[PATCH] xen: Fix stack corruption in xen_failsafe_callback for 32bit PVOPS guests.

2013-01-16 Thread Andrew Cooper
(xen: Core Xen implementation), in 2.6.23. Signed-off-by: Frediano Ziglio frediano.zig...@citrix.com Signed-off-by: Andrew Cooper andrew.coop...@citrix.com Cc: sta...@vger.kernel.org --- Cc: oss-secur...@lists.openwall.com Cc: Konrad Rzeszutek Wilk kon...@kernel.org Cc: xen-de...@lists.xen.org Cc

Re: [PATCH v2 01/11] kexec: introduce kexec_ops struct

2012-11-22 Thread Andrew Cooper
. -hpa I agree that regular guests should not be using the kexec/kdump. However, this patch series is required for allowing a pvops kernel to be a crash kernel for Xen, which is very important from dom0/Xen's point of view. -- Andrew Cooper - Dom0 Kernel Engineer, Citrix XenServer T: +44 (0

Re: [PATCH v2 01/11] kexec: introduce kexec_ops struct

2012-11-22 Thread Andrew Cooper
On 22/11/2012 17:47, H. Peter Anvin wrote: The other thing that should be considered here is how utterly preposterous the notion of doing in-guest crash dumping is in a system that contains a hypervisor. The reason for kdump is that on bare metal there are no other options, but in a

Re: [PATCH v2 01/11] kexec: introduce kexec_ops struct

2012-11-22 Thread Andrew Cooper
On 23/11/2012 01:38, H. Peter Anvin wrote: I still don't really get why it can't be isolated from dom0, which would make more sense to me, even for a Xen crash. The crash region (as specified by crashkernel= on the Xen command line) is isolated from dom0. dom0 (using the kexec utility etc)

Re: [PATCH v3 00/11] xen: Initial kexec/kdump implementation

2012-12-27 Thread Andrew Cooper
On 27/12/2012 07:53, Eric W. Biederman wrote: The syscall ABI still has the wrong semantics. Aka totally unmaintainable and umergeable. The concept of domU support is also strange. What does domU support even mean, when the dom0 support is loading a kernel to pick up Xen when Xen falls

Re: [Xen-devel] [PATCH v3 00/11] xen: Initial kexec/kdump implementation

2013-01-02 Thread Andrew Cooper
On 27/12/12 18:02, Eric W. Biederman wrote: Andrew Cooperandrew.coop...@citrix.com writes: On 27/12/2012 07:53, Eric W. Biederman wrote: The syscall ABI still has the wrong semantics. Aka totally unmaintainable and umergeable. The concept of domU support is also strange. What does domU

Re: [Xen-devel] [PATCH v3 00/11] xen: Initial kexec/kdump implementation

2013-01-07 Thread Andrew Cooper
On 07/01/13 10:25, Ian Campbell wrote: On Fri, 2013-01-04 at 19:11 +, Konrad Rzeszutek Wilk wrote: On Fri, Jan 04, 2013 at 06:07:51PM +0100, Daniel Kiper wrote: Because current KEXEC_CMD_kexec_load does not load kernel image and other things into Xen memory. It means that it should live

Re: [Xen-devel] [PATCH] xen: Fix possible user space selector corruption

2013-10-03 Thread Andrew Cooper
these selectors are fixed (__USER_DS seems sticky). Bisecting the code commit 7076aada1040de4ed79a5977dbabdb5e5ea5e249 appears to be the first one that have this issue. Signed-off-by: Frediano Ziglio frediano.zig...@citrix.com In terms of the correctness of the fix, Reviewed-by: Andrew Cooper

Re: [Xen-devel] [PATCH] xen: Fix possible user space selector corruption

2013-10-04 Thread Andrew Cooper
On 04/10/13 14:20, Konrad Rzeszutek Wilk wrote: On Thu, Oct 03, 2013 at 01:51:32PM +0100, Frediano Ziglio wrote: On Thu, 2013-10-03 at 11:04 +0100, Andrew Cooper wrote: On 03/10/13 09:24, Frediano Ziglio wrote: Bisecting the code commit 7076aada1040de4ed79a5977dbabdb5e5ea5e249 appears

Re: [PATCH v2] xen: Fix possible user space selector corruption

2013-10-07 Thread Andrew Cooper
these selectors are fixed (__USER_DS seems sticky). Bisecting the code commit 7076aada1040de4ed79a5977dbabdb5e5ea5e249 appears to be the first one that have this issue. Signed-off-by: Frediano Ziglio frediano.zig...@citrix.com Reviewed-by: Andrew Cooper andrew.coop...@citrix.com --- arch/x86/xen

Re: [Xen-devel] [PATCH v4 3/5] xen: Put EFI machinery in place

2014-05-19 Thread Andrew Cooper
On 16/05/14 21:41, Daniel Kiper wrote: @@ -0,0 +1,374 @@ +/* + * EFI support for Xen. + * + * Copyright (C) 1999 VA Linux Systems + * Copyright (C) 1999 Walt Drummond drumm...@valinux.com + * Copyright (C) 1999-2002 Hewlett-Packard Co. + * David Mosberger-Tang dav...@hpl.hp.com + *

Re: igb and bnx2: NETDEV WATCHDOG: transmit queue timed out when skb has huge linear buffer

2014-02-05 Thread Andrew Cooper
On 05/02/2014 20:23, Zoltan Kiss wrote: On 04/02/14 19:47, Michael Chan wrote: On Fri, 2014-01-31 at 14:29 +0100, Zoltan Kiss wrote: [ 5417.275472] WARNING: at net/sched/sch_generic.c:255 dev_watchdog+0x156/0x1f0() [ 5417.275474] NETDEV WATCHDOG: eth1 (bnx2): transmit queue 2 timed out The

Re: [Xen-devel] [PATCH] allow xenfb initialization for hvm guests

2013-12-18 Thread Andrew Cooper
On 18/12/13 15:14, Konrad Rzeszutek Wilk wrote: On Wed, Dec 18, 2013 at 11:51:22AM +, Ian Campbell wrote: On Tue, 2013-12-17 at 17:53 +, Stefano Stabellini wrote: There is no reasons why an HVM guest shouldn't be allowed to use xenfb. As a matter of fact ARM guests, HVM from Linux POV,

