boot
"xpti=dom0=0"
> parameter will achieve that.
>
> Move the xpti boot parameter handling to xen/arch/x86/pv/domain.c as
> it is pv-domain specific.
>
> Signed-off-by: Juergen Gross <jgr...@suse.com>
> Reviewed-by: Jan Beulich <jbeul...@suse.com>
>
Commit 62b1879693e0 ("x86: further CPUID handling adjustments") added
FEATURESET_7d0 reporting but forgot to update calculate_raw_featureset()
function. As result, the value reported by xen-cpuid contains 0.
Fix that by properly filling raw_featureset[FEATURESET_7d0].
Signed-off-
> /* 0x0140 MSR_INTEL_MISC_FEATURES_ENABLES */
> struct {
> -bool available; /* This MSR is non-architectural */
> bool cpuid_faulting;
> } misc_features_enables;
> };
Could you add comments saying that those 2 MSRs are always available
for all gu
ield to move
> the cpuid_faulting field to its appropriate position.
>
> Signed-off-by: Andrew Cooper
> ---
>
Reviewed-by: Sergey Dyasli
--
Thanks,
Sergey
___
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
On Tue, 2018-01-09 at 09:28 -0700, Jan Beulich wrote:
> > > > On 09.01.18 at 16:43, wrote:
> >
> > On Tue, 2018-01-09 at 02:13 -0700, Jan Beulich wrote:
> > > > > > On 04.01.18 at 14:06, wrote:
> > > >
> > > > +size_t consoled_guest_rx(void)
> > >
On Tue, 2018-01-09 at 02:13 -0700, Jan Beulich wrote:
> > > > On 04.01.18 at 14:06, wrote:
> > +size_t consoled_guest_rx(void)
> > +{
> > +size_t recv = 0, idx = 0;
> > +XENCONS_RING_IDX cons, prod;
> > +
> > +if ( !cons_ring )
> > +return 0;
> > +
> > +
Raw policy contains the actual values from H/W MSRs. Add PLATFORM_INFO
msr to the policy during probe_cpuid_faulting().
Host policy might have certain features disabled if Xen decides not
to use them. For now, make Host policy equal to Raw policy.
Signed-off-by: Sergey Dyasli <sergey.
On Thu, 2018-02-08 at 11:21 +, Roger Pau Monné wrote:
> On Thu, Feb 08, 2018 at 10:23:21AM +0000, Sergey Dyasli wrote:
> > +static void __init calculate_host_policy(void)
> > +{
> > +struct msr_domain_policy *dp = _msr_domain_policy;
> > +
> >
On Thu, 2018-02-15 at 06:33 -0700, Jan Beulich wrote:
> > > > On 08.02.18 at 11:23, wrote:
> >
> > --- a/xen/arch/x86/cpu/common.c
> > +++ b/xen/arch/x86/cpu/common.c
> > @@ -118,9 +118,18 @@ void (* __read_mostly ctxt_switch_masking)(const
> > struct vcpu *next);
> >
On Fri, 2018-02-16 at 04:06 -0700, Jan Beulich wrote:
> > > > On 16.02.18 at 11:33, wrote:
> >
> > On Thu, 2018-02-15 at 06:33 -0700, Jan Beulich wrote:
> > > > > > On 08.02.18 at 11:23, wrote:
> > > >
> > > > uint64_t val;
> > > > +
on X86_FEATURE_CPUID_FAULTING.
Finally, derive HVM/PV max domain policies from the Host policy.
Signed-off-by: Sergey Dyasli <sergey.dya...@citrix.com>
---
v2:
- Moved *dp into a narrower scope in probe_cpuid_faulting()
- Changes to how Host/pv/hvm domain policies are calculated
---
xen/arch/x
On Fri, 2018-02-16 at 11:38 +, Andrew Cooper wrote:
> On 16/02/18 11:31, Sergey Dyasli wrote:
> > On Fri, 2018-02-16 at 04:06 -0700, Jan Beulich wrote:
> > > > > > On 16.02.18 at 11:33, <sergey.dya...@citrix.com> wrote:
> > > >
> > >
On Mon, 2018-08-13 at 02:54 -0600, Jan Beulich wrote:
> > > > On 13.08.18 at 09:46, wrote:
> >
> > proposed topics so far:
> > * 4.10+ changes to Xen's memory scrubbing: discussion of the changes
> > that made to it in recent versions of Xen (4.10+) - Christopher
> > * Project
On Tue, 2018-07-03 at 21:55 +0100, Andrew Cooper wrote:
> From: Sergey Dyasli
>
> This finally (after literally years of work!) marks the point where the
> toolstack can ask the hypervisor for the current CPUID configuration of a
> specific domain.
