Re: [PATCH v4 6/7] x86/jailhouse: Allow to use PCI_MMCONFIG without ACPI
Hi Jan, I love your patch! Yet something to improve: [auto build test ERROR on pci/next] [also build test ERROR on v4.16-rc4 next-20180305] [cannot apply to tip/x86/core] [if your patch is applied to the wrong git tree, please drop us a note to help improve the system] url: https://github.com/0day-ci/linux/commits/Jan-Kiszka/jailhouse-Enhance-secondary-Jailhouse-guest-support-wrt-PCI/20180306-070138 base: https://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci.git next config: i386-randconfig-x079-201809 (attached as .config) compiler: gcc-7 (Debian 7.3.0-1) 7.3.0 reproduce: # save the attached .config to linux build tree make ARCH=i386 All errors (new ones prefixed by >>): arch/x86/kernel/cpu/amd.c: In function 'init_amd_gh': >> arch/x86/kernel/cpu/amd.c:722:3: error: implicit declaration of function >> 'check_enable_amd_mmconf_dmi' [-Werror=implicit-function-declaration] check_enable_amd_mmconf_dmi(); ^~~ >> arch/x86/kernel/cpu/amd.c:724:2: error: implicit declaration of function >> 'fam10h_check_enable_mmcfg' [-Werror=implicit-function-declaration] fam10h_check_enable_mmcfg(); ^ cc1: some warnings being treated as errors vim +/check_enable_amd_mmconf_dmi +722 arch/x86/kernel/cpu/amd.c 0d96b9ff7 Yinghai Lu 2009-08-29 716 26bfa5f89 Borislav Petkov 2014-06-24 717 static void init_amd_gh(struct cpuinfo_x86 *c) 26bfa5f89 Borislav Petkov 2014-06-24 718 { 377b0048c Jan Kiszka 2018-03-04 719 #ifdef CONFIG_MMCONF_FAM10H 26bfa5f89 Borislav Petkov 2014-06-24 720 /* do this for boot cpu */ 26bfa5f89 Borislav Petkov 2014-06-24 721 if (c == _cpu_data) 26bfa5f89 Borislav Petkov 2014-06-24 @722 check_enable_amd_mmconf_dmi(); 26bfa5f89 Borislav Petkov 2014-06-24 723 26bfa5f89 Borislav Petkov 2014-06-24 @724 fam10h_check_enable_mmcfg(); 26bfa5f89 Borislav Petkov 2014-06-24 725 #endif 6c62aa4a3 Yinghai Lu 2008-09-07 726 6c62aa4a3 Yinghai Lu 2008-09-07 727 /* 26bfa5f89 Borislav Petkov 2014-06-24 728* Disable GART TLB Walk Errors on Fam10h. We do this here because this 26bfa5f89 Borislav Petkov 2014-06-24 729* is always needed when GART is enabled, even in a kernel which has no 26bfa5f89 Borislav Petkov 2014-06-24 730* MCE support built in. BIOS should disable GartTlbWlk Errors already. 26bfa5f89 Borislav Petkov 2014-06-24 731* If it doesn't, we do it here as suggested by the BKDG. 26bfa5f89 Borislav Petkov 2014-06-24 732* 26bfa5f89 Borislav Petkov 2014-06-24 733* Fixes: https://bugzilla.kernel.org/show_bug.cgi?id=33012 6c62aa4a3 Yinghai Lu 2008-09-07 734*/ 26bfa5f89 Borislav Petkov 2014-06-24 735 msr_set_bit(MSR_AMD64_MCx_MASK(4), 10); 6c62aa4a3 Yinghai Lu 2008-09-07 736 26bfa5f89 Borislav Petkov 2014-06-24 737 /* 26bfa5f89 Borislav Petkov 2014-06-24 738* On family 10h BIOS may not have properly enabled WC+ support, causing 26bfa5f89 Borislav Petkov 2014-06-24 739* it to be converted to CD memtype. This may result in performance 26bfa5f89 Borislav Petkov 2014-06-24 740* degradation for certain nested-paging guests. Prevent this conversion 26bfa5f89 Borislav Petkov 2014-06-24 741* by clearing bit 24 in MSR_AMD64_BU_CFG2. 26bfa5f89 Borislav Petkov 2014-06-24 742* 26bfa5f89 Borislav Petkov 2014-06-24 743* NOTE: we want to use the _safe accessors so as not to #GP kvm 26bfa5f89 Borislav Petkov 2014-06-24 744* guests on older kvm hosts. 26bfa5f89 Borislav Petkov 2014-06-24 745*/ 26bfa5f89 Borislav Petkov 2014-06-24 746 msr_clear_bit(MSR_AMD64_BU_CFG2, 24); 11fdd252b Yinghai Lu 2008-09-07 747 26bfa5f89 Borislav Petkov 2014-06-24 748 if (cpu_has_amd_erratum(c, amd_erratum_383)) 26bfa5f89 Borislav Petkov 2014-06-24 749 set_cpu_bug(c, X86_BUG_AMD_TLB_MMATCH); 11fdd252b Yinghai Lu 2008-09-07 750 } 11fdd252b Yinghai Lu 2008-09-07 751 :: The code at line 722 was first introduced by commit :: 26bfa5f89486a8926cd4d4ca81a04d3f0f174934 x86, amd: Cleanup init_amd :: TO: Borislav Petkov <b...@suse.de> :: CC: H. Peter Anvin <h...@linux.intel.com> --- 0-DAY kernel test infrastructureOpen Source Technology Center https://lists.01.org/pipermail/kbuild-all Intel Corporation -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to jailhouse-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout. .config.gz Description: application/gzip
[siemens/jailhouse] cf4c46: Documentation: supported free OSs; memory reservat...
Branch: refs/heads/next Home: https://github.com/siemens/jailhouse Commit: cf4c4691fd48c8b98f19ea01fdaa03f39d5fd7d3 https://github.com/siemens/jailhouse/commit/cf4c4691fd48c8b98f19ea01fdaa03f39d5fd7d3 Author: Claudio ScordinoDate: 2018-03-05 (Mon, 05 Mar 2018) Changed paths: M FAQ.md M README.md Log Message: --- Documentation: supported free OSs; memory reservation through DT Signed-off-by: Claudio Scordino Signed-off-by: Jan Kiszka Commit: a85b0ebd1766704fa8d21b21e925d24149607977 https://github.com/siemens/jailhouse/commit/a85b0ebd1766704fa8d21b21e925d24149607977 Author: Jan Kiszka Date: 2018-03-05 (Mon, 05 Mar 2018) Changed paths: M FAQ.md M README.md Log Message: --- README/FAQ: Use consistent blank-line separations Signed-off-by: Jan Kiszka Compare: https://github.com/siemens/jailhouse/compare/bd5ad1e0f3dd...a85b0ebd1766 -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to jailhouse-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[PATCH] README/FAQ: Use consistent blank-line separations
Signed-off-by: Jan Kiszka--- FAQ.md| 2 +- README.md | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/FAQ.md b/FAQ.md index cf87a523..1743bb1d 100644 --- a/FAQ.md +++ b/FAQ.md @@ -83,6 +83,7 @@ Please note Jailhouse developers may ask you for these logs, shall you come for help to jailhouse-dev mailing list, because they are extremely useful to analyze machine hangs. So please have the logs at hand, if possible. + Development --- @@ -91,4 +92,3 @@ Development Run ```make docs``` to create automatic documentation (it needs Doxygen installed). The documentation will be generated inside the ```Documentation/generated/``` directory. - diff --git a/README.md b/README.md index d9cdfdfc..6f5dac28 100644 --- a/README.md +++ b/README.md @@ -130,6 +130,7 @@ Hardware requirements (preliminary) - Xilinx ZCU102 (ZynqMP evaluation board) + Software requirements - -- 2.13.6 -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to jailhouse-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: Submitting a patch to the mailing list
> > Your messages got stuck in the spam filter of googlegroups - Google > seems to hate hotmail :). I've whitelisted you and confirmed the last > version of the patch. If anything is missing, please repost now. > That's a relief. Thanks! No, that was it for the last patch. Adeel > Jan > > -- > Siemens AG, Corporate Technology, CT RDA IOT SES-DE > Corporate Competence Center Embedded Linux -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to jailhouse-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [PATCH] Update required QEMU version to be >= 2.8
On 2018-03-05 17:37, Adeel Ahmad wrote: > The current version mentioned in README.md (2.7) does not support the > x-buggy-eim property. > > Signed-off-by: Adeel Ahmad> --- > README.md | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/README.md b/README.md > index 42fd8c0..a96f99c 100644 > --- a/README.md > +++ b/README.md > @@ -13,7 +13,7 @@ Quickstart > The host-side requirements are: > > - Docker (tested with 17.09.1-ce) > -- QEMU 2.7 (for x86 image) > +- QEMU >= 2.8 (for x86 image) > - Kernel >= 4.4 with KVM support (for x86 image) > > To build all images, just run ```build-images.sh```. A QEMU image can then be > Ah, now I see where this confusion came from - this targets the jailhouse-images repo which I missed. I just introduced the rule to prefix these patches with [jh-images], see the patch series I just posted. We should use that prefix to avoid such confusions between the repos in the future. BTW, there is also some mentioning of the QEMU version in the Jailhouse README.md. That should be patches as well (without the prefix then :) ). Jan -- Siemens AG, Corporate Technology, CT RDA IOT SES-DE Corporate Competence Center Embedded Linux -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to jailhouse-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[jh-images][PATCH 20/21] Update Jailhouse Linux kernel to 4.14.24
From: Jan KiszkaThis comes with a fix for ivshmem-net which prevents sporadic link setup issues and an update to the latest upstream x86 non-root patches. Signed-off-by: Jan Kiszka --- recipes-kernel/linux/files/x86_64_defconfig | 3 +-- recipes-kernel/linux/linux-jailhouse.bb | 6 +++--- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/recipes-kernel/linux/files/x86_64_defconfig b/recipes-kernel/linux/files/x86_64_defconfig index cbf8b8e..e2afe00 100644 --- a/recipes-kernel/linux/files/x86_64_defconfig +++ b/recipes-kernel/linux/files/x86_64_defconfig @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 4.14.18 Kernel Configuration +# Linux/x86 4.14.24 Kernel Configuration # CONFIG_64BIT=y CONFIG_X86_64=y @@ -3568,7 +3568,6 @@ CONFIG_HAVE_DEBUG_KMEMLEAK=y CONFIG_ARCH_HAS_DEBUG_VIRTUAL=y CONFIG_DEBUG_MEMORY_INIT=y CONFIG_HAVE_DEBUG_STACKOVERFLOW=y -CONFIG_HAVE_ARCH_KMEMCHECK=y CONFIG_HAVE_ARCH_KASAN=y # CONFIG_KASAN is not set CONFIG_ARCH_HAS_KCOV=y diff --git a/recipes-kernel/linux/linux-jailhouse.bb b/recipes-kernel/linux/linux-jailhouse.bb index 2319da4..8152f68 100644 --- a/recipes-kernel/linux/linux-jailhouse.bb +++ b/recipes-kernel/linux/linux-jailhouse.bb @@ -14,9 +14,9 @@ require recipes-kernel/linux/linux-custom.inc SRC_URI += " \ https://github.com/siemens/linux/archive/${SRCREV}.tar.gz \ file://x86_64_defconfig" -SRC_URI[sha256sum] = "e779cb4297b7bec7397d23984c9f611c5d88f5ca1600b9346bfa9e44dc1bc4f4" -SRCREV = "26a81a994feef8d54f53ca15fbd2a527b285d56f" -PV = "4.14.18" +SRC_URI[sha256sum] = "9a99dd2d3028d3e40beef325f4a59f0f39b8a699f0247fb98df815f0d92106a0" +SRCREV = "3c91d2686cbaaf19e0f5f440895626441bc68182" +PV = "4.14.24" S = "linux-${SRCREV}" -- 2.13.6 -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to jailhouse-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[jh-images][PATCH 18/21] Expand demo image to 1 GB free space
