akaros.git
4 years agoVMMCP: misc stuff
Ronald G. Minnich [Tue, 22 Sep 2015 22:20:20 +0000 (15:20 -0700)]
VMMCP: misc stuff

i.e., use a reserved interrupt vector for virtio_mmio

virtio_mmio, it turns out, doesn't really work on x86. I will refrain
from further comment. Grrrrrrr...

So for now the guest linux will set a trap gate for 17, and we'll be smart and use it.

Awful.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoVMMCP: better support incoming interrupts. Fix idiot bug where Dune stripped rflags...
Ronald G. Minnich [Tue, 22 Sep 2015 22:20:20 +0000 (15:20 -0700)]
VMMCP: better support incoming interrupts. Fix idiot bug where Dune stripped rflags and we injected interrupts when we should not

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agovmmcp/APIC: the empire strikes back.
Ronald G. Minnich [Wed, 16 Sep 2015 19:31:13 +0000 (12:31 -0700)]
vmmcp/APIC: the empire strikes back.

Some folks think we should be able to get along without these, but I've given up

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoPull ACPI into the user mode vmm
Ronald G. Minnich [Fri, 18 Sep 2015 21:02:28 +0000 (14:02 -0700)]
Pull ACPI into the user mode vmm

I hate it; we have to do it.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoVMMCP: EPT failures: don't exit, return all f's
Ronald G. Minnich [Mon, 14 Sep 2015 17:00:24 +0000 (10:00 -0700)]
VMMCP: EPT failures: don't exit, return all f's

On real hardware, a read outside memory returns all 1s. In some cases
kernels count on this. We can't rewrite every single place, so just
return all 1's for now.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agolapic and ioapic support that's Not Good Enough.
Ronald G. Minnich [Fri, 16 Oct 2015 17:04:11 +0000 (10:04 -0700)]
lapic and ioapic support that's Not Good Enough.

I really hate to do this, but I think I'm going to have to bring in the
whole enchilada from linux :-(

The linux kernel is just not happy with the level of support I'm providing.
We've tried counseling and adjustment, but this relationship is not working.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agouser level msr support for register not requiring read/write msr
Ronald G. Minnich [Fri, 4 Sep 2015 01:38:00 +0000 (18:38 -0700)]
user level msr support for register not requiring read/write msr

We can handle non-real MSRs in user mode.

Still need to split "fake" msrs out of kernel but this is a "checkpoint"
commit.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoFailed effort at moving MSR functions to user mode
Ronald G. Minnich [Tue, 1 Sep 2015 19:36:51 +0000 (12:36 -0700)]
Failed effort at moving MSR functions to user mode

Forgot, rdmsr/wrmsr require CPL0. I thought we'd be ok with
something else.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agouser/vmm: change a longstanding bug in showstatus
Ronald G. Minnich [Tue, 1 Sep 2015 17:41:28 +0000 (10:41 -0700)]
user/vmm: change a longstanding bug in showstatus

showstatus was using the wrong struct member to print the
exit type.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agovmrunkernel: Handle the INTERRUPT_WINDOW exit; print more info on unhandled exits
Ronald G. Minnich [Tue, 1 Sep 2015 17:40:09 +0000 (10:40 -0700)]
vmrunkernel: Handle the INTERRUPT_WINDOW exit; print more info on unhandled exits

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoChange PENDING_INTERRUPT to INTERRUPT_WINDOW to have a more meaningful name.
Ronald G. Minnich [Tue, 1 Sep 2015 17:36:34 +0000 (10:36 -0700)]
Change PENDING_INTERRUPT to INTERRUPT_WINDOW to have a more meaningful name.

Allow the old one to persist for now

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoFirst, second, and third pass at apic code. Crude
Ronald G. Minnich [Mon, 31 Aug 2015 04:09:04 +0000 (21:09 -0700)]
First, second, and third pass at apic code. Crude

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoStart putting together ACPI for guests.
Ronald G. Minnich [Sat, 29 Aug 2015 01:13:38 +0000 (18:13 -0700)]
Start putting together ACPI for guests.

This sucks, but has to happen if we want to let guests use
x2apic without lots of mods to the kernel.

But I still hate acpi.

This needs to get all library-ized once I learn how to make it work.

Worst case is we end up writing ACPI code and compiling it with iasl.

I'd really rather avoid that.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoabortive try at setting up tables. Failed miserably.
Ronald G. Minnich [Fri, 28 Aug 2015 01:55:40 +0000 (18:55 -0700)]
abortive try at setting up tables. Failed miserably.

