rpms/kernel/devel linux-2.6-xen-execshield-add-xen-specific-load_user_cs_desc.patch, NONE, 1.1 linux-2.6-xen-execshield-fix-endless-gpf-fault-loop.patch, NONE, 1.1 linux-2.6-xen-execshield-only-define-load_user_cs_desc-on-32-bit.patch, NONE, 1.1 config-x86-generic, 1.43, 1.44 config-x86_64-generic, 1.42, 1.43 kernel.spec, 1.801, 1.802
Mark McLoughlin (markmc)
fedora-extras-commits at redhat.com
Thu Jul 24 16:41:10 UTC 2008
Author: markmc
Update of /cvs/pkgs/rpms/kernel/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv6528
Modified Files:
config-x86-generic config-x86_64-generic kernel.spec
Added Files:
linux-2.6-xen-execshield-add-xen-specific-load_user_cs_desc.patch
linux-2.6-xen-execshield-fix-endless-gpf-fault-loop.patch
linux-2.6-xen-execshield-only-define-load_user_cs_desc-on-32-bit.patch
Log Message:
Enable Xen support again
Now that i686 PAE and x86_64 Xen DomU support is fully
upstream, re-enable it in the stock kernel.
The only not-upstream patches we require are to support
execshield
Also note the Obsoletes/Provides to make upgrades go
smoothely.
linux-2.6-xen-execshield-add-xen-specific-load_user_cs_desc.patch:
--- NEW FILE linux-2.6-xen-execshield-add-xen-specific-load_user_cs_desc.patch ---
>From cdff48f3077459f1dfaf243db8e402c8202a2693 Mon Sep 17 00:00:00 2001
From: Stephen Tweedie <sct at redhat.com>
Date: Tue, 11 Mar 2008 18:05:30 +0000
Subject: [PATCH] xen execshield: Add xen-specific load_user_cs_desc()
x86 32-bit execshield uses load_user_cs_desc() to setup the user CS
descriptor, but the Xen version needs to do this via a hypercall.
Add this via a new pv_cpu_ops->load_user_cs_desc pv_ops indirection
so that it can be selected appropriately at run-time.
Signed-off-by: Stephen Tweedie <sct at redhat.com>
---
arch/x86/kernel/paravirt.c | 1 +
arch/x86/xen/enlighten.c | 17 +++++++++++++++++
include/asm-x86/desc.h | 8 ++++++--
include/asm-x86/paravirt.h | 6 ++++++
4 files changed, 30 insertions(+), 2 deletions(-)
diff --git a/arch/x86/kernel/paravirt.c b/arch/x86/kernel/paravirt.c
index 94da4d5..f2a678c 100644
--- a/arch/x86/kernel/paravirt.c
+++ b/arch/x86/kernel/paravirt.c
@@ -336,6 +336,7 @@ struct pv_cpu_ops pv_cpu_ops = {
.read_tscp = native_read_tscp,
.load_tr_desc = native_load_tr_desc,
.set_ldt = native_set_ldt,
+ .load_user_cs_desc = native_load_user_cs_desc,
.load_gdt = native_load_gdt,
.load_idt = native_load_idt,
.store_gdt = native_store_gdt,
diff --git a/arch/x86/xen/enlighten.c b/arch/x86/xen/enlighten.c
index 9ff6e3c..9b95277 100644
--- a/arch/x86/xen/enlighten.c
+++ b/arch/x86/xen/enlighten.c
@@ -340,6 +340,22 @@ static void xen_set_ldt(const void *addr, unsigned entries)
xen_mc_issue(PARAVIRT_LAZY_CPU);
}
+static inline void xen_load_user_cs_desc(int cpu, struct mm_struct *mm)
+{
+ void *gdt;
+ xmaddr_t mgdt;
+ u64 descriptor;
+ struct desc_struct user_cs;
+
+ gdt = &get_cpu_gdt_table(cpu)[GDT_ENTRY_DEFAULT_USER_CS];
+ mgdt = virt_to_machine(gdt);
+
+ user_cs = mm->context.user_cs;
+ descriptor = (u64) user_cs.a | ((u64) user_cs.b) << 32;
+
+ HYPERVISOR_update_descriptor(mgdt.maddr, descriptor);
+}
+
static void xen_load_gdt(const struct desc_ptr *dtr)
{
unsigned long *frames;
@@ -1213,6 +1229,7 @@ static const struct pv_cpu_ops xen_cpu_ops __initdata = {
.load_tr_desc = paravirt_nop,
.set_ldt = xen_set_ldt,
+ .load_user_cs_desc = xen_load_user_cs_desc,
.load_gdt = xen_load_gdt,
