linux-stable.git/drivers/xen, branch v3.16.7 Linux kernel stable tree xen/manage: Always freeze/thaw processes when suspend/resuming 2014-10-05T20:41:03+00:00 Ross Lagerwall ross.lagerwall@citrix.com 2014-08-18T09:41:36+00:00 2edbf3c6af0f5f1f9d2ef00a15339c10beaff405 commit 61a734d305e16944b42730ef582a7171dc733321 upstream. Always freeze processes when suspending and thaw processes when resuming to prevent a race noticeable with HVM guests. This prevents a deadlock where the khubd kthread (which is designed to be freezable) acquires a usb device lock and then tries to allocate memory which requires the disk which hasn't been resumed yet. Meanwhile, the xenwatch thread deadlocks waiting for the usb device lock. Freezing processes fixes this because the khubd thread is only thawed after the xenwatch thread finishes resuming all the devices. Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com> Signed-off-by: David Vrabel <david.vrabel@citrix.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 
commit 61a734d305e16944b42730ef582a7171dc733321 upstream.

Always freeze processes when suspending and thaw processes when resuming
to prevent a race noticeable with HVM guests.

This prevents a deadlock where the khubd kthread (which is designed to
be freezable) acquires a usb device lock and then tries to allocate
memory which requires the disk which hasn't been resumed yet.
Meanwhile, the xenwatch thread deadlocks waiting for the usb device
lock.

Freezing processes fixes this because the khubd thread is only thawed
after the xenwatch thread finishes resuming all the devices.

Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
Signed-off-by: David Vrabel <david.vrabel@citrix.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
xen/events/fifo: reset control block and local HEADs on resume 2014-09-17T16:22:11+00:00 David Vrabel david.vrabel@citrix.com 2014-07-31T15:22:24+00:00 d52143d85c9c6962f01098935e0cf8a422bbf5b8 commit c12784c3d14a2110468ec4d1383f60cfd2665576 upstream. When using the FIFO-based event channel ABI, if the control block or the local HEADs are not reset after resuming the guest may see stale HEAD values and will fail to traverse the FIFO correctly. This may prevent one or more VCPUs from receiving any events following a resume. Signed-off-by: David Vrabel <david.vrabel@citrix.com> Reviewed-by: Boris Ostrovsky <boris.ostrovsky@oracle.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 
commit c12784c3d14a2110468ec4d1383f60cfd2665576 upstream.

When using the FIFO-based event channel ABI, if the control block or
the local HEADs are not reset after resuming the guest may see stale
HEAD values and will fail to traverse the FIFO correctly.

This may prevent one or more VCPUs from receiving any events following
a resume.

Signed-off-by: David Vrabel <david.vrabel@citrix.com>
Reviewed-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
xen/events/fifo: ensure all bitops are properly aligned even on x86 2014-09-05T23:36:35+00:00 David Vrabel david.vrabel@citrix.com 2014-07-31T15:22:25+00:00 31c05d1c2672eab3a9cc8c4c0c01183b4be45cec commit dcecb8fd93a65787130a74e61fdf29932c8d85eb upstream. When using the FIFO-based ABI on x86_64, if the last port is at the end of an event array page then sync_test_bit() on this port's event word will read beyond the end of the page and in certain circumstances this may fault. The fault requires the following page in the kernel's direct mapping to be not present, which would mean: a) the array page is the last page of RAM; or b) the following page is ballooned out /and/ it has been used for a foreign mapping by a kernel driver (such as netback or blkback) /and/ the grant has been unmapped. Use the infrastructure added for arm64 to ensure that all bitops operating on event words are unsigned long aligned. Signed-off-by: David Vrabel <david.vrabel@citrix.com> Reviewed-by: Boris Ostrovsky <boris.ostrovsky@oracle.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 
commit dcecb8fd93a65787130a74e61fdf29932c8d85eb upstream.

When using the FIFO-based ABI on x86_64, if the last port is at the
end of an event array page then sync_test_bit() on this port's event
word will read beyond the end of the page and in certain circumstances
this may fault.

The fault requires the following page in the kernel's direct mapping
to be not present, which would mean:

a) the array page is the last page of RAM; or

b) the following page is ballooned out /and/ it has been used for a
   foreign mapping by a kernel driver (such as netback or blkback)
   /and/ the grant has been unmapped.

Use the infrastructure added for arm64 to ensure that all bitops
operating on event words are unsigned long aligned.

