Xen project Mailing List

[Xen-devel] [qemu-upstream-4.5-testing test] 57826: regressions - FAIL

From: osstest service user <osstest@xxxxxxxxxxxxxxx>

Date: Wed, 03 Jun 2015 21:32:20 +0000

Delivery-date: Wed, 03 Jun 2015 21:32:51 +0000

List-id: Xen developer discussion <xen-devel.lists.xen.org>

flight 57826 qemu-upstream-4.5-testing real [real] http://logs.test-lab.xenproject.org/osstest/logs/57826/ Regressions :-( Tests which did not succeed and are blocking, including tests which could not be run: test-armhf-armhf-xl-credit2 6 xen-boot fail REGR. vs. 55882 Regressions which are regarded as allowable (not blocking): test-amd64-i386-libvirt 11 guest-start fail REGR. vs. 55882 test-amd64-amd64-xl-qemuu-win7-amd64 15 guest-localmigrate/x10 fail like 55882 Tests which did not succeed, but are not blocking: test-amd64-amd64-xl-pvh-intel 11 guest-start fail never pass test-amd64-amd64-xl-pvh-amd 11 guest-start fail never pass test-amd64-amd64-libvirt 12 migrate-support-check fail never pass test-armhf-armhf-xl-arndale 12 migrate-support-check fail never pass test-armhf-armhf-xl 12 migrate-support-check fail never pass test-armhf-armhf-xl-sedf-pin 12 migrate-support-check fail never pass test-armhf-armhf-xl-multivcpu 12 migrate-support-check fail never pass test-armhf-armhf-xl-cubietruck 12 migrate-support-check fail never pass test-armhf-armhf-xl-sedf 12 migrate-support-check fail never pass test-armhf-armhf-libvirt 12 migrate-support-check fail never pass version targeted for testing: qemuu 4f7865d19f3db71ce23585eb6a01f8521361878d baseline version: qemuu f582d00cf2055511153a87cc3c52565a0d1ae571 ------------------------------------------------------------ People who touched revisions under test: Ian Campbell <ian.campbell@xxxxxxxxxx> Jan Beulich <jbeulich@xxxxxxxx> Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> ------------------------------------------------------------ jobs: build-amd64 pass build-armhf pass build-i386 pass build-amd64-libvirt pass build-armhf-libvirt pass build-i386-libvirt pass build-amd64-pvops pass build-armhf-pvops pass build-i386-pvops pass test-amd64-amd64-xl pass test-armhf-armhf-xl pass test-amd64-i386-xl pass test-amd64-amd64-xl-pvh-amd fail test-amd64-i386-qemuu-rhel6hvm-amd pass test-amd64-amd64-xl-qemuu-debianhvm-amd64 pass test-amd64-i386-xl-qemuu-debianhvm-amd64 pass test-amd64-i386-freebsd10-amd64 pass test-amd64-amd64-xl-qemuu-ovmf-amd64 pass test-amd64-i386-xl-qemuu-ovmf-amd64 pass test-amd64-amd64-xl-qemuu-win7-amd64 fail test-amd64-i386-xl-qemuu-win7-amd64 pass test-armhf-armhf-xl-arndale pass test-amd64-amd64-xl-credit2 pass test-armhf-armhf-xl-credit2 fail test-armhf-armhf-xl-cubietruck pass test-amd64-i386-freebsd10-i386 pass test-amd64-amd64-xl-pvh-intel fail test-amd64-i386-qemuu-rhel6hvm-intel pass test-amd64-amd64-libvirt pass test-armhf-armhf-libvirt pass test-amd64-i386-libvirt fail test-amd64-amd64-xl-multivcpu pass test-armhf-armhf-xl-multivcpu pass test-amd64-amd64-pair pass test-amd64-i386-pair pass test-amd64-amd64-xl-sedf-pin pass test-armhf-armhf-xl-sedf-pin pass test-amd64-amd64-xl-sedf pass test-armhf-armhf-xl-sedf pass test-amd64-i386-xl-qemuu-winxpsp3-vcpus1 pass test-amd64-amd64-xl-qemuu-winxpsp3 pass test-amd64-i386-xl-qemuu-winxpsp3 pass ------------------------------------------------------------ sg-report-flight on osstest.test-lab.xenproject.org logs: /home/logs/logs images: /home/logs/images Logs, config files, etc. are available at http://logs.test-lab.xenproject.org/osstest/logs Test harness code can be found at http://xenbits.xen.org/gitweb?p=osstest.git;a=summary Not pushing. ------------------------------------------------------------ commit 4f7865d19f3db71ce23585eb6a01f8521361878d Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Tue Jun 2 15:43:08 2015 +0000 xen/pt: unknown PCI config space fields should be read-only ... by default. Add a per-device "permissive" mode similar to pciback's to allow restoring previous behavior (and hence break security again, i.e. should be used only for trusted guests). This is part of XSA-131. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Acked-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Reviewed-by: Anthony PERARD <anthony.perard@xxxxxxxxxx>) commit 7afa270226959cd8976b9750fbed1973a6177afa Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Tue Jun 2 15:43:08 2015 +0000 xen/pt: add a few PCI config space field descriptions Since the next patch will turn all not explicitly described fields read-only by default, those fields that have guest writable bits need to be given explicit descriptors. This is a preparatory patch for XSA-131. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> commit 6b281e47e072cfb701fb3cf3b323a4fae571eec3 Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Tue Jun 2 15:43:08 2015 +0000 xen/pt: mark reserved bits in PCI config space fields The adjustments are solely to make the subsequent patches work right (and hence make the patch set consistent), namely if permissive mode (introduced by the last patch) gets used (as both reserved registers and reserved fields must be similarly protected from guest access in default mode, but the guest should be allowed access to them in permissive mode). This is a preparatory patch for XSA-131. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> commit 90dd8996c898e8b3b9ed5ba91e57890e4c7a8c87 Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Tue Jun 2 15:43:08 2015 +0000 xen/pt: mark all PCIe capability bits read-only xen_pt_emu_reg_pcie[]'s PCI_EXP_DEVCAP needs to cover all bits as read- only to avoid unintended write-back (just a precaution, the field ought to be read-only in hardware). This is a preparatory patch for XSA-131. