On 25/04/18 16:13, Mirela Simonovic wrote:
Hi Julien,
Hi Mirela,
On Mon, Apr 23, 2018 at 1:46 PM, Julien Grall <julien.gr...@arm.com> wrote:
Hi,
On 20/04/18 13:25, Mirela Simonovic wrote:
Checking CPU errata should be done only when a CPU is initially booted.
It is assumed that t
referred way too. But at the moment, I can't see how to avoid
leave the array unchanged.
Cheers,
--
Julien Grall
___
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
happy to provide more insights here.
Cheers,
--
Julien Grall
___
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
(apologies for the formatting)
Hi Lars,
Thank you for putting together an FAQ.
Few comments below around Arm.
On 5 Jan 2018 13:37, "Lars Kurth" wrote:
Hi all, this is a repost of https://blog.xenproject.org/
2018/01/04/xen-project-spectremeltdown-faq/ for
On 10/01/18 17:16, Sergej Proskurin wrote:
Hi Julien,
Hi,
On 10/09/2017 06:43 PM, Julien Grall wrote:
Hi Sergej,
On 30/08/17 19:32, Sergej Proskurin wrote:
This commit copies and extends the altp2m-related code from x86 to ARM.
Functions that are no yet supported notify the caller
Hi Wei,
On 17/01/18 16:43, Wei Liu wrote:
ARM doesn't have emulation_flags in the arch_domainconfig.
Signed-off-by: Wei Liu <wei.l...@citrix.com>
Reviewed-by: Julien Grall <julien.gr...@linaro.org>
Cheers,
---
Cc: Ian Jackson <ian.jack...@eu.citrix.com>
Cc: Julie
a)
Stefano, Julien?
Sorry, it fell through the cracks.
Acked-by: Julien Grall <julien.gr...@linaro.org>
Cheers,
--
Julien Grall
___
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
return ret;
else
d->arch.vgic.has_its = true;
+
+vgic_map_translation_space(d, hw_its->addr);
Your new function may return an error. Therefore you should test it.
}
}
Cheers,
--
Julien Grall
__
Hi,
On 18/01/18 17:25, Manish Jaggi wrote:
On 01/18/2018 10:22 PM, Julien Grall wrote:
Hi Manish,
Hi Julien,
On 18/01/18 06:15, mja...@caviumnetworks.com wrote:
From: Manish Jaggi <mja...@caviumnetworks.com>
This patch introduces a function vgic_map_translation_space for mapping
I
ARGS__)
+
+/* Alias to Xen allocation helpers */
+#define kfree xfree
+#define kmalloc(size, flags)_xmalloc(size, sizeof(void *))
+#define kzalloc(size, flags)_xzalloc(size, sizeof(void *))
+
/*
* min()/max() macros that also do
* strict type-checking.. See the
above?
However, I don't think it is necessary to have a separate patch just for
adding the Kconfig. You can fold into the patch that is first using it.
BTW, I would have expected this to be patch #1 and used to gate
compilation for any of those file.
+
config NUMA
ate_iort_size(size_t *iort_size);
+int prepare_iort(struct acpi_table_iort *hwdom_iort, unsigned int *iort_size);
#endif
diff --git a/xen/include/asm-arm/acpi.h b/xen/include/asm-arm/acpi.h
index c183b6bb6e..f8b5254621 100644
--- a/xen/include/asm-arm/acpi.h
+++ b/xen/include/asm
answer on my first comment in
that e-mail.
Cheers,
--
Julien Grall
___
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
why you need that.
};
+#define to_pci_dev(p) container_of(p, struct pci_dev, dev)
+#define pci_domain_nr(dev) dev->seg
#define for_each_pdev(domain, pdev) \
list_for_each_entry(pdev, &(domain->arch.pdev_list), domain_list)
Ch
Hi Stefano,
On 01/13/2018 12:29 AM, Stefano Stabellini wrote:
lowmem is unchanged until after this loop, there is no point in testing
for its value. Moreover, Coverity complains about dead code.
