From 243848fc018cb98c2a70c39fe1f93eb266c79835 Mon Sep 17 00:00:00 2001 From: Shannon Zhao Date: Thu, 7 Apr 2016 20:03:19 +0800 Subject: xen/grant-table: Move xlated_setup_gnttab_pages to common place Move xlated_setup_gnttab_pages to common place, so it can be reused by ARM to setup grant table. Rename it to xen_xlate_map_ballooned_pages. Signed-off-by: Shannon Zhao Reviewed-by: Stefano Stabellini Reviewed-by: Julien Grall Tested-by: Julien Grall --- include/xen/xen-ops.h | 2 ++ 1 file changed, 2 insertions(+) (limited to 'include') diff --git a/include/xen/xen-ops.h b/include/xen/xen-ops.h index 86abe07b20ec..072be1c29917 100644 --- a/include/xen/xen-ops.h +++ b/include/xen/xen-ops.h @@ -85,6 +85,8 @@ int xen_xlate_remap_gfn_array(struct vm_area_struct *vma, struct page **pages); int xen_xlate_unmap_gfn_range(struct vm_area_struct *vma, int nr, struct page **pages); +int xen_xlate_map_ballooned_pages(xen_pfn_t **pfns, void **vaddr, + unsigned long nr_grant_frames); bool xen_running_on_version_or_later(unsigned int major, unsigned int minor); -- cgit From 712a5b77cb5a1d3028a8c202f4f839802a03f19f Mon Sep 17 00:00:00 2001 From: Shannon Zhao Date: Thu, 7 Apr 2016 20:03:22 +0800 Subject: xen: memory : Add new XENMAPSPACE type XENMAPSPACE_dev_mmio Add a new type of Xen map space for Dom0 to map device's MMIO region. Signed-off-by: Shannon Zhao Reviewed-by: Julien Grall Tested-by: Julien Grall --- include/xen/interface/memory.h | 1 + 1 file changed, 1 insertion(+) (limited to 'include') diff --git a/include/xen/interface/memory.h b/include/xen/interface/memory.h index 2ecfe4f700d9..9aa8988cb340 100644 --- a/include/xen/interface/memory.h +++ b/include/xen/interface/memory.h @@ -160,6 +160,7 @@ DEFINE_GUEST_HANDLE_STRUCT(xen_machphys_mapping_t); #define XENMAPSPACE_gmfn_foreign 4 /* GMFN from another dom, * XENMEM_add_to_physmap_range only. */ +#define XENMAPSPACE_dev_mmio 5 /* device mmio region */ /* * Sets the GPFN at which a particular page appears in the specified guest's -- cgit From b6f0bcc23fa9cb32752cbf263d4014a21f132f92 Mon Sep 17 00:00:00 2001 From: Shannon Zhao Date: Thu, 7 Apr 2016 20:03:25 +0800 Subject: Xen: public/hvm: sync changes of HVM_PARAM_CALLBACK_VIA ABI from Xen Sync the changes of HVM_PARAM_CALLBACK_VIA ABI introduced by Xen commit (public/hvm: export the HVM_PARAM_CALLBACK_VIA ABI in the API). Signed-off-by: Shannon Zhao Acked-by: Stefano Stabellini Tested-by: Julien Grall --- include/xen/interface/hvm/params.h | 27 +++++++++++++++++++++------ 1 file changed, 21 insertions(+), 6 deletions(-) (limited to 'include') diff --git a/include/xen/interface/hvm/params.h b/include/xen/interface/hvm/params.h index a6c79911e729..70ad20834e13 100644 --- a/include/xen/interface/hvm/params.h +++ b/include/xen/interface/hvm/params.h @@ -27,16 +27,31 @@ * Parameter space for HVMOP_{set,get}_param. */ +#define HVM_PARAM_CALLBACK_IRQ 0 /* * How should CPU0 event-channel notifications be delivered? - * val[63:56] == 0: val[55:0] is a delivery GSI (Global System Interrupt). - * val[63:56] == 1: val[55:0] is a delivery PCI INTx line, as follows: - * Domain = val[47:32], Bus = val[31:16], - * DevFn = val[15: 8], IntX = val[ 1: 0] - * val[63:56] == 2: val[7:0] is a vector number. + * * If val == 0 then CPU0 event-channel notifications are not delivered. + * If val != 0, val[63:56] encodes the type, as follows: + */ + +#define HVM_PARAM_CALLBACK_TYPE_GSI 0 +/* + * val[55:0] is a delivery GSI. GSI 0 cannot be used, as it aliases val == 0, + * and disables all