aboutsummaryrefslogtreecommitdiff
path: root/drivers/lguest
AgeCommit message (Collapse)Author
2007-11-19virtio: fix module/device unloadingRusty Russell
The virtio code never hooked through the ->remove callback. Although noone supports device removal at the moment, this code is already needed for module unloading. This of course also revealed bugs in virtio_blk, virtio_net and lguest unloading paths. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2007-11-14lguest_user.c: fix memory leakAdrian Bunk
This patch fixes a memory leak spotted by the Coverity checker. Signed-off-by: Adrian Bunk <bunk@kernel.org> Cc: Rusty Russell <rusty@rustcorp.com.au> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-11-12virtio: Force use of power-of-two for descriptor ring sizesRusty Russell
The virtio descriptor rings of size N-1 were nicely set up to be aligned to an N-byte boundary. But as Anthony Liguori points out, the free-running indices used by virtio require that the sizes be a power of 2, otherwise we get problems on wrap (demonstrated with lguest). So we replace the clever "2^n-1" scheme with a simple "align to page boundary" scheme: this means that all virtio rings take at least two pages, but it's safer than guessing cache alignment. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2007-10-25lguest: documentation updateRusty Russell
Went through the documentation doing typo and content fixes. This patch contains only comment and whitespace changes. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2007-10-25lguest: remove unused "wake" element from struct lguestRusty Russell
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2007-10-25lguest: use defines from x86 headers instead of magic numbersRusty Russell
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2007-10-23generalize lgread_u32/lgwrite_u32.Rusty Russell
Jes complains that page table code still uses lgread_u32 even though it now uses general kernel pte types. The best thing to do is to generalize lgread_u32 and lgwrite_u32. This means we lose the efficiency of getuser(). We could potentially regain it if we used __copy_from_user instead of copy_from_user, but I'm not certain that our range check is equivalent to access_ok() on all platforms. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Acked-by: Jes Sorensen <jes@sgi.com>
2007-10-23Lguest support for VirtioRusty Russell
This makes lguest able to use the virtio devices. We change the device descriptor page from a simple array to a variable length "type, config_len, status, config data..." format, and implement virtio_config_ops to read from that config data. We use the virtio ring implementation for an efficient Guest <-> Host virtqueue mechanism, and the new LHCALL_NOTIFY hypercall to kick the host when it changes. We also use LHCALL_NOTIFY on kernel addresses for very very early console output. We could have another hypercall, but this hack works quite well. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2007-10-23Remove old lguest I/O infrrasructure.Rusty Russell
This patch gets rid of the old lguest host I/O infrastructure and replaces it with a single hypercall "LHCALL_NOTIFY" which takes an address. The main change is the removal of io.c: that mainly did inter-guest I/O, which virtio doesn't yet support. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2007-10-23Remove old lguest bus and drivers.Rusty Russell
This gets rid of the lguest bus, drivers and DMA mechanism, to make way for a generic virtio mechanism. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2007-10-23Boot with virtual == physical to get closer to native Linux.Rusty Russell
1) This allows us to get alot closer to booting bzImages. 2) It means we don't have to know page_offset. 3) The Guest needs to modify the boot pagetables to create the PAGE_OFFSET mapping before jumping to C code. 4) guest_pa() walks the page tables rather than using page_offset. 5) We don't use page_offset to figure out whether to emulate: it was always kinda quesationable, and won't work for instructions done before remapping (bzImage unpacking in particular). 6) We still want the kernel address for tlb flushing: have the initial hypercall give us that, too. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2007-10-23Allow guest to specify syscall vector to use.Rusty Russell