From: Jan KiszkaThis even allows to install a simply graphical desktop from the running image. Signed-off-by: Jan Kiszka --- recipes-core/images/demo-image.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/recipes-core/images/demo-image.bb b/recipes-core/images/demo-image.bb index 15fb61b..4ffeb44 100644 --- a/recipes-core/images/demo-image.bb +++ b/recipes-core/images/demo-image.bb @@ -9,6 +9,8 @@ # SPDX-License-Identifier: GPL-2.0 # +ROOTFS_EXTRA = "1024" + require recipes-core/images/isar-image-base.bb IMAGE_PREINSTALL += " \ -- 2.13.6 -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to jailhouse-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[jh-images][PATCH 17/21] Enable network to non-root cells
From: Jan KiszkaEnable the ivshmem-net driver in the kernel and add a network config for the link to the non-root cell. Also pre-fill known_hosts with the key of the non-root inmate we built. ethtool is added because it can help debugging the ivshmem-net driver. Signed-off-by: Jan Kiszka --- recipes-core/customizations/customizations.bb | 5 - recipes-core/customizations/files/ivshmem-net | 5 + recipes-core/customizations/files/known_hosts | 1 + recipes-core/images/demo-image.bb | 2 +- recipes-kernel/linux/files/x86_64_defconfig | 2 +- 5 files changed, 12 insertions(+), 3 deletions(-) create mode 100644 recipes-core/customizations/files/ivshmem-net create mode 100644 recipes-core/customizations/files/known_hosts diff --git a/recipes-core/customizations/customizations.bb b/recipes-core/customizations/customizations.bb index 70d6ace..5ce8677 100644 --- a/recipes-core/customizations/customizations.bb +++ b/recipes-core/customizations/customizations.bb @@ -17,7 +17,9 @@ SRC_URI = " \ file://postinst \ file://.bash_history \ file://e1000e-intx.conf \ -file://e1000e" +file://e1000e \ +file://ivshmem-net \ +file://known_hosts" do_install() { install -v -d ${D}/etc/modprobe.d @@ -25,6 +27,7 @@ do_install() { install -v -d ${D}/etc/network/interfaces.d install -v -m 644 ${WORKDIR}/e1000e ${D}/etc/network/interfaces.d/ + install -v -m 644 ${WORKDIR}/ivshmem-net ${D}/etc/network/interfaces.d/ install -v -d ${D}/root install -v -m 600 ${WORKDIR}/.bash_history ${D}/root/ diff --git a/recipes-core/customizations/files/ivshmem-net b/recipes-core/customizations/files/ivshmem-net new file mode 100644 index 000..6724bef --- /dev/null +++ b/recipes-core/customizations/files/ivshmem-net @@ -0,0 +1,5 @@ +allow-hotplug enp0s14 + +iface enp0s14 inet static + address 192.168.19.1 + netmask 255.255.255.0 diff --git a/recipes-core/customizations/files/known_hosts b/recipes-core/customizations/files/known_hosts new file mode 100644 index 000..924e576 --- /dev/null +++ b/recipes-core/customizations/files/known_hosts @@ -0,0 +1 @@ +|1|5woryrKqOBJSYvegq9rbA13suI4=|7sHlK5hUReuVW2lcf9xf67LQqOU= ecdsa-sha2-nistp521 E2VjZHNhLXNoYTItbmlzdHA1MjEIbmlzdHA1MjEAAACFBADTaGag7jCPaJcMNAgfqk0Uokq5AAAxyahcNehxAizWT/TPk3u5rplp0uHBCUXFnuD5zYBxZRlIC4SVMHir/6Kv0AGcJiFmFtfZl2LekLvPi5NcBIdoDn7w8rdZd4XPbRcxti0kaFAh0YDq6K4mM1KGOJDC7sMPN4dIrPmChpC48OTb2w== diff --git a/recipes-core/images/demo-image.bb b/recipes-core/images/demo-image.bb index 28c0916..15fb61b 100644 --- a/recipes-core/images/demo-image.bb +++ b/recipes-core/images/demo-image.bb @@ -14,6 +14,6 @@ require recipes-core/images/isar-image-base.bb IMAGE_PREINSTALL += " \ bash-completion less vim nano \ ifupdown isc-dhcp-client net-tools iputils-ping ssh \ -pciutils" +pciutils ethtool" IMAGE_INSTALL += "jailhouse customizations non-root-initramfs" diff --git a/recipes-kernel/linux/files/x86_64_defconfig b/recipes-kernel/linux/files/x86_64_defconfig index 7f9cc0e..cbf8b8e 100644 --- a/recipes-kernel/linux/files/x86_64_defconfig +++ b/recipes-kernel/linux/files/x86_64_defconfig @@ -1858,7 +1858,7 @@ CONFIG_WLAN_VENDOR_QUANTENNA=y # CONFIG_WAN is not set # CONFIG_VMXNET3 is not set # CONFIG_FUJITSU_ES is not set -# CONFIG_IVSHMEM_NET is not set +CONFIG_IVSHMEM_NET=y # CONFIG_ISDN is not set # CONFIG_NVM is not set -- 2.13.6 -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to jailhouse-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[jh-images][PATCH 14/21] Add initramfs for non-root Linux inmates
From: Jan KiszkaThis builds a small initramfs via buildroot that provides basic infrastructure and some test tools for non-root Linux inmates. Might be replaced by something built from Debian binaries later on, to speed-up the build time. Signed-off-by: Jan Kiszka --- recipes-core/images/demo-image.bb |2 +- recipes-core/non-root-initramfs/files/amd64-config | 3249 .../non-root-initramfs/files/debian/changelog |5 + .../non-root-initramfs/files/debian/compat |1 + .../non-root-initramfs/files/debian/control| 10 + .../files/debian/non-root-initramfs.install|1 + .../files/debian/rules}| 12 +- .../files/overlay/etc/default/dropbear |1 + .../overlay/etc/dropbear/dropbear_ecdsa_host_key | Bin 0 -> 242 bytes .../files/overlay/etc/init.d/S40network|1 + .../files/overlay/etc/init.d/S41dhcpcd |1 + .../non-root-initramfs_2017.11.2.bb| 32 + 12 files changed, 3311 insertions(+), 4 deletions(-) create mode 100644 recipes-core/non-root-initramfs/files/amd64-config create mode 100644 recipes-core/non-root-initramfs/files/debian/changelog create mode 100644 recipes-core/non-root-initramfs/files/debian/compat create mode 100644 recipes-core/non-root-initramfs/files/debian/control create mode 100644 recipes-core/non-root-initramfs/files/debian/non-root-initramfs.install copy recipes-core/{images/demo-image.bb => non-root-initramfs/files/debian/rules} (52%) mode change 100644 => 100755 create mode 100644 recipes-core/non-root-initramfs/files/overlay/etc/default/dropbear create mode 100644 recipes-core/non-root-initramfs/files/overlay/etc/dropbear/dropbear_ecdsa_host_key create mode 100755 recipes-core/non-root-initramfs/files/overlay/etc/init.d/S40network create mode 100755 recipes-core/non-root-initramfs/files/overlay/etc/init.d/S41dhcpcd create mode 100644 recipes-core/non-root-initramfs/non-root-initramfs_2017.11.2.bb diff --git a/recipes-core/images/demo-image.bb b/recipes-core/images/demo-image.bb index a22db0b..f17b521 100644 --- a/recipes-core/images/demo-image.bb +++ b/recipes-core/images/demo-image.bb @@ -13,4 +13,4 @@ require recipes-core/images/isar-image-base.bb IMAGE_PREINSTALL += "bash-completion less vim nano" -IMAGE_INSTALL += "jailhouse customizations" +IMAGE_INSTALL += "jailhouse customizations non-root-initramfs" diff --git a/recipes-core/non-root-initramfs/files/amd64-config b/recipes-core/non-root-initramfs/files/amd64-config new file mode 100644 index 000..2d72b05 --- /dev/null +++ b/recipes-core/non-root-initramfs/files/amd64-config @@ -0,0 +1,3249 @@ +# +# Automatically generated file; DO NOT EDIT. +# Buildroot 2017.11.2 Configuration +# +BR2_HAVE_DOT_CONFIG=y +BR2_HOST_GCC_AT_LEAST_4_5=y +BR2_HOST_GCC_AT_LEAST_4_6=y +BR2_HOST_GCC_AT_LEAST_4_7=y +BR2_HOST_GCC_AT_LEAST_4_8=y + +# +# Target options +# +BR2_ARCH_IS_64=y +BR2_ARCH_HAS_MMU_MANDATORY=y +# BR2_arcle is not set +# BR2_arceb is not set +# BR2_arm is not set +# BR2_armeb is not set +# BR2_aarch64 is not set +# BR2_aarch64_be is not set +# BR2_bfin is not set +# BR2_csky is not set +# BR2_i386 is not set +# BR2_m68k is not set +# BR2_microblazeel is not set +# BR2_microblazebe is not set +# BR2_mips is not set +# BR2_mipsel is not set +# BR2_mips64 is not set +# BR2_mips64el is not set +# BR2_nios2 is not set +# BR2_or1k is not set +# BR2_powerpc is not set +# BR2_powerpc64 is not set +# BR2_powerpc64le is not set +# BR2_sh is not set +# BR2_sparc is not set +# BR2_sparc64 is not set +BR2_x86_64=y +# BR2_xtensa is not set +BR2_ARCH_HAS_TOOLCHAIN_BUILDROOT=y +BR2_ARCH="x86_64" +BR2_ENDIAN="LITTLE" +BR2_GCC_TARGET_ARCH="corei7" +BR2_BINFMT_SUPPORTS_SHARED=y +BR2_READELF_ARCH_NAME="Advanced Micro Devices X86-64" +BR2_BINFMT_ELF=y +BR2_X86_CPU_HAS_MMX=y +BR2_X86_CPU_HAS_SSE=y +BR2_X86_CPU_HAS_SSE2=y +BR2_X86_CPU_HAS_SSE3=y +BR2_X86_CPU_HAS_SSSE3=y +BR2_X86_CPU_HAS_SSE4=y +BR2_X86_CPU_HAS_SSE42=y +# BR2_x86_nocona is not set +# BR2_x86_core2 is not set +BR2_x86_corei7=y +# BR2_x86_corei7_avx is not set +# BR2_x86_core_avx2 is not set +# BR2_x86_atom is not set +# BR2_x86_opteron is not set +# BR2_x86_opteron_sse3 is not set +# BR2_x86_barcelona is not set +# BR2_x86_jaguar is not set +# BR2_x86_steamroller is not set + +# +# Build options +# + +# +# Commands +# +BR2_WGET="wget --passive-ftp -nd -t 3" +BR2_SVN="svn" +BR2_BZR="bzr" +BR2_GIT="git" +BR2_CVS="cvs" +BR2_LOCALFILES="cp" +BR2_SCP="scp" +BR2_SSH="ssh" +BR2_HG="hg" +BR2_ZCAT="gzip -d -c" +BR2_BZCAT="bzcat" +BR2_XZCAT="xzcat" +BR2_LZCAT="lzip -d -c" +BR2_TAR_OPTIONS="" +BR2_DEFCONFIG="$(CONFIG_DIR)/defconfig" +BR2_DL_DIR="$(TOPDIR)/dl" +BR2_HOST_DIR="$(BASE_DIR)/host" + +# +# Mirrors and Download locations +# +BR2_PRIMARY_SITE="" +BR2_BACKUP_SITE="http://sources.buildroot.net;