notifications. + */ + +#define HVM_PARAM_CALLBACK_TYPE_PCI_INTX 1 +/* + * val[55:0] is a delivery PCI INTx line: + * Domain = val[47:32], Bus = val[31:16] DevFn = val[15:8], IntX = val[1:0] + */ + +#define HVM_PARAM_CALLBACK_TYPE_VECTOR 2 +/* + * val[7:0] is a vector number. Check for XENFEAT_hvm_callback_vector to know + * if this delivery method is available. */ -#define HVM_PARAM_CALLBACK_IRQ 0 #define HVM_PARAM_STORE_PFN 1 #define HVM_PARAM_STORE_EVTCHN 2 -- cgit From 383ff518a79fe3dcece579b9d30be77b219d10f8 Mon Sep 17 00:00:00 2001 From: Shannon Zhao Date: Thu, 7 Apr 2016 20:03:26 +0800 Subject: xen/hvm/params: Add a new delivery type for event-channel in HVM_PARAM_CALLBACK_IRQ This new delivery type which is for ARM shares the same value with HVM_PARAM_CALLBACK_TYPE_VECTOR which is for x86. val[15:8] is flag: val[7:0] is a PPI. To the flag, bit 8 stands the interrupt mode is edge(1) or level(0) and bit 9 stands the interrupt polarity is active low(1) or high(0). Signed-off-by: Shannon Zhao Acked-by: Stefano Stabellini Reviewed-by: Julien Grall Tested-by: Julien Grall --- include/xen/interface/hvm/params.h | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'include') diff --git a/include/xen/interface/hvm/params.h b/include/xen/interface/hvm/params.h index 70ad20834e13..4d61fc58d99d 100644 --- a/include/xen/interface/hvm/params.h +++ b/include/xen/interface/hvm/params.h @@ -47,11 +47,24 @@ * Domain = val[47:32], Bus = val[31:16] DevFn = val[15:8], IntX = val[1:0] */ +#if defined(__i386__) || defined(__x86_64__) #define HVM_PARAM_CALLBACK_TYPE_VECTOR 2 /* * val[7:0] is a vector number. Check for XENFEAT_hvm_callback_vector to know * if this delivery method is available. */ +#elif defined(__arm__) || defined(__aarch64__) +#define HVM_PARAM_CALLBACK_TYPE_PPI 2 +/* + * val[55:16] needs to be zero. + * val[15:8] is interrupt flag of the PPI used by event-channel: + * bit 8: the PPI is edge(1) or level(0) triggered + * bit 9: the PPI is active low(1) or high(0) + * val[7:0] is a PPI number used by event-channel. + * This is only used by ARM/ARM64 and masking/eoi the interrupt associated to + * the notification is handled by the interrupt controller. + */ +#endif #define HVM_PARAM_STORE_PFN 1 #define HVM_PARAM_STORE_EVTCHN 2 -- cgit From a62ed500307bfaf4c1a818b69f7c1e7df1039a16 Mon Sep 17 00:00:00 2001 From: Shannon Zhao Date: Thu, 7 Apr 2016 20:03:31 +0800 Subject: XEN: EFI: Move x86 specific codes to architecture directory Move x86 specific codes to architecture directory and export those EFI runtime service functions. This will be useful for initializing runtime service on ARM later. Signed-off-by: Shannon Zhao Reviewed-by: Stefano Stabellini Tested-by: Julien Grall Signed-off-by: Stefano Stabellini --- include/xen/xen-ops.h | 30 ++++++++++++++++++++++-------- 1 file changed, 22 insertions(+), 8 deletions(-) (limited to 'include') diff --git a/include/xen/xen-ops.h b/include/xen/xen-ops.h index 072be1c29917..3491582bf50a 100644 --- a/include/xen/xen-ops.h +++ b/include/xen/xen-ops.h @@ -90,14 +90,28 @@ int xen_xlate_map_ballooned_pages(xen_pfn_t **pfns, void **vaddr, bool xen_running_on_version_or_later(unsigned int major, unsigned int minor); -#ifdef CONFIG_XEN_EFI -extern efi_system_table_t *xen_efi_probe(void); -#else -static inline efi_system_table_t __init *xen_efi_probe(void) -{ - return NULL; -} -#endif +efi_status_t xen_efi_get_time(efi_time_t *tm, efi_time_cap_t *tc); +efi_status_t xen_efi_set_time(efi_time_t *tm); +efi_status_t