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit a900d2a38893a277376b77e158422700932648e9 Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Tue Jun 2 15:43:08 2015 +0000 xen/pt: split out calculation of throughable mask in PCI config space handling This is just to avoid having to adjust that calculation later in multiple places. Note that including ->ro_mask in get_throughable_mask()'s calculation is only an apparent (i.e. benign) behavioral change: For r/o fields it doesn't matter > whether they get passed through - either the same flag is also set in emu_mask (then there's no change at all) or the field is r/o in hardware (and hence a write won't change it anyway). This is a preparatory patch for XSA-131. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Acked-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Reviewed-by: Anthony PERARD <anthony.perard@xxxxxxxxxx> commit a21d1499ed8944fdd175509cf40fba6d412ae621 Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Tue Jun 2 15:43:08 2015 +0000 xen/pt: correctly handle PM status bit xen_pt_pmcsr_reg_write() needs an adjustment to deal with the RW1C nature of the not passed through bit 15 (PCI_PM_CTRL_PME_STATUS). This is a preparatory patch for XSA-131. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit c77c4991ed1b3ba62dde6c118a27b475296dcb07 Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Tue Jun 2 15:43:07 2015 +0000 xen/pt: consolidate PM capability emu_mask There's no point in xen_pt_pmcsr_reg_{read,write}() each ORing PCI_PM_CTRL_STATE_MASK and PCI_PM_CTRL_NO_SOFT_RESET into a local emu_mask variable - we can have the same effect by setting the field descriptor's emu_mask member suitably right away. Note that xen_pt_pmcsr_reg_write() is being retained in order to allow later patches to be less intrusive. This is a preparatory patch for XSA-131. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Acked-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> Acked-by: Ian Campbell <ian.campbell@xxxxxxxxxx> commit 8317c63d900c780baa93ecc71854f5c8cbcc5874 Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Tue Jun 2 15:43:07 2015 +0000 xen/MSI: don't open-code pass-through of enable bit modifications Without this the actual XSA-131 fix would cause the enable bit to not get set anymore (due to the write back getting suppressed there based on the OR of emu_mask, ro_mask, and res_mask). Note that the fiddling with the enable bit shouldn't really be done by qemu, but making this work right (via libxc and the hypervisor) will require more extensive changes, which can be postponed until after the security issue got addressed. This is a preparatory patch for XSA-131. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Acked-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit fd2b465eedefd746a7e3f85f7eeaa98bda676fba Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Tue Jun 2 15:43:07 2015 +0000 xen/MSI-X: limit error messages Limit error messages resulting from bad guest behavior to avoid allowing the guest to cause the control domain's disk to fill. The first message in pci_msix_write() can simply be deleted, as this is indeed bad guest behavior, but such out of bounds writes don't really need to be logged. The second one is more problematic, as there guest behavior may only appear to be wrong: For one, the old logic didn't take the mask-all bit into account. And then this shouldn't depend on host device state (i.e. the host may have masked the entry without the guest having done so). Plus these writes shouldn't be dropped even when an entry is unmasked. Instead, if they can't be made take effect right away, they should take effect on the next unmasking or enabling operation - the specification explicitly describes such caching behavior. Until we can validly drop the message (implementing such caching/latching behavior), issue the message just once per MSI-X table entry. Note that the log message in pci_msix_read() similar to the one being removed here is not an issue: "addr" being of unsigned type, and the maximum size of the MSI-X table being 32k, entry_nr simply can't be negative and hence the conditonal guarding issuing of the message will never be true. This is XSA-130. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 1ad0eaf917c4272e58c5ba79d11590023dcec1b6 Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Tue Jun 2 15:43:07 2015 +0000 xen: don't allow guest to control MSI mask register It's being used by the hypervisor. For now simply mimic a device not capable of masking, and fully emulate any accesses a guest may issue nevertheless as simple reads/writes without side effects. This is XSA-129. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> commit 8d3b4a8f8075d7e96a9bece8d8371c95b7be5f5a Author: Jan Beulich <jbeulich@xxxxxxxx> Date: Tue Jun 2 15:43:07 2015 +0000 xen: properly gate host writes of modified PCI CFG contents The old logic didn't work as intended when an access spanned multiple fields (for example a 32-bit access to the location of the MSI Message Data field with the high 16 bits not being covered by any known field). Remove it and derive which fields not to write to from the accessed fields' emulation masks: When they're all ones, there's no point in doing any host write. This fixes a secondary issue at once: We obviously shouldn't make any host write attempt when already the host read failed. This is XSA-128. Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> Reviewed-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.