On Wed, May 22, 2024 at 05:39:02PM +0200, Marek Marczykowski-Górecki wrote:
> On older systems, XHCI xcap had a layout that no other (interesting) registers
> were placed on the same page as the debug capability, so Linux was fine with
> making the whole page R/O. But at least on T
plenty of it). This
configuration is already documented as unsafe with untrusted guests and
not security supported.
Signed-off-by: Marek Marczykowski-Górecki
---
Changes in v4:
- restore mmio_ro_ranges in the fallback case
- set XHCI_SHARE_NONE in the fallback case
Changes in v3:
- indentation fix
a generic API for making just parts of an MMIO page R/O and use it to fix
USB3 console with share=yes or share=hwdom options. More details in commit
messages.
Marek Marczykowski-Górecki (2):
x86/mm: add API for marking only part of a MMIO page read only
drivers/char: Use sub-page ro API to make
removed from mmio_ro_ranges too
early). Debug build has asserts for relevant cases.
Signed-off-by: Marek Marczykowski-Górecki
---
Shadow mode is not tested, but I don't expect it to work differently than
HAP in areas related to this patch.
Changes in v4:
- rename SUBPAGE_MMIO_RO_ALIGN
On Wed, May 22, 2024 at 03:29:51PM +0200, Jan Beulich wrote:
> On 22.05.2024 15:22, Marek Marczykowski-Górecki wrote:
> > On Wed, May 22, 2024 at 09:52:44AM +0200, Jan Beulich wrote:
> >> On 21.05.2024 04:54, Marek Marczykowski-Górecki wrote:
> >>> +static v
On Wed, May 22, 2024 at 09:52:44AM +0200, Jan Beulich wrote:
> On 21.05.2024 04:54, Marek Marczykowski-Górecki wrote:
> > +static void subpage_mmio_write_emulate(
> > +mfn_t mfn,
> > +unsigned int offset,
> > +const void *data,
> > +unsigne
On Wed, May 22, 2024 at 10:05:05AM +0200, Jan Beulich wrote:
> On 21.05.2024 04:54, Marek Marczykowski-Górecki wrote:
> > --- a/xen/drivers/char/xhci-dbc.c
> > +++ b/xen/drivers/char/xhci-dbc.c
> > @@ -1216,20 +1216,19 @@ static void __init cf_check
> > dbc_uart_init
On Wed, May 22, 2024 at 09:52:44AM +0200, Jan Beulich wrote:
> On 21.05.2024 04:54, Marek Marczykowski-Górecki wrote:
> > --- a/xen/arch/x86/hvm/hvm.c
> > +++ b/xen/arch/x86/hvm/hvm.c
> > @@ -2009,6 +2009,14 @@ int hvm_hap_nested_page_fault(paddr_t gpa, unsigned
> >
On Tue, May 21, 2024 at 05:16:58PM +0200, Jan Beulich wrote:
> On 21.05.2024 04:54, Marek Marczykowski-Górecki wrote:
> > --- a/xen/arch/x86/include/asm/mm.h
> > +++ b/xen/arch/x86/include/asm/mm.h
> > @@ -522,9 +522,27 @@ extern struct rangeset *mmio_ro_ranges;
> > voi
priority series, so if it won't hit 4.19, it's okay with me too.
Marek Marczykowski-Górecki (2):
x86/mm: add API for marking only part of a MMIO page read only
drivers/char: Use sub-page ro API to make just xhci dbc cap RO
xen/arch/x86/hvm/emulate.c | 2 +-
xen/arch/x86/hvm/hvm.c
plenty of it). This
configuration is already documented as unsafe with untrusted guests and
not security supported.
Signed-off-by: Marek Marczykowski-Górecki
---
Changes in v3:
- indentation fix
- remove stale comment
- fallback to pci_ro_device() if subpage_mmio_ro_add() fails
- extend commit
already added to mmio_ro_ranges separately.