Remove the lowmem test in the first loop.
While I understand Coverity complains about dead code,
On 01/03/2018 05:47 AM, Manish Jaggi wrote:
Hi Sameer,
Hi Manish,
+
+/* Xen: Type definitions for iommu_domain */
+#define IOMMU_DOMAIN_UNMANAGED 0
+#define IOMMU_DOMAIN_DMA 1
+#define IOMMU_DOMAIN_IDENTITY 2
+
+/* Xen: Dummy iommu_domain */
+struct iommu_domain {
+ /* Runtime SMMU
Hi Manish,
On 16/01/18 13:27, Manish Jaggi wrote:
On 01/16/2018 06:44 PM, Julien Grall wrote:
On 16/01/18 12:40, Manish Jaggi wrote:
Hi Julien,
Hi,
On 01/16/2018 02:11 AM, Julien Grall wrote:
On 01/03/2018 05:34 AM, Manish Jaggi wrote:
Hi Sameer,
Hi Manish,
+ unsigned int
re, but an error path is being taken every now and then, and
I personally have seen errors coming back (mostly after having
made mistakes elsewhere).
And I guess the binary will never be loaded at the same as virtual
address as Xen would be meant to run?
Cheers,
de/xen/fwnode.h
--
Julien Grall
___
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
acpi_iort_node *pcirc_node,
+u16 rid, u32 *deviceid);
+
+void init_ridmaps(void);
+
+#endif
+
+/*
+ * Local variables:
+ * mode: C
+ * c-file-style: "BSD"
+ * c-basic-offset: 4
+ * indent-tabs-mode: nil
+ * End:
+ */
--
Julien Grall
___
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
from the kpti branch in [1].
[1] https://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git
Signed-off-by: Marc Zyngier <marc.zyng...@arm.com>
Signed-off-by: Julien Grall <julien.gr...@linaro.org>
---
xen/arch/arm/arm32/entry.S | 21 +
xen/arch/arm/cpuerr
will still contain the original
stack pointer.
Add some documentation in the code to point the 2 sides to each other.
Signed-off-by: Julien Grall <julien.gr...@linaro.org>
---
xen/arch/arm/arm32/entry.S | 8
1 file changed, 8 insertions(+)
diff --git a/xen/arch/arm/arm32/entry.S
and the software mitigations
for Arm processors, please see http://www.arm.com/security-update.
Cheers,
Julien Grall (7):
xen/arm32: entry: Consolidate DEFINE_TRAP_ENTRY_* macros
xen/arm32: Add missing MIDR values for Cortex-A17 and A12
xen/arm32: entry: Add missing trap_reset entry
xen/arm32
The only difference between all the DEFINE_TRAP_ENTRY_* macros are the
interrupts (Asynchronous Abort, IRQ, FIQ) unmasked.
Rather than duplicating the code, introduce __DEFINE_TRAP_ENTRY macro
that will take the list of interrupts to unmask.
This is part of XSA-254.
Signed-off-by: Julien Grall
-254.
Signed-off-by: Julien Grall <julien.gr...@linaro.org>
---
xen/arch/arm/arm32/entry.S | 1 +
xen/arch/arm/arm32/traps.c | 5 +
2 files changed, 6 insertions(+)
diff --git a/xen/arch/arm/arm32/entry.S b/xen/arch/arm/arm32/entry.S
index c6490d2847..c2fad5fe9b 100644
--- a/xen/arch/arm
if no dirty state exists.
Signed-off-by: Jan Beulich <jbeul...@suse.com>
Reviewed-by: Julien Grall <julien.gr...@linaro.org>
Cheers,
---
ARM adjustments compile tested only.
---
v2: Introduce VCPU_CPU_CLEAN and vcpu_cpu_dirty(). Re-word comments.
Re-base.
--- a/xen/arch/arm/domain
Hi Sameer,
On 19/12/17 03:16, Sameer Goel wrote:
Modify the SMMU code to use generic device instead of dt_device_node for
functions that can be used for ACPI based systems too.