We're going to have to create our own acpi tables. Dammit.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoMake MMAP_LOWEST_VA PAGE_SIZE; set ld.so mmap address
Ronald G. Minnich [Thu, 27 Aug 2015 18:03:53 +0000 (11:03 -0700)]
Make MMAP_LOWEST_VA PAGE_SIZE; set ld.so mmap address

The ld.so constant is probably in the wrong place but we can
fix that.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoMove the kernel to start at 16M+2M.
Ronald G. Minnich [Wed, 26 Aug 2015 00:13:17 +0000 (17:13 -0700)]
Move the kernel to start at 16M+2M.

This leaves room for ACPI shit.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoInject NMI on vmexits when it is an interrupt and, low and behold, it interrupts...
Ronald G. Minnich [Tue, 25 Aug 2015 00:13:17 +0000 (17:13 -0700)]
Inject NMI on vmexits when it is an interrupt and, low and behold, it interrupts the guest.

Mirabile dictu. Emphasis on the 'bile' part.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoMajor cleanups.
Ronald G. Minnich [Mon, 24 Aug 2015 23:56:52 +0000 (16:56 -0700)]
Major cleanups.

Put IO into user mode. PCI will be moving too.

Break out decoding.

Add -d (debug) and -m (max iterations before turning debug on) into vmrunkernel

Drop out of vmx if we an IO exit.

The goal here is to get more stuff into user mode and maybe someday even get interrupts.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoFix VMPXE script
Ronald G. Minnich [Fri, 21 Aug 2015 20:23:18 +0000 (13:23 -0700)]
Fix VMPXE script

The network mangler is crap, so I removed it from ubuntu and I start needed daemeons by hand.

My vm is working much better, and I no longer need to kick broken daemons into action.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoFix printing acpi base
Ronald G. Minnich [Fri, 21 Aug 2015 20:22:48 +0000 (13:22 -0700)]
Fix printing acpi base

it was coming out in decimal before.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoUse correct vmcs field to inject an interrupt
Ronald G. Minnich [Fri, 21 Aug 2015 20:18:08 +0000 (13:18 -0700)]
Use correct vmcs field to inject an interrupt

Now if only stupid Linux had a way to receive it.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoHandle guest halting. Print nice message.
Ronald G. Minnich [Fri, 21 Aug 2015 20:17:36 +0000 (13:17 -0700)]
Handle guest halting. Print nice message.

I wanted to print a dead penguin but I'm not good enough.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoInterrupt framework
Ronald G. Minnich [Tue, 18 Aug 2015 20:41:33 +0000 (13:41 -0700)]
Interrupt framework

Beginnings of interrupt framework. We're not doing x2apic or anything fancy.
We're going to let the timer fire and then kick off a given interrupt
in the guest.

Note that our attempts to do a gpf fail. It just fails to enter the guest
at all.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoExtend vmexit handler in vmrunkernel to handle vmcall printks
Ronald G. Minnich [Mon, 17 Aug 2015 20:41:33 +0000 (13:41 -0700)]
Extend vmexit handler in vmrunkernel to handle vmcall printks

This way we can get vm guest output to a file via stdout.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoMove msr-index.h to arch/86/ros so user programs can use it
Ronald G. Minnich [Mon, 17 Aug 2015 20:40:56 +0000 (13:40 -0700)]
Move msr-index.h to arch/86/ros so user programs can use it

We need this for vmrunkernel at least.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoCreate ros/vmm/vmx.h, prepare to move lots of code to user mode from kernel driver.
Ronald G. Minnich [Mon, 17 Aug 2015 18:51:28 +0000 (11:51 -0700)]
Create ros/vmm/vmx.h, prepare to move lots of code to user mode from kernel driver.

We need these constants and maybe these structs in user mode, so we can
handle more vmexits. Now that this is done, we can start to move
code out of the kernel driver.

Longer term, we probably even want the vmcs registers set up in user mode
so we can deal with the inevitable undocumented/incorrect hardware without
having to respin the kernel.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoAdd the consin handler.
Ronald G. Minnich [Thu, 13 Aug 2015 20:08:27 +0000 (13:08 -0700)]
Add the consin handler.

It doesn't explode. Does it work? Not sure.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoWe're finding more undocumented bits. So the bit set test is failing.
Ronald G. Minnich [Thu, 13 Aug 2015 20:08:27 +0000 (13:08 -0700)]
We're finding more undocumented bits. So the bit set test is failing.