Successful calls would result in correct handling, but error paths may
result in incorrect state (like pages removed from mmio_ro_ranges too
early). Debug build has asserts for relevant cases.
Signed-off-by: Marek Marczykowski-Górecki
---
Shadow mode
On Fri, May 17, 2024 at 05:40:52PM -0700, Stefano Stabellini wrote:
> On Thu, 16 May 2024, Marek Marczykowski-Górecki wrote:
> > Add minimal linux-stubdom smoke test. It starts a simple HVM with
> > linux-stubdom. The actual stubdom implementation is taken from Qubes OS
> >
../../tools/include/xen-sd-notify.h:45:3:
error: cleanup argument not a function
45 | int __attribute__((cleanup(sd_closep))) fd = -1;
| ^~~
--
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
signature.asc
Description: PGP signature
Based on the initial stubdomain test add booting from CDOM. It's
significantly different in terms of emulated devices (contrary to PV
disk, the cdrom is backed by qemu), so test that path too.
Schedule it on the AMD runner, as it has less tests right now.
Signed-off-by: Marek Marczykowski-Górecki
Make it run on newer runners that have new enough kernel for
dracut-install.
Signed-off-by: Marek Marczykowski-Górecki
---
automation/gitlab-ci/build.yaml | 3 +++
1 file changed, 3 insertions(+)
diff --git a/automation/gitlab-ci/build.yaml b/automation/gitlab-ci/build.yaml
index 9b9e5464f179
Especially allow it to control MSI/MSI-X enabling bits. This part only
writes a flag to a sysfs, the actual implementation is on the kernel
side.
This requires Linux >= 5.10 in dom0 (or relevant patch backported).
Signed-off-by: Marek Marczykowski-Górecki
---
tools/libs/light/libxl_pci.c
And start collecting qemu log earlier, so it isn't lost in case of a
timeout during domain startup.
Signed-off-by: Marek Marczykowski-Górecki
---
automation/scripts/qemu-alpine-x86_64.sh| 2 +-
automation/scripts/qemu-smoke-dom0-arm32.sh | 2 +-
automation/scripts/qemu-smoke-dom0-arm64.sh
Signed-off-by: Marek Marczykowski-Górecki
---
automation/scripts/qubes-x86-64.sh | 2 ++
1 file changed, 2 insertions(+)
diff --git a/automation/scripts/qubes-x86-64.sh
b/automation/scripts/qubes-x86-64.sh
index d81ed7b931cf..4beeff17d31b 100755
--- a/automation/scripts/qubes-x86-64.sh
+++ b
It fails on larger initramfs (~250MB one), let Linux do it.
Signed-off-by: Marek Marczykowski-Górecki
---
automation/scripts/qubes-x86-64.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/automation/scripts/qubes-x86-64.sh
b/automation/scripts/qubes-x86-64.sh
index
---
automation/gitlab-ci/build.yaml | 19 ---
automation/gitlab-ci/test.yaml | 9 -
2 files changed, 24 insertions(+), 4 deletions(-)
diff --git a/automation/gitlab-ci/build.yaml b/automation/gitlab-ci/build.yaml
index f1e6a6144c90..88a59692a881 100644
---
this bumps kernel version requirement on docker runners -
dracut-install uses faccessat2() syscall which was introduced in Linux
5.8.
Signed-off-by: Marek Marczykowski-Górecki
---
automation/build/alpine/3.18-arm64v8.dockerfile | 49 +--
automation/build/alpine/3.18.dockerfile
rectly. For this reason, prepare bootsector as part of the Xen build
(which runs on x86_64) and then prepend do the disk image during the
test (and adjust partitions table afterwards).
Signed-off-by: Marek Marczykowski-Górecki
---
The test is implemented using hardware runner, becaus
Update 6.1.x kernel to the latest version in this branch. This is
especially needed to include MSI-X related fixes for stubdomain
("xen-pciback: Consider INTx disabled when MSI/MSI-X is enabled").