Re: [Xen-devel] [PATCH v3 3/5] x86: Call efi_memblock_x86_reserve_range() on native EFI platform only

2014-03-26 Thread Andrew Cooper
On 26/03/2014 22:01, Daniel Kiper wrote: On Wed, Mar 26, 2014 at 01:57:23PM +, Matt Fleming wrote: On Wed, 26 Mar, at 02:48:45PM, Daniel Kiper wrote: On my machine this function crashes on Xen so that is why I have changed condition. However, if you say that this issue could be solved in

Re: [Xen-devel] [PATCH] x86/xen: Fix 32-bit PV guests's usage of kernel_stack

2014-04-09 Thread Andrew Cooper
On 09/04/14 15:29, David Vrabel wrote: On 09/04/14 15:21, Jan Beulich wrote: On 09.04.14 at 16:06, boris.ostrov...@oracle.com wrote: --- a/arch/x86/xen/xen-asm_32.S +++ b/arch/x86/xen/xen-asm_32.S @@ -88,7 +88,11 @@ ENTRY(xen_iret) * avoid having to reload %fs */ #ifdef

Re: [Xen-devel] [PATCH v3 1/7] xen-pciback: Document the various parameters and attributes in SysFS

2014-07-09 Thread Andrew Cooper
On 09/07/14 14:59, Konrad Rzeszutek Wilk wrote: +What: /sys/bus/pci/drivers/pciback/irq_handler_state +Date: Oct 2011 +KernelVersion: 3.1 +Contact:xen-de...@lists.xenproject.org +Description: +An option to toggle Xen PCI back to acknowledge (or

Re: [Xen-devel] [PATCH v3 1/7] xen-pciback: Document the various parameters and attributes in SysFS

2014-07-09 Thread Andrew Cooper
On 09/07/14 15:13, Konrad Rzeszutek Wilk wrote: On Wed, Jul 09, 2014 at 03:05:56PM +0100, Andrew Cooper wrote: On 09/07/14 14:59, Konrad Rzeszutek Wilk wrote: +What: /sys/bus/pci/drivers/pciback/irq_handler_state +Date: Oct 2011 +KernelVersion: 3.1 +Contact:xen

Re: [Xen-devel] [PATCH v3 4/7] xen/pciback: Implement PCI reset slot or bus with 'do_flr' SysFS attribute

2014-07-08 Thread Andrew Cooper
On 08/07/14 19:58, kon...@kernel.org wrote: From: Konrad Rzeszutek Wilk konrad.w...@oracle.com The life-cycle of a PCI device in Xen pciback is complex and is constrained by the PCI generic locking mechanism. It starts with the device being binded to us - for which being bound to us

Re: [Xen-devel] [PATCH v3 1/7] xen-pciback: Document the various parameters and attributes in SysFS

2014-07-08 Thread Andrew Cooper
On 08/07/14 19:58, kon...@kernel.org wrote: From: Konrad Rzeszutek Wilk konrad.w...@oracle.com Which hadn't been done with the initial commit. Signed-off-by: Konrad Rzeszutek Wilk konrad.w...@oracle.com --- Documentation/ABI/testing/sysfs-driver-pciback | 84

Re: [Xen-devel] xen: Fix possible page fault in fifo events

2014-07-15 Thread Andrew Cooper
On 15/07/14 14:48, Frediano Ziglio wrote: sync_test_bit function require a long* read access to pointer. This is a problem if the you are using last entry in the page causing an access to next page. If this page is not readable you get a memory access failure (page fault). All other x64 bit

Re: [Xen-devel] [PATCH 2/2] xen/pci: Use APIC directly when APIC virtualization is supported by hardware

2014-10-21 Thread Andrew Cooper
On 21/10/14 20:01, Boris Ostrovsky wrote: When hardware supports APIC/x2APIC virtualization we don't need to use pirqs for MSI handling and instead use APIC since most APIC accesses (MMIO or MSR) will now be processed without VMEXITs. As an example, netperf on the original code produces this

Re: [Xen-devel] [PATCH 3/3] xen: eliminate scalability issues from initial mapping setup

2014-09-05 Thread Andrew Cooper
On 05/09/14 08:55, Juergen Gross wrote: On 09/04/2014 04:43 PM, Andrew Cooper wrote: On 04/09/14 15:31, Jan Beulich wrote: On 04.09.14 at 15:02, andrew.coop...@citrix.com wrote: On 04/09/14 13:59, David Vrabel wrote: On 04/09/14 13:38, Juergen Gross wrote: Direct Xen to place the initial P-M

Re: [Xen-devel] [PATCH] Solved the Xen PV/KASLR riddle

2014-08-28 Thread Andrew Cooper
On 28/08/2014 19:01, Stefan Bader wrote: So not much further... but then I think I know what I do next. Probably should have done before. I'll replace the WARN_ON in vmalloc that triggers by a panic and at least get a crash dump of that situation when it occurs. Then I can dig in there

Re: [Xen-devel] [PATCH] Solved the Xen PV/KASLR riddle

2014-08-29 Thread Andrew Cooper
On 29/08/14 09:37, Stefan Bader wrote: On 29.08.2014 00:42, Andrew Cooper wrote: On 28/08/2014 19:01, Stefan Bader wrote: So not much further... but then I think I know what I do next. Probably should have done before. I'll replace the WARN_ON in vmalloc that triggers by a panic

Re: [Xen-devel] [PATCH] Solved the Xen PV/KASLR riddle

2014-08-29 Thread Andrew Cooper
On 29/08/14 15:32, Stefan Bader wrote: On 29.08.2014 16:19, Andrew Cooper wrote: On 29/08/14 09:37, Stefan Bader wrote: On 29.08.2014 00:42, Andrew Cooper wrote: On 28/08/2014 19:01, Stefan Bader wrote: So not much further... but then I think I know what I do next. Probably should have

Re: [Xen-devel] [PATCH 0/2] xen: Switch to virtual mapped linear p2m list

2014-10-28 Thread Andrew Cooper
On 28/10/14 09:51, Ian Campbell wrote: On Tue, 2014-10-28 at 06:00 +0100, Juergen Gross wrote: On 10/27/2014 04:16 PM, David Vrabel wrote: On 27/10/14 14:52, Juergen Gross wrote: Paravirtualized kernels running on Xen use a three level tree for translation of guest specific physical addresses