(Based on Ron Minnich's LGUEST_PLAN9_SYSCALL patch). This patch allows Guests to specify what system call vector they want, and we try to reserve it. We only allow one non-Linux system call vector, to try to avoid DoS on the Host. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2007-10-23Rename "cr3" to "gpgdir" to avoid x86-specific naming.Rusty Russell
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2007-10-23Pagetables to use normal kernel typesMatias Zabaljauregui
This is my first step in the migration of page_tables.c to the kernel types and functions/macros (2.6.23-rc3). Seems to be working OK. Signed-off-by: Matias Zabaljauregui <matias.zabaljauregui@cern.ch> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2007-10-23Move register setup into i386_core.cJes Sorensen
Move setup_regs() to lguest_arch_setup_regs() in i386_core.c given that this is very architecture specific. Signed-off-by: Jes Sorensen <jes@sgi.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2007-10-23Change example launcher to use unsigned long not u32Jes Sorensen
Apply Clue 2x4 to lguest userland<->kernel handling code and the lguest launcher. Pointers are not to be passed in u32's! Basic rule of thumb: Anything passing u32's back and forth should be passing unsigned longs to be portable to 64 bit archs. For those who forgotten already, I repeat: NO POINTERS IN u32! Signed-off-by: Jes Sorensen <jes@sgi.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2007-10-23Make hypercalls arch-independent.Jes Sorensen
Clean up the hypercall code to make the code in hypercalls.c architecture independent. First process the common hypercalls and then call lguest_arch_do_hcall() if the call hasn't been handled. Rename struct hcall_ring to hcall_args. This patch requires the previous patch which reorganize the layout of struct lguest_regs on i386 so they match the layout of struct hcall_args. Signed-off-by: Jes Sorensen <jes@sgi.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2007-10-23Introduce "hcall" pointer to indicate pending hypercall.Rusty Russell
Currently we look at the "trapnum" to see if the Guest wants a hypercall. But once the hypercall is done we have to reset trapnum to a bogus value, otherwise if we exit to userspace and return, we'd run the same hypercall twice (that was a nasty bug to find!). This has two main effects: 1) When Jes's patch changes the hypercall args to be a generic "struct hcall_args" we simply change the type of "lg->hcall". It's set by arch code, so if it has to copy args or something it can do so, and point "hcall" into lg->arch somewhere. 2) Async hypercalls only get run when an actual hypercall is pending. This simplfies the code a little and is a more logical semantic. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2007-10-23Reorder guest saved regs to match hyperall orderJes Sorensen
Move eax next to ebx/ecx/edx in struct lguest_regs on i386, so they will be located together and allow it to map directly to a struct hcall_ring entry (which will be renamed struct hcall_args as in a subsequent patch). This is in preparation for making the code hcall code architecture independent. Signed-off-by: Jes Sorensen <jes@sgi.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2007-10-23Move i386 part of core.c to x86/core.c.Jes Sorensen
Separate i386 architecture specific from core.c and move it to x86/core.c and add x86/lguest.h header file to match. Signed-off-by: Jes Sorensen <jes@sgi.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2007-10-23Make shadow IDT a complete IDT with 256 entries.Rusty Russell
This simplifies the code a little, in preparation for allowing alternate system call vectors in guests (Plan 9 uses 0x40). Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2007-10-23Remove fixed limit on number of guests, and lguests array.Rusty Russell
Back when we had all the Guest state in the switcher, we had a fixed array of them. This is no longer necessary. If we switch the network code to using random_ether_addr (46 bits is enough to avoid clashes), we can get rid of the concept of "guest id" altogether. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2007-10-23Introduce guest mem offset, static link example launcherRusty Russell