Signed-off-by: Sameer Goel <sameer.g...@linaro.org>
Acked-by: Julien Grall <julien.gr...@linaro.org
xactly on caller of LOG_2. So what is the benefits to provide
2 names? More that I would expect ilog2 to be used in any code coming
from Linux.
Cheers,
Roger.
___
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject
-by: Andrew Cooper <andrew.coop...@citrix.com>
Acked-by: Julien Grall <julien.gr...@linaro.org>
Cheers,
---
v2: White space changes (consolidate split line statements into single
line ones). Re-base.
--- a/xen/arch/arm/domain.c
+++ b/xen/arch/arm/domain.c
@@ -470,7 +470,7 @@ v
can you make this code follow Xen coding style?
FWIW with the coding style change:
Acked-by: Julien Grall <julien.gr...@linaro.org>
This will also require an ack from "THE REST" maintainers as this is
common code.
Cheers,
+__warned = true;
(((_x) & 0xff00) ? ( 8 + __L8( (_x)>> 8)) : __L8( _x))
-#define LOG_2(_x) (((_x) & 0x) ? (16 + __L16((_x)>>16)) : __L16(_x))
+#define ilog2(_x) (((_x) & 0x) ? (16 + __L16((_x)>>16)) : __L16(_x))
/**
* for_each_set_bit - iterate
Hi Roger,
On 23/01/18 12:10, Roger Pau Monné wrote:
On Tue, Jan 23, 2018 at 11:44:30AM +, Julien Grall wrote:
Hi Roger,
On 23/01/18 11:39, Roger Pau Monné wrote:
On Mon, Dec 18, 2017 at 08:16:57PM -0700, Sameer Goel wrote:
diff --git a/xen/include/xen/bitops.h b/xen/include/xen/bitops.h
with it. So I think Xen
should also cope with such DT.
Cheers,
Julien Grall (2):
xen/arm: GICv3: Parse ITS information from the firmware tables later
on
xen/arm: GICv3: Only initialize ITS when the distributor supports
LPIs.
xen/arch/arm/gic-v3-its.c| 47
firmware tables later on.
Note that gicv3_its_init() has been moved at the end of the file to
avoid forward declaration.
Signed-off-by: Julien Grall <julien.gr...@linaro.org>
---
I can move the code movement in a separate patch if necessary. It was
small enough that I thought it
in the distributor.
Signed-off-by: Julien Grall <julien.gr...@linaro.org>
---
xen/arch/arm/gic-v3.c | 14 +++---
1 file changed, 11 insertions(+), 3 deletions(-)
diff --git a/xen/arch/arm/gic-v3.c b/xen/arch/arm/gic-v3.c
index 9f9cf59f82..730450e34b 100644
--- a/xen/arch/arm/gic-v3.c
+++ b/xe
functions.
Therefore move PSCI dispatching in two new functions do_psci_0_1_call
and do_psci_0_2_call. The former will handle PSCI 0.1 call while the latter
0.2 or later call.
Signed-off-by: Julien Grall <julien.gr...@linaro.org>
---
xen/arch/arm/vpsci.c
Hi all,
This small patch series contains SMCCC fixes (see #2) and PSCI clean-up.
Cheers,
Julien Grall (3):
xen/arm: vpsci: Removing dummy MIGRATE and MIGRATE_INFO_UP_CPU
xen/arm: vsmc: Don't implement function ID that doesn't exist
xen/arm: vpsci: Move PSCI function dispatching from
in
order to avoid potential clash with later revision. Therefore rework the
vsmc code to use the whole function identifier rather than only the
function number.
Signed-off-by: Julien Grall <julien.gr...@linaro.org>
---
This should be backported to Xen 4.10 as we should not implement
fun
.