Signed-off-by: Marek Marczykowski-Górecki
---
automation/gitlab-ci/
Based on the initial stubdomain test and existing PCI passthrough tests,
add one that combines both.
Schedule it on the AMD runner, as it has less tests right now.
Signed-off-by: Marek Marczykowski-Górecki
---
automation/gitlab-ci/test.yaml | 8
automation/scripts/qubes-x86-64.sh
Fedora 29 is long EOL
Signed-off-by: Marek Marczykowski-Górecki
---
automation/build/fedora/29.dockerfile | 46 +
automation/build/fedora/39.dockerfile | 46 -
automation/gitlab-ci/build.yaml | 4 +-
3 files changed, 48 insertions
xtra dependencies), so it probably makes sense to do it at
the same time.
Marek Marczykowski-Górecki (12):
automation: include domU kernel messages in the console output log
automation: update fedora build to F39
automation: switch to alpine:3.19
automation: increase verbosity of starting a dom
N4020
CPU. I cannot reproduce the issue on different hardware.
PVH domains seems to work.
Any ideas what could have happened here?
[1] https://github.com/QubesOS/qubes-issues/issues/9217
--
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
signature.asc
Description: PGP signature
to issues with fetching or building newer QEMU
discussed on Matrix)
v7:
- "x86/msi: passthrough all MSI-X vector ctrl writes to device model" is
already applied
Marek Marczykowski-Górecki (6):
x86/msi: Extend per-domain/device warning mechanism
x86/hvm: Allow access to registers on the
For testing, switch to my containers registry that includes containers
rebuilt with changes in this series.
---
automation/gitlab-ci/build.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/automation/gitlab-ci/build.yaml b/automation/gitlab-ci/build.yaml
index
The arch_msix struct had a single "warned" field with a domid for which
warning was issued. Upcoming patch will need similar mechanism for few
more warnings, so change it to save a bit field of issued warnings.
Signed-off-by: Marek Marczykowski-Górecki
Reviewed-by: Jan Beulich
---
Cha
in system for tests.
Remove firmware unrelated to the test, to not increase initrd size too
much (all firmware takes over 100MB compressed).
And finally adjusts test script to handle not only eth0 as a test device,
but also wlan0 and connect it to the wifi network.
Signed-off-by: Marek Marczykows
/dev/mem access doesn't work in dom0 in lockdown and in stubdomain.
Simulate this environment with removing /dev/mem device node. Full test
for lockdown and stubdomain will come later, when all requirements will
be in place.
Signed-off-by: Marek Marczykowski-Górecki
Acked-by: Stefano Stabellini
This makes tests to use patched QEMU, to actually test the new behavior.
---
Config.mk | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/Config.mk b/Config.mk
index a962f095ca16..5e220a1284e4 100644
--- a/Config.mk
+++ b/Config.mk
@@ -220,8 +220,8 @@ endif
OVMF_UPSTREAM_URL
to map pages etc).
Relevant places log a message about that already.
Signed-off-by: Marek Marczykowski-Górecki
---
Changes in v8:
- rename adjacent_handle to get_adjacent_idx
- put SBDF at the start of error messages
- use 0 for ADJACENT_DONT_HANDLE (it's FIX_RESERVED)
- merge conditions in
On Wed, May 08, 2024 at 06:09:48PM +0200, Roger Pau Monné wrote:
> On Tue, May 07, 2024 at 02:44:02PM +0200, Marek Marczykowski-Górecki wrote:
> > Some devices (notably Intel Wifi 6 AX210 card) keep auxiliary registers
> > on the same page as MSI-X table. Device model
On Tue, May 07, 2024 at 01:32:00PM +0200, Marek Marczykowski-Górecki wrote:
> On Tue, May 07, 2024 at 12:08:06PM +0100, Andrew Cooper wrote:
> > `xl devd` has been observed leaking /var/log/xldevd.log into children.
