b7c7779389a6f1e538d158b
Author: Ralf Ramsauer <[email protected]>
Date: 2018-07-22 (Sun, 22 Jul 2018)
Changed paths:
M hypervisor/arch/arm-common/gic-v3.c
Log Message:
-----------
arm-common: gicv3: probe early for the gic version
No need to do this for each CPU. We're currently overwriting a global
variable anyway. Let's do this one time in gic_v3_init instead of
gic_v3_cpu_init.
Signed-off-by: Ralf Ramsauer <[email protected]>
Signed-off-by: Jan Kiszka <[email protected]>
Commit: 0369d3a911fe3e0a168fe3f68798de292d640309
https://github.com/siemens/jailhouse/commit/0369d3a911fe3e0a168fe3f68798de292d640309
Author: Ralf Ramsauer <[email protected]>
Date: 2018-07-22 (Sun, 22 Jul 2018)
Changed paths:
M hypervisor/arch/arm-common/gic-v3.c
M hypervisor/arch/arm-common/include/asm/gic_v3.h
Log Message:
-----------
arm-common: gic-v3: dynamically determine redistributor region size
At the moment, we constantly map 0x100000 for the redistributor region.
This is too small for GICv3 if we have more than eight CPUs.
For the moment, it is sufficient to map a larger region, depending on
the number of the highest cpu id of the system.
Signed-off-by: Ralf Ramsauer <[email protected]>
Signed-off-by: Jan Kiszka <[email protected]>
Commit: dca380af45f8101d341841e4e39c78fc9fce2c97
https://github.com/siemens/jailhouse/commit/dca380af45f8101d341841e4e39c78fc9fce2c97
Author: Ralf Ramsauer <[email protected]>
Date: 2018-07-22 (Sun, 22 Jul 2018)
Changed paths:
M README.md
M configs/arm64/qemu-arm64.c
Log Message:
-----------
configs: assign 16 CPUs to our virtual arm64 target
We have no other target with more than eight CPUs, but we should test
that. Increase the number of CPUs of our qemu arm64 target.
Signed-off-by: Ralf Ramsauer <[email protected]>
Signed-off-by: Jan Kiszka <[email protected]>
Commit: 078ff14b8145733bf435bee088abcf8811d3f0a6
https://github.com/siemens/jailhouse/commit/078ff14b8145733bf435bee088abcf8811d3f0a6
Author: Jan Kiszka <[email protected]>
Date: 2018-07-22 (Sun, 22 Jul 2018)
Changed paths:
M hypervisor/arch/arm-common/control.c
Log Message:
-----------
arm-common: Simplify check_events()
The pattern we actually need is:
1. check if suspension requests are pending and keep handling them as
long as they are
2. handle park requests, they should take precedence
3. in the absence of park requests, handle reset requests
So this removes the unneeded suspension loop around all three. The
pattern is also supposed to be transferred to x86.
Signed-off-by: Jan Kiszka <[email protected]>
Commit: 1ca4d110dc92715a000f1d6961e0af8401f563d5
https://github.com/siemens/jailhouse/commit/1ca4d110dc92715a000f1d6961e0af8401f563d5
Author: Jan Kiszka <[email protected]>
Date: 2018-07-22 (Sun, 22 Jul 2018)
Changed paths:
M hypervisor/arch/x86/control.c
Log Message:
-----------
x86: Simplify x86_check_events()
We do not need to loop over the INIT signal because it cannot arrive
multiple times while the loop is running if we put the INIT check after
the suspension check. This makes the rest analogous to the arm-common
version.
Signed-off-by: Jan Kiszka <[email protected]>
Commit: 536719bc12966eaad22b66c680617f4c8edd2f11
https://github.com/siemens/jailhouse/commit/536719bc12966eaad22b66c680617f4c8edd2f11
Author: Jan Kiszka <[email protected]>
Date: 2018-07-22 (Sun, 22 Jul 2018)
Changed paths:
M hypervisor/arch/x86/control.c
Log Message:
-----------
x86: Do not send an INIT request if there is already one pending
This is redundant, though harmless. At most, we get an NMI IPI on the
target side when it already completed the handling of init_signaled. But
it's cleaner and clearer to avoid that scenario in the first place.
Signed-off-by: Jan Kiszka <[email protected]>
Commit: 30e82a4572bc96279f3668065bd4e3c13b876508
https://github.com/siemens/jailhouse/commit/30e82a4572bc96279f3668065bd4e3c13b876508
Author: Jan Kiszka <[email protected]>
Date: 2018-08-12 (Sun, 12 Aug 2018)
Changed paths:
M hypervisor/arch/x86/control.c
M hypervisor/arch/x86/include/asm/percpu.h
Log Message:
-----------
x86: Wait on init_signaled to arrive
This particularly ensures that Linux guests do not consider CPUs dead
because of the potential high latency between submitting INIT and
getting the target CPU into wait_for_sipi state. On real hardware, the
Delivery Status bit which is polled by Linux synchronizes the sender.