Re: Submitting a patch to the mailing list
On 2018-03-05 12:51, Adeel Ahmad wrote: > Thanks for the reply. > >> Spammers like to use such methods (aka. relaying), so I think it simply >> got marked as spam. Your MX should be allowed to send mail from FROM. So >> either use a hotmail SMTP server or you gmail account in FROM. >> > > I did try sending the email using hotmail's SMTP server before with these > settings: > > [sendemail] > > smtp-encryption = ssl > > smtp-server = smtp.live.com > > smtp-user = adeelahma...@hotmail.com > > smtp-server-port = 587 > > smtp-pass = PASS > > But it still doesn't show up. I also made sure I was subscribed to the > mailing list with my hotmail address. Your messages got stuck in the spam filter of googlegroups - Google seems to hate hotmail :). I've whitelisted you and confirmed the last version of the patch. If anything is missing, please repost now. Jan -- Siemens AG, Corporate Technology, CT RDA IOT SES-DE Corporate Competence Center Embedded Linux -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to jailhouse-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[PATCH] Update required QEMU version to be >= 2.8
The current version mentioned in README.md (2.7) does not support the x-buggy-eim property. Signed-off-by: Adeel Ahmad--- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 42fd8c0..a96f99c 100644 --- a/README.md +++ b/README.md @@ -13,7 +13,7 @@ Quickstart The host-side requirements are: - Docker (tested with 17.09.1-ce) -- QEMU 2.7 (for x86 image) +- QEMU >= 2.8 (for x86 image) - Kernel >= 4.4 with KVM support (for x86 image) To build all images, just run ```build-images.sh```. A QEMU image can then be -- 1.9.1 -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to jailhouse-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[jh-images][PATCH 08/21] Add customization script for demo image
From: Jan KiszkaStart with first customizations of the image by adding a dpkg-raw package that replaces /etc/issue, allows login as root via ssh, and pre-fills the bash history with demo commands. Signed-off-by: Jan Kiszka --- recipes-core/customizations/customizations.bb | 27 + recipes-core/customizations/files/.bash_history | 10 + recipes-core/customizations/files/issue | 2 ++ recipes-core/customizations/files/postinst | 4 recipes-core/images/demo-image.bb | 2 +- 5 files changed, 44 insertions(+), 1 deletion(-) create mode 100644 recipes-core/customizations/customizations.bb create mode 100644 recipes-core/customizations/files/.bash_history create mode 100644 recipes-core/customizations/files/issue create mode 100644 recipes-core/customizations/files/postinst diff --git a/recipes-core/customizations/customizations.bb b/recipes-core/customizations/customizations.bb new file mode 100644 index 000..667befd --- /dev/null +++ b/recipes-core/customizations/customizations.bb @@ -0,0 +1,27 @@ +# +# Jailhouse, a Linux-based partitioning hypervisor +# +# Copyright (c) Siemens AG, 2018 +# +# Authors: +# Jan Kiszka +# +# SPDX-License-Identifier: GPL-2.0 +# + +inherit dpkg-raw + +DESCRIPTION = "demo image customizations" + +SRC_URI = " \ +file://postinst \ +file://.bash_history" + +do_install() { + + install -v -d ${D}/root + install -v -m 600 ${WORKDIR}/.bash_history ${D}/root/ + + install -v -d -m 700 ${D}/root/.ssh + install -v -m 644 ${WORKDIR}/known_hosts ${D}/root/.ssh/ +} diff --git a/recipes-core/customizations/files/.bash_history b/recipes-core/customizations/files/.bash_history new file mode 100644 index 000..7a7d301 --- /dev/null +++ b/recipes-core/customizations/files/.bash_history @@ -0,0 +1,10 @@ +jailhouse enable /etc/jailhouse/qemu-x86.cell +jailhouse console +jailhouse cell create /etc/jailhouse/apic-demo.cell +jailhouse cell load apic-demo /usr/libexec/jailhouse/demos/apic-demo.bin +jailhouse cell start apic-demo +jailhouse cell stats apic-demo +jailhouse cell destroy apic-demo +jailhouse cell linux /etc/jailhouse/linux-x86-demo.cell /boot/vmlinuz* -i /usr/libexec/jailhouse/demos/rootfs.cpio -c "console=ttyS0 8250.nr_uarts=1 ip=192.168.19.2" +ssh 192.168.19.2 +jailhouse disable diff --git a/recipes-core/customizations/files/issue b/recipes-core/customizations/files/issue new file mode 100644 index 000..0fd2e65 --- /dev/null +++ b/recipes-core/customizations/files/issue @@ -0,0 +1,2 @@ +Jailhouse Demo Image (login: root) + diff --git a/recipes-core/customizations/files/postinst b/recipes-core/customizations/files/postinst new file mode 100644 index 000..a10628c --- /dev/null +++ b/recipes-core/customizations/files/postinst @@ -0,0 +1,4 @@ +#!/bin/sh +echo "Jailhouse Demo Image (login: root/root)" > /etc/issue + +echo "PermitRootLogin yes" >> /etc/ssh/sshd_config diff --git a/recipes-core/images/demo-image.bb b/recipes-core/images/demo-image.bb index c9771a9..a22db0b 100644 --- a/recipes-core/images/demo-image.bb +++ b/recipes-core/images/demo-image.bb @@ -13,4 +13,4 @@ require recipes-core/images/isar-image-base.bb IMAGE_PREINSTALL += "bash-completion less vim nano" -IMAGE_INSTALL += "jailhouse" +IMAGE_INSTALL += "jailhouse customizations" -- 2.13.6 -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to jailhouse-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[jh-images][PATCH 03/21] Start x86 kernel with framebuffer console
From: Jan KiszkaThis gives us a 1024x768x8 console. Signed-off-by: Jan Kiszka --- start-qemu.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/start-qemu.sh b/start-qemu.sh index 3c50ffb..146252d 100755 --- a/start-qemu.sh +++ b/start-qemu.sh @@ -34,7 +34,7 @@ case "$1" in -device intel-hda,addr=1b.0 -device hda-duplex \ -device e1000e,addr=2.0,netdev=net" KERNEL_CMDLINE="root=/dev/sda intel_iommu=off \ - memmap=66M\$0x3b00" + memmap=66M\$0x3b00 vga=0x305" ;; ""|--help) usage -- 2.13.6 -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to jailhouse-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[jh-images][PATCH 12/21] Backport cell-linux patches for kernel/initramfs memory placement
From: Jan KiszkaThese are essential in order to use the larger root kernel also for the non-root cell. Signed-off-by: Jan Kiszka --- ...linux-Use-minimal-decompression-space-for.patch | 58 + ...linux-Make-kernel-decompression-factor-co.patch | 82 ++ ...linux-Tune-x86-decompression-factor-based.patch | 99 ++ recipes-jailhouse/jailhouse/jailhouse_0.8.bb | 5 ++ 4 files changed, 244 insertions(+) create mode 100644 recipes-jailhouse/jailhouse/files/0001-tools-cell-linux-Use-minimal-decompression-space-for.patch create mode 100644 recipes-jailhouse/jailhouse/files/0002-tools-cell-linux-Make-kernel-decompression-factor-co.patch create mode 100644 recipes-jailhouse/jailhouse/files/0003-tools-cell-linux-Tune-x86-decompression-factor-based.patch diff --git a/recipes-jailhouse/jailhouse/files/0001-tools-cell-linux-Use-minimal-decompression-space-for.patch b/recipes-jailhouse/jailhouse/files/0001-tools-cell-linux-Use-minimal-decompression-space-for.patch new file mode 100644 index 000..4c6ccf8 --- /dev/null +++ b/recipes-jailhouse/jailhouse/files/0001-tools-cell-linux-Use-minimal-decompression-space-for.patch @@ -0,0 +1,58 @@ +From 0d69f78fb52b66df49c24935d4218c7c8c1f6e7b Mon Sep 17 00:00:00 2001 +From: Jan Kiszka +Date: Sun, 7 Jan 2018 08:43:22 +0100 +Subject: [PATCH 1/4] tools: cell-linux: Use minimal decompression space for + ARM64 + +Factor out a default decompression factor for ARM because ARM64 does not +perform any compression so far, thus has a factor of 1 only. This allows +for more compact non-root Linux cell layout during load. + +Signed-off-by: Jan Kiszka +Reviewed-by: Lokesh Vutla +--- + tools/jailhouse-cell-linux | 14 -- + 1 file changed, 12 insertions(+), 2 deletions(-) + +diff --git a/tools/jailhouse-cell-linux b/tools/jailhouse-cell-linux +index 086d5982..d27951b7 100755 +--- a/tools/jailhouse-cell-linux b/tools/jailhouse-cell-linux +@@ -310,8 +310,10 @@ class ARMCommon: + if args.initrd: + ramdisk_size = page_align(os.fstat(args.initrd.fileno()).st_size) + # leave sufficient space between the kernel and the initrd +-image_size += kernel_size * 4 +-kernel_size *= 5 ++decompression_factor = self.default_decompression_factor() ++decompression_space = decompression_factor * kernel_size ++kernel_size += decompression_space ++image_size += decompression_space + + if not args.dtb: + print('No device tree specified', file=sys.stderr) +@@ -425,6 +427,10 @@ class ARM(ARMCommon): + def get_kernel_offset(kernel): + return 0 + ++@staticmethod ++def default_decompression_factor(): ++return 4 ++ + + class ARM64(ARMCommon): + name = 'arm64' +@@ -442,6 +448,10 @@ class ARM64(ARMCommon): + (text_offset,) = struct.unpack_from(' +Date: Sun, 7 Jan 2018 08:45:22 +0100 +Subject: [PATCH 2/4] tools: cell-linux: Make kernel decompression factor + configurable + +The required factor depends on the chosen compression method, and that +may vary. Have a large factor to account for aggressive compressions +(and increased memory needs during decompression) will work - as long as +there is enough memory assigned to the cell. Using a smaller default +will address this but break if the user chooses a better compression +method. + +Let's make this factor configurable in order to give the user some +control in case our default should not work. + +Signed-off-by: Jan Kiszka+Reviewed-by: Lokesh Vutla +--- + tools/jailhouse-cell-linux | 17 ++--- + 1 file changed, 14 insertions(+), 3 deletions(-) + +diff --git a/tools/jailhouse-cell-linux b/tools/jailhouse-cell-linux +index d27951b7..cf9225b2 100755 +--- a/tools/jailhouse-cell-linux b/tools/jailhouse-cell-linux +@@ -248,7 +248,8 @@ class X86: + def setup(self, args, config): + self._cpu_reset_address = config.cpu_reset_address + +-self._zero_page =
