1. 07 1月, 2012 1 次提交
  2. 04 1月, 2012 6 次提交
  3. 26 12月, 2011 2 次提交
    • J
      KVM: Don't automatically expose the TSC deadline timer in cpuid · 4d25a066
      Jan Kiszka 提交于
      Unlike all of the other cpuid bits, the TSC deadline timer bit is set
      unconditionally, regardless of what userspace wants.
      
      This is broken in several ways:
       - if userspace doesn't use KVM_CREATE_IRQCHIP, and doesn't emulate the TSC
         deadline timer feature, a guest that uses the feature will break
       - live migration to older host kernels that don't support the TSC deadline
         timer will cause the feature to be pulled from under the guest's feet;
         breaking it
       - guests that are broken wrt the feature will fail.
      
      Fix by not enabling the feature automatically; instead report it to userspace.
      Because the feature depends on KVM_CREATE_IRQCHIP, which we cannot guarantee
      will be called, we expose it via a KVM_CAP_TSC_DEADLINE_TIMER and not
      KVM_GET_SUPPORTED_CPUID.
      
      Fixes the Illumos guest kernel, which uses the TSC deadline timer feature.
      
      [avi: add the KVM_CAP + documentation]
      Reported-by: NAlexey Zaytsev <alexey.zaytsev@gmail.com>
      Tested-by: NAlexey Zaytsev <alexey.zaytsev@gmail.com>
      Signed-off-by: NJan Kiszka <jan.kiszka@siemens.com>
      Signed-off-by: NAvi Kivity <avi@redhat.com>
      4d25a066
    • A
      KVM: Device assignment permission checks · 3d27e23b
      Alex Williamson 提交于
      Only allow KVM device assignment to attach to devices which:
      
       - Are not bridges
       - Have BAR resources (assume others are special devices)
       - The user has permissions to use
      
      Assigning a bridge is a configuration error, it's not supported, and
      typically doesn't result in the behavior the user is expecting anyway.
      Devices without BAR resources are typically chipset components that
      also don't have host drivers.  We don't want users to hold such devices
      captive or cause system problems by fencing them off into an iommu
      domain.  We determine "permission to use" by testing whether the user
      has access to the PCI sysfs resource files.  By default a normal user
      will not have access to these files, so it provides a good indication
      that an administration agent has granted the user access to the device.
      
      [Yang Bai: add missing #include]
      [avi: fix comment style]
      Signed-off-by: NAlex Williamson <alex.williamson@redhat.com>
      Signed-off-by: NYang Bai <hamo.by@gmail.com>
      Signed-off-by: NMarcelo Tosatti <mtosatti@redhat.com>
      3d27e23b
  4. 25 12月, 2011 1 次提交
  5. 08 12月, 2011 1 次提交
  6. 07 12月, 2011 1 次提交
  7. 06 12月, 2011 3 次提交
  8. 01 12月, 2011 1 次提交
  9. 29 11月, 2011 6 次提交
  10. 23 11月, 2011 1 次提交
  11. 16 11月, 2011 4 次提交
  12. 10 11月, 2011 1 次提交
  13. 09 11月, 2011 2 次提交
  14. 08 11月, 2011 1 次提交
  15. 07 11月, 2011 2 次提交
  16. 06 11月, 2011 1 次提交
  17. 05 11月, 2011 6 次提交