tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge tag 'stable/for-linus-3.5-rc2-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen

Pull five Xen bug-fixes from Konrad Rzeszutek Wilk:

- When booting as PVHVM we would try to use PV console - but would not validate
the parameters causing us to crash during restore b/c we re-use the wrong event
channel.
- When booting on machines with SR-IOV PCI bridge we didn't check for the bridge
and tried to use it.
- Under AMD machines would advertise the APERFMPERF resulting in needless amount
of MSRs from the guest.
- A global value (xen_released_pages) was not subtracted at bootup when pages
were added back in. This resulted in the balloon worker having the wrong
account of how many pages were truly released.
- Fix dead-lock when xen-blkfront is run in the same domain as xen-blkback.

* tag 'stable/for-linus-3.5-rc2-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/konrad/xen:
xen: mark local pages as FOREIGN in the m2p_override
xen/setup: filter APERFMPERF cpuid feature out
xen/balloon: Subtract from xen_released_pages the count that is populated.
xen/pci: Check for PCI bridge before using it.
xen/events: Add WARN_ON when quick lookup found invalid type.
xen/hvc: Check HVM_PARAM_CONSOLE_[EVTCHN|PFN] for correctness.
xen/hvc: Fix error cases around HVM_PARAM_CONSOLE_PFN
xen/hvc: Collapse error logic.