.load_idt = xen_load_idt,
.load_tls = xen_load_tls,
diff --git a/include/asm-x86/desc.h b/include/asm-x86/desc.h
index 3a545b1..713634f 100644
--- a/include/asm-x86/desc.h
+++ b/include/asm-x86/desc.h
@@ -6,6 +6,7 @@
#include <asm/ldt.h>
#include <asm/mmu.h>
#include <linux/smp.h>
+#include <linux/mm_types.h>
static inline void fill_ldt(struct desc_struct *desc,
const struct user_desc *info)
@@ -90,6 +91,7 @@ static inline int desc_empty(const void *ptr)
#define load_TLS(t, cpu) native_load_tls(t, cpu)
#define set_ldt native_set_ldt
+#define load_user_cs_desc native_load_user_cs_desc
#define write_ldt_entry(dt, entry, desc) \
native_write_ldt_entry(dt, entry, desc)
@@ -380,8 +382,10 @@ static inline void set_user_cs(struct desc_struct *desc, unsigned long limit)
desc->b = (limit & 0xf0000) | 0x00c0fb00;
}
-#define load_user_cs_desc(cpu, mm) \
- get_cpu_gdt_table(cpu)[GDT_ENTRY_DEFAULT_USER_CS] = (mm)->context.user_cs
+static inline void native_load_user_cs_desc(int cpu, struct mm_struct *mm)
+{
+ get_cpu_gdt_table(cpu)[GDT_ENTRY_DEFAULT_USER_CS] = mm->context.user_cs;
+}
extern void arch_add_exec_range(struct mm_struct *mm, unsigned long limit);
extern void arch_remove_exec_range(struct mm_struct *mm, unsigned long limit);
diff --git a/include/asm-x86/paravirt.h b/include/asm-x86/paravirt.h
index fbbde93..151ac7a 100644
--- a/include/asm-x86/paravirt.h
+++ b/include/asm-x86/paravirt.h
@@ -113,6 +113,7 @@ struct pv_cpu_ops {
void (*store_gdt)(struct desc_ptr *);
void (*store_idt)(struct desc_ptr *);
void (*set_ldt)(const void *desc, unsigned entries);
+ void (*load_user_cs_desc)(int cpu, struct mm_struct *mm);
unsigned long (*store_tr)(void);
void (*load_tls)(struct thread_struct *t, unsigned int cpu);
#ifdef CONFIG_X86_64
@@ -840,6 +841,11 @@ static inline void set_ldt(const void *addr, unsigned entries)
{
PVOP_VCALL2(pv_cpu_ops.set_ldt, addr, entries);
}
+static inline void load_user_cs_desc(unsigned int cpu,
+ struct mm_struct *mm)
+{
+ PVOP_VCALL2(pv_cpu_ops.load_user_cs_desc, cpu, mm);
+}
static inline void store_gdt(struct desc_ptr *dtr)
{
PVOP_VCALL1(pv_cpu_ops.store_gdt, dtr);
--
1.5.4.1
linux-2.6-xen-execshield-fix-endless-gpf-fault-loop.patch:
--- NEW FILE linux-2.6-xen-execshield-fix-endless-gpf-fault-loop.patch ---
>From ad6f7a1789fdb94b16952f50ed65964dc206d7be Mon Sep 17 00:00:00 2001
From: Stephen Tweedie <sct at redhat.com>
Date: Tue, 11 Mar 2008 18:07:31 +0000
Subject: [PATCH] xen execshield: fix endless GPF fault loop
Under Xen, loading the user_cs descriptor does not necessarily load
the descriptor with the exact same values the kernel requested: some
of the control bits in the descriptor may be modified by the
hypervisor.
With execshield, the check_lazy_exec_limit() function is needed to
test whether a fault has been caused by the existing user_cs
descriptor being too constrained: if so, it performs a lazy expansion
of the legal cs segment bounds. But it does so via an exact match on
the descriptor values against their current expected values, so if
Xen modifies any control bits in the descriptor, it looks as if the
user_cs is out-of-sync; so check_lazy_exec_limit() resets the
descriptor and retakes the fault unnecessarily.
This means that a GPF fault can be retried indefinitely, with the
kernel always seeing the wrong values in user_cs and continually
trying to correct them and retake the fault.