> >
> > Link: https://github.com/QubesOS/qubes-issues/iss
On Tue, May 07, 2024 at 03:15:48PM +0100, Andrew Cooper wrote:
> On 07/05/2024 12:32 pm, Marek Marczykowski-Górecki wrote:
> > On Tue, May 07, 2024 at 12:08:06PM +0100, Andrew Cooper wrote:
> >> `xl devd` has been observed leaking /var/log/xldevd.log into children.
>
This makes tests to use patched QEMU, to actually test the new behavior.
---
Config.mk | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/Config.mk b/Config.mk
index a962f095ca16..5e220a1284e4 100644
--- a/Config.mk
+++ b/Config.mk
@@ -220,8 +220,8 @@ endif
OVMF_UPSTREAM_URL
The arch_msix struct had a single "warned" field with a domid for which
warning was issued. Upcoming patch will need similar mechanism for few
more warnings, so change it to save a bit field of issued warnings.
Signed-off-by: Marek Marczykowski-Górecki
Reviewed-by: Jan Beulich
---
Cha
/dev/mem access doesn't work in dom0 in lockdown and in stubdomain.
Simulate this environment with removing /dev/mem device node. Full test
for lockdown and stubdomain will come later, when all requirements will
be in place.
Signed-off-by: Marek Marczykowski-Górecki
Acked-by: Stefano Stabellini
For testing, switch to my containers registry that includes containers
rebuilt with changes in this series.
---
automation/gitlab-ci/build.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/automation/gitlab-ci/build.yaml b/automation/gitlab-ci/build.yaml
index
in system for tests.
Remove firmware unrelated to the test, to not increase initrd size too
much (all firmware takes over 100MB compressed).
And finally adjusts test script to handle not only eth0 as a test device,
but also wlan0 and connect it to the wifi network.
Signed-off-by: Marek Marczykows
to issues with fetching or building newer QEMU
discussed on Matrix)
v7:
- "x86/msi: passthrough all MSI-X vector ctrl writes to device model" is
already applied
Marek Marczykowski-Górecki (6):
x86/msi: Extend per-domain/device warning mechanism
x86/hvm: Allow access to registers on the
to map pages etc).
Relevant places log a message about that already.
Signed-off-by: Marek Marczykowski-Górecki
---
Changes in v7:
- simplify logic based on assumption that all access to MSI-X pages are
handled by Xen (Roger)
- move calling adjacent_handle() into adjacent_{read,write}() (Roger)
Anthony PERARD
> CC: Juergen Gross
> CC: Demi Marie Obenour
> CC: Marek Marczykowski-Górecki
>
> Also entirely speculative based on the QubesOS ticket.
> ---
> tools/xl/xl_utils.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git
Update it to get XENFEAT_dm_msix_all_writes for the next patch.
Signed-off-by: Marek Marczykowski-Górecki
---
include/hw/xen/interface/features.h | 17 +
1 file changed, 17 insertions(+)
diff --git a/include/hw/xen/interface/features.h
b/include/hw/xen/interface/features.h
space, call the pci_default_write_config() only for its side effects.
Signed-off-by: Marek Marczykowski-Górecki
---
v3:
- use emulated register value for pci_default_write_config() call, not
the one for writting back to the hardware
- greatly simplify the patch by calling
conditions. Removing /dev/mem access is useful to work within
stubdomain (avoids emulated reads and potential races), and necessary
when dom0 kernel runs in lockdown mode (where /dev/mem is unavailable at
all).
Signed-off-by: Marek Marczykowski-Górecki
---
Changes in v2:
- Make change conditional on new X
On Fri, May 03, 2024 at 10:33:38AM +0200, Roger Pau Monné wrote:
> On Fri, Apr 26, 2024 at 07:54:00PM +0200, Marek Marczykowski-Górecki wrote:
> > Some devices (notably Intel Wifi 6 AX210 card) keep auxiliary registers
> > on the same page as MSI-X table. Device model
Update it to get XENFEAT_dm_msix_all_writes for the next patch.