In order to avoid problematic special linking of the Launcher, we give the Host an offset: this means we can use any memory region in the Launcher as Guest memory rather than insisting on mmap() at 0. The result is quite pleasing: a number of casts are replaced with simple additions. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2007-10-23Rename switcher.S to x86/switcher_32.SRusty Russell
lguest uses a "switcher" shim mapped high to bounce between host and guest. As lguest becomes less i386-centric, we separate this code into a subdir. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2007-10-23Move lguest guest support to arch/x86.Rusty Russell
Lguest has two sides: host support (to launch guests) and guest support (replacement boot path and paravirt_ops). This moves the guest side to arch/x86/lguest where it's closer to related code. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Cc: Andi Kleen <ak@suse.de>
2007-10-23Clocksource is continuous regardless of the state of the host's TSC.Tony Breeds
Currently lguest will spend a lot of of time waking up the host, as it cannot go tickless (if the [host] TSC has been marked unstable). On my laptop I was getting ~40% of wakeups from lguest. With this patch applied, my laptop is much happier! Signed-off-by: Tony Breeds <tony@bakeyournoodle.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2007-10-23lguest_devices belongs in lguest_bus.c: it's not i386-specific.Rusty Russell
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2007-10-23Lguest currently depends on 32-bit x86, not just x86.Rusty Russell
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2007-10-23Use copy_to_user() not put_user for struct timespecJes Sorensen
Use copy_to_user() when copying a struct timespec to the guest - put_user() cannot handle two long's in one go on a 64bit arch. Signed-off-by: Jes Sorensen <jes@sgi.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Cc: Jes Sorensen <jes@sgi.com> Cc: Al Viro <viro@ftp.linux.org.uk>
2007-10-23Remove binfmts.h include from lg.hRusty Russell
It wasn't needed since a very early prototype of lguest. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2007-10-23Normalize config options for guest supportRusty Russell
1) Group all the "guest OS" support options together, under a PARAVIRT_GUEST menu. 2) Make those options select CONFIG_PARAVIRT, as suggested by Andi. 3) Make kconfig help titles consistent. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Cc: Andi Kleen <ak@suse.de> Cc: Zach Amsden <zach@vmware.com> Cc: Jeremy Fitzhardinge <jeremy@goop.org> Cc: Chris Wright <chrisw@sous-sol.org>
2007-10-17Merge branch 'xen-upstream' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/jeremy/xen * 'xen-upstream' of git://git.kernel.org/pub/scm/linux/kernel/git/jeremy/xen: xfs: eagerly remove vmap mappings to avoid upsetting Xen xen: add some debug output for failed multicalls xen: fix incorrect vcpu_register_vcpu_info hypercall argument xen: ask the hypervisor how much space it needs reserved xen: lock pte pages while pinning/unpinning xen: deal with stale cr3 values when unpinning pagetables xen: add batch completion callbacks xen: yield to IPI target if necessary Clean up duplicate includes in arch/i386/xen/ remove dead code in pgtable_cache_init paravirt: clean up lazy mode handling paravirt: refactor struct paravirt_ops into smaller pv_*_ops
2007-10-16[x86] remove uses of magic macros for boot_params accessH. Peter Anvin
Instead of using magic macros for boot_params access, simply use the boot_params structure. Signed-off-by: H. Peter Anvin <hpa@zytor.com>
2007-10-16paravirt: clean up lazy mode handlingJeremy Fitzhardinge
Currently, the set_lazy_mode pv_op is overloaded with 5 functions: 1. enter lazy cpu mode 2. leave lazy cpu mode 3. enter lazy mmu mode 4. leave lazy mmu mode 5. flush pending batched operations This complicates each paravirt backend, since it needs to deal with all the possible state transitions, handling flushing, etc. In particular, flushing is quite distinct from the other 4 functions, and seems to just cause complication. This patch removes the set_lazy_mode operation, and adds "enter" and "leave" lazy mode operations on mmu_ops and cpu_ops. All the logic associated with enter and leaving lazy states is now in common code (basically BUG_ONs to make sure that no mode is current when entering a lazy mode, and make sure that the mode is current when leaving). Also, flush is handled in a common way, by simply leaving and re-entering the lazy mode. The result is that the Xen, lguest and VMI lazy mode implementations are much simpler. Signed-off-by: Jeremy Fitzhardinge <jeremy@xensource.com> Cc: Andi Kleen <ak@suse.de> Cc: Zach Amsden <zach@vmware.com> Cc: Rusty Russell <rusty@rustcorp.com.au> Cc: Avi Kivity <avi@qumranet.com> Cc: Anthony Liguory <aliguori@us.ibm.com> Cc: "Glauber de Oliveira Costa" <glommer@gmail.com> Cc: Jun Nakajima <jun.nakajima@intel.com>
