| Age | Commit message (Collapse) | Author |
|---|
|
The return value of atomic_load_int(9) is unsigned so needs a cast,
otherwise securelevel=-1 gets misrepresented.
From Paul Fertser.
|
|
Also fix some trailing whitespace in comments.
From Christian Schulte, thanks
|
|
ok stu deraadt
|
|
ok mlarkin@
|
|
|
|
Ported from FreeBSD.
This driver does not pass packets yet, lots of code is still missing.
The driver will remain disabled in kernel configs until it is ready.
At this stage, code for device initialization should be fairly complete.
Some hardware features will require additional firmware packages to be
loaded. My plan is to get things working in the basic "safe mode" first,
which does not require external firmware.
I will continue working on this driver in-tree, with funding from genua.
Help is welcome.
ok dlg@
|
|
If any other CPU has not finished wbinvd, PSP command may fail. To
avoid races, call wbinvd_on_all_cpus_acked() which waits for
acknowledgement from IPI handler. Provide stub to build non-MP
kernels.
from hshoexer@; OK mlarkin@
|
|
|
|
|
|
Implement wbinvd_on_all_cpus_acked() similar to pmap_tlb_shootpage().
This ensures, wbinvd has been executed on all cores when the function
returns. This is needed to avoid psp(4) races.
from hshoexer@; OK mlarkin@
|
|
callback interface a bit simpler.
ok beck@ claudio@ mpi@
|
|
|
|
which got limited to at most two tries 26 years ago for the 2.3 release,
but the documentation was never updated to match this change. Do it now.
Reported by Nir Lichtman on tech@
|
|
ok jan
|
|
support for tape block devices was removed in 2016
ok miod@
|
|
ok miod@
|
|
and X540. The driver was originally written by Intel and released as
ixv driver version 1.5.32 and ported to OpenBSD by Yuichiro NAITO,
naito.yuichiro at gmail.com. tested by henson at acm.org and many
others.
ok jmatthew
|
|
Also use atomic_load_int(9) to load `securelevel'. sysctl_securelevel()
is mp-safe, but will be under kernel lock until all existing
`securelevel' loading became mp-safe too.
ok mpi
|
|
ok mpi@, anton@
|
|
ok claudio@
|
|
|
|
allocate the uarea with zeroed pages using km_alloc(9). Adjust the amd64
code that creates a guard page at the top of the kernel stack to use
pmap_kremove(9) instead of pmap_remove(9) to reflect that the uarea no
longer uses "managed" pages.
ok mpi@
|
|
|
|
with tweaks from miod@
ok miod@
|
|
This makes it possible to use MSI for virtual functions of Intel network
devices without having to specify the q35 machine.
QEMU is detected by testing for the Qumranet pci subsystem vendor id,
suggested by sf@. MSI previously wasn't enabled as i440fx models a machine
from 1996 with ACPI 1.0, and MSI is only enabled for ACPI >= 2.0.
Initial patch from Yuichiro NAITO. ok yasuoka@ sf@
|
|
it as a request for memory without any DMA restrictions, which means that
the call is allowed to allocate memory above the 4GB boundary on amd64.
ok mpi@, mlarkin@
|
|
vmm(4) doesn't use the VMX VMFUNC instruction.
ok mlarkin@
|
|
the second could raise general protection fault on non-existant MSR
fix with help of jsg@
ok dv@
|
|
|
|
When efibooting amd64, the boot loader rewrites the page table built
by EFI firmware to ensure that there are no read-only mappings.
The rewrite is needed for some HP EFI BIOS, that maps computrace
section read-only.