Emulating this would be way more complex than making the INIT IPI
submission synchronous. Delaying this is fine because kicking off
secondary CPUs should never be a hot path.
In case of cross-posting between cores or when there is a management
request pending, we have to check for events and process them while
waiting for INIT to arrive.
The issue manifested in failing to online CPUs again under the root cell
Linux on an Intel NUC6CAY (Apollo Lake Atom).
Signed-off-by: Jan Kiszka <[email protected]>
Commit: 5c91643a89fd044218346868bb31dd05c1774c72
https://github.com/siemens/jailhouse/commit/5c91643a89fd044218346868bb31dd05c1774c72
Author: Jan Kiszka <[email protected]>
Date: 2018-08-12 (Sun, 12 Aug 2018)
Changed paths:
M README.md
M configs/arm64/qemu-arm64.c
Log Message:
-----------
configs: qemu-arm64: Set PCI domain
Upcoming QEMU 3.0 contains a change that injects linux,pci-domain into
the device tree it hands out to the guest. So we also need to set the
domain in the overlay for the virtual PCI host controller, otherwise
Linux refuses the fragment as invalid.
This change will make the config incompatible with older QEMU versions.
However, 3.0 will also contain some relevant fixes to the GIC emulation
so that lifting our version requirement is reasonable.
Signed-off-by: Jan Kiszka <[email protected]>
Commit: e42151c29778648d20ca0c8815aad2d73a96ab75
https://github.com/siemens/jailhouse/commit/e42151c29778648d20ca0c8815aad2d73a96ab75
Author: Christopher Goldsworthy <[email protected]>
Date: 2018-08-12 (Sun, 12 Aug 2018)
Changed paths:
M Makefile
M scripts/include.mk
M tools/Makefile
Log Message:
-----------
Remove version check for pip
Was previously using / testing pip's "--root" option incorrectly (i.e. an empty
argument was supplied when doing non-root installations, or a relative path was
used), leading to a restriction of what version of pip we would allow (since it
pip would otherwise fail). Use --root appropriately and remove version check
accordingly.
Signed-off-by: Chris Goldsworthy <[email protected]>
[Jan: fixed ifneq syntax error, beautified PIP_ROOT assignment]
Signed-off-by: Jan Kiszka <[email protected]>
Commit: c675ea10c7c89f2be371f8284380431a26b4f251
https://github.com/siemens/jailhouse/commit/c675ea10c7c89f2be371f8284380431a26b4f251
Author: Jan Kiszka <[email protected]>
Date: 2018-08-12 (Sun, 12 Aug 2018)
Changed paths:
M hypervisor/arch/arm-common/paging.c
Log Message:
-----------
arm-common: Fix 3-level virt-to-phys translations
This small mistake in injecting the page offset into the returned
physical address was easily able to invalidate various virt-to-phys
translations. We were lucky it didn't bite use harder so far.
It was indirectly discovered by check_mmu_map() on the Orange Pi Zero:
jailhouse_base_phys suddenly received an invalid virt-to-phys
translation because the hiding of private per-cpu structures broke up
the 2-level hypervisor core mapping into a 3-level mapping. That invalid
physical address let check_mmu_map() fail.
Signed-off-by: Jan Kiszka <[email protected]>
Commit: 9aace1818911e07216ffa199be044e02d434488c
https://github.com/siemens/jailhouse/commit/9aace1818911e07216ffa199be044e02d434488c
Author: Jan Kiszka <[email protected]>
Date: 2018-08-12 (Sun, 12 Aug 2018)
Changed paths:
M hypervisor/arch/arm/entry.S
Log Message:
-----------
arm: Ensure double-word alignment of stack after entry
This issue was sleeping since day #1 of ARM support: The ARM calling
convention requires the stack to be double-word aligned on public
interfaces, e.g. when calling a subfunction. We failed to ensure this
both when calling entry() as well as arch_handle_exit().
This had no immediate negative impact, but was causing at least one
subtle effect: variable argument lists are expecting to find 64-bit
values double-word aligned on the stack, and that requirement was
violated. Therefore, printing long long variables was broken in the
hypervisor.
Signed-off-by: Jan Kiszka <[email protected]>
Commit: a04c5151d75d5a4441da7f118c4d20561138d64b
https://github.com/siemens/jailhouse/commit/a04c5151d75d5a4441da7f118c4d20561138d64b
Author: Jan Kiszka <[email protected]>
Date: 2018-08-12 (Sun, 12 Aug 2018)
Changed paths:
M hypervisor/arch/arm/entry.S
Log Message:
-----------
arm: Clean up vmreturn assembly
Micro-optimization, saving one instruction. Leave a comment about the
reason for the add at this chance.
