| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
| |
Commits d0782481 ("xl: export 'outstanding_pages' value from xcinfo")
and bec8f17e ("xen: Remove the XENMEM_get_oustanding_pages and provide
the data via xc_phys_info") added these two fields in libxl_physinfo
and in libxl_dominfo, respectively, but did not include the needed
LIBXL_HAVE_<foo> runes. Adding them.
Signed-off-by: Dario Faggioli <dario.faggioli@citrix.com>
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Acked-by: George Dunlap <george.dunlap@eu.citrix.com>
|
|
|
|
|
|
|
|
|
| |
This fixes framebuffer support for device model stubdoms after 3f28d007
which added the target_hack permission but did not allow the permission
to the stubdom it was created for.
Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
|
|
|
|
| |
Signed-off-by: Christoph Egger <chegger@amazon.de>
|
|
|
|
|
|
|
|
|
| |
Dan, the author, states:
> this code is five years old, is distro dependent, and is now
> completely unsupported.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The qxl drivers for Windows and Linux end up calling instructions
that cannot be used for MMIO at the moment. Just for the 4.3 release,
remove qxl support.
This patch should be reverted as soon as the 4.4 development window opens.
The issue in question:
(XEN) emulate.c:88:d18 bad mmio size 16
(XEN) io.c:201:d18 MMIO emulation failed @ 0033:7fd2de390430: f3 0f 6f
19 41 83 e8 403
The instruction in question is "movdqu (%rcx),%xmm3". Xen knows how
to emulate it, but unfortunately %xmm3 is 16 bytes long, and the interface
between Xen and qemu at the moment would appear to only allow MMIO accesses
of 8 bytes.
It's too late in the release cycle to find a fix or a workaround.
Signed-off-by: George Dunlap <george.dunlap@eu.citrix.com>
Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
|
|
|
|
|
|
|
|
| |
On the qemu-xen command line, the number of vcpus initially online and
the number of maximum available vcpus are inverted.
Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
|
|
|
|
|
|
|
|
|
|
| |
We've changed the config option from "vifscript" to "vif.default.script". This
was changed in the manpage but not in the example xl.conf.
Also move the option down to be with the other vif options.
Signed-off-by: George Dunlap <george.dunlap@eu.citrix.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
|
|
|
|
|
|
|
|
|
| |
Split coverage informations extracted from xencov utility.
This script accept coverage blob either as file or from input and extract
into files compatible with gcc format (gcda).
Signed-off-by: Frediano Ziglio <frediano.ziglio@citrix.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Linux uses sse4_1 and sse4_2, but at the moment libxl uses '.' instead
of '_'. This makes it confusing for people looking in Linux's /proc/cpuinfo
to disable features.
Add the Linux feature names, keeping the old ones for compatability.
Signed-off-by: George Dunlap <george.dunlap@eu.citrix.com>
Acked-by: Ian Campbell <ian.camppbell@citrix.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Two changes:
* Stat the file before calling libxl_cdrom_insert()
* Return an error if anything fails (including libxl_cdrom_insert)
This is in part to work around the fact that the RAW disk type
is used for things that aren't actually files; so we can't call
stat in libxl_device.c:libxl__device_disk_set_backend() because
it may be going over a remote protocol.
Signed-off-by: George Dunlap <george.dunlap@eu.citrix.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The code had an obvious bug where it would assume that the balloon
amount would always be _something_ and add an E820_RAM entry at the
end of the E820 array. The added E820_RAM would contain the balloon amount
plus the delta of memory that had to be subtracted b/c of the various
E820 entries. That assumption is certainly true when maxmem != mem,
but if guest config has maxmem = memory that is incorrect (as balloon
value is zero). The end result is that the E820 that is constructed
is missing a swath of "delta" memory and in most cases ends up with
only one E820_RAM entry that is of 512MB size on many Intel systems.
Reported-by: Christian Holpert <christian@holpert.de>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When support for pinning more than 64 cpus was added, check for cpu
out-of-range values was removed. This can lead to subsequent
out-of-bounds cpumap array accesses in case the cpu number is higher
than the actual count.