2007-10-16paravirt: refactor struct paravirt_ops into smaller pv_*_opsJeremy Fitzhardinge
This patch refactors the paravirt_ops structure into groups of functionally related ops: pv_info - random info, rather than function entrypoints pv_init_ops - functions used at boot time (some for module_init too) pv_misc_ops - lazy mode, which didn't fit well anywhere else pv_time_ops - time-related functions pv_cpu_ops - various privileged instruction ops pv_irq_ops - operations for managing interrupt state pv_apic_ops - APIC operations pv_mmu_ops - operations for managing pagetables There are several motivations for this: 1. Some of these ops will be general to all x86, and some will be i386/x86-64 specific. This makes it easier to share common stuff while allowing separate implementations where needed. 2. At the moment we must export all of paravirt_ops, but modules only need selected parts of it. This allows us to export on a case by case basis (and also choose which export license we want to apply). 3. Functional groupings make things a bit more readable. Struct paravirt_ops is now only used as a template to generate patch-site identifiers, and to extract function pointers for inserting into jmp/calls when patching. It is only instantiated when needed. Signed-off-by: Jeremy Fitzhardinge <jeremy@xensource.com> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Cc: Andi Kleen <ak@suse.de> Cc: Zach Amsden <zach@vmware.com> Cc: Avi Kivity <avi@qumranet.com> Cc: Anthony Liguory <aliguori@us.ibm.com> Cc: "Glauber de Oliveira Costa" <glommer@gmail.com> Cc: Jun Nakajima <jun.nakajima@intel.com>
2007-09-25fix modules oopsing in lguest guestsRusty Russell
The assembly templates for lguest guest patching are in the .init.text section. This means that modules get patched with "cc cc cc cc" or similar junk. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-09-12lguest: Fix guest crash when CONFIG_X86_USE_3DNOW=yRusty Russell
One of the very first things lguest_init() does is a memcpy. On Athlon/Duron/K7 or CyrixIII/VIA-C3 or Geode GX/LX, this tries to use MMX. memcpy -> _mmx_memcpy -> kernel_fpu_begin -> clts -> paravirt_ops.clts But we haven't set paravirt_ops.clts yet, so we do the native version and crash. The simplest solution is to use __memcpy. Thanks to Michael Rasenberger for the bug report. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-08-30Fix lguest page-pinning logic ("lguest: bad stack page 0xc057a000")Rusty Russell
If the stack pointer is 0xc057a000, then the first stack page is at 0xc0579000 (the stack pointer is decremented before use). Not calculating this correctly caused guests with CONFIG_DEBUG_PAGEALLOC=y to be killed with a "bad stack page" message: the initial kernel stack was just proceeding the .smp_locks section which CONFIG_DEBUG_PAGEALLOC marks read-only when freeing. Thanks to Frederik Deweerdt for the bug report! Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-08-23lguest should depend on CONFIG_FUTEXAlexey Dobriyan
It uses get_futex_key(). Signed-off-by: Alexey Dobriyan <adobriyan@sw.ru> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-08-11i386: Make patching more robust, fix paravirt issueAndi Kleen
Commit 19d36ccdc34f5ed444f8a6af0cbfdb6790eb1177 "x86: Fix alternatives and kprobes to remap write-protected kernel text" uses code which is being patched for patching. In particular, paravirt_ops does patching in two stages: first it calls paravirt_ops.patch, then it fills any remaining instructions with nop_out(). nop_out calls text_poke() which calls lookup_address() which calls pgd_val() (aka paravirt_ops.pgd_val): that call site is one of the places we patch. If we always do patching as one single call to text_poke(), we only need make sure we're not patching the memcpy in text_poke itself. This means the prototype to paravirt_ops.patch needs to change, to marshal the new code into a buffer rather than patching in place as it does now. It also means all patching goes through text_poke(), which is known to be safe (apply_alternatives is also changed to make a single patch). AK: fix compilation on x86-64 (bad rusty!) AK: fix boot on x86-64 (sigh) AK: merged with other patches Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Signed-off-by: Andi Kleen <ak@suse.de> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-08-11lguest files should explicitly include asm/paravirt.hJes Sorensen