>
> Also extend xen-
tent.
Fixes 1a37f33ea613 ("mm: Place unscrubbed pages at the end of pagelist")
Signed-off-by: Sergey Dyasli
---
CC: Andrew Cooper
CC: George Dunlap
CC: Jan Beulich
CC: Julien Grall
CC: Wei Liu
CC: Boris Ostrovsky
---
xen/common/page_alloc.c | 8 +++-
1 file changed, 7 in
he block is scrubbed.
> > >
> > > Add the missing piece of logic and slightly update the comment for
> > > the predecessor case to better capture the code's intent.
> > >
> > > Fixes 1a37f33ea613 ("mm: Place unscrubbed pages at the end of pagelist")
&
ed-off-by: Andrew Cooper
> Reviewed-by: Paul Durrant
> ---
> CC: Jan Beulich
> CC: Wei Liu
> CC: Roger Pau Monné
> CC: Sergey Dyasli
>
> v3:
> * Clean up after splitting the series. Retain appropriate R-by's
> ---
> xen/arch/x86/hvm/viridian.c
Hi Juergen,
2 small requests from me below.
On Wed, 2018-04-18 at 10:30 +0200, Juergen Gross wrote:
> Instead of switching XPTI globally on or off add a per-domain flag for
> that purpose. This allows to modify the xpti boot parameter to support
> running dom0 without Meltdown mitigations. Using
On Wed, 2018-03-21 at 19:52 +, Andrew Cooper wrote:
> On 28/02/18 16:09, Sergey Dyasli wrote:
> >
> > +struct {
> > +/* 0x0480 MSR_IA32_VMX_BASIC */
> > +union {
> > +uint64_t
ue_ctls blocks.
Add calculate_raw_vmx_policy() which fills Raw policy with H/W values
of VMX MSRs. Host policy will contain a copy of these values (for now).
Signed-off-by: Sergey Dyasli <sergey.dya...@citrix.com>
---
v5 --> v6:
- Removed "_bits" and "_based" from union names
- Removed &qu
With the new cpuid infrastructure there is a domain-wide struct cpuid
policy and there is no need to pass a separate struct vcpu * into
hvm_cr4_guest_valid_bits() anymore. Make the function accept struct
domain * instead and update callers.
Signed-off-by: Sergey Dyasli <sergey.dya...@citrix.
changes availability of
VMX MSRs based on domain's nested virt settings. If it's enabled, then
the domain receives a copy of HVM_max vmx policy with allowed CR4 bits
adjusted by CPUID policy.
Signed-off-by: Sergey Dyasli <sergey.dya...@citrix.com>
Reviewed-by: Andrew Cooper <andrew.coop...@c
-off-by: Sergey Dyasli <sergey.dya...@citrix.com>
Reviewed-by: Andrew Cooper <andrew.coop...@citrix.com>
---
v5 --> v6:
- Moved VMX MSRs case to the read-only block in guest_wrmsr()
- Added Reviewed-by
---
xen/arch/x86/hvm/vmx/vmx.c | 6 --
xen/arch/x86/hvm/vmx/vvmx
3,4 and 5
- Other changes are provided on per-patch basis
Sergey Dyasli (5):
x86/msr: add VMX MSRs definitions and populate Raw domain policy
x86/msr: add VMX MSRs into HVM_max domain policy
x86/cpuid: update signature of hvm_cr4_guest_valid_bits()
x86/msr: update domain policy on CPUID pol
On Wed, 2018-03-21 at 20:46 +, Andrew Cooper wrote:
> On 28/02/2018 16:09, Sergey Dyasli wrote:
> > +
> > +dp->vmx.pinbased_ctls.allowed_0.raw = VMX_PINBASED_CTLS_DEFAULT1;
> > +dp->vmx.pinbased_ctls.allowed_1.raw = VMX_PINBASED_CTLS_D
by guest_rd/wrmsr().