Signed-off-by: Marek Marczykowski-Górecki
---
include/hw/xen/interface/features.h | 17 +
1 file changed, 17 insertions(+)
diff --git a/include/hw/xen/interface/features.h
b/include/hw/xen/interface/features.h
conditions. Removing /dev/mem access is useful to work within
stubdomain (avoids emulated reads and potential races), and necessary
when dom0 kernel runs in lockdown mode (where /dev/mem is unavailable at
all).
Signed-off-by: Marek Marczykowski-Górecki
---
Changes in v2:
- Make change conditional on new X
that on their own (especially xen_pt_*_reg_write()).
2. Not setting value early allows hooks to see the old value too.
If it would be only about the first point, setting PCIDevice.wmask would
probably be sufficient, but given the second point, restructure those
writes.
Signed-off-by: Marek
This makes tests to use patched QEMU, to actually test the new behavior.
---
Config.mk | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/Config.mk b/Config.mk
index a962f095ca16..5e220a1284e4 100644
--- a/Config.mk
+++ b/Config.mk
@@ -220,8 +220,8 @@ endif
OVMF_UPSTREAM_URL
zed, function returns early), but to avoid
build failure initialize it explicitly to NULL anyway.
Signed-off-by: Marek Marczykowski-Górecki
---
Changes in v6:
- use MSIX_CHECK_WARN macro
- extend assert on fixmap_idx
- add break in default label, after ASSERT_UNREACHABLE(), and move
se
). But for it to work, it needs QEMU change that
makes use of the changes introduced here. It can be seen at
https://github.com/marmarek/qemu/commits/msix
Here is the pipeline that used the QEMU fork above:
https://gitlab.com/xen-project/people/marmarek/xen/-/pipelines/1269664578
Marek Marczykowski-Górecki (7
For testing, switch to my containers registry that includes containers
rebuilt with changes in this series.
---
automation/gitlab-ci/build.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/automation/gitlab-ci/build.yaml b/automation/gitlab-ci/build.yaml
index
The arch_msix struct had a single "warned" field with a domid for which
warning was issued. Upcoming patch will need similar mechanism for few
more warnings, so change it to save a bit field of issued warnings.
Signed-off-by: Marek Marczykowski-Górecki
---
Changes in v6:
- add MSIX_
in system for tests.
Remove firmware unrelated to the test, to not increase initrd size too
much (all firmware takes over 100MB compressed).
And finally adjusts test script to handle not only eth0 as a test device,
but also wlan0 and connect it to the wifi network.
Signed-off-by: Marek Marczykows
/dev/mem access doesn't work in dom0 in lockdown and in stubdomain.
Simulate this environment with removing /dev/mem device node. Full test
for lockdown and stubdomain will come later, when all requirements will
be in place.
Signed-off-by: Marek Marczykowski-Górecki
Acked-by: Stefano Stabellini
the
interrupt again
- a methor for QEMU to tell Xen it will actually do the work
Those are not part of this series.
Signed-off-by: Marek Marczykowski-Górecki
Reviewed-by: Jan Beulich
---
I did not added any control to enable/disable this new behavior (as
Roger have suggested for possible non-QEMU ioreqs
On Thu, Apr 25, 2024 at 01:15:34PM +0200, Jan Beulich wrote:
> On 13.03.2024 16:16, Marek Marczykowski-Górecki wrote:
> > Some devices (notably Intel Wifi 6 AX210 card) keep auxiliary registers
> > on the same page as MSI-X table. Device model (especially one in
> > stub
rite-combining\n");
> return -EOPNOTSUPP;
--
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
signature.asc
Description: PGP signature
On Wed, Mar 13, 2024 at 04:16:05PM +0100, Marek Marczykowski-Górecki wrote:
> This series includes changes to make MSI-X working with Linux stubdomain and
> especially Intel Wifi 6 AX210 card. This takes care of remaining reasons for
> QEMU to access /dev/mem, but also the Intel
On Wed, Apr 17, 2024 at 04:17:48PM +0200, Jan Beulich wrote:
> On 14.04.2024 02:32, Marek Marczykowski-Górecki wrote:
> > On Wed, Apr 03, 2024 at 09:10:40AM +0200, Jan Beulich wrote:
> >> On 27.03.2024 03:53, Marek Marczykowski-Górecki wrote:
> >>> The IOMMU driver
On Wed, Apr 03, 2024 at 09:10:40AM +0200, Jan Beulich wrote:
> On 27.03.2024 03:53, Marek Marczykowski-Górecki wrote:
> > The IOMMU driver checks if RMRR/IVMD are marked as reserved in memory
> > map. This should be true for addresses coming from the firmware, but
> > when ex
On Thu, Apr 11, 2024 at 09:05:08PM +0100, Andrew Cooper wrote:
> Sorry, but you've sent out two copies of each patch in this series, and
> it's not clear if they're identical or not.