Signed-off-by: Jan Kiszka <[email protected]>
Commit: de1551d6adac9c3b2c1aa24abb54ee6fe25e223c
https://github.com/siemens/jailhouse/commit/de1551d6adac9c3b2c1aa24abb54ee6fe25e223c
Author: Jan Kiszka <[email protected]>
Date: 2018-08-12 (Sun, 12 Aug 2018)
Changed paths:
M hypervisor/include/jailhouse/cell.h
M hypervisor/include/jailhouse/mmio.h
M hypervisor/mmio.c
Log Message:
-----------
core: mmio: Plug potentially dangerous race between lookup and modification
Houston, I think we had a problem here:
CPU 1 CPU 2
----- -----
copy_region(..., 1, 2)
mmio_handle_access()
find_region(...) = 1
copy_region(..., 0, 1)
mmio_handlers[1].handler = handler0
use mmio_handlers[1]:
handler0(arg1)
mmio_handlers[1].arg = arg0
And handler0 will interpret arg1 as if it were arg0, possibly using a
completely different type. Yeah, lockless is easy ... to get wrong.
What we need here to avoid taking a lock in mmio_handle_access and while
still being safe is some revision counting with a retry in case a
mmio access dispatch races with a modification of the list (could be
triggered by the guest via a reconfiguration of ivshmem mmio regions).
And this is what this patch does:
The mmio_generation counter is incremented to an odd value before
beginning a change to the list. Then the modifications are done, the
list size is adjusted, and finally the generation counter is incremented
again - all properly serialized via memory barriers. That's the writer
side.
On the reader side, we capture the generation counter before starting a
lookup. If it is already odd at that time, we wait for the modification
to finish. That is because we may otherwise capture an inconsistent
state before the writing side has incremented the counter again.
While walking the list in find_regions, we check the counter after each
iteration to avoid that we miss a shrink or an expansion. After we find
a matching entry, we capture all relevant data before we check the
generation counter once again. That ensures the the caller of
find_region will get a consistent snapshot of the matching region index,
its base address and its handler function with argument.
Signed-off-by: Jan Kiszka <[email protected]>
Commit: 7b6fc05e197c5c54300a4507c733332c92f2446f
https://github.com/siemens/jailhouse/commit/7b6fc05e197c5c54300a4507c733332c92f2446f
Author: Peng Fan <[email protected]>
Date: 2018-08-12 (Sun, 12 Aug 2018)
Changed paths:
M hypervisor/arch/arm64/asm-defines.c
M hypervisor/arch/arm64/entry.S
Log Message:
-----------
arm64: flush D-cache before switch to EL2
Flush hypervisor core D-Cache before switch to EL2.
After the initial switch to EL2 the MMU is not yet enabled,
there might be hypervisor code still left in D-cache. Then
in EL2, CPU might fetch wrong instruction and trigger abort.
The driver use flush_icache_range to flush icache/dcache to PoU.
However in arch_entry, when hvc #0 the first and 2nd time,
cache is disabled, so core could only see instruction/data in
PoC(Eg. DRAM). Because PoU might not be able to flush inst/data to
PoC(Eg. DRAM), core abort with wrong instruction fetch when cache
disabled.
So let's flush hypervisor core D-cache when cache is still enabled
before switch to EL2 to avoid this issue.
Without this patch, when `jailhouse enable imx8qxp.cell`, cpu
got instruction abort almost every time. With this patch,
it passes hundreds test using "jaihouse enable imx8qxp.cell;
jailhouse disable"
Signed-off-by: Peng Fan <[email protected]>
Signed-off-by: Jan Kiszka <[email protected]>
Commit: c20fe81d74a782bfae4126a84742c45e7d8808b4
https://github.com/siemens/jailhouse/commit/c20fe81d74a782bfae4126a84742c45e7d8808b4
Author: Henning Schild <[email protected]>
Date: 2018-08-12 (Sun, 12 Aug 2018)
Changed paths:
M tools/jailhouse-hardware-check
Log Message:
-----------
tools: jailhouse-hardware-check allow skipping MMIO tests
Recent kernels do have a feature that will even forbid root to mmap
/dev/mem beyond 1MB. (CONFIG_STRICT_DEVMEM) That feature is enabled in
distro kernels and we will fail with all the MMIO checks.
So skip them, leave some advise for the user, and sys.exit with a
special value for that case.
Reported-by: Gustavo Lima Chaves <[email protected]>
Signed-off-by: Henning Schild <[email protected]>
Signed-off-by: Jan Kiszka <[email protected]>
Compare:
https://github.com/siemens/jailhouse/compare/006918caa2b9...c20fe81d74a7
**NOTE:** This service has been marked for deprecation:
https://developer.github.com/changes/2018-04-25-github-services-deprecation/
Functionality will be removed from GitHub.com on January 31st, 2019.
--
You received this message because you are subscribed to the Google Groups
"Jailhouse" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