Signed-off-by: Sergey Dyasli <sergey.dya...@citrix.com>
---
v5 --> v6:
- Replaced !cpu_has_vmx check with !hvm_max_cpuid_policy.basic.vmx
- Added a TODO reminder
- Added brackets around bit or expressions
---
xen/arch/x86/ms
a <jun.nakaj...@intel.com>
> Cc: Kevin Tian <kevin.t...@intel.com>
> Cc: Jan Beulich <jbeul...@suse.com>
> Cc: Andrew Cooper <andrew.coop...@citrix.com>
> Cc: Sergey Dyasli <sergey.dya...@citrix.com>
> ---
> I've manually tested and AFAICT this fixes the os
by guest_rd/wrmsr().
Signed-off-by: Sergey Dyasli <sergey.dya...@citrix.com>
---
v4 --> v5:
- Macros are removed and now supported bitmask is used to derive policy
- Added vmx_clear_policy() helper
---
xen/arch/x86/msr.c | 134 +
1 file cha
() which changes availability of
VMX MSRs based on domain's nested virt settings. If it's enabled, then
the domain receives a copy of HVM_max vmx policy with allowed CR4 bits
adjusted by CPUID policy.
Signed-off-by: Sergey Dyasli <sergey.dya...@citrix.com>
---
v4 --> v5:
- Removed _do
With the new cpuid infrastructure there is a domain-wide struct cpuid
policy and there is no need to pass a separate struct vcpu * into
hvm_cr4_guest_valid_bits() anymore. Make the function accept struct
domain * instead and update callers.
Signed-off-by: Sergey Dyasli <sergey.dya...@citrix.
separately
- Combined the next 2 patches into 1
Sergey Dyasli (5):
x86/msr: add VMX MSRs definitions and populate Raw domain policy
x86/msr: add VMX MSRs into HVM_max domain policy
x86/cpuid: update signature of hvm_cr4_guest_valid_bits()
x86/msr: update domain policy on CPUID policy chan
ue_ctls blocks.
Add calculate_raw_vmx_policy() which fills Raw policy with H/W values
of VMX MSRs. Host policy will contain a copy of these values (for now).
Signed-off-by: Sergey Dyasli <sergey.dya...@citrix.com>
---
v4 --> v5:
- Clarified the reason for splitting MSRs into 5 blocks
- Added raw field into
-off-by: Sergey Dyasli <sergey.dya...@citrix.com>
---
v4 --> v5:
- New msr availability helpers are used
---
xen/arch/x86/hvm/vmx/vmx.c | 6 --
xen/arch/x86/hvm/vmx/vvmx.c| 178 -
xen/arch/x86/msr.c | 35
xen/in
On Thu, 2018-03-01 at 16:19 +, Roger Pau Monne wrote:
> Commit 406817 doesn't update nested VMX code in order to take into
> account L1 CR4 host mask when nested guest (L2) writes to CR4, and
> thus the mask written to CR4_GUEST_HOST_MASK is likely not as
> restrictive as it should be.
>
>
. Remove them.
Signed-off-by: Sergey Dyasli <sergey.dya...@citrix.com>
---
Compile tested with aarch64 compiler.
---
xen/drivers/char/console.c | 12 ++--
1 file changed, 2 insertions(+), 10 deletions(-)
diff --git a/xen/drivers/char/console.c b/xen/drivers/char/console.c
index 1210
only:
1. During the first nested vmentry
2. After L1 has changed an appropriate vmcs field
3. After nvmx_purge_vvmcs() was previously called
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/hvm/vmx/vvmx.c | 104 +++-
1 file changed, 67 insertions(+), 37
Calling vmfail_valid() is correct only if vvmcx is valid. Modify
functions to use vmfail() instead which performs the necessary check.
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/hvm/vmx/vvmx.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/xen/arch/x86/hvm/vmx/vvmx.c
And make nvmx_handle_vmclear() return the new errno in case the provided
address is the same as vmxon region address.
While at it, correct the return value for not-4KB-aligned case and for
invalid physaddr.
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/hvm/vmx/vvmx.c| 23
These were found by running nested VMX tests from kvm-unit-tests.