This patch returns the check.
This is CVE-2013-2072 / XSA-56
Signed-off-by: Petr Matousek <pmatouse@redhat.com>
|
|
|
|
|
|
|
|
|
| |
The xl save file uses a different header string to the xm one. Teach the
xendomains script about it.
Signed-off-by: Ian MURRAY <murrayie@yahoo.co.uk>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
[ ijc -- rewrote commit message ]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The hypervisor side changes for XSA-46 require the tool stack to now
always map the guest pIRQ before granting access permission to the
underlying host IRQ (GSI). This in particular requires that pciif.py
no longer can skip this step (assuming qemu would do it) for HVM
guests.
This in turn exposes, however, an inconsistency between xend and qemu:
The former wants to always establish 1:1 mappings between pIRQ and host
IRQ (for non-MSI only of course), while the latter always wants to
allocate an arbitrary mapping. Since the whole tool stack obviously
should always agree on the mapping model, make libxc enforce the 1:1
mapping as the more natural one (as well as being the one that allows
for easier debugging, since there no need to find out the extra
mapping). Users of libxc that want to establish a particular (rather
than an allocated) mapping are still free to do so, as well as tool
stacks not based on libxc wanting to implement an allocation based
model (which is why it's not the hypervisor that's being changed to
enforce either model).
Since libxl, like xend, already uses a 1:1 model, it's unaffected by
the libxc change (and it being unaffected by the original hypervisor
side changes is - afaict - simply due to qemu getting spawned at a
later point in time compared to the xend event flow).
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Tested-by: Andreas Falck <falck.andreas.lists@gmail.com> (on 4.1)
Tested-by: Gordan Bobic <gordan@bobich.net> (on 4.2)
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There is a small set of places where files in subdirectories get
compiled from the parent directory. Dependency file wise this is no
problem as long as the files use names distinct without regard to the
directories they sit in, and tools/console/ violates this (in having
two main.c files). Hence we need to avoid losing the directory name,
both to ensure the two compiler instances don't simultaneously write
to the same file (happening of which is what triggered me looking
into this) and to guarantee dependencies for all files will be seen
by make on an incremental rebuild.
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
With hvmloader telling the guest that it may skip REG_C reads during
the processing of RTC interrupts, the emulation code must not depend
upon these reads to occur. Introduce two modes of operation for the
emulation code, and short of a HVM parameter (too late to be
introduced for 4.3) hard code the mode determination to always assume
that Windows-conforming one for the time being.
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Tested-by: Roger Pau Monné <roger.pau@citrix.com> (FreeBSD guest)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The libxl_cpu_bitmap_alloc(..) function, if provided with a zero
value for max CPUs will call xc_get_max_cpus() which will retrieve
the number of physical CPUs the host has. This is usually
OK if the guest's maxvcpus <= host pcpus. But if the value
is different, then the bitmap for VCPUs is limited by the
number of CPUs the host has.
This is incorrect as what we want is to hotplug in the guest
the amount of CPUs that the user specified on the command line
and not be limited by the amount of physical CPUs.
This means that a guest config like this:
vcpus=8
maxvcpus=32
and on a 4 PCPU machine doing
xl vcpu-set <guest name> 16
won't work. This is b/c the the size of the bitmap is one byte
so it can only hold up to 8 VCPUs. Hence anything above that
is going to be ignored.
Note that this patch also fixes the bitmap setting - as it
would set all of the bits allowed. Meaning if the user had a 4PCPU
host we would still allow the user to set 8VCPUs. This second
iteration of the patch fixes this.
Note that all of the libxl_cpu_bitmap_[test|set] silently ignore
any test or sets above its size:
if (bit >= bitmap->size * 8)
return 0;
so we were never notified off this bug.
This patch warns the user if they are trying to do this. If the
user really wants to do this they have to provide the --ignore-host
parameter to bypass this check.
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
|
|
|
|
|
|
|
|
|
|
| |
During the review of "libxl: Change claim_mode from bool to int."