xen_efi_get_wakeup_time(efi_bool_t *enabled, efi_bool_t *pending, + efi_time_t *tm); +efi_status_t xen_efi_set_wakeup_time(efi_bool_t enabled, efi_time_t *tm); +efi_status_t xen_efi_get_variable(efi_char16_t *name, efi_guid_t *vendor, + u32 *attr, unsigned long *data_size, + void *data); +efi_status_t xen_efi_get_next_variable(unsigned long *name_size, + efi_char16_t *name, efi_guid_t *vendor); +efi_status_t xen_efi_set_variable(efi_char16_t *name, efi_guid_t *vendor, + u32 attr, unsigned long data_size, + void *data); +efi_status_t xen_efi_query_variable_info(u32 attr, u64 *storage_space, + u64 *remaining_space, + u64 *max_variable_size); +efi_status_t xen_efi_get_next_high_mono_count(u32 *count); +efi_status_t xen_efi_update_capsule(efi_capsule_header_t **capsules, + unsigned long count, unsigned long sg_list); +efi_status_t xen_efi_query_capsule_caps(efi_capsule_header_t **capsules, + unsigned long count, u64 *max_size, + int *reset_type); #ifdef CONFIG_PREEMPT -- cgit From 9c6098685a1d5df72da61ff7838ebb1524796869 Mon Sep 17 00:00:00 2001 From: Shannon Zhao Date: Thu, 7 Apr 2016 20:03:33 +0800 Subject: FDT: Add a helper to get the subnode by given name Sometimes it needs to check if there is a subnode of given node in FDT by given name. Introduce this helper to get the subnode if it exists. CC: Rob Herring Signed-off-by: Shannon Zhao Acked-by: Stefano Stabellini Acked-by: Rob Herring Tested-by: Julien Grall --- include/linux/of_fdt.h | 2 ++ 1 file changed, 2 insertions(+) (limited to 'include') diff --git a/include/linux/of_fdt.h b/include/linux/of_fdt.h index 901ec01c9fba..26c3302ae58f 100644 --- a/include/linux/of_fdt.h +++ b/include/linux/of_fdt.h @@ -53,6 +53,8 @@ extern char __dtb_end[]; extern int of_scan_flat_dt(int (*it)(unsigned long node, const char *uname, int depth, void *data), void *data); +extern int of_get_flat_dt_subnode_by_name(unsigned long node, + const char *uname); extern const void *of_get_flat_dt_prop(unsigned long node, const char *name, int *size); extern int of_flat_dt_is_compatible(unsigned long node, const char *name); -- cgit From ecb23dc6f2eff0ce64dd60351a81f376f13b12cc Mon Sep 17 00:00:00 2001 From: Juergen Gross Date: Fri, 20 May 2016 09:26:48 +0200 Subject: xen: add steal_clock support on x86 The pv_time_ops structure contains a function pointer for the "steal_clock" functionality used only by KVM and Xen on ARM. Xen on x86 uses its own mechanism to account for the "stolen" time a thread wasn't able to run due to hypervisor scheduling. Add support in Xen arch independent time handling for this feature by moving it out of the arm arch into drivers/xen and remove the x86 Xen hack. Signed-off-by: Juergen Gross Reviewed-by: Boris Ostrovsky Reviewed-by: Stefano Stabellini Signed-off-by: David Vrabel --- include/linux/kernel_stat.h | 1 - include/xen/xen-ops.h | 1 + 2 files changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/linux/kernel_stat.h b/include/linux/kernel_stat.h index 25a822f6f000..44fda64ad434 100644 --- a/include/linux/kernel_stat.h +++ b/include/linux/kernel_stat.h @@ -92,7 +92,6 @@ static inline void account_process_tick(struct task_struct *tsk, int user) extern void account_process_tick(struct task_struct *, int user); #endif -extern void account_steal_ticks(unsigned long ticks); extern void account_idle_ticks(unsigned long ticks); #endif /* _LINUX_KERNEL_STAT_H */ diff --git a/include/xen/xen-ops.h b/include/xen/xen-ops.h index 3491582bf50a..355275bad2cf 100644 --- a/include/xen/xen-ops.h +++ b/include/xen/xen-ops.h @@ -21,6 +21,7 @@ void xen_resume_notifier_unregister(struct notifier_block *nb); bool xen_vcpu_stolen(int vcpu); void xen_setup_runstate_info(int cpu); +void xen_time_setup_guest(void); void xen_get_runstate_snapshot(struct vcpu_runstate_info *res); int xen_setup_shutdown_event(void); -- cgit From 7ba8dba95cb227eb6c270b1aa77f942e45f5e47c Mon Sep 17 00:00:00 2001 From: Juergen Gross Date: Wed, 6 Jul 2016 07:00:28 +0200 Subject: xen: update xen headers Update some Xen headers to be able to use new functionality. Signed-off-by: Juergen Gross Reviewed-by: Boris Ostrovsky Reviewed-by: Stefano Stabellini Signed-off-by: David Vrabel --- include/xen/interface/vcpu.h | 24 +++++++++++++++--------- include/xen/interface/xen.h | 17 ++++++++++++++++- 2 files changed, 31 insertions(+), 10 deletions(-) (limited to 'include') diff --git a/include/xen/interface/vcpu.h b/include/xen/interface/vcpu.h index b05288ce3991..98188c87f5c1 100644 --- a/include/xen/interface/vcpu.h +++ b/include/xen/interface/vcpu.h @@ -75,15 +75,21 @@ */ #define VCPUOP_get_runstate_info 4 struct vcpu_runstate_info { - /* VCPU's current state (RUNSTATE_*). */ - int state; - /* When was current state entered (system time, ns)? */ - uint64_t state_entry_time; - /* - * Time spent in each RUNSTATE_* (ns). The sum of these times is - * guaranteed not to drift from system time. - */ - uint64_t time[4]; + /* VCPU's current state (RUNSTATE_*). */ + int state; + /* When was current state entered (system time, ns)? */ + uint64_t state_entry_time; + /* + * Update indicator set in state_entry_time: + * When activated via VMASST_TYPE_runstate_update_flag, set during + * updates in guest memory mapped copy of vcpu_runstate_info. + */ +#define XEN_RUNSTATE_UPDATE (1ULL << 63) + /* + * Time spent in each RUNSTATE_* (ns). The sum of these times is + * guaranteed not to drift from system time. + */ + uint64_t time[4]; }; DEFINE_GUEST_HANDLE_STRUCT(vcpu_runstate_info); diff --git a/include/xen/interface/xen.h b/include/xen/interface/xen.h index d1331121c0bd..1b0d189cd3d3 100644 --- a/include/xen/interface/xen.h +++ b/include/xen/interface/xen.h @@ -413,7 +413,22 @@ DEFINE_GUEST_HANDLE_STRUCT(mmuext_op); /* x86/PAE guests: support PDPTs above 4GB. */ #define VMASST_TYPE_pae_extended_cr3 3 -#define MAX_VMASST_TYPE 3 +/* + * x86 guests: Sane behaviour for virtual iopl + * - virtual iopl updated from do_iret() hypercalls. + * - virtual iopl reported in bounce frames. + * - guest kernels assumed to be level 0 for the purpose of iopl checks. + */ +#define VMASST_TYPE_architectural_iopl 4 + +/* + * All guests: activate update indicator in vcpu_runstate_info + * Enable setting the XEN_RUNSTATE_UPDATE flag in guest memory mapped + * vcpu_runstate_info during updates of the runstate information. + */ +#define VMASST_TYPE_runstate_update_flag 5 + +#define MAX_VMASST_TYPE 5 #ifndef __ASSEMBLY__ -- cgit From fbc872c38c8fed31948c85683b5326ee5ab9fccc Mon Sep 17 00:00:00 2001 From: David Vrabel Date: Mon, 11 Jul 2016 15:45:51 +0100 Subject: xen/evtchn: add IOCTL_EVTCHN_RESTRICT IOCTL_EVTCHN_RESTRICT limits the file descriptor to being able to bind to interdomain event channels from a specific domain. Event channels that are already bound continue to work for sending and receiving notifications. This is useful as part of deprivileging a user space PV backend or device model (QEMU). e.g., Once the device model as bound to the ioreq server event channels it can restrict the file handle so an exploited DM cannot use it to create