Sergey Dyasli (6):
x86/vvmx: introduce vvmcx_valid()
x86/vvmx: correct vmfail() usage for vmptrld and vmclear
x86/vvmx: add VMX_INSN_VMPTRLD_WITH_VMXON_PTR errno
x86/vvmx: add VMX_INSN_VMCLEAR_WITH_VMXON_PTR errno
x86
The size of Xen's virtual vmcs region is 4096 bytes. Correctly report
it to the guest in case when VMCS shadowing is not available instead of
providing H/W value (which is usually smaller).
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/hvm/vmx/vvmx.c | 8
1 file changed, 8 insertions
And make nvmx_handle_vmptrld() return the new errno in case the provided
address is the same as vmxon region address.
While at it, correct the return value for not-4KB-aligned case.
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/hvm/vmx/vvmx.c| 10 --
xen/include/asm-x86/hvm/vmx
As a convenient helper function and refactor the code to use it.
No functional change.
Signed-off-by: Sergey Dyasli
---
xen/arch/x86/hvm/vmx/vvmx.c | 17 -
xen/include/asm-x86/hvm/nestedhvm.h | 5 +
2 files changed, 13 insertions(+), 9 deletions(-)
diff --git
On 12/10/18 14:40, Jan Beulich wrote:
On 09.10.18 at 17:21, wrote:
>> --- a/xen/common/page_alloc.c
>> +++ b/xen/common/page_alloc.c
>> @@ -161,8 +161,42 @@ string_param("badpage", opt_badpage);
>> /*
>> * no-bootscrub -> Free pages are not zeroed during boot.
>> */
>> -static bool_t
nable NMIs during cpu_init() and
during __start_xen() for BSP.
Signed-off-by: Sergey Dyasli
---
v2:
- Added enable_nmis() to __start_xen() for BSP
- Added comments as per Andrew's suggestion
CC: Jan Beulich
CC: Andrew Cooper
CC: Wei Liu
---
xen/arch/x86/cpu/common.c | 3 +++
xen/arch/x
On 01/11/2018 02:22, Tian, Kevin wrote:
>> From: Sergey Dyasli [mailto:sergey.dya...@citrix.com]
>> Sent: Tuesday, October 30, 2018 8:41 PM
>>
>> On 30/10/2018 07:41, Tian, Kevin wrote:
>>>> From: Sergey Dyasli [mailto:sergey.dya...@citrix.com]
>>
On 30/10/2018 07:41, Tian, Kevin wrote:
>> From: Sergey Dyasli [mailto:sergey.dya...@citrix.com]
>> Sent: Friday, October 12, 2018 11:28 PM
>>
>> As a convenient helper function and refactor the code to use it.
>>
>> No functional change.
>>
>> Sign
On 30/10/2018 08:06, Tian, Kevin wrote:
>> From: Sergey Dyasli [mailto:sergey.dya...@citrix.com]
>> Sent: Friday, October 12, 2018 11:28 PM
>>
>> The size of Xen's virtual vmcs region is 4096 bytes. Correctly report
>> it to the guest in case when VMCS shad
On 25/10/2018 16:39, Andrew Cooper wrote:
> This is very dangerous from a security point of view, because a missing entry
> will cause L2's action to be interpreted as L1's action.
>
> Signed-off-by: Andrew Cooper
> ---
> CC: Sergey Dyasli
> CC: Jan Beulich
> CC: Wei
user_regs *regs,
> case EXIT_REASON_VMXOFF:
> case EXIT_REASON_VMXON:
> case EXIT_REASON_INVEPT:
> +case EXIT_REASON_INVVPID:
> case EXIT_REASON_XSETBV:
> /* inject to L1 */
> nvcpu->nv_vmexit_pending = 1;
Reviewed-by: Sergey Dyasli
On 26/10/2018 10:10, Andrew Cooper wrote:
> On 26/10/2018 10:05, Sergey Dyasli wrote:
>>
>> On 25/10/2018 16:39, Andrew Cooper wrote:
>>> This is very dangerous from a security point of view, because a missing
>>> entry
>>> will cause L2's action to be
On 07/11/2018 18:20, Andrew Cooper wrote:
> On 09/10/18 16:21, Sergey Dyasli wrote:
>> Scrubbing RAM during boot may take a long time on machines with lots
>> of RAM. Add 'idle' option to bootscrub which marks all pages dirty
>> initially so they will eventually be scrubbed
On 07/11/2018 13:28, Wei Liu wrote:
> On Tue, Nov 06, 2018 at 12:07:58PM +0000, Sergey Dyasli wrote:
>> The size of Xen's virtual vmcs region is 4096 bytes (see comment about
>> Virtual VMCS layout in include/asm-x86/hvm/vmx/vvmx.h). Correctly report
>> it to the guest in cas
(CCing Roger)
On 08/11/2018 11:07, Andrew Cooper wrote:
> On 08/11/18 10:31, Jan Beulich wrote:
>>>>> On 07.11.18 at 19:20, wrote:
>>> On 09/10/18 16:21, Sergey Dyasli wrote:
>>>> Scrubbing RAM during boot may take a long time on machines with lots
>
Don't call vmsucceed() at the end of virtual_vmexit()
Reviewed-by: Sergey Dyasli
--
Thanks,
Sergey
> xen/arch/x86/hvm/vmx/vvmx.c | 22 +++---
> 1 file changed, 7 insertions(+), 15 deletions(-)
>
___
Xen-devel mailing list
Xen-de
think the description must be
changed.