FIX ME.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoActual working output now from virtio ring. Time for lots and lots of cleanup.
Ronald G. Minnich [Thu, 13 Aug 2015 17:53:28 +0000 (10:53 -0700)]
Actual working output now from virtio ring. Time for lots and lots of cleanup.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoThe host needs to set up the virtqueue. This is an interim commit so suleiman can...
Ronald G. Minnich [Thu, 13 Aug 2015 16:49:17 +0000 (09:49 -0700)]
The host needs to set up the virtqueue. This is an interim commit so suleiman can see what I am doing.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agovirtio console can't support V2, have to use V1.
Ronald G. Minnich [Wed, 12 Aug 2015 16:59:24 +0000 (09:59 -0700)]
virtio console can't support V2, have to use V1.

But also fixed the features crap.

The features stuff is damned confusing but it boils down to
"if you support v2, you have to say you support v1. And if you support
v1 you have to accept v1."

I don't know, I still don't get it all.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoAllow read/write of msr 0x345/MSR_IA32_PERF_CAPABILITIES
Ronald G. Minnich [Wed, 12 Aug 2015 16:59:24 +0000 (09:59 -0700)]
Allow read/write of msr 0x345/MSR_IA32_PERF_CAPABILITIES

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoFix up DEVICE_FEATURES usage
Ronald G. Minnich [Wed, 12 Aug 2015 16:59:24 +0000 (09:59 -0700)]
Fix up DEVICE_FEATURES usage

I misunderstood some of it.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoBegin work on true virtio mmio Kill tests/vmrunkernel.c Our makefiles, plus emacs...
Ronald G. Minnich [Mon, 3 Aug 2015 16:59:24 +0000 (09:59 -0700)]
Begin work on true virtio mmio Kill tests/vmrunkernel.c Our makefiles, plus emacs, == disaster.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoFirst checking of virtio-mmio.c from qemu.
Ronald G. Minnich [Fri, 31 Jul 2015 21:35:30 +0000 (14:35 -0700)]
First checking of virtio-mmio.c from qemu.

needed to support virtio-mmio.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoStart shuffling functionality from kernel to user.
Ronald G. Minnich [Fri, 31 Jul 2015 18:18:28 +0000 (11:18 -0700)]
Start shuffling functionality from kernel to user.

First step is IO, then vmcall, then whatever else we can do.

Required to make virtio channels work, and, really, this stuff should be
in user mode anyway.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoModify device to take a binary struct.
Ronald G. Minnich [Thu, 30 Jul 2015 16:36:34 +0000 (09:36 -0700)]
Modify device to take a binary struct.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agovmrunkernel: dump virtio mmio area in a human-readable fashion.
Ronald G. Minnich [Thu, 30 Jul 2015 16:08:39 +0000 (09:08 -0700)]
vmrunkernel: dump virtio mmio area in a human-readable fashion.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoStart supporting virtio stuff in vmrunkernel.c
Ronald G. Minnich [Wed, 29 Jul 2015 19:49:54 +0000 (12:49 -0700)]
Start supporting virtio stuff in vmrunkernel.c

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoBasic init of the virtio_mmio region
Ronald G. Minnich [Mon, 20 Jul 2015 22:36:08 +0000 (15:36 -0700)]
Basic init of the virtio_mmio region

not quite there but better. This is tightly tied to the linux kernel I have, sorry.

e820 layou for this:
0-efffff reserved
f00000-fffff reserved (for virtio mmio)
1000000-+128M (ram)

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoAdd virtio_mmio.h
Ronald G. Minnich [Mon, 20 Jul 2015 19:09:48 +0000 (12:09 -0700)]
Add virtio_mmio.h

This is pretty unchanging, so we figure it's ok to include.

Copied from Linux.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agovmmcp: final set of changes for PCI emulation
Ronald G. Minnich [Fri, 17 Jul 2015 00:32:49 +0000 (17:32 -0700)]
vmmcp: final set of changes for PCI emulation

In the end, this is not going to work. PCI in Linux brings in all sorts of stuff you don't want to bring in, such as ACPI. If
you don't bring in ACPI, it brings in dmi decode. Either way, it brings in code that wants to grovel through the f segment and
we've declared the low 16m off limits.