Re: [Xen-devel] [PATCH 0/2] xen: Switch to virtual mapped linear p2m list

2014-10-28 Thread Andrew Cooper
On 28/10/14 12:39, David Vrabel wrote: On 28/10/14 12:07, Juergen Gross wrote: Okay, back to the original question: is the (up to) 64 MB virtual mapping of the p2m list on 32-bit pv domains a problem or not? I think up-to 64 MiB of vmalloc area is fine. The vmalloc space can be increased

Re: [Xen-devel] [PATCH 0/2] xen: Switch to virtual mapped linear p2m list

2014-10-28 Thread Andrew Cooper
On 28/10/14 12:44, David Vrabel wrote: On 28/10/14 12:42, Andrew Cooper wrote: On 28/10/14 12:39, David Vrabel wrote: On 28/10/14 12:07, Juergen Gross wrote: Okay, back to the original question: is the (up to) 64 MB virtual mapping of the p2m list on 32-bit pv domains a problem or not? I

Re: [Xen-devel] [PATCH] x86/xen: Fix 64bit kernel pagetable setup of PV guests

2014-09-02 Thread Andrew Cooper
On 02/09/14 12:01, David Vrabel wrote: On 01/09/14 18:34, David Vrabel wrote: On 29/08/14 16:17, Stefan Bader wrote: This change might not be the fully correct approach as it basically removes the pre-set page table entry for the fixmap that is compile time set

Re: [Xen-devel] [V2 PATCH 1/1] PVH: set EFER.NX and EFER.SCE

2014-09-03 Thread Andrew Cooper
On 03/09/14 15:49, Boris Ostrovsky wrote: On 09/03/2014 09:58 AM, David Vrabel wrote: #endif diff --git a/arch/x86/xen/xen-head.S b/arch/x86/xen/xen-head.S index 485b695..a64b464 100644 --- a/arch/x86/xen/xen-head.S +++ b/arch/x86/xen/xen-head.S @@ -47,6 +47,40 @@ ENTRY(startup_xen)

Re: [Xen-devel] [PATCH 3/3] xen: eliminate scalability issues from initial mapping setup

2014-09-04 Thread Andrew Cooper
On 04/09/14 13:59, David Vrabel wrote: On 04/09/14 13:38, Juergen Gross wrote: Direct Xen to place the initial P-M table outside of the initial mapping, as otherwise the 1G (implementation) / 2G (theoretical) restriction on the size of the initial mapping limits the amount of memory a domain

Re: [Xen-devel] [PATCH 3/3] xen: eliminate scalability issues from initial mapping setup

2014-09-04 Thread Andrew Cooper
On 04/09/14 15:31, Jan Beulich wrote: On 04.09.14 at 15:02, andrew.coop...@citrix.com wrote: On 04/09/14 13:59, David Vrabel wrote: On 04/09/14 13:38, Juergen Gross wrote: Direct Xen to place the initial P-M table outside of the initial mapping, as otherwise the 1G (implementation) / 2G

Re: [Xen-devel] [PATCH V3 2/8] xen: Delay remapping memory of pv-domain

2014-11-11 Thread Andrew Cooper
On 11/11/14 05:43, Juergen Gross wrote: diff --git a/arch/x86/xen/p2m.c b/arch/x86/xen/p2m.c index fa75842..f67f8cf 100644 --- a/arch/x86/xen/p2m.c +++ b/arch/x86/xen/p2m.c @@ -268,6 +271,22 @@ static void p2m_init(unsigned long *p2m) p2m[i] = INVALID_P2M_ENTRY; } +static

Re: [Xen-devel] [PATCH 3/3] x86/xen: use the maximum MFN to calculate the required DMA mask

2014-11-13 Thread Andrew Cooper
On 12/11/14 15:55, Jan Beulich wrote: On 12.11.14 at 16:25, david.vra...@citrix.com wrote: +u64 +xen_swiotlb_get_required_mask(struct device *dev) +{ +u64 max_mfn; + +max_mfn = HYPERVISOR_memory_op(XENMEM_maximum_ram_page, NULL); + +return DMA_BIT_MASK(fls64(max_mfn

Re: [Xen-devel] [PATCH v4 0/2] xen/pci: Use APIC for MSIs when APIC virtualization is supported

2014-12-02 Thread Andrew Cooper
On 02/12/2014 20:48, Konrad Rzeszutek Wilk wrote: On Tue, Dec 02, 2014 at 03:19:11PM -0500, Boris Ostrovsky wrote: Changes in v4: * Added comment describing what we check for in pci_xen_init() Reviewed-by: Konrad Rzeszutek Wilk konrad.w...@oracle.com Reviewed-by: Andrew Cooper andrew.coop

Re: [Xen-devel] [PATCH] xen: privcmd: schedule() after private hypercall when non CONFIG_PREEMPT

2014-11-27 Thread Andrew Cooper
On 27/11/14 18:36, Luis R. Rodriguez wrote: On Thu, Nov 27, 2014 at 07:36:31AM +0100, Juergen Gross wrote: On 11/26/2014 11:26 PM, Luis R. Rodriguez wrote: From: Luis R. Rodriguez mcg...@suse.com Some folks had reported that some xen hypercalls take a long time to complete when issued from

Re: [Xen-devel] [RFC v3 2/2] x86/xen: allow privcmd hypercalls to be preempted

2015-01-22 Thread Andrew Cooper
On 22/01/15 02:17, Luis R. Rodriguez wrote: --- a/drivers/xen/events/events_base.c +++ b/drivers/xen/events/events_base.c @@ -32,6 +32,8 @@ #include linux/slab.h #include linux/irqnr.h #include linux/pci.h +#include linux/sched.h +#include linux/kprobes.h #ifdef CONFIG_X86