Signed-off-by: Julien Grall <julien.gr...@linaro.org>
---
xen/arch/arm/vpsci.c | 10 --
xen/arch/arm/vsmc.c | 14 --
xen/include/asm-arm/perfc_defn.h | 2 --
xen/include/asm-arm/psci.h | 2 --
4 files changed, 28 deletions(-)
diff --git
Hi,
On 22/01/18 18:22, Julien Grall wrote:
There are Device Tree (e.g for the Foundation Model) out that describes the
ITS but LPIs is not supported by the platform. Booting with such DT will
result to an early Data Abort. The same DT is booting fine with a
baremetal Linux because ITS
On 24 January 2018 at 22:22, Konrad Rzeszutek Wilk
<konrad.w...@oracle.com> wrote:
> On Fri, Jan 19, 2018 at 01:41:01PM +0000, Julien Grall wrote:
>> In order to avoid aliasing attackes agains the branch predictor, let's
>> invalidate the BTB on guest exist. This is made co
Hi Stefano,
On 24 January 2018 at 22:14, Stefano Stabellini <sstabell...@kernel.org> wrote:
> On Thu, 18 Jan 2018, Julien Grall wrote:
>> (+ Security team)
>>
>> Hi Stefano,
>>
>> On 17/01/18 21:47, Stefano Stabellini wrote:
>> > On Wed, 17 Jan 2
...) would be greatly appreciated.
Cheers,
--
Julien Grall
___
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
On 24/01/18 17:55, Mirela Simonovic wrote:
Hi Julien, Stefano,
Hi Mirela,
Thank you very much for the feedback!
On 01/11/2018 03:00 PM, Julien Grall wrote:
Hi Mirela,
Thank you for the sending the design document. The general design
looks good to me. I have some comments below
Hi,
On 24/01/18 18:34, Julien Grall wrote:
The PSCI call MIGRATE and MIGRATE_INFO_UP_CPU are optional and
implemented as just returning PSCI_NOT_SUPPORTED (aka UNKNOWN_FUNCTION
for SMCCC).
The new SMCCC framework is able to deal with unimplemented function and
return the proper error code. So
Hi,
On 26/01/18 18:09, Volodymyr Babchuk wrote:
On 24.01.18 20:34, Julien Grall wrote:
- case PSCI_0_2_FN32(AFFINITY_INFO):
- case PSCI_0_2_FN64(AFFINITY_INFO):
+ switch ( fid )
{
- register_t taff = PSCI_ARG(regs, 1);
- uint32_t laff = PSCI_ARG32(regs, 2
Hi,
On 26/01/18 18:12, Volodymyr Babchuk wrote:
On 26.01.18 20:07, Julien Grall wrote:
On 26/01/18 18:03, Volodymyr Babchuk wrote:
diff --git a/xen/include/asm-arm/smccc.h b/xen/include/asm-arm/smccc.h
index f543dea0bb..303517459f 100644
--- a/xen/include/asm-arm/smccc.h
+++ b/xen/include
Hi Stefano,
On 16/01/18 23:55, Stefano Stabellini wrote:
On Tue, 16 Jan 2018, Julien Grall wrote:
Once Xen knows what features/workarounds present on the platform, it
might be necessary to configure each online CPU.
Introduce a new callback "enable" that will be called on each
sk= "/root/initramfs"
extra= "console=hvc0"
vcpus= 1
Cheers,
--
Julien Grall
___
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
tables. They will be re-used and patch with the mitigations
on-demand.
This is based on the work done in Linux (see [1]).
This is part of XSA-254.
[1] git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git
branch ktpi
Signed-off-by: Julien Grall <julien.gr...@linaro.org>
---
xen/ar
Hi,
On 16/01/18 12:37, Manish Jaggi wrote:
On 01/16/2018 02:04 AM, Julien Grall wrote:
On 01/03/2018 05:47 AM, Manish Jaggi wrote:
+int devm_request_threaded_irq(struct device *dev, unsigned int irq,
irq_handler_t handler,
+ irq_handler_t thread_fn, unsigned long irqflags
itigations
for Arm processors, please see http://www.arm.com/security-update.