Ian Campbell suggested that the xl info should print the
claim information irregardless of the global claim_mode value.
Suggested-by: Ian Campbell <Ian.Campbell@citrix.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Acked-by: Ian Campbell <Ian.Campbell@citrix.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
During the review it was noticed that it would be better if internally
the claim_mode was held as an 'int' instead of a 'bool'. The reason
is that during the startup of xl, one has call the libxl_defbool_setdefault.
otherwise any usage of claim_mode would result in assert break.
The assert is due to the fact that using defbool without any set
values (either true of false) will cause it hit an assertion.
If we use an 'int' we don't have to worry about it and by default
the value of zero will suffice for checks whether the claim is
enabled or disabled.
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Acked-by: Ian Campbell <Ian.Campbell@citrix.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
data via xc_phys_info
During the review of the patches it was noticed that there exists
a race wherein the 'free_memory' value consists of information from
two hypercalls. That is the XEN_SYSCTL_physinfo and XENMEM_get_outstanding_pages.
The free memory the host has available for guest is the difference between
the 'free_pages' (from XEN_SYSCTL_physinfo) and 'outstanding_pages'. As they
are two hypercalls many things can happen in between the execution of them.
This patch resolves this by eliminating the XENMEM_get_outstanding_pages
hypercall and providing the free_pages and outstanding_pages information
via the xc_phys_info structure.
It also removes the XSM hooks and adds locking as needed.
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Reviewed-by: Tim Deegan <tim@xen.org>
Acked-by: Keir Fraser <keir.xen@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If there is a single colon for a given target and the target
is redefined in another place (e.g. in included file) then
make executes only new target and displays following warning:
Makefile:35: warning: overriding commands for target `clean'
tools/libfsimage/common/../../../tools/libfsimage/Rules.mk:25:
warning: ignoring old commands for target `clean'
To cope with that issue define all required targets as double-colon
rules. Additionally, remove some redundant stuff.
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
|
|
|
|
|
|
|
| |
xl cd-insert takes a plain file.
Signed-off-by: George Dunlap <george.dunlap@eu.citrix.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
|
|
|
|
|
|
|
| |
There is no support for IA-64 architecture in Xen.
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
|
|
|
|
|
| |
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
|
|
|
|
|
| |
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
|
|
|
|
|
|
|
| |
Remove dependencies files during make clean.
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
|
|
|
|
|
|
|
|
|
| |
This will be handled by the driver domain itself, since the toolstack
does not have access to the physical device because it is in a
different domain.
Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>
Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
|
|
|
|
|
|
|
|
| |
Prevent hotplug script execution from libxl if device is on a
different domain.
Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>
Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Don't try to check physical devices if they belong to a domain
different than the one where the toolstack is running. This prevents
the following error when trying to use storage driver domains:
libxl: debug: libxl_create.c:1246:do_domain_create: ao 0x1819240: create: how=(nil) callback=(nil) poller=0x1818fa0
libxl: debug: libxl_device.c:235:libxl__device_disk_set_backend: Disk vdev=xvda spec.backend=phy
libxl: debug: libxl_device.c:175:disk_try_backend: Disk vdev=xvda, backend phy unsuitable as phys path not a block device
libxl: error: libxl_device.c:278:libxl__device_disk_set_backend: no suitable backend for disk xvda
Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>
Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
|
|
|
|
|
|
|
|
|
|
| |
This hotplug script has been tested with IET and NetBSD iSCSI targets,
without authentication.
This hotplug script will only work with PV guests not using pygrub.
Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>
Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Adds XSM hooks for the recently introduced XENMEM_claim_pages and
XENMEM_get_outstanding_pages operations, and adds FLASK access vectors
for them. This makes the access control decisions for these operations
match those in the rest of the hypervisor.
Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Acked-by: George Dunlap <george.dunlap@eu.citrix.com> (for 4.3 release)
Acked-by: Keir Fraser <keir@xen.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
libxc (libxenctrl, libxenguest):
New claim_enabled field in struct xc_dom_image;
New nr_outstanding_pages field in struct xc_dominfo;
New fields in struct xc_hvm_build_args (xenguest.h).
libxl:
new fields in dominfo domain_build_info device_vfb device_vkb
device_disk etc. etc. etc.
libxlu #includes libxl headers so needs to inherit its new soname
Use Xen version for new sonames since we don't in fact guarantee
ABI (as opposed to API) stability across releases.
xenstore (libxenstore):
New flag XS_UNWATCH_FILTER, so bump minor version only.
This was the result of reviewing the output from:
git-checkout staging
cd tools
git-diff RELEASE-4.2.2 `find -name \*.h`
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
blktap does not support the insert / eject commands, and so is not
suitable for cd-roms.
This fixes the bug where libxl uses tapdisk as a cdrom back-end, causing
subsequent eject / insert commands to fail.
Signed-off-by: George Dunlap <george.dunlap@eu.citrix.com>
CC: Fabio Fantoni <fabio.fantoni@heliman.it>
CC: Stefano Stabellini <stefano.stabellini@citrix.com>
CC: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The event is supposed to become owned, and therefore freed, by the application
and the const prevents this.
Unfortunately there is no way to remove the const without breaking existing
callers. The best we can do is use the LIBXL_API_VERSION provisions to remove
the const for callers who wish only to support the 4.3 API and newer.
Callers who wish to support 4.2 will need to live with casting away the const.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Reviewed-by: Jim Fehlig <jfehlig@suse.com>
Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since libxl checks for the existance of /var/run/xenstored.pid in order
to ensure xenstore is running, create this file when starting the
xenstore stub domain. This also changes the Makefile to enable the
creation of the init-xenstore-domain tool during tools compilation,
since the existing Makefile incorrectly added to the ALL_TARGETS list
when compiling the stubdom, when this variable is not used.
Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Resolution of a backend name to a domid needs to happen a little earlier
in some cases.
For example, if a domU is specified as a backend for a
disk and, as previously written, libxl__device_disk_setdefault() calls
libxl__resolve_domid() last, then disk->backend_domid still equals
LIBXL_TOOLSTACK_DOMID when libxl__device_disk_set_backend() is called.
This results in libxl__device_disk_set_backend() making an incorrect
attempt to validate the target by calling stat() on a file on dom0,
resulting in ERROR_INVAL (see libxl_device.c lines 239-248), which
prevents creation of the frontend domain.
Likewise, libxl__device_nic_setdefault() previously made use of
nic->backend_domid before it was set.
Signed-off-by: Eric Shelton <eshelton@pobox.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Reviewed-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
|
|
|
|
|
| |
Signed-off-by: Marek Marczykowski <marmarek@invisiblethingslab.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The commit a8a1f236a296 "libxl: Only call stat() when adding a disk if we
expect a device to exist." changed things to only stat the file when the phy
backend was explicitly requested. This broke the case where we are probing and
would normally be able to decide on the phy option.
Since the intention of that commit was to allow for backends with no explicit
file in dom0 (i.e. network remote backend such as ceph) the lowest impact fix
appears to be to make that explicit. It turns out that tap disk can also
potentially handle such paths.
The only backend which requires a local file/device is PHY but we need to
handle UNKNOWN too in order for subsequent probing to work. Note that it is
not possible to autoprobe the backend if the path is not a local object, so we
don't need to worry about autoprobing ceph etc.
This should probably be revisited to rationalize the probing.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Roger Pau Monné <roger.pau@citrix.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a patch to forward-port a Xend behaviour. Xend writes IO ABI used for
all frontends. Blkfront before 2.6.26 relies on this behaviour otherwise guest
cannot boot when running in 32-on-64 mode. Blkfront after 2.6.26 writes that
node itself, in which case it's just an overwrite to an existing node which
should be OK.
In fact Xend writes the ABI for all frontends including console and vif. But
nowadays only old disk frontends rely on that behaviour so that we only write
the ABI for disk frontends in libxl, minimizing the impact.