--
Sergey
> Signed-off-by: Andrew Cooper
> ---
> CC: Jan Beulich
> CC: Wei Liu
> CC: Roger Pau Monné
> CC: Sergey Dyasli
> CC: Jun Nakajima
> CC: Kevin Tian
> ---
> xen/arch/x86/hvm/vmx/vvmx.c | 1 -
> 1 file changed, 1
scrubbing during allocation (unless MEMF_no_scrub was provided).
Use the new 'idle' option as the default one.
Signed-off-by: Sergey Dyasli
Reviewed-by: Jan Beulich
---
v2 --> v3:
- Removed "= 0" from enum bootscrub_mode
- Removed num_online_nodes() from printk()
- Added Reviewed-b
As a convenient helper function and refactor the code to use it.
No functional change.
Signed-off-by: Sergey Dyasli
---
CC: Boris Ostrovsky
CC: Suravee Suthikulpanit
CC: Brian Woods
v2:
- Use the new helper in nestedsvm.c
---
xen/arch/x86/hvm/svm/nestedsvm.c| 2 +-
xen/arch/x86/hvm
These were found by running nested VMX tests from kvm-unit-tests.
Sergey Dyasli (8):
x86/vvmx: introduce nvmx_vcpu_preinit()
x86/nestedhvm: introduce vvmcx_valid()
x86/vvmx: add VMX_INSN_INVEPT_INVVPID_INVALID_OP errno
x86/vvmx: correct vmfail() usage for vmptrld and vmclear
x86/vvmx
And make nvmx_handle_vmptrld() return the new errno in case the provided
address is the same as vmxon region address.
While at it, correct the return value for not-4KB-aligned case.
Signed-off-by: Sergey Dyasli
Acked-by: Kevin Tian
---
v2:
- Added Acked-by
---
xen/arch/x86/hvm/vmx/vvmx.c
-off-by: Sergey Dyasli
---
v2:
- Removal of enum vmx_ops_result and refactoring
---
xen/arch/x86/hvm/vmx/vvmx.c| 52 +-
xen/include/asm-x86/hvm/vmx/vmcs.h | 1 +
2 files changed, 30 insertions(+), 23 deletions(-)
diff --git a/xen/arch/x86/hvm/vmx/vvmx.c b/xen
reasons, Xen maps bitmaps only:
1. During the first nested vmentry
2. After L1 has changed an appropriate vmcs field
3. After nvmx_purge_vvmcs() was previously called
Signed-off-by: Sergey Dyasli
---
v2:
- slight commit message change
---
xen/arch/x86/hvm/vmx/vvmx.c | 105
Calling vmfail_valid() is correct only if vvmcx is valid. Modify
functions to use vmfail() instead which performs the necessary check.
While at it, add ASSERTs into vmfail_valid/invalid() to quickly catch
an incorrect usage in the future.
Signed-off-by: Sergey Dyasli
---
v2:
- Added ASSERTs
And call it during vmx_vcpu_initialise(). This allows to safely use
vvmx functions that rely on the values inside struct nestedvmx and
struct nestedvcpu, independently of the nested virtualisation
(HVM_PARAM_NESTEDHVM) status of a domain.
Signed-off-by: Sergey Dyasli
---
v2:
- new patch
---
xen
And use it in nvmx_handle_invept() and nvmx_handle_invvpid().