Re: [Xen-devel] [RFC v3 2/2] x86/xen: allow privcmd hypercalls to be preempted

2015-01-22 Thread Andrew Cooper
On 22/01/2015 20:58, Andy Lutomirski wrote: On Thu, Jan 22, 2015 at 12:37 PM, Steven Rostedt rost...@goodmis.org wrote: On Thu, 22 Jan 2015 12:24:47 -0800 Andy Lutomirski l...@amacapital.net wrote: Also, please remove the notrace, because function tracing goes an extra step to not require

Re: [RFC v3 1/2] x86/xen: add xen_is_preemptible_hypercall()

2015-01-22 Thread Andrew Cooper
that by adding a secondary hypercall page, calls made via the new page may be preempted. Andrew had originally submitted a version of this work [0]. [0] http://lists.xen.org/archives/html/xen-devel/2014-02/msg01056.html Based on original work by: Andrew Cooper andrew.coop...@citrix.com Cc

Re: [Xen-devel] [PATCH 02/13] xen: anchor linear p2m list in shared info structure

2015-02-18 Thread Andrew Cooper
On 18/02/15 10:42, Juergen Gross wrote: /* Set up p2m_top to point to the domain-builder provided p2m pages */ @@ -469,8 +473,10 @@ static pte_t *alloc_p2m_pmd(unsigned long addr, pte_t *pte_pg) ptechk = lookup_address(vaddr, level); if (ptechk == pte_pg) { +

Re: [Xen-devel] [PATCH 02/13] xen: anchor linear p2m list in shared info structure

2015-02-18 Thread Andrew Cooper
On 18/02/15 10:54, David Vrabel wrote: On 18/02/15 10:50, Andrew Cooper wrote: On 18/02/15 10:42, Juergen Gross wrote: /* Set up p2m_top to point to the domain-builder provided p2m pages */ @@ -469,8 +473,10 @@ static pte_t *alloc_p2m_pmd(unsigned long addr, pte_t *pte_pg

Re: [Xen-devel] NUMA_BALANCING and Xen PV guest regression in 3.20-rc0

2015-02-20 Thread Andrew Cooper
On 20/02/15 11:29, Kirill A. Shutemov wrote: On Fri, Feb 20, 2015 at 10:47:52AM +, Andrew Cooper wrote: On 20/02/15 01:49, Linus Torvalds wrote: On Thu, Feb 19, 2015 at 5:05 PM, Kirill A. Shutemov kir...@shutemov.name wrote: I'm feeling I miss very basic background on how Xen works

Re: [Xen-devel] NUMA_BALANCING and Xen PV guest regression in 3.20-rc0

2015-02-20 Thread Andrew Cooper
On 20/02/15 01:49, Linus Torvalds wrote: On Thu, Feb 19, 2015 at 5:05 PM, Kirill A. Shutemov kir...@shutemov.name wrote: I'm feeling I miss very basic background on how Xen works, but why does it set _PAGE_GLOBAL on userspace entries? It sounds strange to me. It is definitely strange. I'm

Re: [Xen-devel] [PATCH v5 2/2] x86/xen: allow privcmd hypercalls to be preempted on 64-bit

2015-01-27 Thread Andrew Cooper
On 27/01/15 08:35, Jan Beulich wrote: On 27.01.15 at 02:51, mcg...@do-not-panic.com wrote: Even if David told you this would be acceptable, I have to question an abstract model of fixing issues on only 64-bit kernels - this may be acceptable for distro purposes, but seems hardly the right

Re: [PATCH] [RFC] x86/cpu: Fix SMAP check in PVOPS environments

2015-04-21 Thread Andrew Cooper
On 21/04/2015 01:35, Andy Lutomirski wrote: On 04/20/2015 10:09 AM, Andrew Cooper wrote: There appears to be no formal statement of what pv_irq_ops.save_fl() is supposed to return precisely. Native returns the full flags, while lguest and Xen only return the Interrupt Flag, and both have

[PATCH] [RFC] x86/cpu: Fix SMAP check in PVOPS environments

2015-04-20 Thread Andrew Cooper
, but not consistent for all builds. It has also been a sitting timebomb since SMAP support was introduced. Use native_save_fl() instead, which will obtain an accurate view of the AC flag. Signed-off-by: Andrew Cooper andrew.coop...@citrix.com CC: Thomas Gleixner t...@linutronix.de CC: Ingo Molnar mi

Re: [Xen-devel] [PATCH] x86, paravirt, xen: Remove the 64-bit irq_enable_sysexit pvop

2015-04-06 Thread Andrew Cooper
On 06/04/2015 16:29, Andy Lutomirski wrote: On Mon, Apr 6, 2015 at 7:10 AM, Konrad Rzeszutek Wilk konrad.w...@oracle.com wrote: On Fri, Apr 03, 2015 at 03:52:30PM -0700, Andy Lutomirski wrote: [cc: Boris and Konrad. Whoops] On Fri, Apr 3, 2015 at 3:51 PM, Andy Lutomirski l...@kernel.org

[PATCH] x86/cpu: Fix SMAP check in PVOPS environments

2015-06-03 Thread Andrew Cooper
, but not consistent for all builds. It has also been a sitting timebomb since SMAP support was introduced. Use native_save_fl() instead, which will obtain an accurate view of the AC flag. Signed-off-by: Andrew Cooper andrew.coop...@citrix.com Reviewed-by: David Vrabel david.vra...@citrix.com Tested

Re: [PATCH] x86/cpu: Fix SMAP check in PVOPS environments

2015-06-04 Thread Andrew Cooper
On 04/06/15 07:38, H. Peter Anvin wrote: On 06/03/2015 02:31 AM, Andrew Cooper wrote: There appears to be no formal statement of what pv_irq_ops.save_fl() is supposed to return precisely. Native returns the full flags, while lguest and Xen only return the Interrupt Flag, and both have

Re: [Xen-devel] [PATCH 95/98] HACK: fix include/uapi/xen/privcmd.h compilation in userspace

2015-05-30 Thread Andrew Cooper
On 30/05/15 16:39, Mikko Rapeli wrote: privcmd.h depends on xen/interface/xen.h which is now exported to userspace. xen/interface/xen.h then depends on asm/xen/interface.h which is now exported to userspace together with its dependencies asm/xen/interface_32.h, asm/xen/interface_64.h and

Re: [Xen-devel] [PATCH v4 0/3] x86: modify_ldt improvement, test, and config option