Signed-off-by: David Vrabel <david.vrabel@citrix.com>
Reviewed-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Merge tag 'stable/for-linus-3.16-rc7-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip 2014-07-30T16:00:20+00:00 Linus Torvalds torvalds@linux-foundation.org 2014-07-30T16:00:20+00:00 acba648dca67c6a224991a9e9f935b2bdec8dc17 Pull Xen fix from David Vrabel: "Fix BUG when trying to expand the grant table. This seems to occur often during boot with Ubuntu 14.04 PV guests" * tag 'stable/for-linus-3.16-rc7-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip: x86/xen: safely map and unmap grant frames when in atomic context 
Pull Xen fix from David Vrabel:
 "Fix BUG when trying to expand the grant table.  This seems to occur
  often during boot with Ubuntu 14.04 PV guests"

* tag 'stable/for-linus-3.16-rc7-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip:
  x86/xen: safely map and unmap grant frames when in atomic context
x86/xen: safely map and unmap grant frames when in atomic context 2014-07-30T13:22:47+00:00 David Vrabel david.vrabel@citrix.com 2014-07-11T15:42:34+00:00 b7dd0e350e0bd4c0fddcc9b8958342700b00b168 arch_gnttab_map_frames() and arch_gnttab_unmap_frames() are called in atomic context but were calling alloc_vm_area() which might sleep. Also, if a driver attempts to allocate a grant ref from an interrupt and the table needs expanding, then the CPU may already by in lazy MMU mode and apply_to_page_range() will BUG when it tries to re-enable lazy MMU mode. These two functions are only used in PV guests. Introduce arch_gnttab_init() to allocates the virtual address space in advance. Avoid the use of apply_to_page_range() by using saving and using the array of PTE addresses from the alloc_vm_area() call (which ensures that the required page tables are pre-allocated). Signed-off-by: David Vrabel <david.vrabel@citrix.com> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> 
arch_gnttab_map_frames() and arch_gnttab_unmap_frames() are called in
atomic context but were calling alloc_vm_area() which might sleep.

Also, if a driver attempts to allocate a grant ref from an interrupt
and the table needs expanding, then the CPU may already by in lazy MMU
mode and apply_to_page_range() will BUG when it tries to re-enable
lazy MMU mode.

These two functions are only used in PV guests.

Introduce arch_gnttab_init() to allocates the virtual address space in
advance.

Avoid the use of apply_to_page_range() by using saving and using the
array of PTE addresses from the alloc_vm_area() call (which ensures
that the required page tables are pre-allocated).

Signed-off-by: David Vrabel <david.vrabel@citrix.com>
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Merge tag 'stable/for-linus-3.16-rc5-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip 2014-07-17T18:02:35+00:00 Linus Torvalds torvalds@linux-foundation.org 2014-07-17T18:02:35+00:00 59ca9ee42838d0f597137cf811e47eaf42fdcb69 Pull Xen fixes from Konrad Rzeszutek Wilk: "Two fixes found during migration of PV guests. David would be the one doing this pull but he is on vacation. Fixes: - fix console deadlock when resuming PV guests - fix regression hit when ballooning and resuming PV guests" * tag 'stable/for-linus-3.16-rc5-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip: xen/balloon: set ballooned out pages as invalid in p2m xen/manage: fix potential deadlock when resuming the console 
Pull Xen fixes from Konrad Rzeszutek Wilk:
 "Two fixes found during migration of PV guests.  David would be the one
  doing this pull but he is on vacation.

  Fixes:
   - fix console deadlock when resuming PV guests
   - fix regression hit when ballooning and resuming PV guests"

* tag 'stable/for-linus-3.16-rc5-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip:
  xen/balloon: set ballooned out pages as invalid in p2m
  xen/manage: fix potential deadlock when resuming the console
xen/balloon: set ballooned out pages as invalid in p2m 2014-07-04T14:17:43+00:00 David Vrabel david.vrabel@citrix.com 2014-06-27T09:42:03+00:00 fb9a0c443691ceaab3daba966bbbd9f5ff3aa26f Since cd9151e26d31048b2b5e00fd02e110e07d2200c9 (xen/balloon: set a mapping for ballooned out pages), a ballooned out page had its entry in the p2m set to the MFN of one of the scratch pages. This means that the p2m will contain many entries pointing to the same MFN. During a domain save, these many-to-one entries are not identified as such and the scratch page is saved multiple times. On restore the ballooned pages are populated with new frames and the domain may use up its allocation before all pages can be restored. Since the original fix only needed to keep a mapping for the ballooned page it is safe to set ballooned out pages as INVALID_P2M_ENTRY in the p2m (as they were before). Thus preventing them from being saved and re-populated on restore. Signed-off-by: David Vrabel <david.vrabel@citrix.com> Reported-by: Marek Marczykowski <marmarek@invisiblethingslab.com> Tested-by: Marek Marczykowski <marmarek@invisiblethingslab.com> Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com> Cc: <stable@vger.kernel.org> 
Since cd9151e26d31048b2b5e00fd02e110e07d2200c9 (xen/balloon: set a
mapping for ballooned out pages), a ballooned out page had its entry
in the p2m set to the MFN of one of the scratch pages.  This means
that the p2m will contain many entries pointing to the same MFN.