or bind to arbitrary event channels. Signed-off-by: David Vrabel Reviewed-by: Boris Ostrovsky --- include/uapi/xen/evtchn.h | 15 +++++++++++++++ 1 file changed, 15 insertions(+) (limited to 'include') diff --git a/include/uapi/xen/evtchn.h b/include/uapi/xen/evtchn.h index 14e833ee4e0b..cb4aa4bb905e 100644 --- a/include/uapi/xen/evtchn.h +++ b/include/uapi/xen/evtchn.h @@ -85,4 +85,19 @@ struct ioctl_evtchn_notify { #define IOCTL_EVTCHN_RESET \ _IOC(_IOC_NONE, 'E', 5, 0) +/* + * Restrict this file descriptor so that it can only be used to bind + * new interdomain events from one domain. + * + * Once a file descriptor has been restricted it cannot be + * de-restricted, and must be closed and re-opened. Event channels + * which were bound before restricting remain bound afterwards, and + * can be notified as usual. + */ +#define IOCTL_EVTCHN_RESTRICT_DOMID \ + _IOC(_IOC_NONE, 'E', 6, sizeof(struct ioctl_evtchn_restrict_domid)) +struct ioctl_evtchn_restrict_domid { + domid_t domid; +}; + #endif /* __LINUX_PUBLIC_EVTCHN_H__ */ -- cgit From 88e957d6e47f1232ad15b21e54a44f1147ea8c1b Mon Sep 17 00:00:00 2001 From: Vitaly Kuznetsov Date: Thu, 30 Jun 2016 17:56:37 +0200 Subject: xen: introduce xen_vcpu_id mapping It may happen that Xen's and Linux's ideas of vCPU id diverge. In particular, when we crash on a secondary vCPU we may want to do kdump and unlike plain kexec where we do migrate_to_reboot_cpu() we try booting on the vCPU which crashed. This doesn't work very well for PVHVM guests as we have a number of hypercalls where we pass vCPU id as a parameter. These hypercalls either fail or do something unexpected. To solve the issue introduce percpu xen_vcpu_id mapping. ARM and PV guests get direct mapping for now. Boot CPU for PVHVM guest gets its id from CPUID. With secondary CPUs it is a bit more trickier. Currently, we initialize IPI vectors before these CPUs boot so we can't use CPUID. Use ACPI ids from MADT instead. Signed-off-by: Vitaly Kuznetsov Signed-off-by: David Vrabel --- include/xen/xen-ops.h | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'include') diff --git a/include/xen/xen-ops.h b/include/xen/xen-ops.h index 355275bad2cf..c9c532d56623 100644 --- a/include/xen/xen-ops.h +++ b/include/xen/xen-ops.h @@ -9,6 +9,12 @@ DECLARE_PER_CPU(struct vcpu_info *, xen_vcpu); +DECLARE_PER_CPU(int, xen_vcpu_id); +static inline int xen_vcpu_nr(int cpu) +{ + return per_cpu(xen_vcpu_id, cpu); +} + void xen_arch_pre_suspend(void); void xen_arch_post_suspend(int suspend_cancelled); -- cgit From d34c30cc1fa80f509500ff192ea6bc7d30671061 Mon Sep 17 00:00:00 2001 From: Juergen Gross Date: Tue, 26 Jul 2016 14:15:11 +0200 Subject: xen: add static initialization of steal_clock op to xen_time_ops pv_time_ops might be overwritten with xen_time_ops after the steal_clock operation has been initialized already. To prevent calling a now uninitialized function pointer add the steal_clock static initialization to xen_time_ops. Signed-off-by: Juergen Gross Signed-off-by: David Vrabel --- include/xen/xen-ops.h | 1 + 1 file changed, 1 insertion(+) (limited to 'include') diff --git a/include/xen/xen-ops.h b/include/xen/xen-ops.h index c9c532d56623..9a37c541822f 100644 --- a/include/xen/xen-ops.h +++ b/include/xen/xen-ops.h @@ -29,6 +29,7 @@ bool xen_vcpu_stolen(int vcpu); void xen_setup_runstate_info(int cpu); void xen_time_setup_guest(void); void xen_get_runstate_snapshot(struct vcpu_runstate_info *res); +u64 xen_steal_clock(int cpu); int xen_setup_shutdown_event(void); -- cgit