FWIW I've got just one copy.
--
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
signatu
hardware to manage and run the encrypted VM.
How will that interact with the PSP driver in dom0? AFAIK amdgpu driver
uses PSP for loading the GPU firmware. Does it mean one need to choose
either GPU in dom0 or encrypted VMs, or is it going to work somehow
together?
--
Best Regards,
Marek Marczy
tructions
> genuinely #UD.
>
> Spot this case and try to back out as cleanly as we can.
>
> Signed-off-by: Andrew Cooper
Thanks, this makes the test exit with 0, and print just "Got #UD" now in
the "Testing RTM behaviour" section.
Tested-by: Marek Marczykowski-Góreck
On Wed, Apr 03, 2024 at 05:04:20PM +0200, Jan Beulich wrote:
> On 03.04.2024 16:50, Marek Marczykowski-Górecki wrote:
> > Hi,
> >
> > I've noticed that tools/tests/tsx/test-tsx fails on a system with Intel
> > Core i7-8750H. Specific error I get:
> >
&g
e_alignment : 64
address sizes : 39 bits physical, 48 bits virtual
power management:
...
Full `xen-cpuid detail` output attached.
Just in case, I'm attaching also full xl dmesg, but I don't see anything
related there.
--
Best Regards,
Marek Marczykowski-Górecki
Invisible Things
-285,6 +285,7 @@ static struct sk_buff *xennet_alloc_one_rx_buffer(struct
> netfront_queue *queue)
> return NULL;
> }
> skb_add_rx_frag(skb, 0, page, 0, 0, PAGE_SIZE);
> + skb_mark_for_recycle(skb);
>
> /* Align ip header to a 16 bytes boundary */
> skb_reserve(skb, NET_IP_ALIGN);
>
>
>
--
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
signature.asc
Description: PGP signature
Introduce global xen_is_stubdomain variable when qemu is running inside
a stubdomain instead of dom0. This will be relevant for subsequent
patches, as few things like accessing PCI config space need to be done
differently.
Signed-off-by: Marek Marczykowski-Górecki
---
Changes in v3:
- move
relevant PV PCI xenstore
entries.
Signed-off-by: Marek Marczykowski-Górecki
---
Changes in v3:
- reduce 'path' size
- add two missing error_setg() calls
- coding style
Changes in v2:
- use xs_node_scanf
- use %d instead of %u to read values written as %d
- add a comment from another iteration
On Wed, Mar 27, 2024 at 03:53:10AM +0100, Marek Marczykowski-Górecki wrote:
> It will be useful for error reporting in a subsequent patch.
>
> Signed-off-by: Marek Marczykowski-Górecki
> Acked-by: Jan Beulich
This one is already applied, sorry for re-send.
> ---
> New
It will be useful for error reporting in a subsequent patch.
Signed-off-by: Marek Marczykowski-Górecki
Acked-by: Jan Beulich
---
New in v2
---
xen/drivers/char/xhci-dbc.c | 3 ++-
xen/drivers/passthrough/iommu.c | 5 -
xen/include/xen/iommu.h | 3 ++-
3 files changed, 8
int an error
message showing which pages failed and who requested them. This should
be enough hint to find why XHCI console doesn't work.