Signed-off-by: Sergey Dyasli
---
v2:
- new patch
---
xen/arch/x86/hvm/vmx/vvmx.c| 4 ++--
xen/include/asm-x86/hvm/vmx/vmcs.h | 1 +
2 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/xen/arch/x86/hvm/vmx/vvmx.c b
The size of Xen's virtual vmcs region is 4096 bytes (see comment about
Virtual VMCS layout in include/asm-x86/hvm/vmx/vvmx.h). Correctly report
it to the guest in case when VMCS shadowing is not available instead of
providing H/W value (which is usually smaller).
Signed-off-by: Sergey Dyasli
This allows to safely use nestedhvm functions that rely on the values
inside struct nestedvcpu independently of the nested virtualisation
(HVM_PARAM_NESTEDHVM) status of a domain.
Signed-off-by: Sergey Dyasli
---
v3:
- new patch
---
xen/arch/x86/hvm/hvm.c | 2 ++
1 file changed, 2 insertions
As a convenient helper function and refactor the code to use it.
No functional change.
Signed-off-by: Sergey Dyasli
Reviewed-by: Boris Ostrovsky
Reviewed-by: Wei Liu
Reviewed-by: Kevin Tian
---
CC: Boris Ostrovsky
CC: Suravee Suthikulpanit
CC: Brian Woods
v3:
- Added R-by
v2:
- Use
And use it in nvmx_handle_invept() and nvmx_handle_invvpid().
Signed-off-by: Sergey Dyasli
Acked-by: Kevin Tian
---
v3:
- Added Acked-by
v2:
- new patch
---
xen/arch/x86/hvm/vmx/vvmx.c| 4 ++--
xen/include/asm-x86/hvm/vmx/vmcs.h | 1 +
2 files changed, 3 insertions(+), 2 deletions
-off-by: Sergey Dyasli
Acked-by: Kevin Tian
---
v3:
- Added Acked-by
v2:
- Removal of enum vmx_ops_result and refactoring
---
xen/arch/x86/hvm/vmx/vvmx.c| 52 +-
xen/include/asm-x86/hvm/vmx/vmcs.h | 1 +
2 files changed, 30 insertions(+), 23 deletions(-)
diff
And make nvmx_handle_vmptrld() return the new errno in case the provided
address is the same as vmxon region address.
While at it, correct the return value for not-4KB-aligned case.
Signed-off-by: Sergey Dyasli
Acked-by: Kevin Tian
---
v3:
- no changes
v2:
- Added Acked-by
---
xen/arch/x86
reasons, Xen maps bitmaps only:
1. During the first nested vmentry
2. After L1 has changed an appropriate vmcs field
3. After nvmx_purge_vvmcs() was previously called
Signed-off-by: Sergey Dyasli
Acked-by: Kevin Tian
---
v3:
- Added Acked-by
v2:
- slight commit message change
Calling vmfail_valid() is correct only if vvmcx is valid. Modify
functions to use vmfail() instead which performs the necessary check.
While at it, add ASSERTs into vmfail_valid/invalid() to quickly catch
an incorrect usage in the future.
Signed-off-by: Sergey Dyasli
Acked-by: Kevin Tian
These were found by running nested VMX tests from kvm-unit-tests.
v3:
- Removed 1/8 "x86/vvmx: introduce nvmx_vcpu_preinit()"
- Added 1/8 "x86/nestedhvm: init nv_vvmcxaddr in hvm_vcpu_initialise()"
- Added R-by and Acked-by to other patches
Sergey Dyasli (8):
x86/nestedhv
The size of Xen's virtual vmcs region is 4096 bytes (see comment about
Virtual VMCS layout in include/asm-x86/hvm/vmx/vvmx.h). Correctly report
it to the guest in case when VMCS shadowing is not available instead of
providing H/W value (which is usually smaller).