Files using bits from paravirt.h should explicitly include it rather than relying on it being pulled in by something else. Signed-off-by: Jes Sorensen <jes@sgi.com> Cc: Rusty Russell <rusty@rustcorp.com.au> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-08-09lguest: Fix Malicious Guest GDT Host CrashRusty Russell
If a Guest makes hypercall which sets a GDT entry to not present, we currently set any segment registers using that GDT entry to 0. Unfortunately, this is not sufficient: there are other ways of altering GDT entries which will cause a fault. The correct solution to do what Linux does: let them set any GDT value they want and handle the #GP when popping causes a fault. This has the added benefit of making our Switcher slightly more robust in the case of any other bugs which cause it to fault. We kill the Guest if it causes a fault in the Switcher: it's the Guest's responsibility to make sure it's not using segments when it changes them. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-08-09Fix non-TSC guest clocksource lockupRusty Russell
lguest uses a host-supplied wallclock-based clocksource when the TSC is not reliable. As this is already in nanoseconds, I naively used a multiplier of 1 and a shift of 0. But update_wall_time() in its infinite wisdom decides to adjust the clock a little (where does it think it's getting a more accurate time from?) It will happily tweak the multiplier... to 0, then -1. So the "fix" is to use a shift of 22 like everyone else, and a multiplier of 1 << 22. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-08-06Enable lguest drivers in KconfigRusty Russell
Lguest drivers need to default to "Y" otherwise they're never selected for new builds. (We don't bother prompting, because they're less than 4k combined, and implied by selecting lguest support). Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-07-29Make lguest compile with CONFIG_BLOCK=n and CONFIG_NET=nRusty Russell
Gabriel C reports lguest doesn't compile with CONFIG_BLOCK=n. Fix this by introducing a config var for the block device, which depends on LGUEST && BLOCK. Do the same for the net driver, rather then depending gratuitously on CONFIG_NET. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Cc: Gabriel C <nix.or.die@googlemail.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-07-28Provide timespec to guests rather than jiffies clock.Rusty Russell
A non-periodic clock_event_device and the "jiffies" clock don't mix well: tick_handle_periodic() can go into an infinite loop. Currently lguest guests use the jiffies clock when the TSC is unusable. Instead, make the Host write the current time into the lguest page on every interrupt. This doesn't cost much but is more precise and at least as accurate as the jiffies clock. It also gets rid of the GET_WALLCLOCK hypercall. Also, delay setting sched_clock until our clock is set up, otherwise the early printk timestamps can go backwards (not harmful, just ugly). Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-07-28Fix lguest bzImage loading with CONFIG_RELOCATABLE=yRusty Russell
Jason Yeh sent his crashing .config: bzImages made with CONFIG_RELOCATABLE=y put the relocs where the BSS is expected, and we crash with unusual results such as: lguest: unhandled trap 14 at 0xc0122ae1 (0xa9) Relying on BSS being zero was merely laziness on my part, and unfortunately, lguest doesn't go through the normal startup path (which does this in asm). Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-07-26lguest: documentation VII: FIXMEsRusty Russell
Documentation: The FIXMEs Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-07-26lguest: documentation VI: SwitcherRusty Russell
Documentation: The Switcher Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-07-26lguest: documentation V: HostRusty Russell
Documentation: The Host Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>