Fix it by masking off the xen-sensitive control bits when checking
that the segment descriptor is up-to-date, and comparing only the
bits which affect the segment base and limit.
Affects 32-bit only; execshield on 64-bit uses NX for this
functionality.
Signed-off-by: Stephen Tweedie <sct at redhat.com>
---
arch/x86/kernel/traps_32.c | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/arch/x86/kernel/traps_32.c b/arch/x86/kernel/traps_32.c
index d001d55..c932b3e 100644
--- a/arch/x86/kernel/traps_32.c
+++ b/arch/x86/kernel/traps_32.c
@@ -621,7 +621,8 @@ check_lazy_exec_limit(int cpu, struct pt_regs *regs, long error_code)
desc1 = ¤t->mm->context.user_cs;
desc2 = get_cpu_gdt_table(cpu) + GDT_ENTRY_DEFAULT_USER_CS;
- if (desc1->a != desc2->a || desc1->b != desc2->b) {
+ if ((desc1->a & 0xff0000ff) != (desc2->a & 0xff0000ff) ||
+ desc1->b != desc2->b) {
/*
* The CS was not in sync - reload it and retry the
* instruction. If the instruction still faults then
--
1.5.4.1
linux-2.6-xen-execshield-only-define-load_user_cs_desc-on-32-bit.patch:
--- NEW FILE linux-2.6-xen-execshield-only-define-load_user_cs_desc-on-32-bit.patch ---
>From 226bc4b8f13ece618de046f6f8da88eeb4b8f8da Mon Sep 17 00:00:00 2001
From: Mark McLoughlin <markmc at redhat.com>
Date: Tue, 25 Mar 2008 11:56:43 +0000
Subject: [PATCH] xen execshield: Only define load_user_cs_desc() on 32 bit
load_user_cs_desc() is only used on 32 bit, so only
define it in that case.
Fixes compile failure in native_load_user_cs_desc()
since mm_context_t->user_cs is only available on
32 bit.
Signed-off-by: Mark McLoughlin <markmc at redhat.com>
---
arch/x86/kernel/paravirt.c | 2 ++
arch/x86/xen/enlighten.c | 4 ++++
include/asm-x86/desc.h | 4 ++++
include/asm-x86/paravirt.h | 4 ++++
4 files changed, 14 insertions(+), 0 deletions(-)
diff --git a/arch/x86/kernel/paravirt.c b/arch/x86/kernel/paravirt.c
index f2a678c..4277d1a 100644
--- a/arch/x86/kernel/paravirt.c
+++ b/arch/x86/kernel/paravirt.c
@@ -336,7 +336,9 @@ struct pv_cpu_ops pv_cpu_ops = {
.read_tscp = native_read_tscp,
.load_tr_desc = native_load_tr_desc,
.set_ldt = native_set_ldt,
+#ifdef CONFIG_X86_32
.load_user_cs_desc = native_load_user_cs_desc,
+#endif
.load_gdt = native_load_gdt,
.load_idt = native_load_idt,
.store_gdt = native_store_gdt,
diff --git a/arch/x86/xen/enlighten.c b/arch/x86/xen/enlighten.c
index 9b95277..c54060c 100644
--- a/arch/x86/xen/enlighten.c
+++ b/arch/x86/xen/enlighten.c
@@ -340,6 +340,7 @@ static void xen_set_ldt(const void *addr, unsigned entries)
xen_mc_issue(PARAVIRT_LAZY_CPU);
}
+#ifdef CONFIG_X86_32
static inline void xen_load_user_cs_desc(int cpu, struct mm_struct *mm)
{
void *gdt;
@@ -355,6 +356,7 @@ static inline void xen_load_user_cs_desc(int cpu, struct mm_struct *mm)
HYPERVISOR_update_descriptor(mgdt.maddr, descriptor);
}
+#endif
static void xen_load_gdt(const struct desc_ptr *dtr)
{
@@ -1229,7 +1231,9 @@ static const struct pv_cpu_ops xen_cpu_ops __initdata = {
.load_tr_desc = paravirt_nop,
.set_ldt = xen_set_ldt,
+#ifdef CONFIG_X86_32
.load_user_cs_desc = xen_load_user_cs_desc,
+#endif
.load_gdt = xen_load_gdt,