Linus Torvalds 069915b9 41c8c535

+73 -16
+8
arch/x86/xen/enlighten.c
··· 209 209 xen_feature(XENFEAT_mmu_pt_update_preserve_ad) ? " (preserve-AD)" : ""); 210 210 } 211 211 212 + #define CPUID_THERM_POWER_LEAF 6 213 + #define APERFMPERF_PRESENT 0 214 + 212 215 static __read_mostly unsigned int cpuid_leaf1_edx_mask = ~0; 213 216 static __read_mostly unsigned int cpuid_leaf1_ecx_mask = ~0; 214 217 ··· 244 241 *cx = cpuid_leaf5_ecx_val; 245 242 *dx = cpuid_leaf5_edx_val; 246 243 return; 244 + 245 + case CPUID_THERM_POWER_LEAF: 246 + /* Disabling APERFMPERF for kernel usage */ 247 + maskecx = ~(1 << APERFMPERF_PRESENT); 248 + break; 247 249 248 250 case 0xb: 249 251 /* Suppress extended topology stuff */
+36
arch/x86/xen/p2m.c
··· 706 706 unsigned long uninitialized_var(address); 707 707 unsigned level; 708 708 pte_t *ptep = NULL; 709 + int ret = 0; 709 710 710 711 pfn = page_to_pfn(page); 711 712 if (!PageHighMem(page)) { ··· 742 741 list_add(&page->lru, &m2p_overrides[mfn_hash(mfn)]); 743 742 spin_unlock_irqrestore(&m2p_override_lock, flags); 744 743 744 + /* p2m(m2p(mfn)) == mfn: the mfn is already present somewhere in 745 + * this domain. Set the FOREIGN_FRAME_BIT in the p2m for the other 746 + * pfn so that the following mfn_to_pfn(mfn) calls will return the 747 + * pfn from the m2p_override (the backend pfn) instead. 748 + * We need to do this because the pages shared by the frontend 749 + * (xen-blkfront) can be already locked (lock_page, called by 750 + * do_read_cache_page); when the userspace backend tries to use them 751 + * with direct_IO, mfn_to_pfn returns the pfn of the frontend, so 752 + * do_blockdev_direct_IO is going to try to lock the same pages 753 + * again resulting in a deadlock. 754 + * As a side effect get_user_pages_fast might not be safe on the 755 + * frontend pages while they are being shared with the backend, 756 + * because mfn_to_pfn (that ends up being called by GUPF) will 757 + * return the backend pfn rather than the frontend pfn. */ 758 + ret = __get_user(pfn, &machine_to_phys_mapping[mfn]); 759 + if (ret == 0 && get_phys_to_machine(pfn) == mfn) 760 + set_phys_to_machine(pfn, FOREIGN_FRAME(mfn)); 761 + 745 762 return 0; 746 763 } 747 764 EXPORT_SYMBOL_GPL(m2p_add_override); ··· 771 752 unsigned long uninitialized_var(address); 772 753 unsigned level; 773 754 pte_t *ptep = NULL; 755 + int ret = 0; 774 756 775 757 pfn = page_to_pfn(page); 776 758 mfn = get_phys_to_machine(pfn); ··· 840 820 } 841 821 } else 842 822 set_phys_to_machine(pfn, page->index); 823 + 824 + /* p2m(m2p(mfn)) == FOREIGN_FRAME(mfn): the mfn is already present 825 + * somewhere in this domain, even before being added to the 826 + * m2p_override (see comment above in m2p_add_override). 827 + * If there are no other entries in the m2p_override corresponding 828 + * to this mfn, then remove the FOREIGN_FRAME_BIT from the p2m for 829 + * the original pfn (the one shared by the frontend): the backend 830 + * cannot do any IO on this page anymore because it has been 831 + * unshared. Removing the FOREIGN_FRAME_BIT from the p2m entry of 832 + * the original pfn causes mfn_to_pfn(mfn) to return the frontend 833 + * pfn again. */ 834 + mfn &= ~FOREIGN_FRAME_BIT; 835 + ret = __get_user(pfn, &machine_to_phys_mapping[mfn]); 836 + if (ret == 0 && get_phys_to_machine(pfn) == FOREIGN_FRAME(mfn) && 837 + m2p_find_override(mfn) == NULL) 838 + set_phys_to_machine(pfn, mfn); 843 839 844 840 return 0; 845 841 }
+2 -1
arch/x86/xen/setup.c
··· 371 371 populated = xen_populate_chunk(map, memmap.nr_entries, 372 372 max_pfn, &last_pfn, xen_released_pages); 373 373 374 - extra_pages += (xen_released_pages - populated); 374 + xen_released_pages -= populated; 375 + extra_pages += xen_released_pages; 375 376 376 377 if (last_pfn > max_pfn) { 377 378 max_pfn = min(MAX_DOMAIN_PAGES, last_pfn);
+17 -14
drivers/tty/hvc/hvc_xen.c
··· 214 214 /* already configured */ 215 215 if (info->intf != NULL) 216 216 return 0; 217 - 217 + /* 218 + * If the toolstack (or the hypervisor) hasn't set these values, the 219 + * default value is 0. Even though mfn = 0 and evtchn = 0 are 220 + * theoretically correct values, in practice they never are and they 221 + * mean that a legacy toolstack hasn't initialized the pv console correctly. 222 + */ 218 223 r = hvm_get_parameter(HVM_PARAM_CONSOLE_EVTCHN, &v); 219 - if (r < 0) { 220 - kfree(info); 221 - return -ENODEV; 222 - } 224 + if (r < 0 || v == 0) 225 + goto err; 223 226 info->evtchn = v; 224 - hvm_get_parameter(HVM_PARAM_CONSOLE_PFN, &v); 225 - if (r < 0) { 226 - kfree(info); 227 - return -ENODEV; 228 - } 227 + v = 0; 228 + r = hvm_get_parameter(HVM_PARAM_CONSOLE_PFN, &v); 229 + if (r < 0 || v == 0) 230 + goto err; 229 231 mfn = v; 230 232 info->intf = ioremap(mfn << PAGE_SHIFT, PAGE_SIZE); 231 - if (info->intf == NULL) { 232 - kfree(info); 233 - return -ENODEV; 234 - } 233 + if (info->intf == NULL) 234 + goto err; 235 235 info->vtermno = HVC_COOKIE; 236 236 237 237 spin_lock(&xencons_lock); ··· 239 239 spin_unlock(&xencons_lock); 240 240 241 241 return 0; 242 + err: 243 + kfree(info); 244 + return -ENODEV; 242 245 } 243 246 244 247 static int xen_pv_console_init(void)
+9
drivers/xen/events.c
··· 827 827 handle_edge_irq, "event"); 828 828 829 829 xen_irq_info_evtchn_init(irq, evtchn); 830 + } else { 831 + struct irq_info *info = info_for_irq(irq); 832 + WARN_ON(info == NULL || info->type != IRQT_EVTCHN); 830 833 } 831 834 832 835 out: ··· 865 862 xen_irq_info_ipi_init(cpu, irq, evtchn, ipi); 866 863 867 864 bind_evtchn_to_cpu(evtchn, cpu); 865 + } else { 866 + struct irq_info *info = info_for_irq(irq); 867 + WARN_ON(info == NULL || info->type != IRQT_IPI); 868 868 } 869 869 870 870 out: ··· 945 939 xen_irq_info_virq_init(cpu, irq, evtchn, virq); 946 940 947 941 bind_evtchn_to_cpu(evtchn, cpu); 942 + } else { 943 + struct irq_info *info = info_for_irq(irq); 944 + WARN_ON(info == NULL || info->type != IRQT_VIRQ); 948 945 } 949 946 950 947 out:
+1 -1
drivers/xen/pci.c
··· 59 59 60 60 #ifdef CONFIG_ACPI 61 61 handle = DEVICE_ACPI_HANDLE(&pci_dev->dev); 62 - if (!handle) 62 + if (!handle && pci_dev->bus->bridge) 63 63 handle = DEVICE_ACPI_HANDLE(pci_dev->bus->bridge); 64 64 #ifdef CONFIG_PCI_IOV 65 65 if (!handle && pci_dev->is_virtfn)