[1]
https://github.com/ARM-software/arm-trusted-firmware/wiki/ARM-Trusted-Firmware-Security-Advisory-TFV-6
Julien Grall (5):
xen/arm: Introduce enable callback to enable a capabilities on each
online CPU
xen/arm64: A
entries from affection other victim
contexts.
Ported from Linux git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git
branch kpti.
Signed-off-by: Marc Zyngier <marc.zyng...@arm.com>
Signed-off-by: Will Deacon <will.dea...@arm.com>
This is part of XSA-254.
Signed-off-by:
Introduce a new macro MIDR_ALL_VERSIONS to match all variant/revision of a
given CPU model.
This is part of XSA-254.
Signed-off-by: Julien Grall <julien.gr...@linaro.org>
---
xen/arch/arm/cpuerrata.c | 6 ++
1 file changed, 6 insertions(+)
diff --git a/xen/arch/arm/cpuerrata.c b/xe
Cortex-A72, A73 and A75 MIDR will be used to a follow-up for hardening
the branch predictor.
This is part of XSA-254.
Signed-off-by: Julien Grall <julien.gr...@linaro.org>
---
xen/include/asm-arm/processor.h | 6 ++
1 file changed, 6 insertions(+)
diff --git a/xen/include/a
Hi Stefano,
On 01/13/2018 12:07 AM, Stefano Stabellini wrote:
r12 and x16 are of different sizes; when passing r12 as a reference to
do_trap_hypercall on arm64, we end up dereferencing it as a pointer to a
64bit value, but actually it isn't.
Instead, pass r12/x16 as values and explicitly
e is you use Xen coding
style. The rest is pretty much use Xen name for access register and
adding missing define.
I think it would be beneficial for Xen to re-use Linux code. The
compatibility layer should be very limited. Stefano any opinions?
Cheers,
index 00..544aad5932
--- /dev/null
+++ b/xen/include/asm-arm/gic_v3.h
@@ -0,0 +1,7 @@
+#ifndef GICV3_H
+#define GICV3_H
+
+uint64_t __gicv3_ich_read_lr(int lr);
+void __gicv3_ich_write_lr(int lr, uint64_t val);
+
+#endif
Cheers,
--
Julien Grall
_
_HCR_VGRP1EIE (1 << 6)
#define GICH_HCR_VGRP1DIE (1 << 7)
+#define GICH_HCR_TALL1(1 << 12)
#define GICH_MISR_EOI (1 << 0)
#define GICH_MISR_U (1 << 1) >
Cheers,
--
Julien Grall
___
Xen-devel mailing list
Xe
reg(struct cpu_user_regs *regs,
const union hsr hsr);
+int do_fixup_vgic_errata(struct cpu_user_regs *regs,
+ const union hsr hsr);
#endif /* __ASM_ARM64_TRAPS__ */
/*
--
Julien Grall
___
Xen-devel mailing list
Hi,
On 25/01/18 18:45, Stefano Stabellini wrote:
On Thu, 25 Jan 2018, Julien Grall wrote:
Hi Stefano,
On 24/01/18 23:54, Stefano Stabellini wrote:
On Fri, 19 Jan 2018, Julien Grall wrote:
Aliasing attacked against CPU branch predictors can allow an attacker to
redirect speculative control
Hi Stefano,
On 24/01/18 23:14, Stefano Stabellini wrote:
On Fri, 19 Jan 2018, Julien Grall wrote:
At the moment, the reset vector is defined as .word 0 (e.g andeq r0, r0,
r0).
This is rather unintuitive and will result to execute the trap
undefined. Instead introduce trap helpers for reset
Hi Stefano,
On 24/01/18 23:54, Stefano Stabellini wrote:
On Fri, 19 Jan 2018, Julien Grall wrote:
Aliasing attacked against CPU branch predictors can allow an attacker to
redirect speculative control flow on some CPUs and potentially divulge
information from one context to another.