Signed-off-by: Sergey Dyasli
Signed-off-by: Sergey Dyasli
---
CC: Jan Beulich
CC: Wei Liu
---
xen/common/page_alloc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/xen/common/page_alloc.c b/xen/common/page_alloc.c
index 88d1637247..08ee8cfbb9 100644
--- a/xen/common/page_alloc.c
+++ b/xen/common
On 08/11/2018 15:18, Roger Pau Monné wrote:
> On Thu, Nov 08, 2018 at 02:48:40PM +0000, Sergey Dyasli wrote:
>> (CCing Roger)
>>
>> On 08/11/2018 11:07, Andrew Cooper wrote:
>>> On 08/11/18 10:31, Jan Beulich wrote:
>>>>>>> On 07.11.18 at 19:20,
On 07/11/2018 12:17, Wei Liu wrote:
> On Wed, Nov 07, 2018 at 11:11:49AM +0000, Sergey Dyasli wrote:
>> Scrubbing RAM during boot may take a long time on machines with lots
>> of RAM. Add 'idle' option to bootscrub which marks all pages dirty
>> initially so they will e
scrubbing during allocation (unless MEMF_no_scrub was provided).
Use the new 'idle' option as the default one.
Signed-off-by: Sergey Dyasli
---
v1 --> v2:
- dropped comment about performance
- changed default to 'idle'
- changed type of opt_bootscrub to enum
- restored __initdata for opt_bootsc
to return scrubbed
pages to a caller unless MEMF_no_scrub flag was provided.
Signed-off-by: Sergey Dyasli
---
CC: Andrew Cooper
CC: Boris Ostrovsky
CC: George Dunlap
CC: Jan Beulich
CC: Julien Grall
CC: Tim Deegan
---
docs/misc/xen-command-line.markdown | 3 ++-
xen/common/page_alloc.c
On Mon, 2018-10-01 at 14:54 +0100, George Dunlap wrote:
> On 10/01/2018 02:44 PM, Sergey Dyasli wrote:
> > On Mon, 2018-10-01 at 07:38 -0600, Jan Beulich wrote:
> > > > > > On 01.10.18 at 15:12, wrote:
> > > >
> > > > On 01/10/18 12:13, Jan
On Mon, 2018-10-01 at 07:38 -0600, Jan Beulich wrote:
> > > > On 01.10.18 at 15:12, wrote:
> >
> > On 01/10/18 12:13, Jan Beulich wrote:
> > > > > > On 01.10.18 at 11:58, wrote:
> > > >
> > > > Having the allocator return unscrubbed pages is a potential security
> > > > concern: some domain
On 01/10/18 12:13, Jan Beulich wrote:
On 01.10.18 at 11:58, wrote:
>> Having the allocator return unscrubbed pages is a potential security
>> concern: some domain can be given pages with memory contents of another
>> domain. This may happen, for example, if a domain voluntarily releases
>>
On Mon, 2018-10-01 at 07:38 -0600, Jan Beulich wrote:
> > > > On 01.10.18 at 15:12, wrote:
> >
> > On 01/10/18 12:13, Jan Beulich wrote:
> > > > > > On 01.10.18 at 11:58, wrote:
> > > >
> > > > Having the allocator return unscrubbed pages is a potential security
> > > > concern: some domain
that the allocator will return scrubbed pages by doing
eager scrubbing during allocation (unless MEMF_no_scrub was provided).
Signed-off-by: Sergey Dyasli
---
CC: Andrew Cooper
CC: Boris Ostrovsky
CC: George Dunlap
CC: Jan Beulich
CC: Julien Grall
CC: Tim Deegan
---
docs/misc/xen-command-line.markdown
; https://bugs.llvm.org/show_bug.cgi?id=39707
>
> I haven't been able to find any other instances of such conditional
> expression that uses system_state together with an init variable or
> function.
>
> Signed-off-by: Roger Pau Monné
Reviewed-by: Sergey Dyas
les changed, 47 insertions(+), 6 deletions(-)
Reviewed-by: Sergey Dyasli
Thanks
___
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
On 20/11/2018 17:16, Jan Beulich wrote:
On 20.11.18 at 18:00, wrote:
>> Now that idle scrub is the default option, all memory is marked as dirty
>> and alloc_domheap_pages() will do eager scrubbing by default. This can
>> lead to longer Dom0 construction and potentially to a watchdog
this process since there is little point
in scrubbing memory for Dom0.
Signed-off-by: Sergey Dyasli
---
v2:
- use MEMF_no_scrub in more calls
CC: Jan Beulich
CC: Andrew Cooper
CC: Wei Liu
CC: "Roger Pau Monné"
---
xen/arch/x86/hvm/dom0_build.c | 2 +-
xen/arch/x86/pv/dom0_bui
this process since there is little point
in scrubbing memory for Dom0 RAM.