[jh-images][PATCH 04/21] linux-jailhouse: Update defconfig
From: Jan KiszkaRefresh defconfig with 4.14.18 settings, adding also CONFIG_X86_MSR as module at this chance which enables "jailhouse hardware check". Signed-off-by: Jan Kiszka --- recipes-kernel/linux/files/x86_64_defconfig | 13 +++-- 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/recipes-kernel/linux/files/x86_64_defconfig b/recipes-kernel/linux/files/x86_64_defconfig index aff9055..f072ef6 100644 --- a/recipes-kernel/linux/files/x86_64_defconfig +++ b/recipes-kernel/linux/files/x86_64_defconfig @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 4.14.8 Kernel Configuration +# Linux/x86 4.14.18 Kernel Configuration # CONFIG_64BIT=y CONFIG_X86_64=y @@ -313,7 +313,6 @@ CONFIG_ARCH_MMAP_RND_COMPAT_BITS=8 CONFIG_HAVE_ARCH_COMPAT_MMAP_BASES=y CONFIG_HAVE_COPY_THREAD_TLS=y CONFIG_HAVE_STACK_VALIDATION=y -CONFIG_HAVE_RELIABLE_STACKTRACE=y # CONFIG_HAVE_ARCH_HASH is not set # CONFIG_ISA_BUS_API is not set CONFIG_OLD_SIGSUSPEND3=y @@ -404,6 +403,7 @@ CONFIG_X86_FAST_FEATURE_TESTS=y CONFIG_X86_X2APIC=y CONFIG_X86_MPPARSE=y # CONFIG_GOLDFISH is not set +CONFIG_RETPOLINE=y # CONFIG_INTEL_RDT is not set # CONFIG_X86_EXTENDED_PLATFORM is not set # CONFIG_X86_INTEL_LPSS is not set @@ -473,7 +473,7 @@ CONFIG_MICROCODE=y CONFIG_MICROCODE_INTEL=y CONFIG_MICROCODE_AMD=y CONFIG_MICROCODE_OLD_INTERFACE=y -# CONFIG_X86_MSR is not set +CONFIG_X86_MSR=m # CONFIG_X86_CPUID is not set # CONFIG_X86_5LEVEL is not set CONFIG_ARCH_PHYS_ADDR_T_64BIT=y @@ -1192,6 +1192,7 @@ CONFIG_ALLOW_DEV_COREDUMP=y # CONFIG_SYS_HYPERVISOR is not set # CONFIG_GENERIC_CPU_DEVICES is not set CONFIG_GENERIC_CPU_AUTOPROBE=y +CONFIG_GENERIC_CPU_VULNERABILITIES=y CONFIG_REGMAP=y CONFIG_DMA_SHARED_BUFFER=y # CONFIG_DMA_FENCE_TRACE is not set @@ -3551,7 +3552,6 @@ CONFIG_DEBUG_FS=y # CONFIG_HEADERS_CHECK is not set # CONFIG_DEBUG_SECTION_MISMATCH is not set CONFIG_SECTION_MISMATCH_WARN_ONLY=y -CONFIG_FRAME_POINTER=y CONFIG_STACK_VALIDATION=y CONFIG_MAGIC_SYSRQ=y CONFIG_MAGIC_SYSRQ_DEFAULT_ENABLE=0x1 @@ -3702,8 +3702,8 @@ CONFIG_IO_DELAY_0X80=y CONFIG_DEFAULT_IO_DELAY_TYPE=0 # CONFIG_OPTIMIZE_INLINING is not set # CONFIG_PUNIT_ATOM_DEBUG is not set -CONFIG_FRAME_POINTER_UNWINDER=y -# CONFIG_ORC_UNWINDER is not set +CONFIG_UNWINDER_ORC=y +# CONFIG_UNWINDER_FRAME_POINTER is not set # # Security options @@ -3719,6 +3719,7 @@ CONFIG_SECURITY=y CONFIG_SECURITY_WRITABLE_HOOKS=y CONFIG_SECURITYFS=y CONFIG_SECURITY_NETWORK=y +CONFIG_PAGE_TABLE_ISOLATION=y # CONFIG_SECURITY_PATH is not set # CONFIG_INTEL_TXT is not set CONFIG_LSM_MMAP_MIN_ADDR=65536 -- 2.13.6 -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to jailhouse-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[jh-images][PATCH 16/21] customizations: Enable outgoing network
From: Jan KiszkaWe are running the e1000e as NIC to reach the outer world. Configure it to dhcp so that it gets an IP from QEMU. Unfortunately, MSI-X is broken with that devices model and recent kernel drivers, including 4.14. Add a modprobe rule to switch the driver back to INTx as workaround. Signed-off-by: Jan Kiszka --- recipes-core/customizations/customizations.bb | 9 - recipes-core/customizations/files/e1000e | 3 +++ recipes-core/customizations/files/e1000e-intx.conf | 2 ++ recipes-core/images/demo-image.bb | 5 - 4 files changed, 17 insertions(+), 2 deletions(-) create mode 100644 recipes-core/customizations/files/e1000e create mode 100644 recipes-core/customizations/files/e1000e-intx.conf diff --git a/recipes-core/customizations/customizations.bb b/recipes-core/customizations/customizations.bb index 667befd..70d6ace 100644 --- a/recipes-core/customizations/customizations.bb +++ b/recipes-core/customizations/customizations.bb @@ -15,9 +15,16 @@ DESCRIPTION = "demo image customizations" SRC_URI = " \ file://postinst \ -file://.bash_history" +file://.bash_history \ +file://e1000e-intx.conf \ +file://e1000e" do_install() { + install -v -d ${D}/etc/modprobe.d + install -v -m 644 ${WORKDIR}/e1000e-intx.conf ${D}/etc/modprobe.d/ + + install -v -d ${D}/etc/network/interfaces.d + install -v -m 644 ${WORKDIR}/e1000e ${D}/etc/network/interfaces.d/ install -v -d ${D}/root install -v -m 600 ${WORKDIR}/.bash_history ${D}/root/ diff --git a/recipes-core/customizations/files/e1000e b/recipes-core/customizations/files/e1000e new file mode 100644 index 000..e76657d --- /dev/null +++ b/recipes-core/customizations/files/e1000e @@ -0,0 +1,3 @@ +auto enp0s2 + +iface enp0s2 inet dhcp diff --git a/recipes-core/customizations/files/e1000e-intx.conf b/recipes-core/customizations/files/e1000e-intx.conf new file mode 100644 index 000..b0f6725 --- /dev/null +++ b/recipes-core/customizations/files/e1000e-intx.conf @@ -0,0 +1,2 @@ +# Required due to MSI-X issue with QEMU and recent e1000e drivers +options e1000e IntMode=0 diff --git a/recipes-core/images/demo-image.bb b/recipes-core/images/demo-image.bb index f17b521..28c0916 100644 --- a/recipes-core/images/demo-image.bb +++ b/recipes-core/images/demo-image.bb @@ -11,6 +11,9 @@ require recipes-core/images/isar-image-base.bb -IMAGE_PREINSTALL += "bash-completion less vim nano" +IMAGE_PREINSTALL += " \ +bash-completion less vim nano \ +ifupdown isc-dhcp-client net-tools iputils-ping ssh \ +pciutils" IMAGE_INSTALL += "jailhouse customizations non-root-initramfs" -- 2.13.6 -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to jailhouse-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[jh-images][PATCH 13/21] Switch to memory layout used by Jailhouse next
From: Jan KiszkaBack-port the relevant patches from next to v0.8 which expand the reserved memory for inmates. This way we can use the same setup for the last release as well as the development version. Signed-off-by: Jan Kiszka --- ...004-configs-x86-Expand-inmate-reservation.patch | 189 + recipes-jailhouse/jailhouse/jailhouse_0.8.bb | 3 +- start-qemu.sh | 5 +- 3 files changed, 194 insertions(+), 3 deletions(-) create mode 100644 recipes-jailhouse/jailhouse/files/0004-configs-x86-Expand-inmate-reservation.patch diff --git a/recipes-jailhouse/jailhouse/files/0004-configs-x86-Expand-inmate-reservation.patch b/recipes-jailhouse/jailhouse/files/0004-configs-x86-Expand-inmate-reservation.patch new file mode 100644 index 000..34c3168 --- /dev/null +++ b/recipes-jailhouse/jailhouse/files/0004-configs-x86-Expand-inmate-reservation.patch @@ -0,0 +1,189 @@ +From 00bc86eb526b474bbd4eefe6fb29556a64043c5d Mon Sep 17 00:00:00 2001 +From: Jan Kiszka +Date: Sun, 18 Feb 2018 17:36:21 +0100 +Subject: [PATCH 4/4] configs: x86: Expand inmate reservation + +Add further 16 MB for inmates, using it for linux-x86-demo. This helps +starting standard, larger kernels that can also be used for the root +cell. + +While adjusting the two remaining AMD configs, also update their +hypervisor size which makes them compatible with linux-x86-demo again. + +Signed-off-by: Jan Kiszka +--- + README.md | 4 ++-- + configs/f2a88xm-hd3.c | 6 +++--- + configs/imb-a180.c| 6 +++--- + configs/linux-x86-demo.c | 8 + configs/qemu-x86.c| 14 +++--- + tools/jailhouse-config-create | 2 +- + 6 files changed, 20 insertions(+), 20 deletions(-) + +diff --git a/README.md b/README.md +index 077592e1..1fcb1425 100644 +--- a/README.md b/README.md +@@ -149,12 +149,12 @@ Software requirements + additional cell. This currently has to be pre-allocated during boot-up. + On x86 this is typically done by adding + +-memmap=66M$0x3b00 ++memmap=82M$0x3a00 + + as parameter to the command line of the virtual machine's kernel. Note that + if you plan to put this parameter in GRUB2 variables in /etc/default/grub, + then you will need three escape characters before the dollar +-(e.g. ```GRUB_CMDLINE_LINUX_DEFAULT="memmap=66M\\\$0x3b00"```). ++(e.g. ```GRUB_CMDLINE_LINUX_DEFAULT="memmap=82M\\\$0x3a00"```). + + ARM architecture: + +diff --git a/configs/f2a88xm-hd3.c b/configs/f2a88xm-hd3.c +index f35f34d7..96688b44 100644 +--- a/configs/f2a88xm-hd3.c b/configs/f2a88xm-hd3.c +@@ -14,7 +14,7 @@ + * by Valentine Sinitsyn . + * + * NOTE: This config expects the following to be appended to your kernel cmdline +- * "memmap=0x420$0x3b00" ++ * "memmap=82M$0x3a00" + */ + + #include +@@ -35,8 +35,8 @@ struct { + .signature = JAILHOUSE_SYSTEM_SIGNATURE, + .revision = JAILHOUSE_CONFIG_REVISION, + .hypervisor_memory = { +- .phys_start = 0x3b00, +- .size = 0x400, ++ .phys_start = 0x3a00, ++ .size = 0x60, + }, + .debug_console = { + .address = 0x3f8, +diff --git a/configs/imb-a180.c b/configs/imb-a180.c +index 07ea208c..4d3bb263 100644 +--- a/configs/imb-a180.c b/configs/imb-a180.c +@@ -13,7 +13,7 @@ + * Adjusted by Valentine Sinitsyn + * + * NOTE: This config expects the following to be appended to your kernel cmdline +- * "memmap=0x420$0x3b00" ++ * "memmap=82M$0x3a00" + */ + + #include +@@ -34,8 +34,8 @@ struct { + .signature = JAILHOUSE_SYSTEM_SIGNATURE, + .revision = JAILHOUSE_CONFIG_REVISION, + .hypervisor_memory = { +- .phys_start = 0x3b00, +- .size = 0x400, ++ .phys_start = 0x3a00, ++ .size = 0x60, + }, + .debug_console = { + .address = 0x3f8, +diff --git a/configs/linux-x86-demo.c b/configs/linux-x86-demo.c +index aab1df13..1985d6c1 100644 +--- a/configs/linux-x86-demo.c b/configs/linux-x86-demo.c +@@ -1,7 +1,7 @@ + /* + * Jailhouse, a Linux-based partitioning hypervisor + * +- * Configuration for linux inmate, 1 CPU, ~60 MB RAM, 1 serial port ++ * Configuration for Linux inmate, 1 CPU, 74 MB RAM, ~1MB shmem, serial ports + * + * Copyright (c) Siemens AG, 2013-2015 + * +@@ -57,7 +57,7 @@ struct { + + .mem_regions = { + /* low RAM */ { +- .phys_start = 0x3b60, ++