.load_idt = xen_load_idt,
.load_tls = xen_load_tls,
diff --git a/include/asm-x86/desc.h b/include/asm-x86/desc.h
index 713634f..54234ac 100644
--- a/include/asm-x86/desc.h
+++ b/include/asm-x86/desc.h
@@ -91,7 +91,9 @@ static inline int desc_empty(const void *ptr)
#define load_TLS(t, cpu) native_load_tls(t, cpu)
#define set_ldt native_set_ldt
+#ifdef CONFIG_X86_32
#define load_user_cs_desc native_load_user_cs_desc
+#endif
#define write_ldt_entry(dt, entry, desc) \
native_write_ldt_entry(dt, entry, desc)
@@ -382,10 +384,12 @@ static inline void set_user_cs(struct desc_struct *desc, unsigned long limit)
desc->b = (limit & 0xf0000) | 0x00c0fb00;
}
+#ifdef CONFIG_X86_32
static inline void native_load_user_cs_desc(int cpu, struct mm_struct *mm)
{
get_cpu_gdt_table(cpu)[GDT_ENTRY_DEFAULT_USER_CS] = mm->context.user_cs;
}
+#endif
extern void arch_add_exec_range(struct mm_struct *mm, unsigned long limit);
extern void arch_remove_exec_range(struct mm_struct *mm, unsigned long limit);
diff --git a/include/asm-x86/paravirt.h b/include/asm-x86/paravirt.h
index 151ac7a..f354748 100644
--- a/include/asm-x86/paravirt.h
+++ b/include/asm-x86/paravirt.h
@@ -113,7 +113,9 @@ struct pv_cpu_ops {
void (*store_gdt)(struct desc_ptr *);
void (*store_idt)(struct desc_ptr *);
void (*set_ldt)(const void *desc, unsigned entries);
+#ifdef CONFIG_X86_32
void (*load_user_cs_desc)(int cpu, struct mm_struct *mm);
+#endif
unsigned long (*store_tr)(void);
void (*load_tls)(struct thread_struct *t, unsigned int cpu);
#ifdef CONFIG_X86_64
@@ -841,11 +843,13 @@ static inline void set_ldt(const void *addr, unsigned entries)
{
PVOP_VCALL2(pv_cpu_ops.set_ldt, addr, entries);
}
+#ifdef CONFIG_X86_32
static inline void load_user_cs_desc(unsigned int cpu,
struct mm_struct *mm)
{
PVOP_VCALL2(pv_cpu_ops.load_user_cs_desc, cpu, mm);
}
+#endif
static inline void store_gdt(struct desc_ptr *dtr)
{
PVOP_VCALL1(pv_cpu_ops.store_gdt, dtr);
--
1.5.4.1
Index: config-x86-generic
===================================================================
RCS file: /cvs/pkgs/rpms/kernel/devel/config-x86-generic,v
retrieving revision 1.43
retrieving revision 1.44
diff -u -r1.43 -r1.44
--- config-x86-generic 24 Jul 2008 16:38:41 -0000 1.43
+++ config-x86-generic 24 Jul 2008 16:40:21 -0000 1.44
@@ -340,10 +340,20 @@
# CONFIG_PARAVIRT_DEBUG is not set
CONFIG_KVM_CLOCK=y
CONFIG_KVM_GUEST=y
-# CONFIG_XEN is not set
CONFIG_LGUEST_GUEST=y
CONFIG_VMI=y
+CONFIG_XEN=y
+CONFIG_XEN_MAX_DOMAIN_MEMORY=8
+CONFIG_XEN_BALLOON=y
+CONFIG_XEN_SCRUB_PAGES=y
+CONFIG_XEN_SAVE_RESTORE=y
+CONFIG_HVC_XEN=y
+CONFIG_XEN_FBDEV_FRONTEND=y
+CONFIG_XEN_KBDDEV_FRONTEND=y
+CONFIG_XEN_BLKDEV_FRONTEND=m
+CONFIG_XEN_NETDEV_FRONTEND=m
+
CONFIG_MTD_ESB2ROM=m
CONFIG_MTD_CK804XROM=m
CONFIG_MTD_NAND_CAFE=m
Index: config-x86_64-generic
===================================================================
RCS file: /cvs/pkgs/rpms/kernel/devel/config-x86_64-generic,v
retrieving revision 1.42
retrieving revision 1.43
diff -u -r1.42 -r1.43
--- config-x86_64-generic 24 Jul 2008 16:38:41 -0000 1.42
+++ config-x86_64-generic 24 Jul 2008 16:40:21 -0000 1.43
@@ -258,7 +258,17 @@