2015-07-28 Thread Andrew Cooper
On 29/07/2015 01:21, Andy Lutomirski wrote: On Tue, Jul 28, 2015 at 10:10 AM, Boris Ostrovsky boris.ostrov...@oracle.com wrote: On 07/28/2015 01:07 PM, Andy Lutomirski wrote: On Tue, Jul 28, 2015 at 9:30 AM, Andrew Cooper andrew.coop...@citrix.com wrote: I suspect that the set_ldt(NULL, 0

Re: [PATCH v4 0/3] x86: modify_ldt improvement, test, and config option

2015-07-28 Thread Andrew Cooper
On 28/07/15 15:05, Boris Ostrovsky wrote: On 07/28/2015 06:29 AM, Andrew Cooper wrote: After forward-porting my virtio patches, I got this thing to run on Xen. After several tries, I got: [ 53.985707] [ cut here ] [ 53.986314] kernel BUG at arch/x86/xen

Re: [Xen-devel] [PATCH v4 0/3] x86: modify_ldt improvement, test, and config option

2015-07-29 Thread Andrew Cooper
On 29/07/2015 23:05, Andy Lutomirski wrote: On Wed, Jul 29, 2015 at 2:37 PM, Andrew Cooper andrew.coop...@citrix.com wrote: On 29/07/2015 22:26, Andy Lutomirski wrote: On Wed, Jul 29, 2015 at 2:23 PM, Boris Ostrovsky boris.ostrov...@oracle.com wrote: On 07/29/2015 03:03 PM, Andrew Cooper

Re: [Xen-devel] [PATCH v4 0/3] x86: modify_ldt improvement, test, and config option

2015-07-29 Thread Andrew Cooper
On 29/07/2015 22:26, Andy Lutomirski wrote: On Wed, Jul 29, 2015 at 2:23 PM, Boris Ostrovsky boris.ostrov...@oracle.com wrote: On 07/29/2015 03:03 PM, Andrew Cooper wrote: On 29/07/15 15:43, Boris Ostrovsky wrote: FYI, I have got a repro now and am investigating. Good and bad news. This bug

Re: [Xen-devel] [PATCH v4 0/3] x86: modify_ldt improvement, test, and config option

2015-07-29 Thread Andrew Cooper
On 29/07/15 15:43, Boris Ostrovsky wrote: FYI, I have got a repro now and am investigating. Good and bad news. This bug has nothing to do with LDTs themselves. I have worked out what is going on, but this: diff --git a/arch/x86/xen/enlighten.c b/arch/x86/xen/enlighten.c index 5abeaac..7e1a82e

Re: [Xen-devel] [PATCH v4 0/3] x86: modify_ldt improvement, test, and config option

2015-07-29 Thread Andrew Cooper
On 30/07/2015 00:13, Andy Lutomirski wrote: On Wed, Jul 29, 2015 at 4:02 PM, Andrew Cooper andrew.coop...@citrix.com wrote: On 29/07/2015 23:49, Boris Ostrovsky wrote: On 07/29/2015 06:46 PM, David Vrabel wrote: On 29/07/2015 23:11, Andrew Cooper wrote: On 29/07/2015 23:05, Andy Lutomirski

Re: [Xen-devel] [PATCH v4 0/3] x86: modify_ldt improvement, test, and config option

2015-07-29 Thread Andrew Cooper
On 29/07/2015 23:49, Boris Ostrovsky wrote: On 07/29/2015 06:46 PM, David Vrabel wrote: On 29/07/2015 23:11, Andrew Cooper wrote: On 29/07/2015 23:05, Andy Lutomirski wrote: On Wed, Jul 29, 2015 at 2:37 PM, Andrew Cooper andrew.coop...@citrix.com wrote: On 29/07/2015 22:26, Andy Lutomirski

Re: [PATCH v6 2/4] x86/ldt: Make modify_ldt synchronous

2015-07-30 Thread Andrew Cooper
On 30/07/2015 22:31, Andy Lutomirski wrote: Note to -stable maintainers: by itself, this patch makes a pre-existing Xen bug much easier to trigger; on a 32-bit Xen guest, the new ldt_gdt selftest is likely to OOPS. Even without this patch, the test can OOPS, but it's much less likely to

Re: [PATCH v6 0/4] x86: modify_ldt improvement, test, and config option

2015-07-31 Thread Andrew Cooper
On 31/07/15 14:44, Boris Ostrovsky wrote: On 07/31/2015 05:10 AM, Andrew Cooper wrote: On 30/07/15 22:31, Andy Lutomirski wrote: This is intended for x86/urgent. Sorry for taking so long, but it seemed nice to avoid breaking Xen. Very much appreciated. Thanks! This fixes the dazed

Re: [Xen-devel] [PATCH v4 0/3] x86: modify_ldt improvement, test, and config option

2015-07-30 Thread Andrew Cooper
On 30/07/15 19:30, Andy Lutomirski wrote: On Wed, Jul 29, 2015 at 5:29 PM, Andrew Cooper andrew.coop...@citrix.com wrote: On 30/07/2015 00:13, Andy Lutomirski wrote: On Wed, Jul 29, 2015 at 4:02 PM, Andrew Cooper andrew.coop...@citrix.com wrote: On 29/07/2015 23:49, Boris Ostrovsky wrote

Re: [PATCH v4 0/3] x86: modify_ldt improvement, test, and config option

2015-07-28 Thread Andrew Cooper
On 28/07/15 15:50, Boris Ostrovsky wrote: On 07/28/2015 10:35 AM, Andrew Cooper wrote: On 28/07/15 15:05, Boris Ostrovsky wrote: On 07/28/2015 06:29 AM, Andrew Cooper wrote: After forward-porting my virtio patches, I got this thing to run on Xen. After several tries, I got: [ 53.985707

Re: [PATCH v4 0/3] x86: modify_ldt improvement, test, and config option

2015-07-28 Thread Andrew Cooper
On 28/07/15 04:16, Andy Lutomirski wrote: On Mon, Jul 27, 2015 at 7:20 PM, Andy Lutomirski l...@amacapital.net wrote: On Mon, Jul 27, 2015 at 9:18 AM, Boris Ostrovsky boris.ostrov...@oracle.com wrote: On 07/27/2015 11:53 AM, Andy Lutomirski wrote: On Mon, Jul 27, 2015 at 8:36 AM, Boris