Signed-off-by: Wei Liu <wei.liu2@citrix.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
|
|
|
|
|
|
|
| |
A bit basic and fuggly but a start.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
|
|
|
|
|
| |
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
|
|
|
|
|
|
| |
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
|
|
|
|
|
|
|
|
| |
Install qemu into the location specified via configure --prefix.
You will notice when you use something else than /usr/local.
Signed-off-by: Christoph Egger <chegger@amazon.de>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
|
|
|
|
|
|
|
|
|
| |
Do not override pygrub with a symbolic link in this case.
Signed-off-by: Christoph Egger <chegger@amazon.de>
Reviewed-by: Matt Wilson <msw@amazon.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
[ ijc -- reworded summary to fit on one line ]
|
|
|
|
|
|
|
|
|
| |
tools/xenbackendd: properly cleanup
Do not leave builds on gmake clean.
Signed-off-by: Christoph Egger <chegger@amazon.de>
Reviewed-by: Matt Wilson <msw@amazon.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We consider calling stat() a helpful error check in the following
circumstances only:
1. the disk backend type must be PHYsical
2. the disk backend domain must be the same as the running libxl
code (ie LIBXL_TOOLSTACK_DOMID)
3. there must not be a hotplug script because this would imply that
the device won't be created until after the hotplug script has
run.
With this fix, it is possible to use qemu's built-in block drivers
such as ceph/rbd, with a xl config disk spec like this:
disk=[ 'backendtype=qdisk,format=raw,vdev=hda,access=rw,target=rbd:rbd/ubuntu1204.img' ]
Signed-off-by: David Scott <dave.scott@eu.citrix.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Roger Pau Monné <roger.pau@citrix.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Based on Waldi's RFC at
http://lists.xen.org/archives/html/xen-devel/2012-09/msg00943.html
To use it set vif.default.script="vif-openvswitch" in /etc/xen/xl.conf or use
script=vif-openvswitch in the vif configuration.
Appears to do the right thing for PV and HVM guests (including tap devices)
and with stubdomains.
In order to support VLAN tagging and trunking the "bridge" specified in the
configuration can have a special syntax, that is:
BRIDGE_NAME[.VLAN][:TRUNK:TRUNK]
e.g.
- xenbr0.99
add the VIF to VLAN99 on xenbr0
- xenbr0:99:100:101
add the VIF to xenbr0 as a trunk port receiving VLANs 99, 100 & 101
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Signed-off-by: Bastian Blank <waldi@debian.org>
Acked-by: Roger Pau Monné <roger.pau@citrix.com>
Cc: dev@openvswitch.org
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds an XSM hook for enabling nested HVM support, replacing an
IS_PRIV check. This hook is a partial duplicate with the xsm_hvm_param
hook, but using the existing hook would require adding the index to the
hook and would require the use of a custom hook for the xsm-disabled
case (using XSM_OTHER, which is less immediately readable) - whereas
adding a new hook retains the clarity of the existing code.
Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Acked-by: George Dunlap <george.dunlap@eu.citrix.com> (release perspective)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add decompressors based on hypervisor code. This are used in mini-os by
pv-grub.
This enables pv-grub to boot kernels compressed with e.g. xz, which are
becoming more common.
Signed-off-by: Bastian Blank <waldi@debian.org>
Adjusted to use terminology "unsafe" rather than "trusted" to indicate
that the user had better sanitise the data (or not care, as in stub
domains) as suggested by Tim Deegan. This was effectively a sed script.
Minimise the changes to hypervisor code by moving the "compat layer" into the
relevant libxc source files (which include the Xen ones).
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- properly revoke IRQ access in map_domain_pirq() error path
- don't permit replacing an in use IRQ
- don't accept inputs in the GSI range for MAP_PIRQ_TYPE_MSI
- track IRQ access permission in host IRQ terms, not guest IRQ ones
(and with that, also disallow Dom0 access to IRQ0)
This is CVE-2013-1919 / XSA-46.
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
|