# CONFIG_PARAVIRT_DEBUG is not set
CONFIG_KVM_CLOCK=y
CONFIG_KVM_GUEST=y
-# CONFIG_XEN is not set
+
+CONFIG_XEN=y
+CONFIG_XEN_MAX_DOMAIN_MEMORY=32
+CONFIG_XEN_BALLOON=y
+CONFIG_XEN_SCRUB_PAGES=y
+CONFIG_XEN_SAVE_RESTORE=y
+CONFIG_HVC_XEN=y
+CONFIG_XEN_FBDEV_FRONTEND=y
+CONFIG_XEN_KBDDEV_FRONTEND=y
+CONFIG_XEN_BLKDEV_FRONTEND=m
+CONFIG_XEN_NETDEV_FRONTEND=m
CONFIG_DMADEVICES=y
CONFIG_INTEL_IOATDMA=m
Index: kernel.spec
===================================================================
RCS file: /cvs/pkgs/rpms/kernel/devel/kernel.spec,v
retrieving revision 1.801
retrieving revision 1.802
diff -u -r1.801 -r1.802
--- kernel.spec 24 Jul 2008 16:37:07 -0000 1.801
+++ kernel.spec 24 Jul 2008 16:40:21 -0000 1.802
@@ -372,7 +372,13 @@
# upto and including kernel 2.4.9 rpms, the 4Gb+ kernel was called kernel-enterprise
# now that the smp kernel offers this capability, obsolete the old kernel
%define kernel_smp_obsoletes kernel-enterprise < 2.4.10
-%define kernel_PAE_obsoletes kernel-smp < 2.6.17
+%define kernel_PAE_obsoletes kernel-smp < 2.6.17, kernel-xen <= 2.6.27-0.2.rc0.git6.fc10
+%define kernel_PAE_provides kernel-xen = %{rpmversion}-%{pkg_release}
+
+%ifarch x86_64
+%define kernel_obsoletes kernel-xen <= 2.6.27-0.2.rc0.git6.fc10
+%define kernel_provides kernel-xen = %{rpmversion}-%{pkg_release}
+%endif
# We moved the drm include files into kernel-headers, make sure there's
# a recent enough libdrm-devel on the system that doesn't have those.
@@ -549,6 +555,9 @@
Patch149: linux-2.6-efika-not-chrp.patch
Patch160: linux-2.6-execshield.patch
+Patch161: linux-2.6-xen-execshield-add-xen-specific-load_user_cs_desc.patch
+Patch162: linux-2.6-xen-execshield-fix-endless-gpf-fault-loop.patch
+Patch163: linux-2.6-xen-execshield-only-define-load_user_cs_desc-on-32-bit.patch
Patch250: linux-2.6-debug-sizeof-structs.patch
Patch260: linux-2.6-debug-nmi-timeout.patch
Patch270: linux-2.6-debug-taint-vm.patch
@@ -995,6 +1004,9 @@
# Exec shield
#
ApplyPatch linux-2.6-execshield.patch
+ApplyPatch linux-2.6-xen-execshield-add-xen-specific-load_user_cs_desc.patch
+ApplyPatch linux-2.6-xen-execshield-fix-endless-gpf-fault-loop.patch
+ApplyPatch linux-2.6-xen-execshield-only-define-load_user_cs_desc-on-32-bit.patch
#
# bugfixes to drivers and filesystems
@@ -1253,6 +1265,15 @@
make -s ARCH=$Arch INSTALL_MOD_PATH=$RPM_BUILD_ROOT modules_install KERNELRELEASE=$KernelVer mod-fw=
%ifarch %{vdso_arches}
make -s ARCH=$Arch INSTALL_MOD_PATH=$RPM_BUILD_ROOT vdso_install KERNELRELEASE=$KernelVer
+ if grep '^CONFIG_XEN=y$' .config >/dev/null; then
+ echo > ldconfig-kernel.conf "\
+# This directive teaches ldconfig to search in nosegneg subdirectories
+# and cache the DSOs there with extra bit 0 set in their hwcap match
+# fields. In Xen guest kernels, the vDSO tells the dynamic linker to
+# search in nosegneg subdirectories and to match this extra hwcap bit
+# in the ld.so.cache file.
+hwcap 0 nosegneg"
+ fi
if [ ! -s ldconfig-kernel.conf ]; then
echo > ldconfig-kernel.conf "\
# Placeholder file, no vDSO hwcap entries used in this kernel."
More information about the scm-commits
mailing list