Re: [PATCH v4 0/3] x86: modify_ldt improvement, test, and config option

2015-07-28 Thread Andrew Cooper
On 28/07/15 16:43, Andy Lutomirski wrote: After forward-porting my virtio patches, I got this thing to run on Xen. After several tries, I got: [ 53.985707] [ cut here ] [ 53.986314] kernel BUG at arch/x86/xen/enlighten.c:496! [ 53.986677] invalid opcode:

Re: [Xen-devel] [PATCH 0/8] Use correctly the Xen memory terminologies in Linux

2015-07-28 Thread Andrew Cooper
On 28/07/15 22:06, H. Peter Anvin wrote: On 07/28/2015 08:02 AM, Julien Grall wrote: Hi all, This patch series aims to use the memory terminologies described in include/linux/mm.h [1] for Linux xen code. Linux is using mistakenly MFN when GFN is meant, I suspect this is because the first

Re: [Xen-devel] [PATCH v5 0/4] x86: modify_ldt improvement, test, and config option

2015-07-30 Thread Andrew Cooper
On 30/07/15 17:31, Boris Ostrovsky wrote: On 07/30/2015 12:12 PM, Andrew Cooper wrote: On 30/07/15 17:05, Borislav Petkov wrote: On Thu, Jul 30, 2015 at 11:53:34AM -0400, Boris Ostrovsky wrote: As far as Xen guests are concerned, Tested-by: Boris Ostrovsky boris.ostrov...@oracle.com Does

Re: [PATCH v6 0/4] x86: modify_ldt improvement, test, and config option

2015-07-31 Thread Andrew Cooper
On 30/07/15 22:31, Andy Lutomirski wrote: This is intended for x86/urgent. Sorry for taking so long, but it seemed nice to avoid breaking Xen. Very much appreciated. Thanks! This fixes the dazed and confused issue which was exposed by the CVE-2015-5157 fix. It's also probably a good

Re: [Xen-devel] [PATCH v5 0/4] x86: modify_ldt improvement, test, and config option

2015-07-30 Thread Andrew Cooper
On 30/07/15 17:05, Borislav Petkov wrote: On Thu, Jul 30, 2015 at 11:53:34AM -0400, Boris Ostrovsky wrote: As far as Xen guests are concerned, Tested-by: Boris Ostrovsky boris.ostrov...@oracle.com Does that mean, this patch 1/4 fixes the 32bit issue you guys are still debugging on the v4

Re: [Xen-devel] [PATCH v4 0/3] x86: modify_ldt improvement, test, and config option

2015-07-29 Thread Andrew Cooper
On 29/07/15 06:28, Andy Lutomirski wrote: On Tue, Jul 28, 2015 at 8:01 PM, Boris Ostrovsky boris.ostrov...@oracle.com wrote: On 07/28/2015 08:47 PM, Andrew Cooper wrote: On 29/07/2015 01:21, Andy Lutomirski wrote: On Tue, Jul 28, 2015 at 10:10 AM, Boris Ostrovsky boris.ostrov...@oracle.com

Re: Getting rid of invalid SYSCALL RSP under Xen?

2015-07-27 Thread Andrew Cooper
On 27/07/15 00:27, Andy Lutomirski wrote: For SYSRET, I think the way to go is to force Xen to always use the syscall slow path. Instead, Xen could hook into syscall_return_via_sysret or even right before the opportunistic sysret stuff. Then we could remove the USERGS_SYSRET hooks entirely.

Re: Getting rid of invalid SYSCALL RSP under Xen?

2015-07-26 Thread Andrew Cooper
On 23/07/2015 17:49, Andy Lutomirski wrote: Hi- Hi. Apologies for the delay. I have been out of the office for a few days. In entry_64.S, we have: ENTRY(entry_SYSCALL_64) /* * Interrupts are off on entry. * We do not frame this tiny irq-off block with TRACE_IRQS_OFF/ON,

Re: Getting rid of invalid SYSCALL RSP under Xen?

2015-07-26 Thread Andrew Cooper
On 26/07/2015 23:08, Andy Lutomirski wrote: If so, can we just enter later on: pushq%r11/* pt_regs-flags */ pushq$__USER_CS/* pt_regs-cs */ pushq%rcx/* pt_regs-ip */ -- Xen enters here pushq%rax

Re: [PATCH v2 1/3] x86/ldt: Make modify_ldt synchronous

2015-07-21 Thread Andrew Cooper
On 22/07/2015 01:07, Andy Lutomirski wrote: On Tue, Jul 21, 2015 at 4:38 PM, Andrew Cooper andrew.coop...@citrix.com wrote: On 21/07/2015 22:53, Boris Ostrovsky wrote: On 07/21/2015 03:59 PM, Andy Lutomirski wrote: --- a/arch/x86/include/asm/mmu_context.h +++ b/arch/x86/include/asm

Re: [PATCH v2 1/3] x86/ldt: Make modify_ldt synchronous

2015-07-21 Thread Andrew Cooper
On 22/07/2015 01:28, Andy Lutomirski wrote: On Tue, Jul 21, 2015 at 5:21 PM, Andrew Cooper andrew.coop...@citrix.com wrote: On 22/07/2015 01:07, Andy Lutomirski wrote: On Tue, Jul 21, 2015 at 4:38 PM, Andrew Cooper andrew.coop...@citrix.com wrote: On 21/07/2015 22:53, Boris Ostrovsky wrote

Re: [PATCH v2 1/3] x86/ldt: Make modify_ldt synchronous

2015-07-21 Thread Andrew Cooper
On 21/07/2015 22:53, Boris Ostrovsky wrote: On 07/21/2015 03:59 PM, Andy Lutomirski wrote: --- a/arch/x86/include/asm/mmu_context.h +++ b/arch/x86/include/asm/mmu_context.h @@ -34,6 +34,44 @@ static inline void load_mm_cr4(struct mm_struct *mm) {} #endif /* + * ldt_structs can be

Re: [PATCH] x86/cpu: Fix SMAP check in PVOPS environments

2015-11-17 Thread Andrew Cooper
Ping? None of the discussion on this thread altered the contents of this patch, and the bug is still present. ~Andrew On 03/06/15 10:31, Andrew Cooper wrote: > There appears to be no formal statement of what pv_irq_ops.save_fl() is > supposed to return precisely. Native returns the full

Re: [Xen-devel] [RFC PATCH] Use vAPIC when doing IPI for PVHVM guests.