[jh-images][PATCH 10/21] Add README and CONTRIBUTING
From: Jan KiszkaSigned-off-by: Jan Kiszka --- CONTRIBUTING.md | 6 ++ README.md | 27 +++ 2 files changed, 33 insertions(+) create mode 100644 CONTRIBUTING.md create mode 100644 README.md diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 000..80f1f52 --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,6 @@ +The Jailhouse Images project uses the contribution process of its parent +project Jailhouse. See + +https://github.com/siemens/jailhouse/blob/master/CONTRIBUTING.md + +for details. diff --git a/README.md b/README.md new file mode 100644 index 000..42fd8c0 --- /dev/null +++ b/README.md @@ -0,0 +1,27 @@ +Jailhouse Image +=== + +The goal of this project is to generate ready-to-use reference images for the +[Jailhouse hypervisor](https://github.com/siemens/jailhouse) to support +demonstration and testing. The images are generated from Debian packages using +the [Isar build system](https://github.com/ilbers/isar). + + +Quickstart +-- + +The host-side requirements are: + +- Docker (tested with 17.09.1-ce) +- QEMU 2.7 (for x86 image) +- Kernel >= 4.4 with KVM support (for x86 image) + +To build all images, just run ```build-images.sh```. A QEMU image can then be +started using ```start-qemu.sh ARCHITECTURE```. Currently supported is "x86" as +architecture. + + +Community Resources +--- + +See [Jailhouse project](https://github.com/siemens/jailhouse). -- 2.13.6 -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to jailhouse-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[jh-images][PATCH 19/21] Silence printk messages on login consoles
From: Jan KiszkaThis avoida being spammed by kernel messages on the login console, specifically while issuing Jailhouse commands. Signed-off-by: Jan Kiszka --- recipes-core/customizations/customizations.bb | 6 +- recipes-core/customizations/files/99-silent-printk.conf | 1 + 2 files changed, 6 insertions(+), 1 deletion(-) create mode 100644 recipes-core/customizations/files/99-silent-printk.conf diff --git a/recipes-core/customizations/customizations.bb b/recipes-core/customizations/customizations.bb index 5ce8677..e7b9d59 100644 --- a/recipes-core/customizations/customizations.bb +++ b/recipes-core/customizations/customizations.bb @@ -19,7 +19,8 @@ SRC_URI = " \ file://e1000e-intx.conf \ file://e1000e \ file://ivshmem-net \ -file://known_hosts" +file://known_hosts \ +file://99-silent-printk.conf" do_install() { install -v -d ${D}/etc/modprobe.d @@ -29,6 +30,9 @@ do_install() { install -v -m 644 ${WORKDIR}/e1000e ${D}/etc/network/interfaces.d/ install -v -m 644 ${WORKDIR}/ivshmem-net ${D}/etc/network/interfaces.d/ + install -v -d ${D}/etc/sysctl.d + install -v -m 644 ${WORKDIR}/99-silent-printk.conf ${D}/etc/sysctl.d/ + install -v -d ${D}/root install -v -m 600 ${WORKDIR}/.bash_history ${D}/root/ diff --git a/recipes-core/customizations/files/99-silent-printk.conf b/recipes-core/customizations/files/99-silent-printk.conf new file mode 100644 index 000..ad24d3a --- /dev/null +++ b/recipes-core/customizations/files/99-silent-printk.conf @@ -0,0 +1 @@ +kernel.printk = 3 4 1 3 -- 2.13.6 -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to jailhouse-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[jh-images][PATCH 01/21] Switch Isar repository to upstream
From: Jan KiszkaAll dependencies have been merged into upstream Isar now. Switch to Isar's next branch, adjusting kernel and module build recipes to the latest changes. Signed-off-by: Jan Kiszka --- conf/multiconfig/qemuamd64-jailhouse.conf | 4 +++- kas.yml| 4 ++-- recipes-jailhouse/jailhouse/files/debian/control | 4 ++-- recipes-jailhouse/jailhouse/jailhouse.inc | 3 ++- recipes-kernel/linux/files/{defconfig => x86_64_defconfig} | 0 5 files changed, 9 insertions(+), 6 deletions(-) rename recipes-kernel/linux/files/{defconfig => x86_64_defconfig} (100%) diff --git a/conf/multiconfig/qemuamd64-jailhouse.conf b/conf/multiconfig/qemuamd64-jailhouse.conf index efbc01b..d89d851 100644 --- a/conf/multiconfig/qemuamd64-jailhouse.conf +++ b/conf/multiconfig/qemuamd64-jailhouse.conf @@ -11,4 +11,6 @@ require conf/multiconfig/qemuamd64-stretch.conf -PREFERRED_PROVIDER_virtual/kernel = "linux-jailhouse" +KERNEL_NAME = "jailhouse-amd64" + +PREFERRED_VERSION_jailhouse ?= "0.8" diff --git a/kas.yml b/kas.yml index 998b2bb..09087cd 100644 --- a/kas.yml +++ b/kas.yml @@ -18,8 +18,8 @@ repos: jailhouse: isar: -url: https://github.com/siemens/isar -refspec: 0245f4d754efa92be4a9671074e7cd79e3e39452 +url: https://github.com/ilbers/isar +refspec: 17399a2dc0dd1cdde716ce2ec75338346cb20fa4 layers: meta: meta-isar: diff --git a/recipes-jailhouse/jailhouse/files/debian/control b/recipes-jailhouse/jailhouse/files/debian/control index 9f6afbd..479ce1d 100644 --- a/recipes-jailhouse/jailhouse/files/debian/control +++ b/recipes-jailhouse/jailhouse/files/debian/control @@ -2,10 +2,10 @@ Source: jailhouse Section: misc Priority: optional Standards-Version: 3.9.6 -Build-Depends: linux-headers-amd64 [amd64], python-mako +Build-Depends: linux-headers-@KERNEL_NAME@, python-mako Maintainer: Jan Kiszka Package: jailhouse Architecture: any -Depends: ${shlibs:Depends}, linux-image-amd64 [amd64], python-mako +Depends: ${shlibs:Depends}, linux-image-@KERNEL_NAME@, python-mako Description: Jailhouse partitioning hypervisor diff --git a/recipes-jailhouse/jailhouse/jailhouse.inc b/recipes-jailhouse/jailhouse/jailhouse.inc index e4658a8..92f0614 100644 --- a/recipes-jailhouse/jailhouse/jailhouse.inc +++ b/recipes-jailhouse/jailhouse/jailhouse.inc @@ -21,9 +21,10 @@ S = "git" inherit dpkg -DEPENDS = "virtual/kernel" +DEPENDS = "linux-image-${KERNEL_NAME}" dpkg_runbuild_prepend() { cp -r ${WORKDIR}/debian ${WORKDIR}/${S}/ sed -i 's/@PV@/${PV}/' ${WORKDIR}/${S}/debian/changelog +sed -i 's/@KERNEL_NAME@/${KERNEL_NAME}/' ${WORKDIR}/${S}/debian/control } diff --git a/recipes-kernel/linux/files/defconfig b/recipes-kernel/linux/files/x86_64_defconfig similarity index 100% rename from recipes-kernel/linux/files/defconfig rename to recipes-kernel/linux/files/x86_64_defconfig -- 2.13.6 -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to jailhouse-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[jh-images][PATCH 05/21] build-images: Add --shell switch for interactive mode
From: Jan KiszkaHelps while developing: Call build-images --shell, you will fall into a kas shell in the docker container so that bitbake can be called manually. Rename the repo mount point at this chance to the official project name. Signed-off-by: Jan Kiszka --- build-images.sh | 29 ++--- 1 file changed, 26 insertions(+), 3 deletions(-) diff --git a/build-images.sh b/build-images.sh index 79f2bd1..baf3a58 100755 --- a/build-images.sh +++ b/build-images.sh @@ -10,13 +10,36 @@ # SPDX-License-Identifier: GPL-2.0 # +usage() +{ + echo "Usage: $0 [OPTIONS]" + echo -e "\nOptions:" + echo -e "--shell\t\tDrop into a shell to issue bitbake commands" \ + "manually." + exit 1 +} + +CMD="build" + +while [ $# -gt 0 ]; do + case "$1" in + --shell) + CMD="shell" + shift 1 + ;; + *) + usage + ;; + esac +done + mkdir -p out -docker run -v $(pwd):/isar-jailhouse:ro -v $(pwd)/out:/out:rw \ - -e USER_ID=$(id -u) --rm -t -i \ +docker run -v $(pwd):/jailhouse-images:ro -v $(pwd)/out:/out:rw \ + -e USER_ID=$(id -u) -e SHELL=${SHELL} --rm -t -i \ --cap-add=SYS_ADMIN --cap-add=MKNOD --privileged \ --device $(/sbin/losetup -f) \ -e http_proxy=$http_proxy -e https_proxy=$https_proxy \ -e no_proxy=$no_proxy \ kasproject/kas-isar sh -c " cd /out; - kas build /isar-jailhouse/kas.yml" + kas ${CMD} /jailhouse-images/kas.yml" -- 2.13.6 -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to jailhouse-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[jh-images][PATCH 02/21] Refactor start-qemu
