#
512a0200 |
|
19-Mar-2020 |
Qian Ge <qian.ge@data61.csiro.au> |
replacing all ifndef with pargma once All the kernel header files now use pargma once rather than the ifndef, as the pre-processed C files do not change while header files are protected with pargma once. This will also solve any naming issues caused by ifndef.
|
#
79da0792 |
|
01-Mar-2020 |
Gerwin Klein <gerwin.klein@data61.csiro.au> |
Convert license tags to SPDX identifiers This commit also converts our own copyright headers to directly use SPDX, but leaves all other copyright header intact, only adding the SPDX ident. As far as possible this commit also merges multiple Data61 copyright statements/headers into one for consistency.
|
#
d0930f67 |
|
18-Mar-2019 |
Anna Lyons <Anna.Lyons@data61.csiro.au> |
style: consistently attach return type Add attach-return-type to astyle
|
#
761006e0 |
|
18-Mar-2019 |
Anna Lyons <Anna.Lyons@data61.csiro.au> |
style: consistently align pointer with name Run astyle with align-pointer=name
|
#
3d10ef0c |
|
18-Mar-2019 |
Anna Lyons <Anna.Lyons@data61.csiro.au> |
style: correct parenthesis padding Use astyle's unpad-paren to unpad all parentheses that are not included by pad-header, pad-oper, and pad-comma.
|
#
29695d26 |
|
07-Jan-2018 |
Adrian Danis <Adrian.Danis@data61.csiro.au> |
x64: SKIM window to mitigate Meltdown (CVE-2017-5754) on x86-64 Introduces a kernel option that, when enabled, reduces the kernel window in a user address space to just be Static Kernel Image and Microstate (SKIM), instead of the full kernel address space. This isolates the important kernel data from the user preventing a Meltdown style attack being able to violate secrecy. The kernel text and read only data, i.e. anything that is static from boot, is not secret and can be allowed in the SKIM window and potentially read by the user. Additionally to switch to and from the actual kernel address space a small amount of state needs to also be in the SKIM window. This is only an implementation for x86-64, although the same design is applicable to ia32
|
#
ee28936d |
|
18-Jun-2017 |
Hesham Almatary <hesham.almatary@data61.csiro.au> |
SMP: Introduce ENABLE_SMP_SUPPORT - Make it more readable and less confusing compared to the 'CONFIG_MAX_NUM_NODES > 1' check
|
#
8ce9513d |
|
03-May-2017 |
Bamboo <bamboo@keg.ertos.in.nicta.com.au> |
[STYLE_FIX]
|
#
85234069 |
|
03-May-2017 |
Adrian Danis <Adrian.Danis@data61.csiro.au> |
Use unverified_compile_assert in cases where OFFSETOF is used OFFSETOF is not supported by the C parser, and so regular compile_assert may not be used
|
#
de6d4772 |
|
30-Mar-2017 |
Rafal Kolanski <rafal.kolanski@nicta.com.au> |
rename arch_tcb.vcpu -> arch_tcb.tcbVCPU, vcpu.tcb -> vcpu.vcpuTCB struct vcpu { struct tcb* tcb; ... struct arch_tcb { struct vcpu* vcpu; ... and struct tcb { struct arch_tcb tcbArch; ... These conspire to generate a type error on verification side due to assumptions about non-colliding names.
|
#
eccaae51 |
|
20-Feb-2017 |
Adrian Danis <Adrian.Danis@data61.csiro.au> |
s/D61/DATA61/ in license headers for consistency
|
#
b40d95ed |
|
05-Feb-2017 |
Adrian Danis <Adrian.Danis@data61.csiro.au> |
x86: Send explicit TCB when handling remote VMs withs pending notifications Previously if the `ksCurThread` of the destination core is not the thread that is receiving the notification in `sendSignal` then the notification would be delayed until the VMM for that VM next did a `seL4_VMEnter`. This adds a `tcb_t*` parameter to `VMCheckBoundNotification` instead of having it implicitly talk about `ksCurThread`. A TCB parameter is safe to send here as the `doRemoteVMCheckBoundNotification` happens synchronously and so the TCB is guaranteed to still exist.
|
#
017d7863 |
|
05-Dec-2016 |
Adrian Danis <Adrian.Danis@data61.csiro.au> |
x64: VT-x related cap and object definitions * Adds object and cap definitions for VT-x structures (VCPU and EPT). * Extends the asid_map implementation to support ASIDs in the EPT * Adds size definitions for VCPU and EPT objects
|
#
a138c6fe |
|
07-Dec-2016 |
Adrian Danis <Adrian.Danis@data61.csiro.au> |
x86: Make `vmread`/`vmwrite` functions public It is useful (largely for debugging/logging code) to be able to access these functions outside of the internal VCPU implementation
|
#
51306115 |
|
06-Dec-2016 |
Adrian Danis <Adrian.Danis@data61.csiro.au> |
ia32: VCPU only needs kernelSP on ia32 x86-64 has better ways (`swapgs`) of managing per core kernel stacks. This commit hides the `kernelSP` member of a `vcpu_t` under x86-64 so as not to cause confusion and accidental attempted usage
|
#
5c7bd1df |
|
05-Dec-2016 |
Adrian Danis <Adrian.Danis@data61.csiro.au> |
x86: Explicitly define VCPU general purpose registers Previously the GP registers for a VCPU were defined in the 32-bit arch registerset. This does not actually make sense as the mode for the VCPU should be decoupled (and well defined) regardless of the execution mode of the kernel. This commit provides an explicit definition and register order for VCPU GP registers.
|
#
7252ab18 |
|
21-Nov-2016 |
Adrian Danis <Adrian.Danis@data61.csiro.au> |
x86: Avoid modifying thread running on different core in sendSignal When sending a signal to a notification object that has a bound thread that is in the 'runningVM' start we, ordinarily, want to deliver it by switching back to the native execution of that thread and delivering the message. If the thread is in the 'runningVM' state on a different core, then we must not modify its thread state. Previously we would modify the thread state (changing it to Running) and then attemptSwitchTo. Switching would fail, as its affinity would be for a different core, resulting in us enqueing the thread into the scheduling queue, despite the thread also presently running. This commit both adds a check to prevent us manipulating a thread that is actively running on a different core, as well as a remote operation to tell that core that if it is running a VM it should recheck its endpoint for a message.
|
#
90f6a986 |
|
31-Oct-2016 |
Adrian Danis <Adrian.Danis@data61.csiro.au> |
x86: Initial support for SMP vt-x Enables vt-x code to compile when CONFIG_MAX_NUM_NODES is set to greater than 1 and adds code to manage VMCS state on different cores
|
#
f8e6b4d9 |
|
27-Oct-2016 |
Adrian Danis <Adrian.Danis@data61.csiro.au> |
x64: Guard vt-x that is not yet implemented These guards are needed because vt-x is not yet properly supported in x86-64 builds. Once it is these guards can be removed again
|
#
7fbde1bb |
|
14-Jun-2016 |
Adrian Danis <Adrian.Danis@data61.csiro.au> |
SELFOUR-287: 32-bit vt-x implementation This is an implementation of vt-x for x86 kernels running in ia32 mode.
|