So, I'm going to take a different tack. We've got the coreboot tables and vmcall, might as well use them for something.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoManage writes to cfc: ignore them for now.
Ronald G. Minnich [Thu, 16 Jul 2015 17:54:58 +0000 (10:54 -0700)]
Manage writes to cfc: ignore them for now.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agovmmcp: piss-poor pci emulation
Ronald G. Minnich [Thu, 16 Jul 2015 17:23:53 +0000 (10:23 -0700)]
vmmcp: piss-poor pci emulation

It only needs to work well enough for virtio, so we're hoping it's enough.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agovmmcpconfig: version right after adding PCI=y and VIRTIO
Ronald G. Minnich [Wed, 15 Jul 2015 15:21:49 +0000 (08:21 -0700)]
vmmcpconfig: version right after adding PCI=y and VIRTIO

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agovmmcp: further restrictions on IO; a few more hacks; lindent damage
Ronald G. Minnich [Mon, 13 Jul 2015 21:56:21 +0000 (14:56 -0700)]
vmmcp: further restrictions on IO; a few more hacks; lindent damage

This gets us to not being able to open a console.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agovmmcp: allow basic IO and more MSRs
Ronald G. Minnich [Mon, 13 Jul 2015 16:54:32 +0000 (09:54 -0700)]
vmmcp: allow basic IO and more MSRs

Note that we're not disabling any IO at this point, since we can't get
the bitmap to work yet. Later.

This gets us to killing init.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agovmmcp: final set of msr operations
Ronald G. Minnich [Wed, 8 Jul 2015 17:04:18 +0000 (10:04 -0700)]
vmmcp: final set of msr operations

This now lets our guest linux get to the next blocker: DR registers.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agovmmcp: allow a fake write to CSTAR
Ronald G. Minnich [Wed, 8 Jul 2015 15:15:41 +0000 (08:15 -0700)]
vmmcp: allow a fake write to CSTAR

We don't expect that a guest will ever really use this.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agovmmcp: begin cleanup of vmrunkernel; grow memory size.
Ronald G. Minnich [Tue, 7 Jul 2015 23:39:03 +0000 (16:39 -0700)]
vmmcp: begin cleanup of vmrunkernel; grow memory size.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoAllow guests to do INVLPG.
Ronald G. Minnich [Tue, 7 Jul 2015 23:38:29 +0000 (16:38 -0700)]
Allow guests to do INVLPG.

We require EPTs so that should be ok.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoVMX: only check the PB VM EC2 if EC1 is ok
Barret Rhoden [Wed, 1 Jul 2015 17:09:01 +0000 (10:09 -0700)]
VMX: only check the PB VM EC2 if EC1 is ok

We should only check the Secondary Processor-Based VM-Execution controls
if the bit is present in the primary controls.  It's one of our
set-to-one bits.

If we do the secondary checks without that magic bit set, we'll GPF.  We
don't have rdmsr_safe() or anything like that either.

Ultimately, once 'ok' is false, we're going to fail anyway.  It's just a
question of how much info we get.

Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agovmmcp: add "fake write" msr
Ronald G. Minnich [Wed, 1 Jul 2015 16:09:59 +0000 (09:09 -0700)]
vmmcp: add "fake write" msr

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agovmmcp: emulated msr infrastructure
Ronald G. Minnich [Wed, 1 Jul 2015 02:22:57 +0000 (19:22 -0700)]
vmmcp: emulated msr infrastructure

For an emulated msr, we will look for it, then see how much emulation
we want to do. There is a per-msr function which handles read and write.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agovmmcp: set up msr handling framework.
Ronald G. Minnich [Tue, 30 Jun 2015 21:22:29 +0000 (14:22 -0700)]
vmmcp: set up msr handling framework.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agovmmcp: turn off mcp in vmrunkernel for now so we can run on two cores.
Ronald G. Minnich [Tue, 30 Jun 2015 16:37:57 +0000 (09:37 -0700)]
vmmcp: turn off mcp in vmrunkernel for now so we can run on two cores.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agovmmcp: open up cr4; fix cpuid handling
Ronald G. Minnich [Tue, 30 Jun 2015 23:26:15 +0000 (16:26 -0700)]
vmmcp: open up cr4; fix cpuid handling