This patch
Hi Stefano,
On 25/01/18 01:02, Stefano Stabellini wrote:
On Fri, 19 Jan 2018, Julien Grall wrote:
In order to avoid aliasing attackes agains the branch predictor, let's
invalidate the BTB on guest exist. This is made complicated by the fact
that we cannot take a branch invalidating the BTB
Hi,
On 24/01/18 22:43, Stefano Stabellini wrote:
On Wed, 24 Jan 2018, Julien Grall wrote:
Hi Stefano,
On 24 January 2018 at 22:14, Stefano Stabellini <sstabell...@kernel.org> wrote:
On Thu, 18 Jan 2018, Julien Grall wrote:
(+ Security team)
Hi Stefano,
On 17/01/18 21:47, S
devel mailing list
minios-de...@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/minios-devel
--
Julien Grall
___
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
res = fdt_property_cell(fdt, "#redistributor-regions",
+d->arch.vgic.nr_regions);
+if ( res )
+return res;
+}
len = dt_cells_to_size(dt_n_addr_cells(gic) + dt_n_size_cells(gic));
/*
--
Julien Grall
_
Hi Andre,
On 24/01/18 16:35, Andre Przywara wrote:
On 24/01/18 16:08, Julien Grall wrote:
(+ Tools maintainers)
Hi Andre,
On 24/01/18 14:35, Andre Przywara wrote:
When creating a GICv3 devicetree node, we currently insert the
redistributor-stride and #redistributor-regions properties
d long gicv3_get_hwdom_extra_madt_size(const struct domain *d)
{
unsigned long size;
-size = sizeof(struct acpi_madt_generic_redistributor)
- * d->arch.vgic.nr_regions;
+size = sizeof(struct acpi_madt_generic_redistributor) * gicv3.rdist_count;
size += sizeof(st
that, instead
simply always use the architected value.
Signed-off-by: Andre Przywara <andre.przyw...@linaro.org>
Acked-by: Julien Grall <julien.gr...@linaro.org>
Cheers,
---
xen/arch/arm/gic-v3.c | 3 +--
xen/arch/arm/vgic-v3.c| 14 --
xen/inc
and also
remove the code that tried to reuse the hardware value for Dom0's GICv3
emulation.
Signed-off-by: Andre Przywara <andre.przyw...@linaro.org>
In any case:
Acked-by: Julien Grall <julien.gr...@linaro.org>
Cheers,
--
Julien Grall
_
On 01/11/2018 08:38 PM, Stefano Stabellini wrote:
Backports done, I skipped 43208a9cb4c3decce67b653539c1b860121fbb5e
I am happy with that. Thank you for the backporting!
Cheers,
On Mon, 18 Dec 2017, Julien Grall wrote:
Hi,
Below a list of potential backport patches for Xen 4.{10,9,8,7
any plan for this?
Cheers,
[1] https://wiki.xenproject.org/wiki/Xen_Project_4.10_Release_Notes
[2] https://wiki.xenproject.org/wiki/Xen_Project_4.10_Release_Notes
--
Julien Grall
___
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https
(CC the REST maintainers)
On 01/12/2018 11:40 PM, Stefano Stabellini wrote:
handles can theoretically be NULL, check for it explicitly before
dereferencing it.
I doubt handles could be NULL if LocateHandle succeed. This seems to be
confirmed by the spec (Page 208 in UEFI spec 2.7).
So I am
<george.dun...@citrix.com>
Ian Jackson <ian.jack...@eu.citrix.com>
Jan Beulich <jbeul...@suse.com>
Jon Ludlam <jonathan.lud...@citrix.com>
Jonathan Ludlam <jonathan.lud...@citrix.com>
Juergen Gross <jgr...@suse.com>
Julien Grall <julien.gr...
, it is considered that an IO belonging to an emulated range
could either be handled or inject an abort. This could be revisit in the
future if overlapped region exist (or we want to try another way to
resolve the abort).
Signed-off-by: Julien Grall <julien.gr...@arm.com>
---
xen/arch/arm/io.c
Now the MMIO emulation is able to distinguish unhandled IO from aborted
one, there are no need to crash the domain when the region is access
with a bad width.