When efibooting on SEV enabled QEMU, we would have to ensure the
crypt bit is set when changing page tables. However, there is no
need for the HP workaround when booting on QEMU (or any other VM),
so just do not modify the page table, when SEV gest mode is detected.
from Sebastian Sturm; via hshoexer@; OK kettenis@
|
|
When booting an OpenBSD kernel on Linux QEMU with SEV enabled, the
hypervisor does not forward the SME feature, only the SEV bit is
set. Therefore do not depend on SME when checking for SEV guest
mode in locore0.
from Sebastian Sturm; via hshoexer@; OK jsg@
|
|
Simplifies some of the recent INVEPT changes and mirrors the design
of other pmap tlb shootdown functions that provide simplified non-MP
implementations.
ok mlarkin@
|
|
vmm(4) doesn't need this information anymore. vmd(8) is the only
consumer of this information.
ok mlarkin@
|
|
My recent commit to add an INVEPT ipi missed an ifdef related to
MP machines.
ok krw@
|
|
Similar to how the fast ipi for tlb flush is implemented, this adds
one for calling INVEPT to invalidate EPT caches on the cpu. This
is the first step to allowing guest memory to not be wired by UVM
and decreases the behavioral differences between Intel and AMD's
nested paging in vmm(4) and pmap(9).
This change does not hook EPT ptes into the PV list, so the ipi is
only used during address space teardown and pte removal. (With the
removal of the "mprotect" ioctl, vmm(4) no longer modifies EPT ptes
other than inserting them and removing them.)
ok mlarkin@
|
|
|
|
Some machines which work great in S3, don't work great in S0.
Some people want to be able to force S0, mostly for testing purposes
(or to notice improvements as changes are made in the tree). Provide
a TEMPORARY method via machdep.lidaction=-1 which will be S0-suspend
while =1 remains S3 suspend. This button will not remain long-term,
but for now, and during 7.6, it will be better than nothing.
ok ratchov kettenis
|
|
This old ioctl isn't used by vmd(8) and is getting in the way of some
improvements we want to do. It was used by solo5 but the person who was
helping maintain this is no longer involved with that project.
ok dv
|
|
|
|
Fixes Linux guests on older Intel hardware. vmm was reporting a
value that doesn't match the host. Cap it at the highest value vmm
currently emulates.
ok bluhm@, ratchov@
|
|
Input and ok jmc@, jsg@
|
|
'fine with me' hshoexer, ok bluhm@
|
|
When running as a SEV guest, page frame mask is calculated from the
CPUID provided "physical address bit reduction". The amd64 pmap
code uses the variable pg_frame instead of the defined PG_FRAME
0x000ffffffffff000.
There was one instance in pmap code where pg_frame was applied to
virtual address, not physical address. On some machines the address
bit reduction is rather large with six bits. So the calculated
pg_frame is 0x00003fffffe00000. However, on amd64 VM_MAX_ADDRESS
is defined as 0x00007fbfdfeff000. Masking a such large address
with pg_frame caused havoc. Therefore, when masking virtual
addresses, still use PG_FRAME.
from hshoexer@
|
|
VPID allocation being dependent on the host and guest config
(consequently pushing it into the reset register handler) creates
a leak where previous VPIDs are not freed if the hypervisor program
resets a vcpu's registers.
Recent SVM related changes pulled the VPID (ASID in AMD world)
allocation up into vcpu initialization. This change does the same
for VMX and cleans up appropriate logic. Minor changes to keep SVM
and VMX styles in line with each other.
ok bluhm@
|
|
ok bluhm@ hshoexer@
|
|
Limit ccp ioctls to processes that pledge vmm. Specific psp device
ioctls for AMD SEV will allowed for vmd(8).
from hshoexer@; input deraadt@ jsg@
|
|
|
|
A few functions and symbols were included in non-VMM builds. This
tucks more of them behind the "#ifdef NVMM > 0" check and cleans
up RAMDISK kernels.
ok mpi@, feedback from chris@
|
|
Some packets were dropped by vio_encap() when using bounce buffers.
These mbufs are too fragmented for the pre allocated bounce buffer
pages. By returing EFBIG the network driver will call m_defrag()
and try again. This fixes the problem.
OK sf@ hshoexer@
|
|
Bring the pieces for vmm(4) to support guests with SEV memory
encryption on AMD CPUs. The corresponding vmd(8) changes will
follow.
Emulate cpuid 0x8000001f so the guest can discover SEV features.
Allow vmd(8) to enable SEV on VM creation. Inform vmd(8) about the
c-bit position and ASID assigned to each VCPU.
Note that vmd(8) has to be rebuilt with the new header files.
from hshoexer@; input dv@; OK mlarkin@
|