This gets linux much further.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agovmmcp: allow EFER writes. Clear cr0 shadow to 0s so guest can write all bits.
Ronald G. Minnich [Mon, 29 Jun 2015 23:26:15 +0000 (16:26 -0700)]
vmmcp: allow EFER writes. Clear cr0 shadow to 0s so guest can write all bits.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoPrint information about msr settings that don't quite work out.
Ronald G. Minnich [Mon, 29 Jun 2015 20:45:27 +0000 (13:45 -0700)]
Print information about msr settings that don't quite work out.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agovmmcp: add higherkernbase, more debugging.
Ronald G. Minnich [Mon, 29 Jun 2015 17:27:56 +0000 (10:27 -0700)]
vmmcp: add higherkernbase, more debugging.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoRename pgoffset -> pg_num in load_one_elf()
Barret Rhoden [Mon, 2 Nov 2015 16:58:11 +0000 (11:58 -0500)]
Rename pgoffset -> pg_num in load_one_elf()

We use offset to mean the offset into the page.

Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoFix parlib/assert.h's warn()
Barret Rhoden [Mon, 2 Nov 2015 15:36:25 +0000 (10:36 -0500)]
Fix parlib/assert.h's warn()

Glibc's err.h has its own warn, which we need to override.  If someone
would include err.h, it would collide with parlib's warn.

Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoAvoid double declarations, integer overflow, and use branch hints
Davide Libenzi [Fri, 16 Oct 2015 17:04:11 +0000 (10:04 -0700)]
Avoid double declarations, integer overflow, and use branch hints

Avoid double declarations, integer overflow, and use branch hints.

Signed-off-by: Davide Libenzi <dlibenzi@google.com>
[Kept the double declaration, added const for rwaddr]
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoAdded new kernel test case
Davide Libenzi [Fri, 16 Oct 2015 00:13:49 +0000 (17:13 -0700)]
Added new kernel test case

Added new kernel test case for the exception table fixup code.

Signed-off-by: Davide Libenzi <dlibenzi@google.com>
[Touched up checkpatch complaint]
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoPlugged the exception handling code
Davide Libenzi [Thu, 15 Oct 2015 22:29:20 +0000 (15:29 -0700)]
Plugged the exception handling code

Plugged the exception handling code into the Akaros trap handling
path.

Signed-off-by: Davide Libenzi <dlibenzi@google.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoAdded safe user memory access APIs
Davide Libenzi [Thu, 15 Oct 2015 22:26:00 +0000 (15:26 -0700)]
Added safe user memory access APIs

Added safe user memory access APIs, which allows kernel code to
copy data to and from user memory, with zero cost on the fast path.
The exception table facility can also be used in other cases, where
we are executing a potentially faulting instruction.
The code is coming from the Linux kernel version 3.11.10, most of
it from the arch/x86/include/asm/uaccess.h include file.

Signed-off-by: Davide Libenzi <dlibenzi@google.com>
[Touched up checkpatch complaint and compiler.h]
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoAdded #ifdef wrapping to prevent double function definitions
Davide Libenzi [Fri, 16 Oct 2015 16:37:13 +0000 (09:37 -0700)]
Added #ifdef wrapping to prevent double function definitions

Added #ifdef wrapping to prevent double function definitions, which
were triggered by umem.h usage in uaccess.h

Signed-off-by: Davide Libenzi <dlibenzi@google.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoAdded heapsort utility function to the lib/ framework.
Davide Libenzi [Thu, 15 Oct 2015 22:23:09 +0000 (15:23 -0700)]
Added heapsort utility function to the lib/ framework.

Signed-off-by: Davide Libenzi <dlibenzi@google.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoFix waserror/lock order
Davide Libenzi [Sat, 17 Oct 2015 22:01:42 +0000 (15:01 -0700)]
Fix waserror/lock order

Fix waserror/lock order in order to enforce the acquire before waserror
pattern.

Signed-off-by: Davide Libenzi <dlibenzi@google.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoReplace most uses of strncpy with strlcpy.
Dan Cross [Fri, 16 Oct 2015 16:24:55 +0000 (12:24 -0400)]
Replace most uses of strncpy with strlcpy.

Strncpy has strange and subtle semantics; it was being used
incorrectly in many places. Replace almost everywhere with
strlcpy or memmove.

Note that spatch will in some cases introduce simply incorrect
code when it replaces calls to strcpy; it will take sizeof()
the destination argument, but if that's a pointer, then one
ends up with the size of the pointer type (for our platforms,
8 bytes) instead of the proper size of the destination. When
I saw things like that, I fixed them.