During a domain save, these many-to-one entries are not identified as
such and the scratch page is saved multiple times. On restore the
ballooned pages are populated with new frames and the domain may use
up its allocation before all pages can be restored.

Since the original fix only needed to keep a mapping for the ballooned
page it is safe to set ballooned out pages as INVALID_P2M_ENTRY in the
p2m (as they were before). Thus preventing them from being saved and
re-populated on restore.

Signed-off-by: David Vrabel <david.vrabel@citrix.com>
Reported-by: Marek Marczykowski <marmarek@invisiblethingslab.com>
Tested-by: Marek Marczykowski <marmarek@invisiblethingslab.com>
Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Cc: <stable@vger.kernel.org>
xen/manage: fix potential deadlock when resuming the console 2014-07-03T10:02:28+00:00 David Vrabel david.vrabel@citrix.com 2014-07-02T16:25:23+00:00 1b6478231c6f5f844185acb32045cf195028cfce Calling xen_console_resume() in xen_suspend() causes a warning because it locks irq_mapping_update_lock (a mutex) and this may sleep. If a userspace process is using the evtchn device then this mutex may be locked at the point of the stop_machine() call and xen_console_resume() would then deadlock. Resuming the console after stop_machine() returns avoids this deadlock. Signed-off-by: David Vrabel <david.vrabel@citrix.com> Reviewed-by: Boris Ostrovsky <boris.ostrovsky@oracle.com> Cc: <stable@vger.kernel.org> 
Calling xen_console_resume() in xen_suspend() causes a warning because
it locks irq_mapping_update_lock (a mutex) and this may sleep.  If a
userspace process is using the evtchn device then this mutex may be
locked at the point of the stop_machine() call and
xen_console_resume() would then deadlock.

Resuming the console after stop_machine() returns avoids this
deadlock.

Signed-off-by: David Vrabel <david.vrabel@citrix.com>
Reviewed-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Cc: <stable@vger.kernel.org>
Merge tag 'stable/for-linus-3.16-rc1-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip 2014-06-19T17:53:27+00:00 Linus Torvalds torvalds@linux-foundation.org 2014-06-19T17:53:27+00:00 3d09c623947a855ab9a21267c31f926cafa2c5bb Pull Xen fixes from David Vrabel: "Xen regression and PVH fixes for 3.16-rc1 - fix dom0 PVH memory setup on latest unstable Xen releases - fix 64-bit x86 PV guest boot failure on Xen 3.1 and earlier - fix resume regression on non-PV (auto-translated physmap) guests" * tag 'stable/for-linus-3.16-rc1-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip: xen/grant-table: fix suspend for non-PV guests x86/xen: no need to explicitly register an NMI callback Revert "xen/pvh: Update E820 to work with PVH (v2)" x86/xen: fix memory setup for PVH dom0 
Pull Xen fixes from David Vrabel:
 "Xen regression and PVH fixes for 3.16-rc1

   - fix dom0 PVH memory setup on latest unstable Xen releases
   - fix 64-bit x86 PV guest boot failure on Xen 3.1 and earlier
   - fix resume regression on non-PV (auto-translated physmap) guests"

* tag 'stable/for-linus-3.16-rc1-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/xen/tip:
  xen/grant-table: fix suspend for non-PV guests
  x86/xen: no need to explicitly register an NMI callback
  Revert "xen/pvh: Update E820 to work with PVH (v2)"
  x86/xen: fix memory setup for PVH dom0
xen/grant-table: fix suspend for non-PV guests 2014-06-18T09:58:01+00:00 David Vrabel david.vrabel@citrix.com 2014-06-16T10:12:03+00:00 13cd36a37a06ae0318d23b7e60adf0dac3547238 Commit aa8532c32216ae07c3813b9aeb774517878a7573 (xen: refactor suspend pre/post hooks) broke resuming PVHVM (auto-translated physmap) guests. The gnttab_suspend() would clear the mapping for the grant table frames, but the ->unmap_frames() call is only applicable to PV guests. Signed-off-by: David Vrabel <david.vrabel@citrix.com> Reported-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> Tested-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> 
Commit aa8532c32216ae07c3813b9aeb774517878a7573 (xen: refactor suspend
pre/post hooks) broke resuming PVHVM (auto-translated physmap) guests.

The gnttab_suspend() would clear the mapping for the grant table
frames, but the ->unmap_frames() call is only applicable to PV guests.

Signed-off-by: David Vrabel <david.vrabel@citrix.com>
Reported-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Tested-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>