Signed-off-by: Sergey Dyasli
---
CC: Jan Beulich
CC: Andrew Cooper
CC: Wei Liu
CC: "Roger Pau Monné"
---
xen/arch/x86/hvm/dom0_build.c | 2 +-
xen/arch/x86/pv/dom0_build.c | 5 +++--
2 files changed, 4 insert
This issue was discovered during internal testing.
Sergey Dyasli (2):
system_state: introduce SYS_STATE_smp_booted
common/page_alloc: don't idle-scrub before microcode update
xen/arch/arm/setup.c | 6 ++
xen/arch/x86/setup.c | 4
xen/common/page_alloc.c | 7 +++
xen
The new state means that all secondary CPUs are up. On x86 this also
means that a microcode was (potentially) updated on all CPUs.
On ARM side of things, additionally set system_state to SYS_STATE_smp_boot
just before bringing up secondary CPUs.
Signed-off-by: Sergey Dyasli
---
xen/arch/arm
11 to 0x1e, d
[2J[1;1H[2J
Prevent this situation by disabling idle scrubbing until
SYS_STATE_smp_booted is reached.
Signed-off-by: Sergey Dyasli
---
xen/arch/arm/setup.c| 2 ++
xen/arch/x86/setup.c| 2 ++
xen/common/page_alloc.c | 7 +++
3 files changed, 11 insertions(+)
On 27/11/2018 10:15, Jan Beulich wrote:
>>>> On 27.11.18 at 11:10, wrote:
>> Hi,
>>
>> On 11/27/18 10:00 AM, Sergey Dyasli wrote:
>>> Some x86 CPUs has errata regarding microcode updates. The most notorious
>>> is Broadwell's BDX90: "Loading
On 27/11/2018 10:22, Jan Beulich wrote:
On 27.11.18 at 11:00, wrote:
>> The new state means that all secondary CPUs are up. On x86 this also
>> means that a microcode was (potentially) updated on all CPUs.
>
> I'm slightly concerned by such an x86 specific: Could we settle on
> a more
;
in Xen's cmdline manually.
Fix the issue by initialising dma_bitsize even on single NUMA machines.
Signed-off-by: Sergey Dyasli
---
CC: Andrew Cooper
CC: Jan Beulich
CC: Julien Grall
CC: Wei Liu
CC: Boris Ostrovsky
CC: George Dunlap
CC: Roger Pau Monné
---
xen/common/page_alloc.c | 2
On 07/01/2019 12:05, Jan Beulich wrote:
On 07.01.19 at 12:27, wrote:
>> Currently dma_bitsize is zero by default on single NUMA node machines.
>> This makes all alloc_domheap_pages() calls with MEMF_no_dma return NULL.
>>
>> There is only 1 user of MEMF_no_dma: dom0_memflags, which are used
;
in Xen's cmdline manually.
Fix the issue by ignoring MEMF_no_dma in cases when dma_bitsize is zero,
which means there is no DMA zone. This shouldn't cause any issues for
Dom0 because alloc_heap_pages() will first use higher memory addresses
for satisfying memory allocation requests.
Signed-off-
On Wed, 2018-09-12 at 11:23 +0100, Andrew Cooper wrote:
> On 12/09/18 10:46, Sergey Dyasli wrote:
> > On Wed, 2018-09-12 at 10:12 +0100, Andrew Cooper wrote:
> > > On 12/09/18 09:29, Sergey Dyasli wrote:
> > > > On Tue, 2018-09-11 at 19:56 +0100, Andrew Coope
eviewed-by: Kevin Tian
> Reviewed-by: Paul Durrant
> ---
> CC: Jan Beulich
> CC: Wei Liu
> CC: Roger Pau Monné
> CC: Sergey Dyasli
>
> v3:
> * Split out of previous series. Retain appropriate R-by's
> v4:
> * Retain switch() for interpretin
86EMUL_* return values.
>
> Signed-off-by: Andrew Cooper
> ---
> CC: Jan Beulich
> CC: Wei Liu
> CC: Roger Pau Monné
> CC: Sergey Dyasli
>
> v3:
> * Clean up after splitting the series.
> ---
> xen/arch/x86/msr.c
1 - 100 of 259 matches
Mail list logo