Signed-off-by: Dan Cross <dcross@google.com>
[Minor checkpatch touchups]
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoDon't change calls to strcpy() to strncpy(); use strlcpy() instead.
Dan Cross [Thu, 15 Oct 2015 21:13:58 +0000 (17:13 -0400)]
Don't change calls to strcpy() to strncpy(); use strlcpy() instead.

The semantics of strncpy() are confusing. We had been
converting Plan 9 code to Akaros by replacing calls to
strcpy() (which we wisely removed from our kernel some
time ago), but strncpy():

1. Does not necessarily NUL-terminate it's destination
   buffer (e.g., if strlen(src) >= size),
2. Will nul-pad the entire destination string if the
   source string is shorter than the buffer length; this
   is wasteful if we just want proper NUL-termination.

Instead, call strlcpy(), which handles both of the above
cases correctly.

In general, one should not call strncpy() unless one is
sure that they want these semantics.

Signed-off-by: Dan Cross <crossd@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoFix strlcpy in kernel, add strlcat.
Dan Cross [Thu, 15 Oct 2015 20:51:55 +0000 (16:51 -0400)]
Fix strlcpy in kernel, add strlcat.

The return value of strlcpy was incorrect: it was returning
the amount it had copied, but the return value is supposed to
be the size of the input string.

I also added strlcat (with a prodigious comment, as the code
is subtle) for parity.

Nothing was checking the return value of strlcpy as far as I
could see, and while it's not specified by e.g. ANSI/ISO, it
still makes sense for us to follow the specification of other
implementations.

Tested: Rebuilt the kernel and ran Akaros.

References:
http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man3/strlcat.3?query=strlcpy&sec=3
http://www.sudo.ws/todd/papers/strlcpy.html

Signed-off-by: Dan Cross <crossd@gmail.com>
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoClean up aliased monitor commands
Barret Rhoden [Mon, 26 Oct 2015 21:51:45 +0000 (17:51 -0400)]
Clean up aliased monitor commands

The better way to alias a monitor command is to just point the aliased
entry at the real function, not to implement the function a second time.

Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoAlias "e" to monitor's "exit"
Barret Rhoden [Mon, 26 Oct 2015 21:49:21 +0000 (17:49 -0400)]
Alias "e" to monitor's "exit"

If you have multiple readers of the console, such as busybox and the
monitor, then it's hard to enter "exit."  This way, it's just one key.

Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoAccept more types of FD Taps in #ip
Barret Rhoden [Mon, 26 Oct 2015 19:16:05 +0000 (15:16 -0400)]
Accept more types of FD Taps in #ip

As discussed in commit cfb02bd7818d ("Accept more types of FD Taps in
 #eventfd"), we need to allow some "unimportant" taps, such as PRIORITY
and ERROR.  #ip currently will not trigger any events for these, since
they do not occur in the networking stack (yet), but the user can at
least ask for them.

Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoImplement recvmsg() (XCC)
Barret Rhoden [Mon, 26 Oct 2015 19:12:07 +0000 (15:12 -0400)]
Implement recvmsg() (XCC)

It's about as standards compliant as recvfrom().

Rebuild glibc.

Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoFix UDP socket bug (XCC)
Barret Rhoden [Fri, 23 Oct 2015 18:26:07 +0000 (14:26 -0400)]
Fix UDP socket bug (XCC)

All UDP sockets were pointing at conversation 0.  We would successfully
clone a new UDP conversation, but when we attempted to read the ctl
file, we'd get an empty string back instead of the conversation ID.
That worked if our conversation happened to be 0, but otherwise would
fail.

The root cause was that we advanced the offset by 7 when we wrote the
"headers" command for UDP sockets.  We need to reset the chan back to 0
before reading.

Rebuild glibc.

Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoWeak alias getsockopt() (XCC)
Barret Rhoden [Wed, 21 Oct 2015 15:29:29 +0000 (11:29 -0400)]
Weak alias getsockopt() (XCC)

This allows us to override it in a user library or application, which
tends to be the standard for glibc.  We already do this for
setsockopt(), for instance.

Rebuild glibc.

Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoRemove (un)likely from the kernel interface (XCC)
Barret Rhoden [Tue, 20 Oct 2015 19:53:55 +0000 (15:53 -0400)]
Remove (un)likely from the kernel interface (XCC)

Unfortunately, some user libraries out there also #define likely and
unlikely, and those include both ros/common.h and parlib/common.h.
Since we're not using likely/unlikely as part of the kernel interface, I
don't mind moving it out of ros/.  But it's more unfortunate that we
can't put it in a parlib header too.