Fixes: 3a1a7b809ffa "drivers/char: mark DMA buffers as reserved for the XHCI"
Signed-off-by: Marek Marczykowski-Górecki
---
Alternative e
On Mon, Mar 18, 2024 at 04:52:42PM +0100, Roger Pau Monné wrote:
> On Mon, Mar 18, 2024 at 02:40:21PM +0100, Jan Beulich wrote:
> > On 12.03.2024 17:25, Marek Marczykowski-Górecki wrote:
> > > It will be useful for error reporting in a subsequent patch.
> > >
On Mon, Mar 18, 2024 at 02:48:09PM +0100, Jan Beulich wrote:
> On 12.03.2024 17:25, Marek Marczykowski-Górecki wrote:
> > The IOMMU driver checks if RMRR/IVMD are marked as reserved in memory
> > map. This should be true for addresses coming from the firmware, but
> > when ex
On Tue, Mar 26, 2024 at 05:06:50PM +, Anthony PERARD wrote:
> On Tue, Mar 05, 2024 at 08:12:29PM +0100, Marek Marczykowski-Górecki wrote:
> > diff --git a/hw/xen/xen-legacy-backend.c b/hw/xen/xen-legacy-backend.c
> > index 124dd5f3d6..6bd4e6eb2f 100644
> > --- a/hw/xen
On Sun, Oct 22, 2023 at 04:14:30PM +0200, Marek Marczykowski-Górecki wrote:
> On Mon, Aug 28, 2023 at 11:50:36PM +0200, Marek Marczykowski-Górecki wrote:
> > Hi,
> >
> > I've noticed in Qubes's CI failure like this:
> >
> > [ 871.271292] BUG: kernel
ubes-issues/issues/6411#issuecomment-1538089344
[2] https://github.com/QubesOS/qubes-linux-kernel/pull/910/files
[3] https://github.com/QubesOS/qubes-vmm-xen-stubdom-linux/pull/63/files
--
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
signature.asc
Description: PGP signature
). But for it to work, it needs QEMU change that
makes use of the changes introduced here. It can be seen at
https://github.com/marmarek/qemu/commits/msix
Here is the pipeline that used the QEMU fork above:
https://gitlab.com/xen-project/people/marmarek/xen/-/pipelines/1211237368
Marek Marczykowski-Górecki (7
For testing, switch to my containers registry that includes containers
rebuilt with changes in this series.
---
automation/gitlab-ci/build.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/automation/gitlab-ci/build.yaml b/automation/gitlab-ci/build.yaml
index
zed, function returns early), but to avoid
build failure initialize it explicitly to NULL anyway.
Signed-off-by: Marek Marczykowski-Górecki
---
Changes in v5:
- style fixes
- include GCC version in the commit message
- warn only once (per domain, per device) about failed adjacent access
Changes
the
interrupt again
- a methor for QEMU to tell Xen it will actually do the work
Those are not part of this series.
Signed-off-by: Marek Marczykowski-Górecki
---
I did not added any control to enable/disable this new behavior (as
Roger have suggested for possible non-QEMU ioreqs). I don't see how the
new
in system for tests.
Remove firmware unrelated to the test, to not increase initrd size too
much (all firmware takes over 100MB compressed).
And finally adjusts test script to handle not only eth0 as a test device,
but also wlan0 and connect it to the wifi network.
Signed-off-by: Marek Marczykows
/dev/mem access doesn't work in dom0 in lockdown and in stubdomain.
Simulate this environment with removing /dev/mem device node. Full test
for lockdown and stubdomain will come later, when all requirements will
be in place.
Signed-off-by: Marek Marczykowski-Górecki
Acked-by: Stefano Stabellini
The arch_msix struct had a single "warned" field with a domid for which
warning was issued. Upcoming patch will need similar mechanism for few
more warnings, so change it to save a bit field of issued warnings.