From: Jan KiszkaPull out QEMU and kernel switches that are architecture specific. Signed-off-by: Jan Kiszka --- start-qemu.sh | 21 - 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/start-qemu.sh b/start-qemu.sh index 1bd2163..3c50ffb 100755 --- a/start-qemu.sh +++ b/start-qemu.sh @@ -26,6 +26,15 @@ case "$1" in x86|x86_64|amd64) DISTRO_ARCH=amd64 QEMU=qemu-system-x86_64 + QEMU_EXTRA_ARGS=" \ + -cpu kvm64,-kvm_pv_eoi,-kvm_steal_time,-kvm_asyncpf,-kvmclock,+vmx,+arat \ + -enable-kvm -machine q35,kernel_irqchip=split \ + -device ide-hd,drive=disk \ + -device intel-iommu,intremap=on,x-buggy-eim=on \ + -device intel-hda,addr=1b.0 -device hda-duplex \ + -device e1000e,addr=2.0,netdev=net" + KERNEL_CMDLINE="root=/dev/sda intel_iommu=off \ + memmap=66M\$0x3b00" ;; ""|--help) usage @@ -42,14 +51,8 @@ shift 1 ${QEMU_PATH}${QEMU} \ -drive file=${IMAGE_BUILD_DIR}/build/tmp/deploy/images/demo-image-debian-stretch-qemu${DISTRO_ARCH}.ext4.img,discard=unmap,if=none,id=disk,format=raw \ - -device ide-hd,drive=disk -m 1G -enable-kvm -smp 4 \ - -serial mon:stdio -serial vc \ - -cpu kvm64,-kvm_pv_eoi,-kvm_steal_time,-kvm_asyncpf,-kvmclock,+vmx,+arat \ - -machine q35,kernel_irqchip=split \ - -device intel-iommu,intremap=on,x-buggy-eim=on \ - -device intel-hda,addr=1b.0 -device hda-duplex \ - -netdev user,id=net -device e1000e,addr=2.0,netdev=net \ + -m 1G -smp 4 -serial mon:stdio -serial vc -netdev user,id=net \ -kernel ${IMAGE_BUILD_DIR}/build/tmp/deploy/images/vmlinuz* \ - -append "intel_iommu=off memmap=66M\$0x3b00 root=/dev/sda" \ + -append "${KERNEL_CMDLINE}" \ -initrd ${IMAGE_BUILD_DIR}/build/tmp/deploy/images/initrd.img* \ - "$@" + ${QEMU_EXTRA_ARGS} "$@" -- 2.13.6 -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to jailhouse-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[jh-images][PATCH 09/21] Prepare for non-x86 kernel builds
From: Jan KiszkaMake the defconfig x86_64-only. Signed-off-by: Jan Kiszka --- recipes-kernel/linux/linux-jailhouse.bb | 6 -- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/recipes-kernel/linux/linux-jailhouse.bb b/recipes-kernel/linux/linux-jailhouse.bb index c32b8f5..f43f57a 100644 --- a/recipes-kernel/linux/linux-jailhouse.bb +++ b/recipes-kernel/linux/linux-jailhouse.bb @@ -11,11 +11,13 @@ require recipes-kernel/linux/linux-custom.inc -SRC_URI = " \ +SRC_URI += " \ https://github.com/siemens/linux/archive/${SRCREV}.tar.gz \ -file://defconfig" +file://x86_64_defconfig" SRC_URI[sha256sum] = "e779cb4297b7bec7397d23984c9f611c5d88f5ca1600b9346bfa9e44dc1bc4f4" SRCREV = "26a81a994feef8d54f53ca15fbd2a527b285d56f" PV = "4.14.18" S = "linux-${SRCREV}" + +KERNEL_DEFCONFIG_qemuamd64 = "x86_64_defconfig" -- 2.13.6 -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to jailhouse-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[jh-images][PATCH 07/21] Add git as Jailhouse build dependency
From: Jan KiszkaThis allows to extract the git revision during the build and add it to the version reported by Jailhouse during runtime. Signed-off-by: Jan Kiszka --- recipes-jailhouse/jailhouse/files/debian/control | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/recipes-jailhouse/jailhouse/files/debian/control b/recipes-jailhouse/jailhouse/files/debian/control index 479ce1d..8fe3f5a 100644 --- a/recipes-jailhouse/jailhouse/files/debian/control +++ b/recipes-jailhouse/jailhouse/files/debian/control @@ -2,7 +2,7 @@ Source: jailhouse Section: misc Priority: optional Standards-Version: 3.9.6 -Build-Depends: linux-headers-@KERNEL_NAME@, python-mako +Build-Depends: linux-headers-@KERNEL_NAME@, python-mako, git Maintainer: Jan Kiszka Package: jailhouse -- 2.13.6 -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to jailhouse-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[jh-images][PATCH 00/21] Enhance x86 demo image
This significantly enhances the demo image we can generate via https://github.com/siemens/jailhouse-images. Highlights: - update to Isar upstream version - add support for non-root Linux demo - allow to build Jailhouse next branch - update Linux kernel - several customizations that improve the image usability Jan Jan Kiszka (21): Switch Isar repository to upstream Refactor start-qemu Start x86 kernel with framebuffer console linux-jailhouse: Update defconfig build-images: Add --shell switch for interactive mode Add editors to demo image Add git as Jailhouse build dependency Add customization script for demo image Prepare for non-x86 kernel builds Add README and CONTRIBUTING Add support for building the latest version Backport cell-linux patches for kernel/initramfs memory placement Switch to memory layout used by Jailhouse next Add initramfs for non-root Linux inmates linux-jailhouse: Switch to LZ4 compression customizations: Enable outgoing network Enable network to non-root cells Expand demo image to 1 GB free space Silence printk messages on login consoles Update Jailhouse Linux kernel to 4.14.24 Add --docker-args to build-images.sh CONTRIBUTING.md|6 + README.md | 27 + build-images.sh| 45 +- conf/multiconfig/qemuamd64-jailhouse.conf |4 +- .../jailhouse/jailhouse_0.8.bb => kas-latest.yml |9 +- kas.yml|4 +- recipes-core/customizations/customizations.bb | 41 + recipes-core/customizations/files/.bash_history| 10 + .../customizations/files/99-silent-printk.conf |1 + recipes-core/customizations/files/e1000e |3 + recipes-core/customizations/files/e1000e-intx.conf |2 + recipes-core/customizations/files/issue|2 + recipes-core/customizations/files/ivshmem-net |5 + recipes-core/customizations/files/known_hosts |1 + recipes-core/customizations/files/postinst |4 + recipes-core/images/demo-image.bb |9 +- recipes-core/non-root-initramfs/files/amd64-config | 3249 .../non-root-initramfs/files/debian/changelog |5 + .../non-root-initramfs/files/debian/compat |1 + .../non-root-initramfs/files/debian/control| 10 + .../files/debian/non-root-initramfs.install|1 + .../files/debian/rules}| 12 +- .../files/overlay/etc/default/dropbear |1 + .../overlay/etc/dropbear/dropbear_ecdsa_host_key | Bin 0 -> 242 bytes .../files/overlay/etc/init.d/S40network|1 + .../files/overlay/etc/init.d/S41dhcpcd |1 + .../non-root-initramfs_2017.11.2.bb| 32 + ...linux-Use-minimal-decompression-space-for.patch | 58 + ...linux-Make-kernel-decompression-factor-co.patch | 82 + ...linux-Tune-x86-decompression-factor-based.patch | 99 + ...004-configs-x86-Expand-inmate-reservation.patch | 189 ++ recipes-jailhouse/jailhouse/files/debian/control |4 +- .../jailhouse/files/debian/jailhouse.install |4 +- recipes-jailhouse/jailhouse/jailhouse.inc |5 +- recipes-jailhouse/jailhouse/jailhouse_0.8.bb |6 + .../{jailhouse_0.8.bb => jailhouse_latest.bb} |3 +- .../linux/files/{defconfig => x86_64_defconfig}| 20 +- recipes-kernel/linux/linux-jailhouse.bb| 14 +- start-qemu.sh | 22 +- 39 files changed, 3947 insertions(+), 45 deletions(-) create mode 100644 CONTRIBUTING.md create mode 100644 README.md copy recipes-jailhouse/jailhouse/jailhouse_0.8.bb => kas-latest.yml (58%) create mode 100644 recipes-core/customizations/customizations.bb create mode 100644 recipes-core/customizations/files/.bash_history create mode 100644 recipes-core/customizations/files/99-silent-printk.conf create mode 100644 recipes-core/customizations/files/e1000e create mode 100644 recipes-core/customizations/files/e1000e-intx.conf create mode 100644 recipes-core/customizations/files/issue create mode 100644 recipes-core/customizations/files/ivshmem-net create mode 100644 recipes-core/customizations/files/known_hosts create mode 100644 recipes-core/customizations/files/postinst create mode 100644 recipes-core/non-root-initramfs/files/amd64-config create mode 100644 recipes-core/non-root-initramfs/files/debian/changelog create mode 100644 recipes-core/non-root-initramfs/files/debian/compat create mode 100644 recipes-core/non-root-initramfs/files/debian/control create mode 100644 recipes-core/non-root-initramfs/files/debian/non-root-initramfs.install copy recipes-core/{images/demo-image.bb => non-root-initramfs/files/debian/rules} (52%) mode change 100644 => 100755 create mode 100644
[jh-images][PATCH 15/21] linux-jailhouse: Switch to LZ4 compression
From: Jan KiszkaThis provides the fastest decompression. Signed-off-by: Jan Kiszka --- recipes-kernel/linux/files/x86_64_defconfig | 4 ++-- recipes-kernel/linux/linux-jailhouse.bb | 2 ++ 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/recipes-kernel/linux/files/x86_64_defconfig b/recipes-kernel/linux/files/x86_64_defconfig index f072ef6..7f9cc0e 100644 --- a/recipes-kernel/linux/files/x86_64_defconfig +++ b/recipes-kernel/linux/files/x86_64_defconfig @@ -61,12 +61,12 @@ CONFIG_HAVE_KERNEL_LZMA=y CONFIG_HAVE_KERNEL_XZ=y CONFIG_HAVE_KERNEL_LZO=y CONFIG_HAVE_KERNEL_LZ4=y -CONFIG_KERNEL_GZIP=y +# CONFIG_KERNEL_GZIP is not set # CONFIG_KERNEL_BZIP2 is not set # CONFIG_KERNEL_LZMA is not set # CONFIG_KERNEL_XZ is not set # CONFIG_KERNEL_LZO is not set -# CONFIG_KERNEL_LZ4 is not set +CONFIG_KERNEL_LZ4=y CONFIG_DEFAULT_HOSTNAME="(none)" CONFIG_SWAP=y CONFIG_SYSVIPC=y diff --git a/recipes-kernel/linux/linux-jailhouse.bb b/recipes-kernel/linux/linux-jailhouse.bb index f43f57a..2319da4 100644 --- a/recipes-kernel/linux/linux-jailhouse.bb +++ b/recipes-kernel/linux/linux-jailhouse.bb @@ -21,3 +21,5 @@ PV = "4.14.18" S = "linux-${SRCREV}" KERNEL_DEFCONFIG_qemuamd64 = "x86_64_defconfig" + +KBUILD_DEPENDS += "liblz4-tool" -- 2.13.6 -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to jailhouse-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[jh-images][PATCH 21/21] Add --docker-args to build-images.sh
From: Jan KiszkaThis allows to inject additional arguments for "docker run", e.g. to define additional local volumes. Signed-off-by: Jan Kiszka --- build-images.sh | 10 +- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/build-images.sh b/build-images.sh index 63c701a..354c75e 100755 --- a/build-images.sh +++ b/build-images.sh @@ -17,11 +17,14 @@ usage() echo -e "--latest\tBuild latest Jailhouse version from next branch." echo -e "--shell\t\tDrop into a shell to issue bitbake commands" \ "manually." + echo -e "--docker-args\tAdditional arguments to pass to docker for" \ + "running the build." exit 1 } LATEST="" CMD="build" +DOCKER_ARGS="" while [ $# -gt 0 ]; do case "$1" in @@ -33,6 +36,11 @@ while [ $# -gt 0 ]; do CMD="shell" shift 1 ;; + --docker-args) + [ $# -gt 0 ] || usage + DOCKER_ARGS=$2 + shift 2 + ;; *) usage ;; @@ -45,7 +53,7 @@ docker run -v $(pwd):/jailhouse-images:ro -v $(pwd)/out:/out:rw \ --cap-add=SYS_ADMIN --cap-add=MKNOD --privileged \ --device $(/sbin/losetup -f) \ -e http_proxy=$http_proxy -e https_proxy=$https_proxy \ - -e no_proxy=$no_proxy \ + -e no_proxy=$no_proxy ${DOCKER_ARGS} \ kasproject/kas-isar sh -c " cd /out; kas ${CMD} /jailhouse-images/kas${LATEST}.yml" -- 2.13.6 -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to jailhouse-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[jh-images][PATCH 06/21] Add editors to demo image