Instead let Xen inject a data abort to the guest and decide what to do.
Signed-off-by: Julien Grall <julien.gr...@arm.com>
---
xe
,
Julien Grall (3):
xen/arm: io: Distinguish unhandled IO from aborted one
xen/arm: Don't crash domain on bad MMIO emulation
xen/arm: Don't crash the domain on invalid HVC immediate
xen/arch/arm/io.c | 24 +--
xen/arch/arm/traps.c | 47
domain_crash_synchronous() should only be used when something went wrong
in Xen. It is better to inject to the guest as it will be in better
position to provide helpful information (stack trace...).
Signed-off-by: Julien Grall <julien.gr...@arm.com>
---
We potentially want to ret
Hi Andre,
On 24/01/18 18:10, Andre Przywara wrote:
On ARM the maximum number of IRQs is a constant, but we share it being
a variable to match x86. Since we are not supposed to alter it, let's
mark it as "const" to avoid accidental change.
Suggested-by: Julien Grall <julien.gr.
On 30/01/18 18:28, Volodymyr Babchuk wrote:
Hi Julien,
On 30.01.18 20:01, Julien Grall wrote:
On 26/01/18 18:27, Volodymyr Babchuk wrote:
Hi,
Hi Volodymyr,
On 26.01.18 20:15, Julien Grall wrote:
Hi,
On 26/01/18 18:09, Volodymyr Babchuk wrote:
On 24.01.18 20:34, Julien Grall wrote
On 30/01/18 16:38, Andrew Cooper wrote:
On 30/01/18 16:14, Julien Grall wrote:
Hi all,
This small series replaces all call to domain_crash_synchronous by injecting
an exception to the guest.
This will result to a nicer trace from the guest (no need to manually walk
the stack) and give
] https://lists.xenproject.org/archives/html/xen-devel/2016-12/msg00826.html
Signed-off-by: Julien Grall <julien.gr...@arm.com>
---
We probably want to backport this as part of XSA-254. Using big.LITTLE
on Xen has never been supported but we didn't make it clearly. This is
becoming more ap
On 26/01/18 18:27, Volodymyr Babchuk wrote:
Hi,
Hi Volodymyr,
On 26.01.18 20:15, Julien Grall wrote:
Hi,
On 26/01/18 18:09, Volodymyr Babchuk wrote:
On 24.01.18 20:34, Julien Grall wrote:
- case PSCI_0_2_FN32(AFFINITY_INFO):
- case PSCI_0_2_FN64(AFFINITY_INFO):
+ switch ( fid
Hi Stefano,
On 30/01/18 18:14, Stefano Stabellini wrote:
On Tue, 30 Jan 2018, Julien Grall wrote:
Currently, Xen is considering that an IO could either be handled or
unhandled. When unhandled, the stage-2 abort function will try another
way to resolve the abort.
However, the MMIO emulation
nsigned int virq,
+struct irq_desc *desc);
extern int domain_vgic_register(struct domain *d, int *mmio_count);
extern int vcpu_vgic_free(struct vcpu *v);
Cheers,
--
Julien Grall
___
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
On 30 January 2018 at 19:35, Volodymyr Babchuk
<volodymyr_babc...@epam.com> wrote:
>
>
> On 30.01.18 20:44, Julien Grall wrote:
>>
>>
>>
>> On 30/01/18 18:28, Volodymyr Babchuk wrote:
>>>
>>> Hi Julien,
>>>
>>> On 30.01.18
Hi,
On 02/02/18 14:23, Volodymyr Babchuk wrote:
On 02.02.18 13:41, Julien Grall wrote:
At the moment PSCI function dispatching is done in vsmc.c and the
function implementation in vpsci.c. Some bits of the implementation is
even done in vsmc.c (see PSCI_SYSTEM_RESET).