Signed-off-by: Marek Marczykowski-Górecki
---
Should I add also s
This makes tests to use patched QEMU, to actually test the new behavior.
---
Config.mk | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/Config.mk b/Config.mk
index a962f095ca16..5e220a1284e4 100644
--- a/Config.mk
+++ b/Config.mk
@@ -220,8 +220,8 @@ endif
OVMF_UPSTREAM_URL
On Tue, Mar 12, 2024 at 05:07:12PM -0400, Jason Andryuk wrote:
> On 2024-03-10 10:06, Marek Marczykowski-Górecki wrote:
> > On Fri, Jan 19, 2024 at 02:40:06PM +0100, Marek Marczykowski-Górecki wrote:
> > > On Thu, Jan 18, 2024 at 01:23:56AM -0500, Patrick Plenefisch wrote:
>
It will be useful for error reporting in a subsequent patch.
Signed-off-by: Marek Marczykowski-Górecki
---
New in v2
---
xen/drivers/char/xhci-dbc.c | 3 ++-
xen/drivers/passthrough/iommu.c | 5 -
xen/include/xen/iommu.h | 3 ++-
3 files changed, 8 insertions(+), 3 deletions
int an error
message showing which pages failed and who requested them. This should
be enough hint to find why XHCI console doesn't work.
Fixes: 3a1a7b809ffa "drivers/char: mark DMA buffers as reserved for the XHCI"
Signed-off-by: Marek Marczykowski-Górecki
---
Alternative e
On Tue, Mar 12, 2024 at 03:37:15PM +0100, Jan Beulich wrote:
> On 12.03.2024 15:24, Marek Marczykowski-Górecki wrote:
> > On Tue, Mar 12, 2024 at 11:53:46AM +0100, Jan Beulich wrote:
> >> On 12.03.2024 11:24, Roger Pau Monné wrote:
> >>>> --- a/xen/arch/x86/
rely is safer option, but less user friendly, especially since
(due to the above) I cannot give explicit hint to disable XHCI console.
And kinda independently - I'm tempted to add another field to `struct
extra_reserved_range` (and an argument to
`iommu_add_extra_reserved_device_memory()`) - textual description, for
the error reporting purpose.
--
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
signature.asc
Description: PGP signature
On Tue, Mar 12, 2024 at 02:09:14PM +0100, Marek Marczykowski-Górecki wrote:
> On Tue, Mar 12, 2024 at 01:38:53PM +0100, Jan Beulich wrote:
> > On 12.03.2024 13:02, Marek Marczykowski-Górecki wrote:
> > > BTW should e820_change_range_type() return 1 in case of mapping already
>
On Tue, Mar 12, 2024 at 01:38:53PM +0100, Jan Beulich wrote:
> On 12.03.2024 13:02, Marek Marczykowski-Górecki wrote:
> > On Tue, Mar 12, 2024 at 11:53:46AM +0100, Jan Beulich wrote:
> >> On 12.03.2024 11:24, Roger Pau Monné wrote:
> >>>> --- a/xen/arch/x86/
a_reserved_device_memory() can gain an extra parameter to
distinguish RAM from non-RAM mappings.
BTW should e820_change_range_type() return 1 in case of mapping already
having the right type? Otherwise, if one wants to use
iommu_add_extra_reserved_device_memory() on already reserved memory, the
e820_change_range_type() would fail.
--
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
signature.asc
Description: PGP signature
hypervisor and tools)
Invalid: Policy rejected non-revocation signature
(PositiveCertification) requiring second pre-image resistance
because: SHA1 is not considered secure
Certifications: 7, use --certifications to list
--
Best Regards,
Marek
Hi,
https://xenproject.org/xen-project-archives/ doesn't include 4.17.3.
--
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
signature.asc
Description: PGP signature
1 - 100 of 1225 matches
Mail list logo