From: Jan KiszkaWho can live without one? Signed-off-by: Jan Kiszka --- recipes-core/images/demo-image.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/recipes-core/images/demo-image.bb b/recipes-core/images/demo-image.bb index 159c3f4..c9771a9 100644 --- a/recipes-core/images/demo-image.bb +++ b/recipes-core/images/demo-image.bb @@ -11,6 +11,6 @@ require recipes-core/images/isar-image-base.bb -IMAGE_PREINSTALL += "bash-completion less" +IMAGE_PREINSTALL += "bash-completion less vim nano" IMAGE_INSTALL += "jailhouse" -- 2.13.6 -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to jailhouse-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [EXTERNAL] [PATCH 2/4] arm/arm64: Reject hypercalls with wrong immediate code
On 2018-03-05 16:31, Nikhil Devshatwar wrote: > On Monday 05 March 2018 12:21 PM, Jan Kiszka wrote: >> From: Jan Kiszka>> >> Jailhouse only supports hypercalls with the immediate code 0x4a48. Avoid >> interpreting calls with other codes as ours. >> >> Signed-off-by: Jan Kiszka >> --- >> hypervisor/arch/arm/traps.c | 3 +++ >> hypervisor/arch/arm64/traps.c | 3 +++ >> include/arch/arm/asm/jailhouse_hypercall.h | 2 ++ >> include/arch/arm64/asm/jailhouse_hypercall.h | 2 ++ >> 4 files changed, 10 insertions(+) >> >> diff --git a/hypervisor/arch/arm/traps.c b/hypervisor/arch/arm/traps.c >> index f75a3b00..15f736fc 100644 >> --- a/hypervisor/arch/arm/traps.c >> +++ b/hypervisor/arch/arm/traps.c >> @@ -263,6 +263,9 @@ static int arch_handle_hvc(struct trap_context *ctx) >> unsigned long *regs = ctx->regs; >> unsigned long code = regs[0]; >> + if (HSR_ISS(ctx->hsr) != JAILHOUSE_HVC_CODE) >> + return TRAP_FORBIDDEN; >> + >> regs[0] = hypercall(code, regs[1], regs[2]); >> if (code == JAILHOUSE_HC_DISABLE && regs[0] == 0) >> diff --git a/hypervisor/arch/arm64/traps.c >> b/hypervisor/arch/arm64/traps.c >> index cd309233..0c4a498d 100644 >> --- a/hypervisor/arch/arm64/traps.c >> +++ b/hypervisor/arch/arm64/traps.c >> @@ -51,6 +51,9 @@ static int handle_hvc(struct trap_context *ctx) >> unsigned long *regs = ctx->regs; >> unsigned long code = regs[0]; >> + if (ESR_ISS(ctx->esr) != JAILHOUSE_HVC_CODE) >> + return TRAP_FORBIDDEN; >> + >> regs[0] = hypercall(code, regs[1], regs[2]); >> if (code == JAILHOUSE_HC_DISABLE && regs[0] == 0) >> diff --git a/include/arch/arm/asm/jailhouse_hypercall.h >> b/include/arch/arm/asm/jailhouse_hypercall.h >> index 8baec784..e4eca625 100644 >> --- a/include/arch/arm/asm/jailhouse_hypercall.h >> +++ b/include/arch/arm/asm/jailhouse_hypercall.h >> @@ -36,6 +36,8 @@ >> * THE POSSIBILITY OF SUCH DAMAGE. >> */ >> +#define JAILHOUSE_HVC_CODE 0x4a48 >> + >> #define JAILHOUSE_CALL_INS ".arch_extension virt\n\t" \ >> "hvc #0x4a48" > Might as well use the stringify to resue the new #define Yes, but then we need to consistently include the right headers to have that define in all environments (hypervisor, Linux, inmates). I was playing with this but then felt better to not add this requirement. Jan >> #define JAILHOUSE_CALL_NUM_RESULT "r0" >> diff --git a/include/arch/arm64/asm/jailhouse_hypercall.h >> b/include/arch/arm64/asm/jailhouse_hypercall.h >> index d9a9f693..86ce6716 100644 >> --- a/include/arch/arm64/asm/jailhouse_hypercall.h >> +++ b/include/arch/arm64/asm/jailhouse_hypercall.h >> @@ -36,6 +36,8 @@ >> * THE POSSIBILITY OF SUCH DAMAGE. >> */ >> +#define JAILHOUSE_HVC_CODE 0x4a48 >> + >> #define JAILHOUSE_CALL_INS "hvc #0x4a48" > Same as above >> #define JAILHOUSE_CALL_NUM_RESULT "x0" >> #define JAILHOUSE_CALL_ARG1 "x1" > Nikhil D -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to jailhouse-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [PATCH v4 3/7] x86/jailhouse: Enable PCI mmconfig access in inmates
On Sun, Mar 4, 2018 at 8:31 PM, Jan Kiszkawrote: > From: Otavio Pontes > > Use the PCI mmconfig base address exported by jailhouse in boot > parameters in order to access the memory mapped PCI configuration space. > FWIW, Reviewed-by: Andy Shevchenko > Signed-off-by: Otavio Pontes > [Jan: rebased, fixed !CONFIG_PCI_MMCONFIG, used pcibios_last_bus] > Signed-off-by: Jan Kiszka > --- > arch/x86/include/asm/pci_x86.h | 2 ++ > arch/x86/kernel/jailhouse.c| 8 > arch/x86/pci/mmconfig-shared.c | 4 ++-- > 3 files changed, 12 insertions(+), 2 deletions(-) > > diff --git a/arch/x86/include/asm/pci_x86.h b/arch/x86/include/asm/pci_x86.h > index eb66fa9cd0fc..959d618dbb17 100644 > --- a/arch/x86/include/asm/pci_x86.h > +++ b/arch/x86/include/asm/pci_x86.h > @@ -151,6 +151,8 @@ extern int pci_mmconfig_insert(struct device *dev, u16 > seg, u8 start, u8 end, >phys_addr_t addr); > extern int pci_mmconfig_delete(u16 seg, u8 start, u8 end); > extern struct pci_mmcfg_region *pci_mmconfig_lookup(int segment, int bus); > +extern struct pci_mmcfg_region *__init pci_mmconfig_add(int segment, int > start, > + int end, u64 addr); > > extern struct list_head pci_mmcfg_list; > > diff --git a/arch/x86/kernel/jailhouse.c b/arch/x86/kernel/jailhouse.c > index b68fd895235a..fa183a131edc 100644 > --- a/arch/x86/kernel/jailhouse.c > +++ b/arch/x86/kernel/jailhouse.c > @@ -124,6 +124,14 @@ static int __init jailhouse_pci_arch_init(void) > if (pcibios_last_bus < 0) > pcibios_last_bus = 0xff; > > +#ifdef CONFIG_PCI_MMCONFIG > + if (setup_data.pci_mmconfig_base) { > + pci_mmconfig_add(0, 0, pcibios_last_bus, > +setup_data.pci_mmconfig_base); > + pci_mmcfg_arch_init(); > + } > +#endif > + > return 0; > } > > diff --git a/arch/x86/pci/mmconfig-shared.c b/arch/x86/pci/mmconfig-shared.c > index 96684d0adcf9..0e590272366b 100644 > --- a/arch/x86/pci/mmconfig-shared.c > +++ b/arch/x86/pci/mmconfig-shared.c > @@ -94,8 +94,8 @@ static struct pci_mmcfg_region *pci_mmconfig_alloc(int > segment, int start, > return new; > } > > -static struct pci_mmcfg_region *__init pci_mmconfig_add(int segment, int > start, > - int end, u64 addr) > +struct pci_mmcfg_region *__init pci_mmconfig_add(int segment, int start, > +int end, u64 addr) > { > struct pci_mmcfg_region *new; > > -- > 2.13.6 > -- With Best Regards, Andy Shevchenko -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to jailhouse-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [EXTERNAL] [PATCH 2/4] arm/arm64: Reject hypercalls with wrong immediate code
On Monday 05 March 2018 12:21 PM, Jan Kiszka wrote: From: Jan KiszkaJailhouse only supports hypercalls with the immediate code 0x4a48. Avoid interpreting calls with other codes as ours. Signed-off-by: Jan Kiszka --- hypervisor/arch/arm/traps.c | 3 +++ hypervisor/arch/arm64/traps.c| 3 +++ include/arch/arm/asm/jailhouse_hypercall.h | 2 ++ include/arch/arm64/asm/jailhouse_hypercall.h | 2 ++ 4 files changed, 10 insertions(+) diff --git a/hypervisor/arch/arm/traps.c b/hypervisor/arch/arm/traps.c index f75a3b00..15f736fc 100644 --- a/hypervisor/arch/arm/traps.c +++ b/hypervisor/arch/arm/traps.c @@ -263,6 +263,9 @@ static int arch_handle_hvc(struct trap_context *ctx) unsigned long *regs = ctx->regs; unsigned long code = regs[0]; + if (HSR_ISS(ctx->hsr) != JAILHOUSE_HVC_CODE) + return TRAP_FORBIDDEN; + regs[0] = hypercall(code, regs[1], regs[2]); if (code == JAILHOUSE_HC_DISABLE && regs[0] == 0) diff --git a/hypervisor/arch/arm64/traps.c b/hypervisor/arch/arm64/traps.c index cd309233..0c4a498d 100644 --- a/hypervisor/arch/arm64/traps.c +++ b/hypervisor/arch/arm64/traps.c @@ -51,6 +51,9 @@ static int handle_hvc(struct trap_context *ctx) unsigned long *regs = ctx->regs; unsigned long code = regs[0]; + if (ESR_ISS(ctx->esr) != JAILHOUSE_HVC_CODE) + return TRAP_FORBIDDEN; + regs[0] = hypercall(code, regs[1], regs[2]); if (code == JAILHOUSE_HC_DISABLE && regs[0] == 0) diff --git a/include/arch/arm/asm/jailhouse_hypercall.h b/include/arch/arm/asm/jailhouse_hypercall.h index 8baec784..e4eca625 100644 --- a/include/arch/arm/asm/jailhouse_hypercall.h +++ b/include/arch/arm/asm/jailhouse_hypercall.h @@ -36,6 +36,8 @@ * THE POSSIBILITY OF SUCH DAMAGE. */ +#define JAILHOUSE_HVC_CODE 0x4a48 + #define JAILHOUSE_CALL_INS".arch_extension virt\n\t" \ "hvc #0x4a48" Might as well use the stringify to resue the new #define #define JAILHOUSE_CALL_NUM_RESULT "r0" diff --git a/include/arch/arm64/asm/jailhouse_hypercall.h b/include/arch/arm64/asm/jailhouse_hypercall.h index d9a9f693..86ce6716 100644 --- a/include/arch/arm64/asm/jailhouse_hypercall.h +++ b/include/arch/arm64/asm/jailhouse_hypercall.h @@ -36,6 +36,8 @@ * THE POSSIBILITY OF SUCH DAMAGE. */ +#define JAILHOUSE_HVC_CODE 0x4a48 + #define JAILHOUSE_CALL_INS"hvc #0x4a48" Same as above #define JAILHOUSE_CALL_NUM_RESULT "x0" #define JAILHOUSE_CALL_ARG1 "x1" Nikhil D -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to jailhouse-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: Submitting a patch to the mailing list