Reinstall your kernel headers.

Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoFix Rock sizeof sockaddr bug (XCC)
Barret Rhoden [Tue, 20 Oct 2015 19:25:55 +0000 (15:25 -0400)]
Fix Rock sizeof sockaddr bug (XCC)

Whenever we consider the size of a Rock's sockaddr, we need to use the
sizeof a struct sockaddr_storage.

Rebuild glibc.

Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoCall printf() instead of fprintf in signal.c
Barret Rhoden [Mon, 26 Oct 2015 21:56:24 +0000 (17:56 -0400)]
Call printf() instead of fprintf in signal.c

Signal handlers run in vcore context.  We could page fault on the glibc
printf calls.  Our printf() is vcore-context safe.

Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoOverride glibc's printf for vcore context
Barret Rhoden [Mon, 26 Oct 2015 21:55:39 +0000 (17:55 -0400)]
Override glibc's printf for vcore context

Our printf is safe from vcore context.  Otherwise, glibc's printf may
run off the end of the vcore stack, depending on whether or not the
output stream is in buffered mode.

This only overrides printf, not functions like fprintf, vprintf, or any
of the other printf functions.

Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agopthread: Panic if there is a bad thread state
Barret Rhoden [Mon, 26 Oct 2015 21:44:31 +0000 (17:44 -0400)]
pthread: Panic if there is a bad thread state

There's no reason to merely print here.  If the type is wrong, there is
a critical bug in the 2LS.

Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoEnsure vcore context code includes parlib/assert.h
Barret Rhoden [Mon, 26 Oct 2015 21:13:15 +0000 (17:13 -0400)]
Ensure vcore context code includes parlib/assert.h

Code that runs in vcore context should call parlib's assert.  Otherwise,
there is a chance glibc's assert will call glibc's printf, which may run
off the end of the stack and page fault.

By putting parlib/assert.h in common.h, any downstream headers, such as
vcore.h, event.t, and parlib.h, will pick up our assert().

Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoDo not breakpoint() on parlib's assert
Barret Rhoden [Mon, 26 Oct 2015 20:46:33 +0000 (16:46 -0400)]
Do not breakpoint() on parlib's assert

The breakpoint is very useful for debugging, and people can add it back
in to their local repos when needed, but it's not needed for the usual
assertion failure.

Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoRemove #include <assert.h> from parlib
Barret Rhoden [Wed, 21 Oct 2015 21:52:40 +0000 (17:52 -0400)]
Remove #include <assert.h> from parlib

Other than the #include <assert.h> in parlib/assert.h, the other assert
includes actually do nothing, other than confuse people.

Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoRename parlib/rassert.h -> parlib/assert.h
Barret Rhoden [Wed, 21 Oct 2015 21:47:34 +0000 (17:47 -0400)]
Rename parlib/rassert.h -> parlib/assert.h

Slight change to the #includes in parlib/assert.h, since we are no
longer including Glibc's assert.h when we build parlib.  Other libraries
and tests do include glibc's assert.h.  This is due to the search path
of the user library Makefrag.

Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoMove parlib's assert guts into a C file
Barret Rhoden [Wed, 21 Oct 2015 17:31:40 +0000 (13:31 -0400)]
Move parlib's assert guts into a C file

Having the machinery of the print and abort in the header file is
problematic for #include loops.  First, we need stdlib included, which
isn't a big deal.  Second, and more troublesome, is we need vcore.h.
That will cause problems with a later commit, where I have all parlib
code use parlib's assert.

ucq.c was relying on a transitive #include for printd.

Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoUndefine static_assert() in parlib/rassert.h
Barret Rhoden [Wed, 21 Oct 2015 17:31:40 +0000 (13:31 -0400)]
Undefine static_assert() in parlib/rassert.h

static_assert() is #defined in glibc's assert.h under certain
circumstances.  We'll just use our own in parlib code.

Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoUse a -D when building parlib
Barret Rhoden [Tue, 27 Oct 2015 18:59:48 +0000 (14:59 -0400)]
Use a -D when building parlib

The -D will be defined so that a parlib header can determine how to
 #include a file.

The search order for user libraries is to first check its include
directory in the source code, and then check the system headers.  This
is important so that we build with the latest headers, i.e. the ones we
just changed.

The problem comes when we want to include a system/glibc header that
happens to have the same name as a parlib header, e.g. assert.h in an
upcoming patch.  From within parlib, we could do an #include_next.  But
for external libraries and apps, that fails since user/parlib/include is
not on their search path.