2015-10-08 Thread Andrew Cooper
On 08/10/15 06:05, Juergen Gross wrote: > On 10/07/2015 10:21 PM, Konrad Rzeszutek Wilk wrote: >> Hey, >> >> I was running some tools in which we would heavily do rescheduling >> of events - and realized to my surprise that the event channels (and >> the hypercall) would slow things down. If I

Re: [Xen-devel] [PATCH 0/3] x86/paravirt: Fix baremetal paravirt MSR ops

2015-09-17 Thread Andrew Cooper
On 17/09/15 00:33, Andy Lutomirski wrote: > Setting CONFIG_PARAVIRT=y has an unintended side effect: it silently > turns all rdmsr and wrmsr operations into the safe variants without > any checks that the operations actually succeed. > > This is IMO awful: it papers over bugs. In particular, KVM

Re: [Xen-devel] [PATCH 0/3] x86/paravirt: Fix baremetal paravirt MSR ops

2015-09-17 Thread Andrew Cooper
On 17/09/15 16:27, Borislav Petkov wrote: > On Thu, Sep 17, 2015 at 01:39:26PM +0200, Paolo Bonzini wrote: >> That's not a big deal, that's what *_safe is for. The problem is that >> there are definitely some cases where the *_safe version is not being used. > I mean to do feature checks which

Re: [Xen-devel] [PATCH v2 0/3] Fix and cleanup for 32-bit PV sysexit

2015-12-15 Thread Andrew Cooper
On 19/11/15 22:07, Andy Lutomirski wrote: > On Thu, Nov 19, 2015 at 1:55 PM, Boris Ostrovsky > wrote: >> The first patch fixes Xen PV regression introduced by 32-bit rewrite. Unlike >> the >> earlier version it uses ALTERNATIVE instruction and avoids using xen_sysexit

Re: [Xen-devel] new barrier type for paravirt (was Re: [PATCH] virtio_ring: use smp_store_mb)

2015-12-20 Thread Andrew Cooper
On 20/12/15 09:25, Michael S. Tsirkin wrote: > On Thu, Dec 17, 2015 at 03:39:10PM +0100, Peter Zijlstra wrote: >> On Thu, Dec 17, 2015 at 04:33:44PM +0200, Michael S. Tsirkin wrote: >>> On Thu, Dec 17, 2015 at 02:57:26PM +0100, Peter Zijlstra wrote: You could of course go fix that instead of

Re: [Xen-devel] [PATCH] xen/x86: Adjust stack pointer in xen_sysexit

2015-11-17 Thread Andrew Cooper
On 17/11/15 18:49, Andy Lutomirski wrote: > On Nov 17, 2015 6:40 AM, "Boris Ostrovsky" wrote: >> On 11/16/2015 04:55 PM, H. Peter Anvin wrote: >>> On 11/16/15 12:22, Borislav Petkov wrote: Huh, so what's wrong with a jump: jmp 1f

Re: [Xen-devel] [PATCH] xen/x86: Adjust stack pointer in xen_sysexit

2015-11-17 Thread Andrew Cooper
On 17/11/15 19:16, Andy Lutomirski wrote: > On Tue, Nov 17, 2015 at 11:12 AM, Andrew Cooper > <andrew.coop...@citrix.com> wrote: >> On 17/11/15 18:49, Andy Lutomirski wrote: >>> On Nov 17, 2015 6:40 AM, "Boris Ostrovsky" <boris.ostrov...@oracle.com>

Re: [Xen-devel] crash tool - problem with new Xen linear virtual mapped sparse p2m list

2015-11-24 Thread Andrew Cooper
On 24/11/15 10:17, Petr Tesarik wrote: > On Tue, 24 Nov 2015 10:09:01 + > David Vrabel wrote: > >> On 24/11/15 09:55, Malcolm Crossley wrote: >>> On 24/11/15 08:59, Jan Beulich wrote: >>> On 24.11.15 at 07:55, wrote: > What about: > >

Re: [Xen-devel] crash tool - problem with new Xen linear virtual mapped sparse p2m list

2015-11-24 Thread Andrew Cooper
On 24/11/15 13:41, Andrew Cooper wrote: > On 24/11/15 13:39, Jan Beulich wrote: >>>>> On 24.11.15 at 13:57, <ptesa...@suse.cz> wrote: >>> V Tue, 24 Nov 2015 10:35:03 + >>> Andrew Cooper <andrew.coop...@citrix.com> napsáno: >>> >>

Re: [Xen-devel] crash tool - problem with new Xen linear virtual mapped sparse p2m list

2015-11-24 Thread Andrew Cooper
On 24/11/15 13:39, Jan Beulich wrote: >>>> On 24.11.15 at 13:57, <ptesa...@suse.cz> wrote: >> V Tue, 24 Nov 2015 10:35:03 + >> Andrew Cooper <andrew.coop...@citrix.com> napsáno: >> >>> On 24/11/15 10:17, Petr Tesarik wrote: >>>>

Re: [Xen-devel] [PATCH v2 3/3] paravirt: rename paravirt_enabled to paravirt_legacy

2016-02-08 Thread Andrew Cooper
On 08/02/16 15:55, Borislav Petkov wrote: > On Mon, Feb 08, 2016 at 10:39:43AM -0500, Boris Ostrovsky wrote: >> It does. Very much IIRC, the problem was not caused by an access to MSR but >> rather some sort of address not being available somewhere. > See below. > >>> - microcode application on

Re: [Xen-devel] [PATCH v2 3/3] paravirt: rename paravirt_enabled to paravirt_legacy

2016-02-08 Thread Andrew Cooper
On 08/02/16 16:12, Boris Ostrovsky wrote: > > > On 02/08/2016 11:05 AM, Andrew Cooper wrote: >> >> For compatibility with other virtualisation specs, Xen's cpuid leaves >> shift depending on configuration. >> >> Spec at >> http://xenbits.xen.org/gitwe