This means
On 02/02/18 14:37, Andre Przywara wrote:
Hi,
Hi,
On 02/02/18 10:14, Julien Grall wrote:
domain_crash_synchronous() should only be used when something went wrong
in Xen. It is better to inject to the guest as it will be in a better
position to provide helpful information (stack trace
On 02/02/18 14:34, Andre Przywara wrote:
Hi,
Hi,
On 02/02/18 10:14, Julien Grall wrote:
Currently, Xen is considering that an IO could either be handled or
unhandled. When unhandled, the stage-2 abort function will try another
way to resolve the abort.
However, the MMIO emulation may
and the software mitigations
for Arm processors, please see http://www.arm.com/security-update.
Cheers,
Julien Grall (7):
xen/arm32: entry: Consolidate DEFINE_TRAP_ENTRY_* macros
xen/arm32: Add missing MIDR values for Cortex-A17 and A12
xen/arm32: entry: Add missing trap_reset entry
xen/arm32
-254.
Signed-off-by: Julien Grall <julien.gr...@linaro.org>
---
Changes in v2:
- Replace .word 0 by trap_reset
---
xen/arch/arm/arm32/entry.S | 3 ++-
xen/arch/arm/arm32/traps.c | 5 +
2 files changed, 7 insertions(+), 1 deletion(-)
diff --git a/xen/arch/arm/arm32/entry.S
On 02/02/18 14:34, Andre Przywara wrote:
Hi,
Hi,
On 02/02/18 10:14, Julien Grall wrote:
At the moment, try_handle_mmio() will do check on the HSR and bail out
if one check fail. This means that another method will be tried to
handle the fault even for bad access on emulated region. While
Cortex-A17 and A12 MIDR will be used in a follow-up patch for hardening
the branch predictor.
This is part of XSA-254.
Signed-off-by: Julien Grall <julien.gr...@linaro.org>
Reviewed-by: Stefano Stabellini <sstabell...@kernel.org>
---
Changes in v2:
- Add Stefan
have been used, but older Xen (4.8 or
earlier) doesn't have support. So avoid using alternative to ease
backporting.
This is part of XSA-254.
Signed-off-by: Julien Grall <julien.gr...@linaro.org>
---
Changes in v2:
- Clarify the commit message
---
xen/arch/arm/Kconfig
]).
This is part of XSA-254.
[1] https://www.spinics.net/lists/arm-kernel/msg632062.html
Signed-off-by: Marc Zyngier <marc.zyng...@arm.com>
Signed-off-by: Julien Grall <julien.gr...@linaro.org>
---
Changes in v3:
- Drop Stefano's reviewed-by
- Use the latest version of the
from the kpti branch in [1].
[1] https://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git
Signed-off-by: Marc Zyngier <marc.zyng...@arm.com>
Signed-off-by: Julien Grall <julien.gr...@linaro.org>
Reviewed-by: Stefano Stabellini <sstabell...@kernel.org>
---
Changes in v2:
will still contain the original
stack pointer.
Add some documentation in the code to point the 2 sides to each other.
Signed-off-by: Julien Grall <julien.gr...@linaro.org>
Reviewed-by: Stefano Stabellini <sstabell...@kernel.org>
---
Changes in v2:
- Add Stefano's reviewed
Hi Stefano,
On 30/01/18 19:09, Stefano Stabellini wrote:
On Tue, 30 Jan 2018, Julien Grall wrote:
diff --git a/xen/arch/arm/traps.c b/xen/arch/arm/traps.c
index c8534d6cff..843adf4959 100644
--- a/xen/arch/arm/traps.c
+++ b/xen/arch/arm/traps.c
@@ -1864,10 +1864,10 @@ static inline bool
Hi Stefano,
On 30/01/18 19:21, Stefano Stabellini wrote:
On Tue, 30 Jan 2018, Julien Grall wrote:
Hi,
On 30/01/18 18:29, Andrew Cooper wrote:
On 30/01/18 17:00, Julien Grall wrote:
On 30/01/18 16:38, Andrew Cooper wrote:
On 30/01/18 16:14, Julien Grall wrote:
Hi all,
This small series
301 - 400 of 10493 matches
Mail list logo