Thanks for the reply. > Spammers like to use such methods (aka. relaying), so I think it simply > got marked as spam. Your MX should be allowed to send mail from FROM. So > either use a hotmail SMTP server or you gmail account in FROM. > I did try sending the email using hotmail's SMTP server before with these settings: [sendemail] smtp-encryption = ssl smtp-server = smtp.live.com smtp-user = adeelahma...@hotmail.com smtp-server-port = 587 smtp-pass = PASS But it still doesn't show up. I also made sure I was subscribed to the mailing list with my hotmail address. Adeel > Ralf > > smtp-server-port = 587 > > > > > > But the patch does not show up here. I am not used to sending patches > > through email, so any help would be appreciated. > > > > Thanks, > > Adeel > > -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to jailhouse-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: Submitting a patch to the mailing list
> Spammers like to use such methods (aka. relaying), so I think it simply > got marked as spam. Your MX should be allowed to send mail from FROM. So > either use a hotmail SMTP server or you gmail account in FROM. > I did try sending the email using using hotmail's SMTP > Ralf > > smtp-server-port = 587 > > > > > > But the patch does not show up here. I am not used to sending patches > > through email, so any help would be appreciated. > > > > Thanks, > > Adeel > > -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to jailhouse-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: Submitting a patch to the mailing list
Hi, On 03/05/2018 11:26 AM, Adeel Ahmad wrote: > I am sending my patch using the git send-email command as below: > > git send-email --to=jailhouse-dev@googlegroups.com > --cc=jan.kis...@siemens.com --suppress-cc=self patchname.patch > The log reads: > > OK. Log says: > Sendmail: /usr/sbin/sendmail -i jailhouse-dev@googlegroups.com > jan.kis...@siemens.com > From: Adeel Ahmadyou're trying to send the patch from you hotmail account, ... > To: jailhouse-dev@googlegroups.com > Cc: jan.kis...@siemens.com > Subject: [PATCH] Update required QEMU version to be >= 2.8 > Date: Mon, 5 Mar 2018 15:15:25 +0500 > Message-Id: <1520244925-7812-1-git-send-email-adeelahma...@hotmail.com> > X-Mailer: git-send-email 1.9.1 > > Result: OK > > I also tried using my Gmail address for sending the patch by updating the > following fields in ~/.gitconfig: > > [sendemail] > > smtp-encryption = ssl > > smtp-server = smtp.gmail.com > > smtp-user = adeelahmadadl1...@gmail.com > ... via gmail as relay. Spammers like to use such methods (aka. relaying), so I think it simply got marked as spam. Your MX should be allowed to send mail from FROM. So either use a hotmail SMTP server or you gmail account in FROM. Ralf > smtp-server-port = 587 > > > But the patch does not show up here. I am not used to sending patches through > email, so any help would be appreciated. > > Thanks, > Adeel > -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to jailhouse-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Submitting a patch to the mailing list
I am sending my patch using the git send-email command as below: git send-email --to=jailhouse-dev@googlegroups.com --cc=jan.kis...@siemens.com --suppress-cc=self patchname.patch The log reads: OK. Log says: Sendmail: /usr/sbin/sendmail -i jailhouse-dev@googlegroups.com jan.kis...@siemens.com From: Adeel AhmadTo: jailhouse-dev@googlegroups.com Cc: jan.kis...@siemens.com Subject: [PATCH] Update required QEMU version to be >= 2.8 Date: Mon, 5 Mar 2018 15:15:25 +0500 Message-Id: <1520244925-7812-1-git-send-email-adeelahma...@hotmail.com> X-Mailer: git-send-email 1.9.1 Result: OK I also tried using my Gmail address for sending the patch by updating the following fields in ~/.gitconfig: [sendemail] smtp-encryption = ssl smtp-server = smtp.gmail.com smtp-user = adeelahmadadl1...@gmail.com smtp-server-port = 587 But the patch does not show up here. I am not used to sending patches through email, so any help would be appreciated. Thanks, Adeel -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to jailhouse-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[PATCH v2] Documentation: supported free OSs; memory reservation through DT
Signed-off-by: Claudio Scordino--- FAQ.md| 9 + README.md | 2 +- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/FAQ.md b/FAQ.md index 81985f8..cf87a52 100644 --- a/FAQ.md +++ b/FAQ.md @@ -48,6 +48,15 @@ Otherwise, use the ```msg_reply_timeout``` field in the cell config to specify the number of idle loops the root cell must wait for a reply before considering the cell as failing. +**Q: Which open-source OSs can be currently run in non-root cells?** + +A: The following open-source OSs have been currently ported to Jailhouse: +* [Linux](Documentation/non-root-linux.txt) +* [FreeRTOS](https://github.com/siemens/freertos-cell) +* [ERIKA3 RTOS](http://www.erika-enterprise.com/wiki/index.php?title=ERIKA3_on_the_Jailhouse_hypervisor) +* [Zephyr](https://www.zephyrproject.org) + + Debugging - diff --git a/README.md b/README.md index 9dc9841..71ac911 100644 --- a/README.md +++ b/README.md @@ -170,7 +170,7 @@ Software requirements additional cell. This currently has to be pre-allocated during boot-up. On ARM this can be obtained by reducing the amount of memory seen by the kernel (through the `mem=` kernel boot parameter) or by modifying the -Device Tree. +Device Tree (i.e. the `reserved-memory` node). Build & Installation -- 2.7.4 -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to jailhouse-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Qemu-devel] Call for GSoC & Outreachy 2018 mentors & project ideas
On Tue, Feb 27, 2018 at 08:54:11PM -0300, Philippe Mathieu-Daudé wrote: > On 02/14/2018 04:00 PM, Alistair Francis wrote: > > On Mon, Jan 15, 2018 at 4:59 AM, Stefan Hajnocziwrote: > >> On Thu, Jan 11, 2018 at 03:25:56PM -0800, Alistair Francis wrote: > >>> On Wed, Jan 10, 2018 at 4:52 AM, Stefan Hajnoczi > >>> wrote: > On Tue, Jan 9, 2018 at 9:45 PM, Alistair Francis > wrote: > > Can anyone who has done this before chime in. > > > > What do you think about getting someone to cleanup and improve the GDB > > support in QEMU? Would that be the right difficulty of task for a GSoC > > project? > > There is not enough information to give feedback on whether this > project idea is suitable. What are the specific tasks you'd like the > student to work on? > > In general, I'm sure there are well-defined 12-week project ideas > around the GDB stub. New features are easy to propose and are usually > well-defined (e.g. implement these commands that are documented in the > GDB protocol documentation). Cleaning up code is less clear and it > would depend on exactly what needs to be done. Interns will not have > a background in the QEMU codebase and may not be able to make > judgements about how to structure things, so I would be more careful > about refactoring/cleanup projects. > > Please see my talk about QEMU GSoC for guidelines on project ideas: > https://www.youtube.com/watch?v=xNVCX7YMUL8=19m11s > http://vmsplice.net/~stefan/stefanha-kvm-forum-2016.pdf > >>> > >>> That helps a lot, thanks for that. > >>> > >>> So for a more concrete solution, how would adding support for multi > >>> CPU support to the GDB server sound? > >>> > >>> This would allow GDB debugging for the A53 and the R5 on the Xilinx > >>> ZynqMP for example. This is something we have in the Xilinx tree, but > >>> it is in no state to go upstream and really needs to be re-write to be > >>> upstreamable and more generic. > >> > >> Excellent. Then they'll already have an idea of "how" it can be > >> achieved but have the freedom to write code that is most suitable for > >> upstream. That is a good starting point for a project. > >> > >> Here is the project idea template: > >> > >> === TITLE === > >> > >> '''Summary:''' Short description of the project > >> > >> Detailed description of the project. > >> > >> '''Links:''' > >> * Wiki links to relevant material > >> * External links to mailing lists or web sites > >> > >> '''Details:''' > >> * Skill level: beginner or intermediate or advanced > >> * Language: C > >> * Mentor: Email address and IRC nick > >> * Suggested by: Person who suggested the idea > >> > >> Once you have written down the project idea, please post it under > >> Internships/ProjectIdeas/MultiCPUGDBStub and then add it to the > >> Google_Summer_of_Code_2018 wiki page using the > >> "{{:Internships/ProjectIdeas/MultiCPUGDBStub}}" inlining syntax. > >> > >> Or if you prefer, just reply with the project idea to this email and > >> I'll post it on the wiki for you. > >> > >> Can you think of a co-mentor who would be willing to participate? It > >> makes internships easier when there are multiple mentors - less stress > >> for mentors, faster communication for students. > > > > Yep, here is my proposal. I don't have wiki access, so I can't add it > > myself. > > > > I think Philippe would be a good co-mentor, if he is happy to. I am > > also welcome to mentor other ideas, it doesn't have to be this one. > > I'm very happy to co-mentor with Alistair, I can manage at least 2h/w on it. I've added you to the wiki page. BTW, if you and Alistair don't have wiki accounts yet, let me know and I'll set it up for you. Stefan -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to jailhouse-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout. signature.asc Description: PGP signature