Re: [Xen-devel] [PATCH v2 3/3] paravirt: rename paravirt_enabled to paravirt_legacy

2016-02-08 Thread Andrew Cooper
On 08/02/16 16:31, Boris Ostrovsky wrote: > > > On 02/08/2016 11:26 AM, Andrew Cooper wrote: >> On 08/02/16 16:12, Boris Ostrovsky wrote: >>> >>> On 02/08/2016 11:05 AM, Andrew Cooper wrote: >>>> For compatibility with other virtualisation s

Re: [Xen-devel] [PATCH v2 3/3] paravirt: rename paravirt_enabled to paravirt_legacy

2016-02-08 Thread Andrew Cooper
On 08/02/16 16:35, Borislav Petkov wrote: > On Mon, Feb 08, 2016 at 11:31:04AM -0500, Boris Ostrovsky wrote: >> I think we are OK for PV because this code will be executed after pvops are >> set and so we will be calling xen_cpuid(). > Not for the early loader - it is too early for pvops then. So

Re: [Xen-devel] [PATCH v2 3/3] paravirt: rename paravirt_enabled to paravirt_legacy

2016-02-08 Thread Andrew Cooper
On 08/02/16 16:45, Borislav Petkov wrote: > On Mon, Feb 08, 2016 at 04:38:40PM +0000, Andrew Cooper wrote: >> Does the early loader have extable support? If so, this is fairly easy >> to fix. If not, we have a problem. > It doesn't and regardless, you want to have this CPUID qu

Re: [Xen-devel] [PATCH v2 02/11] xen/hvmlite: Bootstrap HVMlite guest

2016-02-03 Thread Andrew Cooper
On 03/02/16 18:55, Luis R. Rodriguez wrote: > We add new hypervisor type to close the semantic gap for hypervisor types, and > much like subarch enable also a subarch_data to let you pass and use your > hvmlite_start_info. This would not only help with the semantics but also help > avoid

Re: [Xen-devel] [PATCH v2 02/11] xen/hvmlite: Bootstrap HVMlite guest

2016-02-03 Thread Andrew Cooper
On 03/02/2016 23:59, Luis R. Rodriguez wrote: > On Wed, Feb 03, 2016 at 08:52:50PM +0000, Andrew Cooper wrote: >> On 03/02/16 18:55, Luis R. Rodriguez wrote: >>> We add new hypervisor type to close the semantic gap for hypervisor types, >>> and >>> much lik

Re: [Xen-devel] [PATCH] xen/x86: Zero out .bss for PV guests

2016-02-24 Thread Andrew Cooper
On 24/02/16 14:12, David Vrabel wrote: > On 22/02/16 22:06, Boris Ostrovsky wrote: >> Baremetal kernels clear .bss early in the boot. Since Xen PV guests don't >> excecute that early code they should do it too. >> >> (Since we introduce macros for specifying 32- and 64-bit registers we >> can get

Re: [Xen-devel] [PATCH 1/2] hvc_xen: add earlycon support

2016-02-24 Thread Andrew Cooper
On 24/02/16 17:18, Konrad Rzeszutek Wilk wrote: >> I could do the same here by dropping the if (!xen_pv_domain()) check >> above, but then if somebody specifies earlyprintk=xenboot on a non-Xen >> environment, I expect Linux would crash. > Nah, you made it "Work" with: > commit

Re: [Xen-devel] [PATCH v2] xen/x86: Zero out .bss for PV guests

2016-02-24 Thread Andrew Cooper
On 24/02/16 15:19, Boris Ostrovsky wrote: > Baremetal kernels clear .bss early in the boot but Xen PV guests don't > execute that code. They have been able to run without problems because > Xen domain builder happens to give out zeroed pages. However, since this > is not really guaranteed, .bss

Re: [Xen-devel] [PATCH v1 04/12] xen/hvmlite: Bootstrap HVMlite guest

2016-01-22 Thread Andrew Cooper
On 22/01/2016 23:32, Luis R. Rodriguez wrote: > On Fri, Jan 22, 2016 at 04:35:50PM -0500, Boris Ostrovsky wrote: >> +/* >> + * See Documentation/x86/boot.txt. >> + * >> + * Version 2.12 supports Xen entry point but we will use default x86/PC >> + * environment (i.e.

Re: [Xen-devel] [PATCH v1 04/12] xen/hvmlite: Bootstrap HVMlite guest

2016-01-23 Thread Andrew Cooper
On 23/01/2016 00:55, Luis R. Rodriguez wrote: > On Fri, Jan 22, 2016 at 4:30 PM, Andrew Cooper > <andrew.coop...@citrix.com> wrote: >> the DMLite boot >> protocol is OS agnostic, and will be staying that way. > What's the DMLite boot protocol? It is a statement of th

Re: [Xen-devel] Does __KERNEL_DS serve a purpose?

2016-04-08 Thread Andrew Cooper
On 08/04/16 23:06, Andy Lutomirski wrote: > On Fri, Apr 8, 2016 at 10:12 AM, Paolo Bonzini wrote: >> >> On 08/04/2016 18:00, Andy Lutomirski wrote: >>> But %ss can be loaded with 0 on 64-bit kernels. (I assume that >>> loading 0 into %ss sets SS.DPL to 0 if done at CPL0, but

Re: [Xen-devel] Does __KERNEL_DS serve a purpose?

2016-04-08 Thread Andrew Cooper
On 08/04/2016 01:24, Andy Lutomirski wrote: > I can't see any reason that we need the __KERNEL_DS segment at all -- > I think that everything that uses __KERNEL_DS could use __USER_DS > instead. Am I missing anything? This has been bugging me for a > while. > > I mulled over this a bit when

Re: [PATCH v2 07/10] x86/entry: Vastly simplify SYSENTER TF handling

2016-03-06 Thread Andrew Cooper
On 06/03/16 17:36, Andy Lutomirski wrote: > >> I haven't read the Xen hypervisor code, but what are those 5 words >> that were pushed on the stack by the hypervisor? It suspiciously is >> the size of an IRET frame. > I think it is nominally an IRET frame. It is a notminal IRET frame. Even to

  1   2   >