With this -D, we can tell which situation we're in and #include
accordingly.

Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agopthread: Properly change state for running threads
Barret Rhoden [Tue, 20 Oct 2015 18:56:49 +0000 (14:56 -0400)]
pthread: Properly change state for running threads

We were only setting PTH_RUNNING for thread 0 early on.  After that, it
was all PTH_RUNNABLES.  We should now be able to assert that if a thread
is on the active list, it is marked PTH_RUNNING.

Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agopthread: Account for pth stopping in has_blocked
Barret Rhoden [Tue, 20 Oct 2015 18:16:19 +0000 (14:16 -0400)]
pthread: Account for pth stopping in has_blocked

This popped up as

uthread.c:621: run_uthread: Assertion `uthread->state == 2' failed.

and

pthread.c:246: pth_sched_entry: Assertion `new_thread->state == 2'
failed.

for an epoll/eventfd app.

The ready and active queues were corrupted, due to adding a pthread to
the ready queue in pth_thread_runnable() that was still on the active
queue.

Anytime a pthread stops and will eventually have pth_thread_runnable()
called, as is the case with blocking a uthread on an event queue (which
epoll does), then the pthread code needs to yank it off the active
queue.  Modifications of pthread->state are a good sign that list
management needs to be done.

Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agopthread: Factor out common active_queue code
Barret Rhoden [Tue, 20 Oct 2015 18:47:49 +0000 (14:47 -0400)]
pthread: Factor out common active_queue code

__pthread_generic_yield() isn't the greatest name for this, since it's
used in non-yield paths, but it beats reusing code, and it's not clear
if we'll want other accounting in there.

Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agopthread: Fix sem_timedwait() bug
Barret Rhoden [Mon, 19 Oct 2015 15:36:54 +0000 (11:36 -0400)]
pthread: Fix sem_timedwait() bug

__sem_timedblock() takes a sem_queue_element *, not a semaphore *.

Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoCheck system headers for warnings for userspace
Barret Rhoden [Mon, 19 Oct 2015 15:34:35 +0000 (11:34 -0400)]
Check system headers for warnings for userspace

-Wsystem-headers checks the headers for warnings.  The lack of this flag
was masking a minor bug with TAILQs.

Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agopthread: Fix semaphore's TAILQ type
Barret Rhoden [Mon, 19 Oct 2015 15:25:56 +0000 (11:25 -0400)]
pthread: Fix semaphore's TAILQ type

The semaphore's TAILQ isn't of pthreads, it's of sem_queue_elements.  I
spotted this while trying to debug something else in the area.  The
warning was hidden because the bad assignment was in a system header.

Specifically, when the TAILQ macros attempt to do some form of
assignment, they should generate an incompatible pointer type warning.
However, sys/queue.h is a system header, and those warnings are ignored
by default.

Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoPrint the vcoreid for unhandled faults in VC ctx
Barret Rhoden [Mon, 19 Oct 2015 15:21:50 +0000 (11:21 -0400)]
Print the vcoreid for unhandled faults in VC ctx

This is a little more useful when diagnosing bugs.

Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoProperly include syscall.h in parlib/event.h
Barret Rhoden [Mon, 19 Oct 2015 15:10:45 +0000 (11:10 -0400)]
Properly include syscall.h in parlib/event.h

When building with -Wsystem-headers, we get a warning like:

... /usr/include/parlib/event.h:37:48:
warning: 'struct syscall' declared inside parameter list
 bool register_evq(struct syscall *sysc, struct event_queue *ev_q);

Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoAdd the Inferno license to files we got from Inferno
Ronald G. Minnich [Tue, 27 Oct 2015 15:31:50 +0000 (08:31 -0700)]
Add the Inferno license to files we got from Inferno

This is long overdue. We just kept forgetting. But somebody in
Harvey wanted one of our files and at that point it's essential
to get this right.

Signed-off-by: Ronald G. Minnich <rminnich@gmail.com>
[minor touchups, added UCB and Google modifications]
Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>
4 years agoAdd scripts/spelling.txt
Barret Rhoden [Tue, 27 Oct 2015 17:38:52 +0000 (13:38 -0400)]
Add scripts/spelling.txt

This is used by checkpatch, and copied from Linux's commit 69984b644407
("Merge tag 'arm64-fixes' of
git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux")

Signed-off-by: Barret Rhoden <brho@cs.berkeley.edu>